Note: This is a beta release of Red Hat Bugzilla 5.0. The data contained within is a snapshot of the live data so any changes you make will not be reflected in the production Bugzilla. Also email is disabled so feel free to test any aspect of the site that you want. File any problems you find or give feedback here.
Bug 1362045 - qemu core dumped when $fd<>/dev/tapN for network interface is missing
Summary: qemu core dumped when $fd<>/dev/tapN for network interface is missing
Keywords:
Status: CLOSED WONTFIX
Alias: None
Product: Red Hat Enterprise Linux 7
Classification: Red Hat
Component: qemu-kvm-rhev
Version: 7.3
Hardware: Unspecified
OS: Unspecified
low
unspecified
Target Milestone: rc
: ---
Assignee: jason wang
QA Contact: weliao
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2016-08-01 08:58 UTC by yangyang
Modified: 2017-06-14 07:15 UTC (History)
10 users (show)

Fixed In Version:
Doc Type: If docs needed, set a value
Doc Text:
Clone Of:
Environment:
Last Closed: 2017-04-17 06:48:13 UTC


Attachments (Terms of Use)
backtrace (deleted)
2016-08-01 09:17 UTC, yangyang
no flags Details

Description yangyang 2016-08-01 08:58:23 UTC
Description of problem:
qemu core dumped when $fd<>/dev/tapN for network interface is missing

Version-Release number of selected component (if applicable):
qemu-kvm-rhev-2.6.0-15.el7.x86_64

How reproducible:
100%

Steps to Reproduce:
1.# /usr/libexec/qemu-kvm -machine q35,accel=kvm,usb=off \
> -smp 4,maxcpus=4,cores=2,threads=2,sockets=1 \
> -cpu SandyBridge,enforce \
> -m 2G \
> -boot strict=on \
> -device i82801b11-bridge,id=pci.1,bus=pcie.0,addr=0x1e \
> -device pci-bridge,chassis_nr=2,id=pci.2,bus=pci.1,addr=0x0 \
> -device pxb-pcie,id=pci.3,bus=pcie.0,bus_nr=10 \
> -device ioh3420,bus=pci.3,id=pci.4,slot=1 \
> -device x3130-upstream,bus=pci.4,id=pci.5 \
> -device xio3130-downstream,bus=pci.5,id=pci.6,chassis=6 \
> -netdev tap,id=macvtap0,fd=23 \
> -device rtl8139,netdev=macvtap0,id=net0,mac=52:54:00:ee:0e:26,bus=pci.6 \
> -drive file=/mnt/nfs2/RHEL-7.3-latest.qcow2,format=qcow2,if=none,id=drive-virtio-disk0 \
> -device virtio-blk-pci,scsi=off,bus=pci.2,addr=0x3,drive=drive-virtio-disk0,id=virtio-disk0,bootindex=1 \
> -monitor stdio -spice port=5931,disable-ticketing -boot menu=on \
> -qmp tcp:0:6666,server,nowait
qemu-kvm: -netdev tap,id=macvtap0,fd=23: TUNGETIFF ioctl() failed: Bad file descriptor
TUNSETOFFLOAD ioctl() failed: Bad file descriptor
QEMU 2.6.0 monitor - type 'help' for more information
(qemu) dispatcher_handle_single_read: error reading from dispatcher: 14
Segmentation fault (core dumped)

2.
3.

Actual results:
qemu core dumped

Expected results:
Report proper error to user

Additional info:

Comment 1 yangyang 2016-08-01 09:17:05 UTC
Created attachment 1186310 [details]
backtrace

Comment 2 weliao 2016-08-01 09:57:10 UTC
This bug has a bit strange,seems gdb can't catch the segfault,guest can boot normal, but no used gdb boot guest will core dumped. 

