On 2020/7/16 上午11:53, and...@daynix.com wrote:
From: Andrew
Buglink: https://bugzilla.redhat.com/show_bug.cgi?id=1708065
With network backend with 'virtual header' - there was an issue
in 'plen' field. Overall, during TSO, 'plen' would be changed,
but with 'vheader' this field should be set t
This adds two acceptance tests for the quanta-gsj machine.
One test downloads a lightly patched openbmc flash image from github and
verifies that it boots all the way to the login prompt.
The other test downloads a kernel, initrd and dtb built from the same
openbmc source and verifies that the ke
On Thu, Jul 16, 2020 at 07:11:11PM +0200, Greg Kurz wrote:
> We have a dedicated error API for hints. Use it instead of embedding
> the hint in the error message, as recommanded in the "qapi/error.h"
> header file.
>
> Since spapr_caps_apply() passes &error_fatal, all functions must
> also call th
If a -bios option is specified on the command line, load the image into
the internal ROM memory region, which contains the first instructions
run by the CPU after reset.
If -bios is not specified, the vbootrom included with qemu is loaded by
default.
Reviewed-by: Tyrone Ting
Signed-off-by: Havar
On 2020/7/16 上午11:53, and...@daynix.com wrote:
From: Andrew
The basic IPv6 fragmentation - adding 'frag' extension to
the packet, overall shares some logic with IPv4. It works,
but there are still issues with a combination of
extensions - in the future, it would require refactoring
work to im
On Fri, Jul 17, 2020 at 01:27:05PM +1000, Alexey Kardashevskiy wrote:
> The following changes since commit 1038a309ec829f05a3a3e52a9951cfdb24dfd02c:
>
> spapr: Add a new level of NUMA for GPUs (2020-07-17 10:36:28 +1000)
>
> are available in the Git repository at:
>
> g...@github.com:aik/qem
This allows these NPCM7xx-based boards to boot from a flash image, e.g.
one built with OpenBMC. For example like this:
IMAGE=${OPENBMC}/build/tmp/deploy/images/gsj/image-bmc
qemu-system-arm -machine quanta-gsj -nographic \
-drive file=${IMAGE},if=mtd,bus=0,unit=0,format=raw,snapshot=on
Re
This is a minimalistic boot ROM written specifically for use with QEMU.
It supports loading the second-stage loader from SPI flash into RAM, SMP
boot, and not much else.
Signed-off-by: Havard Skinnemoen
---
Makefile| 1 +
.gitmodules | 3 +++
pc-bios/npcm7
Reviewed-by: Cédric Le Goater
Signed-off-by: Havard Skinnemoen
---
docs/system/arm/nuvoton.rst | 90 +
docs/system/target-arm.rst | 1 +
2 files changed, 91 insertions(+)
create mode 100644 docs/system/arm/nuvoton.rst
diff --git a/docs/system/arm/nuvoton.r
This adds two new machines, both supported by OpenBMC:
- npcm750-evb: Nuvoton NPCM750 Evaluation Board.
- quanta-gsj: A board with a NPCM730 chip.
They rely on the NPCM7xx SoC device to do the heavy lifting. They are
almost completely identical at the moment, apart from the SoC type,
which cu
The Nuvoton NPCM7xx SoC family are used to implement Baseboard
Management Controllers in servers. While the family includes four SoCs,
this patch implements limited support for two of them: NPCM730 (targeted
for Data Center applications) and NPCM750 (targeted for Enterprise
applications).
This pat
This implements a device model for the NPCM7xx SPI flash controller.
Direct reads and writes, and user-mode transactions have been tested in
various modes. Protection features are not implemented yet.
All the FIU instances are available in the SoC's address space,
regardless of whether or not the
The NPCM730 and NPCM750 SoCs have three timer modules each holding five
timers and some shared registers (e.g. interrupt status).
Each timer runs at 25 MHz divided by a prescaler, and counts down from a
configurable initial value to zero. When zero is reached, the interrupt
flag for the timer is s
On Thu, Jul 16, 2020 at 07:11:21PM +0200, Greg Kurz wrote:
> Nested KVM HV only works if the kernel is using the radix MMU mode, ie.
> the CPU is POWER9 and it is not running in some pre-power9 compat mode.
> Otherwise, the KVM HV module fails to load in the guest with -ENODEV.
