RHEL Engineering is moving the tracking of its product development work on RHEL 6 through RHEL 9 to Red Hat Jira (issues.redhat.com). If you're a Red Hat customer, please continue to file support cases via the Red Hat customer portal. If you're not, please head to the "RHEL project" in Red Hat Jira and file new tickets here. Individual Bugzilla bugs in the statuses "NEW", "ASSIGNED", and "POST" are being migrated throughout September 2023. Bugs of Red Hat partners with an assigned Engineering Partner Manager (EPM) are migrated in late September as per pre-agreed dates. Bugs against components "kernel", "kernel-rt", and "kpatch" are only migrated if still in "NEW" or "ASSIGNED". If you cannot log in to RH Jira, please consult article #7032570. That failing, please send an e-mail to the RH Jira admins at rh-issues@redhat.com to troubleshoot your issue as a user management inquiry. The email creates a ServiceNow ticket with Red Hat. Individual Bugzilla bugs that are migrated will be moved to status "CLOSED", resolution "MIGRATED", and set with "MigratedToJIRA" in "Keywords". The link to the successor Jira issue will be found under "Links", have a little "two-footprint" icon next to it, and direct you to the "RHEL project" in Red Hat Jira (issue links are of type "https://issues.redhat.com/browse/RHEL-XXXX", where "X" is a digit). This same link will be available in a blue banner at the top of the page informing you that that bug has been migrated.
Bug 698537 - ide: core dump when stop/cont guest
Summary: ide: core dump when stop/cont guest
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: Red Hat Enterprise Linux 6
Classification: Red Hat
Component: qemu-kvm
Version: 6.1
Hardware: Unspecified
OS: Unspecified
medium
high
Target Milestone: rc
: ---
Assignee: Kevin Wolf
QA Contact: Virtualization Bugs
URL:
Whiteboard:
: 703554 714344 (view as bug list)
Depends On:
Blocks: GSS_6_2_PROPOSED 703492
TreeView+ depends on / blocked
 
Reported: 2011-04-21 07:42 UTC by Xiaoqing Wei
Modified: 2018-11-14 13:11 UTC (History)
13 users (show)

Fixed In Version: qemu-kvm-0.12.1.2-2.172.el6
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2011-12-06 15:39:55 UTC
Target Upstream Version:
Embargoed:

Attachments (Terms of Use)
gdb bt info (1018 bytes, text/plain)
2011-04-21 07:55 UTC, Xiaoqing Wei 		no flags Details
core dump bt info when running rhel56 guest (1012 bytes, text/plain)
2011-04-22 01:52 UTC, Xiaoqing Wei 		no flags Details
sosreport (840.97 KB, application/octet-stream)
2011-08-26 14:25 UTC, IBM Bug Proxy 		no flags Details
[abrt] new crash was detected (2.23 KB, application/octet-stream)
2011-08-26 14:25 UTC, IBM Bug Proxy 		no flags Details
View All


Links
System ID Private Priority Status Summary Last Updated
Red Hat Product Errata RHSA-2011:1531 0 normal SHIPPED_LIVE Moderate: qemu-kvm security, bug fix, and enhancement update 2011-12-06 01:23:30 UTC

Description Xiaoqing Wei 2011-04-21 07:42:02 UTC 
Description of problem:

create image in lvm, boot guest the with the lvm image attached, create partition in the image attached and run dd. stop/cont guest during dd. guest core dump

Version-Release number of selected component (if applicable):

qemu-kvm-0.12.1.2-2.158.el6.x86_64
How reproducible:
100%

Steps to Reproduce:


1. qemu-img create -f qcow2 /dev/vgtest/lvtest 500M
2. boot a guest:
qemu-kvm -name 'rhel47-32' -monitor stdio -chardev socket,id=serial_id_20110420-134929-ocyE,path=/tmp/serial-20110420-134929-ocyE,server,nowait -device isa-serial,chardev=serial_id_20110420-134929-ocyE -device rtl8139,netdev=idvjxRgD,mac=9a:fe:9d:9b:1e:a4,id=ndev00idvjxRgD,bus=pci.0,addr=0x3 -netdev tap,id=idvjxRgD,ifname='t0-134929-ocyE',script='/usr/local/staf/test/RHEV/kvm/autotest-devel/client/tests/kvm/scripts/qemu-ifup-switch',downscript='no' -m 4096 -smp 4,cores=2,threads=1,sockets=2 -cpu cpu64-rhel6,+sse2,+x2apic -vnc :0 -rtc base=utc,clock=host,driftfix=none -M rhel6.1.0 -boot order=cdn,once=c,menu=off   -usbdevice tablet -no-kvm-pit-reinjection -enable-kvm \
\
\-drive file='/home/kvm_autotest_root/images/rhel49.qcow2',werror=stop,rerror=stop,index=0,if=ide
\ -drive file=/dev/vgtest/lvtest,if=ide,werror=stop,rerror=stop

where rhel49.qcow is the file based image used for storaging the OS,  (guest shows as /dev/hda)
lvtest is the LVM based qcow2 image attached.   (guest shows as /dev/hdb)


