qemu-devel
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Qemu-devel] [PATCH arm-devs v1 1/1] char/cadence_uart: Fix reset fo


From: Peter Crosthwaite
Subject: Re: [Qemu-devel] [PATCH arm-devs v1 1/1] char/cadence_uart: Fix reset for unattached instances
Date: Wed, 26 Jun 2013 10:41:42 +1000

Hi Peter,

On Wed, Jun 26, 2013 at 3:16 AM, Peter Maydell <address@hidden> wrote:
> On 7 June 2013 05:02,  <address@hidden> wrote:
>> From: Peter Crosthwaite <address@hidden>
>>
>> commit 1db8b5efe0c2b5000e50691eea61264a615f43de introduced an issue
>> where QEMU would segfault if you have an unattached Cadence UART.
>>
>> Fix by guarding the flush-on-reset logic on there being a qemu_chr
>> attachment.
>>
>> Reported-by: Soren Brinkmann <address@hidden>
>> Signed-off-by: Peter Crosthwaite <address@hidden>
>> ---
>>
>>  hw/char/cadence_uart.c | 4 +++-
>>  1 file changed, 3 insertions(+), 1 deletion(-)
>>
>> diff --git a/hw/char/cadence_uart.c b/hw/char/cadence_uart.c
>> index c2a7834..29827d2 100644
>> --- a/hw/char/cadence_uart.c
>> +++ b/hw/char/cadence_uart.c
>> @@ -157,7 +157,9 @@ static void uart_rx_reset(UartState *s)
>>  {
>>      s->rx_wpos = 0;
>>      s->rx_count = 0;
>> -    qemu_chr_accept_input(s->chr);
>> +    if (s->chr) {
>> +        qemu_chr_accept_input(s->chr);
>> +    }
>
> There seem to be a lot of references to s->chr in this device:
> is this really the only one which needs a guard against NULL?
>

Actually no,

We have had some corner cases where other dereferences have segfaulted
on us too. On my todo list to sweep and fix globally.

But this is unique and a much bigger problem than the rest, as it is
in the reset path. So even if the uart is present in system and unused
it segafaults.

Regards,
Peter

> thanks
> -- PMM
>



reply via email to

[Prev in Thread] Current Thread [Next in Thread]