From 87ebac5b5cfb97ddb7ac2af097703758fb0751c4 Mon Sep 17 00:00:00 2001 From: Jiabo Feng Date: Fri, 21 Feb 2025 14:46:05 +0800 Subject: [PATCH] =?UTF-8?q?QEMU=20update=20to=20version=206.2.0-106?= =?UTF-8?q?=EF=BC=9A=20-=20hw/nvme:=20Remove=20redundant=20dma=5Fblk=5Fwri?= =?UTF-8?q?te=20-=20tests/avocado/machine=5Fs390=5Fccw=5Fvirtio:=20Adapt?= =?UTF-8?q?=20test=20to=20new=20default=20resolution=20-=20edid:=20set=20d?= =?UTF-8?q?efault=20resolution=20to=201280x800=20(WXGA)=20-=20iotests/308:?= =?UTF-8?q?=20Fix=20for=20CAP=5FDAC=5FOVERRIDE=20-=20hvf:=20remove=20unuse?= =?UTF-8?q?d=20but=20set=20variable=20-=20vvfat:=20Fix=20vvfat=5Fwrite()?= =?UTF-8?q?=20for=20writes=20before=20the=20root=20directory=20-=20hw/misc?= =?UTF-8?q?/nrf51=5Frng:=20Don't=20use=20BIT=5FMASK()=20when=20we=20mean?= =?UTF-8?q?=20BIT()=20-=20hw/pci:=20Remove=20unused=20pci=5Firq=5Fpulse()?= =?UTF-8?q?=20method=20-=20ui/gtk:=20fix=20leaks=20found=20wtih=20fuzzing?= =?UTF-8?q?=20-=20target/i386:=20fix=20size=20of=20EBP=20writeback=20in=20?= =?UTF-8?q?gen=5Fenter()=20-=20tests/qtest/fuzz:=20fix=20memleak=20in=20qo?= =?UTF-8?q?s=5Ffuzz.c=20-=20hw/core/loader:=20gunzip():=20fix=20memory=20l?= =?UTF-8?q?eak=20on=20error=20path=20-=20migration:=20fix=20a=20typo=20-?= =?UTF-8?q?=20scsi:=20fetch=20unit=20attention=20when=20creating=20the=20r?= =?UTF-8?q?equest=20-=20raw-format:=20Fix=20error=20message=20for=20invali?= =?UTF-8?q?d=20offset/size=20-=20tcg:=20Reset=20data=5Fgen=5Fptr=20correct?= =?UTF-8?q?ly=20-=20Fix=20calculation=20of=20minimum=20in=20colo=5Fcompare?= =?UTF-8?q?=5Ftcp=20-=20hw/intc:=20Don't=20clear=20pending=20bits=20on=20I?= =?UTF-8?q?RQ=20lowering=20-=20target/arm:=20Drop=20user-only=20special=20?= =?UTF-8?q?case=20in=20sve=5FstN=5Fr=20-=20usb-hub:=20Fix=20handling=20por?= =?UTF-8?q?t=20power=20control=20messages=20-=20target/ppc:=20Set=20ctx->o?= =?UTF-8?q?pcode=20for=20decode=5Finsn32()=20-=20linux-user:=20Add=20prope?= =?UTF-8?q?r=20strace=20format=20strings=20for=20getdents()/getdents64()?= =?UTF-8?q?=20-=20linux-user:=20Fix=20TARGET=5FPROT=5FSEM=20for=20XTENSA?= =?UTF-8?q?=20-=20linux-user/hppa:=20Set=20TASK=5FUNMAPPED=5FBASE=20to=200?= =?UTF-8?q?xfa000000=20for=20hppa=20arch=20-=20linux-user/hppa:=20Dump=20I?= =?UTF-8?q?IR=20on=20register=20dump=20-=20tests:=20Fix=20typo=20in=20chec?= =?UTF-8?q?k-help=20output=20-=20qdev-core.h:=20Fix=20wrongly=20named=20re?= =?UTF-8?q?ference=20to=20TYPE=5FSPLIT=5FIRQ=20-=20hw/scsi/megasas:=20Simp?= =?UTF-8?q?lify=20using=20the=20ldst=20API=20-=20gqa-win:=20get=5Fpci=5Fin?= =?UTF-8?q?fo:=20Clean=20dev=5Finfo=20if=20handle=20is=20valid=20-=20targe?= =?UTF-8?q?t/ppc:=20Fix=207448=20support=20-=20vvfat:=20Fix=20size=20of=20?= =?UTF-8?q?temporary=20qcow=20file=20-=20docs:=20Correct=20'vhost-user-blk?= =?UTF-8?q?'=20spelling=20-=20jackaudio:=20use=20ifdefs=20to=20hide=20unav?= =?UTF-8?q?ailable=20functions=20-=20simplebench:=20Fix=20Python=20syntax?= =?UTF-8?q?=20error=20(reported=20by=20LGTM)=20-=20python:=20update=20type?= =?UTF-8?q?=20hints=20for=20mypy=200.930=20-=20Python/aqmp:=20fix=20type?= =?UTF-8?q?=20definitions=20for=20mypy=200.920=20-=20tcg:=20Allow=20top=20?= =?UTF-8?q?bit=20of=20SIMD=5FDATA=5FBITS=20to=20be=20set=20in=20simd=5Fdes?= =?UTF-8?q?c()=20-=20hw/ppc/e500:=20Prefer=20QOM=20cast=20-=20hw/ppc/e500:?= =?UTF-8?q?=20Remove=20unused=20"irqs"=20parameter=20-=20hw/ppc/e500:=20Ad?= =?UTF-8?q?d=20missing=20device=20tree=20properties=20to=20i2c=20controlle?= =?UTF-8?q?r=20node=20-=20linux-user:=20Show=20timespec=20on=20strace=20fo?= =?UTF-8?q?r=20futex()=20-=20linux-user:=20Add=20strace=20for=20clock=5Fna?= =?UTF-8?q?nosleep()=20-=20linux-user:=20Fix=20strace=20of=20chmod()=20if?= =?UTF-8?q?=20mode=20=3D=3D=200=20-=20linux-user:=20Log=20failing=20execut?= =?UTF-8?q?able=20in=20EXCP=5FDUMP()=20-=20linux-user:=20Add=20pidfd=5Fope?= =?UTF-8?q?n(),=20pidfd=5Fsend=5Fsignal()=20and=20pidfd=5Fgetfd()=20syscal?= =?UTF-8?q?ls?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Jiabo Feng --- ...ation-of-minimum-in-colo_compare_tcp.patch | 36 +++++ ...-fix-type-definitions-for-mypy-0.920.patch | 52 +++++++ docs-Correct-vhost-user-blk-spelling.patch | 35 +++++ ...-default-resolution-to-1280x800-WXGA.patch | 114 +++++++++++++++ ...info-Clean-dev_info-if-handle-is-val.patch | 45 ++++++ hvf-remove-unused-but-set-variable.patch | 57 ++++++++ ...gunzip-fix-memory-leak-on-error-path.patch | 31 ++++ ...t-clear-pending-bits-on-IRQ-lowering.patch | 39 +++++ ...g-Don-t-use-BIT_MASK-when-we-mean-BI.patch | 70 +++++++++ hw-nvme-Remove-redundant-dma_blk_write.patch | 29 ++++ ...i-Remove-unused-pci_irq_pulse-method.patch | 46 ++++++ ...missing-device-tree-properties-to-i2.patch | 44 ++++++ hw-ppc-e500-Prefer-QOM-cast.patch | 44 ++++++ ...pc-e500-Remove-unused-irqs-parameter.patch | 44 ++++++ ...-megasas-Simplify-using-the-ldst-API.patch | 59 ++++++++ iotests-308-Fix-for-CAP_DAC_OVERRIDE.patch | 81 +++++++++++ ...ifdefs-to-hide-unavailable-functions.patch | 67 +++++++++ ...idfd_open-pidfd_send_signal-and-pidf.patch | 135 ++++++++++++++++++ ...roper-strace-format-strings-for-getd.patch | 35 +++++ ...-user-Add-strace-for-clock_nanosleep.patch | 59 ++++++++ ...-user-Fix-TARGET_PROT_SEM-for-XTENSA.patch | 33 +++++ ...x-user-Fix-strace-of-chmod-if-mode-0.patch | 44 ++++++ ...-Log-failing-executable-in-EXCP_DUMP.patch | 42 ++++++ ...er-Show-timespec-on-strace-for-futex.patch | 44 ++++++ ...-user-hppa-Dump-IIR-on-register-dump.patch | 43 ++++++ ...Set-TASK_UNMAPPED_BASE-to-0xfa000000.patch | 39 +++++ migration-fix-a-typo.patch | 35 +++++ python-update-type-hints-for-mypy-0.930.patch | 51 +++++++ ...wrongly-named-reference-to-TYPE_SPLI.patch | 34 +++++ qemu.spec | 94 +++++++++++- ...rror-message-for-invalid-offset-size.patch | 49 +++++++ ...-attention-when-creating-the-request.patch | 124 ++++++++++++++++ ...Python-syntax-error-reported-by-LGTM.patch | 37 +++++ ...-user-only-special-case-in-sve_stN_r.patch | 43 ++++++ ...x-size-of-EBP-writeback-in-gen_enter.patch | 44 ++++++ target-ppc-Fix-7448-support.patch | 49 +++++++ ...ppc-Set-ctx-opcode-for-decode_insn32.patch | 56 ++++++++ ...t-of-SIMD_DATA_BITS-to-be-set-in-sim.patch | 69 +++++++++ tcg-Reset-data_gen_ptr-correctly.patch | 43 ++++++ tests-Fix-typo-in-check-help-output.patch | 36 +++++ ...chine_s390_ccw_virtio-Adapt-test-to-.patch | 42 ++++++ ...qtest-fuzz-fix-memleak-in-qos_fuzz.c.patch | 34 +++++ ui-gtk-fix-leaks-found-wtih-fuzzing.patch | 52 +++++++ ...handling-port-power-control-messages.patch | 38 +++++ vvfat-Fix-size-of-temporary-qcow-file.patch | 55 +++++++ ...write-for-writes-before-the-root-dir.patch | 99 +++++++++++++ 46 files changed, 2450 insertions(+), 1 deletion(-) create mode 100644 Fix-calculation-of-minimum-in-colo_compare_tcp.patch create mode 100644 Python-aqmp-fix-type-definitions-for-mypy-0.920.patch create mode 100644 docs-Correct-vhost-user-blk-spelling.patch create mode 100644 edid-set-default-resolution-to-1280x800-WXGA.patch create mode 100644 gqa-win-get_pci_info-Clean-dev_info-if-handle-is-val.patch create mode 100644 hvf-remove-unused-but-set-variable.patch create mode 100644 hw-core-loader-gunzip-fix-memory-leak-on-error-path.patch create mode 100644 hw-intc-Don-t-clear-pending-bits-on-IRQ-lowering.patch create mode 100644 hw-misc-nrf51_rng-Don-t-use-BIT_MASK-when-we-mean-BI.patch create mode 100644 hw-nvme-Remove-redundant-dma_blk_write.patch create mode 100644 hw-pci-Remove-unused-pci_irq_pulse-method.patch create mode 100644 hw-ppc-e500-Add-missing-device-tree-properties-to-i2.patch create mode 100644 hw-ppc-e500-Prefer-QOM-cast.patch create mode 100644 hw-ppc-e500-Remove-unused-irqs-parameter.patch create mode 100644 hw-scsi-megasas-Simplify-using-the-ldst-API.patch create mode 100644 iotests-308-Fix-for-CAP_DAC_OVERRIDE.patch create mode 100644 jackaudio-use-ifdefs-to-hide-unavailable-functions.patch create mode 100644 linux-user-Add-pidfd_open-pidfd_send_signal-and-pidf.patch create mode 100644 linux-user-Add-proper-strace-format-strings-for-getd.patch create mode 100644 linux-user-Add-strace-for-clock_nanosleep.patch create mode 100644 linux-user-Fix-TARGET_PROT_SEM-for-XTENSA.patch create mode 100644 linux-user-Fix-strace-of-chmod-if-mode-0.patch create mode 100644 linux-user-Log-failing-executable-in-EXCP_DUMP.patch create mode 100644 linux-user-Show-timespec-on-strace-for-futex.patch create mode 100644 linux-user-hppa-Dump-IIR-on-register-dump.patch create mode 100644 linux-user-hppa-Set-TASK_UNMAPPED_BASE-to-0xfa000000.patch create mode 100644 migration-fix-a-typo.patch create mode 100644 python-update-type-hints-for-mypy-0.930.patch create mode 100644 qdev-core.h-Fix-wrongly-named-reference-to-TYPE_SPLI.patch create mode 100644 raw-format-Fix-error-message-for-invalid-offset-size.patch create mode 100644 scsi-fetch-unit-attention-when-creating-the-request.patch create mode 100644 simplebench-Fix-Python-syntax-error-reported-by-LGTM.patch create mode 100644 target-arm-Drop-user-only-special-case-in-sve_stN_r.patch create mode 100644 target-i386-fix-size-of-EBP-writeback-in-gen_enter.patch create mode 100644 target-ppc-Fix-7448-support.patch create mode 100644 target-ppc-Set-ctx-opcode-for-decode_insn32.patch create mode 100644 tcg-Allow-top-bit-of-SIMD_DATA_BITS-to-be-set-in-sim.patch create mode 100644 tcg-Reset-data_gen_ptr-correctly.patch create mode 100644 tests-Fix-typo-in-check-help-output.patch create mode 100644 tests-avocado-machine_s390_ccw_virtio-Adapt-test-to-.patch create mode 100644 tests-qtest-fuzz-fix-memleak-in-qos_fuzz.c.patch create mode 100644 ui-gtk-fix-leaks-found-wtih-fuzzing.patch create mode 100644 usb-hub-Fix-handling-port-power-control-messages.patch create mode 100644 vvfat-Fix-size-of-temporary-qcow-file.patch create mode 100644 vvfat-Fix-vvfat_write-for-writes-before-the-root-dir.patch diff --git a/Fix-calculation-of-minimum-in-colo_compare_tcp.patch b/Fix-calculation-of-minimum-in-colo_compare_tcp.patch new file mode 100644 index 00000000..6991e1ab --- /dev/null +++ b/Fix-calculation-of-minimum-in-colo_compare_tcp.patch @@ -0,0 +1,36 @@ +From 9a0cd347854db393076683b6321c85359d530490 Mon Sep 17 00:00:00 2001 +From: Stefan Weil +Date: Mon, 9 Sep 2024 22:42:54 +0200 +Subject: [PATCH] Fix calculation of minimum in colo_compare_tcp + +GitHub's CodeQL reports a critical error which is fixed by using the MIN macro: + + Unsigned difference expression compared to zero + +Signed-off-by: Stefan Weil +Cc: qemu-stable@nongnu.org +Reviewed-by: Zhang Chen +Signed-off-by: Jason Wang +(cherry picked from commit e29bc931e1699a98959680f6776b48673825762b) +Signed-off-by: zhujun2 +--- + net/colo-compare.c | 3 +-- + 1 file changed, 1 insertion(+), 2 deletions(-) + +diff --git a/net/colo-compare.c b/net/colo-compare.c +index b966e7e514..e845c63f2e 100644 +--- a/net/colo-compare.c ++++ b/net/colo-compare.c +@@ -414,8 +414,7 @@ static void colo_compare_tcp(CompareState *s, Connection *conn) + * can ensure that the packet's payload is acknowledged by + * primary and secondary. + */ +- uint32_t min_ack = conn->pack - conn->sack > 0 ? +- conn->sack : conn->pack; ++ uint32_t min_ack = MIN(conn->pack, conn->sack); + + pri: + if (g_queue_is_empty(&conn->primary_list)) { +-- +2.41.0.windows.1 + diff --git a/Python-aqmp-fix-type-definitions-for-mypy-0.920.patch b/Python-aqmp-fix-type-definitions-for-mypy-0.920.patch new file mode 100644 index 00000000..4b31ebe4 --- /dev/null +++ b/Python-aqmp-fix-type-definitions-for-mypy-0.920.patch @@ -0,0 +1,52 @@ +From 5416865eeac72a5dabf91b6c1a70ff7d09e214cf Mon Sep 17 00:00:00 2001 +From: Luo Yifan +Date: Wed, 20 Nov 2024 10:38:43 +0800 +Subject: [PATCH] Python/aqmp: fix type definitions for mypy 0.920 + +cherry picked from commit 42d73f2894ea1855df5a25d58e0d9eac6023dcc3 + +0.920 (Released 2021-12-15) is not entirely happy with the +way that I was defining _FutureT: + +qemu/aqmp/protocol.py:601: error: Item "object" of the upper bound +"Optional[Future[Any]]" of type variable "_FutureT" has no attribute +"done" + +Update it with something a little mechanically simpler that works better +across a wider array of mypy versions. + +Signed-off-by: John Snow +Message-id: 20220110191349.1841027-3-jsnow@redhat.com +Signed-off-by: John Snow +Signed-off-by: Luo Yifan +--- + python/qemu/aqmp/protocol.py | 5 +++-- + 1 file changed, 3 insertions(+), 2 deletions(-) + +diff --git a/python/qemu/aqmp/protocol.py b/python/qemu/aqmp/protocol.py +index 5190b33b13..c4fbe35a0e 100644 +--- a/python/qemu/aqmp/protocol.py ++++ b/python/qemu/aqmp/protocol.py +@@ -43,8 +43,8 @@ + + + T = TypeVar('T') ++_U = TypeVar('_U') + _TaskFN = Callable[[], Awaitable[None]] # aka ``async def func() -> None`` +-_FutureT = TypeVar('_FutureT', bound=Optional['asyncio.Future[Any]']) + + + class Runstate(Enum): +@@ -591,7 +591,8 @@ def _cleanup(self) -> None: + """ + Fully reset this object to a clean state and return to `IDLE`. + """ +- def _paranoid_task_erase(task: _FutureT) -> Optional[_FutureT]: ++ def _paranoid_task_erase(task: Optional['asyncio.Future[_U]'] ++ ) -> Optional['asyncio.Future[_U]']: + # Help to erase a task, ENSURING it is fully quiesced first. + assert (task is None) or task.done() + return None if (task and task.done()) else task +-- +2.41.0.windows.1 + diff --git