summary refs log tree commit diff stats
path: root/results/scraper/launchpad-without-comments/1913916
diff options
context:
space:
mode:
Diffstat (limited to 'results/scraper/launchpad-without-comments/1913916')
-rw-r--r--results/scraper/launchpad-without-comments/191391668
1 files changed, 68 insertions, 0 deletions
diff --git a/results/scraper/launchpad-without-comments/1913916 b/results/scraper/launchpad-without-comments/1913916
new file mode 100644
index 000000000..6aa4798ac
--- /dev/null
+++ b/results/scraper/launchpad-without-comments/1913916
@@ -0,0 +1,68 @@
+aarch64-virt: heap-buffer-overflow in address_space_lookup_region
+
+Reproducer:
+cat << EOF | ./qemu-system-aarch64 \
+-machine virt,accel=qtest -qtest stdio
+writel 0x8000f00 0xff4affb0
+writel 0x8000f00 0xf2f8017f
+writeq 0x801000e 0x5a5a5a6c8ff7004b
+writeq 0x8010010 0x5a5a5a5a73ba2f00
+writel 0x8000000 0x3bf5a03
+writel 0x8000000 0x3bf5a03
+writeq 0x8010000 0x10ffff03fbffffff
+writel 0x8000f1f 0x5a55fc00
+readl 0x8011f00
+readl 0x80000d3
+readl 0x80000d3
+clock_step
+writeq 0x4010008004 0x4604fffdffc54c01
+writeq 0x4010008002 0xf7478b3f5aff5a55
+writel 0x8000f00 0x2d6954
+writel 0x800005a 0x2706fcf
+readq 0x800002c
+readw 0x9000004
+readq 0x800002c
+writeq 0x801000e 0x5555017f00017f00
+writew 0x8010000 0x55
+writew 0x8010000 0x465a
+writew 0x8010000 0x55
+writew 0x8010000 0xaf00
+writeq 0x8010015 0x3b5a5a5555460000
+writeq 0x8010015 0xd546002b2b000000
+writeq 0x8010015 0xc44ea5aaaab9ffff
+readq 0x8000a5a
+EOF
+
+Stacktrace:
+==638893==ERROR: AddressSanitizer: heap-buffer-overflow on address 0x629000022b84 at pc 0x55915c484d92 bp 0x7ffcde114a00 sp 0x7ffcde1149f8
+READ of size 2 at 0x629000022b84 thread T0
+    #0 0x55915c484d91 in address_space_lookup_region /home/alxndr/Development/qemu/build/../softmmu/physmem.c:345:36
+    #1 0x55915c484d91 in address_space_translate_internal /home/alxndr/Development/qemu/build/../softmmu/physmem.c:359:15
+    #2 0x55915c481d90 in flatview_do_translate /home/alxndr/Development/qemu/build/../softmmu/physmem.c:497:15
+    #3 0x55915c48214e in flatview_translate /home/alxndr/Development/qemu/build/../softmmu/physmem.c:563:15
+    #4 0x55915c107ff9 in address_space_read /home/alxndr/Development/qemu/include/exec/memory.h:2477:18
+    #5 0x55915c107ff9 in qtest_process_command /home/alxndr/Development/qemu/build/../softmmu/qtest.c:572:13
+    #6 0x55915c102b97 in qtest_process_inbuf /home/alxndr/Development/qemu/build/../softmmu/qtest.c:797:9
+    #7 0x55915c953286 in fd_chr_read /home/alxndr/Development/qemu/build/../chardev/char-fd.c:68:9
+    #8 0x7f02be25daae in g_main_context_dispatch (/usr/lib/x86_64-linux-gnu/libglib-2.0.so.0+0x51aae)
+    #9 0x55915cfae363 in glib_pollfds_poll /home/alxndr/Development/qemu/build/../util/main-loop.c:232:9
+    #10 0x55915cfae363 in os_host_main_loop_wait /home/alxndr/Development/qemu/build/../util/main-loop.c:255:5
+    #11 0x55915cfae363 in main_loop_wait /home/alxndr/Development/qemu/build/../util/main-loop.c:531:11
+    #12 0x55915c069599 in qemu_main_loop /home/alxndr/Development/qemu/build/../softmmu/runstate.c:721:9
+    #13 0x55915a2f61fd in main /home/alxndr/Development/qemu/build/../softmmu/main.c:50:5
+    #14 0x7f02bdd02cc9 in __libc_start_main csu/../csu/libc-start.c:308:16
+    #15 0x55915a249bc9 in _start (/home/alxndr/Development/qemu/build/qemu-system-aarch64+0x3350bc9)
+
+0x629000022b84 is located 660 bytes to the right of 18160-byte region [0x62900001e200,0x6290000228f0)
+allocated by thread T0 here:
+    #0 0x55915a2c3c3d in malloc (/home/alxndr/Development/qemu/build/qemu-system-aarch64+0x33cac3d)
+    #1 0x7f02be263a88 in g_malloc (/usr/lib/x86_64-linux-gnu/libglib-2.0.so.0+0x57a88)
+    #2 0x55915c932cbd in qdev_new /home/alxndr/Development/qemu/build/../hw/core/qdev.c:153:19
+    #3 0x55915b559360 in create_gic /home/alxndr/Development/qemu/build/../hw/arm/virt.c:631:16
+    #4 0x55915b5449d2 in machvirt_init /home/alxndr/Development/qemu/build/../hw/arm/virt.c:1966:5
+    #5 0x55915a62bac0 in machine_run_board_init /home/alxndr/Development/qemu/build/../hw/core/machine.c:1169:5
+    #6 0x55915c02b8d8 in qemu_init_board /home/alxndr/Development/qemu/build/../softmmu/vl.c:2455:5
+    #7 0x55915c02b8d8 in qmp_x_exit_preconfig /home/alxndr/Development/qemu/build/../softmmu/vl.c:2526:5
+    #8 0x55915c035d91 in qemu_init /home/alxndr/Development/qemu/build/../softmmu/vl.c:3533:9
+    #9 0x55915a2f61f8 in main /home/alxndr/Development/qemu/build/../softmmu/main.c:49:5
+    #10 0x7f02bdd02cc9 in __libc_start_main csu/../csu/libc-start.c:308:16
\ No newline at end of file