[Qemu-devel] [PATCH] gdb command: qemu aios, qemu aiohandlers

[Qemu-devel] [PATCH] gdb command: qemu aios, qemu aiohandlers

[Dr. David Alan Gilbert (git)]

From: "Dr. David Alan Gilbert" <dgilbert@redhat.com>

Two new gdb commands are added:

  qemu iohandlers

     that dumps the list of waiting iohandlers, this is particularly
     useful for trying to figure out where an incoming migration is
     blocked.  For 'fd_coroutine_enter' cases we dump a full backtrace.

  qemu aios
     that dumps the qemu_aio_context list.

This is a rewrite of an earlier version prior to Fam's changes
to the corresponding structures.

Signed-off-by: Dr. David Alan Gilbert <dgilbert@redhat.com>

  (gdb) qemu aios
  ----
  {pfd = {fd = 12, events = 25, revents = 0}, io_read = 0x5634d4033cc0
  <qemu_laio_completion_cb>, io_write = 0x0, deleted = 0, opaque =
  0x5634d601e8b8, node = {le_next = 0x5634d5fd2330, le_prev =
  0x5634d5fd22a0}}
  ----
  {pfd = {fd = 6, events = 25, revents = 0}, io_read = 0x5634d3ff1750
  <event_notifier_dummy_cb>, io_write = 0x0, deleted = 0, opaque =
  0x5634d5fd22e8, node = {le_next = 0x0, le_prev = 0x5634d5fe8458}}
  ----

  (gdb) qemu iohandlers
  ----
  {pfd = {fd = 15, events = 25, revents = 0}, io_read = 0x559a843bd850
  <fd_coroutine_enter>, io_write = 0x0, deleted = 0, opaque =
  0x7fef1c5fed30, node = {le_next = 0x559a84e9d180, le_prev =
  0x559a84e9c6b0}}
  #0  0x0000559a843bdcf0 in qemu_coroutine_switch
  (from_=from_@entry=0x559a865fd8e0, to_=to_@entry=0x7fef37774ac8,
  action=action@entry=COROUTINE_YIELD) at
  /home/dgilbert/git/qemu-world3/coroutine-ucontext.c:177
  #1  0x0000559a843bd0d0 in qemu_coroutine_yield () at
  /home/dgilbert/git/qemu-world3/qemu-coroutine.c:145
  #2  0x0000559a843bd9c5 in yield_until_fd_readable (fd=15) at
  /home/dgilbert/git/qemu-world3/qemu-coroutine-io.c:90
  #3  0x0000559a84362337 in socket_get_buffer (opaque=0x559a862f7a00,
  buf=0x559a84ea0a70 "", pos=<optimized out>, size=32768) at
  /home/dgilbert/git/qemu-world3/migration/qemu-file-unix.c:69
  #4  0x0000559a84360c9c in qemu_fill_buffer (f=0x559a84ea0a40)
      at /home/dgilbert/git/qemu-world3/migration/qemu-file.c:215
  #5  0x0000559a84361569 in qemu_peek_byte (f=0x559a84ea0a40, offset=0)
      at /home/dgilbert/git/qemu-world3/migration/qemu-file.c:448
  #6  0x0000559a843617d4 in qemu_get_be32 (f=0x559a84ea0a40)
      at /home/dgilbert/git/qemu-world3/migration/qemu-file.c:461
  #7  0x0000559a843617d4 in qemu_get_be32 (f=f@entry=0x559a84ea0a40)
      at /home/dgilbert/git/qemu-world3/migration/qemu-file.c:545
  #8  0x0000559a84187d92 in qemu_loadvm_state (f=f@entry=0x559a84ea0a40)
      at /home/dgilbert/git/qemu-world3/migration/savevm.c:1070
  #9  0x0000559a8435dc42 in process_incoming_migration_co
  (opaque=0x559a84ea0a40)
      at /home/dgilbert/git/qemu-world3/migration/migration.c:285
  #10 0x0000559a843bdd5a in coroutine_trampoline (i0=<optimized out>,
  i1=<optimized out>)
      at /home/dgilbert/git/qemu-world3/coroutine-ucontext.c:80
  #11 0x00007fef2a462f10 in __start_context () at /lib64/libc.so.6
  #12 0x00007fffb7437b50 in  ()
  #13 0x0000000000000000 in  ()
  ----
  {pfd = {fd = 4, events = 25, revents = 0}, io_read = 0x559a843b7800
  <sigfd_handler>, io_write = 0x0, deleted = 0, opaque = 0x4, node =
  {le_next = 0x559a84e9c740, le_prev = 0x559a86325498}}
  ----
  {pfd = {fd = 5, events = 25, revents = 0}, io_read = 0x559a843ac750
  <event_notifier_dummy_cb>, io_write = 0x0, deleted = 0, opaque =
  0x559a84e9c6f8, node = {le_next = 0x0, le_prev = 0x559a84e9d1a8}}
  ----
---
 scripts/qemu-gdb.py    |  4 +++-
 scripts/qemugdb/aio.py | 52 ++++++++++++++++++++++++++++++++++++++++++++++++++
 2 files changed, 55 insertions(+), 1 deletion(-)
 create mode 100644 scripts/qemugdb/aio.py

