Bug List: (9 of 104)
RHEL Engineering is moving the tracking of its product development work on RHEL 6 through RHEL 9 to Red Hat Jira (issues.redhat.com). If you're a Red Hat customer, please continue to file support cases via the Red Hat customer portal. If you're not, please head to the "RHEL project" in Red Hat Jira and file new tickets here. Individual Bugzilla bugs in the statuses "NEW", "ASSIGNED", and "POST" are being migrated throughout September 2023. Bugs of Red Hat partners with an assigned Engineering Partner Manager (EPM) are migrated in late September as per pre-agreed dates. Bugs against components "kernel", "kernel-rt", and "kpatch" are only migrated if still in "NEW" or "ASSIGNED". If you cannot log in to RH Jira, please consult article #7032570. That failing, please send an e-mail to the RH Jira admins at rh-issues@redhat.com to troubleshoot your issue as a user management inquiry. The email creates a ServiceNow ticket with Red Hat. Individual Bugzilla bugs that are migrated will be moved to status "CLOSED", resolution "MIGRATED", and set with "MigratedToJIRA" in "Keywords". The link to the successor Jira issue will be found under "Links", have a little "two-footprint" icon next to it, and direct you to the "RHEL project" in Red Hat Jira (issue links are of type "https://issues.redhat.com/browse/RHEL-XXXX", where "X" is a digit). This same link will be available in a blue banner at the top of the page informing you that that bug has been migrated.
Bug 1685477 - qemu crash when copying message data to a socket buffer
Summary: qemu crash when copying message data to a socket buffer
Keywords:
Status: CLOSED CURRENTRELEASE
Alias: None
Product: Red Hat Enterprise Linux 8
Classification: Red Hat
Component: qemu-kvm
Version: 8.1
Hardware: Unspecified
OS: Unspecified
medium
medium
Target Milestone: rc
: ---
Assignee: jason wang
QA Contact: Virtualization Bugs
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2019-03-05 10:27 UTC by Pei Zhang
Modified: 2020-07-06 09:19 UTC (History)
9 users (show)

Fixed In Version:
Doc Type: If docs needed, set a value
Doc Text:
Clone Of:
Environment:
Last Closed: 2020-07-06 09:19:44 UTC
Type: Bug
Target Upstream Version:
Embargoed:

Attachments (Terms of Use)

Comment 1 Pei Zhang 2019-03-06 05:02:22 UTC 
Thread 5 "qemu-kvm" received signal SIGABRT, Aborted.
0x00007ffff2bd093f in raise () from /lib64/libc.so.6
(gdb) bt
#0  0x00007ffff2bd093f in raise () at /lib64/libc.so.6
#1  0x00007ffff2bbac95 in abort () at /lib64/libc.so.6
#2  0x00007ffff2c13d57 in __libc_message () at /lib64/libc.so.6
#3  0x00007ffff2c1a68c in  () at /lib64/libc.so.6
#4  0x00007ffff2c1c0b4 in _int_free () at /lib64/libc.so.6
#5  0x00007ffff76b8552 in g_free () at /lib64/libglib-2.0.so.0
#6  0x0000555555a7c869 in m_free ()
#7  0x0000555555a80ba6 in tcp_input ()
#8  0x0000555555a7c050 in slirp_input ()
#9  0x0000555555a6bfd4 in net_slirp_receive ()
#10 0x0000555555a6444e in qemu_deliver_packet_iov ()
#11 0x0000555555a66d68 in qemu_net_queue_send_iov ()
#12 0x0000555555a672cb in net_hub_port_receive_iov ()
#13 0x0000555555a64387 in qemu_deliver_packet_iov ()
#14 0x0000555555a66d68 in qemu_net_queue_send_iov ()
#15 0x00005555559fb711 in net_tx_pkt_do_sw_fragmentation ()
#16 0x00005555559fc393 in net_tx_pkt_send ()
#17 0x0000555555a00618 in e1000e_start_xmit.isra ()
#18 0x0000555555a00721 in e1000e_set_tdt ()
#19 0x000055555588ab86 in memory_region_write_accessor ()
#20 0x0000555555888f36 in access_with_adjusted_size ()
#21 0x000055555588cd7a in memory_region_dispatch_write ()
#22 0x000055555583b1c3 in flatview_write ()
--Type <RET> for more, q to quit, c to continue without paging--
#23 0x000055555583f683 in address_space_write ()
#24 0x000055555589bce8 in kvm_cpu_exec ()
#25 0x000055555587874e in qemu_kvm_cpu_thread_fn ()
#26 0x00007ffff2f652de in start_thread () at /lib64/libpthread.so.0
#27 0x00007ffff2c95a63 in clone () at /lib64/libc.so.6
(gdb) 
(gdb) bt
#0  0x00007ffff2bd093f in raise () at /lib64/libc.so.6
#1  0x00007ffff2bbac95 in abort () at /lib64/libc.so.6
#2  0x00007ffff2c13d57 in __libc_message () at /lib64/libc.so.6
#3  0x00007ffff2c1a68c in  () at /lib64/libc.so.6
#4  0x00007ffff2c1c0b4 in _int_free () at /lib64/libc.so.6
#5  0x00007ffff76b8552 in g_free () at /lib64/libglib-2.0.so.0
#6  0x0000555555a7c869 in m_free ()
#7  0x0000555555a80ba6 in tcp_input ()
#8  0x0000555555a7c050 in slirp_input ()
#9  0x0000555555a6bfd4 in net_slirp_receive ()
#10 0x0000555555a6444e in qemu_deliver_packet_iov ()
#11 0x0000555555a66d68 in qemu_net_queue_send_iov ()
#12 0x0000555555a672cb in net_hub_port_receive_iov ()
#13 0x0000555555a64387 in qemu_deliver_packet_iov ()
#14 0x0000555555a66d68 in qemu_net_queue_send_iov ()
#15 0x00005555559fb711 in net_tx_pkt_do_sw_fragmentation ()
#16 0x00005555559fc393 in net_tx_pkt_send ()
#17 0x0000555555a00618 in e1000e_start_xmit.isra ()
#18 0x0000555555a00721 in e1000e_set_tdt ()
#19 0x000055555588ab86 in memory_region_write_accessor ()
#20 0x0000555555888f36 in access_with_adjusted_size ()
#21 0x000055555588cd7a in memory_region_dispatch_write ()
#22 0x000055555583b1c3 in flatview_write ()
--Type <RET> for more, q to quit, c to continue without paging--
#23 0x000055555583f683 in address_space_write ()
#24 0x000055555589bce8 in kvm_cpu_exec ()
#25 0x000055555587874e in qemu_kvm_cpu_thread_fn ()
#26 0x00007ffff2f652de in start_thread () at /lib64/libpthread.so.0
#27 0x00007ffff2c95a63 in clone () at /lib64/libc.so.6
Comment 13 Ademar Reis 2020-02-05 22:54:52 UTC 
QEMU has been recently split into sub-components and as a one-time operation to avoid breakage of tools, we are setting the QEMU sub-component of this BZ to "General". Please review and change the sub-component if necessary the next time you review this BZ. Thanks
Note You need to log in before you can comment on or make changes to this bug.
Bug List: (9 of 104)