-
Notifications
You must be signed in to change notification settings - Fork 61
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Floating point exception (core dumped) #24
Comments
I found this is cause by '/hw/char/esp32_uart.c' . in fuction 'uart_set_rx_timeout'
s->baud_rate is 'zer0' when run . I do the fix
|
Thanks for finding the issue and its cause @JiaDuo. I'll add this fix to the next release. |
The root cause was that only UART0 was properly reset and initialized here: Lines 169 to 171 in fd85235
this should have been &s->uart[i] not &s->uart .
|
This is now fixed in https://github.com/espressif/qemu/releases/tag/esp-develop-20220203. |
Include the qtest reproducer provided by Alexander Bulekov in https://gitlab.com/qemu-project/qemu/-/issues/542. Without the previous commit, we get: $ make check-qtest-i386 ... Running test tests/qtest/intel-hda-test AddressSanitizer:DEADLYSIGNAL ================================================================= ==1580408==ERROR: AddressSanitizer: stack-overflow on address 0x7ffc3d566fe0 #0 0x63d297cf in address_space_translate_internal softmmu/physmem.c:356 #1 0x63d27260 in flatview_do_translate softmmu/physmem.c:499:15 #2 0x63d27af5 in flatview_translate softmmu/physmem.c:565:15 #3 0x63d4ce84 in flatview_write softmmu/physmem.c:2850:10 #4 0x63d4cb18 in address_space_write softmmu/physmem.c:2950:18 #5 0x63d4d387 in address_space_rw softmmu/physmem.c:2960:16 #6 0x62ae12f2 in dma_memory_rw_relaxed include/sysemu/dma.h:89:12 #7 0x62ae104a in dma_memory_rw include/sysemu/dma.h:132:12 #8 0x62ae6157 in dma_memory_write include/sysemu/dma.h:173:12 #9 0x62ae5ec0 in stl_le_dma include/sysemu/dma.h:275:1 #10 0x62ae5ba2 in stl_le_pci_dma include/hw/pci/pci.h:871:1 #11 0x62ad59a6 in intel_hda_response hw/audio/intel-hda.c:372:12 #12 0x62ad2afb in hda_codec_response hw/audio/intel-hda.c:107:5 #13 0x62aec4e1 in hda_audio_command hw/audio/hda-codec.c:655:5 #14 0x62ae05d9 in intel_hda_send_command hw/audio/intel-hda.c:307:5 #15 0x62adff54 in intel_hda_corb_run hw/audio/intel-hda.c:342:9 #16 0x62adc13b in intel_hda_set_corb_wp hw/audio/intel-hda.c:548:5 #17 0x62ae5942 in intel_hda_reg_write hw/audio/intel-hda.c:977:9 #18 0x62ada10a in intel_hda_mmio_write hw/audio/intel-hda.c:1054:5 #19 0x63d8f383 in memory_region_write_accessor softmmu/memory.c:492:5 #20 0x63d8ecc1 in access_with_adjusted_size softmmu/memory.c:554:18 #21 0x63d8d5d6 in memory_region_dispatch_write softmmu/memory.c:1504:16 #22 0x63d5e85e in flatview_write_continue softmmu/physmem.c:2812:23 #23 0x63d4d05b in flatview_write softmmu/physmem.c:2854:12 #24 0x63d4cb18 in address_space_write softmmu/physmem.c:2950:18 #25 0x63d4d387 in address_space_rw softmmu/physmem.c:2960:16 #26 0x62ae12f2 in dma_memory_rw_relaxed include/sysemu/dma.h:89:12 #27 0x62ae104a in dma_memory_rw include/sysemu/dma.h:132:12 #28 0x62ae6157 in dma_memory_write include/sysemu/dma.h:173:12 #29 0x62ae5ec0 in stl_le_dma include/sysemu/dma.h:275:1 #30 0x62ae5ba2 in stl_le_pci_dma include/hw/pci/pci.h:871:1 #31 0x62ad59a6 in intel_hda_response hw/audio/intel-hda.c:372:12 #32 0x62ad2afb in hda_codec_response hw/audio/intel-hda.c:107:5 #33 0x62aec4e1 in hda_audio_command hw/audio/hda-codec.c:655:5 #34 0x62ae05d9 in intel_hda_send_command hw/audio/intel-hda.c:307:5 #35 0x62adff54 in intel_hda_corb_run hw/audio/intel-hda.c:342:9 #36 0x62adc13b in intel_hda_set_corb_wp hw/audio/intel-hda.c:548:5 #37 0x62ae5942 in intel_hda_reg_write hw/audio/intel-hda.c:977:9 #38 0x62ada10a in intel_hda_mmio_write hw/audio/intel-hda.c:1054:5 #39 0x63d8f383 in memory_region_write_accessor softmmu/memory.c:492:5 #40 0x63d8ecc1 in access_with_adjusted_size softmmu/memory.c:554:18 #41 0x63d8d5d6 in memory_region_dispatch_write