[Qemu-devel] PPC* and Sparc32 crash

[Qemu-devel] PPC* and Sparc32 crash

[Blue Swirl]

qemu-system-ppc: /src/qemu/memory.c:1183:
memory_region_add_subregion_common: Assertion `!subregion->parent'
failed.
Aborted
qemu-system-ppc64: /src/qemu/memory.c:1183:
memory_region_add_subregion_common: Assertion `!subregion->parent'
failed.
Aborted
qemu-system-sparc: /src/qemu/hw/sysbus.c:156:
sysbus_register_withprop: Assertion `info->qdev.size >=
sizeof(SysBusDevice)' failed.
Aborted

This is with b861b7419c49ad53e786062b4fbf6da53468f130. Other targets
seem to work.

Re: [Qemu-devel] PPC* and Sparc32 crash

[Peter Maydell]

On 23 August 2011 18:55, Blue Swirl <blauwirbel@gmail.com> wrote:
> qemu-system-ppc: /src/qemu/memory.c:1183:
> memory_region_add_subregion_common: Assertion `!subregion->parent'
> failed.
> Aborted
> qemu-system-ppc64: /src/qemu/memory.c:1183:
> memory_region_add_subregion_common: Assertion `!subregion->parent'
> failed.
> Aborted
> qemu-system-sparc: /src/qemu/hw/sysbus.c:156:
> sysbus_register_withprop: Assertion `info->qdev.size >=
> sizeof(SysBusDevice)' failed.
> Aborted
>
> This is with b861b7419c49ad53e786062b4fbf6da53468f130. Other targets
> seem to work.

n810 is also broken with a similar assertion to ppc, which I have a
patch in progress to fix.

-- PMM

Re: [Qemu-devel] PPC* and Sparc32 crash

[Edgar E. Iglesias]

On Tue, Aug 23, 2011 at 06:59:01PM +0100, Peter Maydell wrote:
> On 23 August 2011 18:55, Blue Swirl <blauwirbel@gmail.com> wrote:
> > qemu-system-ppc: /src/qemu/memory.c:1183:
> > memory_region_add_subregion_common: Assertion `!subregion->parent'
> > failed.
> > Aborted
> > qemu-system-ppc64: /src/qemu/memory.c:1183:
> > memory_region_add_subregion_common: Assertion `!subregion->parent'
> > failed.
> > Aborted
> > qemu-system-sparc: /src/qemu/hw/sysbus.c:156:
> > sysbus_register_withprop: Assertion `info->qdev.size >=
> > sizeof(SysBusDevice)' failed.
> > Aborted
> >
> > This is with b861b7419c49ad53e786062b4fbf6da53468f130. Other targets
> > seem to work.
> 
> n810 is also broken with a similar assertion to ppc, which I have a
> patch in progress to fix.

MIPS malta is broken in the same way.

Re: [Qemu-devel] PPC* and Sparc32 crash

[Avi Kivity]

On 08/23/2011 08:55 PM, Blue Swirl wrote:
> qemu-system-ppc: /src/qemu/memory.c:1183:
> memory_region_add_subregion_common: Assertion `!subregion->parent'
> failed.
> Aborted
> qemu-system-ppc64: /src/qemu/memory.c:1183:
> memory_region_add_subregion_common: Assertion `!subregion->parent'
> failed.
> Aborted
> qemu-system-sparc: /src/qemu/hw/sysbus.c:156:
> sysbus_register_withprop: Assertion `info->qdev.size>=
> sizeof(SysBusDevice)' failed.
> Aborted
>
> This is with b861b7419c49ad53e786062b4fbf6da53468f130. Other targets
> seem to work.

Please provide disk images and command line options, and I will investigate.



-- 
I have a truly marvellous patch that fixes the bug which this
signature is too narrow to contain.

Re: [Qemu-devel] PPC* and Sparc32 crash

[Blue Swirl]

On Wed, Aug 24, 2011 at 9:41 AM, Avi Kivity <avi@redhat.com> wrote:
> On 08/23/2011 08:55 PM, Blue Swirl wrote:
>>
>> qemu-system-ppc: /src/qemu/memory.c:1183:
>> memory_region_add_subregion_common: Assertion `!subregion->parent'
>> failed.
>> Aborted
>> qemu-system-ppc64: /src/qemu/memory.c:1183:
>> memory_region_add_subregion_common: Assertion `!subregion->parent'
>> failed.
>> Aborted
>> qemu-system-sparc: /src/qemu/hw/sysbus.c:156:
>> sysbus_register_withprop: Assertion `info->qdev.size>=
>> sizeof(SysBusDevice)' failed.
>> Aborted
>>
>> This is with b861b7419c49ad53e786062b4fbf6da53468f130. Other targets
>> seem to work.
>
> Please provide disk images and command line options, and I will investigate.

Most legitimate command lines even without any images will do:
$ ./obj-amd64/ppc-softmmu/qemu-system-ppc
qemu-system-ppc: /src/qemu/memory.c:1183:
memory_region_add_subregion_common: Assertion `!subregion->parent'
failed.
Aborted
$ ./obj-amd64/ppc64-softmmu/qemu-system-ppc64
qemu-system-ppc64: /src/qemu/memory.c:1183:
memory_region_add_subregion_common: Assertion `!subregion->parent'
failed.
Aborted
$ ./obj-amd64/sparc-softmmu/qemu-system-sparc
qemu-system-sparc: /src/qemu/hw/sysbus.c:156:
sysbus_register_withprop: Assertion `info->qdev.size >=
sizeof(SysBusDevice)' failed.
Aborted

Re: [Qemu-devel] PPC* and Sparc32 crash

[Blue Swirl]

