diff options
| author | Christian Krinitsin <mail@krinitsin.com> | 2025-07-03 07:27:52 +0000 |
|---|---|---|
| committer | Christian Krinitsin <mail@krinitsin.com> | 2025-07-03 07:27:52 +0000 |
| commit | d0c85e36e4de67af628d54e9ab577cc3fad7796a (patch) | |
| tree | f8f784b0f04343b90516a338d6df81df3a85dfa2 /results/classifier/gemma3:12b/kvm/994662 | |
| parent | 7f4364274750eb8cb39a3e7493132fca1c01232e (diff) | |
| download | emulator-bug-study-d0c85e36e4de67af628d54e9ab577cc3fad7796a.tar.gz emulator-bug-study-d0c85e36e4de67af628d54e9ab577cc3fad7796a.zip | |
add deepseek and gemma results
Diffstat (limited to 'results/classifier/gemma3:12b/kvm/994662')
| -rw-r--r-- | results/classifier/gemma3:12b/kvm/994662 | 160 |
1 files changed, 160 insertions, 0 deletions
diff --git a/results/classifier/gemma3:12b/kvm/994662 b/results/classifier/gemma3:12b/kvm/994662 new file mode 100644 index 00000000..9db00a3d --- /dev/null +++ b/results/classifier/gemma3:12b/kvm/994662 @@ -0,0 +1,160 @@ + +QEMU crashes on ioport access + +While running a fuzzer inside the guest, QEMU crashed with the following message and dumped the state of all vcpus: + + +qemu: hardware error: register_ioport_read: invalid opaque for address 0x0Al +CPU #0: +RAX=ffff880007a73000 RBX=ffff8800095b6000 RCX=ffff880007a33530 RDX=ffff880007a33530 +RSI=0000000000aa6000 RDI=0000000000aa6000 RBP=ffff880007c13c68 RSP=ffff880007c13c48 +R8 =0000000000000000 R9 =0000000000000000 R10=0000000000000000 R11=0000000000000001 +R12=0000000000aa6000 R13=8000000033556045 R14=0000000000aa6000 R15=ffff8800095b6000 +RIP=ffffffff8108ae02 RFL=00000282 [--S----] CPL=0 II=0 A20=1 SMM=0 HLT=0 +ES =0000 0000000000000000 ffffffff 00000000 +CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] +SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] +DS =0000 0000000000000000 ffffffff 00000000 +FS =0000 00007f7de18e8700 ffffffff 00000000 +GS =0000 ffff88000d800000 ffffffff 00000000 +LDT=0000 0000000000000000 ffffffff 00000000 +TR =0040 ffff88000d9d2540 00002087 00008b00 DPL=0 TSS64-busy +GDT= ffff88000d804000 0000007f +IDT= ffffffff8436d000 00000fff +CR0=8005003b CR2=00007f2f25752e9c CR3=0000000007a3d000 CR4=000407f0 +DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 +DR6=00000000ffff0ff0 DR7=0000000000000400 +EFER=0000000000000d01 +FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 +FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 +FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 +FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 +FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 +XMM00=0000000000ff0000000000ff00000000 XMM01=25252525252525252525252525252525 +XMM02=00000000000000000000000000000000 XMM03=ffff0000000000000000000000000000 +XMM04=00000000000000000000000000000000 XMM05=00000000000000000000000000000000 +XMM06=00000000000000000000000000000000 XMM07=00000000000000000000000000000000 +XMM08=00000000000000000000000000000000 XMM09=00000000000000000000000000000000 +XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000 +XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000 +XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000 +CPU #1: +RAX=ffff88001b588000 RBX=ffffea00004ab300 RCX=ffffc90000304000 RDX=0000000000000005 +RSI=ffffc90000304000 RDI=0050000000380028 RBP=ffff880012681c38 RSP=ffff880012681c28 +R8 =0000000000000000 R9 =0000000000000000 R10=0000000000000000 R11=0000000000000002 +R12=0000000000000004 R13=ffff88001bfd3000 R14=0000000000fef000 R15=ffff88000ed51000 +RIP=ffffffff811daf87 RFL=00000006 [-----P-] CPL=0 II=0 A20=1 SMM=0 HLT=0 +ES =0000 0000000000000000 ffffffff 00000000 +CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] +SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] +DS =0000 0000000000000000 ffffffff 00000000 +FS =0000 00007fe38bb99700 ffffffff 00000000 +GS =0000 ffff88001b800000 ffffffff 00000000 +LDT=0000 0000000000000000 ffffffff 00000000 +TR =0040 ffff88001b9d2540 00002087 00008b00 DPL=0 TSS64-busy +GDT= ffff88001b804000 0000007f +IDT= ffffffff8436d000 00000fff +CR0=8005003b CR2=00007f2f25ac4518 CR3=000000001173e000 CR4=000407e0 +DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 +DR6=00000000ffff0ff0 DR7=0000000000000400 +EFER=0000000000000d01 +FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 +FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 +FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 +FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 +FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 +XMM00=0000000000000000ff0000ff000000ff XMM01=25252525252525252525252525252525 +XMM02=00000000000000000000000000000000 XMM03=0000ff000000ff0000000000ff000000 +XMM04=00000000000000000000000000000000 XMM05=00000000000000000000000000000000 +XMM06=00000000000000000000000000000000 XMM07=00000000000000000000000000000000 +XMM08=00000000000000000000000000000000 XMM09=00000000000000000000000000000000 +XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000 +XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000 +XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000 +CPU #2: +RAX=000000000000001d RBX=0000000000000080 RCX=0000000000000080 RDX=0000000000000cfc +RSI=0000000000000000 RDI=0000000000000086 RBP=ffff8800121f7de8 RSP=ffff8800121f7db8 +R8 =0000000000000004 R9 =000000000000001d