From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from eggs.gnu.org ([2001:4830:134:3::10]:40390)
	by lists.gnu.org with esmtp (Exim 4.71)
	(envelope-from <kwolf@redhat.com>) id 1Yn71Y-0000GC-7F
	for qemu-devel@nongnu.org; Tue, 28 Apr 2015 11:02:17 -0400
Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
	(envelope-from <kwolf@redhat.com>) id 1Yn71T-00024C-H9
	for qemu-devel@nongnu.org; Tue, 28 Apr 2015 11:02:12 -0400
From: Kevin Wolf <kwolf@redhat.com>
Date: Tue, 28 Apr 2015 17:00:15 +0200
Message-Id: <1430233258-31807-34-git-send-email-kwolf@redhat.com>
In-Reply-To: <1430233258-31807-1-git-send-email-kwolf@redhat.com>
References: <1430233258-31807-1-git-send-email-kwolf@redhat.com>
Subject: [Qemu-devel] [PULL 33/76] m25p80: fix s->blk usage before assignment
List-Id: <qemu-devel.nongnu.org>
List-Unsubscribe: <https://lists.nongnu.org/mailman/options/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=unsubscribe>
List-Archive: <http://lists.nongnu.org/archive/html/qemu-devel>
List-Post: <mailto:qemu-devel@nongnu.org>
List-Help: <mailto:qemu-devel-request@nongnu.org?subject=help>
List-Subscribe: <https://lists.nongnu.org/mailman/listinfo/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=subscribe>
To: qemu-block@nongnu.org
Cc: kwolf@redhat.com, qemu-devel@nongnu.org

From: Stefan Hajnoczi <stefanha@redhat.com>

Delay the call to blk_blockalign() until s->blk has been assigned.

This never caused a crash because blk_blockalign(NULL, size) defaults to
4096 alignment but it's technically incorrect.

Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
Reviewed-by: Paolo Bonzini <pbonzini@redhat.com>
Message-id: 1429091024-25098-1-git-send-email-stefanha@redhat.com
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
---
 hw/block/m25p80.c | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/hw/block/m25p80.c b/hw/block/m25p80.c
index 728e384..efc43dd 100644
--- a/hw/block/m25p80.c
+++ b/hw/block/m25p80.c
@@ -621,7 +621,6 @@ static int m25p80_init(SSISlave *ss)
 
     s->size = s->pi->sector_size * s->pi->n_sectors;
     s->dirty_page = -1;
-    s->storage = blk_blockalign(s->blk, s->size);
 
     /* FIXME use a qdev drive property instead of drive_get_next() */
     dinfo = drive_get_next(IF_MTD);
@@ -631,6 +630,8 @@ static int m25p80_init(SSISlave *ss)
         s->blk = blk_by_legacy_dinfo(dinfo);
         blk_attach_dev_nofail(s->blk, s);
 
+        s->storage = blk_blockalign(s->blk, s->size);
+
         /* FIXME: Move to late init */
         if (blk_read(s->blk, 0, s->storage,
                      DIV_ROUND_UP(s->size, BDRV_SECTOR_SIZE))) {
@@ -639,6 +640,7 @@ static int m25p80_init(SSISlave *ss)
         }
     } else {
         DB_PRINT_L(0, "No BDRV - binding to RAM\n");
+        s->storage = blk_blockalign(NULL, s->size);
         memset(s->storage, 0xFF, s->size);
     }
 
-- 
1.8.3.1