QEMU

  1. Bug #1886362
  2. Comment #1

Comment 1 for bug 1886362

Revision history for this message
Philippe Mathieu-Daudé (philmd) wrote :

Running with '-trace e1000\*':

e1000e_cb_pci_realize E1000E PCI realize entry
e1000e_mac_set_permanent Set permanent MAC: 52:54:00:12:34:56
e1000e_cfg_support_virtio Virtio header supported: 0
e1000e_rx_set_cso RX CSO state set to 0
e1000e_cb_qdev_reset E1000E qdev reset entry
e1000x_mac_indicate Indicating MAC to guest: 52:54:00:12:34:56
e1000x_rx_can_recv_disabled link_up: 1, rx_enabled 0, pci_master 0
e1000x_rx_can_recv_disabled link_up: 1, rx_enabled 0, pci_master 0
e1000e_vm_state_running VM state is running
[R +0.094581] outl 0xcf8 0x80001010
[S +0.094604] OK
[R +0.094632] outl 0xcfc 0xe1020000
[S +0.094654] OK
[R +0.094668] outl 0xcf8 0x80001014
[S +0.094675] OK
[R +0.094694] outl 0xcf8 0x80001004
[S +0.094702] OK
[R +0.094712] outw 0xcfc 0x7
e1000e_rx_start_recv
[S +0.096938] OK
[R +0.096960] outl 0xcf8 0x800010a2
[S +0.096972] OK
[R +0.096986] write 0xe102003b 0x1 0xff
e1000e_core_write Write to register 0x38, 4 byte(s), value: 0xff
e1000e_vlan_vet Setting VLAN ethernet type 0xFF
[S +0.097019] OK
[R +0.097034] write 0xe1020103 0x1e 0xffffff055c5e5c30be4511d084ffffffffffffffffffffffffffffffffff
e1000e_core_write Write to register 0x100, 4 byte(s), value: 0xff
e1000e_rx_set_rctl RCTL = 0xff
e1000e_rx_desc_buff_sizes buffer sizes: [2048, 0, 0, 0]
e1000e_rx_desc_len RX descriptor length: 16
e1000e_rx_start_recv
e1000e_wrn_regs_write_unknown WARNING: Write to unknown register 0x104, 4 byte(s), value: 0x5c05ffff
e1000e_core_write Write to register 0x2820, 4 byte(s), value: 0xbe305c5e
e1000e_irq_rdtr_fpd_not_running FPD written while RDTR was not running
e1000e_wrn_regs_write_unknown WARNING: Write to unknown register 0x10c, 4 byte(s), value: 0x84d01145
e1000e_core_write Write to register 0x2800, 4 byte(s), value: 0xffffffff
e1000e_core_write Write to register 0x2804, 4 byte(s), value: 0xffffffff
e1000e_core_write Write to register 0x2808, 4 byte(s), value: 0xffffffff
e1000e_wrn_regs_write_unknown WARNING: Write to unknown register 0x11c, 4 byte(s), value: 0xffffffff
e1000e_core_write Write to register 0x2810, 4 byte(s), value: 0xff
[S +0.097143] OK
[R +0.097159] write 0xe1020420 0x4 0xffffffff
e1000e_core_write Write to register 0x3800, 4 byte(s), value: 0xffffffff
[S +0.097173] OK
[R +0.097183] write 0xe1020424 0x4 0xffffffff
e1000e_core_write Write to register 0x3804, 4 byte(s), value: 0xffffffff
[S +0.097196] OK
[R +0.097208] write 0xe102042b 0x1 0xff
e1000e_core_write Write to register 0x3808, 4 byte(s), value: 0xff
[S +0.097221] OK
[R +0.097231] write 0xe1020430 0x4 0x055c5e5c
e1000e_core_write Write to register 0x3810, 4 byte(s), value: 0x5c5e5c05
[S +0.097243] OK
[R +0.097253] write 0x5c041 0x1 0x04
[S +0.097914] OK
[R +0.097942] write 0x5c042 0x1 0x02
[S +0.097953] OK
[R +0.097964] write 0x5c043 0x1 0xe1
[S +0.097972] OK
[R +0.097984] write 0x5c048 0x1 0x8a
[S +0.097992] OK
[R +0.098003] write 0x5c04a 0x1 0x31
[S +0.098011] OK
[R +0.098022] write 0x5c04b 0x1 0xff
[S +0.098029] OK
[R +0.098040] write 0xe1020403 0x1 0xff
e1000e_core_write Write to register 0x400, 4 byte(s), value: 0xff
e1000e_tx_descr 0xe1020400 : ff31008a 0
e1000e_core_read Read from register 0x400, 4 byte(s), value: 0xff
e1000e_wrn_regs_read_unknown WARNING: Read from unknown register 0x404, 4 byte(s)
e1000e_wrn_regs_read_unknown WARNING: Read from unknown register 0x408, 4 byte(s)
e1000e_wrn_regs_read_unknown WARNING: Read from unknown register 0x40c, 4 byte(s)
e1000e_core_read Read from register 0x410, 4 byte(s), value: 0x602008
e1000e_wrn_regs_read_unknown WARNING: Read from unknown register 0x414, 4 byte(s)
e1000e_wrn_regs_read_unknown WARNING: Read from unknown register 0x418, 4 byte(s)
e1000e_wrn_regs_read_unknown WARNING: Read from unknown register 0x41c, 4 byte(s)
e1000e_core_read Read from register 0x3800, 4 byte(s), value: 0xfffffff0
e1000e_core_read Read from register 0x3804, 4 byte(s), value: 0xffffffff
e1000e_core_read Read from register 0x3808, 4 byte(s), value: 0x80
e1000e_wrn_regs_read_unknown WARNING: Read from unknown register 0x42c, 4 byte(s)