On Tue, Aug 23, 2011 at 7:19 PM, Edgar E. Iglesias
<edgar.iglesias@gmail.com> wrote:
> On Tue, Aug 23, 2011 at 06:59:01PM +0100, Peter Maydell wrote:
>> On 23 August 2011 18:55, Blue Swirl <blauwirbel@gmail.com> wrote:
>> > qemu-system-ppc: /src/qemu/memory.c:1183:
>> > memory_region_add_subregion_common: Assertion `!subregion->parent'
>> > failed.
>> > Aborted
>> > qemu-system-ppc64: /src/qemu/memory.c:1183:
>> > memory_region_add_subregion_common: Assertion `!subregion->parent'
>> > failed.
>> > Aborted
>> > qemu-system-sparc: /src/qemu/hw/sysbus.c:156:
>> > sysbus_register_withprop: Assertion `info->qdev.size >=
>> > sizeof(SysBusDevice)' failed.
>> > Aborted
>> >
>> > This is with b861b7419c49ad53e786062b4fbf6da53468f130. Other targets
>> > seem to work.
>>
>> n810 is also broken with a similar assertion to ppc, which I have a
>> patch in progress to fix.
>
> MIPS malta is broken in the same way.

Doesn't crash with these command lines:
$ ./obj-amd64/mips-softmmu/qemu-system-mips -bios /dev/null -machine malta
$ ./obj-amd64/mipsel-softmmu/qemu-system-mipsel -bios /dev/null -machine malta
$ ./obj-amd64/mips64el-softmmu/qemu-system-mips64el -bios /dev/null
-machine malta
$ ./obj-amd64/mips64-softmmu/qemu-system-mips64 -bios /dev/null -machine malta

Re: [Qemu-devel] PPC* and Sparc32 crash

[Blue Swirl]

On Tue, Aug 23, 2011 at 5:59 PM, Peter Maydell <peter.maydell@linaro.org> wrote:
> On 23 August 2011 18:55, Blue Swirl <blauwirbel@gmail.com> wrote:
>> qemu-system-ppc: /src/qemu/memory.c:1183:
>> memory_region_add_subregion_common: Assertion `!subregion->parent'
>> failed.
>> Aborted
>> qemu-system-ppc64: /src/qemu/memory.c:1183:
>> memory_region_add_subregion_common: Assertion `!subregion->parent'
>> failed.
>> Aborted
>> qemu-system-sparc: /src/qemu/hw/sysbus.c:156:
>> sysbus_register_withprop: Assertion `info->qdev.size >=
>> sizeof(SysBusDevice)' failed.
>> Aborted
>>
>> This is with b861b7419c49ad53e786062b4fbf6da53468f130. Other targets
>> seem to work.
>
> n810 is also broken with a similar assertion to ppc, which I have a
> patch in progress to fix.

Confirmed:
$ ./obj-amd64/arm-softmmu/qemu-system-arm -machine n810
mipid_reset: Display off
qemu-system-arm: /src/qemu/memory.c:1183:
memory_region_add_subregion_common: Assertion `!subregion->parent'
failed.
Aborted

Re: [Qemu-devel] PPC* and Sparc32 crash

[Peter Maydell]

On 24 August 2011 18:54, Blue Swirl <blauwirbel@gmail.com> wrote:
> On Tue, Aug 23, 2011 at 5:59 PM, Peter Maydell <peter.maydell@linaro.org> wrote:
>> n810 is also broken with a similar assertion to ppc, which I have a
>> patch in progress to fix.
>
> Confirmed:
> $ ./obj-amd64/arm-softmmu/qemu-system-arm -machine n810
> mipid_reset: Display off
> qemu-system-arm: /src/qemu/memory.c:1183:
> memory_region_add_subregion_common: Assertion `!subregion->parent'
> failed.
> Aborted

This should be fixed by commit 710ffe604 now in master, though,
I think?

-- PMM

Re: [Qemu-devel] PPC* and Sparc32 crash

[Edgar E. Iglesias]

On Wed, Aug 24, 2011 at 05:49:42PM +0000, Blue Swirl wrote:
> On Tue, Aug 23, 2011 at 7:19 PM, Edgar E. Iglesias
> <edgar.iglesias@gmail.com> wrote:
> > On Tue, Aug 23, 2011 at 06:59:01PM +0100, Peter Maydell wrote:
> >> On 23 August 2011 18:55, Blue Swirl <blauwirbel@gmail.com> wrote:
> >> > qemu-system-ppc: /src/qemu/memory.c:1183:
> >> > memory_region_add_subregion_common: Assertion `!subregion->parent'
> >> > failed.
> >> > Aborted
> >> > qemu-system-ppc64: /src/qemu/memory.c:1183:
> >> > memory_region_add_subregion_common: Assertion `!subregion->parent'
> >> > failed.
> >> > Aborted
> >> > qemu-system-sparc: /src/qemu/hw/sysbus.c:156:
> >> > sysbus_register_withprop: Assertion `info->qdev.size >=
> >> > sizeof(SysBusDevice)' failed.
> >> > Aborted
> >> >
> >> > This is with b861b7419c49ad53e786062b4fbf6da53468f130. Other targets
> >> > seem to work.
> >>
> >> n810 is also broken with a similar assertion to ppc, which I have a
> >> patch in progress to fix.
> >
> > MIPS malta is broken in the same way.
> 
> Doesn't crash with these command lines:
> $ ./obj-amd64/mips-softmmu/qemu-system-mips -bios /dev/null -machine malta
> $ ./obj-amd64/mipsel-softmmu/qemu-system-mipsel -bios /dev/null -machine malta
> $ ./obj-amd64/mips64el-softmmu/qemu-system-mips64el -bios /dev/null
> -machine malta
> $ ./obj-amd64/mips64-softmmu/qemu-system-mips64 -bios /dev/null -machine malta


qemu-system-mipsel -M malta -kernel vmlinux -hda ~/Downloads/debian_squeeze_mipsel_standard.qcow2 -append "root=/dev/hda1 console=ttyS0" -nographic
QEMU 0.15.50 monitor - type 'help' for more information
(qemu) QEMU 0.15.50 monitor - type 'help' for more information
(qemu) 
qemu-system-mipsel: /home/edgar/src/c/qemu/qemu/memory.c:1236: memory_region_del_subregion: Assertion `subregion->parent == mr' failed.
Aborted (core dumped)

But the image with run-qemu.sh from the wiki works on my side...

Cheers

Re: [Qemu-devel] PPC* and Sparc32 crash

[Edgar E. Iglesias]

On Wed, Aug 24, 2011 at 05:49:42PM +0000, Blue Swirl wrote:
> On Tue, Aug 23, 2011 at 7:19 PM, Edgar E. Iglesias
> <edgar.iglesias@gmail.com> wrote:
> > On Tue, Aug 23, 2011 at 06:59:01PM +0100, Peter Maydell wrote:
> >> On 23 August 2011 18:55, Blue Swirl <blauwirbel@gmail.com> wrote:
> >> > qemu-system-ppc: /src/qemu/memory.c:1183:
> >> > memory_region_add_subregion_common: Assertion `!subregion->parent'
> >> > failed.
> >> > Aborted
> >> > qemu-system-ppc64: /src/qemu/memory.c:1183:
> >> > memory_region_add_subregion_common: Assertion `!subregion->parent'
> >> > failed.
> >> > Aborted
> >> > qemu-system-sparc: /src/qemu/hw/sysbus.c:156:
> >> > sysbus_register_withprop: Assertion `info->qdev.size >=
> >> > sizeof(SysBusDevice)' failed.
> >> > Aborted
> >> >
> >> > This is with b861b7419c49ad53e786062b4fbf6da53468f130. Other targets
> >> > seem to work.
> >>
> >> n810 is also broken with a similar assertion to ppc, which I have a
> >> patch in progress to fix.
> >
> > MIPS malta is broken in the same way.
> 
> Doesn't crash with these command lines:
> $ ./obj-amd64/mips-softmmu/qemu-system-mips -bios /dev/null -machine malta
> $ ./obj-amd64/mipsel-softmmu/qemu-system-mipsel -bios /dev/null -machine malta
> $ ./obj-amd64/mips64el-softmmu/qemu-system-mips64el -bios /dev/null
> -machine malta
> $ ./obj-amd64/mips64-softmmu/qemu-system-mips64 -bios /dev/null -machine malta


Sorry, forgot the backtrace:

Starting program: /home/edgar/src/c/qemu/build-qemu/mipsel-softmmu/qemu-system-mipsel -M malta -kernel vmlinux -hda /home/edgar/Downloads/debian_squeeze_mipsel_standard.qcow2 -append root=/dev/hda1\ console=ttyS0 -nographic
[Thread debugging using libthread_db enabled]
[New Thread 0x7fffeef43700 (LWP 18091)]
[New Thread 0x7fffe5a76700 (LWP 18092)]
QEMU 0.15.50 monitor - type 'help' for more information
(qemu) QEMU 0.15.50 monitor - type 'help' for more information
(qemu) 
Program received signal SIGUSR2, User defined signal 2.
0x00007ffff5be6913 in select () at ../sysdeps/unix/syscall-template.S:82
82      ../sysdeps/unix/syscall-template.S: No such file or directory.
        in ../sysdeps/unix/syscall-template.S
(gdb) bt
#0  0x00007ffff5be6913 in select () at ../sysdeps/unix/syscall-template.S:82
#1  0x0000000000430627 in qemu_aio_wait ()
    at /home/edgar/src/c/qemu/qemu/aio.c:193
#2  0x000000000042e6dd in bdrv_read_em (bs=0x116a310, sector_num=0, 
    buf=<optimized out>, nb_sectors=1)
    at /home/edgar/src/c/qemu/qemu/block.c:2833
#3  0x000000000042bfd8 in bdrv_read (bs=0x116a310, sector_num=0, 
    buf=0x7fffffffdaa0 "", nb_sectors=1)
    at /home/edgar/src/c/qemu/qemu/block.c:984
#4  0x000000000042c988 in guess_disk_lchs (bs=0x116a310, 
    pcylinders=0x7fffffffdcec, pheads=0x7fffffffdcf0, psectors=0x7fffffffdcf4)
    at /home/edgar/src/c/qemu/qemu/block.c:1317
#5  0x000000000042cb27 in bdrv_guess_geometry (bs=0x116a310, 
    pcyls=0x7fffffffdd3c, pheads=0x7fffffffdd40, psecs=0x7fffffffdd44)
    at /home/edgar/src/c/qemu/qemu/block.c:1364
#6  0x0000000000587638 in ide_init_drive (s=0x1395b80, bs=0x116a310, 
    kind=IDE_HD, version=0x0, serial=0x0)
    at /home/edgar/src/c/qemu/qemu/hw/ide/core.c:1730
#7  0x000000000058981d in ide_dev_initfn (dev=0x1397e10, kind=<optimized out>)
    at /home/edgar/src/c/qemu/qemu/hw/ide/qdev.c:146
#8  0x0000000000493b0c in qdev_init (dev=0x1397e10)
    at /home/edgar/src/c/qemu/qemu/hw/qdev.c:287
#9  0x0000000000493bce in qdev_init_nofail (dev=<optimized out>)
    at /home/edgar/src/c/qemu/qemu/hw/qdev.c:381
#10 0x0000000000589bca in ide_create_drive (bus=<optimized out>, unit=0, 
    drive=0x116a270) at /home/edgar/src/c/qemu/qemu/hw/ide/qdev.c:108
#11 0x000000000058a85b in pci_ide_create_devs (dev=0x13956e0, 
    hd_table=0x7fffffffdf00) at /home/edgar/src/c/qemu/qemu/hw/ide/pci.c:503
#12 0x000000000058b23b in pci_piix4_ide_init (bus=<optimized out>, 
    hd_table=0x7fffffffdf00, devfn=<optimized out>)
    at /home/edgar/src/c/qemu/qemu/hw/ide/piix.c:237
#13 0x00000000005a2d03 in mips_malta_init (ram_size=<optimized out>, 
    boot_device=<optimized out>, kernel_filename=<optimized out>, 
    kernel_cmdline=0x7fffffffe658 "root=/dev/hda1 console=ttyS0", 
    initrd_filename=0x0, cpu_model=<optimized out>)
    at /home/edgar/src/c/qemu/qemu/hw/mips_malta.c:911
#14 0x0000000000409e1d in main (argc=<optimized out>, argv=<optimized out>, 
    envp=<optimized out>) at /home/edgar/src/c/qemu/qemu/vl.c:3257
(gdb) q
A debugging session is active.

        Inferior 1 [process 18088] will be killed.

Quit anyway? (y or n) y

Re: [Qemu-devel] PPC* and Sparc32 crash

[Avi Kivity]

On 08/24/2011 08:48 PM, Blue Swirl wrote:
> On Wed, Aug 24, 2011 at 9:41 AM, Avi Kivity<avi@redhat.com>  wrote:
> >  On 08/23/2011 08:55 PM, Blue Swirl wrote:
> >>
> >>  qemu-system-ppc: /src/qemu/memory.c:1183:
> >>  memory_region_add_subregion_common: Assertion `!subregion->parent'
> >>  failed.
> >>  Aborted
> >>  qemu-system-ppc64: /src/qemu/memory.c:1183:
> >>  memory_region_add_subregion_common: Assertion `!subregion->parent'
> >>  failed.
> >>  Aborted
> >>  qemu-system-sparc: /src/qemu/hw/sysbus.c:156:
> >>  sysbus_register_withprop: Assertion `info->qdev.size>=
> >>  sizeof(SysBusDevice)' failed.
> >>  Aborted
> >>
> >>  This is with b861b7419c49ad53e786062b4fbf6da53468f130. Other targets
> >>  seem to work.
> >
> >  Please provide disk images and command line options, and I will investigate.
>
> Most legitimate command lines even without any images will do:
> $ ./obj-amd64/ppc-softmmu/qemu-system-ppc
> qemu-system-ppc: /src/qemu/memory.c:1183:
> memory_region_add_subregion_common: Assertion `!subregion->parent'
> failed.
> Aborted
>

Here the issue is that escc is both a sysbus device at 0x80013000 and a 
a PCI device.  Is this really correct?

In any case, I will post a patch making it behave like it did before the 
conversion, and leave any extra fixes to someone who knows the device.


-- 
I have a truly marvellous patch that fixes the bug which this
signature is too narrow to contain.

Re: [Qemu-devel] PPC* and Sparc32 crash

[Edgar E. Iglesias]

On Wed, Aug 24, 2011 at 08:16:41PM +0200, Edgar E. Iglesias wrote:
> On Wed, Aug 24, 2011 at 05:49:42PM +0000, Blue Swirl wrote:
> > On Tue, Aug 23, 2011 at 7:19 PM, Edgar E. Iglesias
> > <edgar.iglesias@gmail.com> wrote:
> > > On Tue, Aug 23, 2011 at 06:59:01PM +0100, Peter Maydell wrote:
> > >> On 23 August 2011 18:55, Blue Swirl <blauwirbel@gmail.com> wrote:
> > >> > qemu-system-ppc: /src/qemu/memory.c:1183:
> > >> > memory_region_add_subregion_common: Assertion `!subregion->parent'
> > >> > failed.
> > >> > Aborted
> > >> > qemu-system-ppc64: /src/qemu/memory.c:1183:
> > >> > memory_region_add_subregion_common: Assertion `!subregion->parent'
> > >> > failed.
> > >> > Aborted
> > >> > qemu-system-sparc: /src/qemu/hw/sysbus.c:156:
> > >> > sysbus_register_withprop: Assertion `info->qdev.size >=
> > >> > sizeof(SysBusDevice)' failed.
> > >> > Aborted
> > >> >
> > >> > This is with b861b7419c49ad53e786062b4fbf6da53468f130. Other targets
> > >> > seem to work.
> > >>
> > >> n810 is also broken with a similar assertion to ppc, which I have a
> > >> patch in progress to fix.
> > >
> > > MIPS malta is broken in the same way.
> > 
> > Doesn't crash with these command lines:
> > $ ./obj-amd64/mips-softmmu/qemu-system-mips -bios /dev/null -machine malta
> > $ ./obj-amd64/mipsel-softmmu/qemu-system-mipsel -bios /dev/null -machine malta
> > $ ./obj-amd64/mips64el-softmmu/qemu-system-mips64el -bios /dev/null
> > -machine malta
> > $ ./obj-amd64/mips64-softmmu/qemu-system-mips64 -bios /dev/null -machine malta
> 
> 
> Sorry, forgot the backtrace:

And here is the correct backtrace... :)

(gdb) bt
#0  0x00007ffff5b423a5 in __GI_raise (sig=6)
    at ../nptl/sysdeps/unix/sysv/linux/raise.c:64
#1  0x00007ffff5b45b0b in __GI_abort () at abort.c:92
#2  0x00007ffff5b3ad4d in __GI___assert_fail (
    assertion=0x5d331e "subregion->parent == mr", file=<optimized out>, 
    line=1236, function=<optimized out>) at assert.c:81
#3  0x0000000000425cf9 in memory_region_del_subregion (mr=<optimized out>, 
    subregion=<optimized out>) at /home/edgar/src/c/qemu/qemu/memory.c:1236
#4  0x00000000005adf17 in gt64120_pci_mapping (s=0x138f650)
    at /home/edgar/src/c/qemu/qemu/hw/gt64xxx.c:293
#5  gt64120_pci_mapping (s=0x138f650)
    at /home/edgar/src/c/qemu/qemu/hw/gt64xxx.c:285
#6  0x00000000004234b0 in access_with_adjusted_size (addr=80, 
    value=0x7fffeef428a8, size=4, access_size_min=<optimized out>, 
    access_size_max=<optimized out>, 
    access=0x4233d0 <memory_region_write_accessor>, opaque=0x1393590)
    at /home/edgar/src/c/qemu/qemu/memory.c:284
#7  0x0000000000424900 in memory_region_write_thunk_n (_mr=0x1393590, addr=80, 
    size=4, data=64) at /home/edgar/src/c/qemu/qemu/memory.c:849
#8  0x0000000040000138 in ?? ()
#9  0x0000000000000000 in ?? ()
(gdb) 

[Qemu-devel] [PATCH] ppc_oldworld, ppc_newworld: fix escc BAR related crash

[Avi Kivity]

ppc maps the escc mmio region both at a fixed offset (as a sysbus area) and as part of a PCI BAR.
This crashes, since a MemoryRegion may have only one parent.  Use an alias so we have a separate
MemoryRegion for the BAR.

Signed-off-by: Avi Kivity <avi@redhat.com>
---
 hw/ppc_newworld.c |    5 ++++-
 hw/ppc_oldworld.c |    6 ++++--
 2 files changed, 8 insertions(+), 3 deletions(-)

diff --git a/hw/ppc_newworld.c b/hw/ppc_newworld.c
index 4727e07..fbd443d 100644
--- a/hw/ppc_newworld.c
+++ b/hw/ppc_newworld.c
@@ -146,6 +146,7 @@ static void ppc_core99_init (ram_addr_t ram_size,
     MacIONVRAMState *nvr;
     int bios_size;
     MemoryRegion *pic_mem, *dbdma_mem, *cuda_mem, *escc_mem;
+    MemoryRegion *escc_bar = g_new(MemoryRegion, 1);
     MemoryRegion *ide_mem[3];
     int ppc_boot_device;
     DriveInfo *hd[MAX_IDE_BUS * MAX_IDE_DEVS];
@@ -328,6 +329,8 @@ static void ppc_core99_init (ram_addr_t ram_size,
 
     escc_mem = escc_init(0x80013000, pic[0x25], pic[0x24],
                          serial_hds[0], serial_hds[1], ESCC_CLOCK, 4);
+    memory_region_init_alias(escc_bar, "escc-bar",
+                             escc_mem, 0, memory_region_size(escc_mem));
 
     for(i = 0; i < nb_nics; i++)
         pci_nic_init_nofail(&nd_table[i], "ne2k_pci", NULL);
@@ -350,7 +353,7 @@ static void ppc_core99_init (ram_addr_t ram_size,
     adb_mouse_init(&adb_bus);
 
     macio_init(pci_bus, PCI_DEVICE_ID_APPLE_UNI_N_KEYL, 0, pic_mem,
-               dbdma_mem, cuda_mem, NULL, 3, ide_mem, escc_mem);
+               dbdma_mem, cuda_mem, NULL, 3, ide_mem, escc_bar);
 
     if (usb_enabled) {
         usb_ohci_init_pci(pci_bus, -1);
diff --git a/hw/ppc_oldworld.c b/hw/ppc_oldworld.c
index 0071fc9..235d2ef 100644
--- a/hw/ppc_oldworld.c
+++ b/hw/ppc_oldworld.c
@@ -83,7 +83,7 @@ static void ppc_heathrow_init (ram_addr_t ram_size,
     MacIONVRAMState *nvr;
     int bios_size;
     MemoryRegion *pic_mem, *dbdma_mem, *cuda_mem;
-    MemoryRegion *escc_mem, *ide_mem[2];
+    MemoryRegion *escc_mem, *escc_bar = g_new(MemoryRegion, 1), *ide_mem[2];
     uint16_t ppc_boot_device;
     DriveInfo *hd[MAX_IDE_BUS * MAX_IDE_DEVS];
     void *fw_cfg;
@@ -241,6 +241,8 @@ static void ppc_heathrow_init (ram_addr_t ram_size,
 
     escc_mem = escc_init(0x80013000, pic[0x0f], pic[0x10], serial_hds[0],
                                serial_hds[1], ESCC_CLOCK, 4);
+    memory_region_init_alias(escc_bar, "escc-bar",
+                             escc_mem, 0, memory_region_size(escc_mem));
 
     for(i = 0; i < nb_nics; i++)
         pci_nic_init_nofail(&nd_table[i], "ne2k_pci", NULL);
@@ -269,7 +271,7 @@ static void ppc_heathrow_init (ram_addr_t ram_size,
     pmac_format_nvram_partition(nvr, 0x2000);
 
     macio_init(pci_bus, PCI_DEVICE_ID_APPLE_343S1201, 1, pic_mem,
-               dbdma_mem, cuda_mem, nvr, 2, ide_mem, escc_mem);
+               dbdma_mem, cuda_mem, nvr, 2, ide_mem, escc_bar);
 
     if (usb_enabled) {
         usb_ohci_init_pci(pci_bus, -1);
-- 
1.7.5.3

Re: [Qemu-devel] PPC* and Sparc32 crash

[Avi Kivity]

On 08/24/2011 08:48 PM, Blue Swirl wrote:
> $ ./obj-amd64/sparc-softmmu/qemu-system-sparc
> qemu-system-sparc: /src/qemu/hw/sysbus.c:156:
> sysbus_register_withprop: Assertion `info->qdev.size>=
> sizeof(SysBusDevice)' failed.
> Aborted

Doesn't reproduce on e8906f3 - I get a boot loader prompt.

-- 
I have a truly marvellous patch that fixes the bug which this
signature is too narrow to contain.

[Qemu-devel] [PATCH] gt64xxx: fix crash in gt64120_pci_mapping()

[Avi Kivity]

The map/unmap code was assymetric - unmap used the local MemoryRegion while
map used isa_mmio_init(), which cannot handle dynamic mappings.

Fix by using isa_mmio_setup() and the local MemoryRegion.

Signed-off-by: Avi Kivity <avi@redhat.com>
---

Untested.

 hw/gt64xxx.c |    6 +++++-
 1 files changed, 5 insertions(+), 1 deletions(-)

diff --git a/hw/gt64xxx.c b/hw/gt64xxx.c
index 6af9782..1c34253 100644
--- a/hw/gt64xxx.c
+++ b/hw/gt64xxx.c
@@ -297,7 +297,11 @@ static void gt64120_pci_mapping(GT64120State *s)
       s->PCI0IO_start = s->regs[GT_PCI0IOLD] << 21;
       s->PCI0IO_length = ((s->regs[GT_PCI0IOHD] + 1) - (s->regs[GT_PCI0IOLD] & 0x7f)) << 21;
       isa_mem_base = s->PCI0IO_start;
-      isa_mmio_init(s->PCI0IO_start, s->PCI0IO_length);
+      if (s->PCI0IO_length) {
+          isa_mmio_setup(&s->PCI0IO_mem, s->PCI0IO_length);
+          memory_region_add_subregion(get_system_memory(), s->PCI0IO_start,
+                                      &s->PCI0IO_mem);
+      }
     }
 }
 
-- 
1.7.5.3

Re: [Qemu-devel] [PATCH] gt64xxx: fix crash in gt64120_pci_mapping()

[Edgar E. Iglesias]

On Wed, Aug 24, 2011 at 10:09:41PM +0300, Avi Kivity wrote:
> The map/unmap code was assymetric - unmap used the local MemoryRegion while
> map used isa_mmio_init(), which cannot handle dynamic mappings.
> 
> Fix by using isa_mmio_setup() and the local MemoryRegion.
> 
> Signed-off-by: Avi Kivity <avi@redhat.com>

Thanks, this works for me. I'll apply it in a moment.

Cheers

Re: [Qemu-devel] PPC* and Sparc32 crash

[Blue Swirl]

On Wed, Aug 24, 2011 at 6:43 PM, Avi Kivity <avi@redhat.com> wrote:
> On 08/24/2011 08:48 PM, Blue Swirl wrote:
>>
>> $ ./obj-amd64/sparc-softmmu/qemu-system-sparc
>> qemu-system-sparc: /src/qemu/hw/sysbus.c:156:
>> sysbus_register_withprop: Assertion `info->qdev.size>=
>> sizeof(SysBusDevice)' failed.
>> Aborted
>
> Doesn't reproduce on e8906f3 - I get a boot loader prompt.

Still happens here, e8906f3.

Re: [Qemu-devel] PPC* and Sparc32 crash

[Avi Kivity]

On 08/24/2011 10:43 PM, Blue Swirl wrote:
> On Wed, Aug 24, 2011 at 6:43 PM, Avi Kivity<avi@redhat.com>  wrote:
> >  On 08/24/2011 08:48 PM, Blue Swirl wrote:
> >>
> >>  $ ./obj-amd64/sparc-softmmu/qemu-system-sparc
> >>  qemu-system-sparc: /src/qemu/hw/sysbus.c:156:
> >>  sysbus_register_withprop: Assertion `info->qdev.size>=
> >>  sizeof(SysBusDevice)' failed.
> >>  Aborted
> >
> >  Doesn't reproduce on e8906f3 - I get a boot loader prompt.
>
> Still happens here, e8906f3.

Backtrace?

-- 
I have a truly marvellous patch that fixes the bug which this
signature is too narrow to contain.

Re: [Qemu-devel] PPC* and Sparc32 crash

[Blue Swirl]

On Wed, Aug 24, 2011 at 7:59 PM, Avi Kivity <avi@redhat.com> wrote:
> On 08/24/2011 10:43 PM, Blue Swirl wrote:
>>
>> On Wed, Aug 24, 2011 at 6:43 PM, Avi Kivity<avi@redhat.com>  wrote:
>> >  On 08/24/2011 08:48 PM, Blue Swirl wrote:
>> >>
>> >>  $ ./obj-amd64/sparc-softmmu/qemu-system-sparc
>> >>  qemu-system-sparc: /src/qemu/hw/sysbus.c:156:
>> >>  sysbus_register_withprop: Assertion `info->qdev.size>=
>> >>  sizeof(SysBusDevice)' failed.
>> >>  Aborted
>> >
>> >  Doesn't reproduce on e8906f3 - I get a boot loader prompt.
>>
>> Still happens here, e8906f3.
>
> Backtrace?

[Thread debugging using libthread_db enabled]
[New Thread 0x7ffff0ab7700 (LWP 15515)]
qemu-system-sparc: /src/qemu/hw/sysbus.c:156:
sysbus_register_withprop: Assertion `info->qdev.size >=
sizeof(SysBusDevice)' failed.

