Bug 625948

Summary: qemu exits when hot adding rtl8139 nic to win2k8 guest
Product: Red Hat Enterprise Linux 6 Reporter: Alex Williamson <alex.williamson>
Component: qemu-kvmAssignee: Alex Williamson <alex.williamson>
Status: CLOSED ERRATA QA Contact: Virtualization Bugs <virt-bugs>
Severity: medium Docs Contact:
Priority: low    
Version: 6.0CC: akong, chayang, eblake, fyang, kcao, mjenner, mkenneth, snagar, szhou, tburke, virt-maint
Target Milestone: rc   
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: qemu-kvm-0.12.1.2-2.114.el6 Doc Type: Bug Fix
Doc Text:
Adding an rtl8139 NIC to an active Windows 2008 guest may result in the qemu-kvm process exiting. To work around this issue, shutdown the guest before adding additional rtl8139 NICs. Alternatively, install the virtio-net drivers and add a virtio NIC.
 Story Points: ---
Clone Of: Environment:
Last Closed: 2011-05-19 11:30:45 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On:    
Bug Blocks: 580954    

Description Alex Williamson 2010-08-20 21:47:16 UTC 
Description of problem:
Using virt-manager to exercise hotplug with a win2k8 64bit guest, I can often hit an error when adding an rtl8139 where qemu exits.  The problem occurs when the guest assigns I/O port addresses to the device that overlap a range registered inside qemu for deprecated vga vbe handlers.

Version-Release number of selected component (if applicable):
qemu-kvm-0.12.1.2-2.112.el6.x86_64

How reproducible:
easy

Steps to Reproduce:
1. create a win2k8 guest
2. hot add an rtl8139
3.
  
Actual results:
guest dies

Expected results:
guest continues running and nic works

Additional info:
Comment 2 Alex Williamson 2010-08-20 22:06:27 UTC 
Upstream patch - http://lists.nongnu.org/archive/html/qemu-devel/2010-08/msg01074.html
Comment 6 Alex Williamson 2010-08-30 18:08:47 UTC 
    Technical note added. If any revisions are required, please edit the "Technical Notes" field
    accordingly. All revisions will be proofread by the Engineering Content Services team.
    
    New Contents:
Adding an rtl8139 NIC to a running Windows 2008 guest may result in the qemu-kvm process exiting.  To avoid this issue, shutdown and add additional rtl8139 NICs only while the guest is not running, or install virtio-net drivers and add a virtio NIC instead of an rtl8139 NIC.
Comment 7 YangFeng 2010-09-08 08:12:22 UTC 
Reproduce this bug on Windows 7 64. 
Guest core dump.

(gdb) bt
#0  0x0000003f1d8329c5 in raise (sig=6) at ../nptl/sysdeps/unix/sysv/linux/raise.c:64
#1  0x0000003f1d8341a5 in abort () at abort.c:94
#2  0x000000000040d308 in hw_error (fmt=<value optimized out>) at /usr/src/debug/qemu-kvm-0.12.1.2/vl.c:356
#3  0x00000000004a161b in register_ioport_write (start=<value optimized out>, length=<value optimized out>, size=6, func=0xffffffffffffffff, opaque=0x7f2bc28d6710) at ioport.c:170
#4  0x0000000000434b75 in rtl8139_ioport_map (pci_dev=0x417b010, region_num=<value optimized out>, addr=65280, size=<value optimized out>, type=<value optimized out>) at /usr/src/debug/qemu-kvm-0.12.1.2/hw/rtl8139.c:3207
#5  0x00000000004189bb in pci_update_mappings (d=0x417b010) at /usr/src/debug/qemu-kvm-0.12.1.2/hw/pci.c:1006
#6  0x000000000042a969 in kvm_handle_io (env=0x1d2c810) at /usr/src/debug/qemu-kvm-0.12.1.2/kvm-all.c:538
#7  kvm_run (env=0x1d2c810) at /usr/src/debug/qemu-kvm-0.12.1.2/qemu-kvm.c:975
#8  0x000000000042aa09 in kvm_cpu_exec (env=<value optimized out>) at /usr/src/debug/qemu-kvm-0.12.1.2/qemu-kvm.c:1658
#9  0x000000000042b62f in kvm_main_loop_cpu (_env=0x1d2c810) at /usr/src/debug/qemu-kvm-0.12.1.2/qemu-kvm.c:1900
#10 ap_main_loop (_env=0x1d2c810) at /usr/src/debug/qemu-kvm-0.12.1.2/qemu-kvm.c:1950
#11 0x0000003f1dc077e1 in start_thread (arg=0x7f2bc28d6710) at pthread_create.c:301
#12 0x0000003f1d8e153d in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:115
(gdb)

