[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Qemu-commits] [qemu/qemu] 013aab: icount: fix deadlock when all cpus ar
|
From: |
GitHub |
|
Subject: |
[Qemu-commits] [qemu/qemu] 013aab: icount: fix deadlock when all cpus are sleeping |
|
Date: |
Thu, 08 Nov 2018 03:32:38 -0800 |
Branch: refs/heads/master
Home: https://github.com/qemu/qemu
Commit: 013aabdc665e4256b38d8875a1a7b5e030ba98f1
https://github.com/qemu/qemu/commit/013aabdc665e4256b38d8875a1a7b5e030ba98f1
Author: Clement Deschamps <address@hidden>
Date: 2018-11-06 (Tue, 06 Nov 2018)
Changed paths:
M cpus.c
Log Message:
-----------
icount: fix deadlock when all cpus are sleeping
When all cpus are sleeping (e.g in WFI), to avoid a deadlock
in the main_loop, wake it up in order to start the warp timer.
Signed-off-by: Clement Deschamps <address@hidden>
Message-Id: <address@hidden>
Signed-off-by: Paolo Bonzini <address@hidden>
Commit: e204ac612cb2cc1a33f4205976386d237d676319
https://github.com/qemu/qemu/commit/e204ac612cb2cc1a33f4205976386d237d676319
Author: Vitaly Kuznetsov <address@hidden>
Date: 2018-11-06 (Tue, 06 Nov 2018)
Changed paths:
M target/i386/cpu.c
M target/i386/cpu.h
M target/i386/hyperv-proto.h
M target/i386/kvm.c
Log Message:
-----------
x86: hv_evmcs CPU flag support
Adds a new CPU flag to enable the Enlightened VMCS KVM feature.
QEMU enables KVM_CAP_HYPERV_ENLIGHTENED_VMCS and gets back the
version to be advertised in lower 16 bits of CPUID.0x4000000A:EAX.
Suggested-by: Ladi Prosek <address@hidden>
Signed-off-by: Vitaly Kuznetsov <address@hidden>
Message-Id: <address@hidden>
Reviewed-by: Roman Kagan <address@hidden>
Signed-off-by: Paolo Bonzini <address@hidden>
Commit: d4715481ded13231d9ff8ae17da648de78b925d0
https://github.com/qemu/qemu/commit/d4715481ded13231d9ff8ae17da648de78b925d0
Author: Daniel P. Berrangé <address@hidden>
Date: 2018-11-06 (Tue, 06 Nov 2018)
Changed paths:
M hw/pci-host/q35.c
M include/hw/pci/pci_ids.h
Log Message:
-----------
i386: clarify that the Q35 machine type implements a P35 chipset
The 'q35' machine type implements an Intel Series 3 chipset,
of which there are several variants:
https://www.intel.com/Assets/PDF/datasheet/316966.pdf
The key difference between the 82P35 MCH ('p35', PCI device ID 0x29c0)
and 82Q35 GMCH ('q35', PCI device ID 0x29b0) variants is that the latter
has an integrated graphics adapter. QEMU does not implement integrated
graphics, so uses the PCI ID for the 82P35 chipset, despite calling the
machine type 'q35'. Thus we rename the PCI device ID constant to reflect
reality, to avoid confusing future developers. The new name more closely
matches what pci.ids reports it to be:
$ grep P35 /usr/share/hwdata/pci.ids | grep 29
29c0 82G33/G31/P35/P31 Express DRAM Controller
29c1 82G33/G31/P35/P31 Express PCI Express Root Port
29c4 82G33/G31/P35/P31 Express MEI Controller
29c5 82G33/G31/P35/P31 Express MEI Controller
29c6 82G33/G31/P35/P31 Express PT IDER Controller
29c7 82G33/G31/P35/P31 Express Serial KT Controller
$ grep Q35 /usr/share/hwdata/pci.ids | grep 29
29b0 82Q35 Express DRAM Controller
29b1 82Q35 Express PCI Express Root Port
29b2 82Q35 Express Integrated Graphics Controller
29b3 82Q35 Express Integrated Graphics Controller
29b4 82Q35 Express MEI Controller
29b5 82Q35 Express MEI Controller
29b6 82Q35 Express PT IDER Controller
29b7 82Q35 Express Serial KT Controller
Arguably the QEMU machine type should be named 'p35'. At this point in
time, however, it is not worth the churn for management applications &
documentation to worry about renaming it.
