RHEL Engineering is moving the tracking of its product development work on RHEL 6 through RHEL 9 to Red Hat Jira (issues.redhat.com). If you're a Red Hat customer, please continue to file support cases via the Red Hat customer portal. If you're not, please head to the "RHEL project" in Red Hat Jira and file new tickets here. Individual Bugzilla bugs in the statuses "NEW", "ASSIGNED", and "POST" are being migrated throughout September 2023. Bugs of Red Hat partners with an assigned Engineering Partner Manager (EPM) are migrated in late September as per pre-agreed dates. Bugs against components "kernel", "kernel-rt", and "kpatch" are only migrated if still in "NEW" or "ASSIGNED". If you cannot log in to RH Jira, please consult article #7032570. That failing, please send an e-mail to the RH Jira admins at rh-issues@redhat.com to troubleshoot your issue as a user management inquiry. The email creates a ServiceNow ticket with Red Hat. Individual Bugzilla bugs that are migrated will be moved to status "CLOSED", resolution "MIGRATED", and set with "MigratedToJIRA" in "Keywords". The link to the successor Jira issue will be found under "Links", have a little "two-footprint" icon next to it, and direct you to the "RHEL project" in Red Hat Jira (issue links are of type "https://issues.redhat.com/browse/RHEL-XXXX", where "X" is a digit). This same link will be available in a blue banner at the top of the page informing you that that bug has been migrated.
Bug 1481945 - core dumped if quit qemu when install win2016 guest with iscsi backend
Summary: core dumped if quit qemu when install win2016 guest with iscsi backend
Keywords:
Status: CLOSED DUPLICATE of bug 1451015
Alias: None
Product: Red Hat Enterprise Linux 7
Classification: Red Hat
Component: qemu-kvm-rhev
Version: 7.4
Hardware: x86_64
OS: Unspecified
high
high
Target Milestone: rc
: ---
Assignee: Virtualization Maintenance
QA Contact: Suqin Huang
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2017-08-16 06:25 UTC by Longxiang Lyu
Modified: 2017-08-16 08:52 UTC (History)
11 users (show)

Fixed In Version:
Doc Type: If docs needed, set a value
Doc Text:
Clone Of:
Environment:
Last Closed: 2017-08-16 08:52:12 UTC
Target Upstream Version:
Embargoed:

Attachments (Terms of Use)

Description Longxiang Lyu 2017-08-16 06:25:26 UTC 
Description of problem:
core dumped if quit qemu when install win2016 guest with iscsi backend

Version-Release number of selected component (if applicable):
Kernel: 3.10.0-698.el7.x86_64
Qemu-kvm: 2.9.0-16.el7_4.4.x86_64
Guest: win2016
Iscsi backend: iscsi://10.73.199.233:3260/iqn.2017-04.com.example:t1/0

How reproducible:
50%

Steps to Reproduce:
1. Create image
# qemu-img create -f qcow2 iscsi://10.73.199.233:3260/iqn.2017-04.com.example:t1/0 30G

