Select Git revision
Search by author
- Any Author
- authors
-
Adrien Ricciardi
RICCIARDI-Adrien-BayLibre
-
Alexandre Bailon abailon
-
Andrew Stubbs
ams
-
Anne Françoise Gros afgros
-
BayLibreCI baylibreCI
-
Bernhard Rosenkränzer
bero
-
Carlo Caione carlo.caione
-
Christophe Baylibre
BLChristopheCBO
-
Drew Fustini dfustini
-
Guillaume LA ROQUE glaroque
-
Guillaume Pain gpain
-
Guillaume Ranquet granquet
-
Jeremy Robinson jrobinson
-
Jerome Brunet
jbrunet
-
Julien Masson
JulienMasson
-
Julien Morin
jmorin2
-
Julien Stephan jstephan
-
Jérémie Garcia jgarcia
-
Kevin Hilman khilman
-
Markus Schneider-Pargmann msp8
- Mar 10, 2015
-
-
Michael Roth authored
Signed-off-by:Michael Roth <mdroth@linux.vnet.ibm.com>
-
- Mar 09, 2015
-
-
Kevin Wolf authored
If total_sectors is rounded to match the geometry, total_size needs to be changed as well. Otherwise we end up with an image whose geometry describes a disk larger than the image file, which doesn't end well. Signed-off-by:
Kevin Wolf <kwolf@redhat.com> Reviewed-by:
Max Reitz <mreitz@redhat.com> (cherry picked from commit c7dd631d482912fd615a9ef18a0e0691e7a84836) Signed-off-by:
-
Kevin Wolf authored
Instead of using the same function for entering and exiting coroutines, and hoping that it doesn't add any functionality that hurts with the parameters used for exiting, we can just directly call into the real task switch in qemu_coroutine_switch(). This fixes a use-after-free scenario where reentering a coroutine that has yielded still accesses the old parent coroutine (which may have meanwhile terminated) in the part of coroutine_swap() that follows qemu_coroutine_switch(). Cc: qemu-stable@nongnu.org Signed-off-by:
Paolo Bonzini <pbonzini@redhat.com> (cherry picked from commit 80687b4dd6f43b3fef61fef8fbcb358457350562) Signed-off-by:
-
Michael Roth authored
Previous patch pc: acpi: fix WindowsXP BSOD when memory hotplug is enabled changed DSDT, update hex files for non-iasl builds. Signed-off-by: -
Michael Roth authored
Previous patch pc: acpi: fix WindowsXP BSOD when memory hotplug is enabled changed DSDT, update expected test files. Signed-off-by: -
Igor Mammedov authored
ACPI parser in XP considers PNP0A06 devices of CPU and memory hotplug as duplicates. Adding unique _UID to CPU hotplug device fixes BSOD. Cc: qemu-stable@nongnu.org Signed-off-by:
Igor Mammedov <imammedo@redhat.com> Reviewed-by:
Michael S. Tsirkin <mst@redhat.com> Signed-off-by:
-
Stefano Stabellini authored
Increase maxmem before calling xc_domain_populate_physmap_exact to avoid the risk of running out of guest memory. This way we can also avoid complex memory calculations in libxl at domain construction time. This patch fixes an abort() when assigning more than 4 NICs to a VM. Signed-off-by:
Stefano Stabellini <stefano.stabellini@eu.citrix.com> Signed-off-by:
Don Slutz <dslutz@verizon.com> (cherry picked from commit c1d322e6) Signed-off-by:
-
Eduardo Habkost authored
This was the only caller of cpu_init() that was not checking for NULL yet. Reviewed-by:
Eduardo Habkost <ehabkost@redhat.com> (cherry picked from commit 696da41b) Conflicts: linux-user/main.c *removed context dependency on ec53b45b Signed-off-by:
-
Jun Li authored
Currently when *obj is not a TYPE_DEVICE, QEMU will abort. This patch fixes it. When *obj is not a TYPE_DEVICE, just do not add it to hotpluggable device list. This patch also fixes the following issue: 1. boot QEMU using cli: $ /opt/qemu-git-arm/bin/qemu-system-x86_64 -monitor stdio -enable-kvm \ -device virtio-scsi-pci,id=scsi0 2. device_del scsi0 via hmp using tab key(first input device_del, then press "Tab" key). (qemu) device_del After step 2, QEMU will abort. (qemu) device_del hw/core/qdev.c:930:qdev_build_hotpluggable_device_list: Object 0x5555563a2460 is not an instance of type device Signed-off-by:
Jun Li <junmuzi@gmail.com> Reviewed-by:
Andreas Färber <afaerber@suse.de> (cherry picked from commit 09d56017) Signed-off-by:
-
- Mar 02, 2015
-
-
Paolo Bonzini authored
The wait_for_sipi field is set back to 1 after an INIT, so it was not effective to reset it in kvm_apic_realize. Introduce a reset callback and reset wait_for_sipi there. Reported-by:
Dr. David Alan Gilbert <dgilbert@redhat.com> Signed-off-by:
-
Leon Alrae authored
Recently added CP0.BadInstr and CP0.BadInstrP registers ended up in cpu_load() under different offset than in cpu_save(). These and all registers between were incorrectly restored. Signed-off-by:
Leon Alrae <leon.alrae@imgtec.com> (cherry picked from commit b40a1530) Signed-off-by:
-
Gerd Hoffmann authored
