Hi,

After downgrading qemu from 2.0.0 to 1.7.1, somehow the segmentation fault is gone. The only thing right now, the screen resolution isn't so nice and the mouse events are discarded. In other words, the mouse doesn't work for instance for clicking the buttons on the android UI.

Cheers,
Cem


Cem Akpolat


On Wed, Jul 23, 2014 at 4:22 PM, cem akpolat <akpolatcem@gmail.com> wrote:
Hi,

While running "ARM with Android 2.3.4", the segmentation fault occured.  The parameters that I typed on the console as follows:


$qemu-system-arm -M realview-pbx-a9 -m 512 -kernel l4_gingerbread-arm.elf -serial stdio

And the console outputs:



L4 Bootstrapper
  Build: #14 Wed Jul 20 06:44:48 CEST 2011, 4.5.1
  Scanning up to 512 MB RAM
  Memory size is 512MB (70000000 - 90000000)
  RAM: 0000000070000000 - 000000008fffffff: 524288kB
  Total RAM: 512MB
  mod13: 716c9000-73e2f000: system-arm-ginger.img
  mod12: 715c9000-716c9000: root-arm-ginger.img
  mod11: 712bf000-715c8448: vmlinuz.android
  mod10: 712be000-712be10a: arm_android.io
  mod09: 712bd000-712bd4c1: arm-rv-eb.devs
  mod08: 712bc000-712bc698: lx_ginger-arm.cfg
  mod07: 71292000-712bb5e0: fb-drv
  mod06: 71204000-7129146c: mag
  mod05: 71129000-71203b58: io
  mod04: 710d5000-711281b8: ned
  mod03: 710bb000-710d4510: l4re
  mod02: 71081000-710ba5f0: moe
  mod01: 71077000-7108033c: sigma0
  mod00: 71015000-7107655c: fiasco
  Moving 14 modules to 71100000 with offset eb000
  moving module 14 { 716c9000-73e2f000 } -> { 717b4000-73f1a000 }
  moving module 13 { 715c9000-716c9000 } -> { 716b4000-717b4000 }
  moving module 12 { 712bf000-715c8448 } -> { 713aa000-716b3448 }
  moving module 11 { 712be000-712be10a } -> { 713a9000-713a910a }
  moving module 10 { 712bd000-712bd4c1 } -> { 713a8000-713a84c1 }
  moving module 09 { 712bc000-712bc698 } -> { 713a7000-713a7698 }
  moving module 08 { 71292000-712bb5e0 } -> { 7137d000-713a65e0 }
  moving module 07 { 71204000-7129146c } -> { 712ef000-7137c46c }
  moving module 06 { 71129000-71203b58 } -> { 71214000-712eeb58 }
  moving module 05 { 710d5000-711281b8 } -> { 711c0000-712131b8 }
  moving module 04 { 710bb000-710d4510 } -> { 711a6000-711bf510 }
  moving module 03 { 71081000-710ba5f0 } -> { 7116c000-711a55f0 }
  moving module 02 { 71077000-7108033c } -> { 71162000-7116b33c }
  moving module 01 { 71015000-7107655c } -> { 71100000-7116155c }
  Scanning fiasco -serial_esc
  Scanning sigma0
  Scanning moe rom/lx_ginger-arm.cfg
  Relocated mbi to [0x7100f000-0x7100f1ed]
  Loading fiasco
  Loading sigma0
  Loading moe
  find kernel info page...
  found kernel info page at 0x70002000
Regions of list regions
    [ 70001000,  700019ff] {      a00} Kern   fiasco
    [ 70002000,  70070fff] {    6f000} Kern   fiasco
    [ 70090000,  7009e17b] {     e17c} Sigma0 sigma0
    [ 70140000,  701717f3] {    317f4} Root   moe
    [ 70178000,  7018eec7] {    16ec8} Root   moe
    [ 71000000,  710143eb] {    143ec} Boot   bootstrap
    [ 7100f000,  7100f2ea] {      2eb} Root   Multiboot info
