Bug #1859527 “vring_get_region_caches: Assertion `caches != NULL...” : Bugs : qemu package : Ubuntu

Revision history for this message

dann frazier (dannf) wrote on 2020-01-13:

#1

Thread 1 (Thread 0x7f2a00963640 (LWP 15030)):
#0 __GI_raise (sig=sig@entry=6) at ../sysdeps/unix/sysv/linux/raise.c:51
#1 0x00007f29fabdd801 in __GI_abort () at abort.c:79
#2 0x00007f29fabcd39a in __assert_fail_base (fmt=0x7f29fad547d8 "%s%s%s:%u: %s%sAssertion `%s' failed.\n%n", assertion=assertion@entry=0x5624a8e2419e "caches != NULL", file=file@entry=0x5624a8e23b80 "/build/qemu-XrmZRw/qemu-2.11+dfsg/hw/virtio/virtio.c", line=line@entry=211, function=function@entry=0x5624a8e249f0 <__PRETTY_FUNCTION__.30338> "vring_get_region_caches") at assert.c:92
#3 0x00007f29fabcd412 in __GI___assert_fail (assertion=assertion@entry=0x5624a8e2419e "caches != NULL", file=file@entry=0x5624a8e23b80 "/build/qemu-XrmZRw/qemu-2.11+dfsg/hw/virtio/virtio.c", line=line@entry=211, function=function@entry=0x5624a8e249f0 <__PRETTY_FUNCTION__.30338> "vring_get_region_caches") at assert.c:101
#4 0x00005624a8a0bcbc in vring_get_region_caches (vq=<optimized out>) at ./hw/virtio/virtio.c:211
#5 0x00005624a8aa88d7 in vring_get_region_caches (vq=<optimized out>) at ./hw/virtio/virtio.c:1628
#6 vring_avail_flags (vq=<optimized out>) at ./hw/virtio/virtio.c:217
#7 virtio_should_notify (vdev=<optimized out>, vq=<optimized out>) at ./hw/virtio/virtio.c:1632
#8 0x00005624a8aaa0b5 in virtio_notify_irqfd (vdev=0x5624af9342b0, vq=0x7f26a0655110) at ./hw/virtio/virtio.c:1646
#9 0x00005624a8a7c05f in notify_guest_bh (opaque=0x5624af93f420) at ./hw/block/dataplane/virtio-blk.c:71
#10 0x00005624a8ded30e in aio_bh_call (bh=0x5624af93ebd0) at ./util/async.c:90
#11 aio_bh_poll (ctx=ctx@entry=0x5624aa267fb0) at ./util/async.c:118
#12 0x00005624a8df0200 in aio_dispatch (ctx=0x5624aa267fb0) at ./util/aio-posix.c:436
#13 0x00005624a8ded1ee in aio_ctx_dispatch (source=<optimized out>, callback=<optimized out>, user_data=<optimized out>) at ./util/async.c:261
#14 0x00007f29fb9b7417 in g_main_context_dispatch () from /usr/lib/x86_64-linux-gnu/libglib-2.0.so.0
#15 0x00005624a8def457 in glib_pollfds_poll () at ./util/main-loop.c:214
#16 os_host_main_loop_wait (timeout=<optimized out>) at ./util/main-loop.c:261
#17 main_loop_wait (nonblocking=<optimized out>) at ./util/main-loop.c:515
#18 0x00005624a8a12ef6 in main_loop () at ./vl.c:1995
#19 main (argc=<optimized out>, argv=<optimized out>, envp=<optimized out>) at ./vl.c:4944

