[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Qemu-commits] [qemu/qemu] 66169c: hw/sparse-mem: clear memory on reset
From: |
Peter Maydell |
Subject: |
[Qemu-commits] [qemu/qemu] 66169c: hw/sparse-mem: clear memory on reset |
Date: |
Tue, 21 Feb 2023 03:33:59 -0800 |
Branch: refs/heads/staging
Home: https://github.com/qemu/qemu
Commit: 66169c3c60af5014c1940de7491fdf090e5a090a
https://github.com/qemu/qemu/commit/66169c3c60af5014c1940de7491fdf090e5a090a
Author: Alexander Bulekov <alxndr@bu.edu>
Date: 2023-02-16 (Thu, 16 Feb 2023)
Changed paths:
M hw/mem/sparse-mem.c
Log Message:
-----------
hw/sparse-mem: clear memory on reset
We use sparse-mem for fuzzing. For long-running fuzzing processes, we
eventually end up with many allocated sparse-mem pages. To avoid this,
clear the allocated pages on system-reset.
Signed-off-by: Alexander Bulekov <alxndr@bu.edu>
Reviewed-by: Darren Kenny <darren.kenny@oracle.com>
Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Commit: 8d1e76b35b420a6ecf3f69730a7588279031d617
https://github.com/qemu/qemu/commit/8d1e76b35b420a6ecf3f69730a7588279031d617
Author: Alexander Bulekov <alxndr@bu.edu>
Date: 2023-02-16 (Thu, 16 Feb 2023)
Changed paths:
M tests/qtest/fuzz/fuzz.c
M tests/qtest/fuzz/fuzz.h
Log Message:
-----------
fuzz: add fuzz_reset API
As we are converting most fuzzers to rely on reboots to reset state,
introduce an API to make sure reboots are invoked in a consistent
manner.
Signed-off-by: Alexander Bulekov <alxndr@bu.edu>
Commit: 1375104370fc80bbcaa55430d2fbc0b1d8fc158b
https://github.com/qemu/qemu/commit/1375104370fc80bbcaa55430d2fbc0b1d8fc158b
Author: Alexander Bulekov <alxndr@bu.edu>
Date: 2023-02-16 (Thu, 16 Feb 2023)
Changed paths:
M tests/qtest/fuzz/generic_fuzz.c
Log Message:
-----------
fuzz/generic-fuzz: use reboots instead of forks to reset state
Signed-off-by: Alexander Bulekov <alxndr@bu.edu>
Reviewed-by: Darren Kenny <darren.kenny@oracle.com>
Commit: b8b52178e2d84bfcda91b00d55fa05ed895badbf
https://github.com/qemu/qemu/commit/b8b52178e2d84bfcda91b00d55fa05ed895badbf
Author: Alexander Bulekov <alxndr@bu.edu>
Date: 2023-02-16 (Thu, 16 Feb 2023)
Changed paths:
M tests/qtest/fuzz/generic_fuzz.c
Log Message:
-----------
fuzz/generic-fuzz: add a limit on DMA bytes written
As we have repplaced fork-based fuzzing, with reboots - we can no longer
use a timeout+exit() to avoid slow inputs. Libfuzzer has its own timer
that it uses to catch slow inputs, however these timeouts are usually
seconds-minutes long: more than enough to bog-down the fuzzing process.
However, I found that slow inputs often attempt to fill overly large DMA
requests. Thus, we can mitigate most timeouts by setting a cap on the
total number of DMA bytes written by an input.
