From patchwork Wed Aug 24 08:52:29 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Bin Meng X-Patchwork-Id: 12953072 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id 08857C00140 for ; Wed, 24 Aug 2022 08:57:09 +0000 (UTC) Received: from localhost ([::1]:35708 helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1oQmCC-0006M1-Ow for qemu-devel@archiver.kernel.org; Wed, 24 Aug 2022 04:57:08 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]:56662) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1oQm7v-0003ZA-6d for qemu-devel@nongnu.org; Wed, 24 Aug 2022 04:52:47 -0400 Received: from mail-pg1-x52f.google.com ([2607:f8b0:4864:20::52f]:38857) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1oQm7t-0002ib-JC for qemu-devel@nongnu.org; Wed, 24 Aug 2022 04:52:42 -0400 Received: by mail-pg1-x52f.google.com with SMTP id r22so14460608pgm.5 for ; Wed, 24 Aug 2022 01:52:40 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; h=content-transfer-encoding:mime-version:message-id:date:subject:cc :to:from:from:to:cc; bh=nSDkeiBJBv26GZv+Kt7q6+6QjA1tAqEVFvSC3pOL+ZU=; b=m0Zt3l6/JCREYj4iNEo+DH1WMo80+vnhJ3MZes6iBbWMIG/W6/PqTFD7Ln7WkMGlCd /OOlJt8mDdPiJdFXHTXhD1hqw03vn8wPUZxmjwxrEk4MRYH5XMsoyOBsOAJglWUQNRFt BFFz+/X8T5x00XDVV7QtWYFrZpsWDNbrqauXmgemsYEJkPp2XZE2saRmNP4uWyXq621Y qcYS3MiwsFBaNcu5L3oFqRe0KDn1FTKROLiUeKc+PlSKVho/N5K2npbzOmoCARMhE9va I8rV3PSMWAwu/HcS5ChvZVi8McPrcSC15dzhAg4tz8MWLoz03K4F5lG2V10kFJVhZ5hG opNA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=content-transfer-encoding:mime-version:message-id:date:subject:cc :to:from:x-gm-message-state:from:to:cc; bh=nSDkeiBJBv26GZv+Kt7q6+6QjA1tAqEVFvSC3pOL+ZU=; b=a6V4dsBao767A/8jq394mIWKj3O5Km1/BHm6XaOnMtRxMSckFEZO8VsFIx9/6hWMNF hzIqkaE8GRZx/lzHwx5hanjM2jkR/kDeidYHsOd8jlNFvy21DGLoBP3SYSGWwEXsIX9G x2zIHkrRwUYn4fPXb6ZTDxfygrsae1XY8VnlSrBKqyVKIfBp7Foiuw/PJ6forWQZgXb8 RD6KUK+F3oUUv0q8rsBJ6WT5n60pgvAE7aLgkQuaDkJtGIhOS6VaiiyAmk5jGmG/D8Pc n7zgpI41TSfjiETCf6mON27MLiloaPVl8iRUalpIEcU/T2BBbjbWLbgAGJUop8wrP1dW QSEg== X-Gm-Message-State: ACgBeo0n6Iw8bBdgth4ENZDVLZmxYT2YuT+mIeRFXpSVbAd4CmtO3w2m 4oKuYWrLpfJR9XxKPoxg6BABFjdRg/0= X-Google-Smtp-Source: AA6agR5FcdeM5zb3+EIPUSnJ1uQLRvsbnWvS325QA+HJ1C0z3QknTEovQQeISXbPfAY44uc8vE4Srw== X-Received: by 2002:a65:6e82:0:b0:41a:9b73:f0e6 with SMTP id bm2-20020a656e82000000b0041a9b73f0e6mr24089370pgb.371.1661331159215; Wed, 24 Aug 2022 01:52:39 -0700 (PDT) Received: from ubuntu.. (144.168.56.201.16clouds.com. [144.168.56.201]) by smtp.gmail.com with ESMTPSA id qi3-20020a17090b274300b001f3162e4e55sm813800pjb.35.2022.08.24.01.52.36 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 24 Aug 2022 01:52:38 -0700 (PDT) From: Bin Meng To: qemu-devel@nongnu.org, =?utf-8?q?Marc-Andr=C3=A9_Lureau?