[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Qemu-commits] [qemu/qemu] 205cff: char: move backends' io watch tag to
|
From: |
GitHub |
|
Subject: |
[Qemu-commits] [qemu/qemu] 205cff: char: move backends' io watch tag to CharDriverSta... |
|
Date: |
Mon, 16 Dec 2013 08:30:06 -0800 |
Branch: refs/heads/stable-1.6
Home: https://github.com/qemu/qemu
Commit: 205cff77af9debf395610fbef34874d5e6f80cd2
https://github.com/qemu/qemu/commit/205cff77af9debf395610fbef34874d5e6f80cd2
Author: Amit Shah <address@hidden>
Date: 2013-12-02 (Mon, 02 Dec 2013)
Changed paths:
M include/sysemu/char.h
M qemu-char.c
Log Message:
-----------
char: move backends' io watch tag to CharDriverState
All the backends implement an io watcher tag for callbacks. Move it to
CharDriverState from each backend's struct to make accessing the tag from
backend-neutral functions easier.
This will be used later to cancel a callback on chardev detach from a
frontend.
CC: <address@hidden>
Reviewed-by: Gerd Hoffmann <address@hidden>
Signed-off-by: Amit Shah <address@hidden>
(cherry picked from commit 7ba9addc165b37b764baa08c02518b15b2361707)
Signed-off-by: Michael Roth <address@hidden>
Commit: aeefaaac83a38a563a0511d6012abea5c49a3165
https://github.com/qemu/qemu/commit/aeefaaac83a38a563a0511d6012abea5c49a3165
Author: Amit Shah <address@hidden>
Date: 2013-12-02 (Mon, 02 Dec 2013)
Changed paths:
M qemu-char.c
Log Message:
-----------
char: use common function to disable callbacks on chardev close
This deduplicates code used a lot of times.
CC: <address@hidden>
Reviewed-by: Gerd Hoffmann <address@hidden>
Signed-off-by: Amit Shah <address@hidden>
(cherry picked from commit 26da70c72524eb22c946ab19ec98a217b8252f7e)
Signed-off-by: Michael Roth <address@hidden>
Commit: 8501da4b93959ccbae4d04a673d0f1c5b72b1a4b
https://github.com/qemu/qemu/commit/8501da4b93959ccbae4d04a673d0f1c5b72b1a4b
Author: Amit Shah <address@hidden>
Date: 2013-12-02 (Mon, 02 Dec 2013)
Changed paths:
M qemu-char.c
Log Message:
-----------
char: remove watch callback on chardev detach from frontend
If a frontend device releases the chardev (via unplug), the chr handlers
are set to NULL via qdev's exit callbacks invoking
qemu_chr_add_handlers(). If the chardev had a pending operation, a
callback will be invoked, which will try to access data in the
just-released frontend, causing a segfault.
Ensure the callbacks are disabled when frontends release chardevs.
This was seen when a virtio-serial port was unplugged when heavy
guest->host IO was in progress (causing a callback to be registered).
In the window in which the throttling was active, unplugging ports
caused a qemu segfault.
https://bugzilla.redhat.com/show_bug.cgi?id=985205
CC: <address@hidden>
Reported-by: Sibiao Luo <address@hidden>
Reviewed-by: Gerd Hoffmann <address@hidden>
Signed-off-by: Amit Shah <address@hidden>
(cherry picked from commit 386a5a1e0057e220f79c48fe3689e3dfb17f1b09)
Signed-off-by: Michael Roth <address@hidden>
Commit: 7038fe818e40f8633b81462f0152a9630acdb704
https://github.com/qemu/qemu/commit/7038fe818e40f8633b81462f0152a9630acdb704
Author: Markus Armbruster <address@hidden>
Date: 2013-12-02 (Mon, 02 Dec 2013)
Changed paths:
M tests/.gitignore
M tests/Makefile
Log Message:
-----------
tests: Fix schema parser test for in-tree build
Commit 4f193e3 added the test, but screwed up in-tree builds
(SRCDIR=.): the tests's output overwrites the expected output, and is
thus compared to itself.
Cc: address@hidden
Reported-by: Laszlo Ersek <address@hidden>
Reviewed-by: Andreas Färber <address@hidden>
Reviewed-by: Laszlo Ersek <address@hidden>
Signed-off-by: Markus Armbruster <address@hidden>
Signed-off-by: Michael Tokarev <address@hidden>
(cherry picked from commit d8039e58b1ecfdc9af171502c83e3949f6dafb95)
Signed-off-by: Michael Roth <address@hidden>
Commit: 98384a92cce4b090c6fad734bbc7a9572c246201
https://github.com/qemu/qemu/commit/98384a92cce4b090c6fad734bbc7a9572c246201
Author: Markus Armbruster <address@hidden>
Date: 2013-12-02 (Mon, 02 Dec 2013)
Changed paths:
M tests/.gitignore
Log Message:
-----------
tests: Update .gitignore for test-int128 and test-bitops
Forgotten in commit 6046c62 and 3464700.
