598920 – Kernel panic when set vlan in RHEL 6.0 32 bit

RHEL Engineering is moving the tracking of its product development work on RHEL 6 through RHEL 9 to Red Hat Jira (issues.redhat.com). If you're a Red Hat customer, please continue to file support cases via the Red Hat customer portal. If you're not, please head to the "RHEL project" in Red Hat Jira and file new tickets here. Individual Bugzilla bugs in the statuses "NEW", "ASSIGNED", and "POST" are being migrated throughout September 2023. Bugs of Red Hat partners with an assigned Engineering Partner Manager (EPM) are migrated in late September as per pre-agreed dates. Bugs against components "kernel", "kernel-rt", and "kpatch" are only migrated if still in "NEW" or "ASSIGNED". If you cannot log in to RH Jira, please consult article #7032570. That failing, please send an e-mail to the RH Jira admins at rh-issues@redhat.com to troubleshoot your issue as a user management inquiry. The email creates a ServiceNow ticket with Red Hat. Individual Bugzilla bugs that are migrated will be moved to status "CLOSED", resolution "MIGRATED", and set with "MigratedToJIRA" in "Keywords". The link to the successor Jira issue will be found under "Links", have a little "two-footprint" icon next to it, and direct you to the "RHEL project" in Red Hat Jira (issue links are of type "https://issues.redhat.com/browse/RHEL-XXXX", where "X" is a digit). This same link will be available in a blue banner at the top of the page informing you that that bug has been migrated.

Bug 598920 - Kernel panic when set vlan in RHEL 6.0 32 bit

Summary: Kernel panic when set vlan in RHEL 6.0 32 bit

Keywords:
Status:	CLOSED CURRENTRELEASE
Alias:	None
Product:	Red Hat Enterprise Linux 6
Classification:	Red Hat
Component:	kernel
Sub Component:
Version:	6.0
Hardware:	All
OS:	Linux
Priority:	urgent
Severity:	urgent
Target Milestone:	rc
Target Release:	---
Assignee:	Michael S. Tsirkin
QA Contact:	Red Hat Kernel QE team
Docs Contact:
URL:
Whiteboard:
Duplicates (1):	608183 (view as bug list)
Depends On:
Blocks:
TreeView+	depends on / blocked

Reported:	2010-06-02 10:49 UTC by Joy Pu
Modified:	2018-10-27 10:45 UTC (History)
CC List:	6 users (show)
Fixed In Version:
Doc Type:	Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed:	2010-07-05 11:03:36 UTC
Target Upstream Version:
Embargoed:

Attachments	(Terms of Use)
Whole log of the paniced guest from serial port (24.90 KB, text/plain) 2010-06-02 10:51 UTC, Joy Pu	no flags	Details
Whole log of -netdev from serial port (34.89 KB, application/octet-stream) 2010-06-10 05:08 UTC, Joy Pu	no flags	Details
Whole log of -netdev from serial port and new qemu-kvm (43.02 KB, application/octet-stream) 2010-06-10 05:29 UTC, Joy Pu	no flags	Details
View All

Description Joy Pu 2010-06-02 10:49:55 UTC

Description:
Start up two 32 bit vms. Set them to the same vlan. Guest kernel will panic and reboot when there is data received from vlan. And after the kernel reboot automatically, there will be a kernel panic of virtio_blk.

Version-Release number of selected component (if applicable):
host kernel: 2.6.32-25.el6.x86_64
guest kernel: 2.6.32-31.el6.i686
#  rpm -qa |grep qemu
qemu-img-0.12.1.2-2.68.el6.x86_64
qemu-kvm-0.12.1.2-2.68.el6.x86_64
qemu-kvm-debuginfo-0.12.1.2-2.68.el6.x86_64
gpxe-roms-qemu-0.9.7-6.3.el6.noarch
qemu-kvm-tools-0.12.1.2-2.68.el6.x86_64

How reproducible:
Always

Steps to Reproduce:
1. Boot up two 32 bit RHEL-6.0 guests
2. Listen to the serial port of two guests with nc:
nc -U /tmp/serial-20100602-102220-SjdG
nc -U /tmp/serial-20100602-102220-SjdG2

3. Set the ip two the guest in the same vlan:
guest 1:
# /etc/init.d/iptables stop
# modprobe 8021q
# vconfig add eth0 1
# ifconfig eth0.1 192.168.1.1
guest 2:
# /etc/init.d/iptables stop
# modprobe 8021q
# vconfig add eth0 1
# ifconfig eth0.1 192.168.2.1
4. Kernel panic in the guest which is set in the vlan first.


