summary refs log tree commit diff stats
path: root/results/classifier/zero-shot/105/other/2432
diff options
context:
space:
mode:
Diffstat (limited to 'results/classifier/zero-shot/105/other/2432')
-rw-r--r--results/classifier/zero-shot/105/other/243283
1 files changed, 83 insertions, 0 deletions
diff --git a/results/classifier/zero-shot/105/other/2432 b/results/classifier/zero-shot/105/other/2432
new file mode 100644
index 000000000..4190b95a7
--- /dev/null
+++ b/results/classifier/zero-shot/105/other/2432
@@ -0,0 +1,83 @@
+other: 0.922
+graphic: 0.892
+mistranslation: 0.872
+instruction: 0.868
+semantic: 0.850
+device: 0.848
+vnc: 0.824
+KVM: 0.823
+assembly: 0.817
+socket: 0.768
+boot: 0.756
+network: 0.701
+
+Bug in bcm2835_thermal interface
+Description of problem:
+Stack traces, crash detail:
+```
+#0  __pthread_kill_implementation (no_tid=0, signo=6, threadid=140737230841344) at ./nptl/pthread_kill.c:44
+#1  __pthread_kill_internal (signo=6, threadid=140737230841344) at ./nptl/pthread_kill.c:78
+#2  __GI___pthread_kill (threadid=140737230841344, signo=signo@entry=6) at ./nptl/pthread_kill.c:89
+#3  0x00007ffff5042476 in __GI_raise (sig=sig@entry=6) at ../sysdeps/posix/raise.c:26
+#4  0x00007ffff50287f3 in __GI_abort () at ./stdlib/abort.c:79
+#5  0x00007ffff6f0eb57 in  () at /lib/x86_64-linux-gnu/libglib-2.0.so.0
+#6  0x00007ffff6f6870f in g_assertion_message_expr () at /lib/x86_64-linux-gnu/libglib-2.0.so.0
+#7  0x0000555555d642a6 in bcm2835_thermal_write (opaque=0x7ffff0a475b0, addr=2, value=0, size=2)
+    at ../hw/misc/bcm2835_thermal.c:76
+#8  0x0000555556c4a119 in memory_region_write_accessor
+    (mr=0x7ffff0a478e0, addr=2, value=0x7fffffffd250, size=2, shift=0, mask=65535, attrs=...)
+    at ../system/memory.c:497
+#9  0x0000555556c49da6 in access_with_adjusted_size
+     (addr=2, value=0x7fffffffd250, size=2, access_size_min=1, access_size_max=4, access_fn=0x555556c49ef0 <memory_region_write_accessor>, mr=0x7ffff0a478e0, attrs=...) at ../system/memory.c:573
+#10 0x0000555556c49395 in memory_region_dispatch_write (mr=0x7ffff0a478e0, addr=2, data=0, op=MO_16, attrs=...)
