[Qemu-devel] Segmentation Fault running Raspberry Pi OS.

[Qemu-devel] Segmentation Fault running Raspberry Pi OS.

[Julio Faracco]

Hi guys,

I was developing a simple OS for Raspberry Pi 2.
When I was debugging my OS using "-s -S" options for QEMU, I was
getting a segfault: Segmentation fault (core dumped).

After that, I decided to run QEMU (for ARM using a raspi2 machine) inside GDB.

$ gdb ./arm-softmmu/qemu-system-arm
(gdb) run -kernel ~/myos/kernel.elf -cpu arm1176 -m 256 -M raspi2 -s -S

After starting my kernel in another GDB instance, I got a segfault as
I mentioned.
Here is the error and the backtrace:

Thread 1 "qemu-system-arm" received signal SIGSEGV, Segmentation fault.
0x0000555555785da7 in tb_page_remove (tb=0x7fffd2cf40f0, ptb=0x30) at
/home/julio/qemu/translate-all.c:1033
1033        ptb = &tb1->page_next[n1];
(gdb) bt
#0  0x0000555555785da7 in tb_page_remove (tb=0x7fffd2cf40f0, ptb=0x30)
at /home/julio/qemu/translate-all.c:1033
#1  tb_phys_invalidate (tb=0x7fffd2cf40f0,
page_addr=page_addr@entry=18446744073709551615)
    at /home/julio/qemu/translate-all.c:1119
#2  0x0000555555786844 in tb_invalidate_phys_page_range (start=65948,
end=65949, is_cpu_write_access=is_cpu_write_access@entry=0)
    at /home/julio/qemu/translate-all.c:1519
#3  0x0000555555786c9a in tb_invalidate_phys_addr (as=<optimized out>,
addr=<optimized out>)
    at /home/julio/qemu/translate-all.c:1714
#4  0x000055555577b13a in breakpoint_invalidate (cpu=0x7fffd2b84088,
pc=65948) at /home/julio/qemu/exec.c:704
#5  0x000055555577d8cf in cpu_breakpoint_remove_by_ref (cpu=<optimized
out>, breakpoint=0x5555570105f0)
    at /home/julio/qemu/exec.c:869
#6  0x000055555577d927 in cpu_breakpoint_remove
(cpu=cpu@entry=0x7fffd2b84088, pc=pc@entry=65948,
flags=flags@entry=16)
    at /home/julio/qemu/exec.c:857
#7  0x00005555557bd889 in gdb_breakpoint_remove (type=<optimized out>,
len=<optimized out>, addr=65948)
    at /home/julio/qemu/gdbstub.c:717
#8  gdb_handle_packet (s=s@entry=0x55555700a000,
line_buf=line_buf@entry=0x55555700a01c "z0,1019c,4")
    at /home/julio/qemu/gdbstub.c:1035
#9  0x00005555557be352 in gdb_read_byte (ch=52, s=0x55555700a000) at
/home/julio/qemu/gdbstub.c:1459
#10 gdb_chr_receive (opaque=<optimized out>, buf=<optimized out>,
size=<optimized out>) at /home/julio/qemu/gdbstub.c:1672
#11 0x00005555558cfde1 in tcp_chr_read (chan=<optimized out>,
cond=<optimized out>, opaque=0x55555700ff00) at qemu-char.c:3145
#12 0x00007fffe23e205a in g_main_context_dispatch () from
/lib/x86_64-linux-gnu/libglib-2.0.so.0
#13 0x0000555555a7c79b in glib_pollfds_poll () at main-loop.c:215
#14 os_host_main_loop_wait (timeout=<optimized out>) at main-loop.c:260
#15 main_loop_wait (nonblocking=<optimized out>) at main-loop.c:508
#16 0x0000555555776c74 in main_loop () at vl.c:1966
#17 main (argc=<optimized out>, argv=<optimized out>, envp=<optimized
out>) at vl.c:4684

I noticed that the function page_find_alloc(); sometime returns a NULL pointer.
So, the ptb pointer (tb1 = *ptb at the begining) is NULL and when the
code is trying to access the attribute "page_next", it does not work.

Can it be the cause? Please, any guidance for this issue?

Thanks!

