On Mon, 22 Jun 2020 16:27:28 +0200
Christian Borntraeger wrote:
> On 19.06.20 04:05, David Gibson wrote:
> > A number of hardware platforms are implementing mechanisms whereby the
> > hypervisor does not have unfettered access to guest memory, in order
> > to mitigate the security impact of a com
On 23.06.20 14:55, Peter Maydell wrote:
> On Mon, 22 Jun 2020 at 16:11, Max Reitz wrote:
>>
>> The following changes since commit bae31bfa48b9caecee25da3d5333901a126a06b4:
>>
>> Merge remote-tracking branch
>> 'remotes/kraxel/tags/audio-20200619-pull-request' into staging (2020-06-19
>> 22:56:
On 23/06/2020 18.18, Paolo Bonzini wrote:
The memory region ops have min_access_size == 4 so obey it.
Signed-off-by: Paolo Bonzini
---
tests/qtest/usb-hcd-ehci-test.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/tests/qtest/usb-hcd-ehci-test.c b/tests/qtest/usb-hcd-ehc
On 23/06/2020 18.18, Paolo Bonzini wrote:
The memory region ops have min_access_size == 4 so obey it.
Signed-off-by: Paolo Bonzini
---
tests/qtest/libqos/pci-pc.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/tests/qtest/libqos/pci-pc.c b/tests/qtest/libqos/pci-pc.c
ind
On 18/06/2020 18.05, Alexander Bulekov wrote:
The qtest_enabled check introduced in d6919e4 always returns false, as
it is called prior to configure_accelerators(). Instead of trying to
skip rcu_disable_atfork in qemu_main, simply call rcu_enable_atfork in
the fuzzer, after qemu_main returns.
Re
On 22/06/2020 18.50, Alexander Bulekov wrote:
We used shm_open with mmap to share libfuzzer's coverage bitmap with
child (runner) processes. The same functionality can be achieved with
MAP_SHARED | MAP_ANONYMOUS, since we do not care about naming or
permissioning the shared memory object.
Signed
The component entries written by zipl contain short PSWs, not
addresses. Let's mask them and only pass the address part to
jump_to_IPL_code(uint64_t address) because it expects an address as
visible by the name of the argument.
Signed-off-by: Janosch Frank
---
pc-bios/s390-ccw/bootmap.c | 5 +++-
They are definitely helper functions.
Signed-off-by: Janosch Frank
Reviewed-by: Christian Borntraeger
Reviewed-by: Thomas Huth
Reviewed-by: David Hildenbrand
---
pc-bios/s390-ccw/helper.h | 17 +
pc-bios/s390-ccw/s390-ccw.h| 18 --
pc-bios/s390-ccw/vir
Let's consolidate timing related functions into one header.
Signed-off-by: Janosch Frank
Acked-by: Thomas Huth
---
pc-bios/s390-ccw/menu.c| 1 +
pc-bios/s390-ccw/netmain.c | 15 +++
pc-bios/s390-ccw/s390-ccw.h| 8
pc-bios/s390-ccw/s390-time.h | 23 ++
The bios is in dire need for a cleanup as there are still a lot of
magic constants being used throughout as well as duplicated code.
In the first part of this series we consolidate constants and
functions, as well as doing some minor cleanups and fixes.
The patches are available here:
https://git
Let's move some of the PSW mask defines into s390-arch.h and use them
in jump2ipl.c. Also let's introduce a new constant for the address
mask of 8 byte (short) PSWs.
Signed-off-by: Janosch Frank
Reviewed-by: David Hildenbrand
---
pc-bios/s390-ccw/jump2ipl.c | 10 --
pc-bios/s390-ccw/s3
Let's initialize the structs at the beginning to ease reading and also
zeroing all other fields. This also makes the compiler stop
complaining about sense_id_ccw.flags being ored into when it's not
initialized.
