On Wed, Sep 18, 2019 at 11:19:27PM +, Oleinik, Alexander wrote:
> create mode 100644 docs/devel/fuzzing.txt
> create mode 100644 main.c
> create mode 100644 tests/fuzz/Makefile.include
> create mode 100644 tests/fuzz/fork_fuzz.c
> create mode 100644 tests/fuzz/fork_fuzz.h
> create mode 10
Le 12/09/2019 à 15:57, Greg Kurz a écrit :
> Signed-off-by: Greg Kurz
> ---
> include/sysemu/kvm.h |2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/include/sysemu/kvm.h b/include/sysemu/kvm.h
> index 909bcd77cf82..fd674772ab31 100644
> --- a/include/sysemu/kvm.h
> +++
On Wed, Sep 18, 2019 at 11:19:33PM +, Oleinik, Alexander wrote:
> Signed-off-by: Alexander Oleinik
> ---
> configure | 13 +
> 1 file changed, 13 insertions(+)
>
> diff --git a/configure b/configure
> index 30aad233d1..775f46f55a 100755
> --- a/configure
> +++ b/configure
> @@ -4
I also meet the same problem.
Does anybody have solutions for this problem?
--
You received this bug notification because you are a member of qemu-
devel-ml, which is subscribed to QEMU.
https://bugs.launchpad.net/bugs/1782300
Title:
COLO unable to failover to secondary VM
Status in QEMU:
N
On Wed, Sep 18, 2019 at 11:19:39PM +, Oleinik, Alexander wrote:
> The moved functions are not specific to qos-test and might be useful
> elsewhere. For example the virtual-device fuzzer makes use of them for
> qos-assisted fuzz-targets.
>
> Signed-off-by: Alexander Oleinik
> ---
> tests/Make
Eric Blake writes:
> On 9/13/19 10:49 AM, Peter Maydell wrote:
>> The qemu-ga documentation is currently in qemu-ga.texi in
>> Texinfo format, which we present to the user as:
>> * a qemu-ga manpage
>> * a section of the main qemu-doc HTML documentation
>>
>> Convert the documentation to rST
On Wed, Sep 18, 2019 at 11:19:40PM +, Oleinik, Alexander wrote:
> When using qtest "in-process" communication, qtest_sendf directly calls
> a function in the server (qtest.c). Combining the contents of the
> subsequent socket_sends into the qtest_sendf, makes it so the server can
> immediately
On Wed, Sep 18, 2019 at 11:19:36PM +, Oleinik, Alexander wrote:
> The handler allows a qtest client to send commands to the server by
> directly calling a function, rather than using a file/CharBackend
>
> Signed-off-by: Alexander Oleinik
> ---
> include/sysemu/qtest.h | 1 +
> qtest.c
Gerd Hoffmann 于2019年9月19日周四 下午4:54写道:
> On Sun, Sep 01, 2019 at 10:43:42PM +0800, Li Qiang wrote:
> > fangying 于2019年9月1日周日 下午8:29写道:
> >
> > > Nice work, your patch does fix this issue in my test.
> > >
> > > I think we should make VncState.zlib to be a pointer type as well.
> > >
> > > Since w
On Wed, Sep 18, 2019 at 11:19:41PM +, Oleinik, Alexander wrote:
> @@ -830,6 +832,9 @@ char *qtest_hmp(QTestState *s, const char *fmt, ...)
>
> const char *qtest_get_arch(void)
Maybe this should be per QTestState just like big_endian, but the global
qtest_arch variable is okay for now.
Revi
Coverity noticed commit 950c4e6c94 introduced a dereference before
null check in get_opt_value (CID1391003):
In get_opt_value: All paths that lead to this null pointer
comparison already dereference the pointer earlier (CWE-476)
We fixed this in commit 6e3ad3f0e31, but relaxed the check in co
James: Freedy proposed a fix for the bug I was looking at with a spice fix:
https://lists.freedesktop.org/archives/spice-devel/2019-September/050859.html
That's in the spice-server package.
If you can check that it also fixes your bug that would be great.
