[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Qemu-devel] Crashing in tcp_close
|
From: |
Brian Candler |
|
Subject: |
Re: [Qemu-devel] Crashing in tcp_close |
|
Date: |
Fri, 11 Nov 2016 20:53:12 +0000 |
|
User-agent: |
Mozilla/5.0 (Macintosh; Intel Mac OS X 10.11; rv:45.0) Gecko/20100101 Thunderbird/45.4.0 |
On 11/11/2016 16:17, Samuel Thibault wrote:
Could you increase the value given to valgrind's --num-callers= so we
can make sure the context of this call?
OK: re-run with --num-callers=250. It took a few iterations, but I
captured it again. (I have grepped out all the "invalid file descriptor"
lines).
==1217== Memcheck, a memory error detector
==1217== Copyright (C) 2002-2015, and GNU GPL'd, by Julian Seward et al.
==1217== Using Valgrind-3.11.0 and LibVEX; rerun with -h for copyright info
==1217== Command: /usr/local/bin/qemu-system-x86_64 -device
virtio-scsi-pci,id=scsi0 -device scsi-hd,bus=scsi0.0,drive=drive0
-device virtio-net,netdev=user.0 -drive
if=none,file=output-qemu-vtp-nmm/vtp-nmm-201611111946.qcow2,id=drive0,cache=writeback,discard=unmap,format=qcow2
-boot c -vnc [::]:50 -name vtp-nmm-201611111946.qcow2 -machine
type=pc,accel=kvm -netdev user,id=user.0,hostfwd=tcp::3972-:22 -m 4G
==1217==
==1217== Warning: client switching stacks? SP change: 0xffeffea78 -->
0x6be5e48
==1217== to suppress, use: --max-stackframe=68589554736 or greater
==1217== Warning: client switching stacks? SP change: 0x6be5df8 -->
0xffeffea80
==1217== to suppress, use: --max-stackframe=68589554824 or greater
==1217== Warning: client switching stacks? SP change: 0xffefff258 -->
0x6be5e20
==1217== to suppress, use: --max-stackframe=68589556792 or greater
==1217== further instances of this message will not be shown.
==1217== Warning: noted but unhandled ioctl 0xaea3 with no
size/direction hints.
==1217== This could cause spurious value errors to appear.
==1217== See README_MISSING_SYSCALL_OR_IOCTL for guidance on writing
a proper wrapper.
==1217== Warning: set address range perms: large range [0x395db000,
0x1397db000) (noaccess)
==1217== Warning: set address range perms: large range [0x39600000,
0x139600000) (defined)
==1217== Thread 4:
==1217== Syscall param ioctl(generic) points to uninitialised byte(s)
==1217== at 0x63AF357: ioctl (syscall-template.S:84)
==1217== by 0x33AA36: kvm_vcpu_ioctl (kvm-all.c:2076)
==1217== by 0x3F8409: kvm_put_debugregs (kvm.c:2594)
==1217== by 0x3F8409: kvm_arch_put_registers (kvm.c:2688)
==1217== by 0x3378AD: do_kvm_cpu_synchronize_post_init (kvm-all.c:1884)
==1217== by 0x326901: flush_queued_work (cpus.c:1003)
==1217== by 0x326901: qemu_wait_io_event_common (cpus.c:1022)
==1217== by 0x32885E: qemu_kvm_wait_io_event (cpus.c:1048)
==1217== by 0x32885E: qemu_kvm_cpu_thread_fn (cpus.c:1083)
==1217== by 0x609D709: start_thread (pthread_create.c:333)
==1217== by 0x63B982C: clone (clone.S:109)
==1217== Address 0x90edb10 is on thread 4's stack
==1217== in frame #2, created by kvm_arch_put_registers (kvm.c:2621)
==1217== Uninitialised value was created by a stack allocation
==1217== at 0x3F6D20: kvm_arch_put_registers (kvm.c:2621)
==1217==
==1217== Syscall param ioctl(generic) points to uninitialised byte(s)
==1217== at 0x63AF357: ioctl (syscall-template.S:84)
==1217== by 0x33AA36: kvm_vcpu_ioctl (kvm-all.c:2076)
==1217== by 0x3F8409: kvm_put_debugregs (kvm.c:2594)
==1217== by 0x3F8409: kvm_arch_put_registers (kvm.c:2688)
==1217== by 0x33788D: do_kvm_cpu_synchronize_post_reset (kvm-all.c:1871)
==1217== by 0x326901: flush_queued_work (cpus.c:1003)
==1217== by 0x326901: qemu_wait_io_event_common (cpus.c:1022)
==1217== by 0x32885E: qemu_kvm_wait_io_event (cpus.c:1048)
==1217== by 0x32885E: qemu_kvm_cpu_thread_fn (cpus.c:1083)
==1217== by 0x609D709: start_thread (pthread_create.c:333)
==1217== by 0x63B982C: clone (clone.S:109)
==1217== Address 0x90edb10 is on thread 4's stack
==1217== in frame #2, created by kvm_arch_put_registers (kvm.c:2621)
==1217== Uninitialised value was created by a stack allocation
==1217== at 0x3F6D20: kvm_arch_put_registers (kvm.c:2621)
==1217==
==1217== Warning: noted but unhandled ioctl 0xaeb7 with no
size/direction hints.
==1217== This could cause spurious value errors to appear.
==1217== See README_MISSING_SYSCALL_OR_IOCTL for guidance on writing
a proper wrapper.
