Bug 642131

Summary: qemu-kvm aborts of 'qemu_spice_display_create_update: unhandled depth: 0 bits'
Product: Red Hat Enterprise Linux 6 Reporter: Amos Kong <akong>
Component: qemu-kvmAssignee: Gerd Hoffmann <kraxel>
Status: CLOSED ERRATA QA Contact: Virtualization Bugs <virt-bugs>
Severity: medium Docs Contact:
Priority: medium    
Version: 6.0CC: ailan, ehabkost, kcao, mkenneth, plyons, tburke, virt-maint
Target Milestone: rc   
Target Release: 6.1   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: qemu-kvm-0.12.1.2-2.133.el6 Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2011-05-19 11:29:30 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On:    
Bug Blocks: 580954    
Attachments:
Description Flags
guest snapshot before abort
none
bugfix
none
gdb debug msg none

Description Amos Kong 2010-10-12 06:14:31 UTC 
Description of problem:
When install win2003 guest, qemu-kvm aborted.
error:
(qemu) qemu_spice_display_create_update: unhandled depth: 0 bits

Version-Release number of selected component (if applicable):
host kernel: 2.6.32-71.2.1.el6_0.x86_64
# rpm -qa |grep qemu
qemu-kvm-tools-0.12.1.2-2.113.el6_0.1.x86_64
gpxe-roms-qemu-0.9.7-6.3.el6.noarch
qemu-img-0.12.1.2-2.113.el6_0.1.x86_64
qemu-kvm-debuginfo-0.12.1.2-2.113.el6_0.1.x86_64
qemu-kvm-0.12.1.2-2.113.el6_0.1.x86_64
spice-server-0.4.2-15.el6.x86_64

How reproducible:
not always

Steps to Reproduce:
1. install guest with spice options

Actual results:
qemu-kvm aborted.

Expected results:
installation completed.

Additional info:

1. command line: 
# qemu-kvm -name 'vm1' -chardev socket,id=human_monitor_2nwO,path=/tmp/monitor-humanmonitor1-20101006-173800-AqnM,server,nowait -mon chardev=human_monitor_2nwO,mode=readline -chardev socket,id=serial_LyAW,path=/tmp/serial-20101006-173800-AqnM,server,nowait -device isa-serial,chardev=serial_LyAW -drive file='/usr/local/staf/test/RHEV/kvm-new/autotest/client/tests/kvm/images/win2003-32-virtio.raw',index=0,if=none,id=drive-ide0-0-0,media=disk,cache=writethrough,boot=on,format=raw,aio=native -device ide-drive,bus=ide.0,unit=0,drive=drive-ide0-0-0,id=ide0-0-0 -device rtl8139,netdev=id8U7S2U,id=ndev00id8U7S2U,mac='02:C6:F5:F9:52:39',bus=pci.0,addr=0x3 -netdev tap,id=id8U7S2U,ifname='rtl8139_0_8000',script='/usr/local/staf/test/RHEV/kvm-new/autotest/client/tests/kvm/scripts/qemu-ifup-vbr0',downscript='no' -m 2048 -smp 2 -drive file='/usr/local/staf/test/RHEV/kvm-new/autotest/client/tests/kvm/isos/ISO/Win2003/32/en_win_srv_2003_r2_enterprise_with_sp2_cd1_X13-05460.iso',index=1,if=none,id=drive-ide0-0-1,media=cdrom,readonly=on,format=raw -device ide-drive,bus=ide.0,unit=1,drive=drive-ide0-0-1,id=ide0-0-1 -drive file='/usr/local/staf/test/RHEV/kvm-new/autotest/client/tests/kvm/isos/windows/winutils.iso',index=2,if=none,id=drive-ide0-1-0,media=cdrom,readonly=on,format=raw -device ide-drive,bus=ide.1,unit=0,drive=drive-ide0-1-0,id=ide0-1-0 -cpu cpu64-rhel6,+x2apic -fda '/usr/local/staf/test/RHEV/kvm-new/autotest/client/tests/kvm/images/floppy.img' -vnc :0 -spice port=8000,disable-ticketing -vga qxl -rtc base=localtime,clock=host,driftfix=none -M rhel6.0.0 -usbdevice tablet -boot d -enable-kvm

