[Spice-devel] [ spice-devel ] libspice server segfault
nicolas prochazka
prochazka.nicolas at gmail.com
Wed Sep 5 05:41:44 PDT 2012
Hello,
With the help of Alon, i can produce debug information :
Core was generated by `/usr/local/bin/qemu -name xpvirtser001
-readconfig /etc/ich9-ehci-uhci.cfg -dev'.
Program terminated with signal 11, Segmentation fault.
#0 ring_add (item=<optimized out>, ring=<optimized out>) at
../spice-common/common/ring.h:61
61 ring->next = item->next->prev = item;
Regards,
Nicolas
2012/9/4 Alon Levy <alevy at redhat.com>:
>> hello
>> libspice 0.11.3
>> qemu 1.2rc2
>>
>> In windows XP Guest VM ,
>> Change screensaver ( with small preview windows change)
>> causes a segfault in libspice server .
>>
>> I can always reproduce it ,
>> two logs juste before segfault.
>>
>>
>> usr/local/bin/qemu:11553): SpiceWorker-Debug **:
>> ../spice-common/common/rect.h:91:rect_debug: (0, 0) (194, 21)
>> (/usr/local/bin/qemu:11553): SpiceWorker-Debug **:
>> red_worker.c:2030:red_clear_surface_drawables_from_pipe: surface 19
>> dependent item found 0x7fdb3a46ae10, 0x7fdb3b132150
>> (/usr/local/bin/qemu:11553): SpiceWorker-Debug **:
>> red_worker.c:10258:display_channel_release_item: not pushed (101)
>> (/usr/local/bin/qemu:11553): SpiceWorker-Debug **:
>> red_worker.c:10258:display_channel_release_item: not pushed (101)
>> (/usr/local/bin/qemu:11553): SpiceWorker-Debug **:
>> red_worker.c:10258:display_channel_release_item: not pushed (101)
>> (/usr/local/bin/qemu:11553): SpiceWorker-Debug **:
>> red_worker.c:4593:red_update_area: surface 0: area ==>
>> (/usr/local/bin/qemu:11553): SpiceWorker-Debug **:
>> ../spice-common/common/rect.h:91:rect_debug: (165, 455) (359, 613)
>> (/usr/local/bin/qemu:11553): SpiceWorker-Debug **:
>> red_worker.c:4593:red_update_area: surface 7: area ==>
>> (/usr/local/bin/qemu:11553): SpiceWorker-Debug **:
>> ../spice-common/common/rect.h:91:rect_debug: (5, 0) (199, 158)
>> (/usr/local/bin/qemu:11553): SpiceWorker-Debug **:
>> red_worker.c:2030:red_clear_surface_drawables_from_pipe: surface 7
>> dependent item found 0x7fdb3a46ccb0, 0x7fdb3ac64ce0
>> (/usr/local/bin/qemu:11553): SpiceWorker-Debug **:
>> red_worker.c:10258:display_channel_release_item: not pushed (101)
>> (/usr/local/bin/qemu:11553): SpiceWorker-Debug **:
>> red_worker.c:10258:display_channel_release_item: not pushed (101)
>> (/usr/local/bin/qemu:11553): SpiceWorker-Debug **:
>> red_worker.c:4593:red_update_area: surface 0: area ==>
>> (/usr/local/bin/qemu:11553): SpiceWorker-Debug **:
>> ../spice-common/common/rect.h:91:rect_debug: (168, 437) (339, 452)
>> (/usr/local/bin/qemu:11553): SpiceWorker-Debug **:
>> red_worker.c:4593:red_update_area: surface 19: area ==>
>> (/usr/local/bin/qemu:11553): SpiceWorker-Debug **:
>> ../spice-common/common/rect.h:91:rect_debug: (3, 3) (174, 18)
>> (/usr/local/bin/qemu:11553): SpiceWorker-Debug **:
>> red_worker.c:2030:red_clear_surface_drawables_from_pipe: surface 19
>> dependent item found 0x7fdb3a46c818, 0x7fdb3ac987e0
