QEMU

qemu commit 80422b0: tcg.c crash in temp_load

Bug #1807675 reported by Alberto Ortega
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
QEMU
Fix Released
Undecided
Unassigned

Bug Description

As discussed in #1803160 I'm opening a new ticket for the new bug.

QEMU version:
-------------

qemu from git, master branch commit 80422b00196a7af4c6efb628fae0ad8b644e98af

Summary:
--------

TCG crashes in i386 and x86_64 when it tries to execute some specific illegal instructions. When running full OS emulation, both the guest system and QEMU crash.

$ qemu-i386 tcg_crash1.elf
/home/alberto/Documents/qemu/tcg/tcg.c:2863: tcg fatal error
qemu: uncaught target signal 11 (Segmentation fault) - core dumped
zsh: segmentation fault (core dumped) ./qemu/build/i386-linux-user/qemu-i386 tcg_crash1.elf

Invalid instructions:

f0 invalid
40 inc eax
a7 cmpsd dword [esi], dword ptr es:[edi]
48 dec eax

Testcase:
---------

Find ELF file attached.

Tags: tcg
Revision history for this message
Alberto Ortega (aortega) wrote :
Revision history for this message
Peter Maydell (pmaydell) wrote :

(Still repros as of commit d37bfe142382fa82585.)

Changed in qemu:
status: New → Confirmed
Revision history for this message
Peter Maydell (pmaydell) wrote :

I've sent patch https://patchwork.ozlabs.org/patch/1068003/ to the list which fixes this. (There might be other failures to check for bogus LOCK prefixes elsewhere, though.)

Changed in qemu:
status: Confirmed → In Progress
Revision history for this message
Peter Maydell (pmaydell) wrote :

The patch from comment #3 is now in git master and will be in the 4.0 release.

Changed in qemu:
status: In Progress → Fix Committed
Thomas Huth (th-huth)
Changed in qemu:
status: Fix Committed → Fix Released
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.