[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Bug 1890333] Re: [OSS-Fuzz] Issue 26797: qemu:qemu-fuzz-i386-target-gen
|
From: |
Thomas Huth |
|
Subject: |
[Bug 1890333] Re: [OSS-Fuzz] Issue 26797: qemu:qemu-fuzz-i386-target-generic-fuzz-virtio-blk: ASSERT: addr < cache->len && 2 <= cache->len - addr |
|
Date: |
Thu, 10 Dec 2020 09:02:06 -0000 |
Fix in commit 2d69eba5fe52045b2c8b0d04fd3806414352afc1
** Changed in: qemu
Status: New => Fix Released
--
You received this bug notification because you are a member of qemu-
devel-ml, which is subscribed to QEMU.
https://bugs.launchpad.net/bugs/1890333
Title:
[OSS-Fuzz] Issue 26797: qemu:qemu-fuzz-i386-target-generic-fuzz-
virtio-blk: ASSERT: addr < cache->len && 2 <= cache->len - addr
Status in QEMU:
Fix Released
Bug description:
Hello,
Reproducer:
cat << EOF | ./i386-softmmu/qemu-system-i386 \
-drive id=mydrive,file=null-co://,size=2M,format=raw,if=none \
-device virtio-blk,drive=mydrive \
-nodefaults -qtest stdio -nographic
outl 0xcf8 0x80001001
outl 0xcfc 0x6574c1ff
outl 0xcf8 0x8000100e
outl 0xcfc 0xefe5e1e
outl 0xe86 0x3aff9090
outl 0xe84 0x3aff9090
outl 0xe8e 0xe
EOF
qemu-system-i386:
/home/alxndr/Development/qemu/general-fuzz/include/exec/memory_ldst_cached.inc.h:88:
void address_space_stw_le_cached(MemoryRegionCache *, hwaddr, uint32_t,
MemTxAttrs, MemTxResult *): Assertion `addr < cache->len && 2 <= cache->len -
addr' failed.
Aborted
I can trigger similar assertions with other VIRTIO devices, as-well.
I reported this at some point in Message-ID:
<20200511033001.dzvtbdhl3oz5pgiy@mozz.bu.edu> but never created a Launchpad
issue...
-Alex
To manage notifications about this bug go to:
https://bugs.launchpad.net/qemu/+bug/1890333/+subscriptions
- [Bug 1890333] Re: [OSS-Fuzz] Issue 26797: qemu:qemu-fuzz-i386-target-generic-fuzz-virtio-blk: ASSERT: addr < cache->len && 2 <= cache->len - addr,
Thomas Huth <=