Bug 1123904
| Summary: | Early QMP commands segfault | ||
|---|---|---|---|
| Product: | Red Hat Enterprise Linux 6 | Reporter: | Kevin Wolf <kwolf> |
| Component: | qemu-kvm | Assignee: | Cole Robinson <crobinso> |
| Status: | CLOSED DUPLICATE | QA Contact: | Virtualization Bugs <virt-bugs> |
| Severity: | unspecified | Docs Contact: | |
| Priority: | unspecified | ||
| Version: | 6.5 | CC: | bsarathy, chayang, dgilbert, juzhang, michen, mkenneth, qzhang, rbalakri, sluo, virt-maint |
| Target Milestone: | rc | ||
| Target Release: | --- | ||
| Hardware: | Unspecified | ||
| OS: | Unspecified | ||
| Whiteboard: | |||
| Fixed In Version: | Doc Type: | Bug Fix | |
| Doc Text: | Story Points: | --- | |
| Clone Of: | Environment: | ||
| Last Closed: | 2015-01-27 22:07:34 UTC | Type: | Bug |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
When directly sending a QMP command on startup (just piping commands into qemu is something that qemu-iotests does for some test cases that involve QMP), qemu crashes: $ x86_64-softmmu/qemu-system-x86_64 -qmp stdio <<< '{ "execute": "qmp_capabilities" }' Segmentation fault (core dumped) The segfault is avoided by inserting a delay: $ (sleep 1; echo '{ "execute": "qmp_capabilities" }') | x86_64-softmmu/qemu-system-x86_64 -qmp stdio {"QMP": {"version": {"qemu": {"micro": 1, "minor": 12, "major": 0}, "package": "(qemu-kvm-devel)"}, "capabilities": []}} {"return": {}} {"timestamp": {"seconds": 1406560293, "microseconds": 328605}, "event": "SHUTDOWN"} (gdb) bt #0 0x0000000000000000 in ?? () #1 0x000000000049e1e8 in json_lexer_feed_char (lexer=lexer@entry=0xef05a0, ch=123 '{', flush=flush@entry=false) at json-lexer.c:339 #2 0x000000000049e37e in json_lexer_feed (lexer=0xef05a0, buffer=<optimized out>, size=<optimized out>) at json-lexer.c:355 #3 0x000000000049e689 in json_message_parser_feed (parser=<optimized out>, buffer=<optimized out>, size=<optimized out>) at json-streamer.c:110 #4 0x0000000000440a9f in monitor_control_read (opaque=<optimized out>, buf=<optimized out>, size=<optimized out>) at /home/kwolf/source/qemu-kvm-rhel6/monitor.c:5024 #5 0x00000000004c03b1 in qemu_chr_be_write (len=<optimized out>, buf=0x7fffffffc5e0 "{\001", s=0xd99a10) at qemu-char.c:192 #6 fd_chr_read (chan=<optimized out>, cond=<optimized out>, opaque=0xd99a10) at qemu-char.c:793 #7 0x00007ffff62aaac6 in g_main_context_dispatch () from /lib64/libglib-2.0.so.0 #8 0x000000000043f090 in glib_select_poll (err=false, xfds=0x7fffffffd7c0, wfds=0x7fffffffd740, rfds=0x7fffffffd6c0) at /home/kwolf/source/qemu-kvm-rhel6/vl.c:4001 #9 main_loop_wait (timeout=0, timeout@entry=1000) at /home/kwolf/source/qemu-kvm-rhel6/vl.c:4074 #10 0x000000000045cfc2 in kvm_main_loop () at /home/kwolf/source/qemu-kvm-rhel6/qemu-kvm.c:2258 #11 0x00000000004381c1 in main_loop () at /home/kwolf/source/qemu-kvm-rhel6/vl.c:4268 #12 main (argc=<optimized out>, argv=<optimized out>, envp=<optimized out>) at /home/kwolf/source/qemu-kvm-rhel6/vl.c:6711 (gdb) up #1 0x000000000049e1e8 in json_lexer_feed_char (lexer=lexer@entry=0xf53d70, ch=123 '{', flush=flush@entry=false) at json-lexer.c:339 339 lexer->emit(lexer, lexer->token, lexer->state, lexer->x, lexer->y); (gdb) p *lexer $2 = {emit = 0x0, state = 0, token = 0x0, x = 1, y = 0}