On Mon, Jul 20, 2020 at 11:25:58PM +0200, Laszlo Ersek wrote:
> Hi Vitaly,
>
> adding Igor, Michael, Marcel, and qemu-devel.
>
> On 07/20/20 11:06, vit9696 wrote:
> > Hello,
> >
> > I discovered an issue with inconsistent QEMU/OVMF device paths, and
> > while I am unsure whether directing this e-
On 7/20/20 7:49 PM, Philippe Mathieu-Daudé wrote:
> The SDRAM Memory Controller has a 32-bit address bus, thus
> supports up to 4 GiB of DRAM. There is a signed to unsigned
> conversion error with the AST2600 maximum memory size:
>
> (uint64_t)(2048 << 20) = (uint64_t)(-2147483648)
>
+-- On Thu, 16 Jul 2020, Peter Maydell wrote --+
| > P J P
篋\x8E2020綛\xB46\xE6\x9C\x8825\xE6\x97ュ\x91\xA8\xE5\x9B\x9B
筝\x8A\xE5\x8D\x883:01\xE5\x86\x99\xE9\x81\x93鐚\x9A
| > > +static uint64_t flash_read(void *opaque, hwaddr offset, unsigned size)
| > > +{
| > > +NRF51NVMState *s = NRF51_NVM(
On 2020/7/20 下午9:03, Peter Xu wrote:
On Mon, Jul 20, 2020 at 12:02:06PM +0800, Jason Wang wrote:
Right, so there's no need to deal with unmap in vtd's replay implementation
(as what generic one did).
We don't even for now; see vtd_page_walk_info.notify_unmap. Thanks,
Right, but I meant th
This patch updates ARM-based machines to allow starting them without ROM.
In this case CPU starts to execute instructions from the empty memory,
but QEMU allows introspecting the machine configuration.
Signed-off-by: Pavel Dovgalyuk
--
v2:
- useless error reports were dropped (suggested by Pet
This patch updates MIPS-based machines to allow starting them without ROM.
In this case CPU starts to execute instructions from the empty memory,
but QEMU allows introspecting the machine configuration.
Signed-off-by: Pavel Dovgalyuk
---
hw/mips/fuloong2e.c |8 +++-
hw/mips/jazz.c |
Some machines require custom ROMs or kernels. They can't be started without
-bios, -kernel, or -pflash options. But this requirement can't be detected
automatically.
Running a romless machine may be needed for automatic introspection of default
machine hardware, when QEMU is started with a single
Hi Zong,
On Tue, Jul 21, 2020 at 2:03 PM Zong Li wrote:
>
> On RV64, the reg_index is 2 (pmpcfg2 CSR) after the seventh pmp
> entry, it is not 1 (pmpcfg1 CSR) like RV32. In the original
> implementation, the second parameter of pmp_write_cfg is
> "reg_index * sizeof(target_ulong)", and we get the
On 2020/7/21 下午1:59, Li Qiang wrote:
Jason Wang 于2020年7月21日周二 下午1:30写道:
On 2020/7/21 下午12:33, Li Qiang wrote:
Jason Wang 于2020年7月21日周二 上午10:03写道:
On 2020/7/21 上午12:45, Li Qiang wrote:
Alexander Bulekov reported a UAF bug related e1000e packets send.
-->https://bugs.launchpad.net/qemu/+b
The range of Physical Memory Protection should be from CSR_PMPCFG0
to CSR_PMPCFG3, not to CSR_PMPADDR9.
Signed-off-by: Zong Li
Reviewed-by: Alistair Francis
Reviewed-by: Bin Meng
---
target/riscv/csr.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/target/riscv/csr.c b/tar
On RV64, the reg_index is 2 (pmpcfg2 CSR) after the seventh pmp
entry, it is not 1 (pmpcfg1 CSR) like RV32. In the original
implementation, the second parameter of pmp_write_cfg is
"reg_index * sizeof(target_ulong)", and we get the the result
which is started from 16 if reg_index is 2, but we expec
This patch set contains the fixes for wrong index of pmpcfg CSR on rv64,
and the pmp range in CSR function table.
Changed in v2:
- Move out the shifting operation from loop. Suggested by Bin Meng.
