597087 – RHEL 6.0 input/output mess up after cpu hotplug in 32 bit vm

RHEL Engineering is moving the tracking of its product development work on RHEL 6 through RHEL 9 to Red Hat Jira (issues.redhat.com). If you're a Red Hat customer, please continue to file support cases via the Red Hat customer portal. If you're not, please head to the "RHEL project" in Red Hat Jira and file new tickets here. Individual Bugzilla bugs in the statuses "NEW", "ASSIGNED", and "POST" are being migrated throughout September 2023. Bugs of Red Hat partners with an assigned Engineering Partner Manager (EPM) are migrated in late September as per pre-agreed dates. Bugs against components "kernel", "kernel-rt", and "kpatch" are only migrated if still in "NEW" or "ASSIGNED". If you cannot log in to RH Jira, please consult article #7032570. That failing, please send an e-mail to the RH Jira admins at rh-issues@redhat.com to troubleshoot your issue as a user management inquiry. The email creates a ServiceNow ticket with Red Hat. Individual Bugzilla bugs that are migrated will be moved to status "CLOSED", resolution "MIGRATED", and set with "MigratedToJIRA" in "Keywords". The link to the successor Jira issue will be found under "Links", have a little "two-footprint" icon next to it, and direct you to the "RHEL project" in Red Hat Jira (issue links are of type "https://issues.redhat.com/browse/RHEL-XXXX", where "X" is a digit). This same link will be available in a blue banner at the top of the page informing you that that bug has been migrated.

Bug 597087 - RHEL 6.0 input/output mess up after cpu hotplug in 32 bit vm

Summary: RHEL 6.0 input/output mess up after cpu hotplug in 32 bit vm

Keywords:
Status:	CLOSED NEXTRELEASE
Alias:	None
Product:	Red Hat Enterprise Linux 6
Classification:	Red Hat
Component:	kernel
Sub Component:
Version:	6.0
Hardware:	All
OS:	Linux
Priority:	low
Severity:	medium
Target Milestone:	rc
Target Release:	---
Assignee:	Red Hat Kernel Manager
QA Contact:	Red Hat Kernel QE team
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+	depends on / blocked

Reported:	2010-05-28 05:41 UTC by Joy Pu
Modified:	2013-01-09 22:38 UTC (History)
CC List:	1 user (show)
Fixed In Version:
Doc Type:	Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed:	2010-05-31 13:42:24 UTC
Target Upstream Version:
Embargoed:

Attachments	(Terms of Use)

Description Joy Pu 2010-05-28 05:41:39 UTC

Description:
Guest input/output from vncviewer messup after cpu hotplug in 32bit vm in RHEL6.0. The output from vncviewer will be big letter or small letter randomlly after "CPU1: Stuck ??". This will not be triggered in the newest version kernel(>2.6.32-24), because of CPU will not be stuck.

Version-Release number of selected component (if applicable):
host kernel: 2.6.32-29.el6transhuge.x86_64
guest kernel: 2.6.32-22.el6.i686
#  rpm -qa |grep qemu
gpxe-roms-qemu-0.9.7-6.3.el6.noarch
qemu-kvm-debuginfo-0.12.1.2-2.42.el6.x86_64
qemu-kvm-0.12.1.2-2.53.el6.x86_64
qemu-kvm-tools-0.12.1.2-2.42.el6.x86_64
qemu-img-0.12.1.2-2.53.el6.x86_64
vncviewer version: VNC Viewer Free Edition 4.1.2 for X - built Jan 26 2009 11:52:08

How reproducible:
Always

Steps to Reproduce:
1. boot up a smp RHEL-6.0-32 guest
2. connect to guest with vncviewer
# vncviewer $address:0
2. Hotplug cpu1 with echo
# echo 0 > /sys/devices/system/cpu/cpu1/online 
# echo 1 > /sys/devices/system/cpu/cpu1/online 
3. dmesg and get the CPU stuck info:
# dmesg
4. write something from vncviewer

Actual results:
Can not communicate with guest from vncviewer. But from ssh or serial port is OK.

