qemu-devel
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Qemu-devel] Qemu aborted in ide_restart_bh after migration

From: Wang King
Subject: [Qemu-devel] Qemu aborted in ide_restart_bh after migration
Date: Sat, 10 Feb 2018 16:29:25 +0800 
Empty IDE CD-ROM configured on the VM:
    <disk type='file' device='cdrom'>
      <driver name='qemu' type='raw' cache='none' io='threads'/>
      <target dev='hdb' bus='ide'/>
      <readonly/>
      <address type='drive' controller='0' bus='0' target='0' unit='1'/>
    </disk>
Make migration for this VM, then qemu aborted in ide_restart_bh. IDEState expect
end_transfer_func equal to ide_atapi_cmd, but it refer to 
ide_dummy_transfer_stop.
I have no idea about this, can anyone help me?

qemu version is 2.8.1
(gdb) bt
#0  0x00007fcff7c4b157 in raise () from /usr/lib64/libc.so.6
#1  0x00007fcff7c4c848 in abort () from /usr/lib64/libc.so.6
#2  0x00007fcff7c441c6 in __assert_fail_base () from /usr/lib64/libc.so.6
#3  0x00007fcff7c44272 in __assert_fail () from /usr/lib64/libc.so.6
#4  0x00000000006207ab in ide_restart_bh (opaque=0x38b3430) at 
hw/ide/core.c:2570
#5  0x0000000000763a6f in aio_bh_poll (address@hidden) at async.c:115
#6  0x0000000000770948 in aio_dispatch (ctx=0x234f940) at aio_posix.c:303
#7  0x00000000007638e1 in aio_ctx_dispatch (source=<optimized out>, 
callback=<optimized out>, user_data=<optimized out>) at async.c:254
#8  0x00007fcff8e6799a in g_main_context_dispatch () from 
/usr/lib64/libglib-2.0.so.0
#9  0x000000000076e606 in glib_pollfds_poll () at main_loop.c:228
#10 0x000000000076e6ab in os_host_main_loop_wait (timeout=0) at main_loop.c:273
#11 0x000000000076e7d5 in main_loop_wait (address@hidden) at main_loop.c:521
#12 0x000000000056b911 in main_loop () at vl.c:2089
#13 0x0000000000420805 in main (argc=<optimized out>, argv=<optimized out>, 
envp=<optimized out>) at vl.c:4964
(gdb) f 4
#4  0x00000000006207ab in ide_restart_bh (opaque=0x38b3430)
2570            assert(s->end_transfer_func == ide_atapi_cmd);
(gdb) p *bus
$7 = {qbus = {obj = {class = 0x2313a30, free = 0x0, properties = 0x3871520, ref 
= 2, parent = 0x38b2b00}, parent = 0x38b2b00, name = 0x3980af0 "ide.0", 
hotplug_handler = 0x0, max_index = 1, realized = true,
    children = {tqh_first = 0x349e050, tqh_last = 0x349e060}, sibling = 
{le_next = 0x0, le_prev = 0x38b3d68}}, master = 0x0, slave = 0x349e3c0, ifs = 
{{bus = 0x38b3430, unit = 0 '\000', drive_kind = IDE_HD,
      cylinders = 0, heads = 0, sectors = 0, chs_trans = 0, nb_sectors = 0, 
mult_sectors = 16, identify_set = 0, identify_data = '\000' <repeats 511 
times>, drive_serial = 1,
      drive_serial_str = '\000' <repeats 20 times>, drive_model_str = '\000' 
<repeats 40 times>, wwn = 0, feature = 0 '\000', error = 1 '\001', nsector = 0, 
sector = 0 '\000', lcyl = 96 '`',
      hcyl = 0 '\000', hob_feature = 0 '\000', hob_nsector = 0 '\000', 
hob_sector = 0 '\000', hob_lcyl = 0 '\000', hob_hcyl = 0 '\000', select = 160 
'\240', status = 80 'P', lba48 = 0 '\000', blk = 0x0,
      version = "\000\000\000\000\000\000\000\000", events = {eject_request = 
false, new_media = false}, sense_key = 0 '\000', asc = 0 '\000', tray_open = 
false, tray_locked = false,
      cdrom_changed = 0 '\000', packet_transfer_size = 0, 
elementary_transfer_size = 0, io_buffer_index = 0, lba = 0, cd_sector_size = 0, 
