RHEL Engineering is moving the tracking of its product development work on RHEL 6 through RHEL 9 to Red Hat Jira (issues.redhat.com). If you're a Red Hat customer, please continue to file support cases via the Red Hat customer portal. If you're not, please head to the "RHEL project" in Red Hat Jira and file new tickets here. Individual Bugzilla bugs in the statuses "NEW", "ASSIGNED", and "POST" are being migrated throughout September 2023. Bugs of Red Hat partners with an assigned Engineering Partner Manager (EPM) are migrated in late September as per pre-agreed dates. Bugs against components "kernel", "kernel-rt", and "kpatch" are only migrated if still in "NEW" or "ASSIGNED". If you cannot log in to RH Jira, please consult article #7032570. That failing, please send an e-mail to the RH Jira admins at rh-issues@redhat.com to troubleshoot your issue as a user management inquiry. The email creates a ServiceNow ticket with Red Hat. Individual Bugzilla bugs that are migrated will be moved to status "CLOSED", resolution "MIGRATED", and set with "MigratedToJIRA" in "Keywords". The link to the successor Jira issue will be found under "Links", have a little "two-footprint" icon next to it, and direct you to the "RHEL project" in Red Hat Jira (issue links are of type "https://issues.redhat.com/browse/RHEL-XXXX", where "X" is a digit). This same link will be available in a blue banner at the top of the page informing you that that bug has been migrated.
Bug 1340971 - qemu: accel=tcg does not implement SSE 4 properly
Summary: qemu: accel=tcg does not implement SSE 4 properly
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: Red Hat Enterprise Linux 7
Classification: Red Hat
Component: qemu-kvm
Version: 7.2
Hardware: Unspecified
OS: Unspecified
high
urgent
Target Milestone: rc
: ---
Assignee: Paolo Bonzini
QA Contact: Guo, Zhiyi
URL:
Whiteboard:
Depends On: 1270703
Blocks: 1366535
TreeView+ depends on / blocked
 
Reported: 2016-05-31 02:59 UTC by Andrew Beekhof
Modified: 2016-11-03 20:14 UTC (History)
23 users (show)

Fixed In Version: qemu-kvm-1.5.3-114.el7
Doc Type: Bug Fix
Doc Text:
Previously, with KVM disabled, calling the Streaming SIMD Extensions 4 (SSE4) version of the strstr() function returned incorrect results due to incorrect support for emulation of SSE4 instructions. This update fixes this support, and calling SSE4 strstr() now returns correct results.
Clone Of: 1270703
: 1366535 (view as bug list)
Environment:
Last Closed: 2016-11-03 20:14:04 UTC
Target Upstream Version:
Embargoed:

Attachments (Terms of Use)
seabios log ans screenshot (3.88 KB, application/x-bzip)
2016-09-13 10:08 UTC, Guo, Zhiyi 		no flags Details
View All


Links
System ID Private Priority Status Summary Last Updated
Red Hat Product Errata RHSA-2016:2585 0 normal SHIPPED_LIVE Moderate: qemu-kvm security, bug fix, and enhancement update 2016-11-03 12:09:03 UTC

Description Andrew Beekhof 2016-05-31 02:59:04 UTC 
Can we get this fixed in RHEL too please?
Managing to reliably hit it just by calling:

    strstr("pacemaker-1.0.rng", ".rng")

+++ This bug was initially created as a clone of Bug #1270703 +++

Description of problem:

An old SSE4 strstr from glibc returns incorrect results if running with qemu in accel=tcg mode.

Version-Release number of selected component (if applicable):

qemu-kvm-2.3.1-3.fc22.x86_64

How reproducible:

Always.

Steps to Reproduce:
1. Compile the attached self-contained reproducer.
2. Run it with ./tst-strstr

Actual results:

Output looks like this:

error: needle not found at offset 3 (0x4007a3)
error: needle not found at offset 4 (0x4007a4)
error: needle not found at offset 5 (0x4007a5)
…

Expected results:

No output.

