From: "Philippe Mathieu-Daudé" <philmd@linaro.org>
To: "Richard Henderson" <richard.henderson@linaro.org>,
"Pierrick Bouvier" <pierrick.bouvier@linaro.org>,
"Alex Bennée" <alex.bennee@linaro.org>
Cc: Alexandre Iooss <erdnaxe@crans.org>,
qemu-devel@nongnu.org, Mahmoud Mandour <ma.mandourr@gmail.com>
Subject: Re: [PATCH v2 08/12] plugins: Use tb_flush__exclusive
Date: Wed, 24 Sep 2025 05:18:52 +0200 [thread overview]
Message-ID: <d40596b3-3790-4d4a-ab2a-0ddd2e92bae8@linaro.org> (raw)
In-Reply-To: <d8f4298e-f89c-4a39-8eee-12e5c8504f51@linaro.org>
On 23/9/25 22:28, Richard Henderson wrote:
> On 9/23/25 06:35, Philippe Mathieu-Daudé wrote:
>> On 23/9/25 04:39, Richard Henderson wrote:
>>> In all cases, we are already within start_exclusive.
>>>
>>> Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
>>> ---
>>> Cc: Alex Bennée" <alex.bennee@linaro.org>
>>> Cc: Alexandre Iooss <erdnaxe@crans.org>
>>> Cc: Mahmoud Mandour <ma.mandourr@gmail.com>
>>> Cc: Pierrick Bouvier <pierrick.bouvier@linaro.org>
>>> ---
>>> plugins/core.c | 6 ++----
>>> plugins/loader.c | 2 +-
>>> 2 files changed, 3 insertions(+), 5 deletions(-)
>>>
>>> diff --git a/plugins/core.c b/plugins/core.c
>>> index c6e9ef1478..4ae1a6ae17 100644
>>> --- a/plugins/core.c
>>> +++ b/plugins/core.c
>>> @@ -248,7 +248,7 @@ static void
>>> plugin_grow_scoreboards__locked(CPUState *cpu)
>>> }
>>> plugin.scoreboard_alloc_size = scoreboard_size;
>>> /* force all tb to be flushed, as scoreboard pointers were
>>> changed. */
>>> - tb_flush(cpu);
>>> + tb_flush__exclusive();
>>> }
>>> end_exclusive();
>>> }
>>> @@ -684,8 +684,6 @@ void qemu_plugin_user_exit(void)
>>> * with the one in fork_start(). That is:
>>> * - start_exclusive(), which acquires qemu_cpu_list_lock,
>>> * must be called before acquiring plugin.lock.
>>> - * - tb_flush(), which acquires mmap_lock(), must be called
>>> - * while plugin.lock is not held.
>>> */
>>> start_exclusive();
>>> @@ -705,7 +703,7 @@ void qemu_plugin_user_exit(void)
>>> }
>>> qemu_rec_mutex_unlock(&plugin.lock);
>>> - tb_flush(current_cpu);
>>> + tb_flush__exclusive();
>>> end_exclusive();
>>> /* now it's safe to handle the exit case */
>>
>> Hmm it seems we are triggering again the issue reported about
>> TARGET_NR_exit_group in https://linaro.atlassian.net/browse/QEMU-706:
>>
>> "Under user emulation, threads can exit via pthread_join or at
>> the end of the process via exit_group syscall.
>>
>> The current plugin exit hook affects all vcpus (see
>> qemu_plugin_disable_mem_helpers call in qemu_plugin_user_exit)."
>>
>> Crash log:
>>
>> qemu-loongarch64: ../../accel/tcg/tb-maint.c:94: tb_remove_all:
>> Assertion `have_mmap_lock()' failed.
>>
>> Thread 1 "qemu-loongarch6" received signal SIGABRT, Aborted.
>> __pthread_kill_implementation (no_tid=0, signo=6,
>> threadid=140737340860416) at ./nptl/ pthread_kill.c:44
>> 44 ./nptl/pthread_kill.c: No such file or directory.
