From: Stefan Markovic
Signed-off-by: Stefan Markovic
---
linux-user/mips/target_syscall.h | 2 ++
linux-user/mips64/target_syscall.h | 2 ++
linux-user/syscall.c | 62 +++---
3 files changed, 62 insertions(+), 4 deletions(-)
diff --git a/linux-
From: Stefan Markovic
Signed-off-by: Stefan Markovic
---
linux-user/elfload.c | 33 +
1 file changed, 33 insertions(+)
diff --git a/linux-user/elfload.c b/linux-user/elfload.c
index 055f6a9..5881233 100644
--- a/linux-user/elfload.c
+++ b/linux-user/elfload.c
@@
From: Stefan Markovic
Signed-off-by: Stefan Markovic
---
linux-user/elfload.c | 4
1 file changed, 4 insertions(+)
diff --git a/linux-user/elfload.c b/linux-user/elfload.c
index 5881233..5bccd2e 100644
--- a/linux-user/elfload.c
+++ b/linux-user/elfload.c
@@ -2396,6 +2396,7 @@ static void
From: Stefan Markovic
Floating-point mode is calculated from MIPS.abiflags FP ABI value
(based on kernel implementation). Illegal combinations are rejected.
Signed-off-by: Stefan Markovic
---
linux-user/mips/cpu_loop.c | 75 ++
1 file changed, 75 ins
From: Stefan Markovic
Signed-off-by: Stefan Markovic
---
linux-user/qemu.h | 4
1 file changed, 4 insertions(+)
diff --git a/linux-user/qemu.h b/linux-user/qemu.h
index 1beb6a2..a752c1c 100644
--- a/linux-user/qemu.h
+++ b/linux-user/qemu.h
@@ -61,6 +61,10 @@ struct image_info {
From: Stefan Markovic
This series includes support for prctl() PR_GET_FP_MODE and PR_SET_FP_MODE.
This requires
extracting MIPS.abiflags section from ELF file and fp_abi value handling.
Stefan Markovic (6):
Define MIPS_ABI_FP_UNKNOWN macro
Extend image_info struct with MIPS specific fp_abi
From: Philippe Mathieu-Daudé
Signed-off-by: Philippe Mathieu-Daudé
Message-Id: <20181013004034.6968-7-f4...@amsat.org>
Reviewed-by: Richard Henderson
Signed-off-by: Fam Zheng
---
scripts/qemu.py | 2 ++
1 file changed, 2 insertions(+)
diff --git a/scripts/qemu.py b/scripts/qemu.py
index 9fc0
From: Philippe Mathieu-Daudé
Signed-off-by: Philippe Mathieu-Daudé
Message-Id: <20181013004034.6968-8-f4...@amsat.org>
Reviewed-by: Richard Henderson
Signed-off-by: Fam Zheng
---
tests/vm/basevm.py | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/tests/vm/basevm.py b/tests/
On Fri, Oct 26, 2018 at 04:03:51PM +0200, Markus Armbruster wrote:
> This is from my (imperfect) notes, corrections welcome.
>
> Motivation: QEMU contains stuff of dubious value, which gets in the way
> in various (sometimes painful and expensive) ways.
>
> Deprecation is the marking of an exter
The following changes since commit 808ebd66e467f77c0d1f8c6346235f81e9c99cf2:
Merge remote-tracking branch 'remotes/riscv/tags/riscv-for-master-3.1-sf0'
into staging (2018-10-25 17:41:03 +0100)
are available in the Git repository at:
git://github.com/famz/qemu.git tags/testing-pull-request
From: Philippe Mathieu-Daudé
Signed-off-by: Philippe Mathieu-Daudé
Message-Id: <20181013004034.6968-4-f4...@amsat.org>
Reviewed-by: Richard Henderson
Signed-off-by: Fam Zheng
---
tests/vm/basevm.py | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/tests/vm/basevm.py b/tests/
From: Philippe Mathieu-Daudé
Signed-off-by: Philippe Mathieu-Daudé
Message-Id: <20181013004034.6968-5-f4...@amsat.org>
Reviewed-by: Richard Henderson
Signed-off-by: Fam Zheng
---
tests/vm/basevm.py | 5 -
1 file changed, 4 insertions(+), 1 deletion(-)
diff --git a/tests/vm/basevm.py b/te
From: Philippe Mathieu-Daudé
Signed-off-by: Philippe Mathieu-Daudé
Message-Id: <20181013004034.6968-2-f4...@amsat.org>
Reviewed-by: Richard Henderson
Signed-off-by: Fam Zheng
---
scripts/qemu.py| 4
tests/vm/basevm.py | 4 ++--
2 files changed, 6 insertions(+), 2 deletions(-)
diff -
From: Philippe Mathieu-Daudé
The 'arch' property gives a hint on which architecture the guest image runs.
