From: Paolo Bonzini <pbonz...@redhat.com> kvm/ioapic is relying on the fact that SysBus device maps mmio regions with offset counted from start of system memory. But if ioapic's region is moved to another sub-region which doesn't start at the beginning of system memory then using offset isn't correct.
To fix kvm/ioapic, extend memory_region_find() so that it can help retrieving the absolute region address and the respective address space. The patch is a no-op in case mr is parentless, i.e. mr->addr == 0 and mr->parent == NULL. In addition fill in MemoryRegionSection.as which was missing in original memory_region_find(). Signed-off-by: Paolo Bonzini <pbonz...@redhat.com> Signed-off-by: Igor Mammedov <imamm...@redhat.com> --- hw/i386/kvm/ioapic.c | 9 ++++++++- include/exec/memory.h | 13 +++++++------ memory.c | 20 +++++++++++++++----- 3 files changed, 30 insertions(+), 12 deletions(-) diff --git a/hw/i386/kvm/ioapic.c b/hw/i386/kvm/ioapic.c index a3bd519..dc6ddab 100644 --- a/hw/i386/kvm/ioapic.c +++ b/hw/i386/kvm/ioapic.c @@ -89,14 +89,21 @@ static void kvm_ioapic_put(IOAPICCommonState *s) { struct kvm_irqchip chip; struct kvm_ioapic_state *kioapic; + MemoryRegionSection mrs; int ret, i; + mrs = memory_region_find(&s->io_memory, 0, 0x1000); + if (mrs.mr != &s->io_memory || mrs.offset_within_region != 0) { + fprintf(stderr, "cannot find IOAPIC base\n"); + abort(); + } + chip.chip_id = KVM_IRQCHIP_IOAPIC; kioapic = &chip.chip.ioapic; kioapic->id = s->id; kioapic->ioregsel = s->ioregsel; - kioapic->base_address = s->busdev.mmio[0].addr; + kioapic->base_address = mrs.offset_within_address_space; kioapic->irr = s->irr; for (i = 0; i < IOAPIC_NUM_PINS; i++) { kioapic->redirtbl[i].bits = s->ioredtbl[i]; diff --git a/include/exec/memory.h b/include/exec/memory.h index 9e88320..efe210b 100644 --- a/include/exec/memory.h +++ b/include/exec/memory.h @@ -725,17 +725,18 @@ void memory_region_set_alias_offset(MemoryRegion *mr, * * Returns a #MemoryRegionSection that describes a contiguous overlap. * It will have the following characteristics: - * .@offset_within_address_space >= @addr - * .@offset_within_address_space + .@size <= @addr + @size * .@size = 0 iff no overlap was found * .@mr is non-%NULL iff an overlap was found * - * @address_space: a top-level (i.e. parentless) region that contains - * the region to be found - * @addr: start of the area within @address_space to be searched + * If @mr is parent-less, + * .@offset_within_address_space >= @addr + * .@offset_within_address_space + .@size <= @addr + @size + * + * @mr: a (possibly indirect) parent that contains the region to be found + * @addr: start of the area within @as to be searched * @size: size of the area to be searched */ -MemoryRegionSection memory_region_find(MemoryRegion *address_space, +MemoryRegionSection memory_region_find(MemoryRegion *mr, hwaddr addr, uint64_t size); /** diff --git a/memory.c b/memory.c index 75ca281..34bfb13 100644 --- a/memory.c +++ b/memory.c @@ -1451,15 +1451,24 @@ static FlatRange *address_space_lookup(AddressSpace *as, AddrRange addr) sizeof(FlatRange), cmp_flatrange_addr); } -MemoryRegionSection memory_region_find(MemoryRegion *address_space, +MemoryRegionSection memory_region_find(MemoryRegion *mr, hwaddr addr, uint64_t size) { - AddressSpace *as = memory_region_to_address_space(address_space); - AddrRange range = addrrange_make(int128_make64(addr), - int128_make64(size)); - FlatRange *fr = address_space_lookup(as, range); MemoryRegionSection ret = { .mr = NULL, .size = 0 }; + MemoryRegion *root; + AddressSpace *as; + AddrRange range; + FlatRange *fr; + + addr += mr->addr; + for (root = mr; root->parent; ) { + root = root->parent; + addr += root->addr; + } + as = memory_region_to_address_space(root); + range = addrrange_make(int128_make64(addr), int128_make64(size)); + fr = address_space_lookup(as, range); if (!fr) { return ret; } @@ -1470,6 +1479,7 @@ MemoryRegionSection memory_region_find(MemoryRegion *address_space, } ret.mr = fr->mr; + ret.address_space = as; range = addrrange_intersection(range, fr->addr); ret.offset_within_region = fr->offset_in_region; ret.offset_within_region += int128_get64(int128_sub(range.start, -- 1.7.1