diff --git a/scripts/qemu-gdb.py b/scripts/qemu-gdb.py
index d6f2e5a..99344c7 100644
--- a/scripts/qemu-gdb.py
+++ b/scripts/qemu-gdb.py
@@ -26,7 +26,7 @@ import os, sys
 
 sys.path.append(os.path.dirname(__file__))
 
-from qemugdb import mtree, coroutine
+from qemugdb import aio, mtree, coroutine
 
 class QemuCommand(gdb.Command):
     '''Prefix for QEMU debug support commands'''
@@ -37,6 +37,8 @@ class QemuCommand(gdb.Command):
 QemuCommand()
 coroutine.CoroutineCommand()
 mtree.MtreeCommand()
+aio.IOhandlersCommand()
+aio.AIOsCommand()
 
 # Default to silently passing through SIGUSR1, because QEMU sends it
 # to itself a lot.
diff --git a/scripts/qemugdb/aio.py b/scripts/qemugdb/aio.py
new file mode 100644
index 0000000..cda2c37
--- /dev/null
+++ b/scripts/qemugdb/aio.py
@@ -0,0 +1,52 @@
+#!/usr/bin/python
+
+# GDB debugging support: aio/iohandler debug
+#
+# Copyright (c) 2015 Red Hat, Inc.
+#
+# Author: Dr. David Alan Gilbert <dgilbert@redhat.com>
+#
+# This work is licensed under the terms of the GNU GPL, version 2 or
+# later.  See the COPYING file in the top-level directory.
+#
+
+import gdb
+from qemugdb import coroutine
+
+def isnull(ptr):
+    return ptr == gdb.Value(0).cast(ptr.type)
+
+def dump_aiocontext(context):
+    '''Display a dump and backtrace for an aiocontext'''
+    cur = context['aio_handlers']['lh_first']
+    # Get pointers to functions we're going to process specially
+    sym_fd_coroutine_enter = gdb.parse_and_eval('fd_coroutine_enter')
+
+    while not isnull(cur):
+        entry = cur.dereference()
+        gdb.write('----\n%s\n' % entry)
+        if cur['io_read'] == sym_fd_coroutine_enter:
+            coptr = (cur['opaque'].cast(gdb.lookup_type('FDYieldUntilData').pointer()))['co']
+            coptr = coptr.cast(gdb.lookup_type('CoroutineUContext').pointer())
+            coroutine.bt_jmpbuf(coptr['env']['__jmpbuf'])
+        cur = cur['node']['le_next'];
+
+    gdb.write('----\n')
+
+class AIOsCommand(gdb.Command):
+    '''Display aio handlers'''
+    def __init__(self):
+        gdb.Command.__init__(self, 'qemu aios', gdb.COMMAND_DATA,
+                             gdb.COMPLETE_NONE)
+
+    def invoke(self, arg, from_tty):
+        dump_aiocontext(gdb.parse_and_eval('qemu_aio_context'))
+
+class IOhandlersCommand(gdb.Command):
+    '''Display io handlers'''
+    def __init__(self):
+        gdb.Command.__init__(self, 'qemu iohandlers', gdb.COMMAND_DATA,
+                             gdb.COMPLETE_NONE)
+
+    def invoke(self, arg, from_tty):
+        dump_aiocontext(gdb.parse_and_eval('iohandler_ctx'))
-- 
2.5.0

Re: [Qemu-devel] [PATCH] gdb command: qemu aios, qemu aiohandlers

[Fam Zheng]

On Tue, 10/20 12:05, Dr. David Alan Gilbert (git) wrote:
> From: "Dr. David Alan Gilbert" <dgilbert@redhat.com>
> 
> Two new gdb commands are added:
> 
>   qemu iohandlers
> 
>      that dumps the list of waiting iohandlers, this is particularly
>      useful for trying to figure out where an incoming migration is
>      blocked.  For 'fd_coroutine_enter' cases we dump a full backtrace.
> 
>   qemu aios
>      that dumps the qemu_aio_context list.

