Hide Forgot
Description of problem: Boot rhel7.2 guest with virtio-scsi disk. then execute sg_write_same commands as below inside guest. It cause qemu-kvm-rhev process quit. # sg_write_same --in buf --num=32 --lba=80 /dev/sdb # sg_write_same --in /dev/zero --num=96 --lba=0 /dev/sdb # sg_write_same -U --in /dev/zero --num=16 --lba=0 /dev/sdb # time sg_write_same --in buf --num=65536 --lba=131074 /dev/sdb [Create Linking Work Item] Version-Release number of selected component (if applicable): Host: 3.10.0-300.el7.x86_64 qemu-kvm-rhev-2.3.0-13.el7.x86_64 Guest: RHEL7.2 3.10.0-294.el7.x86_64 rpm: sg3_utils-libs-1.37-5.el7.x86_64 sg3_utils-1.37-5.el7.x86_64 How reproducible: Steps to Reproduce: 1.1. Create a 1G raw image on an XFS file system. # qemu-img create -f raw /home/testthin.img 1G 2.Start qemu /usr/libexec/qemu-kvm -name rhel7.2 -M pc-i440fx-rhel7.2.0,accel=kvm,usb=off,vmport=off -cpu SandyBridge -m 8192 -smp 8 \ -drive file=/home/rhel.img,if=none,id=drive-ide0-0-0,format=raw -device ide-hd,bus=ide.0,unit=0,drive=drive-ide0-0-0,id=ide0-0-0,bootindex=1 \ -drive file=/home/testthin.img,if=none,id=drive-data-disk,format=raw,cache=none,aio=native,werror=stop,rerror=stop,discard=on -device virtio-scsi-pci,id=scsi1,bus=pci.0 -device scsi-hd,drive=drive-data-disk,id=data-disk,logical_block_size=4096,bus=scsi1.0 \ -netdev tap,id=hostnet0 -device rtl8139,netdev=hostnet0,id=net0,mac=52:55:00:5c:89:4d,bus=pci.0 \ -device qxl-vga,id=video0,ram_size=67108864,vram_size=67108864,vgamem_mb=16,bus=pci.0 -spice port=5900,disable-ticketing, -monitor stdio 3.Execute the following commands in guest: # yes | head -n2048 > buf # sg_write_same --in buf --num=32 --lba=80 /dev/sdb # sg_write_same --in /dev/zero --num=96 --lba=0 /dev/sdb # sg_write_same -U --in /dev/zero --num=16 --lba=0 /dev/sdb # time sg_write_same --in buf --num=65536 --lba=131074 /dev/sdb Actual results: Guest: after step3. qemu-kvm: block.c:3332: bdrv_aligned_pwritev: Assertion `!qiov || bytes == qiov->size' failed. Aborted (core dumped) Expected results: qemu-kvm-rhev and guest work well Additional info: gdb debug info: (gdb) bt #0 0x00007ffff071a5d7 in raise () from /lib64/libc.so.6 #1 0x00007ffff071bcc8 in abort () from /lib64/libc.so.6 #2 0x00007ffff0713546 in __assert_fail_base () from /lib64/libc.so.6 #3 0x00007ffff07135f2 in __assert_fail () from /lib64/libc.so.6 #4 0x00005555557dd2cb in bdrv_aligned_pwritev (bs=bs@entry=0x555556a2c800, req=req@entry=0x55556439bf00, offset=offset@entry=804790272, bytes=bytes@entry=520192, qiov=0x55555692dd18, flags=0) at block.c:3332 #5 0x00005555557ddcd7 in bdrv_co_do_pwritev (bs=bs@entry=0x555556a2c800, offset=<optimized out>, bytes=520192, qiov=0x55555692dd18, flags=<optimized out>) at block.c:3580 #6 0x00005555557dea17 in bdrv_co_do_writev (flags=<optimized out>, qiov=<optimized out>, nb_sectors=<optimized out>, sector_num=<optimized out>, bs=<optimized out>) at block.c:3604 #7 bdrv_co_do_rw (opaque=0x555557ae68f0) at block.c:4997 #8 0x00005555557e895a in coroutine_trampoline (i0=<optimized out>, i1=<optimized out>) at coroutine-ucontext.c:80 #9 0x00007ffff072c0f0 in ?? () from /lib64/libc.so.6 #10 0x00007fffe61a7ef0 in ?? () #11 0x0000000000000000 in ?? ()
Patches posted to upstream: https://lists.gnu.org/archive/html/qemu-devel/2015-07/msg05677.html
weliao, could you test this scratch build? http://brewweb.devel.redhat.com/brew/taskinfo?taskID=9802035
Version-Release number of selected component (if applicable): Host: 3.10.0-309.el7.x86_64 qemu-kvm-rhev-2.3.0-22.el7.test.x86_64 Guest: RHEL7.2 3.10.0-229.el7.x86_64 [root@dhcp-66-106-190 ~]# yes | head -n2048 > buf [root@dhcp-66-106-190 ~]# sg_write_same --in buf --num=32 --lba=80 /dev/sdb [root@dhcp-66-106-190 ~]# sg_write_same --in /dev/zero --num=96 --lba=0 /dev/sdb [root@dhcp-66-106-190 ~]# sg_write_same -U --in /dev/zero --num=16 --lba=0 /dev/sdb [root@dhcp-66-106-190 ~]# time sg_write_same --in buf --num=65537 --lba=131074 /dev/sdb real 0m0.027s user 0m0.004s sys 0m0.002s host no core dumped.
Fix included in qemu-kvm-rhev-2.3.0-23.el7
Version-Release number of selected component (if applicable): Host: qemu-kvm-rhev-2.3.0-23.el7.x86_64 Guest: RHEL7.2 [root@dhcp-9-242 ~]# yes | head -n2048 > buf [root@dhcp-9-242 ~]# sg_write_same --in buf --num=32 --lba=80 /dev/sdb [root@dhcp-9-242 ~]# sg_write_same --in /dev/zero --num=96 --lba=0 /dev/sdb [root@dhcp-9-242 ~]# sg_write_same -U --in /dev/zero --num=16 --lba=0 /dev/sdb [root@dhcp-9-242 ~]# time sg_write_same --in buf --num=65536 --lba=131074 /dev/sdb real 0m2.546s user 0m0.005s sys 0m0.001s [root@dhcp-9-242 ~]# time sg_write_same --in buf --num=65537 --lba=131074 /dev/sdb real 0m2.554s user 0m0.001s sys 0m0.004s host no core dumped, Bug fixed.
According to comment7, set this issue as verified.
Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://rhn.redhat.com/errata/RHBA-2015-2546.html