virtio-balloon: Don't mismatch g_malloc()/free (CID 1399146)

ed48c59875 "virtio-balloon: Safely handle BALLOON_PAGE_SIZE < host page size" introduced a new temporary data structure which tracks 4kiB chunks which have been inserted into the balloon by the guest but don't yet form a full host page which we can discard. Unfortunately, I had a thinko and allocated that structure with g_malloc0() but freed it with a plain free() rather than g_free(). This corrects the problem. Fixes: ed48c59875 Reported-by: Peter Maydell <peter.maydell@linaro.org> Signed-off-by: David Gibson <david@gibson.dropbear.id.au> Message-Id: <20190306030601.21986-2-david@gibson.dropbear.id.au> Reviewed-by: Michael S. Tsirkin <mst@redhat.com> Signed-off-by: Michael S. Tsirkin <mst@redhat.com> Reviewed-by: David Hildenbrand <david@redhat.com> (cherry picked from commit 301cf2a8dd) Signed-off-by: Michael Roth <mdroth@linux.vnet.ibm.com>
2019-03-06 14:05:59 +11:00 · 2019-03-06 14:05:59 +11:00 · 80c96a7b60
parent 118112024d
commit 80c96a7b60
1 changed files with 2 additions and 2 deletions
--- a/hw/virtio/virtio-balloon.c
+++ b/hw/virtio/virtio-balloon.c
@ -81,7 +81,7 @@ static void balloon_inflate_page(VirtIOBalloon *balloon,
        /* We've partially ballooned part of a host page, but now
         * we're trying to balloon part of a different one.  Too hard,
         * give up on the old partial page */
-        free(balloon->pbp);
+        g_free(balloon->pbp);
        balloon->pbp = NULL;
    }

@ -106,7 +106,7 @@ static void balloon_inflate_page(VirtIOBalloon *balloon,
         * has already reported them, and failing to discard a balloon
         * page is not fatal */

-        free(balloon->pbp);
+        g_free(balloon->pbp);
        balloon->pbp = NULL;
    }
 }