1160503 – qemu core dumped when do stop/cont after resuming from S3 and reboot guest

RHEL Engineering is moving the tracking of its product development work on RHEL 6 through RHEL 9 to Red Hat Jira (issues.redhat.com). If you're a Red Hat customer, please continue to file support cases via the Red Hat customer portal. If you're not, please head to the "RHEL project" in Red Hat Jira and file new tickets here. Individual Bugzilla bugs in the statuses "NEW", "ASSIGNED", and "POST" are being migrated throughout September 2023. Bugs of Red Hat partners with an assigned Engineering Partner Manager (EPM) are migrated in late September as per pre-agreed dates. Bugs against components "kernel", "kernel-rt", and "kpatch" are only migrated if still in "NEW" or "ASSIGNED". If you cannot log in to RH Jira, please consult article #7032570. That failing, please send an e-mail to the RH Jira admins at rh-issues@redhat.com to troubleshoot your issue as a user management inquiry. The email creates a ServiceNow ticket with Red Hat. Individual Bugzilla bugs that are migrated will be moved to status "CLOSED", resolution "MIGRATED", and set with "MigratedToJIRA" in "Keywords". The link to the successor Jira issue will be found under "Links", have a little "two-footprint" icon next to it, and direct you to the "RHEL project" in Red Hat Jira (issue links are of type "https://issues.redhat.com/browse/RHEL-XXXX", where "X" is a digit). This same link will be available in a blue banner at the top of the page informing you that that bug has been migrated.

Bug 1160503 - qemu core dumped when do stop/cont after resuming from S3 and reboot guest

Summary: qemu core dumped when do stop/cont after resuming from S3 and reboot guest

Keywords:
Status:	CLOSED CANTFIX
Alias:	None
Product:	Red Hat Enterprise Linux 7
Classification:	Red Hat
Component:	qemu-kvm-rhev
Sub Component:
Version:	7.1
Hardware:	Unspecified
OS:	Unspecified
Priority:	medium
Severity:	medium
Target Milestone:	rc
Target Release:	---
Assignee:	Marcelo Tosatti
QA Contact:	Virtualization Bugs
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:	Virt-S3/S4-7.0 1190558
TreeView+	depends on / blocked

Reported:	2014-11-05 03:00 UTC by Sibiao Luo
Modified:	2016-09-21 00:59 UTC (History)
CC List:	10 users (show)
Fixed In Version:
Doc Type:	Bug Fix
Doc Text:
Clone Of:
Clones:	1190558 (view as bug list)
Environment:
Last Closed:	2016-09-21 00:59:13 UTC
Target Upstream Version:
Embargoed:

Attachments	(Terms of Use)

Description Sibiao Luo 2014-11-05 03:00:36 UTC

Description of problem:
use auto-test script launch a KVM guest with a IDE cdrom, do resuming from S3 and then reboot it, and do stop/cont, qemu will core dumped at that time.

Version-Release number of selected component (if applicable):
host info:
# uname -r && rpm -q qemu-kvm-rhev
3.10.0-183.el7.x86_64
qemu-kvm-rhev-2.1.2-5.el7.x86_64

How reproducible:
4/4

Steps to Reproduce:
1.use auto-test script launch a KVM guest with a IDE cdrom.

2.start suspend [echo mem > /sys/power/state]

3.sleep a while before resuming guest.

4.reboot guest and wait for guest to go down.

5.logging in after reboot.

6.sending command 'stop'/'cont'.

Actual results:
after step 5, it can logging to VM successfully.
...
11/04 18:42:47 DEBUG|    remote:0242| Login command: 'ssh -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no -o PreferredAuthentications=password -p 22 root.9.195'

after step 6, qemu core dumped ater cont the VM.
...
11/04 18:42:50 DEBUG|qemu_monit:0267| (monitor qmpmonitor1) Sending command 'cont' 
11/04 18:42:50 DEBUG|qemu_monit:1373| Send command: {'execute': 'cont', 'id': 'dIAHimAR'}
11/04 18:42:50 INFO |   aexpect:0968| [qemu output] qemu-kvm: /builddir/build/BUILD/qemu-2.1.2/hw/i386/kvm/clock.c:69: kvmclock_current_nsec: Assertion `time.tsc_timestamp <= migration_tsc' failed.
11/04 18:43:14 WARNI|env_proces:1093| virt-tests-vm1 is not alive. Can not query the register status
11/04 18:44:43 ERROR|env_proces:0720| Could not receive data from monitor    ([Errno 104] Connection reset by peer)
11/04 18:44:43 INFO |   aexpect:0968| [qemu output] /tmp/aexpect/hWIRjcmZ/aexpect-TwK037.sh: line 1: 14824 Aborted                 (core dumped)
...

Expected results:
It should no any core dumped.

