QEMU

error "rom: requested regions overlap" for NOLOAD sections

Bug #1429841 reported by Roman on 2015-03-09

This bug affects 1 person

Affects		Status	Importance	Assigned to	Milestone
	QEMU	Fix Released	Undecided	Unassigned

Bug Description

command line:
qemu-system-arm -semihosting -nographic -monitor null -serial null -no-reboot -kernel build/fw/0HNFcomSLuP1_CUNIT.elf

output:
rom: requested regions overlap (rom phdr #6: build/fw/0HNFcomSLuP1_CUNIT.elf. free=0x8001effc, addr=0x8001c000)
rom loading failed

I checked the sections of the .elf file with arm-none-eabi-objdump -h:
Sections:
Idx Name Size VMA LMA File off Algn
...
35 .marker_appli 00001000 801ae000 801ae000 00025000 2**0
                  ALLOC
36 .safe_data 00000014 80200000 8001b000 00020000 2**2
                  CONTENTS, ALLOC, LOAD, DATA
37 .safe_bss 00000488 80200020 8001b020 00020014 2**2
                  ALLOC
38 .marker_safe_data 00001000 80201000 8001c000 00029000 2**0
                  ALLOC
39 .data 000008cc 80202000 8001b600 00022000 2**3
                  CONTENTS, ALLOC, LOAD, DATA
40 .bss 0000312c 802028d0 8001bed0 000228cc 2**3
                  ALLOC
41 .marker_data 00001000 80206000 8001f600 00026000 2**0
                  ALLOC
42 .cunit 00010000 80300000 80119600 00028000 2**0
                  ALLOC
43 .marker_code 00001000 8001c000 8001c000 00024000 2**0
                  ALLOC
...

So I had a look where the values in the error message could come from:
0x8001c000: is the "LMA" value of section .marker_safe_data
0x8001effc: is "Size" + "LMA" of the .bss section (0x0000312c + 0x8001bed0)

So it is correct that (regarding the "LMA" value) the .marker_safe_data section collides with .bss section.
But actually these sections have no "LOAD" attribute, so I would guess that their "LMA" should not be used anyway.
Those section should reside at their "VMA" addresses (0x802xxxxx) during runtime but they have no data to load.

Or am I getting something completely wrong?
Should I give an additional option to qemu?

I got this error with 2.0.0+dfsg-2ubuntu1.10 and 1.0.50-2012.03-0ubuntu2.1
I didn't get this error (but others) with 0.10.2

Tags:

Revision history for this message

Roman (romanzwi000) wrote on 2015-03-11:

0MFWSL_EmoDatauP1_CUNIT.elf for reproduction Edit (219.3 KiB, application/octet-stream)

I did a test (with version 2.2.0) to simply not fail out upon this error (removed the "return -1" in function rom_load_all() in file hw/core/loader.c).

With that hack I got the elf file running I'll attach with *this* comment (note that attachment #1 won't run correctly but probably for some other reason as I never had this working anywhere).
So when I run with my hack:
qemu-system-arm -M integratorcp -semihosting -nographic -monitor null -serial null -no-reboot -kernel 0MFWSL_EmoDatauP1_CUNIT.elf

I get:
rom: requested regions overlap (rom phdr #4: 0MFWSL_EmoDatauP1_CUNIT.elf. free=0x0000000000017ae0, addr=0x0000000000016aac)
rom: requested regions overlap (rom phdr #5: 0MFWSL_EmoDatauP1_CUNIT.elf. free=0x00000000000185e8, addr=0x0000000000017e64)

CUnit - A Unit testing framework for C - Version 2.1-0
http://cunit.sourceforge.net/

Suite: MFWSL_EmoData
  Test: MFWSL_EmoFileOpen ... passed
  Test: MFWSL_ChkEmosSodHdr ... passed
  Test: MFWSL_ChkEmosFileHdr ... passed
  Test: MFWSL_ChkEmosSodSect ... passed
  Test: MFWSL_ChkEmosFileSect ... passed
  Test: MFWSL_AddEntryToCpyList ... passed
  Test: MFWSL_EmosAvailableForSect ... passed
  Test: MFWSL_CreateCpyListFromSect ... passed
  Test: MFWSL_SodEmosActive ... passed
  Test: MFWSL_CreateExtMoList ... passed
  Test: MFWSL_ExtendedEmosActive ... passed

--Run Summary: Type Total Ran Passed Failed
               suites 1 1 n/a 0
               tests 11 11 11 0
               asserts 2854 2854 2854 0

...where the last part is the output I expected for a clean run.

regarding the values in the error messages I it looks like:
free=0x0000000000017ae0 = end of .safe_bss (0x16aac + 0x1034) which is NOLOAD
addr=0x0000000000016aac = start of .data which is LOAD
free=0x00000000000185e8 = end of .bss (0x17570 + 0x1078) which is NOLOAD
addr=0x0000000000017e64 = start of .marker1 which is NOLOAD

Any optinions?

