[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Qemu-commits] [qemu/qemu] ed4e0d: chardev/tcp: Fix error message double
|
From: |
Peter Maydell |
|
Subject: |
[Qemu-commits] [qemu/qemu] ed4e0d: chardev/tcp: Fix error message double free error |
|
Date: |
Thu, 02 Jul 2020 09:15:29 -0700 |
Branch: refs/heads/master
Home: https://github.com/qemu/qemu
Commit: ed4e0d2ef140aef255d67eec30767e5fcd949f58
https://github.com/qemu/qemu/commit/ed4e0d2ef140aef255d67eec30767e5fcd949f58
Author: lichun <lichun@ruijie.com.cn>
Date: 2020-07-02 (Thu, 02 Jul 2020)
Changed paths:
M chardev/char-socket.c
Log Message:
-----------
chardev/tcp: Fix error message double free error
Errors are already freed by error_report_err, so we only need to call
error_free when that function is not called.
Cc: qemu-stable@nongnu.org
Signed-off-by: lichun <lichun@ruijie.com.cn>
Message-Id: <20200621213017.17978-1-lichun@ruijie.com.cn>
Reviewed-by: Markus Armbruster <armbru@redhat.com>
[Commit message improved, cc: qemu-stable]
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Commit: 590090b4e6aa8df53c20792ce20c8684b83c51a9
https://github.com/qemu/qemu/commit/590090b4e6aa8df53c20792ce20c8684b83c51a9
Author: Peter Maydell <peter.maydell@linaro.org>
Date: 2020-07-02 (Thu, 02 Jul 2020)
Changed paths:
M hw/virtio/virtio-iommu-pci.c
Log Message:
-----------
hw/virtio/virtio-iommu-pci.c: Fix typo in error message
Fix a typo in an error message in virtio_iommu_pci_realize():
"Check you machine" should be "Check your machine".
Reported-by: Markus Armbruster <armbru@redhat.com>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Message-Id: <20200625100811.12690-1-peter.maydell@linaro.org>
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Reviewed-by: Eric Auger <eric.auger@redhat.com>
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Commit: ca72efccbe33373810341a0d8a10f5698b8fbc87
https://github.com/qemu/qemu/commit/ca72efccbe33373810341a0d8a10f5698b8fbc87
Author: Markus Armbruster <armbru@redhat.com>
Date: 2020-07-02 (Thu, 02 Jul 2020)
Changed paths:
M hw/net/virtio-net.c
Log Message:
-----------
net/virtio: Fix failover_replug_primary() return value regression
Commit 150ab54aa6 "net/virtio: fix re-plugging of primary device"
fixed failover_replug_primary() to return false on failure. Commit
5a0948d36c "net/virtio: Fix failover error handling crash bugs" broke
it again for hotplug_handler_plug() failure. Unbreak it.
Commit 5a0948d36c4cbc1c5534afac6fee99de55245d12
Fixes: 5a0948d36c4cbc1c5534afac6fee99de55245d12
Cc: Jens Freimann <jfreimann@redhat.com>
Cc: Michael S. Tsirkin <mst@redhat.com>
Cc: qemu-stable@nongnu.org
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Jens Freimann <jfreimann@redhat.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Message-Id: <20200630090351.1247703-2-armbru@redhat.com>
Commit: 5a79d10c953c9eebc69e4ad7c18cd8476782cf6f
https://github.com/qemu/qemu/commit/5a79d10c953c9eebc69e4ad7c18cd8476782cf6f
Author: Markus Armbruster <armbru@redhat.com>
Date: 2020-07-02 (Thu, 02 Jul 2020)
Changed paths:
M hw/pci/pci.c
Log Message:
-----------
pci: Delete useless error_propagate()
Cc: Jens Freimann <jfreimann@redhat.com>
Cc: Michael S. Tsirkin <mst@redhat.com>
Cc: Marcel Apfelbaum <marcel.apfelbaum@gmail.com>
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Jens Freimann <jfreimann@redhat.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Message-Id: <20200630090351.1247703-3-armbru@redhat.com>
Commit: 9261ef5e32b0559642ccb70565836e1bc023937e
https://github.com/qemu/qemu/commit/9261ef5e32b0559642ccb70565836e1bc023937e
Author: Markus Armbruster <armbru@redhat.com>
Date: 2020-07-02 (Thu, 02 Jul 2020)
Changed paths:
M chardev/char-socket.c
M hw/9pfs/9p.c
M hw/arm/virt.c
M hw/ppc/spapr_drc.c
M ui/vnc.c
Log Message:
-----------
Clean up some calls to ignore Error objects the right way
Receiving the error in a local variable only to free it is less clear
(and also less efficient) than passing NULL. Clean up.
