From: Xingang Wang
These patches add support for configure iommu on/off for pci root bus,
including primary bus and pxb root bus. At present, All root bus
will go through iommu when iommu is configured, which is not flexible.
So this add option to enable/disable iommu for primary bus and pxb
roo
On Wed, 24 Mar 2021 at 01:43, Richard Henderson
wrote:
>
> The following changes since commit 266469947161aa10b1d36843580d369d5aa38589:
>
> Merge remote-tracking branch 'remotes/armbru/tags/pull-qapi-2021-03-23'
> into staging (2021-03-23 22:28:58 +)
>
> are available in the Git repository
Hi
On Wed, Mar 24, 2021 at 4:57 PM Gerd Hoffmann wrote:
> Hi,
>
> > I fail to see how that works, imagine the other end is the same code
> (qemu
> > in the guest), it will take clipboard ownership and it is in a endless
> > loop, isn't it?
>
> Notifications on guest-triggered clipboard updates
On Wed, Mar 24, 2021 at 2:57 PM Stefan Hajnoczi wrote:
> Please use Reply-All on mailing list emails so that the mailing like and
> all other CC email addresses are included in the discussion.
>
That's my bad, hopefully this won't happen again in the future.
Mahmoud
On Tue, 23 Mar 2021 at 17:59, Alex Bennée wrote:
> I've added a testing patch to extend the CFI times, Laurent's series
> to fix the iotest regressions currently keeping the CI from going
> green and an optimisation to the --enable-docs build to try and start
> bringing the total CI time down a bi
Hi Anup,
On Thu, Oct 22, 2020 at 1:34 PM Anup Patel wrote:
>
> Extend sifive_u machine to allow passing custom DTB using "-dtb"
> command-line parameter. This will help users pass modified DTB
> or Linux SiFive DTB to sifive_u machine.
>
> Signed-off-by: Anup Patel
> ---
> hw/riscv/sifive_u.c |
On 3/24/21 2:00 AM, Robert Hoo wrote:
+if ((env->xcr0 & XFEATURE_AVX512) == XFEATURE_AVX512) {
+/* XSAVE enabled AVX512 */
+nb = (env->hflags & HF_CS64_MASK) ? 32 : 8;
+for (i = 0; i < nb; i++) {
+qemu_fprintf(f, "ZMM%02d=0x%016lx %016lx
On 20/03/21 18:12, Jessica Clarke wrote:
Commit 3eacf70bb5a83e4775ad8003cbca63a40f70c8c2 neglected to fix this
for softmmu configs, which pull in migration's use of gnutls.
This fixes the following compilation failure on Arm-based Macs:
In file included from migration/multifd.c:23:
In fil
On 3/23/21 10:52 AM, Alex Bennée wrote:
Query the SYS_HEAPINFO semicall and do some basic verification of the
information via libc calls.
Signed-off-by: Alex Bennée
Message-Id:<20210320133706.21475-10-alex.ben...@linaro.org>
---
v2
- expand test as suggested by Richard
---
.../multiarch/ar
On 3/24/21 2:06 PM, Laurent Vivier wrote:
> Le 24/03/2021 à 12:26, Andreas Krebbel a écrit :
>> On 3/24/21 11:28 AM, Laurent Vivier wrote:
>>> Le 24/03/2021 à 10:17, David Hildenbrand a écrit :
On 24.03.21 09:51, Andreas Krebbel wrote:
> The sigreturn SVC is put onto the stack by the emula
Peter Maydell writes:
> On Tue, 23 Mar 2021 at 17:59, Alex Bennée wrote:
>> I've added a testing patch to extend the CFI times, Laurent's series
>> to fix the iotest regressions currently keeping the CI from going
>> green and an optimisation to the --enable-docs build to try and start
>> brin
On 17.03.21 19:00, Paolo Bonzini wrote:
From: David Edmondson
If a new bitmap entry is allocated, requiring the entire block to be
written, avoiding leaking the buffer allocated for the block should
the write fail.
Reviewed-by: Philippe Mathieu-Daudé
Signed-off-by: David Edmondson
Message-Id
On 17.03.21 19:00, Paolo Bonzini wrote:
This is a resubmit of David Edmondson's series at
https://patchew.org/QEMU/20210309144015.557477-1-david.edmond...@oracle.com/.
