From: jerome Arbez-Gindre <jerome.arbez-gindre@laposte.net>
To: qemu-devel@nongnu.org
Subject: Re: [Qemu-devel] [PATCH] better handling of removal in IOHandlerRecord list
Date: Thu, 11 Jan 2007 14:56:41 +0100 [thread overview]
Message-ID: <1168523801.4765.10.camel@bibi> (raw)
In-Reply-To: <1168446890.24524.11.camel@bibi>
On Wed, 2007-01-10 at 17:34 +0100, jerome Arbez-Gindre wrote:
> Hi,
>
> by a call to qemu_set_fd_handler(fd,NULL,NULL,NULL) in the fd_read
> callback, I have generated a "Segmentation fault" in vl.c.
>
> My solution is not very smart... but it is very simple.
I reply to myself because I did not sleep last night:
Here is the fix without the double IOHandlerRecord list iteration.
Index: vl.c
===================================================================
RCS file: /sources/qemu/qemu/vl.c,v
retrieving revision 1.236
diff -u -r1.236 vl.c
--- vl.c 9 Jan 2007 19:44:41 -0000 1.236
+++ vl.c 11 Jan 2007 13:55:52 -0000
@@ -4179,38 +4179,26 @@
IOHandler *fd_write,
void *opaque)
{
- IOHandlerRecord **pioh, *ioh;
+ IOHandlerRecord *ioh;
- if (!fd_read && !fd_write) {
- pioh = &first_io_handler;
- for(;;) {
- ioh = *pioh;
- if (ioh == NULL)
- break;
- if (ioh->fd == fd) {
- *pioh = ioh->next;
- qemu_free(ioh);
- break;
- }
- pioh = &ioh->next;
- }
- } else {
- for(ioh = first_io_handler; ioh != NULL; ioh = ioh->next) {
- if (ioh->fd == fd)
- goto found;
- }
- ioh = qemu_mallocz(sizeof(IOHandlerRecord));
- if (!ioh)
- return -1;
- ioh->next = first_io_handler;
- first_io_handler = ioh;
- found:
- ioh->fd = fd;
- ioh->fd_read_poll = fd_read_poll;
- ioh->fd_read = fd_read;
- ioh->fd_write = fd_write;
- ioh->opaque = opaque;
+ for(ioh = first_io_handler; ioh != NULL; ioh = ioh->next) {
+ if (ioh->fd == fd)
+ goto found;
}
+ if (!fd_read && !fd_write)
+ return 0 ;
+ ioh = qemu_mallocz(sizeof(IOHandlerRecord));
+ if (!ioh)
+ return -1;
+ ioh->next = first_io_handler;
+ first_io_handler = ioh;
+found:
+ ioh->fd = fd;
+ ioh->fd_read_poll = fd_read_poll;
+ ioh->fd_read = fd_read;
+ ioh->fd_write = fd_write;
+ ioh->opaque = opaque;
+
return 0;
}
@@ -5858,7 +5846,7 @@
void main_loop_wait(int timeout)
{
- IOHandlerRecord *ioh, *ioh_next;
+ IOHandlerRecord **pioh, *ioh, *ioh_next;
fd_set rfds, wfds, xfds;
int ret, nfds;
struct timeval tv;
@@ -5921,14 +5909,23 @@
ret = select(nfds + 1, &rfds, &wfds, &xfds, &tv);
if (ret > 0) {
/* XXX: better handling of removal */
+ pioh = &first_io_handler ;
for(ioh = first_io_handler; ioh != NULL; ioh = ioh_next) {
ioh_next = ioh->next;
if (FD_ISSET(ioh->fd, &rfds)) {
ioh->fd_read(ioh->opaque);
}
- if (FD_ISSET(ioh->fd, &wfds)) {
+ /* ioh->fd_write could have been set to null */
+ if ((ioh->fd_write) && (FD_ISSET(ioh->fd, &wfds))) {
ioh->fd_write(ioh->opaque);
}
+ /* the ioh could have been supressed */
+ if (!ioh->fd_write && !ioh->fd_read) {
+ *pioh = ioh_next;
+ qemu_free(ioh);
+ } else {
+ pioh = &ioh->next ;
+ }
}
}
#if defined(CONFIG_SLIRP)
next prev parent reply other threads:[~2007-01-11 13:56 UTC|newest]
Thread overview: 4+ messages / expand[flat|nested] mbox.gz Atom feed top
2007-01-10 16:34 [Qemu-devel] [PATCH] better handling of removal in IOHandlerRecord list jerome Arbez-Gindre
2007-01-11 13:56 ` jerome Arbez-Gindre [this message]
2007-01-11 15:00 ` jerome Arbez-Gindre
2007-01-11 19:58 ` Fabrice Bellard
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1168523801.4765.10.camel@bibi \
--to=jerome.arbez-gindre@laposte.net \
--cc=qemu-devel@nongnu.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).