- 23 6月, 2020 40 次提交
-
-
由 Niek Linnenbank 提交于
The Cubieboard is a singleboard computer with an Allwinner A10 System-on-Chip [1]. As documented in the Allwinner A10 User Manual V1.5 [2], the SoC has an ARM Cortex-A8 processor. Currently the Cubieboard machine definition specifies the ARM Cortex-A9 in its description and as the default CPU. This patch corrects the Cubieboard machine definition to use the ARM Cortex-A8. The only user-visible effect is that our textual description of the machine was wrong, because hw/arm/allwinner-a10.c always creates a Cortex-A8 CPU regardless of the default value in the MachineClass struct. [1] http://docs.cubieboard.org/products/start#cubieboard1 [2] https://linux-sunxi.org/File:Allwinner_A10_User_manual_V1.5.pdf Fixes: 8a863c81Signed-off-by: NNiek Linnenbank <nieklinnenbank@gmail.com> Message-id: 20200227220149.6845-2-nieklinnenbank@gmail.com Reviewed-by: NPhilippe Mathieu-Daudé <philmd@redhat.com> Reviewed-by: NPeter Maydell <peter.maydell@linaro.org> [note in commit message that the bug didn't have much visible effect] Signed-off-by: NPeter Maydell <peter.maydell@linaro.org> (cherry picked from commit 2104df2a) Signed-off-by: NMichael Roth <mdroth@linux.vnet.ibm.com>
-
由 Pan Nengyuan 提交于
virtio queues forgot to delete in unrealize, and aslo error path in realize, this patch fix these memleaks, the leak stack is as follow: Direct leak of 114688 byte(s) in 16 object(s) allocated from: #0 0x7f24024fdbf0 in calloc (/lib64/libasan.so.3+0xcabf0) #1 0x7f2401642015 in g_malloc0 (/lib64/libglib-2.0.so.0+0x50015) #2 0x55ad175a6447 in virtio_add_queue /mnt/sdb/qemu/hw/virtio/virtio.c:2327 #3 0x55ad17570cf9 in vhost_user_blk_device_realize /mnt/sdb/qemu/hw/block/vhost-user-blk.c:419 #4 0x55ad175a3707 in virtio_device_realize /mnt/sdb/qemu/hw/virtio/virtio.c:3509 #5 0x55ad176ad0d1 in device_set_realized /mnt/sdb/qemu/hw/core/qdev.c:876 #6 0x55ad1781ff9d in property_set_bool /mnt/sdb/qemu/qom/object.c:2080 #7 0x55ad178245ae in object_property_set_qobject /mnt/sdb/qemu/qom/qom-qobject.c:26 #8 0x55ad17821eb4 in object_property_set_bool /mnt/sdb/qemu/qom/object.c:1338 #9 0x55ad177aeed7 in virtio_pci_realize /mnt/sdb/qemu/hw/virtio/virtio-pci.c:1801 Reported-by: NEuler Robot <euler.robot@huawei.com> Signed-off-by: NPan Nengyuan <pannengyuan@huawei.com> Reviewed-by: NStefan Hajnoczi <stefanha@redhat.com> Message-Id: <20200224041336.30790-2-pannengyuan@huawei.com> Reviewed-by: NStefan Hajnoczi <stefanha@redhat.com> Reviewed-by: NMichael S. Tsirkin <mst@redhat.com> Signed-off-by: NMichael S. Tsirkin <mst@redhat.com> (cherry picked from commit 13e54681) Signed-off-by: NMichael Roth <mdroth@linux.vnet.ibm.com>
-
由 Pan Nengyuan 提交于
Similar to other virtio-deivces, ctrl_vq forgot to delete in virtio_crypto_device_unrealize, this patch fix it. This device has aleardy maintained vq pointers. Thus, we use the new virtio_delete_queue function directly to do the cleanup. The leak stack: Direct leak of 10752 byte(s) in 3 object(s) allocated from: #0 0x7f4c024b1970 in __interceptor_calloc (/lib64/libasan.so.5+0xef970) #1 0x7f4c018be49d in g_malloc0 (/lib64/libglib-2.0.so.0+0x5249d) #2 0x55a2f8017279 in virtio_add_queue /mnt/sdb/qemu-new/qemu_test/qemu/hw/virtio/virtio.c:2333 #3 0x55a2f8057035 in virtio_crypto_device_realize /mnt/sdb/qemu-new/qemu_test/qemu/hw/virtio/virtio-crypto.c:814 #4 0x55a2f8005d80 in virtio_device_realize /mnt/sdb/qemu-new/qemu_test/qemu/hw/virtio/virtio.c:3531 #5 0x55a2f8497d1b in device_set_realized /mnt/sdb/qemu-new/qemu_test/qemu/hw/core/qdev.c:891 #6 0x55a2f8b48595 in property_set_bool /mnt/sdb/qemu-new/qemu_test/qemu/qom/object.c:2238 #7 0x55a2f8b54fad in object_property_set_qobject /mnt/sdb/qemu-new/qemu_test/qemu/qom/qom-qobject.c:26 #8 0x55a2f8b4de2c in object_property_set_bool /mnt/sdb/qemu-new/qemu_test/qemu/qom/object.c:1390 #9 0x55a2f80609c9 in virtio_crypto_pci_realize /mnt/sdb/qemu-new/qemu_test/qemu/hw/virtio/virtio-crypto-pci.c:58 Reported-by: NEuler Robot <euler.robot@huawei.com> Signed-off-by: NPan Nengyuan <pannengyuan@huawei.com> Cc: "Gonglei (Arei)" <arei.gonglei@huawei.com> Message-Id: <20200225075554.10835-5-pannengyuan@huawei.com> Reviewed-by: NMichael S. Tsirkin <mst@redhat.com> Signed-off-by: NMichael S. Tsirkin <mst@redhat.com> (cherry picked from commit d56e1c82) Signed-off-by: NMichael Roth <mdroth@linux.vnet.ibm.com>
-
由 Pan Nengyuan 提交于
