* [Bug 1863486] [NEW] aarch64/tcg crash with malloc(): unsorted double linked list corrupted
@ 2020-02-16 16:55 Philippe Mathieu-Daudé
2020-02-16 17:55 ` [Bug 1863486] " Philippe Mathieu-Daudé
` (3 more replies)
0 siblings, 4 replies; 5+ messages in thread
From: Philippe Mathieu-Daudé @ 2020-02-16 16:55 UTC (permalink / raw)
To: qemu-devel
Public bug reported:
Based on commit b29c3e23f64938784c42ef9fca896829e3c19120,
QEMU configured with --enable-debug --extra-cflags=-ggdb.
Download Raspberry Pi 3 UEFI Firmware v1.15 from:
https://github.com/pbatard/RPi3/releases/tag/v1.15
(unzip RPi3_UEFI_Firmware_v1.15.zip)
Run QEMU with:
$ qemu-system-aarch64 -M raspi3 \
-serial null -serial stdio \
-device loader,file=RPI_EFI.fd,force-raw=true
Normal behavior:
NOTICE: Booting Trusted Firmware
NOTICE: BL1: v2.1(release):v2.1
NOTICE: BL1: Built : 15:26:06, May 13 2019
NOTICE: rpi3: Detected: Raspberry Pi 3 Model B (1GB, Sony, UK) [0x00a02082]
NOTICE: BL1: Booting BL2
ERROR: rpi3_sdhost: timeout status 0x40
NOTICE: BL2: v2.1(release):v2.1
NOTICE: BL2: Built : 15:26:01, May 13 2019
NOTICE: BL1: Booting BL31
NOTICE: BL31: v2.1(release):v2.1
NOTICE: BL31: Built : 15:26:04, May 13 2019
=UEFI firmware (version UEFI Firmware v1.15 built at 11:58:44 on Feb 14 2020)
========
Synchronous Exception at 0x0000000037A1A4E8
But I sometimes get:
NOTICE: Booting Trusted Firmware
NOTICE: BL1: v2.1(release):v2.1
NOTICE: BL1: Built : 15:26:06, May 13 2019
NOTICE: rpi3: Detected: Raspberry Pi 3 Model B (1GB, Sony, UK) [0x00a02082]
NOTICE: BL1: Booting BL2
ERROR: rpi3_sdhost: timeout status 0x40
NOTICE: BL2: v2.1(release):v2.1
NOTICE: BL2: Built : 15:26:01, May 13 2019
NOTICE: BL1: Booting BL31
NOTICE: BL31: v2.1(release):v2.1
NOTICE: BL31: Built : 15:26:04, May 13 2019
=UEFI firmware (version UEFI Firmware v1.15 built at 11:58:44 on Feb 14 2020)
========malloc(): unsorted double linked list corrupted
Thread 3 "qemu-system-aar" received signal SIGABRT, Aborted.
[Switching to Thread 0x7fffe9c22700 (LWP 22746)]
0x00007ffff515ce35 in raise () from /lib64/libc.so.6
(gdb) bt
#0 0x00007ffff515ce35 in raise () at /lib64/libc.so.6
#1 0x00007ffff5147895 in abort () at /lib64/libc.so.6
#2 0x00007ffff51a008f in __libc_message () at /lib64/libc.so.6
#3 0x00007ffff51a740c in () at /lib64/libc.so.6
#4 0x00007ffff51aa48c in _int_malloc () at /lib64/libc.so.6
#5 0x00007ffff51aad4e in _int_memalign () at /lib64/libc.so.6
#6 0x00007ffff51abdda in _mid_memalign () at /lib64/libc.so.6
#7 0x00007ffff51ad3c6 in posix_memalign () at /lib64/libc.so.6
#8 0x00007ffff7be2407 in slab_allocator_alloc_chunk () at /lib64/libglib-2.0.so.0
#9 0x00007ffff7be3573 in g_slice_alloc () at /lib64/libglib-2.0.so.0
#10 0x00007ffff7bf410a in g_tree_insert_internal () at /lib64/libglib-2.0.so.0
#11 0x0000555555853f10 in tcg_tb_insert (tb=0x7fffd44b4d80 <code_gen_buffer+4934995>) at tcg/tcg.c:425
#12 0x00005555558dbe3d in tb_gen_code (cpu=0x555556afa640, pc=933332960, cs_base=0, flags=2216689664, cflags=-16252928) at accel/tcg/translate-all.c:1875
#13 0x00005555558d7c73 in tb_find (cpu=0x555556afa640, last_tb=0x7fffd44b4c40 <code_gen_buffer+4934675>, tb_exit=0, cf_mask=524288) at accel/tcg/cpu-exec.c:406
#14 0x00005555558d8543 in cpu_exec (cpu=0x555556afa640) at accel/tcg/cpu-exec.c:730
#15 0x00005555558981e1 in tcg_cpu_exec (cpu=0x555556afa640) at cpus.c:1405
#16 0x0000555555898a37 in qemu_tcg_cpu_thread_fn (arg=0x555556afa640) at cpus.c:1713
#17 0x0000555556057af8 in qemu_thread_start (args=0x555557511570) at util/qemu-thread-posix.c:519
#18 0x00007ffff52f34c0 in start_thread () at /lib64/libpthread.so.0
#19 0x00007ffff5221163 in clone () at /lib64/libc.so.6
** Affects: qemu
Importance: Undecided
Status: New
** Tags: arm tcg
--
You received this bug notification because you are a member of qemu-
devel-ml, which is subscribed to QEMU.