3. log into guest,do
""""
  fdisk /dev/hdb   to create a partition and mount it under /media

mount /dev/hdb1 /media
dd if=/dev/urandom of=/media/tes.img bs=1M count=300

""""

after dd in guest, type "stop" in monitor ,info status comfirm it really stopped,type "cont" to continue

Actual results:
qemu-kvm process core dump

Expected results:
guest continue run as normal.

Additional info:

host info :kernel-2.6.32-130.el6.x86_64
processor       : 3
vendor_id       : GenuineIntel
cpu family      : 6
model           : 23
model name      : Intel(R) Core(TM)2 Quad CPU    Q9400  @ 2.66GHz
stepping        : 10
cpu MHz         : 2660.161
cache size      : 3072 KB



guest info : OS rhel4.9-32
Comment 2 Xiaoqing Wei 2011-04-21 07:55:20 UTC 
Created attachment 493729 [details]
gdb bt info

qemu-kvm can core dump during vm boots,just do stop/cont in monitor
Comment 3 Xiaoqing Wei 2011-04-22 01:52:45 UTC 
Created attachment 494035 [details]
core dump bt info when running rhel56 guest

also tested 
rhel61-32    20 / 0
rhel56-32    15 / 1
Win2008r2-32 10 / 0
Win7-32      15 / 0



attached bt info collected from qemu-kvm core dump when running rhel5.6 guest.
Comment 5 Kevin Wolf 2011-05-31 12:36:57 UTC 
It's trying to restart a flush that probably didn't even exist. Might be a guest that writes to the status register, which the IDE emulation abuses for its internal error status. The fix would be to stop this abuse.
Comment 8 Kevin Wolf 2011-06-21 13:42:15 UTC 
Note for reproducers: The important thing here is that you have some I/O on the IDE slave. It doesn't matter whether you take the primary or secondary channel, /dev/hdb and /dev/hdd both work. You don't need a disk in /dev/hda to reproduce this.
Comment 10 Luiz Capitulino 2011-06-27 15:02:43 UTC 
*** Bug 703554 has been marked as a duplicate of this bug. ***
Comment 11 Luiz Capitulino 2011-06-27 15:06:31 UTC 
I'm marking this a blocker to 703492, as requested by Weiguo Fan in bug 703554 comment 21.
Comment 15 FuXiangChun 2011-08-04 06:20:50 UTC 
Verified on qemu-kvm-0.12.1.2-2.175.el6.x86_64

Steps to Verify:
1.run a VM with two disks,and sec disk is iscsi block device.
/usr/libexec/qemu-kvm -M rhel6.1.0 -enable-kvm -m 4G -smp 2,sockets=2,cores=1,threads=1 -name rhel6 -uuid 745fe449-aac8-29f1-0c2d-5042a707263b -boot c -drive file=rhel61.qcow2,if=none,id=drive-ide0-0-0,format=qcow2,cache=none,aio=threads -device ide-drive,drive=drive-ide0-0-0,id=ide0-0-0,bootindex=1 -drive file=/dev/migrate/data1,if=none,id=drive-ide0-0-1,format=qcow2,cache=none,aio=threads -device ide-drive,drive=drive-ide0-0-1,id=ide0-0-1  -netdev tap,id=hostnet1,vhost=on,script=/etc/qemu-ifup -device rtl8139,netdev=hostnet1,mac=00:24:21:7F:B6:01,bus=pci.0,id=virtio-net-pci1 -monitor stdio  -spice disable-ticketing,port=5911
2.format sec disk and mount it in guest
  mkfs.ext4 /dev/sdb 
  mount /dev/sdb /mnt
3.execute dd command in mount point
  cd /mnt
  dd if=/dev/urandom of=/media/tes.img bs=1M count=300
4.stop/cont in monitor

Actual Results:
guest and host work well, and command execute successfully.