After closer analysis on IRC, the CoRwlock's attempt to ensure
fairness turned out to be flawed. Therefore, this series
reimplem
On 17.03.21 19:00, Paolo Bonzini wrote:
From: David Edmondson
Given that the block size is read from the header of the VDI file, a
wide variety of sizes might be seen. Rather than re-using a block
sized memory region when writing the VDI header, allocate an
appropriately sized buffer.
Signed-o
Fixes: 5790b757cfb ("piix4: Add the Reset Control Register")
Signed-off-by: Philippe Mathieu-Daudé
---
hw/isa/piix4.c | 5 +++--
1 file changed, 3 insertions(+), 2 deletions(-)
diff --git a/hw/isa/piix4.c b/hw/isa/piix4.c
index a50d97834c7..6eeff4525f8 100644
--- a/hw/isa/piix4.c
+++ b/hw/isa/pi
The following changes since commit 01874b15d36e3f9a3506c47941a92ccf8d8bed98:
Merge remote-tracking branch 'remotes/rth/tags/pull-tcg-20210323' into
staging (2021-03-24 11:22:08 +)
are available in the Git repository at:
https://github.com/stsquad/qemu.git tags/pull-6.0-rc0-fixed-240321-
We have kerneldoc tags for the headers so we might as well extract
them into our developer documentation whilst we are at it.
Signed-off-by: Alex Bennée
Reviewed-by: Aaron Lindsay
Message-Id: <20210323165308.15244-3-alex.ben...@linaro.org>
diff --git a/docs/devel/tcg-plugins.rst b/docs/devel/tc
This aims to provide a bit more guidance for those who take on one of
our "clean up memory allocation" bite-sized tasks.
Signed-off-by: Alex Bennée
Reviewed-by: Richard Henderson
Message-Id: <20210323165308.15244-4-alex.ben...@linaro.org>
diff --git a/docs/devel/style.rst b/docs/devel/style.rst
I confused myself wandering if this had been merged by looking at the
help output. It seems fuse_opt doesn't automagically add to help
output so lets do it now.
Signed-off-by: Alex Bennée
Reviewed-by: Connor Kuehl
Reviewed-by: Stefan Hajnoczi
Updates: f6698f2b03 ("tools/virtiofsd: add support f
Some packaged versions of Sphinx (fedora33/alpine so far) have issues
with the annotated C code that kernel-doc spits out. Without knowing
about things like QEMU_PLUGIN_EXPORT it chokes trying to understand
the code. Evidently this is a problem for the kernel as well as the
long stream of regex sub
>>>From the semihosting point of view what we want to know is the current
mode of the processor. Unify this into a single helper and allow us to
use the same GET/SET_ARG helpers for the rest of the code. Having the
helper will also be useful later.
Note: we aren't currently testing riscv32 due to
As per the spec:
the PARAMETER REGISTER contains the address of a pointer to a
four-field data block.
So we need to follow arg0 and place the results of SYS_HEAPINFO there.
Fixes: 3c37cfe0b1 ("semihosting: Change internal common-semi interfaces to use
CPUState *")
Signed-off-by: Alex Bennée
From: Thomas Huth
FreeBSD version 12.1 is out of service now, and the task in the
Cirrus-CI is failing. Update to 12.2 to get it working again.
Unfortunately, there is a bug in libtasn1 that triggers with the
new version of Clang that is used there (see this thread for details:
https://lists.gnu.
It may be arm-compat-semihosting but more than one architecture uses
it so lets move the tests into the multiarch area. We gate it on the
feature and split the semicall.h header between the arches.
Also clean-up a bit of the Makefile messing about to one common set of
runners.
Signed-off-by: Alex
From: Eric Blake
Our tests were not validating the return value in all cases, nor was
it guaranteeing our documented claim that 'res' is unchanged on error.
For that matter, it wasn't as thorough as the existing tests for
qemu_strtoi() and friends for proving that endptr and res are sanely
set.
From: Thomas Huth
Our gitlab-ci got quite slow in the past weeks, due to the immense amount
of jobs that we have, so we should try to reduce the number of jobs.
There is no real good reason for having separate jobs just to test the
trace backends, we can do this just fine in other jobs, too.