I'd assume "qemu aios" is a command to print the list of AioContext instances
rather than handlers in a particular context (qemu_aio_context). How about
"qemu handlers"?

> 
> This is a rewrite of an earlier version prior to Fam's changes
> to the corresponding structures.
> 
> Signed-off-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
> 
>   (gdb) qemu aios
>   ----
>   {pfd = {fd = 12, events = 25, revents = 0}, io_read = 0x5634d4033cc0
>   <qemu_laio_completion_cb>, io_write = 0x0, deleted = 0, opaque =
>   0x5634d601e8b8, node = {le_next = 0x5634d5fd2330, le_prev =
>   0x5634d5fd22a0}}
>   ----
>   {pfd = {fd = 6, events = 25, revents = 0}, io_read = 0x5634d3ff1750
>   <event_notifier_dummy_cb>, io_write = 0x0, deleted = 0, opaque =
>   0x5634d5fd22e8, node = {le_next = 0x0, le_prev = 0x5634d5fe8458}}
>   ----
> 
>   (gdb) qemu iohandlers
>   ----
>   {pfd = {fd = 15, events = 25, revents = 0}, io_read = 0x559a843bd850
>   <fd_coroutine_enter>, io_write = 0x0, deleted = 0, opaque =
>   0x7fef1c5fed30, node = {le_next = 0x559a84e9d180, le_prev =
>   0x559a84e9c6b0}}
>   #0  0x0000559a843bdcf0 in qemu_coroutine_switch
>   (from_=from_@entry=0x559a865fd8e0, to_=to_@entry=0x7fef37774ac8,
>   action=action@entry=COROUTINE_YIELD) at
>   /home/dgilbert/git/qemu-world3/coroutine-ucontext.c:177
>   #1  0x0000559a843bd0d0 in qemu_coroutine_yield () at
>   /home/dgilbert/git/qemu-world3/qemu-coroutine.c:145
>   #2  0x0000559a843bd9c5 in yield_until_fd_readable (fd=15) at
>   /home/dgilbert/git/qemu-world3/qemu-coroutine-io.c:90
>   #3  0x0000559a84362337 in socket_get_buffer (opaque=0x559a862f7a00,
>   buf=0x559a84ea0a70 "", pos=<optimized out>, size=32768) at
>   /home/dgilbert/git/qemu-world3/migration/qemu-file-unix.c:69
>   #4  0x0000559a84360c9c in qemu_fill_buffer (f=0x559a84ea0a40)
>       at /home/dgilbert/git/qemu-world3/migration/qemu-file.c:215
>   #5  0x0000559a84361569 in qemu_peek_byte (f=0x559a84ea0a40, offset=0)
>       at /home/dgilbert/git/qemu-world3/migration/qemu-file.c:448
>   #6  0x0000559a843617d4 in qemu_get_be32 (f=0x559a84ea0a40)
>       at /home/dgilbert/git/qemu-world3/migration/qemu-file.c:461
>   #7  0x0000559a843617d4 in qemu_get_be32 (f=f@entry=0x559a84ea0a40)
>       at /home/dgilbert/git/qemu-world3/migration/qemu-file.c:545
>   #8  0x0000559a84187d92 in qemu_loadvm_state (f=f@entry=0x559a84ea0a40)
>       at /home/dgilbert/git/qemu-world3/migration/savevm.c:1070
>   #9  0x0000559a8435dc42 in process_incoming_migration_co
>   (opaque=0x559a84ea0a40)
>       at /home/dgilbert/git/qemu-world3/migration/migration.c:285
>   #10 0x0000559a843bdd5a in coroutine_trampoline (i0=<optimized out>,
>   i1=<optimized out>)
>       at /home/dgilbert/git/qemu-world3/coroutine-ucontext.c:80
>   #11 0x00007fef2a462f10 in __start_context () at /lib64/libc.so.6
>   #12 0x00007fffb7437b50 in  ()
>   #13 0x0000000000000000 in  ()

This sort of clutters the output, I'm wondering if making the backtrace
optional (only dumped when "qemu iohandlers --backtrace") is better?  It's OK
if you decide to keep this, though.

