798499 – Guest aborted sometimes when quit it after a savevm

Bug 798499 - Guest aborted sometimes when quit it after a savevm

Summary: Guest aborted sometimes when quit it after a savevm

Keywords:
Status:	CLOSED WONTFIX
Alias:	None
Product:	Red Hat Enterprise Linux 6
Classification:	Red Hat
Component:	qemu-kvm
Sub Component:
Version:	6.3
Hardware:	Unspecified
OS:	Unspecified
Priority:	medium
Severity:	medium
Target Milestone:	rc
Target Release:	---
Assignee:	Kevin Wolf
QA Contact:	Virtualization Bugs
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+	depends on / blocked

Reported:	2012-02-29 03:46 UTC by Qunfang Zhang
Modified:	2013-01-10 00:44 UTC (History)
CC List:	13 users (show)
Fixed In Version:
Doc Type:	Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed:	2012-06-22 15:15:59 UTC
Target Upstream Version:

Attachments	(Terms of Use)
Add an attachment (proposed patch, testcase, etc.)

Description Qunfang Zhang 2012-02-29 03:46:32 UTC

Description of problem:
Boot a guest (I tested rhel5.8-64 and rhel6.3-64) and savevm, after finish save the internal snapshot, quit the command line. Aborted occurs. I attach a virtual floppy with qcow2 format in the command line. I'm not very sure whether it is related the floppy because this issue is not 100% reproduced. Re-test 7 times without floppy, did not reproduce the issue.

Version-Release number of selected component (if applicable):
kernel-2.6.32-241.el6.x86_64
qemu-kvm-0.12.1.2-2.233.el6.x86_64

How reproducible:
2/10

Steps to Reproduce:
0.Pre-install a rhel guest and create a 1.4M floppy disk. 
#qemu-img create -f qcow2 floppy.qcow2 1474560

1. Boot a guest:
(gdb) r -M rhel6.3.0 -cpu cpu64-rhel6 -enable-kvm -m 4G -smp 2,sockets=1,cores=2,threads=1 -name rhel5.8-64 -uuid 125b7bc8-1b37-49e9-9a33-7e8917c34b88 -rtc base=localtime,driftfix=slew -device virtio-serial-pci,id=virtio-serial0,max_ports=16,bus=pci.0,addr=0x4 -drive file=/home/RHEL-Server-5.8-64-virtio.qcow2,if=none,id=drive-virtio-disk0,format=qcow2,cache=none,werror=stop,rerror=stop,aio=native -device ide-drive,bus=ide.0,unit=1,drive=drive-virtio-disk0,id=virtio-disk0 -netdev tap,id=hostnet0,vhost=on,script=/etc/qemu-ifup -device virtio-net-pci,netdev=hostnet0,id=net0,mac=00:1a:4a:42:1a:52,bus=pci.0,addr=0x3 -chardev socket,id=charchannel0,path=/tmp/qzhang-test,server,nowait -device virtserialport,bus=virtio-serial0.0,nr=1,chardev=charchannel0,id=channel0,name=com.redhat.rhevm.vdsm -spice port=5930,disable-ticketing -vga qxl -global qxl-vga.vram_size=33554432  -usb -device usb-tablet,id=input0 -device virtio-balloon-pci,id=balloon0,addr=0x7  -boot c -monitor stdio -drive file=/home/floppy.qcow2,if=none,id=drive-fdc0-0-0,format=qcow2,cache=none -global isa-fdc.driveA=drive-fdc0-0-0

2.(qemu)savevm

3.(qemu)quit (after finish the savevm)
  
Actual results:
(qemu) 
(qemu) savevm 
handle_dev_input: stop
[New Thread 0x7ffff05ec700 (LWP 17083)]
handle_dev_input: start
(qemu) 
(qemu) 
(qemu) q
[New Thread 0x7ffed7bfd700 (LWP 17106)]
qemu-kvm: block/qcow2-cache.c:69: qcow2_cache_destroy: Assertion `c->entries[i].ref == 0' failed.

Program received signal SIGABRT, Aborted.
0x00007ffff500e885 in raise () from /lib64/libc.so.6
(gdb) 
(gdb) 
(gdb) bt
#0  0x00007ffff500e885 in raise () from /lib64/libc.so.6
#1  0x00007ffff5010065 in abort () from /lib64/libc.so.6
#2  0x00007ffff50079fe in __assert_fail_base () from /lib64/libc.so.6
#3  0x00007ffff5007ac0 in __assert_fail () from /lib64/libc.so.6
#4  0x00007ffff7e4d1f4 in qcow2_cache_destroy (bs=<value optimized out>, 
    c=0x7ffff86d7640) at block/qcow2-cache.c:69
#5  0x00007ffff7e470ba in qcow2_close (bs=<value optimized out>)
    at block/qcow2.c:625
#6  0x00007ffff7e31531 in bdrv_close (bs=0x7ffff86eb2c0) at block.c:665
#7  0x00007ffff7e315a8 in bdrv_close_all () at block.c:688
#8  0x00007ffff7e1e2a5 in kvm_main_loop ()
    at /usr/src/debug/qemu-kvm-0.12.1.2/qemu-kvm.c:2249
#9  0x00007ffff7e0047c in main_loop (argc=20, argv=<value optimized out>, 
    envp=<value optimized out>) at /usr/src/debug/qemu-kvm-0.12.1.2/vl.c:4228
#10 main (argc=20, argv=<value optimized out>, envp=<value optimized out>)
    at /usr/src/debug/qemu-kvm-0.12.1.2/vl.c:6489

