Bug 594654 - Random read/write /dev/port [vga] caused 'invalid parameters' error
Random read/write /dev/port [vga] caused 'invalid parameters' error
Status: CLOSED ERRATA
Product: Red Hat Enterprise Linux 6
Classification: Red Hat
Component: qemu-kvm (Show other bugs)
6.0
All Linux
low Severity medium
: rc
: ---
Assigned To: Gerd Hoffmann
Virtualization Bugs
:
Depends On:
Blocks: 767187 580953
  Show dependency treegraph
 
Reported: 2010-05-21 05:16 EDT by Amos Kong
Modified: 2015-05-24 20:05 EDT (History)
15 users (show)

See Also:
Fixed In Version: qemu-kvm-0.12.1.2-2.211.el6
Doc Type: Bug Fix
Doc Text:
No Documentation Needed
Story Points: ---
Clone Of:
Environment:
Last Closed: 2012-06-20 07:32:08 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)
iofuzz debug message (365.36 KB, application/x-bzip)
2010-05-21 06:08 EDT, Amos Kong
no flags Details


External Trackers
Tracker ID Priority Status Summary Last Updated
Red Hat Product Errata RHBA-2012:0746 normal SHIPPED_LIVE qemu-kvm bug fix and enhancement update 2012-06-19 15:31:48 EDT

  None (edit)
Description Amos Kong 2010-05-21 05:16:34 EDT
Description of problem:
Execute autotest.iofuzz testcase(http://patchwork.test.kernel.org/patch/2155/).
Sometimes, qemu outputs "BUG: kvm_dirty_pages_log_disable_slot: invalid parameters".
This can be reproduced by executing iofuzz testcase.
Iofuzz debug message attached(iofuzz-debug.txt).


Version-Release number of selected component (if applicable):
host kernel: 2.6.32-25.el6.x86_64
# rpm -qa |grep qemu
gpxe-roms-qemu-0.9.7-6.3.el6.noarch
qemu-img-0.12.1.2-2.53.el6.x86_64
qemu-kvm-0.12.1.2-2.53.el6.x86_64
qemu-kvm-debuginfo-0.12.1.2-2.53.el6.x86_64
qemu-kvm-tools-0.12.1.2-2.53.el6.x86_64


Command line:
#qemu-kvm -name vm1 -monitor tcp:0:6001,server,nowait -drive file=/root/autotest/client/tests/kvm/images/RHEL-Server-5.5-64.qcow2,if=ide,cache=none,boot=on -net nic,vlan=0,model=e1000,macaddr=00:A9:7C:6C:47:11 -net tap,vlan=0,ifname=e1000_0_6001,script=/root/autotest/client/tests/kvm/scripts/qemu-ifup-switch,downscript=no -m 512 -smp 1 -soundhw ac97 -usbdevice tablet -rtc-td-hack -no-hpet -cpu qemu64,+sse2 -no-kvm-pit-reinjection -redir tcp:5000::22 -vnc :0 -serial unix:/tmp/serial-20100513-104022-p4ix,server,nowait


guest)# cat /proc/ioports
05/20 06:38:42 DEBUG|    iofuzz:0104| 0000-001f : dma1
0020-0021 : pic1
0040-0043 : timer0
0050-0053 : timer1
0060-0060 : keyboard
0064-0064 : keyboard
0070-0077 : rtc
0080-008f : dma page reg
00a0-00a1 : pic2
00c0-00df : dma2
00f0-00ff : fpu
0170-0177 : ide1
01f0-01f7 : ide0
0376-0376 : ide1 
0378-037a : parport0
03c0-03df : vga+
03f2-03f5 : floppy
03f6-03f6 : ide0
03f7-03f7 : floppy DIR
03f8-03ff : serial
0cf8-0cff : PCI conf1 
afe0-afe3 : ACPI GPE0_BLK
b000-b03f : 0000:00:01.3
  b000-b003 : ACPI PM1a_EVT_BLK
  b004-b005 : ACPI PM1a_CNT_BLK
  b008-b00b : ACPI PM_TMR
  b010-b015 : ACPI CPU throttle
b100-b10f : 0000:00:01.3 
  b100-b107 : piix4_smbus
c000-c00f : 0000:00:01.1
  c000-c007 : ide0
  c008-c00f : ide1
c020-c03f : 0000:00:01.2
  c020-c03f : uhci_hcd
c040-c07f : 0000:00:03.0
  c040-c07f : e1000
c400-c7ff : 0000:00:04.0
  c400-c7ff : Intel 82801AA-ICH
c800-c8ff : 0000:00:04.0
  c800-c8ff : Intel 82801AA-ICH


