On 07/07/2014 11:13 AM, Bastian Koppelmann wrote:
> +static bool cdc_zero(TCState *tc)
> +{
> +int i;
> +int cdc = tc->PSW & MASK_PSW_CDC;
> +/* Returns TRUE if PSW.CDC.COUNT == 0 or if PSW.CDC ==
> + 7'b111, otherwise returns FALSE. */
> +if (cdc == 0x7f) {
> +ret
Hi,
[Rephrasing my earlier post with more clarity.]
I need to work with "guest-fsfreeze-*" commands in Windows 2008 guest VM
(Host is CentOS 6.4) to quisce the applications.
*Windows 2008 Guest Machine*
1. Windows 2008 is running following services
- QEMU Guest Agent
- QEM
Hi Michael,
Thank you for paying attention on this.
On 07/08/2014 02:06 PM, Michael R. Hines wrote:
On 07/03/2014 11:42 AM, Hongyang Yang wrote:
I wonder if there is anyway to coordinate this between COLO, Michael
Hines microcheckpointing and the two separate reverse-execution
projects tha
BadInstr Register (CP0 Register 8, Select 1)
The BadInstr register is a read-only register that capture the most recent
instruction which caused an exception.
BadInstrP Register (CP0 Register 8, Select 2)
The BadInstrP register contains the prior branch instruction, when the
faulting instruction i
New MIPS features depend on the access type and enum is more convenient than
using the numbers directly.
Signed-off-by: Leon Alrae
---
include/exec/cpu-common.h |6 ++
softmmu_template.h| 26 --
2 files changed, 22 insertions(+), 10 deletions(-)
diff --
Public bug reported:
Add an event to report if a block device usage exceeds a threshold. The
threshold should be configurable with a monitor command. The event
should report the affected block device. Additional useful information
could be the offset of the highest sector , like in the query-block
An Execute-Inhibit exception occurs when the virtual address of an instruction
fetch matches a TLB entry whose XI bit is set. This exception type can only
occur if the XI bit is implemented within the TLB and is enabled, this is
denoted by the PageGrain XIE bit.
An Read-Inhibit exception occurs wh
On xen 4.5 (tried with qemu 2.0.0/2.1-rc0, spice 0.12.5 and client with
spice-gtk 0.23/0.25) windows 7 domUs with qxl vga works good as kvm
except for one problem after xl save/restore, when after restore on
spice client connect the domU's screen freezed for 2-3 minutes (and
seems also windows
For Standard TLB configuration (Config.MT=1):
TLBINV invalidates a set of TLB entries based on ASID. The virtual address is
ignored in the entry match. TLB entries which have their G bit set to 1 are not
modified.
TLBINVF causes all entries to be invalidated.
Note that this commit introduces sup
On 08.07.14 07:00, Nikunj A Dadhania wrote:
Useful for identifying the guest/host uniquely within the
guest. Adding following properties to the guest root node.
vm,uuid - uuid of the guest
host-model - Host model number
host-serial - Host machine serial number
hypervisor type - Tells its "kvm"
On 2014/7/8 16:33, Amos Kong wrote:
> On Mon, Jul 07, 2014 at 05:10:57PM +0800, arei.gong...@huawei.com wrote:
>> From: Chenliang
>>
>> Add del_boot_device_path and modify_boot_device_path. Device should
>> be removed from boot device list by del_boot_device_path when device
>> hotplug. modify_b
** Project changed: qemu => qemu (Ubuntu)
--
You received this bug notification because you are a member of qemu-
devel-ml, which is subscribed to QEMU.
https://bugs.launchpad.net/bugs/1338277
Title:
Ubuntu 14.04 + QEmu 2.0 + KSM = 1, makes Windows 2008 R2 guests to
crash (BSOD)
Status in “
On 8 July 2014 11:20, Alexander Graf wrote:
> Hi Peter,
>
> This is my latest bugfix queue for ppc for the 2.1 release. Please pull.
