Bug 476595 - qemu-system-arm crashes in subpage_register ()
qemu-system-arm crashes in subpage_register ()
Status: CLOSED CURRENTRELEASE
Product: Fedora
Classification: Fedora
Component: qemu (Show other bugs)
19
All Linux
low Severity medium
: ---
: ---
Assigned To: Fedora Virtualization Maintainers
Fedora Extras Quality Assurance
: Reopened, Triaged
: 825566 (view as bug list)
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2008-12-15 19:31 EST by Tobias Mueller
Modified: 2013-07-11 14:58 EDT (History)
5 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2013-07-11 14:58:40 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:


Attachments (Terms of Use)

  None (edit)
Description Tobias Mueller 2008-12-15 19:31:29 EST
Description of problem:
I want to start a qemu emulating ARM with a debian image from http://people.debian.org/~aurel32/qemu/arm/

Version-Release number of selected component (if applicable):
Should be 0.9.1 IIRC

How reproducible:
Read http://people.debian.org/~aurel32/qemu/arm/README.txt, download the files and try to run it with
         -m 512 -monitor stdio -M versatilepb
         -kernel vmlinuz-2.6.18-6-versatile
         -initrd initrd.img-2.6.18-6-versatile
         -hda debian_etch_arm_small.qcow -append root=/dev/sda1


Steps to Reproduce:
1.
2.
3.
  
Actual results:
Crashes with SIGSEV

Expected results:
I expected QEmu to emulate fine or print at least a nice warning.

Additional info:
Please let me know if I can provide any information. This issue is pretty reproducible.

If I remove -m 512 from the flags, and do a, e.g. -m 256, it works perfecly. So the Issue seems to be the assigned memory.




The Stacktrace follows here:
(gdb) r -m 512 -monitor stdio -M versatilepb -kernel vmlinuz-2.6.18-6-versatile -initrd initrd.img-2.6.18-6-versatile -hda debian_etch_arm_small.qcow -append root=/dev/sda1
Starting program: /usr/bin/qemu-system-arm -m 512 -monitor stdio -M versatilepb -kernel vmlinuz-2.6.18-6-versatile -initrd initrd.img-2.6.18-6-versatile -hda debian_etch_arm_small.qcow -append root=/dev/sda1
[Thread debugging using libthread_db enabled]
[New Thread 0x7f889c91c6f0 (LWP 20961)]

Program received signal SIGSEGV, Segmentation fault.
subpage_register (mmio=0x485f0a0, start=<value optimized out>, 
    end=<value optimized out>, memory=16781312)
    at /usr/src/debug/qemu-0.9.1/exec.c:2420
2420	            if (io_mem_read[memory][i]) {
Missing separate debuginfos, use: debuginfo-install libX11.x86_64 libXau.x86_64 libXcursor.x86_64 libXdmcp.x86_64 libXext.x86_64 libXfixes.x86_64 libXrandr.x86_64 libXrender.x86_64 libgcrypt.x86_64 libgpg-error.x86_64 libtasn1.x86_64 libxcb.x86_64 nss-mdns.x86_64
(gdb) bt
#0  subpage_register (mmio=0x485f0a0, start=<value optimized out>, 
    end=<value optimized out>, memory=16781312)
    at /usr/src/debug/qemu-0.9.1/exec.c:2420
#1  0x00000000004980a3 in subpage_init (base=268500992, phys=0x461e100, 
    orig_memory=268500992) at /usr/src/debug/qemu-0.9.1/exec.c:2449
#2  0x0000000000498257 in cpu_register_physical_memory (start_addr=268500992, 
    size=<value optimized out>, phys_offset=192)
    at /usr/src/debug/qemu-0.9.1/exec.c:2057
#3  0x0000000000426452 in smc91c111_init (nd=0x777820, base=0, irq=0x4390ce8)
    at /usr/src/debug/qemu-0.9.1/hw/smc91c111.c:705
#4  0x0000000000424957 in versatile_init (ram_size=<value optimized out>, 
    vga_ram_size=<value optimized out>, boot_device=<value optimized out>, 
    ds=0x76b4e0, kernel_filename=0x7fffa494247f "vmlinuz-2.6.18-6-versatile", 
    kernel_cmdline=0x7fffa49424e8 "root=/dev/sda1", 
    initrd_filename=0x7fffa49424a2 "initrd.img-2.6.18-6-versatile", 
    cpu_model=<value optimized out>, board_id=387)
    at /usr/src/debug/qemu-0.9.1/hw/versatilepb.c:202
#5  0x0000000000424be4 in vpb_init (ram_size=0, vga_ram_size=16781312, 
    boot_device=0x4004000 <Address 0x4004000 out of bounds>, ds=0x0, 
    kernel_filename=0x48670a8 "", 
    kernel_cmdline=0x20b206c0 <Address 0x20b206c0 out of bounds>, 
    initrd_filename=0x0, cpu_model=0x0)
    at /usr/src/debug/qemu-0.9.1/hw/versatilepb.c:295
---Type <return> to continue, or q <return> to quit---
#6  0x000000000040f947 in main (argc=15, argv=0x777820)
    at /usr/src/debug/qemu-0.9.1/vl.c:8966
(gdb) 
(gdb) r -m 512 -monitor stdio -M versatilepb -kernel vmlinuz-2.6.18-6-versatile -initrd initrd.img-2.6.18-6-versatile -hda debian_etch_arm_small.qcow -append root=/dev/sda1
The program being debugged has been started already.
Start it from the beginning? (y or n) y

