[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Qemu-devel] [Bug 1793791] Re: Crash with nbd_reply_chunk_iter_receive:
From: |
Matthew Schumacher |
Subject: |
[Qemu-devel] [Bug 1793791] Re: Crash with nbd_reply_chunk_iter_receive: Assertion `chunk->flags & NBD_REPLY_FLAG_DONE' failed |
Date: |
Mon, 24 Sep 2018 19:53:07 -0000 |
I'm back to trying to figure this out. I can't use migrate and copy
storage until this bug is fixed, so I'm pretty motivated. Today I
configured libvirt/qemu to dump the core, and I compiled qemu with
debugging symbols. Here is the backtrace. I'm not sure it says
anything we don't already know.
I may try to hack in some more debugging later today, but my C is
terrible. Any other ideas on ways I can help?
(gdb) bt full
#0 0x00007f1a6a3313f8 in raise () at /lib64/libc.so.6
#1 0x00007f1a6a332ffa in abort () at /lib64/libc.so.6
#2 0x00007f1a6a329c17 in __assert_fail_base () at /lib64/libc.so.6
#3 0x00007f1a6a329cc2 in () at /lib64/libc.so.6
#4 0x000055a6cba705a6 in nbd_reply_chunk_iter_receive (address@hidden,
address@hidden, address@hidden, address@hidden, reply=0x7f1945fe8800,
address@hidden, address@hidden) at block/nbd-client.c:606
local_reply =
{simple = {magic = 1732535960, error = 0, handle = 94174913593865},
structured = {magic = 1732535960, flags = 0, type = 0, handle = 94174913593865,
length = 0}, {magic = 1732535960, _skip = 0, handle = 94174913593865}}
chunk = 0x7f1945fe8800
local_err = 0x0
__func__ = "nbd_reply_chunk_iter_receive"
__PRETTY_FUNCTION__ = "nbd_reply_chunk_iter_receive"
#5 0x000055a6cba706d6 in nbd_co_request (errp=0x7f1945fe8888,
handle=94174913593865, s=0x55a6ce458200) at block/nbd-client.c:634
iter = {ret = 0, fatal = false, err = 0x0, done = false,
only_structured = true}
ret = <optimized out>
local_err = 0x0
client = 0x55a6ce458200
__PRETTY_FUNCTION__ = "nbd_co_request"
#6 0x000055a6cba706d6 in nbd_co_request (address@hidden, address@hidden,
address@hidden) at block/nbd-client.c:772
ret = <optimized out>
local_err = 0x0
client = 0x55a6ce458200
__PRETTY_FUNCTION__ = "nbd_co_request"
#7 0x000055a6cba70cb5 in nbd_client_co_pwrite_zeroes (bs=0x55a6ce450130,
offset=2483027968, bytes=16777216, flags=<optimized out>) at
block/nbd-client.c:860
client = <optimized out>
request = {handle = 94174913593865, from = 2483027968, len = 16777216,
flags = 0, type = 6}
__PRETTY_FUNCTION__ = "nbd_client_co_pwrite_zeroes"
#8 0x000055a6cba67f44 in bdrv_co_do_pwrite_zeroes (address@hidden,
address@hidden, address@hidden, address@hidden) at block/io.c:1410
num = 16777216
drv = 0x55a6cc3b0600 <bdrv_nbd_unix>
qiov = {iov = 0x100000, niov = -834338512, nalloc = 21926, size =
1831862272}
iov = {iov_base = 0x0, iov_len = 0}
ret = -95
need_flush = false
head = 0
tail = 0
max_write_zeroes = 33554432
alignment = 512
max_transfer = 16777216
__PRETTY_FUNCTION__ = "bdrv_co_do_pwrite_zeroes"
#9 0x000055a6cba68373 in bdrv_aligned_pwritev (address@hidden, address@hidden,
address@hidden, address@hidden, qiov=0x0, flags=6, child=0x55a6ce333f50,
child=0x55a6ce333f50)
at block/io.c:1522
bs = 0x55a6ce450130
drv = 0x55a6cc3b0600 <bdrv_nbd_unix>
waited = <optimized out>
ret = <optimized out>
end_sector = 4882432
bytes_remaining = 16777216
max_transfer = 33554432
#10 0x000055a6cba69a42 in bdrv_co_pwritev (req=0x7f1945fe8b50, flags=6,
bytes=16777216, offset=2483027968, child=0x55a6ce333f50) at block/io.c:1625
aligned_bytes = 16777216
bs = 0x55a6ce450130
buf = <optimized out>
tail_padding_bytes = 0
---Type <return> to continue, or q <return> to quit---