Thread 1 (Thread 0x7f2a00963640 (LWP 15030)):
#0  __GI_raise (sig=sig@entry=6) at ../sysdeps/unix/sysv/linux/raise.c:51
#1  0x00007f29fabdd801 in __GI_abort () at abort.c:79
#2  0x00007f29fabcd39a in __assert_fail_base (fmt=0x7f29fad547d8 "%s%s%s:%u: %s%sAssertion `%s' failed.\n%n", assertion=assertion@entry=0x5624a8e2419e "caches != NULL", file=file@entry=0x5624a8e23b80 "/build/qemu-XrmZRw/qemu-2.11+dfsg/hw/virtio/virtio.c", line=line@entry=211, function=function@entry=0x5624a8e249f0 <__PRETTY_FUNCTION__.30338> "vring_get_region_caches") at assert.c:92
#3  0x00007f29fabcd412 in __GI___assert_fail (assertion=assertion@entry=0x5624a8e2419e "caches != NULL", file=file@entry=0x5624a8e23b80 "/build/qemu-XrmZRw/qemu-2.11+dfsg/hw/virtio/virtio.c", line=line@entry=211, function=function@entry=0x5624a8e249f0 <__PRETTY_FUNCTION__.30338> "vring_get_region_caches") at assert.c:101
#4  0x00005624a8a0bcbc in vring_get_region_caches (vq=<optimized out>) at ./hw/virtio/virtio.c:211
#5  0x00005624a8aa88d7 in vring_get_region_caches (vq=<optimized out>) at ./hw/virtio/virtio.c:1628
#6  vring_avail_flags (vq=<optimized out>) at ./hw/virtio/virtio.c:217
#7  virtio_should_notify (vdev=<optimized out>, vq=<optimized out>) at ./hw/virtio/virtio.c:1632
#8  0x00005624a8aaa0b5 in virtio_notify_irqfd (vdev=0x5624af9342b0, vq=0x7f26a0655110) at ./hw/virtio/virtio.c:1646
#9  0x00005624a8a7c05f in notify_guest_bh (opaque=0x5624af93f420) at ./hw/block/dataplane/virtio-blk.c:71
#10 0x00005624a8ded30e in aio_bh_call (bh=0x5624af93ebd0) at ./util/async.c:90
#11 aio_bh_poll (ctx=ctx@entry=0x5624aa267fb0) at ./util/async.c:118
#12 0x00005624a8df0200 in aio_dispatch (ctx=0x5624aa267fb0) at ./util/aio-posix.c:436
#13 0x00005624a8ded1ee in aio_ctx_dispatch (source=<optimized out>, callback=<optimized out>, user_data=<optimized out>) at ./util/async.c:261
#14 0x00007f29fb9b7417 in g_main_context_dispatch () from /usr/lib/x86_64-linux-gnu/libglib-2.0.so.0
#15 0x00005624a8def457 in glib_pollfds_poll () at ./util/main-loop.c:214
#16 os_host_main_loop_wait (timeout=<optimized out>) at ./util/main-loop.c:261
#17 main_loop_wait (nonblocking=<optimized out>) at ./util/main-loop.c:515
#18 0x00005624a8a12ef6 in main_loop () at ./vl.c:1995
#19 main (argc=<optimized out>, argv=<optimized out>, envp=<optimized out>) at ./vl.c:4944

dann frazier (dannf) on 2020-01-13

Changed in qemu (Ubuntu Bionic):
status:	New → In Progress
assignee:	nobody → dann frazier (dannf)

Revision history for this message

Dan Streetman (ddstreet) wrote on 2020-01-21:

#2

upstream commit to fix this is:
https://github.com/qemu/qemu/commit/725fe5d10dbd4259b1853b7d253cef83a3c0d22a

Revision history for this message

Christian Ehrhardt  (paelzer) wrote on 2020-01-22:

#3

FYI Added the change to the git branch of the upcoming qemu 4.2 for Focal

Revision history for this message

Dan Streetman (ddstreet) wrote on 2020-01-22:

#4

disco is dead (tomorrow), marking wontfix for disco.

description:	updated
description:	updated
Changed in qemu (Ubuntu Disco):
status:	New → Won't Fix

Revision history for this message

Dan Streetman (ddstreet) wrote on 2020-01-22:

#5

qemu uploaded to b/e queues.

@dannf can you add the [test case] section content of the sru template?

Dan Streetman (ddstreet) on 2020-01-22

tags:	added: block-proposed-bionic block-proposed-eoan sts
description:	updated

dann frazier (dannf) on 2020-01-22

description:

updated

Revision history for this message

Łukasz Zemczak (sil2100) wrote on 2020-01-27:

#6

Ok, normally we're waiting for the same changes to be made available in the development series, but since it's already staged in the 4.2 merge in-progress, I'll accept the SRUs. Just be sure to finalize the merge ASAP, before Feature Freeze (so before end of February).

