From patchwork Fri Nov 8 14:31:33 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: Alexey Romko X-Patchwork-Id: 1191927 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=pass (sender SPF authorized) smtp.mailfrom=nongnu.org (client-ip=209.51.188.17; helo=lists.gnu.org; envelope-from=qemu-devel-bounces+incoming=patchwork.ozlabs.org@nongnu.org; receiver=) Authentication-Results: ozlabs.org; dmarc=pass (p=reject dis=none) header.from=yahoo.com Authentication-Results: ozlabs.org; dkim=pass (2048-bit key; unprotected) header.d=yahoo.com header.i=@yahoo.com header.b="jHveOhHl"; dkim-atps=neutral Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 478jZg0Mvtz9s4Y for ; Sat, 9 Nov 2019 01:39:07 +1100 (AEDT) Received: from localhost ([::1]:55392 helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1iT5Pk-0003wu-Pf for incoming@patchwork.ozlabs.org; Fri, 08 Nov 2019 09:39:04 -0500 Received: from eggs.gnu.org ([2001:470:142:3::10]:39516) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1iT5Ke-0006nL-6B for qemu-devel@nongnu.org; Fri, 08 Nov 2019 09:33:49 -0500 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1iT5KZ-0004zZ-Pv for qemu-devel@nongnu.org; Fri, 08 Nov 2019 09:33:47 -0500 Received: from sonic306-47.consmr.mail.ir2.yahoo.com ([77.238.176.233]:38085) by eggs.gnu.org with esmtps (TLS1.0:RSA_AES_128_CBC_SHA1:16) (Exim 4.71) (envelope-from ) id 1iT5KZ-0004z9-Aa for qemu-devel@nongnu.org; Fri, 08 Nov 2019 09:33:43 -0500 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1573223620; bh=baYfIi9A6dMF+sYwP6ZzKExyZf9a8z+bpNkyKLdXtjI=; h=Date:From:To:Cc:Subject:References:From:Subject; b=jHveOhHlxNuVkq1QshUqYryM7ZPKrokeJJ0ewg/Z9FN4/Qmc+v9Bl5rRrCA9lsTselvCWb9IQP3xooLpvIpw1zdMKPcL9rvkOTxBu/3kdukCTu9g31dQIkI+noO4FyJuJzaOkShFKlcV0yQkH6R5IUPDHHsnJ6w01U/RkrLaFl4U5AOsXCC/DzHWUDT7lHU3uUQonUxI65nG4Apur/zqDnt2+TaelepPZFgeVMhjpGjHuOMPu04y/7v+ppEtu0Kqj0hE7bGyKJSUIZwYERtwN0uyHxfPPsCupP90hpWbKaXh7JauILHrcCYzgb/gzoD8Omm82CoqZLeIlFx15ZLCPA== X-YMail-OSG: lCxido4VM1ngfUiF6_TPnH9Oh6bTKTcYTYg0MsZj3fWd8BMR5HrVusrg1vvLOk6 sbdPF3G6PndWQbelbx1ik1u2tux.D0ssOHGduH.HxU1t7.R95Gh0fftVXREgkEULm8nbM1pBwOoA 2Tl6O15GDhJt0OiFikXZ8.G4tCfKzqaQDmFJCMhjSOO21N5obpzdthPBnCcpTNvKrt_tDB7rMQFq tN1hyMy4Prud0jZFrVnSMiRGEpDRVgUWlOzsdxILEWX5s106yU409dAPkh_IC2OGS3fZR_lPmPUa 5h9bkxy91isQPn473PENPr4VjxQv_xQGBUd1R38hoID8m5KXO5XXPNpp8H3ddIYEmmyOO0wMDNNx ppmCclIg0RmCpD0iII3GAi2UwbutKkvuLz6TQZ5JCdrdLaenl_xoIsrXrwdlCJiyd4USe.zfTdcJ apxPd6ri5feAp7uBuXX1rCuLgzLADfyMnW4nw7Trd.a6IXuJyQLz6YJEpCmrZWuNjuFqSReYvCTd 8OnlXPV8Utn_l1beYsxDuKfELJRpa_ubPF6G42loYQYTGVLWW.O3V.PwwZ9_cIkEVvRBFPbF5gxL 7NeEqxYH2T6zzS41Bp1dwEvlGNuBJY2YNJ1PC45aW2fipg1pM_yGAOGpCvY_EZqczHjd..H741Wy MnGiSu0ZolUU77ybqfBXkBH3CUSxr3XVF0raZLL40YJXdk5mWyBtIv0GUC3iLGJbIU1s9LpyNAC4 vnYm91MSspuHn4hZPjt1yma974.pOex3Av5puCJDiZl0d9mn6LrMR0x9QcL8rG70WY2PcQvX9Gaq Xp1B7ZjYCU153nblVfs1chIImJ4g3yJaP_s_Zzu6Prw0HipvroMxPJbGoGb5Kourxeb2J6XYHdK0 