Signed-off-by: Daniel P. Berrangé <address@hidden>
Message-Id: <address@hidden>
Signed-off-by: Paolo Bonzini <address@hidden>
Commit: bce410a33b9ed51051eb6a1fb31f8d0c13a51d48
https://github.com/qemu/qemu/commit/bce410a33b9ed51051eb6a1fb31f8d0c13a51d48
Author: Igor Mammedov <address@hidden>
Date: 2018-11-06 (Tue, 06 Nov 2018)
Changed paths:
M hw/misc/ivshmem.c
Log Message:
-----------
ivshmem: fix memory backend leak
object_new() returns a new backend with refcount == 1 and
then later object_property_add_child() increases refcount to 2
So when ivshmem is destroyed, the backend it has created isn't
destroyed along with it as children cleanup will bring
backend's refcount only to 1, which leaks backend including
resources it is using.
Drop the original reference from object_new() once backend
is attached to its parent.
Signed-off-by: Igor Mammedov <address@hidden>
Message-Id: <address@hidden>
Reviewed-by: Marc-André Lureau <address@hidden>
Fixes: 5503e285041979dd29698ecb41729b3b22622e8d
Signed-off-by: Paolo Bonzini <address@hidden>
Commit: 2185fd67d2f277ebb1d2946cf5f7cdc773e04198
https://github.com/qemu/qemu/commit/2185fd67d2f277ebb1d2946cf5f7cdc773e04198
Author: Paolo Bonzini <address@hidden>
Date: 2018-11-06 (Tue, 06 Nov 2018)
Changed paths:
M MAINTAINERS
Log Message:
-----------
MAINTAINERS: remove or downgrade myself to reviewer from some subsystems
Other people are doing a much better work than myself at handling some
subsystems. For those files it is better if I downgrade myself to
reviewer or recognize that I am not actually doing any work there.
Cc: Daniel P. Berrange <address@hidden>
Cc: Gerd Hoffmann <address@hidden>
Cc: Eric Blake <address@hidden>
Cc: Thomas Huth <address@hidden>
Cc: Laurent Vivier <address@hidden>
Cc: Marc-André Lureau <address@hidden>
Signed-off-by: Paolo Bonzini <address@hidden>
Commit: 1a1435dd61e28c1e3b70971107d72a7d05b28d03
https://github.com/qemu/qemu/commit/1a1435dd61e28c1e3b70971107d72a7d05b28d03
Author: Rudolf Marek <address@hidden>
Date: 2018-11-06 (Tue, 06 Nov 2018)
Changed paths:
M target/i386/seg_helper.c
Log Message:
-----------
target/i386: Clear RF on SYSCALL instruction
Fix the SYSCALL instruction in 64-bit (long mode). The RF flag
should be cleared in R11 as well as in the RFLAGS. Intel
and AMD CPUs behave same. AMD has this documented in the
APM vol 3.
Signed-off-by: Roman Kapl <address@hidden>
Signed-off-by: Rudolf Marek <address@hidden>
Message-Id: <address@hidden>
Signed-off-by: Paolo Bonzini <address@hidden>
Commit: c26763f8ec70b1011098cab0da9178666d8256a5
https://github.com/qemu/qemu/commit/c26763f8ec70b1011098cab0da9178666d8256a5
Author: Marc-André Lureau <address@hidden>
Date: 2018-11-06 (Tue, 06 Nov 2018)
Changed paths:
M docs/devel/migration.rst
M include/exec/memory.h
M memory.c
Log Message:
-----------
memory: learn about non-volatile memory region
Add a new flag to mark memory region that are used as non-volatile, by
NVDIMM for example. That bit is propagated down to the flat view, and
reflected in HMP info mtree with a "nv-" prefix on the memory type.
This way, guest_phys_blocks_region_add() can skip the NV memory
regions for dumps and TCG memory clear in a following patch.
