* [Qemu-devel] [Bug 1766896] [NEW] qemu-system-arm segfault in arm_v7m_mmu_idx_for_secstate
@ 2018-04-25 14:48 fenugrec
2018-04-25 15:05 ` [Qemu-devel] [Bug 1766896] " fenugrec
` (6 more replies)
0 siblings, 7 replies; 8+ messages in thread
From: fenugrec @ 2018-04-25 14:48 UTC (permalink / raw)
To: qemu-devel
Public bug reported:
Attempting to emulate some baremetal ARM cortex-M* firmware with gdb
causes a segfault every time.
qemu invocation:
qemu-system-arm -machine none -cpu cortex-m3 -nographic -monitor null -serial null -s -S -device loader,file=firmware.elf
qemu seems to startup fine with that command. Segfault happens as soon
as I connect from another console with
arm-none-eabi-gdb firmware.elf
> target remote localhost:1234
# qemu segfaults, and kills arm-none-eabi-gdb along with it
Here's a bt from qemu-system-arm :
*********************************
#0 armv7m_nvic_neg_prio_requested (opaque=0x0, secure=false)
at /home/sac/qemu/src/qemu/hw/intc/armv7m_nvic.c:383
s = 0x0
#1 0x006e4806 in arm_v7m_mmu_idx_for_secstate (secstate=<optimized out>, env=0xb620263c)
at /home/sac/qemu/src/qemu/target/arm/cpu.h:2345
el = <optimized out>
mmu_idx = ARMMMUIdx_MPriv
el = <optimized out>
mmu_idx = <optimized out>
#2 cpu_mmu_index (ifetch=false, env=0xb620263c) at /home/sac/qemu/src/qemu/target/arm/cpu.h:2358
mmu_idx = <optimized out>
el = <optimized out>
ifetch = <optimized out>
env = 0xb620263c
el = <optimized out>
mmu_idx = <optimized out>
el = <optimized out>
el = <optimized out>
mmu_idx = <optimized out>
#3 arm_cpu_get_phys_page_attrs_debug (cs=0xb61fe480, addr=0, attrs=0xbfffc668)
at /home/sac/qemu/src/qemu/target/arm/helper.c:9858
cpu = 0xb61fe480
__func__ = "arm_cpu_get_phys_page_attrs_debug"
env = 0xb620263c
phys_addr = 6402535376434480864
page_size = 5
prot = -1239242724
ret = <optimized out>
fsr = 4294967041
fi = {s2addr = 0, stage2 = false, s1ptw = false, ea = false}
mmu_idx = <optimized out>
#4 0x005729d1 in cpu_get_phys_page_attrs_debug (attrs=<optimized out>, addr=<optimized out>,
cpu=<optimized out>) at /home/sac/qemu/src/qemu/include/qom/cpu.h:580
cc = <optimized out>
cc = <optimized out>
#5 cpu_memory_rw_debug (cpu=0xb61fe480, addr=0, buf=0xbfffd6dc "", len=4, is_write=0)
at /home/sac/qemu/src/qemu/exec.c:3524
asidx = <optimized out>
attrs = {unspecified = 0, secure = 0, user = 0, requester_id = 15525}
l = <optimized out>
phys_addr = <optimized out>
page = 0
__PRETTY_FUNCTION__ = "cpu_memory_rw_debug"
#6 0x005b4c5e in target_memory_rw_debug (is_write=false, len=4, buf=<optimized out>, addr=0,
cpu=0xb61fe480) at /home/sac/qemu/src/qemu/gdbstub.c:56
cc = <optimized out>
cc = <optimized out>
#7 gdb_handle_packet (s=s@entry=0xb6229800, line_buf=line_buf@entry=0xb6229810 "m0,4")
at /home/sac/qemu/src/qemu/gdbstub.c:1109
cpu = <optimized out>
cc = <optimized out>
p = 0xb6229813 "4"
thread = <optimized out>
ch = <optimized out>
reg_size = <optimized out>
type = <optimized out>
res = <optimized out>
buf = "m1\000", '\060' <repeats 109 times>, "ffffffff00000000d3010040\000t modification,\n are permitted in any medium without royalt"...
mem_buf = '\000' <repeats 56 times>, "\377\377\377\377\000\000\000\000\323\001\000@", '\000' <repeats 716 times>...
registers = <optimized out>
addr = 0
len = 4
__func__ = "gdb_handle_packet"
#8 0x005b55b3 in gdb_read_byte (ch=100, s=0xb6229800) at /home/sac/qemu/src/qemu/gdbstub.c:1664
reply = 43 '+'
reply = <optimized out>
repeat = <optimized out>
#9 gdb_chr_receive (opaque=<optimized out>, buf=<optimized out>, size=<optimized out>)
at /home/sac/qemu/src/qemu/gdbstub.c:1868
i = <optimized out>
#10 0x00980319 in tcp_chr_read (chan=0xb6c86200, cond=G_IO_IN, opaque=0xb63fc6e0)
at chardev/char-socket.c:440
chr = <optimized out>
__func__ = "tcp_chr_read"
s = 0xb63fc6e0
buf = "$m0,4#fddInfo#c8read:arm-core.xml:0,ffb#08+;qRelocInsn+;fork-events+;vfork-events+;exec-events+;vContSupported+;QThreadEvents+;no-resumed+#df\363\377\377\000\000\000\000\274\354\377\277", '\000' <repeats 16 times>, "\272\356\377 \274\354\377\277", '\000' <repeats 16 times>, "\373\377\377\377\005\000\000\000"...
len = <optimized out>
size = <optimized out>
#11 0xb7808c44 in g_main_context_dispatch () from /usr/lib/libglib-2.0.so.0
No symbol table info available.
#12 0x009e14d2 in glib_pollfds_poll () at util/main-loop.c:214
context = 0xb645f740
pfds = <optimized out>
context = <optimized out>
pfds = <optimized out>
#13 os_host_main_loop_wait (timeout=<optimized out>) at util/main-loop.c:261
context = 0xb645f740
ret = 1
spin_counter = 0
context = <optimized out>
ret = <optimized out>
spin_counter = 0
notified = false
#14 main_loop_wait (nonblocking=0) at util/main-loop.c:515
ret = <optimized out>
timeout = 1000
timeout_ns = <optimized out>
#15 0x00561781 in main_loop () at vl.c:1995
No locals.
#16 main (argc=<optimized out>, argv=<optimized out>, envp=<optimized out>) at vl.c:4911
i = <optimized out>
snapshot = <optimized out>
linux_boot = <optimized out>
initrd_filename = <optimized out>
kernel_filename = <optimized out>
kernel_cmdline = <optimized out>
boot_order = <optimized out>
boot_once = <optimized out>
ds = <optimized out>
cyls = <optimized out>
heads = <optimized out>
secs = <optimized out>
translation = <optimized out>
opts = <optimized out>
machine_opts = <optimized out>
hda_opts = <optimized out>
icount_opts = <optimized out>
accel_opts = <optimized out>
olist = <optimized out>
optind = 14
optarg = 0xbffffcf6 "loader,file=firmware.elf"
loadvm = <optimized out>
machine_class = <optimized out>
cpu_model = <optimized out>
vga_model = <optimized out>
qtest_chrdev = <optimized out>
qtest_log = <optimized out>
pid_file = <optimized out>
incoming = <optimized out>
userconfig = <optimized out>
nographic = <optimized out>
display_type = <optimized out>
display_remote = <optimized out>
log_mask = <optimized out>
log_file = <optimized out>
trace_file = <optimized out>
maxram_size = <optimized out>
ram_slots = <optimized out>
vmstate_dump_file = <optimized out>
main_loop_err = 0x0
err = 0x0
list_data_dirs = <optimized out>
dirs = <optimized out>
bdo_queue = {sqh_first = 0x0, sqh_last = 0xbffff918}
__func__ = "main"
** Affects: qemu
Importance: Undecided
Status: New
--
You received this bug notification because you are a member of qemu-
devel-ml, which is subscribed to QEMU.
https://bugs.launchpad.net/bugs/1766896
Title:
qemu-system-arm segfault in arm_v7m_mmu_idx_for_secstate
Status in QEMU:
New
Bug description:
Attempting to emulate some baremetal ARM cortex-M* firmware with gdb
causes a segfault every time.
