From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from eggs.gnu.org ([208.118.235.92]:59120) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1S7uM6-0006Wv-46 for qemu-devel@nongnu.org; Wed, 14 Mar 2012 15:59:50 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1S7uLz-0007lk-1w for qemu-devel@nongnu.org; Wed, 14 Mar 2012 15:59:29 -0400 Received: from mail-pz0-f47.google.com ([209.85.210.47]:51314) by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1S7uLy-0007lT-Ol for qemu-devel@nongnu.org; Wed, 14 Mar 2012 15:59:22 -0400 Received: by dado14 with SMTP id o14so3635783dad.34 for ; Wed, 14 Mar 2012 12:59:21 -0700 (PDT) Message-ID: <4F60F895.2030903@codemonkey.ws> Date: Wed, 14 Mar 2012 14:59:17 -0500 From: Anthony Liguori MIME-Version: 1.0 References: <20120307042222.22612.76025.malonedeb@gac.canonical.com> <20120307042222.22612.76025.malonedeb@gac.canonical.com> In-Reply-To: <20120307042222.22612.76025.malonedeb@gac.canonical.com> Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 7bit Subject: Re: [Qemu-devel] [Bug 948675] [NEW] QEMU is crashing when called with "-vga none" List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , To: qemu-devel@nongnu.org Cc: Jan Kiszka , fidencio , Avi Kivity On 03/06/2012 10:22 PM, fidencio wrote: > Public bug reported: > > QEMU is crashing when called with "-vga none". This regression was > inserted in e5ad936b0fd7dfd7fd7908be6f9f1ca88f63b96b. > > QEMU line: > /home/fidencio/dev/bin/qemu-system-x86_64 -enable-kvm -m 1024 -kernel /home/fidencio/src/linux-2.6/arch/x86_64/boot/bzImage -append "root=nfs rw nfsrootdebug console=ttyS0 ip=192.168.122.2:192.168.122.1:192.168.122.1:255.255.255.0 nfsroot=192.168.122.1:/home/fidencio/fedora14-minimal" -device e1000,vlan=0 -serial stdio -net tap,script=/home/fidencio/dev/etc/qemu-ifup -vga none I can confirm this was introduced in: commit e5ad936b0fd7dfd7fd7908be6f9f1ca88f63b96b Author: Jan Kiszka Date: Fri Feb 17 18:31:19 2012 +0100 kvmvapic: Introduce TPR access optimization for Windows guests For me, this results in a SEGV until: commit bf75fec175d00885c7ae06e5917bde86110c386a Merge: 9f1d43b 7e68075 Author: Anthony Liguori Date: Fri Mar 9 12:29:55 2012 -0600 Merge remote-tracking branch 'qemu-kvm/uq/master' into staging * qemu-kvm/uq/master: kvm: fill in padding to help valgrind kvm: x86: Add user space part for in-kernel i8254 kvm: Add kvm_has_pit_state2 helper i8254: Open-code timer restore i8254: Factor out base class for KVM reuse Which then turns it into: /home/anthony/build/qemu/x86_64-softmmu/qemu-system-x86_64 -kernel bin/vmlinuz-3.0 -initrd .tmp-20604/initramfs-20604.img.gz -append console=ttyS0 seed=8631 -drive file=.tmp-20604/disk-20604.img,if=none,snapshot=on,id=hd0 -device virtio-balloon-pci,addr=03.0 -device virtio-blk-pci,addr=04.0,drive=hd0 -nographic -nodefconfig -m 1G -no-reboot -no-hpet -device virtio-serial -chardev socket,path=.tmp-20604/channel-20604.sock,id=channel0,server,nowait -device virtserialport,chardev=channel0,name=org.libguestfs.channel.0 -nodefaults -serial stdio -enable-kvm -pidfile .tmp-20604/pidfile-20604.pid -qmp unix:.tmp-20604/qmpsock-20604.sock,server,nowait KVM internal error. Suberror: 1 emulation failure