On Mon, Jul 23, 2018 at 04:13:18PM -0400, Jintack Lim wrote:
> Hi,
>
> I'm running a Windows VM on top of KVM on x86, and one of virtio-net
> device in the Windows VM doesn't seem to work. I provided virtual
> IOMMU and two virtio-net devices to the VM: one bypassing the virtual
> IOMMU and the
On Tue, Jul 24, 2018 at 01:49:32PM +1000, Benjamin Herrenschmidt wrote:
> On Tue, 2018-07-24 at 12:14 +1000, David Gibson wrote:
> > > I don't know, is there much shared logic ? And the shared bits are the
> > > subclassing, that's handled that way...
> > >
> > > This is really a different piece
On 23/07/2018 13:11, David Gibson wrote:
> On Wed, Jun 20, 2018 at 07:10:12PM +1000, Alexey Kardashevskiy wrote:
>> At the moment the PPC64/pseries guest only supports 4K/64K/16M IOMMU
>> pages and POWER8 CPU supports the exact same set of page size so
>> so far things worked fine.
>>
>> However
On Tue, 2018-07-24 at 12:14 +1000, David Gibson wrote:
> > I don't know, is there much shared logic ? And the shared bits are the
> > subclassing, that's handled that way...
> >
> > This is really a different piece of HW, a separate ICS implementation,
> > that has its own quirks, is configured
On Tue, Jul 24, 2018 at 09:55:53AM +1000, Benjamin Herrenschmidt wrote:
> On Mon, 2018-07-23 at 14:16 +1000, David Gibson wrote:
> > >
> > > Now, this is an ICS subclass, so why shouldn't it directly poke at the
> > > target ICP ?
> >
> > That's ok in theory, but causing it to expose the icp
I am sorry for that. I have changed the git setting to avoid using this symbol
next time.
> -Original Message-
> From: Eric Blake [mailto:ebl...@redhat.com]
> Sent: Monday, July 23, 2018 10:52 PM
> To: liujunjie (A) ; arm...@redhat.com
> Cc: wangxin (U) ; Gonglei (Arei)
> ; Huangweidong
On Mon, Jul 23, 2018 at 11:37:06PM +0200, Cédric Le Goater wrote:
> On 07/18/2018 08:12 AM, David Gibson wrote:
> >> +static void pnv_phb3_get_phb_id(Object *obj, Visitor *v, const char *name,
> >> + void *opaque, Error **errp)
> >> +{
> >> +Property *prop =
On Mon, Jul 23, 2018 at 10:37 PM Max Reitz wrote:
>
> On 2018-07-23 03:56, Fam Zheng wrote:
> > On Sun, Jul 22, 2018 at 10:06 PM Max Reitz wrote:
> >>
> >> On 2018-07-22 04:37, Fam Zheng wrote:
> >>> On Sun, Jul 22, 2018 at 5:08 AM Max Reitz wrote:
>
> On 2018-07-19 05:41, Fam Zheng
The stack backtrace is as follows:
(gdb) bt
#0 0x7f1dc3c7b091 in _g_log_abort () from /usr/lib64/libglib-2.0.so.0
#1 0x7f1dc3c7c0bd in g_log_default_handler () from
/usr/lib64/libglib-2.0.so.0
#2 0x7f1dc3c7c341 in g_logv () from /usr/lib64/libglib-2.0.so.0
#3 0x7f1dc3c7c5cf in
From: Marc-André Lureau
json_parser_parse_err() may return something else than a QDict, in
which case we loose the object. Let's keep track of the original
object to avoid leaks.
When an error occurs, "qdict" contains the response, but we still
check the "execute" key there. Untangle a bit this
Quoting Sameeh Jubran (2018-07-17 00:46:27)
> I'v successfully compiled the previous patch on Fedora 27, but it seems to be
> failing on RHEL, You can apply this patch instead which avoids using the
> versionhelpers header:
Thanks, applied to qga tree:
https://github.com/mdroth/qemu/commits/qga
From: Sameeh Jubran
The defrag.exe tool which is used for executing the fstrim command
on Windows doesn't support retrim for OSes lower than Win8. This
commit handles this case and returns a suitable error.