local_qiov = {iov = 0x0, niov = 0, nalloc = 0, size = 1825570816}
align = 512
head_padding_bytes = <optimized out>
ret = 0
iov = {iov_base = 0x7f1945fe8bc0, iov_len = 1}
bs = 0x55a6ce450130
req =
{bs = 0x55a6ce450130, offset = 2483027968, bytes = 16777216, type =
BDRV_TRACKED_WRITE, serialising = false, overlap_offset = 2483027968,
overlap_bytes = 16777216, list = {le_next = 0x0, le_prev = 0x7f19452dbb80}, co
= 0x7f1a5c003030, wait_queue = {entries = {sqh_first = 0x0, sqh_last =
0x7f1945fe8b98}}, waiting_for = 0x0}
align = <optimized out>
head_buf = 0x0
tail_buf = 0x0
local_qiov = {iov = 0x7f1945fe8bc0, niov = 1, nalloc = 0, size =
94171452932608}
use_local_qiov = false
ret = <optimized out>
__PRETTY_FUNCTION__ = "bdrv_co_pwritev"
#11 0x000055a6cba69a42 in bdrv_co_pwritev (address@hidden, address@hidden,
address@hidden, address@hidden, address@hidden) at block/io.c:1698
bs = 0x55a6ce450130
req =
{bs = 0x55a6ce450130, offset = 2483027968, bytes = 16777216, type =
BDRV_TRACKED_WRITE, serialising = false, overlap_offset = 2483027968,
overlap_bytes = 16777216, list = {le_next = 0x0, le_prev = 0x7f19452dbb80}, co
= 0x7f1a5c003030, wait_queue = {entries = {sqh_first = 0x0, sqh_last =
0x7f1945fe8b98}}, waiting_for = 0x0}
align = <optimized out>
head_buf = 0x0
tail_buf = 0x0
local_qiov = {iov = 0x7f1945fe8bc0, niov = 1, nalloc = 0, size =
94171452932608}
use_local_qiov = false
ret = <optimized out>
__PRETTY_FUNCTION__ = "bdrv_co_pwritev"
#12 0x000055a6cba6a3be in bdrv_co_pwrite_zeroes (child=0x55a6ce333f50,
offset=2483027968, bytes=16777216, flags=<optimized out>) at block/io.c:1822
#13 0x000055a6cba67f44 in bdrv_co_do_pwrite_zeroes (address@hidden,
address@hidden, address@hidden, address@hidden) at block/io.c:1410
num = 16777216
drv = 0x55a6cc3aa5a0 <bdrv_raw>
qiov = {iov = 0x6d400000, niov = -878284120, nalloc = 21926, size = 1}
iov = {iov_base = 0x0, iov_len = 0}
ret = -95
need_flush = false
head = 0
tail = 0
max_write_zeroes = 2147483647
alignment = 1
max_transfer = 16777216
__PRETTY_FUNCTION__ = "bdrv_co_do_pwrite_zeroes"
#14 0x000055a6cba68373 in bdrv_aligned_pwritev (address@hidden, address@hidden,
address@hidden, address@hidden, qiov=0x0, flags=6, child=0x55a6ce457960,
child=0x55a6ce457960)
at block/io.c:1522
bs = 0x55a6ce35dd80
drv = 0x55a6cc3aa5a0 <bdrv_raw>
waited = <optimized out>
ret = <optimized out>
end_sector = 4882432
bytes_remaining = 16777216
max_transfer = 33554432
#15 0x000055a6cba69a42 in bdrv_co_pwritev (req=0x7f1945fe8e90, flags=6,
bytes=16777216, offset=2483027968, child=0x55a6ce457960) at block/io.c:1625
aligned_bytes = 16777216
bs = 0x55a6ce35dd80
buf = <optimized out>
---Type <return> to continue, or q <return> to quit---
tail_padding_bytes = 0
local_qiov = {iov = 0x55a6ce3f8b40, niov = 1543529136, nalloc = 32538,
size = 139746525220544}
align = 1
head_padding_bytes = <optimized out>
ret = 0
iov = {iov_base = 0x7f1a5c003030, iov_len = 94174870259312}
bs = 0x55a6ce35dd80
req =
{bs = 0x55a6ce35dd80, offset = 2483027968, bytes = 16777216, type =
BDRV_TRACKED_WRITE, serialising = false, overlap_offset = 2483027968,
overlap_bytes = 16777216, list = {le_next = 0x0, le_prev = 0x7f19452dbec0}, co
= 0x7f1a5c003030, wait_queue = {entries = {sqh_first = 0x0, sqh_last =
0x7f1945fe8ed8}}, waiting_for = 0x0}
align = <optimized out>
head_buf = 0x0
tail_buf = 0x0
local_qiov = {iov = 0x7f1a5c003030, niov = -877640080, nalloc = 21926,
size = 139751189406384}
use_local_qiov = false
ret = <optimized out>
