RHEL Engineering is moving the tracking of its product development work on RHEL 6 through RHEL 9 to Red Hat Jira (issues.redhat.com). If you're a Red Hat customer, please continue to file support cases via the Red Hat customer portal. If you're not, please head to the "RHEL project" in Red Hat Jira and file new tickets here. Individual Bugzilla bugs in the statuses "NEW", "ASSIGNED", and "POST" are being migrated throughout September 2023. Bugs of Red Hat partners with an assigned Engineering Partner Manager (EPM) are migrated in late September as per pre-agreed dates. Bugs against components "kernel", "kernel-rt", and "kpatch" are only migrated if still in "NEW" or "ASSIGNED". If you cannot log in to RH Jira, please consult article #7032570. That failing, please send an e-mail to the RH Jira admins at rh-issues@redhat.com to troubleshoot your issue as a user management inquiry. The email creates a ServiceNow ticket with Red Hat. Individual Bugzilla bugs that are migrated will be moved to status "CLOSED", resolution "MIGRATED", and set with "MigratedToJIRA" in "Keywords". The link to the successor Jira issue will be found under "Links", have a little "two-footprint" icon next to it, and direct you to the "RHEL project" in Red Hat Jira (issue links are of type "https://issues.redhat.com/browse/RHEL-XXXX", where "X" is a digit). This same link will be available in a blue banner at the top of the page informing you that that bug has been migrated.
Bug 1159425 - [abrt] qemu-kvm-rhev: memset(): qemu-kvm killed by SIGSEGV
Summary: [abrt] qemu-kvm-rhev: memset(): qemu-kvm killed by SIGSEGV
Keywords:
Status: CLOSED DUPLICATE of bug 1029646
Alias: None
Product: Red Hat Enterprise Linux 7
Classification: Red Hat
Component: spice
Version: 7.0
Hardware: x86_64
OS: Unspecified
unspecified
high
Target Milestone: rc
: ---
Assignee: Default Assignee for SPICE Bugs
QA Contact: Desktop QE
URL: http://faf-report.itos.redhat.com/rep...
Whiteboard: abrt_hash:416ee8f4b5a67892bb4c63e4494...
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2014-10-31 22:51 UTC by David Jaša
Modified: 2014-12-11 16:19 UTC (History)
5 users (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2014-12-11 16:19:41 UTC
Target Upstream Version:
Embargoed:

Attachments (Terms of Use)
File: backtrace (49.95 KB, text/plain)
2014-10-31 22:51 UTC, David Jaša 		no flags Details
File: cgroup (579 bytes, text/plain)
2014-10-31 22:51 UTC, David Jaša 		no flags Details
File: core_backtrace (8.68 KB, text/plain)
2014-10-31 22:51 UTC, David Jaša 		no flags Details
File: dso_list (7.99 KB, text/plain)
2014-10-31 22:51 UTC, David Jaša 		no flags Details
File: environ (105 bytes, text/plain)
2014-10-31 22:51 UTC, David Jaša 		no flags Details
File: exploitable (82 bytes, text/plain)
2014-10-31 22:51 UTC, David Jaša 		no flags Details
File: limits (1.29 KB, text/plain)
2014-10-31 22:51 UTC, David Jaša 		no flags Details
File: maps (41.84 KB, text/plain)
2014-10-31 22:51 UTC, David Jaša 		no flags Details
File: open_fds (5.44 KB, text/plain)
2014-10-31 22:51 UTC, David Jaša 		no flags Details
File: proc_pid_status (1.05 KB, text/plain)
2014-10-31 22:51 UTC, David Jaša 		no flags Details
File: var_log_messages (1.25 KB, text/plain)
2014-10-31 22:52 UTC, David Jaša 		no flags Details
View All

Description David Jaša 2014-10-31 22:51:41 UTC 
Description of problem:
spice-server crashed when resizing guest from client:
1. connect to a guest from windows client launched from cmd with --spice-debug and -f options
2. exit fullscreen
3. grab top left corner of a remote-viewer windows, move it close to lower right corner, continue resizing the windows till the VM crashes (or remote-viewer crashes)

versions:
spice-server-0.12.4-5.el7.x86_64
qemu-kvm-rhev-1.5.3-60.el7_0.10.x86_64
glibc-2.17-55.el7_0.1.x86_64

