952687 – Core dump when qemu-kvm guest quitting

RHEL Engineering is moving the tracking of its product development work on RHEL 6 through RHEL 9 to Red Hat Jira (issues.redhat.com). If you're a Red Hat customer, please continue to file support cases via the Red Hat customer portal. If you're not, please head to the "RHEL project" in Red Hat Jira and file new tickets here. Individual Bugzilla bugs in the statuses "NEW", "ASSIGNED", and "POST" are being migrated throughout September 2023. Bugs of Red Hat partners with an assigned Engineering Partner Manager (EPM) are migrated in late September as per pre-agreed dates. Bugs against components "kernel", "kernel-rt", and "kpatch" are only migrated if still in "NEW" or "ASSIGNED". If you cannot log in to RH Jira, please consult article #7032570. That failing, please send an e-mail to the RH Jira admins at rh-issues@redhat.com to troubleshoot your issue as a user management inquiry. The email creates a ServiceNow ticket with Red Hat. Individual Bugzilla bugs that are migrated will be moved to status "CLOSED", resolution "MIGRATED", and set with "MigratedToJIRA" in "Keywords". The link to the successor Jira issue will be found under "Links", have a little "two-footprint" icon next to it, and direct you to the "RHEL project" in Red Hat Jira (issue links are of type "https://issues.redhat.com/browse/RHEL-XXXX", where "X" is a digit). This same link will be available in a blue banner at the top of the page informing you that that bug has been migrated.

Bug 952687 - Core dump when qemu-kvm guest quitting

Summary: Core dump when qemu-kvm guest quitting

Keywords:
Status:	CLOSED DUPLICATE of bug 869586
Alias:	None
Product:	Red Hat Enterprise Linux 6
Classification:	Red Hat
Component:	qemu-kvm
Sub Component:
Version:	6.5
Hardware:	Unspecified
OS:	Unspecified
Priority:	medium
Severity:	medium
Target Milestone:	rc
Target Release:	---
Assignee:	Virtualization Maintenance
QA Contact:	Virtualization Bugs
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+	depends on / blocked

Reported:	2013-04-16 13:11 UTC by CongLi
Modified:	2013-04-17 12:19 UTC (History)
CC List:	13 users (show)
Fixed In Version:
Doc Type:	Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed:	2013-04-17 12:19:40 UTC
Target Upstream Version:
Embargoed:

Attachments	(Terms of Use)

Description CongLi 2013-04-16 13:11:27 UTC

Description of problem:

Core dump when quitting

Version-Release number of selected component (if applicable):

kernel-2.6.32-358.6.1.el6.x86_64
qemu-kvm-0.12.1.2-2.355.el6_4.3.x86_64

How reproducible:
1/1

Steps to Reproduce:
1. CML:
 /root/autotest/autotest-devel/client/tests/kvm/qemu
     -S
     -name 'vm1'
     -nodefaults
     -chardev socket,id=qmp_id_qmpmonitor1,path=/tmp/monitor-qmpmonitor1-20130417-023721-qLPVffAl,server,nowait
     -mon chardev=qmp_id_qmpmonitor1,mode=control
     -chardev socket,id=serial_id_serial1,path=/tmp/serial-serial1-20130417-023721-qLPVffAl,server,nowait
     -device isa-serial,chardev=serial_id_serial1
     -chardev socket,id=seabioslog_id_20130417-023721-qLPVffAl,path=/tmp/seabios-20130417-023721-qLPVffAl,server,nowait
     -device isa-debugcon,chardev=seabioslog_id_20130417-023721-qLPVffAl,iobase=0x402
     -device ich9-usb-uhci1,id=usb1,bus=pci.0,addr=0x4
     -drive file='/root/autotest/autotest-devel/client/tests/kvm/images/win2008r2-64-virtio.qcow2',if=none,id=drive-virtio-disk1,media=disk,cache=none,boot=off,snapshot=off,format=qcow2,aio=native
     -device virtio-blk-pci,bus=pci.0,addr=0x5,drive=drive-virtio-disk1,id=virtio-disk1
     -device virtio-net-pci,netdev=idrBVLWX,mac=9a:88:89:8a:8b:8c,bus=pci.0,addr=0x3,id='idSDN2f3'
     -netdev tap,id=idrBVLWX,vhost=on,fd=22
     -m 32768
     -smp 16,maxcpus=16,cores=4,threads=2,sockets=2
     -cpu 'Opteron_G4',hv_relaxed
     -M rhel6.4.0
     -drive file='/root/autotest/autotest-devel/client/tests/kvm/isos/windows/winutils.iso',if=none,id=drive-ide0-0-0,media=cdrom,snapshot=off,format=raw
     -device ide-drive,bus=ide.0,unit=0,drive=drive-ide0-0-0,id=ide0-0-0
     -device usb-tablet,id=usb-tablet1,bus=usb1.0,port=1
     -vnc :1
     -vga std
     -rtc base=localtime,clock=host,driftfix=slew
     -boot order=cdn,once=c,menu=off
     -enable-kvm

