1 files changed, 218 insertions, 0 deletions
diff --git a/results/classifier/118/graphic/1378554 b/results/classifier/118/graphic/1378554
new file mode 100644
index 00000000..94ec7611
--- /dev/null
+++ b/results/classifier/118/graphic/1378554
@@ -0,0 +1,218 @@
+graphic: 0.890
+ppc: 0.883
+register: 0.854
+KVM: 0.835
+performance: 0.834
+TCG: 0.828
+VMM: 0.824
+hypervisor: 0.817
+mistranslation: 0.815
+debug: 0.808
+vnc: 0.806
+semantic: 0.805
+assembly: 0.802
+arm: 0.799
+permissions: 0.790
+device: 0.790
+user-level: 0.787
+peripherals: 0.783
+boot: 0.780
+network: 0.775
+files: 0.773
+risc-v: 0.769
+architecture: 0.759
+PID: 0.749
+kernel: 0.742
+virtual: 0.734
+socket: 0.712
+x86: 0.636
+i386: 0.565
+
+qemu segfault in virtio_scsi_handle_cmd_req_submit on ARM 32 bit
+
+/home/rjones/d/qemu/arm-softmmu/qemu-system-arm \
+    -global virtio-blk-device.scsi=off \
+    -nodefconfig \
+    -enable-fips \
+    -nodefaults \
+    -display none \
+    -M virt \
+    -machine accel=kvm:tcg \
+    -m 500 \
+    -no-reboot \
+    -rtc driftfix=slew \
+    -global kvm-pit.lost_tick_policy=discard \
+    -kernel /home/rjones/d/libguestfs/tmp/.guestfs-1001/appliance.d/kernel \
+    -initrd /home/rjones/d/libguestfs/tmp/.guestfs-1001/appliance.d/initrd \
+    -device virtio-scsi-device,id=scsi \
+    -drive file=/home/rjones/d/libguestfs/tmp/libguestfseV4fT5/scratch.1,cache=unsafe,format=raw,id=hd0,if=none \
+    -device scsi-hd,drive=hd0 \
+    -drive file=/home/rjones/d/libguestfs/tmp/.guestfs-1001/appliance.d/root,snapshot=on,id=appliance,cache=unsafe,if=none \
+    -device scsi-hd,drive=appliance \
+    -device virtio-serial-device \
+    -serial stdio \
+    -chardev socket,path=/home/rjones/d/libguestfs/tmp/libguestfseV4fT5/guestfsd.sock,id=channel0 \
+    -device virtserialport,chardev=channel0,name=org.libguestfs.channel.0 \
+    -append 'panic=1 mem=500M console=ttyAMA0 udevtimeout=6000 no_timer_check lpj=4464640 acpi=off printk.time=1 cgroup_disable=memory root=/dev/sdb selinux=0 guestfs_verbose=1 TERM=xterm-256color'
+
+The appliance boots, but segfaults as soon as the virtio-scsi driver is loaded:
+
+supermin: internal insmod virtio_scsi.ko
+[    3.992963] scsi0 : Virtio SCSI HBA
+libguestfs: error: appliance closed the connection unexpectedly, see earlier error messages
+
+I captured a core dump:
+
+Core was generated by `/home/rjones/d/qemu/arm-softmmu/qemu-system-arm -global virtio-blk-device.scsi='.
+Program terminated with signal SIGSEGV, Segmentation fault.
+#0  0x000856bc in virtio_scsi_handle_cmd_req_submit (s=<optimized out>, 
+    req=0x6c03acf8) at /home/rjones/d/qemu/hw/scsi/virtio-scsi.c:551
+551	    bdrv_io_unplug(req->sreq->dev->conf.bs);
+(gdb) bt
+#0  0x000856bc in virtio_scsi_handle_cmd_req_submit (s=<optimized out>, 
+    req=0x6c03acf8) at /home/rjones/d/qemu/hw/scsi/virtio-scsi.c:551
+#1  0x0008573a in virtio_scsi_handle_cmd (vdev=0xac4d68, vq=0xafe4b8)
+    at /home/rjones/d/qemu/hw/scsi/virtio-scsi.c:573
+#2  0x0004fdbe in access_with_adjusted_size (addr=80, 
+    value=value@entry=0x4443e6c0, size=size@entry=4, access_size_min=1, 
+    access_size_max=<optimized out>, access_size_max@entry=0, 
+    access=access@entry=0x4fee9 <memory_region_write_accessor>, 
+    mr=mr@entry=0xa53fa8) at /home/rjones/d/qemu/memory.c:480
+#3  0x00054234 in memory_region_dispatch_write (size=4, data=2, 
+    addr=<optimized out>, mr=0xa53fa8) at /home/rjones/d/qemu/memory.c:1117
+#4  io_mem_write (mr=0xa53fa8, addr=<optimized out>, val=val@entry=2, 
+    size=size@entry=4) at /home/rjones/d/qemu/memory.c:1958
+#5  0x00021c88 in address_space_rw (as=0x3b96b4 <address_space_memory>, 
+    addr=167788112, buf=buf@entry=0x4443e790 "\002", len=len@entry=4, 
+    is_write=is_write@entry=true) at /home/rjones/d/qemu/exec.c:2135
+#6  0x00021de6 in address_space_write (len=4, buf=0x4443e790 "\002", 
+    addr=<optimized out>, as=<optimized out>)
+    at /home/rjones/d/qemu/exec.c:2202
+#7  subpage_write (opaque=<optimized out>, addr=<optimized out>, value=2, 
