Bug 652146

Summary: segment fault happens on Src guest when migrate after hot-unplug virtio disk and Dst guest become paused
Product: Red Hat Enterprise Linux 5 Reporter: Shirley Zhou <szhou>
Component: kvmAssignee: Juan Quintela <quintela>
Status: CLOSED WONTFIX QA Contact: Virtualization Bugs <virt-bugs>
Severity: medium Docs Contact:
Priority: high    
Version: 5.6CC: alex.williamson, mkenneth, mshao, virt-maint, ykaul
Target Milestone: rc   
Target Release: ---   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2011-01-14 11:24:34 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On:    
Bug Blocks: 580948    

Description Shirley Zhou 2010-11-11 06:32:03 UTC 
Description of problem:

Hot-unplug virtio disk from Src guest, then do migration, core dumped happens on src guest during migration, and Dst guest status is paused.

Core dumped is not 100% reproduce, but even migration complete from Src guest, status of Dst guest is still paused.

Version-Release number of selected component (if applicable):
kvm-83-207.el5

How reproducible:
core dumped reproduce once when tried 3 times, paused status happens 100%.

Steps to Reproduce:
1.Run Src windows xp guest with two virtio disks
/usr/libexec/qemu-kvm  -M rhel5.6.0 -m 2G -smp 2 -name winxp -uuid 123465d2-2032-848d-bda0-de7adb149048 -boot cdn -drive file=/mnt/winxp.img,if=virtio,boot=on,bus=0,unit=0,format=qcow2,cache=off -net nic,macaddr=54:52:00:27:12:23,vlan=0,model=virtio -net tap,vlan=0,script=/etc/qemu-ifup -serial pty -parallel none -usb -usbdevice tablet   -monitor stdio   -spice host=0,ic=on,port=5937,disable-ticketing -qxl 1 -drive file=/mnt/data.img,if=virtio,format=qcow2,cache=off

2.Run Dst guest with only one system disk with listening mode on Dst host

3.using info pci/ info block to check disk pci address and status.

4.hot-unplug data disk
pci_del pci_addr=6

5. start migration
migrate -d tcp:10.66.91.145:5888
  
Actual results:
After step 5, migration start, and src guest become core dumped. Dst guest keep paused.

(qemu) info migrate 
Migration status: active
transferred ram: 103960 kbytes
remaining ram: 2079296 kbytes
total ram: 2183256 kbytes
(qemu) QXL: qxl_vm_change_state_handler: running=0
handle_dev_input: stop
handle_dev_input: save
QXL SAVE -- last_release_offset=2194622380 
Segmentation fault (core dumped)
[root@dhcp-91-53 mnt]# 

(gdb) bt
#0  0x0000003b6167c2e0 in memcpy () from /lib64/libc.so.6
#1  0x000000000047382d in qemu_put_buffer (f=0x15c2ddd0, buf=0xc89e9000c89f1 <Address 0xc89e9000c89f1 out of bounds>, size=40976) at savevm.c:476
#2  0x000000000041706e in virtio_blk_save (f=0x15c2ddd0, opaque=0x15132010, version_id=3) at /usr/src/debug/kvm-83-maint-snapshot-20090205/qemu/hw/virtio-blk.c:348
#3  0x00000000004739cc in qemu_savevm_state_complete (f=0x15c2ddd0) at savevm.c:813
#4  0x000000000046bae0 in migrate_fd_put_ready (opaque=<value optimized out>) at migration.c:263
#5  0x00000000004071ec in qemu_run_timers (ptimer_head=0xb3a360, current_time=70973021) at /usr/src/debug/kvm-83-maint-snapshot-20090205/qemu/vl.c:1302
#6  0x0000000000409657 in main_loop_wait (timeout=<value optimized out>) at /usr/src/debug/kvm-83-maint-snapshot-20090205/qemu/vl.c:4081
#7  0x000000000050023a in kvm_main_loop () at /usr/src/debug/kvm-83-maint-snapshot-20090205/qemu/qemu-kvm.c:596
#8  0x000000000040e6b5 in main_loop (argc=34, argv=0x7fff475a0618, envp=<value optimized out>) at /usr/src/debug/kvm-83-maint-snapshot-20090205/qemu/vl.c:4100
#9  main (argc=34, argv=0x7fff475a0618, envp=<value optimized out>) at /usr/src/debug/kvm-83-maint-snapshot-20090205/qemu/vl.c:6536

Check Dst guest status:
(qemu) info status 
VM status: paused

Expected results:
migration should complete, and dst guest status is running.

Additional info:
Comment 1 Shirley Zhou 2010-11-11 07:27:49 UTC 
some info pops up in Dst guest monitor:

Unknown savevm section or instance 'virtio-blk' 2
load of migration failed
Comment 4 Juan Quintela 2011-01-14 11:24:34 UTC 
In RHEL5.x you can't do hot-plug/unplug and then migrate. It is known not to work.
RHEL6.0 fixed several bugs on this area, and it is not going to be fixed on RHEL5.x.