==1217== Syscall param ioctl(generic) points to uninitialised byte(s)
==1217== at 0x63AF357: ioctl (syscall-template.S:84)
==1217== by 0x33AA36: kvm_vcpu_ioctl (kvm-all.c:2076)
==1217== by 0x3F8409: kvm_put_debugregs (kvm.c:2594)
==1217== by 0x3F8409: kvm_arch_put_registers (kvm.c:2688)
==1217== by 0x33AD7C: kvm_cpu_exec (kvm-all.c:1911)
==1217== by 0x3288D7: qemu_kvm_cpu_thread_fn (cpus.c:1078)
==1217== by 0x609D709: start_thread (pthread_create.c:333)
==1217== by 0x63B982C: clone (clone.S:109)
==1217== Address 0x90edaa0 is on thread 4's stack
==1217== in frame #2, created by kvm_arch_put_registers (kvm.c:2621)
==1217== Uninitialised value was created by a stack allocation
==1217== at 0x3F6D20: kvm_arch_put_registers (kvm.c:2621)
==1217==
==1217== Thread 1:
==1217== Invalid read of size 4
==1217== at 0x550B5B: if_start (if.c:230)
==1217== by 0x5550E2: slirp_pollfds_poll (slirp.c:770)
==1217== by 0x5891EB: main_loop_wait (main-loop.c:508)
==1217== by 0x2F4430: main_loop (vl.c:1908)
==1217== by 0x2F4430: main (vl.c:4604)
==1217== Address 0x97d5794 is 340 bytes inside a block of size 432 free'd
==1217== at 0x4C2EDEB: free (in
/usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==1217== by 0x55B25E: tcp_close (tcp_subr.c:334)
==1217== by 0x55C7AE: tcp_timers (tcp_timer.c:289)
==1217== by 0x55C7AE: tcp_slowtimo (tcp_timer.c:89)
==1217== by 0x555187: slirp_pollfds_poll (slirp.c:576)
==1217== by 0x5891EB: main_loop_wait (main-loop.c:508)
==1217== by 0x2F4430: main_loop (vl.c:1908)
==1217== by 0x2F4430: main (vl.c:4604)
==1217== Block was alloc'd at
==1217== at 0x4C2FB55: calloc (in
/usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==1217== by 0x556D42: socreate (socket.c:51)
==1217== by 0x559580: tcp_input (tcp_input.c:432)
==1217== by 0x55543F: slirp_input (slirp.c:867)
==1217== by 0x54AFBF: net_slirp_receive (slirp.c:118)
==1217== by 0x540B18: nc_sendv_compat (net.c:701)
==1217== by 0x540B18: qemu_deliver_packet_iov (net.c:728)
==1217== by 0x5438DA: qemu_net_queue_deliver_iov (queue.c:179)
==1217== by 0x5438DA: qemu_net_queue_send_iov (queue.c:224)
==1217== by 0x36B428: virtio_net_flush_tx (virtio-net.c:1282)
==1217== by 0x36B624: virtio_net_tx_bh (virtio-net.c:1387)
==1217== by 0x5804EC: aio_bh_call (async.c:67)
==1217== by 0x5804EC: aio_bh_poll (async.c:95)
==1217== by 0x58A8FF: aio_dispatch (aio-posix.c:308)
==1217== by 0x5803AD: aio_ctx_dispatch (async.c:234)
==1217== by 0x56A81A6: g_main_context_dispatch (in
/lib/x86_64-linux-gnu/libglib-2.0.so.0.4800.1)
==1217== by 0x5891DA: glib_pollfds_poll (main-loop.c:213)
==1217== by 0x5891DA: os_host_main_loop_wait (main-loop.c:258)
==1217== by 0x5891DA: main_loop_wait (main-loop.c:506)
==1217== by 0x2F4430: main_loop (vl.c:1908)
==1217== by 0x2F4430: main (vl.c:4604)
==1217==
==1217== Invalid read of size 4
==1217== at 0x550B5B: if_start (if.c:230)
==1217== by 0x552E6C: ip_output (ip_output.c:85)
==1217== by 0x55AA31: tcp_output (tcp_output.c:469)
==1217== by 0x55B2D5: tcp_drop (tcp_subr.c:296)
==1217== by 0x55C7AE: tcp_timers (tcp_timer.c:289)
==1217== by 0x55C7AE: tcp_slowtimo (tcp_timer.c:89)
==1217== by 0x555187: slirp_pollfds_poll (slirp.c:576)
==1217== by 0x5891EB: main_loop_wait (main-loop.c:508)
==1217== by 0x2F4430: main_loop (vl.c:1908)
==1217== by 0x2F4430: main (vl.c:4604)
==1217== Address 0x975c594 is 340 bytes inside a block of size 432 free'd
==1217== at 0x4C2EDEB: free (in
/usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==1217== by 0x55B25E: tcp_close (tcp_subr.c:334)
==1217== by 0x55C7AE: tcp_timers (tcp_timer.c:289)
==1217== by 0x55C7AE: tcp_slowtimo (tcp_timer.c:89)
==1217== by 0x555187: slirp_pollfds_poll (slirp.c:576)
==1217== by 0x5891EB: main_loop_wait (main-loop.c:508)
==1217== by 0x2F4430: main_loop (vl.c:1908)
==1217== by 0x2F4430: main (vl.c:4604)
==1217== Block was alloc'd at
==1217== at 0x4C2FB55: calloc (in
/usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==1217== by 0x556D42: socreate (socket.c:51)
==1217== by 0x559580: tcp_input (tcp_input.c:432)
==1217== by 0x55543F: slirp_input (slirp.c:867)
==1217== by 0x54AFBF: net_slirp_receive (slirp.c:118)
==1217== by 0x540B18: nc_sendv_compat (net.c:701)
==1217== by 0x540B18: qemu_deliver_packet_iov (net.c:728)
==1217== by 0x5438DA: qemu_net_queue_deliver_iov (queue.c:179)
==1217== by 0x5438DA: qemu_net_queue_send_iov (queue.c:224)
==1217== by 0x36B428: virtio_net_flush_tx (virtio-net.c:1282)