a/docs-Correct-vhost-user-blk-spelling.patch b/docs-Correct-vhost-user-blk-spelling.patch new file mode 100644 index 00000000..8b95d88d --- /dev/null +++ b/docs-Correct-vhost-user-blk-spelling.patch @@ -0,0 +1,35 @@ +From c8c0afc9d6487894498d23d31cc7bbb4f86c0e3d Mon Sep 17 00:00:00 2001 +From: Luo Yifan +Date: Wed, 20 Nov 2024 11:22:38 +0800 +Subject: [PATCH] docs: Correct 'vhost-user-blk' spelling +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +cherry picked from commit 9bd11f9638cbc08dcab6777f0a27f597cb44c22a + +Reported-by: Eric Blake +Signed-off-by: Philippe Mathieu-Daudé +Message-Id: <20220107105420.395011-2-f4bug@amsat.org> +Signed-off-by: Kevin Wolf +Signed-off-by: Luo Yifan +--- + docs/tools/qemu-storage-daemon.rst | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/docs/tools/qemu-storage-daemon.rst b/docs/tools/qemu-storage-daemon.rst +index 3e5a9dc032..9b0eaba6e5 100644 +--- a/docs/tools/qemu-storage-daemon.rst ++++ b/docs/tools/qemu-storage-daemon.rst +@@ -201,7 +201,7 @@ Export raw image file ``disk.img`` over NBD UNIX domain socket ``nbd.sock``:: + --nbd-server addr.type=unix,addr.path=nbd.sock \ + --export type=nbd,id=export,node-name=disk,writable=on + +-Export a qcow2 image file ``disk.qcow2`` as a vhosts-user-blk device over UNIX ++Export a qcow2 image file ``disk.qcow2`` as a vhost-user-blk device over UNIX + domain socket ``vhost-user-blk.sock``:: + + $ qemu-storage-daemon \ +-- +2.41.0.windows.1 + diff --git a/edid-set-default-resolution-to-1280x800-WXGA.patch b/edid-set-default-resolution-to-1280x800-WXGA.patch new file mode 100644 index 00000000..d7497515 --- /dev/null +++ b/edid-set-default-resolution-to-1280x800-WXGA.patch @@ -0,0 +1,114 @@ +From 33d5ea75f73c19ed9058fa700eb65a405c7c7bcc Mon Sep 17 00:00:00 2001 +From: Luo Yifan +Date: Wed, 20 Nov 2024 11:13:22 +0800 +Subject: [PATCH] edid: set default resolution to 1280x800 (WXGA) +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +cherry picked from commit de72c4b7cdf6ec18bfe9fe714aa96e48db6fd895 + +Currently QEMU defaults to a resolution of 1024x768 when exposing EDID +info to the guest OS. The EDID default info is important as this will +influence what resolution many guest OS will configure the screen with +on boot. It can also potentially influence what resolution the firmware +will configure the screen with, though until very recently EDK2 would +not handle EDID info. + +One important thing to bear in mind is that the default graphics card +driver provided by Windows will leave the display set to whatever +resolution was enabled by the firmware on boot. Even if sufficient +VRAM is available, the resolution can't be changed without installing +new drivers. IOW, the default resolution choice is quite important +for usability of Windows. + +Modern real world monitor hardware for desktop/laptop has supported +resolutions higher than 1024x768 for a long time now, perhaps as long +as 15+ years. There are quite a wide variety of native resolutions in +use today, however, and in wide screen form factors the height may not +be all that tall. + +None the less, it is considered that there is scope for making the +QEMU default resolution slightly larger. + +In considering what possible new default could be suitable, choices +considered were 1280x720 (720p), 1280x800 (WXGA) and 1280x1024 (SXGA). + +In many ways, vertical space is the most important, and so 720p was +discarded due to loosing vertical space, despite being 25% wider. + +The SXGA resolution would be good, but when taking into account +window titlebars/toolbars and window manager desktop UI, this might +be a little too tall for some users to fit the guest on their physical +montior. + +This patch thus suggests a modest change to 1280x800 (WXGA). This +only consumes 1 MB per colour channel, allowing double buffered +framebuffer in 8 MB of VRAM. Width wise this is 25% larger than +QEMU's current default, but height wise this only adds 5%, so the +difference isn't massive on the QEMU side. + +Overall there doesn't appear to be a compelling reason to stick +with 1024x768 resolution. + +Signed-off-by: Daniel P. Berrangé +Reviewed-by: Gerd Hoffmann +Message-Id: <20211129140508.1745130-1-berrange@redhat.com> +Signed-off-by: Gerd Hoffmann +Signed-off-by: Luo Yifan +--- + hw/display/edid-generate.c | 4 ++-- + include/hw/virtio/virtio-gpu.h | 4 ++-- + qemu-edid.c | 4 ++-- + 3 files changed, 6 insertions(+), 6 deletions(-) + +diff --git a/hw/display/edid-generate.c b/hw/display/edid-generate.c +index f2b874d5e3..6f5ac6a38a 100644 +--- a/hw/display/edid-generate.c ++++ b/hw/display/edid-generate.c +@@ -401,10 +401,10 @@ void qemu_edid_generate(uint8_t *edid, size_t size, + info->name = "QEMU Monitor"; + } + if (!info->prefx) { +- info->prefx = 1024; ++ info->prefx = 1280; + } + if (!info->prefy) { +- info->prefy = 768; ++ info->prefy = 800; + } + if (info->prefx >= 4096 || info->prefy >= 4096) { + large_screen = 1; +diff --git a/include/hw/virtio/virtio-gpu.h b/include/hw/virtio/virtio-gpu.h +index acfba7c76c..2179b75703 100644 +--- a/include/hw/virtio/virtio-gpu.h ++++ b/include/hw/virtio/virtio-gpu.h +@@ -147,8 +147,8 @@ struct VirtIOGPUBaseClass { + DEFINE_PROP_UINT32("max_outputs", _state, _conf.max_outputs, 1), \ + DEFINE_PROP_BIT("edid", _state, _conf.flags, \ + VIRTIO_GPU_FLAG_EDID_ENABLED, true), \ +- DEFINE_PROP_UINT32("xres", _state, _conf.xres, 1024), \ +- DEFINE_PROP_UINT32("yres", _state, _conf.yres, 768) ++ DEFINE_PROP_UINT32("xres", _state, _conf.xres, 1280), \ ++ DEFINE_PROP_UINT32("yres", _state, _conf.yres, 800) + + typedef struct VGPUDMABuf { + QemuDmaBuf buf; +diff --git a/qemu-edid.c b/qemu-edid.c +index c3a9fba10d..20c958d9c7 100644 +--- a/qemu-edid.c ++++ b/qemu-edid.c +@@ -10,8 +10,8 @@ + #include "hw/display/edid.h" + + static qemu_edid_info info = { +- .prefx = 1024, +- .prefy = 768, ++ .prefx = 1280, ++ .prefy = 800, + }; + + static void usage(FILE *out) +-- +2.41.0.windows.1 + diff --git a/gqa-win-get_pci_info-Clean-dev_info-if-handle-is-val.patch b/gqa-win-get_pci_info-Clean-dev_info-if-handle-is-val.patch new file mode 100644 index 00000000..57ab216d --- /dev/null +++ b/gqa-win-get_pci_info-Clean-dev_info-if-handle-is-val.patch @@ -0,0 +1,45 @@ +From ab41162b50f176cd926104ee16c766c2186326a1 Mon Sep 17 00:00:00 2001 +From: Luo Yifan +Date: Wed, 20 Nov 2024 13:33:40 +0800 +Subject: [PATCH] gqa-win: get_pci_info: Clean dev_info if handle is valid +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +cherry picked from commit d0b896a7495b71313c43aff4329714ade56799d4 + +Signed-off-by: Kostiantyn Kostiuk +Reviewed-by: Marc-André Lureau +Signed-off-by: Kostiantyn Kostiuk +Signed-off-by: Luo Yifan +--- + qga/commands-win32.c | 6 ++++-- + 1 file changed, 4 insertions(+), 2 deletions(-) + +diff --git a/qga/commands-win32.c b/qga/commands-win32.c +index 30e50f1769..d2ca36564d 100644 +--- a/qga/commands-win32.c ++++ b/qga/commands-win32.c +@@ -514,7 +514,7 @@ DEFINE_GUID(GUID_DEVINTERFACE_STORAGEPORT, + + static GuestPCIAddress *get_pci_info(int number, Error **errp) + { +- HDEVINFO dev_info; ++ HDEVINFO dev_info = INVALID_HANDLE_VALUE; + SP_DEVINFO_DATA dev_info_data; + SP_DEVICE_INTERFACE_DATA dev_iface_data; + HANDLE dev_file; +@@ -749,7 +749,9 @@ static GuestPCIAddress *get_pci_info(int number, Error **errp) + } + + free_dev_info: +- SetupDiDestroyDeviceInfoList(dev_info); ++ if (dev_info != INVALID_HANDLE_VALUE) { ++ SetupDiDestroyDeviceInfoList(dev_info); ++ } + out: + return pci; + } +-- +2.41.0.windows.1 + diff --git a/hvf-remove-unused-but-set-variable.patch b/hvf-remove-unused-but-set-variable.patch new file mode 100644 index 00000000..816ee847 --- /dev/null +++ b/hvf-remove-unused-but-set-variable.patch @@ -0,0 +1,57 @@ +From d348ad3421f973298f909c3e01c1052690f7594a Mon Sep 17 00:00:00 2001 +From: Zhang Jiao +Date: Thu, 12 Dec 2024 11:46:07 +0800 +Subject: [PATCH] hvf: remove unused but set variable + +cheery-pick from 19d542cc0bce0b3641e80444374f9ffd8294a15b + +fixes associated warning when building on MacOS. + +Signed-off-by: Pierrick Bouvier +Link: https://lore.kernel.org/r/20241023182922.1040964-1-pierrick.bouvier@linaro.org +Signed-off-by: Paolo Bonzini +Signed-off-by: Zhang Jiao +--- + target/i386/hvf/x86_task.c | 10 +++++----- + 1 file changed, 5 insertions(+), 5 deletions(-) + +diff --git a/target/i386/hvf/x86_task.c b/target/i386/hvf/x86_task.c +index 422156128b..1550002341 100644 +--- a/target/i386/hvf/x86_task.c ++++ b/target/i386/hvf/x86_task.c +@@ -123,7 +123,6 @@ void vmx_handle_task_switch(CPUState *cpu, x68_segment_selector tss_sel, int rea + load_regs(cpu); + + struct x86_segment_descriptor curr_tss_desc, next_tss_desc; +- int ret; + x68_segment_selector old_tss_sel = vmx_read_segment_selector(cpu, R_TR); + uint64_t old_tss_base = vmx_read_segment_base(cpu, R_TR); + uint32_t desc_limit; +@@ -139,7 +138,7 @@ void vmx_handle_task_switch(CPUState *cpu, x68_segment_selector tss_sel, int rea + if (reason == TSR_IDT_GATE && gate_valid) { + int dpl; + +- ret = x86_read_call_gate(cpu, &task_gate_desc, gate); ++ x86_read_call_gate(cpu, &task_gate_desc, gate); + + dpl = task_gate_desc.dpl; + x68_segment_selector cs = vmx_read_segment_selector(cpu, R_CS); +@@ -168,11 +167,12 @@ void vmx_handle_task_switch(CPUState *cpu, x68_segment_selector tss_sel, int rea + x86_write_segment_descriptor(cpu, &next_tss_desc, tss_sel); + } + +- if (next_tss_desc.type & 8) +- ret = task_switch_32(cpu, tss_sel, old_tss_sel, old_tss_base, &next_tss_desc); +- else ++ if (next_tss_desc.type & 8) { ++ task_switch_32(cpu, tss_sel, old_tss_sel, old_tss_base, &next_tss_desc); ++ } else { + //ret = task_switch_16(cpu, tss_sel, old_tss_sel, old_tss_base, &next_tss_desc); + VM_PANIC("task_switch_16"); ++ } + + macvm_set_cr0(cpu->hvf->fd, rvmcs(cpu->hvf->fd, VMCS_GUEST_CR0) | CR0_TS); + x86_segment_descriptor_to_vmx(cpu, tss_sel, &next_tss_desc, &vmx_seg); +-- +2.41.0.windows.1 + diff --git a/hw-core-loader-gunzip-fix-memory-leak-on-error-path.patch b/hw-core-loader-gunzip-fix-memory-leak-on-error-path.patch new file mode 100644 index 00000000..5586cfe4 --- /dev/null +++ b/hw-core-loader-gunzip-fix-memory-leak-on-error-path.patch @@ -0,0 +1,31 @@ +From 6d6fc5ae0c920e2ad9e01a3320f3529c7bad977f Mon Sep 17 00:00:00 2001 +From: jipengfei_yewu +Date: Mon, 9 Sep 2024 20:14:09 +0800 +Subject: [PATCH] hw/core/loader: gunzip(): fix memory leak on error path + +We should call inflateEnd() like on success path to cleanup state in s +variable. + +Signed-off-by:jipengfei_yewu +Signed-off-by: Vladimir Sementsov-Ogievskiy +Reviewed-by: Michael Tokarev +Signed-off-by: Michael Tokarev +--- + hw/core/loader.c | 1 + + 1 file changed, 1 insertion(+) + +diff --git a/hw/core/loader.c b/hw/core/loader.c +index 19edb928e9..8389860679 100644 +--- a/hw/core/loader.c ++++ b/hw/core/loader.c +@@ -605,6 +605,7 @@ ssize_t gunzip(void *dst, size_t dstlen, uint8_t *src, size_t srclen) + r = inflate(&s, Z_FINISH); + if (r != Z_OK && r != Z_STREAM_END) { + printf ("Error: inflate() returned %d\n", r); ++ inflateEnd(&s); + return -1; + } + dstbytes = s.next_out - (unsigned char *) dst; +-- +2.41.0.windows.1 + diff --git a/hw-intc-Don-t-clear-pending-bits-on-IRQ-lowering.patch b/hw-intc-Don-t-clear-pending-bits-on-IRQ-lowering.patch new file mode 100644 index 00000000..8d6e1540 --- /dev/null +++ b/hw-intc-Don-t-clear-pending-bits-on-IRQ-lowering.patch @@ -0,0 +1,39 @@ +From e4f8d0f097636b443a8d93593f6524b4669a5de7 Mon Sep 17 00:00:00 2001 +From: Sergey Makarov +Date: Wed, 18 Sep 2024 17:02:29 +0300 +Subject: [PATCH] hw/intc: Don't clear pending bits on IRQ lowering + +According to PLIC specification (chapter 5), there +is only one case, when interrupt is claimed. Fix +PLIC controller to match this behavior. + +Signed-off-by: Sergey Makarov +Reviewed-by: Alistair Francis +Message-ID: <20240918140229.124329-3-s.makarov@syntacore.com> +Signed-off-by: Alistair Francis +(cherry picked from commit a84be2baa9eca8bc500f866ad943b8f63dc99adf) +Signed-off-by: zhujun2 +--- + hw/intc/sifive_plic.c | 6 ++++-- + 1 file changed, 4 insertions(+), 2 deletions(-) + +diff --git a/hw/intc/sifive_plic.c b/hw/intc/sifive_plic.c +index 877e76877c..cbbe6372f9 100644 +--- a/hw/intc/sifive_plic.c ++++ b/hw/intc/sifive_plic.c +@@ -414,8 +414,10 @@ static void sifive_plic_irq_request(void *opaque, int irq, int level) + { + SiFivePLICState *s = opaque; + +- sifive_plic_set_pending(s, irq, level > 0); +- sifive_plic_update(s); ++ if (level > 0) { ++ sifive_plic_set_pending(s, irq, true); ++ sifive_plic_update(s); ++ } + } + + static void sifive_plic_realize(DeviceState *dev, Error **errp) +-- +2.41.0.windows.1 + diff --git a/hw-misc-nrf51_rng-Don-t-use-BIT_MASK-when-we-mean-BI.patch b/hw-misc-nrf51_rng-Don-t-use-BIT_MASK-when-we-mean-BI.patch new file mode 100644 index 00000000..8f34f7e9 --- /dev/null +++ b/hw-misc-nrf51_rng-Don-t-use-BIT_MASK-when-we-mean-BI.patch @@ -0,0 +1,70 @@ +From a95246497e6162574d5c874b2d4504f828afbb85 Mon Sep 17 00:00:00 2001 +From: Zhang Jiao +Date: Thu, 12 Dec 2024 12:20:12 +0800 +Subject: [PATCH] hw/misc/nrf51_rng: Don't use BIT_MASK() when we mean BIT() +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +cheery-pick from a29a9776407e68c5560687e07828925bda710150 + +The BIT_MASK() macro from bitops.h provides the mask of a bit +within a particular word of a multi-word bit array; it is intended +to be used with its counterpart BIT_WORD() that gives the index +of the word in the array. + +In nrf51_rng we are using it for cases where we have a bit number +that we know is the index of a bit within a single word (in fact, it +happens that all the bit numbers we pass to it are zero). This +happens to give the right answer, but the macro that actually +does the job we want here is BIT(). + +Use BIT() instead of BIT_MASK(). + +Signed-off-by: Peter Maydell +Reviewed-by: Philippe Mathieu-Daudé +Message-ID: <20241108135644.4007151-1-peter.maydell@linaro.org> +Signed-off-by: Philippe Mathieu-Daudé +Signed-off-by: Zhang Jiao +--- + hw/misc/nrf51_rng.c | 10 +++++----- + 1 file changed, 5 insertions(+), 5 deletions(-) + +diff --git a/hw/misc/nrf51_rng.c b/hw/misc/nrf51_rng.c +index fc86e1b697..e911b3a3a3 100644 +--- a/hw/misc/nrf51_rng.c ++++ b/hw/misc/nrf51_rng.c +@@ -107,25 +107,25 @@ static void rng_write(void *opaque, hwaddr offset, + break; + case NRF51_RNG_REG_SHORTS: + s->shortcut_stop_on_valrdy = +- (value & BIT_MASK(NRF51_RNG_REG_SHORTS_VALRDY_STOP)) ? 