Cc: Daniel P. Berrange <berrange@redhat.com>
Cc: Jerome Forissier <jerome@forissier.org>
CC: Greg Kurz <groug@kaod.org>
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Greg Kurz <groug@kaod.org>
Message-Id: <20200630090351.1247703-4-armbru@redhat.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
Commit: d8da9e71b6c79c2899c08bb168cd0ae88da70596
https://github.com/qemu/qemu/commit/d8da9e71b6c79c2899c08bb168cd0ae88da70596
Author: Markus Armbruster <armbru@redhat.com>
Date: 2020-07-02 (Thu, 02 Jul 2020)
Changed paths:
M tests/check-qobject.c
M tests/check-qom-proplist.c
M tests/test-logging.c
M tests/test-qemu-opts.c
M tests/test-replication.c
M tests/test-string-input-visitor.c
M tests/test-string-output-visitor.c
Log Message:
-----------
tests: Use &error_abort where appropriate
Receiving the error in a local variable only to assert there is none
is less clear than passing &error_abort. Clean up.
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Thomas Huth <thuth@redhat.com>
Message-Id: <20200630090351.1247703-5-armbru@redhat.com>
Commit: 7b8eb7f848fdd808dbd01f6aa7ae42fd8c64e4b4
https://github.com/qemu/qemu/commit/7b8eb7f848fdd808dbd01f6aa7ae42fd8c64e4b4
Author: Markus Armbruster <armbru@redhat.com>
Date: 2020-07-02 (Thu, 02 Jul 2020)
Changed paths:
M tests/check-block-qdict.c
M tests/check-qom-proplist.c
M tests/test-base64.c
M tests/test-bdrv-graph-mod.c
M tests/test-block-iothread.c
M tests/test-crypto-cipher.c
M tests/test-io-task.c
Log Message:
-----------
tests: Use error_free_or_abort() where appropriate
Replace
g_assert(err != NULL);
error_free(err);
err = NULL;
and variations thereof by
error_free_or_abort(&err);
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Message-Id: <20200630090351.1247703-6-armbru@redhat.com>
Commit: 562a558647be6fe43e60f8bf3601e5b6122c0599
https://github.com/qemu/qemu/commit/562a558647be6fe43e60f8bf3601e5b6122c0599
Author: Markus Armbruster <armbru@redhat.com>
Date: 2020-07-02 (Thu, 02 Jul 2020)
Changed paths:
M hw/usb/dev-mtp.c
Log Message:
-----------
usb/dev-mtp: Fix Error double free after inotify failure
error_report_err() frees its first argument. Freeing it again is
wrong. Don't.
Fixes: 47287c27d0c367a89f7b2851e23a7f8b2d499dd6
Cc: Gerd Hoffmann <kraxel@redhat.com>
Cc: Daniel P. Berrangé <berrange@redhat.com>
Cc: qemu-stable@nongnu.org
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Message-Id: <20200630090351.1247703-7-armbru@redhat.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
Commit: 14963c34b9901abee6cc91d1831841b2c20511c3
https://github.com/qemu/qemu/commit/14963c34b9901abee6cc91d1831841b2c20511c3
Author: Markus Armbruster <armbru@redhat.com>
Date: 2020-07-02 (Thu, 02 Jul 2020)
Changed paths:
M hw/ppc/spapr.c
Log Message:
-----------
spapr: Plug minor memory leak in spapr_machine_init()
spapr_machine_init() leaks an Error object when
kvmppc_check_papr_resize_hpt() fails and spapr->resize_hpt is
SPAPR_RESIZE_HPT_DISABLED, i.e. when the host doesn't support hash
page table resizing, and the user didn't ask for it. As harmless as
memory leaks can possibly be. Plug it.
Fixes: 30f4b05bd090564181554d0890605eb2c143e4ea
Cc: David Gibson <dgibson@redhat.com>
Cc: qemu-ppc@nongnu.org
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Greg Kurz <groug@kaod.org>
Acked-by: David Gibson <david@gibson.dropbear.id.au>
Message-Id: <20200630090351.1247703-8-armbru@redhat.com>
Commit: b368123dd9979e8840b6c98ff69722e7bf1da54d
https://github.com/qemu/qemu/commit/b368123dd9979e8840b6c98ff69722e7bf1da54d
Author: Markus Armbruster <armbru@redhat.com>
Date: 2020-07-02 (Thu, 02 Jul 2020)
Changed paths:
M qga/commands-posix.c
Log Message:
-----------
qga: Plug unlikely memory leak in guest-set-memory-blocks
transfer_memory_block() leaks an Error object when reading file
/sys/devices/system/memory/memory<INDEX>/state fails with errno other
than ENOENT, and @sys2memblk is false, i.e. when the state file exists
but cannot be read (seems quite unlikely), and this is
guest-set-memory-blocks, not guest-get-memory-blocks.
Plug the leak.
