[Bug 1801052] Re: arm64 kvm-unit-tests timer test failing on 18.04
I have also tested this on the ubuntu running on 96 core TX system. Fails with linux-image-4.15.0-20-generic but passes with an alllocalconfig build of 4.19. ** Changed in: linux (Ubuntu) Status: Incomplete => Confirmed -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1801052 Title: arm64 kvm-unit-tests timer test failing on 18.04 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1801052/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1783362] Re: [Qemu-devel] [PATCH v2 for 3.0 1/2] linux-user/mmap.c: handle invalid len maps correctly
Laurent Vivier writes: > Le 30/07/2018 à 15:43, Alex Bennée a écrit: >> I've slightly re-organised the check to more closely match the >> sequence that the kernel uses in do_mmap(). We check for both the zero >> case (EINVAL) and the overflow length case (ENOMEM). >> >> Signed-off-by: Alex Bennée >> Cc: umarcor <1783...@bugs.launchpad.net> >> >> --- >> v2 >> - add comment on overflow >> --- >> linux-user/mmap.c | 15 --- >> 1 file changed, 12 insertions(+), 3 deletions(-) >> >> diff --git a/linux-user/mmap.c b/linux-user/mmap.c >> index d0c50e4888..41e0983ce8 100644 >> --- a/linux-user/mmap.c >> +++ b/linux-user/mmap.c >> @@ -391,14 +391,23 @@ abi_long target_mmap(abi_ulong start, abi_ulong len, >> int prot, >> } >> #endif >> >> -if (offset & ~TARGET_PAGE_MASK) { >> +if (!len) { >> errno = EINVAL; >> goto fail; >> } >> >> +/* Also check for overflows... */ >> len = TARGET_PAGE_ALIGN(len); >> -if (len == 0) >> -goto the_end; >> +if (!len) { >> +errno = ENOMEM; >> +goto fail; >> +} >> + >> +if (offset & ~TARGET_PAGE_MASK) { >> +errno = EINVAL; >> + goto fail; >> +} >> + >> real_start = start & qemu_host_page_mask; >> host_offset = offset & qemu_host_page_mask; >> >> > > Reviewed-by: Laurent Vivier Are you going to take this via your queue or do you want me to re-post with the r-b? -- Alex Bennée -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1783362 Title: qemu-user: mmap should return failure (MAP_FAILED, -1) instead of success (NULL, 0) when len==0 To manage notifications about this bug go to: https://bugs.launchpad.net/qemu/+bug/1783362/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1783362] [PATCH v2 for 3.0 2/2] tests: add check_invalid_maps to test-mmap
This adds a test to make sure we fail properly for a 0 length mmap. There are most likely other failure conditions we should also check. Signed-off-by: Alex Bennée Reviewed-by: Richard Henderson Cc: umarcor <1783...@bugs.launchpad.net> --- v2 - add test for overflow --- tests/tcg/multiarch/test-mmap.c | 22 +- 1 file changed, 21 insertions(+), 1 deletion(-) diff --git a/tests/tcg/multiarch/test-mmap.c b/tests/tcg/multiarch/test-mmap.c index 5c0afe6e49..11d0e777b1 100644 --- a/tests/tcg/multiarch/test-mmap.c +++ b/tests/tcg/multiarch/test-mmap.c @@ -27,7 +27,7 @@ #include #include #include - +#include #include #define D(x) @@ -435,6 +435,25 @@ void checked_write(int fd, const void *buf, size_t count) fail_unless(rc == count); } +void check_invalid_mmaps(void) +{ +unsigned char *addr; + +/* Attempt to map a zero length page. */ +addr = mmap(NULL, 0, PROT_READ, MAP_PRIVATE | MAP_ANONYMOUS, -1, 0); +fprintf(stdout, "%s addr=%p", __func__, (void *)addr); +fail_unless(addr == MAP_FAILED); +fail_unless(errno == EINVAL); + +/* Attempt to map a over length page. */ +addr = mmap(NULL, -4, PROT_READ, MAP_PRIVATE | MAP_ANONYMOUS, -1, 0); +fprintf(stdout, "%s addr=%p", __func__, (void *)addr); +fail_unless(addr == MAP_FAILED); +fail_unless(errno == ENOMEM); + +fprintf(stdout, " passed\n"); +} + int main(int argc, char **argv) { char