QEMU

  1. Bug #1758819
  2. Comment #3

Comment 3 for bug 1758819

Revision history for this message
Nathan Wallace (nathanwaffles) wrote :

I am also able to reproduce this bug. The problem is that when hvf is enabled, qemu will attempt to execute the xgetbv instruction, which isn't supported on my processor (Intel Xeon X5670).

Here is a stack trace from lldb; the behavior is 100% reproducible for me.

nathan@Nathans-Mac-Pro:~/src/qemu/qemu-3.0.0/x86_64-softmmu
$ lldb -- qemu-system-x86_64 --accel hvf
(lldb) target create "qemu-system-x86_64"
runCurrent executable set to 'qemu-system-x86_64' (x86_64).
(lldb) settings set -- target.run-args "--accel" "hvf"
(lldb) run
Process 27479 launched: '/Users/nathan/src/qemu/qemu-3.0.0/x86_64-softmmu/qemu-system-x86_64' (x86_64)
Process 27479 stopped
* thread #1, queue = 'com.apple.main-thread', stop reason = EXC_BAD_INSTRUCTION (code=EXC_I386_INVOP, subcode=0x0)
    frame #0: 0x00000001001bca3a qemu-system-x86_64`xgetbv(xcr=0) at x86_cpuid.c:34
   31 {
   32 uint32_t eax, edx;
   33
-> 34 __asm__ volatile ("xgetbv"
   35 : "=a" (eax), "=d" (edx)
   36 : "c" (xcr));
   37
Target 0: (qemu-system-x86_64) stopped.
(lldb) bt
* thread #1, queue = 'com.apple.main-thread', stop reason = EXC_BAD_INSTRUCTION (code=EXC_I386_INVOP, subcode=0x0)
  * frame #0: 0x00000001001bca3a qemu-system-x86_64`xgetbv(xcr=0) at x86_cpuid.c:34
    frame #1: 0x00000001001bc8a6 qemu-system-x86_64`hvf_get_supported_cpuid(func=13, idx=0, reg=0) at x86_cpuid.c:116
    frame #2: 0x0000000100143a21 qemu-system-x86_64`x86_cpu_get_supported_feature_word(w=FEAT_XSAVE_COMP_LO, migratable_only=false) at cpu.c:3498
    frame #3: 0x000000010014367d qemu-system-x86_64`x86_cpu_filter_features(cpu=0x00000001040a2c00) at cpu.c:4749
    frame #4: 0x0000000100146c65 qemu-system-x86_64`x86_cpu_realizefn(dev=0x00000001040a2c00, errp=0x00007ffeefbfd620) at cpu.c:4834
    frame #5: 0x000000010028a84b qemu-system-x86_64`device_set_realized(obj=0x00000001040a2c00, value=true, errp=0x00007ffeefbfd7d0) at qdev.c:826
    frame #6: 0x00000001004b6d4d qemu-system-x86_64`property_set_bool(obj=0x00000001040a2c00, v=0x0000000101c49a20, name="realized", opaque=0x0000000101a996d0, errp=0x00007ffeefbfd7d0) at object.c:1984
    frame #7: 0x00000001004b4ae8 qemu-system-x86_64`object_property_set(obj=0x00000001040a2c00, v=0x0000000101c49a20, name="realized", errp=0x00007ffeefbfd7d0) at object.c:1176
    frame #8: 0x00000001004b8e8a qemu-system-x86_64`object_property_set_qobject(obj=0x00000001040a2c00, value=0x0000000101c49a00, name="realized", errp=0x00007ffeefbfd7d0) at qom-qobject.c:27
    frame #9: 0x00000001004b5092 qemu-system-x86_64`object_property_set_bool(obj=0x00000001040a2c00, value=true, name="realized", errp=0x00007ffeefbfd7d0) at object.c:1242
    frame #10: 0x000000010010ae20 qemu-system-x86_64`pc_new_cpu(typename="qemu64-x86_64-cpu", apic_id=0, errp=0x0000000100c44de0) at pc.c:1107
    frame #11: 0x000000010010af4c qemu-system-x86_64`pc_cpus_init(pcms=0x0000000101d630b0) at pc.c:1155
