Bug 639311 - KVM assert fail: qiov->iov[i].iov_len >= 512 in raw_aio_writev
KVM assert fail: qiov->iov[i].iov_len >= 512 in raw_aio_writev
Status: CLOSED RAWHIDE
Product: Fedora
Classification: Fedora
Component: qemu (Show other bugs)
14
All Linux
low Severity medium
: ---
: ---
Assigned To: Justin M. Forbes
Fedora Extras Quality Assurance
:
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2010-10-01 08:25 EDT by Richard W.M. Jones
Modified: 2013-01-09 06:40 EST (History)
17 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2010-11-13 02:19:44 EST
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description Richard W.M. Jones 2010-10-01 08:25:08 EDT
Description of problem:

I can get this assertion failure consistently every time I
install a FreeBSD 8.0 amd64 guest.

Version-Release number of selected component (if applicable):

qemu-0.13.0-0.7.rc1.fc14.x86_64

How reproducible:

100%

Steps to Reproduce:
1. sudo lvcreate -n FreeBSD8x64 -L 10G /dev/vg_pin
2. sudo virt-install -r 768 --accelerate -n FreeBSD8x64 -f /dev/vg_pin/FreeBSD8x64 --cdrom /tmp/8.0-RELEASE-amd64-dvd1.iso
3. Go through the FreeBSD install screens.  KVM segfaults very shortly
after FreeBSD starts to write to the disk (writing partition tables and
filesystems etc).

Actual results:

Segfault with stack trace below.

Expected results:

Shouldn't segfault!

Additional info:

#0  0x0000003fa8234065 in raise (sig=6)
    at ../nptl/sysdeps/unix/sysv/linux/raise.c:64
#1  0x0000003fa8235a16 in abort () at abort.c:92
#2  0x0000003fa822c8a5 in __assert_fail (
    assertion=0x5b60dc "qiov->iov[i].iov_len >= 512", 
    file=<value optimized out>, line=130, function=<value optimized out>)
    at assert.c:81
#3  0x000000000043d8b7 in raw_aio_writev (bs=0x21b73d0, sector_num=68, 
    qiov=0x7fcc70034ac8, nb_sectors=1, cb=0x7fcc782cd710, opaque=0x3fa8361402)
    at block/raw.c:130
#4  0x0000000000439492 in bdrv_aio_writev (bs=0x21b73d0, sector_num=68, 
    qiov=<value optimized out>, nb_sectors=1, cb=0x5561a0 <dma_bdrv_cb>, 
    opaque=<value optimized out>) at block.c:2023
#5  0x00000000005562f5 in dma_bdrv_cb (opaque=0x7fcc70034a70, 
    ret=<value optimized out>)
    at /usr/src/debug/qemu-kvm-0.13.0-rc1/dma-helpers.c:120
#6  0x00000000005563e4 in dma_bdrv_io (bs=0x21b73d0, sg=0x2521370, 
    sector_num=68, cb=<value optimized out>, opaque=<value optimized out>, 
    is_write=1) at /usr/src/debug/qemu-kvm-0.13.0-rc1/dma-helpers.c:167
#7  0x0000000000550165 in ide_write_dma_cb (opaque=0x2521dd0, 
    ret=<value optimized out>)
    at /usr/src/debug/qemu-kvm-0.13.0-rc1/hw/ide/core.c:748
#8  0x00000000005520ab in bmdma_cmd_writeb (opaque=0x2521dd0, 
    addr=<value optimized out>, val=1)
    at /usr/src/debug/qemu-kvm-0.13.0-rc1/hw/ide/pci.c:70
#9  0x00000000004299af in kvm_handle_io (env=0x21bcd70)
    at /usr/src/debug/qemu-kvm-0.13.0-rc1/kvm-all.c:760
#10 kvm_run (env=0x21bcd70)
    at /usr/src/debug/qemu-kvm-0.13.0-rc1/qemu-kvm.c:645
#11 0x000000000042a429 in kvm_cpu_exec (env=<value optimized out>)
    at /usr/src/debug/qemu-kvm-0.13.0-rc1/qemu-kvm.c:1238
#12 0x000000000042a669 in kvm_main_loop_cpu (_env=0x21bcd70)
    at /usr/src/debug/qemu-kvm-0.13.0-rc1/qemu-kvm.c:1495
#13 ap_main_loop (_env=0x21bcd70)
    at /usr/src/debug/qemu-kvm-0.13.0-rc1/qemu-kvm.c:1541
#14 0x0000003fa8606d5b in start_thread (arg=0x7fcc782cd710)
    at pthread_create.c:301
#15 0x0000003fa82e3e1d in clone ()
    at ../sysdeps/unix/sysv/linux/x86_64/clone.S:115
Comment 1 Richard W.M. Jones 2010-10-01 15:40:55 EDT
Seen the same problem for a Windows 7 guest which was doing
a chkdsk operation:

