* [Bug 1913923] [NEW] assert issue locates in hw/net/vmxnet3.c:1793:vmxnet3_io_bar1_write: code should not be reach
@ 2021-01-31 4:29 Gaoning Pan
2021-02-01 7:47 ` Philippe Mathieu-Daudé
2021-05-14 19:29 ` [Bug 1913923] " Thomas Huth
0 siblings, 2 replies; 4+ messages in thread
From: Gaoning Pan @ 2021-01-31 4:29 UTC (permalink / raw)
To: qemu-devel
Public bug reported:
Hello,
I found an assertion failure in hw/net/vmxnet3.c:1793
This was found in latest version 5.2.0.
my reproduced is as follows:
cat << EOF | ./qemu-system-x86_64 \
-device vmxnet3 \
-display none -nodefaults -qtest stdio
outl 0xcf8 0x80001014
outl 0xcfc 0xf0001000
outl 0xcf8 0x80001018
outl 0xcf8 0x80001004
outw 0xcfc 0x7
writel 0x5c000 0xbabefee1
writel 0x5c028 0x5d000
writel 0x5c03c 0x01010101
writel 0x5d038 0xe0000000
writel 0xf0001038 1
EOF
Backtrace is as follows:
#0 0x00007f6f641a5f47 in __GI_raise (sig=sig@entry=6) at ../sysdeps/unix/sysv/linux/raise.c:51
#1 0x00007f6f641a78b1 in __GI_abort () at abort.c:79
#2 0x00007f6f67922315 in g_assertion_message () at /usr/lib/x86_64-linux-gnu/libglib-2.0.so.0
#3 0x00007f6f6792237a in g_assertion_message_expr () at /usr/lib/x86_64-linux-gnu/libglib-2.0.so.0
#4 0x000055edcaec96af in vmxnet3_io_bar1_write (opaque=0x628000004100, addr=56, val=1, size=4) at ../hw/net/vmxnet3.c:1793
#5 0x000055edcbd294c6 in memory_region_write_accessor (mr=0x628000006b00, addr=56, value=0x7fffd52ba848, size=4, shift=0, mask=4294967295, attrs=...) at ../softmmu/memory.c:491
#6 0x000055edcbd299be in access_with_adjusted_size (addr=56, value=0x7fffd52ba848, size=4, access_size_min=4, access_size_max=4, access_fn=0x55edcbd2918c <memory_region_write_accessor>, mr=0x628000006b00, attrs=...) at ../softmmu/memory.c:552
#7 0x000055edcbd35ef2 in memory_region_dispatch_write (mr=0x628000006b00, addr=56, data=1, op=MO_32, attrs=...) at ../softmmu/memory.c:1501
#8 0x000055edcba1e554 in flatview_write_continue (fv=0x6060000619a0, addr=4026535992, attrs=..., ptr=0x7fffd52bae80, len=4, addr1=56, l=4, mr=0x628000006b00) at ../softmmu/physmem.c:2759
#9 0x000055edcba1e8c5 in flatview_write (fv=0x6060000619a0, addr=4026535992, attrs=..., buf=0x7fffd52bae80, len=4) at ../softmmu/physmem.c:2799
#10 0x000055edcba1f391 in address_space_write (as=0x608000002620, addr=4026535992, attrs=..., buf=0x7fffd52bae80, len=4) at ../softmmu/physmem.c:2891
#11 0x000055edcbaff8d3 in qtest_process_command (chr=0x55edd03ff4a0 <qtest_chr>, words=0x60300007f450) at ../softmmu/qtest.c:534
#12 0x000055edcbb04aa1 in qtest_process_inbuf (chr=0x55edd03ff4a0 <qtest_chr>, inbuf=0x61900000fd00) at ../softmmu/qtest.c:797
#13 0x000055edcbb04bcc in qtest_read (opaque=0x55edd03ff4a0 <qtest_chr>, buf=0x7fffd52bbe30 "outl 0xcf8 0x80001014\noutl 0xcfc 0xf0001000\noutl 0xcf8 0x80001018\noutl 0xcf8 0x80001004\noutw 0xcfc 0x7\nwritel 0x5c000 0xbabefee1\nwritel 0x5c028 0x5d000\nwritel 0x5c03c 0x01010101\nwritel 0x5d038 0xe0000"..., size=225) at ../softmmu/qtest.c:809
#14 0x000055edcbe73742 in qemu_chr_be_write_impl (s=0x60f000002110, buf=0x7fffd52bbe30 "outl 0xcf8 0x80001014\noutl 0xcfc 0xf0001000\noutl 0xcf8 0x80001018\noutl 0xcf8 0x80001004\noutw 0xcfc 0x7\nwritel 0x5c000 0xbabefee1\nwritel 0x5c028 0x5d000\nwritel 0x5c03c 0x01010101\nwritel 0x5d038 0xe0000"..., len=225) at ../chardev/char.c:201
