SPICE crashed when virtio 3D has enabled
Host environment
-
Operating system:
Debian forky (testing)
-
OS/kernel version:
Linux/6.16.5
-
Architecture:
x86-64
-
QEMU flavor:
qemu-system_x86_64
-
QEMU version:
version 10.1.0 (Debian 1:10.1.0+ds-2)
-
QEMU command line:
Defaults from the libvirt-manager
Description of problem
The issue appeared after upgrading QEMU and libvirt from the stable versions to the testing ones (10.0.3 → 10.1.0). When using Virtio video together with the Spice display and enabling 3D/OpenGL, the virtual machine starts but the application crashes within a few seconds.
Steps to reproduce
- create default vm
- select video=virtio+3D
- select display=sipce+OpenGL
Additional information
logs:
Process 28467 (qemu-system-x86) of user 64055 dumped core.
Module libgcc_s.so.1 from deb gcc-15-15.2.0-2.amd64
Module libstdc++.so.6 from deb gcc-15-15.2.0-2.amd64
Module libblkid.so.1 from deb util-linux-2.41.1-2.amd64
Module libuuid.so.1 from deb util-linux-2.41.1-2.amd64
Module libatomic.so.1 from deb gcc-15-15.2.0-2.amd64
Module libmount.so.1 from deb util-linux-2.41.1-2.amd64
Module libzstd.so.1 from deb libzstd-1.5.7+dfsg-1.amd64
Module libudev.so.1 from deb systemd-258~rc3-1.amd64
Stack trace of thread 28467:
#0 0x00007fb1ebe9567c __pthread_kill_implementation (libc.so.6 + 0x9567c)
#1 0x00007fb1ebe40462 __GI_raise (libc.so.6 + 0x40462)
#2 0x00007fb1ebe284ac __GI_abort (libc.so.6 + 0x284ac)
#3 0x00007fb1ea83d9d8 n/a (libspice-server.so.1 + 0x7a9d8)
#4 0x00007fb1ea8089f5 spice_qxl_gl_scanout (libspice-server.so.1 + 0x459f5)
#5 0x00007fb1ee0c1567 n/a (ui-spice-core.so + 0xa567)
#6 0x0000561aaec5abf2 n/a (/usr/bin/qemu-system-x86_64 + 0x509bf2)
#7 0x0000561aaec5c3ad dpy_gfx_replace_surface (/usr/bin/qemu-system-x86_64 + 0x50b3ad)
#8 0x00007fb1d719efba n/a (hw-display-virtio-gpu.so + 0x6fba)
#9 0x0000561aaf2198d3 aio_bh_poll (/usr/bin/qemu-system-x86_64 + 0xac88d3)
#10 0x0000561aaf202d62 aio_dispatch (/usr/bin/qemu-system-x86_64 + 0xab1d62)
#11 0x0000561aaf219636 n/a (/usr/bin/qemu-system-x86_64 + 0xac8636)
#12 0x00007fb1ecf07b75 n/a (libglib-2.0.so.0 + 0x5bb75)
#13 0x00007fb1ecf0b3f8 g_main_context_dispatch (libglib-2.0.so.0 + 0x5f3f8)
#14 0x0000561aaf21ad18 main_loop_wait (/usr/bin/qemu-system-x86_64 + 0xac9d18)
#15 0x0000561aaeeb7460 qemu_main_loop (/usr/bin/qemu-system-x86_64 + 0x766460)
#16 0x0000561aaf168a30 n/a (/usr/bin/qemu-system-x86_64 + 0xa17a30)
#17 0x0000561aaec29cd9 main (/usr/bin/qemu-system-x86_64 + 0x4d8cd9)