Signed-off-by: Janosch Frank
Reviewed-by: Pierre Morel
Reviewed-by: Thomas Huth
Revi
On Fri, Jun 19, 2020 at 01:16:38PM +0100, Daniel P. Berrangé wrote:
> On Fri, Jun 19, 2020 at 07:47:20AM -0400, Michael S. Tsirkin wrote:
> > On Fri, Jun 19, 2020 at 07:46:14AM -0400, Michael S. Tsirkin wrote:
> > > On Fri, Jun 19, 2020 at 11:12:45AM +0100, Daniel P. Berrang̮̩ wrote:
> > > >
This constant enables 64 bit addressing, not the ESAME architecture,
so it shouldn't be named ZMODE.
Signed-off-by: Janosch Frank
---
pc-bios/s390-ccw/s390-arch.h | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/pc-bios/s390-ccw/s390-arch.h b/pc-bios/s390-ccw/s390-arch.h
index
If we have a lowcore struct that has members for offsets that we want
to touch, why not use it?
Signed-off-by: Janosch Frank
Reviewed-by: David Hildenbrand
---
pc-bios/s390-ccw/cio.h | 17 +++--
pc-bios/s390-ccw/main.c | 8 +++-
2 files changed, 14 insertions(+), 11 deletions(
jump_to_low_kernel() and the functions that it calls will already or
64 bit addressing into the reset psw mask when executing
jump_to_IPL_2() after the diag308 subcode 1.
The kernel proper is then branched to rather than doing a full PSW
change.
Signed-off-by: Janosch Frank
---
pc-bios/s390-ccw
jump_to_IPL_code takes a 64 bit address, masks it with the short psw
address mask and later branches to it using a full 64 bit register.
* As the masking is not necessary, let's remove it
* Without the mask we can save the ipl address to a static 64 bit
function ptr as we later branch to it
* Le
panic() was defined for the ccw and net bios, i.e. twice, so it's
cleaner to rather put it into the header.
Also let's add an infinite loop into the assembly of disabled_wait() so
the caller doesn't need to take care of it.
Signed-off-by: Janosch Frank
Reviewed-by: Pierre Morel
Reviewed-by: Dav
Let's make it a bit more clear that we check the full 64 bits to fit
into the 32 we return.
Signed-off-by: Janosch Frank
Suggested-by: David Hildenbrand
Reviewed-by: David Hildenbrand
Reviewed-by: Thomas Huth
---
pc-bios/s390-ccw/helper.h | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
Why should we do conversion of a ebcdic value if we have a handy table
where we could look up the ascii value instead?
Signed-off-by: Janosch Frank
Reviewed-by: David Hildenbrand
Reviewed-by: Thomas Huth
---
pc-bios/s390-ccw/bootmap.c | 4 +---
1 file changed, 1 insertion(+), 3 deletions(-)
d
On 24/06/20 09:47, Thomas Huth wrote:
>>
>> {
>> /* hands over all ports from companion uhci to ehci */
>> - qpci_io_writew(ehci1.dev, ehci1.bar, 0x60, 1);
>> + qpci_io_writel(ehci1.dev, ehci1.bar, 0x60, 1);
>> }
>> static void pci_uhci_port_2(void)
>
> Passes "make check-qtest
On 24/06/20 09:46, Thomas Huth wrote:
> On 23/06/2020 18.18, Paolo Bonzini wrote:
>> The memory region ops have min_access_size == 4 so obey it.
>>
>> Signed-off-by: Paolo Bonzini
>> ---
>> tests/qtest/libqos/pci-pc.c | 2 +-
>> 1 file changed, 1 insertion(+), 1 deletion(-)
>>
>> diff --git a/t
Patchew URL:
https://patchew.org/QEMU/20200624075226.92728-1-fran...@linux.ibm.com/
Hi,
This series seems to have some coding style problems. See output below for
more information:
Subject: [PATCH v5 00/12] pc-bios: s390x: Cleanup part 1
Type: series
Message-id: 20200624075226.92728-1-fran...
Auger Eric writes:
> Hi Markus,
>
> On 6/23/20 5:13 PM, Markus Armbruster wrote:
>> Eric Auger writes:
>>
>>> Introduce a new property defining a reserved region:
>>> ::.
>>>
>>> This will be used to encode reserved IOVA regions.
