1. Patchew
  2. QEMU
  3. View series

[PATCH] hw/cxl/cxl-host: Fix guest crash when getting cxl-fmw property

Zhao Liu posted 1 patch 4 months, 3 weeks ago
Patches applied successfully (tree, apply log)
git fetch https://github.com/patchew-project/qemu tags/patchew/20240704093404.1848132-1-zhao1.liu@linux.intel.com
Maintainers: Jonathan Cameron <jonathan.cameron@huawei.com>, Fan Ni <fan.ni@samsung.com>
hw/cxl/cxl-host.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
[PATCH] hw/cxl/cxl-host: Fix guest crash when getting cxl-fmw property
Posted by Zhao Liu 4 months, 3 weeks ago 
From: Zhao Liu <zhao1.liu@intel.com>

Guest crashes (Segmentation fault) when getting cxl-fmw property via
qmp:

(QEMU) qom-get path=machine property=cxl-fmw

This issue is caused by accessing wrong callback (opaque) type in
machine_get_cfmw().

cxl_machine_init() sets the callback as `CXLState *` type but
machine_get_cfmw() treats the callback as
`CXLFixedMemoryWindowOptionsList **`.

Fix this error by casting opaque to `CXLState *` type in
machine_get_cfmw().

Fixes: 03b39fcf64bc ("hw/cxl: Make the CXL fixed memory window setup a machine parameter.")
Signed-off-by: Zhao Liu <zhao1.liu@intel.com>
---
 hw/cxl/cxl-host.c | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/hw/cxl/cxl-host.c b/hw/cxl/cxl-host.c
index c5f5fcfd64d0..e9f2543c43c6 100644
--- a/hw/cxl/cxl-host.c
+++ b/hw/cxl/cxl-host.c
@@ -315,7 +315,8 @@ static void machine_set_cxl(Object *obj, Visitor *v, const char *name,
 static void machine_get_cfmw(Object *obj, Visitor *v, const char *name,
                              void *opaque, Error **errp)
 {
-    CXLFixedMemoryWindowOptionsList **list = opaque;
+    CXLState *state = opaque;
+    CXLFixedMemoryWindowOptionsList **list = &state->cfmw_list;
 
     visit_type_CXLFixedMemoryWindowOptionsList(v, name, list, errp);
 }
-- 
2.34.1
Re: [PATCH] hw/cxl/cxl-host: Fix guest crash when getting cxl-fmw property
Posted by Zhijian Li (Fujitsu) via 4 months, 3 weeks ago 

On 04/07/2024 17:34, Zhao Liu wrote:
> From: Zhao Liu <zhao1.liu@intel.com>
> 
> Guest crashes (Segmentation fault) when getting cxl-fmw property via
> qmp:
> 

IMO, it's fair to say "Guest crashes" which generally means the guest kernel panic etc.
I'd prefer the subject like:
hw/cxl/cxl-host: Fix segmentation fault when getting cxl-fmw property


Otherwise,

Reviewed-by: Li Zhijian <lizhijian@fujitsu.com>


> (QEMU) qom-get path=machine property=cxl-fmw
> 
> This issue is caused by accessing wrong callback (opaque) type in
> machine_get_cfmw().
> 
> cxl_machine_init() sets the callback as `CXLState *` type but
> machine_get_cfmw() treats the callback as
> `CXLFixedMemoryWindowOptionsList **`.
> 
> Fix this error by casting opaque to `CXLState *` type in
> machine_get_cfmw().
> 
> Fixes: 03b39fcf64bc ("hw/cxl: Make the CXL fixed memory window setup a machine parameter.")
> Signed-off-by: Zhao Liu <zhao1.liu@intel.com>
> ---
>   hw/cxl/cxl-host.c | 3 ++-
>   1 file changed, 2 insertions(+), 1 deletion(-)
> 
> diff --git a/hw/cxl/cxl-host.c b/hw/cxl/cxl-host.c
> index c5f5fcfd64d0..e9f2543c43c6 100644
> --- a/hw/cxl/cxl-host.c
> +++ b/hw/cxl/cxl-host.c
> @@ -315,7 +315,8 @@ static void machine_set_cxl(Object *obj, Visitor *v, const char *name,
>   static void machine_get_cfmw(Object *obj, Visitor *v, const char *name,
>                                void *opaque, Error **errp)
>   {
> -    CXLFixedMemoryWindowOptionsList **list = opaque;
> +    CXLState *state = opaque;
> +    CXLFixedMemoryWindowOptionsList **list = &state->cfmw_list;
>   
>       visit_type_CXLFixedMemoryWindowOptionsList(v, name, list, errp);
>   }
Re: [PATCH] hw/cxl/cxl-host: Fix guest crash when getting cxl-fmw property
Posted by Jonathan Cameron via 4 months, 3 weeks ago 
On Fri, 5 Jul 2024 02:39:51 +0000
"Zhijian Li (Fujitsu)" <lizhijian@fujitsu.com> wrote:

> On 04/07/2024 17:34, Zhao Liu wrote:
> > From: Zhao Liu <zhao1.liu@intel.com>
> > 
> > Guest crashes (Segmentation fault) when getting cxl-fmw property via
> > qmp:
> >   
> 
> IMO, it's fair to say "Guest crashes" which generally means the guest kernel panic etc.
> I'd prefer the subject like:
> hw/cxl/cxl-host: Fix segmentation fault when getting cxl-fmw property
Agreed. I've picked this up and edited the description.

