Re: [PATCH 06/17] hw/vfio/container: Fix missing ERRP_GUARD() for error_prepend()
Hello, On 2/29/24 15:39, Zhao Liu wrote: From: Zhao Liu As the comment in qapi/error, passing @errp to error_prepend() requires ERRP_GUARD(): * = Why, when and how to use ERRP_GUARD() = * * Without ERRP_GUARD(), use of the @errp parameter is restricted: ... * - It should not be passed to error_prepend(), error_vprepend() or * error_append_hint(), because that doesn't work with _fatal. * ERRP_GUARD() lifts these restrictions. * * To use ERRP_GUARD(), add it right at the beginning of the function. * @errp can then be used without worrying about the argument being * NULL or _fatal. ERRP_GUARD() could avoid the case when @errp is the pointer of error_fatal, the user can't see this additional information, because exit() happens in error_setg earlier than information is added [1]. The vfio_get_group() passes @errp to error_prepend(). Its @errp is from vfio_attach_device(), which @errp parameter is so widely sourced that it is necessary to protect it with ERRP_GUARD(). To avoid the issue like [1] said, add missing ERRP_GUARD() at the beginning of this function. [1]: Issue description in the commit message of commit ae7c80a7bd73 ("error: New macro ERRP_GUARD()"). Cc: Alex Williamson Cc: "Cédric Le Goater" Signed-off-by: Zhao Liu Reviewed-by: Cédric Le Goater Thanks, C.
Re: [PATCH 06/17] hw/vfio/container: Fix missing ERRP_GUARD() for error_prepend()
On 29/02/2024 15.39, Zhao Liu wrote: From: Zhao Liu As the comment in qapi/error, passing @errp to error_prepend() requires ERRP_GUARD(): * = Why, when and how to use ERRP_GUARD() = * * Without ERRP_GUARD(), use of the @errp parameter is restricted: ... * - It should not be passed to error_prepend(), error_vprepend() or * error_append_hint(), because that doesn't work with _fatal. * ERRP_GUARD() lifts these restrictions. * * To use ERRP_GUARD(), add it right at the beginning of the function. * @errp can then be used without worrying about the argument being * NULL or _fatal. ERRP_GUARD() could avoid the case when @errp is the pointer of error_fatal, the user can't see this additional information, because exit() happens in error_setg earlier than information is added [1]. The vfio_get_group() passes @errp to error_prepend(). Its @errp is from vfio_attach_device(), which @errp parameter is so widely sourced that it is necessary to protect it with ERRP_GUARD(). To avoid the issue like [1] said, add missing ERRP_GUARD() at the beginning of this function. [1]: Issue description in the commit message of commit ae7c80a7bd73 ("error: New macro ERRP_GUARD()"). Cc: Alex Williamson Cc: "Cédric Le Goater" Signed-off-by: Zhao Liu --- hw/vfio/container.c | 1 + 1 file changed, 1 insertion(+) diff --git a/hw/vfio/container.c b/hw/vfio/container.c index bd25b9fbad2e..f66bb01f5b18 100644 --- a/hw/vfio/container.c +++ b/hw/vfio/container.c @@ -719,6 +719,7 @@ static void vfio_disconnect_container(VFIOGroup *group) static VFIOGroup *vfio_get_group(int groupid, AddressSpace *as, Error **errp) { +ERRP_GUARD(); VFIOGroup *group; char path[32]; struct vfio_group_status status = { .argsz = sizeof(status) }; Reviewed-by: Thomas Huth
[PATCH 06/17] hw/vfio/container: Fix missing ERRP_GUARD() for error_prepend()
From: Zhao Liu As the comment in qapi/error, passing @errp to error_prepend() requires ERRP_GUARD(): * = Why, when and how to use ERRP_GUARD() = * * Without ERRP_GUARD(), use of the @errp parameter is restricted: ... * - It should not be passed to error_prepend(), error_vprepend() or * error_append_hint(), because that doesn't work with _fatal. * ERRP_GUARD() lifts these restrictions. * * To use ERRP_GUARD(), add it right at the beginning of the function. * @errp can then be used without worrying about the argument being * NULL or _fatal. ERRP_GUARD() could avoid the case when @errp is the pointer of error_fatal, the user can't see this additional information, because exit() happens in error_setg earlier than information is added [1]. The vfio_get_group() passes @errp to error_prepend(). Its @errp is from vfio_attach_device(), which @errp parameter is so widely sourced that it is necessary to protect it with ERRP_GUARD(). To avoid the issue like [1] said, add missing ERRP_GUARD() at the beginning of this function. [1]: Issue description in the commit message of commit ae7c80a7bd73 ("error: New macro ERRP_GUARD()"). Cc: Alex Williamson Cc: "Cédric Le Goater" Signed-off-by: Zhao Liu --- hw/vfio/container.c | 1 + 1 file changed, 1 insertion(+) diff --git a/hw/vfio/container.c b/hw/vfio/container.c index bd25b9fbad2e..f66bb01f5b18 100644 --- a/hw/vfio/container.c +++ b/hw/vfio/container.c @@ -719,6 +719,7 @@ static void vfio_disconnect_container(VFIOGroup *group) static VFIOGroup *vfio_get_group(int groupid, AddressSpace *as, Error **errp) { +ERRP_GUARD(); VFIOGroup *group; char path[32]; struct vfio_group_status status = { .argsz = sizeof(status) }; -- 2.34.1