Update QEMU to v9.1.1 #90
Merged
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
The vcek-disabled property of the sev-snp-guest object is misspelled vcek-required (which I suppose would use the opposite polarity) in the call to object_class_property_add_bool(). Fix it. Reported-by: Zixi Chen <zixchen@redhat.com> Reviewed-by: Pankaj Gupta <pankaj.gupta@amd.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
This fixes LeakSanitizer warnings. Signed-off-by: Akihiko Odaki <akihiko.odaki@daynix.com> Reviewed-by: Peter Xu <peterx@redhat.com> Signed-off-by: Fabiano Rosas <farosas@suse.de>
The QIOChannelFile object already has its reference decremented by g_autoptr. Trying to unref an extra time causes: ERROR:../qom/object.c:1241:object_unref: assertion failed: (obj->ref > 0) Fixes: a701c03 ("migration: Drop reference to QIOChannel if file seeking fails") Fixes: 6d32796 ("migration: Fix file migration with fdset") Reported-by: Jim Fehlig <jfehlig@suse.com> Reviewed-by: Peter Xu <peterx@redhat.com> Signed-off-by: Fabiano Rosas <farosas@suse.de>
…on fails When a channel fails to create, the code currently just returns. This is wrong for two reasons: 1) Channel n+1 will not get to initialize it's semaphores, leading to an assert when terminate_threads tries to post to it: qemu-system-x86_64: ../util/qemu-thread-posix.c:92: qemu_mutex_lock_impl: Assertion `mutex->initialized' failed. 2) (theoretical) If channel n-1 already started creation it will defeat the purpose of the channels_created logic which is in place to avoid migrate_fd_cleanup() to run while channels are still being created. This cannot really happen today because the current failure cases for multifd_new_send_channel_create() are all synchronous, resulting from qio_channel_file_new_path() getting a bad filename. This would hit all channels equally. But I don't want to set a trap for future people, so have all channels try to create (even if failing), and only fail after the channels_created semaphore has been posted. While here, remove the error_report_err call. There's one already at migrate_fd_cleanup later on. Cc: qemu-stable@nongnu.org Reported-by: Jim Fehlig <jfehlig@suse.com> Fixes: b7b03eb ("migration/multifd: Add outgoing QIOChannelFile support") Reviewed-by: Peter Xu <peterx@redhat.com> Signed-off-by: Fabiano Rosas <farosas@suse.de>
Changed val from uint64_t to a pointer to uint64_t in hvf_sysreg_read, but didn't change its usage in hvf_sysreg_read_cp call. Fixes: e9e6401 ("hvf: arm: Raise an exception for sysreg by default") Reported-by: Richard Henderson <richard.henderson@linaro.org> Signed-off-by: Akihiko Odaki <akihiko.odaki@daynix.com> Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org> Message-ID: <20240802-hvf-v1-1-e2c0292037e5@daynix.com> Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
…osas/qemu into staging Migration pull request - Akihiko Odaki's fix for a memory leak on ppc migration - Fabiano's fix for asserts during multifd error handling # -----BEGIN PGP SIGNATURE----- # # iQJEBAABCAAuFiEEqhtIsKIjJqWkw2TPx5jcdBvsMZ0FAmas698QHGZhcm9zYXNA # c3VzZS5kZQAKCRDHmNx0G+wxnQYFEACNaJderA8VNnyAKyAFD5hCWeZnpZj3UfvO # l/3CLKBx2WPu+IAMQ+32b8Hpy5v1r4HRkicn0FId86dnbWflqAZJ0wilnPDrzbNG # oJ9IgDCPobdNCI1JgGVGCddOwraKKRo6/7e7TE5ME3MPV4AZRHs0LGfYPVxGD/5L # gbV1Zun9SvMk7u/SjE0j8ZG/L3N2rA23Ns/aNfN7KFRLWBccpJ6vKs0q9v6SQnMQ # iAAypK3d0szCBiuD8iiawPgh6K6pwA7OZ+SmtyGanK2gfNvdJ9YZArbxM3yzqUmJ # IAYvxXO/xy/cwdGELsjr0lrUFSH15PeQlSUKQ0WEVMv3/okd88jZv7xbyAZy2u5v # QZXmvb4QMH3wJUZ2rGG+DuZoZIiTL20PPnujxO/kvbhmXjsp4TuDJbKkwW7nvP2Y # ISuHCBsHcskScu0TSoZ0Fj3sSBXHV5Qw0jZiP37lgjf4eXgJzkadAUh3DCuUI62O # lqtFxFpBODdKtYfSYR+ThZXhicZx9DOxJHJBU8bXbBi3iGpVZl9O8ywgGi8wpQzh # cAJk9GbXp/77N94sexzTUHK9ttE00VQUvl8rad+HfZUsBE9E8MsW0zzUaZ8VAH3c # wzjg1S08rS48c5Ju5PO8iY2Oi5apxdGy9SOyEdpxs+ZE37GbwjoY1Q7C2U+jj72E # q4/z0NKuWw== # =1iRF # -----END PGP SIGNATURE----- # gpg: Signature made Sat 03 Aug 2024 12:23:27 AM AEST # gpg: using RSA key AA1B48B0A22326A5A4C364CFC798DC741BEC319D # gpg: issuer "farosas@suse.de" # gpg: Good signature from "Fabiano Rosas <farosas@suse.de>" [unknown] # gpg: aka "Fabiano Almeida Rosas <fabiano.rosas@suse.com>" [unknown] # gpg: WARNING: The key's User ID is not certified with a trusted signature! # gpg: There is no indication that the signature belongs to the owner. # Primary key fingerprint: AA1B 48B0 A223 26A5 A4C3 64CF C798 DC74 1BEC 319D * tag 'migration-20240802-pull-request' of https://gitlab.com/farosas/qemu: migration/multifd: Fix multifd_send_setup cleanup when channel creation fails migration: Fix cleanup of iochannel in file migration migration: Free removed SaveStateEntry Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Analyzing qemu-produced core dumps of multi-threaded apps runs into:
(gdb) info threads
[...]
