From 5237debb8b3955ac096d2d144360b45605d8827c Mon Sep 17 00:00:00 2001
From: Paul Neumann <paul104x@yahoo.de>
Date: Mon, 13 Aug 2012 18:11:25 +0100
Subject: [PATCH] kvm tools: Fix segfault on "lkvm run"

The segfault is triggered by just running "lkvm run". On my system, it
does not find any kernel, so kvm_cmd_run_init() returns EINVAL which
fails the (r < 0) check in kvm_cmd_run().  Since kvm_cmd_run_init() does
not get to initialize the cpus, kvm_cpus gets mistakenly dereferenced in
kvm_cmd_run_work().

The errors from kvm_cmd_run_init() are not handled properly as they are
returned as positive values.

Acked-by: Asias He <asias.hejun@gmail.com>
Signed-off-by: Paul Neumann <paul104x@yahoo.de>
Signed-off-by: Pekka Enberg <penberg@kernel.org>
---
 tools/kvm/builtin-run.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/tools/kvm/builtin-run.c b/tools/kvm/builtin-run.c
index 9e5c1d4aaca7..40e147ecefee 100644
--- a/tools/kvm/builtin-run.c
+++ b/tools/kvm/builtin-run.c
@@ -953,7 +953,7 @@ static int kvm_cmd_run_init(int argc, const char **argv)
 				fprintf(stderr, "Cannot handle parameter: "
 						"%s\n", argv[0]);
 				usage_with_options(run_usage, options);
-				return EINVAL;
+				return -EINVAL;
 			}
 			if (kvm_run_wrapper == KVM_RUN_SANDBOX) {
 				/*
@@ -980,7 +980,7 @@ static int kvm_cmd_run_init(int argc, const char **argv)
 
 	if (!kernel_filename) {
 		kernel_usage_with_options();
-		return EINVAL;
+		return -EINVAL;
 	}
 
 	vmlinux_filename = find_vmlinux();
-- 
2.39.5