On 4/8/19 5:30 PM, Markus Armbruster wrote:
> drive_new() returns null without setting an error when it provided
> help. add_init_drive() assumes null means failure, and crashes trying
> to report a null error.
>
> Fixes: c4f26c9f37ce511e5fe629c21c180dc6eb7c5a25
> Cc: qemu-sta...@nongnu.org
> Signed-off-by: Markus Armbruster <arm...@redhat.com>
Reviewed-by: Philippe Mathieu-Daudé <phi...@redhat.com>
Tested-by: Philippe Mathieu-Daudé <phi...@redhat.com>
> ---
> v2: Make tests/test-hmp.c cover the bug
>
> device-hotplug.c | 2 +-
> tests/test-hmp.c | 1 +
> 2 files changed, 2 insertions(+), 1 deletion(-)
>
> diff --git a/device-hotplug.c b/device-hotplug.c
> index 6090d5f1e9..6153259d71 100644
> --- a/device-hotplug.c
> +++ b/device-hotplug.c
> @@ -48,7 +48,7 @@ static DriveInfo *add_init_drive(const char *optstr)
>
> mc = MACHINE_GET_CLASS(current_machine);
> dinfo = drive_new(opts, mc->block_default_type, &err);
> - if (!dinfo) {
> + if (err) {
> error_report_err(err);
> qemu_opts_del(opts);
> return NULL;
> diff --git a/tests/test-hmp.c b/tests/test-hmp.c
> index 8c49d2fdf1..54a01824dc 100644
> --- a/tests/test-hmp.c
> +++ b/tests/test-hmp.c
> @@ -31,6 +31,7 @@ static const char *hmp_cmds[] = {
> "cpu 0",
> "device_add ?",
> "device_add usb-mouse,id=mouse1",
> + "drive_add ignored format=help",
> "mouse_button 7",
> "mouse_move 10 10",
> "mouse_button 0",
>
