[Qemu-devel] [Bug ?]Qemu segfault because of non-initial kvm_state variable

Tue, 03 Mar 2015 00:03:08 -0800 

Hi,

I encountered a Qemu segfault problem in my environment. 

# ./qemu-system-x86_64 -enable-kvm -m 4096 -smp 4 -name redhat6.2 -drive 
file=/home/win2008_ent_r2_64_01,\
 if=none,id=drive-ide0-0-0 -device 
ide-hd,bus=ide.0,unit=0,drive=drive-ide0-0-0,id=ide0-0-0 -vnc :10 
Segmentation fault

Some information by gdb:

Breakpoint 1, kvm_init (ms=0x5555563336c0) at 
/mnt/sdb/gonglei/qemu/kvm-all.c:1415
1415    {
(gdb) until 1515
kvm_init (ms=0x5555563336c0) at /mnt/sdb/gonglei/qemu/kvm-all.c:1518
1518            ret = kvm_ioctl(s, KVM_CREATE_VM, type);
(gdb) n
1519        } while (ret == -EINTR);
(gdb) 
1521        if (ret < 0) {
(gdb) 
1532        s->vmfd = ret;
(gdb) 
1533        missing_cap = kvm_check_extension_list(s, kvm_required_capabilites);
(gdb) 
1534        if (!missing_cap) {
(gdb) 
1535            missing_cap =
(gdb) 
1538        if (missing_cap) {
(gdb) 
1545        s->coalesced_mmio = kvm_check_extension(s, KVM_CAP_COALESCED_MMIO);
(gdb) 
1547        s->broken_set_mem_region = 1;
(gdb) 
1548        ret = kvm_check_extension(s, KVM_CAP_JOIN_MEMORY_REGIONS_WORKS);
(gdb) 
1549        if (ret > 0) {
(gdb) 
1550            s->broken_set_mem_region = 0;
(gdb) 
1554        s->vcpu_events = kvm_check_extension(s, KVM_CAP_VCPU_EVENTS);
(gdb) 
1557        s->robust_singlestep =
(gdb) 
1561        s->debugregs = kvm_check_extension(s, KVM_CAP_DEBUGREGS);
(gdb) 
1565        s->xsave = kvm_check_extension(s, KVM_CAP_XSAVE);
(gdb) 
1569        s->xcrs = kvm_check_extension(s, KVM_CAP_XCRS);
(gdb) 

Program received signal SIGSEGV, Segmentation fault.
[Switching to Thread 0x7ffff2f5a700 (LWP 32476)]
0x00005555556502c3 in kvm_flush_coalesced_mmio_buffer () at 
/mnt/sdb/gonglei/qemu/kvm-all.c:1682
1682        if (s->coalesced_flush_in_progress) {
(gdb) bt
#0  0x00005555556502c3 in kvm_flush_coalesced_mmio_buffer () at 
/mnt/sdb/gonglei/qemu/kvm-all.c:1682
#1  0x00005555555fc192 in qemu_flush_coalesced_mmio_buffer () at 
/mnt/sdb/gonglei/qemu/exec.c:1066
#2  0x0000555555658dc0 in memory_region_clear_coalescing (mr=0x555555e4ed00 
<io_mem_watch>) at /mnt/sdb/gonglei/qemu/memory.c:1524
#3  0x00005555556578a0 in memory_region_finalize (obj=0x555555e4ed00 
<io_mem_watch>) at /mnt/sdb/gonglei/qemu/memory.c:1253
#4  0x00005555558e5294 in object_deinit (obj=0x555555e4ed00 <io_mem_watch>, 
type=0x55555630c350) at qom/object.c:399
#5  0x00005555558e5313 in object_finalize (data=0x555555e4ed00 <io_mem_watch>) 
at qom/object.c:413
#6  0x00005555558e5edc in object_unref (obj=0x555555e4ed00 <io_mem_watch>) at 
qom/object.c:720
#7  0x00005555556579d3 in memory_region_unref (mr=0x555555e4ed00 
<io_mem_watch>) at /mnt/sdb/gonglei/qemu/memory.c:1290
#8  0x00005555555fb6dc in phys_section_destroy (mr=0x555555e4ed00 
<io_mem_watch>) at /mnt/sdb/gonglei/qemu/exec.c:968
#9  0x00005555555fb78a in phys_sections_free (map=0x555556334548) at 
/mnt/sdb/gonglei/qemu/exec.c:981
#10 0x00005555555ff418 in address_space_dispatch_free (d=0x555556334530) at 
/mnt/sdb/gonglei/qemu/exec.c:2115
#11 0x00005555559e3d91 in call_rcu_thread (opaque=0x0) at util/rcu.c:256
#12 0x00007ffff57297b6 in start_thread () from /lib64/libpthread.so.0
#13 0x00007ffff5484d6d in clone () from /lib64/libc.so.6
#14 0x0000000000000000 in ?? ()
(gdb)

It's abviousely the global variable kvm_state hasn't be valued, but accessed by 
vcpu thread.

And dmesg show:

[16356.371372] qemu-system-x86[32410]: segfault at 50 ip 00007fa1214092c3 sp 
00007fa11c267940 error 4 in qemu-system-x86_64[7fa12130d000+5bd000] 

If you need some other infomation, please let me know.

Regards,
-Gonglei

Reply via email to