EAX=0000aa55 EBX=00000000 ECX=00000000 EDX=00000000 ESI=00000000 EDI=00000000 EBP=00000000 ESP=00006f78 EIP=0000003c EFL=00010202 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 00000000 0000ffff 00009300 CS =c300 000c3000 0000ffff 00009b00 SS =0000 00000000 0000ffff 00009300 DS =0000 00000000 0000ffff 00009300 FS =0000 00000000 0000ffff 00009300 GS =0000 00000000 0000ffff 00009300 LDT=0000 00000000 0000ffff 00008200 TR =0000 00000000 0000ffff 00008b00 GDT= 000fcd78 00000037 IDT= 00000000 000003ff CR0=00000010 CR2=00000000 CR3=00000000 CR4=00000000 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000000 Code=00 00 7c 02 81 02 00 00 00 00 00 00 00 00 3c 00 00 00 00 00 <8c> c8 8e d8 fa fc e9 91 00 b8 16 00 ba 10 05 ef ba 11 05 ec 66 c1 e0 08 ec 66 c1 e0 08 ec A simple test case to reproduce: x86_64-softmmu/qemu-system-x86_64 -nographic -nodefconfig -enable-kvm -nodefaults -kernel /boot/vmlinuz-2.6.32-29-generic I've tried multiple guest kernel versions and they all reproduce (not surprising since EIP is still in SeaBIOS here). This also happens with the very latest SeaBIOS release. Regards, Anthony Liguori > > Backtrace: > #0 0x00005555557ac976 in is_romd (pd=2048) > at /home/fidencio/src/qemu/exec.c:2110 > #1 0x00005555557ac9e3 in is_ram_rom_romd (pd=804864) > at /home/fidencio/src/qemu/exec.c:2115 > #2 0x00005555557ad05a in cpu_register_physical_memory_log (section= > 0x7ffff2daf6f0, readable=true, readonly=false) > at /home/fidencio/src/qemu/exec.c:2587 > #3 0x00005555557e4d47 in as_memory_range_add (as=0x555555c34980, fr= > 0x7fffec002950) at /home/fidencio/src/qemu/memory.c:317 > #4 0x00005555557e6b49 in address_space_update_topology_pass (as= > 0x555555c34980, old_view=..., new_view=..., adding=true) > at /home/fidencio/src/qemu/memory.c:763 > #5 0x00005555557e6c3f in address_space_update_topology (as=0x555555c34980) > at /home/fidencio/src/qemu/memory.c:779 > #6 0x00005555557e6d0c in memory_region_update_topology (mr=0x55555646d2c0) > at /home/fidencio/src/qemu/memory.c:798 > #7 0x00005555557e8e16 in memory_region_add_subregion_common (mr= > 0x55555646d2c0, offset=792576, subregion=0x5555564a6130) > at /home/fidencio/src/qemu/memory.c:1352 > #8 0x00005555557e8ede in memory_region_add_subregion_overlap (mr= > 0x55555646d2c0, offset=792576, subregion=0x5555564a6130, priority=1000) > at /home/fidencio/src/qemu/memory.c:1372 > #9 0x00005555557dfebe in vapic_map_rom_writable (s=0x5555564a3d30) > at /home/fidencio/src/qemu/hw/kvmvapic.c:587 > #10 0x00005555557dff06 in vapic_prepare (s=0x5555564a3d30) > at /home/fidencio/src/qemu/hw/kvmvapic.c:593 > #11 0x00005555557e0001 in vapic_write (opaque=0x5555564a3d30, addr=0, data=32, > size=2) at /home/fidencio/src/qemu/hw/kvmvapic.c:632 > #12 0x00005555557e4b84 in memory_region_write_accessor (opaque=0x5555564a6068, > addr=0, value=0x7ffff2dafb00, size=2, shift=0, mask=65535) > at /home/fidencio/src/qemu/memory.c:274 > #13 0x00005555557e4c66 in access_with_adjusted_size (addr=0, value= > 0x7ffff2dafb00, size=2, access_size_min=1, access_size_max=4, access= > 0x5555557e4b0c, opaque=0x5555564a6068) > at /home/fidencio/src/qemu/memory.c:304 > #14 0x00005555557e5412 in memory_region_iorange_write (iorange=0x5555564a60b0, > offset=0, width=2, data=32) at /home/fidencio/src/qemu/memory.c:440 > #15 0x00005555557d0ab6 in ioport_writew_thunk (opaque=0x5555564a60b0, addr= > 126, data=32) at /home/fidencio/src/qemu/ioport.c:218 > #16 0x00005555557d0411 in ioport_write (index=1, address=126, data=32) > at /home/fidencio/src/qemu/ioport.c:82 > #17 0x00005555557d0f3d in cpu_outw (addr=126, val=32) > at /home/fidencio/src/qemu/ioport.c:281 > #18 0x00005555557d537c in kvm_handle_io (port=126, data=0x7ffff7ff4000, > direction=1, size=2, count=1) at /home/fidencio/src/qemu/kvm-all.c:1015 > #19 0x00005555557d594a in kvm_cpu_exec (env=0x555556492f20) > at /home/fidencio/src/qemu/kvm-all.c:1160 > #20 0x00005555557a5d69 in qemu_kvm_cpu_thread_fn (arg=0x555556492f20) > at /home/fidencio/src/qemu/cpus.c:733 > #21 0x00007ffff651dd90 in start_thread (arg=0x7ffff2db0700) > at pthread_create.c:309 > #22 0x00007ffff578148d in clone () > at ../sysdeps/unix/sysv/linux/x86_64/clone.S:115 > > ** Affects: qemu > Importance: Undecided > Status: New > > ** Description changed: > > QEMU is crashing when called with "-vga none". This regression was > inserted in e5ad936b0fd7dfd7fd7908be6f9f1ca88f63b96b. > > QEMU line: > /home/fidencio/dev/bin/qemu-system-x86_64 -enable-kvm -m 1024 -kernel /home/fidencio/src/linux-2.6/arch/x86_64/boot/bzImage -append "root=nfs rw nfsrootdebug console=ttyS0 ip=192.168.122.2:192.168.122.1:192.168.122.1:255.255.255.0 nfsroot=192.168.122.1:/home/fidencio/fedora14-minimal" -device e1000,vlan=0 -serial stdio -net tap,script=/home/fidencio/dev/etc/qemu-ifup -vga none > > Backtrace: > #0 0x00005555557ac976 in is_romd (pd=2048) > - at /home/fidencio/src/qemu/exec.c:2110 > + at /home/fidencio/src/qemu/exec.c:2110 > #1 0x00005555557ac9e3 in is_ram_rom_romd (pd=804864) > - at /home/fidencio/src/qemu/exec.c:2115 > + at /home/fidencio/src/qemu/exec.c:2115 > #2 0x00005555557ad05a in cpu_register_physical_memory_log (section= > - 0x7ffff2daf6f0, readable=true, readonly=false) > - at /home/fidencio/src/qemu/exec.c:2587 > + 0x7ffff2daf6f0, readable=true, readonly=false) > + at /home/fidencio/src/qemu/exec.c:2587 > #3 0x00005555557e4d47 in as_memory_range_add (as=0x555555c34980, fr= > - 0x7fffec002950) at /home/fidencio/src/qemu/memory.c:317 > + 0x7fffec002950) at /home/fidencio/src/qemu/memory.c:317 > #4 0x00005555557e6b49 in address_space_update_topology_pass (as= > - 0x555555c34980, old_view=..., new_view=..., adding=true) > - at /home/fidencio/src/qemu/memory.c:763 > + 0x555555c34980, old_view=..., new_view=..., adding=true) > + at /home/fidencio/src/qemu/memory.c:763 > #5 0x00005555557e6c3f in address_space_update_topology (as=0x555555c34980) > - at /home/fidencio/src/qemu/memory.c:779 > + at /home/fidencio/src/qemu/memory.c:779 > #6 0x00005555557e6d0c in memory_region_update_topology (mr=0x55555646d2c0) > - at /home/fidencio/src/qemu/memory.c:798 > + at /home/fidencio/src/qemu/memory.c:798 > #7 0x00005555557e8e16 in memory_region_add_subregion_common (mr= > - 0x55555646d2c0, offset=792576, subregion=0x5555564a6130) > - at /home/fidencio/src/qemu/memory.c:1352 > + 0x55555646d2c0, offset=792576, subregion=0x5555564a6130) > + at /home/fidencio/src/qemu/memory.c:1352 > #8 0x00005555557e8ede in memory_region_add_subregion_overlap (mr= > - 0x55555646d2c0, offset=792576, subregion=0x5555564a6130, priority=1000) > - at /home/fidencio/src/qemu/memory.c:1372 > + 0x55555646d2c0, offset=792576, subregion=0x5555564a6130, priority=1000) > + at /home/fidencio/src/qemu/memory.c:1372 > #9 0x00005555557dfebe in vapic_map_rom_writable (s=0x5555564a3d30) > - at /home/fidencio/src/qemu/hw/kvmvapic.c:587 > + at /home/fidencio/src/qemu/hw/kvmvapic.c:587 > #10 0x00005555557dff06 in vapic_prepare (s=0x5555564a3d30) > - at /home/fidencio/src/qemu/hw/kvmvapic.c:593 > - #11 0x00005555557e0001 in vapic_write (opaque=0x5555564a3d30, addr=0, data=32, > - size=2) at /home/fidencio/src/qemu/hw/kvmvapic.c:632 > - #12 0x00005555557e4b84 in memory_region_write_accessor (opaque=0x5555564a6068, > - addr=0, value=0x7ffff2dafb00, size=2, shift=0, mask=65535) > - at /home/fidencio/src/qemu/memory.c:274 > + at /home/fidencio/src/qemu/hw/kvmvapic.c:593 > + #11 0x00005555557e0001 in vapic_write (opaque=0x5555564a3d30, addr=0, data=32, > + size=2) at /home/fidencio/src/qemu/hw/kvmvapic.c:632 > + #12 0x00005555557e4b84 in memory_region_write_accessor (opaque=0x5555564a6068, > + addr=0, value=0x7ffff2dafb00, size=2, shift=0, mask=65535) > + at /home/fidencio/src/qemu/memory.c:274 > #13 0x00005555557e4c66 in access_with_adjusted_size (addr=0, value= > - 0x7ffff2dafb00, size=2, access_size_min=1, access_size_max=4, access= > - 0x5555557e4b0c, opaque=0x5555564a6068) > - at /home/fidencio/src/qemu/memory.c:304 > - #14 0x00005555557e5412 in memory_region_iorange_write (iorange=0x5555564a60b0, > - offset=0, width=2, data=32) at /home/fidencio/src/qemu/memory.c:440 > + 0x7ffff2dafb00, size=2, access_size_min=1, access_size_max=4, access= > + 0x5555557e4b0c, opaque=0x5555564a6068) > + at /home/fidencio/src/qemu/memory.c:304 > + #14 0x00005555557e5412 in memory_region_iorange_write (iorange=0x5555564a60b0, > + offset=0, width=2, data=32) at /home/fidencio/src/qemu/memory.c:440 > #15 0x00005555557d0ab6 in ioport_writew_thunk (opaque=0x5555564a60b0, addr= > - 126, data=32) at /home/fidencio/src/qemu/ioport.c:218 > + 126, data=32) at /home/fidencio/src/qemu/ioport.c:218 > #16 0x00005555557d0411 in ioport_write (index=1, address=126, data=32) > - at /home/fidencio/src/qemu/ioport.c:82 > + at /home/fidencio/src/qemu/ioport.c:82 > #17 0x00005555557d0f3d in cpu_outw (addr=126, val=32) > - at /home/fidencio/src/qemu/ioport.c:281 > - #18 0x00005555557d537c in kvm_handle_io (port=126, data=0x7ffff7ff4000, > - direction=1, size=2, count=1) at /home/fidencio/src/qemu/kvm-all.c:1015 > + at /home/fidencio/src/qemu/ioport.c:281 > + #18 0x00005555557d537c in kvm_handle_io (port=126, data=0x7ffff7ff4000, > + direction=1, size=2, count=1) at /home/fidencio/src/qemu/kvm-all.c:1015 > #19 0x00005555557d594a in kvm_cpu_exec (env=0x555556492f20) > + at /home/fidencio/src/qemu/kvm-all.c:1160 > + #20 0x00005555557a5d69 in qemu_kvm_cpu_thread_fn (arg=0x555556492f20) > + at /home/fidencio/src/qemu/cpus.c:733 > + #21 0x00007ffff651dd90 in start_thread (arg=0x7ffff2db0700) > + at pthread_create.c:309 > + #22 0x00007ffff578148d in clone () > + at ../sysdeps/unix/sysv/linux/x86_64/clone.S:115 >