On 17/06/2015 10:33, Paolo Bonzini wrote:
> On 16/06/2015 19:48, Aurelien Jarno wrote:
>> The code assumes that if you don't have an IOMMU, the address range in
>> the underlying memory region is linear.
>
> I think this is exactly what Peter Crosthwaite's infamous :) "exec:
> Respect as_translate_internal length clamp" patch was trying to fix.
> However, address_space_translate_internal uses section->mr->size instead
> of section->size. I'll post a patch once I'm through the email deluge
> from 1 week of absence.
Can you test this?
diff --git a/exec.c b/exec.c
index 76bfc4a..fabb8bb 100644
--- a/exec.c
+++ b/exec.c
@@ -350,7 +350,7 @@
address_space_translate_internal(AddressSpaceDispatch *d, hwaddr addr,
hwaddr *x
/* Compute offset within MemoryRegion */
*xlat = addr + section->offset_within_region;
- diff = int128_sub(section->mr->size, int128_make64(addr));
+ diff = int128_sub(section->size, int128_make64(addr));
*plen = int128_get64(int128_min(diff, int128_make64(*plen)));
return section;
}
Paolo