Cc: address@hidden
Reviewed-by: Andreas Färber <address@hidden>
Reviewed-by: Laszlo Ersek <address@hidden>
Signed-off-by: Markus Armbruster <address@hidden>
Signed-off-by: Michael Tokarev <address@hidden>
(cherry picked from commit 9dbb52e862458935c250bac9e71d5a87da4e33e9)
Conflicts:
tests/.gitignore
*removed post-1.6 additions from diff
Signed-off-by: Michael Roth <address@hidden>
Commit: 2c342444a0938a064d2a24e0c6ef28cce4737524
https://github.com/qemu/qemu/commit/2c342444a0938a064d2a24e0c6ef28cce4737524
Author: Stefan Weil <address@hidden>
Date: 2013-12-02 (Mon, 02 Dec 2013)
Changed paths:
M tcg/tci/tcg-target.c
M tci.c
Log Message:
-----------
tci: Add implementation of rotl_i64, rotr_i64
It is used by qemu-ppc64 when running Debian's busybox-static.
Cc: qemu-stable <address@hidden>
Signed-off-by: Stefan Weil <address@hidden>
Reviewed-by: Richard Henderson <address@hidden>
(cherry picked from commit d285bf784b6234e994ce73c05c82c9fb6429df00)
Signed-off-by: Michael Roth <address@hidden>
Commit: 927fab3e061eba4feaaaa0c7409b431f4340197d
https://github.com/qemu/qemu/commit/927fab3e061eba4feaaaa0c7409b431f4340197d
Author: Stefan Weil <address@hidden>
Date: 2013-12-02 (Mon, 02 Dec 2013)
Changed paths:
M include/qemu/bitops.h
Log Message:
-----------
bitops: Add rotate functions (rol8, ror8, ...)
These functions were copies from include/linux/bitopts.h.
Signed-off-by: Stefan Weil <address@hidden>
Reviewed-by: Richard Henderson <address@hidden>
(cherry picked from commit 6aa25b4a7bb10c48c3054f268d5be98e42ea42c0)
Signed-off-by: Michael Roth <address@hidden>
Commit: a2c9dc504a28d07284d87a4ef10ad66f6f864b42
https://github.com/qemu/qemu/commit/a2c9dc504a28d07284d87a4ef10ad66f6f864b42
Author: Stefan Weil <address@hidden>
Date: 2013-12-02 (Mon, 02 Dec 2013)
Changed paths:
M target-arm/iwmmxt_helper.c
M tcg/optimize.c
M tci.c
Log Message:
-----------
misc: Use new rotate functions
Signed-off-by: Stefan Weil <address@hidden>
(cherry picked from commit 3df2b8fde949be86d8a78923c992fdd698d4ea4c)
Signed-off-by: Michael Roth <address@hidden>
Commit: 78bd79fac33a56156d1d05a7f0547a0b7c282225
https://github.com/qemu/qemu/commit/78bd79fac33a56156d1d05a7f0547a0b7c282225
Author: Stefan Weil <address@hidden>
Date: 2013-12-02 (Mon, 02 Dec 2013)
Changed paths:
M qemu-char.c
Log Message:
-----------
qemu-char: Fix potential out of bounds access to local arrays
Latest gcc-4.8 supports a new option -fsanitize=address which activates
an AddressSanitizer. This AddressSanitizer stops the QEMU system emulation
very early because two character arrays of size 8 are potentially written
with 9 bytes.
Commit 6ea314d91439741e95772dfbab98b4135e04bebb added the code.
There is no obvious reason why width or height could need 8 characters,
so reduce it to 7 characters which together with the terminating '\0'
fit into the arrays.
Cc: qemu-stable <address@hidden>
Signed-off-by: Stefan Weil <address@hidden>
Reviewed-by: Alex Bennée <address@hidden>
Signed-off-by: Michael Tokarev <address@hidden>
(cherry picked from commit 49aa4058ac6dd0081aaa45776f07c98df397ca5e)
Signed-off-by: Michael Roth <address@hidden>
Commit: 99b5b999a4fc03ad6164b71af97406657c1ff14a
https://github.com/qemu/qemu/commit/99b5b999a4fc03ad6164b71af97406657c1ff14a
Author: Matthew Daley <address@hidden>
Date: 2013-12-03 (Tue, 03 Dec 2013)
Changed paths:
M hw/block/xen_disk.c
Log Message:
-----------
xen_disk: mark ioreq as mapped before unmapping in error case
Commit 4472beae modified the semantics of ioreq_{un,}map so that they are
idempotent if called when they're not needed (ie., twice in a row). However,
it neglected to handle the case where batch mapping is not being used (the
default), and one of the grants fails to map. In this case, ioreq_unmap will
be called to unwind and unmap any mappings already performed, but ioreq_unmap
simply returns due to the aforementioned change (the ioreq has not already
been marked as mapped).
The frontend user can therefore force xen_disk to leak grant mappings, a
per-domain limited resource.
Fix by marking the ioreq as mapped before calling ioreq_unmap in this
situation.
Signed-off-by: Matthew Daley <address@hidden>
Signed-off-by: Stefano Stabellini <address@hidden>
(cherry picked from commit a76f48e53382e6f039db6278443e3ce437653302)
Signed-off-by: Michael Roth <address@hidden>
Commit: b685f6af6f3aa34a845f156b334c1e24661fd344
https://github.com/qemu/qemu/commit/b685f6af6f3aa34a845f156b334c1e24661fd344
Author: Fam Zheng <address@hidden>
Date: 2013-12-03 (Tue, 03 Dec 2013)
Changed paths:
M block/vmdk.c
Log Message:
-----------
vmdk: Fix vmdk_parse_extents
An extra 'p++' after while loop when *p == '\n' will move p to unknown
data position, risking parsing junk data or memory access violation.
