Re: [PATCH v2] linux-user: Use memfd for open syscall emulation
On 29/07/2022 18.01, Richard Henderson wrote: > On 7/29/22 08:49, Rainer Müller wrote: >> + /* create temporary file to map stat to */ >> + tmpdir = getenv("TMPDIR"); >> + if (!tmpdir) >> + tmpdir = "/tmp"; >> + snprintf(filename, sizeof(filename), >> "%s/qemu-open.XX", tmpdir); >> + fd = mkstemp(filename); >> + if (fd < 0) { >> + return fd; >> + } > > We've been using g_file_open_tmp elsewhere; probably good to follow suit > here. That seemed reasonable at first, but with regards to error handling it gets a bit complicated. The suggested g_file_open_tmp() would leave us with a GError only, but to return something meaningful to the caller we must set errno in this context. As far as I can see, there is no way to convert back to an errno from GError. With g_file_open_tmp() we could always set the same generic errno, but that would hide the real cause completely. I debugged this problem with this message that was confusing, but at least it gave away a hint: cat: can't open '/proc/self/stat': Read-only file system The other option would be to g_assert_true(fd >= 0) and kill the process in case opening the temporary file failed. This also feels wrong, as the caller could still recover from this state and continue. Rainer
[PATCH v2] linux-user: Use memfd for open syscall emulation
For certain paths in /proc, the open syscall is intercepted and the returned file descriptor points to a temporary file with emulated contents. If TMPDIR is not accessible or writable for the current user (for example in a read-only mounted chroot or container) tools such as ps from procps may fail unexpectedly. Trying to read one of these paths such as /proc/self/stat would return an error such as ENOENT or EROFS. To relax the requirement on a writable TMPDIR, use memfd_create() instead to create an anonymous file and return its file descriptor. Signed-off-by: Rainer Müller --- v2: no more #ifdefs, use stub from util/memfd.c with ENOSYS fallback, tested with 'strace -e fault=memfd_create' --- linux-user/syscall.c | 22 ++ 1 file changed, 14 insertions(+), 8 deletions(-) diff --git a/linux-user/syscall.c b/linux-user/syscall.c index 991b85e6b4..7b55726f25 100644 --- a/linux-user/syscall.c +++ b/linux-user/syscall.c @@ -8269,16 +8269,22 @@ static int do_openat(CPUArchState *cpu_env, int dirfd, const char *pathname, int char filename[PATH_MAX]; int fd, r; -/* create temporary file to map stat to */ -tmpdir = getenv("TMPDIR"); -if (!tmpdir) -tmpdir = "/tmp"; -snprintf(filename, sizeof(filename), "%s/qemu-open.XX", tmpdir); -fd = mkstemp(filename); +fd = memfd_create("qemu-open", 0); if (fd < 0) { -return fd; +if (errno != ENOSYS) { +return fd; +} +/* create temporary file to map stat to */ +tmpdir = getenv("TMPDIR"); +if (!tmpdir) +tmpdir = "/tmp"; +snprintf(filename, sizeof(filename), "%s/qemu-open.XX", tmpdir); +fd = mkstemp(filename); +if (fd < 0) { +return fd; +} +unlink(filename); } -unlink(filename); if ((r = fake_open->fill(cpu_env, fd))) { int e = errno; -- 2.25.1
[PATCH] linux-user: Use memfd for open syscall emulation