#18 0x00007fb1ebe29f68 __libc_start_call_main (libc.so.6 + 0x29f68)
#19 0x00007fb1ebe2a025 __libc_start_main_impl (libc.so.6 + 0x2a025)
#20 0x0000561aaec2ad91 _start (/usr/bin/qemu-system-x86_64 + 0x4d9d91)
Stack trace of thread 28490:
#0 0x00007fb1ebe9b70e __syscall_cancel_arch (libc.so.6 + 0x9b70e)
#1 0x00007fb1ebe902b8 __internal_syscall_cancel (libc.so.6 + 0x902b8)
#2 0x00007fb1ebe908dc __futex_abstimed_wait_common64 (libc.so.6 + 0x908dc)
#3 0x00007fb1ebe92d98 __pthread_cond_wait_common (libc.so.6 + 0x92d98)
#4 0x00007fb1e73a089d n/a (libgallium-25.2.2-1.so + 0x5a089d)
#5 0x00007fb1e736aeab n/a (libgallium-25.2.2-1.so + 0x56aeab)
#6 0x00007fb1e73a07cb n/a (libgallium-25.2.2-1.so + 0x5a07cb)
#7 0x00007fb1ebe937db start_thread (libc.so.6 + 0x937db)
#8 0x00007fb1ebf11070 __clone (libc.so.6 + 0x111070)
Stack trace of thread 28489:
#0 0x00007fb1ebe9b70e __syscall_cancel_arch (libc.so.6 + 0x9b70e)
#1 0x00007fb1ebe902b8 __internal_syscall_cancel (libc.so.6 + 0x902b8)
#2 0x00007fb1ebe908dc __futex_abstimed_wait_common64 (libc.so.6 + 0x908dc)
#3 0x00007fb1ebe92d98 __pthread_cond_wait_common (libc.so.6 + 0x92d98)
#4 0x00007fb1e73a089d n/a (libgallium-25.2.2-1.so + 0x5a089d)
#5 0x00007fb1e736aeab n/a (libgallium-25.2.2-1.so + 0x56aeab)
#6 0x00007fb1e73a07cb n/a (libgallium-25.2.2-1.so + 0x5a07cb)
#7 0x00007fb1ebe937db start_thread (libc.so.6 + 0x937db)
#8 0x00007fb1ebf11070 __clone (libc.so.6 + 0x111070)
Stack trace of thread 28479:
#0 0x00007fb1ebe9b70e __syscall_cancel_arch (libc.so.6 + 0x9b70e)
#1 0x00007fb1ebe902b8 __internal_syscall_cancel (libc.so.6 + 0x902b8)
#2 0x00007fb1ebe908dc __futex_abstimed_wait_common64 (libc.so.6 + 0x908dc)
#3 0x00007fb1ebe92d98 __pthread_cond_wait_common (libc.so.6 + 0x92d98)
#4 0x00007fb1e73a089d n/a (libgallium-25.2.2-1.so + 0x5a089d)
#5 0x00007fb1e736aeab n/a (libgallium-25.2.2-1.so + 0x56aeab)
#6 0x00007fb1e73a07cb n/a (libgallium-25.2.2-1.so + 0x5a07cb)
#7 0x00007fb1ebe937db start_thread (libc.so.6 + 0x937db)
#8 0x00007fb1ebf11070 __clone (libc.so.6 + 0x111070)
Stack trace of thread 28481:
#0 0x00007fb1ebe9b70e __syscall_cancel_arch (libc.so.6 + 0x9b70e)
#1 0x00007fb1ebe902b8 __internal_syscall_cancel (libc.so.6 + 0x902b8)
#2 0x00007fb1ebe908dc __futex_abstimed_wait_common64 (libc.so.6 + 0x908dc)
#3 0x00007fb1ebe92d98 __pthread_cond_wait_common (libc.so.6 + 0x92d98)
#4 0x00007fb1e73a089d n/a (libgallium-25.2.2-1.so + 0x5a089d)
#5 0x00007fb1e736aeab n/a (libgallium-25.2.2-1.so + 0x56aeab)
#6 0x00007fb1e73a07cb n/a (libgallium-25.2.2-1.so + 0x5a07cb)
