[fedora-virt] libvirtd crashes host when autostarting

Dale Bewley dlbewley at lib.ucdavis.edu
Mon Dec 14 02:04:32 UTC 2009


On Fri, 2009-10-09 at 10:39 -0400, Rich Mahn wrote:
> > On Fri, 2009-10-09 at 09:45 -0400, Rich Mahn wrote:
> > > Summary:
> > >    My host crashes when I use the autostart function in
> > > libvirtd.
> > > 
> > > This command sequence works fine:
> > > 
> > > service libvirtd stop
> > > virsh autostart mydomain --disable
> > > service lib virtd start
> > > virsh start mydomain
> > > 
> > > This command sequence will crash the host:
> > > 
> > > service libvirtd stop
> > > virsh autostart mydomain
> > > service libvirtd start
> > > 
> > > 
> > > I can't find any error messages related to this.  The host system
> > > freezes, the keyboard starts blinking the caps-lock and scroll-lock,
> > > and as best I can tell, the kernel has stopped running.
> 
> > Ouch, that's really bad. This is a 2.6.30 kernel, right? Is it still
> > reproducible with an older 2.6.29 kernel or a 2.6.31 kernel from
> > rawhide?
> 
> okay, it works correctly on 2.6.29.  I'm trying to figure out how to
> install 2.6.31 from rawhide without having dozens/hundreds of other
> packages modified as well.  Is there some option to 'yum' that will do
> what I need?

I am seeing a kernel oops and panic on a host running
2.6.31.6-166.fc12.x86_64 (and also at least 2.6.31.6-145) when I
autostart a f12-x86_64 qemu-kvm guest.

If I flag a guest as autoboot and reboot the host then the host starts,
the guest starts, and some seconds later (presumably when the guest is
fully up or just before) the host OOPs and hangs. The full error log is
attached, it begins as:

BUG: unable to handle kernel paging request at 0000000000200200
IP: [<ffffffff8139aad7>] destroy_conntrack+0x82/0x11f
PGD 209d9d067 PUD 214dfa067 PMD 0 
Oops: 0002 [#1] SMP 
last sysfs
file: /sys/devices/pci0000:00/0000:00:09.0/0000:01:00.0/0000:02:02.0/0000:05:00.0/0000:06:00.0/irq
CPU 0 
Modules linked in: tun bridge stp llc xt_physdev ipt_LOG xt_limit
xt_comment xt_multiport ip6t_REJECT nf_conntrack_ipv6 ip6table_filter
ip6_tables ipv6 dm_multipath kvm_amd kvm bnx2 amd64_edac_mod shpchp
edac_core i2c_piix4 serio_raw dcdbas raid1 raid10 mptsas mptscsih
mptbase sata_svw scsi_transport_sas radeon ttm drm_kms_helper drm
i2c_algo_bit i2c_core [last unloaded: freq_table]
Pid: 1962, comm: qemu-kvm Not tainted 2.6.31.6-166.fc12.x86_64 #1
PowerEdge 2970
RIP: 0010:[<ffffffff8139aad7>]  [<ffffffff8139aad7>] destroy_conntrack
+0x82/0x11f

I'm running on a quad core AMD with:

qemu-kvm-0.11.0-12.fc12.x86_64
kernel-2.6.31.6-166.fc12.x86_64
libvirt-0.7.1-15.fc12.x86_64

