From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from eggs.gnu.org ([2001:4830:134:3::10]:57192)
	by lists.gnu.org with esmtp (Exim 4.71)
	(envelope-from <lists2009@fnarfbargle.com>) id 1YSQpx-00042a-UF
	for qemu-devel@nongnu.org; Mon, 02 Mar 2015 08:56:47 -0500
Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
	(envelope-from <lists2009@fnarfbargle.com>) id 1YSQpt-0001PH-Qv
	for qemu-devel@nongnu.org; Mon, 02 Mar 2015 08:56:45 -0500
Received: from ns3.fnarfbargle.com ([103.4.17.7]:43077)
	by eggs.gnu.org with esmtp (Exim 4.71)
	(envelope-from <lists2009@fnarfbargle.com>) id 1YSQpt-0001OF-8I
	for qemu-devel@nongnu.org; Mon, 02 Mar 2015 08:56:41 -0500
Message-ID: <54F46BC8.90408@fnarfbargle.com>
Date: Mon, 02 Mar 2015 21:55:20 +0800
From: Brad Campbell <lists2009@fnarfbargle.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8; format=flowed
Content-Transfer-Encoding: 8bit
Subject: [Qemu-devel] commit 3dcadce5076d4b42fa395c39662d65e050b77784 breaks
 qxl on my x64 host.
List-Id: <qemu-devel.nongnu.org>
List-Unsubscribe: <https://lists.nongnu.org/mailman/options/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=unsubscribe>
List-Archive: <http://lists.nongnu.org/archive/html/qemu-devel>
List-Post: <mailto:qemu-devel@nongnu.org>
List-Help: <mailto:qemu-devel-request@nongnu.org?subject=help>
List-Subscribe: <https://lists.nongnu.org/mailman/listinfo/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=subscribe>
To: qemu-devel@nongnu.org, kraxel@redhat.com

G'day all,

I've had an annoying problem on a test box and I've only just got around 
to bisecting it.

Host is a Debian ~7(ish) system. Fairly stock. Spice and qemu are both 
tracking git head. This problem reared its ugly head for me just after 
christmas when I updated the qemu tree. I worked around it by backing up 
to v2.2.0 until I had time to look into it further.

Guest is being invoked with :
qemu -enable-kvm\
  -m 24576\
  -rtc base=localtime\
  -vga qxl\
  -device qxl\
  -net nic,model=virtio\
  -net tap,ifname=tap0,script=/etc/qemu-ifup,vhost=on\
  -usbdevice tablet\
  -spice port=5930,disable-ticketing\
  -drive 
file=/dev/disk/by-id/scsi-SATA_OCZ_VERTEX-PLUSU4G2QIJ3DRJ6B992F7Q7-part$I,if=virtio,cache=unsafe,format=raw 
-boot c\
  -drive 
file=/home/brad/Nobackup/Cad_Storage.raw,if=virtio,cache=unsafe,format=raw \
  -device virtio-serial\
  -chardev spicevmc,id=vdagent,name=vdagent\
  -device virtserialport,chardev=vdagent,name=com.redhat.spice.0\
  -smp 3,maxcpus=3,cores=3,threads=1,sockets=1\
  -cpu host\

The aforementioned commit causes qemu to segfault on startup. It bisects 
to that particular commit, and reverting that single commit from current 
git head makes the problem go away.

Is there anything I can do to provide further information? Or am I doing 
something obviously dumb?

Bisect log for those following along at home.