Program received signal SIGABRT, Aborted.
0x00007ffff3da2165 in *__GI_raise (sig=<value optimized out>)
    at ../nptl/sysdeps/unix/sysv/linux/raise.c:64
64      ../nptl/sysdeps/unix/sysv/linux/raise.c: No such file or directory.
        in ../nptl/sysdeps/unix/sysv/linux/raise.c
(gdb) bt
#0  0x00007ffff3da2165 in *__GI_raise (sig=<value optimized out>)
    at ../nptl/sysdeps/unix/sysv/linux/raise.c:64
#1  0x00007ffff3da4f70 in *__GI_abort () at abort.c:92
#2  0x00007ffff3d9b2b1 in *__GI___assert_fail (
    assertion=0x5c7650 "info->qdev.size >= sizeof(SysBusDevice)",
    file=<value optimized out>, line=0x9c,
    function=0x5c7680 "sysbus_register_withprop") at assert.c:81
#3  0x000000000052e280 in sysbus_register_withprop (info=<value optimized out>)
    at /src/qemu/hw/sysbus.c:156
#4  0x000000000041de13 in module_call_init (type=<value optimized out>)
    at /src/qemu/module.c:78
#5  0x0000000000518fb4 in main (argc=<value optimized out>,
    argv=<value optimized out>, envp=<value optimized out>)
    at /src/qemu/vl.c:3241

Re: [Qemu-devel] PPC* and Sparc32 crash

[Avi Kivity]

On 08/24/2011 11:02 PM, Blue Swirl wrote:
> >
> >  Backtrace?
>
> [Thread debugging using libthread_db enabled]
> [New Thread 0x7ffff0ab7700 (LWP 15515)]
> qemu-system-sparc: /src/qemu/hw/sysbus.c:156:
> sysbus_register_withprop: Assertion `info->qdev.size>=
> sizeof(SysBusDevice)' failed.
>
> Program received signal SIGABRT, Aborted.
> 0x00007ffff3da2165 in *__GI_raise (sig=<value optimized out>)
>      at ../nptl/sysdeps/unix/sysv/linux/raise.c:64
> 64      ../nptl/sysdeps/unix/sysv/linux/raise.c: No such file or directory.
>          in ../nptl/sysdeps/unix/sysv/linux/raise.c
> (gdb) bt
> #0  0x00007ffff3da2165 in *__GI_raise (sig=<value optimized out>)
>      at ../nptl/sysdeps/unix/sysv/linux/raise.c:64
> #1  0x00007ffff3da4f70 in *__GI_abort () at abort.c:92
> #2  0x00007ffff3d9b2b1 in *__GI___assert_fail (
>      assertion=0x5c7650 "info->qdev.size>= sizeof(SysBusDevice)",
>      file=<value optimized out>, line=0x9c,
>      function=0x5c7680 "sysbus_register_withprop") at assert.c:81
> #3  0x000000000052e280 in sysbus_register_withprop (info=<value optimized out>)
>      at /src/qemu/hw/sysbus.c:156
>

Please dump out frame 3's *info.

-- 
I have a truly marvellous patch that fixes the bug which this
signature is too narrow to contain.

Re: [Qemu-devel] PPC* and Sparc32 crash

[Blue Swirl]

On Thu, Aug 25, 2011 at 4:43 AM, Avi Kivity <avi@redhat.com> wrote:
> On 08/24/2011 11:02 PM, Blue Swirl wrote:
>>
>> >
>> >  Backtrace?
>>
>> [Thread debugging using libthread_db enabled]
>> [New Thread 0x7ffff0ab7700 (LWP 15515)]
>> qemu-system-sparc: /src/qemu/hw/sysbus.c:156:
>> sysbus_register_withprop: Assertion `info->qdev.size>=
>> sizeof(SysBusDevice)' failed.
>>
>> Program received signal SIGABRT, Aborted.
>> 0x00007ffff3da2165 in *__GI_raise (sig=<value optimized out>)
>>     at ../nptl/sysdeps/unix/sysv/linux/raise.c:64
>> 64      ../nptl/sysdeps/unix/sysv/linux/raise.c: No such file or
>> directory.
>>         in ../nptl/sysdeps/unix/sysv/linux/raise.c
>> (gdb) bt
>> #0  0x00007ffff3da2165 in *__GI_raise (sig=<value optimized out>)
>>     at ../nptl/sysdeps/unix/sysv/linux/raise.c:64
>> #1  0x00007ffff3da4f70 in *__GI_abort () at abort.c:92
>> #2  0x00007ffff3d9b2b1 in *__GI___assert_fail (
>>     assertion=0x5c7650 "info->qdev.size>= sizeof(SysBusDevice)",
>>     file=<value optimized out>, line=0x9c,
>>     function=0x5c7680 "sysbus_register_withprop") at assert.c:81
>> #3  0x000000000052e280 in sysbus_register_withprop (info=<value optimized
>> out>)
>>     at /src/qemu/hw/sysbus.c:156
>>
>
> Please dump out frame 3's *info.

(gdb) bt
#0  0x00007ffff3da2165 in *__GI_raise (sig=<value optimized out>)
    at ../nptl/sysdeps/unix/sysv/linux/raise.c:64
#1  0x00007ffff3da4f70 in *__GI_abort () at abort.c:92
#2  0x00007ffff3d9b2b1 in *__GI___assert_fail (
    assertion=0x5c7390 "info->qdev.size >= sizeof(SysBusDevice)",
    file=<value optimized out>, line=0x9c,
    function=0x5c73c0 "sysbus_register_withprop") at assert.c:81
#3  0x000000000052e000 in sysbus_register_withprop (info=<value optimized out>)
    at /src/qemu/hw/sysbus.c:156
#4  0x000000000041d9c3 in module_call_init (type=<value optimized out>)
    at /src/qemu/module.c:78
#5  0x0000000000518b64 in main (argc=<value optimized out>,
    argv=<value optimized out>, envp=<value optimized out>)
    at /src/qemu/vl.c:3241
(gdb) up 3
#3  0x000000000052e000 in sysbus_register_withprop (info=<value optimized out>)
    at /src/qemu/hw/sysbus.c:156
156         assert(info->qdev.size >= sizeof(SysBusDevice));
(gdb) p *info
Cannot access memory at address 0x0
(gdb) p info
$1 = <value optimized out>
(gdb) up
#4  0x000000000041d9c3 in module_call_init (type=<value optimized out>)
    at /src/qemu/module.c:78
78              e->init();
(gdb) p *e
$2 = {type = MODULE_INIT_BLOCK,
  init = 0x53cf50 <sun4c_intctl_register_devices>, node = {
    tqe_next = 0x1051130, tqe_prev = 0x10510b0}}

