All of lore.kernel.org
 help / color / mirror / Atom feed
From: Paolo Bonzini <pbonzini@redhat.com>
To: Eduardo Habkost <ehabkost@redhat.com>,
	David Hildenbrand <david@redhat.com>
Cc: qemu-devel@nongnu.org, Pankaj Gupta <pagupta@redhat.com>,
	"Michael S . Tsirkin" <mst@redhat.com>,
	Markus Armbruster <armbru@redhat.com>,
	Alexander Graf <agraf@suse.de>,
	qemu-s390x@nongnu.org, qemu-ppc@nongnu.org,
	Marcel Apfelbaum <marcel@redhat.com>,
	Igor Mammedov <imammedo@redhat.com>,
	David Gibson <david@gibson.dropbear.id.au>,
	Richard Henderson <rth@twiddle.net>
Subject: Re: [Qemu-devel] [PATCH v4 02/11] machine: make MemoryHotplugState accessible via the machine
Date: Thu, 10 May 2018 18:57:32 +0200	[thread overview]
Message-ID: <f2b567cb-8723-4e6d-b6ec-a6d97bffab10@redhat.com> (raw)
In-Reply-To: <20180504192635.GA4903@localhost.localdomain>

On 04/05/2018 21:26, Eduardo Habkost wrote:
> On Mon, Apr 23, 2018 at 06:51:17PM +0200, David Hildenbrand wrote:
> [...]
>> +    /* always allocate the device memory information */
>> +    machine->device_memory = g_malloc(sizeof(*machine->device_memory));
> [...]
>> -    /* initialize hotplug memory address space */
>> +    /* always allocate the device memory information */
>> +    machine->device_memory = g_malloc(sizeof(*machine->device_memory));
> 
> This makes QEMU crash because machine->device_memory->base is initialized with
> garbage:
> 
> #1  0x00007fffef30a8f8 in abort () at /lib64/libc.so.6
> #2  0x00007fffef302026 in __assert_fail_base () at /lib64/libc.so.6
> #3  0x00007fffef3020d2 in  () at /lib64/libc.so.6
> #4  0x0000555555833483 in int128_get64 (a=<optimized out>) at .../qemu-build/include/qemu/int128.h:22
> #5  0x0000555555837c2e in memory_region_size (a=<optimized out>) at .../qemu-build/memory.c:1735
> #6  0x0000555555837c2e in memory_region_size (mr=<optimized out>) at .../qemu-build/memory.c:1739
> #7  0x00005555558a2b14 in pc_memory_init (pcms=pcms@entry=0x555556850050, system_memory=system_memory@entry=0x555556851e00, rom_memory=rom_memory@entry=0x5555568b8120, ram_memory=ram_memory@entry=0x7fffffffd630)
>     at .../qemu-build/hw/i386/pc.c:1440
> #8  0x00005555558a5a73 in pc_init1 (machine=0x555556850050, pci_type=0x555555cb6fd0 "i440FX", host_type=0x555555c43e41 "i440FX-pcihost") at .../qemu-build/hw/i386/pc_piix.c:179
> #9  0x00005555559abbda in machine_run_board_init (machine=0x555556850050) at .../qemu-build/hw/core/machine.c:829
> #10 0x00005555557dc515 in main (argc=<optimized out>, argv=<optimized out>, envp=<optimized out>) at .../qemu-build/vl.c:4563
> 
> 
> I will squash the following fixup:
> 
> From 6216fdb28476ed21c4ced4672003c9c7cb0e04d2 Mon Sep 17 00:00:00 2001
> From: David Hildenbrand <david@redhat.com>
> Date: Fri, 4 May 2018 15:54:46 +0200
> Subject: [PATCH] memory-device: fix device_memory creation on pc and spapr
> 
> We have to inititalize the struct to 0. Otherwise, without "maxmem",
> the content is undefined, which might result in random asserts
> striking when e.g. reading out the size of the contained memory region.
> 
> Signed-off-by: David Hildenbrand <david@redhat.com>
> ---
>  hw/i386/pc.c   | 2 +-
>  hw/ppc/spapr.c | 2 +-
>  2 files changed, 2 insertions(+), 2 deletions(-)
> 
> diff --git a/hw/i386/pc.c b/hw/i386/pc.c
> index ffcd7b85d9..868893d0a1 100644
> --- a/hw/i386/pc.c
> +++ b/hw/i386/pc.c
> @@ -1372,7 +1372,7 @@ void pc_memory_init(PCMachineState *pcms,
>      }
>  
>      /* always allocate the device memory information */
> -    machine->device_memory = g_malloc(sizeof(*machine->device_memory));
> +    machine->device_memory = g_malloc0(sizeof(*machine->device_memory));
>  
>      /* initialize device memory address space */
>      if (pcmc->has_reserved_memory &&
> diff --git a/hw/ppc/spapr.c b/hw/ppc/spapr.c
> index ef05075232..a1abcba6ad 100644
> --- a/hw/ppc/spapr.c
> +++ b/hw/ppc/spapr.c
> @@ -2637,7 +2637,7 @@ static void spapr_machine_init(MachineState *machine)
>      memory_region_add_subregion(sysmem, 0, ram);
>  
>      /* always allocate the device memory information */
> -    machine->device_memory = g_malloc(sizeof(*machine->device_memory));
> +    machine->device_memory = g_malloc0(sizeof(*machine->device_memory));