--
You received this bug notificatio
Signed-off-by: Philippe Mathieu-Daudé
---
.shippable.yml | 2 ++
1 file changed, 2 insertions(+)
diff --git a/.shippable.yml b/.shippable.yml
index bbc6f88510..01b33bd034 100644
--- a/.shippable.yml
+++ b/.shippable.yml
@@ -25,6 +25,8 @@ env:
TARGET_LIST=mips64el-softmmu,mips64el-linux-us
Signed-off-by: Philippe Mathieu-Daudé
---
tests/docker/Makefile.include | 1 +
.../dockerfiles/fedora-win10sdk-cross.docker | 21 +++
2 files changed, 22 insertions(+)
create mode 100644 tests/docker/dockerfiles/fedora-win10sdk-cross.docker
diff --git a/tests/d
Hi Philippe,
On 9/19/19 12:49 PM, Philippe Mathieu-Daudé wrote:
> Coverity noticed commit 950c4e6c94 introduced a dereference before
> null check in get_opt_value (CID1391003):
>
> In get_opt_value: All paths that lead to this null pointer
> comparison already dereference the pointer earlier
On 9/19/19 12:59 PM, Philippe Mathieu-Daudé wrote:
> Signed-off-by: Philippe Mathieu-Daudé
> ---
> .shippable.yml | 2 ++
> 1 file changed, 2 insertions(+)
>
> diff --git a/.shippable.yml b/.shippable.yml
> index bbc6f88510..01b33bd034 100644
> --- a/.shippable.yml
> +++ b/.shippable.yml
> @@ -2
Add a job to cross-build QEMU with WHPX enabled.
Use the Win10SDK headers from the Android Project, as commented
in https://lists.gnu.org/archive/html/qemu-devel/2019-09/msg03842.html
Based-on: <20190918121101.30690-1-phi...@redhat.com>
https://lists.gnu.org/archive/html/qemu-devel/2019-09/msg038
On 9/19/19 12:58 PM, Damien Hedde wrote:
> Hi Philippe,
>
> On 9/19/19 12:49 PM, Philippe Mathieu-Daudé wrote:
>> Coverity noticed commit 950c4e6c94 introduced a dereference before
>> null check in get_opt_value (CID1391003):
>>
>> In get_opt_value: All paths that lead to this null pointer
>>
On Thu, Sep 19, 2019 at 12:16:43PM +0200, Laurent Vivier wrote:
> Le 19/09/2019 à 10:37, Gerd Hoffmann a écrit :
> > On Mon, Sep 16, 2019 at 10:15:15AM +0200, Laurent Vivier wrote:
> >> Le 14/09/2019 à 16:51, James Le Cuirot a écrit :
> >>> This dependency is currently "automagic", which is bad for
On 19/09/19 01:19, Oleinik, Alexander wrote:
> +static GString *qtest_client_inproc_recv_line(void *);
This is not defined as of this patch, please move it to patch 14.
>
> +qtest_client_set_rx_handler(s, qtest_client_socket_recv_line, s);
> +qtest_client_set_tx_handler(s, qtest_client_
Am 19.09.2019 um 12:59 schrieb Philippe Mathieu-Daudé:
> Add a job to cross-build QEMU with WHPX enabled.
>
> Use the Win10SDK headers from the Android Project, as commented
> in https://lists.gnu.org/archive/html/qemu-devel/2019-09/msg03842.html
>
> Based-on: <20190918121101.30690-1-phi...@redhat.
On 19/09/2019 12.59, Philippe Mathieu-Daudé wrote:
> Add a job to cross-build QEMU with WHPX enabled.
>
> Use the Win10SDK headers from the Android Project, as commented
> in https://lists.gnu.org/archive/html/qemu-devel/2019-09/msg03842.html
>
> Based-on: <20190918121101.30690-1-phi...@redhat.co
On 9/19/19 1:09 PM, Thomas Huth wrote:
> On 19/09/2019 12.59, Philippe Mathieu-Daudé wrote:
>> Add a job to cross-build QEMU with WHPX enabled.
>>
>> Use the Win10SDK headers from the Android Project, as commented
>> in https://lists.gnu.org/archive/html/qemu-devel/2019-09/msg03842.html
>>
>> Based
On 9/19/19 1:18 PM, Stefan Weil wrote:
> Am 19.09.2019 um 12:59 schrieb Philippe Mathieu-Daudé:
>> Add a job to cross-build QEMU with WHPX enabled.
>>
>> Use the Win10SDK headers from the Android Project, as commented
>> in https://lists.gnu.org/archive/html/qemu-devel/2019-09/msg03842.html
>>
>> B
On 19/09/19 09:16, Tian, Kevin wrote:
>>> why GPA1 and GPA2 should be both dirty?
>>> even they have the same HVA due to overlaping virtual address space in
>>> two processes, they still correspond to two physical pages.
>>> don't get what's your meaning :)
>>
>> The point is not leave any corner c
Am 19.09.2019 um 11:05 hat Pavel Dovgalyuk geschrieben:
> > From: Kevin Wolf [mailto:kw...@redhat.com]
> > > >
> > > > However, global -snapshot is just a convenient shortcut for specifying
> > > > snapshot=on for all -drive arguments. So if -snapshot is incompatible
> > > > with replay, shouldn't
On 19/09/19 01:19, Oleinik, Alexander wrote:
> The names i2c_send and i2c_recv collide with functions defined in
> hw/i2c/core.c. This causes an error when linking against libqos and
> softmmu simultaneously (for example when using qtest inproc). Rename the
> libqos functions to avoid this.
I'd pr
Philippe Mathieu-Daudé writes:
> Signed-off-by: Philippe Mathieu-Daudé
> ---
> tests/docker/Makefile.include | 1 +
> .../dockerfiles/fedora-win10sdk-cross.docker | 21 +++
> 2 files changed, 22 insertions(+)
> create mode 100644 tests/docker/dockerfiles/fed
Le 19/09/2019 à 13:01, Gerd Hoffmann a écrit :
> On Thu, Sep 19, 2019 at 12:16:43PM +0200, Laurent Vivier wrote:
>> Le 19/09/2019 à 10:37, Gerd Hoffmann a écrit :
>>> On Mon, Sep 16, 2019 at 10:15:15AM +0200, Laurent Vivier wrote:
Le 14/09/2019 à 16:51, James Le Cuirot a écrit :
> This dep
gitlab/tags/m68k-pull-2019-09-07' into staging (2019-09-09
> > 09:48:34 +0100)
> >
> > are available in the Git repository at:
> >
> > git://git.kraxel.org/qemu tags/ui-20190919-pull-request
> >
> > for you to fetch changes up to 6bf21f3d83e95bcc4ba
On 9/19/19 1:28 PM, Alex Bennée wrote:
>
> Philippe Mathieu-Daudé writes:
>
>> Signed-off-by: Philippe Mathieu-Daudé
>> ---
>> tests/docker/Makefile.include | 1 +
>> .../dockerfiles/fedora-win10sdk-cross.docker | 21 +++
>> 2 files changed, 22 insertions(+)
>
Am 16.09.2019 um 13:24 hat Sergio Lopez geschrieben:
> virtio_notify_config() needs to acquire the global mutex, which isn't
> allowed from an iothread, and may lead to a deadlock like this:
>
> - main thead
> * Has acquired: qemu_global_mutex.
> * Is trying the acquire: iothread AioContext l
On 9/19/19 1:41 PM, Daniel P. Berrangé wrote:
> On Thu, Sep 19, 2019 at 01:18:57PM +0200, Stefan Weil wrote:
>> Am 19.09.2019 um 12:59 schrieb Philippe Mathieu-Daudé:
>>> Add a job to cross-build QEMU with WHPX enabled.
>>>
>>> Use the Win10SDK headers from the Android Project, as commented
>>> in
Hi Peter,
On 9/16/19 5:23 AM, Peter Xu wrote:
> On Fri, Sep 13, 2019 at 10:36:10AM +0200, Eric Auger wrote:
>> Currently, when a notifier is attempted to be registered and its
>> flags are not supported (especially the MAP one) by the IOMMU MR,
>> we generally abruptly exit in the IOMMU code. The
On Thu, Sep 19, 2019 at 01:18:57PM +0200, Stefan Weil wrote:
> Am 19.09.2019 um 12:59 schrieb Philippe Mathieu-Daudé:
> > Add a job to cross-build QEMU with WHPX enabled.
> >
> > Use the Win10SDK headers from the Android Project, as commented
> > in https://lists.gnu.org/archive/html/qemu-devel/201
On Thu, 19 Sep 2019 at 02:25, Eric Blake wrote:
>
> On 9/13/19 10:49 AM, Peter Maydell wrote:
> > The qemu-ga documentation is currently in qemu-ga.texi in
> > Texinfo format, which we present to the user as:
> > * a qemu-ga manpage
> > * a section of the main qemu-doc HTML documentation
> >
> >
On 19.09.19 12:03, Vladimir Sementsov-Ogievskiy wrote:
> 19.09.2019 12:33, Max Reitz wrote:
>> On 19.09.19 11:14, Vladimir Sementsov-Ogievskiy wrote:
>>> 19.09.2019 11:59, Max Reitz wrote:
On 18.09.19 15:02, Vladimir Sementsov-Ogievskiy wrote:
> Hi all!
>
> Here is a proposal (thre
On Thu, Sep 19, 2019 at 10:21:44AM +, Vladimir Sementsov-Ogievskiy wrote:
> 19.09.2019 13:09, Daniel P. Berrangé wrote:
> > On Thu, Sep 19, 2019 at 11:17:20AM +0200, Kevin Wolf wrote:
> >> Am 18.09.2019 um 19:10 hat Eric Blake geschrieben:
> >>> On 9/18/19 8:02 AM, Vladimir Sementsov-Ogievskiy
19.09.2019 12:17, Kevin Wolf wrote:
> Am 18.09.2019 um 19:10 hat Eric Blake geschrieben:
>> On 9/18/19 8:02 AM, Vladimir Sementsov-Ogievskiy wrote:
>>> + */
>>> +#define MAKE_ERRP_SAFE(errp) \
>>> +g_auto(ErrorPropagationStruct) (__auto_errp_prop) = {.errp = (errp)}; \
>>> +if ((errp) == NULL || *(
> From: Kevin Wolf [mailto:kw...@redhat.com]
> Am 19.09.2019 um 11:05 hat Pavel Dovgalyuk geschrieben:
> > > From: Kevin Wolf [mailto:kw...@redhat.com]
> > > > >
> > > > > However, global -snapshot is just a convenient shortcut for specifying
> > > > > snapshot=on for all -drive arguments. So if -s
On 2019/9/19 下午6:16, Yan Zhao wrote:
On Thu, Sep 19, 2019 at 06:06:52PM +0800, Jason Wang wrote:
On 2019/9/19 下午2:29, Yan Zhao wrote:
On Thu, Sep 19, 2019 at 02:32:03PM +0800, Jason Wang wrote:
On 2019/9/19 下午2:17, Yan Zhao wrote:
On Thu, Sep 19, 2019 at 02:09:53PM +0800, Jason Wang wrote:
This series allows the memory_region_register_iommu_notifier()
to fail. As of now, when a MAP notifier is attempted to be
registered along with SMMUv3, Intel iommu without caching mode
or AMD IOMMU, we exit in the IOMMU MR notify_flag_changed()
callback. In case of VFIO assigned device hotplug, thi
Currently, when a notifier is attempted to be registered and its
flags are not supported (especially the MAP one) by the IOMMU MR,
we generally abruptly exit in the IOMMU code. The failure could be
handled more nicely in the caller and especially in the VFIO code.
So let's allow memory_region_regi
memory_region_register_iommu_notifier now returns an error
in case of failure. Assert in such a case.
Signed-off-by: Eric Auger
---
v1 -> v2:
- assert(!ret)
---
hw/virtio/vhost.c | 5 +++--
1 file changed, 3 insertions(+), 2 deletions(-)
diff --git a/hw/virtio/vhost.c b/hw/virtio/vhost.c
inde
Now memory_region_register_iommu_notifier() is allowed to fail,
let's handle the returned value in vfio_listener_region_add().
This will allow to remove the error handling (exit) in the
IOMMUs that implement a notify_flag_changed() that sometimes
cannot accept the MAP flag.
Signed-off-by: Eric Au
memory_region_register_iommu_notifier now returns an error
in case of failure. Assert in such a case.
Signed-off-by: Eric Auger
---
v1 -> v2:
- add assert(!ret)
---
exec.c | 6 --
1 file changed, 4 insertions(+), 2 deletions(-)
diff --git a/exec.c b/exec.c
index 8b998974f8..5be8db6253 100
Patchew URL:
https://patchew.org/QEMU/20190918180251.32003-1-richard.hender...@linaro.org/
Hi,
This series failed the asan build test. Please find the testing commands and
their output below. If you have Docker installed, you can probably reproduce it
locally.
=== TEST SCRIPT BEGIN ===
#!/bin
In case a MAP notifier is attempted to be registered,
let's simply return an error. This latter now is
handled in the VFIO code.
Signed-off-by: Eric Auger
---
hw/i386/amd_iommu.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/hw/i386/amd_iommu.c b/hw/i386/amd_iommu.c
index 1
Patchew URL:
https://patchew.org/QEMU/20190918180251.32003-1-richard.hender...@linaro.org/
Hi,
This series failed the docker-mingw@fedora build test. Please find the testing
commands and
their output below. If you have Docker installed, you can probably reproduce it
locally.
=== TEST SCRIPT
On Wed, 18 Sep 2019 at 16:27, Palmer Dabbelt wrote:
>
> The following changes since commit f8c3db33a5e863291182f8862ddf81618a7c6194:
>
> target/sparc: Switch to do_transaction_failed() hook (2019-09-17 12:01:00
> +0100)
>
> are available in the Git repository at:
>
> git://github.com/palmer-d
On Wed, Sep 18, 2019 at 11:19:43PM +, Oleinik, Alexander wrote:
> +void set_fuzz_target_args(int argc, char **argv)
> +{
> +if (fuzz_target) {
> +fuzz_target->main_argc = argc;
> +fuzz_target->main_argv = argv;
> +}
> +}
Why calls this and why?
> +
> +void reboot(QTest
On 19/09/19 14:39, Jason Wang wrote:
>> In general, userspace cannot assume that it's okay to sync just through
>> GPA1. It must sync the host page if *either* GPA1 or GPA2 are marked
>> dirty.
>
> Maybe we need document this somewhere.
Well, it's implicit but it should be kind of obvious. The
From: Thomas Huth
Since commit 339686a358b11a231aa5b6d1424e7a1460d7f277 ("pc-bios/s390-ccw:
zero out bss section"), we are clearing now the BSS in start.S, so there
is no need to pre-initialize the loadparm_str array with zeroes anymore.
Reviewed-by: Cornelia Huck
Signed-off-by: Thomas Huth
--
From: Yifan Luo
There is a possible memory leak in get_uuid(). Should free allocated mem
before
return NULL.
Signed-off-by: Yifan Luo
Message-Id: <02cf01d55267$86cf2850$946d78f0$@cmss.chinamobile.com>
Reviewed-by: Thomas Huth
Reviewed-by: Cornelia Huck
Signed-off-by: Thomas Huth
---
pc-bios
From: Thomas Huth
The new image now contains the "pc-bios/s390-ccw/net: fix a possible
memory leak in get_uuid()" patch.
Signed-off-by: Thomas Huth
---
pc-bios/s390-netboot.img | Bin 67232 -> 67232 bytes
1 file changed, 0 insertions(+), 0 deletions(-)
diff --git a/pc-bios/s390-netboot.img b/
From: David Hildenbrand
Let's add the simple test based on the example from the PoP.
Reviewed-by: Richard Henderson
Reviewed-by: Alex Bennée
Signed-off-by: David Hildenbrand
---
tests/tcg/s390x/Makefile.target | 1 +
tests/tcg/s390x/mvo.c | 25 +
2 files ch
From: Christian Borntraeger
We now know that gen15a is called z15.
Signed-off-by: Christian Borntraeger
Message-Id: <20190918144214.229936-1-borntrae...@de.ibm.com>
Reviewed-by: David Hildenbrand
Signed-off-by: Cornelia Huck
---
target/s390x/cpu_models.c | 2 +-
1 file changed, 1 insertion(+
From: David Hildenbrand
Each operand can have a maximum length of 16. Make sure to prepare all
reads/writes before writing.
Reviewed-by: Richard Henderson
Signed-off-by: David Hildenbrand
---
target/s390x/mem_helper.c | 27 +++
1 file changed, 15 insertions(+), 12 dele
From: Thomas Huth
Since QEMU v2.10, the KVM acceleration does not work on older kernels
anymore since the code accidentally requires the KVM_CAP_DEVICE_CTRL
capability now - it should have been optional instead.
Instead of fixing the bug, we asked in the ChangeLog of QEMU 2.11 - 3.0
that people s
From: David Hildenbrand
We can process a maximum of 256 bytes, crossing two pages.
Reviewed-by: Richard Henderson
Signed-off-by: David Hildenbrand
---
target/s390x/mem_helper.c | 17 +
1 file changed, 13 insertions(+), 4 deletions(-)
diff --git a/target/s390x/mem_helper.c b/t
From: David Hildenbrand
Access at most single pages and document why. Using the access helpers
might over-indicate watchpoints within the same page, I guess we can
live with that.
Reviewed-by: Richard Henderson
Signed-off-by: David Hildenbrand
---
target/s390x/mem_helper.c | 24 ++
From: David Hildenbrand
We can process a maximum of 256 bytes, crossing two pages.
Reviewed-by: Richard Henderson
Signed-off-by: David Hildenbrand
---
target/s390x/mem_helper.c | 17 +
1 file changed, 13 insertions(+), 4 deletions(-)
diff --git a/target/s390x/mem_helper.c b/t
From: David Hildenbrand
We can process a maximum of 256 bytes, crossing two pages.
Reviewed-by: Richard Henderson
Signed-off-by: David Hildenbrand
---
target/s390x/mem_helper.c | 17 +
1 file changed, 13 insertions(+), 4 deletions(-)
diff --git a/target/s390x/mem_helper.c b/t
From: David Hildenbrand
We can process a maximum of 256 bytes, crossing two pages.
Reviewed-by: Richard Henderson
Signed-off-by: David Hildenbrand
---
target/s390x/mem_helper.c | 17 +
1 file changed, 13 insertions(+), 4 deletions(-)
diff --git a/target/s390x/mem_helper.c b/t
From: David Hildenbrand
The last remaining bit for MVC is handling destructive overlaps in a
fault-safe way.
Reviewed-by: Richard Henderson
Signed-off-by: David Hildenbrand
---
target/s390x/mem_helper.c | 5 +++--
1 file changed, 3 insertions(+), 2 deletions(-)
diff --git a/target/s390x/mem_
From: David Hildenbrand
Replace fast_memmove() variants by access_memmove() variants, that
first try to probe access to all affected pages (maximum is two pages).
Introduce access_get_byte()/access_set_byte(). We might be able to speed
up memmove in special cases even further (do single-byte acc
From: David Hildenbrand
We can process a maximum of 256 bytes, crossing two pages. While at it,
increment the length once.
Reviewed-by: Richard Henderson
Signed-off-by: David Hildenbrand
---
target/s390x/mem_helper.c | 18 --
1 file changed, 12 insertions(+), 6 deletions(-)
d
From: David Hildenbrand
We can process a maximum of 256 bytes, crossing two pages. Calculate the
accessed range upfront - src is accessed right-to-left.
Reviewed-by: Richard Henderson
Signed-off-by: David Hildenbrand
---
target/s390x/mem_helper.c | 15 ---
1 file changed, 12 inser
From: David Hildenbrand
Let's stay within single pages.
... and indicate cc=3 in case there is work remaining. Keep unicode
padding simple.
While reworking, properly wrap the addresses.
Reviewed-by: Richard Henderson
Signed-off-by: David Hildenbrand
---
target/s390x/mem_helper.c | 54 ++
From: David Hildenbrand
As we are moving between address spaces, we can use access_memmove()
without checking for destructive overlaps (especially of real storage
locations):
"Each storage operand is processed left to right. The
storage-operand-consistency rules are the same as
for MO
From: David Hildenbrand
Bit position 32-55 of general register 0 must be zero.
Reviewed-by: Richard Henderson
Signed-off-by: David Hildenbrand
---
target/s390x/mem_helper.c | 3 +++
1 file changed, 3 insertions(+)
diff --git a/target/s390x/mem_helper.c b/target/s390x/mem_helper.c
index 41d73
From: David Hildenbrand
The last remaining bit is padding with two bytes.
Reviewed-by: Richard Henderson
Signed-off-by: David Hildenbrand
---
target/s390x/mem_helper.c | 8 +---
1 file changed, 5 insertions(+), 3 deletions(-)
diff --git a/target/s390x/mem_helper.c b/target/s390x/mem_help
From: David Hildenbrand
We have to mask of any unused bits. While at it, document what exactly is
missing.
Reviewed-by: Richard Henderson
Signed-off-by: David Hildenbrand
---
target/s390x/mem_helper.c | 11 +--
1 file changed, 9 insertions(+), 2 deletions(-)
diff --git a/target/s390x
From: David Hildenbrand
Replace fast_memset() by access_memset(), that first tries to probe
access to all affected pages (maximum is two). We'll use the same
mechanism for other types of accesses soon.
Only in very rare cases (especially TLB_NOTDIRTY), we'll have to
fallback to ld/st helpers. Tr
From: David Hildenbrand
Let's perform the documented checks.
Reviewed-by: Richard Henderson
Signed-off-by: David Hildenbrand
---
target/s390x/mem_helper.c | 12
1 file changed, 12 insertions(+)
diff --git a/target/s390x/mem_helper.c b/target/s390x/mem_helper.c
index 86238e0163c8
From: David Hildenbrand
Let's increment the length once.
While at it, cleanup the comment. The memset() example is given as a
programming note in the PoP, so drop the description.
Reviewed-by: Richard Henderson
Signed-off-by: David Hildenbrand
---
target/s390x/mem_helper.c | 20 -
From: David Hildenbrand
Triggered by a review comment from Richard, also MVCOS has a 32-bit
length in 24/31-bit addressing mode. Add a new helper.
Rename wrap_length() to wrap_length31().
Reviewed-by: Richard Henderson
Signed-off-by: David Hildenbrand
---
target/s390x/mem_helper.c | 14 +
From: David Hildenbrand
Although we basically ignore the index all the time for CONFIG_USER_ONLY,
let's simply skip all the checks and always return MMU_USER_IDX in
cpu_mmu_index() and get_mem_index().
Reviewed-by: Richard Henderson
Signed-off-by: David Hildenbrand
---
target/s390x/cpu.h
From: David Hildenbrand
Perform the checks documented in the PoP.
Reviewed-by: Richard Henderson
Signed-off-by: David Hildenbrand
---
target/s390x/mem_helper.c | 7 +++
1 file changed, 7 insertions(+)
diff --git a/target/s390x/mem_helper.c b/target/s390x/mem_helper.c
index c31cf4959358..
From: David Hildenbrand
We have to zero out unused bits in 24 and 31-bit addressing mode.
Provide a new helper.
Reviewed-by: Richard Henderson
Signed-off-by: David Hildenbrand
---
target/s390x/mem_helper.c | 23 +--
1 file changed, 21 insertions(+), 2 deletions(-)
diff --
From: David Hildenbrand
Let's use the new helper, that also detects destructive overlaps when
wrapping.
We'll make the remaining code (e.g., fast_memmove()) aware of wrapping
later.
Reviewed-by: Richard Henderson
Signed-off-by: David Hildenbrand
---
target/s390x/mem_helper.c | 2 +-
1 file c
From: David Hildenbrand
24 and 31-bit address space handling is wrong when it comes to storing
back the addresses to the register.
While at it, read gprs 0 implicitly.
Reviewed-by: Richard Henderson
Signed-off-by: David Hildenbrand
---
target/s390x/helper.h | 2 +-
target/s390x/insn-da
From: David Hildenbrand
We use the marker "-1" for "no exception". s390_cpu_do_interrupt() might
get confused by that.
Reviewed-by: Richard Henderson
Signed-off-by: David Hildenbrand
---
target/s390x/mem_helper.c | 6 +++---
1 file changed, 3 insertions(+), 3 deletions(-)
diff --git a/target
On 2019/9/19 下午7:14, Paolo Bonzini wrote:
On 19/09/19 09:16, Tian, Kevin wrote:
why GPA1 and GPA2 should be both dirty?
even they have the same HVA due to overlaping virtual address space in
two processes, they still correspond to two physical pages.
don't get what's your meaning :)
The point
From: David Hildenbrand
... and don't perform any move in case the length is zero.
Reviewed-by: Richard Henderson
Signed-off-by: David Hildenbrand
---
target/s390x/mem_helper.c | 6 ++
1 file changed, 6 insertions(+)
diff --git a/target/s390x/mem_helper.c b/target/s390x/mem_helper.c
inde
The following changes since commit f8c3db33a5e863291182f8862ddf81618a7c6194:
target/sparc: Switch to do_transaction_failed() hook (2019-09-17 12:01:00
+0100)
are available in the Git repository at:
https://github.com/cohuck/qemu tags/s390x-20190919
for you to fetch changes up to
From: David Hildenbrand
We'll have to zero-out unused bit positions, so make sure to write the
addresses back.
Reviewed-by: Richard Henderson
Signed-off-by: David Hildenbrand
---
target/s390x/mem_helper.c | 19 ++-
1 file changed, 18 insertions(+), 1 deletion(-)
diff --git a/
On Wed, Sep 18, 2019 at 11:19:44PM +, Oleinik, Alexander wrote:
> diff --git a/exec.c b/exec.c
> index 235d6bc883..d3838f4ea4 100644
> --- a/exec.c
> +++ b/exec.c
> @@ -2295,7 +2295,9 @@ static void ram_block_add(RAMBlock *new_block, Error
> **errp, bool shared)
> qemu_ram_setup_dump(
On Wed, Sep 18, 2019 at 11:19:47PM +, Oleinik, Alexander wrote:
> +static void i440fx_fuzz_qtest(QTestState *s,
> +const unsigned char *Data, size_t Size) {
> +
> +typedef struct QTestFuzzAction {
> +uint8_t id;
> +uint8_t addr;
> +uint32_t value;
> +} QT
From: David Hildenbrand
Process max 4k bytes at a time, writing back registers between the
accesses. The instruction is interruptible.
"For operands longer than 2K bytes, access exceptions are not
recognized for locations more than 2K bytes beyond the current location
being processed.
On Wed, Sep 18, 2019 at 11:19:27PM +, Oleinik, Alexander wrote:
> This series adds a framework for coverage-guided fuzzing of
> virtual-devices. Fuzzing targets are based on qtest and can make use of
> the libqos abstractions.
>
> Build instructions in docs/devel/fuzzing.txt
>
> V3:
> * Reba
Jekyll failed to run with sassc 2.2.0 due to a LoadError, so the
Gemfile was requiring an earlier version (2.1.0 in practice).
Since the bug has been fixed, remove the workaround and instead
require a fixed version.
Signed-off-by: Paolo Bonzini
---
Gemfile | 2 +-
1 file changed, 1 insertion(+),
On Thu, 2019-09-19 at 11:03 +0100, Stefan Hajnoczi wrote:
> On Wed, Sep 18, 2019 at 11:19:28PM +, Oleinik, Alexander wrote:
> > #ifdef CONFIG_COCOA
> > #undef main
>
> This looks suspicious. Should the #ifdef CONFIG_COCOA be moved into
> main.c?
> The return value is confusing. 0 = succes
On Thu, 2019-09-19 at 11:42 +0100, Stefan Hajnoczi wrote:
> On Wed, Sep 18, 2019 at 11:19:41PM +, Oleinik, Alexander wrote:
> > @@ -830,6 +832,9 @@ char *qtest_hmp(QTestState *s, const char *fmt,
> > ...)
> >
> > const char *qtest_get_arch(void)
>
> Maybe this should be per QTestState just
Am 19.09.2019 um 14:10 hat Pavel Dovgalyuk geschrieben:
> > From: Kevin Wolf [mailto:kw...@redhat.com]
> > Am 19.09.2019 um 11:05 hat Pavel Dovgalyuk geschrieben:
> > > > From: Kevin Wolf [mailto:kw...@redhat.com]
> > > > > >
> > > > > > However, global -snapshot is just a convenient shortcut for
Am 19.09.2019 um 14:00 hat Vladimir Sementsov-Ogievskiy geschrieben:
> 19.09.2019 12:17, Kevin Wolf wrote:
> > Am 18.09.2019 um 19:10 hat Eric Blake geschrieben:
> >> On 9/18/19 8:02 AM, Vladimir Sementsov-Ogievskiy wrote:
> >>> + */
> >>> +#define MAKE_ERRP_SAFE(errp) \
> >>> +g_auto(ErrorPropagat
On Fri, 6 Sep 2019 at 09:33, Xiang Zheng wrote:
>
> From: Dongjiu Geng
>
> Add APEI/GHES detailed design document
>
> Signed-off-by: Dongjiu Geng
> Signed-off-by: Xiang Zheng
> ---
> docs/specs/acpi_hest_ghes.txt | 88 +++
> 1 file changed, 88 insertions(+)
> c
On Thu, Sep 19, 2019 at 01:54:40PM +0200, Philippe Mathieu-Daudé wrote:
> On 9/19/19 1:41 PM, Daniel P. Berrangé wrote:
> > On Thu, Sep 19, 2019 at 01:18:57PM +0200, Stefan Weil wrote:
> >> Am 19.09.2019 um 12:59 schrieb Philippe Mathieu-Daudé:
> >>> Add a job to cross-build QEMU with WHPX enabled.
On Thu, 2019-09-19 at 11:28 +0100, Stefan Hajnoczi wrote:
> Is -fsanitize=fuzzer a clang-only option? If yes, then please ensure
> that there is a friendly error message when ./configure is run with
> gcc.
> You could probe if -fsanitize=fuzzer works and then check that
> fuzzing=no when this feat
On Thu, 2019-09-19 at 13:18 +0200, Paolo Bonzini wrote:
> I think you can pass "s" to the tx handler as well, and remove the
> send_opaque and recv_opaque fields?
Qtest also uses this function to communicate over qmp (different fd).
I can probably make the tx handler a wrapper which accepts "s",
101 - 200 of 459 matches
Mail list logo