> It might be painfu
This supports reading and writing OTP fuses and keys. Only fuse reading
has been tested. Protection is not implemented.
Reviewed-by: Avi Fishman
Reviewed-by: Philippe Mathieu-Daudé
Signed-off-by: Havard Skinnemoen
---
include/hw/arm/npcm7xx.h | 3 +
include/hw/nvram/npcm7xx_otp.h | 88
Enough functionality to boot the Linux kernel has been implemented. This
includes:
- Correct power-on reset values so the various clock rates can be
accurately calculated.
- Clock enables stick around when written.
In addition, a best effort attempt to implement SECCNT and CNTR25M was
mad
This just implements the bare minimum to cause the boot block to skip
memory initialization.
Reviewed-by: Tyrone Ting
Reviewed-by: Cédric Le Goater
Reviewed-by: Philippe Mathieu-Daudé
Signed-off-by: Havard Skinnemoen
---
include/hw/arm/npcm7xx.h| 2 +
include/hw/mem/npcm7xx_mc.h | 36 +++
Implement a device model for the System Global Control Registers in the
NPCM730 and NPCM750 BMC SoCs.
This is primarily used to enable SMP boot (the boot ROM spins reading
the SCRPAD register) and DDR memory initialization; other registers are
best effort for now.
The reset values of the MDLR and
I also pushed this and the previous two patchsets to my qemu fork on github.
The branches are named npcm7xx-v[1-6].
https://github.com/hskinnemoen/qemu
This patch series models enough of the Nuvoton NPCM730 and NPCM750 SoCs to boot
an OpenBMC image built for quanta-gsj. This includes device mod
On Thu, 16 Jul 2020 07:37:17 +0200
Markus Armbruster wrote:
> David Gibson writes:
>
> [...]
> [...]
> [...]
> [...]
> [...]
> [...]
> [...]
> [...]
> [...]
> >
> > ... as you say, 256 shouldn't really be a problem. I was concerned
> > about LMB DRCs rather than PCI
On 2020/7/17 下午1:06, P J P wrote:
Hello Jason, all
+-- On Fri, 17 Jul 2020, Jason Wang wrote --+
| On 2020/7/17 上午9:21, Alexander Bulekov wrote:
| > On 200717 0853, Li Qiang wrote:
| >> Which issue are you trying to solve, any reference linking?
| >> I also send a patch related this part an
On 16/07/2020 18.33, Alexander Bulekov wrote:
> This tries to build and run the fuzzers with the same build-script used
> by oss-fuzz. This doesn't guarantee that the builds on oss-fuzz will
> also succeed, since oss-fuzz provides its own compiler and fuzzer vars,
> but it can catch changes that ar
On 2020/7/17 下午12:46, Li Qiang wrote:
Jason Wang 于2020年7月17日周五 上午11:10写道:
On 2020/7/17 上午12:14, Li Qiang wrote:
Alexander Bulekov reported a UAF bug related e1000e packets send.
-->https://bugs.launchpad.net/qemu/+bug/1886362
This is because the guest trigger a e1000e packet send and set
On 16/07/2020 18.46, Alexander Bulekov wrote:
> On 200716 1209, Thomas Huth wrote:
>> So far we neither compile-tested nor run any of the new fuzzers in our CI,
>> which led to some build failures of the fuzzer code in the past weeks.
>> To avoid this problem, add a job to compile the fuzzer code a
Daniel P. Berrangé writes:
> On Thu, Jul 16, 2020 at 02:37:04PM +0200, Philippe Mathieu-Daudé wrote:
>> Let blk_attach_dev() take an Error* object to return helpful
>> information. Adapt the callers.
>>
>> $ qemu-system-arm -M n800
>> qemu-system-arm: sd_init failed: cannot attach blk 'sd0'
Eduardo Habkost writes:
> I'd also note that the use of "parent" in the code is also
> ambiguous. It can mean:
>
> * QOM parent type, i.e. TypeInfo.parent. Related fields:
> * parent_class members of class structs
> * parent_obj members of object structs
I hate the use of "parent" and "chi
Hello Jason, all
+-- On Fri, 17 Jul 2020, Jason Wang wrote --+
| On 2020/7/17 上午9:21, Alexander Bulekov wrote:
| > On 200717 0853, Li Qiang wrote:
| >> Which issue are you trying to solve, any reference linking?
| >> I also send a patch related this part and also a UAF.
| >
| > I reported a UAF
Jason Wang 于2020年7月17日周五 上午11:10写道:
>
>
> On 2020/7/17 上午12:14, Li Qiang wrote:
> > Alexander Bulekov reported a UAF bug related e1000e packets send.
