Public bug reported: When trying to install windows vista sp2 64bit on a KVM VM, we get consistently a segfault.
Version of qemu affected: Commit hash for git://git.savannah.nongnu.org/qemu.git is d9b73e47a3d596c5b33802597ec5bd91ef3348e2 (no tag found) Backtrace: [r...@virtlab7 qemu]# gdb /usr/local/autotest/tests/kvm/build/bin/qemu-system-x86_64 -c ../core GNU gdb (GDB) Red Hat Enterprise Linux (7.1-24.el6) Copyright (C) 2010 Free Software Foundation, Inc. License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html> This is free software: you are free to change and redistribute it. There is NO WARRANTY, to the extent permitted by law. Type "show copying" and "show warranty" for details. This GDB was configured as "x86_64-redhat-linux-gnu". For bug reporting instructions, please see: <http://www.gnu.org/software/gdb/bugs/>... Reading symbols from /usr/local/autotest/tests/kvm/build/bin/qemu-system-x86_64...done. warning: core file may not match specified executable file. [New Thread 12852] [New Thread 12898] Missing separate debuginfo for Try: yum --disablerepo='*' --enablerepo='*-debuginfo' install /usr/lib/debug/.build-id/da/38811550a55156d7072260d3b89fc8aeb79abf Reading symbols from /lib64/librt-2.12.so...Reading symbols from /usr/lib/debug/lib64/librt-2.12.so.debug...done. done. Loaded symbols for /lib64/librt-2.12.so Reading symbols from /lib64/libpthread-2.12.so...Reading symbols from /usr/lib/debug/lib64/libpthread-2.12.so.debug...done. done. Loaded symbols for /lib64/libpthread-2.12.so Reading symbols from /lib64/libutil-2.12.so...Reading symbols from /usr/lib/debug/lib64/libutil-2.12.so.debug...done. done. Loaded symbols for /lib64/libutil-2.12.so Reading symbols from /lib64/libncurses.so.5...(no debugging symbols found)...done. Loaded symbols for /lib64/libncurses.so.5 Reading symbols from /usr/lib64/libsasl2.so.2...(no debugging symbols found)...done. Loaded symbols for /usr/lib64/libsasl2.so.2 Reading symbols from /usr/lib64/libSDL-1.2.so.0...(no debugging symbols found)...done. Loaded symbols for /usr/lib64/libSDL-1.2.so.0 Reading symbols from /usr/lib64/libX11.so.6...(no debugging symbols found)...done. Loaded symbols for /usr/lib64/libX11.so.6 Reading symbols from /lib64/libm-2.12.so...Reading symbols from /usr/lib/debug/lib64/libm-2.12.so.debug...done. done. Loaded symbols for /lib64/libm-2.12.so Reading symbols from /lib64/libz.so.1...(no debugging symbols found)...done. Loaded symbols for /lib64/libz.so.1 Reading symbols from /lib64/libc-2.12.so...Reading symbols from /usr/lib/debug/lib64/libc-2.12.so.debug...done. done. Loaded symbols for /lib64/libc-2.12.so Reading symbols from /lib64/libtinfo.so.5...(no debugging symbols found)...done. Loaded symbols for /lib64/libtinfo.so.5 Reading symbols from /lib64/ld-2.12.so...Reading symbols from /usr/lib/debug/lib64/ld-2.12.so.debug...done. done. Loaded symbols for /lib64/ld-2.12.so Reading symbols from /lib64/libdl-2.12.so...Reading symbols from /usr/lib/debug/lib64/libdl-2.12.so.debug...done. done. Loaded symbols for /lib64/libdl-2.12.so Reading symbols from /lib64/libresolv-2.12.so...Reading symbols from /usr/lib/debug/lib64/libresolv-2.12.so.debug...done. done. Loaded symbols for /lib64/libresolv-2.12.so Reading symbols from /lib64/libcrypt-2.12.so...Reading symbols from /usr/lib/debug/lib64/libcrypt-2.12.so.debug...done. done. Loaded symbols for /lib64/libcrypt-2.12.so Reading symbols from /usr/lib64/libxcb.so.1...