[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Qemu-devel] [PATCH arm-devs v1 1/1] char/cadence_uart: Fix reset fo
From: |
Peter Crosthwaite |
Subject: |
Re: [Qemu-devel] [PATCH arm-devs v1 1/1] char/cadence_uart: Fix reset for unattached instances |
Date: |
Wed, 26 Jun 2013 10:41:42 +1000 |
Hi Peter,
On Wed, Jun 26, 2013 at 3:16 AM, Peter Maydell <address@hidden> wrote:
> On 7 June 2013 05:02, <address@hidden> wrote:
>> From: Peter Crosthwaite <address@hidden>
>>
>> commit 1db8b5efe0c2b5000e50691eea61264a615f43de introduced an issue
>> where QEMU would segfault if you have an unattached Cadence UART.
>>
>> Fix by guarding the flush-on-reset logic on there being a qemu_chr
>> attachment.
>>
>> Reported-by: Soren Brinkmann <address@hidden>
>> Signed-off-by: Peter Crosthwaite <address@hidden>
>> ---
>>
>> hw/char/cadence_uart.c | 4 +++-
>> 1 file changed, 3 insertions(+), 1 deletion(-)
>>
>> diff --git a/hw/char/cadence_uart.c b/hw/char/cadence_uart.c
>> index c2a7834..29827d2 100644
>> --- a/hw/char/cadence_uart.c
>> +++ b/hw/char/cadence_uart.c
>> @@ -157,7 +157,9 @@ static void uart_rx_reset(UartState *s)
>> {
>> s->rx_wpos = 0;
>> s->rx_count = 0;
>> - qemu_chr_accept_input(s->chr);
>> + if (s->chr) {
>> + qemu_chr_accept_input(s->chr);
>> + }
>
> There seem to be a lot of references to s->chr in this device:
> is this really the only one which needs a guard against NULL?
>
Actually no,
We have had some corner cases where other dereferences have segfaulted
on us too. On my todo list to sweep and fix globally.
But this is unique and a much bigger problem than the rest, as it is
in the reset path. So even if the uart is present in system and unused
it segafaults.
Regards,
Peter
> thanks
> -- PMM
>