Re: [Qemu-devel] [PULL 00/10] Fix device introspection regressions

[Peter Maydell]

On 5 October 2015 at 07:49, Markus Armbruster <address@hidden> wrote:
> Peter Maydell <address@hidden> writes:
>
>> On 2 October 2015 at 18:20, Markus Armbruster <address@hidden> wrote:
>>> QMP command device-list-properties regressed in 2.1: it can crash or
>>> leave dangling pointers behind.
>>>
>>> -device FOO,help regressed in 2.2: it no longer works for
>>> non-pluggable devices.  I tried to fix that some time ago[*], but my
>>> fix failed review.  This is my second, more comprehensive try.
>>>
>>> PATCH 1-3 fix one class of bugs involved in the regressions, PATCH 4-5
>>> are libqtest preliminaries, PATCH 6 adds tests to demonstrate the
>>> remaining bugs, PATCH 7-9 fix them to a degree (see PATCH 8 for
>>> limitations), and PATCH 10 cleans up.
>>
>> This ordering breaks bisection of 'make check', as I found out when
>> I tried to figure out which of the patches in this pull was causing
>> an OSX test failure. Please can you reorder them so that 'make check'
>> works at all points in the series?
>
> My ordering may be bad (and I'll recheck it, of course), or it may
> temporarily expose a hidden bug.  I better figure out what's going on
> here.
>
>>> The following changes since commit ff770b07f34d28b79013a83989bd6c85f8f16b2f:
>>>
>>>   Merge remote-tracking branch 'remotes/cody/tags/block-pull-request' into 
>>> staging (2015-10-02 11:01:18 +0100)
>>>
>>> are available in the git repository at:
>>>
>>>   git://repo.or.cz/qemu/armbru.git tags/pull-monitor-2015-10-02
>>>
>>> for you to fetch changes up to e927162a6fa2fa6144de9d1d11cc9448a2143671:
>>>
>>>   Revert "qdev: Use qdev_get_device_class() for -device <type>,help" 
>>> (2015-10-02 16:45:53 +0200)
>>>
>>> ----------------------------------------------------------------
>>> Fix device introspection regressions
>>>
>>> ----------------------------------------------------------------
>>
>> 'make check' failure on OSX:
>>
>>   /aarch64/device/introspect/list:                                     OK
>>   /aarch64/device/introspect/none:                                     OK
>>   /aarch64/device/introspect/abstract:                                 OK
>>   /aarch64/device/introspect/concrete:                                 **
>> ERROR:/Users/pm215/src/qemu-for-merges/qom/object.c:333:void
>> object_initialize_with_type(void *, size_t, TypeImpl *): assertion
>> failed: (type != NULL)
>> Broken pipe
>> FAIL
>>
>> I have no idea why this only failed on OSX...
>
> Can you re-run this with valgrind spliced in?

Valgrind is not particularly helpful: it reports a couple of
irrelevancies and an unimplemented syscall, then just
reports the backtrace for the abort:

==26853== Memcheck, a memory error detector
==26853== Copyright (C) 2002-2015, and GNU GPL'd, by Julian Seward et al.
==26853== Using Valgrind-3.11.0 and LibVEX; rerun with -h for copyright info
==26853== Command: ./aarch64-softmmu/qemu-system-aarch64 -qtest
unix:/tmp/qtest-26555.sock,nowait -qtest-log /dev/null -qmp
unix:/tmp/qtest-26555.qmp,nowait -machine accel=qtest -display none
-nodefaults -machine none
==26853== Parent PID: 26555
==26853==
==26853== Syscall param __pthread_sigmask(set) points to uninitialised byte(s)
==26853==    at 0x10434E2B6: __pthread_sigmask (in
/usr/lib/system/libsystem_kernel.dylib)
==26853==    by 0x10446406D: pthread_sigmask (in
/usr/lib/system/libsystem_pthread.dylib)
==26853==    by 0x100537022: qemu_thread_create (qemu-thread-posix.c:488)
==26853==    by 0x100550ACB: rcu_init_complete (rcu.c:320)
==26853==    by 0x100550B18: rcu_init (rcu.c:351)
==26853==    by 0x7FFF5FC12D0A:
ImageLoaderMachO::doModInitFunctions(ImageLoader::LinkContext const&)
(in /usr/lib/dyld)
==26853==    by 0x7FFF5FC12E97:
ImageLoaderMachO::doInitialization(ImageLoader::LinkContext const&)
(in /usr/lib/dyld)
==26853==    by 0x7FFF5FC0F890:
ImageLoader::recursiveInitialization(ImageLoader::LinkContext const&,
unsigned int, ImageLoader::InitializerTimingList&,
ImageLoader::UninitedUpwards&) (in /usr/lib/dyld)
==26853==    by 0x7FFF5FC0F717:
ImageLoader::processInitializers(ImageLoader::LinkContext const&,
unsigned int, ImageLoader::InitializerTimingList&,
ImageLoader::UninitedUpwards&) (in /usr/lib/dyld)
==26853==    by 0x7FFF5FC0F988:
ImageLoader::runInitializers(ImageLoader::LinkContext const&,
ImageLoader::InitializerTimingList&) (in /usr/lib/dyld)
==26853==    by 0x7FFF5FC02244: dyld::initializeMainExecutable() (in
/usr/lib/dyld)
==26853==    by 0x7FFF5FC05C18: dyld::_main(macho_header const*,
unsigned long, int, char const**, char const**, char const**, unsigned
long*) (in /usr/lib/dyld)
==26853==  Address 0x1056e0c80 is on thread 1's stack
==26853==  in frame #2, created by qemu_thread_create (qemu-thread-posix.c:461)
==26853==
==26853== Syscall param __pthread_sigmask(set) points to uninitialised byte(s)
==26853==    at 0x10434E2B6: __pthread_sigmask (in
/usr/lib/system/libsystem_kernel.dylib)
==26853==    by 0x10446406D: pthread_sigmask (in
/usr/lib/system/libsystem_pthread.dylib)
==26853==    by 0x100537022: qemu_thread_create (qemu-thread-posix.c:488)
==26853==    by 0x10053C6EC: qemu_signalfd_compat (compatfd.c:91)
==26853==    by 0x10053C604: qemu_signalfd (in
./aarch64-softmmu/qemu-system-aarch64)
==26853==    by 0x100473403: qemu_signal_init (main-loop.c:95)
==26853==    by 0x10047319B: qemu_init_main_loop (main-loop.c:149)
==26853==    by 0x1001FFAC4: qemu_main (vl.c:4008)
==26853==    by 0x100435C72: main (cocoa.m:1164)
==26853==  Address 0x1056e2c00 is on thread 1's stack
==26853==  in frame #2, created by qemu_thread_create (qemu-thread-posix.c:461)
==26853==
--26853-- WARNING: unhandled amd64-darwin syscall: unix:330
--26853-- You may be able to write your own handler.
--26853-- Read the file README_MISSING_SYSCALL_OR_IOCTL.
--26853-- Nevertheless we consider this a bug.  Please report
--26853-- it at http://valgrind.org/support/bug_reports.html.
==26853==
==26853== Process terminating with default action of signal 6 (SIGABRT)
==26853==    at 0x10434E2B6: __pthread_sigmask (in
/usr/lib/system/libsystem_kernel.dylib)
==26853==    by 0x104262A40: __abort (in /usr/lib/system/libsystem_c.dylib)
==26853==    by 0x1042629C1: abort (in /usr/lib/system/libsystem_c.dylib)
==26853==    by 0x101725C4F: g_assertion_message (in
/sw/lib/libglib-2.0.0.dylib)
==26853==    by 0x101725C94: g_assertion_message_expr (in
/sw/lib/libglib-2.0.0.dylib)
==26853==    by 0x10045BBB1: object_initialize_with_type (object.c:333)
==26853==    by 0x10045C111: object_initialize (object.c:352)
==26853==    by 0x1000E7D73: virtio_instance_init_common (virtio.c:1468)
==26853==    by 0x1003EFE46: virtio_tablet_initfn (virtio-pci.c:2133)
==26853==    by 0x10045C065: object_init_with_type (object.c:314)
==26853==    by 0x10045BCF1: object_initialize_with_type (object.c:344)
==26853==    by 0x10045C2A8: object_new_with_type (object.c:430)
==26853==
==26853== HEAP SUMMARY:
==26853==     in use at exit: 2,242,505 bytes in 6,524 blocks
==26853==   total heap usage: 84,155 allocs, 77,631 frees, 30,884,613
bytes allocated
==26853==
==26853== LEAK SUMMARY:
==26853==    definitely lost: 91,693 bytes in 67 blocks
==26853==    indirectly lost: 26,750 bytes in 719 blocks
==26853==      possibly lost: 402,956 bytes in 2,553 blocks
==26853==    still reachable: 396,629 bytes in 1,837 blocks
==26853==         suppressed: 1,324,477 bytes in 1,348 blocks
==26853== Rerun with --leak-check=full to see details of leaked memory
==26853==
==26853== For counts of detected and suppressed errors, rerun with: -v
==26853== Use --track-origins=yes to see where uninitialised values come from
==26853== ERROR SUMMARY: 2 errors from 2 contexts (suppressed: 0 from 0)

-- PMM