* [Qemu-devel] More MIPS panics
@ 2007-09-13 21:31 Daniel Jacobowitz
0 siblings, 0 replies; only message in thread
From: Daniel Jacobowitz @ 2007-09-13 21:31 UTC (permalink / raw)
To: qemu-devel
When fixing the breakpoint failure Jason's reproducible testcase was
very helpful, so I'll return the favor in case someone else wants to
fix this one...
Running huge.exp from the gdb testsuite over gdbserver, with the
gdbserver inside a mips or mipsel qemu, reliably crashes the kernel.
It will end up taking a recursive fault, and when it runs out of stack
it'll start overwriting other helpful things like the page tables.
All you need is a file with a single huge static array full of zero
bytes. 0x800000 bytes works nicely. If you tell gdb to print it
while running a native MIPS gdb, it reads the contents from
/proc/PID/mem using pread in a single huge lump; this works fine. If
you tell gdb to print it while connected to gdbserver, gdbserver will
use ptrace to read it one word at a time. This does not work fine.
At some random point in the array the kernel will go belly-up.
Therefore I assume this is something to do with frequently mapping and
unmapping pages in the kmap area.
So far I have not had any luck figuring out what's going on. It seems
like a zero word appears in the wrong place, though, so my suspect is
the mapping and unmapping in copy_to_user_page...
--
Daniel Jacobowitz
CodeSourcery
^ permalink raw reply [flat|nested] only message in thread
only message in thread, other threads:[~2007-09-13 21:31 UTC | newest]
Thread overview: (only message) (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2007-09-13 21:31 [Qemu-devel] More MIPS panics Daniel Jacobowitz
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).