Note: This bug is displayed in read-only format because the product is no longer active in Red Hat Bugzilla.
RHEL Engineering is moving the tracking of its product development work on RHEL 6 through RHEL 9 to Red Hat Jira (issues.redhat.com). If you're a Red Hat customer, please continue to file support cases via the Red Hat customer portal. If you're not, please head to the "RHEL project" in Red Hat Jira and file new tickets here. Individual Bugzilla bugs in the statuses "NEW", "ASSIGNED", and "POST" are being migrated throughout September 2023. Bugs of Red Hat partners with an assigned Engineering Partner Manager (EPM) are migrated in late September as per pre-agreed dates. Bugs against components "kernel", "kernel-rt", and "kpatch" are only migrated if still in "NEW" or "ASSIGNED". If you cannot log in to RH Jira, please consult article #7032570. That failing, please send an e-mail to the RH Jira admins at rh-issues@redhat.com to troubleshoot your issue as a user management inquiry. The email creates a ServiceNow ticket with Red Hat. Individual Bugzilla bugs that are migrated will be moved to status "CLOSED", resolution "MIGRATED", and set with "MigratedToJIRA" in "Keywords". The link to the successor Jira issue will be found under "Links", have a little "two-footprint" icon next to it, and direct you to the "RHEL project" in Red Hat Jira (issue links are of type "https://issues.redhat.com/browse/RHEL-XXXX", where "X" is a digit). This same link will be available in a blue banner at the top of the page informing you that that bug has been migrated.

Bug 1261263

Summary: qemu crash while start a guest with invalid vnc socket path
Product: Red Hat Enterprise Linux 7 Reporter: zhenfeng wang <zhwang>
Component: qemu-kvm-rhevAssignee: Gerd Hoffmann <kraxel>
Status: CLOSED ERRATA QA Contact: Virtualization Bugs <virt-bugs>
Severity: high Docs Contact:
Priority: unspecified    
Version: 7.2CC: areis, crobinso, dyuan, eblake, fjin, huding, jsuchane, juzhang, knoel, lmiksik, mazhang, mzhan, rbalakri, virt-maint, xfu
Target Milestone: rc   
Target Release: ---   
Hardware: x86_64   
OS: Unspecified   
Whiteboard:
Fixed In Version: qemu-kvm-rhev-2.3.0-23.el7 Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
: 1263986 (view as bug list) Environment:
Last Closed: 2015-12-04 16:56:35 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On:    
Bug Blocks: 1263986    
Attachments:
Description Flags
qemu coredump info
none
guest's xml none

Description zhenfeng wang 2015-09-09 05:36:06 UTC 
Description of problem:
qemu crash while start a guest with invalid vnc socket path

Version-Release number of selected component (if applicable):
qemu-kvm-rhev-2.3.0-22.el7.x86_64
libvirt-1.2.17-8.el7.x86_64


How reproducible:
100%

Steps to Reproduce:
1.Prepare a guest 
# virsh list --all
 Id    Name                           State
----------------------------------------------------
 -     rhel7zhwang                            shut off

2.enable vnc_auto_unix_socket in qemu.conf
#cat /etc/libvirt/qemu.conf
vnc_auto_unix_socket = 1

#service libvirtd restart

3.Configure an invalid vnc socket path in guest's xml, directory domain-vm111
didn't exsit actually

#virsh dumpxml rhel7zhwang
--
 <graphics type='vnc' socket='/var/lib/libvirt/qemu/domain-vm111/a.vnc'/>

4.Start guest, guest will crash 
# virsh start vm2
error: Failed to start domain vm2
error: internal error: early end of file from monitor: possible problem:
qemu-kvm: iohandler.c:60: qemu_set_fd_handler2: Assertion `fd >= 0' failed.

Actual results:
qemu crash while start a guest with invalid vnc socket path

Expected results:
qemu shouldn't crash and should get an expect error like following:

Failed to start VNC server: Failed to bind socket to /var/lib/libvirt/qemu/domain-vm111/a.vnc: No such file or directory 

Additional info:
Comment 1 zhenfeng wang 2015-09-09 05:36:49 UTC 
Created attachment 1071569 [details]
qemu coredump info
Comment 2 zhenfeng wang 2015-09-09 05:37:16 UTC 
Created attachment 1071570 [details]
guest's xml
Comment 4 Ján Tomko 2015-09-09 08:09:02 UTC 
Fixed upstream by:
commit 3d00ac1a2ee0294fc3d460e6013a5cdd9c73ea6c
Author:     Cole Robinson <crobinso>
AuthorDate: 2015-05-05 11:07:17 -0400
Commit:     Gerd Hoffmann <kraxel>
CommitDate: 2015-05-20 10:23:08 +0200

    vnc: Don't assert if opening unix socket fails
    
    Reproducer:
    
    $ qemu-system-x86_64 -display vnc=unix:/root/i-cant-access-you.sock
    qemu-system-x86_64: iohandler.c:60: qemu_set_fd_handler2: Assertion `fd >= 0' failed.
    Aborted (core dumped)
    
    Signed-off-by: Cole Robinson <crobinso>
    Reviewed-by: Eric Blake <eblake>
    Signed-off-by: Gerd Hoffmann <kraxel>

git describe: v2.3.0-497-g3d00ac1 contains: v2.4.0-rc0~127^2~2
Comment 5 Karen Noel 2015-09-09 11:03:01 UTC 
Crasher and upstream fix available, request exception for 7.2.
Comment 6 Gerd Hoffmann 2015-09-09 14:51:54 UTC 
posted.
Comment 7 Miroslav Rezanina 2015-09-15 10:51:07 UTC 
Fix included in qemu-kvm-rhev-2.3.0-23.el7
Comment 8 mazhang 2015-09-17 09:15:12 UTC 
Reproduced this bug on qemu-kvm-rhev-2.3.0-22.el7.x86_64.
(gdb) r -display vnc=unix:/blabla/bla
Starting program: /usr/libexec/qemu-kvm -display vnc=unix:/blabla/bla
[Thread debugging using libthread_db enabled]
Using host libthread_db library "/lib64/libthread_db.so.1".
[New Thread 0x7fffe8829700 (LWP 18385)]
[New Thread 0x7fffe8028700 (LWP 18388)]
[New Thread 0x7fffddfff700 (LWP 18390)]
qemu-kvm: iohandler.c:60: qemu_set_fd_handler2: Assertion `fd >= 0' failed.

Program received signal SIGABRT, Aborted.
0x00007ffff073d5d7 in raise () from /lib64/libc.so.6


Verified this bug on qemu-kvm-rhev-2.3.0-22.el7.x86_64.
(gdb) r -display vnc=unix:/blabla/bla
Starting program: /usr/libexec/qemu-kvm -display vnc=unix:/blabla/bla
[Thread debugging using libthread_db enabled]
Using host libthread_db library "/lib64/libthread_db.so.1".
[New Thread 0x7fffe8829700 (LWP 18444)]
[New Thread 0x7fffe8028700 (LWP 18447)]
[New Thread 0x7fffddfff700 (LWP 18449)]
qemu-kvm: -display vnc=unix:/blabla/bla: Failed to start VNC server on `(null)': Failed to bind socket to /blabla/bla: No such file or directory

qemu-kvm quit without assert.
So this bug has been fixed.
Comment 10 errata-xmlrpc 2015-12-04 16:56:35 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://rhn.redhat.com/errata/RHBA-2015-2546.html