Floating-point-exception in ide_set_sector
Hello, I bisected this to 176e4961 ("hw/ide/core.c: Implement ATA INITIALIZE_DEVICE_PARAMETERS command") CC: @lkujaw
Reproducer
cat << EOF | ./qemu-system-i386 -display none -machine accel=qtest, -m \
512M -machine pc -nodefaults -drive \
file=null-co://,if=none,format=raw,id=disk0 -device ide-hd,drive=disk0 \
-qtest stdio
outw 0x171 0x00
outw 0x176 0x9100
outw 0x176 0x2700
EOF
Stack-Trace
UndefinedBehaviorSanitizer:DEADLYSIGNAL
==1172126==ERROR: UndefinedBehaviorSanitizer: FPE on unknown address 0x562f919516e5 (pc 0x562f919516e5 bp 0x7fffbaad8650 sp 0x7fffbaad8620 T1172126)
#0 0x562f919516e5 in ide_set_sector /home/alxndr/Development/qemu-demo/qemu/build-dirty/../hw/ide/core.c:644:26
#1 0x562f919516e5 in cmd_read_native_max /home/alxndr/Development/qemu-demo/qemu/build-dirty/../hw/ide/core.c:1615:5
#2 0x562f9194e897 in ide_exec_cmd /home/alxndr/Development/qemu-demo/qemu/build-dirty/../hw/ide/core.c:2149:16
#3 0x562f9194e3c4 in ide_ioport_write /home/alxndr/Development/qemu-demo/qemu/build-dirty/../hw/ide/core.c:1329:9
#4 0x562f91ce1978 in memory_region_write_accessor /home/alxndr/Development/qemu-demo/qemu/build-dirty/../softmmu/memory.c:492:5
#5 0x562f91ce17c4 in access_with_adjusted_size /home/alxndr/Development/qemu-demo/qemu/build-dirty/../softmmu/memory.c:554:18
#6 0x562f91ce17c4 in memory_region_dispatch_write /home/alxndr/Development/qemu-demo/qemu/build-dirty/../softmmu/memory.c:1514:16
#7 0x562f91cf12c4 in flatview_write_continue /home/alxndr/Development/qemu-demo/qemu/build-dirty/../softmmu/physmem.c:2820:23
#8 0x562f91cedca2 in flatview_write /home/alxndr/Development/qemu-demo/qemu/build-dirty/../softmmu/physmem.c:2862:12
#9 0x562f91cedca2 in address_space_write /home/alxndr/Development/qemu-demo/qemu/build-dirty/../softmmu/physmem.c:2958:18
#10 0x562f91cdf176 in cpu_outw /home/alxndr/Development/qemu-demo/qemu/build-dirty/../softmmu/ioport.c:70:5
#11 0x562f91cf4d02 in qtest_process_command /home/alxndr/Development/qemu-demo/qemu/build-dirty/../softmmu/qtest.c:480:13
#12 0x562f91cf4d02 in qtest_process_inbuf /home/alxndr/Development/qemu-demo/qemu/build-dirty/../softmmu/qtest.c:796:9
#13 0x562f91e70dcd in fd_chr_read /home/alxndr/Development/qemu-demo/qemu/build-dirty/../chardev/char-fd.c:72:9
#14 0x7f26db231a9e in g_main_context_dispatch (/usr/lib/x86_64-linux-gnu/libglib-2.0.so.0+0x53a9e)
#15 0x562f91f22f1b in glib_pollfds_poll /home/alxndr/Development/qemu-demo/qemu/build-dirty/../util/main-loop.c:297:9
#16 0x562f91f22f1b in os_host_main_loop_wait /home/alxndr/Development/qemu-demo/qemu/build-dirty/../util/main-loop.c:320:5
#17 0x562f91f22f1b in main_loop_wait /home/alxndr/Development/qemu-demo/qemu/build-dirty/../util/main-loop.c:596:11
#18 0x562f91b08c26 in qemu_main_loop /home/alxndr/Development/qemu-demo/qemu/build-dirty/../softmmu/runstate.c:734:9
#19 0x562f9183b605 in qemu_default_main /home/alxndr/Development/qemu-demo/qemu/build-dirty/../softmmu/main.c:37:14
#20 0x7f26daa53209 in __libc_start_call_main csu/../sysdeps/nptl/libc_start_call_main.h:58:16
#21 0x7f26daa532bb in __libc_start_main csu/../csu/libc-start.c:389:3
#22 0x562f91817440 in _start (/home/alxndr/Development/qemu-demo/qemu/build-dirty/qemu-system-i386+0x4a0440)
OSS-Fuzz Report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=52219
libqtest Reproducer: repro.c
Thank you
Edited by Alexander Bulekov