qemu invocation:
qemu-system-arm -machine none -cpu cortex-m3 -nographic -monitor null -serial null -s -S -device loader,file=firmware.elf
qemu seems to startup fine with that command. Segfault happens as soon
as I connect from another console with
arm-none-eabi-gdb firmware.elf
> target remote localhost:1234
# qemu segfaults, and kills arm-none-eabi-gdb along with it
Here's a bt from qemu-system-arm :
*********************************
#0 armv7m_nvic_neg_prio_requested (opaque=0x0, secure=false)
at /home/sac/qemu/src/qemu/hw/intc/armv7m_nvic.c:383
s = 0x0
#1 0x006e4806 in arm_v7m_mmu_idx_for_secstate (secstate=<optimized out>, env=0xb620263c)
at /home/sac/qemu/src/qemu/target/arm/cpu.h:2345
el = <optimized out>
mmu_idx = ARMMMUIdx_MPriv
el = <optimized out>
mmu_idx = <optimized out>
#2 cpu_mmu_index (ifetch=false, env=0xb620263c) at /home/sac/qemu/src/qemu/target/arm/cpu.h:2358
mmu_idx = <optimized out>
el = <optimized out>
ifetch = <optimized out>
env = 0xb620263c
el = <optimized out>
mmu_idx = <optimized out>
el = <optimized out>
el = <optimized out>
mmu_idx = <optimized out>
#3 arm_cpu_get_phys_page_attrs_debug (cs=0xb61fe480, addr=0, attrs=0xbfffc668)
at /home/sac/qemu/src/qemu/target/arm/helper.c:9858
cpu = 0xb61fe480
__func__ = "arm_cpu_get_phys_page_attrs_debug"
env = 0xb620263c
phys_addr = 6402535376434480864
page_size = 5
prot = -1239242724
ret = <optimized out>
fsr = 4294967041
fi = {s2addr = 0, stage2 = false, s1ptw = false, ea = false}
mmu_idx = <optimized out>
#4 0x005729d1 in cpu_get_phys_page_attrs_debug (attrs=<optimized out>, addr=<optimized out>,
cpu=<optimized out>) at /home/sac/qemu/src/qemu/include/qom/cpu.h:580
cc = <optimized out>
cc = <optimized out>
#5 cpu_memory_rw_debug (cpu=0xb61fe480, addr=0, buf=0xbfffd6dc "", len=4, is_write=0)
at /home/sac/qemu/src/qemu/exec.c:3524
asidx = <optimized out>
attrs = {unspecified = 0, secure = 0, user = 0, requester_id = 15525}
l = <optimized out>
phys_addr = <optimized out>
page = 0
__PRETTY_FUNCTION__ = "cpu_memory_rw_debug"
#6 0x005b4c5e in target_memory_rw_debug (is_write=false, len=4, buf=<optimized out>, addr=0,
cpu=0xb61fe480) at /home/sac/qemu/src/qemu/gdbstub.c:56
cc = <optimized out>
cc = <optimized out>
#7 gdb_handle_packet (s=s@entry=0xb6229800, line_buf=line_buf@entry=0xb6229810 "m0,4")
at /home/sac/qemu/src/qemu/gdbstub.c:1109
cpu = <optimized out>
cc = <optimized out>
p = 0xb6229813 "4"
thread = <optimized out>
ch = <optimized out>
reg_size = <optimized out>
type = <optimized out>
res = <optimized out>
buf = "m1\000", '\060' <repeats 109 times>, "ffffffff00000000d3010040\000t modification,\n are permitted in any medium without royalt"...
mem_buf = '\000' <repeats 56 times>, "\377\377\377\377\000\000\000\000\323\001\000@", '\000' <repeats 716 times>...
registers = <optimized out>
addr = 0
len = 4
__func__ = "gdb_handle_packet"
#8 0x005b55b3 in gdb_read_byte (ch=100, s=0xb6229800) at /home/sac/qemu/src/qemu/gdbstub.c:1664
reply = 43 '+'
reply = <optimized out>
repeat = <optimized out>
#9 gdb_chr_receive (opaque=<optimized out>, buf=<optimized out>, size=<optimized out>)
at /home/sac/qemu/src/qemu/gdbstub.c:1868
i = <optimized out>
#10 0x00980319 in tcp_chr_read (chan=0xb6c86200, cond=G_IO_IN, opaque=0xb63fc6e0)
at chardev/char-socket.c:440
chr = <optimized out>
__func__ = "tcp_chr_read"
s = 0xb63fc6e0
buf = "$m0,4#fddInfo#c8read:arm-core.xml:0,ffb#08+;qRelocInsn+;fork-events+;vfork-events+;exec-events+;vContSupported+;QThreadEvents+;no-resumed+#df\363\377\377\000\000\000\000\274\354\377\277", '\000' <repeats 16 times>, "\272\356\377 \274\354\377\277", '\000' <repeats 16 times>, "\373\377\377\377\005\000\000\000"...
len = <optimized out>
size = <optimized out>
#11 0xb7808c44 in g_main_context_dispatch () from /usr/lib/libglib-2.0.so.0
No symbol table info available.
#12 0x009e14d2 in glib_pollfds_poll () at util/main-loop.c:214
context = 0xb645f740
pfds = <optimized out>
context = <optimized out>
pfds = <optimized out>
#13 os_host_main_loop_wait (timeout=<optimized out>) at util/main-loop.c:261
context = 0xb645f740
ret = 1
spin_counter = 0
context = <optimized out>
ret = <optimized out>
spin_counter = 0
notified = false
#14 main_loop_wait (nonblocking=0) at util/main-loop.c:515
ret = <optimized out>
timeout = 1000
timeout_ns = <optimized out>
#15 0x00561781 in main_loop () at vl.c:1995
No locals.
#16 main (argc=<optimized out>, argv=<optimized out>, envp=<optimized out>) at vl.c:4911
i = <optimized out>
snapshot = <optimized out>
linux_boot = <optimized out>
initrd_filename = <optimized out>
kernel_filename = <optimized out>
kernel_cmdline = <optimized out>
boot_order = <optimized out>
boot_once = <optimized out>
ds = <optimized out>
cyls = <optimized out>
heads = <optimized out>
secs = <optimized out>
translation = <optimized out>
opts = <optimized out>
machine_opts = <optimized out>
hda_opts = <optimized out>
icount_opts = <optimized out>
accel_opts = <optimized out>
olist = <optimized out>
optind = 14
optarg = 0xbffffcf6 "loader,file=firmware.elf"
loadvm = <optimized out>
machine_class = <optimized out>
cpu_model = <optimized out>
vga_model = <optimized out>
qtest_chrdev = <optimized out>
qtest_log = <optimized out>
pid_file = <optimized out>
incoming = <optimized out>
userconfig = <optimized out>
nographic = <optimized out>
display_type = <optimized out>
display_remote = <optimized out>
log_mask = <optimized out>
log_file = <optimized out>
trace_file = <optimized out>
maxram_size = <optimized out>
ram_slots = <optimized out>
vmstate_dump_file = <optimized out>
main_loop_err = 0x0
err = 0x0
list_data_dirs = <optimized out>
dirs = <optimized out>
bdo_queue = {sqh_first = 0x0, sqh_last = 0xbffff918}
__func__ = "main"
To manage notifications about this bug go to:
https://bugs.launchpad.net/qemu/+bug/1766896/+subscriptions
^ permalink raw reply [flat|nested] 8+ messages in thread
* [Qemu-devel] [Bug 1766896] Re: qemu-system-arm segfault in arm_v7m_mmu_idx_for_secstate
2018-04-25 14:48 [Qemu-devel] [Bug 1766896] [NEW] qemu-system-arm segfault in arm_v7m_mmu_idx_for_secstate fenugrec
@ 2018-04-25 15:05 ` fenugrec
2018-04-25 15:45 ` Thomas Huth
` (5 subsequent siblings)
6 siblings, 0 replies; 8+ messages in thread
From: fenugrec @ 2018-04-25 15:05 UTC (permalink / raw)
To: qemu-devel
follow-up to IRC discussions with stsquad and danpb : the problem is
"-machine none" which prevents all the data structures from being
initialized properly.
--
You received this bug notification because you are a member of qemu-
devel-ml, which is subscribed to QEMU.
https://bugs.launchpad.net/bugs/1766896
Title:
qemu-system-arm segfault in arm_v7m_mmu_idx_for_secstate
Status in QEMU:
New
Bug description:
Attempting to emulate some baremetal ARM cortex-M* firmware with gdb
causes a segfault every time.
qemu invocation:
qemu-system-arm -machine none -cpu cortex-m3 -nographic -monitor null -serial null -s -S -device loader,file=firmware.elf
qemu seems to startup fine with that command. Segfault happens as soon
as I connect from another console with
arm-none-eabi-gdb firmware.elf
> target remote localhost:1234
# qemu segfaults, and kills arm-none-eabi-gdb along with it
Here's a bt from qemu-system-arm :
*********************************
#0 armv7m_nvic_neg_prio_requested (opaque=0x0, secure=false)
at /home/sac/qemu/src/qemu/hw/intc/armv7m_nvic.c:383
s = 0x0
#1 0x006e4806 in arm_v7m_mmu_idx_for_secstate (secstate=<optimized out>, env=0xb620263c)
at /home/sac/qemu/src/qemu/target/arm/cpu.h:2345
el = <optimized out>
mmu_idx = ARMMMUIdx_MPriv
el = <optimized out>
mmu_idx = <optimized out>
#2 cpu_mmu_index (ifetch=false, env=0xb620263c) at /home/sac/qemu/src/qemu/target/arm/cpu.h:2358
mmu_idx = <optimized out>
el = <optimized out>
ifetch = <optimized out>
env = 0xb620263c
el = <optimized out>
mmu_idx = <optimized out>
el = <optimized out>
el = <optimized out>
mmu_idx = <optimized out>
#3 arm_cpu_get_phys_page_attrs_debug (cs=0xb61fe480, addr=0, attrs=0xbfffc668)
at /home/sac/qemu/src/qemu/target/arm/helper.c:9858
cpu = 0xb61fe480
__func__ = "arm_cpu_get_phys_page_attrs_debug"
env = 0xb620263c
phys_addr = 6402535376434480864
page_size = 5
prot = -1239242724
ret = <optimized out>
fsr = 4294967041
fi = {s2addr = 0, stage2 = false, s1ptw = false, ea = false}
mmu_idx = <optimized out>
#4 0x005729d1 in cpu_get_phys_page_attrs_debug (attrs=<optimized out>, addr=<optimized out>,
cpu=<optimized out>) at /home/sac/qemu/src/qemu/include/qom/cpu.h:580
cc = <optimized out>
cc = <optimized out>
#5 cpu_memory_rw_debug (cpu=0xb61fe480, addr=0, buf=0xbfffd6dc "", len=4, is_write=0)
at /home/sac/qemu/src/qemu/exec.c:3524
asidx = <optimized out>
attrs = {unspecified = 0, secure = 0, user = 0, requester_id = 15525}
l = <optimized out>
phys_addr = <optimized out>
page = 0
__PRETTY_FUNCTION__ = "cpu_memory_rw_debug"
#6 0x005b4c5e in target_memory_rw_debug (is_write=false, len=4, buf=<optimized out>, addr=0,
cpu=0xb61fe480) at /home/sac/qemu/src/qemu/gdbstub.c:56
cc = <optimized out>
cc = <optimized out>
#7 gdb_handle_packet (s=s@entry=0xb6229800, line_buf=line_buf@entry=0xb6229810 "m0,4")
at /home/sac/qemu/src/qemu/gdbstub.c:1109
cpu = <optimized out>
cc = <optimized out>
p = 0xb6229813 "4"
thread = <optimized out>
ch = <optimized out>
reg_size = <optimized out>
type = <optimized out>
res = <optimized out>
buf = "m1\000", '\060' <repeats 109 times>, "ffffffff00000000d3010040\000t modification,\n are permitted in any medium without royalt"...
