[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Qemu-devel] Segmentation fault when running qemu-system-s390x
From: |
Philipp Kern |
Subject: |
[Qemu-devel] Segmentation fault when running qemu-system-s390x |
Date: |
Sun, 1 Nov 2015 15:28:51 +0100 |
User-agent: |
Mutt/1.5.23 (2014-03-12) |
[Resent with the correct list address]
Hi,
I get a segmentation fault when trying to run qemu-system-s390x with a
simple Debian kernel and initrd.
According to git bisect:
0a1c71cec63e95f9b8d0dc96d049d2daa00c5210 is the first bad commit
commit 0a1c71cec63e95f9b8d0dc96d049d2daa00c5210
Author: Peter Maydell <address@hidden>
Date: Thu Oct 1 15:29:48 2015 +0100
exec.c: Don't call cpu_reload_memory_map() from cpu_exec_init()
Currently we call cpu_reload_memory_map() from cpu_exec_init(),
but this is not necessary:
* KVM doesn't use the data structures maintained by
cpu_reload_memory_map() (the TLB and cpu->memory_dispatch)
* for TCG, we will call this function via tcg_commit() either
as soon as tcg_cpu_address_space_init() registers the listener,
or when the first MemoryRegion is added to the AddressSpace
if the AS is empty when we register the listener
The unnecessary call is awkward for adding support for multiple
address spaces per CPU, so drop it.
Signed-off-by: Peter Maydell <address@hidden>
Reviewed-by: Edgar E. Iglesias <address@hidden>
Message-Id: <address@hidden>
Signed-off-by: Paolo Bonzini <address@hidden>
:100644 100644 7d90a522524b64a86a09c71dd54da804380ad803
ab5d8a8061252899f04aaa6d83723b139a11597a M exec.c
Backtrace at the bad revision (with -O0):
Program received signal SIGSEGV, Segmentation fault.
[Switching to Thread 0x7fffdc07d700 (LWP 23112)]
0x00005555555dd0f1 in address_space_lookup_region (d=0x0, addr=65536,
resolve_subpage=false) at /home/pkern/src/qemu/exec.c:333
333 section = phys_page_find(d->phys_map, addr, d->map.nodes,
d->map.sections);
(gdb) bt full
#0 0x00005555555dd0f1 in address_space_lookup_region (d=0x0, addr=65536,
resolve_subpage=false)
at /home/pkern/src/qemu/exec.c:333
section = 0x0
subpage = 0x5555577096f0
#1 0x00005555555dd1b7 in address_space_translate_internal (d=0x0, addr=65536,
xlat=0x7fffdc07c588, plen=0x7fffdc07c590,
resolve_subpage=false) at /home/pkern/src/qemu/exec.c:350
section = 0x0
mr = 0x0
diff = {lo = 140736884884752, hi = 1}
#2 0x00005555555dd4d5 in address_space_translate_for_iotlb
(cpu=0x555557858a80, addr=65536, xlat=0x7fffdc07c588,
plen=0x7fffdc07c590) at /home/pkern/src/qemu/exec.c:434
section = 0x5555558b1868
__PRETTY_FUNCTION__ = "address_space_translate_for_iotlb"
#3 0x000055555562b786 in tlb_set_page_with_attrs (cpu=0x555557858a80,
vaddr=65536, paddr=65536, attrs=..., prot=7, mmu_idx=0,
size=4096) at /home/pkern/src/qemu/cputlb.c:366
env = 0x555557860d00
section = 0x7
index = 712983228
address = 12281431504
code_address = 16
addend = 65536
te = 0x100010000
iotlb = 93825004614208
xlat = 93824994779868
sz = 4096
vidx = 0
__PRETTY_FUNCTION__ = "tlb_set_page_with_attrs"
#4 0x000055555562bb0a in tlb_set_page (cpu=0x555557858a80, vaddr=65536,
paddr=65536, prot=7, mmu_idx=0, size=4096)
at /home/pkern/src/qemu/cputlb.c:436
No locals.
