From: "Dr. David Alan Gilbert" <dgilbert@redhat.com>
To: "Grundmann, Christian" <Christian.Grundmann@fabasoft.com>
Cc: 'Paolo Bonzini' <pbonzini@redhat.com>,
"'qemu-devel@nongnu.org'" <qemu-devel@nongnu.org>,
"stefanha@redhat.com" <stefanha@redhat.com>
Subject: Re: [Qemu-devel] WG: [ovirt-users] Segmentation fault in libtcmalloc
Date: Thu, 3 Dec 2015 09:04:17 +0000 [thread overview]
Message-ID: <20151203090416.GA2591@work-vm> (raw)
In-Reply-To: <6A17C71B52524C408E7AAF69103E9E490F1C71EB@fabamailserver.fabagl.fabasoft.com>
* Grundmann, Christian (Christian.Grundmann@fabasoft.com) wrote:
> Hi again,
> got a Segfault today without virtio :-( (one IDE Disk and one virtio-scsi)
>
> Core was generated by `/usr/libexec/qemu-kvm -name vmname -S -machine pc-i440fx-rhel7.2.0,accel='.
Can you confirm the package version you were using; if you're running the pc-i440fx-rhel7.2.0 machine
type it must be pretty new.
Dave
> Program terminated with signal 11, Segmentation fault.
> #0 0x00007fb299cbd3ab in tcmalloc::ThreadCache::ReleaseToCentralCache(tcmalloc::ThreadCache::FreeList*, unsigned long, int) () from /lib64/libtcmalloc.so.4
>
> Thread 6 (Thread 0x7fb28d0c5700 (LWP 29423)):
> #0 0x00007fb29cc85ac3 in pread64 () at ../sysdeps/unix/syscall-template.S:81
> No locals.
> #1 0x00007fb29e37c2a3 in pread (__offset=<optimized out>, __nbytes=<optimized out>, __buf=0x7fb2a3e21a00, __fd=<optimized out>) at /usr/include/bits/unistd.h:99
> No locals.
> #2 handle_aiocb_rw_linear (aiocb=aiocb@entry=0x7fb2a1474340, buf=buf@entry=0x7fb2a3e21a00 "QF", <incomplete sequence \373>) at block/raw-posix.c:909
> offset = 0
> len = <optimized out>
> #3 0x00007fb29e37c3d1 in handle_aiocb_rw (aiocb=0x7fb2a1474340) at block/raw-posix.c:992
> nbytes = <optimized out>
> buf = 0x7fb2a3e21a00 "QF", <incomplete sequence \373>
> __PRETTY_FUNCTION__ = "handle_aiocb_rw"
> #4 0x00007fb29e37d945 in aio_worker (arg=0x7fb2a1474340) at block/raw-posix.c:1204
> aiocb = 0x7fb2a1474340
> ret = 0
> #5 0x00007fb29e33d91b in worker_thread (opaque=0x7fb2a148d450) at thread-pool.c:105
> req = 0x7fb2a1474b30
> ret = <optimized out>
> pool = 0x7fb2a148d450
> #6 0x00007fb29cc7edf5 in start_thread (arg=0x7fb28d0c5700) at pthread_create.c:308
> __res = <optimized out>
> pd = 0x7fb28d0c5700
> now = <optimized out>
> unwind_buf = {cancel_jmp_buf = {{jmp_buf = {140404847302400, -4522449750849005939, 0, 140404847303104, 140404847302400, 26, 4492373549408278157, 4492409237274449549}, mask_was_saved = 0}}, priv = {pad = {0x0, 0x0, 0x0, 0x0}, data = {prev = 0x0, cleanup = 0x0, canceltype = 0}}}
> not_first_call = <optimized out>
> pagesize_m1 = <optimized out>
> sp = <optimized out>
> freesize = <optimized out>
> #7 0x00007fb29688c1ad in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:113
> No locals.
>
> Thread 5 (Thread 0x7fb104fff700 (LWP 29084)):
> #0 0x00007fb296881b7d in poll () at ../sysdeps/unix/syscall-template.S:81
> No locals.
