Hide Forgot
Description of problem: restart win7 guest after removing a driver. -> virt-manager crashed. Additional info: reporter: libreport-2.6.4 BUG: unable to handle kernel NULL pointer dereference at (null) IP: [<ffffffff813f7119>] __list_del_entry+0x29/0xc0 PGD 0 Oops: 0000 [#1] SMP Modules linked in: vhost_net vhost macvtap macvlan vfio_pci vfio_iommu_type1 vfio_virqfd vfio bnep fuse xt_CHECKSUM ipt_MASQUERADE nf_nat_masquerade_ipv4 tun cfg80211 nf_conntrack_netbios_ns nf_conntrack_broadcast ip6t_rpfilter ip6t_REJECT nf_reject_ipv6 xt_conntrack ip_set nfnetlink ebtable_broute ebtable_nat ip6table_raw bridge ip6table_mangle ip6table_security ip6table_nat nf_conntrack_ipv6 nf_defrag_ipv6 nf_nat_ipv6 iptable_raw iptable_mangle iptable_security iptable_nat nf_conntrack_ipv4 nf_defrag_ipv4 nf_nat_ipv4 nf_nat nf_conntrack ebtable_filter ebtables ip6table_filter ip6_tables snd_hda_codec_hdmi snd_hda_codec_realtek snd_hda_codec_generic intel_rapl x86_pkg_temp_thermal coretemp vfat fat kvm_intel kvm snd_hda_intel snd_hda_codec snd_usb_audio irqbypass crct10dif_pclmul snd_hda_core crc32_pclmul snd_usbmidi_lib snd_hwdep snd_rawmidi crc32c_intel eeepc_wmi snd_seq asus_wmi ppdev sparse_keymap ghash_clmulni_intel mxm_wmi snd_seq_device snd_pcm hci_uart btbcm i2c_i801 btqca mei_me snd_timer btintel snd parport_pc mei shpchp soundcore bluetooth wmi parport rfkill acpi_als pinctrl_sunrisepoint intel_lpss_acpi kfifo_buf pinctrl_intel intel_lpss industrialio tpm_tis tpm acpi_pad nfsd auth_rpcgss nfs_acl lockd grace sunrpc 8021q garp stp llc mrp i915 e1000e i2c_algo_bit drm_kms_helper ptp drm serio_raw pps_core video i2c_hid fjes CPU: 1 PID: 5213 Comm: qemu-system-x86 Not tainted 4.6.6-200.fc23.x86_64 #1 Hardware name: System manufacturer System Product Name/Z170M-PLUS, BIOS 0704 02/18/2016 task: ffff8803a283bf00 ti: ffff88028a70c000 task.ti: ffff88028a70c000 RIP: 0010:[<ffffffff813f7119>] [<ffffffff813f7119>] __list_del_entry+0x29/0xc0 RSP: 0018:ffff88028a70fae8 EFLAGS: 00010207 RAX: 0000000000000000 RBX: ffff8800b8f2a088 RCX: dead000000000200 RDX: 0000000000000000 RSI: ffffea00105e2680 RDI: ffff8800b8f2a088 RBP: ffff88028a70fae8 R08: 000000001789a101 R09: 000000010040003d R10: 000000000040003d R11: 0000000000000000 R12: ffff8803a65499c0 R13: ffff8803a65499d8 R14: ffff88028a57fe60 R15: ffff880428e29d38 FS: 00007f4798eefc80(0000) GS:ffff88043bc40000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 0000000000000000 CR3: 000000041075a000 CR4: 00000000003426e0 Stack: ffff88028a70fb00 ffffffff813f71bd ffff8800b8f2a000 ffff88028a70fb30 ffffffffc08389a1 ffff8800b8f2a000 ffff8803e3e30940 ffff880425621b80 ffff8803e3e30940 ffff88028a70fb40 ffffffffc0838a48 ffff88028a70fb58 Call Trace: [<ffffffff813f71bd>] list_del+0xd/0x30 [<ffffffffc08389a1>] __vfio_group_unset_container+0x51/0xd0 [vfio] [<ffffffffc0838a48>] vfio_group_try_dissolve_container+0x28/0x30 [vfio] [<ffffffffc0838c8b>] vfio_group_put_external_user+0x2b/0x70 [vfio] [<ffffffffc0601883>] kvm_vfio_group_put_external_user+0x23/0x40 [kvm] [<ffffffffc0601980>] kvm_vfio_destroy+0x30/0x80 [kvm] [<ffffffffc05f91fb>] kvm_put_kvm+0xfb/0x1a0 [kvm] [<ffffffffc05f9301>] kvm_vm_release+0x21/0x30 [kvm] [<ffffffff81249e8f>] __fput+0xdf/0x1f0 [<ffffffff81249fde>] ____fput+0xe/0x10 [<ffffffff810c5121>] task_work_run+0x81/0xa0 [<ffffffff810ab082>] do_exit+0x2d2/0xb50 [<ffffffff810ab987>] do_group_exit+0x47/0xb0 [<ffffffff810b6ca1>] get_signal+0x291/0x610 [<ffffffff8102e137>] do_signal+0x37/0x710 [<ffffffff810b503e>] ? send_signal+0x3e/0x80 [<ffffffff817da7ce>] ? _raw_spin_unlock_irqrestore+0xe/0x10 [<ffffffff810b5a6c>] ? do_send_sig_info+0x6c/0xa0 [<ffffffff8100320c>] exit_to_usermode_loop+0x8c/0xd0 [<ffffffff81003d21>] syscall_return_slowpath+0xa1/0xb0 [<ffffffff817dac7a>] entry_SYSCALL_64_fastpath+0xa2/0xa4 Code: 66 90 55 48 8b 07 48 b9 00 01 00 00 00 00 ad de 48 8b 57 08 48 89 e5 48 39 c8 74 29 48 b9 00 02 00 00 00 00 ad de 48 39 ca 74 3a <4c> 8b 02 4c 39 c7 75 52 4c 8b 40 08 4c 39 c7 75 66 48 89 50 08 RIP [<ffffffff813f7119>] __list_del_entry+0x29/0xc0 RSP <ffff88028a70fae8> CR2: 0000000000000000
Created attachment 1193021 [details] File: dmesg
*********** MASS BUG UPDATE ************** We apologize for the inconvenience. There is a large number of bugs to go through and several of them have gone stale. Due to this, we are doing a mass bug update across all of the Fedora 23 kernel bugs. Fedora 23 has now been rebased to 4.7.4-100.fc23. Please test this kernel update (or newer) and let us know if you issue has been resolved or if it is still present with the newer kernel. If you have moved on to Fedora 24 or 25, and are still experiencing this issue, please change the version to Fedora 24 or 25. If you experience different issues, please open a new bug report for those.
*********** MASS BUG UPDATE ************** This bug is being closed with INSUFFICIENT_DATA as there has not been a response in 4 weeks. If you are still experiencing this issue, please reopen and attach the relevant data from the latest kernel you are running and any data that might have been requested previously.