Bugzilla (bugzilla.redhat.com) will be under maintenance for infrastructure upgrades and will not be unavailable on July 31st between 12:30 AM - 05:30 AM UTC. We appreciate your understanding and patience. You can follow status.redhat.com for details.
Bug 589952 - QMP breaks when issuing any command with a backslash
Summary: QMP breaks when issuing any command with a backslash
Alias: None
Product: Red Hat Enterprise Linux 6
Classification: Red Hat
Component: qemu-kvm
Version: 6.0
Hardware: All
OS: Linux
Target Milestone: beta
: ---
Assignee: Luiz Capitulino
QA Contact: Virtualization Bugs
Depends On:
Blocks: 559201
TreeView+ depends on / blocked
Reported: 2010-05-07 11:32 UTC by Daniel Berrangé
Modified: 2010-11-10 18:55 UTC (History)
6 users (show)

Fixed In Version: qemu-kvm-
Doc Type: Bug Fix
Doc Text:
Clone Of:
Last Closed: 2010-06-02 04:33:42 UTC
Target Upstream Version:

Attachments (Terms of Use)

Description Daniel Berrangé 2010-05-07 11:32:43 UTC
Description of problem:
If you issue any command with a value containing a '\' (which becomes '\\' when escaped for JSON), then QMP will never give a reply - not even an error reply. 

This can impact many commands, but in particular the "__com.redhat_spice_migrate_info" command because it is quite likely for the cert-subject value to containin '\,' which becomes '\\,' in JSON.

Version-Release number of selected component (if applicable):

How reproducible:

Steps to Reproduce:
1. /usr/libexec/qemu-kvm -chardev stdio,id=monitor  -mon chardev=monitor,mode=control
2. Send any of the following commands

{"execute":"qmp_capabilities", "foo": "Hello \,World"}
{"execute":"qmp_capabilities", "foo": "Hello \\World"}
{"execute":"qmp_capabilities", "foo": "Hello \/\/orld"}
{"execute":"qmp_capabilities", "foo": "Hello \\/\\/orld"}
{"execute":"qmp_capabilities", "foo": "Hello \\\\/\\\\/orld"}

Actual results:
No reply at all.

Expected results:
For examples 1, 2, 3 & 5, a success reply is expected eg

{"return": {}}

The 3rd example should give an error reply, since \/ isn't a valid escape sequence in JSON.

Additional info:

Comment 2 RHEL Program Management 2010-05-07 12:58:33 UTC
This request was evaluated by Red Hat Product Management for inclusion in a Red
Hat Enterprise Linux major release.  Product Management has requested further
review of this request by Red Hat Engineering, for potential inclusion in a Red
Hat Enterprise Linux Major release.  This request is not yet committed for

Comment 3 Luiz Capitulino 2010-05-14 14:22:23 UTC
I'll work on this one later today.

Comment 4 Luiz Capitulino 2010-05-20 01:25:16 UTC
I've submitted fixes upstream for most of the issues, only one remains and I hope to fix it until the end of this week.

However, I think we should agree on what is invalid syntax. If I'm not missing anything, only the first example is invalid. Here goes some explanation.

{"execute":"qmp_capabilities", "foo": "Hello \,World"}

Invalid as "\," is an invalid JSON escape sequence.

{"execute":"qmp_capabilities", "foo": "Hello \\World"}
{"execute":"qmp_capabilities", "foo": "Hello \/\/orld"}

Both examples have valid escape sequences: "\\" and "\/", so the sentences are valid.

{"execute":"qmp_capabilities", "foo": "Hello \\/\\/orld"}

Valid too, "\\" is an valid escape sequence and "/" is a valid char.

{"execute":"qmp_capabilities", "foo": "Hello \\\\/\\\\/orld"}

Same as above.

Now, passing "foo" is invalid. This is a flaw, as QMP ignores unknown parameters. Will be fixed ASAP.

Comment 5 Luiz Capitulino 2010-05-21 13:02:28 UTC
Let me clarify that we have three issues here and each of them is reported on different BZ:

1. QMP doesn't handle valid backslash characters: This issue - fix already posted upstream

2. QMP stop responding on certain bad inputs: bug 580449 - I'm working on this right now

3. QMP ignore unknown arguments (eg. 'foo' above): bug 586233

Comment 10 Mike Cao 2010-06-02 04:31:29 UTC
Verified in qemu-kvm-

steps :
1.start VM by using :
#/usr/libexec/qemu-kvm -m 2G -smp 2 -drive file=RHEL-Server-6-x86_64-virtio.raw_mike,format=raw,media=disk,if=virtio,boot=on,cache=off,werror=stop -net nic,vlan=0,macaddr=20:aa:11:23:91:19,model=virtio -net tap,vlan=0,script=/etc/qemu-ifup -monitor stdio -rtc-td-hack -cpu qemu64,+sse2 -uuid `uuidgen` -usbdevice tablet -startdate now -balloon none -vnc :4 -qmp tcp:localhost:4444,server
2.send command {"execute":"qmp_capabilities", "foo": "Hello \,World"}
3.reconnect the qmp connect and send command {"execute":"qmp_capabilities", "foo": "Hello \\World"}
4.reconnect the qmp connect and send command {"execute":"qmp_capabilities", "foo": "Hello \/\/orld"}
5.reconnect the qmp connect and send command {"execute":"qmp_capabilities", "foo": "Hello \\/\\/orld"}
6.reconnect the qmp connect and send command {"execute":"qmp_capabilities", "foo": "Hello \\\\/\\\\/orld"}

Actual results:
after step 2,no reply because '\,'is not valid .
after step 3-6 all return {"return": {}}

The bug has already been fixed.

Comment 11 Mike Cao 2010-06-02 04:33:11 UTC
According to comment #10,close this bug.

Note You need to log in before you can comment on or make changes to this bug.