blob: a38171f07e1a11452dc45468c4fc285a0f490611 (
plain) (
blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
|
arm: 0.955
virtual: 0.943
architecture: 0.942
graphic: 0.924
device: 0.922
kernel: 0.808
PID: 0.804
network: 0.803
vnc: 0.793
performance: 0.793
VMM: 0.786
socket: 0.771
files: 0.744
hypervisor: 0.737
peripherals: 0.712
boot: 0.704
ppc: 0.692
register: 0.632
risc-v: 0.616
permissions: 0.589
debug: 0.572
TCG: 0.553
user-level: 0.441
semantic: 0.435
mistranslation: 0.420
x86: 0.225
assembly: 0.139
i386: 0.139
KVM: 0.100
aarch64: usb_mtp_get_data: Assertion `(s->dataset.size == 0xFFFFFFFF) || (s->dataset.size == d->offset)' failed
Description of problem:
When attempting to write to an MTP device in QEMU 8.0.0 on arm64, QEMU will crash at runtime with the following error:
`qemu-system-aarch64: ../hw/usb/dev-mtp.c:1819: usb_mtp_get_data: Assertion '(s->dataset.size == 0xFFFFFFFF) || (s->dataset.size == d->offset)' failed.`
This was observed in Nixpkgs where we use QEMU to provide automated testing of MTP devices for GVFS and jmtpfs, the full log for that test run that crashes due to this QEMU regression on arm64 is available here https://hydra.nixos.org/build/218858556/nixlog/1
Steps to reproduce:
1. Launch a QEMU virtual machine with `-usb -device usb-mtp,rootdir=/tmp,readonly=false` using any QEMU version above 6.0.0
2. Mount the MTP device using something like:
```
mkdir mtpDevice && jmtpfs mtpDevice
```
3. Try to write to the mtp device:
```
dd if=/dev/urandom of=./mtpDevice/file
```
4. Observe that QEMU will crash when trying to write to the device, like this:
```
client # 10+0 records in
client # 10+0 records out
client # 10485760 bytes (10 MB, 10 MiB) copied, 0.0318363 s, 329 MB/s
client # qemu-system-aarch64: ../hw/usb/dev-mtp.c:1819: usb_mtp_get_data: Assertion '(s->dataset.size == 0xFFFFFFFF) || (s->dataset.size == d->offset)' failed.error
```
Additional information:
|