All of lore.kernel.org
 help / color / mirror / Atom feed
From: lizhijian <1914696@bugs.launchpad.net>
To: qemu-devel@nongnu.org
Subject: [Bug 1914696] Re: aarch64: migration failed: Segmentation fault (core dumped)
Date: Fri, 05 Feb 2021 03:04:31 -0000	[thread overview]
Message-ID: <161249427147.24305.16887496480047661554.malone@wampee.canonical.com> (raw)
In-Reply-To: 161249398803.13999.15324457641617983607.malonedeb@soybean.canonical.com

paste the call trace

(gdb) bt
#0  0x0000aaaac036a02c in armv7m_nvic_neg_prio_requested (opaque=0x0, secure=false) at ../hw/intc/armv7m_nvic.c:406
#1  0x0000aaaac014dcf4 in arm_v7m_mmu_idx_for_secstate_and_priv (env=0xaaaaca23d950, secstate=false, priv=true) at ../target/arm/m_helper.c:2837
#2  0x0000aaaac014dd8c in arm_v7m_mmu_idx_for_secstate (env=0xaaaaca23d950, secstate=false) at ../target/arm/m_helper.c:2848
#3  0x0000aaaac018aa6c in arm_mmu_idx_el (env=0xaaaaca23d950, el=1) at ../target/arm/helper.c:12841
#4  0x0000aaaac018b788 in rebuild_hflags_internal (env=0xaaaaca23d950) at ../target/arm/helper.c:13100
#5  0x0000aaaac018b80c in arm_rebuild_hflags (env=0xaaaaca23d950) at ../target/arm/helper.c:13113
#6  0x0000aaaac007f928 in cpu_post_load (opaque=0xaaaaca233b10, version_id=22) at ../target/arm/machine.c:767
#7  0x0000aaaabfc8f508 in vmstate_load_state (f=0xaaaaca355520, vmsd=0xaaaac0d59ea8 <vmstate_arm_cpu>, opaque=0xaaaaca233b10, version_id=22) at ../migration/vmstate.c:168
#8  0x0000aaaabfca3404 in vmstate_load (f=0xaaaaca355520, se=0xaaaaca2708b0) at ../migration/savevm.c:885
#9  0x0000aaaabfca6410 in qemu_loadvm_section_start_full (f=0xaaaaca355520, mis=0xaaaaca204d90) at ../migration/savevm.c:2396
#10 0x0000aaaabfca6a8c in qemu_loadvm_state_main (f=0xaaaaca355520, mis=0xaaaaca204d90) at ../migration/savevm.c:2582
#11 0x0000aaaabfca6c34 in qemu_loadvm_state (f=0xaaaaca355520) at ../migration/savevm.c:2661
#12 0x0000aaaabfd95bf0 in process_incoming_migration_co (opaque=0x0) at ../migration/migration.c:522
#13 0x0000aaaac06c6248 in coroutine_trampoline (i0=-895198224, i1=43690) at ../util/coroutine-ucontext.c:173
#14 0x0000ffffa5071f90 in __startcontext () at ../sysdeps/unix/sysv/linux/aarch64/setcontext.S:123


** Information type changed from Public to Public Security

-- 
You received this bug notification because you are a member of qemu-
devel-ml, which is subscribed to QEMU.
https://bugs.launchpad.net/bugs/1914696

Title:
  aarch64: migration failed: Segmentation fault (core dumped)

