[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Qemu-devel] [PATCH 1/2] hostmem: fix QEMU crash by 'info memdev'
From: |
Paolo Bonzini |
Subject: |
Re: [Qemu-devel] [PATCH 1/2] hostmem: fix QEMU crash by 'info memdev' |
Date: |
Wed, 13 Jul 2016 13:37:25 +0200 |
User-agent: |
Mozilla/5.0 (X11; Linux x86_64; rv:45.0) Gecko/20100101 Thunderbird/45.1.1 |
On 13/07/2016 13:29, Markus Armbruster wrote:
>> > I'm curious about one thing. Eric/Markus, it would be nice to open code
>> > the visit of the list with
>> >
>> > visit_start_list(v, name, NULL, 0, &err);
>> > if (err) {
>> > goto out;
>> > }
>> > ...
>> > visit_type_uint16(v, name, &value, &err);
>> > visit_next_list(v, NULL, 0);
>> > ...
>> > visit_end_list(v, NULL);
>> >
>> > We know here that on the other side there is an output visitor.
>> > However, it doesn't work because visit_next_list asserts that tail ==
>> > NULL. Would it be easy to support this idiom, and would it make sense
>> > to extend it to other kinds of visitor?
> visit_next_list() asserts tail != NULL because to protect the
> next_list() method. qmp_output_next_list() dereferences tail.
>
> Note that you don't have to call visit_next_list() in a virtual visit.
> For an example, see prop_get_fdt(). Good enough already?
Yes, definitely! I'm queueing Guangrong's patch because it fixes a
crash and the leak existed before, but without next_list we can indeed
visit a "virtual" list and fix the leak. It can be done during the -rc
period.
Paolo