While sized to 15 bits in PhysPageEntry, the ptr field is ORed into the
iotlb entries together with a page-aligned pointer. The ptr field must
not overflow into this page-aligned value, assert that it is smaller than
the page size.
Signed-off-by: Paolo Bonzini <pbonz...@redhat.com>
---
exec.c | 2 ++
1 file changed, 2 insertions(+)
diff --git a/exec.c b/exec.c
index 1355661..380245f 100644
--- a/exec.c
+++ b/exec.c
@@ -713,6 +713,8 @@ static void destroy_all_mappings(AddressSpaceDispatch *d)
static uint16_t phys_section_add(MemoryRegionSection *section)
{
+ assert(phys_sections_nb < TARGET_PAGE_SIZE);
+
if (phys_sections_nb == phys_sections_nb_alloc) {
phys_sections_nb_alloc = MAX(phys_sections_nb_alloc * 2, 16);
phys_sections = g_renew(MemoryRegionSection, phys_sections,
--
1.8.1.4
