[Spice-devel] [ spice-devel ] libspice server segfault
nicolas prochazka
prochazka.nicolas at gmail.com
Thu Sep 6 09:19:23 PDT 2012
main_channel_link: add main channel client
main_channel_handle_parsed: net test: latency 20.040000 ms, bitrate
181431608 bps (173.026665 Mbps)
red_dispatcher_set_display_peer:
inputs_connect: inputs channel client create
red_dispatcher_set_cursor_peer:
qemu: virtio-serial-bus: Unexpected port id 2182726608 for device
virtio-serial-bus.0
qxl/guest-0: 15580707451: qxldd: PrepareHardware: 0xe1800010 vals
0xb6800000 67108864l
qxl/guest-0: 15581828607: qxldd: InitDeviceMemoryResources: 50323456, 67108864
qxl/guest-0: 15586811713: qxldd: InitResources: exit
qxl/guest-0: 15587235324: qxldd: DrvEnableSurface:
EngModifySurface(0x1050033, 0xe145d008, 0, MS_NOTSYSTEMMEMORY,
0xe1800010, 0xb6800000, 4096, NULL)
qxl/guest-0: 15590189428: qxldd: DrvEnableSurface: 0xe1800010 exit
qxl/guest-0: 15709383292: qxldd: WaitForCmdRing: 0xe1800010: timeout
qxl/guest-0: 17561972767: qxldd: _BitBlt: test src failed
qxl/guest-0: 17597019492: qxldd: _BitBlt: test src failed
qxl/guest-0: 17742960506: qxldd: _BitBlt: test src failed
qxl/guest-0: 17747795752: qxldd: _BitBlt: test src failed
qxl/guest-0: 17848057715: qxldd: _BitBlt: test src failed
qxl/guest-0: 17852859575: qxldd: _BitBlt: test src failed
qxl/guest-0: 17855490017: qxldd: _BitBlt: test src failed
qxl/guest-0: 17860979922: qxldd: _BitBlt: test src failed
(/usr/local/bin/qemu:17364): Spice-Warning **:
red_parse_qxl.c:406:red_get_image: guest error: missing palette on
bitmap format=2
qxl/guest-0: 26094199037: qxldd: _BitBlt: test src failed
(/usr/local/bin/qemu:17364): Spice-Warning **:
red_parse_qxl.c:406:red_get_image: guest error: missing palette on
bitmap format=2
(/usr/local/bin/qemu:17364): Spice-Warning **:
red_parse_qxl.c:406:red_get_image: guest error: missing palette on
bitmap format=2
(/usr/local/bin/qemu:17364): Spice-Warning **:
red_parse_qxl.c:406:red_get_image: guest error: missing palette on
bitmap format=2
(/usr/local/bin/qemu:17364): Spice-Warning **:
red_parse_qxl.c:406:red_get_image: guest error: missing palette on
bitmap format=2
qxl/guest-0: 41255611438: qxldd: _StretchBlt: stretch test failed
qxl/guest-0: 41255656139: qxldd: _StretchBlt: stretch test failed
(/usr/local/bin/qemu:17364): Spice-Warning **:
red_parse_qxl.c:406:red_get_image: guest error: missing palette on
bitmap format=2
qxl/guest-0: 50016517301: qxldd: DrvAssertMode: 0xe1800010 revision 3 enable 0
qxl-0: guest bug: unsupported io 22 for revision 3
2012/9/6 Alon Levy <alevy at redhat.com>:
>> Hello,
>> with lastest git libspice ( 1.4.0 ) : no change , segfault.
>
> Where is this 1.4.0 version coming from? the last release of libspice-server (spice.tar.gz) is 0.11.3 and the next should be 0.12.0.
>
> http://spice-space.org/download.html#latest-server
>
>> with lastest git spice/qemu ( rebase/spice- next ) : no segfault
>> but
>> a vm freeze ( in spice client and vnc client )
>
> Can you look at qemu's log and see if it says "guest bug" ?
> You'll have to enable guestdebug or use the trace point "qxl_set_guest_bug".
> To enable guest debug append to qemu's command line:
> -global qxl-vga.guestdebug=1
>
>>
>> Regards,
>> Nicolas
>>
>> 2012/9/5 nicolas prochazka <prochazka.nicolas at gmail.com>:
>> > same test, but core dump shows us differents things.
