On Fri, 2 Feb 2024 at 16:26, Jonathan Cameron <jonathan.came...@huawei.com> wrote: > New exciting trace... > Thread 5 "qemu-system-x86" received signal SIGABRT, Aborted. > [Switching to Thread 0x7ffff4efe6c0 (LWP 16503)] > __pthread_kill_implementation (no_tid=0, signo=6, threadid=<optimized out>) > at ./nptl/pthread_kill.c:44 > Download failed: Invalid argument. Continuing without source file > ./nptl/./nptl/pthread_kill.c. > 44 ./nptl/pthread_kill.c: No such file or directory. > (gdb) bt > #0 __pthread_kill_implementation (no_tid=0, signo=6, threadid=<optimized > out>) at ./nptl/pthread_kill.c:44 > #1 __pthread_kill_internal (signo=6, threadid=<optimized out>) at > ./nptl/pthread_kill.c:78 > #2 __GI___pthread_kill (threadid=<optimized out>, signo=signo@entry=6) at > ./nptl/pthread_kill.c:89 > #3 0x00007ffff77c43b6 in __GI_raise (sig=sig@entry=6) at > ../sysdeps/posix/raise.c:26 > #4 0x00007ffff77aa87c in __GI_abort () at ./stdlib/abort.c:79 > #5 0x00007ffff7b2ed1e in () at /lib/x86_64-linux-gnu/libglib-2.0.so.0 > #6 0x00007ffff7b9622e in g_assertion_message_expr () at > /lib/x86_64-linux-gnu/libglib-2.0.so.0 > #7 0x0000555555ab1929 in bql_lock_impl (file=0x555556049122 > "../../accel/tcg/cputlb.c", line=2033) at ../../system/cpus.c:524 > #8 bql_lock_impl (file=file@entry=0x555556049122 "../../accel/tcg/cputlb.c", > line=line@entry=2033) at ../../system/cpus.c:520 > #9 0x0000555555c9f7d6 in do_ld_mmio_beN (cpu=0x5555578e0cb0, > full=0x7ffe88012950, ret_be=ret_be@entry=0, addr=19595792376, > size=size@entry=8, mmu_idx=4, type=MMU_DATA_LOAD, ra=0) at > ../../accel/tcg/cputlb.c:2033 > #10 0x0000555555ca0fbd in do_ld_8 (cpu=cpu@entry=0x5555578e0cb0, > p=p@entry=0x7ffff4efd1d0, mmu_idx=<optimized out>, > type=type@entry=MMU_DATA_LOAD, memop=<optimized out>, ra=ra@entry=0) at > ../../accel/tcg/cputlb.c:2356 > #11 0x0000555555ca341f in do_ld8_mmu (cpu=cpu@entry=0x5555578e0cb0, > addr=addr@entry=19595792376, oi=oi@entry=52, ra=0, ra@entry=52, > access_type=access_type@entry=MMU_DATA_LOAD) at ../../accel/tcg/cputlb.c:2439 > #12 0x0000555555ca5f59 in cpu_ldq_mmu (ra=52, oi=52, addr=19595792376, > env=0x5555578e3470) at ../../accel/tcg/ldst_common.c.inc:169 > #13 cpu_ldq_le_mmuidx_ra (env=0x5555578e3470, addr=19595792376, > mmu_idx=<optimized out>, ra=ra@entry=0) at > ../../accel/tcg/ldst_common.c.inc:301 > #14 0x0000555555b4b5fc in ptw_ldq (ra=0, in=0x7ffff4efd320) at > ../../target/i386/tcg/sysemu/excp_helper.c:98 > #15 ptw_ldq (ra=0, in=0x7ffff4efd320) at > ../../target/i386/tcg/sysemu/excp_helper.c:93 > #16 mmu_translate (env=env@entry=0x5555578e3470, in=0x7ffff4efd3e0, > out=0x7ffff4efd3b0, err=err@entry=0x7ffff4efd3c0, ra=ra@entry=0) at > ../../target/i386/tcg/sysemu/excp_helper.c:174 > #17 0x0000555555b4c4b3 in get_physical_address (ra=0, err=0x7ffff4efd3c0, > out=0x7ffff4efd3b0, mmu_idx=0, access_type=MMU_DATA_LOAD, > addr=18446741874686299840, env=0x5555578e3470) at > ../../target/i386/tcg/sysemu/excp_helper.c:580 > #18 x86_cpu_tlb_fill (cs=0x5555578e0cb0, addr=18446741874686299840, > size=<optimized out>, access_type=MMU_DATA_LOAD, mmu_idx=0, probe=<optimized > out>, retaddr=0) at ../../target/i386/tcg/sysemu/excp_helper.c:606 > #19 0x0000555555ca0ee9 