summary refs log tree commit diff stats
path: root/gitlab/issues/target_missing/host_missing/accel_missing/2261.toml
diff options
context:
space:
mode:
Diffstat (limited to 'gitlab/issues/target_missing/host_missing/accel_missing/2261.toml')
-rw-r--r--gitlab/issues/target_missing/host_missing/accel_missing/2261.toml95
1 files changed, 0 insertions, 95 deletions
diff --git a/gitlab/issues/target_missing/host_missing/accel_missing/2261.toml b/gitlab/issues/target_missing/host_missing/accel_missing/2261.toml
deleted file mode 100644
index 9574a60b..00000000
--- a/gitlab/issues/target_missing/host_missing/accel_missing/2261.toml
+++ /dev/null
@@ -1,95 +0,0 @@
-id = 2261
-title = "qemu-system-x86_64 crashs in cursor_put functions"
-state = "opened"
-created_at = "2024-04-02T01:35:13.100Z"
-closed_at = "n/a"
-labels = ["device:graphics", "kind::Bug"]
-url = "https://gitlab.com/qemu-project/qemu/-/issues/2261"
-host-os = "ubuntu22.04"
-host-arch = "x86"
-qemu-version = "6.0.1"
-guest-os = "Windows 10 21H1"
-guest-arch = "x86"
-description = """This problem cannot be stably reproduced,but we try enable --enable-sanitizers and catch the following information,why qemu_spice_cursor_refresh_bh be called twice at the same time?
-
-==57296==ERROR: AddressSanitizer: heap-use-after-free on address 0x623000738110 at pc 0x55cec2ed06aa bp 0x7ffc54d1fea0 sp 0x7ffc54d1fe90
-READ of size 4 at 0x623000738110 thread T0
-    #0 0x55cec2ed06a9 in cursor_put ../qemu-6.0.1/ui/cursor.c:112
-    #1 0x55cec2f05d40 in vnc_dpy_cursor_define ../qemu-6.0.1/ui/vnc.c:1041
-    #2 0x55cec2ec6352 in dpy_cursor_define ../qemu-6.0.1/ui/console.c:1841
-    #3 0x55cec3ab176c in qemu_spice_cursor_refresh_bh ../qemu-6.0.1/ui/spice-display.c:469
-    #4 0x55cec4abc6eb in aio_bh_call ../qemu-6.0.1/util/async.c:136
-    #5 0x55cec4abce43 in aio_bh_poll ../qemu-6.0.1/util/async.c:164
-    #6 0x55cec4a5f457 in aio_dispatch ../qemu-6.0.1/util/aio-posix.c:381
-    #7 0x55cec4abe386 in aio_ctx_dispatch ../qemu-6.0.1/util/async.c:306
-    #8 0x7fa4fadcdd3a in g_main_context_dispatch (/lib/x86_64-linux-gnu/libglib-2.0.so.0+0x55d3a)
-    #9 0x55cec4b0b5d6 in glib_pollfds_poll ../qemu-6.0.1/util/main-loop.c:231
-    #10 0x55cec4b0b7c0 in os_host_main_loop_wait ../qemu-6.0.1/util/main-loop.c:254
-    #11 0x55cec4b0bac5 in main_loop_wait ../qemu-6.0.1/util/main-loop.c:530
-    #12 0x55cec3f49e70 in qemu_main_loop ../qemu-6.0.1/softmmu/runstate.c:786
-    #13 0x55cec2e7f679 in main ../qemu-6.0.1/softmmu/main.c:50
-    #14 0x7fa4f96f4d8f in __libc_start_call_main ../sysdeps/nptl/libc_start_call_main.h:58
-    #15 0x7fa4f96f4e3f in __libc_start_main_impl ../csu/libc-start.c:392
-    #16 0x55cec2e7f584 in _start (/usr/bin/qemu-system-x86_64+0x298a584)
-
-0x623000738110 is located 16 bytes inside of 6416-byte region [0x623000738100,0x623000739a10)
-freed by thread T0 here:
-    #0 0x7fa4fb7d9537 in __interceptor_free ../../../../src/libsanitizer/asan/asan_malloc_linux.cpp:127
-    #1 0x55cec2ed0769 in cursor_put ../qemu-6.0.1/ui/cursor.c:115
