>[...]
>
>> >>This does not play well with the fact that processes as the PR helper
>> >>are always required.
>> >>
>> >>Merging them into libvirtd would make the VM stop until libvirtd is
>> >>running again. Additionally if any of the operations require persistent
>> >>kernel state as e.g. file de
Wei Yang writes:
> Function find_default_machine() is introduced by commit 2c8cffa599b7
> "vl: make find_default_machine externally visible", while it seems no
> one outside use it.
It was used outside of vl.c until commit a904410af5f.
> This patch make it local again.
Suggest:
Commit a90441
On Mon, 1 Apr 2019 14:21:40 +
Shameerali Kolothum Thodi wrote:
> Hi Igor,
>
> > -Original Message-
> > From: Igor Mammedov [mailto:imamm...@redhat.com]
> > Sent: 01 April 2019 14:09
> > To: Shameerali Kolothum Thodi
> > Cc: Auger Eric ; qemu-devel@nongnu.org;
> > qemu-...@nongnu.org
Stefano Garzarella writes:
> On Mon, Mar 11, 2019 at 04:32:34PM +0800, Wei Yang wrote:
>> Function object_new_with_propv already get the Type of the object, so we
>> could leverage object_new_with_type here.
>>
>> [make check test pass]
>>
>> Signed-off-by: Wei Yang
>> ---
>> qom/object.c | 2
On Tue, 2 Apr 2019 11:53:43 +0800
Wei Yang wrote:
> On Wed, Mar 13, 2019 at 05:09:43PM +0100, Igor Mammedov wrote:
> >On Wed, 13 Mar 2019 13:33:59 +
> >Wei Yang wrote:
> >
> >>
> >> I am lost at this place.
> >>
> >> sig is a part of ACPI table header, you mean the sig is not necessary t
Since c2077e2c "pci: Adjust PCI config limit based on bus topology",
pci_adjust_config_limit() has been used in the config space read and write
paths to only permit access to extended config space on buses which permit
it. Specifically it prevents access on devices below a vanilla-PCI bus via
some
Zhang Chen writes:
> From: Zhang Chen
>
> The documentation with the wrong initial version number of last_mode field,
> This patch just fix this issue.
>
> Signed-off-by: Zhang Chen
> ---
> qapi/migration.json | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/qapi/migrat
From: Greg Kurz
Some PHB implementations, eg. PAPR used on pseries machine, act like
a regular PCI bus rather than a PCIe bus, but allow access to the
PCIe extended config space anyway.
Introduce a new PCI bus class method to modelize this behaviour and
use it when adjusting the config space siz
This patch makes the remaining dozen or so uses of the global
current_machine outside vl.c use qdev_get_machine() instead,
and then make current_machine local to vl.c instead of global.
Signed-off-by: Like Xu
---
accel/kvm/kvm-all.c | 6 --
device-hotplug.c| 3 ++-
device_tree.c |
From: Greg Kurz
The PAPR PHB acts as a legacy PCI bus but it allows PCIe extended
config space accesses anyway (for pseries-2.9 and newer machine
types).
Introduce a specific PCI bus subtype to inform the common PCI code
about that.
Fixes: c2077e2ca0da7
Signed-off-by: Greg Kurz
Message-Id: <15
c2077e2c "pci: Adjust PCI config limit based on bus topology"
introduced checking the availability of extended config space for
PCI-E devices which are in a bus topology that doesn't permit extended
config space access (e.g. under PCI-E to PCI then PCI to PCI-E
bridges).
This caused some problems
This function has an explicit test for accesses above the device's config
size, in which case it returns ~0x0. But pci_host_config_read_common()
which it is about to call already has checks against the config space
limit and likewise returns ~0x0 in that case. So, remove the redundant
test.
Sign
pci_bus_is_root() currently relies on a method in the PCIBusClass.
But it's always known if a PCI bus is a root bus when we create it, so
using a dynamic method is overkill.
This replaces it with an IS_ROOT bit in a new flags field, which is set on
root buses and otherwise clear. As a bonus this
On Mon, Apr 01, 2019 at 05:17:11PM -0400, Bandan Das wrote:
> This function is used in the delete path only and can
> be replaced by a call to usb_mtp_object_free.
