Cédric Le Goater <c...@kaod.org> writes:
> Hello Anushree, > > On 6/23/23 13:09, Anushree Mathur wrote: >> Hi everyone, >> I was trying to boot rhel9.3 image with upstream qemu-system-ppc64 >> -smp 2 option and observed a segfault (qemu crash). >> qemu command line used: >> qemu-system-ppc64 -name Rhel9.3.ppc64le -smp 2 -m 16G -vga none >> -nographic -machine pseries -cpu POWER10 -accel tcg -device >> virtio-scsi-pci -drive >> file=/home/rh93.qcow2,if=none,format=qcow2,id=hd0 -device >> scsi-hd,drive=hd0 -boot c >> After doing a git bisect, I found the first bad commit which >> introduced this issue is below: > > Could you please open a gitlab issue on QEMU project ? > > https://gitlab.com/qemu-project/qemu/-/issues Is it broken generated code that faults or does the goto_tb code break the execution sequence in some subtle way further down the line? If you can isolate the guest address the output from: -dfilter 0xBADADDR+0x100 -d in_asm,op,out_asm would be useful for the bug report. Although conceivably the out_asm output might make sense at translation time and then be broken when it is patched. Having rr on power would be really useful to debug this sort of thing. > > Thanks, > > C. > >> [qemu]# git bisect good >> 20b6643324a79860dcdfe811ffe4a79942bca21e is the first bad commit >> commit 20b6643324a79860dcdfe811ffe4a79942bca21e >> Author: Richard Henderson <richard.hender...@linaro.org> >> Date: Mon Dec 5 17:45:02 2022 -0600 >> tcg/ppc: Reorg goto_tb implementation >> The old ppc64 implementation replaces 2 or 4 insns, which >> leaves a race >> condition in which a thread could be stopped at a PC in the middle of >> the sequence, and when restarted does not see the complete address >> computation and branches to nowhere. >> The new implemetation replaces only one insn, swapping between >> b <dest> >> and >> mtctr r31 >> falling through to a general-case indirect branch. >> Reviewed-by: Alex Bennée <alex.ben...@linaro.org> >> Signed-off-by: Richard Henderson <richard.hender...@linaro.org> >> tcg/ppc/tcg-target.c.inc | 152 >> +++++++++++++---------------------------------- >> tcg/ppc/tcg-target.h | 3 +- >> 2 files changed, 41 insertions(+), 114 deletions(-) >> [qemu]# >> Can someone please take a look and suggest a fix to resolve this >> issue? >> Thanks in advance. >> Regards, >> Anushree-Mathur >> -- Alex Bennée Virtualisation Tech Lead @ Linaro