diff mbox series

pmu: fix pmu vmstate subsection list

Message ID	20211116150837.169291-1-lvivier@redhat.com (mailing list archive)
State	New, archived
Headers	show Return-Path: <SRS0=iNjW=QD=nongnu.org=qemu-devel-bounces+qemu-devel=archiver.kernel.org@kernel.org> DMARC-Filter: OpenDMARC Filter v1.4.1 mail.kernel.org 5F52461BFE From: Laurent Vivier <lvivier@redhat.com> To: qemu-devel@nongnu.org Subject: [PATCH] pmu: fix pmu vmstate subsection list Date: Tue, 16 Nov 2021 16:08:37 +0100 Message-Id: <20211116150837.169291-1-lvivier@redhat.com> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Content-Type: text/plain; charset="US-ASCII" Received-SPF: pass client-ip=170.10.133.124; envelope-from=lvivier@redhat.com; helo=us-smtp-delivery-124.mimecast.com X-Spam_score_int: -34 X-Spam_score: -3.5 X-Spam_bar: --- X-Spam_report: (-3.5 / 5.0 requ) BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.697, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_LOW=-0.7, RCVD_IN_MSPIKE_H2=-0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=unavailable autolearn_force=no X-Spam_action: no action Precedence: list Cc: qemu-ppc@nongnu.org, Mark Cave-Ayland <mark.cave-ayland@ilande.co.uk> Errors-To: qemu-devel-bounces+qemu-devel=archiver.kernel.org@nongnu.org Sender: "Qemu-devel" <qemu-devel-bounces+qemu-devel=archiver.kernel.org@nongnu.org>
Series	pmu: fix pmu vmstate subsection list \| expand pmu: fix pmu vmstate subsection list

Commit Message

Laurent Vivier Nov. 16, 2021, 3:08 p.m. UTC

The subsection is not closed by a NULL marker so this can trigger
a segfault when the pmu vmstate is saved.

This can be easily shown with:

  $ ./qemu-system-ppc64  -dump-vmstate vmstate.json
  Segmentation fault (core dumped)

Fixes: d811d61fbc6c ("mac_newworld: add PMU device")
Cc: mark.cave-ayland@ilande.co.uk
Signed-off-by: Laurent Vivier <lvivier@redhat.com>
---
 hw/misc/macio/pmu.c | 1 +
 1 file changed, 1 insertion(+)

Comments

Greg Kurz Nov. 16, 2021, 3:20 p.m. UTC | #1

On Tue, 16 Nov 2021 16:08:37 +0100
Laurent Vivier <lvivier@redhat.com> wrote:

> The subsection is not closed by a NULL marker so this can trigger
> a segfault when the pmu vmstate is saved.
> 
> This can be easily shown with:
> 
>   $ ./qemu-system-ppc64  -dump-vmstate vmstate.json
>   Segmentation fault (core dumped)
> 
> Fixes: d811d61fbc6c ("mac_newworld: add PMU device")
> Cc: mark.cave-ayland@ilande.co.uk
> Signed-off-by: Laurent Vivier <lvivier@redhat.com>
> ---

Reviewed-by: Greg Kurz <groug@kaod.org>

>  hw/misc/macio/pmu.c | 1 +
>  1 file changed, 1 insertion(+)
> 
> diff --git a/hw/misc/macio/pmu.c b/hw/misc/macio/pmu.c
> index 4ad4f50e08c3..eb39c64694aa 100644
> --- a/hw/misc/macio/pmu.c
> +++ b/hw/misc/macio/pmu.c
> @@ -718,6 +718,7 @@ static const VMStateDescription vmstate_pmu = {
>      },
>      .subsections = (const VMStateDescription * []) {
>          &vmstate_pmu_adb,
> +        NULL
>      }
>  };
>  

This fix is so obvious that I guess you could carry it through the
trivial tree IMHO.

Philippe Mathieu-Daudé Nov. 16, 2021, 3:44 p.m. UTC | #2

On 11/16/21 16:08, Laurent Vivier wrote:
> The subsection is not closed by a NULL marker so this can trigger
> a segfault when the pmu vmstate is saved.
> 
> This can be easily shown with:
> 
>   $ ./qemu-system-ppc64  -dump-vmstate vmstate.json
>   Segmentation fault (core dumped)
> 
> Fixes: d811d61fbc6c ("mac_newworld: add PMU device")
> Cc: mark.cave-ayland@ilande.co.uk
> Signed-off-by: Laurent Vivier <lvivier@redhat.com>
> ---
>  hw/misc/macio/pmu.c | 1 +
>  1 file changed, 1 insertion(+)
> 
> diff --git a/hw/misc/macio/pmu.c b/hw/misc/macio/pmu.c
> index 4ad4f50e08c3..eb39c64694aa 100644
> --- a/hw/misc/macio/pmu.c
> +++ b/hw/misc/macio/pmu.c
> @@ -718,6 +718,7 @@ static const VMStateDescription vmstate_pmu = {
>      },
>      .subsections = (const VMStateDescription * []) {
>          &vmstate_pmu_adb,
> +        NULL
>      }
>  };

Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>

BTW I ran 'git grep -W -F .subsections' and couldn't find other
occurrence.

