Bug 879657

Summary: Monitor command "drive_add 0 if=scsi" crashes
Product: [Fedora] Fedora Reporter: Markus Armbruster <armbru>
Component: qemuAssignee: Fedora Virtualization Maintainers <virt-maint>
Status: CLOSED CURRENTRELEASE QA Contact: Fedora Extras Quality Assurance <extras-qa>
Severity: unspecified Docs Contact:
Priority: unspecified    
Version: 18CC: amit.shah, berrange, cfergeau, crobinso, dwmw2, itamar, knoel, pbonzini, rjones, scottt.tw, virt-maint
Target Milestone: ---   
Target Release: ---   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2013-01-15 00:48:50 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Markus Armbruster 2012-11-23 15:26:46 UTC 
Description of problem:


Version-Release number of selected component (if applicable):


How reproducible:
Always

Steps to Reproduce:
1. Run qemu-system-x86_64 -nodefaults -S -vnc :0 -monitor stdio 
2. Give monitor command drive_add 0 if=scsi

Actual results:
Segmentation fault

Expected results:
Fail command with a suitable error message

Additional info:
F-17 fails the command with "Device is not a SCSI adapter".

Broken upstram in commit 0d936928 "qdev: Convert busses to QEMU Object Model".
Comment 1 Cole Robinson 2012-12-14 22:25:42 UTC 
Fixed in 1.2.2 stable by

commit a99cb0d20a4868a31f294f5d1fd4fa3225ea70ab
Author: Paolo Bonzini <pbonzini>
Date:   Fri Nov 23 16:56:18 2012 +0100

    hmp: do not crash on invalid SCSI hotplug
    
    Commit 0d93692 (qdev: Convert busses to QEMU Object Model, 2012-05-02)
    removed a check on the type of the bus where a SCSI disk is hotplugged.
    However, hot-plugging to the wrong kind of device now causes a crash
    due to either a NULL pointer dereference (avoided by the previous patch)
    or a failed QOM cast.
    
    Instead, in this case we need to use object_dynamic_cast and check for
    the result, similar to what was done before that commit.
    
    Reported-by: Markus Armbruster <armbru>
    Signed-off-by: Paolo Bonzini <pbonzini>
    Signed-off-by: Anthony Liguori <aliguori.com>
    (cherry picked from commit b5007bcc9729acd995518c52eb1038c4d8416b5d)
    
    Signed-off-by: Michael Roth <mdroth.ibm.com>
Comment 2 Fedora Update System 2012-12-17 01:27:25 UTC 
qemu-1.2.2-1.fc18 has been submitted as an update for Fedora 18.
https://admin.fedoraproject.org/updates/qemu-1.2.2-1.fc18
Comment 3 Fedora Update System 2013-01-11 23:54:53 UTC 
qemu-1.2.2-1.fc18 has been pushed to the Fedora 18 stable repository.  If problems still persist, please make note of it in this bug report.