Package: qemu
Version: 1:2.8+dfsg-1
Severity: normal
Tags: patch
User: tails-...@boum.org
Usertags: test-suite, virt-guest
Dear Maintainer,
It seems the fix of CVE-2016-8576 (Debian bug #840343) introduced a
regression in QEMU 2.8. While formatting partitions (on virtual USB
drives and the nec-xhci virtual USB controller) to EXT4, I have
observed errors like these:
kernel: sd 8:0:0:0: [sda] tag#0 FAILED Result: hostbyte=DID_ABORT
driverbyte=DRIVER_OK
kernel: sd 8:0:0:0: [sda] tag#0 CDB: Write(10) 2a 00 00 66 49 86
00 08 00 00
kernel: blk_update_request: I/O error, dev sda, sector 6703494
kernel: Buffer I/O error on dev dm-0, logical block 1573254, lost
async page write
Raising TRB_LINK_LIMIT fixes the limit, but the new value was
admittedly arbitrarily chosen.
Regarding cycle detection in general, allowing at most 4 levels of
links seems pretty low. This bump should be safe: a high number only
means that we get a performance hit when encountering cycles but then
we should have a fatal error any way; a low number instead means that
we'll incorrectly identify cycles and abort operations that otherwise
would succeed, like in the case above.
It would be fabulous if this patch could be applied to Debian's
package before upstream fixes it!
Cheers!
-- System Information:
Debian Release: 9.0
APT prefers unstable
APT policy: (500, 'unstable'), (500, 'testing'), (500, 'stable')
Architecture: amd64 (x86_64)
Foreign Architectures: i386
Kernel: Linux 4.9.0-1-amd64 (SMP w/4 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
Versions of packages qemu depends on:
ii qemu-system 1:2.8+dfsg-1
ii qemu-user 1:2.8+dfsg-1
ii qemu-utils 1:2.8+dfsg-1
qemu recommends no packages.
Versions of packages qemu suggests:
ii qemu-user-static 1:2.8+dfsg-1
-- no debconf information