in tlb_fill (retaddr=0, mmu_idx=0, > access_type=MMU_DATA_LOAD, size=<optimized out>, addr=18446741874686299840, > cpu=0x7ffff4efd540) at ../../accel/tcg/cputlb.c:1315 > #20 mmu_lookup1 (cpu=cpu@entry=0x5555578e0cb0, > data=data@entry=0x7ffff4efd540, mmu_idx=0, > access_type=access_type@entry=MMU_DATA_LOAD, ra=ra@entry=0) at > ../../accel/tcg/cputlb.c:1713 > #21 0x0000555555ca2c61 in mmu_lookup (cpu=cpu@entry=0x5555578e0cb0, > addr=addr@entry=18446741874686299840, oi=oi@entry=32, ra=ra@entry=0, > type=type@entry=MMU_DATA_LOAD, l=l@entry=0x7ffff4efd540) at > ../../accel/tcg/cputlb.c:1803 > #22 0x0000555555ca3165 in do_ld4_mmu (cpu=cpu@entry=0x5555578e0cb0, > addr=addr@entry=18446741874686299840, oi=oi@entry=32, ra=ra@entry=0, > access_type=access_type@entry=MMU_DATA_LOAD) at ../../accel/tcg/cputlb.c:2416 > #23 0x0000555555ca5ef9 in cpu_ldl_mmu (ra=0, oi=32, > addr=18446741874686299840, env=0x5555578e3470) at > ../../accel/tcg/ldst_common.c.inc:158 > #24 cpu_ldl_le_mmuidx_ra (env=env@entry=0x5555578e3470, > addr=addr@entry=18446741874686299840, mmu_idx=<optimized out>, ra=ra@entry=0) > at ../../accel/tcg/ldst_common.c.inc:294 > #25 0x0000555555bb6cdd in do_interrupt64 (is_hw=1, > next_eip=18446744072399775809, error_code=0, is_int=0, intno=236, > env=0x5555578e3470) at ../../target/i386/tcg/seg_helper.c:889 > #26 do_interrupt_all (cpu=cpu@entry=0x5555578e0cb0, intno=236, > is_int=is_int@entry=0, error_code=error_code@entry=0, > next_eip=next_eip@entry=0, is_hw=is_hw@entry=1) at > ../../target/i386/tcg/seg_helper.c:1130 > #27 0x0000555555bb87da in do_interrupt_x86_hardirq > (env=env@entry=0x5555578e3470, intno=<optimized out>, is_hw=is_hw@entry=1) at > ../../target/i386/tcg/seg_helper.c:1162 > #28 0x0000555555b5039c in x86_cpu_exec_interrupt (cs=0x5555578e0cb0, > interrupt_request=<optimized out>) at > ../../target/i386/tcg/sysemu/seg_helper.c:197 > #29 0x0000555555c94480 in cpu_handle_interrupt (last_tb=<synthetic pointer>, > cpu=0x5555578e0cb0) at ../../accel/tcg/cpu-exec.c:844 > #30 cpu_exec_loop (cpu=cpu@entry=0x5555578e0cb0, sc=sc@entry=0x7ffff4efd7b0) > at ../../accel/tcg/cpu-exec.c:951 > #31 0x0000555555c94791 in cpu_exec_setjmp (cpu=cpu@entry=0x5555578e0cb0, > sc=sc@entry=0x7ffff4efd7b0) at ../../accel/tcg/cpu-exec.c:1029 > #32 0x0000555555c94f7c in cpu_exec (cpu=cpu@entry=0x5555578e0cb0) at > ../../accel/tcg/cpu-exec.c:1055 > #33 0x0000555555cb9043 in tcg_cpu_exec (cpu=cpu@entry=0x5555578e0cb0) at > ../../accel/tcg/tcg-accel-ops.c:76 > #34 0x0000555555cb91a0 in mttcg_cpu_thread_fn (arg=arg@entry=0x5555578e0cb0) > at ../../accel/tcg/tcg-accel-ops-mttcg.c:95 > #35 0x0000555555e57270 in qemu_thread_start (args=0x555557956000) at > ../../util/qemu-thread-posix.c:541 > #36 0x00007ffff78176ba in start_thread (arg=<optimized out>) at > ./nptl/pthread_create.c:444 > #37 0x00007ffff78a60d0 in clone3 () at > ../sysdeps/unix/sysv/linux/x86_64/clone3.S:81 >
Here we are trying to take an interrupt. This isn't related to the other can_do_io stuff, it's happening because do_ld_mmio_beN assumes it's called with the BQL not held, but in fact there are some situations where we call into the memory subsystem and we do already have the BQL. -- PMM