(no debugging symbols found)...done. Loaded symbols for /usr/lib64/libxcb.so.1 Reading symbols from /lib64/libfreebl3.so...(no debugging symbols found)...done. Loaded symbols for /lib64/libfreebl3.so Reading symbols from /usr/lib64/libXau.so.6...(no debugging symbols found)...done. Loaded symbols for /usr/lib64/libXau.so.6 Reading symbols from /usr/lib64/sasl2/libcrammd5.so...(no debugging symbols found)...done. Loaded symbols for /usr/lib64/sasl2/libcrammd5.so Reading symbols from /usr/lib64/sasl2/libsasldb.so...(no debugging symbols found)...done. Loaded symbols for /usr/lib64/sasl2/libsasldb.so Reading symbols from /lib64/libdb-4.7.so...(no debugging symbols found)...done. Loaded symbols for /lib64/libdb-4.7.so Reading symbols from /usr/lib64/sasl2/liblogin.so...(no debugging symbols found)...done. Loaded symbols for /usr/lib64/sasl2/liblogin.so Reading symbols from /usr/lib64/sasl2/libplain.so...(no debugging symbols found)...done. Loaded symbols for /usr/lib64/sasl2/libplain.so Reading symbols from /usr/lib64/sasl2/libdigestmd5.so...(no debugging symbols found)...done. Loaded symbols for /usr/lib64/sasl2/libdigestmd5.so Reading symbols from /usr/lib64/libcrypto.so.10...(no debugging symbols found)...done. Loaded symbols for /usr/lib64/libcrypto.so.10 Reading symbols from /usr/lib64/sasl2/libanonymous.so...(no debugging symbols found)...done. Loaded symbols for /usr/lib64/sasl2/libanonymous.so Core was generated by `/usr/local/autotest/tests/kvm/qemu -name vm1 -monitor unix:/tmp/monitor-2010060'. Program terminated with signal 11, Segmentation fault. #0 tcp_close (tp=0x2aaae40) at slirp/tcp_subr.c:241 warning: Source file is more recent than executable. 241 Slirp *slirp = so->slirp; Missing separate debuginfos, use: debuginfo-install SDL-1.2.14-1.el6.x86_64 cyrus-sasl-lib-2.1.23-8.el6.x86_64 cyrus-sasl-md5-2.1.23-8.el6.x86_64 cyrus-sasl-plain-2.1.23-8.el6.x86_64 db4-4.7.25-15.el6.x86_64 libX11-1.3-1.el6.x86_64 libXau-1.0.5-1.el6.x86_64 libxcb-1.5-1.el6.x86_64 ncurses-libs-5.7-3.20090208.el6.x86_64 nss-softokn-freebl-3.12.4-17.el6.x86_64 openssl-1.0.0-2.el6.x86_64 zlib-1.2.3-25.el6.x86_64 (gdb) bt full #0 tcp_close (tp=0x2aaae40) at slirp/tcp_subr.c:241 t = <value optimized out> so = 0xffffff9702a9bf40 slirp = <value optimized out> m = <value optimized out> #1 0x00000000004af3cb in tcp_timers (slirp=0x24d0d50) at slirp/tcp_timer.c:287 rexmt = <value optimized out> #2 tcp_slowtimo (slirp=0x24d0d50) at slirp/tcp_timer.c:88 ip = 0x2a9bf40 ipnxt = 0x24d1490 tp = 0x2aaae40 i = <value optimized out> #3 0x00000000004a8210 in slirp_select_poll (readfds=0x7fff6a02ec40, writefds=0x7fff6a02ebc0, xfds=0x7fff6a02eb40, select_error=0) at slirp/slirp.c:407 slirp = 0x24d0d50 so = <value optimized out> so_next = <value optimized out> ret = 32672 #4 0x000000000055150c in main_loop_wait (nonblocking=<value optimized out>) at /usr/local/autotest/tests/kvm/src/kvm_userspace/vl.c:1922 ioh = 0x0 rfds = {fds_bits = {134217728, 0 <repeats 15 times>}} wfds = {fds_bits = {0 <repeats 16 times>}} xfds = {fds_bits = {0 <repeats 16 times>}} ret = 1 nfds = 42 tv = {tv_sec = 0, tv_usec = 0} timeout = 0 #5 0x0000000000553615 in main_loop (argc=<value optimized out>, argv=<value optimized out>, envp=<value optimized out>) at /usr/local/autotest/tests/kvm/src/kvm_userspace/vl.c:1965 nonblocking = <value optimized out> r = <value optimized out> #6 main (argc=<value optimized out>, argv=<value optimized out>, envp=<value optimized out>) at /usr/local/autotest/tests/kvm/src/kvm_userspace/vl.c:3899 gdbstub_dev = 0x0 i = <value