Abort() in mch_update_pciexbar
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
QEMU |
Fix Released
|
Undecided
|
Unassigned |
Bug Description
Hello,
I found an input which triggers an abort() in mch_update_
#0 0x00007ffff686d761 in __GI_raise (sig=sig@entry=0x6) at ../sysdeps/
#1 0x00007ffff685755b in __GI_abort () at abort.c:79
#2 0x000055555705c7ae in mch_update_pciexbar (mch=0x62900000
#3 0x000055555705bb6a in mch_write_config (d=0x629000005920, address=0x60, val=0x8400056e, len=0x4) at /home/alxndr/
#4 0x00005555570954fb in pci_host_
#5 0x000055555709606e in pci_data_write (s=0x61d000096080, addr=0xf2000060, val=0x8400056e, len=0x4) at /home/alxndr/
#6 0x00005555570967d0 in pci_host_data_write (opaque=
#7 0x00005555564938b5 in memory_
#8 0x000055555649328a in access_
#9 0x0000555556491df6 in memory_
#10 0x00005555562cbbf4 in flatview_
#11 0x00005555562bbad9 in flatview_write (fv=0x606000033b00, addr=0xcfc, attrs=..., buf=0x7fffffffa4e0, len=0x4) at /home/alxndr/
#12 0x00005555562bb609 in address_space_write (as=0x55555968f940 <address_space_io>, addr=0xcfc, attrs=..., buf=0x7fffffffa4e0, len=0x4) at /home/alxndr/
#13 0x0000555556478c0a in cpu_outl (addr=0xcfc, val=0x8400056e) at /home/alxndr/
#14 0x000055555648166f in qtest_process_
#15 0x000055555647f187 in qtest_process_inbuf (chr=0x555559691d00 <qtest_chr>, inbuf=0x6190000
#16 0x000055555647e8b4 in qtest_read (opaque=
#17 0x00005555579c260c in qemu_chr_
#18 0x00005555579c275b in qemu_chr_be_write (s=0x60f000001f30, buf=0x7fffffffca40 "outl 0xcf8 0xf2000060\noutl 0xcfc 0x8400056e\n-M pc-q35-5.0 -device intel-hda,id=hda0 -device hda-output,
#19 0x00005555579cb97a in fd_chr_read (chan=0x6080000
#20 0x0000555557a530ea in qio_channel_
#21 0x00007ffff7ca8898 in g_main_
#22 0x0000555557c10b85 in glib_pollfds_poll () at /home/alxndr/
#23 0x0000555557c0f57e in os_host_
#24 0x0000555557c0f177 in main_loop_wait (nonblocking=0x0) at /home/alxndr/
#25 0x000055555689fd1e in qemu_main_loop () at /home/alxndr/
#26 0x0000555557a6a29d in main (argc=0x17, argv=0x7fffffff
I can reproduce this in qemu 5.0 built using these qtest commands:
cat << EOF | ./qemu-system-i386 \
-qtest stdio -nographic -monitor none -serial none \
-M pc-q35-5.0
outl 0xcf8 0xf2000060
outl 0xcfc 0x8400056e
EOF
Please let me know if I can provide any further info.
-Alex
Changed in qemu: | |
status: | Fix Committed → Fix Released |
Proposed fix: /lists. gnu.org/ archive/ html/qemu- devel/2020- 07/msg05612. html
https:/