* Peter Maydell (peter.mayd...@linaro.org) wrote: > On Fri, 22 Mar 2019 at 10:12, Dr. David Alan Gilbert > <dgilb...@redhat.com> wrote: > > Right, so in Catherine's patch there's a simple in_incoming_migration > > and checking ramblock_is_ignored > > Mmm, but I think it is in the wrong place. It is being checked > in address_space_write_rom_internal(). Either we want to > suppress any and all writes to these RAM blocks, in which > case I don't think that function covers all the ways that > code can get hold of a RAM block and write to it; or we are > confident that only the ROM blobs are an issue, in which > case it is too low in the call stack and we should do the > check in rom_reset(). > > Are there any other cases where we might write to RAM > during reset/migration ? I thought of "user write via > the debug stub or monitor", but perhaps those either > can't happen or we define them as user error. But I > there might be some other obscure cases, which perhaps > argues for doing this at the lowest level possible.
Right, the thought of the 'might be other obscure cases' is why in Yury's 'QEMU may write to system_memory before guest starts' patch he marks all shared regions as read-only to see what hits it. I'm not sure; tbh inserting this type of check at the lowest level seems a bit invasive so I'd prefer doing it at the ROM blocks level; but we are bound to hit those obscure cases and then the failure is a real pain to debug when you find something has overwritten some of the RAM. Dave > thanks > -- PMM -- Dr. David Alan Gilbert / dgilb...@redhat.com / Manchester, UK
