Bug 1741514
| Summary: | QEMU core dumped if set dies a negative value. | ||
|---|---|---|---|
| Product: | Red Hat Enterprise Linux Advanced Virtualization | Reporter: | Yumei Huang <yuhuang> |
| Component: | qemu-kvm | Assignee: | Eduardo Habkost <ehabkost> |
| qemu-kvm sub component: | QMP Monitor and CLI | QA Contact: | liunana <nanliu> |
| Status: | CLOSED WONTFIX | Docs Contact: | |
| Severity: | high | ||
| Priority: | high | CC: | chayang, ehabkost, juzhang, nanliu, virt-maint, yihyu |
| Version: | 8.1 | Keywords: | Regression, Reopened |
| Target Milestone: | rc | Flags: | pm-rhel:
mirror+
|
| Target Release: | --- | ||
| Hardware: | Unspecified | ||
| OS: | Unspecified | ||
| Whiteboard: | |||
| Fixed In Version: | Doc Type: | If docs needed, set a value | |
| Doc Text: | Story Points: | --- | |
| Clone Of: | Environment: | ||
| Last Closed: | 2021-03-31 06:06:03 UTC | Type: | Bug |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
| Bug Depends On: | |||
| Bug Blocks: | 1758964 | ||
|
Description
Yumei Huang
2019-08-15 10:46:35 UTC
(gdb) bt full
#0 0x00007f70ab97f8df in raise () at /lib64/libc.so.6
#1 0x00007f70ab969cf5 in abort () at /lib64/libc.so.6
#2 0x00007f70ab969bc9 in _nl_load_domain.cold.0 () at /lib64/libc.so.6
#3 0x00007f70ab977e96 in .annobin_assert.c_end () at /lib64/libc.so.6
#4 0x000055adf0fee752 in cpu_x86_cpuid
(env=env@entry=0x55adf2801c50, index=<optimized out>,
index@entry=11, count=count@entry=1, eax=eax@entry=0x7f709fffda24, ebx=ebx@entry=0x7f709fffda28, ecx=ecx@entry=0x7f709fffda2c, edx=0x7f709fffda30)
at /usr/src/debug/qemu-kvm-4.1.0-1.module+el8.1.0+3966+4a23dca1.x86_64/target/i386/cpu.c:4392
cpu = 0x55adf27f9400
cs = 0x55adf27f9400
die_offset = <optimized out>
limit = <optimized out>
__PRETTY_FUNCTION__ = "cpu_x86_cpuid"
#5 0x000055adf103dc2f in kvm_arch_init_vcpu (cs=0x55adf27f9400)
at /usr/src/debug/qemu-kvm-4.1.0-1.module+el8.1.0+3966+4a23dca1.x86_64/target/i386/kvm.c:1478
cpuid_data =
{cpuid = {nent = 0, padding = 0, entries = 0x7f709fffd748}, entries = {{function = 1073741824, index = 0, flags = 0, eax = 1073741825, ebx = 1263359563, ecx = 1447775574, edx = 77, padding = {0, 0, 0}}, {function = 1073741825, index = 0, flags = 0, eax = 16777467, ebx = 0, ecx = 0, edx = 0, padding = {0, 0, 0}}, {function = 0, index = 0, flags = 0, eax = 31, ebx = 1970169159, ecx = 1818588270, edx = 1231384169, padding = {0, 0, 0}}, {function = 1, index = 0, flags = 0, eax = 1747, ebx = 2048, ecx = 2149588993, edx = 126614525, padding = {0, 0, 0}}, {function = 2, index = 0, flags = 6, eax = 1, ebx = 0, ecx = 77, edx = 2895997, padding = {0, 0, 0}}, {function = 3, index = 0, flags = 0, eax = 0, ebx = 0, ecx = 0, edx = 0, padding = {0, 0, 0}}, {function = 4, index = 0, flags = 1, eax = 289, ebx--Type <RET> for more, q to quit, c to continue without paging--c
