On 2020/7/17 下午1:06, P J P wrote:
Hello Jason, all
+-- On Fri, 17 Jul 2020, Jason Wang wrote --+
| On 2020/7/17 上午9:21, Alexander Bulekov wrote:
| > On 200717 0853, Li Qiang wrote:
| >> Which issue are you trying to solve, any reference linking?
| >> I also send a patch related this part
On 16/07/2020 18.33, Alexander Bulekov wrote:
> This tries to build and run the fuzzers with the same build-script used
> by oss-fuzz. This doesn't guarantee that the builds on oss-fuzz will
> also succeed, since oss-fuzz provides its own compiler and fuzzer vars,
> but it can catch changes that
On 2020/7/17 下午12:46, Li Qiang wrote:
Jason Wang 于2020年7月17日周五 上午11:10写道:
On 2020/7/17 上午12:14, Li Qiang wrote:
Alexander Bulekov reported a UAF bug related e1000e packets send.
-->https://bugs.launchpad.net/qemu/+bug/1886362
This is because the guest trigger a e1000e packet send and set
On 16/07/2020 18.46, Alexander Bulekov wrote:
> On 200716 1209, Thomas Huth wrote:
>> So far we neither compile-tested nor run any of the new fuzzers in our CI,
>> which led to some build failures of the fuzzer code in the past weeks.
>> To avoid this problem, add a job to compile the fuzzer code
Daniel P. Berrangé writes:
> On Thu, Jul 16, 2020 at 02:37:04PM +0200, Philippe Mathieu-Daudé wrote:
>> Let blk_attach_dev() take an Error* object to return helpful
>> information. Adapt the callers.
>>
>> $ qemu-system-arm -M n800
>> qemu-system-arm: sd_init failed: cannot attach blk 'sd0'
Eduardo Habkost writes:
> I'd also note that the use of "parent" in the code is also
> ambiguous. It can mean:
>
> * QOM parent type, i.e. TypeInfo.parent. Related fields:
> * parent_class members of class structs
> * parent_obj members of object structs
I hate the use of "parent" and
Hello Jason, all
+-- On Fri, 17 Jul 2020, Jason Wang wrote --+
| On 2020/7/17 上午9:21, Alexander Bulekov wrote:
| > On 200717 0853, Li Qiang wrote:
| >> Which issue are you trying to solve, any reference linking?
| >> I also send a patch related this part and also a UAF.
| >
| > I reported a UAF
Jason Wang 于2020年7月17日周五 上午11:10写道:
>
>
> On 2020/7/17 上午12:14, Li Qiang wrote:
> > Alexander Bulekov reported a UAF bug related e1000e packets send.
> >
> > -->https://bugs.launchpad.net/qemu/+bug/1886362
> >
> > This is because the guest trigger a e1000e packet send and set the
> > data's
The VHOST_USER_PROTOCOL_F_CONFIGURE_MEM_SLOTS vhost-user protocol
feature introduced a shadow-table, used by the backend to dynamically
determine how a vdev's memory regions have changed since the last
vhost_user_set_mem_table() call. On hot-remove, a memmove() operation
is used to overwrite the
> 2020年7月16日 18:45,Michael S. Tsirkin 写道:
>
> On Thu, Jul 16, 2020 at 03:01:18PM +0800, teawater wrote:
>>
>>
>>> 2020年7月16日 14:38,Michael S. Tsirkin 写道:
>>>
>>> On Thu, Jul 16, 2020 at 10:41:50AM +0800, Hui Zhu wrote:
The first, second and third version are in [1], [2] and [3].
The following changes since commit 1038a309ec829f05a3a3e52a9951cfdb24dfd02c:
spapr: Add a new level of NUMA for GPUs (2020-07-17 10:36:28 +1000)
are available in the Git repository at:
g...@github.com:aik/qemu.git tags/qemu-slof-20200717
for you to fetch changes up to
On 2020/7/17 上午9:21, Alexander Bulekov wrote:
On 200717 0853, Li Qiang wrote:
P J P 于2020年7月17日周五 上午3:26写道:
From: Prasad J Pandit
While sending packets, the check that packet 'payload_len'
is within 64kB limit, seems to happen only for GSO frames.
It may lead to use-after-free or
On 2020/7/17 上午12:14, Li Qiang wrote:
Alexander Bulekov reported a UAF bug related e1000e packets send.
