Bug 1182494 - BUG: qemu-kvm hang when enabled both sandbox and mlock
Summary: BUG: qemu-kvm hang when enabled both sandbox and mlock
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: Red Hat Enterprise Linux 7
Classification: Red Hat
Component: qemu-kvm-rhev
Version: 7.1
Hardware: Unspecified
OS: Unspecified
high
urgent
Target Milestone: rc
: ---
Assignee: Paolo Bonzini
QA Contact: Virtualization Bugs
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2015-01-15 09:46 UTC by mazhang
Modified: 2016-09-20 04:41 UTC (History)
13 users (show)

Fixed In Version: qemu-kvm-rhev-2.1.2-21.el7
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2015-03-05 09:58:12 UTC


Attachments (Terms of Use)
system calls (95.84 KB, text/plain)
2015-01-15 09:51 UTC, mazhang
no flags Details


Links
System ID Priority Status Summary Last Updated
Red Hat Product Errata RHSA-2015:0624 normal SHIPPED_LIVE Important: qemu-kvm-rhev security, bug fix, and enhancement update 2015-03-05 14:37:36 UTC

Description mazhang 2015-01-15 09:46:26 UTC
Description of problem:
qemu-kvm hang when enabled both sandbox and mlock

Version-Release number of selected component (if applicable):

Host:
qemu-kvm-tools-rhev-2.1.2-19.el7.x86_64
qemu-img-rhev-2.1.2-19.el7.x86_64
qemu-kvm-common-rhev-2.1.2-19.el7.x86_64
qemu-kvm-rhev-debuginfo-2.1.2-19.el7.x86_64
qemu-kvm-rhev-2.1.2-19.el7.x86_64
3.10.0-222.el7.x86_64

How reproducible:
always

Steps to Reproduce:
1.Start qemu-kvm with enable sandbox and mlock
/usr/libexec/qemu-kvm -M pc -monitor stdio -vnc :0 -realtime mlock=on -sandbox on
2.
3.

Actual results:
qemu-kvm hang.

 5600 pts/0    S+     0:00 strace /usr/libexec/qemu-kvm -M pc -monitor stdio -vnc :0 -realtime mlock=on -sandbox on
 5603 pts/0    Zl+    0:00 [qemu-kvm] <defunct>


Expected results:
qemu-kvm work well.

Additional info:

Comment 2 mazhang 2015-01-15 09:51:56 UTC
Created attachment 980391 [details]
system calls

Comment 3 mazhang 2015-01-15 09:53:08 UTC
qemu-kvm-1.5.3-60.el7 can't hit this problem.

Comment 4 mazhang 2015-01-15 10:03:56 UTC
qemu-kvm-1.5.3-85.el7.x86_64 works well.

Comment 7 mazhang 2015-01-15 11:30:28 UTC
Summary:
qemu-kvm-rhev-2.1.2-13.el7 pass
qemu-kvm-rhev-2.1.2-16.el7 pass
qemu-kvm-rhev-2.1.2-17.el7 pass
qemu-kvm-rhev-2.1.2-18.el7 fail
qemu-kvm-rhev-2.1.2-19.el7 fail

qemu-kvm-1.5.3-60.el7 pass
qemu-kvm-1.5.3-85.el7 pass

Comment 9 Eduardo Habkost 2015-01-15 19:42:00 UTC
I can reproduce it, it looks like mlockall() is missing from the syscall whitelist.

Comment 10 mazhang 2015-01-16 02:24:39 UTC
Start qemu-kvm by libvirt also hit this problem.

libvirt-1.2.8-12.el7.x86_64

/etc/libvirt/qemu.conf
...
# Use seccomp syscall whitelisting in QEMU.
# 1 = on, 0 = off, -1 = use QEMU default
# Defaults to -1.
#
seccomp_sandbox = 1
...

Libvirt xml file.
...
  <name>rhel7.1</name>
  <uuid>83ff576d-e168-49d1-9b2c-8b7f2e6643dc</uuid>
  <memory unit='KiB'>1048576</memory>
  <currentMemory unit='KiB'>1048576</currentMemory>
  <memoryBacking>
    <locked/>
  </memoryBacking>
...

Comment 15 Jeff Nelson 2015-01-23 20:00:25 UTC
Fix included in qemu-kvm-rhev-2.1.2-21.el7

Comment 17 Chao Yang 2015-01-26 07:33:56 UTC
Reproduced with qemu-kvm-rhev-2.1.2-20.el7.x86_64. 

Steps:
1. start a guest with both -sandbox on -realtime mlock=on

Actual Result:
No response from HMP. qemu-kvm died. ps shows:
[qemu-kvm] <defunct>


Verified pass with qemu-kvm-rhev-2.1.2-21.el7.x86_64. Guest can boot up correctly. So this bug got fixed.

Comment 20 errata-xmlrpc 2015-03-05 09:58:12 UTC
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://rhn.redhat.com/errata/RHSA-2015-0624.html


Note You need to log in before you can comment on or make changes to this bug.