Similar to other virtio-devices, rq_vq forgot to delete in virtio_pmem_unrealize, this patch fix it. This device has already maintained a vq pointer, thus we use the new virtio_delete_queue function directly to do the cleanup. Reported-by: NEuler Robot <euler.robot@huawei.com> Signed-off-by: NPan Nengyuan <pannengyuan@huawei.com> Message-Id: <20200225075554.10835-4-pannengyuan@huawei.com> Reviewed-by: NPhilippe Mathieu-Daudé <philmd@redhat.com> Reviewed-by: NMichael S. Tsirkin <mst@redhat.com> Signed-off-by: NMichael S. Tsirkin <mst@redhat.com> (cherry picked from commit 9861546e) Signed-off-by: NMichael Roth <mdroth@linux.vnet.ibm.com>
-
由 Peter Maydell 提交于
The PMCR_EL0.DP bit is bit 5, which is 0x20, not 0x10. 0x10 is 'X'. Correct our #define of PMCRDP and add the missing PMCRX. We do have the correct behaviour for handling the DP bit being set, so this fixes a guest-visible bug. Fixes: 033614c4Reviewed-by: NPhilippe Mathieu-Daudé <philmd@redhat.com> Reviewed-by: NRichard Henderson <richard.henderson@linaro.org> Signed-off-by: NPeter Maydell <peter.maydell@linaro.org> Message-id: 20200214175116.9164-17-peter.maydell@linaro.org (cherry picked from commit a1ed04dd) Signed-off-by: NMichael Roth <mdroth@linux.vnet.ibm.com>
-
由 Max Reitz 提交于
When printing the snapshot list (e.g. with qemu-img snapshot -l), the VM size field is only seven characters wide. As of de38b500, this is not necessarily sufficient: We generally print three digits, and this may require a decimal point. Also, the unit field grew from something as plain as "M" to " MiB". This means that number and unit may take up eight characters in total; but we also want spaces in front. Considering previously the maximum width was four characters and the field width was chosen to be three characters wider, let us adjust the field width to be eleven now. Fixes: de38b500 Buglink: https://bugs.launchpad.net/qemu/+bug/1859989Signed-off-by: NMax Reitz <mreitz@redhat.com> Message-Id: <20200117105859.241818-2-mreitz@redhat.com> Reviewed-by: NEric Blake <eblake@redhat.com> Signed-off-by: NMax Reitz <mreitz@redhat.com> (cherry picked from commit 804359b8) Signed-off-by: NMichael Roth <mdroth@linux.vnet.ibm.com>
-
Commit 7a3f542f "block/io: refactor padding" occasionally dropped aligning for zero-length request: bdrv_init_padding() blindly return false if bytes == 0, like there is nothing to align. This leads the following command to crash: ./qemu-io --image-opts -c 'write 1 0' \ driver=blkdebug,align=512,image.driver=null-co,image.size=512 >> qemu-io: block/io.c:1955: bdrv_aligned_pwritev: Assertion `(offset & (align - 1)) == 0' failed. >> Aborted (core dumped) Prior to 7a3f542f we does aligning of such zero requests. Instead of recovering this behavior let's just do nothing on such requests as it is useless. Note that driver may have special meaning of zero-length reqeusts, like qcow2_co_pwritev_compressed_part, so we can't skip any zero-length operation. But for unaligned ones, we can't pass it to driver anyway. This commit also fixes crash in iotest 80 running with -nocache: ./check -nocache -qcow2 80 which crashes on same assertion due to trying to read empty extra data in qcow2_do_read_snapshots(). Cc: qemu-stable@nongnu.org # v4.2 Fixes: 7a3f542fSigned-off-by: NVladimir Sementsov-Ogievskiy <vsementsov@virtuozzo.com> Reviewed-by: NMax Reitz <mreitz@redhat.com> Message-id: 20200206164245.17781-1-vsementsov@virtuozzo.com Signed-off-by: NStefan Hajnoczi <stefanha@redhat.com> (cherry picked from commit ac9d00bf) Signed-off-by: NMichael Roth <mdroth@linux.vnet.ibm.com>
-
由 Liang Yan 提交于
Commit e19afd56 mentioned that target-arm only supports queryable cpu models 'max', 'host', and the current type when KVM is in use. The logic works well until using machine type none. For machine type none, cpu_type will be null if cpu option is not set by command line, strlen(cpu_type) will terminate process. So We add a check above it. This won't affect i386 and s390x since they do not use current_cpu. Signed-off-by: NLiang Yan <lyan@suse.com> Message-id: 20200203134251.12986-1-lyan@suse.com Reviewed-by: NAndrew Jones <drjones@redhat.com> Tested-by: NAndrew Jones <drjones@redhat.com> Signed-off-by: NPeter Maydell <peter.maydell@linaro.org> (cherry picked from commit 0999a4ba) Signed-off-by: NMichael Roth <mdroth@linux.vnet.ibm.com>
-
This test checks that bug is really fixed by previous commit. Cc: qemu-stable@nongnu.org # v4.2.0 Signed-off-by: NVladimir Sementsov-Ogievskiy <vsementsov@virtuozzo.com> Message-id: 20200121142802.21467-3-vsementsov@virtuozzo.com Signed-off-by: NMax Reitz <mreitz@redhat.com> (cherry picked from commit a541fcc2) Signed-off-by: NMichael Roth <mdroth@linux.vnet.ibm.com>
