1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
|
i386: 0.961
hypervisor: 0.947
device: 0.886
graphic: 0.669
x86: 0.644
semantic: 0.589
network: 0.497
PID: 0.487
peripherals: 0.481
ppc: 0.478
socket: 0.461
mistranslation: 0.443
performance: 0.439
architecture: 0.436
user-level: 0.406
files: 0.367
virtual: 0.340
arm: 0.335
debug: 0.323
boot: 0.282
vnc: 0.257
VMM: 0.257
risc-v: 0.237
permissions: 0.206
register: 0.179
TCG: 0.128
kernel: 0.108
assembly: 0.045
KVM: 0.034
Assertion failure `mr != NULL' failed through usb-ehci
Hello,
Using hypervisor fuzzer, hyfuzz, I found an assertion failure through usb-ehci.
This was found in version 5.0.1 (stable-5.0).
--------
qemu-system-i386: src/qemu-repro/exec.c:3581: address_space_unmap: Assertion `mr != NULL' failed.
[1] 14721 abort src/qemu-repro/build/i386-softmmu/qemu-system-i386
To reproduce the assertion failure, please run the QEMU with following command line.
```
$ qemu-system-i386 -drive file=./hyfuzz.img,index=0,media=disk,format=raw -m 512 -drive if=none,id=stick,file=./usbdisk.img -device usb-ehci,id=ehci -device usb-storage,bus=ehci.0,drive=stick
```
Can you still reproduce this with QEMU v6.0 ? For me, qemu now does not crash anymore, so I assume this might have been fixed within the past months?
This problem got fixed by this commit:
2fdb42d840400d58f2e706ecca82c142b97bcbd6
hw: ehci: check return value of 'usb_packet_map'
Thus let's close this ticket now.
|