Merge tag 'fixes-pull-request' of gitlab.com:marcandre.lureau/qemu into staging

Fixes and cleanups for 7.0

Hi,

A collection of fixes & cleanup patches that should be safe for 7.0 inclusion.

# gpg

Merge tag 'fixes-pull-request' of gitlab.com:marcandre.lureau/qemu into staging

Fixes and cleanups for 7.0

Hi,

A collection of fixes & cleanup patches that should be safe for 7.0 inclusion.

# gpg: Signature made Tue 22 Mar 2022 12:11:30 GMT
# gpg: using RSA key 87A9BD933F87C606D276F62DDAE8E10975969CE5
# gpg: issuer "marcandre.lureau@redhat.com"
# gpg: Good signature from "Marc-André Lureau <marcandre.lureau@redhat.com>" [full]
# gpg: aka "Marc-André Lureau <marcandre.lureau@gmail.com>" [full]
# Primary key fingerprint: 87A9 BD93 3F87 C606 D276 F62D DAE8 E109 7596 9CE5

* tag 'fixes-pull-request' of gitlab.com:marcandre.lureau/qemu: (21 commits)
qapi: remove needless include
Remove trailing ; after G_DEFINE_AUTO macro
tests: remove needless include
error: use GLib to remember the program name
qga: remove bswap.h include
qapi: remove needless include
meson: fix CONFIG_ATOMIC128 check
meson: move int128 checks from configure
qapi: remove needless include
util: remove the net/net.h dependency
util: remove needless includes
scripts/modinfo-collect: remove unused/dead code
Move HOST_LONG_BITS to compiler.h
Simplify HOST_LONG_BITS
compiler.h: replace QEMU_SENTINEL with G_GNUC_NULL_TERMINATED
compiler.h: replace QEMU_WARN_UNUSED_RESULT with G_GNUC_WARN_UNUSED_RESULT
Replace GCC_FMT_ATTR with G_GNUC_PRINTF
Drop qemu_foo() socket API wrapper
m68k/nios2-semi: fix gettimeofday() result check
vl: typo fix in a comment
...

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>

show more ...

Replace GCC_FMT_ATTR with G_GNUC_PRINTF

One less qemu-specific macro. It also helps to make some headers/units
only depend on glib, and thus moved in standalone projects eventually.

Signed-off-by:

Replace GCC_FMT_ATTR with G_GNUC_PRINTF

One less qemu-specific macro. It also helps to make some headers/units
only depend on glib, and thus moved in standalone projects eventually.

Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Reviewed-by: Richard W.M. Jones <rjones@redhat.com>

show more ...

Merge remote-tracking branch 'remotes/armbru/tags/pull-qmp-2021-02-04' into staging

QMP patches patches for 2021-02-04

# gpg: Signature made Thu 04 Feb 2021 12:21:47 GMT
# gpg: using

Merge remote-tracking branch 'remotes/armbru/tags/pull-qmp-2021-02-04' into staging

QMP patches patches for 2021-02-04

# gpg: Signature made Thu 04 Feb 2021 12:21:47 GMT
# gpg: using RSA key 354BC8B3D7EB2A6B68674E5F3870B400EB918653
# gpg: issuer "armbru@redhat.com"
# gpg: Good signature from "Markus Armbruster <armbru@redhat.com>" [full]
# gpg: aka "Markus Armbruster <armbru@pond.sub.org>" [full]
# Primary key fingerprint: 354B C8B3 D7EB 2A6B 6867 4E5F 3870 B400 EB91 8653

* remotes/armbru/tags/pull-qmp-2021-02-04:
qmp: Resume OOB-enabled monitor before processing the request
qmp: Add more tracepoints
qmp: Fix up comments after commit 9ce44e2ce2
docs/interop/qmp-spec: Document the request queue limit
qobject: braces {} are necessary for all arms of this statement
qobject: spaces required around that operators
qobject: code indent should never use tabs
qobject: open brace '{' following struct go on the same line
monitor/qmp-cmds.c: Don't include ui/vnc.h

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>

show more ...

qobject: open brace '{' following struct go on the same line

Put open brace '{' on the same line of struct.