2. debug msg:
(gdb) bt
#0  0x0000003bcde329a5 in raise (sig=6) at ../nptl/sysdeps/unix/sysv/linux/raise.c:64
#1  0x0000003bcde34185 in abort () at abort.c:92
#2  0x0000000000471f07 in qemu_spice_display_create_update (ds=0xeeafb0, dirty=<value optimized out>, unique=<value optimized out>)
    at /usr/src/debug/qemu-kvm-0.12.1.2/spice-display.c:109
#3  0x0000000000473467 in _qxl_get_command (d=0x18e87c0, cmd=0x7f1fd532d290) at /usr/src/debug/qemu-kvm-0.12.1.2/hw/qxl.c:288
#4  0x0000003bd9e2deb2 in red_process_commands (worker=0x7f1fd532d3d0, max_pipe_size=50) at red_worker.c:4541
#5  0x0000003bd9e2fd81 in red_worker_main (arg=<value optimized out>) at red_worker.c:8864
#6  0x0000003bce2077e1 in start_thread (arg=0x7f1fd5373710) at pthread_create.c:301
#7  0x0000003bcdee153d in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:115
(gdb) info threads
  5 Thread 11764  0x0000003bcded9c34 in pwritev (fd=33, vector=0x7f1fc8000930, count=4, offset=740990464) at ../sysdeps/unix/sysv/linux/pwritev.c:68
  4 Thread 10638  __lll_lock_wait () at ../nptl/sysdeps/unix/sysv/linux/x86_64/lowlevellock.S:136
  3 Thread 10659  0x0000003bcded95f7 in ioctl () at ../sysdeps/unix/syscall-template.S:82
  2 Thread 10668  0x0000003bcded95f7 in ioctl () at ../sysdeps/unix/syscall-template.S:82
* 1 Thread 10669  0x0000003bcde329a5 in raise (sig=6) at ../nptl/sysdeps/unix/sysv/linux/raise.c:64
(gdb) thread 2
[Switching to thread 2 (Thread 10668)]#0  0x0000003bcded95f7 in ioctl () at ../sysdeps/unix/syscall-template.S:82
82      T_PSEUDO (SYSCALL_SYMBOL, SYSCALL_NAME, SYSCALL_NARGS)
(gdb) bt
#0  0x0000003bcded95f7 in ioctl () at ../sysdeps/unix/syscall-template.S:82
#1  0x000000000042a77f in kvm_run (env=0xed3010) at /usr/src/debug/qemu-kvm-0.12.1.2/qemu-kvm.c:928
#2  0x000000000042ac09 in kvm_cpu_exec (env=<value optimized out>) at /usr/src/debug/qemu-kvm-0.12.1.2/qemu-kvm.c:1658
#3  0x000000000042b82f in kvm_main_loop_cpu (_env=0xed3010) at /usr/src/debug/qemu-kvm-0.12.1.2/qemu-kvm.c:1900
#4  ap_main_loop (_env=0xed3010) at /usr/src/debug/qemu-kvm-0.12.1.2/qemu-kvm.c:1950
#5  0x0000003bce2077e1 in start_thread (arg=0x7f1fd600f710) at pthread_create.c:301
#6  0x0000003bcdee153d in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:115
(gdb) thread 3
[Switching to thread 3 (Thread 10659)]#0  0x0000003bcded95f7 in ioctl () at ../sysdeps/unix/syscall-template.S:82
82      T_PSEUDO (SYSCALL_SYMBOL, SYSCALL_NAME, SYSCALL_NARGS)
(gdb) bt
#0  0x0000003bcded95f7 in ioctl () at ../sysdeps/unix/syscall-template.S:82
#1  0x000000000042a77f in kvm_run (env=0xeb9010) at /usr/src/debug/qemu-kvm-0.12.1.2/qemu-kvm.c:928
#2  0x000000000042ac09 in kvm_cpu_exec (env=<value optimized out>) at /usr/src/debug/qemu-kvm-0.12.1.2/qemu-kvm.c:1658
#3  0x000000000042b82f in kvm_main_loop_cpu (_env=0xeb9010) at /usr/src/debug/qemu-kvm-0.12.1.2/qemu-kvm.c:1900
#4  ap_main_loop (_env=0xeb9010) at /usr/src/debug/qemu-kvm-0.12.1.2/qemu-kvm.c:1950
#5  0x0000003bce2077e1 in start_thread (arg=0x7f1fd6a13710) at pthread_create.c:301
#6  0x0000003bcdee153d in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:115
(gdb) thread 4
[Switching to thread 4 (Thread 10638)]#0  __lll_lock_wait () at ../nptl/sysdeps/unix/sysv/linux/x86_64/lowlevellock.S:136
136     2:      movl    %edx, %eax
(gdb) bt
#0  __lll_lock_wait () at ../nptl/sysdeps/unix/sysv/linux/x86_64/lowlevellock.S:136
#1  0x0000003bce209345 in _L_lock_870 () from /lib64/libpthread-2.12.so
#2  0x0000003bce209217 in __pthread_mutex_lock (mutex=0x85c060) at pthread_mutex_lock.c:61
#3  0x000000000047461f in qxl_display_resize (ds=0xeeafb0) at /usr/src/debug/qemu-kvm-0.12.1.2/hw/qxl.c:820
#4  0x0000000000444897 in dpy_resize (opaque=0x18e8a58) at /usr/src/debug/qemu-kvm-0.12.1.2/console.h:218
#5  vga_draw_graphic (opaque=0x18e8a58) at /usr/src/debug/qemu-kvm-0.12.1.2/hw/vga.c:1726
#6  vga_update_display (opaque=0x18e8a58) at /usr/src/debug/qemu-kvm-0.12.1.2/hw/vga.c:1938
#7  0x000000000049eb38 in vga_hw_screen_dump (filename=<value optimized out>) at console.c:182
#8  0x0000000000417829 in handle_user_command (mon=0xf30850, cmdline=<value optimized out>) at /usr/src/debug/qemu-kvm-0.12.1.2/monitor.c:3960
#9  0x000000000041787a in monitor_command_cb (mon=0xf30850, cmdline=<value optimized out>, opaque=<value optimized out>) at /usr/src/debug/qemu-kvm-0.12.1.2/monitor.c:4506
#10 0x000000000049e4db in readline_handle_byte (rs=0x194b0e0, ch=<value optimized out>) at readline.c:369
#11 0x00000000004178ec in monitor_read (opaque=<value optimized out>, buf=0x7fff51d293b0 "\n", <incomplete sequence \375>, size=1) at /usr/src/debug/qemu-kvm-0.12.1.2/monitor.c:4492
#12 0x00000000004b6d8a in qemu_chr_read (opaque=0xe8e050) at qemu-char.c:154
#13 tcp_chr_read (opaque=0xe8e050) at qemu-char.c:2072
#14 0x000000000040b4af in main_loop_wait (timeout=1000) at /usr/src/debug/qemu-kvm-0.12.1.2/vl.c:4234
#15 0x0000000000428c2a in kvm_main_loop () at /usr/src/debug/qemu-kvm-0.12.1.2/qemu-kvm.c:2133
#16 0x000000000040e5cb in main_loop (argc=<value optimized out>, argv=<value optimized out>, envp=<value optimized out>) at /usr/src/debug/qemu-kvm-0.12.1.2/vl.c:4444
#17 main (argc=<value optimized out>, argv=<value optimized out>, envp=<value optimized out>) at /usr/src/debug/qemu-kvm-0.12.1.2/vl.c:6601
Comment 1 Gerd Hoffmann 2010-10-14 14:48:30 UTC 
Where does it happen?  When booting?
Somewhere in the middle of the install (video probing probably)?