Anton D. Kachalov (1): [intel] Add 8086:1557 card (Intel 82599 10G ethernet mezz) Christian Hesse (1): [build] Merge util/geniso and util/genliso Curtis Larsen (3): [efi] Use EFI_CONSOLE_CONTROL_PROTOCOL to set text mode if available [efi] Report errors from attempting to disconnect existing drivers [efi] Try various possible SNP receive filters Dale Hamel (1): [smbios] Expose board serial number as ${board-serial} Florian Schmaus (1): [build] Set GITVERSION only if there is a git repository Hannes Reinecke (3): [ethernet] Provide eth_random_addr() to generate random Ethernet addresses [igbvf] Assign random MAC address if none is set [igbvf] Allow changing of MAC address Jan Kiszka (1): [intel] Add I217-LM PCI ID Marin Hannache (4): [nfs] Fix an invalid free() when loading a symlink [nfs] Fix an invalid free() when loading a regular (non-symlink) file [nfs] Rewrite NFS URI handling [readline] Add CTRL-W shortcut to remove a word Michael Brown (144): [profile] Allow interrupts to be excluded from profiling results [intel] Exclude time spent in hypervisor from profiling [build] Fix version.o dependency upon git index [tcp] Defer sending ACKs until all received packets have been processed [lkrnprefix] Function as a bzImage kernel [build] Avoid errors when build directory is mounted via NFS [undi] Apply quota only to number of complete received packets [lkrnprefix] Make real-mode setup code relocatable [intel] Increase receive ring fill level [syslog] Strip invalid characters from hostname [test] Add self-tests for strdup() [libc] Prevent strndup() from reading beyond the end of the string [efi] Allow for optional protocols [efi] Make EFI_DEVICE_PATH_TO_TEXT_PROTOCOL optional [efi] Make EFI_HII_DATABASE_PROTOCOL optional [efi] Do not try to fetch loaded image device path protocol [ipv6] Fix definition of IN6_IS_ADDR_LINKLOCAL() [dhcpv6] Do not set sin6_scope_id on the unspecified client socket address [ipv6] Do not set sin6_scope_id on source address [ipv6] Include network device when transcribing multicast addresses [ipv6] Avoid potentially copying from a NULL pointer in ipv6_tx() [librm] Allow for the PIC interrupt vector offset to be changed [ifmgmt] Do not sleep CPU while configuring network devices [scsi] Improve sense code parsing [iscsi] Read IPv4 settings only from the relevant network device [iscsi] Include IP address origin in iBFT [debug] Allow debug message colours to be customised via DBGCOL=... [build] Expose build timestamp, build name, and product names [efi] Allow device paths to be easily included in debug messages [efi] Provide a meaningful EFI SNP device name [efi] Restructure EFI driver model [build] Fix erroneous object name in version object [build] Add yet another potential location for isolinux.bin [efi] Allow network devices to be created on top of arbitrary SNP devices [autoboot] Allow autoboot device to be identified by link-layer address [efi] Identify autoboot device by MAC address when chainloading [efi] Attempt to start only drivers claiming support for a device [efi] Rewrite SNP NIC driver [efi] Include SNP NIC driver within the all-drivers target [crypto] Add support for iPAddress subject alternative names [crypto] Fix debug message [netdevice] Reset network device index when last device is unregistered [efi] Update EDK2 headers [efi] Install our own disk I/O protocol and claim exclusive use of it [efi] Allow for interception of boot services calls by loaded image [efi] Print well-known GUIDs by name in debug messages [efi] Include EFI_CONSOLE_CONTROL_PROTOCOL header [ioapi] Fail ioremap() when attempting to map a zero bus address [intel] Check for ioremap() failures [realtek] Check for ioremap() failures [vmxnet3] Check for ioremap() failures [skel] Check for ioremap() failures [myson] Check for ioremap() failures [natsemi] Check for ioremap() failures [i386] Add functions to read and write model-specific registers [x86_64] Add functions to read and write model-specific registers [efi] Show more diagnostic information when building with DEBUG=efi_wrap [ioapi] Centralise notion of PAGE_SIZE [lotest] Discard packets arriving on the incorrect network device [xen] Import selected public headers [xen] Add basic support for PV-HVM domains [xen] Add support for Xen netfront virtual NICs [efi] Default to releasing network devices for use via SNP [efi] Unload started images only on failure [efi] Fill in loaded image's DeviceHandle if firmware fails to do so [efi] Fix incorrect debug message level when device has no device path [efi] Report exact failure when unable to open the device path [netdevice] Avoid registering duplicate network devices [efi] Ignore failures when attempting to install SNP HII protocol [efi] Expand the range of well-known EFI GUIDs in debug messages [efi] Provide efi_handle_name() for debugging [efi] Add ability to dump all