Changed in qemu (Ubuntu Eoan):
status:	New → Fix Committed
tags:	added: verification-needed verification-needed-eoan

Revision history for this message

Łukasz Zemczak (sil2100) wrote on 2020-01-27: Please test proposed package

#7

Hello dann, or anyone else affected,

Accepted qemu into eoan-proposed. The package will build now and be available at https://launchpad.net/ubuntu/+source/qemu/1:4.0+dfsg-0ubuntu9.3 in a few hours, and then in the -proposed repository.

Please help us by testing this new package. See https://wiki.ubuntu.com/Testing/EnableProposed for documentation on how to enable and use -proposed. Your feedback will aid us getting this update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug, mentioning the version of the package you tested and change the tag from verification-needed-eoan to verification-done-eoan. If it does not fix the bug for you, please add a comment stating that, and change the tag to verification-failed-eoan. In either case, without details of your testing we will not be able to proceed.

Further information regarding the verification process can be found at https://wiki.ubuntu.com/QATeam/PerformingSRUVerification . Thank you in advance for helping!

N.B. The updated package will be released to -updates after the bug(s) fixed by this package have been verified and the package has been in -proposed for a minimum of 7 days.

Changed in qemu (Ubuntu Bionic):
status:	In Progress → Fix Committed
tags:	added: verification-needed-bionic

Revision history for this message

Łukasz Zemczak (sil2100) wrote on 2020-01-27:

#8

Hello dann, or anyone else affected,

Accepted qemu into bionic-proposed. The package will build now and be available at https://launchpad.net/ubuntu/+source/qemu/1:2.11+dfsg-1ubuntu7.22 in a few hours, and then in the -proposed repository.

Please help us by testing this new package. See https://wiki.ubuntu.com/Testing/EnableProposed for documentation on how to enable and use -proposed. Your feedback will aid us getting this update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug, mentioning the version of the package you tested and change the tag from verification-needed-bionic to verification-done-bionic. If it does not fix the bug for you, please add a comment stating that, and change the tag to verification-failed-bionic. In either case, without details of your testing we will not be able to proceed.

Further information regarding the verification process can be found at https://wiki.ubuntu.com/QATeam/PerformingSRUVerification . Thank you in advance for helping!

N.B. The updated package will be released to -updates after the bug(s) fixed by this package have been verified and the package has been in -proposed for a minimum of 7 days.

Revision history for this message

Ubuntu SRU Bot (ubuntu-sru-bot) wrote on 2020-01-27: Autopkgtest regression report (qemu/1:2.11+dfsg-1ubuntu7.22)

#9

All autopkgtests for the newly accepted qemu (1:2.11+dfsg-1ubuntu7.22) for bionic have finished running.
The following regressions have been reported in tests triggered by the package:

systemd/237-3ubuntu10.33 (i386, s390x)
vagrant-mutate/1.2.0-3 (ppc64el)

Please visit the excuses page listed below and investigate the failures, proceeding afterwards as per the StableReleaseUpdates policy regarding autopkgtest regressions [1].

https://people.canonical.com/~ubuntu-archive/proposed-migration/bionic/update_excuses.html#qemu

[1] https://wiki.ubuntu.com/StableReleaseUpdates#Autopkgtest_Regressions

Thank you!

Revision history for this message

Ubuntu SRU Bot (ubuntu-sru-bot) wrote on 2020-01-27: Autopkgtest regression report (qemu/1:4.0+dfsg-0ubuntu9.3)

#10

All autopkgtests for the newly accepted qemu (1:4.0+dfsg-0ubuntu9.3) for eoan have finished running.
The following regressions have been reported in tests triggered by the package:

systemd/242-7ubuntu3.2 (i386)
edk2/0~20190606.20d2e5a1-2ubuntu1 (armhf)

Please visit the excuses page listed below and investigate the failures, proceeding afterwards as per the StableReleaseUpdates policy regarding autopkgtest regressions [1].

https://people.canonical.com/~ubuntu-archive/proposed-migration/eoan/update_excuses.html#qemu

[1] https://wiki.ubuntu.com/StableReleaseUpdates#Autopkgtest_Regressions

Thank you!