==1217== by 0x36B624: virtio_net_tx_bh (virtio-net.c:1387)
==1217== by 0x5804EC: aio_bh_call (async.c:67)
==1217== by 0x5804EC: aio_bh_poll (async.c:95)
==1217== by 0x58A8FF: aio_dispatch (aio-posix.c:308)
==1217== by 0x5803AD: aio_ctx_dispatch (async.c:234)
==1217== by 0x56A81A6: g_main_context_dispatch (in
/lib/x86_64-linux-gnu/libglib-2.0.so.0.4800.1)
==1217== by 0x5891DA: glib_pollfds_poll (main-loop.c:213)
==1217== by 0x5891DA: os_host_main_loop_wait (main-loop.c:258)
==1217== by 0x5891DA: main_loop_wait (main-loop.c:506)
==1217== by 0x2F4430: main_loop (vl.c:1908)
==1217== by 0x2F4430: main (vl.c:4604)
==1217==
==1217== Invalid read of size 4
==1217== at 0x550B5B: if_start (if.c:230)
==1217== by 0x552E6C: ip_output (ip_output.c:85)
==1217== by 0x55AA31: tcp_output (tcp_output.c:469)
==1217== by 0x558FD7: tcp_input (tcp_input.c:1386)
==1217== by 0x55543F: slirp_input (slirp.c:867)
==1217== by 0x54AFBF: net_slirp_receive (slirp.c:118)
==1217== by 0x540B18: nc_sendv_compat (net.c:701)
==1217== by 0x540B18: qemu_deliver_packet_iov (net.c:728)
==1217== by 0x5438DA: qemu_net_queue_deliver_iov (queue.c:179)
==1217== by 0x5438DA: qemu_net_queue_send_iov (queue.c:224)
==1217== by 0x36B428: virtio_net_flush_tx (virtio-net.c:1282)
==1217== by 0x36B624: virtio_net_tx_bh (virtio-net.c:1387)
==1217== by 0x5804EC: aio_bh_call (async.c:67)
==1217== by 0x5804EC: aio_bh_poll (async.c:95)
==1217== by 0x58A8FF: aio_dispatch (aio-posix.c:308)
==1217== by 0x5803AD: aio_ctx_dispatch (async.c:234)
==1217== by 0x56A81A6: g_main_context_dispatch (in
/lib/x86_64-linux-gnu/libglib-2.0.so.0.4800.1)
==1217== by 0x5891DA: glib_pollfds_poll (main-loop.c:213)
==1217== by 0x5891DA: os_host_main_loop_wait (main-loop.c:258)
==1217== by 0x5891DA: main_loop_wait (main-loop.c:506)
==1217== by 0x2F4430: main_loop (vl.c:1908)
==1217== by 0x2F4430: main (vl.c:4604)
==1217== Address 0x9de9f84 is 340 bytes inside a block of size 432 free'd
==1217== at 0x4C2EDEB: free (in
/usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==1217== by 0x55B25E: tcp_close (tcp_subr.c:334)
==1217== by 0x55C7AE: tcp_timers (tcp_timer.c:289)
==1217== by 0x55C7AE: tcp_slowtimo (tcp_timer.c:89)
==1217== by 0x555187: slirp_pollfds_poll (slirp.c:576)
==1217== by 0x5891EB: main_loop_wait (main-loop.c:508)
==1217== by 0x2F4430: main_loop (vl.c:1908)
==1217== by 0x2F4430: main (vl.c:4604)
==1217== Block was alloc'd at
==1217== at 0x4C2FB55: calloc (in
/usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==1217== by 0x556D42: socreate (socket.c:51)
==1217== by 0x559580: tcp_input (tcp_input.c:432)
==1217== by 0x55543F: slirp_input (slirp.c:867)
==1217== by 0x54AFBF: net_slirp_receive (slirp.c:118)
==1217== by 0x540B18: nc_sendv_compat (net.c:701)
==1217== by 0x540B18: qemu_deliver_packet_iov (net.c:728)
==1217== by 0x5438DA: qemu_net_queue_deliver_iov (queue.c:179)
==1217== by 0x5438DA: qemu_net_queue_send_iov (queue.c:224)
==1217== by 0x36B428: virtio_net_flush_tx (virtio-net.c:1282)
==1217== by 0x36B647: virtio_net_tx_bh (virtio-net.c:1404)
==1217== by 0x5804EC: aio_bh_call (async.c:67)
==1217== by 0x5804EC: aio_bh_poll (async.c:95)
==1217== by 0x58A8FF: aio_dispatch (aio-posix.c:308)
==1217== by 0x5803AD: aio_ctx_dispatch (async.c:234)
==1217== by 0x56A81A6: g_main_context_dispatch (in
/lib/x86_64-linux-gnu/libglib-2.0.so.0.4800.1)
==1217== by 0x5891DA: glib_pollfds_poll (main-loop.c:213)
==1217== by 0x5891DA: os_host_main_loop_wait (main-loop.c:258)
==1217== by 0x5891DA: main_loop_wait (main-loop.c:506)
==1217== by 0x2F4430: main_loop (vl.c:1908)
==1217== by 0x2F4430: main (vl.c:4604)
==1217==
==1217== Invalid read of size 4
==1217== at 0x550B5B: if_start (if.c:230)
==1217== by 0x552E6C: ip_output (ip_output.c:85)
==1217== by 0x55AA31: tcp_output (tcp_output.c:469)
==1217== by 0x55C626: tcp_timers (tcp_timer.c:243)
==1217== by 0x55C626: tcp_slowtimo (tcp_timer.c:89)
==1217== by 0x555187: slirp_pollfds_poll (slirp.c:576)
==1217== by 0x5891EB: main_loop_wait (main-loop.c:508)
==1217== by 0x2F4430: main_loop (vl.c:1908)
==1217== by 0x2F4430: main (vl.c:4604)
==1217== Address 0xc0b59d4 is 340 bytes inside a block of size 432 free'd
==1217== at 0x4C2EDEB: free (in
/usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==1217== by 0x55B25E: tcp_close (tcp_subr.c:334)
==1217== by 0x55C7AE: tcp_timers (tcp_timer.c:289)
==1217== by 0x55C7AE: tcp_slowtimo (tcp_timer.c:89)