Mark Cave-Ayland Nov. 16, 2021, 7:50 p.m. UTC | #3

On 16/11/2021 15:08, Laurent Vivier wrote:

> The subsection is not closed by a NULL marker so this can trigger
> a segfault when the pmu vmstate is saved.
> 
> This can be easily shown with:
> 
>    $ ./qemu-system-ppc64  -dump-vmstate vmstate.json
>    Segmentation fault (core dumped)
> 
> Fixes: d811d61fbc6c ("mac_newworld: add PMU device")
> Cc: mark.cave-ayland@ilande.co.uk
> Signed-off-by: Laurent Vivier <lvivier@redhat.com>
> ---
>   hw/misc/macio/pmu.c | 1 +
>   1 file changed, 1 insertion(+)
> 
> diff --git a/hw/misc/macio/pmu.c b/hw/misc/macio/pmu.c
> index 4ad4f50e08c3..eb39c64694aa 100644
> --- a/hw/misc/macio/pmu.c
> +++ b/hw/misc/macio/pmu.c
> @@ -718,6 +718,7 @@ static const VMStateDescription vmstate_pmu = {
>       },
>       .subsections = (const VMStateDescription * []) {
>           &vmstate_pmu_adb,
> +        NULL
>       }
>   };

Eeek. Good spot, looks like this bug has been around for some time:

Reviewed-by: Mark Cave-Ayland <mark.cave-ayland@ilande.co.uk>


ATB,

Mark.

Cédric Le Goater Nov. 17, 2021, 11:03 a.m. UTC | #4

>> diff --git a/hw/misc/macio/pmu.c b/hw/misc/macio/pmu.c
>> index 4ad4f50e08c3..eb39c64694aa 100644
>> --- a/hw/misc/macio/pmu.c
>> +++ b/hw/misc/macio/pmu.c
>> @@ -718,6 +718,7 @@ static const VMStateDescription vmstate_pmu = {
>>       },
>>       .subsections = (const VMStateDescription * []) {
>>           &vmstate_pmu_adb,
>> +        NULL
>>       }
>>   };
>>   
> 
> This fix is so obvious that I guess you could carry it through the
> trivial tree IMHO.

I don't have anything queued for ppc yet but anyhow I can send a PR
at the end of the week if trivial doesn't.

Thanks,

C.

Cédric Le Goater Nov. 17, 2021, 6:13 p.m. UTC | #5

On 11/16/21 16:08, Laurent Vivier wrote:
> The subsection is not closed by a NULL marker so this can trigger
> a segfault when the pmu vmstate is saved.
> 
> This can be easily shown with:
> 
>    $ ./qemu-system-ppc64  -dump-vmstate vmstate.json
>    Segmentation fault (core dumped)
> 
> Fixes: d811d61fbc6c ("mac_newworld: add PMU device")
> Cc: mark.cave-ayland@ilande.co.uk
> Signed-off-by: Laurent Vivier <lvivier@redhat.com>

Queued for 6.2

Thanks,

C.


> ---
>   hw/misc/macio/pmu.c | 1 +
>   1 file changed, 1 insertion(+)
> 
> diff --git a/hw/misc/macio/pmu.c b/hw/misc/macio/pmu.c
> index 4ad4f50e08c3..eb39c64694aa 100644
> --- a/hw/misc/macio/pmu.c
> +++ b/hw/misc/macio/pmu.c
> @@ -718,6 +718,7 @@ static const VMStateDescription vmstate_pmu = {
>       },
>       .subsections = (const VMStateDescription * []) {
>           &vmstate_pmu_adb,
> +        NULL
>       }
>   };
>   
>

diff mbox series

Patch

diff --git a/hw/misc/macio/pmu.c b/hw/misc/macio/pmu.c
index 4ad4f50e08c3..eb39c64694aa 100644
--- a/hw/misc/macio/pmu.c
+++ b/hw/misc/macio/pmu.c
@@ -718,6 +718,7 @@  static const VMStateDescription vmstate_pmu = {
     },
     .subsections = (const VMStateDescription * []) {
         &vmstate_pmu_adb,
+        NULL
     }
 };