Signed-off-by: Zhang Han <zhanghan64@huawei.com>
Message-Id: <20201228071129.24563-2-zhan

qobject: open brace '{' following struct go on the same line

Put open brace '{' on the same line of struct.

Signed-off-by: Zhang Han <zhanghan64@huawei.com>
Message-Id: <20201228071129.24563-2-zhanghan64@huawei.com>
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Reviewed-by: Markus Armbruster <armbru@redhat.com>
Signed-off-by: Markus Armbruster <armbru@redhat.com>

show more ...

Merge remote-tracking branch 'remotes/armbru/tags/pull-qapi-2020-12-19' into staging

QAPI patches patches for 2020-12-19

# gpg: Signature made Sat 19 Dec 2020 09:40:05 GMT
# gpg: usi

Merge remote-tracking branch 'remotes/armbru/tags/pull-qapi-2020-12-19' into staging

QAPI patches patches for 2020-12-19

# gpg: Signature made Sat 19 Dec 2020 09:40:05 GMT
# gpg: using RSA key 354BC8B3D7EB2A6B68674E5F3870B400EB918653
# gpg: issuer "armbru@redhat.com"
# gpg: Good signature from "Markus Armbruster <armbru@redhat.com>" [full]
# gpg: aka "Markus Armbruster <armbru@pond.sub.org>" [full]
# Primary key fingerprint: 354B C8B3 D7EB 2A6B 6867 4E5F 3870 B400 EB91 8653

* remotes/armbru/tags/pull-qapi-2020-12-19: (33 commits)
qobject: Make QString immutable
block: Use GString instead of QString to build filenames
keyval: Use GString to accumulate value strings
json: Use GString instead of QString to accumulate strings
migration: Replace migration's JSON writer by the general one
qobject: Factor JSON writer out of qobject_to_json()
qobject: Factor quoted_str() out of to_json()
qobject: Drop qstring_get_try_str()
qobject: Drop qobject_get_try_str()
Revert "qobject: let object_property_get_str() use new API"
block: Avoid qobject_get_try_str()
qmp: Fix tracing of non-string command IDs
qobject: Move internals to qobject-internal.h
hw/rdma: Replace QList by GQueue
Revert "qstring: add qstring_free()"
qobject: Change qobject_to_json()'s value to GString
qobject: Use GString instead of QString to accumulate JSON
qobject: Make qobject_to_json_pretty() take a pretty argument
monitor: Use GString instead of QString for output buffer
hmp: Simplify how qmp_human_monitor_command() gets output
...

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>

show more ...

json: Use GString instead of QString to accumulate strings

QString supports modifying its string, but it's quite limited: you can
only append. The remaining callers use it for building an initial
s

json: Use GString instead of QString to accumulate strings

QString supports modifying its string, but it's quite limited: you can
only append. The remaining callers use it for building an initial
string, never for modifying it later.

Change parse_string() to do build the initial string with GString.
This is another step towards making QString immutable.

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Message-Id: <20201211171152.146877-18-armbru@redhat.com>

show more ...

Merge remote-tracking branch 'remotes/armbru/tags/pull-qobject-2020-11-17' into staging

QObject patches patches for 2020-11-17

# gpg: Signature made Tue 17 Nov 2020 14:41:06 GMT
# gpg:

Merge remote-tracking branch 'remotes/armbru/tags/pull-qobject-2020-11-17' into staging

QObject patches patches for 2020-11-17

# gpg: Signature made Tue 17 Nov 2020 14:41:06 GMT
# gpg: using RSA key 354BC8B3D7EB2A6B68674E5F3870B400EB918653
# gpg: issuer "armbru@redhat.com"
# gpg: Good signature from "Markus Armbruster <armbru@redhat.com>" [full]
# gpg: aka "Markus Armbruster <armbru@pond.sub.org>" [full]
# Primary key fingerprint: 354B C8B3 D7EB 2A6B 6867 4E5F 3870 B400 EB91 8653

* remotes/armbru/tags/pull-qobject-2020-11-17:
json: Fix a memleak in parse_pair()

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>

show more ...

json: Fix a memleak in parse_pair()

In qobject_type(), NULL is returned when the 'QObject' returned from parse_value() is not of QString type,
and this 'QObject' memory will leaked.
So we need to fi

json: Fix a memleak in parse_pair()

In qobject_type(), NULL is returned when the 'QObject' returned from parse_value() is not of QString type,
and this 'QObject' memory will leaked.
So we need to first cache the 'QObject' returned from parse_value(), and finally
free 'QObject' memory at the end of the function.
Also, we add a testcast about invalid dict key.

