Re: [Qemu-devel] qemu crash in coroutine bdrv_co_do_rw

All of lore.kernel.org
 help / color / mirror / Atom feed

From: Christian Borntraeger <borntraeger@de.ibm.com>
To: Stefan Hajnoczi <stefanha@gmail.com>
Cc: Paolo Bonzini <pbonzini@redhat.com>,
	qemu-devel <qemu-devel@nongnu.org>,
	Stefan Hajnoczi <stefanha@redhat.com>
Subject: Re: [Qemu-devel] qemu crash in coroutine bdrv_co_do_rw
Date: Tue, 10 Mar 2015 08:54:52 +0100	[thread overview]
Message-ID: <54FEA34C.4030600@de.ibm.com> (raw)
In-Reply-To: <54FE0492.5080305@de.ibm.com>

Am 09.03.2015 um 21:37 schrieb Christian Borntraeger:
> Am 06.03.2015 um 18:23 schrieb Stefan Hajnoczi:
>> On Thu, Feb 26, 2015 at 10:29:57AM +0100, Christian Borntraeger wrote:
>>> is this some know issue? Under heavy load with lots of dataplane devices I sometimes get a segfault in the bdrc_co_do_rw routine:
>>>
>>> #0  bdrv_co_do_rw (opaque=0x0) at /home/cborntra/REPOS/qemu/block.c:4791
>>> 4791	    if (!acb->is_write) {
>>> (gdb) bt
>>> #0  bdrv_co_do_rw (opaque=0x0) at /home/cborntra/REPOS/qemu/block.c:4791
>>> #1  0x00000000801aeb78 in coroutine_trampoline (i0=<optimized out>, i1=-725099072) at /home/cborntra/REPOS/qemu/coroutine-ucontext.c:80
>>> #2  0x000003fffbe1cca2 in __makecontext_ret () from /lib64/libc.so.6
>>> Backtrace stopped: previous frame identical to this frame (corrupt stack?)
>>> (gdb) up
>>> #1  0x00000000801aeb78 in coroutine_trampoline (i0=<optimized out>, i1=-725099072) at /home/cborntra/REPOS/qemu/coroutine-ucontext.c:80
>>> 80	        co->entry(co->entry_arg);
>>> (gdb) print *co
>>> $1 = {entry = 0x801a3c28 <bdrv_co_do_rw>, entry_arg = 0x0, caller = 0x3ffe2fff788, pool_next = {sle_next = 0x3ffd2287990}, co_queue_wakeup = {tqh_first = 0x0, 
>>>     tqh_last = 0x3ffd4c7dde0}, co_queue_next = {tqe_next = 0x0, tqe_prev = 0x0}}
>>>
>>> As you can see enty_arg is 0, causing the problem. Do you have any quick idea before I start debugging?
>>
>> No, I haven't seen this bug before.  Are you running qemu.git/master?
>>
>> Have you tried disabling the coroutine pool (freelist)?
>>
>> Stefan
>>
> 
> I was able to increase the likelyhood of hitting this (more vCPUs, less guests).
> 
> bisect thinks that this makes this shaky:
> 
> 4d68e86bb10159099da0798f74e7512955f15eec is the first bad commit
> commit 4d68e86bb10159099da0798f74e7512955f15eec
> Author: Paolo Bonzini <pbonzini@redhat.com>
> Date:   Tue Dec 2 12:05:48 2014 +0100
> 
>     coroutine: rewrite pool to avoid mutex
> 
> 
> Christian
> 

Yes, reverting these 3 makes the problem go away during an overnight run.


    Revert "coroutine: rewrite pool to avoid mutex"
    
    This reverts commit 4d68e86bb10159099da0798f74e7512955f15eec.

    Revert "coroutine: drop qemu_coroutine_adjust_pool_size"
    
    This reverts commit 66552b894bd68dd6539fb6d656ad2c21bdd6acbe.


    Revert "coroutine: try harder not to delete coroutines"
   
    This reverts commit 51a2219bdceed16e81c6e2e2f08aed39c579728f.


Christian

next prev parent reply	other threads:[~2015-03-10  7:55 UTC|newest]

Thread overview: 6+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2015-02-26  9:29 [Qemu-devel] qemu crash in coroutine bdrv_co_do_rw Christian Borntraeger
2015-03-06 17:23 ` Stefan Hajnoczi
2015-03-09 20:37   ` Christian Borntraeger
2015-03-10  7:54     ` Christian Borntraeger [this message]
2015-03-10 10:33       ` Paolo Bonzini
2015-03-10 11:27         ` Christian Borntraeger

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=54FEA34C.4030600@de.ibm.com \
    --to=borntraeger@de.ibm.com \
    --cc=pbonzini@redhat.com \
    --cc=qemu-devel@nongnu.org \
    --cc=stefanha@gmail.com \
    --cc=stefanha@redhat.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.