--
Julio Cesar Faracco

Re: [Qemu-devel] Segmentation Fault running Raspberry Pi OS.

[Fam Zheng]

On Wed, 11/09 19:35, Julio Faracco wrote:
> Hi guys,
> 
> I was developing a simple OS for Raspberry Pi 2.
> When I was debugging my OS using "-s -S" options for QEMU, I was
> getting a segfault: Segmentation fault (core dumped).

Hello Julio,

What version of QEMU are you using? Please test with the current head of master
branch. If it crashes, could you try git bisect to find the bad commit?

I am not familiar with gdbstub/tlb code, so just giving some generic tips here.
My apology if they are too obvious.

Fam

Re: [Qemu-devel] Segmentation Fault running Raspberry Pi OS.

[Stefan Weil]

On 11/09/16 22:35, Julio Faracco wrote:
> Hi guys,
>
> I was developing a simple OS for Raspberry Pi 2.
> When I was debugging my OS using "-s -S" options for QEMU, I was
> getting a segfault: Segmentation fault (core dumped).
>
> After that, I decided to run QEMU (for ARM using a raspi2 machine) inside GDB.
>
> $ gdb ./arm-softmmu/qemu-system-arm
> (gdb) run -kernel ~/myos/kernel.elf -cpu arm1176 -m 256 -M raspi2 -s -S
>
> After starting my kernel in another GDB instance, I got a segfault as
> I mentioned.
> Here is the error and the backtrace:
>
> Thread 1 "qemu-system-arm" received signal SIGSEGV, Segmentation fault.
> 0x0000555555785da7 in tb_page_remove (tb=0x7fffd2cf40f0, ptb=0x30) at
> /home/julio/qemu/translate-all.c:1033
> 1033        ptb = &tb1->page_next[n1];

Does this happen with other kernels (for example official Raspbian) too?
If not: could you provide your special kernel, so it is possible to
reproduce that crash?

Cheers
Stefan

Re: [Qemu-devel] Segmentation Fault running Raspberry Pi OS.

[Julio Faracco]

Hi guys,

Thanks for the feedback.
Basically, I'm using master branch.
I'm not using any specific tag.

$ ./qemu-system-arm --version
QEMU emulator version 2.7.50 (v2.7.0-1871-g9b4b035-dirty)
Copyright (c) 2003-2016 Fabrice Bellard and the QEMU Project developers

I updated this branch (git pull only), recompiled and test it again.
The error is still happening.

I'm developing an OS for Raspberry Pi.
The code source base was taken from here:
http://wiki.osdev.org/Raspberry_Pi_Bare_Bones
The compiler, I moved to arm-none-eabi-gcc.

$ arm-none-eabi-gcc --version
arm-none-eabi-gcc (15:4.9.3+svn231177-1) 4.9.3 20150529 (prerelease)

I'm still need to test raspbian yet.

--
Julio Cesar Faracco

2016-11-10 4:39 GMT-02:00 Stefan Weil <sw@weilnetz.de>:
> On 11/09/16 22:35, Julio Faracco wrote:
>>
>> Hi guys,
>>
>> I was developing a simple OS for Raspberry Pi 2.
>> When I was debugging my OS using "-s -S" options for QEMU, I was
>> getting a segfault: Segmentation fault (core dumped).
>>
>> After that, I decided to run QEMU (for ARM using a raspi2 machine) inside
>> GDB.
>>
>> $ gdb ./arm-softmmu/qemu-system-arm
>> (gdb) run -kernel ~/myos/kernel.elf -cpu arm1176 -m 256 -M raspi2 -s -S
>>
>> After starting my kernel in another GDB instance, I got a segfault as
>> I mentioned.
>> Here is the error and the backtrace:
>>
>> Thread 1 "qemu-system-arm" received signal SIGSEGV, Segmentation fault.
>> 0x0000555555785da7 in tb_page_remove (tb=0x7fffd2cf40f0, ptb=0x30) at
>> /home/julio/qemu/translate-all.c:1033
>> 1033        ptb = &tb1->page_next[n1];
>
>
> Does this happen with other kernels (for example official Raspbian) too?
> If not: could you provide your special kernel, so it is possible to
> reproduce that crash?
>
> Cheers
> Stefan
>