From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from eggs.gnu.org ([2001:4830:134:3::10]:45350) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1bpW3x-0003LC-QG for qemu-devel@nongnu.org; Thu, 29 Sep 2016 03:47:27 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1bpW3u-0001NN-43 for qemu-devel@nongnu.org; Thu, 29 Sep 2016 03:47:24 -0400 Date: Thu, 29 Sep 2016 17:47:15 +1000 From: David Gibson Message-ID: <20160929074715.GE30519@umbus.fritz.box> References: MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha256; protocol="application/pgp-signature"; boundary="maH1Gajj2nflutpK" Content-Disposition: inline In-Reply-To: Subject: Re: [Qemu-devel] ppc64 TCG emulation broken List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , To: Bharata B Rao Cc: "qemu-devel@nongnu.org" , "qemu-ppc@nongnu.org" , "Nikunj A. Dadhania" , raji@linux.vnet.ibm.com --maH1Gajj2nflutpK Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Thu, Sep 29, 2016 at 12:41:04PM +0530, Bharata B Rao wrote: > Hi, >=20 > I am observing a kernel crash with ppc64 TCG guest on x86 and git > bisect points to this commit: >=20 > e7b1e06fbcb81ac66e2586214a6c42fdf15fadf3 > [target-ppc: add vector insert instructions] >=20 > I hit the following guest kernel panic during boot: >=20 > Starting Switch Root... > [ 76.632260] systemd-journald[113]: Received SIGTERM from PID 1 (system= d). > [ 77.082688] systemd-cgroups[1143]: unhandled signal 4 at > 00003fff85d3d718 nip 00003fff85d3d718 lr 00003fff85c8c274 code 30001 > [ 77.479368] systemd-coredum[1144]: unhandled signal 4 at > 00003fff948bd718 nip 00003fff948bd718 lr 00003fff9480c274 code 30001 > [ 77.479860] audit_printk_skb: 39 callbacks suppressed > [ 77.479988] audit: type=3D1701 audit(1475132719.390:35): > auid=3D4294967295 uid=3D0 gid=3D0 ses=3D4294967295 subj=3Dkernel pid=3D11= 44 > comm=3D"systemd-coredum" exe=3D"/usr/lib/systemd/systemd-coredump" sig=3D4 > [ 77.485034] Process 1144(systemd-coredum) has RLIMIT_CORE set to 1 > [ 77.485156] Aborting core > [ 77.858307] systemd[1]: unhandled signal 4 at 00003fff9a48d718 nip > 00003fff9a48d718 lr 00003fff9a3dc274 code 30001 > [ 77.858868] audit: type=3D1701 audit(1475132719.770:36): > auid=3D4294967295 uid=3D0 gid=3D0 ses=3D4294967295 subj=3Dkernel pid=3D1 > comm=3D"systemd" exe=3D"/usr/lib/systemd/systemd" sig=3D4 > [ 78.004191] systemd-coredum[1145]: unhandled signal 4 at > 00003fffa475d718 nip 00003fffa475d718 lr 00003fffa46ac274 code 30001 > [ 78.004648] audit: type=3D1701 audit(1475132719.910:37): > auid=3D4294967295 uid=3D0 gid=3D0 ses=3D4294967295 subj=3Dkernel pid=3D11= 45 > comm=3D"systemd-coredum" exe=3D"/usr/lib/systemd/systemd-coredump" sig=3D4 > [ 78.004971] Process 1145(systemd-coredum) has RLIMIT_CORE set to 1 > [ 78.005066] Aborting core > [ 78.015142] Kernel panic - not syncing: Attempted to kill init! > exitcode=3D0x00000084 > [ 78.015142] > [ 78.016926] CPU: 0 PID: 1 Comm: systemd Not tainted 4.6.4-301.fc24.ppc= 64 #1 > [ 78.017726] Call Trace: > [ 78.019154] [c00000007e6638d0] [c0000000009df0f0] > .dump_stack+0xa8/0xe8 (unreliable) > [ 78.022485] [c00000007e663960] [c0000000009dd6bc] .panic+0x12c/0x2fc > [ 78.022631] [c00000007e663a00] [c0000000000cd6a8] .do_exit+0xca8/0xcb0 > [ 78.022735] [c00000007e663ae0] [c0000000000cd77c] .do_group_exit+0x5c/= 0xf0 > [ 78.022815] [c00000007e663b70] [c0000000000dd4ec] .get_signal+0x3bc/0x= 770 > [ 78.022918] [c00000007e663c70] [c00000000001761c] .do_signal+0x4c/0x2a0 > [ 78.023021] [c00000007e663db0] [c000000000017a4c] .do_notify_resume+0x= ac/0xc0 > [ 78.023411] [c00000007e663e30] [c000000000009944] > .ret_from_except_lite+0x70/0x74 > [ 78.077889] ---[ end Kernel panic - not syncing: Attempted to kill > init! exitcode=3D0x00000084 Huh. Well, that's unfortunate. I don't imagine the guest is trying to use any of those new POWER9 instructions, so I guess we must have broken decode of one of the existing vector instructions with which it shares some part of the opcode. Any chance you could trace this and work out what instruction is giving the first illegal instruction exception? --=20 David Gibson | I'll have my music baroque, and my code david AT gibson.dropbear.id.au | minimalist, thank you. NOT _the_ _other_ | _way_ _around_! http://www.ozlabs.org/~dgibson --maH1Gajj2nflutpK Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- Version: GnuPG v2 iQIcBAEBCAAGBQJX7McCAAoJEGw4ysog2bOSD9kP/2bjfRgSp+21ZOV8nAgcYW2t zkc8ppNjxwz9PZCSw/Ao2MdKXfXCRLKw7aMlMhd2SG8VzX+a85oVzhma9QcfOUgf 64GLxP0lx7w0OdxTRsjKz/EEgcYevAEkbQbvOAZ91OxgmzvgzwrFF1PM0+RcSgvB vKk/O1zKU8cBMeIGV9xN+O1n0Ao1zK21DLz7RdgoqvWNzuqOhAoa58Kxc/6V4aW6 4QRRaJkIw+b3tHQvaKNbbdSmFnXzRIk4D30owEnaiPWEyscsc3Bdu4jKwSwHq4T5 ZP/NfK31DRZFid1dXCFI+X0QksElG6C5cYHSWgac+9pGBSo9KY0/mp+bGEN+IGIN yxHdSUdM87LATEo4/nBigC3yZIbcFyegIKieCAuEE/IyXZRwFgVO00wd7fSU+Tw4 NN9GE+5vVoURo6vub+DhUYDh0MaZhlePJ2/O/Bydpt7J/jTdeD3jjH5y/VF0N6pP jEgW958BSCcd957yuh7MMVGR2Z99w0LGB+bVDg04Y0JxF+9TIcFcCfIq2dx4fpiU TizTmWiVietSFBW8PWPw8P8UihrmWwke2/PfByjMWYYvdSEtkeXuCtLrYoDISBF1 LpwqXnEKXhVhlHzdU7vqKGTMULYqFvE/y/bw8Og1fU5m44zABkYvfcFXw2gA3w6Q QJctFnUizt95v6lQumjK =uhaI -----END PGP SIGNATURE----- --maH1Gajj2nflutpK--