Bug 856856

Summary: iasl SEGVs building seabios on ppc
Product: [Fedora] Fedora Reporter: David Gibson <redhat>
Component: iaslAssignee: Matthew Garrett <mjg59>
Status: CLOSED CURRENTRELEASE QA Contact: Fedora Extras Quality Assurance <extras-qa>
Severity: unspecified Docs Contact:
Priority: unspecified    
Version: 18CC: bbaude, mjg59, pknirsch, rjones
Target Milestone: ---   
Target Release: ---   
Hardware: ppc   
OS: Unspecified   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
: 865013 (view as bug list) Environment:
Last Closed: 2012-11-28 17:22:41 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On:    
Bug Blocks: 846990, 865013    

Description David Gibson 2012-09-13 00:51:46 UTC 
Description of problem:

Attempting to build the seabios package on a ppc host (to use in a qemu emulated x86 system) causes iasl to crash with a segmentation fault.

Version-Release number of selected component (if applicable):

Version     : 20100528
Release     : 4.fc17

How reproducible:

Steps to Reproduce:
1. Get the seabios source (for example that used in the F18 "seabios" package on a ppc host machine.
2. make
3. Build will fail with a SEGV on the command:
        iasl  -vs -l -tc -p out/ssdt-proc out/ssdt-proc.dsl.i
  
Actual results:

SEGV failed build.

Expected results:

Correct build - identical binary to that built on an x86 host (assuming a suitable cross compiler and tollchain is available, of course)

Additional info:

Chances are very high this is an endian bug.  Or lots of endian bugs.
Comment 1 Brent Baude 2012-09-25 18:46:17 UTC 
I can offer a ppc64 machine which people can use to look at this bug.  Circle back to me if that would be helpful.
Comment 2 Phil Knirsch 2012-10-10 11:19:57 UTC 
Have you've been able to reproduce this issue on our latest trees? And if so, whats the gdb stack trace?

Thanks & regards, Phil
Comment 3 Richard W.M. Jones 2012-10-10 14:02:49 UTC 
I can certainly reproduce the bug as reported:

$ make V=1
  Working around non-functional -combine
  Compiling IASL out/acpi-dsdt.hex
cpp -P src/acpi-dsdt.dsl > out/acpi-dsdt.dsl.i.orig
python ./tools/acpi_extract_preprocess.py out/acpi-dsdt.dsl.i.orig > out/acpi-dsdt.dsl.i
iasl  -vs -l -tc -p out/acpi-dsdt out/acpi-dsdt.dsl.i
make: *** [out/acpi-dsdt.hex] Segmentation fault
make: *** Deleting file `out/acpi-dsdt.hex'
Comment 4 Richard W.M. Jones 2012-10-10 14:07:15 UTC 
This bug occurs on F18.

The stack trace is:

#0  0x0000000010021960 in TrDoDefinitionBlock (Op=<optimized out>)
    at asltransform.c:431
431	            if (!ACPI_COMPARE_NAME (Next->Asl.Value.String, ACPI_SIG_DSDT))
Missing separate debuginfos, use: debuginfo-install glibc-2.16-17.fc18.ppc64
(gdb) bt
#0  0x0000000010021960 in TrDoDefinitionBlock (Op=<optimized out>)
    at asltransform.c:431
#1  TrTransformSubtree (Op=0xfff81890010) at asltransform.c:375
#2  TrAmlTransformWalk (Op=0xfff81890010, Level=0, Context=<optimized out>)
    at asltransform.c:343
#3  0x00000000100232f4 in TrWalkParseTree (
    Op=<error reading variable: value has been optimized out>, 
    Visitation=<optimized out>, 
    DescendingCallback=@0x100c2400: 0x10021500 <TrAmlTransformWalk>, 
    AscendingCallback=<error reading variable: value has been optimized out>, 
    Context=<error reading variable: value has been optimized out>)
    at asltree.c:1016
#4  0x000000001000f0b8 in CmDoCompile () at aslcompile.c:574
#5  0x0000000010021004 in AslDoOneFile (Filename=<optimized out>)
    at aslstartup.c:502
#6  0x0000000010021204 in AslDoOnePathname (Pathname=<optimized out>)
    at aslstartup.c:585
#7  0x0000000010002000 in main (argc=<optimized out>, argv=<optimized out>)
    at aslmain.c:966