==1217== by 0x555187: slirp_pollfds_poll (slirp.c:576)
==1217== by 0x5891EB: main_loop_wait (main-loop.c:508)
==1217== by 0x2F4430: main_loop (vl.c:1908)
==1217== by 0x2F4430: main (vl.c:4604)
==1217== Block was alloc'd at
==1217== at 0x4C2FB55: calloc (in
/usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==1217== by 0x556D42: socreate (socket.c:51)
==1217== by 0x559580: tcp_input (tcp_input.c:432)
==1217== by 0x55543F: slirp_input (slirp.c:867)
==1217== by 0x54AFBF: net_slirp_receive (slirp.c:118)
==1217== by 0x540B18: nc_sendv_compat (net.c:701)
==1217== by 0x540B18: qemu_deliver_packet_iov (net.c:728)
==1217== by 0x5438DA: qemu_net_queue_deliver_iov (queue.c:179)
==1217== by 0x5438DA: qemu_net_queue_send_iov (queue.c:224)
==1217== by 0x36B428: virtio_net_flush_tx (virtio-net.c:1282)
==1217== by 0x36B624: virtio_net_tx_bh (virtio-net.c:1387)
==1217== by 0x5804EC: aio_bh_call (async.c:67)
==1217== by 0x5804EC: aio_bh_poll (async.c:95)
==1217== by 0x58A8FF: aio_dispatch (aio-posix.c:308)
==1217== by 0x5803AD: aio_ctx_dispatch (async.c:234)
==1217== by 0x56A81A6: g_main_context_dispatch (in
/lib/x86_64-linux-gnu/libglib-2.0.so.0.4800.1)
==1217== by 0x5891DA: glib_pollfds_poll (main-loop.c:213)
==1217== by 0x5891DA: os_host_main_loop_wait (main-loop.c:258)
==1217== by 0x5891DA: main_loop_wait (main-loop.c:506)
==1217== by 0x2F4430: main_loop (vl.c:1908)
==1217== by 0x2F4430: main (vl.c:4604)
==1217==
==1217== Invalid read of size 4
==1217== at 0x550B5B: if_start (if.c:230)
==1217== by 0x552E6C: ip_output (ip_output.c:85)
==1217== by 0x559E36: tcp_input (tcp_input.c:702)
==1217== by 0x55543F: slirp_input (slirp.c:867)
==1217== by 0x54AFBF: net_slirp_receive (slirp.c:118)
==1217== by 0x540B18: nc_sendv_compat (net.c:701)
==1217== by 0x540B18: qemu_deliver_packet_iov (net.c:728)
==1217== by 0x5438DA: qemu_net_queue_deliver_iov (queue.c:179)
==1217== by 0x5438DA: qemu_net_queue_send_iov (queue.c:224)
==1217== by 0x36B428: virtio_net_flush_tx (virtio-net.c:1282)
==1217== by 0x36B624: virtio_net_tx_bh (virtio-net.c:1387)
==1217== by 0x5804EC: aio_bh_call (async.c:67)
==1217== by 0x5804EC: aio_bh_poll (async.c:95)
==1217== by 0x58A8FF: aio_dispatch (aio-posix.c:308)
==1217== by 0x5803AD: aio_ctx_dispatch (async.c:234)
==1217== by 0x56A81A6: g_main_context_dispatch (in
/lib/x86_64-linux-gnu/libglib-2.0.so.0.4800.1)
==1217== by 0x5891DA: glib_pollfds_poll (main-loop.c:213)
==1217== by 0x5891DA: os_host_main_loop_wait (main-loop.c:258)
==1217== by 0x5891DA: main_loop_wait (main-loop.c:506)
==1217== by 0x2F4430: main_loop (vl.c:1908)
==1217== by 0x2F4430: main (vl.c:4604)
==1217== Address 0xbc53a34 is 340 bytes inside a block of size 432 free'd
==1217== at 0x4C2EDEB: free (in
/usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==1217== by 0x55B25E: tcp_close (tcp_subr.c:334)
==1217== by 0x55C7AE: tcp_timers (tcp_timer.c:289)
==1217== by 0x55C7AE: tcp_slowtimo (tcp_timer.c:89)
==1217== by 0x555187: slirp_pollfds_poll (slirp.c:576)
==1217== by 0x5891EB: main_loop_wait (main-loop.c:508)
==1217== by 0x2F4430: main_loop (vl.c:1908)
==1217== by 0x2F4430: main (vl.c:4604)
==1217== Block was alloc'd at
==1217== at 0x4C2FB55: calloc (in
/usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==1217== by 0x556D42: socreate (socket.c:51)
==1217== by 0x559580: tcp_input (tcp_input.c:432)
==1217== by 0x55543F: slirp_input (slirp.c:867)
==1217== by 0x54AFBF: net_slirp_receive (slirp.c:118)
==1217== by 0x540B18: nc_sendv_compat (net.c:701)
==1217== by 0x540B18: qemu_deliver_packet_iov (net.c:728)
==1217== by 0x5438DA: qemu_net_queue_deliver_iov (queue.c:179)
==1217== by 0x5438DA: qemu_net_queue_send_iov (queue.c:224)
==1217== by 0x36B428: virtio_net_flush_tx (virtio-net.c:1282)
==1217== by 0x36B624: virtio_net_tx_bh (virtio-net.c:1387)
==1217== by 0x5804EC: aio_bh_call (async.c:67)
==1217== by 0x5804EC: aio_bh_poll (async.c:95)
==1217== by 0x58A8FF: aio_dispatch (aio-posix.c:308)
==1217== by 0x5803AD: aio_ctx_dispatch (async.c:234)
==1217== by 0x56A81A6: g_main_context_dispatch (in
/lib/x86_64-linux-gnu/libglib-2.0.so.0.4800.1)
==1217== by 0x5891DA: glib_pollfds_poll (main-loop.c:213)
==1217== by 0x5891DA: os_host_main_loop_wait (main-loop.c:258)
==1217== by 0x5891DA: main_loop_wait (main-loop.c:506)
==1217== by 0x2F4430: main_loop (vl.c:1908)
==1217== by 0x2F4430: main (vl.c:4604)
==1217==
==1217==
==1217== HEAP SUMMARY:
==1217== in use at exit: 209,248,920 bytes in 14,656 blocks