= 29360191, ecx = 63, edx = 1, padding = {0, 0, 0}}, {function = 4, index = 1, flags = 1, eax = 290, ebx = 29360191, ecx = 63, edx = 1, padding = {0, 0, 0}}, {function = 4, index = 2, flags = 1, eax = 323, ebx = 62914623, ecx = 4095, edx = 1, padding = {0, 0, 0}}, {function = 4, index = 3, flags = 1, eax = 355, ebx = 62914623, ecx = 16383, edx = 6, padding = {0, 0, 0}}, {function = 4, index = 4, flags = 1, eax = 0, ebx = 0, ecx = 0, edx = 0, padding = {0, 0, 0}}, {function = 5, index = 0, flags = 0, eax = 0, ebx = 0, ecx = 3, edx = 0, padding = {0, 0, 0}}, {function = 6, index = 0, flags = 0, eax = 0, ebx = 0, ecx = 0, edx = 0, padding = {0, 0, 0}}, {function = 7, index = 0, flags = 0, eax = 0, ebx = 0, ecx = 0, edx = 0, padding = {0, 0, 0}}, {function = 8, index = 0, flags = 0, eax = 0, ebx = 0, ecx = 0, edx = 0, padding = {0, 0, 0}}, {function = 9, index = 0, flags = 0, eax = 0, ebx = 0, ecx = 0, edx = 0, padding = {0, 0, 0}}, {function = 10, index = 0, flags = 0, eax = 0, ebx = 0, ecx = 0, edx = 0, padding = {0, 0, 0}}, {function = 11, index = 0, flags = 1, eax = 0, ebx = 1, ecx = 256, edx = 0, padding = {0, 0, 0}}, {function = 11, index = 1, flags = 1, eax = 32, ebx = 1, ecx = 513, edx = 0, padding = {0, 0, 0}}, {function = 0, index = 0, flags = 0, eax = 0, ebx = 0, ecx = 0, edx = 0, padding = {0, 0, 0}} <repeats 81 times>}}
cpu = 0x55adf27f9400
__func__ = "kvm_arch_init_vcpu"
env = 0x55adf2801c50
limit = 31
i = 11
j = 1
cpuid_i = <optimized out>
unused = 1818588270
c = 0x7f709fffda18
kvm_base = 1073741824
max_nested_state_len = <optimized out>
r = <optimized out>
local_err = 0x0
__PRETTY_FUNCTION__ = "kvm_arch_init_vcpu"
#6 0x000055adf0f50ed7 in qemu_kvm_cpu_thread_fn (arg=0x55adf27f9400) at /usr/src/debug/qemu-kvm-4.1.0-1.module+el8.1.0+3966+4a23dca1.x86_64/cpus.c:1270
cpu = 0x55adf27f9400
r = <optimized out>
#7 0x000055adf1270174 in qemu_thread_start (args=0x55adf281d930) at util/qemu-thread-posix.c:502
__clframe = {__cancel_routine = <optimized out>, __cancel_arg = 0x0, __do_it = 1, __cancel_type = <optimized out>}
qemu_thread_args = 0x55adf281d930
start_routine = 0x55adf0f50e80 <qemu_kvm_cpu_thread_fn>
arg = 0x55adf27f9400
r = <optimized out>
#8 0x00007f70abd132de in start_thread () at /lib64/libpthread.so.0
#9 0x00007f70aba44133 in clone () at /lib64/libc.so.6
If set dies=0, QEMU core dumped with different error.
# /usr/libexec/qemu-kvm -smp 2,dies=0
Floating point exception (core dumped)
(gdb) bt full
#0 0x00005574da0e8ed7 in pc_smp_parse (ms=0x5574dcadb400, opts=0x5574dca71b30)
at /usr/src/debug/qemu-kvm-4.1.0-1.module+el8.1.0+3966+4a23dca1.x86_64/hw/i386/pc.c:1781
pcms = 0x5574dcadb400
__func__ = "pc_smp_parse"
#1 0x00005574da025e35 in main (argc=<optimized out>, argv=0x7ffe2c292298, envp=<optimized out>)
at vl.c:4016
i = <optimized out>
snapshot = 0
linux_boot = <optimized out>
initrd_filename = <optimized out>
kernel_filename = <optimized out>
kernel_cmdline = <optimized out>
boot_order = 0x0
boot_once = 0x0
ds = <optimized out>
opts = <optimized out>
machine_opts = <optimized out>
icount_opts = 0x0
accel_opts = 0x0
olist = <optimized out>
optind = 3
optarg = 0x7ffe2c293cbe "2,dies=0"
loadvm = 0x0
machine_class = 0x5574dcaac8e0
cpu_option = 0x0
vga_model = 0x0
qtest_chrdev = 0x0
qtest_log = 0x0
incoming = 0x0
userconfig = <optimized out>
nographic = false
display_remote = 0
log_mask = 0x0
log_file = 0x0
trace_file = 0x0
maxram_size = 134217728
ram_slots = 0
--Type <RET> for more, q to quit, c to continue without paging--c
vmstate_dump_file = 0x0
main_loop_err = 0x0
err = 0x0
list_data_dirs = false
dir = <optimized out>
bdo_queue = {sqh_first = 0x0, sqh_last = 0x7ffe2c292130}