>
> Alex
>
>
> The following changes since commit 128f0e66149afb2dfc325dfd183aac345f417763:
>
> Merge remote-tracking branch 'remotes/afaerber/tags/prep-for-2.1'
On 7 July 2014 16:25, Stefano Stabellini
wrote:
> Currently the Makefile of disas/libvixl appends
> -I$(SRC_PATH)/disas/libvixl to QEMU_CFLAGS. As a consequence C++ files
> that #include "utils.h", such as disas/libvixl/a64/instructions-a64.cc,
> are going to look for utils.h on all the other incl
On 19/06/2014 18:43, Richard Henderson wrote:
> You must update CPU_SAVE_VERSION when you change the contents of the save
> data.
>
> For extra credit, consider updating target-mips to VMStateDescription
> structure(s).
>
>
> r~
>
v2 contains updated CPU_SAVE_VERSION.
VMStateDescription str
On Tue, 8 Jul 2014, Peter Maydell wrote:
> On 8 July 2014 12:55, Stefano Stabellini
> wrote:
> > Are you going to pick it up or do you want me to send a pull request?
>
> I'm going to put it in the target-arm pullreq I'm currently testing.
Great, thanks!
On 4 July 2014 15:33, Peter Maydell wrote:
> On 30 June 2014 13:09, Paolo Bonzini wrote:
>> Il 28/06/2014 18:59, Peter Maydell ha scritto:
>>
>>> Having a direct dependency
>>>Makefile: $(GENERATED_HEADERS)
>>> can result in not-from-clean builds failing sometimes, because it means
>>> that w
On 8 July 2014 12:55, Stefano Stabellini
wrote:
> Are you going to pick it up or do you want me to send a pull request?
I'm going to put it in the target-arm pullreq I'm currently testing.
thanks
-- PMM
** Description changed:
Guys,
I'm trying to run Windows 2008 as a QEmu guest on my Ubuntu 14.04 but,
after lots of tests, I figured out that it doesn't work, QEmu makes
Windows 2008 to crash, and it is not a Windows fault, I'm pretty sure
that it is a QEmu bug.
Lab environment (5
Alexander Graf writes:
> On 08.07.14 13:04, Nikunj A Dadhania wrote:
>> Alexander Graf writes:
>>
>>> On 08.07.14 07:00, Nikunj A Dadhania wrote:
Useful for identifying the guest/host uniquely within the
guest. Adding following properties to the guest root node.
vm,uuid - uui
On 8 July 2014 08:57, Leon Alrae wrote:
> New MIPS features depend on the access type and enum is more convenient than
> using the numbers directly.
>
Mmm, I've thought for a while it would be better to have this
be an enum, but never got round to it.
> Signed-off-by: Leon Alrae
> ---
> include
On 8 July 2014 08:13, Al Viro wrote:
> Actually, that's badly worded; what codepath ends up setting si_code on
> e.g. fp addition overflows? In system mode it's done by completion code
> in the kernel, but AFAICS in user mode there are only two places where it
> might happen - one is gentrap hand
We neglected to update the the channel-program-address field of the scsw
after completion of the start or the halt function: Fortunately, Linux
didn't miss it so far. Let's update it for the cases where the cpa is
expected to be valid; in some cases, the cpa is 'unpredictable', so we
leave it untou
Signed-off-by: Cornelia Huck
---
pc-bios/s390-ccw.img | Bin 17624 -> 17752 bytes
1 file changed, 0 insertions(+), 0 deletions(-)
diff --git a/pc-bios/s390-ccw.img b/pc-bios/s390-ccw.img
index
603e19e003d574b24bb3b97bacda2bf38077e8fd..e3ea0d5664f01ff472d3531980941fb5f163ff02
100644
GIT binary
Note that my list of affected nodes also include migrated VMs, so there
are some false positives (VMs that came from an affected node). The
affected VMs on node 1-8 all seem to be migrated from another node.
