From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from eggs.gnu.org ([2001:4830:134:3::10]:41612)
	by lists.gnu.org with esmtp (Exim 4.71)
	(envelope-from <wency@cn.fujitsu.com>) id 1YixQt-0001I3-0m
	for qemu-devel@nongnu.org; Thu, 16 Apr 2015 23:59:11 -0400
Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
	(envelope-from <wency@cn.fujitsu.com>) id 1YixQo-0007qQ-Pp
	for qemu-devel@nongnu.org; Thu, 16 Apr 2015 23:59:10 -0400
Received: from [59.151.112.132] (port=7454 helo=heian.cn.fujitsu.com)
	by eggs.gnu.org with esmtp (Exim 4.71)
	(envelope-from <wency@cn.fujitsu.com>) id 1YixQo-0007oe-Do
	for qemu-devel@nongnu.org; Thu, 16 Apr 2015 23:59:06 -0400
Message-ID: <553085DE.5080201@cn.fujitsu.com>
Date: Fri, 17 Apr 2015 12:02:38 +0800
From: Wen Congyang <wency@cn.fujitsu.com>
MIME-Version: 1.0
References: <1429090543-4736-1-git-send-email-mst@redhat.com>	<552E35E9.7070605@huawei.com>
	<5530291E.8040606@redhat.com>
In-Reply-To: <5530291E.8040606@redhat.com>
Content-Type: text/plain; charset="windows-1252"
Content-Transfer-Encoding: 7bit
Subject: Re: [Qemu-devel] [PATCH] vhost: fix log base address
List-Id: <qemu-devel.nongnu.org>
List-Unsubscribe: <https://lists.nongnu.org/mailman/options/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=unsubscribe>
List-Archive: <http://lists.nongnu.org/archive/html/qemu-devel>
List-Post: <mailto:qemu-devel@nongnu.org>
List-Help: <mailto:qemu-devel-request@nongnu.org?subject=help>
List-Subscribe: <https://lists.nongnu.org/mailman/listinfo/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=subscribe>
To: Paolo Bonzini <pbonzini@redhat.com>, zhanghailiang <zhang.zhanghailiang@huawei.com>, "Michael S. Tsirkin" <mst@redhat.com>, qemu-devel@nongnu.org
Cc: Peter Maydell <peter.maydell@linaro.org>, peter.huangpeng@huawei.com

On 04/17/2015 05:26 AM, Paolo Bonzini wrote:
> 
> 
> On 15/04/2015 11:56, zhanghailiang wrote:
>> On 2015/4/15 17:37, Michael S. Tsirkin wrote:
>>> VHOST_SET_LOG_BASE got an incorrect address, causing
>>> migration errors and potentially even memory corruption.
>>>
>>> Cc: Peter Maydell <peter.maydell@linaro.org>
>>> Reported-by: Wen Congyang <wency@cn.fujitsu.com>
>>> Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
>>> ---
>>>
>>> Could you please confirm this fixes the problem for you?
>>>
>>>   hw/virtio/vhost.c | 5 ++++-
>>>   1 file changed, 4 insertions(+), 1 deletion(-)
>>>
>>> diff --git a/hw/virtio/vhost.c b/hw/virtio/vhost.c
>>> index 8dd2f59..02c5604 100644
>>> --- a/hw/virtio/vhost.c
>>> +++ b/hw/virtio/vhost.c
>>> @@ -1016,10 +1016,13 @@ int vhost_dev_start(struct vhost_dev *hdev,
>>> VirtIODevice *vdev)
>>>       }
>>>
>>>       if (hdev->log_enabled) {
>>> +        uint64_t log_base;
>>> +
>>>           hdev->log_size = vhost_get_log_size(hdev);
>>>           hdev->log = hdev->log_size ?
>>>               g_malloc0(hdev->log_size * sizeof *hdev->log) : NULL;
>>> -        r = hdev->vhost_ops->vhost_call(hdev, VHOST_SET_LOG_BASE,
>>> hdev->log);
>>> +        log_base = (uint64_t)(unsigned long)log_base;
>>                                                ^^^^^^^^
>>
>> s/log_base/hdev->log ?
> 
> Also s/unsigned long/uintptr_t/ please.  The subsequent cast to uint64_t
> is not necessary.

Should we also update vhost_dev_log_resize()?

Thanks
Wen Congyang

> 
> Paolo
> 
>>> +        r = hdev->vhost_ops->vhost_call(hdev, VHOST_SET_LOG_BASE,
>>> &log_base);
>>>           if (r < 0) {
>>>               r = -errno;
>>>               goto fail_log;
>>>
>>
>>
>>
>>
> 
>