From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from eggs.gnu.org ([208.118.235.92]:47437) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1URn0F-00010q-Hh for qemu-devel@nongnu.org; Mon, 15 Apr 2013 13:15:45 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1URn0D-0002pj-E6 for qemu-devel@nongnu.org; Mon, 15 Apr 2013 13:15:39 -0400 Received: from indium.canonical.com ([91.189.90.7]:48483) by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1URn0D-0002pZ-3J for qemu-devel@nongnu.org; Mon, 15 Apr 2013 13:15:37 -0400 Received: from loganberry.canonical.com ([91.189.90.37]) by indium.canonical.com with esmtp (Exim 4.71 #1 (Debian)) id 1URn0C-0001wo-At for ; Mon, 15 Apr 2013 17:15:36 +0000 Received: from loganberry.canonical.com (localhost [127.0.0.1]) by loganberry.canonical.com (Postfix) with ESMTP id 4E33B2E802C for ; Mon, 15 Apr 2013 17:15:36 +0000 (UTC) MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable Date: Mon, 15 Apr 2013 17:06:26 -0000 From: Anthony Liguori Sender: bounces@canonical.com References: <20130415164238.30084.41373.malonedeb@chaenomeles.canonical.com> Message-Id: <87haj7vi3x.fsf@codemonkey.ws> Errors-To: bounces@canonical.com Subject: Re: [Qemu-devel] [Bug 1169254] [NEW] latest qemu.git master -> qemu-system-x86_64 crashes when issuing screendump command over monitor Reply-To: Bug 1169254 <1169254@bugs.launchpad.net> List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , To: qemu-devel@nongnu.org Lucas Meneghel Rodrigues writes: > Public bug reported: > > Found the problem during sanity test of the 'next' branch > > git commit ID is e2ec3f976803b360c70d9ae2ba13852fa5d11665 (tag > v1.4.0-1202-ge2ec3f9) Can you bisect? I can't reproduce with the following: [12:04 PM] anthony=F0=9F=90=B5 titi:~/build/qemu$ echo -e 'cont\nscreendump abc.ppm' | x86_64-softmmu/qemu-system-x86_64 -monitor stdio -vga std -S -vnc :0 -enable-kvm -nodefaults Which appears to be all of the obvious options in your command line that would be relevant here. I notice that you're on Regards, Anthony Liguori > > For reference, kernel is upstream kvm.git > > git commit ID is 31880c37c11e28cb81c70757e38392b42e695dc6 (tag > v3.8-12524-g31880c3) > > Steps to reproduce: > > Start qemu, reference cmd: > > MALLOC_PERTURB_=3D1 /usr/local/autotest/tests/virt/qemu/qemu \ > -S \ > -name 'vm1' \ > -nodefaults \ > -chardev socket,id=3Dhmp_id_hmp1,path=3D/tmp/monitor-hmp1-20130415-12= 0337-CX4dw84y,server,nowait \ > -mon chardev=3Dhmp_id_hmp1,mode=3Dreadline \ > -chardev socket,id=3Dqmp_id_qmp1,path=3D/tmp/monitor-qmp1-20130415-12= 0337-CX4dw84y,server,nowait \ > -mon chardev=3Dqmp_id_qmp1,mode=3Dcontrol \ > -chardev socket,id=3Dserial_id_serial1,path=3D/tmp/serial-serial1-201= 30415-120337-CX4dw84y,server,nowait \ > -device isa-serial,chardev=3Dserial_id_serial1 \ > -chardev socket,id=3Dseabioslog_id_20130415-120337-CX4dw84y,path=3D/t= mp/seabios-20130415-120337-CX4dw84y,server,nowait \ > -device