{"id":2225294,"url":"http://patchwork.ozlabs.org/api/1.2/patches/2225294/?format=json","web_url":"http://patchwork.ozlabs.org/project/qemu-devel/patch/20260420200339.708640-12-vsementsov@yandex-team.ru/","project":{"id":14,"url":"http://patchwork.ozlabs.org/api/1.2/projects/14/?format=json","name":"QEMU Development","link_name":"qemu-devel","list_id":"qemu-devel.nongnu.org","list_email":"qemu-devel@nongnu.org","web_url":"","scm_url":"","webscm_url":"","list_archive_url":"","list_archive_url_format":"","commit_url_format":""},"msgid":"<20260420200339.708640-12-vsementsov@yandex-team.ru>","list_archive_url":null,"date":"2026-04-20T20:03:26","name":"[v6,11/22] vhost: make vhost_memory_unmap() null-safe","commit_ref":null,"pull_url":null,"state":"new","archived":false,"hash":"88a63c662f7ce585b584482cc3570ac4e284e465","submitter":{"id":84116,"url":"http://patchwork.ozlabs.org/api/1.2/people/84116/?format=json","name":"Vladimir Sementsov-Ogievskiy","email":"vsementsov@yandex-team.ru"},"delegate":null,"mbox":"http://patchwork.ozlabs.org/project/qemu-devel/patch/20260420200339.708640-12-vsementsov@yandex-team.ru/mbox/","series":[{"id":500672,"url":"http://patchwork.ozlabs.org/api/1.2/series/500672/?format=json","web_url":"http://patchwork.ozlabs.org/project/qemu-devel/list/?series=500672","date":"2026-04-20T20:03:18","name":"vhost refactoring and fixes","version":6,"mbox":"http://patchwork.ozlabs.org/series/500672/mbox/"}],"comments":"http://patchwork.ozlabs.org/api/patches/2225294/comments/","check":"pending","checks":"http://patchwork.ozlabs.org/api/patches/2225294/checks/","tags":{},"related":[],"headers":{"Return-Path":"","X-Original-To":"incoming@patchwork.ozlabs.org","Delivered-To":"patchwork-incoming@legolas.ozlabs.org","Authentication-Results":["legolas.ozlabs.org;\n\tdkim=pass (1024-bit key;\n unprotected) header.d=yandex-team.ru header.i=@yandex-team.ru\n header.a=rsa-sha256 header.s=default header.b=c+uUBiH9;\n\tdkim-atps=neutral","legolas.ozlabs.org;\n spf=pass (sender SPF authorized) smtp.mailfrom=nongnu.org\n (client-ip=209.51.188.17; helo=lists1p.gnu.org;\n envelope-from=qemu-devel-bounces+incoming=patchwork.ozlabs.org@nongnu.org;\n receiver=patchwork.ozlabs.org)","mail-nwsmtp-smtp-corp-main-68.klg.yp-c.yandex.net;\n dkim=pass header.i=@yandex-team.ru"],"Received":["from lists1p.gnu.org (lists1p.gnu.org [209.51.188.17])\n\t(using TLSv1.2 with cipher ECDHE-ECDSA-AES256-GCM-SHA384 (256/256 bits))\n\t(No client certificate requested)\n\tby legolas.ozlabs.org (Postfix) with ESMTPS id 4fzxK81ySJz1yD4\n\tfor ; Tue, 21 Apr 2026 06:04:28 +1000 (AEST)","from localhost ([::1] helo=lists1p.gnu.org)\n\tby lists1p.gnu.org with esmtp (Exim 4.90_1)\n\t(envelope-from )\n\tid 1wEuqw-0001Ub-RJ; Mon, 20 Apr 2026 16:04:18 -0400","from eggs.gnu.org ([2001:470:142:3::10])\n by lists1p.