summary refs log tree commit diff stats
path: root/results/classifier/108/other/2428
diff options
context:
space:
mode:
Diffstat (limited to 'results/classifier/108/other/2428')
-rw-r--r--results/classifier/108/other/242844
1 files changed, 44 insertions, 0 deletions
diff --git a/results/classifier/108/other/2428 b/results/classifier/108/other/2428
new file mode 100644
index 000000000..ea1ab01ab
--- /dev/null
+++ b/results/classifier/108/other/2428
@@ -0,0 +1,44 @@
+graphic: 0.839
+device: 0.819
+semantic: 0.627
+debug: 0.432
+PID: 0.386
+vnc: 0.340
+boot: 0.262
+performance: 0.244
+socket: 0.218
+KVM: 0.171
+files: 0.123
+permissions: 0.119
+network: 0.108
+other: 0.089
+
+Null-pointer-dereference in ufs
+Description of problem:
+The following log reveals it:
+
+```
+../hw/ufs/ufs.c:740:13: runtime error: member access within null pointer of type 'UfsSq' (aka 'struct UfsSq')
+SUMMARY: UndefinedBehaviorSanitizer: undefined-behavior ../hw/ufs/ufs.c:740:13 in
+AddressSanitizer:DEADLYSIGNAL
+=================================================================
+==848760==ERROR: AddressSanitizer: SEGV on unknown address 0x000000000020 (pc 0x6220e29edfce bp 0x7fffea0c6cf0 sp 0x7fffea0c6c40 T0)
+==848760==The signal is caused by a READ memory access.
+==848760==Hint: address points to the zero page.
+    #0 0x6220e29edfce in ufs_mcq_process_db hw/ufs/ufs.c:740:9
+    #1 0x6220e29dc10f in ufs_write_mcq_op_reg hw/ufs/ufs.c:758:13
+    #2 0x6220e29d85c6 in ufs_mmio_write hw/ufs/ufs.c:813:9
+```
+Steps to reproduce:
+```
+cat << EOF | qemu-system-x86_64  \
+-display none -machine accel=qtest, -m 512M -M q35 -nodefaults -drive \
+file=null-co://,if=none,id=disk0 -device ufs,id=ufs_bus -device \
+ufs-lu,drive=disk0,bus=ufs_bus -qtest stdio
+outl 0xcf8 0x80000810
+outl 0xcfc 0xe0000000
+outl 0xcf8 0x80000804
+outw 0xcfc 0x02
+write 0xe0001004 0x1 0x01
+EOF
+```