block/rbd: fix memory leak in qemu_rbd_co_create_opts()
When we allocate 'q_namespace', we forgot to set 'has_q_namespace'
to true. This can cause several issues, including a memory leak,
since qapi_free_BlockdevCreateOptions() does not deallocate that
memory, as reported by valgrind:
13 bytes in 1 blocks are definitely lost in loss record 7 of 96
at 0x4839809: malloc (vg_replace_malloc.c:307)
by 0x48CEBB8: g_malloc (in /usr/lib64/libglib-2.0.so.0.6600.8)
by 0x48E3FE3: g_strdup (in /usr/lib64/libglib-2.0.so.0.6600.8)
by 0x180010: qemu_rbd_co_create_opts (rbd.c:446)
by 0x1AE72C: bdrv_create_co_entry (block.c:492)
by 0x241902: coroutine_trampoline (coroutine-ucontext.c:173)
by 0x57530AF: ??? (in /usr/lib64/libc-2.32.so)
by 0x1FFEFFFA6F: ???
Fix setting 'has_q_namespace' to true when we allocate 'q_namespace'.
Fixes: 19ae9ae014 ("block/rbd: Add support for ceph namespaces") Signed-off-by: Stefano Garzarella <sgarzare@redhat.com>
Message-Id: <20210329150129.121182-3-sgarzare@redhat.com> Reviewed-by: Markus Armbruster <armbru@redhat.com> Reviewed-by: Max Reitz <mreitz@redhat.com> Signed-off-by: Kevin Wolf <kwolf@redhat.com>
In qemu_rbd_connect(), 'mon_host' is allocated by qemu_rbd_mon_host()
using g_strjoinv(), but it's only freed in the error path, leaking
memory in the success path as reported by valgrind:
80 bytes in 4 blocks are definitely lost in loss record 5,028 of 6,516
at 0x4839809: malloc (vg_replace_malloc.c:307)
by 0x5315BB8: g_malloc (in /usr/lib64/libglib-2.0.so.0.6600.8)
by 0x532B6FF: g_strjoinv (in /usr/lib64/libglib-2.0.so.0.6600.8)
by 0x87D07E: qemu_rbd_mon_host (rbd.c:538)
by 0x87D07E: qemu_rbd_connect (rbd.c:562)
by 0x87E1CE: qemu_rbd_open (rbd.c:740)
by 0x840EB1: bdrv_open_driver (block.c:1528)
by 0x8453A9: bdrv_open_common (block.c:1802)
by 0x8453A9: bdrv_open_inherit (block.c:3444)
by 0x8464C2: bdrv_open (block.c:3537)
by 0x8108CD: qmp_blockdev_add (blockdev.c:3569)
by 0x8EA61B: qmp_marshal_blockdev_add (qapi-commands-block-core.c:1086)
by 0x90B528: do_qmp_dispatch_bh (qmp-dispatch.c:131)
by 0x907EA4: aio_bh_poll (async.c:164)
Fix freeing 'mon_host' also when qemu_rbd_connect() ends correctly.
Fixes: 0a55679b4a5061f4d74bdb1a0e81611ba3390b00 Signed-off-by: Stefano Garzarella <sgarzare@redhat.com>
Message-Id: <20210329150129.121182-2-sgarzare@redhat.com> Reviewed-by: Markus Armbruster <armbru@redhat.com> Reviewed-by: Max Reitz <mreitz@redhat.com> Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Peter Maydell [Thu, 8 Apr 2021 15:45:31 +0000 (16:45 +0100)]
Merge remote-tracking branch 'remotes/jasowang/tags/net-pull-request' into staging