Starting program: /usr/bin/qemu-system-arm -m 512 -monitor stdio -M versatilepb -kernel vmlinuz-2.6.18-6-versatile -initrd initrd.img-2.6.18-6-versatile -hda debian_etch_arm_small.qcow -append root=/dev/sda1
[Thread debugging using libthread_db enabled]
[New Thread 0x7f1db75546f0 (LWP 20970)]

Program received signal SIGSEGV, Segmentation fault.
subpage_register (mmio=0x33440a0, start=<value optimized out>, 
    end=<value optimized out>, memory=16781312)
    at /usr/src/debug/qemu-0.9.1/exec.c:2420
2420	            if (io_mem_read[memory][i]) {
(gdb) t a a bt full

Thread 1 (Thread 0x7f1db75546f0 (LWP 20970)):
#0  subpage_register (mmio=0x33440a0, start=<value optimized out>, 
    end=<value optimized out>, memory=16781312)
    at /usr/src/debug/qemu-0.9.1/exec.c:2420
	idx = 0
	eidx = 1023
	i = 0
#1  0x00000000004980a3 in subpage_init (base=268500992, phys=0x3103100, 
    orig_memory=268500992) at /usr/src/debug/qemu-0.9.1/exec.c:2449
	mmio = (subpage_t *) 0x33440a0
	subpage_memory = 0
#2  0x0000000000498257 in cpu_register_physical_memory (start_addr=268500992, 
    size=<value optimized out>, phys_offset=192)
    at /usr/src/debug/qemu-0.9.1/exec.c:2057
	start_addr2 = 0
	end_addr2 = 15
	need_subpage = <value optimized out>
	addr = 268500992
	end_addr = 268502016
	p = (PhysPageDesc *) 0x0
	env = <value optimized out>
	orig_size = <value optimized out>
---Type <return> to continue, or q <return> to quit---
	subpage = <value optimized out>
#3  0x0000000000426452 in smc91c111_init (nd=0x777820, base=0, irq=0x2f02268)
    at /usr/src/debug/qemu-0.9.1/hw/smc91c111.c:705
	s = (smc91c111_state *) 0x3342010
	iomemtype = 67125248
#4  0x0000000000424957 in versatile_init (ram_size=<value optimized out>, 
    vga_ram_size=<value optimized out>, boot_device=<value optimized out>, 
    ds=0x76b4e0, kernel_filename=0x7fffbf57b47f "vmlinuz-2.6.18-6-versatile", 
    kernel_cmdline=0x7fffbf57b4e8 "root=/dev/sda1", 
    initrd_filename=0x7fffbf57b4a2 "initrd.img-2.6.18-6-versatile", 
    cpu_model=<value optimized out>, board_id=387)
    at /usr/src/debug/qemu-0.9.1/hw/versatilepb.c:202
	env = (CPUARMState *) 0x2e6a000
	pic = (qemu_irq *) 0x2df93a0
	sic = <value optimized out>
	scsi_hba = <value optimized out>
	pci_bus = (PCIBus *) 0x2f04010
	nd = (NICInfo *) 0x334c0a8
	n = 1
	index = <value optimized out>
#5  0x0000000000424be4 in vpb_init (ram_size=0, vga_ram_size=16781312, 
    boot_device=0x4004000 <Address 0x4004000 out of bounds>, ds=0x0, 
    kernel_filename=0x334c0a8 "", 
---Type <return> to continue, or q <return> to quit---
    kernel_cmdline=0x20b206c0 <Address 0x20b206c0 out of bounds>, 
    initrd_filename=0x0, cpu_model=0x0)
    at /usr/src/debug/qemu-0.9.1/hw/versatilepb.c:295
No locals.
#6  0x000000000040f947 in main (argc=15, argv=0x777820)
    at /usr/src/debug/qemu-0.9.1/vl.c:8966
	use_gdbstub = 0
	gdbstub_port = 0x4e706d "1234"
	boot_devices_bitmap = 0
	i = 3
	snapshot = 0
	linux_boot = <value optimized out>
	initrd_filename = 0x7fffbf57b4a2 "initrd.img-2.6.18-6-versatile"
	kernel_filename = 0x7fffbf57b47f "vmlinuz-2.6.18-6-versatile"
	kernel_cmdline = 0x7fffbf57b4e8 "root=/dev/sda1"
	boot_devices = 0x4e7371 "cad"
	ds = (DisplayState *) 0x0
	cyls = 0
	heads = 0
	secs = 0
	translation = 0
	net_clients = {"nic", '\0' <repeats 252 times>, 
  "user", '\0' <repeats 251 times>, '\0' <repeats 255 times>, 
---Type <return> to continue, or q <return> to quit---
  '\0' <repeats 255 times>, '\0' <repeats 255 times>, 
  '\0' <repeats 255 times>, '\0' <repeats 255 times>, 
