Bug 707528 - RHEL5.7 Guest kernel panic when accessing floppy
Summary: RHEL5.7 Guest kernel panic when accessing floppy
Keywords:
Status: CLOSED DUPLICATE of bug 653324
Alias: None
Product: Red Hat Enterprise Linux 5
Classification: Red Hat
Component: kvm
Version: 5.7
Hardware: Unspecified
OS: Linux
medium
medium
Target Milestone: rc
: ---
Assignee: Virtualization Maintenance
QA Contact: Virtualization Bugs
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2011-05-25 10:31 UTC by Qingtang Zhou
Modified: 2013-09-30 01:28 UTC (History)
5 users (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2011-05-30 11:24:27 UTC
Target Upstream Version:
Embargoed:


Attachments (Terms of Use)
guest dmesg (24.66 KB, text/x-log)
2011-05-25 10:32 UTC, Qingtang Zhou
no flags Details
screenshot of guest (21.11 KB, image/png)
2011-05-25 10:32 UTC, Qingtang Zhou
no flags Details

Description Qingtang Zhou 2011-05-25 10:31:29 UTC
Description of problem:
RHEL-5.7 guest kenerl panic when formatting floppy or mount it.

Version-Release number of selected component (if applicable):
05/23 17:58:51 DEBUG| kvm_utils:0438| Fetching KVM module version...
05/23 17:58:51 DEBUG|kvm_test_u:0962| Current version is: kvm-83-232.el5


How reproducible:
50% (runs 4 times totally)

Steps to Reproduce:
1. start a guest with command:
qemu -name 'vm1' ... -fda '/usr/local/staf/test/RHEV/kvm-new/autotest/client/tests/kvm/images/test_floppy.img'

2. launch floppy module:
05/23 18:00:35 DEBUG|kvm_subpro:1223| Sending command: modprobe floppy

3. format this floppy in guest:
05/23 18:00:36 DEBUG|kvm_subpro:1223| Sending command: mkfs -t ext3 /dev/fd0

4. guest kernel panic.

btw, sometimes formating will complete, but when mounting this floppy, guest panic occur.
05/26 02:16:20 DEBUG|   aexpect:1224| Sending command: modprobe floppy
05/26 02:16:20 DEBUG|   aexpect:1224| Sending command: echo $?
05/26 02:16:20 DEBUG|   aexpect:1224| Sending command: mkfs -t ext3 /dev/fd0
05/26 02:16:21 DEBUG|   aexpect:1224| Sending command: echo $?
05/26 02:16:21 INFO |    floppy:0037| Floppy disk formatted successfully
05/26 02:16:21 DEBUG|   aexpect:1224| Sending command: mount /dev/fd0 /mnt/
05/26 02:16:22 DEBUG|   aexpect:1224| Sending command: echo $?
05/26 02:16:22 DEBUG|   aexpect:1224| Sending command: (dd if=/dev/urandom of=/mnt/test_floppy bs=1M count=1) && (rm -f /mnt/test_floppy)
05/26 02:16:22 DEBUG|   aexpect:1224| Sending command: echo $?
05/26 02:16:22 DEBUG|   aexpect:1224| Sending command: cp /etc/passwd /mnt/passwd
05/26 02:16:22 DEBUG|kvm_monito:0220| Send command: info status
05/26 02:16:22 DEBUG|kvm_monito:0220| Send command: screendump /dev/shm/scrdump-fxqVaq.ppm
05/26 02:16:22 DEBUG|   aexpect:1224| Sending command: echo $?
05/26 02:16:22 INFO |    floppy:0056| Succeed to copy file '/etc/passwd' into floppy disk
05/26 02:16:22 INFO |    floppy:0059| Comparing both files to see whether it is unchanged
05/26 02:16:22 DEBUG|   aexpect:1224| Sending command: diff /etc/passwd /mnt/passwd
05/26 02:16:22 DEBUG|   aexpect:1224| Sending command: echo $?
05/26 02:16:23 DEBUG|   aexpect:1224| Sending command: rm -f /mnt/passwd
05/26 02:16:23 DEBUG|   aexpect:1224| Sending command: echo $?
05/26 02:16:23 DEBUG|   aexpect:1224| Sending command: umount /mnt/
after "umount /mnt", guest kernel panic occur.

  
Actual results:
guest kernel panic.

Expected results:
guest runs well.

Additional info:
full qemu command line:
05/23 17:59:27 DEBUG|    kvm_vm:1033| Running qemu command:
/usr/local/staf/test/RHEV/kvm-new/autotest/client/tests/kvm/qemu \
-name 'vm1' \
-monitor unix:'/tmp/monitor-humanmonitor1-20110523-143822-94OL',server,nowait \
-serial unix:'/tmp/serial-20110523-143822-94OL',server,nowait \
-drive file='/usr/local/staf/test/RHEV/kvm-new/autotest/client/tests/kvm/images/RHEL-Server-5.7-32.qcow2',index=0,if=ide,media=disk,cache=none,format=qcow2 \
-net nic,vlan=0,model=rtl8139,macaddr='9a:5d:44:81:e7:af' \
-net tap,vlan=0,ifname='t0-143822-94OL',script='/usr/local/staf/test/RHEV/kvm-new/autotest/client/tests/kvm/scripts/qemu-ifup-switch',downscript='no' \
-m 4096 \
-smp 2,cores=1,threads=1,sockets=2 \
-cpu qemu64,+sse2 \
-soundhw ac97 \
-fda '/usr/local/staf/test/RHEV/kvm-new/autotest/client/tests/kvm/images/test_floppy.img' \
-spice port=8000,disable-ticketing \
-qxl 1 \
-rtc-td-hack \
-M rhel5.6.0 \
-boot c  \
-usbdevice tablet \
-no-kvm-pit-reinjection

