packages/qemu
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
qemu/hw-display-macfb-Fix-missing-ERRP_GUARD-in-macfb_nub.patch
Jiabo Feng 1f0277483b QEMU update to version 8.2.0-2 
- block: bugfix: Don't pause vm when NOSPACE EIO happened
- block: enable cache mode of empty cdrom
- block/mirror: fix file-system went to read-only after block-mirror
- scsi-bus: fix incorrect call for blk_error_retry_reset_timeout()
- scsi-bus: fix unmatched object_unref()
- block: Add sanity check when setting retry parameters
- block-backend: Stop retrying when draining
- scsi-disk: Add support for retry on errors
- scsi-bus: Refactor the code that retries requests
- virtio_blk: Add support for retry on errors
- block: Add error retry param setting
- block-backend: Add timeout support for retry
- block-backend: Enable retry action on errors
- block-backend: Add device specific retry callback
- block-backend: Introduce retry timer
- qapi/block-core: Add retry option for error action
- scsi: bugfix: fix division by zero
- scsi: cdrom: Fix crash after remote cdrom detached
- qemu-pr: fixed ioctl failed for multipath disk
- scsi-disk: define props in scsi_block_disk to avoid memleaks
- bugfix: fix possible memory leak
- bugfix: fix some illegal memory access and memory leak
- util/log: add CONFIG_DISABLE_QEMU_LOG macro
- log: Add some logs on VM runtime path
- bugfix: fix eventfds may double free when vm_id reused in ivshmem
- hw/display/macfb: Fix missing ERRP_GUARD() in macfb_nubus_realize()
- hw/cxl/cxl-host: Fix missing ERRP_GUARD() in cxl_fixed_memory_window_config()
- qemu-img create: 'cache' paramter only use for reg file image
- qemu-img: add qemu-img direct create
- qemu-img block: set zero flags only when discard_zeros of the block supported
- Revert "file-posix: Remove unused s->discard_zeroes"
- pcie_sriov: Validate NumVFs (CVE-2024-26327)
- hw/nvme: Use pcie_sriov_num_vfs() (CVE-2024-26328)
- hw/acpi/cpu: Use CPUState typedef
- target/i386/sev: Fix missing ERRP_GUARD() for error_prepend()
- virtio-gpu: remove needless condition
- hw/i2c/smbus_slave: Add object path on error prints
- vfio/pci: Ascend710 change to bar2 quirk
- vfio/pci: Ascend910 need 4Bytes quirk in bar0
- vfio/pci: Ascend710 need 4Bytes quirk in bar0
- vfio/pci: Ascend310 need 4Bytes quirk in bar4
- chardev/char-socket: Fix TLS io channels sending too much data to the backend
- i386/cpuid: Move leaf 7 to correct group
- i386/cpuid: Decrease cpuid_i when skipping CPUID leaf 1F
- i386/cpu: Mask with XCR0/XSS mask for FEAT_XSAVE_XCR0_HI and FEAT_XSAVE_XSS_HI leafs
- i386/cpu: Clear FEAT_XSAVE_XSS_LO/HI leafs when CPUID_EXT_XSAVE is not available
- blkio: Respect memory-alignment for bounce buffer allocations
- virtio-gpu: Correct virgl_renderer_resource_get_info() error check
- hw/usb: Style cleanup
- tests/qemu-iotests: resolved the problem that the 108 test cases in
  the container fail

Signed-off-by: Jiabo Feng <fengjiabo1@huawei.com>
(cherry picked from commit 404d45bf9147058a475a8031c454a6c8e0acc123)
2024-03-26 21:11:41 +08:00

69 lines
2.2 KiB
Diff
Raw Blame History

From c9ee283913cc9df8998a21544a68ac1d2f86aa49 Mon Sep 17 00:00:00 2001
From: qihao <qihao_yewu@cmss.chinamobile.com>
Date: Tue, 19 Mar 2024 15:07:51 +0800
Subject: [PATCH] hw/display/macfb: Fix missing ERRP_GUARD() in
macfb_nubus_realize()
cheery-pick from 5aa4a6417b0f7acbfd7f4c21dca26293bc3d9348
As the comment in qapi/error, dereferencing @errp requires
ERRP_GUARD():
* = Why, when and how to use ERRP_GUARD() =
*
* Without ERRP_GUARD(), use of the @errp parameter is restricted:
* - It must not be dereferenced, because it may be null.
...
* ERRP_GUARD() lifts these restrictions.
*
* To use ERRP_GUARD(), add it right at the beginning of the function.
* @errp can then be used without worrying about the argument being
* NULL or &error_fatal.
*
* Using it when it's not needed is safe, but please avoid cluttering
* the source with useless code.
But in macfb_nubus_realize(), @errp is dereferenced without
ERRP_GUARD():
ndc->parent_realize(dev, errp);
if (*errp) {
return;
}
Here we check *errp, because the ndc->parent_realize(), as a
DeviceClass.realize() callback, returns void. And since
macfb_nubus_realize(), also as a DeviceClass.realize(), doesn't get the
NULL @errp parameter, it hasn't triggered the bug that dereferencing the
NULL @errp.
To follow the requirement of @errp, add missing ERRP_GUARD() in
macfb_nubus_realize().
Suggested-by: Markus Armbruster <armbru@redhat.com>
Signed-off-by: Zhao Liu <zhao1.liu@intel.com>
Reviewed-by: Markus Armbruster <armbru@redhat.com>
Message-Id: <20240223085653.1255438-3-zhao1.liu@linux.intel.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: qihao_yewu <qihao_yewu@cmss.chinamobile.com>
---
hw/display/macfb.c | 1 +
1 file changed, 1 insertion(+)
diff --git a/hw/display/macfb.c b/hw/display/macfb.c
index d61541ccb5..170da35757 100644
--- a/hw/display/macfb.c
+++ b/hw/display/macfb.c
@@ -714,6 +714,7 @@ static void macfb_nubus_set_irq(void *opaque, int n, int level)
static void macfb_nubus_realize(DeviceState *dev, Error **errp)
{
+ ERRP_GUARD();
NubusDevice *nd = NUBUS_DEVICE(dev);
MacfbNubusState *s = NUBUS_MACFB(dev);
MacfbNubusDeviceClass *ndc = NUBUS_MACFB_GET_CLASS(dev);
--
2.27.0
Reference in New Issue View Git Blame Copy Permalink