diff options
author | Markus Armbruster <armbru@redhat.com> | 2020-07-16 17:06:17 +0200 |
---|---|---|
committer | Markus Armbruster <armbru@redhat.com> | 2020-07-21 14:38:23 +0200 |
commit | cbf97d5b799f4bc47b9e825100d1a98d3cf77c80 (patch) | |
tree | 23c097719f82db8d6942b74c2d0d4e7d9f8674ff /scripts | |
parent | af3d69058e09bede9900f266a618ed11f76f49f3 (diff) | |
download | qemu-cbf97d5b799f4bc47b9e825100d1a98d3cf77c80.zip qemu-cbf97d5b799f4bc47b9e825100d1a98d3cf77c80.tar.gz qemu-cbf97d5b799f4bc47b9e825100d1a98d3cf77c80.tar.bz2 |
qapi: Fix visit_type_STRUCT() not to fail for null object
To make deallocating partially constructed objects work, the
visit_type_STRUCT() need to succeed without doing anything when passed
a null object.
Commit cdd2b228b9 "qapi: Smooth visitor error checking in generated
code" broke that. To reproduce, run tests/test-qobject-input-visitor
with AddressSanitizer:
==4353==ERROR: LeakSanitizer: detected memory leaks
Direct leak of 16 byte(s) in 1 object(s) allocated from:
#0 0x7f192d0c5d28 in __interceptor_calloc (/usr/lib/x86_64-linux-gnu/libasan.so.4+0xded28)
#1 0x7f192cd21b10 in g_malloc0 (/usr/lib/x86_64-linux-gnu/libglib-2.0.so.0+0x51b10)
#2 0x556725f6bbee in visit_next_list qapi/qapi-visit-core.c:86
#3 0x556725f49e15 in visit_type_UserDefOneList tests/test-qapi-visit.c:474
#4 0x556725f4489b in test_visitor_in_fail_struct_in_list tests/test-qobject-input-visitor.c:1086
#5 0x7f192cd42f29 (/usr/lib/x86_64-linux-gnu/libglib-2.0.so.0+0x72f29)
SUMMARY: AddressSanitizer: 16 byte(s) leaked in 1 allocation(s).
Test case /visitor/input/fail/struct-in-list feeds a list with a bad
element to the QObject input visitor. Visiting that element duly
fails, and aborts the visit with the list only partially constructed:
the faulty object is null. Cleaning up the partially constructed list
visits that null object, fails, and aborts the visit before the list
node gets freed.
Fix the the generated visit_type_STRUCT() to succeed for null objects.
Fixes: cdd2b228b973d2a29edf7696ef6e8b08ec329019
Reported-by: Li Qiang <liq3ea@163.com>
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Message-Id: <20200716150617.4027356-1-armbru@redhat.com>
Tested-by: Li Qiang <liq3ea@gmail.com>
Reviewed-by: Li Qiang <liq3ea@gmail.com>
Diffstat (limited to 'scripts')
-rw-r--r-- | scripts/qapi/visit.py | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/scripts/qapi/visit.py b/scripts/qapi/visit.py index 3fb2f30..cdabc5f 100644 --- a/scripts/qapi/visit.py +++ b/scripts/qapi/visit.py @@ -249,6 +249,7 @@ bool visit_type_%(c_name)s(Visitor *v, const char *name, %(c_name)s **obj, Error if (!*obj) { /* incomplete */ assert(visit_is_dealloc(v)); + ok = true; goto out_obj; } if (!visit_type_%(c_name)s_members(v, *obj, errp)) { |