From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from eggs.gnu.org ([2001:4830:134:3::10]:37050)
	by lists.gnu.org with esmtp (Exim 4.71)
	(envelope-from <pbonzini@redhat.com>) id 1YnqjO-0005CW-6G
	for qemu-devel@nongnu.org; Thu, 30 Apr 2015 11:50:33 -0400
Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
	(envelope-from <pbonzini@redhat.com>) id 1YnqjL-0000jN-69
	for qemu-devel@nongnu.org; Thu, 30 Apr 2015 11:50:30 -0400
Received: from mx1.redhat.com ([209.132.183.28]:45722)
	by eggs.gnu.org with esmtp (Exim 4.71)
	(envelope-from <pbonzini@redhat.com>) id 1YnqjK-0000jF-Sd
	for qemu-devel@nongnu.org; Thu, 30 Apr 2015 11:50:27 -0400
Message-ID: <55424F3C.1050209@redhat.com>
Date: Thu, 30 Apr 2015 17:50:20 +0200
From: Paolo Bonzini <pbonzini@redhat.com>
MIME-Version: 1.0
References: <tencent_D4C0F8C0FE9E16802F5FF410@qq.com>
In-Reply-To: <tencent_D4C0F8C0FE9E16802F5FF410@qq.com>
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: quoted-printable
Subject: [Qemu-devel] Fwd: qemu drive mirror assert fault
List-Id: <qemu-devel.nongnu.org>
List-Unsubscribe: <https://lists.nongnu.org/mailman/options/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=unsubscribe>
List-Archive: <http://lists.nongnu.org/archive/html/qemu-devel>
List-Post: <mailto:qemu-devel@nongnu.org>
List-Help: <mailto:qemu-devel-request@nongnu.org?subject=help>
List-Subscribe: <https://lists.nongnu.org/mailman/listinfo/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=subscribe>
To: John Snow <jsnow@redhat.com>, Fam Zheng <famz@redhat.com>, qemu-devel <qemu-devel@nongnu.org>, wangxiaolong@ucloud.cn

John, Fam,

I got this report offlist.  This happens if a bit in the hbitmap is
cleared and the HBitmap has _not_ yet reached the bit.  See this comment
in include/qemu/hbitmap.h:

 * Resetting bits before the current
 * position of the iterator is also okay.  However, concurrent
 * resetting of bits can lead to unexpected behavior if the iterator
 * has not yet reached those bits.

Can you please take a look?

Thanks,

Paolo

-------- Forwarded Message --------
Subject: 	qemu drive mirror assert fault
Date: 	Wed, 29 Apr 2015 10:50:28 +0800
From: 	wangxiaolong <wangxiaolong@ucloud.cn>
To: 	pbonzini <pbonzini@redhat.com>

hello,

I used drive mirror to do live migration, and I run into such an assert
fault:

(gdb) bt

#0  0x00007fd2c6e678a5 in raise (sig=3D6) at
../nptl/sysdeps/unix/sysv/linux/raise.c:64

#1  0x00007fd2c6e69085 in abort () at abort.c:92

#2  0x00007fd2c6e60a1e in __assert_fail_base (fmt=3D<value optimized out>=
,
assertion=3D0x7fd2ca215aa0 "cur", file=3D0x7fd2ca215a78 "util/hbitmap.c",
line=3D<value optimized out>,

    function=3D<value optimized out>) at assert.c:96

#3  0x00007fd2c6e60ae0 in __assert_fail (assertion=3D0x7fd2ca215aa0 "cur"=
,
file=3D0x7fd2ca215a78 "util/hbitmap.c", line=3D129, function=3D0x7fd2ca21=
5bf0
"hbitmap_iter_skip_words")

    at assert.c:105

#4  0x00007fd2ca1b3bb8 in hbitmap_iter_skip_words (hbi=3D<value optimized
out>) at util/hbitmap.c:129

#5  0x00007fd2c9f8f8e0 in hbitmap_iter_next (opaque=3D0x7fd2cc59c730) at
/usr/src/debug/qemu-kvm-1.5.3/include/qemu/hbitmap.h:166

#6  mirror_iteration (opaque=3D0x7fd2cc59c730) at block/mirror.c:163

#7  mirror_run (opaque=3D0x7fd2cc59c730) at block/mirror.c:407

#8  0x00007fd2c9fc45bb in coroutine_trampoline (i0=3D<value optimized
out>, i1=3D<value optimized out>) at coroutine-ucontext.c:118

#9  0x00007fd2c6e78b70 in ?? () from /lib64/libc-2.12.so

#10 0x00007fff53eede80 in ?? ()

#11 0x0000000000000000 in ?? ()


and I just can=E2=80=99t figure out what is the cause of this situation,
could you help me figure it out, thanks!