Bug 707813

Summary:	Got segmentation fault after 300 times hot-unplug/plug NIC of windows guest
Product:	Red Hat Enterprise Linux 5	Reporter:	Qunfang Zhang <qzhang>
Component:	kvm	Assignee:	Alex Williamson <alex.williamson>
Status:	CLOSED WONTFIX	QA Contact:	Virtualization Bugs <virt-bugs>
Severity:	medium	Docs Contact:
Priority:	medium
Version:	5.7	CC:	bcao, gcosta, juzhang, michen, mkenneth, virt-maint
Target Milestone:	rc
Target Release:	---
Hardware:	Unspecified
OS:	Unspecified
Whiteboard:
Fixed In Version:		Doc Type:	Bug Fix
Doc Text:		Story Points:	---
Clone Of:		Environment:
Last Closed:	2011-07-27 19:07:24 UTC	Type:	---
Regression:	---	Mount Type:	---
Documentation:	---	CRM:
Verified Versions:		Category:	---
oVirt Team:	---	RHEL 7.3 requirements from Atomic Host:
Cloudforms Team:	---	Target Upstream Version:
Embargoed:
Bug Depends On:
Bug Blocks:	580948

Description Qunfang Zhang 2011-05-26 03:10:15 UTC

Description of problem:
As subject, after 300 times hot unplug then hot plug, guest got segmentation fault.
For RHEL guest, did not meet this issue.

Version-Release number of selected component (if applicable):
kernel-2.6.18-262.el5
kvm-83-235.el5

How reproducible:
2/3

Steps to Reproduce:
1.Boot a windows guest.

/usr/libexec/qemu-kvm -no-hpet -no-kvm-pit-reinjection -usbdevice tablet -rtc-td-hack -startdate now -name win7-32 -smp 4,cores=4 -k en-us -m 3G -boot c -net nic,vlan=1,macaddr=00:1a:4a:42:49:10,model=virtio -net tap,vlan=1,ifname=virtio_10_1,script=/etc/qemu-ifup,downscript=no -drive file=/mnt/win7-32-sp1-qcow2,media=disk,if=virtio,cache=off,boot=on,format=qcow2,werror=stop -cpu qemu64,+sse2 -M rhel5.6.0 -notify all -balloon none -spice host=0,ic=on,port=5930,disable-ticketing -qxl 1  -net tap,vlan=2,ifname=virtio_10_2,script=/etc/qemu-ifup,downscript=no -monitor unix:/tmp/aaa,server,nowait

(qemu) info network
info network
VLAN 1 devices:
  tap.0: ifname=virtio_10_1,script=/etc/qemu-ifup,downscript=no
  virtio.0: model=virtio,macaddr=00:1a:4a:42:49:10
VLAN 2 devices:
  tap.1: ifname=virtio_10_2,script=/etc/qemu-ifup,downscript=no


2. In host:
#for ((i=1;i<=300;i++)); do echo pci_add pci_addr=0x06 nic vlan=2,model=virtio | nc -U /tmp/aaa;sleep 4; echo pci_del pci_addr=0x06|nc -U /tmp/aaa ;echo $i; sleep 4; done

3.
  
Actual results:
Guest got segmentation fault after 300 times hotplug/unplug.

Expected results:
Guest works well.

Additional info:

Program received signal SIGSEGV, Segmentation fault.
0x0000000000415eae in virtio_update_irq (vdev=0x1dfdd60)
    at /usr/src/debug/kvm-83-maint-snapshot-20090205/qemu/hw/virtio.c:485
485	    qemu_set_irq(vdev->pci_dev.irq[0], vdev->isr & 1);
(gdb) 
(gdb) bt
#0  0x0000000000415eae in virtio_update_irq (vdev=0x1dfdd60)
    at /usr/src/debug/kvm-83-maint-snapshot-20090205/qemu/hw/virtio.c:485
#1  0x0000000000415fdb in virtio_reset (opaque=<value optimized out>)
    at /usr/src/debug/kvm-83-maint-snapshot-20090205/qemu/hw/virtio.c:500
#2  0x0000000000407766 in qemu_system_reset ()
    at /usr/src/debug/kvm-83-maint-snapshot-20090205/qemu/vl.c:3942
#3  0x0000000000501196 in qemu_kvm_system_reset ()
    at /usr/src/debug/kvm-83-maint-snapshot-20090205/qemu/qemu-kvm.c:369
#4  kvm_main_loop ()
    at /usr/src/debug/kvm-83-maint-snapshot-20090205/qemu/qemu-kvm.c:604
#5  0x000000000040e757 in main_loop (argc=40, argv=0x7fffffffe598, 
    envp=<value optimized out>)
    at /usr/src/debug/kvm-83-maint-snapshot-20090205/qemu/vl.c:4157
#6  main (argc=40, argv=0x7fffffffe598, envp=<value optimized out>)
    at /usr/src/debug/kvm-83-maint-snapshot-20090205/qemu/vl.c:6559
(gdb)