1 files changed, 331 insertions, 0 deletions
diff --git a/results/classifier/118/none/647 b/results/classifier/118/none/647
new file mode 100644
index 00000000..a1365728
--- /dev/null
+++ b/results/classifier/118/none/647
@@ -0,0 +1,331 @@
+virtual: 0.671
+x86: 0.669
+KVM: 0.647
+graphic: 0.640
+TCG: 0.628
+hypervisor: 0.623
+vnc: 0.612
+peripherals: 0.605
+risc-v: 0.600
+permissions: 0.599
+ppc: 0.594
+VMM: 0.584
+performance: 0.583
+register: 0.583
+device: 0.575
+i386: 0.560
+architecture: 0.552
+user-level: 0.542
+arm: 0.525
+semantic: 0.522
+files: 0.516
+debug: 0.515
+assembly: 0.511
+boot: 0.510
+network: 0.498
+socket: 0.492
+mistranslation: 0.486
+PID: 0.472
+kernel: 0.470
+
+scsi_device_purge_requests() waits infinietly
+Description of problem:
+QEMU hangs typing `system_reset` in the monitor, the monitor becomes unresponsive, as does VNC.
+Steps to reproduce:
+1. In the guest as root: `dd if=/dev/sda ibs=2K obs=1M of=/dev/null`
+2. In the host monitor: `(qemu) system_reset`
+3. Attach with gdb
+4. Press ^C in the unresponsive monitor
+```
+Thread 1 "qemu-system-x86" received signal SIGINT, Interrupt.
+0x00007ffff749796e in ppoll () from /lib64/libc.so.6
+(gdb) bt
+#0  0x00007ffff749796e in ppoll () at /lib64/libc.so.6
+#1  0x00005555570e829a in ppoll ()
+#2  0x0000555559624473 in qemu_poll_ns (fds=0x6060000204e0, nfds=1, timeout=-1) at ../util/qemu-timer.c:336
+#3  0x0000555559651973 in fdmon_poll_wait (ctx=0x61300004d900, ready_list=0x7fffffffb200, timeout=-1) at ../util/fdmon-poll.c:80
+#4  0x00005555595f48f1 in aio_poll (ctx=0x61300004d900, blocking=true) at ../util/aio-posix.c:607
+#5  0x0000555559041dac in bdrv_do_drained_begin (bs=0x62900000a200, recursive=false, parent=0x0, ignore_bds_parents=false, poll=true) at ../block/io.c:473
+#6  0x00005555590414a3 in bdrv_drained_begin (bs=0x62900000a200) at ../block/io.c:479
+#7  0x000055555916f180 in blk_drain (blk=0x618000001080) at ../block/block-backend.c:1732
+#8  0x000055555778f140 in scsi_device_purge_requests (sdev=0x617000004d80, sense=...) at ../hw/scsi/scsi-bus.c:1638
+#9  0x0000555557842df9 in scsi_disk_reset (dev=0x617000004d80) at ../hw/scsi/scsi-disk.c:2248
+#10 0x00005555592a557e in device_transitional_reset (obj=0x617000004d80) at ../hw/core/qdev.c:1028
+#11 0x00005555592a7eb7 in resettable_phase_hold (obj=0x617000004d80, opaque=0x0, type=RESET_TYPE_COLD) at ../hw/core/resettable.c:182
+#12 0x000055555928a2e8 in bus_reset_child_foreach (obj=0x62d0000268d8, cb=0x5555592a78e0 <resettable_phase_hold>, opaque=0x0, type=RESET_TYPE_COLD) at ../hw/core/bus.c:97
+#13 0x00005555592aaaac in resettable_child_foreach (rc=0x60e000026f40, obj=0x62d0000268d8, cb=0x5555592a78e0 <resettable_phase_hold>, opaque=0x0, type=RESET_TYPE_COLD) at ../hw/core/resettable.c:96
+#14 0x00005555592a7b9a in resettable_phase_hold (obj=0x62d0000268d8, opaque=0x0, type=RESET_TYPE_COLD) at ../hw/core/resettable.c:173
+#15 0x00005555592a1c55 in device_reset_child_foreach (obj=0x62d000026680, cb=0x5555592a78e0 <resettable_phase_hold>, opaque=0x0, type=RESET_TYPE_COLD) at ../hw/core/qdev.c:366
+#16 0x00005555592aaaac in resettable_child_foreach (rc=0x60e000040a80, obj=0x62d000026680, cb=0x5555592a78e0 <resettable_phase_hold>, opaque=0x0, type=RESET_TYPE_COLD) at ../hw/core/resettable.c:96
+#17 0x00005555592a7b9a in resettable_phase_hold (obj=0x62d000026680, opaque=0x0, type=RESET_TYPE_COLD) at ../hw/core/resettable.c:173
+#18 0x000055555928a2e8 in bus_reset_child_foreach (obj=0x62d0000265f8, cb=0x5555592a78e0 <resettable_phase_hold>, opaque=0x0, type=RESET_TYPE_COLD) at ../hw/core/bus.c:97
