1 files changed, 53 insertions, 0 deletions

diff --git a/results/classifier/105/network/1904954 b/results/classifier/105/network/1904954
new file mode 100644
index 00000000..a537ceab
--- /dev/null
+++ b/results/classifier/105/network/1904954
@@ -0,0 +1,53 @@
+network: 0.849
+socket: 0.785
+mistranslation: 0.751
+device: 0.672
+instruction: 0.666
+other: 0.604
+graphic: 0.561
+semantic: 0.531
+vnc: 0.511
+boot: 0.407
+assembly: 0.233
+KVM: 0.196
+
+lan9118 bug peeked received message size not equal to actual received message size
+
+peeked message is not equal to read message
+
+
+Bug in the code at line:
+https://github.com/qemu/qemu/blob/master/hw/net/lan9118.c#L1209
+
+s->tx_status_fifo_head should be s->rx_status_fifo_head
+
+Thanks,
+
+Alfred
+
+Do you have a test case that will reproduce this bug ?
+
+
+(The line of code you point out is pretty clearly wrong; it would just be nice to have a test case to confirm that the obvious fix works.)
+
+This patchset should fix this bug:
+https://<email address hidden>/
+
+PS: this isn't a security issue because the lan9118 is used only on board models that can't run under KVM and so it is not on QEMU's security boundary.
+
+
+We do have some code, that is giving different results, between the peeked and the actual:
+
+https://github.com/FreeRTOS/FreeRTOS-Plus-TCP/blob/9a25860e761036a9eb780799c9db632e3eff60c9/portable/NetworkInterface/MPS2_AN385/NetworkInterface.c#L237
+
+We also have a fix to circumvent the problem by just reading the actual size and omit the peeked bytes.
+
+https://github.com/FreeRTOS/FreeRTOS-Plus-TCP/pull/142
+
+changing the code i pointed locally worked fine, but we can't expect all our users to compile qemu from scratch and apply a patch
+
+Alfred
+
+Fix now in master: commit e7e29fdbbe07f.
+
+