From df3b3046059edfae4b36cafe513f69d0c1ae78d5 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Philippe=20Mathieu-Daud=C3=A9?= Date: Mon, 17 Nov 2025 19:06:49 +0100 Subject: [PATCH 01/10] osdep: Undefine FSCALE definition to fix Solaris builds MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Solaris defines FSCALE in : 301 /* 302 * Scale factor for scaled integers used to count 303 * %cpu time and load averages. 304 */ 305 #define FSHIFT 8 /* bits to right of fixed binary point */ 306 #define FSCALE (1<esz], a) | ^~~~~~~~~~ ../target/arm/tcg/translate-sve.c:4249:1: note: in expansion of macro 'DO_ZPZZ_FP' 4249 | DO_ZPZZ_FP(FSCALE, aa64_sve, sve_fscalbn) | ^~~~~~~~~~ ../target/arm/tcg/translate-sve.c:4249:12: error: expected declaration specifiers or '...' before numeric constant 4249 | DO_ZPZZ_FP(FSCALE, aa64_sve, sve_fscalbn) | ^~~~~~ ../target/arm/tcg/translate.h:875:25: note: in definition of macro 'TRANS_FEAT' 875 | static bool trans_##NAME(DisasContext *s, arg_##NAME *a) \ | ^~~~ ../target/arm/tcg/translate-sve.c:4249:1: note: in expansion of macro 'DO_ZPZZ_FP' 4249 | DO_ZPZZ_FP(FSCALE, aa64_sve, sve_fscalbn) | ^~~~~~~~~~ ../target/arm/tcg/translate.h:875:47: error: pasting "arg_" and "(" does not give a valid preprocessing token 875 | static bool trans_##NAME(DisasContext *s, arg_##NAME *a) \ | ^~~~ ../target/arm/tcg/translate-sve.c:4205:5: note: in expansion of macro 'TRANS_FEAT' 4205 | TRANS_FEAT(NAME, FEAT, gen_gvec_fpst_arg_zpzz, name##_zpzz_fns[a->esz], a) | ^~~~~~~~~~ ../target/arm/tcg/translate-sve.c:4249:1: note: in expansion of macro 'DO_ZPZZ_FP' 4249 | DO_ZPZZ_FP(FSCALE, aa64_sve, sve_fscalbn) | ^~~~~~~~~~ In file included from ../target/arm/tcg/translate-sve.c:100: libqemu-aarch64-softmmu.a.p/decode-sve.c.inc:1227:13: warning: 'trans_FSCALE' used but never defined 1227 | static bool trans_FSCALE(DisasContext *ctx, arg_FSCALE *a); | ^~~~~~~~~~~~ ../target/arm/tcg/translate-sve.c:4249:30: warning: 'sve_fscalbn_zpzz_fns' defined but not used [-Wunused-const-variable=] 4249 | DO_ZPZZ_FP(FSCALE, aa64_sve, sve_fscalbn) | ^~~~~~~~~~~ ../target/arm/tcg/translate-sve.c:4201:42: note: in definition of macro 'DO_ZPZZ_FP' 4201 | static gen_helper_gvec_4_ptr * const name##_zpzz_fns[4] = { \ | ^~~~ As a kludge, undefine it globally in . Suggested-by: Richard Henderson Signed-off-by: Philippe Mathieu-Daudé Reviewed-by: Richard Henderson Message-Id: <20251203120315.62889-1-philmd@linaro.org> --- include/qemu/osdep.h | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/include/qemu/osdep.h b/include/qemu/osdep.h index cf8d7cf7e6..3cb45a1467 100644 --- a/include/qemu/osdep.h +++ b/include/qemu/osdep.h @@ -141,6 +141,12 @@ QEMU_EXTERN_C int daemon(int, int); #undef ELF_DATA #undef ELF_ARCH +/* + * Avoid conflict with Solaris FSCALE definition from header, + * but we might as well do this unconditionally. + */ +#undef FSCALE + #ifdef CONFIG_IOVEC #include #endif From 93332c90bfcd91d4a30104d53650e4355db0a099 Mon Sep 17 00:00:00 2001 From: Alano Song Date: Tue, 2 Dec 2025 21:21:32 +0800 Subject: [PATCH 02/10] hw/9pfs: Correct typo MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Correct comment typo in xen_9pfs_bh() Signed-off-by: Alano Song Reviewed-by: Christian Schoenebeck Reviewed-by: Thomas Huth Message-ID: <20251202132132.17636-1-AlanoSong@163.com> Signed-off-by: Philippe Mathieu-Daudé --- hw/9pfs/xen-9p-backend.