--
You received this bug notification because you are a member of qemu-
devel-ml, which i
Ondergetekende, can you provide further details to why you believe Bug
#1326367 is causing this? Would you be willing to test a
3.11.0-24-generic kernel (reported stable) + the futex fix, or a chosen
stable version of the 3.13 or 3.15 kernel with just the futex fix. To
verify that the futex fix is
On Mon, 7 Jul 2014, Nikolay Nikolaev wrote:
> On Tue, Jul 1, 2014 at 2:52 PM, Kirill Batuzov wrote:
> > Due to GLib limitations it is not possible to create several watches on one
> > channel on Windows hosts. See bug #338943 in GNOME bugzilla for details:
> > https://bugzilla.gnome.org/show_bug.
On 07.07.14 09:08, Eric Auger wrote:
The base address of the platform bus sometimes is used to build the
property.
---
Actually I did not succeed in doing it another way with Calxeda xgmac.
If someone knows how to do without, please advise.
Not sure I understand. The "regs" properties live
On 8 July 2014 14:51, Alexander Graf wrote:
> On 07.07.14 09:08, Eric Auger wrote:
>> +#define MACHVIRT_PLATFORM_BASE 0xa004000
>
>
> That's an odd address for a 128MB window. Can you make it 128MB aligned?
> Maybe move the virtio region behind this one?
I'd rather not move things aroun
On Mon, Jul 07, 2014 at 05:10:57PM +0800, arei.gong...@huawei.com wrote:
> From: Chenliang
>
> Add del_boot_device_path and modify_boot_device_path. Device should
> be removed from boot device list by del_boot_device_path when device
> hotplug. modify_boot_device_path is used to modify deviceboo
* Eric Blake (ebl...@redhat.com) wrote:
> On 07/07/2014 11:18 AM, Sanidhya Kashyap wrote:
> > From: "Dr. David Alan Gilbert"
>
> You are attributing the patch to David...
>
> >
> > Using the patch of Stefan Berger for memory buffer based QEMUFile.
> >
> > http://lists.gnu.org/archive/html/qemu
On 26 June 2014 13:35, Peter Maydell wrote:
> On 16 June 2014 16:47, Peter Maydell wrote:
>> If the user specified a (vlan ID, slirp stack name) tuple in a monitor
>> hostfwd_add/remove command and we can't find it, give the user an
>> error message rather than silently doing nothing.
>>
>> This
On 4 June 2014 13:51, Alexey Kardashevskiy wrote:
> This adds handling of the RESOURCE_ADDR_TRANS_MODE resource from
> the H_SET_MODE, for POWER8 (PowerISA 2.07) only.
>
> This defines AIL flags for LPCR special register.
>
> This changes @excp_prefix according to the mode, takes effect in TCG.
>
On 20/06/2014 23:02, Aurelien Jarno wrote:
>> @@ -5198,6 +5199,12 @@ static void gen_mfc0(DisasContext *ctx, TCGv arg, int
>> reg, int sel)
>> gen_mfc0_load32(arg, offsetof(CPUMIPSState, CP0_DESAVE));
>> rn = "DESAVE";
>> break;
>> +case 2 ... 7:
>> +
On Tue, Jul 1, 2014 at 5:25 PM, Stefan Hajnoczi wrote:
> This series fixes issues recently introduced when unifying virtio-blk
> dataplane's request handling with non-dataplane virtio-blk.
>
> The problems include broken memory allocation for dataplane requests and a
> performance regression for n
On 08.07.14 16:37, Peter Maydell wrote:
On 4 June 2014 13:51, Alexey Kardashevskiy wrote:
This adds handling of the RESOURCE_ADDR_TRANS_MODE resource from
the H_SET_MODE, for POWER8 (PowerISA 2.07) only.
This defines AIL flags for LPCR special register.
This changes @excp_prefix according to
Hello everyone
I'm one of the oVirt developers (http://www.ovirt.org);
oVirt is a virtualization management application built
around qemu/kvm, so it is nice to get in touch :)
We have begun a big scalability improvement effort, aiming to
support without problems hundreds of VMs per host, with pla
Managing applications, like oVirt (http://www.ovirt.org), make extensive
use of thin-provisioned disk images.
