| Message ID | 1409743435-21155-8-git-send-email-famz@redhat.com |
|---|---|
| State | New |
| Headers | show |
Il 03/09/2014 13:23, Fam Zheng ha scritto: > Not all the iov elements are always valid. > > Signed-off-by: Fam Zheng <famz@redhat.com> > --- > dma-helpers.c | 3 +++ > 1 file changed, 3 insertions(+) > > diff --git a/dma-helpers.c b/dma-helpers.c > index 499b52b..3655d88 100644 > --- a/dma-helpers.c > +++ b/dma-helpers.c > @@ -105,6 +105,9 @@ static void dma_bdrv_unmap(DMAAIOCB *dbs) > int i; > > for (i = 0; i < dbs->iov.niov; ++i) { > + if (!(dbs->iov.iov[i].iov_base && dbs->iov.iov[i].iov_len)) { > + break; > + } > dma_memory_unmap(dbs->sg->as, dbs->iov.iov[i].iov_base, > dbs->iov.iov[i].iov_len, dbs->dir, > dbs->iov.iov[i].iov_len); > Why is this needed by this patch series? Also, the only addition to iov is here in dma_bdrv_cb: mem = dma_memory_map(dbs->sg->as, cur_addr, &cur_len, dbs->dir); if (!mem) break; qemu_iovec_add(&dbs->iov, mem, cur_len); so iov_base cannot be NULL. If cur_len is zero after dma_memory_map returns, mem should be NULL too. If cur_len is zero before dma_memory_map is invoked, address_space_map (and thus dma_memory_map) will return NULL too. However, in this case exiting the loop is wrong. Perhaps it's better to add an if() in dma_bdrv_cb that checks for cur_len == 0. Paolo
diff --git a/dma-helpers.c b/dma-helpers.c index 499b52b..3655d88 100644 --- a/dma-helpers.c +++ b/dma-helpers.c @@ -105,6 +105,9 @@ static void dma_bdrv_unmap(DMAAIOCB *dbs) int i; for (i = 0; i < dbs->iov.niov; ++i) { + if (!(dbs->iov.iov[i].iov_base && dbs->iov.iov[i].iov_len)) { + break; + } dma_memory_unmap(dbs->sg->as, dbs->iov.iov[i].iov_base, dbs->iov.iov[i].iov_len, dbs->dir, dbs->iov.iov[i].iov_len);
Not all the iov elements are always valid. Signed-off-by: Fam Zheng <famz@redhat.com> --- dma-helpers.c | 3 +++ 1 file changed, 3 insertions(+)