https://bugs.launchpad.net/bugs/1863486
Title:
aarch64/tcg crash with malloc(): unsorted double linked list corrupted
Status in QEMU:
New
Bug description:
Based on commit b29c3e23f64938784c42ef9fca896829e3c19120,
QEMU configured with --enable-debug --extra-cflags=-ggdb.
Download Raspberry Pi 3 UEFI Firmware v1.15 from:
https://github.com/pbatard/RPi3/releases/tag/v1.15
(unzip RPi3_UEFI_Firmware_v1.15.zip)
Run QEMU with:
$ qemu-system-aarch64 -M raspi3 \
-serial null -serial stdio \
-device loader,file=RPI_EFI.fd,force-raw=true
Normal behavior:
NOTICE: Booting Trusted Firmware
NOTICE: BL1: v2.1(release):v2.1
NOTICE: BL1: Built : 15:26:06, May 13 2019
NOTICE: rpi3: Detected: Raspberry Pi 3 Model B (1GB, Sony, UK) [0x00a02082]
NOTICE: BL1: Booting BL2
ERROR: rpi3_sdhost: timeout status 0x40
NOTICE: BL2: v2.1(release):v2.1
NOTICE: BL2: Built : 15:26:01, May 13 2019
NOTICE: BL1: Booting BL31
NOTICE: BL31: v2.1(release):v2.1
NOTICE: BL31: Built : 15:26:04, May 13 2019
=UEFI firmware (version UEFI Firmware v1.15 built at 11:58:44 on Feb 14 2020)
========
Synchronous Exception at 0x0000000037A1A4E8
But I sometimes get:
NOTICE: Booting Trusted Firmware
NOTICE: BL1: v2.1(release):v2.1
NOTICE: BL1: Built : 15:26:06, May 13 2019
NOTICE: rpi3: Detected: Raspberry Pi 3 Model B (1GB, Sony, UK) [0x00a02082]
NOTICE: BL1: Booting BL2
ERROR: rpi3_sdhost: timeout status 0x40
NOTICE: BL2: v2.1(release):v2.1
NOTICE: BL2: Built : 15:26:01, May 13 2019
NOTICE: BL1: Booting BL31
NOTICE: BL31: v2.1(release):v2.1
NOTICE: BL31: Built : 15:26:04, May 13 2019
=UEFI firmware (version UEFI Firmware v1.15 built at 11:58:44 on Feb 14 2020)
========malloc(): unsorted double linked list corrupted
Thread 3 "qemu-system-aar" received signal SIGABRT, Aborted.
