From: Thomas Huth <thuth@redhat.com>
To: qemu-devel@nongnu.org
Cc: jasowang@redhat.com, stefanha@redhat.com, mst@redhat.com
Subject: [Qemu-devel] [PATCH] Fix crash with illegal "-net nic, model=xxx" option
Date: Thu, 9 Apr 2015 15:32:45 +0200 [thread overview]
Message-ID: <1428586365-17909-1-git-send-email-thuth@redhat.com> (raw)
Current QEMU crashes when specifying an illegal model with the
"-net nic,model=xxx" option, e.g.:
$ qemu-system-x86_64 -net nic,model=n/a
qemu-system-x86_64: Unsupported NIC model: n/a
Program received signal SIGSEGV, Segmentation fault.
The gdb backtrace looks like this:
0x0000555555965fe0 in error_get_pretty (err=0x0) at util/error.c:152
152 return err->msg;
(gdb) bt
0 0x0000555555965fe0 in error_get_pretty (err=0x0) at util/error.c:152
1 0x0000555555965ffd in error_report_err (err=0x0) at util/error.c:157
2 0x0000555555809c90 in pci_nic_init_nofail (nd=0x555555e49860 <nd_table>, rootbus=0x5555564409b0,
default_model=0x55555598c37b "e1000", default_devaddr=0x0) at hw/pci/pci.c:1663
3 0x0000555555691e42 in pc_nic_init (isa_bus=0x555556f71900, pci_bus=0x5555564409b0)
at hw/i386/pc.c:1506
4 0x000055555569396b in pc_init1 (machine=0x5555562abbf0, pci_enabled=1, kvmclock_enabled=1)
at hw/i386/pc_piix.c:248
5 0x0000555555693d27 in pc_init_pci (machine=0x5555562abbf0) at hw/i386/pc_piix.c:310
6 0x000055555572ddf5 in main (argc=3, argv=0x7fffffffe018, envp=0x7fffffffe038) at vl.c:4226
The problem is that pci_nic_init_nofail() does not check whether the err
parameter from pci_nic_init has been set up and thus passes a NULL pointer
to error_report_err(). Fix it by correctly checking the err parameter.
Signed-off-by: Thomas Huth <thuth@redhat.com>
---
hw/pci/pci.c | 4 +++-
1 file changed, 3 insertions(+), 1 deletion(-)
diff --git a/hw/pci/pci.c b/hw/pci/pci.c
index 6941a82..b3d5100 100644
--- a/hw/pci/pci.c
+++ b/hw/pci/pci.c
@@ -1660,7 +1660,9 @@ PCIDevice *pci_nic_init_nofail(NICInfo *nd, PCIBus *rootbus,
res = pci_nic_init(nd, rootbus, default_model, default_devaddr, &err);
if (!res) {
- error_report_err(err);
+ if (err) {
+ error_report_err(err);
+ }
exit(1);
}
return res;
--
1.8.3.1
next reply other threads:[~2015-04-09 13:32 UTC|newest]
Thread overview: 12+ messages / expand[flat|nested] mbox.gz Atom feed top
2015-04-09 13:32 Thomas Huth [this message]
2015-04-09 13:37 ` [Qemu-devel] [PATCH] Fix crash with illegal "-net nic, model=xxx" option Michael S. Tsirkin
2015-04-09 14:48 ` Peter Maydell
2015-04-12 11:14 ` Michael S. Tsirkin
2015-04-12 11:57 ` Andreas Färber
2015-04-09 18:31 ` Eric Blake
2015-04-09 19:57 ` Paolo Bonzini
2015-04-27 11:48 ` Markus Armbruster
2015-04-27 15:19 ` Thomas Huth
2015-04-12 11:13 ` Michael S. Tsirkin
2015-04-13 3:01 ` Jason Wang
2015-04-13 11:28 ` Peter Maydell
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1428586365-17909-1-git-send-email-thuth@redhat.com \
--to=thuth@redhat.com \
--cc=jasowang@redhat.com \
--cc=mst@redhat.com \
--cc=qemu-devel@nongnu.org \
--cc=stefanha@redhat.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.