[Qemu-devel] iscsi / block segfault regression

qemu-devel.nongnu.org archive mirror
 help / color / mirror / Atom feed

* [Qemu-devel] iscsi / block segfault regression
@ 2013-03-21 10:45 Peter Lieven
  2013-03-21 11:03 ` Peter Lieven
  0 siblings, 1 reply; 3+ messages in thread
From: Peter Lieven @ 2013-03-21 10:45 UTC (permalink / raw)
  To: qemu-devel@nongnu.org; +Cc: Paolo Bonzini, ronnie sahlberg

Hi,

I currently try to debug a regression in git master with iscsi that happens with some iscsi volumes.
I added debugging output to all aio calls into block/iscsi.c and it seems that immediately after
brdv_open something is overwriting bs->opaque with a new pointer.

~/git/qemu$ x86_64-softmmu/qemu-system-x86_64 -k de -enable-kvm -m 1024 -drive format=iscsi,file=iscsi://172.21.200.31/iqn.2001-05.com.equallogic:0-8a0906-3c0f4e007-dce91829d0450add-lieven-storage-migration-test-hd0/0,if=virtio,cache=writeback,aio=native 
  -vnc :1 -boot dc -monitor stdio
iscsi open start
iscsi_full_connect_sync: iscsilun = 140063347224208, iscsilun->iscsi = 140063347225536, bs = 140063347221696, filename=iscsi://172.21.200.31/iqn.2001-05.com.equallogic:0-8a0906-3c0f4e007-dce91829d0450add-lieven-storage-migration-test-hd0/0
iscsi open finish ret=0
iscsi_aio_flush: iscsilun = 140063347230736, iscsilun->iscsi = 0, bs = 140063347221696, filename=iscsi://172.21.200.31/iqn.2001-05.com.equallogic:0-8a0906-3c0f4e007-dce91829d0450add-lieven-storage-migration-test-hd0/0
iscsi_aio_flush_acb: iscsilun = 140063347230736, iscsilun->iscsi = 0, bs = 140063347221696, filename=iscsi://172.21.200.31/iqn.2001-05.com.equallogic:0-8a0906-3c0f4e007-dce91829d0450add-lieven-storage-migration-test-hd0/0
Speicherzugriffsfehler (Speicherabzug geschrieben)

bs address is unchanged, but iscsilun address is changed after connection it seems to an area with zeroed memory. the pointer to the iscsi context
is thus NULL.

iscsilun, iscsilun->iscsi and bs are addresses.

Peter

^ permalink raw reply	[flat|nested] 3+ messages in thread

* Re: [Qemu-devel] iscsi / block segfault regression
  2013-03-21 10:45 [Qemu-devel] iscsi / block segfault regression Peter Lieven
@ 2013-03-21 11:03 ` Peter Lieven
  2013-03-21 11:10   ` Peter Lieven
  0 siblings, 1 reply; 3+ messages in thread
From: Peter Lieven @ 2013-03-21 11:03 UTC (permalink / raw)
  To: qemu-devel@nongnu.org; +Cc: Kevin Wolf, Paolo Bonzini, ronnie sahlberg

git bisect results:

lieven@lieven-pc:~/git/qemu$ git bisect bad
f500a6d3c2b9ef0bb06d0080d91d8ed3c1d68f58 is the first bad commit
commit f500a6d3c2b9ef0bb06d0080d91d8ed3c1d68f58
Author: Kevin Wolf <kwolf@redhat.com>
Date:   Mon Nov 12 17:35:27 2012 +0100

     block: Avoid second open for format probing

     This fixes problems that are caused by the additional open/close cycle
     of the existing format probing, for example related to qemu-nbd without
     -t option or file descriptor passing.

     Signed-off-by: Kevin Wolf <kwolf@redhat.com>

:100644 100644 c4f5566b5de6cfa371d7b60dd8b0e1a2da7fd55f 2ec3afebfe6a6c12b573cba9ad36de800623fe6a M	block.c


On 21.03.2013 11:45, Peter Lieven wrote:
> Hi,
>
> I currently try to debug a regression in git master with iscsi that happens with some iscsi volumes.
> I added debugging output to all aio calls into block/iscsi.c and it seems that immediately after
> brdv_open something is overwriting bs->opaque with a new pointer.
>
> ~/git/qemu$ x86_64-softmmu/qemu-system-x86_64 -k de -enable-kvm -m 1024 -drive format=iscsi,file=iscsi://172.21.200.31/iqn.2001-05.com.equallogic:0-8a0906-3c0f4e007-dce91829d0450add-lieven-storage-migration-test-hd0/0,if=virtio,cache=writeback,aio=native
>   -vnc :1 -boot dc -monitor stdio
> iscsi open start
> iscsi_full_connect_sync: iscsilun = 140063347224208, iscsilun->iscsi = 140063347225536, bs = 140063347221696, filename=iscsi://172.21.200.31/iqn.2001-05.com.equallogic:0-8a0906-3c0f4e007-dce91829d0450add-lieven-storage-migration-test-hd0/0
> iscsi open finish ret=0
> iscsi_aio_flush: iscsilun = 140063347230736, iscsilun->iscsi = 0, bs = 140063347221696, filename=iscsi://172.21.200.31/iqn.2001-05.com.equallogic:0-8a0906-3c0f4e007-dce91829d0450add-lieven-storage-migration-test-hd0/0
> iscsi_aio_flush_acb: iscsilun = 140063347230736, iscsilun->iscsi = 0, bs = 140063347221696, filename=iscsi://172.21.200.31/iqn.2001-05.com.equallogic:0-8a0906-3c0f4e007-dce91829d0450add-lieven-storage-migration-test-hd0/0
> Speicherzugriffsfehler (Speicherabzug geschrieben)
>
> bs address is unchanged, but iscsilun address is changed after connection it seems to an area with zeroed memory. the pointer to the iscsi context
> is thus NULL.
>
> iscsilun, iscsilun->iscsi and bs are addresses.
>
> Peter
>

