From a47b9e879c486124ab9e0ecde97ef2275e382306 Mon Sep 17 00:00:00 2001
From: Laine Stump <laine@laine.org>
Date: Mon, 24 Jun 2013 22:42:35 -0400
Subject: [PATCH] qemu: fix infinite loop in OOM error path

A loop in qemuPrepareHostdevPCIDevices() intended to cycle through all
the objects on the list pcidevs was doing "while (listcount > 0)", but
nothing in the body of the loop was reducing the size of the list - it
was instead removing items from a *different* list. It has now been
safely changed to a for() loop.
---
 src/qemu/qemu_hostdev.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/src/qemu/qemu_hostdev.c b/src/qemu/qemu_hostdev.c
index 09ac6ad057..404939e78d 100644
--- a/src/qemu/qemu_hostdev.c
+++ b/src/qemu/qemu_hostdev.c
@@ -638,8 +638,8 @@ inactivedevs:
     /* Only steal all the devices from driver->activePciHostdevs. We will
      * free them in virObjectUnref().
      */
-    while (virPCIDeviceListCount(pcidevs) > 0) {
-        virPCIDevicePtr dev = virPCIDeviceListGet(pcidevs, 0);
+    for (i = 0; i < virPCIDeviceListCount(pcidevs); i++) {
+        virPCIDevicePtr dev = virPCIDeviceListGet(pcidevs, i);
         virPCIDeviceListSteal(driver->activePciHostdevs, dev);
     }
 
-- 
2.47.2