From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from eggs.gnu.org ([2001:4830:134:3::10]:42833)
	by lists.gnu.org with esmtp (Exim 4.71)
	(envelope-from <jasowang@redhat.com>) id 1aZBsP-00010A-QQ
	for qemu-devel@nongnu.org; Fri, 26 Feb 2016 01:27:46 -0500
Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
	(envelope-from <jasowang@redhat.com>) id 1aZBsM-0005QK-8b
	for qemu-devel@nongnu.org; Fri, 26 Feb 2016 01:27:45 -0500
Received: from mx1.redhat.com ([209.132.183.28]:54294)
	by eggs.gnu.org with esmtp (Exim 4.71)
	(envelope-from <jasowang@redhat.com>) id 1aZBsM-0005QG-3A
	for qemu-devel@nongnu.org; Fri, 26 Feb 2016 01:27:42 -0500
References: <1456285491-6952-1-git-send-email-jasowang@redhat.com>
	<CAN+wFuJKyYahNC1rdqCwR+iZ=MQQE=ga-uxZkrfqmoLULCW3TA@mail.gmail.com>
From: Jason Wang <jasowang@redhat.com>
Message-ID: <56CFF054.6080606@redhat.com>
Date: Fri, 26 Feb 2016 14:27:32 +0800
MIME-Version: 1.0
In-Reply-To: <CAN+wFuJKyYahNC1rdqCwR+iZ=MQQE=ga-uxZkrfqmoLULCW3TA@mail.gmail.com>
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: quoted-printable
Subject: Re: [Qemu-devel] [PATCH] net: filter: correctly remove filter from
 the list during finalization
List-Id: <qemu-devel.nongnu.org>
List-Unsubscribe: <https://lists.nongnu.org/mailman/options/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=unsubscribe>
List-Archive: <http://lists.nongnu.org/archive/html/qemu-devel>
List-Post: <mailto:qemu-devel@nongnu.org>
List-Help: <mailto:qemu-devel-request@nongnu.org?subject=help>
List-Subscribe: <https://lists.nongnu.org/mailman/listinfo/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=subscribe>
To: Yang Hongyang <hongyang.yang@easystack.cn>
Cc: qemu-devel@nongnu.org



On 02/24/2016 07:53 PM, Yang Hongyang wrote:
>
> On Wed, Feb 24, 2016 at 11:44 AM, Jason Wang <jasowang@redhat.com
> <mailto:jasowang@redhat.com>> wrote:
>
>     Qemu may crash when we want to add two filters on the same netdev b=
ut
>     the initialization of second fails (e.g missing parameters):
>
>     ./qemu-system-x86_64 -netdev user,id=3Dun0 \
>      -object filter-buffer,id=3Df0,netdev=3Dun0,interval=3D10 \
>      -object filter-buffer,id=3Df1,netdev=3Dun0
>     Segmentation fault (core dumped)
>
>     This is because we don't check whether or not the filter was in the
>     list of netdev. This patch fixes this.
>
>
> Oops, thanks for catching this!
> =20
>
>
>     Cc: Yang Hongyang <hongyang.yang@easystack.cn
>     <mailto:hongyang.yang@easystack.cn>>
>     Signed-off-by: Jason Wang <jasowang@redhat.com
>     <mailto:jasowang@redhat.com>>=20
>
>     ---
>      net/filter.c | 3 ++-
>      1 file changed, 2 insertions(+), 1 deletion(-)
>
>     diff --git a/net/filter.c b/net/filter.c
>     index d2a514e..7cdbc6c 100644
>     --- a/net/filter.c
>     +++ b/net/filter.c
>     @@ -196,7 +196,8 @@ static void netfilter_finalize(Object *obj)
>              nfc->cleanup(nf);
>          }
>
>     -    if (nf->netdev && !QTAILQ_EMPTY(&nf->netdev->filters)) {
>     +    if (nf->netdev && !QTAILQ_EMPTY(&nf->netdev->filters) &&
>     +        nf->next.tqe_prev) {
>
>
> Using queue's inner member tqe_prev directly might not be a good idea=EF=
=BC=8Cbut
> seems there's no better way to do this.
> Are there any chance that we could add a QTAILQ_XXX helper to check
> whether a
> member is in the queue or not?

Might be a good idea, but I'm not sure.

> Just some thoughts, I'm ok with the current patch though, so:
>
> Reviewed-by: Yang Hongyang <hongyang.yang@easystack.cn
> <mailto:hongyang.yang@easystack.cn>>

Applied to -net.

Thanks

> =20
>
>              QTAILQ_REMOVE(&nf->netdev->filters, nf, next);
>          }
>          g_free(nf->netdev_id);
>     --
>     2.5.0
>
>
>
>
>
> --=20
> Thanks,
> Yang