-
We can't access top after call bdrv_backup_top_drop, as it is already freed at this time. Also, no needs to unref target child by hand, it will be unrefed on bdrv_close() automatically. So, just do bdrv_backup_top_drop if append succeed and one bdrv_unref otherwise. Note, that in !appended case bdrv_unref(top) moved into drained section on source. It doesn't really matter, but just for code simplicity. Fixes: 7df7868b Cc: qemu-stable@nongnu.org # v4.2.0 Signed-off-by: NVladimir Sementsov-Ogievskiy <vsementsov@virtuozzo.com> Reviewed-by: NMax Reitz <mreitz@redhat.com> Message-id: 20200121142802.21467-2-vsementsov@virtuozzo.com Signed-off-by: NMax Reitz <mreitz@redhat.com> (cherry picked from commit 0df62f45) Signed-off-by: NMichael Roth <mdroth@linux.vnet.ibm.com>
-
由 Pan Nengyuan 提交于
If we call the qmp 'query-block' while qemu is working on 'block-commit', it will cause memleaks, the memory leak stack is as follow: Indirect leak of 12360 byte(s) in 3 object(s) allocated from: #0 0x7f80f0b6d970 in __interceptor_calloc (/lib64/libasan.so.5+0xef970) #1 0x7f80ee86049d in g_malloc0 (/lib64/libglib-2.0.so.0+0x5249d) #2 0x55ea95b5bb67 in qdict_new /mnt/sdb/qemu-4.2.0-rc0/qobject/qdict.c:29 #3 0x55ea956cd043 in bdrv_refresh_filename /mnt/sdb/qemu-4.2.0-rc0/block.c:6427 #4 0x55ea956cc950 in bdrv_refresh_filename /mnt/sdb/qemu-4.2.0-rc0/block.c:6399 #5 0x55ea956cc950 in bdrv_refresh_filename /mnt/sdb/qemu-4.2.0-rc0/block.c:6399 #6 0x55ea956cc950 in bdrv_refresh_filename /mnt/sdb/qemu-4.2.0-rc0/block.c:6399 #7 0x55ea958818ea in bdrv_block_device_info /mnt/sdb/qemu-4.2.0-rc0/block/qapi.c:56 #8 0x55ea958879de in bdrv_query_info /mnt/sdb/qemu-4.2.0-rc0/block/qapi.c:392 #9 0x55ea9588b58f in qmp_query_block /mnt/sdb/qemu-4.2.0-rc0/block/qapi.c:578 #10 0x55ea95567392 in qmp_marshal_query_block qapi/qapi-commands-block-core.c:95 Indirect leak of 4120 byte(s) in 1 object(s) allocated from: #0 0x7f80f0b6d970 in __interceptor_calloc (/lib64/libasan.so.5+0xef970) #1 0x7f80ee86049d in g_malloc0 (/lib64/libglib-2.0.so.0+0x5249d) #2 0x55ea95b5bb67 in qdict_new /mnt/sdb/qemu-4.2.0-rc0/qobject/qdict.c:29 #3 0x55ea956cd043 in bdrv_refresh_filename /mnt/sdb/qemu-4.2.0-rc0/block.c:6427 #4 0x55ea956cc950 in bdrv_refresh_filename /mnt/sdb/qemu-4.2.0-rc0/block.c:6399 #5 0x55ea956cc950 in bdrv_refresh_filename /mnt/sdb/qemu-4.2.0-rc0/block.c:6399 #6 0x55ea9569f301 in bdrv_backing_attach /mnt/sdb/qemu-4.2.0-rc0/block.c:1064 #7 0x55ea956a99dd in bdrv_replace_child_noperm /mnt/sdb/qemu-4.2.0-rc0/block.c:2283 #8 0x55ea956b9b53 in bdrv_replace_node /mnt/sdb/qemu-4.2.0-rc0/block.c:4196 #9 0x55ea956b9e49 in bdrv_append /mnt/sdb/qemu-4.2.0-rc0/block.c:4236 #10 0x55ea958c3472 in commit_start /mnt/sdb/qemu-4.2.0-rc0/block/commit.c:306 #11 0x55ea94b68ab0 in qmp_block_commit /mnt/sdb/qemu-4.2.0-rc0/blockdev.c:3459 #12 0x55ea9556a7a7 in qmp_marshal_block_commit qapi/qapi-commands-block-core.c:407 Fixes: bb808d5fReported-by: NEuler Robot <euler.robot@huawei.com> Signed-off-by: NPan Nengyuan <pannengyuan@huawei.com> Message-id: 20200116085600.24056-1-pannengyuan@huawei.com Signed-off-by: NMax Reitz <mreitz@redhat.com> (cherry picked from commit cb895614) Signed-off-by: NMichael Roth <mdroth@linux.vnet.ibm.com>
-
由 Alex Bennée 提交于
When support for the AHP flag was added we inexplicably only freed the new temps in one of the two legs. Move those tcg_temp_free to the same level as the allocation to fix that leak. Fixes: 486624fcSigned-off-by: NAlex Bennée <alex.bennee@linaro.org> Message-id: 20200131153439.26027-1-alex.bennee@linaro.org Reviewed-by: NPhilippe Mathieu-Daudé <philmd@redhat.com> Reviewed-by: NPeter Maydell <peter.maydell@linaro.org> Signed-off-by: NPeter Maydell <peter.maydell@linaro.org> (cherry picked from commit aeab8e5e) Signed-off-by: NMichael Roth <mdroth@linux.vnet.ibm.com>
-
由 Gerd Hoffmann 提交于
Fixes: 3ba4066d ("ossaudio: port to the new audio backend api") Reported-by: Nziming zhang <ezrakiez@gmail.com> Signed-off-by: NGerd Hoffmann <kraxel@redhat.com> Message-Id: <20200120101804.29578-1-kraxel@redhat.com> Reviewed-by: NPhilippe Mathieu-Daudé <philmd@redhat.com> (cherry picked from commit 7a4ede00) Signed-off-by: NMichael Roth <mdroth@linux.vnet.ibm.com>
-
由 Zenghui Yu 提交于