>>>
>>> For instance, in virtio-iommu use case, reserved IOVA reg
The following changes since commit d88d5a3806d78dcfca648c62dae9d88d3e803bd2:
Merge remote-tracking branch 'remotes/philmd-gitlab/tags/renesas-hw-20200622'
into staging (2020-06-23 13:55:52 +0100)
are available in the Git repository at:
https://github.com/XanClic/qemu.git tags/pull-block-202
From: Vladimir Sementsov-Ogievskiy
820c6bee534ec3b added testing of qcow2.py into 291, and it breaks 291
with external data file. Actually, 291 is bad place for qcow2.py
testing, better add a separate test.
For now, drop qcow2.py testing from 291 to fix the regression.
Fixes: 820c6bee534ec3b
Re
From: Philippe Mathieu-Daudé
Commit 96927c744 replaced qdev_init_nofail() call by
isa_realize_and_unref() which has a different error
message. Update the test output accordingly.
Gitlab CI error after merging b77b5b3dc7:
https://gitlab.com/qemu-project/qemu/-/jobs/597414772#L4375
Reported-by: T
Eric Auger writes:
> object_property_add() does not allow object_property_try_add()
> to gracefully fail as &error_abort is passed as an error handle.
>
> However such failure can easily be triggered from the QMP shell when,
> for instance, one attempts to create an object with an id that already
On Mon, Jun 22, 2020 at 03:19:34PM +0200, David Brenken wrote:
> From: Andreas Konopik
> +const MemmapEntry tc27x_soc_memmap[] = {
> +[TC27XD_DSPR2] = { 0x5000, 0x1E000 },
> +[TC27XD_DCACHE2] = { 0x5001E000,0x2000 },
> +[TC27XD_DTAG2] = { 0x500C, 0xC00 },
T
Gerd Hoffmann writes:
> On Tue, Jun 23, 2020 at 11:51:09PM -0400, John Snow wrote:
>> I never knew what this option did, but the answer is ... strange!
>>
>> It's only defined for linux, in os-posix.c. When called, it calls
>> fips_set_state(true), located in osdep.c.
>>
>> This will read /proc
Signed-off-by: Christophe de Dinechin
---
configure | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/configure b/configure
index ba88fd1824..c7a6a5adfe 100755
--- a/configure
+++ b/configure
@@ -1787,7 +1787,7 @@ Advanced options (experts only):
--block-drv-ro-whitelist=L
On 24/06/20 01:01, Eduardo Habkost wrote:
> QEMU incorrectly validates FEAT_SVM feature flags against
> GET_SUPPORTED_CPUID even if SVM features are being masked out by
> cpu_x86_cpuid(). This can make QEMU print warnings on most AMD
> CPU models, even when SVM nesting is disabled (which is the
>
test_file_monitor_events() leaks an Error object when
qemu_file_monitor_add_watch() fails, which seems unlikely. Plug it.
Cc: Daniel P. Berrangé
Signed-off-by: Markus Armbruster
---
tests/test-util-filemonitor.c | 1 +
1 file changed, 1 insertion(+)
diff --git a/tests/test-util-filemonitor.c
spapr_machine_init() leaks an Error object when
kvmppc_check_papr_resize_hpt() fails and spapr->resize_hpt is
SPAPR_RESIZE_HPT_DISABLED, i.e. when the host doesn't support hash
page table resizing, and the user didn't ask for it. As harmless as
memory leaks can possibly be. Plug it.
Fixes: 30f4b
This series addresses a number of error handling issues I found while
working on error handling improvements. It's based on my "[PULL
00/16] Qdev patches for 2020-06-23" merged into current master.