This can be use to select the correct QEMU binary path.
Signed-off-by: Philippe Mathieu-Daudé
Message-Id: <20181013004034.6968-6-f4...@amsat.org>
Reviewed-by: Richard Henderson
Signed-off
From: Philippe Mathieu-Daudé
Signed-off-by: Philippe Mathieu-Daudé
Message-Id: <20181013004034.6968-9-f4...@amsat.org>
Reviewed-by: Richard Henderson
Signed-off-by: Fam Zheng
---
tests/vm/basevm.py | 8
1 file changed, 4 insertions(+), 4 deletions(-)
diff --git a/tests/vm/basevm.py
From: Philippe Mathieu-Daudé
Signed-off-by: Philippe Mathieu-Daudé
Message-Id: <20181013004034.6968-3-f4...@amsat.org>
Reviewed-by: Richard Henderson
Signed-off-by: Fam Zheng
---
tests/vm/basevm.py | 9 -
1 file changed, 8 insertions(+), 1 deletion(-)
diff --git a/tests/vm/basevm.py
From: Paolo Bonzini
--with-gtkabi does not exist anymore; remove it from the configure invocation.
Fixes: 89d85cde75143325205e332dd97bf1bb8402d7c1
Signed-off-by: Paolo Bonzini
Message-Id: <1539886203-33670-1-git-send-email-pbonz...@redhat.com>
Tested-by: Philippe Mathieu-Daudé
Reviewed-by: Tho
On Fri, Oct 26, 2018 at 12:03:35PM +0200, Paolo Bonzini wrote:
> On 26/10/2018 11:59, Daniel P. Berrangé wrote:
> > I should also say that QEMU as an upstream project has multiple goals.
> > Running KVM guests with modern PV hardware is only one of them, albeit
> > a widely used one. Being able to
This is from my (imperfect) notes, corrections welcome.
Motivation: QEMU contains stuff of dubious value, which gets in the way
in various (sometimes painful and expensive) ways.
Deprecation is the marking of an external interface as "we intend to
remove this, you should stop using it" (preferabl
On 10/26/2018 4:25 AM, P J P wrote:
+-- On Thu, 25 Oct 2018, Ameya More wrote --+
| While Mark and I reported this issue to you, it was actually discovered by
| Dejvau Security and they should receive credit for reporting this issue.
| http://www.dejavusecurity.com
I see; Would it be possible
> From: Fredrik Noring
> Subject: [PATCH 01/11] target/mips: Rename ASE_MMI to ASE_TOSHIBA_MMI, with
> Toshiba namespace
>
> Several vendors have multimedia instruction (MMI) sets and other
> extensions of various kinds. ASE vendor namespaces make it clear these
> are not generic architectural f
On 10/26/18 11:49 AM, Bastian Koppelmann wrote:
> I think you can pick up everything up to the RVC conversion which still needs
> the work suggested by Richard. Thanks, for picking it up :)
Even then I thought we were talking about splitting the RV64 insns
into a separate file, reducing the ifdefs
Public bug reported:
Hello, i am new to QEMU and i encounter that annoying issue (windowed)
when i move the mouse a bit too much then it leave the window.
Windows 8.1, Latest QEMU (Windows binaries).
** Affects: qemu
Importance: Undecided
Status: New
** Summary changed:
- windows
Hi Maciej,
> I'm not sure if every single random vendor-specific instruction (or a
> bunch of) deserves its own ASE designation, be it internal or externally
> exposed. I think the MMI set being a substantial architectural feature
> makes sense to be shown in /proc/cpuinfo (in Linux), but I d
Emilio G. Cota writes:
> Cc: Peter Maydell
This will need to catch-up in the next re-base as there is a merge conflict.
