On 18/10/2016 16:56, Pranith Kumar wrote:
> gcc does not warn about the wrong type since it is a void pointer
> which can be cast to any type.
>
> Signed-off-by: Pranith Kumar <bobby.pr...@gmail.com>
> ---
> translate-all.c | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/translate-all.c b/translate-all.c
> index 8ca393c..c77470a 100644
> --- a/translate-all.c
> +++ b/translate-all.c
> @@ -412,7 +412,7 @@ static PageDesc *page_find_alloc(tb_page_addr_t index,
> int alloc)
>
> /* Level 2..N-1. */
> for (i = V_L1_SHIFT / V_L2_BITS - 1; i > 0; i--) {
> - void **p = atomic_rcu_read(lp);
> + void *p = atomic_rcu_read(lp);
Wrong; you can see below that p is initialized with
p = g_new0(void *, V_L2_SIZE);
so it must be a pointer to "void *". You are introducing exactly the
bug that is mentioned in the commit message, and it would have screwed
up this statement:
lp = p + ((index >> (i * V_L2_BITS)) & (V_L2_SIZE - 1));
because it would then omit the multiplication of the RHS by sizeof(void *).
How did you test the patch? Coverity would have caught this, but please
be more careful.
Thanks,
Paolo
> if (p == NULL) {
> if (!alloc) {
>