For certain paths in /proc, the open syscall is intercepted and the returned file descriptor points to a temporary file with emulated contents. If TMPDIR is not accessible or writable for the current user (for example in a read-only mounted chroot or container) tools such as ps from procps may fail unexpectedly. Trying to read one of these paths such as /proc/self/stat would return an error such as ENOENT or EROFS. To relax the requirement on a writable TMPDIR, use memfd_create() instead to create an anonymous file and return its file descriptor. Signed-off-by: Rainer Müller --- linux-user/syscall.c | 10 +- 1 file changed, 9 insertions(+), 1 deletion(-) diff --git a/linux-user/syscall.c b/linux-user/syscall.c index 991b85e6b4..3e4af930ad 100644 --- a/linux-user/syscall.c +++ b/linux-user/syscall.c @@ -8265,9 +8265,11 @@ static int do_openat(CPUArchState *cpu_env, int dirfd, const char *pathname, int } if (fake_open->filename) { +int fd, r; + +#ifndef CONFIG_MEMFD const char *tmpdir; char filename[PATH_MAX]; -int fd, r; /* create temporary file to map stat to */ tmpdir = getenv("TMPDIR"); @@ -8279,6 +8281,12 @@ static int do_openat(CPUArchState *cpu_env, int dirfd, const char *pathname, int return fd; } unlink(filename); +#else +fd = memfd_create("qemu-open", 0); +if (fd < 0) { +return fd; +} +#endif if ((r = fake_open->fill(cpu_env, fd))) { int e = errno; -- 2.25.1
Re: [PATCH 1/2] input-linux: Delay grab toggle if keys are pressed
On 04/05/2021 11.14, Gerd Hoffmann wrote: > On Sat, May 01, 2021 at 09:06:21PM +0200, Rainer Müller wrote: >> When multiple keyboards are passed to the guest with input-linux, there >> could still be keys pressed on the other keyboard when toggling grab. >> Delay toggling grab on the other keyboard until all keys are released, >> otherwise keys could be stuck on host without a key up event. > > Hmm, if you have two keyboards plugged into your machine, why would you > assign both to a virtual machine? Instead of simply using one for the > host and one for the guest? Fair enough. I only noticed the possibility during testing. I plugged in a second keyboard for development to avoid locking myself out and passed only one. Then I became confident to pass them both, but mostly because I already had them connected. I agree it does not seem like a typical setup... This was the only code path that did not check !il->keycount before calling input_linux_toggle_grab(), so I added it here as well. Maybe it would make sense to move the condition into the function? Rainer
[PATCH 0/2] input-linux: Allow to toggle grab from QMP
This adds an grab-active bool option to input-linux objects to control the grab state of evdev devices from QMP. The first patch fixes a problem with multiple keyboards that was previously unlikely, as the user will only use one device at a time. It could be merged independently, but I am submitting them together as this becomes more relevant when grab state can be controlled from QMP. Rainer Müller (2): input-linux: Delay grab toggle if keys are pressed input-linux: Allow to toggle grab from QMP qapi/qom.json| 3 +++ ui/input-linux.c | 46 +- 2 files changed, 44 insertions(+), 5 deletions(-) -- 2.25.1
[PATCH 2/2] input-linux: Allow to toggle grab from QMP
