From: "Dr. David Alan Gilbert" <dgilbert@redhat.com>
If memory-backend is a non-existent object, qemu crashes.
Check that the backend actually resolves.
e.g. ./qemu-system-x86_64 -machine pc,accel=kvm,memory-backend=foo
Signed-off-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
---
softmmu/vl.c | 5 +++++
1 file changed, 5 insertions(+)
diff --git a/softmmu/vl.c b/softmmu/vl.c
index ff2685dff8..76507e99c4 100644
--- a/softmmu/vl.c
+++ b/softmmu/vl.c
@@ -4288,6 +4288,11 @@ void qemu_init(int argc, char **argv, char **envp)
backend = object_resolve_path_type(current_machine->ram_memdev_id,
TYPE_MEMORY_BACKEND, NULL);
+ if (!backend) {
+ error_report("Unknown memory backend object id '%s'",
+ current_machine->ram_memdev_id);
+ exit(EXIT_FAILURE);
+ }
backend_size = object_property_get_uint(backend, "size", &error_abort);
if (have_custom_ram_size && backend_size != ram_size) {
error_report("Size specified by -m option must match size of "
--
2.24.1
On Tue, 17 Mar 2020 12:07:59 +0000
"Dr. David Alan Gilbert (git)" <dgilbert@redhat.com> wrote:
> From: "Dr. David Alan Gilbert" <dgilbert@redhat.com>
>
> If memory-backend is a non-existent object, qemu crashes.
> Check that the backend actually resolves.
>
> e.g. ./qemu-system-x86_64 -machine pc,accel=kvm,memory-backend=foo
there is a patch to fix it already
[PATCH] softmmu: fix crash with invalid -M memory-backend=
by Marc-André
but looks like it fell through cracks ...
>
> Signed-off-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
> ---
> softmmu/vl.c | 5 +++++
> 1 file changed, 5 insertions(+)
>
> diff --git a/softmmu/vl.c b/softmmu/vl.c
> index ff2685dff8..76507e99c4 100644
> --- a/softmmu/vl.c
> +++ b/softmmu/vl.c
> @@ -4288,6 +4288,11 @@ void qemu_init(int argc, char **argv, char **envp)
>
> backend = object_resolve_path_type(current_machine->ram_memdev_id,
> TYPE_MEMORY_BACKEND, NULL);
> + if (!backend) {
> + error_report("Unknown memory backend object id '%s'",
> + current_machine->ram_memdev_id);
> + exit(EXIT_FAILURE);
> + }
> backend_size = object_property_get_uint(backend, "size", &error_abort);
> if (have_custom_ram_size && backend_size != ram_size) {
> error_report("Size specified by -m option must match size of "
* Igor Mammedov (imammedo@redhat.com) wrote:
> On Tue, 17 Mar 2020 12:07:59 +0000
> "Dr. David Alan Gilbert (git)" <dgilbert@redhat.com> wrote:
>
> > From: "Dr. David Alan Gilbert" <dgilbert@redhat.com>
> >
> > If memory-backend is a non-existent object, qemu crashes.
> > Check that the backend actually resolves.
> >
> > e.g. ./qemu-system-x86_64 -machine pc,accel=kvm,memory-backend=foo
>
> there is a patch to fix it already
> [PATCH] softmmu: fix crash with invalid -M memory-backend=
> by Marc-André
>
> but looks like it fell through cracks ...
Oops, didn't see that.
(I tripped over this because I hadn't originally realised that it was
an object ID rather than object type with options)
Dave
> >
> > Signed-off-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
> > ---
> > softmmu/vl.c | 5 +++++
> > 1 file changed, 5 insertions(+)
> >
> > diff --git a/softmmu/vl.c b/softmmu/vl.c
> > index ff2685dff8..76507e99c4 100644
> > --- a/softmmu/vl.c
> > +++ b/softmmu/vl.c
> > @@ -4288,6 +4288,11 @@ void qemu_init(int argc, char **argv, char **envp)
> >
> > backend = object_resolve_path_type(current_machine->ram_memdev_id,
> > TYPE_MEMORY_BACKEND, NULL);
> > + if (!backend) {
> > + error_report("Unknown memory backend object id '%s'",
> > + current_machine->ram_memdev_id);
> > + exit(EXIT_FAILURE);
> > + }
> > backend_size = object_property_get_uint(backend, "size", &error_abort);
> > if (have_custom_ram_size && backend_size != ram_size) {
> > error_report("Size specified by -m option must match size of "
>
--
Dr. David Alan Gilbert / dgilbert@redhat.com / Manchester, UK
© 2016 - 2026 Red Hat, Inc.