gdbstub step instruction locks up on OS X

Bug #1087590 reported by espes
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
QEMU
Fix Released
Undecided
Unassigned

Bug Description

OS X 10.8.2
(Darwin Niels-MacBook-Air.local 12.2.0 Darwin Kernel Version 12.2.0: Sat Aug 25 00:48:52 PDT 2012; root:xnu-2050.18.24~1/RELEASE_X86_64 x86_64)

-Only seems to occur with a drive attached

-To reproduce (from current git master):

./configure --cc=clang --enable-debug --disable-user --target-list=i386-softmmu
i386-softmmu/qemu-system-i386 -drive file=~/tmp.qcow2,index=0,media=disk -s -S

#wait several seconds

gdb
    target remote localhost:1234
    si

#qemu locks up, requires kill -9

-Bisected it to:
commit 47e6b251a5e9a47c406f2f2c0b01bb88854c98ec
Author: Paolo Bonzini <email address hidden>
Date: Thu May 24 18:03:13 2012 +0200

    block: switch posix-aio-compat to threadpool

    This is not meant for portability, but to remove code duplication.

    Signed-off-by: Paolo Bonzini <email address hidden>

(cherry picking 1f001dc7bc9e435bf231a5b0edcad1c7c2bd6214, c166cb72f1676855816340666c3b618beef4b976 and 1d8ddda045b4b72dc95a325debb6df0fc19ec821 as needed to keep it building, which was kinda dodgy).

-Trackback while locked up:
Thread 9 (process 49143):
#0 0x00007fff93dcd0fa in __psynch_cvwait ()
#1 0x00007fff931c0f89 in _pthread_cond_wait ()
#2 0x0000000100202363 in qemu_sem_timedwait (sem=0x1009a6678, ms=10000) at qemu-thread-posix.c:214
#3 0x000000010023017e in worker_thread (unused=0x0) at thread-pool.c:88
#4 0x00007fff931bc742 in _pthread_start ()
#5 0x00007fff931a9181 in thread_start ()

Thread 8 (process 49143):
#0 0x00007fff93dcd0fa in __psynch_cvwait ()
#1 0x00007fff931c0f89 in _pthread_cond_wait ()
#2 0x0000000100ffab83 in g_cond_wait ()
#3 0x0000000100074aa5 in coroutine_wait_runnable_locked (co=0x1032361d0) at coroutine-gthread.c:133
#4 0x00000001000749fe in qemu_coroutine_switch (from_=0x1032361d0, to_=0x103024200, action=COROUTINE_YIELD) at coroutine-gthread.c:191
#5 0x00000001001f8fbc in coroutine_swap (from=0x1032361d0, to=0x103024200) at qemu-coroutine.c:31
#6 0x00000001001f90b5 in qemu_coroutine_yield () at qemu-coroutine.c:74
#7 0x0000000100024238 in bdrv_co_flush (bs=0x104007c00) at block.c:4023
#8 0x00000001000244ae in bdrv_flush_co_entry (opaque=0x103480d80) at block.c:3987
#9 0x000000010001d142 in bdrv_flush (bs=0x104007c00) at block.c:4086
#10 0x000000010003554a in qcow2_cache_flush (bs=0x10281e600, c=0x10183cd60) at block/qcow2-cache.c:151
#11 0x0000000100041f69 in qcow2_co_flush_to_os (bs=0x10281e600) at block/qcow2.c:1559
#12 0x000000010002415a in bdrv_co_flush (bs=0x10281e600) at block.c:4000
#13 0x00000001000244ae in bdrv_flush_co_entry (opaque=0x7fff5fbfe320) at block.c:3987
#14 0x00000001000748a2 in coroutine_thread (opaque=0x1032361d0) at coroutine-gthread.c:150
#15 0x0000000100fdf8fa in g_thread_proxy ()
#16 0x00007fff931bc742 in _pthread_start ()
#17 0x00007fff931a9181 in thread_start ()

Thread 7 (process 49143):
#0 0x00007fff93dcd122 in __psynch_mutexwait ()
#1 0x00007fff931c1d9d in pthread_mutex_lock ()
#2 0x00007fff931c1017 in _pthread_cond_wait ()
#3 0x000000010020205b in qemu_cond_wait (cond=0x10322db90, mutex=0x1009b6640) at qemu-thread-posix.c:116
#4 0x000000010027770a in qemu_tcg_wait_io_event () at cpus.c:708
#5 0x000000010027747b in qemu_tcg_cpu_thread_fn (arg=0x10381d200) at cpus.c:845
#6 0x00007fff931bc742 in _pthread_start ()
#7 0x00007fff931a9181 in thread_start ()