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/hw/9pfs/xen-9p-backend.c b/hw/9pfs/xen-9p-backend.c index 79359d911a..ca0fff5fa9 100644 --- a/hw/9pfs/xen-9p-backend.c +++ b/hw/9pfs/xen-9p-backend.c @@ -310,7 +310,7 @@ static void xen_9pfs_bh(void *opaque) again: wait = ring->co != NULL && qemu_coroutine_entered(ring->co); - /* paired with the smb_wmb barriers in xen_9pfs_init_in_iov_from_pdu */ + /* paired with the smp_wmb barriers in xen_9pfs_init_in_iov_from_pdu */ smp_rmb(); if (wait) { cpu_relax(); From 8062bfd517645e0219fe302839fad7231bebf61d Mon Sep 17 00:00:00 2001 From: "Denis V. Lunev" Date: Wed, 3 Dec 2025 23:01:38 +0100 Subject: [PATCH 03/10] scripts: fix broken error path in modinfo-collect.py MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit sys.stderr.print is dropped long ago and should not be used. Official replacement is sys.stderr.write The problem has been found debugging building on some fancy platform derived from Debian. Signed-off-by: Denis V. Lunev CC: John Snow CC: Cleber Rosa Reviewed-by: Philippe Mathieu-Daudé Message-ID: <20251203220138.159656-1-den@openvz.org> Signed-off-by: Philippe Mathieu-Daudé --- scripts/modinfo-collect.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/scripts/modinfo-collect.py b/scripts/modinfo-collect.py index 6ebaea989d..db78b16c1f 100644 --- a/scripts/modinfo-collect.py +++ b/scripts/modinfo-collect.py @@ -41,7 +41,7 @@ def main(args): for obj in args: entry = compile_commands.get(obj, None) if not entry: - sys.stderr.print('modinfo: Could not find object file', obj) + sys.stderr.write(f'modinfo: Could not find object file {obj}') sys.exit(1) src = entry['file'] if not src.endswith('.c'): From 46228925edd53bb0569519538b94e10b85f9c001 Mon Sep 17 00:00:00 2001 From: Hanna Czenczek Date: Mon, 8 Dec 2025 12:30:08 +0100 Subject: [PATCH 04/10] vhost: Always initialize cached vring data MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit vhost_virtqueue_start() can exit early if the descriptor ring address is 0, assuming the virtqueue isn’t ready to start. In this case, all cached vring information (size, physical address, pointer) is left as-is. This is OK at first startup, when that info is still initialized to 0, but after a reset, it will retain old (outdated) information. vhost_virtqueue_start() must make sure these values are (re-)set properly before exiting. (When using an IOMMU, these outdated values can stall the device: vhost_dev_start() deliberately produces an IOMMU miss event for each used vring. If used_phys contains an outdated value, the resulting lookup may fail, forcing the device to be stopped.) Cc: qemu-stable@nongnu.org Signed-off-by: Hanna Czenczek Reviewed-by: Philippe Mathieu-Daudé Message-ID: <20251208113008.153249-1-hreitz@redhat.com> Signed-off-by: Philippe Mathieu-Daudé --- hw/virtio/vhost.c | 38 +++++++++++++++++++++++--------------- 1 file changed, 