(gdb) print *Next
$1 = {Common = {Parent = 0xfff81890010, DescriptorType = 0 '\000', 
    Flags = 0 '\000', AmlOpcode = 0, AmlOffset = 0, Next = 0xfff81890250, 
    Node = 0x0, Value = {Integer = 404707294, Size = 0, 
      String = 0x181f57de <Address 0x181f57de out of bounds>, 
      Buffer = 0x181f57de <Address 0x181f57de out of bounds>, 
      Name = 0x181f57de <Address 0x181f57de out of bounds>, Arg = 0x181f57de}, 
    ArgListLength = 0 '\000', DisasmFlags = 0 '\000', DisasmOpcode = 0 '\000', 
    AmlOpName = '\000' <repeats 15 times>}, Named = {Parent = 0xfff81890010, 
    DescriptorType = 0 '\000', Flags = 0 '\000', AmlOpcode = 0, AmlOffset = 0, 
    Next = 0xfff81890250, Node = 0x0, Value = {Integer = 404707294, Size = 0, 
      String = 0x181f57de <Address 0x181f57de out of bounds>, 
      Buffer = 0x181f57de <Address 0x181f57de out of bounds>, 
      Name = 0x181f57de <Address 0x181f57de out of bounds>, Arg = 0x181f57de}, 
    ArgListLength = 0 '\000', DisasmFlags = 0 '\000', DisasmOpcode = 0 '\000', 
    AmlOpName = '\000' <repeats 15 times>, Path = 0x0, Data = 0x0, 
    Length = 256, Name = 404684912}, Asl = {Parent = 0xfff81890010, 
    DescriptorType = 0 '\000', Flags = 0 '\000', AmlOpcode = 0, AmlOffset = 0, 
    Next = 0xfff81890250, Node = 0x0, Value = {Integer = 404707294, Size = 0, 
      String = 0x181f57de <Address 0x181f57de out of bounds>, 
      Buffer = 0x181f57de <Address 0x181f57de out of bounds>, 
      Name = 0x181f57de <Address 0x181f57de out of bounds>, Arg = 0x181f57de}, 
    ArgListLength = 0 '\000', DisasmFlags = 0 '\000', DisasmOpcode = 0 '\000', 
    AmlOpName = '\000' <repeats 15 times>, Child = 0x0, ParentMethod = 0x0, 
    Filename = 0x100181f0070 "out/acpi-dsdt.dsl.i", ExternalName = 0x0, 
    Namepath = 0x0, NameSeg = "\000\000\000", ExtraValue = 0, Column = 10, 
    LineNumber = 6, LogicalLineNumber = 6, LogicalByteOffset = 77, 
    EndLine = 0, EndLogicalLine = 0, AcpiBtype = 0, AmlLength = 0, 
    AmlSubtreeLength = 0, FinalAmlLength = 0, FinalAmlOffset = 0, 
    CompileFlags = 0, ParseOpcode = 485, AmlOpcodeLength = 0 '\000', 
    AmlPkgLenBytes = 0 '\000', Extra = 0 '\000', 
    ParseOpName = "STRING_LITERAL\000\000\000\000\000"}}

Note that Next->Asl.Value.String is:
      String = 0x181f57de <Address 0x181f57de out of bounds>,
Comment 5 Richard W.M. Jones 2012-10-10 14:11:23 UTC 
One thought.  Since the bad pointer looks like "0x181f57de"
and good pointers look like "0xfff81890250", my guess would
be this is some sort of pointer truncation, such as assigning
a pointer to an 'int'.
Comment 6 Richard W.M. Jones 2012-10-10 15:15:28 UTC 
I fixed the segfault, but there is a further endianness bug:

  Compiling IASL out/acpi-dsdt.hex
ASL Input:  out/acpi-dsdt.dsl.i - 629 lines, 22960 bytes, 344 keywords
AML Output: out/acpi-dsdt.aml - 4682 bytes, 163 named objects, 181 executable opcodes

Compilation complete. 0 Errors, 0 Warnings, 0 Remarks, 257 Optimizations
  Compiling IASL out/ssdt-proc.hex
ASL Input:  out/ssdt-proc.dsl.i - 36 lines, 765 bytes, 8 keywords
AML Output: out/ssdt-proc.aml - 120 bytes, 6 named objects, 2 executable opcodes

Compilation complete. 0 Errors, 0 Warnings, 0 Remarks, 0 Optimizations
Error: Name offset 0x24: expected 0x5B 0x83 actual 0x83 0x5b; input line 22: /* ACPI_EXTRACT_PROCESSOR_START ssdt_proc_start */
make: *** [out/ssdt-proc.hex] Error 1
Comment 7 Fedora Update System 2012-10-17 10:25:11 UTC 
iasl-20100528-6.fc18 has been submitted as an update for Fedora 18.
https://admin.fedoraproject.org/updates/iasl-20100528-6.fc18
Comment 8 Fedora Update System 2012-10-17 17:32:58 UTC 
Package iasl-20100528-6.fc18:
* should fix your issue,
* was pushed to the Fedora 18 testing repository,
* should be available at your local mirror within two days.
Update it with:
# su -c 'yum update --enablerepo=updates-testing iasl-20100528-6.fc18'
as soon as you are able to.
Please go to the following url:
https://admin.fedoraproject.org/updates/FEDORA-2012-16299/iasl-20100528-6.fc18
then log in and leave karma (feedback).
Comment 9 Phil Knirsch 2012-11-28 17:22:41 UTC 
Tested it and works for us now.

Thanks & regards, Phil