21 Thread 0x3ff83cc0740 (LWP 9295) warning: Couldn't find general-purpose registers in core file.
<unavailable> in ?? ()
The reason is that all pr_pid values are the same, because the same
TaskState is used for all CPUs when generating NT_PRSTATUS notes.
Fix by using TaskStates associated with individual CPUs.
Cc: qemu-stable@nongnu.org
Fixes: 243c470 ("linux-user/elfload: Write corefile elf header in one block")
Signed-off-by: Ilya Leoshkevich <iii@linux.ibm.com>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-ID: <20240801202340.21845-1-iii@linux.ibm.com>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Move close_all_open_fds() in oslib-posix, rename it qemu_close_all_open_fds() and export it. Signed-off-by: Clément Léger <cleger@rivosinc.com> Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org> Reviewed-by: Richard Henderson <richard.henderson@linaro.org> Message-ID: <20240802145423.3232974-2-cleger@rivosinc.com> Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
In order to make it cleaner, split qemu_close_all_open_fd() logic into multiple subfunctions (close with close_range(), with /proc/self/fd and fallback). Signed-off-by: Clément Léger <cleger@rivosinc.com> Reviewed-by: Richard Henderson <richard.henderson@linaro.org> Message-ID: <20240802145423.3232974-3-cleger@rivosinc.com> Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
The same code is used twice to actually close all open file descriptors after forking. Factorize it in a single place. Signed-off-by: Clément Léger <cleger@rivosinc.com> Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org> Reviewed-by: Richard Henderson <richard.henderson@linaro.org> Message-ID: <20240802145423.3232974-4-cleger@rivosinc.com> Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
In order for this function to be usable by tap.c code, add a list of file descriptors that should not be closed. Signed-off-by: Clément Léger <cleger@rivosinc.com> Message-ID: <20240802145423.3232974-5-cleger@rivosinc.com> [rth: Use max_fd in qemu_close_all_open_fd_close_range] Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Instead of using a slow implementation to close all open fd after forking, use qemu_close_all_open_fd(). Signed-off-by: Clément Léger <cleger@rivosinc.com> Reviewed-by: Richard Henderson <richard.henderson@linaro.org> Message-ID: <20240802145423.3232974-6-cleger@rivosinc.com> Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
…o staging linux-user/elfload: Fix pr_pid values in core files util: Add qemu_close_all_open_fd net/tap: Use qemu_close_all_open_fd # -----BEGIN PGP SIGNATURE----- # # iQFRBAABCgA7FiEEekgeeIaLTbaoWgXAZN846K9+IV8FAmawHSsdHHJpY2hhcmQu # aGVuZGVyc29uQGxpbmFyby5vcmcACgkQZN846K9+IV8mhQgAlNjO1eeeQmgJvKpk # BwXx7NnXi9d8UZCA5EASK9SQVJC3eYIlMayX9byPmZZ6XJaOBRzgIzm612HkKLYn # yIqmLb0UhUTT+VKW7Kob/wGslB/PJWSKQ3dvZFaaLMfB6L3BtpwUAFFU5hwkODU/ # TS4qici1W+eW7hInNSH5dgA68UGPcfDBEo4ITW91DbTSZRNz9RP4b2Ak+Wgv30Ux # 2yEVsP6rBqBSxglbafcywWbYs5sX3EvSUJo4mVm8Ku4zriAf87Y9Da3irpZ4WYgi # 02f+/GGAv9kiGbf9jPrQTD0O8tmp4Z6JMWxEOfMsCj+KCT2fHSSqcBHTU3RN0guB # uaxx6w== # =U5cs # -----END PGP SIGNATURE----- # gpg: Signature made Mon 05 Aug 2024 10:30:35 AM AEST # gpg: using RSA key 7A481E78868B4DB6A85A05C064DF38E8AF7E215F # gpg: issuer "richard.henderson@linaro.org" # gpg: Good signature from "Richard Henderson <richard.henderson@linaro.org>" [ultimate] * tag 'pull-misc-20240805' of https://gitlab.com/rth7680/qemu: net/tap: Use qemu_close_all_open_fd() qemu/osdep: Add excluded fd parameter to qemu_close_all_open_fd() net/tap: Factorize fd closing after forking qemu/osdep: Split qemu_close_all_open_fd() and add fallback qemu/osdep: Move close_all_open_fds() to oslib-posix linux-user/elfload: Fix pr_pid values in core files Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Sweep the entire documentation again. Last done in commit 209e64d (qapi: Refill doc comments to conform to current conventions). To check the generated documentation does not change, I compared the generated HTML before and after this commit with "wdiff -3". Finds no differences. Comparing with diff is not useful, as the reflown paragraphs are visible there. Signed-off-by: Markus Armbruster <armbru@redhat.com> Message-ID: <20240729065220.860163-1-armbru@redhat.com> [Straightforward conflict with commit 442110b resolved]
Fixes higher-half address parsing for QMP commands `[p]memsave`. Signed-off-by: Josh Junon <junon@oro.sh> Message-ID: <20240802140704.13591-1-junon@oro.sh> Reviewed-by: Markus Armbruster <armbru@redhat.com> [Subject tweaked, and one PRId64 updated to PRIu64] Signed-off-by: Markus Armbruster <armbru@redhat.com>
With normal SIB, index == 4 indicates no index. With VSIB, there is no exception for VR4/VR12. Resolves: https://gitlab.com/qemu-project/qemu/-/issues/2474 Signed-off-by: Richard Henderson <richard.henderson@linaro.org> Link: https://lore.kernel.org/r/20240805003130.1421051-3-richard.henderson@linaro.org Cc: qemu-stable@nongnu.org Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
