From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from eggs.gnu.org ([2001:4830:134:3::10]:50641)
	by lists.gnu.org with esmtp (Exim 4.71)
	(envelope-from <flukshun@gmail.com>) id 1ZUbW1-0006U5-Sc
	for qemu-devel@nongnu.org; Wed, 26 Aug 2015 10:17:31 -0400
Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
	(envelope-from <flukshun@gmail.com>) id 1ZUbVy-0004t7-Hr
	for qemu-devel@nongnu.org; Wed, 26 Aug 2015 10:17:25 -0400
Sender: fluxion <flukshun@gmail.com>
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: quoted-printable
From: Michael Roth <mdroth@linux.vnet.ibm.com>
In-Reply-To: <1440561851-17553-1-git-send-email-bharata@linux.vnet.ibm.com>
References: <1440561851-17553-1-git-send-email-bharata@linux.vnet.ibm.com>
Message-ID: <20150826141709.24880.70822@loki>
Date: Wed, 26 Aug 2015 09:17:09 -0500
Subject: Re: [Qemu-devel] [FIX PATCH] spapr_rtas: Prevent QEMU crash during
 hotplug without a prior device_add
List-Id: <qemu-devel.nongnu.org>
List-Unsubscribe: <https://lists.nongnu.org/mailman/options/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=unsubscribe>
List-Archive: <http://lists.nongnu.org/archive/html/qemu-devel>
List-Post: <mailto:qemu-devel@nongnu.org>
List-Help: <mailto:qemu-devel-request@nongnu.org?subject=help>
List-Subscribe: <https://lists.nongnu.org/mailman/listinfo/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=subscribe>
To: Bharata B Rao <bharata@linux.vnet.ibm.com>, qemu-devel@nongnu.org
Cc: qemu-ppc@nongnu.org, david@gibson.dropbear.id.au

Quoting Bharata B Rao (2015-08-25 23:04:11)
> If drmgr is used in the guest to hotplug a device before a device_add
> has been issued via the QEMU monitor, QEMU segfaults in configure_connect=
or
> call. This occurs due to accessing of NULL FDT which otherwise would have
> been created and associated with the DRC during device_add command.
> =

> Check for NULL FDT and return failure from configure_connector call.
> =

> Signed-off-by: Bharata B Rao <bharata@linux.vnet.ibm.com>
> Cc: Michael Roth <mdroth@linux.vnet.ibm.com>

Reviewed-by: Michael Roth <mdroth@linux.vnet.ibm.com>

> ---
> Not fully sure if RTAS_OUT_HW_ERROR is the right error code here. Should
> we be using RTAS_OUT_NOT_SUPPORTED instead ?
> =

>  hw/ppc/spapr_rtas.c | 6 ++++++
>  1 file changed, 6 insertions(+)
> =

> diff --git a/hw/ppc/spapr_rtas.c b/hw/ppc/spapr_rtas.c
> index e99e25f..3be8eec 100644
> --- a/hw/ppc/spapr_rtas.c
> +++ b/hw/ppc/spapr_rtas.c
> @@ -522,6 +522,12 @@ static void rtas_ibm_configure_connector(PowerPCCPU =
*cpu,
> =

>      drck =3D SPAPR_DR_CONNECTOR_GET_CLASS(drc);
>      fdt =3D drck->get_fdt(drc, NULL);
> +    if (!fdt) {
> +        DPRINTF("rtas_ibm_configure_connector: Missing FDT for DRC index=
: %xh\n",
> +                drc_index);
> +        rc =3D RTAS_OUT_HW_ERROR;
> +        goto out;
> +    }
> =

>      ccs =3D spapr_ccs_find(spapr, drc_index);
>      if (!ccs) {
> -- =

> 2.1.0
>=20