* [Bug 1909261] Re: [OSS-Fuzz] Issue 28929 xhci: ASSERT: xfer->packet.status != USB_RET_NAK
2020-12-25 0:10 [Bug 1909261] [NEW] [OSS-Fuzz] Issue 28929 xhci: ASSERT: xfer->packet.status != USB_RET_NAK Alexander Bulekov
@ 2020-12-25 0:11 ` Alexander Bulekov
2021-01-15 16:09 ` Peter Maydell
` (3 subsequent siblings)
4 siblings, 0 replies; 6+ messages in thread
From: Alexander Bulekov @ 2020-12-25 0:11 UTC (permalink / raw)
To: qemu-devel
Full reproducer:
./qemu-system-i386 -m 512M -machine q35,accel=qtest \
-drive file=null-co://,if=none,format=raw,id=disk0 \
-device qemu-xhci,id=xhci -device usb-tablet,bus=xhci.0 \
-device usb-bot -device usb-storage,drive=disk0 \
-chardev null,id=cd0 -chardev null,id=cd1 \
-device usb-braille,chardev=cd0 -device usb-ccid \
-device usb-ccid -device usb-kbd -device usb-mouse \
-device usb-serial,chardev=cd1 -device usb-tablet \
-device usb-wacom-tablet -device usb-audio \
-qtest stdio -nographic -nodefaults < full_reproducer
** Attachment added: "full_reproducer"
https://bugs.launchpad.net/qemu/+bug/1909261/+attachment/5446641/+files/full_reproducer
--
You received this bug notification because you are a member of qemu-
devel-ml, which is subscribed to QEMU.
https://bugs.launchpad.net/bugs/1909261
Title:
[OSS-Fuzz] Issue 28929 xhci: ASSERT: xfer->packet.status !=
USB_RET_NAK
Status in QEMU:
New
Bug description:
=== Reproducer ===
./qemu-system-i386 -m 512M -machine q35,accel=qtest \
-drive file=null-co://,if=none,format=raw,id=disk0 \
-device qemu-xhci,id=xhci -device usb-tablet,bus=xhci.0 \
-device usb-bot -device usb-storage,drive=disk0 \
-chardev null,id=cd0 -chardev null,id=cd1 \
-device usb-braille,chardev=cd0 -device usb-ccid \
-device usb-ccid -device usb-kbd -device usb-mouse \
-device usb-serial,chardev=cd1 -device usb-tablet \
-device usb-wacom-tablet -device usb-audio \
-qtest stdio -nographic -nodefaults < attachment
=== Stack Trace ===
#0 raise
#1 abort
#2 libc.so.6
#3 __assert_fail
#4 xhci_kick_epctx /src/qemu/hw/usb/hcd-xhci.c:1865:13
#5 xhci_ep_kick_timer /src/qemu/hw/usb/hcd-xhci.c:1034:5
#6 timerlist_run_timers /src/qemu/util/qemu-timer.c:574:9
#7 qemu_clock_run_timers /src/qemu/util/qemu-timer.c:588:12
#8 qtest_clock_warp /src/qemu/softmmu/qtest.c:356:9
#9 qtest_process_command /src/qemu/softmmu/qtest.c:752:9
#10 qtest_process_inbuf /src/qemu/softmmu/qtest.c:797:9
#11 qtest_server_inproc_recv /src/qemu/softmmu/qtest.c:904:9
#12 send_wrapper /src/qemu/tests/qtest/libqtest.c:1390:5
#13 qtest_sendf /src/qemu/tests/qtest/libqtest.c:438:5
#14 qtest_clock_step_next /src/qemu/tests/qtest/libqtest.c:912:5
#15 op_clock_step /src/qemu/tests/qtest/fuzz/generic_fuzz.c:574:5
OSS-Fuzz Report:
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=28929
To manage notifications about this bug go to:
https://bugs.launchpad.net/qemu/+bug/1909261/+subscriptions
^ permalink raw reply [flat|nested] 6+ messages in thread
* [Bug 1909261] Re: [OSS-Fuzz] Issue 28929 xhci: ASSERT: xfer->packet.status != USB_RET_NAK
2020-12-25 0:10 [Bug 1909261] [NEW] [OSS-Fuzz] Issue 28929 xhci: ASSERT: xfer->packet.status != USB_RET_NAK Alexander Bulekov
2020-12-25 0:11 ` [Bug 1909261] " Alexander Bulekov
@ 2021-01-15 16:09 ` Peter Maydell
2021-06-10 15:11 ` Thomas Huth
` (2 subsequent siblings)
4 siblings, 0 replies; 6+ messages in thread
From: Peter Maydell @ 2021-01-15 16:09 UTC (permalink / raw)
To: qemu-devel
** Tags added: fuzzer
--
You received this bug notification because you are a member of qemu-
devel-ml, which is subscribed to QEMU.
