From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from eggs.gnu.org ([2001:4830:134:3::10]:54372)
	by lists.gnu.org with esmtp (Exim 4.71)
	(envelope-from <benoit.canet@irqsave.net>) id 1VOqNu-0008L6-44
	for qemu-devel@nongnu.org; Wed, 25 Sep 2013 10:48:15 -0400
Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
	(envelope-from <benoit.canet@irqsave.net>) id 1VOqNp-0002pN-3a
	for qemu-devel@nongnu.org; Wed, 25 Sep 2013 10:48:10 -0400
Received: from nodalink.pck.nerim.net ([62.212.105.220]:39072
	helo=paradis.irqsave.net) by eggs.gnu.org with esmtp (Exim 4.71)
	(envelope-from <benoit.canet@irqsave.net>) id 1VOqNo-0002pF-Pn
	for qemu-devel@nongnu.org; Wed, 25 Sep 2013 10:48:05 -0400
Date: Wed, 25 Sep 2013 16:47:59 +0200
From: =?iso-8859-1?Q?Beno=EEt?= Canet <benoit.canet@irqsave.net>
Message-ID: <20130925144759.GB3349@irqsave.net>
References: <1380119840-12672-1-git-send-email-mreitz@redhat.com>
	<1380119840-12672-2-git-send-email-mreitz@redhat.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=iso-8859-1
Content-Disposition: inline
In-Reply-To: <1380119840-12672-2-git-send-email-mreitz@redhat.com>
Content-Transfer-Encoding: quoted-printable
Subject: Re: [Qemu-devel] [PATCH 1/3] qcow2: Don't put invalid L2 table into
 cache
List-Id: <qemu-devel.nongnu.org>
List-Unsubscribe: <https://lists.nongnu.org/mailman/options/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=unsubscribe>
List-Archive: <http://lists.nongnu.org/archive/html/qemu-devel>
List-Post: <mailto:qemu-devel@nongnu.org>
List-Help: <mailto:qemu-devel-request@nongnu.org?subject=help>
List-Subscribe: <https://lists.nongnu.org/mailman/listinfo/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=subscribe>
To: Max Reitz <mreitz@redhat.com>
Cc: Kevin Wolf <kwolf@redhat.com>, qemu-devel@nongnu.org, Stefan Hajnoczi <stefanha@redhat.com>

Le Wednesday 25 Sep 2013 =E0 16:37:18 (+0200), Max Reitz a =E9crit :
> In l2_allocate, the fail path is executed if qcow2_cache_flush fails.
> However, the L2 table has not yet been fetched from the L2 table cache.
> The qcow2_cache_put in the fail path therefore basically gives an
> undefined argument as the L2 table address (in this case).
>=20
> Signed-off-by: Max Reitz <mreitz@redhat.com>
> ---
>  block/qcow2-cluster.c | 6 ++++--
>  1 file changed, 4 insertions(+), 2 deletions(-)
>=20
> diff --git a/block/qcow2-cluster.c b/block/qcow2-cluster.c
> index 738ff73..f6d47c9 100644
> --- a/block/qcow2-cluster.c
> +++ b/block/qcow2-cluster.c
> @@ -188,7 +188,7 @@ static int l2_allocate(BlockDriverState *bs, int l1=
_index, uint64_t **table)
>  {
>      BDRVQcowState *s =3D bs->opaque;
>      uint64_t old_l2_offset;
> -    uint64_t *l2_table;
> +    uint64_t *l2_table =3D NULL;
>      int64_t l2_offset;
>      int ret;
> =20
> @@ -265,7 +265,9 @@ static int l2_allocate(BlockDriverState *bs, int l1=
_index, uint64_t **table)
> =20
>  fail:
>      trace_qcow2_l2_allocate_done(bs, l1_index, ret);
> -    qcow2_cache_put(bs, s->l2_table_cache, (void**) table);
> +    if (l2_table !=3D NULL) {
> +        qcow2_cache_put(bs, s->l2_table_cache, (void**) table);
> +    }
>      s->l1_table[l1_index] =3D old_l2_offset;
>      return ret;
>  }
> --=20
> 1.8.3.1
>=20
>=20

Reviewed-by: Benoit Canet <benoit@irqsave.net>