If LPIs are disabled, KVM will just ignore the GICR_PENDBASER.PTZ bit when restoring GICR_CTLR. Setting PTZ here makes littlt sense in "reduce GIC initialization time". And what's worse, PTZ is generally programmed by guest to indicate to the Redistributor whether the LPI Pending table is zero when enabling LPIs. If migration is triggered when the PTZ has just been cleared by guest (and before enabling LPIs), we will see PTZ==1 on the destination side, which is not as expected. Let's just drop this hackish userspace behavior. Also take this chance to refine the comment a bit. Fixes: 367b9f52 ("hw/intc/arm_gicv3_kvm: Implement get/put functions") Signed-off-by: NZenghui Yu <yuzenghui@huawei.com> Message-id: 20200119133051.642-1-yuzenghui@huawei.com Reviewed-by: NPeter Maydell <peter.maydell@linaro.org> Signed-off-by: NPeter Maydell <peter.maydell@linaro.org> (cherry picked from commit 618bacab) Signed-off-by: NMichael Roth <mdroth@linux.vnet.ibm.com>
-
由 Marc-André Lureau 提交于
post-copy migration fails on destination with error such as: 2019-12-26T10:22:44.714644Z qemu-kvm: ram_block_discard_range: Unaligned start address: 0x559d2afae9a0 Use qemu_memalign() to constrain the PPI RAM memory alignment. Cc: qemu-stable@nongnu.org Signed-off-by: NMarc-André Lureau <marcandre.lureau@redhat.com> Reviewed-by: NPhilippe Mathieu-Daudé <philmd@redhat.com> Reviewed-by: NDr. David Alan Gilbert <dgilbert@redhat.com> Reviewed-by: NStefan Berger <stefanb@linux.ibm.com> Signed-off-by: NStefan Berger <stefanb@linux.ibm.com> Message-id: 20200103074000.1006389-3-marcandre.lureau@redhat.com (cherry picked from commit 71e415c8) Signed-off-by: NMichael Roth <mdroth@linux.vnet.ibm.com>
-
由 Eiichi Tsukata 提交于
bdrv_open_driver() allocates bs->opaque according to drv->instance_size. There is no need to allocate it and overwrite opaque in bdrv_backup_top_append(). Reproducer: $ QTEST_QEMU_BINARY=./x86_64-softmmu/qemu-system-x86_64 valgrind -q --leak-check=full tests/test-replication -p /replication/secondary/start ==29792== 24 bytes in 1 blocks are definitely lost in loss record 52 of 226 ==29792== at 0x483AB1A: calloc (vg_replace_malloc.c:762) ==29792== by 0x4B07CE0: g_malloc0 (in /usr/lib64/libglib-2.0.so.0.6000.7) ==29792== by 0x12BAB9: bdrv_open_driver (block.c:1289) ==29792== by 0x12BEA9: bdrv_new_open_driver (block.c:1359) ==29792== by 0x1D15CB: bdrv_backup_top_append (backup-top.c:190) ==29792== by 0x1CC11A: backup_job_create (backup.c:439) ==29792== by 0x1CD542: replication_start (replication.c:544) ==29792== by 0x1401B9: replication_start_all (replication.c:52) ==29792== by 0x128B50: test_secondary_start (test-replication.c:427) ... Fixes: 7df7868b ("block: introduce backup-top filter driver") Signed-off-by: NEiichi Tsukata <devel@etsukata.com> Reviewed-by: NVladimir Sementsov-Ogievskiy <vsementsov@virtuozzo.com> Signed-off-by: NKevin Wolf <kwolf@redhat.com> (cherry picked from commit fb574de8) Signed-off-by: NMichael Roth <mdroth@linux.vnet.ibm.com>
-
由 Cornelia Huck 提交于
If the kernel irqchip has been disabled, we don't want the {add,release}_adapter_routes routines to call any kvm_irqchip_* interfaces, as they may rely on an irqchip actually having been created. Just take a quick exit in that case instead. If you are trying to use irqfd without a kernel irqchip, we will fail with an error. Also initialize routes->gsi[] with -1 in the virtio-ccw handling, to make sure we don't trip over other errors, either. (Nobody else uses the gsi array in that structure.) Fixes: d426d9fb ("s390x/virtio-ccw: wire up irq routing and irqfds") Reviewed-by: NThomas Huth <thuth@redhat.com> Acked-by: NChristian Borntraeger <borntraeger@de.ibm.com> Message-Id: <20200117111147.5006-1-cohuck@redhat.com> Signed-off-by: NCornelia Huck <cohuck@redhat.com> (cherry picked from commit 3c5fd807) Signed-off-by: NMichael Roth <mdroth@linux.vnet.ibm.com>
-
由 Paolo Bonzini 提交于
Some read-only MSRs affect the behavior of ioctls such as KVM_SET_NESTED_STATE. We can initialize them once and for all right after the CPU is realized, since they will never be modified by the guest. Reported-by: NQingua Cheng <qcheng@redhat.com> Cc: qemu-stable@nongnu.org Signed-off-by: NPaolo Bonzini <pbonzini@redhat.com> Message-Id: <1579544504-3616-2-git-send-email-pbonzini@redhat.com> Signed-off-by: NPaolo Bonzini <pbonzini@redhat.com> (cherry picked from commit 420ae1fc) Signed-off-by: NMichael Roth <mdroth@linux.vnet.ibm.com>
-
由 Vincent Dehors 提交于