Additional info:
/bin/qemu-kvm \
    -S  \
    -name 'virt-tests-vm1'  \
    -sandbox off  \
    -M pc  \
    -nodefaults  \
    -vga cirrus  \
    -chardev socket,id=qmp_id_qmpmonitor1,path=/tmp/monitor-qmpmonitor1-20141104-183850-xv81uiU4,server,nowait \
    -mon chardev=qmp_id_qmpmonitor1,mode=control  \
    -chardev socket,id=serial_id_serial0,path=/tmp/serial-serial0-20141104-183850-xv81uiU4,server,nowait \
    -device isa-serial,chardev=serial_id_serial0  \
    -chardev socket,id=seabioslog_id_20141104-183850-xv81uiU4,path=/tmp/seabios-20141104-183850-xv81uiU4,server,nowait \
    -device isa-debugcon,chardev=seabioslog_id_20141104-183850-xv81uiU4,iobase=0x402 \
    -device ich9-usb-uhci1,id=usb1,bus=pci.0,addr=03 \
    -drive id=drive_image1,if=none,cache=none,snapshot=off,aio=native,file=/root/test/autotest-devel/client/tests/virt/shared/data/images/RHEL-Server-7.1-64-virtio.qcow2 \
    -device virtio-blk-pci,id=image1,drive=drive_image1,bootindex=0,bus=pci.0,addr=04 \
    -device virtio-net-pci,mac=9a:48:49:4a:4b:4c,id=iduD6fJo,vectors=4,netdev=idSwoouV,bus=pci.0,addr=05  \
    -netdev tap,id=idSwoouV,vhost=on,vhostfd=23,fd=22  \
    -m 4096  \
    -smp 4,cores=2,threads=1,sockets=2  \
    -cpu 'SandyBridge',+kvm_pv_unhalt \
    -drive id=drive_cd1,if=none,snapshot=off,aio=native,media=cdrom,file=/root/test/autotest-devel/client/tests/virt/shared/data/images/orig.iso \
    -device ide-cd,id=cd1,drive=drive_cd1,bootindex=1,bus=ide.0,unit=0 \
    -device usb-tablet,id=usb-tablet1,bus=usb1.0,port=1  \
    -vnc :0  \
    -rtc base=utc,clock=host,driftfix=slew  \
    -boot order=cdn,once=c,menu=off  \
    -global PIIX4_PM.disable_s3=0 \
    -no-kvm-pit-reinjection \
    -enable-kvm

Comment 1 Sibiao Luo 2014-11-05 03:02:06 UTC

Core was generated by `/bin/qemu-kvm -S -name virt-tests-vm1 -sandbox off -M pc -nodefaults -vga cirru'.
Program terminated with signal 6, Aborted.
#0  0x00007faf49a71989 in raise () from /lib64/libc.so.6

(gdb) bt
#0  0x00007faf49a71989 in raise () from /lib64/libc.so.6
#1  0x00007faf49a73098 in abort () from /lib64/libc.so.6
#2  0x00007faf49a6a8f6 in __assert_fail_base () from /lib64/libc.so.6
#3  0x00007faf49a6a9a2 in __assert_fail () from /lib64/libc.so.6
#4  0x00007faf5019aa4d in kvmclock_current_nsec (s=0x7faf50e17140) at /usr/src/debug/qemu-2.1.2/hw/i386/kvm/clock.c:69
#5  kvmclock_vm_state_change (opaque=0x7faf50e17140, running=<optimized out>, state=<optimized out>)
    at /usr/src/debug/qemu-2.1.2/hw/i386/kvm/clock.c:92
#6  0x00007faf502301db in vm_state_notify (running=running@entry=1, state=state@entry=RUN_STATE_RUNNING) at vl.c:1713
#7  0x00007faf50230240 in vm_start () at vl.c:747
#8  0x00007faf5023fb49 in qmp_cont (errp=errp@entry=0x7fffd7c84fe0) at qmp.c:177
#9  0x00007faf5023b3b4 in qmp_marshal_input_cont (mon=<optimized out>, qdict=<optimized out>, ret=<optimized out>)
    at qmp-marshal.c:3025
#10 0x00007faf501530d7 in qmp_call_cmd (cmd=<optimized out>, params=0x7faf55d353c0, mon=0x7faf50e347a0)
    at /usr/src/debug/qemu-2.1.2/monitor.c:5038
#11 handle_qmp_command (parser=<optimized out>, tokens=<optimized out>) at /usr/src/debug/qemu-2.1.2/monitor.c:5104
#12 0x00007faf5038ab72 in json_message_process_token (lexer=0x7faf50e215f0, token=0x7faf524b1bf0, type=JSON_OPERATOR, 
    x=37, y=175) at qobject/json-streamer.c:87
#13 0x00007faf5039c92f in json_lexer_feed_char (lexer=lexer@entry=0x7faf50e215f0, ch=<optimized out>, 
    flush=flush@entry=false) at qobject/json-lexer.c:303
#14 0x00007faf5039c9fe in json_lexer_feed (lexer=0x7faf50e215f0, buffer=<optimized out>, size=<optimized out>)
    at qobject/json-lexer.c:356
#15 0x00007faf5038ad09 in json_message_parser_feed (parser=<optimized out>, buffer=<optimized out>, size=<optimized out>)
    at qobject/json-streamer.c:110
#16 0x00007faf5015106f in monitor_control_read (opaque=<optimized out>, buf=<optimized out>, size=<optimized out>)
    at /usr/src/debug/qemu-2.1.2/monitor.c:5125
#17 0x00007faf50227190 in qemu_chr_be_write (len=<optimized out>, buf=0x7fffd7c85150 "}\020", s=0x7faf50e1e440)
    at qemu-char.c:213
#18 tcp_chr_read (chan=<optimized out>, cond=<optimized out>, opaque=0x7faf50e1e440) at qemu-char.c:2729
#19 0x00007faf4e512ac6 in g_main_context_dispatch () from /lib64/libglib-2.0.so.0
#20 0x00007faf50345388 in glib_pollfds_poll () at main-loop.c:190
#21 os_host_main_loop_wait (timeout=<optimized out>) at main-loop.c:235
#22 main_loop_wait (nonblocking=<optimized out>) at main-loop.c:484
#23 0x00007faf5012899e in main_loop () at vl.c:2016
#24 main (argc=<optimized out>, argv=<optimized out>, envp=<optimized out>) at vl.c:4568
(gdb)

Note You need to log in before you can comment on or make changes to this bug.