Zong Li (2):
target/riscv: Fix the range of pmpcfg of CSR funcion table
target/riscv/pmp.c: Fix
Jason Wang 于2020年7月21日周二 下午1:30写道:
>
>
> On 2020/7/21 下午12:33, Li Qiang wrote:
> > Jason Wang 于2020年7月21日周二 上午10:03写道:
> >>
> >> On 2020/7/21 上午12:45, Li Qiang wrote:
> >>> Alexander Bulekov reported a UAF bug related e1000e packets send.
> >>>
> >>> -->https://bugs.launchpad.net/qemu/+bug/188636
Eduardo Habkost writes:
> On Mon, Jul 20, 2020 at 09:38:24AM +0200, Markus Armbruster wrote:
>> Eduardo Habkost writes:
>>
>> > On Fri, Jul 17, 2020 at 07:10:57AM +0200, Markus Armbruster wrote:
>> >> Eduardo Habkost writes:
>> >>
>> >> > I'd also note that the use of "parent" in the code is
The file docs/devel/fuzzing.txt should be in this section, too, and add
myself as a reviewer (since I often take the fuzzer patches through the
qtest-next tree, I should be notified on patches, too).
Signed-off-by: Thomas Huth
---
MAINTAINERS | 2 ++
1 file changed, 2 insertions(+)
diff --git a
On 07/07/2020 06.41, Alexander Bulekov wrote:
> On 200706 1555, Alexander Bulekov wrote:
>> Signed-off-by: Alexander Bulekov
>> ---
>> docs/devel/fuzzing.txt | 19 +++
>> 1 file changed, 19 insertions(+)
>>
>> diff --git a/docs/devel/fuzzing.txt b/docs/devel/fuzzing.txt
>> index 2
On 2020/7/21 下午12:33, Li Qiang wrote:
Jason Wang 于2020年7月21日周二 上午10:03写道:
On 2020/7/21 上午12:45, Li Qiang wrote:
Alexander Bulekov reported a UAF bug related e1000e packets send.
-->https://bugs.launchpad.net/qemu/+bug/1886362
This is because the guest trigger a e1000e packet send and set
On 06/07/2020 21.55, Alexander Bulekov wrote:
> Signed-off-by: Alexander Bulekov
> ---
> docs/devel/fuzzing.txt | 7 +--
> 1 file changed, 5 insertions(+), 2 deletions(-)
>
> diff --git a/docs/devel/fuzzing.txt b/docs/devel/fuzzing.txt
> index 324d2cd92b..382ade974e 100644
> --- a/docs/devel
Jason Wang 于2020年7月21日周二 上午10:03写道:
>
>
> On 2020/7/21 上午12:45, Li Qiang wrote:
> > Alexander Bulekov reported a UAF bug related e1000e packets send.
> >
> > -->https://bugs.launchpad.net/qemu/+bug/1886362
> >
> > This is because the guest trigger a e1000e packet send and set the
> > data's addres
On Tue, Jul 21, 2020 at 10:41 AM Bin Meng wrote:
>
> Hi Zong,
>
> On Mon, Jul 20, 2020 at 5:46 PM Zong Li wrote:
> >
> > On RV64, the reg_index is 2 (pmpcfg2 CSR) after the seventh pmp
> > entry, it is not 1 (pmpcfg1 CSR) like RV32. In the original
> > implementation, the second parameter of pmp_
Hi Kirti,
Sorry to disturb you since this patch set has been merged, and I cannot
receive the qemu-side emails about this patch set.
We are going to support migration for VFIO devices which support dirty
pages tracking.
And we also plan to leverage SMMU HTTU feature to do the dirty pages
trackin
On Mon, Jul 20, 2020 at 5:48 PM Zong Li wrote:
>
> The range of Physical Memory Protection should be from CSR_PMPCFG0
> to CSR_PMPCFG3, not to CSR_PMPADDR9.