In the PAC computation, sbox was applied over wrong bits. As this is a 4-bit sbox, bit index should be incremented by 4 instead of 16. Test vector from QARMA paper (https://eprint.iacr.org/2016/444.pdf) was used to verify one computation of the pauth_computepac() function which uses sbox2. Launchpad: https://bugs.launchpad.net/bugs/1859713Reviewed-by: NRichard Henderson <richard.henderson@linaro.org> Signed-off-by: NVincent DEHORS <vincent.dehors@smile.fr> Signed-off-by: NAdrien GRASSEIN <adrien.grassein@smile.fr> Message-id: 20200116230809.19078-2-richard.henderson@linaro.org Reviewed-by: NPeter Maydell <peter.maydell@linaro.org> Signed-off-by: NPeter Maydell <peter.maydell@linaro.org> (cherry picked from commit de0b1bae) Signed-off-by: NMichael Roth <mdroth@linux.vnet.ibm.com>
-
由 Laurent Vivier 提交于
A regression that was introduced, with the refactor to TranslatorOps, drops two lines that update the PC when single-stepping is being performed. Fixes: 11ab74b0 ("target/m68k: Convert to TranslatorOps") Reported-by: NLucien Murray-Pitts <lucienmp_antispam@yahoo.com> Suggested-by: NLucien Murray-Pitts <lucienmp_antispam@yahoo.com> Suggested-by: NRichard Henderson <richard.henderson@linaro.org> Reviewed-by: NRichard Henderson <richard.henderson@linaro.org> Signed-off-by: NLaurent Vivier <laurent@vivier.eu> Message-Id: <20200116165454.2076265-1-laurent@vivier.eu> (cherry picked from commit 322f244a) Signed-off-by: NMichael Roth <mdroth@linux.vnet.ibm.com>
-
由 Gerd Hoffmann 提交于
This reverts commit de3f7de7. Remove VNC optimization to reencode framebuffer update as raw if it's smaller than the default encoding. QEMU's implementation was naive and didn't account for the ZLIB z_stream mutating with each compression. Because of the mutation, simply resetting the output buffer's offset wasn't sufficient to "rewind" the operation. The mutated z_stream would generate future zlib blocks which referred to symbols in past blocks which weren't sent. This would lead to artifacting. Considering that ZRLE is never larger than raw and even though ZLIB can occasionally be fractionally larger than raw, the overhead of implementing this optimization correctly isn't worth it. Signed-off-by: NCameron Esfahani <dirty@apple.com> Signed-off-by: NGerd Hoffmann <kraxel@redhat.com> (cherry picked from commit 0780ec7b) Signed-off-by: NMichael Roth <mdroth@linux.vnet.ibm.com>
-
由 Dr. David Alan Gilbert 提交于
When using hugepages, rate limiting is necessary within each huge page, since a 1G huge page can take a significant time to send, so you end up with bursty behaviour. Fixes: 4c011c37 ("postcopy: Send whole huge pages") Reported-by: NLin Ma <LMa@suse.com> Signed-off-by: NDr. David Alan Gilbert <dgilbert@redhat.com> Reviewed-by: NJuan Quintela <quintela@redhat.com> Reviewed-by: NPeter Xu <peterx@redhat.com> Signed-off-by: NJuan Quintela <quintela@redhat.com> (cherry picked from commit 97e1e067) Signed-off-by: NMichael Roth <mdroth@linux.vnet.ibm.com>
-
由 Laurent Vivier 提交于
Commit 1bd71dce tries to prevent a finishmigrate -> prelaunch transition by exiting at the beginning of the main_loop_should_exit() function if the state is already finishmigrate. As the finishmigrate state is set in the migration thread it can happen concurrently to the function. The migration thread and the function are normally protected by the iothread mutex and thus the state should no evolve between the start of the function and its end. Unfortunately during the function life the lock is released by pause_all_vcpus() just before the point we need to be sure we are not in finishmigrate state and if the migration thread is waiting for the lock it will take the opportunity to change the state to finishmigrate. The only way to be sure we are not in the finishmigrate state when we need is to check the state after the pause_all_vcpus() function. Fixes: 1bd71dce ("runstate: ignore exit request in finish migrate state") Signed-off-by: NLaurent Vivier <lvivier@redhat.com> Signed-off-by: NJuan Quintela <quintela@redhat.com> (cherry picked from commit ddad81bd) Signed-off-by: NMichael Roth <mdroth@linux.vnet.ibm.com>
-
由 Jeff Kubascik 提交于
The IL bit is set for 32-bit instructions, thus passing false with the is_16bit parameter to syn_data_abort_with_iss() makes a syn mask that always has the IL bit set. Pass is_16bit as true to make the initial syn mask have IL=0, so that the final IL value comes from or'ing template_syn. Cc: qemu-stable@nongnu.org Fixes: aaa1f954 ("target-arm: A64: Create Instruction Syndromes for Data Aborts") Signed-off-by: NJeff Kubascik <jeff.kubascik@dornerworks.com> Signed-off-by: NRichard Henderson <richard.henderson@linaro.org> Message-id: 20200117004618.2742-2-richard.henderson@linaro.org [rth: Extracted this as a self-contained bug fix from a larger patch] Signed-off-by: NRichard Henderson <richard.henderson@linaro.org> Reviewed-by: NPeter Maydell <peter.maydell@linaro.org> Signed-off-by: NPeter Maydell <peter.maydell@linaro.org> (cherry picked from commit 30d54483) Signed-off-by: NMichael Roth <mdroth@linux.vnet.ibm.com>
