qemu-devel
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Assertion Failure in virtio_net_reset

From: Jason Wang
Subject: Re: Assertion Failure in virtio_net_reset
Date: Mon, 11 May 2020 12:05:41 +0800
User-agent: Mozilla/5.0 (X11; Linux x86_64; rv:68.0) Gecko/20100101 Thunderbird/68.7.0 

On 2020/5/11 上午10:59, Alexander Bulekov wrote:

Hello,
While fuzzing, I found an input that triggers an assertion failure in
virtio-net.c:

hw/net/virtio-net.c:533: void virtio_net_reset(VirtIODevice *): Assertion 
`!virtio_net_get_subqueue(nc)->async_tx.elem' failed.

#9 0x55a33fa31b78 in virtio_net_reset hw/net/virtio-net.c:533:13
#10 0x55a33fc88412 in virtio_reset hw/virtio/virtio.c:1919:9
#11 0x55a341d82764 in virtio_bus_reset hw/virtio/virtio-bus.c:95:9
#12 0x55a341dba2de in virtio_pci_reset hw/virtio/virtio-pci.c:1824:5
#13 0x55a341db3e02 in virtio_pci_common_write hw/virtio/virtio-pci.c:1252:13
#14 0x55a33f62117b in memory_region_write_accessor memory.c:496:5
#15 0x55a33f6205e4 in access_with_adjusted_size memory.c:557:18
#16 0x55a33f61e177 in memory_region_dispatch_write memory.c:1488:16

I can reproduce it in a qemu 5.0 build using:
cat << EOF | qemu-system-i386 -M pc-q35-5.0 -netdev user,id=qtest-bn0 -device 
virtio-net-pci,netdev=qtest-bn0 -display none -nodefaults -nographic -qtest stdio
outl 0xcf8 0x80000820
outl 0xcfc 0xe0004000
outl 0xcf8 0x80000824
outl 0xcfc 0xc021
outl 0xcf8 0x80000804
outw 0xcfc 0x7
outl 0xcf8 0x8000089a
write 0xc021e0004016 0x16 0x0100000000ff4f000100cd003d00000000000000f600
write 0x3d00d8 0xae 
0x0100007a000a00000000000d00840100007a000a00000000000f00840100007a000a00000000001100840100007a000a00000000001300840100007a000a00000000001500840100007a000a00000000001700840100007a000a00000000001900840100007a000a00000000001b00840100007a000a00000000001d00840100007a000a00000000001f00840100007a000a00000000002100840100007a000a00000000002300840100007a000a
write 0xf60002 0x7 0x0a00000000000b
write 0xc021e0004014 0x9 0x95a4b3c2d1e0effe0d
write 0xc021e0004014 0x2a3 
0x000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000
EOF

I also uploaded the above trace, in case the formatting is broken:

curl https://paste.debian.net/plain/1146086 | qemu-system-i386 -M pc-q35-5.0 
-netdev user,id=qtest-bn0 -device virtio-net-pci,netdev=qtest-bn0 -display none 
-nodefaults -nographic -qtest stdio

Please let me know if I can provide any further info.
-Alex



I post a patch which seems to fix this issue.

Please have a look and try.

Thanks
reply via email to
[Prev in Thread] Current Thread [Next in Thread]