Re: [Qemu-devel] qemu-system-ppc TCG assert with git master

qemu-devel.nongnu.org archive mirror
 help / color / mirror / Atom feed

From: Mark Cave-Ayland <mark.cave-ayland@ilande.co.uk>
To: qemu-devel <qemu-devel@nongnu.org>,
	"qemu-ppc@nongnu.org" <qemu-ppc@nongnu.org>
Cc: Richard Henderson <rth@twiddle.net>
Subject: Re: [Qemu-devel] qemu-system-ppc TCG assert with git master
Date: Thu, 12 Mar 2015 10:30:25 +0000	[thread overview]
Message-ID: <55016AC1.2080307@ilande.co.uk> (raw)
In-Reply-To: <55015153.7010509@ilande.co.uk>

On 12/03/15 08:41, Mark Cave-Ayland wrote:

> Hi all,
> 
> Whilst testing git master in preparation for some OpenBIOS updates, I'm
> seeing the following TCG assert in one of my older test images:
> 
> 
> $ gdb --args ./qemu-system-ppc -cdrom
> /home/build/src/qemu/image/ppc/ubuntu-5.10-live-powerpc.iso -boot d -g
> 800x600x8
> GNU gdb (GDB) 7.4.1-debian
> Copyright (C) 2012 Free Software Foundation, Inc.
> License GPLv3+: GNU GPL version 3 or later
> <http://gnu.org/licenses/gpl.html>
> This is free software: you are free to change and redistribute it.
> There is NO WARRANTY, to the extent permitted by law.  Type "show copying"
> and "show warranty" for details.
> This GDB was configured as "x86_64-linux-gnu".
> For bug reporting instructions, please see:
> <http://www.gnu.org/software/gdb/bugs/>...
> Reading symbols from /home/build/rel-qemu-git/bin/qemu-system-ppc...done.
> (gdb) r
> Starting program: /home/build/rel-qemu-git/bin/qemu-system-ppc -cdrom
> /home/build/src/qemu/image/ppc/ubuntu-5.10-live-powerpc.iso -boot d -g
> 800x600x8
> [Thread debugging using libthread_db enabled]
> Using host libthread_db library "/lib/x86_64-linux-gnu/libthread_db.so.1".
> [New Thread 0x7fffe9ef3700 (LWP 11437)]
> [New Thread 0x7fffe5bf1700 (LWP 11438)]
> [New Thread 0x7fffe53f0700 (LWP 11439)]
> [Thread 0x7fffe5bf1700 (LWP 11438) exited]
> [New Thread 0x7fffe5bf1700 (LWP 11443)]
> [Thread 0x7fffe5bf1700 (LWP 11443) exited]
> qemu-system-ppc: /home/build/src/qemu/git/qemu/tcg/optimize.c:212:
> tcg_opt_gen_mov: Assertion `temps[src].state != TCG_TEMP_CONST' failed.
> 
> Program received signal SIGABRT, Aborted.
> [Switching to Thread 0x7fffe53f0700 (LWP 11439)]
> 0x00007ffff22ec165 in *__GI_raise (sig=<optimized out>) at
> ../nptl/sysdeps/unix/sysv/linux/raise.c:64
> 64      ../nptl/sysdeps/unix/sysv/linux/raise.c: No such file or directory.
> (gdb) bt
> #0  0x00007ffff22ec165 in *__GI_raise (sig=<optimized out>) at
> ../nptl/sysdeps/unix/sysv/linux/raise.c:64
> #1  0x00007ffff22ef3e0 in *__GI_abort () at abort.c:92
> #2  0x00007ffff22e5311 in *__GI___assert_fail (assertion=0x555555a819e0
> "temps[src].state != TCG_TEMP_CONST", file=<optimized out>, line=212,
> function=0x555555a82460 "tcg_opt_gen_mov") at assert.c:81
> #3  0x0000555555632701 in tcg_opt_gen_mov (s=0x555555f3bc80,
> op=0x555555f82f00, args=0x555555f84350, old_op=INDEX_op_or_i32, dst=9,
> src=189) at /home/build/src/qemu/git/qemu/tcg/optimize.c:212
> #4  0x0000555555634e5c in tcg_constant_folding (s=0x555555f3bc80) at
> /home/build/src/qemu/git/qemu/tcg/optimize.c:984
> #5  0x0000555555636295 in tcg_optimize (s=0x555555f3bc80) at
> /home/build/src/qemu/git/qemu/tcg/optimize.c:1356
> #6  0x000055555562c30c in tcg_gen_code_common (s=0x555555f3bc80,
> gen_code_buf=0x7fffe8840770 "", search_pc=-1) at
> /home/build/src/qemu/git/qemu/tcg/tcg.c:2277
> #7  0x000055555562c67a in tcg_gen_code (s=0x555555f3bc80,
> gen_code_buf=0x7fffe8840770 "") at
> /home/build/src/qemu/git/qemu/tcg/tcg.c:2385
> #8  0x000055555561e068 in cpu_ppc_gen_code (env=0x7ffff7fdf260,
> tb=0x7fffe65ead30, gen_code_size_ptr=0x7fffe53ef890) at
> /home/build/src/qemu/git/qemu/translate-all.c:182
> #9  0x000055555561f49c in tb_gen_code (cpu=0x7ffff7fd7010,
> pc=3373291568, cs_base=0, flags=0, cflags=0) at
> /home/build/src/qemu/git/qemu/translate-all.c:1064
> #10 0x0000555555621403 in tb_find_slow (env=0x7ffff7fdf260,
> pc=3373291568, cs_base=0, flags=0) at
> /home/build/src/qemu/git/qemu/cpu-exec.c:299
> #11 0x000055555562158c in tb_find_fast (env=0x7ffff7fdf260) at
> /home/build/src/qemu/git/qemu/cpu-exec.c:327
> #12 0x00005555556219dd in cpu_ppc_exec (env=0x7ffff7fdf260) at
> /home/build/src/qemu/git/qemu/cpu-exec.c:485
> #13 0x00005555556684e9 in tcg_cpu_exec (env=0x7ffff7fdf260) at
> /home/build/src/qemu/git/qemu/cpus.c:1354
> #14 0x0000555555668600 in tcg_exec_all () at
> /home/build/src/qemu/git/qemu/cpus.c:1387
> #15 0x0000555555667929 in qemu_tcg_cpu_thread_fn (arg=0x7ffff7fd7010) at
> /home/build/src/qemu/git/qemu/cpus.c:1032
> #16 0x00007ffff264bb50 in start_thread (arg=<optimized out>) at
> pthread_create.c:304
> #17 0x00007ffff239595d in clone () at
> ../sysdeps/unix/sysv/linux/x86_64/clone.S:112
> #18 0x0000000000000000 in ?? ()
> (gdb)
> 
> 
> Any ideas? I can easily reproduce here if any further information is
> required.