-
由 Laurent Vivier 提交于
Commit e51e711b has moved the initialization of start_address and end_address after the definition of the command line argument, where the nvramrc is initialized, and thus the loop is between 0 and 0 rather than 1 MiB and 100 MiB. It doesn't affect the result of the test if all the tests are run in sequence because the two first tests don't run the loop, so the values are correctly initialized when we actually need them. But it hangs when we ask to run only one test, for instance: QTEST_QEMU_BINARY=ppc64-softmmu/qemu-system-ppc64 \ tests/migration-test -m=quick -p /ppc64/migration/validate_uuid_error Fixes: e51e711b ("tests/migration: Add migration-test header file") Cc: wei@redhat.com Signed-off-by: NLaurent Vivier <lvivier@redhat.com> Message-Id: <20200107163437.52139-1-lvivier@redhat.com> Reviewed-by: NDr. David Alan Gilbert <dgilbert@redhat.com> Reviewed-by: NJuan Quintela <quintela@redhat.com> Acked-by: NDavid Gibson <david@gibson.dropbear.id.au> Signed-off-by: NThomas Huth <thuth@redhat.com> (cherry picked from commit 16c5c692) Conflicts: tests/migration-test.c *drop context dep. on 68d95609Signed-off-by: NMichael Roth <mdroth@linux.vnet.ibm.com>
-
由 Max Reitz 提交于
Sometimes it is useful to be able to add a node to the block graph that takes or unshare a certain set of permissions for debugging purposes. This patch adds this capability to blkdebug. (Note that you cannot make blkdebug release or share permissions that it needs to take or cannot share, because this might result in assertion failures in the block layer. But if the blkdebug node has no parents, it will not take any permissions and share everything by default, so you can then freely choose what permissions to take and share.) Signed-off-by: NMax Reitz <mreitz@redhat.com> Message-id: 20191108123455.39445-4-mreitz@redhat.com Reviewed-by: NVladimir Sementsov-Ogievskiy <vsementsov@virtuozzo.com> Signed-off-by: NMax Reitz <mreitz@redhat.com> (cherry picked from commit 69c6449f) Signed-off-by: NMichael Roth <mdroth@linux.vnet.ibm.com>
-
由 Max Reitz 提交于
We need some way to correlate QAPI BlockPermission values with BLK_PERM_* flags. We could: (1) have the same order in the QAPI definition as the the BLK_PERM_* flags are in LSb-first order. However, then there is no guarantee that they actually match (e.g. when someone modifies the QAPI schema without thinking of the BLK_PERM_* definitions). We could add static assertions, but these would break what’s good about this solution, namely its simplicity. (2) define the BLK_PERM_* flags based on the BlockPermission values. But this way whenever someone were to modify the QAPI order (perfectly sensible in theory), the BLK_PERM_* values would change. Because these values are used for file locking, this might break file locking between different qemu versions. Therefore, go the slightly more cumbersome way: Add a function to translate from the QAPI constants to the BLK_PERM_* flags. Signed-off-by: NMax Reitz <mreitz@redhat.com> Message-id: 20191108123455.39445-2-mreitz@redhat.com Reviewed-by: NVladimir Sementsov-Ogievskiy <vsementsov@virtuozzo.com> Signed-off-by: NMax Reitz <mreitz@redhat.com> (cherry picked from commit 7b1d9c4d) Signed-off-by: NMichael Roth <mdroth@linux.vnet.ibm.com>
-
由 Simon Veith 提交于
The smmuv3_record_event() function that generates the F_STE_FETCH error uses the EVT_SET_ADDR macro to record the fetch address, placing it in 32-bit words 4 and 5. The correct position for this address is in words 6 and 7, per the SMMUv3 Architecture Specification. Update the function to use the EVT_SET_ADDR2 macro instead, which is the macro intended for writing to these words. ref. ARM IHI 0070C, section 7.3.4. Signed-off-by: NSimon Veith <sveith@amazon.de> Acked-by: NEric Auger <eric.auger@redhat.com> Tested-by: NEric Auger <eric.auger@redhat.com> Message-id: 1576509312-13083-7-git-send-email-sveith@amazon.de Cc: Eric Auger <eric.auger@redhat.com> Cc: qemu-devel@nongnu.org Cc: qemu-arm@nongnu.org Acked-by: NEric Auger <eric.auger@redhat.com> Reviewed-by: NPeter Maydell <peter.maydell@linaro.org> Signed-off-by: NPeter Maydell <peter.maydell@linaro.org> (cherry picked from commit b255cafb) Signed-off-by: NMichael Roth <mdroth@linux.vnet.ibm.com>
