summary refs log tree commit diff stats
path: root/results/classifier/zero-shot/118/graphic/2853
diff options
context:
space:
mode:
Diffstat (limited to 'results/classifier/zero-shot/118/graphic/2853')
-rw-r--r--results/classifier/zero-shot/118/graphic/285384
1 files changed, 84 insertions, 0 deletions
diff --git a/results/classifier/zero-shot/118/graphic/2853 b/results/classifier/zero-shot/118/graphic/2853
new file mode 100644
index 000000000..c1199fbca
--- /dev/null
+++ b/results/classifier/zero-shot/118/graphic/2853
@@ -0,0 +1,84 @@
+graphic: 0.807
+VMM: 0.756
+TCG: 0.753
+performance: 0.738
+x86: 0.732
+permissions: 0.731
+peripherals: 0.723
+hypervisor: 0.716
+semantic: 0.713
+risc-v: 0.713
+architecture: 0.709
+KVM: 0.707
+debug: 0.705
+network: 0.698
+ppc: 0.695
+vnc: 0.692
+register: 0.681
+virtual: 0.674
+arm: 0.671
+device: 0.665
+PID: 0.657
+files: 0.645
+user-level: 0.638
+mistranslation: 0.633
+socket: 0.628
+boot: 0.596
+kernel: 0.592
+assembly: 0.589
+i386: 0.566
+
+double-free in vmdk_add_extent()
+Description of problem:
+A double-free issue in the VMDK driver occurs when handling snapshots.
+The memory allocated for extent structures is freed twice: first in
+vmdk_close (block/vmdk.c) and then in vmdk_add_extent (block/vmdk.c).
+Steps to reproduce:
+1. [test.raw](/uploads/deeb9dc3cab1916adadd211173cd175a/test.raw)
+2. ./qemu-img snapshot -q -a test test.raw
+Additional information:
+<details>
+<pre>
+./qemu-img snapshot -q -a test  test.raw
+==18180==WARNING: ASan doesn't fully support makecontext/swapcontext functions and may produce false positives in some cases!
+=================================================================
+==18180==ERROR: AddressSanitizer: attempting double-free on 0x612000011bc0 in thread T0:
+    #0 0x5605ba505168 in realloc /usr/src/RPM/BUILD/llvm-11.0.1.src/projects/compiler-rt/lib/asan/asan_malloc_linux.cpp:164:3
+    #1 0x7f22be5fd6b7 in g_realloc (/lib64/libglib-2.0.so.0+0x5c6b7)
+    #2 0x5605ba866a79 in vmdk_add_extent /home/gerben/qemu-img_fuzz/build/../block/vmdk.c:570:18
+    #3 0x5605ba86122e in vmdk_open_vmdk4 /home/gerben/qemu-img_fuzz/build/../block/vmdk.c:1059:11
+    #4 0x5605ba86122e in vmdk_open_sparse /home/gerben/qemu-img_fuzz/build/../block/vmdk.c:1127:20
+    #5 0x5605ba85723a in vmdk_open /home/gerben/qemu-img_fuzz/build/../block/vmdk.c:1371:19
+    #6 0x5605ba803ca4 in bdrv_snapshot_goto /home/gerben/qemu-img_fuzz/build/../block/snapshot.c:299:20
+    #7 0x5605baa8cdd2 in img_snapshot /home/gerben/qemu-img_fuzz/build/../qemu-img.c:3500:15
+    #8 0x7f22bd559efc in __libc_start_main (/lib64/libc.so.6+0x27efc)
+    #9 0x5605ba4619f9 in _start /usr/src/RPM/BUILD/glibc-2.32-alt5.p10.3/csu/../sysdeps/x86_64/start.S:120
+
+0x612000011bc0 is located 0 bytes inside of 272-byte region [0x612000011bc0,0x612000011cd0)
+freed by thread T0 here:
+    #0 0x5605ba504aef in free /usr/src/RPM/BUILD/llvm-11.0.1.src/projects/compiler-rt/lib/asan/asan_malloc_linux.cpp:123:3
+    #1 0x5605ba857e6d in vmdk_close /home/gerben/qemu-img_fuzz/build/../block/vmdk.c:2889:5
+    #2 0x5605ba803bb2 in bdrv_snapshot_goto /home/gerben/qemu-img_fuzz/build/../block/snapshot.c:290:13
+    #3 0x5605baa8cdd2 in img_snapshot /home/gerben/qemu-img_fuzz/build/../qemu-img.c:3500:15
+    #4 0x7f22bd559efc in __libc_start_main (/lib64/libc.so.6+0x27efc)
+
+previously allocated by thread T0 here:
+    #0 0x5605ba505168 in realloc /usr/src/RPM/BUILD/llvm-11.0.1.src/projects/compiler-rt/lib/asan/asan_malloc_linux.cpp:164:3
+    #1 0x7f22be5fd6b7 in g_realloc (/lib64/libglib-2.0.so.0+0x5c6b7)
+    #2 0x5605ba86122e in vmdk_open_vmdk4 /home/gerben/qemu-img_fuzz/build/../block/vmdk.c:1059:11
+    #3 0x5605ba86122e in vmdk_open_sparse /home/gerben/qemu-img_fuzz/build/../block/vmdk.c:1127:20
+    #4 0x5605ba85723a in vmdk_open /home/gerben/qemu-img_fuzz/build/../block/vmdk.c:1371:19
+    #5 0x5605ba56e3a2 in bdrv_open_driver /home/gerben/qemu-img_fuzz/build/../block.c:1660:15
+    #6 0x5605ba57ea50 in bdrv_open_common /home/gerben/qemu-img_fuzz/build/../block.c:1985:11
+    #7 0x5605ba57ea50 in bdrv_open_inherit /home/gerben/qemu-img_fuzz/build/../block.c:4153:11
+    #8 0x5605ba585cb8 in bdrv_open /home/gerben/qemu-img_fuzz/build/../block.c:4248:12
+    #9 0x5605ba637d4c in blk_new_open /home/gerben/qemu-img_fuzz/build/../block/block-backend.c:457:10
+    #10 0x5605baa9193b in img_open_file /home/gerben/qemu-img_fuzz/build/../qemu-img.c:405:11
+    #11 0x5605baa9143e in img_open /home/gerben/qemu-img_fuzz/build/../qemu-img.c:450:15
+    #12 0x5605baa8cc71 in img_snapshot /home/gerben/qemu-img_fuzz/build/../qemu-img.c:3468:11
+    #13 0x7f22bd559efc in __libc_start_main (/lib64/libc.so.6+0x27efc)
+
+SUMMARY: AddressSanitizer: double-free /usr/src/RPM/BUILD/llvm-11.0.1.src/projects/compiler-rt/lib/asan/asan_malloc_linux.cpp:164:3 in realloc
+==18180==ABORTING
+</pre>
+</details>