>
> Signed-off-by: Zong Li
> ---
> target/riscv/csr.c | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
Reviewed-by: Bin Meng
Hi Zong,
On Mon, Jul 20, 2020 at 5:46 PM Zong Li wrote:
>
> On RV64, the reg_index is 2 (pmpcfg2 CSR) after the seventh pmp
> entry, it is not 1 (pmpcfg1 CSR) like RV32. In the original
> implementation, the second parameter of pmp_write_cfg is
> "reg_index * sizeof(target_ulong)", and we get the
On 2020/7/20 下午6:39, Sean Mooney wrote:
On Mon, 2020-07-20 at 11:41 +0800, Jason Wang wrote:
On 2020/7/18 上午12:12, Alex Williamson wrote:
On Thu, 16 Jul 2020 16:32:30 +0800
Yan Zhao wrote:
On Thu, Jul 16, 2020 at 12:16:26PM +0800, Jason Wang wrote:
On 2020/7/14 上午7:29, Yan Zhao wrote:
hi
On 2020/7/21 上午12:45, Li Qiang wrote:
Alexander Bulekov reported a UAF bug related e1000e packets send.
-->https://bugs.launchpad.net/qemu/+bug/1886362
This is because the guest trigger a e1000e packet send and set the
data's address to e1000e's MMIO address. So when the e1000e do DMA
it will
On Fri, Jul 17, 2020 at 10:12:58AM -0600, Alex Williamson wrote:
<...>
> > yes, in another reply, Alex proposed to use an interface in json format.
> > I guess we can define something like
> >
> > { "self" :
> > [
> > { "pciid" : "8086591d",
> > "driver" : "i915",
> > "gvt-versio
Kenta Ishiguro 于2020年7月20日周一 上午11:14写道:
>
> Fix a typo in an error message for KVM_SET_IRQCHIP ioctl:
> "KVM_GET_IRQCHIP" should be "KVM_SET_IRQCHIP".
>
> Signed-off-by: Kenta Ishiguro
Reviewed-by: Li Qiang
> ---
> hw/i386/kvm/ioapic.c | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
Hi,
My name is Pratik Pranav, a second-year undergraduate student,
majoring in Computer
Science at Indian Institute of Technology(IIT), Delhi. I am currently
working on building a messaging layer between two VMs(x86 and ARM) using
ivshmem(rev 1) and currently deploying on QEMU.
I am facing a pr
On 7/17/20 9:38 AM, Philippe Mathieu-Daudé wrote:
libFuzzer found an undefined behavior (#DIV/0!) in ide_set_sector()
when using a CD-ROM (reproducer available on the BugLink):
UndefinedBehaviorSanitizer:DEADLYSIGNAL
==12163==ERROR: UndefinedBehaviorSanitizer: FPE on unknown address
0x561
The TPM 2 code in libtpms was fixed to handle the PCR 'TCB group' according
to the PCClient profile. The change of the PCRs belonging to the 'TCB group'
now affects the pcrUpdateCounter in the TPM2_PCRRead() responses where its
value is now different (typically lower by '1') than what it was before
On Mon, Jul 20, 2020 at 2:48 AM Zong Li wrote:
>
> The range of Physical Memory Protection should be from CSR_PMPCFG0
> to CSR_PMPCFG3, not to CSR_PMPADDR9.
>
> Signed-off-by: Zong Li
Reviewed-by: Alistair Francis
Alistair
> ---
> target/riscv/csr.c | 2 +-
> 1 file changed, 1 insertion(+),
On Sat, Jul 18, 2020 at 11:09 AM Peter Maydell wrote:
>
> On Sat, 18 Jul 2020 at 15:45, Jessica Clarke wrote:
> > On 18 Jul 2020, at 08:42, Philippe Mathieu-Daudé wrote:
> > > Maybe easier to cache the whole u64, this matches RTC_ALARM_LOW /
> > > RTC_ALARM_HIGH pattern (goldfish_rtc_vmstate cha
Exit on TPM backend failures in the same way as the TPM CRB and TIS device
models do. With this change we now get an error report when the backend
did not start up properly:
error: internal error: qemu unexpectedly closed the monitor:
2020-07-07T12:49:28.333928Z qemu-system-ppc64: tpm-emulator: \
On 07/20/20 14:35, Philippe Mathieu-Daudé wrote:
> Commits b6d7e9b66f..a43770df5d simplified the error propagation.
> Similarly to commit 6fd5bef10b "qom: Make functions taking Error**
> return bool, not void", let fw_cfg_add_from_generator() return a
> boolean value, not void.
> This allow to simp
Hi Vitaly,
adding Igor, Michael, Marcel, and qemu-devel.