Re: [Qemu-devel] PPC* and Sparc32 crash

[Avi Kivity]

On 08/25/2011 08:33 PM, Blue Swirl wrote:
> (gdb) bt
> #0  0x00007ffff3da2165 in *__GI_raise (sig=<value optimized out>)
>      at ../nptl/sysdeps/unix/sysv/linux/raise.c:64
> #1  0x00007ffff3da4f70 in *__GI_abort () at abort.c:92
> #2  0x00007ffff3d9b2b1 in *__GI___assert_fail (
>      assertion=0x5c7390 "info->qdev.size>= sizeof(SysBusDevice)",
>      file=<value optimized out>, line=0x9c,
>      function=0x5c73c0 "sysbus_register_withprop") at assert.c:81
> #3  0x000000000052e000 in sysbus_register_withprop (info=<value optimized out>)
>      at /src/qemu/hw/sysbus.c:156
> #4  0x000000000041d9c3 in module_call_init (type=<value optimized out>)
>      at /src/qemu/module.c:78
> #5  0x0000000000518b64 in main (argc=<value optimized out>,
>      argv=<value optimized out>, envp=<value optimized out>)
>      at /src/qemu/vl.c:3241
> (gdb) up 3
> #3  0x000000000052e000 in sysbus_register_withprop (info=<value optimized out>)
>      at /src/qemu/hw/sysbus.c:156
> 156         assert(info->qdev.size>= sizeof(SysBusDevice));
> (gdb) p *info
> Cannot access memory at address 0x0
> (gdb) p info
> $1 =<value optimized out>

-O1 fixes that.

> (gdb) up
> #4  0x000000000041d9c3 in module_call_init (type=<value optimized out>)
>      at /src/qemu/module.c:78
> 78              e->init();
> (gdb) p *e
> $2 = {type = MODULE_INIT_BLOCK,
>    init = 0x53cf50<sun4c_intctl_register_devices>, node = {
>      tqe_next = 0x1051130, tqe_prev = 0x10510b0}}

static SysBusDeviceInfo sun4c_intctl_info = {
     .init = sun4c_intctl_init1,
     .qdev.name  = "sun4c_intctl",
     .qdev.size  = sizeof(Sun4c_INTCTLState),
     .qdev.vmsd  = &vmstate_sun4c_intctl,
     .qdev.reset = sun4c_intctl_reset,
};

typedef struct Sun4c_INTCTLState {
     SysBusDevice busdev;
     ...
}

so the code looks fine.  Can you dig deeper?  Did something stomp on 
qdev.size?

-- 
I have a truly marvellous patch that fixes the bug which this
signature is too narrow to contain.

Re: [Qemu-devel] PPC* and Sparc32 crash

[Blue Swirl]

On Thu, Aug 25, 2011 at 7:31 PM, Avi Kivity <avi@redhat.com> wrote:
> On 08/25/2011 08:33 PM, Blue Swirl wrote:
>>
>> (gdb) bt
>> #0  0x00007ffff3da2165 in *__GI_raise (sig=<value optimized out>)
>>     at ../nptl/sysdeps/unix/sysv/linux/raise.c:64
>> #1  0x00007ffff3da4f70 in *__GI_abort () at abort.c:92
>> #2  0x00007ffff3d9b2b1 in *__GI___assert_fail (
>>     assertion=0x5c7390 "info->qdev.size>= sizeof(SysBusDevice)",
>>     file=<value optimized out>, line=0x9c,
>>     function=0x5c73c0 "sysbus_register_withprop") at assert.c:81
>> #3  0x000000000052e000 in sysbus_register_withprop (info=<value optimized
>> out>)
>>     at /src/qemu/hw/sysbus.c:156
>> #4  0x000000000041d9c3 in module_call_init (type=<value optimized out>)
>>     at /src/qemu/module.c:78
>> #5  0x0000000000518b64 in main (argc=<value optimized out>,
>>     argv=<value optimized out>, envp=<value optimized out>)
>>     at /src/qemu/vl.c:3241
>> (gdb) up 3
>> #3  0x000000000052e000 in sysbus_register_withprop (info=<value optimized
>> out>)
>>     at /src/qemu/hw/sysbus.c:156
>> 156         assert(info->qdev.size>= sizeof(SysBusDevice));
>> (gdb) p *info
>> Cannot access memory at address 0x0
>> (gdb) p info
>> $1 =<value optimized out>
>
> -O1 fixes that.
>
>> (gdb) up
>> #4  0x000000000041d9c3 in module_call_init (type=<value optimized out>)
>>     at /src/qemu/module.c:78
>> 78              e->init();
>> (gdb) p *e
>> $2 = {type = MODULE_INIT_BLOCK,
>>   init = 0x53cf50<sun4c_intctl_register_devices>, node = {
>>     tqe_next = 0x1051130, tqe_prev = 0x10510b0}}
>
> static SysBusDeviceInfo sun4c_intctl_info = {
>    .init = sun4c_intctl_init1,
>    .qdev.name  = "sun4c_intctl",
>    .qdev.size  = sizeof(Sun4c_INTCTLState),
>    .qdev.vmsd  = &vmstate_sun4c_intctl,
>    .qdev.reset = sun4c_intctl_reset,
> };
>
> typedef struct Sun4c_INTCTLState {
>    SysBusDevice busdev;
>    ...
> }
>
> so the code looks fine.  Can you dig deeper?  Did something stomp on
> qdev.size?

Bah, I run 'make clean', recompiled and the problem disappeared. Sorry
for the trouble and noise. Bugs with Makefile dependencies?