LC_ALL=C PATH=/sbin:/usr/sbin:/bin:/usr/bin QEMU_AUDIO_DRV=none /usr/bin/qemu-kvm -S -M fedora-13 -enable-kvm -m 1024 -smp 1,sockets=1,cores=1,threads=1 -name Win7x32 -uuid 45698c08-9cd0-1022-7851-bae7f2af4273 -nodefconfig -nodefaults -chardev socket,id=monitor,path=/var/lib/libvirt/qemu/Win7x32.monitor,server,nowait -mon chardev=monitor,mode=readline -rtc base=utc -boot c -drive file=/dev/vg_pin/Win7x32,if=none,id=drive-ide0-0-0,boot=on,format=raw -device ide-drive,bus=ide.0,unit=0,drive=drive-ide0-0-0,id=ide0-0-0 -drive if=none,media=cdrom,id=drive-ide0-1-0,readonly=on,format=raw -device ide-drive,bus=ide.1,unit=0,drive=drive-ide0-1-0,id=ide0-1-0 -device rtl8139,vlan=0,id=net0,mac=52:54:00:83:36:bc,bus=pci.0,addr=0x4 -net tap,fd=45,vlan=0,name=hostnet0 -chardev pty,id=serial0 -device isa-serial,chardev=serial0 -usb -vnc 127.0.0.1:0 -k en-gb -vga cirrus -device virtio-balloon-pci,id=balloon0,bus=pci.0,addr=0x3 
char device redirected to /dev/pts/29
qemu-kvm: block/raw.c:130: raw_aio_writev: Assertion `qiov->iov[i].iov_len >= 512' failed.

Updating summary to reflect this is not just a FreeBSD issue.
Comment 2 MikeP 2010-10-12 08:03:49 EDT
I can confirm this for Windows XP installing from .iso