#7 0x00007fb1ebe937db start_thread (libc.so.6 + 0x937db)
#8 0x00007fb1ebf11070 __clone (libc.so.6 + 0x111070)
Stack trace of thread 28491:
#0 0x00007fb1ebe9b70e __syscall_cancel_arch (libc.so.6 + 0x9b70e)
#1 0x00007fb1ebe902b8 __internal_syscall_cancel (libc.so.6 + 0x902b8)
#2 0x00007fb1ebe908dc __futex_abstimed_wait_common64 (libc.so.6 + 0x908dc)
#3 0x00007fb1ebe92d98 __pthread_cond_wait_common (libc.so.6 + 0x92d98)
#4 0x00007fb1e73a089d n/a (libgallium-25.2.2-1.so + 0x5a089d)
#5 0x00007fb1e736aeab n/a (libgallium-25.2.2-1.so + 0x56aeab)
#6 0x00007fb1e73a07cb n/a (libgallium-25.2.2-1.so + 0x5a07cb)
#7 0x00007fb1ebe937db start_thread (libc.so.6 + 0x937db)
#8 0x00007fb1ebf11070 __clone (libc.so.6 + 0x111070)
Stack trace of thread 28496:
#0 0x00007fb1ebf0d35b __GI___ioctl (libc.so.6 + 0x10d35b)
#1 0x0000561aaf07ebd4 kvm_vcpu_ioctl (/usr/bin/qemu-system-x86_64 + 0x92dbd4)
#2 0x0000561aaf07effe kvm_cpu_exec (/usr/bin/qemu-system-x86_64 + 0x92dffe)
#3 0x0000561aaf0807b5 n/a (/usr/bin/qemu-system-x86_64 + 0x92f7b5)
#4 0x0000561aaf205f70 n/a (/usr/bin/qemu-system-x86_64 + 0xab4f70)
#5 0x00007fb1ebe937db start_thread (libc.so.6 + 0x937db)
#6 0x00007fb1ebf11070 __clone (libc.so.6 + 0x111070)
Stack trace of thread 28482:
#0 0x00007fb1ebe9b70e __syscall_cancel_arch (libc.so.6 + 0x9b70e)
#1 0x00007fb1ebe902b8 __internal_syscall_cancel (libc.so.6 + 0x902b8)
#2 0x00007fb1ebe908dc __futex_abstimed_wait_common64 (libc.so.6 + 0x908dc)
#3 0x00007fb1ebe92d98 __pthread_cond_wait_common (libc.so.6 + 0x92d98)
#4 0x00007fb1e73a089d n/a (libgallium-25.2.2-1.so + 0x5a089d)
#5 0x00007fb1e736aeab n/a (libgallium-25.2.2-1.so + 0x56aeab)
#6 0x00007fb1e73a07cb n/a (libgallium-25.2.2-1.so + 0x5a07cb)
#7 0x00007fb1ebe937db start_thread (libc.so.6 + 0x937db)
#8 0x00007fb1ebf11070 __clone (libc.so.6 + 0x111070)
Stack trace of thread 28502:
#0 0x00007fb1ebe9b70e __syscall_cancel_arch (libc.so.6 + 0x9b70e)
#1 0x00007fb1ebe902b8 __internal_syscall_cancel (libc.so.6 + 0x902b8)
#2 0x00007fb1ebe908dc __futex_abstimed_wait_common64 (libc.so.6 + 0x908dc)
#3 0x00007fb1ebe92d98 __pthread_cond_wait_common (libc.so.6 + 0x92d98)
#4 0x00007fb1e73a089d n/a (libgallium-25.2.2-1.so + 0x5a089d)
#5 0x00007fb1e736aeab n/a (libgallium-25.2.2-1.so + 0x56aeab)
#6 0x00007fb1e73a07cb n/a (libgallium-25.2.2-1.so + 0x5a07cb)
#7 0x00007fb1ebe937db start_thread (libc.so.6 + 0x937db)
#8 0x00007fb1ebf11070 __clone (libc.so.6 + 0x111070)
Stack trace of thread 28477:
#0 0x00007fb1ebe9b70e __syscall_cancel_arch (libc.so.6 + 0x9b70e)
