[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Qemu-commits] [qemu/qemu] 7abba7: virtio-mmio : fix the crash in the vm
From: |
Richard Henderson |
Subject: |
[Qemu-commits] [qemu/qemu] 7abba7: virtio-mmio : fix the crash in the vm shutdown |
Date: |
Mon, 29 Nov 2021 08:45:21 -0800 |
Branch: refs/heads/master
Home: https://github.com/qemu/qemu
Commit: 7abba7c638ab809e626f379617cb8590a733eabf
https://github.com/qemu/qemu/commit/7abba7c638ab809e626f379617cb8590a733eabf
Author: Cindy Lu <lulu@redhat.com>
Date: 2021-11-28 (Sun, 28 Nov 2021)
Changed paths:
M hw/virtio/virtio-mmio.c
Log Message:
-----------
virtio-mmio : fix the crash in the vm shutdown
The root cause for this crash is the ioeventfd not stopped while the VM stop.
The callback for vmstate_change was not implement in virtio-mmio bus
Reproduce step
load the vm with
-M microvm \
-netdev tap,id=net0,vhostforce,script=no,downscript=no \
-device virtio-net-device,netdev=net0\
After the VM boot, login the vm and then shutdown the vm
System will crash
[Current thread is 1 (Thread 0x7ffff6edde00 (LWP 374378))]
(gdb) bt
0 0x00005555558f18b4 in qemu_flush_or_purge_queued_packets (purge=false,
nc=0x55500252e850) at ../net/net.c:636
1 qemu_flush_queued_packets (nc=0x55500252e850) at ../net/net.c:656
2 0x0000555555b6c363 in virtio_queue_notify_vq (vq=0x7fffe7e2b010) at
../hw/virtio/virtio.c:2339
3 virtio_queue_host_notifier_read (n=0x7fffe7e2b08c) at
../hw/virtio/virtio.c:3583
4 0x0000555555de7b5a in aio_dispatch_handler (ctx=ctx@entry=0x5555567c5780,
node=0x555556b83fd0) at ../util/aio-posix.c:329
5 0x0000555555de8454 in aio_dispatch_ready_handlers (ready_list=<optimized
out>, ctx=<optimized out>) at ../util/aio-posix.c:359
6 aio_poll (ctx=0x5555567c5780, blocking=blocking@entry=false) at
../util/aio-posix.c:662
7 0x0000555555cce0cc in monitor_cleanup () at ../monitor/monitor.c:645
8 0x0000555555b06bd2 in qemu_cleanup () at ../softmmu/runstate.c:822
9 0x000055555586e693 in main (argc=<optimized out>, argv=<optimized out>,
envp=<optimized out>) at ../softmmu/main.c:51
Signed-off-by: Cindy Lu <lulu@redhat.com>
Message-Id: <20211109023744.22387-1-lulu@redhat.com>
Acked-by: Jason Wang <jasowang@redhat.com
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
Commit: 9323f892b39d133eb69b301484bf7b2f3f49737d
https://github.com/qemu/qemu/commit/9323f892b39d133eb69b301484bf7b2f3f49737d
Author: Laurent Vivier <lvivier@redhat.com>
Date: 2021-11-28 (Sun, 28 Nov 2021)
Changed paths:
M hw/acpi/pcihp.c
Log Message:
-----------
failover: fix unplug pending detection
Failover needs to detect the end of the PCI unplug to start migration
after the VFIO card has been unplugged.
To do that, a flag is set in pcie_cap_slot_unplug_request_cb() and reset in
pcie_unplug_device().
But since
17858a169508 ("hw/acpi/ich9: Set ACPI PCI hot-plug as default on Q35")
we have switched to ACPI unplug and these functions are not called anymore
and the flag not set. So failover migration is not able to detect if card
is really unplugged and acts as it's done as soon as it's started. So it
doesn't wait the end of the unplug to start the migration. We don't see any
problem when we test that because ACPI unplug is faster than PCIe native
hotplug and when the migration really starts the unplug operation is
already done.
See c000a9bd06ea ("pci: mark device having guest unplug request pending")
a99c4da9fc2a ("pci: mark devices partially unplugged")
Signed-off-by: Laurent Vivier <lvivier@redhat.com>
Reviewed-by: Ani Sinha <ani@anisinha.ca>
Message-Id: <20211118133225.324937-4-lvivier@redhat.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
Commit: 846a1e85da646c6006db429648389fc110f92d75
https://github.com/qemu/qemu/commit/846a1e85da646c6006db429648389fc110f92d75
Author: Eugenio Pérez <eperezma@redhat.com>
Date: 2021-11-28 (Sun, 28 Nov 2021)
Changed paths:
M net/vhost-vdpa.c
Log Message:
-----------
vdpa: Add dummy receive callback
Qemu falls back on userland handlers even if vhost-user and vhost-vdpa
cases. These assumes a tap device can handle the packets.
If a vdpa device fail to start, it can trigger a sigsegv because of
that. Add dummy receiver that returns no progress so it can keep
running.
Fixes: 1e0a84ea49 ("vhost-vdpa: introduce vhost-vdpa net client")
Signed-off-by: Eugenio Pérez <eperezma@redhat.com>
Message-Id: <20211125101614.76927-2-eperezma@redhat.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
Acked-by: Jason Wang <jasowang@redhat.com>
Commit: 0fe7245d8b938f371556c100b0b6ec1d2b41e584
https://github.com/qemu/qemu/commit/0fe7245d8b938f371556c100b0b6ec1d2b41e584
Author: Jason Wang <jasowang@redhat.com>
Date: 2021-11-29 (Mon, 29 Nov 2021)
Changed paths:
M hw/virtio/virtio-balloon.c
Log Message:
-----------
virtio-balloon: process all in sgs for free_page_vq
We only process the first in sg which may lead to the bitmap of the
pages belongs to following sgs were not cleared. This may result more
pages to be migrated. Fixing this by process all in sgs for
free_page_vq.
Acked-by: David Hildenbrand <david@redhat.com>
Signed-off-by: Jason Wang <jasowang@redhat.com>
Message-Id: <20211129030841.3611-1-jasowang@redhat.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
Commit: d3f1f940ebe43403feb1d12e4b5b9236aba50cb9
https://github.com/qemu/qemu/commit/d3f1f940ebe43403feb1d12e4b5b9236aba50cb9
Author: Jason Wang <jasowang@redhat.com>
Date: 2021-11-29 (Mon, 29 Nov 2021)
Changed paths:
M hw/virtio/virtio-balloon.c
Log Message:
-----------
virtio-balloon: correct used length
Spec said:
"and len the total of bytes written into the buffer."
For inflateq, deflateq and statsq, we don't process in_sg so the used
length should be zero. For free_page_vq, tough the pages could be
changed by the device (in the destination), spec said:
"Note: len is particularly useful for drivers using untrusted buffers:
if a driver does not know exactly how much has been written by the
device, the driver would have to zero the buffer in advance to ensure
no data leakage occurs."
So 0 should be used as well here.
Signed-off-by: Jason Wang <jasowang@redhat.com>
Message-Id: <20211129030841.3611-2-jasowang@redhat.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
Reviewed-by: David Hildenbrand <david@redhat.com>
Commit: 0192d6677c383d812fb23f572fda4e449e89d3f1
https://github.com/qemu/qemu/commit/0192d6677c383d812fb23f572fda4e449e89d3f1
Author: Jason Wang <jasowang@redhat.com>
Date: 2021-11-29 (Mon, 29 Nov 2021)
Changed paths:
M hw/i386/intel_iommu.c
M hw/i386/intel_iommu_internal.h
Log Message:
-----------
intel-iommu: ignore leaf SNP bit in scalable mode
When booting with scalable mode, I hit this error:
qemu-system-x86_64: vtd_iova_to_slpte: detected splte reserve non-zero
iova=0xfffff002, level=0x1slpte=0x102681803)
qemu-system-x86_64: vtd_iommu_translate: detected translation failure
(dev=01:00:00, iova=0xfffff002)
qemu-system-x86_64: New fault is not recorded due to compression of faults
This is because the SNP bit is set for second level page table since
Linux kernel commit 6c00612d0cba1 ("iommu/vt-d: Report right snoop
capability when using FL for IOVA") even if SC is not supported by the
hardware.
To unbreak the guest, ignore the leaf SNP bit for scalable mode
first. In the future we may consider to add SC support.
Signed-off-by: Jason Wang <jasowang@redhat.com>
Message-Id: <20211129033618.3857-1-jasowang@redhat.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
Reviewed-by: Peter Xu <peterx@redhat.com>
Commit: bacf58ca18f06f0b464466bf8c19945f19791feb
https://github.com/qemu/qemu/commit/bacf58ca18f06f0b464466bf8c19945f19791feb
Author: Daniella Lee <daniellalee111@gmail.com>
Date: 2021-11-29 (Mon, 29 Nov 2021)
Changed paths:
M hw/pci/pcie.c
Log Message:
-----------
Fix bad overflow check in hw/pci/pcie.c
Orginal qemu commit hash:14d02cfbe4adaeebe7cb833a8cc71191352cf03b
In function pcie_add_capability, an assert contains the
"offset < offset + size" expression.
Both variable offset and variable size are uint16_t,
the comparison is always true due to type promotion.
The next expression may be the same.
It might be like this:
Thread 1 "qemu-system-x86" hit Breakpoint 1, pcie_add_capability (
dev=0x555557ce5f10, cap_id=1, cap_ver=2 '\002', offset=256, size=72)
at ../hw/pci/pcie.c:930
930 {
(gdb) n
931 assert(offset >= PCI_CONFIG_SPACE_SIZE);
(gdb) n
932 assert(offset < offset + size);
(gdb) p offset
$1 = 256
(gdb) p offset < offset + size
$2 = 1
(gdb) set offset=65533
(gdb) p offset < offset + size
$3 = 1
(gdb) p offset < (uint16_t)(offset + size)
$4 = 0
Signed-off-by: Daniella Lee <daniellalee111@gmail.com>
Message-Id: <20211126061324.47331-1-daniellalee111@gmail.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
Commit: b1641c50975c5f9e5fdbd651ab63386716a0eb38
https://github.com/qemu/qemu/commit/b1641c50975c5f9e5fdbd651ab63386716a0eb38
Author: Richard Henderson <richard.henderson@linaro.org>
Date: 2021-11-29 (Mon, 29 Nov 2021)
Changed paths:
M hw/acpi/pcihp.c
M hw/i386/intel_iommu.c
M hw/i386/intel_iommu_internal.h
M hw/pci/pcie.c
M hw/virtio/virtio-balloon.c
M hw/virtio/virtio-mmio.c
M net/vhost-vdpa.c
Log Message:
-----------
Merge tag 'for_upstream' of git://git.kernel.org/pub/scm/virt/kvm/mst/qemu
into staging
virtio,pci,pc: bugfixes
Lots of small fixes all over the place.
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
# gpg: Signature made Mon 29 Nov 2021 02:50:06 PM CET
# gpg: using RSA key 5D09FD0871C8F85B94CA8A0D281F0DB8D28D5469
# gpg: issuer "mst@redhat.com"
# gpg: Good signature from "Michael S. Tsirkin <mst@kernel.org>" [full]
# gpg: aka "Michael S. Tsirkin <mst@redhat.com>" [full]
* tag 'for_upstream' of git://git.kernel.org/pub/scm/virt/kvm/mst/qemu:
Fix bad overflow check in hw/pci/pcie.c
intel-iommu: ignore leaf SNP bit in scalable mode
virtio-balloon: correct used length
virtio-balloon: process all in sgs for free_page_vq
vdpa: Add dummy receive callback
failover: fix unplug pending detection
virtio-mmio : fix the crash in the vm shutdown
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Compare: https://github.com/qemu/qemu/compare/e750c10167fa...b1641c50975c