restructure results

author: Christian Krinitsin <mail@krinitsin.com> 2025-07-03 19:39:53 +0200
committer: Christian Krinitsin <mail@krinitsin.com> 2025-07-03 19:39:53 +0200
commit: dee4dcba78baf712cab403d47d9db319ab7f95d6 (patch)
tree: 418478faf06786701a56268672f73d6b0b4eb239 /results/classifier/deepseek-r1:14b/output/files/588803
parent: 4d9e26c0333abd39bdbd039dcdb30ed429c475ba (diff)
download: qemu-analysis-dee4dcba78baf712cab403d47d9db319ab7f95d6.tar.gz
qemu-analysis-dee4dcba78baf712cab403d47d9db319ab7f95d6.zip
1 files changed, 72 insertions, 0 deletions
diff --git a/results/classifier/deepseek-r1:14b/output/files/588803 b/results/classifier/deepseek-r1:14b/output/files/588803
new file mode 100644
index 000000000..b7c1b4058
--- /dev/null
+++ b/results/classifier/deepseek-r1:14b/output/files/588803
@@ -0,0 +1,72 @@
+
+Image corruption during snapshot creation/deletion
+
+Hello,
+
+The creation/deletion of snapshots sometimes crashes and corrupts the VM image and provoke a segmentation fault in "strcmp", called from "bdrv_snapshot_find".
+
+Here is a patch that temporarily fixes that (it fixes the segfault but not its reason) :
+
+--- qemu-kvm-0.12.2-old/savevm.c	2010-01-18 19:48:25.000000000 +0100
++++ qemu-kvm-0.12.2/savevm.c	2010-02-12 13:45:07.225644169 +0100
+@@ -1624,6 +1624,7 @@
+     int nb_sns, i, ret;
+ 
+     ret = -ENOENT;
++	if (!name) return ret;
+     nb_sns = bdrv_snapshot_list(bs, &sn_tab);
+     if (nb_sns < 0)
+         return ret;
+@@ -1649,6 +1650,8 @@
+     QEMUSnapshotInfo sn1, *snapshot = &sn1;
+     int ret;
+ 
++	if (!name) return 0;
++
+     QTAILQ_FOREACH(dinfo, &drives, next) {
+         bs = dinfo->bdrv;
+         if (bdrv_can_snapshot(bs) &&
+@@ -1777,6 +1780,11 @@
+     QTAILQ_FOREACH(dinfo, &drives, next) {
+         bs1 = dinfo->bdrv;
+         if (bdrv_has_snapshot(bs1)) {
++			if (!name) {
++				monitor_printf(mon, "Could not find snapshot 'NULL' on "
++								                   "device '%s'\n",
++								                   bdrv_get_device_name(bs1));
++			}
+             ret = bdrv_snapshot_goto(bs1, name);
+             if (ret < 0) {
+                 if (bs != bs1)
+@@ -1804,6 +1812,11 @@
+         }
+     }
+ 
++	if (!name) {
++		monitor_printf(mon, "VM state name is NULL\n");
++		return -EINVAL;
++	}
++
+     /* Don't even try to load empty VM states */
+     ret = bdrv_snapshot_find(bs, &sn, name);
+     if ((ret >= 0) && (sn.vm_state_size == 0))
+@@ -1840,6 +1853,11 @@
+     QTAILQ_FOREACH(dinfo, &drives, next) {
+         bs1 = dinfo->bdrv;
+         if (bdrv_has_snapshot(bs1)) {
++			if (!name) {
++				monitor_printf(mon, "Could not find snapshot 'NULL' on "
++								                   "device '%s'\n",
++								                   bdrv_get_device_name(bs1));
++			}
+             ret = bdrv_snapshot_delete(bs1, name);
+             if (ret < 0) {
+                 if (ret == -ENOTSUP)
+
+
+The patch is very simple. Some checks on the variable "name" were missing in "savevm.c".
+
+Regards,
+
+Nicolas Grandjean
+Conix Security
\ No newline at end of file
author	Christian Krinitsin <mail@krinitsin.com>	2025-07-03 19:39:53 +0200
committer	Christian Krinitsin <mail@krinitsin.com>	2025-07-03 19:39:53 +0200
commit	dee4dcba78baf712cab403d47d9db319ab7f95d6 (patch)
tree	418478faf06786701a56268672f73d6b0b4eb239 /results/classifier/deepseek-r1:14b/output/files/588803
parent	4d9e26c0333abd39bdbd039dcdb30ed429c475ba (diff)
download	qemu-analysis-dee4dcba78baf712cab403d47d9db319ab7f95d6.tar.gz qemu-analysis-dee4dcba78baf712cab403d47d9db319ab7f95d6.zip