#15 0x000055edcbe73820 in qemu_chr_be_write (s=0x60f000002110, buf=0x7fffd52bbe30 "outl 0xcf8 0x80001014\noutl 0xcfc 0xf0001000\noutl 0xcf8 0x80001018\noutl 0xcf8 0x80001004\noutw 0xcfc 0x7\nwritel 0x5c000 0xbabefee1\nwritel 0x5c028 0x5d000\nwritel 0x5c03c 0x01010101\nwritel 0x5d038 0xe0000"..., len=225) at ../chardev/char.c:213
#16 0x000055edcbe9188e in fd_chr_read (chan=0x608000002520, cond=(G_IO_IN | G_IO_HUP), opaque=0x60f000002110) at ../chardev/char-fd.c:68
#17 0x000055edcbe2379d in qio_channel_fd_source_dispatch (source=0x60c000025c00, callback=0x55edcbe915ac <fd_chr_read>, user_data=0x60f000002110) at ../io/channel-watch.c:84
#18 0x00007f6f678fb285 in g_main_context_dispatch () at /usr/lib/x86_64-linux-gnu/libglib-2.0.so.0
#19 0x000055edcc50b503 in glib_pollfds_poll () at ../util/main-loop.c:221
#20 0x000055edcc50b68b in os_host_main_loop_wait (timeout=0) at ../util/main-loop.c:244
#21 0x000055edcc50b9a5 in main_loop_wait (nonblocking=0) at ../util/main-loop.c:520
#22 0x000055edcbd8805b in qemu_main_loop () at ../softmmu/vl.c:1678
#23 0x000055edcab67e69 in main (argc=8, argv=0x7fffd52bd1d8, envp=0x7fffd52bd220) at ../softmmu/main.c:50
#24 0x00007f6f64188b97 in __libc_start_main (main=0x55edcab67e2a <main>, argc=8, argv=0x7fffd52bd1d8, init=<optimized out>, fini=<optimized out>, rtld_fini=<optimized out>, stack_end=0x7fffd52bd1c8) at ../csu/libc-start.c:310
#25 0x000055edcab67d4a in _start ()
** Affects: qemu
Importance: Undecided
Status: New
** Summary changed:
- assert issue locates in hw/net/vmxnet3.c:1793:vmxnet3_io_bar1_write: code should not be reache
+ assert issue locates in hw/net/vmxnet3.c:1793:vmxnet3_io_bar1_write: code should not be reach
--
You received this bug notification because you are a member of qemu-
devel-ml, which is subscribed to QEMU.
https://bugs.launchpad.net/bugs/1913923
Title:
assert issue locates in hw/net/vmxnet3.c:1793:vmxnet3_io_bar1_write:
code should not be reach
Status in QEMU:
New
Bug description:
Hello,
I found an assertion failure in hw/net/vmxnet3.c:1793
This was found in latest version 5.2.0.
my reproduced is as follows:
cat << EOF | ./qemu-system-x86_64 \
-device vmxnet3 \
-display none -nodefaults -qtest stdio
outl 0xcf8 0x80001014
outl 0xcfc 0xf0001000
outl 0xcf8 0x80001018
outl 0xcf8 0x80001004
outw 0xcfc 0x7
writel 0x5c000 0xbabefee1
writel 0x5c028 0x5d000
writel 0x5c03c 0x01010101
writel 0x5d038 0xe0000000
writel 0xf0001038 1
EOF
Backtrace is as follows:
#0 0x00007f6f641a5f47 in __GI_raise (sig=sig@entry=6) at ../sysdeps/unix/sysv/linux/raise.c:51
#1 0x00007f6f641a78b1 in __GI_abort () at abort.c:79
#2 0x00007f6f67922315 in g_assertion_message () at /usr/lib/x86_64-linux-gnu/libglib-2.0.so.0
#3 0x00007f6f6792237a in g_assertion_message_expr () at /usr/lib/x86_64-linux-gnu/libglib-2.0.so.0
#4 0x000055edcaec96af in vmxnet3_io_bar1_write (opaque=0x628000004100, addr=56, val=1, size=4) at ../hw/net/vmxnet3.c:1793
#5 0x000055edcbd294c6 in memory_region_write_accessor (mr=0x628000006b00, addr=56, value=0x7fffd52ba848, size=4, shift=0, mask=4294967295, attrs=...) at ../softmmu/memory.c:491
#6 0x000055edcbd299be in access_with_adjusted_size (addr=56, value=0x7fffd52ba848, size=4, access_size_min=4, access_size_max=4, access_fn=0x55edcbd2918c <memory_region_write_accessor>, mr=0x628000006b00, attrs=...) at ../softmmu/memory.c:552
#7 0x000055edcbd35ef2 in memory_region_dispatch_write (mr=0x628000006b00, addr=56, data=1, op=MO_32, attrs=...) at ../softmmu/memory.c:1501
