* [Qemu-devel] [Bug 1804678] [NEW] qemu-3.1.0-rc0: mips emulation hangs when executing invalid instructions
@ 2018-11-22 16:26 Alberto Ortega
2018-12-05 11:33 ` [Qemu-devel] [Bug 1804678] " Alex Bennée
` (2 more replies)
0 siblings, 3 replies; 4+ messages in thread
From: Alberto Ortega @ 2018-11-22 16:26 UTC (permalink / raw)
To: qemu-devel
Public bug reported:
QEMU version:
-------------
qemu-3.1.0-rc0 compiled from sources (earlier versions also affected)
Summary:
--------
QEMU MIPS system emulation hangs when trying to execute the following
invalid instructions:
71c5a9bf sdbbp 0x716a6
2c4745aa sltiu a3, v0, 0x45aa
f47539fb sdc1 f21, 0x39fb(v1)
5fa5e284 invalid
qemu-system-mips falls under an infinite loop condition and it needs to
be ended.
The issue has been reproduced in Ubuntu x64 host running Debian MIPS
32-bits guest with the following command line:
qemu-system-mips -M malta -kernel vmlinux-3.2.0-4-4kc-malta -hda
debian_wheezy_mips_standard.qcow2 -append "root=/dev/sda1 console=tty0"
It can also be reproduced using mips-linux-user, in which case throws
the following exception:
qemu-mips mips_loop_static.elf
qemu: unhandled CPU exception 0x10 - aborting
pc=0x004a9da0 HI=0x00000003 LO=0x00000002 ds 00e2 004a9da0 0
GPR00: r0 00000000 at fffffff8 v0 004a9da0 v1 004ad000
GPR04: a0 00000001 a1 7fffefc4 a2 7fffefcc a3 00000000
GPR08: t0 004ab854 t1 0ffffffe t2 81010100 t3 2f2f2f2f
GPR12: t4 7ffff1ad t5 004ab090 t6 004ab06c t7 004ab07c
GPR16: s0 00000000 s1 452ac505 s2 00400db4 s3 00400d38
GPR20: s4 00000000 s5 00000000 s6 00000000 s7 00000000
GPR24: t8 004ab0a8 t9 004a9da0 k0 00000000 k1 00000000
GPR28: gp 004b25a0 sp 7fffeec0 s8 7fffeec0 ra 0040041c
CP0 Status 0x24000010 Cause 0x00000000 EPC 0x00000000
Config0 0x80008482 Config1 0x9e190c8f LLAddr 0xffffffffffffffff
Config2 0x80000000 Config3 0x00000000
Config4 0x00000000 Config5 0x00000000
qemu:handle_cpu_signal received signal outside vCPU context @ pc=0x602dbad8
Testcase:
---------
C program to reproduce the problem:
unsigned char code[] = "\x71\xC5\xA9\xBF\x2C\x47\x45\xAA\xF4\x75\x39\xFB\x5F\xA5\xE2\x84";
main()
{
int (*ret)() = (int(*)())code;
ret();
}
Also, find a statically compiled ELF attached.
** Affects: qemu
Importance: Undecided
Status: New
** Attachment added: "mips_loop_static.elf"
https://bugs.launchpad.net/bugs/1804678/+attachment/5215344/+files/mips_loop_static.elf
--
You received this bug notification because you are a member of qemu-
devel-ml, which is subscribed to QEMU.
https://bugs.launchpad.net/bugs/1804678
Title:
qemu-3.1.0-rc0: mips emulation hangs when executing invalid
instructions
Status in QEMU:
New
Bug description:
QEMU version:
-------------
qemu-3.1.0-rc0 compiled from sources (earlier versions also affected)
Summary:
--------
QEMU MIPS system emulation hangs when trying to execute the following
invalid instructions:
71c5a9bf sdbbp 0x716a6
2c4745aa sltiu a3, v0, 0x45aa
f47539fb sdc1 f21, 0x39fb(v1)
5fa5e284 invalid
qemu-system-mips falls under an infinite loop condition and it needs
to be ended.