23 insertions(+), 15 deletions(-) diff --git a/hw/virtio/vhost.c b/hw/virtio/vhost.c index 266a11514a..e654ea468a 100644 --- a/hw/virtio/vhost.c +++ b/hw/virtio/vhost.c @@ -1261,7 +1261,7 @@ int vhost_virtqueue_start(struct vhost_dev *dev, BusState *qbus = BUS(qdev_get_parent_bus(DEVICE(vdev))); VirtioBusState *vbus = VIRTIO_BUS(qbus); VirtioBusClass *k = VIRTIO_BUS_GET_CLASS(vbus); - hwaddr s, l, a; + hwaddr l; int r; int vhost_vq_index = dev->vhost_ops->vhost_get_vq_index(dev, idx); struct vhost_vring_file file = { @@ -1272,8 +1272,17 @@ int vhost_virtqueue_start(struct vhost_dev *dev, }; struct VirtQueue *vvq = virtio_get_queue(vdev, idx); - a = virtio_queue_get_desc_addr(vdev, idx); - if (a == 0) { + vq->desc_size = virtio_queue_get_desc_size(vdev, idx); + vq->desc_phys = virtio_queue_get_desc_addr(vdev, idx); + vq->desc = NULL; + vq->avail_size = virtio_queue_get_avail_size(vdev, idx); + vq->avail_phys = virtio_queue_get_avail_addr(vdev, idx); + vq->avail = NULL; + vq->used_size = virtio_queue_get_used_size(vdev, idx); + vq->used_phys = virtio_queue_get_used_addr(vdev, idx); + vq->used = NULL; + + if (vq->desc_phys == 0) { /* Queue might not be ready for start */ return 0; } @@ -1301,24 +1310,23 @@ int vhost_virtqueue_start(struct vhost_dev *dev, } } - vq->desc_size = s = l = virtio_queue_get_desc_size(vdev, idx); - vq->desc_phys = a; - vq->desc = vhost_memory_map(dev, a, &l, false); - if (!vq->desc || l != s) { + l = vq->desc_size; + vq->desc = vhost_memory_map(dev, vq->desc_phys, &l, false); + if (!vq->desc || l != vq->desc_size) { r = -ENOMEM; goto fail_alloc_desc; } - vq->avail_size = s = l = virtio_queue_get_avail_size(vdev, idx); - vq->avail_phys = a = virtio_queue_get_avail_addr(vdev, idx); - vq->avail = vhost_memory_map(dev, a, &l, false); - if (!vq->avail || l != s) { + + l = vq->avail_size; + vq->avail = vhost_memory_map(dev, vq->avail_phys, &l, false); + if (!vq->avail || l != vq->avail_size) { r = -ENOMEM; goto fail_alloc_avail; } - vq->used_size = s = l = virtio_queue_get_used_size(vdev, idx); - vq->used_phys = a = virtio_queue_get_used_addr(vdev, idx); - vq->used = vhost_memory_map(dev, a, &l, true); - if (!vq->used || l != s) { + + l = vq->used_size; + vq->used = vhost_memory_map(dev, vq->used_phys, &l, true); + if (!vq->used || l != vq->used_size) { r = -ENOMEM; goto fail_alloc_used; } From 0bc6fa244618b3a70cc09c328c4e7d0625a11a96 Mon Sep 17 00:00:00 2001 From: Stefan Weil Date: Tue, 9 Dec 2025 13:50:49 +0100 Subject: [PATCH 05/10] migration: Fix order of function arguments MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit This fixes a compiler error when higher warning levels are enabled: ../migration/postcopy-ram.c: In function ‘postcopy_temp_pages_setup’: ../migration/postcopy-ram.c:1483:50: error: ‘g_malloc0_n’ sizes specified with ‘sizeof’ in the earlier argument and not in the later argument [-Werror=calloc-transposed-args] 1483 | mis->postcopy_tmp_pages = g_malloc0_n(sizeof(PostcopyTmpPage), channels); | ^~~~~~~~~~~~~~~ ../migration/postcopy-ram.c:1483:50: note: earlier argument should specify number of elements, later size of each element Avoid also