From: Christian Schoenebeck <qemu_oss@crudebyte.com>
To: qemu-devel@nongnu.org
Cc: Greg Kurz <groug@kaod.org>
Subject: 9pfs: Twalk crash
Date: Mon, 30 Aug 2021 17:55:04 +0200 [thread overview]
Message-ID: <4325838.qn0ATYcOi1@silver> (raw)
Apparently commit 8d6cb100731c4d28535adbf2a3c2d1f29be3fef4 '9pfs: reduce
latency of Twalk' has introduced occasional crashes.
My first impression after looking at the backtrace: looks like the patch
itself is probably not causing this, but rather unmasked this issue (i.e.
increased the chance to be triggered).
The crash is because of 'elem' is NULL in virtio_pdu_vunmarshal() (frame 0).
bt taken with HEAD being 8d6cb100731c4d28535adbf2a3c2d1f29be3fef4:
Program terminated with signal SIGSEGV, Segmentation fault.
#0 virtio_pdu_vunmarshal (pdu=0x55a93717cde8, offset=7, fmt=0x55a9352766d1
"ddw", ap=0x7f38a9ad9cd0) at ../hw/9pfs/virtio-9p-device.c:146
146 ret = v9fs_iov_vunmarshal(elem->out_sg, elem->out_num, offset, 1,
fmt, ap);
[Current thread is 1 (Thread 0x7f3bddd2ac40 (LWP 7811))]
(gdb) bt full
#0 0x000055a934dfb9a7 in virtio_pdu_vunmarshal (pdu=0x55a93717cde8, offset=7,
fmt=0x55a9352766d1 "ddw", ap=0x7f38a9ad9cd0) at ../hw/9pfs/virtio-9p-device.c:
146
s = 0x55a93717b4b8
v = 0x55a93717aee0
elem = 0x0
ret = <optimized out>
#1 0x000055a934bf35e8 in pdu_unmarshal (pdu=pdu@entry=0x55a93717cde8,
offset=offset@entry=7, fmt=fmt@entry=0x55a9352766d1 "ddw") at ../hw/9pfs/9p.c:
71
ret = <optimized out>
ap = {{gp_offset = 24, fp_offset = 48, overflow_arg_area =
0x7f38a9ad9db0, reg_save_area = 0x7f38a9ad9cf0}}
#2 0x000055a934bf68db in v9fs_walk (opaque=0x55a93717cde8) at ../hw/9pfs/
9p.c:1720
name_idx = <optimized out>
qids = 0x0
i = <optimized out>
err = 0
dpath = {size = 0, data = 0x0}
path = {size = 0, data = 0x0}
pathes = 0x0
nwnames = 1
stbuf =
{st_dev = 2050, st_ino = 1199848, st_nlink = 1, st_mode = 41471,
st_uid = 0, st_gid = 0, __pad0 = 0, st_rdev = 0, st_size = 13, st_blksize =
4096, st_blocks = 16, s}
fidst =
{st_dev = 2050, st_ino = 1198183, st_nlink = 3, st_mode = 16877,
st_uid = 0, st_gid = 0, __pad0 = 0, st_rdev = 0, st_size = 12288, st_blksize =
4096, st_blocks = 32}
stbufs = 0x0
offset = 7
fid = 299
newfid = 687
wnames = 0x0
fidp = <optimized out>
newfidp = 0x0
pdu = 0x55a93717cde8
s = 0x55a93717b4b8
qid = {type = 2 '\002', version = 1556732739, path = 2399697}
#3 0x000055a93505760b in coroutine_trampoline (i0=<optimized out>,
i1=<optimized out>) at ../util/coroutine-ucontext.c:173
next reply other threads:[~2021-08-30 15:56 UTC|newest]
Thread overview: 9+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-08-30 15:55 Christian Schoenebeck [this message]
2021-08-31 10:57 ` 9pfs: Twalk crash Greg Kurz
2021-08-31 15:00 ` Christian Schoenebeck
2021-08-31 17:04 ` Greg Kurz
2021-09-01 12:49 ` Christian Schoenebeck
2021-09-01 14:21 ` Christian Schoenebeck
2021-09-01 15:41 ` Greg Kurz
2021-09-01 16:07 ` Christian Schoenebeck
2021-09-01 16:31 ` Greg Kurz
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=4325838.qn0ATYcOi1@silver \
--to=qemu_oss@crudebyte.com \
--cc=groug@kaod.org \
--cc=qemu-devel@nongnu.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).