Cc: address@hidden
Signed-off-by: Fam Zheng <address@hidden>
Signed-off-by: Kevin Wolf <address@hidden>
(cherry picked from commit 899f1ae219d5eaa96a53c996026cb0178d62a86d)
Signed-off-by: Michael Roth <address@hidden>
Commit: 91a2cf3d0b367c3f009a83637fc5255fdf2cf8eb
https://github.com/qemu/qemu/commit/91a2cf3d0b367c3f009a83637fc5255fdf2cf8eb
Author: Hans de Goede <address@hidden>
Date: 2013-12-03 (Tue, 03 Dec 2013)
Changed paths:
M audio/audio.c
Log Message:
-----------
audio: honor QEMU_AUDIO_TIMER_PERIOD instead of waking up every *nano* second
Now that we no longer have MIN_REARM_TIMER_NS a bug in the audio subsys has
clearly shown it self by trying to make a timer fire every nano second.
Note we have a similar problem in 1.6, 1.5 and older but there
MIN_REARM_TIMER_NS limits the wakeups caused by audio being active to
4000 times / second. This still causes a host cpu load of 50 % for simply
playing audio, where as with this patch git master is at 13%, so we should
backport this to 1.5 and 1.6 too.
Note this will not apply to 1.5 and 1.6 as is.
Cc: address@hidden
Signed-off-by: Hans de Goede <address@hidden>
Signed-off-by: Gerd Hoffmann <address@hidden>
(cherry picked from commit b4350deed67b95651896ddb60cf9f765093a4848)
Conflicts:
audio/audio.c
*fixed to reflect 1.6 timer function/clock names
Signed-off-by: Michael Roth <address@hidden>
Commit: 7bda8555de4507685bc5713d1239f341718bbf1d
https://github.com/qemu/qemu/commit/7bda8555de4507685bc5713d1239f341718bbf1d
Author: Paolo Bonzini <address@hidden>
Date: 2013-12-03 (Tue, 03 Dec 2013)
Changed paths:
M monitor.c
Log Message:
-----------
monitor: eliminate monitor_event_state_lock
This lock does not protect anything that the BQL does not already
protect. Furthermore, with -nodefaults and no monitor, the mutex
is not initialized but monitor_protocol_event_queue is called
anyway, which causes a crash under mingw (and only works by luck.
under Linux or other POSIX OSes).
Reported-by: Orx Goshen <address@hidden>
Cc: Daniel Berrange <address@hidden>
Cc: address@hidden
Signed-off-by: Paolo Bonzini <address@hidden>
Signed-off-by: Luiz Capitulino <address@hidden>
(cherry picked from commit c20b7fa4b2fedd979bcb0cc974bb5d08a10e3448)
Signed-off-by: Michael Roth <address@hidden>
Commit: bd821a9bc3cc4fc5fe8912deac883e6a4b00bc6a
https://github.com/qemu/qemu/commit/bd821a9bc3cc4fc5fe8912deac883e6a4b00bc6a
Author: Alexey Kardashevskiy <address@hidden>
Date: 2013-12-03 (Tue, 03 Dec 2013)
Changed paths:
M memory.c
Log Message:
-----------
memory: fix 128 arithmetic in info mtree
mtree_print_mr() calls int128_get64() in 3 places but only 2 places
handle 2^64 correctly.
This fixes the third call of int128_get64().
Cc: address@hidden
Signed-off-by: Alexey Kardashevskiy <address@hidden>
Signed-off-by: Paolo Bonzini <address@hidden>
(cherry picked from commit a66670c79c5c7d530d818430ffcdaa25cbf2c2ab)
Signed-off-by: Michael Roth <address@hidden>
Commit: 0ca1774b619dc53db5eb1419d12efcd433f9fe3d
https://github.com/qemu/qemu/commit/0ca1774b619dc53db5eb1419d12efcd433f9fe3d
Author: Richard Henderson <address@hidden>
Date: 2013-12-03 (Tue, 03 Dec 2013)
Changed paths:
M scripts/qapi-visit.py
Log Message:
-----------
Adjust qapi-visit for python-2.4.3
We say we support python 2.4, but python 2.4.3 does not
support the "expr if test else expr" syntax used here.
This allows QEMU to compile on RHEL 5.3, the last release for ia64.
Signed-off-by: Richard Henderson <address@hidden>
Reviewed-by: Michael Roth <address@hidden>
Signed-off-by: Luiz Capitulino <address@hidden>
(cherry picked from commit 7b75d9d61bf9b7b43f6df2fb2fbfc38c4eb9d2e9)
Signed-off-by: Michael Roth <address@hidden>
Commit: ba3b29e04bab5b1c79920a38e88201c171b5ece4
https://github.com/qemu/qemu/commit/ba3b29e04bab5b1c79920a38e88201c171b5ece4
Author: Mike Frysinger <address@hidden>
Date: 2013-12-03 (Tue, 03 Dec 2013)
Changed paths:
M configure
Log Message:
-----------
configure: detect endian via compile test
This avoids needing to execute a program and keeping an (incomplete)
list when cross-compiling.
