[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Qemu-block] [PATCH v1] ide: check BlockBackend object in ide_cancel
|
From: |
Kevin Wolf |
|
Subject: |
Re: [Qemu-block] [PATCH v1] ide: check BlockBackend object in ide_cancel_dma_sync |
|
Date: |
Mon, 17 Jul 2017 18:05:03 +0200 |
|
User-agent: |
Mutt/1.5.21 (2010-09-15) |
Am 17.07.2017 um 15:01 hat P J P geschrieben:
> From: Prasad J Pandit <address@hidden>
>
> When cancelling pending DMA requests in ide_cancel_dma_sync,
> the s->blk object could be null, leading to a null dereference.
> Add check to avoid it.
>
> blk_bs (blk=0x0) at block/block-backend.c:389
> blk_drain (blk=0x0) at block/block-backend.c:1232
> ide_cancel_dma_sync (s=0x7f203241c1a8) at hw/ide/core.c:684
> bmdma_cmd_writeb (bm=0x7f203241cf20, val=104) at hw/ide/pci.c:237
> bmdma_write (opaque=0x7f203241cf20, addr=0, val=104, size=1) at
> hw/ide/piix.c:77
>
> Reported-by: Chensongnian <address@hidden>
> Signed-off-by: Prasad J Pandit <address@hidden>
> ---
> hw/ide/core.c | 6 ++++--
> 1 file changed, 4 insertions(+), 2 deletions(-)
>
> Update: add call stack trace leading the null dereference.
I think Stefan didn't only mean a stack trace, but an actual instruction
how to reproduce this. VM configuration, what actions to take, etc.
In fact, I will add that we will probably want a qtest case as a
regression test anyway, and tests are always great for describing how to
reproduce a problem, too.
Kevin