Bug 1658974
| Summary: | [data plane] Qemu core dump for 'qemu_mutex_unlock_impl: Operation not permitted' if hot unplug then replug the frontend virtio scsi disk | ||||||||
|---|---|---|---|---|---|---|---|---|---|
| Product: | Red Hat Enterprise Linux Advanced Virtualization | Reporter: | Gu Nini <ngu> | ||||||
| Component: | qemu-kvm | Assignee: | Ademar Reis <areis> | ||||||
| Status: | CLOSED DUPLICATE | QA Contact: | Xueqiang Wei <xuwei> | ||||||
| Severity: | high | Docs Contact: | |||||||
| Priority: | medium | ||||||||
| Version: | 8.0 | CC: | chayang, coli, juzhang, kanderso, knoel, michen, qzhang, rbalakri, ribarry, virt-maint | ||||||
| Target Milestone: | pre-dev-freeze | ||||||||
| Target Release: | --- | ||||||||
| Hardware: | Unspecified | ||||||||
| OS: | Unspecified | ||||||||
| Whiteboard: | |||||||||
| Fixed In Version: | Doc Type: | If docs needed, set a value | |||||||
| Doc Text: | Story Points: | --- | |||||||
| Clone Of: | Environment: | ||||||||
| Last Closed: | 2018-12-19 07:16:22 UTC | Type: | Bug | ||||||
| Regression: | --- | Mount Type: | --- | ||||||
| Documentation: | --- | CRM: | |||||||
| Verified Versions: | Category: | --- | |||||||
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |||||||
| Cloudforms Team: | --- | Target Upstream Version: | |||||||
| Embargoed: | |||||||||
| Attachments: |
|
||||||||
Reproduced the bug on x86 platform:
[root@lenovo-sr630-02 coredump]# uname -r
4.18.0-50.el8.x86_64
[root@lenovo-sr630-02 coredump]# rpm -qa|grep qemu
qemu-kvm-block-gluster-3.1.0-0.el8.rc5.x86_64
ipxe-roms-qemu-20170710-6.git0600d3ae.el8.noarch
qemu-kvm-block-gluster-debuginfo-3.1.0-0.el8.rc5.x86_64
qemu-kvm-3.1.0-0.el8.rc5.x86_64
qemu-kvm-debuginfo-3.1.0-0.el8.rc5.x86_64
qemu-kvm-block-ssh-debuginfo-3.1.0-0.el8.rc5.x86_64
qemu-kvm-debugsource-3.1.0-0.el8.rc5.x86_64
qemu-img-debuginfo-3.1.0-0.el8.rc5.x86_64
qemu-kvm-block-rbd-debuginfo-3.1.0-0.el8.rc5.x86_64
qemu-guest-agent-3.1.0-0.el8.rc5.x86_64
qemu-kvm-common-3.1.0-0.el8.rc5.x86_64
qemu-kvm-block-rbd-3.1.0-0.el8.rc5.x86_64
qemu-kvm-block-curl-3.1.0-0.el8.rc5.x86_64
qemu-guest-agent-debuginfo-3.1.0-0.el8.rc5.x86_64
qemu-kvm-block-iscsi-debuginfo-3.1.0-0.el8.rc5.x86_64
qemu-kvm-core-debuginfo-3.1.0-0.el8.rc5.x86_64
qemu-kvm-block-ssh-3.1.0-0.el8.rc5.x86_64
qemu-img-3.1.0-0.el8.rc5.x86_64
qemu-kvm-core-3.1.0-0.el8.rc5.x86_64
qemu-kvm-common-debuginfo-3.1.0-0.el8.rc5.x86_64
qemu-kvm-block-iscsi-3.1.0-0.el8.rc5.x86_64
qemu-kvm-block-curl-debuginfo-3.1.0-0.el8.rc5.x86_64
And in the bug description part, I have used the host_device(lv) to do the test, but now it's found the bug has no relation with it, I can reproduce it more easily:
1. Boot up a guest with a system disk and a data disk:
-blockdev node-name=disk0,file.driver=file,driver=qcow2,file.filename=/home/guest.qcow2,cache.no-flush=off,cache.direct=off \
-device scsi-hd,drive=disk0,id=image0,werror=stop,rerror=stop,bootindex=0,bus=virtio_scsi_pci0.0 \
-blockdev node-name=disk1,file.driver=file,driver=qcow2,file.filename=/home/hd1,cache.no-flush=off,cache.direct=off \
-device scsi-hd,drive=disk1,id=image1,werror=stop,rerror=stop,bootindex=1 \
2. Hot unplug the frontend of data disk, then hot plug it again, the bug is reproduced till now:
{"execute":"device_del","arguments":{"id":"image1"}}
{"execute":"device_add","arguments":{"driver":"scsi-hd","drive":"disk1","id":"image1"}}
Ncat: Connection reset by peer.