Cc: address@hidden
Cc: address@hidden
Cc: address@hidden
Cc: address@hidden
Cc: address@hidden
Cc: address@hidden
Signed-off-by: Marc-André Lureau <address@hidden>
Message-Id: <address@hidden>
Signed-off-by: Paolo Bonzini <address@hidden>
Commit: 640713d8a17107120ba29c4b2527b0b06951e33a
https://github.com/qemu/qemu/commit/640713d8a17107120ba29c4b2527b0b06951e33a
Author: Marc-André Lureau <address@hidden>
Date: 2018-11-06 (Tue, 06 Nov 2018)
Changed paths:
M hw/mem/nvdimm.c
Log Message:
-----------
nvdimm: set non-volatile on the memory region
qemu-system-x86_64 -machine pc,nvdimm -m 2G,slots=4,maxmem=16G -enable-kvm
-monitor stdio -object
memory-backend-file,id=mem1,share=on,mem-path=/tmp/foo,size=1G -device
nvdimm,id=nvdimm1,memdev=mem1
HMP info mtree command reflects the flag with "nv-" prefix on memory type:
(qemu) info mtree
0000000100000000-000000013fffffff (prio 0, nv-i/o): alias nvdimm-memory
@/objects/mem1 0000000000000000-000000003fffffff
(qemu) info mtree -f
0000000100000000-000000013fffffff (prio 0, nv-ram): /objects/mem1
Signed-off-by: Marc-André Lureau <address@hidden>
Message-Id: <address@hidden>
Signed-off-by: Paolo Bonzini <address@hidden>
Commit: 17a6ddb6fac51c1979dd5e35588cc82c19e8e75c
https://github.com/qemu/qemu/commit/17a6ddb6fac51c1979dd5e35588cc82c19e8e75c
Author: Marc-André Lureau <address@hidden>
Date: 2018-11-06 (Tue, 06 Nov 2018)
Changed paths:
M memory_mapping.c
Log Message:
-----------
memory-mapping: skip non-volatile memory regions in GuestPhysBlockList
GuestPhysBlockList is currently used to produce dumps. Given the size
and the typical usage of NVDIMM for storage, they are not a good idea
to have in the dumps. We may want to have an extra dump option to
include them. For now, skip non-volatile regions.
The TCG memory clear function is going to use the GuestPhysBlockList
as well, and will thus skip NVDIMM for similar reasons.
Signed-off-by: Marc-André Lureau <address@hidden>
Message-Id: <address@hidden>
Reviewed-by: Laszlo Ersek <address@hidden>
Reviewed-by: David Hildenbrand <address@hidden>
Signed-off-by: Paolo Bonzini <address@hidden>
Commit: 7f135356564bc776083b7ecee81096ab49e670e4
https://github.com/qemu/qemu/commit/7f135356564bc776083b7ecee81096ab49e670e4
Author: Paolo Bonzini <address@hidden>
Date: 2018-11-06 (Tue, 06 Nov 2018)
Changed paths:
M scripts/dump-guest-memory.py
Log Message:
-----------
scripts/dump-guest-memory: Synchronize with guest_phys_blocks_region_add
Recent patches have removed ram_device and nonvolatile RAM
from dump-guest-memory's output. Do the same for dumps
that are extracted from a QEMU core file.
Reviewed-by: Marc-André Lureau <address@hidden>
Signed-off-by: Paolo Bonzini <address@hidden>
Commit: e58ccf039650065a9442de43c9816f81e88f27f6
https://github.com/qemu/qemu/commit/e58ccf039650065a9442de43c9816f81e88f27f6
Author: Prasad J Pandit <address@hidden>
Date: 2018-11-06 (Tue, 06 Nov 2018)
Changed paths:
M hw/scsi/lsi53c895a.c
Log Message:
-----------
lsi53c895a: check message length value is valid
While writing a message in 'lsi_do_msgin', message length value
in 'msg_len' could be invalid due to an invalid migration stream.
Add an assertion to avoid an out of bounds access, and reject
the incoming migration data if it contains an invalid message
length.
Discovered by Deja vu Security. Reported by Oracle.
Signed-off-by: Prasad J Pandit <address@hidden>
Message-Id: <address@hidden>
Signed-off-by: Paolo Bonzini <address@hidden>
Commit: 6c219fc8a112fc69b29f59ea2c7865717ff6e3e0
https://github.com/qemu/qemu/commit/6c219fc8a112fc69b29f59ea2c7865717ff6e3e0
Author: Paolo Bonzini <address@hidden>
Date: 2018-11-06 (Tue, 06 Nov 2018)
Changed paths:
M hw/scsi/scsi-generic.c
Log Message:
-----------
scsi-generic: keep VPD page list sorted
Block limits emulation is just placing 0xb0 as the final byte of the
VPD pages list. However, VPD page numbers must be sorted, so change
that to an in-place insert. Since I couldn't find any disk that triggered
the loop more than once, this was tested by adding manually 0xb1
at the end of the list and checking that 0xb0 was added before.
Reported-by: Max Reitz <address@hidden>
Reviewed-by: Max Reitz <address@hidden>
Signed-off-by: Paolo Bonzini <address@hidden>
Commit: 57dbb58d800f62b9e56d946660dba4e8dbd20204
https://github.com/qemu/qemu/commit/57dbb58d800f62b9e56d946660dba4e8dbd20204
Author: Paolo Bonzini <address@hidden>
Date: 2018-11-06 (Tue, 06 Nov 2018)
Changed paths:
M hw/scsi/scsi-generic.c
Log Message:
-----------
scsi-generic: avoid out-of-bounds access to VPD page list
A device can report an excessive number of VPD pages when asked for a
list; this can cause an out-of-bounds access to buf in
scsi_generic_set_vpd_bl_emulation. It should not happen, but
it is technically not incorrect so handle it: do not check any byte
past the allocation length that was sent to the INQUIRY command.
Reported-by: Max Reitz <address@hidden>
Reviewed-by: Max Reitz <address@hidden>
Signed-off-by: Paolo Bonzini <address@hidden>
Commit: 3d4a8bf0eed68a781e06118e4d1df6e2f106a1f2
https://github.com/qemu/qemu/commit/3d4a8bf0eed68a781e06118e4d1df6e2f106a1f2
Author: Paolo Bonzini <address@hidden>
Date: 2018-11-06 (Tue, 06 Nov 2018)
Changed paths:
M hw/scsi/Makefile.objs
A hw/scsi/emulation.c
M hw/scsi/scsi-disk.c
M hw/scsi/scsi-generic.c
A include/hw/scsi/emulation.h
M include/hw/scsi/scsi.h
Log Message:
-----------
scsi-generic: avoid invalid access to struct when emulating block limits
Emulation of the block limits VPD page called back into scsi-disk.c,
which however expected the request to be for a SCSIDiskState and
accessed a scsi-generic device outside the bounds of its struct
(namely to retrieve s->max_unmap_size and s->max_io_size).
To avoid this, move the emulation code to a separate function that
takes a new SCSIBlockLimits struct and marshals it into the VPD
response format.
Reported-by: Max Reitz <address@hidden>
Reviewed-by: Max Reitz <address@hidden>
Signed-off-by: Paolo Bonzini <address@hidden>
Commit: 763c56872b08b98fde062a1feca003f200e7bd5c
https://github.com/qemu/qemu/commit/763c56872b08b98fde062a1feca003f200e7bd5c
Author: Paolo Bonzini <address@hidden>
Date: 2018-11-06 (Tue, 06 Nov 2018)
Changed paths:
M hw/scsi/scsi-generic.c
Log Message:
-----------
scsi-generic: do not do VPD emulation for sense other than ILLEGAL_REQUEST
Pass other sense, such as UNIT_ATTENTION or BUSY, directly to the
guest.
Reported-by: Max Reitz <address@hidden>
Signed-off-by: Paolo Bonzini <address@hidden>
Commit: ca95173c7fb64a1544b1f560766976425659e5e4
https://github.com/qemu/qemu/commit/ca95173c7fb64a1544b1f560766976425659e5e4
Author: Peter Maydell <address@hidden>
Date: 2018-11-06 (Tue, 06 Nov 2018)
Changed paths:
M include/qemu/thread.h
Log Message:
-----------
include/qemu/thread.h: Document qemu_thread_atexit* API
Add documentation for the qemu_thread_atexit_add() and
qemu_thread_atexit_remove() functions.
We include a (previously undocumented) constraint that notifiers
may not be called if a thread is exiting because the entire
process is exiting. This is fine for our current use because
the callers use it only for cleaning up resources which go away
on process exit (memory, Win32 fibers), and we will need the
flexibility for the new posix implementation.
Signed-off-by: Peter Maydell <address@hidden>
Reviewed-by: Eric Blake <address@hidden>
Message-Id: <address@hidden>
Signed-off-by: Paolo Bonzini <address@hidden>
Commit: a458774ad711bceabefbf01e8f0b91d86ec72e0c
https://github.com/qemu/qemu/commit/a458774ad711bceabefbf01e8f0b91d86ec72e0c
Author: Peter Maydell <address@hidden>
Date: 2018-11-06 (Tue, 06 Nov 2018)
Changed paths:
M util/qemu-thread-posix.c
Log Message:
-----------
util/qemu-thread-posix: Fix qemu_thread_atexit* for OSX
Our current implementation of qemu_thread_atexit* is broken on OSX.
This is because it works by cerating a piece of thread-specific
data with pthread_key_create() and using the destructor function
for that data to run the notifier function passed to it by
the caller of qemu_thread_atexit_add(). The expected use case
is that the caller uses a __thread variable as the notifier,
and uses the callback to clean up information that it is
keeping per-thread in __thread variables.
Unfortunately, on OSX this does not work, because on OSX
a __thread variable may be destroyed (freed) before the
pthread_key_create() destructor runs. (POSIX imposes no
ordering constraint here; the OSX implementation happens
to implement __thread variables in terms of pthread_key_create((),
whereas Linux uses different mechanisms that mean the __thread
variables will still be present when the pthread_key_create()
destructor is run.)
