2010/2/2 Luiz Capitulino <lcapitul...@redhat.com>:
> On Tue, 2 Feb 2010 00:26:53 +0800
> Roy Tam <roy...@gmail.com> wrote:
>
>> 2010/2/2 Luiz Capitulino <lcapitul...@redhat.com>:
>>
>> > Hm, I'm puzzled. Is this failing on malloc()? At least qemu_malloc()
>> > is the last qemu's function I see in the logs.
>> >
>> > From now on I only see msvcrt functions...
>> >
>> > Maybe, you can type run on gdb, run system_reset on the
>> > Monitor and then switch back to gdb and type bt?
>> >
>> source-less debugging seems better...
>
> As far as I can understand something bad happens while the parser
> is processing the first "'" character of the qobject_from_jsonf()
> call in monitor.c:4524.
>
> Strange. Can you try 'info pci', 'info block' and 'info version'?
> Do they work?
>
> Maybe this is a refcount problem?
>
> Anthony, could you take a look too please?
>
rebuild with -gstabs -O1, you can see double free here:
......
(gdb)
qobject_to_qstring (obj=0xd95db10) at qstring.c:110
110 in qstring.c
(gdb)
108 qobject.h: No such file or directory.
in qobject.h
(gdb)
111 qstring.c: No such file or directory.
in qstring.c
(gdb)
114 in qstring.c
(gdb)
115 in qstring.c
(gdb)
qstring_destroy_obj (obj=0xd95db10) at qstring.c:138
138 in qstring.c
(gdb)
qemu_free (ptr=0xd95db40) at qemu-malloc.c:41
41 qemu-malloc.c: No such file or directory.
in qemu-malloc.c
(gdb)
42 in qemu-malloc.c
(gdb)
43 in qemu-malloc.c
(gdb)
qstring_destroy_obj (obj=0xd95db10) at qstring.c:139
139 qstring.c: No such file or directory.
in qstring.c
(gdb)
qemu_free (ptr=0xd95db10) at qemu-malloc.c:41
41 qemu-malloc.c: No such file or directory.
in qemu-malloc.c
(gdb) bt
#0 qemu_free (ptr=0xd95db10) at qemu-malloc.c:41
#1 0x0044c49d in qstring_destroy_obj (obj=0xd95db10) at qstring.c:139
#2 0x0044daae in json_lexer_feed_char (lexer=0x22fae0, ch=37 '%') at
qobject.h:99
#3 0x0044db51 in json_lexer_feed (lexer=0x22fae0, buffer=0x5881d0 "{
'seconds': %I64d, 'microseconds': %I64d }",
size=43) at json-lexer.c:310
#4 0x0044dbc8 in json_message_parser_feed (parser=0x22fadc,
buffer=0x5881d0 "{ 'seconds': %I64d, 'microseconds': %I64d }",
size=43) at json-streamer.c:76
#5 0x0044d85b in qobject_from_jsonv (string=0x5881d0 "{ 'seconds':
%I64d, 'microseconds': %I64d }", ap=0x22fb40)
at qjson.c:44
#6 0x0044d8a8 in qobject_from_jsonf (string=0x5881d0 "{ 'seconds':
%I64d, 'microseconds': %I64d }") at qjson.c:62
#7 0x0040ee50 in monitor_protocol_event (event=QEVENT_RESET,
data=0x0) at /home/roy/qemu/monitor.c:335
#8 0x00408ed9 in main (argc=1, argv=0x13b3f38, envp=0x4012f0) at
/home/roy/qemu/vl.c:4000
(gdb)
for info, info version and info block works, info pci segfaults:
Program received signal SIGSEGV, Segmentation fault.
qobject_to_qdict (obj=0x0) at qobject.h:108
108 qobject.h: No such file or directory.
in qobject.h
(gdb) bt
#0 qobject_to_qdict (obj=0x0) at qobject.h:108
#1 0x004127ae in pci_device_print (mon=0x494c460, device=0x49696c0)
at /home/roy/qemu/hw/pci.c:1165
#2 0x00412f8e in do_pci_info_print (mon=0x494c460, data=0x4970078) at
/home/roy/qemu/hw/pci.c:1204
#3 0x0040ebc4 in do_info (mon=0x494c460, qdict=0xd95d0d8,
ret_data=0x22f048) at /home/roy/qemu/monitor.c:574
#4 0x0040e3f9 in monitor_call_handler (mon=0x494c460, cmd=0x589b78,
params=0x0) at /home/roy/qemu/monitor.c:3715
#5 0x00410423 in handle_user_command (mon=0x494c460,
cmdline=0x77c2f97c "\001") at /home/roy/qemu/monitor.c:3753
#6 0x004105ae in monitor_command_cb (mon=0x494c460, cmdline=0x494c8b8
"info pci", opaque=0x0)
at /home/roy/qemu/monitor.c:4267
#7 0x004503a0 in readline_handle_byte (rs=0x494c8b8, ch=13) at readline.c:369
#8 0x00410627 in monitor_read (opaque=0x494c460, buf=0x22f708 "\r",
size=1) at /home/roy/qemu/monitor.c:4253
#9 0x004698ce in qemu_chr_read (s=0x13b4c68, buf=0x22f708 "\r",
len=1) at qemu-char.c:154
#10 0x00451f22 in kbd_send_chars (opaque=0x494c358) at console.c:1130
#11 0x00452138 in kbd_put_keysym (keysym=13) at console.c:1183
#12 0x0047d099 in sdl_refresh (ds=0x4978030) at sdl.c:634
#13 0x00405c83 in gui_update (opaque=0x4978030) at /home/roy/qemu/console.h:219
#14 0x0040168d in qemu_run_timers (ptimer_head=0x5db4e8,
current_time=7200606) at /home/roy/qemu/vl.c:913
#15 0x00405bca in main_loop_wait (timeout=0) at /home/roy/qemu/vl.c:3793
#16 0x00408e2a in main (argc=1, argv=0x13b3f38, envp=0x4012f0) at
/home/roy/qemu/vl.c:3981
(gdb)
