On May 12, 2015, at 3:45 AM, Paolo Bonzini wrote: > On 12/05/2015 00:43, Programmingkid wrote: >> >> On May 10, 2015, at 10:54 AM, Paolo Bonzini wrote: >> >>> >>> >>> On 06/05/2015 18:40, Programmingkid wrote: >>>> When I try to use the pcspk sound hardware, QEMU freezes and uses >>>> 100% of the cpu time. This is the command I use: >>>> >>>> qemu-system-i386 -cdrom <anything you wan here> -soundhw pcspk >>>> >>>> This looks like a deadlock situation because some unknown code called >>>> qemu_mutex_lock(). Here is the stack trace at the freeze: >>>> >>>> (gdb) bt #0 0x00007fff824e2db6 in semaphore_wait_trap () #1 >>>> 0x00007fff824e8417 in pthread_mutex_lock () #2 0x0000000100267199 in >>>> qemu_mutex_lock (mutex=<value temporarily unavailable, due to >>>> optimizations>) at util/qemu-thread-posix.c:73 #3 0x003c44016e95153b >>>> in ?? () >>>> >>>> My host is Mac OS 10.6.8. My guest isn't really anything. I have used >>>> Windows XP before but it isn't necessary to reproduce the problem. >>>> >>>> The ?? is what appears to be the problem. I can't even print >>>> instructions at that address. Any ideas as to what is calling the >>>> qemu_mutex_lock() function could help. > > The unknown code here is probably some place where gdb cannot find the > frame pointer. Not a surprise if you are using a 5 year old debugger > with (presumably) a newer compiler. > >>> Reproduced with a FreeDOS image from QEMU Advent Calendar. It locks up >>> as soon as you type "beep". >>> >>> It works with the PulseAudio and ALSA backends, but it doesn't with the >>> SDL backend, even on Linux. >>> >>> Also, it deadlocks even with KVM enabled. >>> >>> Paolo >> >> OK, I see a pattern. SDL and CoreAudio both don't support audio input. Both >> of them have this code: >> .voice_size_in = 0 >> >> Alsa and PulseAudio do support audio input and work. Coincidence? > > Yes. Locking in SDL is completely broken. sdl_callback runs with the > SDL audio lock taken, but then it waits on a semaphore so you cannot > call any other SDL audio function from the main thread. As soon as you > do that, you get a deadlock. I'm strongly tempted to just remove the > driver.
This sounds very similar to what happens to CoreAudio. > On the other hand, CoreAudio seems to be okay. Can you try "thread > apply all bt full" from gdb? > > Paolo Here is the output you wanted. Note: used run -soundhw ac97 -cdrom ~/debian.iso Thread 9 (process 44956): #0 0x00007fff824e2dda in semaphore_timedwait_signal_trap () No symbol table info available. #1 0x00007fff82521772 in _pthread_cond_wait () No symbol table info available. #2 0x00007fff8423468c in CAGuard::WaitFor () No symbol table info available. #3 0x00007fff84236c1b in CAGuard::WaitUntil () No symbol table info available. #4 0x00007fff84234d85 in HP_IOThread::WorkLoop () No symbol table info available. #5 0x00007fff84234827 in HP_IOThread::ThreadEntry () No symbol table info available. #6 0x00007fff84234755 in CAPThread::Entry () No symbol table info available. #7 0x00007fff8251bfd6 in _pthread_start () No symbol table info available. #8 0x00007fff8251be89 in thread_start () No symbol table info available. Thread 8 (process 44956): #0 addr_add (env=0x121ff2e78, addr=1, arg=247) at /Users/user/Documents/Development/Projects/Qemu/qemu-git/target-ppc/mem_helper.c:42 No locals. #1 0x0000000100158f4b in helper_lmw (env=0x101db1220, addr=132087416, reg=30) at /Users/user/Documents/Development/Projects/Qemu/qemu-git/target-ppc/mem_helper.c:61 No locals. #2 0x0000000116426c97 in ?? () No symbol table info available. Current language: auto; currently c Thread 6 (process 44956): #0 0x00007fff8254499e in __sigwait () No symbol table info available. #1 0x00007fff82544977 in sigwait () No symbol table info available. #2 0x00000001003add68 in sigwait_compat (opaque=0x101eb7350) at util/compatfd.c:36 sig = 0 err = 0 info = (struct sigfd_compat_info *) 0x101eb7350 #3 0x00007fff8251bfd6 in _pthread_start () No symbol table info available. #4 0x00007fff8251be89 in thread_start () No symbol table info available. Thread 3 (process 44956): #0 0x00007fff824fbc0a in kevent () No symbol table info available. #1 0x00007fff824fdadd in _dispatch_mgr_invoke () No symbol table info available. #2 0x00007fff824fd7b4 in _dispatch_queue_invoke () No symbol table info available. #3 0x00007fff824fd2de in _dispatch_worker_thread2 () No symbol table info available. #4 0x00007fff824fcc08 in _pthread_wqthread () No symbol table info available. #5 0x00007fff824fcaa5 in start_wqthread () No symbol table info available. Thread 2 (process 44956): #0 0x00007fff824e2dc2 in semaphore_wait_signal_trap () No symbol table info available. #1 0x00007fff824e840d in pthread_mutex_lock () No