#8 0x000055edcba1e554 in flatview_write_continue (fv=0x6060000619a0, addr=4026535992, attrs=..., ptr=0x7fffd52bae80, len=4, addr1=56, l=4, mr=0x628000006b00) at ../softmmu/physmem.c:2759
#9 0x000055edcba1e8c5 in flatview_write (fv=0x6060000619a0, addr=4026535992, attrs=..., buf=0x7fffd52bae80, len=4) at ../softmmu/physmem.c:2799
#10 0x000055edcba1f391 in address_space_write (as=0x608000002620, addr=4026535992, attrs=..., buf=0x7fffd52bae80, len=4) at ../softmmu/physmem.c:2891
#11 0x000055edcbaff8d3 in qtest_process_command (chr=0x55edd03ff4a0 <qtest_chr>, words=0x60300007f450) at ../softmmu/qtest.c:534
#12 0x000055edcbb04aa1 in qtest_process_inbuf (chr=0x55edd03ff4a0 <qtest_chr>, inbuf=0x61900000fd00) at ../softmmu/qtest.c:797
#13 0x000055edcbb04bcc in qtest_read (opaque=0x55edd03ff4a0 <qtest_chr>, buf=0x7fffd52bbe30 "outl 0xcf8 0x80001014\noutl 0xcfc 0xf0001000\noutl 0xcf8 0x80001018\noutl 0xcf8 0x80001004\noutw 0xcfc 0x7\nwritel 0x5c000 0xbabefee1\nwritel 0x5c028 0x5d000\nwritel 0x5c03c 0x01010101\nwritel 0x5d038 0xe0000"..., size=225) at ../softmmu/qtest.c:809
#14 0x000055edcbe73742 in qemu_chr_be_write_impl (s=0x60f000002110, buf=0x7fffd52bbe30 "outl 0xcf8 0x80001014\noutl 0xcfc 0xf0001000\noutl 0xcf8 0x80001018\noutl 0xcf8 0x80001004\noutw 0xcfc 0x7\nwritel 0x5c000 0xbabefee1\nwritel 0x5c028 0x5d000\nwritel 0x5c03c 0x01010101\nwritel 0x5d038 0xe0000"..., len=225) at ../chardev/char.c:201
#15 0x000055edcbe73820 in qemu_chr_be_write (s=0x60f000002110, buf=0x7fffd52bbe30 "outl 0xcf8 0x80001014\noutl 0xcfc 0xf0001000\noutl 0xcf8 0x80001018\noutl 0xcf8 0x80001004\noutw 0xcfc 0x7\nwritel 0x5c000 0xbabefee1\nwritel 0x5c028 0x5d000\nwritel 0x5c03c 0x01010101\nwritel 0x5d038 0xe0000"..., len=225) at ../chardev/char.c:213
#16 0x000055edcbe9188e in fd_chr_read (chan=0x608000002520, cond=(G_IO_IN | G_IO_HUP), opaque=0x60f000002110) at ../chardev/char-fd.c:68
#17 0x000055edcbe2379d in qio_channel_fd_source_dispatch (source=0x60c000025c00, callback=0x55edcbe915ac <fd_chr_read>, user_data=0x60f000002110) at ../io/channel-watch.c:84
#18 0x00007f6f678fb285 in g_main_context_dispatch () at /usr/lib/x86_64-linux-gnu/libglib-2.0.so.0
#19 0x000055edcc50b503 in glib_pollfds_poll () at ../util/main-loop.c:221
#20 0x000055edcc50b68b in os_host_main_loop_wait (timeout=0) at ../util/main-loop.c:244
#21 0x000055edcc50b9a5 in main_loop_wait (nonblocking=0) at ../util/main-loop.c:520
#22 0x000055edcbd8805b in qemu_main_loop () at ../softmmu/vl.c:1678
#23 0x000055edcab67e69 in main (argc=8, argv=0x7fffd52bd1d8, envp=0x7fffd52bd220) at ../softmmu/main.c:50
#24 0x00007f6f64188b97 in __libc_start_main (main=0x55edcab67e2a <main>, argc=8, argv=0x7fffd52bd1d8, init=<optimized out>, fini=<optimized out>, rtld_fini=<optimized out>, stack_end=0x7fffd52bd1c8) at ../csu/libc-start.c:310
#25 0x000055edcab67d4a in _start ()
To manage notifications about this bug go to:
https://bugs.launchpad.net/qemu/+bug/1913923/+subscriptions
^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: [Bug 1913923] [NEW] assert issue locates in hw/net/vmxnet3.c:1793:vmxnet3_io_bar1_write: code should not be reach
@ 2021-02-01 7:47 ` Philippe Mathieu-Daudé
0 siblings, 0 replies; 4+ messages in thread
From: Philippe Mathieu-Daudé @ 2021-02-01 7:47 UTC (permalink / raw)
To: Bug 1913923, qemu-devel; +Cc: Dmitry Fleytman
Cc'ing Dmitry Fleytman
On 1/31/21 5:29 AM, Gaoning Pan wrote:
> Public bug reported:
>
> Hello,
>
> I found an assertion failure in hw/net/vmxnet3.c:1793
>
> This was found in latest version 5.2.0.