> >
> > -->https://bugs.launchpad.net/qemu/+bug/1886362
> >
> > This is because the guest trigger a e1000e packet send and set the
> > data's addres
The VHOST_USER_PROTOCOL_F_CONFIGURE_MEM_SLOTS vhost-user protocol
feature introduced a shadow-table, used by the backend to dynamically
determine how a vdev's memory regions have changed since the last
vhost_user_set_mem_table() call. On hot-remove, a memmove() operation
is used to overwrite the re
> 2020年7月16日 18:45,Michael S. Tsirkin 写道:
>
> On Thu, Jul 16, 2020 at 03:01:18PM +0800, teawater wrote:
>>
>>
>>> 2020年7月16日 14:38,Michael S. Tsirkin 写道:
>>>
>>> On Thu, Jul 16, 2020 at 10:41:50AM +0800, Hui Zhu wrote:
The first, second and third version are in [1], [2] and [3].
The following changes since commit 1038a309ec829f05a3a3e52a9951cfdb24dfd02c:
spapr: Add a new level of NUMA for GPUs (2020-07-17 10:36:28 +1000)
are available in the Git repository at:
g...@github.com:aik/qemu.git tags/qemu-slof-20200717
for you to fetch changes up to 7f5258dd8327d574de455a
On 2020/7/17 上午9:21, Alexander Bulekov wrote:
On 200717 0853, Li Qiang wrote:
P J P 于2020年7月17日周五 上午3:26写道:
From: Prasad J Pandit
While sending packets, the check that packet 'payload_len'
is within 64kB limit, seems to happen only for GSO frames.
It may lead to use-after-free or out-of-bo
On 2020/7/17 上午12:14, Li Qiang wrote:
Alexander Bulekov reported a UAF bug related e1000e packets send.
-->https://bugs.launchpad.net/qemu/+bug/1886362
This is because the guest trigger a e1000e packet send and set the
data's address to e1000e's MMIO address. So when the e1000e do DMA
it will
On 200717 0853, Li Qiang wrote:
> P J P 于2020年7月17日周五 上午3:26写道:
> >
> > From: Prasad J Pandit
> >
> > While sending packets, the check that packet 'payload_len'
> > is within 64kB limit, seems to happen only for GSO frames.
> > It may lead to use-after-free or out-of-bounds access like
> > issues
The hcd-dwc2 host controller is currently built for all targets.
Since for now hcd-dwc2 is only implemented on RASPI, restrict its
build to that target only.
Signed-off-by: Paul Zimmerman
---
Hi Gerd,
Do we want to apply this before the 5.1.0 release? It seems a waste
to build this code for eve
P J P 于2020年7月17日周五 上午3:26写道:
>
> From: Prasad J Pandit
>
> While sending packets, the check that packet 'payload_len'
> is within 64kB limit, seems to happen only for GSO frames.
> It may lead to use-after-free or out-of-bounds access like
> issues when sending non-GSO frames. Check the 'payload
On Thu, Jul 16, 2020 at 04:57:54PM +0200, Greg Kurz wrote:
> On Thu, 16 Jul 2020 16:23:52 +0200
> Markus Armbruster wrote:
>
> > David Gibson writes:
> >
> > > On Thu, Jul 16, 2020 at 12:32:44PM +0200, Greg Kurz wrote:
> > >> On Thu, 16 Jul 2020 14:45:40 +1000
> > >> David Gibson wrote:
> > >>
On Thu, Jul 16, 2020 at 04:42:00PM +0200, Greg Kurz wrote:
> On Thu, 16 Jul 2020 16:01:18 +0200
> Markus Armbruster wrote:
>
> > David Gibson writes:
> >
> > > On Thu, Jul 09, 2020 at 07:12:47PM +0200, Greg Kurz wrote:
> > >> Some recent error handling cleanups unveiled issues with our support
On Thu, Jul 16, 2020 at 05:56:55PM -0500, Reza Arbab wrote:
> NUMA nodes corresponding to GPU memory currently have the same
> affinity/distance as normal memory nodes. Add a third NUMA associativity
> reference point enabling us to give GPU nodes more distance.
