From 14e6eca34d12e748275ee27a7c44d7a30fb543dd Mon Sep 17 00:00:00 2001 From: Andrew Lukoshko Date: Thu, 7 Aug 2025 11:00:30 +0000 Subject: [PATCH] import OL qemu-kvm-9.1.0-15.el9_6.7 --- ...atic-zero-init-of-large-array-in-ioq.patch | 48 ++++ ...skip-automatic-zero-init-of-large-ar.patch | 49 ++++ ...-skip-automatic-zero-init-of-large-a.patch | 49 ++++ ...ket-skip-automatic-zero-init-of-larg.patch | 49 ++++ ...le-posix-Define-DM_MPATH_PROBE_PATHS.patch | 42 ++++ ...-paths-and-retry-SG_IO-on-potential-.patch | 215 ++++++++++++++++++ ...ip-automatic-zero-init-of-large-arra.patch | 57 +++++ ...-skip-automatic-zero-init-of-large-a.patch | 59 +++++ ...skip-automatic-zero-init-of-large-ar.patch | 49 ++++ ...p-automatic-zero-init-of-large-array.patch | 48 ++++ ..._88w8618-skip-automatic-zero-init-of.patch | 50 ++++ ...ip-automatic-zero-init-of-large-arra.patch | 48 ++++ ...7-skip-automatic-zero-init-of-large-.patch | 49 ++++ ...ole-lm-skip-automatic-zero-init-of-l.patch | 49 ++++ ...e_vga-skip-automatic-zero-init-of-la.patch | 49 ++++ ...dma-skip-automatic-zero-init-of-larg.patch | 47 ++++ ...-skip-automatic-zero-init-of-large-a.patch | 56 +++++ ...-i386-Fix-machine-type-compatibility.patch | 87 +++++++ ...ace-skip-automatic-zero-init-of-larg.patch | 57 +++++ ...kip-automatic-zero-init-of-large-arr.patch | 48 ++++ ...p-automatic-zero-init-of-large-array.patch | 47 ++++ ...t-skip-automatic-zero-init-of-large-.patch | 54 +++++ ...p-automatic-zero-init-of-large-array.patch | 47 ++++ ...p-automatic-zero-init-of-large-array.patch | 72 ++++++ ..._proxy-skip-automatic-zero-init-of-l.patch | 52 +++++ ...5a-skip-automatic-zero-init-of-large.patch | 49 ++++ ...skip-automatic-zero-init-of-large-ar.patch | 73 ++++++ ...p-automatic-zero-init-of-large-array.patch | 50 ++++ ...skip-automatic-zero-init-of-large-ar.patch | 50 ++++ ...-avoid-cost-of-ftrivial-auto-var-ini.patch | 73 ++++++ ...piler-add-QEMU_UNINITIALIZED-attribu.patch | 80 +++++++ ...p-automatic-zero-init-of-large-array.patch | 49 ++++ ...p-automatic-zero-init-of-large-array.patch | 49 ++++ ...splay-update-interval-when-VM-state-.patch | 97 ++++++++ SPECS/qemu-kvm.spec | 118 +++++++++- 35 files changed, 2164 insertions(+), 1 deletion(-) create mode 100644 SOURCES/kvm-block-skip-automatic-zero-init-of-large-array-in-ioq.patch create mode 100644 SOURCES/kvm-chardev-char-fd-skip-automatic-zero-init-of-large-ar.patch create mode 100644 SOURCES/kvm-chardev-char-pty-skip-automatic-zero-init-of-large-a.patch create mode 100644 SOURCES/kvm-chardev-char-socket-skip-automatic-zero-init-of-larg.patch create mode 100644 SOURCES/kvm-file-posix-Define-DM_MPATH_PROBE_PATHS.patch create mode 100644 SOURCES/kvm-file-posix-Probe-paths-and-retry-SG_IO-on-potential-.patch create mode 100644 SOURCES/kvm-hw-audio-ac97-skip-automatic-zero-init-of-large-arra.patch create mode 100644 SOURCES/kvm-hw-audio-cs4231a-skip-automatic-zero-init-of-large-a.patch create mode 100644 SOURCES/kvm-hw-audio-es1370-skip-automatic-zero-init-of-large-ar.patch create mode 100644 SOURCES/kvm-hw-audio-gus-skip-automatic-zero-init-of-large-array.patch create mode 100644 SOURCES/kvm-hw-audio-marvell_88w8618-skip-automatic-zero-init-of.patch create mode 100644 SOURCES/kvm-hw-audio-sb16-skip-automatic-zero-init-of-large-arra.patch create mode 100644 SOURCES/kvm-hw-audio-via-ac97-skip-automatic-zero-init-of-large-.patch create mode 100644 SOURCES/kvm-hw-char-sclpconsole-lm-skip-automatic-zero-init-of-l.patch create mode 100644 SOURCES/kvm-hw-display-vmware_vga-skip-automatic-zero-init-of-la.patch create mode 100644 SOURCES/kvm-hw-dma-xlnx_csu_dma-skip-automatic-zero-init-of-larg.patch create mode 100644 SOURCES/kvm-hw-hyperv-syndbg-skip-automatic-zero-init-of-large-a.patch create mode 100644 SOURCES/kvm-hw-i386-Fix-machine-type-compatibility.patch create mode 100644 SOURCES/kvm-hw-misc-aspeed_hace-skip-automatic-zero-init-of-larg.patch create mode 100644 SOURCES/kvm-hw-net-rtl8139-skip-automatic-zero-init-of-large-arr.patch create mode 100644 SOURCES/kvm-hw-net-tulip-skip-automatic-zero-init-of-large-array.patch create mode 100644 SOURCES/kvm-hw-net-virtio-net-skip-automatic-zero-init-of-large-.patch create mode 100644 SOURCES/kvm-hw-net-xgamc-skip-automatic-zero-init-of-large-array.patch create mode 100644 SOURCES/kvm-hw-nvme-ctrl-skip-automatic-zero-init-of-large-array.patch create mode 100644 SOURCES/kvm-hw-ppc-spapr_tpm_proxy-skip-automatic-zero-init-of-l.patch create mode 100644 SOURCES/kvm-hw-scsi-lsi53c895a-skip-automatic-zero-init-of-large.patch create mode 100644 SOURCES/kvm-hw-scsi-megasas-skip-automatic-zero-init-of-large-ar.patch create mode 100644 SOURCES/kvm-hw-ufs-lu-skip-automatic-zero-init-of-large-array.patch create mode 100644 SOURCES/kvm-hw-usb-hcd-ohci-skip-automatic-zero-init-of-large-ar.patch create mode 100644 SOURCES/kvm-hw-virtio-virtio-avoid-cost-of-ftrivial-auto-var-ini.patch create mode 100644 SOURCES/kvm-include-qemu-compiler-add-QEMU_UNINITIALIZED-attribu.patch create mode 100644 SOURCES/kvm-net-socket-skip-automatic-zero-init-of-large-array.patch create mode 100644 SOURCES/kvm-net-stream-skip-automatic-zero-init-of-large-array.patch create mode 100644 SOURCES/kvm-ui-vnc-Update-display-update-interval-when-VM-state-.patch diff --git a/SOURCES/kvm-block-skip-automatic-zero-init-of-large-array-in-ioq.patch b/SOURCES/kvm-block-skip-automatic-zero-init-of-large-array-in-ioq.patch new file mode 100644 index 0000000..9582a9f --- /dev/null +++ b/SOURCES/kvm-block-skip-automatic-zero-init-of-large-array-in-ioq.patch @@ -0,0 +1,48 @@ +From 9f8ff1d0ef010b9c0339869f655ee9af6b10dcd5 Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Daniel=20P=2E=20Berrang=C3=A9?= +Date: Tue, 10 Jun 2025 13:36:41 +0100 +Subject: [PATCH 04/31] block: skip automatic zero-init of large array in + ioq_submit +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +RH-Author: Stefan Hajnoczi +RH-MergeRequest: 461: Solve -ftrivial-auto-var-init performance regression with QEMU_UNINITIALIZED +RH-Jira: RHEL-99887 +RH-Acked-by: Miroslav Rezanina +RH-Commit: [3/30] 0a24695ab7f3a11ab61b12ae2b95bd45a7babc05 + +The 'ioq_submit' method has a struct array that is 8k in size. +Skip the automatic zero-init of this array to eliminate the +performance overhead in the I/O hot path. + +The 'iocbs' array will selectively initialized when processing +the I/O data. + +Signed-off-by: Daniel P. Berrangé +Reviewed-by: Stefan Hajnoczi +Message-id: 20250610123709.835102-4-berrange@redhat.com +Signed-off-by: Stefan Hajnoczi +(cherry picked from commit 83750c1da807c973b0b11d977d61df7e41122d03) +Signed-off-by: Stefan Hajnoczi +--- + block/linux-aio.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/block/linux-aio.c b/block/linux-aio.c +index e3b5ec9aba..26d9f086d2 100644 +--- a/block/linux-aio.c ++++ b/block/linux-aio.c +@@ -291,7 +291,7 @@ static void ioq_submit(LinuxAioState *s) + { + int ret, len; + struct qemu_laiocb *aiocb; +- struct iocb *iocbs[MAX_EVENTS]; ++ QEMU_UNINITIALIZED struct iocb *iocbs[MAX_EVENTS]; + QSIMPLEQ_HEAD(, qemu_laiocb) completed; + + do { +-- +2.39.3 + diff --git a/SOURCES/kvm-chardev-char-fd-skip-automatic-zero-init-of-large-ar.patch b/SOURCES/kvm-chardev-char-fd-skip-automatic-zero-init-of-large-ar.patch new file mode 100644 index 0000000..90c5387 --- /dev/null +++ b/SOURCES/kvm-chardev-char-fd-skip-automatic-zero-init-of-large-ar.patch @@ -0,0 +1,49 @@ +From c336909ad95540147d9cfed843874ddd986ad917 Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Daniel=20P=2E=20Berrang=C3=A9?= +Date: Tue, 10 Jun 2025 13:36:42 +0100 +Subject: [PATCH 05/31] chardev/char-fd: skip automatic zero-init of large + array +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +RH-Author: Stefan Hajnoczi +RH-MergeRequest: 461: Solve -ftrivial-auto-var-init performance regression with QEMU_UNINITIALIZED +RH-Jira: RHEL-99887 +RH-Acked-by: Miroslav Rezanina +RH-Commit: [4/30] e9adf42d47ddd90cc15862e711de0a90d1d25e0a + +The 'fd_chr_read' method has a 4k byte array used for copying +data between the socket and device. Skip the automatic zero-init +of this array to eliminate the performance overhead in the I/O +hot path. + +The 'buf' array will be fully initialized when reading data off +the network socket. + +Signed-off-by: Daniel P. Berrangé +Reviewed-by: Stefan Hajnoczi +Message-id: 20250610123709.835102-5-berrange@redhat.com +Signed-off-by: Stefan Hajnoczi +(cherry picked from commit a503bdc22b91869e3bf45522e36b122889465306) +Signed-off-by: Stefan Hajnoczi +--- + chardev/char-fd.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/chardev/char-fd.c b/chardev/char-fd.c +index d2c4923359..8dd662c066 100644 +--- a/chardev/char-fd.c ++++ b/chardev/char-fd.c +@@ -50,7 +50,7 @@ static gboolean fd_chr_read(QIOChannel *chan, GIOCondition cond, void *opaque) + Chardev *chr = CHARDEV(opaque); + FDChardev *s = FD_CHARDEV(opaque); + int len; +- uint8_t buf[CHR_READ_BUF_LEN]; ++ QEMU_UNINITIALIZED uint8_t buf[CHR_READ_BUF_LEN]; + ssize_t ret; + + len = sizeof(buf); +-- +2.39.3 + diff --git a/SOURCES/kvm-chardev-char-pty-skip-automatic-zero-init-of-large-a.patch b/SOURCES/kvm-chardev-char-pty-skip-automatic-zero-init-of-large-a.patch new file mode 100644 index 0000000..333fdfd --- /dev/null +++ b/SOURCES/kvm-chardev-char-pty-skip-automatic-zero-init-of-large-a.patch @@ -0,0 +1,49 @@ +From 489ead1e7d721c0f689626e6d5d22241ffdd7bc8 Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Daniel=20P=2E=20Berrang=C3=A9?= +Date: Tue, 10 Jun 2025 13:36:43 +0100 +Subject: [PATCH 06/31] chardev/char-pty: skip automatic zero-init of large + array +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +RH-Author: Stefan Hajnoczi +RH-MergeRequest: 461: Solve -ftrivial-auto-var-init performance regression with QEMU_UNINITIALIZED +RH-Jira: RHEL-99887 +RH-Acked-by: Miroslav Rezanina +RH-Commit: [5/30] 09be65fa8c25dadbd472321cacc96badf0a2d963 + +The 'pty_chr_read' method has a 4k byte array used for copying +data between the PTY and device. Skip the automatic zero-init +of this array to eliminate the performance overhead in the I/O +hot path. + +The 'buf' array will be fully initialized when reading data off +the PTY. + +Signed-off-by: Daniel P. Berrangé +Reviewed-by: Stefan Hajnoczi +Message-id: 20250610123709.835102-6-berrange@redhat.com +Signed-off-by: Stefan Hajnoczi +(cherry picked from commit 45bb7fb21c8d18294a9f92da99d01ab3c67c7df2) +Signed-off-by: Stefan Hajnoczi +--- + chardev/char-pty.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/chardev/char-pty.c b/chardev/char-pty.c +index cc2f7617fe..3319ad215d 100644 +--- a/chardev/char-pty.c ++++ b/chardev/char-pty.c +@@ -152,7 +152,7 @@ static gboolean pty_chr_read(QIOChannel *chan, GIOCondition cond, void *opaque) + Chardev *chr = CHARDEV(opaque); + PtyChardev *s = PTY_CHARDEV(opaque); + gsize len; +- uint8_t buf[CHR_READ_BUF_LEN]; ++ QEMU_UNINITIALIZED uint8_t buf[CHR_READ_BUF_LEN]; + ssize_t ret; + + len = sizeof(buf); +-- +2.39.3 + diff --git a/SOURCES/kvm-chardev-char-socket-skip-automatic-zero-init-of-larg.patch b/SOURCES/kvm-chardev-char-socket-skip-automatic-zero-init-of-larg.patch new file mode 100644 index 0000000..fb89fa5 --- /dev/null +++ b/SOURCES/kvm-chardev-char-socket-skip-automatic-zero-init-of-larg.patch @@ -0,0 +1,49 @@ +From 67cf0b18b68071b7b0a036b715f9d406f0bc1ec7 Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Daniel=20P=2E=20Berrang=C3=A9?= +Date: Tue, 10 Jun 2025 13:36:44 +0100 +Subject: [PATCH 07/31] chardev/char-socket: skip automatic zero-init of large + array +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +RH-Author: Stefan Hajnoczi +RH-MergeRequest: 461: Solve -ftrivial-auto-var-init performance regression with QEMU_UNINITIALIZED +RH-Jira: RHEL-99887 +RH-Acked-by: Miroslav Rezanina +RH-Commit: [6/30] fa1d406d2f9be389090614d666466fb94f480f84 + +The 'tcp_chr_read' method has a 4k byte array used for copying +data between the socket and device. Skip the automatic zero-init +of this array to eliminate the performance overhead in the I/O +hot path. + +The 'buf' array will be fully initialized when reading data off +the network socket. + +Signed-off-by: Daniel P. Berrangé +Reviewed-by: Stefan Hajnoczi +Message-id: 20250610123709.835102-7-berrange@redhat.com +Signed-off-by: Stefan Hajnoczi +(cherry picked from commit 9a23075cef1ac6e73a95a489ac72f41c573ceb9b) +Signed-off-by: Stefan Hajnoczi +--- + chardev/char-socket.