QEMU

  1. Bug #1916501
  2. Comment #2

Comment 2 for bug 1916501

Revision history for this message
Julio Faracco (jcfaracco) wrote :

Guys, when I run with valgrind, I always get this when segfault occurs:

==74885== Invalid read of size 8
==74885== at 0x1DC87D: curl_multi_do (curl.c:410)
==74885== by 0x23B949: aio_dispatch_handler (aio-posix.c:329)
==74885== by 0x23C0A1: aio_dispatch_handlers (aio-posix.c:372)
==74885== by 0x23C0A1: aio_dispatch (aio-posix.c:382)
==74885== by 0x22DEE1: aio_ctx_dispatch (async.c:306)
==74885== by 0x4A854DA: g_main_context_dispatch (in /usr/lib/x86_64-linux-gnu/libglib-2.0.so.0.6600.1)
==74885== by 0x236097: glib_pollfds_poll (main-loop.c:232)
==74885== by 0x236097: os_host_main_loop_wait (main-loop.c:255)
==74885== by 0x236097: main_loop_wait (main-loop.c:531)
==74885== by 0x13E30C: convert_do_copy (qemu-img.c:2139)
==74885== by 0x13E30C: img_convert (qemu-img.c:2738)
==74885== by 0x134660: main (qemu-img.c:5536)
==74885== Address 0xf9779b8 is 8 bytes inside a block of size 32 free'd
==74885== at 0x483DA3F: free (in /usr/lib/x86_64-linux-gnu/valgrind/vgpreload_memcheck-amd64-linux.so)
==74885== by 0x1DC5BC: curl_clean_state (curl.c:529)
==74885== by 0x1DC5BC: curl_clean_state (curl.c:515)
==74885== by 0x1DC7E4: curl_multi_check_completion (curl.c:385)
==74885== by 0x1DC8D4: curl_multi_do (curl.c:414)
==74885== by 0x23B949: aio_dispatch_handler (aio-posix.c:329)
==74885== by 0x23C0A1: aio_dispatch_handlers (aio-posix.c:372)
==74885== by 0x23C0A1: aio_dispatch (aio-posix.c:382)
==74885== by 0x22DEE1: aio_ctx_dispatch (async.c:306)
==74885== by 0x4A854DA: g_main_context_dispatch (in /usr/lib/x86_64-linux-gnu/libglib-2.0.so.0.6600.1)
==74885== by 0x236097: glib_pollfds_poll (main-loop.c:232)
==74885== by 0x236097: os_host_main_loop_wait (main-loop.c:255)
==74885== by 0x236097: main_loop_wait (main-loop.c:531)
==74885== by 0x13E30C: convert_do_copy (qemu-img.c:2139)
==74885== by 0x13E30C: img_convert (qemu-img.c:2738)
==74885== by 0x134660: main (qemu-img.c:5536)
==74885== Block was alloc'd at
==74885== at 0x483ED99: calloc (in /usr/lib/x86_64-linux-gnu/valgrind/vgpreload_memcheck-amd64-linux.so)
==74885== by 0x4A8B5A0: g_malloc0 (in /usr/lib/x86_64-linux-gnu/libglib-2.0.so.0.6600.1)
==74885== by 0x1DBDC9: curl_sock_cb (curl.c:156)
==74885== by 0x55402C1: ??? (in /usr/lib/x86_64-linux-gnu/libcurl-gnutls.so.4.6.0)
==74885== by 0x5543D33: ??? (in /usr/lib/x86_64-linux-gnu/libcurl-gnutls.so.4.6.0)
==74885== by 0x5543E77: curl_multi_socket_action (in /usr/lib/x86_64-linux-gnu/libcurl-gnutls.so.4.6.0)
==74885== by 0x1DC8C7: curl_multi_do_locked (curl.c:403)
==74885== by 0x1DC8C7: curl_multi_do (curl.c:413)
==74885== by 0x23B949: aio_dispatch_handler (aio-posix.c:329)
==74885== by 0x23C0A1: aio_dispatch_handlers (aio-posix.c:372)
==74885== by 0x23C0A1: aio_dispatch (aio-posix.c:382)
==74885== by 0x22DEE1: aio_ctx_dispatch (async.c:306)
==74885== by 0x4A854DA: g_main_context_dispatch (in /usr/lib/x86_64-linux-gnu/libglib-2.0.so.0.6600.1)
==74885== by 0x236097: glib_pollfds_poll (main-loop.c:232)
==74885== by 0x236097: os_host_main_loop_wait (main-loop.c:255)
==74885== by 0x236097: main_loop_wait (main-loop.c:531)

It seems that sockets are being free'd in a non-expecting situation.