Actual results:
Kernel panic when set more than one guest in the same vlan

Expected results:
Can set several guest in the same vlan.

Additional info:
1. The command line:
guest 1:
/root/work/autotest/client/tests/kvm/qemu -name 'vm1' -monitor tcp:0:6001,server,nowait -drive file=/root/work/autotest/client/tests/kvm/images/RHEL-Server-6.0-32-virtio.raw,if=virtio,cache=writethrou,boot=on -net nic,vlan=0,model=virtio,macaddr=02:30:0D:20:13:d8 -net tap,vlan=0,ifname=virtio_0_6001,script=/root/work/autotest/client/tests/kvm/scripts/qemu-ifup-switch,downscript=no,vhost=on -m 4096 -smp 2 -soundhw ac97 -redir tcp:5000::22 -vnc :0  -snapshot -serial unix:/tmp/serial-20100602-102220-SjdG,server,nowait
guest 2:
/root/work/autotest/client/tests/kvm/qemu -name 'vm2' -monitor tcp:0:6002,server,nowait -drive file=/root/work/autotest/client/tests/kvm/images/RHEL-Server-6.0-32-virtio.raw,if=virtio,cache=writethrough,boot=o-net nic,vlan=0,model=virtio,macaddr=02:30:0D:20:13:d6 -net tap,vlan=0,ifname=virtio_0_6002,script=/root/work/autotest/client/tests/kvm/scripts/qemu-ifup-switch,downscript=no,vhost=on -m 4096 -smp 2 -soundhw ac97 -redir tcp:5000::23 -vnc :1  -snapshot -serial unix:/tmp/serial-20100602-102220-SjdG2,server,nowait


2.Host cpuinfo
processor       : 2
vendor_id       : AuthenticAMD
cpu family      : 16
model           : 2
model name      : AMD Phenom(tm) 8750 Triple-Core Processor
stepping        : 3
cpu MHz         : 1200.000
cache size      : 512 KB
physical id     : 0
siblings        : 3
core id         : 2
cpu cores       : 3
apicid          : 2
initial apicid  : 2
fpu             : yes
fpu_exception   : yes
cpuid level     : 5
wp              : yes
flags           : fpu vme de pse tsc msr pae mce cx8 apic mtrr pge mca cmov pat pse36 clflush mmx fxsr sse sse2 ht syscall nx mmxext fxsr_opt pdpe1gb rdtscp lm 3dnowext 3dnow constant_tsc rep_good nonstop_tsc extd_apicid pni monitor cx16 popcnt lahf_lm cmp_legacy svm extapic cr8_legacy abm sse4a misalignsse 3dnowprefetch osvw ibs
bogomips        : 4809.88
TLB size        : 1024 4K pages
clflush size    : 64
cache_alignment : 64
address sizes   : 48 bits physical, 48 bits virtual
power management: ts ttp tm stc 100mhzsteps hwpstate

3. Kernel panic info
I set the guest 1 in the vlan first, so I get the panic info from guest 1 serial port. The whole log is in the attachment:
vlan_skb_recv:
BUG: unable to handle kernel paging request at 0a73f000

IP: [<f7ec3df5>] vlan_skb_recv+0x95/0x310 [8021q]

*pdpt = 0000000034a76001 *pde = 0000000000000000 

Oops: 0002 [#1] SMP 

last sysfs file: /sys/devices/virtual/net/eth0.1/type

Modules linked in: 8021q(U) garp(U) stp(U) llc(U) ipv6(U) dm_mirror(U) dm_region_hash(U) dm_log(U) snd_intel8x0(U) snd_ac97_codec(U) ac97_bus(U) snd_seq(U) ppdev(U) snd_seq_device(U) parport_pc(U) parport(U) snd_pcm(U) sg(U) snd_timer(U) sr_mod(U) i2c_piix4(U) snd(U) soundcore(U) cdrom(U) snd_page_alloc(U) i2c_core(U) ext4(U) mbcache(U) jbd2(U) ata_generic(U) pata_acpi(U) virtio_blk(U) virtio_net(U) virtio_pci(U) virtio_ring(U) virtio(U) ata_piix(U) dm_mod(U) [last unloaded: scsi_wait_scan]