Sig
From: Thomas Huth
The test for 128-bit atomics is causing trouble with FreeBSD 12.2 and
--enable-werror:
cc -Werror -fPIE -DPIE -std=gnu99 -Wall -m64 -mcx16 -D_GNU_SOURCE
-D_FILE_OFFSET_BITS=64 -D_LARGEFILE_SOURCE -Wstrict-prototypes
-Wredundant-decls -Wundef -Wwrite-strings -Wmissing-prototy
I have been unable to reproduce this problem with qemu
master (67c1115edd98), and linux 5.10 w/ your config.
--
You received this bug notification because you are a member of qemu-
devel-ml, which is subscribed to QEMU.
https://bugs.launchpad.net/bugs/1920934
Title:
Heap-use-after-free in io_w
Query the SYS_HEAPINFO semicall and do some basic verification of the
information via libc calls.
Signed-off-by: Alex Bennée
Reviewed-by: Richard Henderson
Reviewed-by: Thomas Huth
Message-Id: <20210323165308.15244-10-alex.ben...@linaro.org>
diff --git a/tests/tcg/multiarch/arm-compat-semi/sem
Arguably the target_cpu_copy_regs function for each architecture is
misnamed as a number of the architectures also take the opportunity to
fill out the TaskState structure. This could arguably be factored out
into common code but that would require a wider audit of the
architectures. For now just r
From: Eric Blake
Mingw recognizes that "0x" has value 0 without setting errno, but
fails to advance endptr to the trailing garbage 'x'. This in turn
showed up in our recent testsuite additions for qemu_strtosz (commit
1657ba44b4 utils: Enhance testsuite for do_strtosz()); adjust our
remaining te
From: Laurent Vivier
This allows to cover the virtio tests with a 32bit big-endian
virtio-mmio machine.
Signed-off-by: Laurent Vivier
Signed-off-by: Alex Bennée
Reviewed-by: Philippe Mathieu-Daudé
Reviewed-by: Cornelia Huck
Message-Id: <20210319202335.2397060-6-laur...@vivier.eu>
Message-Id:
On 3/24/21 12:48 PM, Alex Bennée wrote:
>
> Alex Bennée writes:
>
>> Claudio Fontana writes:
>>
>>> On 3/23/21 11:50 PM, Alex Bennée wrote:
>
>> Moving up the build chain to the revert I now get:
>>
>> ./qemu-system-aarch64 -M virt,gic=host -cpu host -accel kvm -m 2048
>> -net none -nographi
On 3/24/21 8:14 AM, Andreas Krebbel wrote:
The part I actually needed to fix was in setup_rt_frame and there the fix is
correct I think since
here we do use 'frame' which is the host address.
While doing that change I also stumbled upon the other location in setup_frame.
There it is using
fram
From: Laurent Vivier
Commit f1d5516ab583 introduces a test in some iotests to check if
the machine is a s390-ccw-virtio and to select virtio-*-ccw rather
than virtio-*-pci.
We don't need that because QEMU already provides aliases to use the correct
virtio interface according to the machine type.
From: Laurent Vivier
Rather than checking if the machine is an s390x to use virtio-blk-ccw
instead of virtio-blk-pci, use the alias virtio-blk that is set to
the expected target.
This also enables the use of virtio-blk-device for targets without
PCI or CCW.
Signed-off-by: Laurent Vivier
Signed
From: Laurent Vivier
Similarly to 5f629d943cb0 ("s390x: fix s390 virtio aliases"),
define the virtio aliases.
This allows to start machines with virtio devices without
knowledge of the implementation type.
For instance, we can use "-device virtio-scsi" on
m68k, s390x or PC, and the device will
From: Laurent Vivier
And ioeventfd are only available with virtio-scsi-pci or virtio-scsi-ccw,
use the alias but add a rule to require virtio-scsi-pci or virtio-scsi-ccw
for the tests that use iothreads.
Signed-off-by: Laurent Vivier
Signed-off-by: Alex Bennée
Reviewed-by: Thomas Huth
Message
From: Laurent Vivier
This is used to define virtio-*-pci and virtio-*-ccw aliases
rather than substracting the CCW architecture from all the others.
