From: KONRAD Frederic <fred.konrad@greensocs.com>
To: "Alex Bennée" <alex.bennee@linaro.org>,
"Pranith Kumar" <bobby.prani@gmail.com>
Cc: MTTCG Devel <mttcg@listserver.greensocs.com>,
Paolo Bonzini <pbonzini@redhat.com>,
QEMU Developers <qemu-devel@nongnu.org>,
alvise rigo <a.rigo@virtualopensystems.com>
Subject: Re: [Qemu-devel] Status of my hacks on the MTTCG WIP branch
Date: Thu, 14 Jan 2016 14:12:31 +0100 [thread overview]
Message-ID: <56979EBF.7050701@greensocs.com> (raw)
In-Reply-To: <87io2wcnnk.fsf@linaro.org>
Le 14/01/2016 14:10, Alex Bennée a écrit :
> Alex Bennée <alex.bennee@linaro.org> writes:
>
>> Pranith Kumar <bobby.prani@gmail.com> writes:
>>
>>> Hi Alex,
>>>
>>> On Tue, Jan 12, 2016 at 12:29 PM, Alex Bennée <alex.bennee@linaro.org>
>>> wrote:
>>>
>>> https://github.com/stsquad/qemu/tree/mttcg/multi_tcg_v8_wip_ajb_fix_locks
>>> I built this branch and ran an arm64 guest. It seems to be failing
>>> similarly to what I reported earlier:
>>>
>>> #0 0x00007ffff2211cc9 in __GI_raise (sig=sig@entry=6) at
>>> ../nptl/sysdeps/unix/sysv/linux/raise.c:56
>>> #1 0x00007ffff22150d8 in __GI_abort () at abort.c:89
>>> #2 0x000055555572014c in qemu_ram_addr_from_host_nofail
>>> (ptr=0xffffffc000187863) at /home/pranith/devops/code/qemu/cputlb.c:357
>>> #3 0x00005555557209dd in get_page_addr_code (env1=0x555556702058,
>>> addr=18446743798833248356) at /home/pranith/devops/code/qemu/cputlb.c:568
>>> #4 0x00005555556db98c in tb_find_physical (cpu=0x5555566f9dd0,
>>> pc=18446743798833248356, cs_base=0, flags=18446744071830503424) at
>>> /home/pranith/devops/code/qemu/cpu-exec.c:224
>>> #5 0x00005555556dbaf4 in tb_find_slow (cpu=0x5555566f9dd0,
>>> pc=18446743798833248356, cs_base=0, flags=18446744071830503424) at
>>> /home/pranith/devops/code/qemu/cpu-exec.c:268
>>> #6 0x00005555556dbc77 in tb_find_fast (cpu=0x5555566f9dd0) at
>>> /home/pranith/devops/code/qemu/cpu-exec.c:311
>>> #7 0x00005555556dc0f1 in cpu_arm_exec (cpu=0x5555566f9dd0) at
>>> /home/pranith/devops/code/qemu/cpu-exec.c:492
>>> #8 0x00005555557050ee in tcg_cpu_exec (cpu=0x5555566f9dd0) at
>>> /home/pranith/devops/code/qemu/cpus.c:1486
>>> #9 0x00005555557051af in tcg_exec_all (cpu=0x5555566f9dd0) at
>>> /home/pranith/devops/code/qemu/cpus.c:1515
>>> #10 0x0000555555704800 in qemu_tcg_cpu_thread_fn (arg=0x5555566f9dd0) at
>>> /home/pranith/devops/code/qemu/cpus.c:1187
>>> #11 0x00007ffff25a8182 in start_thread (arg=0x7fffd20c8700) at
>>> pthread_create.c:312
>>> #12 0x00007ffff22d547d in clone () at
>>> ../sysdeps/unix/sysv/linux/x86_64/clone.S:111
> <snip>
>
> Having seen a backtrace of a crash while the other thread was flushing
> the TLB entries I sprinkled a bunch of:
>
> g_assert(cpu == current_cpu);
>
> In all public functions in cputlb that took a CPU. There are a bunch of
> cases that don't defer actions across CPUs which need to be fixed up. I