Pid: 0, comm: swapper Tainted: G S      W  (2.6.32-31.el6.i686 #1) Bochs

EIP: 0060:[<f7ec3df5>] EFLAGS: 00010206 CPU: 0

EIP is at vlan_skb_recv+0x95/0x310 [8021q]

EAX: 00000000 EBX: f23d5f00 ECX: f4bf0000 EDX: 00000004

ESI: 0a73f000 EDI: 00000001 EBP: c09e5e34 ESP: c09e5e08

 DS: 007b ES: 007b FS: 00d8 GS: 00e0 SS: 0068

Process swapper (pid: 0, ti=c09e4000 task=c09ee560 task.ti=c09e4000)

Stack:

 f180d000 00000246 c07f1b48 00000000 ffffffff f4b8c030 f4b8c030 f4bf0000

<0> f23d5f00 c0a4df80 00000081 f7ec5bc0 c0769ca9 f4bf0000 00000020 f708ecc0

<0> c0762350 c0a4dfa0 00000000 f4bf0000 f23d5fb4 f23d5f00 00001000 00000000

Call Trace:

 [<c07f1b48>] ? packet_rcv+0x48/0x360

 [<c0769ca9>] ? netif_receive_skb+0x349/0x530

 [<c0762350>] ? __alloc_skb+0x50/0x120

 [<f7e9efa6>] ? virtnet_poll+0x4e6/0x750 [virtio_net]

 [<c076a57a>] ? net_rx_action+0xda/0x1c0

 [<c04565af>] ? __do_softirq+0x8f/0x1b0

 [<c04af081>] ? move_native_irq+0x11/0x50

 [<c045670d>] ? do_softirq+0x3d/0x50

 [<c0456865>] ? irq_exit+0x65/0x70

 [<c040b620>] ? do_IRQ+0x50/0xc0

 [<c04258c4>] ? smp_apic_timer_interrupt+0x54/0x90

 [<c0409f90>] ? common_interrupt+0x30/0x38

 [<c042e5e2>] ? native_safe_halt+0x2/0x10

 [<c0410ce9>] ? default_idle+0x39/0x90

 [<c0408744>] ? cpu_idle+0x94/0xd0

 [<c0a5096e>] ? start_kernel+0x38d/0x392

 [<c0a5041f>] ? unknown_bootoption+0x0/0x190

Code: 32 e2 ff ff 85 c0 89 43 14 0f 84 07 01 00 00 8b 4c 24 1c ba 04 00 00 00 64 a1 a8 4c ac c0 8b b1 44 04 00 00 03 34 85 00 c7 a4 c0 <83> 06 01 8b 43 50 01 46 04 89 d8 e8 cb d0 89 c8 8b 43 14 89 fa 

EIP: [<f7ec3df5>] vlan_skb_recv+0x95/0x310 [8021q] SS:ESP 0068:c09e5e08

CR2: 000000000a73f000

virtio_blk:
------------[ cut here ]------------

kernel BUG at drivers/block/virtio_blk.c:169!

invalid opcode: 0000 [#1] SMP 

last sysfs file: 

Modules linked in: virtio_pci(+)(U) virtio_net(U) pata_acpi(U) ata_generic(U) cdrom(U) i2c_core(U) snd_page_alloc(U) soundcore(U) sg(U) parport(U) ac97_bus(U) ipv6(U) dm_snapshot(U) dm_zero(U) dm_mirror(U) dm_region_hash(U) dm_log(U) dm_mod(U) virtio_blk(U) virtio(U) virtio_ring(U) ext4(U) mbcache(U) jbd2(U)



Pid: 95, comm: insmod Not tainted (2.6.32-31.el6.i686 #1) Bochs

EIP: 0060:[<c98b63eb>] EFLAGS: 00010002 CPU: 0

EIP is at do_virtblk_request+0x27b/0x300 [virtio_blk]

EAX: 00000003 EBX: c7a8a130 ECX: 00000000 EDX: 00000000

ESI: c744ea40 EDI: c7542a00 EBP: c1012c08 ESP: c7b33a1c

 DS: 007b ES: 007b FS: 00d8 GS: 00e0 SS: 0068

Process insmod (pid: 95, ti=c7b32000 task=c7aca560 task.ti=c7b32000)

