RHEL Engineering is moving the tracking of its product development work on RHEL 6 through RHEL 9 to Red Hat Jira (issues.redhat.com). If you're a Red Hat customer, please continue to file support cases via the Red Hat customer portal. If you're not, please head to the "RHEL project" in Red Hat Jira and file new tickets here. Individual Bugzilla bugs in the statuses "NEW", "ASSIGNED", and "POST" are being migrated throughout September 2023. Bugs of Red Hat partners with an assigned Engineering Partner Manager (EPM) are migrated in late September as per pre-agreed dates. Bugs against components "kernel", "kernel-rt", and "kpatch" are only migrated if still in "NEW" or "ASSIGNED". If you cannot log in to RH Jira, please consult article #7032570. That failing, please send an e-mail to the RH Jira admins at rh-issues@redhat.com to troubleshoot your issue as a user management inquiry. The email creates a ServiceNow ticket with Red Hat. Individual Bugzilla bugs that are migrated will be moved to status "CLOSED", resolution "MIGRATED", and set with "MigratedToJIRA" in "Keywords". The link to the successor Jira issue will be found under "Links", have a little "two-footprint" icon next to it, and direct you to the "RHEL project" in Red Hat Jira (issue links are of type "https://issues.redhat.com/browse/RHEL-XXXX", where "X" is a digit). This same link will be available in a blue banner at the top of the page informing you that that bug has been migrated.
Bug 1261263 - qemu crash while start a guest with invalid vnc socket path
Summary: qemu crash while start a guest with invalid vnc socket path
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: Red Hat Enterprise Linux 7
Classification: Red Hat
Component: qemu-kvm-rhev
Version: 7.2
Hardware: x86_64
OS: Unspecified
unspecified
high
Target Milestone: rc
: ---
Assignee: Gerd Hoffmann
QA Contact: Virtualization Bugs
URL:
Whiteboard:
Depends On:
Blocks: 1263986
TreeView+ depends on / blocked
 
Reported: 2015-09-09 05:36 UTC by zhenfeng wang
Modified: 2015-12-04 16:56 UTC (History)
15 users (show)

Fixed In Version: qemu-kvm-rhev-2.3.0-23.el7
Doc Type: Bug Fix
Doc Text:
Clone Of:
: 1263986 (view as bug list)
Environment:
Last Closed: 2015-12-04 16:56:35 UTC
Target Upstream Version:
Embargoed:

Attachments (Terms of Use)
qemu coredump info (8.45 KB, text/plain)
2015-09-09 05:36 UTC, zhenfeng wang 		no flags Details
guest's xml (3.74 KB, text/plain)
2015-09-09 05:37 UTC, zhenfeng wang 		no flags Details
View All


Links
System ID Private Priority Status Summary Last Updated
Red Hat Product Errata RHBA-2015:2546 0 normal SHIPPED_LIVE qemu-kvm-rhev bug fix and enhancement update 2015-12-04 21:11:56 UTC

Description zhenfeng wang 2015-09-09 05:36:06 UTC 
Description of problem:
qemu crash while start a guest with invalid vnc socket path

Version-Release number of selected component (if applicable):
qemu-kvm-rhev-2.3.0-22.el7.x86_64
libvirt-1.2.17-8.el7.x86_64


How reproducible:
100%

Steps to Reproduce:
1.Prepare a guest 
# virsh list --all
 Id    Name                           State
----------------------------------------------------
 -     rhel7zhwang                            shut off

2.enable vnc_auto_unix_socket in qemu.conf
#cat /etc/libvirt/qemu.conf
vnc_auto_unix_socket = 1

#service libvirtd restart

3.Configure an invalid vnc socket path in guest's xml, directory domain-vm111
didn't exsit actually

#virsh dumpxml rhel7zhwang
--
 <graphics type='vnc' socket='/var/lib/libvirt/qemu/domain-vm111/a.vnc'/>

4.Start guest, guest will crash 
# virsh start vm2
error: Failed to start domain vm2
error: internal error: early end of file from monitor: possible problem:
qemu-kvm: iohandler.c:60: qemu_set_fd_handler2: Assertion `fd >= 0' failed.