Based-on: <20200623142326.2349416-1-arm...@redhat.com>
v2:
* PATCH 04: Two more instances, in test
The Error ** argument must be NULL, &error_abort, &error_fatal, or a
pointer to a variable containing NULL. Passing an argument of the
latter kind twice without clearing it in between is wrong: if the
first call sets an error, it no longer points to NULL for the second
call.
x86_cpu_new() is wron
qbus_set_hotplug_handler() is a simple wrapper around
object_property_set_link().
object_property_set_link() fails when the property doesn't exist, is
not settable, or its .check() method fails. These are all programming
errors here, so passing &error_abort to qbus_set_hotplug_handler() is
approp
Replace
sysbus_realize(SYS_BUS_DEVICE(&s->spi[i]), &local_err);
error_propagate(&err, local_err);
if (err) {
error_propagate(errp, err);
return;
}
by
sysbus_realize(SYS_BUS_DEVICE(&s->spi[i]), &err);
if (err) {
e
Replace
g_assert(err != NULL);
error_free(err);
err = NULL;
and variations thereof by
error_free_or_abort(&err);
Signed-off-by: Markus Armbruster
---
tests/check-block-qdict.c | 24 ++--
tests/check-qom-proplist.c | 7 ++-
tests/test-base64.c
transfer_memory_block() leaks an Error object when reading file
/sys/devices/system/memory/memory/state fails with errno other
than ENOENT, and @sys2memblk is false, i.e. when the state file exists
but cannot be read (seems quite unlikely), and this is
guest-set-memory-blocks, not guest-get-memory-
Receiving the error in a local variable only to free it is less clear
(and also less efficient) than passing NULL. Clean up.
Cc: Daniel P. Berrange
Cc: Jerome Forissier
CC: Greg Kurz
Signed-off-by: Markus Armbruster
---
chardev/char-socket.c | 6 ++
hw/9pfs/9p.c | 6 ++
hw/a
The Error ** argument must be NULL, &error_abort, &error_fatal, or a
pointer to a variable containing NULL. Passing an argument of the
latter kind twice without clearing it in between is wrong: if the
first call sets an error, it no longer points to NULL for the second
call.
sifive_u_soc_realize(
error_report_err() frees its first argument. Freeing it again is
wrong. Don't.
Fixes: 47287c27d0c367a89f7b2851e23a7f8b2d499dd6
Cc: Gerd Hoffmann
Cc: Daniel P. Berrangé
Cc: qemu-sta...@nongnu.org
Signed-off-by: Markus Armbruster
---
hw/usb/dev-mtp.c | 2 --
1 file changed, 2 deletions(-)
dif
Receiving the error in a local variable only to assert there is none
is less clear than passing &error_abort. Clean up.
Signed-off-by: Markus Armbruster
Reviewed-by: Thomas Huth
---
tests/check-qobject.c | 5 +-
tests/check-qom-proplist.c | 7 +-
tests/test-logging.c
milkymist_memcard_realize() leaks an Error object when realization of
its "sd-card" device fails. Quite harmless, since we only ever
realize this once, in milkymist_init() via milkymist_memcard_create().
Plug the leak.
Fixes: 3d0369ba499866cc6a839f71212d97876500762d
Cc: Philippe Mathieu-Daudé
C
Commit 150ab54aa6 "net/virtio: fix re-plugging of primary device"
fixed failover_replug_primary() to return false on failure. Commit
5a0948d36c "net/virtio: Fix failover error handling crash bugs" broke
it again for hotplug_handler_plug() failure. Unbreak it.
Commit 5a0948d36c4cbc1c5534afac6fee9
The Error ** argument must be NULL, &error_abort, &error_fatal, or a
pointer to a variable containing NULL. Passing an argument of the
latter kind twice without clearing it in between is wrong: if the
first call sets an error, it no longer points to NULL for the second
call.
stm32f205_soc_realize
All callers pass &error_abort. Drop the parameter.
Cc: Paolo Bonzini
Cc: "Daniel P. Berrangé"
Cc: Eduardo Habkost
Signed-off-by: Markus Armbruster
---
include/hw/qdev-core.h | 2 +-
hw/core/bus.c | 4 ++--
hw/scsi/scsi-bus.c | 2 +-
hw/usb/bus.c| 2
The Error ** argument must be NULL, &error_abort, &error_fatal, or a
pointer to a variable containing NULL. Passing an argument of the
latter kind twice without clearing it in between is wrong: if the
first call sets an error, it no longer points to NULL for the second
call.
bcm2835_peripherals_r
The Error ** argument must be NULL, &error_abort, &error_fatal, or a
pointer to a variable containing NULL. Passing an argument of the
latter kind twice without clearing it in between is wrong: if the
first call sets an error, it no longer points to NULL for the second
call.
riscv_harts_realize()
Please ignore. The =B appears intentional, even if it offsets the whole help
text.