In order to let the guest run flawlessly and be not unnecessarily
paused, oVirt sets a watermark based on the percentage occupation of the
device against the advertised size, and automatica
On 19/06/2014 23:13, Aurelien Jarno wrote:
> I don't think this should implemented that way, as it would have a
> significant impact on the performances. Given we have the fault address
> (we fill EPC), we can fetch the corresponding opcode. There might be
> some code change to do for the branches,
Sorry, this is actually an RFC; patch was posted separately.
- Original Message -
> From: "Francesco Romani"
> To: qemu-devel@nongnu.org
> Cc: kw...@redhat.com, stefa...@redhat.com, lcapitul...@redhat.com,
> mdr...@linux.vnet.ibm.com, "Francesco Romani"
>
> Sent: Tuesday, July 8, 2014 4
On 07/08/2014 01:05 AM, Peter Maydell wrote:
> On 8 July 2014 08:13, Al Viro wrote:
>> Actually, that's badly worded; what codepath ends up setting si_code on
>> e.g. fp addition overflows? In system mode it's done by completion code
>> in the kernel, but AFAICS in user mode there are only two pl
On 08/07/14 09:43, Ming Lei wrote:
> On Tue, Jul 8, 2014 at 3:19 PM, Christian Borntraeger
> wrote:
>> Ping.
>>
>> has anyone seen a similar hang on x86?
The problem seems to be, that for managedsave, we do a VM stop before we call
the migration_state_notifier. to be verified.
On Tue, Jul 08, 2014 at 01:22:53PM +, Gonglei (Arei) wrote:
> > -Original Message-
> > From: chenliang (T)
> > Sent: Tuesday, July 08, 2014 7:03 PM
> > To: Amos Kong
> > Cc: Gonglei (Arei); qemu-devel@nongnu.org; afaer...@suse.de;
> > ag...@suse.de; stefa...@redhat.com; a...@ozlabs.ru;
On Mon, Jul 7, 2014 at 3:33 PM, Alexei Starovoitov
wrote:
> On Mon, Jul 7, 2014 at 5:20 AM, Paolo Bonzini wrote:
>> Il 07/07/2014 12:29, David Drysdale ha scritto:
>>
I think that's more easily done by opening the file as O_RDONLY/O_WRONLY
/O_RDWR. You could do it by running the file
A new field mmap_offset was added in the vhost-user message, we need to reflect
this change in the test too.
Signed-off-by: Nikolay Nikolaev
---
tests/vhost-user-test.c | 11 +--
1 file changed, 9 insertions(+), 2 deletions(-)
diff --git a/tests/vhost-user-test.c b/tests/vhost-user-te
On Tue, Jul 08, 2014 at 07:54:36AM +0100, Al Viro wrote:
> On Mon, Jul 07, 2014 at 11:03:08PM -0700, Richard Henderson wrote:
> > On 07/07/2014 09:20 PM, Al Viro wrote:
> > > and I'm reasonably sure that this is what they did internally. You are
> > > proposing to do 4 cases in all their messy glo
Hi Leon,
On 08/07/14 08:57, Leon Alrae wrote:
> BadInstr Register (CP0 Register 8, Select 1)
> The BadInstr register is a read-only register that capture the most recent
> instruction which caused an exception.
>
> BadInstrP Register (CP0 Register 8, Select 2)
> The BadInstrP register contains th
Signed-off-by: Leon Alrae
---
target-mips/cpu.h |2 +-
target-mips/machine.c | 14 ++
2 files changed, 15 insertions(+), 1 deletions(-)
diff --git a/target-mips/cpu.h b/target-mips/cpu.h
index 656f5ca..23bb22c 100644
--- a/target-mips/cpu.h
+++ b/target-mips/cpu.h
@@ -557,
Add ULL suffix to 64 bit constant to prevent compiler warnings
on some 32 bit platforms.
Signed-off-by: Peter Maydell
---
Planning to commit this to master as a buildfix for rc1.
hw/ppc/spapr_hcall.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/hw/ppc/spapr_hcall.c b/hw/p
Fix a typo in the names of a couple of functions
(s/resouce/resource/).
Signed-off-by: Peter Maydell
---
Only a typo; I leave it up to you whether you want to put this
in 2.1 or not, Alex, but anyway it doesn't need to go in rc1.
hw/ppc/spapr_hcall.c | 22 +++---
1 file changed,
The latest vhost-user changes changed the VHOST_SET_MEM_TABLE handling.
