* Re: [PATCH] console: avoid passing con=NULL to graphic_hw_update_done() In graphic_hw_update(), first select an existing console, a specific-console or active_console(if not specified), then updating the console.
2020-11-06 17:03 [PATCH] console: avoid passing con=NULL to graphic_hw_update_done() In graphic_hw_update(), first select an existing console, a specific-console or active_console(if not specified), then updating the console lichun
@ 2020-11-06 9:28 ` Gerd Hoffmann
2020-11-06 9:35 ` lichun
2020-11-07 10:36 ` Peter Maydell
0 siblings, 2 replies; 4+ messages in thread
From: Gerd Hoffmann @ 2020-11-06 9:28 UTC (permalink / raw)
To: lichun; +Cc: peter.maydell, qemu-devel, 706701795
Hi,
If you have an long commit message put it into the body not the subject
please.
On Sat, Nov 07, 2020 at 01:03:39AM +0800, lichun wrote:
> Signed-off-by: lichun <lichun@ruijie.com.cn>
> ---
> ui/console.c | 5 +++--
> 1 file changed, 3 insertions(+), 2 deletions(-)
>
> diff --git a/ui/console.c b/ui/console.c
> index e8e5970..e07d2c3 100644
> --- a/ui/console.c
> +++ b/ui/console.c
> @@ -270,10 +270,11 @@ void graphic_hw_update_done(QemuConsole *con)
> void graphic_hw_update(QemuConsole *con)
> {
> bool async = false;
> + con = con ? con : active_console;
con should not be NULL at this point.
Can you trigger a NULL pointer dereference here somehow?
thanks,
Gerd
^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: Re: [PATCH] console: avoid passing con=NULL to graphic_hw_update_done() In graphic_hw_update(), first select an existing console, a specific-console or active_console(if not specified), then updating the console.
2020-11-06 9:28 ` Gerd Hoffmann
@ 2020-11-06 9:35 ` lichun
2020-11-07 10:36 ` Peter Maydell
1 sibling, 0 replies; 4+ messages in thread
From: lichun @ 2020-11-06 9:35 UTC (permalink / raw)
To: kraxel; +Cc: peter.maydell, qemu-devel, 706701795
> Hi,
>
>If you have an long commit message put it into the body not the subject
>please.
Okey, I should leave a blank line.
>
>On Sat, Nov 07, 2020 at 01:03:39AM +0800, lichun wrote:
>> Signed-off-by: lichun <lichun@ruijie.com.cn>
>> ---
>> ui/console.c | 5 +++--
>> 1 file changed, 3 insertions(+), 2 deletions(-)
>>
>> diff --git a/ui/console.c b/ui/console.c
>> index e8e5970..e07d2c3 100644
>> --- a/ui/console.c
>> +++ b/ui/console.c
>> @@ -270,10 +270,11 @@ void graphic_hw_update_done(QemuConsole *con)
>> void graphic_hw_update(QemuConsole *con)
>> {
>> bool async = false;
>> + con = con ? con : active_console;
>
>con should not be NULL at this point.
>
>Can you trigger a NULL pointer dereference here somehow?
run #./qemu-system-x86_64 -nodefaults test.img -vnc 0.0.0.0:0
Then connect with VNC client, It will cause QEMU CRASH.
>
>thanks,
> Gerd
>
^ permalink raw reply [flat|nested] 4+ messages in thread
* [PATCH] console: avoid passing con=NULL to graphic_hw_update_done() In graphic_hw_update(), first select an existing console, a specific-console or active_console(if not specified), then updating the console.
@ 2020-11-06 17:03 lichun
2020-11-06 9:28 ` Gerd Hoffmann
0 siblings, 1 reply; 4+ messages in thread
From: lichun @ 2020-11-06 17:03 UTC (permalink / raw)
To: qemu-devel; +Cc: peter.maydell, lichun, 706701795, kraxel
Signed-off-by: lichun <lichun@ruijie.com.cn>
---
ui/console.c | 5 +++--
1 file changed, 3 insertions(+), 2 deletions(-)
diff --git a/ui/console.c b/ui/console.c
index e8e5970..e07d2c3 100644
--- a/ui/console.c
+++ b/ui/console.c
@@ -270,10 +270,11 @@ void graphic_hw_update_done(QemuConsole *con)
void graphic_hw_update(QemuConsole *con)
{
bool async = false;
+ con = con ? con : active_console;
if (!con) {
- con = active_console;
+ return;
}
- if (con && con->hw_ops->gfx_update) {
+ if (con->hw_ops->gfx_update) {
con->hw_ops->gfx_update(con->hw);
async = con->hw_ops->gfx_update_async;
}
--
1.8.3.1
^ permalink raw reply related [flat|nested] 4+ messages in thread
* Re: [PATCH] console: avoid passing con=NULL to graphic_hw_update_done() In graphic_hw_update(), first select an existing console, a specific-console or active_console(if not specified), then updating the console.
2020-11-06 9:28 ` Gerd Hoffmann
2020-11-06 9:35 ` lichun
@ 2020-11-07 10:36 ` Peter Maydell
1 sibling, 0 replies; 4+ messages in thread
From: Peter Maydell @ 2020-11-07 10:36 UTC (permalink / raw)
To: Gerd Hoffmann; +Cc: lichun, QEMU Developers, 706701795
On Fri, 6 Nov 2020 at 09:28, Gerd Hoffmann <kraxel@redhat.com> wrote:
>
> Hi,
>
> If you have an long commit message put it into the body not the subject
> please.
>
> On Sat, Nov 07, 2020 at 01:03:39AM +0800, lichun wrote:
> > Signed-off-by: lichun <lichun@ruijie.com.cn>
> > ---
> > ui/console.c | 5 +++--
> > 1 file changed, 3 insertions(+), 2 deletions(-)
> >
> > diff --git a/ui/console.c b/ui/console.c
> > index e8e5970..e07d2c3 100644
> > --- a/ui/console.c
> > +++ b/ui/console.c
> > @@ -270,10 +270,11 @@ void graphic_hw_update_done(QemuConsole *con)
> > void graphic_hw_update(QemuConsole *con)
> > {
> > bool async = false;
> > + con = con ? con : active_console;
>
> con should not be NULL at this point.
There is definitely a bug in the code currently in master, though.
Coverity points out (CID 1436158) that it checks for con being
NULL in the "if (con && con->hw_ops->gfx_update) {" line, but
then proceeds to call "graphic_hw_update_done(con);" which
assumes con is non-NULL. If con can't be NULL then the check
in the if() is unnecessary.
thnask
-- PMM
^ permalink raw reply [flat|nested] 4+ messages in thread
end of thread, other threads:[~2020-11-07 10:37 UTC | newest]
Thread overview: 4+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2020-11-06 17:03 [PATCH] console: avoid passing con=NULL to graphic_hw_update_done() In graphic_hw_update(), first select an existing console, a specific-console or active_console(if not specified), then updating the console lichun
2020-11-06 9:28 ` Gerd Hoffmann
2020-11-06 9:35 ` lichun
2020-11-07 10:36 ` Peter Maydell
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.