[Qemu-devel] [PATCH] audio: Fix using freed pointer in wav_fini

qemu-devel.nongnu.org archive mirror
 help / color / mirror / Atom feed

* [Qemu-devel] [PATCH] audio: Fix using freed pointer in wav_fini_out
@ 2014-06-13  1:46 arei.gonglei
  2014-06-13  7:15 ` Markus Armbruster
  0 siblings, 1 reply; 7+ messages in thread
From: arei.gonglei @ 2014-06-13  1:46 UTC (permalink / raw)
  To: qemu-devel; +Cc: weidong.huang, luonengjun, Gonglei, kraxel, stefanha, pbonzini

From: Gonglei <arei.gonglei@huawei.com>

Spotted by Coverity:

(8) Event freed_arg:  "fclose(FILE *)" frees "wav->f".
(9) Event cond_true:  Condition "fclose(wav->f)", taking true branch
Also see events:  [pass_freed_arg]

212         if (fclose (wav->f))  {
(10) Event pass_freed_arg:  Passing freed pointer "wav->f" as an argument
to function "AUD_log(char const *, char const *, ...)".
Also see events:  [freed_arg]

213             dolog ("wav_fini_out: fclose %p failed\nReason: %s\n",
214                    wav->f, strerror (errno));

Drop the whole message, we can't do much when it happen after all.

Signed-off-by: Gonglei <arei.gonglei@huawei.com>
Reviewed-by: Paolo Bonzini <pbonzini@redhat.com>
Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com>
---
 audio/wavaudio.c | 5 +----
 1 file changed, 1 insertion(+), 4 deletions(-)

diff --git a/audio/wavaudio.c b/audio/wavaudio.c
index 6846a1a..b81fdf9 100644
--- a/audio/wavaudio.c
+++ b/audio/wavaudio.c
@@ -209,10 +209,7 @@ static void wav_fini_out (HWVoiceOut *hw)
     }
 
  doclose:
-    if (fclose (wav->f))  {
-        dolog ("wav_fini_out: fclose %p failed\nReason: %s\n",
-               wav->f, strerror (errno));
-    }
+    fclose(wav->f);
     wav->f = NULL;
 
     g_free (wav->pcm_buf);
-- 
1.7.12.4

^ permalink raw reply related	[flat|nested] 7+ messages in thread

* Re: [Qemu-devel] [PATCH] audio: Fix using freed pointer in wav_fini_out
  2014-06-13  1:46 [Qemu-devel] [PATCH] audio: Fix using freed pointer in wav_fini_out arei.gonglei
@ 2014-06-13  7:15 ` Markus Armbruster
  2014-06-13  7:23   ` Peter Maydell
  2014-06-13  7:47   ` Paolo Bonzini
  0 siblings, 2 replies; 7+ messages in thread
From: Markus Armbruster @ 2014-06-13  7:15 UTC (permalink / raw)
  To: arei.gonglei
  Cc: weidong.huang, luonengjun, qemu-devel, kraxel, stefanha, pbonzini

<arei.gonglei@huawei.com> writes:

> From: Gonglei <arei.gonglei@huawei.com>
>
> Spotted by Coverity:
>
> (8) Event freed_arg:  "fclose(FILE *)" frees "wav->f".
> (9) Event cond_true:  Condition "fclose(wav->f)", taking true branch
> Also see events:  [pass_freed_arg]
>
> 212         if (fclose (wav->f))  {
> (10) Event pass_freed_arg:  Passing freed pointer "wav->f" as an argument
> to function "AUD_log(char const *, char const *, ...)".
> Also see events:  [freed_arg]
>
> 213             dolog ("wav_fini_out: fclose %p failed\nReason: %s\n",
> 214                    wav->f, strerror (errno));

False positive, because dolog() doesn't dereference wav->f, it only
prints it.

> Drop the whole message, we can't do much when it happen after all.
>
> Signed-off-by: Gonglei <arei.gonglei@huawei.com>
> Reviewed-by: Paolo Bonzini <pbonzini@redhat.com>
> Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com>
> ---
>  audio/wavaudio.c | 5 +----
>  1 file changed, 1 insertion(+), 4 deletions(-)
>
> diff --git a/audio/wavaudio.c b/audio/wavaudio.c
> index 6846a1a..b81fdf9 100644
> --- a/audio/wavaudio.c
> +++ b/audio/wavaudio.c
> @@ -209,10 +209,7 @@ static void wav_fini_out (HWVoiceOut *hw)
>      }
>  
>   doclose:
> -    if (fclose (wav->f))  {
> -        dolog ("wav_fini_out: fclose %p failed\nReason: %s\n",
> -               wav->f, strerror (errno));
> -    }
> +    fclose(wav->f);
>      wav->f = NULL;
>  
>      g_free (wav->pcm_buf);

I'm afraid this is not an improvement.

