summary refs log tree commit diff stats
path: root/gitlab/issues_text/target_missing/host_missing/accel_missing/2851
diff options
context:
space:
mode:
Diffstat (limited to 'gitlab/issues_text/target_missing/host_missing/accel_missing/2851')
-rw-r--r--gitlab/issues_text/target_missing/host_missing/accel_missing/285151
1 files changed, 0 insertions, 51 deletions
diff --git a/gitlab/issues_text/target_missing/host_missing/accel_missing/2851 b/gitlab/issues_text/target_missing/host_missing/accel_missing/2851
deleted file mode 100644
index 1689e3181..000000000
--- a/gitlab/issues_text/target_missing/host_missing/accel_missing/2851
+++ /dev/null
@@ -1,51 +0,0 @@
-Assert failure in ../util/error.c:68: void error_setv()
-Description of problem:
-If bdrv_snapshot_goto() returns an error, it is not handled immediately,
-allowing *errp to be reassigned when qcow_open() fails, which triggers
-assert(*errp == NULL) in util/error.c: void error_setv().
-Steps to reproduce:
-1. [test.qed](/uploads/17005dfba241f5a355e3592e12e356f6/test.qed)
-2. ./qemu-img snapshot -q -a test test.qed
-Additional information:
-<details>
-<pre>
-qemu-img-fuzz: ../util/error.c:68: void error_setv(Error **, const char *, int, const char *, ErrorClass, const char *, struct __va_list_tag *, const char *): Assertion `*errp == NULL' failed.
-==20841== ERROR: libFuzzer: deadly signal
-    #0 0x56384b84a46a in __sanitizer_print_stack_trace /usr/src/RPM/BUILD/llvm-11.0.1.src/projects/compiler-rt/lib/asan/asan_stack.cpp:86:3
-    #1 0x56384b79bb79 in fuzzer::PrintStackTrace() /usr/src/RPM/BUILD/llvm-11.0.1.src/projects/compiler-rt/lib/fuzzer/FuzzerUtil.cpp:210:38
-    #2 0x56384b77d5a6 in fuzzer::Fuzzer::CrashCallback() (.part.0) /usr/src/RPM/BUILD/llvm-11.0.1.src/projects/compiler-rt/lib/fuzzer/FuzzerLoop.cpp:233:18
-    #3 0x56384b77d667 in fuzzer::Fuzzer::CrashCallback() /usr/src/RPM/BUILD/llvm-11.0.1.src/projects/compiler-rt/lib/fuzzer/FuzzerLoop.cpp:205:1
-    #4 0x56384b77d667 in fuzzer::Fuzzer::StaticCrashSignalCallback() /usr/src/RPM/BUILD/llvm-11.0.1.src/projects/compiler-rt/lib/fuzzer/FuzzerLoop.cpp:204:19
-    #5 0x7effd07c09df  (/lib64/libpthread.so.0+0x139df)
-    #6 0x7effcf659450 in raise (/lib64/libc.so.6+0x3d450)
-    #7 0x7effcf642547 in abort (/lib64/libc.so.6+0x26547)
-    #8 0x7effcf642430  (/lib64/libc.so.6+0x26430)
-    #9 0x7effcf651ce1 in __assert_fail (/lib64/libc.so.6+0x35ce1)
-    #10 0x56384bf211dc in error_setv /home/gerben/qemu-img_fuzz/build/../util/error.c:68:5
-    #11 0x56384bf213fc in error_setg_internal /home/gerben/qemu-img_fuzz/build/../util/error.c:105:5
-    #12 0x56384bb2b71f in qcow_open /home/gerben/qemu-img_fuzz/build/../block/qcow.c:306:5
-    #13 0x56384bb17654 in bdrv_snapshot_goto /home/gerben/qemu-img_fuzz/build/../block/snapshot.c:299:20
-    #14 0x56384bdd52c1 in img_snapshot /home/gerben/qemu-img_fuzz/build/../qemu-img-wrapper.c:3476:15
-    #15 0x56384bdbcede in qemu_img_main /home/gerben/qemu-img_fuzz/build/../qemu-img-wrapper.c:5624:20
-    #16 0x56384bdb6e7d in command_snapshot /home/gerben/qemu-img_fuzz/build/../qemu-img_fuzz.c:309:20
-    #17 0x56384bdb6e7d in generator_command /home/gerben/qemu-img_fuzz/build/../qemu-img_fuzz.c:1285:17
-    #18 0x56384bdaf718 in LLVMFuzzerTestOneInput /home/gerben/qemu-img_fuzz/build/../qemu-img_fuzz.c:1303:5
-    #19 0x56384b77e1c8 in fuzzer::Fuzzer::ExecuteCallback(unsigned char const*, unsigned long) /usr/src/RPM/BUILD/llvm-11.0.1.src/projects/compiler-rt/lib/fuzzer/FuzzerLoop.cpp:559:17
-    #20 0x56384b781af0 in fuzzer::Fuzzer::RunOne(unsigned char const*, unsigned long, bool, fuzzer::InputInfo*, bool*) /usr/src/RPM/BUILD/llvm-11.0.1.src/projects/compiler-rt/lib/fuzzer/FuzzerLoop.cpp:471:18
-    #21 0x56384b784796 in fuzzer::Fuzzer::ReadAndExecuteSeedCorpora(std::vector<fuzzer::SizedFile, fuzzer::fuzzer_allocator<fuzzer::SizedFile> >&) /usr/src/RPM/BUILD/llvm-11.0.1.src/projects/compiler-rt/lib/fuzzer/FuzzerLoop.cpp:771:13
-    #22 0x56384b784c7e in fuzzer::Fuzzer::Loop(std::vector<fuzzer::SizedFile, fuzzer::fuzzer_allocator<fuzzer::SizedFile> >&) /usr/src/RPM/BUILD/llvm-11.0.1.src/projects/compiler-rt/lib/fuzzer/FuzzerLoop.cpp:800:28
-    #23 0x56384b76bb57 in fuzzer::FuzzerDriver(int*, char***, int (*)(unsigned char const*, unsigned long)) /usr/src/RPM/BUILD/llvm-11.0.1.src/projects/compiler-rt/lib/fuzzer/FuzzerDriver.cpp:847:10
-    #24 0x56384b758fe2 in main /usr/src/RPM/BUILD/llvm-11.0.1.src/projects/compiler-rt/lib/fuzzer/FuzzerMain.cpp:20:30
-    #25 0x7effcf643efc in __libc_start_main (/lib64/libc.so.6+0x27efc)
-    #26 0x56384b759089 in _start /usr/src/RPM/BUILD/glibc-2.32-alt5.p10.3/csu/../sysdeps/x86_64/start.S:120
-
-NOTE: libFuzzer has rudimentary signal handlers.
-      Combine libFuzzer with AddressSanitizer or similar for better crash reports.
-SUMMARY: libFuzzer: deadly signal
-MS: 0 ; base unit: 0000000000000000000000000000000000000000
-0x2b,0x25,0xff,0xff,0xff,0xff,0x3a,0x9a,0xc9,0xff,0xa,
-+%\xff\xff\xff\xff:\x9a\xc9\xff\x0a
-artifact_prefix='./'; Test unit written to ./crash-e9c4f1b8a97ffa93544e87a5a819ac524aa82029
-Base64: KyX/////OprJ/wo=
-</pre>
-</details>