From: Peter Maydell <peter.maydell@linaro.org>
To: Richard Henderson <richard.henderson@linaro.org>
Cc: Bernhard Beschow <shentey@gmail.com>, qemu-devel@nongnu.org
Subject: Re: [PULL 17/20] target/arm: Do memory type alignment check when translation disabled
Date: Mon, 27 May 2024 11:58:54 +0100 [thread overview]
Message-ID: <CAFEAcA-BD1TmaBB_5ephnRoNsOCWsS4w3C_oj0P_182+fOLPUQ@mail.gmail.com> (raw)
In-Reply-To: <f6976b40-e3d5-4157-8597-ce7db6ceb068@linaro.org>
On Mon, 27 May 2024 at 03:36, Richard Henderson
<richard.henderson@linaro.org> wrote:
>
> On 5/25/24 13:50, Bernhard Beschow wrote:
> >
> >
> > Am 25. Mai 2024 13:41:54 UTC schrieb Bernhard Beschow <shentey@gmail.com>:
> >>
> >>
> >> Am 5. März 2024 13:52:34 UTC schrieb Peter Maydell <peter.maydell@linaro.org>:
> >>> From: Richard Henderson <richard.henderson@linaro.org>
> >>>
> >>> If translation is disabled, the default memory type is Device, which
> >>> requires alignment checking. This is more optimally done early via
> >>> the MemOp given to the TCG memory operation.
> >>>
> >>> Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
> >>> Reported-by: Idan Horowitz <idan.horowitz@gmail.com>
> >>> Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
> >>> Message-id: 20240301204110.656742-6-richard.henderson@linaro.org
> >>> Resolves: https://gitlab.com/qemu-project/qemu/-/issues/1204
> >>> Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
> >>> Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
> >>
> >> Hi,
> >>
> >> This change causes an old 4.14.40 Linux kernel to panic on boot using the sabrelite machine:
> >>
> >> [snip]
> >> Alignment trap: init (1) PC=0x76f1e3d4 Instr=0x14913004 Address=0x76f34f3e FSR 0x001
> >> Alignment trap: init (1) PC=0x76f1e3d8 Instr=0x148c3004 Address=0x7e8492bd FSR 0x801
> >> Alignment trap: init (1) PC=0x76f0dab0 Instr=0x6823 Address=0x7e849fbb FSR 0x001
> >> Alignment trap: init (1) PC=0x76f0dab2 Instr=0x6864 Address=0x7e849fbf FSR 0x001
> >> scsi 0:0:0:0: Direct-Access QEMU QEMU HARDDISK 2.5+ PQ: 0 ANSI: 5
> >> fsl-asoc-card sound: ASoC: CODEC DAI sgtl5000 not registered
> >> imx-sgtl5000 sound: ASoC: CODEC DAI sgtl5000 not registered
> >> imx-sgtl5000 sound: snd_soc_register_card failed (-517)
> >> Alignment trap: init (1) PC=0x76eac95a Instr=0xf8dd5015 Address=0x7e849b05 FSR 0x001
> >> Alignment trap: not handling instruction f8dd5015 at [<76eac95a>]
> >> Unhandled fault: alignment exception (0x001) at 0x7e849b05
> >> pgd = 9c59c000
> >> [7e849b05] *pgd=2c552831, *pte=109eb34f, *ppte=109eb83f
> >> Kernel panic - not syncing: Attempted to kill init! exitcode=0x00000007
> >>
> >> ---[ end Kernel panic - not syncing: Attempted to kill init! exitcode=0x00000007
> >>
> >> As you can see, some alignment exceptions are handled by the kernel, the last one isn't. I added some additional printk()'s and traced it down to this location in the kernel: <https://github.com/torvalds/linux/blob/v4.14/arch/arm/mm/alignment.c#L762> which claims that ARMv6++ CPUs can handle up to word-sized unaligned accesses, thus no fixup is needed.
> >>
> >> I hope that this will be sufficient for a fix. Let me know if you need any additional information.
> >
> > I'm performing a direct kernel boot. On real hardware, a bootloader is involved which probably enables unaligned access. This may explain why it works there but not in QEMU any longer.
> >
> > To fix direct kernel boot, it seems as if the "built-in bootloader" would need to be adapted/extended [1]. Any ideas?
>
> I strongly suspect a kernel bug. Either mmu disabled or attempting unaligned access on
> pages mapped as Device instead of Normal.
The MMU surely must be enabled by this point in guest boot.
