On Mon, 25 Mar 2019 11:31:04 +1100 Suraj Jitindar Singh <sjitindarsi...@gmail.com> wrote:
> On Fri, 2019-03-22 at 19:03 +0100, Greg Kurz wrote: > > Since recent commit 2782ad4c4102 "target/ppc/spapr: Enable > > mitigations by > > default for pseries-4.0 machine type", some recent distros, eg. > > fedora29, > > fail to boot under TCG because of a kernel panic: > > Good catch! I noticed this as well but didn't get around to fixing it > so thanks for doing it for me :D > My pleasure :) > > > > [ 0.614425] Oops: Exception in kernel mode, sig: 4 [#1] > > [ 0.618832] LE SMP NR_CPUS=1024 NUMA pSeries > > [ 0.621868] Modules linked in: > > [ 0.624958] CPU: 0 PID: 0 Comm: swapper/0 Not tainted 4.20.16- > > 200.fc29.ppc64le #1 > > [ 0.625978] NIP: c00000000000bf00 LR: c00000000000e268 CTR: > > 0000000000007fff > > [ 0.626572] REGS: c0000000015a3750 TRAP: 0700 Not > > tainted (4.20.16-200.fc29.ppc64le) > > [ 0.626835] MSR: 8000000002089033 <SF,VEC,EE,ME,IR,DR,RI,LE> CR: > > 44828222 XER: 00000000 > > [ 0.628497] CFAR: c00000000000bee4 IRQMASK: 1 > > [ 0.628497] GPR00: c00000000001fbc8 c0000000015a39e0 > > c0000000015a6200 c000000001533450 > > [ 0.628497] GPR04: c00000003e5819d0 c00000003ff15f68 > > 0000000000000000 0000000022f63728 > > [ 0.628497] GPR08: 0000000000000000 0000000000007fff > > 0000000000000000 0000000000000000 > > [ 0.628497] GPR12: 0000000000008000 c0000000018b0000 > > 000000003dc5fd20 0000000002e75e90 > > [ 0.628497] GPR16: 0000000002e75d40 c00000003e594d00 > > 000000003dc5fd20 0000000002e90b50 > > [ 0.628497] GPR20: 000000003e45e800 c000000001531a80 > > c000000001532100 0000000044828222 > > [ 0.628497] GPR24: c000000001533450 c000000001533450 > > c00000003e5819d0 c0000000010e51e0 > > [ 0.628497] GPR28: c0000000015d5c18 c000000001531a80 > > c00000003e580000 c000000001531a80 > > [ 0.631710] NIP [c00000000000bf00] flush_count_cache+0x120/0x2420 > > [ 0.631905] LR [c00000000000e268] _switch+0x68/0x180 > > [ 0.632585] Call Trace: > > [ 0.633490] [c0000000015a39e0] [c0000000015dbd58] > > __cpu_online_mask+0x0/0x80 (unreliable) > > [ 0.634383] [c0000000015a3bc0] [c00000000001fbc8] > > __switch_to+0x348/0x500 > > [ 0.634614] [c0000000015a3c20] [c000000000c509dc] > > __schedule+0x2bc/0xac0 > > [ 0.634731] [c0000000015a3cf0] [c000000000c51648] > > preempt_schedule_common+0x38/0x60 > > [ 0.634852] [c0000000015a3d10] [c000000000c516d4] > > _cond_resched+0x64/0x80 > > [ 0.635527] [c0000000015a3d40] [c00000000011a190] > > copy_process.isra.4.part.5+0xc90/0x1d20 > > [ 0.635656] [c0000000015a3e40] [c00000000011b414] > > _do_fork+0xd4/0x470 > > [ 0.635772] [c0000000015a3eb0] [c00000000011b88c] > > kernel_thread+0x3c/0x50 > > [ 0.635891] [c0000000015a3ed0] [c000000000010b08] > > rest_init+0x98/0xf8 > > [ 0.636025] [c0000000015a3f00] [c000000000fe4084] > > start_kernel+0x658/0x67c > > [ 0.636163] [c0000000015a3f90] [c00000000000b37c] > > start_here_common+0x1c/0x520 > > [ 0.636763] Instruction dump: > > [ 0.640925] 48000005 48000005 48000005 48000005 48000005 4800001c > > 60000000 60000000 > > [ 0.641448] 60000000 60000000 60000000 60000000 <7d2803a6> > > 39207fff 7d2903a6 4c400420 > > [ 0.648580] ---[ end trace 1dcd9494acdef8df ]--- > > [ 0.649361] > > [ 1.657870] Kernel panic - not syncing: Attempted to kill the idle > > task! > > > > The following error is also printed by QEMU: > > > > Opcode 13 10 10 00 (4c400420) leaked temporaries > > > > The root cause behind the panic is that the linux kernel uses for > > spectre v2 > > mitigation a form of the bcctr instruction that we don't support. > > This gets > > triggered when passing cap-ibs=workaround machine option, which is > > the default > > since 2782ad4c4102. > > > > The TCG temp leak comes from some missing tcg_temp_free()s on the > > exception path. > > > > This series fixes the leak and adds support for the invalid form of > > bcctr. > > Since this adds yet another user of PPC_SEGMENT_64B to discriminate > > CPU > > models that should expose the _new_ behaviour, the final patch > > introduces > > a helper for that purpose. > > > > -- > > Greg > > > > --- > > > > Greg Kurz (3): > > target/ppc: Fix TCG temporary leaks in gen_bcond() > > target/ppc: Enable "decrement and test CTR" version of bcctr > > target/ppc: Consolidate 64-bit server processor detection in a > > helper > > > > > > hw/ppc/ppc.c | 2 +- > > target/ppc/cpu.h | 6 +++++ > > target/ppc/helper_regs.h | 2 +- > > target/ppc/translate.c | 58 ++++++++++++++++++++++++++++++++-- > > ------------ > > 4 files changed, 48 insertions(+), 20 deletions(-) > > > >