Output of fstrim before this commit:
{"execute":"guest-fstrim"}
{"return": {"paths":
Quoting Marc-André Lureau (2018-07-19 13:40:59)
> json_parser_parse_err() may return something else than a QDict, in
> which case we loose the object. Let's keep track of the original
> object to avoid leaks.
>
> When an error occurs, "qdict" contains the response, but we still
> check the
The following changes since commit 4eecc2e212bae7308d8582d99f665dfc253c9dda:
Merge remote-tracking branch 'remotes/rth/tags/pull-tcg-20180723' into
staging (2018-07-23 19:24:05 +0100)
are available in the Git repository at:
git://github.com/mdroth/qemu.git tags/qga-pull-2018-07-23-tag
On Mon, 2018-07-23 at 14:16 +1000, David Gibson wrote:
> >
> > Now, this is an ICS subclass, so why shouldn't it directly poke at the
> > target ICP ?
>
> That's ok in theory, but causing it to expose the icp interface to a
> new module isn't great.
>
> > It's an alternate to the normal ICS
On Thu, Jul 19, 2018 at 12:59 AM, Thomas Huth wrote:
> On 18.07.2018 23:31, Alistair Francis wrote:
>> On Wed, Jul 18, 2018 at 12:22 AM, Thomas Huth wrote:
>>> On 17.07.2018 22:27, Alistair Francis wrote:
This is based on Thomas's work fixing introspection problems [1] and
applied to
From: Vladimir Sementsov-Ogievskiy
Signed-off-by: Vladimir Sementsov-Ogievskiy
Signed-off-by: John Snow
---
block/qcow2.c | 6 +++---
1 file changed, 3 insertions(+), 3 deletions(-)
diff --git a/block/qcow2.c b/block/qcow2.c
index 6162ed8be2..7444133ccd 100644
--- a/block/qcow2.c
+++
This patch aims to bring the following behavior:
1. Bitmaps are not loaded on open if BDRV_O_INACTIVE is set, which occurs
for incoming migration cases. We will load these persistent bitmaps
on invalidate instead.
2. Regardless of the migration circumstances, persistent bitmaps are
From: Vladimir Sementsov-Ogievskiy
Signed-off-by: Vladimir Sementsov-Ogievskiy
Reviewed-by: John Snow
Message-id: 20180626135035.133432-2-vsement...@virtuozzo.com
Signed-off-by: John Snow
---
tests/qemu-iotests/169 | 1 -
1 file changed, 1 deletion(-)
diff --git a/tests/qemu-iotests/169
From: Vladimir Sementsov-Ogievskiy
This variable doesn't work as it should, because it is actually cleared
in qcow2_co_invalidate_cache() by memset(). Drop it, as the following
patch will introduce new behavior.
Signed-off-by: Vladimir Sementsov-Ogievskiy
Reviewed-by: John Snow
Signed-off-by:
From: Vladimir Sementsov-Ogievskiy
Test that we can resume source vm after [failed] migration, and bitmaps
are ok.
Signed-off-by: Vladimir Sementsov-Ogievskiy
Signed-off-by: John Snow
---
tests/qemu-iotests/169 | 59 +-
Presently, we emulate a block migration by just using a different
target file. Update the test to actually request a block migration.
Signed-off-by: John Snow
---
tests/qemu-iotests/169 | 3 +++
1 file changed, 3 insertions(+)
diff --git a/tests/qemu-iotests/169 b/tests/qemu-iotests/169
index
From: Vladimir Sementsov-Ogievskiy
Before previous patch, iotest 169 was actually broken for the case
test_persistent__not_migbitmap__offline_shared, while formally
passing.