add host dmesg info:
Aug  1 17:54:42 localhost kvm: 1 guest now active
Aug  1 17:54:52 localhost kernel: kvm_get_msr_common: 45 callbacks suppressed
Aug  1 17:54:52 localhost kernel: kvm [8542]: vcpu1 unhandled rdmsr: 0x606
Aug  1 17:54:54 localhost kernel: kvm [8542]: vcpu0 unhandled rdmsr: 0x611
Aug  1 17:54:54 localhost kernel: kvm [8542]: vcpu0 unhandled rdmsr: 0x639
Aug  1 17:54:54 localhost kernel: kvm [8542]: vcpu0 unhandled rdmsr: 0x641
Aug  1 17:54:54 localhost kernel: kvm [8542]: vcpu0 unhandled rdmsr: 0x619
Aug  1 17:54:54 localhost kernel: kvm [8542]: vcpu0 unhandled rdmsr: 0x60d
Aug  1 17:54:54 localhost kernel: kvm [8542]: vcpu0 unhandled rdmsr: 0x3f8
Aug  1 17:54:54 localhost kernel: kvm [8542]: vcpu0 unhandled rdmsr: 0x3f9
Aug  1 17:54:54 localhost kernel: kvm [8542]: vcpu0 unhandled rdmsr: 0x3fa
Aug  1 17:54:54 localhost kernel: kvm [8542]: vcpu0 unhandled rdmsr: 0x630
Aug  1 17:54:56 localhost kernel: qemu-kvm[8551]: segfault at 7fad8fd75380 ip 00007fa59d4a3612 sp 00007fa50c7fe8a0 error 4 in libspice-server.so.1.8.0[7fa59d481000+11d000]
Aug  1 17:54:56 localhost abrt-hook-ccpp: Process 8542 (qemu-kvm) of user 0 killed by SIGSEGV - dumping core
Aug  1 17:55:07 localhost abrt-hook-ccpp: Failed to create core_backtrace: waitpid failed: No child processes
Aug  1 17:55:07 localhost kvm: 0 guests now active
Aug  1 17:55:07 localhost abrt-server: Package 'qemu-kvm-rhev' isn't signed with proper key
Aug  1 17:55:07 localhost abrt-server: 'post-create' on '/var/spool/abrt/ccpp-2016-08-01-17:54:56-8542' exited with 1
Aug  1 17:55:07 localhost abrt-server: Deleting problem directory '/var/spool/abrt/ccpp-2016-08-01-17:54:56-8542'

Comment 4 Marcel Apfelbaum 2016-08-01 14:02:58 UTC
Hi,

Does it happen if the device is attached directly to pcie.0?
Does it happen on i440fx machine if the device is connected to a pci-bridge?

Thanks,
Marcel

Comment 5 yangyang 2016-08-02 06:01:13 UTC
(In reply to Marcel Apfelbaum from comment #4)
> Hi,
> 

Hi Marcel,

I have 1 bridge like this

# ip link show macvtap0 
36: macvtap0@eno1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UNKNOWN mode DEFAULT qlen 500
    link/ether 52:54:00:ee:0e:26 brd ff:ff:ff:ff:ff:ff

> Does it happen if the device is attached directly to pcie.0?

Yes, but it does not 100% happen. 

e.g.
# time /usr/libexec/qemu-kvm \
-machine q35,accel=kvm,usb=off \
-smp 4,maxcpus=4,cores=2,threads=2,sockets=1 \
-cpu SandyBridge,enforce \
-m 2G \
-boot strict=on \
-device i82801b11-bridge,id=pci.1,bus=pcie.0,addr=0x1e \
-device pci-bridge,chassis_nr=2,id=pci.2,bus=pci.1,addr=0x0 \
-netdev tap,id=macvtap0,fd=23 \
-device rtl8139,netdev=macvtap0,id=net0,bus=pcie.0 \
-drive file=/mnt/nfs2/RHEL-7.3-latest.qcow2,format=qcow2,if=none,id=drive-virtio-disk0 \
-device virtio-blk-pci,scsi=off,bus=pci.2,addr=0x3,drive=drive-virtio-disk0,id=virtio-disk0,bootindex=1 \
-monitor stdio \
-spice port=5931,disable-ticketing \
-boot menu=on -qmp tcp:0:6666,server,nowait

qemu-kvm: -netdev tap,id=macvtap0,fd=23: TUNGETIFF ioctl() failed: Bad file descriptor
TUNSETOFFLOAD ioctl() failed: Bad file descriptor
QEMU 2.6.0 monitor - type 'help' for more information
(qemu) dispatcher_handle_single_read: error: no handler for message type 13107
Segmentation fault (core dumped)

real	0m21.838s
user	0m8.440s
sys	0m4.223s


> Does it happen on i440fx machine if the device is connected to a pci-bridge?

