On Fri, Mar 29, 2013 at 04:33:11AM +, Nicholas A. Bellinger wrote:
> From: Nicholas Bellinger
>
> This patch adds a number of virtio_queue_valid() checks to virtio-pci
> ahead of virtio_queue_get_num() usage in order to skip operation upon
> the detection of an uninitialized VQ.
>
> There is
On Fri, Mar 29, 2013 at 04:33:12AM +, Nicholas A. Bellinger wrote:
> From: Nicholas Bellinger
>
> With the virtio_queue_valid() checks in place to skip uninitialized VQs
> within virtio-pci code, go ahead and skip the same uninitialized VQs
> during vhost_verify_ring_mappings().
>
> Note thi
On Fri, Mar 29, 2013 at 04:33:09AM +, Nicholas A. Bellinger wrote:
> From: Nicholas Bellinger
>
> Hi folks,
>
> This series adds a virtio_queue_valid() for use by virtio-pci code in
> order to prevent opreations upon uninitialized VQs, that is currently
> expected to occur during seabios set
On Fri, Mar 29, 2013 at 01:33:01PM -0400, Kenneth Goldman wrote:
> > One thing I'd like to get clarity about is the following corner-case. A
> > user supplies some VM image as persistent storage for the TPM. It
> > contains garbage. How do we handle this case? Does the TPM then just
> > start writi
This patch series adds the PCLMULQDQ and AES-NI instructions to the x86
emulation. Along with the SSE4.1 and SSE4.2 series, this brings the
instructions emulation to the level of a Westmere CPU.
It has been tested with the valgrind testsuite and with the kernel
autotest.
Changes v1 -> v2:
- Patch
Signed-off-by: Aurelien Jarno
---
disas/i386.c | 67 --
1 file changed, 61 insertions(+), 6 deletions(-)
diff --git a/disas/i386.c b/disas/i386.c
index c52efbc..04c033c 100644
--- a/disas/i386.c
+++ b/disas/i386.c
@@ -665,6 +665,12 @@ fet
The PCLMULQDQ instruction has been introduced on the Westmere CPU.
Reviewed-by: Richard Henderson
Reviewed-by: Edgar E. Iglesias
Signed-off-by: Aurelien Jarno
---
target-i386/cpu.c |2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/target-i386/cpu.c b/target-i386/cpu.c
inde
Reviewed-by: Edgar E. Iglesias
Reviewed-by: Richard Henderson
Signed-off-by: Aurelien Jarno
---
disas/i386.c |4 +-
target-i386/cpu.c|6 +--
target-i386/fpu_helper.c |1 +
target-i386/ops_sse.h| 87 ++
Reviewed-by: Richard Henderson
Reviewed-by: Edgar E. Iglesias
Signed-off-by: Aurelien Jarno
---
target-i386/cpu.c| 19 +--
target-i386/ops_sse.h| 24
target-i386/ops_sse_header.h |5 +
target-i386/translate.c |3 +
Move aes.h from include/block to include/qemu to show it can be reused
by other subsystems.
Cc: Kevin Wolf
Cc: Stefan Hajnoczi
Reviewed-by: Edgar E. Iglesias
Reviewed-by: Richard Henderson
Signed-off-by: Aurelien Jarno
---
block/qcow.c|2 +-
block/qcow2.c |2 +-
block/q
Signed-off-by: Aurelien Jarno
---
disas/i386.c | 13 +++--
1 file changed, 11 insertions(+), 2 deletions(-)
diff --git a/disas/i386.c b/disas/i386.c
index 73cc06f..c52efbc 100644
--- a/disas/i386.c
+++ b/disas/i386.c
@@ -664,6 +664,7 @@ fetch_data(struct disassemble_info *info, bfd_byt
Remove static attribute to Td[0-5] and Te[0-5] tables so that they
can be used outside of aes.c. Change their type from u32 to uint32_t,
to keep the u32 udef local to aes.c. Prefix them with AES_ so that they
do not conflict with other symbols.
Reviewed-by: Edgar E. Iglesias
Reviewed-by: Richard
Hi Dunrong,
I can't reproduce the segfault, but your patch still looks right to
me. Thanks!
Signed-of-by: Anthony Green
AG
On Sat, Mar 30, 2013 at 9:35 PM, Dunrong Huang wrote:
> The value of "do_interrupt" member of CPUClass shoule be set to a
> target-specific function, or it will lead
On Sun, Mar 31, 2013 at 12:48:04AM +, Peter Maydell wrote:
>
> Hi Michael; thanks for the patch. However I think we should
> fix this by having a configure check for sem_timedwait [or
> whatever the functions we need are], rather than by piling
> up another OS ifdef check.
