[Spice-devel] [ spice-devel ] libspice server segfault
nicolas prochazka
prochazka.nicolas at gmail.com
Thu Sep 6 06:20:04 PDT 2012
Hello,
with lastest git libspice ( 1.4.0 ) : no change , segfault.
with lastest git spice/qemu ( rebase/spice- next ) : no segfault but
a vm freeze ( in spice client and vnc client )
Regards,
Nicolas
2012/9/5 nicolas prochazka <prochazka.nicolas at gmail.com>:
> same test, but core dump shows us differents things.
> p item after the segfault tells no symbol item in current context
>
> Nicolas
>
> (/usr/local/bin/qemu:6512): SpiceWorker-ERROR **:
> ../spice-common/common/ring.h:84:ring_remove: assertion `item->next !=
> NULL && item->prev != NULL' failed
> Aborted (core dumped)
>
> (gdb) thread apply all bt
>
> Thread 4 (LWP 6512):
> #0 0x00007f625c921033 in select () from /lib/libc.so.6
> #1 0x00007f625f63b9d8 in os_host_main_loop_wait (timeout=4294967295)
> at main-loop.c:308
> #2 main_loop_wait (nonblocking=<optimized out>) at main-loop.c:496
> #3 0x00007f625f63afa2 in main_loop () at
> /tmp/qemu-0b3f79b9e9c17e97d8d8179defdb6e03cd9ddc8f/vl.c:1643
> #4 main (argc=<optimized out>, argv=<optimized out>, envp=<optimized
> out>) at /tmp/qemu-0b3f79b9e9c17e97d8d8179defdb6e03cd9ddc8f/vl.c:3755
>
> Thread 3 (LWP 6637):
> #0 0x00007f625c920327 in ioctl () from /lib/libc.so.6
> #1 0x00007f625f6e3c26 in kvm_vcpu_ioctl (env=<optimized out>,
> type=44672) at /tmp/qemu-0b3f79b9e9c17e97d8d8179defdb6e03cd9ddc8f/kvm-all.c:1648
> #2 0x00007f625f6e48e7 in kvm_cpu_exec (env=0x7f6260f06b20) at
> /tmp/qemu-0b3f79b9e9c17e97d8d8179defdb6e03cd9ddc8f/kvm-all.c:1535
> #3 0x00007f625f6a2167 in qemu_kvm_cpu_thread_fn (arg=<optimized out>)
> at /tmp/qemu-0b3f79b9e9c17e97d8d8179defdb6e03cd9ddc8f/cpus.c:757
> #4 0x00007f625cbd698c in ?? () from /lib/libpthread.so.0
> #5 0x00007f625c926fcd in clone () from /lib/libc.so.6
>
> Thread 2 (LWP 21713):
> #0 0x00007f625cbdb27b in pthread_cond_timedwait () from /lib/libpthread.so.0
> #1 0x00007f625f64a29a in cond_timedwait (ts=<optimized out>,
> mutex=<optimized out>, cond=<optimized out>) at posix-aio-compat.c:107
> #2 aio_thread (unused=<optimized out>) at posix-aio-compat.c:337
> #3 0x00007f625cbd698c in ?? () from /lib/libpthread.so.0
> #4 0x00007f625c926fcd in clone () from /lib/libc.so.6
>
> Thread 1 (LWP 6638):
> #0 0x00007f625c886c85 in raise () from /lib/libc.so.6
> #1 0x00007f625c887e64 in abort () from /lib/libc.so.6
> #2 0x00007f625d2e4557 in spice_logv (log_domain=0x7f625d35d2dc
> "SpiceWorker", log_level=SPICE_LOG_LEVEL_ERROR,
> strloc=0x7f625d358160 "../spice-common/common/ring.h:84",
> function=0x7f625d35f413 "ring_remove",
> format=0x7f625d3583c8 "assertion `%s' failed", args=<optimized
> out>) at log.c:109
> #3 0x00007f625d2e45f4 in spice_log (log_domain=0x1970
> <Address 0x1970 out of bounds>, log_level=6638, strloc=0x6 <Address
> 0x6 out of bounds>,
> function=0xffffffffffffffff <Address 0xffffffffffffffff
> out of bounds>, format=0x7f623d9d0700 "") at log.c:123
> #4 0x00007f625d2b8f75 in ring_remove (item=<optimized
> out>) at ../spice-common/common/ring.h:84
> #5 current_remove_container (container=<optimized out>,
> worker=<optimized out>) at red_worker.c:1818
> #6 container_cleanup (container=<optimized out>,
> worker=<optimized out>) at red_worker.c:1834
> #7 red_update_area (worker=0x7f62611248b0,
> area=<optimized out>, surface_id=<optimized out>) at red_worker.c:4634
> #8 0x00007f625d2b972f in surface_flush (worker=0x1970,
> surface_id=0, rect=0x19ee) at red_worker.c:1859
> #9 0x00007f625d2c1b4c in
> red_handle_depends_on_target_surface (surface_id=<optimized out>,
> worker=<optimized out>) at red_worker.c:3839
> #10 red_process_surface (loadvm=<optimized out>,
> group_id=<optimized out>, surface=<optimized out>, worker=<optimized
> out>) at red_worker.c:4004
> #11 red_process_commands (worker=0x7f62611248b0,
> max_pipe_size=<optimized out>, ring_is_empty=0x7f623d9cfccc) at
> red_worker.c:4950
> #12 0x00007f625d2c2fef in red_worker_main (arg=<optimized
> out>) at red_worker.c:11778
> #13 0x00007f625cbd698c in ?? () from /lib/libpthread.so.0
> #14 0x00007f625c926fcd in clone () from /lib/libc.so.6
>
>
> 2012/9/5 Alon Levy <alevy at redhat.com>:
>>> Yes it happens with and without -vnc qemu cmdline
>>> Nicolas
>>> 2012/9/5 Alon Levy <alevy at redhat.com>:
>>
>> Right after the segfault, before "thread apply all bt", can you please run
>> p item
>> p item->next
>> info locals
>>
>> Thanks,
>> Alon
>>
>>> >> and with all threads :
>>> >>
>>> >> bego3 ~ # cat /storage/tmp/log6
>>> >> warning: Unable to find libthread_db matching inferior's thread
>>> >> library, thread debugging will not be available.
