blob: 14b71e181b41b1144c94828b0bf3f51db7a681aa (
plain) (
blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
|
mistranslation: 0.473
device: 0.454
socket: 0.412
instruction: 0.399
vnc: 0.378
network: 0.288
semantic: 0.272
other: 0.247
boot: 0.200
assembly: 0.192
KVM: 0.133
graphic: 0.110
assertion failed at translate-all.c:2523 with version 3.1.1
I was trying to debug a userspace binary with radare2 and met the following assertion in qemu:
```
qemu-mipsel: /builddir/build/BUILD/qemu-3.1.1/accel/tcg/translate-all.c:2523: page_check_range: Assertion `start < ((target_ulong)1 << L1_MAP_ADDR_SPACE_BITS)' failed.
qemu:handle_cpu_signal received signal outside vCPU context @ pc=0x7fd1c11c5987
```
```
# qemu-mipsel --version
qemu-mipsel version 3.1.1 (qemu-3.1.1-2.fc30)
Copyright (c) 2003-2018 Fabrice Bellard and the QEMU Project developers
```
not much to add. seems like qemu is not properly checking for valid addresses
in order to reproduce the bug:
```
qemu-mipsel -g 1234 ch67
```
and then juste launch (after installing r2):
```
r2 -a mips -b 32 -d gdb://127.0.0.1:1234
```
qemu will crash
tested on fedora 30:
```
uname -a
Linux bigfoot.home.ak42.io 5.4.18-100.fc30.x86_64 #1 SMP Fri Feb 7 14:37:00 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux
```
Please try again with 4.2; there have been changes in this function.
indeed, works fine with 4.2
thanks
|