    [ 711a6000,  73f19fff] {  2d74000} Root   Modules Memory
  API Version: (87) experimental
  Sigma0 config    ip:700900e0 sp:71013044
  Roottask config  ip:70140178 sp:00000000
  Starting kernel fiasco at 70001000
Realview System ID: Rev=0 HBI=178 Build=0 Arch=5 FPGA=00
L2: ID=410000c8 Type=1c100100
L2 cache enabled
Hello from Startup::stage2
Initialize page table
Number of IRQs available at this GIC: 96
Vmem_alloc::init()
Cache config: ON
ID_PFR0:  00001031
ID_PFR1:  00000011
ID_DFR0:  00000000
ID_AFR0:  00000000
ID_MMFR0: 00100103
ID_MMFR1: 20000000
ID_MMFR2: 01230000
ID_MMFR3: 00002111
FPU0: Arch: VFPv3(3), Part: VFPv3(30), r: 0, v: 9, i: 41, t: hard, p: dbl/sngl
SERIAL ESC: allocated IRQ 44 for serial uart
Not using serial hack in slow timer handler.
[1;32mWelcome to Fiasco.OC (arm)!
[0;32mL4/Fiasco.OC arm microkernel (C) 1998-2011 TU Dresden
Rev: r36 compiled with gcc 4.5.1 for Realview    []
Build: #5 Tue Jul 19 19:26:41 CEST 2011
[0m
Calibrating timer loop... done.
SIGMA0: Hello!
  KIP @ 70002000
  allocated 4KB for maintenance structures
SIGMA0: Dump of all resource maps
RAM:------------------------
[0:70000000;70000fff]
[0:70071000;7008ffff]
[0:7009f000;7013ffff]
[4:70140000;70171fff]
[0:70172000;70177fff]
[4:70178000;7018efff]
[0:7018f000;7100efff]
[4:7100f000;7100ffff]
[0:71010000;711a5fff]
[4:711a6000;73f19fff]
[0:73f1a000;8effffff]
IOMEM:----------------------
[0:0;6fffffff]
[0:90000000;ffffffff]
MOE: Hello world
MOE: found 460556 KByte free memory
MOE: found RAM from 70000000 to 8f000000
MOE: allocated 496 KByte for the page array @0x7009f000
MOE: virtual user address space [0-bfffffff]
MOE: rom name space cap -> [C:501000]
  BOOTFS: [711a6000-711bf510] [C:503000] l4re
  BOOTFS: [711c0000-712131b8] [C:504000] ned
  BOOTFS: [71214000-712eeb58] [C:505000] io
  BOOTFS: [712ef000-7137c46c] [C:506000] mag
  BOOTFS: [7137d000-713a65e0] [C:507000] fb-drv
  BOOTFS: [713a7000-713a7698] [C:508000] lx_ginger-arm.cfg
  BOOTFS: [713a8000-713a84c1] [C:509000] arm-rv-eb.devs
  BOOTFS: [713a9000-713a910a] [C:50a000] arm_android.io
  BOOTFS: [713aa000-716b3448] [C:50b000] vmlinuz.android
  BOOTFS: [716b4000-717b4000] [C:50c000] root-arm-ginger.img
  BOOTFS: [717b4000-73f1a000] [C:50d000] system-arm-ginger.img
MOE: cmdline: moe rom/lx_ginger-arm.cfg
MOE: Starting: rom/ned rom/lx_ginger-arm.cfg
MOE: loading 'rom/ned'
Ned says: Hi World!
Ned: loading file: 'rom/lx_ginger-arm.cfg'
[31mio      | Io service [0m
[31mio      | Ready. Waiting for request. [0m
[36mfb      | libio: Warning: Finding 'icu' in system bus failed with 'No such object found' [0m
[36mfb      | Using LCD driver: ARM AMBA PrimeCell 11x [0m
[32mmag     | Hello from MAG [0m
[36mfb      | Video memory is at virtual 0x4000 (size: 0x96000 Bytes) [0m
[36mfb      | Physical video memory is at 0x704df000 [0m
[36mfb      | Color mode: 10:5:0  5:5:5 [0m
[36mfb      | Detected a 'Unknown' device. [0m
[36mfb      | Configure 8.4 CLCD [0m
[36mfb      | Starting server loop [0m
[32mmag     | mapped frame buffer at 0x200000 [0m
[32mmag     | View::Info: [0m
