From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from eggs.gnu.org ([2001:4830:134:3::10]:51429)
	by lists.gnu.org with esmtp (Exim 4.71)
	(envelope-from <lcapitulino@redhat.com>) id 1V3uQQ-0005X2-5X
	for qemu-devel@nongnu.org; Mon, 29 Jul 2013 16:52:20 -0400
Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
	(envelope-from <lcapitulino@redhat.com>) id 1V3uQK-0006YJ-6w
	for qemu-devel@nongnu.org; Mon, 29 Jul 2013 16:52:14 -0400
Received: from mx1.redhat.com ([209.132.183.28]:9190)
	by eggs.gnu.org with esmtp (Exim 4.71)
	(envelope-from <lcapitulino@redhat.com>) id 1V3uQJ-0006Y9-Vl
	for qemu-devel@nongnu.org; Mon, 29 Jul 2013 16:52:08 -0400
Date: Mon, 29 Jul 2013 16:52:02 -0400
From: Luiz Capitulino <lcapitulino@redhat.com>
Message-ID: <20130729165202.2f6d8b4b@redhat.com>
In-Reply-To: <1374201401-11244-1-git-send-email-p.pawit@gmail.com>
References: <1374201401-11244-1-git-send-email-p.pawit@gmail.com>
Mime-Version: 1.0
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: 7bit
Subject: Re: [Qemu-devel] [PATCH] migration: don't use uninitialized
 variables
List-Id: <qemu-devel.nongnu.org>
List-Unsubscribe: <https://lists.nongnu.org/mailman/options/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=unsubscribe>
List-Archive: <http://lists.nongnu.org/archive/html/qemu-devel>
List-Post: <mailto:qemu-devel@nongnu.org>
List-Help: <mailto:qemu-devel-request@nongnu.org?subject=help>
List-Subscribe: <https://lists.nongnu.org/mailman/listinfo/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=subscribe>
To: Pawit Pornkitprasan <p.pawit@gmail.com>
Cc: Ryousei Takano <takano-ryousei@aist.go.jp>, qemu-devel@nongnu.org, Juan Quintela <quintela@redhat.com>

On Fri, 19 Jul 2013 11:36:41 +0900
Pawit Pornkitprasan <p.pawit@gmail.com> wrote:

> The qmp_migrate method uses the 'blk' and 'inc' parameter without
> checking if they're valid or not (they may be uninitialized if
> command is received via QMP)
> 
> Signed-off-by: Pawit Pornkitprasan <p.pawit@gmail.com>
> ---
>  migration.c | 4 ++--
>  1 file changed, 2 insertions(+), 2 deletions(-)
> 
> diff --git a/migration.c b/migration.c
> index 9f5a423..f3d1ff7 100644
> --- a/migration.c
> +++ b/migration.c
> @@ -385,8 +385,8 @@ void qmp_migrate(const char *uri, bool has_blk, bool blk,
>      MigrationParams params;
>      const char *p;
>  
> -    params.blk = blk;
> -    params.shared = inc;
> +    params.blk = has_blk && blk;
> +    params.shared = has_inc && inc;

This doesn't apply anymore, can you rebase and resend?

By grepping around I can see that there are several instances of
this bug in other commands. I'm surprised we never got a single
bug report about this... Would you mind to fix all the instances?

>  
>      if (s->state == MIG_STATE_ACTIVE) {
>          error_set(errp, QERR_MIGRATION_ACTIVE);