On 18/10/2016 16:56, Pranith Kumar wrote:
> gcc does not warn about the wrong type since it is a void pointer
> which can be cast to any type.
> 
> Signed-off-by: Pranith Kumar <bobby.pr...@gmail.com>
> ---
>  translate-all.c | 2 +-
>  1 file changed, 1 insertion(+), 1 deletion(-)
> 
> diff --git a/translate-all.c b/translate-all.c
> index 8ca393c..c77470a 100644
> --- a/translate-all.c
> +++ b/translate-all.c
> @@ -412,7 +412,7 @@ static PageDesc *page_find_alloc(tb_page_addr_t index, 
> int alloc)
>  
>      /* Level 2..N-1.  */
>      for (i = V_L1_SHIFT / V_L2_BITS - 1; i > 0; i--) {
> -        void **p = atomic_rcu_read(lp);
> +        void *p = atomic_rcu_read(lp);

Wrong; you can see below that p is initialized with

        p = g_new0(void *, V_L2_SIZE);

so it must be a pointer to "void *".  You are introducing exactly the
bug that is mentioned in the commit message, and it would have screwed
up this statement:

        lp = p + ((index >> (i * V_L2_BITS)) & (V_L2_SIZE - 1));

because it would then omit the multiplication of the RHS by sizeof(void *).

How did you test the patch?  Coverity would have caught this, but please
be more careful.

Thanks,

Paolo

>          if (p == NULL) {
>              if (!alloc) {
> 

Reply via email to