Anthony, See http://thread.gmane.org/gmane.comp.emulators.qemu/139580
This patch (from Avi) fix the problem, at least, in my case. On Wed, Mar 14, 2012 at 4:59 PM, Anthony Liguori <anth...@codemonkey.ws> wrote: > On 03/06/2012 10:22 PM, fidencio wrote: >> >> Public bug reported: >> >> QEMU is crashing when called with "-vga none". This regression was >> inserted in e5ad936b0fd7dfd7fd7908be6f9f1ca88f63b96b. >> >> QEMU line: >> /home/fidencio/dev/bin/qemu-system-x86_64 -enable-kvm -m 1024 -kernel >> /home/fidencio/src/linux-2.6/arch/x86_64/boot/bzImage -append "root=nfs rw >> nfsrootdebug console=ttyS0 >> ip=192.168.122.2:192.168.122.1:192.168.122.1:255.255.255.0 >> nfsroot=192.168.122.1:/home/fidencio/fedora14-minimal" -device e1000,vlan=0 >> -serial stdio -net tap,script=/home/fidencio/dev/etc/qemu-ifup -vga none > > > I can confirm this was introduced in: > > commit e5ad936b0fd7dfd7fd7908be6f9f1ca88f63b96b > Author: Jan Kiszka <jan.kis...@siemens.com> > Date: Fri Feb 17 18:31:19 2012 +0100 > > kvmvapic: Introduce TPR access optimization for Windows guests > > For me, this results in a SEGV until: > > commit bf75fec175d00885c7ae06e5917bde86110c386a > Merge: 9f1d43b 7e68075 > Author: Anthony Liguori <aligu...@us.ibm.com> > Date: Fri Mar 9 12:29:55 2012 -0600 > > Merge remote-tracking branch 'qemu-kvm/uq/master' into staging > > * qemu-kvm/uq/master: > kvm: fill in padding to help valgrind > kvm: x86: Add user space part for in-kernel i8254 > kvm: Add kvm_has_pit_state2 helper > i8254: Open-code timer restore > i8254: Factor out base class for KVM reuse > > Which then turns it into: > > /home/anthony/build/qemu/x86_64-softmmu/qemu-system-x86_64 -kernel > bin/vmlinuz-3.0 -initrd .tmp-20604/initramfs-20604.img.gz -append > console=ttyS0 seed=8631 -drive > file=.tmp-20604/disk-20604.img,if=none,snapshot=on,id=hd0 -device > virtio-balloon-pci,addr=03.0 -device virtio-blk-pci,addr=04.0,drive=hd0 > -nographic -nodefconfig -m 1G -no-reboot -no-hpet -device virtio-serial > -chardev socket,path=.tmp-20604/channel-20604.sock,id=channel0,server,nowait > -device virtserialport,chardev=channel0,name=org.libguestfs.channel.0 > -nodefaults -serial stdio -enable-kvm -pidfile .tmp-20604/pidfile-20604.pid > -qmp unix:.tmp-20604/qmpsock-20604.sock,server,nowait > KVM internal error. Suberror: 1 > emulation failure > EAX=0000aa55 EBX=00000000 ECX=00000000 EDX=00000000 > ESI=00000000 EDI=00000000 EBP=00000000 ESP=00006f78 > EIP=0000003c EFL=00010202 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 > ES =0000 00000000 0000ffff 00009300 > CS =c300 000c3000 0000ffff 00009b00 > SS =0000 00000000 0000ffff 00009300 > DS =0000 00000000 0000ffff 00009300 > FS =0000 00000000 0000ffff 00009300 > GS =0000 00000000 0000ffff 00009300 > LDT=0000 00000000 0000ffff 00008200 > TR =0000 00000000 0000ffff 00008b00 > GDT= 000fcd78 00000037 > IDT= 00000000 000003ff > CR0=00000010 CR2=00000000 CR3=00000000 CR4=00000000 > DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 > DR3=0000000000000000 > DR6=00000000ffff0ff0 DR7=0000000000000400 > EFER=0000000000000000 > Code=00 00 7c 02 81 02 00 00 00 00 00 