Branch: refs/heads/staging-9.0
Home: https://github.com/qemu/qemu
Commit: db0a21257e58ef65fef75eb15a3673777a3c59f8
https://github.com/qemu/qemu/commit/db0a21257e58ef65fef75eb15a3673777a3c59f8
Author: Mark Cave-Ayland <[email protected]>
Date: 2024-06-11 (Tue, 11 Jun 2024)
Changed paths:
M target/i386/tcg/translate.c
Log Message:
-----------
target/i386: fix size of EBP writeback in gen_enter()
The calculation of FrameTemp is done using the size indicated by mo_pushpop()
before being written back to EBP, but the final writeback to EBP is done using
the size indicated by mo_stacksize().
In the case where mo_pushpop() is MO_32 and mo_stacksize() is MO_16 then the
final writeback to EBP is done using MO_16 which can leave junk in the top
16-bits of EBP after executing ENTER.
Change the writeback of EBP to use the same size indicated by mo_pushpop() to
ensure that the full value is written back.
Signed-off-by: Mark Cave-Ayland <[email protected]>
Resolves: https://gitlab.com/qemu-project/qemu/-/issues/2198
Message-ID: <[email protected]>
Cc: [email protected]
Signed-off-by: Paolo Bonzini <[email protected]>
(cherry picked from commit 3973615e7fbaeef1deeaa067577e373781ced70a)
Signed-off-by: Michael Tokarev <[email protected]>
Commit: 09f36a1f3fb3ebf0f14c9fd6d29611d339028280
https://github.com/qemu/qemu/commit/09f36a1f3fb3ebf0f14c9fd6d29611d339028280
Author: Alexey Dobriyan <[email protected]>
Date: 2024-06-11 (Tue, 11 Jun 2024)
Changed paths:
M hw/net/virtio-net.c
Log Message:
-----------
virtio-net: drop too short packets early
Reproducer from https://gitlab.com/qemu-project/qemu/-/issues/1451
creates small packet (1 segment, len = 10 == n->guest_hdr_len),
then destroys queue.
"if (n->host_hdr_len != n->guest_hdr_len)" is triggered, if body creates
zero length/zero segment packet as there is nothing after guest header.
qemu_sendv_packet_async() tries to send it.
slirp discards it because it is smaller than Ethernet header,
but returns 0 because tx hooks are supposed to return total length of data.
0 is propagated upwards and is interpreted as "packet has been sent"
which is terrible because queue is being destroyed, nobody is waiting for TX
to complete and assert it triggered.
Fix is discard such empty packets instead of sending them.
Length 1 packets will go via different codepath:
virtqueue_push(q->tx_vq, elem, 0);
virtio_notify(vdev, q->tx_vq);
g_free(elem);
and aren't problematic.
Signed-off-by: Alexey Dobriyan <[email protected]>
Signed-off-by: Jason Wang <[email protected]>
(cherry picked from commit 2c3e4e2de699cd4d9f6c71f30a22d8f125cd6164)
Signed-off-by: Michael Tokarev <[email protected]>
Commit: 0d90c36d9c1eda2a7c39839475df4bf3f4758920
https://github.com/qemu/qemu/commit/0d90c36d9c1eda2a7c39839475df4bf3f4758920
Author: Dongwon Kim <[email protected]>
Date: 2024-06-11 (Tue, 11 Jun 2024)
Changed paths:
M ui/gtk-egl.c
M ui/gtk-gl-area.c
Log Message:
-----------
ui/gtk: Draw guest frame at refresh cycle
Draw routine needs to be manually invoked in the next refresh
if there is a scanout blob from the guest. This is to prevent
a situation where there is a scheduled draw event but it won't
happen bacause the window is currently in inactive state
(minimized or tabified). If draw is not done for a long time,
gl_block timeout and/or fence timeout (on the guest) will happen
eventually.
v2: Use gd_gl_area_draw(vc) in gtk-gl-area.c
Suggested-by: Vivek Kasireddy <[email protected]>
Cc: Gerd Hoffmann <[email protected]>
Cc: Marc-André Lureau <[email protected]>
Cc: Daniel P. Berrangé <[email protected]>
Signed-off-by: Dongwon Kim <[email protected]>
Acked-by: Marc-André Lureau <[email protected]>
Message-Id: <[email protected]>
(cherry picked from commit 77bf310084dad38b3a2badf01766c659056f1cf2)
Signed-off-by: Michael Tokarev <[email protected]>
Commit: 35e5ce5bd6f446c8a8df04cfeda1edc23e5f19da
https://github.com/qemu/qemu/commit/35e5ce5bd6f446c8a8df04cfeda1edc23e5f19da
Author: Stefan Hajnoczi <[email protected]>
Date: 2024-06-14 (Fri, 14 Jun 2024)
Changed paths:
M qapi/qmp-dispatch.c
Log Message:
-----------
Revert "monitor: use aio_co_reschedule_self()"
Commit 1f25c172f837 ("monitor: use aio_co_reschedule_self()") was a code
cleanup that uses aio_co_reschedule_self() instead of open coding
coroutine rescheduling.
