Re: [PATCH v8 34/50] vhost/net: virtio 1.0 byte swap
On Wed, Jan 07, 2015 at 09:31:05AM +0100, Greg Kurz wrote: On Tue, 06 Jan 2015 16:55:30 -0700 Alex Williamson alex.william...@redhat.com wrote: On Mon, 2014-12-01 at 18:05 +0200, Michael S. Tsirkin wrote: I had to add an explicit tag to suppress compiler warning: gcc isn't smart enough to notice that len is always initialized since function is called with size 0. I'm getting a panic inside a guest when this change is applied on the host. I identified this patch via bisect and confirmed by reverting it from v3.19-rc2. Guest is centos6. Thanks, Alex commit 8b38694a2dc8b18374310df50174f1e4376d6824 Author: Michael S. Tsirkin m...@redhat.com Date: Fri Oct 24 14:19:48 2014 +0300 vhost/net: virtio 1.0 byte swap I had to add an explicit tag to suppress compiler warning: gcc isn't smart enough to notice that len is always initialized since function is called with size 0. Signed-off-by: Michael S. Tsirkin m...@redhat.com Reviewed-by: Cornelia Huck cornelia.h...@de.ibm.com This chunk looks suspicious: - heads[headcount - 1].len += datalen; + heads[headcount - 1].len = cpu_to_vhost32(vq, len - datalen); s/len - datalen/len + datalen/ ? Indeed! I just sent a patch fixing this, thanks a lot. XML chunk: interface type='direct' mac address='52:54:00:64:f3:34'/ source dev='iscsinet0' mode='bridge'/ model type='virtio'/ address type='pci' domain='0x' bus='0x00' slot='0x03' function='0x0'/ /interface Panic log: 1BUG: unable to handle kernel NULL pointer dereference at 0010 1IP: [a0079469] virtnet_poll+0x4f9/0x910 [virtio_net] 4PGD 1aa2f4067 PUD 1aa2f5067 PMD 0 4Oops: [#1] SMP 4last sysfs file: /sys/devices/pci:00/:00:03.0/virtio0/net/eth9/ifindex 4CPU 0 4Modules linked in: 8021q garp stp llc ipt_REJECT nf_conntrack_ipv4 nf_defrag_ipv4 iptable_filter ip_tables ip6t_REJECT nf_conntrack_ipv6 nf_defrag_ipv6 xt_state nf_conntrack ip6table_filter ip6_tables ipv6 uinput microcode snd_hda_codec_realtek snd_hda_intel snd_hda_codec snd_hwdep snd_seq snd_seq_device snd_pcm snd_timer snd soundcore snd_page_alloc igbvf nvidia(P)(U) i2c_core tg3 ptp pps_core virtio_balloon virtio_net virtio_console ext4 jbd2 mbcache virtio_blk virtio_pci virtio_ring virtio pata_acpi ata_generic ata_piix dm_mirror dm_region_hash dm_log dm_mod [last unloaded: speedstep_lib] 4 4Pid: 1374, comm: NetworkManager Tainted: P --- 2.6.32-431.23.3.el6.centos.plus.x86_64 #1 QEMU Standard PC (i440FX + PIIX, 1996) 4RIP: 0010:[a0079469] [a0079469] virtnet_poll+0x4f9/0x910 [virtio_net] 4RSP: 0018:880028203e48 EFLAGS: 00010246 4RAX: 8801a3383d00 RBX: 8801a6aaf480 RCX: 8801aa20b6e0 4RDX: 00c0 RSI: 8801a3383c00 RDI: 8801a3383cc0 4RBP: 880028203ed8 R08: 009e R09: 8801aa1d800c 4R10: 0218 R11: R12: 8801aa20b6e0 4R13: R14: R15: 4FS: 7febf114d800() GS:88002820() knlGS: 4CS: 0010 DS: ES: CR0: 80050033 4CR2: 0010 CR3: 0001aa793000 CR4: 06f0 4DR0: DR1: DR2: 4DR3: DR6: 0ff0 DR7: 0400 4Process NetworkManager (pid: 1374, threadinfo 8801a74ba000, task 8801a8d56040) 4Stack: 4 8801aa1d8000 009e 8801aa20b6e0 8801aa20b718 4d 8801aa20b780 8801aa1d800c 8801a6aaf4b8 8801aa20b020 