[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Qemu-devel] Bug: QEMU segfault within vnc
From: |
Anthony PERARD |
Subject: |
[Qemu-devel] Bug: QEMU segfault within vnc |
Date: |
Tue, 24 Nov 2015 17:36:40 +0000 |
User-agent: |
Mutt/1.5.24 (2015-08-30) |
Hi,
QEMU segfault while running a Xen guest, the guest is a WinXP.
To reproduce, I start the guest, I don't connect to vnc, and after
about 2min, QEMU segv. I think it's around the time it take for windows to
boot and reach the desktop.
The first commit where this happen is:
vnc: fix local state init
2e0c90af0a33451498d333d72c06e5429c7cd168
The backtrace associated with this commit:
#0 0x00007f8be2035680 in pixman_image_get_width () from
/usr/lib/libpixman-1.so.0
#1 0x00005576b9cd1fc7 in vnc_refresh_server_surface (vd=0x7f8be2dd9010) at
ui/vnc.c:2873
#2 0x00005576b9ccd413 in vnc_dpy_copy (dcl=0x7f8be2dd9048, src_x=116,
src_y=379, dst_x=116, dst_y=367, w=16, h=3) at ui/vnc.c:934
#3 0x00005576b9cc1761 in dpy_gfx_copy (con=0x5576bccbbc50, src_x=116,
src_y=379, dst_x=116, dst_y=367, w=16, h=3) at ui/console.c:1533
#4 0x00005576b9cc2b26 in qemu_console_copy (con=0x5576bccbbc50, src_x=116,
src_y=379, dst_x=116, dst_y=367, w=16, h=3) at ui/console.c:2040
#5 0x00005576b9b9baf8 in cirrus_do_copy (s=0x5576bcb5a100, dst=1127772,
src=1164636, w=16, h=3) at hw/display/cirrus_vga.c:772
#6 0x00005576b9b9bbcc in cirrus_bitblt_videotovideo_copy (s=0x5576bcb5a100) at
hw/display/cirrus_vga.c:791
#7 0x00005576b9b9c0a1 in cirrus_bitblt_videotovideo (s=0x5576bcb5a100) at
hw/display/cirrus_vga.c:913
#8 0x00005576b9b9c80f in cirrus_bitblt_start (s=0x5576bcb5a100) at
hw/display/cirrus_vga.c:1054
#9 0x00005576b9b9c898 in cirrus_write_bitblt (s=0x5576bcb5a100, reg_value=2)
at hw/display/cirrus_vga.c:1075
#10 0x00005576b9b9d588 in cirrus_vga_write_gr (s=0x5576bcb5a100, reg_index=49,
reg_value=2) at hw/display/cirrus_vga.c:1577
#11 0x00005576b9b9de03 in cirrus_mmio_blt_write (s=0x5576bcb5a100, address=64,
value=2 '\002') at hw/display/cirrus_vga.c:1931
#12 0x00005576b9b9e32b in cirrus_vga_mem_write (opaque=0x5576bcb5a100,
addr=98368, mem_value=2, size=1) at hw/display/cirrus_vga.c:2099
#13 0x00005576b99e2bc5 in memory_region_write_accessor (mr=0x5576bcb6b0a0,
addr=98368, value=0x7fff47d22618, size=1, shift=0, mask=255, attrs=...)
at /root/work/qemu/memory.c:450
#14 0x00005576b99e2d64 in access_with_adjusted_size (addr=98368,
value=0x7fff47d22618, size=1, access_size_min=1, access_size_max=1,
access=0x5576b99e2b54 <memory_region_write_accessor>, mr=0x5576bcb6b0a0,
attrs=...) at /root/work/qemu/memory.c:506
#15 0x00005576b99e55cb in memory_region_dispatch_write (mr=0x5576bcb6b0a0,
addr=98368, data=2, size=1, attrs=...) at /root/work/qemu/memory.c:1158
#16 0x00005576b999eba2 in address_space_rw (as=0x5576ba2a0ec0
<address_space_memory>, addr=753728, attrs=..., buf=0x7fff47d22818 "\002",
len=1, is_write=true)
at /root/work/qemu/exec.c:2497
#17 0x00005576b999eed9 in cpu_physical_memory_rw (addr=753728,
buf=0x7fff47d22818 "\002", len=1, is_write=1) at /root/work/qemu/exec.c:2580
#18 0x00005576b9a024b2 in rw_phys_req_item (addr=753728, req=0x7fff47d22810,
i=0, val=0x7fff47d22818, rw=1) at /root/work/qemu/xen-hvm.c:797
#19 0x00005576b9a02520 in write_phys_req_item (addr=753728, req=0x7fff47d22810,
i=0, val=0x7fff47d22818) at /root/work/qemu/xen-hvm.c:808
#20 0x00005576b9a0285c in cpu_ioreq_move (req=0x7fff47d22810) at
/root/work/qemu/xen-hvm.c:862
#21 0x00005576b9a02cec in handle_ioreq (state=0x5576bb888960,
req=0x7fff47d22810) at /root/work/qemu/xen-hvm.c:944
#22 0x00005576b9a02ffa in handle_buffered_iopage (state=0x5576bb888960) at
/root/work/qemu/xen-hvm.c:1026
#23 0x00005576b9a030d1 in cpu_handle_ioreq (opaque=0x5576bb888960) at
/root/work/qemu/xen-hvm.c:1052
#24 0x00005576b9d03123 in aio_dispatch (ctx=0x5576bb856470) at aio-posix.c:160
#25 0x00005576b9cf3421 in aio_ctx_dispatch (source=0x5576bb856470,
callback=0x0, user_data=0x0) at async.c:226
#26 0x00007f8bdeb78dc7 in g_main_context_dispatch () from
/usr/lib/libglib-2.0.so.0
#27 0x00005576b9d01805 in glib_pollfds_poll () at main-loop.c:211
#28 0x00005576b9d018e0 in os_host_main_loop_wait (timeout=477440) at
main-loop.c:256
#29 0x00005576b9d0198d in main_loop_wait (nonblocking=0) at main-loop.c:504
#30 0x00005576b9ade524 in main_loop () at vl.c:1890
#31 0x00005576b9ae63f8 in main (argc=44, argv=0x7fff47d22df8,
envp=0x7fff47d22f60) at vl.c:4644
QEMU also segfault if I connect briefly to VNC at guest boot time and
disconnect before it finishes booting.
You may find a report from osstest here:
http://lists.xen.org/archives/html/xen-devel/2015-11/msg02688.html
Thanks,
--
Anthony PERARD
[Prev in Thread] |
Current Thread |
[Next in Thread] |
- [Qemu-devel] Bug: QEMU segfault within vnc,
Anthony PERARD <=