>>> >> Core was generated by `/usr/local/bin/qemu -name xpvirtser001
>>> >> -readconfig /etc/ich9-ehci-uhci.cfg -dev'.
>>> >> Program terminated with signal 11, Segmentation fault.
>>> >> #0 ring_add (item=<optimized out>, ring=<optimized out>) at
>>> >> ../spice-common/common/ring.h:61
>>> >> 61 ring->next = item->next->prev = item;
>>> >> (gdb) thread apply all bt
>>> >>
>>> >> Thread 5 (LWP 3065):
>>> >> #0 0x00007f9036826033 in select () from /lib/libc.so.6
>>> >> #1 0x00007f90395409d8 in os_host_main_loop_wait
>>> >> (timeout=4294967295)
>>> >> at main-loop.c:308
>>> >> #2 main_loop_wait (nonblocking=<optimized out>) at
>>> >> main-loop.c:496
>>> >> #3 0x00007f903953ffa2 in main_loop () at
>>> >> /tmp/qemu-0b3f79b9e9c17e97d8d8179defdb6e03cd9ddc8f/vl.c:1643
>>> >> #4 main (argc=<optimized out>, argv=<optimized out>,
>>> >> envp=<optimized
>>> >> out>) at
>>> >> /tmp/qemu-0b3f79b9e9c17e97d8d8179defdb6e03cd9ddc8f/vl.c:3755
>>> >>
>>> >> Thread 4 (LWP 4885):
>>> >> #0 0x00007f9036ae027b in pthread_cond_timedwait () from
>>> >> /lib/libpthread.so.0
>>> >> #1 0x00007f903954f29a in cond_timedwait (ts=<optimized out>,
>>> >> mutex=<optimized out>, cond=<optimized out>) at
>>> >> posix-aio-compat.c:107
>>> >> #2 aio_thread (unused=<optimized out>) at posix-aio-compat.c:337
>>> >> #3 0x00007f9036adb98c in ?? () from /lib/libpthread.so.0
>>> >> #4 0x00007f903682bfcd in clone () from /lib/libc.so.6
>>> >>
>>> >> Thread 3 (LWP 3180):
>>> >> #0 0x00007f9036adfefc in pthread_cond_wait () from
>>> >> /lib/libpthread.so.0
>>> >> #1 0x00007f903956c62a in qemu_cond_wait (cond=0x7f903b6f4114,
>>> >> mutex=0x80) at qemu-thread-posix.c:113
>>> >> #2 0x00007f903959aac6 in vnc_worker_thread_loop
>>> >> (queue=0x7f903b6f4110) at ui/vnc-jobs.c:222
>>> >> #3 0x00007f903959af21 in vnc_worker_thread (arg=<optimized out>)
>>> >> at
>>> >> ui/vnc-jobs.c:318
>>> >> #4 0x00007f9036adb98c in ?? () from /lib/libpthread.so.0
>>> >> #5 0x00007f903682bfcd in clone () from /lib/libc.so.6
>>> >
>>> > Does this happen if you run without vnc?