Stack:

 00000001 c888fe20 00000000 00000086 c1b0d500 c145ebb7 c7a8a130 00000000

<0> c1b0dc18 00000086 c744ea60 c744ea78 c744ea50 c7a8a130 00000002 c7b33ab4

<0> c1012c08 c15c5c13 c7a8a130 c15c5c42 c7a8a130 c15c0c80 c7a8a1ec 00000002

Call Trace:

 [<c145ebb7>] ? lock_timer_base+0x27/0x50

 [<c15c5c13>] ? __generic_unplug_device+0x23/0x30

 [<c15c5c42>] ? generic_unplug_device+0x22/0x40

 [<c15c0c80>] ? blk_unplug+0x20/0x50

 [<c153f8bc>] ? block_sync_page+0x2c/0x40

 [<c14d46b7>] ? sync_page+0x27/0x40

 [<c181488f>] ? __wait_on_bit_lock+0x3f/0x90

 [<c14d4690>] ? sync_page+0x0/0x40

 [<c14d4670>] ? __lock_page+0x80/0x90

 [<c146f890>] ? wake_bit_function+0x0/0x60

 [<c14d5649>] ? do_read_cache_page+0x139/0x160

 [<c15464e0>] ? blkdev_readpage+0x0/0x10

 [<c14d56bd>] ? read_cache_page_async+0x1d/0x30

 [<c14d56e0>] ? read_cache_page+0x10/0x20

 [<c156e3aa>] ? read_dev_sector+0x3a/0x90

 [<c1570ed7>] ? read_lba+0x117/0x130

 [<c15713a0>] ? find_valid_gpt+0xc0/0x690

 [<c167bb2e>] ? vt_console_print+0x22e/0x2e0

 [<c144f75b>] ? __call_console_drivers+0x5b/0x70

 [<c14743bb>] ? up+0xb/0x40

 [<c144fc4e>] ? release_console_sem+0x19e/0x1f0

 [<c15719d4>] ? efi_partition+0x64/0x3f0

 [<c15455e0>] ? bdev_test+0x0/0x10

 [<c15e2dbb>] ? snprintf+0x1b/0x20

 [<c156ea27>] ? disk_name+0xb7/0xc0

 [<c156f08b>] ? rescan_partitions+0x18b/0x4a0

 [<c15cd602>] ? get_disk+0x62/0xc0

 [<c16a211c>] ? kobj_lookup+0x12c/0x1c0

 [<c1571970>] ? efi_partition+0x0/0x3f0

 [<c1546b7a>] ? __blkdev_get+0x27a/0x340

 [<c154620d>] ? bdget+0xdd/0xf0

 [<c156e518>] ? register_disk+0x118/0x140

 [<c15cd92d>] ? blk_register_region+0x2d/0x40

 [<c15cd2b0>] ? exact_match+0x0/0x10

 [<c15cdacf>] ? add_disk+0x7f/0x140

 [<c15cd2b0>] ? exact_match+0x0/0x10

 [<c15cd660>] ? exact_lock+0x0/0x10

 [<c98b6a92>] ? virtblk_probe+0x44a/0x47d [virtio_blk]

 [<c98b60c0>] ? blk_done+0x0/0xb0 [virtio_blk]

 [<c98ab2c7>] ? virtio_dev_probe+0xa7/0xf0 [virtio]

 [<c169ffc7>] ? driver_probe_device+0x87/0x290

 [<c17ff592>] ? klist_next+0x62/0xd0

 [<c16a0250>] ? __device_attach+0x0/0x50

 [<c169f102>] ? bus_for_each_drv+0x52/0x80

 [<c16a0342>] ? device_attach+0x72/0x90

 [<c16a0250>] ? __device_attach+0x0/0x50

 [<c169eecd>] ? bus_probe_device+0x1d/0x40

 [<c169d696>] ? device_add+0x4d6/0x5f0

 [<c140a2d5>] ? apic_timer_interrupt+0x31/0x38

 [<c98ab3e5>] ? register_virtio_device+0x65/0x80 [virtio]

 [<c9ab3deb>] ? virtio_pci_probe+0x140/0x17b [virtio_pci]