+#19 0x00005555592aaaac in resettable_child_foreach (rc=0x60e000026680, obj=0x62d0000265f8, cb=0x5555592a78e0 <resettable_phase_hold>, opaque=0x0, type=RESET_TYPE_COLD) at ../hw/core/resettable.c:96
+#20 0x00005555592a7b9a in resettable_phase_hold (obj=0x62d0000265f8, opaque=0x0, type=RESET_TYPE_COLD) at ../hw/core/resettable.c:173
+#21 0x00005555592a1c55 in device_reset_child_foreach (obj=0x62d00001e400, cb=0x5555592a78e0 <resettable_phase_hold>, opaque=0x0, type=RESET_TYPE_COLD) at ../hw/core/qdev.c:366
+#22 0x00005555592aaaac in resettable_child_foreach (rc=0x60e000042300, obj=0x62d00001e400, cb=0x5555592a78e0 <resettable_phase_hold>, opaque=0x0, type=RESET_TYPE_COLD) at ../hw/core/resettable.c:96
+#23 0x00005555592a7b9a in resettable_phase_hold (obj=0x62d00001e400, opaque=0x0, type=RESET_TYPE_COLD) at ../hw/core/resettable.c:173
+#24 0x000055555928a2e8 in bus_reset_child_foreach (obj=0x62200005c260, cb=0x5555592a78e0 <resettable_phase_hold>, opaque=0x0, type=RESET_TYPE_COLD) at ../hw/core/bus.c:97
+#25 0x00005555592aaaac in resettable_child_foreach (rc=0x60e00002e2c0, obj=0x62200005c260, cb=0x5555592a78e0 <resettable_phase_hold>, opaque=0x0, type=RESET_TYPE_COLD) at ../hw/core/resettable.c:96
+#26 0x00005555592a7b9a in resettable_phase_hold (obj=0x62200005c260, opaque=0x0, type=RESET_TYPE_COLD) at ../hw/core/resettable.c:173
+#27 0x00005555592a1c55 in device_reset_child_foreach (obj=0x62200005b900, cb=0x5555592a78e0 <resettable_phase_hold>, opaque=0x0, type=RESET_TYPE_COLD) at ../hw/core/qdev.c:366
+#28 0x00005555592aaaac in resettable_child_foreach (rc=0x60e000030940, obj=0x62200005b900, cb=0x5555592a78e0 <resettable_phase_hold>, opaque=0x0, type=RESET_TYPE_COLD) at ../hw/core/resettable.c:96
+#29 0x00005555592a7b9a in resettable_phase_hold (obj=0x62200005b900, opaque=0x0, type=RESET_TYPE_COLD) at ../hw/core/resettable.c:173
+#30 0x000055555928a2e8 in bus_reset_child_foreach (obj=0x61d00008a280, cb=0x5555592a78e0 <resettable_phase_hold>, opaque=0x0, type=RESET_TYPE_COLD) at ../hw/core/bus.c:97
+#31 0x00005555592aaaac in resettable_child_foreach (rc=0x60e00002e2c0, obj=0x61d00008a280, cb=0x5555592a78e0 <resettable_phase_hold>, opaque=0x0, type=RESET_TYPE_COLD) at ../hw/core/resettable.c:96
+#32 0x00005555592a7b9a in resettable_phase_hold (obj=0x61d00008a280, opaque=0x0, type=RESET_TYPE_COLD) at ../hw/core/resettable.c:173
+#33 0x00005555592a1c55 in device_reset_child_foreach (obj=0x62a000006200, cb=0x5555592a78e0 <resettable_phase_hold>, opaque=0x0, type=RESET_TYPE_COLD) at ../hw/core/qdev.c:366
+#34 0x00005555592aaaac in resettable_child_foreach (rc=0x60e000030160, obj=0x62a000006200, cb=0x5555592a78e0 <resettable_phase_hold>, opaque=0x0, type=RESET_TYPE_COLD) at ../hw/core/resettable.c:96
+#35 0x00005555592a7b9a in resettable_phase_hold (obj=0x62a000006200, opaque=0x0, type=RESET_TYPE_COLD) at ../hw/core/resettable.c:173
+#36 0x000055555928a2e8 in bus_reset_child_foreach (obj=0x60c000020a40, cb=0x5555592a78e0 <resettable_phase_hold>, opaque=0x0, type=RESET_TYPE_COLD) at ../hw/core/bus.c:97
+#37 0x00005555592aaaac in resettable_child_foreach (rc=0x60e00002fde0, obj=0x60c000020a40, cb=0x5555592a78e0 <resettable_phase_hold>, opaque=0x0, type=RESET_TYPE_COLD) at ../hw/core/resettable.c:96
+#38 0x00005555592a7b9a in resettable_phase_hold (obj=0x60c000020a40, opaque=0x0, type=RESET_TYPE_COLD) at ../hw/core/resettable.c:173
