From: Juan Quintela <quintela@redhat.com>
To: qemu-devel@nongnu.org
Cc: "Laurent Vivier" <lvivier@redhat.com>,
"Peter Maydell" <peter.maydell@linaro.org>,
"Thomas Huth" <thuth@redhat.com>,
"Corey Minyard" <cminyard@mvista.com>,
"Daniel P. Berrangé" <berrange@redhat.com>,
"Eduardo Habkost" <ehabkost@redhat.com>,
"Juan Quintela" <quintela@redhat.com>,
"Stefan Weil" <sw@weilnetz.de>,
"Jason Wang" <jasowang@redhat.com>,
"Michael S. Tsirkin" <mst@redhat.com>,
"Alexey Romko" <nevilad@yahoo.com>,
"Dr. David Alan Gilbert" <dgilbert@redhat.com>,
"Stefan Berger" <stefanb@linux.ibm.com>,
qemu-arm@nongnu.org, qemu-ppc@nongnu.org,
"Marc-André Lureau" <marcandre.lureau@redhat.com>,
"Paolo Bonzini" <pbonzini@redhat.com>,
"Richard Henderson" <rth@twiddle.net>,
"David Gibson" <david@gibson.dropbear.id.au>
Subject: [PULL 26/30] Bug #1829242 correction.
Date: Tue, 14 Jan 2020 13:52:50 +0100 [thread overview]
Message-ID: <20200114125254.4515-27-quintela@redhat.com> (raw)
In-Reply-To: <20200114125254.4515-1-quintela@redhat.com>
From: Alexey Romko <nevilad@yahoo.com>
Added type conversions to ram_addr_t before all left shifts of page
indexes to TARGET_PAGE_BITS, to correct overflows when the page
address was 4Gb and more.
Signed-off-by: Alexey Romko <nevilad@yahoo.com>
Reviewed-by: Juan Quintela <quintela@redhat.com>
Reviewed-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
Signed-off-by: Juan Quintela <quintela@redhat.com>
---
migration/ram.c | 29 ++++++++++++++++++-----------
1 file changed, 18 insertions(+), 11 deletions(-)
diff --git a/migration/ram.c b/migration/ram.c
index 0e1d95cd73..ba6e0eea15 100644
--- a/migration/ram.c
+++ b/migration/ram.c
@@ -1768,7 +1768,7 @@ static inline bool migration_bitmap_clear_dirty(RAMState *rs,
if (rb->clear_bmap && clear_bmap_test_and_clear(rb, page)) {
uint8_t shift = rb->clear_bmap_shift;
hwaddr size = 1ULL << (TARGET_PAGE_BITS + shift);
- hwaddr start = (page << TARGET_PAGE_BITS) & (-size);
+ hwaddr start = (((ram_addr_t)page) << TARGET_PAGE_BITS) & (-size);
/*
* CLEAR_BITMAP_SHIFT_MIN should always guarantee this... this
@@ -2005,7 +2005,7 @@ static void ram_release_pages(const char *rbname, uint64_t offset, int pages)
return;
}
- ram_discard_range(rbname, offset, pages << TARGET_PAGE_BITS);
+ ram_discard_range(rbname, offset, ((ram_addr_t)pages) << TARGET_PAGE_BITS);
}
/*
@@ -2093,7 +2093,7 @@ static int ram_save_page(RAMState *rs, PageSearchStatus *pss, bool last_stage)
uint8_t *p;
bool send_async = true;
RAMBlock *block = pss->block;
- ram_addr_t offset = pss->page << TARGET_PAGE_BITS;
+ ram_addr_t offset = ((ram_addr_t)pss->page) << TARGET_PAGE_BITS;
ram_addr_t current_addr = block->offset + offset;
p = block->host + offset;
@@ -2280,7 +2280,8 @@ static bool find_dirty_block(RAMState *rs, PageSearchStatus *pss, bool *again)
*again = false;
return false;
}
- if ((pss->page << TARGET_PAGE_BITS) >= pss->block->used_length) {
+ if ((((ram_addr_t)pss->page) << TARGET_PAGE_BITS)
+ >= pss->block->used_length) {
/* Didn't find anything in this RAM Block */