 [<c1574643>] ? sysfs_do_create_link+0xa3/0x120

 [<c15f3ffb>] ? local_pci_probe+0xb/0x10

 [<c15f4df1>] ? pci_device_probe+0x61/0x80

 [<c169ffc7>] ? driver_probe_device+0x87/0x290

 [<c15f40d0>] ? pci_match_device+0x10/0xb0

 [<c16a0249>] ? __driver_attach+0x79/0x80

 [<c16a01d0>] ? __driver_attach+0x0/0x80

 [<c169f3c2>] ? bus_for_each_dev+0x52/0x80

 [<c169fdb6>] ? driver_attach+0x16/0x20

 [<c16a01d0>] ? __driver_attach+0x0/0x80

 [<c169f76f>] ? bus_add_driver+0x1cf/0x320

 [<c15f4d30>] ? pci_device_remove+0x0/0x40

 [<c16a04d3>] ? driver_register+0x63/0x120

 [<c169d832>] ? __root_device_register+0x72/0xf0

 [<c9ab7000>] ? virtio_pci_init+0x0/0x46 [virtio_pci]

 [<c15f500d>] ? __pci_register_driver+0x3d/0xb0

 [<c9ab7032>] ? virtio_pci_init+0x32/0x46 [virtio_pci]

 [<c140303f>] ? do_one_initcall+0x2f/0x1c0

 [<c148a844>] ? sys_init_module+0xb4/0x220

 [<c151a5e1>] ? sys_read+0x41/0x70

 [<c1517256>] ? sys_close+0x56/0xa0

 [<c140997c>] ? syscall_call+0x7/0xb

Code: 7e 89 43 10 e9 4a fe ff ff 8b 56 18 89 d8 e8 ad 08 c2 f7 8b 44 24 18 e8 54 09 d1 f7 83 7c 24 1c 00 75 0c 83 c4 34 5b 5e 5f 5d c3 <0f> 0b eb fe 8b 46 08 83 c4 34 5b 5e 5f 5d e9 02 9c fe ff 8b 6c 

EIP: [<c98b63eb>] do_virtblk_request+0x27b/0x300 [virtio_blk] SS:ESP 0068:c7b33a1c

---[ end trace f44635d0f2cf17cb ]---

Kernel panic - not syncing: Fatal exception

Pid: 95, comm: insmod Tainted: G      D    2.6.32-31.el6.i686 #1

Call Trace:

 [<c1813534>] ? panic+0x42/0xed

 [<c1816bcc>] ? oops_end+0xbc/0xd0

 [<c140aef0>] ? do_invalid_op+0x0/0x90

 [<c140af6f>] ? do_invalid_op+0x7f/0x90

 [<c98b63eb>] ? do_virtblk_request+0x27b/0x300 [virtio_blk]

 [<c15d602c>] ? cfq_dispatch_insert+0x9c/0x100

 [<c15d7b1f>] ? cfq_dispatch_requests+0x24f/0x8d0

 [<c150d814>] ? cache_alloc_refill+0x1c4/0x550

 [<c1815fab>] ? error_code+0x73/0x78

 [<c98b63eb>] ? do_virtblk_request+0x27b/0x300 [virtio_blk]