Bug RHEL-34618 was reported and Kevin Wolf <[email protected]> identified
the root cause. I missed that aio_co_reschedule_self() ->
qemu_get_current_aio_context() only knows about
qemu_aio_context/IOThread AioContexts and not about iohandler_ctx. It
does not function correctly when going back from the iohandler_ctx to
qemu_aio_context.
Go back to open coding the AioContext transitions to avoid this bug.
This reverts commit 1f25c172f83704e350c0829438d832384084a74d.
Cc: [email protected]
Buglink: https://issues.redhat.com/browse/RHEL-34618
Signed-off-by: Stefan Hajnoczi <[email protected]>
Message-ID: <[email protected]>
Reviewed-by: Kevin Wolf <[email protected]>
Signed-off-by: Kevin Wolf <[email protected]>
(cherry picked from commit 719c6819ed9a9838520fa732f9861918dc693bda)
Signed-off-by: Michael Tokarev <[email protected]>
Commit: 1608a7f81f0e220cba16b351349f6af0f8957b15
https://github.com/qemu/qemu/commit/1608a7f81f0e220cba16b351349f6af0f8957b15
Author: Philippe Mathieu-Daudé <[email protected]>
Date: 2024-06-20 (Thu, 20 Jun 2024)
Changed paths:
M hw/audio/virtio-snd.c
Log Message:
-----------
hw/audio/virtio-snd: Always use little endian audio format
The VIRTIO Sound Device conforms with the Virtio spec v1.2,
thus only use little endianness.
Remove the suspicious target_words_bigendian() noticed during
code review.
Cc: [email protected]
Fixes: eb9ad377bb ("virtio-sound: handle control messages and streams")
Signed-off-by: Philippe Mathieu-Daudé <[email protected]>
Reviewed-by: Michael S. Tsirkin <[email protected]>
Message-Id: <[email protected]>
(cherry picked from commit a276ec8e2632c9015d0f9b4e47194e4e91dfa8bb)
Signed-off-by: Michael Tokarev <[email protected]>
Commit: 37f037cb69d0e4232669bca55f56e05213ac2326
https://github.com/qemu/qemu/commit/37f037cb69d0e4232669bca55f56e05213ac2326
Author: Gerd Hoffmann <[email protected]>
Date: 2024-06-20 (Thu, 20 Jun 2024)
Changed paths:
M hw/display/vga.c
Log Message:
-----------
stdvga: fix screen blanking
In case the display surface uses a shared buffer (i.e. uses vga vram
directly instead of a shadow) go unshare the buffer before clearing it.
This avoids vga memory corruption, which in turn fixes unblanking not
working properly with X11.
Cc: [email protected]
Resolves: https://gitlab.com/qemu-project/qemu/-/issues/2067
Signed-off-by: Gerd Hoffmann <[email protected]>
Reviewed-by: Marc-André Lureau <[email protected]>
Message-ID: <[email protected]>
Signed-off-by: Philippe Mathieu-Daudé <[email protected]>
(cherry picked from commit b1cf266c82cb1211ee2785f1813a6a3f3e693390)
Signed-off-by: Michael Tokarev <[email protected]>
Commit: 7ee955223ede77900d1f96a3ad2b4ed783163537
https://github.com/qemu/qemu/commit/7ee955223ede77900d1f96a3ad2b4ed783163537
Author: Anton Johansson <[email protected]>
Date: 2024-06-20 (Thu, 20 Jun 2024)
Changed paths:
M accel/tcg/tb-maint.c
Log Message:
-----------
accel/tcg: Fix typo causing tb->page_addr[1] to not be recorded
For TBs crossing page boundaries, the 2nd page will never be
recorded/removed, as the index of the 2nd page is computed from the
address of the 1st page. This is due to a typo, fix it.
Cc: [email protected]
Fixes: deba78709a ("accel/tcg: Always lock pages before translation")
Signed-off-by: Anton Johansson <[email protected]>
Reviewed-by: Manos Pitsidianakis <[email protected]>
Reviewed-by: Philippe Mathieu-Daudé <[email protected]>
Reviewed-by: Alex Bennée <[email protected]>
Message-Id: <[email protected]>
Signed-off-by: Richard Henderson <[email protected]>
(cherry picked from commit 3b279f73fa37bec8d3ba04a15f5153d6491cffaf)
Signed-off-by: Michael Tokarev <[email protected]>
Commit: 0556f5fc1356374b652dda5cd9deb85dfb08bd33
https://github.com/qemu/qemu/commit/0556f5fc1356374b652dda5cd9deb85dfb08bd33
Author: Ilya Leoshkevich <[email protected]>
Date: 2024-06-20 (Thu, 20 Jun 2024)
Changed paths:
M linux-user/syscall.c
Log Message:
-----------
linux-user: Make TARGET_NR_setgroups affect only the current thread
Like TARGET_NR_setuid, TARGET_NR_setgroups should affect only the
calling thread, and not the entire process. Therefore, implement it
using a syscall, and not a libc call.
