From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from eggs.gnu.org ([2001:4830:134:3::10]:39347) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1bmyh5-0000nl-1g for qemu-devel@nongnu.org; Thu, 22 Sep 2016 03:45:20 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1bmyh0-0005iv-Tm for qemu-devel@nongnu.org; Thu, 22 Sep 2016 03:45:18 -0400 Received: from mx0b-001b2d01.pphosted.com ([148.163.158.5]:58347 helo=mx0a-001b2d01.pphosted.com) by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1bmyh0-0005iV-PQ for qemu-devel@nongnu.org; Thu, 22 Sep 2016 03:45:14 -0400 Received: from pps.filterd (m0098417.ppops.net [127.0.0.1]) by mx0a-001b2d01.pphosted.com (8.16.0.17/8.16.0.17) with SMTP id u8M7h6r7072161 for ; Thu, 22 Sep 2016 03:45:13 -0400 Received: from e06smtp09.uk.ibm.com (e06smtp09.uk.ibm.com [195.75.94.105]) by mx0a-001b2d01.pphosted.com with ESMTP id 25kkqcbtbp-1 (version=TLSv1.2 cipher=AES256-SHA bits=256 verify=NOT) for ; Thu, 22 Sep 2016 03:45:13 -0400 Received: from localhost by e06smtp09.uk.ibm.com with IBM ESMTP SMTP Gateway: Authorized Use Only! Violators will be prosecuted for from ; Thu, 22 Sep 2016 08:45:11 +0100 Received: from b06cxnps4075.portsmouth.uk.ibm.com (d06relay12.portsmouth.uk.ibm.com [9.149.109.197]) by d06dlp02.portsmouth.uk.ibm.com (Postfix) with ESMTP id 78D0B2190023 for ; Thu, 22 Sep 2016 08:44:30 +0100 (BST) Received: from d06av01.portsmouth.uk.ibm.com (d06av01.portsmouth.uk.ibm.com [9.149.37.212]) by b06cxnps4075.portsmouth.uk.ibm.com (8.14.9/8.14.9/NCO v10.0) with ESMTP id u8M7jAH99961838 for ; Thu, 22 Sep 2016 07:45:10 GMT Received: from d06av01.portsmouth.uk.ibm.com (localhost [127.0.0.1]) by d06av01.portsmouth.uk.ibm.com (8.14.4/8.14.4/NCO v10.0 AVout) with ESMTP id u8M7jAKp006989 for ; Thu, 22 Sep 2016 01:45:10 -0600 From: Xiao Long Jiang Date: Thu, 22 Sep 2016 09:43:56 +0200 Message-Id: <20160922074356.2918-1-zxiaol@linux.vnet.ibm.com> Subject: [Qemu-devel] [PATCH 1/1] qom: fix qdict visit in user_creatable_add_type List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , To: qemu-devel@nongnu.org Cc: bjsdjshi@linux.vnet.ibm.com, borntraeger@de.ibm.com, eblake@redhat.com, armbru@redhat.com This fixes a Qemu crash that introduced by commit ad73970 ("qom: Wrap prop visit in visit_start_struct"). Not all of the callers of user_creatable_add_type always pass qdict, so we should check qdict against NULL, but not raise an assertion. The problem can be easily triggered by adding an iothread with: $ virsh iothreadadd In which the is newly defined. The result of the command will return an error and cause the running guest crash. Cc: Eric Blake Cc: Markus Armbruster Signed-off-by: Xiao Long Jiang Reviewed-by: Dong Jia Shi --- qom/object_interfaces.c | 31 ++++++++++++++++--------------- 1 file changed, 16 insertions(+), 15 deletions(-) diff --git a/qom/object_interfaces.c b/qom/object_interfaces.c index bf59846..cc40dff 100644 --- a/qom/object_interfaces.c +++ b/qom/object_interfaces.c @@ -112,24 +112,25 @@ Object *user_creatable_add_type(const char *type, const char *id, return NULL; } - assert(qdict); obj = object_new(type); - visit_start_struct(v, NULL, NULL, 0, &local_err); - if (local_err) { - goto out; - } - for (e = qdict_first(qdict); e; e = qdict_next(qdict, e)) { - object_property_set(obj, v, e->key, &local_err); + if (qdict) { + visit_start_struct(v, NULL, NULL, 0, &local_err); if (local_err) { - break; + goto out; + } + for (e = qdict_first(qdict); e; e = qdict_next(qdict, e)) { + object_property_set(obj, v, e->key, &local_err); + if (local_err) { + break; + } + } + if (!local_err) { + visit_check_struct(v, &local_err); + } + visit_end_struct(v, NULL); + if (local_err) { + goto out; } - } - if (!local_err) { - visit_check_struct(v, &local_err); - } - visit_end_struct(v, NULL); - if (local_err) { - goto out; } object_property_add_child(object_get_objects_root(), -- 2.8.4