openers of a given protocol on a handle [efi] Use efi_handle_name() instead of efi_handle_devpath_text() [efi] Use efi_handle_name() instead of efi_devpath_text() where applicable [efi] Allow compiler to perform type checks on EFI_HANDLE [efi] Avoid unnecessarily passing pointers to EFI_HANDLEs [efi] Dump existing openers when we are unable to open a protocol [efi] Dump handle information around connect/disconnect attempts [efi] Improve debugging of the debugging facilities [efi] Add excessive sanity checks into efi_debug functions [efi] Also try original ComponentName protocol for retrieving driver names [efi] Print raw device path when we have no DevicePathToTextProtocol [efi] Add ability to dump SNP device mode information [efi] Reset multicast filter list when setting SNP receive filters [efi] Provide centralised definitions of commonly-used GUIDs [efi] Open device path protocol only at point of use [efi] Move abstract device path and handle functions to efi_utils.c [efi] Generalise snpnet_pci_info() to efi_locate_device() [bios] Support displaying and hiding cursor [efi] Support displaying and hiding cursor [readline] Ensure cursor is visible when prompting for input [xen] Accept alternative Xen platform PCI device ID 5853:0002 [xen] Use version 1 grant tables by default [xen] Cope with unexpected initial backend states [smc9000] Avoid using CONFIG as a preprocessor macro [build] Allow for named configurations at build time [intel] Display PBS value when applying ICH errata workaround [intel] Display before and after values for both PBS and PBA [intel] Apply PBS/PBA errata workaround only to ICH8 PCI device IDs [efi] Add definitions of GUIDs observed during Windows boot [efi] Dump details of any calls to our dummy block and disk I/O protocols [romprefix] Do not preserve unused register %di [build] Remove obsolete references to .zrom build targets [build] Allow ISA ROMs to be built [build] Avoid deleting config header files if build is interrupted [prefix] Halt system without burning CPU if we cannot access the payload [prefix] Report both %esi and %ecx when opening payload fails [util] Use PCI length field to obtain length of individual images [mromprefix] Use PCI length field to obtain length of individual images [mromprefix] Allow for .mrom images larger than 128kB [efi] Show details of intercepted LoadImage() calls [efi] Make our virtual file system case insensitive [efi] Wrap any images loaded by our wrapped image [efi] Use the SNP protocol instance to match the SNP chainloading device [efi] Avoid returning uninitialised data from PCI configuration space reads [efi] Make EFI_PCI_ROOT_BRIDGE_IO_PROTOCOL optional [efi] Allow for non-PCI snpnet devices [build] Clean up all binary directories on "make [very]clean" [efi] Add efifatbin utility [efi] Provide dummy device path in efi_image_probe() [dhcp] Check for matching chaddr in received DHCP packets [dhcp] Remove obsolete dhcp_chaddr() function [build] Use -malign-double to build 32-bit UEFI binaries [efi] Centralise definitions of more protocol GUIDs [efi] Add definitions of GUIDs observed when chainloading from Intel driver [efi] Free transmit ring entry before calling netdev_tx_complete() [efi] Generalise snpnet_dev_info() to efi_device_info() [efi] Update to current EDK2 headers [efi] Add NII / UNDI driver [efi] Check for presence of UNDI in NII protocol [efi] Include NII driver within "snp" and "snponly" build targets [ping] Report timed-out pings via the callback function [ping] Allow termination after a specified number of packets [ping] Allow "ping" command output to be inhibited [intel] Use autoloaded MAC address instead of EEPROM MAC address [crypto] Fix parsing of OCSP responder ID key hash [vmxnet3] Add profiling code to exclude time spent in the hypervisor [netdevice] Fix erroneous use of free(iobuf) instead of free_iob(iobuf) [libc] Add ASSERTED macro to test if any assertion has triggered [list] Add sanity checks after list-adding functions [malloc] Tidy up debug output [malloc] Sanity check parameters to alloc_memblock() and free_memblock() [malloc] Check integrity of free list [malloc] Report caller address as soon as memory corruption is detected Peter Lemenkov (1): [build] Check if git index actually exists Robin Smidsrød (2): [build] Add named configuration for VirtualBox [build] Avoid using embedded script in VirtualBox named configuration Sven Ulland (1): [lacp] Set "aggregatable" flag in response LACPDU Signed-off-by:Gerd Hoffmann <kraxel@redhat.com> (cherry picked from commit c246cee4) Signed-off-by:
-
- Feb 24, 2015
-
-
Paolo Bonzini authored