>>> >
>>> >>
>>> >> Thread 2 (LWP 3177):
>>> >> #0 0x00007f9036825327 in ioctl () from /lib/libc.so.6
>>> >> #1 0x00007f90395e8c26 in kvm_vcpu_ioctl (env=<optimized out>,
>>> >> type=44672) at
>>> >> /tmp/qemu-0b3f79b9e9c17e97d8d8179defdb6e03cd9ddc8f/kvm-all.c:1648
>>> >> #2 0x00007f90395e98e7 in kvm_cpu_exec (env=0x7f903ae0bb20) at
>>> >> /tmp/qemu-0b3f79b9e9c17e97d8d8179defdb6e03cd9ddc8f/kvm-all.c:1535
>>> >> #3 0x00007f90395a7167 in qemu_kvm_cpu_thread_fn (arg=<optimized
>>> >> out>)
>>> >> at /tmp/qemu-0b3f79b9e9c17e97d8d8179defdb6e03cd9ddc8f/cpus.c:757
>>> >> #4 0x00007f9036adb98c in ?? () from /lib/libpthread.so.0
>>> >> #5 0x00007f903682bfcd in clone () from /lib/libc.so.6
>>> >>
>>> >> Thread 1 (LWP 3178):
>>> >> #0 ring_add (item=<optimized out>, ring=<optimized out>) at
>>> >> ../spice-common/common/ring.h:61
>>> >> #1 ring_add_after (pos=<optimized out>, item=<optimized out>) at
>>> >> ../spice-common/common/ring.h:66
>>> >> #2 __current_add_drawable (pos=<optimized out>,
>>> >> drawable=<optimized
>>> >> out>, worker=<optimized out>) at red_worker.c:2351
>>> >> #3 red_current_add (worker=0x7f903b0298b0, ring=0x7f9010022ef8,
>>> >> drawable=0x7f903b1e91e8) at red_worker.c:3479
>>> >> #4 0x00007f90371c5f13 in red_current_add_qxl
>>> >> (red_drawable=<optimized
>>> >> out>, ring=<optimized out>, worker=<optimized out>,
>>> >> drawable=<optimized out>) at red_worker.c:3612
>>> >> #5 red_process_drawable (group_id=<optimized out>,
>>> >> drawable=<optimized out>, worker=<optimized out>) at
>>> >> red_worker.c:3953
>>> >> #6 red_process_commands (worker=0x7f903b0298b0,
>>> >> max_pipe_size=<optimized out>, ring_is_empty=0x7f90180d5ccc) at
>>> >> red_worker.c:4902
>>> >> #7 0x00007f90371c7fa5 in red_worker_main (arg=<optimized
>>> >> out>)
>>> >> at
>>> >> red_worker.c:11778
>>> >> #8 0x00007f9036adb98c in ?? () from /lib/libpthread.so.0
>>> >> #9 0x00007f903682bfcd in clone () from /lib/libc.so.6
>>> >
>>> > Thanks for the work producing the backtrace, unfortunately I can't
>>> > think of anything at the moment. I'd like to see the history of
>>> > the ring adds but that's of course impossible. Valgrind would be
>>> > awesome, but it requires compiling libssl specifically to avoid a
>>> > ton of false warnings from valgrind (even if you don't use the tls
>>> > port of spice). See http://www.openssl.org/support/faq.html#PROG14
>>> > if you are willing to go this extra mile.
>>> >
>>> >
>>> >>
>>> >>
>>> >> 2012/9/5 nicolas prochazka <prochazka.nicolas at gmail.com>:
>>> >> > Hello,
>>> >> > With the help of Alon, i can produce debug information :
>>> >> >
>>> >> > Core was generated by `/usr/local/bin/qemu -name xpvirtser001
>>> >> > -readconfig /etc/ich9-ehci-uhci.cfg -dev'.
>>> >> > Program terminated with signal 11, Segmentation fault.
>>> >> > #0 ring_add (item=<optimized out>, ring=<optimized out>) at
>>> >> > ../spice-common/common/ring.h:61
>>> >> > 61 ring->next = item->next->prev = item;
>>> >> >
>>> >> >
>>> >> > Regards,
>>> >> > Nicolas
>>> >> >
>>> >> > 2012/9/4 Alon Levy <alevy at redhat.com>:
>>> >> >>> hello
>>> >> >>> libspice 0.11.3
>>> >> >>> qemu 1.2rc2
>>> >> >>>
>>> >> >>> In windows XP Guest VM ,
>>> >> >>> Change screensaver ( with small preview windows change)
>>> >> >>> causes a segfault in libspice server .
>>> >> >>>
>>> >> >>> I can always reproduce it ,
>>> >> >>> two logs juste before segfault.
