[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Bug 1890333] Re: [OSS-Fuzz] Issue 26797: qemu:qemu-fuzz-i386-target-gen
From: |
Qiuhao Li |
Subject: |
[Bug 1890333] Re: [OSS-Fuzz] Issue 26797: qemu:qemu-fuzz-i386-target-generic-fuzz-virtio-blk: ASSERT: addr < cache->len && 2 <= cache->len - addr |
Date: |
Tue, 15 Dec 2020 15:04:07 -0000 |
There is a new bug that fails the same assertion, and maybe its minimized
producer will help:
https://bugs.launchpad.net/qemu/+bug/1908062
--
You received this bug notification because you are a member of qemu-
devel-ml, which is subscribed to QEMU.
https://bugs.launchpad.net/bugs/1890333
Title:
[OSS-Fuzz] Issue 26797: qemu:qemu-fuzz-i386-target-generic-fuzz-
virtio-blk: ASSERT: addr < cache->len && 2 <= cache->len - addr
Status in QEMU:
Fix Released
Bug description:
Hello,
Reproducer:
cat << EOF | ./i386-softmmu/qemu-system-i386 \
-drive id=mydrive,file=null-co://,size=2M,format=raw,if=none \
-device virtio-blk,drive=mydrive \
-nodefaults -qtest stdio -nographic
outl 0xcf8 0x80001001
outl 0xcfc 0x6574c1ff
outl 0xcf8 0x8000100e
outl 0xcfc 0xefe5e1e
outl 0xe86 0x3aff9090
outl 0xe84 0x3aff9090
outl 0xe8e 0xe
EOF
qemu-system-i386:
/home/alxndr/Development/qemu/general-fuzz/include/exec/memory_ldst_cached.inc.h:88:
void address_space_stw_le_cached(MemoryRegionCache *, hwaddr, uint32_t,
MemTxAttrs, MemTxResult *): Assertion `addr < cache->len && 2 <= cache->len -
addr' failed.
Aborted
I can trigger similar assertions with other VIRTIO devices, as-well.
I reported this at some point in Message-ID:
<20200511033001.dzvtbdhl3oz5pgiy@mozz.bu.edu> but never created a Launchpad
issue...
-Alex
To manage notifications about this bug go to:
https://bugs.launchpad.net/qemu/+bug/1890333/+subscriptions