Status in QEMU:
  New

Bug description:
  reproduce:

  arch: aarch64
  source qemu: v4.2.0
  destination qemu: 1ed9228f63ea4bcc0ae240365305ee264e9189ce

  cmdline:
  source: 
  $ ./aarch64-softmmu/qemu-system-aarch64     -name 'avocado-vt-vm1'    -machine virt-4.2,gic-version=host,graphics=on     -nodefaults     -m 1024      -smp 2      -cpu 'host'     -vnc :10      -enable-kvm     -monitor stdio
  (qemu) 
  (qemu) migrate -d tcp:10.19.241.167:888
  (qemu) info status
  VM status: paused (postmigrate)

  destination: 
  ./build/aarch64-softmmu/qemu-system-aarch64 -name 'avocado-vt-vm1'  -machine virt-4.2,gic-version=host,graphics=on     -nodefaults     -m 1024      -smp 2      -cpu 'host'     -vnc :10      -enable-kvm     -monitor stdio -incoming tcp:0:888
  QEMU 5.2.50 monitor - type 'help' for more information
  (qemu) Segmentation fault (core dumped)

  
  i have bisected and confirmed that the first bad commit is: [f9506e162c33e87b609549157dd8431fcc732085] target/arm: Remove ARM_FEATURE_VFP*

  bisect log:
  git bisect log
  # bad: [1ed9228f63ea4bcc0ae240365305ee264e9189ce] Merge remote-tracking branch 'remotes/ericb/tags/pull-nbd-2021-02-02-v2' into staging
  git bisect bad 1ed9228f63ea4bcc0ae240365305ee264e9189ce
  # good: [b0ca999a43a22b38158a222233d3f5881648bb4f] Update version for v4.2.0 release
  git bisect good b0ca999a43a22b38158a222233d3f5881648bb4f
  # bad: [59093cc407cb044c72aa786006a07bd404eb36b9] hw/char: Convert the Ibex UART to use the registerfields API
  git bisect bad 59093cc407cb044c72aa786006a07bd404eb36b9
  # bad: [4dabf39592e92d692c6f2a1633571114ae25d843] aspeed/smc: Fix DMA support for AST2600
  git bisect bad 4dabf39592e92d692c6f2a1633571114ae25d843
  # good: [93c86fff53a267f657e79ec07dcd04b63882e330] Merge remote-tracking branch 'remotes/pmaydell/tags/pull-target-arm-20200207' into staging
  git bisect good 93c86fff53a267f657e79ec07dcd04b63882e330
  # bad: [2ac031d171ccd18c973014d9978b4a63f0ad5fb0] Merge remote-tracking branch 'remotes/palmer/tags/riscv-for-master-5.0-sf3' into staging
  git bisect bad 2ac031d171ccd18c973014d9978b4a63f0ad5fb0
  # good: [4036b7d1cd9fb1097a5f4bc24d7d31744256260f] target/arm: Use isar_feature function for testing AA32HPD feature
  git bisect good 4036b7d1cd9fb1097a5f4bc24d7d31744256260f
  # good: [002375895c10df40615fc615e2639f49e0c442fe] tests/iotests: be a little more forgiving on the size test
  git bisect good 002375895c10df40615fc615e2639f49e0c442fe
  # good: [c695724868ce4049fd79c5a509880dbdf171e744] target/riscv: Emulate TIME CSRs for privileged mode
  git bisect good c695724868ce4049fd79c5a509880dbdf171e744
  # good: [f67957e17cbf8fc3cc5d1146a2db2023404578b0] target/arm: Add isar_feature_aa32_{fpsp_v2, fpsp_v3, fpdp_v3}
  git bisect good f67957e17cbf8fc3cc5d1146a2db2023404578b0
  # bad: [a1229109dec4375259d3fff99f362405aab7917a] target/arm: Implement v8.4-RCPC
  git bisect bad a1229109dec4375259d3fff99f362405aab7917a
  # bad: [906b60facc3d3dd3af56cb1a7860175d805e10a3] target/arm: Add formats for some vfp 2 and 3-register insns
  git bisect bad 906b60facc3d3dd3af56cb1a7860175d805e10a3
  # good: [c52881bbc22b50db99a6c37171ad3eea7d959ae6] target/arm: Replace ARM_FEATURE_VFP4 with isar_feature_aa32_simdfmac
  git bisect good c52881bbc22b50db99a6c37171ad3eea7d959ae6
  # good: [f0f6d5c81be47d593e5ece7f06df6fba4c15738b] target/arm: Move the vfp decodetree calls next to the base isa
  git bisect good f0f6d5c81be47d593e5ece7f06df6fba4c15738b
  # bad: [f9506e162c33e87b609549157dd8431fcc732085] target/arm: Remove ARM_FEATURE_VFP*
  git bisect bad f9506e162c33e87b609549157dd8431fcc732085
  # good: [bfa8a370d2f5d4ed03f7a7e2987982f15fe73758] linux-user/arm: Replace ARM_FEATURE_VFP* tests for HWCAP
  git bisect good bfa8a370d2f5d4ed03f7a7e2987982f15fe73758
  # first bad commit: [f9506e162c33e87b609549157dd8431fcc732085] target/arm: Remove ARM_FEATURE_VFP*