[Switching to Thread 0x7fffe9c22700 (LWP 22746)]
0x00007ffff515ce35 in raise () from /lib64/libc.so.6
(gdb) bt
#0 0x00007ffff515ce35 in raise () at /lib64/libc.so.6
#1 0x00007ffff5147895 in abort () at /lib64/libc.so.6
#2 0x00007ffff51a008f in __libc_message () at /lib64/libc.so.6
#3 0x00007ffff51a740c in () at /lib64/libc.so.6
#4 0x00007ffff51aa48c in _int_malloc () at /lib64/libc.so.6
#5 0x00007ffff51aad4e in _int_memalign () at /lib64/libc.so.6
#6 0x00007ffff51abdda in _mid_memalign () at /lib64/libc.so.6
#7 0x00007ffff51ad3c6 in posix_memalign () at /lib64/libc.so.6
#8 0x00007ffff7be2407 in slab_allocator_alloc_chunk () at /lib64/libglib-2.0.so.0
#9 0x00007ffff7be3573 in g_slice_alloc () at /lib64/libglib-2.0.so.0
#10 0x00007ffff7bf410a in g_tree_insert_internal () at /lib64/libglib-2.0.so.0
#11 0x0000555555853f10 in tcg_tb_insert (tb=0x7fffd44b4d80 <code_gen_buffer+4934995>) at tcg/tcg.c:425
#12 0x00005555558dbe3d in tb_gen_code (cpu=0x555556afa640, pc=933332960, cs_base=0, flags=2216689664, cflags=-16252928) at accel/tcg/translate-all.c:1875
#13 0x00005555558d7c73 in tb_find (cpu=0x555556afa640, last_tb=0x7fffd44b4c40 <code_gen_buffer+4934675>, tb_exit=0, cf_mask=524288) at accel/tcg/cpu-exec.c:406
#14 0x00005555558d8543 in cpu_exec (cpu=0x555556afa640) at accel/tcg/cpu-exec.c:730
#15 0x00005555558981e1 in tcg_cpu_exec (cpu=0x555556afa640) at cpus.c:1405
#16 0x0000555555898a37 in qemu_tcg_cpu_thread_fn (arg=0x555556afa640) at cpus.c:1713
#17 0x0000555556057af8 in qemu_thread_start (args=0x555557511570) at util/qemu-thread-posix.c:519
#18 0x00007ffff52f34c0 in start_thread () at /lib64/libpthread.so.0
#19 0x00007ffff5221163 in clone () at /lib64/libc.so.6
To manage notifications about this bug go to:
https://bugs.launchpad.net/qemu/+bug/1863486/+subscriptions
^ permalink raw reply [flat|nested] 5+ messages in thread
* [Bug 1863486] Re: aarch64/tcg crash with malloc(): unsorted double linked list corrupted
2020-02-16 16:55 [Bug 1863486] [NEW] aarch64/tcg crash with malloc(): unsorted double linked list corrupted Philippe Mathieu-Daudé
@ 2020-02-16 17:55 ` Philippe Mathieu-Daudé
2020-11-05 13:14 ` Peter Maydell
` (2 subsequent siblings)
3 siblings, 0 replies; 5+ messages in thread
From: Philippe Mathieu-Daudé @ 2020-02-16 17:55 UTC (permalink / raw)
To: qemu-devel
Maybe the same problem we had with U-boot, the SoC starts with only 1
core enabled.
I'm now trying with `-global bcm2836.enabled-cpus=1`.
--
You received this bug notification because you are a member of qemu-
devel-ml, which is subscribed to QEMU.
https://bugs.launchpad.net/bugs/1863486
Title:
aarch64/tcg crash with malloc(): unsorted double linked list corrupted
Status in QEMU:
New
Bug description:
Based on commit b29c3e23f64938784c42ef9fca896829e3c19120,
QEMU configured with --enable-debug --extra-cflags=-ggdb.
Download Raspberry Pi 3 UEFI Firmware v1.15 from:
https://github.com/pbatard/RPi3/releases/tag/v1.15
(unzip RPi3_UEFI_Firmware_v1.15.zip)
Run QEMU with:
$ qemu-system-aarch64 -M raspi3 \
-serial null -serial stdio \
-device loader,file=RPI_EFI.fd,force-raw=true
Normal behavior:
NOTICE: Booting Trusted Firmware
NOTICE: BL1: v2.1(release):v2.1
NOTICE: BL1: Built : 15:26:06, May 13 2019
NOTICE: rpi3: Detected: Raspberry Pi 3 Model B (1GB, Sony, UK) [0x00a02082]
NOTICE: BL1: Booting BL2
ERROR: rpi3_sdhost: timeout status 0x40
NOTICE: BL2: v2.1(release):v2.1
NOTICE: BL2: Built : 15:26:01, May 13 2019
NOTICE: BL1: Booting BL31
NOTICE: BL31: v2.1(release):v2.1
NOTICE: BL31: Built : 15:26:04, May 13 2019
=UEFI firmware (version UEFI Firmware v1.15 built at 11:58:44 on Feb 14 2020)
========
Synchronous Exception at 0x0000000037A1A4E8
But I sometimes get:
NOTICE: Booting Trusted Firmware
NOTICE: BL1: v2.1(release):v2.1
NOTICE: BL1: Built : 15:26:06, May 13 2019
NOTICE: rpi3: Detected: Raspberry Pi 3 Model B (1GB, Sony, UK) [0x00a02082]
NOTICE: BL1: Booting BL2
ERROR: rpi3_sdhost: timeout status 0x40
NOTICE: BL2: v2.1(release):v2.1
NOTICE: BL2: Built : 15:26:01, May 13 2019
NOTICE: BL1: Booting BL31
NOTICE: BL31: v2.1(release):v2.1
NOTICE: BL31: Built : 15:26:04, May 13 2019
=UEFI firmware (version UEFI Firmware v1.15 built at 11:58:44 on Feb 14 2020)
========malloc(): unsorted double linked list corrupted
Thread 3 "qemu-system-aar" received signal SIGABRT, Aborted.
