On Thu, Mar 11, 2021 at 02:07:02PM -0600, Eric Blake wrote:
> Not all floating point fractions are precise. For example, the two
> nearest 32-bit IEEE float values for 0.345 are 0.34498808 and
> 0.3452861, with the lower one being closer. When our scaling unit
> is 1000, that in turn can
On Mon, Mar 15, 2021 at 1:13 PM Philippe Mathieu-Daudé
wrote:
> Hi Mahmoud,
>
> On 3/15/21 11:58 AM, Mahmoud Mandour wrote:
> > Replaced a call to malloc() and its respective call to free()
> > with g_malloc() and g_free().
> >
> > g_malloc() is preferred more than g_try_* functions, which
> > re
On Mon, Mar 15, 2021 at 8:21 AM Gerd Hoffmann wrote:
>
> On Sun, Mar 14, 2021 at 01:23:14PM +0100, vit...@cyberhaven.com wrote:
> > From: Vitaly Chipounov
> >
> > This enables higher resolutions.
>
> No. virtio-vga supports higher resolutions just fine once the guest
> driver is loaded. The vid
On 07/03/21 23:26, Philippe Mathieu-Daudé wrote:
TYPE_PFLASH_CFI01 is a TYPE_SYS_BUS_DEVICE which registers its romd
MemoryRegion with sysbus_init_mmio(), so we can use the generic
sysbus_mmio_get_region() to get the region, no need for a specific
pflash_cfi01_get_memory() helper.
First replace
On 3/13/21 3:48 PM, Richard Henderson wrote:
> On 3/11/21 2:07 PM, Eric Blake wrote:
>> + /*
>> + * Add in a fudge-factor (2^53 when double is IEEE format) for
>> + * all scales less than P (2^50), so that things like
>> + * 12.345M with unit 1000 produce 12345000 ins
On 15/03/2021 11.13, mreza...@redhat.com wrote:
From: Miroslav Rezanina
When declaring g_autofree variable without inicialization, compiler
will raise "may be used uninitialized in this function" warning due
to automatic free handling.
This is mentioned in docs/devel/style.rst (quote from sect
Am 13.03.2021 um 14:40 hat Markus Armbruster geschrieben:
> Markus Armbruster writes:
>
> > Paolo Bonzini writes:
> >
> >> On 11/03/21 15:08, Markus Armbruster wrote:
> I would rather keep the OptsVisitor here. Do the same check for JSON
> syntax that you have in qobject_input_visitor
Nitpick, use 'hw/char' in the subject, as I mistakenly thought
this was touching the char/ backend initially.
On Thu, Mar 11, 2021 at 10:09:30PM +0100, Laurent Vivier wrote:
> Implement the goldfish tty device as defined in
>
> https://android.googlesource.com/platform/external/qemu/+/master/doc
On 3/14/21 6:48 PM, Richard Henderson wrote:
> Use fma to simulatneously scale and round up fraction.
>
> The libm function will always return a properly rounded double precision
> value, which will eliminate any extra precision the x87 co-processor may
> give us, which will keep the output predic
* Kevin Wolf (kw...@redhat.com) wrote:
> Am 15.03.2021 um 10:39 hat Markus Armbruster geschrieben:
> > Paolo Bonzini writes:
> >
> > > On 13/03/21 14:28, Markus Armbruster wrote:
> > >> Kevin Wolf writes:
> > >>
> > >>> This switches the HMP command object_add from a QemuOpts-based parser to
>
Am 13.03.2021 um 13:30 hat Markus Armbruster geschrieben:
> Paolo Bonzini writes:
>
> > On 13/03/21 08:40, Markus Armbruster wrote:
> >>> +if (!user_creatable_add_from_str(optarg, &local_err)) {
> >>> +if (local_err) {
> >>> +error_repor
On Fri, Mar 12, 2021 at 10:22:38AM +0100, Thomas Huth wrote:
> Make it clear that these files are related to benchmarks by moving
> them into a new folder called "bench".