Maybe replace with =L to indicate a list is expected?
> On 24 Jun 2020, at 10:33, Christophe de Dinechin wrote:
>
> Signed-off-by: Christophe de Dinechin
> ---
> configure | 2 +-
> 1 file changed, 1 insertion(+
vnc_display_print_local_addr() leaks the Error object when
qio_channel_socket_get_local_address() fails. Seems unlikely. Called
when we create a VNC display with vnc_display_open(). Plug the leak
by passing NULL to ignore the error.
Cc: Daniel P. Berrange
Cc: Gerd Hoffmann
Signed-off-by: Mark
Cc: Jens Freimann
Cc: Michael S. Tsirkin
Cc: Marcel Apfelbaum
Signed-off-by: Markus Armbruster
Reviewed-by: Jens Freimann
---
hw/pci/pci.c | 3 ---
1 file changed, 3 deletions(-)
diff --git a/hw/pci/pci.c b/hw/pci/pci.c
index b22dedc88c..de0fae10ab 100644
--- a/hw/pci/pci.c
+++ b/hw/pci/pci.
The Error ** argument must be NULL, &error_abort, &error_fatal, or a
pointer to a variable containing NULL. Passing an argument of the
latter kind twice without clearing it in between is wrong: if the
first call sets an error, it no longer points to NULL for the second
call.
mips_cps_realize() is
The Error ** argument must be NULL, &error_abort, &error_fatal, or a
pointer to a variable containing NULL. Passing an argument of the
latter kind twice without clearing it in between is wrong: if the
first call sets an error, it no longer points to NULL for the second
call.
aspeed_soc_ast2600_re
The Error ** argument must be NULL, &error_abort, &error_fatal, or a
pointer to a variable containing NULL. Passing an argument of the
latter kind twice without clearing it in between is wrong: if the
first call sets an error, it no longer points to NULL for the second
call.
armsse_realize() is w
The Error ** argument must be NULL, &error_abort, &error_fatal, or a
pointer to a variable containing NULL. Passing an argument of the
latter kind twice without clearing it in between is wrong: if the
first call sets an error, it no longer points to NULL for the second
call.
amdvi_realize() is wr
The Error ** argument must be NULL, &error_abort, &error_fatal, or a
pointer to a variable containing NULL. Passing an argument of the
latter kind twice without clearing it in between is wrong: if the
first call sets an error, it no longer points to NULL for the second
call.
virtio_gpu_pci_base_r
object_property_set_link() fails when the property doesn't exist, is
not settable, or its .check() method fails. These are all programming
errors here, so passing it &error_abort is appropriate.
Cc: Peter Maydell
Cc: "Cédric Le Goater"
Cc: Andrew Jeffery
Cc: Joel Stanley
Cc: qemu-...@nongnu.o
Hi Markus,
On 6/24/20 10:10 AM, Markus Armbruster wrote:
> Auger Eric writes:
>
>> Hi Markus,
>>
>> On 6/23/20 5:13 PM, Markus Armbruster wrote:
>>> Eric Auger writes:
>>>
Introduce a new property defining a reserved region:
::.
This will be used to encode reserved IOVA regi
Hi Markus,
On 6/24/20 10:22 AM, Markus Armbruster wrote:
> Eric Auger writes:
>
>> object_property_add() does not allow object_property_try_add()
>> to gracefully fail as &error_abort is passed as an error handle.
>>
>> However such failure can easily be triggered from the QMP shell when,
>> for
On Sun, 21 Jun 2020 01:51:20 +0530
Kirti Wankhede wrote:
> Added helper functions to get IOMMU info capability chain.
> Added function to get migration capability information from that
> capability chain for IOMMU container.
>
> Similar change was proposed earlier:
> https://lists.gnu.org/archiv
On Wed, Jun 24, 2020 at 10:22:14AM +0200, Markus Armbruster wrote:
> Eric Auger writes:
>
> > object_property_add() does not allow object_property_try_add()
> > to gracefully fail as &error_abort is passed as an error handle.
