[Qemu-devel] [Bug 1169254] Re: latest qemu.git master -> qemu-system-x86_64 crashes when issuing screendump command over monitor

Thu, 18 Apr 2013 08:26:24 -0700 

Gerd sent a pull request that was merged, fixing the problem

top commit: 09dada400328d75daf79e3eca1e48e024fec148d

Problem is now fixed on latest qemu.git master.

** Changed in: qemu
       Status: New => Fix Committed

-- 
You received this bug notification because you are a member of qemu-
devel-ml, which is subscribed to QEMU.
https://bugs.launchpad.net/bugs/1169254

Title:
  latest qemu.git master -> qemu-system-x86_64 crashes when issuing
  screendump command over monitor

Status in QEMU:
  Fix Committed

Bug description:
  Found the problem during sanity test of the 'next' branch

  git commit ID is e2ec3f976803b360c70d9ae2ba13852fa5d11665 (tag
  v1.4.0-1202-ge2ec3f9)

  For reference, kernel is upstream kvm.git

  git commit ID is 31880c37c11e28cb81c70757e38392b42e695dc6 (tag
  v3.8-12524-g31880c3)

  Steps to reproduce:

  Start qemu, reference cmd:

  MALLOC_PERTURB_=1 /usr/local/autotest/tests/virt/qemu/qemu \
      -S \
      -name 'vm1' \
      -nodefaults \
      -chardev 
socket,id=hmp_id_hmp1,path=/tmp/monitor-hmp1-20130415-120337-CX4dw84y,server,nowait
 \
      -mon chardev=hmp_id_hmp1,mode=readline \
      -chardev 
socket,id=qmp_id_qmp1,path=/tmp/monitor-qmp1-20130415-120337-CX4dw84y,server,nowait
 \
      -mon chardev=qmp_id_qmp1,mode=control \
      -chardev 
socket,id=serial_id_serial1,path=/tmp/serial-serial1-20130415-120337-CX4dw84y,server,nowait
 \
      -device isa-serial,chardev=serial_id_serial1 \
      -chardev 
socket,id=seabioslog_id_20130415-120337-CX4dw84y,path=/tmp/seabios-20130415-120337-CX4dw84y,server,nowait
 \
      -device 
isa-debugcon,chardev=seabioslog_id_20130415-120337-CX4dw84y,iobase=0x402 \
      -device ich9-usb-uhci1,id=usb1 \
      -drive 
file='/usr/local/autotest/tests/virt/shared/data/images/rhel63-64.qcow2',if=none,id=virtio0
 \
      -device virtio-blk-pci,drive=virtio0,bootindex=1 \
      -device 
virtio-net-pci,netdev=id7t6ont,mac='9a:16:17:18:19:1a',id='idQ3SyRX' \
      -netdev tap,id=id7t6ont,vhost=on,fd=24 \
      -m 2048 \
      -smp 2,maxcpus=2,cores=1,threads=1,sockets=2 \
      -cpu 'Opteron_G3' \
      -M pc \
      -drive 
file='/usr/local/autotest/tests/virt/shared/data/isos/linux/RHEL-6.3-x86_64-DVD.iso',media=cdrom,index=2
 \
      -drive 
file='/usr/local/autotest/tests/virt/shared/data/images/rhel63-64/ks.iso',media=cdrom,index=1
 \
      -device usb-tablet,id=usb-tablet1,bus=usb1.0,port=1 \
      -kernel 
'/usr/local/autotest/tests/virt/shared/data/images/rhel63-64/vmlinuz' \
      -append 'ks=cdrom nicdelay=60 console=ttyS0,115200 console=tty0' \
      -initrd 
'/usr/local/autotest/tests/virt/shared/data/images/rhel63-64/initrd.img' \
      -vnc :0 \
      -vga std \
      -rtc base=utc,clock=host,driftfix=none  \
      -boot order=cdn,once=d,menu=off  \
      -enable-kvm

  2) Connect to the monitor

  nc -U /tmp/monitor-hmp1-20130415-120337-CX4dw84y,server,nowait

  3) Unpause the VM

  [root@virtblade03 autotest]# nc -U /tmp/monitor-hmp1-20130415-120943-D6zKUQFO
  QEMU 1.4.50 monitor - type 'help' for more information
  (qemu) cont
  cont

  4) Ask for a screendump

  (qemu) screendump abc.ppm
  screendump abc.ppm

  At this point, qemu crashes.

   Program terminated with signal 11, Segmentation fault.
   #0  pixman_image_get_width (image=0x101010101010101) at pixman-image.c:834
   834         if (image->type == BITS)
   (gdb) bt
   #0  pixman_image_get_width (image=0x101010101010101) at pixman-image.c:834
   #1  0x00007f0b44158374 in ppm_save (filename=0x7f0b46762a30 
"/dev/shm/scrdump-miGZom.ppm", ds=0x7f0b466b7a50, errp=0x7fff41c08260)
       at /usr/local/autotest/tmp/virt/src/qemu/hw/display/vga.c:2401
   #2  0x00007f0b4410f18e in qmp_screendump (filename=0x7f0b46762a30 
"/dev/shm/scrdump-miGZom.ppm", errp=0x7fff41c08260) at ui/console.c:195
   #3  0x00007f0b43ffc77a in hmp_screen_dump (mon=0x7f0b46530d80, 
qdict=<optimized out>) at hmp.c:1335
   #4  0x00007f0b4418c889 in handle_user_command (mon=mon@entry=0x7f0b46530d80, 
cmdline=<optimized out>) at /usr/local/autotest/tmp/virt/src/qemu/monitor.c:4007
   #5  0x00007f0b4418cc0b in monitor_command_cb (mon=0x7f0b46530d80, 
cmdline=<optimized out>, opaque=<optimized out>)
       at /usr/local/autotest/tmp/virt/src/qemu/monitor.c:4623
   #6  0x00007f0b440fe69b in readline_handle_byte (rs=0x7f0b46689a30, 
ch=<optimized out>) at readline.c:373
   #7  0x00007f0b4418c954 in monitor_read (opaque=<optimized out>, 
buf=<optimized out>, size=<optimized out>) at 
/usr/local/autotest/tmp/virt/src/qemu/monitor.c:4609
   #8  0x00007f0b440ec029 in qemu_chr_be_write (len=<optimized out>, 
buf=0x7fff41c08400 "\n", s=0x7f0b46506c00) at qemu-char.c:187
   #9  tcp_chr_read (chan=<optimized out>, cond=<optimized out>, 
opaque=0x7f0b46506c00) at qemu-char.c:2519
   #10 0x00007f0b43622a75 in g_main_dispatch (context=0x7f0b46506240) at 
gmain.c:2715
   #11 g_main_context_dispatch (context=context@entry=0x7f0b46506240) at 
gmain.c:3219
   #12 0x00007f0b440c4c78 in glib_pollfds_poll () at main-loop.c:187
   #13 os_host_main_loop_wait (timeout=<optimized out>) at main-loop.c:232
   #14 main_loop_wait (nonblocking=<optimized out>) at main-loop.c:468
   #15 0x00007f0b43faab55 in main_loop () at vl.c:2043
   #16 main (argc=<optimized out>, argv=<optimized out>, envp=<optimized out>) 
at vl.c:4432

   if (image->type == BITS)
   image=0x101010101010101

  The pointer to the image is invalid. Need to investigate why.

To manage notifications about this bug go to:
https://bugs.launchpad.net/qemu/+bug/1169254/+subscriptions

Reply via email to