From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from eggs.gnu.org ([2001:4830:134:3::10]:42626)
	by lists.gnu.org with esmtp (Exim 4.71)
	(envelope-from <lcapitulino@redhat.com>) id 1Ve5s7-0008Ac-Bm
	for qemu-devel@nongnu.org; Wed, 06 Nov 2013 11:22:29 -0500
Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
	(envelope-from <lcapitulino@redhat.com>) id 1Ve5s0-0000Hi-KK
	for qemu-devel@nongnu.org; Wed, 06 Nov 2013 11:22:23 -0500
Received: from mx1.redhat.com ([209.132.183.28]:37118)
	by eggs.gnu.org with esmtp (Exim 4.71)
	(envelope-from <lcapitulino@redhat.com>) id 1Ve5s0-0000HI-D3
	for qemu-devel@nongnu.org; Wed, 06 Nov 2013 11:22:16 -0500
Received: from int-mx02.intmail.prod.int.phx2.redhat.com
	(int-mx02.intmail.prod.int.phx2.redhat.com [10.5.11.12])
	by mx1.redhat.com (8.14.4/8.14.4) with ESMTP id rA6GMF22027544
	(version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=OK)
	for <qemu-devel@nongnu.org>; Wed, 6 Nov 2013 11:22:15 -0500
Date: Wed, 6 Nov 2013 11:22:14 -0500
From: Luiz Capitulino <lcapitulino@redhat.com>
Message-ID: <20131106112214.14a448b6@redhat.com>
Mime-Version: 1.0
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: 7bit
Subject: [Qemu-devel] BUG: QEMU aborts when setting breakpoint in gdb
	(bisected)
List-Id: <qemu-devel.nongnu.org>
List-Unsubscribe: <https://lists.nongnu.org/mailman/options/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=unsubscribe>
List-Archive: <http://lists.nongnu.org/archive/html/qemu-devel>
List-Post: <mailto:qemu-devel@nongnu.org>
List-Help: <mailto:qemu-devel-request@nongnu.org?subject=help>
List-Subscribe: <https://lists.nongnu.org/mailman/listinfo/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=subscribe>
To: marcel.a@redhat.com
Cc: qemu-devel <qemu-devel@nongnu.org>, mst@redhat.com

1. Run qemu with gdb server support

   # qemu [...] -s -S

2. Connect gdb and try to set a breakpoint

   $ gdb /path/to/vmlinux
   (gdb) target remote:1234
   (gdb) b secondary_startup_64

3. On qemu terminal

qemu-qmp: /home/lcapitulino/work/src/upstream/qmp-unstable/include/qemu/int128.h:22: int128_get64: Assertion `!a.hi' failed.
Aborted (core dumped)
   
According to bisect the culprit is:

commit a53ae8e934cd54686875b5bcfc2f434244ee55d6
Author: Marcel Apfelbaum <marcel.a@redhat.com>
Date:   Mon Sep 16 11:21:16 2013 +0300

    hw/pci: partially handle pci master abort

Backtrace:

#0  0x00007fd7882c2a19 in raise () from /lib64/libc.so.6
#1  0x00007fd7882c4128 in abort () from /lib64/libc.so.6
#2  0x00007fd7882bb986 in __assert_fail_base () from /lib64/libc.so.6
#3  0x00007fd7882bba32 in __assert_fail () from /lib64/libc.so.6
#4  0x00007fd78b7402ff in int128_get64 (a=...)
    at /home/lcapitulino/work/src/upstream/qmp-unstable/include/qemu/int128.h:22
#5  address_space_translate_internal (d=<optimized out>, addr=18446744067283878160, 
    xlat=0x7fff7c13f498, plen=0x7fff7c13f530, resolve_subpage=<optimized out>)
    at /home/lcapitulino/work/src/upstream/qmp-unstable/exec.c:263
#6  0x00007fd78b740d6c in address_space_translate (as=<optimized out>, 
    as@entry=0x7fd78c0ad4c0 <address_space_memory>, addr=addr@entry=18446744071578845456, 
    xlat=xlat@entry=0x7fff7c13f540, plen=plen@entry=0x7fff7c13f530, is_write=is_write@entry=false)
    at /home/lcapitulino/work/src/upstream/qmp-unstable/exec.c:277
#7  0x00007fd78b742dc7 in address_space_rw (as=as@entry=0x7fd78c0ad4c0 <address_space_memory>, 
    addr=18446744071578845456, buf=buf@entry=0x7fff7c140620 "", len=len@entry=18, 
    is_write=is_write@entry=false) at /home/lcapitulino/work/src/upstream/qmp-unstable/exec.c:1883
#8  0x00007fd78b744ac1 in cpu_physical_memory_rw (is_write=0, len=18, buf=0x7fff7c140620 "", 
    addr=<optimized out>) at /home/lcapitulino/work/src/upstream/qmp-unstable/exec.c:1978
#9  cpu_memory_rw_debug (cpu=0x7fd78d63e320, addr=18446744071578845456, buf=0x7fff7c140620 "", 
    len=<optimized out>, is_write=0) at /home/lcapitulino/work/src/upstream/qmp-unstable/exec.c:2573
#10 0x00007fd78b75594a in target_memory_rw_debug (is_write=false, len=18, buf=0x7fff7c140620 "", 
    addr=18446744071578845456, cpu=0x7fd78d63e320)
    at /home/lcapitulino/work/src/upstream/qmp-unstable/gdbstub.c:52
#11 gdb_handle_packet (s=s@entry=0x7fd78d6a6350, 
    line_buf=line_buf@entry=0x7fd78d6a636c "mffffffff81000110,12")
    at /home/lcapitulino/work/src/upstream/qmp-unstable/gdbstub.c:928
#12 0x00007fd78b7563f8 in gdb_read_byte (ch=55, s=0x7fd78d6a6350)
    at /home/lcapitulino/work/src/upstream/qmp-unstable/gdbstub.c:1402
#13 gdb_chr_receive (opaque=<optimized out>, buf=<optimized out>, size=<optimized out>)
    at /home/lcapitulino/work/src/upstream/qmp-unstable/gdbstub.c:1618
#14 0x00007fd78b6ef489 in qemu_chr_be_write (len=<optimized out>, 
    buf=0x7fff7c141740 "$mffffffff81000110,12#b7s+;xmlRegisters=i386;qRelocInsn+#b5|\377\177", 
    s=0x7fd78d9202c0) at /home/lcapitulino/work/src/upstream/qmp-unstable/qemu-char.c:165
#15 tcp_chr_read (chan=<optimized out>, cond=<optimized out>, opaque=0x7fd78d9202c0)
    at /home/lcapitulino/work/src/upstream/qmp-unstable/qemu-char.c:2487
#16 0x00007fd78ac02e06 in g_main_context_dispatch () from /lib64/libglib-2.0.so.0
#17 0x00007fd78b6c01e8 in glib_pollfds_poll ()
    at /home/lcapitulino/work/src/upstream/qmp-unstable/main-loop.c:189
#18 os_host_main_loop_wait (timeout=<optimized out>)
    at /home/lcapitulino/work/src/upstream/qmp-unstable/main-loop.c:234
#19 main_loop_wait (nonblocking=<optimized out>)
    at /home/lcapitulino/work/src/upstream/qmp-unstable/main-loop.c:483
#20 0x00007fd78b597418 in main_loop () at /home/lcapitulino/work/src/upstream/qmp-unstable/vl.c:2014
#21 main (argc=<optimized out>, argv=<optimized out>, envp=<optimized out>)
    at /home/lcapitulino/work/src/upstream/qmp-unstable/vl.c:4362