  '\0' <repeats 255 times>, 
  '\0' <repeats 120 times>, "\205�\200M5", '\0' <repeats 12 times>, "pU�\035\177\000\000I\005@d5\000\000\000�\202\200M5", '\0' <repeats 67 times>, "\001", '\0' <repeats 30 times>, 
  '\0' <repeats 88 times>, "\205�\200M5", '\0' <repeats 12 times>, "pU�\035\177\000\000\\/\000e5\000\000\000�\202\200M5", '\0' <repeats 67 times>, "\001", '\0' <repeats 62 times>, 
  '\0' <repeats 72 times>, "\205�\200M5", '\0' <repeats 12 times>, "pU�\035\177\000\000\a\f\200e5\000\000\000�\202\200M5", '\0' <repeats 67 times>, "\001", '\0' <repeats 78 times>, 
  '\0' <repeats 56 times>, "\205�\200M5", '\0' <repeats 11 times>, "�ԡM5\000\000\000i\b@N5\000\000\000�\202\200M5", '\0' <repeats 67 times>, "\001", '\0' <repeats 94 times>, 
  '\0' <repeats 72 times>, "\205�\200M5", '\0' <repeats 11 times>, "�ԡM5\000\000\000_U�M5\000\000\000\200�W��\177\000\000��W��\177\000\000\030\000\000\000\000\000\000\000(*`d5", '\0' <repeats 11 times>, "�dU�\035\177\000\000\215�\200M5", '\0' <repeats 27 times>, "\026�\200M5\000\000\000\200�W��\177\000\000P�\200M5\000\000\000��W��\177\000\000��W��\177\000\000��W��\177\000\000�ڡM5", '\0' <repeats 18 times>, 
  "\000\000\000\000\000\000\000\000I\005@d5\000\000\000\000\000�G�~��\030\000\000\000\000\000\000\000(*`d5", '\0' <repeats 11 times>, "�dU�\035\177\000\000\000\---Type <return> to continue, or q <return> to quit---
000�#�~��\000\000��\001\233j\000\200�W��\177\000\000��W��\177\000\000\000\000\000\000\000\000\000\0000;&e5\000\000\000\001\000\000\000\000\000\000\000\000`U�\035\177\000\000\215�\200M5", '\0' <repeats 27 times>, "\026�\200M5\000\000\000\200�W��\177\000\000P�\200M5\000\000\000��W��\177\000\000Bh\201M5\000\000\000��W��\177\000\000\f\000\000\000\000\000\000\000��W��\177\000\000\000p"..., 
  "0;&e5\000\000\000\001\000\000\000\000\000\000\000\000`U�\035\177\000\000\000\000`%�~��\000\000��\001\233j", '\0' <repeats 17 times>, "\200�W��\177\000\000��W��\177\000\000\030\000\000\000\000\000\000\000\030��e5", '\0' <repeats 11 times>, "0zU�\035\177\000\000\215�\200M5", '\0' <repeats 27 times>, "\026�\200M5\000\000\000\200�W��\177\000\000P�\200M5\000\000\000��W��\177\000\000��W��\177\000\000��W��\177\000\000\000\000\000\000\000\000\000\000��W��\177\000\000��\200M5\000\000\000�dU�\035\177\000\000\000pU�\035\177\000\000\000"..., 
  "0zU�\035\177\000\000\000\000@'�~��\000\000��\001\233j", '\0' <repeats 17 times>, "\200�W��\177\000\000��W��\177\000\000\000\000\000\000\000\000\000\000�-`N5\000\000\000\001\000\000\000\000\000\000\000\buU�\035\177\000\000\215�\200M5", '\0' <repeats 11 times>, "�)@d5", '\0' <repeats 11 times>, "\026�\200M5\000\000\000\200�W��\177\000\000P�\200M5\000\000\000��W��\177\000\000��W��\177\000\000��W��\177\000\000\000\000\000\000\000\000\000\000��W��\177\000\000��\200M5\000\000\000\000pU�\035\177", '\0' <repeats 12 times>, "�"..., 
  "\000\000��\001\233j\000�\224U�\035\177\000\000�\226W��\177\000\000\000\000\000\000\000\000\000\000P\227W��\177\000\000\001\000\000\000\000\000\000\000\001\000\000\000\000\000\000\000\200�W��\177\000\000��W��\177\000\000\020\000\000\000\000\000\000\000@[�M5", '\0' <repeats 12 times>, "pU�\035\177\000\000\215�\200M5",---Type <return> to continue, or q <return> to quit---
 '\0' <repeats 27 times>, "\026�\200M5\000\000\000\200�W��\177\000\000\000\000\000\000\000\000\000\000��W��\177\000\000��\200M5\000\000\000\000pU�\035\177\000\000�ԡM5", '\0' <repeats 19 times>, "@ܡM5\000\000\000_U�M5\000\000\000\000\000�G"..., 
