Description of problem:
Tried to run CSB but qemu-kvm crashed..
Version-Release number of selected component (if applicable):
qemu-system-x86-1.2.2-11.fc18.x86_64
How reproducible:
Always.
Steps to Reproduce:
/usr/bin/qemu-kvm -hda vm/rhel61-csb.qcow2 -snapshot -m 2048 -vga qxl
Click some CSB Python error, guest probably tries to set new resolution.
Actual results:
crash
Expected results:
no crash
Additional info:
#0 __memcmp_sse4_1 () at ../sysdeps/x86_64/multiarch/memcmp-sse4.S:73
#1 in qemu_spice_create_update (ssd=0x7fe4778dc410) at ui/spice-display.c:275
#2 qemu_spice_display_refresh (ssd=0x7fe4778dc410) at ui/spice-display.c:462
#3 in dpy_refresh (s=0x7fe4778b7de0) at /usr/src/debug/qemu-kvm-1.2.0/console.h:245
#4 gui_update (opaque=0x7fe4778b7de0) at /usr/src/debug/qemu-kvm-1.2.0/vl.c:1281
#5 in qemu_run_timers (clock=0x7fe4775c5d10) at qemu-timer.c:393
#6 qemu_run_timers (clock=0x7fe4775c5d10) at qemu-timer.c:373
#7 in qemu_run_all_timers () at qemu-timer.c:450
#8 in main_loop_wait (nonblocking=<optimized out>) at main-loop.c:502
#9 in main_loop () at /usr/src/debug/qemu-kvm-1.2.0/vl.c:1643
#10 main (argc=<optimized out>, argv=<optimized out>, envp=<optimized out>) at /usr/src/debug/qemu-kvm-1.2.0/vl.c:3792
#0 __memcmp_sse4_1 () at ../sysdeps/x86_64/multiarch/memcmp-sse4.S:73
73 movdqu (%rsi), %xmm1
(gdb) p/x $rsi
$6 = 0x7fe3d2d7f010
(gdb) up
#1 0x00007fe474e1e1f4 in qemu_spice_create_update (ssd=0x7fe4778dc410) at ui/spice-display.c:275
275 if (memcmp(guest + yoff + xoff,
(gdb) l
270 yoff = y * ds_get_linesize(ssd->ds);
271 for (x = ssd->dirty.left; x < ssd->dirty.right; x += blksize) {
272 xoff = x * bpp;
273 blk = x / blksize;
274 bw = MIN(blksize, ssd->dirty.right - x);
275 if (memcmp(guest + yoff + xoff,
276 mirror + yoff + xoff,
277 bw * bpp) == 0) {
278 if (dirty_top[blk] != -1) {
279 QXLRect update = {
(gdb) p (((SimpleSpiceDisplay *)0x00007fe4778dc410)->ds)->surface->linesize
$3 = 4096
(gdb) p y
$4 = 282
(gdb) p y*4096
$5 = 1155072
(gdb) p mirror
$8 = (uint8_t *) 0x7fe3d2c65010 ""
(gdb) p 0x7fe3d2d7f010-0x7fe3d2c65010
$9 = 1155072
(gdb) p xoff
$10 = 0
(gdb) p bw
$11 = 32
(gdb) p bpp
$12 = 4
(gdb) x/bx 0x7fe3d2d7f010
0x7fe3d2d7f010: Cannot access memory at address 0x7fe3d2d7f010
So at 'mirror + yoff' there is no mapped memory.
I have a saved core file if you want one.
F18 is end-of-life soon, so this is unlikely to be fixed there. Closing as WONTFIX, but Jan please reopen if you can reproduce on F19+
And if so, please provide private instructions on where to get CSB media and I'll try and reproduce.