1142078 – qemu coredump with "hardware error: register_ioport_write: invalid opaque" while booting windows guest

RHEL Engineering is moving the tracking of its product development work on RHEL 6 through RHEL 9 to Red Hat Jira (issues.redhat.com). If you're a Red Hat customer, please continue to file support cases via the Red Hat customer portal. If you're not, please head to the "RHEL project" in Red Hat Jira and file new tickets here. Individual Bugzilla bugs in the statuses "NEW", "ASSIGNED", and "POST" are being migrated throughout September 2023. Bugs of Red Hat partners with an assigned Engineering Partner Manager (EPM) are migrated in late September as per pre-agreed dates. Bugs against components "kernel", "kernel-rt", and "kpatch" are only migrated if still in "NEW" or "ASSIGNED". If you cannot log in to RH Jira, please consult article #7032570. That failing, please send an e-mail to the RH Jira admins at rh-issues@redhat.com to troubleshoot your issue as a user management inquiry. The email creates a ServiceNow ticket with Red Hat. Individual Bugzilla bugs that are migrated will be moved to status "CLOSED", resolution "MIGRATED", and set with "MigratedToJIRA" in "Keywords". The link to the successor Jira issue will be found under "Links", have a little "two-footprint" icon next to it, and direct you to the "RHEL project" in Red Hat Jira (issue links are of type "https://issues.redhat.com/browse/RHEL-XXXX", where "X" is a digit). This same link will be available in a blue banner at the top of the page informing you that that bug has been migrated.

Bug 1142078 - qemu coredump with "hardware error: register_ioport_write: invalid opaque" while booting windows guest

Summary: qemu coredump with "hardware error: register_ioport_write: invalid opaque" wh...

Keywords:
Status:	CLOSED CURRENTRELEASE
Alias:	None
Product:	Red Hat Enterprise Linux 6
Classification:	Red Hat
Component:	qemu-kvm
Sub Component:
Version:	6.6
Hardware:	Unspecified
OS:	Unspecified
Priority:	high
Severity:	high
Target Milestone:	rc
Target Release:	---
Assignee:	Amos Kong
QA Contact:	Virtualization Bugs
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+	depends on / blocked

Reported:	2014-09-16 06:41 UTC by lijin
Modified:	2015-05-25 00:08 UTC (History)
CC List:	11 users (show)
Fixed In Version:
Doc Type:	Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed:	2015-03-10 11:37:03 UTC
Target Upstream Version:
Embargoed:

Attachments	(Terms of Use)

Description lijin 2014-09-16 06:41:12 UTC

Description of problem:
boot up a windows guest,qemu prompt error message:"qemu: hardware error: register_ioport_write: invalid opaque",then qemu core dump;

Version-Release number of selected component (if applicable):
qemu-kvm-rhev-0.12.1.2-2.445.el6.x86_64
kernel-2.6.32-502.el6.x86_64
seabios-0.6.1.2-28.el6.x86_64
virtio-win-1.7.2-2.el6.noarch

