[Bug 1801052] Re: arm64 kvm-unit-tests timer test failing on 18.04
I have also tested this on the ubuntu running on 96 core TX system. Fails with linux-image-4.15.0-20-generic but passes with an alllocalconfig build of 4.19. ** Changed in: linux (Ubuntu) Status: Incomplete => Confirmed -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1801052 Title: arm64 kvm-unit-tests timer test failing on 18.04 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1801052/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1783362] Re: [Qemu-devel] [PATCH v2 for 3.0 1/2] linux-user/mmap.c: handle invalid len maps correctly
Laurent Vivier writes:
> Le 30/07/2018 à 15:43, Alex Bennée a écrit:
>> I've slightly re-organised the check to more closely match the
>> sequence that the kernel uses in do_mmap(). We check for both the zero
>> case (EINVAL) and the overflow length case (ENOMEM).
>>
>> Signed-off-by: Alex Bennée
>> Cc: umarcor <1783...@bugs.launchpad.net>
>>
>> ---
>> v2
>> - add comment on overflow
>> ---
>> linux-user/mmap.c | 15 ---
>> 1 file changed, 12 insertions(+), 3 deletions(-)
>>
>> diff --git a/linux-user/mmap.c b/linux-user/mmap.c
>> index d0c50e4888..41e0983ce8 100644
>> --- a/linux-user/mmap.c
>> +++ b/linux-user/mmap.c
>> @@ -391,14 +391,23 @@ abi_long target_mmap(abi_ulong start, abi_ulong len,
>> int prot,
>> }
>> #endif
>>
>> -if (offset & ~TARGET_PAGE_MASK) {
>> +if (!len) {
>> errno = EINVAL;
>> goto fail;
>> }
>>
>> +/* Also check for overflows... */
>> len = TARGET_PAGE_ALIGN(len);
>> -if (len == 0)
>> -goto the_end;
>> +if (!len) {
>> +errno = ENOMEM;
>> +goto fail;
>> +}
>> +
>> +if (offset & ~TARGET_PAGE_MASK) {
>> +errno = EINVAL;
>> + goto fail;
>> +}
>> +
>> real_start = start & qemu_host_page_mask;
>> host_offset = offset & qemu_host_page_mask;
>>
>>
>
> Reviewed-by: Laurent Vivier
Are you going to take this via your queue or do you want me to re-post
with the r-b?
--
Alex Bennée
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1783362
Title:
qemu-user: mmap should return failure (MAP_FAILED, -1) instead of
success (NULL, 0) when len==0
To manage notifications about this bug go to:
https://bugs.launchpad.net/qemu/+bug/1783362/+subscriptions
--
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1783362] [PATCH v2 for 3.0 2/2] tests: add check_invalid_maps to test-mmap
This adds a test to make sure we fail properly for a 0 length mmap.
There are most likely other failure conditions we should also check.
Signed-off-by: Alex Bennée
Reviewed-by: Richard Henderson
Cc: umarcor <1783...@bugs.launchpad.net>
---
v2
- add test for overflow
---
tests/tcg/multiarch/test-mmap.c | 22 +-
1 file changed, 21 insertions(+), 1 deletion(-)
diff --git a/tests/tcg/multiarch/test-mmap.c b/tests/tcg/multiarch/test-mmap.c
index 5c0afe6e49..11d0e777b1 100644
--- a/tests/tcg/multiarch/test-mmap.c
+++ b/tests/tcg/multiarch/test-mmap.c
@@ -27,7 +27,7 @@
#include
#include
#include
-
+#include
#include
#define D(x)
@@ -435,6 +435,25 @@ void checked_write(int fd, const void *buf, size_t count)
fail_unless(rc == count);
}
+void check_invalid_mmaps(void)
+{
+unsigned char *addr;
+
+/* Attempt to map a zero length page. */
+addr = mmap(NULL, 0, PROT_READ, MAP_PRIVATE | MAP_ANONYMOUS, -1, 0);
+fprintf(stdout, "%s addr=%p", __func__, (void *)addr);
+fail_unless(addr == MAP_FAILED);
+fail_unless(errno == EINVAL);
+
+/* Attempt to map a over length page. */
+addr = mmap(NULL, -4, PROT_READ, MAP_PRIVATE | MAP_ANONYMOUS, -1, 0);
+fprintf(stdout, "%s addr=%p", __func__, (void *)addr);
+fail_unless(addr == MAP_FAILED);
+fail_unless(errno == ENOMEM);
+
+fprintf(stdout, " passed\n");
+}
+
int main(int argc, char **argv)
{
char tempname[] = "/tmp/.cmmapXX";
@@ -476,6 +495,7 @@ int main(int argc, char **argv)
check_file_fixed_mmaps();
check_file_fixed_eof_mmaps();
check_file_unfixed_eof_mmaps();
+ check_invalid_mmaps();
/* Fails at the moment. */
/* check_aligned_anonymous_fixed_mmaps_collide_with_host(); */
--
2.17.1
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1783362
Title:
qemu-user: mmap should return failure (MAP_FAILED, -1) instead of
success (NULL, 0) when len==0
To manage notifications about this bug go to:
https://bugs.launchpad.net/qemu/+bug/1783362/+subscriptions
--
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1783362] [PATCH v2 for 3.0 1/2] linux-user/mmap.c: handle invalid len maps correctly
I've slightly re-organised the check to more closely match the
sequence that the kernel uses in do_mmap(). We check for both the zero
case (EINVAL) and the overflow length case (ENOMEM).
