Hi everyone,
The following new patches are queued for QEMU stable v4.0.1: https://github.com/mdroth/qemu/commits/stable-4.0-staging The release is planned for 2019-10-17: https://wiki.qemu.org/Planning/4.0 Please respond here or CC qemu-sta...@nongnu.org on any patches you think should be included in the release. Note that this update falls outside the normal stable release support window (~1 development cycle), but is being released now since it was delayed from its intended release date. Thanks! ---------------------------------------------------------------- Alberto Garcia (1): qcow2: Fix the calculation of the maximum L2 cache size Alex Williamson (1): q35: Revert to kernel irqchip Anthony PERARD (1): xen-bus: Fix backend state transition on device reset Anton Blanchard (5): target/ppc: Fix xvabs[sd]p, xvnabs[sd]p, xvneg[sd]p, xvcpsgn[sd]p target/ppc: Fix xvxsigdp target/ppc: Fix xxbrq, xxbrw target/ppc: Fix vsum2sws target/ppc: Fix lxvw4x, lxvh8x and lxvb16x Christian Borntraeger (1): s390x/cpumodel: ignore csske for expansion Cédric Le Goater (1): spapr/xive: fix EQ page addresses above 64GB Daniel P. Berrangé (1): docs: recommend use of md-clear feature on all Intel CPUs David Hildenbrand (7): virtio-balloon: Fix wrong sign extension of PFNs virtio-balloon: Fix QEMU crashes on pagesize > BALLOON_PAGE_SIZE virtio-balloon: Simplify deflate with pbp virtio-balloon: Better names for offset variables in inflate/deflate code virtio-balloon: Rework pbp tracking data virtio-balloon: Use temporary PBP only virtio-balloon: don't track subpages for the PBP Eric Blake (1): cutils: Fix size_to_str() on 32-bit platforms Evgeny Yakovlev (2): i386/acpi: show PCI Express bus on pxb-pcie expanders i386/acpi: fix gint overflow in crs_range_compare Gerd Hoffmann (2): kbd-state: fix autorepeat handling usb-tablet: fix serial compat property Jan Kiszka (1): ioapic: kvm: Skip route updates for masked pins Johannes Berg (1): libvhost-user: fix SLAVE_SEND_FD handling John Snow (13): Makefile: add nit-picky mode to sphinx-build docs/interop/bitmaps: rewrite and modernize doc blockdev-backup: don't check aio_context too early iotests.py: do not use infinite waits QEMUMachine: add events_wait method iotests.py: rewrite run_job to be pickier iotests: add iotest 256 for testing blockdev-backup across iothread contexts migration/dirty-bitmaps: change bitmap enumeration method docs/interop/bitmaps.rst: Fix typos sphinx: add qmp_lexer docs/bitmaps: use QMP lexer instead of json Revert "ide/ahci: Check for -ECANCELED in aio callbacks" iotests: add testing shim for script-style python tests Kevin Wolf (7): qcow2: Avoid COW during metadata preallocation qcow2: Add errp to preallocate_co() qcow2: Fix full preallocation with external data file qcow2: Fix qcow2_make_empty() with external data file block: Fix AioContext switch for bs->drv == NULL block: Drain source node in bdrv_replace_node() iotests: Test commit job start with concurrent I/O Li Hangjing (1): vhost: fix vhost_log size overflow during migration Marc-André Lureau (2): virtio-pci: fix missing device properties usbredir: fix buffer-overflow on vmload Markus Armbruster (2): vl: Fix -drive / -blockdev persistent reservation management pr-manager: Fix invalid g_free() crash bug Matthew Rosato (1): s390: PCI: fix IOMMU region init Max Reitz (20): block/file-posix: Unaligned O_DIRECT block-status iotests: Test unaligned raw images with O_DIRECT iotests.py: Fix VM.run_job backup: Copy only dirty areas iotests: Test backup job with two guest writes iotests: Test incremental backup after truncation mirror: Only mirror granularity-aligned chunks iotests: Test unaligned blocking mirror write vpc: Return 0 from vpc_co_create() on success iotests: Add supported protocols to execute_test() iotests: Restrict file Python tests to file iotests: Restrict nbd Python tests to nbd iotests: Test blockdev-create for vpc curl: Keep pointer to the CURLState in CURLSocket curl: Keep *socket until the end of curl_sock_cb() curl: Check completion in curl_multi_do() curl: Pass CURLSocket to curl_multi_do() curl: Report only ready sockets curl: Handle success in multi_check_completion curl: Check curl_multi_add_handle()'s return code Michael Roth (2): slirp: Fix heap overflow in ip_reass on big packet input slirp: ip_reass: Fix use after free Michael S. Tsirkin (1): virtio-balloon: free pbp more aggressively Paolo Bonzini (4): target/i386: add MDS-NO feature target/i386: define md-clear bit dma-helpers: ensure AIO callback is invoked after cancellation scsi: lsi: exit infinite loop while