g_new0 since you are at it? :)

Paolo

>  
>      /* initialize hotplug memory address space */
>      if (machine->ram_size < machine->maxram_size) {
> 

  parent reply	other threads:[~2018-05-10 16:57 UTC|newest]

Thread overview: 21+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2018-04-23 16:51 [Qemu-devel] [PATCH v4 00/11] pc-dimm: factor out MemoryDevice David Hildenbrand
2018-04-23 16:51 ` [Qemu-devel] [PATCH v4 01/11] pc-dimm: factor out MemoryDevice interface David Hildenbrand
2018-04-23 16:51 ` [Qemu-devel] [PATCH v4 02/11] machine: make MemoryHotplugState accessible via the machine David Hildenbrand
2018-05-04 19:26   ` Eduardo Habkost
2018-05-05  5:34     ` Marcel Apfelbaum
2018-05-07  8:42     ` [Qemu-devel] [qemu-s390x] " David Hildenbrand
2018-05-10 16:57     ` Paolo Bonzini [this message]
2018-05-10 17:52       ` [Qemu-devel] " Eduardo Habkost
2018-05-14  6:31         ` Markus Armbruster
2018-04-23 16:51 ` [Qemu-devel] [PATCH v4 03/11] pc-dimm: no need to pass the memory region David Hildenbrand
2018-04-23 16:51 ` [Qemu-devel] [PATCH v4 04/11] pc-dimm: pass in the machine and to the MemoryHotplugState David Hildenbrand
2018-04-23 16:51 ` [Qemu-devel] [PATCH v4 05/11] pc-dimm: factor out address search into MemoryDevice code David Hildenbrand
2018-04-23 16:51 ` [Qemu-devel] [PATCH v4 06/11] pc-dimm: factor out capacity and slot checks into MemoryDevice David Hildenbrand
2018-04-23 16:51 ` [Qemu-devel] [PATCH v4 07/11] pc-dimm: move actual plug/unplug of a memory region to MemoryDevice David Hildenbrand
2018-04-23 16:51 ` [Qemu-devel] [PATCH v4 08/11] machine: rename MemoryHotplugState to DeviceMemoryState David Hildenbrand
2018-04-23 16:51 ` [Qemu-devel] [PATCH v4 09/11] pc: rename "hotplug memory" terminology to "device memory" David Hildenbrand
2018-04-23 16:51 ` [Qemu-devel] [PATCH v4 10/11] spapr: " David Hildenbrand
2018-04-23 23:29   ` David Gibson
2018-04-23 16:51 ` [Qemu-devel] [PATCH v4 11/11] vl: allow 'maxmem' without 'slot' David Hildenbrand
2018-04-23 17:40 ` [Qemu-devel] [PATCH v4 00/11] pc-dimm: factor out MemoryDevice Michael S. Tsirkin
2018-04-23 20:47   ` Eduardo Habkost

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=f2b567cb-8723-4e6d-b6ec-a6d97bffab10@redhat.com \
    --to=pbonzini@redhat.com \
    --cc=agraf@suse.de \
    --cc=armbru@redhat.com \
    --cc=david@gibson.dropbear.id.au \
    --cc=david@redhat.com \
    --cc=ehabkost@redhat.com \
    --cc=imammedo@redhat.com \
    --cc=marcel@redhat.com \
    --cc=mst@redhat.com \
    --cc=pagupta@redhat.com \
    --cc=qemu-devel@nongnu.org \
    --cc=qemu-ppc@nongnu.org \
    --cc=qemu-s390x@nongnu.org \
    --cc=rth@twiddle.net \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.