qemu-e2k/hw
Markus Armbruster 5a0948d36c net/virtio: Fix failover error handling crash bugs
Functions that take an Error ** parameter to pass an error to the
caller expect the parameter to point to null.
failover_replug_primary() violates this precondition in several
places:

* After qemu_opts_from_qdict() failed, *errp is no longer null.
  Passing it to error_setg() is wrong, and will trip the assertion in
  error_setv().  Messed up in commit 150ab54aa6 "net/virtio: fix
  re-plugging of primary device".  Simply drop the error_setg().

* Passing @errp to qemu_opt_set_bool(), hotplug_handler_pre_plug(),
  and hotplug_handler_plug() is wrong.  If one of the first two fails,
  *errp is no longer null.  Risks tripping the same assertion.
  Moreover, continuing after such errors is unsafe.  Messed up in
  commit 9711cd0dfc "net/virtio: add failover support".  Fix by
  handling each error properly.

failover_replug_primary() crashes when passed a null @errp.  Also
messed up in commit 9711cd0dfc.  This bug can't bite as no caller
actually passes null.  Fix it anyway.

Fixes: 9711cd0dfc
Fixes: 150ab54aa6
Cc: Jens Freimann <jfreimann@redhat.com>
Cc: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Message-Id: <20191130194240.10517-3-armbru@redhat.com>
Reviewed-by: Jens Freimann <jfreimann@redhat.com>
2019-12-02 16:14:38 +01:00
..
9pfs 9pfs: Fix divide by zero bug 2019-11-23 15:51:48 +01:00
acpi hw/pci-host/piix: Move i440FX declarations to hw/pci-host/i440fx.h 2019-11-05 23:33:12 +01:00
adc
alpha
arm hw/arm: versal: Add the CRP as unimplemented 2019-11-26 13:55:36 +00:00
audio
block hw/block/pflash: Remove dynamic field width from trace events 2019-11-19 14:45:58 +01:00
bt
char
core numa: Add missing \n to error message 2019-11-12 10:34:23 +01:00
cpu
cris
display display: xlnx_dp: Provide sufficient bytes for silent audio channel 2019-11-21 07:12:28 +01:00
dma
gpio
hppa
hyperv
i2c
i386 intel_iommu: TM field should not be in reserved bits 2019-11-25 03:42:58 -05:00
ide
input virtio-input: fix memory leak on unrealize 2019-11-25 03:19:36 -05:00
intc ppc patch queue 2019-11-15 2019-11-18 11:09:06 +00:00
ipack
ipmi
isa hw/pci-host/piix: Extract PIIX3 functions to hw/isa/piix3.c 2019-11-05 23:33:12 +01:00
lm32
m68k q800: fix I/O memory map 2019-11-05 18:52:29 +01:00
mem
microblaze
mips hw/mips/gt64xxx: Remove dynamic field width from trace events 2019-11-19 14:46:01 +01:00
misc mos6522: update counters when timer interrupts are off 2019-11-26 10:11:50 +11:00
moxie
net net/virtio: Fix failover error handling crash bugs 2019-12-02 16:14:38 +01:00
nios2
nubus
nvram Fix the fw_cfg reboot-timeout=-1 special value, add a test for it. 2019-11-05 20:17:11 +00:00
openrisc
pci pci: Use PCI aliases when determining device IOMMU address space 2019-11-05 04:04:21 -05:00
pci-bridge
pci-host hw/pci-host/i440fx: Remove the last PIIX3 traces 2019-11-05 23:33:12 +01:00
pcmcia
ppc ppc/spapr_events: fix potential NULL pointer dereference in rtas_event_log_dequeue 2019-11-26 10:12:58 +11:00
rdma hw/rdma: Utilize ibv_reg_mr_iova for memory registration 2019-11-06 12:49:04 +02:00
riscv hw/riscv: Add optional symbol callback ptr to riscv_load_kernel() 2019-11-25 12:34:52 -08:00
rtc * microvm docs and fixes (Sergio, Liam) 2019-11-19 16:31:27 +00:00
s390x
scsi scsi: deprecate scsi-disk 2019-11-19 10:01:34 +01:00
sd
semihosting
sh4
smbios
sparc
sparc64
ssi ssi: xilinx_spips: Skip spi bus update for a few register writes 2019-11-19 13:20:27 +00:00
timer hw/i386: Remove obsolete LoadStateHandler::load_state_old handlers 2019-11-05 23:33:12 +01:00
tpm
tricore
unicore32
usb usb-host: add option to allow all resets. 2019-11-06 13:26:04 +01:00
vfio vfio/pci: Respond to KVM irqchip change notifier 2019-11-26 10:11:30 +11:00
virtio virtio: notify virtqueue via host notifier when available 2019-11-06 06:35:00 -05:00
watchdog
xen
xenpv
xtensa
Kconfig
Makefile.objs