Signed-off-by: Mike Frysinger <address@hidden>
Reviewed-by: Richard Henderson <address@hidden>
Tested-by: James Hogan <address@hidden> [mips]
Message-id: address@hidden
Signed-off-by: Anthony Liguori <address@hidden>
(cherry picked from commit 61cc919f73ea7ca134c0ac41b748981ad63a253b)
Signed-off-by: Michael Roth <address@hidden>
Commit: 08e2f35c65b0864fbe0d2e8d5df330316b4dd742
https://github.com/qemu/qemu/commit/08e2f35c65b0864fbe0d2e8d5df330316b4dd742
Author: Wenchao Xia <address@hidden>
Date: 2013-12-03 (Tue, 03 Dec 2013)
Changed paths:
M qapi/qapi-dealloc-visitor.c
Log Message:
-----------
qapi: fix memleak by adding implict struct functions in dealloc visitor
Otherwise member "base" is leaked in a qapi_free_STRUCTURE() call.
Signed-off-by: Wenchao Xia <address@hidden>
Reviewed-by: Eric Blake <address@hidden>
Message-id: address@hidden
Cc: address@hidden
Signed-off-by: Anthony Liguori <address@hidden>
(cherry picked from commit 3dce9cad5a6c0b0dbe0830973b270c9466c8ab4b)
Signed-off-by: Michael Roth <address@hidden>
Commit: c1fecf20854020dfc24a9e47adc7a49b4cd5fbce
https://github.com/qemu/qemu/commit/c1fecf20854020dfc24a9e47adc7a49b4cd5fbce
Author: Wenchao Xia <address@hidden>
Date: 2013-12-03 (Tue, 03 Dec 2013)
Changed paths:
M tests/test-qmp-input-visitor.c
Log Message:
-----------
tests: fix memleak in error path test for input visitor
Signed-off-by: Wenchao Xia <address@hidden>
Reviewed-by: Eric Blake <address@hidden>
Message-id: address@hidden
Cc: address@hidden
Signed-off-by: Anthony Liguori <address@hidden>
(cherry picked from commit 8aa15b6e527f234e491a6d354bed4d10da3a01a7)
Signed-off-by: Michael Roth <address@hidden>
Commit: c554ddb901f7716e3288a555a0b4fd0cd1f028ab
https://github.com/qemu/qemu/commit/c554ddb901f7716e3288a555a0b4fd0cd1f028ab
Author: Peter Maydell <address@hidden>
Date: 2013-12-03 (Tue, 03 Dec 2013)
Changed paths:
M configure
Log Message:
-----------
configure: Explicitly set ARFLAGS so we can build with GNU Make 4.0
Our rules.mak adds '-rR' to MAKEFLAGS to indicate that we will be
explicitly specifying everything and not relying on any default
variables or rules. However we were accidentally relying on the
default ARFLAGS ("rv"). This went unnoticed because of a bug in
GNU Make 3.82 and earlier which meant that adding -rR to MAKEFLAGS
only affected submakes, not the currently running instance.
Explicitly set ARFLAGS in config-host.mak, in the same way we
handle CFLAGS and LDFLAGS; this will allow us to work with
Make 4.0.
Thanks to Paul Smith for analyzing this bug for us.
Cc: address@hidden
Reported-by: Ken Moffat <address@hidden>
Signed-off-by: Peter Maydell <address@hidden>
Signed-off-by: Paolo Bonzini <address@hidden>
(cherry picked from commit 45d285abd7028ac72418c1a22f9298bb898fbfb8)
Signed-off-by: Michael Roth <address@hidden>
Commit: 3bd74d1712c33a746b1aee45b809647f9353238c
https://github.com/qemu/qemu/commit/3bd74d1712c33a746b1aee45b809647f9353238c
Author: Stefan Weil <address@hidden>
Date: 2013-12-03 (Tue, 03 Dec 2013)
Changed paths:
M linux-user/syscall.c
M linux-user/syscall_defs.h
Log Message:
-----------
linux-user: Fix stat64 syscall for SPARC64
Some targets use a stat64 structure for the stat64 syscall while others
use a stat structure. SPARC64 used the wrong kind.
Instead of extending the conditional compilation in syscall.c, now a
macro TARGET_HAS_STRUCT_STAT64 is defined whenever a target has a
target_stat64.
Signed-off-by: Stefan Weil <address@hidden>
Reviewed-by: Erik de Castro Lopo <address@hidden>
(cherry picked from commit 20d155bc902f41c5b354937e730ad85b43614ae9)
Signed-off-by: Michael Roth <address@hidden>
Commit: 5326636ff2390bb260b3d8d14899b04db205992d
https://github.com/qemu/qemu/commit/5326636ff2390bb260b3d8d14899b04db205992d
Author: Jason Wang <address@hidden>
Date: 2013-12-03 (Tue, 03 Dec 2013)
Changed paths:
M hw/net/virtio-net.c
Log Message:
-----------
virtio-net: only delete bh that existed
We delete without check whether it existed during exit. This will lead NULL
pointer deference since it was created conditionally depends on guest driver
status and features. So add a check of existence before trying to delete it.
