All of lore.kernel.org
 help / color / mirror / Atom feed
* [Qemu-devel] [Bug] block: virtio-blk-dataplane causes segfault
@ 2014-07-02  3:24 Chai Wen
  2014-07-02  3:52 ` Chai Wen
  0 siblings, 1 reply; 2+ messages in thread
From: Chai Wen @ 2014-07-02  3:24 UTC (permalink / raw)
  Cc: kwolf, pbonzini, Fam Zheng, qemu-devel, stefanha

Hi

I tested the latest release v2.1 qemu feature virtio-dataplane.
And it seems that there is a little bug in it.
Please see the following below for detail, thanks.

git: git.qemu.org/qemu.git
branch: master
top commit:
commit 92259b7f434b382fc865d1f65f7d5adeed295749
Author: Peter Maydell <peter.maydell@linaro.org>
Date:   Tue Jul 1 18:48:01 2014 +0100

    Update version for v2.1.0-rc0 release


reproduce steps:
./qemu-system-x86_64 -enable-kvm -smp 2 -m 1024 -drive file=/var/vm_images/images/6G_smallsuse.img,if=none,format=raw,cache=none,id=image1 -device
virtio-blk-pci,drive=image1,scsi=off,x-data-plane=on -net none
Segmentation fault (core dumped)


And I think there is something wrong in the completion callback chains for dataplane.
static void complete_request_vring(VirtIOBlockReq *req, unsigned char status)
{
    stb_p(&req->in->status, status);

    vring_push(&req->dev->dataplane->vring, req->elem,
               req->qiov.size + sizeof(*req->in));
    notify_guest(req->dev->dataplane);
    g_slice_free(VirtIOBlockReq, req);        <---
}

static void virtio_blk_rw_complete(void *opaque, int ret)
{
    VirtIOBlockReq *req = opaque;

    trace_virtio_blk_rw_complete(req, ret);

    if (ret) {
        int p = virtio_ldl_p(VIRTIO_DEVICE(req->dev), &req->out.type);
        bool is_read = !(p & VIRTIO_BLK_T_OUT);
        if (virtio_blk_handle_rw_error(req, -ret, is_read))
            return;
    }

    virtio_blk_req_complete(req, VIRTIO_BLK_S_OK);    <---
    bdrv_acct_done(req->dev->bs, &req->acct);         <---
    virtio_blk_free_request(req);
}




(gdb) bt
#0  0x000055555588236f in bdrv_acct_done (bs=0x48004800480048, cookie=0x5555563016e8) at block.c:5478
#1  0x000055555564035b in virtio_blk_rw_complete (opaque=0x5555563016a0, ret=0) at /home/git_dev/qemu_115/qemu/hw/block/virtio-blk.c:99
#2  0x0000555555883d22 in bdrv_co_em_bh (opaque=<value optimized out>) at block.c:4665
#3  0x000055555587c9f7 in aio_bh_poll (ctx=0x5555562267f0) at async.c:81
#4  0x000055555588dc17 in aio_poll (ctx=0x5555562267f0, blocking=true) at aio-posix.c:188
#5  0x00005555556fa357 in iothread_run (opaque=0x555556227268) at iothread.c:41
#6  0x00007ffff6bb9851 in start_thread () from /lib64/libpthread.so.0
#7  0x00007ffff1ac890d in clone () from /lib64/libc.so.6
(gdb) info thread
  7 Thread 0x7fff9bfff700 (LWP 25553)  0x00007ffff6bbf811 in sem_timedwait () from /lib64/libpthread.so.0
  6 Thread 0x7fffe61fd700 (LWP 25552)  0x00007ffff6bbd43c in pthread_cond_wait@@GLIBC_2.3.2 () from /lib64/libpthread.so.0
* 5 Thread 0x7fffe69fe700 (LWP 25551)  0x000055555588236f in bdrv_acct_done (bs=0x48004800480048, cookie=0x5555563016e8) at block.c:5478
  4 Thread 0x7fffe71ff700 (LWP 25550)  0x00007ffff6bbf811 in sem_timedwait () from /lib64/libpthread.so.0
  3 Thread 0x7fffec9d8700 (LWP 25548)  0x00007ffff1ac0a47 in ioctl () from /lib64/libc.so.6
  2 Thread 0x7fffed1d9700 (LWP 25547)  0x00007ffff1ac0a47 in ioctl () from /lib64/libc.so.6
  1 Thread 0x7ffff7fc09a0 (LWP 25544)  0x00007ffff1abf487 in ppoll () from /lib64/libc.so.6


-- 
Regards

Chai Wen

^ permalink raw reply	[flat|nested] 2+ messages in thread
* Re: [Qemu-devel] [Bug] block: virtio-blk-dataplane causes segfault
  2014-07-02  3:24 [Qemu-devel] [Bug] block: virtio-blk-dataplane causes segfault Chai Wen
@ 2014-07-02  3:52 ` Chai Wen
  0 siblings, 0 replies; 2+ messages in thread
From: Chai Wen @ 2014-07-02  3:52 UTC (permalink / raw)
  To: kwolf, pbonzini, Fam Zheng, qemu-devel, stefanha

On 07/02/2014 11:24 AM, Chai Wen wrote:

> Hi
> 
> I tested the latest release v2.1 qemu feature virtio-dataplane.
> And it seems that there is a little bug in it.
> Please see the following below for detail, thanks.
> 


Oh, Just saw Stefan's fix. Please ignore.

Stefan Hajnoczi (4):
  virtio-blk: avoid dataplane VirtIOBlockReq early free
  dataplane: do not free VirtQueueElement in vring_push()
  virtio-blk: avoid g_slice_new0() for VirtIOBlockReq and
    VirtQueueElement
  virtio-blk: embed VirtQueueElement in VirtIOBlockReq


thanks
chai wen

> git: git.qemu.org/qemu.git
> branch: master
> top commit:
> commit 92259b7f434b382fc865d1f65f7d5adeed295749
> Author: Peter Maydell <peter.maydell@linaro.org>
> Date:   Tue Jul 1 18:48:01 2014 +0100
> 
>     Update version for v2.1.0-rc0 release
> 
> 
> reproduce steps:
> ./qemu-system-x86_64 -enable-kvm -smp 2 -m 1024 -drive file=/var/vm_images/images/6G_smallsuse.img,if=none,format=raw,cache=none,id=image1 -device
> virtio-blk-pci,drive=image1,scsi=off,x-data-plane=on -net none
> Segmentation fault (core dumped)
> 
> 
> And I think there is something wrong in the completion callback chains for dataplane.
> static void complete_request_vring(VirtIOBlockReq *req, unsigned char status)
> {
>     stb_p(&req->in->status, status);
> 
>     vring_push(&req->dev->dataplane->vring, req->elem,
>                req->qiov.size + sizeof(*req->in));
>     notify_guest(req->dev->dataplane);
>     g_slice_free(VirtIOBlockReq, req);        <---
> }
> 
> static void virtio_blk_rw_complete(void *opaque, int ret)
> {
>     VirtIOBlockReq *req = opaque;
> 
>     trace_virtio_blk_rw_complete(req, ret);
> 
>     if (ret) {
>         int p = virtio_ldl_p(VIRTIO_DEVICE(req->dev), &req->out.type);
>         bool is_read = !(p & VIRTIO_BLK_T_OUT);
>         if (virtio_blk_handle_rw_error(req, -ret, is_read))
>             return;
>     }
> 
>     virtio_blk_req_complete(req, VIRTIO_BLK_S_OK);    <---
>     bdrv_acct_done(req->dev->bs, &req->acct);         <---
>     virtio_blk_free_request(req);
> }
> 
> 
> 
> 
> (gdb) bt
> #0  0x000055555588236f in bdrv_acct_done (bs=0x48004800480048, cookie=0x5555563016e8) at block.c:5478
> #1  0x000055555564035b in virtio_blk_rw_complete (opaque=0x5555563016a0, ret=0) at /home/git_dev/qemu_115/qemu/hw/block/virtio-blk.c:99
> #2  0x0000555555883d22 in bdrv_co_em_bh (opaque=<value optimized out>) at block.c:4665
> #3  0x000055555587c9f7 in aio_bh_poll (ctx=0x5555562267f0) at async.c:81
> #4  0x000055555588dc17 in aio_poll (ctx=0x5555562267f0, blocking=true) at aio-posix.c:188
> #5  0x00005555556fa357 in iothread_run (opaque=0x555556227268) at iothread.c:41
> #6  0x00007ffff6bb9851 in start_thread () from /lib64/libpthread.so.0
> #7  0x00007ffff1ac890d in clone () from /lib64/libc.so.6
> (gdb) info thread
>   7 Thread 0x7fff9bfff700 (LWP 25553)  0x00007ffff6bbf811 in sem_timedwait () from /lib64/libpthread.so.0
>   6 Thread 0x7fffe61fd700 (LWP 25552)  0x00007ffff6bbd43c in pthread_cond_wait@@GLIBC_2.3.2 () from /lib64/libpthread.so.0
> * 5 Thread 0x7fffe69fe700 (LWP 25551)  0x000055555588236f in bdrv_acct_done (bs=0x48004800480048, cookie=0x5555563016e8) at block.c:5478
>   4 Thread 0x7fffe71ff700 (LWP 25550)  0x00007ffff6bbf811 in sem_timedwait () from /lib64/libpthread.so.0
>   3 Thread 0x7fffec9d8700 (LWP 25548)  0x00007ffff1ac0a47 in ioctl () from /lib64/libc.so.6
>   2 Thread 0x7fffed1d9700 (LWP 25547)  0x00007ffff1ac0a47 in ioctl () from /lib64/libc.so.6
>   1 Thread 0x7ffff7fc09a0 (LWP 25544)  0x00007ffff1abf487 in ppoll () from /lib64/libc.so.6
> 
> 



-- 
Regards

Chai Wen

^ permalink raw reply	[flat|nested] 2+ messages in thread
end of thread, other threads:[~2014-07-02  3:54 UTC | newest]

Thread overview: 2+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2014-07-02  3:24 [Qemu-devel] [Bug] block: virtio-blk-dataplane causes segfault Chai Wen
2014-07-02  3:52 ` Chai Wen

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.