>>> >> >>>
>>> >> >>>
>>> >> >>> usr/local/bin/qemu:11553): SpiceWorker-Debug **:
>>> >> >>> ../spice-common/common/rect.h:91:rect_debug: (0, 0) (194, 21)
>>> >> >>> (/usr/local/bin/qemu:11553): SpiceWorker-Debug **:
>>> >> >>> red_worker.c:2030:red_clear_surface_drawables_from_pipe:
>>> >> >>> surface
>>> >> >>> 19
>>> >> >>> dependent item found 0x7fdb3a46ae10, 0x7fdb3b132150
>>> >> >>> (/usr/local/bin/qemu:11553): SpiceWorker-Debug **:
>>> >> >>> red_worker.c:10258:display_channel_release_item: not pushed
>>> >> >>> (101)
>>> >> >>> (/usr/local/bin/qemu:11553): SpiceWorker-Debug **:
>>> >> >>> red_worker.c:10258:display_channel_release_item: not pushed
>>> >> >>> (101)
>>> >> >>> (/usr/local/bin/qemu:11553): SpiceWorker-Debug **:
>>> >> >>> red_worker.c:10258:display_channel_release_item: not pushed
>>> >> >>> (101)
>>> >> >>> (/usr/local/bin/qemu:11553): SpiceWorker-Debug **:
>>> >> >>> red_worker.c:4593:red_update_area: surface 0: area ==>
>>> >> >>> (/usr/local/bin/qemu:11553): SpiceWorker-Debug **:
>>> >> >>> ../spice-common/common/rect.h:91:rect_debug: (165, 455) (359,
>>> >> >>> 613)
>>> >> >>> (/usr/local/bin/qemu:11553): SpiceWorker-Debug **:
>>> >> >>> red_worker.c:4593:red_update_area: surface 7: area ==>
>>> >> >>> (/usr/local/bin/qemu:11553): SpiceWorker-Debug **:
>>> >> >>> ../spice-common/common/rect.h:91:rect_debug: (5, 0) (199, 158)
>>> >> >>> (/usr/local/bin/qemu:11553): SpiceWorker-Debug **:
>>> >> >>> red_worker.c:2030:red_clear_surface_drawables_from_pipe:
>>> >> >>> surface
>>> >> >>> 7
>>> >> >>> dependent item found 0x7fdb3a46ccb0, 0x7fdb3ac64ce0
>>> >> >>> (/usr/local/bin/qemu:11553): SpiceWorker-Debug **:
>>> >> >>> red_worker.c:10258:display_channel_release_item: not pushed
>>> >> >>> (101)
>>> >> >>> (/usr/local/bin/qemu:11553): SpiceWorker-Debug **:
>>> >> >>> red_worker.c:10258:display_channel_release_item: not pushed
>>> >> >>> (101)
>>> >> >>> (/usr/local/bin/qemu:11553): SpiceWorker-Debug **:
>>> >> >>> red_worker.c:4593:red_update_area: surface 0: area ==>
>>> >> >>> (/usr/local/bin/qemu:11553): SpiceWorker-Debug **:
>>> >> >>> ../spice-common/common/rect.h:91:rect_debug: (168, 437) (339,
>>> >> >>> 452)
>>> >> >>> (/usr/local/bin/qemu:11553): SpiceWorker-Debug **:
>>> >> >>> red_worker.c:4593:red_update_area: surface 19: area ==>
>>> >> >>> (/usr/local/bin/qemu:11553): SpiceWorker-Debug **:
>>> >> >>> ../spice-common/common/rect.h:91:rect_debug: (3, 3) (174, 18)
>>> >> >>> (/usr/local/bin/qemu:11553): SpiceWorker-Debug **:
>>> >> >>> red_worker.c:2030:red_clear_surface_drawables_from_pipe:
>>> >> >>> surface
>>> >> >>> 19
>>> >> >>> dependent item found 0x7fdb3a46c818, 0x7fdb3ac987e0
>>> >> >>> (/usr/local/bin/qemu:11553): SpiceWorker-Debug **:
>>> >> >>> red_worker.c:10258:display_channel_release_item: not pushed
>>> >> >>> (101)
>>> >> >>> (/usr/local/bin/qemu:11553): SpiceWorker-Debug **:
>>> >> >>> red_worker.c:2633:red_display_detach_stream_gracefully: stream
>>> >> >>> 49:
>>> >> >>> upgrade by screenshot. has current 0. box ==>
>>> >> >>> (/usr/local/bin/qemu:11553): SpiceWorker-Debug **:
>>> >> >>> ../spice-common/common/rect.h:91:rect_debug: (257, 265) (409,
>>> >> >>> 377)
>>> >> >>> (/usr/local/bin/qemu:11553): SpiceWorker-Debug **:
>>> >> >>> red_worker.c:4593:red_update_area: surface 0: area ==>
>>> >> >>> (/usr/local/bin/qemu:11553): SpiceWorker-Debug **:
>>> >> >>> ../spice-common/common/rect.h:91:rect_debug: (257, 265) (409,
>>> >> >>> 377)
