svn commit: r366965 - stable/12/usr.sbin/bhyve
Konstantin Belousov
kostikbel at gmail.com
Fri Oct 23 12:27:34 UTC 2020
On Fri, Oct 23, 2020 at 10:48:14AM +0000, Ryan Moeller wrote:
> Author: freqlabs
> Date: Fri Oct 23 10:48:14 2020
> New Revision: 366965
> URL: https://svnweb.freebsd.org/changeset/base/366965
>
> Log:
> MFC r366771:
>
> bhyve: Update TX descriptor base address and host mapping on change
>
> bhyve sometimes segfaults when using an e1000 NIC with a Windows guest.
>
> We are only updating our tdba and cached host mapping when the low address
> register is written and when tx is set enabled, but not when the high address
> or length registers are written. It is observed that Windows 10 is occasionally
> enabling tx first then writing the registers in the order low, high, len. This
> leaves us with a bogus base address and mapping, which causes a segfault later
> when we try to copy from a descriptor that has unpredictable garbage in a
> pointer.
>
> Updating the address and mapping when any of those registers change seems to fix
> that particular issue.
Does this description mean that if guest writes garbage into base, it can
crash monitor ?
More information about the svn-src-all
mailing list