softmmu/memory.c:1504:16 #42 0x63d5e85e in flatview_write_continue softmmu/physmem.c:2812:23 #43 0x63d4d05b in flatview_write softmmu/physmem.c:2854:12 #44 0x63d4cb18 in address_space_write softmmu/physmem.c:2950:18 #45 0x63d4d387 in address_space_rw softmmu/physmem.c:2960:16 #46 0x62ae12f2 in dma_memory_rw_relaxed include/sysemu/dma.h:89:12 qemu#47 0x62ae104a in dma_memory_rw include/sysemu/dma.h:132:12 #48 0x62ae6157 in dma_memory_write include/sysemu/dma.h:173:12 ... SUMMARY: AddressSanitizer: stack-overflow softmmu/physmem.c:356 in address_space_translate_internal ==1580408==ABORTING Broken pipe Aborted (core dumped) Signed-off-by: Philippe Mathieu-Daudé <[email protected]> Acked-by: Thomas Huth <[email protected]> Message-Id: <[email protected]> Signed-off-by: Thomas Huth <[email protected]>
Fixes this tsan crash, easy to reproduce with any large enough program: $ tests/unit/test-qht 1..2 ThreadSanitizer: CHECK failed: sanitizer_deadlock_detector.h:67 "((n_all_locks_)) < (((sizeof(all_locks_with_contexts_)/sizeof((all_locks_with_contexts_)[0]))))" (0x40, 0x40) (tid=1821568) #0 __tsan::CheckUnwind() ../../../../src/libsanitizer/tsan/tsan_rtl.cpp:353 (libtsan.so.2+0x90034) #1 __sanitizer::CheckFailed(char const*, int, char const*, unsigned long long, unsigned long long) ../../../../src/libsanitizer/sanitizer_common/sanitizer_termination.cpp:86 (libtsan.so.2+0xca555) espressif#2 __sanitizer::DeadlockDetectorTLS<__sanitizer::TwoLevelBitVector<1ul, __sanitizer::BasicBitVector<unsigned long> > >::addLock(unsigned long, unsigned long, unsigned int) ../../../../src/libsanitizer/sanitizer_common/sanitizer_deadlock_detector.h:67 (libtsan.so.2+0xb3616) espressif#3 __sanitizer::DeadlockDetectorTLS<__sanitizer::TwoLevelBitVector<1ul, __sanitizer::BasicBitVector<unsigned long> > >::addLock(unsigned long, unsigned long, unsigned int) ../../../../src/libsanitizer/sanitizer_common/sanitizer_deadlock_detector.h:59 (libtsan.so.2+0xb3616) espressif#4 __sanitizer::DeadlockDetector<__sanitizer::TwoLevelBitVector<1ul, __sanitizer::BasicBitVector<unsigned long> > >::onLockAfter(__sanitizer::DeadlockDetectorTLS<__sanitizer::TwoLevelBitVector<1ul, __sanitizer::BasicBitVector<unsigned long> > >*, unsigned long, unsigned int) ../../../../src/libsanitizer/sanitizer_common/sanitizer_deadlock_detector.h:216 (libtsan.so.2+0xb3616) espressif#5 __sanitizer::DD::MutexAfterLock(__sanitizer::DDCallback*, __sanitizer::DDMutex*, bool, bool) ../../../../src/libsanitizer/sanitizer_common/sanitizer_deadlock_detector1.cpp:169 (libtsan.so.2+0xb3616) espressif#6 __tsan::MutexPostLock(__tsan::ThreadState*, unsigned long, unsigned long, unsigned int, int) ../../../../src/libsanitizer/tsan/tsan_rtl_mutex.cpp:200 (libtsan.so.2+0xa3382) espressif#7 __tsan_mutex_post_lock ../../../../src/libsanitizer/tsan/tsan_interface_ann.cpp:384 (libtsan.so.2+0x76bc3) espressif#8 qemu_spin_lock /home/cota/src/qemu/include/qemu/thread.h:259 (test-qht+0x44a97) espressif#9 qht_map_lock_buckets ../util/qht.c:253 (test-qht+0x44a97) espressif#10 do_qht_iter ../util/qht.c:809 (test-qht+0x45f33) espressif#11 qht_iter ../util/qht.c:821 (test-qht+0x45f33) espressif#12 iter_check ../tests/unit/test-qht.c:121 (test-qht+0xe473) espressif#13 qht_do_test ../tests/unit/test-qht.c:202 (test-qht+0xe473) espressif#14 qht_test ../tests/unit/test-qht.c:240 (test-qht+0xe7c1) espressif#15 test_default ../tests/unit/test-qht.c:246 (test-qht+0xe828) espressif#16 <null> <null> (libglib-2.0.so.0+0x7daed) espressif#17 <null> <null> (libglib-2.0.so.0+0x7d80a) espressif#18 <null> <null> (libglib-2.0.so.0+0x7d80a) espressif#19 g_test_run_suite <null> (libglib-2.0.so.0+0x7dfe9) espressif#20 g_test_run <null> (libglib-2.0.so.0+0x7e055) espressif#21 main ../tests/unit/test-qht.c:259 (test-qht+0xd2c6) espressif#22 __libc_start_call_main ../sysdeps/nptl/libc_start_call_main.h:58 (libc.so.6+0x29d8f) espressif#23 __libc_start_main_impl ../csu/libc-start.c:392 (libc.so.6+0x29e3f) espressif#24 _start <null> (test-qht+0xdb44) Signed-off-by: Emilio Cota <[email protected]> Reviewed-by: Richard Henderson <[email protected]> Message-Id: <[email protected]> Signed-off-by: Alex Bennée <[email protected]> Message-Id: <[email protected]>