>
> (If you want to
I tried to reproduce this bug using lastest stable version (1.4.0) and master
(5e3a0f418c4d57399778cee0b55aebfb663b6425).
This versions seem to add "-usbdevice tablet" by default (and this is very
good). But I think that if guest OS doesn't support tablet device then bug will
still appear. So, I
On 31 March 2013 13:46, Michael W. Bombardieri wrote:
> What about this?
>
> Re-use the exting the pthread checker code in 'configure', define HAS_PTHREAD
> and use this instead of OS specific #if checks. I have built this on
>
> 1. Ubuntu 10.04.3 LTS (Linux 2.6.32-36-generic i686)
> 2. OpenBSD 5.
On Sat, Mar 30, 2013 at 09:20:09AM -0400, Kevin O'Connor wrote:
> On Fri, Mar 29, 2013 at 02:49:12PM +0100, Paolo Bonzini wrote:
> > Il 29/03/2013 14:33, Kevin O'Connor ha scritto:
> > > On Fri, Mar 29, 2013 at 04:18:44PM +0800, Hu Tao wrote:
> > >> pvpanic device is used to notify host(qemu) when
UPDATE: The second bug (which is started with "Also, I found another
bug! I am learning...") is fixed in 1.4.0
About the first bug: screen clears on real hardware, so it is really
bug. Also, it is reproducible with Qemu 1.4.0 and Qemu
5e3a0f418c4d57399778cee0b55aebfb663b6425.
--
You received thi
This has been fixed in commit d6e839e718c2540b880ac9d2d7a49fb7ade02cfb
** Changed in: qemu
Status: New => Fix Committed
--
You received this bug notification because you are a member of qemu-
devel-ml, which is subscribed to QEMU.
https://bugs.launchpad.net/bugs/1127369
Title:
i386 emu
Am 31.03.2013 03:35, schrieb Dunrong Huang:
> The value of "do_interrupt" member of CPUClass shoule be set to a
> target-specific function, or it will lead to a segfault like below:
>
> $ moxie-softmmu/qemu-system-moxie -M moxiesim
> Segmentation fault
>
> Cc: Anthony Green
> Cc: Blue Swirl
> C
Thanks for the detailed test case and fix. However unfortunately I cannot see
d6e839e718 in the current qemu git. Is it possible the commit hash changed
because of a rebase when it was committed?
--
You received this bug notification because you are a member of qemu-
devel-ml, which is subscrib
Stefano,
--On 29 March 2013 17:19:26 + Stefano Stabellini
wrote:
I think so. blkfront reads "sectors" when QEMU moves to
XenbusStateConnected, in blkfront_connect.
blk_connect is called from xen_be_try_initialise, which moves to
XenbusStateConnected on success. So, QEMU's blk_connect
Thanks, applied.
On Sun, Mar 31, 2013 at 1:35 AM, Dunrong Huang wrote:
> The value of "do_interrupt" member of CPUClass shoule be set to a
> target-specific function, or it will lead to a segfault like below:
>
> $ moxie-softmmu/qemu-system-moxie -M moxiesim
> Segmentation fault
>
> Cc: Anthony G
Oops sorry. The correct commit hash is
52ae646d4a3ebdcdcc973492c6a56f2c49b6578f
--
You received this bug notification because you are a member of qemu-
devel-ml, which is subscribed to QEMU.
https://bugs.launchpad.net/bugs/1127369
Title:
i386 emulation unreliable since commit
b76f0d8c2e3eac9
Thank you. Now if someone could also fix bug 1154328 , my automated
tests might run again...
--
You received this bug notification because you are a member of qemu-
devel-ml, which is subscribed to QEMU.
https://bugs.launchpad.net/bugs/1127369
Title:
i386 emulation unreliable since commit
b
Thanks - fix committed to Fedora. Hopefully this will squash the rare
and random segfaults in the libguestfs test suite.
--
You received this bug notification because you are a member of qemu-
devel-ml, which is subscribed to QEMU.
https://bugs.launchpad.net/bugs/1127369
Title:
i386 emulatio
"Michael S. Tsirkin" wrote on 03/31/2013 04:17:28 AM:
>
> You want to protect against someone who is able to
> manipulate some bits in the file (content) but not others (hash)?
> What's the attack you are trying to protect against here?
>
> I'm guessing the only result of extra checksums would b
Anthony,
On Sun, Mar 31, 2013 at 07:24:20PM -, Andreas Gustafsson wrote:
> Thank you. Now if someone could also fix bug 1154328 , my automated
> tests might run again...