Revision history for this message

dann frazier (dannf) wrote on 2020-01-28: Re: [Bug 1859527] Autopkgtest regression report (qemu/1:2.11+dfsg-1ubuntu7.22)

#11

On Mon, Jan 27, 2020 at 1:25 PM Ubuntu SRU Bot
<email address hidden> wrote:
>
> All autopkgtests for the newly accepted qemu (1:2.11+dfsg-1ubuntu7.22) for bionic have finished running.
> The following regressions have been reported in tests triggered by the package:
>
> systemd/237-3ubuntu10.33 (i386, s390x)

Since this failure, a subsequent systemd/s390x test ran and passed
suggesting this is a flaky test. It looks like this bug:
https://github.com/systemd/systemd/issues/8880

The i386 failure looks like:
https://bugs.launchpad.net/ubuntu/+source/systemd/+bug/1776654
I've therefore added a bionic task for it (as well as a theory on the
root cause). I did not retry this test.

> vagrant-mutate/1.2.0-3 (ppc64el)

I was unable to reproduce this on a ppc64el instance. Since this test
depends on data from a remote source, I suspect something was out of
sync at the time. I retried the test and it passed.

-dann

Revision history for this message

dann frazier (dannf) wrote on 2020-01-28:

#12

Verified, using test case described in Description.

tags:

added: verification-done-bionic
removed: verification-needed-bionic

Revision history for this message

dann frazier (dannf) wrote on 2020-02-04:

#13

qemu/eoan (1:4.0+dfsg-0ubuntu9.3) does not seem to be impacted by this issue - at least, my reproducer doesn't trigger it. However, I've tested the package from -proposed, and it continues to pass the test, so I'll mark eoan verified.

tags:

added: verification-done verification-done-eoan
removed: verification-needed verification-needed-eoan

Revision history for this message

dann frazier (dannf) wrote on 2020-02-04:

#14

Correction for the previous comment: version should be 1:4.0+dfsg-0ubuntu9.2. To be clear, neither the current QEMU in eoan-updates (.2), nor the one in eoan-proposed (.3) fails my reproducer.

Revision history for this message

Launchpad Janitor (janitor) wrote on 2020-02-06:

#15

Download full text (11.6 KiB)

This bug was fixed in the package qemu - 1:4.2-1ubuntu1

---------------
qemu (1:4.2-1ubuntu1) focal; urgency=medium

  * Merge with Debian testing, Among many other things this fixes LP Bugs:
    LP: #1847806 - add mff* instructions to not break on ppc64 with newer glibc
    LP: #1812822 - avoid crashes on detaching vhost_net interfaces
    LP: #1852744 - Crypto Passthrough Interrupt Support
    LP: #1853316 - CCW IPL Support
    Remaining changes:
    - qemu-kvm to systemd unit
      - d/qemu-kvm-init: script for QEMU KVM preparation modules, ksm,
        hugepages and architecture specifics
      - d/qemu-system-common.qemu-kvm.service: systemd unit to call
        qemu-kvm-init
      - d/qemu-system-common.install: install helper script
      - d/qemu-system-common.maintscript: clean old sysv and upstart scripts
      - d/qemu-system-common.qemu-kvm.default: defaults for
        /etc/default/qemu-kvm
      - d/rules: call dh_installinit and dh_installsystemd for qemu-kvm
    - Distribution specific machine type (LP: 1304107 1621042)
      - d/p/ubuntu/define-ubuntu-machine-types.patch: define distro machine
        types
      - d/qemu-system-x86.NEWS Info on fixed machine type definitions
        for host-phys-bits=true (LP: 1776189)
      - add an info about -hpb machine type in debian/qemu-system-x86.NEWS
      - provide pseries-bionic-2.11-sxxm type as convenience with all
        meltdown/spectre workarounds enabled by default. (LP: 1761372).
    - Enable nesting by default
      - d/p/ubuntu/expose-vmx_qemu64cpu.patch: expose nested kvm by default
        in qemu64 cpu type.
      - d/p/ubuntu/enable-svm-by-default.patch: Enable nested svm by default
        in qemu64 on amd
        [ No more strictly needed, but required for backward compatibility ]
    - improved dependencies
      - Make qemu-system-common depend on qemu-block-extra
      - Make qemu-utils depend on qemu-block-extra
      - let qemu-utils recommend sharutils
    - s390x support
      - Create qemu-system-s390x package
      - Enable numa support for s390x
      - d/rules: build s390-ccw.img with upstream Makefile
      - d/rules: build s390-netboot.img with upstream Makefile
    - arch aware kvm wrappers
    - d/control: update VCS links
    - tolerate ipxe size change on migrations to >=18.04 (LP: 1713490)
      - d/p/ubuntu/pre-bionic-256k-ipxe-efi-roms.patch: old machine types
        reference 256k path
      - d/control-in: depend on ipxe-qemu-256k-compat-efi-roms to be able to
        handle incoming migrations from former releases.
    - d/control-in: Disable capstone disassembler library support (universe)
    - d/control: disable bluetooth being deprecated
    - d/not-installed: ignore new interop docs and extra icons for now
    - d/not-installed: do not install elf2dmp until namespaced
    - d/qemu-utils.install: install new tools qemu-edid and qemu-keymap
    - d/control-in: promote qemu-efi/ovmf in Ubuntu (LP 1570617)
    - d/binfmt-update-in: fix binfmt being called in some containers
      (LP 1840956)
  - Dropped changes (in Debian)
    - qemu-guest-agent: freeze-hook fixes (LP: 1484990)
      - d/qemu-guest-agent.install: provide /etc/qemu/fsfree...

