diff options
| author | Christian Krinitsin <mail@krinitsin.com> | 2025-06-30 12:24:58 +0000 |
|---|---|---|
| committer | Christian Krinitsin <mail@krinitsin.com> | 2025-06-30 12:27:06 +0000 |
| commit | 33606b41d35115f887ea688b1a16f2ff85bf2fe4 (patch) | |
| tree | 406b2c7b19a087ba437c68f3dbf0b589fa1d6150 /results/scraper/launchpad-without-comments/1915535 | |
| parent | adedf8771bc4de3113041ca21bd4d0d1c0014b6a (diff) | |
| download | emulator-bug-study-33606b41d35115f887ea688b1a16f2ff85bf2fe4.tar.gz emulator-bug-study-33606b41d35115f887ea688b1a16f2ff85bf2fe4.zip | |
add launchpad bug reports without comments
Diffstat (limited to 'results/scraper/launchpad-without-comments/1915535')
| -rw-r--r-- | results/scraper/launchpad-without-comments/1915535 | 68 |
1 files changed, 68 insertions, 0 deletions
diff --git a/results/scraper/launchpad-without-comments/1915535 b/results/scraper/launchpad-without-comments/1915535 new file mode 100644 index 00000000..d645e0bc --- /dev/null +++ b/results/scraper/launchpad-without-comments/1915535 @@ -0,0 +1,68 @@ +Assertion `child->perm & BLK_PERM_WRITE' failed in bdrv_co_write_req_prepare through atapi + +Maybe this is a duplicate of https://bugs.launchpad.net/qemu/+bug/1906693 ... +In any case, ATAPI is probably a lot more common than megasas, so this might be a more useful reproducer + +==Reproducer== + +cat << EOF | ./qemu-system-i386 -display none \ +-m 512M -machine q35 -nodefaults \ +-drive file=null-co://,if=none,format=raw,id=disk0 \ +-device ide-cd,drive=disk0 -machine accel=qtest -qtest stdio +outl 0xcf8 0x8000fa24 +outl 0xcfc 0xe0000000 +outl 0xcf8 0x8000fa04 +outw 0xcfc 0x06 +write 0xe0000398 0x1 0x01 +write 0x63 0x1 0x06 +write 0x68 0x1 0x06 +write 0x69 0x1 0xf8 +write 0x6a 0x1 0xff +write 0xfff806 0x1 0x27 +write 0xfff807 0x1 0x80 +write 0xfff808 0x1 0x61 +write 0x1005734 0x1 0x3f +write 0x1005774 0x1 0x20 +write 0x1005784 0x1 0x34 +write 0x10057a4 0x1 0x27 +write 0x10057b4 0x1 0x3f +write 0x10057c3 0x1 0xce +write 0x10057d4 0x1 0x1a +write 0x10057e3 0x1 0xff +write 0x10057e4 0x1 0x3f +write 0x10057f4 0x1 0x38 +write 0x1005814 0x1 0x3e +write 0x1005823 0x1 0x60 +write 0x1005824 0x1 0x2d +write 0x1005833 0x1 0x74 +write 0x1005834 0x1 0x01 +write 0x1005863 0x1 0xff +write 0x1005883 0x1 0x5a +write 0x1005884 0x1 0x06 +write 0xe00003b8 0x1 0x08 +EOF + + +==Stack Trace== +i386: ahci: PRDT length for NCQ command (0x0) is smaller than the requested size (0x5a00) +qemu-fuzz-i386-target-generic-fuzz-ahci-atapi: ../block/io.c:1982: int +bdrv_co_write_req_prepare(BdrvChild *, int64_t, int64_t, BdrvTrackedRequest +*, int): Assertion `child->perm & BLK_PERM_WRITE' failed. +==279048== ERROR: libFuzzer: deadly signal +#0 0x560c92718f50 in __sanitizer_print_stack_trace /src/llvm-project/compiler-rt/lib/ubsan/ubsan_diag_standalone.cpp:33:3 +#1 0x560c926c2f98 in fuzzer::PrintStackTrace() /src/llvm-project/compiler-rt/lib/fuzzer/FuzzerUtil.cpp:210:5 +#2 0x560c926a7fd3 in fuzzer::Fuzzer::CrashCallback() /src/llvm-project/compiler-rt/lib/fuzzer/FuzzerLoop.cpp:233:3 +#3 0x7ff7d707038f in libpthread.so.0 +#4 0x7ff7d66a8437 in raise +#5 0x7ff7d66aa039 in abort +#6 0x7ff7d66a0be6 in libc.so.6 +#7 0x7ff7d66a0c91 in __assert_fail +#8 0x560c92f4fc79 in bdrv_co_write_req_prepare /src/qemu/block/io.c:1982:13 +#9 0x560c92f4c974 in bdrv_aligned_pwritev /src/qemu/block/io.c:2065:11 +#10 0x560c92f4b937 in bdrv_co_pwritev_part /src/qemu/block/io.c:2270:11 +#11 0x560c92f392e7 in blk_do_pwritev_part /src/qemu/block/block-backend.c:1260:11 +#12 0x560c92f39a55 in blk_aio_write_entry /src/qemu/block/block-backend.c:1476:17 +#13 0x560c930d19d5 in coroutine_trampoline /src/qemu/util/coroutine-ucontext.c:173:9 +#14 0x7ff7d66bd5df in libc.so.6 + +OSS-Fuzz link: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=30857 \ No newline at end of file |