1622963 – Qemu core dump when setting poll-max-ns=9223372036854775808(2^63)

Bug 1622963 - Qemu core dump when setting poll-max-ns=9223372036854775808(2^63)

Summary: Qemu core dump when setting poll-max-ns=9223372036854775808(2^63)

Keywords:
Status:	CLOSED DUPLICATE of bug 1607768
Alias:	None
Product:	Red Hat Enterprise Linux Advanced Virtualization
Classification:	Red Hat
Component:	qemu-kvm
Sub Component:
Version:	---
Hardware:	Unspecified
OS:	Unspecified
Priority:	low
Severity:	medium
Target Milestone:	rc
Target Release:	8.0
Assignee:	Stefan Hajnoczi
QA Contact:	lchai
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:	1649160
TreeView+	depends on / blocked

Reported:	2018-08-28 09:20 UTC by aihua liang
Modified:	2019-02-22 22:12 UTC (History)
CC List:	8 users (show)
Fixed In Version:
Doc Type:	If docs needed, set a value
Doc Text:
Clone Of:
Environment:
Last Closed:	2019-01-02 15:38:05 UTC
Type:	Bug
Target Upstream Version:
Embargoed:
Dependent Products:

Attachments	(Terms of Use)
coredump_file (1.21 MB, application/x-gzip) 2018-08-28 09:21 UTC, aihua liang	no flags	Details
View All

Description aihua liang 2018-08-28 09:20:06 UTC

Description of problem:
 Qemu core dump when setting poll-max-ns=9223372036854775808(2^63)

Version-Release number of selected component (if applicable):
 kernel version:3.10.0-935.el7.x86_64
 qemu-kvm-rhev version:qemu-kvm-rhev-2.12.0-11.el7.x86_64

How reproducible:
 100%

Steps to Reproduce:
1. Start guest with dataplane's property setting "poll-max-ns=9223372036854775808", cmds as bellow:
  /usr/libexec/qemu-kvm \
    -name 'avocado-vt-vm1'  \
    -sandbox off  \
    -machine pc  \
    -nodefaults \
    -device VGA,bus=pci.0,addr=0x2  \
    -chardev socket,id=qmp_id_qmpmonitor1,path=/var/tmp/monitor-qmpmonitor1-20180822-083928-y8PRqUqd,server,nowait \
    -mon chardev=qmp_id_qmpmonitor1,mode=control  \
    -chardev socket,id=qmp_id_catch_monitor,path=/var/tmp/monitor-catch_monitor-20180822-083928-y8PRqUqd,server,nowait \
    -mon chardev=qmp_id_catch_monitor,mode=control \
    -device pvpanic,ioport=0x505,id=idVmd181  \
    -chardev socket,id=serial_id_serial0,path=/var/tmp/serial-serial0-20180822-083928-y8PRqUqd,server,nowait \
    -device isa-serial,chardev=serial_id_serial0  \
    -chardev socket,id=seabioslog_id_20180822-083928-y8PRqUqd,path=/var/tmp/seabios-20180822-083928-y8PRqUqd,server,nowait \
    -device isa-debugcon,chardev=seabioslog_id_20180822-083928-y8PRqUqd,iobase=0x402 \
    -device nec-usb-xhci,id=usb1,bus=pci.0,addr=0x3 \
    -object iothread,id=iothread0,poll-max-ns=9223372036854775808 \
    -device virtio-scsi-pci,id=scsi0,iothread=iothread0 \
    -drive id=drive_image1,if=none,snapshot=off,aio=threads,cache=directsync,format=qcow2,file=/home/kvm_autotest_root/images/rhel76-64-virtio-scsi.qcow2 \
    -device scsi-hd,drive=drive_image1,bus=scsi0.0,id=image1 \
    -device virtio-net-pci,mac=9a:1e:1f:20:21:22,id=idVobBWE,vectors=4,netdev=idH1zOQ2,bus=pci.0,addr=0x6  \
    -netdev tap,id=idH1zOQ2,vhost=on \
    -m 4096  \
    -smp 8,maxcpus=8,cores=4,threads=1,sockets=2  \
    -cpu host \
    -device usb-tablet,id=usb-tablet1,bus=usb1.0,port=1  \
    -vnc :0  \
    -rtc base=utc,clock=host,driftfix=slew  \
    -boot menu=off,strict=off,order=cdn,once=d \
    -enable-kvm \
    -monitor stdio \
    -spice disable-ticketing,port=5000 \

