Bug 615613 - VM segfault of spice-server occurred
VM segfault of spice-server occurred
Status: CLOSED NOTABUG
Product: Red Hat Enterprise Linux 6
Classification: Red Hat
Component: spice-server (Show other bugs)
6.0
All Linux
medium Severity medium
: rc
: ---
Assigned To: Uri Lublin
Desktop QE
:
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2010-07-17 09:21 EDT by Amos Kong
Modified: 2015-05-24 20:05 EDT (History)
3 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2010-10-31 08:32:47 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description Amos Kong 2010-07-17 09:21:15 EDT
Description of problem:
Boot up guest with 'qemu-kvm ... -spice port=8000,disable-ticketing ...', segfault occurred.


Coredump: 
(gdb) bt
#0  0x0000003b2aa83e8b in ?? ()
#1  0x0000000000471c20 in qemu_spice_display_create_update (ds=0x1dd6040, dirty=<value optimized out>, unique=<value optimized out>) at /usr/include/bits/string3.h:52
#2  0x0000000000471ccb in interface_get_command (qxl=<value optimized out>, cmd=0x7f06279a8180) at /usr/src/debug/qemu-kvm-0.12.1.2/spice-display.c:255
#3  0x000000309042cbd2 in red_process_commands (worker=0x7f06279a82c0, max_pipe_size=50) at red_worker.c:4314
#4  0x000000309042eb86 in red_worker_main (arg=<value optimized out>) at red_worker.c:8510


Version-Release number of selected component (if applicable):
# rpm -qa |grep spice
spice-server-debuginfo-0.4.2-14.el6.x86_64
ffmpeg-spice-libs-0.4.9-0.15.5spice.20080908.el6.x86_64
cairo-spice-1.8.7.1-4.el6.x86_64
spice-server-0.4.2-14.el6.x86_64
cairo-spice-debuginfo-1.8.7.1-4.el6.x86_64
pixman-spice-debuginfo-0.13.3-5.el6.x86_64
spice-client-0.4.2-15.el6.x86_64
pixman-spice-0.13.3-5.el6.x86_64

host kernel: kernel-2.6.32-44.el6.x86_64
# rpm -qa |grep qemu
qemu-img-0.12.1.2-2.93.el6.x86_64
qemu-kvm-0.12.1.2-2.93.el6.x86_64
qemu-kvm-debuginfo-0.12.1.2-2.93.el6.x86_64
qemu-kvm-tools-0.12.1.2-2.93.el6.x86_64
gpxe-roms-qemu-0.9.7-6.3.el6.noarch


How reproducible:
always

Steps to Reproduce:
1.Boot up guest with 'qemu-kvm ... -spice port=8000,disable-ticketing ...'
  
Actual results:
segfault occurred

Expected results:
guest runs normally

Additional info:

1. Qemu-kvm commandline:
# qemu-kvm -name 'vm1' -monitor unix:'/tmp/monitor-humanmonitor1-20100717-061358-ueBY',server,nowait -drive file='/root/push/client/tests/kvm/isos/windows/winutils.iso',if=none,id=drive-ide0-0-0,media=cdrom,readonly=on,format=raw -device ide-drive,bus=ide.0,unit=0,drive=drive-ide0-0-0,id=ide0-0-0 -serial unix:'/tmp/serial-20100717-061358-ueBY',server,nowait -drive file='/root/push/client/tests/kvm/images/win2008-64-virtio.raw',if=none,id=drive-virtio-disk1,media=disk,cache=writethrough,boot=on,format=raw -device virtio-blk-pci,drive=drive-virtio-disk1,id=virtio-disk1 -net nic,vlan=0,netdev=idNkALXQ,model=rtl8139,macaddr='02:A9:7C:6C:04:76' -netdev tap,id=idNkALXQ,ifname='rtl8139_0_8000',script='/root/push/client/tests/kvm/scripts/qemu-ifup',downscript='no' -m 2048 -smp 2 -vnc :0 -spice port=8000,disable-ticketing -rtc base=localtime,clock=host -M rhel6.0.0 -usbdevice tablet -cpu qemu64,+sse2 -no-kvm-pit-reinjection -rtc-td-hack
Comment 2 RHEL Product and Program Management 2010-07-17 09:37:33 EDT
This issue has been proposed when we are only considering blocker
issues in the current Red Hat Enterprise Linux release. It has
been denied for the current Red Hat Enterprise Linux release.

** If you would still like this issue considered for the current
release, ask your support representative to file as a blocker on
your behalf. Otherwise ask that it be considered for the next
Red Hat Enterprise Linux release. **
Comment 3 Uri Lublin 2010-07-18 09:37:12 EDT
1. When using spice, please make sure:
  * VM contains the qxl device ( -vga qxl)
  * vnc is _not_ available.

2. With a simple command line (and a bit newer RPMs), I can't reproduce (meaning qemu-kvm does not crash). 


spice rpms:
pixman-spice-0.13.3-5.el6.x86_64
ffmpeg-spice-libs-0.4.9-0.15.5spice.20080908.el6.x86_64
cairo-spice-1.8.7.1-4.el6.x86_64
spice-client-0.4.2-16.el6.x86_64
spice-server-0.4.2-14.el6.x86_64

qemu rpms:
qemu-kvm-0.12.1.2-2.96.el6.x86_64
qemu-img-0.12.1.2-2.96.el6.x86_64
gpxe-roms-qemu-0.9.7-6.3.el6.noarch

qemu-kvm command line:
/usr/libexec/qemu-kvm -snapshot -hda /tmp/urixp.qcow2  -usbdevice tablet -monitor stdio  -spice port=8000,disable-ticketing

 * with/without -vga qxl
 * with/without -vnc :2 (or -vnc :0)
 * with/without replacing -hda with -drive file=...
 * with/without a cdrom
 * with user network.