optimized out> snapshot = 0 linux_boot = 0 icount_option = 0x0 initrd_filename = 0x0 kernel_filename = 0x0 kernel_cmdline = 0x5e4622 "" boot_devices = "d\000d", '\000' <repeats 29 times> ds = <value optimized out> dcl = <value optimized out> cyls = 0 heads = 0 secs = 0 translation = 0 hda_opts = <value optimized out> opts = <value optimized out> optind = 30 optarg = 0x0 loadvm = 0x0 machine = <value optimized out> cpu_model = 0x0 fds = {910294968, 55} tb_size = 0 pid_file = 0x0 incoming = 0x0 ---Type <return> to continue, or q <return> to quit--- fd = 0 pwd = <value optimized out> chroot_dir = 0x0 run_as = 0x0 defconfig = <value optimized out> What was trying to be accomplished - install of windows vista sp2 64 bit on VM. 11:48:57 DEBUG| Running qemu command: /usr/local/autotest/tests/kvm/qemu -name 'vm1' -monitor unix:/tmp/monitor-20100602-114857-sANg,server,nowait -drive file=/tmp/kvm_autotest_root/images/winvistasp2-64.qcow2,if=ide -net nic,vlan=0,model=e1000,macaddr=52:54:00:12:34:56 -net user,vlan=0 -m 1024 -smp 1 -drive file=/tmp/kvm_autotest_root/isos/windows/en_windows_vista_sp2_x64_dvd_342267.iso,index=2,media=cdrom -drive file=/tmp/kvm_autotest_root/isos/windows/winutils.iso,index=3,media=cdrom -fda /usr/local/autotest/tests/kvm/images/winvista-sp2-64/floppy.img -redir tcp:5000::22 -redir tcp:5001::12323 -vnc :0 -boot d -enable-kvm 11:48:58 DEBUG| Sending monitor command: help 11:48:58 DEBUG| VM appears to be alive with PID 12850 11:48:58 DEBUG| Sending monitor command: screendump /usr/local/autotest/results/default/kvm.qemu-git.WinVista.64sp2.e1000.unattended_install/debug/pre_vm1.ppm 11:49:00 DEBUG| Starting screendump thread 11:49:00 DEBUG| Sending monitor command: help 11:49:01 INFO | Starting unattended install watch process. Timeout set to 14400s (240 min) 13:17:37 DEBUG| Could not find (qemu) prompt; output so far: 13:17:37 WARNI| VM 'vm1' failed to produce a screendump 13:18:02 DEBUG| Could not find (qemu) prompt; output so far: 13:18:03 WARNI| VM 'vm1' failed to produce a screendump 13:18:03 DEBUG| (qemu) /bin/sh: line 1: 12852 Segmentation fault (core dumped) /usr/local/autotest/tests/kvm/qemu -name 'vm1' -monitor unix:/tmp/monitor-20100602-114857-sANg,server,nowait -drive file=/tmp/kvm_autotest_root/images/winvistasp2-64.qcow2,if=ide -net nic,vlan=0,model=e1000,macaddr=52:54:00:12:34:56 -net user,vlan=0 -m 1024 -smp 1 -drive file=/tmp/kvm_autotest_root/isos/windows/en_windows_vista_sp2_x64_dvd_342267.iso,index=2,media=cdrom -drive file=/tmp/kvm_autotest_root/isos/windows/winutils.iso,index=3,media=cdrom -fda /usr/local/autotest/tests/kvm/images/winvista-sp2-64/floppy.img -redir tcp:5000::22 -redir tcp:5001::12323 -vnc :0 -boot d -enable-kvm 13:18:03 DEBUG| (qemu) (Process terminated with status 139) What KVM autotest does: 1) starts qemu with the -cdrom option and starts a windows unattended install 2) The unattended install starts and goes until the end 3) In the end, a program tells kvm autotest that the test ended All this was run using user space networking. Attached, a screenshot from the VM seconds before the crash - the winvista install was on its final stage. I can provide the core file (compressed size, 318MB), which together with the commit hash info should be enough for debugging. Some effort on debugging the failure was made, but so far we haven't found the root cause. ** Affects: qemu Importance: Undecided Status: New -- qemu segfaults when trying to install winvista64 sp2 64 bit on VM https://bugs.launchpad.net/bugs/588955 You received this bug notification because you are a member of qemu- devel-ml, which is subscribed to QEMU. Status in QEMU: New Bug description: When trying to install windows vista sp2 64bit on a KVM VM, we get consistently a segfault. Version of qemu affected: Commit hash for git://git.savannah.nongnu.org/qemu.git is d9b73e47a3d596c5b33802597ec5bd91ef3348e2 (no tag found) Backtrace: [r...