Bug 1254924

Summary: "-object" with unsupported class name makes qemu-kvm abort()
Product: Red Hat Enterprise Linux 7 Reporter: Yanan Fu <yfu>
Component: qemu-kvmAssignee: Eduardo Habkost <ehabkost>
Status: CLOSED DEFERRED QA Contact: Virtualization Bugs <virt-bugs>
Severity: low Docs Contact:
Priority: low    
Version: 7.2CC: chayang, imammedo, juzhang, knoel, rbalakri, virt-maint, xfu
Target Milestone: rc   
Target Release: ---   
Hardware: x86_64   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2015-08-31 16:39:55 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Yanan Fu 2015-08-19 09:08:38 UTC 
Description of problem:
Add option "-object memory-backend-ram" in qemu commandline, will case qemu core dumped.


Version-Release number of selected component (if applicable):
qemu:qemu-kvm-1.5.3-101.el7.x86_64
kernel:3.10.0-304.el7.x86_64


How reproducible:
100%

Steps to Reproduce:
1.boot a guest, with "-object memory-backend-ram,...."
2.qemu will core dumped


Actual results:
qemu core dumped.

Expected results:
QE member have confirmed,qemu-kvm-1.5.3-101.el7.x86_64 does not support "memory-backend-ram", but it should prompt some useful information,instead of cause qemu core dumped.


Additional info:
CLI:
/usr/libexec/qemu-kvm -smp 4,cores=1,threads=1,sockets=4 -object memory-backend-ram,policy=bind,id=mem-0,size=512M,prealloc=yes,host-nodes=0 -numa node,memdev=mem-0,cpus=0
gdb:
(gdb) run -object memory-backend-ram,policy=bind,id=mem-0,size=512M,prealloc=yes,host-nodes=0 -numa node,memdev=mem-0,cpus=0
Starting program: /usr/libexec/qemu-kvm -object memory-backend-ram,policy=bind,id=mem-0,size=512M,prealloc=yes,host-nodes=0 -numa node,memdev=mem-0,cpus=0
[Thread debugging using libthread_db enabled]
Using host libthread_db library "/lib64/libthread_db.so.1".
**
ERROR:qom/object.c:409:object_new_with_type: assertion failed: (type != NULL)
Program received signal SIGABRT, Aborted.
0x00007ffff10e35f7 in raise () from /lib64/libc.so.6

(gdb) bt
#0  0x00007ffff10e35f7 in raise () from /lib64/libc.so.6
#1  0x00007ffff10e4ce8 in abort () from /lib64/libc.so.6
#2  0x00007ffff637a6d5 in g_assertion_message () from /lib64/libglib-2.0.so.0
#3  0x00007ffff637a76a in g_assertion_message_expr () from /lib64/libglib-2.0.so.0
#4  0x00005555556e4d99 in object_new_with_type (type=0x0) at qom/object.c:409
#5  0x00005555556e4dc5 in object_new (typename=typename@entry=0x555556d0cc20 "memory-backend-ram") at qom/object.c:423
#6  0x00005555557116c7 in object_create (opts=0x555556cde000, opaque=<optimized out>) at vl.c:2797
#7  0x00005555558295bb in qemu_opts_foreach (list=<optimized out>, func=func@entry=0x555555711690 <object_create>, 
    opaque=opaque@entry=0x0, abort_on_failure=abort_on_failure@entry=0) at util/qemu-option.c:1198
#8  0x00005555555c8c43 in main (argc=5, argv=0x7fffffffe3e8, envp=<optimized out>) at vl.c:3842
Comment 2 Eduardo Habkost 2015-08-31 16:32:31 UTC 
memory-backend-ram is not supported by qemu-kvm-1.5.3. The behavior when an invalid class name is used with "-object" was always abort():

  $ rpm -q qemu-kvm
  qemu-kvm-1.5.3-101.el7.x86_64
  $ /usr/libexec/qemu-kvm -object nononono,id=foo
  **
  ERROR:qom/object.c:409:object_new_with_type: assertion failed: (type != NULL)
  Aborted
  $ 


We can fix it to print a proper error message, but it is very low priority.
Comment 3 Eduardo Habkost 2015-08-31 16:39:55 UTC 
The code was heavily refactored to implemented the extra check for -object arguments, it's not worth the 1.5.3 backport effort. Closing.