>
> Signed-off-by: Thomas Huth
> ---
> Based-on: 20210310063314.1049838-1-th...@redhat.com
>
> tests/{ => bench}/atomic64-b
On 3/15/21 4:10 AM, Philippe Mathieu-Daudé wrote:
> On 3/15/21 12:48 AM, Richard Henderson wrote:
>> Use fma to simulatneously scale and round up fraction.
>
> "simultaneously"
>
>> The libm function will always return a properly rounded double precision
>> value, which will eliminate any extra p
Hi Alex,
On Saturday, 2021-03-13 at 23:23:56 -05, Alexander Bulekov wrote:
> Currently, bash and C crash reproducers are be built manually. This is a
> problem, as we want to integrate reproducers into the tree, for
> regression testing. This patch adds a script that converts a sequence of
> QTest
On Sunday, 2021-03-14 at 00:56:37 -05, Alexander Bulekov wrote:
> Signed-off-by: Alexander Bulekov
Code-wise looks fine to me:
Reviewed-by: Darren Kenny
Thanks,
Darren
> ---
>
> Fuzzing this device might lead to better coverage over the general scsi
> code.
>
> tests/qtest/fuzz/generic_fuzz
On Saturday, 2021-03-13 at 23:23:57 -05, Alexander Bulekov wrote:
> We have several scripts that help build reproducers, but no
> documentation for how they should be used. Add some documentation
>
> Signed-off-by: Alexander Bulekov
Reviewed-by: Darren Kenny
> ---
> docs/devel/fuzzing.rst | 45
The timing generation is currently performed inside the function that
fills in the DTD. The DisplayID generation needs it as well, so moving
it out to a separate function.
Based-on: <20210303152948.59943-2-akihiko.od...@gmail.com>
Signed-off-by: Konstantin Nazarov
---
hw/display/edid-generate.c
The Detailed Timing Descriptor has only 12 bits to store the
resolution. This limits the guest to 4095 pixels.
This patch adds support for the DisplayID extension, that has 2 full
bytes for that purpose, thus allowing 5k resolutions and above.
Based-on: <20210303152948.59943-2-akihiko.od...@gmail
Some of the EDID extensions like DisplayID do checksums of their
subsections. Currently checksums can be only applied to the whole
extension blocks which are 128 bytes.
This patch allows to checksum arbitrary parts of EDID, and not only
whole extension blocks.
Based-on: <20210303152948.59943-2-ak
Am 13.03.2021 um 09:41 hat Markus Armbruster geschrieben:
> Observation, not objection:
>
> 1. QMP core parses JSON text into QObject, passes to generated
>marshaller.
>
> 2. Marshaller converts QObject to ObjectOptions with the QObject input
>visitor, passes to qmp_object_add().
>
> 3.
Ping for anyone willing to review this so I can get this in before freeze.
On Wed, Feb 24, 2021 at 01:11:35PM +, Daniel P. Berrangé wrote:
> Signed-off-by: Daniel P. Berrangé
> ---
> docs/system/deprecated.rst | 6 -
> docs/system/removed-features.rst | 6 +
> hw/core/machine
On Thu, 4 Mar 2021 11:55:54 +0100
David Hildenbrand wrote:
> Let's also set a maximum size for "etc/acpi/rsdp", so the maximum
> size doesn't get implicitly set based on the initial table size. In my
> experiments, the table size was in the range of 22 bytes, so a single
> page (== what we used
On 24/02/2021 14.11, Daniel P. Berrangé wrote:
Signed-off-by: Daniel P. Berrangé
---
docs/system/deprecated.rst | 6 -
docs/system/removed-features.rst | 6 +
hw/core/machine-qmp-cmds.c | 41
qapi/machine.json| 22 --
Ping for anyone, especially block maintainers, willing to review this
before soft freeze.
On Wed, Feb 24, 2021 at 01:11:42PM +, Daniel P. Berrangé wrote:
> The 'host_device' and 'host_cdrom' drivers must be used instead.
>
> Signed-off-by: Daniel P. Berrangé
> ---
> block/file-posix.c
Am 13.03.2021 um 09:00 hat Markus Armbruster geschrieben:
> Recommend
>
> qom: Support JSON in HMP object_add and tools --object
>
> to put the most interesting bit right in "git-log --oneline".
