QEMU

Segfault in cpu_physical_memory_set_dirty_range on hppa + artist

Bug #1890311 reported by Alexander Bulekov on 2020-08-04

This bug affects 1 person

Affects		Status	Importance	Assigned to	Milestone
	QEMU	Fix Released	Undecided	Helge Deller

Bug Description

Hello,
Reproducer:

cat << EOF | ./hppa-softmmu/qemu-system-hppa -m 64 -display none \
-qtest stdio -accel qtest
writeq 0xf810049f 0x85000000000000
writew 0xf8118001 0x14
writeq 0xf81005fb 0x5c00006418001832
EOF

AddressSanitizer:DEADLYSIGNAL
=================================================================
==10793==ERROR: AddressSanitizer: SEGV on unknown address 0x7f93dbb40000 (pc 0x5577f5523078 bp 0x7ffd41ad6360 sp 0x7ffd41ad5fd0 T0)
==10793==The signal is caused by a READ memory access.

    #0 0x5577f5523078 in block_move /hw/display/artist.c:525:13
    #1 0x5577f5515fbc in artist_reg_write /hw/display/artist.c:964:9
    #2 0x5577f4c077a3 in memory_region_write_accessor /softmmu/memory.c:483:5
    #3 0x5577f4c06adc in access_with_adjusted_size /softmmu/memory.c:539:18
    #4 0x5577f4c04873 in memory_region_dispatch_write /softmmu/memory.c:1466:16
    #5 0x5577f42b2056 in flatview_write_continue /exec.c:3176:23
    #6 0x5577f429a866 in flatview_write /exec.c:3216:14
    #7 0x5577f429a387 in address_space_write /exec.c:3308:18
    #8 0x5577f4cae604 in qtest_process_command /softmmu/qtest.c:452:13
    #9 0x5577f4ca5c08 in qtest_process_inbuf /softmmu/qtest.c:710:9
    #10 0x5577f4ca4895 in qtest_read /softmmu/qtest.c:722:5
    #11 0x5577f7160c43 in qemu_chr_be_write_impl /chardev/char.c:188:9
    #12 0x5577f7160dc7 in qemu_chr_be_write /chardev/char.c:200:9
    #13 0x5577f71750b3 in fd_chr_read /chardev/char-fd.c:68:9
    #14 0x5577f72c9474 in qio_channel_fd_source_dispatch /io/channel-watch.c:84:12
    #15 0x7f93ea531897 in g_main_context_dispatch (/usr/lib/x86_64-linux-gnu/libglib-2.0.so.0+0x4e897)
    #16 0x5577f76c137b in glib_pollfds_poll /util/main-loop.c:217:9
    #17 0x5577f76beaab in os_host_main_loop_wait /util/main-loop.c:240:5
    #18 0x5577f76be444 in main_loop_wait /util/main-loop.c:516:11
    #19 0x5577f4cc6d00 in qemu_main_loop /softmmu/vl.c:1676:9
    #20 0x5577f7301261 in main /softmmu/main.c:49:5
    #21 0x7f93e90b7e0a in __libc_start_main /build/glibc-GwnBeO/glibc-2.30/csu/../csu/libc-start.c:308:16
    #22 0x5577f41a5729 in _start (/home/alxndr/Development/qemu/general-fuzz/build/hppa-softmmu/qemu-system-hppa+0x22d4729)

AddressSanitizer can not provide additional info.
SUMMARY: AddressSanitizer: SEGV /hw/display/artist.c:525:13 in block_move
==10793==ABORTING

The error occurs even with Message-Id: <email address hidden> applied (I collected the above trace with the patch-set applied)

Thanks
-Alex

Helge Deller (hdeller) on 2020-08-04

Changed in qemu:
assignee:	nobody → Helge Deller (hdeller)

Revision history for this message

Thomas Huth (th-huth) wrote on 2020-12-10:

Fixed in commit a501bfc91763d4642390090dd4e6039d67b63702

Changed in qemu:
status:	New → Fix Released

Report a bug

This report contains Public information

Everyone can see this information.

You are

Subscribing...

Edit bug mail

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.