Signed-off-by: Laurent Vivier
Signed-off-by: Alex Bennée
Reviewed-by: Cornelia Huck
Message-Id: <20210319202335.2397060-2-laur...@vivier.eu>
Mes
In d0f26e68a0 ("gitlab: force enable docs build in Fedora, Ubuntu,
Debian") we made sure we can build the documents on more than one
system. However we don't want to build documents all the time as it's
a waste of cycles (and energy). So lets reduce the total amount of
documentation we build while
These builds are running very close to the default build limit and as
they are already pared down the only other option is to extend the
timeout a little to give some breathing room.
Signed-off-by: Alex Bennée
Reviewed-by: Thomas Huth
Reviewed-by: Willian Rampazzo
Reviewed-by: Philippe Mathieu-
The config is from 5.12-rc4, and the earliest kernel version that should
reproduce this is 5.12-rc1.
--
You received this bug notification because you are a member of qemu-
devel-ml, which is subscribed to QEMU.
https://bugs.launchpad.net/bugs/1920934
Title:
Heap-use-after-free in io_writex /
On Wed, Mar 24, 2021 at 05:26:24PM +0400, Marc-André Lureau wrote:
> Hi
>
> On Wed, Mar 24, 2021 at 4:57 PM Gerd Hoffmann wrote:
>
> > Hi,
> >
> > > I fail to see how that works, imagine the other end is the same code
> > (qemu
> > > in the guest), it will take clipboard ownership and it is in
On 22.03.21 10:25, ChangLimin wrote:
For Linux 5.10/5.11, qemu write zeros to a multipath device using
ioctl(fd, BLKZEROOUT, range) with cache none or directsync return -EBUSY
permanently.
So as far as I can track back the discussion, Kevin asked on v1 why we’d
set has_write_zeroes to false, i
From: Vladimir Sementsov-Ogievskiy
Incoming enabled bitmaps are busy, because we do
bdrv_dirty_bitmap_create_successor() for them. But disabled bitmaps
being migrated are not marked busy, and user can remove them during the
incoming migration. Then we may crash in cancel_incoming_locked() when
tr
The following changes since commit 67c1115edd98f388ca89dd38322ea3fadf034523:
Merge remote-tracking branch 'remotes/kraxel/tags/ui-20210323-pull-request'
into staging (2021-03-23 23:47:30 +)
are available in the Git repository at:
https://gitlab.com/stefanha/qemu.git tags/block-pull-requ
The fix was sent to the kernel teams mailing list:
https://lists.ubuntu.com/archives/kernel-team/2021-March/thread.html#118449
** Changed in: linux (Ubuntu)
Status: Confirmed => In Progress
** Changed in: ubuntu-power-systems
Status: Confirmed => In Progress
--
You received this b
there was no bug, it was my fault. How do I delete this
** Changed in: qemu
Status: New => Invalid
** Summary changed:
- qemu-system-arm multi core debug not working
+ how do i delete this bug?
** Description changed:
- Working with Zephyr RTOS, running a multi core sample on mps2_an521
From: Vladimir Sementsov-Ogievskiy
Check that we can't remove bitmaps being migrated on destination vm.
The new check proves that previous commit helps.
Signed-off-by: Vladimir Sementsov-Ogievskiy
Signed-off-by: Stefan Hajnoczi
Message-Id: <20210322094906.5079-3-vsement...@virtuozzo.com>
---
On Tue, Mar 23, 2021 at 5:15 AM Dylan Jhong wrote:
>
> Although the AE350 has not been upstream (preparing for v2),
> the reset vector of the AE350 is known to be at the 2G position,
> so this patch is corrected in advance.