What can I do to help further diagnose this problem?
-------------- next part --------------
vm1.hq.nfcsac.com login: BUG: unable to handle kernel paging request at 0000000000200200
IP: [<ffffffff8139aad7>] destroy_conntrack+0x82/0x11f
PGD 209d9d067 PUD 214dfa067 PMD 0 
Oops: 0002 [#1] SMP 
last sysfs file: /sys/devices/pci0000:00/0000:00:09.0/0000:01:00.0/0000:02:02.0/0000:05:00.0/0000:06:00.0/irq
CPU 0 
Modules linked in: tun bridge stp llc xt_physdev ipt_LOG xt_limit xt_comment xt_multiport ip6t_REJECT nf_conntrack_ipv6 ip6table_filter ip6_tables ipv6 dm_multipath kvm_amd kvm bnx2 amd64_edac_mod shpchp edac_core i2c_piix4 serio_raw dcdbas raid1 raid10 mptsas mptscsih mptbase sata_svw scsi_transport_sas radeon ttm drm_kms_helper drm i2c_algo_bit i2c_core [last unloaded: freq_table]
Pid: 1962, comm: qemu-kvm Not tainted 2.6.31.6-166.fc12.x86_64 #1 PowerEdge 2970
RIP: 0010:[<ffffffff8139aad7>]  [<ffffffff8139aad7>] destroy_conntrack+0x82/0x11f
RSP: 0018:ffff880028037c58  EFLAGS: 00010202
RAX: 0000000080000001 RBX: ffffffff816fb1a0 RCX: 0000000000000000
RDX: 0000000000200200 RSI: 0000000000000011 RDI: ffffffff816fb1a0
RBP: ffff880028037c68 R08: 0000000000000000 R09: 0000000000000020
R10: ffff880028037aa8 R11: ffff880028037c1c R12: ffffffff819a92e0
R13: ffffffffa01cfdcc R14: 0000000000000000 R15: ffff88020bde0338
FS:  00007f651698b780(0000) GS:ffff880028034000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 000000008005003b
CR2: 0000000000200200 CR3: 0000000209d9a000 CR4: 00000000000006f0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7: 0000000000000400
Process qemu-kvm (pid: 1962, threadinfo ffff88020c940000, task ffff88020d025e00)
Stack:
 ffff88020bde0300 ffff880212478010 ffff880028037c78 ffffffff813989e2
<0> ffff880028037c98 ffffffff813740b2 ffff880028037c98 ffff88020bde0300
<0> ffff880028037cb8 ffffffff81373df3 0000000400000000 ffff88020bde0300
Call Trace:
 <IRQ> 
 [<ffffffff813989e2>] nf_conntrack_destroy+0x1b/0x1d
 [<ffffffff813740b2>] skb_release_head_state+0x95/0xd7
 [<ffffffff81373df3>] __kfree_skb+0x16/0x81
 [<ffffffff81373ef7>] kfree_skb+0x6a/0x72
 [<ffffffffa01cfdcc>] ip6_mc_input+0x220/0x230 [ipv6]
 [<ffffffffa01cf3d1>] ip6_rcv_finish+0x27/0x2b [ipv6]
 [<ffffffffa01cf763>] ipv6_rcv+0x38e/0x3e5 [ipv6]
 [<ffffffff8137bdb1>] netif_receive_skb+0x402/0x427
 [<ffffffffa024ea72>] br_handle_frame_finish+0x104/0x13c [bridge]
 [<ffffffffa024ec3e>] br_handle_frame+0x194/0x1ae [bridge]
 [<ffffffff8137bcdf>] netif_receive_skb+0x330/0x427