…to staging QAPI patches patches for 2024-08-05 # -----BEGIN PGP SIGNATURE----- # # iQJGBAABCAAwFiEENUvIs9frKmtoZ05fOHC0AOuRhlMFAmawhYUSHGFybWJydUBy # ZWRoYXQuY29tAAoJEDhwtADrkYZT5j4P/i9dh0Y8sS5qJqvEZzKWFlIkXWjYpUFW # FThfHyz5J2MilabQUeTxF0yhM40pciGu9ULXqwhzKNAXoAZwfH4VhSkT1E01pwDE # 9RRCOvtRHM5YDExMUn+8vfsHfpTBcfqB6EAO6eteIQ+2dMsDv2wtsrWLx3uXMjHn # 5VfxdKPVmQndcnrQDEAm8WhUpS9qVyJz5SqXuZ2Ku14X+EWyUc5ZGFEawgN63iIG # fDqP5AwsHBPXUGtldlrbubrvBJVgNzAMwL/vizZR04L/30q6V/3ThyqaOyVuKibQ # r1B2hebow00+Ie2nZRz1awCapnpuefk1Ll6KMHI5MD4kfmZiXBDhPeh2RnnyCBaK # RudigAFff2kho7Z814JSJccGKBczkniXiDRb+rOeTBbE+wWEAfrlhf7YFlwqqQv7 # 4ZfeMdv3B5bIq8RUTRUbzlf/BTx3Lao9koa/c6x/x42Gwhwc2Z8F9nuQLPfxPMC/ # MbL8+dDGNF0NiZdLUbSVATLNC5zXxkAVy2D1O8GjZfQSmHK6SeyJGEyUjrEY6AxA # FiaJ4PduCAi+aieV7bpx0tkKVKs7hHkwbIDJcPw38GwAgXc0/tuLxAornTQ4il7y # MIUysqtEoFryFzt7Uf510vG7URzFhHpJNsMAXeHErK53Fw1+VDpXQ7ImK56Huzy2 # lH6IAh+582Sq # =D9S5 # -----END PGP SIGNATURE----- # gpg: Signature made Mon 05 Aug 2024 05:55:49 PM AEST # gpg: using RSA key 354BC8B3D7EB2A6B68674E5F3870B400EB918653 # gpg: issuer "armbru@redhat.com" # gpg: Good signature from "Markus Armbruster <armbru@redhat.com>" [full] # gpg: aka "Markus Armbruster <armbru@pond.sub.org>" [full] * tag 'pull-qapi-2024-08-05' of https://repo.or.cz/qemu/armbru: qmp: Fix higher half vaddrs for [p]memsave qapi: Refill doc comments to conform to conventions Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
* target/i386: SEV: fix incorrect property name
* target/i386: tcg: fix VSIB decode with XMM/YMM{4,12}
# -----BEGIN PGP SIGNATURE-----
#
# iQFIBAABCAAyFiEE8TM4V0tmI4mGbHaCv/vSX3jHroMFAmawwjoUHHBib256aW5p
# QHJlZGhhdC5jb20ACgkQv/vSX3jHroO+kgf/SIOaF14Ozw6w33zddDiuK969ouNR
# 00hC17p0acVl3KwmbXBJp2CXtc4TcZwLEg6y2KrActEVg2CaFFjGx9wJUnTGOL/D
# 3Nhp3ipsExv+rFQuQvV9k/BeAVG0G9YoTZtQJVQvLPL/LYJ76h2JlVamjr9rsuKy
# hsVeHX6Xl6ad6mtM1hSFBonJzfGK08rKQPTnALfB0raFLmSHWleg9Xzs0r1YiuO2
# SsGVr0NF369pZA2U0Y/tcw0RIRIikXfVYTX5+o9H6RzEqbqaOh3j9upLYSWym6LN
# cedTxjNFJdxZReR/VE1kAys3s2pE8k+yiQIBGzfwo4fN6hukJZGCtwrVmw==
# =2tkB
# -----END PGP SIGNATURE-----
# gpg: Signature made Mon 05 Aug 2024 10:14:50 PM AEST
# gpg: using RSA key F13338574B662389866C7682BFFBD25F78C7AE83
# gpg: issuer "pbonzini@redhat.com"
# gpg: Good signature from "Paolo Bonzini <bonzini@gnu.org>" [full]
# gpg: aka "Paolo Bonzini <pbonzini@redhat.com>" [full]
* tag 'for-upstream' of https://gitlab.com/bonzini/qemu:
target/i386: Fix VSIB decode
target/i386: SEV: fix mismatch in vcek-disabled property name
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Compressed encodings also applies to zama16b. riscv/riscv-isa-manual#1557 Suggested-by: Alistair Francis <alistair.francis@wdc.com> Signed-off-by: LIU Zhiwei <zhiwei_liu@linux.alibaba.com> Reviewed-by: Alistair Francis <alistair.francis@wdc.com> Reviewed-by: Richard Henderson <richard.henderson@linaro.org> Message-ID: <20240802072417.659-2-zhiwei_liu@linux.alibaba.com> Signed-off-by: Alistair Francis <alistair.francis@wdc.com>
Zama16b loads and stores of no more than MXLEN bits defined in the F, D, and Q extensions. Signed-off-by: LIU Zhiwei <zhiwei_liu@linux.alibaba.com> Reviewed-by: Alistair Francis <alistair.francis@wdc.com> Reviewed-by: Richard Henderson <richard.henderson@linaro.org> Message-ID: <20240802072417.659-3-zhiwei_liu@linux.alibaba.com> Signed-off-by: Alistair Francis <alistair.francis@wdc.com>
According to the risc-v specification: "FLD and FSD are only guaranteed to execute atomically if the effective address is naturally aligned and XLEN≥64." We currently implement fld as MO_ATOM_IFALIGN when XLEN < 64, which does not violate the rules. But it will hide some problems. So relax it to MO_ATOM_NONE. Signed-off-by: LIU Zhiwei <zhiwei_liu@linux.alibaba.com> Reviewed-by: Alistair Francis <alistair.francis@wdc.com> Reviewed-by: Richard Henderson <richard.henderson@linaro.org> Message-ID: <20240802072417.659-4-zhiwei_liu@linux.alibaba.com> Signed-off-by: Alistair Francis <alistair.francis@wdc.com>
Coverity complained about the possible out-of-bounds access with counter_virt/counter_virt_prev because these two arrays are accessed with privilege mode. However, these two arrays are accessed only when virt is enabled. Thus, the privilege mode can't be M mode. Add the asserts anyways to detect any wrong usage of these arrays in the future. Suggested-by: Peter Maydell <peter.maydell@linaro.org> Signed-off-by: Atish Patra <atishp@rivosinc.com> Fixes: Coverity CID 1558459 Fixes: Coverity CID 1558462 Reviewed-by: Alistair Francis <alistair.francis@wdc.com> Message-ID: <20240724-fixes-v1-1-4a64596b0d64@rivosinc.com> Signed-off-by: Alistair Francis <alistair.francis@wdc.com>
A new minor version of OpenSBI was just released after our bump to OpenSBI 1.5. It contains significant bug fixes that it's worth doing a new update for QEMU 9.1. Submodule roms/opensbi 455de672dd..43cace6c36: > lib: sbi: check result of pmp_get() in is_pmp_entry_mapped() > lib: sbi: fwft: fix incorrect size passed to sbi_zalloc() > lib: sbi: dbtr: fix potential NULL pointer dereferences > include: Adjust Sscofpmf mhpmevent mask for upper 8 bits > lib: sbi_hsm: Save/restore menvcfg only when it exists Signed-off-by: Daniel Henrique Barboza <dbarboza@ventanamicro.com> Message-ID: <20240805120259.1705016-2-dbarboza@ventanamicro.com> Reviewed-by: Alistair Francis <alistair.francis@wdc.com> Signed-off-by: Alistair Francis <alistair.francis@wdc.com>
