From mboxrd@z Thu Jan 1 00:00:00 1970 From: Stefan Weil Subject: Re: [Qemu-devel] segmentation fault in qemu-kvm-0.14.0 Date: Wed, 09 Mar 2011 10:22:31 +0100 Message-ID: <4D7746D7.3000303@mail.berlios.de> References: <2640D58E-2101-47FA-99B6-28815666651E@dlh.net> <4D772BBC.4040603@mail.berlios.de> <4D772EA5.8030809@msgid.tls.msk.ru> Mime-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Cc: Peter Lieven , qemu-devel , kvm@vger.kernel.org, anthony@codemonkey.ws To: Michael Tokarev Return-path: Received: from moutng.kundenserver.de ([212.227.126.187]:54526 "EHLO moutng.kundenserver.de" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1757086Ab1CIJWg (ORCPT ); Wed, 9 Mar 2011 04:22:36 -0500 In-Reply-To: <4D772EA5.8030809@msgid.tls.msk.ru> Sender: kvm-owner@vger.kernel.org List-ID: Am 09.03.2011 08:39, schrieb Michael Tokarev: > 09.03.2011 10:26, Stefan Weil wrote: >> Am 08.03.2011 23:53, schrieb Peter Lieven: >>> Hi, >>> >>> during testing of qemu-kvm-0.14.0 i can reproduce the following >>> segfault. i have seen similar crash already in 0.13.0, but had no time >>> to debug. >>> my guess is that this segfault is related to the threaded vnc server >>> which was introduced in qemu 0.13.0. the bug is only triggerable if a vnc >>> client is attached. it might also be connected to a resolution change >>> in the guest. i have a backtrace attached. the debugger is still >>> running if someone >>> needs more output >>> > [] >> Hi Peter, >> >> did you apply this patch which fixes one of the known vnc problems >> (but is still missing in qemu git master): >> >> http://lists.nongnu.org/archive/html/qemu-devel/2011-03/msg00256.html > This patch is not suitable for 0.14 since in current qemu/master quite > alot of stuff were changed in this area (bitmaps added), there's no > similar infrastructure in 0.14. > >> Then you can read this thread: >> >> http://lists.nongnu.org/archive/html/qemu-devel/2011-03/msg00313.html >> >> And finally the following modifications of ui/vnc.c might help to see >> whether you experience the same kind of crash as I get here in >> my environment. They add assertions for bad memory access >> which occurs sometimes when a vnc client-server connection exists and >> the screen is refreshed after a resolution change. >> The code line with the //~ comment also includes a fix which >> works for me. > The same is true for this patch, but of a less extent: it can be applied > manually (the bitmap_empty context line). > > I wonder if something similar actually exists in 0.13/0.14 too and needs > to be backported to -stable. > >> Regards, >> Stefan W. > Thanks! > > /mjt I just tested stable-0.14. It shows the same kind of bug. Output of qemu run with valgrind: ==18143== Conditional jump or move depends on uninitialised value(s) ==18143== at 0x4027022: bcmp (mc_replace_strmem.c:541) ==18143== by 0x80EEF96: vnc_refresh_server_surface (vnc.c:2292) ==18143== by 0x80EF0F1: vnc_refresh (vnc.c:2322) ==18143== by 0x80FA026: qemu_run_timers (qemu-timer.c:503) ==18143== by 0x80FA34E: qemu_run_all_timers (qemu-timer.c:634) ==18143== by 0x816BBB6: main_loop_wait (vl.c:1383) ==18143== by 0x816BC36: main_loop (vl.c:1424) ==18143== by 0x816FEAF: main (vl.c:3136) Stefan