Control: tag -1 + moreinfo On Tue, 17 Jan 2017 18:19:00 +0000 anonym <ano...@riseup.net> wrote: > Package: qemu > Version: 1:2.8+dfsg-1 > Severity: normal > Tags: patch > User: tails-...@boum.org > Usertags: test-suite, virt-guest > > Dear Maintainer, > > It seems the fix of CVE-2016-8576 (Debian bug #840343) introduced a > regression in QEMU 2.8. While formatting partitions (on virtual USB > drives and the nec-xhci virtual USB controller) to EXT4, I have > observed errors like these: > > kernel: sd 8:0:0:0: [sda] tag#0 FAILED Result: hostbyte=DID_ABORT > driverbyte=DRIVER_OK > kernel: sd 8:0:0:0: [sda] tag#0 CDB: Write(10) 2a 00 00 66 49 86 > 00 08 00 00 > kernel: blk_update_request: I/O error, dev sda, sector 6703494 > kernel: Buffer I/O error on dev dm-0, logical block 1573254, lost > async page write
I tried to reproduce this, but can not. What's needed to reproduce it? > Raising TRB_LINK_LIMIT fixes the limit, but the new value was > admittedly arbitrarily chosen. Note upstream still ships with current limit of 4 links. Thanks, /mjt > Regarding cycle detection in general, allowing at most 4 levels of > links seems pretty low. This bump should be safe: a high number only > means that we get a performance hit when encountering cycles but then > we should have a fatal error any way; a low number instead means that > we'll incorrectly identify cycles and abort operations that otherwise > would succeed, like in the case above. > > It would be fabulous if this patch could be applied to Debian's > package before upstream fixes it! > > Cheers!