Signed-off-by: Alex Bennée
Cc: umarcor <1783...@bugs.launchpad.net>
---
v2
- add comment on overflow
---
linux-user/mmap.c | 15 ---
1 file changed, 12 insertions(+), 3 deletions(-)
diff --git a/linux-user/mmap.c b/linux-user/mmap.c
index d0c50e4888..41e0983ce8 100644
--- a/linux-user/mmap.c
+++ b/linux-user/mmap.c
@@ -391,14 +391,23 @@ abi_long target_mmap(abi_ulong start, abi_ulong len, int
prot,
}
#endif
-if (offset & ~TARGET_PAGE_MASK) {
+if (!len) {
errno = EINVAL;
goto fail;
}
+/* Also check for overflows... */
len = TARGET_PAGE_ALIGN(len);
-if (len == 0)
-goto the_end;
+if (!len) {
+errno = ENOMEM;
+goto fail;
+}
+
+if (offset & ~TARGET_PAGE_MASK) {
+errno = EINVAL;
+goto fail;
+}
+
real_start = start & qemu_host_page_mask;
host_offset = offset & qemu_host_page_mask;
--
2.17.1
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1783362
Title:
qemu-user: mmap should return failure (MAP_FAILED, -1) instead of
success (NULL, 0) when len==0
To manage notifications about this bug go to:
https://bugs.launchpad.net/qemu/+bug/1783362/+subscriptions
--
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1783362] [PATCH v2 for 3.0 0/2] fix for bug #1783362
Hi, Updated to cover the overflow case properly as well. Alex Bennée (2): linux-user/mmap.c: handle invalid len maps correctly tests: add check_invalid_maps to test-mmap linux-user/mmap.c | 15 --- tests/tcg/multiarch/test-mmap.c | 22 +- 2 files changed, 33 insertions(+), 4 deletions(-) -- 2.17.1 -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1783362 Title: qemu-user: mmap should return failure (MAP_FAILED, -1) instead of success (NULL, 0) when len==0 To manage notifications about this bug go to: https://bugs.launchpad.net/qemu/+bug/1783362/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1783362] Re: [Qemu-devel] [PATCH v1 for 3.0 1/2] linux-user/mmap.c: handle len = 0 maps correctly
Will do, thanks!
On Thu, 26 Jul 2018 at 19:12, Laurent Vivier wrote:
> Le 26/07/2018 à 19:58, Alex Bennée a écrit :
> >
> > Laurent Vivier writes:
> >
> >> Le 26/07/2018 à 15:29, Alex Bennée a écrit:
> >>> I've slightly re-organised the check to more closely match the
> >>> sequence that the kernel uses in do_mmap().
> >>>
> >>> Signed-off-by: Alex Bennée
> >>> Cc: umarcor <1783...@bugs.launchpad.net>
> >>> ---
> >>> linux-user/mmap.c | 14 +++---
> >>> 1 file changed, 11 insertions(+), 3 deletions(-)
> >>>
> >>> diff --git a/linux-user/mmap.c b/linux-user/mmap.c
> >>> index d0c50e4888..3ef69fa2d0 100644
> >>> --- a/linux-user/mmap.c
> >>> +++ b/linux-user/mmap.c
> >>> @@ -391,14 +391,22 @@ abi_long target_mmap(abi_ulong start, abi_ulong
> len, int prot,
> >>> }
> >>> #endif
> >>>
> >>> -if (offset & ~TARGET_PAGE_MASK) {
> >>> +if (!len) {
> >>> errno = EINVAL;
> >>> goto fail;
> >>> }
> >>>
> >>> len = TARGET_PAGE_ALIGN(len);
> >>> -if (len == 0)
> >>> -goto the_end;
> >>> +if (!len) {
> >>> +errno = EINVAL;
> >>> +goto fail;
> >>> +}
> >>
> >> Why do you check twice len?