The memleak stack is as follows:
Direct leak of 32 byte(s) in 1 object(s) allocated from:
#0 0xfffe4b3c34fb in __interceptor_malloc (/lib64/libasan.so.4+0xd34fb)
#1 0xfffe4ae48aa3 in g_malloc (/lib64/libglib-2.0.so.0+0x58aa3)
#2 0xaaab3557d9f7 in qnum_from_int qemu/qobject/qnum.c:25
#3 0xaaab35584d23 in parse_literal qemu/qobject/json-parser.c:511
#4 0xaaab35584d23 in parse_value qemu/qobject/json-parser.c:554
#5 0xaaab35583d77 in parse_pair qemu/qobject/json-parser.c:270
#6 0xaaab355845db in parse_object qemu/qobject/json-parser.c:327
#7 0xaaab355845db in parse_value qemu/qobject/json-parser.c:546
#8 0xaaab35585b1b in json_parser_parse qemu/qobject/json-parser.c:580
#9 0xaaab35583703 in json_message_process_token qemu/qobject/json-streamer.c:92
#10 0xaaab355ddccf in json_lexer_feed_char qemu/qobject/json-lexer.c:313
#11 0xaaab355de0eb in json_lexer_feed qemu/qobject/json-lexer.c:350
#12 0xaaab354aff67 in tcp_chr_read qemu/chardev/char-socket.c:525
#13 0xfffe4ae429db in g_main_context_dispatch (/lib64/libglib-2.0.so.0+0x529db)
#14 0xfffe4ae42d8f (/lib64/libglib-2.0.so.0+0x52d8f)
#15 0xfffe4ae430df in g_main_loop_run (/lib64/libglib-2.0.so.0+0x530df)
#16 0xaaab34d70bff in iothread_run qemu/iothread.c:82
#17 0xaaab3559d71b in qemu_thread_start qemu/util/qemu-thread-posix.c:519

Fixes: 532fb5328473 ("qapi: Make more of qobject_to()")
Reported-by: Euler Robot <euler.robot@huawei.com>
Signed-off-by: Alex Chen <alex.chen@huawei.com>
Signed-off-by: Chen Qun <kuhn.chenqun@huawei.com>
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Message-Id: <20201113145525.85151-1-alex.chen@huawei.com>
[Commit message tweaked]

show more ...

Merge remote-tracking branch 'remotes/vivier2/tags/trivial-branch-pull-request' into staging

Various trivial fixes

# gpg: Signature made Wed 21 Aug 2019 12:19:11 BST
# gpg: using RSA

Merge remote-tracking branch 'remotes/vivier2/tags/trivial-branch-pull-request' into staging

Various trivial fixes

# gpg: Signature made Wed 21 Aug 2019 12:19:11 BST
# gpg: using RSA key CD2F75DDC8E3A4DC2E4F5173F30C38BD3F2FBE3C
# gpg: issuer "laurent@vivier.eu"
# gpg: Good signature from "Laurent Vivier <lvivier@redhat.com>" [full]
# gpg: aka "Laurent Vivier <laurent@vivier.eu>" [full]
# gpg: aka "Laurent Vivier (Red Hat) <lvivier@redhat.com>" [full]
# Primary key fingerprint: CD2F 75DD C8E3 A4DC 2E4F 5173 F30C 38BD 3F2F BE3C

