Bug 750738

Summary: Segmentation fault if -chardev without backend
Product: Red Hat Enterprise Linux 6 Reporter: Mike Cao <bcao>
Component: qemu-kvmAssignee: Amit Shah <amit.shah>
Status: CLOSED ERRATA QA Contact: Virtualization Bugs <virt-bugs>
Severity: medium Docs Contact:
Priority: medium    
Version: 6.2CC: acathrow, amit.shah, bcao, bsarathy, juzhang, knoel, michen, mkenneth, qzhang, shu, virt-maint
Target Milestone: rc   
Target Release: ---   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: qemu-kvm-0.12.1.2-2.211.el6 Doc Type: Bug Fix
Doc Text:
No documentation needed
Story Points: ---
Clone Of: Environment:
Last Closed: 2012-06-20 11:35:42 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:

Description Mike Cao 2011-11-02 09:08:50 UTC
Description of problem:
chardev does not have a default backend ,when start qemu-kvm with -chardev w/o backend ,seg fault will happened.

Version-Release number of selected component (if applicable):
# uname -r 
2.6.32-215.el6.x86_64
[root@test ~]# rpm -q qemu-kvm
qemu-kvm-0.12.1.2-2.206.el6.x86_64

How reproducible:
100%

Steps to Reproduce:
1.start guest with -chardev id=charchannnel0 -device virtserialport,bus=virtio-serial0.0,nr=1,chardev=charchannel0,id=channel0,name=test
  
Actual results:
segfault happened .

Program received signal SIGSEGV, Segmentation fault.
__strcmp_sse42 () at ../sysdeps/x86_64/multiarch/strcmp.S:515
515		movdqa	(%rdi), %xmm2
(gdb) bt
#0  __strcmp_sse42 () at ../sysdeps/x86_64/multiarch/strcmp.S:515
#1  0x00000000004beb38 in qemu_chr_open_opts (opts=0xf01470, init=0)
    at qemu-char.c:2640
#2  0x00000000004096ab in chardev_init_func (opts=<value optimized out>, 
    opaque=<value optimized out>)
    at /usr/src/debug/qemu-kvm-0.12.1.2/vl.c:4756
#3  0x000000000047bc9a in qemu_opts_foreach (list=<value optimized out>, 
    func=0x4096a0 <chardev_init_func>, opaque=0x0, 
    abort_on_failure=<value optimized out>) at qemu-option.c:957
#4  0x000000000040d068 in main (argc=<value optimized out>, 
    argv=<value optimized out>, envp=<value optimized out>)
    at /usr/src/debug/qemu-kvm-0.12.1.2/vl.c:6033

Expected results:
chardev should have a default backend if user did not specify one .whatever should no segmentation fault 

Additional info:

Comment 1 Amit Shah 2011-11-02 09:38:28 UTC
Fixed upstream in 1bbd185fa826a2da7c6089b968f9f7d08438c2c8

Comment 7 Qunfang Zhang 2012-01-29 05:37:07 UTC
Reproduced this issue on qemu-kvm-0.12.1.2-2.209.el6 and verified pass on qemu-kvm-0.12.1.2-2.221.el6.x86_64.

Steps:
Boot a guest with chardev but without backend, for example:
-device virtio-serial-pci,id=virtio-serial0,max_ports=16,bus=pci.0,addr=0x7 -chardev id=channel0,host=127.0.0.1,port=12345,server,nowait -device virtserialport,bus=virtio-serial0.0,nr=1,chardev=channel0,id=channel0,name=com.redhat.rhevm.vdsm

On qemu-kvm-0.12.1.2-2.209.el6, got a segment fault:
Program received signal SIGSEGV, Segmentation fault.
(gdb) bt
#0  0x0000003243733a1a in __strcmp_ssse3 () from /lib64/libc.so.6
#1  0x00000000004bec88 in qemu_chr_open_opts (opts=0xf00d20, init=0) at qemu-char.c:2640
#2  0x00000000004096fb in chardev_init_func (opts=<value optimized out>, opaque=<value optimized out>)
    at /usr/src/debug/qemu-kvm-0.12.1.2/vl.c:4761
#3  0x000000000047bd0a in qemu_opts_foreach (list=<value optimized out>, func=0x4096f0 <chardev_init_func>, 
    opaque=0x0, abort_on_failure=<value optimized out>) at qemu-option.c:957
#4  0x000000000040d068 in main (argc=<value optimized out>, argv=<value optimized out>, 
    envp=<value optimized out>) at /usr/src/debug/qemu-kvm-0.12.1.2/vl.c:6038

On qemu-kvm-0.12.1.2-2.221.el6.x86_64, qemu gives prompt if there's no backend for a chardev:
chardev: "channel0" missing backend

So, this issue is fixed.

Comment 10 Amit Shah 2012-04-24 13:04:07 UTC
    Technical note added. If any revisions are required, please edit the "Technical Notes" field
    accordingly. All revisions will be proofread by the Engineering Content Services team.
    
    New Contents:
No documentation needed

Comment 11 errata-xmlrpc 2012-06-20 11:35:42 UTC
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

http://rhn.redhat.com/errata/RHBA-2012-0746.html