> >> TARGET_PAGE_ALIGN() rounds up the value, so if it was not 0, it cannot
> >> be now.
> >
> > I was trying to follow the kernel style but I realise TARGET_PAGE_ALIGN
> > might be a different test compared to the kernel's PAGE_ALIGN(len) for
> > overflows:
> ...
> > /* Careful about overflows.. */
> > len = PAGE_ALIGN(len);
> > if (!len)
> > return -ENOMEM;
> >
>
>
> OK, so keep it but you should use ENOMEM, not EINVAL (and add a comment :)
> )
>
> Thanks,
> Laurent
>
--
Alex Bennée
KVM/QEMU Hacker for Linaro
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1783362
Title:
qemu-user: mmap should return failure (MAP_FAILED, -1) instead of
success (NULL, 0) when len==0
To manage notifications about this bug go to:
https://bugs.launchpad.net/qemu/+bug/1783362/+subscriptions
--
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1783362] Re: [Qemu-devel] [PATCH v1 for 3.0 1/2] linux-user/mmap.c: handle len = 0 maps correctly
Laurent Vivier writes:
> Le 26/07/2018 à 15:29, Alex Bennée a écrit:
>> I've slightly re-organised the check to more closely match the
>> sequence that the kernel uses in do_mmap().
>>
>> Signed-off-by: Alex Bennée
>> Cc: umarcor <1783...@bugs.launchpad.net>
>> ---
>> linux-user/mmap.c | 14 +++---
>> 1 file changed, 11 insertions(+), 3 deletions(-)
>>
>> diff --git a/linux-user/mmap.c b/linux-user/mmap.c
>> index d0c50e4888..3ef69fa2d0 100644
>> --- a/linux-user/mmap.c
>> +++ b/linux-user/mmap.c
>> @@ -391,14 +391,22 @@ abi_long target_mmap(abi_ulong start, abi_ulong len,
>> int prot,
>> }
>> #endif
>>
>> -if (offset & ~TARGET_PAGE_MASK) {
>> +if (!len) {
>> errno = EINVAL;
>> goto fail;
>> }
>>
>> len = TARGET_PAGE_ALIGN(len);
>> -if (len == 0)
>> -goto the_end;
>> +if (!len) {
>> +errno = EINVAL;
>> +goto fail;
>> +}
>
> Why do you check twice len?
> TARGET_PAGE_ALIGN() rounds up the value, so if it was not 0, it cannot
> be now.
I was trying to follow the kernel style but I realise TARGET_PAGE_ALIGN
might be a different test compared to the kernel's PAGE_ALIGN(len) for
overflows:
if (!len)
return -EINVAL;
/*
* Does the application expect PROT_READ to imply PROT_EXEC?
*
* (the exception is when the underlying filesystem is noexec
* mounted, in which case we dont add PROT_EXEC.)
*/
if ((prot & PROT_READ) && (current->personality & READ_IMPLIES_EXEC))
if (!(file && path_noexec(>f_path)))
prot |= PROT_EXEC;
/* force arch specific MAP_FIXED handling in get_unmapped_area */
if (flags & MAP_FIXED_NOREPLACE)
flags |= MAP_FIXED;
if (!(flags & MAP_FIXED))
addr = round_hint_to_min(addr);
/* Careful about overflows.. */
len = PAGE_ALIGN(len);
if (!len)
return -ENOMEM;
>
> Thanks,
> Laurent
--
Alex Bennée
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1783362
Title:
qemu-user: mmap should return failure (MAP_FAILED, -1) instead of
success (NULL, 0) when len==0
To manage notifications about this bug go to:
https://bugs.launchpad.net/qemu/+bug/1783362/+subscriptions
--
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1783362] [PATCH v1 for 3.0 1/2] linux-user/mmap.c: handle len = 0 maps correctly
I've slightly re-organised the check to more closely match the
sequence that the kernel uses in do_mmap().
Signed-off-by: Alex Bennée
Cc: umarcor <1783...@bugs.launchpad.net>
---
linux-user/mmap.c | 14 +++---
1 file changed, 11 insertions(+), 3 deletions(-)
diff --git a/linux-user/mmap.c b/linux-user/mmap.c
index d0c50e4888..3ef69fa2d0 100644
--- a/linux-user/mmap.c
+++ b/linux-user/mmap.c
@@ -391,14 +391,22 @@ abi_long target_mmap(abi_ulong start, abi_ulong len, int
prot,
}
#endif
-if (offset & ~TARGET_PAGE_MASK) {
+if (!len) {
errno = EINVAL;
goto fail;
}
len = TARGET_PAGE_ALIGN(len);
-if (len == 0)
-goto the_end;
+if (!len) {
+errno = EINVAL;
+goto fail;
+}
+
+if (offset & ~TARGET_PAGE_MASK) {
+errno = EINVAL;
+goto fail;
+}
+
real_start = start & qemu_host_page_mask;
host_offset = offset & qemu_host_page_mask;
--
2.17.1
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1783362
Title:
qemu-user: mmap should return failure (MAP_FAILED, -1) instead of
success (NULL, 0) when len==0
To manage notifications about this bug go to:
https://bugs.launchpad.net/qemu/+bug/1783362/+subscriptions
--
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1783362] [PATCH v1 for 3.0 2/2] tests: add check_invalid_maps to test-mmap
This adds a test to make sure we fail properly for a 0 length mmap.
There are most likely other failure conditions we should also check.
Signed-off-by: Alex Bennée
Cc: umarcor <1783...@bugs.launchpad.net>
---
tests/tcg/multiarch/test-mmap.c | 16 +++-
1 file changed, 15 insertions(+), 1 deletion(-)
diff --git a/tests/tcg/multiarch/test-mmap.c b/tests/tcg/multiarch/test-mmap.c
index 5c0afe6e49..7f62eba4e9 100644
--- a/tests/tcg/multiarch/test-mmap.c
+++ b/tests/tcg/multiarch/test-mmap.c
@@ -27,7 +27,7 @@
#include
#include
#include
-
+#include
#include
#define D(x)
@@ -435,6 +435,19 @@ void checked_write(int fd, const void *buf, size_t count)
fail_unless(rc == count);
}
+void check_invalid_mmaps(void)
+{
+unsigned char *addr;
+
+/* Attempt to map a zero length page. */
+addr = mmap(NULL, 0, PROT_READ, MAP_PRIVATE | MAP_ANONYMOUS, -1, 0);
+fprintf(stdout, "%s addr=%p", __func__, (void *)addr);
+fail_unless(addr == MAP_FAILED);
+fail_unless(errno == EINVAL);
+
+fprintf(stdout, " passed\n");
+}
+
int main(int argc, char **argv)
{
char tempname[] = "/tmp/.cmmapXX";
@@ -476,6 +489,7 @@ int main(int argc, char **argv)
check_file_fixed_mmaps();
check_file_fixed_eof_mmaps();
check_file_unfixed_eof_mmaps();
+ check_invalid_mmaps();
/* Fails at the moment. */
/* check_aligned_anonymous_fixed_mmaps_collide_with_host(); */
--
2.17.1
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1783362
Title:
qemu-user: mmap should return failure (MAP_FAILED, -1) instead of
success (NULL, 0) when len==0
To manage notifications about this bug go to:
https://bugs.launchpad.net/qemu/+bug/1783362/+subscriptions
--
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1289527] Re: qemu-aarch64-static: java dies with SIGILL
For SIGILL's it's useful to have the qemu log with -d unimp output. -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to qemu in Ubuntu. https://bugs.launchpad.net/bugs/1289527 Title: qemu-aarch64-static: java dies with SIGILL To manage notifications about this bug go to: https://bugs.launchpad.net/qemu/+bug/1289527/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 1289527] Re: qemu-aarch64-static: java dies with SIGILL
For SIGILL's it's useful to have the qemu log with -d unimp output. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1289527 Title: qemu-aarch64-static: java dies with SIGILL To manage notifications about this bug go to: https://bugs.launchpad.net/qemu/+bug/1289527/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1243261] Re: apparent GPU hang on haswell laptop when playing movie using XVideo output
Will Saucy see an update as well? -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1243261 Title: apparent GPU hang on haswell laptop when playing movie using XVideo output To manage notifications about this bug go to: https://bugs.launchpad.net/xserver-xorg-video-intel/+bug/1243261/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