>> > p item after the segfault tells no symbol item in current context
>> >
>> > Nicolas
>> >
>> > (/usr/local/bin/qemu:6512): SpiceWorker-ERROR **:
>> > ../spice-common/common/ring.h:84:ring_remove: assertion `item->next
>> > !=
>> > NULL && item->prev != NULL' failed
>> > Aborted (core dumped)
>> >
>> > (gdb) thread apply all bt
>> >
>> > Thread 4 (LWP 6512):
>> > #0 0x00007f625c921033 in select () from /lib/libc.so.6
>> > #1 0x00007f625f63b9d8 in os_host_main_loop_wait
>> > (timeout=4294967295)
>> > at main-loop.c:308
>> > #2 main_loop_wait (nonblocking=<optimized out>) at main-loop.c:496
>> > #3 0x00007f625f63afa2 in main_loop () at
>> > /tmp/qemu-0b3f79b9e9c17e97d8d8179defdb6e03cd9ddc8f/vl.c:1643
>> > #4 main (argc=<optimized out>, argv=<optimized out>,
>> > envp=<optimized
>> > out>) at
>> > /tmp/qemu-0b3f79b9e9c17e97d8d8179defdb6e03cd9ddc8f/vl.c:3755
>> >
>> > Thread 3 (LWP 6637):
>> > #0 0x00007f625c920327 in ioctl () from /lib/libc.so.6
>> > #1 0x00007f625f6e3c26 in kvm_vcpu_ioctl (env=<optimized out>,
>> > type=44672) at
>> > /tmp/qemu-0b3f79b9e9c17e97d8d8179defdb6e03cd9ddc8f/kvm-all.c:1648
>> > #2 0x00007f625f6e48e7 in kvm_cpu_exec (env=0x7f6260f06b20) at
>> > /tmp/qemu-0b3f79b9e9c17e97d8d8179defdb6e03cd9ddc8f/kvm-all.c:1535
>> > #3 0x00007f625f6a2167 in qemu_kvm_cpu_thread_fn (arg=<optimized
>> > out>)
>> > at /tmp/qemu-0b3f79b9e9c17e97d8d8179defdb6e03cd9ddc8f/cpus.c:757
>> > #4 0x00007f625cbd698c in ?? () from /lib/libpthread.so.0
>> > #5 0x00007f625c926fcd in clone () from /lib/libc.so.6
>> >
>> > Thread 2 (LWP 21713):
>> > #0 0x00007f625cbdb27b in pthread_cond_timedwait () from
>> > /lib/libpthread.so.0
>> > #1 0x00007f625f64a29a in cond_timedwait (ts=<optimized out>,
>> > mutex=<optimized out>, cond=<optimized out>) at
>> > posix-aio-compat.c:107
>> > #2 aio_thread (unused=<optimized out>) at posix-aio-compat.c:337
>> > #3 0x00007f625cbd698c in ?? () from /lib/libpthread.so.0
>> > #4 0x00007f625c926fcd in clone () from /lib/libc.so.6
>> >
>> > Thread 1 (LWP 6638):
>> > #0 0x00007f625c886c85 in raise () from /lib/libc.so.6
>> > #1 0x00007f625c887e64 in abort () from /lib/libc.so.6
>> > #2 0x00007f625d2e4557 in spice_logv (log_domain=0x7f625d35d2dc
>> > "SpiceWorker", log_level=SPICE_LOG_LEVEL_ERROR,
>> > strloc=0x7f625d358160 "../spice-common/common/ring.h:84",
>> > function=0x7f625d35f413 "ring_remove",
>> > format=0x7f625d3583c8 "assertion `%s' failed",
>> > args=<optimized
>> > out>) at log.c:109
>> > #3 0x00007f625d2e45f4 in spice_log (log_domain=0x1970
>> > <Address 0x1970 out of bounds>, log_level=6638, strloc=0x6 <Address
>> > 0x6 out of bounds>,
>> > function=0xffffffffffffffff <Address 0xffffffffffffffff
>> > out of bounds>, format=0x7f623d9d0700 "") at log.c:123
>> > #4 0x00007f625d2b8f75 in ring_remove (item=<optimized
>> > out>) at ../spice-common/common/ring.h:84
>> > #5 current_remove_container (container=<optimized
>> > out>,
>> > worker=<optimized out>) at red_worker.c:1818
>> > #6 container_cleanup (container=<optimized out>,
>> > worker=<optimized out>) at red_worker.c:1834
>> > #7 red_update_area (worker=0x7f62611248b0,
>> > area=<optimized out>, surface_id=<optimized out>) at
>> > red_worker.c:4634
>> > #8 0x00007f625d2b972f in surface_flush (worker=0x1970,
>> > surface_id=0, rect=0x19ee) at red_worker.c:1859
>> > #9 0x00007f625d2c1b4c in
>> > red_handle_depends_on_target_surface (surface_id=<optimized out>,
>> > worker=<optimized out>) at red_worker.c:3839
>> > #10 red_process_surface (loadvm=<optimized out>,
>> > group_id=<optimized out>, surface=<optimized out>,
>> > worker=<optimized
>> > out>) at red_worker.c:4004
>> > #11 red_process_commands (worker=0x7f62611248b0,
>> > max_pipe_size=<optimized out>, ring_is_empty=0x7f623d9cfccc) at
>> > red_worker.c:4950
>> > #12 0x00007f625d2c2fef in red_worker_main
>> > (arg=<optimized
>> > out>) at red_worker.c:11778
>> > #13 0x00007f625cbd698c in ?? () from
>> > /lib/libpthread.so.0
>> > #14 0x00007f625c926fcd in clone () from /lib/libc.so.6
>> >
>> >
>> > 2012/9/5 Alon Levy <alevy at redhat.com>:
>> >>> Yes it happens with and without -vnc qemu cmdline
>> >>> Nicolas
>> >>> 2012/9/5 Alon Levy <alevy at redhat.com>:
>> >>
>> >> Right after the segfault, before "thread apply all bt", can you
>> >> please run
>> >> p item
>> >> p item->next
>> >> info locals
>> >>
>> >> Thanks,
>> >> Alon
>> >>
>> >>> >> and with all threads :
>> >>> >>
>> >>> >> bego3 ~ # cat /storage/tmp/log6
>> >>> >> warning: Unable to find libthread_db matching inferior's
>> >>> >> thread
>> >>> >> library, thread debugging will not be available.
>> >>> >> Core was generated by `/usr/local/bin/qemu -name xpvirtser001
>> >>> >> -readconfig /etc/ich9-ehci-uhci.cfg -dev'.
>> >>> >> Program terminated with signal 11, Segmentation fault.
