[Bug 1785203] Re: accel/tcg/translate-all.c:2511: page_check

qemu-devel

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Bug 1785203] Re: accel/tcg/translate-all.c:2511: page_check_range: Asse

From:	Serge Belyshev
Subject:	[Bug 1785203] Re: accel/tcg/translate-all.c:2511: page_check_range: Assertion `start < ((target_ulong)1 << L1_MAP_ADDR_SPACE_BITS)' failed.
Date:	Sat, 05 Sep 2020 09:19:25 -0000

Fixed by 0acd4ab849827bbc20402e01c9da088207c0d236  ("linux-user: check
valid address in access_ok()"),  fix released in v5.0.0.

** Changed in: qemu
       Status: New => Fix Released

-- 
You received this bug notification because you are a member of qemu-
devel-ml, which is subscribed to QEMU.
https://bugs.launchpad.net/bugs/1785203

Title:
  accel/tcg/translate-all.c:2511: page_check_range: Assertion `start <
  ((target_ulong)1 << L1_MAP_ADDR_SPACE_BITS)' failed.

Status in QEMU:
  Fix Released

Bug description:
  qemu-riscv64 version 2.12.93 crashes when mincore() is called with
  invalid pointer with the following message:

  qemu-riscv64: /opt/qemu/accel/tcg/translate-all.c:2511: page_check_range: 
Assertion `start < ((target_ulong)1 << L1_MAP_ADDR_SPACE_BITS)' failed.
  qemu:handle_cpu_signal received signal outside vCPU context @ pc=0x600014ef

  Testcase:

  #include <sys/mman.h>

  int main (void)
  {
    unsigned char v;
    return mincore ((void *) 0x00000010000000000, 1, &v);
  }

  Backtrace:

  #0  raise (sig=sig@entry=6) at ../sysdeps/unix/sysv/linux/raise.c:50
  #1  0x000000006000140a in abort () at abort.c:79
  #2  0x00000000600012ec in __assert_fail_base (
      fmt=0x6024eae8 "%s%s%s:%u: %s%sAssertion `%s' failed.\n%n", 
      assertion=0x601b9758 "start < ((target_ulong)1 << 
L1_MAP_ADDR_SPACE_BITS)", 
      file=0x601b9658 "/opt/qemu/accel/tcg/translate-all.c", line=2511, 
      function=0x601b9810 <__PRETTY_FUNCTION__.23867> "page_check_range") at 
assert.c:92
  #3  0x000000006010e10e in __assert_fail (
      assertion=assertion@entry=0x601b9758 "start < ((target_ulong)1 << 
L1_MAP_ADDR_SPACE_BITS)", file=file@entry=0x601b9658 
"/opt/qemu/accel/tcg/translate-all.c", line=line@entry=2511, 
      function=function@entry=0x601b9810 <__PRETTY_FUNCTION__.23867> 
"page_check_range")
      at assert.c:101
  #4  0x000000006003e916 in page_check_range (start=start@entry=1099511627776, 
len=len@entry=1, 
      flags=flags@entry=1) at /opt/qemu/accel/tcg/translate-all.c:2511
  #5  0x0000000060057717 in access_ok (size=1, addr=1099511627776, type=0)
      at /opt/qemu/linux-user/qemu.h:567
  #6  lock_user (copy=0, len=1, guest_addr=1099511627776, type=0)
      at /opt/qemu/linux-user/qemu.h:567
  #7  do_syscall (cpu_env=cpu_env@entry=0x622fca28, num=232, 
arg1=1099511627776, arg2=1, 
      arg3=274886298751, arg4=0, arg5=274886298808, arg6=66518, arg7=0, arg8=0)
      at /opt/qemu/linux-user/syscall.c:11635
  #8  0x0000000060066c5c in cpu_loop (env=env@entry=0x622fca28)
      at /opt/qemu/linux-user/riscv/cpu_loop.c:55
  #9  0x0000000060002156 in main (argc=<optimized out>, argv=0x7fffffffed68, 
      envp=<optimized out>) at /opt/qemu/linux-user/main.c:819

To manage notifications about this bug go to:
https://bugs.launchpad.net/qemu/+bug/1785203/+subscriptions

[Prev in Thread]

Current Thread

[Next in Thread]

[Bug 1785203] Re: accel/tcg/translate-all.c:2511: page_check_range: Assertion `start < ((target_ulong)1 << L1_MAP_ADDR_SPACE_BITS)' failed., Serge Belyshev <=

Prev by Date: Re: [PATCH] tests: fixes test-vmstate.c compile error on msys2
Next by Date: [Bug 1715573] Re: Android-x86_64 guest - "Could not disable RealTimeClock events (20160831/evxfevnt-267)"; UI sluggish, ACPI doesn't work with QEMU 2.10.0
Previous by thread: [Bug 1894361] [NEW] linux-user: syscall.c lacks pselect6_time64
Next by thread: [Bug 1715573] Re: Android-x86_64 guest - "Could not disable RealTimeClock events (20160831/evxfevnt-267)"; UI sluggish, ACPI doesn't work with QEMU 2.10.0
Index(es):
- Date
- Thread