vIV9AK97.QUK3d9hoEafXm.OgOsrzKcHJ5yPHp927ShSMr5BDXbCZi01AhwQIu08GT.GZccGSx4E 9nmmYq6V_DewZmWJSHzxRb4HL6iHdqsFwYwi6LQYcT7HHE5Y0sXRjdVr69XHQPmxoQCWjxT2Q98z BIGBF_5yE_xvzJUqagNcZv8SLm5p7KyGH50JVfZ2VT94R.o5ebGbpE2.Dlnih1I9YP2zqtQXVrgi 2q7.SXwIg0SBxUPbVXiLBmyikTu0ZG6tmdfMyyn25zY9LddXQjuCp1H1r0egYjCA.5G_Z965CtdP _4aD7pZTcHpbRXx3ZKJhQKzZ8CXtFIlqERo1scXgo1EJwsUsXXC0S2ecJCppkR5qQaKQu2rrT9q1 PmAAgJj0dmz14ZAibkgjERpT8dB3a9FCJJuBbaG8Ceip_QbEIaoQy.OaUuaFUcAsFW9zFsmxgZC_ JUsCHwnYAyb.A6k15ObHBj53SowJWNBCyaG2O Received: from sonic.gate.mail.ne1.yahoo.com by sonic306.consmr.mail.ir2.yahoo.com with HTTP; Fri, 8 Nov 2019 14:33:40 +0000 Date: Fri, 8 Nov 2019 14:31:33 +0000 (UTC) From: - - To: "qemu-devel@nongnu.org" Cc: "dgilbert@redhat.com" Message-ID: <694638341.1321046.1573223493407@mail.yahoo.com> Subject: [PATCH] Bug #1829242 correction MIME-Version: 1.0 References: <694638341.1321046.1573223493407.ref@mail.yahoo.com> X-Mailer: WebService/1.1.14680 YMailNorrin Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/76.0.3809.132 Safari/537.36 OPR/63.0.3368.94 X-detected-operating-system: by eggs.gnu.org: GNU/Linux 3.x [fuzzy] X-Received-From: 77.238.176.233 X-Mailman-Approved-At: Fri, 08 Nov 2019 09:34:18 -0500 X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+incoming=patchwork.ozlabs.org@nongnu.org Sender: "Qemu-devel" Bug #1829242 correction. Added type conversions to ram_addr_t before all left shifts of page indexes to TARGET_PAGE_BITS, to correct overflows when the page address was 4Gb and more. Signed-off-by: Alexey Romko Reviewed-by: Dr. David Alan Gilbert Reviewed-by: Juan Quintela ---  migration/ram.c | 22 +++++++++++-----------  1 file changed, 11 insertions(+), 11 deletions(-) --  2.15.0.windows.1 diff --git a/migration/ram.c b/migration/ram.c index 5078f94490..90a09de620 100644 --- a/migration/ram.c +++ b/migration/ram.c @@ -1730,7 +1730,7 @@ static inline bool migration_bitmap_clear_dirty(RAMState *rs,      if (rb->clear_bmap && clear_bmap_test_and_clear(rb, page)) {          uint8_t shift = rb->clear_bmap_shift;          hwaddr size = 1ULL << (TARGET_PAGE_BITS + shift); -        hwaddr start = (page << TARGET_PAGE_BITS) & (-size); +        hwaddr start = (((ram_addr_t)page) << TARGET_PAGE_BITS) & (-size);            /*           * CLEAR_BITMAP_SHIFT_MIN should always guarantee this... this @@ -1967,7 +1967,7 @@ static void ram_release_pages(const char *rbname, uint64_t offset, int pages)          return;      }   -    ram_discard_range(rbname, offset, pages << TARGET_PAGE_BITS); +    ram_discard_range(rbname, offset, ((ram_addr_t)pages) << TARGET_PAGE_BITS);  }    /* @@ -2055,7 +2055,7 @@ static int ram_save_page(RAMState *rs, PageSearchStatus *pss, bool last_stage)      uint8_t *p;      bool send_async = true;      RAMBlock *block = pss->block; -    ram_addr_t offset = pss->page << TARGET_PAGE_BITS; +    ram_addr_t offset = ((ram_addr_t)pss->page) << TARGET_PAGE_BITS;      