How reproducible:
30%

Steps to Reproduce:
1.boot guest with:
/usr/libexec/qemu-kvm \
-M rhel6.6.0 -m 2G -smp 2,cores=2 -cpu Nehalem \
-drive file=win8-32-new-new.qcow2,format=qcow2,if=none,id=drive1,cache=none -device virtio-blk-pci,drive=drive1,id=ide-blk-pci1,bootindex=1 \
-boot menu=on -rtc base=localtime,clock=host,driftfix=slew -no-kvm-pit-reinjection \
-name win8-32-longevity-test \
-global PIIX4_PM.disable_s3=0 -global PIIX4_PM.disable_s4=0 \
-spice disable-ticketing,port=5900 -vga qxl -global qxl-vga.revision=3 \
-monitor stdio \
-usb -device usb-tablet \
-drive file=test.qcow2,format=qcow2,if=none,id=drive3,cache=none -device virtio-scsi-pci,id=scsi0 -device scsi-hd,bus=scsi0.0,drive=drive3,id=scsi1 \
-netdev tap,id=hostnet1,script=/etc/qemu-ifup,downscript=no -device virtio-net-pci,netdev=hostnet1,id=net1,mac=00:52:12:26:24:48 \
-device virtio-balloon-pci,id=balloon0 \
-device virtio-rng-pci,id=rng0 \
-drive file=/usr/share/virtio-win/virtio-win.iso,if=none,id=drive4,cache=none,media=cdrom -device ide-drive,drive=drive4,id=cdrom1 \
-drive file=/usr/share/rhev-guest-tools-iso/RHEV-toolsSetup_3.5_2.iso,if=none,id=drive5,cache=none,media=cdrom -device ide-drive,bus=ide.0,unit=1,drive=drive5,id=cdrom2 \
-device virtio-serial-pci,id=virtio-serial0,max_ports=16,vectors=0,bus=pci.0 \
-chardev socket,id=charchannel0,path=/tmp/qi6u4x64.com.redhat.rhevm.vdsm,server,nowait \
-device virtserialport,bus=virtio-serial0.0,nr=1,chardev=charchannel0,id=channel0,name=com.redhat.rhevm.vdsm \
-chardev socket,id=charchannel1,path=/tmp/qi6u4x64.org.qemu.guest_agent.0,server,nowait \
-device virtserialport,bus=virtio-serial0.0,nr=2,chardev=charchannel1,id=channel1,name=org.qemu.guest_agent.0 \
-chardev spicevmc,id=charchannel2,name=vdagent \
-device virtserialport,bus=virtio-serial0.0,nr=3,chardev=charchannel2,id=channel2,name=com.redhat.spice.0 \

