1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
|
debug: 0.965
permissions: 0.946
semantic: 0.938
boot: 0.928
ppc: 0.927
socket: 0.918
graphic: 0.913
assembly: 0.913
architecture: 0.912
vnc: 0.912
register: 0.908
PID: 0.906
performance: 0.900
KVM: 0.899
TCG: 0.892
VMM: 0.891
x86: 0.884
mistranslation: 0.874
virtual: 0.873
device: 0.868
peripherals: 0.867
arm: 0.858
files: 0.853
kernel: 0.850
risc-v: 0.844
user-level: 0.822
network: 0.818
hypervisor: 0.811
i386: 0.714
seg fault in ivshmem when using ioeventfd=on
When launching qemu with the ivshmem device and the nahanni guest server there is segmentation fault in the setup_ioeventfds function of ivshmem.c. If the ioeventfd=on flag is set the pci_ivshmem_init will call setup_ioeventfds at line 668. This function relies on the 'peers' member of the server info which is not allocated until line 669.
To reproduce you will need the nahanni guest server code. The driver code is not needed. You will also need a qcow2 or other bootable image to use for launching qemu. The error occurs before the actual image launch.
Start the nahanni ivshmem server with a small global memory space ( although the bug is not allocation specific )
ivshmem -m 1 -n 2 -p /tmp/ivshmem_socket
Next launch qemu with initialization for the ivshmem device.
qemu-system-x86_64 -hda test_iso.qcow2 -localtime -boot c -chardev socket,path="/tmp/ivshmem_socket",id=ivshmem_socket -device ivshmem,chardev=ivshmem_socket,size=1,ioeventfd=on
If gdb is used the following error is recorded:
Program received signal SIGSEGV, Segmentation fault.
0x000055555579dd52 in setup_ioeventfds (s=0x555556619580)
at /home/genes/work/ubuntu/qemu-kvm-1.0+noroms/hw/ivshmem.c:367
367 for (j = 0; j < s->peers[i].nb_eventfds; j++) {
(gdb) print s->peers
$2 = (Peer *) 0x0
When I tried the same thing with git master (latest) I get a different error:
qemu_chr_fe_claim_no_fail: error chardev "(null)" already used
Hello,
The patch for this later bug has been proposed. I'm not sure why it's not
merged.
http://patchwork.ozlabs.org/patch/316785/
Cheers,
Cam
On Thu, May 1, 2014 at 10:53 AM, Gene Snider <email address hidden> wrote:
> When I tried the same thing with git master (latest) I get a different
> error:
> qemu_chr_fe_claim_no_fail: error chardev "(null)" already used
>
> ** Also affects: qemu-kvm (Ubuntu)
> Importance: Undecided
> Status: New
>
> --
> You received this bug notification because you are a member of qemu-
> devel-ml, which is subscribed to QEMU.
> https://bugs.launchpad.net/bugs/1314857
>
> Title:
> seg fault in ivshmem when using ioeventfd=on
>
> Status in QEMU:
> New
> Status in “qemu-kvm” package in Ubuntu:
> New
>
> Bug description:
> When launching qemu with the ivshmem device and the nahanni guest
> server there is segmentation fault in the setup_ioeventfds function of
> ivshmem.c. If the ioeventfd=on flag is set the pci_ivshmem_init will
> call setup_ioeventfds at line 668. This function relies on the 'peers'
> member of the server info which is not allocated until line 669.
>
> To reproduce you will need the nahanni guest server code. The driver
> code is not needed. You will also need a qcow2 or other bootable image
> to use for launching qemu. The error occurs before the actual image
> launch.
>
> Start the nahanni ivshmem server with a small global memory space (
> although the bug is not allocation specific )
> ivshmem -m 1 -n 2 -p /tmp/ivshmem_socket
>
> Next launch qemu with initialization for the ivshmem device.
> qemu-system-x86_64 -hda test_iso.qcow2 -localtime -boot c -chardev
> socket,path="/tmp/ivshmem_socket",id=ivshmem_socket -device
> ivshmem,chardev=ivshmem_socket,size=1,ioeventfd=on
>
> If gdb is used the following error is recorded:
> Program received signal SIGSEGV, Segmentation fault.
> 0x000055555579dd52 in setup_ioeventfds (s=0x555556619580)
> at /home/genes/work/ubuntu/qemu-kvm-1.0+noroms/hw/ivshmem.c:367
> 367 for (j = 0; j < s->peers[i].nb_eventfds; j++) {
> (gdb) print s->peers
> $2 = (Peer *) 0x0
>
> To manage notifications about this bug go to:
> https://bugs.launchpad.net/qemu/+bug/1314857/+subscriptions
>
>
Fix had been included here:
https://git.qemu.org/?p=qemu.git;a=commitdiff;h=e9d21c436f716603b3
|