==1217== total heap usage: 5,622,828 allocs, 5,608,172 frees,
2,561,007,063 bytes allocated
==1217==
==1217== 8 bytes in 1 blocks are definitely lost in loss record 1,090 of
5,496
==1217== at 0x4C2FB55: calloc (in
/usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==1217== by 0x56AD780: g_malloc0 (in
/lib/x86_64-linux-gnu/libglib-2.0.so.0.4800.1)
==1217== by 0x334895: portio_list_init (ioport.c:130)
==1217== by 0x4A0255: isa_register_portio_list (isa-bus.c:150)
==1217== by 0x45ED66: parallel_isa_realizefn (parallel.c:535)
==1217== by 0x4634D4: device_set_realized (qdev.c:918)
==1217== by 0x57BCBD: property_set_bool (object.c:1853)
==1217== by 0x57FAE0: object_property_set_qobject (qom-qobject.c:27)
==1217== by 0x57D9AF: object_property_set_bool (object.c:1156)
==1217== by 0x4622B1: qdev_init_nofail (qdev.c:358)
==1217== by 0x4A05EA: parallel_init (isa-bus.c:303)
==1217== by 0x4A05EA: parallel_hds_isa_init (isa-bus.c:314)
==1217== by 0x38CFA7: pc_basic_device_init (pc.c:1593)
==1217== by 0x38F18A: pc_init1.constprop.0 (pc_piix.c:238)
==1217== by 0x2F1051: main (vl.c:4467)
==1217==
==1217== 16 bytes in 1 blocks are definitely lost in loss record 2,274
of 5,496
==1217== at 0x4C2DB8F: malloc (in
/usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==1217== by 0x56AD728: g_malloc (in
/lib/x86_64-linux-gnu/libglib-2.0.so.0.4800.1)
==1217== by 0x465F21: qemu_extend_irqs (irq.c:56)
==1217== by 0x38CFBF: pc_basic_device_init (pc.c:1595)
==1217== by 0x38F18A: pc_init1.constprop.0 (pc_piix.c:238)
==1217== by 0x2F1051: main (vl.c:4467)
==1217==
==1217== 16 bytes in 1 blocks are definitely lost in loss record 2,275
of 5,496
==1217== at 0x4C2FB55: calloc (in
/usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==1217== by 0x56AD780: g_malloc0 (in
/lib/x86_64-linux-gnu/libglib-2.0.so.0.4800.1)
==1217== by 0x334895: portio_list_init (ioport.c:130)
==1217== by 0x4A0255: isa_register_portio_list (isa-bus.c:150)
==1217== by 0x487394: i8257_realize (i8257.c:556)
==1217== by 0x4634D4: device_set_realized (qdev.c:918)
==1217== by 0x57BCBD: property_set_bool (object.c:1853)
==1217== by 0x57FAE0: object_property_set_qobject (qom-qobject.c:27)
==1217== by 0x57D9AF: object_property_set_bool (object.c:1156)
==1217== by 0x4622B1: qdev_init_nofail (qdev.c:358)
==1217== by 0x487D1C: DMA_init (i8257.c:632)
==1217== by 0x38D03B: pc_basic_device_init (pc.c:1612)
==1217== by 0x38F18A: pc_init1.constprop.0 (pc_piix.c:238)
==1217== by 0x2F1051: main (vl.c:4467)
==1217==
==1217== 16 bytes in 1 blocks are definitely lost in loss record 2,276
of 5,496
==1217== at 0x4C2FB55: calloc (in
/usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==1217== by 0x56AD780: g_malloc0 (in
/lib/x86_64-linux-gnu/libglib-2.0.so.0.4800.1)
==1217== by 0x334895: portio_list_init (ioport.c:130)
==1217== by 0x4A0255: isa_register_portio_list (isa-bus.c:150)
==1217== by 0x487394: i8257_realize (i8257.c:556)
==1217== by 0x4634D4: device_set_realized (qdev.c:918)
==1217== by 0x57BCBD: property_set_bool (object.c:1853)
==1217== by 0x57FAE0: object_property_set_qobject (qom-qobject.c:27)
==1217== by 0x57D9AF: object_property_set_bool (object.c:1156)
==1217== by 0x4622B1: qdev_init_nofail (qdev.c:358)
==1217== by 0x487C8D: DMA_init (i8257.c:640)
==1217== by 0x38D03B: pc_basic_device_init (pc.c:1612)
==1217== by 0x38F18A: pc_init1.constprop.0 (pc_piix.c:238)
==1217== by 0x2F1051: main (vl.c:4467)
==1217==
==1217== 16 bytes in 1 blocks are definitely lost in loss record 2,277
of 5,496
==1217== at 0x4C2FB55: calloc (in
/usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==1217== by 0x56AD780: g_malloc0 (in
/lib/x86_64-linux-gnu/libglib-2.0.so.0.4800.1)
==1217== by 0x334895: portio_list_init (ioport.c:130)
==1217== by 0x4A0255: isa_register_portio_list (isa-bus.c:150)
==1217== by 0x451109: isabus_fdc_realize (fdc.c:2498)
==1217== by 0x4634D4: device_set_realized (qdev.c:918)
==1217== by 0x57BCBD: property_set_bool (object.c:1853)
==1217== by 0x57FAE0: object_property_set_qobject (qom-qobject.c:27)
==1217== by 0x57D9AF: object_property_set_bool (object.c:1156)
==1217== by 0x4622B1: qdev_init_nofail (qdev.c:358)
==1217== by 0x45256A: fdctrl_init_isa (fdc.c:2395)
==1217== by 0x38D0B4: pc_basic_device_init (pc.c:1619)
==1217== by 0x38F18A: pc_init1.constprop.0 (pc_piix.c:238)
==1217== by 0x2F1051: main (vl.c:4467)
==1217==
==1217== 16 bytes in 2 blocks are definitely lost in loss record 2,278