Expected results:
The input/output from vncviewer can be normally used after one cpu is stuck

Additional info:
1. The command line:
 /root/autotest/client/tests/kvm/qemu -name 'vm1' -monitor tcp:0:6001,server,nowait -drive file=/root/autotest/client/tests/kvm/images/RHEL-Server-6.0-32-virtio.raw,if=virtio,cache=writethrough,boot=on -net nic,vlan=0,model=virtio,macaddr=00:30:0D:20:30:df -net tap,vlan=0,ifname=virtio_0_6001,script=/root/autotest/client/tests/kvm/scripts/qemu-ifup-switch,downscript=no -m 2048 -smp 2 -soundhw ac97 -usbdevice tablet -rtc-td-hack -no-hpet -cpu qemu64,+sse2 -no-kvm-pit-reinjection -redir tcp:5000::22 -vnc :0 -serial unix:/tmp/serial-20100527-102947-yHRw,server,nowait

2.Host cpuinfo
processor       : 2
vendor_id       : AuthenticAMD
cpu family      : 16
model           : 2
model name      : AMD Phenom(tm) 8750 Triple-Core Processor
stepping        : 3
cpu MHz         : 2400.000
cache size      : 512 KB
physical id     : 0
siblings        : 3
core id         : 2
cpu cores       : 3
apicid          : 2
initial apicid  : 2
fpu             : yes
fpu_exception   : yes
cpuid level     : 5
wp              : yes
flags           : fpu vme de pse tsc msr pae mce cx8 apic mtrr pge mca cmov pat pse36 clflush mmx fxsr sse sse2 ht syscall nx mmxext fxsr_opt pdpe1gb rdtscp lm 3dnowext 3dnow constant_tsc rep_good nonstop_tsc extd_apicid pni monitor cx16 popcnt lahf_lm cmp_legacy svm extapic cr8_legacy abm sse4a misalignsse 3dnowprefetch osvw ibs
bogomips        : 4809.89
TLB size        : 1024 4K pages
clflush size    : 64
cache_alignment : 64
address sizes   : 48 bits physical, 48 bits virtual
power management: ts ttp tm stc 100mhzsteps hwpstate

3. CPU stuck info:
SMP alternatives: switching to SMP code
Booting Node 0 Processor 1 APIC 0x1
Initializing CPU#1
int3: 0000 [#1] SMP
last sysfs file: /sys/devices/system/cpu/cpu1/online
Modules linked in: ipv6(U) dm_mirror(U) dm_region_hash(U) dm_log(U) snd_intel8x0(U) snd_ac97_codec(U) ac97_bus(U) snd_seq(U) snd_seq_device(U) ppdev(U) snd_pcm(U) sg(U) parport_pc(U) parport(U) snd_timer(U) i2c_piix4(U) virtio_net(U) sr_mod(U) snd(U) soundcore(U) cdrom(U) snd_page_alloc(U) i2c_core(U) ext4(U) mbcache(U) jbd2(U) ata_generic(U) pata_acpi(U) virtio_blk(U) ata_piix(U) virtio_pci(U) virtio_ring(U) virtio(U) dm_mod(U) [last unloaded: scsi_wait_scan]

Pid: 0, comm: swapper Tainted: G S      W  (2.6.32-22.el6.i686 #1) Bochs
EIP: 0060:[<c0a4b4d7>] EFLAGS: 00000002 CPU: 1
EIP is at nmi_cpu_busy+0x0/0x17
EAX: ffffb320 EBX: 00000005 ECX: fffff000 EDX: 000100ef
ESI: 00000000 EDI: 00000000 EBP: f709ffb8 ESP: f709ff88
 DS: 007b ES: 007b FS: 00d8 GS: 00e0 SS: 0068
Process swapper (pid: 0, ti=f709e000 task=f7066030 task.ti=f709e000)
Stack:
 c0804f65 c2008990 01000800 00000001 01000800 00000001 c0804870 00000000
<0> 00000000 00000001 00000000 00000001 f709ffb0 00000000 00000000 00000000
<0> 00000000 00000000 00000000 00000000 000000d8 000000e0 00000000 00000000
Call Trace:
 [<c0804f65>] ? end_local_APIC_setup+0xfb/0x112
 [<c0804870>] ? start_secondary+0x102/0x24e
Code: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc <cc> cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc
EIP: [<c0a4b4d7>] nmi_cpu_busy+0x0/0x17 SS:ESP 0068:f709ff88
---[ end trace a7919e7f17c0a727 ]---
Kernel panic - not syncing: Fatal exception
Pid: 0, comm: swapper Tainted: G S    D W  2.6.32-22.el6.i686 #1
Call Trace:
 [<c08085dc>] ? panic+0x42/0xed
 [<c080bc1c>] ? oops_end+0xbc/0xd0
 [<c080b34e>] ? do_int3+0x6e/0x90
 [<c080b1b4>] ? int3+0x30/0x38
 [<c0a4b4d7>] ? nmi_cpu_busy+0x0/0x17
 [<c0804f65>] ? end_local_APIC_setup+0xfb/0x112
 [<c0804870>] ? start_secondary+0x102/0x24e
CPU1: Stuck ??

Note You need to log in before you can comment on or make changes to this bug.