Actual results:
qemu crash while start a guest with invalid vnc socket path

Expected results:
qemu shouldn't crash and should get an expect error like following:

Failed to start VNC server: Failed to bind socket to /var/lib/libvirt/qemu/domain-vm111/a.vnc: No such file or directory 

Additional info:
Comment 1 zhenfeng wang 2015-09-09 05:36:49 UTC 
Created attachment 1071569 [details]
qemu coredump info
Comment 2 zhenfeng wang 2015-09-09 05:37:16 UTC 
Created attachment 1071570 [details]
guest's xml
Comment 4 Ján Tomko 2015-09-09 08:09:02 UTC 
Fixed upstream by:
commit 3d00ac1a2ee0294fc3d460e6013a5cdd9c73ea6c
Author:     Cole Robinson <crobinso>
AuthorDate: 2015-05-05 11:07:17 -0400
Commit:     Gerd Hoffmann <kraxel>
CommitDate: 2015-05-20 10:23:08 +0200

    vnc: Don't assert if opening unix socket fails
    
    Reproducer:
    
    $ qemu-system-x86_64 -display vnc=unix:/root/i-cant-access-you.sock
    qemu-system-x86_64: iohandler.c:60: qemu_set_fd_handler2: Assertion `fd >= 0' failed.
    Aborted (core dumped)
    
    Signed-off-by: Cole Robinson <crobinso>
    Reviewed-by: Eric Blake <eblake>
    Signed-off-by: Gerd Hoffmann <kraxel>

git describe: v2.3.0-497-g3d00ac1 contains: v2.4.0-rc0~127^2~2
Comment 5 Karen Noel 2015-09-09 11:03:01 UTC 
Crasher and upstream fix available, request exception for 7.2.
Comment 6 Gerd Hoffmann 2015-09-09 14:51:54 UTC 
posted.
Comment 7 Miroslav Rezanina 2015-09-15 10:51:07 UTC 
Fix included in qemu-kvm-rhev-2.3.0-23.el7
Comment 8 mazhang 2015-09-17 09:15:12 UTC 
Reproduced this bug on qemu-kvm-rhev-2.3.0-22.el7.x86_64.
(gdb) r -display vnc=unix:/blabla/bla
Starting program: /usr/libexec/qemu-kvm -display vnc=unix:/blabla/bla
[Thread debugging using libthread_db enabled]
Using host libthread_db library "/lib64/libthread_db.so.1".
[New Thread 0x7fffe8829700 (LWP 18385)]
[New Thread 0x7fffe8028700 (LWP 18388)]
[New Thread 0x7fffddfff700 (LWP 18390)]
qemu-kvm: iohandler.c:60: qemu_set_fd_handler2: Assertion `fd >= 0' failed.

Program received signal SIGABRT, Aborted.
0x00007ffff073d5d7 in raise () from /lib64/libc.so.6


Verified this bug on qemu-kvm-rhev-2.3.0-22.el7.x86_64.
(gdb) r -display vnc=unix:/blabla/bla
Starting program: /usr/libexec/qemu-kvm -display vnc=unix:/blabla/bla
[Thread debugging using libthread_db enabled]
Using host libthread_db library "/lib64/libthread_db.so.1".
[New Thread 0x7fffe8829700 (LWP 18444)]
[New Thread 0x7fffe8028700 (LWP 18447)]
[New Thread 0x7fffddfff700 (LWP 18449)]
qemu-kvm: -display vnc=unix:/blabla/bla: Failed to start VNC server on `(null)': Failed to bind socket to /blabla/bla: No such file or directory

qemu-kvm quit without assert.
So this bug has been fixed.
Comment 10 errata-xmlrpc 2015-12-04 16:56:35 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://rhn.redhat.com/errata/RHBA-2015-2546.html
Note You need to log in before you can comment on or make changes to this bug.