* [Qemu-devel] [PATCH] qcow2: Fix some more qemu_malloc fallout
@ 2009-11-27 16:35 Kevin Wolf
2009-11-27 17:32 ` qemu_malloc() broken by design, fix it already (was: [Qemu-devel] [PATCH] qcow2: Fix some more qemu_malloc fallout) Markus Armbruster
0 siblings, 1 reply; 2+ messages in thread
From: Kevin Wolf @ 2009-11-27 16:35 UTC (permalink / raw)
To: qemu-devel; +Cc: Kevin Wolf
Oh joy...
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
---
block/qcow2-refcount.c | 22 +++++++++++++++-------
block/qcow2-snapshot.c | 7 ++++++-
2 files changed, 21 insertions(+), 8 deletions(-)
diff --git a/block/qcow2-refcount.c b/block/qcow2-refcount.c
index 3026678..54b19f8 100644
--- a/block/qcow2-refcount.c
+++ b/block/qcow2-refcount.c
@@ -513,7 +513,11 @@ int qcow2_update_snapshot_refcount(BlockDriverState *bs,
l1_size2 = l1_size * sizeof(uint64_t);
l1_allocated = 0;
if (l1_table_offset != s->l1_table_offset) {
- l1_table = qemu_mallocz(align_offset(l1_size2, 512));
+ if (l1_size2 != 0) {
+ l1_table = qemu_mallocz(align_offset(l1_size2, 512));
+ } else {
+ l1_table = NULL;
+ }
l1_allocated = 1;
if (bdrv_pread(s->hd, l1_table_offset,
l1_table, l1_size2) != l1_size2)
@@ -769,12 +773,16 @@ static int check_refcounts_l1(BlockDriverState *bs,
l1_table_offset, l1_size2);
/* Read L1 table entries from disk */
- l1_table = qemu_malloc(l1_size2);
- if (bdrv_pread(s->hd, l1_table_offset,
- l1_table, l1_size2) != l1_size2)
- goto fail;
- for(i = 0;i < l1_size; i++)
- be64_to_cpus(&l1_table[i]);
+ if (l1_size2 == 0) {
+ l1_table = NULL;
+ } else {
+ l1_table = qemu_malloc(l1_size2);
+ if (bdrv_pread(s->hd, l1_table_offset,
+ l1_table, l1_size2) != l1_size2)
+ goto fail;
+ for(i = 0;i < l1_size; i++)
+ be64_to_cpus(&l1_table[i]);
+ }
/* Do the actual checks */
for(i = 0; i < l1_size; i++) {
diff --git a/block/qcow2-snapshot.c b/block/qcow2-snapshot.c
index 94cb838..d63c7e1 100644
--- a/block/qcow2-snapshot.c
+++ b/block/qcow2-snapshot.c
@@ -266,7 +266,12 @@ int qcow2_snapshot_create(BlockDriverState *bs, QEMUSnapshotInfo *sn_info)
sn->l1_table_offset = qcow2_alloc_clusters(bs, s->l1_size * sizeof(uint64_t));
sn->l1_size = s->l1_size;
- l1_table = qemu_malloc(s->l1_size * sizeof(uint64_t));
+ if (s->l1_size != 0) {
+ l1_table = qemu_malloc(s->l1_size * sizeof(uint64_t));
+ } else {
+ l1_table = NULL;
+ }
+
for(i = 0; i < s->l1_size; i++) {
l1_table[i] = cpu_to_be64(s->l1_table[i]);
}
--
1.6.2.5
^ permalink raw reply related [flat|nested] 2+ messages in thread
* qemu_malloc() broken by design, fix it already (was: [Qemu-devel] [PATCH] qcow2: Fix some more qemu_malloc fallout)
2009-11-27 16:35 [Qemu-devel] [PATCH] qcow2: Fix some more qemu_malloc fallout Kevin Wolf
@ 2009-11-27 17:32 ` Markus Armbruster
0 siblings, 0 replies; 2+ messages in thread
From: Markus Armbruster @ 2009-11-27 17:32 UTC (permalink / raw)
To: Kevin Wolf; +Cc: qemu-devel
Kevin Wolf <kwolf@redhat.com> writes:
> Oh joy...
As predicted, breaking malloc() the way we did breaks perfectly fine
code for no particular benefit. We can keep chasing these artificially
created bugs, or we can fix qemu_malloc() & friends and be done with it.
^ permalink raw reply [flat|nested] 2+ messages in thread
end of thread, other threads:[~2009-11-27 17:32 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2009-11-27 16:35 [Qemu-devel] [PATCH] qcow2: Fix some more qemu_malloc fallout Kevin Wolf
2009-11-27 17:32 ` qemu_malloc() broken by design, fix it already (was: [Qemu-devel] [PATCH] qcow2: Fix some more qemu_malloc fallout) Markus Armbruster
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).