Based on above ,this issue has been fixed.
Comment 16 FuXiangChun 2011-08-05 02:26:14 UTC 
Verified on qemu-kvm-0.12.1.2-2.175.el6.x86_64
reproduce on qemu-kvm-0.12.1.2-2.160.el6.x86_64

steps to reproduce:
1. install rhel5.9 guest
2./usr/libexec/qemu-kvm -M rhel6.1.0 -enable-kvm -m 4G -smp 2,sockets=2,cores=1,threads=1 -name rhel6 -uuid 745fe449-aac8-29f1-0c2d-5042a707263b -boot dc -drive file=rhel49.qcow2,if=none,id=drive-ide0-0-0,format=qcow2,cache=none,aio=threads -device ide-drive,drive=drive-ide0-0-0,id=ide0-0-0,bootindex=1 -drive file=/dev/vg0/data2,if=none,id=drive,format=qcow2,cache=none,aio=threads -device ide-drive,drive=drive,id=ide0-0-1 -netdev tap,id=hostnet1,vhost=on,script=/etc/qemu-ifup -device rtl8139,netdev=hostnet1,mac=00:24:21:7F:B6:02,bus=pci.0,id=virtio-net-pci1 -monitor stdio  -spice disable-ticketing,port=5911
2. format sec disk and mount it in guest
  mkfs.ext3 /dev/hdd
3.execute dd command in mount point
  cd /mnt
  dd if=/dev/urandom of=/media/tes.img bs=1M count=300
4.stop/cont in monitor

Actual Results:
 on qemu-kvm-0.12.1.2-2.160.el6.x86_64
(qemu) qemu-kvm: /builddir/build/BUILD/qemu-kvm-0.12.1.2/hw/ide/internal.h:517: bmdma_active_if: Assertion `bmdma->unit != (uint8_t)-1' failed.
Aborted (core dumped)

on qemu-kvm-0.12.1.2-2.175.el6.x86_64
guest work well

Based on above ,this issue has been fixed.
Comment 18 Kevin Wolf 2011-08-26 14:14:07 UTC 
*** Bug 714344 has been marked as a duplicate of this bug. ***
Comment 19 IBM Bug Proxy 2011-08-26 14:25:00 UTC 
Created attachment 520099 [details]
sosreport
Comment 20 IBM Bug Proxy 2011-08-26 14:25:07 UTC 
Created attachment 520100 [details]
[abrt] new crash was detected
Comment 21 IBM Bug Proxy 2011-09-27 08:21:37 UTC 
------- Comment From vahegde1.ibm.com 2011-09-27 04:13 EDT-------
Verified on RHEL6.2 Alpha with RHEL5.4 64bit guest and this issue is fixed.

[root@llm112 images]#  uname -a
Linux llm112 2.6.32-195.el6.x86_64 #1 SMP Sun Sep 4 15:32:25 EDT 2011 x86_64 x86_64 x86_64 GNU/Linux

[root@llm112 images]#  rpm  -qa |grep qemu
qemu-kvm-0.12.1.2-2.183.el6.x86_64
qemu-kvm-tools-0.12.1.2-2.183.el6.x86_64
gpxe-roms-qemu-0.9.7-6.7.el6.noarch
qemu-img-0.12.1.2-2.183.el6.x86_64

[root@llm112 images]# virsh list
Id Name                 State
----------------------------------
2 rhel5.4-64bit        running

[root@llm112 images]# virsh suspend 2
Domain 2 suspended

[root@llm112 images]# virsh list
Id Name                 State
----------------------------------
2 rhel5.4-64bit        paused

[root@llm112 images]#  virsh resume 2
Domain 2 resumed

[root@llm112 images]# virsh  list
Id Name                 State
----------------------------------
2 rhel5.4-64bit        running

Thanks
Vasant
Comment 22 Masaki Furuta ( RH ) 2011-09-27 09:57:37 UTC 
Dear weiguo fan,

Would you please kindly verify fix on latest RHEL6.2Alpha (kernel-2.6.32-195.el6, qemu-kvm-0.12.1.2-2.183 ), if possible?

Best Regards,
Masaki Furuta
Comment 23 weiguo fan 2011-09-28 03:07:23 UTC 
(In reply to comment #22)
Dear Furuta-san

> Would you please kindly verify fix on latest RHEL6.2Alpha
> (kernel-2.6.32-195.el6, qemu-kvm-0.12.1.2-2.183 ), if possible?

I confirmed that this problem did not occur on RHEL6.2 Alpha(kernel-2.6.32-195.el6, qemu-kvm-0.12.1.2-2.183 ). 

Thanks
Best Regards.
Comment 24 errata-xmlrpc 2011-12-06 15:39:55 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

http://rhn.redhat.com/errata/RHSA-2011-1531.html
Note You need to log in before you can comment on or make changes to this bug.