a related int/unsigned mismatch by fixing the type of two local variables. Signed-off-by: Stefan Weil Reviewed-by: Laurent Vivier Reviewed-by: Philippe Mathieu-Daudé Message-ID: <20251209125049.764095-1-sw@weilnetz.de> [PMD: Replace g_malloc0_n() by g_new0()] Signed-off-by: Philippe Mathieu-Daudé Acked-by: Peter Xu Message-Id: <20251209195010.83219-1-philmd@linaro.org> --- migration/postcopy-ram.c | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/migration/postcopy-ram.c b/migration/postcopy-ram.c index 7c9fe61041..715ef021a9 100644 --- a/migration/postcopy-ram.c +++ b/migration/postcopy-ram.c @@ -1467,7 +1467,8 @@ retry: static int postcopy_temp_pages_setup(MigrationIncomingState *mis) { PostcopyTmpPage *tmp_page; - int err, i, channels; + int err; + unsigned i, channels; void *temp_page; if (migrate_postcopy_preempt()) { @@ -1479,7 +1480,7 @@ static int postcopy_temp_pages_setup(MigrationIncomingState *mis) } channels = mis->postcopy_channels; - mis->postcopy_tmp_pages = g_malloc0_n(sizeof(PostcopyTmpPage), channels); + mis->postcopy_tmp_pages = g_new0(PostcopyTmpPage, channels); for (i = 0; i < channels; i++) { tmp_page = &mis->postcopy_tmp_pages[i]; From 4fdff25625724f682a1174d53ccf8b0d099733ca Mon Sep 17 00:00:00 2001 From: Stefan Weil Date: Tue, 9 Dec 2025 13:57:59 +0100 Subject: [PATCH 06/10] hw/pci: Fix typo in documentation MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Stefan Weil Reviewed-by: Philippe Mathieu-Daudé Reviewed-by: Laurent Vivier Message-ID: <20251209125759.764296-1-sw@weilnetz.de> Signed-off-by: Philippe Mathieu-Daudé --- include/hw/pci/pci.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/include/hw/pci/pci.h b/include/hw/pci/pci.h index 6bccb25ac2..b72e484500 100644 --- a/include/hw/pci/pci.h +++ b/include/hw/pci/pci.h @@ -751,7 +751,7 @@ int pci_iommu_register_iotlb_notifier(PCIDevice *dev, uint32_t pasid, /** * pci_iommu_unregister_iotlb_notifier: unregister a notifier that has been - * registerd with pci_iommu_register_iotlb_notifier. + * registered with pci_iommu_register_iotlb_notifier. * * Returns 0 on success, or a negative errno otherwise. * From e742b7bdc244499761a21bc1965580c6261a74bf Mon Sep 17 00:00:00 2001 From: Stefan Weil Date: Tue, 9 Dec 2025 14:02:12 +0100 Subject: [PATCH 07/10] scripts/nsis.py: Tell makensis that WoA is 64 bit MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit This fixes some settings like the default installation path for the QEMU installation on Windows on ARM (WoA). Signed-off-by: Stefan Weil Reviewed-by: Philippe Mathieu-Daudé Message-ID: <20251209130212.764443-1-sw@weilnetz.de> Signed-off-by: Philippe Mathieu-Daudé --- scripts/nsis.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/scripts/nsis.py b/scripts/nsis.py index 8f469634eb..33069f4a86 100644 --- a/scripts/nsis.py +++ b/scripts/nsis.py @@ -114,7 +114,7 @@ def main(): "-DSRCDIR=" + args.srcdir, "-DBINDIR=" + destdir + prefix, ] - if args.cpu == "x86_64": + if args.cpu == "aarch64" or args.cpu == "x86_64": makensis += ["-DW64"] makensis += ["-DDLLDIR=" + dlldir] From 326e620fc0145686124f754194cdc6d0d9b3400d Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?C=C3=A9dric=20Le=20Goater?