On 2018-07-10 18:00, Peter Maydell wrote:
> Now that all the callers can handle get_page_addr_code() returning -1,
> remove all the code which tries to handle execution from MMIO regions
> or small-MMU-region RAM areas. This will mean that we can correctly
> execute from these areas, rather than ending up either aborting QEMU
> or delivering an incorrect guest exception.
>
> Signed-off-by: Peter Maydell <peter.mayd...@linaro.org>
> ---
> accel/tcg/cputlb.c | 95 +++++-----------------------------------------
> 1 file changed, 10 insertions(+), 85 deletions(-)
>
> diff --git a/accel/tcg/cputlb.c b/accel/tcg/cputlb.c
> index c491703f15f..abb0225dc79 100644
> --- a/accel/tcg/cputlb.c
> +++ b/accel/tcg/cputlb.c
> @@ -741,39 +741,6 @@ void tlb_set_page(CPUState *cpu, target_ulong vaddr,
> prot, mmu_idx, size);
> }
>
> -static void report_bad_exec(CPUState *cpu, target_ulong addr)
> -{
> - /* Accidentally executing outside RAM or ROM is quite common for
> - * several user-error situations, so report it in a way that
> - * makes it clear that this isn't a QEMU bug and provide suggestions
> - * about what a user could do to fix things.
> - */
> - error_report("Trying to execute code outside RAM or ROM at 0x"
> - TARGET_FMT_lx, addr);
> - error_printf("This usually means one of the following happened:\n\n"
> - "(1) You told QEMU to execute a kernel for the wrong
> machine "
> - "type, and it crashed on startup (eg trying to run a "
> - "raspberry pi kernel on a versatilepb QEMU machine)\n"
> - "(2) You didn't give QEMU a kernel or BIOS filename at all,
> "
> - "and QEMU executed a ROM full of no-op instructions until "
> - "it fell off the end\n"
> - "(3) Your guest kernel has a bug and crashed by jumping "
> - "off into nowhere\n\n"
> - "This is almost always one of the first two, so check your "
> - "command line and that you are using the right type of
> kernel "
> - "for this machine.\n"
> - "If you think option (3) is likely then you can try
> debugging "
> - "your guest with the -d debug options; in particular "
> - "-d guest_errors will cause the log to include a dump of
> the "
> - "guest register state at this point.\n\n"
> - "Execution cannot continue; stopping here.\n\n");
Hi Peter!
Looks like this patch now causes QEMU to segfault instead of printing the
above error message in certain cases, e.g.:
$ gdb --args aarch64-softmmu/qemu-system-aarch64 -M n800
[...]
(gdb) r
Starting program: aarch64-softmmu/qemu-system-aarch64 -M n800
[...]
Program received signal SIGSEGV, Segmentation fault.
[...]
(gdb) bt
#0 0x0000555555addc68 in onenand_read (opaque=0x555557600600, addr=98304,
size=4) at hw/block/onenand.c:612
#1 0x00005555558b175c in memory_region_read_accessor (mr=0x555557600b80,
addr=98304, value=0x7fffdbffe360, size=4, shift=0, mask=4294967295, attrs=...)
at memory.c:440
#2 0x00005555558ae669 in access_with_adjusted_size (addr=addr@entry=98304,
value=value@entry=0x7fffdbffe360, size=size@entry=4, access_size_min=<optimized
out>, access_size_max=<optimized out>, access_fn=access_fn@entry=0x5555558b1720
<memory_region_read_accessor>, mr=mr@entry=0x555557600b80,
attrs=attrs@entry=...) at memory.c:570
#3 0x00005555558b3016 in memory_region_dispatch_read (attrs=..., size=4,
pval=0x7fffdbffe360, addr=98304, mr=0x555557600b80) at memory.c:1375
#4 0x00005555558b3016 in memory_region_dispatch_read (mr=0x555557600b80,
addr=addr@entry=98304, pval=pval@entry=0x7fffdbffe360, size=size@entry=4,
attrs=...)
at memory.c:1402
#5 0x000055555583cb23 in io_readx (env=env@entry=0x555556b58a30,
iotlbentry=iotlbentry@entry=0x555556b6d6b0, mmu_idx=mmu_idx@entry=1,
addr=addr@entry=98304, retaddr=retaddr@entry=0, recheck=<optimized out>,
access_type=access_type@entry=MMU_INST_FETCH, size=size@entry=4) at
accel/tcg/cputlb.c:729
#6 0x00005555558d79cd in helper_le_ldl_cmmu (access_type=MMU_INST_FETCH,
recheck=<optimized out>, retaddr=0, addr=98304, index=96, mmu_idx=1,
env=0x555556b58a30)
at accel/tcg/softmmu_template.h:106
#7 0x00005555558d79cd in helper_le_ldl_cmmu (env=env@entry=0x555556b58a30,
addr=addr@entry=98304, oi=33, retaddr=retaddr@entry=0)
at accel/tcg/softmmu_template.h:144
#8 0x00005555559d2595 in arm_tr_translate_insn (retaddr=0, ptr=98304,
env=0x555556b58a30) at include/exec/cpu_ldst_template.h:102
Any clue what's going on here?
Thomas