Version-Release number of selected component:
qemu-kvm-rhev-1.5.3-60.el7_0.10

Additional info:
reporter:       libreport-2.1.11
backtrace_rating: 4
cmdline:        /usr/libexec/qemu-kvm -name tp-rhel71 -S -machine rhel6.5.0,accel=kvm,usb=off -cpu Nehalem -m 1024 -realtime mlock=off -smp 1,maxcpus=16,sockets=16,cores=1,threads=1 -uuid 75909e63-91c7-4d58-aa27-a07ff874c809 -smbios 'type=1,manufacturer=Red Hat,product=RHEV Hypervisor,version=7.0-1.el7,serial=D2856658-3374-11DF-BBDA-05C14FFB18A9,uuid=75909e63-91c7-4d58-aa27-a07ff874c809' -no-user-config -nodefaults -chardev socket,id=charmonitor,path=/var/lib/libvirt/qemu/tp-rhel71.monitor,server,nowait -mon chardev=charmonitor,id=monitor,mode=control -rtc base=2014-10-31T21:36:05,driftfix=slew -no-kvm-pit-reinjection -no-hpet -no-shutdown -boot menu=on,strict=on -device ich9-usb-ehci1,id=usb,bus=pci.0,addr=0x5.0x7 -device ich9-usb-uhci2,masterbus=usb.0,firstport=2,bus=pci.0,addr=0x5.0x1 -device ich9-usb-uhci1,masterbus=usb.0,firstport=0,bus=pci.0,multifunction=on,addr=0x5 -device ich9-usb-uhci3,masterbus=usb.0,firstport=4,bus=pci.0,addr=0x5.0x2 -device virtio-scsi-pci,id=scsi0,bus=pci.0,addr=0x6 -device virtio-serial-pci,id=virtio-serial0,max_ports=16,bus=pci.0,addr=0x7 -drive if=none,id=drive-ide0-1-0,readonly=on,format=raw,serial= -device ide-cd,bus=ide.1,unit=0,drive=drive-ide0-1-0,id=ide0-1-0 -drive file=/rhev/data-center/00000002-0002-0002-0002-000000000237/1312236c-5b8d-4d60-8c84-7e92c19ec064/images/8d4ac956-9979-4e2d-ae6e-40b4a155bdc7/9bea6ac5-12e5-4632-8d14-b10589d846f1,if=none,id=drive-scsi0-0-0-0,format=raw,serial=8d4ac956-9979-4e2d-ae6e-40b4a155bdc7,cache=none,werror=stop,rerror=stop,aio=native -device scsi-hd,bus=scsi0.0,channel=0,scsi-id=0,lun=0,drive=drive-scsi0-0-0-0,id=scsi0-0-0-0,bootindex=1 -netdev tap,fd=27,id=hostnet0,vhost=on,vhostfd=28 -device virtio-net-pci,netdev=hostnet0,id=net0,mac=00:1a:4a:2a:2a:09,bus=pci.0,addr=0x3 -chardev socket,id=charchannel0,path=/var/lib/libvirt/qemu/channels/75909e63-91c7-4d58-aa27-a07ff874c809.com.redhat.rhevm.vdsm,server,nowait -device virtserialport,bus=virtio-serial0.0,nr=1,chardev=charchannel0,id=channel0,name=com.redhat.rhevm.vdsm -chardev socket,id=charchannel1,path=/var/lib/libvirt/qemu/channels/75909e63-91c7-4d58-aa27-a07ff874c809.org.qemu.guest_agent.0,server,nowait -device virtserialport,bus=virtio-serial0.0,nr=2,chardev=charchannel1,id=channel1,name=org.qemu.guest_agent.0 -chardev spicevmc,id=charchannel2,name=vdagent -device virtserialport,bus=virtio-serial0.0,nr=3,chardev=charchannel2,id=channel2,name=com.redhat.spice.0 -spice tls-port=5900,addr=10.34.130.227,x509-dir=/etc/pki/vdsm/libvirt-spice,tls-channel=main,tls-channel=display,tls-channel=inputs,tls-channel=cursor,tls-channel=playback,tls-channel=record,tls-channel=smartcard,tls-channel=usbredir,seamless-migration=on -k en-us -vga qxl -global qxl-vga.ram_size=67108864 -global qxl-vga.vram_size=33554432 -device qxl,id=video1,ram_size=67108864,vram_size=33554432,bus=pci.0,addr=0xa -device qxl,id=video2,ram_size=67108864,vram_size=33554432,bus=pci.0,addr=0xb -device qxl,id=video3,ram_size=67108864,vram_size=33554432,bus=pci.0,addr=,bus=sound0.0,cad=0 -chardev spicevmc,id=charredir0,name=usbredir -device usb-redir,chardev=charredir0,id=redir0 -chardev spicevmc,id=charredir1,name=usbredir -device usb-redir,chardev=charredir1,id=redir1 -chardev spicevmc,id=charredir2,name=usbredir -device usb-redir,chardev=charredir2,id=redir2 -chardev spicevmc,id=charredir3,name=usbredir -device usb-redir,chardev=charredir3,id=redir3 -device virtio-balloon-pci,id=balloon0,bus=pci.0,addr=0x9
crash_function: memset
executable:     /usr/libexec/qemu-kvm
kernel:         3.10.0-123.9.2.el7.x86_64
runlevel:       N 3
type:           CCpp
uid:            107

