From acdb5bf2de57c0080d2a6e730c788a0a428e13dc Mon Sep 17 00:00:00 2001
From: Chris Wilson <chris@chris-wilson.co.uk>
Date: Fri, 17 Feb 2017 08:18:52 +0000
Subject: [PATCH] os: Fix iteration over busfaults

Fixes a regression from

commit 41da295eb50fa08eaacd0ecde99f43a716fcb41a
Author: Keith Packard <keithp@keithp.com>
Date:   Sun Nov 3 13:12:40 2013 -0800

    Trap SIGBUS to handle truncated shared memory segments

that causes the SIGBUS handler to fail to chain up correctly and
corrupts nearby memory instead.

Signed-off-by: Chris Wilson <chris@chris-wilson.co.uk>
Reviewed-by: Peter Hutterer <peter.hutterer@who-t.net>
Signed-off-by: Peter Hutterer <peter.hutterer@who-t.net>
---
 os/busfault.c | 13 +++++++------
 1 file changed, 7 insertions(+), 6 deletions(-)

diff --git a/os/busfault.c b/os/busfault.c
index d4afa6df3..a2d433a2e 100644
--- a/os/busfault.c
+++ b/os/busfault.c
@@ -98,15 +98,16 @@ static void
 busfault_sigaction(int sig, siginfo_t *info, void *param)
 {
     void                *fault = info->si_addr;
-    struct busfault     *busfault = NULL;
+    struct busfault     *iter, *busfault = NULL;
     void                *new_addr;
 
     /* Locate the faulting address in our list of shared segments
      */
-    xorg_list_for_each_entry(busfault, &busfaults, list) {
-        if ((char *) busfault->addr <= (char *) fault && (char *) fault < (char *) busfault->addr + busfault->size) {
-            break;
-        }
+    xorg_list_for_each_entry(iter, &busfaults, list) {
+	if ((char *) iter->addr <= (char *) fault && (char *) fault < (char *) iter->addr + iter->size) {
+	    busfault = iter;
+	    break;
+	}
     }
     if (!busfault)
         goto panic;
@@ -132,7 +133,7 @@ panic:
     if (previous_busfault_sigaction)
         (*previous_busfault_sigaction)(sig, info, param);
     else
-        FatalError("bus error");
+        FatalError("bus error\n");
 }
 
 Bool