Note: This bug is displayed in read-only format because
the product is no longer active in Red Hat Bugzilla.
RHEL Engineering is moving the tracking of its product development work on RHEL 6 through RHEL 9 to Red Hat Jira (issues.redhat.com). If you're a Red Hat customer, please continue to file support cases via the Red Hat customer portal. If you're not, please head to the "RHEL project" in Red Hat Jira and file new tickets here. Individual Bugzilla bugs in the statuses "NEW", "ASSIGNED", and "POST" are being migrated throughout September 2023. Bugs of Red Hat partners with an assigned Engineering Partner Manager (EPM) are migrated in late September as per pre-agreed dates. Bugs against components "kernel", "kernel-rt", and "kpatch" are only migrated if still in "NEW" or "ASSIGNED". If you cannot log in to RH Jira, please consult article #7032570. That failing, please send an e-mail to the RH Jira admins at rh-issues@redhat.com to troubleshoot your issue as a user management inquiry. The email creates a ServiceNow ticket with Red Hat. Individual Bugzilla bugs that are migrated will be moved to status "CLOSED", resolution "MIGRATED", and set with "MigratedToJIRA" in "Keywords". The link to the successor Jira issue will be found under "Links", have a little "two-footprint" icon next to it, and direct you to the "RHEL project" in Red Hat Jira (issue links are of type "https://issues.redhat.com/browse/RHEL-XXXX", where "X" is a digit). This same link will be available in a blue banner at the top of the page informing you that that bug has been migrated.
qemu-kvm-389 also hit this problem.
(gdb) bt
#0 0x00007ffff772d6fd in write () from /lib64/libpthread.so.0
#1 0x00007ffff749e651 in ?? () from /lib64/libglib-2.0.so.0
#2 0x00007ffff744f387 in g_io_channel_write_chars () from /lib64/libglib-2.0.so.0
#3 0x00007ffff7e5481e in io_channel_send (fd=0x7ffff86e4b10, buf=0x7fffd27cfce0, len=7)
at /usr/src/debug/qemu-kvm-0.12.1.2/qemu-char.c:726
#4 0x00007ffff7f24df4 in flush_buf (port=0x7ffff9bc1440, buf=0x7fffd27cfce0 "abc \r\n", len=7)
at /usr/src/debug/qemu-kvm-0.12.1.2/hw/virtio-console.c:58
#5 0x00007ffff7de835c in do_flush_queued_data (port=0x7ffff9bc1440, vq=0x7ffff9b921a0, vdev=0x7ffff87811c0)
at /usr/src/debug/qemu-kvm-0.12.1.2/hw/virtio-serial-bus.c:193
#6 0x00007ffff7e05d21 in qemu_bh_poll () at /usr/src/debug/qemu-kvm-0.12.1.2/async.c:70
#7 0x00007ffff7dce989 in main_loop_wait (timeout=1000) at /usr/src/debug/qemu-kvm-0.12.1.2/vl.c:4090
#8 0x00007ffff7df13aa in kvm_main_loop () at /usr/src/debug/qemu-kvm-0.12.1.2/qemu-kvm.c:2244
#9 0x00007ffff7dd2248 in main_loop (argc=55, argv=<value optimized out>, envp=<value optimized out>)
at /usr/src/debug/qemu-kvm-0.12.1.2/vl.c:4260
#10 main (argc=55, argv=<value optimized out>, envp=<value optimized out>)
at /usr/src/debug/qemu-kvm-0.12.1.2/vl.c:6631
qemu-kvm-0.12.1.2-2.412.el6.x86_64 can not hit this problem.
host:
qemu-kvm-0.12.1.2-2.412.el6.x86_64
kernel-2.6.32-423.el6.x86_64
guest:
win7-64
virtio-win-prewhql-72
Steps is the same as comment#0 .
Result:
Guest works well, can able transfer data by virtio serial.
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.