@virtlab7 qemu]# gdb /usr/local/autotest/tests/kvm/build/bin/qemu-system-x86_64 -c ../core GNU gdb (GDB) Red Hat Enterprise Linux (7.1-24.el6) Copyright (C) 2010 Free Software Foundation, Inc. License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html> This is free software: you are free to change and redistribute it. There is NO WARRANTY, to the extent permitted by law. Type "show copying" and "show warranty" for details. This GDB was configured as "x86_64-redhat-linux-gnu". For bug reporting instructions, please see: <http://www.gnu.org/software/gdb/bugs/>... Reading symbols from /usr/local/autotest/tests/kvm/build/bin/qemu-system-x86_64...done. warning: core file may not match specified executable file. [New Thread 12852] [New Thread 12898] Missing separate debuginfo for Try: yum --disablerepo='*' --enablerepo='*-debuginfo' install /usr/lib/debug/.build-id/da/38811550a55156d7072260d3b89fc8aeb79abf Reading symbols from /lib64/librt-2.12.so...Reading symbols from /usr/lib/debug/lib64/librt-2.12.so.debug...done. done. Loaded symbols for /lib64/librt-2.12.so Reading symbols from /lib64/libpthread-2.12.so...Reading symbols from /usr/lib/debug/lib64/libpthread-2.12.so.debug...done. done. Loaded symbols for /lib64/libpthread-2.12.so Reading symbols from /lib64/libutil-2.12.so...Reading symbols from /usr/lib/debug/lib64/libutil-2.12.so.debug...done. done. Loaded symbols for /lib64/libutil-2.12.so Reading symbols from /lib64/libncurses.so.5...(no debugging symbols found)...done. Loaded symbols for /lib64/libncurses.so.5 Reading symbols from /usr/lib64/libsasl2.so.2...(no debugging symbols found)...done. Loaded symbols for /usr/lib64/libsasl2.so.2 Reading symbols from /usr/lib64/libSDL-1.2.so.0...(no debugging symbols found)...done. Loaded symbols for /usr/lib64/libSDL-1.2.so.0 Reading symbols from /usr/lib64/libX11.so.6...(no debugging symbols found)...done. Loaded symbols for /usr/lib64/libX11.so.6 Reading symbols from /lib64/libm-2.12.so...Reading symbols from /usr/lib/debug/lib64/libm-2.12.so.debug...done. done. Loaded symbols for /lib64/libm-2.12.so Reading symbols from /lib64/libz.so.1...(no debugging symbols found)...done. Loaded symbols for /lib64/libz.so.1 Reading symbols from /lib64/libc-2.12.so...Reading symbols from /usr/lib/debug/lib64/libc-2.12.so.debug...done. done. Loaded symbols for /lib64/libc-2.12.so Reading symbols from /lib64/libtinfo.so.5...(no debugging symbols found)...done. Loaded symbols for /lib64/libtinfo.so.5 Reading symbols from /lib64/ld-2.12.so...Reading symbols from /usr/lib/debug/lib64/ld-2.12.so.debug...done. done. Loaded symbols for /lib64/ld-2.12.so Reading symbols from /lib64/libdl-2.12.so...Reading symbols from /usr/lib/debug/lib64/libdl-2.12.so.debug...done. done. Loaded symbols for /lib64/libdl-2.12.so Reading symbols from /lib64/libresolv-2.12.so...Reading symbols from /usr/lib/debug/lib64/libresolv-2.12.so.debug...done. done. Loaded symbols for /lib64/libresolv-2.12.so Reading symbols from /lib64/libcrypt-2.12.so...Reading symbols from /usr/lib/debug/lib64/libcrypt-2.12.so.debug...done. done. Loaded symbols for /lib64/libcrypt-2.12.so Reading symbols from /usr/lib64/libxcb.so.1...