Description of problem: Version-Release number of selected component (if applicable): python-2.5.2-1.fc10.x86_64 gtk-vnc-0.3.7-3.fc10.x86_64 virt-manager-0.6.0-3.fc10.x86_64 How reproducible: Always Steps to Reproduce: 1. Open virt-manager 2. Open the console viewer for a running guest 3. Enable the "scale display" option on 'view' menu 4. Close the console viewer 5. Reopen the console viewer for the same guest 6. See virt-manager disappear due to segfault Additional info: Backtrace from core file generated by the crash below. 'image' seems to be null at build_gl_image_from_gdk(). (gdb) x /20i $rip 0x380b213a5c <build_gl_image_from_gdk>: mov 0x30(%rbx),%r8d 0x380b213a60 <scale_display+717>: mov 0x78(%r12),%rdx 0x380b213a65 <build_gl_image_from_gdk+9>: mov 0x20(%rbx),%rdi 0x380b213a69 <build_gl_image_from_gdk+13>: mov 0x40(%rbx),%rax 0x380b213a6d <build_gl_image_from_gdk+17>: test %r8d,%r8d 0x380b213a70 <build_gl_image_from_gdk+20>: jle 0x380b213b92 <scale_display+1023> 0x380b213a76 <build_gl_image_from_gdk+26>: mov %rax,%r8 0x380b213a79 <build_gl_image_from_gdk+29>: mov %rax,0x30(%rsp) 0x380b213a7e <build_gl_image_from_gdk+34>: movzwl 0x38(%rbx),%eax 0x380b213a82 <scale_display+751>: mov %rdx,%r10 0x380b213a85 <build_gl_image_from_gdk+41>: movl $0x0,0x24(%rsp) 0x380b213a8d <build_gl_image_from_gdk+49>: mov $0x10,%r14d 0x380b213a93 <build_gl_image_from_gdk+55>: mov $0x18,%r15d 0x380b213a99 <build_gl_image_from_gdk+61>: mov $0x8,%r13d 0x380b213a9f <build_gl_image_from_gdk+67>: mov %rax,0x8(%rsp) 0x380b213aa4 <build_gl_image_from_gdk+72>: nopl 0x0(%rax) 0x380b213aa8 <build_gl_image_from_gdk+76>: mov 0x2c(%rbx),%esi 0x380b213aab <build_gl_image_from_gdk+79>: test %esi,%esi 0x380b213aad <build_gl_image_from_gdk+81>: jle 0x380b213b70 <build_gl_image_from_gdk+276> 0x380b213ab3 <build_gl_image_from_gdk+87>: movzwl 0x36(%rbx),%r11d (gdb) info registers rbx rbx 0x0 0 (gdb) bt full #0 build_gl_image_from_gdk (data=<value optimized out>) at vncdisplay.c:1108 visual = <value optimized out> i = <value optimized out> j = <value optimized out> #1 scale_display () at vncdisplay.c:1185 image = <value optimized out> priv = <value optimized out> #2 rescale_display (obj=<value optimized out>, width=<value optimized out>, height=<value optimized out>) at vncdisplay.c:1214 priv = <value optimized out> #3 0x000000380b21455b in configure_event (widget=<value optimized out>, configure=<value optimized out>) at vncdisplay.c:1241 No locals. #4 0x0000003809129528 in ?? () from /usr/lib64/libgtk-x11-2.0.so.0 No symbol table info available. #5 0x0000003803c0b7bd in g_closure_invoke () from /lib64/libgobject-2.0.so.0 No symbol table info available. #6 0x0000003803c2118b in ?? () from /lib64/libgobject-2.0.so.0 No symbol table info available. #7 0x0000003803c229da in g_signal_emit_valist () from /lib64/libgobject-2.0.so.0 No symbol table info available. #8 0x0000003803c23083 in g_signal_emit () from /lib64/libgobject-2.0.so.0 No symbol table info available. #9 0x000000380922c26e in ?? () from /usr/lib64/libgtk-x11-2.0.so.0 No symbol table info available. #10 0x00000038090b2994 in ?? () from /usr/lib64/libgtk-x11-2.0.so.0 No symbol table info available. #11 0x0000003803c0b70f in g_closure_invoke () from /lib64/libgobject-2.0.so.0 No symbol table info available. #12 0x0000003803c20dc8 in ?? () from /lib64/libgobject-2.0.so.0 No symbol table info available. #13 0x0000003803c22b58 in g_signal_emit_valist () from /lib64/libgobject-2.0.so.0 No symbol table info available. #14 0x0000003803c23083 in g_signal_emit () from /lib64/libgobject-2.0.so.0 No symbol table info available. ---Type <return> to continue, or q <return> to quit--- #15 0x0000003809232aea in gtk_widget_size_allocate () from /usr/lib64/libgtk-x11-2.0.so.0 No symbol table info available. #16 0x0000003809229e48 in ?? () from /usr/lib64/libgtk-x11-2.0.so.0 No symbol table info available. #17 0x0000003803c0b70f in g_closure_invoke () from /lib64/libgobject-2.0.so.0 No symbol table info available. #18 0x0000003803c20dc8 in ?? () from /lib64/libgobject-2.0.so.0 No symbol table info available. #19 0x0000003803c22b58 in g_signal_emit_valist () from /lib64/libgobject-2.0.so.0 No symbol table info available. #20 0x0000003803c23083 in g_signal_emit () from /lib64/libgobject-2.0.so.0 No symbol table info available. #21 0x0000003809232aea in gtk_widget_size_allocate () from /usr/lib64/libgtk-x11-2.0.so.0 No symbol table info available. #22 0x000000380917f88d in ?? () from /usr/lib64/libgtk-x11-2.0.so.0 No symbol table info available. #23 0x0000003803c0b70f in g_closure_invoke () from /lib64/libgobject-2.0.so.0 No symbol table info available. #24 0x0000003803c20dc8 in ?? () from /lib64/libgobject-2.0.so.0 No symbol table info available. #25 0x0000003803c22b58 in g_signal_emit_valist () from /lib64/libgobject-2.0.so.0 No symbol table info available. #26 0x0000003803c23083 in g_signal_emit () from /lib64/libgobject-2.0.so.0 No symbol table info available. #27 0x0000003809232aea in gtk_widget_size_allocate () from /usr/lib64/libgtk-x11-2.0.so.0 No symbol table info available. #28 0x0000003809148c18 in ?? () from /usr/lib64/libgtk-x11-2.0.so.0 No symbol table info available. #29 0x0000003803c0b70f in g_closure_invoke () from /lib64/libgobject-2.0.so.0 No symbol table info available. #30 0x0000003803c20dc8 in ?? () from /lib64/libgobject-2.0.so.0 No symbol table info available. #31 0x0000003803c22b58 in g_signal_emit_valist () from /lib64/libgobject-2.0.so.0 No symbol table info available. #32 0x0000003803c23083 in g_signal_emit () from /lib64/libgobject-2.0.so.0 ---Type <return> to continue, or q <return> to quit--- No symbol table info available. #33 0x0000003809232aea in gtk_widget_size_allocate () from /usr/lib64/libgtk-x11-2.0.so.0 No symbol table info available. #34 0x0000003809148c18 in ?? () from /usr/lib64/libgtk-x11-2.0.so.0 No symbol table info available. #35 0x0000003803c0b70f in g_closure_invoke () from /lib64/libgobject-2.0.so.0 No symbol table info available. #36 0x0000003803c20dc8 in ?? () from /lib64/libgobject-2.0.so.0 No symbol table info available. #37 0x0000003803c22b58 in g_signal_emit_valist () from /lib64/libgobject-2.0.so.0 No symbol table info available. #38 0x0000003803c23083 in g_signal_emit () from /lib64/libgobject-2.0.so.0 No symbol table info available. #39 0x0000003809232aea in gtk_widget_size_allocate () from /usr/lib64/libgtk-x11-2.0.so.0 No symbol table info available. #40 0x0000003809228650 in ?? () from /usr/lib64/libgtk-x11-2.0.so.0 No symbol table info available. #41 0x0000003803c0b70f in g_closure_invoke () from /lib64/libgobject-2.0.so.0 No symbol table info available. #42 0x0000003803c20dc8 in ?? () from /lib64/libgobject-2.0.so.0 No symbol table info available. #43 0x0000003803c22b58 in g_signal_emit_valist () from /lib64/libgobject-2.0.so.0 No symbol table info available. #44 0x0000003803c23083 in g_signal_emit () from /lib64/libgobject-2.0.so.0 No symbol table info available. #45 0x0000003809232aea in gtk_widget_size_allocate () from /usr/lib64/libgtk-x11-2.0.so.0 No symbol table info available. #46 0x00000038092432d6 in ?? () from /usr/lib64/libgtk-x11-2.0.so.0 No symbol table info available. #47 0x0000003803c0b7bd in g_closure_invoke () from /lib64/libgobject-2.0.so.0 No symbol table info available. #48 0x0000003803c20dc8 in ?? () from /lib64/libgobject-2.0.so.0 No symbol table info available. #49 0x0000003803c22b58 in g_signal_emit_valist () from /lib64/libgobject-2.0.so.0 No symbol table info available. ---Type <return> to continue, or q <return> to quit--- #50 0x0000003803c23083 in g_signal_emit () from /lib64/libgobject-2.0.so.0 No symbol table info available. #51 0x0000003809232aea in gtk_widget_size_allocate () from /usr/lib64/libgtk-x11-2.0.so.0 No symbol table info available. #52 0x0000003809244855 in ?? () from /usr/lib64/libgtk-x11-2.0.so.0 No symbol table info available. #53 0x0000003803c0b7bd in g_closure_invoke () from /lib64/libgobject-2.0.so.0 No symbol table info available. #54 0x0000003803c20dc8 in ?? () from /lib64/libgobject-2.0.so.0 No symbol table info available. #55 0x0000003803c22b58 in g_signal_emit_valist () from /lib64/libgobject-2.0.so.0 No symbol table info available. #56 0x0000003803c23083 in g_signal_emit () from /lib64/libgobject-2.0.so.0 No symbol table info available. #57 0x000000380923564c in gtk_widget_show () from /usr/lib64/libgtk-x11-2.0.so.0 No symbol table info available. #58 0x00007fd962577d2d in _wrap_gtk_widget_show_all (self=0x18385f0) at gtk.c:7405 No locals. #59 0x00000037fb0bef6b in call_function () at Python/ceval.c:3557 No locals. #60 PyEval_EvalFrameEx (f=<value optimized out>, throwflag=<value optimized out>) at Python/ceval.c:2272 sp = <value