From patchwork Thu Apr 18 11:19:54 2013 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "Zhanghaoyu (A)" X-Patchwork-Id: 237618 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Received: from lists.gnu.org (lists.gnu.org [208.118.235.17]) (using TLSv1 with cipher AES256-SHA (256/256 bits)) (Client did not present a certificate) by ozlabs.org (Postfix) with ESMTPS id 63E1E2C01D8 for ; Thu, 18 Apr 2013 21:20:40 +1000 (EST) Received: from localhost ([::1]:45794 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1USmtK-0003tD-Jj for incoming@patchwork.ozlabs.org; Thu, 18 Apr 2013 07:20:38 -0400 Received: from eggs.gnu.org ([208.118.235.92]:42127) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1USmt0-0003t7-IO for qemu-devel@nongnu.org; Thu, 18 Apr 2013 07:20:20 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1USmst-0005fy-0T for qemu-devel@nongnu.org; Thu, 18 Apr 2013 07:20:18 -0400 Received: from szxga01-in.huawei.com ([119.145.14.64]:17589) by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1USmss-0005dr-Ec for qemu-devel@nongnu.org; Thu, 18 Apr 2013 07:20:10 -0400 Received: from 172.24.2.119 (EHLO szxeml212-edg.china.huawei.com) ([172.24.2.119]) by szxrg01-dlp.huawei.com (MOS 4.3.4-GA FastPath queued) with ESMTP id BAT56743; Thu, 18 Apr 2013 19:20:05 +0800 (CST) Received: from SZXEML414-HUB.china.huawei.com (10.82.67.153) by szxeml212-edg.china.huawei.com (172.24.2.181) with Microsoft SMTP Server (TLS) id 14.1.323.7; Thu, 18 Apr 2013 19:20:03 +0800 Received: from szxeml556-mbx.china.huawei.com ([169.254.3.167]) by SZXEML414-HUB.china.huawei.com ([10.82.67.153]) with mapi id 14.01.0323.007; Thu, 18 Apr 2013 19:19:55 +0800 From: "Zhanghaoyu (A)" To: Gerd Hoffmann , Stefan Hajnoczi Thread-Topic: reply: [Qemu-devel] reply: reply: qemu crashed when starting vm(kvm) with vnc connect Thread-Index: AQHONpcoRq0GcQVPEEeutms+C+LLNZjbOfWAgACbXhA= Date: Thu, 18 Apr 2013 11:19:54 +0000 Message-ID: References: <20130405063456.GA27569@stefanha-thinkpad.redhat.com> <20130408105052.GC12076@stefanha-thinkpad.redhat.com> <20130411092958.GF8904@stefanha-thinkpad.redhat.com> <516FBBF7.1080400@redhat.com> In-Reply-To: <516FBBF7.1080400@redhat.com> Accept-Language: zh-CN, en-US Content-Language: zh-CN X-MS-Has-Attach: X-MS-TNEF-Correlator: x-originating-ip: [10.135.68.97] MIME-Version: 1.0 X-CFilter-Loop: Reflected X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.4.x-2.6.x [generic] X-Received-From: 119.145.14.64 Cc: "Huangweidong \(C\)" , kvm list , Marcelo Tosatti , Luonengjun , qemu-devel , "linux-kernel@vger.kernel.org" , Zanghongyong , Zhanghuanzhong , "corentin.chary@gmail.com" Subject: [Qemu-devel] reply: reply: reply: qemu crashed when starting vm(kvm) with vnc connect X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+incoming=patchwork.ozlabs.org@nongnu.org Sender: qemu-devel-bounces+incoming=patchwork.ozlabs.org@nongnu.org > > On Mon, Apr 08, 2013 at 12:27:06PM +0000, Zhanghaoyu (A) wrote: > >> On Sun, Apr 07, 2013 at 04:58:07AM +0000, Zhanghaoyu (A) wrote: > >>>>>> I start a kvm VM with vnc(using the zrle protocol) connect, sometimes qemu program crashed during starting period, received signal SIGABRT. > >>>>>> Trying about 20 times, this crash may be reproduced. > >>>>>> I guess the cause memory corruption or double free. > >>>>> > >>>>> Which version of QEMU are you running? > >>>>> > >>>>> Please try qemu.git/master. > > Please try again with latest master, might be fixed meanwhile. > > If it still happens pleas provide full qemu and vnc client command lines. > > >> backtrace from core file is shown as below: > >> > >> Program received signal SIGABRT, Aborted. > > >> #8 0x00007f32efd26d07 in vnc_disconnect_finish (vs=0x7f32f0c762d0) > >> at ui/vnc.c:1050 > > Do you have a vnc client connected? Do you close it? > I have a vnc client connected, it was auto closed while qemu crashed. > Any errors reported by the vnc client (maybe it disconnects due to an error in the data stream)? > No errors reported by the vnc client, just popup a reconnect window. And, I have tried to fix this bug, not reproduce this crash after tried about 100 times, patch is shown as below, Thanks, Zhang Haoyu --- a/ui/vnc-jobs.c 2013-04-18 20:10:07.000000000 +0800 +++ b/ui/vnc-jobs.c 2013-04-18 20:14:06.000000000 +0800 @@ -234,7 +234,6 @@ static int vnc_worker_thread_loop(VncJob vnc_unlock_output(job->vs); goto disconnected; } - vnc_unlock_output(job->vs); /* Make a local copy of vs and switch output buffers */ vnc_async_encoding_start(job->vs, &vs); @@ -252,6 +251,8 @@ static int vnc_worker_thread_loop(VncJob if (job->vs->csock == -1) { vnc_unlock_display(job->vs->vd); + vnc_async_encoding_end(job->vs, &vs); + vnc_unlock_output(job->vs); goto disconnected; } @@ -269,7 +270,6 @@ static int vnc_worker_thread_loop(VncJob vs.output.buffer[saved_offset] = (n_rectangles >> 8) & 0xFF; vs.output.buffer[saved_offset + 1] = n_rectangles & 0xFF; - vnc_lock_output(job->vs); if (job->vs->csock != -1) { buffer_reserve(&job->vs->jobs_buffer, vs.output.offset); buffer_append(&job->vs->jobs_buffer, vs.output.buffer, @@ -278,6 +278,8 @@ static int vnc_worker_thread_loop(VncJob vnc_async_encoding_end(job->vs, &vs); qemu_bh_schedule(job->vs->bh); + } else { + vnc_async_encoding_end(job->vs, &vs); } vnc_unlock_output(job->vs);