…tair23/qemu into staging RISC-V PR for 9.1 * roms/opensbi: update to v1.5.1 * target/riscv: Add asserts for out-of-bound access * Remove redundant insn length check for zama16b # -----BEGIN PGP SIGNATURE----- # # iQIzBAABCAAdFiEEaukCtqfKh31tZZKWr3yVEwxTgBMFAmaxwTwACgkQr3yVEwxT # gBOpoQ/9EoGHvGZtd3Zio/51G+tiNok/H+LJGZxGOPl5xc12efhJk15nN/JwVCFp # zETriTjQ8UUlx+/xvpoQhQbfNm+MtCSl+xyNcPsjAgE6le8MTn38zjroGhUI0JEB # AuIp9FfwRx4z7nEpuzO8cYdl2Suw5Nh8gi/+0SSrX1vXLY44Ma7UZdM8BjvkGbZp # TWSqetj236bMoBqSHIk4OddVFbAPlnCQZRo6fwslsjzV6y12PVQw/FgVKKmN7J9k # qtBoGSuqwFgMnXgxvJXqFmOQYAipgLONRRBaQEj/sGf09UTR/MppMz8CKilAPAYy # 9+UT0/5t+GUUpmbBN2ijWJEgYC9Ev4USIzfGe03XJSWA8uDEyTpJbnbGKDKotfrC # /qmx2y4Lb4I/3AkJiKgHW32fNeTMURQvzs+ws8frwebWAmH8zwBVbj0EbbceH5M/ # SavAuDivbU4MLdSNKpp5yvB/pkREzCE7pwbjOr0skSLrCiT/S+t9tryt7p+iHxQl # 1xhMbOYFPcbxq7mJvLurtkzn8fl4o1j93tBcq1BcBvRE5O3Odn5VJpje29BYPDpk # AG82CEeUJ2N+ZVzcV/rYhJaz8WZ7ck+I/j9cK1UtMsp57zmm2awp+mMwyShpAmP3 # MPMHwROJrue9V3z4qdaimNfpaB0p9NCOl9A95J70A/59Q2vO32k= # =bjWM # -----END PGP SIGNATURE----- # gpg: Signature made Tue 06 Aug 2024 04:22:52 PM AEST # gpg: using RSA key 6AE902B6A7CA877D6D659296AF7C95130C538013 # gpg: Good signature from "Alistair Francis <alistair@alistair23.me>" [unknown] # gpg: WARNING: This key is not certified with a trusted signature! # gpg: There is no indication that the signature belongs to the owner. # Primary key fingerprint: 6AE9 02B6 A7CA 877D 6D65 9296 AF7C 9513 0C53 8013 * tag 'pull-riscv-to-apply-20240806-2' of https://github.com/alistair23/qemu: roms/opensbi: Update to v1.5.1 target/riscv: Add asserts for out-of-bound access target/riscv: Relax fld alignment requirement target/riscv: Add MXLEN check for F/D/Q applies to zama16b target/riscv: Remove redundant insn length check for zama16b Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
We'll have to add LoongsonIPIClass in few commits, so rename LoongsonIPI as LoongsonIPIState for clarity. Signed-off-by: Bibo Mao <maobibo@loongson.cn> [PMD: Extracted from bigger commit, added commit description] Co-Developed-by: Philippe Mathieu-Daudé <philmd@linaro.org> Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org> Reviewed-by: Bibo Mao <maobibo@loongson.cn> Tested-by: Bibo Mao <maobibo@loongson.cn> Acked-by: Song Gao <gaosong@loongson.cn> Reviewed-by: Richard Henderson <richard.henderson@linaro.org> Reviewed-by: Jiaxun Yang <jiaxun.yang@flygoat.com> Tested-by: Jiaxun Yang <jiaxun.yang@flygoat.com> Message-Id: <20240805180622.21001-2-philmd@linaro.org>
In preparation to extract common IPI code in few commits, extract loongson_ipi_common_realize(). Signed-off-by: Bibo Mao <maobibo@loongson.cn> [PMD: Extracted from bigger commit, added commit description] Co-Developed-by: Philippe Mathieu-Daudé <philmd@linaro.org> Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org> Reviewed-by: Bibo Mao <maobibo@loongson.cn> Tested-by: Bibo Mao <maobibo@loongson.cn> Acked-by: Song Gao <gaosong@loongson.cn> Reviewed-by: Richard Henderson <richard.henderson@linaro.org> Reviewed-by: Jiaxun Yang <jiaxun.yang@flygoat.com> Tested-by: Jiaxun Yang <jiaxun.yang@flygoat.com> Message-Id: <20240805180622.21001-3-philmd@linaro.org>
Introduce LOONGSON_IPI_COMMON stubs, QDev parent of LOONGSON_IPI. Signed-off-by: Bibo Mao <maobibo@loongson.cn> [PMD: Extracted from bigger commit, added commit description] Co-Developed-by: Philippe Mathieu-Daudé <philmd@linaro.org> Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org> Reviewed-by: Bibo Mao <maobibo@loongson.cn> Tested-by: Bibo Mao <maobibo@loongson.cn> Acked-by: Song Gao <gaosong@loongson.cn> Reviewed-by: Richard Henderson <richard.henderson@linaro.org> Reviewed-by: Jiaxun Yang <jiaxun.yang@flygoat.com> Tested-by: Jiaxun Yang <jiaxun.yang@flygoat.com> Message-Id: <20240805180622.21001-4-philmd@linaro.org>
Signed-off-by: Bibo Mao <maobibo@loongson.cn> [PMD: Extracted from bigger commit, added commit description] Co-Developed-by: Philippe Mathieu-Daudé <philmd@linaro.org> Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org> Reviewed-by: Bibo Mao <maobibo@loongson.cn> Tested-by: Bibo Mao <maobibo@loongson.cn> Acked-by: Song Gao <gaosong@loongson.cn> Reviewed-by: Richard Henderson <richard.henderson@linaro.org> Reviewed-by: Jiaxun Yang <jiaxun.yang@flygoat.com> Tested-by: Jiaxun Yang <jiaxun.yang@flygoat.com> Message-Id: <20240805180622.21001-5-philmd@linaro.org>
It is easier to manage one array of MMIO MR rather than one per vCPU. Signed-off-by: Bibo Mao <maobibo@loongson.cn> [PMD: Extracted from bigger commit, added commit description] Co-Developed-by: Philippe Mathieu-Daudé <philmd@linaro.org> Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org> Reviewed-by: Bibo Mao <maobibo@loongson.cn> Tested-by: Bibo Mao <maobibo@loongson.cn> Acked-by: Song Gao <gaosong@loongson.cn> Reviewed-by: Richard Henderson <richard.henderson@linaro.org> Reviewed-by: Jiaxun Yang <jiaxun.yang@flygoat.com> Tested-by: Jiaxun Yang <jiaxun.yang@flygoat.com> Message-Id: <20240805180622.21001-6-philmd@linaro.org>