  "\000pU�\035\177\000\000\000\000@+�~��\000\000��\001\233j\000|�\002�\000\000\000\000\001\000\000\000\000\000\000\000�\201", '\0' <repeats 22 times>, "�<\000\000\000\000\000\000\200�W��\177\000\000��W��\177\000\000 \000\000\000\000\000\000\000\020\036 [5", '\0' <repeats 11 times>, "p\211U�\035\177\000\000\215�\200M5", '\0' <repeats 11 times>, "\205�\200M5", '\0' <repeats 11 times>, "\026�\200M5\000\000\000\200�W��\177\000\000\000\000\000\000\000\000\000\000��W��\177\000\000��\200M5\000\000\000�ԡM5", '\0' <repeats 11 times>, "���\027>", '\0' <repeats 15 times>..., 
  "\020\036 [5", '\0' <repeats 11 times>, "p\211U�\035\177\000\000\000\000`-�~��\000\000��\001\233j\000\022\000\000\000\000\000\000\000\000�W�\035\177\000\000\200�W��\177\000\000��W��\177\000\000\000\000\000\000\000\000\000\000�} O5\000\000\000\002\000\000\000\000\000\000\000�\204U�\035\177\000\000\215�\200M5", '\0' <repeats 15 times>, "@\0008\000\000\000\000\000\000\000\000\000\026�\200M5\000\000\000\200�W��\177\000\000P�\200M5\000\000\000��W��\177\000\000��W��\177\000\000��W��\177\000\000\000\000\000\000\000\000\000\000��W��\177\000\000��\200M5\000"..., 
  "�\204U�\035\177\000\000\000\000@/�~��\000\000��\001\233j\000\220\001\000\000\000\000\000\000\220\001\000\000\000\000\000\000\b\000\000\000\000\000\000\000\004\000\000\000\004\000\000\000\220\001\000\000\000\000\000\000\220\001@d5\000\000\---Type <return> to continue, or q <return> to quit---
000\220\001@d5\000\000\000$\000\000\000\000\000\000\000$\000\000\000\000\000\000\000\004\000\000\000\000\000\000\000P�td\004\000\000\000�(\000\000\000\000\000\000\200�W��\177\000\000��W��\177\000\000\000\000\000\000\000\000\000\000�]�N5\000\000\000\001\000\000\000\000\000\000\000\000\200U�\035\177\000\000\000\000\000\000\000\000\000\000\220jU�\035\177\000\000��\200M5\000\000\000\000pU�\035\177\000\000"..., 
  "\003\000\000\000\f", '\0' <repeats 11 times>, "� @h\"\000\022\t�<\200N5\000\000\000\000\000�G�~��\000\000\000\000\000\000\000\000�]�N5\000\000\000\001\000\000\000\000\000\000\000\000\200U�\035\177\000\000\000\000�1�~��\000\000��\001\233j\000\001\232_�", '\0' <repeats 32 times>, "\003\000\t\0000\a@d5\000\000\000\200�W��\177\000\000��W��\177\000\000\000\000\000\000\000\000\000\000��Ƶ2\000\000\000\003\000\000\000\000\000\000\000\210\231U�\035\177\000\000\000\000\000\000\000\000\000\000��W��\177\000\000��\200M5\000\000\000\001\000\000\000\000\000\000\000�ԡM5", '\0' <repeats 19 times>..., 
  "\000pU�\035\177\000\000�ԡM5", '\0' <repeats 19 times>, "�\000\000\000\022\000\000\000z9��2\000\000\000\000\000�G�~��\000\000\000\000\000\000\000\000��Ƶ2\000\000\000\003\000\000\000\000\000\000\000\210\231U�\035\177\000\000\000\000�3�~��\000\000��\001\233j\000c\000\000\000\022", '\0' <repeats 11 times>, "\200�W��\177\000\000��W��\177\000\000\000\000\000\000\000\000\000\000�7�\027>\000\000\000\004\000\000\000\000\000\000\000�\224U�\035\177\000\000\215�\200M5", '\0' <repeats 27 times>, "\026�\200M5\000\000\000\200�W��\177\000\000P�\200M5\000\000\000��W"..., 
  "\bjU�\035\177\000\000��\200M5\000\000\000X�W�\035\177\000\000\buU�\035\177\00---Type <return> to continue, or q <return> to quit---
0\000\000\200U�\035\177\000\000\000pU�\035\177\000\000\000\000\000\000\000\000\000\000\004\000\000\000\000\000\000\000�\224U�\035\177\000\000\000\000�5�~��\000\000��\001\233j\000\000\000\000\000\000\000\000\000\2307�\027>\000\000\000\003\000\000\000\000\000\000\000�\224U�\035\177\000\000\000\000 6�~��\000\000��\001\233j\000\000\000\000\000\000\000\000\000\2107�\027>\000\000\000\002\000\000\000\000\000\000\000�\224U�\035\177\000\000\000\000\2006�~��\000\000��\001\233j\0000\000\000\000\000\000\000\000h7�\027>", '\0' <repeats 11 times>..., 