VXD.log

LC_ALL=C PATH=/sbin:/usr/sbin:/bin:/usr/bin QEMU_AUDIO_DRV=none /usr/bin/qemu -S -M pc-0.13 -no-kvm -m 512 -smp 1,sockets=1,cores=1,threads=1 -name VXD -uuid a3c0625a-cb68-babc-d68d-973c55fd8ee4 -nodefconfig -nodefaults -chardev socket,id=monitor,path=/var/lib/libvirt/qemu/VXD.monitor,server,nowait -mon chardev=monitor,mode=readline -rtc base=localtime -no-reboot -boot d -drive file=/var/lib/libvirt/images/VXD.img,if=none,id=drive-ide0-0-0,format=raw -device ide-drive,bus=ide.0,unit=0,drive=drive-ide0-0-0,id=ide0-0-0 -drive file=/var/lib/libvirt/images/xpfile.iso,if=none,media=cdrom,id=drive-ide0-1-0,readonly=on,format=raw -device ide-drive,bus=ide.1,unit=0,drive=drive-ide0-1-0,id=ide0-1-0 -device rtl8139,vlan=0,id=net0,mac=52:54:00:cc:eb:38,bus=pci.0,addr=0x3 -net tap,fd=37,vlan=0,name=hostnet0 -chardev pty,id=serial0 -device isa-serial,chardev=serial0 -usb -device usb-tablet,id=input0 -vnc 127.0.0.1:0 -vga std -device AC97,id=sound0,bus=pci.0,addr=0x4 -device virtio-balloon-pci,id=balloon0,bus=pci.0,addr=0x5
char device redirected to /dev/pts/1
qemu: block/raw.c:130: raw_aio_writev: Assertion `qiov->iov[i].iov_len >= 512' failed.
LC_ALL=C PATH=/sbin:/usr/sbin:/bin:/usr/bin QEMU_AUDIO_DRV=none /usr/bin/qemu -S -M pc-0.13 -no-kvm -m 512 -smp 1,sockets=1,cores=1,threads=1 -name VXD -uuid a3c0625a-cb68-babc-d68d-973c55fd8ee4 -nodefconfig -nodefaults -chardev socket,id=monitor,path=/var/lib/libvirt/qemu/VXD.monitor,server,nowait -mon chardev=monitor,mode=readline -rtc base=localtime -no-reboot -boot c -drive file=/var/lib/libvirt/images/VXD.img,if=none,id=drive-ide0-0-0,format=raw -device ide-drive,bus=ide.0,unit=0,drive=drive-ide0-0-0,id=ide0-0-0 -drive file=/var/lib/libvirt/images/xpfile.iso,if=none,media=cdrom,id=drive-ide0-1-0,readonly=on,format=raw -device ide-drive,bus=ide.1,unit=0,drive=drive-ide0-1-0,id=ide0-1-0 -device rtl8139,vlan=0,id=net0,mac=52:54:00:cc:eb:38,bus=pci.0,addr=0x3 -net tap,fd=37,vlan=0,name=hostnet0 -chardev pty,id=serial0 -device isa-serial,chardev=serial0 -usb -device usb-tablet,id=input0 -vnc 127.0.0.1:0 -vga std -device AC97,id=sound0,bus=pci.0,addr=0x4 -device virtio-balloon-pci,id=balloon0,bus=pci.0,addr=0x5
char device redirected to /dev/pts/1
Comment 3 MikeP 2010-10-12 08:10:00 EDT
Just struck me that the comments I added to Bug 579348 are infact related to this. However it would be interesting to see if once this error is resolved then does the FC14 version fix Bug 579348 or is this just hidding a bug I have yet to get to ?

All tests from me above on

[root@opti14 qemu]# uname -a
Linux opti14.maphome.mp 2.6.35.6-39.fc14.i686.PAE #1 SMP Fri Oct 8 16:14:05 UTC 2010 i686 i686 i386 GNU/Linux

Machine Dell optiplex 620

[root@opti14 qemu]# cat /proc/cpuinfo
processor       : 0
vendor_id       : GenuineIntel
cpu family      : 15
model           : 4
model name      : Intel(R) Pentium(R) 4 CPU 3.00GHz
stepping        : 3
cpu MHz         : 3000.000
cache size      : 2048 KB
physical id     : 0
siblings        : 2
core id         : 0
cpu cores       : 1
apicid          : 0
initial apicid  : 0
fdiv_bug        : no
hlt_bug         : no
f00f_bug        : no
coma_bug        : no
fpu             : yes
fpu_exception   : yes
cpuid level     : 5
wp              : yes
flags           : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush dts acpi mmx fxsr sse sse2 ss ht tm pbe nx lm constant_tsc pebs bts pni dtes64 monitor ds_cpl est cid cx16 xtpr
bogomips        : 5984.97
clflush size    : 64
cache_alignment : 128
address sizes   : 36 bits physical, 48 bits virtual
power management:



All FC Beta updates installed as of 12 Oct 2010
Comment 4 Reb 2010-10-12 22:46:58 EDT
I'm getting this too -- with any version of Windows I try. This includes XP and Windows 7 both 32 and 64 bit when installing from .iso or a DVD.  I'm on FC14 beta with all updates installed as of 12 Oct 2010

