i386: 0.961
hypervisor: 0.947
device: 0.886
graphic: 0.669
x86: 0.644
semantic: 0.589
network: 0.497
PID: 0.487
peripherals: 0.481
ppc: 0.478
socket: 0.461
mistranslation: 0.443
performance: 0.439
architecture: 0.436
user-level: 0.406
files: 0.367
virtual: 0.340
arm: 0.335
debug: 0.323
boot: 0.282
vnc: 0.257
VMM: 0.257
risc-v: 0.237
permissions: 0.206
register: 0.179
TCG: 0.128
kernel: 0.108
assembly: 0.045
KVM: 0.034

Assertion failure `mr != NULL' failed through usb-ehci

Hello,

Using hypervisor fuzzer, hyfuzz, I found an assertion failure through usb-ehci.

This was found in version 5.0.1 (stable-5.0).

--------

qemu-system-i386: src/qemu-repro/exec.c:3581: address_space_unmap: Assertion `mr != NULL' failed.
[1]    14721 abort      src/qemu-repro/build/i386-softmmu/qemu-system-i386


To reproduce the assertion failure, please run the QEMU with following command line.

```
$ qemu-system-i386 -drive file=./hyfuzz.img,index=0,media=disk,format=raw -m 512 -drive if=none,id=stick,file=./usbdisk.img -device usb-ehci,id=ehci -device usb-storage,bus=ehci.0,drive=stick
```



Can you still reproduce this with QEMU v6.0 ? For me, qemu now does not crash anymore, so I assume this might have been fixed within the past months?

This problem got fixed by this commit:

  2fdb42d840400d58f2e706ecca82c142b97bcbd6
  hw: ehci: check return value of 'usb_packet_map'

Thus let's close this ticket now.