>
> This is guest visible informati
On Thu, Jul 16, 2020 at 07:04:56PM +1000, Alexey Kardashevskiy wrote:
> Ping? I kinda realize it is not going to replace SLOF any time soon but
> still...
Yeah, I know. I just haven't had time to consider it. Priority
starvation.
> On 07/07/2020 10:34, Alexey Kardashevskiy wrote:
> > Ping?
> >
NUMA nodes corresponding to GPU memory currently have the same
affinity/distance as normal memory nodes. Add a third NUMA associativity
reference point enabling us to give GPU nodes more distance.
This is guest visible information, which shouldn't change under a
running guest across migration betw
On Thu, 16 Jul 2020, Alex Bennée wrote:
Christian Ehrhardt writes:
On Wed, Jul 15, 2020 at 5:58 PM BALATON Zoltan wrote:
See commit 47a2def4533a2807e48954abd50b32ecb1aaf29a and the next two
following it.
Thank you Zoltan for pointing out this commit, I agree that this seems to be
the trigge
On Thu, Jul 16, 2020 at 09:45:41PM +0100, Peter Maydell wrote:
> On Thu, 16 Jul 2020 at 18:49, Corey Minyard wrote:
> >
> > The following changes since commit 45db94cc90c286a9965a285ba19450f448760a09:
> >
> > Merge remote-tracking branch
> > 'remotes/mcayland/tags/qemu-openbios-20200707' into s
On Wed, Jul 15, 2020 at 04:37:18PM +0200, Markus Armbruster wrote:
> Pratik Parvati writes:
>
> > Hi Markus and Philippe,
> >
> > Thanks for your reply. Now I am pretty clear about Qdev and sysbus helper
> > function.
> >
> > Can you please explain to me in brief on buses and device hierarchies (
On 7/2/2020 5:52 AM, Daniel P. Berrangé wrote:
The need to maintain this list of functions makes me feel very
uneasy.
How can we have any confidence that this list of functions is
accurate ? How will maintainers ensure that they correctly update
it as they are writing/changing code, and how will
Hi Gerd,
I'm trying to build qemu 5.1.0-rc0 in Fedora. I'm hitting some issues.
Using this configure line:
./configure --prefix=/usr --libdir=/usr/lib64 --sysconfdir=/etc
--localstatedir=/var --libexecdir=/usr/libexec
--interp-prefix=/usr/qemu-%M --with-pkgversion=qemu-5.1.0-0.1.rc0.fc33
'--extr
On 7/16/20 1:12 PM, Peter Maydell wrote:
> On Thu, 16 Jul 2020 at 11:08, Luc Michel wrote:
>>
>> When single-stepping with a debugger attached to QEMU, and when an
>> exception is raised, the debugger misses the first instruction after the
>> exception:
>
> This is a long-standing bug; thanks for
On 7/16/20 10:15 PM, Peter Maydell wrote:
> On Thu, 16 Jul 2020 at 20:52, Michael Roth wrote:
>> But is it intermittent, environment-dependent? I'm trying to understand how
>> to
>> replicate Peter's result since it seems like it would be straightforward
>> reproducer.
>
> I blew away all my bui
On Wed, Jul 15, 2020 at 1:54 PM Havard Skinnemoen
wrote:
>
> On Wed, Jul 15, 2020 at 3:57 AM Philippe Mathieu-Daudé
> wrote:
> >
> > On 7/15/20 11:00 AM, Markus Armbruster wrote:
> > > Now my point. Why first make up user configuration, then use that to
> > > create a BlockBackend, when you cou
On Thu, 16 Jul 2020 at 18:49, Corey Minyard wrote:
>
> The following changes since commit 45db94cc90c286a9965a285ba19450f448760a09:
>
> Merge remote-tracking branch 'remotes/mcayland/tags/qemu-openbios-20200707'
> into staging (2020-07-10 16:43:40 +0100)
>
> are available in the Git repository
Writing to SCTLR can cause QEMU to flush its TLB (as an internal
implementation detail), so if adding SCTLR writes is sufficient to cause
the problem to go away, I would be suspicious that your guest code is
missing necessary TLB maintenance instructions.