> #1 0x00007fb2977d6fe7 in red_worker_main () from /lib64/libspice-server.so.1
> No symbol table info available.
> #2 0x00007fb29cc7edf5 in start_thread (arg=0x7fb104fff700) at pthread_create.c:308
> __res = <optimized out>
> pd = 0x7fb104fff700
> now = <optimized out>
> unwind_buf = {cancel_jmp_buf = {{jmp_buf = {140398269822720, -4522449750849005939, 0, 140398269823424, 140398269822720, 140405245697216, 4494326442046740109, 4492409237274449549}, mask_was_saved = 0}}, priv = {pad = {0x0, 0x0, 0x0, 0x0}, data = {prev = 0x0, cleanup = 0x0, canceltype = 0}}}
> not_first_call = <optimized out>
> pagesize_m1 = <optimized out>
> sp = <optimized out>
> freesize = <optimized out>
> #3 0x00007fb29688c1ad in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:113
> No locals.
>
> Thread 4 (Thread 0x7fb28c8c4700 (LWP 29081)):
> #0 pthread_cond_wait@@GLIBC_2.3.2 () at ../nptl/sysdeps/unix/sysv/linux/x86_64/pthread_cond_wait.S:185
> No locals.
> #1 0x00007fb29e3b9f79 in qemu_cond_wait (cond=<optimized out>, mutex=mutex@entry=0x7fb29e866d40 <qemu_global_mutex>) at util/qemu-thread-posix.c:132
> err = <optimized out>
> __func__ = "qemu_cond_wait"
> #2 0x00007fb29e172d3b in qemu_kvm_wait_io_event (cpu=<optimized out>) at /usr/src/debug/qemu-2.3.0/cpus.c:912
> No locals.
> #3 qemu_kvm_cpu_thread_fn (arg=0x7fb2a3d2e000) at /usr/src/debug/qemu-2.3.0/cpus.c:949
> cpu = 0x7fb2a3d2e000
> r = <optimized out>
> #4 0x00007fb29cc7edf5 in start_thread (arg=0x7fb28c8c4700) at pthread_create.c:308
> __res = <optimized out>
> pd = 0x7fb28c8c4700
> now = <optimized out>
> unwind_buf = {cancel_jmp_buf = {{jmp_buf = {140404838909696, -4522449750849005939, 0, 140404838910400, 140404838909696, 140735272359936, 4492374652678002317, 4492409237274449549}, mask_was_saved = 0}}, priv = {pad = {0x0, 0x0, 0x0, 0x0}, data = {prev = 0x0, cleanup = 0x0, canceltype = 0}}}
> not_first_call = <optimized out>
> pagesize_m1 = <optimized out>
> sp = <optimized out>
> freesize = <optimized out>
> #5 0x00007fb29688c1ad in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:113
> No locals.
>
> Thread 3 (Thread 0x7fb28c0c3700 (LWP 29082)):
> #0 pthread_cond_wait@@GLIBC_2.3.2 () at ../nptl/sysdeps/unix/sysv/linux/x86_64/pthread_cond_wait.S:185
> No locals.
> #1 0x00007fb29e3b9f79 in qemu_cond_wait (cond=<optimized out>, mutex=mutex@entry=0x7fb29e866d40 <qemu_global_mutex>) at util/qemu-thread-posix.c:132
> err = <optimized out>
> __func__ = "qemu_cond_wait"
> #2 0x00007fb29e172d3b in qemu_kvm_wait_io_event (cpu=<optimized out>) at /usr/src/debug/qemu-2.3.0/cpus.c:912
> No locals.