mem_buf = '\000' <repeats 56 times>, "\377\377\377\377\000\000\000\000\323\001\000@", '\000' <repeats 716 times>...
registers = <optimized out>
addr = 0
len = 4
__func__ = "gdb_handle_packet"
#8 0x005b55b3 in gdb_read_byte (ch=100, s=0xb6229800) at /home/sac/qemu/src/qemu/gdbstub.c:1664
reply = 43 '+'
reply = <optimized out>
repeat = <optimized out>
#9 gdb_chr_receive (opaque=<optimized out>, buf=<optimized out>, size=<optimized out>)
at /home/sac/qemu/src/qemu/gdbstub.c:1868
i = <optimized out>
#10 0x00980319 in tcp_chr_read (chan=0xb6c86200, cond=G_IO_IN, opaque=0xb63fc6e0)
at chardev/char-socket.c:440
chr = <optimized out>
__func__ = "tcp_chr_read"
s = 0xb63fc6e0
buf = "$m0,4#fddInfo#c8read:arm-core.xml:0,ffb#08+;qRelocInsn+;fork-events+;vfork-events+;exec-events+;vContSupported+;QThreadEvents+;no-resumed+#df\363\377\377\000\000\000\000\274\354\377\277", '\000' <repeats 16 times>, "\272\356\377 \274\354\377\277", '\000' <repeats 16 times>, "\373\377\377\377\005\000\000\000"...
len = <optimized out>
size = <optimized out>
#11 0xb7808c44 in g_main_context_dispatch () from /usr/lib/libglib-2.0.so.0
No symbol table info available.
#12 0x009e14d2 in glib_pollfds_poll () at util/main-loop.c:214
context = 0xb645f740
pfds = <optimized out>
context = <optimized out>
pfds = <optimized out>
#13 os_host_main_loop_wait (timeout=<optimized out>) at util/main-loop.c:261
context = 0xb645f740
ret = 1
spin_counter = 0
context = <optimized out>
ret = <optimized out>
spin_counter = 0
notified = false
#14 main_loop_wait (nonblocking=0) at util/main-loop.c:515
ret = <optimized out>
timeout = 1000
timeout_ns = <optimized out>
#15 0x00561781 in main_loop () at vl.c:1995
No locals.
#16 main (argc=<optimized out>, argv=<optimized out>, envp=<optimized out>) at vl.c:4911
i = <optimized out>
snapshot = <optimized out>
linux_boot = <optimized out>
initrd_filename = <optimized out>
kernel_filename = <optimized out>
kernel_cmdline = <optimized out>
boot_order = <optimized out>
boot_once = <optimized out>
ds = <optimized out>
cyls = <optimized out>
heads = <optimized out>
secs = <optimized out>
translation = <optimized out>
opts = <optimized out>
machine_opts = <optimized out>
hda_opts = <optimized out>
icount_opts = <optimized out>
accel_opts = <optimized out>
olist = <optimized out>
optind = 14
optarg = 0xbffffcf6 "loader,file=firmware.elf"
loadvm = <optimized out>
machine_class = <optimized out>
cpu_model = <optimized out>
vga_model = <optimized out>
qtest_chrdev = <optimized out>
qtest_log = <optimized out>
pid_file = <optimized out>
incoming = <optimized out>
userconfig = <optimized out>
nographic = <optimized out>
display_type = <optimized out>
display_remote = <optimized out>
log_mask = <optimized out>
log_file = <optimized out>
trace_file = <optimized out>
maxram_size = <optimized out>
ram_slots = <optimized out>
vmstate_dump_file = <optimized out>
main_loop_err = 0x0
err = 0x0
list_data_dirs = <optimized out>
dirs = <optimized out>
bdo_queue = {sqh_first = 0x0, sqh_last = 0xbffff918}
__func__ = "main"
To manage notifications about this bug go to:
https://bugs.launchpad.net/qemu/+bug/1766896/+subscriptions
^ permalink raw reply [flat|nested] 8+ messages in thread
* [Qemu-devel] [Bug 1766896] Re: qemu-system-arm segfault in arm_v7m_mmu_idx_for_secstate
2018-04-25 14:48 [Qemu-devel] [Bug 1766896] [NEW] qemu-system-arm segfault in arm_v7m_mmu_idx_for_secstate fenugrec
2018-04-25 15:05 ` [Qemu-devel] [Bug 1766896] " fenugrec
@ 2018-04-25 15:45 ` Thomas Huth
2018-04-25 19:09 ` Peter Maydell
` (4 subsequent siblings)
6 siblings, 0 replies; 8+ messages in thread
From: Thomas Huth @ 2018-04-25 15:45 UTC (permalink / raw)
To: qemu-devel
You also did not specify any amount of RAM with the -m parameter and the
"none" machine does not have any RAM by default.
--
You received this bug notification because you are a member of qemu-
devel-ml, which is subscribed to QEMU.
https://bugs.launchpad.net/bugs/1766896
Title:
qemu-system-arm segfault in arm_v7m_mmu_idx_for_secstate
Status in QEMU:
New
Bug description:
Attempting to emulate some baremetal ARM cortex-M* firmware with gdb
causes a segfault every time.
qemu invocation:
qemu-system-arm -machine none -cpu cortex-m3 -nographic -monitor null -serial null -s -S -device loader,file=firmware.elf
qemu seems to startup fine with that command. Segfault happens as soon
as I connect from another console with
arm-none-eabi-gdb firmware.elf
> target remote localhost:1234
# qemu segfaults, and kills arm-none-eabi-gdb along with it
Here's a bt from qemu-system-arm :
*********************************
#0 armv7m_nvic_neg_prio_requested (opaque=0x0, secure=false)
at /home/sac/qemu/src/qemu/hw/intc/armv7m_nvic.c:383
s = 0x0
#1 0x006e4806 in arm_v7m_mmu_idx_for_secstate (secstate=<optimized out>, env=0xb620263c)
at /home/sac/qemu/src/qemu/target/arm/cpu.h:2345
el = <optimized out>
mmu_idx = ARMMMUIdx_MPriv
el = <optimized out>
mmu_idx = <optimized out>
#2 cpu_mmu_index (ifetch=false, env=0xb620263c) at /home/sac/qemu/src/qemu/target/arm/cpu.h:2358
mmu_idx = <optimized out>
el = <optimized out>
ifetch = <optimized out>
env = 0xb620263c
el = <optimized out>
mmu_idx = <optimized out>
el = <optimized out>
el = <optimized out>
mmu_idx = <optimized out>
#3 arm_cpu_get_phys_page_attrs_debug (cs=0xb61fe480, addr=0, attrs=0xbfffc668)
at /home/sac/qemu/src/qemu/target/arm/helper.c:9858
cpu = 0xb61fe480
__func__ = "arm_cpu_get_phys_page_attrs_debug"
env = 0xb620263c
phys_addr = 6402535376434480864
page_size = 5
prot = -1239242724
ret = <optimized out>
fsr = 4294967041
fi = {s2addr = 0, stage2 = false, s1ptw = false, ea = false}
mmu_idx = <optimized out>
#4 0x005729d1 in cpu_get_phys_page_attrs_debug (attrs=<optimized out>, addr=<optimized out>,
cpu=<optimized out>) at /home/sac/qemu/src/qemu/include/qom/cpu.h:580
cc = <optimized out>
cc = <optimized out>
#5 cpu_memory_rw_debug (cpu=0xb61fe480, addr=0, buf=0xbfffd6dc "", len=4, is_write=0)
at /home/sac/qemu/src/qemu/exec.c:3524
asidx = <optimized out>
attrs = {unspecified = 0, secure = 0, user = 0, requester_id = 15525}
l = <optimized out>
phys_addr = <optimized out>
page = 0
__PRETTY_FUNCTION__ = "cpu_memory_rw_debug"
#6 0x005b4c5e in target_memory_rw_debug (is_write=false, len=4, buf=<optimized out>, addr=0,
cpu=0xb61fe480) at /home/sac/qemu/src/qemu/gdbstub.c:56
cc = <optimized out>
cc = <optimized out>
#7 gdb_handle_packet (s=s@entry=0xb6229800, line_buf=line_buf@entry=0xb6229810 "m0,4")
at /home/sac/qemu/src/qemu/gdbstub.c:1109
cpu = <optimized out>
cc = <optimized out>
p = 0xb6229813 "4"
thread = <optimized out>
ch = <optimized out>
reg_size = <optimized out>
type = <optimized out>
res = <optimized out>
buf = "m1\000", '\060' <repeats 109 times>, "ffffffff00000000d3010040\000t modification,\n are permitted in any medium without royalt"...
