[Qemu-devel] [Bug 1314857] Re: seg fault in ivshmem when using ioeventfd=on

[Thomas Huth]

Fix had been included here:
https://git.qemu.org/?p=qemu.git;a=commitdiff;h=e9d21c436f716603b3

** Changed in: qemu
       Status: New => Fix Released

-- 
You received this bug notification because you are a member of qemu-
devel-ml, which is subscribed to QEMU.
https://bugs.launchpad.net/bugs/1314857

Title:
  seg fault in ivshmem when using ioeventfd=on

Status in QEMU:
  Fix Released
Status in qemu-kvm package in Ubuntu:
  Confirmed

Bug description:
  When launching qemu with the ivshmem device and the nahanni guest
  server there is segmentation fault in the setup_ioeventfds function of
  ivshmem.c. If the ioeventfd=on flag is set the pci_ivshmem_init will
  call setup_ioeventfds at line 668. This function relies on the 'peers'
  member of the server info which is not allocated until line 669.

  To reproduce you will need the nahanni guest server code. The driver
  code is not needed. You will also need a qcow2 or other bootable image
  to use for launching qemu. The error occurs before the actual image
  launch.

  Start the nahanni ivshmem server with a small global memory space ( although 
the bug is not allocation specific )
  ivshmem -m 1 -n 2 -p /tmp/ivshmem_socket

  Next launch qemu with initialization for the ivshmem device.
  qemu-system-x86_64 -hda test_iso.qcow2 -localtime -boot c -chardev 
socket,path="/tmp/ivshmem_socket",id=ivshmem_socket -device 
ivshmem,chardev=ivshmem_socket,size=1,ioeventfd=on

  If gdb is used the following error is recorded:
  Program received signal SIGSEGV, Segmentation fault.
  0x000055555579dd52 in setup_ioeventfds (s=0x555556619580)
      at /home/genes/work/ubuntu/qemu-kvm-1.0+noroms/hw/ivshmem.c:367
  367             for (j = 0; j < s->peers[i].nb_eventfds; j++) {
  (gdb) print s->peers
  $2 = (Peer *) 0x0

To manage notifications about this bug go to:
https://bugs.launchpad.net/qemu/+bug/1314857/+subscriptions