From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from eggs.gnu.org ([2001:4830:134:3::10]:45497) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1XqLuO-0004Mi-U5 for qemu-devel@nongnu.org; Mon, 17 Nov 2014 08:00:03 -0500 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1XqLuH-0001LB-Kf for qemu-devel@nongnu.org; Mon, 17 Nov 2014 07:59:56 -0500 Received: from mx1.redhat.com ([209.132.183.28]:60436) by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1XqLuH-0001L7-Do for qemu-devel@nongnu.org; Mon, 17 Nov 2014 07:59:49 -0500 Received: from int-mx09.intmail.prod.int.phx2.redhat.com (int-mx09.intmail.prod.int.phx2.redhat.com [10.5.11.22]) by mx1.redhat.com (8.14.4/8.14.4) with ESMTP id sAHCxmoU027484 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=FAIL) for ; Mon, 17 Nov 2014 07:59:48 -0500 Date: Mon, 17 Nov 2014 12:59:44 +0000 From: "Dr. David Alan Gilbert" Message-ID: <20141117125944.GI2237@work-vm> References: <1415785203-26938-1-git-send-email-mst@redhat.com> <1415785203-26938-3-git-send-email-mst@redhat.com> <20141117105852.GC2237@work-vm> <20141117113633.GA10680@redhat.com> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20141117113633.GA10680@redhat.com> Subject: Re: [Qemu-devel] [PATCH 2/4] exec: add wrapper for host pointer access List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , To: "Michael S. Tsirkin" Cc: Paolo Bonzini , qemu-devel@nongnu.org, quintela@redhat.com * Michael S. Tsirkin (mst@redhat.com) wrote: > On Mon, Nov 17, 2014 at 10:58:53AM +0000, Dr. David Alan Gilbert wrote: > > * Michael S. Tsirkin (mst@redhat.com) wrote: > > > host pointer accesses force pointer math, let's > > > add a wrapper to make them safer. > > > > > > Signed-off-by: Michael S. Tsirkin > > > --- > > > include/exec/cpu-all.h | 5 +++++ > > > exec.c | 10 +++++----- > > > 2 files changed, 10 insertions(+), 5 deletions(-) > > > > > > diff --git a/include/exec/cpu-all.h b/include/exec/cpu-all.h > > > index c085804..9d8d408 100644 > > > --- a/include/exec/cpu-all.h > > > +++ b/include/exec/cpu-all.h > > > @@ -313,6 +313,11 @@ typedef struct RAMBlock { > > > int fd; > > > } RAMBlock; > > > > > > +static inline void *ramblock_ptr(RAMBlock *block, ram_addr_t offset) > > > +{ > > > + return (char *)block->host + offset; > > > +} > > > > I'm a bit surprised you don't need to pass a length to this to be able > > to tell how much you can access. > > This is because at the moment all accesses only touch a single page. > Said assumption seems to be made all over the code, and won't > be easy to remove. > > > > typedef struct RAMList { > > > QemuMutex mutex; > > > /* Protected by the iothread lock. */ > > > diff --git a/exec.c b/exec.c > > > index ad5cf12..9648669 100644 > > > --- a/exec.c > > > +++ b/exec.c > > > @@ -840,7 +840,7 @@ static void tlb_reset_dirty_range_all(ram_addr_t start, ram_addr_t length) > > > > > > block = qemu_get_ram_block(start); > > > assert(block == qemu_get_ram_block(end - 1)); > > > - start1 = (uintptr_t)block->host + (start - block->offset); > > > + start1 = (uintptr_t)ramblock_ptr(block, start - block->offset); > > > cpu_tlb_reset_dirty_all(start1, length); > > > } > > > > > > @@ -1500,7 +1500,7 @@ void qemu_ram_remap(ram_addr_t addr, ram_addr_t length) > > > QTAILQ_FOREACH(block, &ram_list.blocks, next) { > > > offset = addr - block->offset; > > > if (offset < block->length) { > > > - vaddr = block->host + offset; > > > + vaddr = ramblock_ptr(block, offset); > > > if (block->flags & RAM_PREALLOC) { > > > ; > > > } else if (xen_enabled()) { > > > @@ -1551,7 +1551,7 @@ void *qemu_get_ram_block_host_ptr(ram_addr_t addr) > > > { > > > RAMBlock *block = qemu_get_ram_block(addr); > > > > > > - return block->host; > > > + return ramblock_ptr(block, 0); > > > } > > > > > > /* Return a host pointer to ram allocated with qemu_ram_alloc. > > > @@ -1578,7 +1578,7 @@ void *qemu_get_ram_ptr(ram_addr_t addr) > > > xen_map_cache(block->offset, block->length, 1); > > > } > > > } > > > - return block->host + (addr - block->offset); > > > + return ramblock_ptr(block, addr - block->offset); > > > } > > > > which then makes me wonder if all the uses of this are safe near the > > end of the block. > > > > > /* Return a host pointer to guest's ram. Similar to qemu_get_ram_ptr > > > @@ -1597,7 +1597,7 @@ static void *qemu_ram_ptr_length(ram_addr_t addr, hwaddr *size) > > > if (addr - block->offset < block->length) { > > > if (addr - block->offset + *size > block->length) > > > *size = block->length - addr + block->offset; > > > - return block->host + (addr - block->offset); > > > + return ramblock_ptr(block, addr - block->offset); > > > } > > > > but then this sounds like it's going to have partial duplication, it already looks > > like it's only going to succeed if it finds itself a block that the access fits > > in. > > > > > > Dave > > Sorry, I don't really understand what you are saying here. qemu_ram_ptr_length already does some checks, so using ramblock_ptr is duplicating some of that; not a big issue. Dave > > > > } > > > > > > -- > > > MST > > > > > -- > > Dr. David Alan Gilbert / dgilbert@redhat.com / Manchester, UK -- Dr. David Alan Gilbert / dgilbert@redhat.com / Manchester, UK