Hide Forgot
Description of problem: This is very simple to reproduce using the following short Python plugin: ------------------------------- #!/usr/sbin/nbdkit python3 import time def open(readonly): h = {} return h def close(h): # take some time time.sleep(10) def get_size(h): return 1024 def pread(h, count, offset): buf = bytearray(count) return buf ------------------------------- $ ./test.py $ qemu-img info nbd:localhost:10809 $ qemu-img info nbd:localhost:10809 nbdkit will crash with the stack trace at end. What seems to be happening is that the lengthy close() call which takes 10 seconds is still running when a second NBD connection is made. Python doesn't like reentrancy in the interpreter. Version-Release number of selected component (if applicable): nbdkit-1.2.1-1.fc28.x86_64 How reproducible: 100% Additional info: Program terminated with signal SIGSEGV, Segmentation fault. #0 PyUnicode_InternInPlace () at /usr/src/debug/python3-3.6.5-1.fc28.x86_64/Objects/unicodeobject.c:15302 15302 Py_ALLOW_RECURSION [Current thread is 1 (Thread 0x7fe81bc34700 (LWP 5733))] Missing separate debuginfos, use: dnf debuginfo-install glibc-2.27-6.fc28.x86_64 libgcc-8.0.1-0.19.fc28.x86_64 libidn2-2.0.4-3.fc28.x86_64 libselinux-2.7-11.fc28.x86_64 pcre2-10.31-3.fc28.x86_64 (gdb) t a a bt Thread 3 (Thread 0x7fe82c0c8400 (LWP 5709)): #0 0x00007fe82b044949 in poll () from /lib64/libc.so.6 #1 0x000000000040b04c in poll (__timeout=-1, __nfds=3, __fds=0x7ffe523c4520) at /usr/include/bits/poll2.h:46 #2 accept_incoming_connections (socks=socks@entry=0x1f283b0, nr_socks=2) at sockets.c:333 #3 0x0000000000404e41 in start_serving () at main.c:818 #4 main () at main.c:598 #5 0x00007fe82af781bb in __libc_start_main () from /lib64/libc.so.6 #6 0x000000000040529a in _start () Thread 2 (Thread 0x7fe81c435700 (LWP 5725)): #0 0x00007fe82b046d27 in select () from /lib64/libc.so.6 #1 0x00007fe8293113ad in pysleep (secs=<optimized out>) at /usr/src/debug/python3-3.6.5-1.fc28.x86_64/Modules/timemodule.c:1417 #2 time_sleep () at /usr/src/debug/python3-3.6.5-1.fc28.x86_64/Modules/timemodule.c:235 #3 0x00007fe8292a4f51 in _PyCFunction_FastCallDict () at /usr/src/debug/python3-3.6.5-1.fc28.x86_64/Objects/methodobject.c:209 #4 0x00007fe8292b6f8a in _PyCFunction_FastCallKeywords () at /usr/src/debug/python3-3.6.5-1.fc28.x86_64/Objects/methodobject.c:275 #5 0x00007fe82931a27d in call_function () at /usr/src/debug/python3-3.6.5-1.fc28.x86_64/Python/ceval.c:4824 #6 0x00007fe82935f08a in _PyEval_EvalFrameDefault () at /usr/src/debug/python3-3.6.5-1.fc28.x86_64/Python/ceval.c:3322 #7 0x00007fe829345ca8 in _PyEval_EvalCodeWithName (qualname=0x0, name=<optimized out>, closure=0x0, kwdefs=0x0, defcount=0, defs=0x0, kwstep=2, kwcount=<optimized out>, kwargs=<optimized out>, kwnames=<optimized out>, argcount=<optimized out>, args=<optimized out>, locals=0x0, globals=<optimized out>, _co=<optimized out>) at /usr/src/debug/python3-3.6.5-1.fc28.x86_64/Python/ceval.c:4174 #8 PyEval_EvalCodeEx () at /usr/src/debug/python3-3.6.5-1.fc28.x86_64/Python/ceval.c:4174 #9 0x00007fe829346c33 in function_call () at /usr/src/debug/python3-3.6.5-1.fc28.x86_64/Objects/funcobject.c:604 #10 0x00007fe8292a9aa3 in PyObject_Call () at /usr/src/debug/python3-3.6.5-1.fc28.x86_64/Objects/abstract.c:2261 #11 0x00007fe8292d7e58 in PyEval_CallObjectWithKeywords () at /usr/src/debug/python3-3.6.5-1.fc28.x86_64/Python/ceval.c:4744 #12 0x00007fe8292d7eb7 in PyObject_CallObject (o=<optimized out>, a=a@entry=({},)) at /usr/src/debug/python3-3.6.5-1.fc28.x86_64/Objects/abstract.c:2187 #13 0x00007fe829704b77 in py_close (handle=0x7fe82bffe750) at python.c:340 #14 0x000000000040a498 in plugin_close (b=<optimized out>, conn=0x7fe814000b80) at plugins.c:283 #15 