1168509 – qemu-kvm segmentation fault, when boot a RHEL7.1 guest with "-chardev spicevmc" and reboot inside guest

RHEL Engineering is moving the tracking of its product development work on RHEL 6 through RHEL 9 to Red Hat Jira (issues.redhat.com). If you're a Red Hat customer, please continue to file support cases via the Red Hat customer portal. If you're not, please head to the "RHEL project" in Red Hat Jira and file new tickets here. Individual Bugzilla bugs in the statuses "NEW", "ASSIGNED", and "POST" are being migrated throughout September 2023. Bugs of Red Hat partners with an assigned Engineering Partner Manager (EPM) are migrated in late September as per pre-agreed dates. Bugs against components "kernel", "kernel-rt", and "kpatch" are only migrated if still in "NEW" or "ASSIGNED". If you cannot log in to RH Jira, please consult article #7032570. That failing, please send an e-mail to the RH Jira admins at rh-issues@redhat.com to troubleshoot your issue as a user management inquiry. The email creates a ServiceNow ticket with Red Hat. Individual Bugzilla bugs that are migrated will be moved to status "CLOSED", resolution "MIGRATED", and set with "MigratedToJIRA" in "Keywords". The link to the successor Jira issue will be found under "Links", have a little "two-footprint" icon next to it, and direct you to the "RHEL project" in Red Hat Jira (issue links are of type "https://issues.redhat.com/browse/RHEL-XXXX", where "X" is a digit). This same link will be available in a blue banner at the top of the page informing you that that bug has been migrated.

Bug 1168509 - qemu-kvm segmentation fault, when boot a RHEL7.1 guest with "-chardev spicevmc" and reboot inside guest

Summary: qemu-kvm segmentation fault, when boot a RHEL7.1 guest with "-chardev spicevm...

Keywords:
Status:	CLOSED DUPLICATE of bug 1163480
Alias:	None
Product:	Red Hat Enterprise Linux 6
Classification:	Red Hat
Component:	spice-server
Sub Component:
Version:	6.7
Hardware:	x86_64
OS:	Linux
Priority:	medium
Severity:	high
Target Milestone:	rc
Target Release:	---
Assignee:	Default Assignee for SPICE Bugs
QA Contact:	Desktop QE
Docs Contact:
URL:
Whiteboard:
Depends On:	1145919
Blocks:
TreeView+	depends on / blocked

Reported:	2014-11-27 07:56 UTC by huiqingding
Modified:	2014-12-15 10:58 UTC (History)
CC List:	15 users (show)
Fixed In Version:
Doc Type:	Bug Fix
Doc Text:
Clone Of:	1145919
Environment:
Last Closed:	2014-12-15 10:58:02 UTC
Target Upstream Version:
Embargoed:

Attachments	(Terms of Use)

Comment 1 huiqingding 2014-11-27 07:59:57 UTC

Description of problem:
boot a RHEL7.1 guest with "-chardev spicevmc", login the guest and reboot inside guest, qemu-kvm is Segmentation fault.

Version-Release number of selected component (if applicable):
qemu-kvm-rhev-0.12.1.2-2.448.el6.x86_64
kernel-2.6.32-515.el6.x86_64
spice-server-0.12.4-11.el6.x86_64

How reproducible:
100%

Steps to Reproduce:
1.boot a rhel7.1 guest with "-chardev spicevmc"
# /usr/libexec/qemu-kvm -cpu Opteron_G1,enforce \
-enable-kvm  -m 4096  -smp 2,sockets=2,cores=1,threads=1,maxcpus=160 \
-monitor stdio \
-M rhel6.5.0 \
-numa node -numa node \
-global PIIX4_PM.disable_s3=0 \
-global PIIX4_PM.disable_s4=0 \
-drive file=/mnt/rhel_7_1_rhel6.qcow2,if=none,id=drive-scsi-disk,format=qcow2,cache=none,werror=stop,rerror=stop \
-device virtio-scsi-pci,id=scsi0,addr=0x13  \
-device scsi-hd,drive=drive-scsi-disk,bus=scsi0.0,id=data-disk2,bootindex=1 \
-netdev tap,id=hostnet0,vhost=on,id=hostnet0,script=/etc/qemu-ifup \
-device virtio-net-pci,netdev=hostnet0,id=virtio-net-pci0,mac=c2:9a:2f:9c:de:10,bus=pci.0,addr=0x5 \
-qmp tcp:0:4445,server,nowait \
-serial unix:/tmp/tty0,server,nowait \
-spice port=5901,password=redhat-vga,disable-ticketing -vga qxl \
-device virtio-serial-pci,id=virtio-serial1,bus=pci.0,addr=0x1a \
-chardev spicevmc,id=charchannel0,name=vdagent \
-device virtserialport,bus=virtio-serial1.0,nr=1,chardev=charchannel0,id=channel0,name=com.redhat.spice.0 \

2. login the guest
3. inside guest, do reboot
# reboot

Actual results:
qemu-kvm is Segmentation fault:
(gdb) bt
#0  0x00007ffff503c817 in spice_char_device_write_to_device (dev=0x7fffe0000a60) at char_device.c:443
#1  0x00007ffff503cb48 in spice_char_device_start (dev=0x7fffe0000a60) at char_device.c:798
#2  0x00007ffff508136e in spice_server_vm_start (s=<value optimized out>) at reds.c:4544
#3  0x00007ffff7dab3f2 in qemu_system_reset (report=true) at /usr/src/debug/qemu-kvm-0.12.1.2/vl.c:3340
#4  0x00007ffff7dd1370 in qemu_kvm_system_reset (report=true) at /usr/src/debug/qemu-kvm-0.12.1.2/qemu-kvm.c:1992
#5  0x00007ffff7dd1573 in kvm_main_loop () at /usr/src/debug/qemu-kvm-0.12.1.2/qemu-kvm.c:2272
#6  0x00007ffff7db2757 in main_loop (argc=<value optimized out>, argv=<value optimized out>, envp=<value optimized out>) at /usr/src/debug/qemu-kvm-0.12.1.2/vl.c:4268
#7  main (argc=<value optimized out>, argv=<value optimized out>, envp=<value optimized out>) at /usr/src/debug/qemu-kvm-0.12.1.2/vl.c:6725

Comment 3 Marc-Andre Lureau 2014-12-15 10:58:02 UTC


*** This bug has been marked as a duplicate of bug 1163480 ***

Note You need to log in before you can comment on or make changes to this bug.