From: "Daniel P. Berrangé" <berrange@redhat.com>
To: Bin Meng <bmeng.cn@gmail.com>
Cc: qemu-devel@nongnu.org,
"Marc-André Lureau" <marcandre.lureau@gmail.com>,
"Bin Meng" <bin.meng@windriver.com>,
"Paolo Bonzini" <pbonzini@redhat.com>
Subject: Re: [PATCH v3 2/3] util/main-loop: Avoid adding the same HANDLE twice
Date: Wed, 19 Oct 2022 09:32:44 +0100 [thread overview]
Message-ID: <Y0+2LOluAkuIN0BF@redhat.com> (raw)
In-Reply-To: <20220824085231.1630804-2-bmeng.cn@gmail.com>
On Wed, Aug 24, 2022 at 04:52:30PM +0800, Bin Meng wrote:
> From: Bin Meng <bin.meng@windriver.com>
>
> Fix the logic in qemu_add_wait_object() to avoid adding the same
> HANDLE twice, as the behavior is undefined when passing an array
> that contains same HANDLEs to WaitForMultipleObjects() API.
Have you encountered this problem in the real world, or is this
just a flaw you spotted through code inspection ?
Essentially I'm wondering if there's any known caller that is
making this mistake of adding it twice ?
>
> Signed-off-by: Bin Meng <bin.meng@windriver.com>
> ---
>
> Changes in v3:
> - new patch: avoid adding the same HANDLE twice
>
> include/qemu/main-loop.h | 2 ++
> util/main-loop.c | 10 ++++++++++
> 2 files changed, 12 insertions(+)
>
> diff --git a/include/qemu/main-loop.h b/include/qemu/main-loop.h
> index c50d1b7e3a..db8d380550 100644
> --- a/include/qemu/main-loop.h
> +++ b/include/qemu/main-loop.h
> @@ -157,6 +157,8 @@ typedef void WaitObjectFunc(void *opaque);
> * in the main loop's calls to WaitForMultipleObjects. When the handle
> * is in a signaled state, QEMU will call @func.
> *
> + * If the same HANDLE is added twice, this function returns -1.
> + *
> * @handle: The Windows handle to be observed.
> * @func: A function to be called when @handle is in a signaled state.
> * @opaque: A pointer-size value that is passed to @func.
> diff --git a/util/main-loop.c b/util/main-loop.c
> index cb018dc33c..dae33a8daf 100644
> --- a/util/main-loop.c
> +++ b/util/main-loop.c
> @@ -373,10 +373,20 @@ static WaitObjects wait_objects = {0};
>
> int qemu_add_wait_object(HANDLE handle, WaitObjectFunc *func, void *opaque)
> {
> + int i;
> WaitObjects *w = &wait_objects;
> +
> if (w->num >= MAXIMUM_WAIT_OBJECTS) {
> return -1;
> }
> +
> + for (i = 0; i < w->num; i++) {
> + /* check if the same handle is added twice */
> + if (w->events[i] == handle) {
> + return -1;
> + }
> + }
> +
> w->events[w->num] = handle;
> w->func[w->num] = func;
> w->opaque[w->num] = opaque;
> --
> 2.34.1
>
>
With regards,
Daniel
--
|: https://berrange.com -o- https://www.flickr.com/photos/dberrange :|
|: https://libvirt.org -o- https://fstop138.berrange.com :|
|: https://entangle-photo.org -o- https://www.instagram.com/dberrange :|
next prev parent reply other threads:[~2022-10-19 8:41 UTC|newest]
Thread overview: 16+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-08-24 8:52 [PATCH v3 1/3] util/main-loop: Fix maximum number of wait objects for win32 Bin Meng
2022-08-24 8:52 ` [PATCH v3 2/3] util/main-loop: Avoid adding the same HANDLE twice Bin Meng
2022-08-30 12:22 ` Philippe Mathieu-Daudé via
2022-10-19 8:32 ` Daniel P. Berrangé [this message]
2022-10-19 9:07 ` Bin Meng
2022-08-24 8:52 ` [PATCH v3 3/3] util/aio-win32: Correct the event array size in aio_poll() Bin Meng
2022-08-30 12:23 ` Philippe Mathieu-Daudé via
2022-10-19 8:36 ` Daniel P. Berrangé
2022-09-02 4:19 ` [PATCH v3 1/3] util/main-loop: Fix maximum number of wait objects for win32 Bin Meng
2022-09-09 6:45 ` Bin Meng
2022-09-13 9:51 ` Marc-André Lureau
2022-09-25 1:07 ` Bin Meng
2022-10-02 22:21 ` Bin Meng
2022-10-11 12:04 ` Bin Meng
2022-10-19 5:53 ` Bin Meng
2022-10-19 8:41 ` Daniel P. Berrangé
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=Y0+2LOluAkuIN0BF@redhat.com \
--to=berrange@redhat.com \
--cc=bin.meng@windriver.com \
--cc=bmeng.cn@gmail.com \
--cc=marcandre.lureau@gmail.com \
--cc=pbonzini@redhat.com \
--cc=qemu-devel@nongnu.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.