qemu-devel
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Qemu-devel] Data bus error with redeonfb on mips_fulong2e

From: BALATON Zoltan
Subject: Re: [Qemu-devel] Data bus error with redeonfb on mips_fulong2e
Date: Thu, 14 Mar 2019 23:08:02 +0100 (CET)
User-agent: Alpine 2.21.9999 (BSF 287 2018-06-16) 
On Thu, 14 Mar 2019, Aleksandar Markovic wrote:

From: BALATON Zoltan <address@hidden>
Subject: Data bus error with redeonfb on mips_fulong2e

Hello,

Trying to debug the Linux kernel oops with radeonfb I've added some more
debug logs and got this:

radeonfb_pci_register BEGIN
pci_host_data: pci_data_read: ati-vga: addr=04 val=00000000 len=4
PCI: Enabling device 0000:00:06.0 (0000 -> 0003)
pci_host_data: pci_data_read: ati-vga: addr=04 val=00000000 len=4
pci_host_data: pci_data_write: ati-vga: addr=04 val=00000003 len=4
pci_update_mappings: adding bar 0 to pci.mem @ 0x14000000
pci_update_mappings: adding bar 1 to io @ 0x4000
pci_update_mappings: adding bar 2 to pci.mem @ 0x15050000
pci_host_data: pci_data_read: ati-vga: addr=3c val=00000000 len=4
radeonfb_pci_register fb_base_phys=14000000
radeonfb_pci_register mmio_base_phys=15050000
radeonfb_pci_register request mem regions
radeonfb_pci_register map regions
radeonfb_pci_register mmio_base=9000000015050000
Data bus error, epc == ffffffff80418e4c, ra == ffffffff80418e4c
(full oops dump in previous message but I couldn't find anything useful in
there so omitted here)



Paul, Zoltan is experimenting with ATI Radeon support in QEMU. However,
he hits this problem while booting with Linux kernel. May I ask you for
your comments/insight on thi matter? The board that is being emulated
is Fulong 2E (with Loongson 2E CPU).

Zoltan, can you provide here step-by-step repro procedure so that Paul
doesn't need to search other email threads?
The email you've replied to should have all info needed to review this by looking at source which hopefully makes sense to someone who knows MIPS. The full oops omitted above but was present here: 

http://lists.nongnu.org/archive/html/qemu-devel/2019-03/msg04601.html
is this (offsets replaced by (ptrval) by Linux, sorry about that but it's the part below as found by adding debug logs): 

Data bus error, epc == ffffffff80418f88, ra == ffffffff80418f68
Oops[#1]:
CPU: 0 PID: 1 Comm: swapper Not tainted 4.15.10-fuloong2e #1
$ 0   : 0000000000000000 0000000000000000 9000000000000000 9000000015050000
$ 4   : 0000000000000000 980000000f258f00 0000000015053fff 00000000000003a8
$ 8   : 980000000f1923e0 0000000000000003 0000000000000001 000000000000000f
$12   : 0000000000000000 ffffffff8062971c ffffffff808c0000 980000000f1666c7
$16   : 980000000f166398 980000000f192000 980000000f166000 980000000f1666b8
$20   : 0000000000000000 ffffffff80693c88 ffffffff818d0000 ffffffff80882170
$24   : 980000000f1666ea fffffffffffffff8
$28   : 980000000f0ac000 980000000f0afc00 0000000000000007 ffffffff80418f68
Hi    : 0000000000000002
Lo    : ffffffffc000000b
epc   : ffffffff80418f88 radeonfb_pci_register+0x178/0x11b0
ra    : ffffffff80418f68 radeonfb_pci_register+0x158/0x11b0
Status: 1400a4e3        KX SX UX KERNEL EXL IE
Cause : 0000001c (ExcCode 07)
PrId  : 00006302 (ICT Loongson-2)
Modules linked in:
Process swapper (pid: 1, threadinfo=        (ptrval), task=        (ptrval),
tls=0000000000000000)
Stack : 000000001400a4e1 ffffffff8080b490 ffffffff80693c88 000000000000000
        980000000f192098 980000000f192000 ffffffff8080b420 ffffffff8080b490
        ffffffff80693c88 0000000000000000 ffffffff818d0000 ffffffff80882170
        0000000000000007 ffffffff803f7360 980000000f192098 ffffffff818d0000
        0000000000000000 ffffffff8080b490 0000000000000000 ffffffff8045fdd8
        980000000f192098 ffffffff8080b490 980000000f1920f8 ffffffff8080a770
        ffffffff808b0000 0000000000000008 ffffffff808b0000 ffffffff8045ff60
        0000000000000000 ffffffff8080b490 ffffffff8045fe80 ffffffff8045dba4
        980000000f010e90 980000000f131760 ffffffff8080b490 980000000f248b00
        0000000000000000 ffffffff8045efb8 ffffffff807669c0 ffffffff8080b490
        ...
Call Trace:
[<        (ptrval)>] radeonfb_pci_register+0x178/0x11b0
[<        (ptrval)>] pci_device_probe+0xd0/0x190
[<        (ptrval)>] driver_probe_device+0x2c8/0x370
[<        (ptrval)>] __driver_attach+0xe0/0xe8
[<        (ptrval)>] bus_for_each_dev+0x6c/0xb8
[<        (ptrval)>] bus_add_driver+0x120/0x260
[<        (ptrval)>] driver_register+0x84/0x130
[<        (ptrval)>] radeonfb_init+0x64/0x260
[<        (ptrval)>] do_one_initcall+0x40/0x160
[<        (ptrval)>] kernel_init_freeable+0x174/0x22c
[<        (ptrval)>] kernel_init+0x10/0x110
[<        (ptrval)>] ret_from_kernel_thread+0x14/0x1c
Code: 0062182d  1060036d  fe030368 <8c620148> 920407d8  ae0007dc  00021400 
0002103c  0002103e