 [<c145ebb7>] ? lock_timer_base+0x27/0x50

 [<c15c5c13>] ? __generic_unplug_device+0x23/0x30

 [<c15c5c42>] ? generic_unplug_device+0x22/0x40

 [<c15c0c80>] ? blk_unplug+0x20/0x50

 [<c153f8bc>] ? block_sync_page+0x2c/0x40

 [<c14d46b7>] ? sync_page+0x27/0x40

 [<c181488f>] ? __wait_on_bit_lock+0x3f/0x90

 [<c14d4690>] ? sync_page+0x0/0x40

 [<c14d4670>] ? __lock_page+0x80/0x90

 [<c146f890>] ? wake_bit_function+0x0/0x60

 [<c14d5649>] ? do_read_cache_page+0x139/0x160

 [<c15464e0>] ? blkdev_readpage+0x0/0x10

 [<c14d56bd>] ? read_cache_page_async+0x1d/0x30

 [<c14d56e0>] ? read_cache_page+0x10/0x20

 [<c156e3aa>] ? read_dev_sector+0x3a/0x90

 [<c1570ed7>] ? read_lba+0x117/0x130

 [<c15713a0>] ? find_valid_gpt+0xc0/0x690

 [<c167bb2e>] ? vt_console_print+0x22e/0x2e0

 [<c144f75b>] ? __call_console_drivers+0x5b/0x70

 [<c14743bb>] ? up+0xb/0x40

 [<c144fc4e>] ? release_console_sem+0x19e/0x1f0

 [<c15719d4>] ? efi_partition+0x64/0x3f0

 [<c15455e0>] ? bdev_test+0x0/0x10

 [<c15e2dbb>] ? snprintf+0x1b/0x20

 [<c156ea27>] ? disk_name+0xb7/0xc0

 [<c156f08b>] ? rescan_partitions+0x18b/0x4a0

 [<c15cd602>] ? get_disk+0x62/0xc0

 [<c16a211c>] ? kobj_lookup+0x12c/0x1c0

 [<c1571970>] ? efi_partition+0x0/0x3f0

 [<c1546b7a>] ? __blkdev_get+0x27a/0x340

 [<c154620d>] ? bdget+0xdd/0xf0

 [<c156e518>] ? register_disk+0x118/0x140

 [<c15cd92d>] ? blk_register_region+0x2d/0x40

 [<c15cd2b0>] ? exact_match+0x0/0x10

 [<c15cdacf>] ? add_disk+0x7f/0x140

 [<c15cd2b0>] ? exact_match+0x0/0x10

 [<c15cd660>] ? exact_lock+0x0/0x10

 [<c98b6a92>] ? virtblk_probe+0x44a/0x47d [virtio_blk]

 [<c98b60c0>] ? blk_done+0x0/0xb0 [virtio_blk]

 [<c98ab2c7>] ? virtio_dev_probe+0xa7/0xf0 [virtio]

 [<c169ffc7>] ? driver_probe_device+0x87/0x290

 [<c17ff592>] ? klist_next+0x62/0xd0

 [<c16a0250>] ? __device_attach+0x0/0x50

 [<c169f102>] ? bus_for_each_drv+0x52/0x80

 [<c16a0342>] ? device_attach+0x72/0x90

 [<c16a0250>] ? __device_attach+0x0/0x50

 [<c169eecd>] ? bus_probe_device+0x1d/0x40

 [<c169d696>] ? device_add+0x4d6/0x5f0

 [<c140a2d5>] ? apic_timer_interrupt+0x31/0x38

 [<c98ab3e5>] ? register_virtio_device+0x65/0x80 [virtio]

 [<c9ab3deb>] ? virtio_pci_probe+0x140/0x17b [virtio_pci]

 [<c1574643>] ? sysfs_do_create_link+0xa3/0x120

 [<c15f3ffb>] ? local_pci_probe+0xb/0x10

 [<c15f4df1>] ? pci_device_probe+0x61/0x80

 [<c169ffc7>] ? driver_probe_device+0x87/0x290

 [<c15f40d0>] ? pci_match_device+0x10/0xb0

 [<c16a0249>] ? __driver_attach+0x79/0x80

 [<c16a01d0>] ? __driver_attach+0x0/0x80

 [<c169f3c2>] ? bus_for_each_dev+0x52/0x80

 [<c169fdb6>] ? driver_attach+0x16/0x20

 [<c16a01d0>] ? __driver_attach+0x0/0x80

 [<c169f76f>] ? bus_add_driver+0x1cf/0x320

 [<c15f4d30>] ? pci_device_remove+0x0/0x40

 [<c16a04d3>] ? driver_register+0x63/0x120

 [<c169d832>] ? __root_device_register+0x72/0xf0

 [<c9ab7000>] ? virtio_pci_init+0x0/0x46 [virtio_pci]

 [<c15f500d>] ? __pci_register_driver+0x3d/0xb0

 [<c9ab7032>] ? virtio_pci_init+0x32/0x46 [virtio_pci]

 [<c140303f>] ? do_one_initcall+0x2f/0x1c0

 [<c148a844>] ? sys_init_module+0xb4/0x220

 [<c151a5e1>] ? sys_read+0x41/0x70

 [<c1517256>] ? sys_close+0x56/0xa0

 [<c140997c>] ? syscall_call+0x7/0xb

Comment 1 Joy Pu 2010-06-02 10:51:25 UTC

Created attachment 418988 [details]
Whole log of the paniced guest from serial port

Comment 3 RHEL Program Management 2010-06-02 19:45:32 UTC

This request was evaluated by Red Hat Product Management for inclusion in a Red
Hat Enterprise Linux major release.  Product Management has requested further
review of this request by Red Hat Engineering, for potential inclusion in a Red
Hat Enterprise Linux Major release.  This request is not yet committed for
inclusion.

