Bug 595274 - Using device_del command delete pci-bridge drivers lead to qemu-kvm die with Segmentation fault error
Summary: Using device_del command delete pci-bridge drivers lead to qemu-kvm die with ...
Alias: None
Product: Red Hat Enterprise Linux 6
Classification: Red Hat
Component: qemu-kvm
Version: 6.0
Hardware: All
OS: Linux
Target Milestone: rc
: ---
Assignee: Markus Armbruster
QA Contact: Virtualization Bugs
Depends On:
Blocks: 580953
TreeView+ depends on / blocked
Reported: 2010-05-24 09:09 UTC by juzhang
Modified: 2013-01-09 22:36 UTC (History)
6 users (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Clone Of:
Last Closed: 2010-07-29 10:13:34 UTC
Target Upstream Version:

Attachments (Terms of Use)

Description juzhang 2010-05-24 09:09:57 UTC
Description of problem:
Using device_del command delete pci-bridge drivers lead to qemu-kvm die with Segmentation fault error

Version-Release number of selected component (if applicable):

How reproducible:

Steps to Reproduce:
1.boot the guest with qmp enabled
/usr/libexec/qemu-kvm  -no-hpet -usbdevice tablet -rtc-td-hack -m 2G -smp 2 -drive file=/root/zhangjunyi/RHEL-Server-6.0-64-virtio.qcow2,if=virtio,boot=on,cache=off,format=qcow2,id=test,werror=stop,rerror=stop  -net nic,vlan=0,macaddr=22:11:22:45:66:19,model=virtio -net tap,vlan=0,script=/etc/qemu-ifup -uuid `uuidgen` -cpu qemu64,+sse2 -device virtio-balloon-pci -boot order=cn,menu=on -M rhel6.0.0 -monitor stdio -qmp tcp:0:4444,server,nowait -vnc :10
2.telnet the host
3.add pci-bridge named id "zhang"
{ "execute": "device_add", "arguments": { "driver": "pci-bridge","id": "zhang"}} 
4. issue the command "info pci"
 Bus  0, device   6, function 0:
    PCI bridge: PCI device 0000:0000
      BUS 0.
      secondary bus 0.
      subordinate bus 0.
      IO range [0x0000, 0x0fff]
      memory range [0x00000000, 0x000fffff]
      prefetchable memory range [0x00000000, 0x000fffff]
      id "zhang"

5. delete pci-bridge named id "zhang"
{ "execute": "device_del", "arguments": { "id":"zhang"}}

Actual results:
After executed the { "execute": "device_del", "arguments": { "id":"zhang"}}
qemu-kvm was aborted with error "Segmentation fault".

(gdb) bt
#0  0x0000000000418206 in pci_unregister_secondary_bus (pci_dev=0x2b36010) at /usr/src/debug/qemu-kvm-
#1  pci_bridge_exitfn (pci_dev=0x2b36010) at /usr/src/debug/qemu-kvm-
#2  0x00000000004191a8 in pci_unregister_device (dev=0x2b36010) at /usr/src/debug/qemu-kvm-
#3  0x00000000004bdcb9 in qdev_free (dev=0x2b36010) at /usr/src/debug/qemu-kvm-
#4  0x0000000000466d09 in pciej_write (opaque=<value optimized out>, addr=<value optimized out>, val=<value optimized out>)
    at /usr/src/debug/qemu-kvm-
#5  0x000000000042aa20 in kvm_handle_io (env=0x28cb1f0) at /usr/src/debug/qemu-kvm-
#6  kvm_run (env=0x28cb1f0) at /usr/src/debug/qemu-kvm-
#7  0x000000000042aae9 in kvm_cpu_exec (env=<value optimized out>) at /usr/src/debug/qemu-kvm-
#8  0x000000000042b70f in kvm_main_loop_cpu (_env=0x28cb1f0) at /usr/src/debug/qemu-kvm-
#9  ap_main_loop (_env=0x28cb1f0) at /usr/src/debug/qemu-kvm-
#10 0x0000003443407761 in start_thread () from /lib64/libpthread.so.0
#11 0x0000003442ce14fd in clone () from /lib64/libc.so.6

Expected results:
pci-bridge is removed successful.

Additional info:

Comment 2 RHEL Program Management 2010-05-28 10:36:06 UTC
This request was evaluated by Red Hat Product Management for inclusion in a Red
Hat Enterprise Linux major release.  Product Management has requested further
review of this request by Red Hat Engineering, for potential inclusion in a Red
Hat Enterprise Linux Major release.  This request is not yet committed for

Comment 3 Dor Laor 2010-05-31 13:33:23 UTC
Is that a surprise? I agree it should be prevented but it's not expected to happen.

Comment 5 Markus Armbruster 2010-07-29 08:27:15 UTC
Do we even support device "pci-bridge"?  If not, can we disable it?

Note You need to log in before you can comment on or make changes to this bug.