From 9260319e7411ff8281700a532caa436f40120ec4 Mon Sep 17 00:00:00 2001 From: Christian Krinitsin Date: Fri, 30 May 2025 16:52:07 +0200 Subject: gitlab scraper: download in toml and text format --- .../target_arm/host_missing/accel_TCG/925.toml | 28 ---------------------- 1 file changed, 28 deletions(-) delete mode 100644 gitlab/issues/target_arm/host_missing/accel_TCG/925.toml (limited to 'gitlab/issues/target_arm/host_missing/accel_TCG/925.toml') diff --git a/gitlab/issues/target_arm/host_missing/accel_TCG/925.toml b/gitlab/issues/target_arm/host_missing/accel_TCG/925.toml deleted file mode 100644 index b7174c4f..00000000 --- a/gitlab/issues/target_arm/host_missing/accel_TCG/925.toml +++ /dev/null @@ -1,28 +0,0 @@ -id = 925 -title = "AArch64 SVE2 LD/ST instructions segfault on MMIO addresses" -state = "closed" -created_at = "2022-03-21T15:55:15.875Z" -closed_at = "2022-03-26T10:19:10.583Z" -labels = ["Closed::Fixed", "accel: TCG", "kind::Bug", "target: arm"] -url = "https://gitlab.com/qemu-project/qemu/-/issues/925" -host-os = "n/a" -host-arch = "AArch64" -qemu-version = "version 6.2.0" -guest-os = "n/a" -guest-arch = "AArch64" -description = """During execution of the following SVE2 instruction: `ld1b {z9.s}, p2/z, [x17, z26.s, sxtw]` with the following register state: -``` -(gdb) p $x17 -$1 = 0xffffffe2 -(gdb) p $z26.s.u -$2 = {0x0 } -(gdb) p $p2 -$3 = {0xc4, 0x0, 0x9d, 0x0, 0xe5, 0x0, 0x83, 0x0, 0x80, 0xce, 0x3f, 0x3, 0x0, 0x0, 0x0, 0x0, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x56, 0x1a, 0x6e, 0x0, 0x0, 0x0, 0x0, 0x0, 0xf0, 0xd8, 0x96, 0xee, 0xfc, 0x7f, 0x0, 0x0, 0x50, 0xce, 0x94, 0x1, 0x0, 0x0, 0x0, 0x0, 0xf0, 0xd8, 0x96, 0xee, 0xfc, 0x7f, 0x0, 0x0, 0x10, 0x38, 0x40, 0x3, 0x0, 0x0, 0x0, 0x0} -``` -QEMU segfaults due to a null pointer access. Note that after translation this address is an MMIO address that points to a UART device.""" -reproduce = "n/a" -additional = """A quick look at the implementation of the SVE2 load/store host memory access functions I've noticed that the `TLB_MMIO` flag is ignored in `sve_probe_page`, which means that users use the (null) host address as if it was pointing to real memory. This function (or the ones above it) should (probably) throw the appropriate external data abort, otherwise this needs to be instrumented to support reading from MMIO mapped devices. - -
Reproducer seed for my future self -S6008340160849309262|Q|cd4t|pq|w5|lK124 -
""" -- cgit 1.4.1