2. Install win2016 guest with command
#!/bin/bash
/usr/libexec/qemu-kvm \
-machine pc-i440fx-rhel7.4.0,accel=kvm,usb=off,vmport=off,dump-guest-core=off \
-cpu SandyBridge \
-m 4G \
-smp 4,sockets=4,cores=1,threads=1 \
-boot strict=on \
-device virtio-scsi-pci,bus=pci.0,addr=0x5,id=scsi1 \
-drive file=iscsi://10.73.199.233:3260/iqn.2017-04.com.example:t1/0,if=none,format=raw,cache=none,id=img0,aio=native \
-device scsi-hd,bus=scsi1.0,drive=img0,scsi-id=0,lun=0,id=scsi-disk0,bootindex=1 \
-object secret,id=key0,file=/home/test/iscsi/iscsi-password \
-drive media=cdrom,file=/home/iso/ISO/Win2016/en_windows_server_2016_x64_dvd_9718492.iso,format=raw,if=none,id=iso0,readonly=on \
-device ide-cd,bus=ide.0,drive=iso0,id=ide-cd.0,bootindex=2 \
-drive media=cdrom,file=/home/iso/windows/virtio-win-1.9.3-1.el7.iso,format=raw,if=none,id=iso1 \
-device ide-cd,bus=ide.0,drive=iso1,id=ide-cd.1 \
-netdev tap,id=hostnet0,vhost=on \
-device virtio-net-pci,netdev=hostnet0,id=net0,mac=52:54:22:b3:20:61,bus=pci.0,addr=0x3 \
-device qxl-vga \
-usbdevice tablet \
-vnc :2 \
-device virtio-balloon-pci,id=balloon0,bus=pci.0,addr=0x8 \
-monitor stdio \
-qmp tcp:0:4444,server,nowait \

3. Quit qemu during Windows “Loading File”

Actual results:
# ./cml-win2016.sh 
QEMU 2.9.0 monitor - type 'help' for more information
(qemu) quit
./cml-win2016.sh: line 24: 13936 Segmentation fault      (core dumped) /usr/libexec/qemu-kvm -machine pc-i440fx-rhel7.4.0,accel=kvm,usb=off,vmport=off,dump-guest-core=off -cpu SandyBridge -m 4G -smp 4,sockets=4,cores=1,threads=1 -boot strict=on -device virtio-scsi-pci,bus=pci.0,addr=0x5,id=scsi1 -drive file=iscsi://10.73.199.233:3260/iqn.2017-04.com.example:t1/0,if=none,format=raw,cache=none,id=img0,aio=native -device scsi-hd,bus=scsi1.0,drive=img0,scsi-id=0,lun=0,id=scsi-disk0,bootindex=1 -object secret,id=key0,file=/home/test/iscsi/iscsi-password -drive media=cdrom,file=/home/iso/ISO/Win2016/en_windows_server_2016_x64_dvd_9718492.iso,format=raw,if=none,id=iso0,readonly=on -device ide-cd,bus=ide.0,drive=iso0,id=ide-cd.0,bootindex=2 -drive media=cdrom,file=/home/iso/windows/virtio-win-1.9.3-1.el7.iso,format=raw,if=none,id=iso1 -device ide-cd,bus=ide.0,drive=iso1,id=ide-cd.1 -netdev tap,id=hostnet0,vhost=on -device virtio-net-pci,netdev=hostnet0,id=net0,mac=52:54:22:b3:20:61,bus=pci.0,addr=0x3 -device qxl-vga -usbdevice tablet -vnc :2 -device virtio-balloon-pci,id=balloon0,bus=pci.0,addr=0x8 -monitor stdio -qmp tcp:0:4444,server,nowait

# gdb -c core.31241 -q
[New LWP 31253]
[New LWP 31255]
[New LWP 31254]
[New LWP 31304]
[New LWP 31256]
[New LWP 31326]
[New LWP 31242]
[New LWP 31312]
[New LWP 31241]
Missing separate debuginfo for the main executable file
Try: yum --enablerepo='*debug*' install /usr/lib/debug/.build-id/f4/4ad9c1136df64b98e5f0af97d898a0a19634c9
Core was generated by `/usr/libexec/qemu-kvm -machine pc-i440fx-rhel7.4.0,accel=kvm,usb=off,vmport=off'.
Program terminated with signal 11, Segmentation fault.
#0  0x00005617020d0790 in ?? ()
(gdb) bt
#0  0x00005617020d0790 in ?? ()
#1  0x00005617020c5627 in ?? ()
#2  0x0000000000095e78 in ?? ()
#3  0x00005617020c4da0 in ?? ()
#4  0x0000000000001000 in ?? ()
#5  0x0000561706806ac0 in ?? ()
#6  0x0000561705ed6a68 in ?? ()
#7  0x0000561706806ae0 in ?? ()
#8  0x0000000000000800 in ?? ()
#9  0x0000561705ed6a68 in ?? ()
#10 0x0000000000095e78 in ?? ()
#11 0x00005617020c56a5 in ?? ()
#12 0x0000561701fcf490 in ?? ()
#13 0x0000561706806ac0 in ?? ()
#14 0x0000561706806ac0 in ?? ()
#15 0x0000561701fd241d in ?? ()
#16 0x00007f07af30e6b0 in ?? ()
#17 0x0000561705ed6a68 in ?? ()
#18 0x0000561705ed6d60 in ?? ()
#19 0x0000000000000050 in ?? ()
#20 0x0000561701fd4810 in ?? ()
#21 0x0000000000000000 in ?? ()