= Cc: Bin Meng , Paolo Bonzini Subject: [PATCH v3 1/3] util/main-loop: Fix maximum number of wait objects for win32 Date: Wed, 24 Aug 2022 16:52:29 +0800 Message-Id: <20220824085231.1630804-1-bmeng.cn@gmail.com> X-Mailer: git-send-email 2.34.1 MIME-Version: 1.0 Received-SPF: pass client-ip=2607:f8b0:4864:20::52f; envelope-from=bmeng.cn@gmail.com; helo=mail-pg1-x52f.google.com X-Spam_score_int: -20 X-Spam_score: -2.1 X-Spam_bar: -- X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+qemu-devel=archiver.kernel.org@nongnu.org Sender: "Qemu-devel" From: Bin Meng The maximum number of wait objects for win32 should be MAXIMUM_WAIT_OBJECTS, not MAXIMUM_WAIT_OBJECTS + 1. Signed-off-by: Bin Meng --- Changes in v3: - move the check of adding the same HANDLE twice to a separete patch Changes in v2: - fix the logic in qemu_add_wait_object() to avoid adding the same HANDLE twice util/main-loop.c | 11 +++++++---- 1 file changed, 7 insertions(+), 4 deletions(-) diff --git a/util/main-loop.c b/util/main-loop.c index f00a25451b..cb018dc33c 100644 --- a/util/main-loop.c +++ b/util/main-loop.c @@ -363,10 +363,10 @@ void qemu_del_polling_cb(PollingFunc *func, void *opaque) /* Wait objects support */ typedef struct WaitObjects { int num; - int revents[MAXIMUM_WAIT_OBJECTS + 1]; - HANDLE events[MAXIMUM_WAIT_OBJECTS + 1]; - WaitObjectFunc *func[MAXIMUM_WAIT_OBJECTS + 1]; - void *opaque[MAXIMUM_WAIT_OBJECTS + 1]; + int revents[MAXIMUM_WAIT_OBJECTS]; + HANDLE events[MAXIMUM_WAIT_OBJECTS]; + WaitObjectFunc *func[MAXIMUM_WAIT_OBJECTS]; + void *opaque[MAXIMUM_WAIT_OBJECTS]; } WaitObjects; static WaitObjects wait_objects = {0}; @@ -395,6 +395,9 @@ void qemu_del_wait_object(HANDLE handle, WaitObjectFunc *func, void *opaque) if (w->events[i] == handle) { found = 1; } + if (i == MAXIMUM_WAIT_OBJECTS - 1) { + break; + } if (found) { w->events[i] = w->events[i + 1]; w->func[i] = w->func[i + 1]; From patchwork Wed Aug 24 08:52:30 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: Bin Meng X-Patchwork-Id: 12953073 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id 200ABC00140 for ; Wed, 24 Aug 2022 08:57:13 +0000 (UTC) Received: from localhost ([::1]:35710 helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1oQmCG-0006N9-2k for qemu-devel@archiver.kernel.org; Wed, 24 Aug 2022 04:57:12 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]:48614) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1oQm86-0003ZV-Ii for qemu-devel@nongnu.org; Wed, 24 Aug 2022 04:53:01 -0400 Received: from mail-pj1-x1035.google.com ([2607:f8b0:4864:20::1035]:42966) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1oQm84-0002lv-QJ for qemu-devel@nongnu.org; Wed, 24 Aug 2022 04:52:54 -0400 Received: by mail-pj1-x1035.google.com with SMTP id s3-20020a17090a2f0300b001facfc6fdbcso854756pjd.1 for ; Wed, 24 Aug 2022 01:52:52 