>> >>> >> #0 ring_add (item=<optimized out>, ring=<optimized out>) at
>> >>> >> ../spice-common/common/ring.h:61
>> >>> >> 61 ring->next = item->next->prev = item;
>> >>> >> (gdb) thread apply all bt
>> >>> >>
>> >>> >> Thread 5 (LWP 3065):
>> >>> >> #0 0x00007f9036826033 in select () from /lib/libc.so.6
>> >>> >> #1 0x00007f90395409d8 in os_host_main_loop_wait
>> >>> >> (timeout=4294967295)
>> >>> >> at main-loop.c:308
>> >>> >> #2 main_loop_wait (nonblocking=<optimized out>) at
>> >>> >> main-loop.c:496
>> >>> >> #3 0x00007f903953ffa2 in main_loop () at
>> >>> >> /tmp/qemu-0b3f79b9e9c17e97d8d8179defdb6e03cd9ddc8f/vl.c:1643
>> >>> >> #4 main (argc=<optimized out>, argv=<optimized out>,
>> >>> >> envp=<optimized
>> >>> >> out>) at
>> >>> >> /tmp/qemu-0b3f79b9e9c17e97d8d8179defdb6e03cd9ddc8f/vl.c:3755
>> >>> >>
>> >>> >> Thread 4 (LWP 4885):
>> >>> >> #0 0x00007f9036ae027b in pthread_cond_timedwait () from
>> >>> >> /lib/libpthread.so.0
>> >>> >> #1 0x00007f903954f29a in cond_timedwait (ts=<optimized out>,
>> >>> >> mutex=<optimized out>, cond=<optimized out>) at
>> >>> >> posix-aio-compat.c:107
>> >>> >> #2 aio_thread (unused=<optimized out>) at
>> >>> >> posix-aio-compat.c:337
>> >>> >> #3 0x00007f9036adb98c in ?? () from /lib/libpthread.so.0
>> >>> >> #4 0x00007f903682bfcd in clone () from /lib/libc.so.6
>> >>> >>
>> >>> >> Thread 3 (LWP 3180):
>> >>> >> #0 0x00007f9036adfefc in pthread_cond_wait () from
>> >>> >> /lib/libpthread.so.0
>> >>> >> #1 0x00007f903956c62a in qemu_cond_wait (cond=0x7f903b6f4114,
>> >>> >> mutex=0x80) at qemu-thread-posix.c:113
>> >>> >> #2 0x00007f903959aac6 in vnc_worker_thread_loop
>> >>> >> (queue=0x7f903b6f4110) at ui/vnc-jobs.c:222
>> >>> >> #3 0x00007f903959af21 in vnc_worker_thread (arg=<optimized
>> >>> >> out>)
>> >>> >> at
>> >>> >> ui/vnc-jobs.c:318
>> >>> >> #4 0x00007f9036adb98c in ?? () from /lib/libpthread.so.0
>> >>> >> #5 0x00007f903682bfcd in clone () from /lib/libc.so.6
>> >>> >
>> >>> > Does this happen if you run without vnc?
>> >>> >
>> >>> >>
>> >>> >> Thread 2 (LWP 3177):
>> >>> >> #0 0x00007f9036825327 in ioctl () from /lib/libc.so.6
>> >>> >> #1 0x00007f90395e8c26 in kvm_vcpu_ioctl (env=<optimized out>,
>> >>> >> type=44672) at
>> >>> >> /tmp/qemu-0b3f79b9e9c17e97d8d8179defdb6e03cd9ddc8f/kvm-all.c:1648
>> >>> >> #2 0x00007f90395e98e7 in kvm_cpu_exec (env=0x7f903ae0bb20) at
>> >>> >> /tmp/qemu-0b3f79b9e9c17e97d8d8179defdb6e03cd9ddc8f/kvm-all.c:1535
>> >>> >> #3 0x00007f90395a7167 in qemu_kvm_cpu_thread_fn
>> >>> >> (arg=<optimized
>> >>> >> out>)
>> >>> >> at
>> >>> >> /tmp/qemu-0b3f79b9e9c17e97d8d8179defdb6e03cd9ddc8f/cpus.c:757
>> >>> >> #4 0x00007f9036adb98c in ?? () from /lib/libpthread.so.0
>> >>> >> #5 0x00007f903682bfcd in clone () from /lib/libc.so.6
>> >>> >>
>> >>> >> Thread 1 (LWP 3178):
>> >>> >> #0 ring_add (item=<optimized out>, ring=<optimized out>) at
>> >>> >> ../spice-common/common/ring.h:61
>> >>> >> #1 ring_add_after (pos=<optimized out>, item=<optimized out>)
>> >>> >> at
>> >>> >> ../spice-common/common/ring.h:66
>> >>> >> #2 __current_add_drawable (pos=<optimized out>,
>> >>> >> drawable=<optimized
>> >>> >> out>, worker=<optimized out>) at red_worker.c:2351
>> >>> >> #3 red_current_add (worker=0x7f903b0298b0,
>> >>> >> ring=0x7f9010022ef8,
>> >>> >> drawable=0x7f903b1e91e8) at red_worker.c:3479
>> >>> >> #4 0x00007f90371c5f13 in red_current_add_qxl
>> >>> >> (red_drawable=<optimized
>> >>> >> out>, ring=<optimized out>, worker=<optimized out>,
>> >>> >> drawable=<optimized out>) at red_worker.c:3612
>> >>> >> #5 red_process_drawable (group_id=<optimized out>,
>> >>> >> drawable=<optimized out>, worker=<optimized out>) at
>> >>> >> red_worker.c:3953
>> >>> >> #6 red_process_commands (worker=0x7f903b0298b0,
>> >>> >> max_pipe_size=<optimized out>, ring_is_empty=0x7f90180d5ccc)
>> >>> >> at
>> >>> >> red_worker.c:4902
>> >>> >> #7 0x00007f90371c7fa5 in red_worker_main (arg=<optimized
>> >>> >> out>)
>> >>> >> at
>> >>> >> red_worker.c:11778
>> >>> >> #8 0x00007f9036adb98c in ?? () from /lib/libpthread.so.0
>> >>> >> #9 0x00007f903682bfcd in clone () from /lib/libc.so.6
>> >>> >
>> >>> > Thanks for the work producing the backtrace, unfortunately I
>> >>> > can't
>> >>> > think of anything at the moment. I'd like to see the history of
>> >>> > the ring adds but that's of course impossible. Valgrind would
>> >>> > be
>> >>> > awesome, but it requires compiling libssl specifically to avoid
>> >>> > a
>> >>> > ton of false warnings from valgrind (even if you don't use the
>> >>> > tls
>> >>> > port of spice). See
>> >>> > http://www.openssl.org/support/faq.html#PROG14
>> >>> > if you are willing to go this extra mile.
