From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from eggs.gnu.org ([2001:4830:134:3::10]:35523) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1Ve9RT-0002Qx-AY for qemu-devel@nongnu.org; Wed, 06 Nov 2013 15:11:13 -0500 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1Ve9RN-0005tr-B4 for qemu-devel@nongnu.org; Wed, 06 Nov 2013 15:11:07 -0500 Received: from mx1.redhat.com ([209.132.183.28]:5597) by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1Ve9RN-0005tl-1r for qemu-devel@nongnu.org; Wed, 06 Nov 2013 15:11:01 -0500 Received: from int-mx10.intmail.prod.int.phx2.redhat.com (int-mx10.intmail.prod.int.phx2.redhat.com [10.5.11.23]) by mx1.redhat.com (8.14.4/8.14.4) with ESMTP id rA6KB0lG025662 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=OK) for ; Wed, 6 Nov 2013 15:11:00 -0500 Date: Wed, 6 Nov 2013 22:13:58 +0200 From: "Michael S. Tsirkin" Message-ID: <20131106201358.GA21997@redhat.com> References: <1383763674-18374-1-git-send-email-mst@redhat.com> <1383767643.2527.38.camel@localhost.localdomain> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <1383767643.2527.38.camel@localhost.localdomain> Subject: Re: [Qemu-devel] [PATCH for-1.7 0/5] fix address space size issues List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , To: Marcel Apfelbaum Cc: pbonzini@redhat.com, qemu-devel@nongnu.org, lcapitulino@redhat.com On Wed, Nov 06, 2013 at 09:54:03PM +0200, Marcel Apfelbaum wrote: > On Wed, 2013-11-06 at 20:47 +0200, Michael S. Tsirkin wrote: > > A bug reported by Luiz Capitulino let us to find > > several bugs in memory address space setup. > > > > One issue is that gdb stub can give us arbitrary addresses > > and we'll try to access them. > > Since our lookup ignored high bits in the address, > > we hit a wrong section and got a crash. > > In fact, PCI devices can access arbitrary addresses too, > > so we should just make lookup robust against this case. > > > > Another issue has to do with size of regions. > > memory API uses UINT64_MAX so say "all 64 bit" but > > some devices mistakenly used INT64_MAX. > > > > It should not affect most systems in practice as > > everything should be limited by address space size, > > but it's an API misuse that we should not keep around, > > and it will become a problem if a system with 64 bit > > target address hits this path. > > > > Patch 1 fixes an actual bug. > > The rest of patches make code cleaner and more robust. > > > > Michael S. Tsirkin (4): > > exec: don't ignore high address bits on lookup > > pci: fix address space size for bridge > > exec: don't ignore high address bits on set > > spapr_pci: s/INT64_MAX/UINT64_MAX/ > > > > Paolo Bonzini (1): > > pc: s/INT64_MAX/UINT64_MAX/ > > > > exec.c | 9 +++++++++ > > hw/i386/pc_piix.c | 2 +- > > hw/i386/pc_q35.c | 2 +- > > hw/pci/pci_bridge.c | 2 +- > > hw/ppc/spapr_pci.c | 2 +- > > 5 files changed, 13 insertions(+), 4 deletions(-) > > > > Reviewed-by: Marcel Apfelbaum > Please don't apply this. I didn't post the patches - I only sent them to Marcel :) And the reason is that the assert in exec. detects more bugs with over-writing page-tables: just run make check. I think we need to get a handle on them first before applying. -- MST