Move the IPICore structure and corresponding common fields of LoongsonIPICommonState to "hw/intc/loongson_ipi_common.h". Signed-off-by: Bibo Mao <maobibo@loongson.cn> [PMD: Extracted from bigger commit, added commit description] Co-Developed-by: Philippe Mathieu-Daudé <philmd@linaro.org> Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org> Reviewed-by: Bibo Mao <maobibo@loongson.cn> Tested-by: Bibo Mao <maobibo@loongson.cn> Acked-by: Song Gao <gaosong@loongson.cn> Reviewed-by: Richard Henderson <richard.henderson@linaro.org> Reviewed-by: Jiaxun Yang <jiaxun.yang@flygoat.com> Tested-by: Jiaxun Yang <jiaxun.yang@flygoat.com> Message-Id: <20240805180622.21001-7-philmd@linaro.org>
Allow overlapping request by removing the assert that made it
impossible. There are only two callers:
1. block_copy_task_create()
It already asserts the very same condition before calling
reqlist_init_req().
2. cbw_snapshot_read_lock()
There is no need to have read requests be non-overlapping in
copy-before-write when used for snapshot-access. In fact, there was no
protection against two callers of cbw_snapshot_read_lock() calling
reqlist_init_req() with overlapping ranges and this could lead to an
assertion failure [1].
In particular, with the reproducer script below [0], two
cbw_co_snapshot_block_status() callers could race, with the second
calling reqlist_init_req() before the first one finishes and removes
its conflicting request.
[0]:
> #!/bin/bash -e
> dd if=/dev/urandom of=/tmp/disk.raw bs=1M count=1024
> ./qemu-img create /tmp/fleecing.raw -f raw 1G
> (
> ./qemu-system-x86_64 --qmp stdio \
> --blockdev raw,node-name=node0,file.driver=file,file.filename=/tmp/disk.raw \
> --blockdev raw,node-name=node1,file.driver=file,file.filename=/tmp/fleecing.raw \
> <<EOF
> {"execute": "qmp_capabilities"}
> {"execute": "blockdev-add", "arguments": { "driver": "copy-before-write", "file": "node0", "target": "node1", "node-name": "node3" } }
> {"execute": "blockdev-add", "arguments": { "driver": "snapshot-access", "file": "node3", "node-name": "snap0" } }
> {"execute": "nbd-server-start", "arguments": {"addr": { "type": "unix", "data": { "path": "/tmp/nbd.socket" } } } }
> {"execute": "block-export-add", "arguments": {"id": "exp0", "node-name": "snap0", "type": "nbd", "name": "exp0"}}
> EOF
> ) &
> sleep 5
> while true; do
> ./qemu-nbd -d /dev/nbd0
> ./qemu-nbd -c /dev/nbd0 nbd:unix:/tmp/nbd.socket:exportname=exp0 -f raw -r
> nbdinfo --map 'nbd+unix:///exp0?socket=/tmp/nbd.socket'
> done
[1]:
> #5 0x000071e5f0088eb2 in __GI___assert_fail (...) at ./assert/assert.c:101
> #6 0x0000615285438017 in reqlist_init_req (...) at ../block/reqlist.c:23
> #7 0x00006152853e2d98 in cbw_snapshot_read_lock (...) at ../block/copy-before-write.c:237
> #8 0x00006152853e3068 in cbw_co_snapshot_block_status (...) at ../block/copy-before-write.c:304
> #9 0x00006152853f4d22 in bdrv_co_snapshot_block_status (...) at ../block/io.c:3726
> #10 0x000061528543a63e in snapshot_access_co_block_status (...) at ../block/snapshot-access.c:48
> #11 0x00006152853f1a0a in bdrv_co_do_block_status (...) at ../block/io.c:2474
> #12 0x00006152853f2016 in bdrv_co_common_block_status_above (...) at ../block/io.c:2652
> #13 0x00006152853f22cf in bdrv_co_block_status_above (...) at ../block/io.c:2732
> #14 0x00006152853d9a86 in blk_co_block_status_above (...) at ../block/block-backend.c:1473
> #15 0x000061528538da6c in blockstatus_to_extents (...) at ../nbd/server.c:2374
> #16 0x000061528538deb1 in nbd_co_send_block_status (...) at ../nbd/server.c:2481
> #17 0x000061528538f424 in nbd_handle_request (...) at ../nbd/server.c:2978
> #18 0x000061528538f906 in nbd_trip (...) at ../nbd/server.c:3121
> #19 0x00006152855a7caf in coroutine_trampoline (...) at ../util/coroutine-ucontext.c:175
Cc: qemu-stable@nongnu.org
Suggested-by: Vladimir Sementsov-Ogievskiy <vsementsov@yandex-team.ru>
Signed-off-by: Fiona Ebner <f.ebner@proxmox.com>
Message-Id: <20240712140716.517911-1-f.ebner@proxmox.com>
Reviewed-by: Vladimir Sementsov-Ogievskiy <vsementsov@yandex-team.ru>
Signed-off-by: Vladimir Sementsov-Ogievskiy <vsementsov@yandex-team.ru>
(cherry picked from commit 6475155)
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
target_ulong is typedef'ed as a 32-bit integer when building the qemu-system-arm target, and this is smaller than the size of an intermediate physical address when LPAE is being used. Given that Linux may place leaf level user page tables in high memory when built for LPAE, the kernel will crash with an external abort as soon as it enters user space when running with more than ~3 GiB of system RAM. So replace target_ulong with vaddr in places where it may carry an address value that is not representable in 32 bits. Fixes: f3639a6 ("target/arm: Use softmmu tlbs for page table walking") Cc: qemu-stable@nongnu.org Reported-by: Arnd Bergmann <arnd@arndb.de> Tested-by: Arnd Bergmann <arnd@arndb.de> Reviewed-by: Richard Henderson <richard.henderson@linaro.org> Signed-off-by: Ard Biesheuvel <ardb@kernel.org> Message-id: 20240927071051.1444768-1-ardb+git@google.com Signed-off-by: Peter Maydell <peter.maydell@linaro.org> (cherry picked from commit 67d762e) Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