This patch allows to boot a guest without the input-linux device being grabbed immediately from the host. This is useful when the guest is automatically started, but is supposed to stay in the background until the user actively switches to it with a key combination. In this usage example the host continues to own the keyboard until the user explicitly toggles the grab state with both control keys: -object input-linux,id=kbd1,evdev=/dev/input/eventX,grab-active=off When grab-active is not given, input-linux will behave as before and devices are being grabbed immediately on initialization. Note that even if grab_all=on is set, other devices will initially be grabbed according to their own grab-active option. The first toggle operation on a grab_all=on device will sync state to the other devices. Furthermore, this new option allows to toggle the grab state from QMP with the qom-set command. By setting grab-active at runtime, the device will be grabbed or released as indicated by the passed value. $ ./scripts/qmp-shell /tmp/qmp.sock (QEMU) qom-set path=/objects/kbd1 property=grab-active value=true {"return": {}} (QEMU) qom-get path=/objects/kbd1 property=grab-active {"return": true} For devices with grab_all=on, the action will propagate to other devices as if the grab toggle hotkey was used. Signed-off-by: Rainer Müller --- qapi/qom.json| 3 +++ ui/input-linux.c | 39 +++ 2 files changed, 38 insertions(+), 4 deletions(-) diff --git a/qapi/qom.json b/qapi/qom.json index cd0e76d564..51704465ec 100644 --- a/qapi/qom.json +++ b/qapi/qom.json @@ -488,6 +488,8 @@ # # @repeat: enables auto-repeat events (default: false) # +# @grab-active: if true, device is grabbed (default: true) +# # @grab-toggle: the key or key combination that toggles device grab # (default: ctrl-ctrl) # @@ -497,6 +499,7 @@ 'data': { 'evdev': 'str', '*grab_all': 'bool', '*repeat': 'bool', +'*grab-active': 'bool', '*grab-toggle': 'GrabToggleKeys' } } ## diff --git a/ui/input-linux.c b/ui/input-linux.c index 47d489d738..64efb83e21 100644 --- a/ui/input-linux.c +++ b/ui/input-linux.c @@ -399,10 +399,9 @@ static void input_linux_complete(UserCreatable *uc, Error **errp) } qemu_set_fd_handler(il->fd, input_linux_event, NULL, il); -if (il->keycount) { -/* delay grab until all keys are released */ -il->grab_request = true; -} else { +/* delay grab until all keys are released */ +if (il->grab_request && !il->keycount) { +il->grab_request = false; input_linux_toggle_grab(il); } QTAILQ_INSERT_TAIL(&inputs, il, next); @@ -493,8 +492,37 @@ static void input_linux_set_grab_toggle(Object *obj, int value, il->grab_toggle = value; } +static bool input_linux_get_grab_active(Object *obj, Error **errp) +{ +InputLinux *il = INPUT_LINUX(obj); + +return il->grab_active; +} + +static void input_linux_set_grab_active(Object *obj, bool value, +Error **errp) +{ +InputLinux *il = INPUT_LINUX(obj); + +if (!il->initialized) { +il->grab_request = value; +return; +} + +if (il->grab_active != value) { +if (il->keycount) { +il->grab_request = true; +} else { +input_linux_toggle_grab(il); +} +} +} + static void input_linux_instance_init(Object *obj) { +InputLinux *il = INPUT_LINUX(obj); + +il->grab_request = true; } static void input_linux_class_init(ObjectClass *oc, void *data) @@ -512,6 +540,9 @@ static void input_linux_class_init(ObjectClass *oc, void *data) object_class_property_add_bool(oc, "repeat", input_linux_get_repeat, input_linux_set_repeat); +object_class_property_add_bool(oc, "grab-active", + input_linux_get_grab_active, + input_linux_set_grab_active); object_class_property_add_enum(oc, "grab-toggle", "GrabToggleKeys", &GrabToggleKeys_lookup, input_linux_get_grab_toggle, -- 2.25.1
[PATCH 1/2] input-linux: Delay grab toggle if keys are pressed
When multiple keyboards are passed to the guest with input-linux, there could still be keys pressed on the other keyboard when toggling grab. Delay toggling grab on the other keyboard until all keys are released, otherwise keys could be stuck on host without a key up event. Signed-off-by: Rainer Müller --- ui/input-linux.c | 7 ++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/ui/input-linux.c b/ui/input-linux.c index 05c0c98819..47d489d738 100644 --- a/ui/input-linux.c +++ b/ui/input-linux.c @@ -89,7 +89,12 @@ static void input_linux_toggle_grab(InputLinux *il) continue; } if (item->grab_active != il->grab_active) { -input_linux_toggle_grab(item); +if (item->keycount) { +/* delay grab until all keys are released */ +item->grab_request = true; +} else { +input_linux_toggle_grab(item); +} } } } -- 2.25.1
Re: [Qemu-devel] [qemu-web PATCH] Document how to test the site with jekyll locally
On 28.11.18 17:44, Paolo Bonzini wrote: > On 28/11/18 16:35, Daniel P. Berrangé wrote: >> Add a README file that tells people this is a jekyll based static >> website, and shows people how to run jekyll for testing purposes. >> >> Signed-off-by: Daniel P. Berrangé >> --- >> >> NB, we should really mention a license in the README too, but I don't >> see info about what license we consider qemu-web to be covered by... > 1Rainer Müller > Anybody (especially non-RH people) disagrees with dual-license CC-BY-SA > 4.0 and GPLv2+? (So that we can copy from blog posts to manuals)? No objections from my side. Rainer
[Qemu-devel] [qemu-web PATCH] download: Add instructions for MacPorts
Signed-off-by: Rainer Müller --- _download/macos.md | 6 +- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/_download/macos.md b/_download/macos.md index dbb312c..06aa811 100644 --- a/_download/macos.md +++ b/_download/macos.md @@ -1,6 +1,10 @@ -QEMU can be installed from Homebrew: +QEMU can be installed from Homebrew: brew install qemu +QEMU can be installed from MacPorts: + +sudo port install qemu + QEMU requires Mac OS X 10.5 or later, but it is recommended to use Mac OS X 10.7 or later. -- 2.16.3
Re: [Qemu-devel] [PATCH] configure: Define NCURSES_WIDECHAR if we're using curses
On 2017-06-02 16:35, Peter Maydell wrote: > diff --git a/configure b/configure > index 0586ec9..6aca5d1 100755 > --- a/configure > +++ b/configure > @@ -3053,6 +3053,8 @@ int main(void) { > EOF >IFS=: >for curses_inc in $curses_inc_list; do > +# Make sure we get the wide character prototypes > +curses_inc="-DNCURSES_WIDECHAR $curses_inc" > IFS=: > for curses_lib in $curses_lib_list; do >unset IFS > Thank you for getting back to this. I can confirm that this patch fixes --enable-curses for me on Mac OS X. Although this already works as is, I would use -DNCURSES_WIDECHAR=1 as ncurses.h uses #if and not #ifdef to check for this. Rainer
Re: [Qemu-devel] Fix build break during configuration on musl-libc based Linux systems.
On 2017-02-17 17:57, Peter Maydell wrote: > On 17 February 2017 at 11:20, Paolo Bonzini wrote: >> >> >> On 17/02/2017 11:18, Peter Maydell wrote: >>> Defining _XOPEN_SOURCE is easy enough, and I think we should >>> do it unconditionally. We should check what effect this has >>> on the BSD hosts though I guess. (You could argue that we >>> should be defining _XOPEN_SOURCE anyway for the benefit of >>> the non-glibc BSD/Solaris/etc platforms.) >> >> Sounds good, then I think we should define it to 700 just like glibc does. > > Unfortunately this idea turns out to break OSX compiles, > because on OSX saying _XOPEN_SOURCE=anything disables > all the non-X/Open APIs (which you get by default, and > some of which like mkdtemp we use). A bit late to this thread, but the original problem was also reported for Mac OS X with --enable-curses in MacPorts. The build fails with the same symptoms as in the original report. https://trac.macports.org/ticket/53929 As you identified, the problem is that ncurses expects the define _XOPEN_SOURCE >= 500 to enable the wide-char function declarations. The solution to retain access to non-standard API on Mac OS X would be to also define _DARWIN_C_SOURCE which enables extensions. $ cat foo.c #include int main() { mkdtemp("/tmp/test-XX"); } $ cc -D_XOPEN_SOURCE=500 -c foo.c foo.c:4:5: warning: implicit declaration of function 'mkdtemp' is invalid in C99 [-Wimplicit-function-declaration] mkdtemp("/tmp/test-XX"); ^ 1 warning generated. $ cc -D_XOPEN_SOURCE=500 -D_DARWIN_C_SOURCE -c foo.c $ A quick test on current master with configure patched to define QEMU_CFLAGS="-D_XOPEN_SOURCE=500 -D_DARWIN_C_SOURCE $QEMU_CFLAGS" compiled fine for both a default configure and with --enable-curses. Rainer
[Qemu-devel] [PATCH] cocoa: Suppress Cocoa window with -display
Do not open a Cocoa window when another display is selected that will be initialized later. The Cocoa display cannot be selected with -display, so there is no need to check its argument. Signed-off-by: Rainer Müller --- ui/cocoa.m | 1 + 1 file changed, 1 insertion(+) diff --git a/ui/cocoa.m b/ui/cocoa.m index 334e6f6..c24d9f9 100644 --- a/ui/cocoa.m +++ b/ui/cocoa.m @@ -1148,6 +1148,7 @@ int main (int argc, const char * argv[]) { !strcmp(opt, "-nographic") || !strcmp(opt, "-version") || !strcmp(opt, "-curses") || +!strcmp(opt, "-display") || !strcmp(opt, "-qtest")) { return qemu_main(gArgc, gArgv, *_NSGetEnviron()); } -- 2.5.0
Re: [Qemu-devel] Problems compiling HEAD on Mac OS X 10.9.2
On 2014-06-06 04:04, Fam Zheng wrote: >> Ugh. This was supposed to be fixed by commit 6295b98d7b767c. >> Fam, can you re-check your fix, please? >> > > I don't understand that fix now, looks like it was moved onto a wrong list. > > Rainer, does this below patch work for you? (we can't duplicate object, so > sort > is required there). No, unfortunately this does not work. With this patch, I end up with: $ make V=1 qemu-img ... ... qemu-img.o qemu-io-cmds.o qemu-timer.o thread-pool.o libqemuutil.a libqemustub.a -lz -L/opt/local/lib -lcurl -L/opt/local/lib -lssh2 -Wl,-headerpad_max_install_names -arch x86_64 -L/opt/local/lib -Wl,-headerpad_max_install_names -arch -lcurl -lssh2 -lz x86_64 -L/opt/local/lib -lgthread-2.0 -lglib-2.0 -lintl -lz -lz clang: error: no such file or directory: 'x86_64' clang: error: invalid arch name '-arch -lcurl' make: *** [qemu-img] Error 1 You really can't just sort the words as their order is important, at least for some options such as "-arch" and its argument. >From config-host.mak: LIBSSH2_LIBS=-L/opt/local/lib -lssh2 -Wl,-headerpad_max_install_names -arch x86_64 I don't understand the make function $(extract-libs) here. First the contents of $o-libs is added as-is, but then it is added again filtered through $(expand-objs). What is the purpose of adding it twice? Regarding your proposed patch, it doesn't matter whether you sort the first list or the second list. Both lists include the problematic "-arch x86_64" linker option. Rainer
Re: [Qemu-devel] Problems compiling HEAD on Mac OS X 10.9.2
On 2014-03-14 13:29, Paolo Bonzini wrote: > Il 13/03/2014 19:48, Peter Maydell ha scritto: >> Yep, here we are: >> LIBSSH2_LIBS=-L/opt/local/lib -lssh2 -Wl,-headerpad_max_install_names >> -arch x86_64 >> CURL_LIBS=-L/opt/local/lib -lcurl >> >> rules.mak is incorrectly reordering the contents of >> these and generating a non-working mess. > > Fam, > > is the $(sort) actually necessary in extract-libs? It is required in > expand-objs, but duplicate -l options should be harmless. The current master still contains this bug and sorts "-arch x86_64" separately. I doubt the $(sort) does anything useful. For the distribution of QEMU in MacPorts I removed the $(sort) from extract-libs in a local patch in order to be able to build some variants [1]. Rainer [1] https://trac.macports.org/browser/trunk/dports/emulators/qemu/files/patch-link-sort.diff?rev=120672
[Qemu-devel] [Bug 1087114] Re: assertion "QLIST_EMPTY(&bs->tracked_requests)" failed
I was unable to reproduce the original issue on Mac OS X 10.8.4 using the current master. However, I was also unable to reproduce the original issue on the stable-1.5 branch which does not have the fix by Izumi Tsutsui linked above. As this second fix is only for a problem that appears in certain load situations, of course I might not be able to reproduce it. I also reviewed the code on master I am confident that the solution is correct now. -- You received this bug notification because you are a member of qemu- devel-ml, which is subscribed to QEMU. https://bugs.launchpad.net/bugs/1087114 Title: assertion "QLIST_EMPTY(&bs->tracked_requests)" failed Status in QEMU: New Bug description: QEMU 1.3.0 on OpenBSD now crashes with an error as shown below and the command line params do not seem to matter. assertion "QLIST_EMPTY(&bs->tracked_requests)" failed: file "block.c", line 1220, function "bdrv_drain_all" #1 0x030d1bce24aa in abort () at /usr/src/lib/libc/stdlib/abort.c:70 p = (struct atexit *) 0x30d11897000 mask = 4294967263 cleanup_called = 1 #2 0x030d1bc5ff44 in __assert2 (file=Variable "file" is not available. ) at /usr/src/lib/libc/gen/assert.c:52 No locals. #3 0x030b0d383a03 in bdrv_drain_all () at block.c:1220 bs = (BlockDriverState *) 0x30d13f3b630 busy = false __func__ = "bdrv_drain_all" #4 0x030b0d43acfc in bmdma_cmd_writeb (bm=0x30d0f5f56a8, val=8) at hw/ide/pci.c:312 __func__ = "bmdma_cmd_writeb" #5 0x030b0d43b450 in bmdma_write (opaque=0x30d0f5f56a8, addr=0, val=8, size=1) at hw/ide/piix.c:76 bm = (BMDMAState *) 0x30d0f5f56a8 #6 0x030b0d5c2ce6 in memory_region_write_accessor (opaque=0x30d0f5f57d0, addr=0, value=0x30d18c288f0, size=1, shift=0, mask=255) at /home/ports/pobj/qemu-1.3.0-debug/qemu-1.3.0/memory.c:334 mr = (MemoryRegion *) 0x30d0f5f57d0 tmp = 8 #7 0x030b0d5c2dc5 in access_with_adjusted_size (addr=0, value=0x30d18c288f0, size=1, access_size_min=1, access_size_max=4, access=0x30b0d5c2c6b , opaque=0x30d0f5f57d0) at /home/ports/pobj/qemu-1.3.0-debug/qemu-1.3.0/memory.c:364 access_mask = 255 access_size = 1 i = 0 #8 0x030b0d5c3222 in memory_region_iorange_write (iorange=0x30d1d5e7400, offset=0, width=1, data=8) at /home/ports/pobj/qemu-1.3.0-debug/qemu-1.3.0/memory.c:439 mrio = (MemoryRegionIORange *) 0x30d1d5e7400 mr = (MemoryRegion *) 0x30d0f5f57d0 __func__ = "memory_region_iorange_write" #9 0x030b0d5c019a in ioport_writeb_thunk (opaque=0x30d1d5e7400, addr=49216, data=8) at /home/ports/pobj/qemu-1.3.0-debug/qemu-1.3.0/ioport.c:212 ioport = (IORange *) 0x30d1d5e7400 #10 0x030b0d5bfb65 in ioport_write (index=0, address=49216, data=8) at /home/ports/pobj/qemu-1.3.0-debug/qemu-1.3.0/ioport.c:83 func = (IOPortWriteFunc *) 0x30b0d5c0148 default_func = {0x30b0d5bfbbc , 0x30b0d5bfc61 , 0x30b0d5bfd0c } #11 0x030b0d5c0704 in cpu_outb (addr=49216, val=8 '\b') at /home/ports/pobj/qemu-1.3.0-debug/qemu-1.3.0/ioport.c:289 No locals. #12 0x030b0d6067dd in helper_outb (port=49216, data=8) at /home/ports/pobj/qemu-1.3.0-debug/qemu-1.3.0/target-i386/misc_helper.c:72 No locals. To manage notifications about this bug go to: https://bugs.launchpad.net/qemu/+bug/1087114/+subscriptions
[Qemu-devel] [Bug 1087114] Re: assertion "QLIST_EMPTY(&bs->tracked_requests)" failed
Aaron, this added line in qemu-thread-posix.c is the fix, qemu is expected to crash once this is removed. I guess Brad meant to revert c166cb72f1676855816340666c3b618beef4b976 which introduced the fallback code. However, reverting this commit alone will not work on Mac OS X as sem_timedwait() is not available (and the reason why the fallback code was added at all). -- You received this bug notification because you are a member of qemu- devel-ml, which is subscribed to QEMU. https://bugs.launchpad.net/bugs/1087114 Title: assertion "QLIST_EMPTY(&bs->tracked_requests)" failed Status in QEMU: New Bug description: QEMU 1.3.0 on OpenBSD now crashes with an error as shown below and the command line params do not seem to matter. assertion "QLIST_EMPTY(&bs->tracked_requests)" failed: file "block.c", line 1220, function "bdrv_drain_all" #1 0x030d1bce24aa in abort () at /usr/src/lib/libc/stdlib/abort.c:70 p = (struct atexit *) 0x30d11897000 mask = 4294967263 cleanup_called = 1 #2 0x030d1bc5ff44 in __assert2 (file=Variable "file" is not available. ) at /usr/src/lib/libc/gen/assert.c:52 No locals. #3 0x030b0d383a03 in bdrv_drain_all () at block.c:1220 bs = (BlockDriverState *) 0x30d13f3b630 busy = false __func__ = "bdrv_drain_all" #4 0x030b0d43acfc in bmdma_cmd_writeb (bm=0x30d0f5f56a8, val=8) at hw/ide/pci.c:312 __func__ = "bmdma_cmd_writeb" #5 0x030b0d43b450 in bmdma_write (opaque=0x30d0f5f56a8, addr=0, val=8, size=1) at hw/ide/piix.c:76 bm = (BMDMAState *) 0x30d0f5f56a8 #6 0x030b0d5c2ce6 in memory_region_write_accessor (opaque=0x30d0f5f57d0, addr=0, value=0x30d18c288f0, size=1, shift=0, mask=255) at /home/ports/pobj/qemu-1.3.0-debug/qemu-1.3.0/memory.c:334 mr = (MemoryRegion *) 0x30d0f5f57d0 tmp = 8 #7 0x030b0d5c2dc5 in access_with_adjusted_size (addr=0, value=0x30d18c288f0, size=1, access_size_min=1, access_size_max=4, access=0x30b0d5c2c6b , opaque=0x30d0f5f57d0) at /home/ports/pobj/qemu-1.3.0-debug/qemu-1.3.0/memory.c:364 access_mask = 255 access_size = 1 i = 0 #8 0x030b0d5c3222 in memory_region_iorange_write (iorange=0x30d1d5e7400, offset=0, width=1, data=8) at /home/ports/pobj/qemu-1.3.0-debug/qemu-1.3.0/memory.c:439 mrio = (MemoryRegionIORange *) 0x30d1d5e7400 mr = (MemoryRegion *) 0x30d0f5f57d0 __func__ = "memory_region_iorange_write" #9 0x030b0d5c019a in ioport_writeb_thunk (opaque=0x30d1d5e7400, addr=49216, data=8) at /home/ports/pobj/qemu-1.3.0-debug/qemu-1.3.0/ioport.c:212 ioport = (IORange *) 0x30d1d5e7400 #10 0x030b0d5bfb65 in ioport_write (index=0, address=49216, data=8) at /home/ports/pobj/qemu-1.3.0-debug/qemu-1.3.0/ioport.c:83 func = (IOPortWriteFunc *) 0x30b0d5c0148 default_func = {0x30b0d5bfbbc , 0x30b0d5bfc61 , 0x30b0d5bfd0c } #11 0x030b0d5c0704 in cpu_outb (addr=49216, val=8 '\b') at /home/ports/pobj/qemu-1.3.0-debug/qemu-1.3.0/ioport.c:289 No locals. #12 0x030b0d6067dd in helper_outb (port=49216, data=8) at /home/ports/pobj/qemu-1.3.0-debug/qemu-1.3.0/target-i386/misc_helper.c:72 No locals. To manage notifications about this bug go to: https://bugs.launchpad.net/qemu/+bug/1087114/+subscriptions
