1019220 – QEMU core dumped when using -drive if=scsi

RHEL Engineering is moving the tracking of its product development work on RHEL 6 through RHEL 9 to Red Hat Jira (issues.redhat.com). If you're a Red Hat customer, please continue to file support cases via the Red Hat customer portal. If you're not, please head to the "RHEL project" in Red Hat Jira and file new tickets here. Individual Bugzilla bugs in the statuses "NEW", "ASSIGNED", and "POST" are being migrated throughout September 2023. Bugs of Red Hat partners with an assigned Engineering Partner Manager (EPM) are migrated in late September as per pre-agreed dates. Bugs against components "kernel", "kernel-rt", and "kpatch" are only migrated if still in "NEW" or "ASSIGNED". If you cannot log in to RH Jira, please consult article #7032570. That failing, please send an e-mail to the RH Jira admins at rh-issues@redhat.com to troubleshoot your issue as a user management inquiry. The email creates a ServiceNow ticket with Red Hat. Individual Bugzilla bugs that are migrated will be moved to status "CLOSED", resolution "MIGRATED", and set with "MigratedToJIRA" in "Keywords". The link to the successor Jira issue will be found under "Links", have a little "two-footprint" icon next to it, and direct you to the "RHEL project" in Red Hat Jira (issue links are of type "https://issues.redhat.com/browse/RHEL-XXXX", where "X" is a digit). This same link will be available in a blue banner at the top of the page informing you that that bug has been migrated.

Bug 1019220 - QEMU core dumped when using -drive if=scsi

Summary: QEMU core dumped when using -drive if=scsi

Keywords:
Status:	CLOSED WONTFIX
Alias:	None
Product:	Red Hat Enterprise Linux 6
Classification:	Red Hat
Component:	qemu-kvm
Sub Component:
Version:	6.5
Hardware:	Unspecified
OS:	Unspecified
Priority:	medium
Severity:	medium
Target Milestone:	rc
Target Release:	---
Assignee:	Fam Zheng
QA Contact:	Virtualization Bugs
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:	1019535
TreeView+	depends on / blocked

Reported:	2013-10-15 10:14 UTC by Sibiao Luo
Modified:	2014-04-23 03:08 UTC (History)
CC List:	11 users (show)
Fixed In Version:
Doc Type:	Bug Fix
Doc Text:
Clone Of:
Clones:	1019535 (view as bug list)
Environment:
Last Closed:	2014-04-23 03:08:10 UTC
Target Upstream Version:
Embargoed:

Attachments	(Terms of Use)

Description Sibiao Luo 2013-10-15 10:14:19 UTC

Description of problem:
boot up a guest attaching a data disk speicified if=scsi/ide without rerror=stop in cli, the QEMU will quit and core dumped.

Version-Release number of selected component (if applicable):
# uname -r && rpm -q qemu-kvm-rhev
2.6.32-422.el6.x86_64
qemu-kvm-rhev-0.12.1.2-2.412.el6.x86_64
guest info:
2.6.32-422.el6.x86_64

