From: Simon McVittie <smcv@collabora.com>
Date: Fri, 16 May 2025 10:32:35 +0000 (+0100)
Subject: threads: Assert that timeout is non-negative
X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=cee059de0c9213d3a3b6ff72407d81b424d7bab9;p=thirdparty%2Fdbus.git

threads: Assert that timeout is non-negative

As noted in dbus!524 by source code inspection, the Unix/pthread
implementation assumes that the timeout is non-negative and does not
support a mode where it blocks forever (which we normally represent as
a negative timeout, like POSIX poll(2)).

This means that it would be a programming error if we ever call
this with a negative timeout, so put an equivalent assertion in the
platform-independent layer. We recommend that assertions are disabled in
production builds, so it's "cheap" to have a redundant assertion here.

Signed-off-by: Simon McVittie <smcv@collabora.com>
---

diff --git a/dbus/dbus-threads.c b/dbus/dbus-threads.c
index b22cc0318..5bcd84d0b 100644
--- a/dbus/dbus-threads.c
+++ b/dbus/dbus-threads.c
@@ -257,7 +257,7 @@ _dbus_condvar_wait (DBusCondVar *cond,
  *
  * @param cond the condition variable
  * @param mutex the mutex
- * @param timeout_milliseconds the maximum time to wait
+ * @param timeout_milliseconds the maximum time to wait, must be non-negative
  * @returns #FALSE if the timeout occurred, #TRUE if not
  */
 dbus_bool_t
@@ -265,6 +265,8 @@ _dbus_condvar_wait_timeout (DBusCondVar               *cond,
                             DBusCMutex                *mutex,
                             int                        timeout_milliseconds)
 {
+  _dbus_assert (timeout_milliseconds >= 0);
+
   if (cond == NULL || mutex == NULL)
     return TRUE;