exec: clamp accesses against the MemoryRegionSection

Because the clamping was done against the MemoryRegion, address_space_rw was effectively broken if a write spanned multiple sections that are not linear in underlying memory (with the memory not being under an IOMMU). This is visible with the MIPS rc4030 IOMMU, which is implemented as a series of alias memory regions that point to the actual RAM. Tested-by: N Hervé Poussineau <hpoussin@reactos.org> Tested-by: N Mark Cave-Ayland <mark.cave-ayland@ilande.co.uk> Signed-off-by: N Paolo Bonzini <pbonzini@redhat.com>

exec: clamp accesses against the MemoryRegionSection
Because the clamping was done against the MemoryRegion, address_space_rw was effectively broken if a write spanned multiple sections that are not linear in underlying memory (with the memory not being under an IOMMU). This is visible with the MIPS rc4030 IOMMU, which is implemented as a series of alias memory regions that point to the actual RAM. Tested-by: N Hervé Poussineau <hpoussin@reactos.org> Tested-by: N Mark Cave-Ayland <mark.cave-ayland@ilande.co.uk> Signed-off-by: N Paolo Bonzini <pbonzini@redhat.com>
e4a511f8 · Paolo Bonzini · 965eb2fc · e4a511f8
显示空白变更内容
内联并排

Showing with 1 addition and 1 deletion

exec.c exec.c +1 -1

未找到文件。
--- a/exec.c
+++ b/exec.c
@@ -353,7 +353,7 @@ address_space_translate_internal(AddressSpaceDispatch *d, hwaddr addr, hwaddr *x
    mr = section->mr;
    if (memory_region_is_ram(mr)) {
-        diff = int128_sub(mr->size, int128_make64(addr));
+        diff = int128_sub(section->size, int128_make64(addr));
        *plen = int128_get64(int128_min(diff, int128_make64(*plen)));
    }
    return section;