Bug 804066 - qemu-kvm core dumps when set password to vnc protocol while boot with spice
qemu-kvm core dumps when set password to vnc protocol while boot with spice
Status: CLOSED CURRENTRELEASE
Product: Red Hat Enterprise Linux 7
Classification: Red Hat
Component: qemu-kvm (Show other bugs)
7.0
Unspecified Unspecified
medium Severity medium
: rc
: ---
Assigned To: Gerd Hoffmann
Virtualization Bugs
:
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2012-03-16 09:08 EDT by Xiaoqing Wei
Modified: 2014-06-17 23:15 EDT (History)
7 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
: 1099339 (view as bug list)
Environment:
Last Closed: 2014-06-13 06:58:30 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)
gdb-output detail (264.19 KB, text/plain)
2012-03-16 09:12 EDT, Xiaoqing Wei
no flags Details

  None (edit)
Description Xiaoqing Wei 2012-03-16 09:08:10 EDT
Description of problem:

qemu-kvm core dumps when set password to vnc protocol while boot with spice
Version-Release number of selected component (if applicable):

qemu-kvm-0.15.1-3.3.el7.x86_64
How reproducible:
100%

Steps to Reproduce:
1.boot guest with spice   
 qemu-kvm -monitor stdio -S -spice port=8010,disable-ticketing ......
2.(qemu) set_password vnc helo
(qemu) expire_password vnc +53
Segmentation fault (core dumped)

3.
  
Actual results:
qemu-kvm core dump

Expected results:
qemu-kvm raise warning or error like [there's not boot with vnc, so can not set password to vnc protocol]

Additional info:


#0  vnc_display_pw_expire (ds=0x0, expires=1331925755) at ui/vnc.c:2690
2690	    vs->expires = expires;
(gdb) bt
#0  vnc_display_pw_expire (ds=0x0, expires=1331925755) at ui/vnc.c:2690
#1  0x00007f4430d75a75 in handle_user_command (mon=0x7f44330f17c0, cmdline=<optimized out>)
    at /usr/src/debug/qemu-kvm-0.15.1/monitor.c:4530
#2  0x00007f4430d75ece in monitor_command_cb (mon=0x7f44330f17c0, cmdline=<optimized out>, 
    opaque=<optimized out>) at /usr/src/debug/qemu-kvm-0.15.1/monitor.c:5176
#3  0x00007f4430dd2fba in readline_handle_byte (rs=0x7f44330f1c30, ch=<optimized out>)
    at readline.c:370
#4  0x00007f4430d75c79 in monitor_read (opaque=<optimized out>, 
    buf=0x7fffae58dd80 "\n\036\222,D\177", size=1) at /usr/src/debug/qemu-kvm-0.15.1/monitor.c:5162
#5  0x00007f4430df8b65 in qemu_chr_read (len=<optimized out>, buf=0x7fffae58dd80 "\n\036\222,D\177", 
    s=0x7f4432f77cd0) at qemu-char.c:179
#6  tcp_chr_read (opaque=0x7f4432f77cd0) at qemu-char.c:2229
#7  0x00007f4430e06f8a in qemu_iohandler_poll (readfds=0x7fffae58ee30, writefds=0x7fffae58eeb0, 
    xfds=<optimized out>, ret=<optimized out>) at iohandler.c:155
#8  0x00007f4430d7b309 in main_loop_wait (nonblocking=<optimized out>)
    at /usr/src/debug/qemu-kvm-0.15.1/vl.c:1348
#9  0x00007f4430d65449 in main_loop () at /usr/src/debug/qemu-kvm-0.15.1/vl.c:1392
#10 main (argc=<optimized out>, argv=<optimized out>, envp=<optimized out>)
    at /usr/src/debug/qemu-kvm-0.15.1/vl.c:3378
Comment 1 Xiaoqing Wei 2012-03-16 09:12:19 EDT
Created attachment 570606 [details]
gdb-output detail

gdb thread apply all bt full
Comment 2 Xiaoqing Wei 2012-03-18 22:22:37 EDT
aha, forgot to say:

if boot guest with " -vnc :0", it doesn't core dump, just work well.

Best Regards,
Xiaoqing Wei.
Comment 4 Xiaoqing Wei 2012-04-10 05:52:28 EDT
able to reproduce on version qemu-kvm-1.0-9.2.el7.x86_64
Comment 5 Gerd Hoffmann 2012-05-09 07:56:09 EDT
Patch posted upstream.
http://patchwork.ozlabs.org/patch/157888/
Comment 9 Gerd Hoffmann 2013-03-20 10:47:22 EDT
Patch is upstream.
Comment 11 mazhang 2014-01-20 22:27:24 EST
Too old to find qemu-kvm-1.0-9.2.el7.x86_64, try reproduce on qemu-kvm-1.3.0-3.el7.x86_64, but not found this problem.