* remotes/vivier2/tags/trivial-branch-pull-request:
hw/display: Compile various display devices as common object
hw/display/sm501: Remove unused include
spapr_events: Rewrite a fall through comment
vl: Rewrite a fall through comment
target/ppc: Rewrite a fall through comment
hw/ipmi: Rewrite a fall through comment
hw/dma/omap_dma: Move switch 'fall through' comment to correct place
json: Move switch 'fall through' comment to correct place
hw/net/e1000: Fix erroneous comment
.gitignore: ignore some vhost-user* related files
configure: fix sdl detection using sdl2-config
configure: remove obsoleted $sparc_cpu variable
misc: fix naming scheme of compatiblity arrays
test: Use g_strndup instead of plain strndup

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>

show more ...

json: Move switch 'fall through' comment to correct place

Reported by GCC9 when building with CFLAG -Wimplicit-fallthrough=2:

qobject/json-parser.c: In function ‘parse_literal’:
qobject/json-pa

json: Move switch 'fall through' comment to correct place

Reported by GCC9 when building with CFLAG -Wimplicit-fallthrough=2:

qobject/json-parser.c: In function ‘parse_literal’:
qobject/json-parser.c:492:24: error: this statement may fall through [-Werror=implicit-fallthrough=]
492 | case JSON_INTEGER: {
| ^
qobject/json-parser.c:524:5: note: here
524 | case JSON_FLOAT:
| ^~~~

Correctly place the 'fall through' comment.

Reported-by: Stefan Weil <sw@weilnetz.de>
Signed-off-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Message-Id: <20190719131425.10835-2-philmd@redhat.com>
Signed-off-by: Laurent Vivier <laurent@vivier.eu>

show more ...

Merge remote-tracking branch 'remotes/armbru/tags/pull-misc-2019-06-11-v3' into staging

Miscellaneous patches for 2019-06-11

# gpg: Signature made Wed 12 Jun 2019 12:20:41 BST
# gpg:

Merge remote-tracking branch 'remotes/armbru/tags/pull-misc-2019-06-11-v3' into staging

Miscellaneous patches for 2019-06-11

# gpg: Signature made Wed 12 Jun 2019 12:20:41 BST
# gpg: using RSA key 354BC8B3D7EB2A6B68674E5F3870B400EB918653
# gpg: issuer "armbru@redhat.com"
# gpg: Good signature from "Markus Armbruster <armbru@redhat.com>" [full]
# gpg: aka "Markus Armbruster <armbru@pond.sub.org>" [full]
# Primary key fingerprint: 354B C8B3 D7EB 2A6B 6867 4E5F 3870 B400 EB91 8653

* remotes/armbru/tags/pull-misc-2019-06-11-v3:
MAINTAINERS: Polish headline decorations
MAINTAINERS: Improve section headlines
MAINTAINERS: Remove duplicate entries of qemu-devel@nongnu.org
Clean up a header guard symbols (again)
Supply missing header guards
Clean up a few header guard symbols
scripts/clean-header-guards: Fix handling of trailing comments
Normalize position of header guard
Include qemu-common.h exactly where needed
Include qemu/module.h where needed, drop it from qemu-common.h
qemu-common: Move qemu_isalnum() etc. to qemu/ctype.h
qemu-common: Move tcg_enabled() etc. to sysemu/tcg.h

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>

show more ...

qemu-common: Move qemu_isalnum() etc. to qemu/ctype.h

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Message-Id: <20190523143508.25387-3-armbru@redhat.com>
Reviewed-by: Richard Henderson <rich

qemu-common: Move qemu_isalnum() etc. to qemu/ctype.h

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Message-Id: <20190523143508.25387-3-armbru@redhat.com>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>

show more ...

Merge remote-tracking branch 'remotes/armbru/tags/pull-qapi-2019-01-24' into staging

QAPI patches for 2019-01-24

# gpg: Signature made Thu 24 Jan 2019 14:25:19 GMT
# gpg: using RSA k

Merge remote-tracking branch 'remotes/armbru/tags/pull-qapi-2019-01-24' into staging

QAPI patches for 2019-01-24

# gpg: Signature made Thu 24 Jan 2019 14:25:19 GMT
# gpg: using RSA key 3870B400EB918653
# gpg: Good signature from "Markus Armbruster <armbru@redhat.com>"
# gpg: aka "Markus Armbruster <armbru@pond.sub.org>"
# Primary key fingerprint: 354B C8B3 D7EB 2A6B 6867 4E5F 3870 B400 EB91 8653

* remotes/armbru/tags/pull-qapi-2019-01-24:
json: Fix % handling when not interpolating
qmp: Add examples to qom list, get, and set commands
qapi: Eliminate indirection through qmp_event_get_func_emit()
qapi: Belatedly update docs for commit 9c2f56e9f9d

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>

show more ...

json: Fix % handling when not interpolating

Commit 8bca4613 added support for %% in json strings when interpolating,
but in doing so broke handling of % when not interpolating.

