Note: This bug is displayed in read-only format because the product is no longer active in Red Hat Bugzilla.
RHEL Engineering is moving the tracking of its product development work on RHEL 6 through RHEL 9 to Red Hat Jira (issues.redhat.com). If you're a Red Hat customer, please continue to file support cases via the Red Hat customer portal. If you're not, please head to the "RHEL project" in Red Hat Jira and file new tickets here. Individual Bugzilla bugs in the statuses "NEW", "ASSIGNED", and "POST" are being migrated throughout September 2023. Bugs of Red Hat partners with an assigned Engineering Partner Manager (EPM) are migrated in late September as per pre-agreed dates. Bugs against components "kernel", "kernel-rt", and "kpatch" are only migrated if still in "NEW" or "ASSIGNED". If you cannot log in to RH Jira, please consult article #7032570. That failing, please send an e-mail to the RH Jira admins at rh-issues@redhat.com to troubleshoot your issue as a user management inquiry. The email creates a ServiceNow ticket with Red Hat. Individual Bugzilla bugs that are migrated will be moved to status "CLOSED", resolution "MIGRATED", and set with "MigratedToJIRA" in "Keywords". The link to the successor Jira issue will be found under "Links", have a little "two-footprint" icon next to it, and direct you to the "RHEL project" in Red Hat Jira (issue links are of type "https://issues.redhat.com/browse/RHEL-XXXX", where "X" is a digit). This same link will be available in a blue banner at the top of the page informing you that that bug has been migrated.

Bug 1329449

Summary: Core dump when use wrong iscsi target name
Product: Red Hat Enterprise Linux 7 Reporter: yduan
Component: qemu-kvm-rhevAssignee: Fam Zheng <famz>
Status: CLOSED NEXTRELEASE QA Contact: Virtualization Bugs <virt-bugs>
Severity: high Docs Contact:
Priority: high    
Version: 7.3CC: chayang, huding, jinzhao, juzhang, knoel, pezhang, virt-maint, xfu, yduan
Target Milestone: rcKeywords: Regression
Target Release: ---   
Hardware: x86_64   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2016-06-30 08:09:22 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description yduan 2016-04-22 01:51:19 UTC 
Description of problem:
Core dump when use wrong iscsi target name

Version-Release number of selected component (if applicable):
Host:
  kernel: 3.10.0-382.el7.x86_64
  qemu-kvm-rhev: qemu-kvm-rhev-2.5.0-4.el7.x86_64
Guest:
  kernel: 3.10.0-382.el7.x86_64

How reproducible:
100%

Steps to Reproduce:
1.#ls /dev/disk/by-path/ip-10.73.72.55\:3260-iscsi-iqn.2001-04.com.example\:storage.disk1.amiens.sys1.xyz-lun-1

/dev/disk/by-path/ip-10.73.72.55:3260-iscsi-iqn.2001-04.com.example:storage.disk1.amiens.sys1.xyz-lun-1

2.Start a VM by using following command:
 ...
 -drive file=iscsi://10.73.72.55:3260/iqn.2001-04.com.example:storage.disk1.amiens.sys1.xyz-lun-1,format=qcow2,id=drive_sysdisk,if=none,cache=none,aio=native,werror=stop,rerror=stop \
 -device scsi-block,drive=drive_sysdisk,bus=scsi_pci_bus0.0,id=device_sysdisk,bootindex=0
 ...

Actual results:
qemu-kvm: -drive file=iscsi://10.73.72.55:3260/iqn.2001-04.com.example:storage.disk1.amiens.sys1.xyz-lun-1,format=qcow2,id=drive_sysdisk,if=none,cache=none,aio=native,werror=stop,rerror=stop: Failed to parse URL : iscsi://10.73.72.55:3260/iqn.2001-04.com.example:storage.disk1.amiens.sys1.xyz-lun-1
qemu-kvm:1boot.sh: line 36:   392 Segmentation fault      (core dumped)...

Expected results:
Just show the prompt with no core dump.


Steps to Reproduce:
1.#ls /dev/disk/by-path/ip-10.73.72.55\:3260-iscsi-iqn.2001-04.com.example\:storage.disk1.amiens.sys1.xyz-lun-1

/dev/disk/by-path/ip-10.73.72.55:3260-iscsi-iqn.2001-04.com.example:storage.disk1.amiens.sys1.xyz-lun-1

2.Start a VM by using following command:
 ...
 -drive file=iscsi://10.73.72.55:3260/iqn.2001-04.com.example:storage.disk1.amiens.sys1.xyz-lun-1/1,format=qcow2,id=drive_sysdisk,if=none,cache=none,aio=native,werror=stop,rerror=stop \
 -device scsi-block,drive=drive_sysdisk,bus=scsi_pci_bus0.0,id=device_sysdisk,bootindex=0
 ...