1 : 0; ++ (value & BIT(NRF51_RNG_REG_SHORTS_VALRDY_STOP)) ? 1 : 0; + break; + case NRF51_RNG_REG_INTEN: + s->interrupt_enabled = +- (value & BIT_MASK(NRF51_RNG_REG_INTEN_VALRDY)) ? 1 : 0; ++ (value & BIT(NRF51_RNG_REG_INTEN_VALRDY)) ? 1 : 0; + break; + case NRF51_RNG_REG_INTENSET: +- if (value & BIT_MASK(NRF51_RNG_REG_INTEN_VALRDY)) { ++ if (value & BIT(NRF51_RNG_REG_INTEN_VALRDY)) { + s->interrupt_enabled = 1; + } + break; + case NRF51_RNG_REG_INTENCLR: +- if (value & BIT_MASK(NRF51_RNG_REG_INTEN_VALRDY)) { ++ if (value & BIT(NRF51_RNG_REG_INTEN_VALRDY)) { + s->interrupt_enabled = 0; + } + break; + case NRF51_RNG_REG_CONFIG: + s->filter_enabled = +- (value & BIT_MASK(NRF51_RNG_REG_CONFIG_DECEN)) ? 1 : 0; ++ (value & BIT(NRF51_RNG_REG_CONFIG_DECEN)) ? 1 : 0; + break; + + default: +-- +2.41.0.windows.1 + diff --git a/hw-nvme-Remove-redundant-dma_blk_write.patch b/hw-nvme-Remove-redundant-dma_blk_write.patch new file mode 100644 index 00000000..92eb85ae --- /dev/null +++ b/hw-nvme-Remove-redundant-dma_blk_write.patch @@ -0,0 +1,29 @@ +From a800af5f8a944fb46c2c6ffc7c4a9054f7395b9b Mon Sep 17 00:00:00 2001 +From: raywang +Date: Sun, 5 Jan 2025 14:04:39 +0800 +Subject: [PATCH] hw/nvme: Remove redundant dma_blk_write + +Commit f0ac211 changes alignment in dma functions for nvme, but it +did not delete the original dma_blk_write when picking the code. + +Signed-off-by: raywang +--- + hw/nvme/ctrl.c | 2 -- + 1 file changed, 2 deletions(-) + +diff --git a/hw/nvme/ctrl.c b/hw/nvme/ctrl.c +index 7c9f97bdb3..f1c7641158 100644 +--- a/hw/nvme/ctrl.c ++++ b/hw/nvme/ctrl.c +@@ -1282,8 +1282,6 @@ static inline void nvme_blk_write(BlockBackend *blk, int64_t offset, + assert(req->sg.flags & NVME_SG_ALLOC); + + if (req->sg.flags & NVME_SG_DMA) { +- req->aiocb = dma_blk_write(blk, &req->sg.qsg, offset, BDRV_SECTOR_SIZE, +- cb, req); + req->aiocb = dma_blk_write(blk, &req->sg.qsg, offset, align, cb, req); + } else { + req->aiocb = blk_aio_pwritev(blk, offset, &req->sg.iov, 0, cb, req); +-- +2.41.0.windows.1 + diff --git a/hw-pci-Remove-unused-pci_irq_pulse-method.patch b/hw-pci-Remove-unused-pci_irq_pulse-method.patch new file mode 100644 index 00000000..aa41735e --- /dev/null +++ b/hw-pci-Remove-unused-pci_irq_pulse-method.patch @@ -0,0 +1,46 @@ +From 66832f5e5c0c805544c23433a1e9ab30aaa01633 Mon Sep 17 00:00:00 2001 +From: Zhang Jiao +Date: Thu, 12 Dec 2024 10:37:36 +0800 +Subject: [PATCH] hw/pci: Remove unused pci_irq_pulse() method +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +cheery-pick from ef45f46f382a5e2c41c39c71fd3364cff4f41bf5 + +Last use of pci_irq_pulse() was removed 7 years ago in commit +5e9aa92eb1 ("hw/block: Fix pin-based interrupt behaviour of NVMe"). + +Signed-off-by: Philippe Mathieu-Daudé philmd@linaro.org +Reviewed-by: Thomas Huth thuth@redhat.com +Message-ID: 20241122103418.539-1-philmd@linaro.org +Signed-off-by: Thomas Huth thuth@redhat.com +Signed-off-by: Zhang Jiao zhangjiao2_yewu@cmss.chinamobile.com +--- + include/hw/pci/pci.h | 10 ---------- + 1 file changed, 10 deletions(-) + +diff --git a/include/hw/pci/pci.h b/include/hw/pci/pci.h +index a0cf893bfd..3811724d31 100644 +--- a/include/hw/pci/pci.h ++++ b/include/hw/pci/pci.h +@@ -753,16 +753,6 @@ static inline void pci_irq_deassert(PCIDevice *pci_dev) + pci_set_irq(pci_dev, 0); + } + +-/* +- * FIXME: PCI does not work this way. +- * All the callers to this method should be fixed. +- */ +-static inline void pci_irq_pulse(PCIDevice *pci_dev) +-{ +- pci_irq_assert(pci_dev); +- pci_irq_deassert(pci_dev); +-} +- + static inline int pci_is_express(const PCIDevice *d) + { + return d->cap_present & QEMU_PCI_CAP_EXPRESS; +-- +2.41.0.windows.1 + diff --git a/hw-ppc-e500-Add-missing-device-tree-properties-to-i2.patch b/hw-ppc-e500-Add-missing-device-tree-properties-to-i2.patch new file mode 100644 index 00000000..93047802 --- /dev/null +++ b/hw-ppc-e500-Add-missing-device-tree-properties-to-i2.patch @@ -0,0 +1,44 @@ +From 47ad414a1cc4f7923bd9405027078b990753b9cb Mon Sep 17 00:00:00 2001 +From: Zhang Jiao +Date: Thu, 14 Nov 2024 14:31:31 +0800 +Subject: [PATCH] hw/ppc/e500: Add missing device tree properties to i2c + controller node +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +cheery-pick from b5d65592d931d07d4f4bcb915d018ec9598058b4 + +When compiling a decompiled device tree blob created with dumpdtb, dtc complains +with: + + /soc@e0000000/i2c@3000: incorrect #address-cells for I2C bus + /soc@e0000000/i2c@3000: incorrect #size-cells for I2C bus + +Fix this by adding the missing device tree properties. + +Reviewed-by: Cédric Le Goater +Signed-off-by: Bernhard Beschow +Message-ID: <20241103133412.73536-6-shentey@gmail.com> +Signed-off-by: Philippe Mathieu-Daudé +Signed-off-by: Zhang Jiao +--- + hw/ppc/e500.c | 2 ++ + 1 file changed, 2 insertions(+) + +diff --git a/hw/ppc/e500.c b/hw/ppc/e500.c +index 960e7efcd3..b8ead49834 100644 +--- a/hw/ppc/e500.c ++++ b/hw/ppc/e500.c +@@ -197,6 +197,8 @@ static void dt_i2c_create(void *fdt, const char *soc, const char *mpic, + qemu_fdt_setprop_cells(fdt, i2c, "cell-index", 0); + qemu_fdt_setprop_cells(fdt, i2c, "interrupts", irq0, 0x2); + qemu_fdt_setprop_phandle(fdt, i2c, "interrupt-parent", mpic); ++ qemu_fdt_setprop_cell(fdt, i2c, "#size-cells", 0); ++ qemu_fdt_setprop_cell(fdt, i2c, "#address-cells", 1); + qemu_fdt_setprop_string(fdt, "/aliases", alias, i2c); + + g_free(i2c); +-- +2.41.0.windows.1 + diff --git a/hw-ppc-e500-Prefer-QOM-cast.patch b/hw-ppc-e500-Prefer-QOM-cast.patch new file mode 100644 index 00000000..95bf2be3 --- /dev/null +++ b/hw-ppc-e500-Prefer-QOM-cast.patch @@ -0,0 +1,44 @@ +From f03f9300aa68d662d3261058cb6db5ae8b420d15 Mon Sep 17 00:00:00 2001 +From: Zhang Jiao +Date: Thu, 14 Nov 2024 15:19:41 +0800 +Subject: [PATCH] hw/ppc/e500: Prefer QOM cast +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +cheery-pick from c620b4ee92ed3664a3d98e0fbb0b651e19fba5b6 + +Reviewed-by: BALATON Zoltan +Signed-off-by: Bernhard Beschow +Message-ID: <20241103133412.73536-4-shentey@gmail.com> +Signed-off-by: Philippe Mathieu-Daudé +Signed-off-by: Zhang Jiao +--- + hw/ppc/e500.c | 4 ++-- + 1 file changed, 2 insertions(+), 2 deletions(-) + +diff --git a/hw/ppc/e500.c b/hw/ppc/e500.c +index 960e7efcd3..7aaf9d3e13 100644 +--- a/hw/ppc/e500.c ++++ b/hw/ppc/e500.c +@@ -949,7 +949,7 @@ void ppce500_init(MachineState *machine) + sysbus_connect_irq(s, 0, qdev_get_gpio_in(mpicdev, MPC8544_I2C_IRQ)); + memory_region_add_subregion(ccsr_addr_space, MPC8544_I2C_REGS_OFFSET, + sysbus_mmio_get_region(s, 0)); +- i2c = (I2CBus *)qdev_get_child_bus(dev, "i2c"); ++ i2c = I2C_BUS(qdev_get_child_bus(dev, "i2c")); + i2c_slave_create_simple(i2c, "ds1338", RTC_REGS_OFFSET); + + +@@ -974,7 +974,7 @@ void ppce500_init(MachineState *machine) + memory_region_add_subregion(ccsr_addr_space, MPC8544_PCI_REGS_OFFSET, + sysbus_mmio_get_region(s, 0)); + +- pci_bus = (PCIBus *)qdev_get_child_bus(dev, "pci.0"); ++ pci_bus = PCI_BUS(qdev_get_child_bus(dev, "pci.0")); + if (!pci_bus) + printf("couldn't create PCI controller!\n"); + +-- +2.41.0.windows.1 + diff --git a/hw-ppc-e500-Remove-unused-irqs-parameter.patch b/hw-ppc-e500-Remove-unused-irqs-parameter.patch new file mode 100644 index 00000000..72f09c07 --- /dev/null +++ b/hw-ppc-e500-Remove-unused-irqs-parameter.patch @@ -0,0 +1,44 @@ +From 9442f8c1638bf45ff266040ab3913667792ca35b Mon Sep 17 00:00:00 2001 +From: Zhang Jiao +Date: Thu, 14 Nov 2024 14:48:03 +0800 +Subject: [PATCH] hw/ppc/e500: Remove unused "irqs" parameter +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +cheery-pick from 2a309354ac5decf78763c9de999bfb42c8612069 + +Reviewed-by: BALATON Zoltan balaton@eik.bme.hu +Signed-off-by: Bernhard Beschow shentey@gmail.com +Message-ID: 20241103133412.73536-5-shentey@gmail.com +Signed-off-by: Philippe Mathieu-Daudé philmd@linaro.org +Signed-off-by: Zhang Jiao +--- + hw/ppc/e500.c | 4 ++-- + 1 file changed, 2 insertions(+), 2 deletions(-) + +diff --git a/hw/ppc/e500.c b/hw/ppc/e500.c +index 960e7efcd3..853a5a4efb 100644 +--- a/hw/ppc/e500.c ++++ b/hw/ppc/e500.c +@@ -762,7 +762,7 @@ static DeviceState *ppce500_init_mpic_qemu(PPCE500MachineState *pms, + } + + static DeviceState *ppce500_init_mpic_kvm(const PPCE500MachineClass *pmc, +- IrqLines *irqs, Error **errp) ++ Error **errp) + { + DeviceState *dev; + CPUState *cs; +@@ -798,7 +798,7 @@ static DeviceState *ppce500_init_mpic(PPCE500MachineState *pms, + Error *err = NULL; + + if (kvm_kernel_irqchip_allowed()) { +- dev = ppce500_init_mpic_kvm(pmc, irqs, &err); ++ dev = ppce500_init_mpic_kvm(pmc, &err); + } + if (kvm_kernel_irqchip_required() && !dev) { + error_reportf_err(err, +-- +2.41.0.windows.1 + diff --git a/hw-scsi-megasas-Simplify-using-the-ldst-API.patch b/hw-scsi-megasas-Simplify-using-the-ldst-API.patch new file mode 100644 index 00000000..95252694 --- /dev/null +++ b/hw-scsi-megasas-Simplify-using-the-ldst-API.patch @@ -0,0 +1,59 @@ +From 84bd6e7a41773a4cc1ae7cfe73ea5910415cd022 Mon Sep 17 00:00:00 2001 +From: Luo Yifan +Date: Wed, 20 Nov 2024 13:35:23 +0800 +Subject: [PATCH] hw/scsi/megasas: Simplify using the ldst API +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +cherry picked from commit 2a0c51366985890e3bf6f41a48f3cb2dfe2f153e + +This code is easier to review using the load/store API. + +Reviewed-by: Richard Henderson +Signed-off-by: Philippe Mathieu-Daudé +Message-Id: <20211218111912.1499377-1-philmd@redhat.com> +Signed-off-by: Laurent Vivier +Signed-off-by: Luo Yifan +--- + hw/scsi/megasas.c | 17 +++-------------- + 1 file changed, 3 insertions(+), 14 deletions(-) + +diff --git a/hw/scsi/megasas.c b/hw/scsi/megasas.c +index dc9bbdb740..83c321ec20 100644 +--- a/hw/scsi/megasas.c ++++ b/hw/scsi/megasas.c +@@ -383,8 +383,7 @@ static int megasas_setup_inquiry(uint8_t *cdb, int pg, int len) + cdb[1] = 0x1; + cdb[2] = pg; + } +- cdb[3] = (len >> 8) & 0xff; +- cdb[4] = (len & 0xff); ++ stw_be_p(&cdb[3], len); + return len; + } + +@@ -400,18 +399,8 @@ static void megasas_encode_lba(uint8_t *cdb, uint64_t lba, + } else { + cdb[0] = READ_16; + } +- cdb[2] = (lba >> 56) & 0xff; +- cdb[3] = (lba >> 48) & 0xff; +- cdb[4] = (lba >> 40) & 0xff; +- cdb[5] = (lba >> 32) & 0xff; +- cdb[6] = (lba >> 24) & 0xff; +- cdb[7] = (lba >> 16) & 0xff; +- cdb[8] = (lba >> 8) & 0xff; +- cdb[9] = (lba) & 0xff; +- cdb[10] = (len >> 24) & 0xff; +- cdb[11] = (len >> 16) & 0xff; +- cdb[12] = (len >> 8) & 0xff; +- cdb[13] = (len) & 0xff; ++ stq_be_p(&cdb[2], lba); ++ stl_be_p(&cdb[2 + 8], len); + } + + /* +-- +2.41.0.windows.1 + diff --git a/iotests-308-Fix-for-CAP_DAC_OVERRIDE.patch b/iotests-308-Fix-for-CAP_DAC_OVERRIDE.patch new file mode 100644 index 00000000..2f8ddd4a --- /dev/null +++ b/iotests-308-Fix-for-CAP_DAC_OVERRIDE.patch @@ -0,0 +1,81 @@ +From 769aa1236789f0b5c47255aad220b73a8e286072 Mon Sep 17 00:00:00 2001 +From: Luo Yifan +Date: Mon, 16 Dec 2024 10:32:54 +0800 +Subject: [PATCH] iotests/308: Fix for CAP_DAC_OVERRIDE + +cherry picked from commit e2eec2819a96f3a5d68f899c836ad365468cec01 + +With CAP_DAC_OVERRIDE (which e.g. root generally has), permission checks +will be bypassed when opening files. + +308 in one instance tries to open a read-only file (FUSE export) with +qemu-io as read/write, and expects this to fail. However, when running +it as root, opening will succeed (thanks to CAP_DAC_OVERRIDE) and only +the actual write operation will fail. + +Note this as "Case not run", but have the test pass in either case. + +Reported-by: Vladimir Sementsov-Ogievskiy +Fixes: 2c7dd057aa7bd7a875e9b1a53975c220d6380bc4 + ("export/fuse: Pass default_permissions for mount") +Signed-off-by: Hanna Reitz +Message-Id: <20220103120014.13061-1-hreitz@redhat.com> +Signed-off-by: Kevin Wolf +Signed-off-by: Luo Yifan +--- + tests/qemu-iotests/308 | 25 +++++++++++++++++++++++-- + tests/qemu-iotests/308.out | 2 +- + 2 files changed, 24 insertions(+), 3 deletions(-) + +diff --git a/tests/qemu-iotests/308 b/tests/qemu-iotests/308 +index 2e3f8f4282..bde4aac2fa 100755 +--- a/tests/qemu-iotests/308 ++++ b/tests/qemu-iotests/308 +@@ -230,8 +230,29 @@ echo '=== Writable export ===' + fuse_export_add 'export-mp' "'mountpoint': '$EXT_MP', 'writable': true" + + # Check that writing to the read-only export fails +-$QEMU_IO -f raw -c 'write -P 42 1M 64k' "$TEST_IMG" 2>&1 \ +- | _filter_qemu_io | _filter_testdir | _filter_imgfmt ++output=$($QEMU_IO -f raw -c 'write -P 42 1M 64k' "$TEST_IMG" 2>&1 \ ++ | _filter_qemu_io | _filter_testdir | _filter_imgfmt) ++ ++# Expected reference output: Opening the file fails because it has no ++# write permission ++reference="Could not open 'TEST_DIR/t.IMGFMT': Permission denied" ++ ++if echo "$output" | grep -q "$reference"; then ++ echo "Writing to read-only export failed: OK" ++elif echo "$output" | grep -q "write failed: Permission denied"; then ++ # With CAP_DAC_OVERRIDE (e.g. when running this test as root), the export ++ # can be opened regardless of its file permissions, but writing will then ++ # fail. This is not the result for which we want to test, so count this as ++ # a SKIP. ++ _casenotrun "Opening RO export as R/W succeeded, perhaps because of" \ ++ "CAP_DAC_OVERRIDE" ++ ++ # Still, write this to the reference output to make the test pass ++ echo "Writing to read-only export failed: OK" ++else ++ echo "Writing to read-only export failed: ERROR" ++ echo "$output" ++fi + + # But here it should work + $QEMU_IO -f raw -c 'write -P 42 1M 64k' "$EXT_MP" | _filter_qemu_io +diff --git a/tests/qemu-iotests/308.out b/tests/qemu-iotests/308.out +index fc47bb11a2..e4467a10cf 100644 +--- a/tests/qemu-iotests/308.out ++++ b/tests/qemu-iotests/308.out +@@ -95,7 +95,7 @@ virtual size: 0 B (0 bytes) + 'mountpoint': 'TEST_DIR/t.IMGFMT.fuse', 'writable': true + } } + {"return": {}} +-qemu-io: can't open device TEST_DIR/t.IMGFMT: Could not open 'TEST_DIR/t.IMGFMT': Permission denied ++Writing to read-only export failed: OK + wrote 65536/65536 bytes at offset 1048576 + 64 KiB, X ops; XX:XX:XX.X (XXX YYY/sec and XXX ops/sec) + wrote 65536/65536 bytes at offset 1048576 +-- +2.41.0.windows.1 + diff --git a/jackaudio-use-ifdefs-to-hide-unavailable-functions.patch b/jackaudio-use-ifdefs-to-hide-unavailable-functions.patch new file mode 100644 index 00000000..62880e73 --- /dev/null +++ b/jackaudio-use-ifdefs-to-hide-unavailable-functions.patch @@ -0,0 +1,67 @@ +From 00b7eee0e0116ec78b41db24da510e655ec28c4c Mon Sep 17 00:00:00 2001 +From: Luo Yifan +Date: Wed, 20 Nov 2024 11:08:20 +0800 +Subject: [PATCH] jackaudio: use ifdefs to hide unavailable functions +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +cherry picked from commit ead789eb46a7df4eaab9e14e29e1d0d2a379988d + +On Windows the jack_set_thread_creator() function and on MacOS the +pthread_setname_np() function with a thread pointer paramater is +not available. Use #ifdefs to remove the jack_set_thread_creator() +function call and the qjack_thread_creator() function in both +cases. + +The qjack_thread_creator() function just sets the name of the +created thread for debugging purposes and isn't really necessary. + +From the jack_set_thread_creator() documentation: +(...) + +No normal application/client should consider calling this. (...) + +Resolves: https://gitlab.com/qemu-project/qemu/-/issues/785 +Signed-off-by: Volker Rümelin +Reviewed-by: Christian Schoenebeck +Message-Id: <20211226154017.6067-1-vr_qemu@t-online.de> +Signed-off-by: Gerd Hoffmann +Signed-off-by: Luo Yifan +--- + audio/jackaudio.c | 4 ++++ + 1 file changed, 4 insertions(+) + +diff --git a/audio/jackaudio.c b/audio/jackaudio.c +index e7de6d5433..317009e936 100644 +--- a/audio/jackaudio.c ++++ b/audio/jackaudio.c +@@ -622,6 +622,7 @@ static void qjack_enable_in(HWVoiceIn *hw, bool enable) + ji->c.enabled = enable; + } + ++#if !defined(WIN32) && defined(CONFIG_PTHREAD_SETNAME_NP_W_TID) + static int qjack_thread_creator(jack_native_thread_t *thread, + const pthread_attr_t *attr, void *(*function)(void *), void *arg) + { +@@ -635,6 +636,7 @@ static int qjack_thread_creator(jack_native_thread_t *thread, + + return ret; + } ++#endif + + static void *qjack_init(Audiodev *dev) + { +@@ -687,7 +689,9 @@ static void register_audio_jack(void) + { + qemu_mutex_init(&qjack_shutdown_lock); + audio_driver_register(&jack_driver); ++#if !defined(WIN32) && defined(CONFIG_PTHREAD_SETNAME_NP_W_TID) + jack_set_thread_creator(qjack_thread_creator); ++#endif + jack_set_error_function(qjack_error); + jack_set_info_function(qjack_info); + } +-- +2.41.0.windows.1 + diff --git a/linux-user-Add-pidfd_open-pidfd_send_signal-and-pidf.patch b/linux-user-Add-pidfd_open-pidfd_send_signal-and-pidf.patch new file mode 100644 index 00000000..c2c066b7 --- /dev/null +++ b/linux-user-Add-pidfd_open-pidfd_send_signal-and-pidf.patch @@ -0,0 +1,135 @@ +From c1df5afc01165a16dd79125669a69e8fb965def2 Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?=E5=88=98=E5=A9=A720201110?= + +Date: Wed, 13 Nov 2024 19:47:37 +0800 +Subject: [PATCH] linux-user: Add pidfd_open(), pidfd_send_signal() and + pidfd_getfd() syscalls + +I noticed those were missing when running the glib2.0 testsuite. +Add the syscalls including the strace output. + +Signed-off-by: Helge Deller +Reviewed-by: Laurent Vivier +Message-Id: <20220918194555.83535-4-deller@gmx.de> +Signed-off-by: Laurent Vivier +Signed-off-by: Liu Jing +--- + linux-user/strace.c | 28 ++++++++++++++++++++++++++++ + linux-user/strace.list | 9 +++++++++ + linux-user/syscall.c | 34 ++++++++++++++++++++++++++++++++++ + 3 files changed, 71 insertions(+) + +diff --git a/linux-user/strace.c b/linux-user/strace.c +index 37d66d0dff..00dd0511c6 100644 +--- a/linux-user/strace.c ++++ b/linux-user/strace.c +@@ -3274,6 +3274,34 @@ print_openat(void *cpu_env, const struct syscallname *name, + } + #endif + ++#ifdef TARGET_NR_pidfd_send_signal ++static void ++print_pidfd_send_signal(CPUArchState *cpu_env, const struct syscallname *name, ++ abi_long arg0, abi_long arg1, abi_long arg2, ++ abi_long arg3, abi_long arg4, abi_long arg5) ++{ ++ void *p; ++ target_siginfo_t uinfo; ++ ++ print_syscall_prologue(name); ++ print_raw_param("%d", arg0, 0); ++ print_signal(arg1, 0); ++ ++ p = lock_user(VERIFY_READ, arg2, sizeof(target_siginfo_t), 1); ++ if (p) { ++ get_target_siginfo(&uinfo, p); ++ print_siginfo(&uinfo); ++ ++ unlock_user(p, arg2, 0); ++ } else { ++ print_pointer(arg2, 1); ++ } ++ ++ print_raw_param("%u", arg3, 0); ++ print_syscall_epilogue(name); ++} ++#endif ++ + #ifdef TARGET_NR_mq_unlink + static void + print_mq_unlink(void *cpu_env, const struct syscallname *name, +diff --git a/linux-user/strace.list b/linux-user/strace.list +index 544869f1ab..b96a1447c3 100644 +--- a/linux-user/strace.list ++++ b/linux-user/strace.list +@@ -1662,6 +1662,15 @@ + #ifdef TARGET_NR_pipe2 + { TARGET_NR_pipe2, "pipe2", NULL, NULL, NULL }, + #endif ++#ifdef TARGET_NR_pidfd_open ++{ TARGET_NR_pidfd_open, "pidfd_open", "%s(%d,%u)", NULL, NULL }, ++#endif ++#ifdef TARGET_NR_pidfd_send_signal ++{ TARGET_NR_pidfd_send_signal, "pidfd_send_signal", NULL, print_pidfd_send_signal, NULL }, ++#endif ++#ifdef TARGET_NR_pidfd_getfd ++{ TARGET_NR_pidfd_getfd, "pidfd_getfd", "%s(%d,%d,%u)", NULL, NULL }, ++#endif + #ifdef TARGET_NR_atomic_cmpxchg_32 + { TARGET_NR_atomic_cmpxchg_32, "atomic_cmpxchg_32", NULL, NULL, NULL }, + #endif +diff --git a/linux-user/syscall.c b/linux-user/syscall.c +index c4951d449f..5f1bdfe857 100644 +--- a/linux-user/syscall.c ++++ b/linux-user/syscall.c +@@ -333,6 +333,16 @@ _syscall6(int,sys_futex,int *,uaddr,int,op,int,val, + _syscall6(int,sys_futex_time64,int *,uaddr,int,op,int,val, + const struct timespec *,timeout,int *,uaddr2,int,val3) + #endif ++#if defined(__NR_pidfd_open) && defined(TARGET_NR_pidfd_open) ++_syscall2(int, pidfd_open, pid_t, pid, unsigned int, flags); ++#endif ++#if defined(__NR_pidfd_send_signal) && defined(TARGET_NR_pidfd_send_signal) ++_syscall4(int, pidfd_send_signal, int, pidfd, int, sig, siginfo_t *, info, ++ unsigned int, flags); ++#endif ++#if defined(__NR_pidfd_getfd) && defined(TARGET_NR_pidfd_getfd) ++_syscall3(int, pidfd_getfd, int, pidfd, int, targetfd, unsigned int, flags); ++#endif + #define __NR_sys_sched_getaffinity __NR_sched_getaffinity + _syscall3(int, sys_sched_getaffinity, pid_t, pid, unsigned int, len, + unsigned long *, user_mask_ptr); +@@ -8435,6 +8445,30 @@ static abi_long do_syscall1(void *cpu_env, int num, abi_long arg1, + ret = do_open_by_handle_at(arg1, arg2, arg3); + fd_trans_unregister(ret); + return ret; ++#endif ++#if defined(__NR_pidfd_open) && defined(TARGET_NR_pidfd_open) ++ case TARGET_NR_pidfd_open: ++ return get_errno(pidfd_open(arg1, arg2)); ++#endif ++#if defined(__NR_pidfd_send_signal) && defined(TARGET_NR_pidfd_send_signal) ++ case TARGET_NR_pidfd_send_signal: ++ { ++ siginfo_t uinfo; ++ ++ p = lock_user(VERIFY_READ, arg3, sizeof(target_siginfo_t), 1); ++ if (!p) { ++ return -TARGET_EFAULT; ++ } ++ target_to_host_siginfo(&uinfo, p); ++ unlock_user(p, arg3, 0); ++ ret = get_errno(pidfd_send_signal(arg1, target_to_host_signal(arg2), ++ &uinfo, arg4)); ++ } ++ return ret; ++#endif ++#if defined(__NR_pidfd_getfd) && defined(TARGET_NR_pidfd_getfd) ++ case TARGET_NR_pidfd_getfd: ++ return get_errno(pidfd_getfd(arg1, arg2, arg3)); + #endif + case TARGET_NR_close: + fd_trans_unregister(arg1); +-- +2.41.0.windows.1 + diff --git a/linux-user-Add-proper-strace-format-strings-for-getd.patch b/linux-user-Add-proper-strace-format-strings-for-getd.patch new file mode 100644 index 00000000..70d3309f --- /dev/null +++ b/linux-user-Add-proper-strace-format-strings-for-getd.patch @@ -0,0 +1,35 @@ +From e9d80886ac9fb87390da01b0174856638bc42d2d Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?=E5=88=98=E5=A9=A720201110?= + +Date: Fri, 6 Dec 2024 17:42:36 +0800 +Subject: [PATCH] linux-user: Add proper strace format strings for + getdents()/getdents64() + +Signed-off-by: Helge Deller +Message-Id: <20220924114501.21767-3-deller@gmx.de> +Signed-off-by: Laurent Vivier +Signed-off-by: Liu Jing +--- + linux-user/strace.list | 4 ++-- + 1 file changed, 2 insertions(+), 2 deletions(-) + +diff --git a/linux-user/strace.list b/linux-user/strace.list +index b59d4c5607..8d5ab6dfac 100644 +--- a/linux-user/strace.list ++++ b/linux-user/strace.list +@@ -279,10 +279,10 @@ + { TARGET_NR_getcwd, "getcwd" , "%s(%p,%d)", NULL, NULL }, + #endif + #ifdef TARGET_NR_getdents +-{ TARGET_NR_getdents, "getdents" , NULL, NULL, NULL }, ++{ TARGET_NR_getdents, "getdents" , "%s(%d,%p,%u)", NULL, NULL }, + #endif + #ifdef TARGET_NR_getdents64 +-{ TARGET_NR_getdents64, "getdents64" , NULL, NULL, NULL }, ++{ TARGET_NR_getdents64, "getdents64" , "%s(%d,%p,%u)", NULL, NULL }, + #endif + #ifdef TARGET_NR_getdomainname + { TARGET_NR_getdomainname, "getdomainname" , NULL, NULL, NULL }, +-- +2.41.0.windows.1 + diff --git a/linux-user-Add-strace-for-clock_nanosleep.patch b/linux-user-Add-strace-for-clock_nanosleep.patch new file mode 100644 index 00000000..db15c528 --- /dev/null +++ b/linux-user-Add-strace-for-clock_nanosleep.patch @@ -0,0 +1,59 @@ +From dbc66bb16f86716b2d5b7e01e8f37cc20d99fd91 Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?=E5=88=98=E5=A9=A720201110?= + +Date: Wed, 13 Nov 2024 20:23:03 +0800 +Subject: [PATCH] linux-user: Add strace for clock_nanosleep() + +Signed-off-by: Helge Deller +Reviewed-by: Laurent Vivier +Message-Id: <20220918194555.83535-10-deller@gmx.de> +Signed-off-by: Laurent Vivier +Signed-off-by: Liu Jing +--- + linux-user/strace.c | 15 +++++++++++++++ + linux-user/strace.list | 3 ++- + 2 files changed, 17 insertions(+), 1 deletion(-) + +diff --git a/linux-user/strace.c b/linux-user/strace.c +index 37d66d0dff..05d6b4524a 100644 +--- a/linux-user/strace.c ++++ b/linux-user/strace.c +@@ -3491,6 +3491,21 @@ print_unshare(void *cpu_env, const struct syscallname *name, + } + #endif + ++#ifdef TARGET_NR_clock_nanosleep ++static void ++print_clock_nanosleep(CPUArchState *cpu_env, const struct syscallname *name, ++ abi_long arg0, abi_long arg1, abi_long arg2, ++ abi_long arg3, abi_long arg4, abi_long arg5) ++{ ++ print_syscall_prologue(name); ++ print_enums(clockids, arg0, 0); ++ print_raw_param("%d", arg1, 0); ++ print_timespec(arg2, 0); ++ print_timespec(arg3, 1); ++ print_syscall_epilogue(name); ++} ++#endif ++ + #ifdef TARGET_NR_utime + static void + print_utime(void *cpu_env, const struct syscallname *name, +diff --git a/linux-user/strace.list b/linux-user/strace.list +index 544869f1ab..dc37dcf689 100644 +--- a/linux-user/strace.list ++++ b/linux-user/strace.list +@@ -91,7 +91,8 @@ + print_syscall_ret_clock_gettime }, + #endif + #ifdef TARGET_NR_clock_nanosleep +-{ TARGET_NR_clock_nanosleep, "clock_nanosleep" , NULL, NULL, NULL }, ++{ TARGET_NR_clock_nanosleep, "clock_nanosleep" , NULL, print_clock_nanosleep, ++ NULL }, + #endif + #ifdef TARGET_NR_clock_settime + { TARGET_NR_clock_settime, "clock_settime" , NULL, print_clock_settime, NULL }, +-- +2.41.0.windows.1 + diff --git a/linux-user-Fix-TARGET_PROT_SEM-for-XTENSA.patch b/linux-user-Fix-TARGET_PROT_SEM-for-XTENSA.patch new file mode 100644 index 00000000..ac3e2d4d --- /dev/null +++ b/linux-user-Fix-TARGET_PROT_SEM-for-XTENSA.patch @@ -0,0 +1,33 @@ +From 464666abdb5250ca0295c5ec99cc2ee515cac920 Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?=E5=88=98=E5=A9=A720201110?