Makes sense. I've updated my patch locally, but Paolo has already queued
it. Paolo, can you updat
This commit completes the solution of segfault in hot unplug flow
(by commit ccec7e9603f446fe75c6c563ba335c00cfda6a06).
Added missing check for vdev in virtio_pci_isr_read.
v1->v2:
Added crash stack
Updated commit comment
Cosmetic change in additional procedure in this file per request
of Philippe
The value is assigned later in this procedure.
Signed-off-by: Yuri Benditovich
---
hw/virtio/virtio-pci.c | 7 +--
1 file changed, 5 insertions(+), 2 deletions(-)
diff --git a/hw/virtio/virtio-pci.c b/hw/virtio/virtio-pci.c
index 4a3dcee771..c1b67cf6fc 100644
--- a/hw/virtio/virtio-pci.c
++
On 15/03/21 12:56, Kevin Wolf wrote:
Am 13.03.2021 um 09:00 hat Markus Armbruster geschrieben:
Recommend
qom: Support JSON in HMP object_add and tools --object
to put the most interesting bit right in "git-log --oneline".
Makes sense. I've updated my patch locally, but Paolo has already
On 15/03/21 12:38, Dr. David Alan Gilbert wrote:
* Kevin Wolf (kw...@redhat.com) wrote:
Am 15.03.2021 um 10:39 hat Markus Armbruster geschrieben:
Paolo Bonzini writes:
On 13/03/21 14:28, Markus Armbruster wrote:
Kevin Wolf writes:
This switches the HMP command object_add from a QemuOpts-
https://bugzilla.redhat.com/show_bug.cgi?id=1743098
This commit completes the solution of segfault in hot unplug flow
(by commit ccec7e9603f446fe75c6c563ba335c00cfda6a06).
Added missing check for vdev in virtio_pci_isr_read.
Typical stack of crash:
virtio_pci_isr_read ../hw/virtio/virtio-pci.c:1365
On 2/24/21 7:11 AM, Daniel P. Berrangé wrote:
> The 'host_device' and 'host_cdrom' drivers must be used instead.
>
> Signed-off-by: Daniel P. Berrangé
> ---
> block/file-posix.c | 17 ++---
> docs/system/deprecated.rst | 7 ---
> docs/system/removed-features.
Hi Alex,
On Saturday, 2021-03-13 at 18:18:57 -05, Alexander Bulekov wrote:
> For testing, it can be useful to simulate an enormous amount of memory
> (e.g. 2^64 RAM). This adds an MMIO device that acts as sparse memory.
> When something writes a nonzero value to a sparse-mem address, we
> allocate
On Mon, 15 Mar 2021 at 12:09, Kevin Wolf wrote:
> Hm, okay. I guess this means we can't test that a deprecated option
> still works. I'll remove the test and resend.
You'd need a mechanism for "suppress the warning because
we expect it". (Often we do this in a kind of ad-hoc way by
having warning
Am 12.03.2021 um 19:56 hat Peter Maydell geschrieben:
> On Thu, 11 Mar 2021 at 14:48, Kevin Wolf wrote:
> >
> > The following changes since commit d689ecad073e0289afa8ca863e45879d719e5c21:
> >
> > Merge remote-tracking branch 'remotes/nvme/tags/nvme-next-pull-request'
> > into staging (2021-03-
On Saturday, 2021-03-13 at 18:18:58 -05, Alexander Bulekov wrote:
> The generic-fuzzer often provides randomized DMA addresses to
> virtual-devices. For a 64-bit address-space, the chance of these
> randomized addresses coinciding with RAM regions, is fairly small. Even
> though the fuzzer's instru
On Mon, 15 Mar 2021 at 11:34, Paolo Bonzini wrote:
>
> On 07/03/21 23:26, Philippe Mathieu-Daudé wrote:
> > TYPE_PFLASH_CFI01 is a TYPE_SYS_BUS_DEVICE which registers its romd
> > MemoryRegion with sysbus_init_mmio(), so we can use the generic
> > sysbus_mmio_get_region() to get the region, no nee
On Saturday, 2021-03-13 at 18:18:59 -05, Alexander Bulekov wrote:
> For the sparse-mem device, we want the fuzzer to populate entire DMA
> reads from sparse-mem, rather than hooking into the individual MMIO
> memory_region_dispatch_read operations. Otherwise, the fuzzer will treat
> each sequential
On 24/02/2021 14.11, Daniel P. Berrangé wrote:
The 'scsi-hd' and 'scsi-cd' devices provide suitable alternatives.
