[Qemu-devel] SLIRP segfault?

[Qemu-devel] SLIRP segfault?

[John Snow]

There was a downstream bug filed against qemu-kvm-2.3.1-1.fc22.x86_64
that appeared to segfault in the AHCI code when trying to install OSX
Yosemite.

The debug output looked a little strange, so I asked for a new
stack-trace on an upstream build using --enable-debug to disable
optimizations.

This trace came back as segfaulting in SLIRP.

Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=1255144
--enable-debug trace: https://bugzilla.redhat.com/attachment.cgi?id=1069114

I don't have OSX to try to reproduce, diagnose and debug. Anyone here
have any thoughts?


===


Here is a paraphrased summary of the problem from reporter Dick Marinus:

'Version: qemu-kvm-2.3.1-1.fc22.x86_64

Steps to Reproduce:
1. Install OS X Yosemite using these instructions
http://www.contrib.andrew.cmu.edu/~somlo/OSXKVM/
2. Do some CPU intensive task like compressing a large file

Actual results:
qemu-kvm crashes with a segmentation failure'



'The backtrace completely changed but it is reproducable using
qemu-2.3.1 compiled with:

'./configure' '--target-list=x86_64-softmmu' '--enable-debug'
'--enable-kvm' '--enable-spice' '--prefix=/home/meeuw/git/qemu/'

print ad->cur_cmd obviously doesn't work for this backtrace.

I've tried qemu (git) master a few weeks ago and it didn't segfault but
OS X crashed (freezed) anyway.'


--js

Re: [Qemu-devel] SLIRP segfault?

[Samuel Thibault]

Hello,

John Snow, le Wed 02 Sep 2015 14:01:07 -0400, a écrit :
> There was a downstream bug filed against qemu-kvm-2.3.1-1.fc22.x86_64
> that appeared to segfault in the AHCI code when trying to install OSX
> Yosemite.
> 
> The debug output looked a little strange, so I asked for a new
> stack-trace on an upstream build using --enable-debug to disable
> optimizations.
> 
> This trace came back as segfaulting in SLIRP.

This looks even stranger.

gdb) bt full
#0  0x00007ffff5ff4a2f in send () from /lib64/libpthread.so.0
No symbol table info available.
#1  0x000055555589e06d in slirp_send (so=0x7fffe42cc3c0, buf=0x7ffed85747f0, len=0, flags=0) at slirp/slirp.c:900
No locals.

So the segfault would be in a send call with len=0 ??

I'd rather think that the segfault is actually happening in another
thread, and

thread apply all bt full

should be used to get all traces.

Samuel

Re: [Qemu-devel] SLIRP segfault?

[John Snow]

On 09/06/2015 06:44 PM, Samuel Thibault wrote:
> Hello,
> 
> John Snow, le Wed 02 Sep 2015 14:01:07 -0400, a écrit :
>> There was a downstream bug filed against qemu-kvm-2.3.1-1.fc22.x86_64
>> that appeared to segfault in the AHCI code when trying to install OSX
>> Yosemite.
>>
>> The debug output looked a little strange, so I asked for a new
>> stack-trace on an upstream build using --enable-debug to disable
>> optimizations.
>>
>> This trace came back as segfaulting in SLIRP.
> 
> This looks even stranger.
> 
> gdb) bt full
> #0  0x00007ffff5ff4a2f in send () from /lib64/libpthread.so.0
> No symbol table info available.
> #1  0x000055555589e06d in slirp_send (so=0x7fffe42cc3c0, buf=0x7ffed85747f0, len=0, flags=0) at slirp/slirp.c:900
> No locals.
> 
> So the segfault would be in a send call with len=0 ??
> 
> I'd rather think that the segfault is actually happening in another
> thread, and
> 
> thread apply all bt full
> 
> should be used to get all traces.
> 
> Samuel
> 

Ah, of course. makes sense. relayed the info and hopefully I'll get some
nicer traces to try and make sense of.

Thanks for taking a peek.

--js