main-loop: Fix maximum number of wait objects for win32

Marc-André Lureau Tue, 09 Aug 2022 06:17:14 -0700

Hi

On Fri, Aug 5, 2022 at 6:57 PM Bin Meng <bmeng...@gmail.com> wrote:


> From: Bin Meng <bin.m...@windriver.com>
>
> The maximum number of wait objects for win32 should be
> MAXIMUM_WAIT_OBJECTS, not MAXIMUM_WAIT_OBJECTS + 1.
>
> Signed-off-by: Bin Meng <bin.m...@windriver.com>
>

Nack,

if wait_objects.num reaches MAXIMUM_WAIT_OBJECTS,

then qemu_del_wait_object() will iterate up to it, and then the branch "if
(found)" will access the arrays at position i+1 == MAXIMUM_WAIT_OBJECTS.

Note that the add functions should probably learn to avoid adding the same
HANDLE twice, otherwise del is a bit broken.

---
>
>  util/main-loop.c | 8 ++++----
>  1 file changed, 4 insertions(+), 4 deletions(-)
>
> diff --git a/util/main-loop.c b/util/main-loop.c
> index f00a25451b..f15d8e7d12 100644
> --- a/util/main-loop.c
> +++ b/util/main-loop.c
> @@ -363,10 +363,10 @@ void qemu_del_polling_cb(PollingFunc *func, void
> *opaque)
>  /* Wait objects support */
>  typedef struct WaitObjects {
>      int num;
> -    int revents[MAXIMUM_WAIT_OBJECTS + 1];
> -    HANDLE events[MAXIMUM_WAIT_OBJECTS + 1];
> -    WaitObjectFunc *func[MAXIMUM_WAIT_OBJECTS + 1];
> -    void *opaque[MAXIMUM_WAIT_OBJECTS + 1];
> +    int revents[MAXIMUM_WAIT_OBJECTS];
> +    HANDLE events[MAXIMUM_WAIT_OBJECTS];
> +    WaitObjectFunc *func[MAXIMUM_WAIT_OBJECTS];
> +    void *opaque[MAXIMUM_WAIT_OBJECTS];
>  } WaitObjects;
>
>  static WaitObjects wait_objects = {0};
> --
> 2.34.1
>
>
>

-- 
Marc-André Lureau

Re: [PATCH 1/2] util/main-loop: Fix maximum number of wait objects for win32

Reply via email to