>
> Signed-off-by: Dylan Jhong
> Signed-off-by: Ruinland ChuanTzu Tsai
>
On Tue, Mar 23, 2021 at 3:15 PM Philippe Mathieu-Daudé wrote:
>
> When building with --enable-sanitizers we get:
>
> Direct leak of 16 byte(s) in 1 object(s) allocated from:
> #0 0x5618479ec7cf in malloc (qemu-system-aarch64+0x233b7cf)
> #1 0x7f675745f958 in g_malloc (/lib64/libglib-
Patchew URL:
https://patchew.org/QEMU/20210324143021.8560-1-alex.ben...@linaro.org/
Hi,
This series seems to have some coding style problems. See output below for
more information:
Type: series
Message-id: 20210324143021.8560-1-alex.ben...@linaro.org
Subject: [PULL for 6.0 00/22] various fixe
24.03.2021 15:25, Alberto Garcia wrote:
On Thu 18 Mar 2021 03:25:07 PM CET, Vladimir Sementsov-Ogievskiy
wrote:
static int bdrv_reopen_prepare(BDRVReopenState *reopen_state,
BlockReopenQueue *queue,
- Transaction *set_backings_
On Wed, Mar 24, 2021 at 10:56:22AM +0800, Keqian Zhu wrote:
> Hi Peter,
>
> On 2021/3/23 22:34, Peter Xu wrote:
> > Keqian,
> >
> > On Tue, Mar 23, 2021 at 02:40:43PM +0800, Keqian Zhu wrote:
> The second question is that you observed longer migration time
> (55s->73s) when guest
> >>>
Introducing new qapi method 'query-cpu-model-cpuid'. This method can be used to
get virtualized cpu model info generated by QEMU during VM initialization in
the form of cpuid representation.
Diving into more details about virtual cpu generation: QEMU first parses '-cpu'
command line option. From t
On 23/03/2021 19:19, Paolo Bonzini wrote:
This series adds a few usability improvements to qemu-iotests, in
particular:
- arguments can be passed to Python unittests scripts, for example
to run only a subset of the test cases (patches 1-2)
- it is possible to do "./check -- ../../../tests
Public bug reported:
I am currently building my own kernel with bootloader and qemu crashed
after I have set an IDT in protected mode and then create a invalid
opcode exception with the opcode 0xff.
My code is here: https://github.com/Luis-
Hebendanz/svm_kernel/blob/qemu_crash/svm_kernel/external
Le 24/03/2021 à 15:14, Andreas Krebbel a écrit :
> On 3/24/21 2:06 PM, Laurent Vivier wrote:
>> Le 24/03/2021 à 12:26, Andreas Krebbel a écrit :
>>> On 3/24/21 11:28 AM, Laurent Vivier wrote:
Le 24/03/2021 à 10:17, David Hildenbrand a écrit :
> On 24.03.21 09:51, Andreas Krebbel wrote:
>>>
* Philippe Mathieu-Daudé (f4...@amsat.org) wrote:
> Fixes: 5790b757cfb ("piix4: Add the Reset Control Register")
> Signed-off-by: Philippe Mathieu-Daudé
So if I understand correctly, piix4 is only used on one of the MIPS
machines, so that bumping the version here won't break anyone who
cares abou
** Also affects: glibc (Ubuntu Hirsute)
Importance: Undecided
Status: Invalid
** Also affects: qemu (Ubuntu Hirsute)
Importance: Undecided
Status: Invalid
** Also affects: linux (Ubuntu Hirsute)
Importance: Undecided
Assignee: Frank Heimes (fheimes)
Status: In P
On Wed, Mar 24, 2021 at 11:09:27AM +0300, Andrey Gruzdev wrote:
> > I'm also looking into introducing UFFD_FEATURE_WP_UNALLOCATED so as to
> > wr-protect page holes too for a uffd-wp region when the feature bit is set.
> > With that feature we should be able to avoid pre-fault as what we do in the
On Wed, Mar 24, 2021 at 4:52 PM Max Reitz wrote:
> On 22.03.21 10:25, ChangLimin wrote:
> > For Linux 5.10/5.11, qemu write zeros to a multipath device using
> > ioctl(fd, BLKZEROOUT, range) with cache none or directsync return -EBUSY
> > permanently.
>
> So as far as I can track back the discuss
When setting up the pointer for the sigreturn stub in the return
address register (r14) we have to use the guest frame pointer instead
of the host frame pointer.
