[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Plugin Memory Callback Debugging
|
From: |
Aaron Lindsay |
|
Subject: |
Re: Plugin Memory Callback Debugging |
|
Date: |
Fri, 18 Nov 2022 17:02:38 -0500 |
Sorry, left off the very end of my timeline:
On Nov 18 16:58, Aaron Lindsay wrote:
> I have, so far, discovered the following timeline:
> 1. My plugin receives a instruction execution callback for a load
> instruction. At this time, cpu->plugin_mem_cbs points to the same
> memory which will later be freed
> 2. During the handling of this callback, my plugin calls qemu_plugin_reset()
> 3. Ostensibly something goes wrong here with the cleanup of
> cpu->plugin_mem_cbs???
> 4. Step 2 triggers the TBs to be flushed, which frees the memory pointed
> to by cpu->plugin_mem_cbs
5. A store exclusive instruction is translated and then executed, which
requires the use of a helper. When executed, this helper checks
cpu->plugin_mem_cbs, which is non-null, so it attempts to dereference
and use it, resulting in the assertion.
-Aaron
Re: Plugin Memory Callback Debugging, Emilio Cota, 2022/11/16