-->https://bugs.launchpad.net/qemu/+bug/1886362
This is because the guest trigger a e1000e packet send and set the
data's address to e1000e's MMIO address. So when the e1000e do DMA
it
On 200717 0853, Li Qiang wrote:
> P J P 于2020年7月17日周五 上午3:26写道:
> >
> > From: Prasad J Pandit
> >
> > While sending packets, the check that packet 'payload_len'
> > is within 64kB limit, seems to happen only for GSO frames.
> > It may lead to use-after-free or out-of-bounds access like
> >
The hcd-dwc2 host controller is currently built for all targets.
Since for now hcd-dwc2 is only implemented on RASPI, restrict its
build to that target only.
Signed-off-by: Paul Zimmerman
---
Hi Gerd,
Do we want to apply this before the 5.1.0 release? It seems a waste
to build this code for
P J P 于2020年7月17日周五 上午3:26写道:
>
> From: Prasad J Pandit
>
> While sending packets, the check that packet 'payload_len'
> is within 64kB limit, seems to happen only for GSO frames.
> It may lead to use-after-free or out-of-bounds access like
> issues when sending non-GSO frames. Check the
On Thu, Jul 16, 2020 at 04:57:54PM +0200, Greg Kurz wrote:
> On Thu, 16 Jul 2020 16:23:52 +0200
> Markus Armbruster wrote:
>
> > David Gibson writes:
> >
> > > On Thu, Jul 16, 2020 at 12:32:44PM +0200, Greg Kurz wrote:
> > >> On Thu, 16 Jul 2020 14:45:40 +1000
> > >> David Gibson wrote:
> >
On Thu, Jul 16, 2020 at 04:42:00PM +0200, Greg Kurz wrote:
> On Thu, 16 Jul 2020 16:01:18 +0200
> Markus Armbruster wrote:
>
> > David Gibson writes:
> >
> > > On Thu, Jul 09, 2020 at 07:12:47PM +0200, Greg Kurz wrote:
> > >> Some recent error handling cleanups unveiled issues with our support
On Thu, Jul 16, 2020 at 05:56:55PM -0500, Reza Arbab wrote:
> NUMA nodes corresponding to GPU memory currently have the same
> affinity/distance as normal memory nodes. Add a third NUMA associativity
> reference point enabling us to give GPU nodes more distance.
>
> This is guest visible
On Thu, Jul 16, 2020 at 07:04:56PM +1000, Alexey Kardashevskiy wrote:
> Ping? I kinda realize it is not going to replace SLOF any time soon but
> still...
Yeah, I know. I just haven't had time to consider it. Priority
starvation.
> On 07/07/2020 10:34, Alexey Kardashevskiy wrote:
> > Ping?
>
NUMA nodes corresponding to GPU memory currently have the same
affinity/distance as normal memory nodes. Add a third NUMA associativity
reference point enabling us to give GPU nodes more distance.
This is guest visible information, which shouldn't change under a
running guest across migration
On Thu, 16 Jul 2020, Alex Bennée wrote:
Christian Ehrhardt writes:
On Wed, Jul 15, 2020 at 5:58 PM BALATON Zoltan wrote:
See commit 47a2def4533a2807e48954abd50b32ecb1aaf29a and the next two
following it.
Thank you Zoltan for pointing out this commit, I agree that this seems to be
the
On Thu, Jul 16, 2020 at 09:45:41PM +0100, Peter Maydell wrote:
> On Thu, 16 Jul 2020 at 18:49, Corey Minyard wrote:
> >
> > The following changes since commit 45db94cc90c286a9965a285ba19450f448760a09:
> >
> > Merge remote-tracking branch
> > 'remotes/mcayland/tags/qemu-openbios-20200707' into
On Wed, Jul 15, 2020 at 04:37:18PM +0200, Markus Armbruster wrote:
> Pratik Parvati writes:
>
> > Hi Markus and Philippe,
> >
> > Thanks for your reply. Now I am pretty clear about Qdev and sysbus helper
> > function.
> >
> > Can you please explain to me in brief on buses and device hierarchies
On 7/2/2020 5:52 AM, Daniel P. Berrangé wrote:
The need to maintain this list of functions makes me feel very
uneasy.
