From: Paolo Bonzini <pbonzini@redhat.com>
To: qemu-devel@nongnu.org
Cc: Peter Maydell <peter.maydell@linaro.org>
Subject: [Qemu-devel] [PATCH 01/25] exec.c: address_space_translate: handle access to addr 0 of 2^64 sized region
Date: Thu, 20 Jun 2013 16:44:29 +0200 [thread overview]
Message-ID: <1371739493-10187-2-git-send-email-pbonzini@redhat.com> (raw)
In-Reply-To: <1371739493-10187-1-git-send-email-pbonzini@redhat.com>
From: Peter Maydell <peter.maydell@linaro.org>
The memory API allows a MemoryRegion's size to be 2^64, as a special
case (otherwise the size always fits in a 64 bit integer). This meant
that attempts to access address zero in a 2^64 sized region would
assert in address_space_translate():
#3 0x00007ffff3e4d192 in __GI___assert_fail#(assertion=0x555555a43f32
"!a.hi", file=0x555555a43ef0 "include/qemu/int128.h", line=18,
function=0x555555a4439f "int128_get64") at assert.c:103
#4 0x0000555555877642 in int128_get64 (a=...)
at include/qemu/int128.h:18
#5 0x00005555558782f2 in address_space_translate (as=0x55555668d140,
/addr=0, xlat=0x7fffafac9918, plen=0x7fffafac9920, is_write=false)
at exec.c:221
Fix this by doing the 'min' operation in 128 bit arithmetic
rather than 64 bit arithmetic (we know the result of the 'min'
definitely fits in 64 bits because one of the inputs did).
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
---
exec.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/exec.c b/exec.c
index 5b8b40d..eb200d0 100644
--- a/exec.c
+++ b/exec.c
@@ -218,7 +218,7 @@ MemoryRegionSection *address_space_translate(AddressSpace *as, hwaddr addr,
*xlat = addr + section->offset_within_region;
diff = int128_sub(section->mr->size, int128_make64(addr));
- *plen = MIN(int128_get64(diff), *plen);
+ *plen = int128_get64(int128_min(diff, int128_make64(*plen)));
return section;
}
#endif
--
1.8.1.4
next prev parent reply other threads:[~2013-06-20 14:45 UTC|newest]
Thread overview: 26+ messages / expand[flat|nested] mbox.gz Atom feed top
2013-06-20 14:44 [Qemu-devel] [PULL 00/25] Memory/IOMMU patches, part 3: IOMMU implementation Paolo Bonzini
2013-06-20 14:44 ` Paolo Bonzini [this message]
2013-06-20 14:44 ` [Qemu-devel] [PATCH 02/25] memory: Introduce address_space_lookup_region Paolo Bonzini
2013-06-20 14:44 ` [Qemu-devel] [PATCH 03/25] memory: move private types to exec.c Paolo Bonzini
2013-06-20 14:44 ` [Qemu-devel] [PATCH 04/25] exec: Allow unaligned address_space_rw Paolo Bonzini
2013-06-20 14:44 ` [Qemu-devel] [PATCH 05/25] exec: Resolve subpages in one step except for IOTLB fills Paolo Bonzini
2013-06-20 14:44 ` [Qemu-devel] [PATCH 06/25] exec: Implement subpage_read/write via address_space_rw Paolo Bonzini
2013-06-20 14:44 ` [Qemu-devel] [PATCH 07/25] exec: return MemoryRegion from address_space_translate Paolo Bonzini
2013-06-20 14:44 ` [Qemu-devel] [PATCH 08/25] Revert "memory: limit sections in the radix tree to the actual address space size" Paolo Bonzini
2013-06-20 14:44 ` [Qemu-devel] [PATCH 09/25] Revert "s390x: reduce TARGET_PHYS_ADDR_SPACE_BITS to 62" Paolo Bonzini
2013-06-20 14:44 ` [Qemu-devel] [PATCH 10/25] exec: reorganize mem_add to match Int128 version Paolo Bonzini
2013-06-20 14:44 ` [Qemu-devel] [PATCH 11/25] memory: make section size a 128-bit integer Paolo Bonzini
2013-06-20 14:44 ` [Qemu-devel] [PATCH 12/25] memory: iommu support Paolo Bonzini
2013-06-20 14:44 ` [Qemu-devel] [PATCH 13/25] memory: Add iommu map/unmap notifiers Paolo Bonzini
2013-06-20 14:44 ` [Qemu-devel] [PATCH 14/25] vfio: abort if an emulated iommu is used Paolo Bonzini
2013-06-20 14:44 ` [Qemu-devel] [PATCH 15/25] spapr: convert TCE API to use an opaque type Paolo Bonzini
2013-06-20 14:44 ` [Qemu-devel] [PATCH 16/25] spapr: make IOMMU translation go through IOMMUTLBEntry Paolo Bonzini
2013-06-20 14:44 ` [Qemu-devel] [PATCH 17/25] spapr: use memory core for iommu support Paolo Bonzini
2013-06-20 14:44 ` [Qemu-devel] [PATCH 18/25] dma: eliminate old-style IOMMU support Paolo Bonzini
2013-06-20 14:44 ` [Qemu-devel] [PATCH 19/25] pci: use memory core for iommu support Paolo Bonzini
2013-06-20 14:44 ` [Qemu-devel] [PATCH 20/25] spapr_vio: take care of creating our own AddressSpace/DMAContext Paolo Bonzini
2013-06-20 14:44 ` [Qemu-devel] [PATCH 21/25] dma: eliminate DMAContext Paolo Bonzini
2013-06-20 14:44 ` [Qemu-devel] [PATCH 22/25] memory: give name to every AddressSpace Paolo Bonzini
2013-06-20 14:44 ` [Qemu-devel] [PATCH 23/25] memory: Fix comment typo Paolo Bonzini
2013-06-20 14:44 ` [Qemu-devel] [PATCH 24/25] memory: as_update_topology_pass: Improve comments Paolo Bonzini
2013-06-20 14:44 ` [Qemu-devel] [PATCH 25/25] memory: render_memory_region: factor out fr constant setters Paolo Bonzini
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1371739493-10187-2-git-send-email-pbonzini@redhat.com \
--to=pbonzini@redhat.com \
--cc=peter.maydell@linaro.org \
--cc=qemu-devel@nongnu.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).