isa-debugcon,chardev=3Dseabioslog_id_20130415-120337-CX4dw84y= ,iobase=3D0x402 \ > -device ich9-usb-uhci1,id=3Dusb1 \ > -drive file=3D'/usr/local/autotest/tests/virt/shared/data/images/rhel= 63-64.qcow2',if=3Dnone,id=3Dvirtio0 \ > -device virtio-blk-pci,drive=3Dvirtio0,bootindex=3D1 \ > -device virtio-net-pci,netdev=3Did7t6ont,mac=3D'9a:16:17:18:19:1a',id= =3D'idQ3SyRX' \ > -netdev tap,id=3Did7t6ont,vhost=3Don,fd=3D24 \ > -m 2048 \ > -smp 2,maxcpus=3D2,cores=3D1,threads=3D1,sockets=3D2 \ > -cpu 'Opteron_G3' \ > -M pc \ > -drive file=3D'/usr/local/autotest/tests/virt/shared/data/isos/linux/= RHEL-6.3-x86_64-DVD.iso',media=3Dcdrom,index=3D2 \ > -drive file=3D'/usr/local/autotest/tests/virt/shared/data/images/rhel= 63-64/ks.iso',media=3Dcdrom,index=3D1 \ > -device usb-tablet,id=3Dusb-tablet1,bus=3Dusb1.0,port=3D1 \ > -kernel '/usr/local/autotest/tests/virt/shared/data/images/rhel63-64/= vmlinuz' \ > -append 'ks=3Dcdrom nicdelay=3D60 console=3DttyS0,115200 console=3Dtt= y0' \ > -initrd '/usr/local/autotest/tests/virt/shared/data/images/rhel63-64/= initrd.img' \ > -vnc :0 \ > -vga std \ > -rtc base=3Dutc,clock=3Dhost,driftfix=3Dnone \ > -boot order=3Dcdn,once=3Dd,menu=3Doff \ > -enable-kvm > > 2) Connect to the monitor > > nc -U /tmp/monitor-hmp1-20130415-120337-CX4dw84y,server,nowait > > 3) Unpause the VM > > [root@virtblade03 autotest]# nc -U /tmp/monitor-hmp1-20130415-120943-D6zK= UQFO > QEMU 1.4.50 monitor - type 'help' for more information > (qemu) cont > cont > > 4) Ask for a screendump > > (qemu) screendump abc.ppm > screendump abc.ppm > > At this point, qemu crashes. > > Program terminated with signal 11, Segmentation fault. > #0 pixman_image_get_width (image=3D0x101010101010101) at pixman-image.c= :834 > 834 if (image->type =3D=3D BITS) > (gdb) bt > #0 pixman_image_get_width (image=3D0x101010101010101) at pixman-image.c= :834 > #1 0x00007f0b44158374 in ppm_save (filename=3D0x7f0b46762a30 "/dev/shm/= scrdump-miGZom.ppm", ds=3D0x7f0b466b7a50, errp=3D0x7fff41c08260) > at /usr/local/autotest/tmp/virt/src/qemu/hw/display/vga.c:2401 > #2 0x00007f0b4410f18e in qmp_screendump (filename=3D0x7f0b46762a30 "/de= v/shm/scrdump-miGZom.ppm", errp=3D0x7fff41c08260) at ui/console.c:195 > #3 0x00007f0b43ffc77a in hmp_screen_dump (mon=3D0x7f0b46530d80, qdict= =3D) at hmp.c:1335 > #4 0x00007f0b4418c889 in handle_user_command (mon=3Dmon@entry=3D0x7f0b4= 6530d80, cmdline=3D) at /usr/local/autotest/tmp/virt/src/qem= u/monitor.c:4007 > #5 0x00007f0b4418cc0b in monitor_command_cb (mon=3D0x7f0b46530d80, cmdl= ine=3D, opaque=3D) > at /usr/local/autotest/tmp/virt/src/qemu/monitor.c:4623 > #6 0x00007f0b440fe69b in readline_handle_byte (rs=3D0x7f0b46689a30, ch= =3D) at readline.c:373 > #7 0x00007f0b4418c954 in monitor_read (opaque=3D, buf=3D= , size=3D) at /usr/local/autotest/tmp/virt/sr= c/qemu/monitor.c:4609 > #8 0x00007f0b440ec029 in qemu_chr_be_write (len=3D, buf= =3D0x7fff41c08400 "\n", s=3D0x7f0b46506c00) at qemu-char.c:187 > #9 tcp_chr_read (chan=3D, cond=3D, opaque= =3D0x7f0b46506c00) at qemu-char.c:2519 > #10 0x00007f0b43622a75 in g_main_dispatch (context=3D0x7f0b46506240) at = gmain.c:2715 > #11 g_main_context_dispatch (context=3Dcontext@entry=3D0x7f0b46506240) a= t gmain.c:3219 > #12 0x00007f0b440c4c78 in glib_pollfds_poll () at main-loop.c:187 > #13 os_host_main_loop_wait (timeout=3D) at main-loop.c:232 > #14 main_loop_wait (nonblocking=3D) at main-loop.c:468 > #15 0x00007f0b43faab55 in main_loop () at vl.c:2043 > #16 main (argc=3D, argv=3D, envp=3D) at vl.c:4432 > > if (image->type =3D=3D BITS) > image=3D0x101010101010101 > > The pointer to the image is invalid. Need to investigate why. > > ** Affects: qemu > Importance: Undecided > Status: New > > -- = > You received this bug notification because you are subscribed to QEMU. > https://bugs.launchpad.net/bugs/1169254 > > Title: > latest qemu.git master -> qemu-system-x86_64 crashes when issuing > screendump command over monitor > > To manage notifications about this bug go to: > https://bugs.launchpad.net/qemu/+bug/1169254/+subscriptions -- = You received this bug notification because you are a member of qemu- devel-ml, which is subscribed to QEMU. https://bugs.launchpad.net/bugs/1169254 Title: latest qemu.git master -> qemu-system-x86_64 crashes when issuing screendump command over monitor Status in QEMU: New Bug description: Found the problem during sanity test of the 'next' branch git commit ID is e2ec3f976803b360c70d9ae2ba13852fa5d11665 (tag v1.4.0-1202-ge2ec3f9) For reference, kernel is upstream kvm.git git commit ID is 31880c37c11e28cb81c70757e38392b42e695dc6 (tag v3.8-12524-g31880c3) Steps to reproduce: Start qemu, reference cmd: MALLOC_PERTURB_=3D1 /usr/local/autotest/tests/virt/qemu/qemu \ -S \ -name 'vm1' \ -nodefaults \ -chardev socket,id=3Dhmp_id_hmp1,path=3D/tmp/monitor-hmp1-20130415-12= 0337-CX4dw84y,server,nowait \ -mon chardev=3Dhmp_id_hmp1,mode=3Dreadline \ -chardev socket,id=3Dqmp_id_qmp1,path=3D/tmp/monitor-qmp1-20130415-12= 0337-CX4dw84y,server,nowait \ -mon chardev=3Dqmp_id_qmp1,mode=3Dcontrol \ -chardev socket,id=3Dserial_id_serial1,path=3D/tmp/serial-serial1-201= 30415-120337-CX4dw84y,server,nowait \ -device isa-serial,chardev=3Dserial_id_serial1 \ -chardev socket,id=3Dseabioslog_id_20130415-120337-CX4dw84y,path=3D/t= mp/seabios-20130415-120337-CX4dw84y,server,nowait \ -device isa-debugcon,chardev=3Dseabioslog_id_20130415-120337-CX4dw84y= ,iobase=3D0x402 \ -device ich9-usb-uhci1,id=3Dusb1 \ -drive file=3D'/usr/local/autotest/tests/virt/shared/data/images/rhel= 63-64.qcow2',if=3Dnone,id=3Dvirtio0 \ -device virtio-blk-pci,drive=3Dvirtio0,bootindex=3D1 \ -device virtio-net-pci,netdev=3Did7t6ont,mac=3D'9a:16:17:18:19:1a',id= =3D'idQ3SyRX' \ -netdev tap,id=3Did7t6ont,vhost=3Don,fd=3D24 \ -m 2048 \ -smp 2,maxcpus=3D2,cores=3D1,threads=3D1,sockets=3D2 \ -cpu 'Opteron_G3' \ -M pc \ -drive file=3D'/usr/local/autotest/tests/virt/shared/data/isos/linux/= RHEL-6.3-x86_64-DVD.iso',media=3Dcdrom,index=3D2 \ -drive