A pointer to a size_t variable was passed as the void * pointer to
lduw_p() in virtio_net_receive(). Instead of acting on the 16-bit value
this caused failure on big-endian hosts.
Avoid this issue in the future by using stw_p() instead. In general we
should use ld*_p() for loading from target memory and st*_p() for
storing to target memory anyway, not the other way around.
Also tighten up a correct use of lduw_p() when stw_p() should be used
instead in virtio_net_get_config().
Signed-off-by: Stefan Hajnoczi <stefa...@linux.vnet.ibm.com>
---
hw/virtio-net.c | 4 ++--
1 files changed, 2 insertions(+), 2 deletions(-)
diff --git a/hw/virtio-net.c b/hw/virtio-net.c
index 20cf680..5962298 100644
--- a/hw/virtio-net.c
+++ b/hw/virtio-net.c
@@ -79,7 +79,7 @@ static void virtio_net_get_config(VirtIODevice *vdev, uint8_t
*config)
VirtIONet *n = to_virtio_net(vdev);
struct virtio_net_config netcfg;
- netcfg.status = lduw_p(&n->status);
+ stw_p(&netcfg.status, n->status);
memcpy(netcfg.mac, n->mac, ETH_ALEN);
memcpy(config, &netcfg, sizeof(netcfg));
}
@@ -679,7 +679,7 @@ static ssize_t virtio_net_receive(VLANClientState *nc,
const uint8_t *buf, size_
}
if (mhdr) {
- mhdr->num_buffers = lduw_p(&i);
+ stw_p(&mhdr->num_buffers, i);
}
virtqueue_flush(n->rx_vq, i);
--
1.7.2.3
