QEMU

  1. Bug #697510
  2. Comment #8

Comment 8 for bug 697510

Revision history for this message
Bugs SysSec (bugs-syssec) wrote :

We found a reproducer during fuzzing:

```
qemu-system-x86_64: hw/scsi/lsi53c895a.c:624: lsi_do_dma: Assertion `s->current' failed.
```

To reproduce run the QEMU with the following command line:
```
qemu-system-x86_64 -cdrom hypertrash.iso -nographic -m 100 -enable-kvm -net none -device ich9-usb-ehci1 -device usb-tablet -device lsi53c810,id=scsi0 -drive file=hda.img,if=none,format=raw,discard=unmap,cache=none,id=someid -device scsi-hd,drive=someid,bus=scsi0.0
```

QEMU Version:
```
# qemu-5.0.0
$ ./configure --target-list=x86_64-softmmu --enable-sanitizers; make
$ x86_64-softmmu/qemu-system-x86_64 --version
QEMU emulator version 5.0.0
Copyright (c) 2003-2020 Fabrice Bellard and the QEMU Project developers
```

To create disk image run:
```
dd if=/dev/zero of=hda.img bs=1024 count=1024
```