From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from mailman by lists.gnu.org with tmda-scanned (Exim 4.43)
	id 1L8jIw-0006Mc-9V
	for qemu-devel@nongnu.org; Fri, 05 Dec 2008 17:37:46 -0500
Received: from exim by lists.gnu.org with spam-scanned (Exim 4.43)
	id 1L8jIt-0006MH-PZ
	for qemu-devel@nongnu.org; Fri, 05 Dec 2008 17:37:44 -0500
Received: from [199.232.76.173] (port=49787 helo=monty-python.gnu.org)
	by lists.gnu.org with esmtp (Exim 4.43) id 1L8jIt-0006MD-JN
	for qemu-devel@nongnu.org; Fri, 05 Dec 2008 17:37:43 -0500
Received: from rn-out-0910.google.com ([64.233.170.184]:38334)
	by monty-python.gnu.org with esmtp (Exim 4.60)
	(envelope-from <anthony@codemonkey.ws>) id 1L8jIp-0001sj-Of
	for qemu-devel@nongnu.org; Fri, 05 Dec 2008 17:37:40 -0500
Received: by rn-out-0910.google.com with SMTP id 56so262409rnw.8
	for <qemu-devel@nongnu.org>; Fri, 05 Dec 2008 14:37:38 -0800 (PST)
Message-ID: <4939AD2E.2080904@codemonkey.ws>
Date: Fri, 05 Dec 2008 16:37:34 -0600
From: Anthony Liguori <anthony@codemonkey.ws>
MIME-Version: 1.0
Subject: Re: [Qemu-devel][BUG][PATCH] Fix crash in kvm.c
References: <4939A81E.4020301@mail.berlios.de>
In-Reply-To: <4939A81E.4020301@mail.berlios.de>
Content-Type: text/plain; charset=ISO-8859-15; format=flowed
Content-Transfer-Encoding: 7bit
Reply-To: qemu-devel@nongnu.org
List-Id: qemu-devel.nongnu.org
List-Unsubscribe: <http://lists.nongnu.org/mailman/listinfo/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=unsubscribe>
List-Archive: <http://lists.gnu.org/pipermail/qemu-devel>
List-Post: <mailto:qemu-devel@nongnu.org>
List-Help: <mailto:qemu-devel-request@nongnu.org?subject=help>
List-Subscribe: <http://lists.nongnu.org/mailman/listinfo/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=subscribe>
To: qemu-devel@nongnu.org, Glauber de Oliveira Costa <gcosta@redhat.com>, Stefan Weil <weil@mail.berlios.de>

Stefan Weil wrote:
> I got a crash (array access out of bounds results in access fault)
> with the current Qemu trunk when kvm is enabled:
>
> qemu -fda fd.img -cdrom cdrom.img -hda hda.img -hdb raw.img -m 256 -boot
> c -enable-kvm
>
> Host is Debian x86_64, the crash occurs before any code is emulated.
>   

Is the patch incomplete, perhaps?  It seems to just add asserts which 
shouldn't fix anything.

I don't think any leaf should return a max leaf greater than 100 
elements so I'd be pretty surprised to see this happen.  I'd really like 
to see the back trace to see which leaf is the problematic one and what 
the greatest leaf being reported is.

> With the patch, the emulation (Win 98) boots, but has problems with the
> display of
> icons and the mouse cursor. Qemu displays lots of
> "BUG: kvm_physical_sync_dirty_bitmap: invalid parameters" messages.
>   

It looks like Avi and Glauber found some bugs in this code.  There are 
patches for kvm-userspace right now that need porting to QEMU.  I'll 
take a look at that this weekend unless Glauber was already planning too.

Regards,

Anthony Liguori

> Stefan
>
>