[libvirt] [PATCH 01/10] memory: make it safer to expand arrays
Eric Blake
eblake at redhat.com
Fri Nov 19 17:18:51 UTC 2010
On 11/19/2010 12:33 AM, Wen Congyang wrote:
> At 2010-11-18 12:28, Eric Blake Write:
>> * src/util/memory.h (VIR_REALLOC_N): Update docs.
>> (VIR_EXPAND_N, VIR_SHRINK_N): New macros.
>> (virAlloc, virAllocN, virReallocN, virAllocVar, virFree): Add some
>> gcc attributes.
>
> There may be a bug in this patch.
Well, it would be patch 3 that touched the file where your backtrace
points, so it would be the overall patch series and not this patch
(patch 1) to blame.
> Test the libvirtd without --dameon, I find that:
> [root at localhost newest]# libvirtd
> Segmentation fault (core dumped)
> [root at localhost newest]#
>
> The folling is the output of the command 'gdb libvirtd core':
> [root at localhost newest]# gdb /usr/sbin/libvirtd core.8996
> <snip>
> Core was generated by `libvirtd'.
> Program terminated with signal 11, Segmentation fault.
> #0 0x000000000041a181 in qemudDispatchServer (server=0x209dcd0, sock=<value optimized out>) at libvirtd.c:1459
> 1459 server->clients[server->nclients++] = client;
> <snip>
> (gdb) bt
> #0 0x000000000041a181 in qemudDispatchServer (server=0x209dcd0, sock=<value optimized out>) at libvirtd.c:1459
> #1 0x000000000041a6f1 in qemudDispatchServerEvent (watch=5, fd=8, events=1, opaque=0x209dcd0) at libvirtd.c:2225
> #2 0x0000000000415b71 in virEventDispatchHandles () at event.c:467
> #3 virEventRunOnce () at event.c:592
> #4 0x00000000004180e9 in qemudOneLoop () at libvirtd.c:2234
> #5 0x00000000004183db in qemudRunLoop (opaque=0x209dcd0) at libvirtd.c:2343
> #6 0x0000003ffec077e1 in start_thread () from /lib64/libpthread.so.0
> #7 0x0000003ffe4e153d in clone () from /lib64/libc.so.6
> (gdb) p server->clients
> $2 = (struct qemud_client **) 0x0
I'm having problems reproducing this, and don't see any obvious
explanations for this in the code. qemuDispatchServer has:
if (server->nclients >= max_clients) {
VIR_ERROR(_("Too many active clients (%d), dropping connection
from %s"),
max_clients, addrstr);
goto error;
}
if (VIR_RESIZE_N(server->clients, server->nclients_max,
server->nclients, 1) < 0) {
VIR_ERROR0(_("Out of memory allocating clients"));
goto error;
}
...
server->clients[server->nclients++] = client;
so the only way to get to the crashing line is to get through a
successful VIR_RESIZE_N, but VIR_RESIZE_N is not successful unless it
updates server->clients to be non-NULL.
Can you do any further debugging that might explain why it is failing
for you, and something I might have missed?
--
Eric Blake eblake at redhat.com +1-801-349-2682
Libvirt virtualization library http://libvirt.org
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 619 bytes
Desc: OpenPGP digital signature
URL: <http://listman.redhat.com/archives/libvir-list/attachments/20101119/5110838f/attachment-0001.sig>
More information about the libvir-list
mailing list