Signed-off-by: Daniel P. Berrangé
---
docs/system/deprecated.rst | 9 -
docs/system/removed-features.rst | 6
hw/i386/pc.c | 1 -
hw/scsi/
On 3/13/21 4:23 AM, Greg Kurz wrote:
spapr_memory_unplug() is the last step of the hot unplug sequence.
It is indirectly called by:
spapr_lmb_release()
hotplug_handler_unplug()
and spapr_lmb_release() already buys us that DIMM unplug state is
present : it gets restored with spapr_recove
Technically, the first one is a heap use-after-free, while the second a
stack buffer overflow. They could be two different manifestations of the
same issue; they both originate from handle_ti() and the root cause may
be the same.
Heap uaf:
==
On 15.03.21 12:54, Igor Mammedov wrote:
On Thu, 4 Mar 2021 11:55:54 +0100
David Hildenbrand wrote:
Let's also set a maximum size for "etc/acpi/rsdp", so the maximum
size doesn't get implicitly set based on the initial table size. In my
experiments, the table size was in the range of 22 bytes,
On Fri, Mar 12, 2021 at 10:22:11AM +0100, Greg Kurz wrote:
> Now that everything is in place, have the nested event loop to monitor
> the slave channel. The source in the main event loop is destroyed and
> recreated to ensure any pending even for the slave channel that was
> previously detected is
On Sat, 13 Mar 2021, BALATON Zoltan wrote:
On Wed, 10 Mar 2021, BALATON Zoltan wrote:
Hello,
I've started posting this series well in advance to get it into 6.0 and yet
it seems like it may be missing it due to organisational issues (no real
complaints were found with patches but Philippe se
The following changes since commit 6157b0e19721aadb4c7fdcfe57b2924af6144b14:
Merge remote-tracking branch
'remotes/vivier2/tags/linux-user-for-6.0-pull-request' into staging (2021-03-14
17:47:49 +)
are available in the Git repository at:
git://repo.or.cz/qemu/kevin.git tags/for-upstrea
Testing with:
Subject: [PATCH v5 0/5] semihosting/next (SYS_HEAPINFO)
Date: Fri, 12 Mar 2021 10:20:24 +
Message-Id: <20210312102029.17017-1-alex.ben...@linaro.org>
it doesn't seem to segfault QEMU anymore although the guest itself hangs
which probably means it's not happy with the numbers it
I think this was fixed earlier by:
commit 095f8c029319b79cce487e3b566cd826b93da3e6
Author: Keith Packard
Date: Fri Jan 8 22:42:51 2021 +
semihosting: Support SYS_HEAPINFO when env->boot_info is not set
env->boot_info is only set in some ARM startup paths, so we cannot
rely on
Ends doing:
(gdb)
0x0ce4 in ?? ()
=> 0xce4: b.n 0xce4
--
You received this bug notification because you are a member of qemu-
devel-ml, which is subscribed to QEMU.
https://bugs.launchpad.net/bugs/1918302
Title:
qemu-system-arm segfaults while servicing SYS_HEAPINFO
Status in Q
I looks like the solution to my problem was to delete the slirp folder,
then do a 'git pull', then make QEMU again. Networking is working again.
** Changed in: qemu
Status: Incomplete => Fix Released
--
You received this bug notification because you are a member of qemu-
devel-ml, which i
** Changed in: qemu
Status: Confirmed => In Progress
--
You received this bug notification because you are a member of qemu-
devel-ml, which is subscribed to QEMU.
https://bugs.launchpad.net/bugs/1915925
Title:
ARM semihosting HEAPINFO results wrote to wrong address
Status in QEMU:
I
On 26/10/2020 10.36, Kirti Wankhede wrote:
Added amount of bytes transferred to the VM at destination by all VFIO
devices
Signed-off-by: Kirti Wankhede
Reviewed-by: Dr. David Alan Gilbert
---
hw/vfio/common.c | 19 +++
hw/vfio/migration.c | 9
This series supports reload x509 certificates for vnc
1. Support reload x509 certificates.
2. Support reload vnc certificates.
3. Add new qmp display-reload and implement reload x509 certificates
for vnc.