The enable bits in the EXT_CSD_PART_CONFIG ext_csd register do *not* specify whether the boot partitions exist, but whether they are enabled for booting. Existence of the boot partitions is specified by a EXT_CSD_BOOT_MULT != 0. Currently, in the case of boot-partition-size=1M and boot-config=0, Linux detects boot partitions of 1M. But as sd_bootpart_offset always returns 0, all reads/writes are mapped to the same offset in the backing file. Fix this bug by calculating the offset independent of which partition is enabled for booting. This bug is unlikely to affect many users with QEMU's current set of boards, because only aspeed sets boot-partition-size, and it also sets boot-config to 8. So to run into this a user would have to manually mark the boot partition non-booting from within the guest. Cc: qemu-stable@nongnu.org Signed-off-by: Jan Luebbe <jlu@pengutronix.de> Message-id: 20240906164834.130257-1-jlu@pengutronix.de Reviewed-by: Peter Maydell <peter.maydell@linaro.org> [PMM: added note to commit message about effects of bug] Signed-off-by: Peter Maydell <peter.maydell@linaro.org> (cherry picked from commit 9601076) Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
The mips64el cross setup is very broken for bullseye which has now entered LTS support so is unlikely to be fixed. While we still can't build the container with all packages for bookworm due to a single missing dependency that will hopefully get fixed in due course. For the sake of keeping the CI green we disable the problematic packages via the lcitool's mappings.yml file. See also: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1081535 Signed-off-by: Alex Bennée <alex.bennee@linaro.org> [thuth: Disable the problematic packages via lcitool's mappings.yml] Message-ID: <20241002080333.127172-1-thuth@redhat.com> Reviewed-by: Daniel P. Berrangé <berrange@redhat.com> Signed-off-by: Thomas Huth <thuth@redhat.com> (cherry picked from commit c60473d) Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
Since commit e99441a ("ui/curses: Do not use console_select()") qemu_text_console_put_keysym() no longer checks for NULL console argument, which leads to a later crash: Thread 1 "qemu-system-x86" received signal SIGSEGV, Segmentation fault. 0x00005555559ee186 in qemu_text_console_handle_keysym (s=0x0, keysym=31) at ../ui/console-vc.c:332 332 } else if (s->echo && (keysym == '\r' || keysym == '\n')) { (gdb) bt #0 0x00005555559ee186 in qemu_text_console_handle_keysym (s=0x0, keysym=31) at ../ui/console-vc.c:332 #1 0x00005555559e18e5 in qemu_text_console_put_keysym (s=<optimized out>, keysym=<optimized out>) at ../ui/console.c:303 #2 0x00005555559f2e88 in do_key_event (vs=vs@entry=0x5555579045c0, down=down@entry=1, keycode=keycode@entry=60, sym=sym@entry=65471) at ../ui/vnc.c:2034 #3 0x00005555559f845c in ext_key_event (vs=0x5555579045c0, down=1, sym=65471, keycode=<optimized out>) at ../ui/vnc.c:2070 #4 protocol_client_msg (vs=0x5555579045c0, data=<optimized out>, len=<optimized out>) at ../ui/vnc.c:2514 #5 0x00005555559f515c in vnc_client_read (vs=0x5555579045c0) at ../ui/vnc.c:1607 Fixes: e99441a ("ui/curses: Do not use console_select()") Fixes: https://issues.redhat.com/browse/RHEL-50529 Cc: qemu-stable@nongnu.org Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com> Reviewed-by: Akihiko Odaki <akihiko.odaki@daynix.com> Reviewed-by: Michael Tokarev <mjt@tls.msk.ru> Signed-off-by: Michael Tokarev <mjt@tls.msk.ru> (cherry picked from commit 0e60fc8) Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
load_flt_binary() calls load_flat_file() -> page_set_flags(). page_set_flags() must be called with the mmap_lock held, otherwise it aborts: $ qemu-arm -L stm32/lib/ stm32/bin/busybox qemu-arm: ../accel/tcg/user-exec.c:505: page_set_flags: Assertion `have_mmap_lock()' failed. Aborted (core dumped) Fix by taking the lock in load_flt_binary(). Fixes: fbd3c4c ("linux-user/arm: Mark the commpage executable") Resolves: https://gitlab.com/qemu-project/qemu/-/issues/2525 Suggested-by: Richard Henderson <richard.henderson@linaro.org> Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org> Reviewed-by: Richard Henderson <richard.henderson@linaro.org> Message-ID: <20240822095045.72643-3-philmd@linaro.org> Signed-off-by: Richard Henderson <richard.henderson@linaro.org> (cherry picked from commit a9ee641) Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
Comparing a string of 4 bytes only works in little-endian. Adjust bulk bswap to only apply to the note payload. Perform swapping of the note header manually; the magic is defined so that it does not need a runtime swap. Fixes: 83f990e ("linux-user/elfload: Parse NT_GNU_PROPERTY_TYPE_0 notes") Resolves: https://gitlab.com/qemu-project/qemu/-/issues/2596 Signed-off-by: Richard Henderson <richard.henderson@linaro.org> Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org> Reviewed-by: Michael Tokarev <mjt@tls.msk.ru> (cherry picked from commit 2884596) Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
