在 2022/5/25 6:41, Richard Henderson 写道:
On 5/24/22 15:32, Richard Henderson wrote:
When the syntax errors are fixed, it does not pass "make check".
When I configure with --enable-debug --enable-sanitizers I get
I got the same error.
The 'make check ' result:
Summary of Failures:
95/117 qemu:qtest+qtest-loongarch64 /
qtest-loongarch64/device-introspect-test ERROR 1.20s killed by
signal 6 SIGABRT
Ok: 114
Expected Fail: 0
Fail: 1
Unexpected Pass: 0
Skipped: 2
Timeout: 0
We will fix this error as soon as possible. And what necessary tests
do we need to do?
'mak check-tcg' , 'make check' and 'make docker-test-build', these are
we know so far.
I also see the wiki [1], should we need tests all of them? Could you
give us some advice?
[1] : https://wiki.qemu.org/Testing#Tests_included_in_the_QEMU_source
Thanks.
Xiaojuan
$ QTEST_QEMU_BINARY='./qemu-system-loongarch64'
./tests/qtest/device-introspect-test -v
...
# Testing device 'loongarch_ipi'
=================================================================
==911066==ERROR: AddressSanitizer: heap-buffer-overflow on address
0x613000093550 at pc 0x7f97cb425c23 bp 0x7ffe6583f4f0 sp 0x7ffe6583ec98
WRITE of size 8 at 0x613000093550 thread T0
#0 0x7f97cb425c22 in __interceptor_memset
../../../../src/libsanitizer/sanitizer_common/sanitizer_common_interceptors.inc:799
#1 0x562b21b23916 in qdev_init_gpio_out_named
../qemu/hw/core/gpio.c:85
#2 0x562b21b23b89 in qdev_init_gpio_out ../qemu/hw/core/gpio.c:101
#3 0x562b22562d77 in loongarch_ipi_init
../qemu/hw/intc/loongarch_ipi.c:187
#4 0x562b22992ef0 in object_init_with_type ../qemu/qom/object.c:377
#5 0x562b2299445f in object_initialize_with_type
../qemu/qom/object.c:519
#6 0x562b22995b54 in object_new_with_type ../qemu/qom/object.c:734
#7 0x562b22995c6d in object_new ../qemu/qom/object.c:749
#8 0x562b22ddc1d3 in qmp_device_list_properties
../qemu/qom/qom-qmp-cmds.c:146
#9 0x562b22f4ad2c in qmp_marshal_device_list_properties
qapi/qapi-commands-qdev.c:66
#10 0x562b22fa7ab6 in do_qmp_dispatch_bh
../qemu/qapi/qmp-dispatch.c:128
#11 0x562b230354b1 in aio_bh_call ../qemu/util/async.c:142
#12 0x562b23035c09 in aio_bh_poll ../qemu/util/async.c:170
#13 0x562b22fd6531 in aio_dispatch ../qemu/util/aio-posix.c:421
#14 0x562b2303714c in aio_ctx_dispatch ../qemu/util/async.c:312
#15 0x7f97caafdd1a in g_main_dispatch ../../../glib/gmain.c:3417
#16 0x7f97caafdd1a in g_main_context_dispatch
../../../glib/gmain.c:4135
#17 0x562b23089479 in glib_pollfds_poll ../qemu/util/main-loop.c:297
#18 0x562b23089663 in os_host_main_loop_wait
../qemu/util/main-loop.c:320
#19 0x562b23089968 in main_loop_wait ../qemu/util/main-loop.c:596
#20 0x562b2223edf5 in qemu_main_loop ../qemu/softmmu/runstate.c:726
#21 0x562b21965c69 in qemu_main ../qemu/softmmu/main.c:36
#22 0x562b21965c9e in main ../qemu/softmmu/main.c:45
#23 0x7f97c9354d8f in __libc_start_call_main
../sysdeps/nptl/libc_start_call_main.h:58
#24 0x7f97c9354e3f in __libc_start_main_impl ../csu/libc-start.c:392
#25 0x562b21965b74 in _start
(/home/rth/chroot-home/bld-x/qemu-system-loongarch64+0x21b0b74)
0x613000093550 is located 48 bytes to the left of 376-byte region
[0x613000093580,0x6130000936f8)
allocated by thread T0 here:
#0 0x7f97cb4a0a37 in __interceptor_calloc
../../../../src/libsanitizer/asan/asan_malloc_linux.cpp:154
#1 0x7f97cab06c40 in g_malloc0 ../../../glib/gmem.c:155
#2 0x562b2298fef0 in type_register_internal ../qemu/qom/object.c:143
#3 0x562b2298ffcd in type_register ../qemu/qom/object.c:152
#4 0x562b2199c281 in qemu_console_early_init
../qemu/ui/console.c:2719
#5 0x562b2224d16e in qemu_create_early_backends
../qemu/softmmu/vl.c:1975
#6 0x562b222565ef in qemu_init ../qemu/softmmu/vl.c:3674
#7 0x562b21965c64 in qemu_main ../qemu/softmmu/main.c:35
#8 0x562b21965c9e in main ../qemu/softmmu/main.c:45
#9 0x7f97c9354d8f in __libc_start_call_main
../sysdeps/nptl/libc_start_call_main.h:58
SUMMARY: AddressSanitizer: heap-buffer-overflow
../../../../src/libsanitizer/sanitizer_common/sanitizer_common_interceptors.inc:799
in __interceptor_memset
Shadow bytes around the buggy address:
0x0c268000a650: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0x0c268000a660: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fa
0x0c268000a670: fa fa fa fa fa fa fa fa 00 00 00 00 00 00 00 00
0x0c268000a680: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0x0c268000a690: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
=>0x0c268000a6a0: 00 00 00 00 fa fa fa fa fa fa[fa]fa fa fa fa fa
0x0c268000a6b0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0x0c268000a6c0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0x0c268000a6d0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fa
0x0c268000a6e0: fa fa fa fa fa fa fa fa 00 00 00 00 00 00 00 00
0x0c268000a6f0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Shadow byte legend (one shadow byte represents 8 application bytes):
Addressable: 00
Partially addressable: 01 02 03 04 05 06 07
Heap left redzone: fa
Freed heap region: fd
Stack left redzone: f1
Stack mid redzone: f2
Stack right redzone: f3
Stack after return: f5
Stack use after scope: f8
Global redzone: f9
Global init order: f6
Poisoned by user: f7
Container overflow: fc
Array cookie: ac
Intra object redzone: bb
ASan internal: fe
Left alloca redzone: ca
Right alloca redzone: cb
Shadow gap: cc
==911066==ABORTING
