Ubuntu
qemu-kvm package

* glibc detected * qemu: free(): invalid pointer: 0x0000000000e44b10 ***

Bug #500218 reported by Rich Johnson on 2009-12-24

This bug affects 3 people

Affects		Status	Importance	Assigned to	Milestone
	qemu-kvm (Ubuntu)	Fix Released	Medium	Unassigned

Bug Description

Binary package hint: qemu-kvm

===== System Information =====
Ubuntu Version: 9.10 (Karmic)
qemu Version: 0.11.0-0ubuntu6.3
KVM not installed
Guest OS doesn't matter, all of them crash with the same error (below)
==========================

===== Command to reproduce =====
qemu -hda foo.img
==============================

========== Workaround =========
qemu -hda foo.img -no-kvm
==============================

===== Info =====
When running this before it would work. I just started noticing this within the past week after using 'testdrive'. The following is the output from the command above:
----------

<<< nixternal@ShakaDoobie :: ~/vms >>> [1142] qemu -hda ubuntu-lucid.img
*** glibc detected *** qemu: free(): invalid pointer: ======= Backtrace: =========
/lib/libc.so.6[0x7f6bbd193dd6]
qemu[0x424f7a]
qemu[0x42500f]
qemu[0x467dcb]
qemu[0x469491]
qemu[0x46ab31]
qemu[0x424745]
qemu[0x424833]
qemu[0x425dc6]
/lib/libpthread.so.0[0x7f6bbee98a04]
/lib/libc.so.6(clone+0x6d)[0x7f6bbd1 00400000-00614000 r-xp 00000000 08:05 33562 00814000-00815000 r--p 00214000 08:05 33562 00815000-0081d000 rw-p 00215000 08:05 33562 0081d000-00c32000 rw-p 00000000 00:00 0
00e40000-0102a000 rw-p 00000000 00:00 0 7f6badbee000-7f6badc04000 r-xp 00000000 08:05 426 7f6badc04000-7f6bade03000 ---p 00016000 08:05 426 7f6bade03000-7f6bade04000 r--p 00015000 08:05 426 7f6bade04000-7f6bade05000 rw-p 00016000 08:05 426 7f6bade05000-7f6bade0a000 r-xp 00000000 08:05 146262 7f6bade0a000-7f6bae009000 ---p 00005000 08:05 146262 7f6bae009000-7f6bae00a000 r--p 00004000 08:05 146262 7f6bae00a000-7f6bae00b000 rw-p 00005000 08:05 146262 7f6bae00b000-7f6bae014000 r-xp 00000000 08:05 156357 7f6bae014000-7f6bae213000 ---p 00009000 08:05 156357 7f6bae213000-7f6bae214000 r--p 00008000 08:05 156357 7f6bae214000-7f6bae215000 rw-p 00009000 08:05 156357 7f6bae215000-7f6bae21e000 r-xp 00000000 08:05 156559 7f6bae21e000-7f6bae41d000 ---p 00009000 08:05 156559 7f6bae41d000-7f6bae41e000 r--p 00008000 08:05 156559 7f6bae41e000-7f6bae41f000 rw-p 00009000 08:05 156559 7f6bae41f000-7f6bae46c000 rw-p 00000000 00:00 7f6bae4f1000-7f6bae530000 r--p 00000000 08:05 130827 7f6bae530000-7f6bae531000 r--p 00000000 08:05 130828 7f6bae531000-7f6bae532000 r--p 00000000 08:05 130865 7f6bae532000-7f6bae61f000 r--p 00000000 08:05 131053 7f6bae61f000-7f6bae620000 r--p 00000000 08:05 131095 7f6bae620000-7f6bae621000 r--p 00000000 08:05 131128 7f6bae621000-7f6bae622000 r--p 00000000 08:05 131735 7f6bae622000-7f6bae623000 r--p 00000000 08:05 137286 7f6bae623000-7f6bae624000 r--p 00000000 08:05 137524 7f6bae624000-7f6bae625000 r--p 00000000 08:05 137525 7f6bae625000-7f6bae626000 r--p 00000000 08:05 137529 7f6bae626000-7f6bae62d000 r--s 00000000 08:05 131042 7f6bae62d000-7f6bae62e000 r--p 00000000 08:05 137534 7f6bae62e000-7f6bae6b2000 rw-p 00000000 