Bug 1056279

Summary: [abrt] qemu-system-x86: address_space_unmap(): qemu-system-x86_64 killed by SIGABRT
Product: [Fedora] Fedora Reporter: Dimitris <dimitris.on.linux>
Component: qemuAssignee: Fedora Virtualization Maintainers <virt-maint>
Status: CLOSED DUPLICATE QA Contact: Fedora Extras Quality Assurance <extras-qa>
Severity: unspecified Docs Contact:
Priority: unspecified    
Version: 20CC: amit.shah, berrange, cfergeau, crobinso, dwmw2, itamar, pbonzini, rjones, scottt.tw, virt-maint
Target Milestone: ---   
Target Release: ---   
Hardware: x86_64   
OS: Unspecified   
URL: https://retrace.fedoraproject.org/faf/reports/bthash/82b5d737304b3c58d1ea1f1e35913d6060a62035
Whiteboard: abrt_hash:c6410a1c1f5b56ac04da5d29db097caee446c8b9
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2014-06-02 14:28:50 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Attachments:
Description Flags
File: backtrace
none
File: cgroup
none
File: core_backtrace
none
File: dso_list
none
File: environ
none
File: limits
none
File: maps
none
File: open_fds
none
File: proc_pid_status
none
File: var_log_messages
none
gdb output
none
core_backtrace with "-soundhw hda -snapshot" added to command line none

Description Dimitris 2014-01-21 21:13:38 UTC 
Description of problem:
Happens every second run

Version-Release number of selected component:
qemu-system-x86-1.6.1-3.fc20

Additional info:
reporter:       libreport-2.1.11
backtrace_rating: 4
cmdline:        /usr/bin/qemu-system-x86_64 -machine accel=kvm -cpu host -smp 1,cores=2 -m 3000 -hda disk_images/win8.img -net nic,model=virtio -net user -rtc base=localtime -sdl
crash_function: address_space_unmap
executable:     /usr/bin/qemu-system-x86_64
kernel:         3.12.8-300.fc20.x86_64
runlevel:       N 5
type:           CCpp
uid:            1000

Truncated backtrace:
Thread no. 1 (8 frames)
 #5 address_space_unmap
 #6 dma_bdrv_unmap
 #7 dma_bdrv_cb
 #8 bdrv_co_em_bh
 #9 aio_bh_poll
 #10 aio_poll
 #11 aio_ctx_dispatch
 #14 main_loop_wait
Comment 1 Dimitris 2014-01-21 21:13:43 UTC 
Created attachment 853451 [details]
File: backtrace
Comment 2 Dimitris 2014-01-21 21:13:44 UTC 
Created attachment 853452 [details]
File: cgroup
Comment 3 Dimitris 2014-01-21 21:13:46 UTC 
Created attachment 853453 [details]
File: core_backtrace
Comment 4 Dimitris 2014-01-21 21:13:48 UTC 
Created attachment 853454 [details]
File: dso_list
Comment 5 Dimitris 2014-01-21 21:13:50 UTC 
Created attachment 853455 [details]
File: environ
Comment 6 Dimitris 2014-01-21 21:13:51 UTC 
Created attachment 853456 [details]
File: limits
Comment 7 Dimitris 2014-01-21 21:13:53 UTC 
Created attachment 853457 [details]
File: maps
Comment 8 Dimitris 2014-01-21 21:13:55 UTC 
Created attachment 853458 [details]
File: open_fds
Comment 9 Dimitris 2014-01-21 21:13:56 UTC 
Created attachment 853459 [details]
File: proc_pid_status
Comment 10 Dimitris 2014-01-21 21:13:58 UTC 
Created attachment 853460 [details]
File: var_log_messages
Comment 11 Dimitris 2014-01-21 21:16:44 UTC 
*** Bug 1056262 has been marked as a duplicate of this bug. ***
Comment 12 Dimitris 2014-01-21 21:18:59 UTC 
I can't upload the coredump (it's 3GB and probably contains confidential data), but I'll try to get the debuginfos updated next time I hit this.
Comment 13 Richard W.M. Jones 2014-01-21 21:37:48 UTC 
(In reply to Dimitris from comment #12)
> I can't upload the coredump (it's 3GB and probably contains confidential
> data), but I'll try to get the debuginfos updated next time I hit this.

No need to upload the core file.  There is enough information
in the report.
Comment 14 Richard W.M. Jones 2014-01-21 21:38:44 UTC 
(In reply to Richard W.M. Jones from comment #13)
> (In reply to Dimitris from comment #12)
> > I can't upload the coredump (it's 3GB and probably contains confidential
> > data), but I'll try to get the debuginfos updated next time I hit this.
> 
> No need to upload the core file.  There is enough information
> in the report.

Debuginfo *does* seem to be missing actually ...
Comment 15 Dimitris 2014-01-22 17:09:16 UTC 
Hmm, I can't find a way to make abrt add to this report, or even create a new one.  I have some time to let it do the debuginfo install now.  Any pointers?
Comment 16 Richard W.M. Jones 2014-01-22 17:48:12 UTC 
If you can dig the original coredump out of /var/spool/abrt
then you can run:

gdb /usr/bin/qemu-system-x86_64 core

gdb will print a suggested "debuginfo-install" command.  Quit
gdb and run then.

After installing debuginfo, run the gdb command above again,
and execute the following gdb command:

  t a a bt

and paste the complete output into this bug report.
Comment 17 Dimitris 2014-01-22 23:43:36 UTC 
Created attachment 854112 [details]
gdb output

The original coredump isn't available (abrt quota) but I can reproduce this reliably.  Attaching gdb output after debuginfos were installed.
Comment 18 Dimitris 2014-01-23 07:20:37 UTC 
Happened again but this time I had added -vga std to the command line.  Apparently the code/backtrace was different enough that abrt didn't think it a dupe, so it created bug 1056911.  Overall pattern is the same though, every second run fails.
Comment 19 Dimitris 2014-02-03 18:31:33 UTC 
I can get it to crash on every invocation if I add:

-soundhw hda -snapshot

to the command line:

qemu-kvm -cpu host -smp 1,cores=2 -m 3000 -hda disk_images/win8.1.img -net nic -net user -rtc base=localtime -sdl -vga std -soundhw hda -snapshot

Attaching the core_backtrace in a moment.
Comment 20 Dimitris 2014-02-03 18:33:05 UTC 
Created attachment 858763 [details]
core_backtrace with "-soundhw hda -snapshot" added to command line
Comment 21 Cole Robinson 2014-06-02 14:28:50 UTC 

*** This bug has been marked as a duplicate of bug 1066084 ***