QEMU

v1.0-1172-g235fe3b crashes (opts=0x0)

Bug #939995 reported by Roy Tam on 2012-02-24

This bug affects 1 person

Affects		Status	Importance	Assigned to	Milestone
	QEMU	Fix Released	Undecided	Unassigned

Bug Description

C:\msys\home\User\qemu\i386-softmmu>gdb --args qemu-system-i386.exe -L ..\pc-bios
GNU gdb (GDB) 7.3
Copyright (C) 2011 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law. Type "show copying"
and "show warranty" for details.
This GDB was configured as "mingw32".
For bug reporting instructions, please see:
<http://www.gnu.org/software/gdb/bugs/>...
Reading symbols from C:\msys\home\User\qemu\i386-softmmu/qemu-system-i386.exe...
done.
(gdb) r
Starting program: C:\msys\home\User\qemu\i386-softmmu/qemu-system-i386.exe -L ..\\pc-bios
[New Thread 4724.0x1224]

Program received signal SIGSEGV, Segmentation fault.
0x004eeda6 in qemu_opt_get (opts=0x0, name=0x68a7c3 "kernel")
    at qemu-option.c:545
545 QemuOpt *opt = qemu_opt_find(opts, name);
(gdb) bt
#0 0x004eeda6 in qemu_opt_get (opts=0x0, name=0x68a7c3 "kernel")
    at qemu-option.c:545
#1 0x004c7166 in qemu_main (argc=3, argv=0x3e5200, envp=0x0)
    at C:/msys/home/User/qemu/vl.c:3250
#2 0x004c906a in SDL_main (argc=3, argv=0x3e5200)
    at C:/msys/home/User/qemu/vl.c:102
#3 0x0061dcf4 in console_main ()
#4 0x0061ddb4 in WinMain@16 ()
#5 0x006329fb in main ()
(gdb)

Revision history for this message

Roy Tam (roytam) wrote on 2012-02-24:

optfind_fixsegfault.patch Edit (389 bytes, text/plain)

qemu_opt_find() doesn't check if opts is NULL or not before use.
The patch fixes that issue.

Revision history for this message

Peter Maydell (pmaydell) wrote on 2012-02-24:

This is fixed by http://patchwork.ozlabs.org/patch/142548/ (which hasn't been applied yet but hopefully will be soon).

Revision history for this message

Roy Tam (roytam) wrote on 2012-02-24: Re: [Bug 939995] Re: v1.0-1172-g235fe3b crashes (opts=0x0)

2012/2/24 Peter Maydell <email address hidden>:
> This is fixed by http://patchwork.ozlabs.org/patch/142548/ (which hasn't
> been applied yet but hopefully will be soon).
>

It looks like a workaround to me as if you feed NULL to
qemu_opt_find() it will still crashing.

> --
> You received this bug notification because you are subscribed to the bug
> report.
> https://bugs.launchpad.net/bugs/939995
>
> Title:
> v1.0-1172-g235fe3b crashes (opts=0x0)
>
> Status in QEMU:
> New
>
> Bug description:
> C:\msys\home\User\qemu\i386-softmmu>gdb --args qemu-system-i386.exe -L ..\pc-bios
> GNU gdb (GDB) 7.3
> Copyright (C) 2011 Free Software Foundation, Inc.
> License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html>
> This is free software: you are free to change and redistribute it.
> There is NO WARRANTY, to the extent permitted by law. Type "show copying"
> and "show warranty" for details.
> This GDB was configured as "mingw32".
> For bug reporting instructions, please see:
> <http://www.gnu.org/software/gdb/bugs/>...
> Reading symbols from C:\msys\home\User\qemu\i386-softmmu/qemu-system-i386.exe...
> done.
> (gdb) r
> Starting program: C:\msys\home\User\qemu\i386-softmmu/qemu-system-i386.exe -L ..\\pc-bios
> [New Thread 4724.0x1224]
>
> Program received signal SIGSEGV, Segmentation fault.
> 0x004eeda6 in qemu_opt_get (opts=0x0, name=0x68a7c3 "kernel")
> at qemu-option.c:545
> 545 QemuOpt *opt = qemu_opt_find(opts, name);
> (gdb) bt
> #0 0x004eeda6 in qemu_opt_get (opts=0x0, name=0x68a7c3 "kernel")
> at qemu-option.c:545
> #1 0x004c7166 in qemu_main (argc=3, argv=0x3e5200, envp=0x0)
> at C:/msys/home/User/qemu/vl.c:3250
> #2 0x004c906a in SDL_main (argc=3, argv=0x3e5200)
> at C:/msys/home/User/qemu/vl.c:102
> #3 0x0061dcf4 in console_main ()
> #4 0x0061ddb4 in WinMain@16 ()
> #5 0x006329fb in main ()
> (gdb)
>
> To manage notifications about this bug go to:
> https://bugs.launchpad.net/qemu/+bug/939995/+subscriptions

2012/2/24 Peter Maydell <peter.maydell@linaro.org>:
> This is fixed by http://patchwork.ozlabs.org/patch/142548/ (which hasn't
> been applied yet but hopefully will be soon).
>

It looks like a workaround to me as if you feed NULL to
qemu_opt_find() it will still crashing.

> --
> You received this bug notification because you are subscribed to the bug
> report.
> https://bugs.launchpad.net/bugs/939995
>
> Title:
>  v1.0-1172-g235fe3b crashes (opts=0x0)
>
> Status in QEMU:
>  New
>
> Bug description:
>  C:\msys\home\User\qemu\i386-softmmu>gdb --args qemu-system-i386.exe -L ..\pc-bios
>  GNU gdb (GDB) 7.3
>  Copyright (C) 2011 Free Software Foundation, Inc.
>  License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html>
>  This is free software: you are free to change and redistribute it.
>  There is NO WARRANTY, to the extent permitted by law.  Type "show copying"
>  and "show warranty" for details.
>  This GDB was configured as "mingw32".
>  For bug reporting instructions, please see:
>  <http://www.gnu.org/software/gdb/bugs/>...
>  Reading symbols from C:\msys\home\User\qemu\i386-softmmu/qemu-system-i386.exe...
>  done.
>  (gdb) r
>  Starting program: C:\msys\home\User\qemu\i386-softmmu/qemu-system-i386.exe -L ..\\pc-bios
>  [New Thread 4724.0x1224]
>
>  Program received signal SIGSEGV, Segmentation fault.
>  0x004eeda6 in qemu_opt_get (opts=0x0, name=0x68a7c3 "kernel")
>      at qemu-option.c:545
>  545         QemuOpt *opt = qemu_opt_find(opts, name);
>  (gdb) bt
>  #0  0x004eeda6 in qemu_opt_get (opts=0x0, name=0x68a7c3 "kernel")
>      at qemu-option.c:545
>  #1  0x004c7166 in qemu_main (argc=3, argv=0x3e5200, envp=0x0)
>      at C:/msys/home/User/qemu/vl.c:3250
>  #2  0x004c906a in SDL_main (argc=3, argv=0x3e5200)
>      at C:/msys/home/User/qemu/vl.c:102
>  #3  0x0061dcf4 in console_main ()
>  #4  0x0061ddb4 in WinMain@16 ()
>  #5  0x006329fb in main ()
>  (gdb)
>
> To manage notifications about this bug go to:
> https://bugs.launchpad.net/qemu/+bug/939995/+subscriptions

Revision history for this message

Thomas Huth (th-huth) wrote on 2016-08-12:

Peter's fix had been included here:
http://git.qemu.org/?p=qemu.git;a=commitdiff;h=967c0da73a7b0da186baba6
... so I think we can close this bug ticket now.