05/20 10:20:23 INFO |    iofuzz:0119| Fuzzing vga+, port range 0x3c0-0x3df
05/20 10:20:23 DEBUG|    iofuzz:0050| inb(0x3c0)
05/20 10:20:23 DEBUG|kvm_subpro:1119| Sending command: dd if=/dev/port seek=960 of=/dev/null bs=1 count=1
05/20 10:20:24 DEBUG|    iofuzz:0050| inb(0x3c1)
....
05/20 10:22:24 DEBUG|    iofuzz:0033| outb(0x3c4, 0x17)
05/20 10:22:24 DEBUG|kvm_subpro:1119| Sending command: echo -e '\027' | dd of=/dev/port seek=964 bs=1 count=1
05/20 10:22:25 DEBUG|    iofuzz:0033| outb(0x3c5, 0xed)
05/20 10:22:25 DEBUG|kvm_subpro:1119| Sending command: echo -e '\0355' | dd of=/dev/port seek=965 bs=1 count=1
05/20 10:22:25 DEBUG|kvm_subpro:0686| (qemu) BUG: kvm_dirty_pages_log_enable_slot: invalid parameters
05/20 10:22:25 DEBUG|kvm_subpro:0686| (qemu) BUG: kvm_dirty_pages_log_enable_slot: invalid parameters
05/20 10:22:26 DEBUG|    iofuzz:0033| outb(0x3c6, 0x3)
....
05/20 10:22:34 DEBUG|kvm_subpro:1119| Sending command: echo -e '\015' | dd of=/dev/port seek=976 bs=1 count=1
05/20 10:22:34 DEBUG|kvm_subpro:0686| (qemu) BUG: kvm_dirty_pages_log_disable_slot: invalid parameters
05/20 10:22:34 DEBUG|kvm_subpro:0686| (qemu) BUG: kvm_dirty_pages_log_disable_slot: invalid parameters



# grep Fuzzing iofuzz-debug.txt
05/20 06:38:42 INFO |    iofuzz:0119| Fuzzing ide1, port range 0x170-0x177
05/20 06:39:53 INFO |    iofuzz:0119| Fuzzing keyboard, port range 0x60-0x60
05/20 06:40:02 INFO |    iofuzz:0119| Fuzzing e1000, port range 0xc040-0xc07f
05/20 06:49:27 INFO |    iofuzz:0119| Fuzzing timer1, port range 0x50-0x53
05/20 06:50:02 INFO |    iofuzz:0119| Fuzzing rtc, port range 0x70-0x77
05/20 06:51:13 INFO |    iofuzz:0119| Fuzzing ACPI CPU throttle, port range 0xb010-0xb015
05/20 06:52:06 INFO |    iofuzz:0119| Fuzzing Intel 82801AA-ICH, port range 0xc400-0xc7ff
05/20 09:24:25 INFO |    iofuzz:0119| Fuzzing floppy, port range 0x3f2-0x3f5
05/20 09:25:01 INFO |    iofuzz:0119| Fuzzing timer0, port range 0x40-0x43
05/20 09:25:37 INFO |    iofuzz:0119| Fuzzing pic1, port range 0x20-0x21
05/20 09:25:55 INFO |    iofuzz:0119| Fuzzing piix4_smbus, port range 0xb100-0xb107
05/20 09:27:07 INFO |    iofuzz:0119| Fuzzing 0000:00:01.1, port range 0xc000-0xc00f
05/20 09:29:31 INFO |    iofuzz:0119| Fuzzing dma page reg, port range 0x80-0x8f
05/20 09:31:55 INFO |    iofuzz:0119| Fuzzing Intel 82801AA-ICH, port range 0xc800-0xc8ff
05/20 10:10:27 INFO |    iofuzz:0119| Fuzzing serial, port range 0x3f8-0x3ff
05/20 10:11:39 INFO |    iofuzz:0119| Fuzzing uhci_hcd, port range 0xc020-0xc03f
05/20 10:16:28 INFO |    iofuzz:0119| Fuzzing ide1, port range 0xc008-0xc00f
05/20 10:17:41 INFO |    iofuzz:0119| Fuzzing pic2, port range 0xa0-0xa1
05/20 10:17:59 INFO |    iofuzz:0119| Fuzzing 0000:00:01.3, port range 0xb100-0xb10f
05/20 10:20:23 INFO |    iofuzz:0119| Fuzzing vga+, port range 0x3c0-0x3df
05/20 10:25:12 INFO |    iofuzz:0119| Fuzzing ACPI PM1a_CNT_BLK, port range 0xb004-0xb005
05/20 10:25:30 INFO |    iofuzz:0119| Fuzzing ACPI PM_TMR, port range 0xb008-0xb00b
05/20 10:26:06 INFO |    iofuzz:0119| Fuzzing parport0, port range 0x378-0x37a
05/20 10:26:33 INFO |    iofuzz:0119| Fuzzing ACPI PM1a_EVT_BLK, port range 0xb000-0xb003
05/20 10:27:09 INFO |    iofuzz:0119| Fuzzing dma1, port range 0x0-0x1f
05/20 10:31:59 INFO |    iofuzz:0119| Fuzzing ide0, port range 0x1f0-0x1f7
05/20 10:33:11 INFO |    iofuzz:0119| Fuzzing 0000:00:01.3, port range 0xb000-0xb03f
05/20 10:42:52 INFO |    iofuzz:0119| Fuzzing ACPI GPE0_BLK, port range 0xafe0-0xafe3
05/20 10:43:29 INFO |    iofuzz:0119| Fuzzing PCI conf1, port range 0xcf8-0xcff