> Cc: qemu-...@nongnu.org
> Reviewed-by: Richard Henderson
> Signed-off-by: Emilio G. Cota
> ---
> target/arm/cpu.c| 2 +-
> target/arm/helper.c | 12 +---
>
On Fri, Oct 26, 2018 at 09:10:19PM +0800, Fei Li wrote:
>
>
> On 10/25/2018 08:58 PM, Peter Xu wrote:
> > On Thu, Oct 25, 2018 at 05:04:00PM +0800, Fei Li wrote:
> >
> > [...]
> >
> > > @@ -1325,22 +1325,24 @@ bool multifd_recv_all_channels_created(void)
> > > /* Return true if multifd is rea
Rafael K. V. Maeda writes:
> Hi,
>
> I am implementing a plugin that allocates several resources. I need to
> cleanup some of these resources when QEMU finishes executing the guest
> application. Where is the best exit point to place my cleanup
> functions?
>
> I have tried registering a functi
On 10/25/2018 07:59 PM, Michael S. Tsirkin wrote:
> On Thu, Oct 25, 2018 at 08:16:44PM +0100, Peter Maydell wrote:
>> On 25 October 2018 at 01:52, Michael S. Tsirkin wrote:
>>> The following changes since commit 13399aad4fa87b2878c49d02a5d3bafa6c966ba3:
>>>
>>>Merge remote-tracking branch 'r
On 10/26/2018 11:42 AM, Daniel P. Berrangé wrote:
> On Fri, Oct 26, 2018 at 12:33:55PM +0530, P J P wrote:
>> Hello Dan, all
>>
>> +-- On Thu, 25 Oct 2018, Daniel P. Berrangé wrote --+
>> | On Thu, Oct 25, 2018 at 10:52:56AM +0200, Gerd Hoffmann wrote:
>> | > While being at it deprecate cirrus
On Fri, 26 Oct 2018, Richard Henderson wrote:
> > Overall this source file is clearly a modified copy of an ancient version
> > of the opcode table included with the opcodes library from binutils and I
> > think it would benefit from a refresh.
>
> You can't do that because of GPL v3, sadly.
On 10/25/2018 08:58 PM, Peter Xu wrote:
On Thu, Oct 25, 2018 at 05:04:00PM +0800, Fei Li wrote:
[...]
@@ -1325,22 +1325,24 @@ bool multifd_recv_all_channels_created(void)
/* Return true if multifd is ready for the migration, otherwise false */
bool multifd_recv_new_channel(QIOChannel *i
On 10/25/2018 08:55 PM, Dr. David Alan Gilbert wrote:
* Fei Li (f...@suse.com) wrote:
Hi,
these two patches are to fix live migration issues. The first is
about multifd, and the second is to fix some error handling.
But I have a question about using multifd migration.
In our current code, wh
Add FeatureWordType indicator in struct FeatureWordInfo.
Change feature_word_info[] accordingly.
Change existing functions that refer to feature_word_info[] accordingly.
Signed-off-by: Robert Hoo
---
target/i386/cpu.c | 205 --
target/i386/cpu.
KVM side has added the framework (kvm.git:d1d93fa90) to support MSR based
features.
Here is the QEMU part, including data structure changes/expanding, referring
functions changes, and the implementations on
KVM_GET_MSR_FEATURE_INDEX_LIST and KVM_GET_MSRS system ioctl.
Changelog:
v6: In cpu featu
Note RSBA is specially treated -- no matter host support it or not, qemu
pretends it is supported.
Changes in v6: filter out MSR features whose dependent CPUID enumeration is not
there.
Signed-off-by: Robert Hoo
Reviewed-by: Eduardo Habkost
---
target/i386/cpu.c | 31 ++
Add kvm_get_supported_feature_msrs() to get supported MSR feature index list.
Add kvm_arch_get_supported_msr_feature() to get each MSR features value.
Signed-off-by: Robert Hoo
Reviewed-by: Eduardo Habkost
---
include/sysemu/kvm.h | 2 ++
target/i386/kvm.c| 80 +
>
> It's not obvious to me why this looks so different from the code in
> parse_type_int64(). Should we be using qemu_strtoi64() in the
> pre-existing function, instead of what's there now?
The existing function has to be that complicated because it calls into
the same function used to parse r
From: Prasad J Pandit
While performing PowerNV memory r/w operations, the access length
'sz' could exceed the data[4] buffer size. Add check to avoid OOB
access.
