Patch#1: hw/arm: Close unreleased out_fault_fd Issue: When a VM is started with `the arm-smmuv3-accel`, loading hisi_zip and rebooting VM repeatly. After thousands of times, the QEMU core dumps occur. Analysis: The iommufd-pgfault fd is not released when the guest OS reboot. As a result, the number of fd increases by one each time the guest OS reboot. When the number of fd reaches the upper limit, fd cannot be allocated, and QEMU core dumps occur. Patch#2: pci: avoid the info qtree crash caused by arm-smmuv3-accel Issue: When a VM is started with `the arm-smmuv3-accel`, Run `info qtree` on the QEMU monitor, QEMU core dumps occur. Analysis: The function pcibus_dev_print casts the arm-smmuv3-accel device into a PCI device, and during the process of checking the configuration space, it encounters a null pointer dereference, leading to a core dump. Now, the arm-smmuv3-accel needs to be detected and skipped in pcibus_dev_print. Avoid the info qtree crash caused by arm-smmuv3-accel for now. Jinqian Yang (1): hw/arm: Close unreleased out_fault_fd jinyihua (1): pci: avoid the info qtree crash caused by arm-smmuv3-accel hw/arm/smmu-common.c | 1 + hw/pci/pci-hmp-cmds.c | 3 +++ 2 files changed, 4 insertions(+) -- 2.33.0
virt inclusion category: bugfix bugzilla: https://atomgit.com/openeuler/qemu/issues/264 The iommufd-pgfault fd is not released when the guest OS reboot. As a result, the number of fd increases by one each time the guest OS reboot. When the number of fd reaches the upper limit, fd cannot be allocated, and QEMU core dumps occur. Fixes: cada49a7f8 ("[BigDipperV5R9][QEMU-VIRT] hw/arm/smmuv3: Close unreleased iommufd-pgfault fd") Signed-off-by: Jinqian Yang <yangjinqian1@huawei.com> --- hw/arm/smmu-common.c | 1 + 1 file changed, 1 insertion(+) diff --git a/hw/arm/smmu-common.c b/hw/arm/smmu-common.c index 65314e0e44..4a75dbb11a 100644 --- a/hw/arm/smmu-common.c +++ b/hw/arm/smmu-common.c @@ -880,6 +880,7 @@ void smmu_dev_uninstall_nested_ste(SMMUDevice *sdev, bool abort) qemu_thread_join(&s1_hwpt->write_fault_thread); qemu_mutex_destroy(&s1_hwpt->fault_mutex); io_uring_queue_exit(&s1_hwpt->fault_ring); + close(s1_hwpt->out_fault_fd); } if (!host_iommu_device_iommufd_attach_hwpt(idev, hwpt_id, NULL)) { -- 2.33.0
From: jinyihua <jinyihua@huawei.com> virt inclusion category: bugfix bugzilla: https://atomgit.com/openeuler/qemu/issues/264 Avoid the info qtree crash caused by arm-smmuv3-accel for now. Fixes: 30c90d176f79 ("smmuv3: Use default bus for arm-smmuv3-accel") Signed-off-by: jinyihua <jinyihua@huawei.com> Signed-off-by: Jinqian Yang <yangjinqian1@huawei.com> --- hw/pci/pci-hmp-cmds.c | 3 +++ 1 file changed, 3 insertions(+) diff --git a/hw/pci/pci-hmp-cmds.c b/hw/pci/pci-hmp-cmds.c index b09fce9377..39a395db77 100644 --- a/hw/pci/pci-hmp-cmds.c +++ b/hw/pci/pci-hmp-cmds.c @@ -126,6 +126,9 @@ void hmp_info_pci(Monitor *mon, const QDict *qdict) void pcibus_dev_print(Monitor *mon, DeviceState *dev, int indent) { + if (object_dynamic_cast(OBJECT(dev), "arm-smmuv3-accel")) { + return; + } PCIDevice *d = (PCIDevice *)dev; int class = pci_get_word(d->config + PCI_CLASS_DEVICE); const pci_class_desc *desc = get_class_desc(class); -- 2.33.0
participants (1)
-
Jinqian Yang