Actual results:
QEMU 0.12.1 monitor - type 'help' for more information
(qemu) qemu: hardware error: register_ioport_write: invalid opaque
CPU #0:
EAX=00000407 EBX=8c4e88b0 ECX=8c4e87b4 EDX=00000cfc
ESI=00000cfc EDI=00000004 EBP=8c4e877c ESP=8c4e876c
EIP=81a39536 EFL=00000006 [-----P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0023 00000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
CS =0008 00000000 ffffffff 00c09b00 DPL=0 CS32 [-RA]
SS =0010 00000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0023 00000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
FS =0030 81c61000 00004280 00409300 DPL=0 DS   [-WA]
GS =0000 00000000 ffffffff 00000000
LDT=0000 00000000 ffffffff 00000000
TR =0028 81159000 000020ab 00008b00 DPL=0 TSS32-busy
GDT=     8115c000 000003ff
IDT=     8115c400 000007ff
CR0=80010031 CR2=00000000 CR3=00185000 CR4=000006e8
DR0=00000000 DR1=00000000 DR2=00000000 DR3=00000000 
DR6=ffff0ff0 DR7=00000400
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=00000000000000000000000000000000 XMM01=00000000000000000000000000000000
XMM02=00000000000000000000000000000000 XMM03=00000000000000000000000000000000
XMM04=00000000000000000000000000000000 XMM05=00000000000000000000000000000000
XMM06=00000000000000000000000000000000 XMM07=00000000000000000000000000000000
CPU #1:
EAX=000106a3 EBX=00000001 ECX=80b82201 EDX=178bfbfd
ESI=0000e020 EDI=00000000 EBP=00000000 ESP=00000000
EIP=000058a7 EFL=00010002 [-------] CPL=3 II=0 A20=1 SMM=0 HLT=1
ES =0000 00000000 0000ffff 0000f300
CS =f000 000f0000 0000ffff 0000f300
SS =0000 00000000 0000ffff 0000f300
DS =f000 000f0000 0000ffff 0000f300
FS =0000 00000000 0000ffff 0000f300
GS =0000 00000000 0000ffff 0000f300
LDT=0000 00000000 0000ffff 00008200
TR =0000 feffd000 00002088 00008b00
GDT=     00000000 0000ffff
IDT=     00000000 0000ffff
CR0=60000010 CR2=00000000 CR3=00000000 CR4=00000000
DR0=00000000 DR1=00000000 DR2=00000000 DR3=00000000 
DR6=ffff0ff0 DR7=00000400
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=00000000000000000000000000000000 XMM01=00000000000000000000000000000000
XMM02=00000000000000000000000000000000 XMM03=00000000000000000000000000000000
XMM04=00000000000000000000000000000000 XMM05=00000000000000000000000000000000
XMM06=00000000000000000000000000000000 XMM07=00000000000000000000000000000000
(core dumped) /usr/libexec/qemu-kvm -M rhel6.6.0 -m 2G -smp 2,cores=2 -cpu Nehalem -drive file=win8-32-new-new.qcow2,format=qcow2,if=none,id=drive1,cache=none -device virtio-blk-pci,drive=drive1,id=ide-blk-pci1,bootindex=1 -boot menu=on -rtc base=localtime,clock=host,driftfix=slew -no-kvm-pit-reinjection -name win8-32-longevity-test -global PIIX4_PM.disable_s3=0 -global PIIX4_PM.disable_s4=0 -spice disable-ticketing,port=5900 -vga qxl -global qxl-vga.revision=3 -monitor stdio -usb -device usb-tablet -drive file=test.qcow2,format=qcow2,if=none,id=drive3,cache=none -device virtio-scsi-pci,id=scsi0 -device scsi-hd,bus=scsi0.0,drive=drive3,id=scsi1 -netdev tap,id=hostnet1,script=/etc/qemu-ifup,downscript=no -device virtio-net-pci,netdev=hostnet1,id=net1,mac=00:52:12:26:24:48 -device virtio-balloon-pci,id=balloon0 -device virtio-rng-pci,id=rng0 -drive file=/usr/share/virtio-win/virtio-win.iso,if=none,id=drive4,cache=none,media=cdrom -device ide-drive,drive=drive4,id=cdrom1 -drive file=/usr/share/rhev-guest-tools-iso/RHEV-toolsSetup_3.5_2.iso,if=none,id=drive5,cache=none,media=cdrom -device ide-drive,bus=ide.0,unit=1,drive=drive5,id=cdrom2 -device virtio-serial-pci,id=virtio-serial0,max_ports=16,vectors=0,bus=pci.0 -chardev socket,id=charchannel0,path=/tmp/qi6u4x64.com.redhat.rhevm.vdsm,server,nowait -device virtserialport,bus=virtio-serial0.0,nr=1,chardev=charchannel0,id=channel0,name=com.redhat.rhevm.vdsm -chardev socket,id=charchannel1,path=/tmp/qi6u4x64.org.qemu.guest_agent.0,server,nowait -device virtserialport,bus=virtio-serial0.0,nr=2,chardev=charchannel1,id=channel1,name=org.qemu.guest_agent.0 -chardev spicevmc,id=charchannel2,name=vdagent -device virtserialport,bus=virtio-serial0.0,nr=3,chardev=charchannel2,id=channel2,name=com.redhat.spice.0

Expected results:
guest can boot up correctly,no core dump

Additional info:
will upload the core dump file later

Comment 1 lijin 2014-09-16 06:47:01 UTC

# cat /proc/cpuinfo  
processor	: 0
vendor_id	: GenuineIntel
cpu family	: 6
model		: 26
model name	: Intel(R) Xeon(R) CPU           E5520  @ 2.27GHz
stepping	: 5
microcode	: 25
cpu MHz		: 2260.947
cache size	: 8192 KB
physical id	: 1
siblings	: 8
core id		: 0
cpu cores	: 4
apicid		: 16
initial apicid	: 16
fpu		: yes
fpu_exception	: yes
cpuid level	: 11
wp		: yes
flags		: fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush dts acpi mmx fxsr sse sse2 ss ht tm pbe syscall nx rdtscp lm constant_tsc arch_perfmon pebs bts rep_good xtopology nonstop_tsc aperfmperf pni dtes64 monitor ds_cpl vmx est tm2 ssse3 cx16 xtpr pdcm dca sse4_1 sse4_2 popcnt lahf_lm ida dts tpr_shadow vnmi flexpriority ept vpid
bogomips	: 4521.89
clflush size	: 64
cache_alignment	: 64
address sizes	: 40 bits physical, 48 bits virtual
power management:

Comment 4 Ronen Hod 2014-09-17 10:10:26 UTC

Amos,
Please examine the core dump, and if needed redirect to somebody else.

