From: Anthony Liguori <anthony@codemonkey.ws>
To: qemu-devel@nongnu.org
Cc: Jan Kiszka <jan.kiszka@siemens.com>,
fidencio <fabiano@fidencio.org>, Avi Kivity <avi@redhat.com>
Subject: Re: [Qemu-devel] [Bug 948675] [NEW] QEMU is crashing when called with "-vga none"
Date: Wed, 14 Mar 2012 14:59:17 -0500 [thread overview]
Message-ID: <4F60F895.2030903@codemonkey.ws> (raw)
In-Reply-To: <20120307042222.22612.76025.malonedeb@gac.canonical.com>
On 03/06/2012 10:22 PM, fidencio wrote:
> Public bug reported:
>
> QEMU is crashing when called with "-vga none". This regression was
> inserted in e5ad936b0fd7dfd7fd7908be6f9f1ca88f63b96b.
>
> QEMU line:
> /home/fidencio/dev/bin/qemu-system-x86_64 -enable-kvm -m 1024 -kernel /home/fidencio/src/linux-2.6/arch/x86_64/boot/bzImage -append "root=nfs rw nfsrootdebug console=ttyS0 ip=192.168.122.2:192.168.122.1:192.168.122.1:255.255.255.0 nfsroot=192.168.122.1:/home/fidencio/fedora14-minimal" -device e1000,vlan=0 -serial stdio -net tap,script=/home/fidencio/dev/etc/qemu-ifup -vga none
I can confirm this was introduced in:
commit e5ad936b0fd7dfd7fd7908be6f9f1ca88f63b96b
Author: Jan Kiszka <jan.kiszka@siemens.com>
Date: Fri Feb 17 18:31:19 2012 +0100
kvmvapic: Introduce TPR access optimization for Windows guests
For me, this results in a SEGV until:
commit bf75fec175d00885c7ae06e5917bde86110c386a
Merge: 9f1d43b 7e68075
Author: Anthony Liguori <aliguori@us.ibm.com>
Date: Fri Mar 9 12:29:55 2012 -0600
Merge remote-tracking branch 'qemu-kvm/uq/master' into staging
* qemu-kvm/uq/master:
kvm: fill in padding to help valgrind
kvm: x86: Add user space part for in-kernel i8254
kvm: Add kvm_has_pit_state2 helper
i8254: Open-code timer restore
i8254: Factor out base class for KVM reuse
Which then turns it into:
/home/anthony/build/qemu/x86_64-softmmu/qemu-system-x86_64 -kernel
bin/vmlinuz-3.0 -initrd .tmp-20604/initramfs-20604.img.gz -append console=ttyS0
seed=8631 -drive file=.tmp-20604/disk-20604.img,if=none,snapshot=on,id=hd0
-device virtio-balloon-pci,addr=03.0 -device virtio-blk-pci,addr=04.0,drive=hd0
-nographic -nodefconfig -m 1G -no-reboot -no-hpet -device virtio-serial -chardev
socket,path=.tmp-20604/channel-20604.sock,id=channel0,server,nowait -device
virtserialport,chardev=channel0,name=org.libguestfs.channel.0 -nodefaults
-serial stdio -enable-kvm -pidfile .tmp-20604/pidfile-20604.pid -qmp
unix:.tmp-20604/qmpsock-20604.sock,server,nowait
KVM internal error. Suberror: 1
emulation failure
EAX=0000aa55 EBX=00000000 ECX=00000000 EDX=00000000
ESI=00000000 EDI=00000000 EBP=00000000 ESP=00006f78
EIP=0000003c EFL=00010202 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 00000000 0000ffff 00009300
CS =c300 000c3000 0000ffff 00009b00
SS =0000 00000000 0000ffff 00009300
DS =0000 00000000 0000ffff 00009300
FS =0000 00000000 0000ffff 00009300
GS =0000 00000000 0000ffff 00009300
LDT=0000 00000000 0000ffff 00008200
TR =0000 00000000 0000ffff 00008b00
GDT= 000fcd78 00000037
IDT= 00000000 000003ff
CR0=00000010 CR2=00000000 CR3=00000000 CR4=00000000
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000000
Code=00 00 7c 02 81 02 00 00 00 00 00 00 00 00 3c 00 00 00 00 00 <8c> c8 8e d8
fa fc e9 91 00 b8 16 00 ba 10 05 ef ba 11 05 ec 66 c1 e0 08 ec 66 c1 e0 08 ec
A simple test case to reproduce:
x86_64-softmmu/qemu-system-x86_64 -nographic -nodefconfig -enable-kvm
-nodefaults -kernel /boot/vmlinuz-2.6.32-29-generic
I've tried multiple guest kernel versions and they all reproduce (not surprising
since EIP is still in SeaBIOS here).
