Commit ffa207d0 authored by David Hildenbrand's avatar David Hildenbrand Committed by Michael S. Tsirkin
Browse files

virtio-balloon: Fix wrong sign extension of PFNs 



If we directly cast from int to uint64_t, we will first sign-extend to
an int64_t, which is wrong. We actually want to treat the PFNs like
unsigned values.

As far as I can see, this dates back to the initial virtio-balloon
commit, but wasn't triggered as fairly big guests would be required.

Cc: qemu-stable@nongnu.org
Reported-by: default avatarMichael S. Tsirkin <mst@redhat.com>
Signed-off-by: default avatarDavid Hildenbrand <david@redhat.com>
Message-Id: <20190722134108.22151-2-david@redhat.com>
Reviewed-by: default avatarMichael S. Tsirkin <mst@redhat.com>
Signed-off-by: default avatarMichael S. Tsirkin <mst@redhat.com>
Reviewed-by: default avatarDavid Gibson <david@gibson.dropbear.id.au>
parent ee4b0c86

hw/virtio/virtio-balloon.c

+1 −1
Original line number Diff line number Diff line
@@ -343,8 +343,8 @@ static void virtio_balloon_handle_output(VirtIODevice *vdev, VirtQueue *vq) 
        }



        while (iov_to_buf(elem->out_sg, elem->out_num, offset, &pfn, 4) == 4) {

            unsigned int p = virtio_ldl_p(vdev, &pfn);

            hwaddr pa;

            int p = virtio_ldl_p(vdev, &pfn);



            pa = (hwaddr) p << VIRTIO_BALLOON_PFN_SHIFT;

            offset += 4;