[Switching to Thread 0x7fffe9c22700 (LWP 22746)]
0x00007ffff515ce35 in raise () from /lib64/libc.so.6
(gdb) bt
#0 0x00007ffff515ce35 in raise () at /lib64/libc.so.6
#1 0x00007ffff5147895 in abort () at /lib64/libc.so.6
#2 0x00007ffff51a008f in __libc_message () at /lib64/libc.so.6
#3 0x00007ffff51a740c in () at /lib64/libc.so.6
#4 0x00007ffff51aa48c in _int_malloc () at /lib64/libc.so.6
#5 0x00007ffff51aad4e in _int_memalign () at /lib64/libc.so.6
#6 0x00007ffff51abdda in _mid_memalign () at /lib64/libc.so.6
#7 0x00007ffff51ad3c6 in posix_memalign () at /lib64/libc.so.6
#8 0x00007ffff7be2407 in slab_allocator_alloc_chunk () at /lib64/libglib-2.0.so.0
#9 0x00007ffff7be3573 in g_slice_alloc () at /lib64/libglib-2.0.so.0
#10 0x00007ffff7bf410a in g_tree_insert_internal () at /lib64/libglib-2.0.so.0
#11 0x0000555555853f10 in tcg_tb_insert (tb=0x7fffd44b4d80 <code_gen_buffer+4934995>) at tcg/tcg.c:425
#12 0x00005555558dbe3d in tb_gen_code (cpu=0x555556afa640, pc=933332960, cs_base=0, flags=2216689664, cflags=-16252928) at accel/tcg/translate-all.c:1875
#13 0x00005555558d7c73 in tb_find (cpu=0x555556afa640, last_tb=0x7fffd44b4c40 <code_gen_buffer+4934675>, tb_exit=0, cf_mask=524288) at accel/tcg/cpu-exec.c:406
#14 0x00005555558d8543 in cpu_exec (cpu=0x555556afa640) at accel/tcg/cpu-exec.c:730
#15 0x00005555558981e1 in tcg_cpu_exec (cpu=0x555556afa640) at cpus.c:1405
#16 0x0000555555898a37 in qemu_tcg_cpu_thread_fn (arg=0x555556afa640) at cpus.c:1713
#17 0x0000555556057af8 in qemu_thread_start (args=0x555557511570) at util/qemu-thread-posix.c:519
#18 0x00007ffff52f34c0 in start_thread () at /lib64/libpthread.so.0
#19 0x00007ffff5221163 in clone () at /lib64/libc.so.6
To manage notifications about this bug go to:
https://bugs.launchpad.net/qemu/+bug/1863486/+subscriptions
^ permalink raw reply [flat|nested] 5+ messages in thread
* [Bug 1863486] Re: aarch64/tcg crash with malloc(): unsorted double linked list corrupted
2020-02-16 16:55 [Bug 1863486] [NEW] aarch64/tcg crash with malloc(): unsorted double linked list corrupted Philippe Mathieu-Daudé
2020-02-16 17:55 ` [Bug 1863486] " Philippe Mathieu-Daudé
@ 2020-11-05 13:14 ` Peter Maydell
2020-11-10 15:43 ` Peter Maydell
2021-01-10 4:17 ` Launchpad Bug Tracker
3 siblings, 0 replies; 5+ messages in thread
From: Peter Maydell @ 2020-11-05 13:14 UTC (permalink / raw)
To: qemu-devel
Philippe, can you still repro this? I automated it with this expect
script:
#!/usr/bin/expect
set timeout 60
spawn /home/petmay01/linaro/qemu-from-laptop/qemu/build/x86/qemu-system-aarch64 -M raspi3 -serial null -serial stdio -display none -device loader,file=/tmp/RPI_EFI.fd,force-raw=true
expect {
"Synchronous Exception at 0x0000000037A1A4E8" { send_user "\nexiting\n" ; exit 0 }
timeout { exit 1 }
eof { exit 1 }
}
and then a shell loop "while rpi.expect; do true; done" and didn't see
an assertion either with current master or with the git commit you
quote.
