Re: [Qemu-devel] Question about wrong ram-node0 reference

9 3:57 PM > To: liujunjie (A) > Cc: pbonz...@redhat.com; afaer...@suse.de; ehabk...@redhat.com; > qemu-devel@nongnu.org; Zhoujian (jay) ; fangying > ; wangxin (U) ; > Huangweidong (C) > Subject: Re: Question about wrong ram-node0 reference > > On Sat, 25 May 2019 03:35:

[Qemu-devel] Question about wrong ram-node0 reference

Hi, I have met a problem: The QEMU version is 2.8.1, the virtual machine is configured with 1G huge pages, two NUMA nodes and four pass-through NVME SSDs. After we started the VM, in addition to some QMP queries nothing more has been done, the QEMU aborted after some months later. After that, t

[Qemu-devel] [PATCH v2] clean up callback when del virtqueue

way described above is uncommon, we had better reinforce it. Signed-off-by: liujunjie --- hw/virtio/virtio.c | 2 ++ 1 file changed, 2 insertions(+) diff --git a/hw/virtio/virtio.c b/hw/virtio/virtio.c index d4e4d98..dc8dcf8 100644 --- a/hw/virtio/virtio.c +++ b/hw/virtio/virtio.c @@ -1604,6

Re: [Qemu-devel] [PATCH] clean up callback when del virtqueue

> -Original Message- > From: Jason Wang [mailto:jasow...@redhat.com] > Sent: Friday, September 14, 2018 8:45 PM > To: liujunjie (A) ; m...@redhat.com > Cc: Huangweidong (C) ; wangxin (U) > ; qemu-devel@nongnu.org; Gonglei (Arei) > ; Zhoujian (jay) > Subject:

Re: [Qemu-devel] [PATCH] clean up callback when del virtqueue

ping > -Original Message- > From: liujunjie (A) > Sent: Saturday, September 08, 2018 9:05 PM > To: m...@redhat.com; jasow...@redhat.com > Cc: wangxin (U) ; Zhoujian (jay) > ; Gonglei (Arei) ; > Huangweidong (C) ; qemu-devel@nongnu.org; > liujunjie (A) > Subject

[Qemu-devel] [PATCH] clean up callback when del virtqueue

way described above is uncommon, we had better reinforce it. Signed-off-by: liujunjie --- hw/net/virtio-net.c | 4 +++- hw/virtio/virtio.c | 3 +++ 2 files changed, 6 insertions(+), 1 deletion(-) diff --git a/hw/net/virtio-net.c b/hw/net/virtio-net.c index f154756..9bb20e3 100644 --- a/hw/net

[Qemu-devel] [PATCH] qstring: Fix qstring_from_substr() not to provoke int overflow

substrings seem unlikely, but we found one in a core dump, where "info tlb" executed via QMP's human-monitor-command apparently produced 35 GiB of output. Fix by changing the parameters size_t. Signed-off-by: liujunjie --- include/qapi/qmp/qstring.h | 2 +- qobject/qstring.c

Re: [Qemu-devel] [PATCH] qstring: Fix integer overflow

uot; is running busily. Maybe this test tool enlarge the size of tlb. > -Original Message- > From: Markus Armbruster [mailto:arm...@redhat.com] > Sent: Tuesday, July 24, 2018 8:08 PM > To: liujunjie (A) > Cc: wangxin (U) ; Gonglei (Arei) > ; Huangweidong (C) > ; qemu-

Re: [Qemu-devel] [PATCH] qstring: Fix integer overflow

ot;"; size_t a = 37329134781; int end = a; size_t b = end; printf("%zu", b) return 0; } - > -Original Message- > From: Markus Armbruster [mailto:arm...@redhat.com] > Sent: Tuesday, July 24, 2018 4:47 PM > To: Markus A

Re: [Qemu-devel] [PATCH] qstring: Fix integer overflow

I am sorry for that. I have changed the git setting to avoid using this symbol next time. > -Original Message- > From: Eric Blake [mailto:ebl...@redhat.com] > Sent: Monday, July 23, 2018 10:52 PM > To: liujunjie (A) ; arm...@redhat.com > Cc: wangxin (U) ; Gonglei (Arei) &

Re: [Qemu-devel] [PATCH] qstring: Fix integer overflow

- > From: Markus Armbruster [mailto:arm...@redhat.com] > Sent: Monday, July 23, 2018 11:46 PM > To: liujunjie (A) > Cc: wangxin (U) ; Gonglei (Arei) > ; Huangweidong (C) > ; qemu-devel@nongnu.org > Subject: Re: [Qemu-devel] [PATCH] qstring: Fix integer overflow > > "liu

Re: [Qemu-devel] [PATCH] qstring: Fix integer overflow

(qstring->length) $5 = -1325570884 (gdb) p/x (int) qstring->length $6 = 0xb0fd64bc (gdb) p/x qstring->length $7 = 0xb0fd64bc (gdb) p end $8 = > -Original Message- > From: Markus Armbruster [mailto:arm...@redhat.com] > Sent: Monday, July 23, 2018 8:48 PM > To: liujunjie

[Qemu-devel] [PATCH] qstring: Fix integer overflow

From: l00425170 The incoming parameters "start" and "end" is int type in qstring_from_substr(), but this function can be called by qstring_from_str, which is size_t type in strlen(str). It may result in coredump when called g_malloc later. One scene to triger is to call hmp "into tlb", which may

Re: [Qemu-devel] [PATCH] ps2: check PS2Queue wptr pointer in post_load routine

ping > -Original Message- > From: liujunjie (A) > Sent: Thursday, June 07, 2018 4:03 PM > To: kra...@redhat.com; berra...@redhat.com > Cc: Gonglei (Arei) ; wangxin (U) > ; Huangweidong (C) > ; fangying ; > qemu-devel@nongnu.org; liujunjie (A) > Subject: [PATC

Re: [Qemu-devel] [PATCH v2] cpu hot-del: leak fix by free the relevant members

Hi > -Original Message- > From: Igor Mammedov [mailto:imamm...@redhat.com] > Sent: Tuesday, June 12, 2018 9:40 PM > To: liujunjie (A) > Cc: pbonz...@redhat.com; r...@twiddle.net; crosthwaite.pe...@gmail.com; > linzhecheng ; Huangweidong (C) > ; wangxin (U) >

[Qemu-devel] [PATCH v2] cpu hot-del: leak fix by free the relevant members

does not be reportd by ASAN since it still in vm_change_state_head, it's not longer used after hot-del, so free it, too. Signed-off-by: liujunjie Signed-off-by: linzhecheng --- accel/kvm/kvm-all.c | 3 +++ cpus.c | 6 ++ include/sysemu/kvm.h | 1 + target/i386/cpu.h

[Qemu-devel] [PATCH] cpu hot-del: leak fix by free the relevant members

does not be reportd by ASAN since it still in vm_change_state_head, it's not longer used after hot-del, so free it, too. Signed-off-by: liujunjie Signed-off-by: linzhecheng --- accel/kvm/kvm-all.c | 1 + cpus.c | 6 ++ include/sysemu/kvm.h | 2 ++ target/arm/kvm.c

[Qemu-devel] [PATCH] ps2: check PS2Queue wptr pointer in post_load routine

to OOB access, add check to avoid it. Signed-off-by: liujunjie --- hw/input/ps2.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/hw/input/ps2.c b/hw/input/ps2.c index eeec618..fdfcadf 100644 --- a/hw/input/ps2.c +++ b/hw/input/ps2.c @@ -927,7 +927,7 @@ static void