* [Bug 1918149] [NEW] qemu-user reports wrong fault_addr in signal handler
@ 2021-03-08 14:58 Leonardo
2021-03-11 18:45 ` [Bug 1918149] " Peter Maydell
` (2 more replies)
0 siblings, 3 replies; 4+ messages in thread
From: Leonardo @ 2021-03-08 14:58 UTC (permalink / raw)
To: qemu-devel
Public bug reported:
When a SEGV signal occurs and si_addr of the info struct is nil, qemu
still tries to translate the address from host to guest
(handle_cpu_signal in accel/tcg/user-exec.c). This means, that the
actual signal handler, will receive a fault_addr that is something like
0xffffffffbf709000.
I was able to get this to happen, by branching to a non canonical address on aarch64.
I used 5.2 (commit: 553032db17). However, building from source, this only seems to happen, if I use the same configure flags as the debian build:
../configure --static --target-list=aarch64-linux-user --disable-system
--enable-trace-backends=simple --disable-linux-io-uring --disable-pie
--extra-cflags="-fstack-protector-strong -Wformat -Werror=format-
security -Wdate-time -D_FORTIFY_SOURCE=2" --extra-ldflags="-Wl,-z,relro
-Wl,--as-needed"
Let me know, if you need more details.
** Affects: qemu
Importance: Undecided
Status: New
--
You received this bug notification because you are a member of qemu-
devel-ml, which is subscribed to QEMU.
https://bugs.launchpad.net/bugs/1918149
Title:
qemu-user reports wrong fault_addr in signal handler
Status in QEMU:
New
Bug description:
When a SEGV signal occurs and si_addr of the info struct is nil, qemu
still tries to translate the address from host to guest
(handle_cpu_signal in accel/tcg/user-exec.c). This means, that the
actual signal handler, will receive a fault_addr that is something
like 0xffffffffbf709000.
I was able to get this to happen, by branching to a non canonical address on aarch64.
I used 5.2 (commit: 553032db17). However, building from source, this only seems to happen, if I use the same configure flags as the debian build:
../configure --static --target-list=aarch64-linux-user --disable-
system --enable-trace-backends=simple --disable-linux-io-uring
--disable-pie --extra-cflags="-fstack-protector-strong -Wformat
-Werror=format-security -Wdate-time -D_FORTIFY_SOURCE=2" --extra-
ldflags="-Wl,-z,relro -Wl,--as-needed"
Let me know, if you need more details.
To manage notifications about this bug go to:
https://bugs.launchpad.net/qemu/+bug/1918149/+subscriptions
^ permalink raw reply [flat|nested] 4+ messages in thread* [Bug 1918149] Re: qemu-user reports wrong fault_addr in signal handler
2021-03-08 14:58 [Bug 1918149] [NEW] qemu-user reports wrong fault_addr in signal handler Leonardo
@ 2021-03-11 18:45 ` Peter Maydell
2021-05-14 18:49 ` Thomas Huth
2021-07-14 4:17 ` Launchpad Bug Tracker
2 siblings, 0 replies; 4+ messages in thread
From: Peter Maydell @ 2021-03-11 18:45 UTC (permalink / raw)
To: qemu-devel
** Tags added: linux-user
--
You received this bug notification because you are a member of qemu-
devel-ml, which is subscribed to QEMU.
https://bugs.launchpad.net/bugs/1918149
Title:
qemu-user reports wrong fault_addr in signal handler
Status in QEMU:
New
Bug description:
When a SEGV signal occurs and si_addr of the info struct is nil, qemu
still tries to translate the address from host to guest
(handle_cpu_signal in accel/tcg/user-exec.c). This means, that the
actual signal handler, will receive a fault_addr that is something
like 0xffffffffbf709000.
I was able to get this to happen, by branching to a non canonical address on aarch64.
I used 5.2 (commit: 553032db17). However, building from source, this only seems to happen, if I use the same configure flags as the debian build:
../configure --static --target-list=aarch64-linux-user --disable-
system --enable-trace-backends=simple --disable-linux-io-uring
--disable-pie --extra-cflags="-fstack-protector-strong -Wformat
-Werror=format-security -Wdate-time -D_FORTIFY_SOURCE=2" --extra-
ldflags="-Wl,-z,relro -Wl,--as-needed"
Let me know, if you need more details.
To manage notifications about this bug go to:
https://bugs.launchpad.net/qemu/+bug/1918149/+subscriptions
^ permalink raw reply [flat|nested] 4+ messages in thread
* [Bug 1918149] Re: qemu-user reports wrong fault_addr in signal handler
2021-03-08 14:58 [Bug 1918149] [NEW] qemu-user reports wrong fault_addr in signal handler Leonardo
2021-03-11 18:45 ` [Bug 1918149] " Peter Maydell
@ 2021-05-14 18:49 ` Thomas Huth
2021-07-14 4:17 ` Launchpad Bug Tracker
2 siblings, 0 replies; 4+ messages in thread
From: Thomas Huth @ 2021-05-14 18:49 UTC (permalink / raw)
To: qemu-devel
The QEMU project is currently moving its bug tracking to another system.
