From: Paolo Bonzini <pbonzini@redhat.com>
Cc: Blue Swirl <blauwirbel@gmail.com>, Alexander Graf <agraf@suse.de>,
"qemu-devel@nongnu.org" <qemu-devel@nongnu.org>
Subject: [Qemu-devel] Re: [PATCH 3/8] sparc64: fix 32bit load sign extension
Date: Fri, 04 Jun 2010 12:18:27 +0200 [thread overview]
Message-ID: <4C08D2F3.6060007@redhat.com> (raw)
In-Reply-To: <4C08B109.7090308@redhat.com>
On 06/04/2010 09:53 AM, Paolo Bonzini wrote:
> On 06/03/2010 09:59 PM, Igor Kovalenko wrote:
>> On Thu, Jun 3, 2010 at 7:42 PM, Paolo Bonzini<pbonzini@redhat.com> wrote:
>>> On 06/03/2010 05:25 PM, Alexander Graf wrote:
>>>>
>>>> Am 03.06.2010 um 15:18 schrieb Paolo Bonzini<pbonzini@redhat.com>:
>>>>
>>>>> On 06/01/2010 10:12 PM, Igor V. Kovalenko wrote:
>>>>>>
>>>>>> From: Igor V. Kovalenko<igor.v.kovalenko@gmail.com>
>>>>>>
>>>>>> - change return type of ldl_* to uint32_t to prevent unwanted sign
>>>>>> extension
>>>>>> visible in sparc64 load alternate address space methods
>>>>>> - note this change makes ldl_* softmmu implementations match ldl_phys
>>>>>> one
>>>>>
>>>>> This patch breaks -kernel/-initrd.
>>>>
>>>> Breaks it where and when?
>>>
>>> x86_64 TCG reboots after the "Probing EDD" step.
>>
>> My local build appears to work, qemu-system-x86_64 loads my gentoo
>> linux setup.
>> I use x86_64 host, gcc 4.4.3, qemu configured with ./configure
>> --prefix=/inst --target-list=sparc64-softmmu,x86_64-softmmu
>
> Normal boot works. Only -kernel/-initrd fails.
Hmm, PEBKAC. Boot of Fedora and RHEL5 guests always fails, so it's not
related to -kernel/-initrd. (Of course, without -kernel/-initrd it
reboots into GRUB rather than looping quickly).
I've placed a failing vmlinuz at
http://people.redhat.com/people/vmlinuz-fail -- if it fails it should
reboot continuously. The failure happens pretty soon after the kernel
starts running. The sequence is:
lock_kernel
-> __lock_kernel
-> preempt_disable
-> current_thread_info()
IN:
0xffffffff80063064: push %rbp
0xffffffff80063065: mov %rsp,%rbp
0xffffffff80063068: mov %gs:0x10,%rax
0xffffffff80063071: mov -0x1fc8(%rax),%eax
0xffffffff80063077: test $0x8,%al
0xffffffff80063079: je 0xffffffff800630a2
%rax is 0xffffffff803f1fd8, but it page faults with
%cr2=0x00000000803f0010. The reason is that in the generated x86
assembly -0x1fc8 is erroneously zero extended:
0x4180347b: mov %rbp,%rbx
0x4180347e: mov $0xffffe038,%r12d
0x41803484: add %r12,%rbx
so it gives the wrong address:
(gdb) info reg rbp
rbp 0xffffffff803f1fd8 0xffffffff803f1fd8
(gdb) info reg r12
r12 0xffffe038 4294959160
(gdb) info reg rbx
rbx 0x803f0010 2151612432
From there it's obvious: general protection, double fault, general
protection, triple fault.
So it's a TCG bug that is expecting ldl_* to sign extend. I'll send a
patch after I come back from lunch.
Paolo
next prev parent reply other threads:[~2010-06-04 10:18 UTC|newest]
Thread overview: 28+ messages / expand[flat|nested] mbox.gz Atom feed top
2010-06-01 20:12 [Qemu-devel] [PATCH 0/8] sparc64 fixes Igor V. Kovalenko
2010-06-01 20:12 ` [Qemu-devel] [PATCH 1/8] sparc64: fix tag access register on mmu traps Igor V. Kovalenko
2010-06-01 20:12 ` [Qemu-devel] [PATCH 2/8] sparc64: fix missing address masking Igor V. Kovalenko
2010-06-01 20:44 ` Richard Henderson
2010-06-02 4:29 ` Igor Kovalenko
2010-06-02 13:47 ` Richard Henderson
2010-06-02 16:10 ` Blue Swirl
2010-06-02 16:46 ` Andreas Färber
2010-06-02 18:21 ` Igor Kovalenko
2010-06-02 19:20 ` Igor Kovalenko
2010-06-01 20:12 ` [Qemu-devel] [PATCH 3/8] sparc64: fix 32bit load sign extension Igor V. Kovalenko
2010-06-03 13:18 ` [Qemu-devel] " Paolo Bonzini
2010-06-03 15:25 ` Alexander Graf
2010-06-03 15:42 ` Paolo Bonzini
2010-06-03 19:59 ` Igor Kovalenko
2010-06-04 7:53 ` Paolo Bonzini
2010-06-04 10:18 ` Paolo Bonzini [this message]
2010-06-04 14:27 ` [Qemu-devel] [PATCH] target-i386: fix decoding of negative 4-byte displacements Paolo Bonzini
2010-06-04 16:23 ` Richard Henderson
2010-06-04 20:03 ` Blue Swirl
2010-06-01 20:12 ` [Qemu-devel] [PATCH 4/8] sparc64: fix ldxfsr insn Igor V. Kovalenko
2010-06-01 20:12 ` [Qemu-devel] [PATCH 5/8] sparc64: use symbolic name for MMU index Igor V. Kovalenko
2010-06-02 16:16 ` Blue Swirl
2010-06-02 18:45 ` Igor Kovalenko
2010-06-01 20:12 ` [Qemu-devel] [PATCH 6/8] sparc64: improve ldf and stf insns Igor V. Kovalenko
2010-06-01 20:12 ` [Qemu-devel] [PATCH 7/8] sparc64: fix udiv and sdiv insns Igor V. Kovalenko
2010-06-01 20:12 ` [Qemu-devel] [PATCH 8/8] sparc64: fix umul and smul insns Igor V. Kovalenko
2010-06-02 20:27 ` [Qemu-devel] [PATCH 0/8] sparc64 fixes Blue Swirl
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=4C08D2F3.6060007@redhat.com \
--to=pbonzini@redhat.com \
--cc=agraf@suse.de \
--cc=blauwirbel@gmail.com \
--cc=qemu-devel@nongnu.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.