Ubuntu/Debian Installer + Virtio-SCSI -> Bad ram pointer

kvm.vger.kernel.org archive mirror
 help / color / mirror / Atom feed

From: Peter Lieven <pl@dlhnet.de>
To: "qemu-devel@nongnu.org" <qemu-devel@nongnu.org>,
	"kvm@vger.kernel.org" <kvm@vger.kernel.org>
Cc: ronnie sahlberg <ronniesahlberg@gmail.com>
Subject: Ubuntu/Debian Installer + Virtio-SCSI -> Bad ram pointer
Date: Mon, 29 Oct 2012 15:09:37 +0100	[thread overview]
Message-ID: <508E8E21.6080406@dlhnet.de> (raw)

[-- Attachment #1: Type: text/plain, Size: 4848 bytes --]

Hi,

If I try to Install Ubuntu 12.04 LTS / 12.10 64-bit on a virtio storage 
backend that supports iSCSI
qemu-kvm crashes reliably with the following error:

Bad ram pointer 0x3039303620008000

This happens directly after the confirmation of the Timezone before the 
Disk is partitioned.

If I specify  -global virtio-blk-pci.scsi=off in the cmdline this does 
not happen.

Here is a stack trace:

Thread 1 (Thread 0x7ffff7fee700 (LWP 8226)):
#0 0x00007ffff63c0a10 in abort () from /lib/x86_64-linux-gnu/libc.so.6
No symbol table info available.
#1 <https://github.com/sahlberg/libiscsi/issues/1> 0x00005555557b751d in 
qemu_ram_addr_from_host_nofail (
ptr=0x3039303620008000) at /usr/src/qemu-kvm-1.2.0/exec.c:2835
ram_addr = 0
#2 <https://github.com/sahlberg/libiscsi/issues/2> 0x00005555557b9177 in 
cpu_physical_memory_unmap (
buffer=0x3039303620008000, len=4986663671065686081, is_write=1,
access_len=1) at /usr/src/qemu-kvm-1.2.0/exec.c:3645
addr1 = 93825009559312
#3 <https://github.com/sahlberg/libiscsi/issues/3> 0x000055555580a9ca in 
virtqueue_fill (vq=0x5555565da710,
elem=0x555556722238, len=1, idx=0)
at /usr/src/qemu-kvm-1.2.0/hw/virtio.c:240
size = 1
offset = 0
i = 0
#4 <https://github.com/sahlberg/libiscsi/issues/4> 0x000055555580abf0 in 
virtqueue_push (vq=0x5555565da710,
elem=0x555556722238, len=1) at /usr/src/qemu-kvm-1.2.0/hw/virtio.c:276
No locals.
#5 <https://github.com/sahlberg/libiscsi/issues/5> 0x0000555555800952 in 
virtio_blk_req_complete (req=0x555556722230,
status=0) at /usr/src/qemu-kvm-1.2.0/hw/virtio-blk.c:62
s = 0x5555565da640
#6 <https://github.com/sahlberg/libiscsi/issues/6> 0x00005555558010bf in 
virtio_blk_handle_scsi (req=0x555556722230)
at /usr/src/qemu-kvm-1.2.0/hw/virtio-blk.c:261
ret = 0
i = 1
status = 0
hdr = {interface_id = 83, dxfer_direction = -3, cmd_len = 6 '\006',
mx_sb_len = 96 '`', iovec_count = 1, dxfer_len = 56,
dxferp = 0x555556726248, cmdp = 0x2aab24b6c838 "\022\001\200",
sbp = 0x2aab1d677c30 "", timeout = 0, flags = 0, pack_id = 0,
usr_ptr = 0x0, status = 0 '\000', masked_status = 0 '\000',
msg_status = 0 '\000', sb_len_wr = 0 '\000', host_status = 0,
driver_status = 0, resid = 0, duration = 0, info = 0}
#7 <https://github.com/sahlberg/libiscsi/issues/7> 0x0000555555801724 in 
virtio_blk_handle_request (req=0x555556722230,
mrb=0x7fffffffd9f0) at /usr/src/qemu-kvm-1.2.0/hw/virtio-blk.c:393
type = 2
#8 <https://github.com/sahlberg/libiscsi/issues/8> 0x00005555558018c3 in 
virtio_blk_handle_output (vdev=0x5555565da640,
vq=0x5555565da710) at /usr/src/qemu-kvm-1.2.0/hw/virtio-blk.c:426
s = 0x5555565da640
req = 0x555556722230
mrb = {blkreq = {{sector = 0, nb_sectors = 0, qiov = 0x0, cb = 0,
opaque = 0x0, error = 0} }, num_writes = 0}
#9 <https://github.com/sahlberg/libiscsi/issues/9> 0x000055555580bd81 in 
virtio_queue_notify_vq (vq=0x5555565da710)
at /usr/src/qemu-kvm-1.2.0/hw/virtio.c:648
vdev = 0x5555565da640
#10 <https://github.com/sahlberg/libiscsi/issues/10> 0x000055555580d2ff 
in virtio_queue_host_notifier_read (n=0x5555565da75c)
at /usr/src/qemu-kvm-1.2.0/hw/virtio.c:1020
vq = 0x5555565da710
#11 <https://github.com/sahlberg/libiscsi/issues/11> 0x000055555565a47e 
in qemu_iohandler_poll (readfds=0x555556073160,
writefds=0x5555560731e0, xfds=0x555556073260, ret=1) at iohandler.c:122
pioh = 0x555556541290
ioh = 0x7ffff0000e70
#12 <https://github.com/sahlberg/libiscsi/issues/12> 0x000055555572b742 
in main_loop_wait (nonblocking=0) at main-loop.c:497
ret = 1
timeout = 4294967295
#13 <https://github.com/sahlberg/libiscsi/issues/13> 0x00005555557235e2 
in main_loop () at /usr/src/qemu-kvm-1.2.0/vl.c:1643
nonblocking = false
last_io = 1
#14 <https://github.com/sahlberg/libiscsi/issues/14> 0x000055555572a21c 
in main (argc=42, argv=0x7fffffffe548,
envp=0x7fffffffe6a0) at /usr/src/qemu-kvm-1.2.0/vl.c:3790
i = 64
snapshot = 0
linux_boot = 0
icount_option = 0x0
initrd_filename = 0x0
kernel_filename = 0x0
kernel_cmdline = 0x5555558d442a ""
boot_devices = "dc", '\000'
ds = 0x5555565465a0
dcl = 0x0
cyls = 0
heads = 0
secs = 0
translation = 0
hda_opts = 0x0
opts = 0x55555650f4b0
machine_opts = 0x55555650fcb0
olist = 0x5780f638f2e0
optind = 42
optarg = 0x7fffffffebd9 "cirrus"
loadvm = 0x0
machine = 0x555555c66780
cpu_model = 0x7fffffffeb5b "host,+x2apic,model_id=Intel(R) Xeon(R) CPU", 
' ' , "L5640 @ 2.27GHz,-tsc"
vga_model = 0x7fffffffebd9 "cirrus"
pid_file = 0x7fffffffeb1a "/var/run/qemu/vm-279.pid"
incoming = 0x0
show_vnc_port = 0
defconfig = true
userconfig = true
log_mask = 0x0
log_file = 0x0
mem_trace = {malloc = 0x55555572683e ,
realloc = 0x555555726896 ,
free = 0x5555557268fd , calloc = 0, try_malloc = 0,
try_realloc = 0}
trace_events = 0x0
trace_file = 0x0

Is this a regression in qemu-kvm. I remember there where some 
modifications regarding SCSI
passthru lately. Maybe there was a problem introduced with this.

BR,
Peter


[-- Attachment #2: Type: text/html, Size: 7159 bytes --]

next             reply	other threads:[~2012-10-29 14:09 UTC|newest]

Thread overview: 15+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2012-10-29 14:09 Peter Lieven [this message]
2012-10-30  8:32 ` [Qemu-devel] Ubuntu/Debian Installer + Virtio-SCSI -> Bad ram pointer Stefan Hajnoczi
2012-10-30  9:43   ` [Qemu-devel] Ubuntu/Debian Installer + Virtio-BLK " Peter Lieven
2012-10-30 15:56   ` [Qemu-devel] Ubuntu/Debian Installer + Virtio-SCSI " Peter Lieven
2012-10-30 18:27     ` Stefan Hajnoczi
2012-10-30 19:37       ` Peter Lieven
2012-10-30 21:09         ` ronnie sahlberg
2012-10-31  5:48           ` Stefan Hajnoczi
2012-10-31 14:08             ` [Qemu-devel] " ronnie sahlberg
2012-11-05 15:19               ` Peter Lieven
2012-11-08 15:26               ` Peter Lieven
2012-11-19 17:20                 ` Stefan Hajnoczi
2012-11-22 14:10                   ` Peter Lieven
2012-10-31  5:53         ` [Qemu-devel] " Stefan Hajnoczi
2012-10-30 20:24       ` Peter Lieven

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=508E8E21.6080406@dlhnet.de \
    --to=pl@dlhnet.de \
    --cc=kvm@vger.kernel.org \
    --cc=qemu-devel@nongnu.org \
    --cc=ronniesahlberg@gmail.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).