memory: assert that PhysPageEntry's ptr does not overflow

While sized to 15 bits in PhysPageEntry, the ptr field is ORed into the
iotlb entries together with a page-aligned pointer.  The ptr field must
not overflow into this page-aligned value, assert that it is smaller than
the page size.

Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
This commit is contained in:
Paolo Bonzini 2013-05-07 11:30:23 +02:00
parent 8b0d6711a2
commit 68f3f65b09

6
exec.c
View File

@ -713,6 +713,12 @@ static void destroy_all_mappings(AddressSpaceDispatch *d)
static uint16_t phys_section_add(MemoryRegionSection *section) static uint16_t phys_section_add(MemoryRegionSection *section)
{ {
/* The physical section number is ORed with a page-aligned
* pointer to produce the iotlb entries. Thus it should
* never overflow into the page-aligned value.
*/
assert(phys_sections_nb < TARGET_PAGE_SIZE);
if (phys_sections_nb == phys_sections_nb_alloc) { if (phys_sections_nb == phys_sections_nb_alloc) {
phys_sections_nb_alloc = MAX(phys_sections_nb_alloc * 2, 16); phys_sections_nb_alloc = MAX(phys_sections_nb_alloc * 2, 16);
phys_sections = g_renew(MemoryRegionSection, phys_sections, phys_sections = g_renew(MemoryRegionSection, phys_sections,