#5 0x000055555569b915 in s390_cpu_handle_mmu_fault (cs=0x555557858a80,
orig_vaddr=65536, rw=2, mmu_idx=0)
at /home/pkern/src/qemu/target-s390x/helper.c:146
cpu = 0x555557858a80
__func__ = "s390_cpu_handle_mmu_fault"
env = 0x555557860d00
asc = 0
vaddr = 65536
raddr = 65536
prot = 7
#6 0x00005555556a2a9e in tlb_fill (cs=0x555557858a80, addr=65536, is_write=2,
mmu_idx=0, retaddr=0)
at /home/pkern/src/qemu/target-s390x/mem_helper.c:39
ret = 21845
#7 0x0000555555631b39 in helper_ret_ldb_cmmu (env=0x555557860d00, addr=65536,
oi=0, retaddr=0)
at /home/pkern/src/qemu/softmmu_template.h:189
mmu_idx = 0
index = 16
tlb_addr = 18446744073709551615
haddr = 0
res = 0 '\000'
#8 0x000055555562aa82 in cpu_ldub_code_ra (env=0x555557860d00, ptr=65536,
retaddr=0)
at /home/pkern/src/qemu/include/exec/cpu_ldst_template.h:89
page_index = 16
res = 0
addr = 65536
mmu_idx = 0
oi = 0
#9 0x000055555562aaf8 in cpu_ldub_code (env=0x555557860d00, ptr=65536)
at /home/pkern/src/qemu/include/exec/cpu_ldst_template.h:101
No locals.
#10 0x000055555562bba6 in get_page_addr_code (env1=0x555557860d00, addr=65536)
at /home/pkern/src/qemu/cputlb.c:456
mmu_idx = 0
page_index = 16
pd = 0
p = 0x7fffdc07d700
mr = 0x5555558927ff
cpu = 0x555557858a80
__func__ = "get_page_addr_code"
#11 0x00005555555e6ec9 in tb_find_physical (cpu=0x555557858a80, pc=65536,
cs_base=0, flags=4097)
at /home/pkern/src/qemu/cpu-exec.c:222
env = 0x555557860d00
tb = 0x5555560e7710
ptb1 = 0x5555560de0b0
h = 257
phys_pc = 93824994775183
phys_page1 = 93825004369680
virt_page2 = 140736884885760
#12 0x00005555555e7033 in tb_find_slow (cpu=0x555557858a80, pc=65536,
cs_base=0, flags=4097)
at /home/pkern/src/qemu/cpu-exec.c:266
tb = 0x10400
#13 0x00005555555e7186 in tb_find_fast (cpu=0x555557858a80) at
/home/pkern/src/qemu/cpu-exec.c:314
env = 0x555557860d00
tb = 0x0
cs_base = 0
pc = 65536
flags = 4097
#14 0x00005555555e7594 in cpu_s390x_exec (cpu=0x555557858a80) at
/home/pkern/src/qemu/cpu-exec.c:463
cc = 0x5555560f4b20
__func__ = "cpu_s390x_exec"
ret = 21845
interrupt_request = 0
tb = 0x7fffdc07c9a0
tc_ptr = 0x5555556c0f65 <runstate_is_running+14>
"\017\266\300]\303UH\211\345\277\002"
next_tb = 0
sc = {diff_clk = 140736884885952, last_cpu_icount = 40087115959,
realtime_clock = 140736884885952}
#15 0x00005555556100ef in tcg_cpu_exec (cpu=0x555557858a80) at
/home/pkern/src/qemu/cpus.c:1450
ret = 21845
#16 0x00005555556101cd in tcg_exec_all () at /home/pkern/src/qemu/cpus.c:1482
cpu = 0x555557858a80
r = 32767
#17 0x000055555560f721 in qemu_tcg_cpu_thread_fn (arg=0x555557858a80) at
/home/pkern/src/qemu/cpus.c:1128
cpu = 0x0
#18 0x00007ffff258e0a4 in start_thread (arg=0x7fffdc07d700) at
pthread_create.c:309
__res = <optimized out>
pd = 0x7fffdc07d700
now = <optimized out>
---Type <return> to continue, or q <return> to quit---
unwind_buf = {cancel_jmp_buf = {{jmp_buf = {140736884889344,
-5613847576358200238, 1, 140737354125408, 0,
140736884889344, 5613775766303759442, 5613877598567357522},
mask_was_saved = 0}}, priv = {pad = {0x0, 0x0, 0x0,
0x0}, data = {prev = 0x0, cleanup = 0x0, canceltype = 0}}}
not_first_call = <optimized out>
pagesize_m1 = <optimized out>
sp = <optimized out>
freesize = <optimized out>
__PRETTY_FUNCTION__ = "start_thread"
#19 0x00007ffff22c304d in clone () at
../sysdeps/unix/sysv/linux/x86_64/clone.S:111
No locals.
Kind regards and thanks
Philipp Kern
signature.asc
Description: Digital signature
- [Qemu-devel] Segmentation fault when running qemu-system-s390x,
Philipp Kern <=