>   ----
>   {pfd = {fd = 4, events = 25, revents = 0}, io_read = 0x559a843b7800
>   <sigfd_handler>, io_write = 0x0, deleted = 0, opaque = 0x4, node =
>   {le_next = 0x559a84e9c740, le_prev = 0x559a86325498}}
>   ----
>   {pfd = {fd = 5, events = 25, revents = 0}, io_read = 0x559a843ac750
>   <event_notifier_dummy_cb>, io_write = 0x0, deleted = 0, opaque =
>   0x559a84e9c6f8, node = {le_next = 0x0, le_prev = 0x559a84e9d1a8}}
>   ----
> ---
>  scripts/qemu-gdb.py    |  4 +++-
>  scripts/qemugdb/aio.py | 52 ++++++++++++++++++++++++++++++++++++++++++++++++++
>  2 files changed, 55 insertions(+), 1 deletion(-)
>  create mode 100644 scripts/qemugdb/aio.py
> 
> diff --git a/scripts/qemu-gdb.py b/scripts/qemu-gdb.py
> index d6f2e5a..99344c7 100644
> --- a/scripts/qemu-gdb.py
> +++ b/scripts/qemu-gdb.py
> @@ -26,7 +26,7 @@ import os, sys
>  
>  sys.path.append(os.path.dirname(__file__))
>  
> -from qemugdb import mtree, coroutine
> +from qemugdb import aio, mtree, coroutine
>  
>  class QemuCommand(gdb.Command):
>      '''Prefix for QEMU debug support commands'''
> @@ -37,6 +37,8 @@ class QemuCommand(gdb.Command):
>  QemuCommand()
>  coroutine.CoroutineCommand()
>  mtree.MtreeCommand()
> +aio.IOhandlersCommand()
> +aio.AIOsCommand()
>  
>  # Default to silently passing through SIGUSR1, because QEMU sends it
>  # to itself a lot.
> diff --git a/scripts/qemugdb/aio.py b/scripts/qemugdb/aio.py
> new file mode 100644
> index 0000000..cda2c37
> --- /dev/null
> +++ b/scripts/qemugdb/aio.py
> @@ -0,0 +1,52 @@
> +#!/usr/bin/python
> +
> +# GDB debugging support: aio/iohandler debug
> +#
> +# Copyright (c) 2015 Red Hat, Inc.
> +#
> +# Author: Dr. David Alan Gilbert <dgilbert@redhat.com>
> +#
> +# This work is licensed under the terms of the GNU GPL, version 2 or
> +# later.  See the COPYING file in the top-level directory.
> +#
> +
> +import gdb
> +from qemugdb import coroutine
> +
> +def isnull(ptr):
> +    return ptr == gdb.Value(0).cast(ptr.type)
> +
> +def dump_aiocontext(context):
> +    '''Display a dump and backtrace for an aiocontext'''
> +    cur = context['aio_handlers']['lh_first']
> +    # Get pointers to functions we're going to process specially
> +    sym_fd_coroutine_enter = gdb.parse_and_eval('fd_coroutine_enter')
> +
> +    while not isnull(cur):
> +        entry = cur.dereference()
> +        gdb.write('----\n%s\n' % entry)
> +        if cur['io_read'] == sym_fd_coroutine_enter:
> +            coptr = (cur['opaque'].cast(gdb.lookup_type('FDYieldUntilData').pointer()))['co']
> +            coptr = coptr.cast(gdb.lookup_type('CoroutineUContext').pointer())
> +            coroutine.bt_jmpbuf(coptr['env']['__jmpbuf'])
> +        cur = cur['node']['le_next'];
> +
> +    gdb.write('----\n')
> +
> +class AIOsCommand(gdb.Command):
> +    '''Display aio handlers'''

Maybe also

s/aio handlers/aio handlers in main loop/

?

> +    def __init__(self):
> +        gdb.Command.__init__(self, 'qemu aios', gdb.COMMAND_DATA,
> +                             gdb.COMPLETE_NONE)
> +
> +    def invoke(self, arg, from_tty):
> +        dump_aiocontext(gdb.parse_and_eval('qemu_aio_context'))
> +
> +class IOhandlersCommand(gdb.Command):
> +    '''Display io handlers'''
> +    def __init__(self):
> +        gdb.Command.__init__(self, 'qemu iohandlers', gdb.COMMAND_DATA,
> +                             gdb.COMPLETE_NONE)
> +
> +    def invoke(self, arg, from_tty):
> +        dump_aiocontext(gdb.parse_and_eval('iohandler_ctx'))
> -- 
> 2.5.0
> 

