On Tue, Feb 18, 2014 at 03:11:37PM +0000, Peter Maydell wrote:
> On 18 February 2014 15:10, Riku Voipio <riku.voi...@iki.fi> wrote:
> > On Mon, Feb 17, 2014 at 06:55:34PM +0000, Peter Maydell wrote:
> >> Fix two issues in error handling in target_to_host_semarray():
> >> * don't leak the host_array buffer if lock_user fails
> >> * return an error if malloc() fails
> >
> > With this patch I get on ubuntu raring x86_64 (gcc 4.7):
> >
> > In function ‘target_to_host_semarray’,
> > inlined from ‘do_semctl’ at
> > /home/voipio/linaro/qemu/linux-user/syscall.c:2502:17,
> > inlined from ‘do_syscall’ at
> > /home/voipio/linaro/qemu/linux-user/syscall.c:6917:13:
> > /home/voipio/linaro/qemu/linux-user/syscall.c:2439:13: error: attempt to
> > free a non-heap object ‘array’ [-Werror=free-nonheap-object]
> > cc1: all warnings being treated as errors
>
> Doh. Missing '*':
>
> >>
> >> *host_array = malloc(nsems*sizeof(unsigned short));
> >> + if (!*host_array) {
> >> + return -TARGET_ENOMEM;
> >> + }
> >> array = lock_user(VERIFY_READ, target_addr,
> >> nsems*sizeof(unsigned short), 1);
> >> - if (!array)
> >> + if (!array) {
> >> + free(host_array);
>
> ...should be
> free(*host_array);
Edited and updated patch in my linux-user updates branch.
Riku