tempname[] = "/tmp/.cmmapXX"; @@ -476,6 +495,7 @@ int main(int argc, char **argv) check_file_fixed_mmaps(); check_file_fixed_eof_mmaps(); check_file_unfixed_eof_mmaps(); + check_invalid_mmaps(); /* Fails at the moment. */ /* check_aligned_anonymous_fixed_mmaps_collide_with_host(); */ -- 2.17.1 -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1783362 Title: qemu-user: mmap should return failure (MAP_FAILED, -1) instead of success (NULL, 0) when len==0 To manage notifications about this bug go to: https://bugs.launchpad.net/qemu/+bug/1783362/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1783362] [PATCH v2 for 3.0 1/2] linux-user/mmap.c: handle invalid len maps correctly
I've slightly re-organised the check to more closely match the sequence that the kernel uses in do_mmap(). We check for both the zero case (EINVAL) and the overflow length case (ENOMEM). Signed-off-by: Alex Bennée Cc: umarcor <1783...@bugs.launchpad.net> --- v2 - add comment on overflow --- linux-user/mmap.c | 15 --- 1 file changed, 12 insertions(+), 3 deletions(-) diff --git a/linux-user/mmap.c b/linux-user/mmap.c index d0c50e4888..41e0983ce8 100644 --- a/linux-user/mmap.c +++ b/linux-user/mmap.c @@ -391,14 +391,23 @@ abi_long target_mmap(abi_ulong start, abi_ulong len, int prot, } #endif -if (offset & ~TARGET_PAGE_MASK) { +if (!len) { errno = EINVAL; goto fail; } +/* Also check for overflows... */ len = TARGET_PAGE_ALIGN(len); -if (len == 0) -goto the_end; +if (!len) { +errno = ENOMEM; +goto fail; +} + +if (offset & ~TARGET_PAGE_MASK) { +errno = EINVAL; +goto fail; +} + real_start = start & qemu_host_page_mask; host_offset = offset & qemu_host_page_mask; -- 2.17.1 -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1783362 Title: qemu-user: mmap should return failure (MAP_FAILED, -1) instead of success (NULL, 0) when len==0 To manage notifications about this bug go to: https://bugs.launchpad.net/qemu/+bug/1783362/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1783362] [PATCH v2 for 3.0 0/2] fix for bug #1783362
Hi, Updated to cover the overflow case properly as well. Alex Bennée (2): linux-user/mmap.c: handle invalid len maps correctly tests: add check_invalid_maps to test-mmap linux-user/mmap.c | 15 --- tests/tcg/multiarch/test-mmap.c | 22 +- 2 files changed, 33 insertions(+), 4 deletions(-) -- 2.17.1 -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1783362 Title: qemu-user: mmap should return failure (MAP_FAILED, -1) instead of success (NULL, 0) when len==0 To manage notifications about this bug go to: https://bugs.launchpad.net/qemu/+bug/1783362/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1783362] Re: [Qemu-devel] [PATCH v1 for 3.0 1/2] linux-user/mmap.c: handle len = 0 maps correctly
Will do, thanks! On Thu, 26 Jul 2018 at 19:12, Laurent Vivier wrote: > Le 26/07/2018 à 19:58, Alex Bennée a écrit : > > > > Laurent Vivier writes: > > > >> Le 26/07/2018 à 15:29, Alex Bennée a écrit: > >>> I've slightly re-organised the check to more closely match the > >>> sequence that the kernel uses in do_mmap(). > >>> > >>> Signed-off-by: Alex Bennée > >>> Cc: umarcor <1783...