[Qemu-devel] qemu segfault parsing iscsi options

[Qemu-devel] qemu segfault parsing iscsi options

[Peter Lieven]

Hi,

with recent qemu from git qemu segfaults with the following commandline:

x86_64-softmmu/qemu-system-x86_64 -iscsi test

qemu-system-x86_64: -iscsi test: There is no option group 'iscsi'
Speicherzugriffsfehler (Speicherabzug geschrieben)

It seems that there is something missing regarding the iscsi options
in qemu-option.hx.

This was working with qemu-kvm-1.2.0.

Peter

Re: [Qemu-devel] qemu segfault parsing iscsi options

[Markus Armbruster]

Peter Lieven <pl@dlhnet.de> writes:

> Hi,
>
> with recent qemu from git qemu segfaults with the following commandline:
>
> x86_64-softmmu/qemu-system-x86_64 -iscsi test
>
> qemu-system-x86_64: -iscsi test: There is no option group 'iscsi'
> Speicherzugriffsfehler (Speicherabzug geschrieben)
>
> It seems that there is something missing regarding the iscsi options
> in qemu-option.hx.
>
> This was working with qemu-kvm-1.2.0.

Works for me with current master 225dc991.

Re: [Qemu-devel] qemu segfault parsing iscsi options

[Peter Lieven]

On 18.03.2013 13:52, Markus Armbruster wrote:
> Peter Lieven <pl@dlhnet.de> writes:
>
>> Hi,
>>
>> with recent qemu from git qemu segfaults with the following commandline:
>>
>> x86_64-softmmu/qemu-system-x86_64 -iscsi test
>>
>> qemu-system-x86_64: -iscsi test: There is no option group 'iscsi'
>> Speicherzugriffsfehler (Speicherabzug geschrieben)
>>
>> It seems that there is something missing regarding the iscsi options
>> in qemu-option.hx.
>>
>> This was working with qemu-kvm-1.2.0.
>
> Works for me with current master 225dc991.
>

for me it doesn't...

~/git/qemu$ git log -1 --oneline
225dc99 s390: Fix cpu refactoring fallout.

there is definetly missing some parts in qemu-options.hx for -iscsi

~/git/qemu$ gdb x86_64-softmmu/qemu-system-x86_64
GNU gdb (Ubuntu/Linaro 7.4-2012.04-0ubuntu2) 7.4-2012.04
Copyright (C) 2012 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.  Type "show copying"
and "show warranty" for details.
This GDB was configured as "x86_64-linux-gnu".
For bug reporting instructions, please see:
<http://bugs.launchpad.net/gdb-linaro/>...
Reading symbols from /home/lieven/git/qemu/x86_64-softmmu/qemu-system-x86_64...done.
(gdb) r -iscsi bla
Starting program: /home/lieven/git/qemu/x86_64-softmmu/qemu-system-x86_64 -iscsi bla
[Thread debugging using libthread_db enabled]
Using host libthread_db library "/lib/x86_64-linux-gnu/libthread_db.so.1".
qemu-system-x86_64: -iscsi bla: There is no option group 'iscsi'

Program received signal SIGSEGV, Segmentation fault.
0x000055555591066f in qemu_opts_create (list=0x0, id=0x0, fail_if_exists=1, errp=0x7fffffffd968) at util/qemu-option.c:790
790	    } else if (list->merge_lists) {
(gdb) bt full
#0  0x000055555591066f in qemu_opts_create (list=0x0, id=0x0, fail_if_exists=1, errp=0x7fffffffd968) at util/qemu-option.c:790
         opts = 0x0
#1  0x0000555555911048 in opts_parse (list=0x0, params=0x7fffffffe50d "bla", permit_abbrev=0, defaults=false) at util/qemu-option.c:958
         firstname = 0x0
         value = 
"\000\333\377\377\377\177\000\000H\352\375\367\377\177\000\000\330H'\366\377\177\000\000\256\022\217\367\377\177\000\000\000\000\000\000\000\000\000\000H\352\375\367\377\177\000\000\300\031\376\367\377\177\000\000\065\367\216\367\377\177\000\000\370I'\366\377\177\000\000h\002\216\367\377\177\000\000\000\000\000\000\001\000\000\000\202\b\000\000\001\000\000\000H\352\375\367\377\177\000\000\b\255\377\367\377\177\000\000p\333\377\377\377\177\000\000\207\360\226|\000\000\000\000H\352\375\367\377\177\000\000\220\333\377\377\377\177\000\000\260\251\377\367\377\177\000\000#E\336\367\377\177\000\000\000\000\000\000\000\000\000\000H\352\375\367\377\177\000\000\001\000\000\000\377\177\000\000\000\000\000\000\000\000\000\000\001\000\000\000\000\000\000\000\260\251\377\367\377\177\000\000\000\000\000\000\000\000\000\000P", 
'\000' <repeats 15 times>, "\b\255\377\367\377\177\000\000[\000\000\000\001\000\000\000w\000\000\000|", '\000' <repeats 11 times>, "\b\255\377\367\377\177\000\000!\000\000\000\001", '\000' <repeats 11 times>, "(*\226UUU"...
         id = 0x0
         p = 0x0
         opts = 0xffffffff
         local_err = 0x0
         __PRETTY_FUNCTION__ = "opts_parse"
#2  0x0000555555911126 in qemu_opts_parse (list=0x0, params=0x7fffffffe50d "bla", permit_abbrev=0) at util/qemu-option.c:979
No locals.
#3  0x00005555557d83a8 in main (argc=3, argv=0x7fffffffe218, envp=0x7fffffffe238) at vl.c:3204
         popt = 0x555555c9ae58
         i = 64
         snapshot = 0
         linux_boot = 0
         icount_option = 0x0
         initrd_filename = 0x7fff00000001 <Address 0x7fff00000001 out of bounds>
         kernel_filename = 0x0
         kernel_cmdline = 0x7fff00000001 <Address 0x7fff00000001 out of bounds>
         boot_devices = '\000' <repeats 32 times>
         ds = 0x7ffff7ffa9b0
         cyls = 0
         heads = 0
         secs = 0
         translation = 0
         hda_opts = 0x0
         opts = 0x7fff00000001
         machine_opts = 0x7fffffffe0a0
         olist = 0x0
         optind = 3
         optarg = 0x7fffffffe50d "bla"
         loadvm = 0x0
         machine = 0x555555cf1bc0
         cpu_model = 0x0
         vga_model = 0x555555945fd6 "none"
         pid_file = 0x0
         incoming = 0x0
         show_vnc_port = 0
         defconfig = true
         userconfig = true
         log_mask = 0x0
         log_file = 0x0
         mem_trace = {malloc = 0x5555557d710f <malloc_and_trace>, realloc = 0x5555557d7167 <realloc_and_trace>, free = 0x5555557d71ce <free_and_trace>, calloc = 0, try_malloc = 0, try_realloc = 0}
         trace_events = 0x0
         trace_file = 0x0
         args = {ram_size = 19, boot_device = 0x7ffff7ffad08 "\200\345\377\367\377\177", kernel_filename = 0x7fffffffdfd0 "", kernel_cmdline = 0xf5e616f3 <Address 0xf5e616f3 out of bounds>,
           initrd_filename = 0x7ffff7fdea48 "\227*\217\367\377\177", cpu_model = 0x7fffffffdff0 "["}

Re: [Qemu-devel] qemu segfault parsing iscsi options

[Markus Armbruster]

Peter Lieven <pl@dlhnet.de> writes:

> On 18.03.2013 13:52, Markus Armbruster wrote:
>> Peter Lieven <pl@dlhnet.de> writes:
>>
>>> Hi,
>>>
>>> with recent qemu from git qemu segfaults with the following commandline:
>>>
>>> x86_64-softmmu/qemu-system-x86_64 -iscsi test
>>>
>>> qemu-system-x86_64: -iscsi test: There is no option group 'iscsi'
>>> Speicherzugriffsfehler (Speicherabzug geschrieben)
>>>
>>> It seems that there is something missing regarding the iscsi options
>>> in qemu-option.hx.
>>>
>>> This was working with qemu-kvm-1.2.0.
>>
>> Works for me with current master 225dc991.
>>
>
> for me it doesn't...
>
> ~/git/qemu$ git log -1 --oneline
> 225dc99 s390: Fix cpu refactoring fallout.
>
> there is definetly missing some parts in qemu-options.hx for -iscsi

Hmm, I got CONFIG_LIBISCSI off.  What do I have to install to flip it to
on (Fedora 17)?

[...]

Re: [Qemu-devel] qemu segfault parsing iscsi options

[Peter Lieven]

Am 18.03.2013 um 17:47 schrieb Markus Armbruster <armbru@redhat.com>:

> Peter Lieven <pl@dlhnet.de> writes:
> 
>> On 18.03.2013 13:52, Markus Armbruster wrote:
>>> Peter Lieven <pl@dlhnet.de> writes:
>>> 
>>>> Hi,
>>>> 
>>>> with recent qemu from git qemu segfaults with the following commandline:
>>>> 
>>>> x86_64-softmmu/qemu-system-x86_64 -iscsi test
>>>> 
>>>> qemu-system-x86_64: -iscsi test: There is no option group 'iscsi'
>>>> Speicherzugriffsfehler (Speicherabzug geschrieben)
>>>> 
>>>> It seems that there is something missing regarding the iscsi options
>>>> in qemu-option.hx.
>>>> 
>>>> This was working with qemu-kvm-1.2.0.
>>> 
>>> Works for me with current master 225dc991.
>>> 
>> 
>> for me it doesn't...
>> 
>> ~/git/qemu$ git log -1 --oneline
>> 225dc99 s390: Fix cpu refactoring fallout.
>> 
>> there is definetly missing some parts in qemu-options.hx for -iscsi
> 
> Hmm, I got CONFIG_LIBISCSI off.  What do I have to install to flip it to
> on (Fedora 17)?

if there is no libiscsi-dev package in fedora, grab latest git version or
stable release from https://github.com/sahlberg/libiscsi and compile
qemu with --enable-iscsi.

Peter

Re: [Qemu-devel] qemu segfault parsing iscsi options

[Markus Armbruster]

Peter Lieven <pl@dlhnet.de> writes:

> On 18.03.2013 13:52, Markus Armbruster wrote:
>> Peter Lieven <pl@dlhnet.de> writes:
>>
>>> Hi,
>>>
>>> with recent qemu from git qemu segfaults with the following commandline:
>>>
>>> x86_64-softmmu/qemu-system-x86_64 -iscsi test
>>>
>>> qemu-system-x86_64: -iscsi test: There is no option group 'iscsi'
>>> Speicherzugriffsfehler (Speicherabzug geschrieben)
>>>
>>> It seems that there is something missing regarding the iscsi options
>>> in qemu-option.hx.
>>>
>>> This was working with qemu-kvm-1.2.0.
>>
>> Works for me with current master 225dc991.
>>
>
> for me it doesn't...
>
> ~/git/qemu$ git log -1 --oneline
> 225dc99 s390: Fix cpu refactoring fallout.
>
> there is definetly missing some parts in qemu-options.hx for -iscsi

Nope.  It's an initialization order issue.

Paolo's commit 4d454574 "qemu-option: move standard option definitions
out of qemu-config.c" moved option group registration from compile time
(initializer of vm_config_groups[]) to run time (various places).

Registration of group "iscsi" moved to iscsi_block_init(), a block
driver initialization function.  These are run by
bdrv_init_with_whitelist(), which gets called only after command line
parsing.  Oops.

I'm afraid we need to re-review all of that commit for similar
initialization order errors.

Re: [Qemu-devel] qemu segfault parsing iscsi options

[Peter Lieven]

On 19.03.2013 09:25, Markus Armbruster wrote:
> Peter Lieven <pl@dlhnet.de> writes:
>
>> On 18.03.2013 13:52, Markus Armbruster wrote:
>>> Peter Lieven <pl@dlhnet.de> writes:
>>>
>>>> Hi,
>>>>
>>>> with recent qemu from git qemu segfaults with the following commandline:
>>>>
>>>> x86_64-softmmu/qemu-system-x86_64 -iscsi test
>>>>
>>>> qemu-system-x86_64: -iscsi test: There is no option group 'iscsi'
>>>> Speicherzugriffsfehler (Speicherabzug geschrieben)
>>>>
>>>> It seems that there is something missing regarding the iscsi options
>>>> in qemu-option.hx.
>>>>
>>>> This was working with qemu-kvm-1.2.0.
>>>
>>> Works for me with current master 225dc991.
>>>
>>
>> for me it doesn't...
>>
>> ~/git/qemu$ git log -1 --oneline
>> 225dc99 s390: Fix cpu refactoring fallout.
>>
>> there is definetly missing some parts in qemu-options.hx for -iscsi
>
> Nope.  It's an initialization order issue.

yes, you are right. so Paolo's patch needs to be fixed. The patch
series fixes at least the iSCSI part.

>
> Paolo's commit 4d454574 "qemu-option: move standard option definitions
> out of qemu-config.c" moved option group registration from compile time
> (initializer of vm_config_groups[]) to run time (various places).
>
> Registration of group "iscsi" moved to iscsi_block_init(), a block
> driver initialization function.  These are run by
> bdrv_init_with_whitelist(), which gets called only after command line
> parsing.  Oops.
>
> I'm afraid we need to re-review all of that commit for similar
> initialization order errors.
>

 From a quick look at the code, it could be that -spice is broken.
-fsdev and -virtfs work.
I have not find any other invocations of qemu_add_opts outside vl.c

Peter.

Re: [Qemu-devel] qemu segfault parsing iscsi options

[Paolo Bonzini]

Il 18/03/2013 17:47, Markus Armbruster ha scritto:
> Peter Lieven <pl@dlhnet.de> writes:
> 
>> On 18.03.2013 13:52, Markus Armbruster wrote:
>>> Peter Lieven <pl@dlhnet.de> writes:
>>>
>>>> Hi,
>>>>
>>>> with recent qemu from git qemu segfaults with the following commandline:
>>>>
>>>> x86_64-softmmu/qemu-system-x86_64 -iscsi test
>>>>
>>>> qemu-system-x86_64: -iscsi test: There is no option group 'iscsi'
>>>> Speicherzugriffsfehler (Speicherabzug geschrieben)
>>>>
>>>> It seems that there is something missing regarding the iscsi options
>>>> in qemu-option.hx.
>>>>
>>>> This was working with qemu-kvm-1.2.0.
>>>
>>> Works for me with current master 225dc991.
>>>
>>
>> for me it doesn't...
>>
>> ~/git/qemu$ git log -1 --oneline
>> 225dc99 s390: Fix cpu refactoring fallout.
>>
>> there is definetly missing some parts in qemu-options.hx for -iscsi
> 
> Hmm, I got CONFIG_LIBISCSI off.  What do I have to install to flip it to
> on (Fedora 17)?

It is only in Fedora 18, but I think it will install just fine if you
download the packages from Koji.

Paolo