On Mon, Jul 26, 2010 at 08:49:19AM +0200, Jes Sorensen wrote:
> On 07/24/10 21:03, Michael S. Tsirkin wrote:
> > On Fri, Jul 23, 2010 at 05:16:42PM +0200, jes.soren...@redhat.com wrote:
> >> From: Jes Sorensen <jes.soren...@redhat.com>
> >> diff --git a/hw/vhost.c b/hw/vhost.c
> >> index d37a66e..f30cf91 100644
> >> --- a/hw/vhost.c
> >> +++ b/hw/vhost.c
> >> @@ -119,7 +119,6 @@ static void vhost_dev_unassign_memory(struct vhost_dev
> >> *dev,
> >> if (start_addr <= reg->guest_phys_addr && memlast >= reglast) {
> >> --dev->mem->nregions;
> >> --to;
> >> - assert(to >= 0);
> >> ++overlap_middle;
> >> continue;
> >> }
> >
> > Good catch.
> > I think I must have meant dev->mem->nregions >= 0. Does this work
> > if you put in that assertion, or did I miss something else?
>
> It should work, but I don't see the point in adding the assert for that
> case since the loop shouldn't be able to run down to nregions < 0.
Yes, we never decrement twice for the same region, so it will never
become negative. Unless there's a bug in code. Which is exactly what
assert guards against.
This can also be seen as a form of documentation which checks
itself for currectness.
Maybe we should have assert(to >= -1) as well.
But I don't feel strongly about these asserts, if you dislike them,
let me know and I'll apply as is.
> Cheers,
> Jes
