Re: [Qemu-devel] [Qemu-ppc] [PATCH] ppc/pnv: Generate phandle for the "interrupt-parent" property

[Amol Surati <suratiamol@gmail.com>]

On Wed, Jul 24, 2019 at 06:57:30PM +1000, David Gibson wrote:
> On Wed, Jul 24, 2019 at 09:11:54AM +0200, Cédric Le Goater wrote:
> > On 24/07/2019 05:23, David Gibson wrote:
> > > On Tue, Jul 23, 2019 at 11:01:38AM +0200, Cédric Le Goater wrote:
> > >> Devices such as the BT or serial devices require a valid
> > >> "interrupt-parent" phandle in the device tree and it is currently
> > >> empty (0x0). It was not a problem until now but since OpenFirmare
> > >> started using a recent libdft (>= 1.4.7), petitboot fails to boot the
> > >> system image with error :
> > >>
> > >>    dtc_resize: fdt_open_into returned FDT_ERR_BADMAGIC
> > >>
> > >> Provide a phandle for the LPC bus.
> > >>
> > >> Suggested-by: Greg Kurz <groug@kaod.org>
> > >> Signed-off-by: Cédric Le Goater <clg@kaod.org>
> > > 
> > > I've applied this, since it looks to be correct.
> > > 
> > > But.. can you connect the dots for me in how this being missing
> > > results in a BADMAGIC error??
> > 
> > Some binary called by petitboot segfaults when trying to kexec an image on 
> > a system with a bogus DT (generated by QEMU). I don't know exactly which one 
> > as I only see the error message above and the segv message in dmesg
> 
> Ok, I'm still not seeing how that gets you to a BADMAGIC error.

If I may interject, as this patch is related to the qemu bug:
https://bugs.launchpad.net/qemu/+bug/1826827.

The error is printed by dtc_resize in kexec.c from kexec-lite
(antonblanchard/kexec-lite).

There are two places where dtc_resize is called -
(1) initialize_fdt, when kexec is passed a dtb file.
(2) fdt_from_fs, when kexec must make dtc read /proc/device-tree to form
    a dtb.

If initialize_fdt is called with a file which is an invalid dtb, the
dtc_resize prints the FDT_ERR_BADMAGIC error.

Bug# 1826827 shows that dtc is one application that does
crash, although through the firing of an assertion, in the absence of
the mentioned properties. (fix to avoid the crash already checked into
dtc upstream, commit 8f69567622; to be released with dtc-v1.5.1).

Assuming that the crashing app (it is not known here what it is) is
supposed to create a dtb for kexec, and its crash leaves behind an
incomplete/invalid dtb file, the initialize_fdt might receive an invalid
dtb.


Another possibility for that error exists within the fdt_from_fs function,
but that needs a version of kexec-lite at least 5 years old, which is
unlikely to be used here I guess.



If this patch fixes both the crash and the error "dtc_resize: ....",
it is likely that dtc (or anything else which depends on libfdt) was the
cause of the crash, with dtc/libfdt version being < g8f69567622.


Thanks,
-amol