QEMU 3.1 and 4.1 are quite old -- can you
On Thu, 16 Jul 2020 at 20:52, Michael Roth wrote:
> But is it intermittent, environment-dependent? I'm trying to understand how to
> replicate Peter's result since it seems like it would be straightforward
> reproducer.
I blew away all my build trees and recreated them from
scratch, and the issue
axel.org/qemu tags/fixes-20200716-pull-request
>
> for you to fetch changes up to 4084e35068772cf4f81bbae5174019f277c61084:
>
> usb: fix storage regression (2020-07-16 10:20:27 +0200)
>
>
> fixes: usb storage regressio
On Thu, 16 Jul 2020 at 11:08, Luc Michel wrote:
>
> When single-stepping with a debugger attached to QEMU, and when an
> exception is raised, the debugger misses the first instruction after the
> exception:
This is a long-standing bug; thanks for looking at it.
(https://bugs.launchpad.net/qemu/+b
** Description changed:
When running RTEMS test psxndbm01.exe built for AArch64-ilp32 (this code is
not yet publically available), the test generates a spurious data abort (the
MMU and alignment checks should be disabled according to bits 1, 0 of
SCTLR_EL1). The abort information is as follow
On 7/16/20 9:52 PM, Michael Roth wrote:
> Quoting Philippe Mathieu-Daudé (2020-07-16 12:59:28)
>> On 7/16/20 7:55 PM, Michael Roth wrote:
>>> Quoting Peter Maydell (2020-07-16 05:53:17)
The first merge I tried to process after bumping VERSION for rc0
failed on test-qga like this:
>>>
Quoting Philippe Mathieu-Daudé (2020-07-16 12:59:28)
> On 7/16/20 7:55 PM, Michael Roth wrote:
> > Quoting Peter Maydell (2020-07-16 05:53:17)
> >> The first merge I tried to process after bumping VERSION for rc0
> >> failed on test-qga like this:
> >>
> >> MALLOC_PERTURB_=${MALLOC_PERTURB_:-$(( ${
Public bug reported:
When running RTEMS test psxndbm01.exe built for AArch64-ilp32 (this code is not
yet publically available), the test generates a spurious data abort (the MMU
and alignment checks should be disabled according to bits 1, 0 of SCTLR_EL1).
The abort information is as follows:
Ta
When single-stepping with a debugger attached to QEMU, and when an
exception is raised, the debugger misses the first instruction after the
exception:
$ qemu-system-aarch64 -M virt -display none -cpu cortex-a53 -s -S
$ aarch64-linux-gnu-gdb
GNU gdb (GDB) 9.2
[...]
(gdb) tar rem :1234
Remote debug
From: Prasad J Pandit
While sending packets, the check that packet 'payload_len'
is within 64kB limit, seems to happen only for GSO frames.
It may lead to use-after-free or out-of-bounds access like
issues when sending non-GSO frames. Check the 'payload_len'
limit for all packets, irrespective of
On Thu, Jul 16, 2020 at 02:14:57PM -0400, Eduardo Habkost wrote:
> On Tue, Jul 14, 2020 at 08:20:04PM +0200, Paolo Bonzini wrote:
> > Hi Roman, please ask Peter to apply it directly because I won't be able to
> > send a pull request in the next couple of weeks.
> >
> > Paolo
> >
> > Il mar 14 lug
From: Chenyi Qiang
Add the missing features(sha_ni, avx512ifma, rdpid, fsrm,
vmx-rdseed-exit, vmx-pml, vmx-eptp-switching) and change the model
number to 106 in the Icelake-Server-v4 CPU model.
Signed-off-by: Chenyi Qiang
Message-Id: <20200714084148.26690-3-chenyi.qi...@intel.com>
Signed-off-by
From: Xiaoyao Li
Features defined in versioned CPU model are recorded in env->user_features
since they are updated as property. It's unwated because they are not
user specified.
Simply clear env->user_features as a fix. It won't clear user specified
features because user specified features are f
From: Roman Bolshakov
Removal of register reset omitted initialization of CR4 guest/host mask.
x86_64 guests aren't booting without it.
