| Message ID | 149511591185.8828.11947901967942107196.stgit@bahia.lab.toulouse-stg.fr.ibm.com |
|---|---|
| State | New |
| Headers | show |
On Thu, 18 May 2017 15:58:31 +0200 Greg Kurz <groug@kaod.org> wrote: > If we go that far on the path of hot-removing a core and we find out that > the core-id is invalid, then we have a serious bug. > > Let's make it explicit with an assert() instead of dereferencing a NULL > pointer. > > This fixes Coverity issue CID 1375404. > > Signed-off-by: Greg Kurz <groug@kaod.org> Reviewed-by: Igor Mammedov <imammedo@redhat.com> > --- > hw/ppc/spapr.c | 1 + > 1 file changed, 1 insertion(+) > > diff --git a/hw/ppc/spapr.c b/hw/ppc/spapr.c > index 0980d733cd7a..1c5b814fc0bf 100644 > --- a/hw/ppc/spapr.c > +++ b/hw/ppc/spapr.c > @@ -2715,6 +2715,7 @@ static void spapr_core_unplug(HotplugHandler *hotplug_dev, DeviceState *dev, > CPUCore *cc = CPU_CORE(dev); > CPUArchId *core_slot = spapr_find_cpu_slot(ms, cc->core_id, NULL); > > + assert(core_slot); > core_slot->cpu = NULL; > object_unparent(OBJECT(dev)); > } > >
On Thu, May 18, 2017 at 03:58:31PM +0200, Greg Kurz wrote: > If we go that far on the path of hot-removing a core and we find out that > the core-id is invalid, then we have a serious bug. > > Let's make it explicit with an assert() instead of dereferencing a NULL > pointer. > > This fixes Coverity issue CID 1375404. > > Signed-off-by: Greg Kurz <groug@kaod.org> Merged to ppc-for-2.10. > --- > hw/ppc/spapr.c | 1 + > 1 file changed, 1 insertion(+) > > diff --git a/hw/ppc/spapr.c b/hw/ppc/spapr.c > index 0980d733cd7a..1c5b814fc0bf 100644 > --- a/hw/ppc/spapr.c > +++ b/hw/ppc/spapr.c > @@ -2715,6 +2715,7 @@ static void spapr_core_unplug(HotplugHandler *hotplug_dev, DeviceState *dev, > CPUCore *cc = CPU_CORE(dev); > CPUArchId *core_slot = spapr_find_cpu_slot(ms, cc->core_id, NULL); > > + assert(core_slot); > core_slot->cpu = NULL; > object_unparent(OBJECT(dev)); > } >
diff --git a/hw/ppc/spapr.c b/hw/ppc/spapr.c index 0980d733cd7a..1c5b814fc0bf 100644 --- a/hw/ppc/spapr.c +++ b/hw/ppc/spapr.c @@ -2715,6 +2715,7 @@ static void spapr_core_unplug(HotplugHandler *hotplug_dev, DeviceState *dev, CPUCore *cc = CPU_CORE(dev); CPUArchId *core_slot = spapr_find_cpu_slot(ms, cc->core_id, NULL); + assert(core_slot); core_slot->cpu = NULL; object_unparent(OBJECT(dev)); }
If we go that far on the path of hot-removing a core and we find out that the core-id is invalid, then we have a serious bug. Let's make it explicit with an assert() instead of dereferencing a NULL pointer. This fixes Coverity issue CID 1375404. Signed-off-by: Greg Kurz <groug@kaod.org> --- hw/ppc/spapr.c | 1 + 1 file changed, 1 insertion(+)