Now the memory regions are mapped from dev->mem. The BIOS is registered
at address 0xfffc which is out of memory boundaries for guests with
less than 4G RAM. Calling qemu_get_ram_fd with this address causes abort()
in qemu_
Hi, I've been working on IGD passthrough using native qemu and VFIO,
(without any XEN components).
This work hasn't progressed in recent, but I am able to continue it again.
Late last year I was in discussions with Allen Kay, Vikas Shivappa from
Intel and Alex Williamson from Redhat, which resulte
On 07/08/2014 08:49 AM, Francesco Romani wrote:
> Managing applications, like oVirt (http://www.ovirt.org), make extensive
> use of thin-provisioned disk images.
> In order to let the guest run flawlessly and be not unnecessarily
> paused, oVirt sets a watermark based on the percentage occupation o
Am 07.07.2014 um 15:18 hat Paolo Bonzini geschrieben:
> These patches do some cleanup and optimization in AioContext land.
>
> The first two drop AIO functions that operate on the main AioContext.
> These are not needed anymore now that each BlockDriverState explicitly
> operates on its own AioCon
Am 08.07.2014 um 16:43 hat Stefan Hajnoczi geschrieben:
> On Tue, Jul 1, 2014 at 5:25 PM, Stefan Hajnoczi wrote:
> > This series fixes issues recently introduced when unifying virtio-blk
> > dataplane's request handling with non-dataplane virtio-blk.
> >
> > The problems include broken memory allo
Hi,
Was tracing the buffer handling code flow after the kick has been
initiated from the guest in case of virtio.
Found this function
cpu_physical_memory_map->address_space_map->address_space_translate
which calls address_space_translate_internal and iommu->translate (get
the translation from TLB
Implement kvm_arm_vcpu_init() as a simple call to arm_arm_vcpu_init()
(which uses the KVM_ARM_VCPU_INIT vcpu ioctl to tell the kernel
to re-initialize the vCPU), rather than via the complicated code
which saves a copy of the register state on first init and then
writes it back to the kernel. This i
If machine doesn't support memory hotplug then staring QEMU
with initial memory less than default will make QEMU exit with
following error message:
$QEMU -m 16 -M isapc
qemu-system-i386: "-memory 'slots|maxmem'" is not supported by: isapc
Set maxram_size to initial memory value before parsing
'm
Hi,
In our data center we are using qemu 1.0/ 1.2 and we need to do a live
migration to qemu 2.0.
One of the main hindrance that we are facing is that QEMU 1.0 uses old
PC model so if a user using Windows on the VM running on QEMU 1.0 does
a live migrate to QEMU 2.0 , he will see a licensing issu
> -Original Message-
> From: chenliang (T)
> Sent: Tuesday, July 08, 2014 7:03 PM
> To: Amos Kong
> Cc: Gonglei (Arei); qemu-devel@nongnu.org; afaer...@suse.de;
> ag...@suse.de; stefa...@redhat.com; a...@ozlabs.ru;
> alex.william...@redhat.com; arm...@redhat.com; ebl...@redhat.com;
> kw...@
From: Alexey Kardashevskiy
POWER8E is architecturally equal to POWER8 and POWER7+ is equal to
POWER7. Also no user space tool makes any difference for CPU node name
in the device tree (such as PowerPC,POWER7@0 vs. PowerPC,POWER7+@0).
So there is no point in emulating POWER7+ and POWER8E apart fro
I'm not confident yet we're seeing the exact same problem, but it is
pretty close. We're running a somewhat wide range of hyperisor kernels,
these are our observations so far.
node-1-1 3.13.0-24-generic is affected for 0% of vms
node-1-3 3.13.0-24-generic is affected for 0% of vms
node-1-5 3.
We were truncating physical addresses to 32bit when using qemu-system-ppc
with a booke206 TLB implementation. This patch fixes that and makes the full
address space available.