This also happens with the very latest SeaBIOS release.
Regards,
Anthony Liguori
>
> Backtrace:
> #0 0x00005555557ac976 in is_romd (pd=2048)
> at /home/fidencio/src/qemu/exec.c:2110
> #1 0x00005555557ac9e3 in is_ram_rom_romd (pd=804864)
> at /home/fidencio/src/qemu/exec.c:2115
> #2 0x00005555557ad05a in cpu_register_physical_memory_log (section=
> 0x7ffff2daf6f0, readable=true, readonly=false)
> at /home/fidencio/src/qemu/exec.c:2587
> #3 0x00005555557e4d47 in as_memory_range_add (as=0x555555c34980, fr=
> 0x7fffec002950) at /home/fidencio/src/qemu/memory.c:317
> #4 0x00005555557e6b49 in address_space_update_topology_pass (as=
> 0x555555c34980, old_view=..., new_view=..., adding=true)
> at /home/fidencio/src/qemu/memory.c:763
> #5 0x00005555557e6c3f in address_space_update_topology (as=0x555555c34980)
> at /home/fidencio/src/qemu/memory.c:779
> #6 0x00005555557e6d0c in memory_region_update_topology (mr=0x55555646d2c0)
> at /home/fidencio/src/qemu/memory.c:798
> #7 0x00005555557e8e16 in memory_region_add_subregion_common (mr=
> 0x55555646d2c0, offset=792576, subregion=0x5555564a6130)
> at /home/fidencio/src/qemu/memory.c:1352
> #8 0x00005555557e8ede in memory_region_add_subregion_overlap (mr=
> 0x55555646d2c0, offset=792576, subregion=0x5555564a6130, priority=1000)
> at /home/fidencio/src/qemu/memory.c:1372
> #9 0x00005555557dfebe in vapic_map_rom_writable (s=0x5555564a3d30)
> at /home/fidencio/src/qemu/hw/kvmvapic.c:587
> #10 0x00005555557dff06 in vapic_prepare (s=0x5555564a3d30)
> at /home/fidencio/src/qemu/hw/kvmvapic.c:593
> #11 0x00005555557e0001 in vapic_write (opaque=0x5555564a3d30, addr=0, data=32,
> size=2) at /home/fidencio/src/qemu/hw/kvmvapic.c:632
> #12 0x00005555557e4b84 in memory_region_write_accessor (opaque=0x5555564a6068,
> addr=0, value=0x7ffff2dafb00, size=2, shift=0, mask=65535)
> at /home/fidencio/src/qemu/memory.c:274
> #13 0x00005555557e4c66 in access_with_adjusted_size (addr=0, value=
> 0x7ffff2dafb00, size=2, access_size_min=1, access_size_max=4, access=
> 0x5555557e4b0c<memory_region_write_accessor>, opaque=0x5555564a6068)
> at /home/fidencio/src/qemu/memory.c:304
> #14 0x00005555557e5412 in memory_region_iorange_write (iorange=0x5555564a60b0,
> offset=0, width=2, data=32) at /home/fidencio/src/qemu/memory.c:440
> #15 0x00005555557d0ab6 in ioport_writew_thunk (opaque=0x5555564a60b0, addr=
> 126, data=32) at /home/fidencio/src/qemu/ioport.c:218
> #16 0x00005555557d0411 in ioport_write (index=1, address=126, data=32)
> at /home/fidencio/src/qemu/ioport.c:82
> #17 0x00005555557d0f3d in cpu_outw (addr=126, val=32)
> at /home/fidencio/src/qemu/ioport.c:281
> #18 0x00005555557d537c in kvm_handle_io (port=126, data=0x7ffff7ff4000,
> direction=1, size=2, count=1) at /home/fidencio/src/qemu/kvm-all.c:1015
> #19 0x00005555557d594a in kvm_cpu_exec (env=0x555556492f20)
> at /home/fidencio/src/qemu/kvm-all.c:1160
> #20 0x00005555557a5d69 in qemu_kvm_cpu_thread_fn (arg=0x555556492f20)
> at /home/fidencio/src/qemu/cpus.c:733
> #21 0x00007ffff651dd90 in start_thread (arg=0x7ffff2db0700)
> at pthread_create.c:309
> #22 0x00007ffff578148d in clone ()
> at ../sysdeps/unix/sysv/linux/x86_64/clone.S:115
>
> ** Affects: qemu
> Importance: Undecided
> Status: New
>
> ** Description changed:
>
> QEMU is crashing when called with "-vga none". This regression was
> inserted in e5ad936b0fd7dfd7fd7908be6f9f1ca88f63b96b.