After migration log of vm_b had message:
qemu-system-x86_64: Could not reopen qcow2 layer: Bitmap already
This is an updated version of Vladimir's proposal for fixing the
handling around migration and persistent dirty bitmaps.
Patches 1, 4, 6, and 7 update the testing for this feature.
Patch 2 touches up an error message.
Patch 3 removes dead code.
Patch 5 contains the real fix.
v2:
- Add a new
Quoting Michael Roth (2018-07-23 15:16:14)
> From: Cornelia Huck
>
> We currently pass an integer as the subcode parameter. However,
> the upper bits of the register containing the subcode need to
> be 0, which is not guaranteed unless we explicitly specify the
> subcode to be an unsigned long
On 23 July 2018 at 23:00, Richard Henderson
wrote:
> This allows the default (and maximum) vector length to be set
> from the command-line. Which is extraordinarily helpful in
> debuging problems depending on vector length without having to
> bake knowledge of PR_SET_SVE_VL into every guest
This allows the default (and maximum) vector length to be set
from the command-line. Which is extraordinarily helpful in
debuging problems depending on vector length without having to
bake knowledge of PR_SET_SVE_VL into every guest binary.
Signed-off-by: Richard Henderson
---
The argument for
On 07/18/2018 08:12 AM, David Gibson wrote:
>> +/* Setup LSI offset */
>> +ics->offset = comp + global;
> Oh.. changing ICS offset at runtime. I hadn't considered that case..
Yes. The PowerNV FW defines the IRQ layout in the overall number space.
C.
On 07/18/2018 08:12 AM, David Gibson wrote:
>> +static void pnv_phb3_get_phb_id(Object *obj, Visitor *v, const char *name,
>> + void *opaque, Error **errp)
>> +{
>> +Property *prop = opaque;
>> +uint32_t *ptr = qdev_get_prop_ptr(DEVICE(obj), prop);
>> +
>> +
>> diff --git a/include/hw/ppc/xics.h b/include/hw/ppc/xics.h
>> index 6ac8a9392da6..966a996c2eac 100644
>> --- a/include/hw/ppc/xics.h
>> +++ b/include/hw/ppc/xics.h
>> @@ -194,6 +194,7 @@ void icp_set_mfrr(ICPState *icp, uint8_t mfrr);
>> uint32_t icp_accept(ICPState *ss);
>> uint32_t
On 07/23/2018 11:03 AM, Peter Maydell wrote:
> In icc_dir_write() we were incorrectly checking HCR_EL2.FMO
> when determining whether IRQ should be routed to EL2; this should
> be HCR_EL2.IMO (compare the GICv3 pseudocode ICC_DIR_EL1[]).
> Use the correct mask.
>
> Signed-off-by: Peter Maydell
>
From: Yunjian Wang
The memory leak on success to create a tap device. And the nfds and
nvhosts may not be the same and need to be processed separately.
Fixes: 07825977 ("tap: fix memory leak on failure to create a multiqueue tap
device")
Fixes: 264986e2 ("tap: multiqueue support")
Cc:
From: Pankaj Gupta
virtio-rng device causes old guest kernels(2.6.32) to hang on latest qemu.
The driver attempts to read from the virtio-rng device too early in it's
initialization. Qemu detects guest is not ready and returns, resulting in
hang.
To fix handle pending requests when guest is
From: Richard Henderson
Also, assert that we don't overflow any of two different offsets into
the TB. Both unwind and goto_tb both record a uint16_t for later use.
This fixes an arm-softmmu test case utilizing NEON in which there is
a TB generated that runs to 7800 opcodes, and compiles to 96k
From: Vladimir Sementsov-Ogievskiy
dirty_bitmap_load_header return code is obtained but not handled. Fix
this.
Bug was introduced in b35ebdf076d697bc
"migration: add postcopy migration of dirty bitmaps" with the whole
function.
