mon_get_cpu_env() is indirectly called monitor_parse_arguments() where
the current monitor isn't set yet. Instead of using monitor_cur_env(),
explicitly pass the Monitor pointer to the function.
Without this fix, an HMP command like "x $pc" crashes like this:
#0 0x0000555555caa01f in mon_get_cpu_sync (mon=0x0, synchronize=true) at ../monitor/misc.c:270
#1 0x0000555555caa141 in mon_get_cpu (mon=0x0) at ../monitor/misc.c:294
#2 0x0000555555caa158 in mon_get_cpu_env () at ../monitor/misc.c:299
#3 0x0000555555b19739 in monitor_get_pc (mon=0x555556ad2de0, md=0x5555565d2d40 <monitor_defs+1152>, val=0) at ../target/i386/monitor.c:607
#4 0x0000555555cadbec in get_monitor_def (mon=0x555556ad2de0, pval=0x7fffffffc208, name=0x7fffffffc220 "pc") at ../monitor/misc.c:1681
#5 0x000055555582ec4f in expr_unary (mon=0x555556ad2de0) at ../monitor/hmp.c:387
#6 0x000055555582edbb in expr_prod (mon=0x555556ad2de0) at ../monitor/hmp.c:421
#7 0x000055555582ee79 in expr_logic (mon=0x555556ad2de0) at ../monitor/hmp.c:455
#8 0x000055555582eefe in expr_sum (mon=0x555556ad2de0) at ../monitor/hmp.c:484
#9 0x000055555582efe8 in get_expr (mon=0x555556ad2de0, pval=0x7fffffffc418, pp=0x7fffffffc408) at ../monitor/hmp.c:511
#10 0x000055555582fcd4 in monitor_parse_arguments (mon=0x555556ad2de0, endp=0x7fffffffc890, cmd=0x555556675b50 <hmp_cmds+7920>) at ../monitor/hmp.c:876
#11 0x00005555558306a8 in handle_hmp_command (mon=0x555556ad2de0, cmdline=0x555556ada452 "$pc") at ../monitor/hmp.c:1087
#12 0x000055555582df14 in monitor_command_cb (opaque=0x555556ad2de0, cmdline=0x555556ada450 "x $pc", readline_opaque=0x0) at ../monitor/hmp.c:47
After this fix, nothing is left in monitor_parse_arguments() that can
indirectly call monitor_cur(), so the fix is complete.
Fixes: ff04108a0e36e822519c517bd3bddbc1c7747c18
Reported-by: lichun <lichun@ruijie.com.cn>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Message-Id: <
20201113114326.97663-4-kwolf@redhat.com>
Reviewed-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
Signed-off-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
const MonitorDef *target_monitor_defs(void);
int target_get_monitor_def(CPUState *cs, const char *name, uint64_t *pval);
-CPUArchState *mon_get_cpu_env(void);
+CPUArchState *mon_get_cpu_env(Monitor *mon);
CPUState *mon_get_cpu(Monitor *mon);
void hmp_info_mem(Monitor *mon, const QDict *qdict);
return mon_get_cpu_sync(mon, true);
}
-CPUArchState *mon_get_cpu_env(void)
+CPUArchState *mon_get_cpu_env(Monitor *mon)
{
- CPUState *cs = mon_get_cpu(monitor_cur());
+ CPUState *cs = mon_get_cpu(mon);
return cs ? cs->env_ptr : NULL;
}
if (md->get_value) {
*pval = md->get_value(mon, md, md->offset);
} else {
- CPUArchState *env = mon_get_cpu_env();
+ CPUArchState *env = mon_get_cpu_env(mon);
ptr = (uint8_t *)env + md->offset;
switch(md->type) {
case MD_I32:
{
CPUArchState *env;
- env = mon_get_cpu_env();
+ env = mon_get_cpu_env(mon);
