1829185 – SB16 driver installation kills qemu-kvm under MSDOS 6.22

Bug 1829185 - SB16 driver installation kills qemu-kvm under MSDOS 6.22

Summary: SB16 driver installation kills qemu-kvm under MSDOS 6.22

Keywords:
Status:	CLOSED INSUFFICIENT_DATA
Alias:	None
Product:	Fedora
Classification:	Fedora
Component:	qemu
Sub Component:
Version:	31
Hardware:	x86_64
OS:	Linux
Priority:	unspecified
Severity:	unspecified
Target Milestone:	---
Assignee:	Fedora Virtualization Maintainers
QA Contact:	Fedora Extras Quality Assurance
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+	depends on / blocked

Reported:	2020-04-29 07:07 UTC by Gilboa Davara
Modified:	2020-08-18 21:27 UTC (History)
CC List:	9 users (show)
Fixed In Version:
Clone Of:
Environment:
Last Closed:	2020-08-18 21:27:09 UTC
Type:	Bug
Embargoed:
Dependent Products:

Attachments	(Terms of Use)

Description Gilboa Davara 2020-04-29 07:07:57 UTC

Description of problem:
Fresh installation of MS-DOS 6.22 (Currently available via archive.org)
Trying to install SB16 drivers immediately kills the qemu-kvm host.

Version-Release number of selected component (if applicable):
qemu-system-x86-core-4.1.1-1.fc31.x86_64

How reproducible:
Always

Steps to Reproduce:
1. Create MS-DOS VM.
/usr/bin/qemu-system-x86_64 -machine accel=kvm -serial telnet::9016,server,nowait -soundhw sb16 -netdev tap,id=eth_1600,ifname=tap1600,script=/etc/qemu-ifup,downscript=/etc/qemu-ifdown -device rtl8139,netdev=eth_1600,mac=00:1F:1F:77:50:03 -name msdos -drive file=/usr/drives/kvm/gilboa-vmh-dos/gilboa-vmh-dos.img,cache=none,if=ide -vga cirrus -vnc -daemonize
2. Download SB16 DOS drivers from Creative Labs.
https://support.creative.com/downloads/download.aspx?nDownloadId=273
3. Unpack the sbbasic.exe package.
4. Run install.exe
5. Crash during SB16 device detection.

Actual results:
Thread 3 "qemu-system-x86" received signal SIGABRT, Aborted.
[Switching to Thread 0x7f7986c5b700 (LWP 1355559)]
0x00007f79894dc625 in raise () from /lib64/libc.so.6
(gdb) bt
#0  0x00007f79894dc625 in raise () at /lib64/libc.so.6
#1  0x00007f79894c58d9 in abort () at /lib64/libc.so.6
#2  0x0000561eba38b3e4 in audio_get_pdo_out.cold ()
#3  0x0000561eba5176f1 in no_init_out ()
#4  0x0000561eba51386f in audio_pcm_hw_add_new_out ()
#5  0x0000561eba514bb8 in AUD_open_out ()
#6  0x0000561eba54b22b in reset ()
#7  0x0000561eba54bc8f in dsp_write ()
#8  0x0000561eba3e8333 in memory_region_write_accessor ()
#9  0x0000561eba3e659e in access_with_adjusted_size ()
#10 0x0000561eba3ea414 in memory_region_dispatch_write ()
#11 0x0000561eba39611c in flatview_write_continue ()
#12 0x0000561eba396346 in flatview_write ()
#13 0x0000561eba39aa3f in address_space_write ()
#14 0x0000561eba3f91af in kvm_cpu_exec ()
#15 0x0000561eba3de1de in qemu_kvm_cpu_thread_fn ()
#16 0x0000561eba7b97d3 in qemu_thread_start ()
#17 0x00007f79896744e2 in start_thread () at /lib64/libpthread.so.0
#18 0x00007f79895a16a3 in clone () at /lib64/libc.so.6

Expected results:
Working sound.

Additional info:
If required, I can create a small VM that can be unploaded for testing purposes.

Comment 1 Daniel Berrangé 2020-04-29 09:03:31 UTC

Could you capture a more detailed stack trace with line numbers present. For this you'll need to run

$ dnf debuginfo-install  /usr/bin/qemu-system-x86_64


and then reproduce it again capturing new stack trace.

Note You need to log in before you can comment on or make changes to this bug.