RHEL Engineering is moving the tracking of its product development work on RHEL 6 through RHEL 9 to Red Hat Jira (issues.redhat.com). If you're a Red Hat customer, please continue to file support cases via the Red Hat customer portal. If you're not, please head to the "RHEL project" in Red Hat Jira and file new tickets here. Individual Bugzilla bugs in the statuses "NEW", "ASSIGNED", and "POST" are being migrated throughout September 2023. Bugs of Red Hat partners with an assigned Engineering Partner Manager (EPM) are migrated in late September as per pre-agreed dates. Bugs against components "kernel", "kernel-rt", and "kpatch" are only migrated if still in "NEW" or "ASSIGNED". If you cannot log in to RH Jira, please consult article #7032570. That failing, please send an e-mail to the RH Jira admins at rh-issues@redhat.com to troubleshoot your issue as a user management inquiry. The email creates a ServiceNow ticket with Red Hat. Individual Bugzilla bugs that are migrated will be moved to status "CLOSED", resolution "MIGRATED", and set with "MigratedToJIRA" in "Keywords". The link to the successor Jira issue will be found under "Links", have a little "two-footprint" icon next to it, and direct you to the "RHEL project" in Red Hat Jira (issue links are of type "https://issues.redhat.com/browse/RHEL-XXXX", where "X" is a digit). This same link will be available in a blue banner at the top of the page informing you that that bug has been migrated.
Bug 688883 - qemu-kvm process quits when windows guest doing S3 w/ qxl device
Summary: qemu-kvm process quits when windows guest doing S3 w/ qxl device
Keywords:
Status: CLOSED CURRENTRELEASE
Alias: None
Product: Red Hat Enterprise Linux 8
Classification: Red Hat
Component: spice-qxl-xddm
Version: ---
Hardware: Unspecified
OS: Unspecified
high
high
Target Milestone: rc
: ---
Assignee: Alon Levy
QA Contact: Desktop QE
URL:
Whiteboard:
: 676826 (view as bug list)
Depends On: 723480
Blocks: 565939 706711
TreeView+ depends on / blocked
 
Reported: 2011-03-18 11:42 UTC by Xiaoqing Wei
Modified: 2019-10-10 13:42 UTC (History)
22 users (show)

Fixed In Version: qemu-kvm-0.12.1.2-2.183.el6 do -0.1-12
Doc Type: Bug Fix
Doc Text:
When Windows guests suspended to memory (S3) the qemu-kvm process would end, sometimes generating a core dump. Updates have been made to the Windows SPICE driver, in conjunction with updates to qemu-kvm, ensure that suspend and resume now works for Windows guests.
Clone Of:
: 706711 (view as bug list)
Environment:
Last Closed: 2014-01-21 15:10:35 UTC
Type: ---
Target Upstream Version:
Embargoed:


Attachments (Terms of Use)
echo nop > current_tracer // echo kvm > set_event (643.02 KB, application/x-bzip)
2011-03-18 11:42 UTC, Xiaoqing Wei
no flags Details
win7 doing s3 with sm101 qxl driver (21.97 KB, image/png)
2011-04-19 06:51 UTC, Xiaoqing Wei
no flags Details

Description Xiaoqing Wei 2011-03-18 11:42:46 UTC
Created attachment 486217 [details]
echo nop > current_tracer     // echo  kvm > set_event

Description of problem:
windows guest can  do S3 when using qxl video adapter,
when windows guest do s3,the qemu-kvm process will quit,
sometimes can produce a core dump

guest tested:
winXP-32,win2003-32/64,win7-32

win7-64 also tested,but this driver not work on it,it shows a yellow "!" in device manager after installed driver and reboot.

Version-Release number of selected component (if applicable):
qemu-kvm-0.12.1.2-2.150.el6.x86_64

How reproducible:
100%

Steps to Reproduce:
1.boot a winXP guest with qxl video adapter using:
qemu-kvm -name 'XP' -monitor stdio -chardev socket,id=serial_gJRf,path=/tmp/serial-20110307-181453-vBnV,server,nowait -device isa-serial,chardev=serial_gJRf -drive file='kvm-test/tests/kvm/images/winXP-32-virtio.qcow2',index=0,if=ide,media=disk,cache=none,format=qcow2,aio=native -device virtio-net-pci,netdev=idY5P6kp,mac=9a:ef:ac:4d:b3:92,netdev=idY5P6kp,id=ndev00idY5P6kp,bus=pci.0,addr=0x3 -netdev tap,id=idY5P6kp,vhost=on,ifname='t0-181453-vBnV',script='kvm-test/tests/kvm/scripts/qemu-ifup-switch',downscript='no' -m 2048 -smp 2,cores=1,threads=1,sockets=2 -cpu cpu64-rhel6,+sse2,+x2apic -spice port=8000,disable-ticketing -rtc base=localtime,clock=host,driftfix=none  -boot order=cdn,once=c,menu=off   -usbdevice tablet -enable-kvm \
 -vga qxl
2.install the lateset video driver for guest   0.1-4,and reboot guest to apply the driver
3.after reboot,select stanby ,now the qemu-kvm process will quit and print:

" handle_dev_destroy_surfaces: 
handle_dev_destroy_surfaces: 
handle_dev_destroy_surfaces: 
qxl_phys2virt: PANIC !qxl->guest_slots[slot].active failed"
  
Actual results:
host qemu-kvm quits
Expected results:
guest S3 successfully

Additional info:
kernel-2.6.32-120.el6.x86_64
vgabios-0.6b-3.5.el6.noarch

less /proc/cpuinfo
processor       : 3
vendor_id       : GenuineIntel
cpu family      : 6
model           : 23
model name      : Intel(R) Core(TM)2 Quad CPU    Q9400  @ 2.66GHz
stepping        : 10
cpu MHz         : 2659.665
cache size      : 3072 KB





info of xp core dump:
Core was generated by `qemu-kvm -name XP -monitor stdio -chardev socket,id=serial_gJRf,path=/tmp/seria'.
Program terminated with signal 6, Aborted.
#0  0x00000039144329a5 in raise () from /lib64/libc.so.6

(gdb) bt
#0  0x00000039144329a5 in raise () from /lib64/libc.so.6
#1  0x0000003914434185 in abort () from /lib64/libc.so.6
#2  0x00000037b0010727 in validate_virt (info=<value optimized out>, virt=<value optimized out>, 
    slot_id=<value optimized out>, add_size=<value optimized out>, group_id=<value optimized out>)
    at red_memslots.c:83
#3  0x00000037b00107cc in get_virt (info=<value optimized out>, addr=<value optimized out>, 
    add_size=<value optimized out>, group_id=1) at red_memslots.c:122
#4  0x00000037b002cb98 in handle_dev_create_primary_surface (listener=0x7fc4cfe2a8e0, 
    events=<value optimized out>) at red_worker.c:9865
#5  handle_dev_input (listener=0x7fc4cfe2a8e0, events=<value optimized out>) at red_worker.c:9989
#6  0x00000037b002c295 in red_worker_main (arg=<value optimized out>) at red_worker.c:10286
#7  0x0000003914c077e1 in start_thread () from /lib64/libpthread.so.0
#8  0x00000039144e151d in clone () from /lib64/libc.so.6



also tried to ftrace qemu-kvm,collected ftrace when the qemu-kvm quits.but when I enable ftrace,the qemu-kvm quit but no produce core dump,so the attached ftrace file is no  corresponding to the bt info.

Comment 2 Alon Levy 2011-03-20 10:27:32 UTC
Hi Xiaoqing Wei,
Can you try this scratch build and see if it solves the problem?
http://brewweb.devel.redhat.com/brew/taskinfo?taskID=3188963

When trying to reproduce (with an older driver, doing suspend) I didn't get any
assert, but I also didn't manage to exit the suspend without doing a
system_reset from the monitor - how do you usually get out of S3?

Alon

Comment 3 Xiaoqing Wei 2011-03-22 10:52:32 UTC
(In reply to comment #2)
> Hi Xiaoqing Wei,
> Can you try this scratch build and see if it solves the problem?
> http://brewweb.devel.redhat.com/brew/taskinfo?taskID=3188963
> 

Hi Alon,
This build still fails,and core dump.
qemu outputs:

(qemu) reds_handle_main_link: 
reds_show_new_channel: channel 1:0, connected successfully, over Non Secure link
handle_dev_input: mouse mode 2
reds_main_handle_message: net test: latency 0.515000 ms, bitrate 90343641 bps (86.158410 Mbps)
reds_show_new_channel: channel 4:0, connected successfully, over Non Secure link
red_dispatcher_set_cursor_peer: 
handle_dev_input: cursor connect
reds_show_new_channel: channel 2:0, connected successfully, over Non Secure link
red_dispatcher_set_peer: 
handle_dev_input: connect
handle_new_display_channel: jpeg disabled
handle_new_display_channel: zlib-over-glz disabled
reds_show_new_channel: channel 3:0, connected successfully, over Non Secure link
inputs_link: 
handle_dev_destroy_surfaces: 
handle_dev_destroy_surfaces: 
handle_dev_destroy_surfaces: 
handle_dev_destroy_surfaces: 
id 0, group 0, virt start 0, virt end ffffffffffffffff, generation 0, delta 0
validate_virt: panic: virtual address out of range
    virt=0x0+0x1d4c00 slot_id=1 group_id=1
    slot=0x0-0x0 delta=0x0
Aborted (core dumped)

(gdb) bt
#0  0x00000036daa329a5 in raise () from /lib64/libc.so.6
#1  0x00000036daa34185 in abort () from /lib64/libc.so.6
#2  0x00000036dfe10727 in ?? () from /usr/lib64/libspice-server.so.1
#3  0x00000036dfe107cc in ?? () from /usr/lib64/libspice-server.so.1
#4  0x00000036dfe2cb78 in ?? () from /usr/lib64/libspice-server.so.1
#5  0x00000036dfe2c275 in ?? () from /usr/lib64/libspice-server.so.1
#6  0x00000036db2077e1 in start_thread () from /lib64/libpthread.so.0
#7  0x00000036daae151d in clone () from /lib64/libc.so.6
(gdb) 

qemu-kvm-0.12.1.2-2.113.el6.test.x86_64

> When trying to reproduce (with an older driver, doing suspend) I didn't get any
> assert, but I also didn't manage to exit the suspend without doing a
> system_reset from the monitor - how do you usually get out of S3?
> 
Win guest will back from S3 automatically,so I didn't do anything till it prompt me to login.


