Re: [Qemu-devel] [PATCH] qdev: fix crash by validating the object type

qemu-devel

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Qemu-devel] [PATCH] qdev: fix crash by validating the object type

From:	Andreas Färber
Subject:	Re: [Qemu-devel] [PATCH] qdev: fix crash by validating the object type
Date:	Wed, 30 Apr 2014 17:55:55 +0200
User-agent:	Mozilla/5.0 (X11; Linux x86_64; rv:24.0) Gecko/20100101 Thunderbird/24.3.0

Am 16.04.2014 09:02, schrieb Markus Armbruster:
> Amos Kong <address@hidden> writes:
> 
>> QEMU crashed when I try to list device parameters, the driver name is
>> actually the available bus name.
>>
>>  # qemu -device virtio-pci-bus,?
>>  # qemu -device virtio-bus,?
>>  # qemu -device virtio-serial-bus,?
>>  qdev-monitor.c:212:qdev_device_help: Object 0x7fd932f50620 is not an
>>  instance of type device
>>  Aborted (core dumped)
>>
>> We can also reproduce this bug by adding device from monitor, so it's
>> worth to fix the crash.
>>
>>  (qemu) device_add virtio-serial-bus
>>  qdev-monitor.c:491:qdev_device_add: Object 0x7f5e89530920 is not an
>>  instance of type device
>>  Aborted (core dumped)
>>
>> Cc: address@hidden
>> Signed-off-by: Amos Kong <address@hidden>
>> ---
>>  qdev-monitor.c | 2 +-
>>  1 file changed, 1 insertion(+), 1 deletion(-)
>>
>> diff --git a/qdev-monitor.c b/qdev-monitor.c
>> index 9268c87..40c117d 100644
>> --- a/qdev-monitor.c
>> +++ b/qdev-monitor.c
>> @@ -206,7 +206,7 @@ int qdev_device_help(QemuOpts *opts)
>        if (!driver || !qemu_opt_has_help_opt(opts)) {
>            return 0;
>        }
> 
>        klass = object_class_by_name(driver);
>        if (!klass) {
>            const char *typename = find_typename_by_alias(driver);
> 
>            if (typename) {
>                driver = typename;
>                klass = object_class_by_name(driver);
>>          }
>>      }
>>  
>> -    if (!klass) {
>> +    if (!object_class_dynamic_cast(klass, TYPE_DEVICE)) {
>>          return 0;
>>      }
>>      do {
> 
> Works because when qdev_device_help() returns zero, its caller
> do_device_add() proceeds to call qdev_device_add(), which checks "klass
> subtype of TYPE_DEVICE" again, and reports properly when it's not:
> "-device virtio-bus,help: 'virtio-bus' is not a valid device model
> name".
> 
> Reviewed-by: Markus Armbruster <address@hidden>

Thanks, applied to qom-next (with message slightly tweaked):
https://github.com/afaerber/qemu-cpu/commits/qom-next

Andreas

-- 
SUSE LINUX Products GmbH, Maxfeldstr. 5, 90409 Nürnberg, Germany
GF: Jeff Hawn, Jennifer Guild, Felix Imendörffer; HRB 16746 AG Nürnberg

[Prev in Thread]

Current Thread

[Next in Thread]

[Qemu-devel] [PATCH] qdev: fix crash by validating the object type, Amos Kong, 2014/04/15
- Re: [Qemu-devel] [PATCH] qdev: fix crash by validating the object type, Markus Armbruster, 2014/04/16
  - Re: [Qemu-devel] [PATCH] qdev: fix crash by validating the object type, Andreas Färber <=

Prev by Date: Re: [Qemu-devel] [PATCH] savevm: check vmsd for migratability status (v2)
Next by Date: [Qemu-devel] [PATCH v4 10/18] target-i386: Loop-based copying and setting/unsetting of feature words
Previous by thread: Re: [Qemu-devel] [PATCH] qdev: fix crash by validating the object type
Next by thread: [Qemu-devel] qemu-ga: How to static compilation qemu-ga.exe for windows on fedora 18
Index(es):
- Date
- Thread