From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from eggs.gnu.org ([2001:4830:134:3::10]:54717)
	by lists.gnu.org with esmtp (Exim 4.71)
	(envelope-from <lcapitulino@redhat.com>) id 1XtgyH-0004uH-TO
	for qemu-devel@nongnu.org; Wed, 26 Nov 2014 13:05:52 -0500
Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
	(envelope-from <lcapitulino@redhat.com>) id 1XtgyB-0004X0-Np
	for qemu-devel@nongnu.org; Wed, 26 Nov 2014 13:05:45 -0500
Received: from mx1.redhat.com ([209.132.183.28]:54232)
	by eggs.gnu.org with esmtp (Exim 4.71)
	(envelope-from <lcapitulino@redhat.com>) id 1XtgyB-0004PR-Ga
	for qemu-devel@nongnu.org; Wed, 26 Nov 2014 13:05:39 -0500
Date: Wed, 26 Nov 2014 13:05:28 -0500
From: Luiz Capitulino <lcapitulino@redhat.com>
Message-ID: <20141126130528.50835019@redhat.com>
In-Reply-To: <1417002601-20799-1-git-send-email-marcel.a@redhat.com>
References: <1417002601-20799-1-git-send-email-marcel.a@redhat.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: 7bit
Subject: Re: [Qemu-devel] [PATCH] hmp: fix regression of HMP device_del
 auto-completion
List-Id: <qemu-devel.nongnu.org>
List-Unsubscribe: <https://lists.nongnu.org/mailman/options/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=unsubscribe>
List-Archive: <http://lists.nongnu.org/archive/html/qemu-devel>
List-Post: <mailto:qemu-devel@nongnu.org>
List-Help: <mailto:qemu-devel-request@nongnu.org?subject=help>
List-Subscribe: <https://lists.nongnu.org/mailman/listinfo/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=subscribe>
To: peter.maydell@linaro.org
Cc: imammedo@redhat.com, zhugh.fnst@cn.fujitsu.com, qemu-devel@nongnu.org, Marcel Apfelbaum <marcel.a@redhat.com>

On Wed, 26 Nov 2014 13:50:01 +0200
Marcel Apfelbaum <marcel.a@redhat.com> wrote:

> The commits:
>  - 6a1fa9f5 (monitor: add del completion for peripheral device)
>  - 66e56b13 (qdev: add qdev_build_hotpluggable_device_list helper)
> 
> cause a QEMU crash when trying to use HMP device_del auto-completion.
> It can be easily reproduced by:
>     <qemu-bin> -enable-kvm  ~/images/fedora.qcow2 -monitor stdio -device virtio-net-pci,id=vnet
> 
>     (qemu) device_del
>     /home/mapfelba/git/upstream/qemu/hw/core/qdev.c:941:qdev_build_hotpluggable_device_list: Object 0x7f6ce04e4fe0 is not an instance of type device
>     Aborted (core dumped)
> 
> The root cause is qdev_build_hotpluggable_device_list going recursively over
> all peripherals and their children assuming all are devices. It doesn't work
> since PCI devices have at least on child which is a memory region (bus master).
> 
> Solved by observing that all devices appear as direct children of
> /machine/peripheral container. No need of going recursively
> over all the children.
> 
> Signed-off-by: Marcel Apfelbaum <marcel.a@redhat.com>

Peter, can you apply this patch directly to master to avoid me a pull
request? Maybe it's a good idea to wait until tomorrow for more
reviewers though.

Marcel, thanks a lot for taking care of this!

> ---
>  hw/core/qdev.c         | 12 ++++++++++--
>  include/hw/qdev-core.h |  2 +-
>  monitor.c              | 11 ++++-------
>  3 files changed, 15 insertions(+), 10 deletions(-)
> 
> diff --git a/hw/core/qdev.c b/hw/core/qdev.c
> index 413b413..35fd00d 100644
> --- a/hw/core/qdev.c
> +++ b/hw/core/qdev.c
> @@ -935,7 +935,7 @@ void qdev_alias_all_properties(DeviceState *target, Object *source)
>      } while (class != object_class_by_name(TYPE_DEVICE));
>  }
>  
> -int qdev_build_hotpluggable_device_list(Object *obj, void *opaque)
> +static int qdev_add_hotpluggable_device(Object *obj, void *opaque)
>  {
>      GSList **list = opaque;
>      DeviceState *dev = DEVICE(obj);
> @@ -944,10 +944,18 @@ int qdev_build_hotpluggable_device_list(Object *obj, void *opaque)
>          *list = g_slist_append(*list, dev);
>      }
>  
> -    object_child_foreach(obj, qdev_build_hotpluggable_device_list, opaque);
>      return 0;
>  }
>  
> +GSList *qdev_build_hotpluggable_device_list(Object *peripheral)
> +{
> +    GSList *list = NULL;
> +
> +    object_child_foreach(peripheral, qdev_add_hotpluggable_device, &list);
> +
> +    return list;
> +}
> +
>  static bool device_get_realized(Object *obj, Error **errp)
>  {
>      DeviceState *dev = DEVICE(obj);
> diff --git a/include/hw/qdev-core.h b/include/hw/qdev-core.h
> index d3a2940..589bbe7 100644
> --- a/include/hw/qdev-core.h
> +++ b/include/hw/qdev-core.h
> @@ -365,7 +365,7 @@ extern int qdev_hotplug;
>  
>  char *qdev_get_dev_path(DeviceState *dev);
>  
> -int qdev_build_hotpluggable_device_list(Object *obj, void *opaque);
> +GSList *qdev_build_hotpluggable_device_list(Object *peripheral);
>  
>  void qbus_set_hotplug_handler(BusState *bus, DeviceState *handler,
>                                Error **errp);
> diff --git a/monitor.c b/monitor.c
> index fa00594..f1031a1 100644
> --- a/monitor.c
> +++ b/monitor.c
> @@ -4321,17 +4321,14 @@ void object_add_completion(ReadLineState *rs, int nb_args, const char *str)
>  static void peripheral_device_del_completion(ReadLineState *rs,
>                                               const char *str, size_t len)
>  {
> -    Object *peripheral;
> -    GSList *list = NULL, *item;
> +    Object *peripheral = container_get(qdev_get_machine(), "/peripheral");
> +    GSList *list, *item;
>  
> -    peripheral = object_resolve_path("/machine/peripheral/", NULL);
> -    if (peripheral == NULL) {
> +    list = qdev_build_hotpluggable_device_list(peripheral);
> +    if (!list) {
>          return;
>      }
>  
> -    object_child_foreach(peripheral, qdev_build_hotpluggable_device_list,
> -                         &list);
> -
>      for (item = list; item; item = g_slist_next(item)) {
>          DeviceState *dev = item->data;
>