Bug 855870
Summary: | Remote-viewer segfaults during spice migration with SSL when running from cli | ||
---|---|---|---|
Product: | Red Hat Enterprise Linux 6 | Reporter: | Marian Krcmarik <mkrcmari> |
Component: | spice-gtk | Assignee: | Marc-Andre Lureau <marcandre.lureau> |
Status: | CLOSED ERRATA | QA Contact: | Desktop QE <desktop-qa-list> |
Severity: | unspecified | Docs Contact: | |
Priority: | low | ||
Version: | 6.4 | CC: | acathrow, bili, cfergeau, dblechte, lnovich, marcandre.lureau, mjenner, pvine |
Target Milestone: | rc | ||
Target Release: | --- | ||
Hardware: | Unspecified | ||
OS: | Unspecified | ||
Whiteboard: | |||
Fixed In Version: | spice-gtk-0.20-1.el6 | Doc Type: | Bug Fix |
Doc Text: |
No description necessary
|
Story Points: | --- |
Clone Of: | Environment: | ||
Last Closed: | 2013-11-21 08:24:47 UTC | Type: | Bug |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: |
Description
Marian Krcmarik
2012-09-10 13:19:20 UTC
*** Bug 856068 has been marked as a duplicate of this bug. *** Can you reproduce with current rhel? spice-gtk 0.14-3 & virt-viewer 0.5.2-13? (I can't) (In reply to comment #3) > Can you reproduce with current rhel? spice-gtk 0.14-3 & virt-viewer > 0.5.2-13? (I can't) Yes I can, I'll attach certs I am using, otherwise everything is valid as described in description which means: 1 Running a qemu like: /usr/libexec/qemu-kvm -m 1024 -smp 1 -vga qxl -enable-kvm -spice port=3001,tls-port=3002,password=123,x509-dir=/tmp/spice_x509d/,x509-key-password=testPassPhrase,tls-channel=inputs -device virtio-serial-pci,id=virtio-serial0,bus=pci.0 -chardev spicevmc,id=charchannel0,name=vdagent -device virtserialport,bus=virtio-serial0.0,nr=1,chardev=charchannel0,id=channel0,name=com.redhat.spice.0 -device AC97 /dev/rootvg/Windows7_test -monitor stdio 2. Connecting to the guest like: remote-viewer spice://localhost?tls-port=3002,port=3001 --spice-ca-file=/tmp/spice_x509d/ca-cert.pem --spice-host-subject="C=CZ,L=BRNO,O=SPICE,CN=my Server" 3. Starting destionation qemu. 4. Migrating: __com.redhat_spice_migrate_info localhost 3011 3012 "C=CZ,L=BRNO,O=SPICE,CN=my Server" migrate -d tcp:0:5811 I am afraid I really can't reproduce the issue. I am using the same cert, same command line argument and monitor command, with spice-server-0.12.0-1.el6.x86_64 qemu-kvm-0.12.1.2-2.325.el6.x86_64 spice-gtk-0.14-3.el6.x86_64 virt-viewer-0.5.2-14.el6.x86_64 please provide full log of both qemu instance and remote-viewer with G_MESSAGES_DEBUG=all SPICE_DEBUG=1 I just noticed that the spice server is not checking password when using cert, I will try to dig in that direction (In reply to comment #11) > I just noticed that the spice server is not checking password when using > cert, I will try to dig in that direction ok, my bad, I had disable-ticketing... - we should error out if both disable-ticketing and password arguments are given - now remote-viewer crashes immediately with double free error! remote-viewer has this known double-free related to setting the SPICE ticket, dunno if that's is what you are experiencing https://bugzilla.redhat.com/show_bug.cgi?id=867248 (In reply to comment #13) > remote-viewer has this known double-free related to setting the SPICE > ticket, dunno if that's is what you are experiencing > https://bugzilla.redhat.com/show_bug.cgi?id=867248 even with that double-free reverted, I still can't reproduce the crash. Please Marian, provide additional informations as requested. This request was not resolved in time for the current release. Red Hat invites you to ask your support representative to propose this request, if still desired, for consideration in the next release of Red Hat Enterprise Linux. I couldn't reproduce because the command line for virt-viewer was using "," instead of "&", so in fact, all the channels were connected in tls, and after migration, switched to plain connection. This triggers a code path that crash ultimately in SSL_write (s=0x0...), all we need to do is swap the channel tls state. patch sent to ML also it would be nice to warn if URI parsing is invalid, patch on the ML Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. http://rhn.redhat.com/errata/RHBA-2013-1577.html |