On Wed, 2012-08-01 at 11:16 +0100, Stefan Hajnoczi wrote: > The len field is mostly informational. The virtio device driver > inside the guest may make use of it. In many cases it doesn't so an > incorrect len value has no effect. In > drivers/block/virtio_blk.c:blk_done() the len variable is unused.
Right but arguably the guest reading more than the len passed back into the descriptor is itself a bug :-) > QEMU should call cpu_physical_memory_unmap() with the correct size > value in hw/virtio.c:virtqueue_fill() so that the memory dirty bitmap > is kept up-to-date. This is the only bad side-effect I can see here. With the current guest driver ... another one adhering strictly to the spec might get bitten :-) Anyway, it's minor, but probably somebody should fix. I don't have time right now, but if you don't beat me to it I might try to give it a spin tomorrow. Cheers, Ben.