00:00 7f6bae71e000-7f6bb77e3000 rw-p 00000000 00:00 7f6bb77e3000-7f6bb77e4000 ---p 00000000 00:00 7f6bb77e4000-7f6bb7fe4000 rw-p 00000000 00:00 7f6bb7fe4000-7f6bb7ff0000 r-xp 00000000 08:05 361 7f6bb7ff0000-7f6bb81ef000 ---p 0000c000 08:05 361 7f6bb81ef000-7f6bb81f0000 r--p 0000b000 08:05 361 7f6bb81f0000-7f6bb81f1000 rw-p 0000c000 08:05 361 7f6bb81f1000-7f6bb81f3000 r-xp 00000000 08:05 1457 7f6bb81f3000-7f6bb83f2000 ---p 00002000 08:05 1457 7f6bb83f2000-7f6bb83f3000 r--p 00001000 08:05 1457 7f6bb83f3000-7f6bb83f4000 rw-p 00002000 08:05 1457 7f6bb83f4000-7f6bb83fb000 r-xp 00000000 08:05 135664 7f6bb83fb000-7f6bb85fa000 ---p 00007000 08:05 135664 7f6bb85fa000-7f6bb85fb000 r--p 00006000 08:05 135664 7f6bb85fb000-7f6bb85fc000 rw-p 00007000 08:05 135664 7f6bb85fc000-7f6bb85ff000 r-xp 00000000 08:05 328 7f6bb85ff000-7f6bb87fe000 ---p 00003000 08:05 328 7f6bb87fe000-7f6bb87ff000 r--p 00002000 08:05 328 7f6bb87ff000-7f6bb8800000 rw-p 00003000 08:05 328 7f6bb8800000-7f6bb8829000 r-xp 00000000 08:05 135635 7f6bb8829000-7f6bb8a28000 ---p 00029000 08:05 135635 7f6bb8a28000-7f6bb8a2a000 r--p 00028000 08:05 135635 7f6bb8a2a000-7f6bb8a2b000 rw-p 0002a000 08:05 135635 7f6bb8a2b000-7f6bb8ad9000 r-xp 00000000 08:05 135647 7f6bb8ad9000-7f6bb8cd9000 ---p 000ae000 08:05 135647 7f6bb8cd9000-7f6bb8ce1000 r--p 000ae000 08:05 135647 7f6bb8ce1000-7f6bb8ce3000 rw-p 000b6000 08:05 135647 :: 15:04.42 Thu Dec 24 2009
0x0000000000e44b10 ***
/>fd7bd]
/usr/bin/qemu
/usr/bin/qemu
/usr/bin/qemu
[heap]
/lib/libgcc_s.so.1
/lib/libgcc_s.so.1
/lib/libgcc_s.so.1
/lib/libgcc_s.so.1
/usr/lib/libXfixes.so.3.1.0
/usr/lib/libXfixes.so.3.1.0
/usr/lib/libXfixes.so.3.1.0
/usr/lib/libXfixes.so.3.1.0
/usr/lib/libXrender.so.1.3.0
/usr/lib/libXrender.so.1.3.0
/usr/lib/libXrender.so.1.3.0
/usr/lib/libXrender.so.1.3.0
/usr/lib/libXcursor.so.1.0.2
/usr/lib/libXcursor.so.1.0.2
/usr/lib/libXcursor.so.1.0.2
/usr/lib/libXcursor.so.1.0.2
0
/usr/lib/locale/en_US.utf8/LC_CTYPE
/usr/lib/locale/en_US.utf8/LC_NUMERIC
/usr/lib/locale/en_US.utf8/LC_TIME
/usr/lib/locale/en_US.utf8/LC_COLLATE
/usr/lib/locale/en_US.utf8/LC_MONETARY
/usr/lib/locale/en_US.utf8/LC_MESSAGES/SYS_LC_MESSAGES
/usr/lib/locale/en_US.utf8/LC_PAPER
/usr/lib/locale/en_US.utf8/LC_NAME
/usr/lib/locale/en_US.utf8/LC_ADDRESS
/usr/lib/locale/en_US.utf8/LC_TELEPHONE
/usr/lib/locale/en_US.utf8/LC_MEASUREMENT
/usr/lib/gconv/gconv-modules.cache
/usr/lib/locale/en_US.utf8/LC_IDENTIFICATION
0
0
0
0
/lib/libnss_files-2.10.1.so
/lib/libnss_files-2.10.1.so
/lib/libnss_files-2.10.1.so
/lib/libnss_files-2.10.1.so
/lib/libkeyutils-1.2.so
/lib/libkeyutils-1.2.so
/lib/libkeyutils-1.2.so
/lib/libkeyutils-1.2.so
/usr/lib/libkrb5support.so.0.1
/usr/lib/libkrb5support.so.0.1
/usr/lib/libkrb5support.so.0.1
/usr/lib/libkrb5support.so.0.1
/lib/libcom_err.so.2.1
/lib/libcom_err.so.2.1
/lib/libcom_err.so.2.1
/lib/libcom_err.so.2.1
/usr/lib/libk5crypto.so.3.1
/usr/lib/libk5crypto.so.3.1
/usr/lib/libk5crypto.so.3.1
/usr/lib/libk5crypto.so.3.1
/usr/lib/libkrb5.so.3.3
/usr/lib/libkrb5.so.3.3
/usr/lib/libkrb5.so.3.3
/usr/lib/libkrb5.so.3.3[1] 17268 abort qemu -hda ubuntu-lucid.img