Truncated backtrace:
Thread no. 1 (9 frames)
 #0 memset at /lib64/libc.so.6
 #2 red_create_surface at red_worker.c:9657
 #3 red_process_surface at red_worker.c:4295
 #4 red_process_commands at red_worker.c:5241
 #5 flush_display_commands at red_worker.c:9710
 #6 handle_dev_update_async at red_worker.c:11026
 #7 dispatcher_handle_single_read at dispatcher.c:139
 #8 dispatcher_handle_recv_read at dispatcher.c:162
 #9 red_worker_main at red_worker.c:12196
Comment 1 David Jaša 2014-10-31 22:51:46 UTC 
Created attachment 952633 [details]
File: backtrace
Comment 2 David Jaša 2014-10-31 22:51:47 UTC 
Created attachment 952634 [details]
File: cgroup
Comment 3 David Jaša 2014-10-31 22:51:49 UTC 
Created attachment 952635 [details]
File: core_backtrace
Comment 4 David Jaša 2014-10-31 22:51:50 UTC 
Created attachment 952636 [details]
File: dso_list
Comment 5 David Jaša 2014-10-31 22:51:51 UTC 
Created attachment 952637 [details]
File: environ
Comment 6 David Jaša 2014-10-31 22:51:53 UTC 
Created attachment 952638 [details]
File: exploitable
Comment 7 David Jaša 2014-10-31 22:51:54 UTC 
Created attachment 952639 [details]
File: limits
Comment 8 David Jaša 2014-10-31 22:51:56 UTC 
Created attachment 952640 [details]
File: maps
Comment 9 David Jaša 2014-10-31 22:51:57 UTC 
Created attachment 952641 [details]
File: open_fds
Comment 10 David Jaša 2014-10-31 22:51:59 UTC 
Created attachment 952642 [details]
File: proc_pid_status
Comment 11 David Jaša 2014-10-31 22:52:00 UTC 
Created attachment 952643 [details]
File: var_log_messages
Comment 12 David Jaša 2014-10-31 22:53:54 UTC 
The last frame is from glibc but assigning to spice-server first to find out if the bug actually isn't there.
Comment 14 Christophe Fergeau 2014-11-03 16:24:28 UTC 
Could you try spice-server spice-server-0.12.4-6? This looks like bug #1029646
Comment 16 David Jaša 2014-12-11 16:19:41 UTC 
(In reply to Christophe Fergeau from comment #14)
> Could you try spice-server spice-server-0.12.4-6? This looks like bug
> #1029646

Yeah, you're right. It doesn't occur anymore (tested in -8) and the backtrace is the same.

*** This bug has been marked as a duplicate of bug 1029646 ***
Note You need to log in before you can comment on or make changes to this bug.