<div>Hi,</div><div>I got a segmentation fault of spice, spice version is 0.8, qemu version is spice.v32.kvm.</div><div>The following is the detail information:</div><div><div><br></div><div>Program received signal SIGSEGV, Segmentation fault.</div> <div>[Switching to Thread 0x7fffaaadb700 (LWP 26633)]</div><div>0x00007ffff63520bb in alloc_drawable (worker=0x7fffaa9046a0)</div><div> at red_worker.c:1437</div><div>1437<span class="Apple-tab-span" style="white-space:pre"> </span> worker->free_drawables = worker->free_drawables->u.next;</div> <div>(gdb) l</div><div>1432<span class="Apple-tab-span" style="white-space:pre"> </span> Drawable *drawable;</div><div>1433<span class="Apple-tab-span" style="white-space:pre"> </span> if (!worker->free_drawables) {</div> <div>1434<span class="Apple-tab-span" style="white-space:pre"> </span> return NULL;</div><div>1435<span class="Apple-tab-span" style="white-space:pre"> </span> }</div><div>1436<span class="Apple-tab-span" style="white-space:pre"> </span> drawable = &worker->free_drawables->u.drawable;</div> <div>1437<span class="Apple-tab-span" style="white-space:pre"> </span> worker->free_drawables = worker->free_drawables->u.next;</div><div>1438<span class="Apple-tab-span" style="white-space:pre"> </span> return drawable;</div> <div>1439<span class="Apple-tab-span" style="white-space:pre"> </span>}</div></div><div><div>(gdb) p drawable</div><div>$6 = (Drawable *) 0x7fffaaad32a8ff</div><div>(gdb) p worker->free_drawables</div><div>$7 = (_Drawable *) 0x7fffaaad32a8ff</div> <div>(gdb) p worker->free_drawables->u.drawable</div><div>Cannot access memory at address 0x7fffaaad32a8ff</div></div><div><div>(gdb) p worker</div><div>$8 = (RedWorker *) 0x7fffaa9046a0</div></div><div><div>(gdb) p &worker->drawables</div> <div>$10 = (_Drawable (*)[1024]) 0x7fffaaa778d8 //I change NUM_DRAWABLES to 1024</div><div>(gdb) p &worker->drawables[1023]</div><div>$11 = (_Drawable *) 0x7fffaaad5760</div></div><div><div>(gdb) p sizeof(void *)</div> <div>$18 = 8</div></div><div><div>(gdb) x/16bx 0x7fffaaad32a8</div><div>0x7fffaaad32a8:<span class="Apple-tab-span" style="white-space:pre"> </span>0x28<span class="Apple-tab-span" style="white-space:pre"> </span>0x40<span class="Apple-tab-span" style="white-space:pre"> </span>0xa9<span class="Apple-tab-span" style="white-space:pre"> </span>0xaa<span class="Apple-tab-span" style="white-space:pre"> </span>0xff<span class="Apple-tab-span" style="white-space:pre"> </span>0x7f<span class="Apple-tab-span" style="white-space:pre"> </span>0x00<span class="Apple-tab-span" style="white-space:pre"> </span>0x00</div> <div>0x7fffaaad32b0:<span class="Apple-tab-span" style="white-space:pre"> </span>0x00<span class="Apple-tab-span" style="white-space:pre"> </span>0x00<span class="Apple-tab-span" style="white-space:pre"> </span>0x00<span class="Apple-tab-span" style="white-space:pre"> </span>0x00<span class="Apple-tab-span" style="white-space:pre"> </span>0x00<span class="Apple-tab-span" style="white-space:pre"> </span>0x00<span class="Apple-tab-span" style="white-space:pre"> </span>0x00<span class="Apple-tab-span" style="white-space:pre"> </span>0x00</div> <div>(gdb) x/16bx 0x7fffaaad32a0</div><div>0x7fffaaad32a0:<span class="Apple-tab-span" style="white-space:pre"> </span>0xff<span class="Apple-tab-span" style="white-space:pre"> </span>0xff<span class="Apple-tab-span" style="white-space:pre"> </span>0xff<span class="Apple-tab-span" style="white-space:pre"> </span>0xff<span class="Apple-tab-span" style="white-space:pre"> </span>0xff<span class="Apple-tab-span" style="white-space:pre"> </span>0xff<span class="Apple-tab-span" style="white-space:pre"> </span>0xff<span class="Apple-tab-span" style="white-space:pre"> </span>0xff</div> <div>0x7fffaaad32a8:<span class="Apple-tab-span" style="white-space:pre"> </span>0x28<span class="Apple-tab-span" style="white-space:pre"> </span>0x40<span class="Apple-tab-span" style="white-space:pre"> </span>0xa9<span class="Apple-tab-span" style="white-space:pre"> </span>0xaa<span class="Apple-tab-span" style="white-space:pre"> </span>0xff<span class="Apple-tab-span" style="white-space:pre"> </span>0x7f<span class="Apple-tab-span" style="white-space:pre"> </span>0x00<span class="Apple-tab-span" style="white-space:pre"> </span>0x00</div> <div>(gdb) p &worker->free_drawables</div><div>$19 = (_Drawable **) 0x7fffaaad58d8</div><div>(gdb) x/16bx 0x7fffaaad58d8</div><div>0x7fffaaad58d8:<span class="Apple-tab-span" style="white-space:pre"> </span>0xff<span class="Apple-tab-span" style="white-space:pre"> </span>0xa8<span class="Apple-tab-span" style="white-space:pre"> </span>0x32<span class="Apple-tab-span" style="white-space:pre"> </span>0xad<span class="Apple-tab-span" style="white-space:pre"> </span>0xaa<span class="Apple-tab-span" style="white-space:pre"> </span>0xff<span class="Apple-tab-span" style="white-space:pre"> </span>0x7f<span class="Apple-tab-span" style="white-space:pre"> </span>0x00</div> <div>0x7fffaaad58e0:<span class="Apple-tab-span" style="white-space:pre"> </span>0x00<span class="Apple-tab-span" style="white-space:pre"> </span>0x00<span class="Apple-tab-span" style="white-space:pre"> </span>0x00<span class="Apple-tab-span" style="white-space:pre"> </span>0x00<span class="Apple-tab-span" style="white-space:pre"> </span>0x00<span class="Apple-tab-span" style="white-space:pre"> </span>0x00<span class="Apple-tab-span" style="white-space:pre"> </span>0x00<span class="Apple-tab-span" style="white-space:pre"> </span>0x00</div> </div><div><br></div><div><meta http-equiv="content-type" content="text/html; charset=utf-8">address 0x7fffaaad58d8 is in the worker->drawables array, but 0x7fffaaad32a8ff is not, why it has ff in the end?</div><meta http-equiv="content-type" content="text/html; charset=utf-8"><meta http-equiv="content-type" content="text/html; charset=utf-8"><div> <br></div><div><br></div><meta http-equiv="content-type" content="text/html; charset=utf-8"><div>--</div><div>Best Regards</div>