+#39 0x00005555592a6e04 in resettable_assert_reset (obj=0x60c000020a40, type=RESET_TYPE_COLD) at ../hw/core/resettable.c:60
+#40 0x00005555592a6cb7 in resettable_reset (obj=0x60c000020a40, type=RESET_TYPE_COLD) at ../hw/core/resettable.c:45
+#41 0x00005555592a9337 in resettable_cold_reset_fn (opaque=0x60c000020a40) at ../hw/core/resettable.c:269
+#42 0x00005555592a6c35 in qemu_devices_reset () at ../hw/core/reset.c:69
+#43 0x00005555582fb4f5 in pc_machine_reset (machine=0x616000000380) at ../hw/i386/pc.c:1764
+#44 0x0000555558a58e56 in qemu_system_reset (reason=SHUTDOWN_CAUSE_HOST_QMP_SYSTEM_RESET) at ../softmmu/runstate.c:443
+#45 0x0000555558a5a746 in main_loop_should_exit () at ../softmmu/runstate.c:688
+#46 0x0000555558a5a57e in qemu_main_loop () at ../softmmu/runstate.c:722
+#47 0x00005555571acaef in main (argc=58, argv=0x7fffffffd8f8, envp=0x7fffffffdad0) at ../softmmu/main.c:50
+(gdb) 
+(gdb) fr 5
+#5  0x0000555559041dac in bdrv_do_drained_begin (bs=0x62900000a200, recursive=false, parent=0x0, ignore_bds_parents=false, poll=true) at ../block/io.c:473
+473             BDRV_POLL_WHILE(bs, bdrv_drain_poll_top_level(bs, recursive, parent));
+(gdb) p *bs
+$1 = {open_flags = 24578, encrypted = false, sg = false, probed = false, force_share = false, implicit = false, drv = 0x55555b0b0c60 <bdrv_qcow2>, opaque = 0x615000015200, aio_context = 0x6130000df080, 
+  aio_notifiers = {lh_first = 0x0}, walking_aio_notifiers = false, filename = "nvme://0000:bc:00.0/1", '\000' <repeats 4074 times>, backing_file = '\000' <repeats 4095 times>, 
+  auto_backing_file = '\000' <repeats 4095 times>, backing_format = '\000' <repeats 15 times>, full_open_options = 0x621002ba2100, exact_filename = "nvme://0000:bc:00.0/1", '\000' <repeats 4074 times>, 
+  backing = 0x0, file = 0x608000002ba0, bl = {request_alignment = 1, max_pdiscard = 0, pdiscard_alignment = 65536, max_pwrite_zeroes = 0, pwrite_zeroes_alignment = 65536, opt_transfer = 0, 
+    max_transfer = 131072, max_hw_transfer = 0, min_mem_alignment = 512, opt_mem_alignment = 4096, max_iov = 1024}, supported_read_flags = 0, supported_write_flags = 0, supported_zero_flags = 260, 
+  supported_truncate_flags = 2, node_name = "drive_nvme1", '\000' <repeats 20 times>, node_list = {tqe_next = 0x0, tqe_circ = {tql_next = 0x0, tql_prev = 0x6290000092d0}}, bs_list = {tqe_next = 0x0, 
+    tqe_circ = {tql_next = 0x0, tql_prev = 0x6290000092e0}}, monitor_list = {tqe_next = 0x0, tqe_circ = {tql_next = 0x0, tql_prev = 0x6290000092f0}}, refcnt = 2, op_blockers = {{
+      lh_first = 0x0} <repeats 16 times>}, inherits_from = 0x0, children = {lh_first = 0x608000002ba0}, parents = {lh_first = 0x608000003620}, options = 0x621000019100, explicit_options = 0x62100001a500, 
+  detect_zeroes = BLOCKDEV_DETECT_ZEROES_OPTIONS_OFF, backing_blocker = 0x0, total_sectors = 41943040, write_threshold_offset = 0, dirty_bitmap_mutex = {lock = {__data = {__lock = 0, __count = 0, __owner = 0, 
+        __nusers = 0, __kind = 0, __spins = 0, __elision = 0, __list = {__prev = 0x0, __next = 0x0}}, __size = '\000' <repeats 39 times>, __align = 0}, file = 0x0, line = 0, initialized = true}, 
+  dirty_bitmaps = {lh_first = 0x0}, wr_highest_offset = {value = 17686634496}, copy_on_read = 0, in_flight = 128, serialising_in_flight = 0, io_plugged = 0, enable_write_cache = 0, quiesce_counter = 1, 
+  recursive_quiesce_counter = 0, write_gen = 101, reqs_lock = {locked = 0, ctx = 0x0, from_push = {slh_first = 0x0}, to_pop = {slh_first = 0x0}, handoff = 0, sequence = 0, holder = 0x0}, tracked_requests = {
