files: 0.842
device: 0.760
graphic: 0.730
socket: 0.633
performance: 0.629
PID: 0.606
semantic: 0.561
network: 0.547
permissions: 0.534
other: 0.532
vnc: 0.505
boot: 0.464
debug: 0.248
KVM: 0.233

qemu commit 80422b0: tcg.c crash in temp_load

As discussed in #1803160 I'm opening a new ticket for the new bug.

QEMU version:
-------------

qemu from git, master branch commit 80422b00196a7af4c6efb628fae0ad8b644e98af

Summary:
--------

TCG crashes in i386 and x86_64 when it tries to execute some specific illegal instructions. When running full OS emulation, both the guest system and QEMU crash.

$ qemu-i386 tcg_crash1.elf
/home/alberto/Documents/qemu/tcg/tcg.c:2863: tcg fatal error
qemu: uncaught target signal 11 (Segmentation fault) - core dumped
zsh: segmentation fault (core dumped) ./qemu/build/i386-linux-user/qemu-i386 tcg_crash1.elf

Invalid instructions:

f0 invalid
40 inc eax
a7 cmpsd dword [esi], dword ptr es:[edi]
48 dec eax

Testcase:
---------

Find ELF file attached.



(Still repros as of commit d37bfe142382fa82585.)


I've sent patch https://patchwork.ozlabs.org/patch/1068003/ to the list which fixes this. (There might be other failures to check for bogus LOCK prefixes elsewhere, though.)


The patch from comment #3 is now in git master and will be in the 4.0 release.