>
> my reproduced is as follows:
>
>
> cat << EOF | ./qemu-system-x86_64 \
> -device vmxnet3 \
> -display none -nodefaults -qtest stdio
> outl 0xcf8 0x80001014
> outl 0xcfc 0xf0001000
> outl 0xcf8 0x80001018
> outl 0xcf8 0x80001004
> outw 0xcfc 0x7
> writel 0x5c000 0xbabefee1
> writel 0x5c028 0x5d000
> writel 0x5c03c 0x01010101
> writel 0x5d038 0xe0000000
> writel 0xf0001038 1
> EOF
>
>
> Backtrace is as follows:
> #0 0x00007f6f641a5f47 in __GI_raise (sig=sig@entry=6) at ../sysdeps/unix/sysv/linux/raise.c:51
> #1 0x00007f6f641a78b1 in __GI_abort () at abort.c:79
> #2 0x00007f6f67922315 in g_assertion_message () at /usr/lib/x86_64-linux-gnu/libglib-2.0.so.0
> #3 0x00007f6f6792237a in g_assertion_message_expr () at /usr/lib/x86_64-linux-gnu/libglib-2.0.so.0
> #4 0x000055edcaec96af in vmxnet3_io_bar1_write (opaque=0x628000004100, addr=56, val=1, size=4) at ../hw/net/vmxnet3.c:1793
> #5 0x000055edcbd294c6 in memory_region_write_accessor (mr=0x628000006b00, addr=56, value=0x7fffd52ba848, size=4, shift=0, mask=4294967295, attrs=...) at ../softmmu/memory.c:491
> #6 0x000055edcbd299be in access_with_adjusted_size (addr=56, value=0x7fffd52ba848, size=4, access_size_min=4, access_size_max=4, access_fn=0x55edcbd2918c <memory_region_write_accessor>, mr=0x628000006b00, attrs=...) at ../softmmu/memory.c:552
> #7 0x000055edcbd35ef2 in memory_region_dispatch_write (mr=0x628000006b00, addr=56, data=1, op=MO_32, attrs=...) at ../softmmu/memory.c:1501
> #8 0x000055edcba1e554 in flatview_write_continue (fv=0x6060000619a0, addr=4026535992, attrs=..., ptr=0x7fffd52bae80, len=4, addr1=56, l=4, mr=0x628000006b00) at ../softmmu/physmem.c:2759
> #9 0x000055edcba1e8c5 in flatview_write (fv=0x6060000619a0, addr=4026535992, attrs=..., buf=0x7fffd52bae80, len=4) at ../softmmu/physmem.c:2799
> #10 0x000055edcba1f391 in address_space_write (as=0x608000002620, addr=4026535992, attrs=..., buf=0x7fffd52bae80, len=4) at ../softmmu/physmem.c:2891
> #11 0x000055edcbaff8d3 in qtest_process_command (chr=0x55edd03ff4a0 <qtest_chr>, words=0x60300007f450) at ../softmmu/qtest.c:534
> #12 0x000055edcbb04aa1 in qtest_process_inbuf (chr=0x55edd03ff4a0 <qtest_chr>, inbuf=0x61900000fd00) at ../softmmu/qtest.c:797
> #13 0x000055edcbb04bcc in qtest_read (opaque=0x55edd03ff4a0 <qtest_chr>, buf=0x7fffd52bbe30 "outl 0xcf8 0x80001014\noutl 0xcfc 0xf0001000\noutl 0xcf8 0x80001018\noutl 0xcf8 0x80001004\noutw 0xcfc 0x7\nwritel 0x5c000 0xbabefee1\nwritel 0x5c028 0x5d000\nwritel 0x5c03c 0x01010101\nwritel 0x5d038 0xe0000"..., size=225) at ../softmmu/qtest.c:809
> #14 0x000055edcbe73742 in qemu_chr_be_write_impl (s=0x60f000002110, buf=0x7fffd52bbe30 "outl 0xcf8 0x80001014\noutl 0xcfc 0xf0001000\noutl 0xcf8 0x80001018\noutl 0xcf8 0x80001004\noutw 0xcfc 0x7\nwritel 0x5c000 0xbabefee1\nwritel 0x5c028 0x5d000\nwritel 0x5c03c 0x01010101\nwritel 0x5d038 0xe0000"..., len=225) at ../chardev/char.c:201
> #15 0x000055edcbe73820 in qemu_chr_be_write (s=0x60f000002110, buf=0x7fffd52bbe30 "outl 0xcf8 0x80001014\noutl 0xcfc 0xf0001000\noutl 0xcf8 0x80001018\noutl 0xcf8 0x80001004\noutw 0xcfc 0x7\nwritel 0x5c000 0xbabefee1\nwritel 0x5c028 0x5d000\nwritel 0x5c03c 0x01010101\nwritel 0x5d038 0xe0000"..., len=225) at ../chardev/char.c:213
> #16 0x000055edcbe9188e in fd_chr_read (chan=0x608000002520, cond=(G_IO_IN | G_IO_HUP), opaque=0x60f000002110) at ../chardev/char-fd.c:68
> #17 0x000055edcbe2379d in qio_channel_fd_source_dispatch (source=0x60c000025c00, callback=0x55edcbe915ac <fd_chr_read>, user_data=0x60f000002110) at ../io/channel-watch.c:84
> #18 0x00007f6f678fb285 in g_main_context_dispatch () at /usr/lib/x86_64-linux-gnu/libglib-2.0.so.0
> #19 0x000055edcc50b503 in glib_pollfds_poll () at ../util/main-loop.c:221
> #20 0x000055edcc50b68b in os_host_main_loop_wait (timeout=0) at ../util/main-loop.c:244
> #21 0x000055edcc50b9a5 in main_loop_wait (nonblocking=0) at ../util/main-loop.c:520
> #22 0x000055edcbd8805b in qemu_main_loop () at ../softmmu/vl.c:1678
> #23 0x000055edcab67e69 in main (argc=8, argv=0x7fffd52bd1d8, envp=0x7fffd52bd220) at ../softmmu/main.c:50
> #24 0x00007f6f64188b97 in __libc_start_main (main=0x55edcab67e2a <main>, argc=8, argv=0x7fffd52bd1d8, init=<optimized out>, fini=<optimized out>, rtld_fini=<optimized out>, stack_end=0x7fffd52bd1c8) at ../csu/libc-start.c:310
> #25 0x000055edcab67d4a in _start ()
^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: [Bug 1913923] [NEW] assert issue locates in hw/net/vmxnet3.c:1793:vmxnet3_io_bar1_write: code should not be reach
@ 2021-02-01 7:47 ` Philippe Mathieu-Daudé
0 siblings, 0 replies; 4+ messages in thread
From: Philippe Mathieu-Daudé @ 2021-02-01 7:47 UTC (permalink / raw)
To: qemu-devel
Cc'ing Dmitry Fleytman
On 1/31/21 5:29 AM, Gaoning Pan wrote:
> Public bug reported:
>
> Hello,
>
> I found an assertion failure in hw/net/vmxnet3.c:1793
>
> This was found in latest version 5.2.0.