  "\001\000\000\000��M\017�dU�\035\177\000\000�\231W��\177\000\000\000\000\000\000\000\000\000\000���\027>\000\000\000��\200M5\000\000\000\001\000\000\0005\000\000\000\000`U�\035\177\000\000\020\234W��\177\000\000\000\000\000\000\000\000\000\000俠\027>\000\000\000��\200M5\000\000\000\001\000\000\000\000\000\000\0000zU�\035\177\000\000@\234W��\177\000\000\000\000\000\000\000\000\000\000̿�\027>\000\000\000��\200M5\000\000\0000zU�\035\177\000\000\020�W�\035\177\000\000\000`U�\035\177\000\000�dU�\035\177\000\000\000pU�\035\177", '\0' <repeats 12 times>, "�G�~��\000\000"..., 
  "���^5\000\000\000\001\000\000\000\000\000\000\000\000\220U�\035\177\000\000\000\000`9�~��\000\000��\001\233j\000@[�M5\000\000\000@[�M5\000\000\000�\001\000\000\000\000\000\000�\001\000\000\000\000\000\000\b\000\000\000\000\000\000\000\004\000\000\000\004\000\000\000\200�W��\177\000\000��W��\177\000\000\020\000\000\000\000\000\000\000\230F�N5", '\0' <repeats 11 times>, "\020�W�\035\177\000\000\000\000\000\000\000\000\000\000�yU�\035\177\000\000��\200M5\000\000\000\001\000\000\000\000\000\000\000\buU�\035\177\000\000p\234W��\177\000\000\000\000\000\000\000\000\000\0007x�^5\000\000\000�"..., 
---Type <return> to continue, or q <return> to quit---
  "\000\000�G�~��\020\000\000\000\000\000\000\000\230F�N5", '\0' <repeats 11 times>, "\020�W�\035\177\000\000\000\000\200;�~��\000\000��\001\233j\000\200�W��\177\000\000��W��\177\000\000\000\000\000\000\000\000\000\000�=(N5", '\0' <repeats 11 times>, "X�W�\035\177\000\000\215�\200M5", '\0' <repeats 11 times>, "UD\031>�g+�\000\000\000\000\000\000\000\000\026�\200M5\000\000\000\200�W��\177\000\000P�\200M5\000\000\000��W��\177\000\000��W��\177\000\000��W��\177\000\000�ڡM5\000\000\000\0000\020D� \002\001\000\000\000"..., 
  "X�W�\035\177\000\000\000\000@=�~��\000\000��\001\233j\000\200�DB(\000\006\200\020\030B\000 @\200\000\tP\000Q\212@\020\000\000\000\000\b\000\000\021\020 �W��\177\000\000\020\216U�\035\177\000\000\214\001\000\000\000\000\000\000�\000\000\000\022\000\000\000\200�W��\177\000\000��W��\177\000\000\000\000\000\000\000\000\000\000�hu", '\0' <repeats 14 times>, "�W�\035\177\000\000\215�\200M5", '\0' <repeats 35 times>, "��W��\177\000\000��\200M5\000\000\000\000pU�\035\177\000\000\000\000\000\000\000\000\000\000��W��\177\000\000�ڡM5\000\000\000\200�W��"..., 
  "\000\000�G�~��\000\000\000\000\000\000\000\000�hu", '\0' <repeats 14 times>, "�W�\035\177\000\000\000\000\200?�~��\000\000��\001\233j\000\000\000\000\000\000\000\000\000\220hu", '\0' <repeats 14 times>, "�W�\035\177\000\000\000\000�?�~��\000\000��\001\233j\000\000\000\000\000\000\000\000\000\200hu", '\0' <repeats 14 times>, "�W�\035\177\000\000\000\000@@�~��\000\000��\001\233j\000\000\000\000\000\000\000\000\000phu", '\0' <repeats 13 times>, "\001\000\000\000\035\177\000\000\000pU�\035\177\000\000�\235W��\177\000\000\000\000\000\000\000\000\000\000\n��\002\000\000\000"..., 
  "���\002\000\000\000\000��\200M5\000\000\000\001\000\000\000\035\177\000\000�\---Type <return> to continue, or q <return> to quit---
204U�\035\177\000\000��W��\177\000\000\000\000\000\000\000\000\000\000`��\002\000\000\000\000��\200M5\000\000\000\001\000\000\000\035\177\000\000\000\200U�\035\177\000\000 �W��\177\000\000\000\000\000\000\000\000\000\000ν�\002\000\000\000\000��\200M5\000\000\000\001\000\000\000\035\177\000\000\210\231U�\035\177\000\000P�W��\177\000\000\000\000\000\000\000\000\000\000���\002\000\000\000\000��\200M5\000\000\000\001\000\000\000\035\177\000\000�\224U�\035\177\000\000\200�W��\177\000\000\000\000\000\000\000\000\000\000\226��\002\000\000\000\000"..., 
