files: 0.162
other: 0.154
semantic: 0.144
device: 0.088
graphic: 0.075
PID: 0.057
performance: 0.057
vnc: 0.049
permissions: 0.044
network: 0.042
socket: 0.041
boot: 0.036
debug: 0.031
KVM: 0.021
debug: 0.413
files: 0.223
other: 0.068
network: 0.051
PID: 0.048
performance: 0.039
semantic: 0.037
device: 0.026
graphic: 0.023
socket: 0.019
boot: 0.015
permissions: 0.014
vnc: 0.013
KVM: 0.010

qemu commit 80422b0: tcg.c crash in temp_load

As discussed in #1803160 I'm opening a new ticket for the new bug.

QEMU version:
-------------

qemu from git, master branch commit 80422b00196a7af4c6efb628fae0ad8b644e98af

Summary:
--------

TCG crashes in i386 and x86_64 when it tries to execute some specific illegal instructions. When running full OS emulation, both the guest system and QEMU crash.

$ qemu-i386 tcg_crash1.elf
/home/alberto/Documents/qemu/tcg/tcg.c:2863: tcg fatal error
qemu: uncaught target signal 11 (Segmentation fault) - core dumped
zsh: segmentation fault (core dumped) ./qemu/build/i386-linux-user/qemu-i386 tcg_crash1.elf

Invalid instructions:

f0 invalid
40 inc eax
a7 cmpsd dword [esi], dword ptr es:[edi]
48 dec eax

Testcase:
---------

Find ELF file attached.



(Still repros as of commit d37bfe142382fa82585.)


I've sent patch https://patchwork.ozlabs.org/patch/1068003/ to the list which fixes this. (There might be other failures to check for bogus LOCK prefixes elsewhere, though.)


The patch from comment #3 is now in git master and will be in the 4.0 release.