(no debugging symbols found)...done. Loaded symbols for /usr/lib64/libxcb.so.1 Reading symbols from /lib64/libfreebl3.so...(no debugging symbols found)...done. Loaded symbols for /lib64/libfreebl3.so Reading symbols from /usr/lib64/libXau.so.6...(no debugging symbols found)...done. Loaded symbols for /usr/lib64/libXau.so.6 Reading symbols from /usr/lib64/sasl2/libcrammd5.so...(no debugging symbols found)...done. Loaded symbols for /usr/lib64/sasl2/libcrammd5.so Reading symbols from /usr/lib64/sasl2/libsasldb.so...(no debugging symbols found)...done. Loaded symbols for /usr/lib64/sasl2/libsasldb.so Reading symbols from /lib64/libdb-4.7.so...(no debugging symbols found)...done. Loaded symbols for /lib64/libdb-4.7.so Reading symbols from /usr/lib64/sasl2/liblogin.so...(no debugging symbols found)...done. Loaded symbols for /usr/lib64/sasl2/liblogin.so Reading symbols from /usr/lib64/sasl2/libplain.so...(no debugging symbols found)...done. Loaded symbols for /usr/lib64/sasl2/libplain.so Reading symbols from /usr/lib64/sasl2/libdigestmd5.so...(no debugging symbols found)...done. Loaded symbols for /usr/lib64/sasl2/libdigestmd5.so Reading symbols from /usr/lib64/libcrypto.so.10...(no debugging symbols found)...done. Loaded symbols for /usr/lib64/libcrypto.so.10 Reading symbols from /usr/lib64/sasl2/libanonymous.so...(no debugging symbols found)...done. Loaded symbols for /usr/lib64/sasl2/libanonymous.so Core was generated by `/usr/local/autotest/tests/kvm/qemu -name vm1 -monitor unix:/tmp/monitor-2010060'. Program terminated with signal 11, Segmentation fault. #0 tcp_close (tp=0x2aaae40) at slirp/tcp_subr.c:241 warning: Source file is more recent than executable. 241 Slirp *slirp = so->slirp; Missing separate debuginfos, use: debuginfo-install SDL-1.2.14-1.el6.x86_64 cyrus-sasl-lib-2.1.23-8.el6.x86_64 cyrus-sasl-md5-2.1.23-8.el6.x86_64 cyrus-sasl-plain-2.1.23-8.el6.x86_64 db4-4.7.25-15.el6.x86_64 libX11-1.3-1.el6.x86_64 libXau-1.0.5-1.el6.x86_64 libxcb-1.5-1.el6.x86_64 ncurses-libs-5.7-3.20090208.el6.x86_64 nss-softokn-freebl-3.12.4-17.el6.x86_64 openssl-1.0.0-2.el6.x86_64 zlib-1.2.3-25.el6.x86_64 (gdb) bt full #0 tcp_close (tp=0x2aaae40) at slirp/tcp_subr.c:241 t = <value optimized out> so = 0xffffff9702a9bf40 slirp = <value optimized out> m = <value optimized out> #1 0x00000000004af3cb in tcp_timers (slirp=0x24d0d50) at slirp/tcp_timer.c:287 rexmt = <value optimized out> #2 tcp_slowtimo (slirp=0x24d0d50) at slirp/tcp_timer.c:88 ip = 0x2a9bf40 ipnxt = 0x24d1490 tp = 0x2aaae40 i = <value optimized out> #3 0x00000000004a8210 in slirp_select_poll (readfds=0x7fff6a02ec40, writefds=0x7fff6a02ebc0, xfds=0x7fff6a02eb40, select_error=0) at slirp/slirp.c:407 slirp = 0x24d0d50 so = <value optimized out> so_next = <value optimized out> ret = 32672 #4 0x000000000055150c in main_loop_wait (nonblocking=<value optimized out>) at /usr/local/autotest/tests/kvm/src/kvm_userspace/vl.c:1922 ioh = 0x0 rfds = {fds_bits = {134217728, 0 <repeats 15 times>}} wfds = {fds_bits = {0 <repeats 16 times>}} xfds = {fds_bits = {0 <repeats 16 times>}} ret = 1 nfds = 42 tv = {tv_sec = 0, tv_usec = 0} timeout = 0 #5 0x0000000000553615 in main_loop (argc=<value optimized out>, argv=<value optimized out>, envp=<value optimized out>) at /usr/local/autotest/tests/kvm/src/kvm_userspace/vl.c:1965 nonblocking = <value optimized out> r = <value optimized out> #6 main (argc=<value optimized out>, argv=<value