Branch: refs/heads/staging-8.0
Home: https://github.com/qemu/qemu
Commit: 246b0cf1acc1efa9e4171bad72efdf0507cbe73e
https://github.com/qemu/qemu/commit/246b0cf1acc1efa9e4171bad72efdf0507cbe73e
Author: Eugenio Pérez <[email protected]>
Date: 2023-06-30 (Fri, 30 Jun 2023)
Changed paths:
M net/vhost-vdpa.c
Log Message:
-----------
vdpa: mask _F_CTRL_GUEST_OFFLOADS for vhost vdpa devices
QEMU does not emulate it so it must be disabled as long as the backend
does not support it.
Signed-off-by: Eugenio Pérez <[email protected]>
Message-Id: <[email protected]>
Reviewed-by: Michael S. Tsirkin <[email protected]>
Signed-off-by: Michael S. Tsirkin <[email protected]>
Acked-by: Jason Wang <[email protected]>
Tested-by: Lei Yang <[email protected]>
(cherry picked from commit 51e84244a7799172f4239482199e9b4bdcd23172)
Signed-off-by: Michael Tokarev <[email protected]>
Commit: ce6331222dd74abb8ca9832e0cf011ecb9af7408
https://github.com/qemu/qemu/commit/ce6331222dd74abb8ca9832e0cf011ecb9af7408
Author: Laurent Vivier <[email protected]>
Date: 2023-06-30 (Fri, 30 Jun 2023)
Changed paths:
M hw/virtio/vhost.c
Log Message:
-----------
vhost: fix vhost_dev_enable_notifiers() error case
in vhost_dev_enable_notifiers(), if virtio_bus_set_host_notifier(true)
fails, we call vhost_dev_disable_notifiers() that executes
virtio_bus_set_host_notifier(false) on all queues, even on queues that
have failed to be initialized.
This triggers a core dump in memory_region_del_eventfd():
virtio_bus_set_host_notifier: unable to init event notifier: Too many open
files (-24)
vhost VQ 1 notifier binding failed: 24
.../softmmu/memory.c:2611: memory_region_del_eventfd: Assertion `i !=
mr->ioeventfd_nb' failed.
Fix the problem by providing to vhost_dev_disable_notifiers() the
number of queues to disable.
Fixes: 8771589b6f81 ("vhost: simplify vhost_dev_enable_notifiers")
Cc: [email protected]
Signed-off-by: Laurent Vivier <[email protected]>
Message-Id: <[email protected]>
Reviewed-by: Michael S. Tsirkin <[email protected]>
Signed-off-by: Michael S. Tsirkin <[email protected]>
Reviewed-by: Philippe Mathieu-Daudé <[email protected]>
(cherry picked from commit 92099aa4e9a3bb6856c290afaf41c76f9e3dd9fd)
Signed-off-by: Michael Tokarev <[email protected]>
Commit: 55ee115e7a13c6a923d3f7f7f18fd3f5de6653aa
https://github.com/qemu/qemu/commit/55ee115e7a13c6a923d3f7f7f18fd3f5de6653aa
Author: Nicholas Piggin <[email protected]>
Date: 2023-06-30 (Fri, 30 Jun 2023)
Changed paths:
M hw/ppc/ppc.c
Log Message:
-----------
target/ppc: Fix decrementer time underflow and infinite timer loop
It is possible to store a very large value to the decrementer that it
does not raise the decrementer exception so the timer is scheduled, but
the next time value wraps and is treated as in the past.
This can occur if (u64)-1 is stored on a zero-triggered exception, or
(u64)-1 is stored twice on an underflow-triggered exception, for
example.
If such a value is set in DECAR, it gets stored to the decrementer by
the timer function, which then immediately causes another timer, which
hangs QEMU.
Clamp the decrementer to the implemented width, and use that as the
value for the timer calculation, effectively preventing this overflow.
Reported-by: [email protected]
Signed-off-by: Nicholas Piggin <[email protected]>
Reviewed-by: Daniel Henrique Barboza <[email protected]>
Message-Id: <[email protected]>
Signed-off-by: Daniel Henrique Barboza <[email protected]>
(cherry picked from commit 09d2db9f46e38e2da990df8ad914d735d764251a)
Signed-off-by: Michael Tokarev <[email protected]>
Commit: 58b3e4ff5f7eb0aa9c6148c5eeea2454a00c1eac
https://github.com/qemu/qemu/commit/58b3e4ff5f7eb0aa9c6148c5eeea2454a00c1eac
Author: Zhenzhong Duan <[email protected]>
Date: 2023-06-30 (Fri, 30 Jun 2023)
Changed paths:
M hw/vfio/pci.c
Log Message:
-----------
vfio/pci: Fix a segfault in vfio_realize
The kvm irqchip notifier is only registered if the device supports
INTx, however it's unconditionally removed in vfio realize error
path. If the assigned device does not support INTx, this will cause
QEMU to crash when vfio realize fails. Change it to conditionally
remove the notifier only if the notify hook is setup.