Comment 6 Amos Kong 2014-09-20 00:47:17 UTC

/* size is the word size in byte */
int register_ioport_write(pio_addr_t start, int length, int size,
                          IOPortWriteFunc *func, void *opaque)
{
    int i, bsize;

    if (ioport_bsize(size, &bsize)) {
        hw_error("register_ioport_write: invalid size");
        return -1;
    }
    for(i = start; i < start + length; i += size) {
        ioport_write_table[bsize][i] = func;
        if (ioport_opaque[i] != NULL && ioport_opaque[i] != opaque)    <<<<<<<
            hw_error("register_ioport_write: invalid opaque");         <<<<<<<
        ioport_opaque[i] = opaque;
    }
    return 0;
}


The IO point was registered repeatedly. A similar bug had been fixed in RHEL6.5 [1].
Let's see the port number to address the problem when I can access the corefile.


[1] https://bugzilla.redhat.com/show_bug.cgi?id=952240#c4

Comment 9 lijin 2014-09-22 06:15:11 UTC

gdb /usr/libexec/qemu-kvm core.17215
(gdb) bt
#0  0x00007fdad83cc915 in raise () from /lib64/libc.so.6
#1  0x00007fdad83ce0f5 in abort () from /lib64/libc.so.6
#2  0x00007fdadb946032 in hw_error (fmt=<value optimized out>) at /usr/src/debug/qemu-kvm-0.12.1.2/vl.c:521
#3  0x00007fdadb9c492d in register_ioport_write (start=<value optimized out>, length=<value optimized out>, size=6, func=0xffffffffffffffff, 
    opaque=0x7fdacbfff700) at /usr/src/debug/qemu-kvm-0.12.1.2/ioport.c:171
#4  0x00007fdadbafc8ac in qxl_map (pci=0x7fdadde40320, region_num=3, addr=49184, size=32, type=<value optimized out>)
    at /usr/src/debug/qemu-kvm-0.12.1.2/hw/qxl.c:1719
#5  0x00007fdadb95327b in pci_update_mappings (d=0x7fdadde40320) at /usr/src/debug/qemu-kvm-0.12.1.2/hw/pci.c:1097
#6  0x00007fdadbafca59 in qxl_write_config (d=0x7fdadde40320, address=4, val=1031, len=2) at /usr/src/debug/qemu-kvm-0.12.1.2/hw/qxl.c:1130
#7  0x00007fdadb96a3ad in kvm_handle_io (env=0x7fdadd411ad0) at /usr/src/debug/qemu-kvm-0.12.1.2/kvm-all.c:148
#8  kvm_run (env=0x7fdadd411ad0) at /usr/src/debug/qemu-kvm-0.12.1.2/qemu-kvm.c:1061
#9  0x00007fdadb96a4a9 in kvm_cpu_exec (env=0x7fdadd411ad0) at /usr/src/debug/qemu-kvm-0.12.1.2/qemu-kvm.c:1756
#10 0x00007fdadb96b39d in kvm_main_loop_cpu (_env=0x7fdadd411ad0) at /usr/src/debug/qemu-kvm-0.12.1.2/qemu-kvm.c:2018
#11 ap_main_loop (_env=0x7fdadd411ad0) at /usr/src/debug/qemu-kvm-0.12.1.2/qemu-kvm.c:2074
#12 0x00007fdadb2789d1 in start_thread () from /lib64/libpthread.so.0
#13 0x00007fdad8482ccd in clone () from /lib64/libc.so.6

Comment 12 lijin 2015-03-10 10:03:08 UTC

re-run 10 times on the same host with comment#0,can NOT reproduce this issue with latest qemu-kvm-rhev,guest can boot up correctly,no crash.

package info:
qemu-kvm-rhev-0.12.1.2-2.457.el6.x86_64
kernel-2.6.32-542.el6.x86_64
virtio-win-1.7.2-2.el6.noarch
seabios-0.6.1.2-29.el6.x86_64
spice-server-0.12.4-12.el6.x86_64

Comment 13 Amos Kong 2015-03-10 11:37:03 UTC

Close this bug as CURRENTRELEASE according to comment #12

Note You need to log in before you can comment on or make changes to this bug.