[4/6] spapr: sanitize error handling in spapr_ics_create()

Message ID	149484838558.20089.5029926585755792842.stgit@bahia.lan
State	New
Headers	show Return-Path: <qemu-devel-bounces+incoming=patchwork.ozlabs.org@nongnu.org> sender: groug@kaod.org) by player699.ha.ovh.net (Postfix) with ESMTPA id C5F96240076; Mon, 15 May 2017 13:39:45 +0200 (CEST) From: Greg Kurz <groug@kaod.org> To: qemu-ppc@nongnu.org, qemu-devel@nongnu.org Date: Mon, 15 May 2017 13:39:45 +0200 Message-ID: <149484838558.20089.5029926585755792842.stgit@bahia.lan> In-Reply-To: <149484833874.20089.4164801378197848306.stgit@bahia.lan> References: <149484833874.20089.4164801378197848306.stgit@bahia.lan> User-Agent: StGit/0.17.1-20-gc0b1b-dirty MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: 7bit Subject: [Qemu-devel] [PATCH 4/6] spapr: sanitize error handling in spapr_ics_create() Precedence: list Cc: David Gibson <david@gibson.dropbear.id.au>, Cedric Le Goater <clg@kaod.org>, Bharata B Rao <bharata@linux.vnet.ibm.com> Errors-To: qemu-devel-bounces+incoming=patchwork.ozlabs.org@nongnu.org Sender: "Qemu-devel" <qemu-devel-bounces+incoming=patchwork.ozlabs.org@nongnu.org>

Message ID

149484838558.20089.5029926585755792842.stgit@bahia.lan

State

New

Headers

From: Greg Kurz <groug@kaod.org>
To: qemu-ppc@nongnu.org, qemu-devel@nongnu.org
Date: Mon, 15 May 2017 13:39:45 +0200
Message-ID: <149484838558.20089.5029926585755792842.stgit@bahia.lan>
In-Reply-To: <149484833874.20089.4164801378197848306.stgit@bahia.lan>
References: <149484833874.20089.4164801378197848306.stgit@bahia.lan>
User-Agent: StGit/0.17.1-20-gc0b1b-dirty
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 7bit
Subject: [Qemu-devel] [PATCH 4/6] spapr: sanitize error handling in
	spapr_ics_create()
Precedence: list
Cc: David Gibson <david@gibson.dropbear.id.au>,
	Cedric Le Goater <clg@kaod.org>, 
	Bharata B Rao <bharata@linux.vnet.ibm.com>
Errors-To: qemu-devel-bounces+incoming=patchwork.ozlabs.org@nongnu.org
Sender: "Qemu-devel"
	<qemu-devel-bounces+incoming=patchwork.ozlabs.org@nongnu.org>

Commit Message

Greg Kurz May 15, 2017, 11:39 a.m. UTC

The spapr_ics_create() function handles errors in a rather convoluted
way, with two local Error * variables. Moreover, failing to parent the
ICS object to the machine should be considered as a bug but it is
currently ignored.

This patch addresses both issues.

Signed-off-by: Greg Kurz <groug@kaod.org>
---
 hw/ppc/spapr.c |   19 ++++++++++++-------
 1 file changed, 12 insertions(+), 7 deletions(-)

Comments

Cédric Le Goater May 15, 2017, 11:59 a.m. UTC | #1

On 05/15/2017 01:39 PM, Greg Kurz wrote:
> The spapr_ics_create() function handles errors in a rather convoluted
> way, with two local Error * variables. Moreover, failing to parent the
> ICS object to the machine should be considered as a bug but it is
> currently ignored.

I am not sure what should be done for object_property_add_child()
errors but QEMU generally uses NULL for 'Error **'. It might be 
wrong though.

As for the local error handling, it is following what is described in 
qapi/error.h. Isn't it ?

Cheers,

C. 

