[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[PULL 11/16] hw/misc/grlib_ahb_apb_pnp: Avoid crash when writing to AHB
From: |
Philippe Mathieu-Daudé |
Subject: |
[PULL 11/16] hw/misc/grlib_ahb_apb_pnp: Avoid crash when writing to AHB PnP registers |
Date: |
Tue, 9 Jun 2020 09:32:09 +0200 |
Similarly to commit 158b659451 with the APB PnP registers, guests
can crash QEMU when writting to the AHB PnP registers:
$ echo 'writeb 0xfffff042 69' | qemu-system-sparc -M leon3_generic -S -bios
/etc/magic -qtest stdio
[I 1571938309.932255] OPENED
[R +0.063474] writeb 0xfffff042 69
Segmentation fault (core dumped)
(gdb) bt
#0 0x0000000000000000 in ()
#1 0x0000562999110df4 in memory_region_write_with_attrs_accessor
(mr=mr@entry=0x56299aa28ea0, addr=66, value=value@entry=0x7fff6abe13b8,
size=size@entry=1, shift=<optimized out>, mask=mask@entry=255, attrs=...) at
memory.c:503
#2 0x000056299911095e in access_with_adjusted_size
(addr=addr@entry=66, value=value@entry=0x7fff6abe13b8, size=size@entry=1,
access_size_min=<optimized out>, access_size_max=<optimized out>,
access_fn=access_fn@entry=
0x562999110d70 <memory_region_write_with_attrs_accessor>,
mr=0x56299aa28ea0, attrs=...) at memory.c:539
#3 0x0000562999114fba in memory_region_dispatch_write
(mr=mr@entry=0x56299aa28ea0, addr=66, data=<optimized out>, op=<optimized out>,
attrs=attrs@entry=...) at memory.c:1482
#4 0x00005629990c0860 in flatview_write_continue
(fv=fv@entry=0x56299aa7d8a0, addr=addr@entry=4294963266, attrs=...,
ptr=ptr@entry=0x7fff6abe1540, len=len@entry=1, addr1=<optimized out>,
l=<optimized out>, mr=0x56299aa28ea0)
at include/qemu/host-utils.h:164
#5 0x00005629990c0a76 in flatview_write (fv=0x56299aa7d8a0, addr=4294963266,
attrs=..., buf=0x7fff6abe1540, len=1) at exec.c:3165
#6 0x00005629990c4c1b in address_space_write (as=<optimized out>,
addr=<optimized out>, attrs=..., attrs@entry=..., buf=buf@entry=0x7fff6abe1540,
len=len@entry=1) at exec.c:3256
#7 0x000056299910f807 in qtest_process_command (chr=chr@entry=0x5629995ee920
<qtest_chr>, words=words@entry=0x56299acfcfa0) at qtest.c:437
Instead of crashing, log the access as unimplemented.
Signed-off-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Reviewed-by: KONRAD Frederic <frederic.konrad@adacore.com>
Message-Id: <20200331105048.27989-3-f4bug@amsat.org>
---
hw/misc/grlib_ahb_apb_pnp.c | 7 +++++++
1 file changed, 7 insertions(+)
diff --git a/hw/misc/grlib_ahb_apb_pnp.c b/hw/misc/grlib_ahb_apb_pnp.c
index e230e25363..72a8764776 100644
--- a/hw/misc/grlib_ahb_apb_pnp.c
+++ b/hw/misc/grlib_ahb_apb_pnp.c
@@ -136,8 +136,15 @@ static uint64_t grlib_ahb_pnp_read(void *opaque, hwaddr
offset, unsigned size)
return ahb_pnp->regs[offset >> 2];
}
+static void grlib_ahb_pnp_write(void *opaque, hwaddr addr,
+ uint64_t val, unsigned size)
+{
+ qemu_log_mask(LOG_UNIMP, "%s not implemented\n", __func__);
+}
+
static const MemoryRegionOps grlib_ahb_pnp_ops = {
.read = grlib_ahb_pnp_read,
+ .write = grlib_ahb_pnp_write,
.endianness = DEVICE_BIG_ENDIAN,
};
--
2.21.3
- [PULL 01/16] hw/sparc/sun4m: Use UnimplementedDevice for I/O devices, (continued)
- [PULL 01/16] hw/sparc/sun4m: Use UnimplementedDevice for I/O devices, Philippe Mathieu-Daudé, 2020/06/09
- [PULL 06/16] hw/misc/empty_slot: Move the 'hw/misc' and cover in MAINTAINERS, Philippe Mathieu-Daudé, 2020/06/09
- [PULL 04/16] hw/misc/empty_slot: Add a 'name' qdev property, Philippe Mathieu-Daudé, 2020/06/09
- [PULL 03/16] hw/misc/empty_slot: Convert 'size' field as qdev property, Philippe Mathieu-Daudé, 2020/06/09
- [PULL 09/16] hw/sparc64/niagara: Map the UART device unconditionally, Philippe Mathieu-Daudé, 2020/06/09
- [PULL 07/16] hw/misc/empty_slot: Name the slots when created, Philippe Mathieu-Daudé, 2020/06/09
- [PULL 12/16] hw/misc/grlib_ahb_apb_pnp: Fix AHB PnP 8-bit accesses, Philippe Mathieu-Daudé, 2020/06/09
- [PULL 05/16] hw/misc/empty_slot: Convert debug printf() to trace event, Philippe Mathieu-Daudé, 2020/06/09
- [PULL 13/16] hw/misc/grlib_ahb_apb_pnp: Add trace events on read accesses, Philippe Mathieu-Daudé, 2020/06/09
- [PULL 14/16] hw/timer/grlib_gptimer: Display frequency in decimal, Philippe Mathieu-Daudé, 2020/06/09
- [PULL 11/16] hw/misc/grlib_ahb_apb_pnp: Avoid crash when writing to AHB PnP registers,
Philippe Mathieu-Daudé <=
- [PULL 15/16] target/sparc/int32_helper: Remove DEBUG_PCALL definition, Philippe Mathieu-Daudé, 2020/06/09
- [PULL 08/16] hw/sparc/leon3: Map the UART device unconditionally, Philippe Mathieu-Daudé, 2020/06/09
- [PULL 10/16] hw/sparc64/niagara: Remove duplicated NIAGARA_UART_BASE definition, Philippe Mathieu-Daudé, 2020/06/09
- [PULL 16/16] target/sparc/int32_helper: Extract and use excp_name_str(), Philippe Mathieu-Daudé, 2020/06/09
- Re: [PULL 00/16] SPARC patches for 2020-06-09, Peter Maydell, 2020/06/09
- Re: [PULL 00/16] SPARC patches for 2020-06-09, Mark Cave-Ayland, 2020/06/09