ProblemType: Bug
Architecture: amd64
Date: Thu Dec 24 15:10:42 2009
DistroRelease: Ubuntu 9.10
KvmCmdLine: Error: command ['ps', '-C', 'kvm', '-F'] failed with exit code 1: UID PID PPID C SZ RSS PSR STIME TTY TIME CMD
MachineType: Dell Inc. Latitude D830
Package: qemu 0.11.0-0ubuntu6.3
PccardctlIdent:
Socket 0:
no product info available
PccardctlStatus:
Socket 0:
no card
ProcCmdLine: BOOT_IMAGE=/vmlinuz-2.6.31-17-generic root=UUID=b3651854-2cb6-4632-b5c5-441e283bec20 ro quiet splash ipv6.disable=1
ProcEnviron:
LANGUAGE=
LC_CTYPE=C
PATH=(custom, user)
LANG=en_US.UTF-8
SHELL=/bin/zsh
ProcVersionSignature: Ubuntu 2.6.31-17.54-generic
SourcePackage: qemu-kvm
Uname: Linux 2.6.31-17-generic x86_64
dmi.bios.date: 02/28/2008
dmi.bios.vendor: Dell Inc.
dmi.bios.version: A10
dmi.board.name: 0HN341
dmi.board.vendor: Dell Inc.
dmi.chassis.type: 8
dmi.chassis.vendor: Dell Inc.
dmi.modalias: dmi:bvnDellInc.:bvrA10:bd02/28/2008:svnDellInc.:pnLatitudeD830:pvr:rvnDellInc.:rn0HN341:rvr:cvnDellInc.:ct8:cvr:
dmi.product.name: Latitude D830
dmi.sys.vendor: Dell Inc.

Tags:

Revision history for this message

Rich Johnson (nixternal) wrote on 2009-12-24:

BootDmesg.txt Edit (49.1 KiB, text/plain; charset="utf-8")
CurrentDmesg.txt Edit (4.8 KiB, text/plain; charset="utf-8")
Dependencies.txt Edit (2.3 KiB, text/plain; charset="utf-8")
Lspci.txt Edit (14.3 KiB, text/plain; charset="utf-8")
Lsusb.txt Edit (628 bytes, text/plain; charset="utf-8")
ProcCpuinfo.txt Edit (1.4 KiB, text/plain; charset="utf-8")
ProcInterrupts.txt Edit (1.6 KiB, text/plain; charset="utf-8")
ProcModules.txt Edit (3.1 KiB, text/plain; charset="utf-8")
RelatedPackageVersions.txt Edit (387 bytes, text/plain; charset="utf-8")
UdevDb.txt Edit (118.3 KiB, text/plain; charset="utf-8")
UdevLog.txt Edit (234.6 KiB, text/plain; charset="utf-8")

Revision history for this message

Michał Zając (quintasan) wrote on 2010-01-03:

Download full text (8.6 KiB)

I have almost exacly the same error, the only thing that has changed is pointers address:

I have almost exacly the same error, the only thing that has changed is pointers address:

[quintasan@nightwalker ~]% kvm -m 512 -hda /home/quintasan/Sauce/kvm/lucid.img
*** glibc detected *** kvm: free(): invalid pointer: 0x000000000296eb10 ***   
======= Backtrace: =========                                                  
/lib/libc.so.6[0x7f376b08fdd6]                                                
kvm[0x42545a]                                                                 
kvm[0x4254ef]                                                                 
kvm[0x4682ab]                                                                 
kvm[0x469971]                                                                 
kvm[0x46b011]                                                                 
kvm[0x424c25]                                                                 
kvm[0x424d13]                                                                 
kvm[0x4262a6]                                                                 
/lib/libpthread.so.0[0x7f376cd94a04]                                          
/lib/libc.so.6(clone+0x6d)[0x7f376b0f97bd]                                    
======= Memory map: ========                                                  
00400000-00628000 r-xp 00000000 08:01 125257                             /usr/bin/qemu-system-x86_64
00827000-00828000 r--p 00227000 08:01 125257                             /usr/bin/qemu-system-x86_64
00828000-00830000 rw-p 00228000 08:01 125257                             /usr/bin/qemu-system-x86_64
00830000-00c45000 rw-p 00000000 00:00 0                                                             
0296a000-02d25000 rw-p 00000000 00:00 0                                  [heap]                     
7f3743ae9000-7f3743aff000 r-xp 00000000 08:01 1348                       /lib/libgcc_s.so.1         
7f3743aff000-7f3743cfe000 ---p 00016000 08:01 1348                       /lib/libgcc_s.so.1         
7f3743cfe000-7f3743cff000 r--p 00015000 08:01 1348                       /lib/libgcc_s.so.1         
7f3743cff000-7f3743d00000 rw-p 00016000 08:01 1348                       /lib/libgcc_s.so.1         
7f3743d00000-7f3743d05000 r-xp 00000000 08:01 7464                       /usr/lib/libXfixes.so.3.1.0
7f3743d05000-7f3743f04000 ---p 00005000 08:01 7464                       /usr/lib/libXfixes.so.3.1.0
7f3743f04000-7f3743f05000 r--p 00004000 08:01 7464                       /usr/lib/libXfixes.so.3.1.0
7f3743f05000-7f3743f06000 rw-p 00005000 08:01 7464                       /usr/lib/libXfixes.so.3.1.0
7f3743f06000-7f3743f0f000 r-xp 00000000 08:01 7484                       /usr/lib/libXrender.so.1.3.0
7f3743f0f000-7f374410e000 ---p 00009000 08:01 7484                       /usr/lib/libXrender.so.1.3.0
7f374410e000-7f374410f000 r--p 00008000 08:01 7484                       /usr/lib/libXrender.so.1.3.0
7f374410f000-7f3744110000 rw-p 00009000 08:01 7484                       /usr/lib/libXrender.so.1.3.0
7f3744110000-7f3744119000 r-xp 00000000 08:01 7456                       /usr/lib/libXcursor.so.1.0.2
7f3744119000-7f3744318000 ---p 00009000 08:01 7456                       /usr/lib/libXcursor.so.1.0.2
7f3744318000-7f3744319000 r--p 00008000 08:01 7456                       /usr/lib/libXcursor.so.1.0.2
7f3744319000-7f374431a000 rw-p 00009000 08:01 7456                       /usr/lib/libXcursor.so.1.0.2
7f374431a000-7f3744367000 rw-p 00000000 00:00 0                                                      
7f37443ec000-7f374442b000 r--p 00000000 08:01 11280                      /usr/lib/locale/pl_PL.utf8/LC_CTYPE                                                                                                        
7f374442b000-7f374442c000 r--p 00000000 08:01 11285                      /usr/lib/locale/pl_PL.utf8/LC_NUMERIC                                                                                                      
7f374442c000-7f374442d000 r--p 00000000 08:01 88425                      /usr/lib/locale/pl_PL.utf8/LC_TIME                                                                                                         
7f374442d000-7f374451a000 r--p 00000000 08:01 88426                      /usr/lib/locale/pl_PL.utf8/LC_COLLATE                                                                                                      
7f374451a000-7f374451b000 r--p 00000000 08:01 88449                      /usr/lib/locale/pl_PL.utf8/LC_MONETARY                                                                                                     
7f374451b000-7f374451c000 r--p 00000000 08:01 93632                      /usr/lib/locale/pl_PL.utf8/LC_MESSAGES/SYS_LC_MESSAGES                                                                                     
7f374451c000-7f374451d000 r--p 00000000 08:01 11559                      /usr/lib/locale/pl_PL.utf8/LC_PAPER                                                                                                        