On 07/20/20 11:06, vit9696 wrote:
> Hello,
>
> I discovered an issue with inconsistent QEMU/OVMF device paths, and
> while I am unsure whether directing this e-mail is appropriate to you,
> I believe that you likely have the contacts you co
inyard/tags/for-qemu-i2c-5' into
> staging (2020-07-20 11:03:09 +0100)
>
> are available in the Git repository at:
>
> https://git.linaro.org/people/pmaydell/qemu-arm.git
> tags/pull-target-arm-20200720
>
> for you to fetch changes up to 6a0b7505f1fd6769c3f1558fda76464d5
On Fri, Jul 10, 2020 at 05:57:18PM -0400, John Snow wrote:
> I'm proposing that I split the actual Python library off from the other
> miscellaneous python scripts we have and declare it maintained. Add
> myself as a maintainer of this folder, along with Cleber.
>
> Signed-off-by: John Snow
> ---
Hi,
On Mon, Jul 20, 2020 at 10:40:39AM -0700, Richard Henderson wrote:
> Two temps allocated but not freed. Do enough subtractions
> within a single TB and one can run out of temps entirely.
>
> Cc: qemu-sta...@nongnu.org
> Buglink: https://bugs.launchpad.net/qemu/+bug/1880287
> Signed-off-by: R
On Mon, Jul 20, 2020 at 12:02:52PM -0400, John Snow wrote:
> 3 seconds is too short for some tests running inside busy VMs. Build it out to
> a rather generous 30 seconds to find out conclusively if there are more severe
> problems in the merge/CI tests.
>
> Signed-off-by: John Snow
It's weird h
On 7/20/20 4:01 PM, Eduardo Habkost wrote:
On Mon, Jul 20, 2020 at 12:02:52PM -0400, John Snow wrote:
3 seconds is too short for some tests running inside busy VMs. Build it out to
a rather generous 30 seconds to find out conclusively if there are more severe
problems in the merge/CI tests.
Sig
On 7/20/20 4:17 AM, David Hildenbrand wrote:
> On 24.06.20 22:23, Collin Walling wrote:
>> Rework the SCLP boundary check to account for different SCLP commands
>> (eventually) allowing different boundary sizes.
>>
>> Move the length check code into a separate function, and introduce a
>> new funct
On 7/20/20 4:19 AM, David Hildenbrand wrote:
> On 24.06.20 22:23, Collin Walling wrote:
>> The header of the SCCB contains the actual length of the SCCB. Instead
>> of using a static 4K size, let's allow for a variable size determined
>> by the value set in the header. The proper checks are already
On Mon, Jul 20, 2020 at 12:02:52PM -0400, John Snow wrote:
> 3 seconds is too short for some tests running inside busy VMs. Build it out to
> a rather generous 30 seconds to find out conclusively if there are more severe
> problems in the merge/CI tests.
>
> Signed-off-by: John Snow
I would send
20.07.2020 21:57, Philippe Mathieu-Daudé пишет:
> Since commit 5d971f9e67 we don't accept mismatching sizes
> in memory_region_access_valid(). This gives troubles when
> a device is on an ISA bus, because the CPU is free to use
> 8/16-bit accesses on the bus (or up to 32-bit on EISA bus),
> regardl
On 7/20/20 10:23 AM, Philippe Mathieu-Daudé wrote:
> When realizing a Super I/O with IDE controller [*], we get:
>
> qom/object.c:1684: object_property_try_add_child: Assertion
> `!child->parent' failed.
> Aborted (core dumped)
>
> This is because the device is already realized when we try t
On Fri, May 15, 2020 at 01:48:47PM +0200, Vitaly Kuznetsov wrote:
> Hyper-V TLFS prior to version 6.0 had a mistake in it: special value
> '0x' for CPUID 0x4004.EBX was called 'never to retry', this
> looked weird (like why it's not '0' which supposedly have the same effect?)
> but nobo
As another interesting data point - with dynamically linked qemu-x86_64,
when it doesn't work, the process is consuming about 140% of CPU. On a
successful run, the process is consuming about 30% of CPU.
--
You received this bug notification because you are a member of qemu-
devel-ml, which is sub
Public bug reported:
QEMU Version: 5.0.0
./configure --target-list=x86_64-linux-user --enable-user --prefix=/opt/qemu
--static
Testing using node_exporter from pmm-client-1.17.4-1.el8.x86_64.rpm
aarch64 system is running CentOS 8 with a mainline 5.4.52 kernel built
for 4KB memory pages.
