From: Kevin Wolf <kwolf@redhat.com>
To: Anthony Liguori <anthony@codemonkey.ws>
Cc: afaerber@suse.de, Qemu-devel@nongnu.org
Subject: Re: [Qemu-devel] [RFC] Fix SCSI hotplug with invalid slot
Date: Fri, 13 Jul 2012 11:47:44 +0200 [thread overview]
Message-ID: <4FFFEEC0.1070808@redhat.com> (raw)
In-Reply-To: <87629su9xd.fsf@codemonkey.ws>
[ Whoops, forgot qemu-devel in my original mail, added now ]
Am 12.07.2012 20:11, schrieb Anthony Liguori:
> Kevin Wolf <kwolf@redhat.com> writes:
>
>> While trying to hotplug an if=scsi disk with drive_add, I didn't pay
>> attention to using a valid slot (it doesn't matter with the usual
>> if=none...), and so I got:
>>
>> (qemu) drive_add 0 file=/tmp/test.qcow2,if=scsi
>> Segmentation fault.
>>
>> qemu just takes the PCI device at slot 0 and starts working on its first
>> child bus, no matter what device it is, and whether it even has a bus.
>> This NULL pointer access is easy enough to fix, it's what this patch
>> does.
>>
>> However this leaves a second case where the device in the slot does
>> exist, has child buses and still isn't a SCSI bus. For example (here
>> it's IDE):
>>
>> (qemu) drive_add 1 file=/tmp/test.qcow2,if=scsi
>> Object 0x7fadb204bbf0 is not an instance of type SCSI
>> Aborted.
>>
>> I couldn't find any obvious solution for checking if it has the right
>> type without aborting. I'm sure that this is a pretty standard case, but
>> my QOM knowledge is lacking...
>>
>> Signed-off-by: Kevin Wolf <kwolf@redhat.com>
>> ---
>> hw/pci-hotplug.c | 8 +++++++-
>> 1 files changed, 7 insertions(+), 1 deletions(-)
>>
>> diff --git a/hw/pci-hotplug.c b/hw/pci-hotplug.c
>> index e7fb780..87d4721 100644
>> --- a/hw/pci-hotplug.c
>> +++ b/hw/pci-hotplug.c
>> @@ -77,10 +77,16 @@ static PCIDevice *qemu_pci_hot_add_nic(Monitor *mon,
>> static int scsi_hot_add(Monitor *mon, DeviceState *adapter,
>> DriveInfo *dinfo, int printinfo)
>> {
>> + BusState *bus;
>> SCSIBus *scsibus;
>> SCSIDevice *scsidev;
>>
>> - scsibus = SCSI_BUS(QLIST_FIRST(&adapter->child_bus));
>> + bus = QLIST_FIRST(&adapter->child_bus);
>> + if (bus == NULL) {
>
> if (bus == NULL || object_dynamic_cast(bus, TYPE_SCSI_BUS) == NULL) {
Ah well, so this is really the official way... Then I could as well use
the result of that instead of calling it a second time in SCSI_BUS().
Should I send an updated patch for this, or is it a more general problem
of the QOM conversions that checks were lost and you'll post a broader fix?
Kevin
parent reply other threads:[~2012-07-13 9:47 UTC|newest]
Thread overview: expand[flat|nested] mbox.gz Atom feed
[parent not found: <87629su9xd.fsf@codemonkey.ws>]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=4FFFEEC0.1070808@redhat.com \
--to=kwolf@redhat.com \
--cc=Qemu-devel@nongnu.org \
--cc=afaerber@suse.de \
--cc=anthony@codemonkey.ws \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.