Reported-by: Moguofang
Signed-off-by: Prasad J Pandit
---
hw/ppc/pnv_lpc.c | 8 +++-
1 file changed, 7 insertions(+), 1 deletio
+-- On Fri, 26 Oct 2018, Daniel P. Berrangé wrote --+
| > No, since the adlib device is not used as much and is being deprecated, I'm
| > not inclined to get one.
|
| Any security issue that affects code in QEMU that is currently being
| shipped by distros should have a CVE.
|
| Whether we inten
+-- On Fri, 26 Oct 2018, Paolo Bonzini wrote --+
| Oh, thanks! I said I was dumb. :) So the fix is just this:
|
| diff --git a/hw/audio/fmopl.h b/hw/audio/fmopl.h
| index e7e578a48e..7199afaa3c 100644
| --- a/hw/audio/fmopl.h
| +++ b/hw/audio/fmopl.h
| @@ -72,8 +72,8 @@ typedef struct fm_opl_f {
> I'm queueing your MADD and MADDU patch...
You don't queue, you submit.
Thanks,
Aleksandar
From: Fredrik Noring
Sent: Wednesday, October 24, 2018 8:01:15 PM
To: Philippe Mathieu-Daudé
Cc: Maciej W . Rozycki; Richard Henderson; Aleksandar Markovic; Aurel
The MAINTAINERS file is a bit sparse on information about what
the different designators are. Let's add some more information
to give contributors a better idea about what the different
roles are.
Signed-off-by: Cornelia Huck
---
This came out of a discussion about what being a 'reviewer' listed
On 10/25/18 12:21 AM, Palmer Dabbelt wrote:
On Sat, 20 Oct 2018 00:14:22 PDT (-0700),
kbast...@mail.uni-paderborn.de wrote:
Hi,
this patchset converts the RISC-V decoder to decodetree in three
major steps:
1) Convert 32-bit instructions to decodetree [Patch 1-14]:
Many of the gen_* fun
On 26/10/18 10:27, Eduardo Habkost wrote:
On Thu, Oct 25, 2018 at 06:17:59PM +0100, David Gibson wrote:
On Thu, Oct 25, 2018 at 10:32:23AM -0300, Eduardo Habkost wrote:
From: Philippe Mathieu-Daudé
Signed-off-by: Philippe Mathieu-Daudé
Reviewed-by: Artyom Tarasenko
Reviewed-by: Cédric Le Go
On 10/25/18 6:58 PM, Palmer Dabbelt wrote:
Reviewed-by: Palmer Dabbelt
How do you want to go about merging these? It looks like it should be
possible to merge the patch set piecemeal, which I'd actually be happy
doing as it'll be easier to get these out for testing that way. That
way we
* Daniel P. Berrangé (berra...@redhat.com) wrote:
> On Fri, Oct 26, 2018 at 12:33:55PM +0530, P J P wrote:
> > Hello Dan, all
> >
> > +-- On Thu, 25 Oct 2018, Daniel P. Berrangé wrote --+
> > | On Thu, Oct 25, 2018 at 10:52:56AM +0200, Gerd Hoffmann wrote:
> > | > While being at it deprecate cir
On 26 October 2018 at 11:06, Thomas Huth wrote:
> These files lack an entry in the MAINTAINERS file, and according to
> the initial commits, the board and devices are incomplete. Since there
> have hardly been any commits in the past to really improve them, we
> should consider to mark them as dep
A given Qemu version can not predict what version of Xen it will run on.
There are some checks in configure to decide what Xen libraries and
functions are available. How exactly these functions must be accessed
has to be decided by configure and the user who is compiling Qemu.
In no way some random
The deprecated "collie" board is the only user of the Strongarm
devices, so if "collie" goes away, we should remove the Strongarm
devices, too.
Signed-off-by: Thomas Huth
---
qemu-deprecated.texi | 5 +
1 file changed, 5 insertions(+)
diff --git a/qemu-deprecated.texi b/qemu-deprecated.texi
"collie" has no entry in the MAINTAINERS file, and the initial commit
with ID c64b21d519a6ecae12f65625fa60f3035ed88644 said:
"Add very basic implementation of collie PDA emulation. The system lacks
LoCoMo and graphics/sound emulation. Linux kernel boots up to mounting
rootfs (theoretically it ca
These files lack an entry in the MAINTAINERS file, and according to
the initial commits, the board and devices are incomplete. Since there
have hardly been any commits in the past to really improve them, we
should consider to mark them as deprecated now.