Cc: address@hidden
Signed-off-by: Jason Wang <address@hidden>
Reviewed-by: Michael S. Tsirkin <address@hidden>
Message-id: address@hidden
Signed-off-by: Anthony Liguori <address@hidden>
(cherry picked from commit fe2dafa02de4f80ab36f6e0f4ddfcd6418c03c49)
Conflicts:
hw/net/virtio-net.c
*modified to reflect timer function names for 1.6
Signed-off-by: Michael Roth <address@hidden>
Commit: 2c8187434f90fceb20ee1f0031fb591e5382674d
https://github.com/qemu/qemu/commit/2c8187434f90fceb20ee1f0031fb591e5382674d
Author: Max Filippov <address@hidden>
Date: 2013-12-03 (Tue, 03 Dec 2013)
Changed paths:
M exec.c
Log Message:
-----------
exec: fix breakpoint_invalidate when pc may not be translated
This fixes qemu abort with the following message:
include/qemu/int128.h:22: int128_get64: Assertion `!a.hi' failed.
which happens due to attempt to invalidate breakpoint by virtual address
for which get_phys_page_debug couldn't find mapping.
For more details see
http://lists.nongnu.org/archive/html/qemu-devel/2013-09/msg04582.html
Cc: address@hidden
Signed-off-by: Max Filippov <address@hidden>
Reviewed-by: Paolo Bonzini <address@hidden>
(cherry picked from commit e8262a1b5b7cfbcbc80c46e4ce6ff7c517b7b2f6)
Signed-off-by: Michael Roth <address@hidden>
Commit: 53e8cf93b3ecdb32ca4aa93d04b0a959988456fa
https://github.com/qemu/qemu/commit/53e8cf93b3ecdb32ca4aa93d04b0a959988456fa
Author: Cole Robinson <address@hidden>
Date: 2013-12-09 (Mon, 09 Dec 2013)
Changed paths:
M hw/pci-host/piix.c
M hw/pci-host/q35.c
M include/hw/i386/pc.h
M include/hw/pci-host/q35.h
Log Message:
-----------
Fix pc migration from qemu <= 1.5
The following commit introduced a migration incompatibility:
commit 568f0690fd9aa4d39d84b04c1a5dbb53a915c3fe
Author: David Gibson <address@hidden>
Date: Thu Jun 6 18:48:49 2013 +1000
pci: Replace pci_find_domain() with more general pci_root_bus_path()
The issue is that i440fx savevm idstr went from 0000:00:00.0/I440FX to
0000:00.0/I440FX. Unfortunately we are stuck with the breakage for
1.6 machine types.
Add a compat property to maintain the busted idstr for the 1.6 machine
types, but revert to the old style format for 1.7+, and <= 1.5.
Tested with migration from qemu 1.5, qemu 1.6, and qemu.git.
Cc: address@hidden
Signed-off-by: Cole Robinson <address@hidden>
Reviewed-by: Michael S. Tsirkin <address@hidden>
Signed-off-by: Michael S. Tsirkin <address@hidden>
(cherry picked from commit 04c7d8b8dea724f1007f0f6e76047ff03b4cb24f)
Conflicts:
include/hw/i386/pc.h
*removed 1.6 compat properties
*enabled short_root_bus by default to enable for 1.6 (no 1.6 compat
fields to do so in 1.6.x)
Signed-off-by: Michael Roth <address@hidden>
Commit: 4a5bf69f78e20a64f35770612ee897da4d80082e
https://github.com/qemu/qemu/commit/4a5bf69f78e20a64f35770612ee897da4d80082e
Author: Max Reitz <address@hidden>
Date: 2013-12-09 (Mon, 09 Dec 2013)
Changed paths:
M block/qcow2-cluster.c
Log Message:
-----------
qcow2: count_contiguous_clusters and compression
The function is not intended to be used on compressed clusters and will
not work correctly, if used anyway, since L2E_OFFSET_MASK is not the
right mask for determining the offset of compressed clusters. Therefore,
assert that the first cluster is not compressed and always include the
compression flag in the mask of significant flags, i.e., stop the search
as soon as a compressed cluster occurs.
Signed-off-by: Max Reitz <address@hidden>
Signed-off-by: Kevin Wolf <address@hidden>
(cherry picked from commit 15684a474286cc2c6106c756ddd095a21d058970)
Signed-off-by: Michael Roth <address@hidden>
Commit: 4d2f39a918ab4ccac7255da143b4322a9b4b204a
https://github.com/qemu/qemu/commit/4d2f39a918ab4ccac7255da143b4322a9b4b204a
Author: Peter Lieven <address@hidden>
Date: 2013-12-09 (Mon, 09 Dec 2013)
Changed paths:
M block/qcow2-cluster.c
Log Message:
-----------
qcow2: fix possible corruption when reading multiple clusters
if multiple sectors spanning multiple clusters are read the
function count_contiguous_clusters should ensure that the
cluster type should not change between the clusters.
Especially the for-loop should break when we have one
or more normal clusters followed by a compressed cluster.
Unfortunately the wrong macro was used in the mask to
compare the flags.