@bugs.launchpad.net> > >>> --- > >>> linux-user/mmap.c | 14 +++--- > >>> 1 file changed, 11 insertions(+), 3 deletions(-) > >>> > >>> diff --git a/linux-user/mmap.c b/linux-user/mmap.c > >>> index d0c50e4888..3ef69fa2d0 100644 > >>> --- a/linux-user/mmap.c > >>> +++ b/linux-user/mmap.c > >>> @@ -391,14 +391,22 @@ abi_long target_mmap(abi_ulong start, abi_ulong > len, int prot, > >>> } > >>> #endif > >>> > >>> -if (offset & ~TARGET_PAGE_MASK) { > >>> +if (!len) { > >>> errno = EINVAL; > >>> goto fail; > >>> } > >>> > >>> len = TARGET_PAGE_ALIGN(len); > >>> -if (len == 0) > >>> -goto the_end; > >>> +if (!len) { > >>> +errno = EINVAL; > >>> +goto fail; > >>> +} > >> > >> Why do you check twice len? > >> TARGET_PAGE_ALIGN() rounds up the value, so if it was not 0, it cannot > >> be now. > > > > I was trying to follow the kernel style but I realise TARGET_PAGE_ALIGN > > might be a different test compared to the kernel's PAGE_ALIGN(len) for > > overflows: > ... > > /* Careful about overflows.. */ > > len = PAGE_ALIGN(len); > > if (!len) > > return -ENOMEM; > > > > > OK, so keep it but you should use ENOMEM, not EINVAL (and add a comment :) > ) > > Thanks, > Laurent > -- Alex Bennée KVM/QEMU Hacker for Linaro -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1783362 Title: qemu-user: mmap should return failure (MAP_FAILED, -1) instead of success (NULL, 0) when len==0 To manage notifications about this bug go to: https://bugs.launchpad.net/qemu/+bug/1783362/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1783362] Re: [Qemu-devel] [PATCH v1 for 3.0 1/2] linux-user/mmap.c: handle len = 0 maps correctly
Laurent Vivier writes: > Le 26/07/2018 à 15:29, Alex Bennée a écrit: >> I've slightly re-organised the check to more closely match the >> sequence that the kernel uses in do_mmap(). >> >> Signed-off-by: Alex Bennée >> Cc: umarcor <1783...@bugs.launchpad.net> >> --- >> linux-user/mmap.c | 14 +++--- >> 1 file changed, 11 insertions(+), 3 deletions(-) >> >> diff --git a/linux-user/mmap.c b/linux-user/mmap.c >> index d0c50e4888..3ef69fa2d0 100644 >> --- a/linux-user/mmap.c >> +++ b/linux-user/mmap.c >> @@ -391,14 +391,22 @@ abi_long target_mmap(abi_ulong start, abi_ulong len, >> int prot, >> } >> #endif >> >> -if (offset & ~TARGET_PAGE_MASK) { >> +if (!len) { >> errno = EINVAL; >> goto fail; >> } >> >> len = TARGET_PAGE_ALIGN(len); >> -if (len == 0) >> -goto the_end; >> +if (!len) { >> +errno = EINVAL; >> +goto fail; >> +} > > Why do you check twice len? > TARGET_PAGE_ALIGN() rounds up the value, so if it was not 0, it cannot > be now. I was trying to follow the kernel style but I realise TARGET_PAGE_ALIGN might be a different test compared to the kernel's PAGE_ALIGN(len) for overflows: if (!len) return -EINVAL; /* * Does the application expect PROT_READ to imply PROT_EXEC? * * (the exception is when the underlying filesystem is noexec * mounted, in which case we dont add PROT_EXEC.) */ if ((prot & PROT_READ) && (current->personality & READ_IMPLIES_EXEC)) if (!(file && path_noexec(>f_path))) prot |= PROT_EXEC; /* force arch specific MAP_FIXED handling in get_unmapped_area */ if (flags & MAP_FIXED_NOREPLACE) flags |= MAP_FIXED; if (!(flags & MAP_FIXED)) addr = round_hint_to_min(addr); /* Careful about overflows.. */ len = PAGE_ALIGN(len); if (!len) return -ENOMEM; > > Thanks, > Laurent -- Alex Bennée -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1783362 Title: qemu-user: mmap should return failure (MAP_FAILED, -1) instead of success (NULL, 0) when len==0 To manage notifications about this bug go to: https://bugs.launchpad.net/qemu/+bug/1783362/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1783362] [PATCH v1 for 3.0 1/2] linux-user/mmap.c: handle len = 0 maps correctly
