Bug 604210

Summary: Segmentation fault when check preallocated qcow2 image on lvm.
Product: Red Hat Enterprise Linux 6 Reporter: lihuang <lihuang>
Component: qemu-kvmAssignee: Kevin Wolf <kwolf>
Status: CLOSED CURRENTRELEASE QA Contact: Virtualization Bugs <virt-bugs>
Severity: medium Docs Contact:
Priority: low    
Version: 6.0CC: kwolf, llim, mkenneth, quintela, tburke, virt-maint
Target Milestone: rc   
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: qemu-kvm-0.12.1.2-2.82.el6 Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2010-07-03 18:55:14 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description lihuang 2010-06-15 15:50:57 UTC 
Description of problem:
the lvm is 2g. 

[root@t70 qemu-kvm-0.12.1.2]# lvs
  LV      VG     Attr   LSize   Origin Snap%  Move Log Copy%  Convert
...
  lvtest  vgtest -wi-a-   2.00g                                      

the qcow2 is created as 20G 
qemu-img create -f qcow2 -o preallocation=metadata /dev/vgtest/lvtest 20G

run qemu-img check on the image got the crash.

ERROR: invalid cluster offset=0x1100010000000000

Core was generated by `qemu-img check -f qcow2 /dev/vgtest/lvtest'.
Program terminated with signal 11, Segmentation fault.
#0  0x000000000041f3aa in qcow2_check_refcounts (bs=0x1f662e0)
    at block/qcow2-refcount.c:1098
1098                if (refcount_table[offset / s->cluster_size] != 1) {
Missing separate debuginfos, use: debuginfo-install glibc-2.12-1.2.el6.x86_64 libaio-0.3.107-10.el6.x86_64 zlib-1.2.3-24.el6.x86_64
(gdb) bt
#0  0x000000000041f3aa in qcow2_check_refcounts (bs=0x1f662e0)
    at block/qcow2-refcount.c:1098
#1  0x0000000000403bf1 in img_check (argc=<value optimized out>, 
    argv=<value optimized out>) at qemu-img.c:420
#2  0x00000031d641ec5d in __libc_start_main () from /lib64/libc.so.6
#3  0x0000000000402d09 in _start ()



Version-Release number of selected component (if applicable):
qemu-kvm-0.12.1.2-2.74.el6.x86_64


How reproducible:
100%

Steps to Reproduce:
1.
2.
3.
  
Actual results:


Expected results:


Additional info:
Comment 2 RHEL Program Management 2010-06-15 16:13:14 UTC 
This request was evaluated by Red Hat Product Management for inclusion in a Red
Hat Enterprise Linux major release.  Product Management has requested further
review of this request by Red Hat Engineering, for potential inclusion in a Red
Hat Enterprise Linux Major release.  This request is not yet committed for
inclusion.
Comment 3 Yaniv Kaul 2010-06-22 09:51:03 UTC 
(In reply to comment #0)
> Description of problem:
> the lvm is 2g. 
> 
> [root@t70 qemu-kvm-0.12.1.2]# lvs
>   LV      VG     Attr   LSize   Origin Snap%  Move Log Copy%  Convert
> ...
>   lvtest  vgtest -wi-a-   2.00g                                      
> 
> the qcow2 is created as 20G 
> qemu-img create -f qcow2 -o preallocation=metadata /dev/vgtest/lvtest 20G
> 
> run qemu-img check on the image got the crash.
> 
> ERROR: invalid cluster offset=0x1100010000000000
> 
> Core was generated by `qemu-img check -f qcow2 /dev/vgtest/lvtest'.
> Program terminated with signal 11, Segmentation fault.
> #0  0x000000000041f3aa in qcow2_check_refcounts (bs=0x1f662e0)
>     at block/qcow2-refcount.c:1098
> 1098                if (refcount_table[offset / s->cluster_size] != 1) {
> Missing separate debuginfos, use: debuginfo-install glibc-2.12-1.2.el6.x86_64
> libaio-0.3.107-10.el6.x86_64 zlib-1.2.3-24.el6.x86_64

Why not install the above and provide a better backtrace?

> (gdb) bt
> #0  0x000000000041f3aa in qcow2_check_refcounts (bs=0x1f662e0)
>     at block/qcow2-refcount.c:1098

A bit of check on the value of s->cluster_size and possibly the other variables in line 1098 would have produced a much better bug report.

> #1  0x0000000000403bf1 in img_check (argc=<value optimized out>, 
>     argv=<value optimized out>) at qemu-img.c:420
> #2  0x00000031d641ec5d in __libc_start_main () from /lib64/libc.so.6
> #3  0x0000000000402d09 in _start ()
>
Comment 8 lihuang 2010-07-03 18:54:56 UTC 
Tested on qemu-kvm-0.12.1.2-2.82.el6.

1. qemu-img reporting right error message wheh checking the faulty image (lv) in #c0

qemu-img check -f qcow2 /dev/vgtest/lvtest  
ERROR refcount block 8191 is outside image
1 errors were found on the image.


2. can not create image when offset is outside image .
[root@t70 82]# lvs
  LV      VG     Attr   LSize   Origin Snap%  Move Log Copy%  Convert
  lvtest  vgtest -wi-a-   2.00g                                      

[root@t70 82]# qemu-img create -f qcow2 -o preallocation=metadata /dev/vgtest/lvtest 2G
Formatting '/dev/vgtest/lvtest', fmt=qcow2 size=10737418240 encryption=off cluster_size=0 preallocation='metadata' 
qemu-img: /dev/vgtest/lvtest: error while creating qcow2: Input/output error
Comment 9 lihuang 2010-07-03 19:01:10 UTC 
(In reply to comment #8)
> Tested on qemu-kvm-0.12.1.2-2.82.el6.
> 
> 1. qemu-img reporting right error message wheh checking the faulty image (lv)
> in #c0
> 
> qemu-img check -f qcow2 /dev/vgtest/lvtest  
> ERROR refcount block 8191 is outside image
> 1 errors were found on the image.
> 
> 
> 2. can not create image when offset is outside image .
> [root@t70 82]# lvs
>   LV      VG     Attr   LSize   Origin Snap%  Move Log Copy%  Convert
>   lvtest  vgtest -wi-a-   2.00g                                      
> 
> [root@t70 82]# qemu-img create -f qcow2 -o preallocation=metadata
> /dev/vgtest/lvtest 2G
> Formatting '/dev/vgtest/lvtest', fmt=qcow2 size=10737418240 encryption=off
> cluster_size=0 preallocation='metadata' 
> qemu-img: /dev/vgtest/lvtest: error while creating qcow2: Input/output error    

3. create qcow2 without preallocation. full installation RHEL5.5 guest on with the image. run qemu-img check when the guest is PAUSED on enospc error. 
   --> there is some harmless warnning. but no segfault.