Thomas Huth (2):
hw/arm: Deprecate the "c
On 26/10/2018 11:59, Daniel P. Berrangé wrote:
> I should also say that QEMU as an upstream project has multiple goals.
> Running KVM guests with modern PV hardware is only one of them, albeit
> a widely used one. Being able to run old legacy OS with old hardware,
> and running arbitrary embedded b
On 26/10/2018 11:34, P J P wrote:
> +-- On Fri, 26 Oct 2018, Paolo Bonzini wrote --+
> | I am dumb and I don't understand. In set_ar_dr you get
> |
> | v = 0xff
> | ar = 15
> | dr = 15
> |
> | and OPL->AR_TABLE[60] is accessed. The size of the array is 75, which
> | seems to be actu
On Fri, Oct 26, 2018 at 10:42:08AM +0100, Daniel P. Berrangé wrote:
> On Fri, Oct 26, 2018 at 12:33:55PM +0530, P J P wrote:
> > Hello Dan, all
> >
> > +-- On Thu, 25 Oct 2018, Daniel P. Berrangé wrote --+
> > | On Thu, Oct 25, 2018 at 10:52:56AM +0200, Gerd Hoffmann wrote:
> > | > While being a
On 24.10.18. 14:18, Aleksandar Markovic wrote:
> From: Aleksandar Markovic
>
> Add prefix, suffix, operation descriptions, and other corrections
> and amendments to the comment that describes MXU ASE.
>
> Signed-off-by: Aleksandar Markovic
> ---
> target/mips/translate.c | 84
> ++
On Fri, Oct 26, 2018 at 12:38:53PM +0530, P J P wrote:
> +-- On Thu, 25 Oct 2018, Daniel P. Berrangé wrote --+
> | On Thu, Oct 25, 2018 at 04:26:16PM +0530, P J P wrote:
> | > +-- On Thu, 25 Oct 2018, Gerd Hoffmann wrote --+
> | > | We have a lovely, guest-triggerable buffer overflow in opl2 emulat
On 24.10.18. 14:18, Aleksandar Markovic wrote:
> From: Aleksandar Markovic
>
> Move MXU_EN check to the main MXU decoding function, to avoid code
> repetition.
>
> Signed-off-by: Aleksandar Markovic
> ---
> target/mips/translate.c | 509
> ++--
> 1
On 24.10.18. 14:18, Aleksandar Markovic wrote:
> From: Aleksandar Markovic
>
> Move MUL, S32M2I, S32I2M handling out of switch. These are all
> instructions that do not depend on MXU_EN flag of MXU_CR.
>
> Signed-off-by: Aleksandar Markovic
> ---
> target/mips/translate.c | 41
On Fri, Oct 26, 2018 at 09:48:35AM +0100, Cole Robinson wrote:
> On 10/25/2018 09:37 PM, Daniel P. Berrangé wrote:
> > On Thu, Oct 25, 2018 at 10:52:56AM +0200, Gerd Hoffmann wrote:
> > > While being at it deprecate cirrus too.
> > >
> > > Reason (short version): use stdvga instead.
> > > Verbose
On Fri, Oct 26, 2018 at 12:33:55PM +0530, P J P wrote:
> Hello Dan, all
>
> +-- On Thu, 25 Oct 2018, Daniel P. Berrangé wrote --+
> | On Thu, Oct 25, 2018 at 10:52:56AM +0200, Gerd Hoffmann wrote:
> | > While being at it deprecate cirrus too.
> | >
> | > Reason (short version): use stdvga inste
+-- On Fri, 26 Oct 2018, Cédric Le Goater wrote --+
| On 10/25/18 8:45 AM, P J P wrote:
| > - While we refactor the routine for better, a patch below seem okay to fix
| >the OOB access issue?
|
| I think it is fine. Please add something like :
|
| qemu_log_mask(LOG_GUEST_ERROR, "ECC
+-- On Fri, 26 Oct 2018, Peter Maydell wrote --+
| > ===
| > diff --git a/hw/arm/strongarm.c b/hw/arm/strongarm.c
| > index ec2627374d..dd8c4b1f2e 100644
| > --- a/hw/arm/strongarm.c
| > +++ b/hw/arm/strongarm.c
| > @@ -587,12 +587,12 @@ static void strongarm_gpio_write(void *opaque, hwaddr
| > off
+-- On Fri, 26 Oct 2018, Paolo Bonzini wrote --+
| > -int msg_len;
| > +uint8_t msg_len;
|
| Not wrong per se, but it's also not clear why it's needed. I understand
| that you want to switch from signed to unsigned, but it is not mentioned
| in the commit message.
