Re: [Qemu-devel] [QGA] Bug of qga?

I could repeat this several times, I think it's mis-order of qmp in qga socket. 2017-08-25 11:09 GMT+08:00 Sam : > Also I found: > > when I use `socat` to take a qga socket, then I use `socat` to communicate > it will got error. > But also SOMETIMES, I will not got error

[Qemu-devel] [PATCH v4] vl: exit if maxcpus is negative

---Steps to Reproduce--- When passed a negative number to 'maxcpus' parameter, Qemu aborts with a core dump. Run the following command with maxcpus argument as negative number ppc64-softmmu/qemu-system-ppc64 --nographic -vga none -machine pseries,accel=kvm,kvm-type=HV -m size=200g -device

Re: [Qemu-devel] [RFC v2 04/32] qemu_ram_block_host_offset

On Thu, Aug 24, 2017 at 08:27:02PM +0100, Dr. David Alan Gilbert (git) wrote: > From: "Dr. David Alan Gilbert" > > Utility to give the offset of a host pointer within a RAMBlock > (assuming we already know it's in that RAMBlock) > > Signed-off-by: Dr. David Alan Gilbert

Re: [Qemu-devel] [Qemu devel v7 PATCH 1/5] msf2: Add Smartfusion2 System timer

Hi Alistair, On Tue, Aug 29, 2017 at 3:23 AM, Alistair Francis wrote: > On Mon, Aug 28, 2017 at 9:37 AM, Subbaraya Sundeep > wrote: > > Modelled System Timer in Microsemi's Smartfusion2 Soc. > > Timer has two 32bit down counters and two interrupts.

Re: [Qemu-devel] [PATCH V4 0/3] Optimize COLO-compare performance

Hi~ Jason. Have any comments for this series? Thanks Zhang Chen On 08/21/2017 04:55 PM, Zhang Chen wrote: In this serise, we do a lot of job to optimize COLO net performance. Mainly focus on TCP protocol. V4: - Remove the old patch1. V3: - Rebase on upstream. - Remove origin p2. -

Re: [Qemu-devel] [RFC v2 03/32] migrate: Update ram_block_discard_range for shared

On Thu, Aug 24, 2017 at 08:27:01PM +0100, Dr. David Alan Gilbert (git) wrote: > From: "Dr. David Alan Gilbert" > > The choice of call to discard a block is getting more complicated > for other cases. We use fallocate PUNCH_HOLE in any file cases; > it works for both

Re: [Qemu-devel] [PATCH] MAINTAINERS: Update mail address for COLO Proxy

Hi~ No news for long time. Ping... Thanks Zhang Chen On 08/23/2017 04:51 PM, Zhang Chen wrote: My Fujitsu mail account will be disabled soon, update the mail info to my private mail. Signed-off-by: Zhang Chen --- MAINTAINERS | 2 +- 1 file changed, 1

Re: [Qemu-devel] [PATCH 4/4] s390x/pci: add iommu replay callback

在 2017/8/28 下午11:57, Cornelia Huck 写道: On Mon, 28 Aug 2017 10:04:47 +0200 Yi Min Zhao wrote: Let's introduce iommu replay callback for s390 pci iommu memory region. Currently we don't need any dma mapping replay. So let it return directly. This implementation will

[Qemu-devel] [Bug 1713434] Re: prom-env-test test aborted and core dumped

Weird. I managed to run the test on a POWER9 box today, too, and it works for me: TEST: tests/prom-env-test... (pid=18912) /ppc64/prom-env/mac99: OK /ppc64/prom-env/g3beige: OK /ppc64/prom-env/pseries:

Re: [Qemu-devel] [PATCH 3/4] s390x/pci: fixup ind_offset of msix routing entry

在 2017/8/28 下午11:33, Cornelia Huck 写道: On Mon, 28 Aug 2017 10:04:46 +0200 Yi Min Zhao wrote: The aibvo of zpci device should be constant after issued mpcifc registering irqs instruction. Each msix vector should offset from the aibvo. But for flic adapter

Re: [Qemu-devel] [PATCH 2/4] s390x/pci: remove idx from msix msg data

在 2017/8/28 下午11:04, Cornelia Huck 写道: On Mon, 28 Aug 2017 10:04:45 +0200 Yi Min Zhao wrote: PCIDevcie pointer has been a parameter of kvm_arch_fixup_msi_route(). s/PCIDevcie/PCIDevice Thanks! So we don't need to store zpci idx in msix message data to find

Re: [Qemu-devel] [PATCH 1/4] s390x/pci: fixup trap_msix()

在 2017/8/28 下午10:51, Cornelia Huck 写道: On Mon, 28 Aug 2017 10:04:44 +0200 Yi Min Zhao wrote: The function trap_msix() is to check if pcistg instruction would access msix table entries. The correct boundary condition should be [table_offset,

[Qemu-devel] [Bug 1713434] Re: prom-env-test test aborted and core dumped

TEST: tests/prom-env-test... (pid=9915) /ppc64/prom-env/mac99: OK /ppc64/prom-env/g3beige: OK /ppc64/prom-env/pseries: **

Re: [Qemu-devel] [PATCH 4/5] pci: Add INTERFACE_LEGACY_PCI_DEVICE to legacy PCI devices

On Mon, Aug 28, 2017 at 06:58:37PM -0400, John Snow wrote: > > > On 08/25/2017 03:39 PM, Eduardo Habkost wrote: > > CCing maintainers of affected devices (sorry for not CCing you > > before). > > > > On Wed, Aug 23, 2017 at 07:14:44PM -0300, Eduardo Habkost wrote: > >> Add

Re: [Qemu-devel] [PATCH] spapr: Add ibm, processor-storage-keys property to CPU DT node

On Mon, Aug 28, 2017 at 10:50:11AM -0700, Ram Pai wrote: > On Fri, Aug 25, 2017 at 02:23:13PM +1000, David Gibson wrote: > > On Thu, Aug 24, 2017 at 11:11:22AM -0700, Ram Pai wrote: > > > On Thu, Aug 24, 2017 at 12:54:48PM +1000, Paul Mackerras wrote: > > > > On Mon, Aug 21, 2017 at 05:00:36PM

Re: [Qemu-devel] [PATCH v15 4/5] mm: support reporting free page blocks

On 08/28/2017 09:33 PM, Michal Hocko wrote: On Mon 28-08-17 18:08:32, Wei Wang wrote: This patch adds support to walk through the free page blocks in the system and report them via a callback function. Some page blocks may leave the free list after zone->lock is released, so it is the caller's

Re: [Qemu-devel] [PATCH v15 3/5] virtio-balloon: VIRTIO_BALLOON_F_SG

On 08/29/2017 02:03 AM, Michael S. Tsirkin wrote: On Mon, Aug 28, 2017 at 06:08:31PM +0800, Wei Wang wrote: Add a new feature, VIRTIO_BALLOON_F_SG, which enables the transfer of balloon (i.e. inflated/deflated) pages using scatter-gather lists to the host. The implementation of the previous

Re: [Qemu-devel] reduce write bandwidth of qcow2 driver while allocating new cluster

On Mon, Aug 28, 2017 at 05:40:48PM -0400, John Snow wrote: > > > On 08/28/2017 01:56 AM, Liu Qing wrote: > > Dear list, > > Recently I used fio to test qcow2 driver in the guest os, and found out > > that when a new cluster is allocated the 4K IO will occupy 64K(default > > cluster > >

Re: [Qemu-devel] reduce write bandwidth of qcow2 driver while allocating new cluster

On Mon, Aug 28, 2017 at 10:46:34AM -0500, Eric Blake wrote: > [adding qemu-block] > > On 08/28/2017 12:56 AM, Liu Qing wrote: > > Dear list, > > Recently I used fio to test qcow2 driver in the guest os, and found out > > that when a new cluster is allocated the 4K IO will occupy 64K(default

Re: [Qemu-devel] [PATCH 00/79] Patch Round-up for stable 2.9.1, freeze on 2017-09-04

On 29.08.2017 02:13, Michael Roth wrote: > Hi everyone, > > The following new patches are queued for QEMU stable v2.9.1: > > https://github.com/mdroth/qemu/commits/stable-2.9-staging > > The release is planned for 2017-09-07: > > http://wiki.qemu.org/Planning/2.9 > > Please respond here

Re: [Qemu-devel] [PATCH] spapr: Add ibm, processor-storage-keys property to CPU DT node

On Mon, Aug 28, 2017 at 10:53:56AM -0700, Ram Pai wrote: > On Thu, Aug 24, 2017 at 12:54:48PM +1000, Paul Mackerras wrote: > > > > We could either have two u16 fields for the number of keys for data > > and instruction, or we could have a u32 field for the number of keys > > and a separate bit in

Re: [Qemu-devel] [PATCH 00/79] Patch Round-up for stable 2.9.1, freeze on 2017-09-04

Quoting Michael Roth (2017-08-28 19:13:35) > Hi everyone, > > The following new patches are queued for QEMU stable v2.9.1: > > >

Re: [Qemu-devel] [PATCH 7/9] AHCI: Rework IRQ constants

On 08/25/2017 10:00 AM, Philippe Mathieu-Daudé wrote: > Hi John, > > On 08/08/2017 03:33 PM, John Snow wrote: >> Create a new enum so that we can name the IRQ bits, which will make >> debugging >> them a little nicer if we can print them out. Not handled in this >> patch, but >> this will make

Re: [Qemu-devel] [PATCH] tests: fix incorrect size_t format in benchmark-crypto

On 2017/8/28 19:37, Philippe Mathieu-Daudé wrote: > $ make check-speed > tests/benchmark-crypto-hash.c: In function 'test_hash_speed': > tests/benchmark-crypto-hash.c:44:5: error: format '%ld' expects argument of > type 'long int', but argument 2 has type 'size_t' [-Werror=format=] >

Re: [Qemu-devel] [PATCH 5/9] IDE: replace DEBUG_AIO with trace events

On 08/25/2017 09:46 AM, Philippe Mathieu-Daudé wrote: > Hi John, > > On 08/08/2017 03:33 PM, John Snow wrote: >> Signed-off-by: John Snow >> --- >> hw/ide/atapi.c| 5 + >> hw/ide/core.c | 17 ++--- >> hw/ide/trace-events | 3

[Qemu-devel] [PATCH 07/79] iotests/051: Add test for empty filename

From: Max Reitz Signed-off-by: Max Reitz Reviewed-by: Eric Blake Reviewed-by: Fam Zheng Signed-off-by: Kevin Wolf (cherry picked from commit 42dc10f17a7f1754d419e715114c37f5c5fde12f) Signed-off-by:

Re: [Qemu-devel] [PATCH] tests: fix incorrect size_t format in benchmark-crypto

On 2017/8/29 8:21, Longpeng (Mike) wrote: > > > On 2017/8/28 19:37, Philippe Mathieu-Daudé wrote: > >> $ make check-speed >> tests/benchmark-crypto-hash.c: In function 'test_hash_speed': >> tests/benchmark-crypto-hash.c:44:5: error: format '%ld' expects argument >> of type 'long int',

Re: [Qemu-devel] Persistent bitmaps for non-qcow2 formats

On 08/25/2017 09:44 AM, Max Reitz wrote: > On 2017-08-25 02:55, John Snow wrote: >> Sorry in advance for :words: ... >> >> On 08/23/2017 02:04 PM, Vladimir Sementsov-Ogievskiy wrote: >>> 23.08.2017 11:59, Vladimir Sementsov-Ogievskiy wrote: 22.08.2017 22:07, John Snow wrote: [snip]

[Qemu-devel] [PATCH 77/79] hw/i386: allow SHPC for Q35 machine

From: Aleksandr Bezzubikov Unmask previously masked SHPC feature in _OSC method. Signed-off-by: Aleksandr Bezzubikov Reviewed-by: Marcel Apfelbaum Reviewed-by: Michael S. Tsirkin Signed-off-by: Michael S. Tsirkin

[Qemu-devel] [PATCH 78/79] block/nfs: fix mutex assertion in nfs_file_close()

From: Jeff Cody Commit c096358e747e88fc7364e40e3c354ee0bb683960 introduced assertion checks for when qemu_mutex() functions are called without the corresponding qemu_mutex_init() having initialized the mutex. This uncovered a latent bug in qemu's nfs driver - in

[Qemu-devel] [PATCH 08/79] migration: setup bi-directional I/O channel for exec: protocol

From: "Daniel P. Berrange" Historically the migration data channel has only needed to be unidirectional. Thus the 'exec:' protocol was requesting an I/O channel with O_RDONLY on incoming side, and O_WRONLY on the outgoing side. This is fine for classic migration, but if you

[Qemu-devel] [PATCH 75/79] block: Skip implicit nodes in query-block/blockstats

From: Kevin Wolf Commits 0db832f and 6cdbceb introduced the automatic insertion of filter nodes above the top layer of mirror and commit block jobs. The assumption made there was that since libvirt doesn't do node-level management of the block layer yet, it shouldn't be

Re: [Qemu-devel] [PATCH 9/9] AHCI: remove DPRINTF macro

On 08/25/2017 09:48 AM, Philippe Mathieu-Daudé wrote: > On 08/08/2017 03:33 PM, John Snow wrote: >> Signed-off-by: John Snow > > Reviewed-by: Philippe Mathieu-Daudé > :) I'll wait on V2 to hear back. Thank you for your feedback so far.

[Qemu-devel] [PATCH 76/79] cpu: don't allow negative core id

From: Laurent Vivier With pseries machine type a negative core-id is not managed properly: -1 gives an inaccurate error message ("core -1 already populated"), -2 crashes QEMU (core dump) As it seems a negative value is invalid for any architecture, instead of checking this

[Qemu-devel] [PATCH 74/79] qemu-iotests: Test automatic commit job cancel on hot unplug

From: Kevin Wolf Signed-off-by: Kevin Wolf Reviewed-by: John Snow (cherry picked from commit c3971b883a596abc6af45f53d2f43fb2f59ccd3b) *prereq for d3c8c674 Signed-off-by: Michael Roth --- tests/qemu-iotests/040

[Qemu-devel] [PATCH 06/79] block: An empty filename counts as no filename

From: Max Reitz Reproducer: $ ./qemu-img info '' qemu-img: ./block.c:1008: bdrv_open_driver: Assertion `!drv->bdrv_needs_filename || bs->filename[0]' failed. [1]26105 abort (core dumped) ./qemu-img info '' This patch fixes this to be: $ ./qemu-img

[Qemu-devel] [PATCH 79/79] 9pfs: local: fix fchmodat_nofollow() limitations

From: Greg Kurz This function has to ensure it doesn't follow a symlink that could be used to escape the virtfs directory. This could be easily achieved if fchmodat() on linux honored the AT_SYMLINK_NOFOLLOW flag as described in POSIX, but it doesn't. There was a tentative to

[Qemu-devel] [PATCH 71/79] virtio-net: fix offload ctrl endian

From: Jason Wang Spec said offloads should be le64, so use virtio_ldq_p() to guarantee valid endian. Fixes: 644c98587d4c ("virtio-net: dynamic network offloads configuration") Cc: qemu-sta...@nongnu.org Cc: Dmitry Fleytman Signed-off-by: Jason Wang

[Qemu-devel] [PATCH 72/79] input: limit kbd queue depth

From: Gerd Hoffmann Apply a limit to the number of items we accept into the keyboard queue. Impact: Without this limit vnc clients can exhaust host memory by sending keyboard events faster than qemu feeds them to the guest. Fixes: CVE-2017-8379 Cc: P J P

[Qemu-devel] [PATCH 62/79] blkverify: Catch bs->exact_filename overflow

From: Max Reitz The bs->exact_filename field may not be sufficient to store the full blkverify node filename. In this case, we should not generate a filename at all instead of an unusable one. Cc: qemu-sta...@nongnu.org Reported-by: Qu Wenruo

[Qemu-devel] [PATCH 73/79] input: Decrement queue count on kbd delay

From: Alexander Graf Delays in the input layer are special cased input events. Every input event is accounted for in a global intput queue count. The special cased delays however did not get removed from the queue, leading to queue overruns and thus silent key drops after typing

[Qemu-devel] [PATCH 70/79] spapr: fix memory leak in spapr_core_pre_plug()

From: Greg Kurz In case of error, we must ensure the dynamically allocated base_core_type is freed, like it is done everywhere else in this function. This is a regression introduced in QEMU 2.9 by commit 8149e2992f78. Signed-off-by: Greg Kurz Signed-off-by:

[Qemu-devel] [PATCH 68/79] virtio-scsi: finalize IOMMU support

From: Jason Wang After converting to use DMA api for virtio devices, we should use dma_as instead of address_space_memory. Otherwise it won't work if IOMMU is enabled. Fixes: commit 8607f5c3072c ("virtio: convert to use DMA api") Cc: qemu-sta...@nongnu.org Signed-off-by:

[Qemu-devel] [PATCH 69/79] commit: Add NULL check for overlay_bs

From: Kevin Wolf I can't see how overlay_bs could become NULL with the current code, but other code in this function already checks it and we can make Coverity happy with this check, so let's add it. Cc: qemu-sta...@nongnu.org Signed-off-by: Kevin Wolf

[Qemu-devel] [PATCH 65/79] 9pfs: local: remove: use correct path component

From: Bruce Rogers Commit a0e640a8 introduced a path processing error. Pass fstatat the dirpath based path component instead of the entire path. Signed-off-by: Bruce Rogers Signed-off-by: Greg Kurz (cherry picked from commit

[Qemu-devel] [PATCH 60/79] commit: Fix completion with extra reference

From: Kevin Wolf commit_complete() can't assume that after its block_job_completed() the job is actually immediately freed; someone else may still be holding references. In this case, the op blockers on the intermediate nodes make the graph reconfiguration in the completion

[Qemu-devel] [PATCH 61/79] blkdebug: Catch bs->exact_filename overflow

From: Max Reitz The bs->exact_filename field may not be sufficient to store the full blkdebug node filename. In this case, we should not generate a filename at all instead of an unusable one. Cc: qemu-sta...@nongnu.org Reported-by: Qu Wenruo

[Qemu-devel] [PATCH 64/79] block: Do not strcmp() with NULL uri->scheme

From: Max Reitz uri_parse(...)->scheme may be NULL. In fact, probably every field may be NULL, and the callers do test this for all of the other fields but not for scheme (except for block/gluster.c; block/vxhs.c does not access that field at all). We can easily fix this by

[Qemu-devel] [PATCH 66/79] hid: Reset kbd modifiers on reset

From: Alexander Graf When resetting the keyboard, we need to reset not just the pending keystrokes, but also any pending modifiers. Otherwise there's a race when we're getting reset while running an escape sequence (modifier 0x100). Cc: qemu-sta...@nongnu.org Signed-off-by:

[Qemu-devel] [PATCH 45/79] block: Guarantee that *file is set on bdrv_get_block_status()

From: Eric Blake We document that *file is valid if the return is not an error and includes BDRV_BLOCK_OFFSET_VALID, but forgot to obey this contract when a driver (such as blkdebug) lacks a callback. Messed up in commit 67a0fd2 (v2.6), when we added the file parameter.

[Qemu-devel] [PATCH 58/79] nbd: Fully initialize client in case of failed negotiation

From: Eric Blake If a non-NBD client connects to qemu-nbd, we would end up with a SIGSEGV in nbd_client_put() because we were trying to unregister the client's association to the export, even though we skipped inserting the client into that list. Easy trigger in two

[Qemu-devel] [PATCH 67/79] spapr: fix migration to pseries machine < 2.8

From: Laurent Vivier since commit 5c4537bd ("spapr: Fix 2.7<->2.8 migration of PCI host bridge"), some migration fields are forged from the new ones in spapr_pci_pre_save(). It works well, except when the number of MSI devices is 0, because in this case the function exits

[Qemu-devel] [PATCH 05/79] qemu-img/convert: Move bs_n > 1 && -B check down

From: Max Reitz It does not make much sense to use a backing image for the target when you concatenate multiple images (because then there is no correspondence between the source images' backing files and the target's); but it was still possible to give one by using -o

[Qemu-devel] [PATCH 40/79] blkdebug: Add pass-through write_zero and discard support

From: Eric Blake In order to test the effects of artificial geometry constraints on operations like write zero or discard, we first need blkdebug to manage these actions. It also allows us to inject errors on those operations, just like we can for read/write/flush. We can

[Qemu-devel] [PATCH 54/79] spapr: add pre_plug function for memory

From: Laurent Vivier This allows to manage errors before the memory has started to be hotplugged. We already have the function for the CPU cores. Signed-off-by: Laurent Vivier Reviewed-by: Greg Kurz [dwg: Fixed a couple of style nits]

[Qemu-devel] [PATCH 63/79] nbd: fix NBD over TLS

From: Paolo Bonzini When attaching the NBD QIOChannel to an AioContext, the TLS channel should be used, not the underlying socket channel. This is because, trivially, the TLS channel will be the one that we read/write to and thus the one that will get the

[Qemu-devel] [PATCH 56/79] target/xtensa: handle unknown registers in gdbstub

From: Max Filippov Xtensa cores may have registers of types/sizes not supported by the gdbstub accessors. Ignore writes to such registers and return zero on read, but always return correct register size, so that gdb on the other side is able to access all registers in the

[Qemu-devel] [PATCH 38/79] blkdebug: Sanity check block layer guarantees

From: Eric Blake Commits 04ed95f4 and 1a62d0ac updated the block layer to auto-fragment any I/O to fit within device boundaries. Additionally, when using a minimum alignment of 4k, we want to ensure the block layer does proper read-modify-write rather than requesting I/O on a

[Qemu-devel] [PATCH 51/79] pc: Use "min-[x]level" on compat_props

From: Eduardo Habkost Since the automatic cpuid-level code was introduced in commit c39c0edf9bb3b968ba95484465a50c7b19f4aa3a ("target-i386: Automatically set level/xlevel/xlevel2 when needed"), the CPU model tables just define the default CPUID level code (set using

[Qemu-devel] [PATCH 59/79] nbd: Fix regression on resiliency to port scan

From: Eric Blake Back in qemu 2.5, qemu-nbd was immune to port probes (a transient server would not quit, regardless of how many probe connections came and went, until a connection actually negotiated). But we broke that in commit ee7d7aa when removing the return value to

[Qemu-devel] [PATCH 55/79] spapr: fix memory leak in spapr_memory_pre_plug()

From: Greg Kurz The string returned by object_property_get_str() is dynamically allocated. (Spotted by Coverity, CID 1375942) Signed-off-by: Greg Kurz Signed-off-by: David Gibson (cherry picked from commit

[Qemu-devel] [PATCH 57/79] commit: Fix use after free in completion

From: Kevin Wolf The final bdrv_set_backing_hd() could be working on already freed nodes because the commit job drops its references (through BlockBackends) to both overlay_bs and top already a bit earlier. One way to trigger the bug is hot unplugging a disk for which

[Qemu-devel] [PATCH 36/79] s390x/css: catch section mismatch on load

From: Halil Pasic Prior to the virtio-ccw-2.7 machine (and commit 2a79eb1a), our virtio devices residing under the virtual-css bus do not have qdev_path based migration stream identifiers (because their qdev_path is NULL). The ids are instead generated when the device

[Qemu-devel] [PATCH 43/79] tests: Add coverage for recent block geometry fixes

From: Eric Blake Use blkdebug's new geometry constraints to emulate setups that have needed past regression fixes: write zeroes asserting when running through a loopback block device with max-transfer smaller than cluster size, and discard rounding away portions of requests

[Qemu-devel] [PATCH 53/79] target/ppc: fix memory leak in kvmppc_is_mem_backend_page_size_ok()

From: Greg Kurz The string returned by object_property_get_str() is dynamically allocated. Signed-off-by: Greg Kurz Reviewed-by: Thomas Huth Signed-off-by: David Gibson (cherry picked from commit

[Qemu-devel] [PATCH 52/79] target/ppc: pass const string to kvmppc_is_mem_backend_page_size_ok()

From: Greg Kurz This function has three implementations. Two are stubs that do nothing and the third one only passes the obj_path argument to: Object *object_resolve_path(const char *path, bool *ambiguous); Signed-off-by: Greg Kurz Reviewed-by: Philippe

[Qemu-devel] [PATCH 34/79] virtio-scsi: Unset hotplug handler when unrealize

From: Fam Zheng This matches the qbus_set_hotplug_handler in realize, and it releases the final reference to the embedded VirtIODevice so that it is properly finalized. A use-after-free is fixed with this patch, indirectly: virtio_device_instance_finalize wasn't called at

[Qemu-devel] [PATCH 03/79] qemu-img/convert: Always set ret < 0 on error

From: Max Reitz Otherwise the qemu-img process will exit with EXIT_SUCCESS instead of EXIT_FAILURE. Cc: qemu-stable Signed-off-by: Max Reitz Reviewed-by: Eric Blake Reviewed-by: Philippe Mathieu-Daudé

[Qemu-devel] [PATCH 04/79] qemu-img/convert: Use @opts for one thing only

From: Max Reitz After storing the creation options for the new image into @opts, we fetch some things for our own information, like the backing file name, or whether to use encryption or preallocation. With the -n parameter, there will not be any creation options; this is not

[Qemu-devel] [PATCH 50/79] monitor: fix object_del for command-line-created objects

Currently objects specified on the command-line are only partially cleaned up when 'object_del' is issued in either HMP or QMP: the object itself is fully finalized, but the QemuOpts are not removed. This results in the following behavior: x86_64-softmmu/qemu-system-x86_64 -monitor stdio \

[Qemu-devel] [PATCH 32/79] vvfat: fix qemu-img map and qemu-img convert

From: Hervé Poussineau - bs->total_sectors is the number of sectors of the whole disk - s->sector_count is the number of sectors of the FAT partition This fixes the following assert in qemu-img map: qemu-img.c:2641: get_block_status: Assertion `nb_sectors' failed. This

[Qemu-devel] [PATCH 35/79] e1000e: Fix ICR "Other" causes clear logic

From: Sameeh Jubran This commit fixes a bug which causes the guest to hang. The bug was observed upon a "receive overrun" (bit #6 of the ICR register) interrupt which could be triggered post migration in a heavy traffic environment. Even though the "receive overrun" bit (#6)

[Qemu-devel] [PATCH 49/79] tests: check-qom-proplist: add checks for cmdline-created objects

check-qom-proplist originally added tests for verifying that object-creation helpers object_new_with_{props,propv} behaved in similar fashion to the "traditional" method involving setting each individual property separately after object creation rather than via a single call. Another similar

[Qemu-devel] [PATCH 30/79] curl: avoid recursive locking of BDRVCURLState mutex

From: Paolo Bonzini The curl driver has a ugly hack where, if it cannot find an empty CURLState, it just uses aio_poll to wait for one to be empty. This is probably buggy when used together with dataplane, and the simplest way to fix it is to use coroutines instead. A more

[Qemu-devel] [PATCH 46/79] mirror: Drop permissions on s->target on completion

From: Kevin Wolf This fixes an assertion failure that was triggered by qemu-iotests 129 on some CI host, while the same test case didn't seem to fail on other hosts. Essentially the problem is that the blk_unref(s->target) in mirror_exit() doesn't necessarily mean that the

[Qemu-devel] [PATCH 48/79] linuxboot_dma: compile for i486

From: Paolo Bonzini The ROM uses the cmovne instruction, which is new in Pentium Pro and does not work when running QEMU with "-cpu 486". Avoid producing that instruction. Suggested-by: Richard W.M. Jones Suggested-by: Thomas Huth

[Qemu-devel] [PATCH 31/79] stream: fix crash in stream_start() when block_job_create() fails

From: Alberto Garcia The code that tries to reopen a BlockDriverState in stream_start() when the creation of a new block job fails crashes because it attempts to dereference a pointer that is known to be NULL. This is a regression introduced in

[Qemu-devel] [PATCH 41/79] blkdebug: Simplify override logic

From: Eric Blake Rather than store into a local variable, then copy to the struct if the value is valid, then reporting errors otherwise, it is simpler to just store into the struct and report errors if the value is invalid. This however requires that the struct store a

[Qemu-devel] [PATCH 28/79] curl: strengthen assertion in curl_clean_state

From: Paolo Bonzini curl_clean_state should only be called after all AIOCBs have been completed. This is not so obvious for the call from curl_detach_aio_context, so assert that. Cc: qemu-sta...@nongnu.org Reviewed-by: Jeff Cody Signed-off-by: Paolo

[Qemu-devel] [PATCH 47/79] virtio-serial-bus: Unset hotplug handler when unrealize

From: Ladi Prosek Virtio serial device controls the lifetime of virtio-serial-bus and virtio-serial-bus links back to the device via its hotplug-handler property. This extra ref-count prevents the device from getting finalized, leaving the VirtIODevice memory listener

[Qemu-devel] [PATCH 29/79] curl: never invoke callbacks with s->mutex held

From: Paolo Bonzini All curl callbacks go through curl_multi_do, and hence are called with s->mutex held. Note that with comments, and make curl_read_cb drop the lock before invoking the callback. Likewise for curl_find_buf, where the callback can be invoked by the caller.

[Qemu-devel] [PATCH 27/79] target/xtensa: fix return value of read/write simcalls

From: Max Filippov Return value of read/write simcalls is not calculated correctly in case of operations crossing page boundary and in case of short reads/writes. Read and write simcalls should return the size of data actually read/written or -1 in case of error. Cc:

[Qemu-devel] [PATCH 42/79] blkdebug: Add ability to override unmap geometries

From: Eric Blake Make it easier to simulate various unusual hardware setups (for example, recent commits 3482b9b and b8d0a98 affect the Dell Equallogic iSCSI with its 15M preferred and maximum unmap and write zero sizing, or b2f95fe deals with the Linux loopback block device

[Qemu-devel] [PATCH 44/79] block: Simplify BDRV_BLOCK_RAW recursion

From: Eric Blake Since we are already in coroutine context during the body of bdrv_co_get_block_status(), we can shave off a few layers of wrappers when recursing to query the protocol when a format driver returned BDRV_BLOCK_RAW. Note that we are already using the correct

[Qemu-devel] [PATCH 25/79] blockdev: use drained_begin/end for qmp_block_resize

From: John Snow Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=1447551 If one tries to issue a block_resize while a guest is busy accessing the disk, it is possible that qemu may deadlock when invoking aio_poll from both the main loop and the iothread. Replace another

[Qemu-devel] [PATCH 24/79] block: Add errp to b{lk, drv}_truncate()

From: Max Reitz For one thing, this allows us to drop the error message generation from qemu-img.c and blockdev.c and instead have it unified in bdrv_truncate(). Signed-off-by: Max Reitz Message-id: 20170328205129.15138-3-mre...@redhat.com Reviewed-by:

[Qemu-devel] [PATCH 37/79] virtio-net: fix wild pointer when remove virtio-net queues

From: Yunjian Wang The tx_bh or tx_timer will free in virtio_net_del_queue() function, when removing virtio-net queues if the guest doesn't support multiqueue. But it might be still referenced by virtio_net_set_status(), which needs to be set NULL. And also the tx_waiting

