diff options
| author | Christian Krinitsin <mail@krinitsin.com> | 2025-06-30 12:24:58 +0000 |
|---|---|---|
| committer | Christian Krinitsin <mail@krinitsin.com> | 2025-06-30 12:27:06 +0000 |
| commit | 33606b41d35115f887ea688b1a16f2ff85bf2fe4 (patch) | |
| tree | 406b2c7b19a087ba437c68f3dbf0b589fa1d6150 /results/scraper/launchpad-without-comments/1905444 | |
| parent | adedf8771bc4de3113041ca21bd4d0d1c0014b6a (diff) | |
| download | emulator-bug-study-33606b41d35115f887ea688b1a16f2ff85bf2fe4.tar.gz emulator-bug-study-33606b41d35115f887ea688b1a16f2ff85bf2fe4.zip | |
add launchpad bug reports without comments
Diffstat (limited to 'results/scraper/launchpad-without-comments/1905444')
| -rw-r--r-- | results/scraper/launchpad-without-comments/1905444 | 46 |
1 files changed, 46 insertions, 0 deletions
diff --git a/results/scraper/launchpad-without-comments/1905444 b/results/scraper/launchpad-without-comments/1905444 new file mode 100644 index 00000000..7dac6887 --- /dev/null +++ b/results/scraper/launchpad-without-comments/1905444 @@ -0,0 +1,46 @@ +[OSS-Fuzz] Issue 27796 in oss-fuzz: qemu:qemu-fuzz-i386-target-generic-fuzz-xhci: Stack-overflow in address_space_stl_internal + + affects qemu + +OSS-Fuzz Report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=27796 + +=== Reproducer (build with --enable-sanitizers) === +cat << EOF | ./qemu-system-i386 -display none -machine accel=qtest, \ +-m 512M -machine q35 -nodefaults \ +-drive file=null-co://,if=none,format=raw,id=disk0 \ +-device qemu-xhci,id=xhci -device usb-tablet,bus=xhci.0 \ +-qtest-log none -qtest stdio +outl 0xcf8 0x80000803 +outw 0xcfc 0x5e46 +outl 0xcf8 0x80000810 +outl 0xcfc 0xff5a5e46 +write 0xff5a5020 0x6 0xffffffff0b70 +outl 0xcf8 0x80000893 +outb 0xcfc 0x93 +writel 0xff5a7000 0xff5a5020 +write 0xff5a700c 0x4 0x0c0c2e58 +write 0xff5a4040 0x4 0x00d26001 +write 0xff5a4044 0x4 0x0000030 +EOF + +=== Stack Trace === +==50473==ERROR: AddressSanitizer: stack-overflow on address 0x7ffe3ec97e28 (pc 0x55e292eac159 bp 0x7ffe3ec98670 sp 0x7ffe3ec97e30 T0) +#0 0x55e292eac159 in __asan_memcpy (u-system-i386+0x2a0e159) +#1 0x55e2944bc04e in flatview_do_translate softmmu/physmem.c:513:12 +#2 0x55e2944dbe90 in flatview_translate softmmu/physmem.c:563:15 +#3 0x55e2944dbe90 in address_space_translate include/exec/memory.h:2362:12 +#4 0x55e2944dbe90 in address_space_stl_internal memory_ldst.c.inc:316:10 +#5 0x55e29393d2a0 in xhci_intr_update hw/usb/hcd-xhci.c:554:13 +#6 0x55e29393efb9 in xhci_runtime_write hw/usb/hcd-xhci.c:3032:9 +#7 0x55e294230428 in memory_region_write_accessor softmmu/memory.c:484:5 +#8 0x55e29422fe63 in access_with_adjusted_size softmmu/memory.c:545:18 +#9 0x55e29422f6fc in memory_region_dispatch_write softmmu/memory.c +#10 0x55e2944dc03c in address_space_stl_internal memory_ldst.c.inc:319:13 +#11 0x55e29393d2a0 in xhci_intr_update hw/usb/hcd-xhci.c:554:13 +#12 0x55e29393efb9 in xhci_runtime_write hw/usb/hcd-xhci.c:3032:9 +#13 0x55e294230428 in memory_region_write_accessor softmmu/memory.c:484:5 +#14 0x55e29422fe63 in access_with_adjusted_size softmmu/memory.c:545:18 +#15 0x55e29422f6fc in memory_region_dispatch_write softmmu/memory.c +#16 0x55e2944dc03c in address_space_stl_internal memory_ldst.c.inc:319:13 +#17 0x55e29393d2a0 in xhci_intr_update hw/usb/hcd-xhci.c:554:13 +#18 0x55e29393efb9 in xhci_runtime_write hw/usb/hcd-xhci.c:3032:9 |