This change doesn't affect whether we do alignment checks based
on SCTLR.A being set, so it's not a simple "the bootloader was
supposed to clear that and it didn't" (besides, A=0 means no
checks, so that's the default anyway). So the failure is kind
of weird.
-- PMM
next prev parent reply other threads:[~2024-05-27 10:59 UTC|newest]
Thread overview: 37+ messages / expand[flat|nested] mbox.gz Atom feed top
2024-03-05 13:52 [PULL 00/20] target-arm queue Peter Maydell
2024-03-05 13:52 ` [PULL 01/20] hw/i2c: Implement Broadcom Serial Controller (BSC) Peter Maydell
2024-03-05 13:52 ` [PULL 02/20] hw/arm: Connect BSC to BCM2835 board as I2C0, I2C1 and I2C2 Peter Maydell
2024-03-05 13:52 ` [PULL 03/20] tests/qtest: Add testcase for BCM2835 BSC Peter Maydell
2024-03-05 13:52 ` [PULL 04/20] hw/char/pl011: Add support for loopback Peter Maydell
2024-03-05 13:52 ` [PULL 05/20] hw/misc/stm32l4x5_rcc: Implement STM32L4x5_RCC skeleton Peter Maydell
2024-03-05 13:52 ` [PULL 06/20] hw/misc/stm32l4x5_rcc: Add an internal clock multiplexer object Peter Maydell
2024-03-05 13:52 ` [PULL 07/20] hw/misc/stm32l4x5_rcc: Add an internal PLL Clock object Peter Maydell
2024-03-05 13:52 ` [PULL 08/20] hw/misc/stm32l4x5_rcc: Initialize PLLs and clock multiplexers Peter Maydell
2024-03-05 13:52 ` [PULL 09/20] hw/misc/stm32l4x5_rcc: Handle Register Updates Peter Maydell
2024-03-05 13:52 ` [PULL 10/20] hw/misc/stm32l4x5_rcc: Add write protections to CR register Peter Maydell
2024-03-05 13:52 ` [PULL 11/20] hw/arm/stm32l4x5_soc.c: Use the RCC Sysclk Peter Maydell
2024-03-05 13:52 ` [PULL 12/20] tests/qtest/stm32l4x5_rcc-test.c: Add tests for the STM32L4x5_RCC Peter Maydell
2024-03-05 13:52 ` [PULL 13/20] target/arm: Support 32-byte alignment in pow2_align Peter Maydell
2024-03-05 13:52 ` [PULL 14/20] exec/memattrs: Remove target_tlb_bit* Peter Maydell
2024-03-05 13:52 ` [PULL 15/20] accel/tcg: Add tlb_fill_flags to CPUTLBEntryFull Peter Maydell
2024-03-05 13:52 ` [PULL 16/20] accel/tcg: Add TLB_CHECK_ALIGNED Peter Maydell
2024-03-05 13:52 ` [PULL 17/20] target/arm: Do memory type alignment check when translation disabled Peter Maydell
2024-05-25 13:41 ` Bernhard Beschow
2024-05-25 20:50 ` Bernhard Beschow
2024-05-27 2:36 ` Richard Henderson
2024-05-27 10:58 ` Peter Maydell [this message]
2024-05-27 15:29 ` Bernhard Beschow
2024-05-27 16:20 ` Richard Henderson
2024-05-27 17:49 ` Bernhard Beschow
2024-07-05 11:46 ` Bernhard Beschow
2024-07-05 17:08 ` Peter Maydell
2024-08-09 16:07 ` Peter Maydell
2024-08-28 7:22 ` Michael Tokarev
2024-08-28 11:07 ` Richard Henderson
2024-08-28 11:27 ` Michael Tokarev
2024-08-28 15:51 ` Peter Maydell
2024-08-29 17:25 ` Peter Maydell
2024-03-05 13:52 ` [PULL 18/20] target/arm: Do memory type alignment check when translation enabled Peter Maydell
2024-03-05 13:52 ` [PULL 19/20] atomic.h: Reword confusing comment for qatomic_cmpxchg Peter Maydell
2024-03-05 13:52 ` [PULL 20/20] qemu-options.hx: Don't claim "-serial" has limit of 4 serial ports Peter Maydell
2024-03-05 15:26 ` [PULL 00/20] target-arm queue Peter Maydell
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=CAFEAcA-BD1TmaBB_5ephnRoNsOCWsS4w3C_oj0P_182+fOLPUQ@mail.gmail.com \
--to=peter.maydell@linaro.org \
--cc=qemu-devel@nongnu.org \
--cc=richard.henderson@linaro.org \
--cc=shentey@gmail.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).