Patchwork pc: fix segfault introduced by 3d53f5c36ff6

login
register
mail settings
Submitter Eduard - Gabriel Munteanu
Date May 20, 2010, 6:14 a.m.
Message ID <1274336044-28624-1-git-send-email-eduard.munteanu@linux360.ro>
Download mbox | patch
Permalink /patch/53039/
State New
Headers show

Comments

Eduard - Gabriel Munteanu - May 20, 2010, 6:14 a.m.
Commit 3d53f5c36ff6 introduced a segfault by erroneously making fw_cfg a
'void **' and passing it around in different ways.

Signed-off-by: Eduard - Gabriel Munteanu <eduard.munteanu@linux360.ro>
---
 hw/pc.c |    4 ++--
 1 files changed, 2 insertions(+), 2 deletions(-)
Isaku Yamahata - May 20, 2010, 8:08 a.m.
Thank you for fixing it. Probably I was too in hurry when rebasing the patches.

Acked-by: Isaku Yamahata <yamahata@valinux.co.jp>

On Thu, May 20, 2010 at 09:14:04AM +0300, Eduard - Gabriel Munteanu wrote:
> Commit 3d53f5c36ff6 introduced a segfault by erroneously making fw_cfg a
> 'void **' and passing it around in different ways.
> 
> Signed-off-by: Eduard - Gabriel Munteanu <eduard.munteanu@linux360.ro>
> ---
>  hw/pc.c |    4 ++--
>  1 files changed, 2 insertions(+), 2 deletions(-)
> 
> diff --git a/hw/pc.c b/hw/pc.c
> index fee08c9..4a4a706 100644
> --- a/hw/pc.c
> +++ b/hw/pc.c
> @@ -822,7 +822,7 @@ void pc_memory_init(ram_addr_t ram_size,
>      ram_addr_t ram_addr, bios_offset, option_rom_offset;
>      ram_addr_t below_4g_mem_size, above_4g_mem_size = 0;
>      int bios_size, isa_bios_size;
> -    void **fw_cfg;
> +    void *fw_cfg;
>  
>      if (ram_size >= 0xe0000000 ) {
>          above_4g_mem_size = ram_size - 0xe0000000;
> @@ -905,7 +905,7 @@ void pc_memory_init(ram_addr_t ram_size,
>      rom_set_fw(fw_cfg);
>  
>      if (linux_boot) {
> -        load_linux(*fw_cfg, kernel_filename, initrd_filename, kernel_cmdline, below_4g_mem_size);
> +        load_linux(fw_cfg, kernel_filename, initrd_filename, kernel_cmdline, below_4g_mem_size);
>      }
>  
>      for (i = 0; i < nb_option_roms; i++) {
> -- 
> 1.6.4.4
> 
>
Blue Swirl - May 20, 2010, 8:38 p.m.
Good catch. Thanks, applied.


On Thu, May 20, 2010 at 6:14 AM, Eduard - Gabriel Munteanu
<eduard.munteanu@linux360.ro> wrote:
> Commit 3d53f5c36ff6 introduced a segfault by erroneously making fw_cfg a
> 'void **' and passing it around in different ways.
>
> Signed-off-by: Eduard - Gabriel Munteanu <eduard.munteanu@linux360.ro>
> ---
>  hw/pc.c |    4 ++--
>  1 files changed, 2 insertions(+), 2 deletions(-)
>
> diff --git a/hw/pc.c b/hw/pc.c
> index fee08c9..4a4a706 100644
> --- a/hw/pc.c
> +++ b/hw/pc.c
> @@ -822,7 +822,7 @@ void pc_memory_init(ram_addr_t ram_size,
>     ram_addr_t ram_addr, bios_offset, option_rom_offset;
>     ram_addr_t below_4g_mem_size, above_4g_mem_size = 0;
>     int bios_size, isa_bios_size;
> -    void **fw_cfg;
> +    void *fw_cfg;
>
>     if (ram_size >= 0xe0000000 ) {
>         above_4g_mem_size = ram_size - 0xe0000000;
> @@ -905,7 +905,7 @@ void pc_memory_init(ram_addr_t ram_size,
>     rom_set_fw(fw_cfg);
>
>     if (linux_boot) {
> -        load_linux(*fw_cfg, kernel_filename, initrd_filename, kernel_cmdline, below_4g_mem_size);
> +        load_linux(fw_cfg, kernel_filename, initrd_filename, kernel_cmdline, below_4g_mem_size);
>     }
>
>     for (i = 0; i < nb_option_roms; i++) {
> --
> 1.6.4.4
>
>

Patch

diff --git a/hw/pc.c b/hw/pc.c
index fee08c9..4a4a706 100644
--- a/hw/pc.c
+++ b/hw/pc.c
@@ -822,7 +822,7 @@  void pc_memory_init(ram_addr_t ram_size,
     ram_addr_t ram_addr, bios_offset, option_rom_offset;
     ram_addr_t below_4g_mem_size, above_4g_mem_size = 0;
     int bios_size, isa_bios_size;
-    void **fw_cfg;
+    void *fw_cfg;
 
     if (ram_size >= 0xe0000000 ) {
         above_4g_mem_size = ram_size - 0xe0000000;
@@ -905,7 +905,7 @@  void pc_memory_init(ram_addr_t ram_size,
     rom_set_fw(fw_cfg);
 
     if (linux_boot) {
-        load_linux(*fw_cfg, kernel_filename, initrd_filename, kernel_cmdline, below_4g_mem_size);
+        load_linux(fw_cfg, kernel_filename, initrd_filename, kernel_cmdline, below_4g_mem_size);
     }
 
     for (i = 0; i < nb_option_roms; i++) {