7f374451d000-7f374451e000 r--p 00000000 08:01 11284                      /usr/lib/locale/pl_PL.utf8/LC_NAME                                                                                                         
7f374451e000-7f374451f000 r--p 00000000 08:01 93633                      /usr/lib/locale/pl_PL.utf8/LC_ADDRESS                                                                                                      
7f374451f000-7f3744520000 r--p 00000000 08:01 93634                      /usr/lib/locale/pl_PL.utf8/LC_TELEPHONE                                                                                                    
7f3744520000-7f3744521000 r--p 00000000 08:01 11282                      /usr/lib/locale/pl_PL.utf8/LC_MEASUREMENT                                                                                                  
7f3744521000-7f3744528000 r--s 00000000 08:01 9668                       /usr/lib/gconv/gconv-modules.cache                                                                                                         
7f3744528000-7f3744529000 r--p 00000000 08:01 93635                      /usr/lib/locale/pl_PL.utf8/LC_IDENTIFICATION                                                                                               
7f3744529000-7f374458c000 rw-p 00000000 00:00 0
7f37445f8000-7f37656df000 rw-p 00000000 00:00 0
7f37656df000-7f37656e0000 ---p 00000000 00:00 0
7f37656e0000-7f3765ee0000 rw-p 00000000 00:00 0
7f3765ee0000-7f3765eec000 r-xp 00000000 08:01 1377                       /lib/libnss_files-2.10.1.so
7f3765eec000-7f37660eb000 ---p 0000c000 08:01 1377                       /lib/libnss_files-2.10.1.so
7f37660eb000-7f37660ec000 r--p 0000b000 08:01 1377                       /lib/libnss_files-2.10.1.so
7f37660ec000-7f37660ed000 rw-p 0000c000 08:01 1377                       /lib/libnss_files-2.10.1.so
7f37660ed000-7f37660ef000 r-xp 00000000 08:01 1362                       /lib/libkeyutils-1.2.so
7f37660ef000-7f37662ee000 ---p 00002000 08:01 1362                       /lib/libkeyutils-1.2.so
7f37662ee000-7f37662ef000 r--p 00001000 08:01 1362                       /lib/libkeyutils-1.2.so
7f37662ef000-7f37662f0000 rw-p 00002000 08:01 1362                       /lib/libkeyutils-1.2.so
7f37662f0000-7f37662f7000 r-xp 00000000 08:01 8126                       /usr/lib/libkrb5support.so.0.1
7f37662f7000-7f37664f6000 ---p 00007000 08:01 8126                       /usr/lib/libkrb5support.so.0.1
7f37664f6000-7f37664f7000 r--p 00006000 08:01 8126                       /usr/lib/libkrb5support.so.0.1
7f37664f7000-7f37664f8000 rw-p 00007000 08:01 8126                       /usr/lib/libkrb5support.so.0.1
7f37664f8000-7f37664fb000 r-xp 00000000 08:01 1329                       /lib/libcom_err.so.2.1
7f37664fb000-7f37666fa000 ---p 00003000 08:01 1329                       /lib/libcom_err.so.2.1
7f37666fa000-7f37666fb000 r--p 00002000 08:01 1329                       /lib/libcom_err.so.2.1
7f37666fb000-7f37666fc000 rw-p 00003000 08:01 1329                       /lib/libcom_err.so.2.1
7f37666fc000-7f3766725000 r-xp 00000000 08:01 7888                       /usr/lib/libk5crypto.so.3.1
7f3766725000-7f3766924000 ---p 00029000 08:01 7888                       /usr/lib/libk5crypto.so.3.1
7f3766924000-7f3766926000 r--p 00028000 08:01 7888                       /usr/lib/libk5crypto.so.3.1
7f3766926000-7f3766927000 rw-p 0002a000 08:01 7888                       /usr/lib/libk5crypto.so.3.1
7f3766927000-7f37669d5000 r-xp 00000000 08:01 8124                       /usr/lib/libkrb5.so.3.3
7f37669d5000-7f3766bd5000 ---p 000ae000 08:01 8124                       /usr/lib/libkrb5.so.3.3zsh: abort      kvm -m 512 -hda /home/quintasan/Sauce/kvm/lucid.img

Changed in qemu-kvm (Ubuntu):
status:	New → Confirmed

Michał Zając (quintasan) on 2010-01-04

Changed in qemu-kvm (Ubuntu):
importance:	Undecided → Medium

Revision history for this message

Dustin Kirkland  (kirkland) wrote on 2010-03-01:

At what point do you see this? Before or after the grub menu?

Revision history for this message

Rich Johnson (nixternal) wrote on 2010-03-01:

I updated, and it broke. I updated again, and it fixed it. What was it that fixed it? I have no clue, but it works on all of my machines now where it was broken previously. I think Michal said it was fixed for him as well, but I will poke him with Sarah's pointy stick of doom on IRC and find out.

Changed in qemu-kvm (Ubuntu):
status:	Confirmed → Fix Released

Report a bug

This report contains Public information

Everyone can see this information.

You are

Subscribing...

Edit bug mail

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.

Ubuntuqemu-kvm package

*** glibc detected *** qemu: free(): invalid pointer: 0x0000000000e44b10 ***

Bug Description

Other bug subscribers

Bug attachments

Remote bug watches

Ubuntu
qemu-kvm package

* glibc detected * qemu: free(): invalid pointer: 0x0000000000e44b10 ***