Changed to uint8_t beca
+-- On Fri, 26 Oct 2018, Paolo Bonzini wrote --+
| I am dumb and I don't understand. In set_ar_dr you get
|
| v = 0xff
| ar = 15
| dr = 15
|
| and OPL->AR_TABLE[60] is accessed. The size of the array is 75, which
| seems to be actually 14 more than required. Likewise OPL->DR_
On 22/10/2018 14:09, P J P wrote:
> From: Prasad J Pandit
>
> While performing gpio write via strongarm_gpio_handler_update
> routine, the 'bit' index could access beyond s->handler[28] array.
> Add check to avoid OOB access.
>
> Reported-by: Moguofang
> Signed-off-by: Prasad J Pandit
> ---
>
On 22/10/2018 14:14, P J P wrote:
> From: Prasad J Pandit
>
> While in nvme_mmio_read, memcpy could read past the 'n->bar'
> buffer, if addr offset was pointing towards its tail end.
> Add check to avoid OOB access.
>
> Reported-by: Caihongzhu
> Signed-off-by: Prasad J Pandit
> ---
> hw/block
+-- On Thu, 25 Oct 2018, Ameya More wrote --+
| While Mark and I reported this issue to you, it was actually discovered by
| Dejvau Security and they should receive credit for reporting this issue.
| http://www.dejavusecurity.com
I see; Would it be possible to share email-id of the original repo
On 24.10.18. 14:18, Aleksandar Markovic wrote:
> From: Aleksandar Markovic
>
> Add bit encoding for MXU execute 2-bit add/subtract pattern 'eptn2'.
>
> Signed-off-by: Aleksandar Markovic
> ---
> target/mips/translate.c | 6 ++
> 1 file changed, 6 insertions(+)
Reviewed-by: Stefan Markov
On 24.10.18. 14:18, Aleksandar Markovic wrote:
> From: Aleksandar Markovic
>
> Add bit encoding for MXU accumulate add/subtract 1-bit pattern
> 'aptn1'.
>
> Signed-off-by: Aleksandar Markovic
> ---
> target/mips/translate.c | 6 ++
> 1 file changed, 6 insertions(+)
Reviewed-by: Stefan M
On 24.10.18. 14:18, Aleksandar Markovic wrote:
> From: Aleksandar Markovic
>
> Add MXU decoding engine: add handlers for all instruction pools,
> and main decode handler. The handlers, for now, for the purpose
> of this patch, contain only sceleton in the form of a single
> switch statement.
>
>
On 24.10.18. 14:18, Aleksandar Markovic wrote:
> From: Aleksandar Markovic
>
> Provide the placeholder and add the invocation logic for MXU
> decoding engine.
>
> Signed-off-by: Aleksandar Markovic
> ---
> target/mips/translate.c | 8
> 1 file changed, 8 insertions(+)
>
> diff --git
On Mon, Oct 22, 2018 at 02:52:58PM +0100, Max Reitz wrote:
> This series prepares the iotests to work with both Python 2 and 3. In
> some places, it adds version-specific code and decides what to do based
> on the version (for instance, whether to import the StringIO or the
> BytesIO class from 'i
During an active background migration, snapshot will trigger a
segmentfault. As snapshot clears the "current_migration" struct
and updates "to_dst_file" before it finds out that there is a
migration task, Migration accesses the null pointer in
"current_migration" struct and qemu crashes eventually.
On 25/10/2018 10:52, Gerd Hoffmann wrote:
> We have a lovely, guest-triggerable buffer overflow in opl2 emulation.
>
> Reproducer:
> outw(0xff60, 0x220);
> outw(0x1020, 0x220);
> outw(0xffb0, 0x220);
> Result:
> Will overflow FM_OPL->AR_TABLE[] (see hw/audio/fmopl.[ch])
I am dumb
On 05/09/2018 13:29, Li Qiang wrote:
> Found by reading the code.