-
由 Simon Veith 提交于
The bit offsets in the EVT_SET_ADDR2 macro do not match those specified in the ARM SMMUv3 Architecture Specification. In all events that use this macro, e.g. F_WALK_EABT, the faulting fetch address or IPA actually occupies the 32-bit words 6 and 7 in the event record contiguously, with the upper and lower unused bits clear due to alignment or maximum supported address bits. How many bits are clear depends on the individual event type. Update the macro to write to the correct words in the event record so that guest drivers can obtain accurate address information on events. ref. ARM IHI 0070C, sections 7.3.12 through 7.3.16. Signed-off-by: NSimon Veith <sveith@amazon.de> Acked-by: NEric Auger <eric.auger@redhat.com> Tested-by: NEric Auger <eric.auger@redhat.com> Message-id: 1576509312-13083-6-git-send-email-sveith@amazon.de Cc: Eric Auger <eric.auger@redhat.com> Cc: qemu-devel@nongnu.org Cc: qemu-arm@nongnu.org Acked-by: NEric Auger <eric.auger@redhat.com> Reviewed-by: NPeter Maydell <peter.maydell@linaro.org> Signed-off-by: NPeter Maydell <peter.maydell@linaro.org> (cherry picked from commit a7f65ceb) Signed-off-by: NMichael Roth <mdroth@linux.vnet.ibm.com>
-
由 Simon Veith 提交于
Per the specification, and as observed in hardware, the SMMUv3 aligns the SMMU_STRTAB_BASE address to the size of the table by masking out the respective least significant bits in the ADDR field. Apply this masking logic to our smmu_find_ste() lookup function per the specification. ref. ARM IHI 0070C, section 6.3.23. Signed-off-by: NSimon Veith <sveith@amazon.de> Acked-by: NEric Auger <eric.auger@redhat.com> Tested-by: NEric Auger <eric.auger@redhat.com> Message-id: 1576509312-13083-5-git-send-email-sveith@amazon.de Cc: Eric Auger <eric.auger@redhat.com> Cc: qemu-devel@nongnu.org Cc: qemu-arm@nongnu.org Reviewed-by: NPeter Maydell <peter.maydell@linaro.org> Signed-off-by: NPeter Maydell <peter.maydell@linaro.org> (cherry picked from commit 41678c33) Signed-off-by: NMichael Roth <mdroth@linux.vnet.ibm.com>
-
由 Simon Veith 提交于
When checking whether a stream ID is in range of the stream table, we have so far been only checking it against our implementation limit (SMMU_IDR1_SIDSIZE). However, the guest can program the STRTAB_BASE_CFG.LOG2SIZE field to a size that is smaller than this limit. Check the stream ID against this limit as well to match the hardware behavior of raising C_BAD_STREAMID events in case the limit is exceeded. Also, ensure that we do not go one entry beyond the end of the table by checking that its index is strictly smaller than the table size. ref. ARM IHI 0070C, section 6.3.24. Signed-off-by: NSimon Veith <sveith@amazon.de> Acked-by: NEric Auger <eric.auger@redhat.com> Tested-by: NEric Auger <eric.auger@redhat.com> Message-id: 1576509312-13083-4-git-send-email-sveith@amazon.de Cc: Eric Auger <eric.auger@redhat.com> Cc: qemu-devel@nongnu.org Cc: qemu-arm@nongnu.org Reviewed-by: NPeter Maydell <peter.maydell@linaro.org> Signed-off-by: NPeter Maydell <peter.maydell@linaro.org> (cherry picked from commit 05ff2fb8) Signed-off-by: NMichael Roth <mdroth@linux.vnet.ibm.com>
-
由 Simon Veith 提交于
There are two issues with the current value of SMMU_BASE_ADDR_MASK: - At the lower end, we are clearing bits [4:0]. Per the SMMUv3 spec, we should also be treating bit 5 as zero in the base address. - At the upper end, we are clearing bits [63:48]. Per the SMMUv3 spec, only bits [63:52] must be explicitly treated as zero. Update the SMMU_BASE_ADDR_MASK value to mask out bits [63:52] and [5:0]. ref. ARM IHI 0070C, section 6.3.23. Signed-off-by: NSimon Veith <sveith@amazon.de> Acked-by: NEric Auger <eric.auger@redhat.com> Tested-by: NEric Auger <eric.auger@redhat.com> Message-id: 1576509312-13083-3-git-send-email-sveith@amazon.de Cc: Eric Auger <eric.auger@redhat.com> Cc: qemu-devel@nongnu.org Cc: qemu-arm@nongnu.org Reviewed-by: NPeter Maydell <peter.maydell@linaro.org> Signed-off-by: NPeter Maydell <peter.maydell@linaro.org> (cherry picked from commit 3293b9f5) Signed-off-by: NMichael Roth <mdroth@linux.vnet.ibm.com>
-
由 Simon Veith 提交于