> Alon


Best Regards,
Xiaoqing

Comment 4 Marian Krcmarik 2011-03-22 19:18:29 UTC
I reproduced the bug after a while. The important note is that It appears when using the qxl-win build from brew in version 0.1-4, with older builds of qxl-win It does not appear.

Note: I used latest scratch build of qemu:
qemu-kvm-0.12.1.2-2.151.spice_hdg2.el6.x86_64

Comment 5 Xiaoqing Wei 2011-03-23 02:55:17 UTC
(In reply to comment #4)
> I reproduced the bug after a while. The important note is that It appears when
> using the qxl-win build from brew in version 0.1-4, with older builds of
> qxl-win It does not appear.
> 
> Note: I used latest scratch build of qemu:
> qemu-kvm-0.12.1.2-2.151.spice_hdg2.el6.x86_64

hi ,when I use the qemu-kvm Alon builds,even the oldest qxl-win(0.1-1)can reproduce .
could you pls give me your scratch build  ?

BTW,what's your kernel,vgabios,spice-server when it didn't appear ?

mine is kernel-2.6.32-120.el6.x86_64 /vgabios-0.6b-3.5.el6.noarch/spice-server-0.7.2-4.el6.x86_64,and always reproducible

Best Regards
Xiaoqing

Comment 7 Qunfang Zhang 2011-03-24 11:00:30 UTC
(In reply to comment #4)
> I reproduced the bug after a while. The important note is that It appears when
> using the qxl-win build from brew in version 0.1-4, with older builds of
> qxl-win It does not appear.
> 
> Note: I used latest scratch build of qemu:
> qemu-kvm-0.12.1.2-2.151.spice_hdg2.el6.x86_64

Hi, Marian
I tried this scratch build of qemu as well. Install qxl-win-0.1-4 on win2k8-32 guest. After do S3, guest quit with the same error as bug description. So copied a fresh backup image and install qxl-win-0.1-3 again. Problem still exists.

Comment 8 Qunfang Zhang 2011-03-28 09:30:16 UTC
Add test blocker keywords because whql need windows guest do S3.

Comment 9 Uri Lublin 2011-04-07 14:35:10 UTC
*** Bug 676826 has been marked as a duplicate of this bug. ***

Comment 16 Xiaoqing Wei 2011-04-19 06:51:24 UTC
Created attachment 493099 [details]
win7 doing s3 with sm101 qxl driver

Comment 24 Dor Laor 2011-04-21 11:24:08 UTC
I cleared the blocker flag and the testBlocker keyword at the same time..
Alon please transfer it to the right qxl driver component.

Comment 25 Qunfang Zhang 2011-05-18 08:01:11 UTC
Set to "Testblocker" keyword because without correct spic+qxl driver, we can not pass whql job "NDIS Test 6.5 (MPE)".

Comment 26 Alon Levy 2011-05-22 13:20:08 UTC
Dor, Actually our solution involves a patch to qemu-kvm as well (qxl device only), and to the driver. I'll clone this bug for qemu-kvm.

btw, the solution is to add two io's for preparing to sleep and returning from sleep, which tell the qxl device to ignore resets. crude, but who needs to support complex logic of taking down a device when there is a better solution? of course, if it was possible to tell why we are being reset even that wouldn't be required, but I understand there is no way to get that via acpi in real hardware and that is what qemu is modelled after.

Alon

Comment 30 Alon Levy 2011-10-05 19:10:51 UTC
skipped 0.1-10 and 0.1-11. The former a tagging error, the later had a version of the surprise removal hack with 2 seconds timeout, replaced it with 60 seconds, verified the surprise removal test still passes (didn't rerun the whole WHQL).

Comment 32 Michal Haško 2011-10-21 07:49:25 UTC
VERIFIED on:
Windows XP
Windows 7 32 bit
WIndows 7 64 bit
qemu-kvm-0.12.1.2-2.184.el6.x86_64
qxl-win-0.1-12
seabios-0.6.1.2-4.el6.x86_64 (older seabios because the newest has S3 disabled)

Comment 33 Stephen Gordon 2012-02-29 18:47:24 UTC
    Technical note added. If any revisions are required, please edit the "Technical Notes" field
    accordingly. All revisions will be proofread by the Engineering Content Services team.
    
    New Contents:
When Windows guests suspended to memory (S3) the qemu-kvm process would end, sometimes generating a core dump. Updates have been made to the Windows SPICE driver, in conjunction with updates to qemu-kvm, ensure that suspend and resume now works for Windows guests.


Note You need to log in before you can comment on or make changes to this bug.