Queued patch 1+2, leaving 3 for later.
cheers,
Gerd
On Mon, Apr 01, 2019 at 08:59:20PM +0200, Volker Rümelin wrote:
> Currently the default audio timer frequency is 1Hz instead of
> a period of 1us. Also the audiodev timer-period property gets
> converted like a frequency. Only handling of the legacy
> QEMU_AUDIO_TIMER_PERIOD environment var
On Mon, 1 Apr 2019 at 21:14, Eric Blake wrote:
>
> The following changes since commit 230ce19814ecc6bff8edac3b5b86e7c82f422c6c:
>
> Merge remote-tracking branch 'remotes/rth/tags/pull-axp-20190325' into
> staging (2019-03-29 19:29:00 +)
>
> are available in the Git repository at:
>
> http
On Tue, 2 Apr 2019 at 12:20, Like Xu wrote:
>
> On 2019/4/2 12:45, Peter Maydell wrote:
> > My suggestion would be that we use qdev_get_machine(). I think
> > it would be nice to make the remaining dozen or so uses of
> > the global current_machine outside vl.c use qdev_get_machine()
> > instead,
On 2019/4/2 12:45, Peter Maydell wrote:
On Tue, 2 Apr 2019 at 09:46, Like Xu wrote:
On 2019/4/2 7:38, Eduardo Habkost wrote:
On Mon, Apr 01, 2019 at 10:56:30AM +0800, Like Xu wrote:
On 2019/3/29 17:27, Alex Bennée wrote:
[...]
@@ -1713,6 +1717,9 @@ static void cortex_a9_initfn(Object *obj)
On Apr 1, 2019, at 21:28, Richard Henderson
wrote:
> Thanks. We should probably update our submodule to the v4 release as well.
Is that something that you want with this patch?
--
Stephen Checkoway
On 2/6/19 6:11 PM, Igor Mammedov wrote:
On Thu, 31 Jan 2019 15:16:54 +0800
Tao Xu wrote:
From: Liu Jingqi
Add -numa hmat-lb option to provide System Locality Latency and
Bandwidth Information. These memory attributes help to build
System Locality Latency and Bandwidth Information Structure(s
On Tue, 2 Apr 2019 at 09:46, Like Xu wrote:
>
> On 2019/4/2 7:38, Eduardo Habkost wrote:
> > On Mon, Apr 01, 2019 at 10:56:30AM +0800, Like Xu wrote:
> >> On 2019/3/29 17:27, Alex Bennée wrote:
> > [...]
> @@ -1713,6 +1717,9 @@ static void cortex_a9_initfn(Object *obj)
> #ifndef CONFI
Hi all,
I found an insterested issue here besides writting "dtb" rom into ram.
That is, should qemu support incoming from the ignore-shared memory backend
file repeatedly?
After I resolve the issue of writting "dtb" rom into ram, the incoming from
the ignore-shared memory backend file works fine at
Stefano Garzarella writes:
> Hi Alex,
> I'm sending you some benchmarks and information about VSOCK CCing qemu-devel
> and linux-netdev (maybe this info could be useful for others :))
>
> One of the VSOCK advantages is the simple configuration: you don't need to set
> up IP addresses for guest/
On Wed, Mar 13, 2019 at 05:09:43PM +0100, Igor Mammedov wrote:
>On Wed, 13 Mar 2019 13:33:59 +
>Wei Yang wrote:
>
>>
>> I am lost at this place.
>>
>> sig is a part of ACPI table header, you mean the sig is not necessary to
>> be set in ACPI table header?
>>
>> "skip table generation" means
On Tue, 2 Apr 2019 at 09:57, Catherine Ho wrote:
> The root cause is the used idx is moved forward after 1st time incoming, and
> in 2nd time incoming,
> the last_avail_idx will be incorrectly restored from the saved device state
> file(not in the ram).
>
> I watched this even on x86 for a virti
Hi Aleksandar,
I understand, Thank you very much for reminding me.