atapi_dma = 0, acct = {bytes = 0, start_time_ns = 0,
        type = BLOCK_ACCT_READ}, pio_aiocb = 0x0, iov = {iov_base = 0x0, 
iov_len = 0}, qiov = {iov = 0x0, niov = 0, nalloc = 0, size = 0}, 
buffered_requests = {lh_first = 0x0}, io_buffer_offset = 0,
      io_buffer_size = 0, sg = {sg = 0x0, nsg = 0, nalloc = 0, size = 0, dev = 
0x0, as = 0x0}, req_nb_sectors = 0, end_transfer_func = 0x61b780 
<ide_dummy_transfer_stop>,
      data_ptr = 0x7fcffd126800 "\377\377\377\377", data_end = 0x7fcffd126800 
"\377\377\377\377", io_buffer = 0x7fcffd126800 "\377\377\377\377", 
io_buffer_total_len = 131076, cur_io_buffer_offset = 0,
      cur_io_buffer_len = 0, end_transfer_fn_idx = 0 '\000', sector_write_timer 
= 0x39e5c60, irq_count = 0, ext_error = 0 '\000', mdata_size = 0, mdata_storage 
= 0x0, media_changed = 0,
      dma_cmd = IDE_DMA_READ, smart_enabled = 0 '\000', smart_autosave = 0 
'\000', smart_errors = 0, smart_selftest_count = 0 '\000', smart_selftest_data 
= 0x39e6000 "", ncq_queues = 0}, {bus = 0x38b3430,
      unit = 1 '\001', drive_kind = IDE_CD, cylinders = 0, heads = 0, sectors = 
0, chs_trans = 0, nb_sectors = 0, mult_sectors = 16, identify_set = 1,
      identify_data = "\300\205", '\000' <repeats 18 times>, "MQ0000 2", ' ' 
<repeats 12 times>, "\003\000\000\002\004\000.2+5    EQUMD DVR-MO", ' ' 
<repeats 28 times>, "\000\000\001\000\000\003\000\000\000\000\000\000\a", 
'\000' <repeats 17 times>, 
"\a\000\a\000\003\000\264\000\264\000,\001\264\000\000\000\000\000\036\000\036",
 '\000' <repeats 15 times>, "\036", '\000' <repeats 15 times>, "?", '\000' 
<repeats 334 times>, drive_serial = 2, drive_serial_str = "QM00002", '\000' 
<repeats 13 times>, drive_model_str = "QEMU DVD-ROM", '\000' <repeats 28 
times>, wwn = 0, feature = 0 '\000', error = 0 '\000', nsector = 3,
      sector = 0 '\000', lcyl = 18 '\022', hcyl = 0 '\000', hob_feature = 0 
'\000', hob_nsector = 3 '\003', hob_sector = 0 '\000', hob_lcyl = 0 '\000', 
hob_hcyl = 0 '\000', select = 176 '\260',
      status = 80 'P', lba48 = 0 '\000', blk = 0x2498650, version = 
"2.5+\000\000\000\000", events = {eject_request = false, new_media = false}, 
sense_key = 2 '\002', asc = 58 ':', tray_open = false,
      tray_locked = false, cdrom_changed = 0 '\000', packet_transfer_size = 0, 
elementary_transfer_size = 0, io_buffer_index = 0, lba = 0, cd_sector_size = 0, 
atapi_dma = 0, acct = {bytes = 0,
        start_time_ns = 0, type = BLOCK_ACCT_READ}, pio_aiocb = 0x0, iov = 
{iov_base = 0x0, iov_len = 0}, qiov = {iov = 0x0, niov = 0, nalloc = 0, size = 
0}, buffered_requests = {lh_first = 0x0},
      io_buffer_offset = 0, io_buffer_size = 0, sg = {sg = 0x0, nsg = 0, nalloc 
= 0, size = 0, dev = 0x0, as = 0x0}, req_nb_sectors = 0, end_transfer_func = 
0x61b780 <ide_dummy_transfer_stop>,
      data_ptr = 0x7fcff03ca800 "\377\377\377\377", data_end = 0x7fcff03ca800 
"\377\377\377\377", io_buffer = 0x7fcff03ca800 "\377\377\377\377", 
io_buffer_total_len = 131076, cur_io_buffer_offset = 0,
      cur_io_buffer_len = 0, end_transfer_fn_idx = 0 '\000', sector_write_timer 
= 0x39e5ca0, irq_count = 0, ext_error = 0 '\000', mdata_size = 0, mdata_storage 
= 0x0, media_changed = 0,
      dma_cmd = IDE_DMA_READ, smart_enabled = 1 '\001', smart_autosave = 1 