Thread 6 (process 49143):
#0 0x00007fff93dcd57a in __sigwait ()
#1 0x00007fff93246e4d in sigwait ()
#2 0x000000010006eca9 in sigwait_compat (opaque=0x101c253a0) at compatfd.c:40
#3 0x00007fff931bc742 in _pthread_start ()
#4 0x00007fff931a9181 in thread_start ()

Thread 3 (process 49143):
#0 0x00007fff93dcdd16 in kevent ()
#1 0x00007fff8bb78dea in _dispatch_mgr_invoke ()
#2 0x00007fff8bb789ee in _dispatch_mgr_thread ()

Thread 1 (process 49143):
#0 0x00007fff93dcd322 in select$DARWIN_EXTSN ()
#1 0x0000000100004a50 in aio_poll (ctx=0x101c253f0, blocking=true) at aio-posix.c:230
#2 0x00000001001bb857 in qemu_aio_wait () at main-loop.c:449
#3 0x000000010001d181 in bdrv_flush (bs=0x10281e600) at block.c:4091
#4 0x0000000100020fc8 in bdrv_flush_all () at block.c:2685
#5 0x0000000100276642 in do_vm_stop (state=RUN_STATE_DEBUG) at cpus.c:446
#6 0x00000001002765c5 in vm_stop (state=RUN_STATE_DEBUG) at cpus.c:1078
#7 0x000000010026e850 in main_loop_should_exit () at vl.c:1718
#8 0x000000010026e77c in main_loop () at vl.c:1774
#9 0x0000000100268eed in qemu_main (argc=9, argv=0x7fff5fbffa40, envp=0x7fff5fbffa90) at vl.c:3999
#10 0x0000000100234509 in -[QemuCocoaAppController startEmulationWithArgc:argv:] (self=0x101804a90, _cmd=0x1003c7f05, argc=9, argv=0x7fff5fbffa40) at ui/cocoa.m:798
#11 0x0000000100234421 in -[QemuCocoaAppController applicationDidFinishLaunching:] (self=0x101804a90, _cmd=0x7fff93597f79, note=0x101c218f0) at ui/cocoa.m:776
#12 0x00007fff952f647a in _CFXNotificationPost ()
#13 0x00007fff959f0846 in -[NSNotificationCenter postNotificationName:object:userInfo:] ()
#14 0x00007fff8cc6560d in -[NSApplication _postDidFinishNotification] ()
#15 0x00007fff8cc65346 in -[NSApplication _sendFinishLaunchingNotification] ()
#16 0x00007fff8cc62532 in -[NSApplication(NSAppleEventHandling) _handleAEOpenEvent:] ()
#17 0x00007fff8cc6212c in -[NSApplication(NSAppleEventHandling) _handleCoreEvent:withReplyEvent:] ()
#18 0x00007fff95a0a12b in -[NSAppleEventManager dispatchRawAppleEvent:withRawReply:handlerRefCon:] ()
#19 0x00007fff95a09f8d in _NSAppleEventManagerGenericHandler ()
#20 0x00007fff8bc2cb48 in aeDispatchAppleEvent ()
#21 0x00007fff8bc2c9a9 in dispatchEventAndSendReply ()
#22 0x00007fff8bc2c869 in aeProcessAppleEvent ()
#23 0x00007fff9609d8e9 in AEProcessAppleEvent ()
#24 0x00007fff8cc5e916 in _DPSNextEvent ()
#25 0x00007fff8cc5ded2 in -[NSApplication nextEventMatchingMask:untilDate:inMode:dequeue:] ()
#26 0x00007fff8cc55283 in -[NSApplication run] ()
#27 0x00000001002353f6 in main (argc=9, argv=0x7fff5fbffa40) at ui/cocoa.m:946

espes (espes)
summary: - gdbstub somewhat broken on OS X
+ gdbstub step instruction locks up on OS X
description: updated
espes (espes)
description: updated
Revision history for this message
Peter Maydell (pmaydell) wrote :

With current git master, does the bug still occur if you add '--with-coroutine=sigaltstack' to your configure line?

Revision history for this message
espes (espes) wrote :

Yes.

