diff options
| author | Christian Krinitsin <mail@krinitsin.com> | 2025-05-30 16:52:07 +0200 |
|---|---|---|
| committer | Christian Krinitsin <mail@krinitsin.com> | 2025-05-30 16:52:17 +0200 |
| commit | 9260319e7411ff8281700a532caa436f40120ec4 (patch) | |
| tree | 2f6bfe5f3458dd49d328d3a9eb508595450adec0 /gitlab/issues/target_missing/host_missing/accel_missing/2149.toml | |
| parent | 225caa38269323af1bfc2daadff5ec8bd930747f (diff) | |
| download | emulator-bug-study-9260319e7411ff8281700a532caa436f40120ec4.tar.gz emulator-bug-study-9260319e7411ff8281700a532caa436f40120ec4.zip | |
gitlab scraper: download in toml and text format
Diffstat (limited to 'gitlab/issues/target_missing/host_missing/accel_missing/2149.toml')
| -rw-r--r-- | gitlab/issues/target_missing/host_missing/accel_missing/2149.toml | 23 |
1 files changed, 0 insertions, 23 deletions
diff --git a/gitlab/issues/target_missing/host_missing/accel_missing/2149.toml b/gitlab/issues/target_missing/host_missing/accel_missing/2149.toml deleted file mode 100644 index 176dbda7..00000000 --- a/gitlab/issues/target_missing/host_missing/accel_missing/2149.toml +++ /dev/null @@ -1,23 +0,0 @@ -id = 2149 -title = "Segfault in libvhost-user and libvduse because of invalid pointer arithmetic with indirect read" -state = "opened" -created_at = "2024-02-04T09:27:47.046Z" -closed_at = "n/a" -labels = [] -url = "https://gitlab.com/qemu-project/qemu/-/issues/2149" -host-os = "Any OS supporting libvhost-user/libvduse" -host-arch = "n/a" -qemu-version = "n/a" -guest-os = "n/a" -guest-arch = "n/a" -description = """Hello, this is my first experience communicating with open-source community. I have already reported the problem and have submitted patches through qemu-devel mailing list https://mail.gnu.org/archive/html/qemu-devel/2024-01/msg02533.html, as instructed in https://www.qemu.org/docs/master/devel/submitting-a-patch.html, albeit getting no response from any maintainer. I know, that everyone are very busy and are spammed everyday from millions of threads, but I am getting very upset, that such a trivial bug lives in code base for many years and even have been copied to "sister"-library without proper review. So, excuse me, if I am taking this issue too personally. - -The problem - when one tries to use libvhost-user\\libvduse and triggers for some reason non-zero-copy mode (like pushing a lot of data) of indirect descriptor reading routine `virtqueue_read_indirect_desc`, any time one got to read more than one descriptor - one would overwrite stack and depending on one's luck getting some weird behaviour, or simple crash moments later, when other code tries to access broken data. - -Steps to reproduce are non-trivial, because depends on one's host and VM (one simply gets random crashes here and there, with core dumps pointing somewhere around given libraries), but anyone who can read C code, can clearly see that pointer arithmetic of `struct vring_desc *desc` is wrong. - -Maybe, I got instructions wrong and posted fixes to wrong mailing list, maybe, nobody cares, so thank you for attention. I'll be glad to hear any advice on how can I help with fixing this simple error, besides what has been done already. - -Thank you.""" -reproduce = "n/a" -additional = "n/a" |