Message ID | 20181106153330.5139-1-peter.maydell@linaro.org |
---|---|
State | New |
Headers | show |
Series | [for-3.1] replay: Exit on errors reading from replay log | expand |
On 06/11/2018 16:33, Peter Maydell wrote: > Currently replay_get_byte() does not check for an error > from getc(). Coverity points out (CID 1390622) that this > could result in unexpected behaviour (such as looping > forever, if we use the replay_get_dword() return value > for a loop count). We don't expect reads from the replay > log to fail, and if they do there is no way we can > continue. So make them fatal errors. > > Signed-off-by: Peter Maydell <peter.maydell@linaro.org> > --- > Disclaimer: checked only with "make check". > > replay/replay-internal.c | 16 +++++++++++++--- > 1 file changed, 13 insertions(+), 3 deletions(-) > > diff --git a/replay/replay-internal.c b/replay/replay-internal.c > index 1cea1d4dc91..8f87e9b957e 100644 > --- a/replay/replay-internal.c > +++ b/replay/replay-internal.c > @@ -35,6 +35,12 @@ static void replay_write_error(void) > } > } > > +static void replay_read_error(void) > +{ > + error_report("error reading the replay data"); > + exit(1); > +} > + > void replay_put_byte(uint8_t byte) > { > if (replay_file) { > @@ -83,7 +89,11 @@ uint8_t replay_get_byte(void) > { > uint8_t byte = 0; > if (replay_file) { > - byte = getc(replay_file); > + int r = getc(replay_file); > + if (r == EOF) { > + replay_read_error(); > + } > + byte = r; > } > return byte; > } > @@ -126,7 +136,7 @@ void replay_get_array(uint8_t *buf, size_t *size) > if (replay_file) { > *size = replay_get_dword(); > if (fread(buf, 1, *size, replay_file) != *size) { > - error_report("replay read error"); > + replay_read_error(); > } > } > } > @@ -137,7 +147,7 @@ void replay_get_array_alloc(uint8_t **buf, size_t *size) > *size = replay_get_dword(); > *buf = g_malloc(*size); > if (fread(*buf, 1, *size, replay_file) != *size) { > - error_report("replay read error"); > + replay_read_error(); > } > } > } > Makes sense, can you apply it directly to qemu.git as soon as Pavel reviews it (or in some time if he doesn't)? Thanks, Paolo
> From: Peter Maydell [mailto:peter.maydell@linaro.org] > Currently replay_get_byte() does not check for an error > from getc(). Coverity points out (CID 1390622) that this > could result in unexpected behaviour (such as looping > forever, if we use the replay_get_dword() return value > for a loop count). We don't expect reads from the replay > log to fail, and if they do there is no way we can > continue. So make them fatal errors. > > Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Reviewed-by: Pavel Dovgalyuk <pavel.dovgaluk@ispras.ru> > --- > Disclaimer: checked only with "make check". > > replay/replay-internal.c | 16 +++++++++++++--- > 1 file changed, 13 insertions(+), 3 deletions(-) > > diff --git a/replay/replay-internal.c b/replay/replay-internal.c > index 1cea1d4dc91..8f87e9b957e 100644 > --- a/replay/replay-internal.c > +++ b/replay/replay-internal.c > @@ -35,6 +35,12 @@ static void replay_write_error(void) > } > } > > +static void replay_read_error(void) > +{ > + error_report("error reading the replay data"); > + exit(1); > +} > + > void replay_put_byte(uint8_t byte) > { > if (replay_file) { > @@ -83,7 +89,11 @@ uint8_t replay_get_byte(void) > { > uint8_t byte = 0; > if (replay_file) { > - byte = getc(replay_file); > + int r = getc(replay_file); > + if (r == EOF) { > + replay_read_error(); > + } > + byte = r; > } > return byte; > } > @@ -126,7 +136,7 @@ void replay_get_array(uint8_t *buf, size_t *size) > if (replay_file) { > *size = replay_get_dword(); > if (fread(buf, 1, *size, replay_file) != *size) { > - error_report("replay read error"); > + replay_read_error(); > } > } > } > @@ -137,7 +147,7 @@ void replay_get_array_alloc(uint8_t **buf, size_t *size) > *size = replay_get_dword(); > *buf = g_malloc(*size); > if (fread(*buf, 1, *size, replay_file) != *size) { > - error_report("replay read error"); > + replay_read_error(); > } > } > } > -- > 2.19.1 Pavel Dovgalyuk
On 6 November 2018 at 22:19, Paolo Bonzini <pbonzini@redhat.com> wrote: > On 06/11/2018 16:33, Peter Maydell wrote: >> Currently replay_get_byte() does not check for an error >> from getc(). Coverity points out (CID 1390622) that this >> could result in unexpected behaviour (such as looping >> forever, if we use the replay_get_dword() return value >> for a loop count). We don't expect reads from the replay >> log to fail, and if they do there is no way we can >> continue. So make them fatal errors. >> >> Signed-off-by: Peter Maydell <peter.maydell@linaro.org> >> --- > Makes sense, can you apply it directly to qemu.git as soon as Pavel > reviews it (or in some time if he doesn't)? Applied to master, thanks. -- PMM
diff --git a/replay/replay-internal.c b/replay/replay-internal.c index 1cea1d4dc91..8f87e9b957e 100644 --- a/replay/replay-internal.c +++ b/replay/replay-internal.c @@ -35,6 +35,12 @@ static void replay_write_error(void) } } +static void replay_read_error(void) +{ + error_report("error reading the replay data"); + exit(1); +} + void replay_put_byte(uint8_t byte) { if (replay_file) { @@ -83,7 +89,11 @@ uint8_t replay_get_byte(void) { uint8_t byte = 0; if (replay_file) { - byte = getc(replay_file); + int r = getc(replay_file); + if (r == EOF) { + replay_read_error(); + } + byte = r; } return byte; } @@ -126,7 +136,7 @@ void replay_get_array(uint8_t *buf, size_t *size) if (replay_file) { *size = replay_get_dword(); if (fread(buf, 1, *size, replay_file) != *size) { - error_report("replay read error"); + replay_read_error(); } } } @@ -137,7 +147,7 @@ void replay_get_array_alloc(uint8_t **buf, size_t *size) *size = replay_get_dword(); *buf = g_malloc(*size); if (fread(*buf, 1, *size, replay_file) != *size) { - error_report("replay read error"); + replay_read_error(); } } }
Currently replay_get_byte() does not check for an error from getc(). Coverity points out (CID 1390622) that this could result in unexpected behaviour (such as looping forever, if we use the replay_get_dword() return value for a loop count). We don't expect reads from the replay log to fail, and if they do there is no way we can continue. So make them fatal errors. Signed-off-by: Peter Maydell <peter.maydell@linaro.org> --- Disclaimer: checked only with "make check". replay/replay-internal.c | 16 +++++++++++++--- 1 file changed, 13 insertions(+), 3 deletions(-)