mem_buf = '\000' <repeats 56 times>, "\377\377\377\377\000\000\000\000\323\001\000@", '\000' <repeats 716 times>...
registers = <optimized out>
addr = 0
len = 4
__func__ = "gdb_handle_packet"
#8 0x005b55b3 in gdb_read_byte (ch=100, s=0xb6229800) at /home/sac/qemu/src/qemu/gdbstub.c:1664
reply = 43 '+'
reply = <optimized out>
repeat = <optimized out>
#9 gdb_chr_receive (opaque=<optimized out>, buf=<optimized out>, size=<optimized out>)
at /home/sac/qemu/src/qemu/gdbstub.c:1868
i = <optimized out>
#10 0x00980319 in tcp_chr_read (chan=0xb6c86200, cond=G_IO_IN, opaque=0xb63fc6e0)
at chardev/char-socket.c:440
chr = <optimized out>
__func__ = "tcp_chr_read"
s = 0xb63fc6e0
buf = "$m0,4#fddInfo#c8read:arm-core.xml:0,ffb#08+;qRelocInsn+;fork-events+;vfork-events+;exec-events+;vContSupported+;QThreadEvents+;no-resumed+#df\363\377\377\000\000\000\000\274\354\377\277", '\000' <repeats 16 times>, "\272\356\377 \274\354\377\277", '\000' <repeats 16 times>, "\373\377\377\377\005\000\000\000"...
len = <optimized out>
size = <optimized out>
#11 0xb7808c44 in g_main_context_dispatch () from /usr/lib/libglib-2.0.so.0
No symbol table info available.
#12 0x009e14d2 in glib_pollfds_poll () at util/main-loop.c:214
context = 0xb645f740
pfds = <optimized out>
context = <optimized out>
pfds = <optimized out>
#13 os_host_main_loop_wait (timeout=<optimized out>) at util/main-loop.c:261
context = 0xb645f740
ret = 1
spin_counter = 0
context = <optimized out>
ret = <optimized out>
spin_counter = 0
notified = false
#14 main_loop_wait (nonblocking=0) at util/main-loop.c:515
ret = <optimized out>
timeout = 1000
timeout_ns = <optimized out>
#15 0x00561781 in main_loop () at vl.c:1995
No locals.
#16 main (argc=<optimized out>, argv=<optimized out>, envp=<optimized out>) at vl.c:4911
i = <optimized out>
snapshot = <optimized out>
linux_boot = <optimized out>
initrd_filename = <optimized out>
kernel_filename = <optimized out>
kernel_cmdline = <optimized out>
boot_order = <optimized out>
boot_once = <optimized out>
ds = <optimized out>
cyls = <optimized out>
heads = <optimized out>
secs = <optimized out>
translation = <optimized out>
opts = <optimized out>
machine_opts = <optimized out>
hda_opts = <optimized out>
icount_opts = <optimized out>
accel_opts = <optimized out>
olist = <optimized out>
optind = 14
optarg = 0xbffffcf6 "loader,file=firmware.elf"
loadvm = <optimized out>
machine_class = <optimized out>
cpu_model = <optimized out>
vga_model = <optimized out>
qtest_chrdev = <optimized out>
qtest_log = <optimized out>
pid_file = <optimized out>
incoming = <optimized out>
userconfig = <optimized out>
nographic = <optimized out>
display_type = <optimized out>
display_remote = <optimized out>
log_mask = <optimized out>
log_file = <optimized out>
trace_file = <optimized out>
maxram_size = <optimized out>
ram_slots = <optimized out>
vmstate_dump_file = <optimized out>
main_loop_err = 0x0
err = 0x0
list_data_dirs = <optimized out>
dirs = <optimized out>
bdo_queue = {sqh_first = 0x0, sqh_last = 0xbffff918}
__func__ = "main"
To manage notifications about this bug go to:
https://bugs.launchpad.net/qemu/+bug/1766896/+subscriptions
^ permalink raw reply [flat|nested] 8+ messages in thread
* [Qemu-devel] [Bug 1766896] Re: qemu-system-arm segfault in arm_v7m_mmu_idx_for_secstate
2018-04-25 14:48 [Qemu-devel] [Bug 1766896] [NEW] qemu-system-arm segfault in arm_v7m_mmu_idx_for_secstate fenugrec
2018-04-25 15:05 ` [Qemu-devel] [Bug 1766896] " fenugrec
2018-04-25 15:45 ` Thomas Huth
@ 2018-04-25 19:09 ` Peter Maydell
2018-06-01 16:04 ` Peter Maydell
` (3 subsequent siblings)
6 siblings, 0 replies; 8+ messages in thread
From: Peter Maydell @ 2018-04-25 19:09 UTC (permalink / raw)
To: qemu-devel
Yes; cortex-m3 will only work on machine types that are expecting it (ie
which instantiate the M profile NVIC interrupt controller, which is
really an integral part of the CPU).
We should catch this case and make QEMU exit with a more helpful
message.
--
You received this bug notification because you are a member of qemu-
devel-ml, which is subscribed to QEMU.
https://bugs.launchpad.net/bugs/1766896
Title:
qemu-system-arm segfault in arm_v7m_mmu_idx_for_secstate
Status in QEMU:
New
Bug description:
Attempting to emulate some baremetal ARM cortex-M* firmware with gdb
causes a segfault every time.
qemu invocation:
qemu-system-arm -machine none -cpu cortex-m3 -nographic -monitor null -serial null -s -S -device loader,file=firmware.elf
qemu seems to startup fine with that command. Segfault happens as soon
as I connect from another console with
arm-none-eabi-gdb firmware.elf
> target remote localhost:1234
# qemu segfaults, and kills arm-none-eabi-gdb along with it
Here's a bt from qemu-system-arm :
*********************************
#0 armv7m_nvic_neg_prio_requested (opaque=0x0, secure=false)
at /home/sac/qemu/src/qemu/hw/intc/armv7m_nvic.c:383
s = 0x0
#1 0x006e4806 in arm_v7m_mmu_idx_for_secstate (secstate=<optimized out>, env=0xb620263c)
at /home/sac/qemu/src/qemu/target/arm/cpu.h:2345
el = <optimized out>
mmu_idx = ARMMMUIdx_MPriv
el = <optimized out>
mmu_idx = <optimized out>
#2 cpu_mmu_index (ifetch=false, env=0xb620263c) at /home/sac/qemu/src/qemu/target/arm/cpu.h:2358
mmu_idx = <optimized out>
el = <optimized out>
ifetch = <optimized out>
env = 0xb620263c
el = <optimized out>
mmu_idx = <optimized out>
el = <optimized out>
el = <optimized out>
mmu_idx = <optimized out>
#3 arm_cpu_get_phys_page_attrs_debug (cs=0xb61fe480, addr=0, attrs=0xbfffc668)
at /home/sac/qemu/src/qemu/target/arm/helper.c:9858
cpu = 0xb61fe480
__func__ = "arm_cpu_get_phys_page_attrs_debug"
env = 0xb620263c
phys_addr = 6402535376434480864
page_size = 5
prot = -1239242724
ret = <optimized out>
fsr = 4294967041
fi = {s2addr = 0, stage2 = false, s1ptw = false, ea = false}
mmu_idx = <optimized out>
#4 0x005729d1 in cpu_get_phys_page_attrs_debug (attrs=<optimized out>, addr=<optimized out>,
cpu=<optimized out>) at /home/sac/qemu/src/qemu/include/qom/cpu.h:580
cc = <optimized out>
cc = <optimized out>
#5 cpu_memory_rw_debug (cpu=0xb61fe480, addr=0, buf=0xbfffd6dc "", len=4, is_write=0)
at /home/sac/qemu/src/qemu/exec.c:3524
asidx = <optimized out>
attrs = {unspecified = 0, secure = 0, user = 0, requester_id = 15525}
l = <optimized out>
phys_addr = <optimized out>
page = 0
__PRETTY_FUNCTION__ = "cpu_memory_rw_debug"
#6 0x005b4c5e in target_memory_rw_debug (is_write=false, len=4, buf=<optimized out>, addr=0,
cpu=0xb61fe480) at /home/sac/qemu/src/qemu/gdbstub.c:56
cc = <optimized out>
cc = <optimized out>
#7 gdb_handle_packet (s=s@entry=0xb6229800, line_buf=line_buf@entry=0xb6229810 "m0,4")
at /home/sac/qemu/src/qemu/gdbstub.c:1109
cpu = <optimized out>
cc = <optimized out>
p = 0xb6229813 "4"
thread = <optimized out>
ch = <optimized out>
reg_size = <optimized out>
type = <optimized out>
res = <optimized out>
buf = "m1\000", '\060' <repeats 109 times>, "ffffffff00000000d3010040\000t modification,\n are permitted in any medium without royalt"...
mem_buf = '\000' <repeats 56 times>, "\377\377\377\377\000\000\000\000\323\001\000@", '\000' <repeats 716 times>...
registers = <optimized out>
addr = 0
len = 4
__func__ = "gdb_handle_packet"
#8 0x005b55b3 in gdb_read_byte (ch=100, s=0xb6229800) at /home/sac/qemu/src/qemu/gdbstub.c:1664
reply = 43 '+'
reply = <optimized out>
repeat = <optimized out>
#9 gdb_chr_receive (opaque=<optimized out>, buf=<optimized out>, size=<optimized out>)
at /home/sac/qemu/src/qemu/gdbstub.c:1868
i = <optimized out>
#10 0x00980319 in tcp_chr_read (chan=0xb6c86200, cond=G_IO_IN, opaque=0xb63fc6e0)
at chardev/char-socket.c:440
chr = <optimized out>
__func__ = "tcp_chr_read"
s = 0xb63fc6e0
buf = "$m0,4#fddInfo#c8read:arm-core.xml:0,ffb#08+;qRelocInsn+;fork-events+;vfork-events+;exec-events+;vContSupported+;QThreadEvents+;no-resumed+#df\363\377\377\000\000\000\000\274\354\377\277", '\000' <repeats 16 times>, "\272\356\377 \274\354\377\277", '\000' <repeats 16 times>, "\373\377\377\377\005\000\000\000"...
len = <optimized out>
size = <optimized out>
#11 0xb7808c44 in g_main_context_dispatch () from /usr/lib/libglib-2.0.so.0
No symbol table info available.
