[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Qemu-devel] [Bug 1405385] [NEW] QEMU crashes when virtio network cards
|
From: |
Bram Klein Gunnewiek |
|
Subject: |
[Qemu-devel] [Bug 1405385] [NEW] QEMU crashes when virtio network cards are used together with e1000 network cards |
|
Date: |
Wed, 24 Dec 2014 10:21:08 -0000 |
Public bug reported:
QEMU version: QEMU emulator version 2.2.50, Copyright (c) 2003-2008 Fabrice
Bellard
QEMU GIT version: ab0302ee764fd702465aef6d88612cdff4302809
Configure flags: ./configure --enable-kvm --prefix=/opt/qemu-devel
Linux version: Ubuntu 14.04.1 LTS
Kernel version: 3.13.0-43-generic #72-Ubuntu SMP Mon Dec 8 19:35:06 UTC 2014
x86_64 x86_64 x86_64 GNU/Linux
Problem:
QEMU crashes when using one (or more) virtio network cards
together with one (or more) e1000 (and possibly others) network cards
when those cards are bound to a linux bridge. When the cards are *not*
bound to a bridge QEMU does not crash.
Bridge configuration:
iface bridge0 inet dhcp
bridge_ports eth1
bridge_stp off
bridge_fd 0
Start-up command (including binding the network cards to the bridge +
strace logging):
./qemu-system-x86_64 -daemonize -smp 1 -m 128 -vnc 0.0.0.0:0 \
-netdev tap,id=tap_1,script=no,downscript=no,ifname=net_1_1,vhost=on \
-device virtio-net-pci,bootindex=1,id=nic_1,netdev=tap_1,mac=02:16:3F:00:00:FA \
-netdev tap,id=tap_2,script=no,downscript=no,ifname=net_1_2 \
-device e1000,bootindex=2,id=nic_2,netdev=tap_2,mac=02:16:3F:00:00:FB; \
brctl addif bridge0 net_1_1; \
brctl addif bridge0 net_1_2; \
ifconfig net_1_1 0.0.0.0 up; \
ifconfig net_1_2 0.0.0.0 up; \
sleep 2; \
strace -p `ps x |grep qemu-system-x86_64 |grep -v grep|awk '{print $1}'` -o
/tmp/qemu-devel-trace.txt
Kernel log:
Dec 24 11:12:08 bramws kernel: [12466.885581] device net_1_1 entered
promiscuous mode
Dec 24 11:12:08 bramws kernel: [12466.886238] device net_1_2 entered
promiscuous mode
Dec 24 11:12:08 bramws kernel: [12466.887084] bridge0: port 2(net_1_1) entered
forwarding state
Dec 24 11:12:08 bramws kernel: [12466.887089] bridge0: port 2(net_1_1) entered
forwarding state
Dec 24 11:12:08 bramws kernel: [12466.888940] bridge0: port 3(net_1_2) entered
forwarding state
Dec 24 11:12:08 bramws kernel: [12466.888947] bridge0: port 3(net_1_2) entered
forwarding state
Dec 24 11:12:29 bramws kernel: [12488.026376] bridge0: port 2(net_1_1) entered
disabled state
Dec 24 11:12:29 bramws kernel: [12488.026820] device net_1_1 left promiscuous
mode
Dec 24 11:12:29 bramws kernel: [12488.026832] bridge0: port 2(net_1_1) entered
disabled state