 [<ffffffff81017bc1>] ? read_tsc+0x9/0x1b
 [<ffffffff8137be60>] process_backlog+0x8a/0xc3
 [<ffffffff8137c4d0>] net_rx_action+0xaf/0x1c9
 [<ffffffff81057614>] __do_softirq+0xdd/0x1ad
 [<ffffffff81012eac>] call_softirq+0x1c/0x30
 <EOI> 
 [<ffffffff810143fb>] do_softirq+0x47/0x8d
 [<ffffffff8137c610>] netif_rx_ni+0x26/0x2b
 [<ffffffffa0260d72>] tun_chr_aio_write+0x3b8/0x413 [tun]
 [<ffffffffa02609ba>] ? tun_chr_aio_write+0x0/0x413 [tun]
 [<ffffffff810fc333>] do_sync_readv_writev+0xe5/0x124
 [<ffffffff81067b03>] ? autoremove_wake_function+0x0/0x39
 [<ffffffff811c206c>] ? selinux_file_permission+0x58/0x5d
 [<ffffffff811ba7bd>] ? security_file_permission+0x16/0x18
 [<ffffffff810fd0cf>] do_readv_writev+0xa7/0x127
 [<ffffffff811ff209>] ? __up_read+0x76/0x81
 [<ffffffff810fd192>] vfs_writev+0x43/0x4e
 [<ffffffff810fd282>] sys_writev+0x4a/0x93
 [<ffffffff81011cf2>] system_call_fastpath+0x16/0x1b
Code: c7 00 a6 9a 81 e8 23 04 08 00 48 89 df e8 68 29 00 00 f6 43 78 08 75 24 48 8b 53 10 48 85 d2 75 04 0f 0b eb fe 48 8b 43 08 a8 01 <48> 89 02 75 04 48 89 50 08 48 c7 43 10 00 02 20 00 65 8b 14 25 
RIP  [<ffffffff8139aad7>] destroy_conntrack+0x82/0x11f
 RSP <ffff880028037c58>
CR2: 0000000000200200
---[ end trace cb05ad0be1064f8c ]---
Kernel panic - not syncing: Fatal exception in interrupt
Pid: 1962, comm: qemu-kvm Tainted: G      D    2.6.31.6-166.fc12.x86_64 #1
Call Trace:
 <IRQ>  [<ffffffff81418b3c>] panic+0x7a/0x12c
 [<ffffffff8141bd8d>] oops_end+0xb2/0xc2
 [<ffffffff81034571>] no_context+0x1f6/0x205
 [<ffffffff81382fc8>] ? neigh_lookup+0xc7/0xd9
 [<ffffffff81034723>] __bad_area_nosemaphore+0x1a3/0x1c9
 [<ffffffffa01d7cd5>] ? __ip6_ins_rt+0x47/0x55 [ipv6]
 [<ffffffffa01d7d1b>] ? ip6_ins_rt+0x38/0x3a [ipv6]
 [<ffffffffa01d9bae>] ? ip6_pol_route+0x22b/0x28e [ipv6]
 [<ffffffff8139a963>] ? __nf_conntrack_find+0xc1/0xd3
 [<ffffffff8103475c>] bad_area_nosemaphore+0x13/0x15
 [<ffffffff8141d18a>] do_page_fault+0x14a/0x299
 [<ffffffffa01cfdcc>] ? ip6_mc_input+0x220/0x230 [ipv6]
 [<ffffffff8141b255>] page_fault+0x25/0x30
 [<ffffffffa01cfdcc>] ? ip6_mc_input+0x220/0x230 [ipv6]
 [<ffffffff8139aad7>] ? destroy_conntrack+0x82/0x11f
 [<ffffffff8139aabe>] ? destroy_conntrack+0x69/0x11f
 [<ffffffff813989e2>] nf_conntrack_destroy+0x1b/0x1d
 [<ffffffff813740b2>] skb_release_head_state+0x95/0xd7
 [<ffffffff81373df3>] __kfree_skb+0x16/0x81
 [<ffffffff81373ef7>] kfree_skb+0x6a/0x72
 [<ffffffffa01cfdcc>] ip6_mc_input+0x220/0x230 [ipv6]
 [<ffffffffa01cf3d1>] ip6_rcv_finish+0x27/0x2b [ipv6]