In the fallback when STDBRX is not available, avoid clobbering TCG_REG_TMP1, which might be h.base, which is still in use. Use TCG_REG_TMP2 instead. Cc: qemu-stable@nongnu.org Fixes: 01a112e ("tcg/ppc: Reorg tcg_out_tlb_read") Signed-off-by: Richard Henderson <richard.henderson@linaro.org> Tested-By: Michael Tokarev <mjt@tls.msk.ru> (cherry picked from commit 4cabcb8) Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
In tcg_out_qemu_ldst_i128, we need a non-zero index register, which we then use as a base register in several address modes. Since we always have TCG_REG_TMP2 available, use that. Cc: qemu-stable@nongnu.org Fixes: 526cd4e ("tcg/ppc: Support 128-bit load/store") Resolves: https://gitlab.com/qemu-project/qemu/-/issues/2597 Signed-off-by: Richard Henderson <richard.henderson@linaro.org> Tested-By: Michael Tokarev <mjt@tls.msk.ru> (cherry picked from commit 3213da7) Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
Returning a raw areg does not preserve the value if the areg is subsequently modified. Fixes, e.g. "jsr (sp)", where the return address is pushed before the branch. Resolves: https://gitlab.com/qemu-project/qemu/-/issues/2483 Signed-off-by: Richard Henderson <richard.henderson@linaro.org> Message-Id: <20240813000737.228470-1-richard.henderson@linaro.org> Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org> (cherry picked from commit 352cc9f) Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
s/mbmi1/mbmi/ When configuring with -Dx86_version >= 3, meson step works, but compilation fails because option -mbmi1 is unknown. Signed-off-by: Pierrick Bouvier <pierrick.bouvier@linaro.org> Reviewed-by: Alex Bennée <alex.bennee@linaro.org> Tested-by: Alex Bennée <alex.bennee@linaro.org> Link: https://lore.kernel.org/r/20241004223715.1275428-1-pierrick.bouvier@linaro.org Cc: qemu-stable@nongnu.org Fixes: ef7d1ad ("meson: allow configuring the x86-64 baseline", 2024-06-28) Revieved-by: Michael Tokarev <mjt@tls.msk.ru> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com> (cherry picked from commit 461a925) Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
Create a separate variable for compiler flags that enable specific instruction set extensions, so that they can be used with cc.compiles/cc.links. Note that -mfpmath=sse is a code generation option but it does not enable new instructions, therefore I did not make it part of qemu_isa_flags. Suggested-by: Pierrick Bouvier <pierrick.bouvier@linaro.org> Reviewed-by: Michael Tokarev <mjt@tls.msk.ru> Reviewed-by: Alex Bennée <alex.bennee@linaro.org> Tested-by: Alex Bennée <alex.bennee@linaro.org> Cc: qemu-stable@nongnu.org Signed-off-by: Paolo Bonzini <pbonzini@redhat.com> (cherry picked from commit 6ae8c53) Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
Moving -mcx16 out of CPU_CFLAGS caused the detection of ATOMIC128 to fail, because flags have to be specified by hand in cc.compiles and cc.links invocations (why oh why??). Ensure that these tests enable all the instruction set extensions that will be used to build the emulators. Fixes: c2bf2cc ("configure: move -mcx16 flag out of CPU_CFLAGS", 2024-05-24) Reported-by: Alex Bennée <alex.bennee@linaro.org> Reviewed-by: Michael Tokarev <mjt@tls.msk.ru> Reviewed-by: Alex Bennée <alex.bennee@linaro.org> Tested-by: Alex Bennée <alex.bennee@linaro.org> Cc: qemu-stable@nongnu.org Signed-off-by: Paolo Bonzini <pbonzini@redhat.com> (cherry picked from commit 8db4e0f) Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
The result of 1 << regbit with regbit==31 has a 1 in the 32nd bit. When cast to uint64_t (for further bitwise OR), the 32 most significant bits will be filled with 1s. However, the documentation states that the upper 32 bits of ICH_AP[0/1]R<n>_EL2 are reserved. Add an explicit cast to match the documentation. Found by Linux Verification Center (linuxtesting.org) with SVACE. Cc: qemu-stable@nongnu.org Fixes: d2c0c6a ("hw/intc/arm_gicv3: Handle icv_nmiar1_read() for icc_nmiar1_read()") Signed-off-by: Alexandra Diupina <adiupina@astralinux.ru> Reviewed-by: Peter Maydell <peter.maydell@linaro.org> Signed-off-by: Peter Maydell <peter.maydell@linaro.org> (cherry picked from commit e0c0ea6) Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
The result of 1 << regbit with regbit==31 has a 1 in the 32nd bit. When cast to uint64_t (for further bitwise OR), the 32 most significant bits will be filled with 1s. However, the documentation states that the upper 32 bits of ICC_AP[0/1]R<n>_EL2 are reserved. Add an explicit cast to match the documentation. Found by Linux Verification Center (linuxtesting.org) with SVACE. Cc: qemu-stable@nongnu.org Fixes: 28cca59 ("hw/intc/arm_gicv3: Add NMI handling CPU interface registers") Signed-off-by: Alexandra Diupina <adiupina@astralinux.ru> Reviewed-by: Peter Maydell <peter.maydell@linaro.org> Signed-off-by: Peter Maydell <peter.maydell@linaro.org> (cherry picked from commit 12dc8f6) Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