https://bugs.launchpad.net/bugs/1909261
Title:
[OSS-Fuzz] Issue 28929 xhci: ASSERT: xfer->packet.status !=
USB_RET_NAK
Status in QEMU:
New
Bug description:
=== Reproducer ===
./qemu-system-i386 -m 512M -machine q35,accel=qtest \
-drive file=null-co://,if=none,format=raw,id=disk0 \
-device qemu-xhci,id=xhci -device usb-tablet,bus=xhci.0 \
-device usb-bot -device usb-storage,drive=disk0 \
-chardev null,id=cd0 -chardev null,id=cd1 \
-device usb-braille,chardev=cd0 -device usb-ccid \
-device usb-ccid -device usb-kbd -device usb-mouse \
-device usb-serial,chardev=cd1 -device usb-tablet \
-device usb-wacom-tablet -device usb-audio \
-qtest stdio -nographic -nodefaults < attachment
=== Stack Trace ===
#0 raise
#1 abort
#2 libc.so.6
#3 __assert_fail
#4 xhci_kick_epctx /src/qemu/hw/usb/hcd-xhci.c:1865:13
#5 xhci_ep_kick_timer /src/qemu/hw/usb/hcd-xhci.c:1034:5
#6 timerlist_run_timers /src/qemu/util/qemu-timer.c:574:9
#7 qemu_clock_run_timers /src/qemu/util/qemu-timer.c:588:12
#8 qtest_clock_warp /src/qemu/softmmu/qtest.c:356:9
#9 qtest_process_command /src/qemu/softmmu/qtest.c:752:9
#10 qtest_process_inbuf /src/qemu/softmmu/qtest.c:797:9
#11 qtest_server_inproc_recv /src/qemu/softmmu/qtest.c:904:9
#12 send_wrapper /src/qemu/tests/qtest/libqtest.c:1390:5
#13 qtest_sendf /src/qemu/tests/qtest/libqtest.c:438:5
#14 qtest_clock_step_next /src/qemu/tests/qtest/libqtest.c:912:5
#15 op_clock_step /src/qemu/tests/qtest/fuzz/generic_fuzz.c:574:5
OSS-Fuzz Report:
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=28929
To manage notifications about this bug go to:
https://bugs.launchpad.net/qemu/+bug/1909261/+subscriptions
^ permalink raw reply [flat|nested] 6+ messages in thread
* [Bug 1909261] Re: [OSS-Fuzz] Issue 28929 xhci: ASSERT: xfer->packet.status != USB_RET_NAK
2020-12-25 0:10 [Bug 1909261] [NEW] [OSS-Fuzz] Issue 28929 xhci: ASSERT: xfer->packet.status != USB_RET_NAK Alexander Bulekov
2020-12-25 0:11 ` [Bug 1909261] " Alexander Bulekov
2021-01-15 16:09 ` Peter Maydell
@ 2021-06-10 15:11 ` Thomas Huth
2021-08-21 4:12 ` Alexander Bulekov
2021-08-21 6:19 ` Thomas Huth
4 siblings, 0 replies; 6+ messages in thread
From: Thomas Huth @ 2021-06-10 15:11 UTC (permalink / raw)
To: qemu-devel
Still reproducible with the current qemu version from git (commit
7fe7fae8b48e3f9c647fd685)
** Tags added: usb
** Changed in: qemu
Status: New => Confirmed
--
You received this bug notification because you are a member of qemu-
devel-ml, which is subscribed to QEMU.
