From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from [140.186.70.92] (port=44143 helo=eggs.gnu.org) by lists.gnu.org with esmtp (Exim 4.43) id 1OKTz2-0001U4-0Y for qemu-devel@nongnu.org; Fri, 04 Jun 2010 06:18:37 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.69) (envelope-from ) id 1OKTyz-0007L1-Nq for qemu-devel@nongnu.org; Fri, 04 Jun 2010 06:18:35 -0400 Received: from mail-ww0-f45.google.com ([74.125.82.45]:48475) by eggs.gnu.org with esmtp (Exim 4.69) (envelope-from ) id 1OKTyz-0007Ko-FN for qemu-devel@nongnu.org; Fri, 04 Jun 2010 06:18:33 -0400 Received: by wwb13 with SMTP id 13so797763wwb.4 for ; Fri, 04 Jun 2010 03:18:32 -0700 (PDT) Sender: Paolo Bonzini Message-ID: <4C08D2F3.6060007@redhat.com> Date: Fri, 04 Jun 2010 12:18:27 +0200 From: Paolo Bonzini MIME-Version: 1.0 References: <20100601200434.5908.19495.stgit@skyserv> <20100601201232.5908.51923.stgit@skyserv> <4C07ABBA.7060909@redhat.com> <2FD51753-A06F-46B2-B813-07C3A6D0D4EA@suse.de> <4C07CD53.3020403@redhat.com> <4C08B109.7090308@redhat.com> In-Reply-To: <4C08B109.7090308@redhat.com> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Subject: [Qemu-devel] Re: [PATCH 3/8] sparc64: fix 32bit load sign extension List-Id: qemu-devel.nongnu.org List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Blue Swirl , Alexander Graf , "qemu-devel@nongnu.org" On 06/04/2010 09:53 AM, Paolo Bonzini wrote: > On 06/03/2010 09:59 PM, Igor Kovalenko wrote: >> On Thu, Jun 3, 2010 at 7:42 PM, Paolo Bonzini wrote: >>> On 06/03/2010 05:25 PM, Alexander Graf wrote: >>>> >>>> Am 03.06.2010 um 15:18 schrieb Paolo Bonzini: >>>> >>>>> On 06/01/2010 10:12 PM, Igor V. Kovalenko wrote: >>>>>> >>>>>> From: Igor V. Kovalenko >>>>>> >>>>>> - change return type of ldl_* to uint32_t to prevent unwanted sign >>>>>> extension >>>>>> visible in sparc64 load alternate address space methods >>>>>> - note this change makes ldl_* softmmu implementations match ldl_phys >>>>>> one >>>>> >>>>> This patch breaks -kernel/-initrd. >>>> >>>> Breaks it where and when? >>> >>> x86_64 TCG reboots after the "Probing EDD" step. >> >> My local build appears to work, qemu-system-x86_64 loads my gentoo >> linux setup. >> I use x86_64 host, gcc 4.4.3, qemu configured with ./configure >> --prefix=/inst --target-list=sparc64-softmmu,x86_64-softmmu > > Normal boot works. Only -kernel/-initrd fails. Hmm, PEBKAC. Boot of Fedora and RHEL5 guests always fails, so it's not related to -kernel/-initrd. (Of course, without -kernel/-initrd it reboots into GRUB rather than looping quickly). I've placed a failing vmlinuz at http://people.redhat.com/people/vmlinuz-fail -- if it fails it should reboot continuously. The failure happens pretty soon after the kernel starts running. The sequence is: lock_kernel -> __lock_kernel -> preempt_disable -> current_thread_info() IN: 0xffffffff80063064: push %rbp 0xffffffff80063065: mov %rsp,%rbp 0xffffffff80063068: mov %gs:0x10,%rax 0xffffffff80063071: mov -0x1fc8(%rax),%eax 0xffffffff80063077: test $0x8,%al 0xffffffff80063079: je 0xffffffff800630a2 %rax is 0xffffffff803f1fd8, but it page faults with %cr2=0x00000000803f0010. The reason is that in the generated x86 assembly -0x1fc8 is erroneously zero extended: 0x4180347b: mov %rbp,%rbx 0x4180347e: mov $0xffffe038,%r12d 0x41803484: add %r12,%rbx so it gives the wrong address: (gdb) info reg rbp rbp 0xffffffff803f1fd8 0xffffffff803f1fd8 (gdb) info reg r12 r12 0xffffe038 4294959160 (gdb) info reg rbx rbx 0x803f0010 2151612432 From there it's obvious: general protection, double fault, general protection, triple fault. So it's a TCG bug that is expecting ldl_* to sign extend. I'll send a patch after I come back from lunch. Paolo