symbol table info available. #2 0x00000001003a98c2 in qemu_mutex_lock (mutex=0x10070e080) at util/qemu-thread-posix.c:73 err = 0 #3 0x000000010004da9d in qemu_mutex_lock_iothread () at /Users/user/Documents/Development/Projects/Qemu/qemu-git/cpus.c:1128 No locals. #4 0x00000001003be885 in call_rcu_thread (opaque=0x0) at util/rcu.c:241 tries = 1 n = 41 node = (struct rcu_head *) 0x101a98cf0 #5 0x00007fff8251bfd6 in _pthread_start () No symbol table info available. #6 0x00007fff8251be89 in thread_start () No symbol table info available. Thread 1 (process 44956): #0 0x00007fff824e2dc2 in semaphore_wait_signal_trap () No symbol table info available. #1 0x00007fff824e840d in pthread_mutex_lock () No symbol table info available. #2 0x00000001003a98c2 in qemu_mutex_lock (mutex=0x10070e080) at util/qemu-thread-posix.c:73 err = 0 #3 0x000000010004da9d in qemu_mutex_lock_iothread () at /Users/user/Documents/Development/Projects/Qemu/qemu-git/cpus.c:1128 No locals. #4 0x000000010031035a in os_host_main_loop_wait (timeout=29193000) at main-loop.c:242 ret = 0 spin_counter = 0 #5 0x000000010031041f in main_loop_wait (nonblocking=0) at main-loop.c:494 ret = 1 timeout = 1000 timeout_ns = 29193000 #6 0x00000001001713c1 in main_loop () at vl.c:1799 nonblocking = false last_io = 0 #7 0x0000000100178ebe in qemu_main (argc=5, argv=0x7fff5fbff458, envp=0x7fff5fbff488) at vl.c:4385 i = 32767 snapshot = 0 linux_boot = 0 initrd_filename = 0x0 kernel_filename = 0x0 kernel_cmdline = 0x1003ccfc8 "" boot_order = 0x1003d30c4 "cd" boot_once = 0x0 ds = (DisplayState *) 0x101a64f90 cyls = 0 heads = 0 secs = 0 translation = 0 hda_opts = (QemuOpts *) 0x0 opts = (QemuOpts *) 0x0 machine_opts = (QemuOpts *) 0x101eb6ea0 icount_opts = (QemuOpts *) 0x0 olist = (QemuOptsList *) 0x100b31218 optind = 5 optarg = 0x0 loadvm = 0x0 machine_class = (MachineClass *) 0x101e8de10 cpu_model = 0x0 vga_model = 0x1003ec714 "std" qtest_chrdev = 0x0 qtest_log = 0x0 pid_file = 0x0 incoming = 0x0 show_vnc_port = 0 defconfig = true userconfig = true log_mask = 0x0 log_file = 0x0 mem_trace = { malloc = 0x1001745b9 <malloc_and_trace>, realloc = 0x1001745ee <realloc_and_trace>, free = 0x100174632 <free_and_trace>, calloc = 0, try_malloc = 0, try_realloc = 0 } trace_events = 0x0 trace_file = 0x0 maxram_size = 134217728 ram_slots = 0 vmstate_dump_file = (FILE *) 0x0 main_loop_err = (Error *) 0x0 __func__ = "qemu_main" #8 0x00000001002e0569 in -[QemuCocoaAppController startEmulationWithArgc:argv:] (self=0x101e117a0, _cmd=0x100446830, argc=5, argv=0x7fff5fbff458) at cocoa.m:937 status = 1 #9 0x00000001002e03c2 in -[QemuCocoaAppController applicationDidFinishLaunching:] (self=0x101e117a0, _cmd=0x7fff8064d906, note=0x101e347f0) at cocoa.m:915 No locals. #10 0x00007fff8a50dbc5 in _nsnote_callback () No symbol table info available. #11 0x00007fff83a7b000 in __CFXNotificationPost () No symbol table info available. #12 0x00007fff83a67578 in _CFXNotificationPostNotification () No symbol table info available. #13 0x00007fff8a504b26 in -[NSNotificationCenter postNotificationName:object:userInfo:] () No symbol table info available. #14 0x00007fff80a1c44a in -[NSApplication _postDidFinishNotification] () No symbol table info available. #15 0x00007fff80a1c37f in -[NSApplication _sendFinishLaunchingNotification] () No symbol table info available. #16 0x00007fff80ae735d in -[NSApplication(NSAppleEventHandling) _handleAEOpen:] () No symbol table info available. #17 0x00007fff80ae6fd9 in -[NSApplication(NSAppleEventHandling) _handleCoreEvent:withReplyEvent:] () No symbol table info available. #18 0x00007fff8a53c1c6 in -[NSAppleEventManager dispatchRawAppleEvent:withRawReply:handlerRefCon:] () No symbol table info available. #19 0x00007fff8a53bff6 in _NSAppleEventManagerGenericHandler () No symbol table info available. #20 0x00007fff84a6f32b in aeDispatchAppleEvent () No symbol table info available. #21 0x00007fff84a6f224 in dispatchEventAndSendReply () No symbol table info available. #22 0x00007fff84a6f12b in aeProcessAppleEvent () No symbol table info available. #23 0x00007fff87300619 in AEProcessAppleEvent () No symbol table info available. #24 0x00007fff809ec095 in _DPSNextEvent () No symbol table info available. #25 0x00007fff809eb801 in -[NSApplication nextEventMatchingMask:untilDate:inMode:dequeue:] () No symbol table info available. #26 0x00007fff809b168f in -[NSApplication run] () No symbol table info available. #27 0x00000001002e1d4a in main (argc=5, argv=0x7fff5fbff458) at cocoa.m:1169 i = 5 pool = (NSAutoreleasePool *) 0x101a2eb10 psn = { highLongOfPSN = 0, lowLongOfPSN = 2 } menuItem = (NSMenuItem *) 0x101e15410 appController = (QemuCocoaAppController *) 0x101e117a0 menu = (NSMenu *) 0x101e15070