qemu-devel.nongnu.org archive mirror
 help / color / mirror / Atom feed
* [Qemu-devel] [PATCH] virtio: allow mapping up to max queue size
@ 2014-05-12  9:08 Michael S. Tsirkin
  2014-05-13  8:57 ` Dr. David Alan Gilbert
  2014-05-13 12:03 ` Stefan Hajnoczi
  0 siblings, 2 replies; 3+ messages in thread
From: Michael S. Tsirkin @ 2014-05-12  9:08 UTC (permalink / raw)
  To: qemu-devel
  Cc: peter.maydell, stefanha, Dr. David Alan Gilbert, Anthony Liguori,
	qemu-stable

It's a loop from i < num_sg  and the array is VIRTQUEUE_MAX_SIZE - so
it's OK if the value read is VIRTQUEUE_MAX_SIZE.

Not a big problem in practice as people don't use
such big queues, but it's inelegant.

Reported-by: "Dr. David Alan Gilbert" <dgilbert@redhat.com>
Cc: qemu-stable@nongnu.org
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
---
 hw/virtio/virtio.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/hw/virtio/virtio.c b/hw/virtio/virtio.c
index 7f4e7ec..3557c17 100644
--- a/hw/virtio/virtio.c
+++ b/hw/virtio/virtio.c
@@ -430,7 +430,7 @@ void virtqueue_map_sg(struct iovec *sg, hwaddr *addr,
     unsigned int i;
     hwaddr len;
 
-    if (num_sg >= VIRTQUEUE_MAX_SIZE) {
+    if (num_sg > VIRTQUEUE_MAX_SIZE) {
         error_report("virtio: map attempt out of bounds: %zd > %d",
                      num_sg, VIRTQUEUE_MAX_SIZE);
         exit(1);
-- 
MST

^ permalink raw reply related	[flat|nested] 3+ messages in thread
end of thread, other threads:[~2014-05-13 12:03 UTC | newest]

Thread overview: 3+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2014-05-12  9:08 [Qemu-devel] [PATCH] virtio: allow mapping up to max queue size Michael S. Tsirkin
2014-05-13  8:57 ` Dr. David Alan Gilbert
2014-05-13 12:03 ` Stefan Hajnoczi

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).