Re: Crash in memory_region_init_ram call chain, when --bios command line parameter is presented.
On Tue, 14 Feb 2023 at 11:03, Alyosha Shevandin wrote: > > > I would appreciate any clue about the crash. > > When I start my custom SoC emulation and the –bios command line parameter us > presented, the QEMU processes crashes before the custom code even tries to > load the firmware. It crashes in the *memory_region_init_ram* call chain with > the follow stack: > > > #0 0x5613255a6932 in object_class_dynamic_cast_assert > > (class=0x56006f6b756b, typename=0x5613259e94ee "bus", file=0x5613259e94a8 > "/project/users/ashevandin/qemu-speedata/include/hw/qdev-core.h", line=217, > func=0x5613259e9828 <__func__.18> "BUS_GET_CLASS") > > at ../qom/object.c:963 > > #1 0x56132559e3a3 in BUS_GET_CLASS (obj=0x561326fd7830) at > /project/users/ashevandin/qemu-speedata/include/hw/qdev-core.h:217 > > #2 0x56132559f434 in qdev_get_dev_path (dev=0x561326d27800) at > ../hw/core/qdev.c:422 > > #3 0x5613254f489d in qemu_ram_set_idstr (new_block=0x56132710acc0, > name=0x5613270e1760 "speedata.callisto.ddr1", dev=0x561326d27800) at > ../softmmu/physmem.c:1766 > > #4 0x5613250a1069 in vmstate_register_ram (mr=0x561326d27950, > dev=0x561326d27800) at ../migration/savevm.c:3104 > > #5 0x5613254ee0c8 in memory_region_init_ram (mr=0x561326d27950, > owner=0x561326d27800, name=0x561325983052 "speedata.callisto.ddr1", > size=4294967296, errp=0x5613262c6178 ) > > at ../softmmu/memory.c:3543 Looking at the back trace, my guess is that you've passed in an 'owner' argument to memory_region_init_ram() that isn't a valid initialized device object. -- PMM
Re: Crash in memory_region_init_ram call chain, when --bios command line parameter is presented.
Thank you for your answer. I belive that 'owner' parameter is initialized: 1) without --bios parameter the code does not crash; 2) I check the the owner parameter before; Here is the fragment of my code: static void my_soc_init(MachineState *machine) { MySocState* state = OBJECT_CHECK(MySocState, machine, TYPE_MY_SOC); if (!state) { error_report("failed to convert from the parent MachineState to derived MySocState"); exit(1); } /* * Setup the memories. */ memory_region_init_ram(&state->ram, OBJECT(state), "mysoc.ram", mysoc_memmap[MYSOCK_DEV_RAM].size, &error_abort); Regards, Aleksey מאת: Peter Maydell נשלח: יום שלישי 14 פברואר 2023 13:07 אל: Alyosha Shevandin עותק: qemu-discuss@nongnu.org נושא: Re: Crash in memory_region_init_ram call chain, when --bios command line parameter is presented. On Tue, 14 Feb 2023 at 11:03, Alyosha Shevandin wrote: > > > I would appreciate any clue about the crash. > > When I start my custom SoC emulation and the –bios command line parameter us > presented, the QEMU processes crashes before the custom code even tries to > load the firmware. It crashes in the *memory_region_init_ram* call chain with > the follow stack: > > > #0 0x5613255a6932 in object_class_dynamic_cast_assert > > (class=0x56006f6b756b, typename=0x5613259e94ee "bus", file=0x5613259e94a8 > "/project/users/ashevandin/qemu-speedata/include/hw/qdev-core.h", line=217, > func=0x5613259e9828 <__func__.18> "BUS_GET_CLASS") > > at ../qom/object.c:963 > > #1 0x56132559e3a3 in BUS_GET_CLASS (obj=0x561326fd7830) at > /project/users/ashevandin/qemu-speedata/include/hw/qdev-core.h:217 > > #2 0x56132559f434 in qdev_get_dev_path (dev=0x561326d27800) at > ../hw/core/qdev.c:422 > > #3 0x5613254f489d in qemu_ram_set_idstr (new_block=0x56132710acc0, > name=0x5613270e1760 "speedata.callisto.ddr1", dev=0x561326d27800) at > ../softmmu/physmem.c:1766 > > #4 0x5613250a1069 in vmstate_register_ram (mr=0x561326d27950, > dev=0x561326d27800) at ../migration/savevm.c:3104 > > #5 0x5613254ee0c8 in memory_region_init_ram (mr=0x561326d27950, > owner=0x561326d27800, name=0x561325983052 "speedata.callisto.ddr1", > size=4294967296, errp=0x5613262c6178 ) > > at ../softmmu/memory.c:3543 Looking at the back trace, my guess is that you've passed in an 'owner' argument to memory_region_init_ram() that isn't a valid initialized device object. -- PMM
Re: Crash in memory_region_init_ram call chain, when --bios command line parameter is presented.
