[Qemu-devel] segmentation fault in ARM TCG

qemu-devel.nongnu.org archive mirror
 help / color / mirror / Atom feed

* [Qemu-devel] segmentation fault in ARM TCG
@ 2013-11-03 15:22 Xin Tong
  2013-11-03 23:18 ` Richard Henderson
  0 siblings, 1 reply; 3+ messages in thread
From: Xin Tong @ 2013-11-03 15:22 UTC (permalink / raw)
  To: qemu-devel

[-- Attachment #1: Type: text/plain, Size: 1460 bytes --]

I am running QEMU user mode, but i hit a SIGSEV. It seems that tcg_malloc
returns invalid address.

The stack trace looks like this. and the s->nb_temps looks ok as well. I
also turned on DEBUG_TCGV and all the TCGV_X uses are good.

(gdb) bt
#0  0x00007ffff5db0866 in ?? () from /lib/x86_64-linux-gnu/libc.so.6
#1  0x00000000606eb52a in tcg_liveness_analysis (s=0x62a2a260 <tcg_ctx>) at
/home/xtong/esesc/emul/qemu/tcg/tcg.c:1235
#2  0x00000000606ede04 in tcg_gen_code_common (s=0x62a2a260 <tcg_ctx>,
gen_code_buf=0x60be3c30 <static_code_gen_buffer+2146752> "", search_pc=-1)
    at /home/xtong/esesc/emul/qemu/tcg/tcg.c:2067
#3  0x00000000606ee1ce in tcg_gen_code (s=0x62a2a260 <tcg_ctx>,
gen_code_buf=0x60be3c30 <static_code_gen_buffer+2146752> "")
    at /home/xtong/esesc/emul/qemu/tcg/tcg.c:2188

#1  0x00000000606eb52a in tcg_liveness_analysis (s=0x62a2a260 <tcg_ctx>) at
/home/xtong/esesc/emul/qemu/tcg/tcg.c:1235
1235        memset(dead_temps, 1, s->nb_temps);
(gdb) list
1230        nb_ops = gen_opc_ptr - gen_opc_buf;
1231
1232        s->op_dead_args = tcg_malloc(nb_ops * sizeof(uint16_t));
1233
1234        dead_temps = tcg_malloc(s->nb_temps);
1235        memset(dead_temps, 1, s->nb_temps);
1236
1237        args = gen_opparam_ptr;
1238        op_index = nb_ops - 1;
1239        while (op_index >= 0) {
(gdb) p s->nb_temps
$4 = 41
(gdb) p dead_temps
$5 = (uint8_t *) 0xc004900220524 <Address 0xc004900220524 out of bounds>
(gdb)

Thank you,
Xin

[-- Attachment #2: Type: text/html, Size: 3850 bytes --]

^ permalink raw reply	[flat|nested] 3+ messages in thread

* Re: [Qemu-devel] segmentation fault in ARM TCG
  2013-11-03 15:22 [Qemu-devel] segmentation fault in ARM TCG Xin Tong
@ 2013-11-03 23:18 ` Richard Henderson
  2013-11-12  5:47   ` Xin Tong
  0 siblings, 1 reply; 3+ messages in thread
From: Richard Henderson @ 2013-11-03 23:18 UTC (permalink / raw)
  To: Xin Tong, qemu-devel

On 11/03/2013 05:22 AM, Xin Tong wrote:
> I am running QEMU user mode, but i hit a SIGSEV. It seems that tcg_malloc
> returns invalid address. 

This looks like arena corruption.  Try running under valgrind.


r~

^ permalink raw reply	[flat|nested] 3+ messages in thread

* Re: [Qemu-devel] segmentation fault in ARM TCG
  2013-11-03 23:18 ` Richard Henderson
@ 2013-11-12  5:47   ` Xin Tong
  0 siblings, 0 replies; 3+ messages in thread
From: Xin Tong @ 2013-11-12  5:47 UTC (permalink / raw)
  To: Richard Henderson; +Cc: qemu-devel

[-- Attachment #1: Type: text/plain, Size: 447 bytes --]

you are right richard. it turns out i am generating too many tcg opcode in
the frontend, such that OPC_BUF_SIZE is too small.

Thank you

Xin


On Mon, Nov 4, 2013 at 8:18 AM, Richard Henderson <rth@twiddle.net> wrote:

> On 11/03/2013 05:22 AM, Xin Tong wrote:
> > I am running QEMU user mode, but i hit a SIGSEV. It seems that tcg_malloc
> > returns invalid address.
>
> This looks like arena corruption.  Try running under valgrind.
>
>
> r~
>

[-- Attachment #2: Type: text/html, Size: 1287 bytes --]

^ permalink raw reply	[flat|nested] 3+ messages in thread

end of thread, other threads:[~2013-11-12  5:47 UTC | newest]

Thread overview: 3+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2013-11-03 15:22 [Qemu-devel] segmentation fault in ARM TCG Xin Tong
2013-11-03 23:18 ` Richard Henderson
2013-11-12  5:47   ` Xin Tong

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).