Bug 750738 - Segmentation fault if -chardev without backend
Summary: Segmentation fault if -chardev without backend
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: Red Hat Enterprise Linux 6
Classification: Red Hat
Component: qemu-kvm
Version: 6.2
Hardware: Unspecified
OS: Unspecified
medium
medium
Target Milestone: rc
: ---
Assignee: Amit Shah
QA Contact: Virtualization Bugs
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2011-11-02 09:08 UTC by Mike Cao
Modified: 2012-06-20 11:35 UTC (History)
11 users (show)

Fixed In Version: qemu-kvm-0.12.1.2-2.211.el6
Doc Type: Bug Fix
Doc Text:
No documentation needed
Clone Of:
Environment:
Last Closed: 2012-06-20 11:35:42 UTC
Target Upstream Version:


Attachments (Terms of Use)


Links
System ID Private Priority Status Summary Last Updated
Red Hat Product Errata RHBA-2012:0746 0 normal SHIPPED_LIVE qemu-kvm bug fix and enhancement update 2012-06-19 19:31:48 UTC

Description Mike Cao 2011-11-02 09:08:50 UTC
Description of problem:
chardev does not have a default backend ,when start qemu-kvm with -chardev w/o backend ,seg fault will happened.

Version-Release number of selected component (if applicable):
# uname -r 
2.6.32-215.el6.x86_64
[root@test ~]# rpm -q qemu-kvm
qemu-kvm-0.12.1.2-2.206.el6.x86_64

How reproducible:
100%

Steps to Reproduce:
1.start guest with -chardev id=charchannnel0 -device virtserialport,bus=virtio-serial0.0,nr=1,chardev=charchannel0,id=channel0,name=test
  
Actual results:
segfault happened .

Program received signal SIGSEGV, Segmentation fault.
__strcmp_sse42 () at ../sysdeps/x86_64/multiarch/strcmp.S:515
515		movdqa	(%rdi), %xmm2
(gdb) bt
#0  __strcmp_sse42 () at ../sysdeps/x86_64/multiarch/strcmp.S:515
#1  0x00000000004beb38 in qemu_chr_open_opts (opts=0xf01470, init=0)
    at qemu-char.c:2640
#2  0x00000000004096ab in chardev_init_func (opts=<value optimized out>, 
    opaque=<value optimized out>)
    at /usr/src/debug/qemu-kvm-0.12.1.2/vl.c:4756
#3  0x000000000047bc9a in qemu_opts_foreach (list=<value optimized out>, 
    func=0x4096a0 <chardev_init_func>, opaque=0x0, 
    abort_on_failure=<value optimized out>) at qemu-option.c:957
#4  0x000000000040d068 in main (argc=<value optimized out>, 
    argv=<value optimized out>, envp=<value optimized out>)
    at /usr/src/debug/qemu-kvm-0.12.1.2/vl.c:6033

Expected results:
chardev should have a default backend if user did not specify one .whatever should no segmentation fault 

Additional info:

Comment 1 Amit Shah 2011-11-02 09:38:28 UTC
Fixed upstream in 1bbd185fa826a2da7c6089b968f9f7d08438c2c8

Comment 7 Qunfang Zhang 2012-01-29 05:37:07 UTC
Reproduced this issue on qemu-kvm-0.12.1.2-2.209.el6 and verified pass on qemu-kvm-0.12.1.2-2.221.el6.x86_64.

Steps:
Boot a guest with chardev but without backend, for example:
-device virtio-serial-pci,id=virtio-serial0,max_ports=16,bus=pci.0,addr=0x7 -chardev id=channel0,host=127.0.0.1,port=12345,server,nowait -device virtserialport,bus=virtio-serial0.0,nr=1,chardev=channel0,id=channel0,name=com.redhat.rhevm.vdsm

On qemu-kvm-0.12.1.2-2.209.el6, got a segment fault:
Program received signal SIGSEGV, Segmentation fault.
(gdb) bt
#0  0x0000003243733a1a in __strcmp_ssse3 () from /lib64/libc.so.6
#1  0x00000000004bec88 in qemu_chr_open_opts (opts=0xf00d20, init=0) at qemu-char.c:2640
#2  0x00000000004096fb in chardev_init_func (opts=<value optimized out>, opaque=<value optimized out>)
    at /usr/src/debug/qemu-kvm-0.12.1.2/vl.c:4761
#3  0x000000000047bd0a in qemu_opts_foreach (list=<value optimized out>, func=0x4096f0 <chardev_init_func>, 
    opaque=0x0, abort_on_failure=<value optimized out>) at qemu-option.c:957
#4  0x000000000040d068 in main (argc=<value optimized out>, argv=<value optimized out>, 
    envp=<value optimized out>) at /usr/src/debug/qemu-kvm-0.12.1.2/vl.c:6038

On qemu-kvm-0.12.1.2-2.221.el6.x86_64, qemu gives prompt if there's no backend for a chardev:
chardev: "channel0" missing backend

So, this issue is fixed.

Comment 10 Amit Shah 2012-04-24 13:04:07 UTC
    Technical note added. If any revisions are required, please edit the "Technical Notes" field
    accordingly. All revisions will be proofread by the Engineering Content Services team.
    
    New Contents:
No documentation needed

Comment 11 errata-xmlrpc 2012-06-20 11:35:42 UTC
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

http://rhn.redhat.com/errata/RHBA-2012-0746.html


Note You need to log in before you can comment on or make changes to this bug.