>
> QEMU line:
> /home/fidencio/dev/bin/qemu-system-x86_64 -enable-kvm -m 1024 -kernel /home/fidencio/src/linux-2.6/arch/x86_64/boot/bzImage -append "root=nfs rw nfsrootdebug console=ttyS0 ip=192.168.122.2:192.168.122.1:192.168.122.1:255.255.255.0 nfsroot=192.168.122.1:/home/fidencio/fedora14-minimal" -device e1000,vlan=0 -serial stdio -net tap,script=/home/fidencio/dev/etc/qemu-ifup -vga none
>
> Backtrace:
> #0 0x00005555557ac976 in is_romd (pd=2048)
> - at /home/fidencio/src/qemu/exec.c:2110
> + at /home/fidencio/src/qemu/exec.c:2110
> #1 0x00005555557ac9e3 in is_ram_rom_romd (pd=804864)
> - at /home/fidencio/src/qemu/exec.c:2115
> + at /home/fidencio/src/qemu/exec.c:2115
> #2 0x00005555557ad05a in cpu_register_physical_memory_log (section=
> - 0x7ffff2daf6f0, readable=true, readonly=false)
> - at /home/fidencio/src/qemu/exec.c:2587
> + 0x7ffff2daf6f0, readable=true, readonly=false)
> + at /home/fidencio/src/qemu/exec.c:2587
> #3 0x00005555557e4d47 in as_memory_range_add (as=0x555555c34980, fr=
> - 0x7fffec002950) at /home/fidencio/src/qemu/memory.c:317
> + 0x7fffec002950) at /home/fidencio/src/qemu/memory.c:317
> #4 0x00005555557e6b49 in address_space_update_topology_pass (as=
> - 0x555555c34980, old_view=..., new_view=..., adding=true)
> - at /home/fidencio/src/qemu/memory.c:763
> + 0x555555c34980, old_view=..., new_view=..., adding=true)
> + at /home/fidencio/src/qemu/memory.c:763
> #5 0x00005555557e6c3f in address_space_update_topology (as=0x555555c34980)
> - at /home/fidencio/src/qemu/memory.c:779
> + at /home/fidencio/src/qemu/memory.c:779
> #6 0x00005555557e6d0c in memory_region_update_topology (mr=0x55555646d2c0)
> - at /home/fidencio/src/qemu/memory.c:798
> + at /home/fidencio/src/qemu/memory.c:798
> #7 0x00005555557e8e16 in memory_region_add_subregion_common (mr=
> - 0x55555646d2c0, offset=792576, subregion=0x5555564a6130)
> - at /home/fidencio/src/qemu/memory.c:1352
> + 0x55555646d2c0, offset=792576, subregion=0x5555564a6130)
> + at /home/fidencio/src/qemu/memory.c:1352
> #8 0x00005555557e8ede in memory_region_add_subregion_overlap (mr=
> - 0x55555646d2c0, offset=792576, subregion=0x5555564a6130, priority=1000)
> - at /home/fidencio/src/qemu/memory.c:1372
> + 0x55555646d2c0, offset=792576, subregion=0x5555564a6130, priority=1000)
> + at /home/fidencio/src/qemu/memory.c:1372
> #9 0x00005555557dfebe in vapic_map_rom_writable (s=0x5555564a3d30)
> - at /home/fidencio/src/qemu/hw/kvmvapic.c:587
> + at /home/fidencio/src/qemu/hw/kvmvapic.c:587
> #10 0x00005555557dff06 in vapic_prepare (s=0x5555564a3d30)
> - at /home/fidencio/src/qemu/hw/kvmvapic.c:593
> - #11 0x00005555557e0001 in vapic_write (opaque=0x5555564a3d30, addr=0, data=32,
> - size=2) at /home/fidencio/src/qemu/hw/kvmvapic.c:632
> - #12 0x00005555557e4b84 in memory_region_write_accessor (opaque=0x5555564a6068,
> - addr=0, value=0x7ffff2dafb00, size=2, shift=0, mask=65535)
> - at /home/fidencio/src/qemu/memory.c:274
> + at /home/fidencio/src/qemu/hw/kvmvapic.c:593
> + #11 0x00005555557e0001 in vapic_write (opaque=0x5555564a3d30, addr=0, data=32,