of 5,496
==1217== at 0x4C2FB55: calloc (in
/usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==1217== by 0x56AD780: g_malloc0 (in
/lib/x86_64-linux-gnu/libglib-2.0.so.0.4800.1)
==1217== by 0x334895: portio_list_init (ioport.c:130)
==1217== by 0x4A0255: isa_register_portio_list (isa-bus.c:150)
==1217== by 0x49121F: pci_piix_init_ports (piix.c:141)
==1217== by 0x49121F: pci_piix_ide_realize (piix.c:165)
==1217== by 0x4D495F: pci_qdev_realize (pci.c:1966)
==1217== by 0x4634D4: device_set_realized (qdev.c:918)
==1217== by 0x57BCBD: property_set_bool (object.c:1853)
==1217== by 0x57FAE0: object_property_set_qobject (qom-qobject.c:27)
==1217== by 0x57D9AF: object_property_set_bool (object.c:1156)
==1217== by 0x4622B1: qdev_init_nofail (qdev.c:358)
==1217== by 0x4D38D5: pci_create_simple_multifunction (pci.c:2017)
==1217== by 0x4D38D5: pci_create_simple (pci.c:2028)
==1217== by 0x4914A6: pci_piix3_ide_init (piix.c:226)
==1217== by 0x38F56C: pc_init1.constprop.0 (pc_piix.c:249)
==1217== by 0x2F1051: main (vl.c:4467)
==1217==
==1217== 48 bytes in 2 blocks are definitely lost in loss record 3,107
of 5,496
==1217== at 0x4C2FB55: calloc (in
/usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==1217== by 0x56AD780: g_malloc0 (in
/lib/x86_64-linux-gnu/libglib-2.0.so.0.4800.1)
==1217== by 0x334895: portio_list_init (ioport.c:130)
==1217== by 0x4A0255: isa_register_portio_list (isa-bus.c:150)
==1217== by 0x48E027: ide_init_ioport (core.c:2622)
==1217== by 0x49121F: pci_piix_init_ports (piix.c:141)
==1217== by 0x49121F: pci_piix_ide_realize (piix.c:165)
==1217== by 0x4D495F: pci_qdev_realize (pci.c:1966)
==1217== by 0x4634D4: device_set_realized (qdev.c:918)
==1217== by 0x57BCBD: property_set_bool (object.c:1853)
==1217== by 0x57FAE0: object_property_set_qobject (qom-qobject.c:27)
==1217== by 0x57D9AF: object_property_set_bool (object.c:1156)
==1217== by 0x4622B1: qdev_init_nofail (qdev.c:358)
==1217== by 0x4D38D5: pci_create_simple_multifunction (pci.c:2017)
==1217== by 0x4D38D5: pci_create_simple (pci.c:2028)
==1217== by 0x4914A6: pci_piix3_ide_init (piix.c:226)
==1217== by 0x38F56C: pc_init1.constprop.0 (pc_piix.c:249)
==1217== by 0x2F1051: main (vl.c:4467)
==1217==
==1217== 128 bytes in 1 blocks are definitely lost in loss record 4,710
of 5,496
==1217== at 0x4C2DB8F: malloc (in
/usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==1217== by 0x4C2FDEF: realloc (in
/usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==1217== by 0x56AD7E7: g_realloc (in
/lib/x86_64-linux-gnu/libglib-2.0.so.0.4800.1)
==1217== by 0x567B2DC: ??? (in
/lib/x86_64-linux-gnu/libglib-2.0.so.0.4800.1)
==1217== by 0x567C3BA: g_ptr_array_add (in
/lib/x86_64-linux-gnu/libglib-2.0.so.0.4800.1)
==1217== by 0x397348: crs_range_insert (acpi-build.c:745)
==1217== by 0x397348: crs_replace_with_free_ranges (acpi-build.c:808)
==1217== by 0x398CE2: build_dsdt (acpi-build.c:2092)
==1217== by 0x39AA52: acpi_build (acpi-build.c:2670)
==1217== by 0x39BB7B: acpi_setup (acpi-build.c:2873)
==1217== by 0x38AE7A: pc_machine_done (pc.c:1270)
==1217== by 0x626623: notifier_list_notify (notify.c:40)
==1217== by 0x2F122B: qemu_run_machine_init_done_notifiers (vl.c:2686)
==1217== by 0x2F122B: main (vl.c:4562)
==1217==
==1217== 128 bytes in 1 blocks are definitely lost in loss record 4,711
of 5,496
==1217== at 0x4C2DB8F: malloc (in
/usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==1217== by 0x4C2FDEF: realloc (in
/usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==1217== by 0x56AD7E7: g_realloc (in
/lib/x86_64-linux-gnu/libglib-2.0.so.0.4800.1)
==1217== by 0x567B2DC: ??? (in
/lib/x86_64-linux-gnu/libglib-2.0.so.0.4800.1)
==1217== by 0x567C3BA: g_ptr_array_add (in
/lib/x86_64-linux-gnu/libglib-2.0.so.0.4800.1)
==1217== by 0x397348: crs_range_insert (acpi-build.c:745)
==1217== by 0x397348: crs_replace_with_free_ranges (acpi-build.c:808)
==1217== by 0x398DEE: build_dsdt (acpi-build.c:2107)
==1217== by 0x39AA52: acpi_build (acpi-build.c:2670)
==1217== by 0x39BB7B: acpi_setup (acpi-build.c:2873)
==1217== by 0x38AE7A: pc_machine_done (pc.c:1270)
==1217== by 0x626623: notifier_list_notify (notify.c:40)
==1217== by 0x2F122B: qemu_run_machine_init_done_notifiers (vl.c:2686)
==1217== by 0x2F122B: main (vl.c:4562)
==1217==
==1217== 256 bytes in 2 blocks are definitely lost in loss record 4,922
of 5,496
==1217== at 0x4C2DB8F: malloc (in
/usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==1217== by 0x4C2FDEF: realloc (in
/usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==1217== by 0x56AD7E7: g_realloc (in
/lib/x86_64-linux-gnu/libglib-2.0.so.0.4800.1)
==1217== by 0x567B2DC: ??? (in
/lib/x86_64-linux-gnu/libglib-2.0.so.0.4800.1)
==1217== by 0x567C3BA: g_ptr_array_add (in
/lib/x86_64-linux-gnu/libglib-2.0.so.0.4800.1)
==1217== by 0x397348: crs_range_insert (acpi-build.c:745)
==1217== by 0x397348: crs_replace_with_free_ranges (acpi-build.c:808)
==1217== by 0x398CE2: build_dsdt (acpi-build.c:2092)
==1217== by 0x39AA52: acpi_build (acpi-build.c:2670)
==1217== by 0x39B9A0: acpi_build_update (acpi-build.c:2808)
==1217== by 0x4CA245: fw_cfg_select (fw_cfg.c:275)
==1217== by 0x4CADA2: fw_cfg_dma_transfer (fw_cfg.c:348)
==1217== by 0x33D857: memory_region_write_accessor (memory.c:525)
==1217== by 0x33BDC7: access_with_adjusted_size (memory.c:586)
==1217== by 0x33FC1B: memory_region_dispatch_write (memory.c:1275)
==1217== by 0x2FB7B8: address_space_write_continue (exec.c:2544)
==1217== by 0x2FB7B8: address_space_write (exec.c:2601)
==1217== by 0x33AE3F: kvm_handle_io (kvm-all.c:1791)
==1217== by 0x33AE3F: kvm_cpu_exec (kvm-all.c:1955)
==1217== by 0x3288D7: qemu_kvm_cpu_thread_fn (cpus.c:1078)
==1217== by 0x609D709: start_thread (pthread_create.c:333)
==1217== by 0x63B982C: clone (clone.S:109)
==1217==
==1217== 256 bytes in 2 blocks are definitely lost in loss record 4,923
of 5,496
==1217== at 0x4C2DB8F: malloc (in
/usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==1217== by 0x4C2FDEF: realloc (in
/usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==1217== by 0x56AD7E7: g_realloc (in
/lib/x86_64-linux-gnu/libglib-2.0.so.0.4800.1)
==1217== by 0x567B2DC: ??? (in
/lib/x86_64-linux-gnu/libglib-2.0.so.0.4800.1)
==1217== by 0x567C3BA: g_ptr_array_add (in
/lib/x86_64-linux-gnu/libglib-2.0.so.0.4800.1)
==1217== by 0x397348: crs_range_insert (acpi-build.c:745)
==1217== by 0x397348: crs_replace_with_free_ranges (acpi-build.c:808)
==1217== by 0x398DEE: build_dsdt (acpi-build.c:2107)
==1217== by 0x39AA52: acpi_build (acpi-build.c:2670)
==1217== by 0x39B9A0: acpi_build_update (acpi-build.c:2808)
==1217== by 0x4CA245: fw_cfg_select (fw_cfg.c:275)
==1217== by 0x4CADA2: fw_cfg_dma_transfer (fw_cfg.c:348)
==1217== by 0x33D857: memory_region_write_accessor (memory.c:525)
==1217== by 0x33BDC7: access_with_adjusted_size (memory.c:586)
==1217== by 0x33FC1B: memory_region_dispatch_write (memory.c:1275)
==1217== by 0x2FB7B8: address_space_write_continue (exec.c:2544)
==1217== by 0x2FB7B8: address_space_write (exec.c:2601)
==1217== by 0x33AE3F: kvm_handle_io (kvm-all.c:1791)
==1217== by 0x33AE3F: kvm_cpu_exec (kvm-all.c:1955)
==1217== by 0x3288D7: qemu_kvm_cpu_thread_fn (cpus.c:1078)
==1217== by 0x609D709: start_thread (pthread_create.c:333)
==1217== by 0x63B982C: clone (clone.S:109)
==1217==
==1217== 294 bytes in 27 blocks are definitely lost in loss record 4,940
of 5,496
==1217== at 0x4C2DB8F: malloc (in
/usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==1217== by 0x56AD728: g_malloc (in
/lib/x86_64-linux-gnu/libglib-2.0.so.0.4800.1)
==1217== by 0x56C6577: g_strndup (in
/lib/x86_64-linux-gnu/libglib-2.0.so.0.4800.1)
==1217== by 0x467D46: machine_class_base_init (machine.c:375)
==1217== by 0x57C484: type_initialize.part.5 (object.c:322)
==1217== by 0x57CA7C: type_initialize (object.c:811)
==1217== by 0x57CA7C: object_class_foreach_tramp (object.c:798)
==1217== by 0x569733F: g_hash_table_foreach (in
/lib/x86_64-linux-gnu/libglib-2.0.so.0.4800.1)
==1217== by 0x57CF17: object_class_foreach (object.c:820)
==1217== by 0x57CFB1: object_class_get_list (object.c:874)
==1217== by 0x410DEE: find_default_machine (vl.c:1470)
==1217== by 0x2F033F: select_machine (vl.c:2732)
==1217== by 0x2F033F: main (vl.c:3986)
==1217==
==1217== 304 bytes in 1 blocks are possibly lost in loss record 4,951 of
5,496
==1217== at 0x4C2FB55: calloc (in
/usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==1217== by 0x40136D4: allocate_dtv (dl-tls.c:322)
==1217== by 0x40136D4: _dl_allocate_tls (dl-tls.c:539)
==1217== by 0x609E2BE: allocate_stack (allocatestack.c:588)
==1217== by 0x609E2BE: pthread_create@@GLIBC_2.2.5 (pthread_create.c:539)
==1217== by 0x61CA3D: qemu_thread_create (qemu-thread-posix.c:471)
==1217== by 0x62AA28: rcu_init_complete (rcu.c:316)
==1217== by 0x6B67FC: __libc_csu_init (in