In QEMU 2.2 the exception_index value was added to the migration stream through a subsection. The default was set to 0, which is wrong and should have been -1. However, 2.2 does not have commit e511b4d7 (cpu-exec: reset exception_index correctly, 2014-11-26), hence in 2.2 the exception_index is never used and is set to -1 on the next call to cpu_exec. So we can change the migration stream to make the default -1. The effects are: - 2.2.1 -> 2.2.0: cpu->exception_index set incorrectly to 0 if it were -1 on the source; then reset to -1 in cpu_exec. This is TCG only; KVM does not use exception_index. - 2.2.0 -> 2.2.1: cpu->exception_index set incorrectly to -1 if it were 0 on the source; but it would be reset to -1 in cpu_exec anyway. This is TCG only; KVM does not use exception_index. - 2.2.1 -> 2.1: two bugs fixed: 1) can migrate backwards if cpu->exception_index is set to -1; 2) should not migrate backwards (but 2.2.0 allows it) if cpu->exception_index is set to 0 - 2.2.0 -> 2.3.0: 2.2.0 will send the subsection unnecessarily if exception_index is -1, but that is not a problem. 2.3.0 will set cpu->exception_index to -1 if it is 0 on the source, but this would be anyway a problem for 2.2.0 -> 2.2.x migration (due to lack of commit e511b4d7 in 2.2.x) so we can ignore it - 2.2.1 -> 2.3.0: everything works. In addition, play it safe and never send the subsection unless TCG is in use. KVM does not use exception_index (PPC KVM stores values in it for use in the subsequent call to ppc_cpu_do_interrupt, but does not need it as soon as kvm_handle_debug returns). Xen and qtest do not run any code for the CPU at all. Reported-by:
Laurent Desnogues <laurent.desnogues@gmail.com> Tested-by:
Peter Maydell <peter.maydell@linaro.org> (cherry picked from commit adee6424) Signed-off-by:
-
Fam Zheng authored
qemu_clock_run_timers() only takes care of main_loop_tlg, we shouldn't forget aio timer list groups. Currently, the qemu_clock_deadline_ns_all (a few lines above) counts all the timergroups of this clock type, including aio tlg, but we don't fire them, so they are never cleared, which makes a dead loop. For example, this function hangs when trying to drive throttled block request queue with qtest clock_step. Signed-off-by:
Fam Zheng <famz@redhat.com> Acked-by:
Stefan Hajnoczi <stefanha@redhat.com> (cherry picked from commit efef88b3) Signed-off-by:
-
Peter Wu authored
'ret' was never initialized in the success path. Signed-off-by:
Peter Wu <peter@lekensteyn.nl> Signed-off-by:
-
Zhang Haoyu authored
fix mc146818rtc wrong subsection name to avoid vmstate_subsection_load() fail during incoming migration or loadvm. Signed-off-by:
Zhang Haoyu <zhanghy@sangfor.com.cn> Reviewed-by:
Juan Quintela <quintela@redhat.com> (cherry picked from commit bb426311) Signed-off-by:
-
Daniel P. Berrangé authored
Building QEMU results in a libcacard.so that links against practically the entire world linux-vdso.so.1 => (0x00007fff71e99000) libssl3.so => /usr/lib64/libssl3.so (0x00007f49f94b6000) libsmime3.so => /usr/lib64/libsmime3.so (0x00007f49f928e000) libnss3.so => /usr/lib64/libnss3.so (0x00007f49f8f67000) libnssutil3.so => /usr/lib64/libnssutil3.so (0x00007f49f8d3b000) libplds4.so => /usr/lib64/libplds4.so (0x00007f49f8b36000) libplc4.so => /usr/lib64/libplc4.so (0x00007f49f8931000) libnspr4.so => /usr/lib64/libnspr4.so (0x00007f49f86f2000) libdl.so.2 => /usr/lib64/libdl.so.2 (0x00007f49f84ed000) libm.so.6 => /usr/lib64/libm.so.6 (0x00007f49f81e5000) libgthread-2.0.so.0 => /usr/lib64/libgthread-2.0.so.0 (0x00007f49f7fe3000) librt.so.1 => /usr/lib64/librt.so.1 (0x00007f49f7dda000) libz.so.1 => /usr/lib64/libz.so.1 (0x00007f49f7bc4000) libcap-ng.so.0 => /usr/lib64/libcap-ng.so.0 (0x00007f49f79be000) libuuid.so.1 => /usr/lib64/libuuid.so.1 (0x00007f49f77b8000) libgnutls.so.28 => /usr/lib64/libgnutls.so.28 (0x00007f49f749a000) libSDL-1.2.so.0 => /usr/lib64/libSDL-1.2.so.0 (0x00007f49f71fd000) libpthread.so.0 => /usr/lib64/libpthread.so.0 (0x00007f49f6fe0000) libvte.so.9 => /usr/lib64/libvte.so.9 (0x00007f49f6d3f000) libXext.so.6 => /usr/lib64/libXext.so.6 (0x00007f49f6b2d000) libgtk-x11-2.0.so.0 => /usr/lib64/libgtk-x11-2.0.so.0 (0x00007f49f64a0000) libgdk-x11-2.0.so.0 => /usr/lib64/libgdk-x11-2.0.so.0 (0x00007f49f61de000) libpangocairo-1.0.so.0 => /usr/lib64/libpangocairo-1.0.so.0 (0x00007f49f5fd1000) libatk-1.0.so.0 => /usr/lib64/libatk-1.0.so.0 (0x00007f49f5daa000) libcairo.so.2 => /usr/lib64/libcairo.so.2 (0x00007f49f5a9d000) libgdk_pixbuf-2.0.so.0 => /usr/lib64/libgdk_pixbuf-2.0.so.0 (0x00007f49f5878000) libgio-2.0.so.0 => /usr/lib64/libgio-2.0.so.0 (0x00007f49f5500000) libpangoft2-1.0.so.0 => /usr/lib64/libpangoft2-1.0.so.0 (0x00007f49f52eb000) libpango-1.0.so.0 => /usr/lib64/libpango-1.0.so.0 (0x00007f49f50a0000) libgobject-2.0.so.0 => /usr/lib64/libgobject-2.0.so.0 (0x00007f49f4e4e000) libglib-2.0.so.0 => /usr/lib64/libglib-2.0.so.0 (0x00007f49f4b15000) libfontconfig.so.1 => /usr/lib64/libfontconfig.so.1 (0x00007f49f48d6000) libfreetype.so.6 => /usr/lib64/libfreetype.so.6 (0x00007f49f462b000) libX11.so.6 => /usr/lib64/libX11.so.6 (0x00007f49f42e8000) libxenstore.so.3.0 => /usr/lib64/libxenstore.so.3.0 (0x00007f49f40de000) libxenctrl.so.4.4 => /usr/lib64/libxenctrl.so.4.4 (0x00007f49f3eb6000) libxenguest.so.4.4 => /usr/lib64/libxenguest.so.4.4 (0x00007f49f3c8b000) libseccomp.so.2 => /usr/lib64/libseccomp.so.2 (0x00007f49f3a74000) librdmacm.so.1 => /usr/lib64/librdmacm.so.1 (0x00007f49f385d000) libibverbs.so.1 => /usr/lib64/libibverbs.so.1 (0x00007f49f364a000) libutil.so.1 => /usr/lib64/libutil.so.1 (0x00007f49f3447000) libc.so.6 => /usr/lib64/libc.so.6 (0x00007f49f3089000) /lib64/ld-linux-x86-64.so.2 (0x00007f49f9902000) libp11-kit.so.0 => /usr/lib64/libp11-kit.so.0 (0x00007f49f2e23000) libtspi.so.1 => /usr/lib64/libtspi.so.1 (0x00007f49f2bb2000) libtasn1.so.6 => /usr/lib64/libtasn1.so.6 (0x00007f49f299f000) libnettle.so.4 => /usr/lib64/libnettle.so.4 (0x00007f49f276d000) libhogweed.so.2 => /usr/lib64/libhogweed.so.2 (0x00007f49f2545000) libgmp.so.10 => /usr/lib64/libgmp.so.10 (0x00007f49f22cd000) libncurses.so.5 => /usr/lib64/libncurses.so.5 (0x00007f49f20a5000) libtinfo.so.5 => /usr/lib64/libtinfo.so.5 (0x00007f49f1e7a000) libgmodule-2.0.so.0 => /usr/lib64/libgmodule-2.0.so.0 (0x00007f49f1c76000) libXfixes.so.3 => /usr/lib64/libXfixes.so.3 (0x00007f49f1a6f000) libXrender.so.1 => /usr/lib64/libXrender.so.1 (0x00007f49f1865000) libXinerama.so.1 => /usr/lib64/libXinerama.so.1 (0x00007f49f1662000) libXi.so.6 => /usr/lib64/libXi.so.6 (0x00007f49f1452000) libXrandr.so.2 => /usr/lib64/libXrandr.so.2 (0x00007f49f1247000) libXcursor.so.1 => /usr/lib64/libXcursor.so.1 (0x00007f49f103c000) libXcomposite.so.1 => /usr/lib64/libXcomposite.so.1 (0x00007f49f0e39000) libXdamage.so.1 => /usr/lib64/libXdamage.so.1 (0x00007f49f0c35000) libharfbuzz.so.0 => /usr/lib64/libharfbuzz.so.0 (0x00007f49f09dd000) libpixman-1.so.0 => /usr/lib64/libpixman-1.so.0 (0x00007f49f072f000) libEGL.so.1 => /usr/lib64/libEGL.so.1 (0x00007f49f0505000) libpng16.so.16 => /usr/lib64/libpng16.so.16 (0x00007f49f02d2000) libxcb-shm.so.0 => /usr/lib64/libxcb-shm.so.0 (0x00007f49f00cd000) libxcb-render.so.0 => /usr/lib64/libxcb-render.so.0 (0x00007f49efec3000) libxcb.so.1 => /usr/lib64/libxcb.so.1 (0x00007f49efca1000) libGL.so.1 => /usr/lib64/libGL.so.1 (0x00007f49efa06000) libffi.so.6 => /usr/lib64/libffi.so.6 (0x00007f49ef7fe000) libselinux.so.1 => /usr/lib64/libselinux.so.1 (0x00007f49ef5d8000) libresolv.so.2 => /usr/lib64/libresolv.so.2 (0x00007f49ef3be000) libexpat.so.1 => /usr/lib64/libexpat.so.1 (0x00007f49ef193000) libbz2.so.1 => /usr/lib64/libbz2.so.1 (0x00007f49eef83000) libgcc_s.so.1 => /usr/lib64/libgcc_s.so.1 (0x00007f49eed6c000) liblzma.so.5 => /usr/lib64/liblzma.so.5 (0x00007f49eeb46000) libnl-route-3.so.200 => /usr/lib64/libnl-route-3.so.200 (0x00007f49ee8e2000) libnl-3.so.200 => /usr/lib64/libnl-3.so.200 (0x00007f49ee6c4000) libcrypto.so.10 => /usr/lib64/libcrypto.so.10 (0x00007f49ee2d6000) libssl.so.10 => /usr/lib64/libssl.so.10 (0x00007f49ee067000) libgraphite2.so.3 => /usr/lib64/libgraphite2.so.3 (0x00007f49ede48000) libX11-xcb.so.1 => /usr/lib64/libX11-xcb.so.1 (0x00007f49edc46000) libxcb-dri2.so.0 => /usr/lib64/libxcb-dri2.so.0 (0x00007f49eda41000) libxcb-xfixes.so.0 => /usr/lib64/libxcb-xfixes.so.0 (0x00007f49ed838000) libxcb-shape.so.0 => /usr/lib64/libxcb-shape.so.0 (0x00007f49ed634000) libgbm.so.1 => /usr/lib64/libgbm.so.1 (0x00007f49ed426000) libwayland-client.so.0 => /usr/lib64/libwayland-client.so.0 (0x00007f49ed217000) libwayland-server.so.0 => /usr/lib64/libwayland-server.so.0 (0x00007f49ed005000) libglapi.so.0 => /usr/lib64/libglapi.so.0 (0x00007f49ecddb000) libdrm.so.2 => /usr/lib64/libdrm.so.2 (0x00007f49ecbce000) libXau.so.6 => /usr/lib64/libXau.so.6 (0x00007f49ec9ca000) libxcb-glx.so.0 => /usr/lib64/libxcb-glx.so.0 (0x00007f49ec7b0000) libxcb-dri3.so.0 => /usr/lib64/libxcb-dri3.so.0 (0x00007f49ec5ad000) libxcb-present.so.0 => /usr/lib64/libxcb-present.so.0 (0x00007f49ec3aa000) libxcb-randr.so.0 => /usr/lib64/libxcb-randr.so.0 (0x00007f49ec19b000) libxcb-sync.so.1 => /usr/lib64/libxcb-sync.so.1 (0x00007f49ebf94000) libxshmfence.so.1 => /usr/lib64/libxshmfence.so.1 (0x00007f49ebd91000) libXxf86vm.so.1 => /usr/lib64/libXxf86vm.so.1 (0x00007f49ebb8a000) libpcre.so.1 => /usr/lib64/libpcre.so.1 (0x00007f49eb91d000) libgssapi_krb5.so.2 => /usr/lib64/libgssapi_krb5.so.2 (0x00007f49eb6cf000) libkrb5.so.3 => /usr/lib64/libkrb5.so.3 (0x00007f49eb3ec000) libcom_err.so.2 => /usr/lib64/libcom_err.so.2 (0x00007f49eb1e8000) libk5crypto.so.3 => /usr/lib64/libk5crypto.so.3 (0x00007f49eafb4000) libkrb5support.so.0 => /usr/lib64/libkrb5support.so.0 (0x00007f49eada5000) libkeyutils.so.1 => /usr/lib64/libkeyutils.so.1 (0x00007f49eaba0000) All libcacard actually needs are the NSS libs. Linking against the entire world is a regression caused by commit 9d171bd9 Author: Michael Tokarev <mjt@tls.msk.ru> Date: Thu May 8 16:48:27 2014 +0400 libcacard: remove libcacard-specific CFLAGS and LIBS from global vars Which removed the setting of the LIBS variable in libcacard/Makefile. Adding it back as an empty assignment brings the linked libs back to a more reasonable set linux-vdso.so.1 => (0x00007fff575c1000) libssl3.so => /usr/lib64/libssl3.so (0x00007f7f753b1000) libsmime3.so => /usr/lib64/libsmime3.so (0x00007f7f75189000) libnss3.so => /usr/lib64/libnss3.so (0x00007f7f74e62000) libnssutil3.so => /usr/lib64/libnssutil3.so (0x00007f7f74c36000) libplds4.so => /usr/lib64/libplds4.so (0x00007f7f74a31000) libplc4.so => /usr/lib64/libplc4.so (0x00007f7f7482c000) libnspr4.so => /usr/lib64/libnspr4.so (0x00007f7f745ed000) libpthread.so.0 => /usr/lib64/libpthread.so.0 (0x00007f7f743d0000) libdl.so.2 => /usr/lib64/libdl.so.2 (0x00007f7f741cc000) libgthread-2.0.so.0 => /usr/lib64/libgthread-2.0.so.0 (0x00007f7f73fca000) libglib-2.0.so.0 => /usr/lib64/libglib-2.0.so.0 (0x00007f7f73c90000) libc.so.6 => /usr/lib64/libc.so.6 (0x00007f7f738d3000) libz.so.1 => /usr/lib64/libz.so.1 (0x00007f7f736bd000) librt.so.1 => /usr/lib64/librt.so.1 (0x00007f7f734b4000) /lib64/ld-linux-x86-64.so.2 (0x00007f7f757fd000) Signed-off-by:
Daniel P. Berrange <berrange@redhat.com> Cc: <qemu-stable@nongnu.org> Reviewed-by:
Michael Tokarev <mjt@tls.msk.ru> (cherry picked from commit b41112c4) Signed-off-by:
-
Paolo Bonzini authored
This had a possible deadlock that was visible with rcutorture. qemu_event_set qemu_event_wait ---------------------------------------------------------------- cmpxchg reads FREE, writes BUSY futex_wait: pthread_mutex_lock futex_wait: value == BUSY xchg reads BUSY, writes SET futex_wake: pthread_cond_broadcast futex_wait: pthread_cond_wait <deadlock> The fix is simply to avoid condvar tricks and do the obvious locking around pthread_cond_broadcast: qemu_event_set qemu_event_wait ---------------------------------------------------------------- cmpxchg reads FREE, writes BUSY futex_wait: pthread_mutex_lock futex_wait: value == BUSY xchg reads BUSY, writes SET futex_wake: pthread_mutex_lock (blocks) futex_wait: pthread_cond_wait (mutex unlocked) futex_wake: pthread_cond_broadcast futex_wake: pthread_mutex_unlock futex_wait: pthread_mutex_unlock Cc: qemu-stable@nongnu.org Signed-off-by: -
Alex Williamson authored
Commit d8d95814 added explicit object_unparent() calls for dynamically allocated MemoryRegions. The VFIOMSIXInfo structure also contains such a MemoryRegion, covering the mmap'd region of a PCI BAR above the MSI-X table. This structure is freed as part of the class exit function and therefore also needs an explicit object_unparent(). Failing to do this results in random segfaults due to fields within the structure, often the class pointer, being reclaimed and corrupted by the time object_finalize_child_property() is called for the object. Signed-off-by:
Alex Williamson <alex.williamson@redhat.com> Reviewed-by:
-
- Feb 23, 2015
-
-
Peter Maydell authored
The LDT/STT (load/store unprivileged) instruction decode was using the wrong MMU index value. This meant that instead of these insns being "always access as if user-mode regardless of current privilege" they were "always access as if kernel-mode regardless of current privilege". This went unnoticed because AArch64 Linux doesn't use these instructions. Cc: qemu-stable@nongnu.org Signed-off-by:
Greg Bellows <greg.bellows@linaro.org> Reviewed-by:
Edgar E. Iglesias <edgar.iglesias@xilinx.com> --- I'm not counting this as a security issue because I'm assuming nobody treats TCG guests as a security boundary (certainly I would not recommend doing so...) (cherry picked from commit 949013ce) Signed-off-by:
-
Dinar Valeev authored
When ever USB keyboard is used, e.g. '-usbdevice keyboard' pressing caps lock key send 0x32 hid code, which is treated as backslash. Instead it should be 0x39 code. This affects sending uppercase keys, as they typed whith caps lock active. While on x86 this can be workarounded by using ps/2 protocol. On Power it is crusial as we don't have anything else than USB. This is fixes guest automation tasts over vnc. Signed-off-by:
Dinar Valeev <dvaleev@suse.com> Signed-off-by:
-
Paolo Bonzini authored
