From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from eggs.gnu.org ([2001:4830:134:3::10]:56633)
	by lists.gnu.org with esmtp (Exim 4.71)
	(envelope-from <afaerber@suse.de>) id 1VLzI8-0001O9-D5
	for qemu-devel@nongnu.org; Tue, 17 Sep 2013 13:42:30 -0400
Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
	(envelope-from <afaerber@suse.de>) id 1VLzHz-000357-5S
	for qemu-devel@nongnu.org; Tue, 17 Sep 2013 13:42:24 -0400
Received: from cantor2.suse.de ([195.135.220.15]:37448 helo=mx2.suse.de)
	by eggs.gnu.org with esmtp (Exim 4.71)
	(envelope-from <afaerber@suse.de>) id 1VLzHy-00034H-VL
	for qemu-devel@nongnu.org; Tue, 17 Sep 2013 13:42:15 -0400
Message-ID: <52389470.8060505@suse.de>
Date: Tue, 17 Sep 2013 19:42:08 +0200
From: =?ISO-8859-15?Q?Andreas_F=E4rber?= <afaerber@suse.de>
MIME-Version: 1.0
References: <1379424752-11456-1-git-send-email-imammedo@redhat.com>
In-Reply-To: <1379424752-11456-1-git-send-email-imammedo@redhat.com>
Content-Type: text/plain; charset=ISO-8859-15
Content-Transfer-Encoding: quoted-printable
Subject: Re: [Qemu-devel] [PATCH] qdev: fix crash when device_add is called
 with abstract driver
List-Id: <qemu-devel.nongnu.org>
List-Unsubscribe: <https://lists.nongnu.org/mailman/options/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=unsubscribe>
List-Archive: <http://lists.nongnu.org/archive/html/qemu-devel>
List-Post: <mailto:qemu-devel@nongnu.org>
List-Help: <mailto:qemu-devel-request@nongnu.org?subject=help>
List-Subscribe: <https://lists.nongnu.org/mailman/listinfo/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=subscribe>
To: Igor Mammedov <imammedo@redhat.com>
Cc: Stefan Weil <sw@weilnetz.de>, qemu-devel@nongnu.org, Luiz Capitulino <lcapitulino@redhat.com>, Anthony Liguori <anthony@codemonkey.ws>, Paolo Bonzini <pbonzini@redhat.com>, Wenchao Xia <xiawenc@linux.vnet.ibm.com>

Am 17.09.2013 15:32, schrieb Igor Mammedov:
> user is able to crash running QEMU when following monitor
> command is called:
>=20
>  device_add intel-hda-generic
>=20
> crash is caused by assertion in object_initialize_with_type()
> when type is abstract.
>=20
> Checking if type is abstract before instance is created in
> qdev_device_add() allows to prevent crash on incorrect user input.
>=20
> Signed-off-by: Igor Mammedov <imammedo@redhat.com>
> ---
>  qdev-monitor.c |    6 ++++++
>  1 files changed, 6 insertions(+), 0 deletions(-)

Thanks, rebased and applied to qom-next:
https://github.com/afaerber/qemu-cpu/commits/qom-next

One question though:

>=20
> diff --git a/qdev-monitor.c b/qdev-monitor.c
> index 410cdcb..bb2e1b6 100644
> --- a/qdev-monitor.c
> +++ b/qdev-monitor.c
> @@ -472,6 +472,12 @@ DeviceState *qdev_device_add(QemuOpts *opts)
>          return NULL;
>      }
> =20
> +    if (object_class_is_abstract(obj)) {
> +        qerror_report(QERR_INVALID_PARAMETER_VALUE, "driver",
> +                      "non-abstract device type");

Is qerror_report() still okay despite the QERR_* considered obsolete for
error_set()? I.e. because this is only printing the text and not passing
on error classes? Or where do we draw the line? (CC Luiz)

Thanks,
Andreas

> +        return NULL;
> +    }
> +
>      k =3D DEVICE_CLASS(obj);
> =20
>      /* find bus */

--=20
SUSE LINUX Products GmbH, Maxfeldstr. 5, 90409 N=FCrnberg, Germany
GF: Jeff Hawn, Jennifer Guild, Felix Imend=F6rffer; HRB 16746 AG N=FCrnbe=
rg