[32mmag     |   flags: 0 [0m
[32mmag     |   size:  640x480  pos: 0, 0 [0m
[32mmag     |   bytes_per_line: 1280 [0m
[32mmag     |   buffer_offset:  0 [0m
[32mmag     |   RGBA(2): 5(10):5(5):5(0):0(0) [0m
[32mmag     |   memory 200000-296000 [0m
[32mmag     | Plugin: Mag_client service started [0m
[32mmag     | Plugin: Frame-buffer service started [0m
[32mmag     | L4INPUT native mode activated [0m
[32mmag     | L4INPUT:                !!! W A R N I N G !!! [0m
[32mmag     | L4INPUT:  Please, do not use Fiasco's "-esc" with L4INPUT. [0m
[32mmag     | L4INPUT:                !!! W A R N I N G !!! [0m [32m [0m
[32mmag     | pl050: got memory 10006000, virtual base at 0x102000, IRQ 52 [0m
[32mmag     | input: AT Raw Set 2 keyboard on AMBA KMI Kbd [0m
[32mmag     | pl050: got memory 10007000, virtual base at 0x103000, IRQ 53 [0m
[32mmag     | input: ImExPS/2 Generic Explorer Mouse on AMBA KMI mou [0m
[32mmag     | l4drv: Could not find driver for OMAP_TSC. [0m
[32mmag     | l4drv: Could not find driver for OMAP_KP. [0m
[32mmag     | connect "AT Raw Set 2 keyboard", AMBA KMI Kbd/input0 [0m
[32mmag     | connect "ImExPS/2 Generic Explorer Mouse", AMBA KMI mou/input0 [0m
[33mandroid | libio: Warning: Finding 'icu' in system bus failed with 'No such device' [0m
[33mandroid | PH  0 (t:        1) offs=00008000 vaddr=00100000 vend=004dc140 [0m
[33mandroid |                     f_sz= [0m [33m002eb484 memsz=003dc140 flgs=rwx [0m
[33mandroid | PH  1 (t:        4) offs=002f3460 vaddr=003eb460 vend=003eb484 [0m
[33mandroid |                     f_sz= [0m [33m00000024 memsz=00000024 flgs=r-x [0m
[33mandroid | PH  2 (t: 1685382481) offs=00000000 vaddr=00000000 vend=00000000 [0m
[33mandroid |                     f_sz= [0m [33m00000000 memsz=00000000 flgs=rwx [0m
[33mandroid | Starting binary at 0x11f330, argc=15 argv=0x80007f6c *argv=0xb1007fec argv0=rom/vmlinuz.android [0m
[33mandroid | External resolver is at 0xa8000670 [0m
[33mandroid | [34;1m======> L4Linux 2.6 starting... <======== [0m [0m
[33mandroid | Linux version 2.6.39-l4-g8b7f1ac-dirty (mlange@rhea) (gcc version 4.5.1 (Sourcery G++ Lite 2010.09-50) ) #20 Tue Jul 19 20:21:49 CEST 2011 [0m
[33mandroid | Binary name: rom/vmlinuz.android [0m
[33mandroid |    This is an AEABI build. [0m
[33mandroid | Linux kernel command line (14 args): [0m [33mconsole=ttyLv0 androidboot.console=ttyLv0 mem=256M l4bdds.add=rom/system-arm-ginger.img,rw boot=local android.ril=ttyLv1 ip=dhcp l4x_rd=rom/root-arm-ginger.img rw root=1:0 ramdisk_size=1500 init=/init --debug l4fb.touchscreen=1 [0m [33m [0m
[33mandroid | CPU mapping (l:p)[1]: 0:0 [0m
[33mandroid | Image: 00100000 - 00500000 [4096 KiB]. [0m
[33mandroid | Areas: Text:     00100000 - 003cc000 [2864kB] (a bit longer) [0m
[33mandroid |        Data:     003cc000 - 003e67c0 [105kB] [0m
[33mandroid |        Initdata: 00100000 - 0011e000 [120kB] [0m
[33mandroid |        BSS:      003eb484 - 004dc140 [963kB] [0m
[33mandroid | Device scan: [0m
[33mandroid | l4lx_thread_create: Created thread 415 (cpu0) (u:b3000400, v:b3000600, sp:003cdff0) [0m
