Bug 677222

Summary: segment fault happens after hot drive add then drive delete
Product: Red Hat Enterprise Linux 6 Reporter: Shirley Zhou <szhou>
Component: qemu-kvmAssignee: Markus Armbruster <armbru>
Status: CLOSED ERRATA QA Contact: Virtualization Bugs <virt-bugs>
Severity: medium Docs Contact:
Priority: medium    
Version: 6.1CC: lcapitulino, mkenneth, mshao, ndai, plyons, tburke, virt-maint
Target Milestone: rcKeywords: ZStream
Target Release: ---   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: qemu-kvm-0.12.1.2-2.145.el6 Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2011-05-19 11:28:28 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On:    
Bug Blocks: 580954, 677170, 678097    

Description Shirley Zhou 2011-02-14 06:01:46 UTC 
Description of problem:
do drive add, then do drive delete, segment fault happens.

Version-Release number of selected component (if applicable):
qemu-kvm-0.12.1.2-2.144.el6.x86_64

How reproducible:
2/2

Steps to Reproduce:
1.boot guest with cli:

/usr/libexec/qemu-kvm -enable-kvm -m 2G -smp 2,sockets=2,cores=1,threads=1 -name qcow2 -uuid bb312345-50b0-de70-921b-5c360a945678 -monitor stdio -rtc base=localtime -boot c -drive file=/root/test3.img,if=none,id=drive-ide0-0-0,format=qcow2,cache=none -device virtio-blk-pci,drive=drive-ide0-0-0,id=ide0-0-0 -netdev tap,id=hostnet0 -device virtio-net-pci,netdev=hostnet0,id=net0,mac=52:54:00:56:ad:a1,bus=pci.0,addr=0x7 -chardev pty,id=serial0 -device isa-serial,chardev=serial0 -usb -device usb-tablet,id=input0 -device virtio-balloon-pci,id=balloon0,bus=pci.0,addr=0x8 -vga qxl -spice port=5911,disable-ticketing -drive file=/home/raw.img,if=none,id=drive-ide0-0-1,format=raw,cache=none -device virtio-blk-pci,drive=drive-ide0-0-1,id=ide0-0-1

2. do drive add
(qemu) __com.redhat_drive_add file=/dev/vgtest1/raw,format=raw,id=drive-virtio1

3.delete drive added in above step
(qemu) __com.redhat_drive_del drive-virtio1

Actual results:
segment fault happens after step3
(gdb) bt
#0  0x0000000000472433 in do_drive_del (mon=<value optimized out>, qdict=<value optimized out>, ret_data=<value optimized out>) at /usr/src/debug/qemu-kvm-0.12.1.2/hw/device-hotplug.c:134
#1  0x0000000000413e10 in monitor_call_handler (mon=0x15b3230, cmd=0x58e820, params=<value optimized out>) at /usr/src/debug/qemu-kvm-0.12.1.2/monitor.c:4338
#2  0x0000000000418d60 in handle_user_command (mon=0x15b3230, cmdline=<value optimized out>) at /usr/src/debug/qemu-kvm-0.12.1.2/monitor.c:4375
#3  0x0000000000418e8a in monitor_command_cb (mon=0x15b3230, cmdline=<value optimized out>, opaque=<value optimized out>) at /usr/src/debug/qemu-kvm-0.12.1.2/monitor.c:4930
#4  0x00000000004a580b in readline_handle_byte (rs=0x1fec960, ch=<value optimized out>) at readline.c:369
#5  0x00000000004190ac in monitor_read (opaque=<value optimized out>, buf=0x7fffe99ea6d0 "\r", size=1) at /usr/src/debug/qemu-kvm-0.12.1.2/monitor.c:4916
#6  0x00000000004be1fb in qemu_chr_read (opaque=0x13b9840) at qemu-char.c:171
#7  fd_chr_read (opaque=0x13b9840) at qemu-char.c:657
#8  0x000000000040b95f in main_loop_wait (timeout=1000) at /usr/src/debug/qemu-kvm-0.12.1.2/vl.c:4424
#9  0x000000000042b29a in kvm_main_loop () at /usr/src/debug/qemu-kvm-0.12.1.2/qemu-kvm.c:2165
#10 0x000000000040ef0f in main_loop (argc=<value optimized out>, argv=<value optimized out>, envp=<value optimized out>) at /usr/src/debug/qemu-kvm-0.12.1.2/vl.c:4634
#11 main (argc=<value optimized out>, argv=<value optimized out>, envp=<value optimized out>) at /usr/src/debug/qemu-kvm-0.12.1.2/vl.c:6848


Expected results:
drive delete ok.

Additional info:
Comment 2 Markus Armbruster 2011-02-14 12:16:26 UTC 
Reproduced.  

Probable cause: we're missing upstream commit commit 850ec113 "blockdev: Fix drive_del not to crash when drive is not in use".
Comment 7 Shirley Zhou 2011-02-16 05:28:52 UTC 
Verify this bug with qemu-kvm-0.12.1.2-2.145.el6 as following steps:

1.add one drive via qemu monitor
(qemu) __com.redhat_drive_add file=/dev/vgtest/raw,id=virtio1,format=raw,cache=none
2.delete this drive 
(qemu) __com.redhat_drive_del virtio1
3. add two drive
(qemu) __com.redhat_drive_add file=/dev/vgtest/raw,id=virtio1,format=raw,cache=none
(qemu)__com.redhat_drive_add file=/root/data.img,id=virtio2,format=qcow2,cache=none
4. delete these drive one by one
(qemu) __com.redhat_drive_del virtio1
(qemu) __com.redhat_drive_del virtio2

After above steps, guest running fine. So this bug has been resolved.
Comment 10 errata-xmlrpc 2011-05-19 11:28:28 UTC 
An advisory has been issued which should help the problem
described in this bug report. This report is therefore being
closed with a resolution of ERRATA. For more information
on therefore solution and/or where to find the updated files,
please follow the link below. You may reopen this bug report
if the solution does not work for you.

http://rhn.redhat.com/errata/RHSA-2011-0534.html
Comment 11 errata-xmlrpc 2011-05-19 13:01:36 UTC 
An advisory has been issued which should help the problem
described in this bug report. This report is therefore being
closed with a resolution of ERRATA. For more information
on therefore solution and/or where to find the updated files,
please follow the link below. You may reopen this bug report
if the solution does not work for you.

http://rhn.redhat.com/errata/RHSA-2011-0534.html