[Qemu-devel] crash in tcp_output qemu 2.0.0

Fri, 21 Nov 2014 13:15:59 -0800 

Hello,

We are running a couple of VMs using the qemu command on ubuntu 14.04. It seems 
like there is a corruption on the socket. It crashes on its on after a day or 
so of light activity. 

Is this a known issue?

Please let me know if this is the right place to post this or if you can help. 

thanks
pawan

Command:
qemu-system-x86_64 --version
QEMU emulator version 2.0.0 (Debian 2.0.0+dfsg-2ubuntu1.7), Copyright (c) 
2003-2008 Fabrice Bellard

qemu-system-x86_64 -enable-kvm -smp 8 -hda 
/var/venom/instance_repo/3db8f1b6-74a3-11e3-96bf-38eaa7a2f70a.qcow2 -m 4096 
-net nic,model=e1000,vlan=3 -net user,hostfwd=tcp::7002-:22,vlan=3 -net 
nic,macaddr=DE:AD:00:18:00:00,model=e1000,vlan=4 -net 
tap,ifname=td_274-3_2,script=no,downscript=no,vlan=4 -net 
nic,macaddr=DE:AD:00:18:00:01,model=e1000,vlan=5 -net 
tap,ifname=td_br1-ctrl_2,script=no,downscript=no,vlan=5 -net 
nic,macaddr=DE:AD:00:18:00:02,model=e1000,vlan=6 -net 
tap,ifname=td_br2-data_2,script=no,downscript=no,vlan=6 -vnc :17 -qmp 
tcp:localhost:12002,server,nowait -chardev 
socket,id=charmonitor,path=/tmp/mon.12002,server,nowait -mon 
chardev=charmonitor,id=monitor

Backtrace:
Core was generated by `qemu-system-x86_64 -enable-kvm -hda 
/var/venom/instance_repo/390fa8c6-74a3-11e3'.
Program terminated with signal SIGSEGV, Segmentation fault.
#0  tcp_output (tp=tp@entry=0x7f09bc08af50) at 
/build/buildd/qemu-2.0.0+dfsg/slirp/tcp_output.c:127
127             len = min(so->so_snd.sb_cc, win) - off;
(gdb) bt
#0  tcp_output (tp=tp@entry=0x7f09bc08af50) at 
/build/buildd/qemu-2.0.0+dfsg/slirp/tcp_output.c:127
#1  0x00007f09dbd364aa in tcp_drop (tp=tp@entry=0x7f09bc08af50, 
err=err@entry=0) at /build/buildd/qemu-2.0.0+dfsg/slirp/tcp_subr.c:232
#2  0x00007f09dbd377f2 in tcp_timers (timer=2, tp=0x7f09bc08af50) at 
/build/buildd/qemu-2.0.0+dfsg/slirp/tcp_timer.c:287
#3  tcp_slowtimo (slirp=slirp@entry=0x7f09de77bc60) at 
/build/buildd/qemu-2.0.0+dfsg/slirp/tcp_timer.c:88
#4  0x00007f09dbd32358 in slirp_pollfds_poll (pollfds=0x7f09de775c00, 
select_error=select_error@entry=0)
    at /build/buildd/qemu-2.0.0+dfsg/slirp/slirp.c:488
#5  0x00007f09dbce29d7 in main_loop_wait (nonblocking=<optimized out>) at 
/build/buildd/qemu-2.0.0+dfsg/main-loop.c:487
#6  0x00007f09dbb8b1f6 in main_loop () at 
/build/buildd/qemu-2.0.0+dfsg/vl.c:2051
#7  main (argc=<optimized out>, argv=<optimized out>, envp=<optimized out>) at 
/build/buildd/qemu-2.0.0+dfsg/vl.c:4510
(gdb) p tp->t_socket
$1 = (struct socket *) 0x7f08bc0cd050
(gdb) p *tp->t_socket
Cannot access memory at address 0x7f08bc0cd050
(gdb)

Reply via email to