qemu: Add patch to avoid qemuppc boot hangs

qemuppc boots are occasionally hanging on the autobuilder. This adds a patch which fixes the issue in local testing. Its being discussed with upstream qemu. (From OE-Core rev: 8834117a1cbde26d0a36691a2e4635afaa3b6ea7) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit 87719e35db08b21cd43ab3ebd72f4567ca0fdc65) Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
author: Richard Purdie <richard.purdie@linuxfoundation.org> 2017-11-21 11:32:55 +0000
committer: Richard Purdie <richard.purdie@linuxfoundation.org> 2017-12-04 17:23:59 +0000
commit: 3c28d31fed03473dbb4b2a048e9afb09001e9389 (patch)
tree: 80ccd152ba24e77d30df603a015e894f3a376875 /meta/recipes-devtools
parent: 65d09a7d1e8bbb0867a1002d810e085f49fd76b1 (diff)
download: poky-3c28d31fed03473dbb4b2a048e9afb09001e9389.tar.gz
2 files changed, 106 insertions, 0 deletions
diff --git a/meta/recipes-devtools/qemu/qemu/ppc_locking.patch b/meta/recipes-devtools/qemu/qemu/ppc_locking.patch
new file mode 100644
index 0000000000..6f722433d4
--- /dev/null
+++ b/meta/recipes-devtools/qemu/qemu/ppc_locking.patch
@@ -0,0 +1,105 @@
+I've tracked down what I think is a problem causing qemu-system-ppc
+to hang whilst booting images.
+I believe the decrementer timer stops receiving interrupts so
+tasks in our images hang indefinitely as the timer stopped. 
+It can be summed up with this line of debug:
+ppc_set_irq: 0x55b4e0d562f0 n_IRQ 8 level 1 => pending 00000100req 00000004
+It should normally read:
+ppc_set_irq: 0x55b4e0d562f0 n_IRQ 8 level 1 => pending 00000100req 00000002
+The question is why CPU_INTERRUPT_EXITTB ends up being set when the
+lines above this log message clearly sets CPU_INTERRUPT_HARD (via 
+cpu_interrupt() ).
+I note in cpu.h:
+    /* updates protected by BQL */
+    uint32_t interrupt_request;
+(for struct CPUState)
+The ppc code does "cs->interrupt_request |= CPU_INTERRUPT_EXITTB" in 5
+places, 3 in excp_helper.c and 2 in helper_regs.h. In all cases,  
+g_assert(qemu_mutex_iothread_locked()); fails. If I do something like:
+if (!qemu_mutex_iothread_locked()) {
+    qemu_mutex_lock_iothread();
+    cpu_interrupt(cs, CPU_INTERRUPT_EXITTB);
+    qemu_mutex_unlock_iothread();
+} else {
+    cpu_interrupt(cs, CPU_INTERRUPT_EXITTB);
+}
+in these call sites then I can no longer lock qemu up with my test
+case.
+I suspect the _HARD setting gets overwritten which stops the 
+decrementer interrupts being delivered.
+Upstream-Status: Submitted [Issue discussed on qemu mailing list 2017/11/20]
+RP 2017/11/20
+Index: qemu-2.10.1/target/ppc/excp_helper.c
+===================================================================
+--- qemu-2.10.1.orig/target/ppc/excp_helper.c
+++ qemu-2.10.1/target/ppc/excp_helper.c
+@@ -207,7 +207,9 @@ static inline void powerpc_excp(PowerPCC
+                         "Entering checkstop state\n");
+             }
+             cs->halted = 1;
+-            cs->interrupt_request |= CPU_INTERRUPT_EXITTB;
+            qemu_mutex_lock_iothread();
+            cpu_interrupt(cs, CPU_INTERRUPT_EXITTB);
+            qemu_mutex_unlock_iothread();
+         }
+         if (env->msr_mask & MSR_HVB) {
+             /* ISA specifies HV, but can be delivered to guest with HV clear
+@@ -940,7 +942,9 @@ void helper_store_msr(CPUPPCState *env,
+ 
+     if (excp != 0) {
+         CPUState *cs = CPU(ppc_env_get_cpu(env));
+-        cs->interrupt_request |= CPU_INTERRUPT_EXITTB;
+        qemu_mutex_lock_iothread();
+        cpu_interrupt(cs, CPU_INTERRUPT_EXITTB);
+        qemu_mutex_unlock_iothread();
+         raise_exception(env, excp);
+     }
+ }
+@@ -995,7 +999,9 @@ static inline void do_rfi(CPUPPCState *e
+     /* No need to raise an exception here,
+      * as rfi is always the last insn of a TB