#12 0x009e14d2 in glib_pollfds_poll () at util/main-loop.c:214
context = 0xb645f740
pfds = <optimized out>
context = <optimized out>
pfds = <optimized out>
#13 os_host_main_loop_wait (timeout=<optimized out>) at util/main-loop.c:261
context = 0xb645f740
ret = 1
spin_counter = 0
context = <optimized out>
ret = <optimized out>
spin_counter = 0
notified = false
#14 main_loop_wait (nonblocking=0) at util/main-loop.c:515
ret = <optimized out>
timeout = 1000
timeout_ns = <optimized out>
#15 0x00561781 in main_loop () at vl.c:1995
No locals.
#16 main (argc=<optimized out>, argv=<optimized out>, envp=<optimized out>) at vl.c:4911
i = <optimized out>
snapshot = <optimized out>
linux_boot = <optimized out>
initrd_filename = <optimized out>
kernel_filename = <optimized out>
kernel_cmdline = <optimized out>
boot_order = <optimized out>
boot_once = <optimized out>
ds = <optimized out>
cyls = <optimized out>
heads = <optimized out>
secs = <optimized out>
translation = <optimized out>
opts = <optimized out>
machine_opts = <optimized out>
hda_opts = <optimized out>
icount_opts = <optimized out>
accel_opts = <optimized out>
olist = <optimized out>
optind = 14
optarg = 0xbffffcf6 "loader,file=firmware.elf"
loadvm = <optimized out>
machine_class = <optimized out>
cpu_model = <optimized out>
vga_model = <optimized out>
qtest_chrdev = <optimized out>
qtest_log = <optimized out>
pid_file = <optimized out>
incoming = <optimized out>
userconfig = <optimized out>
nographic = <optimized out>
display_type = <optimized out>
display_remote = <optimized out>
log_mask = <optimized out>
log_file = <optimized out>
trace_file = <optimized out>
maxram_size = <optimized out>
ram_slots = <optimized out>
vmstate_dump_file = <optimized out>
main_loop_err = 0x0
err = 0x0
list_data_dirs = <optimized out>
dirs = <optimized out>
bdo_queue = {sqh_first = 0x0, sqh_last = 0xbffff918}
__func__ = "main"
To manage notifications about this bug go to:
https://bugs.launchpad.net/qemu/+bug/1766896/+subscriptions
^ permalink raw reply [flat|nested] 8+ messages in thread
* [Qemu-devel] [Bug 1766896] Re: qemu-system-arm segfault in arm_v7m_mmu_idx_for_secstate
2018-04-25 14:48 [Qemu-devel] [Bug 1766896] [NEW] qemu-system-arm segfault in arm_v7m_mmu_idx_for_secstate fenugrec
` (2 preceding siblings ...)
2018-04-25 19:09 ` Peter Maydell
@ 2018-06-01 16:04 ` Peter Maydell
2018-06-01 16:15 ` Peter Maydell
` (2 subsequent siblings)
6 siblings, 0 replies; 8+ messages in thread
From: Peter Maydell @ 2018-06-01 16:04 UTC (permalink / raw)
To: qemu-devel
** Tags added: arm
--
You received this bug notification because you are a member of qemu-
devel-ml, which is subscribed to QEMU.
https://bugs.launchpad.net/bugs/1766896
Title:
qemu-system-arm segfault in arm_v7m_mmu_idx_for_secstate
Status in QEMU:
New
Bug description:
Attempting to emulate some baremetal ARM cortex-M* firmware with gdb
causes a segfault every time.
qemu invocation:
qemu-system-arm -machine none -cpu cortex-m3 -nographic -monitor null -serial null -s -S -device loader,file=firmware.elf
qemu seems to startup fine with that command. Segfault happens as soon
as I connect from another console with
arm-none-eabi-gdb firmware.elf
> target remote localhost:1234
# qemu segfaults, and kills arm-none-eabi-gdb along with it
Here's a bt from qemu-system-arm :
*********************************
#0 armv7m_nvic_neg_prio_requested (opaque=0x0, secure=false)
at /home/sac/qemu/src/qemu/hw/intc/armv7m_nvic.c:383
s = 0x0
#1 0x006e4806 in arm_v7m_mmu_idx_for_secstate (secstate=<optimized out>, env=0xb620263c)
at /home/sac/qemu/src/qemu/target/arm/cpu.h:2345
el = <optimized out>
mmu_idx = ARMMMUIdx_MPriv
el = <optimized out>
mmu_idx = <optimized out>
#2 cpu_mmu_index (ifetch=false, env=0xb620263c) at /home/sac/qemu/src/qemu/target/arm/cpu.h:2358
mmu_idx = <optimized out>
el = <optimized out>
ifetch = <optimized out>
env = 0xb620263c
el = <optimized out>
mmu_idx = <optimized out>
el = <optimized out>
el = <optimized out>
mmu_idx = <optimized out>
#3 arm_cpu_get_phys_page_attrs_debug (cs=0xb61fe480, addr=0, attrs=0xbfffc668)
at /home/sac/qemu/src/qemu/target/arm/helper.c:9858
cpu = 0xb61fe480
__func__ = "arm_cpu_get_phys_page_attrs_debug"
env = 0xb620263c
phys_addr = 6402535376434480864
page_size = 5
prot = -1239242724
ret = <optimized out>
fsr = 4294967041
fi = {s2addr = 0, stage2 = false, s1ptw = false, ea = false}
mmu_idx = <optimized out>
#4 0x005729d1 in cpu_get_phys_page_attrs_debug (attrs=<optimized out>, addr=<optimized out>,
cpu=<optimized out>) at /home/sac/qemu/src/qemu/include/qom/cpu.h:580
cc = <optimized out>
cc = <optimized out>
#5 cpu_memory_rw_debug (cpu=0xb61fe480, addr=0, buf=0xbfffd6dc "", len=4, is_write=0)
at /home/sac/qemu/src/qemu/exec.c:3524
asidx = <optimized out>
attrs = {unspecified = 0, secure = 0, user = 0, requester_id = 15525}
l = <optimized out>
phys_addr = <optimized out>
page = 0
__PRETTY_FUNCTION__ = "cpu_memory_rw_debug"
#6 0x005b4c5e in target_memory_rw_debug (is_write=false, len=4, buf=<optimized out>, addr=0,
cpu=0xb61fe480) at /home/sac/qemu/src/qemu/gdbstub.c:56
cc = <optimized out>
cc = <optimized out>
#7 gdb_handle_packet (s=s@entry=0xb6229800, line_buf=line_buf@entry=0xb6229810 "m0,4")
at /home/sac/qemu/src/qemu/gdbstub.c:1109
cpu = <optimized out>
cc = <optimized out>
p = 0xb6229813 "4"
thread = <optimized out>
ch = <optimized out>
reg_size = <optimized out>
type = <optimized out>
res = <optimized out>
buf = "m1\000", '\060' <repeats 109 times>, "ffffffff00000000d3010040\000t modification,\n are permitted in any medium without royalt"...
mem_buf = '\000' <repeats 56 times>, "\377\377\377\377\000\000\000\000\323\001\000@", '\000' <repeats 716 times>...
registers = <optimized out>
addr = 0
len = 4
__func__ = "gdb_handle_packet"
#8 0x005b55b3 in gdb_read_byte (ch=100, s=0xb6229800) at /home/sac/qemu/src/qemu/gdbstub.c:1664
reply = 43 '+'
reply = <optimized out>
repeat = <optimized out>
#9 gdb_chr_receive (opaque=<optimized out>, buf=<optimized out>, size=<optimized out>)
at /home/sac/qemu/src/qemu/gdbstub.c:1868
i = <optimized out>
#10 0x00980319 in tcp_chr_read (chan=0xb6c86200, cond=G_IO_IN, opaque=0xb63fc6e0)
at chardev/char-socket.c:440
chr = <optimized out>
__func__ = "tcp_chr_read"
s = 0xb63fc6e0
buf = "$m0,4#fddInfo#c8read:arm-core.xml:0,ffb#08+;qRelocInsn+;fork-events+;vfork-events+;exec-events+;vContSupported+;QThreadEvents+;no-resumed+#df\363\377\377\000\000\000\000\274\354\377\277", '\000' <repeats 16 times>, "\272\356\377 \274\354\377\277", '\000' <repeats 16 times>, "\373\377\377\377\005\000\000\000"...
len = <optimized out>
size = <optimized out>
#11 0xb7808c44 in g_main_context_dispatch () from /usr/lib/libglib-2.0.so.0
No symbol table info available.