= + +Date: Fri, 6 Dec 2024 17:36:46 +0800 +Subject: [PATCH] linux-user: Fix TARGET_PROT_SEM for XTENSA + +The xtensa platform has a value of 0x10 for PROT_SEM. + +Signed-off-by: Helge Deller +Reviewed-by: Laurent Vivier +Message-Id: <20220924114501.21767-2-deller@gmx.de> +Signed-off-by: Laurent Vivier +Signed-off-by: Liu Jing +--- + linux-user/syscall_defs.h | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/linux-user/syscall_defs.h b/linux-user/syscall_defs.h +index a04f399278..077a059701 100644 +--- a/linux-user/syscall_defs.h ++++ b/linux-user/syscall_defs.h +@@ -1295,7 +1295,7 @@ struct target_winsize { + + #include "termbits.h" + +-#if defined(TARGET_MIPS) ++#if defined(TARGET_MIPS) || defined(TARGET_XTENSA) + #define TARGET_PROT_SEM 0x10 + #else + #define TARGET_PROT_SEM 0x08 +-- +2.41.0.windows.1 + diff --git a/linux-user-Fix-strace-of-chmod-if-mode-0.patch b/linux-user-Fix-strace-of-chmod-if-mode-0.patch new file mode 100644 index 00000000..603238b4 --- /dev/null +++ b/linux-user-Fix-strace-of-chmod-if-mode-0.patch @@ -0,0 +1,44 @@ +From 6b8ad93d212b5510140b49b1383626ec6dae9427 Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?=E5=88=98=E5=A9=A720201110?= + +Date: Wed, 13 Nov 2024 20:06:25 +0800 +Subject: [PATCH] linux-user: Fix strace of chmod() if mode == 0 +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +If the mode parameter of chmod() is zero, this value isn't shown +when stracing a program: + chmod("filename",) +This patch fixes it up to show the zero-value as well: + chmod("filename",000) + +Signed-off-by: Helge Deller +Reviewed-by: Laurent Vivier +Reviewed-by: Philippe Mathieu-Daudé +Message-Id: <20220918194555.83535-8-deller@gmx.de> +Signed-off-by: Laurent Vivier +Signed-off-by: Liu Jing +--- + linux-user/strace.c | 5 +++++ + 1 file changed, 5 insertions(+) + +diff --git a/linux-user/strace.c b/linux-user/strace.c +index 37d66d0dff..a6e269980f 100644 +--- a/linux-user/strace.c ++++ b/linux-user/strace.c +@@ -1496,6 +1496,11 @@ print_file_mode(abi_long mode, int last) + const char *sep = ""; + const struct flags *m; + ++ if (mode == 0) { ++ qemu_log("000%s", get_comma(last)); ++ return; ++ } ++ + for (m = &mode_flags[0]; m->f_string != NULL; m++) { + if ((m->f_value & mode) == m->f_value) { + qemu_log("%s%s", m->f_string, sep); +-- +2.41.0.windows.1 + diff --git a/linux-user-Log-failing-executable-in-EXCP_DUMP.patch b/linux-user-Log-failing-executable-in-EXCP_DUMP.patch new file mode 100644 index 00000000..ab99be11 --- /dev/null +++ b/linux-user-Log-failing-executable-in-EXCP_DUMP.patch @@ -0,0 +1,42 @@ +From 6fa6f29d739de0cb09dfcd9d83532104d0005e7b Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?=E5=88=98=E5=A9=A720201110?= + +Date: Wed, 13 Nov 2024 19:54:45 +0800 +Subject: [PATCH] linux-user: Log failing executable in EXCP_DUMP() +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +Enhance the EXCP_DUMP() macro to print out the failing program too. +During debugging it's sometimes hard to track down the actual failing +program if you are e.g. building a whole debian package. + +Signed-off-by: Helge Deller +Reviewed-by: Laurent Vivier +Reviewed-by: Philippe Mathieu-Daudé +Message-Id: <20220918194555.83535-5-deller@gmx.de> +Signed-off-by: Laurent Vivier +Signed-off-by: Liu Jing +--- + linux-user/cpu_loop-common.h | 2 ++ + 1 file changed, 2 insertions(+) + +diff --git a/linux-user/cpu_loop-common.h b/linux-user/cpu_loop-common.h +index 8828af28a4..0803cc55d8 100644 +--- a/linux-user/cpu_loop-common.h ++++ b/linux-user/cpu_loop-common.h +@@ -26,9 +26,11 @@ + do { \ + CPUState *cs = env_cpu(env); \ + fprintf(stderr, fmt , ## __VA_ARGS__); \ ++ fprintf(stderr, "Failing executable: %s\n", exec_path); \ + cpu_dump_state(cs, stderr, 0); \ + if (qemu_log_separate()) { \ + qemu_log(fmt, ## __VA_ARGS__); \ ++ qemu_log("Failing executable: %s\n", exec_path); \ + log_cpu_state(cs, 0); \ + } \ + } while (0) +-- +2.41.0.windows.1 + diff --git a/linux-user-Show-timespec-on-strace-for-futex.patch b/linux-user-Show-timespec-on-strace-for-futex.patch new file mode 100644 index 00000000..76051c84 --- /dev/null +++ b/linux-user-Show-timespec-on-strace-for-futex.patch @@ -0,0 +1,44 @@ +From b6e7a4895f176d0910059ec3941357cf60af4fd3 Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?=E5=88=98=E5=A9=A720201110?= + +Date: Wed, 13 Nov 2024 20:29:29 +0800 +Subject: [PATCH] linux-user: Show timespec on strace for futex() + +Signed-off-by: Helge Deller +Reviewed-by: Laurent Vivier +Message-Id: <20220918194555.83535-11-deller@gmx.de> +Signed-off-by: Laurent Vivier +Signed-off-by: Liu Jing +--- + linux-user/strace.c | 11 ++++++++++- + 1 file changed, 10 insertions(+), 1 deletion(-) + +diff --git a/linux-user/strace.c b/linux-user/strace.c +index 37d66d0dff..7978d459f6 100644 +--- a/linux-user/strace.c ++++ b/linux-user/strace.c +@@ -3623,11 +3623,20 @@ print_futex(void *cpu_env, const struct syscallname *name, + abi_long arg0, abi_long arg1, abi_long arg2, + abi_long arg3, abi_long arg4, abi_long arg5) + { ++ abi_long op = arg1 & FUTEX_CMD_MASK; + print_syscall_prologue(name); + print_pointer(arg0, 0); + print_futex_op(arg1, 0); + print_raw_param(",%d", arg2, 0); +- print_pointer(arg3, 0); /* struct timespec */ ++ switch (op) { ++ case FUTEX_WAIT: ++ case FUTEX_WAIT_BITSET: ++ print_timespec(arg3, 0); ++ break; ++ default: ++ print_pointer(arg3, 0); ++ break; ++ } + print_pointer(arg4, 0); + print_raw_param("%d", arg4, 1); + print_syscall_epilogue(name); +-- +2.41.0.windows.1 + diff --git a/linux-user-hppa-Dump-IIR-on-register-dump.patch b/linux-user-hppa-Dump-IIR-on-register-dump.patch new file mode 100644 index 00000000..5b6d0af2 --- /dev/null +++ b/linux-user-hppa-Dump-IIR-on-register-dump.patch @@ -0,0 +1,43 @@ +From e8f23ca825a8f3c89d0aca4248842d2035aab1fc Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?=E5=88=98=E5=A9=A720201110?= + +Date: Fri, 6 Dec 2024 11:09:07 +0800 +Subject: [PATCH] linux-user/hppa: Dump IIR on register dump +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +Include the IIR register (which holds the opcode of the failing +instruction) when dumping the hppa registers. + +Signed-off-by: Helge Deller +Reviewed-by: Laurent Vivier +Reviewed-by: Philippe Mathieu-Daudé +Message-Id: <20220918194555.83535-7-deller@gmx.de> +Signed-off-by: Laurent Vivier +Signed-off-by: Liu Jing +--- + target/hppa/helper.c | 6 ++++-- + 1 file changed, 4 insertions(+), 2 deletions(-) + +diff --git a/target/hppa/helper.c b/target/hppa/helper.c +index 1ccff5765a..eba133047b 100644 +--- a/target/hppa/helper.c ++++ b/target/hppa/helper.c +@@ -85,9 +85,11 @@ void hppa_cpu_dump_state(CPUState *cs, FILE *f, int flags) + char psw_c[20]; + int i; + +- qemu_fprintf(f, "IA_F " TARGET_FMT_lx " IA_B " TARGET_FMT_lx "\n", ++ qemu_fprintf(f, "IA_F " TARGET_FMT_lx " IA_B " TARGET_FMT_lx ++ " IIR " TREG_FMT_lx "\n", + hppa_form_gva_psw(psw, env->iasq_f, env->iaoq_f), +- hppa_form_gva_psw(psw, env->iasq_b, env->iaoq_b)); ++ hppa_form_gva_psw(psw, env->iasq_b, env->iaoq_b), ++ env->cr[CR_IIR]); + + psw_c[0] = (psw & PSW_W ? 'W' : '-'); + psw_c[1] = (psw & PSW_E ? 'E' : '-'); +-- +2.41.0.windows.1 + diff --git a/linux-user-hppa-Set-TASK_UNMAPPED_BASE-to-0xfa000000.patch b/linux-user-hppa-Set-TASK_UNMAPPED_BASE-to-0xfa000000.patch new file mode 100644 index 00000000..620fd867 --- /dev/null +++ b/linux-user-hppa-Set-TASK_UNMAPPED_BASE-to-0xfa000000.patch @@ -0,0 +1,39 @@ +From 6bd7917903112ab1541d10a006f7074c4d0fa7da Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?=E5=88=98=E5=A9=A720201110?= + +Date: Fri, 6 Dec 2024 13:34:31 +0800 +Subject: [PATCH] linux-user/hppa: Set TASK_UNMAPPED_BASE to 0xfa000000 for + hppa arch + +On the parisc architecture the stack grows upwards. +Move the TASK_UNMAPPED_BASE to high memory area as it's done by the +kernel on physical machines. + +Signed-off-by: Helge Deller +Message-Id: <20220918194555.83535-9-deller@gmx.de> +Signed-off-by: Laurent Vivier +Signed-off-by: Liu Jing +--- + linux-user/mmap.c | 4 ++++ + 1 file changed, 4 insertions(+) + +diff --git a/linux-user/mmap.c b/linux-user/mmap.c +index c125031b90..d674d5b00d 100644 +--- a/linux-user/mmap.c ++++ b/linux-user/mmap.c +@@ -251,8 +251,12 @@ static int mmap_frag(abi_ulong real_start, + # define TASK_UNMAPPED_BASE (1ul << 38) + #endif + #else ++#ifdef TARGET_HPPA ++# define TASK_UNMAPPED_BASE 0xfa000000 ++#else + # define TASK_UNMAPPED_BASE 0x40000000 + #endif ++#endif + abi_ulong mmap_next_start = TASK_UNMAPPED_BASE; + + unsigned long last_brk; +-- +2.41.0.windows.1 + diff --git a/migration-fix-a-typo.patch b/migration-fix-a-typo.patch new file mode 100644 index 00000000..e7298b76 --- /dev/null +++ b/migration-fix-a-typo.patch @@ -0,0 +1,35 @@ +From 5a6063a0617f893f59eb16c3ef83056d72654c3c Mon Sep 17 00:00:00 2001 +From: jipengfei +Date: Mon, 9 Sep 2024 20:51:25 +0800 +Subject: [PATCH] migration: fix a typo +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +Signed-off-by:jipengfei +Signed-off-by: Marc-André Lureau +Reviewed-by: Peter Xu +Reviewed-by: Fabiano Rosas +Reviewed-by: Fiona Ebner +Tested-by: Fiona Ebner +Signed-off-by: Fabiano Rosas +--- + migration/vmstate.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/migration/vmstate.c b/migration/vmstate.c +index 05f87cdddc..c9db071bee 100644 +--- a/migration/vmstate.c ++++ b/migration/vmstate.c +@@ -454,7 +454,7 @@ static int vmstate_subsection_load(QEMUFile *f, const VMStateDescription *vmsd, + + len = qemu_peek_byte(f, 1); + if (len < strlen(vmsd->name) + 1) { +- /* subsection name has be be "section_name/a" */ ++ /* subsection name has to be "section_name/a" */ + trace_vmstate_subsection_load_bad(vmsd->name, "(short)", ""); + return 0; + } +-- +2.41.0.windows.1 + diff --git a/python-update-type-hints-for-mypy-0.930.patch b/python-update-type-hints-for-mypy-0.930.patch new file mode 100644 index 00000000..571735c5 --- /dev/null +++ b/python-update-type-hints-for-mypy-0.930.patch @@ -0,0 +1,51 @@ +From 6af7820986d8d441a02c176df4a69c8efae23763 Mon Sep 17 00:00:00 2001 +From: Luo Yifan +Date: Wed, 20 Nov 2024 10:47:39 +0800 +Subject: [PATCH] python: update type hints for mypy 0.930 + +cherry picked from commit 366d33158cea72e80d80505f94c34cb505385c0a + +Mypy 0.930, released Dec 22, changes the way argparse objects are +considered. Crafting a definition that works under Python 3.6 and an +older mypy alongside newer versions simultaneously is ... difficult, +so... eh. Stub it out with an 'Any' definition to get the CI moving +again. + +Oh well. + +Signed-off-by: John Snow +Reviewed-by: Beraldo Leal +Message-id: 20220110191349.1841027-4-jsnow@redhat.com +Signed-off-by: John Snow +Signed-off-by: Luo Yifan +--- + python/qemu/qmp/qom_common.py | 6 +----- + 1 file changed, 1 insertion(+), 5 deletions(-) + +diff --git a/python/qemu/qmp/qom_common.py b/python/qemu/qmp/qom_common.py +index a59ae1a2a1..2e4c741f77 100644 +--- a/python/qemu/qmp/qom_common.py ++++ b/python/qemu/qmp/qom_common.py +@@ -30,10 +30,6 @@ + from . import QEMUMonitorProtocol, QMPError + + +-# The following is needed only for a type alias. +-Subparsers = argparse._SubParsersAction # pylint: disable=protected-access +- +- + class ObjectPropertyInfo: + """ + Represents the return type from e.g. qom-list. +@@ -89,7 +85,7 @@ def __init__(self, args: argparse.Namespace): + self.qmp.connect() + + @classmethod +- def register(cls, subparsers: Subparsers) -> None: ++ def register(cls, subparsers: Any) -> None: + """ + Register this command with the argument parser. + +-- +2.41.0.windows.1 + diff --git a/qdev-core.h-Fix-wrongly-named-reference-to-TYPE_SPLI.patch b/qdev-core.h-Fix-wrongly-named-reference-to-TYPE_SPLI.patch new file mode 100644 index 00000000..24e424a6 --- /dev/null +++ b/qdev-core.h-Fix-wrongly-named-reference-to-TYPE_SPLI.patch @@ -0,0 +1,34 @@ +From 86d3da849524411b4a2ad1e3a03a1c5cf95e25ea Mon Sep 17 00:00:00 2001 +From: Luo Yifan +Date: Wed, 20 Nov 2024 13:36:13 +0800 +Subject: [PATCH] qdev-core.h: Fix wrongly named reference to TYPE_SPLIT_IRQ + +cherry picked from commit 5df69ab89527618744661d5a45ed85ca3cc7bceb + +Fix a comment in qdev-core.h where we incorrectly referred +to TYPE_IRQ_SPLIT when we meant TYPE_SPLIT_IRQ. + +Signed-off-by: Peter Maydell +Message-Id: <20220111172655.3546766-1-peter.maydell@linaro.org> +Signed-off-by: Laurent Vivier +Signed-off-by: Luo Yifan +--- + include/hw/qdev-core.h | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/include/hw/qdev-core.h b/include/hw/qdev-core.h +index 45b1aec86b..a1169c1c9a 100644 +--- a/include/hw/qdev-core.h ++++ b/include/hw/qdev-core.h +@@ -500,7 +500,7 @@ qemu_irq qdev_get_gpio_in_named(DeviceState *dev, const char *name, int n); + * qemu_irqs at once, or to connect multiple outbound GPIOs to the + * same qemu_irq. (Warning: there is no assertion or other guard to + * catch this error: the model will just not do the right thing.) +- * Instead, for fan-out you can use the TYPE_IRQ_SPLIT device: connect ++ * Instead, for fan-out you can use the TYPE_SPLIT_IRQ device: connect + * a device's outbound GPIO to the splitter's input, and connect each + * of the splitter's outputs to a different device. For fan-in you + * can use the TYPE_OR_IRQ device, which is a model of a logical OR +-- +2.41.0.windows.1 + diff --git a/qemu.spec b/qemu.spec index 9d101563..ae0976ba 100644 --- a/qemu.spec +++ b/qemu.spec @@ -3,7 +3,7 @@ Name: qemu Version: 6.2.0 -Release: 105 +Release: 106 Epoch: 10 Summary: QEMU is a generic and open source machine emulator and virtualizer License: GPLv2 and BSD and MIT and CC-BY-SA-4.0 @@ -1133,6 +1133,51 @@ Patch1118: target-i386-Add-feature-bits-for-CPUID_Fn80000021_EA.patch Patch1119: target-i386-Add-missing-feature-bits-in-EPYC-Milan-m.patch Patch1120: target-i386-Add-VNMI-and-automatic-IBRS-feature-bits.patch Patch1121: target-i386-Add-EPYC-Genoa-model-to-support-Zen-4-pr.patch +Patch1122: linux-user-Add-pidfd_open-pidfd_send_signal-and-pidf.patch +Patch1123: linux-user-Log-failing-executable-in-EXCP_DUMP.patch +Patch1124: linux-user-Fix-strace-of-chmod-if-mode-0.patch +Patch1125: linux-user-Add-strace-for-clock_nanosleep.patch +Patch1126: linux-user-Show-timespec-on-strace-for-futex.patch +Patch1127: hw-ppc-e500-Add-missing-device-tree-properties-to-i2.patch +Patch1128: hw-ppc-e500-Remove-unused-irqs-parameter.patch +Patch1129: hw-ppc-e500-Prefer-QOM-cast.patch +Patch1130: tcg-Allow-top-bit-of-SIMD_DATA_BITS-to-be-set-in-sim.patch +Patch1131: Python-aqmp-fix-type-definitions-for-mypy-0.920.patch +Patch1132: python-update-type-hints-for-mypy-0.930.patch +Patch1133: simplebench-Fix-Python-syntax-error-reported-by-LGTM.patch +Patch1134: jackaudio-use-ifdefs-to-hide-unavailable-functions.patch +Patch1135: docs-Correct-vhost-user-blk-spelling.patch +Patch1136: vvfat-Fix-size-of-temporary-qcow-file.patch +Patch1137: target-ppc-Fix-7448-support.patch +Patch1138: gqa-win-get_pci_info-Clean-dev_info-if-handle-is-val.patch +Patch1139: hw-scsi-megasas-Simplify-using-the-ldst-API.patch +Patch1140: qdev-core.h-Fix-wrongly-named-reference-to-TYPE_SPLI.patch +Patch1141: tests-Fix-typo-in-check-help-output.patch +Patch1142: linux-user-hppa-Dump-IIR-on-register-dump.patch +Patch1143: linux-user-hppa-Set-TASK_UNMAPPED_BASE-to-0xfa000000.patch +Patch1144: linux-user-Fix-TARGET_PROT_SEM-for-XTENSA.patch +Patch1145: linux-user-Add-proper-strace-format-strings-for-getd.patch +Patch1146: target-ppc-Set-ctx-opcode-for-decode_insn32.patch +Patch1147: usb-hub-Fix-handling-port-power-control-messages.patch +Patch1148: target-arm-Drop-user-only-special-case-in-sve_stN_r.patch +Patch1149: hw-intc-Don-t-clear-pending-bits-on-IRQ-lowering.patch +Patch1150: Fix-calculation-of-minimum-in-colo_compare_tcp.patch +Patch1151: tcg-Reset-data_gen_ptr-correctly.patch +Patch1152: raw-format-Fix-error-message-for-invalid-offset-size.patch +Patch1153: scsi-fetch-unit-attention-when-creating-the-request.patch +Patch1154: migration-fix-a-typo.patch +Patch1155: hw-core-loader-gunzip-fix-memory-leak-on-error-path.patch +Patch1156: tests-qtest-fuzz-fix-memleak-in-qos_fuzz.c.patch +Patch1157: target-i386-fix-size-of-EBP-writeback-in-gen_enter.patch +Patch1158: ui-gtk-fix-leaks-found-wtih-fuzzing.patch +Patch1159: hw-pci-Remove-unused-pci_irq_pulse-method.patch +Patch1160: hw-misc-nrf51_rng-Don-t-use-BIT_MASK-when-we-mean-BI.patch +Patch1161: vvfat-Fix-vvfat_write-for-writes-before-the-root-dir.patch +Patch1162: hvf-remove-unused-but-set-variable.patch +Patch1163: iotests-308-Fix-for-CAP_DAC_OVERRIDE.patch +Patch1164: edid-set-default-resolution-to-1280x800-WXGA.patch +Patch1165: tests-avocado-machine_s390_ccw_virtio-Adapt-test-to-.patch +Patch1166: hw-nvme-Remove-redundant-dma_blk_write.patch BuildRequires: flex BuildRequires: gcc @@ -1731,6 +1776,53 @@ getent passwd qemu >/dev/null || \ %endif %changelog +* Fri Feb 21 2025 - 10:6.2.0-106 +- hw/nvme: Remove redundant dma_blk_write +- tests/avocado/machine_s390_ccw_virtio: Adapt test to new default resolution +- edid: set default resolution to 1280x800 (WXGA) +- iotests/308: Fix for CAP_DAC_OVERRIDE +- hvf: remove unused but set variable +- vvfat: Fix vvfat_write() for writes before the root directory +- hw/misc/nrf51_rng: Don't use BIT_MASK() when we mean BIT() +- hw/pci: Remove unused pci_irq_pulse() method +- ui/gtk: fix leaks found wtih fuzzing +- target/i386: fix size of EBP writeback in gen_enter() +- tests/qtest/fuzz: fix memleak in qos_fuzz.c +- hw/core/loader: gunzip(): fix memory leak on error path +- migration: fix a typo +- scsi: fetch unit attention when creating the request +- raw-format: Fix error message for invalid offset/size +- tcg: Reset data_gen_ptr correctly +- Fix calculation of minimum in colo_compare_tcp +- hw/intc: Don't clear pending bits on IRQ lowering +- target/arm: Drop user-only special case in sve_stN_r +- usb-hub: Fix handling port power control messages +- target/ppc: Set ctx->opcode for decode_insn32() +- linux-user: Add proper strace format strings for getdents()/getdents64() +- linux-user: Fix TARGET_PROT_SEM for XTENSA +- linux-user/hppa: Set TASK_UNMAPPED_BASE to 0xfa000000 for hppa arch +- linux-user/hppa: Dump IIR on register dump +- tests: Fix typo in check-help output +- qdev-core.h: Fix wrongly named reference to TYPE_SPLIT_IRQ +- hw/scsi/megasas: Simplify using the ldst API +- gqa-win: get_pci_info: Clean dev_info if handle is valid +- target/ppc: Fix 7448 support +- vvfat: Fix size of temporary qcow file +- docs: Correct 'vhost-user-blk' spelling +- jackaudio: use ifdefs to hide unavailable functions +- simplebench: Fix Python syntax error (reported by LGTM) +- python: update type hints for mypy 0.930 +- Python/aqmp: fix type definitions for mypy 0.920 +- tcg: Allow top bit of SIMD_DATA_BITS to be set in simd_desc() +- hw/ppc/e500: Prefer QOM cast +- hw/ppc/e500: Remove unused "irqs" parameter +- hw/ppc/e500: Add missing device tree properties to i2c controller node +- linux-user: Show timespec on strace for futex() +- linux-user: Add strace for clock_nanosleep() +- linux-user: Fix strace of chmod() if mode == 0 +- linux-user: Log failing executable in EXCP_DUMP() +- linux-user: Add pidfd_open(), pidfd_send_signal() and pidfd_getfd() syscalls + * Wed Dec 25 2024 - 10:6.2.0-105 - target/i386: Add EPYC-Genoa model to support Zen 4 processor series - target/i386: Add VNMI and automatic IBRS feature bits diff --git a/raw-format-Fix-error-message-for-invalid-offset-size.patch b/raw-format-Fix-error-message-for-invalid-offset-size.patch new file mode 100644 index 00000000..064b4e03 --- /dev/null +++ b/raw-format-Fix-error-message-for-invalid-offset-size.patch @@ -0,0 +1,49 @@ +From 10d05a1b052ce5b69cca2f0a45007c31412314d6 Mon Sep 17 00:00:00 2001 +From: Kevin Wolf +Date: Thu, 29 Aug 2024 20:55:27 +0200 +Subject: [PATCH] raw-format: Fix error message for invalid offset/size +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +s->offset and s->size are only set at the end of the function and still +contain the old values when formatting the error message. Print the +parameters with the new values that we actually checked instead. + +Fixes: 500e2434207d ('raw-format: Split raw_read_options()') +Signed-off-by: Kevin Wolf +Message-ID: <20240829185527.47152-1-kwolf@redhat.com> +Reviewed-by: Daniel P. Berrangé +Reviewed-by: Hanna Czenczek +Signed-off-by: Kevin Wolf +(cherry picked from commit 04bbc3ee52b32ac465547bb40c1f090a1b8f315a) +Signed-off-by: zhujun2 +--- + block/raw-format.c | 4 ++-- + 1 file changed, 2 insertions(+), 2 deletions(-) + +diff --git a/block/raw-format.c b/block/raw-format.c +index bda757fd19..a8185a3a2c 100644 +--- a/block/raw-format.c ++++ b/block/raw-format.c +@@ -109,7 +109,7 @@ static int raw_apply_options(BlockDriverState *bs, BDRVRawState *s, + if (offset > real_size) { + error_setg(errp, "Offset (%" PRIu64 ") cannot be greater than " + "size of the containing file (%" PRId64 ")", +- s->offset, real_size); ++ offset, real_size); + return -EINVAL; + } + +@@ -117,7 +117,7 @@ static int raw_apply_options(BlockDriverState *bs, BDRVRawState *s, + error_setg(errp, "The sum of offset (%" PRIu64 ") and size " + "(%" PRIu64 ") has to be smaller or equal to the " + " actual size of the containing file (%" PRId64 ")", +- s->offset, s->size, real_size); ++ offset, size, real_size); + return -EINVAL; + } + +-- +2.41.0.windows.1 + diff --git a/scsi-fetch-unit-attention-when-creating-the-request.patch b/scsi-fetch-unit-attention-when-creating-the-request.patch new file mode 100644 index 00000000..0a22b876 --- /dev/null +++ b/scsi-fetch-unit-attention-when-creating-the-request.patch @@ -0,0 +1,124 @@ +From 73a7cffceeae9561d75e40e04e7ae3d52e1ef4a5 Mon Sep 17 00:00:00 2001 +From: Stefano Garzarella +Date: Wed, 12 Jul 2023 15:43:50 +0200 +Subject: [PATCH] scsi: fetch unit attention when creating the request + +Commit 1880ad4f4e ("virtio-scsi: Batched prepare for cmd reqs") split +calls to scsi_req_new() and scsi_req_enqueue() in the virtio-scsi device. +No ill effects were observed until commit 8cc5583abe ("virtio-scsi: Send +"REPORTED LUNS CHANGED" sense data upon disk hotplug events") added a +unit attention that was easy to trigger with device hotplug and +hot-unplug. + +Because the two calls were separated, all requests in the batch were +prepared calling scsi_req_new() to report a sense. The first one +submitted would report the right sense and reset it to NO_SENSE, while +the others reported CHECK_CONDITION with no sense data. This caused +SCSI errors in Linux. + +To solve this issue, let's fetch the unit attention as early as possible +when we prepare the request, so that only the first request in the batch +will use the unit attention SCSIReqOps and the others will not report +CHECK CONDITION. + +Fixes: 1880ad4f4e ("virtio-scsi: Batched prepare for cmd reqs") +Fixes: 8cc5583abe ("virtio-scsi: Send "REPORTED LUNS CHANGED" sense data upon disk hotplug events") +Reported-by: Thomas Huth +Buglink: https://bugzilla.redhat.com/show_bug.cgi?id=2176702 +Co-developed-by: Paolo Bonzini +Signed-off-by: Stefano Garzarella +Message-ID: <20230712134352.118655-2-sgarzare@redhat.com> +Signed-off-by: Paolo Bonzini +(cherry picked from commit 9472083e642bfb9bc836b38662baddd9bc964ebc) +Signed-off-by: zhujun2 +--- + hw/scsi/scsi-bus.c | 36 +++++++++++++++++++++++++++++++++--- + include/hw/scsi/scsi.h | 1 + + 2 files changed, 34 insertions(+), 3 deletions(-) + +diff --git a/hw/scsi/scsi-bus.c b/hw/scsi/scsi-bus.c +index 89c4693cc2..613ad41de9 100644 +--- a/hw/scsi/scsi-bus.c ++++ b/hw/scsi/scsi-bus.c +@@ -419,19 +419,35 @@ static const struct SCSIReqOps reqops_invalid_opcode = { + + /* SCSIReqOps implementation for unit attention conditions. */ + +-static int32_t scsi_unit_attention(SCSIRequest *req, uint8_t *buf) ++static void scsi_fetch_unit_attention_sense(SCSIRequest *req) + { ++ SCSISense *ua = NULL; ++ + if (req->dev->unit_attention.key == UNIT_ATTENTION) { +- scsi_req_build_sense(req, req->dev->unit_attention); ++ ua = &req->dev->unit_attention; + } else if (req->bus->unit_attention.key == UNIT_ATTENTION) { +- scsi_req_build_sense(req, req->bus->unit_attention); ++ ua = &req->bus->unit_attention; + } ++ ++ /* ++ * Fetch the unit attention sense immediately so that another ++ * scsi_req_new does not use reqops_unit_attention. ++ */ ++ if (ua) { ++ scsi_req_build_sense(req, *ua); ++ *ua = SENSE_CODE(NO_SENSE); ++ } ++} ++ ++static int32_t scsi_unit_attention(SCSIRequest *req, uint8_t *buf) ++{ + scsi_req_complete(req, CHECK_CONDITION); + return 0; + } + + static const struct SCSIReqOps reqops_unit_attention = { + .size = sizeof(SCSIRequest), ++ .init_req = scsi_fetch_unit_attention_sense, + .send_command = scsi_unit_attention + }; + +@@ -705,6 +721,11 @@ SCSIRequest *scsi_req_alloc(const SCSIReqOps *reqops, SCSIDevice *d, + object_ref(OBJECT(d)); + object_ref(OBJECT(qbus->parent)); + notifier_list_init(&req->cancel_notifiers); ++ ++ if (reqops->init_req) { ++ reqops->init_req(req); ++ } ++ + trace_scsi_req_alloc(req->dev->id, req->lun, req->tag); + return req; + } +@@ -798,6 +819,15 @@ uint8_t *scsi_req_get_buf(SCSIRequest *req) + static void scsi_clear_unit_attention(SCSIRequest *req) + { + SCSISense *ua; ++ ++ /* ++ * scsi_fetch_unit_attention_sense() already cleaned the unit attention ++ * in this case. ++ */ ++ if (req->ops == &reqops_unit_attention) { ++ return; ++ } ++ + if (req->dev->unit_attention.key != UNIT_ATTENTION && + req->bus->unit_attention.key != UNIT_ATTENTION) { + return; +diff --git a/include/hw/scsi/scsi.h b/include/hw/scsi/scsi.h +index e5d90cd9dc..80c9eb00e4 100644 +--- a/include/hw/scsi/scsi.h ++++ b/include/hw/scsi/scsi.h +@@ -108,6 +108,7 @@ int cdrom_read_toc_raw(int nb_sectors, uint8_t *buf, int msf, int session_num); + /* scsi-bus.c */ + struct SCSIReqOps { + size_t size; ++ void (*init_req)(SCSIRequest *req); + void (*free_req)(SCSIRequest *req); + int32_t (*send_command)(SCSIRequest *req, uint8_t *buf); + void (*read_data)(SCSIRequest *req); +-- +2.41.0.windows.1 + diff --git a/simplebench-Fix-Python-syntax-error-reported-by-LGTM.patch b/simplebench-Fix-Python-syntax-error-reported-by-LGTM.patch new file mode 100644 index 00000000..6ece7ea5 --- /dev/null +++ b/simplebench-Fix-Python-syntax-error-reported-by-LGTM.patch @@ -0,0 +1,37 @@ +From 8fcd784145209d6e137e5c5d1e555599e523a10c Mon Sep 17 00:00:00 2001 +From: Luo Yifan +Date: Wed, 20 Nov 2024 10:50:23 +0800 +Subject: [PATCH] simplebench: Fix Python syntax error (reported by LGTM) +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +cherry