Re: [Qemu-devel] [PATCH for 1.2] console: Fix warning from clang (and potential crash)
Stefan Weil writes:
> Am 17.08.2012 16:10, schrieb Jan Kiszka:
>> On 2012-08-17 15:50, Stefan Weil wrote:
>>
>>> ccc-analyzer reports this warning:
>>>
>>> console.c:1090:29: warning: Dereference of null pointer
>>> if (active_console->cursor_timer) {
>>> ^
>>>
>>> Function console_select allows active_console to be NULL,
>>> but would crash when accessing cursor_timer. Fix this.
>>>
>>> Signed-off-by: Stefan Weil
>>> ---
>>>
>>> Please note that I don't have a test case which triggers the crash.
>>>
>>> Regards,
>>> Stefan Weil
>>>
>>> console.c |2 +-
>>> 1 file changed, 1 insertion(+), 1 deletion(-)
>>>
>>> diff --git a/console.c b/console.c
>>> index 4525cc7..f5e8814 100644
>>> --- a/console.c
>>> +++ b/console.c
>>> @@ -1087,7 +1087,7 @@ void console_select(unsigned int index)
>>> if (s) {
>>> DisplayState *ds = s->ds;
>>>
>>> -if (active_console->cursor_timer) {
>>> +if (active_console&& active_console->cursor_timer) {
>>> qemu_del_timer(active_console->cursor_timer);
>>> }
>>> active_console = s;
>>>
>>>
>> The only path that could trigger this is console_select() in the absence
>> of any console. Not sure if that is possible, but the above is surely
>> consistent with existing code.
>>
>> Reviewed-by: Jan Kiszka
>>
>> Jan
>>
>>
>
>
> Ping? It's still missing in QEMU 1.2.
It'll need to wait for 1.3 to open up. I missed it for 1.2-rc2 and at
this point, I don't want to commit anything other than actual bug fixes.
Regards,
Anthony Liguori
Re: [Qemu-devel] [PATCH for 1.2] console: Fix warning from clang (and potential crash)
Am 17.08.2012 16:10, schrieb Jan Kiszka:
On 2012-08-17 15:50, Stefan Weil wrote:
ccc-analyzer reports this warning:
console.c:1090:29: warning: Dereference of null pointer
if (active_console->cursor_timer) {
^
Function console_select allows active_console to be NULL,
but would crash when accessing cursor_timer. Fix this.
Signed-off-by: Stefan Weil
---
Please note that I don't have a test case which triggers the crash.
Regards,
Stefan Weil
console.c |2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/console.c b/console.c
index 4525cc7..f5e8814 100644
--- a/console.c
+++ b/console.c
@@ -1087,7 +1087,7 @@ void console_select(unsigned int index)
if (s) {
DisplayState *ds = s->ds;
-if (active_console->cursor_timer) {
+if (active_console&& active_console->cursor_timer) {
qemu_del_timer(active_console->cursor_timer);
}
active_console = s;
The only path that could trigger this is console_select() in the absence
of any console. Not sure if that is possible, but the above is surely
consistent with existing code.
Reviewed-by: Jan Kiszka
Jan
Ping? It's still missing in QEMU 1.2.
Re: [Qemu-devel] [PATCH for 1.2] console: Fix warning from clang (and potential crash)
On 2012-08-17 15:50, Stefan Weil wrote:
> ccc-analyzer reports this warning:
>
> console.c:1090:29: warning: Dereference of null pointer
> if (active_console->cursor_timer) {
> ^
>
> Function console_select allows active_console to be NULL,
> but would crash when accessing cursor_timer. Fix this.
>
> Signed-off-by: Stefan Weil
> ---
>
> Please note that I don't have a test case which triggers the crash.
>
> Regards,
> Stefan Weil
>
> console.c |2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/console.c b/console.c
> index 4525cc7..f5e8814 100644
> --- a/console.c
> +++ b/console.c
> @@ -1087,7 +1087,7 @@ void console_select(unsigned int index)
> if (s) {
> DisplayState *ds = s->ds;
>
> -if (active_console->cursor_timer) {
> +if (active_console && active_console->cursor_timer) {
> qemu_del_timer(active_console->cursor_timer);
> }
> active_console = s;
>
The only path that could trigger this is console_select() in the absence
of any console. Not sure if that is possible, but the above is surely
consistent with existing code.
Reviewed-by: Jan Kiszka
Jan
--
Siemens AG, Corporate Technology, CT RTC ITP SDP-DE
Corporate Competence Center Embedded Linux
[Qemu-devel] [PATCH for 1.2] console: Fix warning from clang (and potential crash)
ccc-analyzer reports this warning:
console.c:1090:29: warning: Dereference of null pointer
if (active_console->cursor_timer) {
^
Function console_select allows active_console to be NULL,
but would crash when accessing cursor_timer. Fix this.
Signed-off-by: Stefan Weil
---
Please note that I don't have a test case which triggers the crash.
Regards,
Stefan Weil
console.c |2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/console.c b/console.c
index 4525cc7..f5e8814 100644
--- a/console.c
+++ b/console.c
@@ -1087,7 +1087,7 @@ void console_select(unsigned int index)
if (s) {
DisplayState *ds = s->ds;
-if (active_console->cursor_timer) {
+if (active_console && active_console->cursor_timer) {
qemu_del_timer(active_console->cursor_timer);
}
active_console = s;
--
1.7.10