[Qemu-devel] [PATCH 21/79] aio: add missing aio_notify() to aio_enable_external()

From: Stefan Hajnoczi The main loop uses aio_disable_external()/aio_enable_external() to temporarily disable processing of external AioContext clients like device emulation. This allows monitor commands to quiesce I/O and prevent the guest from submitting new requests while

[Qemu-devel] [PATCH 18/79] qobject: Use simpler QDict/QList scalar insertion macros

From: Eric Blake We now have macros in place to make it less verbose to add a scalar to QDict and QList, so use them. Patch created mechanically via: spatch --sp-file scripts/coccinelle/qobject.cocci \ --macro-file scripts/cocci-macro-file.h --dir . --in-place then

[Qemu-devel] [PATCH 26/79] target/xtensa: fix mapping direction in read/write simcalls

From: Max Filippov Read and write simcalls map physical memory to access I/O buffers, but 'read' simcall need to map it for writing and 'write' simcall need to map it for reading, i.e. the opposite of what they do now. Fix that. Cc: qemu-sta...@nongnu.org Signed-off-by: Max

[Qemu-devel] [PATCH 39/79] blkdebug: Refactor error injection

From: Eric Blake Rather than repeat the logic at each caller of checking if a Rule exists that warrants an error injection, fold that logic into inject_error(); and rename it to rule_check() for legibility. This will help the next patch, which adds two more callers that need

[Qemu-devel] [PATCH 01/79] qga-win: Enable 'can-offline' field in 'guest-get-vcpus' reply

From: Sameeh Jubran The QGA schema states: @can-offline: Whether offlining the VCPU is possible. This member is always filled in by the guest agent when the structure is returned, and always ignored on input (hence it can be

[Qemu-devel] [PATCH 22/79] qemu-img: wait for convert coroutines to complete

From: Anton Nefedov On error path (like i/o error in one of the coroutines), it's required to - wait for coroutines completion before cleaning the common structures - reenter dependent coroutines so they ever finish Introduced in 2d9187bc65. Cc:

[Qemu-devel] [PATCH 20/79] hw/virtio: fix vhost user fails to startup when MQ

From: Zhiyong Yang Qemu2.7~2.9 and vhost user for dpdk 17.02 release work together to cause failures of new connection when negotiating to set MQ. (one queue pair works well). Because there exist some bugs in qemu code when introducing VHOST_USER_PROTOCOL_F_REPLY_ACK

[Qemu-devel] [PATCH 02/79] dirty-bitmap: Report BlockDirtyInfo.count in bytes, as documented

From: Eric Blake We've been documenting the value in bytes since its introduction in commit b9a9b3a4 (v1.3), where it was actually reported in bytes. Commit e4654d2 (v2.0) then removed things from block/qapi.c, in preparation for a rewrite to a list of dirty sectors in the

[Qemu-devel] [PATCH 15/79] qobject: Drop useless QObject casts

From: Eric Blake We have macros in place to make it less verbose to add a subtype of QObject to both QDict and QList. While we have made cleanups like this in the past (see commit fcfcd8ffc, for example), having it be automated by Coccinelle makes it easier to maintain. Patch

[Qemu-devel] [PATCH 33/79] virtio: allow broken device to notify guest

From: Greg Kurz According to section 2.1.2 of the virtio-1 specification: "The device SHOULD set DEVICE_NEEDS_RESET when it enters an error state that a reset is needed. If DRIVER_OK is set, after it sets DEVICE_NEEDS_RESET, the device MUST send a device configuration change

[Qemu-devel] [PATCH 13/79] 9pfs: local: fix unlink of alien files in mapped-file mode

From: Greg Kurz When trying to remove a file from a directory, both created in non-mapped mode, the file remains and EBADF is returned to the guest. This is a regression introduced by commit "df4938a6651b 9pfs: local: unlinkat: don't follow symlinks" when fixing CVE-2016-9602.

[Qemu-devel] [PATCH 19/79] block: Reuse bs as backing hd for drive-backup sync=none

From: Fam Zheng Opening the backing image for the second time is bad, especially here when it is also in use as the active image as the source. The drive-backup job itself doesn't read from target->backing for COW, instead it gets data from the write notifier, so it's not a big

[Qemu-devel] [PATCH 16/79] qobject: Add helper macros for common scalar insertions

From: Eric Blake Rather than making lots of callers wrap a scalar in a QInt, QString, or QBool, provide helper macros that do the wrapping automatically. Update the Coccinelle script to make mass conversions easy, although the conversion itself will be done as a separate

  1   2   3   >