In the SMMU_STRTAB_BASE register, the stream table base address only occupies bits [51:6]. Other bits, such as RA (bit [62]), must be masked out to obtain the base address. The branch for 2-level stream tables correctly applies this mask by way of SMMU_BASE_ADDR_MASK, but the one for linear stream tables does not. Apply the missing mask in that case as well so that the correct stream base address is used by guests which configure a linear stream table. Linux guests are unaffected by this change because they choose a 2-level stream table layout for the QEMU SMMUv3, based on the size of its stream ID space. ref. ARM IHI 0070C, section 6.3.23. Signed-off-by: NSimon Veith <sveith@amazon.de> Acked-by: NEric Auger <eric.auger@redhat.com> Tested-by: NEric Auger <eric.auger@redhat.com> Message-id: 1576509312-13083-2-git-send-email-sveith@amazon.de Cc: Eric Auger <eric.auger@redhat.com> Cc: qemu-devel@nongnu.org Cc: qemu-arm@nongnu.org Acked-by: NEric Auger <eric.auger@redhat.com> Reviewed-by: NPeter Maydell <peter.maydell@linaro.org> Signed-off-by: NPeter Maydell <peter.maydell@linaro.org> (cherry picked from commit 3d44c605) Signed-off-by: NMichael Roth <mdroth@linux.vnet.ibm.com>
-
由 Cameron Esfahani 提交于
Fix memory leak in bochs_display_update(). Leaks 304 bytes per frame. Fixes: 33ebad54Signed-off-by: NCameron Esfahani <dirty@apple.com> Message-Id: <d6c26e68db134c7b0c7ce8b61596ca2e65e01e12.1576013209.git.dirty@apple.com> Reviewed-by: NPhilippe Mathieu-Daudé <philmd@redhat.com> Signed-off-by: NGerd Hoffmann <kraxel@redhat.com> (cherry picked from commit 0d82411d) Signed-off-by: NMichael Roth <mdroth@linux.vnet.ibm.com>
-
由 Cole Robinson 提交于
Trailing comma is not valid json: $ cat contrib/vhost-user-gpu/50-qemu-gpu.json.in | jq parse error: Expected another key-value pair at line 5, column 1 Signed-off-by: NCole Robinson <crobinso@redhat.com> Reviewed-by: NMarc-André Lureau <marcandre.lureau@redhat.com> Reviewed-by: NLi Qiang <liq3ea@gmail.com> Reviewed-by: NPhilippe Mathieu-Daudé <philmd@redhat.com> Message-id: 7f5dd2ac9f3504e2699f23e69bc3d8051b729832.1568925097.git.crobinso@redhat.com Signed-off-by: NGerd Hoffmann <kraxel@redhat.com> (cherry picked from commit ca26b032) Signed-off-by: NMichael Roth <mdroth@linux.vnet.ibm.com>
-
由 Max Reitz 提交于
There is no $SOCKDIR, only $SOCK_DIR. Fixes: f3923a72Signed-off-by: NMax Reitz <mreitz@redhat.com> Reviewed-by: NPhilippe Mathieu-Daudé <philmd@redhat.com> Signed-off-by: NKevin Wolf <kwolf@redhat.com> (cherry picked from commit eb4ea9aa) Signed-off-by: NMichael Roth <mdroth@linux.vnet.ibm.com>
-
由 Robert Foley 提交于
After freeing the logfilename, we set logfilename to NULL, in case of an error which returns without setting logfilename. Signed-off-by: NRobert Foley <robert.foley@linaro.org> Reviewed-by: NAlex Bennée <alex.bennee@linaro.org> Signed-off-by: NAlex Bennée <alex.bennee@linaro.org> Message-Id: <20191118211528.3221-2-robert.foley@linaro.org> (cherry picked from commit 0f516ca4) Signed-off-by: NMichael Roth <mdroth@linux.vnet.ibm.com>
-
由 Han Han 提交于
This reverts commit bbd9e698. In 20a19220 we allowed reboot-timeout=-1 again, so update the doc accordingly. Signed-off-by: NHan Han <hhan@redhat.com> Reviewed-by: NMarkus Armbruster <armbru@redhat.com> Message-Id: <20191205024821.245435-1-hhan@redhat.com> Signed-off-by: NLaurent Vivier <laurent@vivier.eu> (cherry picked from commit 8937a39d) Signed-off-by: NMichael Roth <mdroth@linux.vnet.ibm.com>
-
由 Max Reitz 提交于
data_file does not work with v2, and we probably want 026 to keep working for v2 images. Thus, open a new file for v3-exclusive error path test cases. Fixes: 81311255 (“iotests/026: Test EIO on allocation in a data-file”) Signed-off-by: NMax Reitz <mreitz@redhat.com> Message-Id: <20200311140707.1243218-1-mreitz@redhat.com> Reviewed-by: NJohn Snow <jsnow@redhat.com> Tested-by: NJohn Snow <jsnow@redhat.com> Signed-off-by: NMax Reitz <mreitz@redhat.com> (cherry picked from commit c264e5d2) Conflicts: tests/qemu-iotests/group Signed-off-by: NMichael Roth <mdroth@linux.vnet.ibm.com>
-
由 Finn Thain 提交于
A portion of a recent patch got lost due to a merge snafu. That patch is now commit 88f632fb ("dp8393x: Mask EOL bit from descriptor addresses"). This patch restores the portion that got lost. Signed-off-by: NFinn Thain <fthain@telegraphics.com.au> Reviewed-by: NLaurent Vivier <laurent@vivier.eu> Reviewed-by: NPhilippe Mathieu-Daudé <philmd@redhat.com> Message-Id: <alpine.LNX.2.22.394.2003041421280.12@nippy.intranet> Signed-off-by: NLaurent Vivier <laurent@vivier.eu> (cherry picked from commit a0cf4297) Conflicts: hw/net/dp8393x.c *drop context dep. on 19f70347Signed-off-by: NMichael Roth <mdroth@linux.vnet.ibm.com>
-