00 00 00 3c 00 00 00 00 00 <8c> c8 8e > d8 fa fc e9 91 00 b8 16 00 ba 10 05 ef ba 11 05 ec 66 c1 e0 08 ec 66 c1 e0 > 08 ec > > A simple test case to reproduce: > > x86_64-softmmu/qemu-system-x86_64 -nographic -nodefconfig -enable-kvm > -nodefaults -kernel /boot/vmlinuz-2.6.32-29-generic > > I've tried multiple guest kernel versions and they all reproduce (not > surprising since EIP is still in SeaBIOS here). > > This also happens with the very latest SeaBIOS release. > > Regards, > > Anthony Liguori > > >> >> Backtrace: >> #0 0x00005555557ac976 in is_romd (pd=2048) >> at /home/fidencio/src/qemu/exec.c:2110 >> #1 0x00005555557ac9e3 in is_ram_rom_romd (pd=804864) >> at /home/fidencio/src/qemu/exec.c:2115 >> #2 0x00005555557ad05a in cpu_register_physical_memory_log (section= >> 0x7ffff2daf6f0, readable=true, readonly=false) >> at /home/fidencio/src/qemu/exec.c:2587 >> #3 0x00005555557e4d47 in as_memory_range_add (as=0x555555c34980, fr= >> 0x7fffec002950) at /home/fidencio/src/qemu/memory.c:317 >> #4 0x00005555557e6b49 in address_space_update_topology_pass (as= >> 0x555555c34980, old_view=..., new_view=..., adding=true) >> at /home/fidencio/src/qemu/memory.c:763 >> #5 0x00005555557e6c3f in address_space_update_topology >> (as=0x555555c34980) >> at /home/fidencio/src/qemu/memory.c:779 >> #6 0x00005555557e6d0c in memory_region_update_topology >> (mr=0x55555646d2c0) >> at /home/fidencio/src/qemu/memory.c:798 >> #7 0x00005555557e8e16 in memory_region_add_subregion_common (mr= >> 0x55555646d2c0, offset=792576, subregion=0x5555564a6130) >> at /home/fidencio/src/qemu/memory.c:1352 >> #8 0x00005555557e8ede in memory_region_add_subregion_overlap (mr= >> 0x55555646d2c0, offset=792576, subregion=0x5555564a6130, >> priority=1000) >> at /home/fidencio/src/qemu/memory.c:1372 >> #9 0x00005555557dfebe in vapic_map_rom_writable (s=0x5555564a3d30) >> at /home/fidencio/src/qemu/hw/kvmvapic.c:587 >> #10 0x00005555557dff06 in vapic_prepare (s=0x5555564a3d30) >> at /home/fidencio/src/qemu/hw/kvmvapic.c:593 >> #11 0x00005555557e0001 in vapic_write (opaque=0x5555564a3d30, addr=0, >> data=32, >> size=2) at /home/fidencio/src/qemu/hw/kvmvapic.c:632 >> #12 0x00005555557e4b84 in memory_region_write_accessor >> (opaque=0x5555564a6068, >> addr=0, value=0x7ffff2dafb00, size=2, shift=0, mask=65535) >> at /home/fidencio/src/qemu/memory.c:274 >> #13 0x00005555557e4c66 in access_with_adjusted_size (addr=0, value= >> 0x7ffff2dafb00, size=2, access_size_min=1, access_size_max=4, access= >> 0x5555557e4b0c<memory_region_write_accessor>, opaque=0x5555564a6068) >> at /home/fidencio/src/qemu/memory.c:304 >> #14 0x00005555557e5412 in memory_region_iorange_write >> (iorange=0x5555564a60b0, >> offset=0, width=2, data=32) at /home/fidencio/src/qemu/memory.c:440 >> #15 0x00005555557d0ab6 in ioport_writew_thunk (opaque=0x5555564a60b0, >> addr= >> 126, data=32) at /home/fidencio/src/qemu/ioport.c:218 >> #16 0x00005555557d0411 in ioport_write (index=1, address=126, data=32) >> at /home/fidencio/src/qemu/ioport.c:82 >> #17 0x00005555557d0f3d in cpu_outw (addr=126, val=32) >> at /home/fidencio/src/qemu/ioport.c:281 >> #18 