[Spice-devel] [Xen-devel] [Qemu-devel] Qemu 2.0 regression with xen: qemu crash on any domUs S.O. start
Fabio Fantoni
fabio.fantoni at m2r.biz
Mon Apr 7 06:19:28 PDT 2014
Il 07/04/2014 12:20, Christophe Fergeau ha scritto:
> On Mon, Apr 07, 2014 at 11:59:06AM +0200, Fabio Fantoni wrote:
>> Today I did some tests also with hvm and spice and I found another
>> segfault with different backtrace to solve:
>>> (gdb) c
>>> Continuing.
>>>
>>> *Program received signal SIGSEGV, Segmentation fault.**
>>> **0x0000555555855d30 in interface_client_monitors_config
>>> (sin=0x5555563b0260, **
>>> ** mc=0x0) at ui/spice-display.c:557**
>>> **557 if (mc->num_of_monitors > 0) {*
>>> (gdb) bt full
>>> #0 0x0000555555855d30 in interface_client_monitors_config (
>>> sin=0x5555563b0260, mc=0x0) at ui/spice-display.c:557
>>> ssd = 0x5555563b0210
>>> info = {xoff = 0, yoff = 0, width = 0, height = 0}
>>> rc = 32767
>>> __func__ = "interface_client_monitors_config"
>>> #1 0x00007ffff4af5113 in ?? ()
>>> from /usr/lib/x86_64-linux-gnu/libspice-server.so.1
>>> No symbol table info available.
> A backtrace with spice-server debugging symbols installed would be helpful.
>
> Christophe
Sorry, the -dbg for spice-server on official debian packages is missing,
now I created and installed also the -dbg package and this is the new
backtrace:
> (gdb) c
> Continuing.
>
> Program received signal SIGSEGV, Segmentation fault.
> 0x0000555555855d30 in interface_client_monitors_config
> (sin=0x5555563b0260,
> mc=0x0) at ui/spice-display.c:557
> 557 if (mc->num_of_monitors > 0) {
> (gdb) bt full
> #0 0x0000555555855d30 in interface_client_monitors_config (
> sin=0x5555563b0260, mc=0x0) at ui/spice-display.c:557
> ssd = 0x5555563b0210
> info = {xoff = 0, yoff = 0, width = 0, height = 0}
> rc = 32767
> __func__ = "interface_client_monitors_config"
> #1 0x00007ffff4af5113 in red_dispatcher_use_client_monitors_config ()
> at red_dispatcher.c:318
> now = 0x5555563b0300
> #2 0x00007ffff4ad87f5 in agent_msg_filter_process_data (
> filter=filter at entry=0x5555562eb0c4,
> data=data at entry=0x7fffe0280128 "\001", len=328, len at entry=348)
> at agent-msg-filter.c:95
> msg_header = {protocol = <optimized out>, type = <optimized out>,
> opaque = <optimized out>, size = 328,
> data = 0x831fd4 <Address 0x831fd4 out of bounds>}
> __FUNCTION__ = "agent_msg_filter_process_data"
> #3 0x00007ffff4b1af76 in reds_on_main_agent_data (mcc=0x555556326e70,
> message=0x7fffe0280128, size=348) at reds.c:1117
> dev_state = 0x5555562eb0a8
> header = <optimized out>
> res = <optimized out>
> __FUNCTION__ = "reds_on_main_agent_data"
> #4 0x00007ffff4ae989a in main_channel_handle_parsed (rcc=0x555556326e70,
> size=<optimized out>, type=<optimized out>, message=0x7fffe0280128)
> ---Type <return> to continue, or q <return> to quit---
> at main_channel.c:911
> main_chan = 0x5555562ef2b0
> mcc = 0x555556326e70
> __FUNCTION__ = "main_channel_handle_parsed"
> #5 0x00007ffff4aee470 in red_peer_handle_incoming
> (handler=0x55555632af80,
> stream=0x5555565adba0) at red_channel.c:287
> ret_handle = <optimized out>
> bytes_read = <optimized out>
> msg_type = 107
> parsed = <optimized out>
> parsed_free = 0x7ffff4ba8620 <nofree>
> msg_size = 348
> #6 red_channel_client_receive (rcc=rcc at entry=0x555556326e70)
> at red_channel.c:309
> No locals.
> #7 0x00007ffff4af0d8c in red_channel_client_event (fd=<optimized out>,
> event=<optimized out>, data=0x555556326e70) at red_channel.c:1435
> rcc = 0x555556326e70
> #8 0x0000555555851f82 in watch_read (opaque=0x55555666e0a0)
> at ui/spice-core.c:101
> watch = 0x55555666e0a0
> #9 0x00005555557ce1f8 in qemu_iohandler_poll (pollfds=0x5555562e8e00,
> ret=1)
> at iohandler.c:143
> revents = 1
> pioh = 0x55555634e080
> ---Type <return> to continue, or q <return> to quit---
> ioh = 0x55555632fa30
> #10 0x00005555557cf2a4 in main_loop_wait (nonblocking=0) at
> main-loop.c:485
> ret = 1
> timeout = 4294967295
> timeout_ns = 4237075
> #11 0x000055555587acd8 in main_loop () at vl.c:2051
> nonblocking = false
> last_io = 1
> #12 0x00005555558826b2 in main (argc=36, argv=0x7fffffffe358,
> envp=0x7fffffffe480) at vl.c:4507
> i = 64
> snapshot = 0
> linux_boot = 0
> icount_option = 0x0
> initrd_filename = 0x0
> kernel_filename = 0x0
> kernel_cmdline = 0x555555a1b5c4 ""
> boot_order = 0x5555562e7ee0 "dc"
> ds = 0x5555563d8fd0
> cyls = 0
> heads = 0
> secs = 0
> translation = 0
> hda_opts = 0x0
> opts = 0x5555562e7e30
> ---Type <return> to continue, or q <return> to quit---
> machine_opts = 0x5555562e84b0
> olist = 0x555555e00e00
> optind = 36
> optarg = 0x7fffffffe915
> "if=ide,index=1,media=cdrom,cache=writeback,id=ide-832"
> loadvm = 0x0
> machine_class = 0x5555562e02a0
> machine = 0x555555e067e0
> cpu_model = 0x0
> vga_model = 0x0
> qtest_chrdev = 0x0
> qtest_log = 0x0
> pid_file = 0x0
> incoming = 0x0
> show_vnc_port = 0
> defconfig = true
> userconfig = true
> log_mask = 0x0
> log_file = 0x0
> mem_trace = {malloc = 0x55555587e56a <malloc_and_trace>,
> realloc = 0x55555587e5c2 <realloc_and_trace>,
> free = 0x55555587e629 <free_and_trace>, calloc = 0,
> try_malloc = 0,
> try_realloc = 0}
> trace_events = 0x0
> trace_file = 0x0
> ---Type <return> to continue, or q <return> to quit---
> __func__ = "main"
> args = {machine = 0x555555e067e0, ram_size = 2130706432,
> boot_order = 0x5555562e7ee0 "dc", kernel_filename = 0x0,
> kernel_cmdline = 0x555555a1b5c4 "", initrd_filename = 0x0,
> cpu_model = 0x0}
> (gdb)
If you need more informations/tests tell me and I'll post them.
Thanks for any reply.
More information about the Spice-devel
mailing list