QEMU

VNC reverse broken in qemu 2.6.0

Bug #1586194 reported by Andreas Hofmeister on 2016-05-26

This bug affects 1 person

Affects		Status	Importance	Assigned to	Milestone
	QEMU	Fix Released	Undecided	Unassigned

Bug Description

Hi all,

I recently tried to upgrade from Qemu 2.4.1 to 2.6.0, but found some problems with VNC reverse connections.

1) In "-vnc 172.16.1.3:5902,reverse" used to mean "connect to port 5902"
That seems to have changed changed since 2.4.1, the thing after the IP address is now interpreted
as a display number. If that change was intentional, the man-page needs to be fixed.

2) After subtracting 5900 from that port number (-vnc 172.16.1.3:2,reverse), I ran into a segfault.

---8<---
Program received signal SIGSEGV, Segmentation fault.
qio_channel_socket_get_local_address (ioc=0x0, errp=errp@entry=0x7fffffffe118) at io/channel-socket.c:33
33 return socket_sockaddr_to_address(&ioc->localAddr,
(gdb) bt
#0 qio_channel_socket_get_local_address (ioc=0x0, errp=errp@entry=0x7fffffffe118) at io/channel-socket.c:33
#1 0x000055555594c0f5 in vnc_init_basic_info_from_server_addr (errp=0x7fffffffe118, info=0x555558f35990,
    ioc=<optimized out>) at ui/vnc.c:146
#2 vnc_server_info_get (vd=0x7fffecc4b010) at ui/vnc.c:223
#3 0x000055555595192a in vnc_qmp_event (vs=0x555558f41f30, vs=0x555558f41f30, event=QAPI_EVENT_VNC_CONNECTED)
    at ui/vnc.c:279
#4 vnc_connect (vd=vd@entry=0x7fffecc4b010, sioc=sioc@entry=0x555558f34c00, skipauth=skipauth@entry=false,
    websocket=websocket@entry=false) at ui/vnc.c:2994
#5 0x00005555559520d8 in vnc_display_open (id=id@entry=0x555556437650 "default", errp=errp@entry=0x7fffffffe228)
    at ui/vnc.c:3773
#6 0x0000555555952fd3 in vnc_init_func (opaque=<optimized out>, opts=<optimized out>, errp=<optimized out>)
    at ui/vnc.c:3868
#7 0x0000555555a011da in qemu_opts_foreach (list=<optimized out>, func=0x555555952fa0 <vnc_init_func>, opaque=0x0,
    errp=0x0) at util/qemu-option.c:1116
#8 0x00005555556dcfbe in main (argc=<optimized out>, argv=<optimized out>, envp=<optimized out>) at vl.c:4592
--->8---

A git bisect shows that this happens since

---8<---
commit 98481bfcd661daa3c160cc87a297b0e60a307788
Author: Eric Blake <email address hidden>
Date: Mon Oct 26 16:34:45 2015 -0600

vnc: Hoist allocation of VncBasicInfo to callers
--->8---

TIA
Andi

Revision history for this message

Thomas Huth (th-huth) wrote on 2016-11-21:

I think this has been fixed in QEMU 2.7, likely with the following commit:
http://git.qemu.org/?p=qemu.git;a=commitdiff;h=3e7f136d8b4383d99f

Changed in qemu:
status:	New → Fix Released

Report a bug

This report contains Public information

Everyone can see this information.

You are

Subscribing...

Edit bug mail

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.