Description of problem: Open gnome-boxes Select previously run Fedora-21 VM See spining wheel for about 30 secunds (no boot screen yet) BOOM! Version-Release number of selected component: qemu-system-x86-2.1.3-3.fc21 Additional info: reporter: libreport-2.3.0 backtrace_rating: 4 cmdline: /usr/bin/qemu-system-x86_64 -machine accel=kvm -name fedora21-2 -S -machine pc-i440fx-2.1,accel=kvm,usb=off -cpu SandyBridge -m 4061 -realtime mlock=off -smp 4,sockets=1,cores=2,threads=2 -uuid f6489bb3-d8f3-4238-a3e9-f11a023a3337 -no-user-config -nodefaults -chardev socket,id=charmonitor,path=/home/kal/.config/libvirt/qemu/lib/fedora21-2.monitor,server,nowait -mon chardev=charmonitor,id=monitor,mode=control -rtc base=utc,driftfix=slew -global kvm-pit.lost_tick_policy=discard -no-shutdown -global PIIX4_PM.disable_s3=1 -global PIIX4_PM.disable_s4=1 -boot strict=on -device ich9-usb-ehci1,id=usb,bus=pci.0,addr=0x5.0x7 -device ich9-usb-uhci1,masterbus=usb.0,firstport=0,bus=pci.0,multifunction=on,addr=0x5 -device ich9-usb-uhci2,masterbus=usb.0,firstport=2,bus=pci.0,addr=0x5.0x1 -device ich9-usb-uhci3,masterbus=usb.0,firstport=4,bus=pci.0,addr=0x5.0x2 -device virtio-serial-pci,id=virtio-serial0,bus=pci.0,addr=0x6 -device usb-ccid,id=ccid0 -drive file=/home/kal/.local/share/gnome-boxes/images/fedora21-2,if=none,id=drive-virtio-disk0,format=qcow2,cache=none -device virtio-blk-pci,scsi=off,bus=pci.0,addr=0x7,drive=drive-virtio-disk0,id=virtio-disk0,bootindex=1 -drive file=/home/kal/Downloads/Fedora-Live-Workstation-x86_64-21-5.iso,if=none,id=drive-ide0-1-0,readonly=on,format=raw -device ide-cd,bus=ide.1,unit=0,drive=drive-ide0-1-0,id=ide0-1-0 -netdev tap,fd=22,id=hostnet0 -device rtl8139,netdev=hostnet0,id=net0,mac=52:54:00:ce:11:3d,bus=pci.0,addr=0x3 -chardev spicevmc,id=charsmartcard0,name=smartcard -device ccid-card-passthru,chardev=charsmartcard0,id=smartcard0,bus=ccid0.0 -chardev pty,id=charserial0 -device isa-serial,chardev=charserial0,id=serial0 -chardev spicevmc,id=charchannel0,name=vdagent -device virtserialport,bus=virtio-serial0.0,nr=1,chardev=charchannel0,id=channel0,name=com.redhat.spice.0 -device usb-tablet,id=input0 -spice port=5900,addr=127.0.0.1,disable-ticketing,image-compression=off,seamless-migration=on -device qxl-vga,id=video0,ram_size=67108864,vram_size=67108864,bus=pci.0,addr=0x2 -device AC97,id=sound0,bus=pci.0,addr=0x4 -chardev spicevmc,id=charredir0,name=usbredir -device usb-redir,chardev=charredir0,id=redir0 -chardev spicevmc,id=charredir1,name=usbredir -device usb-redir,chardev=charredir1,id=redir1 -chardev spicevmc,id=charredir2,name=usbredir -device usb-redir,chardev=charredir2,id=redir2 -chardev spicevmc,id=charredir3,name=usbredir -device usb-redir,chardev=charredir3,id=redir3 -incoming fd:19 -device virtio-balloon-pci,id=balloon0,bus=pci.0,addr=0x8 -msg timestamp=on crash_function: spice_logv executable: /usr/bin/qemu-system-x86_64 kernel: 3.19.3-200.fc21.x86_64 runlevel: N 5 type: CCpp uid: 1000 var_log_messages: [System Logs]:\n-- Logs begin at Mon 2014-12-29 23:45:21 AEDT, end at Fri 2015-04-10 11:46:35 AEST. -- Truncated backtrace: Thread no. 1 (10 frames) #2 spice_logv at log.c:109 #3 spice_log at log.c:123 #4 validate_virt at red_memslots.c:65 #5 red_get_data_chunks_ptr at red_parse_qxl.c:97 #6 red_get_cursor at red_parse_qxl.c:1273 #7 red_get_cursor_cmd at red_parse_qxl.c:1309 #8 handle_dev_loadvm_commands at red_worker.c:11643 #9 dispatcher_handle_single_read at dispatcher.c:139 #10 dispatcher_handle_recv_read at dispatcher.c:162 #11 red_worker_main at red_worker.c:12021 Potential duplicate: bug 922437
Created attachment 1012901 [details] File: backtrace
Created attachment 1012902 [details] File: cgroup
Created attachment 1012903 [details] File: core_backtrace
Created attachment 1012904 [details] File: dso_list
Created attachment 1012905 [details] File: environ
Created attachment 1012906 [details] File: limits
Created attachment 1012907 [details] File: maps
Created attachment 1012908 [details] File: open_fds
Created attachment 1012909 [details] File: proc_pid_status
This ticket looks very similar to https://bugzilla.redhat.com/show_bug.cgi?id=922437 which was closed as believed to be fixed.