I did a test (with version 2.2.0) to simply not fail out upon this error (removed the "return -1" in function rom_load_all() in file hw/core/loader.c).

With that hack I got the elf file running I'll attach with *this* comment (note that attachment #1 won't run correctly but probably for some other reason as I never had this working anywhere).
So when I run with my hack:
qemu-system-arm  -M integratorcp -semihosting -nographic -monitor null -serial null -no-reboot -kernel 0MFWSL_EmoDatauP1_CUNIT.elf

CUnit - A Unit testing framework for C - Version 2.1-0
     http://cunit.sourceforge.net/

Suite: MFWSL_EmoData
  Test: MFWSL_EmoFileOpen		 ... passed
  Test: MFWSL_ChkEmosSodHdr		 ... passed
  Test: MFWSL_ChkEmosFileHdr	 ... passed
  Test: MFWSL_ChkEmosSodSect	 ... passed
  Test: MFWSL_ChkEmosFileSect	 ... passed
  Test: MFWSL_AddEntryToCpyList	 ... passed
  Test: MFWSL_EmosAvailableForSect ... passed
  Test: MFWSL_CreateCpyListFromSect ... passed
  Test: MFWSL_SodEmosActive		 ... passed
  Test: MFWSL_CreateExtMoList	 ... passed
  Test: MFWSL_ExtendedEmosActive ... passed

--Run Summary: Type      Total     Ran  Passed  Failed
               suites        1       1     n/a       0
               tests        11      11      11       0
               asserts    2854    2854    2854       0

...where the last part is the output I expected for a clean run.

Any optinions?

Revision history for this message

Roman (romanzwi000) wrote on 2015-03-11:

To make things more easy I added some debug output to function rom_load_all().
It prints infos for every rom section is processes:

rom phdr #1: 0MFWSL_EmoDatauP1_CUNIT.elf. free=0x0000000000000000, size=0x000000000000003c, addr=0x0000000000000000)
rom phdr #2: 0MFWSL_EmoDatauP1_CUNIT.elf. free=0x00000000000008a0, size=0x00000000000161c4, addr=0x000000000000003c)
rom phdr #3: 0MFWSL_EmoDatauP1_CUNIT.elf. free=0x0000000000016a64, size=0x000000000000107c, addr=0x0000000000016a64)
rom phdr #4: 0MFWSL_EmoDatauP1_CUNIT.elf. free=0x0000000000016aac, size=0x0000000000001b3c, addr=0x0000000000017ae0)
rom: requested regions overlap (rom phdr #4: 0MFWSL_EmoDatauP1_CUNIT.elf. free=0x0000000000017ae0, addr=0x0000000000016aac, size=0x0000000000001b3c)
rom phdr #5: 0MFWSL_EmoDatauP1_CUNIT.elf. free=0x0000000000017e64, size=0x0000000000000400, addr=0x00000000000185e8)
rom: requested regions overlap (rom phdr #5: 0MFWSL_EmoDatauP1_CUNIT.elf. free=0x00000000000185e8, addr=0x0000000000017e64, size=0x0000000000000400)
rom phdr #6: 0MFWSL_EmoDatauP1_CUNIT.elf. free=0x00000000001152ac, size=0x0000000000000400, addr=0x0000000000018264)
rom phdr #7: 0MFWSL_EmoDatauP1_CUNIT.elf. free=0x00000000001a7000, size=0x0000000000000400, addr=0x00000000001156ac)

Revision history for this message

Roman (romanzwi000) wrote on 2016-10-19:

Retest with qemu 2.7.0: issue still occours
Same fix works for me: removed 'return -1;' in function rom_check_and_register_reset() (line 1030 of file hw/core/loader.c)

tags:

added: qemu

Revision history for this message

Peter Maydell (pmaydell) wrote on 2017-11-03:

This bug is fixed in QEMU master by commits bf1733392ca2 and f33e5e6299288c, which will be in the upcoming QEMU 2.11 release.

(PS: the thing the loader cares about is not elf sections but elf segments in the program header, so the section table and its attributes isn't relevant here, only the program header. In any case your example ELF file loads OK with the bugfixes applied.)

Changed in qemu:
status:	New → Fix Committed

Revision history for this message

Roman (romanzwi000) wrote on 2017-12-14:

Just tested with QEMU 2.10.93 in cygwin: problem does not occour anymore!

Thanks a lot!

Thomas Huth (th-huth) on 2017-12-15

Changed in qemu:
status:	Fix Committed → Fix Released

Report a bug

This report contains Public information

Everyone can see this information.

You are

Subscribing...

Edit bug mail

Other bug subscribers

Bug attachments

Add attachment

Remote bug watches

Bug watches keep track of this bug in other bug trackers.