summary refs log tree commit diff stats
path: root/results/scraper/launchpad/1182490
blob: a68cc69bde8b947dd3c64f8037750b662b81fc31 (plain) (blame) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119

[qemu-1.5] coroutine-win32.c broken on NULL pointer

Program received signal SIGSEGV, Segmentation fault.
[Switching to Thread 4340.0x163c]
qemu_coroutine_switch (action=COROUTINE_TERMINATE, to_=0x0, from_=0x3ba1c80)
    at /home/cauchy/vcs/git/qemu/coroutine-win32.c:47
(gdb) bt
#0  qemu_coroutine_switch (action=COROUTINE_TERMINATE, to_=0x0,
    from_=0x3ba1c80) at /home/cauchy/vcs/git/qemu/coroutine-win32.c:47
#1  coroutine_trampoline (co_=0x3ba1c80)
    at /home/cauchy/vcs/git/qemu/coroutine-win32.c:58
#2  0x0000000077098fed in ?? ()
#3  0x0000000000000000 in ?? ()
(gdb)
(gdb) info registers
rax            0x0      0
rbx            0x3ba1c80        62528640
rcx            0x0      0
rdx            0x0      0
rsi            0x770b28d0       1997220048
rdi            0x3ba1b38        62528312
rbp            0x0      0x0
rsp            0xc0bff60        0xc0bff60
r8             0x3184c0 3245248
r9             0x43e31a 4449050
r10            0x0      0
r11            0x206    518
r12            0x0      0
r13            0x0      0
r14            0x0      0
r15            0x0      0
rip            0x43e2cd 0x43e2cd <coroutine_trampoline+61>
eflags         0x10206  [ PF IF RF ]
cs             0x33     51
ss             0x2b     43
ds             0x0      0
es             0x0      0
fs             0x0      0
gs             0x0      0
(gdb) disassemble
Dump of assembler code for function coroutine_trampoline:
   0x000000000043e290 <+0>:     push   %rdi
   0x000000000043e291 <+1>:     push   %rsi
   0x000000000043e292 <+2>:     push   %rbx
   0x000000000043e293 <+3>:     sub    $0x30,%rsp
   0x000000000043e297 <+7>:     mov    %rcx,%rbx
   0x000000000043e29a <+10>:    lea    0x26dc1f(%rip),%rcx        #
0x6abec0 <__emutls_v.current>
   0x000000000043e2a1 <+17>:    mov    0x6868dd68(%rip),%rax        # 0x68acc010
   0x000000000043e2a8 <+24>:    mov    %rax,0x28(%rsp)
   0x000000000043e2ad <+29>:    xor    %eax,%eax
   0x000000000043e2af <+31>:    callq  0x695808 <__emutls_get_address>
   0x000000000043e2b4 <+36>:    mov    0x9090d9(%rip),%rsi        #
0xd47394 <__imp_SwitchToFiber>
   0x000000000043e2bb <+43>:    mov    %rax,%rdi
   0x000000000043e2be <+46>:    xchg   %ax,%ax
   0x000000000043e2c0 <+48>:    mov    0x8(%rbx),%rcx
   0x000000000043e2c4 <+52>:    callq  *(%rbx)
   0x000000000043e2c6 <+54>:    mov    0x10(%rbx),%rdx
   0x000000000043e2ca <+58>:    mov    %rdx,(%rdi)
=> 0x000000000043e2cd <+61>:    movl   $0x2,0x38(%rdx)
   0x000000000043e2d4 <+68>:    mov    0x30(%rdx),%rcx
   0x000000000043e2d8 <+72>:    callq  *%rsi
   0x000000000043e2da <+74>:    jmp    0x43e2c0 <coroutine_trampoline+48>
End of assembler dump.
(gdb)


From:

qemu_coroutine_switch (action=COROUTINE_TERMINATE, to_=0x0, from_=0x3ba1c80)
    at /home/cauchy/vcs/git/qemu/coroutine-win32.c:47

We can see qemu_coroutine_switch was call with to_=NULL, then crashed at line 47:

to->action = action;

git bisect start

git bisect bad HEAD
git bisect good v1.4.0

fde245ca7ea790495db370cd260259595dbdf874        bad     NULL pointer
a4960ef34829c355fdf25b8ee6b869c92393e366        bad     ld: undefined reference
b5a73f8d8a57e940f9bbeb399a9e47897522ee9a        bad     Kernel panic - not syncing: No init found
57eb0cc85469a8948d1036ab830951e63aa32f66        good
99e448006d9267d71c2e3a629b6e5d29ed67bb30        good
f708e736d0dafc05f8b7e9e73d6440c930b94686        good
962415fcd5f8223a6fbc6f7bb8c5fdf2500f2f84        good
ce1dd5d1bbb0a3769566cb6967714c8c8c97a815        bad     Kernel panic - not syncing: No init found
c9f10124a2704b6bab21b31e79735b18d414a654        good    Feb 19 23:52:08 2013
49b4c31efcce45ab714f286f14fa5d5173f9069d        bad
e3482cb8063575f9fe0f39b701a4b6dc5a55c9cd        good    Feb 19 23:52:07 2013
49b4c31efcce45ab714f286f14fa5d5173f9069d is the first bad commit

On Tue, May 21, 2013 at 02:11:05PM -0000, Cauchy Song wrote:
> Public bug reported:
> 
> Program received signal SIGSEGV, Segmentation fault.
> [Switching to Thread 4340.0x163c]
> qemu_coroutine_switch (action=COROUTINE_TERMINATE, to_=0x0, from_=0x3ba1c80)
>     at /home/cauchy/vcs/git/qemu/coroutine-win32.c:47
> (gdb) bt
> #0  qemu_coroutine_switch (action=COROUTINE_TERMINATE, to_=0x0,
>     from_=0x3ba1c80) at /home/cauchy/vcs/git/qemu/coroutine-win32.c:47
> #1  coroutine_trampoline (co_=0x3ba1c80)
>     at /home/cauchy/vcs/git/qemu/coroutine-win32.c:58
> #2  0x0000000077098fed in ?? ()
> #3  0x0000000000000000 in ?? ()

What is the command-line?

How do you reproduce the crash?

Stefan


[Expired for QEMU because there has been no activity for 60 days.]