+    len=4) at /home/rjones/d/qemu/exec.c:1811
+#8  0x0004fdbe in access_with_adjusted_size (addr=592, 
+    value=value@entry=0x4443e820, size=size@entry=4, access_size_min=1, 
+    access_size_max=<optimized out>, access_size_max@entry=0, 
+    access=access@entry=0x4fee9 <memory_region_write_accessor>, 
+    mr=mr@entry=0xaed980) at /home/rjones/d/qemu/memory.c:480
+#9  0x00054234 in memory_region_dispatch_write (size=4, data=2, 
+    addr=<optimized out>, mr=0xaed980) at /home/rjones/d/qemu/memory.c:1117
+#10 io_mem_write (mr=0xaed980, addr=<optimized out>, val=2, size=size@entry=4)
+    at /home/rjones/d/qemu/memory.c:1958
+#11 0x00057f24 in io_writel (retaddr=1121296542, Cannot access memory at address 0x0
+addr=<optimized out>, val=2, 
+    physaddr=592, env=0x9d6c50) at /home/rjones/d/qemu/softmmu_template.h:381
+#12 helper_le_stl_mmu (env=0x9d6c50, addr=<optimized out>, val=2, 
+    mmu_idx=<optimized out>, retaddr=1121296542)
+    at /home/rjones/d/qemu/softmmu_template.h:419
+#13 0x42d5a0a0 in ?? ()
+Cannot access memory at address 0x0
+Backtrace stopped: previous frame identical to this frame (corrupt stack?)
+(gdb) print req
+$1 = (VirtIOSCSIReq *) 0x6c03acf8
+(gdb) print req->sreq
+$2 = (SCSIRequest *) 0xc2c2c2c2
+(gdb) print req->sreq->dev
+Cannot access memory at address 0xc2c2c2c6
+(gdb) print *req
+$3 = {
+  dev = 0x6c000040, 
+  vq = 0x6c000040, 
+  qsgl = {
+    sg = 0x0, 
+    nsg = 0, 
+    nalloc = -1027423550, 
+    size = 3267543746, 
+    dev = 0xc2c2c2c2, 
+    as = 0xc2c2c2c2
+  }, 
+  resp_iov = {
+    iov = 0xc2c2c2c2, 
+    niov = -1027423550, 
+    nalloc = -1027423550, 
+    size = 3267543746
+  }, 
+  elem = {
+    index = 3267543746, 
+    out_num = 3267543746, 
+    in_num = 3267543746, 
+    in_addr = {14033993530586874562 <repeats 1024 times>}, 
+    out_addr = {14033993530586874562 <repeats 1024 times>}, 
+    in_sg = {{
+        iov_base = 0xc2c2c2c2, 
+        iov_len = 3267543746
+      } <repeats 1024 times>}, 
+    out_sg = {{
+        iov_base = 0xc2c2c2c2, 
+        iov_len = 3267543746
+      } <repeats 1024 times>}
+  }, 
+  vring = 0xc2c2c2c2, 
+  {
+    next = {
+      tqe_next = 0xc2c2c2c2, 
+      tqe_prev = 0xc2c2c2c2
+    }, 
+    remaining = -1027423550
+  }, 
+  sreq = 0xc2c2c2c2, 
+  resp_size = 3267543746, 
+  mode = (SCSI_XFER_TO_DEV | unknown: 3267543744), 
+  resp = {
+    cmd = {
+      sense_len = 3267543746, 
+      resid = 3267543746, 
+      status_qualifier = 49858, 
+      status = 194 '\302', 
+      response = 194 '\302'
+    }, 
+    tmf = {
+      response = 194 '\302'
+    }, 
+    an = {
+      event_actual = 3267543746, 
+      response = 194 '\302'
+    }, 
+    event = {
+      event = 3267543746, 
+      lun = "\302\302\302\302\302\302\302", <incomplete sequence \302>, 
+      reason = 3267543746
+    }
+  }, 
+  req = {
+    {
+      cmd = {
+        lun = "\302\302\302\302\302\302\302", <incomplete sequence \302>, 
+        tag = 14033993530586874562, 
+        task_attr = 194 '\302', 
+        prio = 194 '\302', 
+        crn = 194 '\302'
+      }, 
+      cdb = 0x6c042d73 '\302' <repeats 36 times>, <incomplete sequence \302>
+    }, 
+    tmf = {
+      type = 3267543746, 
+      subtype = 3267543746, 
+      lun = "\302\302\302\302\302\302\302", <incomplete sequence \302>, 
+      tag = 14033993530586874562
+    }, 
+    an = {
+      type = 3267543746, 
+      lun = "\302\302\302\302\302\302\302", <incomplete sequence \302>, 
+      event_requested = 3267543746
+    }
+  }
+}
+
+This is qemu from git today (2014-10-07).
+
+The hardware is 32 bit ARM (ODROID-XU Samsung Exynos 5410).  It is running Ubuntu 14.04 LTS as the main operating system, but I am NOT using qemu from Ubuntu (which is ancient).
+
+Richard, is this 3 year old bug still an issue?
+
+
+Ah, my mail client found the thread that tells me this was fixed in commit 35e4e96c4d5bfcf. So we can close this.
+
+
+Yes, qemu's working fine on aarch64 so this must have been fixed.
+