On Tue,  6 Mar 2018 14:19:15 +0100
Paolo Bonzini <pbonz...@redhat.com> wrote:

> address_space_access_valid is calling address_space_to_flatview but it can
> be called outside the RCU lock.  To fix it, push the rcu_read_lock/unlock
> pair up from flatview_access_valid to address_space_access_valid.
> 
> Reviewed-by: Alexey Kardashevskiy <a...@ozlabs.ru>
> Signed-off-by: Paolo Bonzini <pbonz...@redhat.com>
> ---
>  exec.c | 12 ++++++++----
>  1 file changed, 8 insertions(+), 4 deletions(-)

This one kills my s390x guests when running under tcg:

qemu-system-s390x: /home/cohuck/git/qemu/include/qemu/rcu.h:89: void 
rcu_read_unlock(void): Assertion `p_rcu_reader->depth != 0' failed.

Easy to reproduce with the moon buggy image from the QEMU Advent
Calendar:

s390x-softmmu/qemu-system-s390x -M s390-ccw-virtio -nographic -smp 2 -kernel 
~/Downloads/s390-moon-buggy/s390-bb.kernel -initrd 
~/Downloads/s390-moon-buggy/s390-moon-buggy.initrd

(regardless whether using smp or not)

Backchain:

(gdb) bt
#0  0x00007ffff399d9fb in raise () from /lib64/libc.so.6
#1  0x00007ffff399f800 in abort () from /lib64/libc.so.6
#2  0x00007ffff39960da in __assert_fail_base () from /lib64/libc.so.6
#3  0x00007ffff3996152 in __assert_fail () from /lib64/libc.so.6
#4  0x00005555556a4919 in rcu_read_unlock ()
    at /home/cohuck/git/qemu/include/qemu/rcu.h:89
#5  cpu_exec (cpu=0x555556423f50)
    at /home/cohuck/git/qemu/accel/tcg/cpu-exec.c:740
#6  0x000055555566cbf5 in tcg_cpu_exec (cpu=<optimized out>)
    at /home/cohuck/git/qemu/cpus.c:1341
#7  qemu_tcg_rr_cpu_thread_fn (arg=<optimized out>)
    at /home/cohuck/git/qemu/cpus.c:1435
#8  0x00007ffff3d4336d in start_thread () from /lib64/libpthread.so.0
#9  0x00007ffff3a77b4f in clone () from /lib64/libc.so.6

F26 host, qemu built with clang.

Reply via email to