file=3D'/usr/local/autotest/tests/virt/shared/data/images/rhel= 63-64/ks.iso',media=3Dcdrom,index=3D1 \ -device usb-tablet,id=3Dusb-tablet1,bus=3Dusb1.0,port=3D1 \ -kernel '/usr/local/autotest/tests/virt/shared/data/images/rhel63-64/= vmlinuz' \ -append 'ks=3Dcdrom nicdelay=3D60 console=3DttyS0,115200 console=3Dtt= y0' \ -initrd '/usr/local/autotest/tests/virt/shared/data/images/rhel63-64/= initrd.img' \ -vnc :0 \ -vga std \ -rtc base=3Dutc,clock=3Dhost,driftfix=3Dnone \ -boot order=3Dcdn,once=3Dd,menu=3Doff \ -enable-kvm 2) Connect to the monitor nc -U /tmp/monitor-hmp1-20130415-120337-CX4dw84y,server,nowait 3) Unpause the VM [root@virtblade03 autotest]# nc -U /tmp/monitor-hmp1-20130415-120943-D6zK= UQFO QEMU 1.4.50 monitor - type 'help' for more information (qemu) cont cont 4) Ask for a screendump (qemu) screendump abc.ppm screendump abc.ppm At this point, qemu crashes. Program terminated with signal 11, Segmentation fault. #0 pixman_image_get_width (image=3D0x101010101010101) at pixman-image.c= :834 834 if (image->type =3D=3D BITS) (gdb) bt #0 pixman_image_get_width (image=3D0x101010101010101) at pixman-image.c= :834 #1 0x00007f0b44158374 in ppm_save (filename=3D0x7f0b46762a30 "/dev/shm/= scrdump-miGZom.ppm", ds=3D0x7f0b466b7a50, errp=3D0x7fff41c08260) at /usr/local/autotest/tmp/virt/src/qemu/hw/display/vga.c:2401 #2 0x00007f0b4410f18e in qmp_screendump (filename=3D0x7f0b46762a30 "/de= v/shm/scrdump-miGZom.ppm", errp=3D0x7fff41c08260) at ui/console.c:195 #3 0x00007f0b43ffc77a in hmp_screen_dump (mon=3D0x7f0b46530d80, qdict= =3D) at hmp.c:1335 #4 0x00007f0b4418c889 in handle_user_command (mon=3Dmon@entry=3D0x7f0b4= 6530d80, cmdline=3D) at /usr/local/autotest/tmp/virt/src/qem= u/monitor.c:4007 #5 0x00007f0b4418cc0b in monitor_command_cb (mon=3D0x7f0b46530d80, cmdl= ine=3D, opaque=3D) at /usr/local/autotest/tmp/virt/src/qemu/monitor.c:4623 #6 0x00007f0b440fe69b in readline_handle_byte (rs=3D0x7f0b46689a30, ch= =3D) at readline.c:373 #7 0x00007f0b4418c954 in monitor_read (opaque=3D, buf=3D= , size=3D) at /usr/local/autotest/tmp/virt/sr= c/qemu/monitor.c:4609 #8 0x00007f0b440ec029 in qemu_chr_be_write (len=3D, buf= =3D0x7fff41c08400 "\n", s=3D0x7f0b46506c00) at qemu-char.c:187 #9 tcp_chr_read (chan=3D, cond=3D, opaque= =3D0x7f0b46506c00) at qemu-char.c:2519 #10 0x00007f0b43622a75 in g_main_dispatch (context=3D0x7f0b46506240) at = gmain.c:2715 #11 g_main_context_dispatch (context=3Dcontext@entry=3D0x7f0b46506240) a= t gmain.c:3219 #12 0x00007f0b440c4c78 in glib_pollfds_poll () at main-loop.c:187 #13 os_host_main_loop_wait (timeout=3D) at main-loop.c:232 #14 main_loop_wait (nonblocking=3D) at main-loop.c:468 #15 0x00007f0b43faab55 in main_loop () at vl.c:2043 #16 main (argc=3D, argv=3D, envp=3D) at vl.c:4432 if (image->type =3D=3D BITS) image=3D0x101010101010101 The pointer to the image is invalid. Need to investigate why. To manage notifications about this bug go to: https://bugs.launchpad.net/qemu/+bug/1169254/+subscriptions