I'm tracking this bug here: https://bugzilla.redhat.com/show_bug.cgi?id=853408
Does anyone recognize this segfault on shutdown when using either a console or a virtio-serial char device? It's only caught in Fedora because we compile with 'fortify source' so the attempt to modify a negative offset in an fdset is caught. Probably it just overwrites a random bit of memory for everyone else. (gdb) frame 6 #6 0x00007f173d3d373d in qemu_iohandler_poll (readfds=readfds@entry= 0x7f173dd97b60 <rfds>, writefds=writefds@entry=0x7f173dd97be0 <wfds>, xfds=xfds@entry=0x7f173dd97c60 <xfds>, ret=ret@entry=1) at iohandler.c:156 156 if (!ioh->deleted && ioh->fd_read && FD_ISSET(ioh->fd, readfds)) { (gdb) print *ioh $1 = { fd_read_poll = 0x7f173d49a7f0 <tcp_chr_read_poll>, fd_read = 0x7f173d49be30 <tcp_chr_read>, fd_write = 0x0, opaque = 0x7f173fe3a380, next = { le_next = 0x7f1728003310, le_prev = 0x7f173dd96a70 <io_handlers> }, fd = -1, deleted = false } Rich. -- Richard Jones, Virtualization Group, Red Hat http://people.redhat.com/~rjones virt-top is 'top' for virtual machines. Tiny program with many powerful monitoring features, net stats, disk stats, logging, etc. http://et.redhat.com/~rjones/virt-top