Looks like autotest found it, correct?
Does it happen without autotest too?
Comment 2 Amos Kong 2010-10-15 05:59:22 UTC 
(In reply to comment #1)
> Where does it happen?  When booting?

qemu process exited during installation.
will attach a snapshot.

> Somewhere in the middle of the install (video probing probably)?

not sure, I install guest with this unattended file.

http://github.com/ehabkost/autotest/blob/master/client/tests/kvm/unattended/win2003-32.sif

> Looks like autotest found it, correct?

Yes, the reproduce rate is too low, I only touched 2 times.

> Does it happen without autotest too?

I tried 15 times, could not reproduce.
Comment 3 Amos Kong 2010-10-15 06:01:16 UTC 
Created attachment 453650 [details]
guest snapshot before abort
Comment 4 Gerd Hoffmann 2010-10-15 12:48:59 UTC 
Created attachment 453724 [details]
bugfix

https://brewweb.devel.redhat.com/taskinfo?taskID=2828242
Comment 5 Gerd Hoffmann 2010-10-15 12:49:34 UTC 
Please test
Comment 6 Amos Kong 2010-10-18 02:49:52 UTC 
(In reply to comment #5)
> Please test

the reproduce ratio is very low, so I'm testing with the new packets for longer time(two days), then reply the result to bz.
Comment 7 Amos Kong 2010-10-19 03:03:45 UTC 
(In reply to comment #6)
> (In reply to comment #5)
> > Please test
> 
> the reproduce ratio is very low, so I'm testing with the new packets for longer
> time(two days), then reply the result to bz.