Regards,
Tommy
From: Aleksandar Markovic
Sent: Tuesday, April 2, 2019 10:43 AM
To: Tommy Jin
Cc: Peter Maydell; qemu-devel@nongnu.org; Paul Burton
Subject: Re: [Qemu-devel] [PATCH] Adds virtio
subsection_found is true implies vmdesc is not NULL.
Signed-off-by: Wei Yang
---
migration/vmstate.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/migration/vmstate.c b/migration/vmstate.c
index e2bbb7b5f7..8327179eea 100644
--- a/migration/vmstate.c
+++ b/migration/vmstate
On Apr 2, 2019 4:29 AM, "Tommy Jin" wrote:
>
> Hi Peter,
>
>
> Thank you very much for you comments,I sent a wrong patch out by mistake.
>
>
>
> If always creating virtio-net-pci device is not a good idea, is it
feasible to make virtio-net-pci as an option for boston without using
libvirt? we can
On Apr 1, 2019 11:26 AM, "Archer Yan" wrote:
>
> Currently boston in QEMU only supports boot with FIT format. Since ELF
file
> can provide symbol infomation in debug, this patch enables Boston boot
from
> vmlinux&dtb.
>
> Signed-off-by: Archer Yan
> ---
> hw/mips/boston.c | 224 +
On 2019/4/2 7:38, Eduardo Habkost wrote:
On Mon, Apr 01, 2019 at 10:56:30AM +0800, Like Xu wrote:
On 2019/3/29 17:27, Alex Bennée wrote:
[...]
@@ -1713,6 +1717,9 @@ static void cortex_a9_initfn(Object *obj)
#ifndef CONFIG_USER_ONLY
static uint64_t a15_l2ctlr_read(CPUARMState *env, const
Hi Peter,
Thank you very much for you comments,I sent a wrong patch out by mistake.
If always creating virtio-net-pci device is not a good idea, is it feasible to
make virtio-net-pci as an option for boston without using libvirt? we can only
create this device when the user specify "model=vi
On Tue, 2 Apr 2019 at 09:29, Tommy Jin wrote:
> If always creating virtio-net-pci device is not a good idea, is it
> feasible to make virtio-net-pci as an option for boston without
> using libvirt?
It's always an option, just specify it on the command line.
> Actually, Botson board can have an I
On Apr 1, 2019 11:39 AM, "Peter Maydell" wrote:
>
> On Mon, 1 Apr 2019 at 16:23, Tommy Jin wrote:
> >
> > Boston didn't bring up any netcard by default, this is not so
convenient for users who are verifying network related functionalities on
this board.
> > As the linux kernel has already support
On 4/2/19 5:07 AM, Stephen Checkoway wrote:
> Starting with version 4 of capstone, the header files live in the
> `$prefix/include/capstone` directory.
>
> This modifies the configure script to check for if
> cannot be found.
>
> Signed-off-by: Stephen Checkoway
> ---
> configure
MigrationState->bytes_xfer is only set to 0 in migrate_init().
Remove this unnecessary field.
Signed-off-by: Wei Yang
---
migration/migration.c | 1 -
migration/migration.h | 1 -
2 files changed, 2 deletions(-)
diff --git a/migration/migration.c b/migration/migration.c
index dea7078bf4..c929c
On 4/2/19 2:12 AM, Jonathan Behrens wrote:
> The 'sfence.vma' instruction is privileged, and should only ever be allowed
> when executing in supervisor mode or higher.
>
> Jonathan
>
> Signed-off-by: Jonathan Behrens
> ---
> target/riscv/op_helper.c | 7 ---
> 1 file changed, 4 insertions(+
On Mon, Apr 01, 2019 at 10:56:30AM +0800, Like Xu wrote:
> On 2019/3/29 17:27, Alex Bennée wrote:
[...]
> > > @@ -1713,6 +1717,9 @@ static void cortex_a9_initfn(Object *obj)
> > > #ifndef CONFIG_USER_ONLY
> > > static uint64_t a15_l2ctlr_read(CPUARMState *env, const ARMCPRegInfo
> > > *ri)
> >
On Mon, Apr 1, 2019 at 4:28 PM Michael Roth wrote:
> > I'm curious why this change was picked for stable, it wasn't marked for it.