Fixes: 5009ef22c6bb2 ("i386: hvf: Don't duplicate register reset")
Signed-off-by: Roman Bolshakov
Message-Id: <20200714090726.41082-1-r.bolsha...@yadro.com>
Si
The following changes since commit ee5128bb00f90dd301991d80d1db5224ce924c84:
Merge remote-tracking branch 'remotes/jasowang/tags/net-pull-request' into
staging (2020-07-16 13:12:05 +0100)
are available in the Git repository at:
git://github.com/ehabkost/qemu.git tags/x86-next-pull-request
From: Chenyi Qiang
Add the missing vmx features in Skylake-Server and Cascadelake-Server
CPU models based on the output of Paolo's script.
Signed-off-by: Chenyi Qiang
Message-Id: <20200714084148.26690-4-chenyi.qi...@intel.com>
Signed-off-by: Eduardo Habkost
---
target/i386/cpu.c | 14
From: Chenyi Qiang
For CPUs support fast short REP MOV[CPUID.(EAX=7,ECX=0):EDX(bit4)], e.g
Icelake and Tigerlake, expose it to the guest VM.
Reviewed-by: Eduardo Habkost
Signed-off-by: Chenyi Qiang
Message-Id: <20200714084148.26690-2-chenyi.qi...@intel.com>
Signed-off-by: Eduardo Habkost
---
From: Xiaoyao Li
Features unavailable due to absent of their dependent features should
not be added to env->user_features. env->user_features only contains the
feature explicity specified with -feature/+feature by user.
Fixes: 99e24dbdaa68 ("target/i386: introduce generic feature dependency
mec
On Tue, Jul 14, 2020 at 08:20:04PM +0200, Paolo Bonzini wrote:
> Hi Roman, please ask Peter to apply it directly because I won't be able to
> send a pull request in the next couple of weeks.
>
> Paolo
>
> Il mar 14 lug 2020, 12:39 Roman Bolshakov ha
> scritto:
>
> > On Tue, Jul 14, 2020 at 12:0
On 7/16/20 7:55 PM, Michael Roth wrote:
> Quoting Peter Maydell (2020-07-16 05:53:17)
>> The first merge I tried to process after bumping VERSION for rc0
>> failed on test-qga like this:
>>
>> MALLOC_PERTURB_=${MALLOC_PERTURB_:-$(( ${RANDOM:-0} % 255 + 1))}
>> tests/test-qga -m=quick -k --tap < /de
On 7/16/20 3:04 AM, Luc Michel wrote:
> When single-stepping with a debugger attached to QEMU, and when an
> exception is raised, the debugger misses the first instruction after the
> exception:
>
> $ qemu-system-aarch64 -M virt -display none -cpu cortex-a53 -s -S
>
> $ aarch64-linux-gnu-gdb
> GN
Quoting Peter Maydell (2020-07-16 05:53:17)
> The first merge I tried to process after bumping VERSION for rc0
> failed on test-qga like this:
>
> MALLOC_PERTURB_=${MALLOC_PERTURB_:-$(( ${RANDOM:-0} % 255 + 1))}
> tests/test-qga -m=quick -k --tap < /dev/null | ./scripts/tap-driv
> er.pl --test-nam
On Wed, 15 Jul 2020 at 20:23, Stefan Berger wrote:
>
> Hello!
>
> This series fixes a couple of minor issues with the PPC64 TPM SPAPR interface
> and a test case.
>
>Stefan
>
> The following changes since commit 8746309137ba470d1b2e8f5ce86ac228625db940:
>
> Update version for v5.1.0-rc0 rele
The following changes since commit 45db94cc90c286a9965a285ba19450f448760a09:
Merge remote-tracking branch 'remotes/mcayland/tags/qemu-openbios-20200707'
into staging (2020-07-10 16:43:40 +0100)
are available in the Git repository at:
https://github.com/cminyard/qemu.git tags/for-qemu-i2c-5
On Tue, 30 Jun 2020 at 13:30, P J P wrote:
>
> From: Prasad J Pandit
>
> Add vfio quirk device mmio write method to avoid NULL pointer
> dereference issue.
>
> Reported-by: Lei Sun
> Reviewed-by: Li Qiang
> Signed-off-by: Prasad J Pandit
> ---
> hw/vfio/pci-quirks.c | 8
> 1 file cha
On Tue, 30 Jun 2020 at 13:29, P J P wrote:
>
> From: Prasad J Pandit
>
> Add pci-intack mmio write method to avoid NULL pointer dereference
> issue.
>
> Reported-by: Lei Sun
> Reviewed-by: Li Qiang
> Signed-off-by: Prasad J Pandit
> ---
> hw/pci-host/prep.c | 8
> 1 file changed, 8 i
On Tue, 30 Jun 2020 at 13:31, P J P wrote:
>
> From: Prasad J Pandit
>
> When registering a MemoryRegionOps object, assert that its
> read/write callback methods are defined. This avoids potential
> guest crash via a NULL pointer dereference.
>
> Suggested-by: Peter Maydell
> Reviewed-by: Li Qia
We have a dedicated error API for hints. Use it instead of embedding
the hint in the error message, as recommanded in the "qapi/error.h"
header file.
Since spapr_caps_apply() passes &error_fatal, all functions must
also call the ERRP_GUARD() macro for error_append_hint() to be
functional.
While h
Nested KVM HV only works if the kernel is using the radix MMU mode, ie.
the CPU is POWER9 and it is not running in some pre-power9 compat mode.
Otherwise, the KVM HV module fails to load in the guest with -ENODEV.
It might be painful for a user to discover this late that nested cannot
work with the
Nested KVM HV only works if the kernel is using the radix MMU mode, ie.
the CPU is POWER9 and it is not running in some pre-power9 compat mode.
Otherwise, the KVM HV module fails to load in the guest with -ENODEV.
It might be painful for a user to discover this late that nested cannot
work with the
On Thu, 16 Jul 2020 at 09:42, Alex Bennée wrote:
>
> > +self._drain_thread = None
> > +socket.socket.__init__(self, socket.AF_UNIX, socket.SOCK_STREAM)
> > +self.connect(address)
> > +self._drain = drain
>
> We end up with two variables that represent the fact we h
On Thu, 16 Jul 2020 at 17:55, P J P wrote:
>
> +-- On Thu, 16 Jul 2020, Peter Maydell wrote --+
> | > +static void imx7_digprog_write(void *opaque, hwaddr addr,
> | > +uint64_t data, unsigned size)
> | > +{
> | > +qemu_log_mask(LOG_UNIMP, "%s not impleme
+-- On Thu, 16 Jul 2020, Peter Maydell wrote --+
| > +static void imx7_digprog_write(void *opaque, hwaddr addr,
| > +uint64_t data, unsigned size)
| > +{
| > +qemu_log_mask(LOG_UNIMP, "%s not implemented\n", __func__);
| > +}
|
| This covers a single reg
Patchew URL:
https://patchew.org/QEMU/1594913503-52271-1-git-send-email-thanos.maka...@nutanix.com/
Hi,
This series seems to have some coding style problems. See output below for
more information:
Type: series
Message-id: 1594913503-52271-1-git-send-email-thanos.maka...@nutanix.com
Subject: [
Patchew URL:
https://patchew.org/QEMU/1594913503-52271-1-git-send-email-thanos.maka...@nutanix.com/
Hi,
This series failed the docker-mingw@fedora build test. Please find the testing
commands and
their output below. If you have Docker installed, you can probably reproduce it
locally.
=== TES
On Tue, 30 Jun 2020 at 13:30, P J P wrote:
>
> From: Prasad J Pandit
>
> Add pcie-msi mmio read method to avoid NULL pointer dereference
> issue.
This change is specific to the designware pci host controller;
it would be nice to have "designware" in the commit subject.
> Reported-by: Lei Sun
This tries to build and run the fuzzers with the same build-script used
by oss-fuzz. This doesn't guarantee that the builds on oss-fuzz will
also succeed, since oss-fuzz provides its own compiler and fuzzer vars,
but it can catch changes that are not compatible with the the
./scripts/oss-fuzz/build
On 200716 1209, Thomas Huth wrote:
> So far we neither compile-tested nor run any of the new fuzzers in our CI,
> which led to some build failures of the fuzzer code in the past weeks.
