Bug 970554

Summary: segfault from invalid "device_add" of ivshmem
Product: [Fedora] Fedora Reporter: Paolo Bonzini <pbonzini>
Component: qemuAssignee: Fedora Virtualization Maintainers <virt-maint>
Status: CLOSED RAWHIDE QA Contact: Fedora Extras Quality Assurance <extras-qa>
Severity: unspecified Docs Contact:
Priority: unspecified    
Version: rawhideCC: acathrow, amit.shah, berrange, cfergeau, crobinso, drjones, dwmw2, itamar, juzhang, mdeng, pbonzini, rjones, scottt.tw, sluo, virt-maint, virt-maint
Target Milestone: ---   
Target Release: ---   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2013-08-31 20:00:56 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Paolo Bonzini 2013-06-04 10:23:28 UTC 
(qemu) device_add ivshmem
Must specify 'chardev' or 'shm' to ivshmem
Segmentation fault (core dumped)

(qemu) device_add ivshmem,chardev=stdio
Must specify 'chardev' or 'shm' to ivshmem
Segmentation fault (core dumped)

because the chardev must really be a Unix socket.
Comment 2 Min Deng 2013-06-06 02:14:46 UTC 
Hi Paolo,
   QE tried the bug according to the following scenario.
   case1,it won't reproduce while chardev with socket backend with unix option.
   {"execute":"chardev-add","arguments":{"id":"channel4","backend":{"type":"socket","data":{"addr": {"type":"unix", "data": {"path": "/tmp/mm4"}}}}}}
   {"execute":"device_add","arguments":{"driver":"ivshmem","chardev":"channel4"}}
   case2,
   the issue will be reproduced while chardev with others backend,such as file,pty.
   Thanks,any issue please let me know.

Best regards,
Min
Comment 3 Min Deng 2013-06-06 02:44:20 UTC 
  By the way,I've been told by QE feature owner of ivshmem that ivshmem isn't supported in rhel7.0,thanks.Any wrong please correct me.
Comment 6 Cole Robinson 2013-08-31 20:00:56 UTC 
qemu 1.6 doesn't crash here either, though qemu does exit(1) on bad parameters.