Additional info:

Test case was extracted from glibc 2.17.  Current Fedora no longer has this strstr implementation, but you can test with CentOS 7 in a guest as well.

qemu-kvm command line:

/usr/bin/qemu-system-x86_64 -machine accel=kvm -name rhel7.0 -S -machine pc-i440fx-2.3,accel=tcg,usb=off -cpu SandyBridge -m 2048 -realtime mlock=off -smp 2,sockets=2,cores=1,threads=1 -uuid b885eb90-c211-4554-bb3e-9406008d8cb5 -no-user-config -nodefaults -chardev socket,id=charmonitor,path=/var/lib/libvirt/qemu/rhel7.0.monitor,server,nowait -mon chardev=charmonitor,id=monitor,mode=control -rtc base=utc,driftfix=slew -global kvm-pit.lost_tick_policy=discard -no-hpet -no-shutdown -global PIIX4_PM.disable_s3=1 -global PIIX4_PM.disable_s4=1 -boot strict=on -device ich9-usb-ehci1,id=usb,bus=pci.0,addr=0x6.0x7 -device ich9-usb-uhci1,masterbus=usb.0,firstport=0,bus=pci.0,multifunction=on,addr=0x6 -device ich9-usb-uhci2,masterbus=usb.0,firstport=2,bus=pci.0,addr=0x6.0x1 -device ich9-usb-uhci3,masterbus=usb.0,firstport=4,bus=pci.0,addr=0x6.0x2 -device virtio-serial-pci,id=virtio-serial0,bus=pci.0,addr=0x5 -drive file=/var/lib/libvirt/images/rhel7.0.qcow2,if=none,id=drive-virtio-disk0,format=qcow2 -device virtio-blk-pci,scsi=off,bus=pci.0,addr=0x7,drive=drive-virtio-disk0,id=virtio-disk0,bootindex=1 -netdev tap,fd=23,id=hostnet0 -device virtio-net-pci,netdev=hostnet0,id=net0,mac=52:54:00:05:91:43,bus=pci.0,addr=0x3 -chardev pty,id=charserial0 -device isa-serial,chardev=charserial0,id=serial0 -chardev socket,id=charchannel0,path=/var/lib/libvirt/qemu/channel/target/rhel7.0.org.qemu.guest_agent.0,server,nowait -device virtserialport,bus=virtio-serial0.0,nr=1,chardev=charchannel0,id=channel0,name=org.qemu.guest_agent.0 -chardev spicevmc,id=charchannel1,name=vdagent -device virtserialport,bus=virtio-serial0.0,nr=2,chardev=charchannel1,id=channel1,name=com.redhat.spice.0 -device usb-tablet,id=input0 -spice port=5900,addr=127.0.0.1,disable-ticketing,image-compression=off,seamless-migration=on -device qxl-vga,id=video0,ram_size=67108864,vram_size=67108864,vgamem_mb=16,bus=pci.0,addr=0x2 -device intel-hda,id=sound0,bus=pci.0,addr=0x4 -device hda-duplex,id=sound0-codec0,bus=sound0.0,cad=0 -chardev spicevmc,id=charredir0,name=usbredir -device usb-redir,chardev=charredir0,id=redir0 -chardev spicevmc,id=charredir1,name=usbredir -device usb-redir,chardev=charredir1,id=redir1 -device virtio-balloon-pci,id=balloon0,bus=pci.0,addr=0x8 -msg timestamp=on

--- Additional comment from Florian Weimer on 2015-10-12 04:16 EDT ---

compiled x86_64 program

--- Additional comment from Paolo Bonzini on 2015-10-12 05:11:16 EDT ---

Can you attach a statically linked binary?

--- Additional comment from Paolo Bonzini on 2015-10-12 05:24:51 EDT ---

Nevermind, I can reproduce it with the attached binary.

--- Additional comment from Florian Weimer on 2015-10-12 09:00:10 EDT ---

Paolo posted a fix upstream: http://lists.nongnu.org/archive/html/qemu-devel/2015-10/msg02605.html

--- Additional comment from Fedora Update System on 2015-12-07 16:30:10 EST ---

qemu-2.3.1-8.fc22 has been submitted as an update to Fedora 22. https://bodhi.fedoraproject.org/updates/FEDORA-2015-686f289aa5

--- Additional comment from Fedora Update System on 2015-12-08 18:51:22 EST ---

qemu-2.3.1-8.fc22 has been pushed to the Fedora 22 testing repository. If problems still persist, please make note of it in this bug report.
If you want to test the update, you can install it with
$ su -c 'dnf --enablerepo=updates-testing update qemu'
You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-2015-686f289aa5

--- Additional comment from Cole Robinson on 2015-12-30 15:40:07 EST ---

Update is in stable now
Comment 2 Miroslav Rezanina 2016-06-15 09:20:34 UTC 
Fix included in qemu-kvm-1.5.3-114.el7
Comment 5 Andrew Beekhof 2016-06-16 23:17:55 UTC 
Yes please :)
Comment 8 Miroslav Rezanina 2016-08-16 07:33:32 UTC 
Fix included in qemu-kvm-1.5.3-105.el7_2.8
Comment 10 Guo, Zhiyi 2016-09-13 10:08:20 UTC 
Created attachment 1200445 [details]
seabios log ans screenshot