Dec 24 11:12:29 bramws kernel: [12488.049636] bridge0: port 3(net_1_2) entered
disabled state
Dec 24 11:12:29 bramws kernel: [12488.050058] device net_1_2 left promiscuous
mode
Dec 24 11:12:29 bramws kernel: [12488.050074] bridge0: port 3(net_1_2) entered
disabled state
Strace log: (full log attached)
ppoll([{fd=13, events=POLLIN|POLLERR|POLLHUP}, {fd=7,
events=POLLIN|POLLERR|POLLHUP}, {fd=12, events=POLLIN|POLLERR|POLLHUP}, {fd=3,
events=POLLIN|POLLERR|POLLHUP}, {fd=6, events=POLLIN}, {fd=5, events=POLLIN}],
6, {0, 28646613}, NULL, 8) = 0 (Timeout)
write(5, "\1\0\0\0\0\0\0\0", 8) = 8
ppoll([{fd=13, events=POLLIN|POLLERR|POLLHUP}, {fd=7,
events=POLLIN|POLLERR|POLLHUP}, {fd=12, events=POLLIN|POLLERR|POLLHUP}, {fd=3,
events=POLLIN|POLLERR|POLLHUP}, {fd=6, events=POLLIN}, {fd=5, events=POLLIN}],
6, {0, 10899760}, NULL, 8) = 1 ([{fd=5, revents=POLLIN}], left {0, 10895457})
write(6, "\1\0\0\0\0\0\0\0", 8) = 8
read(5, "\1\0\0\0\0\0\0\0", 512) = 8
write(6, "\1\0\0\0\0\0\0\0", 8) = 8
ppoll([{fd=13, events=POLLIN|POLLERR|POLLHUP}, {fd=7,
events=POLLIN|POLLERR|POLLHUP}, {fd=12, events=POLLIN|POLLERR|POLLHUP}, {fd=3,
events=POLLIN|POLLERR|POLLHUP}, {fd=6, events=POLLIN}, {fd=5, events=POLLIN}],
6, {0, 0}, NULL, 8) = 1 ([{fd=6, revents=POLLIN}], left {0, 0})
ppoll([{fd=13, events=POLLIN|POLLERR|POLLHUP}, {fd=7,
events=POLLIN|POLLERR|POLLHUP}, {fd=12, events=POLLIN|POLLERR|POLLHUP}, {fd=3,
events=POLLIN|POLLERR|POLLHUP}, {fd=6, events=POLLIN}, {fd=5, events=POLLIN}],
6, {0, 0}, NULL, 8) = 1 ([{fd=6, revents=POLLIN}], left {0, 0})
read(6, "\2\0\0\0\0\0\0\0", 16) = 8
ppoll([{fd=13, events=POLLIN|POLLERR|POLLHUP}, {fd=7,
events=POLLIN|POLLERR|POLLHUP}, {fd=12, events=POLLIN|POLLERR|POLLHUP}, {fd=3,
events=POLLIN|POLLERR|POLLHUP}, {fd=6, events=POLLIN}, {fd=5, events=POLLIN}],
6, {0, 0}, NULL, 8) = 0 (Timeout)
read(6, 0x7fff697320e0, 16) = -1 EAGAIN (Resource temporarily
unavailable)
ppoll([{fd=13, events=POLLIN|POLLERR|POLLHUP}, {fd=7,
events=POLLIN|POLLERR|POLLHUP}, {fd=12, events=POLLIN|POLLERR|POLLHUP}, {fd=3,
events=POLLIN|POLLERR|POLLHUP}, {fd=6, events=POLLIN}, {fd=5, events=POLLIN}],
6, {0, 9570429}, NULL, 8) = 0 (Timeout)
futex(0x7f011c8ef094, FUTEX_CMP_REQUEUE_PRIVATE, 1, 2147483647, 0x7f011aaa0860,
224) = 1
write(5, "\1\0\0\0\0\0\0\0", 8) = 8
write(5, "\1\0\0\0\0\0\0\0", 8) = 8
futex(0x7f011aaa0860, FUTEX_WAKE_PRIVATE, 1) = 1
ppoll([{fd=13, events=POLLIN|POLLERR|POLLHUP}, {fd=7,
events=POLLIN|POLLERR|POLLHUP}, {fd=12, events=POLLIN|POLLERR|POLLHUP}, {fd=3,
events=POLLIN|POLLERR|POLLHUP}, {fd=6, events=POLLIN}, {fd=5, events=POLLIN}],
6, {0, 54463396}, NULL, 8) = 1 ([{fd=5, revents=POLLIN}], left {0, 54459649})
tgkill(7779, 7784, SIGUSR1) = 0
futex(0x7f011aaa0824, FUTEX_CMP_REQUEUE_PRIVATE, 1, 2147483647, 0x7f011aaa0860,
1650) = 1
write(6, "\1\0\0\0\0\0\0\0", 8) = 8
read(5, "\2\0\0\0\0\0\0\0", 512) = 8
write(6, "\1\0\0\0\0\0\0\0", 8) = 8
ppoll([{fd=13, events=POLLIN|POLLERR|POLLHUP}, {fd=7,
events=POLLIN|POLLERR|POLLHUP}, {fd=12, events=POLLIN|POLLERR|POLLHUP}, {fd=3,
events=POLLIN|POLLERR|POLLHUP}, {fd=6, events=POLLIN}, {fd=5, events=POLLIN}],
6, {0, 0}, NULL, 8) = 1 ([{fd=6, revents=POLLIN}], left {0, 0})
ppoll([{fd=13, events=POLLIN|POLLERR|POLLHUP}, {fd=7,
events=POLLIN|POLLERR|POLLHUP}, {fd=12, events=POLLIN|POLLERR|POLLHUP}, {fd=3,
events=POLLIN|POLLERR|POLLHUP}, {fd=6, events=POLLIN}, {fd=5, events=POLLIN}],
6, {0, 0}, NULL, 8) = 1 ([{fd=6, revents=POLLIN}], left {0, 0})
read(6, "\2\0\0\0\0\0\0\0", 16) = 8
ppoll([{fd=13, events=POLLIN|POLLERR|POLLHUP}, {fd=7,
events=POLLIN|POLLERR|POLLHUP}, {fd=12, events=POLLIN|POLLERR|POLLHUP}, {fd=3,
events=POLLIN|POLLERR|POLLHUP}, {fd=6, events=POLLIN}, {fd=5, events=POLLIN}],
6, {0, 0}, NULL, 8) = 0 (Timeout)
read(6, 0x7fff697320e0, 16) = -1 EAGAIN (Resource temporarily
unavailable)
futex(0x7f011aaa0860, FUTEX_WAKE_PRIVATE, 1) = 1
ppoll([{fd=13, events=POLLIN|POLLERR|POLLHUP}, {fd=7,
events=POLLIN|POLLERR|POLLHUP}, {fd=12, events=POLLIN|POLLERR|POLLHUP}, {fd=3,
events=POLLIN|POLLERR|POLLHUP}, {fd=6, events=POLLIN}, {fd=5, events=POLLIN}],
6, {0, 53843633}, NULL, 8 <unfinished ...>
+++ killed by SIGABRT +++
** Affects: qemu
Importance: Undecided
Status: New
** Attachment added: "qemu-devel-trace.txt"
https://bugs.launchpad.net/bugs/1405385/+attachment/4286946/+files/qemu-devel-trace.txt
--
You received this bug notification because you are a member of qemu-
devel-ml, which is subscribed to QEMU.
https://bugs.launchpad.net/bugs/1405385
Title:
QEMU crashes when virtio network cards are used together with e1000
network cards
Status in QEMU:
New
Bug description:
QEMU version: QEMU emulator version 2.2.50, Copyright (c) 2003-2008 Fabrice
Bellard
QEMU GIT version: ab0302ee764fd702465aef6d88612cdff4302809
Configure flags: ./configure --enable-kvm --prefix=/opt/qemu-devel
Linux version: Ubuntu 14.04.1 LTS
Kernel version: 3.13.0-43-generic #72-Ubuntu SMP Mon Dec 8 19:35:06 UTC 2014
x86_64 x86_64 x86_64 GNU/Linux
Problem:
QEMU crashes when using one (or more) virtio network cards
together with one (or more) e1000 (and possibly others) network cards
when those cards are bound to a linux bridge. When the cards are *not*
bound to a bridge QEMU does not crash.
Bridge configuration:
iface bridge0 inet dhcp
bridge_ports eth1
bridge_stp off
bridge_fd 0
Start-up command (including binding the network cards to the bridge +
strace logging):
./qemu-system-x86_64 -daemonize -smp 1 -m 128 -vnc 0.0.0.0:0 \
-netdev tap,id=tap_1,script=no,downscript=no,ifname=net_1_1,vhost=on \
-device
virtio-net-pci,bootindex=1,id=nic_1,netdev=tap_1,mac=02:16:3F:00:00:FA \
-netdev tap,id=tap_2,script=no,downscript=no,ifname=net_1_2 \
-device e1000,bootindex=2,id=nic_2,netdev=tap_2,mac=02:16:3F:00:00:FB; \
brctl addif bridge0 net_1_1; \
brctl addif bridge0 net_1_2; \
ifconfig net_1_1 0.0.0.0 up; \
ifconfig net_1_2 0.0.0.0 up; \
sleep 2; \
strace -p `ps x |grep qemu-system-x86_64 |grep -v grep|awk '{print $1}'` -o
/tmp/qemu-devel-trace.txt
Kernel log:
Dec 24 11:12:08 bramws kernel: [12466.885581] device net_1_1 entered
promiscuous mode
Dec 24 11:12:08 bramws kernel: [12466.886238] device net_1_2 entered
promiscuous mode
Dec 24 11:12:08 bramws kernel: [12466.887084] bridge0: port 2(net_1_1)
entered forwarding state
Dec 24 11:12:08 bramws kernel: [12466.887089] bridge0: port 2(net_1_1)
entered forwarding state
Dec 24 11:12:08 bramws kernel: [12466.888940] bridge0: port 3(net_1_2)
entered forwarding state
Dec 24 11:12:08 bramws kernel: [12466.888947] bridge0: port 3(net_1_2)
entered forwarding state
Dec 24 11:12:29 bramws kernel: [12488.026376] bridge0: port 2(net_1_1)
entered disabled state
Dec 24 11:12:29 bramws kernel: [12488.026820] device net_1_1 left promiscuous
mode
Dec 24 11:12:29 bramws kernel: [12488.026832] bridge0: port 2(net_1_1)
entered disabled state
Dec 24 11:12:29 bramws kernel: [12488.049636] bridge0: port 3(net_1_2)
entered disabled state
Dec 24 11:12:29 bramws kernel: [12488.050058] device net_1_2 left promiscuous
mode
Dec 24 11:12:29 bramws kernel: [12488.050074] bridge0: port 3(net_1_2)
entered disabled state
Strace log: (full log attached)
ppoll([{fd=13, events=POLLIN|POLLERR|POLLHUP}, {fd=7,
events=POLLIN|POLLERR|POLLHUP}, {fd=12, events=POLLIN|POLLERR|POLLHUP}, {fd=3,
events=POLLIN|POLLERR|POLLHUP}, {fd=6, events=POLLIN}, {fd=5, events=POLLIN}],
6, {0, 28646613}, NULL, 8) = 0 (Timeout)
write(5, "\1\0\0\0\0\0\0\0", 8) = 8
ppoll([{fd=13, events=POLLIN|POLLERR|POLLHUP}, {fd=7,
events=POLLIN|POLLERR|POLLHUP}, {fd=12, events=POLLIN|POLLERR|POLLHUP}, {fd=3,
events=POLLIN|POLLERR|POLLHUP}, {fd=6, events=POLLIN}, {fd=5, events=POLLIN}],
6, {0, 10899760}, NULL, 8) = 1 ([{fd=5, revents=POLLIN}], left {0, 10895457})
write(6, "\1\0\0\0\0\0\0\0", 8) = 8
read(5, "\1\0\0\0\0\0\0\0", 512) = 8
write(6, "\1\0\0\0\0\0\0\0", 8) = 8
ppoll([{fd=13, events=POLLIN|POLLERR|POLLHUP}, {fd=7,
events=POLLIN|POLLERR|POLLHUP}, {fd=12, events=POLLIN|POLLERR|POLLHUP}, {fd=3,
events=POLLIN|POLLERR|POLLHUP}, {fd=6, events=POLLIN}, {fd=5, events=POLLIN}],
6, {0, 0}, NULL, 8) = 1 ([{fd=6, revents=POLLIN}], left {0, 0})
ppoll([{fd=13, events=POLLIN|POLLERR|POLLHUP}, {fd=7,
events=POLLIN|POLLERR|POLLHUP}, {fd=12, events=POLLIN|POLLERR|POLLHUP}, {fd=3,
events=POLLIN|POLLERR|POLLHUP}, {fd=6, events=POLLIN}, {fd=5, events=POLLIN}],
6, {0, 0}, NULL, 8) = 1 ([{fd=6, revents=POLLIN}], left {0, 0})
read(6, "\2\0\0\0\0\0\0\0", 16) = 8
ppoll([{fd=13, events=POLLIN|POLLERR|POLLHUP}, {fd=7,
events=POLLIN|POLLERR|POLLHUP}, {fd=12, events=POLLIN|POLLERR|POLLHUP}, {fd=3,
events=POLLIN|POLLERR|POLLHUP}, {fd=6, events=POLLIN}, {fd=5, events=POLLIN}],
6, {0, 0}, NULL, 8) = 0 (Timeout)
read(6, 0x7fff697320e0, 16) = -1 EAGAIN (Resource temporarily
unavailable)
ppoll([{fd=13, events=POLLIN|POLLERR|POLLHUP}, {fd=7,
events=POLLIN|POLLERR|POLLHUP}, {fd=12, events=POLLIN|POLLERR|POLLHUP}, {fd=3,
events=POLLIN|POLLERR|POLLHUP}, {fd=6, events=POLLIN}, {fd=5, events=POLLIN}],
6, {0, 9570429}, NULL, 8) = 0 (Timeout)
futex(0x7f011c8ef094, FUTEX_CMP_REQUEUE_PRIVATE, 1, 2147483647,
0x7f011aaa0860, 224) = 1
write(5, "\1\0\0\0\0\0\0\0", 8) = 8
write(5, "\1\0\0\0\0\0\0\0", 8) = 8
futex(0x7f011aaa0860, FUTEX_WAKE_PRIVATE, 1) = 1
ppoll([{fd=13, events=POLLIN|POLLERR|POLLHUP}, {fd=7,
events=POLLIN|POLLERR|POLLHUP}, {fd=12, events=POLLIN|POLLERR|POLLHUP}, {fd=3,
events=POLLIN|POLLERR|POLLHUP}, {fd=6, events=POLLIN}, {fd=5, events=POLLIN}],
6, {0, 54463396}, NULL, 8) = 1 ([{fd=5, revents=POLLIN}], left {0, 54459649})
tgkill(7779, 7784, SIGUSR1) = 0
futex(0x7f011aaa0824, FUTEX_CMP_REQUEUE_PRIVATE, 1, 2147483647,
0x7f011aaa0860, 1650) = 1
write(6, "\1\0\0\0\0\0\0\0", 8) = 8
read(5, "\2\0\0\0\0\0\0\0", 512) = 8
write(6, "\1\0\0\0\0\0\0\0", 8) = 8
ppoll([{fd=13, events=POLLIN|POLLERR|POLLHUP}, {fd=7,
events=POLLIN|POLLERR|POLLHUP}, {fd=12, events=POLLIN|POLLERR|POLLHUP}, {fd=3,
events=POLLIN|POLLERR|POLLHUP}, {fd=6, events=POLLIN}, {fd=5, events=POLLIN}],
6, {0, 0}, NULL, 8) = 1 ([{fd=6, revents=POLLIN}], left {0, 0})
ppoll([{fd=13, events=POLLIN|POLLERR|POLLHUP}, {fd=7,
events=POLLIN|POLLERR|POLLHUP}, {fd=12, events=POLLIN|POLLERR|POLLHUP}, {fd=3,
events=POLLIN|POLLERR|POLLHUP}, {fd=6, events=POLLIN}, {fd=5, events=POLLIN}],
6, {0, 0}, NULL, 8) = 1 ([{fd=6, revents=POLLIN}], left {0, 0})
read(6, "\2\0\0\0\0\0\0\0", 16) = 8
ppoll([{fd=13, events=POLLIN|POLLERR|POLLHUP}, {fd=7,
events=POLLIN|POLLERR|POLLHUP}, {fd=12, events=POLLIN|POLLERR|POLLHUP}, {fd=3,
events=POLLIN|POLLERR|POLLHUP}, {fd=6, events=POLLIN}, {fd=5, events=POLLIN}],
6, {0, 0}, NULL, 8) = 0 (Timeout)
read(6, 0x7fff697320e0, 16) = -1 EAGAIN (Resource temporarily
unavailable)
futex(0x7f011aaa0860, FUTEX_WAKE_PRIVATE, 1) = 1
ppoll([{fd=13, events=POLLIN|POLLERR|POLLHUP}, {fd=7,
events=POLLIN|POLLERR|POLLHUP}, {fd=12, events=POLLIN|POLLERR|POLLHUP}, {fd=3,
events=POLLIN|POLLERR|POLLHUP}, {fd=6, events=POLLIN}, {fd=5, events=POLLIN}],
6, {0, 53843633}, NULL, 8 <unfinished ...>
+++ killed by SIGABRT +++
To manage notifications about this bug go to:
https://bugs.launchpad.net/qemu/+bug/1405385/+subscriptions
| [Prev in Thread] |
Current Thread |
[Next in Thread] |