This bug is indeed quite problematic and is caused by one of your
patches:
commit a29753f8aa79a34a324afebe340182a51a5ae
Hello everyone,
I am a Computer science student which is new to QEMU, new to this list.
For the student project that I am working on, which is system security
related, I am executing a program in QEMU user mode emulation. To simulate
a program control flow change, like it happens in a real attack
Changes v4-v5:
* Incorprate stack realignment into frame size, instead of pushing r12.
* Disassemble prologues with -d out_asm.
Changes v3-v4:
* Local stack frame fix has been reworked to be independant of the rest
of the change set, making it possible to cherry-pick to stable.
* Whi
We were not allocating TCG_STATIC_CALL_ARGS_SIZE, so this meant that
any helper with more than 4 arguments would clobber the saved regs.
Realizing that we're supposed to have this memory pre-allocated means
we can clean up the tcg_out_arg functions, which were trying to do
more stack allocation.
A
This makes it easier to verify changes to the code
generating the prologue.
Signed-off-by: Richard Henderson
---
tcg/tcg.c | 10 ++
1 file changed, 10 insertions(+)
diff --git a/tcg/tcg.c b/tcg/tcg.c
index 1d8265e..de68c16 100644
--- a/tcg/tcg.c
+++ b/tcg/tcg.c
@@ -268,6 +268,16 @@ void
We get to re-use the _rIN and _rIK subroutines to handle the various
combinations of add vs sub. Fold the << 21 into the opcode enum values
so that we can explicitly add TO_CPSR as desired.
Signed-off-by: Richard Henderson
---
tcg/arm/tcg-target.c | 106 -
This allows the generation of RSB instructions.
Reviewed-by: Aurelien Jarno
Signed-off-by: Richard Henderson
---
tcg/arm/tcg-target.c | 15 ---
1 file changed, 12 insertions(+), 3 deletions(-)
diff --git a/tcg/arm/tcg-target.c b/tcg/arm/tcg-target.c
index f34828b..a430f1b 100644
--
This greatly improves code generation for addition of small
negative constants.
Reviewed-by: Aurelien Jarno
Signed-off-by: Richard Henderson
---
tcg/arm/tcg-target.c | 41 +++--
1 file changed, 35 insertions(+), 6 deletions(-)
diff --git a/tcg/arm/tcg-target
We have BFI and BFC available for implementing it.
Signed-off-by: Richard Henderson
---
tcg/arm/tcg-target.c | 36
tcg/arm/tcg-target.h | 5 -
2 files changed, 40 insertions(+), 1 deletion(-)
diff --git a/tcg/arm/tcg-target.c b/tcg/arm/tcg-target.c
inde
The schedule was fully serial, with no possibility for dual issue.
The old schedule had a minimal issue of 7 cycles; the new schedule
has a minimal issue of 5 cycles.
Signed-off-by: Richard Henderson
---
tcg/arm/tcg-target.c | 110 ++-
1 file chang
Share code between qemu_ld and qemu_st to process the tlb.
Signed-off-by: Richard Henderson
---
tcg/arm/tcg-target.c | 169 +--
1 file changed, 70 insertions(+), 99 deletions(-)
diff --git a/tcg/arm/tcg-target.c b/tcg/arm/tcg-target.c
index 7b13a8
Try fully rotated arguments to mov and mvn before trying movt
or full decomposition. Begin decomposition with mvn when it
looks like it'll help. Examples include
-:mov r9, #0x0fa0
-:orr r9, r9, #0x000ee000
-:orr r9, r9, #0x0ff0
-:orr r9, r9, #0xf00
An armv7 extension implements division, present on Cortex A15.
Signed-off-by: Richard Henderson
---
disas/arm.c | 4
tcg/arm/tcg-target.c | 36
tcg/arm/tcg-target.h | 7 ++-
3 files changed, 46 insertions(+), 1 deletion(-)
diff --git a/di
Work better with branch predition when we have movw+movt,
as the size of the code is the same. Perhaps re-evaluate
when we have a proper constant pool.
Signed-off-by: Richard Henderson
---
tcg/arm/tcg-target.c | 3 +++
1 file changed, 3 insertions(+)
diff --git a/tcg/arm/tcg-target.c b/tcg/arm
Use tcg_out_movi32 when it's profitable, which is always for v7.
Simplify the logic around tcg_out_goto, now that we're sure that
it won't generate a multi-insn branch.