Expected results:
Qemu quits with no segmentation fault.
Comment 2 Longxiang Lyu 2017-08-16 07:00:11 UTC 
Correct the core info in description:
# gdb -c core.22986 -q
[New LWP 22996]
[New LWP 23065]
[New LWP 23016]
[New LWP 22998]
[New LWP 22997]
[New LWP 23031]
[New LWP 22999]
[New LWP 22987]
[New LWP 22986]
Reading symbols from /usr/libexec/qemu-kvm...Reading symbols from /usr/lib/debug/usr/libexec/qemu-kvm.debug...done.
done.
[Thread debugging using libthread_db enabled]
Using host libthread_db library "/lib64/libthread_db.so.1".
Core was generated by `/usr/libexec/qemu-kvm -machine pc-i440fx-rhel7.4.0,accel=kvm,usb=off,vmport=off'.
Program terminated with signal 11, Segmentation fault.
#0  bdrv_inc_in_flight (bs=bs@entry=0x0) at block/io.c:508
508	    atomic_inc(&bs->in_flight);
Missing separate debuginfos, use: debuginfo-install boost-system-1.53.0-27.el7.x86_64 boost-thread-1.53.0-27.el7.x86_64 bzip2-libs-1.0.6-13.el7.x86_64 celt051-0.5.1.3-8.el7.x86_64 cyrus-sasl-gssapi-2.1.26-21.el7.x86_64 cyrus-sasl-lib-2.1.26-21.el7.x86_64 cyrus-sasl-md5-2.1.26-21.el7.x86_64 cyrus-sasl-plain-2.1.26-21.el7.x86_64 cyrus-sasl-scram-2.1.26-21.el7.x86_64 elfutils-libelf-0.168-8.el7.x86_64 elfutils-libs-0.168-8.el7.x86_64 glib2-2.50.3-3.el7.x86_64 glibc-2.17-196.el7.x86_64 glusterfs-api-3.8.4-18.4.el7.x86_64 glusterfs-libs-3.8.4-18.4.el7.x86_64 gmp-6.0.0-15.el7.x86_64 gnutls-3.3.26-9.el7.x86_64 gperftools-libs-2.4-8.el7.x86_64 keyutils-libs-1.5.8-3.el7.x86_64 krb5-libs-1.15.1-8.el7.x86_64 libacl-2.2.51-12.el7.x86_64 libaio-0.3.109-13.el7.x86_64 libattr-2.4.46-12.el7.x86_64 libblkid-2.23.2-43.el7.x86_64 libcacard-2.5.2-2.el7.x86_64 libcap-2.22-9.el7.x86_64 libcom_err-1.42.9-10.el7.x86_64 libcurl-7.29.0-42.el7.x86_64 libdb-5.3.21-20.el7.x86_64 libffi-3.0.13-18.el7.x86_64 libgcc-4.8.5-16.el7.x86_64 libgcrypt-1.5.3-14.el7.x86_64 libgpg-error-1.12-3.el7.x86_64 libibverbs-13-7.el7.x86_64 libidn-1.28-4.el7.x86_64 libiscsi-1.9.0-7.el7.x86_64 libjpeg-turbo-1.2.90-5.el7.x86_64 libmount-2.23.2-43.el7.x86_64 libnl3-3.2.28-4.el7.x86_64 libpng-1.5.13-7.el7_2.x86_64 librados2-0.94.5-2.el7.x86_64 librbd1-0.94.5-2.el7.x86_64 librdmacm-13-7.el7.x86_64 libseccomp-2.3.1-3.el7.x86_64 libselinux-2.5-11.el7.x86_64 libssh2-1.4.3-10.el7_2.1.x86_64 libstdc++-4.8.5-16.el7.x86_64 libtasn1-4.10-1.el7.x86_64 libunwind-1.2-2.el7.x86_64 