[Cbe-oss-dev] [PATCH 1/2] libspe: fix spe_get_event initialization
Kazunori Asayama
asayama at sm.sony.co.jp
Tue Mar 28 23:27:10 EST 2006
This patch fixes following problem of libspe v1.0.1.
* spe_get_event() may return uninitialized array of
`struct spu_event' when:
- size of the array is greater than 1,
- some events are available when the function is called.
A program to reproduce this problem is also attached.
--
(ASAYAMA Kazunori
(asayama at sm.sony.co.jp))
t
--
diff -urp libspe-1.0.1.orig/spe.c libspe-1.0.1-a/spe.c
--- libspe-1.0.1.orig/spe.c 2006-03-27 20:23:32.000000000 +0900
+++ libspe-1.0.1-a/spe.c 2006-03-28 12:28:47.000000000 +0900
@@ -1178,8 +1178,7 @@ spe_get_event(struct spe_event *pevents,
thread->ev_data = 0;
thread->event = 0;
- pthread_mutex_unlock(&grp_list.mutex);
- return ret_events;
+ break;
}
//Decide on what fd's to poll on
@@ -1201,13 +1200,6 @@ spe_get_event(struct spe_event *pevents,
elem=elem->next;
}
}
-
- if(numSPEsToPoll == 0)
- {
- pthread_mutex_unlock(&grp_list.mutex);
- errno=EINVAL;
- return -1;
- }
if (ret_events > 0)
{
@@ -1220,6 +1212,13 @@ spe_get_event(struct spe_event *pevents,
return ret_events;
}
+ if(numSPEsToPoll == 0)
+ {
+ pthread_mutex_unlock(&grp_list.mutex);
+ errno=EINVAL;
+ return -1;
+ }
+
DEBUG_PRINTF(" number of fd : %i\n", numSPEsToPoll);
SPEfds=malloc (numSPEsToPoll * sizeof(struct pollfd));
-------------- next part --------------
A non-text attachment was scrubbed...
Name: init.tar
Type: application/octet-stream
Size: 10240 bytes
Desc: not available
URL: <http://lists.ozlabs.org/pipermail/cbe-oss-dev/attachments/20060328/f594ec1a/attachment.obj>
More information about the cbe-oss-dev
mailing list