summary refs log tree commit diff stats
path: root/gitlab/issues_toml/target_missing/host_missing/accel_missing/2415.toml
diff options
context:
space:
mode:
Diffstat (limited to 'gitlab/issues_toml/target_missing/host_missing/accel_missing/2415.toml')
-rw-r--r--gitlab/issues_toml/target_missing/host_missing/accel_missing/2415.toml63
1 files changed, 63 insertions, 0 deletions
diff --git a/gitlab/issues_toml/target_missing/host_missing/accel_missing/2415.toml b/gitlab/issues_toml/target_missing/host_missing/accel_missing/2415.toml
new file mode 100644
index 000000000..b6759eb9c
--- /dev/null
+++ b/gitlab/issues_toml/target_missing/host_missing/accel_missing/2415.toml
@@ -0,0 +1,63 @@
+id = 2415
+title = "Assertion `r->req.aiocb == NULL' in am53c974 device"
+state = "closed"
+created_at = "2024-06-30T09:28:03.748Z"
+closed_at = "2024-07-17T05:40:17.595Z"
+labels = ["Fuzzer", "Storage"]
+url = "https://gitlab.com/qemu-project/qemu/-/issues/2415"
+host-os = "Ubuntu 22.04.4 LTS"
+host-arch = "x86_64"
+qemu-version = "commit 3665dd6bb9"
+guest-os = "n/a"
+guest-arch = "n/a"
+description = """The following log reveals it:
+
+```
+qemu-truman-x86_64-4467afcc: qemu/hw/scsi/scsi-disk.c:558: void scsi_write_data(SCSIRequest *): Assertion `r->req.aiocb == NULL' failed.
+==2957464== ERROR: libFuzzer: deadly signal
+    #0 0x55e76f00e911 in __sanitizer_print_stack_trace llvm/compiler-rt/lib/asan/asan_stack.cpp:87:3
+    #1 0x55e76ef88fb8 in fuzzer::PrintStackTrace() llvm/compiler-rt/lib/fuzzer/FuzzerUtil.cpp:210:5
+    #2 0x55e76ef6d1b3 in fuzzer::Fuzzer::CrashCallback() llvm/compiler-rt/lib/fuzzer/FuzzerLoop.cpp:233:3
+    #3 0x7f83d604251f  (/lib/x86_64-linux-gnu/libc.so.6+0x4251f)
+    #4 0x7f83d60969fb in __pthread_kill_implementation nptl/./nptl/pthread_kill.c:43:17
+    #5 0x7f83d60969fb in __pthread_kill_internal nptl/./nptl/pthread_kill.c:78:10
+    #6 0x7f83d60969fb in pthread_kill nptl/./nptl/pthread_kill.c:89:10
+    #7 0x7f83d6042475 in gsignal signal/../sysdeps/posix/raise.c:26:13
+    #8 0x7f83d60287f2 in abort stdlib/./stdlib/abort.c:79:7
+    #9 0x7f83d602871a in __assert_fail_base assert/./assert/assert.c:92:3
+    #10 0x7f83d6039e95 in __assert_fail assert/./assert/assert.c:101:3
+    #11 0x55e76fbb55a5 in scsi_write_data qemu/hw/scsi/scsi-disk.c:558:5
+    #12 0x55e76fb95a1f in scsi_req_continue qemu/hw/scsi/scsi-bus.c
+    #13 0x55e76fbfe0cc in esp_do_dma qemu/hw/scsi/esp.c
+    #14 0x55e76fc0be39 in handle_ti qemu/hw/scsi/esp.c:1104:9
+    #15 0x55e76fc042f6 in esp_run_cmd qemu/hw/scsi/esp.c:1186:9
+    #16 0x55e76fc042f6 in esp_reg_write qemu/hw/scsi/esp.c:1304:9
+    #17 0x55e76fc1329b in esp_pci_io_write qemu/hw/scsi/esp-pci.c:248:9
+```"""
+reproduce = """```
+cat << EOF | qemu-system-x86_64 -display none\\
+-machine accel=qtest, -m 512M -device am53c974,id=scsi -device \\
+scsi-hd,drive=disk0 -drive id=disk0,if=none,file=null-co://,format=raw \\
+-nodefaults -qtest stdio
+outl 0xcf8 0x80001010
+outl 0xcfc 0xc000
+outl 0xcf8 0x80001004
+outw 0xcfc 0x05
+outl 0xc03e 0x030000
+outl 0xc009 0xc1000000
+outl 0xc008 0x8a
+outl 0xc00d 0x0
+outl 0xc009 0x00
+outl 0xc00c 0x11
+outl 0xc00d 0x0
+outl 0xc00d 0x00
+outl 0xc00d 0x0
+outw 0xc00f 0x00
+outb 0xc00d 0x0
+outl 0xc00d 0x0
+outl 0xc009 0x41000000
+outb 0xc00c 0x90
+outl 0xc00d 0x0
+EOF
+```"""
+additional = "n/a"