The issue has been reproduced in Ubuntu x64 host running Debian MIPS
32-bits guest with the following command line:
qemu-system-mips -M malta -kernel vmlinux-3.2.0-4-4kc-malta -hda
debian_wheezy_mips_standard.qcow2 -append "root=/dev/sda1
console=tty0"
It can also be reproduced using mips-linux-user, in which case throws
the following exception:
qemu-mips mips_loop_static.elf
qemu: unhandled CPU exception 0x10 - aborting
pc=0x004a9da0 HI=0x00000003 LO=0x00000002 ds 00e2 004a9da0 0
GPR00: r0 00000000 at fffffff8 v0 004a9da0 v1 004ad000
GPR04: a0 00000001 a1 7fffefc4 a2 7fffefcc a3 00000000
GPR08: t0 004ab854 t1 0ffffffe t2 81010100 t3 2f2f2f2f
GPR12: t4 7ffff1ad t5 004ab090 t6 004ab06c t7 004ab07c
GPR16: s0 00000000 s1 452ac505 s2 00400db4 s3 00400d38
GPR20: s4 00000000 s5 00000000 s6 00000000 s7 00000000
GPR24: t8 004ab0a8 t9 004a9da0 k0 00000000 k1 00000000
GPR28: gp 004b25a0 sp 7fffeec0 s8 7fffeec0 ra 0040041c
CP0 Status 0x24000010 Cause 0x00000000 EPC 0x00000000
Config0 0x80008482 Config1 0x9e190c8f LLAddr 0xffffffffffffffff
Config2 0x80000000 Config3 0x00000000
Config4 0x00000000 Config5 0x00000000
qemu:handle_cpu_signal received signal outside vCPU context @ pc=0x602dbad8
Testcase:
---------
C program to reproduce the problem:
unsigned char code[] = "\x71\xC5\xA9\xBF\x2C\x47\x45\xAA\xF4\x75\x39\xFB\x5F\xA5\xE2\x84";
main()
{
int (*ret)() = (int(*)())code;
ret();
}
Also, find a statically compiled ELF attached.
To manage notifications about this bug go to:
https://bugs.launchpad.net/qemu/+bug/1804678/+subscriptions
^ permalink raw reply [flat|nested] 4+ messages in thread
* [Qemu-devel] [Bug 1804678] Re: qemu-3.1.0-rc0: mips emulation hangs when executing invalid instructions
2018-11-22 16:26 [Qemu-devel] [Bug 1804678] [NEW] qemu-3.1.0-rc0: mips emulation hangs when executing invalid instructions Alberto Ortega
@ 2018-12-05 11:33 ` Alex Bennée
2019-04-23 22:50 ` Philippe Mathieu-Daudé
2021-05-09 15:57 ` Philippe Mathieu-Daudé
2 siblings, 0 replies; 4+ messages in thread
From: Alex Bennée @ 2018-12-05 11:33 UTC (permalink / raw)
To: qemu-devel
** Tags added: mips
--
You received this bug notification because you are a member of qemu-
devel-ml, which is subscribed to QEMU.
https://bugs.launchpad.net/bugs/1804678
Title:
qemu-3.1.0-rc0: mips emulation hangs when executing invalid
instructions
Status in QEMU:
New
Bug description:
QEMU version:
-------------
qemu-3.1.0-rc0 compiled from sources (earlier versions also affected)
Summary:
--------
QEMU MIPS system emulation hangs when trying to execute the following
invalid instructions:
71c5a9bf sdbbp 0x716a6
2c4745aa sltiu a3, v0, 0x45aa
f47539fb sdc1 f21, 0x39fb(v1)
5fa5e284 invalid
qemu-system-mips falls under an infinite loop condition and it needs
to be ended.
The issue has been reproduced in Ubuntu x64 host running Debian MIPS
32-bits guest with the following command line:
qemu-system-mips -M malta -kernel vmlinux-3.2.0-4-4kc-malta -hda
debian_wheezy_mips_standard.qcow2 -append "root=/dev/sda1
console=tty0"
It can also be reproduced using mips-linux-user, in which case throws
the following exception:
qemu-mips mips_loop_static.elf
qemu: unhandled CPU exception 0x10 - aborting
pc=0x004a9da0 HI=0x00000003 LO=0x00000002 ds 00e2 004a9da0 0
GPR00: r0 00000000 at fffffff8 v0 004a9da0 v1 004ad000
GPR04: a0 00000001 a1 7fffefc4 a2 7fffefcc a3 00000000
GPR08: t0 004ab854 t1 0ffffffe t2 81010100 t3 2f2f2f2f
GPR12: t4 7ffff1ad t5 004ab090 t6 004ab06c t7 004ab07c
GPR16: s0 00000000 s1 452ac505 s2 00400db4 s3 00400d38
GPR20: s4 00000000 s5 00000000 s6 00000000 s7 00000000
GPR24: t8 004ab0a8 t9 004a9da0 k0 00000000 k1 00000000
GPR28: gp 004b25a0 sp 7fffeec0 s8 7fffeec0 ra 0040041c
CP0 Status 0x24000010 Cause 0x00000000 EPC 0x00000000
Config0 0x80008482 Config1 0x9e190c8f LLAddr 0xffffffffffffffff
Config2 0x80000000 Config3 0x00000000
Config4 0x00000000 Config5 0x00000000
qemu:handle_cpu_signal received signal outside vCPU context @ pc=0x602dbad8
Testcase:
---------
C program to reproduce the problem:
unsigned char code[] = "\x71\xC5\xA9\xBF\x2C\x47\x45\xAA\xF4\x75\x39\xFB\x5F\xA5\xE2\x84";
main()
{
int (*ret)() = (int(*)())code;
ret();
}
Also, find a statically compiled ELF attached.