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)\n (Exim 4.90_1) (envelope-from )\n id 1wEuqo-0001Mh-0G\n for qemu-devel@nongnu.org; Mon, 20 Apr 2026 16:04:11 -0400","from forwardcorp1d.mail.yandex.net ([178.154.239.200])\n by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)\n (Exim 4.90_1) (envelope-from )\n id 1wEuql-0001rH-06\n for qemu-devel@nongnu.org; Mon, 20 Apr 2026 16:04:08 -0400","from mail-nwsmtp-smtp-corp-main-68.klg.yp-c.yandex.net\n (mail-nwsmtp-smtp-corp-main-68.klg.yp-c.yandex.net\n [IPv6:2a02:6b8:c42:94a9:0:640:a3fa:0])\n by forwardcorp1d.mail.yandex.net (Yandex) with ESMTPS id 954B98075E;\n Mon, 20 Apr 2026 23:04:05 +0300 (MSK)","from vsementsov-lin (unknown [2a02:6bf:8080:54b::1:34])\n by mail-nwsmtp-smtp-corp-main-68.klg.yp-c.yandex.net (smtpcorp) with ESMTPSA\n id f3YMX10K1Sw0-GmkwQ0HG; Mon, 20 Apr 2026 23:04:04 +0300"],"Precedence":"bulk","X-Yandex-Fwd":"1","DKIM-Signature":"v=1; a=rsa-sha256; c=relaxed/relaxed; d=yandex-team.ru;\n s=default; t=1776715445;\n bh=uXIHNL9MutPa4LnUI29ZbTfFKnQQj49Z1ngH4e7u84w=;\n h=Message-ID:Date:In-Reply-To:Cc:Subject:References:To:From;\n b=c+uUBiH907IjVXJw1zl5uBESeVKMUBqxxRWS1cnHC/XwXtxZJ5MEUW/2Lq+7q5NWD\n hwjYgMJBQhVGf77y0c5+y4Y2RgGtujS5zHlJJL8q32TVCsNVqF7s/T0WEPYdm5PKgj\n sg6sKhUJ/iOwz4nW3f6LQaTXq5Yeh3wgVolKUxvU=","From":"Vladimir Sementsov-Ogievskiy ","To":"mst@redhat.com","Cc":"sgarzare@redhat.com, raphael@enfabrica.net, qemu-devel@nongnu.org,\n vsementsov@yandex-team.ru, yc-core@yandex-team.ru,\n d-tatianin@yandex-team.ru, Raphael Norwitz ","Subject":"[PATCH v6 11/22] vhost: make vhost_memory_unmap() null-safe","Date":"Mon, 20 Apr 2026 23:03:26 +0300","Message-ID":"<20260420200339.708640-12-vsementsov@yandex-team.ru>","X-Mailer":"git-send-email 2.52.0","In-Reply-To":"<20260420200339.708640-1-vsementsov@yandex-team.ru>","References":"<20260420200339.708640-1-vsementsov@yandex-team.ru>","MIME-Version":"1.0","Content-Transfer-Encoding":"8bit","Received-SPF":"pass client-ip=178.154.239.200;\n envelope-from=vsementsov@yandex-team.ru; helo=forwardcorp1d.mail.yandex.net","X-Spam_score_int":"-20","X-Spam_score":"-2.1","X-Spam_bar":"--","X-Spam_report":"(-2.1 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1,\n DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, SPF_HELO_NONE=0.001,\n SPF_PASS=-0.001 autolearn=ham autolearn_force=no","X-Spam_action":"no action","X-BeenThere":"qemu-devel@nongnu.org","X-Mailman-Version":"2.1.29","List-Id":"qemu development ","List-Unsubscribe":",\n ","List-Archive":"","List-Post":"","List-Help":"","List-Subscribe":",\n ","Errors-To":"qemu-devel-bounces+incoming=patchwork.ozlabs.org@nongnu.org","Sender":"qemu-devel-bounces+incoming=patchwork.ozlabs.org@nongnu.org"},"content":"This helps to simplify failure paths of vhost_virtqueue_start()\na lot. We also need to zero-out pointers on unmap, to not try\nto unmap invalid pointers.\n\nSigned-off-by: Vladimir Sementsov-Ogievskiy \nReviewed-by: Daniil Tatianin \nReviewed-by: Raphael Norwitz \n---\n hw/virtio/vhost.c | 41 +++++++++++++++++++++--------------------\n 1 file changed, 21 insertions(+), 20 deletions(-)","diff":"diff --git a/hw/virtio/vhost.c b/hw/virtio/vhost.c\nindex 131a2fbf870..b9b7a984e33 100644\n--- a/hw/virtio/vhost.c\n+++ b/hw/virtio/vhost.c\n@@ -473,14 +473,20 @@ static void *vhost_memory_map(struct vhost_dev *dev, hwaddr addr,\n }\n }\n \n-static void vhost_memory_unmap(struct vhost_dev *dev, void *buffer,\n+static void vhost_memory_unmap(struct vhost_dev *dev, void **buffer,\n hwaddr len, int is_write,\n hwaddr access_len)\n {\n+ if (!