>
> my reproduced is as follows:
>
>
> cat << EOF | ./qemu-system-x86_64 \
> -device vmxnet3 \
> -display none -nodefaults -qtest stdio
> outl 0xcf8 0x80001014
> outl 0xcfc 0xf0001000
> outl 0xcf8 0x80001018
> outl 0xcf8 0x80001004
> outw 0xcfc 0x7
> writel 0x5c000 0xbabefee1
> writel 0x5c028 0x5d000
> writel 0x5c03c 0x01010101
> writel 0x5d038 0xe0000000
> writel 0xf0001038 1
> EOF
>
>
> Backtrace is as follows:
> #0 0x00007f6f641a5f47 in __GI_raise (sig=sig@entry=6) at ../sysdeps/unix/sysv/linux/raise.c:51
> #1 0x00007f6f641a78b1 in __GI_abort () at abort.c:79
> #2 0x00007f6f67922315 in g_assertion_message () at /usr/lib/x86_64-linux-gnu/libglib-2.0.so.0
> #3 0x00007f6f6792237a in g_assertion_message_expr () at /usr/lib/x86_64-linux-gnu/libglib-2.0.so.0
> #4 0x000055edcaec96af in vmxnet3_io_bar1_write (opaque=0x628000004100, addr=56, val=1, size=4) at ../hw/net/vmxnet3.c:1793
> #5 0x000055edcbd294c6 in memory_region_write_accessor (mr=0x628000006b00, addr=56, value=0x7fffd52ba848, size=4, shift=0, mask=4294967295, attrs=...) at ../softmmu/memory.c:491
> #6 0x000055edcbd299be in access_with_adjusted_size (addr=56, value=0x7fffd52ba848, size=4, access_size_min=4, access_size_max=4, access_fn=0x55edcbd2918c <memory_region_write_accessor>, mr=0x628000006b00, attrs=...) at ../softmmu/memory.c:552
> #7 0x000055edcbd35ef2 in memory_region_dispatch_write (mr=0x628000006b00, addr=56, data=1, op=MO_32, attrs=...) at ../softmmu/memory.c:1501
> #8 0x000055edcba1e554 in flatview_write_continue (fv=0x6060000619a0, addr=4026535992, attrs=..., ptr=0x7fffd52bae80, len=4, addr1=56, l=4, mr=0x628000006b00) at ../softmmu/physmem.c:2759
> #9 0x000055edcba1e8c5 in flatview_write (fv=0x6060000619a0, addr=4026535992, attrs=..., buf=0x7fffd52bae80, len=4) at ../softmmu/physmem.c:2799
> #10 0x000055edcba1f391 in address_space_write (as=0x608000002620, addr=4026535992, attrs=..., buf=0x7fffd52bae80, len=4) at ../softmmu/physmem.c:2891
> #11 0x000055edcbaff8d3 in qtest_process_command (chr=0x55edd03ff4a0 <qtest_chr>, words=0x60300007f450) at ../softmmu/qtest.c:534
> #12 0x000055edcbb04aa1 in qtest_process_inbuf (chr=0x55edd03ff4a0 <qtest_chr>, inbuf=0x61900000fd00) at ../softmmu/qtest.c:797
> #13 0x000055edcbb04bcc in qtest_read (opaque=0x55edd03ff4a0 <qtest_chr>, buf=0x7fffd52bbe30 "outl 0xcf8 0x80001014\noutl 0xcfc 0xf0001000\noutl 0xcf8 0x80001018\noutl 0xcf8 0x80001004\noutw 0xcfc 0x7\nwritel 0x5c000 0xbabefee1\nwritel 0x5c028 0x5d000\nwritel 0x5c03c 0x01010101\nwritel 0x5d038 0xe0000"..., size=225) at ../softmmu/qtest.c:809
> #14 0x000055edcbe73742 in qemu_chr_be_write_impl (s=0x60f000002110, buf=0x7fffd52bbe30 "outl 0xcf8 0x80001014\noutl 0xcfc 0xf0001000\noutl 0xcf8 0x80001018\noutl 0xcf8 0x80001004\noutw 0xcfc 0x7\nwritel 0x5c000 0xbabefee1\nwritel 0x5c028 0x5d000\nwritel 0x5c03c 0x01010101\nwritel 0x5d038 0xe0000"..., len=225) at ../chardev/char.c:201
> #15 0x000055edcbe73820 in qemu_chr_be_write (s=0x60f000002110, buf=0x7fffd52bbe30 "outl 0xcf8 0x80001014\noutl 0xcfc 0xf0001000\noutl 0xcf8 0x80001018\noutl 0xcf8 0x80001004\noutw 0xcfc 0x7\nwritel 0x5c000 0xbabefee1\nwritel 0x5c028 0x5d000\nwritel 0x5c03c 0x01010101\nwritel 0x5d038 0xe0000"..., len=225) at ../chardev/char.c:213
> #16 0x000055edcbe9188e in fd_chr_read (chan=0x608000002520, cond=(G_IO_IN | G_IO_HUP), opaque=0x60f000002110) at ../chardev/char-fd.c:68
> #17 0x000055edcbe2379d in qio_channel_fd_source_dispatch (source=0x60c000025c00, callback=0x55edcbe915ac <fd_chr_read>, user_data=0x60f000002110) at ../io/channel-watch.c:84
> #18 0x00007f6f678fb285 in g_main_context_dispatch () at /usr/lib/x86_64-linux-gnu/libglib-2.0.so.0
> #19 0x000055edcc50b503 in glib_pollfds_poll () at ../util/main-loop.c:221
> #20 0x000055edcc50b68b in os_host_main_loop_wait (timeout=0) at ../util/main-loop.c:244
> #21 0x000055edcc50b9a5 in main_loop_wait (nonblocking=0) at ../util/main-loop.c:520
> #22 0x000055edcbd8805b in qemu_main_loop () at ../softmmu/vl.c:1678
> #23 0x000055edcab67e69 in main (argc=8, argv=0x7fffd52bd1d8, envp=0x7fffd52bd220) at ../softmmu/main.c:50
> #24 0x00007f6f64188b97 in __libc_start_main (main=0x55edcab67e2a <main>, argc=8, argv=0x7fffd52bd1d8, init=<optimized out>, fini=<optimized out>, rtld_fini=<optimized out>, stack_end=0x7fffd52bd1c8) at ../csu/libc-start.c:310
> #25 0x000055edcab67d4a in _start ()
--
You received this bug notification because you are a member of qemu-
devel-ml, which is subscribed to QEMU.