    frame #12: 0x000000010011294e qemu-system-x86_64`pc_init1(machine=0x0000000101d630b0, host_type="i440FX-pcihost", pci_type="i440FX") at pc_piix.c:153
    frame #13: 0x0000000100112640 qemu-system-x86_64`pc_init_v3_0(machine=0x0000000101d630b0) at pc_piix.c:438
    frame #14: 0x0000000100291f25 qemu-system-x86_64`machine_run_board_init(machine=0x0000000101d630b0) at machine.c:830
    frame #15: 0x00000001001e583f qemu-system-x86_64`qemu_main(argc=3, argv=0x00007ffeefbff818, envp=0x00007ffeefbff838) at vl.c:4516
    frame #16: 0x0000000100486459 qemu-system-x86_64`-[QemuCocoaAppController startEmulationWithArgc:argv:](self=0x0000000101c16510, _cmd="startEmulationWithArgc:argv:", argc=3, argv=0x00007ffeefbff818) at cocoa.m:1093
    frame #17: 0x00000001004862f7 qemu-system-x86_64`-[QemuCocoaAppController applicationDidFinishLaunching:](self=0x0000000101c16510, _cmd="applicationDidFinishLaunching:", note=@"NSApplicationDidFinishLaunchingNotification") at cocoa.m:1045
    frame #18: 0x00007fff4c99447c CoreFoundation`__CFNOTIFICATIONCENTER_IS_CALLING_OUT_TO_AN_OBSERVER__ + 12
    frame #19: 0x00007fff4c99434a CoreFoundation`_CFXRegistrationPost + 458
    frame #20: 0x00007fff4c994081 CoreFoundation`___CFXNotificationPost_block_invoke + 225
    frame #21: 0x00007fff4c952c12 CoreFoundation`-[_CFXNotificationRegistrar find:object:observer:enumerator:] + 1826
    frame #22: 0x00007fff4c951ca3 CoreFoundation`_CFXNotificationPost + 659
    frame #23: 0x00007fff4ea7c817 Foundation`-[NSNotificationCenter postNotificationName:object:userInfo:] + 66
    frame #24: 0x00007fff4a041206 AppKit`-[NSApplication _postDidFinishNotification] + 313
    frame #25: 0x00007fff4a040e4f AppKit`-[NSApplication _sendFinishLaunchingNotification] + 220
    frame #26: 0x00007fff49f13ab3 AppKit`-[NSApplication(NSAppleEventHandling) _handleAEOpenEvent:] + 562
    frame #27: 0x00007fff49f136e9 AppKit`-[NSApplication(NSAppleEventHandling) _handleCoreEvent:withReplyEvent:] + 690
    frame #28: 0x00007fff4eabf664 Foundation`-[NSAppleEventManager dispatchRawAppleEvent:withRawReply:handlerRefCon:] + 287
    frame #29: 0x00007fff4eabf4e2 Foundation`_NSAppleEventManagerGenericHandler + 102
    frame #30: 0x00007fff4da97dd0 AE`aeDispatchAppleEvent(AEDesc const*, AEDesc*, unsigned int, unsigned char*) + 1788
    frame #31: 0x00007fff4da97677 AE`dispatchEventAndSendReply(AEDesc const*, AEDesc*) + 41
    frame #32: 0x00007fff4da97565 AE`aeProcessAppleEvent + 383
    frame #33: 0x00007fff4bc6e4a0 HIToolbox`AEProcessAppleEvent + 55
    frame #34: 0x00007fff49f0ed32 AppKit`_DPSNextEvent + 2788
    frame #35: 0x00007fff4a6a4e34 AppKit`-[NSApplication(NSEvent) _nextEventMatchingEventMask:untilDate:inMode:dequeue:] + 3044
    frame #36: 0x00007fff49f03885 AppKit`-[NSApplication run] + 764
    frame #37: 0x0000000100489161 qemu-system-x86_64`main(argc=3, argv=0x00007ffeefbff818) at cocoa.m:1537
    frame #38: 0x00007fff7493e015 libdyld.dylib`start + 1
    frame #39: 0x00007fff7493e015 libdyld.dylib`start + 1
(lldb) p xcr
(uint32_t) $0 = 0