How can we have any confidence that this list of functions is
accurate ? How will maintainers ensure that they correctly update
it as they are writing/changing code, and how
Hi Gerd,
I'm trying to build qemu 5.1.0-rc0 in Fedora. I'm hitting some issues.
Using this configure line:
./configure --prefix=/usr --libdir=/usr/lib64 --sysconfdir=/etc
--localstatedir=/var --libexecdir=/usr/libexec
--interp-prefix=/usr/qemu-%M --with-pkgversion=qemu-5.1.0-0.1.rc0.fc33
On 7/16/20 1:12 PM, Peter Maydell wrote:
> On Thu, 16 Jul 2020 at 11:08, Luc Michel wrote:
>>
>> When single-stepping with a debugger attached to QEMU, and when an
>> exception is raised, the debugger misses the first instruction after the
>> exception:
>
> This is a long-standing bug; thanks
On 7/16/20 10:15 PM, Peter Maydell wrote:
> On Thu, 16 Jul 2020 at 20:52, Michael Roth wrote:
>> But is it intermittent, environment-dependent? I'm trying to understand how
>> to
>> replicate Peter's result since it seems like it would be straightforward
>> reproducer.
>
> I blew away all my
On Wed, Jul 15, 2020 at 1:54 PM Havard Skinnemoen
wrote:
>
> On Wed, Jul 15, 2020 at 3:57 AM Philippe Mathieu-Daudé
> wrote:
> >
> > On 7/15/20 11:00 AM, Markus Armbruster wrote:
> > > Now my point. Why first make up user configuration, then use that to
> > > create a BlockBackend, when you
On Thu, 16 Jul 2020 at 18:49, Corey Minyard wrote:
>
> The following changes since commit 45db94cc90c286a9965a285ba19450f448760a09:
>
> Merge remote-tracking branch 'remotes/mcayland/tags/qemu-openbios-20200707'
> into staging (2020-07-10 16:43:40 +0100)
>
> are available in the Git repository
Writing to SCTLR can cause QEMU to flush its TLB (as an internal
implementation detail), so if adding SCTLR writes is sufficient to cause
the problem to go away, I would be suspicious that your guest code is
missing necessary TLB maintenance instructions.
QEMU 3.1 and 4.1 are quite old -- can you
On Thu, 16 Jul 2020 at 20:52, Michael Roth wrote:
> But is it intermittent, environment-dependent? I'm trying to understand how to
> replicate Peter's result since it seems like it would be straightforward
> reproducer.
I blew away all my build trees and recreated them from
scratch, and the
axel.org/qemu tags/fixes-20200716-pull-request
>
> for you to fetch changes up to 4084e35068772cf4f81bbae5174019f277c61084:
>
> usb: fix storage regression (2020-07-16 10:20:27 +0200)
>
>
> fixes: usb storage regressio
On Thu, 16 Jul 2020 at 11:08, Luc Michel wrote:
>
> When single-stepping with a debugger attached to QEMU, and when an
> exception is raised, the debugger misses the first instruction after the
> exception:
This is a long-standing bug; thanks for looking at it.
** Description changed:
When running RTEMS test psxndbm01.exe built for AArch64-ilp32 (this code is
not yet publically available), the test generates a spurious data abort (the
MMU and alignment checks should be disabled according to bits 1, 0 of
SCTLR_EL1). The abort information is as
On 7/16/20 9:52 PM, Michael Roth wrote:
> Quoting Philippe Mathieu-Daudé (2020-07-16 12:59:28)
>> On 7/16/20 7:55 PM, Michael Roth wrote:
>>> Quoting Peter Maydell (2020-07-16 05:53:17)
The first merge I tried to process after bumping VERSION for rc0
failed on test-qga like this:
Quoting Philippe Mathieu-Daudé (2020-07-16 12:59:28)
> On 7/16/20 7:55 PM, Michael Roth wrote:
> > Quoting Peter Maydell (2020-07-16 05:53:17)
> >> The first merge I tried to process after bumping VERSION for rc0
> >> failed on test-qga like this:
> >>
> >> MALLOC_PERTURB_=${MALLOC_PERTURB_:-$((
Public bug reported:
When running RTEMS test psxndbm01.exe built for AArch64-ilp32 (this code is not
yet publically available), the test generates a spurious data abort (the MMU
and alignment checks should be disabled according to bits 1, 0 of SCTLR_EL1).
