From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from eggs.gnu.org ([2001:4830:134:3::10]:57041) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1a1zvF-0007d2-Ap for qemu-devel@nongnu.org; Thu, 26 Nov 2015 12:01:30 -0500 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1a1zvC-0003dG-3c for qemu-devel@nongnu.org; Thu, 26 Nov 2015 12:01:29 -0500 Received: from mx1.redhat.com ([209.132.183.28]:54821) by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1a1zvB-0003dC-VB for qemu-devel@nongnu.org; Thu, 26 Nov 2015 12:01:26 -0500 Date: Thu, 26 Nov 2015 19:01:22 +0200 From: "Michael S. Tsirkin" Message-ID: <20151126170122.GA25998@redhat.com> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Subject: [Qemu-devel] qemu-char issues (was Re: [PULL 00/15] vhost, pc: fixes for List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , To: Peter Maydell Cc: =?iso-8859-1?Q?Marc-Andr=E9?= Lureau , QEMU Developers , pbonzini@redhat.com 2.5) Message-ID: <20151126190029-mutt-send-email-mst@redhat.com> Reply-To: In-Reply-To: <20151126182218-mutt-send-email-mst@redhat.com> On Thu, Nov 26, 2015 at 06:24:12PM +0200, Michael S. Tsirkin wrote: > On Thu, Nov 26, 2015 at 06:19:46PM +0200, Michael S. Tsirkin wrote: > > On Thu, Nov 26, 2015 at 11:26:10AM +0000, Peter Maydell wrote: > > > On 19 November 2015 at 13:35, Michael S. Tsirkin wrote: > > > > The following changes since commit 8337c6cbc37c6b2184f41bab3eaff47d5e68012a: > > > > > > > > Update version for v2.5.0-rc0 release (2015-11-13 17:10:36 +0000) > > > > > > > > are available in the git repository at: > > > > > > > > git://git.kernel.org/pub/scm/virt/kvm/mst/qemu.git tags/for_upstream > > > > > > > > for you to fetch changes up to 1c7ba94a184df1eddd589d5400d879568d3e5d08: > > > > > > > > exec: silence hugetlbfs warning under qtest (2015-11-19 15:26:05 +0200) > > > > > > > > ---------------------------------------------------------------- > > > > vhost, pc: fixes for 2.5 > > > > > > > > Fixes all over the place. > > > > > > > > This also re-enables a test we disabled in 2.5 cycle > > > > now that there's a way not to get a warning from it. > > > > > > > > Signed-off-by: Michael S. Tsirkin > > > > > > Hi; I've just noticed that since this pull was applied the Travis > > > builds have been failing: > > > https://travis-ci.org/qemu/qemu/builds > > > > > > The log messages are rather odd but suggest a virtio-user problem: > > > > So far, it looks like I found a bunch of qemu-char (or possibly glib?) > > problems. > > This is on Fedora 23. > > How to reproduce: > > > > First, apply this patch: > > > > vhost-user-test: fix migration overlap test > > > > Now > > > > [mst@robin qemu]$ make -j 16 > > CC qemu-char.o > > LINK x86_64-softmmu/qemu-system-x86_64 > > LINK i386-softmmu/qemu-system-i386 > > [mst@robin qemu]$ make tests/vhost-user-test > > CC tests/vhost-user-test.o > > LINK tests/vhost-user-test > > > > > > Run under valgrind: > > QTEST_QEMU_BINARY=./x86_64-softmmu/qemu-system-x86_64 valgrind tests/vhost-user-test > > > > What seems to happen is that after remove_fd_in_watch, read callback > > is still invoked. read fails so it calls close, and close > > causes use after free. > > > > Help would be appreciated. > > Here's the log: > http://paste.fedoraproject.org/294863/55491614 > > As you see tcp_chr_close freed a bunch of > stuff, and now tcp_chr_read attempts to use it. Last note: https://developer.gnome.org/glib/stable/glib-The-Main-Event-Loop.html#mainloop-memory-management suggests two ways to manage memory for sources. We seem to do neither, opting for a different approach. > > -- > > MST