Commit 68f3f65b authored by Paolo Bonzini's avatar Paolo Bonzini
Browse files

memory: assert that PhysPageEntry's ptr does not overflow 



While sized to 15 bits in PhysPageEntry, the ptr field is ORed into the
iotlb entries together with a page-aligned pointer.  The ptr field must
not overflow into this page-aligned value, assert that it is smaller than
the page size.

Reviewed-by: default avatarPeter Maydell <peter.maydell@linaro.org>
Signed-off-by: default avatarPaolo Bonzini <pbonzini@redhat.com>
parent 8b0d6711

exec.c

+6 −0
Original line number Diff line number Diff line
@@ -713,6 +713,12 @@ static void destroy_all_mappings(AddressSpaceDispatch *d) 


static uint16_t phys_section_add(MemoryRegionSection *section)

{

    /* The physical section number is ORed with a page-aligned

     * pointer to produce the iotlb entries.  Thus it should

     * never overflow into the page-aligned value.

     */

    assert(phys_sections_nb < TARGET_PAGE_SIZE);



    if (phys_sections_nb == phys_sections_nb_alloc) {

        phys_sections_nb_alloc = MAX(phys_sections_nb_alloc * 2, 16);

        phys_sections = g_renew(MemoryRegionSection, phys_sections,