On aar
(Copies in Dave Hildenbrand)
* Peter Maydell (peter.mayd...@linaro.org) wrote:
> On Sat, 18 Jul 2020 at 14:21, David CARLIER wrote:
> >
> > From a9e3cced279ae55a59847ba232f7828bc2479367 Mon Sep 17 00:00:00 2001
> > From: David Carlier
> > Date: Sat, 18 Jul 2020 13:29:44 +0100
> > Subject: [PATCH
On 07/17/20 15:13, Igor Mammedov wrote:
> On Tue, 14 Jul 2020 14:28:29 +0200
> Laszlo Ersek wrote:
>
>> (CC'ing Peter Krempa due to virsh setvcpu (singular) / setvcpus (plural)
>> references)
>>
>> On 07/10/20 18:17, Igor Mammedov wrote:
> [...]
>
>> (3) Just a thought: I wonder if we should res
Since commit 5d971f9e67 we don't accept mismatching sizes
in memory_region_access_valid(). This gives troubles when
a device is on an ISA bus, because the CPU is free to use
8/16-bit accesses on the bus (or up to 32-bit on EISA bus),
regardless what range is valid for the device.
Add a check to en
On Mon, Jul 20, 2020 at 11:19 AM Pankaj Vinadrao Joshi
wrote:
>
> Hi Alistair Francis,
>
> Thanks for your response.I have same concern for other riscv hardware with
> custom kernel will same be applicable for it?If no from where i should change
> my kernel image since there also i am not able t
On 7/14/20 6:42 PM, Philippe Mathieu-Daudé wrote:
> Fix the memory leak reported by Coverity (CID 1430449).
>
> Philippe Mathieu-Daudé (4):
> qemu/osdep: Document os_find_datadir() return value
> qemu/osdep: Reword qemu_get_exec_dir() documentation
> qemu-common: Document qemu_find_file()
>
On 7/20/20 4:18 PM, Daniel P. Berrangé wrote:
> On Tue, Jul 14, 2020 at 06:42:57PM +0200, Philippe Mathieu-Daudé wrote:
>> The value returned by qemu_find_file() must be freed.
>>
>> This fixes Coverity issue CID 1430449, which points out
>> that the memory returned by qemu_find_file() is leaked.
>
On 7/20/20 4:16 PM, Daniel P. Berrangé wrote:
> On Tue, Jul 14, 2020 at 06:42:56PM +0200, Philippe Mathieu-Daudé wrote:
>> Document qemu_find_file(), in particular the returned
>> value which must be freed.
>>
>> Signed-off-by: Philippe Mathieu-Daudé
>> ---
>> include/qemu-common.h | 14 +
On Mon, Jul 20, 2020 at 09:07:14PM +0300, Vladimir Sementsov-Ogievskiy wrote:
> Utilize new socket API to make a non-blocking connect for inet sockets.
>
> Signed-off-by: Vladimir Sementsov-Ogievskiy
> ---
> include/io/channel-socket.h | 14 +++
> io/channel-socket.c | 74 +++
Since commit 5d971f9e67 we don't accept mismatching sizes
in memory_region_access_valid(). This gives troubles when
a device is on an ISA bus, because the CPU is free to use
8/16/32-bit accesses on the bus, regardless what range is
valid for the device.
Add a check to ensure devices plugged on the
I have now been able to reproduce this on X86 as well.
It happens much more rarely, about once every 10 times.
I will sort out the data and try to make it even more reproducible, then post
my findings in detail.
Overall I proceeded as follows:
1) hooked the savevm code to skip all fields with
Hi Alistair Francis,
Thanks for your response.I have same concern for other riscv hardware with
custom kernel will same be applicable for it?If no from where i should change
my kernel image since there also i am not able to find grub and the
clarification given on web are seems to be very speci
Utilize new socket API to make a non-blocking connect for inet sockets.