--
You received this bug notification because you are a member of qemu-
devel-ml, which is subscribed to QEMU.
https://bugs.launchpad.net/bugs/1863486
Title:
aarch64/tcg crash with malloc(): unsorted double linked list corrupted
Status in QEMU:
New
Bug description:
Based on commit b29c3e23f64938784c42ef9fca896829e3c19120,
QEMU configured with --enable-debug --extra-cflags=-ggdb.
Download Raspberry Pi 3 UEFI Firmware v1.15 from:
https://github.com/pbatard/RPi3/releases/tag/v1.15
(unzip RPi3_UEFI_Firmware_v1.15.zip)
Run QEMU with:
$ qemu-system-aarch64 -M raspi3 \
-serial null -serial stdio \
-device loader,file=RPI_EFI.fd,force-raw=true
Normal behavior:
NOTICE: Booting Trusted Firmware
NOTICE: BL1: v2.1(release):v2.1
NOTICE: BL1: Built : 15:26:06, May 13 2019
NOTICE: rpi3: Detected: Raspberry Pi 3 Model B (1GB, Sony, UK) [0x00a02082]
NOTICE: BL1: Booting BL2
ERROR: rpi3_sdhost: timeout status 0x40
NOTICE: BL2: v2.1(release):v2.1
NOTICE: BL2: Built : 15:26:01, May 13 2019
NOTICE: BL1: Booting BL31
NOTICE: BL31: v2.1(release):v2.1
NOTICE: BL31: Built : 15:26:04, May 13 2019
=UEFI firmware (version UEFI Firmware v1.15 built at 11:58:44 on Feb 14 2020)
========
Synchronous Exception at 0x0000000037A1A4E8
But I sometimes get:
NOTICE: Booting Trusted Firmware
NOTICE: BL1: v2.1(release):v2.1
NOTICE: BL1: Built : 15:26:06, May 13 2019
NOTICE: rpi3: Detected: Raspberry Pi 3 Model B (1GB, Sony, UK) [0x00a02082]
NOTICE: BL1: Booting BL2
ERROR: rpi3_sdhost: timeout status 0x40
NOTICE: BL2: v2.1(release):v2.1
NOTICE: BL2: Built : 15:26:01, May 13 2019
NOTICE: BL1: Booting BL31
NOTICE: BL31: v2.1(release):v2.1
NOTICE: BL31: Built : 15:26:04, May 13 2019
=UEFI firmware (version UEFI Firmware v1.15 built at 11:58:44 on Feb 14 2020)
========malloc(): unsorted double linked list corrupted
Thread 3 "qemu-system-aar" received signal SIGABRT, Aborted.
[Switching to Thread 0x7fffe9c22700 (LWP 22746)]
0x00007ffff515ce35 in raise () from /lib64/libc.so.6
(gdb) bt
#0 0x00007ffff515ce35 in raise () at /lib64/libc.so.6
#1 0x00007ffff5147895 in abort () at /lib64/libc.so.6
#2 0x00007ffff51a008f in __libc_message () at /lib64/libc.so.6
#3 0x00007ffff51a740c in () at /lib64/libc.so.6
#4 0x00007ffff51aa48c in _int_malloc () at /lib64/libc.so.6
#5 0x00007ffff51aad4e in _int_memalign () at /lib64/libc.so.6
#6 0x00007ffff51abdda in _mid_memalign () at /lib64/libc.so.6
#7 0x00007ffff51ad3c6 in posix_memalign () at /lib64/libc.so.6
#8 0x00007ffff7be2407 in slab_allocator_alloc_chunk () at /lib64/libglib-2.0.so.0
#9 0x00007ffff7be3573 in g_slice_alloc () at /lib64/libglib-2.0.so.0
#10 0x00007ffff7bf410a in g_tree_insert_internal () at /lib64/libglib-2.0.so.0
#11 0x0000555555853f10 in tcg_tb_insert (tb=0x7fffd44b4d80 <code_gen_buffer+4934995>) at tcg/tcg.c:425
#12 0x00005555558dbe3d in tb_gen_code (cpu=0x555556afa640, pc=933332960, cs_base=0, flags=2216689664, cflags=-16252928) at accel/tcg/translate-all.c:1875
#13 0x00005555558d7c73 in tb_find (cpu=0x555556afa640, last_tb=0x7fffd44b4c40 <code_gen_buffer+4934675>, tb_exit=0, cf_mask=524288) at accel/tcg/cpu-exec.c:406
