On 09/10/17 13:56, Gerd Hoffmann wrote: > How do you start > qemu? Which user interface? Like this: qemu-system-x86_64 -vga cirrus [disk image] (which I assume is using the GTK interface) I have attached the reproducer NASM source and disk image. Note that the reproducer is using VBE. > Have you seen a stacktrace with pixman in there? Care to share it? #0 0x00007fffe1c2bf61 in () at /usr/lib/libpixman-1.so.0 #1 0x00007fffe1c385db in () at /usr/lib/libpixman-1.so.0 #2 0x00007fffe1c38991 in () at /usr/lib/libpixman-1.so.0 #3 0x00007fffe1c6eb7c in () at /usr/lib/libpixman-1.so.0 #4 0x00007fffe1c2aca1 in pixman_image_composite32 () at /usr/lib/libpixman-1.so.0 #5 0x0000555555be5630 in gd_switch (dcl=0x555557e088b0, surface=0x555556d76ac0) at /tmp/qemu/ui/gtk.c:628 #6 0x0000555555bb216a in dpy_gfx_replace_surface (con=0x5555569718d0, surface=0x555556d76ac0) at /tmp/qemu/ui/console.c:1552 #7 0x000055555580aab6 in vga_draw_graphic (s=0x5555576de2c0, full_update=0x1) at /tmp/qemu/hw/display/vga.c:1561 #8 0x000055555580b388 in vga_update_display (opaque=0x5555576de2c0) at /tmp/qemu/hw/display/vga.c:1756 #9 0x0000555555bae64d in graphic_hw_update (con=0x5555569718d0) at /tmp/qemu/ui/console.c:263 #10 0x0000555555be50f8 in gd_refresh (dcl=0x555557e088b0) at /tmp/qemu/ui/gtk.c:493 #11 0x0000555555bb22a8 in dpy_refresh (s=0x5555577b05c0) at /tmp/qemu/ui/console.c:1589 #12 0x0000555555bae362 in gui_update (opaque=0x5555577b05c0) at /tmp/qemu/ui/console.c:201 #13 0x0000555555d20445 in timerlist_run_timers (timer_list=0x555556928210) at /tmp/qemu/util/qemu-timer.c:536 #14 0x0000555555d204a2 in qemu_clock_run_timers (type=QEMU_CLOCK_REALTIME) at /tmp/qemu/util/qemu-timer.c:547 #15 0x0000555555d208fe in qemu_clock_run_all_timers () at /tmp/qemu/util/qemu-timer.c:662 #16 0x0000555555d21125 in main_loop_wait (nonblocking=0x0) at /tmp/qemu/util/main-loop.c:521 #17 0x0000555555926553 in main_loop () at /tmp/qemu/vl.c:1995 #18 0x000055555592e793 in main (argc=0x4, argv=0x7fffffffe218, envp=0x7fffffffe240) at /tmp/qemu/vl.c:4902 #19 0x00007fffdc663f6a in __libc_start_main () at /usr/lib/libc.so.6 #20 0x000055555577394a in _start () Thanks.