https://bugs.launchpad.net/bugs/1909261
Title:
[OSS-Fuzz] Issue 28929 xhci: ASSERT: xfer->packet.status !=
USB_RET_NAK
Status in QEMU:
Confirmed
Bug description:
=== Reproducer ===
./qemu-system-i386 -m 512M -machine q35,accel=qtest \
-drive file=null-co://,if=none,format=raw,id=disk0 \
-device qemu-xhci,id=xhci -device usb-tablet,bus=xhci.0 \
-device usb-bot -device usb-storage,drive=disk0 \
-chardev null,id=cd0 -chardev null,id=cd1 \
-device usb-braille,chardev=cd0 -device usb-ccid \
-device usb-ccid -device usb-kbd -device usb-mouse \
-device usb-serial,chardev=cd1 -device usb-tablet \
-device usb-wacom-tablet -device usb-audio \
-qtest stdio -nographic -nodefaults < attachment
=== Stack Trace ===
#0 raise
#1 abort
#2 libc.so.6
#3 __assert_fail
#4 xhci_kick_epctx /src/qemu/hw/usb/hcd-xhci.c:1865:13
#5 xhci_ep_kick_timer /src/qemu/hw/usb/hcd-xhci.c:1034:5
#6 timerlist_run_timers /src/qemu/util/qemu-timer.c:574:9
#7 qemu_clock_run_timers /src/qemu/util/qemu-timer.c:588:12
#8 qtest_clock_warp /src/qemu/softmmu/qtest.c:356:9
#9 qtest_process_command /src/qemu/softmmu/qtest.c:752:9
#10 qtest_process_inbuf /src/qemu/softmmu/qtest.c:797:9
#11 qtest_server_inproc_recv /src/qemu/softmmu/qtest.c:904:9
#12 send_wrapper /src/qemu/tests/qtest/libqtest.c:1390:5
#13 qtest_sendf /src/qemu/tests/qtest/libqtest.c:438:5
#14 qtest_clock_step_next /src/qemu/tests/qtest/libqtest.c:912:5
#15 op_clock_step /src/qemu/tests/qtest/fuzz/generic_fuzz.c:574:5
OSS-Fuzz Report:
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=28929
To manage notifications about this bug go to:
https://bugs.launchpad.net/qemu/+bug/1909261/+subscriptions
^ permalink raw reply [flat|nested] 6+ messages in thread
* [Bug 1909261] Re: [OSS-Fuzz] Issue 28929 xhci: ASSERT: xfer->packet.status != USB_RET_NAK
2020-12-25 0:10 [Bug 1909261] [NEW] [OSS-Fuzz] Issue 28929 xhci: ASSERT: xfer->packet.status != USB_RET_NAK Alexander Bulekov
` (2 preceding siblings ...)
2021-06-10 15:11 ` Thomas Huth
@ 2021-08-21 4:12 ` Alexander Bulekov
2021-08-21 6:19 ` Thomas Huth
4 siblings, 0 replies; 6+ messages in thread
From: Alexander Bulekov @ 2021-08-21 4:12 UTC (permalink / raw)
To: qemu-devel
I moved this report over to QEMU's new bug tracker on gitlab.com.
Please continue with the discussion here:
https://gitlab.com/qemu-project/qemu/-/issues/544
** Bug watch added: gitlab.com/qemu-project/qemu/-/issues #544
https://gitlab.com/qemu-project/qemu/-/issues/544
--
You received this bug notification because you are a member of qemu-
devel-ml, which is subscribed to QEMU.