SoundBlaster 16 emulation is very broken and consumes a lot of CPU, but a small fix was suggested offlist and it is enough to fix some games. I got Epic Pinball to work with the "SoundBlaster Clone" option. The processing of the interrupt register is wrong due to two missing "not"s. This causes the interrupt flag to remain set even after the Acknowledge ports have been read (0x0e and 0x0f). The line was introduced by commit 85571bc7 (audio merge (malc), 2004-11-07), but the code might have been broken before because I did not look closely at the huge patches from 10 years ago. Reported-by:
Joshua Bair <j_bair@bellsouth.net> Cc: Gerd Hoffmann <kraxel@redhat.com> Cc: qemu-stable@nongnu.org Signed-off-by:
-
Cornelia Huck authored
Several places check against the feature bit number instead of against the feature bit. Fix them. Cc: qemu-stable@nongnu.org Reported-by:
Thomas Huth <thuth@linux.vnet.ibm.com> Signed-off-by:
Cornelia Huck <cornelia.huck@de.ibm.com> Reviewed-by:
-
Paolo Bonzini authored
superio_ioport_readb can read the 256th element of the array. Coverity reports an out-of-bounds write in superio_ioport_writeb, but it does not show the corresponding out-of-bounds read because it cannot prove that it can happen. Fix the root cause of the problem (zhanghailang's patch instead fixes the logic in superio_ioport_writeb). Signed-off-by:
zhanghailiang <zhang.zhanghailiang@huawei.com> Signed-off-by:
-
Paolo Bonzini authored
This was accessing an XMM register's low half without going through XMM_Q. Cc: qemu-stable@nongnu.org Reviewed-by:
-
Paolo Bonzini authored
Commit d5776465 (scsi: Introduce scsi_req_cancel_complete, 2014-09-25) was supposed to have no semantic change, but it missed a case. When r->aiocb has already been NULLed, but DMA was not complete and the SCSI layer was waiting for scsi_req_continue, after the patch the SCSI layer will not call the .cancel callback of SCSIBusInfo. Fixes: d5776465 Cc: qemu-stable@nongnu.org Reported-by:
-
Peter Maydell authored
The m68k signal frame setup code which writes the signal return trampoline code to the stack was assuming that a 'long' was 32 bits; on 64 bit systems this meant we would end up writing the 32 bit (2 insn) trampoline sequence to retaddr+4,retaddr+6 instead of the intended retaddr+0,retaddr+2, resulting in a guest crash when it tried to execute the invalid zero-bytes at retaddr+0. Fix by using uint32_t instead; also use uint16_t rather than short for consistency. This fixes bug LP:1404690. Reported-by: Michel Boaventura Signed-off-by:
Riku Voipio <riku.voipio@linaro.org> (cherry picked from commit 1669add7) Signed-off-by:
-
Paolo Bonzini authored
OSes typically write 0xdd/0xdf to turn the A20 line off and on. This has bits 2-3-6-7 on, so that the output port subsection is migrated. Change the reset value and migration default to include those four bits, thus avoiding that the subsection is migrated. This strictly speaking changes guest ABI, but the long time during which we have not migrated the value means that the guests really do not care much; so the change is for all machine types. Reported-by:
-
Paolo Bonzini authored
If the THR interrupt is disabled, there is no need to migrate thr_ipending because LSR.THRE will be sampled again when the interrupt is enabled. (This is the behavior that is not documented in the datasheet, but relied on by Windows!) Note that in this case IIR will never be 0x2 so, if thr_ipending were to be one, QEMU would produce the subsection. Reported-by:
-
Paolo Bonzini authored
This is responsible for failure of migration from 2.2 to 2.1, because thr_ipending is always one in practice. serial.c is setting thr_ipending unconditionally. However, thr_ipending is not used at all if THRI=0, and it will be overwritten again the next time THRE or THRI changes. For that reason, we can set thr_ipending to zero every time THRI is reset. There is disagreement on whether LSR.THRE should be resampled when IER.THRI goes from 1 to 1. This patch does not touch the code, leaving that for QEMU 2.3+. This has no semantic change and is enough to fix migration in the common case where the interrupt is not pending or is reported in IIR. It does not change the migration format, so 2.2.0 -> 2.1 will remain broken but we can fix 2.2.1 -> 2.1 without breaking 2.2.1 <-> 2.2.0. The case that remains broken (the one in which the subsection is strictly necessary) is when THRE=1, the THRI interrupt has *not* been acknowledged yet, and a higher-priority interrupt comes. In this case, you need the subsection to tell the source that the lower-priority THRI interrupt is pending. The subsection's breakage of migration, in this case, prevents continuing the VM on the destination with an invalid state. Cc: qemu-stable@nongnu.org Reported-by:
-
- Feb 22, 2015
-
-
Marcel Apfelbaum authored
After 'Machine as QOM' series the machine type input triggers the creation of the machine class. If the machine type is set in the configuration file, the machine class is not updated accordingly and remains the default. Fixed that by querying the machine options after the configuration file is loaded. Cc: qemu-stable@nongnu.org Reported-by:
William Dauchy <william@gandi.net> Signed-off-by:
Marcel Apfelbaum <marcel@redhat.com> Signed-off-by:
-
David Gibson authored
spapr_tce_table_finalize() can SEGV if the object was not previously realized. In particular this can be triggered by running qemu-system-ppc -device spapr-tce-table,? The basic problem is that we have mismatched initialization versus finalization: spapr_tce_table_finalize() is attempting to undo things that are done in spapr_tce_table_realize(), not an instance_init function. Therefore, replace spapr_tce_table_finalize() with spapr_tce_table_unrealize(). Signed-off-by:David Gibson <david@gibson.dropbear.id.au> Cc: qemu-stable@nongnu.org Signed-off-by:
Alexander Graf <agraf@suse.de> (cherry picked from commit 5f9490de) Signed-off-by:
-
Paolo Bonzini authored
What needs to be volatile is not the pointer, but the pointed-to value! Cc: qemu-stable@nongnu.org Signed-off-by:
-
Vladimir Sementsov-Ogievskiy authored
Because of wrong return value of .save_live_pending() in migration/block.c, migration finishes before the whole disk is transferred. Such situation occurs when the migration process is fast enough, for example when source and dest are on the same host. If in the bulk phase we return something < max_size, we will skip transferring the tail of the device. Currently we have "set pending to BLOCK_SIZE if it is zero" for bulk phase, but there no guarantee, that it will be < max_size. True approach is to return, for example, max_size+1 when we are in the bulk phase. Signed-off-by:
Vladimir Sementsov-Ogievskiy <vsementsov@parallels.com> Message-id: 1419933856-4018-2-git-send-email-vsementsov@parallels.com Signed-off-by:
-
Max Filippov authored
Alter cross-page TB test to also test cross-page opcode. Signed-off-by:
Max Filippov <jcmvbkbc@gmail.com> (cherry picked from commit 85d36377) Signed-off-by:
-
Max Filippov authored
If TB ends with an opcode that crosses page boundary and the following page is not executable then EPC1 for the code fetch exception wrongly points at the beginning of the TB. Always treat instruction that crosses page boundary as a separate TB. Cc: qemu-stable@nongnu.org Signed-off-by:
-
Peter Maydell authored
When stopping an audio voice, call the audio backend's fini method before calling audio_pcm_hw_free_resources_ rather than afterwards. This allows backends which use helper threads (like pulseaudio) to terminate those threads before the conv_buf or mix_buf are freed and avoids race conditions where the helper may access a NULL pointer or freed memory. Cc: qemu-stable@nongnu.org Reviewed-by:
-
Paolo Bonzini authored
Old kernels that used high memory only allowed the initrd to be in the first 896MB of memory. If you load the initrd above, they complain that "initrd extends beyond end of memory". In order to fix this, while not breaking machines with small amounts of memory fixed by cdebec5e (linuxboot: compute initrd loading address, 2014-10-06), we need to distinguish two cases. If pc.c placed the initrd at end of memory, use the new algorithm based on the e801 memory map. If instead pc.c placed the initrd at the maximum address specified by the bzImage, leave it there. The only interesting part is that the low-memory info block is now loaded very early, in real mode, and thus the 32-bit address has to be converted into a real mode segment. The initrd address is also patched in the info block before entering real mode, it is simpler that way. This fixes booting the RHEL4.8 32-bit installation image with 1GB of RAM. Cc: qemu-stable@nongnu.org Cc: mst@redhat.com Cc: jsnow@redhat.com Signed-off-by:
-
Kevin Wolf authored
If a qcow2 image specifies a backing file format that doesn't correspond to any format driver that qemu knows, we shouldn't fall back to probing, but simply error out. Not looking up the backing file driver in bdrv_open_backing_file(), but just filling in the "driver" option if it isn't there moves us closer to the goal of having everything in QDict options and gets us the error handling of bdrv_open(), which correctly refuses unknown drivers. Cc: qemu-stable@nongnu.org Signed-off-by:
-
Kevin Wolf authored
The qcow2 specification requires that the header extension data be padded to round up the extension size to the next multiple of 8 bytes. Signed-off-by:
-