When parse_string()

json: Fix % handling when not interpolating

Commit 8bca4613 added support for %% in json strings when interpolating,
but in doing so broke handling of % when not interpolating.

When parse_string() is fed a string token containing '%', it skips the
'%' regardless of ctxt->ap, i.e. even it's not interpolating. If the
'%' is the string's last character, it fails an assertion. Else, it
"merely" swallows the '%'.

Fix parse_string() to handle '%' specially only when interpolating.

To gauge the bug's impact, let's review non-interpolating users of this
parser, i.e. code passing NULL context to json_message_parser_init():

* tests/check-qjson.c, tests/test-qobject-input-visitor.c,
tests/test-visitor-serialization.c

Plenty of tests, but we still failed to cover the buggy case.

* monitor.c: QMP input

* qga/main.c: QGA input

* qobject_from_json():

- qobject-input-visitor.c: JSON command line option arguments of
-display and -blockdev

Reproducer: -blockdev '{"%"}'

- block.c: JSON pseudo-filenames starting with "json:"

Reproducer: https://bugzilla.redhat.com/show_bug.cgi?id=1668244#c3

- block/rbd.c: JSON key pairs

Pseudo-filenames starting with "rbd:".

Command line, QMP and QGA input are trusted.

Filenames are trusted when they come from command line, QMP or HMP.
They are untrusted when they come from from image file headers.
Example: QCOW2 backing file name. Note that this is *not* the security
boundary between host and guest. It's the boundary between host and an
image file from an untrusted source.

Neither failing an assertion nor skipping a character in a filename of
your choice looks exploitable. Note that we don't support compiling
with NDEBUG.

Fixes: 8bca4613e6cddd948895b8db3def05950463495b
Cc: qemu-stable@nongnu.org
Signed-off-by: Christophe Fergeau <cfergeau@redhat.com>
Message-Id: <20190102140535.11512-1-cfergeau@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Tested-by: Richard W.M. Jones <rjones@redhat.com>
[Commit message extended to discuss impact]
Signed-off-by: Markus Armbruster <armbru@redhat.com>

show more ...

Merge remote-tracking branch 'remotes/armbru/tags/pull-qapi-2018-12-13-v2' into staging

QAPI patches for 2018-12-13

# gpg: Signature made Fri 14 Dec 2018 05:53:51 GMT
# gpg: using RS

Merge remote-tracking branch 'remotes/armbru/tags/pull-qapi-2018-12-13-v2' into staging

QAPI patches for 2018-12-13

# gpg: Signature made Fri 14 Dec 2018 05:53:51 GMT
# gpg: using RSA key 3870B400EB918653
# gpg: Good signature from "Markus Armbruster <armbru@redhat.com>"
# gpg: aka "Markus Armbruster <armbru@pond.sub.org>"
# Primary key fingerprint: 354B C8B3 D7EB 2A6B 6867 4E5F 3870 B400 EB91 8653

* remotes/armbru/tags/pull-qapi-2018-12-13-v2: (32 commits)
qapi: add conditions to REPLICATION type/commands on the schema
qapi: add more conditions to SPICE
qapi: add condition to variants documentation
qapi: add 'If:' condition to struct members documentation
qapi: add 'If:' condition to enum values documentation
qapi: Add #if conditions to generated code members
qapi: add 'if' to alternate members
qapi: add 'if' to union members
qapi: Add 'if' to implicit struct members
qapi: add a dictionary form for TYPE
qapi-events: add 'if' condition to implicit event enum
qapi: add 'if' to enum members
qapi: add a dictionary form with 'name' key for enum members
qapi: improve reporting of unknown or missing keys
qapi: factor out checking for keys
tests: print enum type members more like object type members
qapi: change enum visitor and gen_enum* to take QAPISchemaMember
qapi: Do not define enumeration value explicitly
qapi: break long lines at 'data' member
qapi: rename QAPISchemaEnumType.values to .members
...