Your patch makes the code ignore fclose() failure silently.  This is a
common mistake.  fclose() failure after write can mean data loss, and
the user certainly needs to know about that.

^ permalink raw reply	[flat|nested] 7+ messages in thread

* Re: [Qemu-devel] [PATCH] audio: Fix using freed pointer in wav_fini_out
  2014-06-13  7:15 ` Markus Armbruster
@ 2014-06-13  7:23   ` Peter Maydell
  2014-06-13  7:47   ` Paolo Bonzini
  1 sibling, 0 replies; 7+ messages in thread
From: Peter Maydell @ 2014-06-13  7:23 UTC (permalink / raw)
  To: Markus Armbruster
  Cc: weidong.huang, Luonengjun, QEMU Developers, Gonglei (Arei),
	Gerd Hoffmann, Stefan Hajnoczi, Paolo Bonzini

On 13 June 2014 08:15, Markus Armbruster <armbru@redhat.com> wrote:
> <arei.gonglei@huawei.com> writes:
>
>> From: Gonglei <arei.gonglei@huawei.com>
>>
>> Spotted by Coverity:
>>
>> (8) Event freed_arg:  "fclose(FILE *)" frees "wav->f".
>> (9) Event cond_true:  Condition "fclose(wav->f)", taking true branch
>> Also see events:  [pass_freed_arg]
>>
>> 212         if (fclose (wav->f))  {
>> (10) Event pass_freed_arg:  Passing freed pointer "wav->f" as an argument
>> to function "AUD_log(char const *, char const *, ...)".
>> Also see events:  [freed_arg]
>>
>> 213             dolog ("wav_fini_out: fclose %p failed\nReason: %s\n",
>> 214                    wav->f, strerror (errno));
>
> False positive, because dolog() doesn't dereference wav->f, it only
> prints it.

Yep, I pointed that out last time around...

thanks
-- PMM

^ permalink raw reply	[flat|nested] 7+ messages in thread

* Re: [Qemu-devel] [PATCH] audio: Fix using freed pointer in wav_fini_out
  2014-06-13  7:15 ` Markus Armbruster
  2014-06-13  7:23   ` Peter Maydell
@ 2014-06-13  7:47   ` Paolo Bonzini
  2014-06-13  7:59     ` Gerd Hoffmann
  1 sibling, 1 reply; 7+ messages in thread
From: Paolo Bonzini @ 2014-06-13  7:47 UTC (permalink / raw)
  To: Markus Armbruster, arei.gonglei
  Cc: luonengjun, weidong.huang, qemu-devel, stefanha, kraxel

Il 13/06/2014 09:15, Markus Armbruster ha scritto:
> I'm afraid this is not an improvement.
>
> Your patch makes the code ignore fclose() failure silently.  This is a
> common mistake.  fclose() failure after write can mean data loss, and
> the user certainly needs to know about that.

If you want that, the best solution is to first fflush() and then 
fclose().  Then you're sure that the fclose() doesn't cause data loss 
and you can safely ignore its result (it shouldn't fail).

Paolo

^ permalink raw reply	[flat|nested] 7+ messages in thread

* Re: [Qemu-devel] [PATCH] audio: Fix using freed pointer in wav_fini_out
  2014-06-13  7:47   ` Paolo Bonzini
@ 2014-06-13  7:59     ` Gerd Hoffmann
  2014-06-13  8:18       ` Paolo Bonzini
  0 siblings, 1 reply; 7+ messages in thread
From: Gerd Hoffmann @ 2014-06-13  7:59 UTC (permalink / raw)
  To: Paolo Bonzini
  Cc: weidong.huang, luonengjun, Markus Armbruster, qemu-devel,
	arei.gonglei, stefanha

On Fr, 2014-06-13 at 09:47 +0200, Paolo Bonzini wrote:
> Il 13/06/2014 09:15, Markus Armbruster ha scritto:
> > I'm afraid this is not an improvement.
> >
> > Your patch makes the code ignore fclose() failure silently.  This is a
> > common mistake.  fclose() failure after write can mean data loss, and
> > the user certainly needs to know about that.
> 
> If you want that, the best solution is to first fflush() and then 
> fclose().

Agree.  If you really care you'll go flush/sync before close, so you
still have a valid file handle when you see the failure.

