Am 18.06.2015 um 09:12 hat Peter Lieven geschrieben:
> Thread 2 (Thread 0x7ffff5550700 (LWP 2636)):
> #0  0x00007ffff5d87aa3 in ppoll () from /lib/x86_64-linux-gnu/libc.so.6
> No symbol table info available.
> #1  0x0000555555955d91 in qemu_poll_ns (fds=0x5555563889c0, nfds=3,
>     timeout=4999424576) at qemu-timer.c:326
>         ts = {tv_sec = 4, tv_nsec = 999424576}
>         tvsec = 4
> #2  0x0000555555956feb in aio_poll (ctx=0x5555563528e0, blocking=true)
>     at aio-posix.c:231
>         node = 0x0
>         was_dispatching = false
>         ret = 1
>         progress = false
> #3  0x000055555594aeed in bdrv_prwv_co (bs=0x55555637eae0, offset=4292007936,
>     qiov=0x7ffff554f760, is_write=false, flags=0) at block.c:2699
>         aio_context = 0x5555563528e0
>         co = 0x5555563888a0
>         rwco = {bs = 0x55555637eae0, offset = 4292007936,
>           qiov = 0x7ffff554f760, is_write = false, ret = 2147483647, flags = 
> 0}
> #4  0x000055555594afa9 in bdrv_rw_co (bs=0x55555637eae0, sector_num=8382828,
>     buf=0x7ffff44cc800 "(", nb_sectors=4, is_write=false, flags=0)
>     at block.c:2722
>         qiov = {iov = 0x7ffff554f780, niov = 1, nalloc = -1, size = 2048}
>         iov = {iov_base = 0x7ffff44cc800, iov_len = 2048}
> #5  0x000055555594b008 in bdrv_read (bs=0x55555637eae0, sector_num=8382828,
>     buf=0x7ffff44cc800 "(", nb_sectors=4) at block.c:2730
> No locals.
> #6  0x000055555599acef in blk_read (blk=0x555556376820, sector_num=8382828,
>     buf=0x7ffff44cc800 "(", nb_sectors=4) at block/block-backend.c:404
> No locals.
> #7  0x0000555555833ed2 in cd_read_sector (s=0x555556408f88, lba=2095707,
>     buf=0x7ffff44cc800 "(", sector_size=2048) at hw/ide/atapi.c:116
>         ret = 32767

Here is the problem: The ATAPI emulation uses synchronous blk_read()
instead of the AIO or coroutine interfaces. This means that it keeps
polling for request completion while it holds the BQL until the request
is completed.

We can (and should) fix that, otherwise the VCPUs is blocked while we're
reading from the image, even without a hang. It doesn't fully fix your
problem, though, as bdrv_drain_all() and friends still exist.

