memory: info mtree check mr range overflow

The address of memory regions might overflow when something wrong happened, like reported in: https://lists.gnu.org/archive/html/qemu-devel/2017-03/msg02043.html For easier debugging, let's try to detect it. Reported-by: Mark Cave-Ayland <mark.cave-ayland@ilande.co.uk> Signed-off-by: Peter Xu <peterx@redhat.com> Message-Id: <1489496187-624-1-git-send-email-peterx@redhat.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2017-03-14 20:56:27 +08:00 · 2017-03-14 20:56:27 +08:00 · b31f841262
commit b31f841262
parent 6b8f0187a4
1 changed files with 16 additions and 5 deletions
--- a/memory.c
+++ b/memory.c
@ -2494,6 +2494,7 @@ static void mtree_print_mr(fprintf_function mon_printf, void *f,
    MemoryRegionListHead submr_print_queue;
    const MemoryRegion *submr;
    unsigned int i;
+    hwaddr cur_start, cur_end;

    if (!mr) {
        return;
@ -2503,6 +2504,18 @@ static void mtree_print_mr(fprintf_function mon_printf, void *f,
        mon_printf(f, MTREE_INDENT);
    }

+    cur_start = base + mr->addr;
+    cur_end = cur_start + MR_SIZE(mr->size);
+
+    /*
+     * Try to detect overflow of memory region. This should never
+     * happen normally. When it happens, we dump something to warn the
+     * user who is observing this.
+     */
+    if (cur_start < base || cur_end < cur_start) {
+        mon_printf(f, "[DETECTED OVERFLOW!] ");
+    }
+
    if (mr->alias) {
        MemoryRegionList *ml;
        bool found = false;
@ -2522,8 +2535,7 @@ static void mtree_print_mr(fprintf_function mon_printf, void *f,
        mon_printf(f, TARGET_FMT_plx "-" TARGET_FMT_plx
                   " (prio %d, %s): alias %s @%s " TARGET_FMT_plx
                   "-" TARGET_FMT_plx "%s\n",
-                   base + mr->addr,
-                   base + mr->addr + MR_SIZE(mr->size),
+                   cur_start, cur_end,
                   mr->priority,
                   memory_region_type((MemoryRegion *)mr),
                   memory_region_name(mr),
@ -2534,8 +2546,7 @@ static void mtree_print_mr(fprintf_function mon_printf, void *f,
    } else {
        mon_printf(f,
                   TARGET_FMT_plx "-" TARGET_FMT_plx " (prio %d, %s): %s%s\n",
-                   base + mr->addr,
-                   base + mr->addr + MR_SIZE(mr->size),
+                   cur_start, cur_end,
                   mr->priority,
                   memory_region_type((MemoryRegion *)mr),
                   memory_region_name(mr),
@ -2562,7 +2573,7 @@ static void mtree_print_mr(fprintf_function mon_printf, void *f,
    }

    QTAILQ_FOREACH(ml, &submr_print_queue, queue) {
-        mtree_print_mr(mon_printf, f, ml->mr, level + 1, base + mr->addr,
+        mtree_print_mr(mon_printf, f, ml->mr, level + 1, cur_start,
                       alias_print_queue);
    }