1 files changed, 20 insertions, 0 deletions

diff --git a/results/classifier/gemma3:12b/device/1314857 b/results/classifier/gemma3:12b/device/1314857
new file mode 100644
index 000000000..bc359352d
--- /dev/null
+++ b/results/classifier/gemma3:12b/device/1314857
@@ -0,0 +1,20 @@
+
+seg fault in ivshmem when using ioeventfd=on
+
+When launching qemu with the ivshmem device and the nahanni guest server there is segmentation fault in the setup_ioeventfds function of ivshmem.c. If the ioeventfd=on flag is set the pci_ivshmem_init will call setup_ioeventfds at line 668. This function relies on the 'peers' member of the server info which is not allocated until line 669.
+
+To reproduce you will need the nahanni guest server code. The driver code is not needed. You will also need a qcow2 or other bootable image to use for launching qemu. The error occurs before the actual image launch.
+
+Start the nahanni ivshmem server with a small global memory space ( although the bug is not allocation specific )
+ivshmem -m 1 -n 2 -p /tmp/ivshmem_socket
+
+Next launch qemu with initialization for the ivshmem device.
+qemu-system-x86_64 -hda test_iso.qcow2 -localtime -boot c -chardev socket,path="/tmp/ivshmem_socket",id=ivshmem_socket -device ivshmem,chardev=ivshmem_socket,size=1,ioeventfd=on
+
+If gdb is used the following error is recorded:
+Program received signal SIGSEGV, Segmentation fault.
+0x000055555579dd52 in setup_ioeventfds (s=0x555556619580)
+    at /home/genes/work/ubuntu/qemu-kvm-1.0+noroms/hw/ivshmem.c:367
+367             for (j = 0; j < s->peers[i].nb_eventfds; j++) {
+(gdb) print s->peers
+$2 = (Peer *) 0x0
\ No newline at end of file