/usr/local/bin/qemu-system-x86_64)
==1217== by 0x62D37BE: (below main) (libc-start.c:247)
==1217==
==1217== 304 bytes in 1 blocks are possibly lost in loss record 4,952 of
5,496
==1217== at 0x4C2FB55: calloc (in
/usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==1217== by 0x40136D4: allocate_dtv (dl-tls.c:322)
==1217== by 0x40136D4: _dl_allocate_tls (dl-tls.c:539)
==1217== by 0x609E2BE: allocate_stack (allocatestack.c:588)
==1217== by 0x609E2BE: pthread_create@@GLIBC_2.2.5 (pthread_create.c:539)
==1217== by 0x61CA3D: qemu_thread_create (qemu-thread-posix.c:471)
==1217== by 0x328CFC: qemu_kvm_start_vcpu (cpus.c:1405)
==1217== by 0x328CFC: qemu_init_vcpu (cpus.c:1445)
==1217== by 0x3C760A: x86_cpu_realizefn (cpu.c:3086)
==1217== by 0x4634D4: device_set_realized (qdev.c:918)
==1217== by 0x57BCBD: property_set_bool (object.c:1853)
==1217== by 0x57FAE0: object_property_set_qobject (qom-qobject.c:27)
==1217== by 0x57D9AF: object_property_set_bool (object.c:1156)
==1217== by 0x3890ED: pc_new_cpu (pc.c:1110)
==1217== by 0x38C17B: pc_cpus_init (pc.c:1205)
==1217== by 0x38EFC3: pc_init1.constprop.0 (pc_piix.c:150)
==1217== by 0x2F1051: main (vl.c:4467)
==1217==
==1217== 304 bytes in 1 blocks are possibly lost in loss record 4,953 of
5,496
==1217== at 0x4C2FB55: calloc (in
/usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==1217== by 0x40136D4: allocate_dtv (dl-tls.c:322)
==1217== by 0x40136D4: _dl_allocate_tls (dl-tls.c:539)
==1217== by 0x609E2BE: allocate_stack (allocatestack.c:588)
==1217== by 0x609E2BE: pthread_create@@GLIBC_2.2.5 (pthread_create.c:539)
==1217== by 0x61CA3D: qemu_thread_create (qemu-thread-posix.c:471)
==1217== by 0x57B3EE: vnc_start_worker_thread (vnc-jobs.c:353)
==1217== by 0x56C436: vnc_display_init (vnc.c:3159)
==1217== by 0x56D634: vnc_init_func (vnc.c:3924)
==1217== by 0x628839: qemu_opts_foreach (qemu-option.c:1116)
==1217== by 0x2F11C2: main (vl.c:4545)
==1217==
==1217== 4,864 bytes in 16 blocks are possibly lost in loss record 5,433
of 5,496
==1217== at 0x4C2FB55: calloc (in
/usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==1217== by 0x40136D4: allocate_dtv (dl-tls.c:322)
==1217== by 0x40136D4: _dl_allocate_tls (dl-tls.c:539)
==1217== by 0x609E2BE: allocate_stack (allocatestack.c:588)
==1217== by 0x609E2BE: pthread_create@@GLIBC_2.2.5 (pthread_create.c:539)
==1217== by 0x61CA3D: qemu_thread_create (qemu-thread-posix.c:471)
==1217== by 0x580B06: do_spawn_thread (thread-pool.c:135)
==1217== by 0x580B67: worker_thread (thread-pool.c:83)
==1217== by 0x609D709: start_thread (pthread_create.c:333)
==1217== by 0x63B982C: clone (clone.S:109)
==1217==
==1217== LEAK SUMMARY:
==1217== definitely lost: 1,198 bytes in 42 blocks
==1217== indirectly lost: 0 bytes in 0 blocks
==1217== possibly lost: 5,776 bytes in 19 blocks
==1217== still reachable: 209,241,946 bytes in 14,595 blocks
==1217== suppressed: 0 bytes in 0 blocks
==1217== Reachable blocks (those to which a pointer was found) are not
shown.
==1217== To see them, rerun with: --leak-check=full --show-leak-kinds=all
==1217==
==1217== For counts of detected and suppressed errors, rerun with: -v
==1217== ERROR SUMMARY: 464 errors from 24 contexts (suppressed: 0 from 0)
- Re: [Qemu-devel] Crashing in tcp_close, (continued)
- Re: [Qemu-devel] Crashing in tcp_close, Brian Candler, 2016/11/07
- Re: [Qemu-devel] Crashing in tcp_close, Stefan Hajnoczi, 2016/11/07
- Re: [Qemu-devel] Crashing in tcp_close, Brian Candler, 2016/11/07
- Re: [Qemu-devel] Crashing in tcp_close, Stefan Hajnoczi, 2016/11/08
- Re: [Qemu-devel] Crashing in tcp_close, Brian Candler, 2016/11/08
- Re: [Qemu-devel] Crashing in tcp_close, Brian Candler, 2016/11/08
- Re: [Qemu-devel] Crashing in tcp_close, Stefan Hajnoczi, 2016/11/09
- Re: [Qemu-devel] Crashing in tcp_close, Brian Candler, 2016/11/11
- Re: [Qemu-devel] Crashing in tcp_close, Brian Candler, 2016/11/11
- Re: [Qemu-devel] Crashing in tcp_close, Samuel Thibault, 2016/11/11
- Re: [Qemu-devel] Crashing in tcp_close,
Brian Candler <=
- Re: [Qemu-devel] Crashing in tcp_close, Samuel Thibault, 2016/11/11
- Re: [Qemu-devel] Crashing in tcp_close, Brian Candler, 2016/11/12
- Re: [Qemu-devel] Crashing in tcp_close, Brian Candler, 2016/11/12
- Re: [Qemu-devel] Crashing in tcp_close, Samuel Thibault, 2016/11/12
- Re: [Qemu-devel] Crashing in tcp_close, Brian Candler, 2016/11/13
- Re: [Qemu-devel] Crashing in tcp_close, Stefan Hajnoczi, 2016/11/14