2.
3.
  
Actual results:

core dump

Expected results:

qemu works well & no core dump happen

Additional info:

1. 
(gdb) bt
#0  qemu_bh_delete (bh=0x643122203a226469) at /usr/src/debug/qemu-kvm-0.12.1.2/async.c:118
#1  0x00007f6f1cf62dbf in virtio_blk_dma_restart_bh (opaque=<value optimized out>) at /usr/src/debug/qemu-kvm-0.12.1.2/hw/virtio-blk.c:465
#2  0x00007f6f1cf85031 in qemu_bh_poll () at /usr/src/debug/qemu-kvm-0.12.1.2/async.c:70
#3  0x00007f6f1cf4e419 in main_loop_wait (timeout=1000) at /usr/src/debug/qemu-kvm-0.12.1.2/vl.c:4017
#4  0x00007f6f1cf7098a in kvm_main_loop () at /usr/src/debug/qemu-kvm-0.12.1.2/qemu-kvm.c:2244
#5  0x00007f6f1cf51018 in main_loop (argc=50, argv=<value optimized out>, envp=<value optimized out>) at /usr/src/debug/qemu-kvm-0.12.1.2/vl.c:4187
#6  main (argc=50, argv=<value optimized out>, envp=<value optimized out>) at /usr/src/debug/qemu-kvm-0.12.1.2/vl.c:6526
(gdb) 

2. CpuInfo
processor	: 31
vendor_id	: AuthenticAMD
cpu family	: 21
model		: 1
model name	: AMD Opteron(TM) Processor 6272                 
stepping	: 2
cpu MHz		: 2100.129
cache size	: 2048 KB
physical id	: 1
siblings	: 16
core id		: 7
cpu cores	: 8
apicid		: 79
initial apicid	: 47
fpu		: yes
fpu_exception	: yes
cpuid level	: 13
wp		: yes
flags		: fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush mmx fxsr sse sse2 ht syscall nx mmxext fxsr_opt pdpe1gb rdtscp lm constant_tsc rep_good nonstop_tsc extd_apicid amd_dcm aperfmperf pni pclmulqdq monitor ssse3 cx16 sse4_1 sse4_2 popcnt aes xsave avx lahf_lm cmp_legacy svm extapic cr8_legacy abm sse4a misalignsse 3dnowprefetch osvw ibs xop skinit wdt lwp fma4 nodeid_msr topoext perfctr_core cpb npt lbrv svm_lock nrip_save tsc_scale vmcb_clean flushbyasid decodeassists pausefilter pfthreshold
bogomips	: 4199.76
TLB size	: 1536 4K pages
clflush size	: 64
cache_alignment	: 64
address sizes	: 48 bits physical, 48 bits virtual
power management: ts ttp tm 100mhzsteps hwpstate cpb