 [<ffffffffa01cf763>] ipv6_rcv+0x38e/0x3e5 [ipv6]
 [<ffffffff8137bdb1>] netif_receive_skb+0x402/0x427
 [<ffffffffa024ea72>] br_handle_frame_finish+0x104/0x13c [bridge]
 [<ffffffffa024ec3e>] br_handle_frame+0x194/0x1ae [bridge]
 [<ffffffff8137bcdf>] netif_receive_skb+0x330/0x427
 [<ffffffff81017bc1>] ? read_tsc+0x9/0x1b
 [<ffffffff8137be60>] process_backlog+0x8a/0xc3
 [<ffffffff8137c4d0>] net_rx_action+0xaf/0x1c9
 [<ffffffff81057614>] __do_softirq+0xdd/0x1ad
 [<ffffffff81012eac>] call_softirq+0x1c/0x30
 <EOI>  [<ffffffff810143fb>] do_softirq+0x47/0x8d
 [<ffffffff8137c610>] netif_rx_ni+0x26/0x2b
 [<ffffffffa0260d72>] tun_chr_aio_write+0x3b8/0x413 [tun]
 [<ffffffffa02609ba>] ? tun_chr_aio_write+0x0/0x413 [tun]
 [<ffffffff810fc333>] do_sync_readv_writev+0xe5/0x124
 [<ffffffff81067b03>] ? autoremove_wake_function+0x0/0x39
 [<ffffffff811c206c>] ? selinux_file_permission+0x58/0x5d
 [<ffffffff811ba7bd>] ? security_file_permission+0x16/0x18
 [<ffffffff810fd0cf>] do_readv_writev+0xa7/0x127
 [<ffffffff811ff209>] ? __up_read+0x76/0x81
 [<ffffffff810fd192>] vfs_writev+0x43/0x4e
 [<ffffffff810fd282>] sys_writev+0x4a/0x93
 [<ffffffff81011cf2>] system_call_fastpath+0x16/0x1b
[drm:drm_fb_helper_panic] *ERROR* panic occurred, switching back to text console
BUG: scheduling while atomic: qemu-kvm/1962/0x10000200
Modules linked in: tun bridge stp llc xt_physdev ipt_LOG xt_limit xt_comment xt_multiport ip6t_REJECT nf_conntrack_ipv6 ip6table_filter ip6_tables ipv6 dm_multipath kvm_amd kvm bnx2 amd64_edac_mod shpchp edac_core i2c_piix4 serio_raw dcdbas raid1 raid10 mptsas mptscsih mptbase sata_svw scsi_transport_sas radeon ttm drm_kms_helper drm i2c_algo_bit i2c_core [last unloaded: freq_table]
Pid: 1962, comm: qemu-kvm Tainted: G      D    2.6.31.6-166.fc12.x86_64 #1
Call Trace:
 <IRQ>  [<ffffffff81048f9a>] __schedule_bug+0x61/0x65
 [<ffffffff81418e40>] schedule+0xb3/0x7f2
 [<ffffffff8141d359>] ? atomic_notifier_call_chain+0x13/0x15
 [<ffffffff8128b211>] ? vt_console_print+0x24c/0x262
 [<ffffffff8104b931>] __cond_resched+0x32/0x5b
 [<ffffffff814196ff>] _cond_resched+0x2c/0x37
 [<ffffffff810f4168>] __kmalloc+0xb6/0x15c
 [<ffffffffa004141d>] ? drm_crtc_helper_set_config+0xd3/0x787 [drm_kms_helper]
 [<ffffffff81051d0b>] ? release_console_sem+0x192/0x1c3
 [<ffffffffa004141d>] drm_crtc_helper_set_config+0xd3/0x787 [drm_kms_helper]
 [<ffffffff81014c46>] ? dump_trace+0x24d/0x25f
 [<ffffffffa0040112>] drm_fb_helper_force_kernel_mode+0x40/0x7b [drm_kms_helper]
