From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from eggs.gnu.org ([2001:4830:134:3::10]:34753)
	by lists.gnu.org with esmtp (Exim 4.71)
	(envelope-from <quintela@redhat.com>) id 1Zw9t0-0004ol-4L
	for qemu-devel@nongnu.org; Tue, 10 Nov 2015 09:27:02 -0500
Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
	(envelope-from <quintela@redhat.com>) id 1Zw9sz-0000zY-Ak
	for qemu-devel@nongnu.org; Tue, 10 Nov 2015 09:27:02 -0500
Received: from mx1.redhat.com ([209.132.183.28]:51534)
	by eggs.gnu.org with esmtp (Exim 4.71)
	(envelope-from <quintela@redhat.com>) id 1Zw9sz-0000zU-5E
	for qemu-devel@nongnu.org; Tue, 10 Nov 2015 09:27:01 -0500
Received: from int-mx11.intmail.prod.int.phx2.redhat.com
	(int-mx11.intmail.prod.int.phx2.redhat.com [10.5.11.24])
	by mx1.redhat.com (Postfix) with ESMTPS id DF86CA3B6A
	for <qemu-devel@nongnu.org>; Tue, 10 Nov 2015 14:27:00 +0000 (UTC)
From: Juan Quintela <quintela@redhat.com>
Date: Tue, 10 Nov 2015 15:25:34 +0100
Message-Id: <1447165546-27784-46-git-send-email-quintela@redhat.com>
In-Reply-To: <1447165546-27784-1-git-send-email-quintela@redhat.com>
References: <1447165546-27784-1-git-send-email-quintela@redhat.com>
Subject: [Qemu-devel] [PULL 45/57] postcopy: Check order of received target
	pages
List-Id: <qemu-devel.nongnu.org>
List-Unsubscribe: <https://lists.nongnu.org/mailman/options/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=unsubscribe>
List-Archive: <http://lists.nongnu.org/archive/html/qemu-devel>
List-Post: <mailto:qemu-devel@nongnu.org>
List-Help: <mailto:qemu-devel-request@nongnu.org?subject=help>
List-Subscribe: <https://lists.nongnu.org/mailman/listinfo/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=subscribe>
To: qemu-devel@nongnu.org
Cc: amit.shah@redhat.com, dgilbert@redhat.com

From: "Dr. David Alan Gilbert" <dgilbert@redhat.com>

Ensure that target pages received within a host page are in order.
This shouldn't trigger, but in the cases where the sender goes
wrong and sends stuff out of order it produces a corruption that's
really nasty to debug.

Signed-off-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
Reviewed-by: Juan Quintela <quintela@redhat.com>
Signed-off-by: Juan Quintela <quintela@redhat.com>
---
 migration/ram.c | 11 +++++++++++
 1 file changed, 11 insertions(+)

diff --git a/migration/ram.c b/migration/ram.c
index af5f369..8bf0841 100644
--- a/migration/ram.c
+++ b/migration/ram.c
@@ -2097,6 +2097,7 @@ static int ram_load_postcopy(QEMUFile *f)
     MigrationIncomingState *mis = migration_incoming_get_current();
     /* Temporary page that is later 'placed' */
     void *postcopy_host_page = postcopy_get_tmp_page(mis);
+    void *last_host = NULL;

     while (!ret && !(flags & RAM_SAVE_FLAG_EOS)) {
         ram_addr_t addr;
@@ -2133,8 +2134,17 @@ static int ram_load_postcopy(QEMUFile *f)
             /* If all TP are zero then we can optimise the place */
             if (!((uintptr_t)host & ~qemu_host_page_mask)) {
                 all_zero = true;
+            } else {
+                /* not the 1st TP within the HP */
+                if (host != (last_host + TARGET_PAGE_SIZE)) {
+                    error_report("Non-sequential target page %p/%p\n",
+                                  host, last_host);
+                    ret = -EINVAL;
+                    break;
+                }
             }

+
             /*
              * If it's the last part of a host page then we place the host
              * page
@@ -2143,6 +2153,7 @@ static int ram_load_postcopy(QEMUFile *f)
                                      ~qemu_host_page_mask) == 0;
             place_source = postcopy_host_page;
         }
+        last_host = host;

         switch (flags & ~RAM_SAVE_FLAG_CONTINUE) {
         case RAM_SAVE_FLAG_COMPRESS:
-- 
2.5.0