[Bug 208168] Bad KASSERT in vmm.c vm_gpa_hold()

[bugzilla-noreply at freebsd.org]

https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=208168

            Bug ID: 208168
           Summary: Bad KASSERT in vmm.c vm_gpa_hold()
           Product: Base System
           Version: 11.0-CURRENT
          Hardware: amd64
                OS: Any
            Status: New
          Severity: Affects Only Me
          Priority: ---
         Component: kern
          Assignee: freebsd-bugs at FreeBSD.org
          Reporter: daverabbitz at ihug.co.nz
                CC: freebsd-amd64 at FreeBSD.org
                CC: freebsd-amd64 at FreeBSD.org

The KASSERT in this function is always true for positive values of vcpuid, it
looks like it is intended to check vcpuid is in the range -1 to VM_MAXCPU.

Here is a patch to make it right:

diff --git a/sys/amd64/vmm/vmm.c b/sys/amd64/vmm/vmm.c
index cb04f3c..ebd6360 100644
--- a/sys/amd64/vmm/vmm.c
+++ b/sys/amd64/vmm/vmm.c
@@ -914,7 +914,7 @@ vm_gpa_hold(struct vm *vm, int vcpuid, vm_paddr_t gpa,
size_t len, int reqprot,
         * guaranteed if at least one vcpu is in the VCPU_FROZEN state.
         */
        int state;
-       KASSERT(vcpuid >= -1 || vcpuid < VM_MAXCPU, ("%s: invalid vcpuid %d",
+       KASSERT(vcpuid >= -1 && vcpuid < VM_MAXCPU, ("%s: invalid vcpuid %d",
            __func__, vcpuid));
        for (i = 0; i < VM_MAXCPU; i++) {
                if (vcpuid != -1 && vcpuid != i)

-- 
You are receiving this mail because:
You are on the CC list for the bug.