Description of problem: qemu occurs core dumped when hotplugging existed chardev Version-Release number of selected component (if applicable): Host: qemu-kvm-5.0.0-2.module+el8.3.0+7379+0505d6ca.x86_64 kernel-4.18.0-226.el8.x86_64 seabios-bin-1.13.0-2.module+el8.3.0+7353+9de0a3cc.noarch Guest: RHEL8.3.0 (kernel-4.18.0-225.el8.x86_64) Win2019 How reproducible: 6/6 Steps to Reproduce: 1. boot guest with cmd: -device virtio-serial-pci,id=virtio-serial0,max_ports=31 \ -chardev socket,id=channel1,path=/tmp/helloworld1,server,nowait \ -device virtserialport,chardev=channel1,name=com.redhat.rhevm.vdsm1,bus=virtio-serial0.0,id=port1 \ 2. hotplug existed chardev {"execute":"chardev-add","arguments":{"id":"channel1","backend":{"type":"socket","data":{"addr":{"type":"unix", "data": {"path": "/tmp/helloworld1"}}}}}} 3. qemu aborted with core dumped Actual results: (qemu) Unexpected error in object_property_try_add() at /builddir/build/BUILD/qemu-5.0.0/qom/object.c:1167: attempt to add duplicate property 'channel1' to object (type 'container') Aborted (core dumped) Expected results: qemu won't core dumped Additional info: qemu cmd /usr/libexec/qemu-kvm \ -S \ -name 'avocado-vt-vm1' \ -sandbox on \ -machine pc \ -nodefaults \ -device VGA,bus=pci.0,addr=0x2 \ -m 6144 \ -smp 2,maxcpus=2,cores=1,threads=1,dies=1,sockets=2 \ -cpu 'Skylake-Client',+kvm_pv_unhalt \ -chardev socket,id=qmp_id_qmpmonitor1,server,nowait,path=/var/tmp/avocado_ks7kdb38/monitor-qmpmonitor1-20200721-112329-PZznsqus \ -mon chardev=qmp_id_qmpmonitor1,mode=control \ -chardev socket,id=qmp_id_catch_monitor,server,nowait,path=/var/tmp/avocado_ks7kdb38/monitor-catch_monitor-20200721-112329-PZznsqus \ -mon chardev=qmp_id_catch_monitor,mode=control \ -device pvpanic,ioport=0x505,id=id9o7Dlh \ -chardev socket,id=chardev_serial0,server,nowait,path=/var/tmp/avocado_ks7kdb38/serial-serial0-20200721-112329-PZznsqus \ -device isa-serial,id=serial0,chardev=chardev_serial0 \ -chardev socket,id=seabioslog_id_20200721-112329-PZznsqus,path=/var/tmp/avocado_ks7kdb38/seabios-20200721-112329-PZznsqus,server,nowait \ -device isa-debugcon,chardev=seabioslog_id_20200721-112329-PZznsqus,iobase=0x402 \ -device qemu-xhci,id=usb1,bus=pci.0,addr=0x3 \ -device usb-tablet,id=usb-tablet1,bus=usb1.0,port=1 \ -device virtio-scsi-pci,id=virtio_scsi_pci0,bus=pci.0,addr=0x4 \ -blockdev node-name=file_image1,driver=file,aio=threads,filename=/home/kvm_autotest_root/images/rhel830-64-virtio-scsi.qcow2,cache.direct=on,cache.no-flush=off \ -blockdev node-name=drive_image1,driver=qcow2,cache.direct=on,cache.no-flush=off,file=file_image1 \ -device scsi-hd,id=image1,drive=drive_image1,write-cache=on \ -device virtio-net-pci,mac=9a:27:2e:cc:6e:57,id=idRphUk9,netdev=idbwPqKp,bus=pci.0,addr=0x5 \ -netdev tap,id=idbwPqKp,vhost=on \ -vnc :0 \ -rtc base=utc,clock=host,driftfix=slew \ -boot menu=off,order=cdn,once=c,strict=off \ -enable-kvm \ -monitor stdio \ -qmp tcp:0:4444,server,nowait \ -device virtio-serial-pci,id=virtio-serial0,max_ports=31 \ -chardev socket,id=channel1,path=/tmp/helloworld1,server,nowait \ -device virtserialport,chardev=channel1,name=com.redhat.rhevm.vdsm1,bus=virtio-serial0.0,id=port1 \
