QEMU

qemu segfaults after spice update with bochs-display

Bug #1837218 reported by post-factum
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
QEMU
Fix Released
Undecided
Unassigned

Bug Description

Description:

qemu segfaults after latest spice update with bochs-display. Downgrading spice solves the issue. Switching to qxl-vga and/or virtio-gpu also works even with new spice.

Additional info:
* package version(s)

spice 0.14.2-1 (0.14.0 is unaffected)
qemu-headless 4.0.0-3

* config and/or log files etc.

pf@defiant:~ » /mnt/vms/02-archlinux/start.sh
/mnt/vms/02-archlinux/start.sh: line 41: 13501 Segmentation fault (core dumped) qemu-system-x86_64 -name "${NAME}" -display none -spice ipv4,addr=127.0.0.1,port=270${ID},disable-ticketing,disable-copy-paste,disable-agent-file-xfer,agent-mouse=off -serial mon:telnet:127.0.0.1:280${ID},server,nowait,nodelay -gdb tcp::260${ID} -nodefaults -machine q35,accel=kvm -cpu max -smp cores=${CPU},threads=1,sockets=1 -m ${MEM} -drive if=pflash,format=raw,readonly,file="${BIOS}" -drive if=pflash,format=raw,file="${VARS}" -device virtio-rng -device bochs-display -device virtio-keyboard -netdev bridge,id=bridge.0,br=vm0 -device virtio-net,mac=${_MAC}:01,netdev=bridge.0,mq=on,vectors=${_VECTORS} -fsdev local,id="${NAME}",path="${SHARED}",security_model=mapped,writeout=immediate -device virtio-9p-pci,fsdev="${NAME}",mount_tag="shared" -device virtio-scsi,id=scsi,num_queues=${CPU},vectors=${_VECTORS} -device scsi-hd,drive=hd1 -drive if=none,media=disk,id=hd1,file="${DISK1}",format=raw,cache=directsync,discard=unmap,detect-zeroes=unmap -device scsi-hd,drive=hd2 -drive if=none,media=disk,id=hd2,file="${DISK2}",format=raw,cache=directsync,discard=unmap,detect-zeroes=unmap -device scsi-cd,drive=cd1 -drive if=none,media=cdrom,id=cd1,file="${CDROM1}",format=raw,cache=directsync

Steps to reproduce:

Update spice, launch a VM like the above and observe a segfault.

See original description
Revision history for this message
post-factum (post-factum) wrote :

Arc Linux report: https://bugs.archlinux.org/task/63229

description: updated
Revision history for this message
post-factum (post-factum) wrote :

I've built qemu v4.1.0-rc1 with debug symbols, but got no luck in reproducing this.

Revision history for this message
post-factum (post-factum) wrote :

I've also built qemu v4.0.0 with debug info, and the issue is not reproducible with such a build.

Revision history for this message
post-factum (post-factum) wrote :

Stack trace w/o debug symbols:

#0 0x000055b7d9f96a49 address_space_dispatch_free (qemu-system-x86_64)
#1 0x000055b7d9ff1169 n/a (qemu-system-x86_64)
#2 0x000055b7da40126c n/a (qemu-system-x86_64)
#3 0x000055b7da3ef121 n/a (qemu-system-x86_64)
#4 0x00007f257e69e57f start_thread (libpthread.so.0)
#5 0x00007f257e5ce0e3 __clone (libc.so.6)

Revision history for this message
Thomas Huth (th-huth) wrote :

The QEMU project is currently considering to move its bug tracking to another system. For this we need to know which bugs are still valid and which could be closed already. Thus we are setting older bugs to "Incomplete" now.
If you still think this bug report here is valid, then please switch the state back to "New" within the next 60 days, otherwise this report will be marked as "Expired". Or mark it as "Fix Released" if the problem has been solved with a newer version of QEMU already. Thank you and sorry for the inconvenience.

Changed in qemu:
status: New → Incomplete
Revision history for this message
post-factum (post-factum) wrote :

The issue is not experienced any more.

Changed in qemu:
status: Incomplete → Fix Released
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.