https://bugs.launchpad.net/bugs/1913923
Title:
assert issue locates in hw/net/vmxnet3.c:1793:vmxnet3_io_bar1_write:
code should not be reach
Status in QEMU:
New
Bug description:
Hello,
I found an assertion failure in hw/net/vmxnet3.c:1793
This was found in latest version 5.2.0.
my reproduced is as follows:
cat << EOF | ./qemu-system-x86_64 \
-device vmxnet3 \
-display none -nodefaults -qtest stdio
outl 0xcf8 0x80001014
outl 0xcfc 0xf0001000
outl 0xcf8 0x80001018
outl 0xcf8 0x80001004
outw 0xcfc 0x7
writel 0x5c000 0xbabefee1
writel 0x5c028 0x5d000
writel 0x5c03c 0x01010101
writel 0x5d038 0xe0000000
writel 0xf0001038 1
EOF
Backtrace is as follows:
#0 0x00007f6f641a5f47 in __GI_raise (sig=sig@entry=6) at ../sysdeps/unix/sysv/linux/raise.c:51
#1 0x00007f6f641a78b1 in __GI_abort () at abort.c:79
#2 0x00007f6f67922315 in g_assertion_message () at /usr/lib/x86_64-linux-gnu/libglib-2.0.so.0
#3 0x00007f6f6792237a in g_assertion_message_expr () at /usr/lib/x86_64-linux-gnu/libglib-2.0.so.0
#4 0x000055edcaec96af in vmxnet3_io_bar1_write (opaque=0x628000004100, addr=56, val=1, size=4) at ../hw/net/vmxnet3.c:1793
#5 0x000055edcbd294c6 in memory_region_write_accessor (mr=0x628000006b00, addr=56, value=0x7fffd52ba848, size=4, shift=0, mask=4294967295, attrs=...) at ../softmmu/memory.c:491
#6 0x000055edcbd299be in access_with_adjusted_size (addr=56, value=0x7fffd52ba848, size=4, access_size_min=4, access_size_max=4, access_fn=0x55edcbd2918c <memory_region_write_accessor>, mr=0x628000006b00, attrs=...) at ../softmmu/memory.c:552
#7 0x000055edcbd35ef2 in memory_region_dispatch_write (mr=0x628000006b00, addr=56, data=1, op=MO_32, attrs=...) at ../softmmu/memory.c:1501
#8 0x000055edcba1e554 in flatview_write_continue (fv=0x6060000619a0, addr=4026535992, attrs=..., ptr=0x7fffd52bae80, len=4, addr1=56, l=4, mr=0x628000006b00) at ../softmmu/physmem.c:2759
#9 0x000055edcba1e8c5 in flatview_write (fv=0x6060000619a0, addr=4026535992, attrs=..., buf=0x7fffd52bae80, len=4) at ../softmmu/physmem.c:2799
#10 0x000055edcba1f391 in address_space_write (as=0x608000002620, addr=4026535992, attrs=..., buf=0x7fffd52bae80, len=4) at ../softmmu/physmem.c:2891
#11 0x000055edcbaff8d3 in qtest_process_command (chr=0x55edd03ff4a0 <qtest_chr>, words=0x60300007f450) at ../softmmu/qtest.c:534
#12 0x000055edcbb04aa1 in qtest_process_inbuf (chr=0x55edd03ff4a0 <qtest_chr>, inbuf=0x61900000fd00) at ../softmmu/qtest.c:797
#13 0x000055edcbb04bcc in qtest_read (opaque=0x55edd03ff4a0 <qtest_chr>, buf=0x7fffd52bbe30 "outl 0xcf8 0x80001014\noutl 0xcfc 0xf0001000\noutl 0xcf8 0x80001018\noutl 0xcf8 0x80001004\noutw 0xcfc 0x7\nwritel 0x5c000 0xbabefee1\nwritel 0x5c028 0x5d000\nwritel 0x5c03c 0x01010101\nwritel 0x5d038 0xe0000"..., size=225) at ../softmmu/qtest.c:809
#14 0x000055edcbe73742 in qemu_chr_be_write_impl (s=0x60f000002110, buf=0x7fffd52bbe30 "outl 0xcf8 0x80001014\noutl 0xcfc 0xf0001000\noutl 0xcf8 0x80001018\noutl 0xcf8 0x80001004\noutw 0xcfc 0x7\nwritel 0x5c000 0xbabefee1\nwritel 0x5c028 0x5d000\nwritel 0x5c03c 0x01010101\nwritel 0x5d038 0xe0000"..., len=225) at ../chardev/char.c:201