Can't reproduce this issue with qemu-kvm-5.0.0-0.module+el8.3.0+6620+5d5e1420.x86_64. Test environments: Host: qemu-kvm-5.0.0-0.module+el8.3.0+6620+5d5e1420.x86_64 kernel-4.18.0-226.el8.x86_64 seabios-bin-1.13.0-2.module+el8.3.0+7353+9de0a3cc.noarch Guest: RHEL8.3.0
debug core dumped file: (gdb) bt #0 0x00007f04190ed7ff in raise () at /lib64/libc.so.6 #1 0x00007f04190d7c35 in abort () at /lib64/libc.so.6 #2 0x000055eaeef9f73d in error_handle_fatal (errp=<optimized out>, err=0x55eaf1732a80) at /usr/src/debug/qemu-kvm-5.0.0-2.module+el8.3.0+7379+0505d6ca.x86_64/util/error.c:40 #3 0x000055eaef3316bd in error_setv (errp=0x55eaefb83778 <error_abort>, src=0x55eaef4b6638 "/builddir/build/BUILD/qemu-5.0.0/qom/object.c", line=1167, func=0x55eaef4b6aa0 <__func__.18489> "object_property_try_add", err_class=ERROR_CLASS_GENERIC_ERROR, fmt=<optimized out>, ap=0x7ffd32e4cb10, suffix=0x0) at /usr/src/debug/qemu-kvm-5.0.0-2.module+el8.3.0+7379+0505d6ca.x86_64/util/error.c:73 #4 0x000055eaef331844 in error_setg_internal (errp=errp@entry=0x55eaefb83778 <error_abort>, src=src@entry=0x55eaef4b6638 "/builddir/build/BUILD/qemu-5.0.0/qom/object.c", line=line@entry=1167, func=func@entry=0x55eaef4b6aa0 <__func__.18489> "object_property_try_add", fmt=fmt@entry=0x55eaef4b67c8 "attempt to add duplicate property '%s' to object (type '%s')") at /usr/src/debug/qemu-kvm-5.0.0-2.module+el8.3.0+7379+0505d6ca.x86_64/util/error.c:97 #5 0x000055eaef250b48 in object_property_try_add (obj=obj@entry=0x55eaf090f1c0, name=name@entry=0x55eaf097fd50 "channel1", type=type@entry=0x55eaf1ad71e0 "child<chardev-socket>", get=get@entry=0x55eaef252390 <object_get_child_property>, set=set@entry=0x0, release=release@entry=0x55eaef250520 <object_finalize_child_property>, opaque=0x55eaf0748ea0, errp=0x55eaefb83778 <error_abort>) at /usr/src/debug/qemu-kvm-5.0.0-2.module+el8.3.0+7379+0505d6ca.x86_64/qom/object.c:1166 #6 0x000055eaef251c26 in object_property_add (opaque=0x55eaf0748ea0, release=0x55eaef250520 <object_finalize_child_property>, set=0x0, get=0x55eaef252390 <object_get_child_property>, type=0x55eaf1ad71e0 "child<chardev-socket>", name=0x55eaf097fd50 "channel1", obj=0x55eaf090f1c0) --Type <RET> for more, q to quit, c to continue without paging--c 5d6ca.x86_64/qom/object.c:1664 #7 0x000055eaef251c26 in object_property_add_child (obj=0x55eaf090f1c0, name=name@entry=0x55eaf097fd50 "channel1", child=child@entry=0x55eaf0748ea0) at /usr/src/debug/qemu-kvm-5.0.0-2.module+el8.3.0+7379+0505d6ca.x86_64/qom/object.c:1664 #8 0x000055eaef2bf595 in chardev_new (id=id@entry=0x55eaf097fd50 "channel1", typename=0x55eaf079a780 "chardev-socket", backend=backend@entry=0x55eaf09b3f10, gcontext=gcontext@entry=0x0, errp=errp@entry=0x7ffd32e4cd38) at /usr/src/debug/qemu-kvm-5.0.0-2.module+el8.3.0+7379+0505d6ca.x86_64/chardev/char.c:1001 #9 0x000055eaef2c0a3a in qmp_chardev_add (id=0x55eaf097fd50 "channel1", backend=0x55eaf09b3f10, errp=errp@entry=0x7ffd32e4cd38) at /usr/src/debug/qemu-kvm-5.0.0-2.module+el8.3.0+7379+0505d6ca.x86_64/chardev/char.c:1042 #10 0x000055eaef21b140 in qmp_marshal_chardev_add (args=<optimized out>, ret=0x7ffd32e4cdb0, errp=0x7ffd32e4cda8) at qapi/qapi-commands-char.c:249 #11 0x000055eaef2de8a0 in qmp_dispatch (cmds=0x55eaefb81220 <qmp_commands>, request=<optimized out>, allow_oob=<optimized out>) at /usr/src/debug/qemu-kvm-5.0.0-2.module+el8.3.0+7379+0505d6ca.x86_64/qapi/qmp-dispatch.c:155 #12 0x000055eaef1f9a41 in monitor_qmp_dispatch (mon=0x55eaf0962550, req=<optimized out>) at /usr/src/debug/qemu-kvm-5.0.0-2.module+el8.3.0+7379+0505d6ca.x86_64/monitor/qmp.c:145 #13 0x000055eaef1fa10a in monitor_qmp_bh_dispatcher (data=<optimized out>) at /usr/src/debug/qemu-kvm-5.0.0-2.module+el8.3.0+7379+0505d6ca.x86_64/monitor/qmp.c:234 #14 0x000055eaef33cbed in aio_bh_call (bh=0x55eaf07a04b0) at /usr/src/debug/qemu-kvm-5.0.0-2.module+el8.3.0+7379+0505d6ca.x86_64/util/async.c:164 #15 0x000055eaef33cbed in aio_bh_poll (ctx=ctx@entry=0x55eaf0780260) at /usr/src/debug/qemu-kvm-5.0.0-2.module+el8.3.0+7379+0505d6ca.x86_64/util/async.c:164 #16 0x000055eaef32c482 in aio_dispatch (ctx=0x55eaf0780260) at /usr/src/debug/qemu-kvm-5.0.0-2.module+el8.3.0+7379+0505d6ca.x86_64/util/aio-posix.c:380 #17 0x000055eaef33cad2 in aio_ctx_dispatch (source=<optimized out>, callback=<optimized out>, user_data=<optimized out>) at /usr/src/debug/qemu-kvm-5.0.0-2.module+el8.3.0+7379+0505d6ca.x86_64/util/async.c:306 #18 0x00007f041dbc367d in g_main_context_dispatch () at /lib64/libglib-2.0.so.0 #19 0x000055eaef341818 in glib_pollfds_poll () at /usr/src/debug/qemu-kvm-5.0.0-2.module+el8.3.0+7379+0505d6ca.x86_64/util/main-loop.c:219 #20 0x000055eaef341818 in os_host_main_loop_wait (timeout=<optimized out>) at /usr/src/debug/qemu-kvm-5.0.0-2.module+el8.3.0+7379+0505d6ca.x86_64/util/main-loop.c:242 #21 0x000055eaef341818 in main_loop_wait (nonblocking=nonblocking@entry=0) at /usr/src/debug/qemu-kvm-5.0.0-2.module+el8.3.0+7379+0505d6ca.x86_64/util/main-loop.c:518 #22 0x000055eaef0895f1 in qemu_main_loop () at /usr/src/debug/qemu-kvm-5.0.0-2.module+el8.3.0+7379+0505d6ca.x86_64/softmmu/vl.c:1680 #23 0x000055eaeefa1d42 in main (argc=<optimized out>, argv=<optimized out>, envp=<optimized out>) at /usr/src/debug/qemu-kvm-5.0.0-2.module+el8.3.0+7379+0505d6ca.x86_64/softmmu/main.c:49
Looks like this may be fixed by upstream commit 14a7a20306 from the 13-July upstream merge, but I'll let you decide. I do not have the secret decoder ring for qemu-kvm-5.0.0-2.module+el8.3.0+7379+0505d6ca.x86_64, but I believe it's the 08-Jul rebase branch If this is fixed, we can just note the upstream commit in the Devel Whiteboard and move to POST (with ACK's of course)
yes, I believe this is fixed by upstream commit 14a7a20306 too. I can't find the tag for qemu-kvm-5.0.0-2.module+el8.3.0+7379+0505d6ca in our git repos (https://virt-wiki.lab.eng.brq.redhat.com/KVM/DevelopersInfo/GitRepositories)
Can we get the qa_ack+ please?
Can't reproduce this bug with qemu-kvm-5.1.0-2.module+el8.3.0+7652+b30e6901. Test environments Host: qemu-kvm-5.1.0-2.module+el8.3.0+7652+b30e6901.x86_64 kernel-4.18.0-232.el8.x86_64 seabios-1.14.0-1.module+el8.3.0+7638+07cf13d2.x86_64 Guest: kernel-4.18.0-232.el8.x86_64 Move this bug to VERIFIED, thanks a lot. Best regards Liu Nana
Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory (virt:8.3 bug fix and enhancement update), and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://access.redhat.com/errata/RHBA-2020:5137