To manage notifications about this bug go to:
https://bugs.launchpad.net/qemu/+bug/1804678/+subscriptions
^ permalink raw reply [flat|nested] 4+ messages in thread
* [Qemu-devel] [Bug 1804678] Re: qemu-3.1.0-rc0: mips emulation hangs when executing invalid instructions
2018-11-22 16:26 [Qemu-devel] [Bug 1804678] [NEW] qemu-3.1.0-rc0: mips emulation hangs when executing invalid instructions Alberto Ortega
2018-12-05 11:33 ` [Qemu-devel] [Bug 1804678] " Alex Bennée
@ 2019-04-23 22:50 ` Philippe Mathieu-Daudé
2021-05-09 15:57 ` Philippe Mathieu-Daudé
2 siblings, 0 replies; 4+ messages in thread
From: Philippe Mathieu-Daudé @ 2019-04-23 22:50 UTC (permalink / raw)
To: qemu-devel
** Changed in: qemu
Status: New => Confirmed
--
You received this bug notification because you are a member of qemu-
devel-ml, which is subscribed to QEMU.
https://bugs.launchpad.net/bugs/1804678
Title:
qemu-3.1.0-rc0: mips emulation hangs when executing invalid
instructions
Status in QEMU:
Confirmed
Bug description:
QEMU version:
-------------
qemu-3.1.0-rc0 compiled from sources (earlier versions also affected)
Summary:
--------
QEMU MIPS system emulation hangs when trying to execute the following
invalid instructions:
71c5a9bf sdbbp 0x716a6
2c4745aa sltiu a3, v0, 0x45aa
f47539fb sdc1 f21, 0x39fb(v1)
5fa5e284 invalid
qemu-system-mips falls under an infinite loop condition and it needs
to be ended.
The issue has been reproduced in Ubuntu x64 host running Debian MIPS
32-bits guest with the following command line:
qemu-system-mips -M malta -kernel vmlinux-3.2.0-4-4kc-malta -hda
debian_wheezy_mips_standard.qcow2 -append "root=/dev/sda1
console=tty0"
It can also be reproduced using mips-linux-user, in which case throws
the following exception:
qemu-mips mips_loop_static.elf
qemu: unhandled CPU exception 0x10 - aborting
pc=0x004a9da0 HI=0x00000003 LO=0x00000002 ds 00e2 004a9da0 0
GPR00: r0 00000000 at fffffff8 v0 004a9da0 v1 004ad000
GPR04: a0 00000001 a1 7fffefc4 a2 7fffefcc a3 00000000
GPR08: t0 004ab854 t1 0ffffffe t2 81010100 t3 2f2f2f2f
GPR12: t4 7ffff1ad t5 004ab090 t6 004ab06c t7 004ab07c
GPR16: s0 00000000 s1 452ac505 s2 00400db4 s3 00400d38
GPR20: s4 00000000 s5 00000000 s6 00000000 s7 00000000
GPR24: t8 004ab0a8 t9 004a9da0 k0 00000000 k1 00000000
GPR28: gp 004b25a0 sp 7fffeec0 s8 7fffeec0 ra 0040041c
CP0 Status 0x24000010 Cause 0x00000000 EPC 0x00000000
Config0 0x80008482 Config1 0x9e190c8f LLAddr 0xffffffffffffffff
Config2 0x80000000 Config3 0x00000000
Config4 0x00000000 Config5 0x00000000
qemu:handle_cpu_signal received signal outside vCPU context @ pc=0x602dbad8
Testcase:
---------
C program to reproduce the problem:
unsigned char code[] = "\x71\xC5\xA9\xBF\x2C\x47\x45\xAA\xF4\x75\x39\xFB\x5F\xA5\xE2\x84";
main()
{
int (*ret)() = (int(*)())code;
ret();
}
Also, find a statically compiled ELF attached.