libusbx-1.0.20-1.el7.x86_64 libuuid-2.23.2-43.el7.x86_64 lzo-2.06-8.el7.x86_64 nettle-2.7.1-8.el7.x86_64 nspr-4.13.1-1.0.el7_3.x86_64 nss-3.28.4-8.el7.x86_64 nss-softokn-freebl-3.28.3-6.el7.x86_64 nss-util-3.28.4-3.el7.x86_64 numactl-libs-2.0.9-6.el7_2.x86_64 openldap-2.4.44-5.el7.x86_64 openssl-libs-1.0.2k-8.el7.x86_64 p11-kit-0.23.5-3.el7.x86_64 pcre-8.32-17.el7.x86_64 pixman-0.34.0-1.el7.x86_64 snappy-1.1.0-3.el7.x86_64 spice-server-0.12.8-3.el7.x86_64 systemd-libs-219-42.el7.x86_64 usbredir-0.7.1-2.el7.x86_64 xz-libs-5.2.2-1.el7.x86_64 zlib-1.2.7-17.el7.x86_64
(gdb) bt
#0  bdrv_inc_in_flight (bs=bs@entry=0x0) at block/io.c:508
#1  0x000055bce1f6bd07 in blk_aio_prwv (blk=0x55bce4b241e0, offset=offset@entry=203360256, bytes=2048, 
    qiov=qiov@entry=0x55bce6c6f020, co_entry=co_entry@entry=0x55bce1f6b480 <blk_aio_read_entry>, 
    flags=flags@entry=0, cb=cb@entry=0x55bce1e75b90 <ide_buffered_readv_cb>, 
    opaque=opaque@entry=0x55bce6c6f000) at block/block-backend.c:1145
#2  0x000055bce1f6bd85 in blk_aio_preadv (blk=<optimized out>, offset=offset@entry=203360256, 
    qiov=qiov@entry=0x55bce6c6f020, flags=flags@entry=0, 
    cb=cb@entry=0x55bce1e75b90 <ide_buffered_readv_cb>, opaque=opaque@entry=0x55bce6c6f000)
    at block/block-backend.c:1250
#3  0x000055bce1e78b1d in ide_buffered_readv (s=s@entry=0x55bce633aa68, sector_num=397188, 
    iov=iov@entry=0x55bce633ad60, nb_sectors=nb_sectors@entry=4, 
    cb=cb@entry=0x55bce1e7c020 <cd_read_sector_cb>, opaque=opaque@entry=0x55bce633aa68)
    at hw/ide/core.c:637
#4  0x000055bce1e7b041 in cd_read_sector (s=0x55bce633aa68) at hw/ide/atapi.c:198
#5  ide_atapi_cmd_reply_end (s=0x55bce633aa68) at hw/ide/atapi.c:272
#6  0x000055bce1e76494 in ide_data_readw (opaque=<optimized out>, addr=<optimized out>)
    at hw/ide/core.c:2262
#7  0x000055bce1d23020 in portio_read (opaque=0x55bce4ade1c0, addr=0, size=2)
    at /usr/src/debug/qemu-2.9.0/ioport.c:180
#8  0x000055bce1d2db2c in memory_region_read_accessor (mr=0x55bce4ade1c0, addr=0, value=0x7ff7ad5f7860, 
    size=2, shift=0, mask=65535, attrs=...) at /usr/src/debug/qemu-2.9.0/memory.c:435
#9  0x000055bce1d2b4b9 in access_with_adjusted_size (addr=addr@entry=0, 
    value=value@entry=0x7ff7ad5f7860, size=size@entry=2, access_size_min=<optimized out>, 