Signed-off-by: Vladimir Sementsov-Ogievskiy
Message-Id:
From: Eric Blake
Detected by Coverity: Multiplying two 32-bit int and assigning
the result to a 64-bit number is a risk of overflow. Prior to
the conversion to byte-based interfaces, the block layer took
care of ensuring that a status request never exceeded 2G in
the driver; but after that
From: Eric Blake
The NBD spec says that behavior is unspecified if the client
requests 0 length for block status; but since the structured
reply is documenting as returning a non-zero length, it's
easier to just diagnose this with an EINVAL error than to
figure out what to return.
CC:
From: "Emilio G. Cota"
The use of GDB breakpoints was broken by b0c2d52 ("target/ppc: convert
to TranslatorOps", 2018-02-16).
Fix it by setting is_jmp, so that we break from the translation loop
as originally intended.
Tested-by: Mark Cave-Ayland
Reported-by: Mark Cave-Ayland
Signed-off-by:
From: Alex Bennée
All the hard work is already done by vfp_expand_imm, we just need to
make sure we pick up the correct size.
Cc: qemu-sta...@nongnu.org
Reviewed-by: Peter Maydell
Signed-off-by: Alex Bennée
Tested-by: Alex Bennée
Signed-off-by: Richard Henderson
Message-id:
From: Peter Lieven
the min_sparse convert parameter can overflow (e.g. -S 1024G)
in the conversion from int64_t to int resulting in a negative
min_sparse parameter. Avoid this by limiting the valid parameters
to sane values. In fact anything exceeding the convert buffer size
is also pointless.
From: Richard Henderson
We missed all of the scalar fp16 fma operations.
Cc: qemu-sta...@nongnu.org
Reviewed-by: Alex Bennée
Signed-off-by: Richard Henderson
Tested-by: Alex Bennée
Message-id: 20180512003217.9105-8-richard.hender...@linaro.org
Signed-off-by: Peter Maydell
(cherry picked
From: Greg Kurz
The pseries-2.7 and older machine types require CPUPPCState::insns_flags
to be strictly equal between source and destination. This checking is
abusive and breaks migration of KVM guests when the host CPU models
are different, even if they are compatible enough to allow the guest
From: Richard Henderson
We missed all of the scalar fp16 binary operations.
Cc: qemu-sta...@nongnu.org
Reviewed-by: Alex Bennée
Signed-off-by: Richard Henderson
Tested-by: Alex Bennée
Message-id: 20180512003217.9105-7-richard.hender...@linaro.org
Signed-off-by: Peter Maydell
(cherry picked
From: Olaf Hering
Currently the minimal supported version of glib is 2.22.
Since testing is done with a glib that claims to be 2.22, but in fact
has APIs from newer version of glib, this bug was not caught during
submit of the patch referenced below.
Replace g_realloc_n, which is available only
From: Alex Williamson
Commit a9994687cb9b ("vfio/display: core & wireup") added display
support to vfio-pci with the default being "auto", which breaks
existing VMs when the vGPU requires GL support but had no previous
requirement for a GL compatible configuration. "Off" is the safer
default as
From: Richard Henderson
Cc: qemu-sta...@nongnu.org
Reviewed-by: Alex Bennée
Signed-off-by: Richard Henderson
Tested-by: Alex Bennée
Message-id: 20180512003217.9105-4-richard.hender...@linaro.org
Signed-off-by: Peter Maydell
(cherry picked from commit 564a0632504fad840491aa9a59453f4e64a316c4)
From: Richard Henderson
Adding the fp16 moves to/from general registers.
Cc: qemu-sta...@nongnu.org
Signed-off-by: Richard Henderson
Tested-by: Alex Bennée
Message-id: 20180512003217.9105-2-richard.hender...@linaro.org
Reviewed-by: Peter Maydell
Signed-off-by: Peter Maydell
(cherry picked
From: Marc-André Lureau
Commit fb5e19d2e1472e96d72d5e4d89c20033f8ab345c originally fixed the
regression, but was inadvertently broken again in merge commit
2d6752d38d8acda.