#12 0x009e14d2 in glib_pollfds_poll () at util/main-loop.c:214
context = 0xb645f740
pfds = <optimized out>
context = <optimized out>
pfds = <optimized out>
#13 os_host_main_loop_wait (timeout=<optimized out>) at util/main-loop.c:261
context = 0xb645f740
ret = 1
spin_counter = 0
context = <optimized out>
ret = <optimized out>
spin_counter = 0
notified = false
#14 main_loop_wait (nonblocking=0) at util/main-loop.c:515
ret = <optimized out>
timeout = 1000
timeout_ns = <optimized out>
#15 0x00561781 in main_loop () at vl.c:1995
No locals.
#16 main (argc=<optimized out>, argv=<optimized out>, envp=<optimized out>) at vl.c:4911
i = <optimized out>
snapshot = <optimized out>
linux_boot = <optimized out>
initrd_filename = <optimized out>
kernel_filename = <optimized out>
kernel_cmdline = <optimized out>
boot_order = <optimized out>
boot_once = <optimized out>
ds = <optimized out>
cyls = <optimized out>
heads = <optimized out>
secs = <optimized out>
translation = <optimized out>
opts = <optimized out>
machine_opts = <optimized out>
hda_opts = <optimized out>
icount_opts = <optimized out>
accel_opts = <optimized out>
olist = <optimized out>
optind = 14
optarg = 0xbffffcf6 "loader,file=firmware.elf"
loadvm = <optimized out>
machine_class = <optimized out>
cpu_model = <optimized out>
vga_model = <optimized out>
qtest_chrdev = <optimized out>
qtest_log = <optimized out>
pid_file = <optimized out>
incoming = <optimized out>
userconfig = <optimized out>
nographic = <optimized out>
display_type = <optimized out>
display_remote = <optimized out>
log_mask = <optimized out>
log_file = <optimized out>
trace_file = <optimized out>
maxram_size = <optimized out>
ram_slots = <optimized out>
vmstate_dump_file = <optimized out>
main_loop_err = 0x0
err = 0x0
list_data_dirs = <optimized out>
dirs = <optimized out>
bdo_queue = {sqh_first = 0x0, sqh_last = 0xbffff918}
__func__ = "main"
To manage notifications about this bug go to:
https://bugs.launchpad.net/qemu/+bug/1766896/+subscriptions
^ permalink raw reply [flat|nested] 8+ messages in thread
* [Qemu-devel] [Bug 1766896] Re: qemu-system-arm segfault in arm_v7m_mmu_idx_for_secstate
2018-04-25 14:48 [Qemu-devel] [Bug 1766896] [NEW] qemu-system-arm segfault in arm_v7m_mmu_idx_for_secstate fenugrec
` (3 preceding siblings ...)
2018-06-01 16:04 ` Peter Maydell
@ 2018-06-01 16:15 ` Peter Maydell
2018-07-06 13:27 ` Peter Maydell
2018-08-15 7:27 ` Thomas Huth
6 siblings, 0 replies; 8+ messages in thread
From: Peter Maydell @ 2018-06-01 16:15 UTC (permalink / raw)
To: qemu-devel
https://patchwork.ozlabs.org/patch/924145/ is a patch which improves our error checking for this case. The command that previously segfaulted should now exit with the error message:
qemu-system-arm: This board cannot be used with Cortex-M CPUs
--
You received this bug notification because you are a member of qemu-
devel-ml, which is subscribed to QEMU.
https://bugs.launchpad.net/bugs/1766896
Title:
qemu-system-arm segfault in arm_v7m_mmu_idx_for_secstate
Status in QEMU:
New
Bug description:
Attempting to emulate some baremetal ARM cortex-M* firmware with gdb
causes a segfault every time.
qemu invocation:
qemu-system-arm -machine none -cpu cortex-m3 -nographic -monitor null -serial null -s -S -device loader,file=firmware.elf
qemu seems to startup fine with that command. Segfault happens as soon
as I connect from another console with
arm-none-eabi-gdb firmware.elf
> target remote localhost:1234
# qemu segfaults, and kills arm-none-eabi-gdb along with it
Here's a bt from qemu-system-arm :
*********************************
#0 armv7m_nvic_neg_prio_requested (opaque=0x0, secure=false)
at /home/sac/qemu/src/qemu/hw/intc/armv7m_nvic.c:383
s = 0x0
#1 0x006e4806 in arm_v7m_mmu_idx_for_secstate (secstate=<optimized out>, env=0xb620263c)
at /home/sac/qemu/src/qemu/target/arm/cpu.h:2345
el = <optimized out>
mmu_idx = ARMMMUIdx_MPriv
el = <optimized out>
mmu_idx = <optimized out>
#2 cpu_mmu_index (ifetch=false, env=0xb620263c) at /home/sac/qemu/src/qemu/target/arm/cpu.h:2358
mmu_idx = <optimized out>
el = <optimized out>
ifetch = <optimized out>
env = 0xb620263c
el = <optimized out>
mmu_idx = <optimized out>
el = <optimized out>
el = <optimized out>
mmu_idx = <optimized out>
#3 arm_cpu_get_phys_page_attrs_debug (cs=0xb61fe480, addr=0, attrs=0xbfffc668)
at /home/sac/qemu/src/qemu/target/arm/helper.c:9858
cpu = 0xb61fe480
__func__ = "arm_cpu_get_phys_page_attrs_debug"
env = 0xb620263c
phys_addr = 6402535376434480864
page_size = 5
prot = -1239242724
ret = <optimized out>
fsr = 4294967041
fi = {s2addr = 0, stage2 = false, s1ptw = false, ea = false}
mmu_idx = <optimized out>
#4 0x005729d1 in cpu_get_phys_page_attrs_debug (attrs=<optimized out>, addr=<optimized out>,
cpu=<optimized out>) at /home/sac/qemu/src/qemu/include/qom/cpu.h:580
cc = <optimized out>
cc = <optimized out>
#5 cpu_memory_rw_debug (cpu=0xb61fe480, addr=0, buf=0xbfffd6dc "", len=4, is_write=0)
at /home/sac/qemu/src/qemu/exec.c:3524
asidx = <optimized out>
attrs = {unspecified = 0, secure = 0, user = 0, requester_id = 15525}
l = <optimized out>
phys_addr = <optimized out>
page = 0
__PRETTY_FUNCTION__ = "cpu_memory_rw_debug"
#6 0x005b4c5e in target_memory_rw_debug (is_write=false, len=4, buf=<optimized out>, addr=0,
cpu=0xb61fe480) at /home/sac/qemu/src/qemu/gdbstub.c:56
cc = <optimized out>
cc = <optimized out>
#7 gdb_handle_packet (s=s@entry=0xb6229800, line_buf=line_buf@entry=0xb6229810 "m0,4")
at /home/sac/qemu/src/qemu/gdbstub.c:1109
cpu = <optimized out>
cc = <optimized out>
p = 0xb6229813 "4"
thread = <optimized out>
ch = <optimized out>
reg_size = <optimized out>
type = <optimized out>
res = <optimized out>
buf = "m1\000", '\060' <repeats 109 times>, "ffffffff00000000d3010040\000t modification,\n are permitted in any medium without royalt"...
mem_buf = '\000' <repeats 56 times>, "\377\377\377\377\000\000\000\000\323\001\000@", '\000' <repeats 716 times>...
registers = <optimized out>
addr = 0
len = 4
__func__ = "gdb_handle_packet"
#8 0x005b55b3 in gdb_read_byte (ch=100, s=0xb6229800) at /home/sac/qemu/src/qemu/gdbstub.c:1664
reply = 43 '+'
reply = <optimized out>
repeat = <optimized out>
#9 gdb_chr_receive (opaque=<optimized out>, buf=<optimized out>, size=<optimized out>)
at /home/sac/qemu/src/qemu/gdbstub.c:1868
i = <optimized out>
#10 0x00980319 in tcp_chr_read (chan=0xb6c86200, cond=G_IO_IN, opaque=0xb63fc6e0)
at chardev/char-socket.c:440
chr = <optimized out>
__func__ = "tcp_chr_read"
s = 0xb63fc6e0
buf = "$m0,4#fddInfo#c8read:arm-core.xml:0,ffb#08+;qRelocInsn+;fork-events+;vfork-events+;exec-events+;vContSupported+;QThreadEvents+;no-resumed+#df\363\377\377\000\000\000\000\274\354\377\277", '\000' <repeats 16 times>, "\272\356\377 \274\354\377\277", '\000' <repeats 16 times>, "\373\377\377\377\005\000\000\000"...
len = <optimized out>
size = <optimized out>
#11 0xb7808c44 in g_main_context_dispatch () from /usr/lib/libglib-2.0.so.0
No symbol table info available.
#12 0x009e14d2 in glib_pollfds_poll () at util/main-loop.c:214
context = 0xb645f740
pfds = <optimized out>
context = <optimized out>
pfds = <optimized out>
#13 os_host_main_loop_wait (timeout=<optimized out>) at util/main-loop.c:261
context = 0xb645f740
ret = 1
spin_counter = 0
context = <optimized out>
ret = <optimized out>
spin_counter = 0
notified = false
#14 main_loop_wait (nonblocking=0) at util/main-loop.c:515
ret = <optimized out>
timeout = 1000
timeout_ns = <optimized out>
#15 0x00561781 in main_loop () at vl.c:1995
No locals.
