'Re: [PATCH v3 00/13] exec: Rework around CPUState user fields (part 2)'

[prev in list] [next in list] [prev in thread] [next in thread] 

List:       qemu-devel
Subject:    Re: [PATCH v3 00/13] exec: Rework around CPUState user fields (part 2)
From:       Ilya Leoshkevich <iii () linux ! ibm ! com>
Date:       2024-04-30 21:42:25
Message-ID: uuuk6a2vo24yrrqrchjxaeko3utqshrdu6txcnqziokpg7dkom () 4l4kd3dqh6jc
[Download RAW message or body]

On Tue, Apr 30, 2024 at 09:00:17PM +0200, Philippe Mathieu-Daudé wrote:
> On 30/4/24 20:45, Philippe Mathieu-Daudé wrote:
> > Hi Ilya,
> > 
> > On 30/4/24 19:55, Ilya Leoshkevich wrote:
> > > On Tue, Apr 30, 2024 at 02:27:54PM +0200, Philippe Mathieu-Daudé wrote:
> > > > Missing WASM testing by Ilya (branch available at
> > > > https://gitlab.com/philmd/qemu/-/commits/tcg_flush_jmp_cache)
> > > 
> > > Hmm, it dies very early now:
> > > 
> > > # gdb --args ./qemu-s390x -L /usr/s390x-linux-gnu \
> > > /build/wasmtime/target/s390x-unknown-linux-gnu/debug/deps/component_fuzz_util-d10a3a6b4ad8af47
> > >  
> > > Thread 1 "qemu-s390x" received signal SIGSEGV, Segmentation fault.
> > > 0x000055555559b718 in cpu_common_realizefn (dev=0x5555557c28c0,
> > > errp=<optimized out>) at
> > > ../home/iii/myrepos/qemu/hw/core/cpu-common.c:217
> > > 217             cpu->accel->plugin_state =
> > > qemu_plugin_create_vcpu_state();
> > > 
> > > (gdb) bt
> > > #0  0x000055555559b718 in cpu_common_realizefn
> > > (dev=0x5555557c28c0, errp=<optimized out>) at
> > > ../home/iii/myrepos/qemu/hw/core/cpu-common.c:217
> > > #1  0x000055555559f59a in s390_cpu_realizefn (dev=0x5555557c28c0,
> > > errp=0x7fffffffe1a0) at
> > > ../home/iii/myrepos/qemu/target/s390x/cpu.c:284
> > > #2  0x000055555563f76b in device_set_realized (obj=<optimized
> > > out>, value=<optimized out>, errp=0x7fffffffe2e0) at
> > > ../home/iii/myrepos/qemu/hw/core/qdev.c:510
> > > #3  0x000055555564363d in property_set_bool (obj=0x5555557c28c0,
> > > v=<optimized out>, name=<optimized out>, opaque=0x5555557a9140,
> > > errp=0x7fffffffe2e0) at ../home/iii/myrepos/qemu/qom/object.c:2362
> > > #4  0x0000555555646b9b in object_property_set
> > > (obj=obj@entry=0x5555557c28c0, name=name@entry=0x5555556e8ae2
> > > "realized", v=v@entry=0x5555557c6650,
> > > errp=errp@entry=0x7fffffffe2e0)
> > > at ../home/iii/myrepos/qemu/qom/object.c:1471
> > > #5  0x000055555564a43f in object_property_set_qobject
> > > (obj=obj@entry=0x5555557c28c0, name=name@entry=0x5555556e8ae2
> > > "realized", value=value@entry=0x5555557a7a90,
> > > errp=errp@entry=0x7fffffffe2e0)
> > > at ../home/iii/myrepos/qemu/qom/qom-qobject.c:28
> > > #6  0x0000555555647204 in object_property_set_bool
> > > (obj=0x5555557c28c0, name=name@entry=0x5555556e8ae2 "realized",
> > > value=value@entry=true, errp=errp@entry=0x7fffffffe2e0)
> > > at ../home/iii/myrepos/qemu/qom/object.c:1541
> > > #7  0x000055555564025c in qdev_realize (dev=<optimized out>,
> > > bus=bus@entry=0x0, errp=errp@entry=0x7fffffffe2e0) at
> > > ../home/iii/myrepos/qemu/hw/core/qdev.c:291
> > > #8  0x000055555559bbb4 in cpu_create (typename=<optimized out>)
> > > at ../home/iii/myrepos/qemu/hw/core/cpu-common.c:61
> > > #9  0x000055555559a467 in main (argc=4, argv=0x7fffffffeaa8,
> > > envp=<optimized out>) at
> > > ../home/iii/myrepos/qemu/linux-user/main.c:811
> > > 
> > > (gdb) p cpu
> > > $1 = (CPUState *) 0x5555557c28c0
> > > (gdb) p cpu->accel
> > > $2 = (AccelCPUState *) 0x0
> > > 
> > > Configured with: '/home/iii/myrepos/qemu/configure'
> > > '--target-list=s390x-linux-user' '--disable-tools' '--disable-slirp'
> > > '--disable-fdt' '--disable-capstone' '--disable-docs'
> > > 
> > > If you don't see what can be wrong here right away, I can debug this.
> 
> I added this commit in the same branch:
> 