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/chardev/char-socket.c b/chardev/char-socket.c +index 1ca9441b1b..99d644e89f 100644 +--- a/chardev/char-socket.c ++++ b/chardev/char-socket.c +@@ -497,7 +497,7 @@ static gboolean tcp_chr_read(QIOChannel *chan, GIOCondition cond, void *opaque) + { + Chardev *chr = CHARDEV(opaque); + SocketChardev *s = SOCKET_CHARDEV(opaque); +- uint8_t buf[CHR_READ_BUF_LEN]; ++ QEMU_UNINITIALIZED uint8_t buf[CHR_READ_BUF_LEN]; + int len, size; + + if ((s->state != TCP_CHARDEV_STATE_CONNECTED) || +-- +2.39.3 + diff --git a/SOURCES/kvm-file-posix-Define-DM_MPATH_PROBE_PATHS.patch b/SOURCES/kvm-file-posix-Define-DM_MPATH_PROBE_PATHS.patch new file mode 100644 index 0000000..07a4834 --- /dev/null +++ b/SOURCES/kvm-file-posix-Define-DM_MPATH_PROBE_PATHS.patch @@ -0,0 +1,42 @@ +From 762f24e92b93c0e8cbb5b0abe135d29fb444737d Mon Sep 17 00:00:00 2001 +From: Kevin Wolf +Date: Tue, 29 Apr 2025 17:05:41 +0200 +Subject: [PATCH 1/2] file-posix: Define DM_MPATH_PROBE_PATHS + +RH-Author: Kevin Wolf +RH-MergeRequest: 456: file-posix: Fix multipath failover with SCSI passthrough [9.6.z] +RH-Jira: RHEL-95407 +RH-Acked-by: Hanna Czenczek +RH-Acked-by: Stefan Hajnoczi +RH-Commit: [1/2] 0d9ec74bf3bb999c8baa929e0d25682680fa1731 (kmwolf/rhel-qemu-kvm) + +While the kernel side isn't merged yet and we're still using old kernel +headers, just define DM_MPATH_PROBE_PATHS manually. + +This is a downstream-only patch that can be removed after the next minor +release. + +Signed-off-by: Kevin Wolf +--- + block/file-posix.c | 5 +++++ + 1 file changed, 5 insertions(+) + +diff --git a/block/file-posix.c b/block/file-posix.c +index 0cb4e922c0..6a5c506549 100644 +--- a/block/file-posix.c ++++ b/block/file-posix.c +@@ -134,6 +134,11 @@ + #define RAW_LOCK_PERM_BASE 100 + #define RAW_LOCK_SHARED_BASE 200 + ++/* TODO Remove this when the kernel side is merged */ ++#if !defined(DM_MPATH_PROBE_PATHS) && defined(DM_GET_TARGET_VERSION) ++#define DM_MPATH_PROBE_PATHS _IO(DM_IOCTL, DM_GET_TARGET_VERSION_CMD + 1) ++#endif ++ + typedef struct BDRVRawState { + int fd; + bool use_lock; +-- +2.48.1 + diff --git a/SOURCES/kvm-file-posix-Probe-paths-and-retry-SG_IO-on-potential-.patch b/SOURCES/kvm-file-posix-Probe-paths-and-retry-SG_IO-on-potential-.patch new file mode 100644 index 0000000..3a6c478 --- /dev/null +++ b/SOURCES/kvm-file-posix-Probe-paths-and-retry-SG_IO-on-potential-.patch @@ -0,0 +1,215 @@ +From 50b1a3ec7cfea5a92069e043e8f77a2595480d20 Mon Sep 17 00:00:00 2001 +From: Kevin Wolf +Date: Thu, 22 May 2025 15:08:03 +0200 +Subject: [PATCH 2/2] file-posix: Probe paths and retry SG_IO on potential path + errors + +RH-Author: Kevin Wolf +RH-MergeRequest: 456: file-posix: Fix multipath failover with SCSI passthrough [9.6.z] +RH-Jira: RHEL-95407 +RH-Acked-by: Hanna Czenczek +RH-Acked-by: Stefan Hajnoczi +RH-Commit: [2/2] 2f4aed9004889e9df25e30c2273f2524a67c666c (kmwolf/rhel-qemu-kvm) + +When scsi-block is used on a host multipath device, it runs into the +problem that the kernel dm-mpath doesn't know anything about SCSI or +SG_IO and therefore can't decide if a SG_IO request returned an error +and needs to be retried on a different path. Instead of getting working +failover, an error is returned to scsi-block and handled according to +the configured error policy. Obviously, this is not what users want, +they want working failover. + +QEMU can parse the SG_IO result and determine whether this could have +been a path error, but just retrying the same request could just send it +to the same failing path again and result in the same error. + +With a kernel that supports the DM_MPATH_PROBE_PATHS ioctl on dm-mpath +block devices (queued in the device mapper tree for Linux 6.16), we can +tell the kernel to probe all paths and tell us if any usable paths +remained. If so, we can now retry the SG_IO ioctl and expect it to be +sent to a working path. + +Signed-off-by: Kevin Wolf +Message-ID: <20250522130803.34738-1-kwolf@redhat.com> +Reviewed-by: Stefan Hajnoczi +Reviewed-by: Hanna Czenczek +Signed-off-by: Kevin Wolf +(cherry picked from commit bf627788ef17721955bfcfba84209a07ae5f54ea) +Signed-off-by: Kevin Wolf +--- + block/file-posix.c | 115 ++++++++++++++++++++++++++++++++++++++++++++- + 1 file changed, 114 insertions(+), 1 deletion(-) + +diff --git a/block/file-posix.c b/block/file-posix.c +index 6a5c506549..f17a3f4d10 100644 +--- a/block/file-posix.c ++++ b/block/file-posix.c +@@ -41,6 +41,7 @@ + + #include "scsi/pr-manager.h" + #include "scsi/constants.h" ++#include "scsi/utils.h" + + #if defined(__APPLE__) && (__MACH__) + #include +@@ -72,6 +73,7 @@ + #include + #endif + #include ++#include + #include + #include + #include +@@ -139,6 +141,22 @@ + #define DM_MPATH_PROBE_PATHS _IO(DM_IOCTL, DM_GET_TARGET_VERSION_CMD + 1) + #endif + ++/* ++ * Multiple retries are mostly meant for two separate scenarios: ++ * ++ * - DM_MPATH_PROBE_PATHS returns success, but before SG_IO completes, another ++ * path goes down. ++ * ++ * - DM_MPATH_PROBE_PATHS failed all paths in the current path group, so we have ++ * to send another SG_IO to switch to another path group to probe the paths in ++ * it. ++ * ++ * Even if each path is in a separate path group (path_grouping_policy set to ++ * failover), it's rare to have more than eight path groups - and even then ++ * pretty unlikely that only bad path groups would be chosen in eight retries. ++ */ ++#define SG_IO_MAX_RETRIES 8 ++ + typedef struct BDRVRawState { + int fd; + bool use_lock; +@@ -166,6 +184,7 @@ typedef struct BDRVRawState { + bool use_linux_aio:1; + bool has_laio_fdsync:1; + bool use_linux_io_uring:1; ++ bool use_mpath:1; + int page_cache_inconsistent; /* errno from fdatasync failure */ + bool has_fallocate; + bool needs_alignment; +@@ -4248,15 +4267,105 @@ hdev_open_Mac_error: + /* Since this does ioctl the device must be already opened */ + bs->sg = hdev_is_sg(bs); + ++ /* sg devices aren't even block devices and can't use dm-mpath */ ++ s->use_mpath = !bs->sg; ++ + return ret; + } + + #if defined(__linux__) ++#if defined(DM_MPATH_PROBE_PATHS) ++static bool coroutine_fn sgio_path_error(int ret, sg_io_hdr_t *io_hdr) ++{ ++ if (ret < 0) { ++ switch (ret) { ++ case -ENODEV: ++ return true; ++ case -EAGAIN: ++ /* ++ * The device is probably suspended. This happens while the dm table ++ * is reloaded, e.g. because a path is added or removed. This is an ++ * operation that should complete within 1ms, so just wait a bit and ++ * retry. ++ * ++ * If the device was suspended for another reason, we'll wait and ++ * retry SG_IO_MAX_RETRIES times. This is a tolerable delay before ++ * we return an error and potentially stop the VM. ++ */ ++ qemu_co_sleep_ns(QEMU_CLOCK_REALTIME, 1000000); ++ return true; ++ default: ++ return false; ++ } ++ } ++ ++ if (io_hdr->host_status != SCSI_HOST_OK) { ++ return true; ++ } ++ ++ switch (io_hdr->status) { ++ case GOOD: ++ case CONDITION_GOOD: ++ case INTERMEDIATE_GOOD: ++ case INTERMEDIATE_C_GOOD: ++ case RESERVATION_CONFLICT: ++ case COMMAND_TERMINATED: ++ return false; ++ case CHECK_CONDITION: ++ return !scsi_sense_buf_is_guest_recoverable(io_hdr->sbp, ++ io_hdr->mx_sb_len); ++ default: ++ return true; ++ } ++} ++ ++static bool coroutine_fn hdev_co_ioctl_sgio_retry(RawPosixAIOData *acb, int ret) ++{ ++ BDRVRawState *s = acb->bs->opaque; ++ RawPosixAIOData probe_acb; ++ ++ if (!s->use_mpath) { ++ return false; ++ } ++ ++ if (!sgio_path_error(ret, acb->ioctl.buf)) { ++ return false; ++ } ++ ++ probe_acb = (RawPosixAIOData) { ++ .bs = acb->bs, ++ .aio_type = QEMU_AIO_IOCTL, ++ .aio_fildes = s->fd, ++ .aio_offset = 0, ++ .ioctl = { ++ .buf = NULL, ++ .cmd = DM_MPATH_PROBE_PATHS, ++ }, ++ }; ++ ++ ret = raw_thread_pool_submit(handle_aiocb_ioctl, &probe_acb); ++ if (ret == -ENOTTY) { ++ s->use_mpath = false; ++ } else if (ret == -EAGAIN) { ++ /* The device might be suspended for a table reload, worth retrying */ ++ return true; ++ } ++ ++ return ret == 0; ++} ++#else ++static bool coroutine_fn hdev_co_ioctl_sgio_retry(RawPosixAIOData *acb, int ret) ++{ ++ return false; ++} ++#endif /* DM_MPATH_PROBE_PATHS */ ++ + static int coroutine_fn + hdev_co_ioctl(BlockDriverState *bs, unsigned long int req, void *buf) + { + BDRVRawState *s = bs->opaque; + RawPosixAIOData acb; ++ int retries = SG_IO_MAX_RETRIES; + int ret; + + ret = fd_open(bs); +@@ -4284,7 +4393,11 @@ hdev_co_ioctl(BlockDriverState *bs, unsigned long int req, void *buf) + }, + }; + +- return raw_thread_pool_submit(handle_aiocb_ioctl, &acb); ++ do { ++ ret = raw_thread_pool_submit(handle_aiocb_ioctl, &acb); ++ } while (req == SG_IO && retries-- && hdev_co_ioctl_sgio_retry(&acb, ret)); ++ ++ return ret; + } + #endif /* linux */ + +-- +2.48.1 + diff --git a/SOURCES/kvm-hw-audio-ac97-skip-automatic-zero-init-of-large-arra.patch b/SOURCES/kvm-hw-audio-ac97-skip-automatic-zero-init-of-large-arra.patch new file mode 100644 index 0000000..a2c5133 --- /dev/null +++ b/SOURCES/kvm-hw-audio-ac97-skip-automatic-zero-init-of-large-arra.patch @@ -0,0 +1,57 @@ +From d589e33ff7dea4aeb69fe205bea02fb6bd7da618 Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Daniel=20P=2E=20Berrang=C3=A9?= +Date: Tue, 10 Jun 2025 13:36:45 +0100 +Subject: [PATCH 08/31] hw/audio/ac97: skip automatic zero-init of large arrays +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +RH-Author: Stefan Hajnoczi +RH-MergeRequest: 461: Solve -ftrivial-auto-var-init performance regression with QEMU_UNINITIALIZED +RH-Jira: RHEL-99887 +RH-Acked-by: Miroslav Rezanina +RH-Commit: [7/30] a2898256b990c1916082a9938740d0fe53da5325 + +The 'read_audio' & 'write_audio' methods have a 4k byte array used +for copying data between the audio backend and device. Skip the +automatic zero-init of these arrays to eliminate the performance +overhead in the I/O hot path. + +The 'tmpbuf' array will be fully initialized when reading data from +the audio backend and/or device memory. + +Signed-off-by: Daniel P. Berrangé +Reviewed-by: Stefan Hajnoczi +Message-id: 20250610123709.835102-8-berrange@redhat.com +Signed-off-by: Stefan Hajnoczi +(cherry picked from commit 2553d2d26a9d0f46386bf8c37d184567e5cede6c) +Signed-off-by: Stefan Hajnoczi +--- + hw/audio/ac97.c | 4 ++-- + 1 file changed, 2 insertions(+), 2 deletions(-) + +diff --git a/hw/audio/ac97.c b/hw/audio/ac97.c +index 3f0053f94d..681b5752a1 100644 +--- a/hw/audio/ac97.c ++++ b/hw/audio/ac97.c +@@ -886,7 +886,7 @@ static void nabm_writel(void *opaque, uint32_t addr, uint32_t val) + static int write_audio(AC97LinkState *s, AC97BusMasterRegs *r, + int max, int *stop) + { +- uint8_t tmpbuf[4096]; ++ QEMU_UNINITIALIZED uint8_t tmpbuf[4096]; + uint32_t addr = r->bd.addr; + uint32_t temp = r->picb << 1; + uint32_t written = 0; +@@ -959,7 +959,7 @@ static void write_bup(AC97LinkState *s, int elapsed) + static int read_audio(AC97LinkState *s, AC97BusMasterRegs *r, + int max, int *stop) + { +- uint8_t tmpbuf[4096]; ++ QEMU_UNINITIALIZED uint8_t tmpbuf[4096]; + uint32_t addr = r->bd.addr; + uint32_t temp = r->picb << 1; + uint32_t nread = 0; +-- +2.39.3 + diff --git a/SOURCES/kvm-hw-audio-cs4231a-skip-automatic-zero-init-of-large-a.patch b/SOURCES/kvm-hw-audio-cs4231a-skip-automatic-zero-init-of-large-a.patch new file mode 100644 index 0000000..6ee3f30 --- /dev/null +++ b/SOURCES/kvm-hw-audio-cs4231a-skip-automatic-zero-init-of-large-a.patch @@ -0,0 +1,59 @@ +From 63094ee4645705be09f68c547e3f1775ca528951 Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Daniel=20P=2E=20Berrang=C3=A9?