This is not really a F18 bug, as it affects qemu git only, but i found it while working on bug 867366. I have a win7 guest and it always crashes when i restore it from a file like "-incoming "exec:gzip -c -d data.gz" I bisected the bug to http://git.qemu.org/?p=qemu.git;a=commit;h=d22b096ef6e0b20810193b68a1d472f3fb8a4f9e And the crash is: #0 0x00007ffff383cba5 in __GI_raise (sig=sig@entry=6) at ../nptl/sysdeps/unix/sysv/linux/raise.c:63 #1 0x00007ffff383e358 in __GI_abort () at abort.c:90 #2 0x00005555557aab50 in kvm_mem_ioeventfd_add (listener=<optimized out>, section=0x7fffffffd0a0, match_data=true, data=0, e=<optimized out>) at /vcs/spice/qemu/kvm-all.c:775 #3 0x00005555557ae1a6 in address_space_add_del_ioeventfds (fds_old_nb=0, fds_old=0x0, fds_new_nb=1, fds_new=0x5555568ea0d0, as=<optimized out>) at /vcs/spice/qemu/memory.c:616 #4 address_space_update_ioeventfds (as=0x55555642bbc0 <address_space_io>) at /vcs/spice/qemu/memory.c:649 #5 address_space_update_topology (as=as@entry=0x55555642bbc0 <address_space_io>) at /vcs/spice/qemu/memory.c:730 #6 0x00005555557ae68a in memory_region_transaction_commit () at /vcs/spice/qemu/memory.c:750 #7 0x00005555556d2943 in virtio_pci_set_host_notifier_internal (proxy=proxy@entry=0x555556988250, n=n@entry=0, assign=assign@entry=true, set_handler=set_handler@entry= true) at hw/virtio-pci.c:178 #8 0x00005555556d3453 in virtio_pci_start_ioeventfd (proxy=<optimized out>) at hw/virtio-pci.c:204 #9 virtio_pci_start_ioeventfd (proxy=0x555556988250) at hw/virtio-pci.c:189 #10 0x00005555557a4fba in virtio_vmstate_change (opaque=0x555556989bf0, running=<optimized out>, state=<optimized out>) at /vcs/spice/qemu/hw/virtio.c:896 #11 0x0000555555755650 in vm_state_notify (state=RUN_STATE_RUNNING, running=1) at vl.c:1325 #12 vm_start () at vl.c:1334 #13 0x00005555556e3885 in process_incoming_migration (f=f@entry=0x555556a08ec0) at migration.c:103 #14 0x00005555556e2580 in exec_accept_incoming_migration (opaque=0x555556a08ec0) at migration-exec.c:100 #15 0x00005555556d9267 in qemu_iohandler_poll (readfds=readfds@entry=0x555556003160 <rfds>, writefds=writefds@entry=0x5555560031e0 <wfds>, xfds=xfds@entry= 0x555556003260 <xfds>, ret=ret@entry=1) at iohandler.c:124 #16 0x00005555556e2461 in main_loop_wait (nonblocking=<optimized out>) at main-loop.c:497 #17 0x00005555555cbf2b in main_loop () at vl.c:1652 #18 main (argc=<optimized out>, argv=<optimized out>, envp=<optimized out>) at vl.c:3782 kvm_mem_ioeventfd_add calls kvm_set_ioeventfd_mmio which calls kvm_vm_ioctl which returns EEXIST, which leads to the abort. The exact command line was: x86_64-softmmu/qemu-system-x86_64 --enable-kvm -m 2G -smp 4 -name win7 -uuid 88406e09-8378-4879-89a7-c99f35855ffd -monitor stdio -rtc base=localtime,driftfix=slew -drive file=/home/alex/.local/share/gnome-boxes/images/win7-2.img,if=none,id=drive-test,format=qcow2,cache=none,werror=stop,rerror=stop -device ide-drive,drive=drive-test,id=test -vga std -device virtio-serial-pci,id=virtio-serial0 -chardev socket,id=chardev0,path=/tmp/guestfs,server,nowait -device virtserialport,id=port0,name=org.windows-kvm.port.1,chardev=chardev0 -incoming "exec:gzip -c -d data.gz"
Hi Alex, If you're working off git, and can still reproduce with current upstream, please either fire off an email to qemu-devel, or file a bug in qemu's upstream bug tracker: https://bugs.launchpad.net/qemu/+filebug The audience here is much smaller, you'll have better luck going through upstream channels.