picked from commit 9ebfc5a583d8aa94bf1bc37c1f71559187fd809c + +Fixes: b2fcb0c5754c2554b8406376e99a75e9e0a6b7bd +Signed-off-by: Stefan Weil +Reviewed-by: Philippe Mathieu-Daudé +Reviewed-by: John Snow +Message-id: 20220107153019.504124-1-sw@weilnetz.de +Signed-off-by: John Snow +Signed-off-by: Luo Yifan +--- + scripts/simplebench/bench-example.py | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/scripts/simplebench/bench-example.py b/scripts/simplebench/bench-example.py +index 4864435f39..fc370691e0 100644 +--- a/scripts/simplebench/bench-example.py ++++ b/scripts/simplebench/bench-example.py +@@ -25,7 +25,7 @@ + + def bench_func(env, case): + """ Handle one "cell" of benchmarking table. """ +- return bench_block_copy(env['qemu_binary'], env['cmd'], {} ++ return bench_block_copy(env['qemu_binary'], env['cmd'], {}, + case['source'], case['target']) + + +-- +2.41.0.windows.1 + diff --git a/target-arm-Drop-user-only-special-case-in-sve_stN_r.patch b/target-arm-Drop-user-only-special-case-in-sve_stN_r.patch new file mode 100644 index 00000000..0a77a236 --- /dev/null +++ b/target-arm-Drop-user-only-special-case-in-sve_stN_r.patch @@ -0,0 +1,43 @@ +From 62c04e2a0ba7020430df45ab4d58c05fc3faab13 Mon Sep 17 00:00:00 2001 +From: Richard Henderson +Date: Tue, 12 Nov 2024 06:12:32 -0800 +Subject: [PATCH] target/arm: Drop user-only special case in sve_stN_r + +This path is reachable with plugins enabled, and provoked +with run-plugin-catch-syscalls-with-libinline.so. + +Cc: qemu-stable@nongnu.org +Reviewed-by: Peter Maydell +Signed-off-by: Richard Henderson +Message-ID: <20241112141232.321354-1-richard.henderson@linaro.org> +(cherry picked from commit f27550804688da43c6e0d87b2f9e143adbf76271) +Signed-off-by: zhujun2 +--- + target/arm/sve_helper.c | 4 ---- + 1 file changed, 4 deletions(-) + +diff --git a/target/arm/sve_helper.c b/target/arm/sve_helper.c +index 03d58cabc8..e455fd6ecf 100644 +--- a/target/arm/sve_helper.c ++++ b/target/arm/sve_helper.c +@@ -6484,9 +6484,6 @@ void sve_stN_r(CPUARMState *env, uint64_t *vg, target_ulong addr, + + flags = info.page[0].flags | info.page[1].flags; + if (unlikely(flags != 0)) { +-#ifdef CONFIG_USER_ONLY +- g_assert_not_reached(); +-#else + /* + * At least one page includes MMIO. + * Any bus operation can fail with cpu_transaction_failed, +@@ -6517,7 +6514,6 @@ void sve_stN_r(CPUARMState *env, uint64_t *vg, target_ulong addr, + } while (reg_off & 63); + } while (reg_off <= reg_last); + return; +-#endif + } + + mem_off = info.mem_off_first[0]; +-- +2.41.0.windows.1 + diff --git a/target-i386-fix-size-of-EBP-writeback-in-gen_enter.patch b/target-i386-fix-size-of-EBP-writeback-in-gen_enter.patch new file mode 100644 index 00000000..2ca7a509 --- /dev/null +++ b/target-i386-fix-size-of-EBP-writeback-in-gen_enter.patch @@ -0,0 +1,44 @@ +From 8179e1d2e08c703a3adcd972091e5611656b727a Mon Sep 17 00:00:00 2001 +From: jipengfei +Date: Mon, 9 Sep 2024 20:41:20 +0800 +Subject: [PATCH] target/i386: fix size of EBP writeback in gen_enter() + +The calculation of FrameTemp is done using the size indicated by mo_pushpop() +before being written back to EBP, but the final writeback to EBP is done using +the size indicated by mo_stacksize(). + +In the case where mo_pushpop() is MO_32 and mo_stacksize() is MO_16 then the +final writeback to EBP is done using MO_16 which can leave junk in the top +16-bits of EBP after executing ENTER. + +Change the writeback of EBP to use the same size indicated by mo_pushpop() to +ensure that the full value is written back. + +cheery-pick from 3973615e7fbaeef1deeaa067577e373781ced70a + +Signed-off-by:jipengfei +Signed-off-by: Mark Cave-Ayland +Resolves: https://gitlab.com/qemu-project/qemu/-/issues/2198 +Message-ID: <20240606095319.229650-5-mark.cave-ayland@ilande.co.uk> +Cc: qemu-stable@nongnu.org +Signed-off-by: Paolo Bonzini +--- + target/i386/tcg/translate.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/target/i386/tcg/translate.c b/target/i386/tcg/translate.c +index 82f77b52fb..7c0613fa98 100644 +--- a/target/i386/tcg/translate.c ++++ b/target/i386/tcg/translate.c +@@ -2551,7 +2551,7 @@ static void gen_enter(DisasContext *s, int esp_addend, int level) + } + + /* Copy the FrameTemp value to EBP. */ +- gen_op_mov_reg_v(s, a_ot, R_EBP, s->T1); ++ gen_op_mov_reg_v(s, d_ot, R_EBP, s->T1); + + /* Compute the final value of ESP. */ + tcg_gen_subi_tl(s->T1, s->T1, esp_addend + size * level); +-- +2.41.0.windows.1 + diff --git a/target-ppc-Fix-7448-support.patch b/target-ppc-Fix-7448-support.patch new file mode 100644 index 00000000..15c60eb1 --- /dev/null +++ b/target-ppc-Fix-7448-support.patch @@ -0,0 +1,49 @@ +From 661b5844f361270c25899e3130b0e9aa72b74527 Mon Sep 17 00:00:00 2001 +From: Luo Yifan +Date: Wed, 20 Nov 2024 13:34:30 +0800 +Subject: [PATCH] target/ppc: Fix 7448 support +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +cherry picked from commit fe072a9914cc26c0f0a70dbbe0c27a61ff0170bc + +The 7448 CPU is an evolution of the PowerPC 7447A and the last of the +G4 family. Change its family to reflect correctly its features. This +fixes Linux boot. + +Cc: Fabiano Rosas +Reviewed-by: Fabiano Rosas +Signed-off-by: Cédric Le Goater +Message-Id: <20220117092555.1616512-1-clg@kaod.org> +Signed-off-by: Cédric Le Goater +Signed-off-by: Luo Yifan +--- + target/ppc/cpu-models.c | 8 ++++---- + 1 file changed, 4 insertions(+), 4 deletions(-) + +diff --git a/target/ppc/cpu-models.c b/target/ppc/cpu-models.c +index 02efc95723..e6cce0f8db 100644 +--- a/target/ppc/cpu-models.c ++++ b/target/ppc/cpu-models.c +@@ -670,13 +670,13 @@ + "PowerPC 7410 v1.3 (G4)") + POWERPC_DEF("7410_v1.4", CPU_POWERPC_7410_v14, 7410, + "PowerPC 7410 v1.4 (G4)") +- POWERPC_DEF("7448_v1.0", CPU_POWERPC_7448_v10, 7400, ++ POWERPC_DEF("7448_v1.0", CPU_POWERPC_7448_v10, 7445, + "PowerPC 7448 v1.0 (G4)") +- POWERPC_DEF("7448_v1.1", CPU_POWERPC_7448_v11, 7400, ++ POWERPC_DEF("7448_v1.1", CPU_POWERPC_7448_v11, 7445, + "PowerPC 7448 v1.1 (G4)") +- POWERPC_DEF("7448_v2.0", CPU_POWERPC_7448_v20, 7400, ++ POWERPC_DEF("7448_v2.0", CPU_POWERPC_7448_v20, 7445, + "PowerPC 7448 v2.0 (G4)") +- POWERPC_DEF("7448_v2.1", CPU_POWERPC_7448_v21, 7400, ++ POWERPC_DEF("7448_v2.1", CPU_POWERPC_7448_v21, 7445, + "PowerPC 7448 v2.1 (G4)") + POWERPC_DEF("7450_v1.0", CPU_POWERPC_7450_v10, 7450, + "PowerPC 7450 v1.0 (G4)") +-- +2.41.0.windows.1 + diff --git a/target-ppc-Set-ctx-opcode-for-decode_insn32.patch b/target-ppc-Set-ctx-opcode-for-decode_insn32.patch new file mode 100644 index 00000000..8e1f3bcc --- /dev/null +++ b/target-ppc-Set-ctx-opcode-for-decode_insn32.patch @@ -0,0 +1,56 @@ +From c65c24ba59c4a0442b81eaceec8bab1e5a0907cf Mon Sep 17 00:00:00 2001 +From: Ilya Leoshkevich +Date: Mon, 12 Aug 2024 10:53:08 +0200 +Subject: [PATCH] target/ppc: Set ctx->opcode for decode_insn32() +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +divdu (without a dot) sometimes updates cr0, even though it shouldn't. +The reason is that gen_op_arith_divd() checks Rc(ctx->opcode), which is +not initialized. This field is initialized only for instructions that +go through decode_legacy(), and not decodetree. + +There already was a similar issue fixed in commit 86e6202a57b1 +("target/ppc: Make divw[u] handler method decodetree compatible."). + +It's not immediately clear what else may access the uninitialized +ctx->opcode, so instead of playing whack-a-mole and changing the check +to compute_rc0, simply initialize ctx->opcode. + +Cc: qemu-stable@nongnu.org +Fixes: 99082815f17f ("target/ppc: Add infrastructure for prefixed insns") +Reviewed-by: Richard Henderson +Reviewed-by: Philippe Mathieu-Daudé +Signed-off-by: Ilya Leoshkevich +Signed-off-by: Nicholas Piggin +(cherry picked from commit c9b8a13a8841e0e23901e57e24ea98eeef16cf91) +Signed-off-by: zhujun2 +--- + target/ppc/translate.c | 3 +-- + 1 file changed, 1 insertion(+), 2 deletions(-) + +diff --git a/target/ppc/translate.c b/target/ppc/translate.c +index 153552ab50..a03bafadbc 100644 +--- a/target/ppc/translate.c ++++ b/target/ppc/translate.c +@@ -8380,8 +8380,6 @@ static bool decode_legacy(PowerPCCPU *cpu, DisasContext *ctx, uint32_t insn) + opc_handler_t **table, *handler; + uint32_t inval; + +- ctx->opcode = insn; +- + LOG_DISAS("translate opcode %08x (%02x %02x %02x %02x) (%s)\n", + insn, opc1(insn), opc2(insn), opc3(insn), opc4(insn), + ctx->le_mode ? "little" : "big"); +@@ -8510,6 +8508,7 @@ static void ppc_tr_translate_insn(DisasContextBase *dcbase, CPUState *cs) + ctx->base.pc_next = pc += 4; + + if (!is_prefix_insn(ctx, insn)) { ++ ctx->opcode = insn; + ok = (decode_insn32(ctx, insn) || + decode_legacy(cpu, ctx, insn)); + } else if ((pc & 63) == 0) { +-- +2.41.0.windows.1 + diff --git a/tcg-Allow-top-bit-of-SIMD_DATA_BITS-to-be-set-in-sim.patch b/tcg-Allow-top-bit-of-SIMD_DATA_BITS-to-be-set-in-sim.patch new file mode 100644 index 00000000..d2dbe071 --- /dev/null +++ b/tcg-Allow-top-bit-of-SIMD_DATA_BITS-to-be-set-in-sim.patch @@ -0,0 +1,69 @@ +From a14e2e0cb558f2bcbabffa2fbadb54948a770993 Mon Sep 17 00:00:00 2001 +From: Peter Maydell +Date: Fri, 15 Nov 2024 17:25:15 +0000 +Subject: [PATCH] tcg: Allow top bit of SIMD_DATA_BITS to be set in simd_desc() + +In simd_desc() we create a SIMD descriptor from various pieces +including an arbitrary data value from the caller. We try to +sanitize these to make sure everything will fit: the 'data' value +needs to fit in the SIMD_DATA_BITS (== 22) sized field. However we +do that sanitizing with: + tcg_debug_assert(data == sextract32(data, 0, SIMD_DATA_BITS)); + +This works for the case where the data is supposed to be considered +as a signed integer (which can then be returned via simd_data()). +However, some callers want to treat the data value as unsigned. + +Specifically, for the Arm SVE operations, make_svemte_desc() +assembles a data value as a collection of fields, and it needs to use +all 22 bits. Currently if MTE is enabled then its MTEDESC SIZEM1 +field may have the most significant bit set, and then it will trip +this assertion. + +Loosen the assertion so that we only check that the data value will +fit into the field in some way, either as a signed or as an unsigned +value. This means we will fail to detect some kinds of bug in the +callers, but we won't spuriously assert for intentional use of the +data field as unsigned. + +Cc: qemu-stable@nongnu.org +Fixes: db432672dc50e ("tcg: Add generic vector expanders") +Resolves: https://gitlab.com/qemu-project/qemu/-/issues/2601 +Signed-off-by: Peter Maydell +Message-ID: <20241115172515.1229393-1-peter.maydell@linaro.org> +Reviewed-by: Richard Henderson +Signed-off-by: Richard Henderson +Signed-off-by: Zhongrui Tang +--- + tcg/tcg-op-gvec.c | 15 ++++++++++++++- + 1 file changed, 14 insertions(+), 1 deletion(-) + +diff --git a/tcg/tcg-op-gvec.c b/tcg/tcg-op-gvec.c +index ffe55e908f..aea44c53b0 100644 +--- a/tcg/tcg-op-gvec.c ++++ b/tcg/tcg-op-gvec.c +@@ -88,7 +88,20 @@ uint32_t simd_desc(uint32_t oprsz, uint32_t maxsz, int32_t data) + uint32_t desc = 0; + + check_size_align(oprsz, maxsz, 0); +- tcg_debug_assert(data == sextract32(data, 0, SIMD_DATA_BITS)); ++ ++ /* ++ * We want to check that 'data' will fit into SIMD_DATA_BITS. ++ * However, some callers want to treat the data as a signed ++ * value (which they can later get back with simd_data()) ++ * and some want to treat it as an unsigned value. ++ * So here we assert only that the data will fit into the ++ * field in at least one way. This means that some invalid ++ * values from the caller will not be detected, e.g. if the ++ * caller wants to handle the value as a signed integer but ++ * incorrectly passes us 1 << (SIMD_DATA_BITS - 1). ++ */ ++ tcg_debug_assert(data == sextract32(data, 0, SIMD_DATA_BITS) || ++ data == extract32(data, 0, SIMD_DATA_BITS)); + + oprsz = (oprsz / 8) - 1; + maxsz = (maxsz / 8) - 1; +-- +2.41.0.windows.1 + diff --git a/tcg-Reset-data_gen_ptr-correctly.patch b/tcg-Reset-data_gen_ptr-correctly.patch new file mode 100644 index 00000000..45bc208f --- /dev/null +++ b/tcg-Reset-data_gen_ptr-correctly.patch @@ -0,0 +1,43 @@ +From 3fe3a7706b9cacefdebba10cfaa15d6286f6e91c Mon Sep 17 00:00:00 2001 +From: Richard Henderson +Date: Wed, 16 Oct 2024 17:31:05 +0000 +Subject: [PATCH] tcg: Reset data_gen_ptr correctly + +This pointer needs to be reset after overflow just like +code_buf and code_ptr. + +Cc: qemu-stable@nongnu.org +Fixes: 57a269469db ("tcg: Infrastructure for managing constant pools") +Acked-by: Alistair Francis +Reviewed-by: Pierrick Bouvier +Reviewed-by: LIU Zhiwei +Signed-off-by: Richard Henderson +(cherry picked from commit a7cfd751fb269de4a93bf1658cb13911c7ac77cc) +Signed-off-by: zhujun2 +--- + tcg/tcg.