This bug was fixed in the package qemu - 1:4.2-1ubuntu1

---------------
qemu (1:4.2-1ubuntu1) focal; urgency=medium

* Merge with Debian testing, Among many other things this fixes LP Bugs:
    LP: #1847806 - add mff* instructions to not break on ppc64 with newer glibc
    LP: #1812822 - avoid crashes on detaching vhost_net interfaces
    LP: #1852744 - Crypto Passthrough Interrupt Support
    LP: #1853316 - CCW IPL Support
    Remaining changes:
    - qemu-kvm to systemd unit
      - d/qemu-kvm-init: script for QEMU KVM preparation modules, ksm,
        hugepages and architecture specifics
      - d/qemu-system-common.qemu-kvm.service: systemd unit to call
        qemu-kvm-init
      - d/qemu-system-common.install: install helper script
      - d/qemu-system-common.maintscript: clean old sysv and upstart scripts
      - d/qemu-system-common.qemu-kvm.default: defaults for
        /etc/default/qemu-kvm
      - d/rules: call dh_installinit and dh_installsystemd for qemu-kvm
    - Distribution specific machine type (LP: 1304107 1621042)
      - d/p/ubuntu/define-ubuntu-machine-types.patch: define distro machine
        types
      - d/qemu-system-x86.NEWS Info on fixed machine type definitions
        for host-phys-bits=true (LP: 1776189)
      - add an info about -hpb machine type in debian/qemu-system-x86.NEWS
      - provide pseries-bionic-2.11-sxxm type as convenience with all
        meltdown/spectre workarounds enabled by default. (LP: 1761372).
    - Enable nesting by default
      - d/p/ubuntu/expose-vmx_qemu64cpu.patch: expose nested kvm by default
        in qemu64 cpu type.
      - d/p/ubuntu/enable-svm-by-default.patch: Enable nested svm by default
        in qemu64 on amd
        [ No more strictly needed, but required for backward compatibility ]
    - improved dependencies
      - Make qemu-system-common depend on qemu-block-extra
      - Make qemu-utils depend on qemu-block-extra
      - let qemu-utils recommend sharutils
    - s390x support
      - Create qemu-system-s390x package
      - Enable numa support for s390x
      - d/rules: build s390-ccw.img with upstream Makefile
      - d/rules: build s390-netboot.img with upstream Makefile
    - arch aware kvm wrappers
    - d/control: update VCS links
    - tolerate ipxe size change on migrations to >=18.04 (LP: 1713490)
      - d/p/ubuntu/pre-bionic-256k-ipxe-efi-roms.patch: old machine types
        reference 256k path
      - d/control-in: depend on ipxe-qemu-256k-compat-efi-roms to be able to
        handle incoming migrations from former releases.
    - d/control-in: Disable capstone disassembler library support (universe)
    - d/control: disable bluetooth being deprecated
    - d/not-installed: ignore new interop docs and extra icons for now
    - d/not-installed: do not install elf2dmp until namespaced
    - d/qemu-utils.install: install new tools qemu-edid and qemu-keymap
    - d/control-in: promote qemu-efi/ovmf in Ubuntu (LP 1570617)
    - d/binfmt-update-in: fix binfmt being called in some containers
      (LP 1840956)
  - Dropped changes (in Debian)
    - qemu-guest-agent: freeze-hook fixes (LP: 1484990)
      - d/qemu-guest-agent.install: provide /etc/qemu/fsfreeze-hook
      - d/qemu-guest-agent.dirs: provide /etc/qemu/fsfreeze-hook.d
    - d/control-in: enable RDMA support in qemu (LP: 1692476)
        - enable RDMA config option
        - add libibumad-dev build-dep
    - d/p/ubuntu/lp-1790901-partial-SLOF-for-s390x-netboot.patch: bring back
      some SLOF bits stripped in DFSG to be able to build s390x-netboot roms
      As that hack to build s390-ccw.img rom can't build s390x-netboot.img
      replace it with a build-indep using the upstream makefiles.
      This is less prone to miss future changes/fixes that are done to the
      makefiles
    - remove /dev/kvm permission handling (moved to systemd 239-6) (#892945)
    - d/p/debianize-qemu-guest-service.patch: fix path of qemu-ga
    - d/rules: fix qemu-kvm service for debhelper compat >=12
    - Refreshed patches for v4.0 context changes
    - d/control*: remove sdlabi which was removed upstream
    - d/control*: enable docs (now explicit) and provide new build-dep
      python3-sphinx
