[Qemu-devel] SPARC64: immediate segfault on startup with git mastervery

[Mark Cave-Ayland]

Hi Avi/Blue,

I've just updated to git master and found that SPARC64 is broken again; 
a git bisect shows the following commit causes this:


commit f3705d53296d78b14f5823472ae2add16a25a0a5
Author: Avi Kivity <address@hidden>
Date:   Thu Mar 8 16:16:34 2012 +0200

    memory: make phys_page_find() return an unadjusted section

    We'd like to store the section index in the iotlb, so we can't
    adjust it before returning.  Return an unadjusted section and
    instead introduce section_addr(), which does the adjustment later.

    Signed-off-by: Avi Kivity <address@hidden>


The symptom is that qemu-system-sparc64 segfaults immediately on startup 
(note this is with an OpenBIOS image built from SVN r1048). I've 
included a couple of backtraces below:


From commit f3705d53296d78b14f5823472ae2add16a25a0a5 (first bad commit 
above):


address@hidden:~/rel-qemu-git/bin$ gdb --args ./qemu-system-sparc64 
-cdrom /home/build/src/qemu/sparcimage/milax032sparc.iso -bios 
/home/build/src/openbios/openbios-git/openbios-devel/obj-sparc64/openbios-builtin.elf.nostrip 
-nographic -boot d
GNU gdb (GDB) 7.0.1-debian
Copyright (C) 2009 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later 
<http://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.  Type "show copying"
and "show warranty" for details.
This GDB was configured as "x86_64-linux-gnu".
For bug reporting instructions, please see:
<http://www.gnu.org/software/gdb/bugs/>...
Reading symbols from 
/home/build/rel-qemu-git/bin/qemu-system-sparc64...done.
(gdb) run
Starting program: /home/build/rel-qemu-git/bin/qemu-system-sparc64 
-cdrom /home/build/src/qemu/sparcimage/milax032sparc.iso -bios 
/home/build/src/openbios/openbios-git/openbios-devel/obj-sparc64/openbios-builtin.elf.nostrip 
-nographic -boot d
[Thread debugging using libthread_db enabled]
[New Thread 0x7ffff4aab700 (LWP 17836)]
[New Thread 0x7ffff42aa700 (LWP 17837)]

Program received signal SIGSEGV, Segmentation fault.
[Switching to Thread 0x7ffff42aa700 (LWP 17837)]
0x00000000005e2d3a in memory_region_access_valid (mr=0x0, 
addr=134217936, size=4, is_write=true) at 
/home/build/src/qemu/git/qemu/memory.c:838
838         if (mr->ops->valid.accepts
(gdb) bt
#0  0x00000000005e2d3a in memory_region_access_valid (mr=0x0, 
addr=134217936, size=4, is_write=true) at 
/home/build/src/qemu/git/qemu/memory.c:838
#1  0x00000000005e3039 in memory_region_dispatch_write (mr=0x0, 
addr=134217936, data=0, size=4) at 
/home/build/src/qemu/git/qemu/memory.c:916
#2  0x00000000005e5bdb in io_mem_write (io_index=210, addr=134217936, 
val=0, size=4) at /home/build/src/qemu/git/qemu/memory.c:1512
#3  0x00000000005f22fa in io_writeq (physaddr=134217936, val=0, 
addr=134217936, retaddr=0x40001750)
    at /home/build/src/qemu/git/qemu/softmmu_template.h:226
#4  0x00000000005f241c in __stq_mmu (addr=134217936, val=0, mmu_idx=2) 
at /home/build/src/qemu/git/qemu/softmmu_template.h:255
#5  0x0000000040001751 in ?? ()
#6  0x00000000f42a9960 in ?? ()
#7  0x932e4434f5713900 in ?? ()
#8  0x00007ffff42a9980 in ?? ()
#9  0x00000000005fe62e in tcg_out_branch (s=Cannot access memory at 
address 0x7ffffd8
) at /home/build/src/qemu/git/qemu/tcg/i386/tcg-target.c:948
Backtrace stopped: previous frame inner to this frame (corrupt stack?)


Interestingly enough, git master 
(361dea401f529fc136aaeb49c82b2a5bb7faa316) now gives a different backtrace:


address@hidden:~/rel-qemu-git/bin$ gdb --args ./qemu-system-sparc64 
-cdrom /home/build/src/qemu/sparcimage/milax032sparc.iso -bios 
/home/build/src/openbios/openbios-git/openbios-devel/obj-sparc64/openbios-builtin.elf.nostrip 
-nographic -boot d
GNU gdb (GDB) 7.0.1-debian
Copyright (C) 2009 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later 
<http://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.  Type "show copying"
and "show warranty" for details.
This GDB was configured as "x86_64-linux-gnu".
For bug reporting instructions, please see:
<http://www.gnu.org/software/gdb/bugs/>...
Reading symbols from 
/home/build/rel-qemu-git/bin/qemu-system-sparc64...done.
(gdb) run
Starting program: /home/build/rel-qemu-git/bin/qemu-system-sparc64 
-cdrom /home/build/src/qemu/sparcimage/milax032sparc.iso -bios 
/home/build/src/openbios/openbios-git/openbios-devel/obj-sparc64/openbios-builtin.elf.nostrip 
-nographic -boot d
[Thread debugging using libthread_db enabled]
[New Thread 0x7ffff4aab700 (LWP 32400)]
[New Thread 0x7ffff42aa700 (LWP 32401)]

Program received signal SIGSEGV, Segmentation fault.
[Switching to Thread 0x7ffff42aa700 (LWP 32401)]
0x00000000005b7173 in get_page_addr_code (env1=0x11f0730, 
addr=2198754820128) at /home/build/src/qemu/git/qemu/exec.c:4602
4602        if (mr != &io_mem_ram && mr != &io_mem_rom
(gdb) bt
#0  0x00000000005b7173 in get_page_addr_code (env1=0x11f0730, 
addr=2198754820128) at /home/build/src/qemu/git/qemu/exec.c:4602
#1  0x00000000005a7f92 in tb_find_slow (env=0x11f0730, pc=2198754820128, 
cs_base=2198754820132, flags=1284)
    at /home/build/src/qemu/git/qemu/cpu-exec.c:95
#2  0x00000000005a821e in tb_find_fast (env=0x11f0730) at 
/home/build/src/qemu/git/qemu/cpu-exec.c:151
#3  0x00000000005a865f in cpu_sparc_exec (env=0x11f0730) at 
/home/build/src/qemu/git/qemu/cpu-exec.c:532
#4  0x00000000005abe3b in tcg_cpu_exec (env=0x11f0730) at 
/home/build/src/qemu/git/qemu/cpus.c:1022
#5  0x00000000005abf48 in tcg_exec_all () at 
/home/build/src/qemu/git/qemu/cpus.c:1054
#6  0x00000000005ab552 in qemu_tcg_cpu_thread_fn (arg=0x11f0730) at 
/home/build/src/qemu/git/qemu/cpus.c:772
#7  0x00007ffff6e458ca in start_thread (arg=<value optimized out>) at 
pthread_create.c:300
#8  0x00007ffff6bac92d in clone () at 
../sysdeps/unix/sysv/linux/x86_64/clone.S:112
#9  0x0000000000000000 in ?? ()
(gdb)


Many thanks,

Mark.