> -- >8 --
> Author: Philippe Mathieu-Daudé <philmd@linaro.org>
> Date:   Tue Apr 30 20:57:15 2024 +0200
> 
> accel/tcg: Initialize TCG plugins in cpu-target.c
> 
> Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org>
> 
> diff --git a/cpu-target.c b/cpu-target.c
> index 5af120e8aa..585533cfa3 100644
> --- a/cpu-target.c
> +++ b/cpu-target.c
> @@ -46,6 +46,10 @@
> #include "hw/core/accel-cpu.h"
> #include "trace/trace-root.h"
> #include "qemu/accel.h"
> +#ifdef CONFIG_PLUGIN
> +#include "accel/tcg/vcpu-state.h"
> +#include "qemu/plugin.h"
> +#endif
> 
> #ifndef CONFIG_USER_ONLY
> static int cpu_common_post_load(void *opaque, int version_id)
> @@ -131,6 +135,13 @@ const VMStateDescription vmstate_cpu_common = {
> };
> #endif
> 
> +#ifdef CONFIG_PLUGIN
> +static void qemu_plugin_vcpu_init__async(CPUState *cpu, run_on_cpu_data
> unused)
> +{
> +    qemu_plugin_vcpu_init_hook(cpu);
> +}
> +#endif
> +
> bool cpu_exec_realizefn(CPUState *cpu, Error **errp)
> {
> /* cache the cpu class for the hotpath */
> @@ -143,6 +154,15 @@ bool cpu_exec_realizefn(CPUState *cpu, Error **errp)
> /* Wait until cpu initialization complete before exposing cpu. */
> cpu_list_add(cpu);
> 
> +#ifdef CONFIG_PLUGIN
> +    assert(cpu->accel);
> +    /* Plugin initialization must wait until the cpu start executing code
> */
> +    if (tcg_enabled()) {
> +        cpu->accel->plugin_state = qemu_plugin_create_vcpu_state();
> +        async_run_on_cpu(cpu, qemu_plugin_vcpu_init__async,
> RUN_ON_CPU_NULL);
> +    }
> +#endif
> +
> #ifdef CONFIG_USER_ONLY
> assert(qdev_get_vmsd(DEVICE(cpu)) == NULL ||
> qdev_get_vmsd(DEVICE(cpu))->unmigratable);
> @@ -171,6 +191,13 @@ void cpu_exec_unrealizefn(CPUState *cpu)
> }
> #endif
> 
> +#ifdef CONFIG_PLUGIN
> +    /* Call the plugin hook before clearing the cpu is fully unrealized */
> +    if (tcg_enabled()) {
> +        qemu_plugin_vcpu_exit_hook(cpu);
> +    }
> +#endif
> +
> cpu_list_remove(cpu);
> /*
> * Now that the vCPU has been removed from the RCU list, we can call
> diff --git a/hw/core/cpu-common.c b/hw/core/cpu-common.c
> index e03d31876f..cd8bd99131 100644
> --- a/hw/core/cpu-common.c
> +++ b/hw/core/cpu-common.c
> @@ -30,10 +30,6 @@
> #include "hw/boards.h"
> #include "hw/qdev-properties.h"
> #include "trace.h"
> -#ifdef CONFIG_PLUGIN
> -#include "accel/tcg/vcpu-state.h"
> -#include "qemu/plugin.h"
> -#endif
> 
> CPUState *cpu_by_arch_id(int64_t id)
> {
> @@ -181,13 +177,6 @@ static void cpu_common_parse_features(const char
> *typename, char *features,
> }
> }
> 
> -#ifdef CONFIG_PLUGIN
> -static void qemu_plugin_vcpu_init__async(CPUState *cpu, run_on_cpu_data
> unused)
> -{
> -    qemu_plugin_vcpu_init_hook(cpu);
> -}
> -#endif
> -
> static void cpu_common_realizefn(DeviceState *dev, Error **errp)
> {
> CPUState *cpu = CPU(dev);
> @@ -211,14 +200,6 @@ static void cpu_common_realizefn(DeviceState *dev,
> Error **errp)
> cpu_resume(cpu);
> }
> 
> -    /* Plugin initialization must wait until the cpu start executing code
> */
> -#ifdef CONFIG_PLUGIN
> -    if (tcg_enabled()) {
> -        cpu->accel->plugin_state = qemu_plugin_create_vcpu_state();
> -        async_run_on_cpu(cpu, qemu_plugin_vcpu_init__async,
> RUN_ON_CPU_NULL);
> -    }
> -#endif
> -
> /* NOTE: latest generic point where the cpu is fully realized */
> }
> 
> @@ -226,13 +207,6 @@ static void cpu_common_unrealizefn(DeviceState *dev)
> {
> CPUState *cpu = CPU(dev);
> 
> -    /* Call the plugin hook before clearing the cpu is fully unrealized */
> -#ifdef CONFIG_PLUGIN
> -    if (tcg_enabled()) {
> -        qemu_plugin_vcpu_exit_hook(cpu);
> -    }
> -#endif
> -
> /* NOTE: latest generic point before the cpu is fully unrealized */
> cpu_exec_unrealizefn(cpu);
> }
> ---
> 
> Totally untested here because it is late (only built...).