This was discovered while debugging a data corruption
issue when converting a compressed qcow2 image to raw.
qemu-img reads 2MB chunks which span multiple clusters.
CC: address@hidden
Signed-off-by: Peter Lieven <address@hidden>
Signed-off-by: Kevin Wolf <address@hidden>
(cherry picked from commit 78a52ad5acca7053b774fcc80290e7b7e224c80a)
Signed-off-by: Michael Roth <address@hidden>
Commit: 37da395651cd1279a8f111b5c8fc31d6f547f67f
https://github.com/qemu/qemu/commit/37da395651cd1279a8f111b5c8fc31d6f547f67f
Author: Alex Williamson <address@hidden>
Date: 2013-12-09 (Mon, 09 Dec 2013)
Changed paths:
M hw/misc/vfio.c
Log Message:
-----------
vfio-pci: Fix multifunction=on
When an assigned device is initialized it copies the device config
space into the emulated config space. Unfortunately multifunction is
setup prior to the device initfn and gets clobbered. We need to
restore it just like pci-assign does.
Cc: address@hidden
Signed-off-by: Alex Williamson <address@hidden>
Signed-off-by: Paolo Bonzini <address@hidden>
(cherry picked from commit 8d07d6c46597a885eb38d99cc6fff399ce69cd21)
Signed-off-by: Michael Roth <address@hidden>
Commit: 817a872cc6e52abe304ec8c0a94c69d4f2b450ec
https://github.com/qemu/qemu/commit/817a872cc6e52abe304ec8c0a94c69d4f2b450ec
Author: Amos Kong <address@hidden>
Date: 2013-12-09 (Mon, 09 Dec 2013)
Changed paths:
M hw/net/virtio-net.c
Log Message:
-----------
virtio-net: fix the memory leak in rxfilter_notify()
object_get_canonical_path() returns a gchar*, it should be freed by the
caller.
Signed-off-by: Amos Kong <address@hidden>
Reviewed-by: Michael S. Tsirkin <address@hidden>
Reviewed-by: Vlad Yasevich <address@hidden>
Reviewed-by: Andreas Färber <address@hidden>
Signed-off-by: Stefan Hajnoczi <address@hidden>
(cherry picked from commit 96e35046e4a97df5b4e1e24e217eb1e1701c7c71)
Signed-off-by: Michael Roth <address@hidden>
Commit: 991a5f378261b759b2af2354703c504906418d35
https://github.com/qemu/qemu/commit/991a5f378261b759b2af2354703c504906418d35
Author: Vlad Yasevich <address@hidden>
Date: 2013-12-09 (Mon, 09 Dec 2013)
Changed paths:
M qom/object.c
Log Message:
-----------
qom: Fix memory leak in object_property_set_link()
Save the result of the call to object_get_canonical_path()
so we can free it.
Cc: address@hidden
Signed-off-by: Vlad Yasevich <address@hidden>
Reviewed-by: Amos Kong <address@hidden>
Reviewed-by: Stefan Hajnoczi <address@hidden>
Signed-off-by: Andreas Färber <address@hidden>
(cherry picked from commit 2d3aa28cc2cf382aa04cd577e0be542175eea9bd)
Signed-off-by: Michael Roth <address@hidden>
Commit: 2cafbbf1e03b954dedd3643ab3a4ffe685a63ccf
https://github.com/qemu/qemu/commit/2cafbbf1e03b954dedd3643ab3a4ffe685a63ccf
Author: Igor Mammedov <address@hidden>
Date: 2013-12-09 (Mon, 09 Dec 2013)
Changed paths:
M qdev-monitor.c
Log Message:
-----------
qdev-monitor: Fix crash when device_add is called with abstract driver
User is able to crash running QEMU when following monitor
command is called:
device_add intel-hda-generic
Crash is caused by assertion in object_initialize_with_type()
when type is abstract.
Checking if type is abstract before instance is created in
qdev_device_add() allows to prevent crash on incorrect user input.
Cc: address@hidden
Signed-off-by: Igor Mammedov <address@hidden>
Signed-off-by: Andreas Färber <address@hidden>
(cherry picked from commit 2fa4e56d88aa0039062bbc7f9a88e9f90c77ed94)
Conflicts:
qdev-monitor.c
*updated to reflect different 1.6 variable names
Signed-off-by: Michael Roth <address@hidden>
Commit: 03060dc086ec8a75929b7bb58df9e67a305a810d
https://github.com/qemu/qemu/commit/03060dc086ec8a75929b7bb58df9e67a305a810d
Author: Stefan Hajnoczi <address@hidden>
Date: 2013-12-09 (Mon, 09 Dec 2013)
Changed paths:
M qdev-monitor.c
Log Message:
-----------
qdev-monitor: Unref device when device_add fails
qdev_device_add() leaks the created device upon failure. I suspect this
problem crept in because qdev_free() unparents the device but does not
drop a reference - confusing name.
