summary refs log tree commit diff stats
path: root/gitlab/issues/target_riscv/host_missing/accel_missing/1395.toml
diff options
context:
space:
mode:
Diffstat (limited to 'gitlab/issues/target_riscv/host_missing/accel_missing/1395.toml')
-rw-r--r--gitlab/issues/target_riscv/host_missing/accel_missing/1395.toml164
1 files changed, 0 insertions, 164 deletions
diff --git a/gitlab/issues/target_riscv/host_missing/accel_missing/1395.toml b/gitlab/issues/target_riscv/host_missing/accel_missing/1395.toml
deleted file mode 100644
index 81fd83f83..000000000
--- a/gitlab/issues/target_riscv/host_missing/accel_missing/1395.toml
+++ /dev/null
@@ -1,164 +0,0 @@
-id = 1395
-title = "qemu-system-riscv32 cpu_transaction_failed cause Infinite loop when write mstatus ~\"target: riscv\""
-state = "closed"
-created_at = "2022-12-25T13:26:24.584Z"
-closed_at = "2023-01-23T16:39:56.032Z"
-labels = ["target: riscv"]
-url = "https://gitlab.com/qemu-project/qemu/-/issues/1395"
-host-os = "- OS/kernel version:"
-host-arch = "## Description of problem"
-qemu-version = "n/a"
-guest-os = "- OS/kernel version:"
-guest-arch = "## Description of problem"
-description = """I wanna run FreeRTOS riscv, and use the FreeRTOS/Demo/RISC-V-Qemu-virt_GCC/Makefile to build elf.\\
-When qemu execute to write mstatus as 0x1888(enable Interrupt, MIE:1, MIP:1, MPP:3), there is no response.\\
-https://github.com/FreeRTOS/FreeRTOS-Kernel/blob/main/portable/GCC/RISC-V/portASM.S\\
-line 274: csrrw   x0, mstatus, x5                 /* Interrupts enabled from here! */\\
-opcode is hex 30029073\\n
-I use pstack to trace qemu thread, there is only one thread is active, and cpu loading is 100%.\\
-then I use gdb attatch <pid> to trace the active thread, and it has a loop\\
-cpu_loop_exit call siglongjmp and back to sigsetjmp in cpu_exec (cpu=cpu@entry=0x55e2294e4070) at ../accel/tcg/cpu-exec.c:936"""
-reproduce = """1.download FreeRTOS and build FreeRTOS/Demo/RISC-V-Qemu-virt_GCC\\
-2.run qemu with gdb\\
-3.hang when writing mstatus"""
-additional = """I find that my issue occur when mtvec is zero and timer interrupt occur when writing mstatus(riscv_cpu_do_interrupt)\\
-Although it should jump to 0x0 rather then hanging in while loop.\\
-expected flow :cpu_handle_interrupt->check_for_breakpoints->break\\
-actually flow: cpu_handle_interrupt->check_for_breakpoints->infinite loop\\
-Qemu build command: 
-```
-./configure --target-list=riscv32-softmmu && make
-```
-
-pstack for qemu (only need to debug Thread 3)
-```
-Thread 3 (Thread 0x7f83af6d3640 (LWP 5093) "qemu-system-ris"):
-#0  0x000055cb31b1769f in riscv_cpu_exec_interrupt ()
-#1  0x0000000000000000 in  ()
-Thread 2 (Thread 0x7f83b0119640 (LWP 5092) "qemu-system-ris"):
-#0  0x00007f83b0400a3d in syscall () at /lib/x86_64-linux-gnu/libc.so.6
-#1  0x000055cb31e0bd52 in qemu_event_wait ()
-#2  0x0000000000000000 in  ()
-Thread 1 (Thread 0x7f83b011ac00 (LWP 5090) "qemu-system-ris"):
-#0  0x00007f83b03fae7e in ppoll () at /lib/x86_64-linux-gnu/libc.so.6
-#1  0x00007f83b0752500 in  () at /lib/x86_64-linux-gnu/libglib-2.0.so.0
-#2  0x000055cb33241b30 in  ()
-#3  0x0000000000000005 in  ()
-#4  0x0000000000000000 in  ()
-```
-backtrace for the infinite loop
-```
-(gdb) bt
-#0  cpu_loop_exit (cpu=0x55e2294e4070) at ../accel/tcg/cpu-exec-common.c:65
-#1  0x000055e2274efde4 in cpu_loop_exit_restore (cpu=cpu@entry=0x55e2294e4070, pc=pc@entry=0)
-    at ../accel/tcg/cpu-exec-common.c:76
-#2  0x000055e22737fff1 in riscv_cpu_do_transaction_failed
-    (cs=0x55e2294e4070, physaddr=<optimized out>, addr=0, size=<optimized out>, access_type=MMU_INST_FETCH, mmu_idx=<optimized out>, attrs=..., response=2, retaddr=0)
-    at ../target/riscv/cpu_helper.c:1165
-#3  0x000055e2274fa4a7 in cpu_transaction_failed
-    (retaddr=0, response=2, attrs=..., mmu_idx=3, access_type=MMU_INST_FETCH, size=<optimized out>, addr=0, physaddr=<optimized out>, cpu=0x55e2294e4070) at ../accel/tcg/cputlb.c:1344
-#4  io_readx
-    (env=env@entry=0x55e2294e53d0, full=full@entry=0x7fd90c029410, mmu_idx=3, addr=addr@entry=0, retaddr=retaddr@entry=0, access_type=access_type@entry=MMU_INST_FETCH, op=MO_16)
-    at ../accel/tcg/cputlb.c:1380
-#5  0x000055e2274fba28 in load_helper
-    (full_load=<optimized out>, code_read=true, op=MO_16, retaddr=0, oi=19, addr=0, env=0x55e2294e53d0) at ../accel/tcg/cputlb.c:1970
-#6  full_lduw_code (env=env@entry=0x55e2294e53d0, addr=addr@entry=0, oi=19, retaddr=0)
-    at ../accel/tcg/cputlb.c:2606
-#7  0x000055e22750827b in cpu_lduw_code (env=env@entry=0x55e2294e53d0, addr=addr@entry=0)
-    at ../accel/tcg/cputlb.c:2612
-#8  0x000055e2274f87fa in translator_lduw
-    (env=env@entry=0x55e2294e53d0, db=db@entry=0x7fd913dfe5a0, pc=0)
-    at ../accel/tcg/translator.c:216
-#9  0x000055e2273e423a in riscv_tr_translate_insn (dcbase=0x7fd913dfe5a0, cpu=<optimized out>)
-    at ../target/riscv/translate.c:1158
-#10 0x000055e2274f83d3 in translator_loop
-    (cpu=cpu@entry=0x55e2294e4070, tb=tb@entry=0x7fd91c000240 <code_gen_buffer+531>, max_insns=<optim
-    ized out>, pc=pc@entry=0, host_pc=host_pc@entry=0x55e2274efe74 <tb_htable_lookup+84>, ops=ops@entry=0x55e227a75c80 <riscv_tr_ops>, db=0x7fd913dfe5a0) at ../accel/tcg/translator.c:96
-#11 0x000055e227411760 in gen_intermediate_code
-    (cs=cs@entry=0x55e2294e4070, tb=tb@entry=0x7fd91c000240 <code_gen_buffer+531>, max_insns=<optimized out>, pc=pc@entry=0, host_pc=host_pc@entry=0x55e2274efe74 <tb_htable_lookup+84>)
-    at ../target/riscv/translate.c:1240
-#12 0x000055e2274f6954 in setjmp_gen_code
-    (env=env@entry=0x55e2294e53d0, tb=tb@entry=0x7fd91c000240 <code_gen_buffer+531>, pc=pc@entry=0, host_pc=0x55e2274efe74 <tb_htable_lookup+84>, max_insns=max_insns@entry=0x7fd913dfe744, ti=<optimized out>) at ../accel/tcg/translate-all.c:761
-#13 0x000055e2274f7294 in tb_gen_code
-    (cpu=cpu@entry=0x55e2294e4070, pc=0, cs_base=0, flags=1085443, cflags=<optimized out>, 
-    cflags@entry=-16777216) at ../accel/tcg/translate-all.c:841
-#14 0x000055e2274f10cf in cpu_exec (cpu=cpu@entry=0x55e2294e4070) at ../accel/tcg/cpu-exec.c:1006
-#15 0x000055e22750a904 in tcg_cpus_exec (cpu=cpu@entry=0x55e2294e4070)
-    at ../accel/tcg/tcg-accel-ops.c:69
-#16 0x000055e22750aa57 in mttcg_cpu_thread_fn (arg=arg@entry=0x55e2294e4070)
-    at ../accel/tcg/tcg-accel-ops-mttcg.c:95
-#17 0x000055e227674b21 in qemu_thread_start (args=<optimized out>)
-    at ../util/qemu-thread-posix.c:505
-#18 0x00007fd9611a9b43 in start_thread (arg=<optimized out>) at ./nptl/pthread_create.c:442
-#19 0x00007fd96123ba00 in clone3 () at ../sysdeps/unix/sysv/linux/x86_64/clone3.S:81
-```
-
-disassembly code 
-```
-80001ac6 <xPortStartFirstTask>:
-80001ac6:\t85c1a103          \tlw\tsp,-1956(gp) # 800809fc <pxCurrentTCB>
-80001aca:\t4102                \tlw\tsp,0(sp)
-80001acc:\t4082                \tlw\tra,0(sp)
-80001ace:\t43c2                \tlw\tt2,16(sp)
-80001ad0:\t4452                \tlw\ts0,20(sp)
-80001ad2:\t44e2                \tlw\ts1,24(sp)
-80001ad4:\t4572                \tlw\ta0,28(sp)
-80001ad6:\t5582                \tlw\ta1,32(sp)
-80001ad8:\t5612                \tlw\ta2,36(sp)
-80001ada:\t56a2                \tlw\ta3,40(sp)
-80001adc:\t5732                \tlw\ta4,44(sp)
-80001ade:\t57c2                \tlw\ta5,48(sp)
-80001ae0:\t5852                \tlw\ta6,52(sp)
-80001ae2:\t58e2                \tlw\ta7,56(sp)
-80001ae4:\t5972                \tlw\ts2,60(sp)
-80001ae6:\t4986                \tlw\ts3,64(sp)
-80001ae8:\t4a16                \tlw\ts4,68(sp)
-80001aea:\t4aa6                \tlw\ts5,72(sp)
-80001aec:\t4b36                \tlw\ts6,76(sp)
-80001aee:\t4bc6                \tlw\ts7,80(sp)
-80001af0:\t4c56                \tlw\ts8,84(sp)
-80001af2:\t4ce6                \tlw\ts9,88(sp)
-80001af4:\t4d76                \tlw\ts10,92(sp)
-80001af6:\t5d86                \tlw\ts11,96(sp)
-80001af8:\t5e16                \tlw\tt3,100(sp)
-80001afa:\t5ea6                \tlw\tt4,104(sp)
-80001afc:\t5f36                \tlw\tt5,108(sp)
-80001afe:\t5fc6                \tlw\tt6,112(sp)
-80001b00:\t52d6                \tlw\tt0,116(sp)
-80001b02:\t0007f317          \tauipc\tt1,0x7f
-80001b06:\tea232303          \tlw\tt1,-350(t1) # 800809a4 <pxCriticalNesting>
-80001b0a:\t00532023          \tsw\tt0,0(t1)
-80001b0e:\t52e6                \tlw\tt0,120(sp)
-80001b10:\t02a1                \taddi\tt0,t0,8
-80001b12:\t30029073          \tcsrw\tmstatus,t0  <--- hang on this line
-80001b16:\t42a2                \tlw\tt0,8(sp)
-80001b18:\t4332                \tlw\tt1,12(sp)
-80001b1a:\t07c10113          \taddi\tsp,sp,124
-80001b1e:\t8082                \tret
-```
-
-```
-(gdb) bt
-#0  cpu_loop_exit (cpu=cpu@entry=0x564cd884b070) at ../accel/tcg/cpu-exec-common.c:65
-#1  0x0000564cd6685631 in helper_lookup_tb_ptr (env=0x564cd884c3d0) at ../accel/tcg/cpu-exec.c:400
-#2  0x00007f55dc00014c in code_gen_buffer ()
-#3  0x0000564cd668521b in cpu_tb_exec
-    (cpu=cpu@entry=0x564cd884b070, itb=itb@entry=0x7f55dc000040 <code_gen_buffer+19>, tb_exit=tb_exit@entry=0x7f56235f67ec) at ../accel/tcg/cpu-exec.c:438
-#4  0x0000564cd6685cfb in cpu_loop_exec_tb
-    (tb_exit=0x7f56235f67ec, last_tb=<synthetic pointer>, pc=<optimized out>, tb=0x7f55dc000040 <code_gen_buffer+19>, cpu=0x564cd884b070) at ../accel/tcg/cpu-exec.c:868
-#5  cpu_exec (cpu=cpu@entry=0x564cd884b070) at ../accel/tcg/cpu-exec.c:1032
-#6  0x0000564cd669f904 in tcg_cpus_exec (cpu=cpu@entry=0x564cd884b070)
-    at ../accel/tcg/tcg-accel-ops.c:69
-#7  0x0000564cd669fa57 in mttcg_cpu_thread_fn (arg=arg@entry=0x564cd884b070)
-    at ../accel/tcg/tcg-accel-ops-mttcg.c:95
-#8  0x0000564cd6809b21 in qemu_thread_start (args=<optimized out>)
-    at ../util/qemu-thread-posix.c:505
-#9  0x00007f562429ab43 in start_thread (arg=<optimized out>) at ./nptl/pthread_create.c:442
-#10 0x00007f562432ca00 in clone3 () at ../sysdeps/unix/sysv/linux/x86_64/clone3.S:81
-```
-
-I also build a very simple elf for qemu-virt-platform, just contain boot-loader and write mstatus as 0x1888, it can't reproduce.\\
-I also build different qemu version such v6.0.0, it still can reproduce.\\
-I has modify the march to the most simple arch:rv32i, is still can reproduce.
-
-~"target: riscv""""