qemu-devel
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [RFC PATCH 0/2] exec: Fix (too) short device accesses

From: Philippe Mathieu-Daudé
Subject: Re: [RFC PATCH 0/2] exec: Fix (too) short device accesses
Date: Sun, 17 May 2020 17:50:09 +0200
User-agent: Mozilla/5.0 (X11; Linux x86_64; rv:68.0) Gecko/20100101 Thunderbird/68.5.0 
On 5/17/20 3:51 PM, address@hidden wrote:

Patchew URL: https://patchew.org/QEMU/address@hidden/



Hi,

This series failed the docker-quick@centos7 build test. Please find the testing 
commands and
their output below. If you have Docker installed, you can probably reproduce it
locally.

=== TEST SCRIPT BEGIN ===
#!/bin/bash
make docker-image-centos7 V=1 NETWORK=1
time make docker-test-quick@centos7 SHOW_ENV=1 J=14 NETWORK=1
=== TEST SCRIPT END ===

   TEST    check-qtest-x86_64: tests/qtest/tpm-crb-swtpm-test
   TEST    check-qtest-x86_64: tests/qtest/tpm-crb-test
**
ERROR:/tmp/qemu-test/src/tests/qtest/tpm-crb-test.c:53:tpm_crb_test: assertion failed 
(caddr > TPM_CRB_ADDR_BASE): (-1 > 4275306496)
ERROR - Bail out! 
ERROR:/tmp/qemu-test/src/tests/qtest/tpm-crb-test.c:53:tpm_crb_test: assertion failed 
(caddr > TPM_CRB_ADDR_BASE): (-1 > 4275306496)
make: *** [check-qtest-x86_64] Error 1
make: *** Waiting for unfinished jobs....
qemu-system-aarch64: -accel kvm: invalid accelerator kvm
qemu-system-aarch64: falling back to tcg
---
   TEST    check-qtest-aarch64: tests/qtest/test-hmp
   TEST    check-qtest-aarch64: tests/qtest/qos-test
**
ERROR:/tmp/qemu-test/src/tests/qtest/sdhci-test.c:42:check_capab_capareg: 
assertion failed (capab == expec_capab): (0xffffffffffffffff == 0x280737ec6481)
ERROR - Bail out! 
ERROR:/tmp/qemu-test/src/tests/qtest/sdhci-test.c:42:check_capab_capareg: 
assertion failed (capab == expec_capab): (0xffffffffffffffff == 0x280737ec6481)
make: *** [check-qtest-aarch64] Error 1
In both cases we abuse of 64-bit access to do 2x 32-bit ones, and there is no check of MEMTX_ERROR.
Actually since the memory transaction attributes are quite recent (2015), in most of the code there is no error check. 

Quick grep for ignored return value:
hw/vfio/pci-quirks.c:1061: memory_region_dispatch_write(&vdev->pdev.msix_table_mmio, hw/vfio/pci-quirks.c:1093: memory_region_dispatch_read(&vdev->pdev.msix_table_mmio, offset, hw/virtio/virtio-pci.c:556: memory_region_dispatch_write(mr, addr, val, size_memop(len) | MO_LE, hw/virtio/virtio-pci.c:580: memory_region_dispatch_read(mr, addr, &val, size_memop(len) | MO_LE, 

address_space_stl*(..., MemTxResult *result) with result = NULL:
hw/arm/aspeed.c:166: address_space_stl_notdirty(as, AST_SMP_MBOX_FIELD_GOSIGN, 0, 
hw/arm/boot.c:282:    address_space_stl_notdirty(as, info->smp_bootreg_addr,
hw/arm/boot.c:293:    address_space_stl_notdirty(as, p, value, \
hw/arm/highbank.c:91: address_space_stl_notdirty(&address_space_memory, hw/arm/highbank.c:95: address_space_stl_notdirty(&address_space_memory, hw/arm/highbank.c:99: address_space_stl_notdirty(&address_space_memory, hw/i386/amd_iommu.c:162: address_space_stl_le(&address_space_memory, msg.address, msg.data, hw/pci/msi.c:340: address_space_stl_le(&dev->bus_master_as, msg.address, msg.data, hw/s390x/css.c:1539: address_space_stl(&address_space_memory, sch->curr_status.mba, count, hw/sh4/r2d.c:330: address_space_stl(&address_space_memory, SH7750_BCR1, 1 << 3, target/i386/helper.c:1141: address_space_stl_notdirty(as, addr, val, attrs, NULL); 
target/i386/helper.c:1161:    address_space_stl(as, addr, val, attrs, NULL);
target/i386/misc_helper.c:82: address_space_stl(&address_space_io, port, data, target/xtensa/op_helper.c:214: address_space_stl(env->address_space_er, addr, data,
reply via email to
[Prev in Thread] Current Thread [Next in Thread]