845966 – libvirt pmsuspend to disk will crash libvirtd

RHEL Engineering is moving the tracking of its product development work on RHEL 6 through RHEL 9 to Red Hat Jira (issues.redhat.com). If you're a Red Hat customer, please continue to file support cases via the Red Hat customer portal. If you're not, please head to the "RHEL project" in Red Hat Jira and file new tickets here. Individual Bugzilla bugs in the statuses "NEW", "ASSIGNED", and "POST" are being migrated throughout September 2023. Bugs of Red Hat partners with an assigned Engineering Partner Manager (EPM) are migrated in late September as per pre-agreed dates. Bugs against components "kernel", "kernel-rt", and "kpatch" are only migrated if still in "NEW" or "ASSIGNED". If you cannot log in to RH Jira, please consult article #7032570. That failing, please send an e-mail to the RH Jira admins at rh-issues@redhat.com to troubleshoot your issue as a user management inquiry. The email creates a ServiceNow ticket with Red Hat. Individual Bugzilla bugs that are migrated will be moved to status "CLOSED", resolution "MIGRATED", and set with "MigratedToJIRA" in "Keywords". The link to the successor Jira issue will be found under "Links", have a little "two-footprint" icon next to it, and direct you to the "RHEL project" in Red Hat Jira (issue links are of type "https://issues.redhat.com/browse/RHEL-XXXX", where "X" is a digit). This same link will be available in a blue banner at the top of the page informing you that that bug has been migrated.

Bug 845966 - libvirt pmsuspend to disk will crash libvirtd

Summary: libvirt pmsuspend to disk will crash libvirtd

Keywords:
Status:	CLOSED ERRATA
Alias:	None
Product:	Red Hat Enterprise Linux 6
Classification:	Red Hat
Component:	libvirt
Sub Component:
Version:	6.4
Hardware:	x86_64
OS:	Linux
Priority:	high
Severity:	high
Target Milestone:	rc
Target Release:	---
Assignee:	Alex Jia
QA Contact:	Virtualization Bugs
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+	depends on / blocked

Reported:	2012-08-06 10:16 UTC by Huang Wenlong
Modified:	2013-10-20 21:45 UTC (History)
CC List:	10 users (show)
Fixed In Version:	libvirt-0.10.2-1.el6
Doc Type:	Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed:	2013-02-21 07:21:12 UTC
Target Upstream Version:
Embargoed:

Attachments	(Terms of Use)
gdb log (8.46 KB, text/plain) 2012-08-06 10:16 UTC, Huang Wenlong	no flags	Details
libvirtd log (65.65 KB, text/plain) 2012-08-06 10:17 UTC, Huang Wenlong	no flags	Details
View All

Links
System	ID	Private	Priority	Status	Summary	Last Updated
Red Hat Product Errata	RHSA-2013:0276	0	normal	SHIPPED_LIVE	Moderate: libvirt security, bug fix, and enhancement update	2013-02-20 21:18:26 UTC

Description Huang Wenlong 2012-08-06 10:16:01 UTC

Description of problem:
libvirt pmsuspend to disk will crash libvirtd

Version-Release number of selected component (if applicable):
libvirt-0.10.0-0rc0.el6.x86_64
qemu-kvm-rhev-0.12.1.2-2.298.el6_3.x86_64


How reproducible:
100%

Steps to Reproduce:
1. install qemu-ga in the domain [qemu-guest-agent]   and  add xml into domain

<channel type='unix'>
      <source mode='bind' path='/var/lib/libvirt/qemu/rhelx86_64.agent'/>
      <target type='virtio' name='org.qemu.guest_agent.0'/>
      <alias name='channel0'/>
      <address type='virtio-serial' controller='0' bus='0' port='1'/>
    </channel>



2. start domain   and login domain , run qemu-ga -d  in the domain
#qemu-ga -d
#

3.in the host  run pmsuspend disk
#virsh dompmsuspend $domain disk


libvirtd crash



Actual results:
as steps

Expected results:
libvirtd do not crash

Additional info:

Comment 1 Huang Wenlong 2012-08-06 10:16:41 UTC

Created attachment 602475 [details]
gdb log

Comment 2 Huang Wenlong 2012-08-06 10:17:14 UTC

Created attachment 602476 [details]
libvirtd log

Comment 4 Alex Jia 2012-08-06 10:53:23 UTC

What's the qemu-guest-agent version in the guest? and seabios version on the host?

It's very strange for me, I can't reproduce it on my RHEL6.2(2.6.32-220.el6.x86_64) with libvirt-0.10.0-0rc0.el6.x86_64, qemu-kvm-rhev-0.12.1.2-2.295.el6.x86_64 and seabios-0.6.1.2-19.el6.x86_64, and I installed qemu-guest-agent-0.12.1.2-2.295.el6.x86_64 in RHEL6 guest.

