Note: This bug is displayed in read-only format because the product is no longer active in Red Hat Bugzilla.
RHEL Engineering is moving the tracking of its product development work on RHEL 6 through RHEL 9 to Red Hat Jira (issues.redhat.com). If you're a Red Hat customer, please continue to file support cases via the Red Hat customer portal. If you're not, please head to the "RHEL project" in Red Hat Jira and file new tickets here. Individual Bugzilla bugs in the statuses "NEW", "ASSIGNED", and "POST" are being migrated throughout September 2023. Bugs of Red Hat partners with an assigned Engineering Partner Manager (EPM) are migrated in late September as per pre-agreed dates. Bugs against components "kernel", "kernel-rt", and "kpatch" are only migrated if still in "NEW" or "ASSIGNED". If you cannot log in to RH Jira, please consult article #7032570. That failing, please send an e-mail to the RH Jira admins at rh-issues@redhat.com to troubleshoot your issue as a user management inquiry. The email creates a ServiceNow ticket with Red Hat. Individual Bugzilla bugs that are migrated will be moved to status "CLOSED", resolution "MIGRATED", and set with "MigratedToJIRA" in "Keywords". The link to the successor Jira issue will be found under "Links", have a little "two-footprint" icon next to it, and direct you to the "RHEL project" in Red Hat Jira (issue links are of type "https://issues.redhat.com/browse/RHEL-XXXX", where "X" is a digit). This same link will be available in a blue banner at the top of the page informing you that that bug has been migrated.

Bug 739019

Summary: qemu-kvm core dumps randomly with spice
Product: Red Hat Enterprise Linux 6 Reporter: Xiaoqing Wei <xwei>
Component: qemu-kvmAssignee: David Blechter <dblechte>
Status: CLOSED NOTABUG QA Contact: Virtualization Bugs <virt-bugs>
Severity: medium Docs Contact:
Priority: medium    
Version: 6.2CC: acathrow, juzhang, marcandre.lureau, michen, mkenneth, shuang, tburke, virt-maint
Target Milestone: rc   
Target Release: ---   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2011-09-23 17:54:10 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Xiaoqing Wei 2011-09-16 10:39:46 UTC 
Description of problem:
qemu-kvm core dumps randomly 

Version-Release number of selected component (if applicable):
qemu-kvm-0.12.1.2-2.188.el6.x86_64
spice-server-0.8.2-3.el6.x86_64
spice-client-0.8.2-5.el6.x86_64

How reproducible:
2 / 10

Steps to Reproduce:
1.boot a guest with spice / qxl 
qemu-kvm ..... -spice port=8000,disable-ticketing -vga qxl ...
2. view guest by spicec -h ... -p ...
3. 
  
Actual results:
sometimes qemu-kvm core dumps

Expected results:
both guest and host works fine.

Additional info:


gdb bt output
(gdb) bt
#0  channel_list_del (event=3, info=0x2491ae0) at ui/spice-core.c:161
#1  channel_event (event=3, info=0x2491ae0) at ui/spice-core.c:254
#2  0x00000034430144cb in reds_channel_event (s=0x2491a60) at reds.c:400
#3  reds_stream_free (s=0x2491a60) at reds.c:4981
#4  0x00000034430278a0 in red_disconnect_channel (channel=0x7fe99c069980) at red_worker.c:8489
#5  0x0000003443030f28 in handle_dev_input (listener=0x7febb8e1dc00, events=<value optimized out>)
    at red_worker.c:10035
#6  0x000000344302fa75 in red_worker_main (arg=<value optimized out>) at red_worker.c:10304
#7  0x000000343bc077e1 in start_thread () from /lib64/libpthread.so.0
#8  0x000000343b8e578d in clone () from /lib64/libc.so.6
(gdb) q






full cmd



qemu-kvm -name rhel61-64 -monitor stdio -chardev socket,id=serial_id_20110916-105536-d9AH,path=/tmp/serial-20110916-105536-d9AH,server,nowait -device isa-serial,chardev=serial_id_20110916-105536-d9AH -drive file=/usr/local/staf/test/RHEV/kvm-new/autotest-devel/client/tests/kvm/images/RHEL-Server-6.1-64.qcow2,index=0,if=none,id=drive-ide0-0-0,media=disk,cache=none,format=qcow2,aio=native -device ide-drive,bus=ide.0,unit=0,drive=drive-ide0-0-0,id=ide0-0-0 -device rtl8139,netdev=idkIACxL,mac=9a:64:aa:28:0f:08,id=ndev00idkIACxL,bus=pci.0,addr=0x3 -netdev tap,id=idkIACxL,vhost=on,ifname=t0-105536-d9AH,script=/usr/local/staf/test/RHEV/kvm-new/autotest-devel/client/tests/kvm/scripts/qemu-ifup-switch,downscript=no -m 8192 -smp 8,cores=4,threads=1,sockets=2 -cpu cpu64-rhel6,+sse2,+x2apic -spice port=8000,disable-ticketing -vga qxl -rtc base=utc,clock=host,driftfix=none -boot order=cdn,once=c,menu=off -usbdevice tablet -no-kvm-pit-reinjection -M rhel6.2.0 -enable-kvm
Comment 2 Marc-Andre Lureau 2011-09-20 14:28:19 UTC 
I have tried to reproduce the bug with:

qemu-kvm-0.12.1.2-2.190.el6.x86_64
spice-client-0.8.2-3.el6.x86_64
spice-server-0.8.2-3.el6.x86_64

This is the command line that I use:

/usr/libexec/qemu-kvm -enable-kvm -monitor stdio -m 8192 -smp 8,cores=4,threads=1,sockets=2 -cpu cpu64-rhel6,+sse2,+x2apic -spice port=8000,disable-ticketing -vga qxl -rtc base=utc,clock=host,driftfix=none -usbdevice tablet -no-kvm-pit-reinjection -device rtl8139  -M rhel6.2.0 rhel6.img

Xiaoqing Wei, can you try to reproduce it with updated packages and the same command line.

