summary refs log tree commit diff stats
path: root/results/classifier/accel-gemma3:12b/kvm/1581936
diff options
context:
space:
mode:
Diffstat (limited to 'results/classifier/accel-gemma3:12b/kvm/1581936')
-rw-r--r--results/classifier/accel-gemma3:12b/kvm/158193667
1 files changed, 67 insertions, 0 deletions
diff --git a/results/classifier/accel-gemma3:12b/kvm/1581936 b/results/classifier/accel-gemma3:12b/kvm/1581936
new file mode 100644
index 000000000..aa46017a6
--- /dev/null
+++ b/results/classifier/accel-gemma3:12b/kvm/1581936
@@ -0,0 +1,67 @@
+
+Frozen Windows 7 VMs with VGA CVE-2016-3712 fix (2.6.0 and 2.5.1.1)
+
+Hi,
+
+As already posted on the QEMU devel list [1] I stumbled upon a problem with QEMU in version 2.5.1.1 and 2.6.0.
+
+the VM shows Windows loading
+files for the installation, then the "Starting Windows" screen appears
+here it hangs and never continues.
+
+Changing the "-vga" option to cirrus solves this, the installation can
+proceed and finish. When changing back to std (or also qxl, vmware) the
+installed VM also hangs on the "Starting Windows" screen while qemu
+showing a little but no excessive load.
+
+This phenomena appears also with QEMU 2.6.0 but not with 2.6.0-rc4, a
+git bisect shows fd3c136b3e1482cd0ec7285d6bc2a3e6a62c38d7 (vga: make
+sure vga register setup for vbe stays intact (CVE-2016-3712)) as the
+culprit for this regression, as its a fix for a DoS its not an option to
+just revert it, I guess.
+
+The bisect log is:
+
+git bisect start
+# bad: [bfc766d38e1fae5767d43845c15c79ac8fa6d6af] Update version for v2.6.0 release
+git bisect bad bfc766d38e1fae5767d43845c15c79ac8fa6d6af
+# good: [975eb6a547f809608ccb08c221552f666611af25] Update version for v2.6.0-rc4 release
+git bisect good 975eb6a547f809608ccb08c221552f666611af25
+# good: [2068192dcccd8a80dddfcc8df6164cf9c26e0fc4] vga: update vga register setup on vbe changes
+git bisect good 2068192dcccd8a80dddfcc8df6164cf9c26e0fc4
+# bad: [53db932604dfa7bb9241d132e0173894cf54261c] Merge remote-tracking branch 'remotes/kraxel/tags/pull-vga-20160509-1' into staging
+git bisect bad 53db932604dfa7bb9241d132e0173894cf54261c
+# bad: [fd3c136b3e1482cd0ec7285d6bc2a3e6a62c38d7] vga: make sure vga register setup for vbe stays intact (CVE-2016-3712).
+git bisect bad fd3c136b3e1482cd0ec7285d6bc2a3e6a62c38d7
+# first bad commit: [fd3c136b3e1482cd0ec7285d6bc2a3e6a62c38d7] vga: make sure vga register setup for vbe stays intact (CVE-2016-3712).
+
+
+I could reproduce that with QEMU 2.5.1 and QEMU 2.6 on a Debian derivate
+(Promox VE) with 4.4 Kernel and also with QEMU 2.6 on an Arch Linux
+System with a 4.5 Kernel, so it should not be host distro depended. Both
+machines have Intel x86_64 processors.
+The problem should be reproducible with said Versions or a build from
+git including the above mentioned commit (fd3c136) by starting a VM with
+an Windows 7 ISO, e.g.:
+
+Freezing installation (as vga defaults to std I marked it as optional):
+./x86_64-softmmu/qemu-system-x86_64 -boot d -cdrom win7.iso -m 1024 [-vga (std|qxl|vmware)]
+
+Working installation:
+./x86_64-softmmu/qemu-system-x86_64 -boot d -cdrom win7.iso -m 1024 -vga cirrus
+
+If someone has already an installed Windows 7 VM this behaviour should be
+also observable when trying to start it with the new versions of QEMU.
+
+Noteworthy may be that Windows 10 is working, I do not had time to get
+other Windows versions and test them, I'll do that as soon as possible.
+Various Linux system also seems do work fine, at least I did not ran
+into an issue there yet.
+
+I also tried testing with SeaBIOS and OVMF as firmware, as initially I
+had no idea what broke, both lead to the same result - without the 
+CVE-2016-3712 fix they both work, with not.
+Further, KVM enabled and disabled does not make any difference.
+
+
+[1] http://lists.nongnu.org/archive/html/qemu-devel/2016-05/msg02416.html
\ No newline at end of file