Fixes:
https://bugs.launchpad.net/qemu/+bug/1654137
Cc: qemu-sta...@nongnu.org
Signed-off-by: Marc-André Lureau
From: Kevin Wolf
Commit c22a03454 QAPIfied option parsing in the NFS block driver, but
forgot to remove all the options we processed. Therefore, we get an
error in bdrv_open_inherit(), which thinks the remaining options are
invalid. Trying to open an NFS image will result in an error like this:
From: Petr Tesarik
The significand is passed to normalizeRoundAndPackFloat128() as high
first, low second. The current code passes the integer first, so the
result is incorrectly shifted left by 64 bits.
This bug affects the emulation of s390x instruction CXLGBR (convert
from logical 64-bit
From: Richard Henderson
The instruction "ucvtf v0.4h, v04h, #2", with input 0x8000u,
overflows the intermediate float16 to infinity before we have a
chance to scale the output. Use float64 as the intermediate type
so that no input argument (uint32_t in this case) can overflow
or round before
From: Philippe Mathieu-Daudé
4c3119a6e3e and cd9526ab7c0 introduced an incorrect and inconsistent
use of Chardev->be. Also, this CharBackend member is private and is
not supposed to be accessible.
Fix it by removing the inconsistent check.
Cc: qemu-sta...@nongnu.org
Reported-by: Marc-André
From: Alex Bennée
These where missed out from the rest of the half-precision work.
Cc: qemu-sta...@nongnu.org
Reviewed-by: Peter Maydell
Signed-off-by: Alex Bennée
Tested-by: Alex Bennée
Signed-off-by: Richard Henderson
Message-id: 20180512003217.9105-9-richard.hender...@linaro.org
[rth:
From: Richard Henderson
While we have some of the scalar paths for FCVT for fp16,
we failed to decode the fp16 version of these instructions.
Cc: qemu-sta...@nongnu.org
Signed-off-by: Richard Henderson
Message-id: 20180502221552.3873-3-richard.hender...@linaro.org
Reviewed-by: Peter Maydell
From: Richard Henderson
While we have some of the scalar paths for *CVF for fp16,
we failed to decode the fp16 version of these instructions.
Cc: qemu-sta...@nongnu.org
Signed-off-by: Richard Henderson
Message-id: 20180502221552.3873-2-richard.hender...@linaro.org
Reviewed-by: Peter Maydell
From: Alex Bennée
We are meant to explicitly pass fpst, not cpu_env.
Cc: qemu-sta...@nongnu.org
Signed-off-by: Alex Bennée
Reviewed-by: Richard Henderson
Signed-off-by: Richard Henderson
Tested-by: Alex Bennée
Message-id: 20180512003217.9105-12-richard.hender...@linaro.org
Signed-off-by:
From: Alex Bennée
These were missed out from the rest of the half-precision work.
Cc: qemu-sta...@nongnu.org
Reviewed-by: Peter Maydell
Signed-off-by: Alex Bennée
Tested-by: Alex Bennée
Signed-off-by: Richard Henderson
Message-id: 20180512003217.9105-10-richard.hender...@linaro.org
[rth:
From: John Snow
When we've reached the concluded state, we need to expose the error
state if applicable. Add the new field.
This should be sufficient for determining if a job completed
successfully or not after concluding; if we want to discriminate
based on how it failed more mechanically, we
From: Peter Maydell
In float-to-integer conversion, if the floating point input
converts exactly to the largest or smallest integer that
fits in to the result type, this is not an overflow.
In this situation we were producing the correct result value,
but were incorrectly setting the Invalid
From: Peter Maydell
For v8M the instructions VLLDM and VLSTM support lazy saving
and restoring of the secure floating-point registers. Even
if the floating point extension is not implemented, these
instructions must act as NOPs in Secure state, so they can
be used as part of the
From: Richard Henderson
Cc: qemu-sta...@nongnu.org
Reviewed-by: Alex Bennée
Signed-off-by: Richard Henderson
Tested-by: Alex Bennée
Message-id: 20180512003217.9105-5-richard.hender...@linaro.org
Signed-off-by: Peter Maydell
(cherry picked from commit 2752728016bef06e7c9cfb961019272859beeca4)
From: Peter Maydell
In commit d81ce0ef2c4f105 we added an extra float_status field
fp_status_fp16 for Arm, but forgot to initialize it correctly
by setting it to float_tininess_before_rounding. This currently
will only cause problems for the new V8_FP16 feature, since the
float-to-float
From: Peter Maydell
It is implementation defined whether a multiply-add of
(0,inf,qnan) or (inf,0,qnan) raises InvalidaOperation or
not, so we let the target-specific pickNaNMulAdd function
handle this. This means that we must do the "return the
default NaN in default NaN mode" check after the
From: Richard Henderson
Cc: qemu-sta...@nongnu.org
Reviewed-by: Peter Maydell
Signed-off-by: Richard Henderson
Tested-by: Alex Bennée
Message-id: 20180512003217.9105-6-richard.hender...@linaro.org
Signed-off-by: Peter Maydell
(cherry picked from commit
From: Richard Henderson
Use write_fp_dreg and clear_vec_high to zero the bits
that need zeroing for these cases.
Cc: qemu-sta...@nongnu.org
Reviewed-by: Alex Bennée
Signed-off-by: Richard Henderson
Message-id: 20180502221552.3873-5-richard.hender...@linaro.org
Signed-off-by: Peter Maydell
From: Michael Clark
The 'sifive_u' board has a bug where the ROM is
created as RAM at the wrong address and marked
readonly. The bug renders the board unusable.
This is a minimal fix and allows booting Linux.
5aec3247c190f10654250203a1742490ae7343a2
"RISC-V: Mark ROM read-only after copying in
From: Peter Maydell
The VPUNPCKLD* instructions are all "non-destructive source",
indicated by "NDS" in the encoding string in the x86 ISA manual.
This means that they take two source operands, one of which is
encoded in the VEX. field. We were incorrectly treating them
as if they were
From: Henry Wertz
I found with qemu 2.11.x or newer that I would get an illegal instruction
error running some Intel binaries on my ARM chromebook. On investigation,
I found it was quitting on memory barriers.
qemu instruction:
mb $0x31
was translating as:
0x604050cc: 5bf07ff5 blpl
From: Eric Blake
The NBD spec is proposing a relaxation of NBD_CMD_BLOCK_STATUS
where a server may have the final extent per context give a
length beyond the original request, if it can easily prove that
subsequent bytes have the same status, on the grounds that a
client can take advantage of
From: KONRAD Frederic
The htif device is supposed to be mapped over an other subregion. So increase
its priority to one to avoid any conflict.
Here is the output of info mtree:
Before:
(qemu) info mtree
address-space: memory
- (prio 0, i/o): system
From: Laszlo Ersek
* Commit ca230ff33f89 added the @arch field to @CpuInfoFast, but it failed
to set the new field in qmp_query_cpus_fast(), when TARGET_S390X was not
defined. The updated @query-cpus-fast example in "qapi-schema.json"
showed "arch":"x86" only because qmp_query_cpus_fast()
From: KONRAD Frederic
When compiling on a machine without libfdt installed the configure script
should try to get libfdt from the git or should die because otherwise
CONFIG_LIBFDT is not set and the build process end in an error in the link
phase.. eg:
hw/riscv/virt.o: In function
From: Richard Henderson
In 6001f7729e12 we partially attempt to address the branch
displacement overflow caused by 15fa08f845.
However, gcc/testsuite/gcc.target/aarch64/advsimd-intrinsics/vqtbX.c
is a testcase that contains a TB so large as to overflow anyway.
The limit here of 8000 ops
From: Cornelia Huck
We currently pass an integer as the subcode parameter. However,
the upper bits of the register containing the subcode need to
be 0, which is not guaranteed unless we explicitly specify the
subcode to be an unsigned long value.
Fixes: d046c51dad3 ("pc-bios/s390-ccw: Get
From: Gerd Hoffmann
When vnc_client_read() return value is -1
vs is not valid any more.
Fixes: d49b87f0d1e0520443a990fc610d0f02bc63c556
Reported-by: Philippe Mathieu-Daudé
Signed-off-by: Gerd Hoffmann
Reviewed-by: Marc-André Lureau
Reviewed-by: Daniel P. Berrangé
Reviewed-by: Philippe
From: Max Reitz
We already have an extensive mirror test (041) which does cover
cancelling a mirror job, especially after it has emitted the READY
event. However, it does not check what exact events are emitted after
block-job-cancel is executed. More importantly, it does not use
throttling to
From: Stefan Hajnoczi
Commit b76e4458b1eb3c32e9824fe6aa51f67d2b251748 ("block/mirror: change
the semantic of 'force' of block-job-cancel") accidentally removed the
ratelimit in the mirror job.
Reintroduce the ratelimit but keep the block-job-cancel force=true
behavior that was added in commit
From: KONRAD Frederic
The sanity check on base doesn't allow htif to be mapped @0. Check if the
symbol exists instead so we can map it where we want.
Reviewed-by: Michael Clark
Signed-off-by: KONRAD Frederic
Signed-off-by: Michael Clark
Message-Id:
From: Eric Blake
A missing space makes for poor error messages, and sizes can't
go negative. Also, we missed diagnosing a server that sends
a maximum block size less than the minimum.
Fixes: 081dd1fe
CC: qemu-sta...@nongnu.org
Signed-off-by: Eric Blake
Message-Id:
From: Max Reitz
Commit b76e4458b1eb3c32e9824fe6aa51f67d2b251748 made the mirror block
job respect block-job-cancel's @force flag: With that flag set, it would
now always really cancel, even post-READY.
Unfortunately, it had a side effect: Without that flag set, it would now
never cancel, not
From: Philippe Mathieu-Daudé
This fixes:
hw/usb/dev-mtp.c:971:5: warning: 4th function call argument is an
uninitialized value
trace_usb_mtp_op_get_partial_object(s->dev.addr, o->handle, o->path,
c->argv[1], c->argv[2]);
From: Philippe Mathieu-Daudé
USB Specification Revision 2.0, §5.5.3:
The Data stage of a control transfer from an endpoint to the host is complete
when the endpoint does one of the following:
• Has transferred exactly the amount of data specified during the Setup stage
• Transfers a
From: Vladimir Sementsov-Ogievskiy
Release buf on error path too.
Bug was introduced in b35ebdf076d697bc "migration: add postcopy
migration of dirty bitmaps" with the whole function.
Signed-off-by: Vladimir Sementsov-Ogievskiy
Message-Id: <20180427142002.21930-3-vsement...@virtuozzo.com>
From: Vladimir Sementsov-Ogievskiy
Initialize received variable. Otherwise, is is possible for server to
answer without any contexts, but we will set context_id to something
random (received_id is not initialized too) and return 1, which is
wrong.
To solve it, just initialize received to false.
From: linzhecheng
As qemu_new_net_client create new ncs but error happens later,
ncs will be left in global net_clients list and we can't use them any
more, so we need to cleanup them.
Cc: qemu-sta...@nongnu.org
Signed-off-by: linzhecheng
Signed-off-by: Jason Wang
(cherry picked from commit
From: Cédric Le Goater
Commit 9b0605f9837b ("cpus: tcg: unregister thread with RCU, fix
exiting of loop on unplug") changed the exit condition of the loop in
the vCPU thread function but forgot to remove the beginning 'while (1)'
statement. The resulting code :
while (1) {
...
