From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from eggs.gnu.org ([2001:4830:134:3::10]:37849)
	by lists.gnu.org with esmtp (Exim 4.71)
	(envelope-from <daniel.oram@gmail.com>) id 1c4oge-0005lC-Ue
	for qemu-devel@nongnu.org; Thu, 10 Nov 2016 07:42:37 -0500
Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
	(envelope-from <daniel.oram@gmail.com>) id 1c4oga-0003Tl-25
	for qemu-devel@nongnu.org; Thu, 10 Nov 2016 07:42:36 -0500
Received: from mail-wm0-x243.google.com ([2a00:1450:400c:c09::243]:36503)
	by eggs.gnu.org with esmtps (TLS1.0:RSA_AES_128_CBC_SHA1:16)
	(Exim 4.71) (envelope-from <daniel.oram@gmail.com>)
	id 1c4ogZ-0003TY-R8
	for qemu-devel@nongnu.org; Thu, 10 Nov 2016 07:42:31 -0500
Received: by mail-wm0-x243.google.com with SMTP id m203so1238566wma.3
	for <qemu-devel@nongnu.org>; Thu, 10 Nov 2016 04:42:31 -0800 (PST)
From: Daniel Oram <daniel.oram@gmail.com>
Date: Thu, 10 Nov 2016 12:42:06 +0000
Message-Id: <cover.1478777270.git.daniel.oram@gmail.com>
Subject: [Qemu-devel] [PATCH v2 0/1] vfio-pci: fix assert fail in host
 property if unused
List-Id: <qemu-devel.nongnu.org>
List-Unsubscribe: <https://lists.nongnu.org/mailman/options/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=unsubscribe>
List-Archive: <http://lists.nongnu.org/archive/html/qemu-devel/>
List-Post: <mailto:qemu-devel@nongnu.org>
List-Help: <mailto:qemu-devel-request@nongnu.org?subject=help>
List-Subscribe: <https://lists.nongnu.org/mailman/listinfo/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=subscribe>
To: qemu-devel@nongnu.org
Cc: alex.williamson@redhat.com

Changes since v1:
* Wrap commit log at 70 chars.

Commit 4a946268 changed the default value of the structure (PCIHostDeviceAddress) underlying the host property in vfio-pci to be ~0 in all fields. Since this structure has excess bits for representing a standard BDF (FFFF:FF:FF.F) this triggers an assert check designed to catch such invalid BDFs in the get function of the property. This makes any code that attempts to use get on the property fatal if the host device isn't specified using the now optional host property.

To see the bug assign a vfio-pci device using the sysfsdev property instead of the host property so that host gets the default "not present," value. Attempts to display the property then crash the working emulation.

qemu-system-x86_64 -device vfio-pci,id=gfxfn0,sysfsdev='/sys/bus/pci/devices/0000:01:00.0' -monitor stdio

QEMU 2.7.50 monitor - type 'help' for more information
(qemu) info qtree
bus: main-system-bus
....Omitted for brevity...
    bus: pci.0
      type PCI
      dev: vfio-pci, id "gfxfn0"
qemu-system-x86_64: /home/xochip/source/qemu.git/hw/core/qdev-properties.c:717: get_pci_host_devaddr: Assertion `rc == sizeof(buffer) - 1' failed.

The bug is minor because the structure involved is presumably insufficient and redundant given the introduction of the new sysfsdev property. Since I'm new to the code, I resisted the urge to make a mess by cleaning it up and attach a totally minimal fix in the hope it makes the problem clearer and easier to ignore. Happy to redo or leave it to somebody else as required.

Regards,

Dan.

Daniel Oram (1):
  Fix assert in PCI address property when used by vfio-pci

 hw/core/qdev-properties.c | 18 +++++++++++++-----
 1 file changed, 13 insertions(+), 5 deletions(-)

-- 
2.10.2