R10=0000000000000000 R11=0000000000000002 +R12=ffff88001b7b0000 R13=000000000000001d R14=0000000000000084 R15=ffff88003523ad00 +RIP=ffffffff82870591 RFL=00000046 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0 +ES =0000 0000000000000000 ffffffff 00000000 +CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] +SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] +DS =0000 0000000000000000 ffffffff 00000000 +FS =0000 00007f2f25ce7700 ffffffff 00000000 +GS =0000 ffff880029800000 ffffffff 00000000 +LDT=0000 0000000000000000 ffffffff 00000000 +TR =0040 ffff8800299d2540 00002087 00008b00 DPL=0 TSS64-busy +GDT= ffff880029804000 0000007f +IDT= ffffffff8436d000 00000fff +CR0=80050033 CR2=00007f2f25750003 CR3=0000000011b88000 CR4=000407e0 +DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 +DR6=00000000ffff0ff0 DR7=0000000000000400 +EFER=0000000000000d01 +FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 +FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 +FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 +FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 +FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 +XMM00=0000000000000000ff0000ff000000ff XMM01=25252525252525252525252525252525 +XMM02=00000000000000000000000000000000 XMM03=0000ff000000ff0000000000ff000000 +XMM04=00000000000000000000000000000000 XMM05=00000000000000000000000000000000 +XMM06=00000000000000000000000000000000 XMM07=00000000000000000000000000000000 +XMM08=00000000000000000000000000000000 XMM09=00000000000000000000000000000000 +XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000 +XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000 +XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000 +CPU #3: +RAX=0000000000000086 RBX=0000000000000086 RCX=0000000000000001 RDX=ffff88001afb3000 +RSI=0000000000000001 RDI=ffffffff810f1904 RBP=ffff88001afb9c50 RSP=ffff88001afb9c38 +R8 =0000000000000000 R9 =0000000000000001 R10=0000000000000000 R11=0000000000000001 +R12=ffff88001afb38e0 R13=0000000000000001 R14=ffffffff82d967a8 R15=ffffffff82d967a8 +RIP=ffffffff811171ee RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 +ES =0000 0000000000000000 ffffffff 00000000 +CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] +SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] +DS =0000 0000000000000000 ffffffff 00000000 +FS =0000 0000000000000000 ffffffff 00000000 +GS =0000 ffff880035a00000 ffffffff 00000000 +LDT=0000 0000000000000000 ffffffff 00000000 +TR =0040 ffff880035bd2540 00002087 00008b00 DPL=0 TSS64-busy +GDT= ffff880035a04000 0000007f +IDT= ffffffff8436d000 00000fff +CR0=8005003b CR2=0000000000af7130 CR3=000000002cffb000 CR4=000407e0 +DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 +DR6=00000000ffff0ff0 DR7=0000000000000400 +EFER=0000000000000d01 +FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 +FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 +FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 +FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 +FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 +XMM00=0000000000000000ff0000ff000000ff XMM01=25252525252525252525252525252525 +XMM02=00000000000000000000000000000000 XMM03=0000ff000000ff0000000000ff000000 +XMM04=00000000000000000000000000000000 XMM05=00000000000000000000000000000000 +XMM06=00000000000000000000000000000000 XMM07=00000000000000000000000000000000 +XMM08=00000000000000000000000000000000 XMM09=00000000000000000000000000000000 +XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000 +XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000 +XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000 + +And this is the trace: + +Thread 5 (Thread 0x7fffee7b8700 (LWP 1754)): +#0 0x00007ffff40d3ad5 in *__GI_raise (sig=6) at ../nptl/sysdeps/unix/sysv/linux/raise.c:64 +#1 0x00007ffff40d4f56 in *__GI_abort () at abort.c:93 +#2 0x000055555572a0fa in hw_error (fmt=<optimized out>) at /home/sasha/work/src/qemu-kvm/cpus.c:357 +#3 0x0000555555750265 in register_ioport_read (start=<optimized out>, length=<optimized out>, size=<optimized out>, + func=<optimized out>, opaque=<optimized out>) at /home/sasha/work/src/qemu-kvm/ioport.c:154 +#4 0x0000555555750364 in ioport_register (ioport=0x5555565401b8) at /home/sasha/work/src/qemu-kvm/ioport.c:240 +#5 0x000055555575e910 in access_with_adjusted_size (addr=0, value=0x7fffee7b7db8, size=4, access_size_min=<optimized out>, + access_size_max=<optimized out>, access=0x55555575e830 <memory_region_write_accessor>, opaque=0x5555564c1eb0) + at /home/sasha/work/src/qemu-kvm/memory.c:359 +#6 0x0000555555760212 in memory_region_iorange_write (iorange=<optimized out>, offset=0, width=4, data=29) + at /home/sasha/work/src/qemu-kvm/memory.c:436 +#7 0x000055555575375d in kvm_handle_io (count=1, size=4, direction=1025, data=<optimized out>, port=3324) + at /home/sasha/work/src/qemu-kvm/kvm-all.c:1132 +#8 kvm_cpu_exec (env=0x55555648b810) at /home/sasha/work/src/qemu-kvm/kvm-all.c:1274 +#9 0x0000555555729781 in qemu_kvm_cpu_thread_fn (arg=0x55555648b810) at /home/sasha/work/src/qemu-kvm/cpus.c:733 +#10 0x00007ffff647ad0c in start_thread (arg=0x7fffee7b8700) at pthread_create.c:301 +#11 0x00007ffff417af1d in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:115 \ No newline at end of file |