> suspect they don't hit in the arm case because the type of TLB flushing
> pattern is different. In aarch64 it my backtrace it was triggered by
> tlbi_aa64_vae1is_write:
>
> 7 Thread 0x7ffe777fe700 (LWP 32705) "worker" sem_timedwait () at ../nptl/sysdeps/unix/sysv/linux/x86_64/sem_timedwait.S:101
> 6 Thread 0x7ffe77fff700 (LWP 32704) "worker" sem_timedwait () at ../nptl/sysdeps/unix/sysv/linux/x86_64/sem_timedwait.S:101
> 5 Thread 0x7fff8d9d0700 (LWP 32703) "CPU 1/TCG" 0x000055555572cc18 in memcpy (__len=8, __src=<synthetic pointer>, __dest=<optimised out>)
> at /usr/include/x86_64-linux-gnu/bits/string3.h:51
> * 4 Thread 0x7fff8e1d1700 (LWP 32702) "CPU 0/TCG" memset () at ../sysdeps/x86_64/memset.S:94
> 3 Thread 0x7fff8f1cb700 (LWP 32701) "worker" sem_timedwait () at ../nptl/sysdeps/unix/sysv/linux/x86_64/sem_timedwait.S:101
> 2 Thread 0x7fffe45c8700 (LWP 32700) "qemu-system-aar" syscall () at ../sysdeps/unix/sysv/linux/x86_64/syscall.S:38
> 1 Thread 0x7ffff7f98c00 (LWP 32696) "qemu-system-aar" 0x00007ffff0ba01ef in __GI_ppoll (fds=0x5555575cb5b0, nfds=8, timeout=<optimised out>,
> timeout@entry=0x7fffffffdf60, sigmask=sigmask@entry=0x0) at ../sysdeps/unix/sysv/linux/ppoll.c:56
> #0 memset () at ../sysdeps/x86_64/memset.S:94
> #1 0x0000555555728bee in memset (__len=32768, __ch=0, __dest=0x555556632568) at /usr/include/x86_64-linux-gnu/bits/string3.h:84
> #2 v_tlb_flush_by_mmuidx (argp=0x7fff8e1d0430, cpu=0x555556632380) at /home/alex/lsrc/qemu/qemu.git/cputlb.c:136
> #3 tlb_flush_page_by_mmuidx (cpu=cpu@entry=0x555556632380, addr=addr@entry=547976253440) at /home/alex/lsrc/qemu/qemu.git/cputlb.c:243
> #4 0x00005555557fcb4a in tlbi_aa64_vae1is_write (env=<optimised out>, ri=<optimised out>, value=<optimised out>)
> at /home/alex/lsrc/qemu/qemu.git/target-arm/helper.c:2757
> #5 0x00007fffa441dac5 in code_gen_buffer ()
> #6 0x00005555556eef4b in cpu_tb_exec (tb_ptr=<optimised out>, cpu=0x5555565eddd0) at /home/alex/lsrc/qemu/qemu.git/cpu-exec.c:157
> #7 cpu_arm_exec (cpu=cpu@entry=0x5555565eddd0) at /home/alex/lsrc/qemu/qemu.git/cpu-exec.c:520
> #8 0x00005555557108e8 in tcg_cpu_exec (cpu=0x5555565eddd0) at /home/alex/lsrc/qemu/qemu.git/cpus.c:1486
> #9 tcg_exec_all (cpu=0x5555565eddd0) at /home/alex/lsrc/qemu/qemu.git/cpus.c:1515
> #10 qemu_tcg_cpu_thread_fn (arg=0x5555565eddd0) at /home/alex/lsrc/qemu/qemu.git/cpus.c:1187
> #11 0x00007ffff0e80182 in start_thread (arg=0x7fff8e1d1700) at pthread_create.c:312
> #12 0x00007ffff0bad47d in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:111
> [Switching to thread 5 (Thread 0x7fff8d9d0700 (LWP 32703))]
> #0 0x000055555572cc18 in memcpy (__len=8, __src=<synthetic pointer>, __dest=<optimised out>) at /usr/include/x86_64-linux-gnu/bits/string3.h:51
> 51 return __builtin___memcpy_chk (__dest, __src, __len, __bos0 (__dest));