 [<ffffffffa00401a9>] drm_fb_helper_panic+0x23/0x28 [drm_kms_helper]
 [<ffffffff8141d30b>] notifier_call_chain+0x32/0x5e
 [<ffffffff8141d359>] atomic_notifier_call_chain+0x13/0x15
 [<ffffffff81418b5e>] panic+0x9c/0x12c
 [<ffffffff8141bd8d>] oops_end+0xb2/0xc2
 [<ffffffff81034571>] no_context+0x1f6/0x205
 [<ffffffff81382fc8>] ? neigh_lookup+0xc7/0xd9
 [<ffffffff81034723>] __bad_area_nosemaphore+0x1a3/0x1c9
 [<ffffffffa01d7cd5>] ? __ip6_ins_rt+0x47/0x55 [ipv6]
 [<ffffffffa01d7d1b>] ? ip6_ins_rt+0x38/0x3a [ipv6]
 [<ffffffffa01d9bae>] ? ip6_pol_route+0x22b/0x28e [ipv6]
 [<ffffffff8139a963>] ? __nf_conntrack_find+0xc1/0xd3
 [<ffffffff8103475c>] bad_area_nosemaphore+0x13/0x15
 [<ffffffff8141d18a>] do_page_fault+0x14a/0x299
 [<ffffffffa01cfdcc>] ? ip6_mc_input+0x220/0x230 [ipv6]
 [<ffffffff8141b255>] page_fault+0x25/0x30
 [<ffffffffa01cfdcc>] ? ip6_mc_input+0x220/0x230 [ipv6]
 [<ffffffff8139aad7>] ? destroy_conntrack+0x82/0x11f
 [<ffffffff8139aabe>] ? destroy_conntrack+0x69/0x11f
 [<ffffffff813989e2>] nf_conntrack_destroy+0x1b/0x1d
 [<ffffffff813740b2>] skb_release_head_state+0x95/0xd7
 [<ffffffff81373df3>] __kfree_skb+0x16/0x81
 [<ffffffff81373ef7>] kfree_skb+0x6a/0x72
 [<ffffffffa01cfdcc>] ip6_mc_input+0x220/0x230 [ipv6]
 [<ffffffffa01cf3d1>] ip6_rcv_finish+0x27/0x2b [ipv6]
 [<ffffffffa01cf763>] ipv6_rcv+0x38e/0x3e5 [ipv6]
 [<ffffffff8137bdb1>] netif_receive_skb+0x402/0x427
 [<ffffffffa024ea72>] br_handle_frame_finish+0x104/0x13c [bridge]
 [<ffffffffa024ec3e>] br_handle_frame+0x194/0x1ae [bridge]
 [<ffffffff8137bcdf>] netif_receive_skb+0x330/0x427
 [<ffffffff81017bc1>] ? read_tsc+0x9/0x1b
 [<ffffffff8137be60>] process_backlog+0x8a/0xc3
 [<ffffffff8137c4d0>] net_rx_action+0xaf/0x1c9
 [<ffffffff81057614>] __do_softirq+0xdd/0x1ad
 [<ffffffff81012eac>] call_softirq+0x1c/0x30
 <EOI>  [<ffffffff810143fb>] do_softirq+0x47/0x8d
 [<ffffffff8137c610>] netif_rx_ni+0x26/0x2b
 [<ffffffffa0260d72>] tun_chr_aio_write+0x3b8/0x413 [tun]
 [<ffffffffa02609ba>] ? tun_chr_aio_write+0x0/0x413 [tun]
 [<ffffffff810fc333>] do_sync_readv_writev+0xe5/0x124
 [<ffffffff81067b03>] ? autoremove_wake_function+0x0/0x39
 [<ffffffff811c206c>] ? selinux_file_permission+0x58/0x5d
 [<ffffffff811ba7bd>] ? security_file_permission+0x16/0x18
 [<ffffffff810fd0cf>] do_readv_writev+0xa7/0x127
 [<ffffffff811ff209>] ? __up_read+0x76/0x81
 [<ffffffff810fd192>] vfs_writev+0x43/0x4e
 [<ffffffff810fd282>] sys_writev+0x4a/0x93
 [<ffffffff81011cf2>] system_call_fastpath+0x16/0x1b


More information about the Fedora-virt mailing list