Is it enough for you to reproduce the crash with:
1. boot guess
2. connect to it with spicec
3. disconnect with spicec
4. go to step 2

Or do you reproduce it only by
1. boot guest
2. connect to it with spicec
3. repeat from step 1 until qemu crashes

How much time do you leave the guest running? Have you tried with other guest images? (plain rhel6, nothing custom for testing for example)

thanks
Comment 3 Xiaoqing Wei 2011-09-21 08:42:00 UTC 
(In reply to comment #2)
> 
> /usr/libexec/qemu-kvm -enable-kvm -monitor stdio -m 8192 -smp
> 8,cores=4,threads=1,sockets=2 -cpu cpu64-rhel6,+sse2,+x2apic -spice
> port=8000,disable-ticketing -vga qxl -rtc base=utc,clock=host,driftfix=none
> -usbdevice tablet -no-kvm-pit-reinjection -device rtl8139  -M rhel6.2.0
> rhel6.img
> 
> Xiaoqing Wei, can you try to reproduce it with updated packages and the same
> command line.

> Or do you reproduce it only by
> 1. boot guest
> 2. connect to it with spicec
> 3. repeat from step 1 until qemu crashes
for me :  3. repeat from step 2, IIRC.
> 

> How much time do you leave the guest running? Have you tried with other guest
> images? (plain rhel6, nothing custom for testing for example)
didn't tried rhel6,if need ,will test (but , with / without xorg-x11-qxl ?)



Thanks and Best Regards,
Xiaoqing.
Comment 4 Marc-Andre Lureau 2011-09-21 10:31:33 UTC 
(In reply to comment #3)
> (In reply to comment #2)
> > 
> > /usr/libexec/qemu-kvm -enable-kvm -monitor stdio -m 8192 -smp
> > 8,cores=4,threads=1,sockets=2 -cpu cpu64-rhel6,+sse2,+x2apic -spice
> > port=8000,disable-ticketing -vga qxl -rtc base=utc,clock=host,driftfix=none
> > -usbdevice tablet -no-kvm-pit-reinjection -device rtl8139  -M rhel6.2.0
> > rhel6.img
> > 
> > Xiaoqing Wei, can you try to reproduce it with updated packages and the same
> > command line.
> 
> > Or do you reproduce it only by
> > 1. boot guest
> > 2. connect to it with spicec
> > 3. repeat from step 1 until qemu crashes
> for me :  3. repeat from step 2, IIRC.

Did you disconnect the previous client? If yes, the you are doing then

1. boot guess
2. connect to it with spicec
3. disconnect with spicec
4. go to step 2

1. boot guess
2. connect to it with spicec
3. connect with a new spicec (previous one gets disconnected)
4. go to step 3

Can you confirm which steps you use to reproduce the bug?

> 
> > How much time do you leave the guest running? Have you tried with other guest
> > images? (plain rhel6, nothing custom for testing for example)
> didn't tried rhel6,if need ,will test (but , with / without xorg-x11-qxl ?)

What is running in your guest for the case that fail?

Sorry, but I need more details as I can't reproduce the crash.
Comment 5 Xiaoqing Wei 2011-09-22 05:08:21 UTC 
(In reply to comment #4)
> (In reply to comment #3)
> > (In reply to comment #2)
> > > 
> > > /usr/libexec/qemu-kvm -enable-kvm -monitor stdio -m 8192 -smp
> > > 8,cores=4,threads=1,sockets=2 -cpu cpu64-rhel6,+sse2,+x2apic -spice
> > > port=8000,disable-ticketing -vga qxl -rtc base=utc,clock=host,driftfix=none
> > > -usbdevice tablet -no-kvm-pit-reinjection -device rtl8139  -M rhel6.2.0
> > > rhel6.img
> > > 
> > > Xiaoqing Wei, can you try to reproduce it with updated packages and the same
> > > command line.
> > 
> > > Or do you reproduce it only by
> > > 1. boot guest
> > > 2. connect to it with spicec
> > > 3. repeat from step 1 until qemu crashes
> > for me :  3. repeat from step 2, IIRC.
> 
> Did you disconnect the previous client? If yes, the you are doing then
NO, I Didn't disconnect previous client,

> 
> 1. boot guess
> 2. connect to it with spicec
> 3. disconnect with spicec
I didn't do the step 3
> 4. go to step 2
> 
> 1. boot guess
> 2. connect to it with spicec
> 3. connect with a new spicec (previous one gets disconnected)
> 4. go to step 3
> 
> Can you confirm which steps you use to reproduce the bug?
> 
> > 
> > > How much time do you leave the guest running? Have you tried with other guest
> > > images? (plain rhel6, nothing custom for testing for example)
> > didn't tried rhel6,if need ,will test (but , with / without xorg-x11-qxl ?)
> 
> What is running in your guest for the case that fail?
Nothing, just boot / reboot  the guest
> 
> Sorry, but I need more details as I can't reproduce the crash.

I am trying reproduce as well , >_< but didn't success.
Comment 6 David Blechter 2011-09-23 14:09:39 UTC 
expect the reporter taking the next step and close this bug.
Comment 7 David Blechter 2011-09-23 17:54:10 UTC 
close the bug based on comments 2, 4 and 5.
Please, fill free to re-open this bug, if the problem comes back. 
Please, provide as much info as possible in order to help developers in reproducing and fixing the defect