+    lh_first = 0x7ffc251b48a0}, flush_queue = {entries = {sqh_first = 0x0, sqh_last = 0x62900000e470}}, active_flush_req = false, flushed_gen = 81, never_freeze = false}
+(gdb) fr 4
+#4  0x00005555595f48f1 in aio_poll (ctx=0x61300004d900, blocking=true) at ../util/aio-posix.c:607
+607             ret = ctx->fdmon_ops->wait(ctx, &ready_list, timeout);
+(gdb) p timeout
+$5 = -1
+(gdb) p blocking
+$6 = true
+(gdb) p *ctx
+$3 = {source = {callback_data = 0x0, callback_funcs = 0x0, source_funcs = 0x55555b42d900 <aio_source_funcs>, ref_count = 2, context = 0x60f000000400, priority = 0, flags = 33, source_id = 1, 
+    poll_fds = 0x615000001790 = {0x60d000000860}, prev = 0x0, next = 0x61300004d3c0, name = 0x602000010a10 "aio-context", priv = 0x619000003830}, lock = {m = {lock = {__data = {__lock = 0, __count = 0, 
+          __owner = 0, __nusers = 0, __kind = 1, __spins = 0, __elision = 0, __list = {__prev = 0x0, __next = 0x0}}, __size = '\000' <repeats 16 times>, "\001", '\000' <repeats 22 times>, __align = 0}, 
+      file = 0x0, line = 0, initialized = true}}, aio_handlers = {lh_first = 0x60d000000860}, deleted_aio_handlers = {lh_first = 0x0}, notify_me = 2, list_lock = {count = 4}, bh_list = {slh_first = 0x0}, 
+  bh_slice_list = {sqh_first = 0x0, sqh_last = 0x61300004d9b8}, notified = false, notifier = {rfd = 7, wfd = 7, initialized = true}, scheduled_coroutines = {slh_first = 0x0}, co_schedule_bh = 0x604000001110, 
+  thread_pool = 0x0, tlg = {tl = {0x60b00000a1d0, 0x60b00000a280, 0x60b00000a330, 0x60b00000a3e0}}, external_disable_cnt = 0, poll_disable_cnt = 0, poll_ns = 0, poll_max_ns = 0, poll_grow = 0, 
+  poll_shrink = 0, aio_max_batch = 0, poll_aio_handlers = {lh_first = 0x60d000000860}, poll_started = false, epollfd = 6, fdmon_ops = 0x55555a4ebbc0 <fdmon_poll_ops>}
+(gdb) p ctx->bh_list
+$8 = {slh_first = 0x0}
+(gdb) p ctx->bh_slice_list
+$9 = {sqh_first = 0x0, sqh_last = 0x61300004d9b8}
+(gdb) p *ctx->bh_slice_list.sqh_last 
+$11 = (struct BHListSlice *) 0x0
+(gdb) p ctx->tlg
+$12 = {tl = {0x60b00000a1d0, 0x60b00000a280, 0x60b00000a330, 0x60b00000a3e0}}
+(gdb) p timerlist_deadline_ns(ctx->tlg.tl[0])
+$14 = -1
+(gdb) p timerlist_deadline_ns(ctx->tlg.tl[1])
+$15 = -1
+(gdb) p timerlist_deadline_ns(ctx->tlg.tl[2])
+$16 = -1
+(gdb) p timerlist_deadline_ns(ctx->tlg.tl[3])
+$17 = -1
+```
+What I see is:
+- timerlistgroup_deadline_ns() -> -1
+- aio_compute_timeout() -> -1
+- aio_poll() -> -1
+
+So scsi_device_purge_requests() waits indefinitively.
+Additional information:
+```
+../configure --enable-trace-backends=log --disable-docs --enable-debug --extra-cflags='-ggdb -fPIE' --disable-user --disable-tools  --target-list=x86_64-softmmu --cc=clang --cxx=clang++ --enable-sanitizers --disable-vhost-user
+qemu 6.1.0
+
+  Directories
+                   Install prefix: /usr/local
+                   BIOS directory: share/qemu
+                    firmware path: /usr/local/share/qemu-firmware
+                 binary directory: bin
+                library directory: lib
+                 module directory: lib/qemu
+                libexec directory: libexec
+                include directory: include
+                 config directory: /usr/local/etc
+            local state directory: /usr/local/var
+                 Manual directory: share/man
+                    Doc directory: /usr/local/share/doc
+                  Build directory: /home/philmd/qemu/build
+                      Source path: /home/philmd/qemu