= +Date: Tue, 10 Jun 2025 13:36:46 +0100 +Subject: [PATCH 09/31] hw/audio/cs4231a: skip automatic zero-init of large + arrays +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +RH-Author: Stefan Hajnoczi +RH-MergeRequest: 461: Solve -ftrivial-auto-var-init performance regression with QEMU_UNINITIALIZED +RH-Jira: RHEL-99887 +RH-Acked-by: Miroslav Rezanina +RH-Commit: [8/30] c6117831ac2ec8e0a700207d5f101eddb67a24a4 + +The 'cs_write_audio' method has a pair of byte arrays, one 4k in size +and one 8k, which are used in converting audio samples. Skip the +automatic zero-init of these arrays to eliminate the performance +overhead in the I/O hot path. + +The 'tmpbuf' array will be fully initialized when reading a block of +data from the guest. The 'linbuf' array will be fully initialized +when converting the audio samples. + +Signed-off-by: Daniel P. Berrangé +Reviewed-by: Stefan Hajnoczi +Message-id: 20250610123709.835102-9-berrange@redhat.com +Signed-off-by: Stefan Hajnoczi +(cherry picked from commit ca2cc0385d97cea66cd54ee42553f385c403d4a6) +Signed-off-by: Stefan Hajnoczi +--- + hw/audio/cs4231a.c | 4 ++-- + 1 file changed, 2 insertions(+), 2 deletions(-) + +diff --git a/hw/audio/cs4231a.c b/hw/audio/cs4231a.c +index 9ef57f042d..5c312642cc 100644 +--- a/hw/audio/cs4231a.c ++++ b/hw/audio/cs4231a.c +@@ -528,7 +528,7 @@ static int cs_write_audio (CSState *s, int nchan, int dma_pos, + int dma_len, int len) + { + int temp, net; +- uint8_t tmpbuf[4096]; ++ QEMU_UNINITIALIZED uint8_t tmpbuf[4096]; + IsaDmaClass *k = ISADMA_GET_CLASS(s->isa_dma); + + temp = len; +@@ -547,7 +547,7 @@ static int cs_write_audio (CSState *s, int nchan, int dma_pos, + copied = k->read_memory(s->isa_dma, nchan, tmpbuf, dma_pos, to_copy); + if (s->tab) { + int i; +- int16_t linbuf[4096]; ++ QEMU_UNINITIALIZED int16_t linbuf[4096]; + + for (i = 0; i < copied; ++i) + linbuf[i] = s->tab[tmpbuf[i]]; +-- +2.39.3 + diff --git a/SOURCES/kvm-hw-audio-es1370-skip-automatic-zero-init-of-large-ar.patch b/SOURCES/kvm-hw-audio-es1370-skip-automatic-zero-init-of-large-ar.patch new file mode 100644 index 0000000..91492d2 --- /dev/null +++ b/SOURCES/kvm-hw-audio-es1370-skip-automatic-zero-init-of-large-ar.patch @@ -0,0 +1,49 @@ +From 8b487658db35f371e4a527ed18a2ae63b4048f83 Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Daniel=20P=2E=20Berrang=C3=A9?= +Date: Tue, 10 Jun 2025 13:36:47 +0100 +Subject: [PATCH 10/31] hw/audio/es1370: skip automatic zero-init of large + array +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +RH-Author: Stefan Hajnoczi +RH-MergeRequest: 461: Solve -ftrivial-auto-var-init performance regression with QEMU_UNINITIALIZED +RH-Jira: RHEL-99887 +RH-Acked-by: Miroslav Rezanina +RH-Commit: [9/30] d6be11e78b1af782f12d7a25fc6c297370aafd4a + +The 'es1370_transfer_audio' method has a 4k byte array used for +copying data between the audio backend and device. Skip the automatic +zero-init of this array to eliminate the performance overhead in +the I/O hot path. + +The 'tmpbuf' array will be fully initialized when reading data from +the audio backend and/or device memory. + +Signed-off-by: Daniel P. Berrangé +Reviewed-by: Stefan Hajnoczi +Message-id: 20250610123709.835102-10-berrange@redhat.com +Signed-off-by: Stefan Hajnoczi +(cherry picked from commit 8236e206084b832d1d7ec947a4798b818f4cdf1f) +Signed-off-by: Stefan Hajnoczi +--- + hw/audio/es1370.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/hw/audio/es1370.c b/hw/audio/es1370.c +index 4ab61d3b9d..6aea934f54 100644 +--- a/hw/audio/es1370.c ++++ b/hw/audio/es1370.c +@@ -604,7 +604,7 @@ static uint64_t es1370_read(void *opaque, hwaddr addr, unsigned size) + static void es1370_transfer_audio (ES1370State *s, struct chan *d, int loop_sel, + int max, bool *irq) + { +- uint8_t tmpbuf[4096]; ++ QEMU_UNINITIALIZED uint8_t tmpbuf[4096]; + size_t to_transfer; + uint32_t addr = d->frame_addr; + int sc = d->scount & 0xffff; +-- +2.39.3 + diff --git a/SOURCES/kvm-hw-audio-gus-skip-automatic-zero-init-of-large-array.patch b/SOURCES/kvm-hw-audio-gus-skip-automatic-zero-init-of-large-array.patch new file mode 100644 index 0000000..2408198 --- /dev/null +++ b/SOURCES/kvm-hw-audio-gus-skip-automatic-zero-init-of-large-array.patch @@ -0,0 +1,48 @@ +From 6aac6e3888bd249856dc5bc91a40d9b4eb60f732 Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Daniel=20P=2E=20Berrang=C3=A9?= +Date: Tue, 10 Jun 2025 13:36:48 +0100 +Subject: [PATCH 11/31] hw/audio/gus: skip automatic zero-init of large array +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +RH-Author: Stefan Hajnoczi +RH-MergeRequest: 461: Solve -ftrivial-auto-var-init performance regression with QEMU_UNINITIALIZED +RH-Jira: RHEL-99887 +RH-Acked-by: Miroslav Rezanina +RH-Commit: [10/30] 1af0f37dbbd3f3703988dfd6548e2ba018f05ee7 + +The 'GUS_read_DMA' method has a 4k byte array used for copying +data between the audio backend and device. Skip the automatic +zero-init of this array to eliminate the performance overhead in +the I/O hot path. + +The 'tmpbuf' array will be fully initialized when reading data +from device memory. + +Signed-off-by: Daniel P. Berrangé +Reviewed-by: Stefan Hajnoczi +Message-id: 20250610123709.835102-11-berrange@redhat.com +Signed-off-by: Stefan Hajnoczi +(cherry picked from commit 2e438da4929018c62609381e1156aac0b2fe3de3) +Signed-off-by: Stefan Hajnoczi +--- + hw/audio/gus.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/hw/audio/gus.c b/hw/audio/gus.c +index 4beb3fd74e..e8b0b85d44 100644 +--- a/hw/audio/gus.c ++++ b/hw/audio/gus.c +@@ -183,7 +183,7 @@ static int GUS_read_DMA (void *opaque, int nchan, int dma_pos, int dma_len) + { + GUSState *s = opaque; + IsaDmaClass *k = ISADMA_GET_CLASS(s->isa_dma); +- char tmpbuf[4096]; ++ QEMU_UNINITIALIZED char tmpbuf[4096]; + int pos = dma_pos, mode, left = dma_len - dma_pos; + + ldebug ("read DMA %#x %d\n", dma_pos, dma_len); +-- +2.39.3 + diff --git a/SOURCES/kvm-hw-audio-marvell_88w8618-skip-automatic-zero-init-of.patch b/SOURCES/kvm-hw-audio-marvell_88w8618-skip-automatic-zero-init-of.patch new file mode 100644 index 0000000..f6e0f3f --- /dev/null +++ b/SOURCES/kvm-hw-audio-marvell_88w8618-skip-automatic-zero-init-of.patch @@ -0,0 +1,50 @@ +From ad0ae4edded2db9e7fea4c82cb22d47798b34528 Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Daniel=20P=2E=20Berrang=C3=A9?= +Date: Tue, 10 Jun 2025 13:36:49 +0100 +Subject: [PATCH 12/31] hw/audio/marvell_88w8618: skip automatic zero-init of + large array +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +RH-Author: Stefan Hajnoczi +RH-MergeRequest: 461: Solve -ftrivial-auto-var-init performance regression with QEMU_UNINITIALIZED +RH-Jira: RHEL-99887 +RH-Acked-by: Miroslav Rezanina +RH-Commit: [11/30] 22754626ac42807e6306becab38fbaf564a84660 + +The 'mv88w8618_audio_callback' method has a 4k byte array used for +copying data between the audio backend and device. Skip the automatic +zero-init of this array to eliminate the performance overhead in +the I/O hot path. + +The 'buf' array will be fully initialized when reading data from +device memory. + +Signed-off-by: Daniel P. Berrangé +Reviewed-by: Stefan Hajnoczi +Message-id: 20250610123709.835102-12-berrange@redhat.com +[Fixed hw/audio/gus in commit message --Stefan] +Signed-off-by: Stefan Hajnoczi +(cherry picked from commit 5b6cd5c5df4229972d8a0fd9dd9a089a1644d6ba) +Signed-off-by: Stefan Hajnoczi +--- + hw/audio/marvell_88w8618.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/hw/audio/marvell_88w8618.c b/hw/audio/marvell_88w8618.c +index cc285444bc..b7b4b27272 100644 +--- a/hw/audio/marvell_88w8618.c ++++ b/hw/audio/marvell_88w8618.c +@@ -66,7 +66,7 @@ static void mv88w8618_audio_callback(void *opaque, int free_out, int free_in) + { + mv88w8618_audio_state *s = opaque; + int16_t *codec_buffer; +- int8_t buf[4096]; ++ QEMU_UNINITIALIZED int8_t buf[4096]; + int8_t *mem_buffer; + int pos, block_size; + +-- +2.39.3 + diff --git a/SOURCES/kvm-hw-audio-sb16-skip-automatic-zero-init-of-large-arra.patch b/SOURCES/kvm-hw-audio-sb16-skip-automatic-zero-init-of-large-arra.patch new file mode 100644 index 0000000..8a61b43 --- /dev/null +++ b/SOURCES/kvm-hw-audio-sb16-skip-automatic-zero-init-of-large-arra.patch @@ -0,0 +1,48 @@ +From 06915675e69c2ff0d1a686dcea200429f54fee74 Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Daniel=20P=2E=20Berrang=C3=A9?= +Date: Tue, 10 Jun 2025 13:36:50 +0100 +Subject: [PATCH 13/31] hw/audio/sb16: skip automatic zero-init of large array +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +RH-Author: Stefan Hajnoczi +RH-MergeRequest: 461: Solve -ftrivial-auto-var-init performance regression with QEMU_UNINITIALIZED +RH-Jira: RHEL-99887 +RH-Acked-by: Miroslav Rezanina +RH-Commit: [12/30] 93e9b488f1ec99b425cc149c3aba8f824d000c73 + +The 'write_audio' method has a 4k byte array used for copying data +between the audio backend and device. Skip the automatic zero-init +of this array to eliminate the performance overhead in the I/O hot +path. + +The 'tmpbuf' array will be fully initialized when reading data from +device memory. + +Signed-off-by: Daniel P. Berrangé +Reviewed-by: Stefan Hajnoczi +Message-id: 20250610123709.835102-13-berrange@redhat.com +Signed-off-by: Stefan Hajnoczi +(cherry picked from commit 30c82f6657c1ee9fbb5473924b4d3273f214bd6f) +Signed-off-by: Stefan Hajnoczi +--- + hw/audio/sb16.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/hw/audio/sb16.c b/hw/audio/sb16.c +index fd76e78d18..04c818ed3d 100644 +--- a/hw/audio/sb16.c ++++ b/hw/audio/sb16.c +@@ -1181,7 +1181,7 @@ static int write_audio (SB16State *s, int nchan, int dma_pos, + IsaDma *isa_dma = nchan == s->dma ? s->isa_dma : s->isa_hdma; + IsaDmaClass *k = ISADMA_GET_CLASS(isa_dma); + int temp, net; +- uint8_t tmpbuf[4096]; ++ QEMU_UNINITIALIZED uint8_t tmpbuf[4096]; + + temp = len; + net = 0; +-- +2.39.3 + diff --git a/SOURCES/kvm-hw-audio-via-ac97-skip-automatic-zero-init-of-large-.patch b/SOURCES/kvm-hw-audio-via-ac97-skip-automatic-zero-init-of-large-.patch new file mode 100644 index 0000000..dcf7352 --- /dev/null +++ b/SOURCES/kvm-hw-audio-via-ac97-skip-automatic-zero-init-of-large-.patch @@ -0,0 +1,49 @@ +From 180cb8f07e5a7a1c4bfe01709b27cbf8d080f1a8 Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Daniel=20P=2E=20Berrang=C3=A9?= +Date: Tue, 10 Jun 2025 13:36:51 +0100 +Subject: [PATCH 14/31] hw/audio/via-ac97: skip automatic zero-init of large + array +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +RH-Author: Stefan Hajnoczi +RH-MergeRequest: 461: Solve -ftrivial-auto-var-init performance regression with QEMU_UNINITIALIZED +RH-Jira: RHEL-99887 +RH-Acked-by: Miroslav Rezanina +RH-Commit: [13/30] d27c1e2fbd89df34bde1248d1b053eca40625838 + +The 'out_cb' method has a 4k byte array used for copying data +between the audio backend and device. Skip the automatic zero-init +of this array to eliminate the performance overhead in the I/O hot +path. + +The 'tmpbuf' array will be fully initialized when reading data from +device memory. + +Signed-off-by: Daniel P. Berrangé +Reviewed-by: Stefan Hajnoczi +Message-id: 20250610123709.835102-14-berrange@redhat.com +Signed-off-by: Stefan Hajnoczi +(cherry picked from commit bb71d9fe1419f44529c91d1b09464718d157e647) +Signed-off-by: Stefan Hajnoczi +--- + hw/audio/via-ac97.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/hw/audio/via-ac97.c b/hw/audio/via-ac97.c +index 4c127a1def..e8fcf44e5d 100644 +--- a/hw/audio/via-ac97.c ++++ b/hw/audio/via-ac97.c +@@ -175,7 +175,7 @@ static void out_cb(void *opaque, int avail) + ViaAC97SGDChannel *c = &s->aur; + int temp, to_copy, copied; + bool stop = false; +- uint8_t tmpbuf[4096]; ++ QEMU_UNINITIALIZED uint8_t tmpbuf[4096]; + + if (c->stat & STAT_PAUSED) { + return; +-- +2.39.3 + diff --git a/SOURCES/kvm-hw-char-sclpconsole-lm-skip-automatic-zero-init-of-l.patch b/SOURCES/kvm-hw-char-sclpconsole-lm-skip-automatic-zero-init-of-l.patch new file mode 100644 index 0000000..9dab844 --- /dev/null +++ b/SOURCES/kvm-hw-char-sclpconsole-lm-skip-automatic-zero-init-of-l.patch @@ -0,0 +1,49 @@ +From 03b3f8f230e30399e952c2c5eafde3efa7c015b3 Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Daniel=20P=2E=20Berrang=C3=A9?