Created attachment 1514284 [details]
gdb_debug_info_all_threads-x86-12142018
*** This bug has been marked as a duplicate of bug 1656276 *** |
Created attachment 1513973 [details] gdb_debug_info_all_threads-12132018 Description of problem: After hot plug the backend with 'blockdev-add', then hot plug the frontend with 'device_add'(virtio-scsi/data plane used); hot unplug the frontend with 'device_del', and then hot plug it again with 'device_add', it's found the guest core dump: QEMU 3.0.95 monitor - type 'help' for more information (qemu) qemu: qemu_mutex_unlock_impl: Operation not permitted ./vm1c.sh: line 23: 55547 Aborted (core dumped) /usr/libexec/qemu-kvm -name 'avocado-vt-vm1' -sandbox off -machine pseries,max-cpu-compat=power8 -object iothread,id=iothread1 -chardev socket,id=qmp_id_qmpmonitor1,path=/var/tmp/avocado1,server,nowait -mon chardev=qmp_id_qmpmonitor1,mode=control -device nec-usb-xhci,id=usb1,bus=pci.0,addr=0x4 -device virtio-scsi-pci,id=virtio_scsi_pci0,bus=pci.0,addr=0x6,iothread=iothread1 -blockdev node-name=disk0,file.driver=host_device,driver=qcow2,file.filename=/dev/vg1/lv1,cache.no-flush=off,cache.direct=off -device scsi-hd,drive=disk0,id=image0,werror=stop,rerror=stop,bootindex=0,bus=virtio_scsi_pci0.0 -device virtio-net-pci,mac=9a:78:79:7a:7b:7a,id=id8e5D72,vectors=4,netdev=idrYUYaH,bus=pci.0,addr=0x3 -netdev tap,id=idrYUYaH,vhost=on -m 1024 -smp 2,maxcpus=2,cores=2,threads=1,sockets=1 -device usb-tablet,id=usb-tablet1,bus=usb1.0,port=1 -cpu host -vnc :20 -rtc base=localtime,clock=host,driftfix=slew -boot menu=off,strict=off,order=cdn,once=c -enable-kvm -monitor stdio [root@ibm-p9b-21 ngu]# [root@ibm-p9b-21 ngu]# [root@ibm-p9b-21 ngu]# Version-Release number of selected component (if applicable): [root@ibm-p9b-21 ~]# uname -r 4.18.0-50.el8.ppc64le [root@ibm-p9b-21 ~]# rpm -qa|grep qemu qemu-img-debuginfo-3.1.0-0.el8.rc5.ppc64le qemu-kvm-common-3.1.0-0.el8.rc5.ppc64le qemu-kvm-3.1.0-0.el8.rc5.ppc64le qemu-kvm-debuginfo-3.1.0-0.el8.rc5.ppc64le qemu-kvm-common-debuginfo-3.1.0-0.el8.rc5.ppc64le qemu-kvm-debugsource-3.1.0-0.el8.rc5.ppc64le qemu-kvm-block-ssh-debuginfo-3.1.0-0.el8.rc5.ppc64le qemu-kvm-block-rbd-debuginfo-3.1.0-0.el8.rc5.ppc64le qemu-kvm-core-3.1.0-0.el8.rc5.ppc64le qemu-kvm-block-iscsi-debuginfo-3.1.0-0.el8.rc5.ppc64le qemu-kvm-block-rbd-3.1.0-0.el8.rc5.ppc64le qemu-kvm-block-curl-3.1.0-0.el8.rc5.ppc64le