Red Hat Bugzilla – Bug 918472
[abrt] qemu-kvm-0.12.1.2-2.355.el6: getnameinfo: Process /usr/libexec/qemu-kvm was killed by signal 11 (SIGSEGV)
Last modified: 2013-11-21 02:39:52 EST
Description of problem: 1. run qemu with '-spice addr=[ipv6::in:brackets],<rest_of_options>' 2. qemu segfaults in getnameinfo() This may be a bug in spice server that should reject or correct the value of addr= or in getnameinfo() that should be able to cope with such address Version-Release number of selected component: qemu-kvm-0.12.1.2-2.355.el6 Additional info: libreport version: 2.0.9 abrt_version: 2.0.8 backtrace_rating: 4 cmdline: qemu-kvm -monitor stdio -vga qxl -spice addr=[fe80::200:ff:fe00:0],disable-ticketing,x509-dir=/etc/pki/libvirt-spice,tls-port=5801,port=5800,tls-channel=main,tls-channel=inputs -incoming tcp:0:5701 crash_function: getnameinfo kernel: 2.6.32-358.el6.x86_64 truncated backtrace: :Thread no. 1 (7 frames) : #0 getnameinfo at getnameinfo.c : #1 reds_init_socket at reds.c : #2 reds_init_net at reds.c : #3 do_spice_init at reds.c : #4 spice_server_init at reds.c : #5 qemu_spice_init at /usr/src/debug/qemu-kvm-0.12.1.2/ui/spice-core.c : #6 module_call_init at /usr/src/debug/qemu-kvm-0.12.1.2/module.c
Created attachment 705857 [details] File: maps
Created attachment 705858 [details] File: var_log_messages
Created attachment 705859 [details] File: open_fds
Created attachment 705860 [details] File: environ
Created attachment 705861 [details] File: dso_list
Created attachment 705862 [details] File: sosreport.tar.xz
Created attachment 705864 [details] File: backtrace
Created attachment 705865 [details] File: build_ids
Created attachment 705866 [details] File: limits
Created attachment 705867 [details] File: cgroup
I don't think spice should use getnameinfo() during initialization. Is there a valid reason for that? For any input from the user (including configuration), getaddrinfo() should be used to gather the necessary data. During the initialization of a service, the only binary addressing data I could think of would come from the kernel through netlink. But these should rarely be used for any reverse lookup.
This is probably fixed by http://cgit.freedesktop.org/spice/spice/commit/?id=5a31221252b Pavel, see http://cgit.freedesktop.org/~teuf/spice/commit/?id=79c3a97 for some kind of explanations on the getnameinfo() call (summary: there is such a call in the post-getaddrinfo() loop, but its result is unused)
Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. http://rhn.redhat.com/errata/RHBA-2013-1571.html