Expected results:
Guest should quit normally.

Additional info:
Once when savevm, qemu prompts error, and then quit qemu causing an aborted.But I only saw this error for only once.
(qemu) savevm 
handle_dev_input: stop
Error while creating snapshot on 'drive-fdc0-0-0'
handle_dev_input: start

Comment 2 Dor Laor 2012-03-15 10:31:07 UTC

savevm is not supported. I'm leaving the bug open to see if the abort is rlevant to other scenarios.

Comment 3 Kevin Wolf 2012-03-15 11:00:50 UTC

Looks like we're forgetting to call qcow2_cache_put() in some error path. Reproducing this only with qemu-io/qemu-img, so that we have a fully deteministic scriptable test case would be good.

Comment 5 Paolo Bonzini 2012-03-29 14:00:30 UTC

From bug 807894 comment 9, this was seen also with external snapshots:

(qemu) snapshot_blkdev drive-virtio-disk0 /root/sn1 qcow2  
(qemu) block_stream drive-virtio-disk0 
(qemu) quit

qemu-kvm core dump:

Program terminated with signal 6, Aborted.
#0  0x00007f5400ae1885 in raise (sig=6) at
../nptl/sysdeps/unix/sysv/linux/raise.c:64
64   return INLINE_SYSCALL (tgkill, 3, pid, selftid, sig);

(gdb) bt
#0  0x00007f5400ae1885 in raise (sig=6) at
../nptl/sysdeps/unix/sysv/linux/raise.c:64
#1  0x00007f5400ae3065 in abort () at abort.c:92
#2  0x00007f5400ada9fe in __assert_fail_base (fmt=<value optimized out>,
assertion=0x7f540330b286 "c->entries[i].ref == 0", file=0x7f540330b25b
"block/qcow2-cache.c", line=<value optimized out>, 
    function=<value optimized out>) at assert.c:96
#3  0x00007f5400adaac0 in __assert_fail (assertion=0x7f540330b286
"c->entries[i].ref == 0", file=0x7f540330b25b "block/qcow2-cache.c", line=69,
function=0x7f540330b2b0 "qcow2_cache_destroy") at assert.c:105
#4  0x00007f54031b4324 in qcow2_cache_destroy (bs=<value optimized out>,
c=0x7f54049dcd70) at block/qcow2-cache.c:69
#5  0x00007f54031ae34a in qcow2_close (bs=0x7f54047e4010) at block/qcow2.c:628
#6  0x00007f5403197f21 in bdrv_close (bs=0x7f54047e4010) at block.c:693
#7  0x00007f5403198068 in bdrv_close_all () at block.c:717
#8  0x00007f5403184985 in kvm_main_loop () at
/usr/src/debug/qemu-kvm-0.12.1.2/qemu-kvm.c:2270
#9  0x00007f5403165cec in main_loop (argc=20, argv=<value optimized out>,
envp=<value optimized out>) at /usr/src/debug/qemu-kvm-0.12.1.2/vl.c:4202
#10 main (argc=20, argv=<value optimized out>, envp=<value optimized out>) at
/usr/src/debug/qemu-kvm-0.12.1.2/vl.c:6427

Comment 6 Paolo Bonzini 2012-03-29 14:05:21 UTC

Hm, this seems to be related to quitting while streaming.  Better open a separate bug.

Comment 7 Ademar Reis 2012-04-05 16:52:32 UTC

(In reply to comment #6)
> Hm, this seems to be related to quitting while streaming.  Better open a
> separate bug.

Discussed this with Kevin, I'm moving it to 6.4 (savevm is not supported, but it's still worth some investigation in the near future).

Paolo, I assume you'll take care of the streaming case, even though this bug currently blocks the blk_mirror bug.

Comment 8 Paolo Bonzini 2012-04-05 17:14:49 UTC

Yes, the streaming case is bug 807898.  Mirror+streaming is broken beyond possibility of saving it, so I removed bug 806432 from the blocks list of this one.

Comment 9 Ademar Reis 2012-06-22 15:15:59 UTC

savevm is not supported and the streaming case has been investigated by Paolo. Closing as WONTFIX.

Note You need to log in before you can comment on or make changes to this bug.