Steps:
Starting program: /usr/libexec/qemu-kvm -name vm1 -nodefaults -chardev socket,id=qmp_id_qmpmonitor1,path=/tmp/monitor-qmpmonitor1-20130218-133213-tne4yYwu,server,nowait -mon chardev=qmp_id_qmpmonitor1,mode=control -drive file=/home/rhel6u1-64.qcow2,if=none,id=drive-virtio-disk0,format=qcow2,cache=none,werror=stop,rerror=stop,aio=threads -device virtio-blk-pci,scsi=off,bus=pci.0,drive=drive-virtio-disk0,id=virtio-disk0,bootindex=1 -netdev tap,id=hostnet0 -device virtio-net-pci,netdev=hostnet0,id=net0,mac=52:54:00:39:13:2c -m 4096 -smp 4,maxcpus=4,cores=2,threads=1,sockets=2 -cpu SandyBridge,hv_relaxed -M pc -rtc base=localtime,clock=host,driftfix=slew -boot menu=on -enable-kvm -monitor stdio -vga qxl -spice port=5900,disable-ticketing -drive file=/home/boot.iso,if=none,id=drive-ide0-0-1,media=cdrom,format=raw -device ide-drive,bus=ide.0,unit=1,drive=drive-ide0-0-1,bootindex=0 -S
[Thread debugging using libthread_db enabled]
Using host libthread_db library "/lib64/libthread_db.so.1".
Detaching after fork from child process 19035.

(qemu) QEMU 1.3.0 monitor - type 'help' for more information
(qemu) 
(qemu) set
set_link      set_password  
(qemu) set_password vnc[Thread 0x7fffeb89f700 (LWP 19040) exited]
set_password vnc helo
Could not set password
(qemu) expire_password vnc +23
Could not set password
(qemu) 


Update qemu-kvm to the latest version and test it, not found the problem.
Host:
RHEL-7.0-20131222.0
kernel-3.10.0-69.el7.x86_64
qemu-kvm-1.5.3-38.el7.x86_64

Steps:
Starting program: /usr/libexec/qemu-kvm -name vm1 -nodefaults -chardev socket,id=qmp_id_qmpmonitor1,path=/tmp/monitor-qmpmonitor1-20130218-133213-tne4yYwu,server,nowait -mon chardev=qmp_id_qmpmonitor1,mode=control -drive file=/home/rhel7-64.raw,if=none,id=drive-virtio-disk0,format=raw,cache=none,werror=stop,rerror=stop,aio=threads -device virtio-blk-pci,scsi=off,bus=pci.0,drive=drive-virtio-disk0,id=virtio-disk0,bootindex=1 -netdev tap,id=hostnet0 -device virtio-net-pci,netdev=hostnet0,id=net0,mac=52:54:00:39:13:2c -m 4096 -smp 4,maxcpus=4,cores=2,threads=1,sockets=2 -cpu Opteron_G1 -M pc -rtc base=localtime,clock=host,driftfix=slew -boot menu=on -enable-kvm -monitor stdio -vga qxl -spice port=5900,disable-ticketing -S
[Thread debugging using libthread_db enabled]
Using host libthread_db library "/lib64/libthread_db.so.1".
Detaching after fork from child process 32556.
QEMU 1.5.3 monitor - type 'help' for more information
(qemu) [New Thread 0x7fffeaeb4700 (LWP 32562)]
[New Thread 0x7fffea6b3700 (LWP 32563)]
[New Thread 0x7fffe9eb2700 (LWP 32564)]
[New Thread 0x7fffe96b1700 (LWP 32565)]
[New Thread 0x7fffdaffe700 (LWP 32566)]
[New Thread 0x7fffda7fd700 (LWP 32568)]

(qemu) [Thread 0x7fffda7fd700 (LWP 32568) exited]

(qemu) set
set_link      set_password  
(qemu) set_password vnc hhh
Could not set password
(qemu) expire_password vnc +32
Could not set password
(qemu) 
(qemu) set_password vnc sadferf
Could not set password
(qemu) expire_password vnc 23153454
Could not set password

This problem has gone.
Comment 13 Ludek Smid 2014-06-13 06:58:30 EDT
This request was resolved in Red Hat Enterprise Linux 7.0.

Contact your manager or support representative in case you have further questions about the request.

Note You need to log in before you can comment on or make changes to this bug.