>> (gdb) bt
>> #0 __pthread_kill_implementation (no_tid=0, signo=6,
>> threadid=140737340860416) at ./nptl/ pthread_kill.c:44
>> #1 __pthread_kill_internal (signo=6, threadid=140737340860416) at ./
>> nptl/pthread_kill.c:78
>> #2 __GI___pthread_kill (threadid=140737340860416,
>> signo=signo@entry=6) at ./nptl/ pthread_kill.c:89
>> #3 0x00007ffff746f476 in __GI_raise (sig=sig@entry=6) at ../sysdeps/
>> posix/raise.c:26
>> #4 0x00007ffff74557f3 in __GI_abort () at ./stdlib/abort.c:79
>> #5 0x00007ffff745571b in __assert_fail_base (fmt=0x7ffff760a130
>> "%s%s%s:%u: %s%sAssertion `%s' failed.\n%n", assertion=0x555555733f0c
>> "have_mmap_lock()",
>> file=0x555555733ef1 "../../accel/tcg/tb-maint.c", line=94,
>> function=<optimized out>) at ./assert/assert.c:94
>> #6 0x00007ffff7466e96 in __GI___assert_fail
>> (assertion=assertion@entry=0x555555733f0c "have_mmap_lock()",
>> file=file@entry=0x555555733ef1 "../../accel/tcg/tb-maint.c",
>> line=line@entry=94, function=function@entry=0x555555734038
>> <__PRETTY_FUNCTION__.8> "tb_remove_all")
>> at ./assert/assert.c:103
>> #7 0x0000555555612e41 in tb_remove_all () at ../../accel/tcg/tb-
>> maint.c:94
>> #8 tb_flush__exclusive () at ../../accel/tcg/tb-maint.c:781
>> #9 0x0000555555623a0c in qemu_plugin_user_exit () at ../../plugins/
>> core.c:706
>> #10 0x0000555555696e54 in preexit_cleanup (env=<optimized out>,
>> code=code@entry=0) at ../../linux-user/exit.c:36
>
> I fixed this by replacing the assert in the user-only version of
> tb_remove_all.
Clever shortcut :)
next prev parent reply other threads:[~2025-09-24 3:20 UTC|newest]
Thread overview: 36+ messages / expand[flat|nested] mbox.gz Atom feed top
2025-09-23 2:39 [PATCH v2 00/12] accel/tcg: Improve tb_flush usage Richard Henderson
2025-09-23 2:39 ` [PATCH v2 01/12] gdbstub: Remove tb_flush uses Richard Henderson
2025-09-23 9:11 ` Philippe Mathieu-Daudé
2025-09-23 16:23 ` Richard Henderson
2025-09-23 2:39 ` [PATCH v2 02/12] accel/tcg: Split out tb_flush__exclusive Richard Henderson
2025-09-23 7:17 ` Philippe Mathieu-Daudé
2025-09-23 9:16 ` Philippe Mathieu-Daudé
2025-09-23 2:39 ` [PATCH v2 03/12] target/alpha: Simplify call_pal implementation Richard Henderson
2025-09-23 7:30 ` Philippe Mathieu-Daudé
2025-09-23 9:05 ` Philippe Mathieu-Daudé
2025-09-23 2:39 ` [PATCH v2 04/12] target/riscv: Record misa_ext in TCGTBCPUState.cs_base Richard Henderson
2025-09-24 6:17 ` LIU Zhiwei
2025-09-24 12:23 ` Daniel Henrique Barboza
2025-09-28 23:10 ` Alistair Francis
2025-09-23 2:39 ` [PATCH v2 05/12] accel/tcg: Move post-load tb_flush to vm_change_state hook Richard Henderson
2025-09-23 7:22 ` Philippe Mathieu-Daudé
2025-09-23 2:39 ` [PATCH v2 06/12] hw/ppc/spapr: Use tb_invalidate_phys_range in h_page_init Richard Henderson
2025-09-23 4:49 ` Harsh Prateek Bora
2025-09-23 8:55 ` Philippe Mathieu-Daudé
2025-09-23 9:45 ` Harsh Prateek Bora
2025-09-23 16:59 ` Richard Henderson
2025-09-23 2:39 ` [PATCH v2 07/12] linux-user: Use tb_flush_exclusive to start second thread Richard Henderson
2025-09-23 8:50 ` Philippe Mathieu-Daudé
2025-09-23 2:39 ` [PATCH v2 08/12] plugins: Use tb_flush__exclusive Richard Henderson
2025-09-23 7:33 ` Philippe Mathieu-Daudé
2025-09-23 13:35 ` Philippe Mathieu-Daudé
2025-09-23 20:28 ` Richard Henderson
2025-09-24 3:18 ` Philippe Mathieu-Daudé [this message]
2025-09-23 2:39 ` [PATCH v2 09/12] accel/tcg: Introduce EXCP_TB_FLUSH Richard Henderson
2025-09-23 7:10 ` Paolo Bonzini
2025-09-23 20:02 ` Richard Henderson
2025-09-23 2:39 ` [PATCH v2 10/12] accel/tcg: Use EXCP_TB_FLUSH in tb_gen_code Richard Henderson
2025-09-23 9:15 ` Philippe Mathieu-Daudé
2025-09-23 2:39 ` [PATCH v2 11/12] accel/tcg: Remove tb_flush Richard Henderson
2025-09-23 7:24 ` Philippe Mathieu-Daudé
2025-09-23 2:39 ` [PATCH v2 12/12] accel/tcg: Tighten assert in tb_flush__exclusive Richard Henderson
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=d40596b3-3790-4d4a-ab2a-0ddd2e92bae8@linaro.org \
--to=philmd@linaro.org \
--cc=alex.bennee@linaro.org \
--cc=erdnaxe@crans.org \
--cc=ma.mandourr@gmail.com \
--cc=pierrick.bouvier@linaro.org \
--cc=qemu-devel@nongnu.org \
--cc=richard.henderson@linaro.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).