0x0000000000406aa2 in free_connection (conn=0x7fe814000b80) at connections.c:378 #16 _handle_single_connection (sockout=<optimized out>, sockin=<optimized out>) at connections.c:316 #17 handle_single_connection (sockin=<optimized out>, sockout=<optimized out>) at connections.c:326 #18 0x000000000040a939 in start_thread (datav=0x1f8c610) at sockets.c:262 #19 0x00007fe82b31b564 in start_thread () from /lib64/libpthread.so.0 #20 0x00007fe82b04f33f in clone () from /lib64/libc.so.6 Thread 1 (Thread 0x7fe81bc34700 (LWP 5733)): #0 PyUnicode_InternInPlace () at /usr/src/debug/python3-3.6.5-1.fc28.x86_64/Objects/unicodeobject.c:15302 #1 0x00007fe8292ba1ee in PyUnicode_InternFromString () at /usr/src/debug/python3-3.6.5-1.fc28.x86_64/Objects/unicodeobject.c:15336 #2 0x00007fe8292baa02 in PyObject_GetAttrString () at /usr/src/debug/python3-3.6.5-1.fc28.x86_64/Objects/object.c:793 #3 0x00007fe82970358d in callback_defined (name=<optimized out>, obj_rtn=0x7fe81bc33c70) at python.c:94 #4 0x00007fe829703fbb in py_open (readonly=0) at python.c:308 #5 0x000000000040a518 in plugin_open (b=0x1f4b9f0, conn=0x7fe80c000b80, readonly=0) at plugins.c:249 #6 0x00000000004067d4 in _handle_single_connection (sockout=7, sockin=7) at connections.c:356 #7 handle_single_connection (sockin=7, sockout=7) at connections.c:326 #8 0x000000000040a939 in start_thread (datav=0x1f93fb0) at sockets.c:262 #9 0x00007fe82b31b564 in start_thread () from /lib64/libpthread.so.0 #10 0x00007fe82b04f33f in clone () from /lib64/libc.so.6
*** Bug 1566522 has been marked as a duplicate of this bug. ***
Fix upstream: https://github.com/libguestfs/nbdkit/commit/344c787ba8a9aa6d55aa08edba230997e3525aef https://github.com/libguestfs/nbdkit/commit/9e6d990f974b05697f9d917ba14f6df94f68cedb The first one is a code refactoring to make the second patch (the actual fix) clearer.
Fixed in 1.2.2.
I don't think I have any way to file bugs directly against nbdkit in RHEV-M so I'll have to use this bug. Here is the new build: https://brewweb.engineering.redhat.com/brew/taskinfo?taskID=15862451
This message is a reminder that Fedora 28 is nearing its end of life. On 2019-May-28 Fedora will stop maintaining and issuing updates for Fedora 28. It is Fedora's policy to close all bug reports from releases that are no longer maintained. At that time this bug will be closed as EOL if it remains open with a Fedora 'version' of '28'. Package Maintainer: If you wish for this bug to remain open because you plan to fix it in a currently maintained version, simply change the 'version' to a later Fedora version. Thank you for reporting this issue and we are sorry that we were not able to fix it before Fedora 28 is end of life. If you would still like to see this bug fixed and are able to reproduce it against a later version of Fedora, you are encouraged change the 'version' to a later Fedora version prior this bug is closed as described in the policy above. Although we aim to fix as many bugs as possible during every release's lifetime, sometimes those efforts are overtaken by events. Often a more recent Fedora release includes newer upstream software that fixes bugs or makes them obsolete.
Fedora 28 changed to end-of-life (EOL) status on 2019-05-28. Fedora 28 is no longer maintained, which means that it will not receive any further security or bug fix updates. As a result we are closing this bug. If you can reproduce this bug against a currently maintained version of Fedora please feel free to reopen this bug against that version. If you are unable to reopen this bug, please file a new report against the current release. If you experience problems, please add a comment to this bug. Thank you for reporting this bug and we are sorry it could not be fixed.