---[ end trace ebeaa57659174cf9 ]---
Kernel panic - not syncing: Attempted to kill init! exitcode=0x0000000b
I got this with Linux kernel version 4.15.10-fuloong2e compiled with arch/mips/configs/fuloong2e_defconfig running on QEMU git master as 

qemu-system-mips64el -M fulong2e -kernel vmlinuz \
-append "console=ttyS0,115200" -serial stdio

Thank you,
BALATON Zoltan


Thanks to both for considering my requests.

Aleksandar



I think the problem is around here (I have to guess because Linux prints
(ptrval) instead of offsets in oops message as a security measure that I
don't know how to turn off and the mips64 objdump that comes with my
distro can't interleave source with disassembly so even if I have the
offset can't find the source line by it so I had to go by debug printfs):

linux-4.15.10/drivers/video/fbdev/aty/radeon_base.c:
    2311         /* Set base addrs */
    2312         rinfo->fb_base_phys = pci_resource_start (pdev, 0);
    2313         rinfo->mmio_base_phys = pci_resource_start (pdev, 2);
    2314         pr_debug("radeonfb_pci_register fb_base_phys=%lx\n", > 
rinfo->fb_base_phys);
    2315         pr_debug("radeonfb_pci_register mmio_base_phys=%lx\n", > 
rinfo->mmio_base_phys);
    2316
    2317         /* request the mem regions */
    2318         pr_debug("radeonfb_pci_register request mem regions\n");
    2319         ret = pci_request_region(pdev, 0, "radeonfb framebuffer");
    2320         if (ret < 0) {
    2321                 printk( KERN_ERR "radeonfb (%s): cannot request > region 
0.\n",
    2322                         pci_name(rinfo->pdev));
    2323                 goto err_release_fb;
    2324         }
    2325
    2326         ret = pci_request_region(pdev, 2, "radeonfb mmio");
    2327         if (ret < 0) {
    2328                 printk( KERN_ERR "radeonfb (%s): cannot request > region 
2.\n",
    2329                         pci_name(rinfo->pdev));
    2330                 goto err_release_pci0;
    2331         }
    2332
    2333         /* map the regions */
    2334         pr_debug("radeonfb_pci_register map regions\n");
    2335         rinfo->mmio_base = ioremap(rinfo->mmio_base_phys, > 
RADEON_REGSIZE);
    2336         if (!rinfo->mmio_base) {
    2337                 printk(KERN_ERR "radeonfb (%s): cannot map MMIO\n",
    2338                        pci_name(rinfo->pdev));
    2339                 ret = -EIO;
    2340                 goto err_release_pci2;
    2341         }
    2342         pr_debug("radeonfb_pci_register mmio_base=%px\n", > 
rinfo->mmio_base);
    2343
    2344         rinfo->fb_local_base = INREG(MC_FB_LOCATION) << 16;
    2345         pr_debug("radeonfb_pci_register fb_local_base=%lx\n", > 
rinfo->fb_local_base);

So it fails in INREG on line 2344 which is in radeonfb.h:380

#define INREG(addr)             readl((rinfo->mmio_base)+addr)

This reg read never reaches QEMU so either something's wrong with the
mmio_base or readl can't handle it correctly. This seems to be something
Linux MIPS specific that I have no idea about. Does this make sense to
anyone?

Regards,
BALATON Zoltan



I appreciate your help!

Aleksandar
reply via email to
[Prev in Thread] Current Thread [Next in Thread]