From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from eggs.gnu.org ([2001:4830:134:3::10]:49762) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1a74TK-0004BG-MC for qemu-devel@nongnu.org; Thu, 10 Dec 2015 11:53:39 -0500 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1a74TJ-0006PO-My for qemu-devel@nongnu.org; Thu, 10 Dec 2015 11:53:38 -0500 Received: from mail-vk0-x229.google.com ([2607:f8b0:400c:c05::229]:32854) by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1a74TJ-0006P4-JZ for qemu-devel@nongnu.org; Thu, 10 Dec 2015 11:53:37 -0500 Received: by vkca188 with SMTP id a188so91541753vkc.0 for ; Thu, 10 Dec 2015 08:53:37 -0800 (PST) MIME-Version: 1.0 In-Reply-To: <1449765106-6528-1-git-send-email-dgilbert@redhat.com> References: <1449765106-6528-1-git-send-email-dgilbert@redhat.com> From: Peter Maydell Date: Thu, 10 Dec 2015 16:53:17 +0000 Message-ID: Content-Type: text/plain; charset=UTF-8 Subject: Re: [Qemu-devel] [PATCH] Fix xbzrle vs last_sent_block update List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , To: "Dr. David Alan Gilbert (git)" Cc: Amit Shah , QEMU Developers , Juan Quintela On 10 December 2015 at 16:31, Dr. David Alan Gilbert (git) wrote: > From: "Dr. David Alan Gilbert" > > My fix (84e7b80a) replaced the last_sent_block update that I'd > removed earlier; however it was too aggressive in the xbzrle case. > > save_xbzrle_page might return '0' to mean that the page didn't > need sending since it was the same as the last sent version; > in this case we can't update 'last_sent_block' since we didn't > actually send it. > > Symptom: 'Illegal RAM offset 1018000' as we try and send a page > to the wrong RAMBlock; potentially that could be a data > corruption if you were really unlucky. > > Fixes: 84e7b80a05c0c44b90533c6cd2f1db5c932ccf77 > > Signed-off-by: Dr. David Alan Gilbert > --- > migration/ram.c | 11 ++++++++++- > 1 file changed, 10 insertions(+), 1 deletion(-) > > diff --git a/migration/ram.c b/migration/ram.c > index 1eb155a..0490f00 100644 > --- a/migration/ram.c > +++ b/migration/ram.c > @@ -716,6 +716,9 @@ static int save_zero_page(QEMUFile *f, RAMBlock *block, ram_addr_t offset, > * ram_save_page: Send the given page to the stream > * > * Returns: Number of pages written. > + * < 0 - error > + * >=0 - Number of pages written - this might legally be 0 > + * if xbzrle noticed the page was the same. > * > * @f: QEMUFile where to send the data > * @block: block that contains the page we want to send > @@ -1249,7 +1252,13 @@ static int ram_save_target_page(MigrationState *ms, QEMUFile *f, > if (unsentmap) { > clear_bit(dirty_ram_abs >> TARGET_PAGE_BITS, unsentmap); > } > - last_sent_block = block; > + /* Only update last_sent_block if a block was actually sent; xbzrle > + * might have decided the page was identical so didn't bother writing > + * to the stream. > + */ > + if (res > 0) { > + last_sent_block = block; > + } > } > > return res; This sounds like we should probably put this into 2.5; I'm happy to do so if it gets review by tomorrow afternoon and Juan/Amit agree. thanks -- PMM