Signed-off-by: Alexander Graf
---
target-ppc/mmu_helper.c | 6 +++---
1 file changed, 3 insertions(+), 3 deletions(-)
d
On 07/07/2014 11:13 AM, Bastian Koppelmann wrote:
> Add instructions of SBR opcode format.
> Add gen_loop micro-op generator function.
>
> Signed-off-by: Bastian Koppelmann
> ---
> target-tricore/translate.c | 69
> ++
> 1 file changed, 69 insertions(
On 07.07.14 09:08, Eric Auger wrote:
This method is meant to be called on sysbus device dynamic
instantiation (-device option). Devices that support this
kind of instantiation must implement this method.
Signed-off-by: Eric Auger
For the reason I stated earlier, I don't think it's a good ide
In the enqueue path, we can't complete request, otherwise
"Co-routine re-entered recursively" may be caused, so this
patch fixes the issue with below ideas:
- for -EAGAIN, retry the submission in an introduced event handler
- for part of completion, just update the io queue, since
Signed-off-by: Leon Alrae
---
target-mips/helper.c | 21 ++---
1 files changed, 10 insertions(+), 11 deletions(-)
diff --git a/target-mips/helper.c b/target-mips/helper.c
index 8a997e4..9871273 100644
--- a/target-mips/helper.c
+++ b/target-mips/helper.c
@@ -87,7 +87,7 @@ int
On 07.07.14 09:08, Eric Auger wrote:
Allows sysbus devices to be instantiated from command line by
using -device option
---
Inspired from what Alex Graf did in ppc e500
https://lists.gnu.org/archive/html/qemu-ppc/2014-07/msg00012.html
Signed-off-by: Alexander Graf
Signed-off-by: Eric Auger
On Tue, Jul 8, 2014 at 3:19 PM, Christian Borntraeger
wrote:
> Ping.
>
> has anyone seen a similar hang on x86?
>
>
>
> On 07/07/14 13:58, Christian Borntraeger wrote:
>> Folks,
>>
>> with current 2.1-rc0 (
>> + dataplane: do not free VirtQueueElement in vring_push()
>> + virtio-blk: avoid datap
Am 05.07.2014 um 22:06 hat Max Reitz geschrieben:
> On 04.07.2014 17:55, Kevin Wolf wrote:
> >If a QED image has a shorter backing file and a read request to
> >unallocated clusters goes across EOF of the backing file, the backing
> >file sees a shortened request and the rest is filled with zeros.
On 07/07/2014 11:13 AM, Bastian Koppelmann wrote:
> +env->active_tc.ICR |= (const9 & 0xff); /* ICR.CCPN = const9[7: 0];*/
There's no reason not to perform this AND at translation time.
r~
On 08.07.14 17:01, Peter Maydell wrote:
Add ULL suffix to 64 bit constant to prevent compiler warnings
on some 32 bit platforms.
Signed-off-by: Peter Maydell
Reviewed-by: Alexander Graf
Alex
PageGrain needs rw bitmask which differs between MIPS architectures.
In pre-R6 if RIXI is supported, PageGrain.XIE and PageGrain.RIE are writeable,
whereas in R6 they are read-only 1.
Signed-off-by: Leon Alrae
---
target-mips/cpu.h|4
target-mips/helper.h |5
Hi Peter,
On 08/07/2014 14:00, Peter Maydell wrote:
> On 8 July 2014 08:57, Leon Alrae wrote:
>> New MIPS features depend on the access type and enum is more convenient than
>> using the numbers directly.
>>
> Mmm, I've thought for a while it would be better to have this
> be an enum, but never g
On 8 July 2014 17:08, Leon Alrae wrote:
> I intentionally skipped this here to focus this patchset on the new
> features only. I also think that eventually we will have to update the
> prototypes and go through all the targets.
Yeah, that's reasonable. If you make this a typedef then we
can updat
Hi,
Am 08.07.2014 17:24, schrieb Anshul Makkar:
> In our data center we are using qemu 1.0/ 1.2 and we need to do a live
> migration to qemu 2.0.
