[PATCH 0/2] chardev: fixes for recent record/replay on muxed

[PATCH 0/2] chardev: fixes for recent record/replay on muxed

[Nicholas Piggin]

Fix a couple of issues that Peter found with recent record/replay
fix for muxed device.

Thanks,
Nick

Nicholas Piggin (2):
  chardev: Fix record/replay error path NULL deref in device creation
  chardev: Remove __-prefixed names

 chardev/char.c | 22 ++++++++++++----------
 1 file changed, 12 insertions(+), 10 deletions(-)

-- 
2.45.2

[PATCH 1/2] chardev: Fix record/replay error path NULL deref in device creation

[Nicholas Piggin]

qemu_chardev_set_replay() was being called in chardev creation to
set up replay parameters even if the chardev is NULL.

A segfault can be reproduced by specifying '-serial chardev:bad' with
an rr=record mode.

Fix this with a NULL pointer check.

Reported-by: Peter Maydell <peter.maydell@linaro.org>
Resolves: Coverity CID 1559470
Fixes: 4c193bb129dae ("chardev: set record/replay on the base device of a muxed device")
Signed-off-by: Nicholas Piggin <npiggin@gmail.com>
---
 chardev/char.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/chardev/char.c b/chardev/char.c
index ba847b6e9e..47a744ebeb 100644
--- a/chardev/char.c
+++ b/chardev/char.c
@@ -721,7 +721,7 @@ static Chardev *__qemu_chr_new(const char *label, const char *filename,
 
     if (strstart(filename, "chardev:", &p)) {
         chr = qemu_chr_find(p);
-        if (replay) {
+        if (replay && chr) {
             qemu_chardev_set_replay(chr, &err);
             if (err) {
                 error_report_err(err);
-- 
2.45.2

[PATCH 2/2] chardev: Remove __-prefixed names

[Nicholas Piggin]

Peter points out double underscore prefix names tend to be reserved
for the system. Clean these up.

Suggested-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Nicholas Piggin <npiggin@gmail.com>
---
 chardev/char.c | 20 +++++++++++---------
 1 file changed, 11 insertions(+), 9 deletions(-)

diff --git a/chardev/char.c b/chardev/char.c
index 47a744ebeb..46d4798e4e 100644
--- a/chardev/char.c
+++ b/chardev/char.c
@@ -628,8 +628,8 @@ static void qemu_chardev_set_replay(Chardev *chr, Error **errp)
     }
 }
 
-static Chardev *__qemu_chr_new_from_opts(QemuOpts *opts, GMainContext *context,
-                                         bool replay, Error **errp)
+static Chardev *do_qemu_chr_new_from_opts(QemuOpts *opts, GMainContext *context,
+                                          bool replay, Error **errp)
 {
     const ChardevClass *cc;
     Chardev *base = NULL, *chr = NULL;
@@ -707,12 +707,12 @@ Chardev *qemu_chr_new_from_opts(QemuOpts *opts, GMainContext *context,
                                 Error **errp)
 {
     /* XXX: should this really not record/replay? */
-    return __qemu_chr_new_from_opts(opts, context, false, errp);
+    return do_qemu_chr_new_from_opts(opts, context, false, errp);
 }
 
-static Chardev *__qemu_chr_new(const char *label, const char *filename,
-                               bool permit_mux_mon, GMainContext *context,
-                               bool replay)
+static Chardev *qemu_chr_new_from_name(const char *label, const char *filename,
+                                       bool permit_mux_mon,
+                                       GMainContext *context, bool replay)
 {
     const char *p;
     Chardev *chr;
@@ -735,7 +735,7 @@ static Chardev *__qemu_chr_new(const char *label, const char *filename,
     if (!opts)
         return NULL;
 
