From patchwork Thu Oct 5 18:03:35 2017 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: Alexandre DERUMIER X-Patchwork-Id: 9987687 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork.web.codeaurora.org (Postfix) with ESMTP id 3FE15602B8 for ; Thu, 5 Oct 2017 18:04:54 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 2E70728D2C for ; Thu, 5 Oct 2017 18:04:54 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id 2302328D26; Thu, 5 Oct 2017 18:04:54 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-6.9 required=2.0 tests=BAYES_00,RCVD_IN_DNSWL_HI autolearn=ham version=3.3.1 Received: from lists.gnu.org (lists.gnu.org [208.118.235.17]) (using TLSv1 with cipher AES256-SHA (256/256 bits)) (No client certificate requested) by mail.wl.linuxfoundation.org (Postfix) with ESMTPS id E48B728D1C for ; Thu, 5 Oct 2017 18:04:52 +0000 (UTC) Received: from localhost ([::1]:41246 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1e0AVu-0002k2-Kf for patchwork-qemu-devel@patchwork.kernel.org; Thu, 05 Oct 2017 14:04:50 -0400 Received: from eggs.gnu.org ([2001:4830:134:3::10]:40640) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1e0AVG-0002jl-DP for qemu-devel@nongnu.org; Thu, 05 Oct 2017 14:04:11 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1e0AVC-0004iu-Ee for qemu-devel@nongnu.org; Thu, 05 Oct 2017 14:04:10 -0400 Received: from mailpro.odiso.net ([89.248.211.110]:60438) by eggs.gnu.org with esmtps (TLS1.0:DHE_RSA_AES_256_CBC_SHA1:32) (Exim 4.71) (envelope-from ) id 1e0AVC-0004bO-7g for qemu-devel@nongnu.org; Thu, 05 Oct 2017 14:04:06 -0400 Received: from localhost (localhost [127.0.0.1]) by mailpro.odiso.net (Postfix) with ESMTP id E1C8E1C6E2DD; Thu, 5 Oct 2017 20:03:35 +0200 (CEST) Received: from mailpro.odiso.net ([127.0.0.1]) by localhost (mailpro.odiso.net [127.0.0.1]) (amavisd-new, port 10032) with ESMTP id 5E82xmAdNmkN; Thu, 5 Oct 2017 20:03:35 +0200 (CEST) Received: from localhost (localhost [127.0.0.1]) by mailpro.odiso.net (Postfix) with ESMTP id C6D0F1C6E2DF; Thu, 5 Oct 2017 20:03:35 +0200 (CEST) X-Virus-Scanned: amavisd-new at mailpro.odiso.com Received: from mailpro.odiso.net ([127.0.0.1]) by localhost (mailpro.odiso.net [127.0.0.1]) (amavisd-new, port 10026) with ESMTP id AN5k5AAnWkQs; Thu, 5 Oct 2017 20:03:35 +0200 (CEST) Received: from mailpro.odiso.net (mailpro.odiso.net [10.1.31.111]) by mailpro.odiso.net (Postfix) with ESMTP id B131B1C6E2DB; Thu, 5 Oct 2017 20:03:35 +0200 (CEST) Date: Thu, 5 Oct 2017 20:03:35 +0200 (CEST) From: Alexandre DERUMIER To: qemu-devel Message-ID: <1275246042.1286537.1507226615699.JavaMail.zimbra@oxygem.tv> In-Reply-To: <20170920060933.11593-1-w.bumiller@proxmox.com> References: <20170920060933.11593-1-w.bumiller@proxmox.com> MIME-Version: 1.0 X-Mailer: Zimbra 8.7.0_GA_1659 (ZimbraWebClient - GC61 (Linux)/8.7.0_GA_1659) Thread-Topic: virtio: fix descriptor counting in virtqueue_pop Thread-Index: nBxuoI55i6McK9kiNPB06cxbYwBi6w== X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic] [fuzzy] X-Received-From: 89.248.211.110 Subject: Re: [Qemu-devel] [PATCH] virtio: fix descriptor counting in virtqueue_pop X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: pbonzini , Wolfgang Bumiller , "Michael S. Tsirkin" Errors-To: qemu-devel-bounces+patchwork-qemu-devel=patchwork.kernel.org@nongnu.org Sender: "Qemu-devel" X-Virus-Scanned: ClamAV using ClamSMTP Hi, has somebody reviewed this patch ? I'm also able de reproduce the vm crash like the proxmox user. This patch is fixing it for me too. Regards, Alexandre ----- Mail original ----- De: "Wolfgang Bumiller" À: "qemu-devel" Cc: "pbonzini" , "Michael S. Tsirkin" Envoyé: Mercredi 20 Septembre 2017 08:09:33 Objet: [Qemu-devel] [PATCH] virtio: fix descriptor counting in virtqueue_pop While changing the s/g list allocation, commit 3b3b0628 also changed the descriptor counting to count iovec entries as split by cpu_physical_memory_map(). Previously only the actual descriptor entries were counted and the split into the iovec happened afterwards in virtqueue_map(). Count the entries again instead to avoid erroneous "Looped descriptor" errors. Reported-by: Hans Middelhoek Link: https://forum.proxmox.com/threads/vm-crash-with-memory-hotplug.35904/ Fixes: 3b3b0628217e ("virtio: slim down allocation of VirtQueueElements") Signed-off-by: Wolfgang Bumiller --- hw/virtio/virtio.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/hw/virtio/virtio.c b/hw/virtio/virtio.c index 890b4d7eb7..33bb770177 100644 --- a/hw/virtio/virtio.c +++ b/hw/virtio/virtio.c @@ -834,7 +834,7 @@ void *virtqueue_pop(VirtQueue *vq, size_t sz) int64_t len; VirtIODevice *vdev = vq->vdev; VirtQueueElement *elem = NULL; - unsigned out_num, in_num; + unsigned out_num, in_num, elem_entries; hwaddr addr[VIRTQUEUE_MAX_SIZE]; struct iovec iov[VIRTQUEUE_MAX_SIZE]; VRingDesc desc; @@ -852,7 +852,7 @@ void *virtqueue_pop(VirtQueue *vq, size_t sz) smp_rmb(); /* When we start there are none of either input nor output. */ - out_num = in_num = 0; + out_num = in_num = elem_entries = 0; max = vq->vring.num; @@ -922,7 +922,7 @@ void *virtqueue_pop(VirtQueue *vq, size_t sz) } /* If we've got too many, that implies a descriptor loop. */ - if ((in_num + out_num) > max) { + if (++elem_entries > max) { virtio_error(vdev, "Looped descriptor"); goto err_undo_map; }