>
> Signed-off-by: Li Qiang
> ---
> include/qom/cpu.h | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/include/qom/cpu.h b/include/qom/cpu.h
> index dc130cd307..5bb94a9f86 100644
> --- a/include/qom/cpu.h
On 10/25/2018 09:37 PM, Daniel P. Berrangé wrote:
On Thu, Oct 25, 2018 at 10:52:56AM +0200, Gerd Hoffmann wrote:
While being at it deprecate cirrus too.
Reason (short version): use stdvga instead.
Verbose version:
https://www.kraxel.org/blog/2014/10/qemu-using-cirrus-considered-harmful
E
The gdb_get_cpu_pid() function does the PID lookup for the given CPU. It
checks if the CPU is a direct child of a CPU cluster. If it is, the
returned PID is the cluster ID plus one (cluster IDs start at 0, GDB
PIDs at 1). When the CPU is not a child of such a container, the PID of
the first process
On Fri, Oct 26, 2018 at 11:01:25AM +0800, Robert Hoo wrote:
> On Wed, 2018-10-24 at 07:06 -0300, Eduardo Habkost wrote:
> > On Mon, Oct 15, 2018 at 12:47:25PM +0800, Robert Hoo wrote:
> > > Note RSBA is specially treated -- no matter host support it or not,
> > > qemu
> > > pretends it is supported
Add support for multiprocess extension in gdb_vm_state_change()
function.
Signed-off-by: Luc Michel
Reviewed-by: Philippe Mathieu-Daudé
---
gdbstub.c | 15 ---
1 file changed, 12 insertions(+), 3 deletions(-)
diff --git a/gdbstub.c b/gdbstub.c
index b7079eff4a..39b1766f28 100644
--
On Thu, Oct 25, 2018 at 06:17:59PM +0100, David Gibson wrote:
> On Thu, Oct 25, 2018 at 10:32:23AM -0300, Eduardo Habkost wrote:
> > From: Philippe Mathieu-Daudé
> >
> > Signed-off-by: Philippe Mathieu-Daudé
> > Reviewed-by: Artyom Tarasenko
> > Reviewed-by: Cédric Le Goater
> > Message-Id: <2
Change the sC packet handling to support the multiprocess extension.
Instead of returning the first thread, we return the first thread of the
current process.
Signed-off-by: Luc Michel
Reviewed-by: Philippe Mathieu-Daudé
Reviewed-by: Alistair Francis
---
gdbstub.c | 11 ---
1 file chan
changes since v2:
- patch 1introducing the cpu-cluster type. I didn't opt for an
Interface, but I can add one if you think it's necessary.
For now this class inherits from Device and has a
cluster-id property, used by the GDB stub to compute a
This commit adds the cpu-cluster type. It aims at gathering CPUs from
the same cluster in a machine.
For now it only has a `cluster-id` property.
Signed-off-by: Luc Michel
---
include/hw/cpu/cluster.h | 38 +++
hw/cpu/cluster.c | 49 ++
Add the gdb_first_cpu() and gdb_next_cpu() to iterate over all
the CPUs in currently attached processes.
Add the gdb_first_cpu_in_process() and gdb_next_cpu_in_process() to
iterate over CPUs of a given process.
Use them to add multiprocess extension support to vCont packets.
Signed-off-by: Luc M
Change the thread info related packets handling to support multiprocess
extension.
Add the CPUs class name in the extra info to help differentiate
them in multiprocess mode.
Signed-off-by: Luc Michel
Reviewed-by: Philippe Mathieu-Daudé
---
gdbstub.c | 35 +--
1
Change the Xfer:features:read: packet handling to support the
multiprocess extension. This packet is used to request the XML
description of the CPU. In multiprocess mode, different descriptions can
be sent for different processes.
This function now takes the process to send the description for as
Add a structure GDBProcess that represent processes from the GDB
semantic point of view.
CPUs can be split into different processes, by grouping them under
different cpu-cluster objects. Each occurrence of a cpu-cluster object
implies the existence of the corresponding process in the GDB stub. Th
When a new connection is established, we set the first process to be
attached, and the others detached. The first CPU of the first process
is selected as the current CPU.
