summary refs log tree commit diff stats
path: root/results/classifier/zero-shot/108/other/1182490
blob: 5c94dcb46cc4dd338d2ad09616a8632780561a8f (plain) (blame) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134

other: 0.610
permissions: 0.595
performance: 0.559
graphic: 0.556
PID: 0.539
device: 0.527
vnc: 0.517
debug: 0.503
semantic: 0.457
KVM: 0.436
socket: 0.416
files: 0.381
boot: 0.345
network: 0.261

[qemu-1.5] coroutine-win32.c broken on NULL pointer

Program received signal SIGSEGV, Segmentation fault.
[Switching to Thread 4340.0x163c]
qemu_coroutine_switch (action=COROUTINE_TERMINATE, to_=0x0, from_=0x3ba1c80)
    at /home/cauchy/vcs/git/qemu/coroutine-win32.c:47
(gdb) bt
#0  qemu_coroutine_switch (action=COROUTINE_TERMINATE, to_=0x0,
    from_=0x3ba1c80) at /home/cauchy/vcs/git/qemu/coroutine-win32.c:47
#1  coroutine_trampoline (co_=0x3ba1c80)
    at /home/cauchy/vcs/git/qemu/coroutine-win32.c:58
#2  0x0000000077098fed in ?? ()
#3  0x0000000000000000 in ?? ()
(gdb)
(gdb) info registers
rax            0x0      0
rbx            0x3ba1c80        62528640
rcx            0x0      0
rdx            0x0      0
rsi            0x770b28d0       1997220048
rdi            0x3ba1b38        62528312
rbp            0x0      0x0
rsp            0xc0bff60        0xc0bff60
r8             0x3184c0 3245248
r9             0x43e31a 4449050
r10            0x0      0
r11            0x206    518
r12            0x0      0
r13            0x0      0
r14            0x0      0
r15            0x0      0
rip            0x43e2cd 0x43e2cd <coroutine_trampoline+61>
eflags         0x10206  [ PF IF RF ]
cs             0x33     51
ss             0x2b     43
ds             0x0      0
es             0x0      0
fs             0x0      0
gs             0x0      0
(gdb) disassemble
Dump of assembler code for function coroutine_trampoline:
   0x000000000043e290 <+0>:     push   %rdi
   0x000000000043e291 <+1>:     push   %rsi
   0x000000000043e292 <+2>:     push   %rbx
   0x000000000043e293 <+3>:     sub    $0x30,%rsp
   0x000000000043e297 <+7>:     mov    %rcx,%rbx
   0x000000000043e29a <+10>:    lea    0x26dc1f(%rip),%rcx        #
0x6abec0 <__emutls_v.current>
   0x000000000043e2a1 <+17>:    mov    0x6868dd68(%rip),%rax        # 0x68acc010
   0x000000000043e2a8 <+24>:    mov    %rax,0x28(%rsp)
   0x000000000043e2ad <+29>:    xor    %eax,%eax
   0x000000000043e2af <+31>:    callq  0x695808 <__emutls_get_address>
   0x000000000043e2b4 <+36>:    mov    0x9090d9(%rip),%rsi        #
0xd47394 <__imp_SwitchToFiber>
   0x000000000043e2bb <+43>:    mov    %rax,%rdi
   0x000000000043e2be <+46>:    xchg   %ax,%ax
   0x000000000043e2c0 <+48>:    mov    0x8(%rbx),%rcx
   0x000000000043e2c4 <+52>:    callq  *(%rbx)
   0x000000000043e2c6 <+54>:    mov    0x10(%rbx),%rdx
   0x000000000043e2ca <+58>:    mov    %rdx,(%rdi)
=> 0x000000000043e2cd <+61>:    movl   $0x2,0x38(%rdx)
   0x000000000043e2d4 <+68>:    mov    0x30(%rdx),%rcx
   0x000000000043e2d8 <+72>:    callq  *%rsi
   0x000000000043e2da <+74>:    jmp    0x43e2c0 <coroutine_trampoline+48>
End of assembler dump.
(gdb)


From:

qemu_coroutine_switch (action=COROUTINE_TERMINATE, to_=0x0, from_=0x3ba1c80)
    at /home/cauchy/vcs/git/qemu/coroutine-win32.c:47

We can see qemu_coroutine_switch was call with to_=NULL, then crashed at line 47:

to->action = action;

git bisect start

git bisect bad HEAD
git bisect good v1.4.0

fde245ca7ea790495db370cd260259595dbdf874        bad     NULL pointer
a4960ef34829c355fdf25b8ee6b869c92393e366        bad     ld: undefined reference
b5a73f8d8a57e940f9bbeb399a9e47897522ee9a        bad     Kernel panic - not syncing: No init found
57eb0cc85469a8948d1036ab830951e63aa32f66        good
99e448006d9267d71c2e3a629b6e5d29ed67bb30        good
f708e736d0dafc05f8b7e9e73d6440c930b94686        good
962415fcd5f8223a6fbc6f7bb8c5fdf2500f2f84        good
ce1dd5d1bbb0a3769566cb6967714c8c8c97a815        bad     Kernel panic - not syncing: No init found
c9f10124a2704b6bab21b31e79735b18d414a654        good    Feb 19 23:52:08 2013
49b4c31efcce45ab714f286f14fa5d5173f9069d        bad
e3482cb8063575f9fe0f39b701a4b6dc5a55c9cd        good    Feb 19 23:52:07 2013
49b4c31efcce45ab714f286f14fa5d5173f9069d is the first bad commit

On Tue, May 21, 2013 at 02:11:05PM -0000, Cauchy Song wrote:
> Public bug reported:
> 
> Program received signal SIGSEGV, Segmentation fault.
> [Switching to Thread 4340.0x163c]
> qemu_coroutine_switch (action=COROUTINE_TERMINATE, to_=0x0, from_=0x3ba1c80)
>     at /home/cauchy/vcs/git/qemu/coroutine-win32.c:47
> (gdb) bt
> #0  qemu_coroutine_switch (action=COROUTINE_TERMINATE, to_=0x0,
>     from_=0x3ba1c80) at /home/cauchy/vcs/git/qemu/coroutine-win32.c:47
> #1  coroutine_trampoline (co_=0x3ba1c80)
>     at /home/cauchy/vcs/git/qemu/coroutine-win32.c:58
> #2  0x0000000077098fed in ?? ()
> #3  0x0000000000000000 in ?? ()

What is the command-line?

How do you reproduce the crash?

Stefan


[Expired for QEMU because there has been no activity for 60 days.]