[Bug 1909392] [NEW] qemu-arm crashes (SIGSEGV) when executing push instruction

[Bug 1909392] [NEW] qemu-arm crashes (SIGSEGV) when executing push instruction

[Pawel Juszczyk]

Public bug reported:

Dear all,
I am afraid I found a problem, it seems like qemu-arm crashes when executing assembly push instruction.
I use qemu version 5.2.0, but it checked an older version (4.2.1) and the problem was also present. I start qemu using "qemu-arm -cpu cortex-m4 -singlestep -g 1234 <path to elf file>"
Callstack before crash (host)
#0  0x000055555575961f in stl_he_p (ptr=0x2002fffc, v=0) at /home/faust1002/Programming/qemu/qemu-5.2.0/include/qemu/bswap.h:353
#1  0x0000555555759716 in stl_le_p (ptr=0x2002fffc, v=0) at /home/faust1002/Programming/qemu/qemu-5.2.0/include/qemu/bswap.h:395
#2  0x000055555575d3c3 in tcg_qemu_tb_exec (env=0x555555d28050, tb_ptr=0x7fffe800010a "\r\b") at ../tcg/tci.c:1221
#3  0x00005555556bd982 in cpu_tb_exec (cpu=0x555555d1fd70, itb=0x7fffe8000000) at ../accel/tcg/cpu-exec.c:178
#4  0x00005555556be57e in cpu_loop_exec_tb (cpu=0x555555d1fd70, tb=0x7fffe8000000, last_tb=0x7fffffffd8a8, tb_exit=0x7fffffffd8a0) at ../accel/tcg/cpu-exec.c:658
#5  0x00005555556be7ea in cpu_exec (cpu=0x555555d1fd70) at ../accel/tcg/cpu-exec.c:771
#6  0x000055555560af1d in cpu_loop (env=0x555555d28050) at ../linux-user/arm/cpu_loop.c:237
#7  0x00005555557415a7 in main (argc=7, argv=0x7fffffffe0f8, envp=0x7fffffffe138) at ../linux-user/main.c:861
Callstack before crash (target)
Program received signal SIGSEGV, Segmentation fault.
Reset_Handler () at startup.s:48
48        push {r14}
Please find the elf file I use attached.
Kind regards

** Affects: qemu
     Importance: Undecided
         Status: New

** Attachment added: "test_binary.elf"
   https://bugs.launchpad.net/bugs/1909392/+attachment/5447174/+files/test_binary.elf

-- 
You received this bug notification because you are a member of qemu-
devel-ml, which is subscribed to QEMU.
https://bugs.launchpad.net/bugs/1909392

Title:
  qemu-arm crashes (SIGSEGV) when executing push instruction

Status in QEMU:
  New

Bug description:
  Dear all,
  I am afraid I found a problem, it seems like qemu-arm crashes when executing assembly push instruction.
  I use qemu version 5.2.0, but it checked an older version (4.2.1) and the problem was also present. I start qemu using "qemu-arm -cpu cortex-m4 -singlestep -g 1234 <path to elf file>"
  Callstack before crash (host)
  #0  0x000055555575961f in stl_he_p (ptr=0x2002fffc, v=0) at /home/faust1002/Programming/qemu/qemu-5.2.0/include/qemu/bswap.h:353
  #1  0x0000555555759716 in stl_le_p (ptr=0x2002fffc, v=0) at /home/faust1002/Programming/qemu/qemu-5.2.0/include/qemu/bswap.h:395
  #2  0x000055555575d3c3 in tcg_qemu_tb_exec (env=0x555555d28050, tb_ptr=0x7fffe800010a "\r\b") at ../tcg/tci.c:1221
  #3  0x00005555556bd982 in cpu_tb_exec (cpu=0x555555d1fd70, itb=0x7fffe8000000) at ../accel/tcg/cpu-exec.c:178
  #4  0x00005555556be57e in cpu_loop_exec_tb (cpu=0x555555d1fd70, tb=0x7fffe8000000, last_tb=0x7fffffffd8a8, tb_exit=0x7fffffffd8a0) at ../accel/tcg/cpu-exec.c:658
  #5  0x00005555556be7ea in cpu_exec (cpu=0x555555d1fd70) at ../accel/tcg/cpu-exec.c:771
  #6  0x000055555560af1d in cpu_loop (env=0x555555d28050) at ../linux-user/arm/cpu_loop.c:237
  #7  0x00005555557415a7 in main (argc=7, argv=0x7fffffffe0f8, envp=0x7fffffffe138) at ../linux-user/main.c:861
  Callstack before crash (target)
  Program received signal SIGSEGV, Segmentation fault.
  Reset_Handler () at startup.s:48
  48        push {r14}
  Please find the elf file I use attached.
  Kind regards