Example:
{"execute": "display-reload", "arguments":{"type": "vnc", "tls-certs": true}}
Zihao
This patch adds reload interface for QCryptoTLSCredsClass and implements
the interface for QCryptoTLSCredsX509.
Signed-off-by: Zihao Chang
---
crypto/tlscredsx509.c | 48 +++
include/crypto/tlscreds.h | 8 ---
2 files changed, 53 insertions(+), 3 dele
This patch provides a new qmp to reload display configuration
without restart VM, but only reloading the vnc tls certificates
is implemented.
Example:
{"execute": "display-reload", "arguments":{"type": "vnc", "tls-certs": true}}
Signed-off-by: Zihao Chang
Acked-by: Markus Armbruster
---
monitor
This patch add vnc_display_reload_certs() to support
update x509 certificates.
Signed-off-by: Zihao Chang
Reviewed-by: Daniel P. Berrang??
---
include/ui/console.h | 1 +
ui/vnc.c | 28
2 files changed, 29 insertions(+)
diff --git a/include/ui/console.
On 3/15/21 3:10 AM, Philippe Mathieu-Daudé wrote:
On 3/15/21 12:48 AM, Richard Henderson wrote:
Use fma to simulatneously scale and round up fraction.
"simultaneously"
The libm function will always return a properly rounded double precision
value, which will eliminate any extra precision the
On 3/15/21 5:33 AM, Eric Blake wrote:
On 3/13/21 3:48 PM, Richard Henderson wrote:
On 3/11/21 2:07 PM, Eric Blake wrote:
+ /*
+ * Add in a fudge-factor (2^53 when double is IEEE format) for
+ * all scales less than P (2^50), so that things like
+ * 12.345M with un
On 3/14/21 11:32 PM, Thomas Huth wrote:
On 15/03/2021 00.48, Richard Henderson wrote:
Use fma to simulatneously scale and round up fraction.
The libm function will always return a properly rounded double precision
value, which will eliminate any extra precision the x87 co-processor may
give us,
On 3/15/21 5:38 AM, Eric Blake wrote:
On 3/14/21 6:48 PM, Richard Henderson wrote:
Use fma to simulatneously scale and round up fraction.
The libm function will always return a properly rounded double precision
value, which will eliminate any extra precision the x87 co-processor may
give us, wh
On 3/15/21 6:42 AM, Cornelia Huck wrote:
On Mon, 15 Mar 2021 11:13:52 +0100
mreza...@redhat.com wrote:
From: Miroslav Rezanina
When declaring g_autofree variable without inicialization, compiler
will raise "may be used uninitialized in this function" warning due
to automatic free handling.
T
On 3/14/21 9:06 PM, Taylor Simpson wrote:
Yes, but DISAS_NORETURN still means we've already exited.
Just like calling abort() in C means that we won't reach any following return
statement.
Then I'm missing something because the code emitted here does get executed.
You really are missing the
On Mon, Mar 15, 2021 at 09:16:09PM +0800, Zihao Chang wrote:
> This patch provides a new qmp to reload display configuration
> without restart VM, but only reloading the vnc tls certificates
> is implemented.
> Example:
> {"execute": "display-reload", "arguments":{"type": "vnc", "tls-certs": true}}
On Mon, Mar 15, 2021 at 09:16:07PM +0800, Zihao Chang wrote:
> This patch adds reload interface for QCryptoTLSCredsClass and implements
> the interface for QCryptoTLSCredsX509.
>
> Signed-off-by: Zihao Chang
> ---
> crypto/tlscredsx509.c | 48 +++
> includ
Looking at the current stack seems an odd approach, because often
semihosting guest programs use HEAPINFO to find out what they should set
SP to in the first place...
