This small patch fixes an issue leading to a crash (segfault, although with earlier changesets I was seeing sigbus - not sure what changed) in qemu-dm when the following conditions occur: 1. A valid mapping for a bucket on a low address exists 2. Immediately after accessing memory mapped in this bucket, an access occurs to a high (beyond assigned ram) address beyond the 1GB limit for 32bit map cache wrapping around to the previous bucket''s entry number. 3. The next call to map cache again accesses the low address. In this scenario, the guest mem for the low bucket has been unmapped by the remap_bucket caused by 2., but because the valid_mapping bit-test fails, map_cache returns before last_address_index has been updated. The subsequent call to map_cache therefore never remaps the low, valid bucket and instead returns a vaddr pointing to memory that has failed to get mapped. The patch is against ioemu-remote, but should be applied to the in-tree ioemu as well (and applies without problem). Signed-off-by: Trolle Selander <trolle.selander@eu.citrix.com> _______________________________________________ Xen-devel mailing list Xen-devel@lists.xensource.com http://lists.xensource.com/xen-devel
Trolle Selander writes ("[PATCH] [IOEMU] Fix bug in map cache"):> This small patch fixes an issue leading to a crash (segfault, although > with earlier changesets I was seeing sigbus - not sure what changed) > in qemu-dm when the following conditions occur:Thanks. We should backport this to 3.3-testing, too, perhaps ? Ian. _______________________________________________ Xen-devel mailing list Xen-devel@lists.xensource.com http://lists.xensource.com/xen-devel
Trolle Selander
2008-Sep-09 12:55 UTC
[Xen-devel] Re: [PATCH] [IOEMU] Fix bug in map cache
Probably a good idea. This part of the map cache code hasn''t changed in quite a while - the patch applies to 3.3-testing, and 3.2-testing as well. On Tue, Sep 9, 2008 at 1:49 PM, Ian Jackson <Ian.Jackson@eu.citrix.com> wrote:> Trolle Selander writes ("[PATCH] [IOEMU] Fix bug in map cache"): >> This small patch fixes an issue leading to a crash (segfault, although >> with earlier changesets I was seeing sigbus - not sure what changed) >> in qemu-dm when the following conditions occur: > > Thanks. We should backport this to 3.3-testing, too, perhaps ? > > Ian. >_______________________________________________ Xen-devel mailing list Xen-devel@lists.xensource.com http://lists.xensource.com/xen-devel