Note: This only caused problems if Qemu has been built with
--disable-pie (as it is in distros nowadays). Otherwise guest_base
defaults
On Wed, 24 Mar 2021 at 14:23, Alex Bennée wrote:
>
>
> Peter Maydell writes:
>
> > On Tue, 23 Mar 2021 at 17:59, Alex Bennée wrote:
> >> I've added a testing patch to extend the CFI times, Laurent's series
> >> to fix the iotest regressions currently keeping the CI from going
> >> green and an o
Hi,
I can still trigger stack-overflows, heap-UAFs and heap-overflows in the
code, but Mark's patches fixed some of the issues. I didn't want to
flood the issue-tracker with further problems in this code, since it
isn't clear what the security expectations are for this device. Of
course it is only
On Wed, Mar 17, 2021 at 07:00:11PM +0100, Paolo Bonzini wrote:
> +static void qemu_co_rwlock_maybe_wake_one(CoRwlock *lock)
> +{
> +CoRwTicket *tkt = QSIMPLEQ_FIRST(&lock->tickets);
> +Coroutine *co = NULL;
> +
> +/*
> + * Setting lock->owners here prevents rdlock and wrlock from
>
In general, you don't need to delete bugs that turn out to be user
error, or edit the description/title; just mark them as 'invalid',
perhaps with a comment about what turned out to be the cause. That
leaves the trail of what was going on for future readers who might be
going down the same path as
I included (mostly) same patch into my patch series just for patch
completeness.
Please choose whichever you like.
Reviewed-by: Isaku Yamahata
On Tue, Mar 23, 2021 at 04:46:01PM +,
Peter Maydell wrote:
> pci_irq_handler documents that it must be called with 0 <= irq_num <=
> 3 and level ei
On Wed, Mar 17, 2021 at 07:00:07PM +0100, Paolo Bonzini wrote:
> This is a resubmit of David Edmondson's series at
> https://patchew.org/QEMU/20210309144015.557477-1-david.edmond...@oracle.com/.
> After closer analysis on IRC, the CoRwlock's attempt to ensure
> fairness turned out to be flawed. Th
** Changed in: qemu
Status: New => Confirmed
** Changed in: qemu
Assignee: (unassigned) => Richard Henderson (rth)
--
You received this bug notification because you are a member of qemu-
devel-ml, which is subscribed to QEMU.
https://bugs.launchpad.net/bugs/1921138
Title:
tcg.c:33
Claudio Fontana writes:
> On 3/24/21 12:48 PM, Alex Bennée wrote:
>>
>> Alex Bennée writes:
>>
>>> Claudio Fontana writes:
>>>
On 3/23/21 11:50 PM, Alex Bennée wrote:
>>
>>> Moving up the build chain to the revert I now get:
>>>
>>> ./qemu-system-aarch64 -M virt,gic=host -cpu host -
On Tue, Mar 23, 2021 at 10:24:30AM -0700, Isaku Yamahata wrote:
> If a device model
> (a) doesn't set the value to a correct interrupt number and then
> (b) triggers an interrupt for itself,
> it's device model bug. Add assert on interrupt pin number to catch
> this kind of bug more obviously.
>
>
On Tue, Mar 23, 2021 at 05:35:14PM +0100, Greg KH wrote:
> On Tue, Mar 23, 2021 at 04:10:27PM +, Catangiu, Adrian Costin wrote:
> > Hi Greg,
> >
> > After your previous reply on this thread we started considering to provide
> > this interface and framework/functionality through a userspace se
* leirao (lei@intel.com) wrote:
> From: "Rao, Lei"
>
> if we don't reset the auto-converge counter,
> it will continue to run with COLO running,
> and eventually the system will hang due to the
> CPU throttle reaching DEFAULT_MIGRATE_MAX_CPU_THROTTLE.
>
> Signed-off-by: Lei Rao
> ---
> mig
On 24/03/21 17:15, Stefan Hajnoczi wrote:
On Wed, Mar 17, 2021 at 07:00:11PM +0100, Paolo Bonzini wrote:
+static void qemu_co_rwlock_maybe_wake_one(CoRwlock *lock)
+{
+CoRwTicket *tkt = QSIMPLEQ_FIRST(&lock->tickets);
+Coroutine *co = NULL;
+
+/*
+ * Setting lock->owners here pre
On 24/03/21 17:23, Stefan Hajnoczi wrote:
On Wed, Mar 17, 2021 at 07:00:07PM +0100, Paolo Bonzini wrote:
This is a resubmit of David Edmondson's series at
https://patchew.org/QEMU/20210309144015.557477-1-david.edmond...@oracle.com/.
After closer analysis on IRC, the CoRwlock's attempt to ensure
These two opcodes only allow a memory operand.
Lacking the check for a register operand, we used the A0 temp
without initialization, which led to a tcg abort.