= +Date: Tue, 10 Jun 2025 13:36:52 +0100 +Subject: [PATCH 15/31] hw/char/sclpconsole-lm: skip automatic zero-init of + large array +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +RH-Author: Stefan Hajnoczi +RH-MergeRequest: 461: Solve -ftrivial-auto-var-init performance regression with QEMU_UNINITIALIZED +RH-Jira: RHEL-99887 +RH-Acked-by: Miroslav Rezanina +RH-Commit: [14/30] fca3dbfc00277d1c35ecdb65a56d26c95c8cb6bb + +The 'process_mdb' method has a 4k byte array used for copying data +between the guest and the chardev backend. Skip the automatic zero-init +of this array to eliminate the performance overhead in the I/O hot +path. + +The 'buffer' array will be selectively initialized when data is converted +between EBCDIC and ASCII. + +Signed-off-by: Daniel P. Berrangé +Reviewed-by: Stefan Hajnoczi +Message-id: 20250610123709.835102-15-berrange@redhat.com +Signed-off-by: Stefan Hajnoczi +(cherry picked from commit 8b1dac1ad57082611419b0e2f347acd96115d25f) +Signed-off-by: Stefan Hajnoczi +--- + hw/char/sclpconsole-lm.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/hw/char/sclpconsole-lm.c b/hw/char/sclpconsole-lm.c +index 7719f438f6..19e64b92f6 100644 +--- a/hw/char/sclpconsole-lm.c ++++ b/hw/char/sclpconsole-lm.c +@@ -214,7 +214,7 @@ static int process_mdb(SCLPEvent *event, MDBO *mdbo) + { + int rc; + int len; +- uint8_t buffer[SIZE_BUFFER]; ++ QEMU_UNINITIALIZED uint8_t buffer[SIZE_BUFFER]; + + len = be16_to_cpu(mdbo->length); + len -= sizeof(mdbo->length) + sizeof(mdbo->type) +-- +2.39.3 + diff --git a/SOURCES/kvm-hw-display-vmware_vga-skip-automatic-zero-init-of-la.patch b/SOURCES/kvm-hw-display-vmware_vga-skip-automatic-zero-init-of-la.patch new file mode 100644 index 0000000..e28e59a --- /dev/null +++ b/SOURCES/kvm-hw-display-vmware_vga-skip-automatic-zero-init-of-la.patch @@ -0,0 +1,49 @@ +From 4c88a2da13473491d30328f24239fe305ff037ef Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Daniel=20P=2E=20Berrang=C3=A9?= +Date: Tue, 10 Jun 2025 13:36:54 +0100 +Subject: [PATCH 17/31] hw/display/vmware_vga: skip automatic zero-init of + large struct +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +RH-Author: Stefan Hajnoczi +RH-MergeRequest: 461: Solve -ftrivial-auto-var-init performance regression with QEMU_UNINITIALIZED +RH-Jira: RHEL-99887 +RH-Acked-by: Miroslav Rezanina +RH-Commit: [16/30] 7b1073ec54071782a9ad32e17293b141bee639c4 + +The 'vmsvga_fifo_run' method has a struct which is a little over 20k +in size, used for holding image data for cursor changes. Skip the +automatic zero-init of this struct to eliminate the performance +overhead in the I/O hot path. + +The cursor variable will be fully initialized only when processing +a cursor definition message from the guest. + +Signed-off-by: Daniel P. Berrangé +Reviewed-by: Stefan Hajnoczi +Message-id: 20250610123709.835102-17-berrange@redhat.com +Signed-off-by: Stefan Hajnoczi +(cherry picked from commit 7048e70f391df76d009eecca25f8027858f9f304) +Signed-off-by: Stefan Hajnoczi +--- + hw/display/vmware_vga.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/hw/display/vmware_vga.c b/hw/display/vmware_vga.c +index 3db3ff98f7..69afe98a2f 100644 +--- a/hw/display/vmware_vga.c ++++ b/hw/display/vmware_vga.c +@@ -618,7 +618,7 @@ static void vmsvga_fifo_run(struct vmsvga_state_s *s) + uint32_t cmd, colour; + int args, len, maxloop = 1024; + int x, y, dx, dy, width, height; +- struct vmsvga_cursor_definition_s cursor; ++ QEMU_UNINITIALIZED struct vmsvga_cursor_definition_s cursor; + uint32_t cmd_start; + + len = vmsvga_fifo_length(s); +-- +2.39.3 + diff --git a/SOURCES/kvm-hw-dma-xlnx_csu_dma-skip-automatic-zero-init-of-larg.patch b/SOURCES/kvm-hw-dma-xlnx_csu_dma-skip-automatic-zero-init-of-larg.patch new file mode 100644 index 0000000..9383da2 --- /dev/null +++ b/SOURCES/kvm-hw-dma-xlnx_csu_dma-skip-automatic-zero-init-of-larg.patch @@ -0,0 +1,47 @@ +From 7208c85b822d45410d21ec42acdc872550a57262 Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Daniel=20P=2E=20Berrang=C3=A9?= +Date: Tue, 10 Jun 2025 13:36:53 +0100 +Subject: [PATCH 16/31] hw/dma/xlnx_csu_dma: skip automatic zero-init of large + array +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +RH-Author: Stefan Hajnoczi +RH-MergeRequest: 461: Solve -ftrivial-auto-var-init performance regression with QEMU_UNINITIALIZED +RH-Jira: RHEL-99887 +RH-Acked-by: Miroslav Rezanina +RH-Commit: [15/30] 8ffc738b76ad72de3d0925c5e44408b0f712fcef + +The 'xlnx_csu_dma_src_notify' method has a 4k byte array used for +copying DMA data. Skip the automatic zero-init of this array to +eliminate the performance overhead in the I/O hot path. + +The 'buf' array will be fully initialized when data is copied. + +Signed-off-by: Daniel P. Berrangé +Reviewed-by: Stefan Hajnoczi +Message-id: 20250610123709.835102-16-berrange@redhat.com +Signed-off-by: Stefan Hajnoczi +(cherry picked from commit ce14f24611aa0469b464a9512e192b4fd51dca2b) +Signed-off-by: Stefan Hajnoczi +--- + hw/dma/xlnx_csu_dma.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/hw/dma/xlnx_csu_dma.c b/hw/dma/xlnx_csu_dma.c +index ae307482f2..9d1cccc5ca 100644 +--- a/hw/dma/xlnx_csu_dma.c ++++ b/hw/dma/xlnx_csu_dma.c +@@ -287,7 +287,7 @@ static uint32_t xlnx_csu_dma_advance(XlnxCSUDMA *s, uint32_t len) + static void xlnx_csu_dma_src_notify(void *opaque) + { + XlnxCSUDMA *s = XLNX_CSU_DMA(opaque); +- unsigned char buf[4 * 1024]; ++ QEMU_UNINITIALIZED unsigned char buf[4 * 1024]; + size_t rlen = 0; + + ptimer_transaction_begin(s->src_timer); +-- +2.39.3 + diff --git a/SOURCES/kvm-hw-hyperv-syndbg-skip-automatic-zero-init-of-large-a.patch b/SOURCES/kvm-hw-hyperv-syndbg-skip-automatic-zero-init-of-large-a.patch new file mode 100644 index 0000000..64425b4 --- /dev/null +++ b/SOURCES/kvm-hw-hyperv-syndbg-skip-automatic-zero-init-of-large-a.patch @@ -0,0 +1,56 @@ +From c7b6fe3f924396dd49bdf13485696a536aa34fb0 Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Daniel=20P=2E=20Berrang=C3=A9?= +Date: Tue, 10 Jun 2025 13:36:55 +0100 +Subject: [PATCH 18/31] hw/hyperv/syndbg: skip automatic zero-init of large + array +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +RH-Author: Stefan Hajnoczi +RH-MergeRequest: 461: Solve -ftrivial-auto-var-init performance regression with QEMU_UNINITIALIZED +RH-Jira: RHEL-99887 +RH-Acked-by: Miroslav Rezanina +RH-Commit: [17/30] 4202f998aff3fd784508ab6e52658cecd197924b + +The 'handle_recv_msg' method has a 4k byte array used for copying +data between the network socket and guest memory. Skip the automatic +zero-init of this array to eliminate the performance overhead in the +I/O hot path. + +The 'data_buf' array will be fully initialized when data is read +off the network socket. + +Signed-off-by: Daniel P. Berrangé +Reviewed-by: Stefan Hajnoczi +Message-id: 20250610123709.835102-18-berrange@redhat.com +Signed-off-by: Stefan Hajnoczi +(cherry picked from commit 5a1f614d0cd0bcc8e84e0b7ab6af63d56bd348a2) +Signed-off-by: Stefan Hajnoczi + +Conflicts: + hw/hyperv/syndbg.c + + Context conflict due to missing commit 3efb9d226221 + ("hw/hyperv/syndbg: common compilation unit") downstream. There is no + need to backport the commit because it's not a bug fix. +--- + hw/hyperv/syndbg.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/hw/hyperv/syndbg.c b/hw/hyperv/syndbg.c +index 065e12fb1e..c7c43c8009 100644 +--- a/hw/hyperv/syndbg.c ++++ b/hw/hyperv/syndbg.c +@@ -188,7 +188,7 @@ static uint16_t handle_recv_msg(HvSynDbg *syndbg, uint64_t outgpa, + uint64_t timeout, uint32_t *retrieved_count) + { + uint16_t ret; +- uint8_t data_buf[TARGET_PAGE_SIZE - UDP_PKT_HEADER_SIZE]; ++ QEMU_UNINITIALIZED uint8_t data_buf[TARGET_PAGE_SIZE - UDP_PKT_HEADER_SIZE]; + hwaddr out_len; + void *out_data; + ssize_t recv_byte_count; +-- +2.39.3 + diff --git a/SOURCES/kvm-hw-i386-Fix-machine-type-compatibility.patch b/SOURCES/kvm-hw-i386-Fix-machine-type-compatibility.patch new file mode 100644 index 0000000..0ab0cda --- /dev/null +++ b/SOURCES/kvm-hw-i386-Fix-machine-type-compatibility.patch @@ -0,0 +1,87 @@ +From 9bd4a89d3e1410b3a5994ab2b33f4332a4246955 Mon Sep 17 00:00:00 2001 +From: Sebastian Ott +Date: Thu, 15 May 2025 18:45:51 +0200 +Subject: [PATCH] hw/i386: Fix machine type compatibility + +RH-Author: Sebastian Ott +RH-MergeRequest: 452: hw/i386: Fix machine type compatibility +RH-Jira: RHEL-92077 +RH-Acked-by: Cornelia Huck +RH-Acked-by: Jon Maloy +RH-Commit: [1/1] d594f142e8ce616b6fd1accd6950ab5cebc34984 + +Upstream Status: RHEL only + +Ensure compatibility of rhel specific i440fx and q35 machine types. +Pick up missing bits from pc_compat_9_0 upstream. + +Signed-off-by: Sebastian Ott +--- + hw/i386/pc.c | 8 ++++++++ + hw/i386/pc_piix.c | 2 ++ + hw/i386/pc_q35.c | 2 ++ + include/hw/i386/pc.h | 3 +++ + 4 files changed, 15 insertions(+) + +diff --git a/hw/i386/pc.c b/hw/i386/pc.c +index fa0e42d072..d8f1b2d899 100644 +--- a/hw/i386/pc.c ++++ b/hw/i386/pc.c +@@ -298,6 +298,14 @@ GlobalProperty pc_rhel_compat[] = { + }; + const size_t pc_rhel_compat_len = G_N_ELEMENTS(pc_rhel_compat); + ++GlobalProperty pc_rhel_9_6_compat[] = { ++ /* pc_rhel_9_6_compat from pc_compat_9_0 */ ++ { TYPE_X86_CPU, "x-amd-topoext-features-only", "false" }, ++ { TYPE_X86_CPU, "x-l1-cache-per-thread", "false" }, ++ { TYPE_X86_CPU, "legacy-multi-node", "on" }, ++}; ++const size_t pc_rhel_9_6_compat_len = G_N_ELEMENTS(pc_rhel_9_6_compat); ++ + GlobalProperty pc_rhel_9_5_compat[] = { + /* pc_rhel_9_5_compat from pc_compat_pc_9_0 (backported from 9.1) */ + { TYPE_X86_CPU, "guest-phys-bits", "0" }, +diff --git a/hw/i386/pc_piix.c b/hw/i386/pc_piix.c +index 656abb5d39..80d366bf17 100644 +--- a/hw/i386/pc_piix.c ++++ b/hw/i386/pc_piix.c +@@ -885,6 +885,8 @@ static void pc_i440fx_rhel_machine_7_6_0_options(MachineClass *m) + + compat_props_add(m->compat_props, hw_compat_rhel_9_6, + hw_compat_rhel_9_6_len); ++ compat_props_add(m->compat_props, pc_rhel_9_6_compat, ++ pc_rhel_9_6_compat_len); + compat_props_add(m->compat_props, pc_rhel_9_5_compat, + pc_rhel_9_5_compat_len); + compat_props_add(m->compat_props, hw_compat_rhel_9_5, +diff --git a/hw/i386/pc_q35.c b/hw/i386/pc_q35.c +index 578f63524f..e3653b44cd 100644 +--- a/hw/i386/pc_q35.c ++++ b/hw/i386/pc_q35.c +@@ -701,6 +701,8 @@ static void pc_q35_rhel_machine_9_4_0_options(MachineClass *m) + + compat_props_add(m->compat_props, hw_compat_rhel_9_6, + hw_compat_rhel_9_6_len); ++ compat_props_add(m->compat_props, pc_rhel_9_6_compat, ++ pc_rhel_9_6_compat_len); + compat_props_add(m->compat_props, pc_rhel_9_5_compat, + pc_rhel_9_5_compat_len); + compat_props_add(m->compat_props, hw_compat_rhel_9_5, +diff --git a/include/hw/i386/pc.h b/include/hw/i386/pc.h +index 75c9271cdd..2b7c18f2b0 100644 +--- a/include/hw/i386/pc.h ++++ b/include/hw/i386/pc.h +@@ -305,6 +305,9 @@ extern const size_t pc_compat_2_3_len; + extern GlobalProperty pc_rhel_compat[]; + extern const size_t pc_rhel_compat_len; + ++extern GlobalProperty pc_rhel_9_6_compat[]; ++extern const size_t pc_rhel_9_6_compat_len; ++ + extern GlobalProperty pc_rhel_9_5_compat[]; + extern const size_t pc_rhel_9_5_compat_len; + +-- +2.48.1 + diff --git a/SOURCES/kvm-hw-misc-aspeed_hace-skip-automatic-zero-init-of-larg.patch b/SOURCES/kvm-hw-misc-aspeed_hace-skip-automatic-zero-init-of-larg.patch new file mode 100644 index 0000000..6e3e1f0 --- /dev/null +++ b/SOURCES/kvm-hw-misc-aspeed_hace-skip-automatic-zero-init-of-larg.patch @@ -0,0 +1,57 @@ +From ee75cefe77904ffc659bdb2df32feef7e01a914e Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Daniel=20P=2E=20Berrang=C3=A9?