diff options
Diffstat (limited to 'gitlab/issues/target_i386/host_missing/accel_missing/1047.toml')
| -rw-r--r-- | gitlab/issues/target_i386/host_missing/accel_missing/1047.toml | 112 |
1 files changed, 112 insertions, 0 deletions
diff --git a/gitlab/issues/target_i386/host_missing/accel_missing/1047.toml b/gitlab/issues/target_i386/host_missing/accel_missing/1047.toml new file mode 100644 index 00000000..82d4b4aa --- /dev/null +++ b/gitlab/issues/target_i386/host_missing/accel_missing/1047.toml @@ -0,0 +1,112 @@ +id = 1047 +title = "Single stepping Windows 10 bootloader results in Assertion `ret < cpu->num_ases && ret >= 0' failed." +state = "opened" +created_at = "2022-05-29T20:26:39.099Z" +closed_at = "n/a" +labels = ["target: i386"] +url = "https://gitlab.com/qemu-project/qemu/-/issues/1047" +host-os = "Debian 11" +host-arch = "x86_64" +qemu-version = "QEMU emulator version 7.0.0" +guest-os = "Windows 10" +guest-arch = "x64" +description = """When I am trying to debug Windows bootloader, I see an assertion error in QEMU when single stepping some instructions in SeaBIOS. + +``` +qemu-system-i386: ../hw/core/cpu-sysemu.c:77: cpu_asidx_from_attrs: Assertion `ret < cpu->num_ases && ret >= 0' failed. +```""" +reproduce = """1. Download / construct `w.img`, see above +2. Start QEMU using `./qemu-system-i386 --drive media=disk,file=w.img,format=raw,index=1 -s -S -enable-kvm` +3. Start GDB using `gdb --ex 'target remote :::1234' --ex 'hb *0x7c00' --ex c --ex 'si 1000' --ex q` +4. See error message""" +additional = """The GDB script first breaks at 0x7c00, then tries to execute 1000 instructions using single step (`si`). On my machine, after executing around 772 instructions, the assertion error in QEMU happens. +Here is an interactive GDB session on my machine. + +``` +(gdb) hb *0x7c00 +Hardware assisted breakpoint 1 at 0x7c00 +(gdb) c +Continuing. + +Breakpoint 1, 0x00007c00 in ?? () +(gdb) d +Delete all breakpoints? (y or n) y +(gdb) si 770 +0x000f7d7b in ?? () +(gdb) x/10i $eip +=> 0xf7d7b:\tmov $0x7d85,%ebx + 0xf7d80:\tout %al,$0xb2 + 0xf7d82:\tpause + 0xf7d84:\thlt + 0xf7d85:\tmov %bp,%sp + 0xf7d88:\tjmp 0xf7dd1 + 0xf7d8a:\tmov %cx,%si + 0xf7d8d:\tmov $0x1,%ax + 0xf7d91:\tadd %al,(%eax) + 0xf7d93:\tcallw 0x6b66 +(gdb) si +0x000f7d80 in ?? () +(gdb) info reg +eax 0xb5 181 +ecx 0x5678 22136 +edx 0x0 0 +ebx 0x7d85 32133 +esp 0xe96d4 0xe96d4 +ebp 0xfed4 0xfed4 +esi 0xe0346 918342 +edi 0xefd91 982417 +eip 0xf7d80 0xf7d80 +eflags 0x6 [ IOPL=0 PF ] +cs 0x8 8 +ss 0x10 16 +ds 0x10 16 +es 0x10 16 +fs 0x10 16 +gs 0x10 16 +fs_base 0x0 0 +gs_base 0x0 0 +k_gs_base 0x0 0 +cr0 0x11 [ ET PE ] +cr2 0x0 0 +cr3 0x0 [ PDBR=0 PCID=0 ] +cr4 0x0 [ ] +cr8 0x0 0 +efer 0x0 [ ] +... +mxcsr 0x1f80 [ IM DM ZM OM UM PM ] +(gdb) si +0x000f7d82 in ?? () +(gdb) info reg +eax 0xb5 181 +ecx 0x5678 22136 +edx 0x0 0 +ebx 0x7d85 32133 +esp 0xe96d4 0xe96d4 +ebp 0xfed4 0xfed4 +esi 0xe0346 918342 +edi 0xefd91 982417 +eip 0xf7d82 0xf7d82 +eflags 0x6 [ IOPL=0 PF ] +cs 0x8 8 +ss 0x10 16 +ds 0x10 16 +es 0x10 16 +fs 0x10 16 +gs 0x10 16 +fs_base 0x0 0 +gs_base 0x0 0 +k_gs_base 0x0 0 +cr0 0x11 [ ET PE ] +cr2 0x0 0 +cr3 0x0 [ PDBR=0 PCID=0 ] +cr4 0x0 [ ] +cr8 0x0 0 +efer 0x0 [ ] +... +mxcsr 0x1f80 [ IM DM ZM OM UM PM ] +(gdb) si +Remote connection closed +(gdb) +``` + +This bug was first incorrectly filed in KVM's bug tracker at <https://bugzilla.kernel.org/show_bug.cgi?id=216003>.""" |