40 faf hits... most are f21 but there's a few everywhere. Comment #0 backtrace hits this assert: if (virt < slot->virt_start_addr || (virt + add_size) > slot->virt_end_addr) { print_memslots(info); spice_critical("virtual address out of range\n" " virt=0x%lx+0x%x slot_id=%d group_id=%d\n" " slot=0x%lx-0x%lx delta=0x%lx", virt, add_size, slot_id, group_id, slot->virt_start_addr, slot->virt_end_addr, slot->address_delta); return 0; } So, likely spice or driver issue. Moving to spice for further triage
Frediano, if you've hit this, can you provide /var/log/libvirt/qemu/$vmname.log ? Would be nice to see what values triggered the assert
I didn't manage to reproduce it. Specifically I was trying to reproduce problem happening closing the primary surface (with slightly different backtrace). This seems more a corruption in the ring. From different bugs seems that a ring corruption can happen.
This message is a reminder that Fedora 21 is nearing its end of life. Approximately 4 (four) weeks from now Fedora will stop maintaining and issuing updates for Fedora 21. It is Fedora's policy to close all bug reports from releases that are no longer maintained. At that time this bug will be closed as EOL if it remains open with a Fedora 'version' of '21'. Package Maintainer: If you wish for this bug to remain open because you plan to fix it in a currently maintained version, simply change the 'version' to a later Fedora version. Thank you for reporting this issue and we are sorry that we were not able to fix it before Fedora 21 is end of life. If you would still like to see this bug fixed and are able to reproduce it against a later version of Fedora, you are encouraged change the 'version' to a later Fedora version prior this bug is closed as described in the policy above. Although we aim to fix as many bugs as possible during every release's lifetime, sometimes those efforts are overtaken by events. Often a more recent Fedora release includes newer upstream software that fixes bugs or makes them obsolete.
There's recent faf hits on f23
*** Bug 1290039 has been marked as a duplicate of this bug. ***
This message is a reminder that Fedora 23 is nearing its end of life. Approximately 4 (four) weeks from now Fedora will stop maintaining and issuing updates for Fedora 23. It is Fedora's policy to close all bug reports from releases that are no longer maintained. At that time this bug will be closed as EOL if it remains open with a Fedora 'version' of '23'. Package Maintainer: If you wish for this bug to remain open because you plan to fix it in a currently maintained version, simply change the 'version' to a later Fedora version. Thank you for reporting this issue and we are sorry that we were not able to fix it before Fedora 23 is end of life. If you would still like to see this bug fixed and are able to reproduce it against a later version of Fedora, you are encouraged change the 'version' to a later Fedora version prior this bug is closed as described in the policy above. Although we aim to fix as many bugs as possible during every release's lifetime, sometimes those efforts are overtaken by events. Often a more recent Fedora release includes newer upstream software that fixes bugs or makes them obsolete.
The faf reports for this particular crash stop at f23, so I think it's safe to close
I'm reasonably sure this is what we have on bz 1421788 and the f25 FAF seems to be: https://retrace.fedoraproject.org/faf/problems/bthash/?bth=3f4b726cc33210a2d48eb4597096a3527fe234ed&bth=bb9782ecb205ad23175b009565273c66a0661a96