> To avoid this problem, add a job to compile the fuzzer code and run some
> loops (which likely don't find any ne
On 7/16/20 1:00 PM, Reza Arbab wrote:
On Thu, Jul 16, 2020 at 06:42:11AM -0300, Daniel Henrique Barboza wrote:
Which would translate here to:
uint32_t associativity[] = {
cpu_to_be32(0x4),
cpu_to_be32(nvslot->numa_id),
cpu_to_be32(nvslot->numa_id),
On Tue, 30 Jun 2020 at 13:31, P J P wrote:
>
> From: Prasad J Pandit
>
> Add spapr msi mmio read method to avoid NULL pointer dereference
> issue.
>
> Reported-by: Lei Sun
> Acked-by: David Gibson
> Reviewed-by: Li Qiang
> Signed-off-by: Prasad J Pandit
> ---
> hw/ppc/spapr_pci.c | 13 ++
Laszlo Ersek writes:
> Quoting ISO C99 6.7.8p4, "All the expressions in an initializer for an
> object that has static storage duration shall be constant expressions or
> string literals".
>
> The compound literal produced by the make_floatx80() macro is not such a
> constant expression, per 6.
On Tue, 30 Jun 2020 at 13:31, P J P wrote:
>
> From: Prasad J Pandit
>
> Add nrf51_soc mmio read method to avoid NULL pointer dereference
> issue.
>
> Reported-by: Lei Sun
> Signed-off-by: Prasad J Pandit
> ---
> hw/nvram/nrf51_nvm.c | 5 +
> 1 file changed, 5 insertions(+)
>
> Update v3:
On Mon, 29 Jun 2020 at 12:18, Li Qiang wrote:
>
> P J P 于2020年6月25日周四 上午3:01写道:
> >
> > From: Prasad J Pandit
> >
> > Add nrf51_soc mmio read method to avoid NULL pointer dereference
> > issue.
> >
> > Reported-by: Lei Sun
> > Signed-off-by: Prasad J Pandit
> > ---
> > hw/nvram/nrf51_nvm.c |
Christian Ehrhardt writes:
> On Wed, Jul 15, 2020 at 5:58 PM BALATON Zoltan wrote:
>
>> See commit 47a2def4533a2807e48954abd50b32ecb1aaf29a and the next two
>> following it.
>>
>
> Thank you Zoltan for pointing out this commit, I agree that this seems to be
> the trigger for the issues I'm see
On Tue, 30 Jun 2020 at 13:31, P J P wrote:
>
> From: Prasad J Pandit
>
> Add digprog mmio write method to avoid assert failure during
> initialisation.
>
> Reviewed-by: Li Qiang
> Signed-off-by: Prasad J Pandit
> ---
> hw/misc/imx7_ccm.c | 7 +++
> 1 file changed, 7 insertions(+)
>
> Updat
Markus Armbruster 于2020年7月16日周四 下午11:07写道:
>
> To make deallocating partially constructed objects work, the
> visit_type_STRUCT() need to succeed without doing anything when passed
> a null object.
>
> Commit cdd2b228b9 "qapi: Smooth visitor error checking in generated
> code" broke that. To repr
Alexander Bulekov reported a UAF bug related e1000e packets send.
-->https://bugs.launchpad.net/qemu/+bug/1886362
This is because the guest trigger a e1000e packet send and set the
data's address to e1000e's MMIO address. So when the e1000e do DMA
it will write the MMIO again and trigger re-entra
On Tue, 30 Jun 2020 at 13:31, P J P wrote:
>
> From: Prasad J Pandit
>
> Add tz-ppc-dummy mmio read/write methods to avoid assert failure
> during initialisation.
>
> Signed-off-by: Prasad J Pandit
> --
Reviewed-by: Peter Maydell
thanks
-- PMM
16.07.2020 18:52, Andrey Shinkevich wrote:
On 16.07.2020 18:40, Vladimir Sementsov-Ogievskiy wrote:
16.07.2020 18:34, Andrey Shinkevich wrote:
On 16.07.2020 13:24, Vladimir Sementsov-Ogievskiy wrote:
14.07.2020 00:36, Andrey Shinkevich wrote:
As __dict__ is being extended with class members w
On Thu, Jul 16, 2020 at 06:42:11AM -0300, Daniel Henrique Barboza wrote:
Which would translate here to:
uint32_t associativity[] = {
cpu_to_be32(0x4),
cpu_to_be32(nvslot->numa_id),
cpu_to_be32(nvslot->numa_id),
cpu_to_be32(nvslot->numa_id),
1 - 100 of 274 matches
Mail list logo