[33mandroid | main thread will be 415 [0m
[33mandroid | l4x_register_pointer_section: addr = 00100000 size = 4050944 [0m
[33mandroid | section-with-init: virt: 0x100000 to 0x4dc13f [3952 KiB] [0m
[33mandroid | section-with-init: Phys: 0x7070d000 to 0x70ae9140, Size:  4047168 [0m
[33mandroid | l4x_linux_startup: thread 415. [0m
[33mandroid | Main thread running, waiting... [0m
[33mandroid | main thread: received startup message. [0m
[33mandroid | utcb 0xb3000400 [0m
[33mandroid | l4x_setup_memory: Forcing superpages for main memory [0m
[33mandroid | l4re_global_env: 0xb1007e54 [0m
[33mandroid | Main memory size: 256MB [0m
[33mandroid |     Main memory: virt: 0x500000 to 0x104fffff [262144 KiB] [0m
[33mandroid |     Main memory: Phys: 0x74000000 to 0x84000000, Size: 268435456 [0m
[33mandroid | Filling lower ptabs... [0m
[33mandroid | Done (289 entries). [0m
[33mandroid | l4x_register_pointer_section: addr = 004ff000 size = 4096 [0m
[33mandroid |             end: virt: 0x4ff000 to 0x4fffff [4 KiB] [0m
[33mandroid |             end: Phys: 0x70aeb000 to 0x70aec000, Size:     4096 [0m
[33mandroid | l4x_rd_path: rom/root-arm-ginger.img [0m
[33mandroid | Loading: rom/root-arm-ginger.img [0m
[33mandroid | INITRD: Size of RAMdisk is 1024KiB [0m
[33mandroid | RAMdisk from 10500000 to 10600000 [1024KiB] [0m
[33mandroid | l4lx_thread_create: Created thread 41b (timer.i0) (u:b3000800, v:00000000, sp:00405ff4) [0m
[33mandroid | timer_irq_thread: Starting timer IRQ thread. [0m
Linux version 2.6.39-l4-g8b7f1ac-dirty (mlange@rhea) (gcc version 4.5.1 (Sourcery G++ Lite 2010.09-50) ) #20 Tue Jul 19 20:21:49 CEST 2011
CPU: Fiasco [860f0001] revision 1 (ARMvundefined/unknown), cr=00000000
CPU: unknown data cache, unknown instruction cache
cpu_v7_proc_init
Machine: L4
Memory policy: ECC disabled, Data cache writeback
arm926_flush_kern_cache_all()
INITRD: 10500000 - 10600000
Built 1 zonelists in Zone order, mobility grouping on.  Total pages: 66039
Kernel command line: console=ttyLv0 androidboot.console=ttyLv0 mem=256M l4bdds.add=rom/system-arm-ginger.img,rw boot=local android.ril=ttyLv1 ip=dhcp l4x_rd=rom/root-arm-ginger.img rw root=1:0 ramdisk_size=1500 init=/init --debug l4fb.touchscreKernePID hash table entries: 2048 (order: 1, 8192 bytes)
Dentry cache hash table entries: 65536 (order: 6, 262144 bytes)
Inode-cache hash table entries: 32768 (order: 5, 131072 bytes)
Memory: 0MB 260MB = 260MB total
Memory: 259580k/259580k available, 6664k reserved, 0K highmem
Virtual kernel memory layout:
    vector  : 0xbffff000 - 0xc0000000   (   4 kB)
    fixmap  : 0xfff00000 - 0xfffe0000   ( 896 kB)
    DMA     : 0xffc00000 - 0xffe00000   (   2 MB)
    vmalloc : 0x10600000 - 0x18600000   ( 128 MB)
    lowmem  : 0x00000000 - 0x10500000   ( 261 MB)
    modules : 0xff100000 - 0x00100000   (  16 MB)
      .init : 0x00100000 - 0x0011e000   ( 120 kB)
      .text : 0x0011f000 - 0x003ca298   (2733 kB)
      .data : 0x003cc000 - 0x003e67c0   ( 106 kB)
NR_IRQS:220
l4lx_irq_init: l4lx_irq_max = 220
