From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from eggs.gnu.org ([2001:4830:134:3::10]:43360)
	by lists.gnu.org with esmtp (Exim 4.71)
	(envelope-from <zhang.zhanghailiang@huawei.com>) id 1Ztnl8-0003VY-HA
	for qemu-devel@nongnu.org; Tue, 03 Nov 2015 21:25:11 -0500
Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
	(envelope-from <zhang.zhanghailiang@huawei.com>) id 1Ztnl5-00017Y-9o
	for qemu-devel@nongnu.org; Tue, 03 Nov 2015 21:25:10 -0500
Received: from szxga02-in.huawei.com ([119.145.14.65]:26910)
	by eggs.gnu.org with esmtp (Exim 4.71)
	(envelope-from <zhang.zhanghailiang@huawei.com>) id 1Ztnl2-0000yk-UW
	for qemu-devel@nongnu.org; Tue, 03 Nov 2015 21:25:07 -0500
References: <5638B041.50500@huawei.com>
	<CAJ+F1CJ_mvFFutQbbm6KFhG2mR6fW-OCqhrumWx1pf1kxhHR=g@mail.gmail.com>
From: zhanghailiang <zhang.zhanghailiang@huawei.com>
Message-ID: <56396C66.4000303@huawei.com>
Date: Wed, 4 Nov 2015 10:24:38 +0800
MIME-Version: 1.0
In-Reply-To: <CAJ+F1CJ_mvFFutQbbm6KFhG2mR6fW-OCqhrumWx1pf1kxhHR=g@mail.gmail.com>
Content-Type: text/plain; charset="utf-8"; format=flowed
Content-Transfer-Encoding: 8bit
Subject: Re: [Qemu-devel] [vhost-user BUG ?] QEMU process segfault when
 shutdown or reboot with vhost-user
List-Id: <qemu-devel.nongnu.org>
List-Unsubscribe: <https://lists.nongnu.org/mailman/options/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=unsubscribe>
List-Archive: <http://lists.nongnu.org/archive/html/qemu-devel>
List-Post: <mailto:qemu-devel@nongnu.org>
List-Help: <mailto:qemu-devel-request@nongnu.org?subject=help>
List-Subscribe: <https://lists.nongnu.org/mailman/listinfo/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=subscribe>
To: =?UTF-8?Q?Marc-Andr=c3=a9_Lureau?= <marcandre.lureau@gmail.com>
Cc: Jason Wang <jasowang@redhat.com>, "Michael S. Tsirkin" <mst@redhat.com>, peter.huangpeng@huawei.com, "stefanha@redhat.com" <stefanha@redhat.com>, "qemu-devel@nongnu.org" <qemu-devel@nongnu.org>

On 2015/11/3 22:54, Marc-André Lureau wrote:
> Hi
>
> On Tue, Nov 3, 2015 at 2:01 PM, zhanghailiang
> <zhang.zhanghailiang@huawei.com> wrote:
>> The corresponding codes where gdb reports error are: (We have added some
>> codes in net.c)
>
> Can you reproduce with unmodified qemu? Could you give instructions to do so?
>

OK, i will try to do it. There is nothing special, we run iperf tool in VM,
and then shutdown or reboot it. There is change you can catch segfault.

>> ssize_t qemu_deliver_packet(NetClientState *sender,
>>                              unsigned flags,
>>                              const uint8_t *data,
>>                              size_t size,
>>                              void *opaque)
>> {
>>      NetClientState *nc = opaque;
>>      ssize_t ret;
>>
>>      if (nc->link_down) {
>>          return size;
>>      }
>>
>>      if (nc->receive_disabled) {
>>          return 0;
>>      }
>>
>>      if (flags & QEMU_NET_PACKET_FLAG_RAW && nc->info->receive_raw) {
>>          ret = nc->info->receive_raw(nc, data, size);
>>      } else {
>>          ret = nc->info->receive(nc, data, size);   ----> Here is 510 line
>>      }
>>
>> I'm not quite familiar with vhost-user, but for vhost-user, these two
>> callback functions seem to be always NULL,
>> Why we can come here ?
>
> You should not come here, vhost-user has nc->receive_disabled (it
> changes in 2.5)
>

I have looked at the newest codes, i think we can still have chance to
come here, since we will change nc->receive_disable to false temporarily in
qemu_flush_or_purge_queued_packets(), there is no difference between 2.3 and 2.5
for this.
Besides, is it possible for !QTAILQ_EMPTY(&queue->packets) to be true
in qemu_net_queue_flush() for vhost-user ?

i will try to reproduce it by using newest qemu.

Thanks,
zhanghailiang