[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Qemu-devel] [PATCH for-2.11] qcow2: Fix overly broad madvise()
|
From: |
Max Reitz |
|
Subject: |
Re: [Qemu-devel] [PATCH for-2.11] qcow2: Fix overly broad madvise() |
|
Date: |
Wed, 15 Nov 2017 21:30:03 +0100 |
|
User-agent: |
Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Thunderbird/52.4.0 |
On 2017-11-14 19:41, Max Reitz wrote:
> @mem_size and @offset are both size_t, thus subtracting them from one
> another will just return a big size_t if mem_size < offset -- even more
> obvious here because the result is stored in another size_t.
>
> Checking that result to be positive is therefore not sufficient to
> excluse the case that offset > mem_size. Thus, we currently sometimes
> issue an madvise() over a very large address range.
>
> This is triggered by iotest 163, but with -m64, this does not result in
> tangible problems. But with -m32, this test produces three segfaults,
> all of which are fixed by this patch.
>
> Signed-off-by: Max Reitz <address@hidden>
> ---
> block/qcow2-cache.c | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
Fixed the typo and applied to my block branch:
https://github.com/XanClic/qemu/commits/block
Max
signature.asc
Description: OpenPGP digital signature