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc; bh=PUYyT/q8xyjc7ipXsof4pbMbgPo7KiI7Ss2BgxrXup0=; b=dqlcpbHk9jNagMOTcyMB6ZW3X0bybSyJtZYCU6ai2rSB9IFmhQeoqPDwmiEP5Kf00p hnxwyUwgBS6XPU1cJ5j22jyU8z5upviKdwdKoE9Y8EG6P/Chtp0/QdtKyR5YgIHJRm7X awy2WJLKOAL+q67YNpkIsTt68FEraQsgHlrv5AkbEyjylP0BViq7P6qvNZaIIBaN2JwY tS0ODIbTCLl+DvKrLs0kzsavLjQIvZxALH5lQdrPtxTFFfRBiQjrbyKYpCcS4lJmQ2Li OSJbk0hfbE8PNcM/wLH24ATefnotVU/FkOYKLHtLcqtxXc9boe9LxFFv6dSXOyxIebvW J9Pg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc; bh=PUYyT/q8xyjc7ipXsof4pbMbgPo7KiI7Ss2BgxrXup0=; b=PNSRLXmPqoLFt9bpjITIjlW0/t2c/LrsQRE8hwhvOvx81OYokxuW7zslQqixy3NjKi RodSvVlJZO8fH1q4F6jzx11z30q8IGLhlfCD3NznSFKOnx/tVo9N+nRzpjab+V6rbkFp gjjDaXuwTzMm1CEaxphkPvga1qlPBCe93gQGDGy3C9x8ZRtEtoXmnfBOD6Q//IeOT1BH 0ycpSBo1n96Dbx+b0e9deIfH6dUDJhBxC+OuDqRnaXIPMooGMPvvzZ2aU63eYdR/c3K3 UNo5FQmMPA/ixwLlw5JTkH8nkOd3NPAVJwhg/FHlJqNpaW2wZJ2CaaV1Mb/XNgbVgfwl qGOg== X-Gm-Message-State: ACgBeo13Cj9YEN6uFlcdyXmJTRaOmWou7YFIHl4a1w3Mg/IUwjqOz2yb R4W5dqTomr3DhNtC2juQq0+fejYJOpE= X-Google-Smtp-Source: AA6agR4qH3ezhYxbeR6/ib+BQmpzpxuB2GHtWDDZlRAsitmQX4AX6TVUdym9FHGgX+aILZM+IPq7Ow== X-Received: by 2002:a17:90b:4b89:b0:1f5:68b:b14e with SMTP id lr9-20020a17090b4b8900b001f5068bb14emr7510874pjb.30.1661331170995; Wed, 24 Aug 2022 01:52:50 -0700 (PDT) Received: from ubuntu.. (144.168.56.201.16clouds.com. [144.168.56.201]) by smtp.gmail.com with ESMTPSA id qi3-20020a17090b274300b001f3162e4e55sm813800pjb.35.2022.08.24.01.52.39 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 24 Aug 2022 01:52:50 -0700 (PDT) From: Bin Meng To: qemu-devel@nongnu.org, =?utf-8?q?Marc-Andr=C3=A9_Lureau?= Cc: Bin Meng , Paolo Bonzini Subject: [PATCH v3 2/3] util/main-loop: Avoid adding the same HANDLE twice Date: Wed, 24 Aug 2022 16:52:30 +0800 Message-Id: <20220824085231.1630804-2-bmeng.cn@gmail.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20220824085231.1630804-1-bmeng.cn@gmail.com> References: <20220824085231.1630804-1-bmeng.cn@gmail.com> MIME-Version: 1.0 Received-SPF: pass client-ip=2607:f8b0:4864:20::1035; envelope-from=bmeng.cn@gmail.com; helo=mail-pj1-x1035.google.com X-Spam_score_int: -20 X-Spam_score: -2.1 X-Spam_bar: -- X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+qemu-devel=archiver.kernel.org@nongnu.org Sender: "Qemu-devel" From: Bin Meng Fix the logic in qemu_add_wait_object() to avoid adding the same HANDLE twice, as the behavior is undefined when passing an array that contains same HANDLEs to WaitForMultipleObjects() API. Signed-off-by: Bin Meng Reviewed-by: Philippe Mathieu-Daudé --- Changes in v3: - new patch: avoid adding the same HANDLE twice include/qemu/main-loop.h | 2 ++ util/main-loop.c | 10 ++++++++++ 2 files changed, 12 insertions(+) diff --git a/include/qemu/main-loop.h b/include/qemu/main-loop.h index