= +Date: Tue, 10 Jun 2025 13:36:56 +0100 +Subject: [PATCH 19/31] hw/misc/aspeed_hace: skip automatic zero-init of large + array +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +RH-Author: Stefan Hajnoczi +RH-MergeRequest: 461: Solve -ftrivial-auto-var-init performance regression with QEMU_UNINITIALIZED +RH-Jira: RHEL-99887 +RH-Acked-by: Miroslav Rezanina +RH-Commit: [18/30] fb1e9ede27fca69cf9074c2590c221dce3633a68 + +The 'do_hash_operation' method has a 256 element iovec array used for +holding pointers to data that is to be hashed. Skip the automatic +zero-init of this array to eliminate the performance overhead in the +I/O hot path. + +The 'iovec' array will be selectively initialized based on data that +needs to be hashed. + +Signed-off-by: Daniel P. Berrangé +Reviewed-by: Stefan Hajnoczi +Message-id: 20250610123709.835102-19-berrange@redhat.com +Signed-off-by: Stefan Hajnoczi +(cherry picked from commit 6992c886838282f36b20deee44b666bbfc573a8f) +Signed-off-by: Stefan Hajnoczi + +Conflicts: + hw/misc/aspeed_hace.c + + Context conflict due to missing commit b9ccbe212e24 + ("hw/misc/aspeed_hace: Extract accumulation-mode hash execution into + helper function") downstream. The commit is not a bug fix, so there is + no need to backport it. +--- + hw/misc/aspeed_hace.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/hw/misc/aspeed_hace.c b/hw/misc/aspeed_hace.c +index c06c04ddc6..d2118f1864 100644 +--- a/hw/misc/aspeed_hace.c ++++ b/hw/misc/aspeed_hace.c +@@ -188,7 +188,7 @@ static int gen_acc_mode_iov(AspeedHACEState *s, struct iovec *iov, int id, + static void do_hash_operation(AspeedHACEState *s, int algo, bool sg_mode, + bool acc_mode) + { +- struct iovec iov[ASPEED_HACE_MAX_SG]; ++ QEMU_UNINITIALIZED struct iovec iov[ASPEED_HACE_MAX_SG]; + g_autofree uint8_t *digest_buf = NULL; + size_t digest_len = 0; + int niov = 0; +-- +2.39.3 + diff --git a/SOURCES/kvm-hw-net-rtl8139-skip-automatic-zero-init-of-large-arr.patch b/SOURCES/kvm-hw-net-rtl8139-skip-automatic-zero-init-of-large-arr.patch new file mode 100644 index 0000000..6e6cc3d --- /dev/null +++ b/SOURCES/kvm-hw-net-rtl8139-skip-automatic-zero-init-of-large-arr.patch @@ -0,0 +1,48 @@ +From 09fe29d40b3d1e30e0e921e186a797c4da5ac583 Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Daniel=20P=2E=20Berrang=C3=A9?= +Date: Tue, 10 Jun 2025 13:36:57 +0100 +Subject: [PATCH 20/31] hw/net/rtl8139: skip automatic zero-init of large array +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +RH-Author: Stefan Hajnoczi +RH-MergeRequest: 461: Solve -ftrivial-auto-var-init performance regression with QEMU_UNINITIALIZED +RH-Jira: RHEL-99887 +RH-Acked-by: Miroslav Rezanina +RH-Commit: [19/30] 3c072f59b9a283b40327117585d9f01d32ecc081 + +The 'rtl8139_transmit_one' method has a 8k byte array used for +copying data between guest and host. Skip the automatic zero-init +of this array to eliminate the performance overhead in the I/O +hot path. + +The 'txbuffer' will be fully initialized when reading PCI DMA +buffers. + +Signed-off-by: Daniel P. Berrangé +Reviewed-by: Stefan Hajnoczi +Message-id: 20250610123709.835102-20-berrange@redhat.com +Signed-off-by: Stefan Hajnoczi +(cherry picked from commit 3ccc6489dd4925ddd1f3066bd3751389169cd7aa) +Signed-off-by: Stefan Hajnoczi +--- + hw/net/rtl8139.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/hw/net/rtl8139.c b/hw/net/rtl8139.c +index f2fe057535..a2732bf1c1 100644 +--- a/hw/net/rtl8139.c ++++ b/hw/net/rtl8139.c +@@ -1818,7 +1818,7 @@ static int rtl8139_transmit_one(RTL8139State *s, int descriptor) + + PCIDevice *d = PCI_DEVICE(s); + int txsize = s->TxStatus[descriptor] & 0x1fff; +- uint8_t txbuffer[0x2000]; ++ QEMU_UNINITIALIZED uint8_t txbuffer[0x2000]; + + DPRINTF("+++ transmit reading %d bytes from host memory at 0x%08x\n", + txsize, s->TxAddr[descriptor]); +-- +2.39.3 + diff --git a/SOURCES/kvm-hw-net-tulip-skip-automatic-zero-init-of-large-array.patch b/SOURCES/kvm-hw-net-tulip-skip-automatic-zero-init-of-large-array.patch new file mode 100644 index 0000000..e5d8430 --- /dev/null +++ b/SOURCES/kvm-hw-net-tulip-skip-automatic-zero-init-of-large-array.patch @@ -0,0 +1,47 @@ +From f9a1a355dbd2d59bbd80d33e713579d93fe3932f Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Daniel=20P=2E=20Berrang=C3=A9?= +Date: Tue, 10 Jun 2025 13:36:58 +0100 +Subject: [PATCH 21/31] hw/net/tulip: skip automatic zero-init of large array +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +RH-Author: Stefan Hajnoczi +RH-MergeRequest: 461: Solve -ftrivial-auto-var-init performance regression with QEMU_UNINITIALIZED +RH-Jira: RHEL-99887 +RH-Acked-by: Miroslav Rezanina +RH-Commit: [20/30] ff60b673f4e06a25fd5efbc51f5536da5d9c99f5 + +The 'tulip_setup_frame' method has a 4k byte array used for copynig +DMA data from the device. Skip the automatic zero-init of this array +to eliminate the performance overhead in the I/O hot path. + +The 'buf' array will be fully initialized when reading data from the +device. + +Signed-off-by: Daniel P. Berrangé +Reviewed-by: Stefan Hajnoczi +Message-id: 20250610123709.835102-21-berrange@redhat.com +Signed-off-by: Stefan Hajnoczi +(cherry picked from commit e1afd5ee6eb2954f4baf3c97820e4aaf7de97d2a) +Signed-off-by: Stefan Hajnoczi +--- + hw/net/tulip.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/hw/net/tulip.c b/hw/net/tulip.c +index 1f2ef20977..5cf2b96fbd 100644 +--- a/hw/net/tulip.c ++++ b/hw/net/tulip.c +@@ -629,7 +629,7 @@ static void tulip_setup_filter_addr(TULIPState *s, uint8_t *buf, int n) + static void tulip_setup_frame(TULIPState *s, + struct tulip_descriptor *desc) + { +- uint8_t buf[4096]; ++ QEMU_UNINITIALIZED uint8_t buf[4096]; + int len = (desc->control >> TDES1_BUF1_SIZE_SHIFT) & TDES1_BUF1_SIZE_MASK; + int i; + +-- +2.39.3 + diff --git a/SOURCES/kvm-hw-net-virtio-net-skip-automatic-zero-init-of-large-.patch b/SOURCES/kvm-hw-net-virtio-net-skip-automatic-zero-init-of-large-.patch new file mode 100644 index 0000000..47c8b0b --- /dev/null +++ b/SOURCES/kvm-hw-net-virtio-net-skip-automatic-zero-init-of-large-.patch @@ -0,0 +1,54 @@ +From 9ecc539204dd6ab7a1124089f9e557248e321282 Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Daniel=20P=2E=20Berrang=C3=A9?= +Date: Tue, 10 Jun 2025 13:36:59 +0100 +Subject: [PATCH 22/31] hw/net/virtio-net: skip automatic zero-init of large + arrays +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +RH-Author: Stefan Hajnoczi +RH-MergeRequest: 461: Solve -ftrivial-auto-var-init performance regression with QEMU_UNINITIALIZED +RH-Jira: RHEL-99887 +RH-Acked-by: Miroslav Rezanina +RH-Commit: [21/30] f093a50cc162bd376fd74ea47c6274d7e718ba69 + +The 'virtio_net_receive_rcu' method has three arrays with +VIRTQUEUE_MAX_SIZE elements, which are apprixmately 32k in +size used for copying data between guest and host. Skip the +automatic zero-init of these arrays to eliminate the +performance overhead in the I/O hot path. + +The three arrays will be selectively initialized as required +when processing network buffers. + +Signed-off-by: Daniel P. Berrangé +Reviewed-by: Stefan Hajnoczi +Message-id: 20250610123709.835102-22-berrange@redhat.com +Signed-off-by: Stefan Hajnoczi +(cherry picked from commit 21cf31c51a7aeff4270c9b30b37e019c536d54b2) +Signed-off-by: Stefan Hajnoczi +--- + hw/net/virtio-net.c | 6 +++--- + 1 file changed, 3 insertions(+), 3 deletions(-) + +diff --git a/hw/net/virtio-net.c b/hw/net/virtio-net.c +index 3d2b2460ad..086ea20ea0 100644 +--- a/hw/net/virtio-net.c ++++ b/hw/net/virtio-net.c +@@ -1895,9 +1895,9 @@ static ssize_t virtio_net_receive_rcu(NetClientState *nc, const uint8_t *buf, + VirtIONet *n = qemu_get_nic_opaque(nc); + VirtIONetQueue *q = virtio_net_get_subqueue(nc); + VirtIODevice *vdev = VIRTIO_DEVICE(n); +- VirtQueueElement *elems[VIRTQUEUE_MAX_SIZE]; +- size_t lens[VIRTQUEUE_MAX_SIZE]; +- struct iovec mhdr_sg[VIRTQUEUE_MAX_SIZE]; ++ QEMU_UNINITIALIZED VirtQueueElement *elems[VIRTQUEUE_MAX_SIZE]; ++ QEMU_UNINITIALIZED size_t lens[VIRTQUEUE_MAX_SIZE]; ++ QEMU_UNINITIALIZED struct iovec mhdr_sg[VIRTQUEUE_MAX_SIZE]; + struct virtio_net_hdr_v1_hash extra_hdr; + unsigned mhdr_cnt = 0; + size_t offset, i, guest_offset, j; +-- +2.39.3 + diff --git a/SOURCES/kvm-hw-net-xgamc-skip-automatic-zero-init-of-large-array.patch b/SOURCES/kvm-hw-net-xgamc-skip-automatic-zero-init-of-large-array.patch new file mode 100644 index 0000000..fc1d17f --- /dev/null +++ b/SOURCES/kvm-hw-net-xgamc-skip-automatic-zero-init-of-large-array.patch @@ -0,0 +1,47 @@ +From 3b39fa3e031d5b8a89c05302f3d73e7d4748bf58 Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Daniel=20P=2E=20Berrang=C3=A9?= +Date: Tue, 10 Jun 2025 13:37:00 +0100 +Subject: [PATCH 23/31] hw/net/xgamc: skip automatic zero-init of large array +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +RH-Author: Stefan Hajnoczi +RH-MergeRequest: 461: Solve -ftrivial-auto-var-init performance regression with QEMU_UNINITIALIZED +RH-Jira: RHEL-99887 +RH-Acked-by: Miroslav Rezanina +RH-Commit: [22/30] d83a91284970ced6f60964ded15d04405845e8bb + +The 'xgmac_enet_send' method has a 8k byte array used for copying +data between guest and host. Skip the automatic zero-init of this +array to eliminate the performance overhead in the I/O hot path. + +The 'frame' buffer will be fully initialized when reading guest +memory to fetch the data to send. + +Signed-off-by: Daniel P. Berrangé +Reviewed-by: Stefan Hajnoczi +Message-id: 20250610123709.835102-23-berrange@redhat.com +Signed-off-by: Stefan Hajnoczi +(cherry picked from commit 8b723287b84a62bb5d1a7799ef0959ca8e6c293a) +Signed-off-by: Stefan Hajnoczi +--- + hw/net/xgmac.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/hw/net/xgmac.c b/hw/net/xgmac.c +index ffe3fc8dbe..eff8022aca 100644 +--- a/hw/net/xgmac.c ++++ b/hw/net/xgmac.c +@@ -207,7 +207,7 @@ static void xgmac_enet_send(XgmacState *s) + struct desc bd; + int frame_size; + int len; +- uint8_t frame[8192]; ++ QEMU_UNINITIALIZED uint8_t frame[8192]; + uint8_t *ptr; + + ptr = frame; +-- +2.39.3 + diff --git a/SOURCES/kvm-hw-nvme-ctrl-skip-automatic-zero-init-of-large-array.patch b/SOURCES/kvm-hw-nvme-ctrl-skip-automatic-zero-init-of-large-array.patch new file mode 100644 index 0000000..4dd62b7 --- /dev/null +++ b/SOURCES/kvm-hw-nvme-ctrl-skip-automatic-zero-init-of-large-array.patch @@ -0,0 +1,72 @@ +From 794d838efddc7e96f6e40c1c4bb2b1baf3c95cfb Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Daniel=20P=2E=20Berrang=C3=A9?