[Qemu-devel] [Bug 1087114] Re: assertion "QLIST_EMPTY(&bs->tracked_requests)" failed
I had the same problem on Mac OS X 10.8.2 with qemu 1.3.0, but it is now fixed in the current master branch. I can confirm that the commit a795ef8dcb8cbadffc996c41ff38927a97645234 fixes this problem. This commit can also be applied to the 1.3.0 source. -- You received this bug notification because you are a member of qemu- devel-ml, which is subscribed to QEMU. https://bugs.launchpad.net/bugs/1087114 Title: assertion "QLIST_EMPTY(&bs->tracked_requests)" failed Status in QEMU: New Bug description: QEMU 1.3.0 on OpenBSD now crashes with an error as shown below and the command line params do not seem to matter. assertion "QLIST_EMPTY(&bs->tracked_requests)" failed: file "block.c", line 1220, function "bdrv_drain_all" #1 0x030d1bce24aa in abort () at /usr/src/lib/libc/stdlib/abort.c:70 p = (struct atexit *) 0x30d11897000 mask = 4294967263 cleanup_called = 1 #2 0x030d1bc5ff44 in __assert2 (file=Variable "file" is not available. ) at /usr/src/lib/libc/gen/assert.c:52 No locals. #3 0x030b0d383a03 in bdrv_drain_all () at block.c:1220 bs = (BlockDriverState *) 0x30d13f3b630 busy = false __func__ = "bdrv_drain_all" #4 0x030b0d43acfc in bmdma_cmd_writeb (bm=0x30d0f5f56a8, val=8) at hw/ide/pci.c:312 __func__ = "bmdma_cmd_writeb" #5 0x030b0d43b450 in bmdma_write (opaque=0x30d0f5f56a8, addr=0, val=8, size=1) at hw/ide/piix.c:76 bm = (BMDMAState *) 0x30d0f5f56a8 #6 0x030b0d5c2ce6 in memory_region_write_accessor (opaque=0x30d0f5f57d0, addr=0, value=0x30d18c288f0, size=1, shift=0, mask=255) at /home/ports/pobj/qemu-1.3.0-debug/qemu-1.3.0/memory.c:334 mr = (MemoryRegion *) 0x30d0f5f57d0 tmp = 8 #7 0x030b0d5c2dc5 in access_with_adjusted_size (addr=0, value=0x30d18c288f0, size=1, access_size_min=1, access_size_max=4, access=0x30b0d5c2c6b , opaque=0x30d0f5f57d0) at /home/ports/pobj/qemu-1.3.0-debug/qemu-1.3.0/memory.c:364 access_mask = 255 access_size = 1 i = 0 #8 0x030b0d5c3222 in memory_region_iorange_write (iorange=0x30d1d5e7400, offset=0, width=1, data=8) at /home/ports/pobj/qemu-1.3.0-debug/qemu-1.3.0/memory.c:439 mrio = (MemoryRegionIORange *) 0x30d1d5e7400 mr = (MemoryRegion *) 0x30d0f5f57d0 __func__ = "memory_region_iorange_write" #9 0x030b0d5c019a in ioport_writeb_thunk (opaque=0x30d1d5e7400, addr=49216, data=8) at /home/ports/pobj/qemu-1.3.0-debug/qemu-1.3.0/ioport.c:212 ioport = (IORange *) 0x30d1d5e7400 #10 0x030b0d5bfb65 in ioport_write (index=0, address=49216, data=8) at /home/ports/pobj/qemu-1.3.0-debug/qemu-1.3.0/ioport.c:83 func = (IOPortWriteFunc *) 0x30b0d5c0148 default_func = {0x30b0d5bfbbc , 0x30b0d5bfc61 , 0x30b0d5bfd0c } #11 0x030b0d5c0704 in cpu_outb (addr=49216, val=8 '\b') at /home/ports/pobj/qemu-1.3.0-debug/qemu-1.3.0/ioport.c:289 No locals. #12 0x030b0d6067dd in helper_outb (port=49216, data=8) at /home/ports/pobj/qemu-1.3.0-debug/qemu-1.3.0/target-i386/misc_helper.c:72 No locals. To manage notifications about this bug go to: https://bugs.launchpad.net/qemu/+bug/1087114/+subscriptions