[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [PATCH for-8.1] hw/pci-bridge/cxl_upstream.c: Use g_new0() in build_
|
From: |
Philippe Mathieu-Daudé |
|
Subject: |
Re: [PATCH for-8.1] hw/pci-bridge/cxl_upstream.c: Use g_new0() in build_cdat_table() |
|
Date: |
Tue, 18 Jul 2023 14:10:24 +0200 |
|
User-agent: |
Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:102.0) Gecko/20100101 Thunderbird/102.13.0 |
On 18/7/23 12:13, Peter Maydell wrote:
In build_cdat_table() we do:
*cdat_table = g_malloc0(sizeof(*cdat_table) * CXL_USP_CDAT_NUM_ENTRIES);
This is wrong because:
- cdat_table has type CDATSubHeader ***
Yes
- so *cdat_table has type CDATSubHeader **
Yes
- so the array we're allocating here should be items of type CDATSubHeader *
Yes
- but we pass sizeof(*cdat_table), which is sizeof(CDATSubHeader **),
Indeed
implying that we're allocating an array of CDATSubHeader **
Ouch
It happens that sizeof(CDATSubHeader **) == sizeof(CDATSubHeader *)
Ah!
so nothing blows up, but this should be sizeof(**cdat_table).
Still, what a mess :)
Avoid this excessively hard-to-understand code by using
g_new0() instead, which will do the type checking for us.
While we're here, we can drop the useless check against failure,
as g_malloc0() and g_new0() never fail.
Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
This fixes Coverity issue CID 1508120.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
---
Disclaimer: I have not tested this beyond any testing you
get from 'make check' and 'make check-avocado'.
---
hw/pci-bridge/cxl_upstream.c | 5 +----
1 file changed, 1 insertion(+), 4 deletions(-)