Now I get:

  Thread 1 "qemu-s390x" received signal SIGABRT, Aborted.
  __pthread_kill_implementation (threadid=<optimized out>, signo=signo@entry=6, \
no_tid=no_tid@entry=0) at ./nptl/pthread_kill.c:44  44      ./nptl/pthread_kill.c: No \
such file or directory.  (gdb) bt
  #0  __pthread_kill_implementation (threadid=<optimized out>, signo=signo@entry=6, \
no_tid=no_tid@entry=0) at ./nptl/pthread_kill.c:44  #1  0x00007ffff7c41e8f in \
__pthread_kill_internal (signo=6, threadid=<optimized out>) at \
./nptl/pthread_kill.c:78  #2  0x00007ffff7bf2fb2 in __GI_raise (sig=sig@entry=6) at \
../sysdeps/posix/raise.c:26  #3  0x00007ffff7bdd472 in __GI_abort () at \
./stdlib/abort.c:79  #4  0x00007ffff7bdd395 in __assert_fail_base (fmt=0x7ffff7d51a90 \
"%s%s%s:%u: %s%sAssertion `%s' failed.\n%n", assertion=assertion@entry=0x5555556d71b8 \
"cpu->accel",   file=file@entry=0x5555556d70e0 \
"../home/iii/myrepos/qemu/cpu-target.c", line=line@entry=158, \
function=function@entry=0x5555556d7260 <__PRETTY_FUNCTION__.3> "cpu_exec_realizefn") \
at ./assert/assert.c:92  #5  0x00007ffff7bebeb2 in __GI___assert_fail \
(assertion=assertion@entry=0x5555556d71b8 "cpu->accel", \
file=file@entry=0x5555556d70e0 "../home/iii/myrepos/qemu/cpu-target.c", \
                line=line@entry=158, 
      function=function@entry=0x5555556d7260 <__PRETTY_FUNCTION__.3> \
"cpu_exec_realizefn") at ./assert/assert.c:101  #6  0x00005555555d44ca in \
cpu_exec_realizefn (cpu=cpu@entry=0x5555557c28c0, errp=errp@entry=0x7fffffffe140) at \
../home/iii/myrepos/qemu/cpu-target.c:158  #7  0x000055555559f50b in \
s390_cpu_realizefn (dev=0x5555557c28c0, errp=0x7fffffffe1a0) at \
../home/iii/myrepos/qemu/target/s390x/cpu.c:261  #8  0x000055555563f78b in \
device_set_realized (obj=<optimized out>, value=<optimized out>, errp=0x7fffffffe2e0) \
at ../home/iii/myrepos/qemu/hw/core/qdev.c:510  #9  0x000055555564365d in \
property_set_bool (obj=0x5555557c28c0, v=<optimized out>, name=<optimized out>, \
opaque=0x5555557a9140, errp=0x7fffffffe2e0) at \
../home/iii/myrepos/qemu/qom/object.c:2362  #10 0x0000555555646bbb in \
object_property_set (obj=obj@entry=0x5555557c28c0, name=name@entry=0x5555556e8ae2 \
"realized", v=v@entry=0x5555557c6650, errp=errp@entry=0x7fffffffe2e0)  at \
../home/iii/myrepos/qemu/qom/object.c:1471  #11 0x000055555564a45f in \
object_property_set_qobject (obj=obj@entry=0x5555557c28c0, \
name=name@entry=0x5555556e8ae2 "realized", value=value@entry=0x5555557a7a90, \
errp=errp@entry=0x7fffffffe2e0)  at ../home/iii/myrepos/qemu/qom/qom-qobject.c:28
  #12 0x0000555555647224 in object_property_set_bool (obj=0x5555557c28c0, \
name=name@entry=0x5555556e8ae2 "realized", value=value@entry=true, \
errp=errp@entry=0x7fffffffe2e0)  at ../home/iii/myrepos/qemu/qom/object.c:1541
  #13 0x000055555564027c in qdev_realize (dev=<optimized out>, bus=bus@entry=0x0, \
errp=errp@entry=0x7fffffffe2e0) at ../home/iii/myrepos/qemu/hw/core/qdev.c:291  #14 \
0x000055555559bb54 in cpu_create (typename=<optimized out>) at \
../home/iii/myrepos/qemu/hw/core/cpu-common.c:57  #15 0x000055555559a467 in main \
(argc=4, argv=0x7fffffffeaa8, envp=<optimized out>) at \
../home/iii/myrepos/qemu/linux-user/main.c:811

Here is the executable file: http://0x0.st/XXHp.gz
sha256sum: 58eb8d2a90c08f772ae94e20a7a8c7567bd886fe022a6b9e117912cc13acbd82

Best regards,
Ilya


[prev in list] [next in list] [prev in thread] [next in thread]
Configure | About | News | Add a list | Sponsored by KoreLogic