Signed-off-by: Alexander Bulekov <alxndr@bu.edu>
Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Reviewed-by: Darren Kenny <darren.kenny@oracle.com>
Commit: 5d3c73e27e7e0ab09e4796a6218cb5762632c4e2
https://github.com/qemu/qemu/commit/5d3c73e27e7e0ab09e4796a6218cb5762632c4e2
Author: Alexander Bulekov <alxndr@bu.edu>
Date: 2023-02-16 (Thu, 16 Feb 2023)
Changed paths:
M tests/qtest/fuzz/virtio_scsi_fuzz.c
Log Message:
-----------
fuzz/virtio-scsi: remove fork-based fuzzer
Signed-off-by: Alexander Bulekov <alxndr@bu.edu>
Reviewed-by: Darren Kenny <darren.kenny@oracle.com>
Commit: 5f47d07fd80cc2b500eb2df5b15130feb50d6338
https://github.com/qemu/qemu/commit/5f47d07fd80cc2b500eb2df5b15130feb50d6338
Author: Alexander Bulekov <alxndr@bu.edu>
Date: 2023-02-16 (Thu, 16 Feb 2023)
Changed paths:
M tests/qtest/fuzz/virtio_net_fuzz.c
Log Message:
-----------
fuzz/virtio-net: remove fork-based fuzzer
Signed-off-by: Alexander Bulekov <alxndr@bu.edu>
Reviewed-by: Darren Kenny <darren.kenny@oracle.com>
Commit: 725767e9a1fd4c39628f9ad10cb7aa0fe98a04cc
https://github.com/qemu/qemu/commit/725767e9a1fd4c39628f9ad10cb7aa0fe98a04cc
Author: Alexander Bulekov <alxndr@bu.edu>
Date: 2023-02-16 (Thu, 16 Feb 2023)
Changed paths:
M tests/qtest/fuzz/virtio_blk_fuzz.c
Log Message:
-----------
fuzz/virtio-blk: remove fork-based fuzzer
Signed-off-by: Alexander Bulekov <alxndr@bu.edu>
Reviewed-by: Darren Kenny <darren.kenny@oracle.com>
Commit: f031c95941e3dbc816416d5336ed6225a4933cfc
https://github.com/qemu/qemu/commit/f031c95941e3dbc816416d5336ed6225a4933cfc
Author: Alexander Bulekov <alxndr@bu.edu>
Date: 2023-02-16 (Thu, 16 Feb 2023)
Changed paths:
M tests/qtest/fuzz/i440fx_fuzz.c
Log Message:
-----------
fuzz/i440fx: remove fork-based fuzzer
Signed-off-by: Alexander Bulekov <alxndr@bu.edu>
Reviewed-by: Darren Kenny <darren.kenny@oracle.com>
Commit: d2e6f9272d337d1b23b588e7ead8500d40cbf4e9
https://github.com/qemu/qemu/commit/d2e6f9272d337d1b23b588e7ead8500d40cbf4e9
Author: Alexander Bulekov <alxndr@bu.edu>
Date: 2023-02-16 (Thu, 16 Feb 2023)
Changed paths:
M meson.build
R tests/qtest/fuzz/fork_fuzz.c
R tests/qtest/fuzz/fork_fuzz.h
R tests/qtest/fuzz/fork_fuzz.ld
M tests/qtest/fuzz/meson.build
Log Message:
-----------
fuzz: remove fork-fuzzing scaffolding
Fork-fuzzing provides a few pros, but our implementation prevents us
from using fuzzers other than libFuzzer, and may be causing issues such
as coverage-failure builds on OSS-Fuzz. It is not a great long-term
solution as it depends on internal implementation details of libFuzzer
(which is no longer in active development). Remove it in favor of other
methods of resetting state between inputs.
Signed-off-by: Alexander Bulekov <alxndr@bu.edu>
Reviewed-by: Darren Kenny <darren.kenny@oracle.com>
Commit: 7d9e5f18a94792ed875a1caed2bfcd1e68a49481
https://github.com/qemu/qemu/commit/7d9e5f18a94792ed875a1caed2bfcd1e68a49481
Author: Alexander Bulekov <alxndr@bu.edu>
Date: 2023-02-16 (Thu, 16 Feb 2023)
Changed paths:
M docs/devel/fuzzing.rst
Log Message:
-----------
docs/fuzz: remove mentions of fork-based fuzzing
Signed-off-by: Alexander Bulekov <alxndr@bu.edu>
Reviewed-by: Darren Kenny <darren.kenny@oracle.com>
Commit: c6941b3b9b7445f7760c462882f8397b9dc51e30
https://github.com/qemu/qemu/commit/c6941b3b9b7445f7760c462882f8397b9dc51e30
Author: Thomas Huth <thuth@redhat.com>
Date: 2023-02-17 (Fri, 17 Feb 2023)
Changed paths:
M hw/pci/pci.c
M include/net/net.h
M net/net.c
Log Message:
-----------
net: Move the code to collect available NIC models to a separate function
The code that collects the available NIC models is not really specific
to PCI anymore and will be required in the next patch, too, so let's
move this into a new separate function in net.c instead.
Signed-off-by: Thomas Huth <thuth@redhat.com>
Signed-off-by: Jason Wang <jasowang@redhat.com>
Commit: 27c819244b8129a4742bfe43d255cdaa8528765d
https://github.com/qemu/qemu/commit/27c819244b8129a4742bfe43d255cdaa8528765d
Author: Thomas Huth <thuth@redhat.com>
Date: 2023-02-17 (Fri, 17 Feb 2023)
Changed paths:
M net/net.c
Log Message:
-----------
net: Restore printing of the help text with "-nic help"
Running QEMU with "-nic help" used to work in QEMU 5.2 and earlier versions
(it showed the available netdev backends), but this feature got broken during
some refactoring in version 6.0. Let's restore the old behavior, and while
we're at it, let's also print the available NIC models here now since this
option can be used to configure both, netdev backend and model in one go.
Fixes: ad6f932fe8 ("net: do not exit on "netdev_add help" monitor command")
Signed-off-by: Thomas Huth <thuth@redhat.com>
Signed-off-by: Jason Wang <jasowang@redhat.com>
Commit: 3b0cca8e4e674bda3457435208c3268767b6b085
https://github.com/qemu/qemu/commit/3b0cca8e4e674bda3457435208c3268767b6b085
Author: Thomas Huth <thuth@redhat.com>
Date: 2023-02-17 (Fri, 17 Feb 2023)
Changed paths:
M net/net.c
Log Message:
-----------
net: Replace "Supported NIC models" with "Available NIC models"
Just because a NIC model is compiled into the QEMU binary does not
necessary mean that it can be used with each and every machine.
So let's rather talk about "available" models instead of "supported"
models, just to avoid confusion.
Reviewed-by: Claudio Fontana <cfontana@suse.de>
Signed-off-by: Thomas Huth <thuth@redhat.com>
Signed-off-by: Jason Wang <jasowang@redhat.com>
Commit: 44c94cdb21cd1d1fb9aa6554585b94aa6de7ed9d
https://github.com/qemu/qemu/commit/44c94cdb21cd1d1fb9aa6554585b94aa6de7ed9d
Author: Qiang Liu <cyruscyliu@gmail.com>
Date: 2023-02-17 (Fri, 17 Feb 2023)
Changed paths:
M hw/net/lan9118.c
Log Message:
-----------
hw/net/lan9118: log [read|write]b when mode_16bit is enabled rather than abort
This patch replaces hw_error to guest error log for [read|write]b
accesses when mode_16bit is enabled. This avoids aborting qemu.
Fixes: 1248f8d4cbc3 ("hw/lan9118: Add basic 16-bit mode support.")
Resolves: https://gitlab.com/qemu-project/qemu/-/issues/1433
Reported-by: Qiang Liu <cyruscyliu@gmail.com>
Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Signed-off-by: Qiang Liu <cyruscyliu@gmail.com>
Suggested-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Signed-off-by: Jason Wang <jasowang@redhat.com>
Commit: 099a63828130843741d317cb28e936f468b2b53b
https://github.com/qemu/qemu/commit/099a63828130843741d317cb28e936f468b2b53b
Author: Fiona Ebner <f.ebner@proxmox.com>
Date: 2023-02-17 (Fri, 17 Feb 2023)
Changed paths:
M hw/net/vmxnet3.c
Log Message:
-----------
hw/net/vmxnet3: allow VMXNET3_MAX_MTU itself as a value
Currently, VMXNET3_MAX_MTU itself (being 9000) is not considered a
valid value for the MTU, but a guest running ESXi 7.0 might try to
set it and fail the assert [0].
In the Linux kernel, dev->max_mtu itself is a valid value for the MTU
and for the vmxnet3 driver it's 9000, so a guest running Linux will
also fail the assert when trying to set an MTU of 9000.
VMXNET3_MAX_MTU and s->mtu don't seem to be used in relation to buffer
allocations/accesses, so allowing the upper limit itself as a value
should be fine.
[0]: https://forum.proxmox.com/threads/114011/
Fixes: d05dcd94ae ("net: vmxnet3: validate configuration values during activate
(CVE-2021-20203)")
Signed-off-by: Fiona Ebner <f.ebner@proxmox.com>
Signed-off-by: Jason Wang <jasowang@redhat.com>
Commit: 0c65ef4fbbf3d3c1c4435f06db7648ab67935a19
https://github.com/qemu/qemu/commit/0c65ef4fbbf3d3c1c4435f06db7648ab67935a19
Author: Christian Svensson <blue@cmd.nu>
Date: 2023-02-17 (Fri, 17 Feb 2023)
Changed paths:
M net/l2tpv3.c
Log Message:
-----------
net: Increase L2TPv3 buffer to fit jumboframes
Increase the allocated buffer size to fit larger packets.
Given that jumboframes can commonly be up to 9000 bytes the closest suitable
value seems to be 16 KiB.
Tested by running qemu towards a Linux L2TPv3 endpoint and pushing
jumboframe traffic through the interfaces.
Signed-off-by: Christian Svensson <blue@cmd.nu>
Signed-off-by: Jason Wang <jasowang@redhat.com>
Commit: 993f71ee3360450c2758964adbdfb13f4d460162
https://github.com/qemu/qemu/commit/993f71ee3360450c2758964adbdfb13f4d460162
Author: Joelle van Dyne <j@getutm.app>
Date: 2023-02-17 (Fri, 17 Feb 2023)
Changed paths:
M net/vmnet-common.m
M net/vmnet_int.h
Log Message:
-----------
vmnet: stop recieving events when VM is stopped
When the VM is stopped using the HMP command "stop", soon the handler will
stop reading from the vmnet interface. This causes a flood of
`VMNET_INTERFACE_PACKETS_AVAILABLE` events to arrive and puts the host CPU
at 100%. We fix this by removing the event handler from vmnet when the VM
is no longer in a running state and restore it when we return to a running
state.
Signed-off-by: Joelle van Dyne <j@getutm.app>
Signed-off-by: Jason Wang <jasowang@redhat.com>
Commit: 148fbf0d58a6fa9c6881db28fced8c071c3be100
https://github.com/qemu/qemu/commit/148fbf0d58a6fa9c6881db28fced8c071c3be100
Author: Laurent Vivier <lvivier@redhat.com>
Date: 2023-02-17 (Fri, 17 Feb 2023)
Changed paths:
M net/stream.c
M qapi/net.json
M qemu-options.hx
M tests/qtest/netdev-socket.c
Log Message:
-----------
net: stream: add a new option to automatically reconnect
In stream mode, if the server shuts down there is currently
no way to reconnect the client to a new server without removing
the NIC device and the netdev backend (or to reboot).
This patch introduces a reconnect option that specifies a delay
to try to reconnect with the same parameters.
Add a new test in qtest to test the reconnect option and the
connect/disconnect events.
Signed-off-by: Laurent Vivier <lvivier@redhat.com>
Signed-off-by: Jason Wang <jasowang@redhat.com>
Commit: 525ae115222f0b0b6de7f9665976f640d18c200a
https://github.com/qemu/qemu/commit/525ae115222f0b0b6de7f9665976f640d18c200a
Author: Eugenio Pérez <eperezma@redhat.com>
Date: 2023-02-17 (Fri, 17 Feb 2023)
Changed paths:
M net/vhost-vdpa.c
Log Message:
-----------
vdpa: fix VHOST_BACKEND_F_IOTLB_ASID flag check
VHOST_BACKEND_F_IOTLB_ASID is the feature bit, not the bitmask. Since
the device under test also provided VHOST_BACKEND_F_IOTLB_MSG_V2 and
VHOST_BACKEND_F_IOTLB_BATCH, this went unnoticed.
Fixes: c1a1008685 ("vdpa: always start CVQ in SVQ mode if possible")
Signed-off-by: Eugenio Pérez <eperezma@redhat.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Acked-by: Jason Wang <jasowang@redhat.com>
Signed-off-by: Jason Wang <jasowang@redhat.com>
Commit: 4919d0c44afd58e16a8a369ca359de7f0114e04c
https://github.com/qemu/qemu/commit/4919d0c44afd58e16a8a369ca359de7f0114e04c
Author: Peter Maydell <peter.maydell@linaro.org>
Date: 2023-02-21 (Tue, 21 Feb 2023)
Changed paths:
M docs/devel/fuzzing.rst
M hw/mem/sparse-mem.c
M meson.build
R tests/qtest/fuzz/fork_fuzz.c
R tests/qtest/fuzz/fork_fuzz.h
R tests/qtest/fuzz/fork_fuzz.ld
M tests/qtest/fuzz/fuzz.c
M tests/qtest/fuzz/fuzz.h
M tests/qtest/fuzz/generic_fuzz.c
M tests/qtest/fuzz/i440fx_fuzz.c
M tests/qtest/fuzz/meson.build
M tests/qtest/fuzz/virtio_blk_fuzz.c
M tests/qtest/fuzz/virtio_net_fuzz.c
M tests/qtest/fuzz/virtio_scsi_fuzz.c
Log Message:
-----------
Merge tag 'pr-2023-02-16' of https://gitlab.com/a1xndr/qemu into staging
Replace fork-based fuzzing with reboots.
Now the fuzzers will reboot the guest between inputs.
# -----BEGIN PGP SIGNATURE-----
#
# iQIzBAABCgAdFiEE+tTiv4cTddY0BRfETmYd3lg6lk4FAmPu/LoACgkQTmYd3lg6
# lk6RHg/7BRGI5ZPXb1MmTNCC+SroQ6TT++lO4b0hbkN2HO6U+WVvfuA6+0wg+8qC
# 4bp+G1Tabpcq1MTYUuim6DBtWswgpqr0AbWNwn1eF7hya+3W9woH2POVYY2wwc7m
# S3EdwXCCKo9gGXlaNrotnbwIk+o8B4BzXOXLIlRtg26wGYhT5fkJA/BQcHKDXz37
# ctyWxlyjIM8pNCgfybMvjC7MYtp8DufPsv/rrKx9t0TM7f1jPVgXLek7t0+ZwjeY
# qz2Om2jiij1INgK9hTieWs4eHwpwre6vH2a+JKRkZ3sS7WYcj1auNKVJb3GvDqmc
# wy+Nz5Lz4+aPP19pkCYjfz5w3CqEEsSlSDn5UVRbfl2fbENSceoNwo9huMXsF1pB
# oO6NK2NxbOygmNpYxp+JEt45KFIXzUcIFQwbn8aCDODIl+0H2yu7/ll6XgELf1Pa
# P83THOaVxIxfcI9VOdt/FwDq1ZzmV5nk/BkIGJeIWNYMbU4Gze6YoaL3U8AHDxKH
# f6f3qDzcVJjqD0wKhvYcQ3kSPq+vHc/ioh6mYwos6VUEVYz/SLOY876MaSB/K4PE
# ofBV7y6HvJ6AMwg1TBg4YtOP08gWK+4sYH+I09oU40U3UcwEpkbkQTF72lPQHxFs
# 8UVRJrgWv/xzrwzXTX5ruQ633F8zuhqQTeERqksj1pPHJ3NdHps=
# =F6qI
# -----END PGP SIGNATURE-----
# gpg: Signature made Fri 17 Feb 2023 04:04:10 GMT
# gpg: using RSA key FAD4E2BF871375D6340517C44E661DDE583A964E
# gpg: Good signature from "Alexander Bulekov <alxndr@bu.edu>" [unknown]
# gpg: WARNING: This key is not certified with a trusted signature!
# gpg: There is no indication that the signature belongs to the owner.
# Primary key fingerprint: FAD4 E2BF 8713 75D6 3405 17C4 4E66 1DDE 583A 964E
* tag 'pr-2023-02-16' of https://gitlab.com/a1xndr/qemu:
docs/fuzz: remove mentions of fork-based fuzzing
fuzz: remove fork-fuzzing scaffolding
fuzz/i440fx: remove fork-based fuzzer
fuzz/virtio-blk: remove fork-based fuzzer
fuzz/virtio-net: remove fork-based fuzzer
fuzz/virtio-scsi: remove fork-based fuzzer
fuzz/generic-fuzz: add a limit on DMA bytes written
fuzz/generic-fuzz: use reboots instead of forks to reset state
fuzz: add fuzz_reset API
hw/sparse-mem: clear memory on reset
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Commit: 79b677d658d3d35e1e776826ac4abb28cdce69b8
https://github.com/qemu/qemu/commit/79b677d658d3d35e1e776826ac4abb28cdce69b8
Author: Peter Maydell <peter.maydell@linaro.org>
Date: 2023-02-21 (Tue, 21 Feb 2023)
Changed paths:
M hw/net/lan9118.c
M hw/net/vmxnet3.c
M hw/pci/pci.c
M include/net/net.h
M net/l2tpv3.c
M net/net.c
M net/stream.c
M net/vhost-vdpa.c
M net/vmnet-common.m
M net/vmnet_int.h
M qapi/net.json
M qemu-options.hx
M tests/qtest/netdev-socket.c
Log Message:
-----------
Merge tag 'net-pull-request' of https://github.com/jasowang/qemu into staging
# -----BEGIN PGP SIGNATURE-----
# Version: GnuPG v1
#
# iQEcBAABAgAGBQJj7xKYAAoJEO8Ells5jWIRDZQH/Rao24sq3j97qE5RzekvANzq
# GnHUyLnl3yeOSNumv2BJInZTvgUpYL2etGQr3DtGRwOrr7w1vKB3zhY3V3jQefkh
# f4rsEGkamL/qM2N2cGUIUSqevo7OGnP8aQojpEi4MWWZ30B3L6jqd4NqyA1gyndV
# 1eBkpR+BY2PjcLbgvFUZEXeAn/vapE5NKULXUGhg5mMvgwYH3CgZXpqqkxr876za
# S4rZMtReXKNeid14Z35SUjJdV2WKYmo/lN9+GQxF2YNLmDC3RtuFQVm038erSqvs
# uLVSg8tiIlCyOcSDpR/BARNrxVwzlJp5X6ocapHubS/i0Rp/Zo7ezSk/XWH1gfU=
# =UbzF
# -----END PGP SIGNATURE-----
# gpg: Signature made Fri 17 Feb 2023 05:37:28 GMT
# gpg: using RSA key EF04965B398D6211
# gpg: Good signature from "Jason Wang (Jason Wang on RedHat)
<jasowang@redhat.com>" [marginal]
# gpg: WARNING: This key is not certified with sufficiently trusted signatures!
# gpg: It is not certain that the signature belongs to the owner.
# Primary key fingerprint: 215D 46F4 8246 689E C77F 3562 EF04 965B 398D 6211
* tag 'net-pull-request' of https://github.com/jasowang/qemu:
vdpa: fix VHOST_BACKEND_F_IOTLB_ASID flag check
net: stream: add a new option to automatically reconnect
vmnet: stop recieving events when VM is stopped
net: Increase L2TPv3 buffer to fit jumboframes
hw/net/vmxnet3: allow VMXNET3_MAX_MTU itself as a value
hw/net/lan9118: log [read|write]b when mode_16bit is enabled rather than abort
net: Replace "Supported NIC models" with "Available NIC models"
net: Restore printing of the help text with "-nic help"
net: Move the code to collect available NIC models to a separate function
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Compare: https://github.com/qemu/qemu/compare/9b0699ab8014...79b677d658d3
- [Qemu-commits] [qemu/qemu] 66169c: hw/sparse-mem: clear memory on reset,
Peter Maydell <=