# gpg: Signature made Thu 08 Apr 2021 10:34:24 BST
# gpg: using RSA key EF04965B398D6211
# gpg: Good signature from "Jason Wang (Jason Wang on RedHat) <jasowang@redhat.com>" [marginal]
# gpg: WARNING: This key is not certified with sufficiently trusted signatures!
# gpg: It is not certain that the signature belongs to the owner.
# Primary key fingerprint: 215D 46F4 8246 689E C77F 3562 EF04 965B 398D 6211
* remotes/jasowang/tags/net-pull-request:
tap-win32: correctly recycle buffers
Revert "qapi: net: Add query-netdev command"
Revert "tests: Add tests for query-netdev command"
Revert "net: Move NetClientState.info_str to dynamic allocations"
Revert "hmp: Use QAPI NetdevInfo in hmp_info_network"
Revert "net: Do not fill legacy info_str for backends"
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Peter Maydell [Thu, 8 Apr 2021 10:39:53 +0000 (11:39 +0100)]
Merge remote-tracking branch 'remotes/stsquad/tags/pull-6.0-rc2-fixes-060421-1' into staging
Testing updates:
- fix x86_64 cross compilers
- don't use registry for non-x86 containers
- add valid host types for given cross compile containers
- clean up i386 code16 test with explicit -no-pie
- relax sha1.py gdbstub test
- add more gdbstub documentation
- remove annoying warning on gitlab
- test dtrace backend in gitlab
# gpg: Signature made Tue 06 Apr 2021 15:55:53 BST
# gpg: using RSA key 6685AE99E75167BCAFC8DF35FBD0DB095A9E2A44
# gpg: Good signature from "Alex Bennée (Master Work Key) <alex.bennee@linaro.org>" [full]
# Primary key fingerprint: 6685 AE99 E751 67BC AFC8 DF35 FBD0 DB09 5A9E 2A44
* remotes/stsquad/tags/pull-6.0-rc2-fixes-060421-1:
gitlab-ci.yml: Test the dtrace backend in one of the jobs
gitlab-ci.yml: Fix the filtering for the git submodules
docs/system/gdb.rst: Document how to debug multicore machines
docs/system/gdb.rst: Add some more heading structure
tests/tcg: relax the next step precision of the gdb sha1 test
tests/tcg/i386: force -fno-pie for test-i386
tests/tcg/i386: expand .data sections for system tests
tests/tcg/configure.sh: make sure we pick up x86_64 cross compilers
tests/tcg: add concept of container_hosts
tests/docker: don't set DOCKER_REGISTRY on non-x86_64
tests/tcg: update the defaults for x86 compilers
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Jason Wang [Fri, 26 Mar 2021 08:46:43 +0000 (16:46 +0800)]
tap-win32: correctly recycle buffers
Commit 969e50b61a28 ("net: Pad short frames to minimum size before
sending from SLiRP/TAP") tries to pad frames but try to recyle the
local array that is used for padding to tap thread. This patch fixes
this by recyling the original buffer.
Fixes: 969e50b61a28 ("net: Pad short frames to minimum size before sending from SLiRP/TAP") Tested-by: Howard Spoelstra <hsp.cat7@gmail.com> Tested-by: Bin Meng <bmeng.cn@gmail.com> Reviewed-by: Bin Meng <bmeng.cn@gmail.com> Signed-off-by: Jason Wang <jasowang@redhat.com>
Jason Wang [Fri, 2 Apr 2021 03:03:33 +0000 (11:03 +0800)]
Revert "net: Move NetClientState.info_str to dynamic allocations"
Several issues has been reported for query-netdev info
series. Consider it's late in the rc, this reverts commit
commit 59b5437eb732d6b103a9bc279c3482c834d1eff9.
Hyman Huang(黄勇) [Tue, 23 Mar 2021 15:43:58 +0000 (23:43 +0800)]
tests/migration: fix parameter of auto-converge migration
when execute the following test command:
$ ./guestperf-batch.py --auto-converge \
--auto-converge-step {percent} ...
test aborts and error message be throwed as the following:
"Parameter 'x-cpu-throttle-increment' is unexpected"
The reason is that 'x-cpu-throttle-increment' has been
deprecated and 'cpu-throttle-increment' was introduced
Since v2.7. Use the new parameter instead.
Signed-off-by: Hyman Huang(黄勇) <huangy81@chinatelecom.cn>
Message-Id: <0195d34a317ce3cc417b3efd275e30cad35a7618.1616513998.git.huangy81@chinatelecom.cn> Reviewed-by: Dr. David Alan Gilbert <dgilbert@redhat.com> Signed-off-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
migration: Rename 'bs' to 'block' in background snapshot code
Rename 'bs' to commonly used 'block' in migration/ram.c background
snapshot code.
Signed-off-by: Andrey Gruzdev <andrey.gruzdev@virtuozzo.com> Reported-by: David Hildenbrand <david@redhat.com>
Message-Id: <20210401092226.102804-5-andrey.gruzdev@virtuozzo.com> Reviewed-by: Dr. David Alan Gilbert <dgilbert@redhat.com> Signed-off-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
migration: Pre-fault memory before starting background snasphot
This commit solves the issue with userfault_fd WP feature that
background snapshot is based on. For any never poluated or discarded
memory page, the UFFDIO_WRITEPROTECT ioctl() would skip updating
PTE for that page, thereby loosing WP setting for it.
