Philippe Mathieu-Daudé 9b0ca75e01 hw/pci-host/q35: Ignore write of reserved PCIEXBAR LENGTH field ... libFuzzer triggered the following assertion: cat << EOF | qemu-system-i386 -M pc-q35-5.0 \ -nographic -monitor none -serial none \ -qtest stdio -d guest_errors -trace pci\* outl 0xcf8 0xf2000060 outl 0xcfc 0x8400056e EOF pci_cfg_write mch 00:0 @0x60 <- 0x8400056e Aborted (core dumped) This is because guest wrote MCH_HOST_BRIDGE_PCIEXBAR_LENGTH_RVD (reserved value) to the PCIE XBAR register. There is no indication on the datasheet about what occurs when this value is written. Simply ignore it on QEMU (and report an guest error): pci_cfg_write mch 00:0 @0x60 <- 0x8400056e Q35: Reserved PCIEXBAR LENGTH pci_cfg_read mch 00:0 @0x0 -> 0x8086 pci_cfg_read mch 00:0 @0x0 -> 0x29c08086 ... Cc: qemu-stable@nongnu.org Reported-by: Alexander Bulekov <alxndr@bu.edu> BugLink: https://bugs.launchpad.net/qemu/+bug/1878641 Fixes: df2d8b3ed4 ("q35: Introduce q35 pc based chipset emulator") Reviewed-by: Richard Henderson <richard.henderson@linaro.org> Signed-off-by: Philippe Mathieu-Daudé <f4bug@amsat.org> Message-Id: <20210526142438.281477-1-f4bug@amsat.org> Reviewed-by: Michael S. Tsirkin <mst@redhat.com> Signed-off-by: Michael S. Tsirkin <mst@redhat.com> Reviewed-by: Alexander Bulekov <alxndr@bu.edu> Reviewed-by: Michael S. Tsirkin <mst@redhat.com> Signed-off-by: Michael S. Tsirkin <mst@redhat.com>		2021-07-03 01:39:33 -04:00
..
bonito.c	Do not include exec/address-spaces.h if it's not really necessary	2021-05-02 17:24:51 +02:00
designware.c	pci-host: designware: add pcie-msi read method	2021-02-08 15:15:32 +01:00
gpex-acpi.c	acpi/gpex: Fix cca attribute check for pxb device	2021-02-23 10:06:55 -05:00
gpex.c	hw/pci-host/gpex: Don't fault for unmapped parts of MMIO and PIO windows	2021-04-30 11:16:52 +01:00
grackle.c	grackle: use qdev gpios for PCI IRQs	2020-10-18 16:21:42 +01:00
i440fx.c	i440fx: Register i440FX-pcihost properties as class properties	2020-09-22 16:48:29 -04:00
Kconfig	hw/pci-host: Add emulation of Marvell MV64361 PPC system controller	2021-05-04 11:41:25 +10:00
meson.build	hw/pci-host: Do not build gpex-acpi.c if GPEX is not selected	2021-05-13 18:12:40 +02:00
mv643xx.h	hw/pci-host: Add emulation of Marvell MV64361 PPC system controller	2021-05-04 11:41:25 +10:00
mv64361.c	hw/pci-host: Add emulation of Marvell MV64361 PPC system controller	2021-05-04 11:41:25 +10:00
pam.c	hw/pci-host/pam: Replace magic number by PAM_REGIONS_COUNT definition	2020-12-13 17:07:05 +01:00
pnv_phb3_msi.c	qom: Drop parameter @errp of object_property_add() & friends	2020-05-15 07:07:58 +02:00
pnv_phb3_pbcq.c	qom: Drop parameter @errp of object_property_add() & friends	2020-05-15 07:07:58 +02:00
pnv_phb3.c	Use DECLARE_*CHECKER* macros	2020-09-09 09:27:09 -04:00
pnv_phb4_pec.c	error: Eliminate error_propagate() with Coccinelle, part 1	2020-07-10 15:18:08 +02:00
pnv_phb4.c	ppc/pnv: Add trace events for PCI event notification	2021-02-10 10:43:50 +11:00
ppce500.c	Do not include exec/address-spaces.h if it's not really necessary	2021-05-02 17:24:51 +02:00
prep.c	Do not include exec/address-spaces.h if it's not really necessary	2021-05-02 17:24:51 +02:00
q35.c	hw/pci-host/q35: Ignore write of reserved PCIEXBAR LENGTH field	2021-07-03 01:39:33 -04:00
remote.c	multi-process: setup PCI host bridge for remote device	2021-02-10 09:23:22 +00:00
sabre.c	Do not include exec/address-spaces.h if it's not really necessary	2021-05-02 17:24:51 +02:00
sh_pci.c	Do not include exec/address-spaces.h if it's not really necessary	2021-05-02 17:24:51 +02:00
trace-events	docs: fix references to docs/devel/tracing.rst	2021-06-02 06:51:09 +02:00
trace.h	trace: switch position of headers to what Meson requires	2020-08-21 06:18:24 -04:00
uninorth.c	hw: Use the PCI_DEVFN() macro from 'hw/pci/pci.h'	2021-01-04 23:24:44 +01:00
versatile.c	Use DECLARE_*CHECKER* macros	2020-09-09 09:27:09 -04:00
xen_igd_pt.c	xen: Use ERRP_GUARD()	2020-07-10 15:18:09 +02:00
xilinx-pcie.c	hw/mips/boston: Fix Lesser GPL version number	2020-11-03 16:51:13 +01:00