-    chr = __qemu_chr_new_from_opts(opts, context, replay, &err);
+    chr = do_qemu_chr_new_from_opts(opts, context, replay, &err);
     if (!chr) {
         error_report_err(err);
         goto out;
@@ -760,7 +760,8 @@ out:
 Chardev *qemu_chr_new_noreplay(const char *label, const char *filename,
                                bool permit_mux_mon, GMainContext *context)
 {
-    return __qemu_chr_new(label, filename, permit_mux_mon, context, false);
+    return qemu_chr_new_from_name(label, filename, permit_mux_mon, context,
+                                  false);
 }
 
 static Chardev *qemu_chr_new_permit_mux_mon(const char *label,
@@ -768,7 +769,8 @@ static Chardev *qemu_chr_new_permit_mux_mon(const char *label,
                                           bool permit_mux_mon,
                                           GMainContext *context)
 {
-    return __qemu_chr_new(label, filename, permit_mux_mon, context, true);
+    return qemu_chr_new_from_name(label, filename, permit_mux_mon, context,
+                                  true);
 }
 
 Chardev *qemu_chr_new(const char *label, const char *filename,
-- 
2.45.2

Re: [PATCH 0/2] chardev: fixes for recent record/replay on muxed

[Marc-André Lureau]

[-- Attachment #1: Type: text/plain, Size: 574 bytes --]

Hi

On Wed, Aug 28, 2024 at 8:34 AM Nicholas Piggin <npiggin@gmail.com> wrote:

> Fix a couple of issues that Peter found with recent record/replay
> fix for muxed device.
>
> Thanks,
> Nick
>
> Nicholas Piggin (2):
>   chardev: Fix record/replay error path NULL deref in device creation
>   chardev: Remove __-prefixed names
>
>  chardev/char.c | 22 ++++++++++++----------
>  1 file changed, 12 insertions(+), 10 deletions(-)
>
> --
> 2.45.2
>
>
>
Series,
Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com>


-- 
Marc-André Lureau

[-- Attachment #2: Type: text/html, Size: 1108 bytes --]

Re: [PATCH 1/2] chardev: Fix record/replay error path NULL deref in device creation

[Peter Maydell]

On Wed, 28 Aug 2024 at 05:33, Nicholas Piggin <npiggin@gmail.com> wrote:
>
> qemu_chardev_set_replay() was being called in chardev creation to
> set up replay parameters even if the chardev is NULL.
>
> A segfault can be reproduced by specifying '-serial chardev:bad' with
> an rr=record mode.
>
> Fix this with a NULL pointer check.
>
> Reported-by: Peter Maydell <peter.maydell@linaro.org>
> Resolves: Coverity CID 1559470
> Fixes: 4c193bb129dae ("chardev: set record/replay on the base device of a muxed device")
> Signed-off-by: Nicholas Piggin <npiggin@gmail.com>
> ---
>  chardev/char.c | 2 +-
>  1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/chardev/char.c b/chardev/char.c
> index ba847b6e9e..47a744ebeb 100644
> --- a/chardev/char.c
> +++ b/chardev/char.c
> @@ -721,7 +721,7 @@ static Chardev *__qemu_chr_new(const char *label, const char *filename,
>
>      if (strstart(filename, "chardev:", &p)) {
>          chr = qemu_chr_find(p);
> -        if (replay) {
> +        if (replay && chr) {
>              qemu_chardev_set_replay(chr, &err);
>              if (err) {
>                  error_report_err(err);
> --

Reviewed-by: Peter Maydell <peter.maydell@linaro.org>

thanks
-- PMM

Re: [PATCH 2/2] chardev: Remove __-prefixed names

[Peter Maydell]

On Wed, 28 Aug 2024 at 05:33, Nicholas Piggin <npiggin@gmail.com> wrote:
>
> Peter points out double underscore prefix names tend to be reserved
> for the system. Clean these up.
>
> Suggested-by: Peter Maydell <peter.maydell@linaro.org>
> Signed-off-by: Nicholas Piggin <npiggin@gmail.com>
> ---
>  chardev/char.c | 20 +++++++++++---------
>  1 file changed, 11 insertions(+), 9 deletions(-)

Reviewed-by: Peter Maydell <peter.maydell@linaro.org>

thanks
-- PMM

Re: [PATCH 0/2] chardev: fixes for recent record/replay on muxed

[Nicholas Piggin]

On Wed Aug 28, 2024 at 2:33 PM AEST, Nicholas Piggin wrote:
> Fix a couple of issues that Peter found with recent record/replay
> fix for muxed device.

Hi,

I've just realised these never got merged. Sorry for losing track of
them, I was on vacation when doing them and things got a bit neglected.
Looks like I forgot to cc you, Marc-Andre.

Thanks,
Nick