On Tue, 14 Feb 2023 at 11:54, Alyosha Shevandin wrote: > > Thank you for your answer. I belive that 'owner' parameter is initialized: 1) > without --bios parameter the code does not crash; 2) I check the the owner > parameter before; > Here is the fragment of my code: > > static void my_soc_init(MachineState *machine) > { > > MySocState* state = OBJECT_CHECK(MySocState, machine, TYPE_MY_SOC); This looks very confused. Generally in QEMU the 'board' (inherits from MachineState) is a different object from the SoC (inherits from DeviceState). This code seems to think they are the same thing. > if (!state) { > error_report("failed to convert from the parent MachineState to > derived MySocState"); > exit(1); > } > > /* > * Setup the memories. > */ > memory_region_init_ram(&state->ram, > OBJECT(state), > "mysoc.ram", > mysoc_memmap[MYSOCK_DEV_RAM].size, > &error_abort); The 'owner' argument to memory_region_init_ram() must be either NULL or something that inherits from DeviceState. We use the former for memory regions created by boards, and the latter for memory regions created by SoC models. The (cast) MachineState object you are passing is neither, so you end up with an assertion when the code tries to do something to it that only works with a DeviceState. (I'm not sure why this didn't assert in memory_region_init_ram() when it does the DEVICE() cast on the owner pointer.) thanks -- PMM
Re: Crash in memory_region_init_ram call chain, when --bios command line parameter is presented.
Thank you again. Your answer gave me some clues about what is wrong in my code. Actually almost everything was wrong. I misunderstand of how QOM and its macros work. I had defined MySocState so that it included MachineState (it had a field obj_parent of type of MachineState). I had assumed that caller of the init procedure will allocate MySocState object and pass the pointer to the initialization procedure. Which was not the case. MachineState object is allocated with parent_object→class→type→name set to “TYPE_MY_SOC””machine” (since there is a definition DEFINE_MACHINE(TYPE_MY_SOC, my_machine_init) ). So actually, the problem was in the line MySocState* state = OBJECT_CHECK(MySocState, machine, TYPE_MY_SOC); It converted the pointer to the MachineState object to the unrelated MySocState*, the result was the misaligned invalid object. Therefore the specific operations that relate its’ fields cause segfault. I can not understand why it didn’t assert at OBJECT_CHECK Now I had provided a separate initialization code for MySocState and construct this object in the machine initialization procedure. Regards, Aleksey מאת: Peter Maydell נשלח: יום שלישי 14 פברואר 2023 16:17 אל: Alyosha Shevandin עותק: qemu-discuss@nongnu.org נושא: Re: Crash in memory_region_init_ram call chain, when --bios command line parameter is presented. On Tue, 14 Feb 2023 at 11:54, Alyosha Shevandin wrote: > > Thank you for your answer. I belive that 'owner' parameter is initialized: 1) > without --bios parameter the code does not crash; 2) I check the the owner > parameter before; > Here is the fragment of my code: > > static void my_soc_init(MachineState *machine) > { > > MySocState* state = OBJECT_CHECK(MySocState, machine, TYPE_MY_SOC); This looks very confused. Generally in QEMU the 'board' (inherits from MachineState) is a different object from the SoC (inherits from DeviceState). This code seems to think they are the same thing. > if (!state) { > error_report("failed to convert from the parent MachineState to > derived MySocState"); > exit(1); > } > > /* > * Setup the memories. > */ > memory_region_init_ram(&state->ram, > OBJECT(state), > "mysoc.ram", > mysoc_memmap[MYSOCK_DEV_RAM].size, > &error_abort); The 'owner' argument to memory_region_init_ram() must be either NULL or something that inherits from DeviceState. We use the former for memory regions created by boards, and the latter for memory regions created by SoC models. The (cast) MachineState object you are passing is neither, so you end up with an assertion when the code tries to do something to it that only works with a DeviceState. (I'm not sure why this didn't assert in memory_region_init_ram() when it does the DEVICE() cast on the owner pointer.) thanks -- PMM