Re: [PULL 03/19] monitor: hmp_qemu_io: acquire aio contex, fix crash

qemu-devel

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [PULL 03/19] monitor: hmp_qemu_io: acquire aio contex, fix crash

From:	Peter Maydell
Subject:	Re: [PULL 03/19] monitor: hmp_qemu_io: acquire aio contex, fix crash
Date:	Thu, 20 May 2021 14:44:15 +0100

On Fri, 14 May 2021 at 17:45, Max Reitz <mreitz@redhat.com> wrote:
>
> From: Vladimir Sementsov-Ogievskiy <vsementsov@virtuozzo.com>

Hi; Coverity complains about this code (CID 1453194):

> diff --git a/qemu-io.c b/qemu-io.c
> index bf902302e9..57f07501df 100644
> --- a/qemu-io.c
> +++ b/qemu-io.c
> @@ -411,6 +411,19 @@ static void prep_fetchline(void *opaque)
>      *fetchable= 1;
>  }
>
> +static int do_qemuio_command(const char *cmd)
> +{
> +    int ret;
> +    AioContext *ctx =
> +        qemuio_blk ? blk_get_aio_context(qemuio_blk) : 
> qemu_get_aio_context();

Here we check whether qemuio_blk is NULL...

> +
> +    aio_context_acquire(ctx);
> +    ret = qemuio_command(qemuio_blk, cmd);

...but here we pass it to qemuio_command(), which assumes it must
be non-NULL (via calling command() which calls blk_is_available()).

Bug, or false positive ?

thanks
-- PMM

[Prev in Thread]

Current Thread

[Next in Thread]

[PULL 00/19] Block patches, Max Reitz, 2021/05/14
- [PULL 01/19] iotests/231: Update expected deprecation message, Max Reitz, 2021/05/14
- [PULL 02/19] block/rbd: Add an escape-aware strchr helper, Max Reitz, 2021/05/14
- [PULL 05/19] qemu-iotests: do not buffer the test output, Max Reitz, 2021/05/14
- [PULL 06/19] qemu-iotests: allow passing unittest.main arguments to the test scripts, Max Reitz, 2021/05/14
- [PULL 04/19] mirror: stop cancelling in-flight requests on non-force cancel in READY, Max Reitz, 2021/05/14
- [PULL 09/19] qemu-iotests: fix case of SOCK_DIR already in the environment, Max Reitz, 2021/05/14
- [PULL 08/19] qemu-iotests: let "check" spawn an arbitrary test command, Max Reitz, 2021/05/14
- [PULL 03/19] monitor: hmp_qemu_io: acquire aio contex, fix crash, Max Reitz, 2021/05/14
  - Re: [PULL 03/19] monitor: hmp_qemu_io: acquire aio contex, fix crash, Peter Maydell <=
    - Re: [PULL 03/19] monitor: hmp_qemu_io: acquire aio contex, fix crash, Max Reitz, 2021/05/20
- [PULL 07/19] qemu-iotests: move command line and environment handling from TestRunner to TestEnv, Max Reitz, 2021/05/14
- [PULL 12/19] qemu-iotests: fix pylint 2.8 consider-using-with error, Max Reitz, 2021/05/14
- [PULL 14/19] block: drop write notifiers, Max Reitz, 2021/05/14
- [PULL 10/19] Document qemu-img options data_file and data_file_raw, Max Reitz, 2021/05/14
- [PULL 13/19] block/write-threshold: don't use write notifiers, Max Reitz, 2021/05/14
- [PULL 11/19] block/copy-on-read: use bdrv_drop_filter() and drop s->active, Max Reitz, 2021/05/14
- [PULL 16/19] block/write-threshold: drop extra APIs, Max Reitz, 2021/05/14
- [PULL 15/19] test-write-threshold: rewrite test_threshold_(not_)trigger tests, Max Reitz, 2021/05/14
- [PULL 17/19] test-write-threshold: drop extra tests, Max Reitz, 2021/05/14

Prev by Date: Re: [PULL 42/46] softfloat: Move div_floats to softfloat-parts.c.inc
Next by Date: Re: [RFC PATCH v4 3/7] hw/acpi/ich9: Enable ACPI PCI hot-plug
Previous by thread: [PULL 03/19] monitor: hmp_qemu_io: acquire aio contex, fix crash
Next by thread: Re: [PULL 03/19] monitor: hmp_qemu_io: acquire aio contex, fix crash
Index(es):
- Date
- Thread