 
> This patch addresses both issues.
> 
> Signed-off-by: Greg Kurz <groug@kaod.org>
> ---
>  hw/ppc/spapr.c |   19 ++++++++++++-------
>  1 file changed, 12 insertions(+), 7 deletions(-)
> 
> diff --git a/hw/ppc/spapr.c b/hw/ppc/spapr.c
> index 44f7dc7f40e9..c53989bb10b1 100644
> --- a/hw/ppc/spapr.c
> +++ b/hw/ppc/spapr.c
> @@ -101,21 +101,26 @@ static ICSState *spapr_ics_create(sPAPRMachineState *spapr,
>                                    const char *type_ics,
>                                    int nr_irqs, Error **errp)
>  {
> -    Error *err = NULL, *local_err = NULL;
> +    Error *local_err = NULL;
>      Object *obj;
>  
>      obj = object_new(type_ics);
> -    object_property_add_child(OBJECT(spapr), "ics", obj, NULL);
> +    object_property_add_child(OBJECT(spapr), "ics", obj, &error_abort);
>      object_property_add_const_link(obj, "xics", OBJECT(spapr), &error_abort);
> -    object_property_set_int(obj, nr_irqs, "nr-irqs", &err);
> +    object_property_set_int(obj, nr_irqs, "nr-irqs", &local_err);
> +    if (local_err) {
> +        goto error;
> +    }
>      object_property_set_bool(obj, true, "realized", &local_err);
> -    error_propagate(&err, local_err);
> -    if (err) {
> -        error_propagate(errp, err);
> -        return NULL;
> +    if (local_err) {
> +        goto error;
>      }
>  
>      return ICS_SIMPLE(obj);
> +
> +error:
> +    error_propagate(errp, local_err);
> +    return NULL;
>  }
>  
>  static void xics_system_init(MachineState *machine, int nr_irqs, Error **errp)
>

Greg Kurz May 15, 2017, 12:06 p.m. UTC | #2

On Mon, 15 May 2017 13:59:33 +0200
Cédric Le Goater <clg@kaod.org> wrote:

> On 05/15/2017 01:39 PM, Greg Kurz wrote:
> > The spapr_ics_create() function handles errors in a rather convoluted
> > way, with two local Error * variables. Moreover, failing to parent the
> > ICS object to the machine should be considered as a bug but it is
> > currently ignored.  
> 
> I am not sure what should be done for object_property_add_child()
> errors but QEMU generally uses NULL for 'Error **'. It might be 
> wrong though.
> 
> As for the local error handling, it is following what is described in 
> qapi/error.h. Isn't it ?
> 

Yes, it does follow the "Receive and accumulate multiple errors" recommandation,
but does it make sense to realize the ICS object if we failed to set nr-irqs ?

> Cheers,
> 
> C. 
> 
>  
> > This patch addresses both issues.
> > 
> > Signed-off-by: Greg Kurz <groug@kaod.org>
> > ---
> >  hw/ppc/spapr.c |   19 ++++++++++++-------
> >  1 file changed, 12 insertions(+), 7 deletions(-)
> > 
> > diff --git a/hw/ppc/spapr.c b/hw/ppc/spapr.c
> > index 44f7dc7f40e9..c53989bb10b1 100644
> > --- a/hw/ppc/spapr.c
> > +++ b/hw/ppc/spapr.c
> > @@ -101,21 +101,26 @@ static ICSState *spapr_ics_create(sPAPRMachineState *spapr,
> >                                    const char *type_ics,
> >                                    int nr_irqs, Error **errp)
> >  {
> > -    Error *err = NULL, *local_err = NULL;
> > +    Error *local_err = NULL;
> >      Object *obj;
> >  
> >      obj = object_new(type_ics);
> > -    object_property_add_child(OBJECT(spapr), "ics", obj, NULL);
> > +    object_property_add_child(OBJECT(spapr), "ics", obj, &error_abort);
> >      object_property_add_const_link(obj, "xics", OBJECT(spapr), &error_abort);
> > -    object_property_set_int(obj, nr_irqs, "nr-irqs", &err);
> > +    object_property_set_int(obj, nr_irqs, "nr-irqs", &local_err);
> > +    if (local_err) {
> > +        goto error;
> > +    }
> >      object_property_set_bool(obj, true, "realized", &local_err);
> > -    error_propagate(&err, local_err);
> > -    if (err) {
> > -        error_propagate(errp, err);
> > -        return NULL;
> > +    if (local_err) {
> > +        goto error;
> >      }
> >  
> >      return ICS_SIMPLE(obj);
> > +
> > +error:
> > +    error_propagate(errp, local_err);
> > +    return NULL;
> >  }
> >  
> >  static void xics_system_init(MachineState *machine, int nr_irqs, Error **errp)
> >   
>

David Gibson May 16, 2017, 4:39 a.m. UTC | #3

On Mon, May 15, 2017 at 02:06:18PM +0200, Greg Kurz wrote:
> On Mon, 15 May 2017 13:59:33 +0200
> Cédric Le Goater <clg@kaod.org> wrote:
> 
> > On 05/15/2017 01:39 PM, Greg Kurz wrote:
> > > The spapr_ics_create() function handles errors in a rather convoluted
> > > way, with two local Error * variables. Moreover, failing to parent the
> > > ICS object to the machine should be considered as a bug but it is
> > > currently ignored.  
> > 
> > I am not sure what should be done for object_property_add_child()
> > errors but QEMU generally uses NULL for 'Error **'. It might be 
> > wrong though.
> > 
> > As for the local error handling, it is following what is described in 
> > qapi/error.h. Isn't it ?
> > 
> 
> Yes, it does follow the "Receive and accumulate multiple errors" recommandation,
> but does it make sense to realize the ICS object if we failed to set
> nr-irqs ?