Question is do we really need that here?  This isn't your virtual disk,
it's just a few audio samples which might get lost ...

cheers,
  Gerd

^ permalink raw reply	[flat|nested] 7+ messages in thread

* Re: [Qemu-devel] [PATCH] audio: Fix using freed pointer in wav_fini_out
  2014-06-13  7:59     ` Gerd Hoffmann
@ 2014-06-13  8:18       ` Paolo Bonzini
  2014-06-13  8:32         ` Gonglei (Arei)
  0 siblings, 1 reply; 7+ messages in thread
From: Paolo Bonzini @ 2014-06-13  8:18 UTC (permalink / raw)
  To: Gerd Hoffmann
  Cc: weidong.huang, luonengjun, Markus Armbruster, qemu-devel,
	arei.gonglei, stefanha

Il 13/06/2014 09:59, Gerd Hoffmann ha scritto:
> On Fr, 2014-06-13 at 09:47 +0200, Paolo Bonzini wrote:
>> Il 13/06/2014 09:15, Markus Armbruster ha scritto:
>>> I'm afraid this is not an improvement.
>>>
>>> Your patch makes the code ignore fclose() failure silently.  This is a
>>> common mistake.  fclose() failure after write can mean data loss, and
>>> the user certainly needs to know about that.
>>
>> If you want that, the best solution is to first fflush() and then
>> fclose().
>
> Agree.  If you really care you'll go flush/sync before close, so you
> still have a valid file handle when you see the failure.
>
> Question is do we really need that here?  This isn't your virtual disk,
> it's just a few audio samples which might get lost ...

I think sticking to fflush+fclose is a good idea anyway, if only for 
discipline.  If Gonglei wants to do that, why not. :)

Otherwise, it's easy to mark the bug as intentional in Coverity.

Paolo

^ permalink raw reply	[flat|nested] 7+ messages in thread

* Re: [Qemu-devel] [PATCH] audio: Fix using freed pointer in wav_fini_out
  2014-06-13  8:18       ` Paolo Bonzini
@ 2014-06-13  8:32         ` Gonglei (Arei)
  0 siblings, 0 replies; 7+ messages in thread
From: Gonglei (Arei) @ 2014-06-13  8:32 UTC (permalink / raw)
  To: Paolo Bonzini, Gerd Hoffmann
  Cc: Luonengjun, Huangweidong (C), Markus Armbruster,
	stefanha@redhat.com, qemu-devel@nongnu.org

Hi,

> -----Original Message-----
> From: Paolo Bonzini [mailto:pbonzini@redhat.com]
> Sent: Friday, June 13, 2014 4:18 PM
> To: Gerd Hoffmann
> Cc: Markus Armbruster; Gonglei (Arei); qemu-devel@nongnu.org;
> Huangweidong (C); Luonengjun; stefanha@redhat.com
> Subject: Re: [Qemu-devel] [PATCH] audio: Fix using freed pointer in wav_fini_out
> 
> Il 13/06/2014 09:59, Gerd Hoffmann ha scritto:
> > On Fr, 2014-06-13 at 09:47 +0200, Paolo Bonzini wrote:
> >> Il 13/06/2014 09:15, Markus Armbruster ha scritto:
> >>> I'm afraid this is not an improvement.
> >>>
> >>> Your patch makes the code ignore fclose() failure silently.  This is a
> >>> common mistake.  fclose() failure after write can mean data loss, and
> >>> the user certainly needs to know about that.
> >>
> >> If you want that, the best solution is to first fflush() and then
> >> fclose().
> >
> > Agree.  If you really care you'll go flush/sync before close, so you
> > still have a valid file handle when you see the failure.
> >
> > Question is do we really need that here?  This isn't your virtual disk,
> > it's just a few audio samples which might get lost ...
> 
> I think sticking to fflush+fclose is a good idea anyway, if only for
> discipline.  If Gonglei wants to do that, why not. :)
> 
> Otherwise, it's easy to mark the bug as intentional in Coverity.
> 
> Paolo

Thanks, you guys. 

Actually I search the whole qemu project before I post the patch,
and I find most module are just simply close the file handle, 
so I follow them.

For this issue, if you think we should stick to flush+fclose is a good idea,
I'd like to post another patch. I'm fine. Thanks.


Best regards,
-Gonglei

^ permalink raw reply	[flat|nested] 7+ messages in thread

end of thread, other threads:[~2014-06-13  8:34 UTC | newest]

Thread overview: 7+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2014-06-13  1:46 [Qemu-devel] [PATCH] audio: Fix using freed pointer in wav_fini_out arei.gonglei
2014-06-13  7:15 ` Markus Armbruster
2014-06-13  7:23   ` Peter Maydell
2014-06-13  7:47   ` Paolo Bonzini
2014-06-13  7:59     ` Gerd Hoffmann
2014-06-13  8:18       ` Paolo Bonzini
2014-06-13  8:32         ` Gonglei (Arei)

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).