KVM segfault when using TCP socket network interface

[Christoph Lechner <cl0059@l-mx.de>]

Hi!

KVM segfaults for me when emulating a NIC using the TCP listen option.
The host is a AMD Athlon running 64 bit Ubuntu 8.10 (with stock kernel
release 2.6.27-7-generic #1 SMP Tue Nov 4 19:33:06 UTC 2008 x86_64
GNU/Linux). I recently downloaded kvm-84 because the same nuissance
happened to me with kvm-83 as well.
I installed it using the standard procedure
./configure
make install

I ran into trouble executing the command line
sudo /usr/local/bin/qemu-system-x86_64 -hda repl-test-1.img -m 512 -net
nic,macaddr=52:54:12:34:00:01 -net tap -net nic -net socket,listen=:1234
-k de

Using only the first NIC (with tap connection) works like charm, but
when it comes to NIC emulation and TCP listen, the program just segfaults.

Firing up gdb
gdb -core core /usr/local/bin/qemu-system-x86_64
yields a backtrace:

root@terminator: /home/cl/repl_test\aroot@terminator:/home/cl/repl_test#
gdb -core core /usr/local/bin/qemu-system-x8
6_64
GNU gdb 6.8-debian
Copyright (C) 2008 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law. Type "show copying"
and "show warranty" for details.
This GDB was configured as "x86_64-linux-gnu"...

warning: core file may not match specified executable file.

warning: Can't read pathname for load map: Input/output error.
Reading symbols from /lib/libm.so.6...done.
Loaded symbols for /lib/libm.so.6
Reading symbols from /usr/lib/libz.so.1...done.
Loaded symbols for /usr/lib/libz.so.1
Reading symbols from /usr/lib/libgnutls.so.26...done.
Loaded symbols for /usr/lib/libgnutls.so.26
Reading symbols from /lib/libpthread.so.0...done.
Loaded symbols for /lib/libpthread.so.0
Reading symbols from /lib/librt.so.1...done.
Loaded symbols for /lib/librt.so.1
Reading symbols from /lib/libutil.so.1...done.
Loaded symbols for /lib/libutil.so.1
Reading symbols from /usr/lib/libSDL-1.2.so.0...done.
Loaded symbols for /usr/lib/libSDL-1.2.so.0
Reading symbols from /lib/libncurses.so.5...done.
Loaded symbols for /lib/libncurses.so.5
Reading symbols from /lib/libc.so.6...done.
Loaded symbols for /lib/libc.so.6
Reading symbols from /usr/lib/libtasn1.so.3...done.
Loaded symbols for /usr/lib/libtasn1.so.3
Reading symbols from /lib/libgcrypt.so.11...done.
Loaded symbols for /lib/libgcrypt.so.11
Reading symbols from /lib/ld-linux-x86-64.so.2...done.
Loaded symbols for /lib64/ld-linux-x86-64.so.2
Reading symbols from /usr/lib/libasound.so.2...done.
Loaded symbols for /usr/lib/libasound.so.2
Reading symbols from /lib/libdl.so.2...done.
Loaded symbols for /lib/libdl.so.2
Reading symbols from /usr/lib/libdirectfb-1.0.so.0...done.
Loaded symbols for /usr/lib/libdirectfb-1.0.so.0
Reading symbols from /usr/lib/libfusion-1.0.so.0...done.
Loaded symbols for /usr/lib/libfusion-1.0.so.0
Reading symbols from /usr/lib/libdirect-1.0.so.0...done.
Loaded symbols for /usr/lib/libdirect-1.0.so.0
Reading symbols from /lib/libgpg-error.so.0...done.
Loaded symbols for /lib/libgpg-error.so.0
Core was generated by `/usr/local/bin/qemu-system-x86_64 -hda
repl-test-1.img -m 512 -net nic,macaddr='.
Program terminated with signal 11, Segmentation fault.
[New process 7191]
#0 0x00007fe291f3f7d0 in strlen () from /lib/libc.so.6
(gdb) bt
#0 0x00007fe291f3f7d0 in strlen () from /lib/libc.so.6
#1 0x00007fe291f3f506 in strdup () from /lib/libc.so.6
#2 0x0000000000486176 in net_client_init (device=0x7fff9b6913c0 "socket",
p=0x7fff9b692a14 "listen=:1234") at net.c:1583
#3 0x00000000004865ae in net_client_parse (str=)
at net.c:1913
#4 0x000000000040bf19 in main (argc=,
argv=0x7fff9b691de8, envp=)
at /home/cl/kvm-84/qemu/vl.c:5734
(gdb) q

Where's the problem? Is it a bug or am I doing something "evil" :) This
is a copy of the forum post
http://www.linux-kvm.com/content/kvm-segfault-when-using-tcp-socket-network-interface
This issue was not added to the bug tracker yet, because I'm not sure if
it is a bug or if it was my fault.

- cl