> Looks like an earlier patch was tagged for stable:
...
> Since patches are often referred to qemu-stable via actual email Cc: and
> often don't get tagged in the com
Quoting Max Filippov (2019-04-01 16:19:59)
> Hi Michael,
>
> On Mon, Apr 1, 2019 at 2:04 PM Michael Roth wrote:
> > From: Max Filippov
> >
> > Now that xtensa_count_regs does the right thing, remove manual
> > initialization of these fields from the affected configurations and let
> > xtensa_fin
On 2019-04-01 20:59, Volker Rümelin wrote:
> Currently the default audio timer frequency is 1Hz instead of
> a period of 1us. Also the audiodev timer-period property gets
> converted like a frequency. Only handling of the legacy
> QEMU_AUDIO_TIMER_PERIOD environment variable is correct beca
On Mon, Apr 01, 2019 at 07:54:57PM +0200, Greg Kurz wrote:
> Recent commit c2077e2ca0da7 added stricter checks that now prevent
> a guest to access the extended config space of a PCIe device connected
> attached to a PHB on a pseries machine.
>
> PAPR compatible PHBs act like legacy PCI busses, bu
Patchew URL:
https://patchew.org/QEMU/20190401214847.27600-1-wall...@linux.ibm.com/
Hi,
This series seems to have some coding style problems. See output below for
more information:
Message-id: 20190401214847.27600-1-wall...@linux.ibm.com
Subject: [Qemu-devel] [PATCH v3] s390: diagnose 318 inf
There's no functional change but the flow is (hopefully)
more consistent for both file and folder object types.
Signed-off-by: Bandan Das
---
hw/usb/dev-mtp.c | 57 +---
1 file changed, 30 insertions(+), 27 deletions(-)
diff --git a/hw/usb/dev-mtp.c b
v4:
Added 1/3:
v3:
2/2: Fix indentation
Add back sending RES_OK for success
v2:
1/2: Add Reviewed-by tag
2/2: remove extra vars and directly call usb_mtp_queue_result
The first patch removes a unnecessary function
and the second is just a code reorg of usb_mtp_write_data
to mak
This is needed to build skiboot from tarball-distributed sources
since the git data the make_release.sh script relies on to generate
it is not available.
Cc: qemu-sta...@nongnu.org
Reported-by: Michael Tokarev
Signed-off-by: Michael Roth
Reviewed-by: Philippe Mathieu-Daudé
Message-id: 201811091
Gerd Hoffmann writes:
> On Thu, Mar 28, 2019 at 01:37:21PM -0400, Bandan Das wrote:
>> This function is used in the delete path only and can
>> be replaced by a call to usb_mtp_object_free.
>>
>> Reviewed-by: Peter Maydell
>> Signed-off-by: Bandan Das
>
> Tried to cherry-pick this one for 4.0
Spotted by Coverity: CID 1399414
mtp delete allows the return status of delete succeeded,
partial_delete or readonly - when none of the objects could be
deleted. Give more meaningful names to return values of the
delete function.
Some initiators recurse over the objects themselves. In that case,
From: Richard Henderson
Cc: qemu-sta...@nongnu.org (3.0.1)
Signed-off-by: Richard Henderson
Reviewed-by: Alex Bennée
Signed-off-by: Peter Maydell
(cherry picked from commit 573ec0fe40b9a412085ac7dfb41975a0fc2b28dd)
Signed-off-by: Michael Roth
---
target/arm/sve_helper.c | 2 +-
1 file change
Starting with version 4 of capstone, the header files live in the
`$prefix/include/capstone` directory.
This modifies the configure script to check for if
cannot be found.
Signed-off-by: Stephen Checkoway
---
configure| 9 +
include/disas/capstone.h | 4
2 files c
From: Stefan Berger
This is a backport of rev 24cf5413aa0 to 3.0.x and 3.1.x.
This patch makes the a TPM 2.0 with TIS interface available under the
HID 'MSF0101'. This is supported by Linux and also Windows now
recognizes the TPM 2.0 with TIS interface. Leave the TPM 1.2 as before.