  "\001\000\000\000\000\000\000\000\020�W�\035\177\000\000��W��\177\000\000\000\000\000\000\000\000\000\000f��\002\000\000\000\000��\200M5\000\000\000\001\000\000\000\000\000\000\000X�W�\035\177\000\000\020�W��\177\000\000\000\000\000\000\000\000\000\0009��\002\000\000\000\000��\200M5\000\000\000\001\000\000\000\000\000\000\000\000�W�\035\177\000\000@�W��\177\000\000�\005@d5\000\000\000\000pU�\035\177\000\000\000\000\000\000\000\000\000\000I\005@d5\000\000\000\006\000\000\000\000\000\000\000p�W��\177\000\000\206�\200M5\000\000\000\000\000\000\000�\177\000\000��W��\177\000\000��W�\000\000\000\000"..., 
  "\177U�q\000\000\000\000�\225\200M5\000\000\000\000\000\000\000\017\000\000\000?\000\000\000\000\000\000\000Uu�\001\000\000\000\000P�W��\177\000\000��W��\177\000\000X�_��\177\000\000\000\000\000\000\000\000\000\000\200�W��\177\000\000\200�W�\035\177\000\000[Z�M5\000\000\0000�_��\177\000\000P�W��\177\000\000\000\000\000\000\000\000\000\000\002\000\000\000\000\000\000\000�%\200M5\000\000\000pz�M5\000\000\0000�W��\177\000\000\177U�q\000\000\000\000��W��\177\000\000\000\000\000\000\000\000\000\000��W��\177\000\000�\230\200M5", '\0' <repeats 11 times>, "\200"..., 
---Type <return> to continue, or q <return> to quit---
  "\000z�M5", '\0' <repeats 11 times>, "`z�M5\000\000\000���M5\000\000\0000\000\000\000\000\000\000\000=��M5\000\000\000��W��\177\000\000pz�M5\000\000\000\220\001�M5\000\000\000\000\020\002\000\000\000\000\000P\000\000\000\000\000\000\000��W��\177\000\000ФW��\177\000\000��W��\177\000\000%\000\000\000\000\000\000\000\004\225�M\003\000\000\000H", '\0' <repeats 15 times>, "�\017\000\000\000\000\000\000\000��\002\000\000\000\000\000С\000\003\000\000\000\000�������\020\216U�\035\177\000\000\000\000�M5", '\0' <repeats 27 times>, "PjN", '\0' <repeats 13 times>...}
	nb_net_clients = 2
	hda_index = 0
	optind = 0
	r = <value optimized out>
	optarg = <value optimized out>
	monitor_hd = <value optimized out>
	monitor_device = "stdio", '\0' <repeats 122 times>
	serial_devices = {"vc", '\0' <repeats 125 times>, 
  '\0' <repeats 127 times>, '\0' <repeats 127 times>, '\0' <repeats 127 times>}
	serial_device_index = 0
	parallel_devices = {"vc", '\0' <repeats 125 times>, 
  '\0' <repeats 127 times>, '\0' <repeats 127 times>}
	parallel_device_index = 0
	loadvm = 0x0
	machine = (QEMUMachine *) 0x7584e0
---Type <return> to continue, or q <return> to quit---
	cpu_model = 0x0
	usb_devices = {'\0' <repeats 127 times>, '\0' <repeats 127 times>, 
  '\0' <repeats 127 times>, '\0' <repeats 127 times>, 
  '\0' <repeats 127 times>, '\0' <repeats 127 times>, 
  '\0' <repeats 127 times>, '\0' <repeats 127 times>}
	usb_devices_index = 0
	fds = <value optimized out>
	pid_file = 0x0
	vlan = <value optimized out>
(gdb) 
(gdb)
Comment 1 Jeffrey Moyer 2009-06-09 14:03:07 EDT
I've run into the same problem, which is preventing me from running the libaio test harness on arm.
Comment 2 Bug Zapper 2009-06-09 23:25:56 EDT
This message is a reminder that Fedora 9 is nearing its end of life.
Approximately 30 (thirty) days from now Fedora will stop maintaining
and issuing updates for Fedora 9.  It is Fedora's policy to close all
bug reports from releases that are no longer maintained.  At that time
this bug will be closed as WONTFIX if it remains open with a Fedora 
'version' of '9'.

