From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from eggs.gnu.org ([2001:4830:134:3::10]:35983) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1YTvyI-0007Vk-Q2 for qemu-devel@nongnu.org; Fri, 06 Mar 2015 12:23:35 -0500 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1YTvyE-0004fq-Kl for qemu-devel@nongnu.org; Fri, 06 Mar 2015 12:23:34 -0500 Received: from mail-we0-x231.google.com ([2a00:1450:400c:c03::231]:36143) by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1YTvyE-0004fl-Df for qemu-devel@nongnu.org; Fri, 06 Mar 2015 12:23:30 -0500 Received: by wesw55 with SMTP id w55so7457575wes.3 for ; Fri, 06 Mar 2015 09:23:29 -0800 (PST) Date: Fri, 6 Mar 2015 11:23:24 -0600 From: Stefan Hajnoczi Message-ID: <20150306172324.GF2431@stefanha-thinkpad.redhat.com> References: <54EEE795.3050501@de.ibm.com> MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="IvGM3kKqwtniy32b" Content-Disposition: inline In-Reply-To: <54EEE795.3050501@de.ibm.com> Subject: Re: [Qemu-devel] qemu crash in coroutine bdrv_co_do_rw List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , To: Christian Borntraeger Cc: qemu-devel , Stefan Hajnoczi --IvGM3kKqwtniy32b Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Thu, Feb 26, 2015 at 10:29:57AM +0100, Christian Borntraeger wrote: > is this some know issue? Under heavy load with lots of dataplane devices = I sometimes get a segfault in the bdrc_co_do_rw routine: >=20 > #0 bdrv_co_do_rw (opaque=3D0x0) at /home/cborntra/REPOS/qemu/block.c:4791 > 4791 if (!acb->is_write) { > (gdb) bt > #0 bdrv_co_do_rw (opaque=3D0x0) at /home/cborntra/REPOS/qemu/block.c:4791 > #1 0x00000000801aeb78 in coroutine_trampoline (i0=3D, i1= =3D-725099072) at /home/cborntra/REPOS/qemu/coroutine-ucontext.c:80 > #2 0x000003fffbe1cca2 in __makecontext_ret () from /lib64/libc.so.6 > Backtrace stopped: previous frame identical to this frame (corrupt stack?) > (gdb) up > #1 0x00000000801aeb78 in coroutine_trampoline (i0=3D, i1= =3D-725099072) at /home/cborntra/REPOS/qemu/coroutine-ucontext.c:80 > 80 co->entry(co->entry_arg); > (gdb) print *co > $1 =3D {entry =3D 0x801a3c28 , entry_arg =3D 0x0, caller = =3D 0x3ffe2fff788, pool_next =3D {sle_next =3D 0x3ffd2287990}, co_queue_wak= eup =3D {tqh_first =3D 0x0,=20 > tqh_last =3D 0x3ffd4c7dde0}, co_queue_next =3D {tqe_next =3D 0x0, tqe= _prev =3D 0x0}} >=20 > As you can see enty_arg is 0, causing the problem. Do you have any quick = idea before I start debugging? No, I haven't seen this bug before. Are you running qemu.git/master? Have you tried disabling the coroutine pool (freelist)? Stefan --IvGM3kKqwtniy32b Content-Type: application/pgp-signature -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQEcBAEBAgAGBQJU+eKMAAoJEJykq7OBq3PICeoIAJ+XOlkWpvx+qKOJ35pDzyl5 KTJs3nyXyRoWt67RJTuBpKbpL/kxpL2xt4fq76hx/LHiuG/ypZ+x+BLIHx654RAs aN8S+gKR2cPxyJc+316EeePQewG73x3JfPQ79+xfsggXWvz022I8nmQ6+xx7qcbw A9dY1rAaWg8QxsIA6uDir9kpJu7ZZYFtlews2pVbRaWyogPBWnWWW/PhOm4cA5gx lLzQnVZm0rab+JCADroCnM5Dtvm6hyXp/0/PhZPmX+aqQWHd7EFyXZnibMxF6GEi WCNPJHb6Fz923Lz+OFfu8BsLLNOJS34/hbdieEgMi3u86XbDVUdCHLNdiv4ejEw= =fexp -----END PGP SIGNATURE----- --IvGM3kKqwtniy32b--