I test the "uart_echo" example. But failed. It show "Floating point exception (core dumped)"
CMD LOG:
$cd peripherals/uart/uart_echo
$idf.py build
$cd build
$esptool.py --chip esp32 merge_bin --fill-flash-size 4MB -o flash_image.bin 0x8000 partition_table/partition-table.bin 0x1000 bootloader/bootloader.bin 0x10000 uart_echo.bin
$~/other/espressif_qemu/qemu/bin/qemu-system-xtensa -nographic -M esp32 -drive file=flash_image.bin,if=mtd,format=raw
QEMU OUTPUT:
Adding SPI flash device
ets Jul 29 2019 12:21:46
rst:0x1 (POWERON_RESET),boot:0x12 (SPI_FAST_FLASH_BOOT)
configsip: 0, SPIWP:0xee
clk_drv:0x00,q_drv:0x00,d_drv:0x00,cs0_drv:0x00,hd_drv:0x00,wp_drv:0x00
mode:DIO, clock div:2
load:0x3fff0030,len:7064
load:0x40078000,len:14308
load:0x40080400,len:3716
entry 0x40080680
I (888) boot: ESP-IDF v4.3.1 2nd stage bootloader
I (894) boot: compile time 15:19:40
I (904) boot: chip revision: 0
I (912) boot.esp32: SPI Speed : 40MHz
I (912) boot.esp32: SPI Mode : DIO
I (913) boot.esp32: SPI Flash Size : 2MB
I (924) boot: Enabling RNG early entropy source...
I (941) boot: Partition Table:
I (941) boot: ## Label Usage Type ST Offset Length
I (942) boot: 0 nvs WiFi data 01 02 00009000 00006000
I (945) boot: 1 phy_init RF data 01 01 0000f000 00001000
I (946) boot: 2 factory factory app 00 00 00010000 00100000
I (950) boot: End of partition table
I (960) esp_image: segment 0: paddr=00010020 vaddr=3f400020 size=08764h ( 34660) map
I (1016) esp_image: segment 1: paddr=0001878c vaddr=3ffb0000 size=0290ch ( 10508) load
I (1046) esp_image: segment 2: paddr=0001b0a0 vaddr=40080000 size=04f78h ( 20344) load
I (1065) esp_image: segment 3: paddr=00020020 vaddr=400d0020 size=165c4h ( 91588) map
I (1226) esp_image: segment 4: paddr=000365ec vaddr=40084f78 size=06a88h ( 27272) load
I (1271) esp_image: segment 5: paddr=0003d07c vaddr=50000000 size=00010h ( 16) load
I (1297) boot: Loaded app from partition at offset 0x10000
I (1299) boot: Disabling RNG early entropy source...
I (1313) cpu_start: Pro cpu up.
I (1314) cpu_start: Starting app cpu, entry point is 0x400810e0
I (5429) cpu_start: App cpu up.
I (2247) cpu_start: Pro cpu start user code
I (2248) cpu_start: cpu freq: 160000000
I (2248) cpu_start: Application information:
I (2249) cpu_start: Project name: uart_echo
I (2249) cpu_start: App version: v4.3.1
I (2250) cpu_start: Compile time: Dec 9 2021 15:19:35
I (2251) cpu_start: ELF file SHA256: 29985d43c52312e9...
I (2252) cpu_start: ESP-IDF: v4.3.1
I (2259) heap_init: Initializing. RAM available for dynamic allocation:
I (2263) heap_init: At 3FFAE6E0 len 00001920 (6 KiB): DRAM
I (2265) heap_init: At 3FFB31D0 len 0002CE30 (179 KiB): DRAM
I (2266) heap_init: At 3FFE0440 len 00003AE0 (14 KiB): D/IRAM
I (2267) heap_init: At 3FFE4350 len 0001BCB0 (111 KiB): D/IRAM
I (2269) heap_init: At 4008BA00 len 00014600 (81 KiB): IRAM
I (2350) spi_flash: detected chip: gd
I (2375) spi_flash: flash io: dio
W (2395) spi_flash: Detected size(4096k) larger than the size in the binary image header(2048k). Using the size in the binary image header.
I (2427) cpu_start: Starting scheduler on PRO CPU.
I (10) cpu_start: Starting scheduler on APP CPU.
Floating point exception (core dumped)
The text was updated successfully, but these errors were encountered: