diff options
Diffstat (limited to 'results/classifier/118/graphic/1378554')
| -rw-r--r-- | results/classifier/118/graphic/1378554 | 218 |
1 files changed, 218 insertions, 0 deletions
diff --git a/results/classifier/118/graphic/1378554 b/results/classifier/118/graphic/1378554 new file mode 100644 index 000000000..94ec76116 --- /dev/null +++ b/results/classifier/118/graphic/1378554 @@ -0,0 +1,218 @@ +graphic: 0.890 +ppc: 0.883 +register: 0.854 +KVM: 0.835 +performance: 0.834 +TCG: 0.828 +VMM: 0.824 +hypervisor: 0.817 +mistranslation: 0.815 +debug: 0.808 +vnc: 0.806 +semantic: 0.805 +assembly: 0.802 +arm: 0.799 +permissions: 0.790 +device: 0.790 +user-level: 0.787 +peripherals: 0.783 +boot: 0.780 +network: 0.775 +files: 0.773 +risc-v: 0.769 +architecture: 0.759 +PID: 0.749 +kernel: 0.742 +virtual: 0.734 +socket: 0.712 +x86: 0.636 +i386: 0.565 + +qemu segfault in virtio_scsi_handle_cmd_req_submit on ARM 32 bit + +/home/rjones/d/qemu/arm-softmmu/qemu-system-arm \ + -global virtio-blk-device.scsi=off \ + -nodefconfig \ + -enable-fips \ + -nodefaults \ + -display none \ + -M virt \ + -machine accel=kvm:tcg \ + -m 500 \ + -no-reboot \ + -rtc driftfix=slew \ + -global kvm-pit.lost_tick_policy=discard \ + -kernel /home/rjones/d/libguestfs/tmp/.guestfs-1001/appliance.d/kernel \ + -initrd /home/rjones/d/libguestfs/tmp/.guestfs-1001/appliance.d/initrd \ + -device virtio-scsi-device,id=scsi \ + -drive file=/home/rjones/d/libguestfs/tmp/libguestfseV4fT5/scratch.1,cache=unsafe,format=raw,id=hd0,if=none \ + -device scsi-hd,drive=hd0 \ + -drive file=/home/rjones/d/libguestfs/tmp/.guestfs-1001/appliance.d/root,snapshot=on,id=appliance,cache=unsafe,if=none \ + -device scsi-hd,drive=appliance \ + -device virtio-serial-device \ + -serial stdio \ + -chardev socket,path=/home/rjones/d/libguestfs/tmp/libguestfseV4fT5/guestfsd.sock,id=channel0 \ + -device virtserialport,chardev=channel0,name=org.libguestfs.channel.0 \ + -append 'panic=1 mem=500M console=ttyAMA0 udevtimeout=6000 no_timer_check lpj=4464640 acpi=off printk.time=1 cgroup_disable=memory root=/dev/sdb selinux=0 guestfs_verbose=1 TERM=xterm-256color' + +The appliance boots, but segfaults as soon as the virtio-scsi driver is loaded: + +supermin: internal insmod virtio_scsi.ko +[ 3.992963] scsi0 : Virtio SCSI HBA +libguestfs: error: appliance closed the connection unexpectedly, see earlier error messages + +I captured a core dump: + +Core was generated by `/home/rjones/d/qemu/arm-softmmu/qemu-system-arm -global virtio-blk-device.scsi='. +Program terminated with signal SIGSEGV, Segmentation fault. +#0 0x000856bc in virtio_scsi_handle_cmd_req_submit (s=<optimized out>, + req=0x6c03acf8) at /home/rjones/d/qemu/hw/scsi/virtio-scsi.c:551 +551 bdrv_io_unplug(req->sreq->dev->conf.bs); +(gdb) bt +#0 0x000856bc in virtio_scsi_handle_cmd_req_submit (s=<optimized out>, + req=0x6c03acf8) at /home/rjones/d/qemu/hw/scsi/virtio-scsi.c:551 +#1 0x0008573a in virtio_scsi_handle_cmd (vdev=0xac4d68, vq=0xafe4b8) + at /home/rjones/d/qemu/hw/scsi/virtio-scsi.c:573 +#2 0x0004fdbe in access_with_adjusted_size (addr=80, + value=value@entry=0x4443e6c0, size=size@entry=4, access_size_min=1, + access_size_max=<optimized out>, access_size_max@entry=0, + access=access@entry=0x4fee9 <memory_region_write_accessor>, + mr=mr@entry=0xa53fa8) at /home/rjones/d/qemu/memory.c:480 +#3 0x00054234 in memory_region_dispatch_write (size=4, data=2, + addr=<optimized out>, mr=0xa53fa8) at /home/rjones/d/qemu/memory.c:1117 +#4 io_mem_write (mr=0xa53fa8, addr=<optimized out>, val=val@entry=2, + size=size@entry=4) at /home/rjones/d/qemu/memory.c:1958 +#5 0x00021c88 in address_space_rw (as=0x3b96b4 <address_space_memory>, + addr=167788112, buf=buf@entry=0x4443e790 "\002", len=len@entry=4, + is_write=is_write@entry=true) at /home/rjones/d/qemu/exec.c:2135 +#6 0x00021de6 in address_space_write (len=4, buf=0x4443e790 "\002", + addr=<optimized out>, as=<optimized out>) + at /home/rjones/d/qemu/exec.c:2202 +#7 subpage_write (opaque=<optimized out>, addr=<optimized out>, value=2, + len=4) at /home/rjones/d/qemu/exec.c:1811 +#8 0x0004fdbe in access_with_adjusted_size (addr=592, + value=value@entry=0x4443e820, size=size@entry=4, access_size_min=1, + access_size_max=<optimized out>, access_size_max@entry=0, + access=access@entry=0x4fee9 <memory_region_write_accessor>, + mr=mr@entry=0xaed980) at /home/rjones/d/qemu/memory.c:480 +#9 0x00054234 in memory_region_dispatch_write (size=4, data=2, + addr=<optimized out>, mr=0xaed980) at /home/rjones/d/qemu/memory.c:1117 +#10 io_mem_write (mr=0xaed980, addr=<optimized out>, val=2, size=size@entry=4) + at /home/rjones/d/qemu/memory.c:1958 +#11 0x00057f24 in io_writel (retaddr=1121296542, Cannot access memory at address 0x0 +addr=<optimized out>, val=2, + physaddr=592, env=0x9d6c50) at /home/rjones/d/qemu/softmmu_template.h:381 +#12 helper_le_stl_mmu (env=0x9d6c50, addr=<optimized out>, val=2, + mmu_idx=<optimized out>, retaddr=1121296542) + at /home/rjones/d/qemu/softmmu_template.h:419 +#13 0x42d5a0a0 in ?? () +Cannot access memory at address 0x0 +Backtrace stopped: previous frame identical to this frame (corrupt stack?) +(gdb) print req +$1 = (VirtIOSCSIReq *) 0x6c03acf8 +(gdb) print req->sreq +$2 = (SCSIRequest *) 0xc2c2c2c2 +(gdb) print req->sreq->dev +Cannot access memory at address 0xc2c2c2c6 +(gdb) print *req +$3 = { + dev = 0x6c000040, + vq = 0x6c000040, + qsgl = { + sg = 0x0, + nsg = 0, + nalloc = -1027423550, + size = 3267543746, + dev = 0xc2c2c2c2, + as = 0xc2c2c2c2 + }, + resp_iov = { + iov = 0xc2c2c2c2, + niov = -1027423550, + nalloc = -1027423550, + size = 3267543746 + }, + elem = { + index = 3267543746, + out_num = 3267543746, + in_num = 3267543746, + in_addr = {14033993530586874562 <repeats 1024 times>}, + out_addr = {14033993530586874562 <repeats 1024 times>}, + in_sg = {{ + iov_base = 0xc2c2c2c2, + iov_len = 3267543746 + } <repeats 1024 times>}, + out_sg = {{ + iov_base = 0xc2c2c2c2, + iov_len = 3267543746 + } <repeats 1024 times>} + }, + vring = 0xc2c2c2c2, + { + next = { + tqe_next = 0xc2c2c2c2, + tqe_prev = 0xc2c2c2c2 + }, + remaining = -1027423550 + }, + sreq = 0xc2c2c2c2, + resp_size = 3267543746, + mode = (SCSI_XFER_TO_DEV | unknown: 3267543744), + resp = { + cmd = { + sense_len = 3267543746, + resid = 3267543746, + status_qualifier = 49858, + status = 194 '\302', + response = 194 '\302' + }, + tmf = { + response = 194 '\302' + }, + an = { + event_actual = 3267543746, + response = 194 '\302' + }, + event = { + event = 3267543746, + lun = "\302\302\302\302\302\302\302", <incomplete sequence \302>, + reason = 3267543746 + } + }, + req = { + { + cmd = { + lun = "\302\302\302\302\302\302\302", <incomplete sequence \302>, + tag = 14033993530586874562, + task_attr = 194 '\302', + prio = 194 '\302', + crn = 194 '\302' + }, + cdb = 0x6c042d73 '\302' <repeats 36 times>, <incomplete sequence \302> + }, + tmf = { + type = 3267543746, + subtype = 3267543746, + lun = "\302\302\302\302\302\302\302", <incomplete sequence \302>, + tag = 14033993530586874562 + }, + an = { + type = 3267543746, + lun = "\302\302\302\302\302\302\302", <incomplete sequence \302>, + event_requested = 3267543746 + } + } +} + +This is qemu from git today (2014-10-07). + +The hardware is 32 bit ARM (ODROID-XU Samsung Exynos 5410). It is running Ubuntu 14.04 LTS as the main operating system, but I am NOT using qemu from Ubuntu (which is ancient). + +Richard, is this 3 year old bug still an issue? + + +Ah, my mail client found the thread that tells me this was fixed in commit 35e4e96c4d5bfcf. So we can close this. + + +Yes, qemu's working fine on aarch64 so this must have been fixed. + |