Package Maintainer: If you wish for this bug to remain open because you
plan to fix it in a currently maintained version, simply change the 'version' 
to a later Fedora version prior to Fedora 9's end of life.

Bug Reporter: Thank you for reporting this issue and we are sorry that 
we may not be able to fix it before Fedora 9 is end of life.  If you 
would still like to see this bug fixed and are able to reproduce it 
against a later version of Fedora please change the 'version' of this 
bug to the applicable version.  If you are unable to change the version, 
please add a comment here and someone will do it for you.

Although we aim to fix as many bugs as possible during every release's 
lifetime, sometimes those efforts are overtaken by events.  Often a 
more recent Fedora release includes newer upstream software that fixes 
bugs or makes them obsolete.

The process we are following is described here: 
http://fedoraproject.org/wiki/BugZappers/HouseKeeping
Comment 3 Bug Zapper 2009-07-14 11:18:51 EDT
Fedora 9 changed to end-of-life (EOL) status on 2009-07-10. Fedora 9 is 
no longer maintained, which means that it will not receive any further 
security or bug fix updates. As a result we are closing this bug.

If you can reproduce this bug against a currently maintained version of 
Fedora please feel free to reopen this bug against that version.

Thank you for reporting this bug and we are sorry it could not be fixed.
Comment 4 Tobias Mueller 2009-08-09 18:42:46 EDT
yep, still an issue:

$ sh -x arm.sh -m 512
+ QEMU=qemu-system-arm
+ qemu-system-arm -S -M versatilepb -kernel vmlinuz-2.6.18-6-versatile -initrd initrd.img-2.6.18-6-versatile -hda arm.img -append root=/dev/sda1 -m 256 -monitor stdio -m 512
arm.sh: line 12:  9946 Segmentation fault      $QEMU -S -M versatilepb -kernel vmlinuz-2.6.18-6-versatile -initrd initrd.img-2.6.18-6-versatile -hda arm.img -append "root=/dev/sda1" -m 256 -monitor stdio $@
$ yum info qemu
Loaded plugins: priorities, refresh-packagekit
158 packages excluded due to repository priority protections
Installed Packages
Name       : qemu
Arch       : x86_64
Version    : 0.9.1
Release    : 12.fc10
Size       : 47 M
Repo       : installed
Summary    : QEMU is a FAST! processor emulator
URL        : http://www.qemu.org/
License    : GPLv2+ and LGPLv2+
Description: QEMU is a generic and open source processor emulator which achieves
           : a good emulation speed by using dynamic translation. QEMU has two
           : operating modes:
           : 
           :  * Full system emulation. In this mode, QEMU emulates a full system
           :    (for example a PC), including a processor and various
           :    peripherials. It can be used to launch different Operating
           :    Systems without rebooting the PC or to debug system code.
           :  * User mode emulation. In this mode, QEMU can launch Linux
           :    processes compiled for one CPU on another CPU.
           : 
           : As QEMU requires no host kernel patches to run, it is safe and easy
           : to use.
Comment 5 Tobias Mueller 2009-08-09 18:43:43 EDT
How do I reopen this bug?!
Comment 6 Bug Zapper 2009-11-18 05:28:59 EST
This message is a reminder that Fedora 10 is nearing its end of life.
Approximately 30 (thirty) days from now Fedora will stop maintaining
and issuing updates for Fedora 10.  It is Fedora's policy to close all
bug reports from releases that are no longer maintained.  At that time
this bug will be closed as WONTFIX if it remains open with a Fedora 
'version' of '10'.

Package Maintainer: If you wish for this bug to remain open because you
plan to fix it in a currently maintained version, simply change the 'version' 
to a later Fedora version prior to Fedora 10's end of life.

Bug Reporter: Thank you for reporting this issue and we are sorry that 
we may not be able to fix it before Fedora 10 is end of life.  If you 
would still like to see this bug fixed and are able to reproduce it 
against a later version of Fedora please change the 'version' of this 
bug to the applicable version.  If you are unable to change the version, 
please add a comment here and someone will do it for you.

Although we aim to fix as many bugs as possible during every release's 
lifetime, sometimes those efforts are overtaken by events.  Often a 
more recent Fedora release includes newer upstream software that fixes 
bugs or makes them obsolete.

The process we are following is described here: 
http://fedoraproject.org/wiki/BugZappers/HouseKeeping
Comment 7 Bug Zapper 2009-12-18 02:18:17 EST
Fedora 10 changed to end-of-life (EOL) status on 2009-12-17. Fedora 10 is 
no longer maintained, which means that it will not receive any further 
security or bug fix updates. As a result we are closing this bug.

If you can reproduce this bug against a currently maintained version of 
Fedora please feel free to reopen this bug against that version.

Thank you for reporting this bug and we are sorry it could not be fixed.
Comment 8 Tobias Mueller 2009-12-22 19:12:45 EST
Still crashes. Thus reopening.
Comment 9 Fedora Admin XMLRPC Client 2010-03-09 12:19:06 EST
This package has changed ownership in the Fedora Package Database.  Reassigning to the new owner of this component.
Comment 10 Bug Zapper 2010-11-04 07:37:03 EDT
This message is a reminder that Fedora 12 is nearing its end of life.
Approximately 30 (thirty) days from now Fedora will stop maintaining
and issuing updates for Fedora 12.  It is Fedora's policy to close all
bug reports from releases that are no longer maintained.  At that time
this bug will be closed as WONTFIX if it remains open with a Fedora 
'version' of '12'.

Package Maintainer: If you wish for this bug to remain open because you
plan to fix it in a currently maintained version, simply change the 'version' 
to a later Fedora version prior to Fedora 12's end of life.

Bug Reporter: Thank you for reporting this issue and we are sorry that 
we may not be able to fix it before Fedora 12 is end of life.  If you 
would still like to see this bug fixed and are able to reproduce it 
against a later version of Fedora please change the 'version' of this 
bug to the applicable version.  If you are unable to change the version, 
please add a comment here and someone will do it for you.

Although we aim to fix as many bugs as possible during every release's 
lifetime, sometimes those efforts are overtaken by events.  Often a 
more recent Fedora release includes newer upstream software that fixes 
bugs or makes them obsolete.

