From patchwork Wed Feb 3 02:09:07 2010 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Subject: system_reset command cause assert failed From: Roy Tam X-Patchwork-Id: 44333 Message-Id: <473191351002021809j187ef16bo172d1c925135d191@mail.gmail.com> To: Luiz Capitulino Cc: qemu-devel Date: Wed, 3 Feb 2010 10:09:07 +0800 2010/2/2 Luiz Capitulino : > On Tue, 2 Feb 2010 09:35:16 +0800 > Roy Tam wrote: > >> 2010/2/2 Luiz Capitulino : >> > On Tue, 2 Feb 2010 00:26:53 +0800 >> > Roy Tam wrote: >> > >> >> 2010/2/2 Luiz Capitulino : >> >> >> >> > Hm, I'm puzzled. Is this failing on malloc()? At least qemu_malloc() >> >> > is the last qemu's function I see in the logs. >> >> > >> >> > From now on I only see msvcrt functions... >> >> > >> >> > Maybe, you can type run on gdb, run system_reset on the >> >> > Monitor and then switch back to gdb and type bt? >> >> > >> >> source-less debugging seems better... >> > >> > As far as I can understand something bad happens while the parser >> > is processing the first "'" character of the qobject_from_jsonf() >> > call in monitor.c:4524. >> > >> > Strange. Can you try 'info pci', 'info block' and 'info version'? >> > Do they work? >> > >> > Maybe this is a refcount problem? >> > >> > Anthony, could you take a look too please? >> > >> >> rebuild with -gstabs -O1, you can see double free here: > > Ok, so we have a double free and > Clarify that after digging into sources further, it is not double free, but parse_json not be executed by json_lexer_feed_char as I put asm("int3") in parse_json but there's no SIGTRAP be raised. (for system_reset and system_powerdown) >> #0 qobject_to_qdict (obj=0x0) at qobject.h:108 >> #1 0x004127ae in pci_device_print (mon=0x494c460, device=0x49696c0) >> at /home/roy/qemu/hw/pci.c:1165 > > a segfault. for this, parse_json was executed by json_lexer_feed_char. a workaround patch is here, but why null qobj has pushed into qlist? addr = qdict_get_int(qdict, "address"); diff --git a/hw/pci.c b/hw/pci.c index 023f7b6..84e7b35 100644 --- a/hw/pci.c +++ b/hw/pci.c @@ -1161,8 +1161,11 @@ static void pci_device_print(Monitor *mon, QDict *device) qdict_get_int(info, "limit")); } + QObject* qobj; QLIST_FOREACH_ENTRY(qdict_get_qlist(device, "regions"), entry) { - qdict = qobject_to_qdict(qlist_entry_obj(entry)); + qobj = qlist_entry_obj(entry); + if(!qobj) continue; + qdict = qobject_to_qdict(qobj); monitor_printf(mon, " BAR%d: ", (int) qdict_get_int(qdict, "bar"));