From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from eggs.gnu.org ([2001:4830:134:3::10]:37312)
	by lists.gnu.org with esmtp (Exim 4.71)
	(envelope-from <pbonzini@redhat.com>) id 1Ystpf-0007AS-Vk
	for qemu-devel@nongnu.org; Thu, 14 May 2015 10:09:55 -0400
Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
	(envelope-from <pbonzini@redhat.com>) id 1Ystpa-0003Y9-Tg
	for qemu-devel@nongnu.org; Thu, 14 May 2015 10:09:51 -0400
Received: from mx1.redhat.com ([209.132.183.28]:54008)
	by eggs.gnu.org with esmtp (Exim 4.71)
	(envelope-from <pbonzini@redhat.com>) id 1Ystpa-0003XP-OX
	for qemu-devel@nongnu.org; Thu, 14 May 2015 10:09:46 -0400
Message-ID: <5554ACA5.3020302@redhat.com>
Date: Thu, 14 May 2015 16:09:41 +0200
From: Paolo Bonzini <pbonzini@redhat.com>
MIME-Version: 1.0
References: <55547907.5000203@cn.fujitsu.com> <55547B12.8020905@redhat.com>
	<20150514140609.GD22867@ad.nay.redhat.com>
In-Reply-To: <20150514140609.GD22867@ad.nay.redhat.com>
Content-Type: text/plain; charset=windows-1252
Content-Transfer-Encoding: 7bit
Subject: Re: [Qemu-devel] [PATCH v2] mirror: correct buf_size
List-Id: <qemu-devel.nongnu.org>
List-Unsubscribe: <https://lists.nongnu.org/mailman/options/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=unsubscribe>
List-Archive: <http://lists.nongnu.org/archive/html/qemu-devel>
List-Post: <mailto:qemu-devel@nongnu.org>
List-Help: <mailto:qemu-devel-request@nongnu.org?subject=help>
List-Subscribe: <https://lists.nongnu.org/mailman/listinfo/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=subscribe>
To: Fam Zheng <famz@redhat.com>, Wen Congyang <wency@cn.fujitsu.com>
Cc: Kevin Wolf <kwolf@redhat.com>, Jeff Cody <jcody@redhat.com>, qemu-devl <qemu-devel@nongnu.org>



On 14/05/2015 16:06, Fam Zheng wrote:
> On Thu, 05/14 12:38, Paolo Bonzini wrote:
>>
>>
>> On 14/05/2015 12:29, Wen Congyang wrote:
>>>
>>> If buf_size % granularity is not 0, mirror_free_init() will
>>> do dangerous things.
>>>
>>> Signed-off-by: Wen Congyang <wency@cn.fujitsu.com>
>>> ---
>>>  block/mirror.c | 2 +-
>>>  1 file changed, 1 insertion(+), 1 deletion(-)
>>>
>>> diff --git a/block/mirror.c b/block/mirror.c
>>> index 58f391a..9521212 100644
>>> --- a/block/mirror.c
>>> +++ b/block/mirror.c
>>> @@ -684,7 +684,7 @@ static void mirror_start_job(BlockDriverState *bs, BlockDriverState *target,
>>>      s->is_none_mode = is_none_mode;
>>>      s->base = base;
>>>      s->granularity = granularity;
>>> -    s->buf_size = MAX(buf_size, granularity);
>>> +    s->buf_size = ROUND_UP(buf_size, granularity);
>>>  
>>>      s->dirty_bitmap = bdrv_create_dirty_bitmap(bs, granularity, NULL, errp);
>>>      if (!s->dirty_bitmap) {
>>>
>>
>> Reviewed-by: Paolo Bonzini <pbonzini@redhat.com>
> 
> What if buf_size is negative?

This will fail:

    s->buf = qemu_try_blockalign(bs, s->buf_size);

O:-)

but really that should be checked in mirror_start_job, so that the
command fails.

Paolo