    access_size_max=<optimized out>, access=access@entry=0x55bce1d2db00 <memory_region_read_accessor>, 
    mr=mr@entry=0x55bce4ade1c0, attrs=attrs@entry=...) at /usr/src/debug/qemu-2.9.0/memory.c:592
#10 0x000055bce1d2e8c6 in memory_region_dispatch_read1 (attrs=..., size=2, pval=0x7ff7ad5f7860, addr=0, 
    mr=0x55bce4ade1c0) at /usr/src/debug/qemu-2.9.0/memory.c:1238
#11 memory_region_dispatch_read (mr=mr@entry=0x55bce4ade1c0, addr=addr@entry=0, 
    pval=pval@entry=0x7ff7ad5f7860, size=size@entry=2, attrs=attrs@entry=...)
    at /usr/src/debug/qemu-2.9.0/memory.c:1269
#12 0x000055bce1ce1a02 in address_space_read_continue (as=as@entry=0x55bce25b58e0 <address_space_io>, 
    addr=addr@entry=496, attrs=..., attrs@entry=..., 
    buf=buf@entry=0x7ff7bf0053fe <Address 0x7ff7bf0053fe out of bounds>, len=len@entry=2, addr1=0, l=2, 
    mr=0x55bce4ade1c0) at /usr/src/debug/qemu-2.9.0/exec.c:2844
#13 0x000055bce1ce1ab7 in address_space_read_full (as=0x55bce25b58e0 <address_space_io>, addr=496, 
    addr@entry=0, attrs=..., buf=buf@entry=0x7ff7bf0053fe <Address 0x7ff7bf0053fe out of bounds>, 
    len=len@entry=2) at /usr/src/debug/qemu-2.9.0/exec.c:2895
#14 0x000055bce1ce1c1e in address_space_read (len=2, 
    buf=0x7ff7bf0053fe <Address 0x7ff7bf0053fe out of bounds>, attrs=..., addr=0, as=<optimized out>)
    at /usr/src/debug/qemu-2.9.0/include/exec/memory.h:1718
#15 address_space_rw (as=<optimized out>, addr=addr@entry=496, attrs=..., attrs@entry=..., 
    buf=buf@entry=0x7ff7bf0053fe <Address 0x7ff7bf0053fe out of bounds>, len=len@entry=2, 
    is_write=is_write@entry=false) at /usr/src/debug/qemu-2.9.0/exec.c:2909
#16 0x000055bce1d2a5ba in kvm_handle_io (count=512, size=2, direction=<optimized out>, 
    data=<optimized out>, attrs=..., port=496) at /usr/src/debug/qemu-2.9.0/kvm-all.c:1828
#17 kvm_cpu_exec (cpu=cpu@entry=0x55bce4dd2000) at /usr/src/debug/qemu-2.9.0/kvm-all.c:2057
#18 0x000055bce1d177d2 in qemu_kvm_cpu_thread_fn (arg=0x55bce4dd2000)
    at /usr/src/debug/qemu-2.9.0/cpus.c:1118
#19 0x00007ff7b4dc4e25 in start_thread () from /lib64/libpthread.so.0
---Type <return> to continue, or q <return> to quit---
Comment 5 Dr. David Alan Gilbert 2017-08-16 08:52:12 UTC 
Yep that's the same as 1451015

*** This bug has been marked as a duplicate of bug 1451015 ***
Note You need to log in before you can comment on or make changes to this bug.