#14 0x00005555558d8543 in cpu_exec (cpu=0x555556afa640) at accel/tcg/cpu-exec.c:730
#15 0x00005555558981e1 in tcg_cpu_exec (cpu=0x555556afa640) at cpus.c:1405
#16 0x0000555555898a37 in qemu_tcg_cpu_thread_fn (arg=0x555556afa640) at cpus.c:1713
#17 0x0000555556057af8 in qemu_thread_start (args=0x555557511570) at util/qemu-thread-posix.c:519
#18 0x00007ffff52f34c0 in start_thread () at /lib64/libpthread.so.0
#19 0x00007ffff5221163 in clone () at /lib64/libc.so.6
To manage notifications about this bug go to:
https://bugs.launchpad.net/qemu/+bug/1863486/+subscriptions
^ permalink raw reply [flat|nested] 5+ messages in thread
* [Bug 1863486] Re: aarch64/tcg crash with malloc(): unsorted double linked list corrupted
2020-02-16 16:55 [Bug 1863486] [NEW] aarch64/tcg crash with malloc(): unsorted double linked list corrupted Philippe Mathieu-Daudé
2020-02-16 17:55 ` [Bug 1863486] " Philippe Mathieu-Daudé
2020-11-05 13:14 ` Peter Maydell
@ 2020-11-10 15:43 ` Peter Maydell
2021-01-10 4:17 ` Launchpad Bug Tracker
3 siblings, 0 replies; 5+ messages in thread
From: Peter Maydell @ 2020-11-10 15:43 UTC (permalink / raw)
To: qemu-devel
** Changed in: qemu
Status: New => Incomplete
--
You received this bug notification because you are a member of qemu-
devel-ml, which is subscribed to QEMU.
https://bugs.launchpad.net/bugs/1863486
Title:
aarch64/tcg crash with malloc(): unsorted double linked list corrupted
Status in QEMU:
Incomplete
Bug description:
Based on commit b29c3e23f64938784c42ef9fca896829e3c19120,
QEMU configured with --enable-debug --extra-cflags=-ggdb.
Download Raspberry Pi 3 UEFI Firmware v1.15 from:
https://github.com/pbatard/RPi3/releases/tag/v1.15
(unzip RPi3_UEFI_Firmware_v1.15.zip)
Run QEMU with:
$ qemu-system-aarch64 -M raspi3 \
-serial null -serial stdio \
-device loader,file=RPI_EFI.fd,force-raw=true
Normal behavior:
NOTICE: Booting Trusted Firmware
NOTICE: BL1: v2.1(release):v2.1
NOTICE: BL1: Built : 15:26:06, May 13 2019
NOTICE: rpi3: Detected: Raspberry Pi 3 Model B (1GB, Sony, UK) [0x00a02082]
NOTICE: BL1: Booting BL2
ERROR: rpi3_sdhost: timeout status 0x40
NOTICE: BL2: v2.1(release):v2.1
NOTICE: BL2: Built : 15:26:01, May 13 2019
NOTICE: BL1: Booting BL31
NOTICE: BL31: v2.1(release):v2.1
NOTICE: BL31: Built : 15:26:04, May 13 2019
=UEFI firmware (version UEFI Firmware v1.15 built at 11:58:44 on Feb 14 2020)
========
Synchronous Exception at 0x0000000037A1A4E8
But I sometimes get:
NOTICE: Booting Trusted Firmware
NOTICE: BL1: v2.1(release):v2.1
NOTICE: BL1: Built : 15:26:06, May 13 2019
NOTICE: rpi3: Detected: Raspberry Pi 3 Model B (1GB, Sony, UK) [0x00a02082]
NOTICE: BL1: Booting BL2
ERROR: rpi3_sdhost: timeout status 0x40
NOTICE: BL2: v2.1(release):v2.1
NOTICE: BL2: Built : 15:26:01, May 13 2019
NOTICE: BL1: Booting BL31
NOTICE: BL31: v2.1(release):v2.1
NOTICE: BL31: Built : 15:26:04, May 13 2019
=UEFI firmware (version UEFI Firmware v1.15 built at 11:58:44 on Feb 14 2020)
========malloc(): unsorted double linked list corrupted
Thread 3 "qemu-system-aar" received signal SIGABRT, Aborted.