Nor is it necessary to have two different local error variables.

David Gibson May 16, 2017, 4:39 a.m. UTC | #4

On Mon, May 15, 2017 at 01:39:45PM +0200, Greg Kurz wrote:
> The spapr_ics_create() function handles errors in a rather convoluted
> way, with two local Error * variables. Moreover, failing to parent the
> ICS object to the machine should be considered as a bug but it is
> currently ignored.
> 
> This patch addresses both issues.
> 
> Signed-off-by: Greg Kurz <groug@kaod.org>

Applied to ppc-for-2.10

> ---
>  hw/ppc/spapr.c |   19 ++++++++++++-------
>  1 file changed, 12 insertions(+), 7 deletions(-)
> 
> diff --git a/hw/ppc/spapr.c b/hw/ppc/spapr.c
> index 44f7dc7f40e9..c53989bb10b1 100644
> --- a/hw/ppc/spapr.c
> +++ b/hw/ppc/spapr.c
> @@ -101,21 +101,26 @@ static ICSState *spapr_ics_create(sPAPRMachineState *spapr,
>                                    const char *type_ics,
>                                    int nr_irqs, Error **errp)
>  {
> -    Error *err = NULL, *local_err = NULL;
> +    Error *local_err = NULL;
>      Object *obj;
>  
>      obj = object_new(type_ics);
> -    object_property_add_child(OBJECT(spapr), "ics", obj, NULL);
> +    object_property_add_child(OBJECT(spapr), "ics", obj, &error_abort);
>      object_property_add_const_link(obj, "xics", OBJECT(spapr), &error_abort);
> -    object_property_set_int(obj, nr_irqs, "nr-irqs", &err);
> +    object_property_set_int(obj, nr_irqs, "nr-irqs", &local_err);
> +    if (local_err) {
> +        goto error;
> +    }
>      object_property_set_bool(obj, true, "realized", &local_err);
> -    error_propagate(&err, local_err);
> -    if (err) {
> -        error_propagate(errp, err);
> -        return NULL;
> +    if (local_err) {
> +        goto error;
>      }
>  
>      return ICS_SIMPLE(obj);
> +
> +error:
> +    error_propagate(errp, local_err);
> +    return NULL;
>  }
>  
>  static void xics_system_init(MachineState *machine, int nr_irqs, Error **errp)
>

diff --git a/hw/ppc/spapr.c b/hw/ppc/spapr.c
index 44f7dc7f40e9..c53989bb10b1 100644
--- a/hw/ppc/spapr.c
+++ b/hw/ppc/spapr.c
@@ -101,21 +101,26 @@  static ICSState *spapr_ics_create(sPAPRMachineState *spapr,
                                   const char *type_ics,
                                   int nr_irqs, Error **errp)
 {
-    Error *err = NULL, *local_err = NULL;
+    Error *local_err = NULL;
     Object *obj;
 
     obj = object_new(type_ics);
-    object_property_add_child(OBJECT(spapr), "ics", obj, NULL);
+    object_property_add_child(OBJECT(spapr), "ics", obj, &error_abort);
     object_property_add_const_link(obj, "xics", OBJECT(spapr), &error_abort);
-    object_property_set_int(obj, nr_irqs, "nr-irqs", &err);
+    object_property_set_int(obj, nr_irqs, "nr-irqs", &local_err);
+    if (local_err) {
+        goto error;
+    }
     object_property_set_bool(obj, true, "realized", &local_err);
-    error_propagate(&err, local_err);
-    if (err) {
-        error_propagate(errp, err);
-        return NULL;
+    if (local_err) {
+        goto error;
     }
 
     return ICS_SIMPLE(obj);
+
+error:
+    error_propagate(errp, local_err);
+    return NULL;
 }
 
 static void xics_system_init(MachineState *machine, int nr_irqs, Error **errp)

[4/6] spapr: sanitize error handling in spapr_ics_create()

Commit Message

Comments

Patch