[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Bug 1810000] Re: qemu system emulator crashed with the attachment of us
From: |
Bugs SysSec |
Subject: |
[Bug 1810000] Re: qemu system emulator crashed with the attachment of usb-bt-dongle device |
Date: |
Tue, 16 Jun 2020 15:23:23 -0000 |
We found a reproducer during fuzzing:
```
qemu-system-x86_64 -cdrom hypertrash_os_bios_crash.iso -nographic -m 100
-enable-kvm -device virtio-gpu-pci -device nec-usb-xhci -device usb-audio
```
ISO is available under:
https://ruhr-uni-bochum.sciebo.de/s/3UyxvIAB3FeCJ8r?path=%2Fxhci_assert2
--
You received this bug notification because you are a member of qemu-
devel-ml, which is subscribed to QEMU.
https://bugs.launchpad.net/bugs/1810000
Title:
qemu system emulator crashed with the attachment of usb-bt-dongle
device
Status in QEMU:
New
Bug description:
I am testing usb-bt-dongle device on xchi host controller, and found
that the qemu crashed directly with an assertion failer.
Here is the information to reproduce the crash:
Qemu git revision: 9b2e891ec5ccdb4a7d583b77988848282606fdea
System emulator: qemu-x86_64
VM image:
https://people.debian.org/~aurel32/qemu/amd64/debian_squeeze_amd64_desktop.qcow2
CommandLine: qemu-system-x86_64 -M q35 -device qemu-xhci,id=xhci -enable-kvm
-device usb-bt-dongle -hda ./debian_wheezy_amd64_standard.qcow2
Error message:
qemu-system-x86_64: /build/qemu-
Eap4uc/qemu-2.11+dfsg/hw/usb/core.c:592: usb_packet_copy: Assertion
`p->actual_length + bytes <= iov->size' failed.
To manage notifications about this bug go to:
https://bugs.launchpad.net/qemu/+bug/1810000/+subscriptions
[Prev in Thread] |
Current Thread |
[Next in Thread] |
- [Bug 1810000] Re: qemu system emulator crashed with the attachment of usb-bt-dongle device,
Bugs SysSec <=