The process we are following is described here: 
http://fedoraproject.org/wiki/BugZappers/HouseKeeping
Comment 11 Tobias Mueller 2010-11-04 20:16:36 EDT
FWIW:

$ wget http://people.debian.org/~aurel32/qemu/arm/vmlinuz-2.6.26-2-versatile
 $ qemu-system-arm -m 512 -kernel vmlinuz-2.6.26-2-versatile 
qemu: hardware error: integratorcm_read: Unimplemented offset 0x101f1018

CPU #0:
R00=000133ed R01=101f1000 R02=00000055 R03=ffffffff
R04=00008000 R05=00199430 R06=41069265 R07=00000113
R08=00000100 R09=00000000 R10=0017ff8c R11=00189418
R12=0018941c R13=0018940c R14=00013060 R15=00010afc
PSR=200001d3 --C- A svc32
Aborted (core dumped)

So still crashes. Hence reopening. But I don't know whether it's NOTABUG because >256MB is simply not possible or so...
Comment 12 Justin M. Forbes 2010-11-23 10:23:20 EST
Which version of qemu is this latest testing with?
Comment 13 Cole Robinson 2012-05-21 07:39:50 EDT
Tobias, sorry for the endless reopenings, but f14 is unsupported now. If you are still affected by this bug with newer qemu versions (fedora 16 or 17), please reopen and we can report it upstream.
Comment 14 Tobias Mueller 2012-05-27 17:14:14 EDT
This is still an issue with F16.

$ qemu-system-arm -m 512 -monitor stdio -M versatilepb  -kernel vmlinuz-2.6.26-2-versatile -initrd initrd.img-2.6.26-2-versatile  -hda debian_lenny_arm_standard.qcow2 -append root=/dev/sda1
QEMU 0.15.1 monitor - type 'help' for more information
(qemu) qemu: hardware error: pl011_read: Bad offset 101f1018

CPU #0:
R00=000133c1 R01=101f1000 R02=00000055 R03=ffffffff
R04=00008000 R05=00199674 R06=41069265 R07=00000183
R08=00000100 R09=00000000 R10=001801d0 R11=0018965c
R12=00189660 R13=00189650 R14=00013034 R15=00010afc
PSR=200001d3 --C- A svc32
Aborted (core dumped)
$

abrt filed bug 825566
Comment 15 Paolo Bonzini 2012-05-31 11:23:58 EDT
*** Bug 825566 has been marked as a duplicate of this bug. ***
Comment 16 Fedora End Of Life 2013-01-16 17:17:00 EST
This message is a reminder that Fedora 16 is nearing its end of life.
Approximately 4 (four) weeks from now Fedora will stop maintaining
and issuing updates for Fedora 16. It is Fedora's policy to close all
bug reports from releases that are no longer maintained. At that time
this bug will be closed as WONTFIX if it remains open with a Fedora 
'version' of '16'.

Package Maintainer: If you wish for this bug to remain open because you
plan to fix it in a currently maintained version, simply change the 'version' 
to a later Fedora version prior to Fedora 16's end of life.

Bug Reporter: Thank you for reporting this issue and we are sorry that 
we may not be able to fix it before Fedora 16 is end of life. If you 
would still like to see this bug fixed and are able to reproduce it 
against a later version of Fedora, you are encouraged to click on 
"Clone This Bug" and open it against that version of Fedora.

Although we aim to fix as many bugs as possible during every release's 
lifetime, sometimes those efforts are overtaken by events. Often a 
more recent Fedora release includes newer upstream software that fixes 
bugs or makes them obsolete.

The process we are following is described here: 
http://fedoraproject.org/wiki/BugZappers/HouseKeeping
Comment 17 Tobias Mueller 2013-01-19 14:47:09 EST
Still an issue

wget http://people.debian.org/~aurel32/qemu/arm/debian_lenny_arm_standard.qcow2
wget http://people.debian.org/~aurel32/qemu/arm/vmlinuz-2.6.26-2-versatile
wget http://people.debian.org/~aurel32/qemu/arm/initrd.img-2.6.26-2-versatile

qemu-system-arm -m 512 -monitor stdio -M versatilepb  -kernel vmlinuz-2.6.26-2-versatile -initrd initrd.img-2.6.26-2-versatile  -hda debian_lenny_arm_standard.qcow2 -append root=/dev/sda1

crash
Comment 18 Fedora End Of Life 2013-07-04 01:34:31 EDT
This message is a reminder that Fedora 17 is nearing its end of life.
Approximately 4 (four) weeks from now Fedora will stop maintaining
and issuing updates for Fedora 17. It is Fedora's policy to close all
bug reports from releases that are no longer maintained. At that time
this bug will be closed as WONTFIX if it remains open with a Fedora 
'version' of '17'.

Package Maintainer: If you wish for this bug to remain open because you
plan to fix it in a currently maintained version, simply change the 'version' 
to a later Fedora version prior to Fedora 17's end of life.

Bug Reporter:  Thank you for reporting this issue and we are sorry that 
we may not be able to fix it before Fedora 17 is end of life. If you 
would still like  to see this bug fixed and are able to reproduce it 
against a later version  of Fedora, you are encouraged  change the 
'version' to a later Fedora version prior to Fedora 17's end of life.

Although we aim to fix as many bugs as possible during every release's 
lifetime, sometimes those efforts are overtaken by events. Often a 
more recent Fedora release includes newer upstream software that fixes 
bugs or makes them obsolete.
Comment 19 Cole Robinson 2013-07-11 14:58:40 EDT
This is working on F19 now. And kinda makes sense, as in the past 1.5 years qemu-system-arm has been getting tons more attention. The Fedora ARM guys are actively using to great effect in part of their efforts.

Note You need to log in before you can comment on or make changes to this bug.