Cc: address@hidden
Signed-off-by: Stefan Hajnoczi <address@hidden>
Reviewed-by: Eric Blake <address@hidden>
Signed-off-by: Andreas Färber <address@hidden>
(cherry picked from commit ee6abeb6ec08473713848ce9028110f1684853b7)
Signed-off-by: Michael Roth <address@hidden>
Commit: 0f6298786f0d88a29d150a19870f2ea7bc5c01a5
https://github.com/qemu/qemu/commit/0f6298786f0d88a29d150a19870f2ea7bc5c01a5
Author: Bandan Das <address@hidden>
Date: 2013-12-09 (Mon, 09 Dec 2013)
Changed paths:
M hw/pci/pci.c
Log Message:
-----------
pci: unregister vmstate_pcibus on unplug
PCIBus registers a vmstate during init. Unregister it upon
removal/unplug.
Signed-off-by: Bandan Das <address@hidden>
Cc: address@hidden
Reviewed-by: Andreas Färber <address@hidden>
Signed-off-by: Michael S. Tsirkin <address@hidden>
(cherry picked from commit 5c397242d5d53c1adecce31817bb439383cf8228)
Signed-off-by: Michael Roth <address@hidden>
Commit: 7cfd037403ba34e8ed1ebfa4e7d6abec738e2000
https://github.com/qemu/qemu/commit/7cfd037403ba34e8ed1ebfa4e7d6abec738e2000
Author: Amos Kong <address@hidden>
Date: 2013-12-09 (Mon, 09 Dec 2013)
Changed paths:
M backends/rng-egd.c
Log Message:
-----------
rng-egd: offset the point when repeatedly read from the buffer
The buffer content might be read out more than once, currently
we just repeatedly read the first data block, buffer offset is
missing.
Cc: address@hidden
Signed-off-by: Amos Kong <address@hidden>
Message-id: address@hidden
Signed-off-by: Anthony Liguori <address@hidden>
(cherry picked from commit 1eb1bd9eafa890f1f4d16ef5cb8b9239a86874d9)
Signed-off-by: Michael Roth <address@hidden>
Commit: d90ff19d0a664400232ae062163790937068a0f8
https://github.com/qemu/qemu/commit/d90ff19d0a664400232ae062163790937068a0f8
Author: Alex Williamson <address@hidden>
Date: 2013-12-09 (Mon, 09 Dec 2013)
Changed paths:
M hw/misc/vfio.c
Log Message:
-----------
vfio-pci: Release all MSI-X vectors when disabled
We were relying on msix_unset_vector_notifiers() to release all the
vectors when we disable MSI-X, but this only happens when MSI-X is
still enabled on the device. Perform further cleanup by releasing
any remaining vectors listed as in-use after this call. This caused
a leak of IRQ routes on hotplug depending on how the guest OS prepared
the device for removal.
Signed-off-by: Alex Williamson <address@hidden>
Cc: address@hidden
(cherry picked from commit 3e40ba0faf0822fa78336fe6cd9d677ea9b14f1b)
Signed-off-by: Michael Roth <address@hidden>
Commit: 982c8c5e209d0331f06c0d6bd9a440aa67a5e721
https://github.com/qemu/qemu/commit/982c8c5e209d0331f06c0d6bd9a440aa67a5e721
Author: Kevin Wolf <address@hidden>
Date: 2013-12-09 (Mon, 09 Dec 2013)
Changed paths:
M block/qcow2.c
Log Message:
-----------
qcow2: Zero-initialise first cluster for new images
Strictly speaking, this is only required for has_zero_init() == false,
but it's easy enough to just do a cluster-aligned write that is padded
with zeros after the header.
This fixes that after 'qemu-img create' header extensions are attempted
to be parsed that are really just random leftover data.
Cc: address@hidden
Signed-off-by: Kevin Wolf <address@hidden>
Reviewed-by: Fam Zheng <address@hidden>
Reviewed-by: Paolo Bonzini <address@hidden>
Signed-off-by: Stefan Hajnoczi <address@hidden>
(cherry picked from commit f8413b3c23b08a547ce18609acc6fae5fd04ed5c)
Signed-off-by: Michael Roth <address@hidden>
Commit: 12f741031feb870b9b4ed6819b3c16ca5f2c6816
https://github.com/qemu/qemu/commit/12f741031feb870b9b4ed6819b3c16ca5f2c6816
Author: Fam Zheng <address@hidden>
Date: 2013-12-09 (Mon, 09 Dec 2013)
Changed paths:
M block/vmdk.c
M tests/qemu-iotests/059
M tests/qemu-iotests/059.out
Log Message:
-----------
vmdk: Fix creating big description file
The buffer for description file was 4096 which only covers a few
hundred of extents. This changes the buffer to dynamic allocated with
g_strdup_printf in order to support bigger cases.
