Note: This is a beta release of Red Hat Bugzilla 5.0. The data contained within is a snapshot of the live data so any changes you make will not be reflected in the production Bugzilla. Also email is disabled so feel free to test any aspect of the site that you want. File any problems you find or give feedback here.
Bug 1372192 - spice: dead-lock when 'quit'
Summary: spice: dead-lock when 'quit'
Alias: None
Product: Red Hat Enterprise Linux 7
Classification: Red Hat
Component: qemu-kvm-rhev
Version: 7.3
Hardware: x86_64
OS: Linux
Target Milestone: rc
: ---
Assignee: Marc-Andre Lureau
QA Contact: Guo, Zhiyi
Depends On: 1355704
TreeView+ depends on / blocked
Reported: 2016-09-01 07:05 UTC by Marcel Kolaja
Modified: 2018-02-08 11:05 UTC (History)
13 users (show)

Fixed In Version: qemu-kvm-rhev-2.3.0-31.el7_2.24
Doc Type: Bug Fix
Doc Text:
Previously, attempting to shut down a guest virtual machine that was using SPICE audio caused the guest to enter a deadlock state. This update improves the ordering of clean-up actions when exiting a guest, and guests using SPICE audio now shut down correctly.
Clone Of: 1355704
Last Closed:
Target Upstream Version:

Attachments (Terms of Use)

Description Marcel Kolaja 2016-09-01 07:05:09 UTC
This bug has been copied from bug #1355704 and has been proposed
to be backported to 7.2 z-stream (EUS).

Comment 3 Marc-Andre Lureau 2016-11-18 14:41:43 UTC
Hang reproducible with similar instructions to parent bug:
run a VM with spice+audio, connect a spice client, and shutdown the VM.

(gdb) bt
#0  0x00007ffff6bbaafd in __lll_lock_wait () at ../sysdeps/unix/sysv/linux/x86_64/lowlevellock.S:135
#1  0x00007ffff6bb4a0d in __GI___pthread_mutex_lock (mutex=0x555556348f60) at ../nptl/pthread_mutex_lock.c:80
#2  0x0000555555993382 in qemu_mutex_lock (mutex=0x555556348f60) at util/qemu-thread-posix.c:73
#3  0x000055555572ac0d in qemu_chr_fe_write (s=0x555556348f60, buf=0x55555634a200 "{\"timestamp\": {\"seconds\": 1479479972, \"microseconds\": 207986}, \"event\": \"SPICE_DISCONNECTED\", \"data\": {\"server\": {\"port\": \"5910\", \"family\": \"ipv4\", \"host\": \"\"}, \"client\": {\"port\": \"39712\", \"f"..., len=240) at qemu-char.c:219
#4  0x0000555555621eed in monitor_flush_locked (mon=0x5555564de7f0) at /home/elmarco/src/qemu/monitor.c:308
#5  0x0000555555622086 in monitor_puts (mon=0x5555564de7f0, str=0x55555634869f "") at /home/elmarco/src/qemu/monitor.c:350
#6  0x000055555562239f in monitor_json_emitter (mon=0x5555564de7f0, data=0x5555564e6c00) at /home/elmarco/src/qemu/monitor.c:416
#7  0x00005555556225b7 in monitor_qapi_event_emit (event=QAPI_EVENT_SPICE_DISCONNECTED, data=0x5555564e6c00) at /home/elmarco/src/qemu/monitor.c:478
#8  0x000055555562268d in monitor_qapi_event_queue (event=QAPI_EVENT_SPICE_DISCONNECTED, data=0x5555564e6c00, errp=0x7fffffffd308) at /home/elmarco/src/qemu/monitor.c:504
#9  0x0000555555983993 in qapi_event_send_spice_disconnected (server=0x5555575907f0, client=0x555556c63580, errp=0x5555562b3ae8 <error_abort>) at qapi-event.c:1270
#10 0x00005555558be1e5 in channel_event (event=3, info=0x555556c61550) at ui/spice-core.c:244
#11 0x00007fffdb9e793a in reds_handle_channel_event (reds=<optimized out>, event=event@entry=3, info=info@entry=0x555556c61550) at reds.c:325
#12 0x00007fffdb9cfed3 in main_dispatcher_channel_event (info=0x555556c61550, event=3, self=0x555556357880 [MainDispatcher]) at main-dispatcher.c:175
#13 0x00007fffdb9cfed3 in main_dispatcher_channel_event (self=0x555556357880 [MainDispatcher], event=event@entry=3, info=0x555556c61550) at main-dispatcher.c:194
#14 0x00007fffdb9f0176 in reds_stream_push_channel_event (s=s@entry=0x555557d97e30, event=event@entry=3) at reds-stream.c:354
#15 0x00007fffdb9f01ab in reds_stream_free (s=0x555557d97e30) at reds-stream.c:323
#16 0x00007fffdb9f9783 in snd_disconnect_channel (channel=0x5555583229d0) at sound.c:229
#17 0x00007fffdb9f9da6 in snd_detach_common (worker=0x555556fff6d0) at sound.c:1589
#18 0x00007fffdb9fcba1 in snd_detach_playback (sin=sin@entry=0x555556fff688) at sound.c:1602
#19 0x00007fffdb9eb7d8 in spice_server_remove_interface (sin=0x555556fff688) at reds.c:3405
#20 0x00005555557678e4 in line_out_fini (hw=0x555556fff600) at audio/spiceaudio.c:148
#21 0x00005555557614af in audio_atexit () at audio/audio.c:1787
#22 0x00007fffda94b258 in __run_exit_handlers (status=0, listp=0x7fffdacce5d8 <__exit_funcs>, run_list_atexit=run_list_atexit@entry=true) at exit.c:82
#23 0x00007fffda94b2a5 in __GI_exit (status=<optimized out>) at exit.c:104
#24 0x00007fffda932738 in __libc_start_main (main=0x55555573beb3 <main>, argc=20, argv=0x7fffffffd668, init=<optimized out>, fini=<optimized out>, rtld_fini=<optimized out>, stack_end=0x7fffffffd658) at ../csu/libc-start.c:323
#25 0x00005555555ec309 in _start ()

Comment 4 Miroslav Rezanina 2016-12-01 10:32:57 UTC
Fix included in qemu-kvm-rhev-2.3.0-31.el7_2.24

Comment 6 Guo, Zhiyi 2016-12-09 07:30:17 UTC
Hi Marc,

Test against rhel7.2.z guest & host with kernel kernel-3.10.0-327.44.2.el7.x86_64 and buggy qemu-kvm-rhev-2.3.0-31.el7_2.23.x86_64, qemu will hang after executing quit from qmp, following steps from
I give 10 trials and no qemu core dump happen.

Test against fixed qemu-kvm-rhev-2.3.0-31.el7_2.24.x86_64 and same steps, qemu can quit normally.
Did this phenomenon lead to bug fixed?

Guo, Zhiyi

Comment 7 Marc-Andre Lureau 2016-12-09 08:27:11 UTC
(In reply to Guo, Zhiyi from comment #6)
> Test against fixed qemu-kvm-rhev-2.3.0-31.el7_2.24.x86_64 and same steps,
> qemu can quit normally.
> Did this phenomenon lead to bug fixed?

yes (as said in comment 3, it is a hang fix)


Comment 8 Guo, Zhiyi 2016-12-09 08:29:02 UTC
Per comment 6-7, mark as verified

Note You need to log in before you can comment on or make changes to this bug.