Bug 782755

Summary: Guest kernel panic when running floppy testing with r5u8 vm
Product: Red Hat Enterprise Linux 5 Reporter: Golita Yue <gyue>
Component: kvmAssignee: Virtualization Maintenance <virt-maint>
Status: CLOSED WONTFIX QA Contact: Virtualization Bugs <virt-bugs>
Severity: high Docs Contact:
Priority: medium    
Version: 5.8CC: juzhang, mkenneth, rhod, virt-maint
Target Milestone: rc   
Target Release: ---   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2012-02-01 11:43:00 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Attachments:
Description Flags
serial-log-guest
none
rhel5u8-32-virtio-guest-serial-log none

Description Golita Yue 2012-01-18 11:32:04 UTC 
Description of problem:
When running floppy testing with r5u8-64bit guest, get call trace:

Unable to handle kernel NULL pointer dereference at 0000000000000035 RIP:
 [<ffffffff882606e4>] :floppy:setup_rw_floppy+0x229/0x2c1
 Call Trace:
  [<ffffffff8004d29d>] run_workqueue+0x9e/0xfb
  [<ffffffff80049aa6>] worker_thread+0x0/0x122
  [<ffffffff80049b96>] worker_thread+0xf0/0x122
  [<ffffffff8008ee72>] default_wake_function+0x0/0xe
  [<ffffffff80032669>] kthread+0xfe/0x132
  [<ffffffff8005dfb1>] child_rip+0xa/0x11
  [<ffffffff8003256b>] kthread+0x0/0x132
  [<ffffffff8005dfa7>] child_rip+0x0/0x11


Version-Release number of selected component (if applicable):


How reproducible:
host info:
kvm-83-249.el5
kernel-2.6.18-304.el5

guest info:
kernel-2.6.18-304.el5

Steps to Reproduce:
0. create floppy
#dd if=/dev/zero of=images/test_floppy.img bs=512 count=2880
1. boot vm with the floppy 
2. format floppy 
#mkfs -t ext3 /dev/fd0
3. mount floppy
#mount /dev/fd0 /mnt/
4. do some action in /mnt directory
#(dd if=/dev/urandom of=/mnt/test_floppy bs=1M count=1) && (rm -f /mnt/test_floppy)
#cp /etc/passwd /mnt/passwd
#rm -f /mnt/passwd
5. umount floppy
#umount /mnt/

  
Actual results:
guest kernel panic

Expected results:
pass for umount command

Additional info:
Cmd to boot up guest:
qemu-kvm -drive file='RHEL-Server-5.8-64.qcow2',index=0,if=ide,media=disk,cache=none,format=qcow2 -net nic,vlan=0,model=rtl8139,macaddr='9a:13:0e:34:14:24' -net tap,vlan=0,fd=24 -m 16384 -smp 4,cores=2,threads=1,sockets=2 -cpu qemu64,+sse2 -soundhw ac97 -fda 'test_floppy.img' -spice port=8000,disable-ticketing -qxl 1 -rtc-td-hack -boot c   -no-kvm-pit-reinjection  -M rhel5.6.0 -usbdevice tablet

Tested with km-83-249.el5, can reproduce this bug.
Comment 1 Golita Yue 2012-01-18 11:32:56 UTC 
Created attachment 555995 [details]
serial-log-guest
Comment 2 Golita Yue 2012-01-19 03:11:40 UTC 
Tested with kvm-83-246.el5, can reproduce this bug.
Tested with kvm-83-239.el5, can reproduce this bug. so this bug is not regression.
Comment 3 Golita Yue 2012-01-19 03:24:40 UTC 
Hit this bug with guest RHEL-Server-5.8-32bit-virtio.qcow2 in kvm-83-249.el5

Attached the guest serial info:  r5u8-32-virtio.log

cmdline:
qemu-kvm -drive file='RHEL-Server-5.8-32-virtio.qcow2',index=0,if=virtio,media=disk,cache=none,boot=on,format=qcow2 -net nic,vlan=0,model=virtio,macaddr='9a:d9:44:23:d4:1b' -net tap,vlan=0,fd=24 -m 2048 -smp 2,cores=1,threads=1,sockets=2 -cpu qemu64,+sse2 -soundhw ac97 -fda 'test_floppy.img' -vnc :0 -rtc-td-hack -boot c   -no-kvm-pit-reinjection  -M rhel5.6.0 -usbdevice tablet

The steps is same as Description's.
Comment 4 Golita Yue 2012-01-19 03:26:00 UTC 
Created attachment 556164 [details]
rhel5u8-32-virtio-guest-serial-log
Comment 5 Ronen Hod 2012-02-01 11:43:00 UTC 
Closing. Not a regression, and we will not get to fix it in RHEL5.9
Please test with RHEL6.2