On Tue, Feb 10, 2015 at 01:19:28PM -0500, John Snow wrote:
> diff --git a/hw/ide/ahci.c b/hw/ide/ahci.c
> index 56a4867..5a1973f 100644
> --- a/hw/ide/ahci.c
> +++ b/hw/ide/ahci.c
> @@ -1376,6 +1376,11 @@ static int ahci_state_post_load(void *opaque, int
> version_id)
> */
> if (ad->busy_slot == -1) {
> check_cmd(s, i);
> + } else {
> + /* We are in the middle of a command, and may need to access
> + * the command header in guest memory again. */
> + assert(ad->busy_slot >= 0 && ad->busy_slot < AHCI_MAX_CMDS);
> + ad->cur_cmd = &((AHCICmdHdr *)ad->lst)[ad->busy_slot];
> }Assertion failures call abort(3) and therefore cause core dumps, which is not a suitable way of rejecting invalid inputs. post_load() functions should return -1 on failure. Stefan
pgp6biXo3QOOx.pgp
Description: PGP signature