[Switching to Thread 0x7fffe9c22700 (LWP 22746)]
0x00007ffff515ce35 in raise () from /lib64/libc.so.6
(gdb) bt
#0 0x00007ffff515ce35 in raise () at /lib64/libc.so.6
#1 0x00007ffff5147895 in abort () at /lib64/libc.so.6
#2 0x00007ffff51a008f in __libc_message () at /lib64/libc.so.6
#3 0x00007ffff51a740c in () at /lib64/libc.so.6
#4 0x00007ffff51aa48c in _int_malloc () at /lib64/libc.so.6
#5 0x00007ffff51aad4e in _int_memalign () at /lib64/libc.so.6
#6 0x00007ffff51abdda in _mid_memalign () at /lib64/libc.so.6
#7 0x00007ffff51ad3c6 in posix_memalign () at /lib64/libc.so.6
#8 0x00007ffff7be2407 in slab_allocator_alloc_chunk () at /lib64/libglib-2.0.so.0
#9 0x00007ffff7be3573 in g_slice_alloc () at /lib64/libglib-2.0.so.0
#10 0x00007ffff7bf410a in g_tree_insert_internal () at /lib64/libglib-2.0.so.0
#11 0x0000555555853f10 in tcg_tb_insert (tb=0x7fffd44b4d80 <code_gen_buffer+4934995>) at tcg/tcg.c:425
#12 0x00005555558dbe3d in tb_gen_code (cpu=0x555556afa640, pc=933332960, cs_base=0, flags=2216689664, cflags=-16252928) at accel/tcg/translate-all.c:1875
#13 0x00005555558d7c73 in tb_find (cpu=0x555556afa640, last_tb=0x7fffd44b4c40 <code_gen_buffer+4934675>, tb_exit=0, cf_mask=524288) at accel/tcg/cpu-exec.c:406
#14 0x00005555558d8543 in cpu_exec (cpu=0x555556afa640) at accel/tcg/cpu-exec.c:730
#15 0x00005555558981e1 in tcg_cpu_exec (cpu=0x555556afa640) at cpus.c:1405
#16 0x0000555555898a37 in qemu_tcg_cpu_thread_fn (arg=0x555556afa640) at cpus.c:1713
#17 0x0000555556057af8 in qemu_thread_start (args=0x555557511570) at util/qemu-thread-posix.c:519
#18 0x00007ffff52f34c0 in start_thread () at /lib64/libpthread.so.0
#19 0x00007ffff5221163 in clone () at /lib64/libc.so.6
To manage notifications about this bug go to:
https://bugs.launchpad.net/qemu/+bug/1863486/+subscriptions
^ permalink raw reply [flat|nested] 5+ messages in thread
* [Bug 1863486] Re: aarch64/tcg crash with malloc(): unsorted double linked list corrupted
2020-02-16 16:55 [Bug 1863486] [NEW] aarch64/tcg crash with malloc(): unsorted double linked list corrupted Philippe Mathieu-Daudé
` (2 preceding siblings ...)
2020-11-10 15:43 ` Peter Maydell
@ 2021-01-10 4:17 ` Launchpad Bug Tracker
3 siblings, 0 replies; 5+ messages in thread
From: Launchpad Bug Tracker @ 2021-01-10 4:17 UTC (permalink / raw)
To: qemu-devel
[Expired for QEMU because there has been no activity for 60 days.]
** Changed in: qemu
Status: Incomplete => Expired
--
You received this bug notification because you are a member of qemu-
devel-ml, which is subscribed to QEMU.
https://bugs.launchpad.net/bugs/1863486
Title:
aarch64/tcg crash with malloc(): unsorted double linked list corrupted
Status in QEMU:
Expired
Bug description:
Based on commit b29c3e23f64938784c42ef9fca896829e3c19120,
QEMU configured with --enable-debug --extra-cflags=-ggdb.