A quick bisection with git points to the following commit:


$ git bisect bad
951c6300f74ace35d87c079affc57cfc513a6a35 is the first bad commit
commit 951c6300f74ace35d87c079affc57cfc513a6a35
Author: Richard Henderson <rth@twiddle.net>
Date:   Fri Sep 19 11:39:20 2014 -0700

    tcg: Move some opcode generation functions out of line

    Some of these functions are really quite large.  We have a number of
    things that ought to be circularly dependent, but we duplicated code
    to break that chain for the inlines.

    This saved 25% of the code size of one of the translators I examined.

    Reviewed-by: Bastian Koppelmann <kbastian@mail.uni-paderborn.de>
    Signed-off-by: Richard Henderson <rth@twiddle.net>


ATB,

Mark.

next prev parent reply	other threads:[~2015-03-12 10:30 UTC|newest]

Thread overview: 9+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2015-03-12  8:41 [Qemu-devel] qemu-system-ppc TCG assert with git master Mark Cave-Ayland
2015-03-12 10:30 ` Mark Cave-Ayland [this message]
2015-03-12 14:55 ` Bastian Koppelmann
2015-03-12 23:34   ` Mark Cave-Ayland
2015-03-12 15:41 ` Richard Henderson
2015-03-12 16:51   ` Bastian Koppelmann
2015-03-12 23:38     ` Mark Cave-Ayland
2015-03-13 19:27       ` Richard Henderson
  -- strict thread matches above, loose matches on Subject: below --
2015-03-12 23:49 Richard Henderson

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=55016AC1.2080307@ilande.co.uk \
    --to=mark.cave-ayland@ilande.co.uk \
    --cc=qemu-devel@nongnu.org \
    --cc=qemu-ppc@nongnu.org \
    --cc=rth@twiddle.net \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).