From patchwork Fri May 31 06:51:06 2013
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Xiao Guangrong <xiaoguangrong@linux.vnet.ibm.com>
X-Patchwork-Id: 247856
Return-Path: <qemu-devel-bounces+incoming=patchwork.ozlabs.org@nongnu.org>
X-Original-To: incoming@patchwork.ozlabs.org
Delivered-To: patchwork-incoming@bilbo.ozlabs.org
Received: from lists.gnu.org (lists.gnu.org [IPv6:2001:4830:134:3::11])
	(using TLSv1 with cipher AES256-SHA (256/256 bits))
	(Client did not present a certificate)
	by ozlabs.org (Postfix) with ESMTPS id 2ECA92C009D
	for <incoming@patchwork.ozlabs.org>;
	Fri, 31 May 2013 16:51:42 +1000 (EST)
Received: from localhost ([::1]:43012 helo=lists.gnu.org)
	by lists.gnu.org with esmtp (Exim 4.71) (envelope-from
	<qemu-devel-bounces+incoming=patchwork.ozlabs.org@nongnu.org>)
	id 1UiJBZ-0001dR-QA
	for incoming@patchwork.ozlabs.org; Fri, 31 May 2013 02:51:37 -0400
Received: from eggs.gnu.org ([2001:4830:134:3::10]:46830)
	by lists.gnu.org with esmtp (Exim 4.71)
	(envelope-from <xiaoguangrong@linux.vnet.ibm.com>)
	id 1UiJBH-0001dM-UG
	for qemu-devel@nongnu.org; Fri, 31 May 2013 02:51:23 -0400
Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
	(envelope-from <xiaoguangrong@linux.vnet.ibm.com>)
	id 1UiJBF-00013S-Eh
	for qemu-devel@nongnu.org; Fri, 31 May 2013 02:51:19 -0400
Received: from e23smtp04.au.ibm.com ([202.81.31.146]:59425)
	by eggs.gnu.org with esmtp (Exim 4.71)
	(envelope-from <xiaoguangrong@linux.vnet.ibm.com>)
	id 1UiJBE-00013E-Qm
	for qemu-devel@nongnu.org; Fri, 31 May 2013 02:51:17 -0400
Received: from /spool/local
	by e23smtp04.au.ibm.com with IBM ESMTP SMTP Gateway: Authorized Use
	Only! Violators will be prosecuted
	for <qemu-devel@nongnu.org> from <xiaoguangrong@linux.vnet.ibm.com>;
	Fri, 31 May 2013 16:37:47 +1000
Received: from d23dlp02.au.ibm.com (202.81.31.213)
	by e23smtp04.au.ibm.com (202.81.31.210) with IBM ESMTP SMTP Gateway:
	Authorized Use Only! Violators will be prosecuted;
	Fri, 31 May 2013 16:37:46 +1000
Received: from d23relay05.au.ibm.com (d23relay05.au.ibm.com [9.190.235.152])
	by d23dlp02.au.ibm.com (Postfix) with ESMTP id A97A62BB0050
	for <qemu-devel@nongnu.org>; Fri, 31 May 2013 16:51:11 +1000 (EST)
Received: from d23av01.au.ibm.com (d23av01.au.ibm.com [9.190.234.96])
	by d23relay05.au.ibm.com (8.13.8/8.13.8/NCO v10.0) with ESMTP id
	r4V6agI926542106
	for <qemu-devel@nongnu.org>; Fri, 31 May 2013 16:36:43 +1000
Received: from d23av01.au.ibm.com (loopback [127.0.0.1])
	by d23av01.au.ibm.com (8.14.4/8.13.1/NCO v10.0 AVout) with ESMTP id
	r4V6p97a011330
	for <qemu-devel@nongnu.org>; Fri, 31 May 2013 16:51:10 +1000
Received: from localhost.localdomain (dhcp-9-111-29-91.cn.ibm.com
	[9.111.29.91])
	by d23av01.au.ibm.com (8.14.4/8.13.1/NCO v10.0 AVin) with ESMTP id
	r4V6p671011244; Fri, 31 May 2013 16:51:08 +1000
Message-ID: <51A8485A.4000605@linux.vnet.ibm.com>
Date: Fri, 31 May 2013 14:51:06 +0800
From: Xiao Guangrong <xiaoguangrong@linux.vnet.ibm.com>
User-Agent: Mozilla/5.0 (X11; Linux x86_64;
	rv:17.0) Gecko/20130110 Thunderbird/17.0.2
MIME-Version: 1.0
To: Jordan Justen <jljusten@gmail.com>
References: <20130530114604.4b12cb22@redhat.com>	<51A77838.4060707@redhat.com>
	<20130530120832.5abe1c65@redhat.com>
	<CAFe8ug_UzYV3_vvkbDVog6rH9a_g+w8R2OY21Jh0TWDW9Q5rVQ@mail.gmail.com>
In-Reply-To: 
 <CAFe8ug_UzYV3_vvkbDVog6rH9a_g+w8R2OY21Jh0TWDW9Q5rVQ@mail.gmail.com>
X-Content-Scanned: Fidelis XPS MAILER
x-cbid: 13053106-9264-0000-0000-000003D99C1B
X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.4.x-2.6.x [generic]
X-Received-From: 202.81.31.146
Cc: Paolo Bonzini <pbonzini@redhat.com>, qemu-devel <qemu-devel@nongnu.org>,
	"Justen, Jordan L" <jordan.l.justen@intel.com>,
	Luiz Capitulino <lcapitulino@redhat.com>
Subject: Re: [Qemu-devel] [BUG]: kvm_set_phys_mem: error unregistering
	overlapping slot: Invalid argument
X-BeenThere: qemu-devel@nongnu.org
X-Mailman-Version: 2.1.14
Precedence: list
List-Id: <qemu-devel.nongnu.org>
List-Unsubscribe: <https://lists.nongnu.org/mailman/options/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=unsubscribe>
List-Archive: <http://lists.nongnu.org/archive/html/qemu-devel>
List-Post: <mailto:qemu-devel@nongnu.org>
List-Help: <mailto:qemu-devel-request@nongnu.org?subject=help>
List-Subscribe: <https://lists.nongnu.org/mailman/listinfo/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=subscribe>
Errors-To: qemu-devel-bounces+incoming=patchwork.ozlabs.org@nongnu.org
Sender: qemu-devel-bounces+incoming=patchwork.ozlabs.org@nongnu.org