Buglink: https://bugs.launchpad.net/qemu/+bug/1921138
Signed-off-by: Richard Henderson
---
target/i386/tcg/translate.c | 6 ++
1 fil
https://patchew.org/QEMU/20210324164650.128608-1-richard.hender...@linaro.org/
** Changed in: qemu
Status: Confirmed => In Progress
--
You received this bug notification because you are a member of qemu-
devel-ml, which is subscribed to QEMU.
https://bugs.launchpad.net/bugs/1921138
Title
On 24/03/21 17:46, Richard Henderson wrote:
These two opcodes only allow a memory operand.
Lacking the check for a register operand, we used the A0 temp
without initialization, which led to a tcg abort.
Buglink: https://bugs.launchpad.net/qemu/+bug/1921138
Signed-off-by: Richard Henderson
---
On 12/21/20 12:53 PM, Thomas Huth wrote:
> On 30/11/2020 09.36, Gan Qixin wrote:
>> The category of the mc146818rtc device is not set, put it into the 'misc'
>> category.
>>
>> Signed-off-by: Gan Qixin
>> ---
>> Cc: Michael S. Tsirkin
>> ---
>> hw/rtc/mc146818rtc.c | 1 +
>> 1 file changed, 1 in
On 3/24/21 4:53 PM, Alexander Bulekov wrote:
> Hi,
> I can still trigger stack-overflows, heap-UAFs and heap-overflows in the
> code, but Mark's patches fixed some of the issues. I didn't want to
> flood the issue-tracker with further problems in this code, since it
> isn't clear what the security
* Peter Xu (pet...@redhat.com) wrote:
> On Tue, Mar 23, 2021 at 08:21:43PM +0300, Andrey Gruzdev wrote:
> > > For the long term I think we'd better have a helper:
> > >
> > > qemu_put_qio_channel_buffer(QEMUFile *file, QIOChannelBuffer
> > > *bioc)
> > >
> > > So as to hide this flush o
On Wed, 24 Mar 2021 at 14:30, Alex Bennée wrote:
>
> The following changes since commit 01874b15d36e3f9a3506c47941a92ccf8d8bed98:
>
> Merge remote-tracking branch 'remotes/rth/tags/pull-tcg-20210323' into
> staging (2021-03-24 11:22:08 +)
>
> are available in the Git repository at:
>
> ht
Le 24/03/2021 à 16:55, Andreas Krebbel a écrit :
> When setting up the pointer for the sigreturn stub in the return
> address register (r14) we have to use the guest frame pointer instead
> of the host frame pointer.
>
> Note: This only caused problems if Qemu has been built with
> --disable-pie (
The motivation behind this series is to remove the
isa_get_irq(NULL) call to simplify the ISA generic model.
Philippe Mathieu-Daudé (6):
hw/isa/vt82c686: Name output IRQ as 'intr'
hw/isa/vt82c686: Simplify removing unuseful qemu_allocate_irqs() call
hw/isa/vt82c686: Let ISA function expose I
Named IRQs are easier to understand in the monitor.
Name the single output interrupt as 'intr'.
Signed-off-by: Philippe Mathieu-Daudé
---
hw/isa/vt82c686.c | 2 +-
hw/mips/fuloong2e.c | 2 +-
2 files changed, 2 insertions(+), 2 deletions(-)
diff --git a/hw/isa/vt82c686.c b/hw/isa/vt82c686.c
i
To avoid abusing isa_get_irq(NULL) using a hidden ISA bridge
under the hood, let the IDE function expose 2 output IRQs,
and connect them to the ISA function inputs when creating
the south bridge chipset model in vt82c686b_southbridge_init.
Signed-off-by: Philippe Mathieu-Daudé
---
hw/ide/via.c
Instead of creating an input IRQ with qemu_allocate_irqs()
to pass it as output IRQ of the PIC, with its handler simply
dispatching into the "intr" output IRQ, simplify by directly
connecting the PIC to the "intr" named output.
Fixes: 3dc31cb8490 ("vt82c686: Move creation of ISA devices to the ISA
Hi,
Peter's current workflow is push to /staging and if his
testing succeeds, he pushes the same commit as /master.
IMO there is no point in building /master branch, as it
has already been built earlier as /staging.
Regards,
Phil.