The result of 1 << regbit with regbit==31 has a 1 in the 32nd bit. When cast to uint64_t (for further bitwise OR), the 32 most significant bits will be filled with 1s. However, the documentation states that the upper 32 bits of ICH_AP[0/1]R<n>_EL2 are reserved. Add an explicit cast to match the documentation. Found by Linux Verification Center (linuxtesting.org) with SVACE. Cc: qemu-stable@nongnu.org Fixes: c3f21b0 ("hw/intc/arm_gicv3_cpuif: Support vLPIs") Signed-off-by: Alexandra Diupina <adiupina@astralinux.ru> Reviewed-by: Peter Maydell <peter.maydell@linaro.org> Signed-off-by: Peter Maydell <peter.maydell@linaro.org> (cherry picked from commit 3db74af) Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
In commit b88cfee we defined masks for the IBRD and FBRD integer and fractional baud rate divider registers, to prevent the guest from writing invalid values which could cause division-by-zero. Unfortunately we got the mask values the wrong way around: the FBRD register is six bits and the IBRD register is 16 bits, not vice-versa. You would only run into this bug if you programmed the UART to a baud rate of less than 9600, because for 9600 baud and above the IBRD value will fit into 6 bits, as per the table in https://developer.arm.com/documentation/ddi0183/g/programmers-model/register-descriptions/fractional-baud-rate-register--uartfbrd The only visible effects would be that the value read back from the register by the guest would be truncated, and we would print an incorrect baud rate in the debug logs. Cc: qemu-stable@nongnu.org Fixes: b88cfee ("hw/char/pl011: Avoid division-by-zero in pl011_get_baudrate()") Resolves: https://gitlab.com/qemu-project/qemu/-/issues/2610 Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Reviewed-by: Alex Bennée <alex.bennee@linaro.org> Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org> Reviewed-by: Gavin Shan <gshan@redhat.com> Message-id: 20241007144732.2491331-1-peter.maydell@linaro.org (cherry picked from commit cd247ea) Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
Fixes: 280c1e1 ("audio/hda: create millisecond timers that handle IO") Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com> Reviewed-by: Akihiko Odaki <akihiko.odaki@daynix.com> Message-ID: <20241008125028.1177932-2-marcandre.lureau@redhat.com> (cherry picked from commit f27206c) Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
When SET_STREAM_FORMAT is called, we should clear the existing setup.
Factor out common function to close a stream.
Direct leak of 144 byte(s) in 3 object(s) allocated from:
#0 0x7f91d38f7350 in calloc (/lib64/libasan.so.8+0xf7350) (BuildId: a4ad7eb954b390cf00f07fa10952988a41d9fc7a)
#1 0x7f91d2ab7871 in g_malloc0 (/lib64/libglib-2.0.so.0+0x64871) (BuildId: 36b60dbd02e796145a982d0151ce37202ec05649)
#2 0x562fa2f447ee in timer_new_full /home/elmarco/src/qemu/include/qemu/timer.h:538
#3 0x562fa2f4486f in timer_new /home/elmarco/src/qemu/include/qemu/timer.h:559
#4 0x562fa2f448a9 in timer_new_ns /home/elmarco/src/qemu/include/qemu/timer.h:577
#5 0x562fa2f47955 in hda_audio_setup ../hw/audio/hda-codec.c:490
#6 0x562fa2f4897e in hda_audio_command ../hw/audio/hda-codec.c:605
Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Reviewed-by: Akihiko Odaki <akihiko.odaki@daynix.com>
Message-ID: <20241008125028.1177932-3-marcandre.lureau@redhat.com>
(cherry picked from commit 6d6e233)
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
A filter function that wants to drop a message should return NULL, in which case it must also unref the message itself. Fixes: fa88b85 ("ui/dbus: filter out pending messages when scanout") Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com> Reviewed-by: Akihiko Odaki <akihiko.odaki@daynix.com> Message-ID: <20241008125028.1177932-4-marcandre.lureau@redhat.com> (cherry picked from commit 244d52f) Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
DisplaySurface may be free before the pixman image is freed, since the image is refcounted and used by different objects, including pending dbus messages. Furthermore, setting the destroy function in create_displaysurface_from() isn't appropriate, as it may not be used, and may be overriden as in ramfb. Set the destroy function when the shared handle is set, use the HANDLE directly for destroy data, using a single common helper qemu_pixman_win32_image_destroy(). Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com> Reviewed-by: Akihiko Odaki <akihiko.odaki@daynix.com> Message-ID: <20241008125028.1177932-5-marcandre.lureau@redhat.com> (cherry picked from commit 330ef31) Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
Filtering pending messages when a new scanout is given shouldn't discard pending cursor changes, for example. Since filtering happens in a different thread, use atomic set/get. Fixes: fa88b85 ("ui/dbus: filter out pending messages when scanout") Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com> Reviewed-by: Akihiko Odaki <akihiko.odaki@daynix.com> Message-ID: <20241008125028.1177932-6-marcandre.lureau@redhat.com> (cherry picked from commit cf59889) Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
v9.1.1 release
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
No description provided.