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/tcg/tcg.c b/tcg/tcg.c +index 635555001b..08c3b5a002 100644 +--- a/tcg/tcg.c ++++ b/tcg/tcg.c +@@ -714,7 +714,6 @@ TranslationBlock *tcg_tb_alloc(TCGContext *s) + goto retry; + } + qatomic_set(&s->code_gen_ptr, next); +- s->data_gen_ptr = NULL; + return tb; + } + +@@ -4276,6 +4275,7 @@ int tcg_gen_code(TCGContext *s, TranslationBlock *tb) + */ + s->code_buf = tcg_splitwx_to_rw(tb->tc.ptr); + s->code_ptr = s->code_buf; ++ s->data_gen_ptr = NULL; + + #ifdef TCG_TARGET_NEED_LDST_LABELS + QSIMPLEQ_INIT(&s->ldst_labels); +-- +2.41.0.windows.1 + diff --git a/tests-Fix-typo-in-check-help-output.patch b/tests-Fix-typo-in-check-help-output.patch new file mode 100644 index 00000000..07020b28 --- /dev/null +++ b/tests-Fix-typo-in-check-help-output.patch @@ -0,0 +1,36 @@ +From a7fbe006d0863d4228bed30e0c5125a2a2ead8d2 Mon Sep 17 00:00:00 2001 +From: Luo Yifan +Date: Wed, 20 Nov 2024 13:37:02 +0800 +Subject: [PATCH] tests: Fix typo in check-help output +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +cherry picked from commit 6d4c8af321e5d0da919fd946d44abbd61a10b708 + +Fix typo in 'make check-help' output. + +Signed-off-by: Philippe Mathieu-Daudé +Message-Id: <20220111175528.22294-1-f4bug@amsat.org> +Signed-off-by: Laurent Vivier +Signed-off-by: Luo Yifan +--- + tests/Makefile.include | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/tests/Makefile.include b/tests/Makefile.include +index 4c564cf789..3aba622400 100644 +--- a/tests/Makefile.include ++++ b/tests/Makefile.include +@@ -23,7 +23,7 @@ endif + @echo " $(MAKE) check-clean Clean the tests and related data" + @echo + @echo "The following are useful for CI builds" +- @echo " $(MAKE) check-build Build most test binaris" ++ @echo " $(MAKE) check-build Build most test binaries" + @echo " $(MAKE) get-vm-images Downloads all images used by avocado tests, according to configured targets (~350 MB each, 1.5 GB max)" + @echo + @echo +-- +2.41.0.windows.1 + diff --git a/tests-avocado-machine_s390_ccw_virtio-Adapt-test-to-.patch b/tests-avocado-machine_s390_ccw_virtio-Adapt-test-to-.patch new file mode 100644 index 00000000..ab6dbf34 --- /dev/null +++ b/tests-avocado-machine_s390_ccw_virtio-Adapt-test-to-.patch @@ -0,0 +1,42 @@ +From 66232caae47f056c264ac7aee8c16ad1db807bfd Mon Sep 17 00:00:00 2001 +From: Luo Yifan +Date: Mon, 16 Dec 2024 09:32:39 +0800 +Subject: [PATCH] tests/avocado/machine_s390_ccw_virtio: Adapt test to new + default resolution +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +cherry picked from commit f3f230d934dada8801c86742f58bca7a2cd1ff78 + +QEMU's default screen resolution recently changed to 1280x800, so the +resolution in the screen shot header changed of course, too. + +Fixes: de72c4b7cd ("edid: set default resolution to 1280x800 (WXGA)") +Reported-by: Peter Maydell +Message-Id: <20220221101933.307525-1-thuth@redhat.com> +Reviewed-by: Philippe Mathieu-Daudé +Reviewed-by: Daniel P. Berrangé +Acked-by: Halil Pasic +Signed-off-by: Thomas Huth +Signed-off-by: Luo Yifan +--- + tests/avocado/machine_s390_ccw_virtio.py | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/tests/avocado/machine_s390_ccw_virtio.py b/tests/avocado/machine_s390_ccw_virtio.py +index bd03d7160b..438a6f4321 100644 +--- a/tests/avocado/machine_s390_ccw_virtio.py ++++ b/tests/avocado/machine_s390_ccw_virtio.py +@@ -248,7 +248,7 @@ def test_s390x_fedora(self): + line = ppmfile.readline() + self.assertEqual(line, b"P6\n") + line = ppmfile.readline() +- self.assertEqual(line, b"1024 768\n") ++ self.assertEqual(line, b"1280 800\n") + line = ppmfile.readline() + self.assertEqual(line, b"255\n") + line = ppmfile.readline(256) +-- +2.41.0.windows.1 + diff --git a/tests-qtest-fuzz-fix-memleak-in-qos_fuzz.c.patch b/tests-qtest-fuzz-fix-memleak-in-qos_fuzz.c.patch new file mode 100644 index 00000000..d600b664 --- /dev/null +++ b/tests-qtest-fuzz-fix-memleak-in-qos_fuzz.c.patch @@ -0,0 +1,34 @@ +From f983ffa9ecc271b16695f8dc80428a600a03cf40 Mon Sep 17 00:00:00 2001 +From: jipengfei +Date: Mon, 9 Sep 2024 20:31:51 +0800 +Subject: [PATCH] tests/qtest/fuzz: fix memleak in qos_fuzz.c + +Found with fuzzing for qemu-8.2, but also relevant for master + +cheery-pick from 7c66540db45a726029e5165f6e5c34008f08ede + +Signed-off-by:jipengfei +Signed-off-by: Dmitry Frolov +Reviewed-by: Thomas Huth +Reviewed-by: Alexander Bulekov +Message-ID: <20240521103106.119021-3-frolov@swemel.ru> +Signed-off-by: Thomas Huth +--- + tests/qtest/fuzz/qos_fuzz.c | 1 + + 1 file changed, 1 insertion(+) + +diff --git a/tests/qtest/fuzz/qos_fuzz.c b/tests/qtest/fuzz/qos_fuzz.c +index 7a244c951e..5ab38e50cf 100644 +--- a/tests/qtest/fuzz/qos_fuzz.c ++++ b/tests/qtest/fuzz/qos_fuzz.c +@@ -182,6 +182,7 @@ static void walk_path(QOSGraphNode *orig_path, int len) + + fuzz_path_vec = path_vec; + } else { ++ g_string_free(cmd_line, true); + g_free(path_vec); + } + +-- +2.41.0.windows.1 + diff --git a/ui-gtk-fix-leaks-found-wtih-fuzzing.patch b/ui-gtk-fix-leaks-found-wtih-fuzzing.patch new file mode 100644 index 00000000..a56e2c87 --- /dev/null +++ b/ui-gtk-fix-leaks-found-wtih-fuzzing.patch @@ -0,0 +1,52 @@ +From 1876a69642964cdaadcce4dd797c0b91f02c2ed3 Mon Sep 17 00:00:00 2001 +From: Zhang Jiao +Date: Thu, 12 Dec 2024 09:57:44 +0800 +Subject: [PATCH] ui/gtk: fix leaks found wtih fuzzing + +cheery-pick from e38f4e976dd40c985bfe84230a627de9a108c9d3 + +It is true, that there is no problem during runtime +from the first sight, because the memory is lost just +before qemu exits. Nevertheless, this change is necessary, +because AddressSanitizer is not able to recognize this +situation and produces crash-report (which is +false-positive in fact). Lots of False-Positive warnings +are davaluing problems, found with fuzzing, and thus the +whole methodology of dynamic analysis. +This patch eliminates such False-Positive reports, +and makes every problem, found with fuzzing, more valuable. + +Fixes: 060ab76356 ("gtk: don't exit early in case gtk init fails") + +Signed-off-by: Dmitry Frolov +Reviewed-by: Michael Tokarev +Message-Id: <20230825115818.1091936-1-frolov@swemel.ru> +Signed-off-by: Zhang Jiao +--- + ui/gtk.c | 3 ++- + 1 file changed, 2 insertions(+), 1 deletion(-) + +diff --git a/ui/gtk.c b/ui/gtk.c +index 6d9cb42b3d..f16ccf9c4b 100644 +--- a/ui/gtk.c ++++ b/ui/gtk.c +@@ -2245,7 +2245,7 @@ static void gtk_display_init(DisplayState *ds, DisplayOptions *opts) + { + VirtualConsole *vc; + +- GtkDisplayState *s = g_malloc0(sizeof(*s)); ++ GtkDisplayState *s; + GdkDisplay *window_display; + GtkIconTheme *theme; + char *dir; +@@ -2255,6 +2255,7 @@ static void gtk_display_init(DisplayState *ds, DisplayOptions *opts) + exit(1); + } + assert(opts->type == DISPLAY_TYPE_GTK); ++ s = g_malloc0(sizeof(*s)); + s->opts = opts; + + theme = gtk_icon_theme_get_default(); +-- +2.41.0.windows.1 + diff --git a/usb-hub-Fix-handling-port-power-control-messages.patch b/usb-hub-Fix-handling-port-power-control-messages.patch new file mode 100644 index 00000000..bfff7c6a --- /dev/null +++ b/usb-hub-Fix-handling-port-power-control-messages.patch @@ -0,0 +1,38 @@ +From 6e7e25af997cd6506a22d6eb2abe5fb0835c31ed Mon Sep 17 00:00:00 2001 +From: Guenter Roeck +Date: Tue, 12 Nov 2024 09:01:52 -0800 +Subject: [PATCH] usb-hub: Fix handling port power control messages +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +The ClearPortFeature control message fails for PORT_POWER because there +is no break; at the end of the case statement, causing it to fall through +to the failure handler. Add the missing break; to solve the problem. + +Fixes: 1cc403eb21 ("usb-hub: emulate per port power switching") +Signed-off-by: Guenter Roeck +Reviewed-by: Philippe Mathieu-Daudé +Message-ID: <20241112170152.217664-11-linux@roeck-us.net> +Signed-off-by: Philippe Mathieu-Daudé +(cherry picked from commit b2cc69997924b651c0c6f4037782e25f2e438715) +Signed-off-by: zhujun2 +--- + hw/usb/dev-hub.c | 1 + + 1 file changed, 1 insertion(+) + +diff --git a/hw/usb/dev-hub.c b/hw/usb/dev-hub.c +index e35813d772..605fee4fa9 100644 +--- a/hw/usb/dev-hub.c ++++ b/hw/usb/dev-hub.c +@@ -479,6 +479,7 @@ static void usb_hub_handle_control(USBDevice *dev, USBPacket *p, + usb_hub_port_clear(port, PORT_STAT_SUSPEND); + port->wPortChange = 0; + } ++ break; + default: + goto fail; + } +-- +2.41.0.windows.1 + diff --git a/vvfat-Fix-size-of-temporary-qcow-file.patch b/vvfat-Fix-size-of-temporary-qcow-file.patch new file mode 100644 index 00000000..78ff2cd0 --- /dev/null +++ b/vvfat-Fix-size-of-temporary-qcow-file.patch @@ -0,0 +1,55 @@ +From af7d805a06677a4fdf55799c080b06483adafc9f Mon Sep 17 00:00:00 2001 +From: Luo Yifan +Date: Wed, 20 Nov 2024 11:23:29 +0800 +Subject: [PATCH] vvfat: Fix size of temporary qcow file + +cherry picked from commit 2db9b9e96f0b57ceaa49666d9b8a573290114fdf + +The size of the qcow size was calculated so that only the FAT partition +would fit on it, but not the whole disk. However, offsets relative to +the whole disk are used to access it, so increase its size to be large +enough for that. + +Signed-off-by: Kevin Wolf +Message-Id: <20211209151815.23495-1-kwolf@redhat.com> +Signed-off-by: Kevin Wolf +Signed-off-by: Luo Yifan +--- + block/vvfat.c | 7 +++---- + 1 file changed, 3 insertions(+), 4 deletions(-) + +diff --git a/block/vvfat.c b/block/vvfat.c +index 58692133c1..3691c4774e 100644 +--- a/block/vvfat.c ++++ b/block/vvfat.c +@@ -1230,6 +1230,7 @@ static int vvfat_open(BlockDriverState *bs, QDict *options, int flags, + dirname, cyls, heads, secs)); + + s->sector_count = cyls * heads * secs - s->offset_to_bootsector; ++ bs->total_sectors = cyls * heads * secs; + + if (qemu_opt_get_bool(opts, "rw", false)) { + if (!bdrv_is_read_only(bs)) { +@@ -1250,8 +1251,6 @@ static int vvfat_open(BlockDriverState *bs, QDict *options, int flags, + } + } + +- bs->total_sectors = cyls * heads * secs; +- + if (init_directories(s, dirname, heads, secs, errp)) { + ret = -EIO; + goto fail; +@@ -3149,8 +3148,8 @@ static int enable_write_target(BlockDriverState *bs, Error **errp) + } + + opts = qemu_opts_create(bdrv_qcow->create_opts, NULL, 0, &error_abort); +- qemu_opt_set_number(opts, BLOCK_OPT_SIZE, s->sector_count * 512, +- &error_abort); ++ qemu_opt_set_number(opts, BLOCK_OPT_SIZE, ++ bs->total_sectors * BDRV_SECTOR_SIZE, &error_abort); + qemu_opt_set(opts, BLOCK_OPT_BACKING_FILE, "fat:", &error_abort); + + ret = bdrv_create(bdrv_qcow, s->qcow_filename, opts, errp); +-- +2.41.0.windows.1 + diff --git a/vvfat-Fix-vvfat_write-for-writes-before-the-root-dir.patch b/vvfat-Fix-vvfat_write-for-writes-before-the-root-dir.patch new file mode 100644 index 00000000..d9242e31 --- /dev/null +++ b/vvfat-Fix-vvfat_write-for-writes-before-the-root-dir.patch @@ -0,0 +1,99 @@ +From 64b53f59bccb8ec3251826c06d74adbc7b3cad36 Mon Sep 17 00:00:00 2001 +From: Luo Yifan +Date: Mon, 16 Dec 2024 10:27:44 +0800 +Subject: [PATCH] vvfat: Fix vvfat_write() for writes before the root directory + +cherry picked from commit b9b8860d24676ec59c878d5206ea6bcfc87af798 + +The calculation in sector2cluster() is done relative to the offset of +the root directory. Any writes to blocks before the start of the root +directory (in particular, writes to the FAT) result in negative values, +which are not handled correctly in vvfat_write(). + +This changes sector2cluster() to return a signed value, and makes sure +that vvfat_write() doesn't try to find mappings for negative cluster +number. It clarifies the code in vvfat_write() to make it more obvious +that the cluster numbers can be negative. + +Signed-off-by: Kevin Wolf +Message-Id: <20211209152231.23756-1-kwolf@redhat.com> +Signed-off-by: Kevin Wolf +Signed-off-by: Luo Yifan +--- + block/vvfat.c | 30 ++++++++++++++++++++++-------- + 1 file changed, 22 insertions(+), 8 deletions(-) + +diff --git a/block/vvfat.c b/block/vvfat.c +index 3691c4774e..935a10bdd3 100644 +--- a/block/vvfat.c ++++ b/block/vvfat.c +@@ -882,7 +882,7 @@ static int read_directory(BDRVVVFATState* s, int mapping_index) + return 0; + } + +-static inline uint32_t sector2cluster(BDRVVVFATState* s,off_t sector_num) ++static inline int32_t sector2cluster(BDRVVVFATState* s,off_t sector_num) + { + return (sector_num - s->offset_to_root_dir) / s->sectors_per_cluster; + } +@@ -2983,6 +2983,7 @@ static int vvfat_write(BlockDriverState *bs, int64_t sector_num, + { + BDRVVVFATState *s = bs->opaque; + int i, ret; ++ int first_cluster, last_cluster; + + DLOG(checkpoint()); + +@@ -3001,9 +3002,20 @@ DLOG(checkpoint()); + if (sector_num < s->offset_to_fat) + return -1; + +- for (i = sector2cluster(s, sector_num); +- i <= sector2cluster(s, sector_num + nb_sectors - 1);) { +- mapping_t* mapping = find_mapping_for_cluster(s, i); ++ /* ++ * Values will be negative for writes to the FAT, which is located before ++ * the root directory. ++ */ ++ first_cluster = sector2cluster(s, sector_num); ++ last_cluster = sector2cluster(s, sector_num + nb_sectors - 1); ++ ++ for (i = first_cluster; i <= last_cluster;) { ++ mapping_t *mapping = NULL; ++ ++ if (i >= 0) { ++ mapping = find_mapping_for_cluster(s, i); ++ } ++ + if (mapping) { + if (mapping->read_only) { + fprintf(stderr, "Tried to write to write-protected file %s\n", +@@ -3043,8 +3055,9 @@ DLOG(checkpoint()); + } + } + i = mapping->end; +- } else ++ } else { + i++; ++ } + } + + /* +@@ -3058,10 +3071,11 @@ DLOG(fprintf(stderr, "Write to qcow backend: %d + %d\n", (int)sector_num, nb_sec + return ret; + } + +- for (i = sector2cluster(s, sector_num); +- i <= sector2cluster(s, sector_num + nb_sectors - 1); i++) +- if (i >= 0) ++ for (i = first_cluster; i <= last_cluster; i++) { ++ if (i >= 0) { + s->used_clusters[i] |= USED_ALLOCATED; ++ } ++ } + + DLOG(checkpoint()); + /* TODO: add timeout */ +-- +2.41.0.windows.1 + -- Gitee