Test against qemu-kvm-1.5.3-123.el7.x86_64, rhel7.3 guest cannot boot when using accel=tcg.

qemu cli used:
/usr/libexec/qemu-kvm -name rhel7.3 -m 2048 \
	-machine accel=kvm \
	-machine pc,accel=tcg \
         -vga qxl\
        -spice port=3003,disable-ticketing \
        -device virtio-serial -chardev spicevmc,id=vdagent,debug=0,name=vdagent \
        -serial unix:/tmp/m,server,nowait \
        -device virtserialport,chardev=vdagent,name=com.redhat.spice.0 \
        -drive file=/home/ss1rhel73.qcow2,if=none,id=drive-scsi-disk0,format=qcow2,cache=none,werror=stop,rerror=stop -device virtio-scsi-pci,id=scsi0 -device scsi-hd,drive=drive-scsi-disk0,bus=scsi0.0,scsi-id=0,lun=0,id=scsi-disk0,bootindex=1 \
        -monitor stdio \
        -usb -device usb-kbd,id=input0 \
        -netdev tap,id=idinWyYp,vhost=on -device virtio-net-pci,mac=42:ce:a9:d2:4d:d7,id=idlbq7eA,netdev=idinWyYp \
        -qmp tcp:localhost:4444,server,nowait \
	-global isa-debugcon.iobase=0x402 -debugcon file:/home/seabios.log \

Rhel7.3 guest can boot if remove -machine pc,accel=tcg. Only seabios boot information present in spice, please see screenshot of the problem. Attach seabios log also
Comment 11 Guo, Zhiyi 2016-09-13 10:09:18 UTC 
Hi Paolo,

could u look at this?

BR/
Guo, Zhiyi
Comment 12 Paolo Bonzini 2016-09-13 19:07:22 UTC 
Can you put the qcow2 image somewhere for me to download?
Comment 14 Paolo Bonzini 2016-09-15 17:26:02 UTC 
Hi Zhiyi,

I couldn't find the root cause but you can work around the failure by disabling the NIC ("-net none" and no "-netdev" or "-device virtio-net-pci"). Also, please add "-cpu SandyBridge" to ensure that your guest uses SSE4.

Here is the command line I used:

/usr/libexec/qemu-kvm -name rhel7.3 -m 2048 -machine pc,accel=tcg \
  -serial mon:stdio -global isa-debugcon.iobase=0x402 \
  -debugcon file:/home/seabios.log -hda ../ss1rhel73.qcow2 \
  -snapshot -serial mon:stdio -vnc :0 -net none -cpu SandyBridge

The NIC failure certainly wouldn't be approved for 7.3, and the OpenStack team is more interested in 7.2.z so I'll open a separate bug.  Thanks!
Comment 15 Guo, Zhiyi 2016-09-16 10:30:15 UTC 
Thanks Paolo!

Reproduce this issue against qemu-kvm-1.5.3-113.el7.x86_64 and rhel7.3 host with kernel 3.10.0-505.el7.x86_64

qemu cli used:
/usr/libexec/qemu-kvm -name rhel7.3 -m 2048 -machine pc,accel=tcg \
  -serial mon:stdio -global isa-debugcon.iobase=0x402 \
  -debugcon file:/home/seabios.log -hda ../ss1rhel73.qcow2 \
  -snapshot -serial mon:stdio -vnc :0 -net none -cpu SandyBridge

Steps:
1. execute reproducer bin from https://bugzilla.redhat.com/attachment.cgi?id=1081905 inside host

results:
#./tst-strstr
error: needle not found at offset 3 (0x400cc3)
error: needle not found at offset 4 (0x400cc4)
error: needle not found at offset 5 (0x400cc5)
error: needle not found at offset 6 (0x400cc6)
....

Verify this issue against qemu-kvm-1.5.3-123.el7.x86_64, nothing output after executing reproducer bin.
Comment 16 Guo, Zhiyi 2016-09-16 10:31:03 UTC 
Move to verified per comment 15
Comment 18 errata-xmlrpc 2016-11-03 20:14:04 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://rhn.redhat.com/errata/RHSA-2016-2585.html
Note You need to log in before you can comment on or make changes to this bug.