On Thu, 7 Jun 2018 17:47:04 +0200
David Hildenbrand <da...@redhat.com> wrote:
> The start of the address space indicates which maximum alignment is
> supported by our machine (e.g. ppc, x86 1GB). This is helpful to
> catch fragmenting guest physical memory in strange fashions.
>
> Right now we can crash QEMU by e.g. (there might be easier examples)
>
> qemu-system-x86_64 -m 256M,maxmem=20G,slots=2 \
> -object
> memory-backend-file,id=mem0,size=8192M,mem-path=/dev/zero,align=8192M \
> -device pc-dimm,id=dimm1,memdev=mem0
>
> Signed-off-by: David Hildenbrand <da...@redhat.com>
Reviewed-by: Igor Mammedov <imamm...@redhat.com>
> ---
> hw/mem/memory-device.c | 8 +++++++-
> 1 file changed, 7 insertions(+), 1 deletion(-)
>
> diff --git a/hw/mem/memory-device.c b/hw/mem/memory-device.c
> index 3e04f3954e..6de4f70bb4 100644
> --- a/hw/mem/memory-device.c
> +++ b/hw/mem/memory-device.c
> @@ -116,9 +116,15 @@ uint64_t memory_device_get_free_addr(MachineState *ms,
> const uint64_t *hint,
> address_space_start = ms->device_memory->base;
> address_space_end = address_space_start +
> memory_region_size(&ms->device_memory->mr);
> - g_assert(QEMU_ALIGN_UP(address_space_start, align) ==
> address_space_start);
> g_assert(address_space_end >= address_space_start);
>
> + /* address_space_start indicates the maximum alignment we expect */
> + if (QEMU_ALIGN_UP(address_space_start, align) != address_space_start) {
> + error_setg(errp, "the alignment (0%" PRIx64 ") is not supported",
> + align);
> + return 0;
> + }
> +
> memory_device_check_addable(ms, size, errp);
> if (*errp) {
> return 0;