>
> One of the main hindrance that we are facing is that QEMU 1.0 uses old
> PC model so if a user using Windows on the VM running on QEMU 1.0 does
> a
On 8 July 2014 17:13, Al Viro wrote:
> On Tue, Jul 08, 2014 at 09:05:10AM +0100, Peter Maydell wrote:
>
>> The code we have currently may well be buggy, but the correct
>
> It is ;-/ We set TARGET_FPE_FLTINV unconditionally there. BTW, what's
> the reason why all these cpu_loop() instances can't
On 08/07/14 11:09, Christian Borntraeger wrote:
> On 08/07/14 09:43, Ming Lei wrote:
>> On Tue, Jul 8, 2014 at 3:19 PM, Christian Borntraeger
>> wrote:
>>> Ping.
>>>
>>> has anyone seen a similar hang on x86?
>
> The problem seems to be, that for managedsave, we do a VM stop before we call
> the
Hi Peter,
This is my latest bugfix queue for ppc for the 2.1 release. Please pull.
Alex
The following changes since commit 128f0e66149afb2dfc325dfd183aac345f417763:
Merge remote-tracking branch 'remotes/afaerber/tags/prep-for-2.1' into
staging (2014-07-07 19:06:55 +0100)
are available in
In Revision 3 of the architecture, the RI and XI bits were added to the TLB
to enable more secure access of memory pages. These bits (along with the Dirty
bit) allow the implementation of read-only, write-only, no-execute access
policies for mapped pages.
Signed-off-by: Leon Alrae
---
target-mip
From: Richard Henderson
The bswap that's needed for system mode isn't required for
user mode, and in fact breaks debugging.
Signed-off-by: Richard Henderson
[agraf: fix apple gdbstub implementation]
Signed-off-by: Alexander Graf
---
target-ppc/gdbstub.c | 34 +++---
From: Cole Robinson
Signed-off-by: Cole Robinson
Signed-off-by: Alexander Graf
---
Makefile | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/Makefile b/Makefile
index 1eea0c4..d6b9dc1 100644
--- a/Makefile
+++ b/Makefile
@@ -344,7 +344,8 @@ multiboot.bin linuxboot.bin kvmv
From: "Michael S. Tsirkin"
CVE-2013-4149 QEMU 1.3.0 out-of-bounds buffer write in
virtio_net_load()@hw/net/virtio-net.c
> } else if (n->mac_table.in_use) {
> uint8_t *buf = g_malloc0(n->mac_table.in_use);
We are allocating buffer of size n->mac_table.in_use
> qe
From: Peter Crosthwaite
The smlald (and probably smlsld) instruction was doing incorrect sign
extensions of the operands amongst 64bit result calculation. The
instruction psuedo-code is:
operand2 = if m_swap then ROR(R[m],16) else R[m];
product1 = SInt(R[n]<15:0>) * SInt(operand2<15:0>);
prod
From: David Hildenbrand
This patch creates empty function stubs (used by the gdbserver) in preparation
for the hw debugging support by kvm on s390, which will enable the
__KVM_HAVE_GUEST_DEBUG define in the linux headers and require these methods on
the qemu side.
Signed-off-by: David Hildenbran
From: Stefan Hajnoczi
The mirror blockjob coroutine rate-limits itself by sleeping. The
coroutine also performs I/O asynchronously so it's important that the
aio callback doesn't wake the coroutine early as that breaks
rate-limiting.
Reported-by: Joaquim Barrera
Signed-off-by: Stefan Hajnoczi
From: "Michael S. Tsirkin"
CVE-2013-4150 QEMU 1.5.0 out-of-bounds buffer write in
virtio_net_load()@hw/net/virtio-net.c
This code is in hw/net/virtio-net.c:
if (n->max_queues > 1) {
if (n->max_queues != qemu_get_be16(f)) {
error_report("virtio-net: different max_queues "
From: Thomas Huth
With the EDAT-1 facility, the MMU translation can stop at the
segment table already, pointing to a 1 MB block. And while we're
at it, move the page table entry handling to a separate function,
too, as suggested by Alexander Graf.