# virsh dumpxml myRHEL6

  xxxx

  <os>
    <type arch='x86_64' machine='rhel6.3.0'>hvm</type>
    <loader>/usr/share/seabios/bios-pm.bin</loader>
    <boot dev='hd'/>
  </os>

  xxxx

    <channel type='unix'>
      <source mode='bind' path='/var/lib/libvirt/qemu/myRHEL6.agent'/>
      <target type='virtio' name='org.qemu.guest_agent.0'/>
      <address type='virtio-serial' controller='0' bus='0' port='2'/>
    </channel>

  xxxx

However, I also can reproduce the issue on Wenlong test machine even though I don't need to start qemu-ga in the guest.

Comment 5 Alex Jia 2012-08-06 10:55:47 UTC

(In reply to comment #4)
> What's the qemu-guest-agent version in the guest? and seabios version on the
> host?
> 
I just check Wenlong machine:

On the guest:

qemu-guest-agent-0.12.1.2-2.298.el6.x86_64

On the host:

seabios-0.6.1.2-19.el6.x86_64

Comment 6 Alex Jia 2012-08-06 11:06:54 UTC

I checked it further, it's relationship with qemu-guest-agent version, and I can reproduce it on qemu-guest-agent-0.12.1.2-2.298.el6.x86_64 and qemu-guest-agent-0.12.1.2-2.302.el6.x86_64.rpm, it may be qemu-guest-agent changes some places, however, libvirt hasn't follow it.

Comment 7 Alex Jia 2012-08-07 07:23:08 UTC

Path for upstream and wait for developers review:
https://www.redhat.com/archives/libvir-list/2012-August/msg00417.html

Comment 8 Alex Jia 2012-08-08 06:25:35 UTC

Daniel's commit b57ee09 potentially fix the issue via using virObjectUnref() instead of qemuAgentUnref(), the old qemuAgentUnref(priv->agent) hasn't judge whether its parameter is NULL then will deref a NULL pointer, however, if the parameter 'priv->agent' is NULL then the virObjectUnref(priv->agent) will directly return false without executing subsequent codes.

commit b57ee0921ec7c5c2cfc51ce34fcc296aaad52dd5
Author: Daniel P. Berrange <berrange>
Date:   Wed Jul 11 14:35:47 2012 +0100

    Turn qemuAgentPtr and qemuMonitorPtr into virObjectPtr instances
    
    Make qemuAgentPtr and qemuMonitorPtr types use the virObject APIs
    for reference counting
    
    Signed-off-by: Daniel P. Berrange <berrange>

Comment 11 Huang Wenlong 2012-10-12 05:38:46 UTC

Verify this bug with :
libvirt-0.10.2-2.el6.x86_64
qemu-kvm-0.12.1.2-2.316.el6.x86_64
seabios-0.6.1.2-22.el6.x86_64

add these pattern in the xml 

...
 <os>
    <type arch='x86_64' machine='rhel6.4.0'>hvm</type>
    <loader>/usr/share/seabios/bios-pm.bin</loader>
    <boot dev='hd'/>
  </os>
 <pm>
    <suspend-to-mem enabled='no'/>
    <suspend-to-disk enabled='yes'/>
  </pm>

  <devices>
...
   <channel type='unix'>
      <source mode='bind' path='/var/lib/libvirt/qemu/rhel6-dvs.agent'/>
      <target type='virtio' name='org.qemu.guest_agent.0'/>
      <alias name='channel1'/>
      <address type='virtio-serial' controller='0' bus='0' port='2'/>
    </channel>
...
  </devices>

...


#virsh dompmsuspend rhel6-dvs disk
Domain rhel6-dvs successfully suspended

#virsh start rhel6-dvs 

guest is fine

Comment 12 zhenfeng wang 2012-12-25 08:15:25 UTC

Now, in pkg qemu-guest-agent-win32-0.12.1.2-2.346.el6.x86_64.rpm  we can do the s3/s4 in windows guest based the windows guest agent supported commands list
supported commands:
"guest-info"
"guest-ping"
"guest-sync-delimited"
"guest-sync"
"guest-shutdown" (include shutdown,reboot,halt)
"guest-suspend-disk"
"guest-suspend-ram"
Since there was a bug 888716 over there ,so the command "guest-susend-disk " did not work well so far

Comment 13 errata-xmlrpc 2013-02-21 07:21:12 UTC

Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

http://rhn.redhat.com/errata/RHSA-2013-0276.html

Note You need to log in before you can comment on or make changes to this bug.