4d 0080 8801aa20b708 0001 1f5981a830c8 4Call Trace: 4 IRQ 4 [8146ae33] net_rx_action+0x103/0x2f0 4 [8107a5f1] __do_softirq+0xc1/0x1e0 4 [8100c30c] ? call_softirq+0x1c/0x30 4 [8100c30c] call_softirq+0x1c/0x30 4 EOI 4 [8100fa75] ? do_softirq+0x65/0xa0 4 [8107b2ea] local_bh_enable+0x9a/0xb0 4 [a007813a] virtnet_napi_enable+0x4a/0x60 [virtio_net] 4 [a0078ebf] virtnet_open+0x4f/0x60 [virtio_net] 4 [81467691] dev_open+0xa1/0x100 4 [81466751] dev_change_flags+0xa1/0x1d0 4 [81474a59] do_setlink+0x169/0x8b0 4 [814770b6] ? rtnl_fill_ifinfo+0x946/0xcb0 4 [812a3d24] ? nla_parse+0x34/0x110 4 [8147659e] rtnl_setlink+0xee/0x130 4 [81475b67] rtnetlink_rcv_msg+0x2d7/0x340 4 [81231e14] ? socket_has_perm+0x74/0x90 4 [81475890] ? rtnetlink_rcv_msg+0x0/0x340 4 [814910a9] netlink_rcv_skb+0xa9/0xd0 4 [81475875] rtnetlink_rcv+0x25/0x40 4 [81490cdb] netlink_unicast+0x2db/0x320 4 [81491750] netlink_sendmsg+0x2c0/0x3d0 4 [814520c3] sock_sendmsg+0x123/0x150 4 [81453d73]
Re: [PATCH v8 34/50] vhost/net: virtio 1.0 byte swap
On Tue, 06 Jan 2015 16:55:30 -0700 Alex Williamson alex.william...@redhat.com wrote: On Mon, 2014-12-01 at 18:05 +0200, Michael S. Tsirkin wrote: I had to add an explicit tag to suppress compiler warning: gcc isn't smart enough to notice that len is always initialized since function is called with size 0. I'm getting a panic inside a guest when this change is applied on the host. I identified this patch via bisect and confirmed by reverting it from v3.19-rc2. Guest is centos6. Thanks, Alex commit 8b38694a2dc8b18374310df50174f1e4376d6824 Author: Michael S. Tsirkin m...@redhat.com Date: Fri Oct 24 14:19:48 2014 +0300 vhost/net: virtio 1.0 byte swap I had to add an explicit tag to suppress compiler warning: gcc isn't smart enough to notice that len is always initialized since function is called with size 0. Signed-off-by: Michael S. Tsirkin m...@redhat.com Reviewed-by: Cornelia Huck cornelia.h...@de.ibm.com This chunk looks suspicious: - heads[headcount - 1].len += datalen; + heads[headcount - 1].len = cpu_to_vhost32(vq, len - datalen); s/len - datalen/len + datalen/ ? XML chunk: interface type='direct' mac address='52:54:00:64:f3:34'/ source dev='iscsinet0' mode='bridge'/ model type='virtio'/ address type='pci' domain='0x' bus='0x00' slot='0x03' function='0x0'/ /interface Panic log: 1BUG: unable to handle kernel NULL pointer dereference at 0010 1IP: [a0079469] virtnet_poll+0x4f9/0x910 [virtio_net] 4PGD 1aa2f4067 PUD 1aa2f5067 PMD 0 4Oops: [#1] SMP 4last sysfs file: /sys/devices/pci:00/:00:03.0/virtio0/net/eth9/ifindex 4CPU 0 4Modules linked in: 8021q garp stp llc ipt_REJECT nf_conntrack_ipv4 nf_defrag_ipv4 iptable_filter ip_tables ip6t_REJECT nf_conntrack_ipv6 nf_defrag_ipv6 xt_state nf_conntrack ip6table_filter ip6_tables ipv6 uinput microcode snd_hda_codec_realtek snd_hda_intel snd_hda_codec snd_hwdep snd_seq snd_seq_device snd_pcm snd_timer snd soundcore snd_page_alloc igbvf nvidia(P)(U) i2c_core tg3 ptp pps_core virtio_balloon virtio_net virtio_console ext4 jbd2 mbcache virtio_blk virtio_pci virtio_ring virtio pata_acpi ata_generic ata_piix