Acked-by: Alexander Graf
Signed-off-by: Thomas
From: "Edgar E. Iglesias"
Signed-off-by: Edgar E. Iglesias
Reviewed-by: Alex Bennée
Message-id: 1398926097-28097-2-git-send-email-edgar.igles...@gmail.com
Signed-off-by: Peter Maydell
(cherry picked from commit fed3ffb9f157f33bc9b2b1c3ef68e710ee6b7b4b)
Conflicts:
target-arm/helper.c
From: Dmitry Fleytman
CVE-2013-4544
Signed-off-by: Dmitry Fleytman
Reported-by: Michael S. Tsirkin
Signed-off-by: Michael S. Tsirkin
Reviewed-by: Dr. David Alan Gilbert
Message-id: 1396604722-11902-3-git-send-email-dmi...@daynix.com
Signed-off-by: Peter Maydell
(cherry picked from commit 98
From: Dmitry Fleytman
CVE-2013-4544
Signed-off-by: Dmitry Fleytman
Reported-by: Michael S. Tsirkin
Signed-off-by: Michael S. Tsirkin
Reviewed-by: Dr. David Alan Gilbert
Message-id: 1396604722-11902-4-git-send-email-dmi...@daynix.com
Signed-off-by: Peter Maydell
(cherry picked from commit 3c
From: Stefan Hajnoczi
The following integer overflow in offsets_size can lead to out-of-bounds
memory stores when n_blocks has a huge value:
uint32_t n_blocks, offsets_size;
[...]
ret = bdrv_pread(bs->file, 128 + 4, &s->n_blocks, 4);
[...]
s->n_blocks = be32_to_cpu(s->n_block
From: Markus Armbruster
VncTight member uint8_t quality is either (uint8_t)-1 for lossless or
less than 10 for lossy.
tight_detect_smooth_image() first promotes it to int, then compares
with -1. Always unequal, so we always execute the lossy code. Reads
beyond tight_conf[] and returns crap whe
From: Peter Maydell
A gcc codegen bug in x86_64-w64-mingw32-gcc (GCC) 4.6.3 means that
non-debug builds of QEMU for Windows tend to assert when using
coroutines. Work around this by marking qemu_coroutine_switch
as noinline.
If we allow gcc to inline qemu_coroutine_switch into
coroutine_trampoli
In the GTK UI, after changing focus to the qemu monitor Notebook Page,
when restoring focus to the virtual machine page, the keyboard focus is lost
to a hidden GTK widget. Focus can only be restored to the virtual machine by
pressing "tab" or any of the four directional arrow keys.
Clicking in the
From: Kevin Wolf
This fixes two possible division by zero crashes: In bochs_open() and in
seek_to_sector().
Signed-off-by: Kevin Wolf
Reviewed-by: Stefan Hajnoczi
Reviewed-by: Max Reitz
Signed-off-by: Stefan Hajnoczi
(cherry picked from commit 8e53abbc20d08ae3ec30c2054e1161314ad9501d)
Signed
From: Peter Lieven
the retry logic was broken because the complete status
of the task structure was not reset. this resulted in
an infinite loop retrying the command over and over.
CC: qemu-sta...@nongnu.org
Signed-off-by: Peter Lieven
Signed-off-by: Paolo Bonzini
(cherry picked from commit 83
From: Markus Armbruster
bs_opts is leaked on all paths from its qdev_new() that don't got
through blockdev_init(). Add the missing QDECREF(), and zap bs_opts
after blockdev_init(), so the new QDECREF() does nothing when we go
through blockdev_init().
Leak introduced in commit f298d07. Spotted
From: Kevin Wolf
bs->total_sectors is not the highest possible sector number that could
be involved in a copy on write operation: VM state is after the end of
the virtual disk. This resulted in wrong values for the number of
sectors to be copied (n).
The code that checks for the end of the image
From: Le Tan
In function do_pci_register_device() in file hw/pci/pci.c, move the assignment
of pci_dev->devfn to the position before the call to
pci_device_iommu_address_space(pci_dev) which will use the value of
pci_dev->devfn.
Fixes: 9eda7d373e9c691c070eddcbe3467b991f67f6bd
pci: Introduce
1 - 100 of 154 matches
Mail list logo