#1 0x00007fb1ebe902b8 __internal_syscall_cancel (libc.so.6 + 0x902b8)
#2 0x00007fb1ebe908dc __futex_abstimed_wait_common64 (libc.so.6 + 0x908dc)
#3 0x00007fb1ebe92d98 __pthread_cond_wait_common (libc.so.6 + 0x92d98)
#4 0x00007fb1e73a089d n/a (libgallium-25.2.2-1.so + 0x5a089d)
#5 0x00007fb1e736aeab n/a (libgallium-25.2.2-1.so + 0x56aeab)
#6 0x00007fb1e73a07cb n/a (libgallium-25.2.2-1.so + 0x5a07cb)
#7 0x00007fb1ebe937db start_thread (libc.so.6 + 0x937db)
#8 0x00007fb1ebf11070 __clone (libc.so.6 + 0x111070)
Stack trace of thread 28480:
#0 0x00007fb1ebe9b70e __syscall_cancel_arch (libc.so.6 + 0x9b70e)
#1 0x00007fb1ebe902b8 __internal_syscall_cancel (libc.so.6 + 0x902b8)
#2 0x00007fb1ebe908dc __futex_abstimed_wait_common64 (libc.so.6 + 0x908dc)
#3 0x00007fb1ebe92d98 __pthread_cond_wait_common (libc.so.6 + 0x92d98)
#4 0x00007fb1e73a089d n/a (libgallium-25.2.2-1.so + 0x5a089d)
#5 0x00007fb1e736aeab n/a (libgallium-25.2.2-1.so + 0x56aeab)
#6 0x00007fb1e73a07cb n/a (libgallium-25.2.2-1.so + 0x5a07cb)
#7 0x00007fb1ebe937db start_thread (libc.so.6 + 0x937db)
#8 0x00007fb1ebf11070 __clone (libc.so.6 + 0x111070)
Stack trace of thread 28503:
#0 0x00007fb1ebe9b70e __syscall_cancel_arch (libc.so.6 + 0x9b70e)
#1 0x00007fb1ebe902b8 __internal_syscall_cancel (libc.so.6 + 0x902b8)
#2 0x00007fb1ebe902fd __syscall_cancel (libc.so.6 + 0x902fd)
#3 0x00007fb1ebf0456e __GI_ppoll (libc.so.6 + 0x10456e)
#4 0x00007fb1ecf0ae0c n/a (libglib-2.0.so.0 + 0x5ee0c)
#5 0x00007fb1ecf0b79f g_main_loop_run (libglib-2.0.so.0 + 0x5f79f)
#6 0x00007fb1ea818fed n/a (libspice-server.so.1 + 0x55fed)
#7 0x00007fb1ebe937db start_thread (libc.so.6 + 0x937db)
#8 0x00007fb1ebf11070 __clone (libc.so.6 + 0x111070)
Stack trace of thread 28500:
#0 0x00007fb1ebe9b70e __syscall_cancel_arch (libc.so.6 + 0x9b70e)
#1 0x00007fb1ebe902b8 __internal_syscall_cancel (libc.so.6 + 0x902b8)
#2 0x00007fb1ebe902fd __syscall_cancel (libc.so.6 + 0x902fd)
#3 0x00007fb1ebf040c6 __GI___poll (libc.so.6 + 0x1040c6)
#4 0x00007fadcd507373 n/a (libusb-1.0.so.0 + 0x14373)
#5 0x00007fb1ebe937db start_thread (libc.so.6 + 0x937db)
#6 0x00007fb1ebf11070 __clone (libc.so.6 + 0x111070)
Stack trace of thread 28498:
#0 0x00007fb1ebe9b70e __syscall_cancel_arch (libc.so.6 + 0x9b70e)
#1 0x00007fb1ebe902b8 __internal_syscall_cancel (libc.so.6 + 0x902b8)
#2 0x00007fb1ebe908dc __futex_abstimed_wait_common64 (libc.so.6 + 0x908dc)
#3 0x00007fb1ebe92d98 __pthread_cond_wait_common (libc.so.6 + 0x92d98)