dm_mirror dm_region_hash dm_log dm_mod [last unloaded: speedstep_lib] 4 4Pid: 1374, comm: NetworkManager Tainted: P --- 2.6.32-431.23.3.el6.centos.plus.x86_64 #1 QEMU Standard PC (i440FX + PIIX, 1996) 4RIP: 0010:[a0079469] [a0079469] virtnet_poll+0x4f9/0x910 [virtio_net] 4RSP: 0018:880028203e48 EFLAGS: 00010246 4RAX: 8801a3383d00 RBX: 8801a6aaf480 RCX: 8801aa20b6e0 4RDX: 00c0 RSI: 8801a3383c00 RDI: 8801a3383cc0 4RBP: 880028203ed8 R08: 009e R09: 8801aa1d800c 4R10: 0218 R11: R12: 8801aa20b6e0 4R13: R14: R15: 4FS: 7febf114d800() GS:88002820() knlGS: 4CS: 0010 DS: ES: CR0: 80050033 4CR2: 0010 CR3: 0001aa793000 CR4: 06f0 4DR0: DR1: DR2: 4DR3: DR6: 0ff0 DR7: 0400 4Process NetworkManager (pid: 1374, threadinfo 8801a74ba000, task 8801a8d56040) 4Stack: 4 8801aa1d8000 009e 8801aa20b6e0 8801aa20b718 4d 8801aa20b780 8801aa1d800c 8801a6aaf4b8 8801aa20b020 4d 0080 8801aa20b708 0001 1f5981a830c8 4Call Trace: 4 IRQ 4 [8146ae33] net_rx_action+0x103/0x2f0 4 [8107a5f1] __do_softirq+0xc1/0x1e0 4 [8100c30c] ? call_softirq+0x1c/0x30 4 [8100c30c] call_softirq+0x1c/0x30 4 EOI 4 [8100fa75] ? do_softirq+0x65/0xa0 4 [8107b2ea] local_bh_enable+0x9a/0xb0 4 [a007813a] virtnet_napi_enable+0x4a/0x60 [virtio_net] 4 [a0078ebf] virtnet_open+0x4f/0x60 [virtio_net] 4 [81467691] dev_open+0xa1/0x100 4 [81466751] dev_change_flags+0xa1/0x1d0 4 [81474a59] do_setlink+0x169/0x8b0 4 [814770b6] ? rtnl_fill_ifinfo+0x946/0xcb0 4 [812a3d24] ? nla_parse+0x34/0x110 4 [8147659e] rtnl_setlink+0xee/0x130 4 [81475b67] rtnetlink_rcv_msg+0x2d7/0x340 4 [81231e14] ? socket_has_perm+0x74/0x90 4 [81475890] ? rtnetlink_rcv_msg+0x0/0x340 4 [814910a9] netlink_rcv_skb+0xa9/0xd0 4 [81475875] rtnetlink_rcv+0x25/0x40 4 [81490cdb] netlink_unicast+0x2db/0x320 4 [81491750] netlink_sendmsg+0x2c0/0x3d0 4 [814520c3] sock_sendmsg+0x123/0x150 4 [81453d73] ? sock_recvmsg+0x133/0x160 4 [8109afa0] ? autoremove_wake_function+0x0/0x40 4 [81136941] ? lru_cache_add_lru+0x21/0x40 4 [8115522d] ? page_add_new_anon_rmap+0x9d/0xf0 4 [8114aeef] ?
Re: [PATCH v8 34/50] vhost/net: virtio 1.0 byte swap
On Mon, 2014-12-01 at 18:05 +0200, Michael S. Tsirkin wrote: I had to add an explicit tag to suppress compiler warning: gcc isn't smart enough to notice that len is always initialized since function is called with size 0. I'm getting a panic inside a guest when this change is applied on the host. I identified this patch via bisect and confirmed by reverting it from v3.19-rc2. Guest is centos6. Thanks, Alex commit 8b38694a2dc8b18374310df50174f1e4376d6824 Author: Michael S. Tsirkin m...@redhat.com Date: Fri Oct 24 14:19:48 2014 +0300 vhost/net: virtio 1.0 byte swap I had to add an explicit tag to suppress compiler warning: gcc isn't smart enough to notice that len is always initialized since function is called with size 0. Signed-off-by: Michael S. Tsirkin m...@redhat.com Reviewed-by: Cornelia Huck cornelia.h...