Project

General

Profile

Actions

Bug #14527

closed

early boot hang in xhci under QEMU 6.0.0

Added by Joshua M. Clulow 6 months ago. Updated 25 days ago.

Status:
Rejected
Priority:
Normal
Category:
-
Start date:
Due date:
% Done:

0%

Estimated time:
Difficulty:
Medium
Tags:
Gerrit CR:

Description

In a QEMU 6.0.0 guest we can get stuck in an odd deadlock-like situation. I was able to get back into KMDB, though, using:

virsh qemu-monitor-command oitest '{"execute":"inject-nmi"}'

The stack (a picture is attached) had us in xhci_intr_conf() having made it to xhci_put32(xhcip, XHCI_R_OPER, XHCI_USBCMD, reg). While performing that write, we receive an XHCI interrupt, and when attempting to read something from the controller we hang in that read.


Files

here.png (26.4 KB) here.png Joshua M. Clulow, 2022-02-22 01:52 AM
Actions #1

Updated by Joshua M. Clulow 6 months ago

Actions #2

Updated by Joshua M. Clulow 6 months ago

The stack when stopped by the NMI:

Actions #3

Updated by Joshua M. Clulow 27 days ago

Taking a closer look at this, it seems that our xhci_intr_conf() call is blocked in xhci_put32(), specifically while enabling globally interrupts:

/*
 * Configure the device for interrupts. We need to take care of three things.
 * Enabling interupt zero, setting interrupt zero's interrupt moderation, and
 * then enabling interrupts themselves globally.
 */
int
xhci_intr_conf(xhci_t *xhcip)
{
...
        reg = xhci_get32(xhcip, XHCI_R_OPER, XHCI_USBCMD);
        reg |= XHCI_CMD_INTE;
        xhci_put32(xhcip, XHCI_R_OPER, XHCI_USBCMD, reg);

This is:

#define XHCI_CMD_INTE           0x00000004      /* RW Interrupter Enable */

In the interrupt that then fires, we appear to be blocked in xhci_get32() here:

uint_t
xhci_intr(caddr_t arg1, caddr_t arg2)
{
...
        iman = xhci_get32(xhcip, XHCI_R_RUN, XHCI_IMAN(0));
        if (xhci_check_regs_acc(xhcip) != DDI_FM_OK) {
                xhci_error(xhcip, "failed to read interrupt register 0: " 
                    "encountered fatal FM error, resetting device");
                xhci_fm_runtime_reset(xhcip);
                return (DDI_INTR_CLAIMED);
        }

This is:

#define XHCI_IMAN(n)            (0x0020 + (0x20 * (n))) /* XHCI interrupt */
                                                        /* management */
Actions #4

Updated by Joshua M. Clulow 25 days ago

  • Status changed from New to Rejected
  • Assignee set to Joshua M. Clulow

I'm withdrawing this as something we don't need to look at. This QEMU version was shipped in Ubuntu 21.10, but that's now EOL and I've upgraded. In 22.04, we seem to have a newer version:

 $ qemu-system-x86_64 --version
QEMU emulator version 6.2.0 (Debian 1:6.2+dfsg-2ubuntu6.3)
Copyright (c) 2003-2021 Fabrice Bellard and the QEMU Project developers

This includes several XHCI emulation fixes which appear to have fixed this; e.g.,

Actions

Also available in: Atom PDF