= Date: Tue, 9 Dec 2025 18:43:28 +0100 Subject: [PATCH 08/10] Fix const qualifier build errors with recent glibc MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit A recent change in glibc 2.42.9000 [1] changes the return type of strstr() and other string functions to be 'const char *' when the input is a 'const char *'. This breaks the build in various files with errors such as : error: initialization discards 'const' qualifier from pointer target type [-Werror=discarded-qualifiers] 208 | char *pidstr = strstr(filename, "%"); | ^~~~~~ Fix this by changing the type of the variables that store the result of these functions to 'const char *'. [1] https://sourceware.org/git/?p=glibc.git;a=commit;h=cd748a63ab1a7ae846175c532a3daab341c62690 Signed-off-by: Cédric Le Goater Reviewed-by: Laurent Vivier Reviewed-by: Peter Maydell Reviewed-by: Philippe Mathieu-Daudé Message-ID: <20251209174328.698774-1-clg@redhat.com> Signed-off-by: Philippe Mathieu-Daudé --- backends/tpm/tpm_passthrough.c | 2 +- block/vmdk.c | 2 +- block/vvfat.c | 2 +- gdbstub/gdbstub.c | 2 +- qga/commands-linux.c | 7 ++++--- ui/ui-hmp-cmds.c | 2 +- util/log.c | 2 +- 7 files changed, 10 insertions(+), 9 deletions(-) diff --git a/backends/tpm/tpm_passthrough.c b/backends/tpm/tpm_passthrough.c index b7c7074c2a..a9f35ab7d6 100644 --- a/backends/tpm/tpm_passthrough.c +++ b/backends/tpm/tpm_passthrough.c @@ -211,7 +211,7 @@ static size_t tpm_passthrough_get_buffer_size(TPMBackend *tb) static int tpm_passthrough_open_sysfs_cancel(TPMPassthruState *tpm_pt) { int fd = -1; - char *dev; + const char *dev; char path[PATH_MAX]; if (tpm_pt->options->cancel_path) { diff --git a/block/vmdk.c b/block/vmdk.c index 3b35b63cb5..89e89cd10e 100644 --- a/block/vmdk.c +++ b/block/vmdk.c @@ -1089,7 +1089,7 @@ vmdk_open_vmdk4(BlockDriverState *bs, BdrvChild *file, int flags, static int vmdk_parse_description(const char *desc, const char *opt_name, char *buf, int buf_size) { - char *opt_pos, *opt_end; + const char *opt_pos, *opt_end; const char *end = desc + strlen(desc); opt_pos = strstr(desc, opt_name); diff --git a/block/vvfat.c b/block/vvfat.c index 814796d918..e334b9febb 100644 --- a/block/vvfat.c +++ b/block/vvfat.c @@ -1826,7 +1826,7 @@ cluster_was_modified(BDRVVVFATState *s, uint32_t cluster_num) static const char* get_basename(const char* path) { - char* basename = strrchr(path, '/'); + const char *basename = strrchr(path, '/'); if (basename == NULL) return path; else diff --git a/gdbstub/gdbstub.c b/gdbstub/gdbstub.c index dd5fb5667c..5b2fc06e58 100644 --- a/gdbstub/gdbstub.c +++ b/gdbstub/gdbstub.c @@ -362,7 +362,7 @@ static const char *get_feature_xml(const char *p, const char **newp, * qXfer:features:read:ANNEX:OFFSET,LENGTH' * ^p ^newp */ - char *term = strchr(p, ':'); + const char *term = strchr(p, ':'); *newp = term + 1; len = term - p; diff --git a/qga/commands-linux.c b/qga/commands-linux.c index 4a09ddc760..c639a60a94 100644 --- a/qga/commands-linux.c +++ b/qga/commands-linux.c @@ -403,7 +403,8 @@ static bool build_guest_fsinfo_for_pci_dev(char const *syspath, int i, offset, nhosts = 