From: Peter Maydell <1918917@bugs.launchpad.net>
To: qemu-devel@nongnu.org
Subject: [Bug 1918917] Re: synchronous about on accessing unused I/O ports on aarch64
Date: Fri, 12 Mar 2021 14:56:11 -0000 [thread overview]
Message-ID: <161556097145.2719.9546405736181891449.malone@chaenomeles.canonical.com> (raw)
In-Reply-To: 161554541665.16519.7546318758364401915.malonedeb@wampee.canonical.com
Is there a test case (all necessary images/files/QEMU command line) I
can repro this with ?
--
You received this bug notification because you are a member of qemu-
devel-ml, which is subscribed to QEMU.
https://bugs.launchpad.net/bugs/1918917
Title:
synchronous about on accessing unused I/O ports on aarch64
Status in QEMU:
New
Bug description:
version: QEMU emulator version 5.2.0 (Debian 1:5.2+dfsg-6)
command line: qemu-system-aarch64 \
-machine virt,virtualization=on,graphics=on,usb=on -cpu cortex-a57 -smp 2 -m 2G \
-device virtio-blk-device,drive=hd0 \
-drive if=none,format=raw,id=hd0,file=buildroot \
-kernel arch/arm64/boot/Image \
-nographic \
-device virtio-rng-pci \
-net user,host=10.0.2.10,hostfwd=tcp::10022-:22 -net nic,model=virtio-net-pci \
-append "root=/dev/vda earlyprintk=serial console=ttyAMA0 earlycon"
I am observing "synchronous external abort" when kernel tries to
access unused I/O ports (see below), while hardware/qemu should return
0xffffffff in this case.
This is factored out of this LKML thread where Arnd describes it in more details:
https://lore.kernel.org/lkml/CAK8P3a0HVu+x0T6+K3d0v1bvU-Pes0F0CSjqm5x=bxFgv5Y3mA@mail.gmail.com/
Internal error: synchronous external abort: 96000050 [#1] PREEMPT SMP
Dumping ftrace buffer:
(ftrace buffer empty)
Modules linked in:
CPU: 0 PID: 11231 Comm: syz-executor.1 Not tainted 5.12.0-rc2-syzkaller-00302-g28806e4d9b97 #0
Hardware name: linux,dummy-virt (DT)
pstate: 80000085 (Nzcv daIf -PAN -UAO -TCO BTYPE=--)
pc : __raw_writeb arch/arm64/include/asm/io.h:27 [inline]
pc : _outb include/asm-generic/io.h:501 [inline]
pc : logic_outb+0x3c/0x114 lib/logic_pio.c:302
lr : io_serial_out+0x80/0xc0 drivers/tty/serial/8250/8250_port.c:453
sp : ffff000015f0f980
x29: ffff000015f0f980 x28: ffff80001de0005d
x27: ffff80001601df00 x26: ffff000015f0fc90
x25: ffff80001de00000 x24: ffff80001de00000
x23: ffff00000e27f600 x22: 0000000000000000
x21: 0000000000000002 x20: 0000000000000002
x19: fffffbfffe800001 x18: ffff00006a678b48
x17: 0000000000000000 x16: 0000000000000000
x15: ffff8000197be810 x14: 1fffe00002be1f0e
x13: 1fffe00002be1e90 x12: ffff600002be1f39
x11: 1fffe00002be1f38 x10: ffff600002be1f38
x9 : dfff800000000000 x8 : 0000000000000003
x7 : 0000000000000001 x6 : 0000000000000004
x5 : ffff000015f0f9c0 x4 : dfff800000000000
x3 : 0000000000000001 x2 : 1ffff00003494e6b
x1 : fffffbfffe800000 x0 : 0000000000ffbffe
Call trace:
_outb include/asm-generic/io.h:501 [inline]
logic_outb+0x3c/0x114 lib/logic_pio.c:302
io_serial_out+0x80/0xc0 drivers/tty/serial/8250/8250_port.c:453
serial_out drivers/tty/serial/8250/8250.h:118 [inline]
serial8250_set_THRI drivers/tty/serial/8250/8250.h:138 [inline]
__start_tx drivers/tty/serial/8250/8250_port.c:1566 [inline]
serial8250_start_tx+0x338/0x6c0 drivers/tty/serial/8250/8250_port.c:1666
__uart_start.isra.0+0x10c/0x154 drivers/tty/serial/serial_core.c:127
uart_start+0xe0/0x210 drivers/tty/serial/serial_core.c:137
uart_flush_chars+0x10/0x20 drivers/tty/serial/serial_core.c:573
__receive_buf drivers/tty/n_tty.c:1646 [inline]
n_tty_receive_buf_common+0x588/0x22c0 drivers/tty/n_tty.c:1739
n_tty_receive_buf+0x14/0x20 drivers/tty/n_tty.c:1768
tiocsti drivers/tty/tty_io.c:2317 [inline]
tty_ioctl+0xed0/0x1aec drivers/tty/tty_io.c:2718
vfs_ioctl fs/ioctl.c:48 [inline]
__do_sys_ioctl fs/ioctl.c:753 [inline]
__se_sys_ioctl fs/ioctl.c:739 [inline]
__arm64_sys_ioctl+0x120/0x18c fs/ioctl.c:739
__invoke_syscall arch/arm64/kernel/syscall.c:37 [inline]
invoke_syscall arch/arm64/kernel/syscall.c:49 [inline]
el0_svc_common.constprop.0+0xf0/0x2c0 arch/arm64/kernel/syscall.c:129
do_el0_svc+0xa4/0xd0 arch/arm64/kernel/syscall.c:168
el0_svc+0x24/0x34 arch/arm64/kernel/entry-common.c:416
el0_sync_handler+0x1a4/0x1b0 arch/arm64/kernel/entry-common.c:432
el0_sync+0x170/0x180 arch/arm64/kernel/entry.S:699
Code: d2bfd001 f2df7fe1 f2ffffe1 8b010273 (39000274)
---[ end trace 79cb47219936c254 ]---
To manage notifications about this bug go to:
https://bugs.launchpad.net/qemu/+bug/1918917/+subscriptions
next prev parent reply other threads:[~2021-03-12 15:14 UTC|newest]
Thread overview: 10+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-03-12 10:36 [Bug 1918917] [NEW] synchronous about on accessing unused I/O ports on aarch64 Dmitry Vyukov
2021-03-12 10:51 ` [Bug 1918917] " Arnd Bergmann
2021-03-12 11:21 ` Peter Maydell
2021-03-12 14:30 ` Arnd Bergmann
2021-03-12 14:56 ` Peter Maydell [this message]
2021-03-12 16:06 ` Dmitry Vyukov
2021-03-12 16:07 ` Dmitry Vyukov
2021-03-19 17:03 ` Peter Maydell
2021-03-19 20:39 ` [Bug 1918917] Re: synchronous abort " Laszlo Ersek (Red Hat)
2021-05-15 14:04 ` Thomas Huth
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=161556097145.2719.9546405736181891449.malone@chaenomeles.canonical.com \
--to=1918917@bugs.launchpad.net \
--cc=qemu-devel@nongnu.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).