For information on the advisory, and where to find the updated
files, follow the link below.
If the solution does not work for you, open a new bug report.
http://rhn.redhat.com/errata/RHSA-2013-1553.html
Description of problem: hot plug virtio-serial port and pci device, transfer some characters, and reconnect, transfer data again, qemu-kvm will core dumped. Version-Release number of selected component (if applicable): host:RHEL6.5-20130820.2 qemu-kvm-0.12.1.2-2.398.el6.x86_64 kernel-2.6.32-414.el6.x86_64 guest: win7-64 virtio-win-prewhql-0.1-68 How reproducible: 5/5 Steps to Reproduce: 1.CLI: #gdb --args /usr/libexec/qemu-kvm \ -M pc \ -cpu Opteron_G4 \ -m 2G \ -smp 4,sockets=2,cores=2,threads=1,maxcpus=16 \ -enable-kvm \ -name win7 \ -uuid 990ea161-6b67-47b2-b803-19fb01d30d12 \ -smbios type=1,manufacturer='Red Hat',product='RHEV Hypervisor',version=el6,serial=koTUXQrb,uuid=feebc8fd-f8b0-4e75-abc3-e63fcdb67170 \ -k en-us \ -rtc base=localtime,clock=host,driftfix=slew \ -no-kvm-pit-reinjection \ -monitor stdio \ -boot menu=on \ -bios /usr/share/seabios/bios.bin \ -qmp tcp:0:6666,server,nowait \ -serial unix:/tmp/monitor-unix,server,nowait \ -nodefconfig \ -nodefaults \ -drive file=/home/win7-64-new.raw,if=none,id=drive-scsi-disk,format=raw,cache=none,werror=stop,rerror=stop \ -device virtio-scsi-pci,id=scsi0 \ -device scsi-disk,drive=drive-scsi-disk,bus=scsi0.0,scsi-id=0,lun=0,id=scsi-disk,bootindex=1 \ -global PIIX4_PM.disable_s3=0 \ -global PIIX4_PM.disable_s4=0 \ -vga cirrus \ -vnc :0 \ -netdev tap,id=hostnet0,vhost=on \ -device virtio-net-pci,netdev=hostnet0,id=net0,mac=52:54:00:39:13:2c \ -device virtio-serial-pci,id=virtio-serial0,max_ports=16 \ -chardev socket,id=channel0,path=/tmp/channel0,server,nowait \ 2.Hot plug virtio-serial pci and port. #telnet localhost 6666 [root@amd-2427-32-1 ~]# telnet localhost 6666 Trying ::1... telnet: connect to address ::1: Connection refused Trying 127.0.0.1... Connected to localhost. Escape character is '^]'. {"QMP": {"version": {"qemu": {"micro": 1, "minor": 12, "major": 0}, "package": "(qemu-kvm-0.12.1.2)"}, "capabilities": []}} {"execute": "qmp_capabilities"} {"return": {}} {"execute":"device_add","arguments":{"driver":"virtio-serial-pci","id":"virtio-serial0"}} {"return": {}} {"execute":"device_add","arguments":{"driver":"virtserialport","bus":"virtio-serial0.0","chardev":"channel0","name":"org.linux-kvm.port.0","id":"port0"}} {"return": {}} 3.Transfer some characters from guest to host. (host)# nc -U /tmp/channel0 (guest)# echo abcd >> \\.\Global\.\org.linux-kvm.port.0 /*this time virtio serial works well. 4. Ctrl+c stop connect and reconnect, then transfer character again. (host)# nc -U /tmp/channel0 (guest)# echo abcd >> \\.\Global\.