Actual results:
qemu-kvm: -drive file=iscsi://10.73.72.55:3260/iqn.2001-04.com.example:storage.disk1.amiens.sys1.xyz-lun-1/1,format=qcow2,id=drive_sysdisk,if=none,cache=none,aio=native,werror=stop,rerror=stop: iSCSI: Failed to connect to LUN : Failed to log in to target. Status: Target not found(515)
qemu-kvm:1boot.sh: line 37: 17401 Segmentation fault      (core dumped)...

Expected results:
Just show the prompt with no core dump.

Additional info:
These are not reproducible with qemu-kvm-rhev-2.3.0-31.el7_2.12.x86_64.

(gdb) bt
#0  0x00007f5b8225dab4 in vfprintf () from /lib64/libc.so.6
#1  0x00007f5b82261801 in buffered_vfprintf () from /lib64/libc.so.6
#2  0x00007f5b8225c73e in vfprintf () from /lib64/libc.so.6
#3  0x00007f5b8232092d in __vfprintf_chk () from /lib64/libc.so.6
#4  0x00007f5b8a5c1a19 in error_printf (fmt=fmt@entry=0x7f5b8a60bc7a "%s%s") at util/qemu-error.c:40
#5  0x00007f5b8a5c1ea0 in error_print_loc () at util/qemu-error.c:183
#6  error_vreport (fmt=0x7f5b8a647758 "%s", ap=ap@entry=0x7ffe4bf761b0) at util/qemu-error.c:220
#7  0x00007f5b8a5c1f69 in error_report (fmt=fmt@entry=0x7f5b8a647758 "%s") at util/qemu-error.c:237
#8  0x00007f5b8a5c1475 in error_report_err (err=0x7f5b8bc5b3e0) at util/error.c:205
#9  0x00007f5b8a50568a in tap_cleanup (nc=0x7f5b8bd6a000) at net/tap.c:309
#10 0x00007f5b8a500195 in qemu_del_net_client (nc=0x7f5b8bd6a000) at net/net.c:429
#11 0x00007f5b8a50102d in net_cleanup () at net/net.c:1370
#12 0x00007f5b8224de69 in __run_exit_handlers () from /lib64/libc.so.6
#13 0x00007f5b8224deb5 in exit () from /lib64/libc.so.6
#14 0x00007f5b8a321063 in main (argc=<optimized out>, argv=<optimized out>, envp=<optimized out>) at vl.c:4106
Comment 2 yduan 2016-04-25 07:02:22 UTC 
# qemu-img info /dev/sdc
image: /dev/sdc
file format: raw
virtual size: 10G (10737418240 bytes)
disk size: 0

When use this image but with wrong disk format, core dumped.
qemu-kvm: -drive file=/dev/sdc,format=qcow2,id=drive_datadisk0,if=none,cache=none,media=disk,aio=native,werror=stop,rerror=stop,readonly=on: Image is not in qcow2 format
qemu-kvm:0boot.sh: line 45:  2503 Segmentation fault      (core dumped)

backtrace is the same.
(gdb) bt
#0  0x00007fbc73af7ab4 in vfprintf () from /lib64/libc.so.6
#1  0x00007fbc73afb801 in buffered_vfprintf () from /lib64/libc.so.6
#2  0x00007fbc73af673e in vfprintf () from /lib64/libc.so.6
#3  0x00007fbc73bba92d in __vfprintf_chk () from /lib64/libc.so.6
#4  0x00007fbc7be5ba19 in error_printf (fmt=fmt@entry=0x7fbc7bea5c7a "%s%s") at util/qemu-error.c:40
#5  0x00007fbc7be5bea0 in error_print_loc () at util/qemu-error.c:183
#6  error_vreport (fmt=0x7fbc7bee1758 "%s", ap=ap@entry=0x7fffa6bb2780) at util/qemu-error.c:220
#7  0x00007fbc7be5bf69 in error_report (fmt=fmt@entry=0x7fbc7bee1758 "%s") at util/qemu-error.c:237
#8  0x00007fbc7be5b475 in error_report_err (err=0x7fbc7edd7950) at util/error.c:205
#9  0x00007fbc7bd9f68a in tap_cleanup (nc=0x7fbc7eee6000) at net/tap.c:309
#10 0x00007fbc7bd9a195 in qemu_del_net_client (nc=0x7fbc7eee6000) at net/net.c:429
#11 0x00007fbc7bd9b02d in net_cleanup () at net/net.c:1370
#12 0x00007fbc73ae7e69 in __run_exit_handlers () from /lib64/libc.so.6
#13 0x00007fbc73ae7eb5 in exit () from /lib64/libc.so.6
#14 0x00007fbc7bbbb063 in main (argc=<optimized out>, argv=<optimized out>, envp=<optimized out>) at vl.c:4106