[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Qemu-devel] [Bug 1803160] Re: qemu-3.1.0-rc0: tcg.c crash in temp_load
|
From: |
Alex Bennée |
|
Subject: |
[Qemu-devel] [Bug 1803160] Re: qemu-3.1.0-rc0: tcg.c crash in temp_load |
|
Date: |
Wed, 05 Dec 2018 12:16:17 -0000 |
Can you please re-test on the current master, I think this was fixed by:
commit e84fcd7f662a0d8198703f6f89416d7ac2c32767
Author: Richard Henderson <address@hidden>
Date: Tue Nov 13 20:35:10 2018 +0100
target/i386: Generate #UD when applying LOCK to a register
destination
Testing on my box:
12:14:20 address@hidden:~/l/qemu.git] master + ./i386-linux-user/qemu-i386
~/tcg_crash.elf
qemu: uncaught target signal 4 (Illegal instruction) - core dumped
fish: “./i386-linux-user/qemu-i386 ~/t…” terminated by signal SIGILL (Illegal
instruction)
** Changed in: qemu
Status: New => Fix Committed
--
You received this bug notification because you are a member of qemu-
devel-ml, which is subscribed to QEMU.
https://bugs.launchpad.net/bugs/1803160
Title:
qemu-3.1.0-rc0: tcg.c crash in temp_load
Status in QEMU:
Fix Committed
Bug description:
QEMU version:
-------------
qemu-3.1.0-rc0 compiled from sources (earlier versions also affected)
Summary:
--------
TCG crashes in i386 and x86_64 when it tries to execute some specific
illegal instructions. When running full OS emulation, both the guest
system and QEMU crash.
The issue has been reproduced in two scenarios:
Ubuntu x64 host running Debian x86 guest with the following command
line: qemu-system-x86_64 -m 4G debian.qcow
When the attached ELF file is executed inside the guest, QEMU crashes.
It can also be reproduced from the command line:
$ qemu-i386 tcg_crash.elf
/home/alberto/Documents/qemu-3.1.0-rc0/tcg/tcg.c:2863: tcg fatal error
qemu: uncaught target signal 11 (Segmentation fault) - core dumped
zsh: segmentation fault (core dumped)
../qemu-3.1.0-rc0/build/i386-linux-user/qemu-i386 tcg_crash.elf
GDB backtrace:
(gdb) bt
#0 0x0000000060206488 in raise ()
#1 0x0000000060206b8a in abort ()
#2 0x0000000060007016 in temp_load (address@hidden <tcg_init_ctx>,
address@hidden <tcg_init_ctx+2552>, desired_regs=<optimized out>,
address@hidden)
at /home/alberto/Documents/qemu-3.1.0-rc0/tcg/tcg.c:2863
#3 0x000000006000a4d9 in tcg_reg_alloc_op (op=0x62808c20, s=<optimized out>)
at /home/alberto/Documents/qemu-3.1.0-rc0/tcg/tcg.c:3070
#4 tcg_gen_code (s=<optimized out>, address@hidden
<static_code_gen_buffer+4144>) at
/home/alberto/Documents/qemu-3.1.0-rc0/tcg/tcg.c:3598
#5 0x000000006003ef9a in tb_gen_code (address@hidden, address@hidden,
address@hidden, address@hidden, address@hidden)
at /home/alberto/Documents/qemu-3.1.0-rc0/accel/tcg/translate-all.c:1752
#6 0x000000006003d979 in tb_find (cf_mask=0, tb_exit=0, last_tb=0x0,
cpu=0x0) at /home/alberto/Documents/qemu-3.1.0-rc0/accel/tcg/cpu-exec.c:404
#7 cpu_exec (address@hidden) at
/home/alberto/Documents/qemu-3.1.0-rc0/accel/tcg/cpu-exec.c:724
#8 0x000000006006e1a0 in cpu_loop (address@hidden) at
/home/alberto/Documents/qemu-3.1.0-rc0/linux-user/i386/cpu_loop.c:93
#9 0x00000000600037c5 in main (argc=2, argv=0x7fffffffdd28, envp=<optimized
out>) at /home/alberto/Documents/qemu-3.1.0-rc0/linux-user/main.c:819
(gdb)
Testcase:
---------
Find ELF file attached.
To manage notifications about this bug go to:
https://bugs.launchpad.net/qemu/+bug/1803160/+subscriptions
- [Qemu-devel] [Bug 1803160] Re: qemu-3.1.0-rc0: tcg.c crash in temp_load, Alex Bennée, 2018/12/05
- [Qemu-devel] [Bug 1803160] Re: qemu-3.1.0-rc0: tcg.c crash in temp_load,
Alex Bennée <=
- [Qemu-devel] [Bug 1803160] Re: qemu-3.1.0-rc0: tcg.c crash in temp_load, Alberto Ortega, 2018/12/05
- [Qemu-devel] [Bug 1803160] Re: qemu-3.1.0-rc0: tcg.c crash in temp_load, Alberto Ortega, 2018/12/05
- [Qemu-devel] [Bug 1803160] Re: qemu-3.1.0-rc0: tcg.c crash in temp_load, Richard Henderson, 2018/12/07
- [Qemu-devel] [Bug 1803160] Re: qemu-3.1.0-rc0: tcg.c crash in temp_load, Alberto Ortega, 2018/12/10
- [Qemu-devel] [Bug 1803160] Re: qemu-3.1.0-rc0: tcg.c crash in temp_load, Thomas Huth, 2018/12/12