> #3 qemu_kvm_cpu_thread_fn (arg=0x7fb2a3d7e000) at /usr/src/debug/qemu-2.3.0/cpus.c:949
> cpu = 0x7fb2a3d7e000
> r = <optimized out>
> #4 0x00007fb29cc7edf5 in start_thread (arg=0x7fb28c0c3700) at pthread_create.c:308
> __res = <optimized out>
> pd = 0x7fb28c0c3700
> now = <optimized out>
> unwind_buf = {cancel_jmp_buf = {{jmp_buf = {140404830516992, -4522449750849005939, 0, 140404830517696, 140404830516992, 140735272359936, 4492375751652759181, 4492409237274449549}, mask_was_saved = 0}}, priv = {pad = {0x0, 0x0, 0x0, 0x0}, data = {prev = 0x0, cleanup = 0x0, canceltype = 0}}}
> not_first_call = <optimized out>
> pagesize_m1 = <optimized out>
> sp = <optimized out>
> freesize = <optimized out>
> #5 0x00007fb29688c1ad in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:113
> No locals.
>
> Thread 2 (Thread 0x7fb28e6ad700 (LWP 29077)):
> #0 syscall () at ../sysdeps/unix/sysv/linux/x86_64/syscall.S:38
> No locals.
> #1 0x00007fb29e3ba272 in futex_wait (val=4294967295, ev=0x7fb29ec84f44 <rcu_call_ready_event>) at util/qemu-thread-posix.c:301
> No locals.
> #2 qemu_event_wait (ev=ev@entry=0x7fb29ec84f44 <rcu_call_ready_event>) at util/qemu-thread-posix.c:399
> value = <optimized out>
> #3 0x00007fb29e3c8526 in call_rcu_thread (opaque=<optimized out>) at util/rcu.c:233
> tries = 0
> n = <optimized out>
> node = <optimized out>
> #4 0x00007fb29cc7edf5 in start_thread (arg=0x7fb28e6ad700) at pthread_create.c:308
> __res = <optimized out>
> pd = 0x7fb28e6ad700
> now = <optimized out>
> unwind_buf = {cancel_jmp_buf = {{jmp_buf = {140404870272768, -4522449750849005939, 0, 140404870273472, 140404870272768, 140405136150080, 4492370572995942029, 4492409237274449549}, mask_was_saved = 0}}, priv = {pad = {0x0, 0x0, 0x0, 0x0}, data = {prev = 0x0, cleanup = 0x0, canceltype = 0}}}
> not_first_call = <optimized out>
> pagesize_m1 = <optimized out>
> sp = <optimized out>
> freesize = <optimized out>
> #5 0x00007fb29688c1ad in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:113
> No locals.
>
> Thread 1 (Thread 0x7fb29e07cc00 (LWP 29076)):
> #0 0x00007fb299cbd3ab in tcmalloc::ThreadCache::ReleaseToCentralCache(tcmalloc::ThreadCache::FreeList*, unsigned long, int) () from /lib64/libtcmalloc.so.4
> No symbol table info available.
> #1 0x00007fb299cbd47b in tcmalloc::ThreadCache::ListTooLong(tcmalloc::ThreadCache::FreeList*, unsigned long) () from /lib64/libtcmalloc.so.4
> No symbol table info available.
> #2 0x00007fb299ccc070 in tc_free () from /lib64/libtcmalloc.so.4
> No symbol table info available.
> #3 0x00007fb29c58d58f in g_free () from /lib64/libglib-2.0.so.0
> No symbol table info available.
> #4 0x00007fb29e3b7721 in parser_context_free (ctxt=0x7fb2a531e0c0) at qobject/json-parser.c:358
> i = <optimized out>
> #5 json_parser_parse_err (tokens=<optimized out>, ap=ap@entry=0x0, errp=errp@entry=0x0) at qobject/json-parser.c:710
> result = 0x7fb2a4bdf600
> #6 0x00007fb29e3b7767 in json_parser_parse (tokens=<optimized out>, ap=ap@entry=0x0) at qobject/json-parser.c:694
> No locals.
> #7 0x00007fb29e176e04 in handle_qmp_command (parser=<optimized out>, tokens=<optimized out>) at /usr/src/debug/qemu-2.3.0/monitor.c:5068
> err = <optimized out>
> obj = <optimized out>
> input = 0x0
> args = 0x0
> cmd_name = <optimized out>
> mon = 0x7fb2a153e140
> #8 0x00007fb29e3b64f2 in json_message_process_token (lexer=0x7fb2a1460040, token=0x7fb2a1424880, type=JSON_OPERATOR, x=49, y=104) at qobject/json-streamer.c:87
> parser = 0x7fb2a1460038
> dict = 0x7fb2a3e27200
> #9 0x00007fb29e3c891f in json_lexer_feed_char (lexer=lexer@entry=0x7fb2a1460040, ch=<optimized out>, flush=flush@entry=false) at qobject/json-lexer.c:303
> new_state = 100
> #10 0x00007fb29e3c89ee in json_lexer_feed (lexer=0x7fb2a1460040, buffer=<optimized out>, size=<optimized out>) at qobject/json-lexer.c:356
> err = <optimized out>
> i = <optimized out>
> #11 0x00007fb29e3b6689 in json_message_parser_feed (parser=<optimized out>, buffer=<optimized out>, size=<optimized out>) at qobject/json-streamer.c:110
> No locals.
> #12 0x00007fb29e1758cf in monitor_control_read (opaque=<optimized out>, buf=<optimized out>, size=<optimized out>) at /usr/src/debug/qemu-2.3.0/monitor.c:5134
> old_mon = 0x0
> #13 0x00007fb29e2321b0 in qemu_chr_be_write (len=<optimized out>, buf=0x7fff7bea8a30 "}\212\352{\377\177", s=0x7fb2a14442e0) at qemu-char.c:305
> No locals.
> #14 tcp_chr_read (chan=<optimized out>, cond=<optimized out>, opaque=0x7fb2a14442e0) at qemu-char.c:2870
> chr = 0x7fb2a14442e0
> s = 0x7fb2a14363f0
> buf = "}\212\352{\377\177\000\000\360`;\236\262\177\000\000\030\003\000\000\000\000\000\000\205N;\236\262\177\000\000\240LB\241\262\177\000\000\263E;\236\262\177\000\000\240LB\241\262\177", '\000' <repeats 18 times>, "\360\017c\244\262\177\000\000\300\213\352{\377\177\000\000\000\000\000\000\000\000\000\000\060\356t\245\262\177\000\000\000$ᤲ\177\000\000@\232\352{\377\177\000\000H\022\212\226\262\177\000\000]\000\000\000\000\000\000\000\060\000\000\000\060\000\000\000\220\213\352{\377\177\000\000Њ\352{\377\177\000\000\r\000\000\000\000\000\000\000\340\234\177\000\000\000d\023\245\262\177\000\000`\376\061\245\262\177\000\000Q\000\000\000\000\000\000\000\325b\004\000\000\000\000\000"...
> len = <optimized out>
> size = <optimized out>
> #15 0x00007fb29c58799a in g_main_context_dispatch () from /lib64/libglib-2.0.so.0
> No symbol table info available.
> #16 0x00007fb29e34b288 in glib_pollfds_poll () at main-loop.c:209
> context = 0x7fb2a1491140
> pfds = <optimized out>
> #17 os_host_main_loop_wait (timeout=<optimized out>) at main-loop.c:254
> ret = 2
> spin_counter = 0
> #18 main_loop_wait (nonblocking=<optimized out>) at main-loop.c:503
> ret = 2
> timeout = 4294967295
> timeout_ns = <optimized out>
> #19 0x00007fb29e14aa4e in main_loop () at vl.c:1818
> nonblocking = <optimized out>
> last_io = 2
> #20 main (argc=<optimized out>, argv=<optimized out>, envp=<optimized out>) at vl.c:4394
> i = <optimized out>
> snapshot = <optimized out>
> linux_boot = <optimized out>
> initrd_filename = <optimized out>
> kernel_filename = <optimized out>
> kernel_cmdline = <optimized out>
> boot_order = 0x7fb29e3dda67 "cad"
> boot_once = 0x0
> cyls = <optimized out>
> heads = <optimized out>
> secs = <optimized out>
> translation = <optimized out>
> hda_opts = <optimized out>
> opts = <optimized out>
> machine_opts = <optimized out>
> icount_opts = <optimized out>
> olist = <optimized out>
> optind = 78
> optarg = 0x7fb2a14ef8c0 "pc-i440fx-rhel7.2.0"
> loadvm = <optimized out>
> machine_class = <optimized out>
> cpu_model = <optimized out>
> vga_model = 0x0
> qtest_chrdev = <optimized out>
> qtest_log = <optimized out>
> pid_file = <optimized out>
> incoming = <optimized out>
> show_vnc_port = <optimized out>
> defconfig = <optimized out>
> userconfig = 111
> log_mask = <optimized out>
> log_file = <optimized out>
> mem_trace = {malloc = 0x7fb29e238480 <malloc_and_trace>, realloc = 0x7fb29e238460 <realloc_and_trace>, free = 0x7fb29e238450 <free_and_trace>, calloc = 0x0, try_malloc = 0x0, try_realloc = 0x0}
> trace_events = <optimized out>
> trace_file = <optimized out>
> maxram_size = <optimized out>
> ram_slots = <optimized out>
> vmstate_dump_file = <optimized out>
> main_loop_err = 0x0
> __func__ = "main"
>
>
>
>
> -----Ursprüngliche Nachricht-----
> Von: Paolo Bonzini [mailto:paolo.bonzini@gmail.com] Im Auftrag von Paolo Bonzini
> Gesendet: Donnerstag, 19. November 2015 18:02
> An: Grundmann, Christian <Christian.Grundmann@fabasoft.com>; 'Dr. David Alan Gilbert' <dgilbert@redhat.com>
> Cc: 'qemu-devel@nongnu.org' <qemu-devel@nongnu.org>; stefanha@redhat.com
> Betreff: Re: WG: [ovirt-users] Segmentation fault in libtcmalloc
>
>
>
> On 19/11/2015 17:00, Grundmann, Christian wrote:
> > Hi, it seems that using virtio-scsi did the trick, But now the VMs are
> > pausing without an coredump, so the underlying Problem (no storage
> > Error) is not fixed, As I am using Snapshots (and so the disks have to
> > grow very fast) I try if tuning "volume_utilization_percent" and
> > "volume_utilization_chunk_mb" will help
> > (https://access.redhat.com/solutions/130843)
>
> The fix for virtio-blk is probably this patch:
> http://article.gmane.org/gmane.comp.emulators.qemu.block/6380/raw
>
> Paolo
--
Dr. David Alan Gilbert / dgilbert@redhat.com / Manchester, UK
next prev parent reply other threads:[~2015-12-03 9:04 UTC|newest]
Thread overview: 16+ messages / expand[flat|nested] mbox.gz Atom feed top
[not found] <6A17C71B52524C408E7AAF69103E9E490F14400C@fabamailserver.fabagl.fabasoft.com>
[not found] ` <20151113190014.GB18986@redhat.com>
2015-11-16 8:11 ` [Qemu-devel] WG: [ovirt-users] Segmentation fault in libtcmalloc Grundmann, Christian
2015-11-17 9:59 ` Dr. David Alan Gilbert
2015-11-17 10:36 ` Grundmann, Christian
2015-11-17 11:36 ` Dr. David Alan Gilbert
2015-11-17 14:11 ` Grundmann, Christian
2015-11-17 14:20 ` Grundmann, Christian
2015-11-17 14:42 ` Dr. David Alan Gilbert
2015-11-19 16:00 ` Grundmann, Christian
2015-11-19 17:02 ` Paolo Bonzini
2015-12-03 8:18 ` Grundmann, Christian
2015-12-03 9:04 ` Dr. David Alan Gilbert [this message]
2015-12-03 9:07 ` Grundmann, Christian
2015-12-10 12:38 ` Dr. David Alan Gilbert
2015-12-10 13:18 ` Markus Armbruster
2015-12-10 13:37 ` Grundmann, Christian
2015-11-20 19:06 ` Dr. David Alan Gilbert
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20151203090416.GA2591@work-vm \
--to=dgilbert@redhat.com \
--cc=Christian.Grundmann@fabasoft.com \
--cc=pbonzini@redhat.com \
--cc=qemu-devel@nongnu.org \
--cc=stefanha@redhat.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).