#16 main (argc=<optimized out>, argv=<optimized out>, envp=<optimized out>) at vl.c:4911
i = <optimized out>
snapshot = <optimized out>
linux_boot = <optimized out>
initrd_filename = <optimized out>
kernel_filename = <optimized out>
kernel_cmdline = <optimized out>
boot_order = <optimized out>
boot_once = <optimized out>
ds = <optimized out>
cyls = <optimized out>
heads = <optimized out>
secs = <optimized out>
translation = <optimized out>
opts = <optimized out>
machine_opts = <optimized out>
hda_opts = <optimized out>
icount_opts = <optimized out>
accel_opts = <optimized out>
olist = <optimized out>
optind = 14
optarg = 0xbffffcf6 "loader,file=firmware.elf"
loadvm = <optimized out>
machine_class = <optimized out>
cpu_model = <optimized out>
vga_model = <optimized out>
qtest_chrdev = <optimized out>
qtest_log = <optimized out>
pid_file = <optimized out>
incoming = <optimized out>
userconfig = <optimized out>
nographic = <optimized out>
display_type = <optimized out>
display_remote = <optimized out>
log_mask = <optimized out>
log_file = <optimized out>
trace_file = <optimized out>
maxram_size = <optimized out>
ram_slots = <optimized out>
vmstate_dump_file = <optimized out>
main_loop_err = 0x0
err = 0x0
list_data_dirs = <optimized out>
dirs = <optimized out>
bdo_queue = {sqh_first = 0x0, sqh_last = 0xbffff918}
__func__ = "main"
To manage notifications about this bug go to:
https://bugs.launchpad.net/qemu/+bug/1766896/+subscriptions
^ permalink raw reply [flat|nested] 8+ messages in thread
* [Qemu-devel] [Bug 1766896] Re: qemu-system-arm segfault in arm_v7m_mmu_idx_for_secstate
2018-04-25 14:48 [Qemu-devel] [Bug 1766896] [NEW] qemu-system-arm segfault in arm_v7m_mmu_idx_for_secstate fenugrec
` (4 preceding siblings ...)
2018-06-01 16:15 ` Peter Maydell
@ 2018-07-06 13:27 ` Peter Maydell
2018-08-15 7:27 ` Thomas Huth
6 siblings, 0 replies; 8+ messages in thread
From: Peter Maydell @ 2018-07-06 13:27 UTC (permalink / raw)
To: qemu-devel
The patch referred to in comment #4 has now been committed, so from QEMU
3.0 this will fail with a useful error message to tell the user their
choice of machine and CPU aren't compatible.
** Changed in: qemu
Status: New => Fix Committed
--
You received this bug notification because you are a member of qemu-
devel-ml, which is subscribed to QEMU.
https://bugs.launchpad.net/bugs/1766896
Title:
qemu-system-arm segfault in arm_v7m_mmu_idx_for_secstate
Status in QEMU:
Fix Committed
Bug description:
Attempting to emulate some baremetal ARM cortex-M* firmware with gdb
causes a segfault every time.
qemu invocation:
qemu-system-arm -machine none -cpu cortex-m3 -nographic -monitor null -serial null -s -S -device loader,file=firmware.elf
qemu seems to startup fine with that command. Segfault happens as soon
as I connect from another console with
arm-none-eabi-gdb firmware.elf
> target remote localhost:1234
# qemu segfaults, and kills arm-none-eabi-gdb along with it
Here's a bt from qemu-system-arm :
*********************************
#0 armv7m_nvic_neg_prio_requested (opaque=0x0, secure=false)
at /home/sac/qemu/src/qemu/hw/intc/armv7m_nvic.c:383
s = 0x0
#1 0x006e4806 in arm_v7m_mmu_idx_for_secstate (secstate=<optimized out>, env=0xb620263c)
at /home/sac/qemu/src/qemu/target/arm/cpu.h:2345
el = <optimized out>
mmu_idx = ARMMMUIdx_MPriv
el = <optimized out>
mmu_idx = <optimized out>
#2 cpu_mmu_index (ifetch=false, env=0xb620263c) at /home/sac/qemu/src/qemu/target/arm/cpu.h:2358
mmu_idx = <optimized out>
el = <optimized out>
ifetch = <optimized out>
env = 0xb620263c
el = <optimized out>
mmu_idx = <optimized out>
el = <optimized out>
el = <optimized out>
mmu_idx = <optimized out>
#3 arm_cpu_get_phys_page_attrs_debug (cs=0xb61fe480, addr=0, attrs=0xbfffc668)
at /home/sac/qemu/src/qemu/target/arm/helper.c:9858
cpu = 0xb61fe480
__func__ = "arm_cpu_get_phys_page_attrs_debug"
env = 0xb620263c
phys_addr = 6402535376434480864
page_size = 5
prot = -1239242724
ret = <optimized out>
fsr = 4294967041
fi = {s2addr = 0, stage2 = false, s1ptw = false, ea = false}
mmu_idx = <optimized out>
#4 0x005729d1 in cpu_get_phys_page_attrs_debug (attrs=<optimized out>, addr=<optimized out>,
cpu=<optimized out>) at /home/sac/qemu/src/qemu/include/qom/cpu.h:580
cc = <optimized out>
cc = <optimized out>
#5 cpu_memory_rw_debug (cpu=0xb61fe480, addr=0, buf=0xbfffd6dc "", len=4, is_write=0)
at /home/sac/qemu/src/qemu/exec.c:3524
asidx = <optimized out>
attrs = {unspecified = 0, secure = 0, user = 0, requester_id = 15525}
l = <optimized out>
phys_addr = <optimized out>
page = 0
__PRETTY_FUNCTION__ = "cpu_memory_rw_debug"
#6 0x005b4c5e in target_memory_rw_debug (is_write=false, len=4, buf=<optimized out>, addr=0,
cpu=0xb61fe480) at /home/sac/qemu/src/qemu/gdbstub.c:56
cc = <optimized out>
cc = <optimized out>
#7 gdb_handle_packet (s=s@entry=0xb6229800, line_buf=line_buf@entry=0xb6229810 "m0,4")
at /home/sac/qemu/src/qemu/gdbstub.c:1109
cpu = <optimized out>
cc = <optimized out>
p = 0xb6229813 "4"
thread = <optimized out>
ch = <optimized out>
reg_size = <optimized out>
type = <optimized out>
res = <optimized out>
buf = "m1\000", '\060' <repeats 109 times>, "ffffffff00000000d3010040\000t modification,\n are permitted in any medium without royalt"...
mem_buf = '\000' <repeats 56 times>, "\377\377\377\377\000\000\000\000\323\001\000@", '\000' <repeats 716 times>...
registers = <optimized out>
addr = 0
len = 4
__func__ = "gdb_handle_packet"
#8 0x005b55b3 in gdb_read_byte (ch=100, s=0xb6229800) at /home/sac/qemu/src/qemu/gdbstub.c:1664
reply = 43 '+'
reply = <optimized out>
repeat = <optimized out>
#9 gdb_chr_receive (opaque=<optimized out>, buf=<optimized out>, size=<optimized out>)
at /home/sac/qemu/src/qemu/gdbstub.c:1868
i = <optimized out>
#10 0x00980319 in tcp_chr_read (chan=0xb6c86200, cond=G_IO_IN, opaque=0xb63fc6e0)
at chardev/char-socket.c:440
chr = <optimized out>
__func__ = "tcp_chr_read"
s = 0xb63fc6e0
buf = "$m0,4#fddInfo#c8read:arm-core.xml:0,ffb#08+;qRelocInsn+;fork-events+;vfork-events+;exec-events+;vContSupported+;QThreadEvents+;no-resumed+#df\363\377\377\000\000\000\000\274\354\377\277", '\000' <repeats 16 times>, "\272\356\377 \274\354\377\277", '\000' <repeats 16 times>, "\373\377\377\377\005\000\000\000"...
len = <optimized out>
size = <optimized out>
#11 0xb7808c44 in g_main_context_dispatch () from /usr/lib/libglib-2.0.so.0
No symbol table info available.
#12 0x009e14d2 in glib_pollfds_poll () at util/main-loop.c:214
context = 0xb645f740
pfds = <optimized out>
context = <optimized out>
pfds = <optimized out>
#13 os_host_main_loop_wait (timeout=<optimized out>) at util/main-loop.c:261
context = 0xb645f740
ret = 1
spin_counter = 0
context = <optimized out>
ret = <optimized out>
spin_counter = 0
notified = false
#14 main_loop_wait (nonblocking=0) at util/main-loop.c:515
ret = <optimized out>
timeout = 1000
timeout_ns = <optimized out>
#15 0x00561781 in main_loop () at vl.c:1995
No locals.
#16 main (argc=<optimized out>, argv=<optimized out>, envp=<optimized out>) at vl.c:4911
i = <optimized out>
snapshot = <optimized out>
linux_boot = <optimized out>
initrd_filename = <optimized out>
kernel_filename = <optimized out>
kernel_cmdline = <optimized out>
boot_order = <optimized out>
boot_once = <optimized out>
ds = <optimized out>
cyls = <optimized out>
heads = <optimized out>
secs = <optimized out>
translation = <optimized out>
opts = <optimized out>
machine_opts = <optimized out>
hda_opts = <optimized out>
icount_opts = <optimized out>
accel_opts = <optimized out>
olist = <optimized out>
optind = 14
optarg = 0xbffffcf6 "loader,file=firmware.elf"
loadvm = <optimized out>
machine_class = <optimized out>
cpu_model = <optimized out>
vga_model = <optimized out>
qtest_chrdev = <optimized out>
qtest_log = <optimized out>
pid_file = <optimized out>
incoming = <optimized out>
userconfig = <optimized out>
nographic = <optimized out>
display_type = <optimized out>
display_remote = <optimized out>
log_mask = <optimized out>
log_file = <optimized out>
trace_file = <optimized out>
maxram_size = <optimized out>
ram_slots = <optimized out>
vmstate_dump_file = <optimized out>
main_loop_err = 0x0
err = 0x0
list_data_dirs = <optimized out>
dirs = <optimized out>
bdo_queue = {sqh_first = 0x0, sqh_last = 0xbffff918}
__func__ = "main"
To manage notifications about this bug go to:
https://bugs.launchpad.net/qemu/+bug/1766896/+subscriptions
^ permalink raw reply [flat|nested] 8+ messages in thread
* [Qemu-devel] [Bug 1766896] Re: qemu-system-arm segfault in arm_v7m_mmu_idx_for_secstate
2018-04-25 14:48 [Qemu-devel] [Bug 1766896] [NEW] qemu-system-arm segfault in arm_v7m_mmu_idx_for_secstate fenugrec
` (5 preceding siblings ...)
