summary refs log tree commit diff stats
path: root/results/classifier/deepseek-2-tmp/output/manual-review/1878043
diff options
context:
space:
mode:
Diffstat (limited to 'results/classifier/deepseek-2-tmp/output/manual-review/1878043')
-rw-r--r--results/classifier/deepseek-2-tmp/output/manual-review/187804370
1 files changed, 0 insertions, 70 deletions
diff --git a/results/classifier/deepseek-2-tmp/output/manual-review/1878043 b/results/classifier/deepseek-2-tmp/output/manual-review/1878043
deleted file mode 100644
index 57cd4ce9..00000000
--- a/results/classifier/deepseek-2-tmp/output/manual-review/1878043
+++ /dev/null
@@ -1,70 +0,0 @@
-
-memcpy param-overlap in Slirp ip_stripoptions through e1000e
-
-Hello,
-While fuzzing, I found an input that triggers an overlapping memcpy (caught by AddressSanitizer).
-Overlapping memcpys are undefined behavior according to the POSIX and C standards, and can lead to bugs.
-
-==16666==ERROR: AddressSanitizer: memcpy-param-overlap: memory ranges [0x625000264940,0x62500026699a) and [0x625000264948, 0x6250002669a2) overlap
-    #0 0x5622d7b6a3d4 in __asan_memcpy (/home/alxndr/Development/qemu/build/i386-softmmu/qemu-system-i386+0x96c3d4)
-    #1 0x5622d896a2d2 in ip_stripoptions /home/alxndr/Development/qemu/slirp/src/ip_input.c:457:5
-    #2 0x5622d8963378 in udp_input /home/alxndr/Development/qemu/slirp/src/udp.c:86:9
-    #3 0x5622d89351ea in slirp_input /home/alxndr/Development/qemu/slirp/src/slirp.c:840:13
-    #4 0x5622d852e162 in net_slirp_receive /home/alxndr/Development/qemu/net/slirp.c:126:5
-    #5 0x5622d8515851 in nc_sendv_compat /home/alxndr/Development/qemu/net/net.c:700:15
-    #6 0x5622d8515851 in qemu_deliver_packet_iov /home/alxndr/Development/qemu/net/net.c:728:15
-    #7 0x5622d851786d in qemu_net_queue_deliver_iov /home/alxndr/Development/qemu/net/queue.c:179:11
-    #8 0x5622d851786d in qemu_net_queue_send_iov /home/alxndr/Development/qemu/net/queue.c:224:11
-    #9 0x5622d851b1c1 in net_hub_receive_iov /home/alxndr/Development/qemu/net/hub.c:74:9
-    #10 0x5622d851b1c1 in net_hub_port_receive_iov /home/alxndr/Development/qemu/net/hub.c:125:12
-    #11 0x5622d851572b in qemu_deliver_packet_iov /home/alxndr/Development/qemu/net/net.c:726:15
-    #12 0x5622d851786d in qemu_net_queue_deliver_iov /home/alxndr/Development/qemu/net/queue.c:179:11
-    #13 0x5622d851786d in qemu_net_queue_send_iov /home/alxndr/Development/qemu/net/queue.c:224:11
-    #14 0x5622d828bf87 in net_tx_pkt_sendv /home/alxndr/Development/qemu/hw/net/net_tx_pkt.c:546:9
-    #15 0x5622d828bf87 in net_tx_pkt_send /home/alxndr/Development/qemu/hw/net/net_tx_pkt.c:620:9
-    #16 0x5622d82b5f22 in e1000e_tx_pkt_send /home/alxndr/Development/qemu/hw/net/e1000e_core.c:666:16
-    #17 0x5622d82b5f22 in e1000e_process_tx_desc /home/alxndr/Development/qemu/hw/net/e1000e_core.c:743:17
-    #18 0x5622d82b5f22 in e1000e_start_xmit /home/alxndr/Development/qemu/hw/net/e1000e_core.c:934:9
-    #19 0x5622d82b2be0 in e1000e_set_tdt /home/alxndr/Development/qemu/hw/net/e1000e_core.c:2451:9
-    #20 0x5622d82a30fc in e1000e_core_write /home/alxndr/Development/qemu/hw/net/e1000e_core.c:3261:9
-    #21 0x5622d7c9e336 in memory_region_write_accessor /home/alxndr/Development/qemu/memory.c:483:5
-    #22 0x5622d7c9dcdf in access_with_adjusted_size /home/alxndr/Development/qemu/memory.c:544:18
-    #23 0x5622d7c9dcdf in memory_region_dispatch_write /home/alxndr/Development/qemu/memory.c:1476:16
-    #24 0x5622d7bb31d3 in flatview_write_continue /home/alxndr/Development/qemu/exec.c:3137:23
-    #25 0x5622d7babb97 in flatview_write /home/alxndr/Development/qemu/exec.c:3177:14
-    #26 0x5622d7babb97 in address_space_write /home/alxndr/Development/qemu/exec.c:3268:18
-
-0x625000264940 is located 64 bytes inside of 8354-byte region [0x625000264900,0x6250002669a2)
-allocated by thread T0 here:
-    #0 0x5622d7b6b06d in malloc (/home/alxndr/Development/qemu/build/i386-softmmu/qemu-system-i386+0x96d06d)
-    #1 0x7f724b932500 in g_malloc (/usr/lib/x86_64-linux-gnu/libglib-2.0.so.0+0x54500)
-
-0x625000264948 is located 72 bytes inside of 8354-byte region [0x625000264900,0x6250002669a2)
-allocated by thread T0 here:
-    #0 0x5622d7b6b06d in malloc (/home/alxndr/Development/qemu/build/i386-softmmu/qemu-system-i386+0x96d06d)
-    #1 0x7f724b932500 in g_malloc (/usr/lib/x86_64-linux-gnu/libglib-2.0.so.0+0x54500)
-
-I can reproduce it in qemu 5.0 built with --enable-sanitizers using:
-cat << EOF | ~/Development/qemu/build/i386-softmmu/qemu-system-i386 -M pc-q35-5.0 -accel qtest -qtest stdio -nographic -monitor none -serial none
-outl 0xcf8 0x80001010
-outl 0xcfc 0xe1020000
-outl 0xcf8 0x80001014
-outl 0xcf8 0x80001004
-outw 0xcfc 0x7
-outl 0xcf8 0x800010a2
-outl 0xcf8 0x8000fa24
-outl 0xcfc 0xe1069000
-outl 0xcf8 0x8000fa04
-outw 0xcfc 0x7
-outl 0xcf8 0x8000fb20
-write 0xe1069100 0xe 0xff810000000000008420f9e10019
-write 0x820b 0xc 0x080047bb0c02e10000004011
-write 0xe1020403 0x36 0xb700000000e1000f009006e100000000625c5e0000b700000000e1000f009006e100000000625c5e0000b700000000e1000f009006e1
-EOF
-
-I also attached the trace to this launchpad report, in case the formatting is broken:
-
-qemu-system-i386 -M pc-q35-5.0 -accel qtest -qtest stdio -nographic -monitor none -serial none < attachment
-
-Please let me know if I can provide any further info.
--Alex
\ No newline at end of file