From: Stefan Hajnoczi <stefanha@gmail.com>
To: Bug 1151986 <1151986@bugs.launchpad.net>
Cc: qemu-devel@nongnu.org
Subject: Re: [Qemu-devel] [Bug 1151986] [NEW] buffer overflow after block-stream via QMP
Date: Thu, 7 Mar 2013 17:45:05 +0100 [thread overview]
Message-ID: <20130307164505.GA28279@stefanha-thinkpad.redhat.com> (raw)
In-Reply-To: <20130307110207.17430.68584.malonedeb@gac.canonical.com>
On Thu, Mar 07, 2013 at 11:02:07AM -0000, Helge Rausch wrote:
> When a block-stream is initiated via QMP and the QMP socket is closed on
> client side before the job is finished, QEMU crashes with a buffer
> overflow, somewhere at the end of the streaming process.
>
> Without QMP I can stream via the HMP without problems. After crashing, I
> cannot boot from the active image anymore.
>
> I was able to reproduce this with qemu-kvm and qemu-system-x86_64 on two
> different machines.
>
> Version:
> QEMU emulator version 1.2.0 (qemu-kvm-1.2.0), Copyright (c) 2003-2008 Fabrice Bellard
I cannot reproduce this with qemu-system-x86-1.2.2-6.fc18.x86_64.
> I started QEMU with the following script:
>
> qemu-kvm \
> -monitor vc \
> -m 512 \
> -hda "$1" \
> -net nic,vlan=0 \
> -net user,vlan=0 \
> -localtime \
> -smp 2 \
> -qmp tcp:localhost:4444,server,nowait
I used your command-line and the following QMP commands:
$ QMP/qmp-shell localhost:4444
(QEMU) blockdev-snapshot-sync device=ide0-hd0 snapshot-file=test2.qcow2
(QEMU) block-stream ide0-hd0
(QEMU) query-block-jobs
...output shows the job running...
(QEMU) Ctrl+D
The block job completes successfully and I get no crash.
Please try qemu.git/master to see if the bug is still there for you:
$ git clone git://git.qemu-project.org/qemu.git
$ cd qemu
$ ./configure --target-list=x86_64-softmmu
$ make
$ x86_64-softmmu/qemu-system-x86_64-softmmu -enable-kvm ...
Stefan
next prev parent reply other threads:[~2013-03-07 16:45 UTC|newest]
Thread overview: 7+ messages / expand[flat|nested] mbox.gz Atom feed top
2013-03-07 11:02 [Qemu-devel] [Bug 1151986] [NEW] buffer overflow after block-stream via QMP Helge Rausch
2013-03-07 16:45 ` Stefan Hajnoczi [this message]
2013-03-07 18:14 ` [Qemu-devel] [Bug 1151986] " Helge Rausch
2013-03-08 8:45 ` Stefan Hajnoczi
2013-03-08 9:21 ` Helge Rausch
2013-03-08 15:32 ` Serge Hallyn
2018-01-10 21:51 ` Thomas Huth
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20130307164505.GA28279@stefanha-thinkpad.redhat.com \
--to=stefanha@gmail.com \
--cc=1151986@bugs.launchpad.net \
--cc=qemu-devel@nongnu.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).