Some message got from qemu-kvm
(qemu) create_cairo_context: using cairo canvas
 (qemu) qemu: hardware error: register_ioport_write: invalid opaque
 (qemu) CPU #0:
 (qemu) RAX=0000000000000407 RBX=0000000000000002 RCX=fffff88003132460 RDX=0000000000000cfc
 (qemu) RSI=fffff88003132620 RDI=0000000000000004 RBP=fffff88003132460 RSP=fffff880031323a8
 (qemu) R8 =0000000000000000 R9 =fffff88003132620 R10=0000000000000000 R11=0000000000000006
 (qemu) R12=fffff80002642890 R13=fffff88000d7c200 R14=fffff800026481d0 R15=0000000000000001
 (qemu) RIP=fffff8000262b4bb RFL=00000206 [-----P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
 (qemu) ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
 (qemu) CS =0010 0000000000000000 00000000 00209b00 DPL=0 CS64 [-RA]
 (qemu) SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
 (qemu) DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
 (qemu) FS =0053 00000000fffdc000 00003c00 0040f300 DPL=3 DS   [-WA]
 (qemu) GS =002b fffff80002851d00 ffffffff 00c0f300 DPL=3 DS   [-WA]
 (qemu) LDT=0000 0000000000000000 ffffffff 00000000
 (qemu) TR =0040 fffff80000b96080 00000067 00008b00 DPL=0 TSS64-busy
 (qemu) GDT=     fffff80000b95000 0000007f
 (qemu) IDT=     fffff80000b95080 00000fff
 (qemu) CR0=80050031 CR2=0000000077765360 CR3=0000000000187000 CR4=000006f8
 (qemu) DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000
 (qemu) DR6=00000000ffff0ff0 DR7=0000000000000400
 (qemu) FCW=027f FSW=3800 [ST=7] FTW=80 MXCSR=00000000
 (qemu) FPR0=9fc0000000000000 4008 FPR1=0000000000000000 0000
 (qemu) FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
 (qemu) FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
 (qemu) FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
 (qemu) XMM00=fffff800029e0210fffff8a0000a0008 XMM01=400000000000802000d80104100000d8
 (qemu) XMM02=000000000000000000000000002cf2a0 XMM03=000000000000000000000000002cf2c0
 (qemu) XMM04=00000000000000000000000000000000 XMM05=00000000000000000000000000000000
 (qemu) XMM06=00000000000000000000000000000000 XMM07=00000000000000000000000000000000
 (qemu) XMM08=00000000000000000000000000000000 XMM09=00000000000000000000000000000000
 (qemu) XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000
 (qemu) XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000
 (qemu) XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000
 (qemu) CPU #1:
 (qemu) RAX=000000000002bb21 RBX=0000000000000000 RCX=fffffa800797a890 RDX=fffffa8007af28b8
 (qemu) RSI=fffff880009e6180 RDI=0000000000000001 RBP=0000000000000000 RSP=fffff88002e5bc98
 (qemu) R8 =0000000000000000 R9 =00000000031ab2d4 R10=000000000000136e R11=fffffa80066ccd30
 (qemu) R12=fffffa8007af2890 R13=fffffa8007af2500 R14=fffffa8007af2800 R15=0000000000000000
 (qemu) RIP=fffff88003e7f9c2 RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=1
 (qemu) ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
 (qemu) CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
 (qemu) SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
 (qemu) DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
 (qemu) FS =0053 00000000fffd8000 00007c00 0040f300 DPL=3 DS   [-WA]
 (qemu) GS =002b fffff880009e6000 ffffffff 00c0f300 DPL=3 DS   [-WA]
 (qemu) LDT=0000 0000000000000000 ffffffff 00000000
 (qemu) TR =0040 fffff880009eaec0 00000067 00008b00 DPL=0 TSS64-busy
 (qemu) GDT=     fffff880009f14c0 0000007f
 (qemu) IDT=     fffff880009f1540 00000fff
 (qemu) CR0=80050031 CR2=000007fef777f268 CR3=0000000000187000 CR4=000006f8
 (qemu) DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000
 (qemu) DR6=00000000ffff0ff0 DR7=0000000000000400
 (qemu) FCW=027f FSW=3800 [ST=7] FTW=80 MXCSR=00000000
 (qemu) FPR0=9fc0000000000000 4008 FPR1=0000000000000000 0000
 (qemu) FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