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>

show more ...

json: Fix to reject duplicate object member names

The JSON parser happily accepts duplicate object member names. The
last value wins. Reproducer #1:

$ qemu-system-x86_64 -qmp stdio
{"QMP"

json: Fix to reject duplicate object member names

The JSON parser happily accepts duplicate object member names. The
last value wins. Reproducer #1:

$ qemu-system-x86_64 -qmp stdio
{"QMP": {"version": {"qemu": {"micro": 93, "minor": 0, "major": 3},
"package": "v3.1.0-rc3-7-g87a45d86ed"}, "capabilities": []}}
{'execute':'qmp_capabilities'}
{"return": {}}
{'execute':'blockdev-add','arguments':{'driver':'null-co',
'node-name':'foo','node-name':'bar'}}
{"return": {}}
{'execute':'query-named-block-nodes'}
{"return": [{ [...] "node-name": "bar" [...] }]}

Reproducer #2 is iotest 229.

Fix the parser to reject duplicates, and fix iotest 229 not to use
them.

Reported-by: Max Reitz <mreitz@redhat.com>
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Message-Id: <20181206121743.20762-1-armbru@redhat.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
[Trailing whitespace tidied up]
Signed-off-by: Markus Armbruster <armbru@redhat.com>

show more ...

Merge remote-tracking branch 'remotes/armbru/tags/pull-qobject-2018-08-24' into staging

QObject patches for 2018-08-24

# gpg: Signature made Fri 24 Aug 2018 20:28:53 BST
# gpg: using

Merge remote-tracking branch 'remotes/armbru/tags/pull-qobject-2018-08-24' into staging

QObject patches for 2018-08-24

# gpg: Signature made Fri 24 Aug 2018 20:28:53 BST
# gpg: using RSA key 3870B400EB918653
# gpg: Good signature from "Markus Armbruster <armbru@redhat.com>"
# gpg: aka "Markus Armbruster <armbru@pond.sub.org>"
# Primary key fingerprint: 354B C8B3 D7EB 2A6B 6867 4E5F 3870 B400 EB91 8653

* remotes/armbru/tags/pull-qobject-2018-08-24: (58 commits)
json: Update references to RFC 7159 to RFC 8259
json: Support %% in JSON strings when interpolating
json: Improve safety of qobject_from_jsonf_nofail() & friends
json: Keep interpolation state in JSONParserContext
tests/drive_del-test: Fix harmless JSON interpolation bug
json: Clean up headers
qobject: Drop superfluous includes of qemu-common.h
json: Make JSONToken opaque outside json-parser.c
json: Unbox tokens queue in JSONMessageParser
json: Streamline json_message_process_token()
json: Enforce token count and size limits more tightly
qjson: Have qobject_from_json() & friends reject empty and blank
json: Assert json_parser_parse() consumes all tokens on success
json: Fix streamer not to ignore trailing unterminated structures
json: Fix latent parser aborts at end of input
qjson: Fix qobject_from_json() & friends for multiple values
json: Improve names of lexer states related to numbers
json: Replace %I64d, %I64u by %PRId64, %PRIu64
json: Leave rejecting invalid interpolation to parser
json: Pass lexical errors and limit violations to callback
...

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>

show more ...

json: Update references to RFC 7159 to RFC 8259

RFC 8259 (December 2017) obsoletes RFC 7159 (March 2014).

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Message-Id: <20180823164025.12553-59-a

json: Update references to RFC 7159 to RFC 8259

RFC 8259 (December 2017) obsoletes RFC 7159 (March 2014).