#15 0x000055edcbe73820 in qemu_chr_be_write (s=0x60f000002110, buf=0x7fffd52bbe30 "outl 0xcf8 0x80001014\noutl 0xcfc 0xf0001000\noutl 0xcf8 0x80001018\noutl 0xcf8 0x80001004\noutw 0xcfc 0x7\nwritel 0x5c000 0xbabefee1\nwritel 0x5c028 0x5d000\nwritel 0x5c03c 0x01010101\nwritel 0x5d038 0xe0000"..., len=225) at ../chardev/char.c:213
#16 0x000055edcbe9188e in fd_chr_read (chan=0x608000002520, cond=(G_IO_IN | G_IO_HUP), opaque=0x60f000002110) at ../chardev/char-fd.c:68
#17 0x000055edcbe2379d in qio_channel_fd_source_dispatch (source=0x60c000025c00, callback=0x55edcbe915ac <fd_chr_read>, user_data=0x60f000002110) at ../io/channel-watch.c:84
#18 0x00007f6f678fb285 in g_main_context_dispatch () at /usr/lib/x86_64-linux-gnu/libglib-2.0.so.0
#19 0x000055edcc50b503 in glib_pollfds_poll () at ../util/main-loop.c:221
#20 0x000055edcc50b68b in os_host_main_loop_wait (timeout=0) at ../util/main-loop.c:244
#21 0x000055edcc50b9a5 in main_loop_wait (nonblocking=0) at ../util/main-loop.c:520
#22 0x000055edcbd8805b in qemu_main_loop () at ../softmmu/vl.c:1678
#23 0x000055edcab67e69 in main (argc=8, argv=0x7fffd52bd1d8, envp=0x7fffd52bd220) at ../softmmu/main.c:50
#24 0x00007f6f64188b97 in __libc_start_main (main=0x55edcab67e2a <main>, argc=8, argv=0x7fffd52bd1d8, init=<optimized out>, fini=<optimized out>, rtld_fini=<optimized out>, stack_end=0x7fffd52bd1c8) at ../csu/libc-start.c:310
#25 0x000055edcab67d4a in _start ()
To manage notifications about this bug go to:
https://bugs.launchpad.net/qemu/+bug/1913923/+subscriptions
^ permalink raw reply [flat|nested] 4+ messages in thread
* [Bug 1913923] Re: assert issue locates in hw/net/vmxnet3.c:1793:vmxnet3_io_bar1_write: code should not be reach
2021-01-31 4:29 [Bug 1913923] [NEW] assert issue locates in hw/net/vmxnet3.c:1793:vmxnet3_io_bar1_write: code should not be reach Gaoning Pan
2021-02-01 7:47 ` Philippe Mathieu-Daudé
@ 2021-05-14 19:29 ` Thomas Huth
1 sibling, 0 replies; 4+ messages in thread
From: Thomas Huth @ 2021-05-14 19:29 UTC (permalink / raw)
To: qemu-devel
This is an automated cleanup. This bug report has been moved to QEMU's
new bug tracker on gitlab.com and thus gets marked as 'expired' now.
Please continue with the discussion here:
https://gitlab.com/qemu-project/qemu/-/issues/309
** Changed in: qemu
Status: New => Expired
** Bug watch added: gitlab.com/qemu-project/qemu/-/issues #309
https://gitlab.com/qemu-project/qemu/-/issues/309
--
You received this bug notification because you are a member of qemu-
devel-ml, which is subscribed to QEMU.
https://bugs.launchpad.net/bugs/1913923
Title:
assert issue locates in hw/net/vmxnet3.c:1793:vmxnet3_io_bar1_write:
code should not be reach
Status in QEMU:
Expired
Bug description:
Hello,
I found an assertion failure in hw/net/vmxnet3.c:1793
This was found in latest version 5.2.0.