>>> >> >>> (/usr/local/bin/qemu:11553): SpiceWorker-Debug **:
>>> >> >>> red_worker.c:2674:red_detach_streams_behind: stream 49
>>> >> >>> (/usr/local/bin/qemu:11553): Spice-Debug **:
>>> >> >>> red_dispatcher.c:309:async_command_alloc: 0x7fdaa007f4b0
>>> >> >>> (/usr/local/bin/qemu:11553): SpiceWorker-Debug **:
>>> >> >>> red_worker.c:10258:display_channel_release_item: not pushed
>>> >> >>> (101)
>>> >> >>> (/usr/local/bin/qemu:11553): SpiceWorker-Debug **:
>>> >> >>> red_worker.c:4593:red_update_area: surface 7: area ==>
>>> >> >>> (/usr/local/bin/qemu:11553): SpiceWorker-Debug **:
>>> >> >>> ../spice-common/common/rect.h:91:rect_debug: (0, 0) (32, 32)
>>> >> >>> (/usr/local/bin/qemu:11553): SpiceWorker-Debug **:
>>> >> >>> red_worker.c:11443:worker_handle_dispatcher_async_done:
>>> >> >>> (/usr/local/bin/qemu:11553): Spice-Debug **:
>>> >> >>> red_dispatcher.c:960:red_dispatcher_async_complete:
>>> >> >>> 0x7fdaa007f4b0:
>>> >> >>> cookie 140576964702000
>>> >> >>> (/usr/local/bin/qemu:11553): Spice-Debug **:
>>> >> >>> red_dispatcher.c:962:red_dispatcher_async_complete: no more
>>> >> >>> async
>>> >> >>> commands
>>> >> >>> (/usr/local/bin/qemu:11553): Spice-Debug **:
>>> >> >>> red_dispatcher.c:309:async_command_alloc: 0x7fdaa00b6f30
>>> >> >>> (/usr/local/bin/qemu:11553): SpiceWorker-Debug **:
>>> >> >>> red_worker.c:10258:display_channel_release_item: not pushed
>>> >> >>> (101)
>>> >> >>> (/usr/local/bin/qemu:11553): SpiceWorker-Debug **:
>>> >> >>> red_worker.c:10258:display_channel_release_item: not pushed
>>> >> >>> (101)
>>> >> >>> (/usr/local/bin/qemu:11553): SpiceWorker-Debug **:
>>> >> >>> red_worker.c:4593:red_update_area: surface 20: area ==>
>>> >> >>> (/usr/local/bin/qemu:11553): SpiceWorker-Debug **:
>>> >> >>> ../spice-common/common/rect.h:91:rect_debug: (0, 0) (16, 16)
>>> >> >>> (/usr/local/bin/qemu:11553): SpiceWorker-Debug **:
>>> >> >>> red_worker.c:11443:worker_handle_dispatcher_async_done:
>>> >> >>> (/usr/local/bin/qemu:11553): Spice-Debug **:
>>> >> >>> red_dispatcher.c:960:red_dispatcher_async_complete:
>>> >> >>> 0x7fdaa00b6f30:
>>> >> >>> cookie 140576964474032
>>> >> >>> (/usr/local/bin/qemu:11553): Spice-Debug **:
>>> >> >>> red_dispatcher.c:962:red_dispatcher_async_complete: no more
>>> >> >>> async
>>> >> >>> commands
>>> >> >>> (/usr/local/bin/qemu:11553): SpiceWorker-Debug **:
>>> >> >>> red_worker.c:10258:display_channel_release_item: not pushed
>>> >> >>> (101)
>>> >> >>> (/usr/local/bin/qemu:11553): SpiceWorker-Debug **:
>>> >> >>> red_worker.c:10258:display_channel_release_item: not pushed
>>> >> >>> (101)
>>> >> >>> (/usr/local/bin/qemu:11553): SpiceWorker-Debug **:
>>> >> >>> red_worker.c:4593:red_update_area: surface 0: area ==>
>>> >> >>> (/usr/local/bin/qemu:11553): SpiceWorker-Debug **:
>>> >> >>> ../spice-common/common/rect.h:91:rect_debug: (472, 596) (547,
>>> >> >>> 619)
>>> >> >>> (/usr/local/bin/qemu:11553): SpiceWorker-ERROR **:
>>> >> >>> ../spice-common/common/ring.h:83:ring_remove: assertion
>>> >> >>> `item->next
>>> >> >>> !=
>>> >> >>> NULL && item->prev != NULL' failed
>>> >> >>> Aborted
>>> >> >>>
>>> >> >>>
>>> >> >>> (/usr/local/bin/qemu:21130): SpiceWorker-Debug **:
>>> >> >>> red_worker.c:10258:display_channel_release_item: not pushed
>>> >> >>> (101)
>>> >> >>> (/usr/local/bin/qemu:21130): SpiceWorker-Debug **:
>>> >> >>> red_worker.c:10258:display_channel_release_item: not pushed
>>> >> >>> (101)
>>> >> >>> (/usr/local/bin/qemu:21130): SpiceWorker-Debug **:
>>> >> >>> red_worker.c:10258:display_channel_release_item: not pushed
>>> >> >>> (101)
>>> >> >>> (/usr/local/bin/qemu:21130): SpiceWorker-Debug **:
>>> >> >>> red_worker.c:10258:display_channel_release_item: not pushed
>>> >> >>> (101)
>>> >> >>> (/usr/local/bin/qemu:21130): SpiceWorker-Debug **:
>>> >> >>> red_worker.c:10258:display_channel_release_item: not pushed
>>> >> >>> (101)
>>> >> >>> (/usr/local/bin/qemu:21130): SpiceWorker-Debug **:
>>> >> >>> red_worker.c:4593:red_update_area: surface 0: area ==>
>>> >> >>> (/usr/local/bin/qemu:21130): SpiceWorker-Debug **:
>>> >> >>> ../spice-common/common/rect.h:91:rect_debug: (165, 434) (359,
>>> >> >>> 455)
>>> >> >>> (/usr/local/bin/qemu:21130): SpiceWorker-Debug **:
>>> >> >>> red_worker.c:4593:red_update_area: surface 22: area ==>
>>> >> >>> (/usr/local/bin/qemu:21130): SpiceWorker-Debug **:
>>> >> >>> ../spice-common/common/rect.h:91:rect_debug: (0, 0) (194, 21)
>>> >> >>> (/usr/local/bin/qemu:21130): SpiceWorker-Debug **:
>>> >> >>> red_worker.c:2030:red_clear_surface_drawables_from_pipe:
>>> >> >>> surface
>>> >> >>> 22
>>> >> >>> dependent item found 0x7f67c1181838, 0x7f6728484650
>>> >> >>> (/usr/local/bin/qemu:21130): SpiceWorker-Debug **:
>>> >> >>> red_worker.c:10258:display_channel_release_item: not pushed
>>> >> >>> (101)
>>> >> >>> (/usr/local/bin/qemu:21130): SpiceWorker-Debug **:
>>> >> >>> red_worker.c:10258:display_channel_release_item: not pushed
>>> >> >>> (101)
>>> >> >>> (/usr/local/bin/qemu:21130): SpiceWorker-Debug **:
>>> >> >>> red_worker.c:4593:red_update_area: surface 0: area ==>
>>> >> >>> (/usr/local/bin/qemu:21130): SpiceWorker-Debug **:
>>> >> >>> ../spice-common/common/rect.h:91:rect_debug: (168, 435) (358,
>>> >> >>> 454)
>>> >> >>> (/usr/local/bin/qemu:21130): SpiceWorker-Debug **:
>>> >> >>> red_worker.c:4593:red_update_area: surface 22: area ==>
>>> >> >>> (/usr/local/bin/qemu:21130): SpiceWorker-Debug **:
>>> >> >>> ../spice-common/common/rect.h:91:rect_debug: (3, 1) (193, 20)
>>> >> >>> (/usr/local/bin/qemu:21130): SpiceWorker-Debug **:
>>> >> >>> red_worker.c:2030:red_clear_surface_drawables_from_pipe:
>>> >> >>> surface
>>> >> >>> 22
>>> >> >>> dependent item found 0x7f67c117e738, 0x7f672809f6e0
>>> >> >>> (/usr/local/bin/qemu:21130): SpiceWorker-Debug **:
>>> >> >>> red_worker.c:10258:display_channel_release_item: not pushed
>>> >> >>> (101)
>>> >> >>> (/usr/local/bin/qemu:21130): SpiceWorker-Debug **:
>>> >> >>> red_worker.c:4593:red_update_area: surface 8: area ==>
>>> >> >>> (/usr/local/bin/qemu:21130): SpiceWorker-Debug **:
>>> >> >>> ../spice-common/common/rect.h:91:rect_debug: (5, 0) (199, 158)
>>> >> >>> (/usr/local/bin/qemu:21130): SpiceWorker-Debug **:
>>> >> >>> red_worker.c:4593:red_update_area: surface 0: area ==>
>>> >> >>> (/usr/local/bin/qemu:21130): SpiceWorker-Debug **:
>>> >> >>> ../spice-common/common/rect.h:91:rect_debug: (165, 455) (359,
>>> >> >>> 613)
>>> >> >>> (/usr/local/bin/qemu:21130): SpiceWorker-Debug **:
>>> >> >>> red_worker.c:4593:red_update_area: surface 0: area ==>
>>> >> >>> (/usr/local/bin/qemu:21130): SpiceWorker-Debug **:
>>> >> >>> ../spice-common/common/rect.h:91:rect_debug: (165, 455) (359,
>>> >> >>> 613)
>>> >> >>> (/usr/local/bin/qemu:21130): SpiceWorker-Debug **:
>>> >> >>> red_worker.c:4593:red_update_area: surface 25: area ==>
>>> >> >>> (/usr/local/bin/qemu:21130): SpiceWorker-Debug **:
>>> >> >>> ../spice-common/common/rect.h:91:rect_debug: (0, 0) (194, 158)
