add 18th iteration of classifier

1 files changed, 95 insertions, 0 deletions

diff --git a/results/classifier/118/unknown/2942 b/results/classifier/118/unknown/2942
new file mode 100644
index 00000000..59d280ce
--- /dev/null
+++ b/results/classifier/118/unknown/2942
@@ -0,0 +1,95 @@
+user-level: 0.879
+mistranslation: 0.875
+arm: 0.870
+architecture: 0.863
+ppc: 0.862
+assembly: 0.854
+permissions: 0.852
+hypervisor: 0.852
+debug: 0.846
+graphic: 0.844
+virtual: 0.838
+device: 0.838
+kernel: 0.838
+register: 0.835
+KVM: 0.829
+semantic: 0.825
+TCG: 0.824
+PID: 0.823
+files: 0.818
+peripherals: 0.817
+performance: 0.816
+boot: 0.811
+socket: 0.809
+network: 0.792
+vnc: 0.788
+risc-v: 0.767
+i386: 0.765
+x86: 0.761
+VMM: 0.760
+
+arm: TCG debug assertion failure when handling an ISB or SB insn inside an IT block
+Description of problem:
+ARM thumb `IT` instruction triggers TCG debug asserts.
+
+```
+$ ./qemu-system-arm --version
+QEMU emulator version 10.0.0 (v10.0.0)
+
+$ ./qemu-system-arm -M stm32vldiscovery -nographic -device loader,file=raw-it-bug.hex -d in_asm,exec
+[...]
+Trace 0: 0x72a584000800 [00800400/0000000000000164/00000110/ff020000]
+----------------
+IN:
+0x00000108:  f000 f80a  bl       #0x120
+
+Trace 0: 0x72a584000940 [00800400/0000000000000108/00000110/ff020000]
+qemu-system-arm: ../tcg/tcg-op.c:3343: void tcg_gen_goto_tb(unsigned int): Assertion `(tcg_ctx->goto_tb_issue_mask & (1 << idx)) == 0' failed.
+```
+
+Expected behavior:
+```
+$ qemu-system-arm -M stm32vldiscovery -device loader,file=raw-hardfault.hex -d in_asm,exec,int
+[...]
+Trace 0: 0x7df6dc000800 [00800400/0000000000000164/00000110/ff020000]
+----------------
+IN:
+0x00000108:  f000 f80a  bl       #0x120
+
+Trace 0: 0x7df6dc000940 [00800400/0000000000000108/00000110/ff020000]
+----------------
+IN:
+0x00000120:  2302       movs     r3, #2
+0x00000122:  bf00       nop
+0x00000124:  f04f 25e0  mov.w    r5, #-0x1fff2000
+0x00000128:  f8d5 1d10  ldr.w    r1, [r5, #0xd10]
+0x0000012c:  f041 0014  orr      r0, r1, #0x14
+0x00000130:  f8c5 0d10  str.w    r0, [r5, #0xd10]
+0x00000134:  f8d5 0200  ldr.w    r0, [r5, #0x200]
+0x00000138:  f8d5 6100  ldr.w    r6, [r5, #0x100]
+0x0000013c:  4206       tst      r6, r0
+0x0000013e:  bf02       ittt     eq
+0x00000140:  f3bf 8f4f  dsbeq    sy
+0x00000144:  bf20       wfeeq
+
+Linking TBs 0x7df6dc000940 index 0 -> 0x7df6dc000a80
+Trace 0: 0x7df6dc000a80 [00800400/0000000000000120/00000110/ff020000]
+[...]
+Trace 0: 0x7df6dc001fc0 [00800400/0000000000000170/00000110/ff020000]
+Taking exception 3 [Prefetch Abort] on CPU 0
+...at fault address 0xdeadbeee
+...with CFSR.IACCVIOL
+...BusFault with BFSR.STKERR
+...taking pending nonsecure exception 3
+...loading from element 3 of non-secure vector table at 0xc
+...loaded new PC 0x111
+----------------
+IN:
+0x00000110:  e7fe       b        #0x110
+```
+Steps to reproduce:
+1. Build QEMU with `CONFIG_DEBUG_TCG` enabled, e.g. with `./configure --enable-debug`.
+1. Run Cortex-M firmware with `IT` instruction. (minimal example attached)
+Additional information:
+- Minimal Reproducer: [raw-it-bug.hex](/uploads/3ae30ab78f49bbc933e48c51f6bf2a2b/raw-it-bug.hex)
+- Reproduced on `main`, `v10.0.0` and `v9.1.0`.