I've slightly re-organised the check to more closely match the sequence that the kernel uses in do_mmap(). Signed-off-by: Alex Bennée Cc: umarcor <1783...@bugs.launchpad.net> --- linux-user/mmap.c | 14 +++--- 1 file changed, 11 insertions(+), 3 deletions(-) diff --git a/linux-user/mmap.c b/linux-user/mmap.c index d0c50e4888..3ef69fa2d0 100644 --- a/linux-user/mmap.c +++ b/linux-user/mmap.c @@ -391,14 +391,22 @@ abi_long target_mmap(abi_ulong start, abi_ulong len, int prot, } #endif -if (offset & ~TARGET_PAGE_MASK) { +if (!len) { errno = EINVAL; goto fail; } len = TARGET_PAGE_ALIGN(len); -if (len == 0) -goto the_end; +if (!len) { +errno = EINVAL; +goto fail; +} + +if (offset & ~TARGET_PAGE_MASK) { +errno = EINVAL; +goto fail; +} + real_start = start & qemu_host_page_mask; host_offset = offset & qemu_host_page_mask; -- 2.17.1 -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1783362 Title: qemu-user: mmap should return failure (MAP_FAILED, -1) instead of success (NULL, 0) when len==0 To manage notifications about this bug go to: https://bugs.launchpad.net/qemu/+bug/1783362/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1783362] [PATCH v1 for 3.0 2/2] tests: add check_invalid_maps to test-mmap
This adds a test to make sure we fail properly for a 0 length mmap. There are most likely other failure conditions we should also check. Signed-off-by: Alex Bennée Cc: umarcor <1783...@bugs.launchpad.net> --- tests/tcg/multiarch/test-mmap.c | 16 +++- 1 file changed, 15 insertions(+), 1 deletion(-) diff --git a/tests/tcg/multiarch/test-mmap.c b/tests/tcg/multiarch/test-mmap.c index 5c0afe6e49..7f62eba4e9 100644 --- a/tests/tcg/multiarch/test-mmap.c +++ b/tests/tcg/multiarch/test-mmap.c @@ -27,7 +27,7 @@ #include #include #include - +#include #include #define D(x) @@ -435,6 +435,19 @@ void checked_write(int fd, const void *buf, size_t count) fail_unless(rc == count); } +void check_invalid_mmaps(void) +{ +unsigned char *addr; + +/* Attempt to map a zero length page. */ +addr = mmap(NULL, 0, PROT_READ, MAP_PRIVATE | MAP_ANONYMOUS, -1, 0); +fprintf(stdout, "%s addr=%p", __func__, (void *)addr); +fail_unless(addr == MAP_FAILED); +fail_unless(errno == EINVAL); + +fprintf(stdout, " passed\n"); +} + int main(int argc, char **argv) { char tempname[] = "/tmp/.cmmapXX"; @@ -476,6 +489,7 @@ int main(int argc, char **argv) check_file_fixed_mmaps(); check_file_fixed_eof_mmaps(); check_file_unfixed_eof_mmaps(); + check_invalid_mmaps(); /* Fails at the moment. */ /* check_aligned_anonymous_fixed_mmaps_collide_with_host(); */ -- 2.17.1 -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1783362 Title: qemu-user: mmap should return failure (MAP_FAILED, -1) instead of success (NULL, 0) when len==0 To manage notifications about this bug go to: https://bugs.launchpad.net/qemu/+bug/1783362/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1289527] Re: qemu-aarch64-static: java dies with SIGILL
For SIGILL's it's useful to have the qemu log with -d unimp output. -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to qemu in Ubuntu. https://bugs.launchpad.net/bugs/1289527 Title: qemu-aarch64-static: java dies with SIGILL To manage notifications about this bug go to: https://bugs.launchpad.net/qemu/+bug/1289527/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 1289527] Re: qemu-aarch64-static: java dies with SIGILL
For SIGILL's it's useful to have the qemu log with -d unimp output. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1289527 Title: qemu-aarch64-static: java dies with SIGILL To manage notifications about this bug go to: https://bugs.launchpad.net/qemu/+bug/1289527/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1243261] Re: apparent GPU hang on haswell laptop when playing movie using XVideo output
Will Saucy see an update as well? -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1243261 Title: apparent GPU hang on haswell laptop when playing movie using XVideo output To manage notifications about this bug go to: https://bugs.launchpad.net/xserver-xorg-video-intel/+bug/1243261/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs