From 4cae4d5acaea23f3def84c8dc67ef5106323e5cb Mon Sep 17 00:00:00 2001 From: Marcel Apfelbaum Date: Wed, 26 Nov 2014 13:50:01 +0200 Subject: hmp: fix regression of HMP device_del auto-completion The commits: - 6a1fa9f5 (monitor: add del completion for peripheral device) - 66e56b13 (qdev: add qdev_build_hotpluggable_device_list helper) cause a QEMU crash when trying to use HMP device_del auto-completion. It can be easily reproduced by: -enable-kvm ~/images/fedora.qcow2 -monitor stdio -device virtio-net-pci,id=vnet (qemu) device_del /home/mapfelba/git/upstream/qemu/hw/core/qdev.c:941:qdev_build_hotpluggable_device_list: Object 0x7f6ce04e4fe0 is not an instance of type device Aborted (core dumped) The root cause is qdev_build_hotpluggable_device_list going recursively over all peripherals and their children assuming all are devices. It doesn't work since PCI devices have at least on child which is a memory region (bus master). Solved by observing that all devices appear as direct children of /machine/peripheral container. No need of going recursively over all the children. Signed-off-by: Marcel Apfelbaum Reported-by: Gal Hammer Reviewed-by: Igor Mammedov Message-id: 1417002601-20799-1-git-send-email-marcel.a@redhat.com Signed-off-by: Peter Maydell --- hw/core/qdev.c | 12 ++++++++++-- include/hw/qdev-core.h | 2 +- monitor.c | 11 ++++------- 3 files changed, 15 insertions(+), 10 deletions(-) diff --git a/hw/core/qdev.c b/hw/core/qdev.c index 413b41376f..35fd00d26c 100644 --- a/hw/core/qdev.c +++ b/hw/core/qdev.c @@ -935,7 +935,7 @@ void qdev_alias_all_properties(DeviceState *target, Object *source) } while (class != object_class_by_name(TYPE_DEVICE)); } -int qdev_build_hotpluggable_device_list(Object *obj, void *opaque) +static int qdev_add_hotpluggable_device(Object *obj, void *opaque) { GSList **list = opaque; DeviceState *dev = DEVICE(obj); @@ -944,10 +944,18 @@ int qdev_build_hotpluggable_device_list(Object *obj, void *opaque) *list = g_slist_append(*list, dev); } - object_child_foreach(obj, qdev_build_hotpluggable_device_list, opaque); return 0; } +GSList *qdev_build_hotpluggable_device_list(Object *peripheral) +{ + GSList *list = NULL; + + object_child_foreach(peripheral, qdev_add_hotpluggable_device, &list); + + return list; +} + static bool device_get_realized(Object *obj, Error **errp) { DeviceState *dev = DEVICE(obj); diff --git a/include/hw/qdev-core.h b/include/hw/qdev-core.h index d3a29408d4..589bbe7360 100644 --- a/include/hw/qdev-core.h +++ b/include/hw/qdev-core.h @@ -365,7 +365,7 @@ extern int qdev_hotplug; char *qdev_get_dev_path(DeviceState *dev); -int qdev_build_hotpluggable_device_list(Object *obj, void *opaque); +GSList *qdev_build_hotpluggable_device_list(Object *peripheral); void qbus_set_hotplug_handler(BusState *bus, DeviceState *handler, Error **errp); diff --git a/monitor.c b/monitor.c index fa00594fb7..f1031a1e34 100644 --- a/monitor.c +++ b/monitor.c @@ -4321,17 +4321,14 @@ void object_add_completion(ReadLineState *rs, int nb_args, const char *str) static void peripheral_device_del_completion(ReadLineState *rs, const char *str, size_t len) { - Object *peripheral; - GSList *list = NULL, *item; + Object *peripheral = container_get(qdev_get_machine(), "/peripheral"); + GSList *list, *item; - peripheral = object_resolve_path("/machine/peripheral/", NULL); - if (peripheral == NULL) { + list = qdev_build_hotpluggable_device_list(peripheral); + if (!list) { return; } - object_child_foreach(peripheral, qdev_build_hotpluggable_device_list, - &list); - for (item = list; item; item = g_slist_next(item)) { DeviceState *dev = item->data; -- cgit v1.2.1