if (!env) {
monitor_printf(mon, "No CPU available\n");
return;
{
CPUArchState *env;
- env = mon_get_cpu_env();
+ env = mon_get_cpu_env(mon);
if (!env) {
monitor_printf(mon, "No CPU available\n");
return;
static target_long monitor_get_pc(Monitor *mon, const struct MonitorDef *md,
int val)
{
- CPUArchState *env = mon_get_cpu_env();
+ CPUArchState *env = mon_get_cpu_env(mon);
return env->eip + env->segs[R_CS].base;
}
void hmp_info_tlb(Monitor *mon, const QDict *qdict)
{
- CPUArchState *env1 = mon_get_cpu_env();
+ CPUArchState *env1 = mon_get_cpu_env(mon);
if (!env1) {
monitor_printf(mon, "No CPU available\n");
void hmp_info_tlb(Monitor *mon, const QDict *qdict)
{
- CPUArchState *env1 = mon_get_cpu_env();
+ CPUArchState *env1 = mon_get_cpu_env(mon);
dump_mmu(env1);
}
static target_long monitor_get_ccr(Monitor *mon, const struct MonitorDef *md,
int val)
{
- CPUArchState *env = mon_get_cpu_env();
+ CPUArchState *env = mon_get_cpu_env(mon);
unsigned int u;
int i;
static target_long monitor_get_decr(Monitor *mon, const struct MonitorDef *md,
int val)
{
- CPUArchState *env = mon_get_cpu_env();
+ CPUArchState *env = mon_get_cpu_env(mon);
return cpu_ppc_load_decr(env);
}
static target_long monitor_get_tbu(Monitor *mon, const struct MonitorDef *md,
int val)
{
- CPUArchState *env = mon_get_cpu_env();
+ CPUArchState *env = mon_get_cpu_env(mon);
return cpu_ppc_load_tbu(env);
}
static target_long monitor_get_tbl(Monitor *mon, const struct MonitorDef *md,
int val)
{
- CPUArchState *env = mon_get_cpu_env();
+ CPUArchState *env = mon_get_cpu_env(mon);
return cpu_ppc_load_tbl(env);
}
void hmp_info_tlb(Monitor *mon, const QDict *qdict)
{
- CPUArchState *env1 = mon_get_cpu_env();
+ CPUArchState *env1 = mon_get_cpu_env(mon);
if (!env1) {
monitor_printf(mon, "No CPU available\n");
{
CPUArchState *env;
- env = mon_get_cpu_env();
+ env = mon_get_cpu_env(mon);
if (!env) {
monitor_printf(mon, "No CPU available\n");
return;
void hmp_info_tlb(Monitor *mon, const QDict *qdict)
{
- CPUArchState *env = mon_get_cpu_env();
+ CPUArchState *env = mon_get_cpu_env(mon);
int i;
if (!env) {
void hmp_info_tlb(Monitor *mon, const QDict *qdict)
{
- CPUArchState *env1 = mon_get_cpu_env();
+ CPUArchState *env1 = mon_get_cpu_env(mon);
if (!env1) {
monitor_printf(mon, "No CPU available\n");
static target_long monitor_get_psr(Monitor *mon, const struct MonitorDef *md,
int val)
{
- CPUArchState *env = mon_get_cpu_env();
+ CPUArchState *env = mon_get_cpu_env(mon);
return cpu_get_psr(env);
}
static target_long monitor_get_reg(Monitor *mon, const struct MonitorDef *md,
int val)
{
- CPUArchState *env = mon_get_cpu_env();
+ CPUArchState *env = mon_get_cpu_env(mon);
return env->regwptr[val];
}
void hmp_info_tlb(Monitor *mon, const QDict *qdict)
{
- CPUArchState *env1 = mon_get_cpu_env();
+ CPUArchState *env1 = mon_get_cpu_env(mon);
if (!env1) {
monitor_printf(mon, "No CPU available\n");
projects / mirror_qemu.git / commitdiff