To manage notifications about this bug go to:
https://bugs.launchpad.net/qemu/+bug/1804678/+subscriptions
^ permalink raw reply [flat|nested] 4+ messages in thread
* [Bug 1804678] Re: qemu-3.1.0-rc0: mips emulation hangs when executing invalid instructions
2018-11-22 16:26 [Qemu-devel] [Bug 1804678] [NEW] qemu-3.1.0-rc0: mips emulation hangs when executing invalid instructions Alberto Ortega
2018-12-05 11:33 ` [Qemu-devel] [Bug 1804678] " Alex Bennée
2019-04-23 22:50 ` Philippe Mathieu-Daudé
@ 2021-05-09 15:57 ` Philippe Mathieu-Daudé
2 siblings, 0 replies; 4+ messages in thread
From: Philippe Mathieu-Daudé @ 2021-05-09 15:57 UTC (permalink / raw)
To: qemu-devel
This is an automated cleanup. This bug report has been moved to QEMU's
new bug tracker on gitlab.com and thus gets marked as 'invalid' now.
Please continue with the discussion here:
https://gitlab.com/qemu-project/qemu/-/issues/240
** Changed in: qemu
Status: Confirmed => Invalid
** Bug watch added: gitlab.com/qemu-project/qemu/-/issues #240
https://gitlab.com/qemu-project/qemu/-/issues/240
--
You received this bug notification because you are a member of qemu-
devel-ml, which is subscribed to QEMU.
https://bugs.launchpad.net/bugs/1804678
Title:
qemu-3.1.0-rc0: mips emulation hangs when executing invalid
instructions
Status in QEMU:
Invalid
Bug description:
QEMU version:
-------------
qemu-3.1.0-rc0 compiled from sources (earlier versions also affected)
Summary:
--------
QEMU MIPS system emulation hangs when trying to execute the following
invalid instructions:
71c5a9bf sdbbp 0x716a6
2c4745aa sltiu a3, v0, 0x45aa
f47539fb sdc1 f21, 0x39fb(v1)
5fa5e284 invalid
qemu-system-mips falls under an infinite loop condition and it needs
to be ended.
The issue has been reproduced in Ubuntu x64 host running Debian MIPS
32-bits guest with the following command line:
qemu-system-mips -M malta -kernel vmlinux-3.2.0-4-4kc-malta -hda
debian_wheezy_mips_standard.qcow2 -append "root=/dev/sda1
console=tty0"
It can also be reproduced using mips-linux-user, in which case throws
the following exception:
qemu-mips mips_loop_static.elf
qemu: unhandled CPU exception 0x10 - aborting
pc=0x004a9da0 HI=0x00000003 LO=0x00000002 ds 00e2 004a9da0 0
GPR00: r0 00000000 at fffffff8 v0 004a9da0 v1 004ad000
GPR04: a0 00000001 a1 7fffefc4 a2 7fffefcc a3 00000000
GPR08: t0 004ab854 t1 0ffffffe t2 81010100 t3 2f2f2f2f
GPR12: t4 7ffff1ad t5 004ab090 t6 004ab06c t7 004ab07c
GPR16: s0 00000000 s1 452ac505 s2 00400db4 s3 00400d38
GPR20: s4 00000000 s5 00000000 s6 00000000 s7 00000000
GPR24: t8 004ab0a8 t9 004a9da0 k0 00000000 k1 00000000
GPR28: gp 004b25a0 sp 7fffeec0 s8 7fffeec0 ra 0040041c
CP0 Status 0x24000010 Cause 0x00000000 EPC 0x00000000
Config0 0x80008482 Config1 0x9e190c8f LLAddr 0xffffffffffffffff
Config2 0x80000000 Config3 0x00000000
Config4 0x00000000 Config5 0x00000000
qemu:handle_cpu_signal received signal outside vCPU context @ pc=0x602dbad8
Testcase:
---------
C program to reproduce the problem:
unsigned char code[] = "\x71\xC5\xA9\xBF\x2C\x47\x45\xAA\xF4\x75\x39\xFB\x5F\xA5\xE2\x84";
main()
{
int (*ret)() = (int(*)())code;
ret();
}
Also, find a statically compiled ELF attached.
To manage notifications about this bug go to:
https://bugs.launchpad.net/qemu/+bug/1804678/+subscriptions
^ permalink raw reply [flat|nested] 4+ messages in thread
end of thread, other threads:[~2021-05-09 16:08 UTC | newest]
Thread overview: 4+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2018-11-22 16:26 [Qemu-devel] [Bug 1804678] [NEW] qemu-3.1.0-rc0: mips emulation hangs when executing invalid instructions Alberto Ortega
2018-12-05 11:33 ` [Qemu-devel] [Bug 1804678] " Alex Bennée
2019-04-23 22:50 ` Philippe Mathieu-Daudé
2021-05-09 15:57 ` Philippe Mathieu-Daudé
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.