>> (/usr/local/bin/qemu:11553): SpiceWorker-Debug **:
>> red_worker.c:10258:display_channel_release_item: not pushed (101)
>> (/usr/local/bin/qemu:11553): SpiceWorker-Debug **:
>> red_worker.c:2633:red_display_detach_stream_gracefully: stream 49:
>> upgrade by screenshot. has current 0. box ==>
>> (/usr/local/bin/qemu:11553): SpiceWorker-Debug **:
>> ../spice-common/common/rect.h:91:rect_debug: (257, 265) (409, 377)
>> (/usr/local/bin/qemu:11553): SpiceWorker-Debug **:
>> red_worker.c:4593:red_update_area: surface 0: area ==>
>> (/usr/local/bin/qemu:11553): SpiceWorker-Debug **:
>> ../spice-common/common/rect.h:91:rect_debug: (257, 265) (409, 377)
>> (/usr/local/bin/qemu:11553): SpiceWorker-Debug **:
>> red_worker.c:2674:red_detach_streams_behind: stream 49
>> (/usr/local/bin/qemu:11553): Spice-Debug **:
>> red_dispatcher.c:309:async_command_alloc: 0x7fdaa007f4b0
>> (/usr/local/bin/qemu:11553): SpiceWorker-Debug **:
>> red_worker.c:10258:display_channel_release_item: not pushed (101)
>> (/usr/local/bin/qemu:11553): SpiceWorker-Debug **:
>> red_worker.c:4593:red_update_area: surface 7: area ==>
>> (/usr/local/bin/qemu:11553): SpiceWorker-Debug **:
>> ../spice-common/common/rect.h:91:rect_debug: (0, 0) (32, 32)
>> (/usr/local/bin/qemu:11553): SpiceWorker-Debug **:
>> red_worker.c:11443:worker_handle_dispatcher_async_done:
>> (/usr/local/bin/qemu:11553): Spice-Debug **:
>> red_dispatcher.c:960:red_dispatcher_async_complete: 0x7fdaa007f4b0:
>> cookie 140576964702000
>> (/usr/local/bin/qemu:11553): Spice-Debug **:
>> red_dispatcher.c:962:red_dispatcher_async_complete: no more async
>> commands
>> (/usr/local/bin/qemu:11553): Spice-Debug **:
>> red_dispatcher.c:309:async_command_alloc: 0x7fdaa00b6f30
>> (/usr/local/bin/qemu:11553): SpiceWorker-Debug **:
>> red_worker.c:10258:display_channel_release_item: not pushed (101)
>> (/usr/local/bin/qemu:11553): SpiceWorker-Debug **:
>> red_worker.c:10258:display_channel_release_item: not pushed (101)
>> (/usr/local/bin/qemu:11553): SpiceWorker-Debug **:
>> red_worker.c:4593:red_update_area: surface 20: area ==>
>> (/usr/local/bin/qemu:11553): SpiceWorker-Debug **:
>> ../spice-common/common/rect.h:91:rect_debug: (0, 0) (16, 16)
>> (/usr/local/bin/qemu:11553): SpiceWorker-Debug **:
>> red_worker.c:11443:worker_handle_dispatcher_async_done:
>> (/usr/local/bin/qemu:11553): Spice-Debug **:
>> red_dispatcher.c:960:red_dispatcher_async_complete: 0x7fdaa00b6f30:
>> cookie 140576964474032
>> (/usr/local/bin/qemu:11553): Spice-Debug **:
>> red_dispatcher.c:962:red_dispatcher_async_complete: no more async
>> commands
>> (/usr/local/bin/qemu:11553): SpiceWorker-Debug **:
>> red_worker.c:10258:display_channel_release_item: not pushed (101)
>> (/usr/local/bin/qemu:11553): SpiceWorker-Debug **:
>> red_worker.c:10258:display_channel_release_item: not pushed (101)
>> (/usr/local/bin/qemu:11553): SpiceWorker-Debug **:
>> red_worker.c:4593:red_update_area: surface 0: area ==>
>> (/usr/local/bin/qemu:11553): SpiceWorker-Debug **:
>> ../spice-common/common/rect.h:91:rect_debug: (472, 596) (547, 619)