>>> >> >>> (/usr/local/bin/qemu:21130): SpiceWorker-Debug **:
>>> >> >>> red_worker.c:2030:red_clear_surface_drawables_from_pipe:
>>> >> >>> surface
>>> >> >>> 25
>>> >> >>> dependent item found 0x7f67c11813a0, 0x7f672806db10
>>> >> >>> (/usr/local/bin/qemu:21130): SpiceWorker-Debug **:
>>> >> >>> red_worker.c:10258:display_channel_release_item: not pushed
>>> >> >>> (101)
>>> >> >>> (/usr/local/bin/qemu:21130): SpiceWorker-Debug **:
>>> >> >>> red_worker.c:4593:red_update_area: surface 0: area ==>
>>> >> >>> (/usr/local/bin/qemu:21130): SpiceWorker-Debug **:
>>> >> >>> ../spice-common/common/rect.h:91:rect_debug: (341, 435) (358,
>>> >> >>> 454)
>>> >> >>> (/usr/local/bin/qemu:21130): SpiceWorker-Debug **:
>>> >> >>> red_worker.c:4593:red_update_area: surface 22: area ==>
>>> >> >>> (/usr/local/bin/qemu:21130): SpiceWorker-Debug **:
>>> >> >>> ../spice-common/common/rect.h:91:rect_debug: (176, 1) (193,
>>> >> >>> 20)
>>> >> >>> (/usr/local/bin/qemu:21130): SpiceWorker-Debug **:
>>> >> >>> red_worker.c:10258:display_channel_release_item: not pushed
>>> >> >>> (101)
>>> >> >>> (/usr/local/bin/qemu:21130): SpiceWorker-Debug **:
>>> >> >>> red_worker.c:10258:display_channel_release_item: not pushed
>>> >> >>> (101)
>>> >> >>> (/usr/local/bin/qemu:21130): SpiceWorker-Debug **:
>>> >> >>> red_worker.c:2030:red_clear_surface_drawables_from_pipe:
>>> >> >>> surface
>>> >> >>> 22
>>> >> >>> dependent item found 0x7f67c117e118, 0x7f67280ab110
>>> >> >>> (/usr/local/bin/qemu:21130): SpiceWorker-Debug **:
>>> >> >>> red_worker.c:10258:display_channel_release_item: not pushed
>>> >> >>> (101)
>>> >> >>> (/usr/local/bin/qemu:21130): SpiceWorker-Debug **:
>>> >> >>> red_worker.c:4593:red_update_area: surface 0: area ==>
>>> >> >>> (/usr/local/bin/qemu:21130): SpiceWorker-Debug **:
>>> >> >>> ../spice-common/common/rect.h:91:rect_debug: (165, 434) (359,
>>> >> >>> 455)
>>> >> >>> (/usr/local/bin/qemu:21130): SpiceWorker-Debug **:
>>> >> >>> red_worker.c:4593:red_update_area: surface 10: area ==>
>>> >> >>> (/usr/local/bin/qemu:21130): SpiceWorker-Debug **:
>>> >> >>> ../spice-common/common/rect.h:91:rect_debug: (0, 0) (194, 21)
>>> >> >>> (/usr/local/bin/qemu:21130): SpiceWorker-Debug **:
>>> >> >>> red_worker.c:2030:red_clear_surface_drawables_from_pipe:
>>> >> >>> surface
>>> >> >>> 10
>>> >> >>> dependent item found 0x7f67c11bd540, 0x7f6728189b90
>>> >> >>> (/usr/local/bin/qemu:21130): SpiceWorker-Debug **:
>>> >> >>> red_worker.c:10258:display_channel_release_item: not pushed
>>> >> >>> (101)
>>> >> >>> (/usr/local/bin/qemu:21130): SpiceWorker-Debug **:
>>> >> >>> red_worker.c:10258:display_channel_release_item: not pushed
>>> >> >>> (101)
>>> >> >>> (/usr/local/bin/qemu:21130): SpiceWorker-Debug **:
>>> >> >>> red_worker.c:10258:display_channel_release_item: not pushed
>>> >> >>> (101)
>>> >> >>> (/usr/local/bin/qemu:21130): SpiceWorker-Debug **:
>>> >> >>> red_worker.c:10258:display_channel_release_item: not pushed
>>> >> >>> (101)
>>> >> >>> (/usr/local/bin/qemu:21130): SpiceWorker-Debug **:
>>> >> >>> red_worker.c:4593:red_update_area: surface 0: area ==>
>>> >> >>> (/usr/local/bin/qemu:21130): SpiceWorker-Debug **:
>>> >> >>> ../spice-common/common/rect.h:91:rect_debug: (165, 455) (359,
>>> >> >>> 613)
>>> >> >>> (/usr/local/bin/qemu:21130): SpiceWorker-Debug **:
>>> >> >>> red_worker.c:4593:red_update_area: surface 8: area ==>
>>> >> >>> (/usr/local/bin/qemu:21130): SpiceWorker-Debug **:
>>> >> >>> ../spice-common/common/rect.h:91:rect_debug: (5, 0) (199, 158)
>>> >> >>> (/usr/local/bin/qemu:21130): SpiceWorker-Debug **:
>>> >> >>> red_worker.c:2030:red_clear_surface_drawables_from_pipe:
>>> >> >>> surface
>>> >> >>> 8
>>> >> >>> dependent item found 0x7f67c11bd540, 0x7f67285e68c0
>>> >> >>> (/usr/local/bin/qemu:21130): SpiceWorker-Debug **:
>>> >> >>> red_worker.c:10258:display_channel_release_item: not pushed
>>> >> >>> (101)
>>> >> >>> (/usr/local/bin/qemu:21130): SpiceWorker-Debug **:
>>> >> >>> red_worker.c:10258:display_channel_release_item: not pushed
>>> >> >>> (101)
>>> >> >>> (/usr/local/bin/qemu:21130): SpiceWorker-Debug **:
>>> >> >>> red_worker.c:4593:red_update_area: surface 0: area ==>
>>> >> >>> (/usr/local/bin/qemu:21130): SpiceWorker-Debug **:
>>> >> >>> ../spice-common/common/rect.h:91:rect_debug: (168, 437) (339,
>>> >> >>> 452)
>>> >> >>> (/usr/local/bin/qemu:21130): SpiceWorker-Debug **:
>>> >> >>> red_worker.c:4593:red_update_area: surface 10: area ==>
>>> >> >>> (/usr/local/bin/qemu:21130): SpiceWorker-Debug **:
>>> >> >>> ../spice-common/common/rect.h:91:rect_debug: (3, 3) (174, 18)
>>> >> >>> (/usr/local/bin/qemu:21130): SpiceWorker-Debug **:
>>> >> >>> red_worker.c:2030:red_clear_surface_drawables_from_pipe:
>>> >> >>> surface
>>> >> >>> 10
>>> >> >>> dependent item found 0x7f67c1181838, 0x7f67281b6310
>>> >> >>> (/usr/local/bin/qemu:21130): SpiceWorker-Debug **:
>>> >> >>> red_worker.c:10258:display_channel_release_item: not pushed
>>> >> >>> (101)
>>> >> >>> (/usr/local/bin/qemu:21130): SpiceWorker-Debug **:
>>> >> >>> red_worker.c:2633:red_display_detach_stream_gracefully: stream
>>> >> >>> 49:
>>> >> >>> upgrade by screenshot. has current 0. box ==>
>>> >> >>> (/usr/local/bin/qemu:21130): SpiceWorker-Debug **:
>>> >> >>> ../spice-common/common/rect.h:91:rect_debug: (257, 265) (409,
>>> >> >>> 377)
>>> >> >>> (/usr/local/bin/qemu:21130): SpiceWorker-Debug **:
>>> >> >>> red_worker.c:4593:red_update_area: surface 0: area ==>
>>> >> >>> (/usr/local/bin/qemu:21130): SpiceWorker-Debug **:
>>> >> >>> ../spice-common/common/rect.h:91:rect_debug: (257, 265) (409,
>>> >> >>> 377)
>>> >> >>> (/usr/local/bin/qemu:21130): SpiceWorker-Debug **:
>>> >> >>> red_worker.c:2674:red_detach_streams_behind: stream 49
>>> >> >>> Segmentation fault
>>> >> >>>
>>> >> >>
>>> >> >> Hi Nicolas,
>>> >> >>
>>> >> >> Thanks for the report (s), can you please provide a stacktrace
>>> >> >> of
>>> >> >> qemu when it segfaults?
>>> >> >> Simplest way differs depending on how you run it:
>>> >> >> 1) standalone - you launch qemu directly. Then run it under
>>> >> >> gdb:
>>> >> >> gdb --args qemu...
>>> >> >> r
>>> >> >> <do what leads to segfault>
>>> >> >> thread apply all bt
>>> >> >> 2) you launch qemu via libvirt / any other means.
>>> >> >> launch qemu normally
>>> >> >> if this is the only copy of qemu that is running, you can
>>> >> >> launch:
>>> >> >> gdb -p `pgrep qemu`
>>> >> >> if you have more then one, you'll need to identify the pid
>>> >> >> yourself.
>>> >> >> <do what leads to segfault>
>>> >> >> thread apply all bt
>>> >> >>
>>> >> >> Alon
>>> >> >>
>>> >> >>>
>>> >> >>>
>>> >> >>> Regards,
>>> >> >>> Nicolas
>>> >> >>> _______________________________________________
>>> >> >>> Spice-devel mailing list
>>> >> >>> Spice-devel at lists.freedesktop.org
>>> >> >>> http://lists.freedesktop.org/mailman/listinfo/spice-devel
>>> >> >>>
>>> >>
>>>
More information about the Spice-devel
mailing list