The abort information is as follows:
When single-stepping with a debugger attached to QEMU, and when an
exception is raised, the debugger misses the first instruction after the
exception:
$ qemu-system-aarch64 -M virt -display none -cpu cortex-a53 -s -S
$ aarch64-linux-gnu-gdb
GNU gdb (GDB) 9.2
[...]
(gdb) tar rem :1234
Remote
From: Prasad J Pandit
While sending packets, the check that packet 'payload_len'
is within 64kB limit, seems to happen only for GSO frames.
It may lead to use-after-free or out-of-bounds access like
issues when sending non-GSO frames. Check the 'payload_len'
limit for all packets, irrespective
On Thu, Jul 16, 2020 at 02:14:57PM -0400, Eduardo Habkost wrote:
> On Tue, Jul 14, 2020 at 08:20:04PM +0200, Paolo Bonzini wrote:
> > Hi Roman, please ask Peter to apply it directly because I won't be able to
> > send a pull request in the next couple of weeks.
> >
> > Paolo
> >
> > Il mar 14
From: Chenyi Qiang
Add the missing features(sha_ni, avx512ifma, rdpid, fsrm,
vmx-rdseed-exit, vmx-pml, vmx-eptp-switching) and change the model
number to 106 in the Icelake-Server-v4 CPU model.
Signed-off-by: Chenyi Qiang
Message-Id: <20200714084148.26690-3-chenyi.qi...@intel.com>
From: Xiaoyao Li
Features defined in versioned CPU model are recorded in env->user_features
since they are updated as property. It's unwated because they are not
user specified.
Simply clear env->user_features as a fix. It won't clear user specified
features because user specified features are
From: Roman Bolshakov
Removal of register reset omitted initialization of CR4 guest/host mask.
x86_64 guests aren't booting without it.
Fixes: 5009ef22c6bb2 ("i386: hvf: Don't duplicate register reset")
Signed-off-by: Roman Bolshakov
Message-Id: <20200714090726.41082-1-r.bolsha...@yadro.com>
The following changes since commit ee5128bb00f90dd301991d80d1db5224ce924c84:
Merge remote-tracking branch 'remotes/jasowang/tags/net-pull-request' into
staging (2020-07-16 13:12:05 +0100)
are available in the Git repository at:
git://github.com/ehabkost/qemu.git tags/x86-next-pull-request
From: Chenyi Qiang
Add the missing vmx features in Skylake-Server and Cascadelake-Server
CPU models based on the output of Paolo's script.
Signed-off-by: Chenyi Qiang
Message-Id: <20200714084148.26690-4-chenyi.qi...@intel.com>
Signed-off-by: Eduardo Habkost
---
target/i386/cpu.c | 14
From: Chenyi Qiang
For CPUs support fast short REP MOV[CPUID.(EAX=7,ECX=0):EDX(bit4)], e.g
Icelake and Tigerlake, expose it to the guest VM.
Reviewed-by: Eduardo Habkost
Signed-off-by: Chenyi Qiang
Message-Id: <20200714084148.26690-2-chenyi.qi...@intel.com>
Signed-off-by: Eduardo Habkost
---
From: Xiaoyao Li
Features unavailable due to absent of their dependent features should
not be added to env->user_features. env->user_features only contains the
feature explicity specified with -feature/+feature by user.
Fixes: 99e24dbdaa68 ("target/i386: introduce generic feature dependency
On Tue, Jul 14, 2020 at 08:20:04PM +0200, Paolo Bonzini wrote:
> Hi Roman, please ask Peter to apply it directly because I won't be able to
> send a pull request in the next couple of weeks.
>
> Paolo
>
> Il mar 14 lug 2020, 12:39 Roman Bolshakov ha
> scritto:
>
> > On Tue, Jul 14, 2020 at
On 7/16/20 7:55 PM, Michael Roth wrote:
> Quoting Peter Maydell (2020-07-16 05:53:17)
>> The first merge I tried to process after bumping VERSION for rc0
>> failed on test-qga like this:
>>
>> MALLOC_PERTURB_=${MALLOC_PERTURB_:-$(( ${RANDOM:-0} % 255 + 1))}
>> tests/test-qga -m=quick -k --tap <
On 7/16/20 3:04 AM, Luc Michel wrote:
> When single-stepping with a debugger attached to QEMU, and when an
> exception is raised, the debugger misses the first instruction after the
> exception:
>
> $ qemu-system-aarch64 -M virt -display none -cpu cortex-a53 -s -S
>
> $ aarch64-linux-gnu-gdb
>
Quoting Peter Maydell (2020-07-16 05:53:17)
> The first merge I tried to process after bumping VERSION for rc0
> failed on test-qga like this:
>
> MALLOC_PERTURB_=${MALLOC_PERTURB_:-$(( ${RANDOM:-0} % 255 + 1))}
> tests/test-qga -m=quick -k --tap < /dev/null | ./scripts/tap-driv
> er.pl
On Wed, 15 Jul 2020 at 20:23, Stefan Berger wrote:
>
> Hello!
>
> This series fixes a couple of minor issues with the PPC64 TPM SPAPR interface
> and a test case.
>
>Stefan
>
> The following changes since commit 8746309137ba470d1b2e8f5ce86ac228625db940:
>
> Update version for v5.1.0-rc0
The following changes since commit 45db94cc90c286a9965a285ba19450f448760a09:
Merge remote-tracking branch 'remotes/mcayland/tags/qemu-openbios-20200707'
into staging (2020-07-10 16:43:40 +0100)
are available in the Git repository at:
https://github.com/cminyard/qemu.git tags/for-qemu-i2c-5
On Tue, 30 Jun 2020 at 13:30, P J P wrote:
>
> From: Prasad J Pandit
>
> Add vfio quirk device mmio write method to avoid NULL pointer
> dereference issue.
>
> Reported-by: Lei Sun
> Reviewed-by: Li Qiang
> Signed-off-by: Prasad J Pandit
> ---
> hw/vfio/pci-quirks.c | 8
> 1 file
On Tue, 30 Jun 2020 at 13:29, P J P wrote:
>
> From: Prasad J Pandit
>
> Add pci-intack mmio write method to avoid NULL pointer dereference
> issue.
>
> Reported-by: Lei Sun
> Reviewed-by: Li Qiang
> Signed-off-by: Prasad J Pandit
> ---
> hw/pci-host/prep.c | 8
> 1 file changed, 8
On Tue, 30 Jun 2020 at 13:31, P J P wrote:
>
> From: Prasad J Pandit
>
> When registering a MemoryRegionOps object, assert that its
> read/write callback methods are defined. This avoids potential
> guest crash via a NULL pointer dereference.
>
> Suggested-by: Peter Maydell
> Reviewed-by: Li
We have a dedicated error API for hints. Use it instead of embedding
the hint in the error message, as recommanded in the "qapi/error.h"
header file.
Since spapr_caps_apply() passes _fatal, all functions must
also call the ERRP_GUARD() macro for error_append_hint() to be
functional.
While here,
Nested KVM HV only works if the kernel is using the radix MMU mode, ie.
the CPU is POWER9 and it is not running in some pre-power9 compat mode.
Otherwise, the KVM HV module fails to load in the guest with -ENODEV.
It might be painful for a user to discover this late that nested cannot
work with
Nested KVM HV only works if the kernel is using the radix MMU mode, ie.
the CPU is POWER9 and it is not running in some pre-power9 compat mode.
Otherwise, the KVM HV module fails to load in the guest with -ENODEV.
It might be painful for a user to discover this late that nested cannot
work with
On Thu, 16 Jul 2020 at 09:42, Alex Bennée wrote:
>
> > +self._drain_thread = None
> > +socket.socket.__init__(self, socket.AF_UNIX, socket.SOCK_STREAM)
> > +self.connect(address)
> > +self._drain = drain
>
> We end up with two variables that represent the fact we
On Thu, 16 Jul 2020 at 17:55, P J P wrote:
>
> +-- On Thu, 16 Jul 2020, Peter Maydell wrote --+
> | > +static void imx7_digprog_write(void *opaque, hwaddr addr,
> | > +uint64_t data, unsigned size)
> | > +{
> | > +qemu_log_mask(LOG_UNIMP, "%s not
+-- On Thu, 16 Jul 2020, Peter Maydell wrote --+
| > +static void imx7_digprog_write(void *opaque, hwaddr addr,
| > +uint64_t data, unsigned size)
| > +{
| > +qemu_log_mask(LOG_UNIMP, "%s not implemented\n", __func__);
| > +}
|
| This covers a single
Patchew URL:
https://patchew.org/QEMU/1594913503-52271-1-git-send-email-thanos.maka...@nutanix.com/
Hi,
This series seems to have some coding style problems. See output below for
more information:
Type: series
Message-id: 1594913503-52271-1-git-send-email-thanos.maka...@nutanix.com
Subject:
Patchew URL:
https://patchew.org/QEMU/1594913503-52271-1-git-send-email-thanos.maka...@nutanix.com/
Hi,
This series failed the docker-mingw@fedora build test. Please find the testing
commands and
their output below. If you have Docker installed, you can probably reproduce it
locally.
===
On Tue, 30 Jun 2020 at 13:30, P J P wrote:
>
> From: Prasad J Pandit
>
> Add pcie-msi mmio read method to avoid NULL pointer dereference
> issue.
This change is specific to the designware pci host controller;
it would be nice to have "designware" in the commit subject.
> Reported-by: Lei Sun
This tries to build and run the fuzzers with the same build-script used
by oss-fuzz. This doesn't guarantee that the builds on oss-fuzz will
also succeed, since oss-fuzz provides its own compiler and fuzzer vars,
but it can catch changes that are not compatible with the the
On 200716 1209, Thomas Huth wrote:
> So far we neither compile-tested nor run any of the new fuzzers in our CI,
> which led to some build failures of the fuzzer code in the past weeks.
> To avoid this problem, add a job to compile the fuzzer code and run some
> loops (which likely don't find any
On 7/16/20 1:00 PM, Reza Arbab wrote:
On Thu, Jul 16, 2020 at 06:42:11AM -0300, Daniel Henrique Barboza wrote:
Which would translate here to:
uint32_t associativity[] = {
cpu_to_be32(0x4),
cpu_to_be32(nvslot->numa_id),
cpu_to_be32(nvslot->numa_id),
On Tue, 30 Jun 2020 at 13:31, P J P wrote:
>
> From: Prasad J Pandit
>
> Add spapr msi mmio read method to avoid NULL pointer dereference
> issue.
>
> Reported-by: Lei Sun
> Acked-by: David Gibson
> Reviewed-by: Li Qiang
> Signed-off-by: Prasad J Pandit
> ---
> hw/ppc/spapr_pci.c | 13
Laszlo Ersek writes:
> Quoting ISO C99 6.7.8p4, "All the expressions in an initializer for an
> object that has static storage duration shall be constant expressions or
> string literals".
>
> The compound literal produced by the make_floatx80() macro is not such a
> constant expression, per
On Tue, 30 Jun 2020 at 13:31, P J P wrote:
>
> From: Prasad J Pandit
>
> Add nrf51_soc mmio read method to avoid NULL pointer dereference
> issue.
>
> Reported-by: Lei Sun
> Signed-off-by: Prasad J Pandit
> ---
> hw/nvram/nrf51_nvm.c | 5 +
> 1 file changed, 5 insertions(+)
>
> Update v3:
On Mon, 29 Jun 2020 at 12:18, Li Qiang wrote:
>
> P J P 于2020年6月25日周四 上午3:01写道:
> >
> > From: Prasad J Pandit
> >
> > Add nrf51_soc mmio read method to avoid NULL pointer dereference
> > issue.
> >
> > Reported-by: Lei Sun
> > Signed-off-by: Prasad J Pandit
> > ---
> > hw/nvram/nrf51_nvm.c |
Christian Ehrhardt writes:
> On Wed, Jul 15, 2020 at 5:58 PM BALATON Zoltan wrote:
>
>> See commit 47a2def4533a2807e48954abd50b32ecb1aaf29a and the next two
>> following it.
>>
>
> Thank you Zoltan for pointing out this commit, I agree that this seems to be
> the trigger for the issues I'm
On Tue, 30 Jun 2020 at 13:31, P J P wrote:
>
> From: Prasad J Pandit
>
> Add digprog mmio write method to avoid assert failure during
> initialisation.
>
> Reviewed-by: Li Qiang
> Signed-off-by: Prasad J Pandit
> ---
> hw/misc/imx7_ccm.c | 7 +++
> 1 file changed, 7 insertions(+)
>
>
Markus Armbruster 于2020年7月16日周四 下午11:07写道:
>
> To make deallocating partially constructed objects work, the
> visit_type_STRUCT() need to succeed without doing anything when passed
> a null object.
>
> Commit cdd2b228b9 "qapi: Smooth visitor error checking in generated
> code" broke that. To
Alexander Bulekov reported a UAF bug related e1000e packets send.
-->https://bugs.launchpad.net/qemu/+bug/1886362
This is because the guest trigger a e1000e packet send and set the
data's address to e1000e's MMIO address. So when the e1000e do DMA
it will write the MMIO again and trigger
On Tue, 30 Jun 2020 at 13:31, P J P wrote:
>
> From: Prasad J Pandit
>
> Add tz-ppc-dummy mmio read/write methods to avoid assert failure
> during initialisation.
>
> Signed-off-by: Prasad J Pandit
> --
Reviewed-by: Peter Maydell
thanks
-- PMM
16.07.2020 18:52, Andrey Shinkevich wrote:
On 16.07.2020 18:40, Vladimir Sementsov-Ogievskiy wrote:
16.07.2020 18:34, Andrey Shinkevich wrote:
On 16.07.2020 13:24, Vladimir Sementsov-Ogievskiy wrote:
14.07.2020 00:36, Andrey Shinkevich wrote:
As __dict__ is being extended with class members
On Thu, Jul 16, 2020 at 06:42:11AM -0300, Daniel Henrique Barboza wrote:
Which would translate here to:
uint32_t associativity[] = {
cpu_to_be32(0x4),
cpu_to_be32(nvslot->numa_id),
cpu_to_be32(nvslot->numa_id),
cpu_to_be32(nvslot->numa_id),
Patchew URL:
https://patchew.org/QEMU/20200716150617.4027356-1-arm...@redhat.com/
Hi,
This series failed the docker-quick@centos7 build test. Please find the testing
commands and
their output below. If you have Docker installed, you can probably reproduce it
locally.
=== TEST SCRIPT BEGIN
Fixed in commit 790762e54871143415bffcec4cb3c022c3cd.
** Changed in: qemu
Status: In Progress => Fix Committed
--
You received this bug notification because you are a member of qemu-
devel-ml, which is subscribed to QEMU.
https://bugs.launchpad.net/bugs/1880822
Title:
On 16.07.2020 18:40, Vladimir Sementsov-Ogievskiy wrote:
16.07.2020 18:34, Andrey Shinkevich wrote:
On 16.07.2020 13:24, Vladimir Sementsov-Ogievskiy wrote:
14.07.2020 00:36, Andrey Shinkevich wrote:
As __dict__ is being extended with class members we do not want to
print, make a light copy
This patch introduces the VFIO-over-socket protocol specification, which
is designed to allow devices to be emulated outside QEMU, in a separate
process. VFIO-over-socket reuses the existing VFIO defines, structs and
concepts.
It has been earlier discussed as an RFC in:
"RFC: use VFIO over a UNIX
Add a documentation comment for qemu_get_thread_id(): since this
is rather host-OS-specific it's useful if people writing the
implementation and people thinking of using the function know
what the purpose and limitations are.
Signed-off-by: Peter Maydell
---
Based on conversation with Dan on
16.07.2020 18:34, Andrey Shinkevich wrote:
On 16.07.2020 13:24, Vladimir Sementsov-Ogievskiy wrote:
14.07.2020 00:36, Andrey Shinkevich wrote:
As __dict__ is being extended with class members we do not want to
print, make a light copy of the initial __dict__ and extend the copy
by adding lists
On 16.07.2020 13:24, Vladimir Sementsov-Ogievskiy wrote:
14.07.2020 00:36, Andrey Shinkevich wrote:
As __dict__ is being extended with class members we do not want to
print, make a light copy of the initial __dict__ and extend the copy
by adding lists we have to print in the JSON output.
On 7/16/2020 11:14 PM, Eduardo Habkost wrote:
On Thu, Jul 16, 2020 at 04:20:19PM +0800, Xiaoyao Li wrote:
When setting up XSAVE components, it needs to mask off those unsupported
by KVM.