No. Guest starts up on i440fx machine type and qemu is not crashed

e.g.

/usr/libexec/qemu-kvm \
-machine pc \
-m 1024 \
-boot strict=on \
-device pci-bridge,chassis_nr=1,id=pci.1,bus=pci.0,addr=0x8 \
-netdev tap,id=macvtap0,fd=5 \
-device rtl8139,netdev=macvtap0,id=net0,bus=pci.1,addr=0x2 \
-drive file=/mnt/nfs2/RHEL-7.3-latest.qcow2,format=qcow2,if=none,id=drive-virtio-disk0 \
-device virtio-blk-pci,scsi=off,bus=pci.1,addr=0x3,drive=drive-virtio-disk0,id=virtio-disk0,bootindex=1 \
-monitor stdio -spice port=5931,disable-ticketing -boot menu=on \
-qmp tcp:0:6666,server,nowait

qemu-kvm: -netdev tap,id=macvtap0,fd=5: TUNGETIFF ioctl() failed: Inappropriate ioctl for device
TUNSETOFFLOAD ioctl() failed: Inappropriate ioctl for device
QEMU 2.6.0 monitor - type 'help' for more information


(qemu) info network 
net0: index=0,type=nic,model=rtl8139,macaddr=52:54:00:12:34:56
 \ macvtap0: index=0,type=tap,fd=5

Thanks
Yang

> 
> Thanks,
> Marcel

Comment 6 Marcel Apfelbaum 2016-08-02 07:03:05 UTC
Hi,

Thank you for your fast response!
Last question, will it happen with virtio-nic-pci?

Thanks,
Marcel

Comment 8 yangyang 2016-08-03 09:57:48 UTC
(In reply to Marcel Apfelbaum from comment #6)
> Hi,
> 
> Thank you for your fast response!
> Last question, will it happen with virtio-nic-pci?
> 
> Thanks,
> Marcel

It happens with virtio-nic-pci

[root@rhel7_test ~]# ip link show macvtap0
6: macvtap0@eno1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UNKNOWN mode DEFAULT qlen 500
    link/ether 52:54:00:ee:0e:26 brd ff:ff:ff:ff:ff:ff
[root@rhel7_test ~]# /usr/libexec/qemu-kvm -machine q35,accel=kvm,usb=off \
> -smp 4,maxcpus=4,cores=2,threads=2,sockets=1 \
> -cpu SandyBridge,enforce \
> -m 2G \
> -boot strict=on \
> -device i82801b11-bridge,id=pci.1,bus=pcie.0,addr=0x1e \
> -device pci-bridge,chassis_nr=2,id=pci.2,bus=pci.1,addr=0x0 \
> -netdev tap,id=macvtap0,fd=23 \
> -device virtio-net-pci,netdev=macvtap0,id=net0,bus=pcie.0 \
> -drive file=/mnt/nfs2/RHEL-7.3-latest.qcow2,format=qcow2,if=none,id=drive-virtio-disk0 \
> -device virtio-blk-pci,scsi=off,bus=pci.2,addr=0x3,drive=drive-virtio-disk0,id=virtio-disk0,bootindex=1 \
> -monitor stdio -spice port=5931,disable-ticketing -boot menu=on \
> -qmp tcp:0:6666,server,nowait
qemu-kvm: -netdev tap,id=macvtap0,fd=23: TUNGETIFF ioctl() failed: Bad file descriptor
TUNSETOFFLOAD ioctl() failed: Bad file descriptor
QEMU 2.6.0 monitor - type 'help' for more information
(qemu) dispatcher_handle_single_read: error: no handler for message type 13107
Segmentation fault (core dumped)


Note You need to log in before you can comment on or make changes to this bug.