>> >>> >
>> >>> >
>> >>> >>
>> >>> >>
>> >>> >> 2012/9/5 nicolas prochazka <prochazka.nicolas at gmail.com>:
>> >>> >> > Hello,
>> >>> >> > With the help of Alon, i can produce debug information :
>> >>> >> >
>> >>> >> > Core was generated by `/usr/local/bin/qemu -name
>> >>> >> > xpvirtser001
>> >>> >> > -readconfig /etc/ich9-ehci-uhci.cfg -dev'.
>> >>> >> > Program terminated with signal 11, Segmentation fault.
>> >>> >> > #0 ring_add (item=<optimized out>, ring=<optimized out>) at
>> >>> >> > ../spice-common/common/ring.h:61
>> >>> >> > 61 ring->next = item->next->prev = item;
>> >>> >> >
>> >>> >> >
>> >>> >> > Regards,
>> >>> >> > Nicolas
>> >>> >> >
>> >>> >> > 2012/9/4 Alon Levy <alevy at redhat.com>:
>> >>> >> >>> hello
>> >>> >> >>> libspice 0.11.3
>> >>> >> >>> qemu 1.2rc2
>> >>> >> >>>
>> >>> >> >>> In windows XP Guest VM ,
>> >>> >> >>> Change screensaver ( with small preview windows change)
>> >>> >> >>> causes a segfault in libspice server .
>> >>> >> >>>
>> >>> >> >>> I can always reproduce it ,
>> >>> >> >>> two logs juste before segfault.
>> >>> >> >>>
>> >>> >> >>>
>> >>> >> >>> usr/local/bin/qemu:11553): SpiceWorker-Debug **:
>> >>> >> >>> ../spice-common/common/rect.h:91:rect_debug: (0, 0) (194,
>> >>> >> >>> 21)
>> >>> >> >>> (/usr/local/bin/qemu:11553): SpiceWorker-Debug **:
>> >>> >> >>> red_worker.c:2030:red_clear_surface_drawables_from_pipe:
>> >>> >> >>> surface
>> >>> >> >>> 19
>> >>> >> >>> dependent item found 0x7fdb3a46ae10, 0x7fdb3b132150
>> >>> >> >>> (/usr/local/bin/qemu:11553): SpiceWorker-Debug **:
>> >>> >> >>> red_worker.c:10258:display_channel_release_item: not
>> >>> >> >>> pushed
>> >>> >> >>> (101)
>> >>> >> >>> (/usr/local/bin/qemu:11553): SpiceWorker-Debug **:
>> >>> >> >>> red_worker.c:10258:display_channel_release_item: not
>> >>> >> >>> pushed
>> >>> >> >>> (101)
>> >>> >> >>> (/usr/local/bin/qemu:11553): SpiceWorker-Debug **:
>> >>> >> >>> red_worker.c:10258:display_channel_release_item: not
>> >>> >> >>> pushed
>> >>> >> >>> (101)
>> >>> >> >>> (/usr/local/bin/qemu:11553): SpiceWorker-Debug **:
>> >>> >> >>> red_worker.c:4593:red_update_area: surface 0: area ==>
>> >>> >> >>> (/usr/local/bin/qemu:11553): SpiceWorker-Debug **:
>> >>> >> >>> ../spice-common/common/rect.h:91:rect_debug: (165, 455)
>> >>> >> >>> (359,
>> >>> >> >>> 613)
>> >>> >> >>> (/usr/local/bin/qemu:11553): SpiceWorker-Debug **:
>> >>> >> >>> red_worker.c:4593:red_update_area: surface 7: area ==>
>> >>> >> >>> (/usr/local/bin/qemu:11553): SpiceWorker-Debug **:
>> >>> >> >>> ../spice-common/common/rect.h:91:rect_debug: (5, 0) (199,
>> >>> >> >>> 158)
>> >>> >> >>> (/usr/local/bin/qemu:11553): SpiceWorker-Debug **:
>> >>> >> >>> red_worker.c:2030:red_clear_surface_drawables_from_pipe:
>> >>> >> >>> surface
>> >>> >> >>> 7
>> >>> >> >>> dependent item found 0x7fdb3a46ccb0, 0x7fdb3ac64ce0
>> >>> >> >>> (/usr/local/bin/qemu:11553): SpiceWorker-Debug **:
>> >>> >> >>> red_worker.c:10258:display_channel_release_item: not
>> >>> >> >>> pushed
>> >>> >> >>> (101)
>> >>> >> >>> (/usr/local/bin/qemu:11553): SpiceWorker-Debug **:
>> >>> >> >>> red_worker.c:10258:display_channel_release_item: not
>> >>> >> >>> pushed
>> >>> >> >>> (101)
>> >>> >> >>> (/usr/local/bin/qemu:11553): SpiceWorker-Debug **:
>> >>> >> >>> red_worker.c:4593:red_update_area: surface 0: area ==>
>> >>> >> >>> (/usr/local/bin/qemu:11553): SpiceWorker-Debug **:
>> >>> >> >>> ../spice-common/common/rect.h:91:rect_debug: (168, 437)
>> >>> >> >>> (339,
>> >>> >> >>> 452)
>> >>> >> >>> (/usr/local/bin/qemu:11553): SpiceWorker-Debug **:
>> >>> >> >>> red_worker.c:4593:red_update_area: surface 19: area ==>
>> >>> >> >>> (/usr/local/bin/qemu:11553): SpiceWorker-Debug **:
>> >>> >> >>> ../spice-common/common/rect.h:91:rect_debug: (3, 3) (174,
>> >>> >> >>> 18)
>> >>> >> >>> (/usr/local/bin/qemu:11553): SpiceWorker-Debug **:
>> >>> >> >>> red_worker.c:2030:red_clear_surface_drawables_from_pipe:
>> >>> >> >>> surface
>> >>> >> >>> 19
>> >>> >> >>> dependent item found 0x7fdb3a46c818, 0x7fdb3ac987e0
>> >>> >> >>> (/usr/local/bin/qemu:11553): SpiceWorker-Debug **:
>> >>> >> >>> red_worker.c:10258:display_channel_release_item: not
>> >>> >> >>> pushed
>> >>> >> >>> (101)
>> >>> >> >>> (/usr/local/bin/qemu:11553): SpiceWorker-Debug **:
>> >>> >> >>> red_worker.c:2633:red_display_detach_stream_gracefully:
>> >>> >> >>> stream
>> >>> >> >>> 49:
>> >>> >> >>> upgrade by screenshot. has current 0. box ==>
>> >>> >> >>> (/usr/local/bin/qemu:11553): SpiceWorker-Debug **:
>> >>> >> >>> ../spice-common/common/rect.h:91:rect_debug: (257, 265)
>> >>> >> >>> (409,
>> >>> >> >>> 377)
>> >>> >> >>> (/usr/local/bin/qemu:11553): SpiceWorker-Debug **:
>> >>> >> >>> red_worker.c:4593:red_update_area: surface 0: area ==>
>> >>> >> >>> (/usr/local/bin/qemu:11553): SpiceWorker-Debug **:
>> >>> >> >>> ../spice-common/common/rect.h:91:rect_debug: (257, 265)
>> >>> >> >>> (409,
>> >>> >> >>> 377)
>> >>> >> >>> (/usr/local/bin/qemu:11553): SpiceWorker-Debug **:
>> >>> >> >>> red_worker.c:2674:red_detach_streams_behind: stream 49
>> >>> >> >>> (/usr/local/bin/qemu:11553): Spice-Debug **:
>> >>> >> >>> red_dispatcher.c:309:async_command_alloc: 0x7fdaa007f4b0
>> >>> >> >>> (/usr/local/bin/qemu:11553): SpiceWorker-Debug **:
>> >>> >> >>> red_worker.c:10258:display_channel_release_item: not
>> >>> >> >>> pushed
>> >>> >> >>> (101)
>> >>> >> >>> (/usr/local/bin/qemu:11553): SpiceWorker-Debug **:
>> >>> >> >>> red_worker.c:4593:red_update_area: surface 7: area ==>
>> >>> >> >>> (/usr/local/bin/qemu:11553): SpiceWorker-Debug **:
>> >>> >> >>> ../spice-common/common/rect.h:91:rect_debug: (0, 0) (32,
>> >>> >> >>> 32)
>> >>> >> >>> (/usr/local/bin/qemu:11553): SpiceWorker-Debug **:
>> >>> >> >>> red_worker.c:11443:worker_handle_dispatcher_async_done:
>> >>> >> >>> (/usr/local/bin/qemu:11553): Spice-Debug **:
>> >>> >> >>> red_dispatcher.c:960:red_dispatcher_async_complete:
>> >>> >> >>> 0x7fdaa007f4b0:
>> >>> >> >>> cookie 140576964702000
>> >>> >> >>> (/usr/local/bin/qemu:11553): Spice-Debug **:
>> >>> >> >>> red_dispatcher.c:962:red_dispatcher_async_complete: no
>> >>> >> >>> more
>> >>> >> >>> async
>> >>> >> >>> commands
>> >>> >> >>> (/usr/local/bin/qemu:11553): Spice-Debug **:
>> >>> >> >>> red_dispatcher.c:309:async_command_alloc: 0x7fdaa00b6f30
>> >>> >> >>> (/usr/local/bin/qemu:11553): SpiceWorker-Debug **:
>> >>> >> >>> red_worker.c:10258:display_channel_release_item: not
>> >>> >> >>> pushed
>> >>> >> >>> (101)
>> >>> >> >>> (/usr/local/bin/qemu:11553): SpiceWorker-Debug **:
>> >>> >> >>> red_worker.c:10258:display_channel_release_item: not
>> >>> >> >>> pushed
>> >>> >> >>> (101)
>> >>> >> >>> (/usr/local/bin/qemu:11553): SpiceWorker-Debug **:
>> >>> >> >>> red_worker.c:4593:red_update_area: surface 20: area ==>
>> >>> >> >>> (/usr/local/bin/qemu:11553): SpiceWorker-Debug **:
>> >>> >> >>> ../spice-common/common/rect.h:91:rect_debug: (0, 0) (16,
>> >>> >> >>> 16)
>> >>> >> >>> (/usr/local/bin/qemu:11553): SpiceWorker-Debug **:
>> >>> >> >>> red_worker.c:11443:worker_handle_dispatcher_async_done:
>> >>> >> >>> (/usr/local/bin/qemu:11553): Spice-Debug **:
>> >>> >> >>> red_dispatcher.c:960:red_dispatcher_async_complete:
>> >>> >> >>> 0x7fdaa00b6f30:
>> >>> >> >>> cookie 140576964474032
>> >>> >> >>> (/usr/local/bin/qemu:11553): Spice-Debug **:
>> >>> >> >>> red_dispatcher.c:962:red_dispatcher_async_complete: no
>> >>> >> >>> more
>> >>> >> >>> async
>> >>> >> >>> commands
>> >>> >> >>> (/usr/local/bin/qemu:11553): SpiceWorker-Debug **:
>> >>> >> >>> red_worker.c:10258:display_channel_release_item: not
>> >>> >> >>> pushed
>> >>> >> >>> (101)
>> >>> >> >>> (/usr/local/bin/qemu:11553): SpiceWorker-Debug **:
>> >>> >> >>> red_worker.c:10258:display_channel_release_item: not
>> >>> >> >>> pushed
>> >>> >> >>> (101)
>> >>> >> >>> (/usr/local/bin/qemu:11553): SpiceWorker-Debug **:
>> >>> >> >>> red_worker.c:4593:red_update_area: surface 0: area ==>
>> >>> >> >>> (/usr/local/bin/qemu:11553): SpiceWorker-Debug **:
>> >>> >> >>> ../spice-common/common/rect.h:91:rect_debug: (472, 596)
>> >>> >> >>> (547,
>> >>> >> >>> 619)
>> >>> >> >>> (/usr/local/bin/qemu:11553): SpiceWorker-ERROR **:
>> >>> >> >>> ../spice-common/common/ring.h:83:ring_remove: assertion
>> >>> >> >>> `item->next
>> >>> >> >>> !=
>> >>> >> >>> NULL && item->prev != NULL' failed
>> >>> >> >>> Aborted
>> >>> >> >>>
>> >>> >> >>>
>> >>> >> >>> (/usr/local/bin/qemu:21130): SpiceWorker-Debug **:
>> >>> >> >>> red_worker.c:10258:display_channel_release_item: not
>> >>> >> >>> pushed
>> >>> >> >>> (101)
>> >>> >> >>> (/usr/local/bin/qemu:21130): SpiceWorker-Debug **:
>> >>> >> >>> red_worker.c:10258:display_channel_release_item: not
>> >>> >> >>> pushed
>> >>> >> >>> (101)
>> >>> >> >>> (/usr/local/bin/qemu:21130): SpiceWorker-Debug **:
>> >>> >> >>> red_worker.c:10258:display_channel_release_item: not
>> >>> >> >>> pushed
>> >>> >> >>> (101)
>> >>> >> >>> (/usr/local/bin/qemu:21130): SpiceWorker-Debug **:
>> >>> >> >>> red_worker.c:10258:display_channel_release_item: not
>> >>> >> >>> pushed
>> >>> >> >>> (101)
>> >>> >> >>> (/usr/local/bin/qemu:21130): SpiceWorker-Debug **:
>> >>> >> >>> red_worker.c:10258:display_channel_release_item: not
>> >>> >> >>> pushed
>> >>> >> >>> (101)
>> >>> >> >>> (/usr/local/bin/qemu:21130): SpiceWorker-Debug **:
>> >>> >> >>> red_worker.c:4593:red_update_area: surface 0: area ==>
>> >>> >> >>> (/usr/local/bin/qemu:21130): SpiceWorker-Debug **:
>> >>> >> >>> ../spice-common/common/rect.h:91:rect_debug: (165, 434)
>> >>> >> >>> (359,
>> >>> >> >>> 455)
>> >>> >> >>> (/usr/local/bin/qemu:21130): SpiceWorker-Debug **:
>> >>> >> >>> red_worker.c:4593:red_update_area: surface 22: area ==>
>> >>> >> >>> (/usr/local/bin/qemu:21130): SpiceWorker-Debug **:
>> >>> >> >>> ../spice-common/common/rect.h:91:rect_debug: (0, 0) (194,
>> >>> >> >>> 21)
>> >>> >> >>> (/usr/local/bin/qemu:21130): SpiceWorker-Debug **:
>> >>> >> >>> red_worker.c:2030:red_clear_surface_drawables_from_pipe:
>> >>> >> >>> surface
>> >>> >> >>> 22
>> >>> >> >>> dependent item found 0x7f67c1181838, 0x7f6728484650
>> >>> >> >>> (/usr/local/bin/qemu:21130): SpiceWorker-Debug **:
>> >>> >> >>> red_worker.c:10258:display_channel_release_item: not
>> >>> >> >>> pushed
>> >>> >> >>> (101)
>> >>> >> >>> (/usr/local/bin/qemu:21130): SpiceWorker-Debug **:
>> >>> >> >>> red_worker.c:10258:display_channel_release_item: not
>> >>> >> >>> pushed
>> >>> >> >>> (101)
>> >>> >> >>> (/usr/local/bin/qemu:21130): SpiceWorker-Debug **:
>> >>> >> >>> red_worker.c:4593:red_update_area: surface 0: area ==>
>> >>> >> >>> (/usr/local/bin/qemu:21130): SpiceWorker-Debug **:
>> >>> >> >>> ../spice-common/common/rect.h:91:rect_debug: (168, 435)
>> >>> >> >>> (358,
>> >>> >> >>> 454)
>> >>> >> >>> (/usr/local/bin/qemu:21130): SpiceWorker-Debug **:
>> >>> >> >>> red_worker.c:4593:red_update_area: surface 22: area ==>
>> >>> >> >>> (/usr/local/bin/qemu:21130): SpiceWorker-Debug **:
>> >>> >> >>> ../spice-common/common/rect.h:91:rect_debug: (3, 1) (193,
>> >>> >> >>> 20)
>> >>> >> >>> (/usr/local/bin/qemu:21130): SpiceWorker-Debug **:
>> >>> >> >>> red_worker.c:2030:red_clear_surface_drawables_from_pipe:
>> >>> >> >>> surface
>> >>> >> >>> 22
>> >>> >> >>> dependent item found 0x7f67c117e738, 0x7f672809f6e0
>> >>> >> >>> (/usr/local/bin/qemu:21130): SpiceWorker-Debug **:
>> >>> >> >>> red_worker.c:10258:display_channel_release_item: not
>> >>> >> >>> pushed
>> >>> >> >>> (101)
>> >>> >> >>> (/usr/local/bin/qemu:21130): SpiceWorker-Debug **:
>> >>> >> >>> red_worker.c:4593:red_update_area: surface 8: area ==>
>> >>> >> >>> (/usr/local/bin/qemu:21130): SpiceWorker-Debug **:
>> >>> >> >>> ../spice-common/common/rect.h:91:rect_debug: (5, 0) (199,
>> >>> >> >>> 158)
>> >>> >> >>> (/usr/local/bin/qemu:21130): SpiceWorker-Debug **:
>> >>> >> >>> red_worker.c:4593:red_update_area: surface 0: area ==>
>> >>> >> >>> (/usr/local/bin/qemu:21130): SpiceWorker-Debug **:
>> >>> >> >>> ../spice-common/common/rect.h:91:rect_debug: (165, 455)
>> >>> >> >>> (359,
>> >>> >> >>> 613)
>> >>> >> >>> (/usr/local/bin/qemu:21130): SpiceWorker-Debug **:
>> >>> >> >>> red_worker.c:4593:red_update_area: surface 0: area ==>
>> >>> >> >>> (/usr/local/bin/qemu:21130): SpiceWorker-Debug **:
>> >>> >> >>> ../spice-common/common/rect.h:91:rect_debug: (165, 455)
>> >>> >> >>> (359,
>> >>> >> >>> 613)
>> >>> >> >>> (/usr/local/bin/qemu:21130): SpiceWorker-Debug **:
>> >>> >> >>> red_worker.c:4593:red_update_area: surface 25: area ==>
>> >>> >> >>> (/usr/local/bin/qemu:21130): SpiceWorker-Debug **:
>> >>> >> >>> ../spice-common/common/rect.h:91:rect_debug: (0, 0) (194,
>> >>> >> >>> 158)
>> >>> >> >>> (/usr/local/bin/qemu:21130): SpiceWorker-Debug **:
>> >>> >> >>> red_worker.c:2030:red_clear_surface_drawables_from_pipe:
>> >>> >> >>> surface
>> >>> >> >>> 25
>> >>> >> >>> dependent item found 0x7f67c11813a0, 0x7f672806db10
>> >>> >> >>> (/usr/local/bin/qemu:21130): SpiceWorker-Debug **:
>> >>> >> >>> red_worker.c:10258:display_channel_release_item: not
>> >>> >> >>> pushed
>> >>> >> >>> (101)
>> >>> >> >>> (/usr/local/bin/qemu:21130): SpiceWorker-Debug **:
>> >>> >> >>> red_worker.c:4593:red_update_area: surface 0: area ==>
>> >>> >> >>> (/usr/local/bin/qemu:21130): SpiceWorker-Debug **:
>> >>> >> >>> ../spice-common/common/rect.h:91:rect_debug: (341, 435)
>> >>> >> >>> (358,
>> >>> >> >>> 454)
>> >>> >> >>> (/usr/local/bin/qemu:21130): SpiceWorker-Debug **:
>> >>> >> >>> red_worker.c:4593:red_update_area: surface 22: area ==>
>> >>> >> >>> (/usr/local/bin/qemu:21130): SpiceWorker-Debug **:
>> >>> >> >>> ../spice-common/common/rect.h:91:rect_debug: (176, 1)
>> >>> >> >>> (193,
>> >>> >> >>> 20)
>> >>> >> >>> (/usr/local/bin/qemu:21130): SpiceWorker-Debug **:
>> >>> >> >>> red_worker.c:10258:display_channel_release_item: not
>> >>> >> >>> pushed
>> >>> >> >>> (101)
>> >>> >> >>> (/usr/local/bin/qemu:21130): SpiceWorker-Debug **:
>> >>> >> >>> red_worker.c:10258:display_channel_release_item: not
>> >>> >> >>> pushed
>> >>> >> >>> (101)
>> >>> >> >>> (/usr/local/bin/qemu:21130): SpiceWorker-Debug **:
>> >>> >> >>> red_worker.c:2030:red_clear_surface_drawables_from_pipe:
>> >>> >> >>> surface
>> >>> >> >>> 22
>> >>> >> >>> dependent item found 0x7f67c117e118, 0x7f67280ab110
>> >>> >> >>> (/usr/local/bin/qemu:21130): SpiceWorker-Debug **:
>> >>> >> >>> red_worker.c:10258:display_channel_release_item: not
>> >>> >> >>> pushed
>> >>> >> >>> (101)
>> >>> >> >>> (/usr/local/bin/qemu:21130): SpiceWorker-Debug **:
>> >>> >> >>> red_worker.c:4593:red_update_area: surface 0: area ==>
>> >>> >> >>> (/usr/local/bin/qemu:21130): SpiceWorker-Debug **:
>> >>> >> >>> ../spice-common/common/rect.h:91:rect_debug: (165, 434)
>> >>> >> >>> (359,
>> >>> >> >>> 455)
>> >>> >> >>> (/usr/local/bin/qemu:21130): SpiceWorker-Debug **:
>> >>> >> >>> red_worker.c:4593:red_update_area: surface 10: area ==>
>> >>> >> >>> (/usr/local/bin/qemu:21130): SpiceWorker-Debug **:
>> >>> >> >>> ../spice-common/common/rect.h:91:rect_debug: (0, 0) (194,
>> >>> >> >>> 21)
>> >>> >> >>> (/usr/local/bin/qemu:21130): SpiceWorker-Debug **:
>> >>> >> >>> red_worker.c:2030:red_clear_surface_drawables_from_pipe:
>> >>> >> >>> surface
>> >>> >> >>> 10
>> >>> >> >>> dependent item found 0x7f67c11bd540, 0x7f6728189b90
>> >>> >> >>> (/usr/local/bin/qemu:21130): SpiceWorker-Debug **:
>> >>> >> >>> red_worker.c:10258:display_channel_release_item: not
>> >>> >> >>> pushed
>> >>> >> >>> (101)
>> >>> >> >>> (/usr/local/bin/qemu:21130): SpiceWorker-Debug **:
>> >>> >> >>> red_worker.c:10258:display_channel_release_item: not
>> >>> >> >>> pushed
>> >>> >> >>> (101)
>> >>> >> >>> (/usr/local/bin/qemu:21130): SpiceWorker-Debug **:
>> >>> >> >>> red_worker.c:10258:display_channel_release_item: not
>> >>> >> >>> pushed
>> >>> >> >>> (101)
>> >>> >> >>> (/usr/local/bin/qemu:21130): SpiceWorker-Debug **:
>> >>> >> >>> red_worker.c:10258:display_channel_release_item: not
>> >>> >> >>> pushed
>> >>> >> >>> (101)
>> >>> >> >>> (/usr/local/bin/qemu:21130): SpiceWorker-Debug **:
>> >>> >> >>> red_worker.c:4593:red_update_area: surface 0: area ==>
>> >>> >> >>> (/usr/local/bin/qemu:21130): SpiceWorker-Debug **:
>> >>> >> >>> ../spice-common/common/rect.h:91:rect_debug: (165, 455)
>> >>> >> >>> (359,
>> >>> >> >>> 613)
>> >>> >> >>> (/usr/local/bin/qemu:21130): SpiceWorker-Debug **:
>> >>> >> >>> red_worker.c:4593:red_update_area: surface 8: area ==>
>> >>> >> >>> (/usr/local/bin/qemu:21130): SpiceWorker-Debug **:
>> >>> >> >>> ../spice-common/common/rect.h:91:rect_debug: (5, 0) (199,
>> >>> >> >>> 158)
>> >>> >> >>> (/usr/local/bin/qemu:21130): SpiceWorker-Debug **:
>> >>> >> >>> red_worker.c:2030:red_clear_surface_drawables_from_pipe:
>> >>> >> >>> surface
>> >>> >> >>> 8
>> >>> >> >>> dependent item found 0x7f67c11bd540, 0x7f67285e68c0
>> >>> >> >>> (/usr/local/bin/qemu:21130): SpiceWorker-Debug **:
>> >>> >> >>> red_worker.c:10258:display_channel_release_item: not
>> >>> >> >>> pushed
>> >>> >> >>> (101)
>> >>> >> >>> (/usr/local/bin/qemu:21130): SpiceWorker-Debug **:
>> >>> >> >>> red_worker.c:10258:display_channel_release_item: not
>> >>> >> >>> pushed
>> >>> >> >>> (101)
>> >>> >> >>> (/usr/local/bin/qemu:21130): SpiceWorker-Debug **:
>> >>> >> >>> red_worker.c:4593:red_update_area: surface 0: area ==>
>> >>> >> >>> (/usr/local/bin/qemu:21130): SpiceWorker-Debug **:
>> >>> >> >>> ../spice-common/common/rect.h:91:rect_debug: (168, 437)
>> >>> >> >>> (339,
>> >>> >> >>> 452)
>> >>> >> >>> (/usr/local/bin/qemu:21130): SpiceWorker-Debug **:
>> >>> >> >>> red_worker.c:4593:red_update_area: surface 10: area ==>
>> >>> >> >>> (/usr/local/bin/qemu:21130): SpiceWorker-Debug **:
>> >>> >> >>> ../spice-common/common/rect.h:91:rect_debug: (3, 3) (174,
>> >>> >> >>> 18)
>> >>> >> >>> (/usr/local/bin/qemu:21130): SpiceWorker-Debug **:
>> >>> >> >>> red_worker.c:2030:red_clear_surface_drawables_from_pipe:
>> >>> >> >>> surface
>> >>> >> >>> 10
>> >>> >> >>> dependent item found 0x7f67c1181838, 0x7f67281b6310
>> >>> >> >>> (/usr/local/bin/qemu:21130): SpiceWorker-Debug **:
>> >>> >> >>> red_worker.c:10258:display_channel_release_item: not
>> >>> >> >>> pushed
>> >>> >> >>> (101)
>> >>> >> >>> (/usr/local/bin/qemu:21130): SpiceWorker-Debug **:
>> >>> >> >>> red_worker.c:2633:red_display_detach_stream_gracefully:
>> >>> >> >>> stream
>> >>> >> >>> 49:
>> >>> >> >>> upgrade by screenshot. has current 0. box ==>
>> >>> >> >>> (/usr/local/bin/qemu:21130): SpiceWorker-Debug **:
>> >>> >> >>> ../spice-common/common/rect.h:91:rect_debug: (257, 265)
>> >>> >> >>> (409,
>> >>> >> >>> 377)
>> >>> >> >>> (/usr/local/bin/qemu:21130): SpiceWorker-Debug **:
>> >>> >> >>> red_worker.c:4593:red_update_area: surface 0: area ==>
>> >>> >> >>> (/usr/local/bin/qemu:21130): SpiceWorker-Debug **:
>> >>> >> >>> ../spice-common/common/rect.h:91:rect_debug: (257, 265)
>> >>> >> >>> (409,
>> >>> >> >>> 377)
>> >>> >> >>> (/usr/local/bin/qemu:21130): SpiceWorker-Debug **:
>> >>> >> >>> red_worker.c:2674:red_detach_streams_behind: stream 49
>> >>> >> >>> Segmentation fault
>> >>> >> >>>
>> >>> >> >>
>> >>> >> >> Hi Nicolas,
>> >>> >> >>
>> >>> >> >> Thanks for the report (s), can you please provide a
>> >>> >> >> stacktrace
>> >>> >> >> of
>> >>> >> >> qemu when it segfaults?
>> >>> >> >> Simplest way differs depending on how you run it:
>> >>> >> >> 1) standalone - you launch qemu directly. Then run it
>> >>> >> >> under
>> >>> >> >> gdb:
>> >>> >> >> gdb --args qemu...
>> >>> >> >> r
>> >>> >> >> <do what leads to segfault>
>> >>> >> >> thread apply all bt
>> >>> >> >> 2) you launch qemu via libvirt / any other means.
>> >>> >> >> launch qemu normally
>> >>> >> >> if this is the only copy of qemu that is running, you
>> >>> >> >> can
>> >>> >> >> launch:
>> >>> >> >> gdb -p `pgrep qemu`
>> >>> >> >> if you have more then one, you'll need to identify the
>> >>> >> >> pid
>> >>> >> >> yourself.
>> >>> >> >> <do what leads to segfault>
>> >>> >> >> thread apply all bt
>> >>> >> >>
>> >>> >> >> Alon
>> >>> >> >>
>> >>> >> >>>
>> >>> >> >>>
>> >>> >> >>> Regards,
>> >>> >> >>> Nicolas
>> >>> >> >>> _______________________________________________
>> >>> >> >>> Spice-devel mailing list
>> >>> >> >>> Spice-devel at lists.freedesktop.org
>> >>> >> >>> http://lists.freedesktop.org/mailman/listinfo/spice-devel
>> >>> >> >>>
>> >>> >>
>> >>>
>>
More information about the Spice-devel
mailing list