[Qemu-devel] [PATCH 1/1] qom: fix qdict visit in user_creatable_add

qemu-devel

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Qemu-devel] [PATCH 1/1] qom: fix qdict visit in user_creatable_add_type

From:	Xiao Long Jiang
Subject:	[Qemu-devel] [PATCH 1/1] qom: fix qdict visit in user_creatable_add_type
Date:	Thu, 22 Sep 2016 09:43:56 +0200

This fixes a Qemu crash that introduced by commit ad73970
("qom: Wrap prop visit in visit_start_struct").

Not all of the callers of user_creatable_add_type always pass qdict,
so we should check qdict against NULL, but not raise an assertion.

The problem can be easily triggered by adding an iothread with:
  $ virsh iothreadadd <domain> <threadid>
In which the <threadid> is newly defined. The result of the command
will return an error and cause the running guest crash.

Cc: Eric Blake <address@hidden>
Cc: Markus Armbruster <address@hidden>
Signed-off-by: Xiao Long Jiang <address@hidden>
Reviewed-by: Dong Jia Shi <address@hidden>
---
 qom/object_interfaces.c | 31 ++++++++++++++++---------------
 1 file changed, 16 insertions(+), 15 deletions(-)

diff --git a/qom/object_interfaces.c b/qom/object_interfaces.c
index bf59846..cc40dff 100644
--- a/qom/object_interfaces.c
+++ b/qom/object_interfaces.c
@@ -112,24 +112,25 @@ Object *user_creatable_add_type(const char *type, const 
char *id,
         return NULL;
     }
 
-    assert(qdict);
     obj = object_new(type);
-    visit_start_struct(v, NULL, NULL, 0, &local_err);
-    if (local_err) {
-        goto out;
-    }
-    for (e = qdict_first(qdict); e; e = qdict_next(qdict, e)) {
-        object_property_set(obj, v, e->key, &local_err);
+    if (qdict) {
+        visit_start_struct(v, NULL, NULL, 0, &local_err);
         if (local_err) {
-            break;
+            goto out;
+        }
+        for (e = qdict_first(qdict); e; e = qdict_next(qdict, e)) {
+            object_property_set(obj, v, e->key, &local_err);
+            if (local_err) {
+                break;
+            }
+        }
+        if (!local_err) {
+            visit_check_struct(v, &local_err);
+        }
+        visit_end_struct(v, NULL);
+        if (local_err) {
+            goto out;
         }
-    }
-    if (!local_err) {
-        visit_check_struct(v, &local_err);
-    }
-    visit_end_struct(v, NULL);
-    if (local_err) {
-        goto out;
     }
 
     object_property_add_child(object_get_objects_root(),
-- 
2.8.4

[Prev in Thread]

Current Thread

[Next in Thread]

[Qemu-devel] [PATCH 1/1] qom: fix qdict visit in user_creatable_add_type, Xiao Long Jiang <=
- Re: [Qemu-devel] [PATCH 1/1] qom: fix qdict visit in user_creatable_add_type, Markus Armbruster, 2016/09/22
  - Re: [Qemu-devel] [PATCH 1/1] qom: fix qdict visit in user_creatable_add_type, Xiao Long Jiang, 2016/09/23

Prev by Date: Re: [Qemu-devel] [PATCH v6 3/3] intel_iommu: allow UNMAP notifiers
Next by Date: Re: [Qemu-devel] [PATCH] Fix tlb_vaddr_to_host with CONFIG_USER_ONLY
Previous by thread: [Qemu-devel] [PULL 00/44] ppc-for-2.8 queue 20160922
Next by thread: Re: [Qemu-devel] [PATCH 1/1] qom: fix qdict visit in user_creatable_add_type
Index(es):
- Date
- Thread