So we need to pre-fault pages for each RAM block to be protected
before making a userfault_fd wr-protect ioctl().
Fixes: 278e2f551a095b234de74dca9c214d5502a1f72c (migration: support
UFFD write fault processing in ram_save_iterate()) Signed-off-by: Andrey Gruzdev <andrey.gruzdev@virtuozzo.com> Reported-by: David Hildenbrand <david@redhat.com> Reviewed-by: David Hildenbrand <david@redhat.com>
Message-Id: <20210401092226.102804-4-andrey.gruzdev@virtuozzo.com> Signed-off-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
dgilbert:
Bodged ifdef __linux__ on ram_write_tracking_prepare, should really
go in a stub
Klaus Jensen [Wed, 7 Apr 2021 05:16:14 +0000 (07:16 +0200)]
hw/block/nvme: fix out-of-bounds read in nvme_subsys_ctrl
nvme_subsys_ctrl() is used in contexts where the given controller
identifier is from an untrusted source. Like its friends nvme_ns() and
nvme_subsys_ns(), nvme_subsys_ctrl() should just return NULL if an
invalid identifier is given.
Fixes: 645ce1a70cb6 ("hw/block/nvme: support namespace attachment command") Cc: Minwoo Im <minwoo.im.dev@gmail.com> Signed-off-by: Klaus Jensen <k.jensen@samsung.com> Reviewed-by: Minwoo Im <minwoo.im.dev@gmail.com>
Klaus Jensen [Wed, 7 Apr 2021 05:07:43 +0000 (07:07 +0200)]
hw/block/nvme: fix assert crash in nvme_subsys_ns
nvme_subsys_ns() is used in contexts where the namespace identifier is
taken from an untrusted source. Commit 3921756dee6d ("hw/block/nvme:
assert namespaces array indices") tried to guard against this by
introducing an assert on the namespace identifier.
This is wrong since it is perfectly valid to call the function with an
invalid namespace identifier and like nvme_ns(), nvme_subsys_ns() should
simply return NULL.
Fixes: 3921756dee6d ("hw/block/nvme: assert namespaces array indices") Fixes: 94d8d6d16781 ("hw/block/nvme: support allocated namespace type") Cc: Minwoo Im <minwoo.im.dev@gmail.com> Signed-off-by: Klaus Jensen <k.jensen@samsung.com> Reviewed-by: Minwoo Im <minwoo.im.dev@gmail.com>
nvme_ns_attachment() does not verify the contents of the host-supplied
16 bit "Number of Identifiers" field in the command payload.
Make sure the value is capped at 2047 and fix the out-of-bounds read.
Fixes: 645ce1a70cb6 ("hw/block/nvme: support namespace attachment command") Cc: Minwoo Im <minwoo.im.dev@gmail.com> Signed-off-by: Klaus Jensen <k.jensen@samsung.com> Reviewed-by: Minwoo Im <minwoo.im.dev@gmail.com>
Klaus Jensen [Tue, 23 Mar 2021 11:43:24 +0000 (12:43 +0100)]
hw/block/nvme: fix handling of private namespaces
Prior to this patch, if a private nvme-ns device (that is, a namespace
that is not linked to a subsystem) is wired up to an nvme-subsys linked
nvme controller device, the device fails to verify that the namespace id
is unique within the subsystem. NVM Express v1.4b, Section 6.1.6 ("NSID
and Namespace Usage") states that because the device supports Namespace
Management, "NSIDs *shall* be unique within the NVM subsystem".
Additionally, prior to this patch, private namespaces are not known to
the subsystem and the namespace is considered exclusive to the
controller with which it is initially wired up to. However, this is not
the definition of a private namespace; per Section 1.6.33 ("private
namespace"), a private namespace is just a namespace that does not
support multipath I/O or namespace sharing, which means "that it is only
able to be attached to one controller at a time".
Fix this by always allocating namespaces in the subsystem (if one is
linked to the controller), regardless of the shared/private status of
the namespace. Whether or not the namespace is shareable is controlled
by a new `shared` nvme-ns parameter.
Finally, this fix allows the nvme-ns `subsys` parameter to be removed,
since the `shared` parameter now serves the purpose of attaching the
namespace to all controllers in the subsystem upon device realization.
It is invalid to have an nvme-ns namespace device with a linked
subsystem without the parent nvme controller device also being linked to
one and since the nvme-ns devices will unconditionally be "attached" (in
QEMU terms that is) to an nvme controller device through an NvmeBus, the
nvme-ns namespace device can always get a reference to the subsystem of
the controller it is explicitly (using 'bus=' parameter) or implicitly
attaching to.