LC_ALL=C PATH=/sbin:/usr/sbin:/bin:/usr/bin QEMU_AUDIO_DRV=none /usr/bin/qemu-kvm -S -M pc-0.13 -cpu qemu32 -enable-kvm -m 1024 -smp 1,sockets=1,cores=1,threads=1 -name W7 -uuid 484ccd95-fecc-4a40-a052-e28592d393f3 -nodefconfig -nodefaults -chardev socket,id=monitor,path=/var/lib/libvirt/qemu/W7.monitor,server,nowait -mon chardev=monitor,mode=readline -rtc base=localtime -no-reboot -boot d -drive file=/stuff/vm/Win7,if=none,id=drive-ide0-0-0,format=raw -device ide-drive,bus=ide.0,unit=0,drive=drive-ide0-0-0,id=ide0-0-0 -drive file=/stuff/Windows ISO/Windows7_ultimate_x32.iso,if=none,media=cdrom,id=drive-ide0-1-0,readonly=on,format=raw -device ide-drive,bus=ide.1,unit=0,drive=drive-ide0-1-0,id=ide0-1-0 -device rtl8139,vlan=0,id=net0,mac=52:54:00:15:78:ae,bus=pci.0,addr=0x3 -net tap,fd=51,vlan=0,name=hostnet0 -chardev pty,id=serial0 -device isa-serial,chardev=serial0 -usb -device usb-tablet,id=input0 -vnc 127.0.0.1:0 -vga std -device AC97,id=sound0,bus=pci.0,addr=0x4 -device virtio-balloon-pci,id=balloon0,bus=pci.0,addr=0x5 
char device redirected to /dev/pts/3
qemu-kvm: block/raw.c:130: raw_aio_writev: Assertion `qiov->iov[i].iov_len >= 512' failed.
LC_ALL=C PATH=/sbin:/usr/sbin:/bin:/usr/bin QEMU_AUDIO_DRV=none /usr/bin/qemu-kvm -S -M pc-0.13 -cpu qemu32 -enable-kvm -m 1024 -smp 1,sockets=1,cores=1,threads=1 -name W7 -uuid 484ccd95-fecc-4a40-a052-e28592d393f3 -nodefconfig -nodefaults -chardev socket,id=monitor,path=/var/lib/libvirt/qemu/W7.monitor,server,nowait -mon chardev=monitor,mode=readline -rtc base=localtime -no-reboot -boot c -drive file=/stuff/vm/Win7,if=none,id=drive-ide0-0-0,boot=on,format=raw -device ide-drive,bus=ide.0,unit=0,drive=drive-ide0-0-0,id=ide0-0-0 -drive file=/stuff/Windows ISO/Windows7_ultimate_x32.iso,if=none,media=cdrom,id=drive-ide0-1-0,readonly=on,format=raw -device ide-drive,bus=ide.1,unit=0,drive=drive-ide0-1-0,id=ide0-1-0 -device rtl8139,vlan=0,id=net0,mac=52:54:00:15:78:ae,bus=pci.0,addr=0x3 -net tap,fd=51,vlan=0,name=hostnet0 -chardev pty,id=serial0 -device isa-serial,chardev=serial0 -usb -device usb-tablet,id=input0 -vnc 127.0.0.1:0 -vga std -device AC97,id=sound0,bus=pci.0,addr=0x4 -device virtio-balloon-pci,id=balloon0,bus=pci.0,addr=0x5 
char device redirected to /dev/pts/3
Comment 5 MikeP 2010-10-13 04:52:11 EDT
Took a look at the code:
    /* This is probably being paranoid, but handle cases of zero size
       vectors. */
    for (i = 0; i < qiov->niov; i++) {
        if (qiov->iov[i].iov_len) {
            assert(qiov->iov[i].iov_len >= 512);
            first_buf_index = i;
            break;
        }
    }
looks like being paranoid is the problem or is it ?
Will try to work back when I get time but dont have a build maachine so its
debug by code examination at the momment.

I have looked at the created .img after the assert/abort.

The disk is allocated
partition table sector zero written
but all other sectors are zero 

Mike
Comment 6 Amit Shah 2010-10-13 05:57:00 EDT
Kevin can you take a look at this
Comment 7 Kevin Wolf 2010-10-13 06:44:14 EDT
Commit 8b33d9ee needs to be reverted. Upstream stable-0.13 contains the revert, it has only been applied after -rc3, though.
Comment 8 Kevin Wolf 2010-10-13 06:45:52 EDT
Whoops, wrong commit number. 79368c81 is the commit to revert, 8b33d9ee was the revert commit in git master.
Comment 9 Richard W.M. Jones 2010-11-13 02:19:44 EST
Tested again with:

qemu-0.13.0-1.fc14.x86_64

I was able to get through a full FreeBSD 8 install, so this
seems to be resolved now.

Note You need to log in before you can comment on or make changes to this bug.