e1000e_core_read Read from register 0x3810, 4 byte(s), value: 0x5c05
e1000e_wrn_regs_read_unknown WARNING: Read from unknown register 0x434, 4 byte(s)
e1000e_core_read Read from register 0x3818, 4 byte(s), value: 0x0
e1000e_wrn_regs_read_unknown WARNING: Read from unknown register 0x43c, 4 byte(s)
e1000e_wrn_regs_read_unknown WARNING: Read from unknown register 0x3820, 4 byte(s)
e1000e_wrn_regs_read_unknown WARNING: Read from unknown register 0x444, 4 byte(s)
e1000e_wrn_regs_read_unknown WARNING: Read from unknown register 0x448, 4 byte(s)
e1000e_wrn_regs_read_unknown WARNING: Read from unknown register 0x44c, 4 byte(s)
e1000e_wrn_regs_read_unknown WARNING: Read from unknown register 0x450, 4 byte(s)
e1000e_wrn_regs_read_unknown WARNING: Read from unknown register 0x454, 4 byte(s)
e1000e_core_read Read from register 0x458, 4 byte(s), value: 0x0
e1000e_wrn_regs_read_unknown WARNING: Read from unknown register 0x45c, 4 byte(s)
e1000e_wrn_regs_read_unknown WARNING: Read from unknown register 0x460, 4 byte(s)
e1000e_wrn_regs_read_unknown WARNING: Read from unknown register 0x464, 4 byte(s)
e1000e_wrn_regs_read_unknown WARNING: Read from unknown register 0x468, 4 byte(s)
e1000e_wrn_regs_read_unknown WARNING: Read from unknown register 0x46c, 4 byte(s)
e1000e_wrn_regs_read_unknown WARNING: Read from unknown register 0x470, 4 byte(s)
e1000e_wrn_regs_read_unknown WARNING: Read from unknown register 0x474, 4 byte(s)
e1000e_wrn_regs_read_unknown WARNING: Read from unknown register 0x478, 4 byte(s)
e1000e_wrn_regs_read_unknown WARNING: Read from unknown register 0x47c, 4 byte(s)
e1000e_wrn_regs_read_unknown WARNING: Read from unknown register 0x480, 4 byte(s)
e1000e_wrn_regs_read_unknown WARNING: Read from unknown register 0x484, 4 byte(s)
e1000e_wrn_regs_read_unknown WARNING: Read from unknown register 0x488, 4 byte(s)
e1000e_rx_receive_iov Received vector of 4 fragments
e1000x_vlan_is_vlan_pkt Is VLAN packet: 0, ETH proto: 0x0, VET: 0xFF
e1000e_rx_rss_started Starting RSS processing
e1000e_rx_rss_disabled RSS is disabled
e1000e_rx_rss_dispatched_to_queue Packet being dispatched to queue 0
e1000e_ring_free_space ring #0: LEN: 1048448, DH: 255, DT: 0
e1000e_rx_has_buffers ring #0: free descr: 65273, packet size 142, descr buffer size 2048
e1000e_rx_descr Next RX descriptor: ring #0, PA: 0xfe0, length: 16
e1000e_rx_null_descriptor Null RX descriptor!!
e1000e_rx_descr Next RX descriptor: ring #0, PA: 0xff0, length: 16
e1000e_rx_null_descriptor Null RX descriptor!!
e1000e_rx_descr Next RX descriptor: ring #0, PA: 0x1000, length: 16
e1000e_rx_null_descriptor Null RX descriptor!!
e1000e_rx_descr Next RX descriptor: ring #0, PA: 0x1010, length: 16
e1000e_rx_null_descriptor Null RX descriptor!!
[...]
e1000e_rx_descr Next RX descriptor: ring #0, PA: 0x5c020, length: 16
e1000e_rx_null_descriptor Null RX descriptor!!
e1000e_rx_descr Next RX descriptor: ring #0, PA: 0x5c030, length: 16
e1000e_rx_null_descriptor Null RX descriptor!!
e1000e_rx_descr Next RX descriptor: ring #0, PA: 0x5c040, length: 16
e1000e_rx_desc_buff_write buffer #0, addr: 0xe1020400, offset: 0, from: 0x631000028830, length: 14
e1000e_core_write Write to register 0x400, 4 byte(s), value: 0xff
e1000e_tx_descr 0xe1020400 : ff31008a 0
e1000e_irq_rearm_timer Mitigation timer armed for register 0x3820, delay 0 ns
e1000e_irq_set_cause_entry Going to set IRQ cause 0x2, ICR: 0x0
e1000e_irq_set_cause_exit Set IRQ cause 0x3, ICR: 0x3
e1000e_irq_fix_icr_asserted ICR_ASSERTED bit fixed: 0x80000003
e1000e_irq_pending_interrupts ICR PENDING: 0x0 (ICR: 0x80000003, IMS: 0x0)
e1000e_irq_legacy_notify IRQ line state: 0
e1000e_wrn_regs_write_unknown WARNING: Write to unknown register 0x404, 4 byte(s), value: 0x0
e1000e_wrn_regs_write_unknown WARNING: Write to unknown register 0x408, 4 byte(s), value: 0x0
e1000e_wrn_regs_write_unknown WARNING: Write to unknown register 0x40c, 4 byte(s), value: 0x0
e1000e_rx_desc_buff_write buffer #0, addr: 0xe1020400, offset: 14, from: 0x62500024200e, length: 124
=================================================================
==32103==ERROR: AddressSanitizer: heap-use-after-free on address 0x62500024200e at pc 0x55cd3c40c9aa bp 0x7ffd97112bf0 sp 0x7ffd971123a0