On 05/31/2013 12:50 AM, Jordan Justen wrote:
> On Thu, May 30, 2013 at 9:08 AM, Luiz Capitulino <lcapitulino@redhat.com> wrote:
>> On Thu, 30 May 2013 18:03:04 +0200
>> Paolo Bonzini <pbonzini@redhat.com> wrote:
>>
>>> Il 30/05/2013 17:46, Luiz Capitulino ha scritto:
>>>> The culprit is commit:
>>>>
>>>> commit 235e8982ad393e5611cb892df54881c872eea9e1
>>>> Author: Jordan Justen <jordan.l.justen@intel.com>
>>>> Date:   Wed May 29 01:27:26 2013 -0700
>>>>
>>>>     kvm: support using KVM_MEM_READONLY flag for regions
>>>>
>>>> I'm running 3.9.2-200.fc18, btw. And, error checking is missing on the
>>>> first call to kvm_vm_ioctl().
> 
> As noted in the code, the first call is for KVM commit 75d61fbc.
> 
> I'm not sure we want to fail if an error occurs when making that call.
> (I'm pretty sure we don't want to in fact.)
> 
> Xiao, any thoughts?

I have reproduced this bug, it seems that the bug is caused by double free
the memslot. After these change, it can boot the guest now.

diff --git a/kvm-all.c b/kvm-all.c
index 8e7bbf8..405480e 100644
--- a/kvm-all.c
+++ b/kvm-all.c
@@ -206,7 +206,8 @@ static int kvm_set_user_memory_region(KVMState *s, KVMSlot *slot)
     if (s->migration_log) {
         mem.flags |= KVM_MEM_LOG_DIRTY_PAGES;
     }
-    if (mem.flags & KVM_MEM_READONLY) {
+
+    if (slot->memory_size && mem.flags & KVM_MEM_READONLY) {
         /* Set the slot size to 0 before setting the slot to the desired
          * value. This is needed based on KVM commit 75d61fbc. */
         mem.memory_size = 0;