 (qemu) FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
 (qemu) FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
 (qemu) XMM00=00000000000000000000000000000000 XMM01=00000000000000000000000000000000
 (qemu) XMM02=00000000000000000000000000000000 XMM03=00000000000000000000000000000000
 (qemu) XMM04=00000000000000000000000000000000 XMM05=00000000000000000000000000000000
 (qemu) XMM06=00000000000000000000000000000000 XMM07=00000000000000000000000000000000
 (qemu) XMM08=00000000000000000000000000000000 XMM09=00000000000000000000000000000000
 (qemu) XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000
 (qemu) XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000
 (qemu) XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000
 (qemu) CPU #2:
 (qemu) EAX=00000000 EBX=00000000 ECX=00000203 EDX=00000000
 (qemu) ESI=000085b4 EDI=00000000 EBP=00000000 ESP=00000000
 (qemu) EIP=0000f0a2 EFL=00010002 [-------] CPL=3 II=0 A20=1 SMM=0 HLT=1
 (qemu) ES =0000 00000000 0000ffff 0000f300
 (qemu) CS =f000 000f0000 0000ffff 0000f300
 (qemu) SS =0000 00000000 0000ffff 0000f300
 (qemu) DS =f000 000f0000 0000ffff 0000f300
 (qemu) FS =0000 00000000 0000ffff 0000f300
 (qemu) GS =0000 00000000 0000ffff 0000f300
 (qemu) LDT=0000 00000000 0000ffff 00008200
 (qemu) TR =0000 feffd000 00002088 00008b00
 (qemu) GDT=     00000000 0000ffff
 (qemu) IDT=     00000000 0000ffff
 (qemu) CR0=60000010 CR2=00000000 CR3=00000000 CR4=00000000
 (qemu) DR0=00000000 DR1=00000000 DR2=00000000 DR3=00000000
 (qemu) DR6=ffff0ff0 DR7=00000400
 (qemu) FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00000000
 (qemu) FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
 (qemu) FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
 (qemu) FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
 (qemu) FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
 (qemu) XMM00=00000000000000000000000000000000 XMM01=00000000000000000000000000000000
 (qemu) XMM02=00000000000000000000000000000000 XMM03=00000000000000000000000000000000
 (qemu) XMM04=00000000000000000000000000000000 XMM05=00000000000000000000000000000000
 (qemu) XMM06=00000000000000000000000000000000 XMM07=00000000000000000000000000000000
 (qemu) CPU #3:
 (qemu) EAX=00000000 EBX=00000000 ECX=00000203 EDX=00000000
 (qemu) ESI=000085b4 EDI=00000000 EBP=00000000 ESP=00000000
 (qemu) EIP=0000f0a2 EFL=00010006 [-----P-] CPL=3 II=0 A20=1 SMM=0 HLT=1
 (qemu) ES =0000 00000000 0000ffff 0000f300
 (qemu) CS =f000 000f0000 0000ffff 0000f300
 (qemu) SS =0000 00000000 0000ffff 0000f300
 (qemu) DS =f000 000f0000 0000ffff 0000f300
 (qemu) FS =0000 00000000 0000ffff 0000f300
 (qemu) GS =0000 00000000 0000ffff 0000f300
 (qemu) LDT=0000 00000000 0000ffff 00008200
 (qemu) TR =0000 feffd000 00002088 00008b00
 (qemu) GDT=     00000000 0000ffff
 (qemu) IDT=     00000000 0000ffff
 (qemu) CR0=60000010 CR2=00000000 CR3=00000000 CR4=00000000
 (qemu) DR0=00000000 DR1=00000000 DR2=00000000 DR3=00000000
 (qemu) DR6=ffff0ff0 DR7=00000400
 (qemu) FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00000000
 (qemu) FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
 (qemu) FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
 (qemu) FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
 (qemu) FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
 (qemu) XMM00=00000000000000000000000000000000 XMM01=00000000000000000000000000000000
 (qemu) XMM02=00000000000000000000000000000000 XMM03=00000000000000000000000000000000
 (qemu) XMM04=00000000000000000000000000000000 XMM05=00000000000000000000000000000000
 (qemu) XMM06=00000000000000000000000000000000 XMM07=00000000000000000000000000000000
Comment 8 Shirley Zhou 2010-09-15 08:14:20 UTC 
same issue happens when hot add rtl8139 nic to windows xp guest.
Comment 9 Alex Williamson 2010-09-22 15:52:54 UTC 
Brew build with fix:

https://brewweb.devel.redhat.com/taskinfo?taskID=2775863
Comment 11 Ryan Lerch 2010-09-29 04:12:37 UTC 
    Technical note updated. If any revisions are required, please edit the "Technical Notes" field
    accordingly. All revisions will be proofread by the Engineering Content Services team.
    
    Diffed Contents:
@@ -1 +1 @@
-Adding an rtl8139 NIC to a running Windows 2008 guest may result in the qemu-kvm process exiting.  To avoid this issue, shutdown and add additional rtl8139 NICs only while the guest is not running, or install virtio-net drivers and add a virtio NIC instead of an rtl8139 NIC.+Adding an rtl8139 NIC to an active Windows 2008 guest may result in the qemu-kvm process exiting.  To word around this issue, shutdown the guest before addind additional rtl8139 NICs. Alternatively, install the virtio-net drivers and add a virtio NIC.
Comment 15 Eric Blake 2010-10-25 20:32:41 UTC 
    Technical note updated. If any revisions are required, please edit the "Technical Notes" field
    accordingly. All revisions will be proofread by the Engineering Content Services team.
    
    Diffed Contents:
@@ -1 +1 @@
-Adding an rtl8139 NIC to an active Windows 2008 guest may result in the qemu-kvm process exiting.  To word around this issue, shutdown the guest before addind additional rtl8139 NICs. Alternatively, install the virtio-net drivers and add a virtio NIC.+Adding an rtl8139 NIC to an active Windows 2008 guest may result in the qemu-kvm process exiting.  To work around this issue, shutdown the guest before adding additional rtl8139 NICs. Alternatively, install the virtio-net drivers and add a virtio NIC.
Comment 16 Alex Williamson 2010-11-10 13:32:25 UTC 
*** Bug 651715 has been marked as a duplicate of this bug. ***
Comment 20 errata-xmlrpc 2011-05-19 11:30:45 UTC 
An advisory has been issued which should help the problem
described in this bug report. This report is therefore being
closed with a resolution of ERRATA. For more information
on therefore solution and/or where to find the updated files,
please follow the link below. You may reopen this bug report
if the solution does not work for you.

http://rhn.redhat.com/errata/RHSA-2011-0534.html
Comment 21 errata-xmlrpc 2011-05-19 12:47:51 UTC 
An advisory has been issued which should help the problem
described in this bug report. This report is therefore being
closed with a resolution of ERRATA. For more information
on therefore solution and/or where to find the updated files,
please follow the link below. You may reopen this bug report
if the solution does not work for you.

http://rhn.redhat.com/errata/RHSA-2011-0534.html