Re: [Qemu-devel] [memory] abort with head a8170e5

All of lore.kernel.org
 help / color / mirror / Atom feed

From: Aurelien Jarno <aurelien@aurel32.net>
To: Richard Henderson <rth@twiddle.net>
Cc: avi@redhat.com, qemu-devel@nongnu.org
Subject: Re: [Qemu-devel] [memory] abort with head a8170e5
Date: Wed, 24 Oct 2012 16:00:15 +0200	[thread overview]
Message-ID: <20121024140015.GA14279@hall.aurel32.net> (raw)
In-Reply-To: <50872514.1090207@twiddle.net>

On Wed, Oct 24, 2012 at 09:15:32AM +1000, Richard Henderson wrote:
> qemu-system-sparc64: /home/rth/work/qemu/qemu/memory.c:1022: memory_region_destroy: Assertion `memory_region_transaction_depth == 0' failed.
> 
> Program received signal SIGABRT, Aborted.
> 0x00007ffff5234925 in raise () from /lib64/libc.so.6
> (gdb) where
> #0  0x00007ffff5234925 in raise () from /lib64/libc.so.6
> #1  0x00007ffff52360d8 in abort () from /lib64/libc.so.6
> #2  0x00007ffff522d6a2 in __assert_fail_base () from /lib64/libc.so.6
> #3  0x00007ffff522d752 in __assert_fail () from /lib64/libc.so.6
> #4  0x000055555576ebe4 in memory_region_destroy (mr=0x555556a76f60)
>     at /home/rth/work/qemu/qemu/memory.c:1022
> #5  0x0000555555674729 in pci_bridge_cleanup_alias (
>     parent_space=<optimized out>, alias=0x555556a76f60)
>     at /home/rth/work/qemu/qemu/hw/pci_bridge.c:158
> #6  pci_bridge_region_cleanup (br=0x555556a75d30)
>     at /home/rth/work/qemu/qemu/hw/pci_bridge.c:190
> #7  0x0000555555674ccb in pci_bridge_update_mappings (br=0x555556a75d30)
>     at /home/rth/work/qemu/qemu/hw/pci_bridge.c:203
> #8  pci_bridge_write_config (d=0x555556a75d30, address=<optimized out>, 
>     val=<optimized out>, len=<optimized out>)
>     at /home/rth/work/qemu/qemu/hw/pci_bridge.c:226
> #9  0x000055555576b072 in access_with_adjusted_size (addr=addr@entry=2052, 
>     value=value@entry=0x7fffedaee890, size=size@entry=2, 
>     access_size_min=<optimized out>, access_size_max=<optimized out>, 
>     access=access@entry=0x55555576b690 <memory_region_write_accessor>, 
>     opaque=opaque@entry=0x555556a65a38)
>     at /home/rth/work/qemu/qemu/memory.c:363
> #10 0x0000555555770183 in memory_region_dispatch_write (size=2, data=768, addr=
>     2052, mr=0x555556a65a38) at /home/rth/work/qemu/qemu/memory.c:914
> #11 io_mem_write (mr=0x555556a65a38, addr=2052, val=<optimized out>, size=2)
>     at /home/rth/work/qemu/qemu/memory.c:1570
> #12 0x00007ffff011cd3e in code_gen_buffer ()
> 
> This can be seen with the distributed OpenBIOS, i.e. no special options needed:
> 
>   ./sparc64-softmmu/qemu-system-sparc64
> 

mips is also broken but by commit 1c380f9460522f32c8dd2577b2a53d518ec91c6d:

| [    0.436000] PCI: Enabling device 0000:00:0a.1 (0000 -> 0001)
| Segmentation fault (core dumped)

With gdb:

| Program terminated with signal 11, Segmentation fault.
| #0  phys_page_set_level (lp=0x7f4e12862db0, lp@entry=0x7f4e12851cf0, index=index@entry=0x7f4e012af480, nb=nb@entry=0x7f4e012af488, leaf=leaf@entry=45, level=level@entry=0) at /home/aurel32/qemu/exec.c:440
| 440                 lp->is_leaf = true;
| (gdb) bt
| #0  phys_page_set_level (lp=0x7f4e12862db0, lp@entry=0x7f4e12851cf0, index=index@entry=0x7f4e012af480, nb=nb@entry=0x7f4e012af488, leaf=leaf@entry=45, level=level@entry=0) at /home/aurel32/qemu/exec.c:440
| #1  0x00007f4e10f33a10 in phys_page_set_level (lp=0x7f4e12851cf0, lp@entry=0x7f4e12851470, index=index@entry=0x7f4e012af480, nb=nb@entry=0x7f4e012af488, leaf=leaf@entry=45, level=level@entry=1)
|     at /home/aurel32/qemu/exec.c:445
| #2  0x00007f4e10f33a10 in phys_page_set_level (lp=0x7f4e12851470, lp@entry=0x7f4e124ffb50, index=index@entry=0x7f4e012af480, nb=nb@entry=0x7f4e012af488, leaf=45, level=level@entry=2)
|     at /home/aurel32/qemu/exec.c:445
| #3  0x00007f4e10f3477f in phys_page_set (leaf=<optimized out>, nb=16, index=65696, d=0x7f4e124ffb50) at /home/aurel32/qemu/exec.c:458
| #4  register_multipage (section=0x7f4e012af490, d=0x7f4e124ffb50) at /home/aurel32/qemu/exec.c:2263
| #5  mem_add (listener=0x7f4e124ffb58, section=<optimized out>) at /home/aurel32/qemu/exec.c:2289
| #6  0x00007f4e10f69a3c in address_space_update_topology_pass (as=as@entry=0x7f4e126201c8, adding=adding@entry=true, old_view=..., new_view=...) at /home/aurel32/qemu/memory.c:710
| #7  0x00007f4e10f6a458 in address_space_update_topology (as=0x7f4e126201c8) at /home/aurel32/qemu/memory.c:725
| #8  memory_region_transaction_commit () at /home/aurel32/qemu/memory.c:748
| #9  0x00007f4e10e5eeff in pci_default_write_config (d=0x7f4e1261ffb0, addr=4, val=0, l=4) at hw/pci.c:1075
| #10 0x00007f4e10f67df2 in access_with_adjusted_size (addr=addr@entry=3324, value=value@entry=0x7f4e012af8a0, size=size@entry=4, access_size_min=<optimized out>, access_size_max=<optimized out>,
|     access=access@entry=0x7f4e10f68410 <memory_region_write_accessor>, opaque=opaque@entry=0x7f4e124f2ba8) at /home/aurel32/qemu/memory.c:363
| #11 0x00007f4e10f6cda3 in memory_region_dispatch_write (size=4, data=41943045, addr=3324, mr=0x7f4e124f2ba8) at /home/aurel32/qemu/memory.c:914
| #12 io_mem_write (mr=0x7f4e124f2ba8, addr=3324, val=<optimized out>, size=4) at /home/aurel32/qemu/memory.c:1567
| #13 0x00000000415a4be0 in code_gen_buffer ()
| #14 0x00007f4e10f2e811 in cpu_mips_exec (env=0x7f4e12840ed0, env@entry=0x7f4e124d98c8) at /home/aurel32/qemu/cpu-exec.c:601
| #15 0x00007f4e10f2fbc3 in tcg_cpu_exec (env=0x7f4e124d98c8) at /home/aurel32/qemu/cpus.c:1109
| #16 tcg_exec_all () at /home/aurel32/qemu/cpus.c:1141
| #17 qemu_tcg_cpu_thread_fn (arg=<optimized out>) at /home/aurel32/qemu/cpus.c:836
| #18 0x00007f4e0c2a3b50 in start_thread (arg=<optimized out>) at pthread_create.c:304
| #19 0x00007f4e0bfee70d in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:112
| #20 0x0000000000000000 in ?? ()



-- 
Aurelien Jarno	                        GPG: 1024D/F1BCDB73
aurelien@aurel32.net                 http://www.aurel32.net

next prev parent reply	other threads:[~2012-10-24 14:00 UTC|newest]

Thread overview: 11+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2012-10-23 23:15 [Qemu-devel] [memory] abort with head a8170e5 Richard Henderson
2012-10-24 14:00 ` Aurelien Jarno [this message]
2012-10-25 13:47   ` Avi Kivity
2012-10-25 14:39     ` Aurelien Jarno
2012-10-25 16:12       ` Avi Kivity
2012-10-29  7:54         ` Aurelien Jarno
2012-10-29 15:17           ` Avi Kivity
2012-10-29 15:30             ` Aurelien Jarno
2012-10-25 10:37 ` [Qemu-devel] [PATCH] pci: avoid destroying bridge address space windows in a transaction Avi Kivity
2012-10-25 14:34   ` Aurelien Jarno
2012-10-29 15:10   ` Michael S. Tsirkin

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20121024140015.GA14279@hall.aurel32.net \
    --to=aurelien@aurel32.net \
    --cc=avi@redhat.com \
    --cc=qemu-devel@nongnu.org \
    --cc=rth@twiddle.net \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.