= +Date: Tue, 10 Jun 2025 13:37:01 +0100 +Subject: [PATCH 24/31] hw/nvme/ctrl: skip automatic zero-init of large arrays +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +RH-Author: Stefan Hajnoczi +RH-MergeRequest: 461: Solve -ftrivial-auto-var-init performance regression with QEMU_UNINITIALIZED +RH-Jira: RHEL-99887 +RH-Acked-by: Miroslav Rezanina +RH-Commit: [23/30] 97877d2e280daf654f5893461c0bc9e6f6caa77d + +The 'nvme_map_sgl' method has a 256 element array used for copying +data from the device. Skip the automatic zero-init of this array +to eliminate the performance overhead in the I/O hot path. + +The 'segment' array will be fully initialized when reading data from +the device. + +The 'nme_changed_nslist' method has a 4k byte array that is manually +initialized with memset(). The compiler ought to be intelligent +enough to turn the memset() into a static initialization operation, +and thus not duplicate the automatic zero-init. Replacing memset() +with '{}' makes it unambiguous that the array is statically initialized. + +Signed-off-by: Daniel P. Berrangé +Reviewed-by: Stefan Hajnoczi +Reviewed-by: Klaus Jensen +Message-id: 20250610123709.835102-24-berrange@redhat.com +Signed-off-by: Stefan Hajnoczi +(cherry picked from commit 7eeb1d3acc175813ad3d5e824f26123e0992093a) +Signed-off-by: Stefan Hajnoczi +--- + hw/nvme/ctrl.c | 6 +++--- + 1 file changed, 3 insertions(+), 3 deletions(-) + +diff --git a/hw/nvme/ctrl.c b/hw/nvme/ctrl.c +index 9f277b81d8..f000e2246f 100644 +--- a/hw/nvme/ctrl.c ++++ b/hw/nvme/ctrl.c +@@ -1047,7 +1047,8 @@ static uint16_t nvme_map_sgl(NvmeCtrl *n, NvmeSg *sg, NvmeSglDescriptor sgl, + */ + #define SEG_CHUNK_SIZE 256 + +- NvmeSglDescriptor segment[SEG_CHUNK_SIZE], *sgld, *last_sgld; ++ QEMU_UNINITIALIZED NvmeSglDescriptor segment[SEG_CHUNK_SIZE]; ++ NvmeSglDescriptor *sgld, *last_sgld; + uint64_t nsgld; + uint32_t seg_len; + uint16_t status; +@@ -5029,7 +5030,7 @@ static uint16_t nvme_error_info(NvmeCtrl *n, uint8_t rae, uint32_t buf_len, + static uint16_t nvme_changed_nslist(NvmeCtrl *n, uint8_t rae, uint32_t buf_len, + uint64_t off, NvmeRequest *req) + { +- uint32_t nslist[1024]; ++ uint32_t nslist[1024] = {}; + uint32_t trans_len; + int i = 0; + uint32_t nsid; +@@ -5039,7 +5040,6 @@ static uint16_t nvme_changed_nslist(NvmeCtrl *n, uint8_t rae, uint32_t buf_len, + return NVME_INVALID_FIELD | NVME_DNR; + } + +- memset(nslist, 0x0, sizeof(nslist)); + trans_len = MIN(sizeof(nslist) - off, buf_len); + + while ((nsid = find_first_bit(n->changed_nsids, NVME_CHANGED_NSID_SIZE)) != +-- +2.39.3 + diff --git a/SOURCES/kvm-hw-ppc-spapr_tpm_proxy-skip-automatic-zero-init-of-l.patch b/SOURCES/kvm-hw-ppc-spapr_tpm_proxy-skip-automatic-zero-init-of-l.patch new file mode 100644 index 0000000..0113427 --- /dev/null +++ b/SOURCES/kvm-hw-ppc-spapr_tpm_proxy-skip-automatic-zero-init-of-l.patch @@ -0,0 +1,52 @@ +From 087151816f810052c013d496e32be1011e5c01ef Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Daniel=20P=2E=20Berrang=C3=A9?= +Date: Tue, 10 Jun 2025 13:37:03 +0100 +Subject: [PATCH 25/31] hw/ppc/spapr_tpm_proxy: skip automatic zero-init of + large arrays +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +RH-Author: Stefan Hajnoczi +RH-MergeRequest: 461: Solve -ftrivial-auto-var-init performance regression with QEMU_UNINITIALIZED +RH-Jira: RHEL-99887 +RH-Acked-by: Miroslav Rezanina +RH-Commit: [24/30] a2360ae956c03481af7aceb34d26c7d8ba33a1d7 + +The 'tpm_execute' method has a pair of 4k arrays used for copying +data between guest and host. Skip the automatic zero-init of these +arrays to eliminate the performance overhead in the I/O hot path. + +The two arrays will be fully initialized when reading data from +guest memory or reading data from the proxy FD. + +Signed-off-by: Daniel P. Berrangé +Reviewed-by: Stefan Hajnoczi +Reviewed-by: Klaus Jensen +Reviewed-by: Harsh Prateek Bora +Message-id: 20250610123709.835102-26-berrange@redhat.com +Signed-off-by: Stefan Hajnoczi +(cherry picked from commit 5dd9087fff74b5672526cad254e76f790fb35c7a) +Signed-off-by: Stefan Hajnoczi +--- + hw/ppc/spapr_tpm_proxy.c | 4 ++-- + 1 file changed, 2 insertions(+), 2 deletions(-) + +diff --git a/hw/ppc/spapr_tpm_proxy.c b/hw/ppc/spapr_tpm_proxy.c +index e10af35a18..88833d9e2e 100644 +--- a/hw/ppc/spapr_tpm_proxy.c ++++ b/hw/ppc/spapr_tpm_proxy.c +@@ -41,8 +41,8 @@ static ssize_t tpm_execute(SpaprTpmProxy *tpm_proxy, target_ulong *args) + target_ulong data_in_size = args[2]; + uint64_t data_out = ppc64_phys_to_real(args[3]); + target_ulong data_out_size = args[4]; +- uint8_t buf_in[TPM_SPAPR_BUFSIZE]; +- uint8_t buf_out[TPM_SPAPR_BUFSIZE]; ++ QEMU_UNINITIALIZED uint8_t buf_in[TPM_SPAPR_BUFSIZE]; ++ QEMU_UNINITIALIZED uint8_t buf_out[TPM_SPAPR_BUFSIZE]; + ssize_t ret; + + trace_spapr_tpm_execute(data_in, data_in_size, data_out, data_out_size); +-- +2.39.3 + diff --git a/SOURCES/kvm-hw-scsi-lsi53c895a-skip-automatic-zero-init-of-large.patch b/SOURCES/kvm-hw-scsi-lsi53c895a-skip-automatic-zero-init-of-large.patch new file mode 100644 index 0000000..9eee3af --- /dev/null +++ b/SOURCES/kvm-hw-scsi-lsi53c895a-skip-automatic-zero-init-of-large.patch @@ -0,0 +1,49 @@ +From 3179e7e183295b91e314c32db8697d8cf0947367 Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Daniel=20P=2E=20Berrang=C3=A9?= +Date: Tue, 10 Jun 2025 13:37:05 +0100 +Subject: [PATCH 27/31] hw/scsi/lsi53c895a: skip automatic zero-init of large + array +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +RH-Author: Stefan Hajnoczi +RH-MergeRequest: 461: Solve -ftrivial-auto-var-init performance regression with QEMU_UNINITIALIZED +RH-Jira: RHEL-99887 +RH-Acked-by: Miroslav Rezanina +RH-Commit: [26/30] 92ec0b18f26956767d2f3d0284d712696d60852e + +The 'lsi_memcpy' method has a 4k byte array used for copying data +to/from the device. Skip the automatic zero-init of this array to +eliminate the performance overhead in the I/O hot path. + +The 'buf' array will be fully initialized when data is copied. + +Signed-off-by: Daniel P. Berrangé +Reviewed-by: Stefan Hajnoczi +Reviewed-by: Klaus Jensen +Reviewed-by: Harsh Prateek Bora +Message-id: 20250610123709.835102-28-berrange@redhat.com +Signed-off-by: Stefan Hajnoczi +(cherry picked from commit 55243edf42ee87bce9f36ca251f3ab9cda1563e4) +Signed-off-by: Stefan Hajnoczi +--- + hw/scsi/lsi53c895a.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/hw/scsi/lsi53c895a.c b/hw/scsi/lsi53c895a.c +index f1935e5328..f165705f8a 100644 +--- a/hw/scsi/lsi53c895a.c ++++ b/hw/scsi/lsi53c895a.c +@@ -1112,7 +1112,7 @@ bad: + static void lsi_memcpy(LSIState *s, uint32_t dest, uint32_t src, int count) + { + int n; +- uint8_t buf[LSI_BUF_SIZE]; ++ QEMU_UNINITIALIZED uint8_t buf[LSI_BUF_SIZE]; + + trace_lsi_memcpy(dest, src, count); + while (count) { +-- +2.39.3 + diff --git a/SOURCES/kvm-hw-scsi-megasas-skip-automatic-zero-init-of-large-ar.patch b/SOURCES/kvm-hw-scsi-megasas-skip-automatic-zero-init-of-large-ar.patch new file mode 100644 index 0000000..8260337 --- /dev/null +++ b/SOURCES/kvm-hw-scsi-megasas-skip-automatic-zero-init-of-large-ar.patch @@ -0,0 +1,73 @@ +From 30a938409f664179061b039796354628c714229e Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Daniel=20P=2E=20Berrang=C3=A9?= +Date: Tue, 10 Jun 2025 13:37:06 +0100 +Subject: [PATCH 28/31] hw/scsi/megasas: skip automatic zero-init of large + arrays +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +RH-Author: Stefan Hajnoczi +RH-MergeRequest: 461: Solve -ftrivial-auto-var-init performance regression with QEMU_UNINITIALIZED +RH-Jira: RHEL-99887 +RH-Acked-by: Miroslav Rezanina +RH-Commit: [27/30] 70c3c002601bc54ff81d000092e7be2bdb1eb82a + +The 'megasas_dcmd_pd_get_list' and 'megasas_dcmd_get_properties' +methods have 4k structs used for copying data from the device. +Skip the automatic zero-init of this array to eliminate the +performance overhead in the I/O hot path. + +The 'info' structs are manually initialized with memset(). The +compiler ought to be intelligent enough to turn the memset() +into a static initialization operation, and thus not duplicate +the automatic zero-init. Replacing memset() with '{}' makes it +unambiguous that the arrays are statically initialized. + +Signed-off-by: Daniel P. Berrangé +Reviewed-by: Stefan Hajnoczi +Reviewed-by: Klaus Jensen +Reviewed-by: Harsh Prateek Bora +Message-id: 20250610123709.835102-29-berrange@redhat.com +Signed-off-by: Stefan Hajnoczi +(cherry picked from commit ca0559e2350c618048f7caf80cb79c1259e7cfd2) +Signed-off-by: Stefan Hajnoczi +--- + hw/scsi/megasas.c | 7 ++----- + 1 file changed, 2 insertions(+), 5 deletions(-) + +diff --git a/hw/scsi/megasas.c b/hw/scsi/megasas.c +index 2d0c607177..91b65accbc 100644 +--- a/hw/scsi/megasas.c ++++ b/hw/scsi/megasas.c +@@ -981,13 +981,11 @@ static int megasas_event_wait(MegasasState *s, MegasasCmd *cmd) + + static int megasas_dcmd_pd_get_list(MegasasState *s, MegasasCmd *cmd) + { +- struct mfi_pd_list info; +- size_t dcmd_size = sizeof(info); ++ struct mfi_pd_list info = {}; + BusChild *kid; + uint32_t offset, dcmd_limit, num_pd_disks = 0, max_pd_disks; + dma_addr_t residual; + +- memset(&info, 0, dcmd_size); + offset = 8; + dcmd_limit = offset + sizeof(struct mfi_pd_address); + if (cmd->iov_size < dcmd_limit) { +@@ -1429,11 +1427,10 @@ static int megasas_dcmd_cfg_read(MegasasState *s, MegasasCmd *cmd) + + static int megasas_dcmd_get_properties(MegasasState *s, MegasasCmd *cmd) + { +- struct mfi_ctrl_props info; ++ struct mfi_ctrl_props info = {}; + size_t dcmd_size = sizeof(info); + dma_addr_t residual; + +- memset(&info, 0x0, dcmd_size); + if (cmd->iov_size < dcmd_size) { + trace_megasas_dcmd_invalid_xfer_len(cmd->index, cmd->iov_size, + dcmd_size); +-- +2.39.3 + diff --git a/SOURCES/kvm-hw-ufs-lu-skip-automatic-zero-init-of-large-array.patch b/SOURCES/kvm-hw-ufs-lu-skip-automatic-zero-init-of-large-array.patch new file mode 100644 index 0000000..e9742a4 --- /dev/null +++ b/SOURCES/kvm-hw-ufs-lu-skip-automatic-zero-init-of-large-array.patch @@ -0,0 +1,50 @@ +From 36046b3119eb2338c811f43b2956c3aa787a2e3c Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Daniel=20P=2E=20Berrang=C3=A9?= +Date: Tue, 10 Jun 2025 13:37:07 +0100 +Subject: [PATCH 29/31] hw/ufs/lu: skip automatic zero-init of large array +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +RH-Author: Stefan Hajnoczi +RH-MergeRequest: 461: Solve -ftrivial-auto-var-init performance regression with QEMU_UNINITIALIZED +RH-Jira: RHEL-99887 +RH-Acked-by: Miroslav Rezanina +RH-Commit: [28/30] 4d68ab4596b8fb97106d07e5af11dc3fdcb25e96 + +The 'ufs_emulate_scsi_cmd' method has a 4k byte array used for +copying data from the device. Skip the automatic zero-init of +this array to eliminate the performance overhead in the I/O hot +path. + +The 'outbuf' array will be fully initialized when data is copied +from the guest. + +Signed-off-by: Daniel P. Berrangé +Reviewed-by: Stefan Hajnoczi +Reviewed-by: Klaus Jensen +Reviewed-by: Harsh Prateek Bora +Message-id: 20250610123709.835102-30-berrange@redhat.com +Signed-off-by: Stefan Hajnoczi +(cherry picked from commit 7708e298180550eac262c1fd742e6e80c711a5d8) +Signed-off-by: Stefan Hajnoczi +--- + hw/ufs/lu.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/hw/ufs/lu.c b/hw/ufs/lu.c +index 81bfff9b4e..caad82dcc4 100644 +--- a/hw/ufs/lu.c ++++ b/hw/ufs/lu.c +@@ -194,7 +194,7 @@ static int ufs_emulate_wlun_inquiry(UfsRequest *req, uint8_t *outbuf, + static UfsReqResult ufs_emulate_scsi_cmd(UfsLu *lu, UfsRequest *req) + { + uint8_t lun = lu->lun; +- uint8_t outbuf[4096]; ++ QEMU_UNINITIALIZED uint8_t outbuf[4096]; + uint8_t sense_buf[UFS_SENSE_SIZE]; + uint8_t scsi_status; + int len = 0; +-- +2.39.3 + diff --git a/SOURCES/kvm-hw-usb-hcd-ohci-skip-automatic-zero-init-of-large-ar.patch b/SOURCES/kvm-hw-usb-hcd-ohci-skip-automatic-zero-init-of-large-ar.patch new file mode 100644 index 0000000..6381045 --- /dev/null +++ b/SOURCES/kvm-hw-usb-hcd-ohci-skip-automatic-zero-init-of-large-ar.patch @@ -0,0 +1,50 @@ +From 31886b02875b9d2d61710c14d6cdc0ab20d6dfc5 Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Daniel=20P=2E=20Berrang=C3=A9?= +Date: Tue, 10 Jun 2025 13:37:04 +0100 +Subject: [PATCH 26/31] hw/usb/hcd-ohci: skip automatic zero-init of large + array +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +RH-Author: Stefan Hajnoczi +RH-MergeRequest: 461: Solve -ftrivial-auto-var-init performance regression with QEMU_UNINITIALIZED +RH-Jira: RHEL-99887 +RH-Acked-by: Miroslav Rezanina +RH-Commit: [25/30] a69a9e0467a1b695b7fa07cdf30733b709867bd2 + +The 'ohci_service_iso_td' method has a 8k byte array used for copying +data between guest and host. Skip the automatic zero-init of this +array to eliminate the performance overhead in the I/O hot path. + +The 'buf' array will be fully initialized when reading data from guest +memory. + +Signed-off-by: Daniel P. Berrangé +Reviewed-by: Stefan Hajnoczi +Reviewed-by: Klaus Jensen +Reviewed-by: Harsh Prateek Bora +Message-id: 20250610123709.835102-27-berrange@redhat.com +Signed-off-by: Stefan Hajnoczi +(cherry picked from commit 14997d521d1cd0bb36c902ef1032f0d3f2a3c912) +Signed-off-by: Stefan Hajnoczi +--- + hw/usb/hcd-ohci.