ram_addr_t current_addr = block->offset + offset;        p = block->host + offset; @@ -2242,7 +2242,7 @@ static bool find_dirty_block(RAMState *rs, PageSearchStatus *pss, bool *again)          *again = false;          return false;      } -    if ((pss->page << TARGET_PAGE_BITS) >= pss->block->used_length) { +    if ((((ram_addr_t)pss->page) << TARGET_PAGE_BITS) >= pss->block->used_length) {          /* Didn't find anything in this RAM Block */          pss->page = 0;          pss->block = QLIST_NEXT_RCU(pss->block, next); @@ -2536,7 +2536,7 @@ static int ram_save_target_page(RAMState *rs, PageSearchStatus *pss,                                  bool last_stage)  {      RAMBlock *block = pss->block; -    ram_addr_t offset = pss->page << TARGET_PAGE_BITS; +    ram_addr_t offset = ((ram_addr_t)pss->page) << TARGET_PAGE_BITS;      int res;        if (control_save_page(rs, block, offset, &res)) { @@ -2617,7 +2617,7 @@ static int ram_save_host_page(RAMState *rs, PageSearchStatus *pss,          pages += tmppages;          pss->page++;      } while ((pss->page & (pagesize_bits - 1)) && -             offset_in_ramblock(pss->block, pss->page << TARGET_PAGE_BITS)); +             offset_in_ramblock(pss->block, ((ram_addr_t)pss->page) << TARGET_PAGE_BITS));        /* The offset we leave with is the last one we looked at */      pss->page--; @@ -2834,8 +2834,8 @@ void ram_postcopy_migrated_memory_release(MigrationState *ms)            while (run_start < range) {              unsigned long run_end = find_next_bit(bitmap, range, run_start + 1); -            ram_discard_range(block->idstr, run_start << TARGET_PAGE_BITS, -                              (run_end - run_start) << TARGET_PAGE_BITS); +            ram_discard_range(block->idstr, ((ram_addr_t)run_start) << TARGET_PAGE_BITS, +                              ((ram_addr_t)(run_end - run_start)) << TARGET_PAGE_BITS);              run_start = find_next_zero_bit(bitmap, range, run_end + 1);          }      } @@ -4201,13 +4201,13 @@ static void colo_flush_ram_cache(void)          while (block) {              offset = migration_bitmap_find_dirty(ram_state, block, offset);   -            if (offset << TARGET_PAGE_BITS >= block->used_length) { +            if (((ram_addr_t)offset) << TARGET_PAGE_BITS >= block->used_length) {                  offset = 0;                  block = QLIST_NEXT_RCU(block, next);              } else {                  migration_bitmap_clear_dirty(ram_state, block, offset); -                dst_host = block->host + (offset << TARGET_PAGE_BITS); -                src_host = block->colo_cache + (offset << TARGET_PAGE_BITS); +                dst_host = block->host + (((ram_addr_t)offset) << TARGET_PAGE_BITS); +                src_host = block->colo_cache + (((ram_addr_t)offset) << TARGET_PAGE_BITS);                  memcpy(dst_host, src_host, TARGET_PAGE_SIZE);              }          }