Re: [PATCH 1/2] Fix the segment fault when calling yank_register

qemu-devel

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [PATCH 1/2] Fix the segment fault when calling yank_register_instanc

From:	Markus Armbruster
Subject:	Re: [PATCH 1/2] Fix the segment fault when calling yank_register_instance
Date:	Fri, 26 Mar 2021 15:41:11 +0100
User-agent:	Gnus/5.13 (Gnus v5.13) Emacs/27.1 (gnu/linux)

Looks like a bug fix.  Lukas, can you take care of it in time for 6.0?

Li Zhang <zhlcindy@gmail.com> writes:

> From: Li Zhang <li.zhang@cloud.ionos.com>
>
> When executing the QMP commands "chardev-change" to change the
> backend device to socket, it will cause a segment fault because
> it assumes chr->label as non-NULL in function yank_register_instance.
> The function qmp_chardev_change calls chardev_new, which label
> is NULL when creating a new chardev. The label will be passed to
> yank_register_instance which causes a segment fault. The callchain
> is as the following:
>         chardev_new ->
>             qemu_char_open ->
>                 cc->open ->
>                 qmp_chardev_open_socket ->
>                     yank_register_instance
>
> Signed-off-by: Li Zhang <li.zhang@cloud.ionos.com>
> ---
>  chardev/char-socket.c | 8 +++++---
>  1 file changed, 5 insertions(+), 3 deletions(-)
>
> diff --git a/chardev/char-socket.c b/chardev/char-socket.c
> index c8bced76b7..26d5172682 100644
> --- a/chardev/char-socket.c
> +++ b/chardev/char-socket.c
> @@ -1421,10 +1421,12 @@ static void qmp_chardev_open_socket(Chardev *chr,
>          qemu_chr_set_feature(chr, QEMU_CHAR_FEATURE_FD_PASS);
>      }
>  
> -    if (!yank_register_instance(CHARDEV_YANK_INSTANCE(chr->label), errp)) {
> -        return;
> +    if (chr->label) {
> +        if (!yank_register_instance(CHARDEV_YANK_INSTANCE(chr->label), 
> errp)) {
> +            return;
> +        }
> +        s->registered_yank = true;
>      }
> -    s->registered_yank = true;
>  
>      /* be isn't opened until we get a connection */
>      *be_opened = false;

[Prev in Thread]

Current Thread

[Next in Thread]

[PATCH 2/2] Support monitor chardev hotswap with QMP, (continued)
- [PATCH 2/2] Support monitor chardev hotswap with QMP, Li Zhang, 2021/03/15
  - Re: [PATCH 2/2] Support monitor chardev hotswap with QMP, Li Zhang, 2021/03/23
    - Re: [PATCH 2/2] Support monitor chardev hotswap with QMP, Markus Armbruster, 2021/03/26
    - Re: [PATCH 2/2] Support monitor chardev hotswap with QMP, Li Zhang, 2021/03/26
- Re: [PATCH 1/2] Fix the segment fault when calling yank_register_instance, Marc-André Lureau, 2021/03/15
  - Re: [PATCH 1/2] Fix the segment fault when calling yank_register_instance, Li Zhang, 2021/03/16
  - Re: [PATCH 1/2] Fix the segment fault when calling yank_register_instance, Li Zhang, 2021/03/16
    - Re: [PATCH 1/2] Fix the segment fault when calling yank_register_instance, Marc-André Lureau, 2021/03/16
    - Re: [PATCH 1/2] Fix the segment fault when calling yank_register_instance, Li Zhang, 2021/03/16
- Re: [PATCH 1/2] Fix the segment fault when calling yank_register_instance, Lukas Straub, 2021/03/17
- Re: [PATCH 1/2] Fix the segment fault when calling yank_register_instance, Markus Armbruster <=
  - Re: [PATCH 1/2] Fix the segment fault when calling yank_register_instance, Lukas Straub, 2021/03/26
    - Re: [PATCH 1/2] Fix the segment fault when calling yank_register_instance, Markus Armbruster, 2021/03/26

Prev by Date: Re: [PATCH 2/2] Support monitor chardev hotswap with QMP
Next by Date: Re: [PATCH] monitor/qmp: fix race on CHR_EVENT_CLOSED without OOB
Previous by thread: Re: [PATCH 1/2] Fix the segment fault when calling yank_register_instance
Next by thread: Re: [PATCH 1/2] Fix the segment fault when calling yank_register_instance
Index(es):
- Date
- Thread