#4 0x0000561aaf2066c9 qemu_cond_wait_impl (/usr/bin/qemu-system-x86_64 + 0xab56c9)
#5 0x00007fb1d719f088 virtio_gpu_reset (hw-display-virtio-gpu.so + 0x7088)
#6 0x00007fb1e9b88b89 n/a (hw-display-virtio-gpu-gl.so + 0x3b89)
#7 0x0000561aaf05a6dc virtio_reset (/usr/bin/qemu-system-x86_64 + 0x9096dc)
#8 0x0000561aaee500c1 n/a (/usr/bin/qemu-system-x86_64 + 0x6ff0c1)
#9 0x0000561aaee9e9ff n/a (/usr/bin/qemu-system-x86_64 + 0x74d9ff)
#10 0x0000561aaee9e440 n/a (/usr/bin/qemu-system-x86_64 + 0x74d440)
#11 0x0000561aaee9e6fa memory_region_dispatch_write (/usr/bin/qemu-system-x86_64 + 0x74d6fa)
#12 0x0000561aaeea5f4f n/a (/usr/bin/qemu-system-x86_64 + 0x754f4f)
#13 0x0000561aaeea6608 n/a (/usr/bin/qemu-system-x86_64 + 0x755608)
#14 0x0000561aaeea9d59 address_space_rw (/usr/bin/qemu-system-x86_64 + 0x758d59)
#15 0x0000561aaf07f2f6 kvm_cpu_exec (/usr/bin/qemu-system-x86_64 + 0x92e2f6)
#16 0x0000561aaf0807b5 n/a (/usr/bin/qemu-system-x86_64 + 0x92f7b5)
#17 0x0000561aaf205f70 n/a (/usr/bin/qemu-system-x86_64 + 0xab4f70)
#18 0x00007fb1ebe937db start_thread (libc.so.6 + 0x937db)
#19 0x00007fb1ebf11070 __clone (libc.so.6 + 0x111070)
Stack trace of thread 28476:
#0 0x00007fb1ebe9b70e __syscall_cancel_arch (libc.so.6 + 0x9b70e)
#1 0x00007fb1ebe902b8 __internal_syscall_cancel (libc.so.6 + 0x902b8)
#2 0x00007fb1ebe908dc __futex_abstimed_wait_common64 (libc.so.6 + 0x908dc)
#3 0x00007fb1ebe92d98 __pthread_cond_wait_common (libc.so.6 + 0x92d98)
#4 0x00007fb1e73a089d n/a (libgallium-25.2.2-1.so + 0x5a089d)
#5 0x00007fb1e736aeab n/a (libgallium-25.2.2-1.so + 0x56aeab)
#6 0x00007fb1e73a07cb n/a (libgallium-25.2.2-1.so + 0x5a07cb)
#7 0x00007fb1ebe937db start_thread (libc.so.6 + 0x937db)
#8 0x00007fb1ebf11070 __clone (libc.so.6 + 0x111070)
Stack trace of thread 28478:
#0 0x00007fb1ebe9b70e __syscall_cancel_arch (libc.so.6 + 0x9b70e)
#1 0x00007fb1ebe902b8 __internal_syscall_cancel (libc.so.6 + 0x902b8)
#2 0x00007fb1ebe908dc __futex_abstimed_wait_common64 (libc.so.6 + 0x908dc)
#3 0x00007fb1ebe92d98 __pthread_cond_wait_common (libc.so.6 + 0x92d98)
#4 0x00007fb1e73a089d n/a (libgallium-25.2.2-1.so + 0x5a089d)
#5 0x00007fb1e736aeab n/a (libgallium-25.2.2-1.so + 0x56aeab)
#6 0x00007fb1e73a07cb n/a (libgallium-25.2.2-1.so + 0x5a07cb)
#7 0x00007fb1ebe937db start_thread (libc.so.6 + 0x937db)
#8 0x00007fb1ebf11070 __clone (libc.so.6 + 0x111070)
Stack trace of thread 28504:
#0 0x0000000000000000 n/a (n/a + 0x0)
#1 0x00007fb1ecf12060 n/a (libglib-2.0.so.0 + 0x66060)
ELF object binary architecture: AMD x86-64\