1 files changed, 25 insertions, 0 deletions

diff --git a/results/scraper/launchpad-without-comments/1880539 b/results/scraper/launchpad-without-comments/1880539
new file mode 100644
index 000000000..15cd435d1
--- /dev/null
+++ b/results/scraper/launchpad-without-comments/1880539
@@ -0,0 +1,25 @@
+I/O write make QXL abort in qxl_set_mode()
+
+libFuzzer found:
+
+qxl-0: guest bug: qxl_add_memslot: guest_start > guest_end 0xffffffffffffffff > 0x3ffffff
+qemu-fuzz-i386: hw/display/qxl.c:1611: void qxl_set_mode(PCIQXLDevice *, unsigned int, int): Assertion `qxl_add_memslot(d, 0, devmem, QXL_SYNC) == 0' failed.
+==8134== ERROR: libFuzzer: deadly signal
+    #0 0x55fddfcfb3f0 in __sanitizer_print_stack_trace (qemu-fuzz-i386+0xcb13f0)
+    #1 0x55fddfc0a3e1 in fuzzer::PrintStackTrace() (qemu-fuzz-i386+0xbc03e1)
+    #2 0x55fddfbeac6f in fuzzer::Fuzzer::CrashCallback() (qemu-fuzz-i386+0xba0c6f)
+    #3 0x55fddfbeacc3 in fuzzer::Fuzzer::StaticCrashSignalCallback() (qemu-fuzz-i386+0xba0cc3)
+    #4 0x7fd640644c6f  (/lib64/libpthread.so.0+0x12c6f)
+    #5 0x7fd640483e34 in __GI_raise (/lib64/libc.so.6+0x37e34)
+    #6 0x7fd64046e894 in __GI_abort (/lib64/libc.so.6+0x22894)
+    #7 0x7fd64046e768 in __assert_fail_base.cold (/lib64/libc.so.6+0x22768)
+    #8 0x7fd64047c565 in __GI___assert_fail (/lib64/libc.so.6+0x30565)
+    #9 0x55fde08afd8b in qxl_set_mode (qemu-fuzz-i386+0x1865d8b)
+    #10 0x55fde08b9602 in ioport_write (qemu-fuzz-i386+0x186f602)
+    #11 0x55fddff170a7 in memory_region_write_accessor (qemu-fuzz-i386+0xecd0a7)
+    #12 0x55fddff16c13 in access_with_adjusted_size (qemu-fuzz-i386+0xeccc13)
+    #13 0x55fddff157b4 in memory_region_dispatch_write (qemu-fuzz-i386+0xecb7b4)
+
+Can be reproduce doing "writeb 0x06 0x23" on QXL I/O (PCI BAR #3).
+
+Command line: 'qemu-system-i386 -display none -M pc -vga qxl'
\ No newline at end of file