Signed-off-by: Vladimir Sementsov-Ogievskiy
---
include/io/channel-socket.h | 14 +++
io/channel-socket.c | 74 +
2 files changed, 88 insertions(+)
diff --git a/include/io/cha
We are going to implement non-blocking connect in io/channel-socket.
non-blocking connect includes three phases:
1. connect() call
2. wait until socket is ready
3. check result
io/channel-socket has wait-on-socket API (qio_channel_yield(),
qio_channel_wait()), so it's a good place fo
This make nbd connection_co to yield during reconnects, so that
reconnect doesn't hang up the main thread. This is very important in
case of unavailable nbd server host: connect() call may take a long
time, blocking the main thread (and due to reconnect, it will hang
again and again with small gaps
We are going to publish inet_connect_addr to be used in separate. Let's
move keep_alive handling to it. Pass the whole InetSocketAddress
pointer, not only keep_alive, so that future external callers will not
care about internals of InetSocketAddress.
While being here, remove redundant inet_connect
Hi! This fixes real problem (see 04). On the other hand it may be too
much for 5.1, and it's not a degradation. So, up to you.
It's based on "[PATCH for-5.1? 0/3] Fix nbd reconnect dead-locks", or
in other words
Based-on: <20200720090024.18186-1-vsement...@virtuozzo.com>
Vladimir Sementsov-Ogievs
16.07.2020 16:53, Max Reitz wrote:
Signed-off-by: Max Reitz
---
tests/qemu-iotests/300 | 511 +
tests/qemu-iotests/300.out | 5 +
tests/qemu-iotests/group | 1 +
3 files changed, 517 insertions(+)
create mode 100755 tests/qemu-iotests/300
cr
From: Alexander Duyck
Recently a feature named Free Page Reporting was added to the virtio
balloon. In order to avoid any confusion we should drop the use of the word
'report' when referring to Free Page Hinting. So what this patch does is go
through and replace all instances of 'report' with 'hi
From: Alexander Duyck
Based on code review it appears possible for the driver to force the device
out of a stopped state when hinting by repeating the last ID it was
provided.
Prevent this by only allowing a transition to the start state when we are
in the requested state. This way the driver is
From: Alexander Duyck
There is already locking in place when we are stopping free page hinting
but there is not similar protections in place when we start. I can only
assume this was overlooked as in most cases the page hinting should not be
occurring when we are starting the hinting, however the
This series contains a couple minor cleanups related to free page hinting.
The first patch addresses what I believe is a possible issue in which the
driver could potentially force the device out of the stop state and back
into the running state if it were to replay an earlier virtqueue element
con
The SDRAM Memory Controller has a 32-bit address bus, thus
supports up to 4 GiB of DRAM. There is a signed to unsigned
conversion error with the AST2600 maximum memory size:
(uint64_t)(2048 << 20) = (uint64_t)(-2147483648)
= 0x4000
=
On 7/20/20 5:23 AM, Alex Bennée wrote:
> I missed Emilio's review comments:
>
> Message-ID: <20200718205107.GA994221@sff>
>
> and the patch got merged. Correcting the comments now.
>
> Reviewed-by: Emilio G. Cota
> Signed-off-by: Alex Bennée
> ---
> accel/tcg/cputlb.c | 11 +--
> 1
On 7/20/20 7:40 PM, Richard Henderson wrote:
> Two temps allocated but not freed. Do enough subtractions
> within a single TB and one can run out of temps entirely.
>
> Cc: qemu-sta...@nongnu.org
Fixes: b2167459ae ("target-hppa: Implement basic arithmetic")
> Buglink: https://bugs.launchpad.net
Thanks for the debugging. Failure to free temporaries.
** Changed in: qemu
Status: New => In Progress
** Changed in: qemu
Assignee: (unassigned) => Richard Henderson (rth)
--
You received this bug notification because you are a member of qemu-
devel-ml, which is subscribed to QEMU.
Two temps allocated but not freed. Do enough subtractions
within a single TB and one can run out of temps entirely.
Cc: qemu-sta...@nongnu.org
Buglink: https://bugs.launchpad.net/qemu/+bug/1880287
Signed-off-by: Richard Henderson
---
target/hppa/translate.c | 2 ++
1 file changed, 2 insertions(
On 7/20/20 6:07 PM, Cédric Le Goater wrote:
> On 7/20/20 11:58 AM, Philippe Mathieu-Daudé wrote:
>> The SDRAM Memory Controller has a 32-bit address bus, thus
>> supports up to 4 GiB of DRAM. There is a signed to unsigned
>> conversion error with the AST2600 maximum memory size:
>>
>> (uint64_t)(
On 07/17/20 14:57, Igor Mammedov wrote:
> On Tue, 14 Jul 2020 12:56:50 +0200
> Laszlo Ersek wrote:
>
>> On 07/10/20 18:17, Igor Mammedov wrote:
> [...]