+                   GIT submodules: ui/keycodemapdb meson tests/fp/berkeley-testfloat-3 tests/fp/berkeley-softfloat-3 dtc capstone slirp
+
+  Host binaries
+                              git: git
+                             make: make
+                           python: /usr/bin/python3 (version: 3.9)
+                     sphinx-build: NO
+                              gdb: /usr/bin/gdb
+                      genisoimage: /usr/bin/mkisofs
+                             smbd: "/usr/sbin/smbd"
+
+  Configurable features
+                    Documentation: NO
+            system-mode emulation: YES
+              user-mode emulation: NO
+                      block layer: YES
+                    Install blobs: YES
+                   module support: NO
+                  fuzzing support: NO
+                    Audio drivers: oss
+                   Trace backends: log
+                    QOM debugging: YES
+             vhost-kernel support: YES
+                vhost-net support: YES
+             vhost-crypto support: NO
+               vhost-scsi support: YES
+              vhost-vsock support: YES
+               vhost-user support: NO
+    vhost-user-blk server support: NO
+            vhost-user-fs support: NO
+               vhost-vdpa support: YES
+                build guest agent: YES
+
+  Compilation
+                         host CPU: x86_64
+                  host endianness: little
+                       C compiler: clang
+                  Host C compiler: clang
+                     C++ compiler: clang++
+                           CFLAGS: -O0 -g
+                         CXXFLAGS: -O0 -g
+                      QEMU_CFLAGS: -fsanitize=undefined -fsanitize=address -m64 -mcx16 -D_GNU_SOURCE -D_FILE_OFFSET_BITS=64 -D_LARGEFILE_SOURCE -Wstrict-prototypes -Wredundant-decls -Wundef -Wwrite-strings -Wmissing-prototypes -fno-strict-aliasing -fno-common -fwrapv  -ggdb -fPIE -Wold-style-definition -Wtype-limits -Wformat-security -Wformat-y2k -Winit-self -Wignored-qualifiers -Wempty-body -Wnested-externs -Wendif-labels -Wexpansion-to-defined -Wno-initializer-overrides -Wno-missing-include-dirs -Wno-shift-negative-value -Wno-string-plus-int -Wno-typedef-redefinition -Wno-tautological-type-limit-compare -Wno-psabi -fstack-protector-strong
+                     QEMU_LDFLAGS: -Wl,--warn-common -fsanitize=undefined -fsanitize=address -Wl,-z,relro -Wl,-z,now -m64  -ggdb -fPIE -fstack-protector-strong
+                         profiler: NO
+     link-time optimization (LTO): NO
+                              PIE: YES
+                     static build: NO
+              malloc trim support: YES
+                       membarrier: NO
+                debug stack usage: NO
+                  mutex debugging: YES
+                 memory allocator: system
+                avx2 optimization: NO
+             avx512f optimization: NO
+                    gprof enabled: NO
+                             gcov: NO
+                 thread sanitizer: NO
+                      CFI support: NO
+                   strip binaries: NO
+                           sparse: NO
+                  mingw32 support: NO
+                     x86_64 tests: x86_64-linux-gnu-gcc via debian-amd64-cross
+
+  Targets and accelerators
+                      KVM support: YES
+                      HAX support: NO
+                      HVF support: NO
+                     WHPX support: NO
+                     NVMM support: NO
+                      Xen support: NO
+                      TCG support: YES
