From: "Cédric Le Goater" <clg@kaod.org>
To: Peter Maydell <peter.maydell@linaro.org>,
David Gibson <david@gibson.dropbear.id.au>
Cc: Alexander Graf <agraf@suse.de>,
Alexey Kardashevskiy <aik@ozlabs.ru>, Greg Kurz <groug@kaod.org>,
Laurent Vivier <lvivier@redhat.com>,
QEMU Developers <qemu-devel@nongnu.org>,
qemu-ppc <qemu-ppc@nongnu.org>
Subject: Re: [Qemu-devel] [PATCH 01/23] ppc/pnv: introduce a new intc_create() operation to the chip model
Date: Tue, 26 Jun 2018 11:31:03 +0200 [thread overview]
Message-ID: <0826a256-5c9d-5b7d-7ec2-fcba748e2124@kaod.org> (raw)
In-Reply-To: <CAFEAcA_qv=PEzDOh8FB5F-uhbbtHrr7nRWPjXehyjkmj_cJ-AQ@mail.gmail.com>
On 06/26/2018 11:07 AM, Peter Maydell wrote:
> On 22 June 2018 at 05:24, David Gibson <david@gibson.dropbear.id.au> wrote:
>> From: Cédric Le Goater <clg@kaod.org>
>>
>> On Power9, the thread interrupt presenter has a different type and is
>> linked to the chip owning the cores.
>>
>> Signed-off-by: Cédric Le Goater <clg@kaod.org>
>> Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
>> ---
>> hw/ppc/pnv.c | 21 +++++++++++++++++++--
>> hw/ppc/pnv_core.c | 18 +++++++++---------
>> include/hw/ppc/pnv.h | 1 +
>> 3 files changed, 29 insertions(+), 11 deletions(-)
>
> Hi; Coverity points out a bug (CID 1393617) in this patch
> (which is commit d35aefa9ae150a):
>
>> @@ -143,13 +144,12 @@ static void pnv_core_realize(DeviceState *dev, Error **errp)
>> void *obj;
>> int i, j;
>> char name[32];
>> - Object *xi;
>> + Object *chip;
>>
>> - xi = object_property_get_link(OBJECT(dev), "xics", &local_err);
>> - if (!xi) {
>> - error_setg(errp, "%s: required link 'xics' not found: %s",
>> - __func__, error_get_pretty(local_err));
>> - return;
>> + chip = object_property_get_link(OBJECT(dev), "chip", &local_err);
>> + if (!chip) {
>> + error_propagate(errp, local_err);
>> + error_prepend(errp, "required link 'chip' not found: ");
>> }
>
> We check for a NULL 'chip' pointer, but forget the 'return', so
> execution will plough on through to the code below and eventually
> dereference the NULL pointer and segfault.
arg. My fault. I will send a fix.
Thanks,
C.
prev parent reply other threads:[~2018-06-26 9:31 UTC|newest]
Thread overview: 27+ messages / expand[flat|nested] mbox.gz Atom feed top
2018-06-22 4:24 [Qemu-devel] [PATCH 01/23] ppc/pnv: introduce a new intc_create() operation to the chip model David Gibson
2018-06-22 4:24 ` [Qemu-devel] [PATCH 02/23] ppc/pnv: introduce a new isa_create() " David Gibson
2018-06-22 4:24 ` [Qemu-devel] [PATCH 03/23] spapr_cpu_core: migrate per-CPU data David Gibson
2018-06-22 4:24 ` [Qemu-devel] [PATCH 04/23] spapr_cpu_core: migrate VPA related state David Gibson
2018-06-22 4:24 ` [Qemu-devel] [PATCH 05/23] ppc/pnv: introduce Pnv8Chip and Pnv9Chip models David Gibson
2018-06-22 4:24 ` [Qemu-devel] [PATCH 06/23] ppc/pnv: consolidate the creation of the ISA bus device tree David Gibson
2018-06-22 4:24 ` [Qemu-devel] [PATCH 07/23] target/ppc: Allow cpu compatiblity checks based on type, not instance David Gibson
2018-06-22 4:24 ` [Qemu-devel] [PATCH 08/23] spapr: Compute effective capability values earlier David Gibson
2018-06-22 4:24 ` [Qemu-devel] [PATCH 09/23] spapr: Add cpu_apply hook to capabilities David Gibson
2018-06-22 4:24 ` [Qemu-devel] [PATCH 10/23] target/ppc: Add kvmppc_hpt_needs_host_contiguous_pages() helper David Gibson
2018-06-22 4:24 ` [Qemu-devel] [PATCH 11/23] spapr: split the IRQ allocation sequence David Gibson
2018-06-22 4:24 ` [Qemu-devel] [PATCH 12/23] spapr: remove unused spapr_irq routines David Gibson
2018-06-22 4:24 ` [Qemu-devel] [PATCH 13/23] fpu_helper.c: fix helper_fpscr_clrbit() function David Gibson
2018-06-22 4:24 ` [Qemu-devel] [PATCH 14/23] sm501: Fix hardware cursor color conversion David Gibson
2018-06-22 4:24 ` [Qemu-devel] [PATCH 15/23] ppc4xx_i2c: Remove unimplemented sdata and intr registers David Gibson
2018-06-22 4:24 ` [Qemu-devel] [PATCH 16/23] ppc4xx_i2c: Implement directcntl register David Gibson
2018-06-22 4:24 ` [Qemu-devel] [PATCH 17/23] target/ppc: Add missing opcode for icbt on PPC440 David Gibson
2018-06-22 4:24 ` [Qemu-devel] [PATCH 18/23] pseries: Update SLOF firmware image to qemu-slof-20180621 David Gibson
2018-06-22 4:24 ` [Qemu-devel] [PATCH 19/23] spapr: Maximum (HPT) pagesize property David Gibson
2018-06-22 4:24 ` [Qemu-devel] [PATCH 20/23] spapr: Use maximum page size capability to simplify memory backend checking David Gibson
2018-06-22 4:24 ` [Qemu-devel] [PATCH 21/23] target/ppc: Add ppc_hash64_filter_pagesizes() David Gibson
2018-06-22 4:24 ` [Qemu-devel] [PATCH 22/23] spapr: Limit available pagesizes to provide a consistent guest environment David Gibson
2018-06-22 4:24 ` [Qemu-devel] [PATCH 23/23] spapr: Don't rewrite mmu capabilities in KVM mode David Gibson
2018-06-22 9:44 ` [Qemu-devel] [PATCH 01/23] ppc/pnv: introduce a new intc_create() operation to the chip model Greg Kurz
2018-06-22 10:32 ` David Gibson
2018-06-26 9:07 ` Peter Maydell
2018-06-26 9:31 ` Cédric Le Goater [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=0826a256-5c9d-5b7d-7ec2-fcba748e2124@kaod.org \
--to=clg@kaod.org \
--cc=agraf@suse.de \
--cc=aik@ozlabs.ru \
--cc=david@gibson.dropbear.id.au \
--cc=groug@kaod.org \
--cc=lvivier@redhat.com \
--cc=peter.maydell@linaro.org \
--cc=qemu-devel@nongnu.org \
--cc=qemu-ppc@nongnu.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.