Fixes: bd240fca42d5f072fb758a71720d9de9990ac553
Cc: Michael Roth <mdroth@linux.vnet.ibm.com>
Cc: Hailiang Zhang <zhang.zhanghailiang@huawei.com>
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: zhanghailiang <zhang.zhanghailiang@huawei.com>
Message-Id: <20200630090351.1247703-9-armbru@redhat.com>
Commit: b98e8d1230ff7023bb34ddeb7194424dfcbaf789
https://github.com/qemu/qemu/commit/b98e8d1230ff7023bb34ddeb7194424dfcbaf789
Author: Markus Armbruster <armbru@redhat.com>
Date: 2020-07-02 (Thu, 02 Jul 2020)
Changed paths:
M hw/sd/milkymist-memcard.c
Log Message:
-----------
sd/milkymist-memcard: Plug minor memory leak in realize
milkymist_memcard_realize() leaks an Error object when realization of
its "sd-card" device fails. Quite harmless, since we only ever
realize this once, in milkymist_init() via milkymist_memcard_create().
Plug the leak.
Fixes: 3d0369ba499866cc6a839f71212d97876500762d
Cc: Philippe Mathieu-Daudé <philmd@redhat.com>
Cc: Michael Walle <michael@walle.cc>
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Message-Id: <20200630090351.1247703-10-armbru@redhat.com>
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Commit: 05584d12ae0c818665637b7ec580b600920d3027
https://github.com/qemu/qemu/commit/05584d12ae0c818665637b7ec580b600920d3027
Author: Markus Armbruster <armbru@redhat.com>
Date: 2020-07-02 (Thu, 02 Jul 2020)
Changed paths:
M tests/test-util-filemonitor.c
Log Message:
-----------
test-util-filemonitor: Plug unlikely memory leak
test_file_monitor_events() leaks an Error object when
qemu_file_monitor_add_watch() fails, which seems unlikely. Plug it.
Cc: Daniel P. Berrangé <berrange@redhat.com>
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Message-Id: <20200630090351.1247703-11-armbru@redhat.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
Commit: b94b3c02df87dc9cca1b395e836f6d83f3a3001f
https://github.com/qemu/qemu/commit/b94b3c02df87dc9cca1b395e836f6d83f3a3001f
Author: Markus Armbruster <armbru@redhat.com>
Date: 2020-07-02 (Thu, 02 Jul 2020)
Changed paths:
M ui/vnc.c
Log Message:
-----------
vnc: Plug minor memory leak in vnc_display_open()
vnc_display_print_local_addr() leaks the Error object when
qio_channel_socket_get_local_address() fails. Seems unlikely. Called
when we create a VNC display with vnc_display_open(). Plug the leak
by passing NULL to ignore the error.
Cc: Daniel P. Berrange <berrange@redhat.com>
Cc: Gerd Hoffmann <kraxel@redhat.com>
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Message-Id: <20200630090351.1247703-12-armbru@redhat.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
Commit: 123327d14e8ccca3e94986a9ea48fc61e8c2357d
https://github.com/qemu/qemu/commit/123327d14e8ccca3e94986a9ea48fc61e8c2357d
Author: Markus Armbruster <armbru@redhat.com>
Date: 2020-07-02 (Thu, 02 Jul 2020)
Changed paths:
M hw/arm/aspeed_ast2600.c
M hw/arm/aspeed_soc.c
Log Message:
-----------
aspeed: Clean up roundabout error propagation
Replace
sysbus_realize(SYS_BUS_DEVICE(&s->spi[i]), &local_err);
error_propagate(&err, local_err);
if (err) {
error_propagate(errp, err);
return;
}
by
sysbus_realize(SYS_BUS_DEVICE(&s->spi[i]), &err);
if (err) {
error_propagate(errp, err);
return;
}
Cc: Cédric Le Goater <clg@kaod.org>
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Cédric Le Goater <clg@kaod.org>
Message-Id: <20200630090351.1247703-13-armbru@redhat.com>
Commit: cd7c866074ed413bb0ccb708f7660436beb4ce37
https://github.com/qemu/qemu/commit/cd7c866074ed413bb0ccb708f7660436beb4ce37
Author: Markus Armbruster <armbru@redhat.com>
Date: 2020-07-02 (Thu, 02 Jul 2020)
Changed paths:
M hw/core/bus.c
M hw/scsi/scsi-bus.c
M hw/usb/bus.c
M hw/xen/xen-bus.c
M hw/xen/xen-legacy-backend.c
M include/hw/qdev-core.h
Log Message:
-----------
qdev: Drop qbus_set_bus_hotplug_handler() parameter @errp
All callers pass &error_abort. Drop the parameter.