Hello Gerd, the new packet is unavailable. the installation always hangs.


bt)
#0  0x0000003b73c0e50d in read () at ../sysdeps/unix/syscall-template.S:82
#1  0x0000003b7601046a in read (qxl_worker=0x292cb00) at /usr/include/bits/unistd.h:45
#2  receive_data (qxl_worker=0x292cb00) at red_worker.h:117
#3  read_message (qxl_worker=0x292cb00) at red_worker.h:130
#4  qxl_worker_detach (qxl_worker=0x292cb00) at red_dispatcher.c:233
#5  0x00000000004722bd in qxl_detach (d=0x331b7c0) at /usr/src/debug/qemu-kvm-0.12.1.2/hw/qxl.c:463
#6  0x0000000000472ea9 in qxl_reset (d=0x331b7c0) at /usr/src/debug/qemu-kvm-0.12.1.2/hw/qxl.c:546
#7  0x00000000004745d3 in qxl_display_resize (ds=0x2922fa0) at /usr/src/debug/qemu-kvm-0.12.1.2/hw/qxl.c:820
#8  0x0000000000444937 in dpy_resize (opaque=0x331ba58) at /usr/src/debug/qemu-kvm-0.12.1.2/console.h:218
#9  vga_draw_graphic (opaque=0x331ba58) at /usr/src/debug/qemu-kvm-0.12.1.2/hw/vga.c:1726
#10 vga_update_display (opaque=0x331ba58) at /usr/src/debug/qemu-kvm-0.12.1.2/hw/vga.c:1938
#11 0x00000000004744b5 in qxl_display_refresh (ds=<value optimized out>) at /usr/src/debug/qemu-kvm-0.12.1.2/hw/qxl.c:829
#12 0x000000000040bb6e in dpy_refresh (opaque=0x2922fa0) at /usr/src/debug/qemu-kvm-0.12.1.2/console.h:236
#13 gui_update (opaque=0x2922fa0) at /usr/src/debug/qemu-kvm-0.12.1.2/vl.c:3455
#14 0x000000000040b5d8 in qemu_run_timers (timeout=1000) at /usr/src/debug/qemu-kvm-0.12.1.2/vl.c:1167
#15 main_loop_wait (timeout=1000) at /usr/src/debug/qemu-kvm-0.12.1.2/vl.c:4271
#16 0x0000000000428d3a in kvm_main_loop () at /usr/src/debug/qemu-kvm-0.12.1.2/qemu-kvm.c:2133
#17 0x000000000040e5cb in main_loop (argc=<value optimized out>, argv=<value optimized out>, envp=<value optimized out>)
    at /usr/src/debug/qemu-kvm-0.12.1.2/vl.c:4444
#18 main (argc=<value optimized out>, argv=<value optimized out>, envp=<value optimized out>) at /usr/src/debug/qemu-kvm-0.12.1.2/vl.c:6601
Comment 8 Amos Kong 2010-10-19 04:16:44 UTC 
Created attachment 454246 [details]
gdb debug msg

When I execute win2003-64 installation with the new packages, it's easy to hang.
Attach the debug msg, it looks like a existed bug which was fixed in 0.12.1.2-2.114.el6.

(Bug 617119  - Qemu becomes unresponsive during unattended_installation)
Comment 9 Gerd Hoffmann 2011-01-07 10:17:38 UTC 
spice rebase planned for 6.1 will fix this, patches already @ rhvirt-patches.
Comment 16 errata-xmlrpc 2011-05-19 11:29:30 UTC 
An advisory has been issued which should help the problem
described in this bug report. This report is therefore being
closed with a resolution of ERRATA. For more information
on therefore solution and/or where to find the updated files,
please follow the link below. You may reopen this bug report
if the solution does not work for you.

http://rhn.redhat.com/errata/RHSA-2011-0534.html
Comment 17 errata-xmlrpc 2011-05-19 12:49:30 UTC 
An advisory has been issued which should help the problem
described in this bug report. This report is therefore being
closed with a resolution of ERRATA. For more information
on therefore solution and/or where to find the updated files,
please follow the link below. You may reopen this bug report
if the solution does not work for you.

http://rhn.redhat.com/errata/RHSA-2011-0534.html