From f9a8b5530d438f836f9697639814f585aaec554d Mon Sep 17 00:00:00 2001 From: Eduardo Habkost Date: Thu, 28 Jan 2016 12:22:35 -0200 Subject: [PATCH 1/2] qdev: Use GList for global properties If the same GlobalProperty struct is registered twice, the list entry gets corrupted, making tqe_next points to itself, and qdev_prop_set_globals() gets stuck in a loop. The bug can be easily reproduced by running: $ qemu-system-x86_64 -rtc-td-hack -rtc-td-hack Change global_props to use GList instead of queue.h, making the code simpler and able to deal with properties being registered twice. Reviewed-by: Michael S. Tsirkin Signed-off-by: Eduardo Habkost --- hw/core/qdev-properties.c | 15 ++++++++------- include/hw/qdev-core.h | 1 - 2 files changed, 8 insertions(+), 8 deletions(-) diff --git a/hw/core/qdev-properties.c b/hw/core/qdev-properties.c index 737d29c632..e3b2184a60 100644 --- a/hw/core/qdev-properties.c +++ b/hw/core/qdev-properties.c @@ -1020,12 +1020,11 @@ void qdev_prop_set_ptr(DeviceState *dev, const char *name, void *value) *ptr = value; } -static QTAILQ_HEAD(, GlobalProperty) global_props = - QTAILQ_HEAD_INITIALIZER(global_props); +static GList *global_props; void qdev_prop_register_global(GlobalProperty *prop) { - QTAILQ_INSERT_TAIL(&global_props, prop, next); + global_props = g_list_append(global_props, prop); } void qdev_prop_register_global_list(GlobalProperty *props) @@ -1039,10 +1038,11 @@ void qdev_prop_register_global_list(GlobalProperty *props) int qdev_prop_check_globals(void) { - GlobalProperty *prop; + GList *l; int ret = 0; - QTAILQ_FOREACH(prop, &global_props, next) { + for (l = global_props; l; l = l->next) { + GlobalProperty *prop = l->data; ObjectClass *oc; DeviceClass *dc; if (prop->used) { @@ -1073,9 +1073,10 @@ int qdev_prop_check_globals(void) static void qdev_prop_set_globals_for_type(DeviceState *dev, const char *typename) { - GlobalProperty *prop; + GList *l; - QTAILQ_FOREACH(prop, &global_props, next) { + for (l = global_props; l; l = l->next) { + GlobalProperty *prop = l->data; Error *err = NULL; if (strcmp(typename, prop->driver) != 0) { diff --git a/include/hw/qdev-core.h b/include/hw/qdev-core.h index 1ce02b20da..24aa0a7949 100644 --- a/include/hw/qdev-core.h +++ b/include/hw/qdev-core.h @@ -266,7 +266,6 @@ typedef struct GlobalProperty { const char *value; bool user_provided; bool used; - QTAILQ_ENTRY(GlobalProperty) next; } GlobalProperty; /*** Board API. This should go away once we have a machine config file. ***/ From a663fbd9e2f65fae81018d81f231ad79510cf9fb Mon Sep 17 00:00:00 2001 From: Chao Peng Date: Thu, 16 Jun 2016 09:59:10 +0800 Subject: [PATCH 2/2] vnc: Wrap vnc initialization code with CONFIG_VNC commit f8c75b2486 (vnc: Initialization stubs) removed CONFIG_VNC in vl.c code. However qemu_find_opts("vnc") is NULL when vnc is configured out. Crash will happen in qemu_opts_foreach() before stub vnc_init_func() is called. This patch add it back. Cc: Eduardo Habkost Reviewed-by: Eduardo Habkost Signed-off-by: Chao Peng Signed-off-by: Eduardo Habkost --- vl.c | 2 ++ 1 file changed, 2 insertions(+) diff --git a/vl.c b/vl.c index 0736d8430d..2f63eb448f 100644 --- a/vl.c +++ b/vl.c @@ -4564,8 +4564,10 @@ int main(int argc, char **argv, char **envp) os_setup_signal_handling(); /* init remote displays */ +#ifdef CONFIG_VNC qemu_opts_foreach(qemu_find_opts("vnc"), vnc_init_func, NULL, NULL); +#endif if (show_vnc_port) { char *ret = vnc_display_local_addr("default"); printf("VNC server running on '%s'\n", ret);