qemu/hw
Markus Armbruster d8592b05be hw/arm: do not free machine->fdt in arm_load_dtb()
At this moment, arm_load_dtb() can free machine->fdt when
binfo->dtb_filename is NULL. If there's no 'dtb_filename', 'fdt' will be
retrieved by binfo->get_dtb(). If get_dtb() returns machine->fdt, as is
the case of machvirt_dtb() from hw/arm/virt.c, fdt now has a pointer to
machine->fdt. And, in that case, the existing g_free(fdt) at the end of
arm_load_dtb() will make machine->fdt point to an invalid memory region.

Since monitor command 'dumpdtb' was introduced a couple of releases
ago, running it with any ARM machine that uses arm_load_dtb() will
crash QEMU.

Let's enable all arm_load_dtb() callers to use dumpdtb properly. Instead
of freeing 'fdt', assign it back to ms->fdt.

Cc: Peter Maydell <peter.maydell@linaro.org>
Cc: qemu-arm@nongnu.org
Fixes: bf353ad555 ("qmp/hmp, device_tree.c: introduce dumpdtb")
Reported-by: Markus Armbruster <armbru@redhat.com>
Signed-off-by: Daniel Henrique Barboza <danielhb413@gmail.com>
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Daniel Henrique Barboza <danielhb413@gmail.com>
Message-id: 20230328165935.1512846-1-armbru@redhat.com
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
(cherry picked from commit 12148d442e)
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
2023-04-10 11:06:09 +03:00
..
9pfs Pull request 2022-10-25 11:37:17 -04:00
acpi acpi: cpuhp: fix guest-visible maximum access size to the legacy reg block 2023-03-29 10:20:04 +03:00
adc hw/adc: Make adci[*] R/W in NPCM7XX ADC 2022-07-18 13:20:14 +01:00
alpha hw: Remove unused MAX_IDE_BUS define 2022-10-31 11:32:07 +01:00
arm hw/arm: do not free machine->fdt in arm_load_dtb() 2023-04-10 11:06:09 +03:00
audio hw/audio/intel-hda: Drop unnecessary prototype 2022-11-23 12:30:45 +01:00
avr Remove qemu-common.h include from most units 2022-04-06 14:31:55 +02:00
block hw/virtio: generalise CHR_EVENT_CLOSED handling 2022-12-01 02:30:13 -05:00
char Drop useless casts from g_malloc() & friends to pointer 2022-10-22 23:15:40 +02:00
core virtio-rng-pci: fix transitional migration compat for vectors 2023-03-29 10:20:04 +03:00
cpu cpu/core: Fix "help" of CPU core device types 2021-04-09 16:05:16 -04:00
cris Do not include exec/address-spaces.h if it's not really necessary 2021-05-02 17:24:51 +02:00
cxl hw/cxl/cdat: CXL CDAT Data Object Exchange implementation 2022-11-07 13:12:19 -05:00
display hw/display/next-fb: Fix comment typo 2022-12-03 22:07:07 +01:00
dma treewide: Remove the unnecessary space before semicolon 2022-10-24 13:41:10 +02:00
gpio hw/gpio/meson: Introduce dedicated config switch for hw/gpio/mpc8xxx 2022-10-17 16:15:09 -03:00
hppa hw: Remove unused MAX_IDE_BUS define 2022-10-31 11:32:07 +01:00
hyperv hw/hyperv/hyperv.c: Use device_cold_reset() instead of device_legacy_reset() 2022-10-27 10:27:23 +01:00
i2c hw/i2c/aspeed: Fix old reg slave receive 2022-10-24 11:20:15 +02:00
i386 intel-iommu: fail DEVIOTLB_UNMAP without dt mode 2023-03-29 10:20:04 +03:00
ide hw/ppc/mac.h: Rename to include/hw/nvram/mac_nvram.h 2022-10-31 18:48:23 +00:00
input pckbd: remove legacy i8042_mm_init() function 2022-07-18 19:28:46 +01:00
intc hw/intc: add implementation of GICD_IIDR to Arm GIC 2022-11-21 11:45:13 +00:00
ipack qbus: Rename qbus_create_inplace() to qbus_init() 2021-09-30 13:42:10 +01:00
ipmi ipmi:smbus: Add a check around a memcpy 2022-08-01 06:40:50 -05:00
isa acpi: x86: move RPQx field back to _SB scope 2022-11-22 05:19:00 -05:00
loongarch Revert "hw/loongarch/virt: Add cfi01 pflash device" 2022-12-05 11:24:35 -05:00