+    at ../system/memory.c:1521
+#11 0x0000555556c84e88 in flatview_write_continue_step
+    (attrs=..., buf=0x7fffffffd470 "", len=512, mr_addr=2, l=0x7fffffffd360, mr=0x7ffff0a478e0)
+    at ../system/physmem.c:2757
+#12 0x0000555556c84c42 in flatview_write_continue
+    (fv=0x555559717490, addr=1059135490, attrs=..., ptr=0x7fffffffd470, len=512, mr_addr=2, l=2, mr=0x7ffff0a478e0) at ../system/physmem.c:2787
+#13 0x0000555556c73305 in flatview_write
+    (fv=0x555559717490, addr=1059135490, attrs=..., buf=0x7fffffffd470, len=512) at ../system/physmem.c:2818
+#14 0x0000555556c73179 in address_space_write
+--Type <RET> for more, q to quit, c to continue without paging--c
+    (as=0x5555598056f0, addr=1059135490, attrs=..., buf=0x7fffffffd470, len=512) at ../system/physmem.c:2938
+#15 0x0000555556c735df in address_space_set (as=0x5555598056f0, addr=1059135490, c=0 '\000', len=2025625, attrs=...) at ../system/physmem.c:2965
+#16 0x0000555555a95b66 in rom_reset (unused=0x0) at ../hw/core/loader.c:1284
+#17 0x0000555555ab872d in legacy_reset_hold (obj=0x5555598069b0, type=RESET_TYPE_COLD) at ../hw/core/reset.c:76
+#18 0x0000555556d7dbf4 in resettable_phase_hold (obj=0x5555598069b0, opaque=0x0, type=RESET_TYPE_COLD) at ../hw/core/resettable.c:180
+#19 0x0000555556d7d19f in resettable_container_child_foreach (obj=0x5555595573d0, cb=0x555556d7d970 <resettable_phase_hold>, opaque=0x0, type=RESET_TYPE_COLD) at ../hw/core/resetcontainer.c:54
+#20 0x0000555556d7f4a4 in resettable_child_foreach (rc=0x555558b02f50, obj=0x5555595573d0, cb=0x555556d7d970 <resettable_phase_hold>, opaque=0x0, type=RESET_TYPE_COLD) at ../hw/core/resettable.c:92
+#21 0x0000555556d7da92 in resettable_phase_hold (obj=0x5555595573d0, opaque=0x0, type=RESET_TYPE_COLD) at ../hw/core/resettable.c:169
+#22 0x0000555556d7d47a in resettable_assert_reset (obj=0x5555595573d0, type=RESET_TYPE_COLD) at ../hw/core/resettable.c:58
+#23 0x0000555556d7d2f7 in resettable_reset (obj=0x5555595573d0, type=RESET_TYPE_COLD) at ../hw/core/resettable.c:45
+#24 0x0000555555ab842e in qemu_devices_reset (reason=SHUTDOWN_CAUSE_NONE) at ../hw/core/reset.c:179
+#25 0x000055555633227d in qemu_system_reset (reason=SHUTDOWN_CAUSE_NONE) at ../system/runstate.c:493
+#26 0x0000555555aa6bd2 in qdev_machine_creation_done () at ../hw/core/machine.c:1643
+#27 0x000055555633679f in qemu_machine_creation_done (errp=0x555558587ee0 <error_fatal>) at ../system/vl.c:2685
+#28 0x0000555556335ffd in qmp_x_exit_preconfig (errp=0x555558587ee0 <error_fatal>) at ../system/vl.c:2715
+#29 0x000055555633bfe4 in qemu_init (argc=9, argv=0x7fffffffdc68) at ../system/vl.c:3759
+#30 0x0000555556d6eea2 in main (argc=9, argv=0x7fffffffdc68) at ../system/main.c:47
+```
+Description:
+I encountered a part of the code during QEMU execution that shouldn't have been reached, which led to an error.
+
+Crash detail:
+```
+ERROR:../hw/misc/bcm2835_thermal.c:76:bcm2835_thermal_write: code should not be reached
+Bail out! ERROR:../hw/misc/bcm2835_thermal.c:76:bcm2835_thermal_write: code should not be reached
+Aborted
+```
+
+Malicious inputs:
+Malicious input is attached as tar.gz archive to this file, it contains file name id:000017,sig:06,src:000428,time:48261741,execs:1725363,op:havoc,rep:8
+[malicious_input.tar.gz](/uploads/fcf47faafb59308cfdb04b3e81e788f3/malicious_input.tar.gz)
+
+Affected code area/snippet:
+
+qemu/hw/misc/bcm2835_thermal.c:bcm2835_thermal_write
+![bug](/uploads/24598ad2b9ca0edfcc7f8e422e94e87d/bug.png)
+
+Acknowledge for reporting this issue:
+Alisher Darmenov (darmenovalisher@gmail.com),
+Mohamadreza Rostami (mohamadreza.rostami@trust.tu-darmstadt.de),
+Ahmad-Reza Sadeghi (ahmad.sadeghi@trust.tu-darmstadt.de)