c50d1b7e3a..db8d380550 100644 --- a/include/qemu/main-loop.h +++ b/include/qemu/main-loop.h @@ -157,6 +157,8 @@ typedef void WaitObjectFunc(void *opaque); * in the main loop's calls to WaitForMultipleObjects. When the handle * is in a signaled state, QEMU will call @func. * + * If the same HANDLE is added twice, this function returns -1. + * * @handle: The Windows handle to be observed. * @func: A function to be called when @handle is in a signaled state. * @opaque: A pointer-size value that is passed to @func. diff --git a/util/main-loop.c b/util/main-loop.c index cb018dc33c..dae33a8daf 100644 --- a/util/main-loop.c +++ b/util/main-loop.c @@ -373,10 +373,20 @@ static WaitObjects wait_objects = {0}; int qemu_add_wait_object(HANDLE handle, WaitObjectFunc *func, void *opaque) { + int i; WaitObjects *w = &wait_objects; + if (w->num >= MAXIMUM_WAIT_OBJECTS) { return -1; } + + for (i = 0; i < w->num; i++) { + /* check if the same handle is added twice */ + if (w->events[i] == handle) { + return -1; + } + } + w->events[w->num] = handle; w->func[w->num] = func; w->opaque[w->num] = opaque; From patchwork Wed Aug 24 08:52:31 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: Bin Meng X-Patchwork-Id: 12953074 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id 6EBF5C00140 for ; Wed, 24 Aug 2022 09:05:51 +0000 (UTC) Received: from localhost ([::1]:54764 helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1oQmKc-0006SJ-A2 for qemu-devel@archiver.kernel.org; Wed, 24 Aug 2022 05:05:50 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]:51952) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1oQm8m-00042N-I2; Wed, 24 Aug 2022 04:53:36 -0400 Received: from mail-pj1-x102d.google.com ([2607:f8b0:4864:20::102d]:37612) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1oQm8l-0002r4-1x; Wed, 24 Aug 2022 04:53:36 -0400 Received: by mail-pj1-x102d.google.com with SMTP id x14-20020a17090a8a8e00b001fb61a71d99so901761pjn.2; Wed, 24 Aug 2022 01:53:34 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc; bh=QBPYSBPF6NBiYCPtnQ/kh4AlEMMWg66le7Owvecb66U=; b=CF40yehw2/xDHWSBy/3uPpvVn8qLYJ2tClk/XcBYV+iP+xkiyfNFYZYfh/tWoJmJDC 4VnLnMjvbZfoF9RJo788z1gWyFe+kX3vwLBBnfeyyXAADT1FQUO3o2oCY0mB+b8gLu38 x+nL1vr7jV62oNHjYuOEnSrvGug/leGd2eCG0VbLgDuPd76nfk+MoFFZkCRGFuXMp2Ps ajlJDi6CTfCONQrL2y9UYMMgSpXcmcdZmIl3Jo3rUQKFL+VqgCgw2oq9Fa//IPsDEjDQ uFNz9IMjhyA88QzAIUFzqAODB8A1Lts6Fl018YtXgntQfceQ5c1QyRZsESYuRT3urWK1 gfpA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc; bh=QBPYSBPF6NBiYCPtnQ/kh4AlEMMWg66le7Owvecb66U=; b=cxoUhPuQok8z+8DvbPlAvLVEbye2rFNDapgwiQ/SkFR2oIOn1HuJWSiEyGnj1GHWDJ wsq2cOPrR+p2D5i6yYQFO1Zd+XFRDX0j+N1WK5aKtovj7GI8ZFp8PvRj0HxX2jjnXx6b Sw3KrT3J6O8jt/j2COBylqVdBrgm8xNQDWBKqZ3NdXKc0myfoJMEIopUziu3Ezg6Ykrk BPZD7xGmI/TaQTi8f3BDVu5JbNDCc1sz5XS/pdmBKQG1tHKS+Mc93Gzlxs+FiHyJi2Ka