--
You received this bug notification because you are a member of qemu-
devel-ml, which is subscribed to QEMU.
https://bugs.launch
On Sat, 13 Mar 2021 17:54:37 +0100
Philippe Mathieu-Daudé wrote:
> From: Heecheol Yang
>
> Add some of these features for AVR GPIO:
>
> - GPIO I/O : PORTx registers
> - Data Direction : DDRx registers
> - DDRx toggling : PINx registers
>
> Following things are not supported yet:
> - M
On 3/14/21 10:54 PM, Taylor Simpson wrote:
Simplify TCG generation of hex_reg_written
Address feedback from Richard Henderson <
Signed-off-by: Taylor Simpson
---
target/hexagon/genptr.c | 12 +---
1 file changed, 9 insertions(+), 3 deletions(-)
diff --git a/target/hexagon/genptr.c
On 3/15/21 4:23 AM, Cédric Le Goater wrote:
On 3/14/21 6:59 PM, Richard Henderson wrote:
Only one of the three places in hw/ppc that modify msr updated
hflags. Even in that case, use the official interface instead
of a direct call to hreg_compute_hflags.
ppc_store_msr() is the interface to us
On 1/21/21 7:06 AM, Richard Henderson wrote:
> On 1/17/21 11:12 PM, Claudio Fontana wrote:
>> On 1/17/21 5:48 PM, Philippe Mathieu-Daudé wrote:
>>> tb_gen_code() is only called within TCG accelerator,
>>> declare it locally.
>>
>> Is this used only in accel/tcg/cpu-exec.c ? Should it be a static fu
On 210315 1209, Darren Kenny wrote:
> Hi Alex,
>
> On Saturday, 2021-03-13 at 18:18:57 -05, Alexander Bulekov wrote:
> > For testing, it can be useful to simulate an enormous amount of memory
> > (e.g. 2^64 RAM). This adds an MMIO device that acts as sparse memory.
> > When something writes a nonz
We are generating a lot of target-specific defines in the *-config-devices.h
and *-config-target.h files. Using them in common code is wrong and leads
to very subtle bugs since a "#ifdef CONFIG_SOMETHING" is not working there
as expected. To avoid these issues, we are already poisoning some of the
On 3/15/21 2:47 PM, Richard Henderson wrote:
> On 3/15/21 4:23 AM, Cédric Le Goater wrote:
>> On 3/14/21 6:59 PM, Richard Henderson wrote:
>>> Only one of the three places in hw/ppc that modify msr updated
>>> hflags. Even in that case, use the official interface instead
>>> of a direct call to hr
Note that the use-after-free was found in v5.2.0 and, as far as I can
tell, is not reproducible anymore on master. The ESP/NCR53C9x emulator
(hw/scsi/esp.c) underwent several changes since v5.2.0. By git-
bisecting, it looks like the original reproducer is neutralized after
commit [1]. However, the
Phillip Tennen writes:
> Markus, thanks for the review. I apologize for my lateness in getting back
> to you.
>
> I've integrated most of your suggestions, and will submit a v5 that
> incorporates them. I've left a couple comments and questions for you below.
>
> Aside: I haven't responded inline
The generic-fuzzer often provides randomized DMA addresses to
virtual-devices. For a 64-bit address-space, the chance of these
randomized addresses coinciding with RAM regions, is fairly small. Even
though the fuzzer's instrumentation eventually finds valid addresses,
this can take some-time, and s
For testing, it can be useful to simulate an enormous amount of memory
(e.g. 2^64 RAM). This adds an MMIO device that acts as sparse memory.
When something writes a nonzero value to a sparse-mem address, we
allocate a block of memory. For now, since the only user of this device
is the fuzzer, we do
v3:
- Fix innacurate commit message for the sparse-mem dev
- Remove debug printfs
v2:
- Make the device a TYPE_SYS_BUS_DEVICE device
- Remove the qtest (the device cannot be enabled for testing outside
of the fuzzing code).