For this we need to know which bugs are still valid and which could be
closed already. Thus we are setting the bug state to "Incomplete" now.
If the bug has already been fixed in the latest upstream version of QEMU,
then please close this ticket as "Fix released".
If it is not fixed yet and you think that this bug report here is still
valid, then you have two options:
1) If you already have an account on gitlab.com, please open a new ticket
for this problem in our new tracker here:
https://gitlab.com/qemu-project/qemu/-/issues
and then close this ticket here on Launchpad (or let it expire auto-
matically after 60 days). Please mention the URL of this bug ticket on
Launchpad in the new ticket on GitLab.
2) If you don't have an account on gitlab.com and don't intend to get
one, but still would like to keep this ticket opened, then please switch
the state back to "New" or "Confirmed" within the next 60 days (other-
wise it will get closed as "Expired"). We will then eventually migrate
the ticket automatically to the new system (but you won't be the reporter
of the bug in the new system and thus you won't get notified on changes
anymore).
Thank you and sorry for the inconvenience.
** Changed in: qemu
Status: New => Incomplete
--
You received this bug notification because you are a member of qemu-
devel-ml, which is subscribed to QEMU.
https://bugs.launchpad.net/bugs/1918149
Title:
qemu-user reports wrong fault_addr in signal handler
Status in QEMU:
Incomplete
Bug description:
When a SEGV signal occurs and si_addr of the info struct is nil, qemu
still tries to translate the address from host to guest
(handle_cpu_signal in accel/tcg/user-exec.c). This means, that the
actual signal handler, will receive a fault_addr that is something
like 0xffffffffbf709000.
I was able to get this to happen, by branching to a non canonical address on aarch64.
I used 5.2 (commit: 553032db17). However, building from source, this only seems to happen, if I use the same configure flags as the debian build:
../configure --static --target-list=aarch64-linux-user --disable-
system --enable-trace-backends=simple --disable-linux-io-uring
--disable-pie --extra-cflags="-fstack-protector-strong -Wformat
-Werror=format-security -Wdate-time -D_FORTIFY_SOURCE=2" --extra-
ldflags="-Wl,-z,relro -Wl,--as-needed"
Let me know, if you need more details.
To manage notifications about this bug go to:
https://bugs.launchpad.net/qemu/+bug/1918149/+subscriptions
^ permalink raw reply [flat|nested] 4+ messages in thread* [Bug 1918149] Re: qemu-user reports wrong fault_addr in signal handler
2021-03-08 14:58 [Bug 1918149] [NEW] qemu-user reports wrong fault_addr in signal handler Leonardo
2021-03-11 18:45 ` [Bug 1918149] " Peter Maydell
2021-05-14 18:49 ` Thomas Huth
@ 2021-07-14 4:17 ` Launchpad Bug Tracker
2 siblings, 0 replies; 4+ messages in thread
From: Launchpad Bug Tracker @ 2021-07-14 4:17 UTC (permalink / raw)
To: qemu-devel
[Expired for QEMU because there has been no activity for 60 days.]
** Changed in: qemu
Status: Incomplete => Expired
--
You received this bug notification because you are a member of qemu-
devel-ml, which is subscribed to QEMU.
https://bugs.launchpad.net/bugs/1918149
Title:
qemu-user reports wrong fault_addr in signal handler
Status in QEMU:
Expired
Bug description:
When a SEGV signal occurs and si_addr of the info struct is nil, qemu
still tries to translate the address from host to guest
(handle_cpu_signal in accel/tcg/user-exec.c). This means, that the
actual signal handler, will receive a fault_addr that is something
like 0xffffffffbf709000.
I was able to get this to happen, by branching to a non canonical address on aarch64.
I used 5.2 (commit: 553032db17). However, building from source, this only seems to happen, if I use the same configure flags as the debian build:
../configure --static --target-list=aarch64-linux-user --disable-
system --enable-trace-backends=simple --disable-linux-io-uring
--disable-pie --extra-cflags="-fstack-protector-strong -Wformat
-Werror=format-security -Wdate-time -D_FORTIFY_SOURCE=2" --extra-
ldflags="-Wl,-z,relro -Wl,--as-needed"
Let me know, if you need more details.
To manage notifications about this bug go to:
https://bugs.launchpad.net/qemu/+bug/1918149/+subscriptions
^ permalink raw reply [flat|nested] 4+ messages in thread
end of thread, other threads:[~2021-07-14 4:30 UTC | newest]
Thread overview: 4+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2021-03-08 14:58 [Bug 1918149] [NEW] qemu-user reports wrong fault_addr in signal handler Leonardo
2021-03-11 18:45 ` [Bug 1918149] " Peter Maydell
2021-05-14 18:49 ` Thomas Huth
2021-07-14 4:17 ` Launchpad Bug Tracker
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.