There is a new bug that fails the same assertion, and maybe its minimized producer will help: https://bugs.launchpad.net/qemu/+bug/1908062
-- You received this bug notification because you are a member of qemu- devel-ml, which is subscribed to QEMU. https://bugs.launchpad.net/bugs/1890333 Title: [OSS-Fuzz] Issue 26797: qemu:qemu-fuzz-i386-target-generic-fuzz- virtio-blk: ASSERT: addr < cache->len && 2 <= cache->len - addr Status in QEMU: Fix Released Bug description: Hello, Reproducer: cat << EOF | ./i386-softmmu/qemu-system-i386 \ -drive id=mydrive,file=null-co://,size=2M,format=raw,if=none \ -device virtio-blk,drive=mydrive \ -nodefaults -qtest stdio -nographic outl 0xcf8 0x80001001 outl 0xcfc 0x6574c1ff outl 0xcf8 0x8000100e outl 0xcfc 0xefe5e1e outl 0xe86 0x3aff9090 outl 0xe84 0x3aff9090 outl 0xe8e 0xe EOF qemu-system-i386: /home/alxndr/Development/qemu/general-fuzz/include/exec/memory_ldst_cached.inc.h:88: void address_space_stw_le_cached(MemoryRegionCache *, hwaddr, uint32_t, MemTxAttrs, MemTxResult *): Assertion `addr < cache->len && 2 <= cache->len - addr' failed. Aborted I can trigger similar assertions with other VIRTIO devices, as-well. I reported this at some point in Message-ID: <20200511033001.dzvtbdhl3oz5p...@mozz.bu.edu> but never created a Launchpad issue... -Alex To manage notifications about this bug go to: https://bugs.launchpad.net/qemu/+bug/1890333/+subscriptions