0x00005555557d537c in kvm_handle_io (port=126, data=0x7ffff7ff4000, >> direction=1, size=2, count=1) at >> /home/fidencio/src/qemu/kvm-all.c:1015 >> #19 0x00005555557d594a in kvm_cpu_exec (env=0x555556492f20) >> at /home/fidencio/src/qemu/kvm-all.c:1160 >> #20 0x00005555557a5d69 in qemu_kvm_cpu_thread_fn (arg=0x555556492f20) >> at /home/fidencio/src/qemu/cpus.c:733 >> #21 0x00007ffff651dd90 in start_thread (arg=0x7ffff2db0700) >> at pthread_create.c:309 >> #22 0x00007ffff578148d in clone () >> at ../sysdeps/unix/sysv/linux/x86_64/clone.S:115 >> >> ** Affects: qemu >> Importance: Undecided >> Status: New >> >> ** Description changed: >> >> QEMU is crashing when called with "-vga none". This regression was >> inserted in e5ad936b0fd7dfd7fd7908be6f9f1ca88f63b96b. >> >> QEMU line: >> /home/fidencio/dev/bin/qemu-system-x86_64 -enable-kvm -m 1024 -kernel >> /home/fidencio/src/linux-2.6/arch/x86_64/boot/bzImage -append "root=nfs rw >> nfsrootdebug console=ttyS0 >> ip=192.168.122.2:192.168.122.1:192.168.122.1:255.255.255.0 >> nfsroot=192.168.122.1:/home/fidencio/fedora14-minimal" -device e1000,vlan=0 >> -serial stdio -net tap,script=/home/fidencio/dev/etc/qemu-ifup -vga none >> >> Backtrace: >> #0 0x00005555557ac976 in is_romd (pd=2048) >> - at /home/fidencio/src/qemu/exec.c:2110 >> + at /home/fidencio/src/qemu/exec.c:2110 >> #1 0x00005555557ac9e3 in is_ram_rom_romd (pd=804864) >> - at /home/fidencio/src/qemu/exec.c:2115 >> + at /home/fidencio/src/qemu/exec.c:2115 >> #2 0x00005555557ad05a in cpu_register_physical_memory_log (section= >> - 0x7ffff2daf6f0, readable=true, readonly=false) >> - at /home/fidencio/src/qemu/exec.c:2587 >> + 0x7ffff2daf6f0, readable=true, readonly=false) >> + at /home/fidencio/src/qemu/exec.c:2587 >> #3 0x00005555557e4d47 in as_memory_range_add (as=0x555555c34980, fr= >> - 0x7fffec002950) at /home/fidencio/src/qemu/memory.c:317 >> + 0x7fffec002950) at /home/fidencio/src/qemu/memory.c:317 >> #4 0x00005555557e6b49 in address_space_update_topology_pass (as= >> - 0x555555c34980, old_view=..., new_view=..., adding=true) >> - at /home/fidencio/src/qemu/memory.c:763 >> + 0x555555c34980, old_view=..., new_view=..., adding=true) >> + at /home/fidencio/src/qemu/memory.c:763 >> #5 0x00005555557e6c3f in address_space_update_topology >> (as=0x555555c34980) >> - at /home/fidencio/src/qemu/memory.c:779 >> + at /home/fidencio/src/qemu/memory.c:779 >> #6 0x00005555557e6d0c in memory_region_update_topology >> (mr=0x55555646d2c0) >> - at /home/fidencio/src/qemu/memory.c:798 >> + at /home/fidencio/src/qemu/memory.c:798 >> #7 0x00005555557e8e16 in memory_region_add_subregion_common (mr= >> - 0x55555646d2c0, offset=792576, subregion=0x5555564a6130) >> - at /home/fidencio/src/qemu/memory.c:1352 >> + 0x55555646d2c0, offset=792576, subregion=0x5555564a6130) >> + at /home/fidencio/src/qemu/memory.c:1352 >> #8 0x00005555557e8ede in memory_region_add_subregion_overlap (mr= >> - 0x55555646d2c0, offset=792576, subregion=0x5555564a6130, >> priority=1000) >> - at /home/fidencio/src/qemu/memory.c:1372 >> + 0x55555646d2c0, offset=792576, subregion=0x5555564a6130, >> priority=1000) >> + at /home/fidencio/src/qemu/memory.c:1372 >> #9 0x00005555557dfebe in vapic_map_rom_writable (s=0x5555564a3d30) >> - at /home/fidencio/src/qemu/hw/kvmvapic.c:587 >> + at /home/fidencio/src/qemu/hw/kvmvapic.c:587 >> #10 0x00005555557dff06 in vapic_prepare (s=0x5555564a3d30) >> - at /home/fidencio/src/qemu/hw/kvmvapic.c:593 >> - #11 0x00005555557e0001 in vapic_write (opaque=0x5555564a3d30, addr=0, >> data=32, >> - size=2) at /home/fidencio/src/qemu/hw/kvmvapic.c:632 >> - #12 0x00005555557e4b84 in memory_region_write_accessor >> (opaque=0x5555564a6068, >> - addr=0, value=0x7ffff2dafb00, size=2, shift=0, mask=65535) >> - at /home/fidencio/src/qemu/memory.c:274 >> + at /home/fidencio/src/qemu/hw/kvmvapic.c:593 >> + #11 0x00005555557e0001 in vapic_write (opaque=0x5555564a3d30, addr=0, >> data=32, >> + size=2) at /home/fidencio/src/qemu/hw/kvmvapic.c:632 >> + #12 0x00005555557e4b84 in memory_region_write_accessor >> (opaque=0x5555564a6068, >> + addr=0, value=0x7ffff2dafb00, size=2, shift=0, mask=65535) >> + at /home/fidencio/src/qemu/memory.c:274 >> #13 0x00005555557e4c66 in access_with_adjusted_size (addr=0, value= >> - 0x7ffff2dafb00, size=2, access_size_min=1, access_size_max=4, >> access= >> - 0x5555557e4b0c<memory_region_write_accessor>, opaque=0x5555564a6068) >> - at /home/fidencio/src/qemu/memory.c:304 >> - #14 0x00005555557e5412 in memory_region_iorange_write >> (iorange=0x5555564a60b0, >> - offset=0, width=2, data=32) at /home/fidencio/src/qemu/memory.c:440 >> + 0x7ffff2dafb00, size=2, access_size_min=1, access_size_max=4, >> access= >> + 0x5555557e4b0c<memory_region_write_accessor>, opaque=0x5555564a6068) >> + at /home/fidencio/src/qemu/memory.c:304 >> + #14 0x00005555557e5412 in memory_region_iorange_write >> (iorange=0x5555564a60b0, >> + offset=0, width=2, data=32) at /home/fidencio/src/qemu/memory.c:440 >> #15 0x00005555557d0ab6 in ioport_writew_thunk (opaque=0x5555564a60b0, >> addr= >> - 126, data=32) at /home/fidencio/src/qemu/ioport.c:218 >> + 126, data=32) at /home/fidencio/src/qemu/ioport.c:218 >> #16 0x00005555557d0411 in ioport_write (index=1, address=126, data=32) >> - at /home/fidencio/src/qemu/ioport.c:82 >> + at /home/fidencio/src/qemu/ioport.c:82 >> #17 0x00005555557d0f3d in cpu_outw (addr=126, val=32) >> - at /home/fidencio/src/qemu/ioport.c:281 >> - #18 0x00005555557d537c in kvm_handle_io (port=126, data=0x7ffff7ff4000, >> - direction=1, size=2, count=1) at >> /home/fidencio/src/qemu/kvm-all.c:1015 >> + at /home/fidencio/src/qemu/ioport.c:281 >> + #18 0x00005555557d537c in kvm_handle_io (port=126, data=0x7ffff7ff4000, >> + direction=1, size=2, count=1) at >> /home/fidencio/src/qemu/kvm-all.c:1015 >> #19 0x00005555557d594a in kvm_cpu_exec (env=0x555556492f20) >> + at /home/fidencio/src/qemu/kvm-all.c:1160 >> + #20 0x00005555557a5d69 in qemu_kvm_cpu_thread_fn (arg=0x555556492f20) >> + at /home/fidencio/src/qemu/cpus.c:733 >> + #21 0x00007ffff651dd90 in start_thread (arg=0x7ffff2db0700) >> + at pthread_create.c:309 >> + #22 0x00007ffff578148d in clone () >> + at ../sysdeps/unix/sysv/linux/x86_64/clone.S:115 >> > Best Regards, -- Fabiano Fidêncio