\org.linux-kvm.port.0 /*qemu-kvm will core dumped Actual results: qemu-kvm will core dumped. (gdb) bt full #0 0x00007ffff77096fd in write () from /lib64/libpthread.so.0 No symbol table info available. #1 0x00007ffff7277651 in ?? () from /lib64/libglib-2.0.so.0 No symbol table info available. #2 0x00007ffff7228387 in g_io_channel_write_chars () from /lib64/libglib-2.0.so.0 No symbol table info available. #3 0x00007ffff7e53e6e in io_channel_send (fd=0x7ffff8844ba0, buf=0x7fffd224cd60, len=9) at /usr/src/debug/qemu-kvm-0.12.1.2/qemu-char.c:721 bytes_written = 0 offset = <value optimized out> status = <value optimized out> __PRETTY_FUNCTION__ = "io_channel_send" #4 0x00007ffff7f24464 in flush_buf (port=0x7ffff91be820, buf=0x7fffd224cd60 "asdsdf \r\n", len=9) at /usr/src/debug/qemu-kvm-0.12.1.2/hw/virtio-console.c:58 vcon = 0x7ffff91be820 ret = <value optimized out> #5 0x00007ffff7de3cec in do_flush_queued_data (port=0x7ffff91be820, vq=0x7ffff91b0410, vdev=0x7ffff8844190) at /usr/src/debug/qemu-kvm-0.12.1.2/hw/virtio-serial-bus.c:193 buf_size = <value optimized out> ret = <value optimized out> i = 0 info = 0x7ffff82dc460 __PRETTY_FUNCTION__ = "do_flush_queued_data" #6 0x00007ffff7e018f1 in qemu_bh_poll () at /usr/src/debug/qemu-kvm-0.12.1.2/async.c:70 bh = <value optimized out> bhp = <value optimized out> next = 0x7fffe8000da0 ret = 1 nesting = 1 #7 0x00007ffff7dca079 in main_loop_wait (timeout=1000) at /usr/src/debug/qemu-kvm-0.12.1.2/vl.c:4096 ioh = <value optimized out> rfds = {fds_bits = {8589934592, 0 <repeats 15 times>}} wfds = {fds_bits = {8589934592, 0 <repeats 15 times>}} xfds = {fds_bits = {0 <repeats 16 times>}} ret = <value optimized out> nfds = 33 tv = {tv_sec = 0, tv_usec = 999991} #8 0x00007ffff7decd3a in kvm_main_loop () at /usr/src/debug/qemu-kvm-0.12.1.2/qemu-kvm.c:2245 fds = {23, 24} mask = {__val = {268443712, 0 <repeats 15 times>}} sigfd = 25 #9 0x00007ffff7dcccf9 in main_loop (argc=55, argv=<value optimized out>, envp=<value optimized out>) at /usr/src/debug/qemu-kvm-0.12.1.2/vl.c:4266 r = <value optimized out> #10 main (argc=55, argv=<value optimized out>, envp=<value optimized out>) at /usr/src/debug/qemu-kvm-0.12.1.2/vl.c:6644 gdbstub_dev = 0x0 i = <value optimized out> snapshot = 0 linux_boot = 0 initrd_filename = 0x0 kernel_filename = 0x0 kernel_cmdline = 0x7ffff7f9092f "" ---Type <return> to continue, or q <return> to quit--- boot_devices = "cad", '\000' <repeats 29 times> ds = <value optimized out> dcl = <value optimized out> cyls = 0 heads = 0 secs = 0 translation = 0 hda_opts = 0x7ffff82f0170 opts = <value optimized out> olist = <value optimized out> optind = 55 optarg = 0x7fffffffe755 "socket,id=channel0,path=/tmp/channel0,server,nowait" loadvm = 0x0 machine = 0x7ffff82e9680 cpu_model = 0x7fffffffe380 "Opteron_G4" fds = {-137187184, 32767} tb_size = 0 pid_file = 0x0 incoming = 0x0 fd = 0 pwd = 0x0 chroot_dir = 0x0 run_as = 0x0 env = <value optimized out> show_vnc_port = 0 defconfig = <value optimized out> defconfig_verbose = <value optimized out> Expected results: no core dumped. Additional info: