From: Paolo Bonzini <pbonzini@redhat.com>
To: Gonglei <arei.gonglei@huawei.com>,
"qemu-devel@nongnu.org" <qemu-devel@nongnu.org>
Cc: "Huangpeng (Peter)" <peter.huangpeng@huawei.com>,
"kraxel@redhat.com" <kraxel@redhat.com>
Subject: Re: [Qemu-devel] [Question] QEMU 2.3 Assertion with `existing->mr->subpage || existing->mr == &io_mem_unassigned' failed
Date: Tue, 15 Sep 2015 18:49:50 +0200 [thread overview]
Message-ID: <55F84C2E.2060806@redhat.com> (raw)
In-Reply-To: <55F7E2D2.8070009@huawei.com>
On 15/09/2015 11:20, Gonglei wrote:
> On 2015/9/15 14:33, Gonglei wrote:
>> On 2015/9/15 9:16, Gonglei wrote:
>>> On 2015/9/14 17:28, Paolo Bonzini wrote:
>>>>
>>>>
>>>> On 14/09/2015 10:01, Gonglei (Arei) wrote:
>>>>> [2015-09-11 13:42:44] domain is rebooting
>>>>> qemu-kvm: /home/abuild/rpmbuild/BUILD/qemu-kvm-2.3.0/exec.c:1188: register_subpage: Assertion `existing->mr->subpage || existing->mr == &io_mem_unassigned' failed.
>>>>> [2015-09-11 13:42:58]: shutting down
>>>>>
>>>>> Or
>>>>> qemu-kvm: /home/abuild/rpmbuild/BUILD/qemu-kvm-2.3.0/include/qemu/int128.h:22: int128_get64: Assertion `!a.hi' failed.
>>>>
>>>> You need to provide a backtrace.
>>>>
>>>> Paolo
>>>>
>>> Yup, I noticed that, but when I sent this email yesterday, I didn't get a backtrace :(
>>> Fortunately, I get a backtrace now:
>>>
>>> #0 int128_get64 (a=...) at /home/qemu/include/qemu/int128.h:27
>>> #1 0x00007f17ad7a7f1a in register_multipage (d=0x7f179c4f8480, section=0x7f17a323c3f0) at /home/qemu/exec.c:1215
>>> #2 0x00007f17ad7a8266 in mem_add (listener=0x7f17ae043968 <address_space_io+72>, section=0x7f17a323c730) at /home/qemu/exec.c:1250
>>> #3 0x00007f17ad7f843a in address_space_update_topology_pass (as=0x7f17ae043920 <address_space_io>, old_view=0x7f179c1f8b50, new_view=0x7f179c523620, adding=true)
>>> at /home/qemu/memory.c:739
>>> #4 0x00007f17ad7f8520 in address_space_update_topology (as=0x7f17ae043920 <address_space_io>) at /home/qemu/memory.c:754
>>> #5 0x00007f17ad7f8660 in memory_region_transaction_commit () at /home/qemu/memory.c:794
>>> #6 0x00007f17ad9a690c in cirrus_update_memory_access (s=0x7f17b12873c0) at hw/display/cirrus_vga.c:2485
>>> #7 0x00007f17ad9a4dac in cirrus_vga_write_gr (s=0x7f17b12873c0, reg_index=9, reg_value=163) at hw/display/cirrus_vga.c:1524
>>> #8 0x00007f17ad9a6e47 in cirrus_vga_ioport_write (opaque=0x7f17b12873c0, addr=975, val=163, size=1) at hw/display/cirrus_vga.c:2672
>>> #9 0x00007f17ad7f6882 in memory_region_write_accessor (mr=0x7f17b1297d88, addr=31, value=0x7f17a323c968, size=1, shift=8, mask=255) at /home/qemu/memory.c:430
>>> #10 0x00007f17ad7f698b in access_with_adjusted_size (addr=30, value=0x7f17a323c968, size=2, access_size_min=1, access_size_max=1, access=0x7f17ad7f67fd <memory_region_write_accessor>, mr=0x7f17b1297d88)
>>> at /home/qemu/memory.c:467
>>> #11 0x00007f17ad7f9311 in memory_region_dispatch_write (mr=0x7f17b1297d88, addr=30, data=41737, size=2) at /home/qemu/memory.c:1103
>>> #12 0x00007f17ad7fc22e in io_mem_write (mr=0x7f17b1297d88, addr=30, val=41737, size=2) at /home/qemu/memory.c:2003
>>> #13 0x00007f17ad7aafe4 in address_space_rw (as=0x7f17ae043920 <address_space_io>, addr=974, buf=0x7f17ad6f6000 "\t\243\320", len=2, is_write=true) at /home/qemu/exec.c:2533
>>> #14 0x00007f17ad7f3acf in kvm_handle_io (port=974, data=0x7f17ad6f6000, direction=1, size=2, count=1) at /home/qemu/kvm-all.c:1707
>>> #15 0x00007f17ad7f3fb5 in kvm_cpu_exec (cpu=0x7f17b05b7a20) at /home/qemu/kvm-all.c:1864
>>> #16 0x00007f17ad7db416 in qemu_kvm_cpu_thread_fn (arg=0x7f17b05b7a20) at /home/qemu/cpus.c:972
>>> #17 0x00007f17ac2cbdf5 in start_thread () from /lib64/libpthread.so.0
>>> #18 0x00007f17a73e31ad in clone () from /lib64/libc.so.6
>>>
>>> It seems that something wrong happened in vga memory updating.
>>>
>>
>> Another backtrace:
>>
>> (gdb) bt
>> #0 int128_get64 (a=...) at /home/qemu/include/qemu/int128.h:27
>> #1 0x00007f4cdefc1f6a in register_multipage (d=0x7f4cd012f1c0, section=0x7f4cd4a562c0) at /home/qemu/exec.c:1215
>> #2 0x00007f4cdefc22b6 in mem_add (listener=0x7f4cdf85d968 <address_space_io+72>, section=0x7f4cd4a56600) at /home/qemu/exec.c:1250
>> #3 0x00007f4cdf01248a in address_space_update_topology_pass (as=0x7f4cdf85d920 <address_space_io>, old_view=0x7f4cd0028d40, new_view=0x7f4cd015f5f0, adding=true)
>> at /home/qemu/memory.c:739
>> #4 0x00007f4cdf012570 in address_space_update_topology (as=0x7f4cdf85d920 <address_space_io>) at /home/qemu/memory.c:754
>> #5 0x00007f4cdf0126b0 in memory_region_transaction_commit () at /home/qemu/memory.c:794
>> #6 0x00007f4cdf0151f0 in memory_region_del_subregion (mr=0x7f4ce01034e0, subregion=0x7f4ce13873a0) at /home/qemu/memory.c:1698
>> #7 0x00007f4cdf21761d in pci_update_mappings (d=0x7f4ce1386f70) at hw/pci/pci.c:1120
>> #8 0x00007f4cdf2179b0 in pci_default_write_config (d=0x7f4ce1386f70, addr=4, val_in=256, l=2) at hw/pci/pci.c:1180
>> #9 0x00007f4cdf28d2d6 in virtio_write_config (pci_dev=0x7f4ce1386f70, address=4, val=256, len=2) at hw/virtio/virtio-pci.c:430
>> #10 0x00007f4cdf220746 in pci_host_config_write_common (pci_dev=0x7f4ce1386f70, addr=4, limit=256, val=256, len=2) at hw/pci/pci_host.c:57
>> #11 0x00007f4cdf22084a in pci_data_write (s=0x7f4ce008afc0, addr=2147489796, val=256, len=2) at hw/pci/pci_host.c:84
>> #12 0x00007f4cdf22096c in pci_host_data_write (opaque=0x7f4ce00896b0, addr=0, val=256, len=2) at hw/pci/pci_host.c:137
>> #13 0x00007f4cdf0108d2 in memory_region_write_accessor (mr=0x7f4ce0089ab0, addr=0, value=0x7f4cd4a56968, size=2, shift=0, mask=65535) at /home/qemu/memory.c:430
>> #14 0x00007f4cdf0109db in access_with_adjusted_size (addr=0, value=0x7f4cd4a56968, size=2, access_size_min=1, access_size_max=4, access=0x7f4cdf01084d <memory_region_write_accessor>, mr=0x7f4ce0089ab0)
>> at /home/qemu/memory.c:467
>> #15 0x00007f4cdf013361 in memory_region_dispatch_write (mr=0x7f4ce0089ab0, addr=0, data=256, size=2) at /home/qemu/memory.c:1103
>> #16 0x00007f4cdf01627e in io_mem_write (mr=0x7f4ce0089ab0, addr=0, val=256, size=2) at /home/qemu/memory.c:2003
>> #17 0x00007f4cdefc5034 in address_space_rw (as=0x7f4cdf85d920 <address_space_io>, addr=3324, buf=0x7f4cdef10000 "", len=2, is_write=true) at /home/qemu/exec.c:2533
>> #18 0x00007f4cdf00db1f in kvm_handle_io (port=3324, data=0x7f4cdef10000, direction=1, size=2, count=1) at /home/qemu/kvm-all.c:1707
>> #19 0x00007f4cdf00e005 in kvm_cpu_exec (cpu=0x7f4ce00eca20) at /home/qemu/kvm-all.c:1864
>> #20 0x00007f4cdeff5466 in qemu_kvm_cpu_thread_fn (arg=0x7f4ce00eca20) at /home/qemu/cpus.c:972
>> #21 0x00007f4cddae5df5 in start_thread () from /lib64/libpthread.so.0
>> #22 0x00007f4cd8bfd1ad in clone () from /lib64/libc.so.6
>>
>
> Paolo, do you have any cues? Thanks!
Sorry, I haven't looked at it yet. I'll have to study the code. In the
meanwhile, perhaps you can print "section" and "existing" please from gdb?
Paolo
next prev parent reply other threads:[~2015-09-15 16:49 UTC|newest]
Thread overview: 7+ messages / expand[flat|nested] mbox.gz Atom feed top
2015-09-14 8:01 [Qemu-devel] [Question] QEMU 2.3 Assertion with `existing->mr->subpage || existing->mr == &io_mem_unassigned' failed Gonglei (Arei)
2015-09-14 9:28 ` Paolo Bonzini
2015-09-15 1:16 ` Gonglei
2015-09-15 6:33 ` Gonglei
2015-09-15 9:20 ` Gonglei
2015-09-15 16:49 ` Paolo Bonzini [this message]
2015-09-18 7:34 ` Gonglei
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=55F84C2E.2060806@redhat.com \
--to=pbonzini@redhat.com \
--cc=arei.gonglei@huawei.com \
--cc=kraxel@redhat.com \
--cc=peter.huangpeng@huawei.com \
--cc=qemu-devel@nongnu.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.