Am 09.03.2011 08:39, schrieb Michael Tokarev:
09.03.2011 10:26, Stefan Weil wrote:
Am 08.03.2011 23:53, schrieb Peter Lieven:
Hi,

during testing of qemu-kvm-0.14.0 i can reproduce the following
segfault. i have seen similar crash already in 0.13.0, but had no time
to debug.
my guess is that this segfault is related to the threaded vnc server
which was introduced in qemu 0.13.0. the bug is only triggerable if a vnc
client is attached. it might also be connected to a resolution change
in the guest. i have a backtrace attached. the debugger is still
running if someone
needs more output

[]
Hi Peter,

did you apply this patch which fixes one of the known vnc problems
(but is still missing in qemu git master):

http://lists.nongnu.org/archive/html/qemu-devel/2011-03/msg00256.html
This patch is not suitable for 0.14 since in current qemu/master quite
alot of stuff were changed in this area (bitmaps added), there's no
similar infrastructure in 0.14.

Then you can read this thread:

http://lists.nongnu.org/archive/html/qemu-devel/2011-03/msg00313.html

And finally the following modifications of ui/vnc.c might help to see
whether you experience the same kind of crash as I get here in
my environment. They add assertions for bad memory access
which occurs sometimes when a vnc client-server connection exists and
the screen is refreshed after a resolution change.
The code line with the //~ comment also includes a fix which
works for me.
The same is true for this patch, but of a less extent: it can be applied
manually (the bitmap_empty context line).

I wonder if something similar actually exists in 0.13/0.14 too and needs
to be backported to -stable.

Regards,
Stefan W.
Thanks!

/mjt


I just tested stable-0.14. It shows the same kind of bug.
Output of qemu run with valgrind:

==18143== Conditional jump or move depends on uninitialised value(s)
==18143==    at 0x4027022: bcmp (mc_replace_strmem.c:541)
==18143==    by 0x80EEF96: vnc_refresh_server_surface (vnc.c:2292)
==18143==    by 0x80EF0F1: vnc_refresh (vnc.c:2322)
==18143==    by 0x80FA026: qemu_run_timers (qemu-timer.c:503)
==18143==    by 0x80FA34E: qemu_run_all_timers (qemu-timer.c:634)
==18143==    by 0x816BBB6: main_loop_wait (vl.c:1383)
==18143==    by 0x816BC36: main_loop (vl.c:1424)
==18143==    by 0x816FEAF: main (vl.c:3136)

Stefan


Reply via email to