Signed-off-by: Luc Michel
Reviewed-by: Alistair Francis
---
gdbstub.c | 20 +++-
1 file changed, 15 insertio
Add support for the vAttach packets. In multiprocess mode, GDB sends
them to attach to additional processes.
Signed-off-by: Luc Michel
---
gdbstub.c | 35 +++
1 file changed, 35 insertions(+)
diff --git a/gdbstub.c b/gdbstub.c
index 9c239c1760..e5eddd8e2b 100644
When gdb_set_stop_cpu() is called with a CPU associated to a process
currently not attached by the GDB client, return without modifying the
stop CPU. Otherwise, GDB get confused if it receives packets with a
thread-id it does not know about.
Signed-off-by: Luc Michel
---
gdbstub.c | 9 +
Create two separate CPU clusters for APUs and RPUs.
Signed-off-by: Luc Michel
---
include/hw/arm/xlnx-zynqmp.h | 3 +++
hw/arm/xlnx-zynqmp.c | 23 +++
2 files changed, 22 insertions(+), 4 deletions(-)
diff --git a/include/hw/arm/xlnx-zynqmp.h b/include/hw/arm/xlnx-z
Add a couple of helper functions to cope with GDB threads and processes.
The gdb_get_process() function looks for a process given a pid.
The gdb_get_cpu() function returns the CPU corresponding to the (pid,
tid) pair given as parameters.
The read_thread_id() function parses the thread-id sent by
Add support for the '!' extended mode packet. This is required for the
multiprocess extension.
Signed-off-by: Luc Michel
---
gdbstub.c | 3 +++
1 file changed, 3 insertions(+)
diff --git a/gdbstub.c b/gdbstub.c
index 4d8474204f..9c239c1760 100644
--- a/gdbstub.c
+++ b/gdbstub.c
@@ -1291,10 +129
On Fri, Oct 26, 2018 at 01:53:10PM +0800, Tao Xu wrote:
> On 10/25/18 9:28 PM, Eduardo Habkost wrote:
> > On Wed, Oct 17, 2018 at 12:48:58PM +0200, Paolo Bonzini wrote:
> > > On 17/10/2018 11:30, Tao Xu wrote:
> > > > As the release document ref below link (page 13):
> > > > https://software.intel.
Add multiprocess extension support by enabling multiprocess mode when
the peer requests it, and by replying that we actually support it in the
qSupported reply packet.
Signed-off-by: Luc Michel
Reviewed-by: Philippe Mathieu-Daudé
---
gdbstub.c | 6 ++
1 file changed, 6 insertions(+)
diff -
Hello Prasad,
On 10/25/18 8:45 AM, P J P wrote:
> Hello Cedric,
>
> +-- On Wed, 24 Oct 2018, Cédric Le Goater wrote --+
> | I think using a data[8] would be more appropriate. It would make the
> | pnv_lpc_do_eccb() routine a little more complex. I tried to rewrite it to
> | have a common one
'D' packets are used by GDB to detach from a process. In multiprocess
mode, the PID to detach from is sent in the request.
Signed-off-by: Luc Michel
Reviewed-by: Philippe Mathieu-Daudé
---
gdbstub.c | 60 ---
1 file changed, 53 insertions(+),
From: Prasad J Pandit
The high[32:28] bits of 'direction' and 'state' registers of
SA-1100/SA-1110 device are reserved. Setting them may lead to
OOB 's->handler[]' array access issue. Mask off [32:28] bits to
avoid it.
Reported-by: Moguofang
Signed-off-by: Prasad J Pandit
---
hw/arm/strongarm
On 10/25/18 7:03 PM, Maciej W. Rozycki wrote:
> Overall this source file is clearly a modified copy of an ancient version
> of the opcode table included with the opcodes library from binutils and I
> think it would benefit from a refresh.
You can't do that because of GPL v3, sadly.
r~
+-- On Thu, 25 Oct 2018, Daniel P. Berrangé wrote --+
| On Thu, Oct 25, 2018 at 04:26:16PM +0530, P J P wrote:
| > +-- On Thu, 25 Oct 2018, Gerd Hoffmann wrote --+
| > | We have a lovely, guest-triggerable buffer overflow in opl2 emulation.
| > |
| > | Reproducer:
| > | outw(0xff60, 0x220);
|
101 - 200 of 203 matches
Mail list logo
