summary refs log tree commit diff stats
path: root/results/classifier/108/other/1907042
diff options
context:
space:
mode:
Diffstat (limited to 'results/classifier/108/other/1907042')
-rw-r--r--results/classifier/108/other/190704267
1 files changed, 67 insertions, 0 deletions
diff --git a/results/classifier/108/other/1907042 b/results/classifier/108/other/1907042
new file mode 100644
index 00000000..19b42755
--- /dev/null
+++ b/results/classifier/108/other/1907042
@@ -0,0 +1,67 @@
+permissions: 0.838
+performance: 0.749
+device: 0.708
+other: 0.661
+graphic: 0.652
+files: 0.648
+KVM: 0.631
+socket: 0.588
+semantic: 0.578
+vnc: 0.575
+boot: 0.572
+debug: 0.569
+PID: 0.566
+network: 0.540
+
+assert issue locates in hw/usb/core.c:727: usb_ep_get: Assertion `pid == USB_TOKEN_IN || pid == USB_TOKEN_OUT' failed 
+
+Hello,
+
+An assertion failure was found in hw/usb/core.c:727 in latest version 5.2.0.
+
+Reproduced environment is as follows:
+    Host: ubuntu 18.04
+    Guest: ubuntu 18.04
+
+QEMU boot command line:
+qemu-system-x86_64 -enable-kvm -boot c -m 4G -drive format=qcow2,file=./ubuntu.img -nic user,hostfwd=tcp:0.0.0.0:5555-:22 -device pci-ohci,id=ohci -device usb-tablet,bus=ohci.0,port=1,id=usbdev1 -trace usb\*
+
+Backtrace is as follows:
+#0  0x00007f13fff14438 in __GI_raise (sig=sig@entry=6) at ../sysdeps/unix/sysv/linux/raise.c:54
+#1  0x00007f13fff1603a in __GI_abort () at abort.c:89
+#2  0x00007f13fff0cbe7 in __assert_fail_base (fmt=<optimized out>, assertion=assertion@entry=0x55f97745ffe0 "pid == USB_TOKEN_IN || pid == USB_TOKEN_OUT", file=file@entry=0x55f97745f6c0 "../hw/usb/core.c", line=line@entry=727, function=function@entry=0x55f9774606e0 <__PRETTY_FUNCTION__.22877> "usb_ep_get") at assert.c:92
+#3  0x00007f13fff0cc92 in __GI___assert_fail (assertion=0x55f97745ffe0 "pid == USB_TOKEN_IN || pid == USB_TOKEN_OUT", file=0x55f97745f6c0 "../hw/usb/core.c", line=727, function=0x55f9774606e0 <__PRETTY_FUNCTION__.22877> "usb_ep_get") at assert.c:101
+#4  0x000055f975bfc9b2 in usb_ep_get (dev=0x62300000c500, pid=45, ep=1) at ../hw/usb/core.c:727
+#5  0x000055f975f945db in ohci_service_td (ohci=0x6270000191f0, ed=0x7ffcd9308410) at ../hw/usb/hcd-ohci.c:1044
+#6  0x000055f975f95d5e in ohci_service_ed_list (ohci=0x6270000191f0, head=857580576, completion=0) at ../hw/usb/hcd-ohci.c:1200
+#7  0x000055f975f9656d in ohci_process_lists (ohci=0x6270000191f0, completion=0) at ../hw/usb/hcd-ohci.c:1238
+#8  0x000055f975f9725c in ohci_frame_boundary (opaque=0x6270000191f0) at ../hw/usb/hcd-ohci.c:1281
+#9  0x000055f977212494 in timerlist_run_timers (timer_list=0x60b00005b060) at ../util/qemu-timer.c:574
+#10 0x000055f9772126db in qemu_clock_run_timers (type=QEMU_CLOCK_VIRTUAL) at ../util/qemu-timer.c:588
+#11 0x000055f977212fde in qemu_clock_run_all_timers () at ../util/qemu-timer.c:670
+#12 0x000055f9772d5717 in main_loop_wait (nonblocking=0) at ../util/main-loop.c:531
+#13 0x000055f97695100c in qemu_main_loop () at ../softmmu/vl.c:1677
+#14 0x000055f9758f7601 in main (argc=16, argv=0x7ffcd9308888, envp=0x7ffcd9308910) at ../softmmu/main.c:50
+#15 0x00007f13ffeff840 in __libc_start_main (main=0x55f9758f75b0 <main>, argc=16, argv=0x7ffcd9308888, init=<optimized out>, fini=<optimized out>, rtld_fini=<optimized out>, stack_end=0x7ffcd9308878) at ../csu/libc-start.c:291
+#16 0x000055f9758f74a9 in _start ()
+
+
+The poc is attached.
+
+Thanks.
+
+
+
+I trigger the usb_ep_get assertion as well, but I think is't not a bug.(I use the ehci)
+Maybe the logic is the function return ep_ctl whith USB_TOKEN_SETUP and ep==0.Otherwise, will goto the next.
+
+This looks like a dupe of https://bugs.launchpad.net/qemu/+bug/1525123/ , though through OHCI rather than XHCI
+
+
+This is an automated cleanup. This bug report has been moved to QEMU's
+new bug tracker on gitlab.com and thus gets marked as 'expired' now.
+Please continue with the discussion here:
+
+ https://gitlab.com/qemu-project/qemu/-/issues/303
+
+