From: Markus Armbruster <armbru@redhat.com>
To: Peter Maydell <peter.maydell@linaro.org>
Cc: Paolo Bonzini <pbonzini@redhat.com>,
QEMU Developers <qemu-devel@nongnu.org>
Subject: Re: [PULL 13/32] cpus: Fix configure_icount() error API violation
Date: Fri, 08 May 2020 08:58:05 +0200 [thread overview]
Message-ID: <87d07e29s2.fsf@dusky.pond.sub.org> (raw)
In-Reply-To: <CAFEAcA-CH=2zR2=PC4ss8WDQrRoo9Yr62b96+BoVh9uQay5qqg@mail.gmail.com> (Peter Maydell's message of "Thu, 7 May 2020 16:57:26 +0100")
Peter Maydell <peter.maydell@linaro.org> writes:
> On Wed, 29 Apr 2020 at 08:34, Markus Armbruster <armbru@redhat.com> wrote:
>>
>> The Error ** argument must be NULL, &error_abort, &error_fatal, or a
>> pointer to a variable containing NULL. Passing an argument of the
>> latter kind twice without clearing it in between is wrong: if the
>> first call sets an error, it no longer points to NULL for the second
>> call.
>>
>> configure_icount() is wrong that way. Harmless, because its @errp is
>> always &error_abort or &error_fatal.
>>
>> Just as wrong (and just as harmless): when it fails, it can still
>> update global state.
>
> Hi; Coverity complains about this change (CID 1428754):
>>
>> void configure_icount(QemuOpts *opts, Error **errp)
>> {
>> - const char *option;
>> + const char *option = qemu_opt_get(opts, "shift");
>> + bool sleep = qemu_opt_get_bool(opts, "sleep", true);
>> + bool align = qemu_opt_get_bool(opts, "align", false);
>> + long time_shift = -1;
>> char *rem_str = NULL;
>>
>> - option = qemu_opt_get(opts, "shift");
>> - if (!option) {
>> - if (qemu_opt_get(opts, "align") != NULL) {
>> - error_setg(errp, "Please specify shift option when using align");
>> - }
>> + if (!option && qemu_opt_get(opts, "align")) {
>> + error_setg(errp, "Please specify shift option when using align");
>> return;
>
> Previously, if option was NULL we would always take this early
> exit. Now we only take the exit if option is NULL and the
> qemu_opt_get() returns true, so in some cases execution
> can continue through the function with a NULL option...
>
>> }
>>
>> - icount_sleep = qemu_opt_get_bool(opts, "sleep", true);
>> + if (align && !sleep) {
>> + error_setg(errp, "align=on and sleep=off are incompatible");
>> + return;
>> + }
>> +
>> + if (strcmp(option, "auto") != 0) {
>
> ...but here we pass option to strcmp(), which is wrong if it
> can be NULL.
Right. I'll post a fix. Thank you!
