From 02c4f26b1517d9e403ec10d6f6ca3c0276d19e43 Mon Sep 17 00:00:00 2001 From: Markus Armbruster Date: Tue, 19 Aug 2014 10:31:09 +0200 Subject: [PATCH] block: Use g_new() & friends to avoid multiplying sizes g_new(T, n) is safer than g_malloc(sizeof(*v) * n) for two reasons. One, it catches multiplication overflowing size_t. Two, it returns T * rather than void *, which lets the compiler catch more type errors. Perhaps a conversion to g_malloc_n() would be neater in places, but that's merely four years old, and we can't use such newfangled stuff. This commit only touches allocations with size arguments of the form sizeof(T), plus two that use 4 instead of sizeof(uint32_t). We can make the others safe by converting to g_malloc_n() when it becomes available to us in a couple of years. Signed-off-by: Markus Armbruster Reviewed-by: Max Reitz Reviewed-by: Jeff Cody Signed-off-by: Kevin Wolf --- block/bochs.c | 2 +- block/parallels.c | 2 +- block/qcow2-cache.c | 2 +- block/qed-check.c | 3 +-- block/rbd.c | 2 +- block/sheepdog.c | 2 +- hw/block/nvme.c | 8 ++++---- qemu-io-cmds.c | 10 +++++----- 8 files changed, 15 insertions(+), 16 deletions(-) diff --git a/block/bochs.c b/block/bochs.c index 6674b274385..199ac2b9af7 100644 --- a/block/bochs.c +++ b/block/bochs.c @@ -131,7 +131,7 @@ static int bochs_open(BlockDriverState *bs, QDict *options, int flags, return -EFBIG; } - s->catalog_bitmap = g_try_malloc(s->catalog_size * 4); + s->catalog_bitmap = g_try_new(uint32_t, s->catalog_size); if (s->catalog_size && s->catalog_bitmap == NULL) { error_setg(errp, "Could not allocate memory for catalog"); return -ENOMEM; diff --git a/block/parallels.c b/block/parallels.c index 1774ab8e8e1..2a814f3db42 100644 --- a/block/parallels.c +++ b/block/parallels.c @@ -121,7 +121,7 @@ static int parallels_open(BlockDriverState *bs, QDict *options, int flags, ret = -EFBIG; goto fail; } - s->catalog_bitmap = g_try_malloc(s->catalog_size * 4); + s->catalog_bitmap = g_try_new(uint32_t, s->catalog_size); if (s->catalog_size && s->catalog_bitmap == NULL) { ret = -ENOMEM; goto fail; diff --git a/block/qcow2-cache.c b/block/qcow2-cache.c index 5353b448288..fe0615a9955 100644 --- a/block/qcow2-cache.c +++ b/block/qcow2-cache.c @@ -50,7 +50,7 @@ Qcow2Cache *qcow2_cache_create(BlockDriverState *bs, int num_tables) c = g_malloc0(sizeof(*c)); c->size = num_tables; - c->entries = g_malloc0(sizeof(*c->entries) * num_tables); + c->entries = g_new0(Qcow2CachedTable, num_tables); for (i = 0; i < c->size; i++) { c->entries[i].table = qemu_try_blockalign(bs->file, s->cluster_size); diff --git a/block/qed-check.c b/block/qed-check.c index 40a882cc93d..36ecd290d67 100644 --- a/block/qed-check.c +++ b/block/qed-check.c @@ -227,8 +227,7 @@ int qed_check(BDRVQEDState *s, BdrvCheckResult *result, bool fix) }; int ret; - check.used_clusters = g_try_malloc0(((check.nclusters + 31) / 32) * - sizeof(check.used_clusters[0])); + check.used_clusters = g_try_new0(uint32_t, (check.nclusters + 31) / 32); if (check.nclusters && check.used_clusters == NULL) { return -ENOMEM; } diff --git a/block/rbd.c b/block/rbd.c index 3aaf8559dd7..ea969e7bebf 100644 --- a/block/rbd.c +++ b/block/rbd.c @@ -862,7 +862,7 @@ static int qemu_rbd_snap_list(BlockDriverState *bs, int max_snaps = RBD_MAX_SNAPS; do { - snaps = g_malloc(sizeof(*snaps) * max_snaps); + snaps = g_new(rbd_snap_info_t, max_snaps); snap_count = rbd_snap_list(s->image, snaps, &max_snaps); if (snap_count <= 0) { g_free(snaps); diff --git a/block/sheepdog.c b/block/sheepdog.c index ba1ef43502b..12cbd9dcb48 100644 --- a/block/sheepdog.c +++ b/block/sheepdog.c @@ -2357,7 +2357,7 @@ static int sd_snapshot_list(BlockDriverState *bs, QEMUSnapshotInfo **psn_tab) goto out; } - sn_tab = g_malloc0(nr * sizeof(*sn_tab)); + sn_tab = g_new0(QEMUSnapshotInfo, nr); /* calculate a vdi id with hash function */ hval = fnv_64a_buf(s->name, strlen(s->name), FNV1A_64_INIT); diff --git a/hw/block/nvme.c b/hw/block/nvme.c index 6d9a0651d8d..04459e583c3 100644 --- a/hw/block/nvme.c +++ b/hw/block/nvme.c @@ -319,7 +319,7 @@ static void nvme_init_sq(NvmeSQueue *sq, NvmeCtrl *n, uint64_t dma_addr, sq->size = size; sq->cqid = cqid; sq->head = sq->tail = 0; - sq->io_req = g_malloc(sq->size * sizeof(*sq->io_req)); + sq->io_req = g_new(NvmeRequest, sq->size); QTAILQ_INIT(&sq->req_list); QTAILQ_INIT(&sq->out_req_list); @@ -773,9 +773,9 @@ static int nvme_init(PCIDevice *pci_dev) n->reg_size = 1 << qemu_fls(0x1004 + 2 * (n->num_queues + 1) * 4); n->ns_size = bs_size / (uint64_t)n->num_namespaces; - n->namespaces = g_malloc0(sizeof(*n->namespaces)*n->num_namespaces); - n->sq = g_malloc0(sizeof(*n->sq)*n->num_queues); - n->cq = g_malloc0(sizeof(*n->cq)*n->num_queues); + n->namespaces = g_new0(NvmeNamespace, n->num_namespaces); + n->sq = g_new0(NvmeSQueue *, n->num_queues); + n->cq = g_new0(NvmeCQueue *, n->num_queues); memory_region_init_io(&n->iomem, OBJECT(n), &nvme_mmio_ops, n, "nvme", n->reg_size); diff --git a/qemu-io-cmds.c b/qemu-io-cmds.c index 3a1e11e1eac..afd88675910 100644 --- a/qemu-io-cmds.c +++ b/qemu-io-cmds.c @@ -29,7 +29,7 @@ static int compare_cmdname(const void *a, const void *b) void qemuio_add_command(const cmdinfo_t *ci) { - cmdtab = g_realloc(cmdtab, ++ncmds * sizeof(*cmdtab)); + cmdtab = g_renew(cmdinfo_t, cmdtab, ++ncmds); cmdtab[ncmds - 1] = *ci; qsort(cmdtab, ncmds, sizeof(*cmdtab), compare_cmdname); } @@ -122,7 +122,7 @@ static char **breakline(char *input, int *count) continue; } c++; - tmp = g_realloc(rval, sizeof(*rval) * (c + 1)); + tmp = g_renew(char *, rval, (c + 1)); if (!tmp) { g_free(rval); rval = NULL; @@ -1264,9 +1264,9 @@ static int multiwrite_f(BlockDriverState *bs, int argc, char **argv) } } - reqs = g_malloc0(nr_reqs * sizeof(*reqs)); - buf = g_malloc0(nr_reqs * sizeof(*buf)); - qiovs = g_malloc(nr_reqs * sizeof(*qiovs)); + reqs = g_new0(BlockRequest, nr_reqs); + buf = g_new0(char *, nr_reqs); + qiovs = g_new(QEMUIOVector, nr_reqs); for (i = 0; i < nr_reqs && optind < argc; i++) { int j; -- 2.47.2