Signed-off-b
From: Mark Cave-Ayland
Commit c8a35f1cf0f "fdc: use IsaDma interface instead of global DMA_*
functions" accidentally introduced a segfault in fdctrl_stop_transfer() for
non-DMA transfers.
If fdctrl->dma_chann has not been configured then the fdctrl->dma interface
reference isn't initialised duri
From: Stefan Berger
Zero-init the ptm_loc structure so that we don't have fields that
are not initialised.
Signed-off-by: Stefan Berger
Reviewed-by: Philippe Mathieu-Daudé
(cherry picked from commit eff1fe9fd0cebe2293eea9597616f792b6b5ad18)
Signed-off-by: Michael Roth
---
hw/tpm/tpm_emulator
From: Corey Minyard
Otherwise it won't be set up correctly and won't work after
miigration.
Signed-off-by: Corey Minyard
Cc: Igor Mammedov
Cc: qemu-sta...@nongnu.org
Reviewed-by: Michael S. Tsirkin
Signed-off-by: Michael S. Tsirkin
(cherry picked from commit 2b4e573c7c7b9a698ba6931ba456bbd8d
From: Richard Henderson
Reported-by: Laurent Desnogues
Signed-off-by: Richard Henderson
Reviewed-by: Laurent Desnogues
Reviewed-by: Alex Bennée
Reviewed-by: Philippe Mathieu-Daudé
Tested-by: Alex Bennée
Tested-by: Laurent Desnogues
Message-id: 20180801123111.3595-5-richard.hender...@linaro
DIAGNOSE 0x318 (diag318) is a privileged s390x instruction that must
be intercepted by SIE and handled via KVM. Let's introduce some
functions to communicate between QEMU and KVM via ioctls. These
will be used to get/set the diag318 related information (also known
as the "Control Program Code" or "
From: Paolo Bonzini
The address of a packed member is not packed, which may cause accesses
to unaligned pointers. Avoid this by reading the packed value before
passing it to another function.
Cc: Jason Wang
Cc: Peter Maydell
Signed-off-by: Paolo Bonzini
(cherry picked from commit d41ca5afe3b
This function is used in the delete path only and can
be replaced by a call to usb_mtp_object_free.
Reviewed-by: Peter Maydell
Signed-off-by: Bandan Das
---
hw/usb/dev-mtp.c | 14 ++
1 file changed, 2 insertions(+), 12 deletions(-)
diff --git a/hw/usb/dev-mtp.c b/hw/usb/dev-mtp.c
i
From: Richard Henderson
The normal vector element is sign-extended before
comparing with the wide vector element.
Reported-by: Laurent Desnogues
Signed-off-by: Richard Henderson
Reviewed-by: Laurent Desnogues
Reviewed-by: Alex Bennée
Tested-by: Alex Bennée
Tested-by: Laurent Desnogues
Mess
From: Max Reitz
Fixes: d402b6a21a825a5c07aac9251990860723d49f5d
Reported-by: Kevin Wolf
Cc: qemu-sta...@nongnu.org
Signed-off-by: Max Reitz
Reviewed-by: John Snow
Signed-off-by: Kevin Wolf
(cherry picked from commit f0998879e049dad19beed881a1c56643ce536384)
Signed-off-by: Michael Roth
---
q
Hi Michael,
On Mon, Apr 1, 2019 at 2:04 PM Michael Roth wrote:
> From: Max Filippov
>
> Now that xtensa_count_regs does the right thing, remove manual
> initialization of these fields from the affected configurations and let
> xtensa_finalize_config initialize them. Add XTREG_END to terminate
>
From: Stefan Berger
Make sure that the locality passed from the backend to
tpm_tis_request_completed() is valid.
Signed-off-by: Stefan Berger
Reviewed-by: Marc-André Lureau
(cherry picked from commit a639f96111eadb3b8e3021fd3f27e2948ad1c640)
Signed-off-by: Michael Roth
---
hw/tpm/tpm_tis.c |
From: Jeff Cody
Code movement to pull the conversion from Qdict to BlockdevOptionsRbd
into a helper function.
