QEMU

Bug #1785197
Comment #1

Comment 1 for bug 1785197

Revision history for this message

changlimin (changlimin) wrote on 2018-08-04:

I have tried many times to reproduce the issue.

1. Add a breakpoint
(gdb) b memory_region_snapshot_and_clear_dirty if size==0
Breakpoint 1 at 0x55ef37b7d450: file /qemu-2.12/memory.c, line 1986.

2. Occasionally the breakpoint hited, size is 0
(gdb) c
Continuing.
Thread 1 "kvm" hit Breakpoint 1, memory_region_snapshot_and_clear_dirty (mr=mr@entry=0x55ef3aff1b40, addr=addr@entry=0, size=size@entry=0, client=client@entry=0)
at /qemu-2.12/memory.c:1986
(gdb) bt
#0 memory_region_snapshot_and_clear_dirty (mr=mr@entry=0x55ef3aff1b40, addr=addr@entry=0, size=size@entry=0, client=client@entry=0)
at /qemu-2.12/memory.c:1986
#1 0x000055ef37ba6d0f in vga_draw_graphic (full_update=0, s=0x55ef3aff1b30) at /qemu-2.12/hw/display/vga.c:1642
#2 vga_update_display (opaque=0x55ef3aff1b30) at /qemu-2.12/hw/display/vga.c:1767
#3 0x000055ef37e2ba8f in qemu_spice_display_refresh (ssd=0x55ef3aff1760) at /qemu-2.12/ui/spice-display.c:478
#4 0x000055ef37e20d72 in dpy_refresh (s=0x55ef3b1290b0) at /qemu-2.12/ui/console.c:1629
#5 gui_update (opaque=0x55ef3b1290b0) at /qemu-2.12/ui/console.c:203
#6 0x000055ef37f2533c in timerlist_run_timers (timer_list=0x55ef396fbc60) at /qemu-2.12/util/qemu-timer.c:536
#7 0x000055ef37f255a3 in qemu_clock_run_timers (type=QEMU_CLOCK_REALTIME) at /qemu-2.12/util/qemu-timer.c:547
#8 qemu_clock_run_all_timers () at /qemu-2.12/util/qemu-timer.c:674
#9 0x000055ef37f25aa4 in main_loop_wait (nonblocking=<optimized out>) at /qemu-2.12/util/main-loop.c:528
#10 0x000055ef37b14f8a in main_loop () at /qemu-2.12/vl.c:1973
#11 main (argc=<optimized out>, argv=<optimized out>, envp=<optimized out>) at /qemu-2.12/vl.c:4804

3. Why the size is 0 ? Why region_start is identical to region_end ?
    region_end = region_start + (ram_addr_t)s->line_offset * height;
    region_end += width * s->get_bpp(s) / 8; /* scanline length */
    region_end -= s->line_offset;

(gdb) p s->line_offset
$4 = 0
(gdb) p width
$5 = 1024
(gdb) p/x s->vbe_regs
$10 = {0xb0c0, 0x400, 0x300, 0x20, 0x0, 0x0, 0x400, 0x1000, 0x0, 0x0}

Because s->vbe_regs[VBE_DISPI_INDEX_ENABLE] is 0, vbe_enabled is false, so vga_get_bpp return 0, and region_end += 0

4. Why s->vbe_regs[VBE_DISPI_INDEX_ENABLE] is 0 ?

I have tried many times to reproduce the issue.

1. Add a breakpoint
(gdb) b memory_region_snapshot_and_clear_dirty if size==0
Breakpoint 1 at 0x55ef37b7d450: file /qemu-2.12/memory.c, line 1986.

2. Occasionally the breakpoint hited, size is 0
(gdb) c
Continuing.
Thread 1 "kvm" hit Breakpoint 1, memory_region_snapshot_and_clear_dirty (mr=mr@entry=0x55ef3aff1b40, addr=addr@entry=0, size=size@entry=0, client=client@entry=0)
    at /qemu-2.12/memory.c:1986
(gdb) bt
#0  memory_region_snapshot_and_clear_dirty (mr=mr@entry=0x55ef3aff1b40, addr=addr@entry=0, size=size@entry=0, client=client@entry=0)
    at /qemu-2.12/memory.c:1986
#1  0x000055ef37ba6d0f in vga_draw_graphic (full_update=0, s=0x55ef3aff1b30) at /qemu-2.12/hw/display/vga.c:1642
#2  vga_update_display (opaque=0x55ef3aff1b30) at /qemu-2.12/hw/display/vga.c:1767
#3  0x000055ef37e2ba8f in qemu_spice_display_refresh (ssd=0x55ef3aff1760) at /qemu-2.12/ui/spice-display.c:478
#4  0x000055ef37e20d72 in dpy_refresh (s=0x55ef3b1290b0) at /qemu-2.12/ui/console.c:1629
#5  gui_update (opaque=0x55ef3b1290b0) at /qemu-2.12/ui/console.c:203
#6  0x000055ef37f2533c in timerlist_run_timers (timer_list=0x55ef396fbc60) at /qemu-2.12/util/qemu-timer.c:536
#7  0x000055ef37f255a3 in qemu_clock_run_timers (type=QEMU_CLOCK_REALTIME) at /qemu-2.12/util/qemu-timer.c:547
#8  qemu_clock_run_all_timers () at /qemu-2.12/util/qemu-timer.c:674
#9  0x000055ef37f25aa4 in main_loop_wait (nonblocking=<optimized out>) at /qemu-2.12/util/main-loop.c:528
#10 0x000055ef37b14f8a in main_loop () at /qemu-2.12/vl.c:1973
#11 main (argc=<optimized out>, argv=<optimized out>, envp=<optimized out>) at /qemu-2.12/vl.c:4804

(gdb) p s->line_offset
$4 = 0
(gdb) p width
$5 = 1024
(gdb) p/x s->vbe_regs
$10 = {0xb0c0, 0x400, 0x300, 0x20, 0x0, 0x0, 0x400, 0x1000, 0x0, 0x0}

Because s->vbe_regs[VBE_DISPI_INDEX_ENABLE] is 0, vbe_enabled is false, so vga_get_bpp return 0, and region_end += 0

4. Why s->vbe_regs[VBE_DISPI_INDEX_ENABLE] is 0 ?