git bisect start git bisect bad HEAD git bisect good v1.4.0
fde245ca7ea790495db370cd260259595dbdf874 bad NULL pointer a4960ef34829c355fdf25b8ee6b869c92393e366 bad ld: undefined reference b5a73f8d8a57e940f9bbeb399a9e47897522ee9a bad Kernel panic - not syncing: No init found 57eb0cc85469a8948d1036ab830951e63aa32f66 good 99e448006d9267d71c2e3a629b6e5d29ed67bb30 good f708e736d0dafc05f8b7e9e73d6440c930b94686 good 962415fcd5f8223a6fbc6f7bb8c5fdf2500f2f84 good ce1dd5d1bbb0a3769566cb6967714c8c8c97a815 bad Kernel panic - not syncing: No init found c9f10124a2704b6bab21b31e79735b18d414a654 good Feb 19 23:52:08 2013 49b4c31efcce45ab714f286f14fa5d5173f9069d bad e3482cb8063575f9fe0f39b701a4b6dc5a55c9cd good Feb 19 23:52:07 2013 49b4c31efcce45ab714f286f14fa5d5173f9069d is the first bad commit -- You received this bug notification because you are a member of qemu- devel-ml, which is subscribed to QEMU. https://bugs.launchpad.net/bugs/1182490 Title: [qemu-1.5] coroutine-win32.c broken on NULL pointer Status in QEMU: New Bug description: Program received signal SIGSEGV, Segmentation fault. [Switching to Thread 4340.0x163c] qemu_coroutine_switch (action=COROUTINE_TERMINATE, to_=0x0, from_=0x3ba1c80) at /home/cauchy/vcs/git/qemu/coroutine-win32.c:47 (gdb) bt #0 qemu_coroutine_switch (action=COROUTINE_TERMINATE, to_=0x0, from_=0x3ba1c80) at /home/cauchy/vcs/git/qemu/coroutine-win32.c:47 #1 coroutine_trampoline (co_=0x3ba1c80) at /home/cauchy/vcs/git/qemu/coroutine-win32.c:58 #2 0x0000000077098fed in ?? () #3 0x0000000000000000 in ?? () (gdb) (gdb) info registers rax 0x0 0 rbx 0x3ba1c80 62528640 rcx 0x0 0 rdx 0x0 0 rsi 0x770b28d0 1997220048 rdi 0x3ba1b38 62528312 rbp 0x0 0x0 rsp 0xc0bff60 0xc0bff60 r8 0x3184c0 3245248 r9 0x43e31a 4449050 r10 0x0 0 r11 0x206 518 r12 0x0 0 r13 0x0 0 r14 0x0 0 r15 0x0 0 rip 0x43e2cd 0x43e2cd <coroutine_trampoline+61> eflags 0x10206 [ PF IF RF ] cs 0x33 51 ss 0x2b 43 ds 0x0 0 es 0x0 0 fs 0x0 0 gs 0x0 0 (gdb) disassemble Dump of assembler code for function coroutine_trampoline: 0x000000000043e290 <+0>: push %rdi 0x000000000043e291 <+1>: push %rsi 0x000000000043e292 <+2>: push %rbx 0x000000000043e293 <+3>: sub $0x30,%rsp 0x000000000043e297 <+7>: mov %rcx,%rbx 0x000000000043e29a <+10>: lea 0x26dc1f(%rip),%rcx # 0x6abec0 <__emutls_v.current> 0x000000000043e2a1 <+17>: mov 0x6868dd68(%rip),%rax # 0x68acc010 0x000000000043e2a8 <+24>: mov %rax,0x28(%rsp) 0x000000000043e2ad <+29>: xor %eax,%eax 0x000000000043e2af <+31>: callq 0x695808 <__emutls_get_address> 0x000000000043e2b4 <+36>: mov 0x9090d9(%rip),%rsi # 0xd47394 <__imp_SwitchToFiber> 0x000000000043e2bb <+43>: mov %rax,%rdi 0x000000000043e2be <+46>: xchg %ax,%ax 0x000000000043e2c0 <+48>: mov 0x8(%rbx),%rcx 0x000000000043e2c4 <+52>: callq *(%rbx) 0x000000000043e2c6 <+54>: mov 0x10(%rbx),%rdx 0x000000000043e2ca <+58>: mov %rdx,(%rdi) => 0x000000000043e2cd <+61>: movl $0x2,0x38(%rdx) 0x000000000043e2d4 <+68>: mov 0x30(%rdx),%rcx 0x000000000043e2d8 <+72>: callq *%rsi 0x000000000043e2da <+74>: jmp 0x43e2c0 <coroutine_trampoline+48> End of assembler dump. (gdb) From: qemu_coroutine_switch (action=COROUTINE_TERMINATE, to_=0x0, from_=0x3ba1c80) at /home/cauchy/vcs/git/qemu/coroutine-win32.c:47 We can see qemu_coroutine_switch was call with to_=NULL, then crashed at line 47: to->action = action; To manage notifications about this bug go to: https://bugs.launchpad.net/qemu/+bug/1182490/+subscriptions