+                      TCG backend: native (x86_64)
+                      TCG plugins: YES
+                TCG debug enabled: YES
+                      target list: x86_64-softmmu
+                  default devices: YES
+         out of process emulation: YES
+
+  Block layer support
+                coroutine backend: ucontext
+                   coroutine pool: YES
+             Block whitelist (rw): 
+             Block whitelist (ro): 
+     Use block whitelist in tools: NO
+                   VirtFS support: NO
+            build virtiofs daemon: NO
+             Live block migration: YES
+              replication support: YES
+                    bochs support: YES
+                    cloop support: YES
+                      dmg support: YES
+                  qcow v1 support: YES
+                      vdi support: YES
+                    vvfat support: YES
+                      qed support: YES
+                parallels support: YES
+                     FUSE exports: NO
+
+  Crypto
+                     TLS priority: "NORMAL"
+                   GNUTLS support: YES
+                    GNUTLS crypto: YES
+                        libgcrypt: NO
+                           nettle: NO
+                     crypto afalg: NO
+                         rng-none: NO
+                    Linux keyring: YES
+
+  Dependencies
+                      SDL support: NO
+                SDL image support: NO
+                      GTK support: NO
+                           pixman: YES
+                      VTE support: NO
+                    slirp support: internal
+                         libtasn1: YES
+                              PAM: NO
+                    iconv support: YES
+                   curses support: YES
+                    virgl support: NO
+                     curl support: NO
+                Multipath support: NO
+                      VNC support: YES
+                 VNC SASL support: YES
+                 VNC JPEG support: YES
+                  VNC PNG support: NO
+                   brlapi support: NO
+                      vde support: NO
+                   netmap support: NO
+                Linux AIO support: NO
+           Linux io_uring support: NO
+               ATTR/XATTR support: YES
+                     RDMA support: NO
+                   PVRDMA support: NO
+                      fdt support: internal
+                libcap-ng support: NO
+                      bpf support: NO
+                    spice support: NO
+                      rbd support: NO
+                   xfsctl support: NO
+                smartcard support: NO
+                      U2F support: NO
+                           libusb: NO
+                    usb net redir: NO
+                   OpenGL support: NO
+                              GBM: NO
+                 libiscsi support: NO
+                   libnfs support: NO
+                  seccomp support: NO
+                GlusterFS support: NO
+                      TPM support: YES
+                   libssh support: NO
+                      lzo support: NO
+                   snappy support: NO
+                    bzip2 support: NO
+                    lzfse support: NO
+                     zstd support: NO
+                NUMA host support: NO
+                          libxml2: NO
+                         capstone: internal
+                  libpmem support: NO
+                libdaxctl support: NO
+                          libudev: NO
+                       FUSE lseek: NO
+   ```