__func__ = "main"
Need to pay attention, if value < 0, set parameter 'cores' or 'threads' also hit this issue. # /usr/libexec/qemu-kvm -smp 2,threads=-1 qemu-kvm: warning: Invalid CPU topology deprecated: sockets (0) * dies (1) * cores (1) * threads (4294967295) != maxcpus (2) qemu-kvm: /builddir/build/BUILD/qemu-4.1.0-rc4/target/i386/cpu.c:261: encode_cache_cpuid4: Assertion `num_apic_ids > 0' failed. Aborted (core dumped) # /usr/libexec/qemu-kvm -smp 2,cores=-1 qemu-kvm: warning: Invalid CPU topology deprecated: sockets (0) * dies (1) * cores (4294967295) * threads (1) != maxcpus (2) qemu-kvm: /builddir/build/BUILD/qemu-4.1.0-rc4/target/i386/cpu.c:4392: cpu_x86_cpuid: Assertion `!(*eax & ~0x1f)' failed. Aborted (core dumped) When forcibly setting dies=0, it should be switch to 1 like the others. # /usr/libexec/qemu-kvm -smp 2,sockets=4,cores=0,threads=0 qemu-kvm: cpu topology: sockets (4) * dies (1) * cores (1) * threads (1) > maxcpus (2) -------> dies (1) # /usr/libexec/qemu-kvm -smp 2,sockets=4,dies=0,cores=0,threads=0 Floating point exception (core dumped) Thanks Yihuang for the update. I tried with qemu-kvm-2.12.0-83.module+el8.1.0+3852+0ba8aef0 and qemu-kvm-rhev-2.12.0-33.el7, if set cores=-1, won't hit the core dump. # /usr/libexec/qemu-kvm -smp 2,cores=-1 qemu-kvm: cpu topology: sockets (1) * cores (4294967295) * threads (1) > maxcpus (2) So adding regression keyword. Eduardo - this seems to be related to upstream commit 1b45842203 so assigning to you. Could be different bugs though so you may need to clone/split. The @dies values missed that a 0 based value used as a divisor won't be good. When @dies < 0, I'm getting a different result. The @cores or @threads value being negative could be a separate issue as the code gets a bit further, but it could also be a validation of input type case. Severity and priority aren't high, because libvirt doesn't even support the "dies" option yet. When it starts supporting it, the XML schema will make it accepts only positive values for the option. Moving to backlog. QEMU has been recently split into sub-components and as a one-time operation to avoid breakage of tools, we are setting the QEMU sub-component of this BZ to "General". Please review and change the sub-component if necessary the next time you review this BZ. Thanks Hit same issue on rhel8.3.0 slow train. qemu-kvm-4.2.0-25.module+el8.3.0+6974+1d9d018b # /usr/libexec/qemu-kvm -smp 2,dies=-2 qemu-kvm: warning: Invalid CPU topology deprecated: sockets (0) * dies (4294967294) * cores (1) * threads (1) != maxcpus (2) qemu-kvm: /builddir/build/BUILD/qemu-4.2.0/target/i386/cpu.c:5578: cpu_x86_cpuid: Assertion `!(*eax & ~0x1f)' failed. Aborted (core dumped) After evaluating this issue, there are no plans to address it further or fix it in an upcoming release. Therefore, it is being closed. If plans change such that this issue will be fixed in an upcoming release, then the bug can be reopened. Still can reproduce this bug with following configurations:
1. # /usr/libexec/qemu-kvm -smp 2,sockets=4,dies=0,cores=0,threads=0
Floating point exception (core dumped)
2. # /usr/libexec/qemu-kvm -smp 2,dies=0
Floating point exception (core dumped)
Test environments:
intel-walkerpass-02.khw1.lab.eng.bos.redhat.com
kernel-4.18.0-298.el8.x86_64
qemu-kvm-5.2.0-12.module+el8.4.0+10354+98272afe.x86_64
I will re-open this BZ now, Please help to check this, thanks.
Best regards
Liu Nana
|