From patchwork Mon Jul 19 04:45:42 2010 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Subject: block migraton: check sectors before shift operation. From: Yoshiaki Tamura X-Patchwork-Id: 59179 Message-Id: <1279514742-6941-1-git-send-email-tamura.yoshiaki@lab.ntt.co.jp> To: qemu-devel@nongnu.org Cc: aliguori@us.ibm.com, armbru@redhat.com, Yoshiaki Tamura Date: Mon, 19 Jul 2010 13:45:42 +0900 Commit d246673dcb9911218ff555bcdf28b250e38fa46c has expanded the types of block drive that can be initialized for block migration. Although bdrv_getlength() may return < 0, current code shifts it without checking. This makes block migration initialization invalid and results in abort() due to calling qemu_malloc() with 0 size at bdrv_set_dirty_tracking(). This patch checks the return value of bdrv_getlength() by masking with BDRV_SECTOR_MASK. Signed-off-by: Yoshiaki Tamura --- block-migration.c | 5 +++-- 1 files changed, 3 insertions(+), 2 deletions(-) diff --git a/block-migration.c b/block-migration.c index 7db6f02..2e02a4a 100644 --- a/block-migration.c +++ b/block-migration.c @@ -237,10 +237,11 @@ static void init_blk_migration_it(void *opaque, BlockDriverState *bs) int64_t sectors; if (!bdrv_is_read_only(bs)) { - sectors = bdrv_getlength(bs) >> BDRV_SECTOR_BITS; - if (sectors == 0) { + sectors = bdrv_getlength(bs) & BDRV_SECTOR_MASK; + if (sectors <= 0) { return; } + sectors >>= BDRV_SECTOR_BITS; bmds = qemu_mallocz(sizeof(BlkMigDevState)); bmds->bs = bs;