>
>>> @@ -1508,6 +1508,17 @@ static void pc_cpu_pre_plug(HotplugHandler
>>> *hotplug_dev,
>>> return;
>>> }
>>>
>>> +if (pcms
When realizing a Super I/O with IDE controller [*], we get:
qom/object.c:1684: object_property_try_add_child: Assertion `!child->parent'
failed.
Aborted (core dumped)
This is because the device is already realized when we try to
add the QOM property to the parent. Fix by realizing *after*
ad
On Mon, Jul 20, 2020 at 05:18:54PM +0100, Peter Maydell wrote:
> On Thu, 9 Jul 2020 at 03:47, Cleber Rosa wrote:
> >
> > The idea about a public facing Gating CI for QEMU was summarized in an
> > RFC[1]. Since then, it was decided that a simpler version should be
> > attempted first.
> >
> > At t
Thank you everyone who joined!
I didn't take notes but two things stood out:
1. The ivshmem v2 and virtio-vhost-user use cases are quite different
so combining them does not seem realistic. ivshmem v2 needs to be as
simple for the hypervisor to implement as possible even if this
involves some sac
On Mon, Jul 20, 2020 at 2:46 AM Pankaj Vinadrao Joshi
wrote:
>
> Hi ,
> I am trying to replace my existing kernel image which is 5.5.6 to 5.5.7 on
> qemuriscv64 i would like to mention i have built my qemu image with
> openembedded-core.
>
> i have tried to build the kernel 5.5.7 natively,i was
On 06/07/2020 21.55, Alexander Bulekov wrote:
> We already have a nice --enable-sanitizers option to enable
> AddressSanitizer. There is no reason to duplicate and force this
> functionality in --enable-fuzzing. In the future, if more sanitizers are
> added to --enable-sanitizers, it might be impos
16.07.2020 16:53, Max Reitz wrote:
Signed-off-by: Max Reitz
---
tests/qemu-iotests/iotests.py | 4
1 file changed, 4 insertions(+)
diff --git a/tests/qemu-iotests/iotests.py b/tests/qemu-iotests/iotests.py
index 3590ed78a0..fb240a334c 100644
--- a/tests/qemu-iotests/iotests.py
+++ b/tes
Alexander Bulekov reported a UAF bug related e1000e packets send.
-->https://bugs.launchpad.net/qemu/+bug/1886362
This is because the guest trigger a e1000e packet send and set the
data's address to e1000e's MMIO address. So when the e1000e do DMA
it will write the MMIO again and trigger re-entra
The semihosting v2 support went into QEMU in the 4.2 release, but I
forgot to close this bug...
** Changed in: qemu
Status: In Progress => Fix Released
--
You received this bug notification because you are a member of qemu-
devel-ml, which is subscribed to QEMU.
https://bugs.launchpad.ne
Should be fixed in current git, will be in 5.2.
** Changed in: qemu
Status: In Progress => Fix Committed
--
You received this bug notification because you are a member of qemu-
devel-ml, which is subscribed to QEMU.
https://bugs.launchpad.net/bugs/1873898
Title:
arm linux-user: bkpt i
Fixed in commit 4066288694c3bdd175df8, which will be in 5.1.
** Changed in: qemu
Status: In Progress => Fix Committed
--
You received this bug notification because you are a member of qemu-
devel-ml, which is subscribed to QEMU.
https://bugs.launchpad.net/bugs/1881004
Title:
fpu/softf
16.07.2020 16:53, Max Reitz wrote:
This migration parameter allows mapping block node names and bitmap
names to aliases for the purpose of block dirty bitmap migration.
This way, management tools can use different node and bitmap names on
the source and destination and pass the mapping of how bi
On Thu, 9 Jul 2020 at 03:47, Cleber Rosa wrote:
>
> The idea about a public facing Gating CI for QEMU was summarized in an
> RFC[1]. Since then, it was decided that a simpler version should be
> attempted first.