'\001', smart_errors = 0, smart_selftest_count = 0 '\000', smart_selftest_data 
= 0x39e7000 "", ncq_queues = 0}}, bh = 0x0,
  bus_id = 0, max_units = 2, dma = 0x38b45f0, unit = 1 '\001', cmd = 8 '\b', 
irq = 0x39e5ce0, error_status = 0, retry_unit = 1 '\001', retry_sector_num = 
-1, retry_nsector = 2, portio_list = {
    ports = 0xe61a20 <ide_portio_list>, owner = 0x0, address_space = 0x23527e0, 
nr = 1, regions = 0x3980b10, opaque = 0x38b3430, name = 0x8d2724 "ide", 
flush_coalesced_mmio = false}, portio2_list = {
    ports = 0xe619c0 <ide_portio2_list>, owner = 0x0, address_space = 
0x23527e0, nr = 1, regions = 0x39b3400, opaque = 0x38b3430, name = 0x8d2724 
"ide", flush_coalesced_mmio = false}, vmstate = 0x39e5eb0}
(gdb) p *(BMDMAState*)0x38b45f0
$9 = {dma = {ops = 0xd51280 <bmdma_ops>, iov = {iov_base = 0x0, iov_len = 0}, 
qiov = {iov = 0x0, niov = 0, nalloc = 0, size = 0}, aiocb = 0x0}, cmd = 0 
'\000', status = 4 '\004', addr = 0, bus = 0x38b3430,
  cur_addr = 0, cur_prd_last = 0, cur_prd_addr = 0, cur_prd_len = 0, dma_cb = 
0x0, addr_ioport = {parent_obj = {class = 0x2327d00, free = 0x0, properties = 
0x3871180, ref = 1, parent = 0x38b2b00},
    romd_mode = true, ram = false, subpage = false, readonly = false, 
rom_device = false, flush_coalesced_mmio = false, global_locking = true, 
dirty_log_mask = 0 '\000', ram_block = 0x0, owner = 0x38b2b00,
    iommu_ops = 0x0, ops = 0xe8c8c0 <bmdma_addr_ioport_ops>, opaque = 
0x38b45f0, container = 0x38b4b20, size = 0x00000000000000000000000000000004, 
addr = 4,
    destructor = 0x46fc40 <memory_region_destructor_none>, align = 0, 
terminates = true, ram_device = false, enabled = true, warning_printed = false, 
vga_logging_count = 0 '\000', alias = 0x0,
    alias_offset = 0, priority = 0, subregions = {tqh_first = 0x0, tqh_last = 
0x38b46f8}, subregions_link = {tqe_next = 0x38b4750, tqe_prev = 0x38b4a98}, 
coalesced = {tqh_first = 0x0, tqh_last = 0x38b4718},
    name = 0x38e90c0 "bmdma", ioeventfd_nb = 0, ioeventfds = 0x0, iommu_notify 
= {lh_first = 0x0}, iommu_notify_flags = IOMMU_NOTIFIER_NONE}, extra_io = 
{parent_obj = {class = 0x2327d00, free = 0x0,
      properties = 0x3871060, ref = 1, parent = 0x38b2b00}, romd_mode = true, 
ram = false, subpage = false, readonly = false, rom_device = false, 
flush_coalesced_mmio = false, global_locking = true,
    dirty_log_mask = 0 '\000', ram_block = 0x0, owner = 0x38b2b00, iommu_ops = 
0x0, ops = 0xd516c0 <piix_bmdma_ops>, opaque = 0x38b45f0, container = 
0x38b4b20, size = 0x00000000000000000000000000000004,
    addr = 0, destructor = 0x46fc40 <memory_region_destructor_none>, align = 0, 
terminates = true, ram_device = false, enabled = true, warning_printed = false, 
vga_logging_count = 0 '\000', alias = 0x0,
    alias_offset = 0, priority = 0, subregions = {tqh_first = 0x0, tqh_last = 
0x38b47f8}, subregions_link = {tqe_next = 0x0, tqe_prev = 0x38b4708}, coalesced 
= {tqh_first = 0x0, tqh_last = 0x38b4818},
    name = 0x38b6af0 "piix-bmdma", ioeventfd_nb = 0, ioeventfds = 0x0, 
iommu_notify = {lh_first = 0x0}, iommu_notify_flags = IOMMU_NOTIFIER_NONE}, irq 
= 0x285c930, migration_compat_status = 36 '$',
  migration_retry_unit = 1 '\001', migration_retry_sector_num = -1, 
migration_retry_nsector = 2, pci_dev = 0x38b2b00}
(gdb)

-- 
2.8.3
reply via email to
[Prev in Thread] Current Thread [Next in Thread]