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/hw/usb/hcd-ohci.c b/hw/usb/hcd-ohci.c +index 71b54914d3..72a9f9f474 100644 +--- a/hw/usb/hcd-ohci.c ++++ b/hw/usb/hcd-ohci.c +@@ -577,7 +577,7 @@ static int ohci_service_iso_td(OHCIState *ohci, struct ohci_ed *ed) + USBDevice *dev; + USBEndpoint *ep; + USBPacket *pkt; +- uint8_t buf[8192]; ++ QEMU_UNINITIALIZED uint8_t buf[8192]; + bool int_req; + struct ohci_iso_td iso_td; + uint32_t addr; +-- +2.39.3 + diff --git a/SOURCES/kvm-hw-virtio-virtio-avoid-cost-of-ftrivial-auto-var-ini.patch b/SOURCES/kvm-hw-virtio-virtio-avoid-cost-of-ftrivial-auto-var-ini.patch new file mode 100644 index 0000000..631abc7 --- /dev/null +++ b/SOURCES/kvm-hw-virtio-virtio-avoid-cost-of-ftrivial-auto-var-ini.patch @@ -0,0 +1,73 @@ +From ea242d728ed1716602b4cdd01d3fabb5ab260781 Mon Sep 17 00:00:00 2001 +From: Stefan Hajnoczi +Date: Tue, 10 Jun 2025 13:36:40 +0100 +Subject: [PATCH 03/31] hw/virtio/virtio: avoid cost of -ftrivial-auto-var-init + in hot path +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +RH-Author: Stefan Hajnoczi +RH-MergeRequest: 461: Solve -ftrivial-auto-var-init performance regression with QEMU_UNINITIALIZED +RH-Jira: RHEL-99887 +RH-Acked-by: Miroslav Rezanina +RH-Commit: [2/30] a90fb4e14c182ace7a28c8335858895b4257f37b + +Since commit 7ff9ff039380 ("meson: mitigate against use of uninitialize +stack for exploits") the -ftrivial-auto-var-init=zero compiler option is +used to zero local variables. While this reduces security risks +associated with uninitialized stack data, it introduced a measurable +bottleneck in the virtqueue_split_pop() and virtqueue_packed_pop() +functions. + +These virtqueue functions are in the hot path. They are called for each +element (request) that is popped from a VIRTIO device's virtqueue. Using +__attribute__((uninitialized)) on large stack variables in these +functions improves fio randread bs=4k iodepth=64 performance from 304k +to 332k IOPS (+9%). + +This issue was found using perf-top(1). virtqueue_split_pop() was one of +the top CPU consumers and the "annotate" feature showed that the memory +zeroing instructions at the beginning of the functions were hot. + +Fixes: 7ff9ff039380 ("meson: mitigate against use of uninitialize stack for exploits") +Cc: Daniel P. Berrangé +Signed-off-by: Stefan Hajnoczi +Reviewed-by: Stefan Hajnoczi +Message-id: 20250610123709.835102-3-berrange@redhat.com +Signed-off-by: Stefan Hajnoczi +(cherry picked from commit ba2868ce091cd4abe4be6de4b7e44b3be303b352) +Signed-off-by: Stefan Hajnoczi +--- + hw/virtio/virtio.c | 8 ++++---- + 1 file changed, 4 insertions(+), 4 deletions(-) + +diff --git a/hw/virtio/virtio.c b/hw/virtio/virtio.c +index 10f24a58dd..7f7b178a50 100644 +--- a/hw/virtio/virtio.c ++++ b/hw/virtio/virtio.c +@@ -1680,8 +1680,8 @@ static void *virtqueue_split_pop(VirtQueue *vq, size_t sz) + VirtIODevice *vdev = vq->vdev; + VirtQueueElement *elem = NULL; + unsigned out_num, in_num, elem_entries; +- hwaddr addr[VIRTQUEUE_MAX_SIZE]; +- struct iovec iov[VIRTQUEUE_MAX_SIZE]; ++ hwaddr QEMU_UNINITIALIZED addr[VIRTQUEUE_MAX_SIZE]; ++ struct iovec QEMU_UNINITIALIZED iov[VIRTQUEUE_MAX_SIZE]; + VRingDesc desc; + int rc; + +@@ -1826,8 +1826,8 @@ static void *virtqueue_packed_pop(VirtQueue *vq, size_t sz) + VirtIODevice *vdev = vq->vdev; + VirtQueueElement *elem = NULL; + unsigned out_num, in_num, elem_entries; +- hwaddr addr[VIRTQUEUE_MAX_SIZE]; +- struct iovec iov[VIRTQUEUE_MAX_SIZE]; ++ hwaddr QEMU_UNINITIALIZED addr[VIRTQUEUE_MAX_SIZE]; ++ struct iovec QEMU_UNINITIALIZED iov[VIRTQUEUE_MAX_SIZE]; + VRingPackedDesc desc; + uint16_t id; + int rc; +-- +2.39.3 + diff --git a/SOURCES/kvm-include-qemu-compiler-add-QEMU_UNINITIALIZED-attribu.patch b/SOURCES/kvm-include-qemu-compiler-add-QEMU_UNINITIALIZED-attribu.patch new file mode 100644 index 0000000..b732a76 --- /dev/null +++ b/SOURCES/kvm-include-qemu-compiler-add-QEMU_UNINITIALIZED-attribu.patch @@ -0,0 +1,80 @@ +From 73f85b945f09ae118f2c1479110f2e34906e084b Mon Sep 17 00:00:00 2001 +From: Stefan Hajnoczi +Date: Tue, 10 Jun 2025 13:36:39 +0100 +Subject: [PATCH 02/31] include/qemu/compiler: add QEMU_UNINITIALIZED attribute + macro +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +RH-Author: Stefan Hajnoczi +RH-MergeRequest: 461: Solve -ftrivial-auto-var-init performance regression with QEMU_UNINITIALIZED +RH-Jira: RHEL-99887 +RH-Acked-by: Miroslav Rezanina +RH-Commit: [1/30] 6b6151625fdf6636cbf352731906f643e2fbfd35 + +The QEMU_UNINITIALIZED macro is to be used to skip the default compiler +variable initialization done by -ftrivial-auto-var-init=zero. + +Use this in cases where there a method in the device I/O path (or other +important hot paths), that has large variables on the stack. A rule of +thumb is that "large" means a method with 4kb data in the local stack +frame. Any variables which are KB in size, should be annotated with this +attribute, to pre-emptively eliminate any potential overhead from the +compiler zero'ing memory. + +Given that this turns off a security hardening feature, when using this +to flag variables, it is important that the code is double-checked to +ensure there is no possible use of uninitialized data in the method. + +Signed-off-by: Stefan Hajnoczi +Reviewed-by: Stefan Hajnoczi +Signed-off-by: Daniel P. Berrangé +Message-id: 20250610123709.835102-2-berrange@redhat.com +[DB: split off patch & rewrite guidance on when to use the annotation] +Signed-off-by: Daniel P. Berrangé +Signed-off-by: Stefan Hajnoczi +(cherry picked from commit c653b67d1863b7ebfa67f7c9f4aec209d7b5ced5) +Signed-off-by: Stefan Hajnoczi + +Conflicts: + include/qemu/compiler.h + Context conflict due to clang Thread Safety Analysis macros. +--- + include/qemu/compiler.h | 20 ++++++++++++++++++++ + 1 file changed, 20 insertions(+) + +diff --git a/include/qemu/compiler.h b/include/qemu/compiler.h +index c06954ccb4..cc193d5b82 100644 +--- a/include/qemu/compiler.h ++++ b/include/qemu/compiler.h +@@ -212,6 +212,26 @@ + # define QEMU_USED + #endif + ++/* ++ * Disable -ftrivial-auto-var-init on a local variable. ++ * ++ * Use this in cases where there a method in the device I/O path (or other ++ * important hot paths), that has large variables on the stack. A rule of ++ * thumb is that "large" means a method with 4kb data in the local stack ++ * frame. Any variables which are KB in size, should be annotated with this ++ * attribute, to pre-emptively eliminate any potential overhead from the ++ * compiler's implicit zero'ing of memory. ++ * ++ * Given that this turns off a security hardening feature, when using this ++ * to flag variables, it is important that the code is double-checked to ++ * ensure there is no possible use of uninitialized data in the method. ++ */ ++#if __has_attribute(uninitialized) ++# define QEMU_UNINITIALIZED __attribute__((uninitialized)) ++#else ++# define QEMU_UNINITIALIZED ++#endif ++ + /* + * Ugly CPP trick that is like "defined FOO", but also works in C + * code. Useful to replace #ifdef with "if" statements; assumes +-- +2.39.3 + diff --git a/SOURCES/kvm-net-socket-skip-automatic-zero-init-of-large-array.patch b/SOURCES/kvm-net-socket-skip-automatic-zero-init-of-large-array.patch new file mode 100644 index 0000000..0ecc437 --- /dev/null +++ b/SOURCES/kvm-net-socket-skip-automatic-zero-init-of-large-array.patch @@ -0,0 +1,49 @@ +From 9a941183c365f4c6698c46aa13594e9bb360e8e9 Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Daniel=20P=2E=20Berrang=C3=A9?= +Date: Tue, 10 Jun 2025 13:37:08 +0100 +Subject: [PATCH 30/31] net/socket: skip automatic zero-init of large array +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +RH-Author: Stefan Hajnoczi +RH-MergeRequest: 461: Solve -ftrivial-auto-var-init performance regression with QEMU_UNINITIALIZED +RH-Jira: RHEL-99887 +RH-Acked-by: Miroslav Rezanina +RH-Commit: [29/30] e7f35ae85a0ca50367487b1e7ed92b395b247cda + +The 'net_socket_send' method has a 68k byte array used for copying +data between guest and host. Skip the automatic zero-init of this +array to eliminate the performance overhead in the I/O hot path. + +The 'buf1' array will be fully initialized when reading data off +the network socket. + +Signed-off-by: Daniel P. Berrangé +Reviewed-by: Stefan Hajnoczi +Reviewed-by: Klaus Jensen +Reviewed-by: Harsh Prateek Bora +Message-id: 20250610123709.835102-31-berrange@redhat.com +Signed-off-by: Stefan Hajnoczi +(cherry picked from commit 751b0e79f1e0e7f88fad2fe2f22595ad03d78859) +Signed-off-by: Stefan Hajnoczi +--- + net/socket.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/net/socket.c b/net/socket.c +index 8e3702e1f3..784dda686f 100644 +--- a/net/socket.c ++++ b/net/socket.c +@@ -157,7 +157,7 @@ static void net_socket_send(void *opaque) + NetSocketState *s = opaque; + int size; + int ret; +- uint8_t buf1[NET_BUFSIZE]; ++ QEMU_UNINITIALIZED uint8_t buf1[NET_BUFSIZE]; + const uint8_t *buf; + + size = recv(s->fd, buf1, sizeof(buf1), 0); +-- +2.39.3 + diff --git a/SOURCES/kvm-net-stream-skip-automatic-zero-init-of-large-array.patch b/SOURCES/kvm-net-stream-skip-automatic-zero-init-of-large-array.patch new file mode 100644 index 0000000..75c2aa8 --- /dev/null +++ b/SOURCES/kvm-net-stream-skip-automatic-zero-init-of-large-array.patch @@ -0,0 +1,49 @@ +From 790b862712841e4b363874e00f4da993ae045a53 Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Daniel=20P=2E=20Berrang=C3=A9?= +Date: Tue, 10 Jun 2025 13:37:09 +0100 +Subject: [PATCH 31/31] net/stream: skip automatic zero-init of large array +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +RH-Author: Stefan Hajnoczi +RH-MergeRequest: 461: Solve -ftrivial-auto-var-init performance regression with QEMU_UNINITIALIZED +RH-Jira: RHEL-99887 +RH-Acked-by: Miroslav Rezanina +RH-Commit: [30/30] 005a9dfc74c8fed3d1aa2e0cdc0473f67f888249 + +The 'net_stream_send' method has a 68k byte array used for copying +data between guest and host. Skip the automatic zero-init of this +array to eliminate the performance overhead in the I/O hot path. + +The 'buf1' array will be fully initialized when reading data off +the network socket. + +Signed-off-by: Daniel P. Berrangé +Reviewed-by: Stefan Hajnoczi +Reviewed-by: Klaus Jensen +Reviewed-by: Harsh Prateek Bora +Message-id: 20250610123709.835102-32-berrange@redhat.com +Signed-off-by: Stefan Hajnoczi +(cherry picked from commit 837b87c4c5ba9ac7a255133c6642b8d578272a70) +Signed-off-by: Stefan Hajnoczi +--- + net/stream.