Comment 5 Joy Pu 2010-06-10 03:37:22 UTC

Try to use -netdev 
Change command line to:
guest 1:
/root/work/autotest/client/tests/kvm/qemu -name 'vm1' -monitor tcp:0:6001,server,nowait -drive file=/root/work/autotest/client/tests/kvm/images/RHEL-Server-6.0-32-virtio.raw,if=virtio,cache=writethrough,boot=on -net nic,vlan=0,model=virtio,macaddr=02:30:0D:20:13:d8,netdev=foo -netdev tap,id=foo,ifname=virtio_0_6001,script=/root/work/autotest/client/tests/kvm/scripts/qemu-ifup-switch,downscript=no,vhost=on -m 4096 -smp 2 -soundhw ac97 -redir tcp:5000::22 -vnc :0  -snapshot -serial unix:/tmp/serial-20100602-102220-SjdG,server,nowait
guest 2:
/root/work/autotest/client/tests/kvm/qemu -name 'vm2' -monitor tcp:0:6002,server,nowait -drive file=/root/work/autotest/client/tests/kvm/images/RHEL-Server-6.0-32-virtio.raw,if=virtio,cache=writethrough,boot=on -net nic,vlan=0,model=virtio,macaddr=02:30:0D:20:13:d6,netdev=foo1 -netdev tap,id=foo1,ifname=virtio_0_6002,script=/root/work/autotest/client/tests/kvm/scripts/qemu-ifup-switch,downscript=no,vhost=on -m 4096 -smp 2 -soundhw ac97 -redir tcp:5000::23 -vnc :1  -snapshot -serial unix:/tmp/serial-20100602-102220-SjdG2,server,nowait

Still have this problem:
BUG: unable to handle kernel paging request at 0ad3f000

IP: [<f7f63df5>] vlan_skb_recv+0x95/0x310 [8021q]

*pdpt = 0000000032cdb001 *pde = 0000000000000000 

Oops: 0002 [#1] SMP 

last sysfs file: /sys/devices/pci0000:00/0000:00:05.0/local_cpus

Modules linked in: 8021q(U) garp(U) stp(U) llc(U) autofs4(U) sunrpc(U) ip6t_REJECT(U) nf_conntrack_ipv6(U) ip6table_filter(U) ip6_tables(U) ipv6(U) dm_mirror(U) dm_region_hash(U) dm_log(U) snd_intel8x0(U) snd_ac97_codec(U) ac97_bus(U) snd_seq(U) ppdev(U) snd_seq_device(U) parport_pc(U) snd_pcm(U) parport(U) snd_timer(U) snd(U) i2c_piix4(U) virtio_net(U) i2c_core(U) soundcore(U) snd_page_alloc(U) sg(U) ext4(U) mbcache(U) jbd2(U) sr_mod(U) cdrom(U) ata_generic(U) pata_acpi(U) virtio_blk(U) virtio_pci(U) virtio_ring(U) virtio(U) ata_piix(U) dm_mod(U) [last unloaded: scsi_wait_scan]



Pid: 0, comm: swapper Tainted: G S      W  (2.6.32-31.el6.i686 #1) Bochs

EIP: 0060:[<f7f63df5>] EFLAGS: 00010206 CPU: 0

EIP is at vlan_skb_recv+0x95/0x310 [8021q]

EAX: 00000000 EBX: f2d48c00 ECX: f4ad4000 EDX: 00000004

ESI: 0ad3f000 EDI: 00000001 EBP: c09e5e34 ESP: c09e5e08

 DS: 007b ES: 007b FS: 00d8 GS: 00e0 SS: 0068

Process swapper (pid: 0, ti=c09e4000 task=c09ee560 task.ti=c09e4000)

