604210 – Segmentation fault when check preallocated qcow2 image on lvm.

RHEL Engineering is moving the tracking of its product development work on RHEL 6 through RHEL 9 to Red Hat Jira (issues.redhat.com). If you're a Red Hat customer, please continue to file support cases via the Red Hat customer portal. If you're not, please head to the "RHEL project" in Red Hat Jira and file new tickets here. Individual Bugzilla bugs in the statuses "NEW", "ASSIGNED", and "POST" are being migrated throughout September 2023. Bugs of Red Hat partners with an assigned Engineering Partner Manager (EPM) are migrated in late September as per pre-agreed dates. Bugs against components "kernel", "kernel-rt", and "kpatch" are only migrated if still in "NEW" or "ASSIGNED". If you cannot log in to RH Jira, please consult article #7032570. That failing, please send an e-mail to the RH Jira admins at rh-issues@redhat.com to troubleshoot your issue as a user management inquiry. The email creates a ServiceNow ticket with Red Hat. Individual Bugzilla bugs that are migrated will be moved to status "CLOSED", resolution "MIGRATED", and set with "MigratedToJIRA" in "Keywords". The link to the successor Jira issue will be found under "Links", have a little "two-footprint" icon next to it, and direct you to the "RHEL project" in Red Hat Jira (issue links are of type "https://issues.redhat.com/browse/RHEL-XXXX", where "X" is a digit). This same link will be available in a blue banner at the top of the page informing you that that bug has been migrated.

Bug 604210 - Segmentation fault when check preallocated qcow2 image on lvm.

Summary: Segmentation fault when check preallocated qcow2 image on lvm.

Keywords:
Status:	CLOSED CURRENTRELEASE
Alias:	None
Product:	Red Hat Enterprise Linux 6
Classification:	Red Hat
Component:	qemu-kvm
Sub Component:
Version:	6.0
Hardware:	All
OS:	Linux
Priority:	low
Severity:	medium
Target Milestone:	rc
Target Release:	---
Assignee:	Kevin Wolf
QA Contact:	Virtualization Bugs
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+	depends on / blocked

Reported:	2010-06-15 15:50 UTC by lihuang
Modified:	2013-01-09 22:44 UTC (History)
CC List:	6 users (show)
Fixed In Version:	qemu-kvm-0.12.1.2-2.82.el6
Doc Type:	Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed:	2010-07-03 18:55:14 UTC
Target Upstream Version:
Embargoed:

Attachments	(Terms of Use)

Description lihuang 2010-06-15 15:50:57 UTC

Description of problem:
the lvm is 2g. 

[root@t70 qemu-kvm-0.12.1.2]# lvs
  LV      VG     Attr   LSize   Origin Snap%  Move Log Copy%  Convert
...
  lvtest  vgtest -wi-a-   2.00g                                      

the qcow2 is created as 20G 
qemu-img create -f qcow2 -o preallocation=metadata /dev/vgtest/lvtest 20G

run qemu-img check on the image got the crash.

ERROR: invalid cluster offset=0x1100010000000000

Core was generated by `qemu-img check -f qcow2 /dev/vgtest/lvtest'.
Program terminated with signal 11, Segmentation fault.
#0  0x000000000041f3aa in qcow2_check_refcounts (bs=0x1f662e0)
    at block/qcow2-refcount.c:1098
1098                if (refcount_table[offset / s->cluster_size] != 1) {
Missing separate debuginfos, use: debuginfo-install glibc-2.12-1.2.el6.x86_64 libaio-0.3.107-10.el6.x86_64 zlib-1.2.3-24.el6.x86_64
(gdb) bt
#0  0x000000000041f3aa in qcow2_check_refcounts (bs=0x1f662e0)
    at block/qcow2-refcount.c:1098
#1  0x0000000000403bf1 in img_check (argc=<value optimized out>, 
    argv=<value optimized out>) at qemu-img.c:420
#2  0x00000031d641ec5d in __libc_start_main () from /lib64/libc.so.6
#3  0x0000000000402d09 in _start ()



Version-Release number of selected component (if applicable):
qemu-kvm-0.12.1.2-2.74.el6.x86_64


How reproducible:
100%

Steps to Reproduce:
1.
2.
3.
  