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/net/stream.c b/net/stream.c +index 97e6ec6679..12384ffee5 100644 +--- a/net/stream.c ++++ b/net/stream.c +@@ -148,7 +148,7 @@ static gboolean net_stream_send(QIOChannel *ioc, + NetStreamState *s = data; + int size; + int ret; +- char buf1[NET_BUFSIZE]; ++ QEMU_UNINITIALIZED char buf1[NET_BUFSIZE]; + const char *buf; + + size = qio_channel_read(s->ioc, buf1, sizeof(buf1), NULL); +-- +2.39.3 + diff --git a/SOURCES/kvm-ui-vnc-Update-display-update-interval-when-VM-state-.patch b/SOURCES/kvm-ui-vnc-Update-display-update-interval-when-VM-state-.patch new file mode 100644 index 0000000..bec1913 --- /dev/null +++ b/SOURCES/kvm-ui-vnc-Update-display-update-interval-when-VM-state-.patch @@ -0,0 +1,97 @@ +From e2931430d3f10dd521e6b4cc7505842fbc8296ec Mon Sep 17 00:00:00 2001 +From: Juraj Marcin +Date: Wed, 21 May 2025 17:16:13 +0200 +Subject: [PATCH 01/31] ui/vnc: Update display update interval when VM state + changes to RUNNING +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +RH-Author: Juraj Marcin +RH-MergeRequest: 463: ui/vnc: Update display update interval when VM state changes to RUNNING +RH-Jira: RHEL-100767 +RH-Acked-by: Peter Xu +RH-Acked-by: Marc-André Lureau +RH-Commit: [1/1] 60b1a7921296e82b616d055691fe8ac0f2e283b1 + +If a virtual machine is paused for an extended period time, for example, +due to an incoming migration, there are also no changes on the screen. +VNC in such case increases the display update interval by +VNC_REFRESH_INTERVAL_INC (50 ms). The update interval can then grow up +to VNC_REFRESH_INTERVAL_MAX (3000 ms). + +When the machine resumes, it can then take up to 3 seconds for the first +display update. Furthermore, the update interval is then halved with +each display update with changes on the screen. If there are moving +elements on the screen, such as a video, this can be perceived as +freezing and stuttering for few seconds before the movement is smooth +again. + +This patch resolves this issue, by adding a listener to VM state changes +and changing the update interval when the VM state changes to RUNNING. +The update_displaychangelistener() function updates the internal timer, +and the display is refreshed immediately if the timer is expired. + +Signed-off-by: Juraj Marcin +Reviewed-by: Marc-André Lureau +Reviewed-by: Peter Xu +Reviewed-by: Daniel P. Berrangé +Link: https://lore.kernel.org/r/20250521151616.3951178-1-jmarcin@redhat.com +Signed-off-by: Peter Xu + +(cherry picked from commit 0310d594d98b39f9dde79b87fd8b0ad16e7c5459) + +JIRA: https://issues.redhat.com/browse/RHEL-100767 + +Signed-off-by: Juraj Marcin +--- + ui/vnc.c | 12 ++++++++++++ + ui/vnc.h | 2 ++ + 2 files changed, 14 insertions(+) + +diff --git a/ui/vnc.c b/ui/vnc.c +index 5057ec8680..4afc925a18 100644 +--- a/ui/vnc.c ++++ b/ui/vnc.c +@@ -3386,6 +3386,16 @@ static const DisplayChangeListenerOps dcl_ops = { + .dpy_cursor_define = vnc_dpy_cursor_define, + }; + ++static void vmstate_change_handler(void *opaque, bool running, RunState state) ++{ ++ VncDisplay *vd = opaque; ++ ++ if (state != RUN_STATE_RUNNING) { ++ return; ++ } ++ update_displaychangelistener(&vd->dcl, VNC_REFRESH_INTERVAL_BASE); ++} ++ + void vnc_display_init(const char *id, Error **errp) + { + VncDisplay *vd; +@@ -3422,6 +3432,8 @@ void vnc_display_init(const char *id, Error **errp) + vd->dcl.ops = &dcl_ops; + register_displaychangelistener(&vd->dcl); + vd->kbd = qkbd_state_init(vd->dcl.con); ++ vd->vmstate_handler_entry = qemu_add_vm_change_state_handler( ++ &vmstate_change_handler, vd); + } + + +diff --git a/ui/vnc.h b/ui/vnc.h +index e5fa2efa3e..e9da707dbc 100644 +--- a/ui/vnc.h ++++ b/ui/vnc.h +@@ -186,6 +186,8 @@ struct VncDisplay + #endif + + AudioState *audio_state; ++ ++ VMChangeStateEntry *vmstate_handler_entry; + }; + + typedef struct VncTight { +-- +2.39.3 + diff --git a/SPECS/qemu-kvm.spec b/SPECS/qemu-kvm.spec index 8e6d6ca..15b03f2 100644 --- a/SPECS/qemu-kvm.spec +++ b/SPECS/qemu-kvm.spec @@ -149,7 +149,7 @@ Obsoletes: %{name}-block-ssh <= %{epoch}:%{version} \ Summary: QEMU is a machine emulator and virtualizer Name: qemu-kvm Version: 9.1.0 -Release: 15%{?rcrel}%{?dist}%{?cc_suffix}.4 +Release: 15%{?rcrel}%{?dist}%{?cc_suffix}.7 # Epoch because we pushed a qemu-1.0 package. AIUI this can't ever be dropped # Epoch 15 used for RHEL 8 # Epoch 17 used for RHEL 9 (due to release versioning offset in RHEL 8.5) @@ -475,6 +475,74 @@ Patch151: kvm-file-posix-probe-discard-alignment-on-Linux-block-de.patch Patch152: kvm-block-io-skip-head-tail-requests-on-EINVAL.patch # For RHEL-87734 - QEMU sends unaligned discards on 4K devices [rhel-9.6.z] Patch153: kvm-file-posix-Fix-crash-on-discard_granularity-0.patch +# For RHEL-92077 - Fix x86 M-type compats [rhel-9.6.z] +Patch154: kvm-hw-i386-Fix-machine-type-compatibility.patch +# For RHEL-95407 - Support multipath failover with scsi-block [rhel-9.6.z] +Patch155: kvm-file-posix-Define-DM_MPATH_PROBE_PATHS.patch +# For RHEL-95407 - Support multipath failover with scsi-block [rhel-9.6.z] +Patch156: kvm-file-posix-Probe-paths-and-retry-SG_IO-on-potential-.patch +# For RHEL-100767 - Video stuck after switchover phase when play one video during migration [rhel-9.6.z] +Patch157: kvm-ui-vnc-Update-display-update-interval-when-VM-state-.patch +# For RHEL-99887 - -ftrivial-auto-var-init=zero reduced performance [rhel-9.6.z] +Patch158: kvm-include-qemu-compiler-add-QEMU_UNINITIALIZED-attribu.patch +# For RHEL-99887 - -ftrivial-auto-var-init=zero reduced performance [rhel-9.6.z] +Patch159: kvm-hw-virtio-virtio-avoid-cost-of-ftrivial-auto-var-ini.patch +# For RHEL-99887 - -ftrivial-auto-var-init=zero reduced performance [rhel-9.6.z] +Patch160: kvm-block-skip-automatic-zero-init-of-large-array-in-ioq.patch +# For RHEL-99887 - -ftrivial-auto-var-init=zero reduced performance [rhel-9.6.z] +Patch161: kvm-chardev-char-fd-skip-automatic-zero-init-of-large-ar.patch +# For RHEL-99887 - -ftrivial-auto-var-init=zero reduced performance [rhel-9.6.z] +Patch162: kvm-chardev-char-pty-skip-automatic-zero-init-of-large-a.patch +# For RHEL-99887 - -ftrivial-auto-var-init=zero reduced performance [rhel-9.6.z] +Patch163: kvm-chardev-char-socket-skip-automatic-zero-init-of-larg.patch +# For RHEL-99887 - -ftrivial-auto-var-init=zero reduced performance [rhel-9.6.z] +Patch164: kvm-hw-audio-ac97-skip-automatic-zero-init-of-large-arra.patch +# For RHEL-99887 - -ftrivial-auto-var-init=zero reduced performance [rhel-9.6.z] +Patch165: kvm-hw-audio-cs4231a-skip-automatic-zero-init-of-large-a.patch +# For RHEL-99887 - -ftrivial-auto-var-init=zero reduced performance [rhel-9.6.z] +Patch166: kvm-hw-audio-es1370-skip-automatic-zero-init-of-large-ar.patch +# For RHEL-99887 - -ftrivial-auto-var-init=zero reduced performance [rhel-9.6.z] +Patch167: kvm-hw-audio-gus-skip-automatic-zero-init-of-large-array.patch +# For RHEL-99887 - -ftrivial-auto-var-init=zero reduced performance [rhel-9.6.z] +Patch168: kvm-hw-audio-marvell_88w8618-skip-automatic-zero-init-of.patch +# For RHEL-99887 - -ftrivial-auto-var-init=zero reduced performance [rhel-9.6.z] +Patch169: kvm-hw-audio-sb16-skip-automatic-zero-init-of-large-arra.patch +# For RHEL-99887 - -ftrivial-auto-var-init=zero reduced performance [rhel-9.6.z] +Patch170: kvm-hw-audio-via-ac97-skip-automatic-zero-init-of-large-.patch +# For RHEL-99887 - -ftrivial-auto-var-init=zero reduced performance [rhel-9.6.z] +Patch171: kvm-hw-char-sclpconsole-lm-skip-automatic-zero-init-of-l.patch +# For RHEL-99887 - -ftrivial-auto-var-init=zero reduced performance [rhel-9.6.z] +Patch172: kvm-hw-dma-xlnx_csu_dma-skip-automatic-zero-init-of-larg.patch +# For RHEL-99887 - -ftrivial-auto-var-init=zero reduced performance [rhel-9.6.z] +Patch173: kvm-hw-display-vmware_vga-skip-automatic-zero-init-of-la.patch +# For RHEL-99887 - -ftrivial-auto-var-init=zero reduced performance [rhel-9.6.z] +Patch174: kvm-hw-hyperv-syndbg-skip-automatic-zero-init-of-large-a.patch +# For RHEL-99887 - -ftrivial-auto-var-init=zero reduced performance [rhel-9.6.z] +Patch175: kvm-hw-misc-aspeed_hace-skip-automatic-zero-init-of-larg.patch +# For RHEL-99887 - -ftrivial-auto-var-init=zero reduced performance [rhel-9.6.z] +Patch176: kvm-hw-net-rtl8139-skip-automatic-zero-init-of-large-arr.patch +# For RHEL-99887 - -ftrivial-auto-var-init=zero reduced performance [rhel-9.6.z] +Patch177: kvm-hw-net-tulip-skip-automatic-zero-init-of-large-array.patch +# For RHEL-99887 - -ftrivial-auto-var-init=zero reduced performance [rhel-9.6.z] +Patch178: kvm-hw-net-virtio-net-skip-automatic-zero-init-of-large-.patch +# For RHEL-99887 - -ftrivial-auto-var-init=zero reduced performance [rhel-9.6.z] +Patch179: kvm-hw-net-xgamc-skip-automatic-zero-init-of-large-array.patch +# For RHEL-99887 - -ftrivial-auto-var-init=zero reduced performance [rhel-9.6.z] +Patch180: kvm-hw-nvme-ctrl-skip-automatic-zero-init-of-large-array.patch +# For RHEL-99887 - -ftrivial-auto-var-init=zero reduced performance [rhel-9.6.z] +Patch181: kvm-hw-ppc-spapr_tpm_proxy-skip-automatic-zero-init-of-l.patch +# For RHEL-99887 - -ftrivial-auto-var-init=zero reduced performance [rhel-9.6.z] +Patch182: kvm-hw-usb-hcd-ohci-skip-automatic-zero-init-of-large-ar.patch +# For RHEL-99887 - -ftrivial-auto-var-init=zero reduced performance [rhel-9.6.z] +Patch183: kvm-hw-scsi-lsi53c895a-skip-automatic-zero-init-of-large.patch +# For RHEL-99887 - -ftrivial-auto-var-init=zero reduced performance [rhel-9.6.z] +Patch184: kvm-hw-scsi-megasas-skip-automatic-zero-init-of-large-ar.patch +# For RHEL-99887 - -ftrivial-auto-var-init=zero reduced performance [rhel-9.6.z] +Patch185: kvm-hw-ufs-lu-skip-automatic-zero-init-of-large-array.patch +# For RHEL-99887 - -ftrivial-auto-var-init=zero reduced performance [rhel-9.6.z] +Patch186: kvm-net-socket-skip-automatic-zero-init-of-large-array.patch +# For RHEL-99887 - -ftrivial-auto-var-init=zero reduced performance [rhel-9.6.z] +Patch187: kvm-net-stream-skip-automatic-zero-init-of-large-array.patch %if %{have_clang} BuildRequires: clang @@ -1541,6 +1609,54 @@ useradd -r -u 107 -g qemu -G kvm -d / -s /sbin/nologin \ %endif %changelog +* Fri Jul 04 2025 Miroslav Rezanina - 9.1.0-15.el9_6.7 +- kvm-ui-vnc-Update-display-update-interval-when-VM-state-.patch [RHEL-100767] +- kvm-include-qemu-compiler-add-QEMU_UNINITIALIZED-attribu.patch [RHEL-99887] +- kvm-hw-virtio-virtio-avoid-cost-of-ftrivial-auto-var-ini.patch [RHEL-99887] +- kvm-block-skip-automatic-zero-init-of-large-array-in-ioq.patch [RHEL-99887] +- kvm-chardev-char-fd-skip-automatic-zero-init-of-large-ar.patch [RHEL-99887] +- kvm-chardev-char-pty-skip-automatic-zero-init-of-large-a.patch [RHEL-99887] +- kvm-chardev-char-socket-skip-automatic-zero-init-of-larg.patch [RHEL-99887] +- kvm-hw-audio-ac97-skip-automatic-zero-init-of-large-arra.patch [RHEL-99887] +- kvm-hw-audio-cs4231a-skip-automatic-zero-init-of-large-a.patch [RHEL-99887] +- kvm-hw-audio-es1370-skip-automatic-zero-init-of-large-ar.patch [RHEL-99887] +- kvm-hw-audio-gus-skip-automatic-zero-init-of-large-array.patch [RHEL-99887] +- kvm-hw-audio-marvell_88w8618-skip-automatic-zero-init-of.patch [RHEL-99887] +- kvm-hw-audio-sb16-skip-automatic-zero-init-of-large-arra.patch [RHEL-99887] +- kvm-hw-audio-via-ac97-skip-automatic-zero-init-of-large-.patch [RHEL-99887] +- kvm-hw-char-sclpconsole-lm-skip-automatic-zero-init-of-l.patch [RHEL-99887] +- kvm-hw-dma-xlnx_csu_dma-skip-automatic-zero-init-of-larg.patch [RHEL-99887] +- kvm-hw-display-vmware_vga-skip-automatic-zero-init-of-la.patch [RHEL-99887] +- kvm-hw-hyperv-syndbg-skip-automatic-zero-init-of-large-a.patch [RHEL-99887] +- kvm-hw-misc-aspeed_hace-skip-automatic-zero-init-of-larg.patch [RHEL-99887] +- kvm-hw-net-rtl8139-skip-automatic-zero-init-of-large-arr.patch [RHEL-99887] +- kvm-hw-net-tulip-skip-automatic-zero-init-of-large-array.patch [RHEL-99887] +- kvm-hw-net-virtio-net-skip-automatic-zero-init-of-large-.patch [RHEL-99887] +- kvm-hw-net-xgamc-skip-automatic-zero-init-of-large-array.patch [RHEL-99887] +- kvm-hw-nvme-ctrl-skip-automatic-zero-init-of-large-array.patch [RHEL-99887] +- kvm-hw-ppc-spapr_tpm_proxy-skip-automatic-zero-init-of-l.patch [RHEL-99887] +- kvm-hw-usb-hcd-ohci-skip-automatic-zero-init-of-large-ar.patch [RHEL-99887] +- kvm-hw-scsi-lsi53c895a-skip-automatic-zero-init-of-large.patch [RHEL-99887] +- kvm-hw-scsi-megasas-skip-automatic-zero-init-of-large-ar.patch [RHEL-99887] +- kvm-hw-ufs-lu-skip-automatic-zero-init-of-large-array.patch [RHEL-99887] +- kvm-net-socket-skip-automatic-zero-init-of-large-array.patch [RHEL-99887] +- kvm-net-stream-skip-automatic-zero-init-of-large-array.patch [RHEL-99887] +- Resolves: RHEL-100767 + (Video stuck after switchover phase when play one video during migration [rhel-9.6.z]) +- Resolves: RHEL-99887 + (-ftrivial-auto-var-init=zero reduced performance [rhel-9.6.z]) + +* Mon Jun 09 2025 Jon Maloy - 9.1.0-15.el9_6.6 +- kvm-file-posix-Define-DM_MPATH_PROBE_PATHS.patch [RHEL-95407] +- kvm-file-posix-Probe-paths-and-retry-SG_IO-on-potential-.patch [RHEL-95407] +- Resolves: RHEL-95407 + (Support multipath failover with scsi-block [rhel-9.6.z]) + +* Mon May 26 2025 Jon Maloy - 9.1.0-15.el9_6.5 +- kvm-hw-i386-Fix-machine-type-compatibility.patch [RHEL-92077] +- Resolves: RHEL-92077 + (Fix x86 M-type compats [rhel-9.6.z]) + * Mon May 05 2025 Jon Maloy - 9.1.0-15.el9_6.4 - kvm-file-posix-probe-discard-alignment-on-Linux-block-de.patch [RHEL-87734] - kvm-block-io-skip-head-tail-requests-on-EINVAL.patch [RHEL-87734]