Bug 807512

Summary: qemu exit and Segmentation fault when hotplug vcpus with bigger value
Product: Red Hat Enterprise Linux 6 Reporter: FuXiangChun <xfu>
Component: qemu-kvmAssignee: Igor Mammedov <imammedo>
Status: CLOSED ERRATA QA Contact: Virtualization Bugs <virt-bugs>
Severity: medium Docs Contact:
Priority: medium    
Version: 6.3CC: acathrow, areis, bsarathy, dyasny, juzhang, michen, mkenneth, sluo, virt-maint, wdai
Target Milestone: rc   
Target Release: ---   
Hardware: x86_64   
OS: Linux   
Whiteboard:
Fixed In Version: qemu-kvm-0.12.1.2-2.272.el6 Doc Type: Bug Fix
Doc Text:
No documentation needed
 Story Points: ---
Clone Of: Environment:
Last Closed: 2012-06-20 11:45:33 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Attachments:
Description Flags
Segmentation fault log none

Description FuXiangChun 2012-03-28 02:45:29 UTC 
Description of problem:
qemu should limit to hoplug vcpu with bigger values.

for example:
(qemu) cpu_set 300000000 online   

Version-Release number of selected component (if applicable):

host kernel:
# uname -r
2.6.32-257.el6.x86_64

qemu vesion:
qemu-kvm-0.12.1.2-2.265.el6.x86_64

How reproducible:
100%

Steps to Reproduce:
1./usr/libexec/qemu-kvm -M rhel6.3.0 -cpu host --enable-kvm -m 4G -smp
1,maxcpus=161 -name rhel6.3 -uuid ddcbfb49-3411-1701-3c36-6bdbc00bedbb -rtc
base=utc,clock=host,driftfix=slew -drive
file=/dev/vg-54/lvtest,if=none,id=ide,format=qcow2,cache=none,werror=stop,rerror=stop
-device ide-drive,drive=ide,id=drive-ide0-0-0,bootindex=1 -netdev
tap,id=hostnet1 -device e1000,netdev=hostnet1,id=net1,mac=86:12:50:a4:32:72
-spice port=5911,disable-ticketing -vga qxl -device sga -chardev
socket,id=serial0,path=/var/test1,server,nowait -device
isa-serial,chardev=serial0 -balloon virtio -monitor
unix:/tmp/monitor2,server,nowait -monitor stdio

2.(qemu) cpu_set 300000000 online

3.
  
Actual results:
qemu quit and Segmentation fault

Expected results:
guest work well and show warning messages.

Additional info:
Comment 1 FuXiangChun 2012-03-28 02:46:32 UTC 
Created attachment 573206 [details]
Segmentation fault log
Comment 3 juzhang 2012-03-28 06:43:44 UTC 
FYI
Bug 805788 - Option -smp maxcpus does not completely work

If -smp maxcpus works right, maybe can avoid this issue.
Comment 4 Igor Mammedov 2012-04-02 13:10:16 UTC 
*** Bug 805788 has been marked as a duplicate of this bug. ***
Comment 7 Dor Laor 2012-04-22 11:31:10 UTC 
    Technical note added. If any revisions are required, please edit the "Technical Notes" field
    accordingly. All revisions will be proofread by the Engineering Content Services team.
    
    New Contents:
No documentation needed
Comment 8 Sibiao Luo 2012-04-25 05:35:07 UTC 
Have reporduced and verified this issue with the same steps as Comment #0.

reporduce this issue with the environment and test results as follows:
host info:
# uname -r && rpm -q qemu-kvm
2.6.32-262.el6.x86_64
qemu-kvm-0.12.1.2-2.270.el6.x86_64
guest info:
RHEL6.3-20120416.0-Server-x86_64

actual results:
after the step 2, QEMU quit and Segmentation fault,
(qemu) cpu_set 300000000 online
[New Thread 0x7ffedeef2700 (LWP 8828)]

Program received signal SIGSEGV, Segmentation fault.
0x00007ffff7f6c9d0 in enable_processor (cpu=300000000, state=<value optimized out>) at /usr/src/debug/qemu-kvm-0.12.1.2/hw/acpi.c:929
929	    g->cpus_sts[cpu / 8] |= (1 << (cpu % 8));
(gdb) bt
#0  0x00007ffff7f6c9d0 in enable_processor (cpu=300000000, state=<value optimized out>) at /usr/src/debug/qemu-kvm-0.12.1.2/hw/acpi.c:929
#1  qemu_system_cpu_hot_add (cpu=300000000, state=<value optimized out>) at /usr/src/debug/qemu-kvm-0.12.1.2/hw/acpi.c:952
#2  0x00007ffff7dfa8f9 in handle_user_command (mon=0x7ffff8768010, cmdline=<value optimized out>) at /usr/src/debug/qemu-kvm-0.12.1.2/monitor.c:4217
#3  0x00007ffff7dfa95a in monitor_command_cb (mon=0x7ffff8768010, cmdline=<value optimized out>, opaque=<value optimized out>)
    at /usr/src/debug/qemu-kvm-0.12.1.2/monitor.c:4838
#4  0x00007ffff7e51f4d in readline_handle_byte (rs=0x7ffff9b89210, ch=<value optimized out>) at readline.c:369
#5  0x00007ffff7dfab80 in monitor_read (opaque=<value optimized out>, buf=0x7fffffffbbe0 "\r", size=1) at /usr/src/debug/qemu-kvm-0.12.1.2/monitor.c:4824
#6  0x00007ffff7e6739b in qemu_chr_read (opaque=0x7ffff86d9e90) at qemu-char.c:180
#7  fd_chr_read (opaque=0x7ffff86d9e90) at qemu-char.c:688
#8  0x00007ffff7dede0f in main_loop_wait (timeout=1000) at /usr/src/debug/qemu-kvm-0.12.1.2/vl.c:3990
#9  0x00007ffff7e0f52a in kvm_main_loop () at /usr/src/debug/qemu-kvm-0.12.1.2/qemu-kvm.c:2244
#10 0x00007ffff7df095c in main_loop (argc=20, argv=<value optimized out>, envp=<value optimized out>) at /usr/src/debug/qemu-kvm-0.12.1.2/vl.c:4202
#11 main (argc=20, argv=<value optimized out>, envp=<value optimized out>) at /usr/src/debug/qemu-kvm-0.12.1.2/vl.c:6427
(gdb)

verify this issue with the environment and test results as follows:
host info:
# uname -r && rpm -q qemu-kvm
2.6.32-262.el6.x86_64
qemu-kvm-0.12.1.2-2.285.el6.x86_64
guest info:
RHEL6.3-20120416.0-Server-x86_64

actual results:
after the step 2, if hotplug vcpus with bigger than the range value, QEMU prompts a warning message, else if hotplug vcpus within the range value can successfully.
(qemu) cpu_set 300000000 online
cpu id[300000000] must be in range [1..160]
(qemu) cpu_set 160 online
(qemu)

According to above test results, this issue has been fixed.
Comment 10 errata-xmlrpc 2012-06-20 11:45:33 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

http://rhn.redhat.com/errata/RHBA-2012-0746.html