l4lx_irq_dev_startup_timer(0)
Console: colour dummy device 80x30
console [ttyLv0] enabled
Calibrating delay loop... 53.04 BogoMIPS (lpj=265216)
pid_max: default: 32768 minimum: 301
Mount-cache hash table entries: 512
CPU: Testing write buffer coherency: ok
NET: Registered protocol family 16
bio: create slab <bio-0> at 0
Advanced Linux Sound Architecture Driver Version 1.0.24.
Switching to clocksource kip
NET: Registered protocol family 2
IP route cache hash table entries: 4096 (order: 2, 16384 bytes)
TCP established hash table entries: 16384 (order: 5, 131072 bytes)
TCP bind hash table entries: 16384 (order: 4, 65536 bytes)
TCP: Hash tables configured (established 16384 bind 16384)
TCP reno registered
UDP hash table entries: 256 (order: 0, 4096 bytes)
UDP-Lite hash table entries: 256 (order: 0, 4096 bytes)
NET: Registered protocol family 1
Trying to unpack rootfs image as initramfs...
rootfs image is not initramfs (junk in compressed archive); looks like an initrd
INITRD: Freeing memory.
ashmem: initialized
msgmni has been set to 506
io scheduler noop registered
io scheduler deadline registered
io scheduler cfq registered (default)
l4fb l4fb.0: look for capability 'fb' as goos session
l4fb l4fb.0: 640x480@16 2bypp, size: 614400 @ 10500000
l4fb l4fb.0: 5:5:5 10:5:0 linelen=1280 visual=2
Console: switching to colour frame buffer device 80x30
l4fb l4fb.0: l4fb L4 frame buffer device (refresh: 10jiffies)
input: L4keyb '0' as /devices/virtual/input/input0
input: L4mouse '0' as /devices/virtual/input/input1
L4 serial driver
ttyLv0 at MMIO 0x1 (irq = 210) is a L4
brd: module loaded
l4bdds: Disk 'rom/system-arm-ginger.img' size = 40344 KB (39 MB) flags=101 addr=18600000
------------[ cut here ]------------
WARNING: at /home/mlange/projects/l4android/kernel/kernel/softirq.c:159 local_bh_enable+0x9c/0xa8()
Modules linked in:
[<0012bc80>] (unwind_backtrace+0x0/0xf8) from [<0013c638>] (warn_slowpath_common+0x54/0x64)
[<0013c638>] (warn_slowpath_common+0x54/0x64) from [<0013c664>] (warn_slowpath_null+0x1c/0x24)
[<0013c664>] (warn_slowpath_null+0x1c/0x24) from [<001420a0>] (local_bh_enable+0x9c/0xa8)
[<001420a0>] (local_bh_enable+0x9c/0xa8) from [<0018f408>] (bdi_register+0x100/0x164)
[<0018f408>] (bdi_register+0x100/0x164) from [<0018f498>] (bdi_register_dev+0x2c/0x34)
[<0018f498>] (bdi_register_dev+0x2c/0x34) from [<00214ce8>] (add_disk+0x74/0x250)
[<00214ce8>] (add_disk+0x74/0x250) from [<0011088c>] (l4bdds_init+0x238/0x294)
[<0011088c>] (l4bdds_init+0x238/0x294) from [<0011f488>] (do_one_initcall+0x34/0x17c)
[<0011f488>] (do_one_initcall+0x34/0x17c) from [<00100774>] (kernel_init+0xb4/0x144)
[<00100774>] (kernel_init+0xb4/0x144) from [<00123770>] (kernel_thread_exit+0x0/0x8)
---[ end trace ff4e3c975709dc7d ]---
l4bdds0: detected capacity change from 0 to 41312256
 l4bdds0: unknown partition table
mousedev: PS/2 mouse device common for all mice
logger: created 64K log 'log_main'
logger: created 256K log 'log_events'
logger: created 64K log 'log_radio'
logger: created 64K log 'log_system'
