From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from eggs.gnu.org ([208.118.235.92]:53162)
	by lists.gnu.org with esmtp (Exim 4.71)
	(envelope-from <afaerber@suse.de>) id 1TOV7e-0003zW-DX
	for qemu-devel@nongnu.org; Wed, 17 Oct 2012 11:01:30 -0400
Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
	(envelope-from <afaerber@suse.de>) id 1TOV7W-0001XH-Sd
	for qemu-devel@nongnu.org; Wed, 17 Oct 2012 11:01:26 -0400
Message-ID: <507EC7FF.90603@suse.de>
Date: Wed, 17 Oct 2012 17:00:15 +0200
From: =?ISO-8859-15?Q?Andreas_F=E4rber?= <afaerber@suse.de>
MIME-Version: 1.0
References: <1350220128-10140-1-git-send-email-thardeck@suse.de>
	<1350220128-10140-3-git-send-email-thardeck@suse.de>
In-Reply-To: <1350220128-10140-3-git-send-email-thardeck@suse.de>
Content-Type: text/plain; charset=ISO-8859-15
Content-Transfer-Encoding: quoted-printable
Subject: Re: [Qemu-devel] [PATCH 2/2] qemu queue: fix uninitialized removals
List-Id: <qemu-devel.nongnu.org>
List-Unsubscribe: <https://lists.nongnu.org/mailman/options/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=unsubscribe>
List-Archive: <http://lists.nongnu.org/archive/html/qemu-devel>
List-Post: <mailto:qemu-devel@nongnu.org>
List-Help: <mailto:qemu-devel-request@nongnu.org?subject=help>
List-Subscribe: <https://lists.nongnu.org/mailman/listinfo/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=subscribe>
To: Tim Hardeck <thardeck@suse.de>
Cc: qemu-trivial <qemu-trivial@nongnu.org>, qemu-devel@nongnu.org

Tim,

Am 14.10.2012 15:08, schrieb Tim Hardeck:
> When calling QTAILQ_REMOVE or QLIST_REMOVE on an unitialized list
> QEMU segfaults.

Can this be reproduced by a user today? Or is this just fixing the case
that a developer forgot to initialize a list?

Regards,
Andreas

> Check for this case specifically on item removal.
>=20
> Signed-off-by: Tim Hardeck <thardeck@suse.de>
> ---
>  qemu-queue.h |    8 ++++++--
>  1 file changed, 6 insertions(+), 2 deletions(-)
>=20
> diff --git a/qemu-queue.h b/qemu-queue.h
> index 9288cd8..47ed239 100644
> --- a/qemu-queue.h
> +++ b/qemu-queue.h
> @@ -141,7 +141,9 @@ struct {                                           =
                     \
>          if ((elm)->field.le_next !=3D NULL)                           =
    \
>                  (elm)->field.le_next->field.le_prev =3D               =
    \
>                      (elm)->field.le_prev;                             =
  \
> -        *(elm)->field.le_prev =3D (elm)->field.le_next;               =
    \
> +        if ((elm)->field.le_prev !=3D NULL) {                         =
    \
> +            *(elm)->field.le_prev =3D (elm)->field.le_next;           =
    \
> +        }                                                             =
  \
>  } while (/*CONSTCOND*/0)
> =20
>  #define QLIST_FOREACH(var, head, field)                               =
  \
> @@ -381,7 +383,9 @@ struct {                                           =
                     \
>                      (elm)->field.tqe_prev;                            =
  \
>          else                                                          =
  \
>                  (head)->tqh_last =3D (elm)->field.tqe_prev;           =
    \
> -        *(elm)->field.tqe_prev =3D (elm)->field.tqe_next;             =
    \
> +        if ((elm)->field.tqe_prev !=3D NULL) {                        =
    \
> +            *(elm)->field.tqe_prev =3D (elm)->field.tqe_next;         =
    \
> +        }                                                             =
  \
>  } while (/*CONSTCOND*/0)
> =20
>  #define QTAILQ_FOREACH(var, head, field)                              =
  \


--=20
SUSE LINUX Products GmbH, Maxfeldstr. 5, 90409 N=FCrnberg, Germany
GF: Jeff Hawn, Jennifer Guild, Felix Imend=F6rffer; HRB 16746 AG N=FCrnbe=
rg