How reproducible:
100%

Steps to Reproduce:
1.boot up a guest attaching a data disk speicified if=scsi/ide without rerror=stop in cli.
# qemu-img info my-data-disk.qcow2 
image: my-data-disk.qcow2
file format: qcow2
virtual size: 10G (10737418240 bytes)
disk size: 136K
cluster_size: 65536
# /usr/libexec/qemu-kvm -M pc -S -cpu SandyBridge -enable-kvm -m 2048 -smp 2,sockets=2,cores=1,threads=1 -no-kvm-pit-reinjection -usb -device usb-tablet,id=input0 -name sluo -uuid 990ea161-6b67-47b2-b803-19fb01d30d30 -rtc base=localtime,clock=host,driftfix=slew -device virtio-serial-pci,id=virtio-serial0,max_ports=16,vectors=0,bus=pci.0,addr=0x3 -chardev socket,id=channel1,path=/tmp/helloworld1,server,nowait -device virtserialport,chardev=channel1,name=com.redhat.rhevm.vdsm,bus=virtio-serial0.0,id=port1 -chardev socket,id=channel2,path=/tmp/helloworld2,server,nowait -device virtserialport,chardev=channel2,name=com.redhat.rhevm.vdsm,bus=virtio-serial0.0,id=port2 -drive file=/mnt/RHEL-Server-6.4-64.qcow2,if=none,id=drive-virtio-disk,format=qcow2,cache=none,aio=native,werror=stop,rerror=stop -device virtio-blk-pci,vectors=0,bus=pci.0,addr=0x4,scsi=off,drive=drive-virtio-disk,id=virtio-disk,bootindex=1 -netdev tap,id=hostnet0,vhost=on,script=/etc/qemu-ifup -device virtio-net-pci,netdev=hostnet0,id=virtio-net-pci0,mac=2C:41:38:B6:40:21,bus=pci.0,addr=0x5 -device virtio-balloon-pci,id=ballooning,bus=pci.0,addr=0x6 -global PIIX4_PM.disable_s3=0 -global PIIX4_PM.disable_s4=0 -drive file=/mnt/my-data-disk.qcow2,if=scsi,id=drive-data-disk,format=qcow2,cache=none,werror=stop -device virtio-scsi-pci,bus=pci.0,addr=0x7,id=scsi0 -device scsi-hd,drive=drive-data-disk,id=data-disk,bus=scsi0.0 -k en-us -boot menu=on -spice disable-ticketing,port=5931 -monitor stdio
qemu: hardware error: Unknown device 'lsi53c895a' for bus 'PCI'

CPU #0:
EAX=00000000 EBX=00000000 ECX=00000000 EDX=000206a1
ESI=00000000 EDI=00000000 EBP=00000000 ESP=00000000
EIP=0000fff0 EFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 00000000 0000ffff 00009300
CS =f000 ffff0000 0000ffff 00009b00
SS =0000 00000000 0000ffff 00009300
DS =0000 00000000 0000ffff 00009300
FS =0000 00000000 0000ffff 00009300
GS =0000 00000000 0000ffff 00009300
LDT=0000 00000000 0000ffff 00008200
TR =0000 00000000 0000ffff 00008b00
GDT=     00000000 0000ffff
IDT=     00000000 0000ffff
CR0=60000010 CR2=00000000 CR3=00000000 CR4=00000000
DR0=00000000 DR1=00000000 DR2=00000000 DR3=00000000 
DR6=ffff0ff0 DR7=00000400
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=00000000000000000000000000000000 XMM01=00000000000000000000000000000000
XMM02=00000000000000000000000000000000 XMM03=00000000000000000000000000000000
XMM04=00000000000000000000000000000000 XMM05=00000000000000000000000000000000
XMM06=00000000000000000000000000000000 XMM07=00000000000000000000000000000000
CPU #1:
EAX=00000000 EBX=00000000 ECX=00000000 EDX=000206a1
ESI=00000000 EDI=00000000 EBP=00000000 ESP=00000000
EIP=0000fff0 EFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=1
ES =0000 00000000 0000ffff 00009300
CS =f000 ffff0000 0000ffff 00009b00
SS =0000 00000000 0000ffff 00009300
DS =0000 00000000 0000ffff 00009300
FS =0000 00000000 0000ffff 00009300
GS =0000 00000000 0000ffff 00009300
LDT=0000 00000000 0000ffff 00008200
TR =0000 00000000 0000ffff 00008b00
GDT=     00000000 0000ffff
IDT=     00000000 0000ffff
CR0=60000010 CR2=00000000 CR3=00000000 CR4=00000000
DR0=00000000 DR1=00000000 DR2=00000000 DR3=00000000 
DR6=ffff0ff0 DR7=00000400
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=00000000000000000000000000000000 XMM01=00000000000000000000000000000000
XMM02=00000000000000000000000000000000 XMM03=00000000000000000000000000000000
XMM04=00000000000000000000000000000000 XMM05=00000000000000000000000000000000
XMM06=00000000000000000000000000000000 XMM07=00000000000000000000000000000000
Aborted (core dumped)
2.
3.