>> (/usr/local/bin/qemu:11553): SpiceWorker-ERROR **:
>> ../spice-common/common/ring.h:83:ring_remove: assertion `item->next
>> !=
>> NULL && item->prev != NULL' failed
>> Aborted
>>
>>
>> (/usr/local/bin/qemu:21130): SpiceWorker-Debug **:
>> red_worker.c:10258:display_channel_release_item: not pushed (101)
>> (/usr/local/bin/qemu:21130): SpiceWorker-Debug **:
>> red_worker.c:10258:display_channel_release_item: not pushed (101)
>> (/usr/local/bin/qemu:21130): SpiceWorker-Debug **:
>> red_worker.c:10258:display_channel_release_item: not pushed (101)
>> (/usr/local/bin/qemu:21130): SpiceWorker-Debug **:
>> red_worker.c:10258:display_channel_release_item: not pushed (101)
>> (/usr/local/bin/qemu:21130): SpiceWorker-Debug **:
>> red_worker.c:10258:display_channel_release_item: not pushed (101)
>> (/usr/local/bin/qemu:21130): SpiceWorker-Debug **:
>> red_worker.c:4593:red_update_area: surface 0: area ==>
>> (/usr/local/bin/qemu:21130): SpiceWorker-Debug **:
>> ../spice-common/common/rect.h:91:rect_debug: (165, 434) (359, 455)
>> (/usr/local/bin/qemu:21130): SpiceWorker-Debug **:
>> red_worker.c:4593:red_update_area: surface 22: area ==>
>> (/usr/local/bin/qemu:21130): SpiceWorker-Debug **:
>> ../spice-common/common/rect.h:91:rect_debug: (0, 0) (194, 21)
>> (/usr/local/bin/qemu:21130): SpiceWorker-Debug **:
>> red_worker.c:2030:red_clear_surface_drawables_from_pipe: surface 22
>> dependent item found 0x7f67c1181838, 0x7f6728484650
>> (/usr/local/bin/qemu:21130): SpiceWorker-Debug **:
>> red_worker.c:10258:display_channel_release_item: not pushed (101)
>> (/usr/local/bin/qemu:21130): SpiceWorker-Debug **:
>> red_worker.c:10258:display_channel_release_item: not pushed (101)
>> (/usr/local/bin/qemu:21130): SpiceWorker-Debug **:
>> red_worker.c:4593:red_update_area: surface 0: area ==>
>> (/usr/local/bin/qemu:21130): SpiceWorker-Debug **:
>> ../spice-common/common/rect.h:91:rect_debug: (168, 435) (358, 454)
>> (/usr/local/bin/qemu:21130): SpiceWorker-Debug **:
>> red_worker.c:4593:red_update_area: surface 22: area ==>
>> (/usr/local/bin/qemu:21130): SpiceWorker-Debug **:
>> ../spice-common/common/rect.h:91:rect_debug: (3, 1) (193, 20)
>> (/usr/local/bin/qemu:21130): SpiceWorker-Debug **:
>> red_worker.c:2030:red_clear_surface_drawables_from_pipe: surface 22
>> dependent item found 0x7f67c117e738, 0x7f672809f6e0
>> (/usr/local/bin/qemu:21130): SpiceWorker-Debug **:
>> red_worker.c:10258:display_channel_release_item: not pushed (101)
>> (/usr/local/bin/qemu:21130): SpiceWorker-Debug **:
>> red_worker.c:4593:red_update_area: surface 8: area ==>
>> (/usr/local/bin/qemu:21130): SpiceWorker-Debug **:
>> ../spice-common/common/rect.h:91:rect_debug: (5, 0) (199, 158)
>> (/usr/local/bin/qemu:21130): SpiceWorker-Debug **:
>> red_worker.c:4593:red_update_area: surface 0: area ==>
>> (/usr/local/bin/qemu:21130): SpiceWorker-Debug **:
>> ../spice-common/common/rect.h:91:rect_debug: (165, 455) (359, 613)
>> (/usr/local/bin/qemu:21130): SpiceWorker-Debug **:
>> red_worker.c:4593:red_update_area: surface 0: area ==>
>> (/usr/local/bin/qemu:21130): SpiceWorker-Debug **:
>> ../spice-common/common/rect.h:91:rect_debug: (165, 455) (359, 613)
>> (/usr/local/bin/qemu:21130): SpiceWorker-Debug **:
>> red_worker.c:4593:red_update_area: surface 25: area ==>
>> (/usr/local/bin/qemu:21130): SpiceWorker-Debug **:
>> ../spice-common/common/rect.h:91:rect_debug: (0, 0) (194, 158)
>> (/usr/local/bin/qemu:21130): SpiceWorker-Debug **:
>> red_worker.c:2030:red_clear_surface_drawables_from_pipe: surface 25
>> dependent item found 0x7f67c11813a0, 0x7f672806db10
>> (/usr/local/bin/qemu:21130): SpiceWorker-Debug **:
>> red_worker.c:10258:display_channel_release_item: not pushed (101)
>> (/usr/local/bin/qemu:21130): SpiceWorker-Debug **:
>> red_worker.c:4593:red_update_area: surface 0: area ==>
>> (/usr/local/bin/qemu:21130): SpiceWorker-Debug **:
>> ../spice-common/common/rect.h:91:rect_debug: (341, 435) (358, 454)
>> (/usr/local/bin/qemu:21130): SpiceWorker-Debug **:
>> red_worker.c:4593:red_update_area: surface 22: area ==>
>> (/usr/local/bin/qemu:21130): SpiceWorker-Debug **:
>> ../spice-common/common/rect.h:91:rect_debug: (176, 1) (193, 20)
>> (/usr/local/bin/qemu:21130): SpiceWorker-Debug **:
>> red_worker.c:10258:display_channel_release_item: not pushed (101)
>> (/usr/local/bin/qemu:21130): SpiceWorker-Debug **:
>> red_worker.c:10258:display_channel_release_item: not pushed (101)
>> (/usr/local/bin/qemu:21130): SpiceWorker-Debug **:
>> red_worker.c:2030:red_clear_surface_drawables_from_pipe: surface 22
>> dependent item found 0x7f67c117e118, 0x7f67280ab110
>> (/usr/local/bin/qemu:21130): SpiceWorker-Debug **:
>> red_worker.c:10258:display_channel_release_item: not pushed (101)
>> (/usr/local/bin/qemu:21130): SpiceWorker-Debug **:
>> red_worker.c:4593:red_update_area: surface 0: area ==>
>> (/usr/local/bin/qemu:21130): SpiceWorker-Debug **:
>> ../spice-common/common/rect.h:91:rect_debug: (165, 434) (359, 455)
>> (/usr/local/bin/qemu:21130): SpiceWorker-Debug **:
>> red_worker.c:4593:red_update_area: surface 10: area ==>
>> (/usr/local/bin/qemu:21130): SpiceWorker-Debug **:
>> ../spice-common/common/rect.h:91:rect_debug: (0, 0) (194, 21)
>> (/usr/local/bin/qemu:21130): SpiceWorker-Debug **:
>> red_worker.c:2030:red_clear_surface_drawables_from_pipe: surface 10
>> dependent item found 0x7f67c11bd540, 0x7f6728189b90
>> (/usr/local/bin/qemu:21130): SpiceWorker-Debug **:
>> red_worker.c:10258:display_channel_release_item: not pushed (101)
>> (/usr/local/bin/qemu:21130): SpiceWorker-Debug **:
>> red_worker.c:10258:display_channel_release_item: not pushed (101)
>> (/usr/local/bin/qemu:21130): SpiceWorker-Debug **:
>> red_worker.c:10258:display_channel_release_item: not pushed (101)
>> (/usr/local/bin/qemu:21130): SpiceWorker-Debug **:
>> red_worker.c:10258:display_channel_release_item: not pushed (101)
>> (/usr/local/bin/qemu:21130): SpiceWorker-Debug **:
>> red_worker.c:4593:red_update_area: surface 0: area ==>
>> (/usr/local/bin/qemu:21130): SpiceWorker-Debug **:
>> ../spice-common/common/rect.h:91:rect_debug: (165, 455) (359, 613)
>> (/usr/local/bin/qemu:21130): SpiceWorker-Debug **:
>> red_worker.c:4593:red_update_area: surface 8: area ==>
>> (/usr/local/bin/qemu:21130): SpiceWorker-Debug **:
>> ../spice-common/common/rect.h:91:rect_debug: (5, 0) (199, 158)
>> (/usr/local/bin/qemu:21130): SpiceWorker-Debug **:
>> red_worker.c:2030:red_clear_surface_drawables_from_pipe: surface 8
>> dependent item found 0x7f67c11bd540, 0x7f67285e68c0
>> (/usr/local/bin/qemu:21130): SpiceWorker-Debug **:
>> red_worker.c:10258:display_channel_release_item: not pushed (101)
>> (/usr/local/bin/qemu:21130): SpiceWorker-Debug **:
>> red_worker.c:10258:display_channel_release_item: not pushed (101)
>> (/usr/local/bin/qemu:21130): SpiceWorker-Debug **:
>> red_worker.c:4593:red_update_area: surface 0: area ==>
>> (/usr/local/bin/qemu:21130): SpiceWorker-Debug **:
>> ../spice-common/common/rect.h:91:rect_debug: (168, 437) (339, 452)
>> (/usr/local/bin/qemu:21130): SpiceWorker-Debug **:
>> red_worker.c:4593:red_update_area: surface 10: area ==>
>> (/usr/local/bin/qemu:21130): SpiceWorker-Debug **:
>> ../spice-common/common/rect.h:91:rect_debug: (3, 3) (174, 18)
>> (/usr/local/bin/qemu:21130): SpiceWorker-Debug **:
>> red_worker.c:2030:red_clear_surface_drawables_from_pipe: surface 10
>> dependent item found 0x7f67c1181838, 0x7f67281b6310
>> (/usr/local/bin/qemu:21130): SpiceWorker-Debug **:
>> red_worker.c:10258:display_channel_release_item: not pushed (101)
>> (/usr/local/bin/qemu:21130): SpiceWorker-Debug **:
>> red_worker.c:2633:red_display_detach_stream_gracefully: stream 49:
>> upgrade by screenshot. has current 0. box ==>
>> (/usr/local/bin/qemu:21130): SpiceWorker-Debug **:
>> ../spice-common/common/rect.h:91:rect_debug: (257, 265) (409, 377)
>> (/usr/local/bin/qemu:21130): SpiceWorker-Debug **:
>> red_worker.c:4593:red_update_area: surface 0: area ==>
>> (/usr/local/bin/qemu:21130): SpiceWorker-Debug **:
>> ../spice-common/common/rect.h:91:rect_debug: (257, 265) (409, 377)
>> (/usr/local/bin/qemu:21130): SpiceWorker-Debug **:
>> red_worker.c:2674:red_detach_streams_behind: stream 49
>> Segmentation fault
>>
>
> Hi Nicolas,
>
> Thanks for the report (s), can you please provide a stacktrace of qemu when it segfaults?
> Simplest way differs depending on how you run it:
> 1) standalone - you launch qemu directly. Then run it under gdb:
> gdb --args qemu...
> r
> <do what leads to segfault>
> thread apply all bt
> 2) you launch qemu via libvirt / any other means.
> launch qemu normally
> if this is the only copy of qemu that is running, you can launch:
> gdb -p `pgrep qemu`
> if you have more then one, you'll need to identify the pid yourself.
> <do what leads to segfault>
> thread apply all bt
>
> Alon
>
>>
>>
>> Regards,
>> Nicolas
>> _______________________________________________
>> Spice-devel mailing list
>> Spice-devel at lists.freedesktop.org
>> http://lists.freedesktop.org/mailman/listinfo/spice-devel
>>
More information about the Spice-devel
mailing list