m68k m68k/q800: do not re-randomize RNG seed on snapshot load 2022-10-27 11:34:31 +01:00
mem hw/mem/cxl-type3: Add CXL CDAT Data Object Exchange 2022-11-07 13:12:19 -05:00
microblaze hw/microblaze: pass random seed to fdt 2022-09-21 19:59:56 +02:00
mips hw/mips/malta: Use bootloader helper to set BAR registers 2022-10-31 11:32:56 +01:00
misc mac_nvram: Use NVRAM_SIZE constant 2022-10-31 18:48:23 +00:00
net hw/net/vmxnet3: allow VMXNET3_MAX_MTU itself as a value 2023-03-30 12:19:04 +03:00
nios2 hw/nios2: set machine->fdt in nios2_load_dtb() 2022-10-17 16:15:10 -03:00
nubus qbus: Rename qbus_create_inplace() to qbus_init() 2021-09-30 13:42:10 +01:00
nvme hw/nvme: fix missing cq eventidx update 2023-03-29 10:20:04 +03:00
nvram Revert "x86: return modified setup_data only if read as memory, not as file" 2023-03-29 10:20:04 +03:00
openrisc openrisc: re-randomize rng-seed on reboot 2022-10-27 11:34:31 +01:00
pci msix: Assert that specified vector is in range 2022-11-07 14:08:17 -05:00
pci-bridge hw/pci-bridge/cxl-upstream: Add a CDAT table access DOE 2022-11-07 13:12:19 -05:00
pci-host hw/pci-host/pnv_phb: Avoid quitting QEMU if hotplug of pnv-phb-root-port fails 2022-11-10 18:22:10 -03:00
pcmcia hw/pcmcia: Do not register PCMCIA type if not required 2021-05-02 17:24:50 +02:00
ppc mac_newworld: Turn CORE99_VIA_CONFIG defines into an enum 2022-10-31 18:48:23 +00:00
rdma hw/pvrdma: Protect against buggy or malicious guest driver 2023-03-30 12:19:04 +03:00
remote msix: Assert that specified vector is in range 2022-11-07 14:08:17 -05:00
riscv riscv: re-randomize rng-seed on reboot 2022-10-27 11:34:31 +01:00
rtc goldfish_rtc: Add big-endian property 2022-09-04 07:02:56 +01:00
rx rx: re-randomize rng-seed on reboot 2022-10-27 11:34:31 +01:00
s390x s390x: Fix spelling errors 2022-11-16 10:15:26 +01:00
scsi vhost: enable vrings in vhost_dev_start() for vhost-user devices 2022-12-01 02:30:04 -05:00
sd hw/sd: Fix sun4i allwinner-sdhost for U-Boot 2022-11-21 11:45:12 +00:00
sensor hw/sensor: Add Renesas ISL69259 device model 2022-07-14 16:24:38 +02:00
sh4 Use g_new() & friends where that makes obvious sense 2022-03-21 15:44:44 +01:00
smbios hw/smbios: fix field corruption in type 4 table 2023-03-29 10:20:04 +03:00
sparc machine: make memory-backend a link property 2022-05-12 12:29:44 +02:00
sparc64 hw: Remove unused MAX_IDE_BUS define 2022-10-31 11:32:07 +01:00
ssi aspeed/smc: Cache AspeedSMCClass 2022-10-24 11:20:15 +02:00
timer hw/timer/hpet: Fix expiration time overflow 2023-03-29 10:20:04 +03:00
tpm tpm_crb: Avoid backend startup just before shutdown under Xen 2022-09-09 17:55:59 -04:00
tricore hw/tricore: fix inclusion of tricore_testboard 2021-07-20 20:10:21 +02:00
usb hw/usb/hcd-xhci: Reset the XHCIState with device_cold_reset() 2022-11-23 12:28:51 +01:00
vfio pci,pc,virtio: features, tests, fixes, cleanups 2022-11-07 18:43:56 -05:00
virtio vhost: avoid a potential use of an uninitialized variable in vhost_svq_poll() 2023-03-29 10:20:04 +03:00
watchdog watchdog: remove -watchdog option 2022-09-29 11:40:28 +02:00
xen xen/pt: fix syntax error that causes FTBFS in some configurations 2022-11-05 20:35:45 +01:00
xenpv Warn user if the vga flag is passed but no vga device is created 2022-05-09 08:21:14 +02:00
xtensa hw/xtensa: fix reset value of MIROUT register of MX PIC 2022-05-06 15:27:40 -07:00
Kconfig hw/loongarch: Add support loongson3 virt machine type. 2022-06-06 18:09:03 +00:00
meson.build hw/loongarch: Add support loongson3 virt machine type. 2022-06-06 18:09:03 +00:00