Re: [PATCH] kvm: allocate correct size for dirty bitmap
On Wed, Sep 23, 2009 at 04:13:18PM -0600, Bruce Rogers wrote: The dirty bitmap copied out to userspace is stored in a long array, and gets copied out to userspace accordingly. This patch accounts for that correctly. Currently I'm seeing kvm crashing due to writing beyond the end of the alloc'd dirty bitmap memory, because the buffer has the wrong size. Signed-off-by: Bruce Rogers --- qemu-kvm.c |2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/qemu-kvm.c b/qemu-kvm.c index 6511cb6..ee5db76 100644 --- a/qemu-kvm.c +++ b/qemu-kvm.c @@ -702,7 +702,7 @@ int kvm_get_dirty_pages_range(kvm_context_t kvm, unsigned long phys_addr, for (i = 0; i KVM_MAX_NUM_MEM_REGIONS; ++i) { if ((slots[i].len (uint64_t) slots[i].phys_addr = phys_addr) ((uint64_t) slots[i].phys_addr + slots[i].len = end_addr)) { -buf = qemu_malloc((slots[i].len / 4096 + 7) / 8 + 2); +buf = qemu_malloc(BITMAP_SIZE(slots[i].len)); r = kvm_get_map(kvm, KVM_GET_DIRTY_LOG, i, buf); if (r) { qemu_free(buf); Applied, thanks. -- To unsubscribe from this list: send the line unsubscribe kvm in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
[PATCH] kvm: allocate correct size for dirty bitmap
The dirty bitmap copied out to userspace is stored in a long array, and gets copied out to userspace accordingly. This patch accounts for that correctly. Currently I'm seeing kvm crashing due to writing beyond the end of the alloc'd dirty bitmap memory, because the buffer has the wrong size. Signed-off-by: Bruce Rogers --- qemu-kvm.c |2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/qemu-kvm.c b/qemu-kvm.c index 6511cb6..ee5db76 100644 --- a/qemu-kvm.c +++ b/qemu-kvm.c @@ -702,7 +702,7 @@ int kvm_get_dirty_pages_range(kvm_context_t kvm, unsigned long phys_addr, for (i = 0; i KVM_MAX_NUM_MEM_REGIONS; ++i) { if ((slots[i].len (uint64_t) slots[i].phys_addr = phys_addr) ((uint64_t) slots[i].phys_addr + slots[i].len = end_addr)) { -buf = qemu_malloc((slots[i].len / 4096 + 7) / 8 + 2); +buf = qemu_malloc(BITMAP_SIZE(slots[i].len)); r = kvm_get_map(kvm, KVM_GET_DIRTY_LOG, i, buf); if (r) { qemu_free(buf); -- To unsubscribe from this list: send the line unsubscribe kvm in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html