Bug 983576

Summary: KVM : kernel BUG at kernel/timer.c
Product: [Fedora] Fedora Reporter: matias.sundman
Component: kernelAssignee: Kernel Maintainer List <kernel-maint>
Status: CLOSED DUPLICATE QA Contact: Fedora Extras Quality Assurance <extras-qa>
Severity: unspecified Docs Contact:
Priority: unspecified    
Version: 19CC: gansalmon, itamar, jonathan, kernel-maint, madhu.chinakonda
Target Milestone: ---   
Target Release: ---   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2013-07-11 14:51:17 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description matias.sundman 2013-07-11 13:52:10 UTC 
Description of problem:

When I shutdown my KVM GuestOS [Windows 7] hte kernel crashes.


Version-Release number of selected component (if applicable):

3.9.9-301.fc19.x86_64


How reproducible:

Everytime


Steps to Reproduce:
1.
Start a VM
2.
Let the VM run for a while
3.
Shutdown the VM
Actual results:

[    3.922726] ------------[ cut here ]------------
[    3.922819] kernel BUG at kernel/timer.c:729!
[    3.922899] invalid opcode: 0000 [#1] SMP 
[    3.922981] Modules linked in: vhost_net macvtap macvlan ebtable_nat xt_CHECKSUM rfcomm tun bridge stp llc nf_conntrack_netbios_ns nf_conntrack_broadcast ipt_MASQUERADE ip6table_nat nf_na
t_ipv6 ip6table_mangle ip6t_REJECT nf_conntrack_ipv6 nf_defrag_ipv6 iptable_nat nf_nat_ipv4 nf_nat iptable_mangle nf_conntrack_ipv4 nf_defrag_ipv4 xt_conntrack nf_conntrack bnep bluetooth eb
table_filter ebtables ip6table_filter ip6_tables acpi_cpufreq mperf coretemp kvm_intel kvm dell_wmi sparse_keymap iTCO_wdt iTCO_vendor_support ppdev crc32_pclmul crc32c_intel dell_laptop dcd
bas snd_hda_codec_hdmi snd_hda_codec_idt arc4 iwldvm mac80211 uvcvideo iwlwifi ghash_clmulni_intel videobuf2_vmalloc cfg80211 videobuf2_memops microcode videobuf2_core snd_hda_intel snd_hda_
codec joydev snd_hwdep snd_seq snd_seq_device videodev
[    3.924296]  snd_pcm media snd_page_alloc snd_timer i2c_i801 sdhci_pci sdhci mmc_core rfkill parport_pc parport lpc_ich mfd_core snd soundcore mei e1000e ptp pps_core binfmt_misc uinput i
915 i2c_algo_bit drm_kms_helper wmi drm i2c_core video
[    3.924589] CPU 3 
[    3.924616] Pid: 2148, comm: qemu-system-x86 Not tainted 3.9.9-301.fc19.x86_64 #1 Dell Inc. Latitude E6530/0JC5MT
[    3.924714] RIP: 0010:[<ffffffff8163cdcb>]  [<ffffffff8163cdcb>] __mod_timer.part.39+0x4/0x6
[    3.924808] RSP: 0018:ffff8803bfbb1c08  EFLAGS: 00010246
[    3.924860] RAX: 0000000000000000 RBX: ffff8803d9f43100 RCX: ffffffff81ce2b70
[    3.924927] RDX: 0000000000000000 RSI: 000000010003044a RDI: ffff8803d9f43100
[    3.924994] RBP: ffff8803bfbb1c08 R08: 0000000047517554 R09: 00000000945811c1
[    3.925062] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000
[    3.925138] R13: 000000010003044a R14: ffff8803eb968818 R15: 0000000000000000
[    3.925207] FS:  00007fbf398a9a40(0000) GS:ffff88041e380000(0000) knlGS:0000000000000000
[    3.925283] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[    3.925339] CR2: 00007fbf44480000 CR3: 00000003bf99b000 CR4: 00000000001427e0
[    3.925406] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[    3.925474] DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7: 0000000000000400
[    3.925542] Process qemu-system-x86 (pid: 2148, threadinfo ffff8803bfbb0000, task ffff8803bfa82ee0)
[    3.925625] Stack:
[    3.925647]  ffff8803bfbb1c48 ffffffff8106d905 0000000000000000 ffff8803d9f43c00
[    3.925732]  ffff8803d9f43c00 ffff8803d9f430c0 ffff8803eb968818 0000000000000000
[    3.925815]  ffff8803bfbb1c78 ffffffffa061bd25 0000000000000000 ffff8803eb968800
[    3.925901] Call Trace:
[    3.925935]  [<ffffffff8106d905>] mod_timer+0x1f5/0x210
[    3.925998]  [<ffffffffa061bd25>] br_multicast_del_pg.isra.20+0x105/0x130 [bridge]
[    3.926079]  [<ffffffffa061c948>] br_multicast_disable_port+0x58/0xc0 [bridge]
[    3.926168]  [<ffffffffa0615cca>] br_stp_disable_port+0x9a/0xf0 [bridge]
[    3.926239]  [<ffffffffa06144e8>] br_device_event+0x208/0x210 [bridge]
[    3.926307]  [<ffffffff8164ae3c>] notifier_call_chain+0x4c/0x70
[    3.926367]  [<ffffffff810858f6>] raw_notifier_call_chain+0x16/0x20
[    3.926431]  [<ffffffff81536ded>] call_netdevice_notifiers+0x2d/0x60
[    3.926495]  [<ffffffff81537057>] dev_close_many+0xb7/0x100
[    3.926552]  [<ffffffff815382a8>] rollback_registered_many+0xa8/0x210
[    3.926617]  [<ffffffff81538441>] rollback_registered+0x31/0x40
[    3.926678]  [<ffffffff81539418>] unregister_netdevice_queue+0x48/0x90
[    3.926744]  [<ffffffffa06362f0>] __tun_detach+0x110/0x2b0 [tun]
[    3.926806]  [<ffffffffa06364bd>] tun_chr_close+0x2d/0x50 [tun]
[    3.926867]  [<ffffffff8119b1f1>] __fput+0xe1/0x230
[    3.926917]  [<ffffffff8119b3fe>] ____fput+0xe/0x10
[    3.926968]  [<ffffffff8107cf7f>] task_work_run+0x9f/0xe0
[    3.927025]  [<ffffffff810139e1>] do_notify_resume+0x61/0xa0
[    3.927082]  [<ffffffff8164f5d2>] int_signal+0x12/0x17
[    3.927142] Code: ad de 49 89 44 24 08 49 8b 44 24 18 83 e0 03 4c 09 f0 49 89 44 24 18 e8 54 f7 a2 ff eb 95 5b 41 5c 41 5d 41 5e 5d c3 55 48 89 e5 <0f> 0b 0f 1f 44 00 00 55 48 89 e5 41 55
 49 89 fd 41 54 53 53 48 
[    3.927573] RIP  [<ffffffff8163cdcb>] __mod_timer.part.39+0x4/0x6
[    3.927639]  RSP <ffff8803bfbb1c08>


Expected results:

Nice shutdown of VM


Additional info:

Worked like a charm in Fedora 18 - I used fedup for the upgrade so I am running the same configuration in 19.
Comment 1 Josh Boyer 2013-07-11 14:51:17 UTC 

*** This bug has been marked as a duplicate of bug 980254 ***