Reviewed-by: Eric Blake
Reviewed-by: John Snow
Signed-off-by: Jeff Cody
Message-id:
5b49a980f2cde6610ab1df41bb0277d00b5db893.1536704901.git.jc...@redhat.com
Signed-off-by: Jeff Cody
From: Liam Merwick
In tpm_tis_mmio_write() if the requesting locality is seizing
access, any seizure by a lower locality is cancelled. However the
loop doing the seizure had an off-by-one error and the locality
immediately preceding the requesting locality was not being cleared.
This is fixed by
From: Richard Henderson
Used the wrong temporary in the computation of subtractive overflow.
Reported-by: Laurent Desnogues
Signed-off-by: Richard Henderson
Reviewed-by: Laurent Desnogues
Tested-by: Alex Bennée
Tested-by: Laurent Desnogues
Message-id: 20180801123111.3595-3-richard.hender...
From: yuchenlin
There are 3 virtqueues (ctrl, event and cmd) for virtio scsi device,
but seabios will only set the physical address for the 3rd one (cmd).
Then in vhost_virtqueue_start(), virtio_queue_get_desc_addr()
will be 0 for ctrl and event vq.
In this case, ctrl and event vq are not initia
From: Peter Maydell
Linux returns success if pwrite64() or pread64() are called with a
zero length NULL buffer, but QEMU was returning -TARGET_EFAULT.
This is the same bug that we fixed in commit 58cfa6c2e6eb51b23cc9
for the write syscall, and long before that in 38d840e6790c29f59
for the read s
From: Paolo Bonzini
Because the CMB BAR has a min_access_size of 2, if you read the last
byte it will try to memcpy *2* bytes from n->cmbuf, causing an off-by-one
error. This is CVE-2018-16847.
Another way to fix this might be to register the CMB as a RAM memory
region, which would also be more
From: Jeff Cody
When we converted rbd to get rid of the older key/value-centric
encoding format, we broke compatibility with image files with backing
file strings encoded in the old format.
This leaves a bit of an ugly conundrum, and a hacky solution.
If the initial attempt to parse the "proper
From: Max Reitz
create_opts was leaked here. This is not too bad since the process is
about to exit anyway, but relying on that does not make the code nicer
to read.
Fixes: d402b6a21a825a5c07aac9251990860723d49f5d
Reported-by: Kevin Wolf
Cc: qemu-sta...@nongnu.org
Signed-off-by: Max Reitz
Rev
From: Tony Garnock-Jones
Bring linux-user write(2) handling into line with linux for the case
of a 0-byte write with a NULL buffer. Based on a patch originally
written by Zhuowei Zhang.
Addresses https://bugs.launchpad.net/qemu/+bug/1716292.
>From Zhuowei Zhang's patch
>(https://lists.gnu.org/
From: Jason Wang
There should not be a reason for passing a packet size greater than
INT_MAX. It's usually a hint of bug somewhere, so ignore packet size
greater than INT_MAX in qemu_deliver_packet_iov()
CC: qemu-sta...@nongnu.org
Reported-by: Daniel Shapira
Reviewed-by: Michael S. Tsirkin
Sig
From: Janosch Frank
The architecture specifies specification exceptions for all
unavailable subcodes.
The presence of subcodes is indicated by checking some query subcode.
For example 6 will indicate that 3-6 are available. So future systems
might call new subcodes to check for new features. Thi
From: Daniel Henrique Barboza
Commit 067927d62e ("qga: systemd hibernate/suspend/hybrid-sleep
support") failed to update qapi-schema.json after adding systemd
hibernate/suspend/hybrid-sleep capabilities to guest-suspend-* QGA
commands.
Signed-off-by: Daniel Henrique Barboza
Reviewed-by: Eric Bl
From: Richard Henderson
Not only are the sve-related tb_flags fields unused when SVE is
disabled, but not all of the cpu registers are initialized properly
for computing same. This can corrupt other fields by ORing in -1,
which might result in QEMU crashing.