0, pcilen; GuestPCIAddress *pciaddr = disk->pci_controller; bool has_ata = false, has_host = false, has_tgt = false; - char *p, *driver = NULL; + const char *p; + char *driver = NULL; bool ret = false; p = strstr(syspath, "/devices/pci"); @@ -543,7 +544,7 @@ static bool build_guest_fsinfo_for_nonpci_virtio(char const *syspath, Error **errp) { unsigned int tgt[3]; - char *p; + const char *p; if (!strstr(syspath, "/virtio") || !strstr(syspath, "/block")) { g_debug("Unsupported virtio device '%s'", syspath); @@ -575,7 +576,7 @@ static bool build_guest_fsinfo_for_ccw_dev(char const *syspath, Error **errp) { unsigned int cssid, ssid, subchno, devno; - char *p; + const char *p; p = strstr(syspath, "/devices/css"); if (!p || sscanf(p + 12, "%*x/%x.%x.%x/%*x.%*x.%x/", diff --git a/ui/ui-hmp-cmds.c b/ui/ui-hmp-cmds.c index 980a8bbc51..6c93d452c9 100644 --- a/ui/ui-hmp-cmds.c +++ b/ui/ui-hmp-cmds.c @@ -418,7 +418,7 @@ err_out: void sendkey_completion(ReadLineState *rs, int nb_args, const char *str) { int i; - char *sep; + const char *sep; size_t len; if (nb_args != 2) { diff --git a/util/log.c b/util/log.c index 41f78ce86b..c44d66b5ce 100644 --- a/util/log.c +++ b/util/log.c @@ -203,7 +203,7 @@ static ValidFilenameTemplateResult valid_filename_template(const char *filename, bool per_thread, Error **errp) { if (filename) { - char *pidstr = strstr(filename, "%"); + const char *pidstr = strstr(filename, "%"); if (pidstr) { /* We only accept one %d, no other format strings */ From 0d42e48c73d3840fec57a6c4309b9a078138c6ce Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Philippe=20Mathieu-Daud=C3=A9?= Date: Tue, 9 Dec 2025 20:11:09 +0100 Subject: [PATCH 09/10] Revert "migration/vmstate: remove VMSTATE_BUFFER_POINTER_UNSAFE macro" MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Next commit will re-use VMSTATE_BUFFER_POINTER_UNSAFE(). This reverts commit 58341158d022823234d25fd337654a82fa6d157b. Suggested-by: Fiona Ebner Signed-off-by: Philippe Mathieu-Daudé --- include/migration/vmstate.h | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/include/migration/vmstate.h b/include/migration/vmstate.h index df57e6550a..a87a5efa42 100644 --- a/include/migration/vmstate.h +++ b/include/migration/vmstate.h @@ -727,6 +727,15 @@ extern const VMStateInfo vmstate_info_qlist; .offset = offsetof(_state, _field), \ } +#define VMSTATE_BUFFER_POINTER_UNSAFE(_field, _state, _version, _size) { \ + .name = (stringify(_field)), \ + .version_id = (_version), \ + .size = (_size), \ + .info = &vmstate_info_buffer, \ + .flags = VMS_BUFFER | VMS_POINTER, \ + .offset = offsetof(_state, _field), \ +} + /* Allocate a temporary of type 'tmp_type', set tmp->parent to _state * and execute the vmsd on the temporary. Note that we're working with * the whole of _state here, not a field within it. From efd6b3d1768d04d5491b62ad7385f623fb12f627 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Philippe=20Mathieu-Daud=C3=A9?