Re: [PATCH v4 1/3] util/main-loop: Fix maximum number of wait objects fo

qemu-devel

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [PATCH v4 1/3] util/main-loop: Fix maximum number of wait objects fo

From:	Philippe Mathieu-Daudé
Subject:	Re: [PATCH v4 1/3] util/main-loop: Fix maximum number of wait objects for win32
Date:	Tue, 1 Nov 2022 14:40:14 +0100
User-agent:	Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:102.0) Gecko/20100101 Thunderbird/102.4.0

On 19/10/22 12:20, Bin Meng wrote:

From: Bin Meng <bin.meng@windriver.com>

The maximum number of wait objects for win32 should be
MAXIMUM_WAIT_OBJECTS, not MAXIMUM_WAIT_OBJECTS + 1.

Signed-off-by: Bin Meng <bin.meng@windriver.com>
---

Changes in v4:
- make the out of bounds access protection explicit

Changes in v3:
- move the check of adding the same HANDLE twice to a separete patch

Changes in v2:
- fix the logic in qemu_add_wait_object() to avoid adding
   the same HANDLE twice

  util/main-loop.c | 10 +++++-----
  1 file changed, 5 insertions(+), 5 deletions(-)

diff --git a/util/main-loop.c b/util/main-loop.c
index f00a25451b..de38876064 100644
--- a/util/main-loop.c
+++ b/util/main-loop.c
@@ -363,10 +363,10 @@ void qemu_del_polling_cb(PollingFunc *func, void *opaque)
  /* Wait objects support */
  typedef struct WaitObjects {
      int num;
-    int revents[MAXIMUM_WAIT_OBJECTS + 1];
-    HANDLE events[MAXIMUM_WAIT_OBJECTS + 1];
-    WaitObjectFunc *func[MAXIMUM_WAIT_OBJECTS + 1];
-    void *opaque[MAXIMUM_WAIT_OBJECTS + 1];
+    int revents[MAXIMUM_WAIT_OBJECTS];
+    HANDLE events[MAXIMUM_WAIT_OBJECTS];
+    WaitObjectFunc *func[MAXIMUM_WAIT_OBJECTS];
+    void *opaque[MAXIMUM_WAIT_OBJECTS];
  } WaitObjects;

static WaitObjects wait_objects = {0};

@@ -395,7 +395,7 @@ void qemu_del_wait_object(HANDLE handle, WaitObjectFunc 
*func, void *opaque)
          if (w->events[i] == handle) {
              found = 1;
          }
-        if (found) {
+        if (found && i < (MAXIMUM_WAIT_OBJECTS - 1)) {


Matter of style, I find this form easier to review (same logic than
what follows):

           if (found && i + 1 < MAXIMUM_WAIT_OBJECTS) {

              w->events[i] = w->events[i + 1];
              w->func[i] = w->func[i + 1];
              w->opaque[i] = w->opaque[i + 1];


Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>

[Prev in Thread]

Current Thread

[Next in Thread]

Re: [PATCH v4 1/3] util/main-loop: Fix maximum number of wait objects for win32, Daniel P . Berrangé, 2022/11/01
- Re: [PATCH v4 1/3] util/main-loop: Fix maximum number of wait objects for win32, Bin Meng, 2022/11/01
- Re: [PATCH v4 1/3] util/main-loop: Fix maximum number of wait objects for win32, Philippe Mathieu-Daudé <=

Prev by Date: Re: [PATCH v7 01/17] hw/vfio/pci: Ensure MSI and MSI-X do not overlap
Next by Date: Re: [PATCH v4 2/3] util/main-loop: Avoid adding the same HANDLE twice
Previous by thread: Re: [PATCH v4 1/3] util/main-loop: Fix maximum number of wait objects for win32
Next by thread: Re: [PATCH 0/4] hw: make TCO watchdog actually work by default for Q35
Index(es):
- Date
- Thread