Actual results:
QEMU will quit and core dumped.

Expected results:
It should give some warnning message prompt if not support, anyway it should no any core dumped.

Additional info:

Comment 1 Sibiao Luo 2013-10-15 10:15:16 UTC

(gdb) bt
#0  0x00007f8849305925 in raise () from /lib64/libc.so.6
#1  0x00007f8849307105 in abort () from /lib64/libc.so.6
#2  0x00007f884c4349a2 in hw_error (fmt=<value optimized out>) at /usr/src/debug/qemu-kvm-0.12.1.2/vl.c:519
#3  0x00007f884c4c9ddd in qdev_create (bus=0x7f884d49d010, name=0x7f884c61e0d1 "lsi53c895a")
    at /usr/src/debug/qemu-kvm-0.12.1.2/hw/qdev.c:119
#4  0x00007f884c44218f in pci_create_multifunction (bus=<value optimized out>, devfn=-1, multifunction=false, 
    name=<value optimized out>) at /usr/src/debug/qemu-kvm-0.12.1.2/hw/pci.c:1580
#5  0x00007f884c4421e9 in pci_create_simple_multifunction (bus=<value optimized out>, devfn=<value optimized out>, 
    multifunction=<value optimized out>, name=<value optimized out>) at /usr/src/debug/qemu-kvm-0.12.1.2/hw/pci.c:1590
#6  0x00007f884c5b864f in pc_init1 (ram_size=140734446235064, boot_device=0x7fff4aad0020 "cad", kernel_filename=0x0, 
    kernel_cmdline=0x7f884c60088f "", initrd_filename=0x0, cpu_model=0x7fff4aad22ee "SandyBridge", pci_enabled=1)
    at /usr/src/debug/qemu-kvm-0.12.1.2/hw/pc.c:1429
#7  0x00007f884c435772 in main (argc=59, argv=<value optimized out>, envp=<value optimized out>)
    at /usr/src/debug/qemu-kvm-0.12.1.2/vl.c:6426
(gdb) bt full
#0  0x00007f8849305925 in raise () from /lib64/libc.so.6
No symbol table info available.
#1  0x00007f8849307105 in abort () from /lib64/libc.so.6
No symbol table info available.
#2  0x00007f884c4349a2 in hw_error (fmt=<value optimized out>) at /usr/src/debug/qemu-kvm-0.12.1.2/vl.c:519
        ap = {{gp_offset = 24, fp_offset = 48, overflow_arg_area = 0x7fff4aaceca0, reg_save_area = 0x7fff4aacebd0}}
        env = 0x0
#3  0x00007f884c4c9ddd in qdev_create (bus=0x7f884d49d010, name=0x7f884c61e0d1 "lsi53c895a")
    at /usr/src/debug/qemu-kvm-0.12.1.2/hw/qdev.c:119
        info = <value optimized out>
#4  0x00007f884c44218f in pci_create_multifunction (bus=<value optimized out>, devfn=-1, multifunction=false, 
    name=<value optimized out>) at /usr/src/debug/qemu-kvm-0.12.1.2/hw/pci.c:1580
        dev = <value optimized out>
#5  0x00007f884c4421e9 in pci_create_simple_multifunction (bus=<value optimized out>, devfn=<value optimized out>, 
    multifunction=<value optimized out>, name=<value optimized out>) at /usr/src/debug/qemu-kvm-0.12.1.2/hw/pci.c:1590
        dev = <value optimized out>
#6  0x00007f884c5b864f in pc_init1 (ram_size=140734446235064, boot_device=0x7fff4aad0020 "cad", kernel_filename=0x0, 
    kernel_cmdline=0x7f884c60088f "", initrd_filename=0x0, cpu_model=0x7fff4aad22ee "SandyBridge", pci_enabled=1)
    at /usr/src/debug/qemu-kvm-0.12.1.2/hw/pc.c:1429
        max_bus = 0
        bus = <value optimized out>
        filename = <value optimized out>
        ret = <value optimized out>
        i = <value optimized out>
        ram_addr = <value optimized out>
        bios_offset = 140223388942352
        option_rom_offset = <value optimized out>
        below_4g_mem_size = 140734446235064
        above_4g_mem_size = 0
        bios_size = <value optimized out>
        isa_bios_size = <value optimized out>
        pci_bus = 0x7f884d49d010
        piix3_devfn = 8
        cpu_irq = <value optimized out>
        isa_irq = 0x7fff4aacedc0
        i8259 = <value optimized out>
        isa_irq_state = <value optimized out>
        hd = {0x0, 0x0, 0x7f884d1afc10, 0x0}
        fd = {0x7f884d1bfe10, 0x0}
        linux_boot = 0
#7  0x00007f884c435772 in main (argc=59, argv=<value optimized out>, envp=<value optimized out>)
    at /usr/src/debug/qemu-kvm-0.12.1.2/vl.c:6426
        gdbstub_dev = 0x0
        i = <value optimized out>
        snapshot = 0
        linux_boot = 0
        initrd_filename = 0x0
        kernel_filename = 0x0
        kernel_cmdline = 0x7f884c60088f ""
        boot_devices = "cad", '\000' <repeats 29 times>
        ds = <value optimized out>
        dcl = <value optimized out>
        cyls = 0
        heads = 0
        secs = 0
        translation = 0
        hda_opts = 0x7f884c961590
        opts = <value optimized out>
        olist = <value optimized out>
        optind = 59
        optarg = 0x7fff4aad2883 "stdio"
        loadvm = 0x0
        machine = 0x7f884c95aa80
        cpu_model = 0x7fff4aad22ee "SandyBridge"
        fds = {1278800016, 32648}
        tb_size = 0
        pid_file = 0x0
        incoming = 0x0
        fd = 0
        pwd = 0x0
        chroot_dir = 0x0
        run_as = 0x0
        env = <value optimized out>
        show_vnc_port = 0
        defconfig = <value optimized out>
        defconfig_verbose = <value optimized out>
(gdb)