Comment 1 CongLi 2013-04-16 13:12:56 UTC

#0  qemu_bh_delete (bh=0x643122203a226469) at /usr/src/debug/qemu-kvm-0.12.1.2/async.c:118
118	    bh->scheduled = 0;
(gdb) #0  qemu_bh_delete (bh=0x643122203a226469) at /usr/src/debug/qemu-kvm-0.12.1.2/async.c:118
No locals.
#1  0x00007f6f1cf62dbf in virtio_blk_dma_restart_bh (opaque=<value optimized out>) at /usr/src/debug/qemu-kvm-0.12.1.2/hw/virtio-blk.c:465
        s = 0x7f6f1e418dc0
        req = 0x7f6f1abcef28
        mrb = {blkreq = {{sector = 0, nb_sectors = 0, qiov = 0x0, cb = 0, opaque = 0x0, error = 0} <repeats 32 times>}, num_writes = 0, old_bs = 0x0}
#2  0x00007f6f1cf85031 in qemu_bh_poll () at /usr/src/debug/qemu-kvm-0.12.1.2/async.c:70
        bh = <value optimized out>
        bhp = <value optimized out>
        next = 0x7f6f1e3f5e90
        ret = 1
        nesting = 1
#3  0x00007f6f1cf4e419 in main_loop_wait (timeout=1000) at /usr/src/debug/qemu-kvm-0.12.1.2/vl.c:4017
        ioh = <value optimized out>
        rfds = {fds_bits = {72057594037927936, 0 <repeats 15 times>}}
        wfds = {fds_bits = {0 <repeats 16 times>}}
        xfds = {fds_bits = {0 <repeats 16 times>}}
        ret = 2
        nfds = 57
        tv = {tv_sec = 0, tv_usec = 999992}
#4  0x00007f6f1cf7098a in kvm_main_loop () at /usr/src/debug/qemu-kvm-0.12.1.2/qemu-kvm.c:2244
        fds = {53, 54}
        mask = {__val = {268443712, 0 <repeats 15 times>}}
        sigfd = 55
#5  0x00007f6f1cf51018 in main_loop (argc=50, argv=<value optimized out>, envp=<value optimized out>) at /usr/src/debug/qemu-kvm-0.12.1.2/vl.c:4187
        r = <value optimized out>
#6  main (argc=50, argv=<value optimized out>, envp=<value optimized out>) at /usr/src/debug/qemu-kvm-0.12.1.2/vl.c:6526
        gdbstub_dev = 0x0
        i = <value optimized out>
        snapshot = 0
        linux_boot = 0
        initrd_filename = 0x0
        kernel_filename = 0x0
        kernel_cmdline = 0x7f6f1d10320f ""
        boot_devices = "c\000n", '\000' <repeats 29 times>
        ds = <value optimized out>
        dcl = <value optimized out>
        cyls = 0
        heads = 0
        secs = 0
        translation = 0
        hda_opts = 0x7f6f1d45c5f0
        opts = <value optimized out>
        olist = <value optimized out>
        optind = 50
        optarg = 0x0
        loadvm = 0x0
        machine = 0x7f6f1d455fe0
        cpu_model = 0x7fff97e78534 "Opteron_G4,hv_relaxed"
        fds = {485371904, 32623}
        tb_size = 0
        pid_file = 0x0
        incoming = 0x0
        fd = 0
        pwd = 0x0
        chroot_dir = 0x0
        run_as = 0x0
        env = <value optimized out>
        show_vnc_port = 0
        defconfig = <value optimized out>
        defconfig_verbose = <value optimized out>
(gdb) quit

Comment 3 CongLi 2013-04-17 01:20:40 UTC

This bug also happens on qemu-kvm-0.12.1.2-2.355.el6.x86_64

Comment 4 Qunfang Zhang 2013-04-17 07:31:10 UTC

This bug seems like a duplicate of bug 869586.

Comment 5 Luiz Capitulino 2013-04-17 12:19:40 UTC

Yes, judging by the backtrace this seems to be the same issue. I'm not 100% sure though, but we can always re-open the bug if needed.

CongLi, can you please add a comment to bug 869586 describing how you triggered this issue?

*** This bug has been marked as a duplicate of bug 869586 ***

Note You need to log in before you can comment on or make changes to this bug.