Actual results:


Expected results:


Additional info:

Comment 2 RHEL Program Management 2010-06-15 16:13:14 UTC

This request was evaluated by Red Hat Product Management for inclusion in a Red
Hat Enterprise Linux major release.  Product Management has requested further
review of this request by Red Hat Engineering, for potential inclusion in a Red
Hat Enterprise Linux Major release.  This request is not yet committed for
inclusion.

Comment 3 Yaniv Kaul 2010-06-22 09:51:03 UTC

(In reply to comment #0)
> Description of problem:
> the lvm is 2g. 
> 
> [root@t70 qemu-kvm-0.12.1.2]# lvs
>   LV      VG     Attr   LSize   Origin Snap%  Move Log Copy%  Convert
> ...
>   lvtest  vgtest -wi-a-   2.00g                                      
> 
> the qcow2 is created as 20G 
> qemu-img create -f qcow2 -o preallocation=metadata /dev/vgtest/lvtest 20G
> 
> run qemu-img check on the image got the crash.
> 
> ERROR: invalid cluster offset=0x1100010000000000
> 
> Core was generated by `qemu-img check -f qcow2 /dev/vgtest/lvtest'.
> Program terminated with signal 11, Segmentation fault.
> #0  0x000000000041f3aa in qcow2_check_refcounts (bs=0x1f662e0)
>     at block/qcow2-refcount.c:1098
> 1098                if (refcount_table[offset / s->cluster_size] != 1) {
> Missing separate debuginfos, use: debuginfo-install glibc-2.12-1.2.el6.x86_64
> libaio-0.3.107-10.el6.x86_64 zlib-1.2.3-24.el6.x86_64

Why not install the above and provide a better backtrace?

> (gdb) bt
> #0  0x000000000041f3aa in qcow2_check_refcounts (bs=0x1f662e0)
>     at block/qcow2-refcount.c:1098

A bit of check on the value of s->cluster_size and possibly the other variables in line 1098 would have produced a much better bug report.

> #1  0x0000000000403bf1 in img_check (argc=<value optimized out>, 
>     argv=<value optimized out>) at qemu-img.c:420
> #2  0x00000031d641ec5d in __libc_start_main () from /lib64/libc.so.6
> #3  0x0000000000402d09 in _start ()
>

Comment 8 lihuang 2010-07-03 18:54:56 UTC

Tested on qemu-kvm-0.12.1.2-2.82.el6.

1. qemu-img reporting right error message wheh checking the faulty image (lv) in #c0

qemu-img check -f qcow2 /dev/vgtest/lvtest  
ERROR refcount block 8191 is outside image
1 errors were found on the image.


2. can not create image when offset is outside image .
[root@t70 82]# lvs
  LV      VG     Attr   LSize   Origin Snap%  Move Log Copy%  Convert
  lvtest  vgtest -wi-a-   2.00g                                      

[root@t70 82]# qemu-img create -f qcow2 -o preallocation=metadata /dev/vgtest/lvtest 2G
Formatting '/dev/vgtest/lvtest', fmt=qcow2 size=10737418240 encryption=off cluster_size=0 preallocation='metadata' 
qemu-img: /dev/vgtest/lvtest: error while creating qcow2: Input/output error

Comment 9 lihuang 2010-07-03 19:01:10 UTC

(In reply to comment #8)
> Tested on qemu-kvm-0.12.1.2-2.82.el6.
> 
> 1. qemu-img reporting right error message wheh checking the faulty image (lv)
> in #c0
> 
> qemu-img check -f qcow2 /dev/vgtest/lvtest  
> ERROR refcount block 8191 is outside image
> 1 errors were found on the image.
> 
> 
> 2. can not create image when offset is outside image .
> [root@t70 82]# lvs
>   LV      VG     Attr   LSize   Origin Snap%  Move Log Copy%  Convert
>   lvtest  vgtest -wi-a-   2.00g                                      
> 
> [root@t70 82]# qemu-img create -f qcow2 -o preallocation=metadata
> /dev/vgtest/lvtest 2G
> Formatting '/dev/vgtest/lvtest', fmt=qcow2 size=10737418240 encryption=off
> cluster_size=0 preallocation='metadata' 
> qemu-img: /dev/vgtest/lvtest: error while creating qcow2: Input/output error    

3. create qcow2 without preallocation. full installation RHEL5.5 guest on with the image. run qemu-img check when the guest is PAUSED on enospc error. 
   --> there is some harmless warnning. but no segfault.

Note You need to log in before you can comment on or make changes to this bug.