This bug was not present in 3.0, but
From: "Michael S. Tsirkin"
Fixes: dbb6da8ba7e ("pc: acpi: revert back to 1 SRAT entry for hotpluggable
area")
Signed-off-by: Michael S. Tsirkin
(cherry picked from commit d2a1b1d602986a5f02658f6d4fc9ed422f8ddebf)
Signed-off-by: Michael Roth
---
tests/acpi-test-data/pc/DSDT | Bin 5144
From: Max Filippov
- FPU2000 defines rfr and wfr opcodes, not rfr.s and wfr.s;
- movcond.s uses incorrect operand in tcg_gen_movcond: in case the
condition is not satisfied it must not change its argument 0.
Fixes: c04e1692e3aa ("target/xtensa: extract FPU2000 opcode
translators")
Cc: qemu-sta
From: Max Filippov
Now that xtensa_count_regs does the right thing, remove manual
initialization of these fields from the affected configurations and let
xtensa_finalize_config initialize them. Add XTREG_END to terminate
register lists.
Signed-off-by: Max Filippov
(cherry picked from commit 7da
From: Zheng Xiang
When VM boots from the latest version of linux kernel, after
hot-unpluging virtio-blk disks which are hotplugged into
pcie-root-port, the VM's dmesg log shows:
[ 151.046242] pciehp :00:05.0:pcie004: pending interrupts 0x0001 from Slot
Status
[ 151.046365] pciehp :00:
From: William Bowling
When emulating ident in tcp_emu, if the strchr checks passed but the
sscanf check failed, two uninitialized variables would be copied and
sent in the reply, so move this code inside the if(sscanf()) clause.
Signed-off-by: William Bowling
Cc: qemu-sta...@nongnu.org
Cc: seca
From: Prasad Singamsetty
qemu command fails to process -overcommit option. Add the missing
call to qemu_add_opts() in vl.c.
Signed-off-by: Prasad Singamsetty
Message-Id: <20180815175704.105902-1-prasad.singamse...@oracle.com>
Reviewed-by: Mark Kanda
Signed-off-by: Paolo Bonzini
(cherry picked
From: Eric Blake
The NBD spec, and even our code comment, says that if the client
asks for NBD_OPT_LIST_META_CONTEXT with 0 queries, then we should
reply with (a possibly-compressed representation of) ALL contexts
that we are willing to let them try. But commit 3d068aff forgot
to advertise qemu:
From: Eric Blake
If nbd_client_init() fails after we are already connected,
then the server will spam logs with:
Disconnect client, due to: Unexpected end-of-file before all bytes were read
unless we gracefully disconnect before closing the connection.
Ways to trigger this:
$
opts=driver=nbd
From: Richard Henderson
This makes float16_muladd correctly use FZ16 not FZ.
Fixes: 6ceabaad110
Cc: qemu-sta...@nongnu.org (3.0.1)
Reported-by: Laurent Desnogues
Signed-off-by: Richard Henderson
Reviewed-by: Laurent Desnogues
Tested-by: Laurent Desnogues
Message-id: 20180810193129.1556-4-ric
From: Igor Mammedov
Commit
10efd7e108 "pc: acpi: fix memory hotplug regression by reducing stub SRAT
entry size"
attemped to fix hotplug regression introduced by
848a1cc1e "hw/acpi-build: build SRAT memory affinity structures for DIMM
devices"
fixed issue for Windows/3.0+ linux kernels, ho
From: Fam Zheng
The same logic exists in fd polling. This change is especially important
to avoid busy loop once we limit aio_notify_accept() to blocking
aio_poll().
Cc: qemu-sta...@nongnu.org
Signed-off-by: Fam Zheng
Message-Id: <20180809132259.18402-2-f...@redhat.com>
Signed-off-by: Fam Zheng
From: Richard Henderson
The immediate should be scaled by the size of the memory reference,
not the size of the elements into which it is loaded.
Cc: qemu-sta...@nongnu.org (3.0.1)
Reported-by: Laurent Desnogues
Signed-off-by: Richard Henderson
Tested-by: Laurent Desnogues
Reviewed-by: Lauren
From: Marc-André Lureau
Spotted by ASAN, during make check...