brad@cadbox:~/qemu$ git bisect log
git bisect start
# bad: [2dffe5516e74215fadf2e0f5ee401db4d5a86f7a] Merge remote-tracking 
branch 'remotes/ehabkost/tags/numa-pull-request' into staging
git bisect bad 2dffe5516e74215fadf2e0f5ee401db4d5a86f7a
# good: [45e1611de8be0eae55967694dd6e627c2dc354f2] Update version for 
v2.2.0 release
git bisect good 45e1611de8be0eae55967694dd6e627c2dc354f2
# bad: [707ff80021ccd7a68f4b3d2c44eebf87efbb41c4] Add device listener 
interface
git bisect bad 707ff80021ccd7a68f4b3d2c44eebf87efbb41c4
# bad: [756ae78b275a0625b4559a8fc448df4c6eb331a8] tap: fix vcpu long 
time io blocking on tap
git bisect bad 756ae78b275a0625b4559a8fc448df4c6eb331a8
# good: [99c9c3cb24e566258a0a141178934f9cb5198842] Merge remote-tracking 
branch 'remotes/mjt/tags/pull-trivial-patches-2014-12-11' into staging
git bisect good 99c9c3cb24e566258a0a141178934f9cb5198842
# good: [dfa9c2a0f4d0a0c8b2c1449ecdbb1297427e1560] Merge remote-tracking 
branch 'remotes/bonzini/tags/for-upstream' into staging
git bisect good dfa9c2a0f4d0a0c8b2c1449ecdbb1297427e1560
# good: [d4fa5354a246a1c6cb538a5d8ebcc21206d502fb] target-mips: remove 
excp_names[] from linux-user as it is unused
git bisect good d4fa5354a246a1c6cb538a5d8ebcc21206d502fb
# good: [4db753b1ac4aedc6cd67fb13d50e5015ce8052a5] Merge remote-tracking 
branch 'remotes/amit-migration/tags/for-2.3-2' into staging
git bisect good 4db753b1ac4aedc6cd67fb13d50e5015ce8052a5
# bad: [339aaf5b7f26d1e638641c59a44883b7654bd8ea] qemu-log: add log 
category for MMU info
git bisect bad 339aaf5b7f26d1e638641c59a44883b7654bd8ea
# bad: [cf7856adefebe86e0cd50302d93b3045e3111690] spice: do not require 
TCP ports
git bisect bad cf7856adefebe86e0cd50302d93b3045e3111690
# bad: [3dcadce5076d4b42fa395c39662d65e050b77784] spice: reduce refresh 
rate in native mode
git bisect bad 3dcadce5076d4b42fa395c39662d65e050b77784
brad@cadbox:~/qemu$ git bisect good
3dcadce5076d4b42fa395c39662d65e050b77784 is the first bad commit
commit 3dcadce5076d4b42fa395c39662d65e050b77784
Author: Gerd Hoffmann <kraxel@redhat.com>
Date:   Tue Nov 4 14:16:12 2014 +0100

     spice: reduce refresh rate in native mode

     Now that cursor updates are out of the way qxl needs the refresh timer
     only when when running in vga mode, for dirty bitmap checking.  In
     native qxl mode the guest will notify us, so we don't need to poll and
     can use the idle interval (one refresh wakeup every few seconds).

     Cc: Marc-André Lureau <marcandre.lureau@gmail.com>
     Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>

:040000 040000 52c9089d73c6713c3e1c6fbcdfa16f8d5943088a 
d1b50857523f19ca7476e90064a4f273a4bdd4af M      hw
brad@cadbox:~/qemu$ git show 3dcadce5076d4b42fa395c39662d65e050b77784
commit 3dcadce5076d4b42fa395c39662d65e050b77784
Author: Gerd Hoffmann <kraxel@redhat.com>
Date:   Tue Nov 4 14:16:12 2014 +0100

     spice: reduce refresh rate in native mode

     Now that cursor updates are out of the way qxl needs the refresh timer
     only when when running in vga mode, for dirty bitmap checking.  In
     native qxl mode the guest will notify us, so we don't need to poll and
     can use the idle interval (one refresh wakeup every few seconds).

     Cc: Marc-André Lureau <marcandre.lureau@gmail.com>
     Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>

diff --git a/hw/display/qxl.c b/hw/display/qxl.c
index 5151bac..61df477 100644
--- a/hw/display/qxl.c
+++ b/hw/display/qxl.c
@@ -1092,6 +1092,7 @@ static void qxl_enter_vga_mode(PCIQXLDevice *d)
      spice_qxl_driver_unload(&d->ssd.qxl);
  #endif
      graphic_console_set_hwops(d->ssd.dcl.con, d->vga.hw_ops, &d->vga);
+    update_displaychangelistener(&d->ssd.dcl, 
GUI_REFRESH_INTERVAL_DEFAULT);
      qemu_spice_create_host_primary(&d->ssd);
      d->mode = QXL_MODE_VGA;
      vga_dirty_log_start(&d->vga);
@@ -1105,6 +1106,7 @@ static void qxl_exit_vga_mode(PCIQXLDevice *d)
      }
      trace_qxl_exit_vga_mode(d->id);
      graphic_console_set_hwops(d->ssd.dcl.con, &qxl_ops, d);
+    update_displaychangelistener(&d->ssd.dcl, GUI_REFRESH_INTERVAL_IDLE);
      vga_dirty_log_stop(&d->vga);
      qxl_destroy_primary(d, QXL_SYNC);
  }
@@ -1153,6 +1155,7 @@ static void qxl_soft_reset(PCIQXLDevice *d)
          qxl_enter_vga_mode(d);
      } else {
          d->mode = QXL_MODE_UNDEFINED;
+        update_displaychangelistener(&d->ssd.dcl, 
GUI_REFRESH_INTERVAL_IDLE);
      }
  }

Regards,
Brad