+      */
+-    cs->interrupt_request |= CPU_INTERRUPT_EXITTB;
+    qemu_mutex_lock_iothread();
+    cpu_interrupt(cs, CPU_INTERRUPT_EXITTB);
+    qemu_mutex_unlock_iothread();
+ 
+     /* Reset the reservation */
+     env->reserve_addr = -1;
+Index: qemu-2.10.1/target/ppc/helper_regs.h
+===================================================================
+--- qemu-2.10.1.orig/target/ppc/helper_regs.h
+++ qemu-2.10.1/target/ppc/helper_regs.h
+@@ -114,11 +114,15 @@ static inline int hreg_store_msr(CPUPPCS
+     }
+     if (((value >> MSR_IR) & 1) != msr_ir ||
+         ((value >> MSR_DR) & 1) != msr_dr) {
+-        cs->interrupt_request |= CPU_INTERRUPT_EXITTB;
+        qemu_mutex_lock_iothread();
+        cpu_interrupt(cs, CPU_INTERRUPT_EXITTB);
+        qemu_mutex_unlock_iothread();
+     }
+     if ((env->mmu_model & POWERPC_MMU_BOOKE) &&
+         ((value >> MSR_GS) & 1) != msr_gs) {
+-        cs->interrupt_request |= CPU_INTERRUPT_EXITTB;
+        qemu_mutex_lock_iothread();
+        cpu_interrupt(cs, CPU_INTERRUPT_EXITTB);
+        qemu_mutex_unlock_iothread();
+     }
+     if (unlikely((env->flags & POWERPC_FLAG_TGPR) &&
+                  ((value ^ env->msr) & (1 << MSR_TGPR)))) {
diff --git a/meta/recipes-devtools/qemu/qemu_2.10.0.bb b/meta/recipes-devtools/qemu/qemu_2.10.0.bb
index 75e2a259fa..a9b4939b04 100644
--- a/meta/recipes-devtools/qemu/qemu_2.10.0.bb
+++ b/meta/recipes-devtools/qemu/qemu_2.10.0.bb
@@ -28,6 +28,7 @@ SRC_URI = "http://wiki.qemu-project.org/download/${BP}.tar.bz2 \
           file://CVE-2017-13673.patch \
           file://CVE-2017-13672.patch \
           file://CVE-2017-14167.patch \
+           file://ppc_locking.patch \
           "
 UPSTREAM_CHECK_REGEX = "qemu-(?P<pver>\d+\..*)\.tar"
author	Richard Purdie <richard.purdie@linuxfoundation.org>	2017-11-21 11:32:55 +0000
committer	Richard Purdie <richard.purdie@linuxfoundation.org>	2017-12-04 17:23:59 +0000
commit	3c28d31fed03473dbb4b2a048e9afb09001e9389 (patch)
tree	80ccd152ba24e77d30df603a015e894f3a376875 /meta/recipes-devtools
parent	65d09a7d1e8bbb0867a1002d810e085f49fd76b1 (diff)
download	poky-3c28d31fed03473dbb4b2a048e9afb09001e9389.tar.gz

diff --git a/meta/recipes-devtools/qemu/qemu/ppc_locking.patch b/meta/recipes-devtools/qemu/qemu/ppc_locking.patch new file mode 100644 index 0000000000..6f722433d4 --- /dev/null +++ b/meta/recipes-devtools/qemu/qemu/ppc_locking.patch
@@ -0,0 +1,105 @@
		1	I've tracked down what I think is a problem causing qemu-system-ppc
		2	to hang whilst booting images.
		3
		4	I believe the decrementer timer stops receiving interrupts so
		5	tasks in our images hang indefinitely as the timer stopped.
		6
		7	It can be summed up with this line of debug:
		8
		9	ppc_set_irq: 0x55b4e0d562f0 n_IRQ 8 level 1 => pending 00000100req 00000004
		10
		11	It should normally read:
		12
		13	ppc_set_irq: 0x55b4e0d562f0 n_IRQ 8 level 1 => pending 00000100req 00000002
		14
		15	The question is why CPU_INTERRUPT_EXITTB ends up being set when the
		16	lines above this log message clearly sets CPU_INTERRUPT_HARD (via
		17	cpu_interrupt() ).
		18
		19	I note in cpu.h:
		20
		21	/* updates protected by BQL */
		22	uint32_t interrupt_request;
		23
		24	(for struct CPUState)
		25
		26	The ppc code does "cs->interrupt_request \|= CPU_INTERRUPT_EXITTB" in 5
		27	places, 3 in excp_helper.c and 2 in helper_regs.h. In all cases,
		28	g_assert(qemu_mutex_iothread_locked()); fails. If I do something like:
		29
		30	if (!qemu_mutex_iothread_locked()) {
		31	qemu_mutex_lock_iothread();
		32	cpu_interrupt(cs, CPU_INTERRUPT_EXITTB);
		33	qemu_mutex_unlock_iothread();
		34	} else {
		35	cpu_interrupt(cs, CPU_INTERRUPT_EXITTB);
		36	}
		37
		38	in these call sites then I can no longer lock qemu up with my test
		39	case.
		40
		41	I suspect the _HARD setting gets overwritten which stops the
		42	decrementer interrupts being delivered.
		43
		44	Upstream-Status: Submitted [Issue discussed on qemu mailing list 2017/11/20]
		45	RP 2017/11/20
		46
		47	Index: qemu-2.10.1/target/ppc/excp_helper.c
		48	===================================================================
		49	--- qemu-2.10.1.orig/target/ppc/excp_helper.c
		50	+++ qemu-2.10.1/target/ppc/excp_helper.c
		51	@@ -207,7 +207,9 @@ static inline void powerpc_excp(PowerPCC
		52	"Entering checkstop state\n");
		53	}
		54	cs->halted = 1;
		55	- cs->interrupt_request \|= CPU_INTERRUPT_EXITTB;
		56	+ qemu_mutex_lock_iothread();
		57	+ cpu_interrupt(cs, CPU_INTERRUPT_EXITTB);
		58	+ qemu_mutex_unlock_iothread();
		59	}
		60	if (env->msr_mask & MSR_HVB) {
		61	/* ISA specifies HV, but can be delivered to guest with HV clear
		62	@@ -940,7 +942,9 @@ void helper_store_msr(CPUPPCState *env,
		63
		64	if (excp != 0) {
		65	CPUState *cs = CPU(ppc_env_get_cpu(env));
		66	- cs->interrupt_request \|= CPU_INTERRUPT_EXITTB;
		67	+ qemu_mutex_lock_iothread();
		68	+ cpu_interrupt(cs, CPU_INTERRUPT_EXITTB);
		69	+ qemu_mutex_unlock_iothread();
		70	raise_exception(env, excp);
		71	}
		72	}
		73	@@ -995,7 +999,9 @@ static inline void do_rfi(CPUPPCState *e
		74	/* No need to raise an exception here,
		75	* as rfi is always the last insn of a TB
		76	*/
		77	- cs->interrupt_request \|= CPU_INTERRUPT_EXITTB;
		78	+ qemu_mutex_lock_iothread();
		79	+ cpu_interrupt(cs, CPU_INTERRUPT_EXITTB);
		80	+ qemu_mutex_unlock_iothread();
		81
		82	/* Reset the reservation */
		83	env->reserve_addr = -1;
		84	Index: qemu-2.10.1/target/ppc/helper_regs.h
		85	===================================================================
		86	--- qemu-2.10.1.orig/target/ppc/helper_regs.h
		87	+++ qemu-2.10.1/target/ppc/helper_regs.h
		88	@@ -114,11 +114,15 @@ static inline int hreg_store_msr(CPUPPCS
		89	}
		90	if (((value >> MSR_IR) & 1) != msr_ir \|\|
		91	((value >> MSR_DR) & 1) != msr_dr) {
		92	- cs->interrupt_request \|= CPU_INTERRUPT_EXITTB;
		93	+ qemu_mutex_lock_iothread();
		94	+ cpu_interrupt(cs, CPU_INTERRUPT_EXITTB);
		95	+ qemu_mutex_unlock_iothread();
		96	}
		97	if ((env->mmu_model & POWERPC_MMU_BOOKE) &&
		98	((value >> MSR_GS) & 1) != msr_gs) {
		99	- cs->interrupt_request \|= CPU_INTERRUPT_EXITTB;
		100	+ qemu_mutex_lock_iothread();
		101	+ cpu_interrupt(cs, CPU_INTERRUPT_EXITTB);
		102	+ qemu_mutex_unlock_iothread();
		103	}
		104	if (unlikely((env->flags & POWERPC_FLAG_TGPR) &&
		105	((value ^ env->msr) & (1 << MSR_TGPR)))) {


diff --git a/meta/recipes-devtools/qemu/qemu_2.10.0.bb b/meta/recipes-devtools/qemu/qemu_2.10.0.bb index 75e2a259fa..a9b4939b04 100644 --- a/meta/recipes-devtools/qemu/qemu_2.10.0.bb +++ b/meta/recipes-devtools/qemu/qemu_2.10.0.bb
@@ -28,6 +28,7 @@ SRC_URI = "http://wiki.qemu-project.org/download/${BP}.tar.bz2 \
28	file://CVE-2017-13673.patch \	28	file://CVE-2017-13673.patch \
29	file://CVE-2017-13672.patch \	29	file://CVE-2017-13672.patch \
30	file://CVE-2017-14167.patch \	30	file://CVE-2017-14167.patch \
		31	file://ppc_locking.patch \
31	"	32	"
32	UPSTREAM_CHECK_REGEX = "qemu-(?P<pver>\d+\..*)\.tar"	33	UPSTREAM_CHECK_REGEX = "qemu-(?P<pver>\d+\..*)\.tar"
33		34