  
  the root cause is that, some feature bit is not consistent any more with below changes in this commit:
  diff --git a/target/arm/cpu.h b/target/arm/cpu.h
  index b29b0eddfc..05aa9711cd 100644
  --- a/target/arm/cpu.h
  +++ b/target/arm/cpu.h
  @@ -1880,7 +1880,6 @@ QEMU_BUILD_BUG_ON(ARRAY_SIZE(((ARMCPU *)0)->ccsidr) <= R_V7M_CSSELR_INDEX_MASK);
    * mapping in linux-user/elfload.c:get_elf_hwcap().
    */
   enum arm_features {
  -    ARM_FEATURE_VFP,
       ARM_FEATURE_AUXCR,  /* ARM1026 Auxiliary control register.  */
       ARM_FEATURE_XSCALE, /* Intel XScale extensions.  */
       ARM_FEATURE_IWMMXT, /* Intel iwMMXt extension.  */
  @@ -1889,7 +1888,6 @@ enum arm_features {
       ARM_FEATURE_V7,
       ARM_FEATURE_THUMB2,
       ARM_FEATURE_PMSA,   /* no MMU; may have Memory Protection Unit */
  -    ARM_FEATURE_VFP3,
       ARM_FEATURE_NEON,
       ARM_FEATURE_M, /* Microcontroller profile.  */
       ARM_FEATURE_OMAPCP, /* OMAP specific CP15 ops handling.  */
  @@ -1900,7 +1898,6 @@ enum arm_features {
       ARM_FEATURE_V5,
       ARM_FEATURE_STRONGARM,
       ARM_FEATURE_VAPA, /* cp15 VA to PA lookups */
  -    ARM_FEATURE_VFP4, /* VFPv4 (implies that NEON is v2) */
       ARM_FEATURE_GENERIC_TIMER,
       ARM_FEATURE_MVFR, /* Media and VFP Feature Registers 0 and 1 */
       ARM_FEATURE_DUMMY_C15_REGS, /* RAZ/WI all of cp15 crn=15 */

To manage notifications about this bug go to:
https://bugs.launchpad.net/qemu/+bug/1914696/+subscriptions


  reply	other threads:[~2021-02-05  3:22 UTC|newest]

Thread overview: 12+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2021-02-05  2:59 [Bug 1914696] [NEW] aarch64: migration failed: Segmentation fault (core dumped) lizhijian
2021-02-05  3:04 ` lizhijian [this message]
2021-02-05  9:52   ` [Bug 1914696] " Claudio Fontana
2021-02-05 10:12     ` Li Zhijian
2021-02-05  3:10 ` [Bug 1914696] [NEW] " Launchpad Bug Tracker
2021-02-05  3:15   ` no-reply
2021-02-05  3:16 ` [Bug 1914696] " lizhijian
2021-02-05  3:24 ` [Bug 1914696] [NEW] " no-reply
2021-02-05 10:05 ` [Bug 1914696] " Peter Maydell
2021-02-08  2:43 ` lizhijian
2021-03-11 18:49 ` Peter Maydell
2021-04-30  9:14 ` Thomas Huth

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=161249427147.24305.16887496480047661554.malone@wampee.canonical.com \
    --to=1914696@bugs.launchpad.net \
    --cc=qemu-devel@nongnu.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.