From mboxrd@z Thu Jan  1 00:00:00 1970
From: Chris Clayton <chris2553@googlemail.com>
Subject: qemu-kvm-1.1.0 crashing with kernel 3.5.0-rc6
Date: Mon, 09 Jul 2012 11:57:48 +0100
Message-ID: <4FFAB92C.4030001@googlemail.com>
Mime-Version: 1.0
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
To: kvm@vger.kernel.org
Return-path: <kvm-owner@vger.kernel.org>
Received: from mail-ey0-f174.google.com ([209.85.215.174]:54051 "EHLO
	mail-ey0-f174.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
	with ESMTP id S1753082Ab2GIK5x (ORCPT <rfc822;kvm@vger.kernel.org>);
	Mon, 9 Jul 2012 06:57:53 -0400
Received: by eaak11 with SMTP id k11so4272496eaa.19
        for <kvm@vger.kernel.org>; Mon, 09 Jul 2012 03:57:52 -0700 (PDT)
Sender: kvm-owner@vger.kernel.org
List-ID: <kvm.vger.kernel.org>

Hi,

When I run WinXP SP3 through qemu-kvm-1.1.0 on linux kernel 3.5.0-rc6, I 
get a segmentation fault within 3 or 4 minutes maximum. In dmesg I see:

qemu-kvm: sending ioctl 5326 to a partition!
qemu-kvm: sending ioctl 801c0204 to a partition!
qemu-kvm: sending ioctl 5326 to a partition!
qemu-kvm: sending ioctl 801c0204 to a partition!
qemu-kvm: sending ioctl 5326 to a partition!
qemu-kvm: sending ioctl 801c0204 to a partition!
qemu-kvm: sending ioctl 5326 to a partition!
qemu-kvm: sending ioctl 801c0204 to a partition!
qemu-kvm[860] general protection ip:b6abad77 sp:b52ff09c error:0 in 
libc-2.16.so[b697d000+1b4000]

The crash does not occur with qemu-kvm-1.0.1 on rc6. Nor does it occur 
qemu-kvm-1.0.1 or qemu-kvm-1.1.0 on kernel 3.4.4. All three combinations 
survive for 15 minutes or more

When I try to get a backtrace with gdb, the screen on which konsole and 
qemu are running locks up until I kill qemu in another console. 
Consequently I can't get a full BT, but, although probably not very 
helpful, what I did get is:

Program received signal SIGSEGV, Segmentation fault.
[Switching to Thread 0xb6946b40 (LWP 506)]
0xb7705d77 in __strcmp_sse4_2 () from /lib/libc.so.6
(gdb) bt
#0  0xb7705d77 in __strcmp_sse4_2 () from /lib/libc.so.6
#1  0xb7e8d6e3 in g_str_equal () from /usr/lib/libglib-2.0.so.0
#2  0xb7e8c94c in g_hash_table_lookup () from /usr/lib/libglib-2.0.so.0
Cannot access memory at address 0xb694610c
(gdb)

Note that the gdb and dmesg outputs above are not from the same crash 
instance.

I'm not subscribed,so please cc me on any reply.

Happy to provide any additional diagnostics (but may need help on how to 
get them) or test patches, etc

Thanks

Chris Clayton