Comment 1 Qingtang Zhou 2011-05-25 10:32:23 UTC
Created attachment 500775 [details]
guest dmesg

Comment 2 Qingtang Zhou 2011-05-25 10:32:48 UTC
Created attachment 500776 [details]
screenshot of guest

Comment 3 Qingtang Zhou 2011-05-25 10:34:37 UTC
guest kernel panic call trace:

2011-05-23 18:00:36: BUG: unable to handle kernel NULL pointer dereference at virtual address 0000001d
2011-05-23 18:00:36:  printing eip:
2011-05-23 18:00:36: f89b454b
2011-05-23 18:00:36: *pde = b73f9067
2011-05-23 18:00:36: Oops: 0000 [#1]
2011-05-23 18:00:36: SMP
2011-05-23 18:00:36: last sysfs file: /class/misc/autofs/dev
2011-05-23 18:00:36: Modules linked in: autofs4 hidp rfcomm l2cap bluetooth lockd sunrpc ip_conntrack_netbios_ns ipt_REJECT xt_state ip_conntrack nfnetlink iptable_filter ip_tables ip6t_REJECT xt_tcpudp ip6table_filter ip6_tables x_tables be2iscsi ib_iser rdma_cm ib_cm iw_cm ib_sa ib_mad ib_core ib_addr iscsi_tcp bnx2i cnic ipv6 xfrm_nalgo crypto_api uio cxgb3i libcxgbi cxgb3 8021q libiscsi_tcp libiscsi2 scsi_transport_iscsi2 scsi_transport_iscsi loop dm_multipath scsi_dh video backlight sbs power_meter hwmon i2c_ec dell_wmi wmi button battery asus_acpi ac lp joydev snd_intel8x0 snd_ac97_codec ac97_bus snd_seq_dummy snd_seq_oss snd_seq_midi_event snd_seq snd_seq_device snd_pcm_oss snd_mixer_oss ide_cd parport_pc virtio_balloon snd_pcm i2c_piix4 floppy parport snd_timer 8139too i2c_core cdrom tpm_tis snd 8139cp mii virtio_pci virtio_ring tpm virtio serio_raw tpm_bios soundcore pcspkr snd_page_alloc dm_raid45 dm_message dm_region_hash dm_mem_cache dm_snapshot dm_zero dm_mirror dm_log dm_mod ata_piix libata sd_mod scsi_mod ext3 jbd uhci_hcd ohci_hcd ehci_hcd
2011-05-23 18:00:36: CPU:    1
2011-05-23 18:00:36: EIP:    0060:[<f89b454b>]    Not tainted VLI
2011-05-23 18:00:36: EFLAGS: 00010246   (2.6.18-262.el5 #1)
2011-05-23 18:00:36: EIP is at setup_rw_floppy+0x1f7/0x272 [floppy]
2011-05-23 18:00:36: eax: 00000000   ebx: 00000009   ecx: 00000014   edx: 00000000
2011-05-23 18:00:36: esi: 00000000   edi: 00000008   ebp: 000000d9   esp: f7fedf5c
2011-05-23 18:00:36: ds: 007b   es: 007b   ss: 0068
2011-05-23 18:00:36: Process events/1 (pid: 9, ti=f7fed000 task=f7feeaa0 task.ti=f7fed000)
2011-05-23 18:00:36: Stack: 00000246 f89bc840 f89bc844 f7c29dc0 00000296 c0433d39 f89b4aa3 00000000
2011-05-23 18:00:36:        f7c29dd8 f7c29dc0 f7c29dd0 00000000 c043479c 00000001 00000000 f7c8df44
2011-05-23 18:00:36:        00010000 00000000 00000000 f7feeaa0 c041f843 00100100 00200200 ffffffff
2011-05-23 18:00:36: Call Trace:
2011-05-23 18:00:36:  [<c0433d39>] run_workqueue+0x81/0xc5
2011-05-23 18:00:36:  [<f89b4aa3>] floppy_start+0x0/0xda [floppy]
2011-05-23 18:00:36:  [<c043479c>] worker_thread+0xd9/0x10d
2011-05-23 18:00:36:  [<c041f843>] default_wake_function+0x0/0xc
2011-05-23 18:00:36:  [<c04346c3>] worker_thread+0x0/0x10d
2011-05-23 18:00:36:  [<c0436bce>] kthread+0xc0/0xee
2011-05-23 18:00:36:  [<c0436b0e>] kthread+0x0/0xee
2011-05-23 18:00:36:  [<c0405c87>] kernel_thread_helper+0x7/0x10
2011-05-23 18:00:36:  =======================
2011-05-23 18:00:36: Code: c7 89 ef 83 e7 08 74 0a c7 05 00 e2 9b f8 70 34 9b f8 31 db 31 f6 eb 0d 0f be 44 13 1e 43 e8 1a e7 ff ff 09 c6 8b 15 c0 e8 9b f8 <0f> b6 42 1d 39 c3 7c e5 0f b6 05 c4 f2 9b f8 6b c0 58 f6 80 dc
2011-05-23 18:00:36: EIP: [<f89b454b>] setup_rw_floppy+0x1f7/0x272 [floppy] SS:ESP 0068:f7fedf5c
2011-05-23 18:00:36:  <0>Kernel panic - not syncing: Fatal exception
2011-05-23 18:00:36:

Comment 4 Gleb Natapov 2011-05-30 11:24:27 UTC
Please check for existing bug before opening new one.

*** This bug has been marked as a duplicate of bug 653324 ***


Note You need to log in before you can comment on or make changes to this bug.