- Since this will only be used for short-lived fu
15.03.2021 08:36, Roman Kagan wrote:
On Fri, Mar 12, 2021 at 03:35:25PM +0300, Vladimir Sementsov-Ogievskiy wrote:
10.03.2021 12:32, Roman Kagan wrote:
NBD connect coroutine takes an extra in_flight reference as if it's a
request handler. This prevents drain from completion until the
connectio
On Thu, 4 Mar 2021 11:55:50 +0100
David Hildenbrand wrote:
> Fix and cleanup initializing the maximum size of mutable ACPI blobs.
>
> v1/v2 -> v3:
> - 'acpi: Set proper maximum size for "etc/table-loader" blob'
> -- Move "etc/table-loader" change to separate patch
> -- Extend description
> -- F
For the sparse-mem device, we want the fuzzer to populate entire DMA
reads from sparse-mem, rather than hooking into the individual MMIO
memory_region_dispatch_read operations. Otherwise, the fuzzer will treat
each sequential read separately (and populate it with a separate
pattern). Work around th
Ping (+Kevin Wolf to CC)
Kevin, would this be appropriate for your tree?
On 3/1/21 11:28 AM, Connor Kuehl wrote:
The contents of this patch were initially developed and posted by Han
Han[1], however, it appears the original patch was not applied. Since
then, the relevant documentation has been
On 2/18/21 9:16 AM, Connor Kuehl wrote:
Connor Kuehl (2):
sev: use explicit indices for mapping firmware error codes to strings
sev: add missing firmware error conditions
target/i386/sev.c | 48 ---
1 file changed, 25 insertions(+), 23 deletio
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2020-35506
--
You received this bug notification because you are a member of qemu-
devel-ml, which is subscribed to QEMU.
https://bugs.launchpad.net/bugs/1909247
Title:
QEMU: use after free vulnerability in esp_do_dma() in hw/scsi/es
On 3/15/21 2:54 PM, Thomas Huth wrote:
> We are generating a lot of target-specific defines in the *-config-devices.h
> and *-config-target.h files. Using them in common code is wrong and leads
> to very subtle bugs since a "#ifdef CONFIG_SOMETHING" is not working there
> as expected. To avoid thes
13.03.2021 08:51, Mahmoud Mandour wrote:
Thank you for the fast review and I'm sorry for the silly and obvious style
errors. Unfortunately I did not notice the section on using the checkpatch
script in the Contributing page on the wiki before committing. But I assure
you that such errors will not
Kevin Wolf writes:
> Am 13.03.2021 um 13:30 hat Markus Armbruster geschrieben:
>> Paolo Bonzini writes:
>>
>> > On 13/03/21 08:40, Markus Armbruster wrote:
>> >>> +if (!user_creatable_add_from_str(optarg, &local_err)) {
>> >>> +if (local_err) {
>> >>> +
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2020-35504
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2020-35505
--
You received this bug notification because you are a member of qemu-
devel-ml, which is subscribed to QEMU.
https://bugs.launchpad.net/bugs/1910723
Thank you for your answer, we understand that compatibility with all Linux
versions is a priority for you.
We have small hope that this email will help other QEMU users in struggling
with QNX on QEMU.
Regards,
Adam Olek
-Original Message-
From: Peter Maydell [mailto:peter.mayd...@linaro
Mahmoud, it's generally a good idea to cc: people who commented on a
previous iteration of the same patch. In this case, Thomas. I'm doing
that for you now.
Mahmoud Mandour writes:
> On Mon, Mar 15, 2021 at 1:13 PM Philippe Mathieu-Daudé
> wrote:
>
>> Hi Mahmoud,
>>
>> On 3/15/21 11:58 AM, Ma
Hi Mauro,
Oops... I missed that it was a stack-overflow. I went through my list of
crashes, and the closest one I can find is a heap UAF, but it is a write,
rather than a read:
/*
* Autogenerated Fuzzer Test Case
*
* Copyright (c) 2021
*
* This work is licensed under the terms of the GNU G
Le 15/03/2021 à 12:35, Daniel P. Berrangé a écrit :
> Nitpick, use 'hw/char' in the subject, as I mistakenly thought
> this was touching the char/ backend initially.