2018-07-06 13:27 ` Peter Maydell
@ 2018-08-15 7:27 ` Thomas Huth
6 siblings, 0 replies; 8+ messages in thread
From: Thomas Huth @ 2018-08-15 7:27 UTC (permalink / raw)
To: qemu-devel
https://git.qemu.org/?p=qemu.git;a=commitdiff;h=95f875654ae8b433b5
** Changed in: qemu
Status: Fix Committed => Fix Released
--
You received this bug notification because you are a member of qemu-
devel-ml, which is subscribed to QEMU.
https://bugs.launchpad.net/bugs/1766896
Title:
qemu-system-arm segfault in arm_v7m_mmu_idx_for_secstate
Status in QEMU:
Fix Released
Bug description:
Attempting to emulate some baremetal ARM cortex-M* firmware with gdb
causes a segfault every time.
qemu invocation:
qemu-system-arm -machine none -cpu cortex-m3 -nographic -monitor null -serial null -s -S -device loader,file=firmware.elf
qemu seems to startup fine with that command. Segfault happens as soon
as I connect from another console with
arm-none-eabi-gdb firmware.elf
> target remote localhost:1234
# qemu segfaults, and kills arm-none-eabi-gdb along with it
Here's a bt from qemu-system-arm :
*********************************
#0 armv7m_nvic_neg_prio_requested (opaque=0x0, secure=false)
at /home/sac/qemu/src/qemu/hw/intc/armv7m_nvic.c:383
s = 0x0
#1 0x006e4806 in arm_v7m_mmu_idx_for_secstate (secstate=<optimized out>, env=0xb620263c)
at /home/sac/qemu/src/qemu/target/arm/cpu.h:2345
el = <optimized out>
mmu_idx = ARMMMUIdx_MPriv
el = <optimized out>
mmu_idx = <optimized out>
#2 cpu_mmu_index (ifetch=false, env=0xb620263c) at /home/sac/qemu/src/qemu/target/arm/cpu.h:2358
mmu_idx = <optimized out>
el = <optimized out>
ifetch = <optimized out>
env = 0xb620263c
el = <optimized out>
mmu_idx = <optimized out>
el = <optimized out>
el = <optimized out>
mmu_idx = <optimized out>
#3 arm_cpu_get_phys_page_attrs_debug (cs=0xb61fe480, addr=0, attrs=0xbfffc668)
at /home/sac/qemu/src/qemu/target/arm/helper.c:9858
cpu = 0xb61fe480
__func__ = "arm_cpu_get_phys_page_attrs_debug"
env = 0xb620263c
phys_addr = 6402535376434480864
page_size = 5
prot = -1239242724
ret = <optimized out>
fsr = 4294967041
fi = {s2addr = 0, stage2 = false, s1ptw = false, ea = false}
mmu_idx = <optimized out>
#4 0x005729d1 in cpu_get_phys_page_attrs_debug (attrs=<optimized out>, addr=<optimized out>,
cpu=<optimized out>) at /home/sac/qemu/src/qemu/include/qom/cpu.h:580
cc = <optimized out>
cc = <optimized out>
#5 cpu_memory_rw_debug (cpu=0xb61fe480, addr=0, buf=0xbfffd6dc "", len=4, is_write=0)
at /home/sac/qemu/src/qemu/exec.c:3524
asidx = <optimized out>
attrs = {unspecified = 0, secure = 0, user = 0, requester_id = 15525}
l = <optimized out>
phys_addr = <optimized out>
page = 0
__PRETTY_FUNCTION__ = "cpu_memory_rw_debug"
#6 0x005b4c5e in target_memory_rw_debug (is_write=false, len=4, buf=<optimized out>, addr=0,
cpu=0xb61fe480) at /home/sac/qemu/src/qemu/gdbstub.c:56
cc = <optimized out>
cc = <optimized out>
#7 gdb_handle_packet (s=s@entry=0xb6229800, line_buf=line_buf@entry=0xb6229810 "m0,4")
at /home/sac/qemu/src/qemu/gdbstub.c:1109
cpu = <optimized out>
cc = <optimized out>
p = 0xb6229813 "4"
thread = <optimized out>
ch = <optimized out>
reg_size = <optimized out>
type = <optimized out>
res = <optimized out>
buf = "m1\000", '\060' <repeats 109 times>, "ffffffff00000000d3010040\000t modification,\n are permitted in any medium without royalt"...
mem_buf = '\000' <repeats 56 times>, "\377\377\377\377\000\000\000\000\323\001\000@", '\000' <repeats 716 times>...
registers = <optimized out>
addr = 0
len = 4
__func__ = "gdb_handle_packet"
#8 0x005b55b3 in gdb_read_byte (ch=100, s=0xb6229800) at /home/sac/qemu/src/qemu/gdbstub.c:1664
reply = 43 '+'
reply = <optimized out>
repeat = <optimized out>
#9 gdb_chr_receive (opaque=<optimized out>, buf=<optimized out>, size=<optimized out>)
at /home/sac/qemu/src/qemu/gdbstub.c:1868
i = <optimized out>
#10 0x00980319 in tcp_chr_read (chan=0xb6c86200, cond=G_IO_IN, opaque=0xb63fc6e0)
at chardev/char-socket.c:440
chr = <optimized out>
__func__ = "tcp_chr_read"
s = 0xb63fc6e0
buf = "$m0,4#fddInfo#c8read:arm-core.xml:0,ffb#08+;qRelocInsn+;fork-events+;vfork-events+;exec-events+;vContSupported+;QThreadEvents+;no-resumed+#df\363\377\377\000\000\000\000\274\354\377\277", '\000' <repeats 16 times>, "\272\356\377 \274\354\377\277", '\000' <repeats 16 times>, "\373\377\377\377\005\000\000\000"...
len = <optimized out>
size = <optimized out>
#11 0xb7808c44 in g_main_context_dispatch () from /usr/lib/libglib-2.0.so.0
No symbol table info available.
#12 0x009e14d2 in glib_pollfds_poll () at util/main-loop.c:214
context = 0xb645f740
pfds = <optimized out>
context = <optimized out>
pfds = <optimized out>
#13 os_host_main_loop_wait (timeout=<optimized out>) at util/main-loop.c:261
context = 0xb645f740
ret = 1
spin_counter = 0
context = <optimized out>
ret = <optimized out>
spin_counter = 0
notified = false
#14 main_loop_wait (nonblocking=0) at util/main-loop.c:515
ret = <optimized out>
timeout = 1000
timeout_ns = <optimized out>
#15 0x00561781 in main_loop () at vl.c:1995
No locals.
#16 main (argc=<optimized out>, argv=<optimized out>, envp=<optimized out>) at vl.c:4911
i = <optimized out>
snapshot = <optimized out>
linux_boot = <optimized out>
initrd_filename = <optimized out>
kernel_filename = <optimized out>
kernel_cmdline = <optimized out>
boot_order = <optimized out>
boot_once = <optimized out>
ds = <optimized out>
cyls = <optimized out>
heads = <optimized out>
secs = <optimized out>
translation = <optimized out>
opts = <optimized out>
machine_opts = <optimized out>
hda_opts = <optimized out>
icount_opts = <optimized out>
accel_opts = <optimized out>
olist = <optimized out>
optind = 14
optarg = 0xbffffcf6 "loader,file=firmware.elf"
loadvm = <optimized out>
machine_class = <optimized out>
cpu_model = <optimized out>
vga_model = <optimized out>
qtest_chrdev = <optimized out>
qtest_log = <optimized out>
pid_file = <optimized out>
incoming = <optimized out>
userconfig = <optimized out>
nographic = <optimized out>
display_type = <optimized out>
display_remote = <optimized out>
log_mask = <optimized out>
log_file = <optimized out>
trace_file = <optimized out>
maxram_size = <optimized out>
ram_slots = <optimized out>
vmstate_dump_file = <optimized out>
main_loop_err = 0x0
err = 0x0
list_data_dirs = <optimized out>
dirs = <optimized out>
bdo_queue = {sqh_first = 0x0, sqh_last = 0xbffff918}
__func__ = "main"
To manage notifications about this bug go to:
https://bugs.launchpad.net/qemu/+bug/1766896/+subscriptions
^ permalink raw reply [flat|nested] 8+ messages in thread
end of thread, other threads:[~2018-08-15 7:40 UTC | newest]
Thread overview: 8+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2018-04-25 14:48 [Qemu-devel] [Bug 1766896] [NEW] qemu-system-arm segfault in arm_v7m_mmu_idx_for_secstate fenugrec
2018-04-25 15:05 ` [Qemu-devel] [Bug 1766896] " fenugrec
2018-04-25 15:45 ` Thomas Huth
2018-04-25 19:09 ` Peter Maydell
2018-06-01 16:04 ` Peter Maydell
2018-06-01 16:15 ` Peter Maydell
2018-07-06 13:27 ` Peter Maydell
2018-08-15 7:27 ` Thomas Huth
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.