I've just hit send on a v2 of the misc minor fixes series with this
replacing the patch that dropped cfmws_list

Thanks,

Jonathan


> 
> 
> Otherwise,
> 
> Reviewed-by: Li Zhijian <lizhijian@fujitsu.com>
> 
> 
> > (QEMU) qom-get path=machine property=cxl-fmw
> > 
> > This issue is caused by accessing wrong callback (opaque) type in
> > machine_get_cfmw().
> > 
> > cxl_machine_init() sets the callback as `CXLState *` type but
> > machine_get_cfmw() treats the callback as
> > `CXLFixedMemoryWindowOptionsList **`.
> > 
> > Fix this error by casting opaque to `CXLState *` type in
> > machine_get_cfmw().
> > 
> > Fixes: 03b39fcf64bc ("hw/cxl: Make the CXL fixed memory window setup a machine parameter.")
> > Signed-off-by: Zhao Liu <zhao1.liu@intel.com>
> > ---
> >   hw/cxl/cxl-host.c | 3 ++-
> >   1 file changed, 2 insertions(+), 1 deletion(-)
> > 
> > diff --git a/hw/cxl/cxl-host.c b/hw/cxl/cxl-host.c
> > index c5f5fcfd64d0..e9f2543c43c6 100644
> > --- a/hw/cxl/cxl-host.c
> > +++ b/hw/cxl/cxl-host.c
> > @@ -315,7 +315,8 @@ static void machine_set_cxl(Object *obj, Visitor *v, const char *name,
> >   static void machine_get_cfmw(Object *obj, Visitor *v, const char *name,
> >                                void *opaque, Error **errp)
> >   {
> > -    CXLFixedMemoryWindowOptionsList **list = opaque;
> > +    CXLState *state = opaque;
> > +    CXLFixedMemoryWindowOptionsList **list = &state->cfmw_list;
> >   
> >       visit_type_CXLFixedMemoryWindowOptionsList(v, name, list, errp);
> >
RE: [PATCH] hw/cxl/cxl-host: Fix guest crash when getting cxl-fmw property
Posted by Xingtao Yao (Fujitsu) via 4 months, 3 weeks ago 

> -----Original Message-----
> From: qemu-devel-bounces+yaoxt.fnst=fujitsu.com@nongnu.org
> <qemu-devel-bounces+yaoxt.fnst=fujitsu.com@nongnu.org> On Behalf Of Zhao
> Liu
> Sent: Thursday, July 4, 2024 5:34 PM
> To: Jonathan Cameron <jonathan.cameron@huawei.com>; Fan Ni
> <fan.ni@samsung.com>
> Cc: qemu-devel@nongnu.org; qemu-stable@nongnu.org; Zhao Liu
> <zhao1.liu@intel.com>
> Subject: [PATCH] hw/cxl/cxl-host: Fix guest crash when getting cxl-fmw property
> 
> From: Zhao Liu <zhao1.liu@intel.com>
> 
> Guest crashes (Segmentation fault) when getting cxl-fmw property via
> qmp:
> 
> (QEMU) qom-get path=machine property=cxl-fmw
> 
> This issue is caused by accessing wrong callback (opaque) type in
> machine_get_cfmw().
> 
> cxl_machine_init() sets the callback as `CXLState *` type but
> machine_get_cfmw() treats the callback as
> `CXLFixedMemoryWindowOptionsList **`.
> 
> Fix this error by casting opaque to `CXLState *` type in
> machine_get_cfmw().
> 
> Fixes: 03b39fcf64bc ("hw/cxl: Make the CXL fixed memory window setup a
> machine parameter.")
> Signed-off-by: Zhao Liu <zhao1.liu@intel.com>
> ---
>  hw/cxl/cxl-host.c | 3 ++-
>  1 file changed, 2 insertions(+), 1 deletion(-)
> 
> diff --git a/hw/cxl/cxl-host.c b/hw/cxl/cxl-host.c
> index c5f5fcfd64d0..e9f2543c43c6 100644
> --- a/hw/cxl/cxl-host.c
> +++ b/hw/cxl/cxl-host.c
> @@ -315,7 +315,8 @@ static void machine_set_cxl(Object *obj, Visitor *v, const
> char *name,
>  static void machine_get_cfmw(Object *obj, Visitor *v, const char *name,
>                               void *opaque, Error **errp)
>  {
> -    CXLFixedMemoryWindowOptionsList **list = opaque;
> +    CXLState *state = opaque;
> +    CXLFixedMemoryWindowOptionsList **list = &state->cfmw_list;
> 
>      visit_type_CXLFixedMemoryWindowOptionsList(v, name, list, errp);
>  }
> --
> 2.34.1
> 

Reviewed-by: Xingtao Yao <yaoxt.fnst@fujitsu.com>

Patchew 2.1-devel-b67e4c2

© 2016 - 2024 Red Hat, Inc.