>
I sent a v8 without changing the subject (after this PR but before your
comment), but if there is no
v9 I will update it in the
15.03.2021 12:58, Max Reitz wrote:
On 12.03.21 19:43, Vladimir Sementsov-Ogievskiy wrote:
12.03.2021 21:15, Max Reitz wrote:
On 05.03.21 18:35, Vladimir Sementsov-Ogievskiy wrote:
Compressed writes are unaligned to 512, which works very slow in
O_DIRECT mode. Let's use the cache.
Signed-off-b
Am 15.03.2021 um 15:15 hat Markus Armbruster geschrieben:
> Kevin Wolf writes:
>
> > Am 13.03.2021 um 13:30 hat Markus Armbruster geschrieben:
> >> Paolo Bonzini writes:
> >>
> >> > On 13/03/21 08:40, Markus Armbruster wrote:
> >> >>> +if (!user_creatable_add_from_str(optarg, &l
On 3/15/21 2:52 PM, Claudio Fontana wrote:
> On 1/21/21 7:06 AM, Richard Henderson wrote:
>> On 1/17/21 11:12 PM, Claudio Fontana wrote:
>>> On 1/17/21 5:48 PM, Philippe Mathieu-Daudé wrote:
tb_gen_code() is only called within TCG accelerator,
declare it locally.
>>>
>>> Is this used only
On 15/03/2021 11.58, Mahmoud Mandour wrote:
Fixed two styling issues that caused checkpatch.pl errors.
Signed-off-by: Mahmoud Mandour
---
util/compatfd.c | 6 +++---
1 file changed, 3 insertions(+), 3 deletions(-)
diff --git a/util/compatfd.c b/util/compatfd.c
index ee47dd8089..174f394533 1
On 3/15/21 2:54 PM, Thomas Huth wrote:
> We are generating a lot of target-specific defines in the *-config-devices.h
> and *-config-target.h files. Using them in common code is wrong and leads
> to very subtle bugs since a "#ifdef CONFIG_SOMETHING" is not working there
> as expected. To avoid thes
On 15/03/2021 15.25, Markus Armbruster wrote:
Mahmoud, it's generally a good idea to cc: people who commented on a
previous iteration of the same patch. In this case, Thomas. I'm doing
that for you now.
Mahmoud Mandour writes:
On Mon, Mar 15, 2021 at 1:13 PM Philippe Mathieu-Daudé
wrote:
On Monday, 2021-03-15 at 10:05:10 -04, Alexander Bulekov wrote:
> For testing, it can be useful to simulate an enormous amount of memory
> (e.g. 2^64 RAM). This adds an MMIO device that acts as sparse memory.
> When something writes a nonzero value to a sparse-mem address, we
> allocate a block of
* Greg Kurz (gr...@kaod.org) wrote:
> QEMU can stop a virtqueue by sending a VHOST_USER_GET_VRING_BASE request
> to virtiofsd. As with all other vhost-user protocol messages, the thread
> that runs the main event loop in virtiofsd takes the vu_dispatch lock in
> write mode. This ensures that no oth
* Vivek Goyal (vgo...@redhat.com) wrote:
> Option "-V" currently displays the fuse protocol version virtiofsd is
> using. For example, I see this.
>
> $ ./virtiofsd -V
> "using FUSE kernel interface version 7.33"
>
> People also want to know software version of virtiofsd so that they can
> figure
On 15/03/2021 15.07, Claudio Fontana wrote:
On 3/15/21 2:54 PM, Thomas Huth wrote:
We are generating a lot of target-specific defines in the *-config-devices.h
and *-config-target.h files. Using them in common code is wrong and leads
to very subtle bugs since a "#ifdef CONFIG_SOMETHING" is not w
On 3/15/21 3:53 PM, Thomas Huth wrote:
> On 15/03/2021 15.25, Markus Armbruster wrote:
>> Mahmoud, it's generally a good idea to cc: people who commented on a
>> previous iteration of the same patch. In this case, Thomas. I'm doing
>> that for you now.
>>
>> Mahmoud Mandour writes:
>>
>>> On Mon
101 - 200 of 495 matches
Mail list logo
