[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Qemu-devel] [PATCH v2 1/6] virtio: assert on ->inuse underflow
From: |
Roman Kagan |
Subject: |
[Qemu-devel] [PATCH v2 1/6] virtio: assert on ->inuse underflow |
Date: |
Fri, 19 Aug 2016 16:39:20 +0300 |
Make sure that ->inuse counter on virtqueue never goes negative.
This complements commit afd9096eb1882f23929f5b5c177898ed231bac66,
"virtio: error out if guest exceeds virtqueue size", which, due to
signed ->inuse comparison against unsigned ->vring.num, manifested a bug
in virtio-balloon where virtqueue_push() was called before the matching
virtqueu_pop(). [That problem will be addressed in followup patches].
Signed-off-by: Roman Kagan <address@hidden>
Cc: "Michael S. Tsirkin" <address@hidden>
Cc: Ladi Prosek <address@hidden>
Cc: Stefan Hajnoczi <address@hidden>
---
hw/virtio/virtio.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/hw/virtio/virtio.c b/hw/virtio/virtio.c
index 15ee3a7..7a57857 100644
--- a/hw/virtio/virtio.c
+++ b/hw/virtio/virtio.c
@@ -92,7 +92,7 @@ struct VirtQueue
uint16_t queue_index;
- int inuse;
+ unsigned int inuse;
uint16_t vector;
VirtIOHandleOutput handle_output;
@@ -290,6 +290,7 @@ void virtqueue_fill(VirtQueue *vq, const VirtQueueElement
*elem,
void virtqueue_flush(VirtQueue *vq, unsigned int count)
{
uint16_t old, new;
+ assert(vq->inuse >= count);
/* Make sure buffer is written before we update index. */
smp_wmb();
trace_virtqueue_flush(vq, count);
--
2.7.4
- [Qemu-devel] [PATCH v2 0/6] virtio-balloon: assorted fixes, Roman Kagan, 2016/08/19
- [Qemu-devel] [PATCH v2 2/6] virtio-balloon: make stats virtqueue length 1, Roman Kagan, 2016/08/19
- [Qemu-devel] [PATCH v2 4/6] virtio-balloon: keep collecting stats on save/restore, Roman Kagan, 2016/08/19
- Re: [Qemu-devel] [PATCH v2 0/6] virtio-balloon: assorted fixes, Roman Kagan, 2016/08/19
- [Qemu-devel] [PATCH v2 5/6] virtio-balloon: drop ->stats_vq_offset, Roman Kagan, 2016/08/19
- [Qemu-devel] [PATCH v2 6/6] virtio-balloon: drop reset handler, Roman Kagan, 2016/08/19
- [Qemu-devel] [PATCH v2 6/6] virtio-ballon: drop reset handler, Roman Kagan, 2016/08/19
- [Qemu-devel] [PATCH v2 3/6] virtio-balloon: don't restart stats timer in callback, Roman Kagan, 2016/08/19
- [Qemu-devel] [PATCH v2 1/6] virtio: assert on ->inuse underflow,
Roman Kagan <=