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Message-Id: <20180823164025.12553-59-armbru@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>

show more ...

json: Support %% in JSON strings when interpolating

The previous commit makes JSON strings containing '%' awkward to
express in templates: you'd have to mask the '%' with an Unicode
escape \u0025.

json: Support %% in JSON strings when interpolating

The previous commit makes JSON strings containing '%' awkward to
express in templates: you'd have to mask the '%' with an Unicode
escape \u0025. No template currently contains such JSON strings.
Support the printf conversion specification %% in JSON strings as a
convenience anyway, because it's trivially easy to do.

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Message-Id: <20180823164025.12553-58-armbru@redhat.com>

show more ...

json: Improve safety of qobject_from_jsonf_nofail() & friends

The JSON parser optionally supports interpolation. This is used to
build QObjects by parsing string templates. The templates are C
lit

json: Improve safety of qobject_from_jsonf_nofail() & friends

The JSON parser optionally supports interpolation. This is used to
build QObjects by parsing string templates. The templates are C
literals, so parse errors (such as invalid interpolation
specifications) are actually programming errors. Consequently, the
functions providing parsing with interpolation
(qobject_from_jsonf_nofail(), qobject_from_vjsonf_nofail(),
qdict_from_jsonf_nofail(), qdict_from_vjsonf_nofail()) pass
&error_abort to the parser.

However, there's another, more dangerous kind of programming error:
since we use va_arg() to get the value to interpolate, behavior is
undefined when the variable argument isn't consistent with the
interpolation specification.

The same problem exists with printf()-like functions, and the solution
is to have the compiler check consistency. This is what
GCC_FMT_ATTR() is about.

To enable this type checking for interpolation as well, we carefully
chose our interpolation specifications to match printf conversion
specifications, and decorate functions parsing templates with
GCC_FMT_ATTR().

Note that this only protects against undefined behavior due to type
errors. It can't protect against use of invalid interpolation
specifications that happen to be valid printf conversion
specifications.

However, there's still a gaping hole in the type checking: GCC
recognizes '%' as start of printf conversion specification anywhere in
the template, but the parser recognizes it only outside JSON strings.
For instance, if someone were to pass a "{ '%s': %d }" template, GCC
would require a char * and an int argument, but the parser would
va_arg() only an int argument, resulting in undefined behavior.

Avoid undefined behavior by catching the programming error at run
time: have the parser recognize and reject '%' in JSON strings.

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Message-Id: <20180823164025.12553-57-armbru@redhat.com>

show more ...

json: Keep interpolation state in JSONParserContext

The recursive descent parser passes along a pointer to
JSONParserContext. It additionally passes a pointer to interpolation
state (a va_alist *)

json: Keep interpolation state in JSONParserContext

The recursive descent parser passes along a pointer to
JSONParserContext. It additionally passes a pointer to interpolation
state (a va_alist *) as needed to reach its consumer
parse_interpolation().

Stuffing the latter pointer into JSONParserContext saves us the
trouble of passing it along, so do that.

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Message-Id: <20180823164025.12553-56-armbru@redhat.com>

show more ...

json: Clean up headers

The JSON parser has three public headers, json-lexer.h, json-parser.h,
json-streamer.h. They all contain stuff that is of no interest
outside qobject/json-*.c.

Collect the p

json: Clean up headers

The JSON parser has three public headers, json-lexer.h, json-parser.h,
json-streamer.h. They all contain stuff that is of no interest
outside qobject/json-*.c.

Collect the public interface in include/qapi/qmp/json-parser.h, and
everything else in qobject/json-parser-int.h.

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Message-Id: <20180823164025.12553-54-armbru@redhat.com>

show more ...

json: Make JSONToken opaque outside json-parser.c

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Message-Id: <20180823164025.12553-52-armbru@redhat.

json: Make JSONToken opaque outside json-parser.c

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Message-Id: <20180823164025.12553-52-armbru@redhat.com>

show more ...

json: Unbox tokens queue in JSONMessageParser

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Message-Id: <20180823164025.12553-51-armbru@redhat.com>

json: Assert json_parser_parse() consumes all tokens on success

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Message-Id: <20180823164025.12553-47-

json: Assert json_parser_parse() consumes all tokens on success

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Message-Id: <20180823164025.12553-47-armbru@redhat.com>

show more ...