Download Raspberry Pi 3 UEFI Firmware v1.15 from:
https://github.com/pbatard/RPi3/releases/tag/v1.15
(unzip RPi3_UEFI_Firmware_v1.15.zip)
Run QEMU with:
$ qemu-system-aarch64 -M raspi3 \
-serial null -serial stdio \
-device loader,file=RPI_EFI.fd,force-raw=true
Normal behavior:
NOTICE: Booting Trusted Firmware
NOTICE: BL1: v2.1(release):v2.1
NOTICE: BL1: Built : 15:26:06, May 13 2019
NOTICE: rpi3: Detected: Raspberry Pi 3 Model B (1GB, Sony, UK) [0x00a02082]
NOTICE: BL1: Booting BL2
ERROR: rpi3_sdhost: timeout status 0x40
NOTICE: BL2: v2.1(release):v2.1
NOTICE: BL2: Built : 15:26:01, May 13 2019
NOTICE: BL1: Booting BL31
NOTICE: BL31: v2.1(release):v2.1
NOTICE: BL31: Built : 15:26:04, May 13 2019
=UEFI firmware (version UEFI Firmware v1.15 built at 11:58:44 on Feb 14 2020)
========
Synchronous Exception at 0x0000000037A1A4E8
But I sometimes get:
NOTICE: Booting Trusted Firmware
NOTICE: BL1: v2.1(release):v2.1
NOTICE: BL1: Built : 15:26:06, May 13 2019
NOTICE: rpi3: Detected: Raspberry Pi 3 Model B (1GB, Sony, UK) [0x00a02082]
NOTICE: BL1: Booting BL2
ERROR: rpi3_sdhost: timeout status 0x40
NOTICE: BL2: v2.1(release):v2.1
NOTICE: BL2: Built : 15:26:01, May 13 2019
NOTICE: BL1: Booting BL31
NOTICE: BL31: v2.1(release):v2.1
NOTICE: BL31: Built : 15:26:04, May 13 2019
=UEFI firmware (version UEFI Firmware v1.15 built at 11:58:44 on Feb 14 2020)
========malloc(): unsorted double linked list corrupted
Thread 3 "qemu-system-aar" received signal SIGABRT, Aborted.
[Switching to Thread 0x7fffe9c22700 (LWP 22746)]
0x00007ffff515ce35 in raise () from /lib64/libc.so.6
(gdb) bt
#0 0x00007ffff515ce35 in raise () at /lib64/libc.so.6
#1 0x00007ffff5147895 in abort () at /lib64/libc.so.6
#2 0x00007ffff51a008f in __libc_message () at /lib64/libc.so.6
#3 0x00007ffff51a740c in () at /lib64/libc.so.6
#4 0x00007ffff51aa48c in _int_malloc () at /lib64/libc.so.6
#5 0x00007ffff51aad4e in _int_memalign () at /lib64/libc.so.6
#6 0x00007ffff51abdda in _mid_memalign () at /lib64/libc.so.6
#7 0x00007ffff51ad3c6 in posix_memalign () at /lib64/libc.so.6
#8 0x00007ffff7be2407 in slab_allocator_alloc_chunk () at /lib64/libglib-2.0.so.0
#9 0x00007ffff7be3573 in g_slice_alloc () at /lib64/libglib-2.0.so.0
#10 0x00007ffff7bf410a in g_tree_insert_internal () at /lib64/libglib-2.0.so.0
#11 0x0000555555853f10 in tcg_tb_insert (tb=0x7fffd44b4d80 <code_gen_buffer+4934995>) at tcg/tcg.c:425
#12 0x00005555558dbe3d in tb_gen_code (cpu=0x555556afa640, pc=933332960, cs_base=0, flags=2216689664, cflags=-16252928) at accel/tcg/translate-all.c:1875
#13 0x00005555558d7c73 in tb_find (cpu=0x555556afa640, last_tb=0x7fffd44b4c40 <code_gen_buffer+4934675>, tb_exit=0, cf_mask=524288) at accel/tcg/cpu-exec.c:406
#14 0x00005555558d8543 in cpu_exec (cpu=0x555556afa640) at accel/tcg/cpu-exec.c:730
#15 0x00005555558981e1 in tcg_cpu_exec (cpu=0x555556afa640) at cpus.c:1405
#16 0x0000555555898a37 in qemu_tcg_cpu_thread_fn (arg=0x555556afa640) at cpus.c:1713
#17 0x0000555556057af8 in qemu_thread_start (args=0x555557511570) at util/qemu-thread-posix.c:519
#18 0x00007ffff52f34c0 in start_thread () at /lib64/libpthread.so.0
#19 0x00007ffff5221163 in clone () at /lib64/libc.so.6
To manage notifications about this bug go to:
https://bugs.launchpad.net/qemu/+bug/1863486/+subscriptions
^ permalink raw reply [flat|nested] 5+ messages in thread
end of thread, other threads:[~2021-01-10 4:31 UTC | newest]
Thread overview: 5+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2020-02-16 16:55 [Bug 1863486] [NEW] aarch64/tcg crash with malloc(): unsorted double linked list corrupted Philippe Mathieu-Daudé
2020-02-16 17:55 ` [Bug 1863486] " Philippe Mathieu-Daudé
2020-11-05 13:14 ` Peter Maydell
2020-11-10 15:43 ` Peter Maydell
2021-01-10 4:17 ` Launchpad Bug Tracker
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).