ALSA device list:
  #0: Dummy 1
TCP cubic registered
NET: Registered protocol family 17
VFP support v0.3: implementor 41 architecture 3 part 30 variant 9 rev 0
/home/mlange/projects/l4android/kernel/drivers/rtc/hctosys.c: unable to open rtc device (rtc0)
[32mmag     | Input: new pointer device (src='userdata: 0x1e510' stream='userdata: 0x1dd0c') [0m
[32mmag     |                            bus='i8042' vendor=0x2 product=0x6 version=0 [0m [32m [0m
RAMDISK: ext2 filesystem found at block 0
RAMDISK: Loading 1024KiB [1 disk] into ram disk... | / - \ | / - \ | / - \ | / - \ | / - \ | / - \ | / - \ | / - \ | / - \ | / - \ | / - \ | / - \ | / - \ | / - \ | / - \ | / - \ done.
VFS: Mounted root (ext2 filesystem) on device 1:0.
Freeing init memory: 120K
init: Timed out waiting for /dev/.coldboot_done
init: cannot open '/initlogo.rle'
init (1): /proc/1/oom_adj is deprecated, please use /proc/1/oom_score_adj instead.
init: cannot find '/system/etc/install-recovery.sh', disabling 'flash_recovery'
init: service 'console' requires console
[32mmag     | Input: new keyboard device (src='userdata: 0x1e510' stream='userdata: 0x13788') [0m
[32mmag     |                            bus='i8042' vendor=0x1 product=0x2 version=43907 [0m [32m [0m
[33mandroid | cpu0: segfault for servicemanager(22) [T:9d] at 00000000, ip=00008cfa, pferror = 4 [0m
[33mandroid | 00008000 - 0000a000 r-xp 00000 /system/bin/servicemanager <==== [0m
[33mandroid | 0000a000 - 0000b000 rwxp 00002 /system/bin/servicemanager [0m
[33mandroid | 0000b000 - 0000c000 rwxp [0m
[33mandroid | 40037000 - 4003f000 r-xs 00000 /dev/__properties__ (deleted) [0m
[33mandroid | 40051000 - 40052000 r-xp [0m
[33mandroid | afa00000 - afa03000 r-xp 00000 /system/lib/liblog.so [0m
[33mandroid | afa03000 - afa04000 rwxp 00003 /system/lib/liblog.so [0m
[33mandroid | afb00000 - afb16000 r-xp 00000 /system/lib/libm.so [0m
[33mandroid | afb16000 - afb17000 rwxp 00016 /system/lib/libm.so [0m
[33mandroid | afc00000 - afc01000 r-xp 00000 /system/lib/libstdc++.so [0m
[33mandroid | afc01000 - afc02000 rwxp 00001 /system/lib/libstdc++.so [0m
[33mandroid | afd00000 - afd40000 r-xp 00000 /system/lib/libc.so [0m
[33mandroid | afd40000 - afd43000 rwxp 00040 /system/lib/libc.so [0m
[33mandroid | afd43000 - afd4e000 rwxp [0m
[33mandroid | b0001000 - b0009000 r-xp 00001 /system/bin/linker [0m
[33mandroid | b0009000 - b000a000 rwxp 00009 /system/bin/linker [0m
[33mandroid | b000a000 - b0013000 rwxp [0m
[33mandroid | bf445000 - bf467000 rw-p [0m
[33mandroid | ffff0000 - ffff1000 r-xp [0m
[33mandroid | 0: 00000000 40046207 00000000 bf466ccc  4: 000086e4 0000a170 00000000 bf466ccc [0m
[33mandroid | 8: 00000000 00000000 00000000 00000000 12: 00000000 [01;34mbf466c90 [0m 000087d1 [01;34m00008cfa [0m [0m
[33mandroid | CPSR: 60000030 Err: 00000004 [0m
[1;25r [25;1H
[32m    --------------------------------------------------------------------- [m      
    CPU 0 [f001337c]: segfault
[25;1H [32m[       l4lx.cpu0] jdb: [m [K

===============


Cheers,
Cem

Cem Akpolat