Kevin

> #8  0x0000555555834202 in ide_atapi_cmd_reply_end (s=0x555556408f88)
>     at hw/ide/atapi.c:190
>         byte_count_limit = 21845
>         size = 1801980
>         ret = 0
> #9  0x0000555555834657 in ide_atapi_cmd_read_pio (s=0x555556408f88,
>     lba=2095707, nb_sectors=16, sector_size=2048) at hw/ide/atapi.c:279
> No locals.
> #10 0x0000555555834b25 in ide_atapi_cmd_read (s=0x555556408f88, lba=2095707,
>     nb_sectors=16, sector_size=2048) at hw/ide/atapi.c:393
> No locals.
> #11 0x00005555558358ed in cmd_read (s=0x555556408f88, buf=0x7ffff44cc800 "(")
>     at hw/ide/atapi.c:824
>         nb_sectors = 16
>         lba = 2095707
> #12 0x0000555555836373 in ide_atapi_cmd (s=0x555556408f88)
>     at hw/ide/atapi.c:1152
>         buf = 0x7ffff44cc800 "("
> #13 0x00005555558323e1 in ide_data_writew (opaque=0x555556408f08, addr=368,
>     val=0) at hw/ide/core.c:2020
>         bus = 0x555556408f08
>         s = 0x555556408f88
>         p = 0x7ffff44cc80c "IHDR"
> #14 0x000055555564285f in portio_write (opaque=0x55555641d5d0, addr=0, data=0,
>     size=2) at /usr/src/qemu-2.2.0/ioport.c:204
>         mrpio = 0x55555641d5d0
>         mrp = 0x55555641d6f8
>         __PRETTY_FUNCTION__ = "portio_write"
> #15 0x000055555564f07c in memory_region_write_accessor (mr=0x55555641d5d0,
>     addr=0, value=0x7ffff554fb28, size=2, shift=0, mask=65535)
>     at /usr/src/qemu-2.2.0/memory.c:443
>         tmp = 0
> #16 0x000055555564f1c4 in access_with_adjusted_size (addr=0,
>     value=0x7ffff554fb28, size=2, access_size_min=1, access_size_max=4,
>     access=0x55555564efe0 <memory_region_write_accessor>, mr=0x55555641d5d0)
>     at /usr/src/qemu-2.2.0/memory.c:480
>         access_mask = 65535
>         access_size = 2
>         i = 0
> #17 0x000055555565209f in memory_region_dispatch_write (mr=0x55555641d5d0,
>     addr=0, data=0, size=2) at /usr/src/qemu-2.2.0/memory.c:1117
> No locals.
> #18 0x00005555556559c7 in io_mem_write (mr=0x55555641d5d0, addr=0, val=0,
>     size=2) at /usr/src/qemu-2.2.0/memory.c:1973
> No locals.
> #19 0x00005555555fc4be in address_space_rw (as=0x555555e7a880, addr=368,
>     buf=0x7ffff7ee6000 "", len=2, is_write=true)
>     at /usr/src/qemu-2.2.0/exec.c:2141
>         l = 2
>         ptr = 0x55555567a7a6 "H\213E\370dH3\004%("
>         val = 0
>         addr1 = 0
>         mr = 0x55555641d5d0
>         error = false
> #20 0x000055555564b454 in kvm_handle_io (port=368, data=0x7ffff7ee6000,
>     direction=1, size=2, count=1) at /usr/src/qemu-2.2.0/kvm-all.c:1632
>         i = 0
>         ptr = 0x7ffff7ee6000 ""
> #21 0x000055555564baa4 in kvm_cpu_exec (cpu=0x55555638e7e0)
>     at /usr/src/qemu-2.2.0/kvm-all.c:1789
>         run = 0x7ffff7ee5000
>         ret = 0
>         run_ret = 0
> #22 0x00005555556301dc in qemu_kvm_cpu_thread_fn (arg=0x55555638e7e0)
>     at /usr/src/qemu-2.2.0/cpus.c:953
>         cpu = 0x55555638e7e0
>         r = 0
> #23 0x00007ffff6065e9a in start_thread ()
>    from /lib/x86_64-linux-gnu/libpthread.so.0
> No symbol table info available.
> #24 0x00007ffff5d9338d in clone () from /lib/x86_64-linux-gnu/libc.so.6
> No symbol table info available.
> #25 0x0000000000000000 in ?? ()
> No symbol table info available.
> 
> Thread 1 (Thread 0x7ffff7fea900 (LWP 2633)):
> #0  0x00007ffff606c89c in __lll_lock_wait ()
>    from /lib/x86_64-linux-gnu/libpthread.so.0
> No symbol table info available.
> #1  0x00007ffff6068065 in _L_lock_858 ()
>    from /lib/x86_64-linux-gnu/libpthread.so.0
> No symbol table info available.
> #2  0x00007ffff6067eba in pthread_mutex_lock ()
>    from /lib/x86_64-linux-gnu/libpthread.so.0
> No symbol table info available.
> #3  0x00005555559f2557 in qemu_mutex_lock (mutex=0x555555ed6d40)
>     at util/qemu-thread-posix.c:76
>         err = 0
>         __func__ = "qemu_mutex_lock"
> #4  0x00005555556306ef in qemu_mutex_lock_iothread ()
>     at /usr/src/qemu-2.2.0/cpus.c:1123
> No locals.
> #5  0x0000555555954a87 in os_host_main_loop_wait (timeout=79413589)
>     at main-loop.c:242
>         ret = 1
>         spin_counter = 0
> #6  0x0000555555954b5f in main_loop_wait (nonblocking=0) at main-loop.c:494
>         ret = 15
>         timeout = 4294967295
>         timeout_ns = 79413589
> #7  0x000055555575e702 in main_loop () at vl.c:1882
>         nonblocking = false
>         last_io = 1
> #8  0x00005555557662ee in main (argc=52, argv=0x7fffffffe278,
>     envp=0x7fffffffe420) at vl.c:4401
>         i = 128
>         snapshot = 0
>         linux_boot = 0
>         initrd_filename = 0x0
>         kernel_filename = 0x0
>         kernel_cmdline = 0x555555a3116e ""
>         boot_order = 0x555556352270 "dc"
>         ds = 0x5555563e2e20
>         cyls = 0
>         heads = 0
>         secs = 0
>         translation = 0
>         hda_opts = 0x0
>         opts = 0x555556352140
>         machine_opts = 0x55555634c5b0
>         icount_opts = 0x0
>         olist = 0x555555e27a40
>         optind = 52
>         optarg = 0x0
>         loadvm = 0x0
>         machine_class = 0x555556345cb0
>         cpu_model = 0x7fffffffe9d2 
> "qemu64,+fpu,+vme,+de,+pse,+tsc,+msr,+pae,+mce,+cx8,+apic,+sep,+mtrr,+pge,+mca,+cmov,+pat,+pse36,+clflush,+acpi,+mmx,+fxsr,+sse,+sse2,+ss,+ht,+tm,+pbe,+syscall,+nx,+pdpe1gb,+rdts
> cp,+lm,+pni,+pclmulqdq,"...
>         vga_model = 0x7fffffffeb67 "vmware"
>         qtest_chrdev = 0x0
>         qtest_log = 0x0
>         pid_file = 0x7fffffffe990 "/var/run/qemu/vm-3092.pid"
>         incoming = 0x0
>         show_vnc_port = 0
>         defconfig = true
>         userconfig = true
>         log_mask = 0x0
>         log_file = 0x0
>         mem_trace = {malloc = 0x555555761bf9 <malloc_and_trace>,
>           realloc = 0x555555761c51 <realloc_and_trace>,
>           free = 0x555555761cb8 <free_and_trace>, calloc = 0, try_malloc = 0,
>           try_realloc = 0}
>         trace_events = 0x0
>         trace_file = 0x0
>         default_ram_size = 134217728
>         maxram_size = 8589934592
>         ram_slots = 0
>         vmstate_dump_file = 0x0
>         main_loop_err = 0x0
>         __func__ = "main"
> (gdb)
> 
> Peter

Reply via email to