On Tue, 2011-05-17 at 08:55 +0300, Michael S. Tsirkin wrote: > Something in your patch that overwrites the id in vhost > and makes it put the wrong id in the used ring? > > By the way, need to keep in mind that a guest can > give us the same head twice, need to make sure this > at least does not corrupt host memory. I think I didn't explain the problem very well here. This patch doesn't overwrite the id. It just keeps the same coming sequence from "head return vhost_get_vq_desc()" to pass to vhost_add_used. The same ids can be used many times once it passes to guest from vhost_add_used. There is no problem. The zero copy patch doesn't have any issue. The problem is the order of head from return vhost_get_vq_desc should be in sequence when it passes to vhost_add_used. The original code has no problem, because it gets one head and pass that head to vhost_add_used one by one once done the copy. So it's in sequence. This issue can easily recreate without zerocopy patch by simply changing the order from "head return vhost_get_vq_desc" when passing to vhost_add_used. Thanks Shirley -- To unsubscribe from this list: send the line "unsubscribe kvm" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
