[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Qemu-devel] [PULL v3 00/38] QAPI patches for 2018-03-12, 2.12 softf
|
From: |
Eric Blake |
|
Subject: |
Re: [Qemu-devel] [PULL v3 00/38] QAPI patches for 2018-03-12, 2.12 softfreeze |
|
Date: |
Mon, 19 Mar 2018 14:01:01 -0500 |
|
User-agent: |
Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Thunderbird/52.6.0 |
On 03/19/2018 01:43 PM, Peter Maydell wrote:
On 19 March 2018 at 16:41, Eric Blake <address@hidden> wrote:
The following changes since commit 2c8cfc0b52b5a4d123c26c0b5fdf941be24805be:
Merge remote-tracking branch 'remotes/kevin/tags/for-upstream' into staging
(2018-03-19 11:44:26 +0000)
are available in the Git repository at:
git://repo.or.cz/qemu/ericb.git tags/pull-qapi-2018-03-12-v3
for you to fetch changes up to ebf1105a7086897da6963edefdb247c80f605424:
qapi: Pass '-u' when doing non-silent diff (2018-03-19 11:32:36 -0500)
in v3:
rebase to master (a few more qobject_to_qdict() uses crept in)
squash in Peter Xu's fixup for test failures
[if tests still fail, then I will send a v4 without OOB from 2.12]
sending only the patches that changed from v2
The assert seems to have gone away,
Progress! Peter's OOB patches are working; your ubsan errors are from a
different part of the series.
but I get over 10,000 new
clang sanitizer runtime errors like
/visitor/input/large_number: OK
/visitor/input/number_keyval: OK
/visitor/input/number_str_keyval: OK
/visitor/input/number_str_fail:
/home/petmay01/linaro/qemu-for-merges/qapi/qobject-input-visitor.c:550:12:
runtime error: member access within null pointer of type 'QNum' (aka
'struct QNum')
OK
Here's some backtraces for some of those:
/visitor/input/int_keyval:
/home/petmay01/linaro/qemu-for-merges/qapi/qobject-input-visitor.c:188:12:
runtime error: member access within null pointer of type 'QString'
(aka 'struct QString')
#0 0x56375e642549 in qobject_input_get_keyval
/home/petmay01/linaro/qemu-for-merges/qapi/qobject-input-visitor.c:188:12
#1 0x56375e63f76b in qobject_input_type_int64_keyval
/home/petmay01/linaro/qemu-for-merges/qapi/qobject-input-visitor.c:409:23
#2 0x56375e63c13d in visit_type_int
/home/petmay01/linaro/qemu-for-merges/qapi/qapi-visit-core.c:150:5
Max, this is the qobject_to() macro that is making ubsan gripe :(
qstr = qobject_to(QString, qobj);
which partially expands to
qstr = container_of(qobject_check_type(qobj,
QTYPE_CAST_TO_QString)) ?: QOBJECT((QString *)NULL), QString, base);
I'm guessing that container_of(NULL, type, base) is what ubsan is
griping at? Can we rewrite qobject_to() to only call container_of() if
qobject_check_type() returns non-NULL?
--
Eric Blake, Principal Software Engineer
Red Hat, Inc. +1-919-301-3266
Virtualization: qemu.org | libvirt.org
- [Qemu-devel] [PULL v3 00/38] QAPI patches for 2018-03-12, 2.12 softfreeze, Eric Blake, 2018/03/19
- [Qemu-devel] [PULL v3 21/38] monitor: allow using IO thread for parsing, Eric Blake, 2018/03/19
- [Qemu-devel] [PULL v3 07/38] qapi: Replace qobject_to_X(o) by qobject_to(X, o), Eric Blake, 2018/03/19
- Re: [Qemu-devel] [PULL v3 00/38] QAPI patches for 2018-03-12, 2.12 softfreeze, Peter Maydell, 2018/03/19
- Re: [Qemu-devel] [PULL v3 00/38] QAPI patches for 2018-03-12, 2.12 softfreeze,
Eric Blake <=