pss->page = 0;
pss->block = QLIST_NEXT_RCU(pss->block, next);
@@ -2571,7 +2572,7 @@ static int ram_save_target_page(RAMState *rs, PageSearchStatus *pss,
bool last_stage)
{
RAMBlock *block = pss->block;
- ram_addr_t offset = pss->page << TARGET_PAGE_BITS;
+ ram_addr_t offset = ((ram_addr_t)pss->page) << TARGET_PAGE_BITS;
int res;
if (control_save_page(rs, block, offset, &res)) {
@@ -2657,7 +2658,8 @@ static int ram_save_host_page(RAMState *rs, PageSearchStatus *pss,
/* Allow rate limiting to happen in the middle of huge pages */
migration_rate_limit();
} while ((pss->page & (pagesize_bits - 1)) &&
- offset_in_ramblock(pss->block, pss->page << TARGET_PAGE_BITS));
+ offset_in_ramblock(pss->block,
+ ((ram_addr_t)pss->page) << TARGET_PAGE_BITS));
/* The offset we leave with is the last one we looked at */
pss->page--;
@@ -2874,8 +2876,10 @@ void ram_postcopy_migrated_memory_release(MigrationState *ms)
while (run_start < range) {
unsigned long run_end = find_next_bit(bitmap, range, run_start + 1);
- ram_discard_range(block->idstr, run_start << TARGET_PAGE_BITS,
- (run_end - run_start) << TARGET_PAGE_BITS);
+ ram_discard_range(block->idstr,
+ ((ram_addr_t)run_start) << TARGET_PAGE_BITS,
+ ((ram_addr_t)(run_end - run_start))
+ << TARGET_PAGE_BITS);
run_start = find_next_zero_bit(bitmap, range, run_end + 1);
}
}
@@ -4273,13 +4277,16 @@ static void colo_flush_ram_cache(void)
while (block) {
offset = migration_bitmap_find_dirty(ram_state, block, offset);
- if (offset << TARGET_PAGE_BITS >= block->used_length) {
+ if (((ram_addr_t)offset) << TARGET_PAGE_BITS
+ >= block->used_length) {
offset = 0;
block = QLIST_NEXT_RCU(block, next);
} else {
migration_bitmap_clear_dirty(ram_state, block, offset);
- dst_host = block->host + (offset << TARGET_PAGE_BITS);
- src_host = block->colo_cache + (offset << TARGET_PAGE_BITS);
+ dst_host = block->host
+ + (((ram_addr_t)offset) << TARGET_PAGE_BITS);
+ src_host = block->colo_cache
+ + (((ram_addr_t)offset) << TARGET_PAGE_BITS);
memcpy(dst_host, src_host, TARGET_PAGE_SIZE);
}
}
--
2.24.1
next prev parent reply other threads:[~2020-01-14 13:20 UTC|newest]
Thread overview: 34+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-01-14 12:52 [PULL 00/30] Migration pull patches (take 4) Juan Quintela
2020-01-14 12:52 ` [PULL 01/30] multifd: Initialize local variable Juan Quintela
2020-01-14 12:52 ` [PULL 02/30] multifd: Allocate uint64_t instead of ram_addr_t Juan Quintela
2020-01-14 12:52 ` [PULL 03/30] migration-test: Add migration multifd test Juan Quintela
2020-01-14 12:52 ` [PULL 04/30] migration: Make sure that we don't call write() in case of error Juan Quintela
2020-01-14 12:52 ` [PULL 05/30] migration-test: introduce functions to handle string parameters Juan Quintela
2020-01-14 12:52 ` [PULL 06/30] migration-test: ppc64: fix FORTH test program Juan Quintela
2020-01-14 12:52 ` [PULL 07/30] runstate: ignore finishmigrate -> prelaunch transition Juan Quintela
2020-01-14 12:52 ` [PULL 08/30] ram.c: remove unneeded labels Juan Quintela
2020-01-14 12:52 ` [PULL 09/30] migration: Rate limit inside host pages Juan Quintela
2020-01-14 12:52 ` [PULL 10/30] migration: Fix incorrect integer->float conversion caught by clang Juan Quintela
2020-01-14 12:52 ` [PULL 11/30] migration: Fix the re-run check of the migrate-incoming command Juan Quintela
2020-01-14 12:52 ` [PULL 12/30] misc: use QEMU_IS_ALIGNED Juan Quintela
2020-01-14 12:52 ` [PULL 13/30] migration: add savevm_state_handler_remove() Juan Quintela
2020-01-14 12:52 ` [PULL 14/30] migration: savevm_state_handler_insert: constant-time element insertion Juan Quintela
2020-01-14 12:52 ` [PULL 15/30] migration/ram: Yield periodically to the main loop Juan Quintela
2020-01-14 12:52 ` [PULL 16/30] migration/postcopy: reduce memset when it is zero page and matches_target_page_size Juan Quintela
2020-01-14 12:52 ` [PULL 17/30] migration/postcopy: wait for decompress thread in precopy Juan Quintela
2020-01-14 12:52 ` [PULL 18/30] migration/postcopy: count target page number to decide the place_needed Juan Quintela
2020-01-14 12:52 ` [PULL 19/30] migration/postcopy: set all_zero to true on the first target page Juan Quintela
2020-01-14 12:52 ` [PULL 20/30] migration/postcopy: enable random order target page arrival Juan Quintela
2020-01-14 12:52 ` [PULL 21/30] migration/postcopy: enable compress during postcopy Juan Quintela
2020-01-14 12:52 ` [PULL 22/30] migration/multifd: clean pages after filling packet Juan Quintela
2020-01-14 12:52 ` [PULL 23/30] migration/multifd: not use multifd during postcopy Juan Quintela
2020-01-14 12:52 ` [PULL 24/30] migration/multifd: fix nullptr access in terminating multifd threads Juan Quintela
2020-01-14 12:52 ` [PULL 25/30] migration/multifd: fix destroyed mutex " Juan Quintela
2020-01-14 12:52 ` Juan Quintela [this message]
2020-01-14 12:52 ` [PULL 27/30] migration: Define VMSTATE_INSTANCE_ID_ANY Juan Quintela
2020-01-14 12:52 ` [PULL 28/30] migration: Change SaveStateEntry.instance_id into uint32_t Juan Quintela
2020-01-14 12:52 ` [PULL 29/30] apic: Use 32bit APIC ID for migration instance ID Juan Quintela
2020-01-14 12:52 ` [PULL 30/30] migration: Support QLIST migration Juan Quintela
2020-01-17 12:05 ` [PULL 00/30] Migration pull patches (take 4) Peter Maydell
2020-01-17 12:22 ` Juan Quintela
2020-01-17 12:41 ` Juan Quintela
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20200114125254.4515-27-quintela@redhat.com \
--to=quintela@redhat.com \
--cc=berrange@redhat.com \
--cc=cminyard@mvista.com \
--cc=david@gibson.dropbear.id.au \
--cc=dgilbert@redhat.com \
--cc=ehabkost@redhat.com \
--cc=jasowang@redhat.com \
--cc=lvivier@redhat.com \
--cc=marcandre.lureau@redhat.com \
--cc=mst@redhat.com \
--cc=nevilad@yahoo.com \
--cc=pbonzini@redhat.com \
--cc=peter.maydell@linaro.org \
--cc=qemu-arm@nongnu.org \
--cc=qemu-devel@nongnu.org \
--cc=qemu-ppc@nongnu.org \
--cc=rth@twiddle.net \
--cc=stefanb@linux.ibm.com \
--cc=sw@weilnetz.de \
--cc=thuth@redhat.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.