From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from eggs.gnu.org ([208.118.235.92]:43848)
	by lists.gnu.org with esmtp (Exim 4.71)
	(envelope-from <Alexey.Korolev@endace.com>) id 1TgLV3-0006G6-CH
	for qemu-devel@nongnu.org; Wed, 05 Dec 2012 15:23:30 -0500
Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
	(envelope-from <Alexey.Korolev@endace.com>) id 1TgLUz-0001bF-FJ
	for qemu-devel@nongnu.org; Wed, 05 Dec 2012 15:23:21 -0500
Received: from usrksweb02.endace.com ([174.143.168.194]:52787)
	by eggs.gnu.org with esmtp (Exim 4.71)
	(envelope-from <Alexey.Korolev@endace.com>) id 1TgLUz-0001ax-9D
	for qemu-devel@nongnu.org; Wed, 05 Dec 2012 15:23:17 -0500
Message-ID: <50BFAD2B.1040505@endace.com>
Date: Thu, 6 Dec 2012 09:23:07 +1300
From: Alexey Korolev <alexey.korolev@endace.com>
MIME-Version: 1.0
References: <50BEA7C0.5020602@endace.com> <50BEF818.90002@redhat.com>
In-Reply-To: <50BEF818.90002@redhat.com>
Content-Type: text/plain; charset="ISO-8859-1"
Content-Transfer-Encoding: 7bit
Subject: Re: [Qemu-devel] [BUG] QEMU crashes when 64bit BAR is present
List-Id: <qemu-devel.nongnu.org>
List-Unsubscribe: <https://lists.nongnu.org/mailman/options/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=unsubscribe>
List-Archive: <http://lists.nongnu.org/archive/html/qemu-devel>
List-Post: <mailto:qemu-devel@nongnu.org>
List-Help: <mailto:qemu-devel-request@nongnu.org?subject=help>
List-Subscribe: <https://lists.nongnu.org/mailman/listinfo/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=subscribe>
To: Gerd Hoffmann <kraxel@redhat.com>
Cc: "Michael S. Tsirkin" <mst@redhat.com>, "qemu-devel@nongnu.org" <qemu-devel@nongnu.org>, Avi Kivity <avi@redhat.com>

Hi Gerd,
>   Hi,
>
>> And qemu error output is:
>> qemu: /home/akorolev/qemu-kvm/exec.c:2255: register_subpage: Assertion `existing->mr->subpage || existing->mr == &io_mem_unassigned' failed.
>>
>> Guest OS is Centos 5.5 and log is pretty boring, as qemu crashes before Linux can report an issue.
> Where does it crash? seabios? linux kernel?
> Still reproducable with 1.3.0?
It is a qemu core assertion.
Haven't tried 1.3.0 yet, can try it today.
The bug is quite easy to reproduce, if use ivshmem with 64bit tweaks and specify size 128M.