Signed-off-by: Richard Henderson
---
tcg/arm/tcg-target.c | 19 +--
1 file changed, 9 insertions(+), 10 deletio
Make the code more readable by only having one copy of the magic
numbers, swapping registers as needed prior to that. Speed the
compiler by not applying the rd == rn avoidance for v6 or later.
Signed-off-by: Richard Henderson
---
tcg/arm/tcg-target.c | 85 +++
On 31 March 2013 23:33, Ivan Jovanovic wrote:
> I am a Computer science student which is new to QEMU, new to this list.
>
> For the student project that I am working on, which is system security
> related, I am executing a program in QEMU user mode emulation. To simulate a
> program control flow c
Use even more primitive helper functions to avoid lots of duplicated code.
Signed-off-by: Richard Henderson
---
tcg/arm/tcg-target.c | 235 ---
1 file changed, 111 insertions(+), 124 deletions(-)
diff --git a/tcg/arm/tcg-target.c b/tcg/arm/tcg-tar
This allows us to emit CMN instructions.
Reviewed-by: Aurelien Jarno
Signed-off-by: Richard Henderson
---
tcg/arm/tcg-target.c | 40
1 file changed, 20 insertions(+), 20 deletions(-)
diff --git a/tcg/arm/tcg-target.c b/tcg/arm/tcg-target.c
index a430f1b
Move the slow path out of line, as the TODO's mention.
This allows the fast path to be unconditional, which can
speed up the fast path as well, depending on the core.
Signed-off-by: Richard Henderson
---
configure | 2 +-
include/exec/exec-all.h | 17 +++
tcg/arm/tcg-target.c
Hi Andreas,
On Sun, Mar 31, 2013 at 1:01 PM, Andreas Färber wrote:
> That exception_index is used once from CPUMoxieState and once from
> CPUState is telling me something is fishy here...
>
> Are any test images available?
I have some basic RTEMS based test apps, but nothing that generates an
in
On 2013-03-30 16:54, Aurelien Jarno wrote:
The overflow computation of nego and subf*o instructions has been broken
in commit ffe30937. This patch fixes it.
With this change the PPC emulation passes the Gwenole Beauchesne
testsuite again.
Cc: Alexander Graf
Cc: Richard Henderson
Signed-off-by
Don't hard-code R8.
Signed-off-by: Richard Henderson
---
tcg/arm/tcg-target.c | 122 ++-
1 file changed, 62 insertions(+), 60 deletions(-)
diff --git a/tcg/arm/tcg-target.c b/tcg/arm/tcg-target.c
index e3d2cfa..b62d9f6 100644
--- a/tcg/arm/tcg-tar
On 2013-03-31 04:02, Aurelien Jarno wrote:
Changes v3 -> v4:
- Update dissassembler code to support these instructions.
Reviewed-by: Richard Henderson
r~
R12 is call clobbered, while R8 is call saved. This change
gives tcg one more call saved register for real data.
Signed-off-by: Richard Henderson
---
tcg/arm/tcg-target.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/tcg/arm/tcg-target.c b/tcg/arm/tcg-target.c
index b62d9f
This greatly improves the code we can produce for deposit
without armv7 support.
Reviewed-by: Aurelien Jarno
Signed-off-by: Richard Henderson
---
tcg/arm/tcg-target.c | 52 ++--
tcg/arm/tcg-target.h | 2 --
2 files changed, 42 insertions(+), 12 d
On 1 April 2013 00:19, Richard Henderson wrote:
> On 2013-03-30 16:54, Aurelien Jarno wrote:
>>
>> The overflow computation of nego and subf*o instructions has been broken
>> in commit ffe30937. This patch fixes it.
>>
>> With this change the PPC emulation passes the Gwenole Beauchesne
>> testsuit
Stefan Hajnoczi, le Mon 11 Mar 2013 09:36:14 +0100, a écrit :
> > Otherwise we may just document that one has to disable Duplicate Address
> > Detection to get IPv6 working :/
>
> Seems like this might be the only way for now.
Here is a patch
Samuel
Document how to get IPv6 working with mcast
The lack of a write-only-memory device is a gaping hole in QEMU's
otherwise comprehensive range of device models. This patch implements
a model of the popular Signetics 25120 9046xN random access WOM.
---
hw/Makefile.objs | 2 +
hw/wom.c | 127
On Sun, Mar 31, 2013 at 04:19:45PM -0700, Richard Henderson wrote:
> On 2013-03-30 16:54, Aurelien Jarno wrote:
> >The overflow computation of nego and subf*o instructions has been broken
> >in commit ffe30937. This patch fixes it.
