diff options
Diffstat (limited to 'results/classifier/deepseek-r1:14b/output/manual-review/647')
| -rw-r--r-- | results/classifier/deepseek-r1:14b/output/manual-review/647 | 302 |
1 files changed, 302 insertions, 0 deletions
diff --git a/results/classifier/deepseek-r1:14b/output/manual-review/647 b/results/classifier/deepseek-r1:14b/output/manual-review/647 new file mode 100644 index 000000000..d7b69d251 --- /dev/null +++ b/results/classifier/deepseek-r1:14b/output/manual-review/647 @@ -0,0 +1,302 @@ + +scsi_device_purge_requests() waits infinietly +Description of problem: +QEMU hangs typing `system_reset` in the monitor, the monitor becomes unresponsive, as does VNC. +Steps to reproduce: +1. In the guest as root: `dd if=/dev/sda ibs=2K obs=1M of=/dev/null` +2. In the host monitor: `(qemu) system_reset` +3. Attach with gdb +4. Press ^C in the unresponsive monitor +``` +Thread 1 "qemu-system-x86" received signal SIGINT, Interrupt. +0x00007ffff749796e in ppoll () from /lib64/libc.so.6 +(gdb) bt +#0 0x00007ffff749796e in ppoll () at /lib64/libc.so.6 +#1 0x00005555570e829a in ppoll () +#2 0x0000555559624473 in qemu_poll_ns (fds=0x6060000204e0, nfds=1, timeout=-1) at ../util/qemu-timer.c:336 +#3 0x0000555559651973 in fdmon_poll_wait (ctx=0x61300004d900, ready_list=0x7fffffffb200, timeout=-1) at ../util/fdmon-poll.c:80 +#4 0x00005555595f48f1 in aio_poll (ctx=0x61300004d900, blocking=true) at ../util/aio-posix.c:607 +#5 0x0000555559041dac in bdrv_do_drained_begin (bs=0x62900000a200, recursive=false, parent=0x0, ignore_bds_parents=false, poll=true) at ../block/io.c:473 +#6 0x00005555590414a3 in bdrv_drained_begin (bs=0x62900000a200) at ../block/io.c:479 +#7 0x000055555916f180 in blk_drain (blk=0x618000001080) at ../block/block-backend.c:1732 +#8 0x000055555778f140 in scsi_device_purge_requests (sdev=0x617000004d80, sense=...) at ../hw/scsi/scsi-bus.c:1638 +#9 0x0000555557842df9 in scsi_disk_reset (dev=0x617000004d80) at ../hw/scsi/scsi-disk.c:2248 +#10 0x00005555592a557e in device_transitional_reset (obj=0x617000004d80) at ../hw/core/qdev.c:1028 +#11 0x00005555592a7eb7 in resettable_phase_hold (obj=0x617000004d80, opaque=0x0, type=RESET_TYPE_COLD) at ../hw/core/resettable.c:182 +#12 0x000055555928a2e8 in bus_reset_child_foreach (obj=0x62d0000268d8, cb=0x5555592a78e0 <resettable_phase_hold>, opaque=0x0, type=RESET_TYPE_COLD) at ../hw/core/bus.c:97 +#13 0x00005555592aaaac in resettable_child_foreach (rc=0x60e000026f40, obj=0x62d0000268d8, cb=0x5555592a78e0 <resettable_phase_hold>, opaque=0x0, type=RESET_TYPE_COLD) at ../hw/core/resettable.c:96 +#14 0x00005555592a7b9a in resettable_phase_hold (obj=0x62d0000268d8, opaque=0x0, type=RESET_TYPE_COLD) at ../hw/core/resettable.c:173 +#15 0x00005555592a1c55 in device_reset_child_foreach (obj=0x62d000026680, cb=0x5555592a78e0 <resettable_phase_hold>, opaque=0x0, type=RESET_TYPE_COLD) at ../hw/core/qdev.c:366 +#16 0x00005555592aaaac in resettable_child_foreach (rc=0x60e000040a80, obj=0x62d000026680, cb=0x5555592a78e0 <resettable_phase_hold>, opaque=0x0, type=RESET_TYPE_COLD) at ../hw/core/resettable.c:96 +#17 0x00005555592a7b9a in resettable_phase_hold (obj=0x62d000026680, opaque=0x0, type=RESET_TYPE_COLD) at ../hw/core/resettable.c:173 +#18 0x000055555928a2e8 in bus_reset_child_foreach (obj=0x62d0000265f8, cb=0x5555592a78e0 <resettable_phase_hold>, opaque=0x0, type=RESET_TYPE_COLD) at ../hw/core/bus.c:97 +#19 0x00005555592aaaac in resettable_child_foreach (rc=0x60e000026680, obj=0x62d0000265f8, cb=0x5555592a78e0 <resettable_phase_hold>, opaque=0x0, type=RESET_TYPE_COLD) at ../hw/core/resettable.c:96 +#20 0x00005555592a7b9a in resettable_phase_hold (obj=0x62d0000265f8, opaque=0x0, type=RESET_TYPE_COLD) at ../hw/core/resettable.c:173 +#21 0x00005555592a1c55 in device_reset_child_foreach (obj=0x62d00001e400, cb=0x5555592a78e0 <resettable_phase_hold>, opaque=0x0, type=RESET_TYPE_COLD) at ../hw/core/qdev.c:366 +#22 0x00005555592aaaac in resettable_child_foreach (rc=0x60e000042300, obj=0x62d00001e400, cb=0x5555592a78e0 <resettable_phase_hold>, opaque=0x0, type=RESET_TYPE_COLD) at ../hw/core/resettable.c:96 +#23 0x00005555592a7b9a in resettable_phase_hold (obj=0x62d00001e400, opaque=0x0, type=RESET_TYPE_COLD) at ../hw/core/resettable.c:173 +#24 0x000055555928a2e8 in bus_reset_child_foreach (obj=0x62200005c260, cb=0x5555592a78e0 <resettable_phase_hold>, opaque=0x0, type=RESET_TYPE_COLD) at ../hw/core/bus.c:97 +#25 0x00005555592aaaac in resettable_child_foreach (rc=0x60e00002e2c0, obj=0x62200005c260, cb=0x5555592a78e0 <resettable_phase_hold>, opaque=0x0, type=RESET_TYPE_COLD) at ../hw/core/resettable.c:96 +#26 0x00005555592a7b9a in resettable_phase_hold (obj=0x62200005c260, opaque=0x0, type=RESET_TYPE_COLD) at ../hw/core/resettable.c:173 +#27 0x00005555592a1c55 in device_reset_child_foreach (obj=0x62200005b900, cb=0x5555592a78e0 <resettable_phase_hold>, opaque=0x0, type=RESET_TYPE_COLD) at ../hw/core/qdev.c:366 +#28 0x00005555592aaaac in resettable_child_foreach (rc=0x60e000030940, obj=0x62200005b900, cb=0x5555592a78e0 <resettable_phase_hold>, opaque=0x0, type=RESET_TYPE_COLD) at ../hw/core/resettable.c:96 +#29 0x00005555592a7b9a in resettable_phase_hold (obj=0x62200005b900, opaque=0x0, type=RESET_TYPE_COLD) at ../hw/core/resettable.c:173 +#30 0x000055555928a2e8 in bus_reset_child_foreach (obj=0x61d00008a280, cb=0x5555592a78e0 <resettable_phase_hold>, opaque=0x0, type=RESET_TYPE_COLD) at ../hw/core/bus.c:97 +#31 0x00005555592aaaac in resettable_child_foreach (rc=0x60e00002e2c0, obj=0x61d00008a280, cb=0x5555592a78e0 <resettable_phase_hold>, opaque=0x0, type=RESET_TYPE_COLD) at ../hw/core/resettable.c:96 +#32 0x00005555592a7b9a in resettable_phase_hold (obj=0x61d00008a280, opaque=0x0, type=RESET_TYPE_COLD) at ../hw/core/resettable.c:173 +#33 0x00005555592a1c55 in device_reset_child_foreach (obj=0x62a000006200, cb=0x5555592a78e0 <resettable_phase_hold>, opaque=0x0, type=RESET_TYPE_COLD) at ../hw/core/qdev.c:366 +#34 0x00005555592aaaac in resettable_child_foreach (rc=0x60e000030160, obj=0x62a000006200, cb=0x5555592a78e0 <resettable_phase_hold>, opaque=0x0, type=RESET_TYPE_COLD) at ../hw/core/resettable.c:96 +#35 0x00005555592a7b9a in resettable_phase_hold (obj=0x62a000006200, opaque=0x0, type=RESET_TYPE_COLD) at ../hw/core/resettable.c:173 +#36 0x000055555928a2e8 in bus_reset_child_foreach (obj=0x60c000020a40, cb=0x5555592a78e0 <resettable_phase_hold>, opaque=0x0, type=RESET_TYPE_COLD) at ../hw/core/bus.c:97 +#37 0x00005555592aaaac in resettable_child_foreach (rc=0x60e00002fde0, obj=0x60c000020a40, cb=0x5555592a78e0 <resettable_phase_hold>, opaque=0x0, type=RESET_TYPE_COLD) at ../hw/core/resettable.c:96 +#38 0x00005555592a7b9a in resettable_phase_hold (obj=0x60c000020a40, opaque=0x0, type=RESET_TYPE_COLD) at ../hw/core/resettable.c:173 +#39 0x00005555592a6e04 in resettable_assert_reset (obj=0x60c000020a40, type=RESET_TYPE_COLD) at ../hw/core/resettable.c:60 +#40 0x00005555592a6cb7 in resettable_reset (obj=0x60c000020a40, type=RESET_TYPE_COLD) at ../hw/core/resettable.c:45 +#41 0x00005555592a9337 in resettable_cold_reset_fn (opaque=0x60c000020a40) at ../hw/core/resettable.c:269 +#42 0x00005555592a6c35 in qemu_devices_reset () at ../hw/core/reset.c:69 +#43 0x00005555582fb4f5 in pc_machine_reset (machine=0x616000000380) at ../hw/i386/pc.c:1764 +#44 0x0000555558a58e56 in qemu_system_reset (reason=SHUTDOWN_CAUSE_HOST_QMP_SYSTEM_RESET) at ../softmmu/runstate.c:443 +#45 0x0000555558a5a746 in main_loop_should_exit () at ../softmmu/runstate.c:688 +#46 0x0000555558a5a57e in qemu_main_loop () at ../softmmu/runstate.c:722 +#47 0x00005555571acaef in main (argc=58, argv=0x7fffffffd8f8, envp=0x7fffffffdad0) at ../softmmu/main.c:50 +(gdb) +(gdb) fr 5 +#5 0x0000555559041dac in bdrv_do_drained_begin (bs=0x62900000a200, recursive=false, parent=0x0, ignore_bds_parents=false, poll=true) at ../block/io.c:473 +473 BDRV_POLL_WHILE(bs, bdrv_drain_poll_top_level(bs, recursive, parent)); +(gdb) p *bs +$1 = {open_flags = 24578, encrypted = false, sg = false, probed = false, force_share = false, implicit = false, drv = 0x55555b0b0c60 <bdrv_qcow2>, opaque = 0x615000015200, aio_context = 0x6130000df080, + aio_notifiers = {lh_first = 0x0}, walking_aio_notifiers = false, filename = "nvme://0000:bc:00.0/1", '\000' <repeats 4074 times>, backing_file = '\000' <repeats 4095 times>, + auto_backing_file = '\000' <repeats 4095 times>, backing_format = '\000' <repeats 15 times>, full_open_options = 0x621002ba2100, exact_filename = "nvme://0000:bc:00.0/1", '\000' <repeats 4074 times>, + backing = 0x0, file = 0x608000002ba0, bl = {request_alignment = 1, max_pdiscard = 0, pdiscard_alignment = 65536, max_pwrite_zeroes = 0, pwrite_zeroes_alignment = 65536, opt_transfer = 0, + max_transfer = 131072, max_hw_transfer = 0, min_mem_alignment = 512, opt_mem_alignment = 4096, max_iov = 1024}, supported_read_flags = 0, supported_write_flags = 0, supported_zero_flags = 260, + supported_truncate_flags = 2, node_name = "drive_nvme1", '\000' <repeats 20 times>, node_list = {tqe_next = 0x0, tqe_circ = {tql_next = 0x0, tql_prev = 0x6290000092d0}}, bs_list = {tqe_next = 0x0, + tqe_circ = {tql_next = 0x0, tql_prev = 0x6290000092e0}}, monitor_list = {tqe_next = 0x0, tqe_circ = {tql_next = 0x0, tql_prev = 0x6290000092f0}}, refcnt = 2, op_blockers = {{ + lh_first = 0x0} <repeats 16 times>}, inherits_from = 0x0, children = {lh_first = 0x608000002ba0}, parents = {lh_first = 0x608000003620}, options = 0x621000019100, explicit_options = 0x62100001a500, + detect_zeroes = BLOCKDEV_DETECT_ZEROES_OPTIONS_OFF, backing_blocker = 0x0, total_sectors = 41943040, write_threshold_offset = 0, dirty_bitmap_mutex = {lock = {__data = {__lock = 0, __count = 0, __owner = 0, + __nusers = 0, __kind = 0, __spins = 0, __elision = 0, __list = {__prev = 0x0, __next = 0x0}}, __size = '\000' <repeats 39 times>, __align = 0}, file = 0x0, line = 0, initialized = true}, + dirty_bitmaps = {lh_first = 0x0}, wr_highest_offset = {value = 17686634496}, copy_on_read = 0, in_flight = 128, serialising_in_flight = 0, io_plugged = 0, enable_write_cache = 0, quiesce_counter = 1, + recursive_quiesce_counter = 0, write_gen = 101, reqs_lock = {locked = 0, ctx = 0x0, from_push = {slh_first = 0x0}, to_pop = {slh_first = 0x0}, handoff = 0, sequence = 0, holder = 0x0}, tracked_requests = { + lh_first = 0x7ffc251b48a0}, flush_queue = {entries = {sqh_first = 0x0, sqh_last = 0x62900000e470}}, active_flush_req = false, flushed_gen = 81, never_freeze = false} +(gdb) fr 4 +#4 0x00005555595f48f1 in aio_poll (ctx=0x61300004d900, blocking=true) at ../util/aio-posix.c:607 +607 ret = ctx->fdmon_ops->wait(ctx, &ready_list, timeout); +(gdb) p timeout +$5 = -1 +(gdb) p blocking +$6 = true +(gdb) p *ctx +$3 = {source = {callback_data = 0x0, callback_funcs = 0x0, source_funcs = 0x55555b42d900 <aio_source_funcs>, ref_count = 2, context = 0x60f000000400, priority = 0, flags = 33, source_id = 1, + poll_fds = 0x615000001790 = {0x60d000000860}, prev = 0x0, next = 0x61300004d3c0, name = 0x602000010a10 "aio-context", priv = 0x619000003830}, lock = {m = {lock = {__data = {__lock = 0, __count = 0, + __owner = 0, __nusers = 0, __kind = 1, __spins = 0, __elision = 0, __list = {__prev = 0x0, __next = 0x0}}, __size = '\000' <repeats 16 times>, "\001", '\000' <repeats 22 times>, __align = 0}, + file = 0x0, line = 0, initialized = true}}, aio_handlers = {lh_first = 0x60d000000860}, deleted_aio_handlers = {lh_first = 0x0}, notify_me = 2, list_lock = {count = 4}, bh_list = {slh_first = 0x0}, + bh_slice_list = {sqh_first = 0x0, sqh_last = 0x61300004d9b8}, notified = false, notifier = {rfd = 7, wfd = 7, initialized = true}, scheduled_coroutines = {slh_first = 0x0}, co_schedule_bh = 0x604000001110, + thread_pool = 0x0, tlg = {tl = {0x60b00000a1d0, 0x60b00000a280, 0x60b00000a330, 0x60b00000a3e0}}, external_disable_cnt = 0, poll_disable_cnt = 0, poll_ns = 0, poll_max_ns = 0, poll_grow = 0, + poll_shrink = 0, aio_max_batch = 0, poll_aio_handlers = {lh_first = 0x60d000000860}, poll_started = false, epollfd = 6, fdmon_ops = 0x55555a4ebbc0 <fdmon_poll_ops>} +(gdb) p ctx->bh_list +$8 = {slh_first = 0x0} +(gdb) p ctx->bh_slice_list +$9 = {sqh_first = 0x0, sqh_last = 0x61300004d9b8} +(gdb) p *ctx->bh_slice_list.sqh_last +$11 = (struct BHListSlice *) 0x0 +(gdb) p ctx->tlg +$12 = {tl = {0x60b00000a1d0, 0x60b00000a280, 0x60b00000a330, 0x60b00000a3e0}} +(gdb) p timerlist_deadline_ns(ctx->tlg.tl[0]) +$14 = -1 +(gdb) p timerlist_deadline_ns(ctx->tlg.tl[1]) +$15 = -1 +(gdb) p timerlist_deadline_ns(ctx->tlg.tl[2]) +$16 = -1 +(gdb) p timerlist_deadline_ns(ctx->tlg.tl[3]) +$17 = -1 +``` +What I see is: +- timerlistgroup_deadline_ns() -> -1 +- aio_compute_timeout() -> -1 +- aio_poll() -> -1 + +So scsi_device_purge_requests() waits indefinitively. +Additional information: +``` +../configure --enable-trace-backends=log --disable-docs --enable-debug --extra-cflags='-ggdb -fPIE' --disable-user --disable-tools --target-list=x86_64-softmmu --cc=clang --cxx=clang++ --enable-sanitizers --disable-vhost-user +qemu 6.1.0 + + Directories + Install prefix: /usr/local + BIOS directory: share/qemu + firmware path: /usr/local/share/qemu-firmware + binary directory: bin + library directory: lib + module directory: lib/qemu + libexec directory: libexec + include directory: include + config directory: /usr/local/etc + local state directory: /usr/local/var + Manual directory: share/man + Doc directory: /usr/local/share/doc + Build directory: /home/philmd/qemu/build + Source path: /home/philmd/qemu + GIT submodules: ui/keycodemapdb meson tests/fp/berkeley-testfloat-3 tests/fp/berkeley-softfloat-3 dtc capstone slirp + + Host binaries + git: git + make: make + python: /usr/bin/python3 (version: 3.9) + sphinx-build: NO + gdb: /usr/bin/gdb + genisoimage: /usr/bin/mkisofs + smbd: "/usr/sbin/smbd" + + Configurable features + Documentation: NO + system-mode emulation: YES + user-mode emulation: NO + block layer: YES + Install blobs: YES + module support: NO + fuzzing support: NO + Audio drivers: oss + Trace backends: log + QOM debugging: YES + vhost-kernel support: YES + vhost-net support: YES + vhost-crypto support: NO + vhost-scsi support: YES + vhost-vsock support: YES + vhost-user support: NO + vhost-user-blk server support: NO + vhost-user-fs support: NO + vhost-vdpa support: YES + build guest agent: YES + + Compilation + host CPU: x86_64 + host endianness: little + C compiler: clang + Host C compiler: clang + C++ compiler: clang++ + CFLAGS: -O0 -g + CXXFLAGS: -O0 -g + QEMU_CFLAGS: -fsanitize=undefined -fsanitize=address -m64 -mcx16 -D_GNU_SOURCE -D_FILE_OFFSET_BITS=64 -D_LARGEFILE_SOURCE -Wstrict-prototypes -Wredundant-decls -Wundef -Wwrite-strings -Wmissing-prototypes -fno-strict-aliasing -fno-common -fwrapv -ggdb -fPIE -Wold-style-definition -Wtype-limits -Wformat-security -Wformat-y2k -Winit-self -Wignored-qualifiers -Wempty-body -Wnested-externs -Wendif-labels -Wexpansion-to-defined -Wno-initializer-overrides -Wno-missing-include-dirs -Wno-shift-negative-value -Wno-string-plus-int -Wno-typedef-redefinition -Wno-tautological-type-limit-compare -Wno-psabi -fstack-protector-strong + QEMU_LDFLAGS: -Wl,--warn-common -fsanitize=undefined -fsanitize=address -Wl,-z,relro -Wl,-z,now -m64 -ggdb -fPIE -fstack-protector-strong + profiler: NO + link-time optimization (LTO): NO + PIE: YES + static build: NO + malloc trim support: YES + membarrier: NO + debug stack usage: NO + mutex debugging: YES + memory allocator: system + avx2 optimization: NO + avx512f optimization: NO + gprof enabled: NO + gcov: NO + thread sanitizer: NO + CFI support: NO + strip binaries: NO + sparse: NO + mingw32 support: NO + x86_64 tests: x86_64-linux-gnu-gcc via debian-amd64-cross + + Targets and accelerators + KVM support: YES + HAX support: NO + HVF support: NO + WHPX support: NO + NVMM support: NO + Xen support: NO + TCG support: YES + TCG backend: native (x86_64) + TCG plugins: YES + TCG debug enabled: YES + target list: x86_64-softmmu + default devices: YES + out of process emulation: YES + + Block layer support + coroutine backend: ucontext + coroutine pool: YES + Block whitelist (rw): + Block whitelist (ro): + Use block whitelist in tools: NO + VirtFS support: NO + build virtiofs daemon: NO + Live block migration: YES + replication support: YES + bochs support: YES + cloop support: YES + dmg support: YES + qcow v1 support: YES + vdi support: YES + vvfat support: YES + qed support: YES + parallels support: YES + FUSE exports: NO + + Crypto + TLS priority: "NORMAL" + GNUTLS support: YES + GNUTLS crypto: YES + libgcrypt: NO + nettle: NO + crypto afalg: NO + rng-none: NO + Linux keyring: YES + + Dependencies + SDL support: NO + SDL image support: NO + GTK support: NO + pixman: YES + VTE support: NO + slirp support: internal + libtasn1: YES + PAM: NO + iconv support: YES + curses support: YES + virgl support: NO + curl support: NO + Multipath support: NO + VNC support: YES + VNC SASL support: YES + VNC JPEG support: YES + VNC PNG support: NO + brlapi support: NO + vde support: NO + netmap support: NO + Linux AIO support: NO + Linux io_uring support: NO + ATTR/XATTR support: YES + RDMA support: NO + PVRDMA support: NO + fdt support: internal + libcap-ng support: NO + bpf support: NO + spice support: NO + rbd support: NO + xfsctl support: NO + smartcard support: NO + U2F support: NO + libusb: NO + usb net redir: NO + OpenGL support: NO + GBM: NO + libiscsi support: NO + libnfs support: NO + seccomp support: NO + GlusterFS support: NO + TPM support: YES + libssh support: NO + lzo support: NO + snappy support: NO + bzip2 support: NO + lzfse support: NO + zstd support: NO + NUMA host support: NO + libxml2: NO + capstone: internal + libpmem support: NO + libdaxctl support: NO + libudev: NO + FUSE lseek: NO + ``` |