From: Max Reitz
Reviewed-by: John Snow
Tested-by: Jeff Cody
Reviewed-by: Jeff Cody
Signed-off-by: Max Reitz
Message-id: 20180606193702.7113-4-mre...@redhat.com
Signed-off-by: Max Reitz
(cherry picked from commit c50abd175a88cd41c2c08339de91f6f6e4a7b162)
Signed-off-by: Michael Roth
---
From: Eric Blake
Commit a290f085 exposed a latent bug in qemu-img map introduced
during the conversion of block status to be byte-based. Earlier in
commit 5e344dd8, the internal interface get_block_status() switched
to take byte-based parameters, but still called a sector-based
block layer
On 07/23/2018 12:35 PM, Eric Blake wrote:
> In kill_qemu() we have an assert that checks that the QEMU process
> didn't dump core:
> assert(!WCOREDUMP(wstatus));
>
> Unfortunately the WCOREDUMP macro here means the resulting message
> is not very easy to comprehend on at least some
From: Konrad Rzeszutek Wilk
"Some AMD processors only support a non-architectural means of enabling
speculative store bypass disable (SSBD). To allow a simplified view of
this to a guest, an architectural definition has been created through a new
CPUID bit, 0x8008_EBX[25], and a new MSR,
From: Shannon Zhao
While we skip the GIC_INTERNAL irqs, we don't change the register offset
accordingly. This will overlap the GICR registers value and leave the
last GIC_INTERNAL irq's registers out of update.
Fix this by skipping the registers banked by GICR.
Also for migration compatibility
From: Brijesh Singh
A guest boot hangs while probing the network interface when
iommu_platform=on is used.
The following qemu cli hangs without this patch:
# $QEMU \
-netdev tap,fd=3,id=hostnet0,vhost=on,vhostfd=4 3<>/dev/tap67
4<>/dev/host-net \
-device
From: Daniel P. Berrangé
New microcode introduces the "Speculative Store Bypass Disable"
CPUID feature bit. This needs to be exposed to guest OS to allow
them to protect against CVE-2018-3639.
Signed-off-by: Daniel P. Berrangé
Reviewed-by: Konrad Rzeszutek Wilk
Signed-off-by: Konrad Rzeszutek
From: Shannon Zhao
While for_each_dist_irq_reg loop starts from GIC_INTERNAL, it forgot to
offset the date array and index. This will overlap the GICR registers
value and leave the last GIC_INTERNAL irq's registers out of update.
Fixes: 367b9f527becdd20ddf116e17a3c0c2bbc486920
Cc:
From: John Snow
Fixes: https://bugs.launchpad.net/qemu/+bug/1769189
AHCI presently signals completion prior to the PxCI register being
cleared to indicate completion. If a guest driver attempts to issue
a new command in its IRQ handler, it might be surprised to learn there
is still a command
From: Konrad Rzeszutek Wilk
AMD Zen expose the Intel equivalant to Speculative Store Bypass Disable
via the 0x8008_EBX[25] CPUID feature bit.
This needs to be exposed to guest OS to allow them to protect
against CVE-2018-3639.
Signed-off-by: Konrad Rzeszutek Wilk
Reviewed-by: Daniel P.
From: Eric Blake
Although qemu-img creates aligned files (by rounding up), it
must also gracefully handle files that are not sector-aligned.
Test that the bug fixed in the previous patch does not recur.
It's a bit annoying that we can see the (implicit) hole past
the end of the file on to the
From: Alberto Garcia
The throttle block filter can be reopened, and with this it is
possible to change the throttle group that the filter belongs to.
The way the code does that is the following:
- On throttle_reopen_prepare(): create a new ThrottleGroupMember
and attach it to the new
From: Peter Xu
This patch fixes a potential small window that the DMA page table might
be incomplete or invalid when the guest sends domain/context
invalidations to a device. This can cause random DMA errors for
assigned devices.
This is a major change to the VT-d shadow page walking logic. It
From: Max Reitz
When signaling a corruption on a read-only image, qcow2 already makes
fatal events non-fatal (i.e., they will not result in the image being
closed, and the image header's corrupt flag will not be set). This is
necessary because we cannot set the corrupt flag on read-only images,
1 - 100 of 271 matches
Mail list logo