executing script (CVE-2019-12068) Peter Lieven (2): megasas: fix mapped frame size block/nfs: tear down aio before nfs_close Peter Maydell (1): target/arm: Don't abort on M-profile exception return in linux-user mode Philippe Mathieu-Daudé (4): hw/ssi/xilinx_spips: Convert lqspi_read() to read_with_attrs hw/ssi/xilinx_spips: Avoid AXI writes to the LQSPI linear memory hw/ssi/xilinx_spips: Avoid out-of-bound access to lqspi_buf[] block/create: Do not abort if a block driver is not available Sergio Lopez (1): blockjob: update nodes head while removing all bdrv Stefan Berger (2): tpm: Exit in reset when backend indicates failure tpm_emulator: Translate TPM error codes to strings Stefan Hajnoczi (1): virtio-balloon: fix QEMU 4.0 config size migration incompatibility Thomas Huth (1): hw/core/loader: Fix possible crash in rom_copy() Vladimir Sementsov-Ogievskiy (7): block/backup: simplify backup_incremental_init_copy_bitmap block/backup: move to copy_bitmap with granularity block/backup: refactor and tolerate unallocated cluster skipping block/backup: unify different modes code path block/backup: refactor: split out backup_calculate_cluster_size util/hbitmap: update orig_size on truncate block/backup: disable copy_range for compressed backup Makefile | 2 +- block.c | 19 +- block/backup.c | 258 +++--- block/create.c | 6 +- block/curl.c | 133 ++- block/file-posix.c | 16 + block/mirror.c | 29 + block/nfs.c | 6 +- block/qcow2.c | 59 +- block/vpc.c | 3 +- blockdev.c | 4 - blockjob.c | 17 +- contrib/libvhost-user/libvhost-user.c | 3 +- dma-helpers.c | 13 +- docs/conf.py | 4 +- docs/interop/bitmaps.rst | 1585 ++++++++++++++++++++++++++------- docs/qemu-cpu-models.texi | 12 + docs/sphinx/qmp_lexer.py | 43 + hw/core/loader.c | 2 +- hw/core/machine.c | 8 +- hw/i386/acpi-build.c | 17 +- hw/i386/pc.c | 3 + hw/i386/pc_q35.c | 16 +- hw/ide/ahci.c | 3 - hw/ide/core.c | 14 - hw/intc/ioapic.c | 8 +- hw/intc/spapr_xive.c | 3 +- hw/intc/xive.c | 9 +- hw/s390x/s390-pci-bus.c | 7 +- hw/scsi/lsi53c895a.c | 41 +- hw/scsi/megasas.c | 2 +- hw/ssi/xilinx_spips.c | 43 +- hw/tpm/tpm_crb.c | 4 +- hw/tpm/tpm_emulator.c | 60 +- hw/tpm/tpm_int.h | 13 + hw/tpm/tpm_tis.c | 4 +- hw/usb/redirect.c | 5 + hw/virtio/vhost.c | 10 + hw/virtio/virtio-balloon.c | 143 +-- hw/virtio/virtio-pci.c | 28 +- hw/xen/xen-bus.c | 23 +- include/hw/boards.h | 3 + include/hw/i386/pc.h | 3 + include/hw/ppc/xive_regs.h | 6 + include/hw/virtio/virtio-balloon.h | 5 +- migration/block-dirty-bitmap.c | 14 +- python/qemu/__init__.py | 69 +- scsi/pr-manager.c | 1 - slirp/src/ip_input.c | 19 +- target/arm/translate.c | 21 +- target/i386/cpu.c | 4 +- target/ppc/int_helper.c | 2 +- target/ppc/translate/vsx-impl.inc.c | 23 +- target/s390x/cpu_models.c | 2 + tests/bios-tables-test.c | 9 + tests/qemu-iotests/030 | 3 +- tests/qemu-iotests/040 | 3 +- tests/qemu-iotests/041 | 3 +- tests/qemu-iotests/044 | 3 +- tests/qemu-iotests/045 | 3 +- tests/qemu-iotests/055 | 3 +- tests/qemu-iotests/056 | 42 +- tests/qemu-iotests/056.out | 4 +- tests/qemu-iotests/057 | 3 +- tests/qemu-iotests/065 | 3 +- tests/qemu-iotests/096 | 3 +- tests/qemu-iotests/118 | 3 +- tests/qemu-iotests/124 | 41 +- tests/qemu-iotests/124.out | 4 +- tests/qemu-iotests/129 | 3 +- tests/qemu-iotests/132 | 3 +- tests/qemu-iotests/139 | 3 +- tests/qemu-iotests/147 | 5 +- tests/qemu-iotests/148 | 3 +- tests/qemu-iotests/151 | 28 +- tests/qemu-iotests/151.out | 4 +- tests/qemu-iotests/152 | 3 +- tests/qemu-iotests/155 | 3 +- tests/qemu-iotests/163 | 3 +- tests/qemu-iotests/165 | 3 +- tests/qemu-iotests/169 | 3 +- tests/qemu-iotests/196 | 3 +- tests/qemu-iotests/199 | 3 +- tests/qemu-iotests/205 | 3 +- tests/qemu-iotests/221 | 4 + tests/qemu-iotests/245 | 3 +- tests/qemu-iotests/253 | 84 ++ tests/qemu-iotests/253.out | 14 + tests/qemu-iotests/255 | 83 ++ tests/qemu-iotests/255.out | 16 + tests/qemu-iotests/256 | 122 +++ tests/qemu-iotests/256.out | 119 +++ tests/qemu-iotests/266 | 153 ++++ tests/qemu-iotests/266.out | 137 +++ tests/qemu-iotests/group | 4 + tests/qemu-iotests/iotests.py | 106 ++- ui/kbd-state.c | 6 +- util/cutils.c | 2 +- util/hbitmap.c | 6 +- vl.c | 3 +- 100 files changed, 3022 insertions(+), 893 deletions(-) create mode 100644 docs/sphinx/qmp_lexer.py create mode 100755 tests/qemu-iotests/253 create mode 100644 tests/qemu-iotests/253.out create mode 100755 tests/qemu-iotests/255 create mode 100644 tests/qemu-iotests/255.out create mode 100755 tests/qemu-iotests/256 create mode 100644 tests/qemu-iotests/256.out create mode 100755 tests/qemu-iotests/266 create mode 100644 tests/qemu-iotests/266.out