next prev parent reply other threads:[~2020-05-08 6:58 UTC|newest]
Thread overview: 38+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-04-29 7:20 [PULL 00/32] Miscellaneous patches for 2020-04-29 Markus Armbruster
2020-04-29 7:20 ` [PULL 01/32] various: Remove suspicious '\' character outside of #define in C code Markus Armbruster
2020-04-29 7:20 ` [PULL 02/32] tests-qemu-opts: Cover has_help_option(), qemu_opt_has_help_opt() Markus Armbruster
2020-04-29 7:20 ` [PULL 03/32] qemu-options: Factor out get_opt_name_value() helper Markus Armbruster
2020-04-29 7:20 ` [PULL 04/32] qemu-option: Fix sloppy recognition of "id=..." after ", , " Markus Armbruster
2020-04-29 7:20 ` [PULL 05/32] qemu-option: Fix has_help_option()'s sloppy parsing Markus Armbruster
2020-04-29 7:20 ` [PULL 06/32] test-qemu-opts: Simplify test_has_help_option() after bug fix Markus Armbruster
2020-04-29 7:20 ` [PULL 07/32] qemu-option: Avoid has_help_option() in qemu_opts_parse_noisily() Markus Armbruster
2020-04-29 7:20 ` [PULL 08/32] qemu-img: Factor out accumulate_options() helper Markus Armbruster
2020-04-29 7:20 ` [PULL 09/32] qemu-img: Move is_valid_option_list() to qemu-img.c and rewrite Markus Armbruster
2020-04-29 7:20 ` [PULL 10/32] qemu-img: Reject broken -o "" Markus Armbruster
2020-04-29 7:20 ` [PULL 11/32] cryptodev: Fix cryptodev_builtin_cleanup() error API violation Markus Armbruster
2020-04-29 7:20 ` [PULL 12/32] block/file-posix: Fix check_cache_dropped() error handling Markus Armbruster
2020-04-29 9:22 ` Stefan Hajnoczi
2020-04-29 7:20 ` [PULL 13/32] cpus: Fix configure_icount() error API violation Markus Armbruster
2020-05-07 15:57 ` Peter Maydell
2020-05-08 6:58 ` Markus Armbruster [this message]
2020-04-29 7:20 ` [PULL 14/32] cpus: Proper range-checking for -icount shift=N Markus Armbruster
2020-04-29 7:20 ` [PULL 15/32] arm/virt: Fix virt_machine_device_plug_cb() error API violation Markus Armbruster
2020-04-29 7:20 ` [PULL 16/32] fdc: Fix fallback=auto error handling Markus Armbruster
2020-04-29 7:20 ` [PULL 17/32] bochs-display: Fix vgamem=SIZE " Markus Armbruster
2020-04-29 7:20 ` [PULL 18/32] virtio-net: Fix duplex=... and speed=... " Markus Armbruster
2020-04-29 7:20 ` [PULL 19/32] xen/pt: Fix flawed conversion to realize() Markus Armbruster
2020-04-29 7:20 ` [PULL 20/32] io: Fix qio_channel_socket_close() error handling Markus Armbruster
2020-04-29 7:20 ` [PULL 21/32] migration/colo: Fix qmp_xen_colo_do_checkpoint() " Markus Armbruster
2020-04-29 7:20 ` [PULL 22/32] tests/test-logging: Fix test for -dfilter 0..0xffffffffffffffff Markus Armbruster
2020-04-29 7:20 ` [PULL 23/32] qga: Fix qmp_guest_get_memory_blocks() error handling Markus Armbruster
2020-04-29 7:20 ` [PULL 24/32] qga: Fix qmp_guest_suspend_{disk, ram}() " Markus Armbruster
2020-04-29 7:20 ` [PULL 25/32] sam460ex: Suppress useless warning on -m 32 and -m 64 Markus Armbruster
2020-04-29 7:20 ` [PULL 26/32] smbus: Fix spd_data_generate() error API violation Markus Armbruster
2020-04-29 7:20 ` [PULL 27/32] bamboo, sam460ex: Tidy up error message for unsupported RAM size Markus Armbruster
2020-04-29 7:20 ` [PULL 28/32] smbus: Fix spd_data_generate() for number of banks > 2 Markus Armbruster
2020-04-29 7:20 ` [PULL 29/32] Makefile: Drop unused, broken target recurse-fuzz Markus Armbruster
2020-04-29 7:20 ` [PULL 30/32] fuzz: Simplify how we compute available machines and types Markus Armbruster
2020-04-29 7:20 ` [PULL 31/32] libqos: Give get_machine_allocator() internal linkage Markus Armbruster
2020-04-29 7:20 ` [PULL 32/32] qemu-option: pass NULL rather than 0 to the id of qemu_opts_set() Markus Armbruster
2020-04-29 8:54 ` [PULL 00/32] Miscellaneous patches for 2020-04-29 no-reply
2020-04-29 19:59 ` Peter Maydell
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=87d07e29s2.fsf@dusky.pond.sub.org \
--to=armbru@redhat.com \
--cc=pbonzini@redhat.com \
--cc=peter.maydell@linaro.org \
--cc=qemu-devel@nongnu.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.