Signed-off-by: Fam Zheng <address@hidden>
Signed-off-by: Stefan Hajnoczi <address@hidden>
(cherry picked from commit af057fe74092df2e7a576448ddbdc0daac1370bf)
Conflicts:
block/vmdk.c
tests/qemu-iotests/059
tests/qemu-iotests/059.out
*removed dependencies on 4823970b and 4f6fd349
Signed-off-by: Michael Roth <address@hidden>
Commit: 08dde5b17b56d64c1536177866eafa98db4fba74
https://github.com/qemu/qemu/commit/08dde5b17b56d64c1536177866eafa98db4fba74
Author: Paul Moore <address@hidden>
Date: 2013-12-09 (Mon, 09 Dec 2013)
Changed paths:
M qemu-seccomp.c
Log Message:
-----------
seccomp: add kill() to the syscall whitelist
The kill() syscall is triggered with the following command:
# qemu -sandbox on -monitor stdio \
-device intel-hda -device hda-duplex -vnc :0
The resulting syslog/audit message:
# ausearch -m SECCOMP
----
time->Wed Nov 20 09:52:08 2013
type=SECCOMP msg=audit(1384912328.482:6656): auid=0 uid=0 gid=0 ses=854
subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 pid=12087
comm="qemu-kvm" sig=31 syscall=62 compat=0 ip=0x7f7a1d2abc67 code=0x0
# scmp_sys_resolver 62
kill
Reported-by: CongLi <address@hidden>
Tested-by: CongLi <address@hidden>
Signed-off-by: Paul Moore <address@hidden>
Acked-by: Eduardo Otubo <address@hidden>
(cherry picked from commit e9eecb5bf82a71564bf018fcbbfc6cda19cab6c2)
Signed-off-by: Michael Roth <address@hidden>
Commit: 68a1ac19a1a24bc47c8c6db1bca7026e2199cc32
https://github.com/qemu/qemu/commit/68a1ac19a1a24bc47c8c6db1bca7026e2199cc32
Author: Petar Jovanovic <address@hidden>
Date: 2013-12-09 (Mon, 09 Dec 2013)
Changed paths:
M target-mips/translate.c
Log Message:
-----------
target-mips: fix 64-bit FPU config for user-mode emulation
FR bit should be initialized to 1 for MIPS64, under condition that this
bit is writable and that CPU has an FPU unit. It should be initialized to
zero for MIPS32.
This fixes different MIPS32 issues with FPU instructions whose behaviour
defaulted to 64-bit FPU mode.
Signed-off-by: Petar Jovanovic <address@hidden>
Signed-off-by: Aurelien Jarno <address@hidden>
(cherry picked from commit 4d66261f71f2efa31e1052e4041c5ee505572fe5)
Signed-off-by: Michael Roth <address@hidden>
Commit: 9388fdb603e69d1c251f9bdfaac575ad3258583a
https://github.com/qemu/qemu/commit/9388fdb603e69d1c251f9bdfaac575ad3258583a
Author: Tomoki Sekiyama <address@hidden>
Date: 2013-12-09 (Mon, 09 Dec 2013)
Changed paths:
M qga/commands-posix.c
Log Message:
-----------
qemu-ga: execute fsfreeze-freeze in reverse order of mounts
Currently, fsfreeze-freeze may cause deadlock if a guest has loopback mounts
of image files in its disk; e.g.:
# mount | grep ^/
/dev/vda1 / type ext4 (rw,noatime,seclabel,data=ordered)
/tmp/disk.img on /mnt type ext4 (rw,relatime,seclabel)
To avoid the deadlock, this freezes filesystems in reverse order of mounts.
Signed-off-by: Tomoki Sekiyama <address@hidden>
Reviewed-by: Eric Blake <address@hidden>
*fix up commit msg
Signed-off-by: Michael Roth <address@hidden>
(cherry picked from commit e5d9adbdab972a2172815c1174aed3fabcc448f1)
Signed-off-by: Michael Roth <address@hidden>
Commit: 192d2f4cc7931668d4e4f10e882af3c097193c47
https://github.com/qemu/qemu/commit/192d2f4cc7931668d4e4f10e882af3c097193c47
Author: Laszlo Ersek <address@hidden>
Date: 2013-12-09 (Mon, 09 Dec 2013)
Changed paths:
M hw/scsi/scsi-bus.c
Log Message:
-----------
scsi_target_send_command(): amend stable-1.6 port of the CVE-2013-4344 fix
The originally suggested fix for CVE-2013-4344 introduced a regression in
scsi_target_send_command() / REQUEST_SENSE; the third argument passed to
scsi_device_get_sense() -- for the "len" parameter -- ignored the
possibility of the guest SCSI driver requesting truncated (or shorter than
full) sense data.
This could result in (r->len > req->cmd.xfer) on return, which is not
valid SCSI.
The problem was addressed in the second round, and the commit on the
master branch (84642435) is correct. However the stable-1.6 branch (the
v1.6.1 release) has the original, regressive fix (commit fdcbe7d5); let's
update it.
Signed-off-by: Laszlo Ersek <address@hidden>
Reviewed-by: Paolo Bonzini <address@hidden>
Signed-off-by: Michael Roth <address@hidden>
Commit: e82ee0845c3240541e79b9bf21779b3f8743f1b4
https://github.com/qemu/qemu/commit/e82ee0845c3240541e79b9bf21779b3f8743f1b4
Author: Michael Roth <address@hidden>
Date: 2013-12-09 (Mon, 09 Dec 2013)
Changed paths:
M VERSION
Log Message:
-----------
Update VERSION for 1.6.2 release
Signed-off-by: Michael Roth <address@hidden>
Compare: https://github.com/qemu/qemu/compare/62ecc3a0e3c7...e82ee0845c32
| [Prev in Thread] |
Current Thread |
[Next in Thread] |
- [Qemu-commits] [qemu/qemu] 205cff: char: move backends' io watch tag to CharDriverSta...,
GitHub <=