diff options
| -rw-r--r-- | block/qcow2-snapshot.c | 2 | ||||
| -rw-r--r-- | block/qcow2.c | 2 | ||||
| -rw-r--r-- | include/qemu/queue.h | 11 |
3 files changed, 8 insertions, 7 deletions
diff --git a/block/qcow2-snapshot.c b/block/qcow2-snapshot.c index 5b3903c..2aa9dcb 100644 --- a/block/qcow2-snapshot.c +++ b/block/qcow2-snapshot.c @@ -702,7 +702,7 @@ int qcow2_snapshot_load_tmp(BlockDriverState *bs, sn = &s->snapshots[snapshot_index]; /* Allocate and read in the snapshot's L1 table */ - if (sn->l1_size > QCOW_MAX_L1_SIZE) { + if (sn->l1_size > QCOW_MAX_L1_SIZE / sizeof(uint64_t)) { error_setg(errp, "Snapshot L1 table too large"); return -EFBIG; } diff --git a/block/qcow2.c b/block/qcow2.c index 8bfb094..32bdf75 100644 --- a/block/qcow2.c +++ b/block/qcow2.c @@ -742,7 +742,7 @@ static int qcow2_open(BlockDriverState *bs, QDict *options, int flags, } /* read the level 1 table */ - if (header.l1_size > QCOW_MAX_L1_SIZE) { + if (header.l1_size > QCOW_MAX_L1_SIZE / sizeof(uint64_t)) { error_setg(errp, "Active L1 table too large"); ret = -EFBIG; goto fail; diff --git a/include/qemu/queue.h b/include/qemu/queue.h index 8094150..f781aa2 100644 --- a/include/qemu/queue.h +++ b/include/qemu/queue.h @@ -197,11 +197,12 @@ struct { \ (head)->slh_first = (elm); \ } while (/*CONSTCOND*/0) -#define QSLIST_INSERT_HEAD_ATOMIC(head, elm, field) do { \ - do { \ - (elm)->field.sle_next = (head)->slh_first; \ - } while (atomic_cmpxchg(&(head)->slh_first, (elm)->field.sle_next, \ - (elm)) != (elm)->field.sle_next); \ +#define QSLIST_INSERT_HEAD_ATOMIC(head, elm, field) do { \ + typeof(elm) save_sle_next; \ + do { \ + save_sle_next = (elm)->field.sle_next = (head)->slh_first; \ + } while (atomic_cmpxchg(&(head)->slh_first, save_sle_next, (elm)) != \ + save_sle_next); \ } while (/*CONSTCOND*/0) #define QSLIST_MOVE_ATOMIC(dest, src) do { \ |