Stack:

 f44cd400 00000246 c07f1b48 00000000 00000641 f2cf0630 f2cf0630 f4ad4000

<0> f2d48c00 c0a4df80 00000081 f7f65bc0 c0769ca9 f4ad4000 00000020 f708ecc0

<0> c0762350 c0a4dfa0 00000000 f4ad4000 f2d48cb4 f2d48c00 f200b06e f2cf0680

Call Trace:

 [<c07f1b48>] ? packet_rcv+0x48/0x360

 [<c0769ca9>] ? netif_receive_skb+0x349/0x530

 [<c0762350>] ? __alloc_skb+0x50/0x120

 [<f8704fa6>] ? virtnet_poll+0x4e6/0x750 [virtio_net]

 [<c076a57a>] ? net_rx_action+0xda/0x1c0

 [<c04565af>] ? __do_softirq+0x8f/0x1b0

 [<c04af081>] ? move_native_irq+0x11/0x50

 [<c045670d>] ? do_softirq+0x3d/0x50

 [<c0456865>] ? irq_exit+0x65/0x70

 [<c040b620>] ? do_IRQ+0x50/0xc0

 [<c04258c4>] ? smp_apic_timer_interrupt+0x54/0x90

 [<c0409f90>] ? common_interrupt+0x30/0x38

 [<c042e5e2>] ? native_safe_halt+0x2/0x10

 [<c0410ce9>] ? default_idle+0x39/0x90

 [<c0408744>] ? cpu_idle+0x94/0xd0

 [<c0a5096e>] ? start_kernel+0x38d/0x392

 [<c0a5041f>] ? unknown_bootoption+0x0/0x190

Code: 32 e2 ff ff 85 c0 89 43 14 0f 84 07 01 00 00 8b 4c 24 1c ba 04 00 00 00 64 a1 a8 4c ac c0 8b b1 44 04 00 00 03 34 85 00 c7 a4 c0 <83> 06 01 8b 43 50 01 46 04 89 d8 e8 cb d0 7f c8 8b 43 14 89 fa 

EIP: [<f7f63df5>] vlan_skb_recv+0x95/0x310 [8021q] SS:ESP 0068:c09e5e08

CR2: 000000000ad3f000

And the reboot will get a coredump.

Comment 6 Joy Pu 2010-06-10 05:08:17 UTC

Created attachment 422778 [details]
Whole log of -netdev from serial port

Comment 7 Joy Pu 2010-06-10 05:28:24 UTC

The coredump is caused by the old qemu-kvm. After upgrade the qemu-kvm. The problem is still as the first version. Details are in the attachment.
rpm -qa|grep qemu
qemu-kvm-0.12.1.2-2.72.el6.x86_64
qemu-kvm-debuginfo-0.12.1.2-2.68.el6.x86_64
qemu-img-0.12.1.2-2.72.el6.x86_64
gpxe-roms-qemu-0.9.7-6.3.el6.noarch
qemu-kvm-tools-0.12.1.2-2.68.el6.x86_64

Comment 8 Joy Pu 2010-06-10 05:29:12 UTC

Created attachment 422782 [details]
Whole log of -netdev from serial port and new qemu-kvm

Comment 15 John Jarvis 2010-06-28 17:13:16 UTC

*** Bug 608183 has been marked as a duplicate of this bug. ***

Comment 16 Aristeu Rozanski 2010-07-01 16:23:53 UTC

Patch(es) available on kernel-2.6.32-42.el6

Comment 19 Jan Tluka 2010-07-02 18:18:24 UTC

Verified using following config:

host:
# uname -r
2.6.32-25.el6.x86_64
# rpm -qa | grep qemu
qemu-kvm-0.12.1.2-2.68.2.el6.x86_64
gpxe-roms-qemu-0.9.7-6.3.el6.noarch
qemu-img-0.12.1.2-2.68.2.el6.x86_64
qemu-kvm-tools-0.12.1.2-2.68.2.el6.x86_64

32 bit guests:
# uname -r
2.6.32-42.el6.i686

Guests did not panic after VLAN ID assignment.

Guests panicked on older kernel - 2.6.32-37.el6.i686

Comment 20 Joy Pu 2010-07-05 11:03:36 UTC

Verified the patch in kernel 2.6.32-42.el6. Vlan in 32bit guest can be set and transfer file properly.

Note You need to log in before you can comment on or make changes to this bug.