Re: [Qemu-devel] KVM segfaults with 3.5 while installing ubuntu 12.04

qemu-devel.nongnu.org archive mirror
 help / color / mirror / Atom feed

* Re: [Qemu-devel] KVM segfaults with 3.5 while installing ubuntu 12.04
       [not found]                         ` <501F846C.50903@profihost.ag>
@ 2012-08-06 12:12                           ` Avi Kivity
  2012-08-06 12:37                             ` Avi Kivity
  0 siblings, 1 reply; 8+ messages in thread
From: Avi Kivity @ 2012-08-06 12:12 UTC (permalink / raw)
  To: Stefan Priebe - Profihost AG
  Cc: Kevin Wolf, Stefan Hajnoczi, kvm, mtosatti, qemu-devel,
	linux-kernel

On 08/06/2012 11:46 AM, Stefan Priebe - Profihost AG wrote:

> But still i got the segfault and core dump - this is my main problem? I
> mean qemu-kvm master isn't declared as stable. So i don't care about the
> slowness here.
> 
> What can we do about the core dump and crash?

Okay, I reproduced it; it seems aio=native is the culprit.  You can try
aio=threads as a workaround.

Copying some relevant people (context: aio=native on qemu-kvm-1.1.1
segfaults pretty early during guest install)

-- 
error compiling committee.c: too many arguments to function

^ permalink raw reply	[flat|nested] 8+ messages in thread

* Re: [Qemu-devel] KVM segfaults with 3.5 while installing ubuntu 12.04
  2012-08-06 12:12                           ` [Qemu-devel] KVM segfaults with 3.5 while installing ubuntu 12.04 Avi Kivity
@ 2012-08-06 12:37                             ` Avi Kivity
  2012-08-06 12:48                               ` Avi Kivity
                                                 ` (2 more replies)
  0 siblings, 3 replies; 8+ messages in thread
From: Avi Kivity @ 2012-08-06 12:37 UTC (permalink / raw)
  To: Stefan Priebe - Profihost AG
  Cc: Kevin Wolf, Stefan Hajnoczi, kvm, mtosatti, qemu-devel,
	linux-kernel

On 08/06/2012 03:12 PM, Avi Kivity wrote:
> On 08/06/2012 11:46 AM, Stefan Priebe - Profihost AG wrote:
> 
>> But still i got the segfault and core dump - this is my main problem? I
>> mean qemu-kvm master isn't declared as stable. So i don't care about the
>> slowness here.
>> 
>> What can we do about the core dump and crash?
> 
> Okay, I reproduced it; it seems aio=native is the culprit.  You can try
> aio=threads as a workaround.
> 
> Copying some relevant people (context: aio=native on qemu-kvm-1.1.1
> segfaults pretty early during guest install)
> 

The following ought to fix it:


From: Avi Kivity <avi@redhat.com>
Date: Mon, 6 Aug 2012 15:35:02 +0300
Subject: [PATCH] virtio-mlk: fix use-after-free while handling scsi commands

The scsi passthrough handler falls through after completing a
request into the failure path, resulting in a use after free.

Reprducible by running a guest with aio=native on a block device.

Reported-by: Stefan Priebe <s.priebe@profihost.ag>
Signed-off-by: Avi Kivity <avi@redhat.com>

diff --git a/hw/virtio-blk.c b/hw/virtio-blk.c
index f21757e..552b3b6 100644
--- a/hw/virtio-blk.c
+++ b/hw/virtio-blk.c
@@ -254,6 +254,7 @@ static void virtio_blk_handle_scsi(VirtIOBlockReq *req)
 
     virtio_blk_req_complete(req, status);
     g_free(req);
+    return;
 #else
     abort();
 #endif


-- 
error compiling committee.c: too many arguments to function

^ permalink raw reply related	[flat|nested] 8+ messages in thread

* Re: [Qemu-devel] KVM segfaults with 3.5 while installing ubuntu 12.04
  2012-08-06 12:37                             ` Avi Kivity
@ 2012-08-06 12:48                               ` Avi Kivity
  2012-08-06 13:11                               ` Stefan Priebe - Profihost AG
  2012-08-08  5:51                               ` Stefan Priebe
  2 siblings, 0 replies; 8+ messages in thread
From: Avi Kivity @ 2012-08-06 12:48 UTC (permalink / raw)
  To: Stefan Priebe - Profihost AG
  Cc: Kevin Wolf, Stefan Hajnoczi, kvm, mtosatti, qemu-devel,
	linux-kernel

On 08/06/2012 03:37 PM, Avi Kivity wrote:
> On 08/06/2012 03:12 PM, Avi Kivity wrote:
>> On 08/06/2012 11:46 AM, Stefan Priebe - Profihost AG wrote:
>> 
>>> But still i got the segfault and core dump - this is my main problem? I
>>> mean qemu-kvm master isn't declared as stable. So i don't care about the
>>> slowness here.
>>> 
>>> What can we do about the core dump and crash?
>> 
>> Okay, I reproduced it; it seems aio=native is the culprit.  You can try
>> aio=threads as a workaround.
>> 
>> Copying some relevant people (context: aio=native on qemu-kvm-1.1.1
>> segfaults pretty early during guest install)
>> 
> 
> The following ought to fix it:

It does.

Kevin: despite aio=native, I get iothreads and pwrites, something is broken.


-- 
error compiling committee.c: too many arguments to function

^ permalink raw reply	[flat|nested] 8+ messages in thread

* Re: [Qemu-devel] KVM segfaults with 3.5 while installing ubuntu 12.04
  2012-08-06 12:37                             ` Avi Kivity
  2012-08-06 12:48                               ` Avi Kivity
@ 2012-08-06 13:11                               ` Stefan Priebe - Profihost AG
  2012-08-08  5:51                               ` Stefan Priebe
  2 siblings, 0 replies; 8+ messages in thread
From: Stefan Priebe - Profihost AG @ 2012-08-06 13:11 UTC (permalink / raw)
  To: Avi Kivity
  Cc: Kevin Wolf, Stefan Hajnoczi, kvm, mtosatti, qemu-devel,
	linux-kernel

can confirm - this fixed it!
Am 06.08.2012 14:37, schrieb Avi Kivity:
> On 08/06/2012 03:12 PM, Avi Kivity wrote:
>> On 08/06/2012 11:46 AM, Stefan Priebe - Profihost AG wrote:
>>
>>> But still i got the segfault and core dump - this is my main problem? I
>>> mean qemu-kvm master isn't declared as stable. So i don't care about the
>>> slowness here.
>>>
>>> What can we do about the core dump and crash?
>>
>> Okay, I reproduced it; it seems aio=native is the culprit.  You can try
>> aio=threads as a workaround.
>>
>> Copying some relevant people (context: aio=native on qemu-kvm-1.1.1
>> segfaults pretty early during guest install)
>>
>
> The following ought to fix it:
>
>
> From: Avi Kivity <avi@redhat.com>
> Date: Mon, 6 Aug 2012 15:35:02 +0300
> Subject: [PATCH] virtio-mlk: fix use-after-free while handling scsi commands
>
> The scsi passthrough handler falls through after completing a
> request into the failure path, resulting in a use after free.
>
> Reprducible by running a guest with aio=native on a block device.
>
> Reported-by: Stefan Priebe <s.priebe@profihost.ag>
> Signed-off-by: Avi Kivity <avi@redhat.com>
>
> diff --git a/hw/virtio-blk.c b/hw/virtio-blk.c
> index f21757e..552b3b6 100644
> --- a/hw/virtio-blk.c
> +++ b/hw/virtio-blk.c
> @@ -254,6 +254,7 @@ static void virtio_blk_handle_scsi(VirtIOBlockReq *req)
>
>       virtio_blk_req_complete(req, status);
>       g_free(req);
> +    return;
>   #else
>       abort();
>   #endif
>
>

^ permalink raw reply	[flat|nested] 8+ messages in thread

* Re: [Qemu-devel] KVM segfaults with 3.5 while installing ubuntu 12.04
  2012-08-06 12:37                             ` Avi Kivity
  2012-08-06 12:48                               ` Avi Kivity
  2012-08-06 13:11                               ` Stefan Priebe - Profihost AG
@ 2012-08-08  5:51                               ` Stefan Priebe
  2012-08-08  8:06                                 ` Stefan Hajnoczi
  2 siblings, 1 reply; 8+ messages in thread
From: Stefan Priebe @ 2012-08-08  5:51 UTC (permalink / raw)
  To: Avi Kivity
  Cc: Kevin Wolf, Stefan Hajnoczi, kvm, mtosatti, qemu-devel,
	linux-kernel

Any news? Was this applied upstream?

Am 06.08.2012 14:37, schrieb Avi Kivity:
> On 08/06/2012 03:12 PM, Avi Kivity wrote:
>> On 08/06/2012 11:46 AM, Stefan Priebe - Profihost AG wrote:
>>
>>> But still i got the segfault and core dump - this is my main problem? I
>>> mean qemu-kvm master isn't declared as stable. So i don't care about the
>>> slowness here.
>>>
>>> What can we do about the core dump and crash?
>>
>> Okay, I reproduced it; it seems aio=native is the culprit.  You can try
>> aio=threads as a workaround.
>>
>> Copying some relevant people (context: aio=native on qemu-kvm-1.1.1
>> segfaults pretty early during guest install)
>>
>
> The following ought to fix it:
>
>
> From: Avi Kivity <avi@redhat.com>
> Date: Mon, 6 Aug 2012 15:35:02 +0300
> Subject: [PATCH] virtio-mlk: fix use-after-free while handling scsi commands
>
> The scsi passthrough handler falls through after completing a
> request into the failure path, resulting in a use after free.
>
> Reprducible by running a guest with aio=native on a block device.
>
> Reported-by: Stefan Priebe <s.priebe@profihost.ag>
> Signed-off-by: Avi Kivity <avi@redhat.com>
>
> diff --git a/hw/virtio-blk.c b/hw/virtio-blk.c
> index f21757e..552b3b6 100644
> --- a/hw/virtio-blk.c
> +++ b/hw/virtio-blk.c
> @@ -254,6 +254,7 @@ static void virtio_blk_handle_scsi(VirtIOBlockReq *req)
>
>       virtio_blk_req_complete(req, status);
>       g_free(req);
> +    return;
>   #else
>       abort();
>   #endif
>
>

^ permalink raw reply	[flat|nested] 8+ messages in thread

* Re: [Qemu-devel] KVM segfaults with 3.5 while installing ubuntu 12.04
  2012-08-08  5:51                               ` Stefan Priebe
@ 2012-08-08  8:06                                 ` Stefan Hajnoczi
  2012-08-08  8:29                                   ` Stefan Priebe
  0 siblings, 1 reply; 8+ messages in thread
From: Stefan Hajnoczi @ 2012-08-08  8:06 UTC (permalink / raw)
  To: Stefan Priebe
  Cc: Kevin Wolf, kvm, mtosatti, linux-kernel, qemu-devel, Avi Kivity

On Wed, Aug 08, 2012 at 07:51:07AM +0200, Stefan Priebe wrote:
> Any news? Was this applied upstream?

Kevin is ill.  He has asked me to review and test patches in his
absence.  When he gets back later this week this will get picked up (and
included in QEMU 1.2).

Here is the tree, it includes this patch:

https://github.com/stefanha/qemu/commits/for-kevin

Stefan

^ permalink raw reply	[flat|nested] 8+ messages in thread

* Re: [Qemu-devel] KVM segfaults with 3.5 while installing ubuntu 12.04
  2012-08-08  8:06                                 ` Stefan Hajnoczi
@ 2012-08-08  8:29                                   ` Stefan Priebe
  2012-08-10 15:14                                     ` Stefan Hajnoczi
  0 siblings, 1 reply; 8+ messages in thread
From: Stefan Priebe @ 2012-08-08  8:29 UTC (permalink / raw)
  To: Stefan Hajnoczi
  Cc: Kevin Wolf, kvm, mtosatti, linux-kernel, qemu-devel, Avi Kivity

ah OK - thanks. Will there be a fixed 1.1.2 as well?

Stefan

Am 08.08.2012 10:06, schrieb Stefan Hajnoczi:
> On Wed, Aug 08, 2012 at 07:51:07AM +0200, Stefan Priebe wrote:
>> Any news? Was this applied upstream?
>
> Kevin is ill.  He has asked me to review and test patches in his
> absence.  When he gets back later this week this will get picked up (and
> included in QEMU 1.2).
>
> Here is the tree, it includes this patch:
>
> https://github.com/stefanha/qemu/commits/for-kevin
>
> Stefan
>

^ permalink raw reply	[flat|nested] 8+ messages in thread

* Re: [Qemu-devel] KVM segfaults with 3.5 while installing ubuntu 12.04
  2012-08-08  8:29                                   ` Stefan Priebe
@ 2012-08-10 15:14                                     ` Stefan Hajnoczi
  0 siblings, 0 replies; 8+ messages in thread
From: Stefan Hajnoczi @ 2012-08-10 15:14 UTC (permalink / raw)
  To: Michael Roth
  Cc: Kevin Wolf, Stefan Hajnoczi, kvm, Stefan Priebe, mtosatti,
	qemu-devel, linux-kernel, Avi Kivity

On Wed, Aug 8, 2012 at 9:29 AM, Stefan Priebe <s.priebe@profihost.ag> wrote:
> ah OK - thanks. Will there be a fixed 1.1.2 as well?

mdroth: Kevin has the fix in his block branch, which means qemu.git
will get it soon.  Here's the commit:

http://repo.or.cz/w/qemu/kevin.git/commit/730a9c53b4e52681fcfe31cf38854cbf91e132c7

>
> Am 08.08.2012 10:06, schrieb Stefan Hajnoczi:
>
>> On Wed, Aug 08, 2012 at 07:51:07AM +0200, Stefan Priebe wrote:
>>>
>>> Any news? Was this applied upstream?
>>
>>
>> Kevin is ill.  He has asked me to review and test patches in his
>> absence.  When he gets back later this week this will get picked up (and
>> included in QEMU 1.2).
>>
>> Here is the tree, it includes this patch:
>>
>> https://github.com/stefanha/qemu/commits/for-kevin
>>
>> Stefan
>>
> --
> To unsubscribe from this list: send the line "unsubscribe kvm" in
> the body of a message to majordomo@vger.kernel.org
> More majordomo info at  http://vger.kernel.org/majordomo-info.html

^ permalink raw reply	[flat|nested] 8+ messages in thread

end of thread, other threads:[~2012-08-10 15:15 UTC | newest]

Thread overview: 8+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
     [not found] <5017C8A0.60506@profihost.ag>
     [not found] ` <5017F19E.4070308@redhat.com>
     [not found]   ` <501817C9.6090405@profihost.ag>
     [not found]     ` <5018EC7D.9090702@redhat.com>
     [not found]       ` <5018F5BB.9070500@profihost.ag>
     [not found]         ` <5018F7E6.4020909@redhat.com>
     [not found]           ` <5018F9F6.70307@profihost.ag>
     [not found]             ` <5018FC9B.8040808@redhat.com>
     [not found]               ` <501E4615.7060801@profihost.ag>
     [not found]                 ` <501E4AFD.3020806@redhat.com>
     [not found]                   ` <501E96BB.5060702@profihost.ag>
     [not found]                     ` <501EC2E2.8010802@profihost.ag>
     [not found]                       ` <501F8226.9090500@redhat.com>
     [not found]                         ` <501F846C.50903@profihost.ag>
2012-08-06 12:12                           ` [Qemu-devel] KVM segfaults with 3.5 while installing ubuntu 12.04 Avi Kivity
2012-08-06 12:37                             ` Avi Kivity
2012-08-06 12:48                               ` Avi Kivity
2012-08-06 13:11                               ` Stefan Priebe - Profihost AG
2012-08-08  5:51                               ` Stefan Priebe
2012-08-08  8:06                                 ` Stefan Hajnoczi
2012-08-08  8:29                                   ` Stefan Priebe
2012-08-10 15:14                                     ` Stefan Hajnoczi

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).