@de.ibm.com XML chunk: interface type='direct' mac address='52:54:00:64:f3:34'/ source dev='iscsinet0' mode='bridge'/ model type='virtio'/ address type='pci' domain='0x' bus='0x00' slot='0x03' function='0x0'/ /interface Panic log: 1BUG: unable to handle kernel NULL pointer dereference at 0010 1IP: [a0079469] virtnet_poll+0x4f9/0x910 [virtio_net] 4PGD 1aa2f4067 PUD 1aa2f5067 PMD 0 4Oops: [#1] SMP 4last sysfs file: /sys/devices/pci:00/:00:03.0/virtio0/net/eth9/ifindex 4CPU 0 4Modules linked in: 8021q garp stp llc ipt_REJECT nf_conntrack_ipv4 nf_defrag_ipv4 iptable_filter ip_tables ip6t_REJECT nf_conntrack_ipv6 nf_defrag_ipv6 xt_state nf_conntrack ip6table_filter ip6_tables ipv6 uinput microcode snd_hda_codec_realtek snd_hda_intel snd_hda_codec snd_hwdep snd_seq snd_seq_device snd_pcm snd_timer snd soundcore snd_page_alloc igbvf nvidia(P)(U) i2c_core tg3 ptp pps_core virtio_balloon virtio_net virtio_console ext4 jbd2 mbcache virtio_blk virtio_pci virtio_ring virtio pata_acpi ata_generic ata_piix dm_mirror dm_region_hash dm_log dm_mod [last unloaded: speedstep_lib] 4 4Pid: 1374, comm: NetworkManager Tainted: P --- 2.6.32-431.23.3.el6.centos.plus.x86_64 #1 QEMU Standard PC (i440FX + PIIX, 1996) 4RIP: 0010:[a0079469] [a0079469] virtnet_poll+0x4f9/0x910 [virtio_net] 4RSP: 0018:880028203e48 EFLAGS: 00010246 4RAX: 8801a3383d00 RBX: 8801a6aaf480 RCX: 8801aa20b6e0 4RDX: 00c0 RSI: 8801a3383c00 RDI: 8801a3383cc0 4RBP: 880028203ed8 R08: 009e R09: 8801aa1d800c 4R10: 0218 R11: R12: 8801aa20b6e0 4R13: R14: R15: 4FS: 7febf114d800() GS:88002820() knlGS: 4CS: 0010 DS: ES: CR0: 80050033 4CR2: 0010 CR3: 0001aa793000 CR4: 06f0 4DR0: DR1: DR2: 4DR3: DR6: 0ff0 DR7: 0400 4Process NetworkManager (pid: 1374, threadinfo 8801a74ba000, task 8801a8d56040) 4Stack: 4 8801aa1d8000 009e 8801aa20b6e0 8801aa20b718 4d 8801aa20b780 8801aa1d800c 8801a6aaf4b8 8801aa20b020 4d 0080 8801aa20b708 0001 1f5981a830c8 4Call Trace: 4 IRQ 4 [8146ae33] net_rx_action+0x103/0x2f0 4 [8107a5f1] __do_softirq+0xc1/0x1e0 4 [8100c30c] ? call_softirq+0x1c/0x30 4 [8100c30c] call_softirq+0x1c/0x30 4 EOI 4 [8100fa75] ? do_softirq+0x65/0xa0 4 [8107b2ea] local_bh_enable+0x9a/0xb0 4 [a007813a] virtnet_napi_enable+0x4a/0x60 [virtio_net] 4 [a0078ebf] virtnet_open+0x4f/0x60 [virtio_net] 4 [81467691] dev_open+0xa1/0x100 4 [81466751] dev_change_flags+0xa1/0x1d0 4 [81474a59] do_setlink+0x169/0x8b0 4 [814770b6] ? rtnl_fill_ifinfo+0x946/0xcb0 4 [812a3d24] ? nla_parse+0x34/0x110 4 [8147659e] rtnl_setlink+0xee/0x130 4 [81475b67] rtnetlink_rcv_msg+0x2d7/0x340 4 [81231e14] ? socket_has_perm+0x74/0x90 4 [81475890] ? rtnetlink_rcv_msg+0x0/0x340 4 [814910a9] netlink_rcv_skb+0xa9/0xd0 4 [81475875] rtnetlink_rcv+0x25/0x40 4 [81490cdb] netlink_unicast+0x2db/0x320 4 [81491750] netlink_sendmsg+0x2c0/0x3d0 4 [814520c3] sock_sendmsg+0x123/0x150 4 [81453d73] ? sock_recvmsg+0x133/0x160 4 [8109afa0] ? autoremove_wake_function+0x0/0x40 4 [81136941] ? lru_cache_add_lru+0x21/0x40 4 [8115522d] ? page_add_new_anon_rmap+0x9d/0xf0 4 [8114aeef] ? handle_pte_fault+0x4af/0xb00 4 [81451f14] ? move_addr_to_kernel+0x64/0x70 4 [814538b6] __sys_sendmsg+0x406/0x420 4 [8104a98c] ? __do_page_fault+0x1ec/0x480 4 [814523d9] ? sys_sendto+0x139/0x190 4 [8103ea6c] ? kvm_clock_read+0x1c/0x20 4 [81453ad9] sys_sendmsg+0x49/0x90 4 [8100b072] system_call_fastpath+0x16/0x1b 4Code: 83 e0
