Hi. I'm trying to run stock Debian 6.0 x86_64 kernel using qemu git head. With the following command line it's ok (getting to rootfs mounting and panics):
qemu-system-x86_64 -serial stdio -monitor null -nographic -kernel /boot/vmlinuz-2.6.38-bpo.2-amd64 -append 'console=ttyS0 panic=1' But once I add -icount option (have tried -icount 1, 2, 16, 256, auto, the result is the same) qemu loops infinitely in the qemu_run_timers: for(;;) { ts = *ptimer_head; if (!qemu_timer_expired_ns(ts, current_time)) { break; } /* remove timer from the list before calling the callback */ *ptimer_head = ts->next; ts->next = NULL; /* run the callback (the timer list can be modified) */ ts->cb(ts->opaque); } With ts being hpet timer and inside ts->cb that is hpet_timer, diff = hpet_calculate_diff(t, cur_tick) is always zero. The following patch breaks the loop: diff --git a/hw/hpet.c b/hw/hpet.c index 12bd64d..eadec7b 100644 --- a/hw/hpet.c +++ b/hw/hpet.c @@ -297,13 +297,17 @@ static void hpet_timer(void *opaque) } } diff = hpet_calculate_diff(t, cur_tick); - qemu_mod_timer(t->qemu_timer, - qemu_get_clock_ns(vm_clock) + (int64_t)ticks_to_ns(diff)); + if (diff) { + qemu_mod_timer(t->qemu_timer, + qemu_get_clock_ns(vm_clock) + (int64_t)ticks_to_ns(diff)); + } } else if (t->config & HPET_TN_32BIT && !timer_is_periodic(t)) { if (t->wrap_flag) { diff = hpet_calculate_diff(t, cur_tick); - qemu_mod_timer(t->qemu_timer, qemu_get_clock_ns(vm_clock) + - (int64_t)ticks_to_ns(diff)); + if (diff) { + qemu_mod_timer(t->qemu_timer, qemu_get_clock_ns(vm_clock) + + (int64_t)ticks_to_ns(diff)); + } t->wrap_flag = 0; } } but with this patch applied qemu fails as follows: [ 0.000000] Console: colour VGA+ 80x25 [ 0.000000] console [ttyS0] enabled [ 0.000000] Fast TSC calibration using PIT [ 0.000000] Detected 999.951 MHz processor. [ 0.000003] Calibrating delay loop (skipped), value calculated using timer frequency.. 1999.90 BogoMIPS (lpj=3999804) [ 0.000039] pid_max: default: 32768 minimum: 301 [ 0.000129] Security Framework initialized [ 0.000144] SELinux: Disabled at boot. [ 0.000255] Dentry cache hash table entries: 16384 (order: 5, 131072 bytes) [ 0.000572] Inode-cache hash table entries: 8192 (order: 4, 65536 bytes) [ 0.000735] Mount-cache hash table entries: 256 [ 0.001121] Initializing cgroup subsys ns [ 0.001136] ns_cgroup deprecated: consider using the 'clone_children' flag without the ns_cgroup. [ 0.001161] Initializing cgroup subsys cpuacct [ 0.001193] Initializing cgroup subsys devices [ 0.001208] Initializing cgroup subsys freezer [ 0.001224] Initializing cgroup subsys net_cls [ 0.001239] Initializing cgroup subsys blkio [ 0.001328] mce: CPU supports 10 MCE banks [ 0.001356] SMP alternatives: switching to UP code [ 0.008000] Freeing SMP alternatives: 16k freed [ 0.008000] ACPI: Core revision 20110112 [ 0.008000] Setting APIC routing to flat [ 0.008000] ..TIMER: vector=0x30 apic1=0 pin1=2 apic2=-1 pin2=-1 [ 0.012000] ..MP-BIOS bug: 8254 timer not connected to IO-APIC [ 0.012000] ...trying to set up timer (IRQ0) through the 8259A ... [ 0.012000] ..... (found apic 0 pin 2) ... [ 0.016000] ....... failed. [ 0.016000] ...trying to set up timer as Virtual Wire IRQ... Segmentation fault b/o the following infinite recursion: (gdb) bt #0 0x081b9564 in clz32 (val=0) at /home/jcmvbkbc/ws/xtensa/qemu-xtensa/host-utils.h:53 #1 0x081b97c2 in fls_bit (value=65536) at /home/jcmvbkbc/ws/xtensa/qemu-xtensa/hw/apic.c:121 #2 0x081ba16d in get_highest_priority_int (tab=0x89cec54) at /home/jcmvbkbc/ws/xtensa/qemu-xtensa/hw/apic.c:346 #3 0x081ba275 in apic_irq_pending (s=0x89cdea8) at /home/jcmvbkbc/ws/xtensa/qemu-xtensa/hw/apic.c:383 #4 0x081ba301 in apic_update_irq (s=0x89cdea8) at /home/jcmvbkbc/ws/xtensa/qemu-xtensa/hw/apic.c:401 #5 0x081ba492 in apic_set_irq (s=0x89cdea8, vector_num=48, trigger_mode=0) at /home/jcmvbkbc/ws/xtensa/qemu-xtensa/hw/apic.c:434 #6 0x081b9a77 in apic_local_deliver (s=0x89cdea8, vector=3) at /home/jcmvbkbc/ws/xtensa/qemu-xtensa/hw/apic.c:182 #7 0x081b9acf in apic_deliver_pic_intr (d=0x89cdea8, level=1) at /home/jcmvbkbc/ws/xtensa/qemu-xtensa/hw/apic.c:191 #8 0x081ba353 in apic_update_irq (s=0x89cdea8) at /home/jcmvbkbc/ws/xtensa/qemu-xtensa/hw/apic.c:405 #9 0x081ba492 in apic_set_irq (s=0x89cdea8, vector_num=48, trigger_mode=0) at /home/jcmvbkbc/ws/xtensa/qemu-xtensa/hw/apic.c:434 #10 0x081b9a77 in apic_local_deliver (s=0x89cdea8, vector=3) at /home/jcmvbkbc/ws/xtensa/qemu-xtensa/hw/apic.c:182 #11 0x081b9acf in apic_deliver_pic_intr (d=0x89cdea8, level=1) at /home/jcmvbkbc/ws/xtensa/qemu-xtensa/hw/apic.c:191 #12 0x081ba353 in apic_update_irq (s=0x89cdea8) at /home/jcmvbkbc/ws/xtensa/qemu-xtensa/hw/apic.c:405 #13 0x081ba492 in apic_set_irq (s=0x89cdea8, vector_num=48, trigger_mode=0) at /home/jcmvbkbc/ws/xtensa/qemu-xtensa/hw/apic.c:434 ... -- Thanks. -- Max