[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Qemu-devel] Bug with mpc8544ds machine.
From: |
Frederic Konrad |
Subject: |
Re: [Qemu-devel] Bug with mpc8544ds machine. |
Date: |
Mon, 31 Mar 2014 13:43:40 +0200 |
User-agent: |
Mozilla/5.0 (X11; Linux x86_64; rv:24.0) Gecko/20100101 Thunderbird/24.2.0 |
On 31/03/2014 13:30, Gerd Hoffmann wrote:
On Fr, 2014-03-28 at 15:37 +0100, Frederic Konrad wrote:
Hi everybody,
I didn't see anything on the list about that.
I get this bug in the current git.
I configured qemu with the following command line:
./configure --target-list=ppc-softmmu
I ran QEMU with the following command line:
./ppc-softmmu/qemu-system-ppc --M mpc8544ds
... then hit any key. Crashes on first keypress for me, and given the
stacktrace I think it is the same for you.
Hi,
On my side I don't need to push any key.
(gdb) bt
#0 0x00007fecf8e2a578 in qemu_input_transform_abs_rotate
(evt=<optimized out>) at ui/input.c:79
#1 qemu_input_event_send (address@hidden,
address@hidden) at ui/input.c:141
#2 0x00007fecf8e2a71a in qemu_input_event_send_key (src=0x0,
key=<optimized out>, down=<optimized out>) at ui/input.c:185
#3 0x00007fecf8e2a7c2 in qemu_input_event_send_key_number
(src=<optimized out>, num=<optimized out>, down=<optimized out>) at
ui/input.c:195
The key press event is created, then sent, and qemu crashes in a code
path which isn't executed in the first place for keyboard events.
Trying to reproduce locally crashes in a slightly different place, but
it is a simliar pattern here:
(gdb) bt
#0 0x00005555557ba7b8 in fprintf (__fmt=<optimized out>,
__stream=<optimized out>)
at /usr/include/bits/stdio2.h:97
#1 trace_input_event_key_qcode (down=<optimized out>, qcode=<optimized
out>,
conidx=<optimized out>) at ./trace/generated-tracers.h:5664
#2 qemu_input_event_trace (evt=0x5555564012c0, src=0x0)
at /home/kraxel/projects/qemu/ui/input.c:104
#3 qemu_input_event_send (address@hidden,
address@hidden)
at /home/kraxel/projects/qemu/ui/input.c:137
#4 0x00005555557baab2 in qemu_input_event_send_key (src=0x0,
key=<optimized out>,
down=<optimized out>) at /home/kraxel/projects/qemu/ui/input.c:185
[ ... ]
(gdb) up
#1 trace_input_event_key_qcode (down=<optimized out>, qcode=<optimized
out>,
conidx=<optimized out>) at ./trace/generated-tracers.h:5664
5664 fprintf(stderr, "input_event_key_qcode " "con %d, key
qcode %s, down %d" "\n" , conidx, qcode, down);
(gdb) up
#2 qemu_input_event_trace (evt=0x5555564012c0, src=0x0)
at /home/kraxel/projects/qemu/ui/input.c:104
104 trace_input_event_key_qcode(idx, name,
evt->key->down);
(gdb) print *evt
$1 = {kind = INPUT_EVENT_KIND_KEY, {data = 0x5555564012e0, key =
0x5555564012e0,
btn = 0x5555564012e0, rel = 0x5555564012e0, abs = 0x5555564012e0}}
(gdb) print *evt->key->key
$2 = {kind = KEY_VALUE_KIND_NUMBER, {data = 0x20, number = 32, qcode =
Q_KEY_CODE_I}}
So, again, qemu crashing in a code path (trace_input_event_key_qcode)
which it should not have been executed in the first place (we have
KEY_VALUE_KIND_NUMBER not KEY_VALUE_KIND_QCODE).
Hmm. Puzzling. Anyone has an idea what is going on here?
cheers,
Gerd
I had a different behaviour with --enable-debug configure flags:
Program received signal SIGSEGV, Segmentation fault.
0x0000555555808193 in qemu_input_event_send (src=0x0,
evt=0x5555566202f0) at ui/input.c:146
146 s->handler->event(s->dev, src, evt);
2: evt->kind = INPUT_EVENT_KIND_BTN
1: s = (QemuInputHandlerState *) 0x0
Seems qemu_input_find_handler returned NULL for me.
Adding this fixes the issue:
diff --git a/ui/input.c b/ui/input.c
index 2761911..d7670e9 100644
--- a/ui/input.c
+++ b/ui/input.c
@@ -143,8 +143,11 @@ void qemu_input_event_send(QemuConsole *src,
InputEvent *evt)
/* send event */
s = qemu_input_find_handler(1 << evt->kind);
- s->handler->event(s->dev, src, evt);
- s->events++;
+
+ if (s != NULL) {
+ s->handler->event(s->dev, src, evt);
+ s->events++;
+ }
}
void qemu_input_event_sync(void)
Thanks,
Fred