The 2 cascaded 8259 PIC are managed by the PCI function #0
(ISA bridge). Expose the 16 IRQs on this function, so other
functions from the same chipset can access them.
Signed-off-by: Philippe Mathieu-Daudé
---
hw/isa/vt82c686.c | 13 -
1 file changed, 12 insertions(+), 1 deletion(-)
On 3/23/21 9:16 AM, Claudio Fontana wrote:
+++ b/target/arm/tcg/sysemu/meson.build
@@ -0,0 +1,3 @@
+
+arm_softmmu_ss.add(when: ['CONFIG_TCG','CONFIG_SOFTMMU'], if_true: files(
+))
Blank lines at the start of each new file?
Otherwise,
Reviewed-by: Richard Henderson
r~
Signed-off-by: Philippe Mathieu-Daudé
---
hw/ide/via.c | 12 ++--
1 file changed, 6 insertions(+), 6 deletions(-)
diff --git a/hw/ide/via.c b/hw/ide/via.c
index be09912b334..6c667a92130 100644
--- a/hw/ide/via.c
+++ b/hw/ide/via.c
@@ -90,7 +90,7 @@ static void bmdma_setup_bar(PCIIDEState
On Mon, Mar 22, 2021 at 12:27:54PM -0400, Peter Xu wrote:
> On Mon, Mar 22, 2021 at 02:54:30PM +0100, Paolo Bonzini wrote:
> > On 22/03/21 11:47, Keqian Zhu wrote:
> > > > +qemu_mutex_init(&kml_slots_lock);
> > > As you said, x86 has two address spaces, is it a problem that we may have
> > > m
The VT82C686B south bridge is a single chipset. Model
it as a single sysbus device.
Move the vt82c686b_southbridge_init as via_southbridge_realize,
add the QOM state: ViaSouthBridgeState. This device needs 2
properties to be realized: the PCI bus and its slot number.
2 aliases are exposed: the ISA
On 3/23/21 9:16 AM, Claudio Fontana wrote:
+arm_softmmu_ss.add(when: ['CONFIG_TCG','CONFIG_SOFTMMU'], if_true: files(
+))
diff --git a/target/arm/tcg/user/meson.build b/target/arm/tcg/user/meson.build
new file mode 100644
index 00..d70a51ea9a
--- /dev/null
+++ b/target/arm/tcg/user/meson.
On Wed, 24 Mar 2021 at 14:52, Stefan Hajnoczi wrote:
>
> The following changes since commit 67c1115edd98f388ca89dd38322ea3fadf034523:
>
> Merge remote-tracking branch 'remotes/kraxel/tags/ui-20210323-pull-request'
> into staging (2021-03-23 23:47:30 +)
>
> are available in the Git repositor
On 3/23/21 9:17 AM, Claudio Fontana wrote:
--- a/target/arm/tcg/sysemu/meson.build
+++ b/target/arm/tcg/sysemu/meson.build
@@ -1,4 +1,5 @@
arm_softmmu_ss.add(when: ['CONFIG_TCG','CONFIG_SOFTMMU'], if_true: files(
'mte_helper.c',
+ 'debug_helper.c',
))
Sort the files as you add them
On 3/23/21 9:17 AM, Claudio Fontana wrote:
Signed-off-by: Claudio Fontana
---
target/arm/tcg/tlb_helper.h| 17 ++
target/arm/tcg/sysemu/tlb_helper.c | 83 ++
target/arm/tcg/tlb_helper.c| 96 ++
target/arm/tcg/user/tlb_he
On 3/24/21 7:18 PM, Richard Henderson wrote:
> On 3/23/21 9:16 AM, Claudio Fontana wrote:
>> +arm_softmmu_ss.add(when: ['CONFIG_TCG','CONFIG_SOFTMMU'], if_true: files(
>> +))
>> diff --git a/target/arm/tcg/user/meson.build
>> b/target/arm/tcg/user/meson.build
>> new file mode 100644
>> index 0
On 3/23/21 9:16 AM, Claudio Fontana wrote:
+#ifndef MTE_HELPER_H
+#define MTE_HELPER_H
+/**
Whitespace after the define.
Otherwise,
Reviewed-by: Richard Henderson
r~
101 - 200 of 383 matches
Mail list logo
