diff options
author | Kevin Wolf | 2020-11-13 12:43:26 +0100 |
---|---|---|
committer | Dr. David Alan Gilbert | 2020-11-13 13:45:51 +0100 |
commit | e7cff9c68d4a46343861fbc3cc6b2a0b63b2dbb8 (patch) | |
tree | e0d3c442cd849519676b4f5fd4243e2b299852e7 /target/i386 | |
parent | hmp: Pass monitor to MonitorDef.get_value() (diff) | |
download | qemu-e7cff9c68d4a46343861fbc3cc6b2a0b63b2dbb8.tar.gz qemu-e7cff9c68d4a46343861fbc3cc6b2a0b63b2dbb8.tar.xz qemu-e7cff9c68d4a46343861fbc3cc6b2a0b63b2dbb8.zip |
hmp: Pass monitor to mon_get_cpu_env()
mon_get_cpu_env() is indirectly called monitor_parse_arguments() where
the current monitor isn't set yet. Instead of using monitor_cur_env(),
explicitly pass the Monitor pointer to the function.
Without this fix, an HMP command like "x $pc" crashes like this:
#0 0x0000555555caa01f in mon_get_cpu_sync (mon=0x0, synchronize=true) at ../monitor/misc.c:270
#1 0x0000555555caa141 in mon_get_cpu (mon=0x0) at ../monitor/misc.c:294
#2 0x0000555555caa158 in mon_get_cpu_env () at ../monitor/misc.c:299
#3 0x0000555555b19739 in monitor_get_pc (mon=0x555556ad2de0, md=0x5555565d2d40 <monitor_defs+1152>, val=0) at ../target/i386/monitor.c:607
#4 0x0000555555cadbec in get_monitor_def (mon=0x555556ad2de0, pval=0x7fffffffc208, name=0x7fffffffc220 "pc") at ../monitor/misc.c:1681
#5 0x000055555582ec4f in expr_unary (mon=0x555556ad2de0) at ../monitor/hmp.c:387
#6 0x000055555582edbb in expr_prod (mon=0x555556ad2de0) at ../monitor/hmp.c:421
#7 0x000055555582ee79 in expr_logic (mon=0x555556ad2de0) at ../monitor/hmp.c:455
#8 0x000055555582eefe in expr_sum (mon=0x555556ad2de0) at ../monitor/hmp.c:484
#9 0x000055555582efe8 in get_expr (mon=0x555556ad2de0, pval=0x7fffffffc418, pp=0x7fffffffc408) at ../monitor/hmp.c:511
#10 0x000055555582fcd4 in monitor_parse_arguments (mon=0x555556ad2de0, endp=0x7fffffffc890, cmd=0x555556675b50 <hmp_cmds+7920>) at ../monitor/hmp.c:876
#11 0x00005555558306a8 in handle_hmp_command (mon=0x555556ad2de0, cmdline=0x555556ada452 "$pc") at ../monitor/hmp.c:1087
#12 0x000055555582df14 in monitor_command_cb (opaque=0x555556ad2de0, cmdline=0x555556ada450 "x $pc", readline_opaque=0x0) at ../monitor/hmp.c:47
After this fix, nothing is left in monitor_parse_arguments() that can
indirectly call monitor_cur(), so the fix is complete.
Fixes: ff04108a0e36e822519c517bd3bddbc1c7747c18
Reported-by: lichun <lichun@ruijie.com.cn>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Message-Id: <20201113114326.97663-4-kwolf@redhat.com>
Reviewed-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
Signed-off-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
Diffstat (limited to 'target/i386')
-rw-r--r-- | target/i386/monitor.c | 6 |
1 files changed, 3 insertions, 3 deletions
diff --git a/target/i386/monitor.c b/target/i386/monitor.c index fed4606aeb..9f9e1c42f4 100644 --- a/target/i386/monitor.c +++ b/target/i386/monitor.c @@ -222,7 +222,7 @@ void hmp_info_tlb(Monitor *mon, const QDict *qdict) { CPUArchState *env; - env = mon_get_cpu_env(); + env = mon_get_cpu_env(mon); if (!env) { monitor_printf(mon, "No CPU available\n"); return; @@ -550,7 +550,7 @@ void hmp_info_mem(Monitor *mon, const QDict *qdict) { CPUArchState *env; - env = mon_get_cpu_env(); + env = mon_get_cpu_env(mon); if (!env) { monitor_printf(mon, "No CPU available\n"); return; @@ -604,7 +604,7 @@ void hmp_mce(Monitor *mon, const QDict *qdict) static target_long monitor_get_pc(Monitor *mon, const struct MonitorDef *md, int val) { - CPUArchState *env = mon_get_cpu_env(); + CPUArchState *env = mon_get_cpu_env(mon); return env->eip + env->segs[R_CS].base; } |