Re: [PULL 15/20] include/hw/core: Create struct CPUJumpCache

Thu, 27 Oct 2022 07:23:47 -0700 

On Tue, Oct 04, 2022 at 12:52:36PM -0700, Richard Henderson wrote:
> Wrap the bare TranslationBlock pointer into a structure.
> 
> Reviewed-by: Alex Bennée <alex.ben...@linaro.org>
> Reviewed-by: Philippe Mathieu-Daudé <f4...@amsat.org>
> Signed-off-by: Richard Henderson <richard.hender...@linaro.org>
> ---
>  accel/tcg/tb-hash.h       |  1 +
>  accel/tcg/tb-jmp-cache.h  | 24 ++++++++++++++++++++++++
>  include/exec/cpu-common.h |  1 +
>  include/hw/core/cpu.h     | 15 +--------------
>  include/qemu/typedefs.h   |  1 +
>  accel/stubs/tcg-stub.c    |  4 ++++
>  accel/tcg/cpu-exec.c      | 10 +++++++---
>  accel/tcg/cputlb.c        |  9 +++++----
>  accel/tcg/translate-all.c | 28 +++++++++++++++++++++++++---
>  hw/core/cpu-common.c      |  3 +--
>  plugins/core.c            |  2 +-
>  trace/control-target.c    |  2 +-
>  12 files changed, 72 insertions(+), 28 deletions(-)
>  create mode 100644 accel/tcg/tb-jmp-cache.h

Hi,

After this patch, I get:

    qemu-s390x: qemu/include/qemu/rcu.h:102: rcu_read_unlock: Assertion 
`p_rcu_reader->depth != 0' failed.

in one of the wasmtime tests (host=x86_64, guest=s390x).
GDB shows that the root cause is actually this:

    Thread 181 "wasi_tokio::pat" received signal SIGSEGV, Segmentation fault.
    [Switching to Thread 0x7ffff6c54640 (LWP 168352)]
    0x0000555555626736 in do_tb_phys_invalidate (tb=tb@entry=0x7fffea4b8500 
<code_gen_buffer+38503635>, rm_from_page_list=rm_from_page_list@entry=true) at 
qemu/accel/tcg/translate-all.c:1192
    1192                if (qatomic_read(&jc->array[h].tb) == tb) {
    (gdb) bt
    #0  0x0000555555626736 in do_tb_phys_invalidate (tb=tb@entry=0x7fffea4b8500 
<code_gen_buffer+38503635>, rm_from_page_list=rm_from_page_list@entry=true) at 
qemu/accel/tcg/translate-all.c:1192
    #1  0x0000555555626b98 in tb_phys_invalidate__locked (tb=0x7fffea4b8500 
<code_gen_buffer+38503635>) at qemu/accel/tcg/translate-all.c:1211
    #2  tb_invalidate_phys_page_range__locked (p=<optimized out>, 
start=start@entry=836716683264, end=end@entry=836716687360, retaddr=0, 
pages=0x0) at qemu/accel/tcg/translate-all.c:1678
    #3  0x0000555555626dfb in tb_invalidate_phys_range (start=836716683264, 
start@entry=836716584960, end=end@entry=836716982272) at 
qemu/accel/tcg/translate-all.c:1753
    #4  0x0000555555639e43 in target_munmap (start=start@entry=836716584960, 
len=len@entry=397312) at qemu/linux-user/mmap.c:769

Let me know if you need more information, I can try to extract a
minimal reproducer.

Best regards,
Ilya

Reply via email to