Another successful trial (meaning: did not crash)
/usr/libexec/qemu-kvm  -name 'vm1' -monitor unix:'/tmp/monitor',server,nowait -drive file='/tmp/cdrom',if=none,id=myhda0,media=cdrom,readonly=on,format=raw  -device ide-drive,bus=ide.0,unit=0,drive=myhda0,id=ide0-0-0 -serial unix:'/tmp/serial',server,nowait -drive file='/tmp/urixp.qcow2',if=none,id=drive-virtio-disk1,media=disk,cache=writethrough,boot=on,format=qcow2 -device virtio-blk-pci,drive=drive-virtio-disk1,id=virtio-disk1  -net nic,vlan=0,model=rtl8139,macaddr='02:A9:7C:6C:04:76' -net user,vlan=0  -m 2048 -smp 2 -vnc :0 -spice port=8000,disable-ticketing -rtc base=localtime,clock=host -M rhel6.0.0 -usbdevice tablet -cpu qemu64,+sse2 -no-kvm-pit-reinjection -rtc-td-hack
Comment 4 Uri Lublin 2010-07-19 10:09:57 EDT
Amos,

Please try to reproduce with the same command line but without "-spice port=8000,disable-ticketing", without -vnc and with -vga qxl.
Comment 5 Amos Kong 2010-07-19 21:55:40 EDT
(In reply to comment #4)
> Amos,
> 
> Please try to reproduce with the same command line but without "-spice
> port=8000,disable-ticketing", without -vnc and with -vga qxl.    

Ok.
I'll do some installation test, and report result to you later.
Comment 6 YangFeng 2010-08-04 00:53:37 EDT
Reproduce this bug in weekly testing

host kernel: 2.6.32-55.el6.x86_64
qemu-kvm version: qemu-kvm-0.12.1.2-2.104.el6.x86_64
cmdline used:
qemu-kvm -name 'vm1' -monitor unix:'/tmp/monitor-humanmonitor1-20100730-153848-UpE9',server,nowait -drive file='/usr/local/autotest/tests/kvm/isos/windows/winutils.iso',if=none,id=drive-ide0-0-0,media=cdrom,readonly=on,format=raw -device ide-drive,bus=ide.0,unit=0,drive=drive-ide0-0-0,id=ide0-0-0 -serial unix:'/tmp/serial-20100730-153848-UpE9',server,nowait -drive file='/usr/local/autotest/tests/kvm/images/win7-32-virtio.qcow2',if=none,id=drive-virtio-disk1,media=disk,cache=none,boot=on,format=qcow2 -device virtio-blk-pci,drive=drive-virtio-disk1,id=virtio-disk1 -drive file='/usr/local/autotest/tests/kvm/images/storage.qcow2',if=none,id=drive-virtio-disk2,media=disk,cache=none,format=qcow2 -device virtio-blk-pci,drive=drive-virtio-disk2,id=virtio-disk2 -net nic,vlan=0,netdev=id9uXtq7,model=virtio,macaddr='02:A9:13:4E:e5:02' -netdev tap,id=id9uXtq7,ifname='virtio_0_8000',script='/usr/local/autotest/tests/kvm/scripts/qemu-ifup-switch',downscript='no',vhost=on -m 4096 -smp 2 -vnc :0 -spice port=8000,disable-ticketing -rtc base=localtime,clock=host -M rhel6.0.0 -usbdevice tablet -cpu qemu64,+sse2 -no-kvm-pit-reinjection
Comment 7 Amos Kong 2010-08-04 01:15:53 EDT
(In reply to comment #6)
> Reproduce this bug in weekly testing

How about the reproduce ratio ?

> host kernel: 2.6.32-55.el6.x86_64
> qemu-kvm version: qemu-kvm-0.12.1.2-2.104.el6.x86_64
Comment 8 YangFeng 2010-08-04 01:39:14 EDT
(In reply to comment #7)
> (In reply to comment #6)
> > Reproduce this bug in weekly testing
> 
> How about the reproduce ratio ?
> 
> > host kernel: 2.6.32-55.el6.x86_64
> > qemu-kvm version: qemu-kvm-0.12.1.2-2.104.el6.x86_64    

Reproduce this bug in a automation testing.

Only reproduce one time for about 100 test cases.
Comment 9 Uri Lublin 2010-08-04 05:08:56 EDT
YangFeng,

When running qemu-kvm make sure only one of vnc or spice is used.
Also when using spice, make sure to add the qxl device (-vga qxl).

Please run the tests again twice, one for each option below:
1. run with -vnc and without -spice
2. run without -vnc and with -vga qxl -spice ...

Is the problem reproduced with vnc ?
Is the problem reproduced with spice ?
Only with vnc, or only with spice, or both ?

Thanks.
Comment 10 YangFeng 2010-08-09 04:12:48 EDT
(In reply to comment #9)
> YangFeng,
> 
> When running qemu-kvm make sure only one of vnc or spice is used.
> Also when using spice, make sure to add the qxl device (-vga qxl).
> 
I have run weekly testing loop twice again according your comment.

> Please run the tests again twice, one for each option below:
> 1. run with -vnc and without -spice
Fail to reproduce this bug.

> 2. run without -vnc and with -vga qxl -spice ...
Fail to reproduce this bug.

> 
> Is the problem reproduced with vnc ?
> Is the problem reproduced with spice ?
> Only with vnc, or only with spice, or both ?
> 
> Thanks.
Comment 12 Uri Lublin 2010-10-31 08:32:47 EDT
I'm closing this bug, with NOTABUG.

If someone can reproduce this bug please reopen it (or file a new bug).

Note You need to log in before you can comment on or make changes to this bug.