Re: [Qemu-devel] [PATCH] gdb command: qemu aios, qemu aiohandlers

[Stefan Hajnoczi]

On Fri, Oct 23, 2015 at 10:32 AM, Fam Zheng <famz@redhat.com> wrote:
> On Tue, 10/20 12:05, Dr. David Alan Gilbert (git) wrote:
>> From: "Dr. David Alan Gilbert" <dgilbert@redhat.com>
>>
>> Two new gdb commands are added:
>>
>>   qemu iohandlers
>>
>>      that dumps the list of waiting iohandlers, this is particularly
>>      useful for trying to figure out where an incoming migration is
>>      blocked.  For 'fd_coroutine_enter' cases we dump a full backtrace.
>>
>>   qemu aios
>>      that dumps the qemu_aio_context list.
>
> I'd assume "qemu aios" is a command to print the list of AioContext instances
> rather than handlers in a particular context (qemu_aio_context). How about
> "qemu handlers"?

Seems fine to me but it would be useful to add an optional AioContext
pointer argument.

That way the command prints qemu_aio_context by default but can also
be used to inspect arbitrary AioContexts.

Stefan

Re: [Qemu-devel] [PATCH] gdb command: qemu aios, qemu aiohandlers

[Fam Zheng]

On Fri, 10/23 11:09, Stefan Hajnoczi wrote:
> On Fri, Oct 23, 2015 at 10:32 AM, Fam Zheng <famz@redhat.com> wrote:
> > On Tue, 10/20 12:05, Dr. David Alan Gilbert (git) wrote:
> >> From: "Dr. David Alan Gilbert" <dgilbert@redhat.com>
> >>
> >> Two new gdb commands are added:
> >>
> >>   qemu iohandlers
> >>
> >>      that dumps the list of waiting iohandlers, this is particularly
> >>      useful for trying to figure out where an incoming migration is
> >>      blocked.  For 'fd_coroutine_enter' cases we dump a full backtrace.
> >>
> >>   qemu aios
> >>      that dumps the qemu_aio_context list.
> >
> > I'd assume "qemu aios" is a command to print the list of AioContext instances
> > rather than handlers in a particular context (qemu_aio_context). How about
> > "qemu handlers"?
> 
> Seems fine to me but it would be useful to add an optional AioContext
> pointer argument.
> 
> That way the command prints qemu_aio_context by default but can also
> be used to inspect arbitrary AioContexts.
> 

That is a good idea.

Fam

Re: [Qemu-devel] [PATCH] gdb command: qemu aios, qemu aiohandlers

[Paolo Bonzini]

On 20/10/2015 13:05, Dr. David Alan Gilbert (git) wrote:
> +        entry = cur.dereference()
> +        gdb.write('----\n%s\n' % entry)
> +        if cur['io_read'] == sym_fd_coroutine_enter:
> +            coptr = (cur['opaque'].cast(gdb.lookup_type('FDYieldUntilData').pointer()))['co']
> +            coptr = coptr.cast(gdb.lookup_type('CoroutineUContext').pointer())
> +            coroutine.bt_jmpbuf(coptr['env']['__jmpbuf'])

The last two lines here can be written as

  coroutine.bt_jmpbuf(coroutine.coroutine_to_jmpbuf(coptr))

with the head of Stefan's trace branch.

Paolo

Re: [Qemu-devel] [PATCH] gdb command: qemu aios, qemu aiohandlers

[Dr. David Alan Gilbert]

* Paolo Bonzini (pbonzini@redhat.com) wrote:
> 
> 
> On 20/10/2015 13:05, Dr. David Alan Gilbert (git) wrote:
> > +        entry = cur.dereference()
> > +        gdb.write('----\n%s\n' % entry)
> > +        if cur['io_read'] == sym_fd_coroutine_enter:
> > +            coptr = (cur['opaque'].cast(gdb.lookup_type('FDYieldUntilData').pointer()))['co']
> > +            coptr = coptr.cast(gdb.lookup_type('CoroutineUContext').pointer())
> > +            coroutine.bt_jmpbuf(coptr['env']['__jmpbuf'])
> 
> The last two lines here can be written as
> 
>   coroutine.bt_jmpbuf(coroutine.coroutine_to_jmpbuf(coptr))
> 
> with the head of Stefan's trace branch.

I've just posted a new version with all the other changes in, but
I can easily change that one when the trace change lands.

Dave

> 
> Paolo
--
Dr. David Alan Gilbert / dgilbert@redhat.com / Manchester, UK