Hi, > > + assert(address + len <= pci_config_size(d)); > > Does this allow guest now to crash QEMU?
Looks like it does (didn't actually try though). > I think it was suggested that assert should only be used for cases > that can only arise from a programming error and not from values set > by the guest. Correct. We do have guest-triggerable asserts in the code base. They are not the end of the world as the guest will only hurt itself. But in general we try to get rid of them instead of adding new ones ... Often you can just ignore the illegal guest action (bonus points for logging GUEST_ERROR as debugging aid). Sometimes it is more difficult to deal with it (in case the hardware is expected to throw an error irq for example). take care, Gerd