On 08/09/20 18:41, Li Qiang wrote: > Currently the qemu device fuzzer find some DMA to MMIO issue. If the > device handling MMIO currently trigger a DMA which the address is MMIO, > this will reenter the device MMIO handler. As some of the device doesn't > consider this it will sometimes crash the qemu. > > This patch tries to solve this by adding a per-device flag 'in_mmio'. > When the memory core dispatch MMIO it will check/set this flag and when > it leaves it will clean this flag. > > > Li Qiang (4): > memory: add memory_region_init_io_with_dev interface > memory: avoid reenter the device's MMIO handler while processing MMIO > e1000e: use the new memory_region_init_io_with_dev interface > hcd-xhci: use the new memory_region_init_io_with_dev interface > > hw/net/e1000e.c | 8 ++++---- > hw/usb/hcd-xhci.c | 25 ++++++++++++++--------- > include/exec/memory.h | 9 +++++++++ > include/hw/qdev-core.h | 1 + > softmmu/memory.c | 46 +++++++++++++++++++++++++++++++++++++++--- > 5 files changed, 72 insertions(+), 17 deletions(-) >
I don't think this is a good solution. These are device bugs and they need to be fixed. Paolo
