Hi, Kevin. I found a bug about qemu-kvm(version 2.7.0-rc0 adn 2.8.1). but qemu 2.6.0 and current master is OK. So I git-bisect the master branch,and I found the patch you commited (block: Decouple throttling from BlockDriverState) lead the bug into qemu.
The patch which lead the bug into qemu: (https://github.com/qemu/qemu/commit/7ca7f0f6db1fedd28d490795d778cf23979a2aa7#diff-ea36ba0f79150cc299732696a069caba) Because the current master is OK. So I think you had fixed it , can you tell me which patch fixed the bug? Thank you :> the bug is that: qemu will crash when loop to attach and detach a disk which configured qos to a VM for a while. *Segmentation fault info(qemu 2.7.0-rc0):* Using host libthread_db library "/lib64/libthread_db.so.1". Core was generated by `/usr/bin/qemu-kvm -name guest=wangjie-i-clone203_rhel_7.3_64_guestosdev,debug-t'. Program terminated with signal 11, Segmentation fault. #0 0x00007fe960413e3c in throttle_group_next_blk (blk=0x11) at block/throttle-groups.c:160 160 ThrottleState *ts = blkp->throttle_state; Missing separate debuginfos, use: debuginfo-install glib2-2.40.0-4.x86_64 glibc-2.17-157.h5.x86_64 libaio-0.3.109-13.x86_64 libgcc-4.8.3-10.h1.x86_64 nettle-2.7.1-4.h1.x86_64 numactl-libs-2.0.9-4.x86_64 pixman-0.32.4-3.x86_64 zlib-1.2.7-14.x86_64 (gdb) bt #0 0x00007fe960413e3c in throttle_group_next_blk (blk=0x11) at block/throttle-groups.c:160 #1 0x00007fe960413eff in next_throttle_token (blk=0x7fe963f5c400, is_write=false) at block/throttle-groups.c:192 #2 0x00007fe9604141a8 in throttle_group_co_io_limits_intercept (blk=0x7fe963f5c400, bytes=512, is_write=false) at block/throttle-groups.c:303 #3 0x00007fe960400048 in blk_co_preadv (blk=0x7fe963f5c400, offset=0, bytes=512, qiov=0x7ffc37ee8aa0, flags=(unknown: 0)) at block/block-backend.c:728 #4 0x00007fe960400159 in blk_read_entry (opaque=0x7ffc37ee8ac0) at block/block-backend.c:769 #5 0x00007fe96048f4d7 in coroutine_trampoline (i0=1678853408, i1=32745) at util/coroutine-ucontext.c:78 #6 0x00007fe95dfdacf0 in ?? () from /lib64/libc.so.6 #7 0x00007ffc37ee9c00 in ?? () #8 0x0000000000000000 in ?? () *Segmentation fault info(qemu 2.8.1):* Program received signal SIGSEGV, Segmentation fault. 0x00007f5469220607 in blk_has_pending_reqs (blk=0x7f54672a0032, is_write=false) at block/throttle-groups.c:184 184 return blkp->pending_reqs[is_write]; (gdb) bt #0 0x00007f5469220607 in blk_has_pending_reqs (blk=0x7f54672a0032, is_write=false) at block/throttle-groups.c:184 #1 0x00007f54692206a8 in next_throttle_token (blk=0x7f546b6cd120, is_write=false) at block/throttle-groups.c:207 #2 0x00007f5469220984 in throttle_group_co_io_limits_intercept (blk=0x7f546b6cd120, bytes=512, is_write=false) at block/throttle-groups.c:322 #3 0x00007f546920bc79 in blk_co_preadv (blk=0x7f546b6cd120, offset=0, bytes=512, qiov=0x7ffcc7355060, flags=0) at block/block-backend.c:815 #4 0x00007f546920bddf in blk_read_entry (opaque=0x7ffcc7355080) at block/block-backend.c:865 #5 0x00007f54692a00f0 in coroutine_trampoline (i0=-588050448, i1=32595) at util/coroutine-ucontext.c:79 #6 0x00007f5466f34cf0 in ?? () from /lib64/libc.so.6 #7 0x00007f53f27fa9e0 in ?? () #8 0x0000000000000000 in ?? () *The way how to find the bug as follows:* *1、start a VM* *2、attach and detach a disk for a while,the configure of the disk (add-1.xml) as follows* <disk device="disk" type="file"> <driver cache="none" io="native" name="qemu" type="raw" /> <source file="/mnt/sdb/wangjie-kvm/core/fk8b42zr-oz" /> <target bus="virtio" dev="vdb" /> <iotune> <read_iops_sec>3000</read_iops_sec> <write_iops_sec>3000</write_iops_sec> <read_bytes_sec>120000000</read_bytes_sec> <write_bytes_sec>120000000</write_bytes_sec> </iotune> </disk> *3、run below script for a while,the qemu process of VM will crash* ret=1 while [ $ret -ne 0 ]; do virsh attach-device i-clone203_rhel_7.3_64_guestosdev add-1.xml sleep 2 virsh detach-device i-clone203_rhel_7.3_64_guestosdev add-1.xml done