Actual results:
 Guest failed to start with qemu core dump info:
   qemu-kvm: util/qemu-thread-posix.c:131: qemu_cond_destroy: Assertion `cond->initialized' failed.
ta.txt: line 33: 20501 Aborted                 (core dumped) /usr/libexec/qemu-kvm -name 'avocado-vt-vm1' -sandbox off -machine pc -nodefaults -device VGA,bus=pci.0,addr=0x2 -chardev socket,id=qmp_id_qmpmonitor1,path=/var/tmp/monitor-qmpmonitor1-20180822-083928-y8PRqUqd,server,nowait -mon chardev=qmp_id_qmpmonitor1,mode=control -chardev socket,id=qmp_id_catch_monitor,path=/var/tmp/monitor-catch_monitor-20180822-083928-y8PRqUqd,server,nowait -mon chardev=qmp_id_catch_monitor,mode=control -device pvpanic,ioport=0x505,id=idVmd181 -chardev socket,id=serial_id_serial0,path=/var/tmp/serial-serial0-20180822-083928-y8PRqUqd,server,nowait -device isa-serial,chardev=serial_id_serial0 -chardev socket,id=seabioslog_id_20180822-083928-y8PRqUqd,path=/var/tmp/seabios-20180822-083928-y8PRqUqd,server,nowait -device isa-debugcon,chardev=seabioslog_id_20180822-083928-y8PRqUqd,iobase=0x402 -device nec-usb-xhci,id=usb1,bus=pci.0,addr=0x3 -object iothread,id=iothread0,poll-max-ns=9223372036854775808 -device virtio-scsi-pci,id=scsi0,iothread=iothread0 -drive id=drive_image1,if=none,snapshot=off,aio=threads,cache=directsync,format=qcow2,file=/home/kvm_autotest_root/images/rhel76-64-virtio-scsi.qcow2 -device scsi-hd,drive=drive_image1,bus=scsi0.0,id=image1 -device virtio-net-pci,mac=9a:1e:1f:20:21:22,id=idVobBWE,vectors=4,netdev=idH1zOQ2,bus=pci.0,addr=0x6 -netdev tap,id=idH1zOQ2,vhost=on -m 4096 -smp 8,maxcpus=8,cores=4,threads=1,sockets=2 -cpu host -device usb-tablet,id=usb-tablet1,bus=usb1.0,port=1 -vnc :0 -rtc base=utc,clock=host,driftfix=slew -boot menu=off,strict=off,order=cdn,once=d -enable-kvm -monitor stdio -spice disable-ticketing,port=5000

(gdb) bt
#0  0x00007f2a1a655207 in raise () at /lib64/libc.so.6
#1  0x00007f2a1a6568f8 in abort () at /lib64/libc.so.6
#2  0x00007f2a1a64e026 in __assert_fail_base () at /lib64/libc.so.6
#3  0x00007f2a1a64e0d2 in  () at /lib64/libc.so.6
#4  0x00005563d3702f3b in qemu_cond_destroy (cond=cond@entry=0x5563d578a6a8) at util/qemu-thread-posix.c:131
#5  0x00005563d34d44c3 in iothread_instance_finalize (obj=<optimized out>) at iothread.c:138
#6  0x00005563d36227a2 in object_unref (type=<optimized out>, obj=0x5563d578a620) at qom/object.c:462
#7  0x00005563d36227a2 in object_unref (data=0x5563d578a620) at qom/object.c:476
#8  0x00005563d36227a2 in object_unref (obj=obj@entry=0x5563d578a620) at qom/object.c:924
#9  0x00005563d362577d in user_creatable_add_type (type=type@entry=0x5563d5650000 "iothread", id=id@entry=0x5563d55f1fe0 "iothread0", qdict=qdict@entry=0x5563d57ae000, v=v@entry=
    0x5563d579e960, errp=errp@entry=0x7ffc76cc9240) at qom/object_interfaces.c:107
#10 0x00005563d36259c6 in user_creatable_add_opts (opts=opts@entry=0x5563d56911d0, errp=errp@entry=0x7ffc76cc9240) at qom/object_interfaces.c:137
#11 0x00005563d3625b48 in user_creatable_add_opts_foreach (opaque=0x5563d34d9500 <object_create_initial>, opts=0x5563d56911d0, errp=<optimized out>) at qom/object_interfaces.c:161
#12 0x00005563d371040a in qemu_opts_foreach (list=<optimized out>, func=
    0x5563d3625b00 <user_creatable_add_opts_foreach>, opaque=opaque@entry=0x5563d34d9500 <object_create_initial>, errp=errp@entry=0x0) at util/qemu-option.c:1104
#13 0x00005563d33a664a in main (argc=<optimized out>, argv=<optimized out>, envp=<optimized out>) at vl.c:4392


Expected results:
 Guest can start normally.

Additional info:
 Windows(Win8.1) also hit this issue.
 Will check if it's regression later and add the result in the comment.

Attachment is the coredump file "core.20501"

Comment 2 aihua liang 2018-08-28 09:21:29 UTC

Created attachment 1479199 [details]
coredump_file

Comment 3 aihua liang 2018-08-29 09:10:45 UTC

qemu-img-rhev-2.10.0-21.el7_5.7.x86_64 can also hit this issue.

Comment 4 Stefan Hajnoczi 2019-01-02 15:38:05 UTC

Fixed in qemu-kvm-rhev-2.12.0-20.el7.

RHEL8 is not affected.

*** This bug has been marked as a duplicate of bug 1607768 ***

Note You need to log in before you can comment on or make changes to this bug.