    - d/qemu-system-data.install: use new paths for formerly used icons
    - Merge with Upstream release of qemu 4.0
    - d/p/ubuntu/lp-1790901-partial-SLOF-for-s390x-netboot.patch
  - Dropped changes (Upstream)
    - d/p/ubuntu/lp-1830243-*: s390x Secure Linux Boot Toleration (LP 1830243)
    - d/p/ubuntu/lp-1830238-*: s390x hardware cpu model (LP 1830238)
    - d/p/ubuntu/linux-user-fix-__NR_semtimedop-undeclared-error.patch:
      fix i386 build error
    - d/p/ubuntu/lp-1836066-s390-cpumodel-fix-description-for-the-new-vector-fac:
      fix naming of the new vector facitlity (LP 1836066)
    - d/p/ubuntu/lp-1836159-fix-with-latest-kernel.patch: fix build issues
      for missing SIOCGSTAMP definition; final fix is still in discussion
      upstream (LP: 1836159)
    - d/p/ubuntu/lp-1836154-*: further fixups for HW CPU model for newer
      s390x machines (LP 1836154)
    - d/p/ubuntu/lp-1841066-*: fix detection of arch_capability flags
      (LP 1841066)
    - d/p/lp-1842774-s390x-cpumodel-Add-the-z15-name-to-the-description-o.patch:
      update the z15 model name (LP 1842774)
    - d/p/ubuntu/lp-1848556-curl-Handle-success-in-multi_check_completion.patch:
      fix a potential hang when qemu or qemu-img where accessing http backed
      disks via libcurl (LP 1848556)
    - d/p/u/lp-1848497-virtio-balloon-fix-QEMU-4.0-config-size-migration-*:
      fix migration issue from qemu <4.0 when using virtio-balloon (LP 1848497)
    - d/p/ubuntu/lp-1830704-s390x-cpumodel-ignore-csske-for-expansion.patch
      toleration for future machines (LP 1830704)
    - SECURITY UPDATE: Add support for exposing md-clear functionality
      to guests
      - d/p/ubuntu/enable-md-clear.patch
      - d/p/ubuntu/enable-md-no.patch
      - CVE-2018-12126, CVE-2018-12127, CVE-2018-12130, CVE-2019-11091
    - SECURITY UPDATE: heap overflow when loading device tree blob
      - d/p/ubuntu/CVE-2018-20815.patch: specify how large the buffer to
        copy the device tree blob into is.
      - CVE-2018-20815
    - SECURITY UPDATE: device driver denial of service via NULL pointer
      dereference
      - d/p/ubuntu/CVE-2019-5008.patch: Define skeleton 'power_mem_read'
        routine
      - CVE-2019-5008
    - SECURITY UPDATE: information leak in SLiRP
      - d/p/ubuntu/CVE-2019-9824.patch: check sscanf result when
        emulating ident.
      - CVE-2019-9824
    - d/p/ubuntu/lp-1812384-s390x-Return-specification-exception-for-
      unimplement.patch: properly return architecture defined exception
      on bad subcodes of diag 308 (LP 1812384)
  * Dropped changes (no more needed)
    - d/qemu-guest-agent.pre{rm|inst}/.postrm: special handling for
      mv_conffile since the new path is a directory in the old package
      version which can not be handled by mv_conffile.
      [ only needed between disco and eoan ]
    - disable pvrdma
      [ CVEs all fixed now ]
    - d/p/ubuntu/Revert-target-i386-kvm-add-VMX-migration-blocker.patch:
      avoid misdetection of simplified nesting blocking all migrations
      [ qemu now detects and handles nesting - needs kernel >=4.20 ]
    - Enable nesting by default
      - d/qemu-system-x86.modprobe: set nested=1 module option on intel.
        (is default on amd)
      - d/qemu-system-x86.postinst: re-load kvm_intel.ko if it was loaded
        without nested=1
        [ nesting is default in kernel modules and default selected cpu types ]
  * Added changes
    - d/control: regenerate debian/control out of control-in
    - updated ubuntu machine types to match qemu 4.2 in Ubuntu 20.04 Focal
      - added ubuntu focal types for qemu 4.2
      - ubuntu-q35 alias added to auto-select the most recent q35 ubuntu type
    - d/p/ubuntu/lp-1857033-*: add support for Cooper Lake cpu model
      (LP: #1857033)
    - d/qemu-system-x86.README.Debian: add info about updated nesting changes
    - d/control*, d/rules: disable xen by default, but provide universe
      package qemu-system-x86-xen as alternative
    - fix typos in changelog and d/qemu-system-x86.NEWS
    - d/p/lp-1859527-*: avoid breakage on high virtqueue counts (LP: #1859527)
    - d/control*: enable libpmem support for nvdimms (LP: #1790856)

qemu (1:4.2-1) unstable; urgency=medium

* new upstream release (4.2.0)
  * removed patches: v4.1.1.diff, enable-pschange-mc-no.patch
  * do not make sgabios.bin executable (lintian)
  * add s390-netboot.img lintian overrides for qemu-system-data
  * build qboot (bios-microvm.bin)
  * build-depend-indep on libc6-dev-i386 for qboot
    (includes some system headers)

qemu (1:4.1-3) unstable; urgency=medium

* mention #939869 (CVE-2019-15890) in previous changelog entry
  * add Provides: sgabios to qemu-data (Closes: #945924)
  * fix qemu-debootsrtap (add hppa arch, print correct error message)
    thanks to Helge Deller (Closes: #923410)
  * enable long binfmt masks again for mips/mips32 (Closes: #829243)

qemu (1:4.1-2) unstable; urgency=medium

* build sgabios in build-indep, conflict with sgabios package
  * qemu-system-ppc: build and install canyonlands.dtb in addition to bamboo.dtb
  * remove duplicated CVE-2018-20123 & CVE-2018-20124 in prev changelog
  * move s390 firmware build rules to debian/s390fw.mak, build s390-netboot.img
  * imported v4.1.1.diff - upstream stable branch
    Closes: CVE-2019-12068
    Closes: #945258, #945072
  * enable-pschange-mc-no.patch: i386: add PSCHANGE_MC_NO feature
    to allow disabling ITLB multihit mitigations in nested hypervisors
    Closes: #944623
  * build-depend on nettle-dev, enable nettle, and clarify --enable-lzo
  * switch to system libslirp, build-depend on libslirp-dev
    Closes: #939869, CVE-2019-15890