Revision history for this message
espes (espes) wrote :
Download full text (3.5 KiB)

(new backtrace:)

Thread 9 (process 58073):
#0 0x00007fff93dcd0fa in __psynch_cvwait ()
#1 0x00007fff931c0f89 in _pthread_cond_wait ()
#2 0x0000000100202cf3 in qemu_sem_timedwait (sem=0x100996618, ms=10000) at qemu-thread-posix.c:214
#3 0x0000000100230b0e in worker_thread (unused=0x0) at thread-pool.c:88
#4 0x00007fff931bc742 in _pthread_start ()
#5 0x00007fff931a9181 in thread_start ()

Thread 8 (process 58073):
#0 0x00007fff93dcd122 in __psynch_mutexwait ()
#1 0x00007fff931c1d9d in pthread_mutex_lock ()
#2 0x00007fff931c1017 in _pthread_cond_wait ()
#3 0x00000001002029eb in qemu_cond_wait (cond=0x101746290, mutex=0x1009a65e0) at qemu-thread-posix.c:116
#4 0x000000010027809a in qemu_tcg_wait_io_event () at /Users/niel/build/qemu/cpus.c:708
#5 0x0000000100277e0b in qemu_tcg_cpu_thread_fn (arg=0x1019a3000) at /Users/niel/build/qemu/cpus.c:845
#6 0x00007fff931bc742 in _pthread_start ()
#7 0x00007fff931a9181 in thread_start ()

Thread 7 (process 58073):
#0 0x00007fff93dcd57a in __sigwait ()
#1 0x00007fff93246e4d in sigwait ()
#2 0x000000010006f1a9 in sigwait_compat (opaque=0x103a2f530) at compatfd.c:40
#3 0x00007fff931bc742 in _pthread_start ()
#4 0x00007fff931a9181 in thread_start ()

Thread 3 (process 58073):
#0 0x00007fff93dcdd16 in kevent ()
#1 0x00007fff8bb78dea in _dispatch_mgr_invoke ()
#2 0x00007fff8bb789ee in _dispatch_mgr_thread ()

Thread 1 (process 58073):
#0 0x00007fff93dcd322 in select$DARWIN_EXTSN ()
#1 0x0000000100004f80 in aio_poll (ctx=0x103a2f580, blocking=true) at aio-posix.c:230
#2 0x00000001001bc267 in qemu_aio_wait () at main-loop.c:442
#3 0x000000010001d6b1 in bdrv_flush (bs=0x104023a00) at block.c:4091
#4 0x00000001000214f8 in bdrv_flush_all () at block.c:2685
#5 0x0000000100276fd2 in do_vm_stop (state=RUN_STATE_DEBUG) at /Users/niel/build/qemu/cpus.c:446
#6 0x0000000100276f55 in vm_stop (state=RUN_STATE_DEBUG) at /Users/niel/build/qemu/cpus.c:1078
#7 0x000000010026f1e0 in main_loop_should_exit () at vl.c:1718
#8 0x000000010026f10c in main_loop () at vl.c:1774
#9 0x000000010026987d in qemu_main (argc=9, argv=0x7fff5fbffa78, envp=0x7fff5fbffac8) at vl.c:3999
#10 0x0000000100234e99 in -[QemuCocoaAppController startEmulationWithArgc:argv:] (self=0x101721310, _cmd=0x1003ba8bb, argc=9, argv=0x7fff5fbffa78) at ui/cocoa.m:798
#11 0x0000000100234db1 in -[QemuCocoaAppController applicationDidFinishLaunching:] (self=0x101721310, _cmd=0x7fff93597f79, note=0x103a1dbd0) at ui/cocoa.m:776
#12 0x00007fff952f647a in _CFXNotificationPost ()
#13 0x00007fff959f0846 in -[NSNotificationCenter postNotificationName:object:userInfo:] ()
#14 0x00007fff8cc6560d in -[NSApplication _postDidFinishNotification] ()
#15 0x00007fff8cc65346 in -[NSApplication _sendFinishLaunchingNotification] ()
#16 0x00007fff8cc62532 in -[NSApplication(NSAppleEventHandling) _handleAEOpenEvent:] ()
#17 0x00007fff8cc6212c in -[NSApplication(NSAppleEventHandling) _handleCoreEvent:withReplyEvent:] ()
#18 0x00007fff95a0a12b in -[NSAppleEventManager dispatchRawAppleEvent:withRawReply:handlerRefCon:] ()
#19 0x00007fff95a09f8d in _NSAppleEventManagerGenericHandler ()
#20 0x00007fff8bc2cb48 in aeDispatchAppleEvent ()
#21 0x00007fff8bc2c9a9 in disp...

Read more...

Revision history for this message
espes (espes) wrote :

(Though note it seems to always freeze on boot with '--with-coroutine=sigaltstack')

espes (espes)
Changed in qemu:
status: New → Fix Released
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.

Other bug subscribers