> >
> >With this change the PPC emulation passes the Gwenole Beauch
On Mon, Apr 01, 2013 at 12:50:58AM +0100, Peter Maydell wrote:
> On 1 April 2013 00:19, Richard Henderson wrote:
> > On 2013-03-30 16:54, Aurelien Jarno wrote:
> >>
> >> The overflow computation of nego and subf*o instructions has been broken
> >> in commit ffe30937. This patch fixes it.
> >>
> >>
The overflow computation of nego and subf*o instructions has been broken
in commit ffe30937. Contrary to other targets, the instruction is subtract
from an not subtract on PowerPC.
This patch fixes the issue by using the correct argument in the xor
computation. Thanks to Peter Maydell for the hint
On 03/31/2013 04:50 PM, Peter Maydell wrote:
>> > I'm a bit confused. This is the exact same algorithm that's used on ARM
>> > and
>> > i386. And as far as I can determine, all three platforms have the same
>> > definition of "overflow".
> I think it's not quite the same as ARM because the two a
On 03/31/2013 05:33 PM, Aurelien Jarno wrote:
> The overflow computation of nego and subf*o instructions has been broken
> in commit ffe30937. Contrary to other targets, the instruction is subtract
> from an not subtract on PowerPC.
>
> This patch fixes the issue by using the correct argument in t
2013/3/31 Peter Crosthwaite :
> Hi Kuo-Jung
>
> I think you may have accidentally dropped your subject line and
> promoted your long commit message to subject line. Looks better in
> previous versions.
>
Yes, it's an accident, I'll fix it later.
> On Mon, Mar 25, 2013 at 10:09 PM, Kuo-Jung Su wr
OK, Thanks!
I will update this patch as your comment.
在 2013-03-29五的 15:46 +0100,Stefan Hajnoczi写道:
> On Fri, Mar 29, 2013 at 1:38 AM, li guang wrote:
> > 在 2013-03-28四的 10:42 +0100,Stefan Hajnoczi写道:
> >> On Wed, Mar 27, 2013 at 02:10:31PM +0800, liguang wrote:
> >> > if head magic is missing or
if head magic is missing or wrong unexpectedly, we'd
better to reject booting.
e.g.
I make a mistake to boot a vmlinuz for MIPS(which
I think it's for x86) like this:
qemu-system-x86_64 -kernel vmlinuz -initrd demord
then qemu report:
"qemu: linux kernel too old to load a ram disk"
that's misleadin
于 2013-3-30 18:38, Liuji (Jeremy) 写道:
> Hello, everyone
>
> I found a problem about "loadvm", when I use Spice.
>
> Host OS: Fedora 17
> Qemu: 1.4.0
> Spice: 0.12.2
> Quest OS: WinXP
>
> 1) Use the following command to start the VM:
> qemu-kvm -enable-kvm -name winxp -M pc-0.15 -m 1024 -smp
Hi Anthony, thanks for your reply.
Below is the backtrace from core dump file, it may help.
$ moxie-softmmu/qemu-system-moxie -M moxiesim
Segmentation fault (core dumped)
$ gdb moxie-softmmu/qemu-system-moxie core
GNU gdb (Gentoo) 7.4.1
Copyright (C) 2012 Free Software Foundation, Inc.
License G
Hi, Wenchao
Thanks for your reply.
Could you tell me which step I missed? I checked the relevant information. But
there seems to be no other operation before "loadvm".
Best Regards,
Jeremy Liu
> > Hello, everyone
> >
> > I found a problem about "loadvm", when I use Spice.
> >
> > Host OS: Fe
On 03/08/2013 05:47 AM, Samuel Thibault wrote:
Samuel Thibault, le Fri 08 Mar 2013 10:08:55 +0100, a écrit :
There does exist some unique address, which is returned by recvfrom,
I'll have a look at how to get access to it.
Ah, no, it's not unique... It's just the host IP address and the same
po
On (Fri) 29 Mar 2013 [11:39:50], Anthony Liguori wrote:
> The current code is oddly written and have equally odd semantics.
> Despite the '_all' suffix, upon EAGAIN the result will be a partial
> write but instead of returning the partial write, we return EAGAIN.
>
> Change the behavior to write a
On (Tue) 12 Mar 2013 [21:31:29], Andreas Gustafsson wrote:
> Now cut-and-paste a string containing at least 41 characters into the
> terminal window. I used a string containing 41 copies of the letter
> "X". You can use other strings, but beware of pasting strings
> containing valid shel
70 matches
Mail list logo
