Re: [Qemu-devel] ARM64 STR Instruction Crash Regression in TCG

qemu-devel

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Qemu-devel] ARM64 STR Instruction Crash Regression in TCG

From:	Richard Henderson
Subject:	Re: [Qemu-devel] ARM64 STR Instruction Crash Regression in TCG
Date:	Sun, 22 Jul 2018 14:31:18 -0700
User-agent:	Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Thunderbird/52.9.1

On 07/22/2018 01:47 PM, Jason A. Donenfeld wrote:
> Hello,
> 
> Gcc 7.3 compiles bash's array_flush's dual assignment using:
> 
> STP             X20, X20, [X20,#0x10]
> 
> But gcc 8.1 compiles it as:
> 
> STR             Q0, [X20,#0x10]
> 
> Real processors seem okay, and qemu 2.11 seems okay. But qemu 2.12
> results in a segfaulting process. I'm pretty sure this is a TCG bug.
> 
> In the attached tarball, please find kernel and run.sh. Calling
> ./run.sh will start the kernel with the bad bash executable that tries
> to execute `config=({1..100000})` and crashes. Also included in there
> is the actual crashing bash binary, in case you'd like to disassemble
> a little bit.

Interesting.  The test passes on master with --enable-debug, but fails when
qemu is compiled with optimization...

I'll dig a bit deeper.


r~

[Prev in Thread]

Current Thread

[Next in Thread]

[Qemu-devel] ARM64 STR Instruction Crash Regression in TCG, Jason A. Donenfeld, 2018/07/22
- Re: [Qemu-devel] ARM64 STR Instruction Crash Regression in TCG, Richard Henderson <=
  - Re: [Qemu-devel] ARM64 STR Instruction Crash Regression in TCG, Richard Henderson, 2018/07/22

Prev by Date: [Qemu-devel] [Bug 1769189] Re: Issue with qemu 2.12.0 + SATA
Next by Date: [Qemu-devel] qemu-system-ppc -M mac99 and -soundhw es1370 doesn't start
Previous by thread: [Qemu-devel] ARM64 STR Instruction Crash Regression in TCG
Next by thread: Re: [Qemu-devel] ARM64 STR Instruction Crash Regression in TCG
Index(es):
- Date
- Thread