Possible dereference of NULL
Host environment
- QEMU version: v8.0.5 and upper
Description of problem
There is possible dereference of NULL using macro QEMU_LOCK_GUARD(&q->lock) in:
The QEMU_MAKE_LOCKABLE(x) macro provides a special case (line 71 of the lockable.h) if NULL gets into it. Then the macro will return NULL, which will get to the input of the qemu_lockable_auto_lock() function, then to the qemu_lockable_lock() function, where NULL dereference will occur (line 95).
It turns out that the NULL case is provided, but not handled properly. I think a NULL check should be added.
Found by Linux Verification Center (portal.linuxtesting.ru) with SVACE.
Author A. Burke.