To manage notifications about this bug go to:
https://bugs.launchpad.net/qemu/+bug/1909392/+subscriptions

[Bug 1909392] Re: qemu-arm crashes (SIGSEGV) when executing push instruction

[Richard Henderson]

The program is buggy.

The first instruction sets the stack to 0x20020000,
but that address is not mapped.

Program Headers:
  Type           Offset   VirtAddr   PhysAddr   FileSiz MemSiz  Flg Align
  LOAD           0x010000 0x08000000 0x08000000 0x0025c 0x0025c R E 0x10000
  LOAD           0x020000 0x20000000 0x0800025c 0x00000 0x00600 RW  0x10000

The data segment only goes from 0x20000000 - 0x20000600.

** Changed in: qemu
       Status: New => Invalid

-- 
You received this bug notification because you are a member of qemu-
devel-ml, which is subscribed to QEMU.
https://bugs.launchpad.net/bugs/1909392

Title:
  qemu-arm crashes (SIGSEGV) when executing push instruction

Status in QEMU:
  Invalid

Bug description:
  Dear all,
  I am afraid I found a problem, it seems like qemu-arm crashes when executing assembly push instruction.
  I use qemu version 5.2.0, but it checked an older version (4.2.1) and the problem was also present. I start qemu using "qemu-arm -cpu cortex-m4 -singlestep -g 1234 <path to elf file>"
  Callstack before crash (host)
  #0  0x000055555575961f in stl_he_p (ptr=0x2002fffc, v=0) at /home/faust1002/Programming/qemu/qemu-5.2.0/include/qemu/bswap.h:353
  #1  0x0000555555759716 in stl_le_p (ptr=0x2002fffc, v=0) at /home/faust1002/Programming/qemu/qemu-5.2.0/include/qemu/bswap.h:395
  #2  0x000055555575d3c3 in tcg_qemu_tb_exec (env=0x555555d28050, tb_ptr=0x7fffe800010a "\r\b") at ../tcg/tci.c:1221
  #3  0x00005555556bd982 in cpu_tb_exec (cpu=0x555555d1fd70, itb=0x7fffe8000000) at ../accel/tcg/cpu-exec.c:178
  #4  0x00005555556be57e in cpu_loop_exec_tb (cpu=0x555555d1fd70, tb=0x7fffe8000000, last_tb=0x7fffffffd8a8, tb_exit=0x7fffffffd8a0) at ../accel/tcg/cpu-exec.c:658
  #5  0x00005555556be7ea in cpu_exec (cpu=0x555555d1fd70) at ../accel/tcg/cpu-exec.c:771
  #6  0x000055555560af1d in cpu_loop (env=0x555555d28050) at ../linux-user/arm/cpu_loop.c:237
  #7  0x00005555557415a7 in main (argc=7, argv=0x7fffffffe0f8, envp=0x7fffffffe138) at ../linux-user/main.c:861
  Callstack before crash (target)
  Program received signal SIGSEGV, Segmentation fault.
  Reset_Handler () at startup.s:48
  48        push {r14}
  Please find the elf file I use attached.
  Kind regards

To manage notifications about this bug go to:
https://bugs.launchpad.net/qemu/+bug/1909392/+subscriptions