my reproduced is as follows:
cat << EOF | ./qemu-system-x86_64 \
-device vmxnet3 \
-display none -nodefaults -qtest stdio
outl 0xcf8 0x80001014
outl 0xcfc 0xf0001000
outl 0xcf8 0x80001018
outl 0xcf8 0x80001004
outw 0xcfc 0x7
writel 0x5c000 0xbabefee1
writel 0x5c028 0x5d000
writel 0x5c03c 0x01010101
writel 0x5d038 0xe0000000
writel 0xf0001038 1
EOF
Backtrace is as follows:
#0 0x00007f6f641a5f47 in __GI_raise (sig=sig@entry=6) at ../sysdeps/unix/sysv/linux/raise.c:51
#1 0x00007f6f641a78b1 in __GI_abort () at abort.c:79
#2 0x00007f6f67922315 in g_assertion_message () at /usr/lib/x86_64-linux-gnu/libglib-2.0.so.0
#3 0x00007f6f6792237a in g_assertion_message_expr () at /usr/lib/x86_64-linux-gnu/libglib-2.0.so.0
#4 0x000055edcaec96af in vmxnet3_io_bar1_write (opaque=0x628000004100, addr=56, val=1, size=4) at ../hw/net/vmxnet3.c:1793
#5 0x000055edcbd294c6 in memory_region_write_accessor (mr=0x628000006b00, addr=56, value=0x7fffd52ba848, size=4, shift=0, mask=4294967295, attrs=...) at ../softmmu/memory.c:491
#6 0x000055edcbd299be in access_with_adjusted_size (addr=56, value=0x7fffd52ba848, size=4, access_size_min=4, access_size_max=4, access_fn=0x55edcbd2918c <memory_region_write_accessor>, mr=0x628000006b00, attrs=...) at ../softmmu/memory.c:552
#7 0x000055edcbd35ef2 in memory_region_dispatch_write (mr=0x628000006b00, addr=56, data=1, op=MO_32, attrs=...) at ../softmmu/memory.c:1501
#8 0x000055edcba1e554 in flatview_write_continue (fv=0x6060000619a0, addr=4026535992, attrs=..., ptr=0x7fffd52bae80, len=4, addr1=56, l=4, mr=0x628000006b00) at ../softmmu/physmem.c:2759
#9 0x000055edcba1e8c5 in flatview_write (fv=0x6060000619a0, addr=4026535992, attrs=..., buf=0x7fffd52bae80, len=4) at ../softmmu/physmem.c:2799
#10 0x000055edcba1f391 in address_space_write (as=0x608000002620, addr=4026535992, attrs=..., buf=0x7fffd52bae80, len=4) at ../softmmu/physmem.c:2891
#11 0x000055edcbaff8d3 in qtest_process_command (chr=0x55edd03ff4a0 <qtest_chr>, words=0x60300007f450) at ../softmmu/qtest.c:534
#12 0x000055edcbb04aa1 in qtest_process_inbuf (chr=0x55edd03ff4a0 <qtest_chr>, inbuf=0x61900000fd00) at ../softmmu/qtest.c:797
#13 0x000055edcbb04bcc in qtest_read (opaque=0x55edd03ff4a0 <qtest_chr>, buf=0x7fffd52bbe30 "outl 0xcf8 0x80001014\noutl 0xcfc 0xf0001000\noutl 0xcf8 0x80001018\noutl 0xcf8 0x80001004\noutw 0xcfc 0x7\nwritel 0x5c000 0xbabefee1\nwritel 0x5c028 0x5d000\nwritel 0x5c03c 0x01010101\nwritel 0x5d038 0xe0000"..., size=225) at ../softmmu/qtest.c:809
#14 0x000055edcbe73742 in qemu_chr_be_write_impl (s=0x60f000002110, buf=0x7fffd52bbe30 "outl 0xcf8 0x80001014\noutl 0xcfc 0xf0001000\noutl 0xcf8 0x80001018\noutl 0xcf8 0x80001004\noutw 0xcfc 0x7\nwritel 0x5c000 0xbabefee1\nwritel 0x5c028 0x5d000\nwritel 0x5c03c 0x01010101\nwritel 0x5d038 0xe0000"..., len=225) at ../chardev/char.c:201
#15 0x000055edcbe73820 in qemu_chr_be_write (s=0x60f000002110, buf=0x7fffd52bbe30 "outl 0xcf8 0x80001014\noutl 0xcfc 0xf0001000\noutl 0xcf8 0x80001018\noutl 0xcf8 0x80001004\noutw 0xcfc 0x7\nwritel 0x5c000 0xbabefee1\nwritel 0x5c028 0x5d000\nwritel 0x5c03c 0x01010101\nwritel 0x5d038 0xe0000"..., len=225) at ../chardev/char.c:213
#16 0x000055edcbe9188e in fd_chr_read (chan=0x608000002520, cond=(G_IO_IN | G_IO_HUP), opaque=0x60f000002110) at ../chardev/char-fd.c:68
#17 0x000055edcbe2379d in qio_channel_fd_source_dispatch (source=0x60c000025c00, callback=0x55edcbe915ac <fd_chr_read>, user_data=0x60f000002110) at ../io/channel-watch.c:84
#18 0x00007f6f678fb285 in g_main_context_dispatch () at /usr/lib/x86_64-linux-gnu/libglib-2.0.so.0
#19 0x000055edcc50b503 in glib_pollfds_poll () at ../util/main-loop.c:221
#20 0x000055edcc50b68b in os_host_main_loop_wait (timeout=0) at ../util/main-loop.c:244
#21 0x000055edcc50b9a5 in main_loop_wait (nonblocking=0) at ../util/main-loop.c:520
#22 0x000055edcbd8805b in qemu_main_loop () at ../softmmu/vl.c:1678
#23 0x000055edcab67e69 in main (argc=8, argv=0x7fffd52bd1d8, envp=0x7fffd52bd220) at ../softmmu/main.c:50
#24 0x00007f6f64188b97 in __libc_start_main (main=0x55edcab67e2a <main>, argc=8, argv=0x7fffd52bd1d8, init=<optimized out>, fini=<optimized out>, rtld_fini=<optimized out>, stack_end=0x7fffd52bd1c8) at ../csu/libc-start.c:310
#25 0x000055edcab67d4a in _start ()
To manage notifications about this bug go to:
https://bugs.launchpad.net/qemu/+bug/1913923/+subscriptions
^ permalink raw reply [flat|nested] 4+ messages in thread
end of thread, other threads:[~2021-05-14 19:37 UTC | newest]
Thread overview: 4+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2021-01-31 4:29 [Bug 1913923] [NEW] assert issue locates in hw/net/vmxnet3.c:1793:vmxnet3_io_bar1_write: code should not be reach Gaoning Pan
2021-02-01 7:47 ` Philippe Mathieu-Daudé
2021-02-01 7:47 ` Philippe Mathieu-Daudé
2021-05-14 19:29 ` [Bug 1913923] " Thomas Huth
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.