From: Markus Armbruster <armbru@redhat.com>
To: arei.gonglei@huawei.com
Cc: weidong.huang@huawei.com, qemu-devel@nongnu.org,
lcapitulino@redhat.com, stefanha@redhat.com, imammedo@redhat.com,
peter.huangpeng@huawei.com, afaerber@suse.de
Subject: Re: [Qemu-devel] [PATCH] qdev-monitor: fix segmentation fault on qdev_device_help()
Date: Tue, 16 Sep 2014 09:28:26 +0200 [thread overview]
Message-ID: <87oaugxbvp.fsf@blackfin.pond.sub.org> (raw)
In-Reply-To: <1410833973-9492-1-git-send-email-arei.gonglei@huawei.com> (arei gonglei's message of "Tue, 16 Sep 2014 10:19:33 +0800")
<arei.gonglei@huawei.com> writes:
> From: Gonglei <arei.gonglei@huawei.com>
>
> Normally, qmp_device_list_properties() may return NULL when
> a device haven't special properties excpet Object and DeviceState
> properties, such as virtio-balloon-device.
>
> We just need check local_err instead of prop_list.
>
> Example:
>
> Segmentation fault (core dumped)
>
> The backtrace as below:
>
> Program received signal SIGSEGV, Segmentation fault.
> 0x00005555559af1a8 in error_get_pretty (err=0x0) at util/error.c:152
> 152 return err->msg;
> (gdb) bt
> #0 0x00005555559af1a8 in error_get_pretty (err=0x0) at util/error.c:152
> #1 0x000055555572fce9 in qdev_device_help (opts=0x5555562fdfe0) at qdev-monitor.c:210
> #2 0x000055555574a6f2 in device_help_func (opts=0x5555562fdfe0, opaque=0x0) at vl.c:2362
> #3 0x00005555559c0a33 in qemu_opts_foreach (list=0x555555dd0b40 <qemu_device_opts>,
> func=0x55555574a6ca <device_help_func>, opaque=0x0, abort_on_failure=0) at util/qemu-option.c:1072
> #4 0x000055555574f514 in main (argc=3, argv=0x7fffffffe218, envp=0x7fffffffe238) at vl.c:4246
>
> Signed-off-by: Gonglei <arei.gonglei@huawei.com>
> ---
> qdev-monitor.c | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/qdev-monitor.c b/qdev-monitor.c
> index fb9ee24..5ec6606 100644
> --- a/qdev-monitor.c
> +++ b/qdev-monitor.c
> @@ -206,7 +206,7 @@ int qdev_device_help(QemuOpts *opts)
> }
>
> prop_list = qmp_device_list_properties(driver, &local_err);
> - if (!prop_list) {
> + if (local_err) {
> error_printf("%s\n", error_get_pretty(local_err));
> error_free(local_err);
> return 1;
Doesn't this leak prop_list when local_err && prop_list?
Returning both a value in need of destruction and an error object is at
least highly unusual, and probably plain wrong.
Should qmp_device_list_properties() return NULL when it sets an error?
next prev parent reply other threads:[~2014-09-16 8:03 UTC|newest]
Thread overview: 8+ messages / expand[flat|nested] mbox.gz Atom feed top
2014-09-16 2:19 [Qemu-devel] [PATCH] qdev-monitor: fix segmentation fault on qdev_device_help() arei.gonglei
2014-09-16 7:28 ` Markus Armbruster [this message]
2014-09-16 7:38 ` Gonglei (Arei)
2014-09-16 7:59 ` Markus Armbruster
2014-09-16 8:06 ` Gonglei (Arei)
2014-09-17 9:17 ` Gonglei (Arei)
2014-09-17 10:06 ` Markus Armbruster
2014-09-16 10:25 ` Stefan Hajnoczi
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=87oaugxbvp.fsf@blackfin.pond.sub.org \
--to=armbru@redhat.com \
--cc=afaerber@suse.de \
--cc=arei.gonglei@huawei.com \
--cc=imammedo@redhat.com \
--cc=lcapitulino@redhat.com \
--cc=peter.huangpeng@huawei.com \
--cc=qemu-devel@nongnu.org \
--cc=stefanha@redhat.com \
--cc=weidong.huang@huawei.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.