Signed-off-by: Xiaoyao Li
We must never disable CPUID features silently based on host
capabilities,
16.07.2020 17:50, Max Reitz wrote:
On 13.07.20 12:18, Vladimir Sementsov-Ogievskiy wrote:
25.06.2020 18:21, Max Reitz wrote:
Add some helper functions for skipping filters in a chain of block
nodes.
Signed-off-by: Max Reitz
---
include/block/block_int.h | 3 +++
block.c
On 7/16/2020 11:15 PM, Eduardo Habkost wrote:
On Thu, Jul 16, 2020 at 04:20:18PM +0800, Xiaoyao Li wrote:
Per Intel SDM vol 1, 13.2, if CPUID.1:ECX.XSAVE[bit 26] is 0, the
processor provides no further enumeration through CPUID function 0DH.
Can you explain what's the bug you are trying to
On 15.07.20 14:52, Andrey Shinkevich wrote:
> On 25.06.2020 18:21, Max Reitz wrote:
>> bdrv_refresh_filename() and the kind of related bdrv_dirname() should
>> look to the primary child when they wish to copy the underlying file's
>> filename.
>>
>> Signed-off-by: Max Reitz
>> ---
>> block.c |
Public bug reported:
We can run the TCG tests using:
$ make run-tcg-tests-$TARGET-softmmu
This is not listed in 'make check-help'.
** Affects: qemu
Importance: Undecided
Status: New
--
You received this bug notification because you are a member of qemu-
devel-ml, which is
On Thu, Jul 16, 2020 at 04:20:18PM +0800, Xiaoyao Li wrote:
> Per Intel SDM vol 1, 13.2, if CPUID.1:ECX.XSAVE[bit 26] is 0, the
> processor provides no further enumeration through CPUID function 0DH.
Can you explain what's the bug you are trying to fix?
env->features[FEAT_XSAVE_COMP_*] is already
On 14.07.20 20:37, Andrey Shinkevich wrote:
> On 25.06.2020 18:21, Max Reitz wrote:
>> Instead of looking at just bs->file and bs->backing, we should look at
>> all children that could end up receiving forwarded requests.
>>
>> Signed-off-by: Max Reitz
>> ---
>> block/io.c | 32
On Thu, Jul 16, 2020 at 04:20:19PM +0800, Xiaoyao Li wrote:
> When setting up XSAVE components, it needs to mask off those unsupported
> by KVM.
>
> Signed-off-by: Xiaoyao Li
We must never disable CPUID features silently based on host
capabilities, otherwise we can't guarantee guest ABI
On 14.07.20 16:52, Andrey Shinkevich wrote:
> On 25.06.2020 18:21, Max Reitz wrote:
>> Before HEAD^, we needed this because bdrv_co_flush() by itself would
>> only flush bs->file. With HEAD^, bdrv_co_flush() will flush all
>> children on which a WRITE or WRITE_UNCHANGED permission has been taken.
On 7/16/20 4:42 PM, Laszlo Ersek wrote:
> Quoting ISO C99 6.7.8p4, "All the expressions in an initializer for an
> object that has static storage duration shall be constant expressions or
> string literals".
>
> The compound literal produced by the make_floatx80() macro is not such a
> constant
On Tue, Jul 14, 2020 at 04:41:45PM +0800, Chenyi Qiang wrote:
> Add the missing VMX features in Skylake-Server, Cascadelake-Server and
> Icelake-Server CPU models. In Icelake-Server CPU model, it lacks sha_ni,
> avx512ifma, rdpid and fsrm. The model number of Icelake-Server also needs
> to be
To make deallocating partially constructed objects work, the
visit_type_STRUCT() need to succeed without doing anything when passed
a null object.
Commit cdd2b228b9 "qapi: Smooth visitor error checking in generated
code" broke that. To reproduce, run tests/test-qobject-input-visitor
with
On Thu, 16 Jul 2020 16:23:52 +0200
Markus Armbruster wrote:
> David Gibson writes:
>
> > On Thu, Jul 16, 2020 at 12:32:44PM +0200, Greg Kurz wrote:
> >> On Thu, 16 Jul 2020 14:45:40 +1000
> >> David Gibson wrote:
> >>
> >> > On Thu, Jul 09, 2020 at 07:12:47PM +0200, Greg Kurz wrote:
> >> > >
1 - 100 of 270 matches
Mail list logo