*buffer) {\n+ return;\n+ }\n+\n if (!vhost_dev_has_iommu(dev)) {\n- address_space_unmap(dev->vdev->dma_as, buffer, len, is_write,\n+ address_space_unmap(dev->vdev->dma_as, *buffer, len, is_write,\n access_len);\n }\n+\n+ *buffer = NULL;\n }\n \n static int vhost_verify_ring_part_mapping(void *ring_hva,\n@@ -1324,33 +1330,33 @@ int vhost_virtqueue_start(struct vhost_dev *dev,\n vq->desc = vhost_memory_map(dev, vq->desc_phys, l, false);\n if (!vq->desc) {\n r = -ENOMEM;\n- goto fail_alloc_desc;\n+ goto fail;\n }\n \n l = vq->avail_size;\n vq->avail = vhost_memory_map(dev, vq->avail_phys, l, false);\n if (!vq->avail) {\n r = -ENOMEM;\n- goto fail_alloc_avail;\n+ goto fail;\n }\n \n l = vq->used_size;\n vq->used = vhost_memory_map(dev, vq->used_phys, l, true);\n if (!vq->used) {\n r = -ENOMEM;\n- goto fail_alloc_used;\n+ goto fail;\n }\n \n r = vhost_virtqueue_set_addr(dev, vq, vhost_vq_index, dev->log_enabled);\n if (r < 0) {\n- goto fail_alloc;\n+ goto fail;\n }\n \n file.fd = event_notifier_get_fd(virtio_queue_get_host_notifier(vvq));\n r = dev->vhost_ops->vhost_set_vring_kick(dev, &file);\n if (r) {\n VHOST_OPS_DEBUG(r, \"vhost_set_vring_kick failed\");\n- goto fail_kick;\n+ goto fail;\n }\n \n /* Clear and discard previous events if any. */\n@@ -1370,24 +1376,19 @@ int vhost_virtqueue_start(struct vhost_dev *dev,\n file.fd = -1;\n r = dev->vhost_ops->vhost_set_vring_call(dev, &file);\n if (r) {\n- goto fail_vector;\n+ goto fail;\n }\n }\n \n return 0;\n \n-fail_vector:\n-fail_kick:\n-fail_alloc:\n- vhost_memory_unmap(dev, vq->used, virtio_queue_get_used_size(vdev, idx),\n+fail:\n+ vhost_memory_unmap(dev, &vq->used, virtio_queue_get_used_size(vdev, idx),\n 0, 0);\n-fail_alloc_used:\n- vhost_memory_unmap(dev, vq->avail, virtio_queue_get_avail_size(vdev, idx),\n+ vhost_memory_unmap(dev, &vq->avail, virtio_queue_get_avail_size(vdev, idx),\n 0, 0);\n-fail_alloc_avail:\n- vhost_memory_unmap(dev, vq->desc, virtio_queue_get_desc_size(vdev, idx),\n+ vhost_memory_unmap(dev, &vq->desc, virtio_queue_get_desc_size(vdev, idx),\n 0, 0);\n-fail_alloc_desc:\n return r;\n }\n \n@@ -1434,11 +1435,11 @@ static int do_vhost_virtqueue_stop(struct vhost_dev *dev,\n vhost_vq_index);\n }\n \n- vhost_memory_unmap(dev, vq->used, virtio_queue_get_used_size(vdev, idx),\n+ vhost_memory_unmap(dev, &vq->used, virtio_queue_get_used_size(vdev, idx),\n 1, virtio_queue_get_used_size(vdev, idx));\n- vhost_memory_unmap(dev, vq->avail, virtio_queue_get_avail_size(vdev, idx),\n+ vhost_memory_unmap(dev, &vq->avail, virtio_queue_get_avail_size(vdev, idx),\n 0, virtio_queue_get_avail_size(vdev, idx));\n- vhost_memory_unmap(dev, vq->desc, virtio_queue_get_desc_size(vdev, idx),\n+ vhost_memory_unmap(dev, &vq->desc, virtio_queue_get_desc_size(vdev, idx),\n 0, virtio_queue_get_desc_size(vdev, idx));\n return r;\n }\n","prefixes":["v6","11/22"]}