From mboxrd@z Thu Jan 1 00:00:00 1970 From: Richard Henderson Subject: Re: [PATCH v2] memory: use signed arithmetic Date: Wed, 03 Aug 2011 07:59:27 -0700 Message-ID: <4E39624F.4020709@twiddle.net> References: <1312361774-29086-1-git-send-email-avi@redhat.com> Mime-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 7bit Cc: Anthony Liguori , Jan Kiszka , qemu-devel@nongnu.org, kvm@vger.kernel.org To: Avi Kivity Return-path: Received: from mail-qy0-f174.google.com ([209.85.216.174]:57183 "EHLO mail-qy0-f174.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1754579Ab1HCO7c (ORCPT ); Wed, 3 Aug 2011 10:59:32 -0400 Received: by qyk38 with SMTP id 38so209767qyk.19 for ; Wed, 03 Aug 2011 07:59:32 -0700 (PDT) In-Reply-To: <1312361774-29086-1-git-send-email-avi@redhat.com> Sender: kvm-owner@vger.kernel.org List-ID: On 08/03/2011 01:56 AM, Avi Kivity wrote: > When trying to map an alias of a ram region, where the alias starts at > address A and we map it into address B, and A > B, we had an arithmetic > underflow. Because we use unsigned arithmetic, the underflow converted > into a large number which failed addrrange_intersects() tests. > > The concrete example which triggered this was cirrus vga mapping > the framebuffer at offsets 0xc0000-0xc7fff (relative to the start of > the framebuffer) into offsets 0xa0000 (relative to system addres space > start). > > With our favorite analogy of a windowing system, this is equivalent to > dragging a subwindow off the left edge of the screen, and failing to clip > it into its parent window which is on screen. > > Fix by switching to signed arithmetic. > > Signed-off-by: Avi Kivity Signed-off-by: Richard Henderson r~