optimized out>, envp=<value optimized out>) at /usr/local/autotest/tests/kvm/src/kvm_userspace/vl.c:3899 gdbstub_dev = 0x0 i = <value optimized out> snapshot = 0 linux_boot = 0 icount_option = 0x0 initrd_filename = 0x0 kernel_filename = 0x0 kernel_cmdline = 0x5e4622 "" boot_devices = "d\000d", '\000' <repeats 29 times> ds = <value optimized out> dcl = <value optimized out> cyls = 0 heads = 0 secs = 0 translation = 0 hda_opts = <value optimized out> opts = <value optimized out> optind = 30 optarg = 0x0 loadvm = 0x0 machine = <value optimized out> cpu_model = 0x0 fds = {910294968, 55} tb_size = 0 pid_file = 0x0 incoming = 0x0 ---Type <return> to continue, or q <return> to quit--- fd = 0 pwd = <value optimized out> chroot_dir = 0x0 run_as = 0x0 defconfig = <value optimized out> What was trying to be accomplished - install of windows vista sp2 64 bit on VM. 11:48:57 DEBUG| Running qemu command: /usr/local/autotest/tests/kvm/qemu -name 'vm1' -monitor unix:/tmp/monitor-20100602-114857-sANg,server,nowait -drive file=/tmp/kvm_autotest_root/images/winvistasp2-64.qcow2,if=ide -net nic,vlan=0,model=e1000,macaddr=52:54:00:12:34:56 -net user,vlan=0 -m 1024 -smp 1 -drive file=/tmp/kvm_autotest_root/isos/windows/en_windows_vista_sp2_x64_dvd_342267.iso,index=2,media=cdrom -drive file=/tmp/kvm_autotest_root/isos/windows/winutils.iso,index=3,media=cdrom -fda /usr/local/autotest/tests/kvm/images/winvista-sp2-64/floppy.img -redir tcp:5000::22 -redir tcp:5001::12323 -vnc :0 -boot d -enable-kvm 11:48:58 DEBUG| Sending monitor command: help 11:48:58 DEBUG| VM appears to be alive with PID 12850 11:48:58 DEBUG| Sending monitor command: screendump /usr/local/autotest/results/default/kvm.qemu-git.WinVista.64sp2.e1000.unattended_install/debug/pre_vm1.ppm 11:49:00 DEBUG| Starting screendump thread 11:49:00 DEBUG| Sending monitor command: help 11:49:01 INFO | Starting unattended install watch process. Timeout set to 14400s (240 min) 13:17:37 DEBUG| Could not find (qemu) prompt; output so far: 13:17:37 WARNI| VM 'vm1' failed to produce a screendump 13:18:02 DEBUG| Could not find (qemu) prompt; output so far: 13:18:03 WARNI| VM 'vm1' failed to produce a screendump 13:18:03 DEBUG| (qemu) /bin/sh: line 1: 12852 Segmentation fault (core dumped) /usr/local/autotest/tests/kvm/qemu -name 'vm1' -monitor unix:/tmp/monitor-20100602-114857-sANg,server,nowait -drive file=/tmp/kvm_autotest_root/images/winvistasp2-64.qcow2,if=ide -net nic,vlan=0,model=e1000,macaddr=52:54:00:12:34:56 -net user,vlan=0 -m 1024 -smp 1 -drive file=/tmp/kvm_autotest_root/isos/windows/en_windows_vista_sp2_x64_dvd_342267.iso,index=2,media=cdrom -drive file=/tmp/kvm_autotest_root/isos/windows/winutils.iso,index=3,media=cdrom -fda /usr/local/autotest/tests/kvm/images/winvista-sp2-64/floppy.img -redir tcp:5000::22 -redir tcp:5001::12323 -vnc :0 -boot d -enable-kvm 13:18:03 DEBUG| (qemu) (Process terminated with status 139) What KVM autotest does: 1) starts qemu with the -cdrom option and starts a windows unattended install 2) The unattended install starts and goes until the end 3) In the end, a program tells kvm autotest that the test ended All this was run using user space networking. Attached, a screenshot from the VM seconds before the crash - the winvista install was on its final stage. I can provide the core file (compressed size, 318MB), which together with the commit hash info should be enough for debugging. Some effort on debugging the failure was made, but so far we haven't found the root cause.