>
> At this point, there are two specific runners (an aarch64 and an s390)
> register
On 7/20/20 5:58 PM, Michael S. Tsirkin wrote:
> On Mon, Jul 20, 2020 at 06:39:15PM +0300, Michael Tokarev wrote:
>> >From the ACPI spec (4.8.3.2.1 PM1 Control Registers):
>>
>> Register Location: System I/O or Memory Space
>> Default Value: 00h
>> Attribute: Read/Write
>> Size:
All ISA registers should be accessible as bytes, words or dwords
(if wide enough). Fix the access constraints for acpi-pm-evt,
acpi-pm-tmr & acpi-cnt registers.
Fixes: 5d971f9e67 (memory: Revert "memory: accept mismatching sizes in
memory_region_access_valid")
Fixes: afafe4bbe0 (apci: switch cnt
On 25.06.2020 18:21, Max Reitz wrote:
This allows us to differentiate between filters and nodes with COW
backing files: Filters cannot be used as overlays at all (for this
function).
Signed-off-by: Max Reitz
---
blockdev.c | 7 ++-
1 file changed, 6 insertions(+), 1 deletion(-)
diff --g
On 7/20/20 11:58 AM, Philippe Mathieu-Daudé wrote:
> The SDRAM Memory Controller has a 32-bit address bus, thus
> supports up to 4 GiB of DRAM. There is a signed to unsigned
> conversion error with the AST2600 maximum memory size:
>
> (uint64_t)(2048 << 20) = (uint64_t)(-2147483648)
>
3 seconds is too short for some tests running inside busy VMs. Build it out to
a rather generous 30 seconds to find out conclusively if there are more severe
problems in the merge/CI tests.
Signed-off-by: John Snow
---
python/qemu/machine.py | 30 +++---
1 file changed, 1
Untested; on a new machine today.
John Snow (1):
python/machine: Change default timeout to 30 seconds
python/qemu/machine.py | 30 +++---
1 file changed, 15 insertions(+), 15 deletions(-)
--
2.26.2
On Mon, Jul 20, 2020 at 09:38:24AM +0200, Markus Armbruster wrote:
> Eduardo Habkost writes:
>
> > On Fri, Jul 17, 2020 at 07:10:57AM +0200, Markus Armbruster wrote:
> >> Eduardo Habkost writes:
> >>
> >> > I'd also note that the use of "parent" in the code is also
> >> > ambiguous. It can mea
On Mon, Jul 20, 2020 at 06:39:15PM +0300, Michael Tokarev wrote:
> >From the ACPI spec (4.8.3.2.1 PM1 Control Registers):
>
> Register Location: System I/O or Memory Space
> Default Value: 00h
> Attribute: Read/Write
> Size: PM1_CNT_LEN (2 bytes)
> The PM1 control registe
On Mon, Jul 20, 2020 at 05:07:08PM +0200, Markus Armbruster wrote:
> What is the intended purpose of object_property_set_link() in
>
> static void virtio_rng_pci_realize(VirtIOPCIProxy *vpci_dev, Error **errp)
> {
> VirtIORngPCI *vrng = VIRTIO_RNG_PCI(vpci_dev);
> DeviceSta
We forgot to update cc_op before these branch insns,
which lead to losing track of the current eflags.
Buglink: https://bugs.launchpad.net/qemu/+bug/1888165
Signed-off-by: Richard Henderson
---
target/i386/translate.c | 1 +
1 file changed, 1 insertion(+)
diff --git a/target/i386/translate.c b/
On 20.07.20 16:43, Heiko Carstens wrote:
> On Wed, Jul 15, 2020 at 07:51:27PM +0200, David Hildenbrand wrote:
>>> Regarding documentation (some linked in the cover letter), so far I have
>>> (generic/x86-64)
>>>
>>> 1. https://virtio-mem.gitlab.io/
>>> 2. virtio spec proposal [1]
>>> 3. QEMU 910b25
>From the ACPI spec (4.8.3.2.1 PM1 Control Registers):
Register Location: System I/O or Memory Space
Default Value: 00h
Attribute: Read/Write
Size: PM1_CNT_LEN (2 bytes)
The PM1 control registers contain the fixed hardware feature control bits.
These bits can be split bet
1 - 100 of 256 matches
Mail list logo