Cc: Paolo Bonzini <pbonzini@redhat.com>
Cc: "Daniel P. Berrangé" <berrange@redhat.com>
Cc: Eduardo Habkost <ehabkost@redhat.com>
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Message-Id: <20200630090351.1247703-14-armbru@redhat.com>
Commit: 9bc6bfdf67287fcf5435f22f68e902bb19831243
https://github.com/qemu/qemu/commit/9bc6bfdf67287fcf5435f22f68e902bb19831243
Author: Markus Armbruster <armbru@redhat.com>
Date: 2020-07-02 (Thu, 02 Jul 2020)
Changed paths:
M hw/acpi/pcihp.c
M hw/acpi/piix4.c
M hw/char/virtio-serial-bus.c
M hw/core/bus.c
M hw/pci/pcie.c
M hw/pci/shpc.c
M hw/ppc/spapr.c
M hw/ppc/spapr_pci.c
M hw/s390x/ap-bridge.c
M hw/s390x/css-bridge.c
M hw/s390x/s390-pci-bus.c
M hw/scsi/virtio-scsi.c
M hw/scsi/vmw_pvscsi.c
M hw/usb/dev-smartcard-reader.c
M include/hw/qdev-core.h
Log Message:
-----------
qdev: Drop qbus_set_hotplug_handler() parameter @errp
qbus_set_hotplug_handler() is a simple wrapper around
object_property_set_link().
object_property_set_link() fails when the property doesn't exist, is
not settable, or its .check() method fails. These are all programming
errors here, so passing &error_abort to qbus_set_hotplug_handler() is
appropriate.
Most of its callers do. Exceptions:
* pcie_cap_slot_init(), shpc_init(), spapr_phb_realize() pass NULL,
i.e. they ignore errors.
* spapr_machine_init() passes &error_fatal.
* s390_pcihost_realize(), virtio_serial_device_realize(),
s390_pcihost_plug() pass the error to their callers. The latter two
keep going after the error, which looks wrong.
Drop the @errp parameter, and instead pass &error_abort to
object_property_set_link().
Cc: Paolo Bonzini <pbonzini@redhat.com>
Cc: "Daniel P. Berrangé" <berrange@redhat.com>
Cc: Eduardo Habkost <ehabkost@redhat.com>
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Message-Id: <20200630090351.1247703-15-armbru@redhat.com>
Commit: 2726dc51e0c8c4267ba7c10b5c89d6f842144b48
https://github.com/qemu/qemu/commit/2726dc51e0c8c4267ba7c10b5c89d6f842144b48
Author: Markus Armbruster <armbru@redhat.com>
Date: 2020-07-02 (Thu, 02 Jul 2020)
Changed paths:
M hw/display/virtio-gpu-pci.c
M hw/display/virtio-vga.c
M hw/dma/sparc32_dma.c
M hw/dma/xilinx_axidma.c
M hw/mips/cps.c
M hw/misc/macio/macio.c
M hw/net/xilinx_axienet.c
M hw/virtio/virtio-iommu-pci.c
Log Message:
-----------
hw: Fix error API violation around object_property_set_link()
The Error ** argument must be NULL, &error_abort, &error_fatal, or a
pointer to a variable containing NULL. Passing an argument of the
latter kind twice without clearing it in between is wrong: if the
first call sets an error, it no longer points to NULL for the second
call.
virtio_gpu_pci_base_realize(), virtio_vga_base_realize(),
sparc32_ledma_device_realize(), sparc32_dma_realize(),
sparc32_dma_realize() xilinx_axidma_realize(), mips_cps_realize(),
macio_realize_ide(), xilinx_enet_realize(), and
virtio_iommu_pci_realize() are wrong that way: they reuse the argument
they pass to object_property_set_link() for another call.
Harmless, because object_property_set_link() can't actually fail for
them: it fails when the property doesn't exist, is not settable, or
its .check() method fails. Fix by passing &error_abort instead.
Cc: Gerd Hoffmann <kraxel@redhat.com>
Cc: Mark Cave-Ayland <mark.cave-ayland@ilande.co.uk>
Cc: "Edgar E. Iglesias" <edgar.iglesias@gmail.com>
Cc: Alistair Francis <alistair@alistair23.me>
Cc: Peter Maydell <peter.maydell@linaro.org>
Cc: qemu-arm@nongnu.org
Cc: Aleksandar Markovic <aleksandar.qemu.devel@gmail.com>
Cc: Aurelien Jarno <aurelien@aurel32.net>
Cc: Aleksandar Rikalo <aleksandar.rikalo@syrmia.com>
Cc: Eric Auger <eric.auger@redhat.com>
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Eric Auger <eric.auger@redhat.com>
Reviewed-by: Alistair Francis <alistair.francis@wdc.com>
Message-Id: <20200630090351.1247703-16-armbru@redhat.com>
Reviewed-by: Mark Cave-Ayland <mark.cave-ayland@ilande.co.uk>
Commit: c24d97168a3ec92d4d624bb463214e449be0a42d
https://github.com/qemu/qemu/commit/c24d97168a3ec92d4d624bb463214e449be0a42d
Author: Markus Armbruster <armbru@redhat.com>
Date: 2020-07-02 (Thu, 02 Jul 2020)
Changed paths:
M hw/arm/armsse.c
M hw/arm/armv7m.c
M hw/arm/aspeed_ast2600.c
M hw/arm/aspeed_soc.c
M hw/arm/nrf51_soc.c
Log Message:
-----------
hw/arm: Drop useless object_property_set_link() error handling
object_property_set_link() fails when the property doesn't exist, is
not settable, or its .check() method fails. These are all programming
errors here, so passing it &error_abort is appropriate.
Cc: Peter Maydell <peter.maydell@linaro.org>
Cc: "Cédric Le Goater" <clg@kaod.org>
Cc: Andrew Jeffery <andrew@aj.id.au>
Cc: Joel Stanley <joel@jms.id.au>
Cc: qemu-arm@nongnu.org
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Cédric Le Goater <clg@kaod.org>
Message-Id: <20200630090351.1247703-17-armbru@redhat.com>
Commit: cbe3a8c582f964a222b64bce02a0a3ae22dc0efd
https://github.com/qemu/qemu/commit/cbe3a8c582f964a222b64bce02a0a3ae22dc0efd
Author: Markus Armbruster <armbru@redhat.com>
Date: 2020-07-02 (Thu, 02 Jul 2020)
Changed paths:
M hw/riscv/sifive_u.c
Log Message:
-----------
riscv/sifive_u: Fix sifive_u_soc_realize() error API violations
The Error ** argument must be NULL, &error_abort, &error_fatal, or a
pointer to a variable containing NULL. Passing an argument of the
latter kind twice without clearing it in between is wrong: if the
first call sets an error, it no longer points to NULL for the second
call.
sifive_u_soc_realize() is wrong that way: it passes &err to
sysbus_realize() four times before checking it. Harmless, because the
first three can't actually fail (I think).
Fix by checking for failure right away.
Cc: Palmer Dabbelt <palmer@dabbelt.com>
Cc: Alistair Francis <Alistair.Francis@wdc.com>
Cc: Sagar Karandikar <sagark@eecs.berkeley.edu>
Cc: Bastian Koppelmann <kbastian@mail.uni-paderborn.de>
Cc: Bin Meng <bmeng.cn@gmail.com>
Cc: qemu-riscv@nongnu.org
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Alistair Francis <alistair.francis@wdc.com>
Message-Id: <20200630090351.1247703-18-armbru@redhat.com>
Commit: 3e9a88c3721cd0171ab4e51f0b3617befd124e2a
https://github.com/qemu/qemu/commit/3e9a88c3721cd0171ab4e51f0b3617befd124e2a
Author: Markus Armbruster <armbru@redhat.com>
Date: 2020-07-02 (Thu, 02 Jul 2020)
Changed paths:
M hw/riscv/riscv_hart.c
Log Message:
-----------
riscv_hart: Fix riscv_harts_realize() error API violations
The Error ** argument must be NULL, &error_abort, &error_fatal, or a
pointer to a variable containing NULL. Passing an argument of the
latter kind twice without clearing it in between is wrong: if the
first call sets an error, it no longer points to NULL for the second
call.
riscv_harts_realize() is wrong that way: it passes @errp to
riscv_hart_realize() in a loop. I can't tell offhand whether this can
fail.
Fix by checking for failure in each iteration.
Cc: Palmer Dabbelt <palmer@dabbelt.com>
Cc: Alistair Francis <Alistair.Francis@wdc.com>
Cc: Sagar Karandikar <sagark@eecs.berkeley.edu>
Cc: Bastian Koppelmann <kbastian@mail.uni-paderborn.de>
Cc: Bin Meng <bmeng.cn@gmail.com>
Cc: qemu-riscv@nongnu.org
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Alistair Francis <alistair.francis@wdc.com>
Message-Id: <20200630090351.1247703-19-armbru@redhat.com>
Commit: 81f66cfd24ccd2645b19366d768a72f20ea3838b
https://github.com/qemu/qemu/commit/81f66cfd24ccd2645b19366d768a72f20ea3838b
Author: Markus Armbruster <armbru@redhat.com>
Date: 2020-07-02 (Thu, 02 Jul 2020)
Changed paths:
M hw/mips/cps.c
Log Message:
-----------
mips/cps: Fix mips_cps_realize() error API violations
The Error ** argument must be NULL, &error_abort, &error_fatal, or a
pointer to a variable containing NULL. Passing an argument of the
latter kind twice without clearing it in between is wrong: if the
first call sets an error, it no longer points to NULL for the second
call.
mips_cps_realize() is wrong that way: it passes &err to multiple
object_property_set_FOO() without checking for failure, and then to
sysbus_realize(). Harmless, because the object_property_set_FOO()
can't actually fail here.
Fix by passing &error_abort instead.
Cc: Aleksandar Markovic <aleksandar.qemu.devel@gmail.com>
Cc: Aurelien Jarno <aurelien@aurel32.net>
Cc: Aleksandar Rikalo <aleksandar.rikalo@syrmia.com>
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Message-Id: <20200630090351.1247703-20-armbru@redhat.com>
Commit: 18d588fe1e178b43203532a2debdffd4f36535c5
https://github.com/qemu/qemu/commit/18d588fe1e178b43203532a2debdffd4f36535c5
Author: Markus Armbruster <armbru@redhat.com>
Date: 2020-07-02 (Thu, 02 Jul 2020)
Changed paths:
M hw/i386/x86.c
Log Message:
-----------
x86: Fix x86_cpu_new() error handling
The Error ** argument must be NULL, &error_abort, &error_fatal, or a
pointer to a variable containing NULL. Passing an argument of the
latter kind twice without clearing it in between is wrong: if the
first call sets an error, it no longer points to NULL for the second
call.
x86_cpu_new() is wrong that way: it passes &local_err to
object_property_set_uint() without checking it, and then to
qdev_realize(). If both fail, we'll trip error_setv()'s assertion.
To assess the bug's impact, we'd need to figure out how to make both
calls fail. Too much work for ignorant me, sorry.
Fix by checking for failure right away.
Cc: Igor Mammedov <imammedo@redhat.com>
Cc: Paolo Bonzini <pbonzini@redhat.com>
Cc: Richard Henderson <rth@twiddle.net>
Cc: Eduardo Habkost <ehabkost@redhat.com>
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Message-Id: <20200630090351.1247703-21-armbru@redhat.com>
Reviewed-by: Paolo Bonzini <pbonzini@redhat.com>
Commit: 475fc97d091c2cbcce0cd48c9fd70e966e5d1159
https://github.com/qemu/qemu/commit/475fc97d091c2cbcce0cd48c9fd70e966e5d1159
Author: Markus Armbruster <armbru@redhat.com>
Date: 2020-07-02 (Thu, 02 Jul 2020)
Changed paths:
M hw/i386/amd_iommu.c
Log Message:
-----------
amd_iommu: Fix amdvi_realize() error API violation
The Error ** argument must be NULL, &error_abort, &error_fatal, or a
pointer to a variable containing NULL. Passing an argument of the
latter kind twice without clearing it in between is wrong: if the
first call sets an error, it no longer points to NULL for the second
call.
amdvi_realize() is wrong that way: it passes @errp to qdev_realize(),
object_property_get_int(), and msi_init() without checking it. I
can't tell offhand whether qdev_realize() can fail here. Fix by
checking it for failure. object_property_get_int() can't. Fix by
passing &error_abort instead.
Cc: Paolo Bonzini <pbonzini@redhat.com>
Cc: Richard Henderson <rth@twiddle.net>
Cc: Eduardo Habkost <ehabkost@redhat.com>
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Message-Id: <20200630090351.1247703-22-armbru@redhat.com>
Commit: b40181942e037f74cd12ae7afa140d6508a30639
https://github.com/qemu/qemu/commit/b40181942e037f74cd12ae7afa140d6508a30639
Author: Markus Armbruster <armbru@redhat.com>
Date: 2020-07-02 (Thu, 02 Jul 2020)
Changed paths:
M hw/arm/stm32f205_soc.c
M hw/arm/stm32f405_soc.c
Log Message:
-----------
arm/stm32f205 arm/stm32f405: Fix realize error API violation
The Error ** argument must be NULL, &error_abort, &error_fatal, or a
pointer to a variable containing NULL. Passing an argument of the
latter kind twice without clearing it in between is wrong: if the
first call sets an error, it no longer points to NULL for the second
call.
stm32f205_soc_realize() and stm32f405_soc_realize() are wrong that
way: they pass &err to object_property_set_int() without checking it,
and then to qdev_realize(). Harmless, because the former can't
actually fail here.
Fix by passing &error_abort instead.
Cc: Alistair Francis <alistair@alistair23.me>
Cc: Peter Maydell <peter.maydell@linaro.org>
Cc: qemu-arm@nongnu.org
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Alistair Francis <alistair.francis@wdc.com>
Message-Id: <20200630090351.1247703-23-armbru@redhat.com>
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Commit: 2255f6b7966d981054397765a700e8a34c6a15c4
https://github.com/qemu/qemu/commit/2255f6b7966d981054397765a700e8a34c6a15c4
Author: Markus Armbruster <armbru@redhat.com>
Date: 2020-07-02 (Thu, 02 Jul 2020)
Changed paths:
M hw/arm/aspeed_ast2600.c
M hw/arm/aspeed_soc.c
Log Message:
-----------
aspeed: Fix realize error API violation
The Error ** argument must be NULL, &error_abort, &error_fatal, or a
pointer to a variable containing NULL. Passing an argument of the
latter kind twice without clearing it in between is wrong: if the
first call sets an error, it no longer points to NULL for the second
call.
aspeed_soc_ast2600_realize() and aspeed_soc_realize() are wrong that
way: they pass &err to object_property_set_int() and
object_property_set_bool() without checking it, and then to
sysbus_realize(). Harmless, because the former can't actually fail
here.
Fix by passing &error_abort instead.
Cc: "Cédric Le Goater" <clg@kaod.org>
Cc: Peter Maydell <peter.maydell@linaro.org>
Cc: Andrew Jeffery <andrew@aj.id.au>
Cc: Joel Stanley <joel@jms.id.au>
Cc: qemu-arm@nongnu.org
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Message-Id: <20200630090351.1247703-24-armbru@redhat.com>
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Commit: 17d5d49a4e877b08ebf82aa33b349176281e68a3
https://github.com/qemu/qemu/commit/17d5d49a4e877b08ebf82aa33b349176281e68a3
Author: Markus Armbruster <armbru@redhat.com>
Date: 2020-07-02 (Thu, 02 Jul 2020)
Changed paths:
M hw/arm/armsse.c
Log Message:
-----------
hw/arm/armsse: Fix armsse_realize() error API violation
The Error ** argument must be NULL, &error_abort, &error_fatal, or a
pointer to a variable containing NULL. Passing an argument of the
latter kind twice without clearing it in between is wrong: if the
first call sets an error, it no longer points to NULL for the second
call.
armsse_realize() is wrong that way: it passes &err to
object_property_set_int() multiple times without checking it, and then
to sysbus_realize(). Harmless, because the former can't actually fail
here.
Fix by passing &error_abort instead.
Cc: Peter Maydell <peter.maydell@linaro.org>
Cc: qemu-arm@nongnu.org
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Message-Id: <20200630090351.1247703-25-armbru@redhat.com>
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Commit: 7cd1c981eb497de3efd6707d7ccf3fb756c2350f
https://github.com/qemu/qemu/commit/7cd1c981eb497de3efd6707d7ccf3fb756c2350f
Author: Markus Armbruster <armbru@redhat.com>
Date: 2020-07-02 (Thu, 02 Jul 2020)
Changed paths:
M hw/arm/bcm2835_peripherals.c
M hw/arm/fsl-imx25.c
M hw/arm/fsl-imx6.c
Log Message:
-----------
arm/{bcm2835,fsl-imx25,fsl-imx6}: Fix realize error API violations
The Error ** argument must be NULL, &error_abort, &error_fatal, or a
pointer to a variable containing NULL. Passing an argument of the
latter kind twice without clearing it in between is wrong: if the
first call sets an error, it no longer points to NULL for the second
call.
bcm2835_peripherals_realize(), fsl_imx25_realize() and
fsl_imx6_realize() are wrong that way: they pass &err to
object_property_set_uint() and object_property_set_bool() without
checking it, and then to sysbus_realize(). Harmless, because the
former can't actually fail here.
Fix by passing &error_abort instead.
Cc: Peter Maydell <peter.maydell@linaro.org>
Cc: Andrew Baumann <Andrew.Baumann@microsoft.com>
Cc: "Philippe Mathieu-Daudé" <philmd@redhat.com>
Cc: Jean-Christophe Dubois <jcd@tribudubois.net>
Cc: qemu-arm@nongnu.org
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Message-Id: <20200630090351.1247703-26-armbru@redhat.com>
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Commit: 9cde9caa04beac25cef32a8a9d0bd26d6b91a41a
https://github.com/qemu/qemu/commit/9cde9caa04beac25cef32a8a9d0bd26d6b91a41a
Author: Markus Armbruster <armbru@redhat.com>
Date: 2020-07-02 (Thu, 02 Jul 2020)
Changed paths:
M migration/rdma.c
Log Message:
-----------
migration/rdma: Plug memory leaks in qemu_rdma_registration_stop()
qemu_rdma_registration_stop() uses the ERROR() macro to create, report
to stderr, and store an Error object. The stored Error object is
never used, and its memory is leaked.
Even where ERROR() doesn't leak, it is ill-advised. The whole point
of passing an Error to the caller is letting the caller handle the
error. Error handling may report to stderr, to somewhere else, or not
at all. Also reporting in the callee mixes up concerns that should be
kept separate. Since I don't know what reporting to stderr is
supposed to accomplish, I'm not touching it.
Commit 2a1bc8bde7 "migration/rdma: rdma_accept_incoming_migration fix
error handling" plugged the same leak in
rdma_accept_incoming_migration().
Plug the memory leak the same way: keep the report part, delete the
store part.
The report part uses fprintf(). If it's truly an error, it should use
error_report() instead. But I don't know, so I leave it alone, just
like commit 2a1bc8bde7 did.
