On Wed, 2013-11-06 at 20:47 +0200, Michael S. Tsirkin wrote: > A bug reported by Luiz Capitulino let us to find > several bugs in memory address space setup. > > One issue is that gdb stub can give us arbitrary addresses > and we'll try to access them. > Since our lookup ignored high bits in the address, > we hit a wrong section and got a crash. > In fact, PCI devices can access arbitrary addresses too, > so we should just make lookup robust against this case. > > Another issue has to do with size of regions. > memory API uses UINT64_MAX so say "all 64 bit" but > some devices mistakenly used INT64_MAX. > > It should not affect most systems in practice as > everything should be limited by address space size, > but it's an API misuse that we should not keep around, > and it will become a problem if a system with 64 bit > target address hits this path. > > Patch 1 fixes an actual bug. > The rest of patches make code cleaner and more robust. > > Michael S. Tsirkin (4): > exec: don't ignore high address bits on lookup > pci: fix address space size for bridge > exec: don't ignore high address bits on set > spapr_pci: s/INT64_MAX/UINT64_MAX/ > > Paolo Bonzini (1): > pc: s/INT64_MAX/UINT64_MAX/ > > exec.c | 9 +++++++++ > hw/i386/pc_piix.c | 2 +- > hw/i386/pc_q35.c | 2 +- > hw/pci/pci_bridge.c | 2 +- > hw/ppc/spapr_pci.c | 2 +- > 5 files changed, 13 insertions(+), 4 deletions(-) >
Reviewed-by: Marcel Apfelbaum <marce...@redhat.com>
