29.12.2016 11:15, johnw wrote: > Hi Michael, > > Sorry, I mean "qemu-system-x86_64 -display gtk,gl=on -sandbox on", > (not -seccomp on) > > when I launch -display gtk with -sandbox on, qemu-system-x86_64 will freeze, > and "ps aux" will show me [qemu-system-x86] <defunct>
I see, and still only with gl=on. It looks like some system call is filtered which should not be filtered. For quite some time, looking at the contents of syscall table which is allowed in -sandbox mode, I see less and less reason to enable it in the first place, because effectively all interesting system calls are allowed anyway. So I don't see this issue as an issue to start with, just don't use -sandbox. Thanks, /mjt > I dont have problem, if launch "-display gtk" without "-sandbox on". > > Thanks.

