1. Patchew
  2. QEMU
  3. [PATCH v2 00/20] parallels: Add full dirty bitmap support
  4. View patch

[PATCH v2 01/20] parallels: Set s->used_bmap to NULL in parallels_free_used_bitmap()

Alexander Ivanov posted 20 patches 1 year, 1 month ago
Maintainers: Stefan Hajnoczi <stefanha@redhat.com>, "Denis V. Lunev" <den@openvz.org>, Kevin Wolf <kwolf@redhat.com>, Hanna Reitz <hreitz@redhat.com>
There is a newer version of this series
[PATCH v2 01/20] parallels: Set s->used_bmap to NULL in parallels_free_used_bitmap()
Posted by Alexander Ivanov 1 year, 1 month ago 
After used bitmap freeng s->used_bmap points to the freed memory. If we try
to free used bitmap one more time it leads to double free error.

Set s->used_bmap to NULL to exclude double free error.

Signed-off-by: Alexander Ivanov <alexander.ivanov@virtuozzo.com>
---
 block/parallels.c | 1 +
 1 file changed, 1 insertion(+)

diff --git a/block/parallels.c b/block/parallels.c
index 6b46623241..ba1fdde259 100644
--- a/block/parallels.c
+++ b/block/parallels.c
@@ -244,6 +244,7 @@ static void parallels_free_used_bitmap(BlockDriverState *bs)
 {
     BDRVParallelsState *s = bs->opaque;
     s->used_bmap_size = 0;
+    s->used_bmap = NULL;
     g_free(s->used_bmap);
 }
 
-- 
2.34.1
Re: [PATCH v2 01/20] parallels: Set s->used_bmap to NULL in parallels_free_used_bitmap()
Posted by Mike Maslenkin 1 year, 1 month ago 
On Thu, Oct 19, 2023 at 4:06 PM Alexander Ivanov
<alexander.ivanov@virtuozzo.com> wrote:
>
> After used bitmap freeng s->used_bmap points to the freed memory. If we try
> to free used bitmap one more time it leads to double free error.
>
> Set s->used_bmap to NULL to exclude double free error.
>
> Signed-off-by: Alexander Ivanov <alexander.ivanov@virtuozzo.com>
> ---
>  block/parallels.c | 1 +
>  1 file changed, 1 insertion(+)
>
> diff --git a/block/parallels.c b/block/parallels.c
> index 6b46623241..ba1fdde259 100644
> --- a/block/parallels.c
> +++ b/block/parallels.c
> @@ -244,6 +244,7 @@ static void parallels_free_used_bitmap(BlockDriverState *bs)
>  {
>      BDRVParallelsState *s = bs->opaque;
>      s->used_bmap_size = 0;
> +    s->used_bmap = NULL;
>      g_free(s->used_bmap);
>  }

Shouldn't it be added after g_free() call?

Regards,
Mike.
Re: [PATCH v2 01/20] parallels: Set s->used_bmap to NULL in parallels_free_used_bitmap()
Posted by Alexander Ivanov 1 year, 1 month ago 

On 10/21/23 12:40, Mike Maslenkin wrote:
> On Thu, Oct 19, 2023 at 4:06 PM Alexander Ivanov
> <alexander.ivanov@virtuozzo.com> wrote:
>> After used bitmap freeng s->used_bmap points to the freed memory. If we try
>> to free used bitmap one more time it leads to double free error.
>>
>> Set s->used_bmap to NULL to exclude double free error.
>>
>> Signed-off-by: Alexander Ivanov <alexander.ivanov@virtuozzo.com>
>> ---
>>   block/parallels.c | 1 +
>>   1 file changed, 1 insertion(+)
>>
>> diff --git a/block/parallels.c b/block/parallels.c
>> index 6b46623241..ba1fdde259 100644
>> --- a/block/parallels.c
>> +++ b/block/parallels.c
>> @@ -244,6 +244,7 @@ static void parallels_free_used_bitmap(BlockDriverState *bs)
>>   {
>>       BDRVParallelsState *s = bs->opaque;
>>       s->used_bmap_size = 0;
>> +    s->used_bmap = NULL;
>>       g_free(s->used_bmap);
>>   }
> Shouldn't it be added after g_free() call?
OMG, of course.
>
> Regards,
> Mike.

-- 
Best regards,
Alexander Ivanov

Patchew 2.1-devel-b67e4c2

© 2016 - 2024 Red Hat, Inc.