> On Jan 14, 2026, at 23:34, Maxime Coquelin <[email protected]> wrote: > > External email: Use caution opening links or attachments > > > The mmap() function returns MAP_FAILED on failure, not NULL. > The current check for !mmap_addr will never detect mmap failures. > > When mmap fails but the error is not detected, an invalid address (-1) > is inserted into the IOTLB cache via vhost_user_iotlb_cache_insert(). > Subsequent attempts to access this address will cause memory > corruption or crash. > > Fix by checking for MAP_FAILED instead of NULL. Also add strerror to > the error message for easier debugging. > > Fixes: f27d5206c598 ("vhost: add VDUSE callback for IOTLB miss") > Cc: [email protected] > > Signed-off-by: Maxime Coquelin <[email protected]> > Reviewed-by: David Marchand <[email protected]> > --- > lib/vhost/vduse.c | 5 +++-- > 1 file changed, 3 insertions(+), 2 deletions(-) > > diff --git a/lib/vhost/vduse.c b/lib/vhost/vduse.c > index 897dee9f1b..0b5d158fee 100644 > --- a/lib/vhost/vduse.c > +++ b/lib/vhost/vduse.c > @@ -86,9 +86,10 @@ vduse_iotlb_miss(struct virtio_net *dev, uint64_t iova, > uint8_t perm __rte_unuse > > size = entry.last - entry.start + 1; > mmap_addr = mmap(0, size + entry.offset, entry.perm, MAP_SHARED, fd, > 0); > - if (!mmap_addr) { > + if (mmap_addr == MAP_FAILED) { > VHOST_CONFIG_LOG(dev->ifname, ERR, > - "Failed to mmap IOTLB entry for 0x%" PRIx64, > iova); > + "Failed to mmap IOTLB entry for 0x%" PRIx64 > ": %s", > + iova, strerror(errno)); > ret = -1; > goto close_fd; > } > — > 2.52.0 >
Reviewed-by: Chenbo Xia <[email protected]>