Direct leak of 40 byte(s) in 1 object(s) allocated from:
#0 0x7f8e27262c48 in malloc (/lib64/libasan.so.5+0xeec48)
#1 0x7f8e26a5f3c5 in g_malloc (/lib64/libglib-2.0.so.0+0x523c5)
#2 0x555ab67078a8 in qstring_from_str
/hom
Hi everyone,
The following new patches are queued for QEMU stable v3.0.1:
https://github.com/mdroth/qemu/commits/stable-3.0-staging
The release is planned for 2019-04-11:
https://wiki.qemu.org/Pla
From: Richard Henderson
The pseudocode for this operation is an increment + compare loop,
so comparing <= the maximum integer produces an all-true predicate.
Rather than bound in both the inline code and the helper, pass the
helper the number of predicate bits to set instead of the number
of pre
From: Kevin Wolf
Currently, the default values for werror and rerror have to be set
explicitly with blk_set_on_error() by the callers of blk_new(). The only
caller actually doing this is blockdev_init(), which is called for
BlockBackends created using -drive.
In particular, anonymous BlockBacken
From: Stefan Berger
Make sure that the new locality passed to tpm_tis_prep_abort()
is valid.
Add a comment to aborting_locty that it may be any locality, including
TPM_TIS_NO_LOCALITY.
Signed-off-by: Stefan Berger
Reviewed-by: Marc-André Lureau
(cherry picked from commit e92b63ea610201bd74334
From: Greg Kurz
When using the 9P2000.u version of the protocol, the following shell
command line in the guest can cause QEMU to crash:
while true; do rm -rf aa; mkdir -p a/b & touch a/b/c & mv a aa; done
With 9P2000.u, file renaming is handled by the WSTAT command. The
v9fs_wstat() functio
From: Peter Maydell
The tcg_register_iommu_notifier() code has a GArray of
TCGIOMMUNotifier structs which it has registered by passing
memory_region_register_iommu_notifier() a pointer to the embedded
IOMMUNotifier field. Unfortunately, if we need to enlarge the
array via g_array_set_size() this
From: Gerd Hoffmann
Open files and directories with O_NOFOLLOW to avoid symlinks attacks.
While being at it also add O_CLOEXEC.
usb-mtp only handles regular files and directories and ignores
everything else, so users should not see a difference.
Because qemu ignores symlinks, carrying out a suc
From: Christian Borntraeger
"-machine pc" will not work all architectures. Lets fall back to the
default machine by not specifying it.
In addition we also need to specify -no-shutdown on s390 as qemu will
exit otherwise.
Cc: qemu-sta...@nongnu.org
Signed-off-by: Christian Borntraeger
Reviewed-
From: Richard Henderson
The expression (int) imm + (uint32_t) len_align turns into uint32_t
and thus with negative imm produces a memory operation at the wrong
offset. None of the numbers involved are particularly large, so
change everything to use int.
Cc: qemu-sta...@nongnu.org (3.0.1)
Report
From: Marcel Apfelbaum
Configuring QEMU with:
configure --target-list="x86_64-softmmu" --cc=clang --enable-pvrdma
Results in:
qemu/hw/rdma/rdma_rm_defs.h:108:3: error: redefinition of typedef
'RdmaDeviceResources' is a C11 feature [-Werror,-Wtypedef-redefinition]
} RdmaDeviceResources;
From: Eric Blake
We need an accurate count of the number of bits set in a bitmap
after a merge. In particular, since the merge operation short-circuits
a merge from an empty source, if you have bitmaps A, B, and C where
B started empty, then merge C into B, and B into A, an inaccurate
count meant
From: Fam Zheng
An aio_notify() pairs with an aio_notify_accept(). The former should
happen in the main thread or a vCPU thread, and the latter should be
done in the IOThread.
There is one rare case that the main thread or vCPU thread may "steal"
the aio_notify() event just raised by itself, in
From: Alberto Garcia
When a block device is opened with BDRV_O_SNAPSHOT and the
bdrv_append_temp_snapshot() call fails then the error code path tries
to unref the already destroyed 'options' QDict.
This can be reproduced easily by setting TMPDIR to a location where
the QEMU process can't write:
1 - 100 of 356 matches
Mail list logo