> >
> > However such failure can easily be triggered from the QMP shell
On Wed, Jun 24, 2020 at 08:49:54AM +0200, Gerd Hoffmann wrote:
> On Tue, Jun 23, 2020 at 11:51:09PM -0400, John Snow wrote:
> > I never knew what this option did, but the answer is ... strange!
> >
> > It's only defined for linux, in os-posix.c. When called, it calls
> > fips_set_state(true), loca
On Wed, Jun 24, 2020 at 10:33:37AM +0200, Christophe de Dinechin wrote:
> Signed-off-by: Christophe de Dinechin
> ---
> configure | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/configure b/configure
> index ba88fd1824..c7a6a5adfe 100755
> --- a/configure
> +++ b/configu
On Wed, 24 Jun 2020 10:37:15 +0200
Markus Armbruster wrote:
> Receiving the error in a local variable only to free it is less clear
> (and also less efficient) than passing NULL. Clean up.
>
> Cc: Daniel P. Berrange
> Cc: Jerome Forissier
> CC: Greg Kurz
> Signed-off-by: Markus Armbruster
>
On Wed, 24 Jun 2020 10:37:19 +0200
Markus Armbruster wrote:
> spapr_machine_init() leaks an Error object when
> kvmppc_check_papr_resize_hpt() fails and spapr->resize_hpt is
> SPAPR_RESIZE_HPT_DISABLED, i.e. when the host doesn't support hash
> page table resizing, and the user didn't ask for it.
On Tue, Jun 23, 2020 at 11:51:09PM -0400, John Snow wrote:
> I never knew what this option did, but the answer is ... strange!
>
> It's only defined for linux, in os-posix.c. When called, it calls
> fips_set_state(true), located in osdep.c.
>
> This will read /proc/sys/crypto/fips_enabled and set
On 24/06/2020 09.27, Max Reitz wrote:
On 23.06.20 14:55, Peter Maydell wrote:
On Mon, 22 Jun 2020 at 16:11, Max Reitz wrote:
The following changes since commit bae31bfa48b9caecee25da3d5333901a126a06b4:
Merge remote-tracking branch
'remotes/kraxel/tags/audio-20200619-pull-request' into st
On 6/24/20 10:59 AM, Daniel P. Berrangé wrote:
> On Wed, Jun 24, 2020 at 10:33:37AM +0200, Christophe de Dinechin wrote:
>> Signed-off-by: Christophe de Dinechin
>> ---
>> configure | 2 +-
>> 1 file changed, 1 insertion(+), 1 deletion(-)
>>
>> diff --git a/configure b/configure
>> index ba88fd18
> I think you made a wrong assumption here. "-display" is
> about the GUI backend that should be used. "-M" is about
> the emulated hardware. The emulated hardware options
> should never influence the host backend options.
Aright. What confuses me is having serial0/parallel0 chardevs
initialized w
On 6/24/20 8:33 AM, Paolo Bonzini wrote:
> On 23/06/20 22:07, Eric Blake wrote:
>>>
>>> uint64_t baud = ((value & UART_CTRL_NCO) >> 16);
>>> baud *= 1000;
>>> - baud /= 2 ^ 20;
>>> + baud >>= 20;
>>
>> Dividing by 1M instead of 22 seems much more log
On Tue, Jun 23, 2020 at 5:43 PM Jason Wang wrote:
>
>
> On 2020/6/23 下午5:16, Cindy Lu wrote:
> > On Tue, Jun 23, 2020 at 3:07 PM Markus Armbruster wrote:
> >> Cindy Lu writes:
> >>
> >>> vDPA device is a device that uses a datapath which complies with the
> >>> virtio specifications with vendor
On 6/11/20 7:56 AM, Alexander Bulekov wrote:
> Signed-off-by: Alexander Bulekov
> ---
> exec.c| 17 -
> include/exec/memory.h | 8
> include/exec/memory_ldst_cached.inc.h | 9 +
> include/sysemu/dma.h
The err is freed in check_report_connect_error() conditionally,
calling error_free() directly may lead to a double-free bug.