Cc: [email protected]
Fixes: 19b84f3c35d7 ("added setgroups and getgroups syscalls")
Signed-off-by: Ilya Leoshkevich <[email protected]>
Reviewed-by: Philippe Mathieu-Daudé <[email protected]>
Message-Id: <[email protected]>
Reviewed-by: Richard Henderson <[email protected]>
Signed-off-by: Richard Henderson <[email protected]>
(cherry picked from commit 54b27921026df384f67df86f04c39539df375c60)
Signed-off-by: Michael Tokarev <[email protected]>
Commit: c8fdbb5babf0cb201c88d55e7e543352352f26e7
https://github.com/qemu/qemu/commit/c8fdbb5babf0cb201c88d55e7e543352352f26e7
Author: Clément Chigot <[email protected]>
Date: 2024-06-20 (Thu, 20 Jun 2024)
Changed paths:
M target/sparc/helper.c
Log Message:
-----------
target/sparc: use signed denominator in sdiv helper
The result has to be done with the signed denominator (b32) instead of
the unsigned value passed in argument (b).
Cc: [email protected]
Fixes: 1326010322d6 ("target/sparc: Remove CC_OP_DIV")
Resolves: https://gitlab.com/qemu-project/qemu/-/issues/2319
Signed-off-by: Clément Chigot <[email protected]>
Reviewed-by: Richard Henderson <[email protected]>
Message-Id: <[email protected]>
Signed-off-by: Richard Henderson <[email protected]>
(cherry picked from commit 6b4965373e561b77f91cfbdf41353635c9661358)
Signed-off-by: Michael Tokarev <[email protected]>
Commit: 658fb89bdcbc59217d83c16140446f279c15eaec
https://github.com/qemu/qemu/commit/658fb89bdcbc59217d83c16140446f279c15eaec
Author: Richard Henderson <[email protected]>
Date: 2024-06-20 (Thu, 20 Jun 2024)
Changed paths:
M tcg/loongarch64/tcg-target.c.inc
Log Message:
-----------
tcg/loongarch64: Fix tcg_out_movi vs some pcrel pointers
Simplify the logic for two-part, 32-bit pc-relative addresses.
Rather than assume all such fit in int32_t, do some arithmetic
and assert a result, do some arithmetic first and then check
to see if the pieces are in range.
Cc: [email protected]
Fixes: dacc51720db ("tcg/loongarch64: Implement tcg_out_mov and tcg_out_movi")
Reviewed-by: Song Gao <[email protected]>
Reported-by: Song Gao <[email protected]>
Signed-off-by: Richard Henderson <[email protected]>
(cherry picked from commit 521d7fb3ebdf88112ed13556a93e3037742b9eb8)
Signed-off-by: Michael Tokarev <[email protected]>
Commit: d7a4a38a03936a04a27042a7b397ccb4f1b4ff06
https://github.com/qemu/qemu/commit/d7a4a38a03936a04a27042a7b397ccb4f1b4ff06
Author: Fabiano Rosas <[email protected]>
Date: 2024-06-22 (Sat, 22 Jun 2024)
Changed paths:
M migration/file.c
Log Message:
-----------
migration: Fix file migration with fdset
When the "file:" migration support was added we missed the special
case in the qemu_open_old implementation that allows for a particular
file name format to be used to refer to a set of file descriptors that
have been previously provided to QEMU via the add-fd QMP command.
When using this fdset feature, we should not truncate the migration
file because being given an fd means that the management layer is in
control of the file and will likely already have some data written to
it. This is further indicated by the presence of the 'offset'
argument, which indicates the start of the region where QEMU is
allowed to write.
Fix the issue by replacing the O_TRUNC flag on open by an ftruncate
call, which will take the offset into consideration.
Fixes: 385f510df5 ("migration: file URI offset")
Suggested-by: Daniel P. Berrangé <[email protected]>
Reviewed-by: Prasad Pandit <[email protected]>
Reviewed-by: Peter Xu <[email protected]>
Reviewed-by: Daniel P. Berrangé <[email protected]>
Signed-off-by: Fabiano Rosas <[email protected]>
(cherry picked from commit 6d3279655ac49b806265f08415165f471d33e032)
Signed-off-by: Michael Tokarev <[email protected]>
Compare: https://github.com/qemu/qemu/compare/60b4f3aff4e3...d7a4a38a0393
To unsubscribe from these emails, change your notification settings at
https://github.com/qemu/qemu/settings/notifications