Fixes: 2da776db4846eadcb808598a5d3484d149773c05
Cc: Dr. David Alan Gilbert <dgilbert@redhat.com>
Cc: Juan Quintela <quintela@redhat.com>
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Message-Id: <20200630090351.1247703-27-armbru@redhat.com>
Reviewed-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
Commit: 64f0ad8ad8e13257e7c912df470d46784b55c3fd
https://github.com/qemu/qemu/commit/64f0ad8ad8e13257e7c912df470d46784b55c3fd
Author: Peter Maydell <peter.maydell@linaro.org>
Date: 2020-07-02 (Thu, 02 Jul 2020)
Changed paths:
M chardev/char-socket.c
M hw/9pfs/9p.c
M hw/acpi/pcihp.c
M hw/acpi/piix4.c
M hw/arm/armsse.c
M hw/arm/armv7m.c
M hw/arm/aspeed_ast2600.c
M hw/arm/aspeed_soc.c
M hw/arm/bcm2835_peripherals.c
M hw/arm/fsl-imx25.c
M hw/arm/fsl-imx6.c
M hw/arm/nrf51_soc.c
M hw/arm/stm32f205_soc.c
M hw/arm/stm32f405_soc.c
M hw/arm/virt.c
M hw/char/virtio-serial-bus.c
M hw/core/bus.c
M hw/display/virtio-gpu-pci.c
M hw/display/virtio-vga.c
M hw/dma/sparc32_dma.c
M hw/dma/xilinx_axidma.c
M hw/i386/amd_iommu.c
M hw/i386/x86.c
M hw/mips/cps.c
M hw/misc/macio/macio.c
M hw/net/virtio-net.c
M hw/net/xilinx_axienet.c
M hw/pci/pci.c
M hw/pci/pcie.c
M hw/pci/shpc.c
M hw/ppc/spapr.c
M hw/ppc/spapr_drc.c
M hw/ppc/spapr_pci.c
M hw/riscv/riscv_hart.c
M hw/riscv/sifive_u.c
M hw/s390x/ap-bridge.c
M hw/s390x/css-bridge.c
M hw/s390x/s390-pci-bus.c
M hw/scsi/scsi-bus.c
M hw/scsi/virtio-scsi.c
M hw/scsi/vmw_pvscsi.c
M hw/sd/milkymist-memcard.c
M hw/usb/bus.c
M hw/usb/dev-mtp.c
M hw/usb/dev-smartcard-reader.c
M hw/virtio/virtio-iommu-pci.c
M hw/xen/xen-bus.c
M hw/xen/xen-legacy-backend.c
M include/hw/qdev-core.h
M migration/rdma.c
M qga/commands-posix.c
M tests/check-block-qdict.c
M tests/check-qobject.c
M tests/check-qom-proplist.c
M tests/test-base64.c
M tests/test-bdrv-graph-mod.c
M tests/test-block-iothread.c
M tests/test-crypto-cipher.c
M tests/test-io-task.c
M tests/test-logging.c
M tests/test-qemu-opts.c
M tests/test-replication.c
M tests/test-string-input-visitor.c
M tests/test-string-output-visitor.c
M tests/test-util-filemonitor.c
M ui/vnc.c
Log Message:
-----------
Merge remote-tracking branch 'remotes/armbru/tags/pull-error-2020-07-02' into
staging
Error reporting patches patches for 2020-07-02
# gpg: Signature made Thu 02 Jul 2020 10:55:48 BST
# gpg: using RSA key 354BC8B3D7EB2A6B68674E5F3870B400EB918653
# gpg: issuer "armbru@redhat.com"
# gpg: Good signature from "Markus Armbruster <armbru@redhat.com>" [full]
# gpg: aka "Markus Armbruster <armbru@pond.sub.org>" [full]
# Primary key fingerprint: 354B C8B3 D7EB 2A6B 6867 4E5F 3870 B400 EB91 8653
* remotes/armbru/tags/pull-error-2020-07-02: (28 commits)
migration/rdma: Plug memory leaks in qemu_rdma_registration_stop()
arm/{bcm2835,fsl-imx25,fsl-imx6}: Fix realize error API violations
hw/arm/armsse: Fix armsse_realize() error API violation
aspeed: Fix realize error API violation
arm/stm32f205 arm/stm32f405: Fix realize error API violation
amd_iommu: Fix amdvi_realize() error API violation
x86: Fix x86_cpu_new() error handling
mips/cps: Fix mips_cps_realize() error API violations
riscv_hart: Fix riscv_harts_realize() error API violations
riscv/sifive_u: Fix sifive_u_soc_realize() error API violations
hw/arm: Drop useless object_property_set_link() error handling
hw: Fix error API violation around object_property_set_link()
qdev: Drop qbus_set_hotplug_handler() parameter @errp
qdev: Drop qbus_set_bus_hotplug_handler() parameter @errp
aspeed: Clean up roundabout error propagation
vnc: Plug minor memory leak in vnc_display_open()
test-util-filemonitor: Plug unlikely memory leak
sd/milkymist-memcard: Plug minor memory leak in realize
qga: Plug unlikely memory leak in guest-set-memory-blocks
spapr: Plug minor memory leak in spapr_machine_init()
...
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Compare: https://github.com/qemu/qemu/compare/d0c8b957ae64...64f0ad8ad8e1
| [Prev in Thread] |
Current Thread |
[Next in Thread] |
- [Qemu-commits] [qemu/qemu] ed4e0d: chardev/tcp: Fix error message double free error,
Peter Maydell <=