Signed-off-by: Derek Su
---
chardev/char-socket.c | 6 +-
1 file changed, 5 insertions(+), 1 deletion(-)
diff --git a/chardev/char-socket.c b/chardev/char-socket.c
in
QEMU currently only has ASCII Kconfig files but Linux actually uses
UTF-8. Explicitly specify the encoding and that we're doing text file
I/O.
It's unclear whether or not QEMU will ever need Unicode in its Kconfig
files. If we start using the help text then it will become an issue
sooner or later.
The following changes since commit 171199f56f5f9bdf1e5d670d09ef1351d8f01bae:
Merge remote-tracking branch
'remotes/alistair/tags/pull-riscv-to-apply-20200619-3' into staging (2020-06-22
14:45:25 +0100)
are available in the Git repository at:
https://github.com/stefanha/qemu.git tags/block-
From: Daniele Buono
Current implementation of LLVM's SafeStack is not compatible with
code that uses an alternate stack created with sigaltstack().
Since coroutine-sigaltstack relies on sigaltstack(), it is not
compatible with SafeStack. The resulting binary is incorrect, with
different coroutine
A lot of CPU time is spent simply locking/unlocking q->lock during
polling. Check for completion outside the lock to make q->lock disappear
from the profile.
Signed-off-by: Stefan Hajnoczi
Reviewed-by: Sergio Lopez
Message-id: 20200617132201.1832152-2-stefa...@redhat.com
Signed-off-by: Stefan Ha
nvme_process_completion() explicitly checks cid so the assertion that
follows is always true:
if (cid == 0 || cid > NVME_QUEUE_SIZE) {
...
continue;
}
assert(cid <= NVME_QUEUE_SIZE);
Signed-off-by: Stefan Hajnoczi
Reviewed-by: Sergio Lopez
Reviewed-by: Philippe Mathieu-Daudé
From: Daniele Buono
LLVM's SafeStack instrumentation does not yet support programs that make
use of the APIs in ucontext.h
With the current implementation of coroutine-ucontext, the resulting
binary is incorrect, with different coroutines sharing the same unsafe
stack and producing undefined beha
From: Daniele Buono
This patch adds a flag to enable/disable the SafeStack instrumentation
provided by LLVM.
On enable, make sure that the compiler supports the flags, and that we
are using the proper coroutine implementation (coroutine-ucontext).
On disable, explicitly disable the option if it
Existing users access free_req_queue under q->lock. Document this.
Signed-off-by: Stefan Hajnoczi
Reviewed-by: Sergio Lopez
Reviewed-by: Philippe Mathieu-Daudé
Message-id: 20200617132201.1832152-6-stefa...@redhat.com
Signed-off-by: Stefan Hajnoczi
---
block/nvme.c | 2 +-
1 file changed, 1 in
From: Daniele Buono
SafeStack is a stack protection technique implemented in llvm. It is
enabled with a -fsanitize flag.
iotests are currently disabled when any -fsanitize option is used,
because such options tend to produce additional warnings and false
positives.
While common -fsanitize option
Do not access a CQE after incrementing q->cq.head and releasing q->lock.
It is unlikely that this causes problems in practice but it's a latent
bug.
The reason why it should be safe at the moment is that completion
processing is not re-entrant and the CQ doorbell isn't written until the
end of nvm
QEMU block drivers are supposed to support aio_poll() from I/O
completion callback functions. This means completion processing must be
re-entrant.
The standard approach is to schedule a BH during completion processing
and cancel it at the end of processing. If aio_poll() is invoked by a
callback f
Passing around both BDRVNVMeState and NVMeQueuePair is unwieldy. Reduce
the number of function arguments by keeping the BDRVNVMeState pointer in
NVMeQueuePair. This will come in handly when a BH is introduced in a
later patch and only one argument can be passed to it.
Signed-off-by: Stefan Hajnocz
There are three issues with the current NVMeRequest->busy field:
1. The busy field is accidentally accessed outside q->lock when request
submission fails.
2. Waiters on free_req_queue are not woken when a request is returned
early due to submission failure.
2. Finding a free request involves
Cleber are you OK with this?