optimized out> stack_pointer = <value optimized out> next_instr = <value optimized out> opcode = <value optimized out> oparg = <value optimized out> why = <value optimized out> err = <value optimized out> x = <value optimized out> v = <value optimized out> w = <value optimized out> u = <value optimized out> t = <value optimized out> stream = <value optimized out> freevars = <value optimized out> ---Type <return> to continue, or q <return> to quit--- retval = <value optimized out> tstate = <value optimized out> co = <value optimized out> instr_ub = <value optimized out> instr_lb = <value optimized out> instr_prev = <value optimized out> first_instr = <value optimized out> names = <value optimized out> consts = <value optimized out> __PRETTY_FUNCTION__ = "PyEval_EvalFrameEx" #61 0x00000037fb0bfe6d in fast_function () at Python/ceval.c:3659 No locals. #62 call_function () at Python/ceval.c:3594 func = <value optimized out> w = <value optimized out> nk = <value optimized out> n = <value optimized out> pfunc = <value optimized out> #63 PyEval_EvalFrameEx (f=<value optimized out>, throwflag=<value optimized out>) at Python/ceval.c:2272 sp = <value optimized out> stack_pointer = <value optimized out> next_instr = <value optimized out> opcode = <value optimized out> oparg = <value optimized out> why = <value optimized out> err = <value optimized out> x = <value optimized out> v = <value optimized out> w = <value optimized out> u = <value optimized out> t = <value optimized out> stream = <value optimized out> freevars = <value optimized out> retval = <value optimized out> tstate = <value optimized out> ---Type <return> to continue, or q <return> to quit---q
This bug appears to have been reported against 'rawhide' during the Fedora 10 development cycle. Changing version to '10'. More information and reason for this action is here: http://fedoraproject.org/wiki/BugZappers/HouseKeeping
Hmm, I think I was able to reproduce this once, but then not again. Eduardo, are you still seeing this? If so, how reproducable is it? Reassigning to gtk-vnc, since it's more likely a bug there than virt-manager, and Dan will probably have better luck with this anyways.
I was not able to reproduce it using the same steps I was using, but I've found a way to trigger a similar crash (at build_gl_image_from_gdk()) easily, by doing this: - Open the console viewer for a shutoff VM - Run it - Force-shutdown the VM. You can do that even before the bootloader appears - Try to resize the console viewer window - virt-manager segfaults Partial backtrace: #0 build_gl_image_from_gdk (data=<value optimized out>) at vncdisplay.c:1108 visual = <value optimized out> i = <value optimized out> j = <value optimized out> #1 scale_display () at vncdisplay.c:1185 image = (GdkImage *) 0x0 priv = (VncDisplayPrivate *) 0x1cf1090 #2 rescale_display (obj=0x1cf1020, width=720, height=405) at vncdisplay.c:1214 priv = (VncDisplayPrivate *) 0x1cf1090 #3 0x00007fd83ce4655b in configure_event (widget=0x1cf1020, configure=<value optimized out>) at vncdisplay.c:1241 No locals. #4 0x00007fd844275488 in ?? () from /usr/lib64/libgtk-x11-2.0.so.0 No symbol table info available. Package versions I'm using: python-2.6-1.fc11.x86_64 gtk-vnc-0.3.7-4.fc11.x86_64 virt-manager-0.6.0-6.fc11.x86_64
I intend to update F10 very soon with new GTK-VNC that throws out all the OpenGL / gtkglext junk, and uses Cairo for scaling. Please try this RPM http://kojipkgs.fedoraproject.org/packages/gtk-vnc/0.3.8/1.fc11/ and let me know if it addresses this bug scenario you see
Ok, this seemed to help in my own testing of the issue, so built for both F10 and F9 into gtk-vnc-0.3.8-1.fc10/fc9
gtk-vnc-0.3.8-1.fc10 has been submitted as an update for Fedora 10. http://admin.fedoraproject.org/updates/gtk-vnc-0.3.8-1.fc10
gtk-vnc-0.3.8-1.fc10 has been pushed to the Fedora 10 testing repository. If problems still persist, please make note of it in this bug report. If you want to test the update, you can install it with su -c 'yum --enablerepo=updates-testing update gtk-vnc'. You can provide feedback for this update here: http://admin.fedoraproject.org/updates/F10/FEDORA-2008-11128
*** Bug 475953 has been marked as a duplicate of this bug. ***
gtk-vnc-0.3.8-1.fc10 has been pushed to the Fedora 10 stable repository. If problems still persist, please make note of it in this bug report.