Comment 2 Sibiao Luo 2013-10-15 10:17:03 UTC

If add rerror=stop in cli, QEMU will not core dumped but quit with promt "rerror is not supported by this bus type".
e.g:...-drive file=/mnt/my-data-disk.qcow2,if=scsi,id=drive-data-disk,format=qcow2,cache=none,rerror=stop,werror=stop -device virtio-scsi-pci,bus=pci.0,addr=0x7,id=scsi0 -device scsi-hd,drive=drive-data-disk,id=data-disk,bus=scsi0.0 -k en-us -boot menu=on -spice disable-ticketing,port=5931 -monitor stdio
qemu-kvm: -drive file=/mnt/my-data-disk.qcow2,if=scsi,id=drive-data-disk,format=qcow2,cache=none,rerror=stop,werror=stop: rerror is not supported by this bus type
/etc/qemu-ifdown: could not launch network script

Best regards,
sluo

Comment 3 Sibiao Luo 2013-10-16 02:45:47 UTC

(In reply to Sibiao Luo from comment #0)
> Description of problem:
> boot up a guest attaching a data disk speicified if=scsi/ide without
> rerror=stop in cli, the QEMU will quit and core dumped.
>
This bug only hit when specified if=scsi. Please refer to bug 1019538 that if specify if=virtio/ide/floppy.

Comment 4 Fam Zheng 2014-04-17 10:54:21 UTC

-drive file=/mnt/my-data-disk.qcow2,if=scsi,id=drive-data-disk ... -device scsi-hd,drive=drive-data-disk,id=data-disk,bus=scsi0.0

Notice that an interface is already created with if=scsi, then create another device with the drive, is not a valid use case.

Will look into the core dump and replace it with an exit with a friendly error message.

Note You need to log in before you can comment on or make changes to this bug.