On Wed, May 22, 2013 at 11:16:40AM +0800, Fam Zheng wrote: > Changes from v3: > 01, 06, 07: Add QLIST_INIT in qemu_open to initialize each list. > 07: Move clean up for s->acbs from later patch to here. Use qemu_aio_relase > instead of g_free on acb. > Fix use-after-free bug. [Rich]
This version definitely works better. I'm able to open the guest and perform some simple guestfish commands. - - - However I'm still able to hit a crash in qemu, *but* it appears this crash has nothing to do with your code. The same crash happens whether or not I apply your patch, and occurs in common block code. Here are the details of that other crash (qemu from git w/o your patch, curl from git): $ LD_LIBRARY_PATH=~/d/curl/lib/.libs LIBGUESTFS_QEMU=~/d/qemu/qemu.wrapper LIBGUESTFS_BACKEND=direct ./run ./fish/guestfish -a http://192.168.0.249/scratch/winxp.img -i Welcome to guestfish, the guest filesystem shell for editing virtual machine filesystems and disk images. Type: 'help' for help on commands 'man' to read the manual 'quit' to quit the shell Operating system: Microsoft Windows XP /dev/sda1 mounted on / ><fs> find / libguestfs: error: appliance closed the connection unexpectedly. This usually means the libguestfs appliance crashed. See http://libguestfs.org/guestfs-faq.1.html#debugging-libguestfs for information about how to debug libguestfs and report bugs. libguestfs: error: /home/rjones/d/qemu/qemu.wrapper killed by signal 11 (Segmentation fault). To see full error messages you may need to enable debugging. See http://libguestfs.org/guestfs-faq.1.html#debugging-libguestfs libguestfs: error: receive_file_data: parse error in reply callback libguestfs: error: /home/rjones/d/libguestfs/tmp/libguestfsN7yyt4/find1: error in chunked encoding [...] Program terminated with signal 11, Segmentation fault. #0 0x0000000000000000 in ?? () Missing separate debuginfos, use: debuginfo-install SDL-1.2.15-3.fc18.x86_64 bluez-libs-4.101-6.fc18.x86_64 brlapi-0.5.6-12.fc18.x86_64 celt051-0.5.1.3-5.fc18.x86_64 ceph-devel-0.56.3-1.fc18.x86_64 ceph-libs-0.56.3-1.fc18.x86_64 cryptopp-5.6.2-2.fc18.x86_64 cyrus-sasl-lib-2.1.25-2.fc18.x86_64 glusterfs-3.4.0-0.4.beta1.fc20.x86_64 glusterfs-api-3.4.0-0.4.beta1.fc20.x86_64 leveldb-1.7.0-4.fc18.x86_64 libfdt-1.3.0-5.fc18.x86_64 libseccomp-1.0.1-0.fc18.x86_64 libselinux-2.1.12-7.3.fc18.x86_64 libusbx-1.0.14-1.fc18.x86_64 nss-mdns-0.10-11.fc18.x86_64 snappy-1.0.5-2.fc18.x86_64 spice-server-0.12.2-3.fc18.x86_64 usbredir-0.6-1.fc18.x86_64 xen-libs-4.2.2-3.fc18.x86_64 (gdb) t a a bt Thread 6 (Thread 0x7f659cb28700 (LWP 21380)): #0 sem_timedwait () at ../nptl/sysdeps/unix/sysv/linux/x86_64/sem_timedwait.S:101 #1 0x00007f65ad2c6c0b in qemu_sem_timedwait (sem=sem@entry=0x7f65ae0ffe08, ms=ms@entry=10000) at util/qemu-thread-posix.c:237 #2 0x00007f65ad1843ce in worker_thread (opaque=0x7f65ae0ffd70) at thread-pool.c:96 #3 0x00007f65ab1cdd15 in start_thread (arg=0x7f659cb28700) at pthread_create.c:308 #4 0x00007f65a5b9548d in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:114 Thread 5 (Thread 0x7f659d329700 (LWP 21379)): #0 sem_timedwait () at ../nptl/sysdeps/unix/sysv/linux/x86_64/sem_timedwait.S:101 #1 0x00007f65ad2c6c0b in qemu_sem_timedwait (sem=sem@entry=0x7f65ae0ffe08, ms=ms@entry=10000) at util/qemu-thread-posix.c:237 #2 0x00007f65ad1843ce in worker_thread (opaque=0x7f65ae0ffd70) at thread-pool.c:96 #3 0x00007f65ab1cdd15 in start_thread (arg=0x7f659d329700) at pthread_create.c:308 #4 0x00007f65a5b9548d in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:114 Thread 4 (Thread 0x7f659db2a700 (LWP 21378)): #0 sem_timedwait () at ../nptl/sysdeps/unix/sysv/linux/x86_64/sem_timedwait.S:101 #1 0x00007f65ad2c6c0b in qemu_sem_timedwait (sem=sem@entry=0x7f65ae0ffe08, ms=ms@entry=10000) at util/qemu-thread-posix.c:237 #2 0x00007f65ad1843ce in worker_thread (opaque=0x7f65ae0ffd70) at thread-pool.c:96 #3 0x00007f65ab1cdd15 in start_thread (arg=0x7f659db2a700) at pthread_create.c:308 #4 0x00007f65a5b9548d in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:114 Thread 3 (Thread 0x7f659eb2c700 (LWP 21376)): #0 sem_timedwait () at ../nptl/sysdeps/unix/sysv/linux/x86_64/sem_timedwait.S:101 #1 0x00007f65ad2c6c0b in qemu_sem_timedwait (sem=sem@entry=0x7f65ae0ffe08, ms=ms@entry=10000) at util/qemu-thread-posix.c:237 #2 0x00007f65ad1843ce in worker_thread (opaque=0x7f65ae0ffd70) at thread-pool.c:96 #3 0x00007f65ab1cdd15 in start_thread (arg=0x7f659eb2c700) at pthread_create.c:308 #4 0x00007f65a5b9548d in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:114 Thread 2 (Thread 0x7f659fab7700 (LWP 21373)): #0 0x00007f65a5b8e0e7 in ioctl () at ../sysdeps/unix/syscall-template.S:81 #1 0x00007f65ad20ffc9 in kvm_vcpu_ioctl (cpu=cpu@entry=0x7f65ae47ce90, type=type@entry=44672) at /home/rjones/d/qemu/kvm-all.c:1729 #2 0x00007f65ad210155 in kvm_cpu_exec (env=env@entry=0x7f65ae47cfa0) at /home/rjones/d/qemu/kvm-all.c:1614 #3 0x00007f65ad1b1975 in qemu_kvm_cpu_thread_fn (arg=0x7f65ae47cfa0) at /home/rjones/d/qemu/cpus.c:759 #4 0x00007f65ab1cdd15 in start_thread (arg=0x7f659fab7700) at pthread_create.c:308 #5 0x00007f65a5b9548d in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:114 Thread 1 (Thread 0x7f65acf0ea00 (LWP 21370)): #0 0x0000000000000000 in ?? () #1 0x00007f65ad005b3e in bdrv_co_io_em (is_write=true, iov=0x7f65b0b55228, nb_sectors=8, sector_num=2104919, bs=0x7f65ae0d26f0) at block.c:4283 #2 bdrv_co_writev_em (bs=0x7f65ae0d26f0, sector_num=2104919, nb_sectors=8, iov=0x7f65b0b55228) at block.c:4310 #3 0x00007f65ad00c125 in bdrv_co_do_writev (bs=0x7f65ae0d26f0, sector_num= 2104919, nb_sectors=8, qiov=0x7f65b0b55228, flags=(unknown: 0)) at block.c:2625 #4 0x00007f65ad00c125 in bdrv_co_do_writev (bs=0x7f65ae0cfcd0, sector_num= 2104919, nb_sectors=8, qiov=0x7f65b0b55228, flags=flags@entry=(unknown: 0)) at block.c:2625 #5 0x00007f65ad00c288 in bdrv_co_do_rw (opaque=0x7f65afbed140) at block.c:4139 #6 0x00007f65ad0436ea in coroutine_trampoline (i0=<optimized out>, i1=<optimized out>) at coroutine-ucontext.c:118 #7 0x00007f65a5ae96c0 in ?? () from /lib64/libc.so.6 #8 0x00007fff88fd1ab0 in ?? () #9 0xe0e0e0e0e0e0e0e0 in ?? () #10 0x0000000000000000 in ?? () Rich. -- Richard Jones, Virtualization Group, Red Hat http://people.redhat.com/~rjones virt-p2v converts physical machines to virtual machines. Boot with a live CD or over the network (PXE) and turn machines into KVM guests. http://libguestfs.org/virt-v2v