__PRETTY_FUNCTION__ = "bdrv_co_pwritev"
#16 0x000055a6cba69a42 in bdrv_co_pwritev (child=0x55a6ce457960,
address@hidden, address@hidden, address@hidden, flags=6) at block/io.c:1698
bs = 0x55a6ce35dd80
req =
{bs = 0x55a6ce35dd80, offset = 2483027968, bytes = 16777216, type =
BDRV_TRACKED_WRITE, serialising = false, overlap_offset = 2483027968,
overlap_bytes = 16777216, list = {le_next = 0x0, le_prev = 0x7f19452dbec0}, co
= 0x7f1a5c003030, wait_queue = {entries = {sqh_first = 0x0, sqh_last =
0x7f1945fe8ed8}}, waiting_for = 0x0}
align = <optimized out>
head_buf = 0x0
tail_buf = 0x0
local_qiov = {iov = 0x7f1a5c003030, niov = -877640080, nalloc = 21926,
size = 139751189406384}
use_local_qiov = false
ret = <optimized out>
__PRETTY_FUNCTION__ = "bdrv_co_pwritev"
#17 0x000055a6cba5898b in blk_co_pwritev (blk=0x55a6ce4576b0,
offset=2483027968, bytes=16777216, qiov=0x0, flags=<optimized out>) at
block/block-backend.c:1188
ret = <optimized out>
bs = 0x55a6ce35dd80
#18 0x000055a6cba58a9b in blk_aio_write_entry (opaque=0x7f1a5c0084b0) at
block/block-backend.c:1394
acb = 0x7f1a5c0084b0
rwco = 0x7f1a5c0084d8
qiov = <optimized out>
#19 0x000055a6cbb046ba in coroutine_trampoline (i0=<optimized out>,
i1=<optimized out>) at util/coroutine-ucontext.c:116
co = 0x7f1a5c003030
#20 0x00007f1a6a346560 in __start_context () at /lib64/libc.so.6
#21 0x00007f1a617a3fb0 in ()
#22 0x0000000000000000 in ()
--
You received this bug notification because you are a member of qemu-
devel-ml, which is subscribed to QEMU.
https://bugs.launchpad.net/bugs/1793791
Title:
Crash with nbd_reply_chunk_iter_receive: Assertion `chunk->flags &
NBD_REPLY_FLAG_DONE' failed
Status in QEMU:
New
Bug description:
Qemu version on both sides: 2.12.1
Host A Linux: 4.9.76
Host B Linux: 4.14.67
While calling from Host A:
virsh migrate virtualmachine qemu+ssh://hostB/system --live --undefinesource
--persistent --verbose --copy-storage-all
I get a qemu crash with:
2018-09-21 16:12:23.073+0000: 14428: info : virObjectUnref:350 :
OBJECT_UNREF: obj=0x7f922c03d990
qemu-system-x86_64: block/nbd-client.c:606: nbd_reply_chunk_iter_receive:
Assertion `chunk->flags & NBD_REPLY_FLAG_DONE' failed.
2018-09-21 16:12:41.230+0000: shutting down, reason=crashed
2018-09-21 16:12:52.900+0000: shutting down, reason=failed
It doesn't do it every time, but most of the time.
To manage notifications about this bug go to:
https://bugs.launchpad.net/qemu/+bug/1793791/+subscriptions
- [Qemu-devel] [Bug 1793791] [NEW] Crash with nbd_reply_chunk_iter_receive: Assertion `chunk->flags & NBD_REPLY_FLAG_DONE' failed, Matthew Schumacher, 2018/09/21
- [Qemu-devel] [Bug 1793791] Re: Crash with nbd_reply_chunk_iter_receive: Assertion `chunk->flags & NBD_REPLY_FLAG_DONE' failed, Matthew Schumacher, 2018/09/21
- Re: [Qemu-devel] [Bug 1793791] [NEW] Crash with nbd_reply_chunk_iter_receive: Assertion `chunk->flags & NBD_REPLY_FLAG_DONE' failed, Eric Blake, 2018/09/21
- [Qemu-devel] [Bug 1793791] Re: Crash with nbd_reply_chunk_iter_receive: Assertion `chunk->flags & NBD_REPLY_FLAG_DONE' failed, Matthew Schumacher, 2018/09/21
- [Qemu-devel] [Bug 1793791] Re: Crash with nbd_reply_chunk_iter_receive: Assertion `chunk->flags & NBD_REPLY_FLAG_DONE' failed,
Matthew Schumacher <=
- [Qemu-devel] [Bug 1793791] Re: Crash with nbd_reply_chunk_iter_receive: Assertion `chunk->flags & NBD_REPLY_FLAG_DONE' failed, Matthew Schumacher, 2018/09/24
- [Qemu-devel] [Bug 1793791] Re: Crash with nbd_reply_chunk_iter_receive: Assertion `chunk->flags & NBD_REPLY_FLAG_DONE' failed, Matthew Schumacher, 2018/09/25