summary refs log tree commit diff stats
path: root/gitlab/issues/target_missing/host_missing/accel_missing/1775.toml
diff options
context:
space:
mode:
Diffstat (limited to 'gitlab/issues/target_missing/host_missing/accel_missing/1775.toml')
-rw-r--r--gitlab/issues/target_missing/host_missing/accel_missing/1775.toml69
1 files changed, 69 insertions, 0 deletions
diff --git a/gitlab/issues/target_missing/host_missing/accel_missing/1775.toml b/gitlab/issues/target_missing/host_missing/accel_missing/1775.toml
new file mode 100644
index 00000000..5e001dda
--- /dev/null
+++ b/gitlab/issues/target_missing/host_missing/accel_missing/1775.toml
@@ -0,0 +1,69 @@
+id = 1775
+title = "QEMU abort on Cortex-M breakpoint exception"
+state = "closed"
+created_at = "2023-07-21T10:46:20.631Z"
+closed_at = "2023-07-25T14:49:21.089Z"
+labels = []
+url = "https://gitlab.com/qemu-project/qemu/-/issues/1775"
+host-os = "Arch Linux"
+host-arch = "x86_64"
+qemu-version = "8.0.90 (v8.1.0-rc0-21-gd1181d2937), (commit d1181d29370a4318a9f11ea92065bea6bb159f83)"
+guest-os = "-"
+guest-arch = "ARM"
+description = """When a breakpoint exception is raised in a ARM Cortex-M board QEMU aborts.
+
+```
+$ qemu-system-arm --version
+QEMU emulator version 8.0.90 (v8.1.0-rc0-21-gd1181d2937)
+
+$ ./qemu-system-arm -M stm32vldiscovery -nographic -device loader,file=raw-bkpt.hex -d in_asm,exec,int 
+[...]
+Trace 0: 0x7fac6c000100 [00800400/0000000000000100/00000110/ff200000]
+----------------
+IN:
+0x00000110:  be01       bkpt     #1
+
+Linking TBs 0x7fac6c000100 index 0 -> 0x7fac6c0002c0
+Trace 0: 0x7fac6c0002c0 [00800400/0000000000000110/00000110/ff200000]
+qemu-system-arm: ../target/arm/helper.c:12224: arm_security_space_below_el3: Assertion `!arm_feature(env, ARM_FEATURE_M)' failed.
+```
+
+Expected behavior:
+```
+$ qemu-system-arm --version
+QEMU emulator version 7.1.0
+
+$ ./qemu-system-arm -M stm32vldiscovery -nographic -device loader,file=raw-bkpt.hex -d in_asm,exec,int 
+[...]
+Trace 0: 0x7f5408000100 [00800400/00000100/00000110/ff000000]
+----------------
+IN:
+0x00000110:  be01       bkpt     #1
+
+Linking TBs 0x7f5408000100 [00000100] index 0 -> 0x7f54080002c0 [00000110]
+Trace 0: 0x7f54080002c0 [00800400/00000110/00000110/ff000000]
+Taking exception 7 [Breakpoint] on CPU 0
+...BusFault with BFSR.STKERR
+...taking pending nonsecure exception 3
+...loading from element 3 of non-secure vector table at 0xc
+...loaded new PC 0x0
+----------------
+```"""
+reproduce = """1. Run any Cortex-M firmware that raises a breakpoint exception. (minimal example attached)"""
+additional = """- Minimal Reproducer:
+[raw-bkpt.hex](/uploads/b9289c6f3a4feef015c8a3dffb4fc467/raw-bkpt.hex)
+- This is **not** a duplicate of #1658 / #1740
+- Stacktrace:
+```
+#2  0x00007ffff5a68538 in abort () at /usr/lib/libc.so.6
+#3  0x00007ffff5a6845c in  () at /usr/lib/libc.so.6
+#4  0x00007ffff5a783d6 in  () at /usr/lib/libc.so.6
+#5  0x0000555555c55921 in arm_security_space_below_el3 (env=0x555556dc1b40) at ../target/arm/helper.c:12224
+#6  arm_security_space_below_el3 (env=env@entry=0x555556dc1b40) at ../target/arm/helper.c:12222
+#7  0x0000555555c48b08 in arm_is_secure_below_el3 (env=0x555556dc1b40) at ../target/arm/cpu.h:2465
+#8  arm_is_el2_enabled (env=0x555556dc1b40) at ../target/arm/cpu.h:2517
+#9  arm_debug_target_el (env=env@entry=0x555556dc1b40) at ../target/arm/debug_helper.c:24
+#10 0x0000555555c49cb5 in helper_exception_bkpt_insn (env=0x555556dc1b40, syndrome=0xe2000001) at ../target/arm/debug_helper.c:510
+#11 0x00007fffac0002d9 in code_gen_buffer ()
+[...]
+```"""