Before fix:
(qemu) device_add vfio-pci,host=81:11.1,id=vfio1,bus=root1,xres=1
Connection closed by foreign host.
After fix:
(qemu) device_add vfio-pci,host=81:11.1,id=vfio1,bus=root1,xres=1
Error: vfio 0000:81:11.1: xres and yres properties require display=on
(qemu)
Fixes: c5478fea27ac ("vfio/pci: Respond to KVM irqchip change notifier")
Signed-off-by: Zhenzhong Duan <[email protected]>
Reviewed-by: Cédric Le Goater <[email protected]>
Reviewed-by: Joao Martins <[email protected]>
Signed-off-by: Cédric Le Goater <[email protected]>
(cherry picked from commit 357bd7932a136613d700ee8bc83e9165f059d1f7)
Signed-off-by: Michael Tokarev <[email protected]>
Commit: 383fb8c05c4a5db4b7afda11c1752a80b1e74be1
https://github.com/qemu/qemu/commit/383fb8c05c4a5db4b7afda11c1752a80b1e74be1
Author: Shameer Kolothum <[email protected]>
Date: 2023-06-30 (Fri, 30 Jun 2023)
Changed paths:
M hw/vfio/pci.c
Log Message:
-----------
vfio/pci: Call vfio_prepare_kvm_msi_virq_batch() in MSI retry path
When vfio_enable_vectors() returns with less than requested nr_vectors
we retry with what kernel reported back. But the retry path doesn't
call vfio_prepare_kvm_msi_virq_batch() and this results in,
qemu-system-aarch64: vfio: Error: Failed to enable 4 MSI vectors, retry with 1
qemu-system-aarch64: ../hw/vfio/pci.c:602: vfio_commit_kvm_msi_virq_batch:
Assertion `vdev->defer_kvm_irq_routing' failed
Fixes: dc580d51f7dd ("vfio: defer to commit kvm irq routing when enable
msi/msix")
Reviewed-by: Longpeng <[email protected]>
Signed-off-by: Shameer Kolothum <[email protected]>
Reviewed-by: Cédric Le Goater <[email protected]>
Signed-off-by: Cédric Le Goater <[email protected]>
(cherry picked from commit c17408892319712c12357e5d1c6b305499c58c2a)
Signed-off-by: Michael Tokarev <[email protected]>
Commit: df1e45c9dfc8d5e9f8c19677799e8a77c601ce29
https://github.com/qemu/qemu/commit/df1e45c9dfc8d5e9f8c19677799e8a77c601ce29
Author: Richard Henderson <[email protected]>
Date: 2023-07-01 (Sat, 01 Jul 2023)
Changed paths:
M linux-user/mmap.c
Log Message:
-----------
linux-user: Avoid mmap of the last byte of the reserved_va
There is an overflow problem in mmap_find_vma_reserved:
when reserved_va == UINT32_MAX, end may overflow to 0.
Rather than a larger rewrite at this time, simply avoid
the final byte of the VA, which avoids searching the
final page, which avoids the overflow.
Cc: [email protected]
Resolves: https://gitlab.com/qemu-project/qemu/-/issues/1741
Fixes: 95059f9c ("include/exec: Change reserved_va semantics to last byte")
Signed-off-by: Richard Henderson <[email protected]>
Tested-by: Michael Tokarev <[email protected]>
Reviewed-by: Michael Tokarev <[email protected]>
Message-Id: <[email protected]>
(cherry picked from commit 605a8b5491a119a2a6efbf61e5a38f9374645990)
Signed-off-by: Michael Tokarev <[email protected]>
Commit: 477ab906d18cd9afbddef3d1f2d3945dbf8bc9da
https://github.com/qemu/qemu/commit/477ab906d18cd9afbddef3d1f2d3945dbf8bc9da
Author: Dongwon Kim <[email protected]>
Date: 2023-07-02 (Sun, 02 Jul 2023)
Changed paths:
M ui/gtk-egl.c
M ui/gtk-gl-area.c
Log Message:
-----------
ui/gtk: set the area of the scanout texture correctly
x and y offsets and width and height of the scanout texture
is not correctly configured in case guest scanout frame is
dmabuf.
Cc: Gerd Hoffmann <[email protected]>
Cc: Marc-André Lureau <[email protected]>
Cc: Vivek Kasireddy <[email protected]>
Signed-off-by: Dongwon Kim <[email protected]>
Message-ID: <[email protected]>
(cherry picked from commit 37802a24eb4e535d96d6fe0273505d2b5c6528c2)
Signed-off-by: Michael Tokarev <[email protected]>
Compare: https://github.com/qemu/qemu/compare/5e8838524a74...477ab906d18c