fHPli08JkKrgV7kr8D6S50A6eXVKlKD7GPwR32vT+ySnvRiKe5tbeRhk/hbISu+8Szsj t+AQ== X-Gm-Message-State: ACgBeo3RsrutPdiZhrYs3Mzp0t94RaFKsX+AxoSFKGDgn8fdkKTcKfqE m3mV6+Vf5AjAZQ4Vbo0e0ZRZ2GzD+qk= X-Google-Smtp-Source: AA6agR4zTeYTujkVk+CV0nte+FIFVDyGWPfVLGu1+ZAXWicHBzP+ocJKavhwJ2d4+9aqbYi0+TqEGw== X-Received: by 2002:a17:903:110e:b0:171:3114:7112 with SMTP id n14-20020a170903110e00b0017131147112mr28600317plh.114.1661331212332; Wed, 24 Aug 2022 01:53:32 -0700 (PDT) Received: from ubuntu.. (144.168.56.201.16clouds.com. [144.168.56.201]) by smtp.gmail.com with ESMTPSA id qi3-20020a17090b274300b001f3162e4e55sm813800pjb.35.2022.08.24.01.52.51 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 24 Aug 2022 01:53:32 -0700 (PDT) From: Bin Meng To: qemu-devel@nongnu.org, =?utf-8?q?Marc-Andr=C3=A9_Lureau?= Cc: Bin Meng , Stefan Weil , =?utf-8?q?Marc-Andr=C3=A9_Lureau?= , Fam Zheng , Stefan Hajnoczi , qemu-block@nongnu.org Subject: [PATCH v3 3/3] util/aio-win32: Correct the event array size in aio_poll() Date: Wed, 24 Aug 2022 16:52:31 +0800 Message-Id: <20220824085231.1630804-3-bmeng.cn@gmail.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20220824085231.1630804-1-bmeng.cn@gmail.com> References: <20220824085231.1630804-1-bmeng.cn@gmail.com> MIME-Version: 1.0 Received-SPF: pass client-ip=2607:f8b0:4864:20::102d; envelope-from=bmeng.cn@gmail.com; helo=mail-pj1-x102d.google.com X-Spam_score_int: -20 X-Spam_score: -2.1 X-Spam_bar: -- X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+qemu-devel=archiver.kernel.org@nongnu.org Sender: "Qemu-devel" From: Bin Meng WaitForMultipleObjects() can only wait for MAXIMUM_WAIT_OBJECTS object handles. Correct the event array size in aio_poll() and add a assert() to ensure it does not cause out of bound access. Signed-off-by: Bin Meng Reviewed-by: Stefan Weil Reviewed-by: Marc-André Lureau Reviewed-by: Philippe Mathieu-Daudé Reviewed-by: Daniel P. Berrangé --- (no changes since v2) Changes in v2: - change 'count' to unsigned util/aio-win32.c | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/util/aio-win32.c b/util/aio-win32.c index 44003d645e..80cfe012ad 100644 --- a/util/aio-win32.c +++ b/util/aio-win32.c @@ -326,9 +326,9 @@ void aio_dispatch(AioContext *ctx) bool aio_poll(AioContext *ctx, bool blocking) { AioHandler *node; - HANDLE events[MAXIMUM_WAIT_OBJECTS + 1]; + HANDLE events[MAXIMUM_WAIT_OBJECTS]; bool progress, have_select_revents, first; - int count; + unsigned count; int timeout; /* @@ -369,6 +369,7 @@ bool aio_poll(AioContext *ctx, bool blocking) QLIST_FOREACH_RCU(node, &ctx->aio_handlers, node) { if (!node->deleted && node->io_notify && aio_node_check(ctx, node->is_external)) { + assert(count < MAXIMUM_WAIT_OBJECTS); events[count++] = event_notifier_get_handle(node->e); } }