^ permalink raw reply	[flat|nested] 3+ messages in thread

* Re: [Qemu-devel] iscsi / block segfault regression
  2013-03-21 11:03 ` Peter Lieven
@ 2013-03-21 11:10   ` Peter Lieven
  0 siblings, 0 replies; 3+ messages in thread
From: Peter Lieven @ 2013-03-21 11:10 UTC (permalink / raw)
  To: qemu-devel@nongnu.org; +Cc: Kevin Wolf, Paolo Bonzini, ronnie sahlberg

Segfault happens if I specify format=iscsi in the -drive option group. In this case bdrv_swap() is called. Maybe there is a handling of bs->opaque missing?!

Peter


On 21.03.2013 12:03, Peter Lieven wrote:
> git bisect results:
>
> lieven@lieven-pc:~/git/qemu$ git bisect bad
> f500a6d3c2b9ef0bb06d0080d91d8ed3c1d68f58 is the first bad commit
> commit f500a6d3c2b9ef0bb06d0080d91d8ed3c1d68f58
> Author: Kevin Wolf <kwolf@redhat.com>
> Date:   Mon Nov 12 17:35:27 2012 +0100
>
>      block: Avoid second open for format probing
>
>      This fixes problems that are caused by the additional open/close cycle
>      of the existing format probing, for example related to qemu-nbd without
>      -t option or file descriptor passing.
>
>      Signed-off-by: Kevin Wolf <kwolf@redhat.com>
>
> :100644 100644 c4f5566b5de6cfa371d7b60dd8b0e1a2da7fd55f 2ec3afebfe6a6c12b573cba9ad36de800623fe6a M    block.c
>
>
> On 21.03.2013 11:45, Peter Lieven wrote:
>> Hi,
>>
>> I currently try to debug a regression in git master with iscsi that happens with some iscsi volumes.
>> I added debugging output to all aio calls into block/iscsi.c and it seems that immediately after
>> brdv_open something is overwriting bs->opaque with a new pointer.
>>
>> ~/git/qemu$ x86_64-softmmu/qemu-system-x86_64 -k de -enable-kvm -m 1024 -drive format=iscsi,file=iscsi://172.21.200.31/iqn.2001-05.com.equallogic:0-8a0906-3c0f4e007-dce91829d0450add-lieven-storage-migration-test-hd0/0,if=virtio,cache=writeback,aio=native
>>   -vnc :1 -boot dc -monitor stdio
>> iscsi open start
>> iscsi_full_connect_sync: iscsilun = 140063347224208, iscsilun->iscsi = 140063347225536, bs = 140063347221696, filename=iscsi://172.21.200.31/iqn.2001-05.com.equallogic:0-8a0906-3c0f4e007-dce91829d0450add-lieven-storage-migration-test-hd0/0
>> iscsi open finish ret=0
>> iscsi_aio_flush: iscsilun = 140063347230736, iscsilun->iscsi = 0, bs = 140063347221696, filename=iscsi://172.21.200.31/iqn.2001-05.com.equallogic:0-8a0906-3c0f4e007-dce91829d0450add-lieven-storage-migration-test-hd0/0
>> iscsi_aio_flush_acb: iscsilun = 140063347230736, iscsilun->iscsi = 0, bs = 140063347221696, filename=iscsi://172.21.200.31/iqn.2001-05.com.equallogic:0-8a0906-3c0f4e007-dce91829d0450add-lieven-storage-migration-test-hd0/0
>> Speicherzugriffsfehler (Speicherabzug geschrieben)
>>
>> bs address is unchanged, but iscsilun address is changed after connection it seems to an area with zeroed memory. the pointer to the iscsi context
>> is thus NULL.
>>
>> iscsilun, iscsilun->iscsi and bs are addresses.
>>
>> Peter
>>
>

^ permalink raw reply	[flat|nested] 3+ messages in thread

end of thread, other threads:[~2013-03-21 11:10 UTC | newest]

Thread overview: 3+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2013-03-21 10:45 [Qemu-devel] iscsi / block segfault regression Peter Lieven
2013-03-21 11:03 ` Peter Lieven
2013-03-21 11:10   ` Peter Lieven

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).