https://bugs.launchpad.net/bugs/1909261
Title:
[OSS-Fuzz] Issue 28929 xhci: ASSERT: xfer->packet.status !=
USB_RET_NAK
Status in QEMU:
Confirmed
Bug description:
=== Reproducer ===
./qemu-system-i386 -m 512M -machine q35,accel=qtest \
-drive file=null-co://,if=none,format=raw,id=disk0 \
-device qemu-xhci,id=xhci -device usb-tablet,bus=xhci.0 \
-device usb-bot -device usb-storage,drive=disk0 \
-chardev null,id=cd0 -chardev null,id=cd1 \
-device usb-braille,chardev=cd0 -device usb-ccid \
-device usb-ccid -device usb-kbd -device usb-mouse \
-device usb-serial,chardev=cd1 -device usb-tablet \
-device usb-wacom-tablet -device usb-audio \
-qtest stdio -nographic -nodefaults < attachment
=== Stack Trace ===
#0 raise
#1 abort
#2 libc.so.6
#3 __assert_fail
#4 xhci_kick_epctx /src/qemu/hw/usb/hcd-xhci.c:1865:13
#5 xhci_ep_kick_timer /src/qemu/hw/usb/hcd-xhci.c:1034:5
#6 timerlist_run_timers /src/qemu/util/qemu-timer.c:574:9
#7 qemu_clock_run_timers /src/qemu/util/qemu-timer.c:588:12
#8 qtest_clock_warp /src/qemu/softmmu/qtest.c:356:9
#9 qtest_process_command /src/qemu/softmmu/qtest.c:752:9
#10 qtest_process_inbuf /src/qemu/softmmu/qtest.c:797:9
#11 qtest_server_inproc_recv /src/qemu/softmmu/qtest.c:904:9
#12 send_wrapper /src/qemu/tests/qtest/libqtest.c:1390:5
#13 qtest_sendf /src/qemu/tests/qtest/libqtest.c:438:5
#14 qtest_clock_step_next /src/qemu/tests/qtest/libqtest.c:912:5
#15 op_clock_step /src/qemu/tests/qtest/fuzz/generic_fuzz.c:574:5
OSS-Fuzz Report:
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=28929
To manage notifications about this bug go to:
https://bugs.launchpad.net/qemu/+bug/1909261/+subscriptions
^ permalink raw reply [flat|nested] 6+ messages in thread
* [Bug 1909261] Re: [OSS-Fuzz] Issue 28929 xhci: ASSERT: xfer->packet.status != USB_RET_NAK
2020-12-25 0:10 [Bug 1909261] [NEW] [OSS-Fuzz] Issue 28929 xhci: ASSERT: xfer->packet.status != USB_RET_NAK Alexander Bulekov
` (3 preceding siblings ...)
2021-08-21 4:12 ` Alexander Bulekov
@ 2021-08-21 6:19 ` Thomas Huth
4 siblings, 0 replies; 6+ messages in thread
From: Thomas Huth @ 2021-08-21 6:19 UTC (permalink / raw)
To: qemu-devel
Thanks for moving it over! ... let's close this one here on Launchpad
now.
** Changed in: qemu
Status: Confirmed => Invalid
--
You received this bug notification because you are a member of qemu-
devel-ml, which is subscribed to QEMU.
https://bugs.launchpad.net/bugs/1909261
Title:
[OSS-Fuzz] Issue 28929 xhci: ASSERT: xfer->packet.status !=
USB_RET_NAK
Status in QEMU:
Invalid
Bug description:
=== Reproducer ===
./qemu-system-i386 -m 512M -machine q35,accel=qtest \
-drive file=null-co://,if=none,format=raw,id=disk0 \
-device qemu-xhci,id=xhci -device usb-tablet,bus=xhci.0 \
-device usb-bot -device usb-storage,drive=disk0 \
-chardev null,id=cd0 -chardev null,id=cd1 \
-device usb-braille,chardev=cd0 -device usb-ccid \
-device usb-ccid -device usb-kbd -device usb-mouse \
-device usb-serial,chardev=cd1 -device usb-tablet \
-device usb-wacom-tablet -device usb-audio \
-qtest stdio -nographic -nodefaults < attachment
=== Stack Trace ===
#0 raise
#1 abort
#2 libc.so.6
#3 __assert_fail
#4 xhci_kick_epctx /src/qemu/hw/usb/hcd-xhci.c:1865:13
#5 xhci_ep_kick_timer /src/qemu/hw/usb/hcd-xhci.c:1034:5
#6 timerlist_run_timers /src/qemu/util/qemu-timer.c:574:9
#7 qemu_clock_run_timers /src/qemu/util/qemu-timer.c:588:12
#8 qtest_clock_warp /src/qemu/softmmu/qtest.c:356:9
#9 qtest_process_command /src/qemu/softmmu/qtest.c:752:9
#10 qtest_process_inbuf /src/qemu/softmmu/qtest.c:797:9
#11 qtest_server_inproc_recv /src/qemu/softmmu/qtest.c:904:9
#12 send_wrapper /src/qemu/tests/qtest/libqtest.c:1390:5
#13 qtest_sendf /src/qemu/tests/qtest/libqtest.c:438:5
#14 qtest_clock_step_next /src/qemu/tests/qtest/libqtest.c:912:5
#15 op_clock_step /src/qemu/tests/qtest/fuzz/generic_fuzz.c:574:5
OSS-Fuzz Report:
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=28929
To manage notifications about this bug go to:
https://bugs.launchpad.net/qemu/+bug/1909261/+subscriptions
^ permalink raw reply [flat|nested] 6+ messages in thread