From: "Daniel P. Berrangé" <berrange@redhat.com>
To: Bin Meng <bmeng.cn@gmail.com>
Cc: qemu-devel@nongnu.org,
"Marc-André Lureau" <marcandre.lureau@gmail.com>,
"Bin Meng" <bin.meng@windriver.com>,
"Paolo Bonzini" <pbonzini@redhat.com>
Subject: Re: [PATCH v3 1/3] util/main-loop: Fix maximum number of wait objects for win32
Date: Wed, 19 Oct 2022 09:41:49 +0100 [thread overview]
Message-ID: <Y0+4TW35JBbRiorv@redhat.com> (raw)
In-Reply-To: <20220824085231.1630804-1-bmeng.cn@gmail.com>
On Wed, Aug 24, 2022 at 04:52:29PM +0800, Bin Meng wrote:
> From: Bin Meng <bin.meng@windriver.com>
>
> The maximum number of wait objects for win32 should be
> MAXIMUM_WAIT_OBJECTS, not MAXIMUM_WAIT_OBJECTS + 1.
>
> Signed-off-by: Bin Meng <bin.meng@windriver.com>
> ---
>
> Changes in v3:
> - move the check of adding the same HANDLE twice to a separete patch
>
> Changes in v2:
> - fix the logic in qemu_add_wait_object() to avoid adding
> the same HANDLE twice
>
> util/main-loop.c | 11 +++++++----
> 1 file changed, 7 insertions(+), 4 deletions(-)
>
> diff --git a/util/main-loop.c b/util/main-loop.c
> index f00a25451b..cb018dc33c 100644
> --- a/util/main-loop.c
> +++ b/util/main-loop.c
> @@ -363,10 +363,10 @@ void qemu_del_polling_cb(PollingFunc *func, void *opaque)
> /* Wait objects support */
> typedef struct WaitObjects {
> int num;
> - int revents[MAXIMUM_WAIT_OBJECTS + 1];
> - HANDLE events[MAXIMUM_WAIT_OBJECTS + 1];
> - WaitObjectFunc *func[MAXIMUM_WAIT_OBJECTS + 1];
> - void *opaque[MAXIMUM_WAIT_OBJECTS + 1];
> + int revents[MAXIMUM_WAIT_OBJECTS];
> + HANDLE events[MAXIMUM_WAIT_OBJECTS];
> + WaitObjectFunc *func[MAXIMUM_WAIT_OBJECTS];
> + void *opaque[MAXIMUM_WAIT_OBJECTS];
> } WaitObjects;
>
> static WaitObjects wait_objects = {0};
> @@ -395,6 +395,9 @@ void qemu_del_wait_object(HANDLE handle, WaitObjectFunc *func, void *opaque)
> if (w->events[i] == handle) {
> found = 1;
> }
> + if (i == MAXIMUM_WAIT_OBJECTS - 1) {
> + break;
> + }
Took me a while to realize this was protecting the body
of the next if from out of bounds access. Can we redo
this to make it explicit:
> if (found) {
if (found &&
i < (MAXIMUM_WAIT_OBJECTS - 1)) {
> w->events[i] = w->events[i + 1];
> w->func[i] = w->func[i + 1];
With regards,
Daniel
--
|: https://berrange.com -o- https://www.flickr.com/photos/dberrange :|
|: https://libvirt.org -o- https://fstop138.berrange.com :|
|: https://entangle-photo.org -o- https://www.instagram.com/dberrange :|
prev parent reply other threads:[~2022-10-19 8:50 UTC|newest]
Thread overview: 16+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-08-24 8:52 [PATCH v3 1/3] util/main-loop: Fix maximum number of wait objects for win32 Bin Meng
2022-08-24 8:52 ` [PATCH v3 2/3] util/main-loop: Avoid adding the same HANDLE twice Bin Meng
2022-08-30 12:22 ` Philippe Mathieu-Daudé via
2022-10-19 8:32 ` Daniel P. Berrangé
2022-10-19 9:07 ` Bin Meng
2022-08-24 8:52 ` [PATCH v3 3/3] util/aio-win32: Correct the event array size in aio_poll() Bin Meng
2022-08-30 12:23 ` Philippe Mathieu-Daudé via
2022-10-19 8:36 ` Daniel P. Berrangé
2022-09-02 4:19 ` [PATCH v3 1/3] util/main-loop: Fix maximum number of wait objects for win32 Bin Meng
2022-09-09 6:45 ` Bin Meng
2022-09-13 9:51 ` Marc-André Lureau
2022-09-25 1:07 ` Bin Meng
2022-10-02 22:21 ` Bin Meng
2022-10-11 12:04 ` Bin Meng
2022-10-19 5:53 ` Bin Meng
2022-10-19 8:41 ` Daniel P. Berrangé [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=Y0+4TW35JBbRiorv@redhat.com \
--to=berrange@redhat.com \
--cc=bin.meng@windriver.com \
--cc=bmeng.cn@gmail.com \
--cc=marcandre.lureau@gmail.com \
--cc=pbonzini@redhat.com \
--cc=qemu-devel@nongnu.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.