id = 1065
title = "cputlb: uninitialized local variable in tlb_set_page_with_attrs cause SIGSEGV when a CPU access an unmapped IOMMU page"
state = "closed"
created_at = "2022-06-06T10:59:39.807Z"
closed_at = "2022-06-21T23:33:14.892Z"
labels = ["Closed::Fixed", "accel: TCG"]
url = "https://gitlab.com/qemu-project/qemu/-/issues/1065"
host-os = "Any"
host-arch = "Any"
qemu-version = "n/a"
guest-os = "n/a"
guest-arch = "TCG-based"
description = """When a TCG cpu accesses an unmapped page within an IOMMU region that causes a translation fault, QEMU SIGSEGVs in `io_readx`.
The reason was that in `address_space_translate_for_iotlb`, `xlat` is not set on a permission fault.
As a result, `xlat` in `tlb_set_page_with_attr` is uninitialized. This in turn causes various mis-calculation and eventually crashes in `io_readx`."""
reproduce = "n/a"
additional = "n/a"