On 6/5/20 6:37 PM, Philippe Mathieu-Daudé wrote:
> Add an entry in 'Python scripts' to cover the requirements.txt
> file added in commit 213137217a6 (this file contains a list of
> Python packages used by our test suite).
>
> Signed-off-by: Philippe Mathieu-Daudé
> -
On 6/24/20 12:00 PM, Derek Su wrote:
> The err is freed in check_report_connect_error() conditionally,
> calling error_free() directly may lead to a double-free bug.
This seems the same issue Lichun is working on, right?
https://www.mail-archive.com/qemu-devel@nongnu.org/msg714709.html
>
> Signe
Oops! Sorry, I dont’t notice this patch before.
Thanks.
Derek
Philippe Mathieu-Daudé 於 2020年6月24日 週三,下午6:12寫道:
> On 6/24/20 12:00 PM, Derek Su wrote:
> > The err is freed in check_report_connect_error() conditionally,
> > calling error_free() directly may lead to a double-free bug.
>
> This see
On 6/24/20 7:04 AM, Thomas Huth wrote:
> On 23/06/2020 19.35, Philippe Mathieu-Daudé wrote:
>> On 6/23/20 7:07 PM, Thomas Huth wrote:
>>> On 23/06/2020 17.39, Philippe Mathieu-Daudé wrote:
On 6/23/20 4:56 PM, Michael S. Tsirkin wrote:
> This reverts commit 6d1da867e65f ("tests/migration: R
> -Original Message-
> From: Jason Andryuk
> Sent: 24 June 2020 04:24
> To: Paul Durrant
> Cc: Markus Armbruster ; Mark Cave-Ayland
> ; Anthony
> PERARD ; xen-devel
> ; QEMU de...@nongnu.org>
> Subject: Re: sysbus failed assert for xen_sysdev
>
> On Tue, Jun 23, 2020 at 7:46 AM Paul D
MIPS has two types of KVM: TE & VZ, and TE is the default type. Now we
can't create a VZ guest in QEMU because it lacks the kvm_type() hook in
MachineClass. This patch add the the kvm_type() hook to support both of
the two types.
Reviewed-by: Aleksandar Markovic
Signed-off-by: Huacai Chen
Co-dev
Loongson-3 CPU family include Loongson-3A R1/R2/R3/R4 and Loongson-3B
R1/R2. Loongson-3A R1 is the oldest and its ISA is the smallest, while
Loongson-3A R4 is the newest and its ISA is almost the superset of all
others. To reduce complexity, in QEMU we just define two CPU types:
1, "Loongson-3A100
Add Loongson-3 based machine support, it use liointc as the interrupt
controler and use GPEX as the pci controller. Currently it can only work
with KVM, but we will add TCG support in future.
As the machine model is not based on any exiting physical hardware, the
name of the machine is "loongson3-
On Wed, 24 Jun 2020 03:52:14 -0400
Janosch Frank wrote:
> The bios is in dire need for a cleanup as there are still a lot of
> magic constants being used throughout as well as duplicated code.
>
> In the first part of this series we consolidate constants and
> functions, as well as doing some mi
Add myself as a maintainer of Loongson-3 virtual platform, and also add
Jiaxun Yang as a reviewer.
Signed-off-by: Huacai Chen
Co-developed-by: Jiaxun Yang
---
MAINTAINERS | 7 +++
1 file changed, 7 insertions(+)
diff --git a/MAINTAINERS b/MAINTAINERS
index 51a4570..0226a74 100644
--- a/MAI
On 24/06/2020 12.44, Cornelia Huck wrote:
On Wed, 24 Jun 2020 03:52:14 -0400
Janosch Frank wrote:
The bios is in dire need for a cleanup as there are still a lot of
magic constants being used throughout as well as duplicated code.
In the first part of this series we consolidate constants and
Loongson-3 has an integrated liointc (Local I/O interrupt controller).
It is similar to goldfish interrupt controller, but more powerful (e.g.,
it can route external interrupt to multi-cores).
Documents about Loongson-3's liointc:
1, https://wiki.godson.ac.cn/ip_block:liointc;
2, The "I/O中断" secti
1 - 100 of 510 matches
Mail list logo