> + size=2) at /home/fidencio/src/qemu/hw/kvmvapic.c:632
> + #12 0x00005555557e4b84 in memory_region_write_accessor (opaque=0x5555564a6068,
> + addr=0, value=0x7ffff2dafb00, size=2, shift=0, mask=65535)
> + at /home/fidencio/src/qemu/memory.c:274
> #13 0x00005555557e4c66 in access_with_adjusted_size (addr=0, value=
> - 0x7ffff2dafb00, size=2, access_size_min=1, access_size_max=4, access=
> - 0x5555557e4b0c<memory_region_write_accessor>, opaque=0x5555564a6068)
> - at /home/fidencio/src/qemu/memory.c:304
> - #14 0x00005555557e5412 in memory_region_iorange_write (iorange=0x5555564a60b0,
> - offset=0, width=2, data=32) at /home/fidencio/src/qemu/memory.c:440
> + 0x7ffff2dafb00, size=2, access_size_min=1, access_size_max=4, access=
> + 0x5555557e4b0c<memory_region_write_accessor>, opaque=0x5555564a6068)
> + at /home/fidencio/src/qemu/memory.c:304
> + #14 0x00005555557e5412 in memory_region_iorange_write (iorange=0x5555564a60b0,
> + offset=0, width=2, data=32) at /home/fidencio/src/qemu/memory.c:440
> #15 0x00005555557d0ab6 in ioport_writew_thunk (opaque=0x5555564a60b0, addr=
> - 126, data=32) at /home/fidencio/src/qemu/ioport.c:218
> + 126, data=32) at /home/fidencio/src/qemu/ioport.c:218
> #16 0x00005555557d0411 in ioport_write (index=1, address=126, data=32)
> - at /home/fidencio/src/qemu/ioport.c:82
> + at /home/fidencio/src/qemu/ioport.c:82
> #17 0x00005555557d0f3d in cpu_outw (addr=126, val=32)
> - at /home/fidencio/src/qemu/ioport.c:281
> - #18 0x00005555557d537c in kvm_handle_io (port=126, data=0x7ffff7ff4000,
> - direction=1, size=2, count=1) at /home/fidencio/src/qemu/kvm-all.c:1015
> + at /home/fidencio/src/qemu/ioport.c:281
> + #18 0x00005555557d537c in kvm_handle_io (port=126, data=0x7ffff7ff4000,
> + direction=1, size=2, count=1) at /home/fidencio/src/qemu/kvm-all.c:1015
> #19 0x00005555557d594a in kvm_cpu_exec (env=0x555556492f20)
> + at /home/fidencio/src/qemu/kvm-all.c:1160
> + #20 0x00005555557a5d69 in qemu_kvm_cpu_thread_fn (arg=0x555556492f20)
> + at /home/fidencio/src/qemu/cpus.c:733
> + #21 0x00007ffff651dd90 in start_thread (arg=0x7ffff2db0700)
> + at pthread_create.c:309
> + #22 0x00007ffff578148d in clone ()
> + at ../sysdeps/unix/sysv/linux/x86_64/clone.S:115
>
next prev parent reply other threads:[~2012-03-14 19:59 UTC|newest]
Thread overview: 8+ messages / expand[flat|nested] mbox.gz Atom feed top
2012-03-07 4:22 [Qemu-devel] [Bug 948675] [NEW] QEMU is crashing when called with "-vga none" fidencio
2012-03-14 19:40 ` [Qemu-devel] [Bug 948675] " Anthony Liguori
2012-03-14 19:59 ` Anthony Liguori [this message]
2012-03-14 20:25 ` [Qemu-devel] [Bug 948675] [NEW] " Fabiano Fidêncio
2012-03-15 17:01 ` [Qemu-devel] [Bug 948675] " Serge Hallyn
2012-03-15 17:40 ` Anthony Liguori
2012-03-16 2:58 ` Serge Hallyn
2012-09-07 14:27 ` Aurelien Jarno
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=4F60F895.2030903@codemonkey.ws \
--to=anthony@codemonkey.ws \
--cc=avi@redhat.com \
--cc=fabiano@fidencio.org \
--cc=jan.kiszka@siemens.com \
--cc=qemu-devel@nongnu.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.