> #0 0x000055555572cc18 in memcpy (__len=8, __src=<synthetic pointer>, __dest=<optimised out>) at /usr/include/x86_64-linux-gnu/bits/string3.h:51
> #1 stq_he_p (v=<optimised out>, ptr=<optimised out>) at /home/alex/lsrc/qemu/qemu.git/include/qemu/bswap.h:292
> #2 stq_le_p (v=547973099520, ptr=<optimised out>) at /home/alex/lsrc/qemu/qemu.git/include/qemu/bswap.h:327
> #3 helper_le_stq_mmu (env=0x55555663a608, addr=18446743801961580216, val=547973099520, oi=<optimised out>, retaddr=140735948385557)
> at /home/alex/lsrc/qemu/qemu.git/softmmu_template.h:455
> #4 0x00007fffa435ed17 in code_gen_buffer ()
> #5 0x00005555556eef4b in cpu_tb_exec (tb_ptr=<optimised out>, cpu=0x555556632380) at /home/alex/lsrc/qemu/qemu.git/cpu-exec.c:157
> #6 cpu_arm_exec (cpu=cpu@entry=0x555556632380) at /home/alex/lsrc/qemu/qemu.git/cpu-exec.c:520
> #7 0x00005555557108e8 in tcg_cpu_exec (cpu=0x555556632380) at /home/alex/lsrc/qemu/qemu.git/cpus.c:1486
> #8 tcg_exec_all (cpu=0x555556632380) at /home/alex/lsrc/qemu/qemu.git/cpus.c:1515
> #9 qemu_tcg_cpu_thread_fn (arg=0x555556632380) at /home/alex/lsrc/qemu/qemu.git/cpus.c:1187
> #10 0x00007ffff0e80182 in start_thread (arg=0x7fff8d9d0700) at pthread_create.c:312
> #11 0x00007ffff0bad47d in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:111
> A debugging session is active.
>
> Needless to say anything messing with structures used by the other
> threads needs to take great care or doom will occur ;-)
>
> I'll look at fixing them up in my tree while Fred finishes his re-base.
>
> --
> Alex Bennée
Hi,
Is that possible those one have been added since the V7 version?
I saw some changes there.
Thanks,
Fred
next prev parent reply other threads:[~2016-01-14 13:12 UTC|newest]
Thread overview: 20+ messages / expand[flat|nested] mbox.gz Atom feed top
2016-01-12 17:29 [Qemu-devel] Status of my hacks on the MTTCG WIP branch Alex Bennée
2016-01-12 20:23 ` Pranith Kumar
2016-01-13 10:28 ` Alex Bennée
2016-01-14 13:10 ` Alex Bennée
2016-01-14 13:12 ` KONRAD Frederic [this message]
2016-01-14 13:58 ` Alex Bennée
2016-01-15 13:53 ` Alex Bennée
2016-01-15 14:24 ` Pranith Kumar
2016-01-15 14:30 ` KONRAD Frederic
2016-01-15 14:46 ` Alex Bennée
2016-01-15 14:49 ` KONRAD Frederic
2016-01-15 16:02 ` Paolo Bonzini
2016-01-15 14:32 ` alvise rigo
2016-01-15 14:51 ` Alex Bennée
2016-01-15 15:08 ` alvise rigo
2016-01-15 15:25 ` Alex Bennée
2016-01-15 16:34 ` alvise rigo
2016-01-15 16:59 ` Alex Bennée
2016-01-18 19:09 ` Alex Bennée
2016-01-19 8:31 ` alvise rigo
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=56979EBF.7050701@greensocs.com \
--to=fred.konrad@greensocs.com \
--cc=a.rigo@virtualopensystems.com \
--cc=alex.bennee@linaro.org \
--cc=bobby.prani@gmail.com \
--cc=mttcg@listserver.greensocs.com \
--cc=pbonzini@redhat.com \
--cc=qemu-devel@nongnu.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.