QEMU

Incorrect handling of icebp

Bug #1119686 reported by Francois Gouget on 2013-02-08

This bug affects 1 person

Affects

Status

Importance

Assigned to

Milestone

QEMU

Fix Released

Undecided

Unassigned

You need to log in to change this bug's status.

Affecting:	QEMU
Filed here by:	Francois Gouget
When:	2013-02-08
Confirmed:	2017-01-04
Started work:	2017-01-04
Completed:	2017-01-04

Target

Distribution
Package	(Find…)
Project	(Find…)

Status	Importance
	Undecided

Assigned to

	Nobody
	Me

Comment on this change (optional)

Email me about changes to this bug report

(?)

Bug Description

Wine conformance suite tests the behavior of various low-level Windows API functions. One of the tests involves checking the interaction of breakpoints and exceptions, and in particular the 'icebp' breakpoint. This test works on a Windows XP machine running either on the metal or in VMware ESX but fails when run in QEmu.

To reproduce the issue grab the attached 'exception.exe' file and run it. If you get 'Test failed' lines like below then it means the problem is still present:

    exception.c:202: exception 0: 80000004 flags:0 addr:003F0000
    exception.c:208: Test failed: 0: Wrong exception address 003F0000/003F0001
    exception.c:214: this is the last test seen before the exception
    exception: unhandled exception 80000004 at 003F0000
    exception.c:202: exception 0: c0000027 flags:2 addr:7C80E0B9
    exception.c:205: Test failed: 0: Wrong exception code c0000027/80000004
    exception.c:208: Test failed: 0: Wrong exception address 7C80E0B9/003F0001

Note that this bug was not present in QEmu 1.1.2+dfsg-5 (Debian Testing) but is now present in 1.4.0~rc0+dfsg-1exp (Debian Experimental).

Add tags Tag help

Francois Gouget (fgouget) wrote on 2013-02-08:

Test executable and source Edit (17.1 KiB, application/x-tar)

Francois Gouget (fgouget) wrote on 2013-10-28:

This bug is still present in QEMU 1.6.0 (as per Debian's qemu-system-x86 1.6.0+dfsg-1 package).

Francois Gouget (fgouget) wrote on 2014-03-19:

This bug is still present in QEMU 1.7.0 (as per Debian's qemu-system-x86 1.7.0+dfsg-3 package).

Paolo Bonzini (bonzini) wrote on 2014-04-28:

The patch submitted upstream was for the kernel. Is this also a bug in QEMU when TCG is disabled?

Paolo Bonzini (bonzini) wrote on 2014-04-28:

s/TCG/KVM/ - Is this also a bug when KVM is disabled?

Thomas Huth (th-huth) on 2016-11-04

Changed in qemu:
status:	New → Incomplete

Launchpad Janitor (janitor) wrote on 2017-01-04:

[Expired for QEMU because there has been no activity for 60 days.]

Changed in qemu:
status:	Incomplete → Expired

Francois Gouget (fgouget) wrote on 2017-01-04:

Actually this got fixed by the following Linux kernel commit:

https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=fd2a445a94d2ab6b39fb623dc02fee48d01a565a

commit fd2a445a94d2ab6b39fb623dc02fee48d01a565a (patch)

KVM: VMX: Advance rip to after an ICEBP instruction
When entering an exception after an ICEBP, the saved instruction
pointer should point to after the instruction.

This fixes the bug here: https://bugs.launchpad.net/qemu/+bug/1119686

Signed-off-by: Huw Davies <email address hidden>
Reviewed-by: Jan Kiszka <email address hidden>
Signed-off-by: Marcelo Tosatti <email address hidden>

Changed in qemu:
status:	Expired → Fix Released

Report a bug

This report contains Public information Edit

Everyone can see this information.

You are

Subscribing...

Edit bug mail

Other bug subscribers

Bug attachments

Test executable and source (edit)

Add attachment