= Date: Tue, 9 Dec 2025 20:11:17 +0100 Subject: [PATCH 10/10] Revert "hw/net/virtio-net: make VirtIONet.vlans an array instead of a pointer" MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Per https://lore.kernel.org/qemu-devel/7798584d-e861-47b7-af52-2c2efb67a4de@proxmox.com/: Loading a VM state taken with v10.1.2 or older doesn't work anymore, using the script [*] we get: kvm: VQ 1 size 0x100 < last_avail_idx 0x9 - used_idx 0x3e30 kvm: load of migration failed: Operation not permitted: error while loading state for instance 0x0 of device '0000:00:13.0/virtio-net': Failed to load element of type virtio for virtio: -1 qemu-system-x86_64: Missing section footer for 0000:00:13.0/virtio-net qemu-system-x86_64: Section footer error, section_id: 41 [*]: #!/bin/bash rm /tmp/disk.qcow2 args=" -netdev type=tap,id=net1,ifname=tap104i1,script=/usr/libexec/qemu-server/pve-bridge,downscript=/usr/libexec/qemu-server/pve-bridgedown,vhost=on -device virtio-net-pci,mac=BC:24:11:32:3C:69,netdev=net1,bus=pci.0,addr=0x13,id=net1 -machine type=pc-i440fx-10.1 " $1/qemu-img create -f qcow2 /tmp/disk.qcow2 1G $1/qemu-system-x86_64 --qmp stdio --blockdev qcow2,node-name=node0,file.driver=file,file.filename=/tmp/disk.qcow2 $args < Suggested-by: Fiona Ebner Signed-off-by: Philippe Mathieu-Daudé --- hw/net/virtio-net.c | 9 +++++---- include/hw/virtio/virtio-net.h | 2 +- 2 files changed, 6 insertions(+), 5 deletions(-) diff --git a/hw/net/virtio-net.c b/hw/net/virtio-net.c index f5d93eb400..ca813203d7 100644 --- a/hw/net/virtio-net.c +++ b/hw/net/virtio-net.c @@ -986,7 +986,7 @@ static void virtio_net_set_features(VirtIODevice *vdev, virtio_has_feature_ex(vdev->guest_features_ex, VIRTIO_NET_F_CTRL_VLAN)) { bool vlan = virtio_has_feature_ex(features, VIRTIO_NET_F_CTRL_VLAN); - memset(n->vlans, vlan ? 0 : 0xff, sizeof(n->vlans)); + memset(n->vlans, vlan ? 0 : 0xff, MAX_VLAN >> 3); } if (virtio_has_feature_ex(features, VIRTIO_NET_F_STANDBY)) { @@ -3598,8 +3598,7 @@ static const VMStateDescription vmstate_virtio_net_device = { * buffer; hold onto your endiannesses; it's actually used as a bitmap * but based on the uint. */ - VMSTATE_BUFFER_UNSAFE(vlans, VirtIONet, 0, - sizeof(typeof_field(VirtIONet, vlans))), + VMSTATE_BUFFER_POINTER_UNSAFE(vlans, VirtIONet, 0, MAX_VLAN >> 3), VMSTATE_WITH_TMP(VirtIONet, struct VirtIONetMigTmp, vmstate_virtio_net_has_vnet), VMSTATE_UINT8(mac_table.multi_overflow, VirtIONet), @@ -4017,7 +4016,8 @@ static void virtio_net_device_realize(DeviceState *dev, Error **errp) n->mac_table.macs = g_malloc0(MAC_TABLE_ENTRIES * ETH_ALEN); - memset(n->vlans, 0xff, sizeof(n->vlans)); + n->vlans = g_malloc0(MAX_VLAN >> 3); + memset(n->vlans, 0xff, MAX_VLAN >> 3); nc = qemu_get_queue(n->nic); nc->rxfilter_notify_enabled = 1; @@ -4066,6 +4066,7 @@ static void virtio_net_device_unrealize(DeviceState *dev) n->netclient_type = NULL; g_free(n->mac_table.macs); + g_free(n->vlans); if (n->failover) { qobject_unref(n->primary_opts); diff --git a/include/hw/virtio/virtio-net.h b/include/hw/virtio/virtio-net.h index f708355306..5b8ab7bda7 100644 --- a/include/hw/virtio/virtio-net.h +++ b/include/hw/virtio/virtio-net.h @@ -202,7 +202,7 @@ struct VirtIONet { uint8_t uni_overflow; uint8_t *macs; } mac_table; - uint32_t vlans[MAX_VLAN]; + uint32_t *vlans; virtio_net_conf net_conf; NICConf nic_conf; DeviceState *qdev;