qemu (1:4.1-1) unstable; urgency=medium

* new upstream release v4.1
    Closes: #933741, CVE-2019-14378 (slirp buff overflow in packet reassembly)
     (use internal slirp copy for now)
    Closes: #931351, CVE-2019-13164 (qemu-bridge-helper long IFNAME)
    Closes: #922923, CVE-2019-8934 (ppc64 emulator leaks hw identity)
    Closes: #916442, CVE-2018-20123 (pvrdma memory leak in device hotplug)
    Closes: #922461, CVE-2018-20124 (pvrdma num_sge can exceed MAX_SGE)
    Closes: #927924 (new upstream version)
    Closes: #897054 (AMD Zen CPU support)
    Closes: #935324 (FTBFS due to gluster API change)
    Closes: CVE-2018-20125 (pvrdma: DoS in create_cq_ring|create_qp_rings)
    Closes: CVE-2018-20126 (pvrdma: memleaks in create_cq_ring|create_qp_rings)
    Closes: CVE-2018-20191 (pvrdma: DoS due to missing read operation impl.)
    Closes: CVE-2018-20216 (pvrdma: infinite loop in pvrdma_dev_ring.c)
  * remove patches which are applied upstream, refresh remaining patches
    (bt-use-size_t-...-CVE-2018-19665.patch hasn't been applied upstream,
    bluetooth subsystem is going to be removed, we keep it for now)
  * debian/source/options: ignore slirp/ submodule
  * use python3 for building, not python
  * debian/optionrom.mk: add pvh.bin
  * switch from libssh2 to libssh, and enable libssh support in ubuntu
  * bump spice version requiriment to 0.12.5
  * enable pvrdma
  * debian/control-in: remove reference to libsdl
  * debian/rules: add new objects for s390-ccw fw
  * debian/control: add build dependency on python3-sphinx for docs
  * install ui/icons/qemu.svg and qemu.desktop
  * debian/rules: remove pc-bios/bamboo.dtb before building it
  * install vhost-user-gpu binary and 50-qemu-gpu.json
  * debian/rules: remove old maintscript-helper invocations, not needed anymore
  * remove +dfsg for now, upload whole upstream source, will trim it later

-- Christian Ehrhardt <christian.ehrhardt@canonical.com>  Wed, 08 Jan 2020 15:27:42 +0100

Changed in qemu (Ubuntu Focal):
status:	New → Fix Released

Revision history for this message

dann frazier (dannf) wrote on 2020-02-06:

#16

Dropping block-proposed-{bionic,eoan} tags as fixes have now landed in focal.

tags:	removed: block-proposed-bionic block-proposed-eoan
Changed in qemu (Ubuntu Bionic):
assignee:	dann frazier (dannf) → nobody

Revision history for this message

Launchpad Janitor (janitor) wrote on 2020-02-11:

#17

This bug was fixed in the package qemu - 1:4.0+dfsg-0ubuntu9.3

---------------
qemu (1:4.0+dfsg-0ubuntu9.3) eoan; urgency=medium

* d/p/lp1859527-virtio-blk-fix-out-of-bounds-access-to-bitmap-in-not.patch:
fix bitmap index to prevent OOB access when # of vqs > 64 (LP: #1859527)

-- Dan Streetman <email address hidden> Wed, 22 Jan 2020 08:50:56 -0500

Changed in qemu (Ubuntu Eoan):
status:	Fix Committed → Fix Released

Revision history for this message

Brian Murray (brian-murray) wrote on 2020-02-11: Update Released

#18

The verification of the Stable Release Update for qemu has completed successfully and the package is now being released to -updates. Subsequently, the Ubuntu Stable Release Updates Team is being unsubscribed and will not receive messages about this bug report. In the event that you encounter a regression using the package from -updates please report a new bug using ubuntu-bug and tag the bug report regression-update so we can easily find any regressions.

Revision history for this message

Launchpad Janitor (janitor) wrote on 2020-02-11:

#19

This bug was fixed in the package qemu - 1:2.11+dfsg-1ubuntu7.22

---------------
qemu (1:2.11+dfsg-1ubuntu7.22) bionic; urgency=medium

* d/p/lp1859527-virtio-blk-fix-out-of-bounds-access-to-bitmap-in-not.patch:
fix bitmap index to prevent OOB access when # of vqs > 64 (LP: #1859527)

-- Dan Streetman <email address hidden> Wed, 22 Jan 2020 08:55:45 -0500

Changed in qemu (Ubuntu Bionic):
status:	Fix Committed → Fix Released

	Status	Importance	Assigned to
qemu (Ubuntu)	Fix Released	Undecided	Unassigned
Bionic	Fix Released	Undecided	Unassigned
Disco	Won't Fix	Undecided	Unassigned
Eoan	Fix Released	Undecided	Unassigned
Focal	Fix Released	Undecided	Unassigned

Ubuntu
qemu package

vring_get_region_caches: Assertion `caches != NULL' failed.

Bug Description

Related branches

CVE References

Other bug subscribers

Remote bug watches

Ubuntuqemu package

vring_get_region_caches: Assertion `caches != NULL' failed.

Bug Description

Related branches

CVE References

Other bug subscribers

Remote bug watches

Ubuntu
qemu package