# grep kvm_dirty_pages iofuzz-debug.txt
05/20 10:22:25 DEBUG|kvm_subpro:0686| (qemu) BUG: kvm_dirty_pages_log_enable_slot: invalid parameters
05/20 10:22:25 DEBUG|kvm_subpro:0686| (qemu) BUG: kvm_dirty_pages_log_enable_slot: invalid parameters
05/20 10:22:34 DEBUG|kvm_subpro:0686| (qemu) BUG: kvm_dirty_pages_log_disable_slot: invalid parameters
05/20 10:22:34 DEBUG|kvm_subpro:0686| (qemu) BUG: kvm_dirty_pages_log_disable_slot: invalid parameters
05/20 10:22:44 DEBUG|kvm_subpro:0686| (qemu) BUG: kvm_dirty_pages_log_enable_slot: invalid parameters
05/20 10:22:44 DEBUG|kvm_subpro:0686| (qemu) BUG: kvm_dirty_pages_log_enable_slot: invalid parameters
05/20 10:43:38 DEBUG|kvm_subpro:0686| (qemu) BUG: kvm_dirty_pages_log_disable_slot: invalid parameters
05/20 10:43:38 DEBUG|kvm_subpro:0686| (qemu) BUG: kvm_dirty_pages_log_disable_slot: invalid parameters
05/20 10:43:38 DEBUG|kvm_subpro:0686| (qemu) BUG: kvm_dirty_pages_log_enable_slot: invalid parameters
05/20 10:43:38 DEBUG|kvm_subpro:0686| (qemu) BUG: kvm_dirty_pages_log_enable_slot: invalid parameters
05/20 10:43:39 DEBUG|kvm_subpro:0686| (qemu) BUG: kvm_dirty_pages_log_disable_slot: invalid parameters
05/20 10:43:39 DEBUG|kvm_subpro:0686| (qemu) BUG: kvm_dirty_pages_log_disable_slot: invalid parameters
05/20 10:43:39 DEBUG|kvm_subpro:0686| (qemu) BUG: kvm_dirty_pages_log_enable_slot: invalid parameters
05/20 10:43:39 DEBUG|kvm_subpro:0686| (qemu) BUG: kvm_dirty_pages_log_enable_slot: invalid parameters
05/20 10:43:39 DEBUG|kvm_subpro:0686| (qemu) BUG: kvm_dirty_pages_log_disable_slot: invalid parameters
05/20 10:43:39 DEBUG|kvm_subpro:0686| (qemu) BUG: kvm_dirty_pages_log_disable_slot: invalid parameters
05/20 10:43:39 DEBUG|kvm_subpro:0686| (qemu) BUG: kvm_dirty_pages_log_enable_slot: invalid parameters
05/20 10:43:39 DEBUG|kvm_subpro:0686| (qemu) BUG: kvm_dirty_pages_log_enable_slot: invalid parameters
05/20 10:43:40 DEBUG|kvm_subpro:0686| (qemu) BUG: kvm_dirty_pages_log_disable_slot: invalid parameters
05/20 10:43:40 DEBUG|kvm_subpro:0686| (qemu) BUG: kvm_dirty_pages_log_disable_slot: invalid parameters
05/20 10:43:40 DEBUG|kvm_subpro:0686| (qemu) BUG: kvm_dirty_pages_log_enable_slot: invalid parameters
05/20 10:43:40 DEBUG|kvm_subpro:0686| (qemu) BUG: kvm_dirty_pages_log_enable_slot: invalid parameters
05/20 10:43:42 DEBUG|kvm_subpro:0686| (qemu) BUG: kvm_dirty_pages_log_disable_slot: invalid parameters
05/20 10:43:42 DEBUG|kvm_subpro:0686| (qemu) BUG: kvm_dirty_pages_log_disable_slot: invalid parameters
05/20 10:43:42 DEBUG|kvm_subpro:0686| (qemu) BUG: kvm_dirty_pages_log_enable_slot: invalid parameters
05/20 10:43:42 DEBUG|kvm_subpro:0686| (qemu) BUG: kvm_dirty_pages_log_enable_slot: invalid parameters
Comment 2 Amos Kong 2010-05-21 06:08:37 EDT
Created attachment 415634 [details]
iofuzz debug message
Comment 3 RHEL Product and Program Management 2010-06-07 11:55:24 EDT
This request was evaluated by Red Hat Product Management for inclusion in a Red
Hat Enterprise Linux major release.  Product Management has requested further
review of this request by Red Hat Engineering, for potential inclusion in a Red
Hat Enterprise Linux Major release.  This request is not yet committed for
inclusion.
Comment 6 RHEL Product and Program Management 2011-01-06 22:55:38 EST
This request was evaluated by Red Hat Product Management for
inclusion in the current release of Red Hat Enterprise Linux.
Because the affected component is not scheduled to be updated
in the current release, Red Hat is unfortunately unable to
address this request at this time. Red Hat invites you to
ask your support representative to propose this request, if
appropriate and relevant, in the next release of Red Hat
Enterprise Linux. If you would like it considered as an
exception in the current release, please ask your support
representative.
Comment 7 Suzanne Yeghiayan 2011-01-07 11:12:03 EST
This request was erroneously denied for the current release of Red Hat
Enterprise Linux.  The error has been fixed and this request has been
re-proposed for the current release.
Comment 8 RHEL Product and Program Management 2011-02-01 00:32:41 EST
This request was evaluated by Red Hat Product Management for
inclusion in the current release of Red Hat Enterprise Linux.
Because the affected component is not scheduled to be updated
in the current release, Red Hat is unfortunately unable to
address this request at this time. Red Hat invites you to
ask your support representative to propose this request, if
appropriate and relevant, in the next release of Red Hat
Enterprise Linux. If you would like it considered as an
exception in the current release, please ask your support
representative.
Comment 9 RHEL Product and Program Management 2011-02-01 13:22:27 EST
This request was erroneously denied for the current release of
Red Hat Enterprise Linux.  The error has been fixed and this
request has been re-proposed for the current release.
Comment 12 Markus Armbruster 2011-11-25 10:13:04 EST
Bug impact wasn't clear to me, so I asked Kraxel, who kindly explained: Without the patch kvm tries to enable dirty-logging for guest address space not backed by video ram, which fails and leads to the error message.  No security implications.
Comment 17 Qunfang Zhang 2012-02-01 21:43:47 EST
Run iofuzz testing on both qemu-kvm-0.12.1.2-2.209.el6 and qemu-kvm-0.12.1.2-2.221.el6, both can not reproduce the issue after several times attempts.
Confirm with Amos, this bug can be verified if passed on the latest version.

Steps:
1. Get the latest autotest tree that includes the iofuzz test case as bug description.
2. Run iofuzz testing for several times.

Result: Did not hit the issue as bug description.

CLI:
/home/staf-kvm-devel/autotest-devel/client/tests/kvm/qemu -name vm1 -chardev socket,id=qmp_monitor_id_qmpmonitor1,path=/tmp/monitor-qmpmonitor1-20120201-143600-63Pq,server,nowait -mon chardev=qmp_monitor_id_qmpmonitor1,mode=control -chardev socket,id=serial_id_20120201-143600-63Pq,path=/tmp/serial-20120201-143600-63Pq,server,nowait -device isa-serial,chardev=serial_id_20120201-143600-63Pq -device ich9-usb-uhci1,id=usb1,bus=pci.0,addr=0x4 -drive file=/home/staf-kvm-devel/autotest-devel/client/tests/kvm/images/RHEL-Server-5.7-64.qcow2,index=0,if=none,id=drive-ide0-0-0,media=disk,cache=none,format=qcow2,aio=native -device ide-drive,bus=ide.0,unit=0,drive=drive-ide0-0-0,id=ide0-0-0 -device e1000,netdev=idxEvOi8,mac=9a:ad:28:4b:eb:ea,id=ndev00idxEvOi8,bus=pci.0,addr=0x3 -netdev tap,id=idxEvOi8,fd=19 -m 512 -smp 1,cores=1,threads=1,sockets=1 -cpu cpu64-rhel6,+sse2,+x2apic -device usb-tablet,id=usb-tablet1,bus=usb1.0,port=1 -vnc :0 -rtc base=utc,clock=host,driftfix=slew -M rhel6.2.0 -boot order=cdn,once=c,menu=off -no-kvm-pit-reinjection -enable-kvm
Comment 19 Qunfang Zhang 2012-02-01 22:13:28 EST
(In reply to comment #17)
> Run iofuzz testing on both qemu-kvm-0.12.1.2-2.209.el6 and
> qemu-kvm-0.12.1.2-2.221.el6, both can not reproduce the issue after several
> times attempts.
> Confirm with Amos, this bug can be verified if passed on the latest version.
> 
> Steps:
> 1. Get the latest autotest tree that includes the iofuzz test case as bug
> description.
> 2. Run iofuzz testing for several times.
> 
> Result: Did not hit the issue as bug description.
> 
> CLI:
> /home/staf-kvm-devel/autotest-devel/client/tests/kvm/qemu -name vm1 -chardev
> socket,id=qmp_monitor_id_qmpmonitor1,path=/tmp/monitor-qmpmonitor1-20120201-143600-63Pq,server,nowait
> -mon chardev=qmp_monitor_id_qmpmonitor1,mode=control -chardev
> socket,id=serial_id_20120201-143600-63Pq,path=/tmp/serial-20120201-143600-63Pq,server,nowait
> -device isa-serial,chardev=serial_id_20120201-143600-63Pq -device
> ich9-usb-uhci1,id=usb1,bus=pci.0,addr=0x4 -drive
> file=/home/staf-kvm-devel/autotest-devel/client/tests/kvm/images/RHEL-Server-5.7-64.qcow2,index=0,if=none,id=drive-ide0-0-0,media=disk,cache=none,format=qcow2,aio=native
> -device ide-drive,bus=ide.0,unit=0,drive=drive-ide0-0-0,id=ide0-0-0 -device
> e1000,netdev=idxEvOi8,mac=9a:ad:28:4b:eb:ea,id=ndev00idxEvOi8,bus=pci.0,addr=0x3
> -netdev tap,id=idxEvOi8,fd=19 -m 512 -smp 1,cores=1,threads=1,sockets=1 -cpu
> cpu64-rhel6,+sse2,+x2apic -device usb-tablet,id=usb-tablet1,bus=usb1.0,port=1
> -vnc :0 -rtc base=utc,clock=host,driftfix=slew -M rhel6.2.0 -boot
> order=cdn,once=c,menu=off -no-kvm-pit-reinjection -enable-kvm

Actually after 3 or 4 rounds iofuzz testing the guest image got corrupted. File a new bug for it. In the first several times test, the issue in this bug does not exist anymore.
New bug 786652 - Guest get calltrace and failed to boot up after several times iofuzz testing
Comment 20 Michal Novotny 2012-05-03 12:44:19 EDT
    Technical note added. If any revisions are required, please edit the "Technical Notes" field
    accordingly. All revisions will be proofread by the Engineering Content Services team.
    
    New Contents:
No Documentation Needed
Comment 21 errata-xmlrpc 2012-06-20 07:32:08 EDT
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

http://rhn.redhat.com/errata/RHBA-2012-0746.html

Note You need to log in before you can comment on or make changes to this bug.