From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from eggs.gnu.org ([2001:4830:134:3::10]:59541) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1XSGcA-0001Xy-Ex for qemu-devel@nongnu.org; Thu, 11 Sep 2014 22:29:39 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1XSGc5-0008B3-QA for qemu-devel@nongnu.org; Thu, 11 Sep 2014 22:29:34 -0400 Message-ID: <54125A84.6060503@redhat.com> Date: Thu, 11 Sep 2014 20:29:24 -0600 From: Eric Blake MIME-Version: 1.0 References: <1410477659-9163-1-git-send-email-mdroth@linux.vnet.ibm.com> <1410477659-9163-2-git-send-email-mdroth@linux.vnet.ibm.com> In-Reply-To: <1410477659-9163-2-git-send-email-mdroth@linux.vnet.ibm.com> Content-Type: multipart/signed; micalg=pgp-sha256; protocol="application/pgp-signature"; boundary="HvxTa5inEVo7L9CdeqDwLmp70ihBGeQSn" Subject: Re: [Qemu-devel] [PATCH 1/3] qapi: add visit_start_union and visit_end_union List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , To: Michael Roth , qemu-devel@nongnu.org Cc: pbonzini@redhat.com, lcapitulino@redhat.com, famz@redhat.com, qemu-stable@nongnu.org, armbru@redhat.com This is an OpenPGP/MIME signed message (RFC 4880 and 3156) --HvxTa5inEVo7L9CdeqDwLmp70ihBGeQSn Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: quoted-printable On 09/11/2014 05:20 PM, Michael Roth wrote: > In some cases an input visitor might bail out on filling out a > struct for various reasons, such as missing fields when running > in strict mode. In the case of a QAPI Union type, this may lead > to cases where the .kind field which encodes the union type > is uninitialized. Subsequently, other visitors, such as the > dealloc visitor, may use this .kind value as if it were > initialized, leading to assumptions about the union type which > in this case may lead to segfaults. For example, freeing an > integer value. >=20 > =20 > +bool visit_start_union(Visitor *v, bool data_present, Error **errp) > +{ > + if (v->start_union) { > + return v->start_union(v, data_present, errp); > + } > + return true; > +} Any rules on whether errp must be set if returning false, and must not be set if returning true? If so, do we need a bool return, or is errp sufficient? > +++ b/scripts/qapi-visit.py > @@ -357,6 +357,9 @@ void visit_type_%(name)s(Visitor *m, %(name)s **obj= , const char *name, Error **e > if (err) { > goto out_obj; > } > + if (!visit_start_union(m, !!(*obj)->data, &err)) { > + goto out_obj; > + } > switch ((*obj)->kind) { and if there aren't rules, then a visitor that sets err but still returns true would result in this code not exiting early, but passing an already-set error into the switch, which is probably not desirable. --=20 Eric Blake eblake redhat com +1-919-301-3266 Libvirt virtualization library http://libvirt.org --HvxTa5inEVo7L9CdeqDwLmp70ihBGeQSn Content-Type: application/pgp-signature; name="signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="signature.asc" -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 Comment: Public key at http://people.redhat.com/eblake/eblake.gpg iQEcBAEBCAAGBQJUElqEAAoJEKeha0olJ0NqLc8IAKYipc4CynCSoJ/fdVpr3It0 BzTT2ULhwLXxslx4vFdzwBqR5RPJ1k7mHr7FE9pGkf5qtr9jzklLr3ugjz6nkqGX C9Cye0agk7U3sUKChnk8ipR/VUk9NdqJTXn1x0vHM9yNdBOFY43QvkWKEroyZFC7 OylT4emiyvyll2nEc4jSl1AltuJ2Xf1JssByYO5chk9HDHgzKN6QlMY6xNSANECH iGM8FaPGoor/zcL6K2b6hoFeg++P/fDgpyTnMy2mkw6CwCVw4AFxckZbUyba2k9Z CY/HQwoMetxL3r4o9mFz4DcKCYLB+P4vLWMp8zoY9iu5xMFOVVKJ4+O9BE3fNX8= =zugg -----END PGP SIGNATURE----- --HvxTa5inEVo7L9CdeqDwLmp70ihBGeQSn--