qemu-kvm-block-ssh-3.1.0-0.el8.rc5.ppc64le qemu-kvm-block-iscsi-3.1.0-0.el8.rc5.ppc64le qemu-guest-agent-3.1.0-0.el8.rc5.ppc64le qemu-kvm-block-curl-debuginfo-3.1.0-0.el8.rc5.ppc64le qemu-kvm-core-debuginfo-3.1.0-0.el8.rc5.ppc64le qemu-guest-agent-debuginfo-3.1.0-0.el8.rc5.ppc64le ipxe-roms-qemu-20170710-6.git0600d3ae.el8.noarch qemu-img-3.1.0-0.el8.rc5.ppc64le How reproducible: 100% Steps to Reproduce: 1. Boot up a guest using virtio-scsi/data-plane on the system disk: /usr/libexec/qemu-kvm \ -name 'avocado-vt-vm1' \ -sandbox off \ -machine pseries,max-cpu-compat=power8 \ -object iothread,id=iothread1 \ -chardev socket,id=qmp_id_qmpmonitor1,path=/var/tmp/avocado1,server,nowait \ -mon chardev=qmp_id_qmpmonitor1,mode=control \ -device nec-usb-xhci,id=usb1,bus=pci.0,addr=0x4\ -device virtio-scsi-pci,id=virtio_scsi_pci0,bus=pci.0,addr=0x6,iothread=iothread1 \ -blockdev node-name=disk0,file.driver=host_device,driver=qcow2,file.filename=/dev/vg1/lv1,cache.no-flush=off,cache.direct=off \ -device scsi-hd,drive=disk0,id=image0,werror=stop,rerror=stop,bootindex=0,bus=virtio_scsi_pci0.0 \ -device virtio-net-pci,mac=9a:78:79:7a:7b:7a,id=id8e5D72,vectors=4,netdev=idrYUYaH,bus=pci.0,addr=0x3 \ -netdev tap,id=idrYUYaH,vhost=on \ -m 1024 \ -smp 2,maxcpus=2,cores=2,threads=1,sockets=1 \ -device usb-tablet,id=usb-tablet1,bus=usb1.0,port=1 \ -cpu host \ -vnc :20 \ -rtc base=localtime,clock=host,driftfix=slew \ -boot menu=off,strict=off,order=cdn,once=c \ -enable-kvm \ -monitor stdio 2. Create an image with qemu-img: # qemu-img create -f qcow2 /dev/vg1/lv2 20G 3. Hot plug the image with 'blockdev-add' and 'device_add': # {"execute": "blockdev-add","arguments": {"node-name": "disk2","driver": "raw", "file": {"driver":"host_device", "filename": "/dev/vg1/lv2"}}} # {"execute":"device_add","arguments":{"driver":"scsi-hd","drive":"disk2","id":"data-disk2"}} 4. Hot unplug the frontend, then replug it: # {"execute":"device_del","arguments":{"id":data-disk2"}} # {"execute":"device_add","arguments":{"driver":"scsi-hd","drive":"disk2","id":"data-disk2"}} Actual results: Qemu core dump as that in the description part Expected results: No core dump Additional info: 1. Not met the problem when using virtio-blk and data plane 2. When data plane disabled, no the problem 3. I guess the bug should be platform unrelated, will check it tomorrow once I have a usable x86 host.