* [PULL 0/2] Fixes 20200325 patches
@ 2020-03-25 10:58 Gerd Hoffmann
2020-03-25 10:58 ` [PULL 1/2] ui/input-linux: Do not ignore ioctl() return value Gerd Hoffmann
` (2 more replies)
0 siblings, 3 replies; 4+ messages in thread
From: Gerd Hoffmann @ 2020-03-25 10:58 UTC (permalink / raw)
To: qemu-devel; +Cc: Gerd Hoffmann
The following changes since commit 736cf607e40674776d752acc201f565723e86045:
Update version for v5.0.0-rc0 release (2020-03-24 17:50:00 +0000)
are available in the Git repository at:
git://git.kraxel.org/qemu tags/fixes-20200325-pull-request
for you to fetch changes up to 95fad99cb28e9970944b01fd7af452f6f9f37484:
hw/audio/fmopl: fix segmentation fault (2020-03-25 09:55:40 +0100)
----------------------------------------------------------------
fixes: input error handling & audio segfault
----------------------------------------------------------------
Philippe Mathieu-Daudé (1):
ui/input-linux: Do not ignore ioctl() return value
Volker Rümelin (1):
hw/audio/fmopl: fix segmentation fault
hw/audio/fmopl.c | 4 ++--
ui/input-linux.c | 29 +++++++++++++++++++++++++++--
2 files changed, 29 insertions(+), 4 deletions(-)
--
2.18.2
^ permalink raw reply [flat|nested] 4+ messages in thread
* [PULL 1/2] ui/input-linux: Do not ignore ioctl() return value
2020-03-25 10:58 [PULL 0/2] Fixes 20200325 patches Gerd Hoffmann
@ 2020-03-25 10:58 ` Gerd Hoffmann
2020-03-25 10:58 ` [PULL 2/2] hw/audio/fmopl: fix segmentation fault Gerd Hoffmann
2020-03-26 9:27 ` [PULL 0/2] Fixes 20200325 patches Peter Maydell
2 siblings, 0 replies; 4+ messages in thread
From: Gerd Hoffmann @ 2020-03-25 10:58 UTC (permalink / raw)
To: qemu-devel; +Cc: Philippe Mathieu-Daudé, Gerd Hoffmann
From: Philippe Mathieu-Daudé <philmd@redhat.com>
Fix warnings reported by Clang static code analyzer:
CC ui/input-linux.o
ui/input-linux.c:343:9: warning: Value stored to 'rc' is never read
rc = ioctl(il->fd, EVIOCGBIT(EV_REL, sizeof(relmap)), &relmap);
^ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
ui/input-linux.c:351:9: warning: Value stored to 'rc' is never read
rc = ioctl(il->fd, EVIOCGBIT(EV_ABS, sizeof(absmap)), &absmap);
^ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
ui/input-linux.c:354:13: warning: Value stored to 'rc' is never read
rc = ioctl(il->fd, EVIOCGABS(ABS_X), &absinfo);
^ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
ui/input-linux.c:357:13: warning: Value stored to 'rc' is never read
rc = ioctl(il->fd, EVIOCGABS(ABS_Y), &absinfo);
^ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
ui/input-linux.c:365:9: warning: Value stored to 'rc' is never read
rc = ioctl(il->fd, EVIOCGBIT(EV_KEY, sizeof(keymap)), keymap);
^ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
ui/input-linux.c:366:9: warning: Value stored to 'rc' is never read
rc = ioctl(il->fd, EVIOCGKEY(sizeof(keystate)), keystate);
^ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Reported-by: Clang Static Analyzer
Signed-off-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Reviewed-by: Darren Kenny <darren.kenny@oracle.com>
Message-id: 20200322161219.17757-1-philmd@redhat.com
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
---
ui/input-linux.c | 29 +++++++++++++++++++++++++++--
1 file changed, 27 insertions(+), 2 deletions(-)
diff --git a/ui/input-linux.c b/ui/input-linux.c
index a7b280b25b98..ef37b14d6f22 100644
--- a/ui/input-linux.c
+++ b/ui/input-linux.c
@@ -334,13 +334,15 @@ static void input_linux_complete(UserCreatable *uc, Error **errp)
rc = ioctl(il->fd, EVIOCGBIT(0, sizeof(evtmap)), &evtmap);
if (rc < 0) {
- error_setg(errp, "%s: failed to read event bits", il->evdev);
- goto err_close;
+ goto err_read_event_bits;
}
if (evtmap & (1 << EV_REL)) {
relmap = 0;
rc = ioctl(il->fd, EVIOCGBIT(EV_REL, sizeof(relmap)), &relmap);
+ if (rc < 0) {
+ goto err_read_event_bits;
+ }
if (relmap & (1 << REL_X)) {
il->has_rel_x = true;
}
@@ -349,12 +351,25 @@ static void input_linux_complete(UserCreatable *uc, Error **errp)
if (evtmap & (1 << EV_ABS)) {
absmap = 0;
rc = ioctl(il->fd, EVIOCGBIT(EV_ABS, sizeof(absmap)), &absmap);
+ if (rc < 0) {
+ goto err_read_event_bits;
+ }
if (absmap & (1 << ABS_X)) {
il->has_abs_x = true;
rc = ioctl(il->fd, EVIOCGABS(ABS_X), &absinfo);
+ if (rc < 0) {
+ error_setg(errp, "%s: failed to get get absolute X value",
+ il->evdev);
+ goto err_close;
+ }
il->abs_x_min = absinfo.minimum;
il->abs_x_max = absinfo.maximum;
rc = ioctl(il->fd, EVIOCGABS(ABS_Y), &absinfo);
+ if (rc < 0) {
+ error_setg(errp, "%s: failed to get get absolute Y value",
+ il->evdev);
+ goto err_close;
+ }
il->abs_y_min = absinfo.minimum;
il->abs_y_max = absinfo.maximum;
}
@@ -363,7 +378,14 @@ static void input_linux_complete(UserCreatable *uc, Error **errp)
if (evtmap & (1 << EV_KEY)) {
memset(keymap, 0, sizeof(keymap));
rc = ioctl(il->fd, EVIOCGBIT(EV_KEY, sizeof(keymap)), keymap);
+ if (rc < 0) {
+ goto err_read_event_bits;
+ }
rc = ioctl(il->fd, EVIOCGKEY(sizeof(keystate)), keystate);
+ if (rc < 0) {
+ error_setg(errp, "%s: failed to get global key state", il->evdev);
+ goto err_close;
+ }
for (i = 0; i < KEY_CNT; i++) {
if (keymap[i / 8] & (1 << (i % 8))) {
if (linux_is_button(i)) {
@@ -390,6 +412,9 @@ static void input_linux_complete(UserCreatable *uc, Error **errp)
il->initialized = true;
return;
+err_read_event_bits:
+ error_setg(errp, "%s: failed to read event bits", il->evdev);
+
err_close:
close(il->fd);
return;
--
2.18.2
^ permalink raw reply related [flat|nested] 4+ messages in thread
* [PULL 2/2] hw/audio/fmopl: fix segmentation fault
2020-03-25 10:58 [PULL 0/2] Fixes 20200325 patches Gerd Hoffmann
2020-03-25 10:58 ` [PULL 1/2] ui/input-linux: Do not ignore ioctl() return value Gerd Hoffmann
@ 2020-03-25 10:58 ` Gerd Hoffmann
2020-03-26 9:27 ` [PULL 0/2] Fixes 20200325 patches Peter Maydell
2 siblings, 0 replies; 4+ messages in thread
From: Gerd Hoffmann @ 2020-03-25 10:58 UTC (permalink / raw)
To: qemu-devel; +Cc: Volker Rümelin, Gerd Hoffmann
From: Volker Rümelin <vr_qemu@t-online.de>
Current code allocates the memory for ENV_CURVE too late. Move
allocation to OPLOpenTable() and deallocation to OPLCloseTable().
To reproduce the bug start qemu with -soundhw adlib.
Fixes 2eea51bd01 "hw/audio/fmopl: Move ENV_CURVE to .heap to save
32KiB of .bss"
Signed-off-by: Volker Rümelin <vr_qemu@t-online.de>
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Message-id: 20200324061855.5951-1-vr_qemu@t-online.de
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
---
hw/audio/fmopl.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/hw/audio/fmopl.c b/hw/audio/fmopl.c
index 356d4dfbcaa6..8a71a569fab0 100644
--- a/hw/audio/fmopl.c
+++ b/hw/audio/fmopl.c
@@ -627,6 +627,7 @@ static int OPLOpenTable( void )
free(AMS_TABLE);
return 0;
}
+ ENV_CURVE = g_new(int32_t, 2 * EG_ENT + 1);
/* make total level table */
for (t = 0;t < EG_ENT-1 ;t++){
rate = ((1<<TL_BITS)-1)/pow(10,EG_STEP*t/20); /* dB -> voltage */
@@ -694,6 +695,7 @@ static int OPLOpenTable( void )
static void OPLCloseTable( void )
{
+ g_free(ENV_CURVE);
free(TL_TABLE);
free(SIN_TABLE);
free(AMS_TABLE);
@@ -1090,7 +1092,6 @@ FM_OPL *OPLCreate(int clock, int rate)
OPL->clock = clock;
OPL->rate = rate;
OPL->max_ch = max_ch;
- ENV_CURVE = g_new(int32_t, 2 * EG_ENT + 1);
/* init grobal tables */
OPL_initialize(OPL);
/* reset chip */
@@ -1128,7 +1129,6 @@ void OPLDestroy(FM_OPL *OPL)
#endif
OPL_UnLockTable();
free(OPL);
- g_free(ENV_CURVE);
}
/* ---------- Option handlers ---------- */
--
2.18.2
^ permalink raw reply related [flat|nested] 4+ messages in thread
* Re: [PULL 0/2] Fixes 20200325 patches
2020-03-25 10:58 [PULL 0/2] Fixes 20200325 patches Gerd Hoffmann
2020-03-25 10:58 ` [PULL 1/2] ui/input-linux: Do not ignore ioctl() return value Gerd Hoffmann
2020-03-25 10:58 ` [PULL 2/2] hw/audio/fmopl: fix segmentation fault Gerd Hoffmann
@ 2020-03-26 9:27 ` Peter Maydell
2 siblings, 0 replies; 4+ messages in thread
From: Peter Maydell @ 2020-03-26 9:27 UTC (permalink / raw)
To: Gerd Hoffmann; +Cc: QEMU Developers
On Wed, 25 Mar 2020 at 11:05, Gerd Hoffmann <kraxel@redhat.com> wrote:
>
> The following changes since commit 736cf607e40674776d752acc201f565723e86045:
>
> Update version for v5.0.0-rc0 release (2020-03-24 17:50:00 +0000)
>
> are available in the Git repository at:
>
> git://git.kraxel.org/qemu tags/fixes-20200325-pull-request
>
> for you to fetch changes up to 95fad99cb28e9970944b01fd7af452f6f9f37484:
>
> hw/audio/fmopl: fix segmentation fault (2020-03-25 09:55:40 +0100)
>
> ----------------------------------------------------------------
> fixes: input error handling & audio segfault
>
> ----------------------------------------------------------------
Applied, thanks.
Please update the changelog at https://wiki.qemu.org/ChangeLog/5.0
for any user-visible changes.
-- PMM
^ permalink raw reply [flat|nested] 4+ messages in thread
end of thread, other threads:[~2020-03-26 9:28 UTC | newest]
Thread overview: 4+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2020-03-25 10:58 [PULL 0/2] Fixes 20200325 patches Gerd Hoffmann
2020-03-25 10:58 ` [PULL 1/2] ui/input-linux: Do not ignore ioctl() return value Gerd Hoffmann
2020-03-25 10:58 ` [PULL 2/2] hw/audio/fmopl: fix segmentation fault Gerd Hoffmann
2020-03-26 9:27 ` [PULL 0/2] Fixes 20200325 patches Peter Maydell
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.