From patchwork Wed Sep 23 22:13:18 2009 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Bruce Rogers X-Patchwork-Id: 49609 Received: from vger.kernel.org (vger.kernel.org [209.132.176.167]) by demeter.kernel.org (8.14.2/8.14.2) with ESMTP id n8NMDOdu027432 for ; Wed, 23 Sep 2009 22:13:24 GMT Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1751057AbZIWWNR (ORCPT ); Wed, 23 Sep 2009 18:13:17 -0400 Received: (majordomo@vger.kernel.org) by vger.kernel.org id S1751386AbZIWWNR (ORCPT ); Wed, 23 Sep 2009 18:13:17 -0400 Received: from novprvlin0050.provo.novell.com ([137.65.248.33]:24054 "EHLO novprvlin0050.provo.novell.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1751053AbZIWWNR convert rfc822-to-8bit (ORCPT ); Wed, 23 Sep 2009 18:13:17 -0400 Received: from INET-PRV1-MTA by novprvlin0050.provo.novell.com with Novell_GroupWise; Wed, 23 Sep 2009 16:13:20 -0600 Message-Id: <4ABA491E0200004800081D32@novprvlin0050.provo.novell.com> X-Mailer: Novell GroupWise Internet Agent 8.0.1 Date: Wed, 23 Sep 2009 16:13:18 -0600 From: "Bruce Rogers" To: Subject: [PATCH] kvm: allocate correct size for dirty bitmap Mime-Version: 1.0 Content-Disposition: inline Sender: kvm-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: kvm@vger.kernel.org The dirty bitmap copied out to userspace is stored in a long array, and gets copied out to userspace accordingly. This patch accounts for that correctly. Currently I'm seeing kvm crashing due to writing beyond the end of the alloc'd dirty bitmap memory, because the buffer has the wrong size. Signed-off-by: Bruce Rogers --- qemu-kvm.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) -- To unsubscribe from this list: send the line "unsubscribe kvm" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html diff --git a/qemu-kvm.c b/qemu-kvm.c index 6511cb6..ee5db76 100644 --- a/qemu-kvm.c +++ b/qemu-kvm.c @@ -702,7 +702,7 @@ int kvm_get_dirty_pages_range(kvm_context_t kvm, unsigned long phys_addr, for (i = 0; i < KVM_MAX_NUM_MEM_REGIONS; ++i) { if ((slots[i].len && (uint64_t) slots[i].phys_addr >= phys_addr) && ((uint64_t) slots[i].phys_addr + slots[i].len <= end_addr)) { - buf = qemu_malloc((slots[i].len / 4096 + 7) / 8 + 2); + buf = qemu_malloc(BITMAP_SIZE(slots[i].len)); r = kvm_get_map(kvm, KVM_GET_DIRTY_LOG, i, buf); if (r) { qemu_free(buf);