Fix this by switching to a scheme similar to the one qemu-thread-win32
uses for qemu_thread_atexit: keep the thread's notifiers on a
__thread variable, and run the notifiers on calls to
qemu_thread_exit() and on return from the start routine passed
to qemu_thread_start(). We do this with the pthread_cleanup_push()
API.
We take advantage of the qemu_thread_atexit_add() API
permission not to run thread notifiers on process exit to
avoid having to special case the main thread.
Suggested-by: Paolo Bonzini <address@hidden>
Signed-off-by: Peter Maydell <address@hidden>
Reviewed-by: Eric Blake <address@hidden>
Message-Id: <address@hidden>
Signed-off-by: Paolo Bonzini <address@hidden>
Commit: fa27257432689e8927cb993b251d380d654dcc86
https://github.com/qemu/qemu/commit/fa27257432689e8927cb993b251d380d654dcc86
Author: Peter Maydell <address@hidden>
Date: 2018-11-08 (Thu, 08 Nov 2018)
Changed paths:
M MAINTAINERS
M cpus.c
M docs/devel/migration.rst
M hw/mem/nvdimm.c
M hw/misc/ivshmem.c
M hw/pci-host/q35.c
M hw/scsi/Makefile.objs
A hw/scsi/emulation.c
M hw/scsi/lsi53c895a.c
M hw/scsi/scsi-disk.c
M hw/scsi/scsi-generic.c
M include/exec/memory.h
M include/hw/pci/pci_ids.h
A include/hw/scsi/emulation.h
M include/hw/scsi/scsi.h
M include/qemu/thread.h
M memory.c
M memory_mapping.c
M scripts/dump-guest-memory.py
M target/i386/cpu.c
M target/i386/cpu.h
M target/i386/hyperv-proto.h
M target/i386/kvm.c
M target/i386/seg_helper.c
M util/qemu-thread-posix.c
Log Message:
-----------
Merge remote-tracking branch 'remotes/bonzini/tags/for-upstream' into staging
* icount fix (Clement)
* dumping fixes for non-volatile memory (Marc-André, myself)
* x86 emulation fix (Rudolf)
* recent Hyper-V CPUID flag (Vitaly)
* Q35 doc fix (Daniel)
* lsi fix (Prasad)
* SCSI block limits emulation fixes (myself)
* qemu_thread_atexit rework (Peter)
* ivshmem memory leak fix (Igor)
# gpg: Signature made Tue 06 Nov 2018 21:34:30 GMT
# gpg: using RSA key BFFBD25F78C7AE83
# gpg: Good signature from "Paolo Bonzini <address@hidden>"
# gpg: aka "Paolo Bonzini <address@hidden>"
# Primary key fingerprint: 46F5 9FBD 57D6 12E7 BFD4 E2F7 7E15 100C CD36 69B1
# Subkey fingerprint: F133 3857 4B66 2389 866C 7682 BFFB D25F 78C7 AE83
* remotes/bonzini/tags/for-upstream:
util/qemu-thread-posix: Fix qemu_thread_atexit* for OSX
include/qemu/thread.h: Document qemu_thread_atexit* API
scsi-generic: do not do VPD emulation for sense other than ILLEGAL_REQUEST
scsi-generic: avoid invalid access to struct when emulating block limits
scsi-generic: avoid out-of-bounds access to VPD page list
scsi-generic: keep VPD page list sorted
lsi53c895a: check message length value is valid
scripts/dump-guest-memory: Synchronize with guest_phys_blocks_region_add
memory-mapping: skip non-volatile memory regions in GuestPhysBlockList
nvdimm: set non-volatile on the memory region
memory: learn about non-volatile memory region
target/i386: Clear RF on SYSCALL instruction
MAINTAINERS: remove or downgrade myself to reviewer from some subsystems
ivshmem: fix memory backend leak
i386: clarify that the Q35 machine type implements a P35 chipset
x86: hv_evmcs CPU flag support
icount: fix deadlock when all cpus are sleeping
Signed-off-by: Peter Maydell <address@hidden>
Compare: https://github.com/qemu/qemu/compare/4de6bb0c02ad...fa2725743268
**NOTE:** This service has been marked for deprecation:
https://developer.github.com/changes/2018-04-25-github-services-deprecation/
Functionality will be removed from GitHub.com on January 31st, 2019.
| [Prev in Thread] |
Current Thread |
[Next in Thread] |
- [Qemu-commits] [qemu/qemu] 013aab: icount: fix deadlock when all cpus are sleeping,
GitHub <=