Ming Lei <ming....@canonical.com> writes:
> The size of each element should be sizeof(VirtIOSCSIVring *).
>
> Signed-off-by: Ming Lei <ming....@canonical.com>
> ---
> hw/scsi/virtio-scsi-dataplane.c | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/hw/scsi/virtio-scsi-dataplane.c b/hw/scsi/virtio-scsi-dataplane.c
> index 855439e..8a7cd9f 100644
> --- a/hw/scsi/virtio-scsi-dataplane.c
> +++ b/hw/scsi/virtio-scsi-dataplane.c
> @@ -239,7 +239,7 @@ void virtio_scsi_dataplane_start(VirtIOSCSI *s)
> if (!s->event_vring) {
> goto fail_vrings;
> }
> - s->cmd_vrings = g_malloc0(sizeof(VirtIOSCSIVring) * vs->conf.num_queues);
> + s->cmd_vrings = g_malloc0(sizeof(VirtIOSCSIVring *) *
> vs->conf.num_queues);
> for (i = 0; i < vs->conf.num_queues; i++) {
> s->cmd_vrings[i] =
> virtio_scsi_vring_init(s, vs->cmd_vqs[i],
Please use something like
s->cmd_vrings = g_new0(VirtIOSCSIVring *, vs->conf.num_queues);
This one crept in since I cleaned up g_malloc() use globally:
commit 02c4f26b1517d9e403ec10d6f6ca3c0276d19e43
Author: Markus Armbruster <arm...@redhat.com>
Date: Tue Aug 19 10:31:09 2014 +0200
block: Use g_new() & friends to avoid multiplying sizes
g_new(T, n) is safer than g_malloc(sizeof(*v) * n) for two reasons.
One, it catches multiplication overflowing size_t. Two, it returns
T * rather than void *, which lets the compiler catch more type
errors.
Perhaps a conversion to g_malloc_n() would be neater in places, but
that's merely four years old, and we can't use such newfangled stuff.
This commit only touches allocations with size arguments of the form
sizeof(T), plus two that use 4 instead of sizeof(uint32_t). We can
make the others safe by converting to g_malloc_n() when it becomes
available to us in a couple of years.