-    #2 0x55cec3ab1818 in qemu_spice_cursor_refresh_bh ../qemu-6.0.1/ui/spice-display.c:471
-    #3 0x55cec4abc6eb in aio_bh_call ../qemu-6.0.1/util/async.c:136
-    #4 0x55cec4abce43 in aio_bh_poll ../qemu-6.0.1/util/async.c:164
-    #5 0x55cec4a5f457 in aio_dispatch ../qemu-6.0.1/util/aio-posix.c:381
-    #6 0x55cec4abe386 in aio_ctx_dispatch ../qemu-6.0.1/util/async.c:306
-    #7 0x7fa4fadcdd3a in g_main_context_dispatch (/lib/x86_64-linux-gnu/libglib-2.0.so.0+0x55d3a)
-
-previously allocated by thread T14 here:
-    #0 0x7fa4fb7d9a57 in __interceptor_calloc ../../../../src/libsanitizer/asan/asan_malloc_linux.cpp:154
-    #1 0x7fa4fadd6c50 in g_malloc0 (/lib/x86_64-linux-gnu/libglib-2.0.so.0+0x5ec50)
-    #2 0x55cec3b16918 in qxl_cursor ../qemu-6.0.1/hw/display/qxl-render.c:361
-    #3 0x55cec3b18698 in qxl_render_cursor ../qemu-6.0.1/hw/display/qxl-render.c:448
-    #4 0x55cec3af53a5 in interface_get_cursor_command ../qemu-6.0.1/hw/display/qxl.c:856
-    #5 0x7fa4fb39ca1f in red_process_cursor ../../server/red-worker.c:152
-    #6 0x7fa4fb39ca1f in red_process_cursor ../../server/red-worker.c:140
-
-Thread T14 created by T0 here:
-    #0 0x7fa4fb77d685 in __interceptor_pthread_create ../../../../src/libsanitizer/asan/asan_interceptors.cpp:216
-    #1 0x7fa4fb39ece5 in red_worker_run ../../server/red-worker.c:1588
-    #2 0x62100002d94f  (<unknown module>)
-
-SUMMARY: AddressSanitizer: heap-use-after-free ../qemu-6.0.1/ui/cursor.c:112 in cursor_put
-Shadow bytes around the buggy address:
-  0x0c46800defd0: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
-  0x0c46800defe0: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
-  0x0c46800deff0: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
-  0x0c46800df000: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
-  0x0c46800df010: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
-=>0x0c46800df020: fd fd[fd]fd fd fd fd fd fd fd fd fd fd fd fd fd
-  0x0c46800df030: fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd
-  0x0c46800df040: fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd
-  0x0c46800df050: fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd
-  0x0c46800df060: fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd
-  0x0c46800df070: fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd
-Shadow byte legend (one shadow byte represents 8 application bytes):
-  Addressable:           00
-  Partially addressable: 01 02 03 04 05 06 07
-  Heap left redzone:       fa
-  Freed heap region:       fd
-  Stack left redzone:      f1
-  Stack mid redzone:       f2
-  Stack right redzone:     f3
-  Stack after return:      f5
-  Stack use after scope:   f8
-  Global redzone:          f9
-  Global init order:       f6
-  Poisoned by user:        f7
-  Container overflow:      fc
-  Array cookie:            ac
-  Intra object redzone:    bb
-  ASan internal:           fe
-  Left alloca redzone:     ca
-  Right alloca redzone:    cb
-  Shadow gap:              cc
-==57296==ABORTING"""
-reproduce = """This problem cannot be stably reproduced"""
-additional = """/label ~"kind::Bug""""