packages/qemu
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

QEMU update to version 6.2.0-106:

Browse Source 
- hw/nvme: Remove redundant dma_blk_write
- tests/avocado/machine_s390_ccw_virtio: Adapt test to new default resolution
- edid: set default resolution to 1280x800 (WXGA)
- iotests/308: Fix for CAP_DAC_OVERRIDE
- hvf: remove unused but set variable
- vvfat: Fix vvfat_write() for writes before the root directory
- hw/misc/nrf51_rng: Don't use BIT_MASK() when we mean BIT()
- hw/pci: Remove unused pci_irq_pulse() method
- ui/gtk: fix leaks found wtih fuzzing
- target/i386: fix size of EBP writeback in gen_enter()
- tests/qtest/fuzz: fix memleak in qos_fuzz.c
- hw/core/loader: gunzip(): fix memory leak on error path
- migration: fix a typo
- scsi: fetch unit attention when creating the request
- raw-format: Fix error message for invalid offset/size
- tcg: Reset data_gen_ptr correctly
- Fix calculation of minimum in colo_compare_tcp
- hw/intc: Don't clear pending bits on IRQ lowering
- target/arm: Drop user-only special case in sve_stN_r
- usb-hub: Fix handling port power control messages
- target/ppc: Set ctx->opcode for decode_insn32()
- linux-user: Add proper strace format strings for getdents()/getdents64()
- linux-user: Fix TARGET_PROT_SEM for XTENSA
- linux-user/hppa: Set TASK_UNMAPPED_BASE to 0xfa000000 for hppa arch
- linux-user/hppa: Dump IIR on register dump
- tests: Fix typo in check-help output
- qdev-core.h: Fix wrongly named reference to TYPE_SPLIT_IRQ
- hw/scsi/megasas: Simplify using the ldst API
- gqa-win: get_pci_info: Clean dev_info if handle is valid
- target/ppc: Fix 7448 support
- vvfat: Fix size of temporary qcow file
- docs: Correct 'vhost-user-blk' spelling
- jackaudio: use ifdefs to hide unavailable functions
- simplebench: Fix Python syntax error (reported by LGTM)
- python: update type hints for mypy 0.930
- Python/aqmp: fix type definitions for mypy 0.920
- tcg: Allow top bit of SIMD_DATA_BITS to be set in simd_desc()
- hw/ppc/e500: Prefer QOM cast
- hw/ppc/e500: Remove unused "irqs" parameter
- hw/ppc/e500: Add missing device tree properties to i2c controller node
- linux-user: Show timespec on strace for futex()
- linux-user: Add strace for clock_nanosleep()
- linux-user: Fix strace of chmod() if mode == 0
- linux-user: Log failing executable in EXCP_DUMP()
- linux-user: Add pidfd_open(), pidfd_send_signal() and pidfd_getfd() syscalls

Signed-off-by: Jiabo Feng <fengjiabo1@huawei.com>
(cherry picked from commit 87ebac5b5cfb97ddb7ac2af097703758fb0751c4)
This commit is contained in:
Jiabo Feng 2025-02-21 14:46:05 +08:00 committed by openeuler-sync-bot
parent 4aafbc36e3
commit f4f53a5098
46 changed files with 2450 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

36
Fix-calculation-of-minimum-in-colo_compare_tcp.patch Normal file
View File

@ -0,0 +1,36 @@
From 9a0cd347854db393076683b6321c85359d530490 Mon Sep 17 00:00:00 2001
From: Stefan Weil <sw@weilnetz.de>
Date: Mon, 9 Sep 2024 22:42:54 +0200
Subject: [PATCH] Fix calculation of minimum in colo_compare_tcp
GitHub's CodeQL reports a critical error which is fixed by using the MIN macro:
Unsigned difference expression compared to zero
Signed-off-by: Stefan Weil <sw@weilnetz.de>
Cc: qemu-stable@nongnu.org
Reviewed-by: Zhang Chen <chen.zhang@intel.com>
Signed-off-by: Jason Wang <jasowang@redhat.com>
(cherry picked from commit e29bc931e1699a98959680f6776b48673825762b)
Signed-off-by: zhujun2 <zhujun2_yewu@cmss.chinamobile.com>
---
net/colo-compare.c | 3 +--
1 file changed, 1 insertion(+), 2 deletions(-)
diff --git a/net/colo-compare.c b/net/colo-compare.c
index b966e7e514..e845c63f2e 100644
--- a/net/colo-compare.c
+++ b/net/colo-compare.c
@@ -414,8 +414,7 @@ static void colo_compare_tcp(CompareState *s, Connection *conn)
* can ensure that the packet's payload is acknowledged by
* primary and secondary.
*/
- uint32_t min_ack = conn->pack - conn->sack > 0 ?
- conn->sack : conn->pack;
+ uint32_t min_ack = MIN(conn->pack, conn->sack);
pri:
if (g_queue_is_empty(&conn->primary_list)) {
--
2.41.0.windows.1

52
Python-aqmp-fix-type-definitions-for-mypy-0.920.patch Normal file
View File

@ -0,0 +1,52 @@
From 5416865eeac72a5dabf91b6c1a70ff7d09e214cf Mon Sep 17 00:00:00 2001
From: Luo Yifan <luoyifan_yewu@cmss.chinamobile.com>
Date: Wed, 20 Nov 2024 10:38:43 +0800
Subject: [PATCH] Python/aqmp: fix type definitions for mypy 0.920
cherry picked from commit 42d73f2894ea1855df5a25d58e0d9eac6023dcc3
0.920 (Released 2021-12-15) is not entirely happy with the
way that I was defining _FutureT:
qemu/aqmp/protocol.py:601: error: Item "object" of the upper bound
"Optional[Future[Any]]" of type variable "_FutureT" has no attribute
"done"
Update it with something a little mechanically simpler that works better
across a wider array of mypy versions.
Signed-off-by: John Snow <jsnow@redhat.com>
Message-id: 20220110191349.1841027-3-jsnow@redhat.com
Signed-off-by: John Snow <jsnow@redhat.com>
Signed-off-by: Luo Yifan <luoyifan_yewu@cmss.chinamobile.com>
---
python/qemu/aqmp/protocol.py | 5 +++--
1 file changed, 3 insertions(+), 2 deletions(-)
diff --git a/python/qemu/aqmp/protocol.py b/python/qemu/aqmp/protocol.py
index 5190b33b13..c4fbe35a0e 100644
--- a/python/qemu/aqmp/protocol.py
+++ b/python/qemu/aqmp/protocol.py
@@ -43,8 +43,8 @@
T = TypeVar('T')
+_U = TypeVar('_U')
_TaskFN = Callable[[], Awaitable[None]] # aka ``async def func() -> None``
-_FutureT = TypeVar('_FutureT', bound=Optional['asyncio.Future[Any]'])
class Runstate(Enum):
@@ -591,7 +591,8 @@ def _cleanup(self) -> None:
"""
Fully reset this object to a clean state and return to `IDLE`.
"""
- def _paranoid_task_erase(task: _FutureT) -> Optional[_FutureT]:
+ def _paranoid_task_erase(task: Optional['asyncio.Future[_U]']
+ ) -> Optional['asyncio.Future[_U]']:
# Help to erase a task, ENSURING it is fully quiesced first.
assert (task is None) or task.done()
return None if (task and task.done()) else task
--
2.41.0.windows.1

35
docs-Correct-vhost-user-blk-spelling.patch Normal file
View File

@ -0,0 +1,35 @@
From c8c0afc9d6487894498d23d31cc7bbb4f86c0e3d Mon Sep 17 00:00:00 2001
From: Luo Yifan <luoyifan_yewu@cmss.chinamobile.com>
Date: Wed, 20 Nov 2024 11:22:38 +0800
Subject: [PATCH] docs: Correct 'vhost-user-blk' spelling
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
cherry picked from commit 9bd11f9638cbc08dcab6777f0a27f597cb44c22a
Reported-by: Eric Blake <eblake@redhat.com>
Signed-off-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Message-Id: <20220107105420.395011-2-f4bug@amsat.org>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Signed-off-by: Luo Yifan <luoyifan_yewu@cmss.chinamobile.com>
---
docs/tools/qemu-storage-daemon.rst | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/docs/tools/qemu-storage-daemon.rst b/docs/tools/qemu-storage-daemon.rst
index 3e5a9dc032..9b0eaba6e5 100644
--- a/docs/tools/qemu-storage-daemon.rst
+++ b/docs/tools/qemu-storage-daemon.rst
@@ -201,7 +201,7 @@ Export raw image file ``disk.img`` over NBD UNIX domain socket ``nbd.sock``::
--nbd-server addr.type=unix,addr.path=nbd.sock \
--export type=nbd,id=export,node-name=disk,writable=on
-Export a qcow2 image file ``disk.qcow2`` as a vhosts-user-blk device over UNIX
+Export a qcow2 image file ``disk.qcow2`` as a vhost-user-blk device over UNIX
domain socket ``vhost-user-blk.sock``::
$ qemu-storage-daemon \
--
2.41.0.windows.1

114
edid-set-default-resolution-to-1280x800-WXGA.patch Normal file
View File

@ -0,0 +1,114 @@
From 33d5ea75f73c19ed9058fa700eb65a405c7c7bcc Mon Sep 17 00:00:00 2001
From: Luo Yifan <luoyifan_yewu@cmss.chinamobile.com>
Date: Wed, 20 Nov 2024 11:13:22 +0800
Subject: [PATCH] edid: set default resolution to 1280x800 (WXGA)
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
cherry picked from commit de72c4b7cdf6ec18bfe9fe714aa96e48db6fd895
Currently QEMU defaults to a resolution of 1024x768 when exposing EDID
info to the guest OS. The EDID default info is important as this will
influence what resolution many guest OS will configure the screen with
on boot. It can also potentially influence what resolution the firmware
will configure the screen with, though until very recently EDK2 would
not handle EDID info.
One important thing to bear in mind is that the default graphics card
driver provided by Windows will leave the display set to whatever
resolution was enabled by the firmware on boot. Even if sufficient
VRAM is available, the resolution can't be changed without installing
new drivers. IOW, the default resolution choice is quite important
for usability of Windows.
Modern real world monitor hardware for desktop/laptop has supported
resolutions higher than 1024x768 for a long time now, perhaps as long
as 15+ years. There are quite a wide variety of native resolutions in
use today, however, and in wide screen form factors the height may not
be all that tall.
None the less, it is considered that there is scope for making the
QEMU default resolution slightly larger.
In considering what possible new default could be suitable, choices
considered were 1280x720 (720p), 1280x800 (WXGA) and 1280x1024 (SXGA).
In many ways, vertical space is the most important, and so 720p was
discarded due to loosing vertical space, despite being 25% wider.
The SXGA resolution would be good, but when taking into account
window titlebars/toolbars and window manager desktop UI, this might
be a little too tall for some users to fit the guest on their physical
montior.
This patch thus suggests a modest change to 1280x800 (WXGA). This
only consumes 1 MB per colour channel, allowing double buffered
framebuffer in 8 MB of VRAM. Width wise this is 25% larger than
QEMU's current default, but height wise this only adds 5%, so the
difference isn't massive on the QEMU side.
Overall there doesn't appear to be a compelling reason to stick
with 1024x768 resolution.
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
Reviewed-by: Gerd Hoffmann <kraxel@redhat.com>
Message-Id: <20211129140508.1745130-1-berrange@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Signed-off-by: Luo Yifan <luoyifan_yewu@cmss.chinamobile.com>
---
hw/display/edid-generate.c | 4 ++--
include/hw/virtio/virtio-gpu.h | 4 ++--
qemu-edid.c | 4 ++--
3 files changed, 6 insertions(+), 6 deletions(-)
diff --git a/hw/display/edid-generate.c b/hw/display/edid-generate.c
index f2b874d5e3..6f5ac6a38a 100644
--- a/hw/display/edid-generate.c
+++ b/hw/display/edid-generate.c
@@ -401,10 +401,10 @@ void qemu_edid_generate(uint8_t *edid, size_t size,
info->name = "QEMU Monitor";
}
if (!info->prefx) {
- info->prefx = 1024;
+ info->prefx = 1280;
}
if (!info->prefy) {
- info->prefy = 768;
+ info->prefy = 800;
}
if (info->prefx >= 4096 || info->prefy >= 4096) {
large_screen = 1;
diff --git a/include/hw/virtio/virtio-gpu.h b/include/hw/virtio/virtio-gpu.h
index acfba7c76c..2179b75703 100644
--- a/include/hw/virtio/virtio-gpu.h
+++ b/include/hw/virtio/virtio-gpu.h
@@ -147,8 +147,8 @@ struct VirtIOGPUBaseClass {
DEFINE_PROP_UINT32("max_outputs", _state, _conf.max_outputs, 1), \
DEFINE_PROP_BIT("edid", _state, _conf.flags, \
VIRTIO_GPU_FLAG_EDID_ENABLED, true), \
- DEFINE_PROP_UINT32("xres", _state, _conf.xres, 1024), \
- DEFINE_PROP_UINT32("yres", _state, _conf.yres, 768)
+ DEFINE_PROP_UINT32("xres", _state, _conf.xres, 1280), \
+ DEFINE_PROP_UINT32("yres", _state, _conf.yres, 800)
typedef struct VGPUDMABuf {
QemuDmaBuf buf;
diff --git a/qemu-edid.c b/qemu-edid.c
index c3a9fba10d..20c958d9c7 100644
--- a/qemu-edid.c
+++ b/qemu-edid.c
@@ -10,8 +10,8 @@
#include "hw/display/edid.h"
static qemu_edid_info info = {
- .prefx = 1024,
- .prefy = 768,
+ .prefx = 1280,
+ .prefy = 800,
};
static void usage(FILE *out)
--
2.41.0.windows.1

45
gqa-win-get_pci_info-Clean-dev_info-if-handle-is-val.patch Normal file
View File

@ -0,0 +1,45 @@
From ab41162b50f176cd926104ee16c766c2186326a1 Mon Sep 17 00:00:00 2001
From: Luo Yifan <luoyifan_yewu@cmss.chinamobile.com>
Date: Wed, 20 Nov 2024 13:33:40 +0800
Subject: [PATCH] gqa-win: get_pci_info: Clean dev_info if handle is valid
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
cherry picked from commit d0b896a7495b71313c43aff4329714ade56799d4
Signed-off-by: Kostiantyn Kostiuk <konstantin@daynix.com>
Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Signed-off-by: Kostiantyn Kostiuk <kkostiuk@redhat.com>
Signed-off-by: Luo Yifan <luoyifan_yewu@cmss.chinamobile.com>
---
qga/commands-win32.c | 6 ++++--
1 file changed, 4 insertions(+), 2 deletions(-)
diff --git a/qga/commands-win32.c b/qga/commands-win32.c
index 30e50f1769..d2ca36564d 100644
--- a/qga/commands-win32.c
+++ b/qga/commands-win32.c
@@ -514,7 +514,7 @@ DEFINE_GUID(GUID_DEVINTERFACE_STORAGEPORT,
static GuestPCIAddress *get_pci_info(int number, Error **errp)
{
- HDEVINFO dev_info;
+ HDEVINFO dev_info = INVALID_HANDLE_VALUE;
SP_DEVINFO_DATA dev_info_data;
SP_DEVICE_INTERFACE_DATA dev_iface_data;
HANDLE dev_file;
@@ -749,7 +749,9 @@ static GuestPCIAddress *get_pci_info(int number, Error **errp)
}
free_dev_info:
- SetupDiDestroyDeviceInfoList(dev_info);
+ if (dev_info != INVALID_HANDLE_VALUE) {
+ SetupDiDestroyDeviceInfoList(dev_info);
+ }
out:
return pci;
}
--
2.41.0.windows.1

57
hvf-remove-unused-but-set-variable.patch Normal file
View File

@ -0,0 +1,57 @@
From d348ad3421f973298f909c3e01c1052690f7594a Mon Sep 17 00:00:00 2001
From: Zhang Jiao <zhangjiao2_yewu@cmss.chinamobile.com>
Date: Thu, 12 Dec 2024 11:46:07 +0800
Subject: [PATCH] hvf: remove unused but set variable
cheery-pick from 19d542cc0bce0b3641e80444374f9ffd8294a15b
fixes associated warning when building on MacOS.
Signed-off-by: Pierrick Bouvier <pierrick.bouvier@linaro.org>
Link: https://lore.kernel.org/r/20241023182922.1040964-1-pierrick.bouvier@linaro.org
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Zhang Jiao <zhangjiao2_yewu@cmss.chinamobile.com>
---
target/i386/hvf/x86_task.c | 10 +++++-----
1 file changed, 5 insertions(+), 5 deletions(-)
diff --git a/target/i386/hvf/x86_task.c b/target/i386/hvf/x86_task.c
index 422156128b..1550002341 100644
--- a/target/i386/hvf/x86_task.c
+++ b/target/i386/hvf/x86_task.c
@@ -123,7 +123,6 @@ void vmx_handle_task_switch(CPUState *cpu, x68_segment_selector tss_sel, int rea
load_regs(cpu);
struct x86_segment_descriptor curr_tss_desc, next_tss_desc;
- int ret;
x68_segment_selector old_tss_sel = vmx_read_segment_selector(cpu, R_TR);
uint64_t old_tss_base = vmx_read_segment_base(cpu, R_TR);
uint32_t desc_limit;
@@ -139,7 +138,7 @@ void vmx_handle_task_switch(CPUState *cpu, x68_segment_selector tss_sel, int rea
if (reason == TSR_IDT_GATE && gate_valid) {
int dpl;
- ret = x86_read_call_gate(cpu, &task_gate_desc, gate);
+ x86_read_call_gate(cpu, &task_gate_desc, gate);
dpl = task_gate_desc.dpl;
x68_segment_selector cs = vmx_read_segment_selector(cpu, R_CS);
@@ -168,11 +167,12 @@ void vmx_handle_task_switch(CPUState *cpu, x68_segment_selector tss_sel, int rea
x86_write_segment_descriptor(cpu, &next_tss_desc, tss_sel);
}
- if (next_tss_desc.type & 8)
- ret = task_switch_32(cpu, tss_sel, old_tss_sel, old_tss_base, &next_tss_desc);
- else
+ if (next_tss_desc.type & 8) {
+ task_switch_32(cpu, tss_sel, old_tss_sel, old_tss_base, &next_tss_desc);
+ } else {
//ret = task_switch_16(cpu, tss_sel, old_tss_sel, old_tss_base, &next_tss_desc);
VM_PANIC("task_switch_16");
+ }
macvm_set_cr0(cpu->hvf->fd, rvmcs(cpu->hvf->fd, VMCS_GUEST_CR0) | CR0_TS);
x86_segment_descriptor_to_vmx(cpu, tss_sel, &next_tss_desc, &vmx_seg);
--
2.41.0.windows.1

31
hw-core-loader-gunzip-fix-memory-leak-on-error-path.patch Normal file
View File

@ -0,0 +1,31 @@
From 6d6fc5ae0c920e2ad9e01a3320f3529c7bad977f Mon Sep 17 00:00:00 2001
From: jipengfei_yewu <jipengfei_yewu@cmss.chinamobile.com>
Date: Mon, 9 Sep 2024 20:14:09 +0800
Subject: [PATCH] hw/core/loader: gunzip(): fix memory leak on error path
We should call inflateEnd() like on success path to cleanup state in s
variable.
Signed-off-by:jipengfei_yewu <jipengfei_yewu@cmss.chinamobile.com>
Signed-off-by: Vladimir Sementsov-Ogievskiy <vsementsov@yandex-team.ru>
Reviewed-by: Michael Tokarev <mjt@tls.msk.ru>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
---
hw/core/loader.c | 1 +
1 file changed, 1 insertion(+)
diff --git a/hw/core/loader.c b/hw/core/loader.c
index 19edb928e9..8389860679 100644
--- a/hw/core/loader.c
+++ b/hw/core/loader.c
@@ -605,6 +605,7 @@ ssize_t gunzip(void *dst, size_t dstlen, uint8_t *src, size_t srclen)
r = inflate(&s, Z_FINISH);
if (r != Z_OK && r != Z_STREAM_END) {
printf ("Error: inflate() returned %d\n", r);
+ inflateEnd(&s);
return -1;
}
dstbytes = s.next_out - (unsigned char *) dst;
--
2.41.0.windows.1

39
hw-intc-Don-t-clear-pending-bits-on-IRQ-lowering.patch Normal file
View File

@ -0,0 +1,39 @@
From e4f8d0f097636b443a8d93593f6524b4669a5de7 Mon Sep 17 00:00:00 2001
From: Sergey Makarov <s.makarov@syntacore.com>
Date: Wed, 18 Sep 2024 17:02:29 +0300
Subject: [PATCH] hw/intc: Don't clear pending bits on IRQ lowering
According to PLIC specification (chapter 5), there
is only one case, when interrupt is claimed. Fix
PLIC controller to match this behavior.
Signed-off-by: Sergey Makarov <s.makarov@syntacore.com>
Reviewed-by: Alistair Francis <alistair.francis@wdc.com>
Message-ID: <20240918140229.124329-3-s.makarov@syntacore.com>
Signed-off-by: Alistair Francis <alistair.francis@wdc.com>
(cherry picked from commit a84be2baa9eca8bc500f866ad943b8f63dc99adf)
Signed-off-by: zhujun2 <zhujun2_yewu@cmss.chinamobile.com>
---
hw/intc/sifive_plic.c | 6 ++++--
1 file changed, 4 insertions(+), 2 deletions(-)
diff --git a/hw/intc/sifive_plic.c b/hw/intc/sifive_plic.c
index 877e76877c..cbbe6372f9 100644
--- a/hw/intc/sifive_plic.c
+++ b/hw/intc/sifive_plic.c
@@ -414,8 +414,10 @@ static void sifive_plic_irq_request(void *opaque, int irq, int level)
{
SiFivePLICState *s = opaque;
- sifive_plic_set_pending(s, irq, level > 0);
- sifive_plic_update(s);
+ if (level > 0) {
+ sifive_plic_set_pending(s, irq, true);
+ sifive_plic_update(s);
+ }
}
static void sifive_plic_realize(DeviceState *dev, Error **errp)
--
2.41.0.windows.1

70
hw-misc-nrf51_rng-Don-t-use-BIT_MASK-when-we-mean-BI.patch Normal file
View File

@ -0,0 +1,70 @@
From a95246497e6162574d5c874b2d4504f828afbb85 Mon Sep 17 00:00:00 2001
From: Zhang Jiao <zhangjiao2_yewu@cmss.chinamobile.com>
Date: Thu, 12 Dec 2024 12:20:12 +0800
Subject: [PATCH] hw/misc/nrf51_rng: Don't use BIT_MASK() when we mean BIT()
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
cheery-pick from a29a9776407e68c5560687e07828925bda710150
The BIT_MASK() macro from bitops.h provides the mask of a bit
within a particular word of a multi-word bit array; it is intended
to be used with its counterpart BIT_WORD() that gives the index
of the word in the array.
In nrf51_rng we are using it for cases where we have a bit number
that we know is the index of a bit within a single word (in fact, it
happens that all the bit numbers we pass to it are zero). This
happens to give the right answer, but the macro that actually
does the job we want here is BIT().
Use BIT() instead of BIT_MASK().
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Message-ID: <20241108135644.4007151-1-peter.maydell@linaro.org>
Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Signed-off-by: Zhang Jiao <zhangjiao2_yewu@cmss.chinamobile.com>
---
hw/misc/nrf51_rng.c | 10 +++++-----
1 file changed, 5 insertions(+), 5 deletions(-)
diff --git a/hw/misc/nrf51_rng.c b/hw/misc/nrf51_rng.c
index fc86e1b697..e911b3a3a3 100644
--- a/hw/misc/nrf51_rng.c
+++ b/hw/misc/nrf51_rng.c
@@ -107,25 +107,25 @@ static void rng_write(void *opaque, hwaddr offset,
break;
case NRF51_RNG_REG_SHORTS:
s->shortcut_stop_on_valrdy =
- (value & BIT_MASK(NRF51_RNG_REG_SHORTS_VALRDY_STOP)) ? 1 : 0;
+ (value & BIT(NRF51_RNG_REG_SHORTS_VALRDY_STOP)) ? 1 : 0;
break;
case NRF51_RNG_REG_INTEN:
s->interrupt_enabled =
- (value & BIT_MASK(NRF51_RNG_REG_INTEN_VALRDY)) ? 1 : 0;
+ (value & BIT(NRF51_RNG_REG_INTEN_VALRDY)) ? 1 : 0;
break;
case NRF51_RNG_REG_INTENSET:
- if (value & BIT_MASK(NRF51_RNG_REG_INTEN_VALRDY)) {
+ if (value & BIT(NRF51_RNG_REG_INTEN_VALRDY)) {
s->interrupt_enabled = 1;
}
break;
case NRF51_RNG_REG_INTENCLR:
- if (value & BIT_MASK(NRF51_RNG_REG_INTEN_VALRDY)) {
+ if (value & BIT(NRF51_RNG_REG_INTEN_VALRDY)) {
s->interrupt_enabled = 0;
}
break;
case NRF51_RNG_REG_CONFIG:
s->filter_enabled =
- (value & BIT_MASK(NRF51_RNG_REG_CONFIG_DECEN)) ? 1 : 0;
+ (value & BIT(NRF51_RNG_REG_CONFIG_DECEN)) ? 1 : 0;
break;
default:
--
2.41.0.windows.1

29
hw-nvme-Remove-redundant-dma_blk_write.patch Normal file
View File

@ -0,0 +1,29 @@
From a800af5f8a944fb46c2c6ffc7c4a9054f7395b9b Mon Sep 17 00:00:00 2001
From: raywang <honglei.wang@smartx.com>
Date: Sun, 5 Jan 2025 14:04:39 +0800
Subject: [PATCH] hw/nvme: Remove redundant dma_blk_write
Commit f0ac211 changes alignment in dma functions for nvme, but it
did not delete the original dma_blk_write when picking the code.
Signed-off-by: raywang <honglei.wang@smartx.com>
---
hw/nvme/ctrl.c | 2 --
1 file changed, 2 deletions(-)
diff --git a/hw/nvme/ctrl.c b/hw/nvme/ctrl.c
index 7c9f97bdb3..f1c7641158 100644
--- a/hw/nvme/ctrl.c
+++ b/hw/nvme/ctrl.c
@@ -1282,8 +1282,6 @@ static inline void nvme_blk_write(BlockBackend *blk, int64_t offset,
assert(req->sg.flags & NVME_SG_ALLOC);
if (req->sg.flags & NVME_SG_DMA) {
- req->aiocb = dma_blk_write(blk, &req->sg.qsg, offset, BDRV_SECTOR_SIZE,
- cb, req);
req->aiocb = dma_blk_write(blk, &req->sg.qsg, offset, align, cb, req);
} else {
req->aiocb = blk_aio_pwritev(blk, offset, &req->sg.iov, 0, cb, req);
--
2.41.0.windows.1

46
hw-pci-Remove-unused-pci_irq_pulse-method.patch Normal file
View File

@ -0,0 +1,46 @@
From 66832f5e5c0c805544c23433a1e9ab30aaa01633 Mon Sep 17 00:00:00 2001
From: Zhang Jiao <zhangjiao2_yewu@cmss.chinamobile.com>
Date: Thu, 12 Dec 2024 10:37:36 +0800
Subject: [PATCH] hw/pci: Remove unused pci_irq_pulse() method
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
cheery-pick from ef45f46f382a5e2c41c39c71fd3364cff4f41bf5
Last use of pci_irq_pulse() was removed 7 years ago in commit
5e9aa92eb1 ("hw/block: Fix pin-based interrupt behaviour of NVMe").
Signed-off-by: Philippe Mathieu-Daudé philmd@linaro.org
Reviewed-by: Thomas Huth thuth@redhat.com
Message-ID: 20241122103418.539-1-philmd@linaro.org
Signed-off-by: Thomas Huth thuth@redhat.com
Signed-off-by: Zhang Jiao zhangjiao2_yewu@cmss.chinamobile.com
---
include/hw/pci/pci.h | 10 ----------
1 file changed, 10 deletions(-)
diff --git a/include/hw/pci/pci.h b/include/hw/pci/pci.h
index a0cf893bfd..3811724d31 100644
--- a/include/hw/pci/pci.h
+++ b/include/hw/pci/pci.h
@@ -753,16 +753,6 @@ static inline void pci_irq_deassert(PCIDevice *pci_dev)
pci_set_irq(pci_dev, 0);
}
-/*
- * FIXME: PCI does not work this way.
- * All the callers to this method should be fixed.
- */
-static inline void pci_irq_pulse(PCIDevice *pci_dev)
-{
- pci_irq_assert(pci_dev);
- pci_irq_deassert(pci_dev);
-}
-
static inline int pci_is_express(const PCIDevice *d)
{
return d->cap_present & QEMU_PCI_CAP_EXPRESS;
--
2.41.0.windows.1

44
hw-ppc-e500-Add-missing-device-tree-properties-to-i2.patch Normal file
View File

@ -0,0 +1,44 @@
From 47ad414a1cc4f7923bd9405027078b990753b9cb Mon Sep 17 00:00:00 2001
From: Zhang Jiao <zhangjiao2_yewu@cmss.chinamobile.com>
Date: Thu, 14 Nov 2024 14:31:31 +0800
Subject: [PATCH] hw/ppc/e500: Add missing device tree properties to i2c
controller node
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
cheery-pick from b5d65592d931d07d4f4bcb915d018ec9598058b4
When compiling a decompiled device tree blob created with dumpdtb, dtc complains
with:
/soc@e0000000/i2c@3000: incorrect #address-cells for I2C bus
/soc@e0000000/i2c@3000: incorrect #size-cells for I2C bus
Fix this by adding the missing device tree properties.
Reviewed-by: Cédric Le Goater <clg@redhat.com>
Signed-off-by: Bernhard Beschow <shentey@gmail.com>
Message-ID: <20241103133412.73536-6-shentey@gmail.com>
Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Signed-off-by: Zhang Jiao <zhangjiao2_yewu@cmss.chinamobile.com>
---
hw/ppc/e500.c | 2 ++
1 file changed, 2 insertions(+)
diff --git a/hw/ppc/e500.c b/hw/ppc/e500.c
index 960e7efcd3..b8ead49834 100644
--- a/hw/ppc/e500.c
+++ b/hw/ppc/e500.c
@@ -197,6 +197,8 @@ static void dt_i2c_create(void *fdt, const char *soc, const char *mpic,
qemu_fdt_setprop_cells(fdt, i2c, "cell-index", 0);
qemu_fdt_setprop_cells(fdt, i2c, "interrupts", irq0, 0x2);
qemu_fdt_setprop_phandle(fdt, i2c, "interrupt-parent", mpic);
+ qemu_fdt_setprop_cell(fdt, i2c, "#size-cells", 0);
+ qemu_fdt_setprop_cell(fdt, i2c, "#address-cells", 1);
qemu_fdt_setprop_string(fdt, "/aliases", alias, i2c);
g_free(i2c);
--
2.41.0.windows.1

44
hw-ppc-e500-Prefer-QOM-cast.patch Normal file
View File

@ -0,0 +1,44 @@
From f03f9300aa68d662d3261058cb6db5ae8b420d15 Mon Sep 17 00:00:00 2001
From: Zhang Jiao <zhangjiao2_yewu@cmss.chinamobile.com>
Date: Thu, 14 Nov 2024 15:19:41 +0800
Subject: [PATCH] hw/ppc/e500: Prefer QOM cast
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
cheery-pick from c620b4ee92ed3664a3d98e0fbb0b651e19fba5b6
Reviewed-by: BALATON Zoltan <balaton@eik.bme.hu>
Signed-off-by: Bernhard Beschow <shentey@gmail.com>
Message-ID: <20241103133412.73536-4-shentey@gmail.com>
Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Signed-off-by: Zhang Jiao <zhangjiao2_yewu@cmss.chinamobile.com>
---
hw/ppc/e500.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/hw/ppc/e500.c b/hw/ppc/e500.c
index 960e7efcd3..7aaf9d3e13 100644
--- a/hw/ppc/e500.c
+++ b/hw/ppc/e500.c
@@ -949,7 +949,7 @@ void ppce500_init(MachineState *machine)
sysbus_connect_irq(s, 0, qdev_get_gpio_in(mpicdev, MPC8544_I2C_IRQ));
memory_region_add_subregion(ccsr_addr_space, MPC8544_I2C_REGS_OFFSET,
sysbus_mmio_get_region(s, 0));
- i2c = (I2CBus *)qdev_get_child_bus(dev, "i2c");
+ i2c = I2C_BUS(qdev_get_child_bus(dev, "i2c"));
i2c_slave_create_simple(i2c, "ds1338", RTC_REGS_OFFSET);
@@ -974,7 +974,7 @@ void ppce500_init(MachineState *machine)
memory_region_add_subregion(ccsr_addr_space, MPC8544_PCI_REGS_OFFSET,
sysbus_mmio_get_region(s, 0));
- pci_bus = (PCIBus *)qdev_get_child_bus(dev, "pci.0");
+ pci_bus = PCI_BUS(qdev_get_child_bus(dev, "pci.0"));
if (!pci_bus)
printf("couldn't create PCI controller!\n");
--
2.41.0.windows.1

44
hw-ppc-e500-Remove-unused-irqs-parameter.patch Normal file
View File

@ -0,0 +1,44 @@
From 9442f8c1638bf45ff266040ab3913667792ca35b Mon Sep 17 00:00:00 2001
From: Zhang Jiao <zhangjiao2_yewu@cmss.chinamobile.com>
Date: Thu, 14 Nov 2024 14:48:03 +0800
Subject: [PATCH] hw/ppc/e500: Remove unused "irqs" parameter
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
cheery-pick from 2a309354ac5decf78763c9de999bfb42c8612069
Reviewed-by: BALATON Zoltan balaton@eik.bme.hu
Signed-off-by: Bernhard Beschow shentey@gmail.com
Message-ID: 20241103133412.73536-5-shentey@gmail.com
Signed-off-by: Philippe Mathieu-Daudé philmd@linaro.org
Signed-off-by: Zhang Jiao <zhangjiao2_yewu@cmss.chinamobile.com>
---
hw/ppc/e500.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/hw/ppc/e500.c b/hw/ppc/e500.c
index 960e7efcd3..853a5a4efb 100644
--- a/hw/ppc/e500.c
+++ b/hw/ppc/e500.c
@@ -762,7 +762,7 @@ static DeviceState *ppce500_init_mpic_qemu(PPCE500MachineState *pms,
}
static DeviceState *ppce500_init_mpic_kvm(const PPCE500MachineClass *pmc,
- IrqLines *irqs, Error **errp)
+ Error **errp)
{
DeviceState *dev;
CPUState *cs;
@@ -798,7 +798,7 @@ static DeviceState *ppce500_init_mpic(PPCE500MachineState *pms,
Error *err = NULL;
if (kvm_kernel_irqchip_allowed()) {
- dev = ppce500_init_mpic_kvm(pmc, irqs, &err);
+ dev = ppce500_init_mpic_kvm(pmc, &err);
}
if (kvm_kernel_irqchip_required() && !dev) {
error_reportf_err(err,
--
2.41.0.windows.1

59
hw-scsi-megasas-Simplify-using-the-ldst-API.patch Normal file
View File

@ -0,0 +1,59 @@
From 84bd6e7a41773a4cc1ae7cfe73ea5910415cd022 Mon Sep 17 00:00:00 2001
From: Luo Yifan <luoyifan_yewu@cmss.chinamobile.com>
Date: Wed, 20 Nov 2024 13:35:23 +0800
Subject: [PATCH] hw/scsi/megasas: Simplify using the ldst API
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
cherry picked from commit 2a0c51366985890e3bf6f41a48f3cb2dfe2f153e
This code is easier to review using the load/store API.
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Signed-off-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Message-Id: <20211218111912.1499377-1-philmd@redhat.com>
Signed-off-by: Laurent Vivier <laurent@vivier.eu>
Signed-off-by: Luo Yifan <luoyifan_yewu@cmss.chinamobile.com>
---
hw/scsi/megasas.c | 17 +++--------------
1 file changed, 3 insertions(+), 14 deletions(-)
diff --git a/hw/scsi/megasas.c b/hw/scsi/megasas.c
index dc9bbdb740..83c321ec20 100644
--- a/hw/scsi/megasas.c
+++ b/hw/scsi/megasas.c
@@ -383,8 +383,7 @@ static int megasas_setup_inquiry(uint8_t *cdb, int pg, int len)
cdb[1] = 0x1;
cdb[2] = pg;
}
- cdb[3] = (len >> 8) & 0xff;
- cdb[4] = (len & 0xff);
+ stw_be_p(&cdb[3], len);
return len;
}
@@ -400,18 +399,8 @@ static void megasas_encode_lba(uint8_t *cdb, uint64_t lba,
} else {
cdb[0] = READ_16;
}
- cdb[2] = (lba >> 56) & 0xff;
- cdb[3] = (lba >> 48) & 0xff;
- cdb[4] = (lba >> 40) & 0xff;
- cdb[5] = (lba >> 32) & 0xff;
- cdb[6] = (lba >> 24) & 0xff;
- cdb[7] = (lba >> 16) & 0xff;
- cdb[8] = (lba >> 8) & 0xff;
- cdb[9] = (lba) & 0xff;
- cdb[10] = (len >> 24) & 0xff;
- cdb[11] = (len >> 16) & 0xff;
- cdb[12] = (len >> 8) & 0xff;
- cdb[13] = (len) & 0xff;
+ stq_be_p(&cdb[2], lba);
+ stl_be_p(&cdb[2 + 8], len);
}
/*
--
2.41.0.windows.1

81
iotests-308-Fix-for-CAP_DAC_OVERRIDE.patch Normal file
View File

@ -0,0 +1,81 @@
From 769aa1236789f0b5c47255aad220b73a8e286072 Mon Sep 17 00:00:00 2001
From: Luo Yifan <luoyifan_yewu@cmss.chinamobile.com>
Date: Mon, 16 Dec 2024 10:32:54 +0800
Subject: [PATCH] iotests/308: Fix for CAP_DAC_OVERRIDE
cherry picked from commit e2eec2819a96f3a5d68f899c836ad365468cec01
With CAP_DAC_OVERRIDE (which e.g. root generally has), permission checks
will be bypassed when opening files.
308 in one instance tries to open a read-only file (FUSE export) with
qemu-io as read/write, and expects this to fail. However, when running
it as root, opening will succeed (thanks to CAP_DAC_OVERRIDE) and only
the actual write operation will fail.
Note this as "Case not run", but have the test pass in either case.
Reported-by: Vladimir Sementsov-Ogievskiy <vsementsov@virtuozzo.com>
Fixes: 2c7dd057aa7bd7a875e9b1a53975c220d6380bc4
("export/fuse: Pass default_permissions for mount")
Signed-off-by: Hanna Reitz <hreitz@redhat.com>
Message-Id: <20220103120014.13061-1-hreitz@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Signed-off-by: Luo Yifan <luoyifan_yewu@cmss.chinamobile.com>
---
tests/qemu-iotests/308 | 25 +++++++++++++++++++++++--
tests/qemu-iotests/308.out | 2 +-
2 files changed, 24 insertions(+), 3 deletions(-)
diff --git a/tests/qemu-iotests/308 b/tests/qemu-iotests/308
index 2e3f8f4282..bde4aac2fa 100755
--- a/tests/qemu-iotests/308
+++ b/tests/qemu-iotests/308
@@ -230,8 +230,29 @@ echo '=== Writable export ==='
fuse_export_add 'export-mp' "'mountpoint': '$EXT_MP', 'writable': true"
# Check that writing to the read-only export fails
-$QEMU_IO -f raw -c 'write -P 42 1M 64k' "$TEST_IMG" 2>&1 \
- | _filter_qemu_io | _filter_testdir | _filter_imgfmt
+output=$($QEMU_IO -f raw -c 'write -P 42 1M 64k' "$TEST_IMG" 2>&1 \
+ | _filter_qemu_io | _filter_testdir | _filter_imgfmt)
+
+# Expected reference output: Opening the file fails because it has no
+# write permission
+reference="Could not open 'TEST_DIR/t.IMGFMT': Permission denied"
+
+if echo "$output" | grep -q "$reference"; then
+ echo "Writing to read-only export failed: OK"
+elif echo "$output" | grep -q "write failed: Permission denied"; then
+ # With CAP_DAC_OVERRIDE (e.g. when running this test as root), the export
+ # can be opened regardless of its file permissions, but writing will then
+ # fail. This is not the result for which we want to test, so count this as
+ # a SKIP.
+ _casenotrun "Opening RO export as R/W succeeded, perhaps because of" \
+ "CAP_DAC_OVERRIDE"
+
+ # Still, write this to the reference output to make the test pass
+ echo "Writing to read-only export failed: OK"
+else
+ echo "Writing to read-only export failed: ERROR"
+ echo "$output"
+fi
# But here it should work
$QEMU_IO -f raw -c 'write -P 42 1M 64k' "$EXT_MP" | _filter_qemu_io
diff --git a/tests/qemu-iotests/308.out b/tests/qemu-iotests/308.out
index fc47bb11a2..e4467a10cf 100644
--- a/tests/qemu-iotests/308.out
+++ b/tests/qemu-iotests/308.out
@@ -95,7 +95,7 @@ virtual size: 0 B (0 bytes)
'mountpoint': 'TEST_DIR/t.IMGFMT.fuse', 'writable': true
} }
{"return": {}}
-qemu-io: can't open device TEST_DIR/t.IMGFMT: Could not open 'TEST_DIR/t.IMGFMT': Permission denied
+Writing to read-only export failed: OK
wrote 65536/65536 bytes at offset 1048576
64 KiB, X ops; XX:XX:XX.X (XXX YYY/sec and XXX ops/sec)
wrote 65536/65536 bytes at offset 1048576
--
2.41.0.windows.1

67
jackaudio-use-ifdefs-to-hide-unavailable-functions.patch Normal file
View File

@ -0,0 +1,67 @@
From 00b7eee0e0116ec78b41db24da510e655ec28c4c Mon Sep 17 00:00:00 2001
From: Luo Yifan <luoyifan_yewu@cmss.chinamobile.com>
Date: Wed, 20 Nov 2024 11:08:20 +0800
Subject: [PATCH] jackaudio: use ifdefs to hide unavailable functions
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
cherry picked from commit ead789eb46a7df4eaab9e14e29e1d0d2a379988d
On Windows the jack_set_thread_creator() function and on MacOS the
pthread_setname_np() function with a thread pointer paramater is
not available. Use #ifdefs to remove the jack_set_thread_creator()
function call and the qjack_thread_creator() function in both
cases.
The qjack_thread_creator() function just sets the name of the
created thread for debugging purposes and isn't really necessary.
From the jack_set_thread_creator() documentation:
(...)
No normal application/client should consider calling this. (...)
Resolves: https://gitlab.com/qemu-project/qemu/-/issues/785
Signed-off-by: Volker Rümelin <vr_qemu@t-online.de>
Reviewed-by: Christian Schoenebeck <qemu_oss@crudebyte.com>
Message-Id: <20211226154017.6067-1-vr_qemu@t-online.de>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Signed-off-by: Luo Yifan <luoyifan_yewu@cmss.chinamobile.com>
---
audio/jackaudio.c | 4 ++++
1 file changed, 4 insertions(+)
diff --git a/audio/jackaudio.c b/audio/jackaudio.c
index e7de6d5433..317009e936 100644
--- a/audio/jackaudio.c
+++ b/audio/jackaudio.c
@@ -622,6 +622,7 @@ static void qjack_enable_in(HWVoiceIn *hw, bool enable)
ji->c.enabled = enable;
}
+#if !defined(WIN32) && defined(CONFIG_PTHREAD_SETNAME_NP_W_TID)
static int qjack_thread_creator(jack_native_thread_t *thread,
const pthread_attr_t *attr, void *(*function)(void *), void *arg)
{
@@ -635,6 +636,7 @@ static int qjack_thread_creator(jack_native_thread_t *thread,
return ret;
}
+#endif
static void *qjack_init(Audiodev *dev)
{
@@ -687,7 +689,9 @@ static void register_audio_jack(void)
{
qemu_mutex_init(&qjack_shutdown_lock);
audio_driver_register(&jack_driver);
+#if !defined(WIN32) && defined(CONFIG_PTHREAD_SETNAME_NP_W_TID)
jack_set_thread_creator(qjack_thread_creator);
+#endif
jack_set_error_function(qjack_error);
jack_set_info_function(qjack_info);
}
--
2.41.0.windows.1

135
linux-user-Add-pidfd_open-pidfd_send_signal-and-pidf.patch Normal file
View File

@ -0,0 +1,135 @@
From c1df5afc01165a16dd79125669a69e8fb965def2 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?=E5=88=98=E5=A9=A720201110?=
<liujing_yewu@cmss.chinamobile.com>
Date: Wed, 13 Nov 2024 19:47:37 +0800
Subject: [PATCH] linux-user: Add pidfd_open(), pidfd_send_signal() and
pidfd_getfd() syscalls
I noticed those were missing when running the glib2.0 testsuite.
Add the syscalls including the strace output.
Signed-off-by: Helge Deller <deller@gmx.de>
Reviewed-by: Laurent Vivier <laurent@vivier.eu>
Message-Id: <20220918194555.83535-4-deller@gmx.de>
Signed-off-by: Laurent Vivier <laurent@vivier.eu>
Signed-off-by: Liu Jing <liujing_yewu@cmss.chinamobile.com>
---
linux-user/strace.c | 28 ++++++++++++++++++++++++++++
linux-user/strace.list | 9 +++++++++
linux-user/syscall.c | 34 ++++++++++++++++++++++++++++++++++
3 files changed, 71 insertions(+)
diff --git a/linux-user/strace.c b/linux-user/strace.c
index 37d66d0dff..00dd0511c6 100644
--- a/linux-user/strace.c
+++ b/linux-user/strace.c
@@ -3274,6 +3274,34 @@ print_openat(void *cpu_env, const struct syscallname *name,
}
#endif
+#ifdef TARGET_NR_pidfd_send_signal
+static void
+print_pidfd_send_signal(CPUArchState *cpu_env, const struct syscallname *name,
+ abi_long arg0, abi_long arg1, abi_long arg2,
+ abi_long arg3, abi_long arg4, abi_long arg5)
+{
+ void *p;
+ target_siginfo_t uinfo;
+
+ print_syscall_prologue(name);
+ print_raw_param("%d", arg0, 0);
+ print_signal(arg1, 0);
+
+ p = lock_user(VERIFY_READ, arg2, sizeof(target_siginfo_t), 1);
+ if (p) {
+ get_target_siginfo(&uinfo, p);
+ print_siginfo(&uinfo);
+
+ unlock_user(p, arg2, 0);
+ } else {
+ print_pointer(arg2, 1);
+ }
+
+ print_raw_param("%u", arg3, 0);
+ print_syscall_epilogue(name);
+}
+#endif
+
#ifdef TARGET_NR_mq_unlink
static void
print_mq_unlink(void *cpu_env, const struct syscallname *name,
diff --git a/linux-user/strace.list b/linux-user/strace.list
index 544869f1ab..b96a1447c3 100644
--- a/linux-user/strace.list
+++ b/linux-user/strace.list
@@ -1662,6 +1662,15 @@
#ifdef TARGET_NR_pipe2
{ TARGET_NR_pipe2, "pipe2", NULL, NULL, NULL },
#endif
+#ifdef TARGET_NR_pidfd_open
+{ TARGET_NR_pidfd_open, "pidfd_open", "%s(%d,%u)", NULL, NULL },
+#endif
+#ifdef TARGET_NR_pidfd_send_signal
+{ TARGET_NR_pidfd_send_signal, "pidfd_send_signal", NULL, print_pidfd_send_signal, NULL },
+#endif
+#ifdef TARGET_NR_pidfd_getfd
+{ TARGET_NR_pidfd_getfd, "pidfd_getfd", "%s(%d,%d,%u)", NULL, NULL },
+#endif
#ifdef TARGET_NR_atomic_cmpxchg_32
{ TARGET_NR_atomic_cmpxchg_32, "atomic_cmpxchg_32", NULL, NULL, NULL },
#endif
diff --git a/linux-user/syscall.c b/linux-user/syscall.c
index c4951d449f..5f1bdfe857 100644
--- a/linux-user/syscall.c
+++ b/linux-user/syscall.c
@@ -333,6 +333,16 @@ _syscall6(int,sys_futex,int *,uaddr,int,op,int,val,
_syscall6(int,sys_futex_time64,int *,uaddr,int,op,int,val,
const struct timespec *,timeout,int *,uaddr2,int,val3)
#endif
+#if defined(__NR_pidfd_open) && defined(TARGET_NR_pidfd_open)
+_syscall2(int, pidfd_open, pid_t, pid, unsigned int, flags);
+#endif
+#if defined(__NR_pidfd_send_signal) && defined(TARGET_NR_pidfd_send_signal)
+_syscall4(int, pidfd_send_signal, int, pidfd, int, sig, siginfo_t *, info,
+ unsigned int, flags);
+#endif
+#if defined(__NR_pidfd_getfd) && defined(TARGET_NR_pidfd_getfd)
+_syscall3(int, pidfd_getfd, int, pidfd, int, targetfd, unsigned int, flags);
+#endif
#define __NR_sys_sched_getaffinity __NR_sched_getaffinity
_syscall3(int, sys_sched_getaffinity, pid_t, pid, unsigned int, len,
unsigned long *, user_mask_ptr);
@@ -8435,6 +8445,30 @@ static abi_long do_syscall1(void *cpu_env, int num, abi_long arg1,
ret = do_open_by_handle_at(arg1, arg2, arg3);
fd_trans_unregister(ret);
return ret;
+#endif
+#if defined(__NR_pidfd_open) && defined(TARGET_NR_pidfd_open)
+ case TARGET_NR_pidfd_open:
+ return get_errno(pidfd_open(arg1, arg2));
+#endif
+#if defined(__NR_pidfd_send_signal) && defined(TARGET_NR_pidfd_send_signal)
+ case TARGET_NR_pidfd_send_signal:
+ {
+ siginfo_t uinfo;
+
+ p = lock_user(VERIFY_READ, arg3, sizeof(target_siginfo_t), 1);
+ if (!p) {
+ return -TARGET_EFAULT;
+ }
+ target_to_host_siginfo(&uinfo, p);
+ unlock_user(p, arg3, 0);
+ ret = get_errno(pidfd_send_signal(arg1, target_to_host_signal(arg2),
+ &uinfo, arg4));
+ }
+ return ret;
+#endif
+#if defined(__NR_pidfd_getfd) && defined(TARGET_NR_pidfd_getfd)
+ case TARGET_NR_pidfd_getfd:
+ return get_errno(pidfd_getfd(arg1, arg2, arg3));
#endif
case TARGET_NR_close:
fd_trans_unregister(arg1);
--
2.41.0.windows.1

35
linux-user-Add-proper-strace-format-strings-for-getd.patch Normal file
View File

@ -0,0 +1,35 @@
From e9d80886ac9fb87390da01b0174856638bc42d2d Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?=E5=88=98=E5=A9=A720201110?=
<liujing_yewu@cmss.chinamobile.com>
Date: Fri, 6 Dec 2024 17:42:36 +0800
Subject: [PATCH] linux-user: Add proper strace format strings for
getdents()/getdents64()
Signed-off-by: Helge Deller <deller@gmx.de>
Message-Id: <20220924114501.21767-3-deller@gmx.de>
Signed-off-by: Laurent Vivier <laurent@vivier.eu>
Signed-off-by: Liu Jing <liujing_yewu@cmss.chinamobile.com>
---
linux-user/strace.list | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/linux-user/strace.list b/linux-user/strace.list
index b59d4c5607..8d5ab6dfac 100644
--- a/linux-user/strace.list
+++ b/linux-user/strace.list
@@ -279,10 +279,10 @@
{ TARGET_NR_getcwd, "getcwd" , "%s(%p,%d)", NULL, NULL },
#endif
#ifdef TARGET_NR_getdents
-{ TARGET_NR_getdents, "getdents" , NULL, NULL, NULL },
+{ TARGET_NR_getdents, "getdents" , "%s(%d,%p,%u)", NULL, NULL },
#endif
#ifdef TARGET_NR_getdents64
-{ TARGET_NR_getdents64, "getdents64" , NULL, NULL, NULL },
+{ TARGET_NR_getdents64, "getdents64" , "%s(%d,%p,%u)", NULL, NULL },
#endif
#ifdef TARGET_NR_getdomainname
{ TARGET_NR_getdomainname, "getdomainname" , NULL, NULL, NULL },
--
2.41.0.windows.1

59
linux-user-Add-strace-for-clock_nanosleep.patch Normal file
View File

@ -0,0 +1,59 @@
From dbc66bb16f86716b2d5b7e01e8f37cc20d99fd91 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?=E5=88=98=E5=A9=A720201110?=
<liujing_yewu@cmss.chinamobile.com>
Date: Wed, 13 Nov 2024 20:23:03 +0800
Subject: [PATCH] linux-user: Add strace for clock_nanosleep()
Signed-off-by: Helge Deller <deller@gmx.de>
Reviewed-by: Laurent Vivier <laurent@vivier.eu>
Message-Id: <20220918194555.83535-10-deller@gmx.de>
Signed-off-by: Laurent Vivier <laurent@vivier.eu>
Signed-off-by: Liu Jing <liujing_yewu@cmss.chinamobile.com>
---
linux-user/strace.c | 15 +++++++++++++++
linux-user/strace.list | 3 ++-
2 files changed, 17 insertions(+), 1 deletion(-)
diff --git a/linux-user/strace.c b/linux-user/strace.c
index 37d66d0dff..05d6b4524a 100644
--- a/linux-user/strace.c
+++ b/linux-user/strace.c
@@ -3491,6 +3491,21 @@ print_unshare(void *cpu_env, const struct syscallname *name,
}
#endif
+#ifdef TARGET_NR_clock_nanosleep
+static void
+print_clock_nanosleep(CPUArchState *cpu_env, const struct syscallname *name,
+ abi_long arg0, abi_long arg1, abi_long arg2,
+ abi_long arg3, abi_long arg4, abi_long arg5)
+{
+ print_syscall_prologue(name);
+ print_enums(clockids, arg0, 0);
+ print_raw_param("%d", arg1, 0);
+ print_timespec(arg2, 0);
+ print_timespec(arg3, 1);
+ print_syscall_epilogue(name);
+}
+#endif
+
#ifdef TARGET_NR_utime
static void
print_utime(void *cpu_env, const struct syscallname *name,
diff --git a/linux-user/strace.list b/linux-user/strace.list
index 544869f1ab..dc37dcf689 100644
--- a/linux-user/strace.list
+++ b/linux-user/strace.list
@@ -91,7 +91,8 @@
print_syscall_ret_clock_gettime },
#endif
#ifdef TARGET_NR_clock_nanosleep
-{ TARGET_NR_clock_nanosleep, "clock_nanosleep" , NULL, NULL, NULL },
+{ TARGET_NR_clock_nanosleep, "clock_nanosleep" , NULL, print_clock_nanosleep,
+ NULL },
#endif
#ifdef TARGET_NR_clock_settime
{ TARGET_NR_clock_settime, "clock_settime" , NULL, print_clock_settime, NULL },
--
2.41.0.windows.1

33
linux-user-Fix-TARGET_PROT_SEM-for-XTENSA.patch Normal file
View File

@ -0,0 +1,33 @@
From 464666abdb5250ca0295c5ec99cc2ee515cac920 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?=E5=88=98=E5=A9=A720201110?=
<liujing_yewu@cmss.chinamobile.com>
Date: Fri, 6 Dec 2024 17:36:46 +0800
Subject: [PATCH] linux-user: Fix TARGET_PROT_SEM for XTENSA
The xtensa platform has a value of 0x10 for PROT_SEM.
Signed-off-by: Helge Deller <deller@gmx.de>
Reviewed-by: Laurent Vivier <laurent@vivier.eu>
Message-Id: <20220924114501.21767-2-deller@gmx.de>
Signed-off-by: Laurent Vivier <laurent@vivier.eu>
Signed-off-by: Liu Jing <liujing_yewu@cmss.chinamobile.com>
---
linux-user/syscall_defs.h | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/linux-user/syscall_defs.h b/linux-user/syscall_defs.h
index a04f399278..077a059701 100644
--- a/linux-user/syscall_defs.h
+++ b/linux-user/syscall_defs.h
@@ -1295,7 +1295,7 @@ struct target_winsize {
#include "termbits.h"
-#if defined(TARGET_MIPS)
+#if defined(TARGET_MIPS) || defined(TARGET_XTENSA)
#define TARGET_PROT_SEM 0x10
#else
#define TARGET_PROT_SEM 0x08
--
2.41.0.windows.1

44
linux-user-Fix-strace-of-chmod-if-mode-0.patch Normal file
View File

@ -0,0 +1,44 @@
From 6b8ad93d212b5510140b49b1383626ec6dae9427 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?=E5=88=98=E5=A9=A720201110?=
<liujing_yewu@cmss.chinamobile.com>
Date: Wed, 13 Nov 2024 20:06:25 +0800
Subject: [PATCH] linux-user: Fix strace of chmod() if mode == 0
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
If the mode parameter of chmod() is zero, this value isn't shown
when stracing a program:
chmod("filename",)
This patch fixes it up to show the zero-value as well:
chmod("filename",000)
Signed-off-by: Helge Deller <deller@gmx.de>
Reviewed-by: Laurent Vivier <laurent@vivier.eu>
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Message-Id: <20220918194555.83535-8-deller@gmx.de>
Signed-off-by: Laurent Vivier <laurent@vivier.eu>
Signed-off-by: Liu Jing <liujing_yewu@cmss.chinamobile.com>
---
linux-user/strace.c | 5 +++++
1 file changed, 5 insertions(+)
diff --git a/linux-user/strace.c b/linux-user/strace.c
index 37d66d0dff..a6e269980f 100644
--- a/linux-user/strace.c
+++ b/linux-user/strace.c
@@ -1496,6 +1496,11 @@ print_file_mode(abi_long mode, int last)
const char *sep = "";
const struct flags *m;
+ if (mode == 0) {
+ qemu_log("000%s", get_comma(last));
+ return;
+ }
+
for (m = &mode_flags[0]; m->f_string != NULL; m++) {
if ((m->f_value & mode) == m->f_value) {
qemu_log("%s%s", m->f_string, sep);
--
2.41.0.windows.1

42
linux-user-Log-failing-executable-in-EXCP_DUMP.patch Normal file
View File

@ -0,0 +1,42 @@
From 6fa6f29d739de0cb09dfcd9d83532104d0005e7b Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?=E5=88=98=E5=A9=A720201110?=
<liujing_yewu@cmss.chinamobile.com>
Date: Wed, 13 Nov 2024 19:54:45 +0800
Subject: [PATCH] linux-user: Log failing executable in EXCP_DUMP()
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Enhance the EXCP_DUMP() macro to print out the failing program too.
During debugging it's sometimes hard to track down the actual failing
program if you are e.g. building a whole debian package.
Signed-off-by: Helge Deller <deller@gmx.de>
Reviewed-by: Laurent Vivier <laurent@vivier.eu>
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Message-Id: <20220918194555.83535-5-deller@gmx.de>
Signed-off-by: Laurent Vivier <laurent@vivier.eu>
Signed-off-by: Liu Jing <liujing_yewu@cmss.chinamobile.com>
---
linux-user/cpu_loop-common.h | 2 ++
1 file changed, 2 insertions(+)
diff --git a/linux-user/cpu_loop-common.h b/linux-user/cpu_loop-common.h
index 8828af28a4..0803cc55d8 100644
--- a/linux-user/cpu_loop-common.h
+++ b/linux-user/cpu_loop-common.h
@@ -26,9 +26,11 @@
do { \
CPUState *cs = env_cpu(env); \
fprintf(stderr, fmt , ## __VA_ARGS__); \
+ fprintf(stderr, "Failing executable: %s\n", exec_path); \
cpu_dump_state(cs, stderr, 0); \
if (qemu_log_separate()) { \
qemu_log(fmt, ## __VA_ARGS__); \
+ qemu_log("Failing executable: %s\n", exec_path); \
log_cpu_state(cs, 0); \
} \
} while (0)
--
2.41.0.windows.1

44
linux-user-Show-timespec-on-strace-for-futex.patch Normal file
View File

@ -0,0 +1,44 @@
From b6e7a4895f176d0910059ec3941357cf60af4fd3 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?=E5=88=98=E5=A9=A720201110?=
<liujing_yewu@cmss.chinamobile.com>
Date: Wed, 13 Nov 2024 20:29:29 +0800
Subject: [PATCH] linux-user: Show timespec on strace for futex()
Signed-off-by: Helge Deller <deller@gmx.de>
Reviewed-by: Laurent Vivier <laurent@vivier.eu>
Message-Id: <20220918194555.83535-11-deller@gmx.de>
Signed-off-by: Laurent Vivier <laurent@vivier.eu>
Signed-off-by: Liu Jing <liujing_yewu@cmss.chinamobile.com>
---
linux-user/strace.c | 11 ++++++++++-
1 file changed, 10 insertions(+), 1 deletion(-)
diff --git a/linux-user/strace.c b/linux-user/strace.c
index 37d66d0dff..7978d459f6 100644
--- a/linux-user/strace.c
+++ b/linux-user/strace.c
@@ -3623,11 +3623,20 @@ print_futex(void *cpu_env, const struct syscallname *name,
abi_long arg0, abi_long arg1, abi_long arg2,
abi_long arg3, abi_long arg4, abi_long arg5)
{
+ abi_long op = arg1 & FUTEX_CMD_MASK;
print_syscall_prologue(name);
print_pointer(arg0, 0);
print_futex_op(arg1, 0);
print_raw_param(",%d", arg2, 0);
- print_pointer(arg3, 0); /* struct timespec */
+ switch (op) {
+ case FUTEX_WAIT:
+ case FUTEX_WAIT_BITSET:
+ print_timespec(arg3, 0);
+ break;
+ default:
+ print_pointer(arg3, 0);
+ break;
+ }
print_pointer(arg4, 0);
print_raw_param("%d", arg4, 1);
print_syscall_epilogue(name);
--
2.41.0.windows.1

43
linux-user-hppa-Dump-IIR-on-register-dump.patch Normal file
View File

@ -0,0 +1,43 @@
From e8f23ca825a8f3c89d0aca4248842d2035aab1fc Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?=E5=88=98=E5=A9=A720201110?=
<liujing_yewu@cmss.chinamobile.com>
Date: Fri, 6 Dec 2024 11:09:07 +0800
Subject: [PATCH] linux-user/hppa: Dump IIR on register dump
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Include the IIR register (which holds the opcode of the failing
instruction) when dumping the hppa registers.
Signed-off-by: Helge Deller <deller@gmx.de>
Reviewed-by: Laurent Vivier <laurent@vivier.eu>
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Message-Id: <20220918194555.83535-7-deller@gmx.de>
Signed-off-by: Laurent Vivier <laurent@vivier.eu>
Signed-off-by: Liu Jing <liujing_yewu@cmss.chinamobile.com>
---
target/hppa/helper.c | 6 ++++--
1 file changed, 4 insertions(+), 2 deletions(-)
diff --git a/target/hppa/helper.c b/target/hppa/helper.c
index 1ccff5765a..eba133047b 100644
--- a/target/hppa/helper.c
+++ b/target/hppa/helper.c
@@ -85,9 +85,11 @@ void hppa_cpu_dump_state(CPUState *cs, FILE *f, int flags)
char psw_c[20];
int i;
- qemu_fprintf(f, "IA_F " TARGET_FMT_lx " IA_B " TARGET_FMT_lx "\n",
+ qemu_fprintf(f, "IA_F " TARGET_FMT_lx " IA_B " TARGET_FMT_lx
+ " IIR " TREG_FMT_lx "\n",
hppa_form_gva_psw(psw, env->iasq_f, env->iaoq_f),
- hppa_form_gva_psw(psw, env->iasq_b, env->iaoq_b));
+ hppa_form_gva_psw(psw, env->iasq_b, env->iaoq_b),
+ env->cr[CR_IIR]);
psw_c[0] = (psw & PSW_W ? 'W' : '-');
psw_c[1] = (psw & PSW_E ? 'E' : '-');
--
2.41.0.windows.1

39
linux-user-hppa-Set-TASK_UNMAPPED_BASE-to-0xfa000000.patch Normal file
View File

@ -0,0 +1,39 @@
From 6bd7917903112ab1541d10a006f7074c4d0fa7da Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?=E5=88=98=E5=A9=A720201110?=
<liujing_yewu@cmss.chinamobile.com>
Date: Fri, 6 Dec 2024 13:34:31 +0800
Subject: [PATCH] linux-user/hppa: Set TASK_UNMAPPED_BASE to 0xfa000000 for
hppa arch
On the parisc architecture the stack grows upwards.
Move the TASK_UNMAPPED_BASE to high memory area as it's done by the
kernel on physical machines.
Signed-off-by: Helge Deller <deller@gmx.de>
Message-Id: <20220918194555.83535-9-deller@gmx.de>
Signed-off-by: Laurent Vivier <laurent@vivier.eu>
Signed-off-by: Liu Jing <liujing_yewu@cmss.chinamobile.com>
---
linux-user/mmap.c | 4 ++++
1 file changed, 4 insertions(+)
diff --git a/linux-user/mmap.c b/linux-user/mmap.c
index c125031b90..d674d5b00d 100644
--- a/linux-user/mmap.c
+++ b/linux-user/mmap.c
@@ -251,8 +251,12 @@ static int mmap_frag(abi_ulong real_start,
# define TASK_UNMAPPED_BASE (1ul << 38)
#endif
#else
+#ifdef TARGET_HPPA
+# define TASK_UNMAPPED_BASE 0xfa000000
+#else
# define TASK_UNMAPPED_BASE 0x40000000
#endif
+#endif
abi_ulong mmap_next_start = TASK_UNMAPPED_BASE;
unsigned long last_brk;
--
2.41.0.windows.1

35
migration-fix-a-typo.patch Normal file
View File

@ -0,0 +1,35 @@
From 5a6063a0617f893f59eb16c3ef83056d72654c3c Mon Sep 17 00:00:00 2001
From: jipengfei <jipengfei_yewu@cmss.chinamobile.com>
Date: Mon, 9 Sep 2024 20:51:25 +0800
Subject: [PATCH] migration: fix a typo
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Signed-off-by:jipengfei <jipengfei_yewu@cmss.chinamobile.com>
Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Reviewed-by: Peter Xu <peterx@redhat.com>
Reviewed-by: Fabiano Rosas <farosas@suse.de>
Reviewed-by: Fiona Ebner <f.ebner@proxmox.com>
Tested-by: Fiona Ebner <f.ebner@proxmox.com>
Signed-off-by: Fabiano Rosas <farosas@suse.de>
---
migration/vmstate.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/migration/vmstate.c b/migration/vmstate.c
index 05f87cdddc..c9db071bee 100644
--- a/migration/vmstate.c
+++ b/migration/vmstate.c
@@ -454,7 +454,7 @@ static int vmstate_subsection_load(QEMUFile *f, const VMStateDescription *vmsd,
len = qemu_peek_byte(f, 1);
if (len < strlen(vmsd->name) + 1) {
- /* subsection name has be be "section_name/a" */
+ /* subsection name has to be "section_name/a" */
trace_vmstate_subsection_load_bad(vmsd->name, "(short)", "");
return 0;
}
--
2.41.0.windows.1

51
python-update-type-hints-for-mypy-0.930.patch Normal file
View File

@ -0,0 +1,51 @@
From 6af7820986d8d441a02c176df4a69c8efae23763 Mon Sep 17 00:00:00 2001
From: Luo Yifan <luoyifan_yewu@cmss.chinamobile.com>
Date: Wed, 20 Nov 2024 10:47:39 +0800
Subject: [PATCH] python: update type hints for mypy 0.930
cherry picked from commit 366d33158cea72e80d80505f94c34cb505385c0a
Mypy 0.930, released Dec 22, changes the way argparse objects are
considered. Crafting a definition that works under Python 3.6 and an
older mypy alongside newer versions simultaneously is ... difficult,
so... eh. Stub it out with an 'Any' definition to get the CI moving
again.
Oh well.
Signed-off-by: John Snow <jsnow@redhat.com>
Reviewed-by: Beraldo Leal <bleal@redhat.com>
Message-id: 20220110191349.1841027-4-jsnow@redhat.com
Signed-off-by: John Snow <jsnow@redhat.com>
Signed-off-by: Luo Yifan <luoyifan_yewu@cmss.chinamobile.com>
---
python/qemu/qmp/qom_common.py | 6 +-----
1 file changed, 1 insertion(+), 5 deletions(-)
diff --git a/python/qemu/qmp/qom_common.py b/python/qemu/qmp/qom_common.py
index a59ae1a2a1..2e4c741f77 100644
--- a/python/qemu/qmp/qom_common.py
+++ b/python/qemu/qmp/qom_common.py
@@ -30,10 +30,6 @@
from . import QEMUMonitorProtocol, QMPError
-# The following is needed only for a type alias.
-Subparsers = argparse._SubParsersAction # pylint: disable=protected-access
-
-
class ObjectPropertyInfo:
"""
Represents the return type from e.g. qom-list.
@@ -89,7 +85,7 @@ def __init__(self, args: argparse.Namespace):
self.qmp.connect()
@classmethod
- def register(cls, subparsers: Subparsers) -> None:
+ def register(cls, subparsers: Any) -> None:
"""
Register this command with the argument parser.
--
2.41.0.windows.1

34
qdev-core.h-Fix-wrongly-named-reference-to-TYPE_SPLI.patch Normal file
View File

@ -0,0 +1,34 @@
From 86d3da849524411b4a2ad1e3a03a1c5cf95e25ea Mon Sep 17 00:00:00 2001
From: Luo Yifan <luoyifan_yewu@cmss.chinamobile.com>
Date: Wed, 20 Nov 2024 13:36:13 +0800
Subject: [PATCH] qdev-core.h: Fix wrongly named reference to TYPE_SPLIT_IRQ
cherry picked from commit 5df69ab89527618744661d5a45ed85ca3cc7bceb
Fix a comment in qdev-core.h where we incorrectly referred
to TYPE_IRQ_SPLIT when we meant TYPE_SPLIT_IRQ.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Message-Id: <20220111172655.3546766-1-peter.maydell@linaro.org>
Signed-off-by: Laurent Vivier <laurent@vivier.eu>
Signed-off-by: Luo Yifan <luoyifan_yewu@cmss.chinamobile.com>
---
include/hw/qdev-core.h | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/include/hw/qdev-core.h b/include/hw/qdev-core.h
index 45b1aec86b..a1169c1c9a 100644
--- a/include/hw/qdev-core.h
+++ b/include/hw/qdev-core.h
@@ -500,7 +500,7 @@ qemu_irq qdev_get_gpio_in_named(DeviceState *dev, const char *name, int n);
* qemu_irqs at once, or to connect multiple outbound GPIOs to the
* same qemu_irq. (Warning: there is no assertion or other guard to
* catch this error: the model will just not do the right thing.)
- * Instead, for fan-out you can use the TYPE_IRQ_SPLIT device: connect
+ * Instead, for fan-out you can use the TYPE_SPLIT_IRQ device: connect
* a device's outbound GPIO to the splitter's input, and connect each
* of the splitter's outputs to a different device. For fan-in you
* can use the TYPE_OR_IRQ device, which is a model of a logical OR
--
2.41.0.windows.1

94
qemu.spec
View File

@ -3,7 +3,7 @@
Name: qemu
Version: 6.2.0
Release: 105
Release: 106
Epoch: 10
Summary: QEMU is a generic and open source machine emulator and virtualizer
License: GPLv2 and BSD and MIT and CC-BY-SA-4.0
@ -1133,6 +1133,51 @@ Patch1118: target-i386-Add-feature-bits-for-CPUID_Fn80000021_EA.patch
Patch1119: target-i386-Add-missing-feature-bits-in-EPYC-Milan-m.patch
Patch1120: target-i386-Add-VNMI-and-automatic-IBRS-feature-bits.patch
Patch1121: target-i386-Add-EPYC-Genoa-model-to-support-Zen-4-pr.patch
Patch1122: linux-user-Add-pidfd_open-pidfd_send_signal-and-pidf.patch
Patch1123: linux-user-Log-failing-executable-in-EXCP_DUMP.patch
Patch1124: linux-user-Fix-strace-of-chmod-if-mode-0.patch
Patch1125: linux-user-Add-strace-for-clock_nanosleep.patch
Patch1126: linux-user-Show-timespec-on-strace-for-futex.patch
Patch1127: hw-ppc-e500-Add-missing-device-tree-properties-to-i2.patch
Patch1128: hw-ppc-e500-Remove-unused-irqs-parameter.patch
Patch1129: hw-ppc-e500-Prefer-QOM-cast.patch
Patch1130: tcg-Allow-top-bit-of-SIMD_DATA_BITS-to-be-set-in-sim.patch
Patch1131: Python-aqmp-fix-type-definitions-for-mypy-0.920.patch
Patch1132: python-update-type-hints-for-mypy-0.930.patch
Patch1133: simplebench-Fix-Python-syntax-error-reported-by-LGTM.patch
Patch1134: jackaudio-use-ifdefs-to-hide-unavailable-functions.patch
Patch1135: docs-Correct-vhost-user-blk-spelling.patch
Patch1136: vvfat-Fix-size-of-temporary-qcow-file.patch
Patch1137: target-ppc-Fix-7448-support.patch
Patch1138: gqa-win-get_pci_info-Clean-dev_info-if-handle-is-val.patch
Patch1139: hw-scsi-megasas-Simplify-using-the-ldst-API.patch
Patch1140: qdev-core.h-Fix-wrongly-named-reference-to-TYPE_SPLI.patch
Patch1141: tests-Fix-typo-in-check-help-output.patch
Patch1142: linux-user-hppa-Dump-IIR-on-register-dump.patch
Patch1143: linux-user-hppa-Set-TASK_UNMAPPED_BASE-to-0xfa000000.patch
Patch1144: linux-user-Fix-TARGET_PROT_SEM-for-XTENSA.patch
Patch1145: linux-user-Add-proper-strace-format-strings-for-getd.patch
Patch1146: target-ppc-Set-ctx-opcode-for-decode_insn32.patch
Patch1147: usb-hub-Fix-handling-port-power-control-messages.patch
Patch1148: target-arm-Drop-user-only-special-case-in-sve_stN_r.patch
Patch1149: hw-intc-Don-t-clear-pending-bits-on-IRQ-lowering.patch
Patch1150: Fix-calculation-of-minimum-in-colo_compare_tcp.patch
Patch1151: tcg-Reset-data_gen_ptr-correctly.patch
Patch1152: raw-format-Fix-error-message-for-invalid-offset-size.patch
Patch1153: scsi-fetch-unit-attention-when-creating-the-request.patch
Patch1154: migration-fix-a-typo.patch
Patch1155: hw-core-loader-gunzip-fix-memory-leak-on-error-path.patch
Patch1156: tests-qtest-fuzz-fix-memleak-in-qos_fuzz.c.patch
Patch1157: target-i386-fix-size-of-EBP-writeback-in-gen_enter.patch
Patch1158: ui-gtk-fix-leaks-found-wtih-fuzzing.patch
Patch1159: hw-pci-Remove-unused-pci_irq_pulse-method.patch
Patch1160: hw-misc-nrf51_rng-Don-t-use-BIT_MASK-when-we-mean-BI.patch
Patch1161: vvfat-Fix-vvfat_write-for-writes-before-the-root-dir.patch
Patch1162: hvf-remove-unused-but-set-variable.patch
Patch1163: iotests-308-Fix-for-CAP_DAC_OVERRIDE.patch
Patch1164: edid-set-default-resolution-to-1280x800-WXGA.patch
Patch1165: tests-avocado-machine_s390_ccw_virtio-Adapt-test-to-.patch
Patch1166: hw-nvme-Remove-redundant-dma_blk_write.patch
BuildRequires: flex
BuildRequires: gcc
@ -1731,6 +1776,53 @@ getent passwd qemu >/dev/null || \
%endif
%changelog
* Fri Feb 21 2025 <fengjiabo1@huawei.com> - 10:6.2.0-106
- hw/nvme: Remove redundant dma_blk_write
- tests/avocado/machine_s390_ccw_virtio: Adapt test to new default resolution
- edid: set default resolution to 1280x800 (WXGA)
- iotests/308: Fix for CAP_DAC_OVERRIDE
- hvf: remove unused but set variable
- vvfat: Fix vvfat_write() for writes before the root directory
- hw/misc/nrf51_rng: Don't use BIT_MASK() when we mean BIT()
- hw/pci: Remove unused pci_irq_pulse() method
- ui/gtk: fix leaks found wtih fuzzing
- target/i386: fix size of EBP writeback in gen_enter()
- tests/qtest/fuzz: fix memleak in qos_fuzz.c
- hw/core/loader: gunzip(): fix memory leak on error path
- migration: fix a typo
- scsi: fetch unit attention when creating the request
- raw-format: Fix error message for invalid offset/size
- tcg: Reset data_gen_ptr correctly
- Fix calculation of minimum in colo_compare_tcp
- hw/intc: Don't clear pending bits on IRQ lowering
- target/arm: Drop user-only special case in sve_stN_r
- usb-hub: Fix handling port power control messages
- target/ppc: Set ctx->opcode for decode_insn32()
- linux-user: Add proper strace format strings for getdents()/getdents64()
- linux-user: Fix TARGET_PROT_SEM for XTENSA
- linux-user/hppa: Set TASK_UNMAPPED_BASE to 0xfa000000 for hppa arch
- linux-user/hppa: Dump IIR on register dump
- tests: Fix typo in check-help output
- qdev-core.h: Fix wrongly named reference to TYPE_SPLIT_IRQ
- hw/scsi/megasas: Simplify using the ldst API
- gqa-win: get_pci_info: Clean dev_info if handle is valid
- target/ppc: Fix 7448 support
- vvfat: Fix size of temporary qcow file
- docs: Correct 'vhost-user-blk' spelling
- jackaudio: use ifdefs to hide unavailable functions
- simplebench: Fix Python syntax error (reported by LGTM)
- python: update type hints for mypy 0.930
- Python/aqmp: fix type definitions for mypy 0.920
- tcg: Allow top bit of SIMD_DATA_BITS to be set in simd_desc()
- hw/ppc/e500: Prefer QOM cast
- hw/ppc/e500: Remove unused "irqs" parameter
- hw/ppc/e500: Add missing device tree properties to i2c controller node
- linux-user: Show timespec on strace for futex()
- linux-user: Add strace for clock_nanosleep()
- linux-user: Fix strace of chmod() if mode == 0
- linux-user: Log failing executable in EXCP_DUMP()
- linux-user: Add pidfd_open(), pidfd_send_signal() and pidfd_getfd() syscalls
* Wed Dec 25 2024 <alex.chen@huawei.com> - 10:6.2.0-105
- target/i386: Add EPYC-Genoa model to support Zen 4 processor series
- target/i386: Add VNMI and automatic IBRS feature bits

49
raw-format-Fix-error-message-for-invalid-offset-size.patch Normal file
View File

@ -0,0 +1,49 @@
From 10d05a1b052ce5b69cca2f0a45007c31412314d6 Mon Sep 17 00:00:00 2001
From: Kevin Wolf <kwolf@redhat.com>
Date: Thu, 29 Aug 2024 20:55:27 +0200
Subject: [PATCH] raw-format: Fix error message for invalid offset/size
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
s->offset and s->size are only set at the end of the function and still
contain the old values when formatting the error message. Print the
parameters with the new values that we actually checked instead.
Fixes: 500e2434207d ('raw-format: Split raw_read_options()')
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Message-ID: <20240829185527.47152-1-kwolf@redhat.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
Reviewed-by: Hanna Czenczek <hreitz@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
(cherry picked from commit 04bbc3ee52b32ac465547bb40c1f090a1b8f315a)
Signed-off-by: zhujun2 <zhujun2_yewu@cmss.chinamobile.com>
---
block/raw-format.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/block/raw-format.c b/block/raw-format.c
index bda757fd19..a8185a3a2c 100644
--- a/block/raw-format.c
+++ b/block/raw-format.c
@@ -109,7 +109,7 @@ static int raw_apply_options(BlockDriverState *bs, BDRVRawState *s,
if (offset > real_size) {
error_setg(errp, "Offset (%" PRIu64 ") cannot be greater than "
"size of the containing file (%" PRId64 ")",
- s->offset, real_size);
+ offset, real_size);
return -EINVAL;
}
@@ -117,7 +117,7 @@ static int raw_apply_options(BlockDriverState *bs, BDRVRawState *s,
error_setg(errp, "The sum of offset (%" PRIu64 ") and size "
"(%" PRIu64 ") has to be smaller or equal to the "
" actual size of the containing file (%" PRId64 ")",
- s->offset, s->size, real_size);
+ offset, size, real_size);
return -EINVAL;
}
--
2.41.0.windows.1

124
scsi-fetch-unit-attention-when-creating-the-request.patch Normal file
View File

@ -0,0 +1,124 @@
From 73a7cffceeae9561d75e40e04e7ae3d52e1ef4a5 Mon Sep 17 00:00:00 2001
From: Stefano Garzarella <sgarzare@redhat.com>
Date: Wed, 12 Jul 2023 15:43:50 +0200
Subject: [PATCH] scsi: fetch unit attention when creating the request
Commit 1880ad4f4e ("virtio-scsi: Batched prepare for cmd reqs") split
calls to scsi_req_new() and scsi_req_enqueue() in the virtio-scsi device.
No ill effects were observed until commit 8cc5583abe ("virtio-scsi: Send
"REPORTED LUNS CHANGED" sense data upon disk hotplug events") added a
unit attention that was easy to trigger with device hotplug and
hot-unplug.
Because the two calls were separated, all requests in the batch were
prepared calling scsi_req_new() to report a sense. The first one
submitted would report the right sense and reset it to NO_SENSE, while
the others reported CHECK_CONDITION with no sense data. This caused
SCSI errors in Linux.
To solve this issue, let's fetch the unit attention as early as possible
when we prepare the request, so that only the first request in the batch
will use the unit attention SCSIReqOps and the others will not report
CHECK CONDITION.
Fixes: 1880ad4f4e ("virtio-scsi: Batched prepare for cmd reqs")
Fixes: 8cc5583abe ("virtio-scsi: Send "REPORTED LUNS CHANGED" sense data upon disk hotplug events")
Reported-by: Thomas Huth <thuth@redhat.com>
Buglink: https://bugzilla.redhat.com/show_bug.cgi?id=2176702
Co-developed-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Stefano Garzarella <sgarzare@redhat.com>
Message-ID: <20230712134352.118655-2-sgarzare@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
(cherry picked from commit 9472083e642bfb9bc836b38662baddd9bc964ebc)
Signed-off-by: zhujun2 <zhujun2_yewu@cmss.chinamobile.com>
---
hw/scsi/scsi-bus.c | 36 +++++++++++++++++++++++++++++++++---
include/hw/scsi/scsi.h | 1 +
2 files changed, 34 insertions(+), 3 deletions(-)
diff --git a/hw/scsi/scsi-bus.c b/hw/scsi/scsi-bus.c
index 89c4693cc2..613ad41de9 100644
--- a/hw/scsi/scsi-bus.c
+++ b/hw/scsi/scsi-bus.c
@@ -419,19 +419,35 @@ static const struct SCSIReqOps reqops_invalid_opcode = {
/* SCSIReqOps implementation for unit attention conditions. */
-static int32_t scsi_unit_attention(SCSIRequest *req, uint8_t *buf)
+static void scsi_fetch_unit_attention_sense(SCSIRequest *req)
{
+ SCSISense *ua = NULL;
+
if (req->dev->unit_attention.key == UNIT_ATTENTION) {
- scsi_req_build_sense(req, req->dev->unit_attention);
+ ua = &req->dev->unit_attention;
} else if (req->bus->unit_attention.key == UNIT_ATTENTION) {
- scsi_req_build_sense(req, req->bus->unit_attention);
+ ua = &req->bus->unit_attention;
}
+
+ /*
+ * Fetch the unit attention sense immediately so that another
+ * scsi_req_new does not use reqops_unit_attention.
+ */
+ if (ua) {
+ scsi_req_build_sense(req, *ua);
+ *ua = SENSE_CODE(NO_SENSE);
+ }
+}
+
+static int32_t scsi_unit_attention(SCSIRequest *req, uint8_t *buf)
+{
scsi_req_complete(req, CHECK_CONDITION);
return 0;
}
static const struct SCSIReqOps reqops_unit_attention = {
.size = sizeof(SCSIRequest),
+ .init_req = scsi_fetch_unit_attention_sense,
.send_command = scsi_unit_attention
};
@@ -705,6 +721,11 @@ SCSIRequest *scsi_req_alloc(const SCSIReqOps *reqops, SCSIDevice *d,
object_ref(OBJECT(d));
object_ref(OBJECT(qbus->parent));
notifier_list_init(&req->cancel_notifiers);
+
+ if (reqops->init_req) {
+ reqops->init_req(req);
+ }
+
trace_scsi_req_alloc(req->dev->id, req->lun, req->tag);
return req;
}
@@ -798,6 +819,15 @@ uint8_t *scsi_req_get_buf(SCSIRequest *req)
static void scsi_clear_unit_attention(SCSIRequest *req)
{
SCSISense *ua;
+
+ /*
+ * scsi_fetch_unit_attention_sense() already cleaned the unit attention
+ * in this case.
+ */
+ if (req->ops == &reqops_unit_attention) {
+ return;
+ }
+
if (req->dev->unit_attention.key != UNIT_ATTENTION &&
req->bus->unit_attention.key != UNIT_ATTENTION) {
return;
diff --git a/include/hw/scsi/scsi.h b/include/hw/scsi/scsi.h
index e5d90cd9dc..80c9eb00e4 100644
--- a/include/hw/scsi/scsi.h
+++ b/include/hw/scsi/scsi.h
@@ -108,6 +108,7 @@ int cdrom_read_toc_raw(int nb_sectors, uint8_t *buf, int msf, int session_num);
/* scsi-bus.c */
struct SCSIReqOps {
size_t size;
+ void (*init_req)(SCSIRequest *req);
void (*free_req)(SCSIRequest *req);
int32_t (*send_command)(SCSIRequest *req, uint8_t *buf);
void (*read_data)(SCSIRequest *req);
--
2.41.0.windows.1

37
simplebench-Fix-Python-syntax-error-reported-by-LGTM.patch Normal file
View File

@ -0,0 +1,37 @@
From 8fcd784145209d6e137e5c5d1e555599e523a10c Mon Sep 17 00:00:00 2001
From: Luo Yifan <luoyifan_yewu@cmss.chinamobile.com>
Date: Wed, 20 Nov 2024 10:50:23 +0800
Subject: [PATCH] simplebench: Fix Python syntax error (reported by LGTM)
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
cherry picked from commit 9ebfc5a583d8aa94bf1bc37c1f71559187fd809c
Fixes: b2fcb0c5754c2554b8406376e99a75e9e0a6b7bd
Signed-off-by: Stefan Weil <sw@weilnetz.de>
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Reviewed-by: John Snow <jsnow@redhat.com>
Message-id: 20220107153019.504124-1-sw@weilnetz.de
Signed-off-by: John Snow <jsnow@redhat.com>
Signed-off-by: Luo Yifan <luoyifan_yewu@cmss.chinamobile.com>
---
scripts/simplebench/bench-example.py | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/scripts/simplebench/bench-example.py b/scripts/simplebench/bench-example.py
index 4864435f39..fc370691e0 100644
--- a/scripts/simplebench/bench-example.py
+++ b/scripts/simplebench/bench-example.py
@@ -25,7 +25,7 @@
def bench_func(env, case):
""" Handle one "cell" of benchmarking table. """
- return bench_block_copy(env['qemu_binary'], env['cmd'], {}
+ return bench_block_copy(env['qemu_binary'], env['cmd'], {},
case['source'], case['target'])
--
2.41.0.windows.1

43
target-arm-Drop-user-only-special-case-in-sve_stN_r.patch Normal file
View File

@ -0,0 +1,43 @@
From 62c04e2a0ba7020430df45ab4d58c05fc3faab13 Mon Sep 17 00:00:00 2001
From: Richard Henderson <richard.henderson@linaro.org>
Date: Tue, 12 Nov 2024 06:12:32 -0800
Subject: [PATCH] target/arm: Drop user-only special case in sve_stN_r
This path is reachable with plugins enabled, and provoked
with run-plugin-catch-syscalls-with-libinline.so.
Cc: qemu-stable@nongnu.org
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Message-ID: <20241112141232.321354-1-richard.henderson@linaro.org>
(cherry picked from commit f27550804688da43c6e0d87b2f9e143adbf76271)
Signed-off-by: zhujun2 <zhujun2_yewu@cmss.chinamobile.com>
---
target/arm/sve_helper.c | 4 ----
1 file changed, 4 deletions(-)
diff --git a/target/arm/sve_helper.c b/target/arm/sve_helper.c
index 03d58cabc8..e455fd6ecf 100644
--- a/target/arm/sve_helper.c
+++ b/target/arm/sve_helper.c
@@ -6484,9 +6484,6 @@ void sve_stN_r(CPUARMState *env, uint64_t *vg, target_ulong addr,
flags = info.page[0].flags | info.page[1].flags;
if (unlikely(flags != 0)) {
-#ifdef CONFIG_USER_ONLY
- g_assert_not_reached();
-#else
/*
* At least one page includes MMIO.
* Any bus operation can fail with cpu_transaction_failed,
@@ -6517,7 +6514,6 @@ void sve_stN_r(CPUARMState *env, uint64_t *vg, target_ulong addr,
} while (reg_off & 63);
} while (reg_off <= reg_last);
return;
-#endif
}
mem_off = info.mem_off_first[0];
--
2.41.0.windows.1

44
target-i386-fix-size-of-EBP-writeback-in-gen_enter.patch Normal file
View File

@ -0,0 +1,44 @@
From 8179e1d2e08c703a3adcd972091e5611656b727a Mon Sep 17 00:00:00 2001
From: jipengfei <jipengfei_yewu@cmss.chinamobile.com>
Date: Mon, 9 Sep 2024 20:41:20 +0800
Subject: [PATCH] target/i386: fix size of EBP writeback in gen_enter()
The calculation of FrameTemp is done using the size indicated by mo_pushpop()
before being written back to EBP, but the final writeback to EBP is done using
the size indicated by mo_stacksize().
In the case where mo_pushpop() is MO_32 and mo_stacksize() is MO_16 then the
final writeback to EBP is done using MO_16 which can leave junk in the top
16-bits of EBP after executing ENTER.
Change the writeback of EBP to use the same size indicated by mo_pushpop() to
ensure that the full value is written back.
cheery-pick from 3973615e7fbaeef1deeaa067577e373781ced70a
Signed-off-by:jipengfei <jipengfei_yewu@cmss.chinamobile.com>
Signed-off-by: Mark Cave-Ayland <mark.cave-ayland@ilande.co.uk>
Resolves: https://gitlab.com/qemu-project/qemu/-/issues/2198
Message-ID: <20240606095319.229650-5-mark.cave-ayland@ilande.co.uk>
Cc: qemu-stable@nongnu.org
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
---
target/i386/tcg/translate.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/target/i386/tcg/translate.c b/target/i386/tcg/translate.c
index 82f77b52fb..7c0613fa98 100644
--- a/target/i386/tcg/translate.c
+++ b/target/i386/tcg/translate.c
@@ -2551,7 +2551,7 @@ static void gen_enter(DisasContext *s, int esp_addend, int level)
}
/* Copy the FrameTemp value to EBP. */
- gen_op_mov_reg_v(s, a_ot, R_EBP, s->T1);
+ gen_op_mov_reg_v(s, d_ot, R_EBP, s->T1);
/* Compute the final value of ESP. */
tcg_gen_subi_tl(s->T1, s->T1, esp_addend + size * level);
--
2.41.0.windows.1

49
target-ppc-Fix-7448-support.patch Normal file
View File

@ -0,0 +1,49 @@
From 661b5844f361270c25899e3130b0e9aa72b74527 Mon Sep 17 00:00:00 2001
From: Luo Yifan <luoyifan_yewu@cmss.chinamobile.com>
Date: Wed, 20 Nov 2024 13:34:30 +0800
Subject: [PATCH] target/ppc: Fix 7448 support
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
cherry picked from commit fe072a9914cc26c0f0a70dbbe0c27a61ff0170bc
The 7448 CPU is an evolution of the PowerPC 7447A and the last of the
G4 family. Change its family to reflect correctly its features. This
fixes Linux boot.
Cc: Fabiano Rosas <farosas@linux.ibm.com>
Reviewed-by: Fabiano Rosas <farosas@linux.ibm.com>
Signed-off-by: Cédric Le Goater <clg@kaod.org>
Message-Id: <20220117092555.1616512-1-clg@kaod.org>
Signed-off-by: Cédric Le Goater <clg@kaod.org>
Signed-off-by: Luo Yifan <luoyifan_yewu@cmss.chinamobile.com>
---
target/ppc/cpu-models.c | 8 ++++----
1 file changed, 4 insertions(+), 4 deletions(-)
diff --git a/target/ppc/cpu-models.c b/target/ppc/cpu-models.c
index 02efc95723..e6cce0f8db 100644
--- a/target/ppc/cpu-models.c
+++ b/target/ppc/cpu-models.c
@@ -670,13 +670,13 @@
"PowerPC 7410 v1.3 (G4)")
POWERPC_DEF("7410_v1.4", CPU_POWERPC_7410_v14, 7410,
"PowerPC 7410 v1.4 (G4)")
- POWERPC_DEF("7448_v1.0", CPU_POWERPC_7448_v10, 7400,
+ POWERPC_DEF("7448_v1.0", CPU_POWERPC_7448_v10, 7445,
"PowerPC 7448 v1.0 (G4)")
- POWERPC_DEF("7448_v1.1", CPU_POWERPC_7448_v11, 7400,
+ POWERPC_DEF("7448_v1.1", CPU_POWERPC_7448_v11, 7445,
"PowerPC 7448 v1.1 (G4)")
- POWERPC_DEF("7448_v2.0", CPU_POWERPC_7448_v20, 7400,
+ POWERPC_DEF("7448_v2.0", CPU_POWERPC_7448_v20, 7445,
"PowerPC 7448 v2.0 (G4)")
- POWERPC_DEF("7448_v2.1", CPU_POWERPC_7448_v21, 7400,
+ POWERPC_DEF("7448_v2.1", CPU_POWERPC_7448_v21, 7445,
"PowerPC 7448 v2.1 (G4)")
POWERPC_DEF("7450_v1.0", CPU_POWERPC_7450_v10, 7450,
"PowerPC 7450 v1.0 (G4)")
--
2.41.0.windows.1

56
target-ppc-Set-ctx-opcode-for-decode_insn32.patch Normal file
View File

@ -0,0 +1,56 @@
From c65c24ba59c4a0442b81eaceec8bab1e5a0907cf Mon Sep 17 00:00:00 2001
From: Ilya Leoshkevich <iii@linux.ibm.com>
Date: Mon, 12 Aug 2024 10:53:08 +0200
Subject: [PATCH] target/ppc: Set ctx->opcode for decode_insn32()
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
divdu (without a dot) sometimes updates cr0, even though it shouldn't.
The reason is that gen_op_arith_divd() checks Rc(ctx->opcode), which is
not initialized. This field is initialized only for instructions that
go through decode_legacy(), and not decodetree.
There already was a similar issue fixed in commit 86e6202a57b1
("target/ppc: Make divw[u] handler method decodetree compatible.").
It's not immediately clear what else may access the uninitialized
ctx->opcode, so instead of playing whack-a-mole and changing the check
to compute_rc0, simply initialize ctx->opcode.
Cc: qemu-stable@nongnu.org
Fixes: 99082815f17f ("target/ppc: Add infrastructure for prefixed insns")
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Signed-off-by: Ilya Leoshkevich <iii@linux.ibm.com>
Signed-off-by: Nicholas Piggin <npiggin@gmail.com>
(cherry picked from commit c9b8a13a8841e0e23901e57e24ea98eeef16cf91)
Signed-off-by: zhujun2 <zhujun2_yewu@cmss.chinamobile.com>
---
target/ppc/translate.c | 3 +--
1 file changed, 1 insertion(+), 2 deletions(-)
diff --git a/target/ppc/translate.c b/target/ppc/translate.c
index 153552ab50..a03bafadbc 100644
--- a/target/ppc/translate.c
+++ b/target/ppc/translate.c
@@ -8380,8 +8380,6 @@ static bool decode_legacy(PowerPCCPU *cpu, DisasContext *ctx, uint32_t insn)
opc_handler_t **table, *handler;
uint32_t inval;
- ctx->opcode = insn;
-
LOG_DISAS("translate opcode %08x (%02x %02x %02x %02x) (%s)\n",
insn, opc1(insn), opc2(insn), opc3(insn), opc4(insn),
ctx->le_mode ? "little" : "big");
@@ -8510,6 +8508,7 @@ static void ppc_tr_translate_insn(DisasContextBase *dcbase, CPUState *cs)
ctx->base.pc_next = pc += 4;
if (!is_prefix_insn(ctx, insn)) {
+ ctx->opcode = insn;
ok = (decode_insn32(ctx, insn) ||
decode_legacy(cpu, ctx, insn));
} else if ((pc & 63) == 0) {
--
2.41.0.windows.1

69
tcg-Allow-top-bit-of-SIMD_DATA_BITS-to-be-set-in-sim.patch Normal file
View File

@ -0,0 +1,69 @@
From a14e2e0cb558f2bcbabffa2fbadb54948a770993 Mon Sep 17 00:00:00 2001
From: Peter Maydell <peter.maydell@linaro.org>
Date: Fri, 15 Nov 2024 17:25:15 +0000
Subject: [PATCH] tcg: Allow top bit of SIMD_DATA_BITS to be set in simd_desc()
In simd_desc() we create a SIMD descriptor from various pieces
including an arbitrary data value from the caller. We try to
sanitize these to make sure everything will fit: the 'data' value
needs to fit in the SIMD_DATA_BITS (== 22) sized field. However we
do that sanitizing with:
tcg_debug_assert(data == sextract32(data, 0, SIMD_DATA_BITS));
This works for the case where the data is supposed to be considered
as a signed integer (which can then be returned via simd_data()).
However, some callers want to treat the data value as unsigned.
Specifically, for the Arm SVE operations, make_svemte_desc()
assembles a data value as a collection of fields, and it needs to use
all 22 bits. Currently if MTE is enabled then its MTEDESC SIZEM1
field may have the most significant bit set, and then it will trip
this assertion.
Loosen the assertion so that we only check that the data value will
fit into the field in some way, either as a signed or as an unsigned
value. This means we will fail to detect some kinds of bug in the
callers, but we won't spuriously assert for intentional use of the
data field as unsigned.
Cc: qemu-stable@nongnu.org
Fixes: db432672dc50e ("tcg: Add generic vector expanders")
Resolves: https://gitlab.com/qemu-project/qemu/-/issues/2601
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Message-ID: <20241115172515.1229393-1-peter.maydell@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Signed-off-by: Zhongrui Tang <tangzhongrui_yewu@cmss.chinamobile.com>
---
tcg/tcg-op-gvec.c | 15 ++++++++++++++-
1 file changed, 14 insertions(+), 1 deletion(-)
diff --git a/tcg/tcg-op-gvec.c b/tcg/tcg-op-gvec.c
index ffe55e908f..aea44c53b0 100644
--- a/tcg/tcg-op-gvec.c
+++ b/tcg/tcg-op-gvec.c
@@ -88,7 +88,20 @@ uint32_t simd_desc(uint32_t oprsz, uint32_t maxsz, int32_t data)
uint32_t desc = 0;
check_size_align(oprsz, maxsz, 0);
- tcg_debug_assert(data == sextract32(data, 0, SIMD_DATA_BITS));
+
+ /*
+ * We want to check that 'data' will fit into SIMD_DATA_BITS.
+ * However, some callers want to treat the data as a signed
+ * value (which they can later get back with simd_data())
+ * and some want to treat it as an unsigned value.
+ * So here we assert only that the data will fit into the
+ * field in at least one way. This means that some invalid
+ * values from the caller will not be detected, e.g. if the
+ * caller wants to handle the value as a signed integer but
+ * incorrectly passes us 1 << (SIMD_DATA_BITS - 1).
+ */
+ tcg_debug_assert(data == sextract32(data, 0, SIMD_DATA_BITS) ||
+ data == extract32(data, 0, SIMD_DATA_BITS));
oprsz = (oprsz / 8) - 1;
maxsz = (maxsz / 8) - 1;
--
2.41.0.windows.1

43
tcg-Reset-data_gen_ptr-correctly.patch Normal file
View File

@ -0,0 +1,43 @@
From 3fe3a7706b9cacefdebba10cfaa15d6286f6e91c Mon Sep 17 00:00:00 2001
From: Richard Henderson <richard.henderson@linaro.org>
Date: Wed, 16 Oct 2024 17:31:05 +0000
Subject: [PATCH] tcg: Reset data_gen_ptr correctly
This pointer needs to be reset after overflow just like
code_buf and code_ptr.
Cc: qemu-stable@nongnu.org
Fixes: 57a269469db ("tcg: Infrastructure for managing constant pools")
Acked-by: Alistair Francis <alistair.francis@wdc.com>
Reviewed-by: Pierrick Bouvier <pierrick.bouvier@linaro.org>
Reviewed-by: LIU Zhiwei <zhiwei_liu@linux.alibaba.com>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
(cherry picked from commit a7cfd751fb269de4a93bf1658cb13911c7ac77cc)
Signed-off-by: zhujun2 <zhujun2_yewu@cmss.chinamobile.com>
---
tcg/tcg.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/tcg/tcg.c b/tcg/tcg.c
index 635555001b..08c3b5a002 100644
--- a/tcg/tcg.c
+++ b/tcg/tcg.c
@@ -714,7 +714,6 @@ TranslationBlock *tcg_tb_alloc(TCGContext *s)
goto retry;
}
qatomic_set(&s->code_gen_ptr, next);
- s->data_gen_ptr = NULL;
return tb;
}
@@ -4276,6 +4275,7 @@ int tcg_gen_code(TCGContext *s, TranslationBlock *tb)
*/
s->code_buf = tcg_splitwx_to_rw(tb->tc.ptr);
s->code_ptr = s->code_buf;
+ s->data_gen_ptr = NULL;
#ifdef TCG_TARGET_NEED_LDST_LABELS
QSIMPLEQ_INIT(&s->ldst_labels);
--
2.41.0.windows.1

36
tests-Fix-typo-in-check-help-output.patch Normal file
View File

@ -0,0 +1,36 @@
From a7fbe006d0863d4228bed30e0c5125a2a2ead8d2 Mon Sep 17 00:00:00 2001
From: Luo Yifan <luoyifan_yewu@cmss.chinamobile.com>
Date: Wed, 20 Nov 2024 13:37:02 +0800
Subject: [PATCH] tests: Fix typo in check-help output
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
cherry picked from commit 6d4c8af321e5d0da919fd946d44abbd61a10b708
Fix typo in 'make check-help' output.
Signed-off-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Message-Id: <20220111175528.22294-1-f4bug@amsat.org>
Signed-off-by: Laurent Vivier <laurent@vivier.eu>
Signed-off-by: Luo Yifan <luoyifan_yewu@cmss.chinamobile.com>
---
tests/Makefile.include | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/tests/Makefile.include b/tests/Makefile.include
index 4c564cf789..3aba622400 100644
--- a/tests/Makefile.include
+++ b/tests/Makefile.include
@@ -23,7 +23,7 @@ endif
@echo " $(MAKE) check-clean Clean the tests and related data"
@echo
@echo "The following are useful for CI builds"
- @echo " $(MAKE) check-build Build most test binaris"
+ @echo " $(MAKE) check-build Build most test binaries"
@echo " $(MAKE) get-vm-images Downloads all images used by avocado tests, according to configured targets (~350 MB each, 1.5 GB max)"
@echo
@echo
--
2.41.0.windows.1

42
tests-avocado-machine_s390_ccw_virtio-Adapt-test-to-.patch Normal file
View File

@ -0,0 +1,42 @@
From 66232caae47f056c264ac7aee8c16ad1db807bfd Mon Sep 17 00:00:00 2001
From: Luo Yifan <luoyifan_yewu@cmss.chinamobile.com>
Date: Mon, 16 Dec 2024 09:32:39 +0800
Subject: [PATCH] tests/avocado/machine_s390_ccw_virtio: Adapt test to new
default resolution
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
cherry picked from commit f3f230d934dada8801c86742f58bca7a2cd1ff78
QEMU's default screen resolution recently changed to 1280x800, so the
resolution in the screen shot header changed of course, too.
Fixes: de72c4b7cd ("edid: set default resolution to 1280x800 (WXGA)")
Reported-by: Peter Maydell <peter.maydell@linaro.org>
Message-Id: <20220221101933.307525-1-thuth@redhat.com>
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
Acked-by: Halil Pasic <pasic@linux.ibm.com>
Signed-off-by: Thomas Huth <thuth@redhat.com>
Signed-off-by: Luo Yifan <luoyifan_yewu@cmss.chinamobile.com>
---
tests/avocado/machine_s390_ccw_virtio.py | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/tests/avocado/machine_s390_ccw_virtio.py b/tests/avocado/machine_s390_ccw_virtio.py
index bd03d7160b..438a6f4321 100644
--- a/tests/avocado/machine_s390_ccw_virtio.py
+++ b/tests/avocado/machine_s390_ccw_virtio.py
@@ -248,7 +248,7 @@ def test_s390x_fedora(self):
line = ppmfile.readline()
self.assertEqual(line, b"P6\n")
line = ppmfile.readline()
- self.assertEqual(line, b"1024 768\n")
+ self.assertEqual(line, b"1280 800\n")
line = ppmfile.readline()
self.assertEqual(line, b"255\n")
line = ppmfile.readline(256)
--
2.41.0.windows.1

34
tests-qtest-fuzz-fix-memleak-in-qos_fuzz.c.patch Normal file
View File

@ -0,0 +1,34 @@
From f983ffa9ecc271b16695f8dc80428a600a03cf40 Mon Sep 17 00:00:00 2001
From: jipengfei <jipengfei_yewu@cmss.chinamobile.com>
Date: Mon, 9 Sep 2024 20:31:51 +0800
Subject: [PATCH] tests/qtest/fuzz: fix memleak in qos_fuzz.c
Found with fuzzing for qemu-8.2, but also relevant for master
cheery-pick from 7c66540db45a726029e5165f6e5c34008f08ede
Signed-off-by:jipengfei <jipengfei_yewu@cmss.chinamobile.com>
Signed-off-by: Dmitry Frolov <frolov@swemel.ru>
Reviewed-by: Thomas Huth <thuth@redhat.com>
Reviewed-by: Alexander Bulekov <alxndr@bu.edu>
Message-ID: <20240521103106.119021-3-frolov@swemel.ru>
Signed-off-by: Thomas Huth <thuth@redhat.com>
---
tests/qtest/fuzz/qos_fuzz.c | 1 +
1 file changed, 1 insertion(+)
diff --git a/tests/qtest/fuzz/qos_fuzz.c b/tests/qtest/fuzz/qos_fuzz.c
index 7a244c951e..5ab38e50cf 100644
--- a/tests/qtest/fuzz/qos_fuzz.c
+++ b/tests/qtest/fuzz/qos_fuzz.c
@@ -182,6 +182,7 @@ static void walk_path(QOSGraphNode *orig_path, int len)
fuzz_path_vec = path_vec;
} else {
+ g_string_free(cmd_line, true);
g_free(path_vec);
}
--
2.41.0.windows.1

52
ui-gtk-fix-leaks-found-wtih-fuzzing.patch Normal file
View File

@ -0,0 +1,52 @@
From 1876a69642964cdaadcce4dd797c0b91f02c2ed3 Mon Sep 17 00:00:00 2001
From: Zhang Jiao <zhangjiao2_yewu@cmss.chinamobile.com>
Date: Thu, 12 Dec 2024 09:57:44 +0800
Subject: [PATCH] ui/gtk: fix leaks found wtih fuzzing
cheery-pick from e38f4e976dd40c985bfe84230a627de9a108c9d3
It is true, that there is no problem during runtime
from the first sight, because the memory is lost just
before qemu exits. Nevertheless, this change is necessary,
because AddressSanitizer is not able to recognize this
situation and produces crash-report (which is
false-positive in fact). Lots of False-Positive warnings
are davaluing problems, found with fuzzing, and thus the
whole methodology of dynamic analysis.
This patch eliminates such False-Positive reports,
and makes every problem, found with fuzzing, more valuable.
Fixes: 060ab76356 ("gtk: don't exit early in case gtk init fails")
Signed-off-by: Dmitry Frolov <frolov@swemel.ru>
Reviewed-by: Michael Tokarev <mjt@tls.msk.ru>
Message-Id: <20230825115818.1091936-1-frolov@swemel.ru>
Signed-off-by: Zhang Jiao <zhangjiao2_yewu@cmss.chinamobile.com>
---
ui/gtk.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/ui/gtk.c b/ui/gtk.c
index 6d9cb42b3d..f16ccf9c4b 100644
--- a/ui/gtk.c
+++ b/ui/gtk.c
@@ -2245,7 +2245,7 @@ static void gtk_display_init(DisplayState *ds, DisplayOptions *opts)
{
VirtualConsole *vc;
- GtkDisplayState *s = g_malloc0(sizeof(*s));
+ GtkDisplayState *s;
GdkDisplay *window_display;
GtkIconTheme *theme;
char *dir;
@@ -2255,6 +2255,7 @@ static void gtk_display_init(DisplayState *ds, DisplayOptions *opts)
exit(1);
}
assert(opts->type == DISPLAY_TYPE_GTK);
+ s = g_malloc0(sizeof(*s));
s->opts = opts;
theme = gtk_icon_theme_get_default();
--
2.41.0.windows.1

38
usb-hub-Fix-handling-port-power-control-messages.patch Normal file
View File

@ -0,0 +1,38 @@
From 6e7e25af997cd6506a22d6eb2abe5fb0835c31ed Mon Sep 17 00:00:00 2001
From: Guenter Roeck <linux@roeck-us.net>
Date: Tue, 12 Nov 2024 09:01:52 -0800
Subject: [PATCH] usb-hub: Fix handling port power control messages
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
The ClearPortFeature control message fails for PORT_POWER because there
is no break; at the end of the case statement, causing it to fall through
to the failure handler. Add the missing break; to solve the problem.
Fixes: 1cc403eb21 ("usb-hub: emulate per port power switching")
Signed-off-by: Guenter Roeck <linux@roeck-us.net>
Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Message-ID: <20241112170152.217664-11-linux@roeck-us.net>
Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org>
(cherry picked from commit b2cc69997924b651c0c6f4037782e25f2e438715)
Signed-off-by: zhujun2 <zhujun2_yewu@cmss.chinamobile.com>
---
hw/usb/dev-hub.c | 1 +
1 file changed, 1 insertion(+)
diff --git a/hw/usb/dev-hub.c b/hw/usb/dev-hub.c
index e35813d772..605fee4fa9 100644
--- a/hw/usb/dev-hub.c
+++ b/hw/usb/dev-hub.c
@@ -479,6 +479,7 @@ static void usb_hub_handle_control(USBDevice *dev, USBPacket *p,
usb_hub_port_clear(port, PORT_STAT_SUSPEND);
port->wPortChange = 0;
}
+ break;
default:
goto fail;
}
--
2.41.0.windows.1

55
vvfat-Fix-size-of-temporary-qcow-file.patch Normal file
View File

@ -0,0 +1,55 @@
From af7d805a06677a4fdf55799c080b06483adafc9f Mon Sep 17 00:00:00 2001
From: Luo Yifan <luoyifan_yewu@cmss.chinamobile.com>
Date: Wed, 20 Nov 2024 11:23:29 +0800
Subject: [PATCH] vvfat: Fix size of temporary qcow file
cherry picked from commit 2db9b9e96f0b57ceaa49666d9b8a573290114fdf
The size of the qcow size was calculated so that only the FAT partition
would fit on it, but not the whole disk. However, offsets relative to
the whole disk are used to access it, so increase its size to be large
enough for that.
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Message-Id: <20211209151815.23495-1-kwolf@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Signed-off-by: Luo Yifan <luoyifan_yewu@cmss.chinamobile.com>
---
block/vvfat.c | 7 +++----
1 file changed, 3 insertions(+), 4 deletions(-)
diff --git a/block/vvfat.c b/block/vvfat.c
index 58692133c1..3691c4774e 100644
--- a/block/vvfat.c
+++ b/block/vvfat.c
@@ -1230,6 +1230,7 @@ static int vvfat_open(BlockDriverState *bs, QDict *options, int flags,
dirname, cyls, heads, secs));
s->sector_count = cyls * heads * secs - s->offset_to_bootsector;
+ bs->total_sectors = cyls * heads * secs;
if (qemu_opt_get_bool(opts, "rw", false)) {
if (!bdrv_is_read_only(bs)) {
@@ -1250,8 +1251,6 @@ static int vvfat_open(BlockDriverState *bs, QDict *options, int flags,
}
}
- bs->total_sectors = cyls * heads * secs;
-
if (init_directories(s, dirname, heads, secs, errp)) {
ret = -EIO;
goto fail;
@@ -3149,8 +3148,8 @@ static int enable_write_target(BlockDriverState *bs, Error **errp)
}
opts = qemu_opts_create(bdrv_qcow->create_opts, NULL, 0, &error_abort);
- qemu_opt_set_number(opts, BLOCK_OPT_SIZE, s->sector_count * 512,
- &error_abort);
+ qemu_opt_set_number(opts, BLOCK_OPT_SIZE,
+ bs->total_sectors * BDRV_SECTOR_SIZE, &error_abort);
qemu_opt_set(opts, BLOCK_OPT_BACKING_FILE, "fat:", &error_abort);
ret = bdrv_create(bdrv_qcow, s->qcow_filename, opts, errp);
--
2.41.0.windows.1

99
vvfat-Fix-vvfat_write-for-writes-before-the-root-dir.patch Normal file
View File

@ -0,0 +1,99 @@
From 64b53f59bccb8ec3251826c06d74adbc7b3cad36 Mon Sep 17 00:00:00 2001
From: Luo Yifan <luoyifan_yewu@cmss.chinamobile.com>
Date: Mon, 16 Dec 2024 10:27:44 +0800
Subject: [PATCH] vvfat: Fix vvfat_write() for writes before the root directory
cherry picked from commit b9b8860d24676ec59c878d5206ea6bcfc87af798
The calculation in sector2cluster() is done relative to the offset of
the root directory. Any writes to blocks before the start of the root
directory (in particular, writes to the FAT) result in negative values,
which are not handled correctly in vvfat_write().
This changes sector2cluster() to return a signed value, and makes sure
that vvfat_write() doesn't try to find mappings for negative cluster
number. It clarifies the code in vvfat_write() to make it more obvious
that the cluster numbers can be negative.
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Message-Id: <20211209152231.23756-1-kwolf@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Signed-off-by: Luo Yifan <luoyifan_yewu@cmss.chinamobile.com>
---
block/vvfat.c | 30 ++++++++++++++++++++++--------
1 file changed, 22 insertions(+), 8 deletions(-)
diff --git a/block/vvfat.c b/block/vvfat.c
index 3691c4774e..935a10bdd3 100644
--- a/block/vvfat.c
+++ b/block/vvfat.c
@@ -882,7 +882,7 @@ static int read_directory(BDRVVVFATState* s, int mapping_index)
return 0;
}
-static inline uint32_t sector2cluster(BDRVVVFATState* s,off_t sector_num)
+static inline int32_t sector2cluster(BDRVVVFATState* s,off_t sector_num)
{
return (sector_num - s->offset_to_root_dir) / s->sectors_per_cluster;
}
@@ -2983,6 +2983,7 @@ static int vvfat_write(BlockDriverState *bs, int64_t sector_num,
{
BDRVVVFATState *s = bs->opaque;
int i, ret;
+ int first_cluster, last_cluster;
DLOG(checkpoint());
@@ -3001,9 +3002,20 @@ DLOG(checkpoint());
if (sector_num < s->offset_to_fat)
return -1;
- for (i = sector2cluster(s, sector_num);
- i <= sector2cluster(s, sector_num + nb_sectors - 1);) {
- mapping_t* mapping = find_mapping_for_cluster(s, i);
+ /*
+ * Values will be negative for writes to the FAT, which is located before
+ * the root directory.
+ */
+ first_cluster = sector2cluster(s, sector_num);
+ last_cluster = sector2cluster(s, sector_num + nb_sectors - 1);
+
+ for (i = first_cluster; i <= last_cluster;) {
+ mapping_t *mapping = NULL;
+
+ if (i >= 0) {
+ mapping = find_mapping_for_cluster(s, i);
+ }
+
if (mapping) {
if (mapping->read_only) {
fprintf(stderr, "Tried to write to write-protected file %s\n",
@@ -3043,8 +3055,9 @@ DLOG(checkpoint());
}
}
i = mapping->end;
- } else
+ } else {
i++;
+ }
}
/*
@@ -3058,10 +3071,11 @@ DLOG(fprintf(stderr, "Write to qcow backend: %d + %d\n", (int)sector_num, nb_sec
return ret;
}
- for (i = sector2cluster(s, sector_num);
- i <= sector2cluster(s, sector_num + nb_sectors - 1); i++)
- if (i >= 0)
+ for (i = first_cluster; i <= last_cluster; i++) {
+ if (i >= 0) {
s->used_clusters[i] |= USED_ALLOCATED;
+ }
+ }
DLOG(checkpoint());
/* TODO: add timeout */
--
2.41.0.windows.1