Fixes: e570768566b3 ("hw/block/nvme: support for shared namespace in subsystem") Cc: Minwoo Im <minwoo.im.dev@gmail.com> Signed-off-by: Klaus Jensen <k.jensen@samsung.com> Reviewed-by: Gollu Appalanaidu <anaidu.gollu@samsung.com> Reviewed-by: Keith Busch <kbusch@kernel.org> Reviewed-by: Minwoo Im <minwoo.im.dev@gmail.com>
Klaus Jensen [Wed, 24 Mar 2021 09:11:55 +0000 (10:11 +0100)]
hw/block/nvme: fix the nsid 'invalid' value
The `nvme_nsid()` function returns '-1' (FFFFFFFFh) when the given
namespace is NULL. Since FFFFFFFFh is actually a valid namespace
identifier (the "broadcast" value), change this to be '0' since that
actually *is* the invalid value.
Signed-off-by: Klaus Jensen <k.jensen@samsung.com> Reviewed-by: Gollu Appalanaidu <anaidu.gollu@samsung.com> Reviewed-by: Keith Busch <kbusch@kernel.org>
migration: Inhibit virtio-balloon for the duration of background snapshot
The same thing as for incoming postcopy - we cannot deal with concurrent
RAM discards when using background snapshot feature in outgoing migration.
Fixes: 8518278a6af589ccc401f06e35f171b1e6fae800 (migration: implementation
of background snapshot thread) Signed-off-by: Andrey Gruzdev <andrey.gruzdev@virtuozzo.com> Reported-by: David Hildenbrand <david@redhat.com> Reviewed-by: David Hildenbrand <david@redhat.com>
Message-Id: <20210401092226.102804-3-andrey.gruzdev@virtuozzo.com> Signed-off-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
migration: Fix missing qemu_fflush() on buffer file in bg_migration_thread
Added missing qemu_fflush() on buffer file holding precopy device state.
Increased initial QIOChannelBuffer allocation to 512KB to avoid reallocs.
Typical configurations often require >200KB for device state and VMDESC.
Fixes: 8518278a6af589ccc401f06e35f171b1e6fae800 (migration: implementation
of background snapshot thread) Signed-off-by: Andrey Gruzdev <andrey.gruzdev@virtuozzo.com>
Message-Id: <20210401092226.102804-2-andrey.gruzdev@virtuozzo.com> Reviewed-by: Dr. David Alan Gilbert <dgilbert@redhat.com> Signed-off-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
My security fix for the security.capability remap has a silly early
segfault in a simple case where there is an xattrmapping but it doesn't
remap the security.capability.
Fixes: e586edcb41054 ("virtiofs: drop remapped security.capability xattr as needed") Signed-off-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
Message-Id: <20210401145845.78445-1-dgilbert@redhat.com> Reviewed-by: Connor Kuehl <ckuehl@redhat.com> Signed-off-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
Peter Maydell [Tue, 6 Apr 2021 15:04:33 +0000 (16:04 +0100)]
Merge remote-tracking branch 'remotes/pmaydell/tags/pull-target-arm-20210406' into staging
target-arm queue:
* ppc/e500 and arm/virt: only add valid dynamic sysbus devices to the
platform bus
* update i.mx31 maintainer list
* Revert "target/arm: Make number of counters in PMCR follow the CPU"
* remotes/pmaydell/tags/pull-target-arm-20210406:
Remove myself as i.mx31 maintainer
Revert "target/arm: Make number of counters in PMCR follow the CPU"
hw/ppc/e500plat: Only try to add valid dynamic sysbus devices to platform bus
hw/arm/virt: Only try to add valid dynamic sysbus devices to platform bus
machine: Provide a function to check the dynamic sysbus allowlist
include/hw/boards.h: Document machine_class_allow_dynamic_sysbus_dev()
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Thomas Huth [Thu, 1 Apr 2021 10:25:29 +0000 (11:25 +0100)]
gitlab-ci.yml: Fix the filtering for the git submodules
Commit 7d7dbf9dc15be6e introduced a new line starting with
"GIT_SUBMODULES_ACTION=" in the config-host.mak file. The grep that
tries to determine the submodules in the gitlab-ci.yml file matches
this new line, too, causing a warning message when updating the modules:
Peter Maydell [Thu, 1 Apr 2021 10:25:28 +0000 (11:25 +0100)]
docs/system/gdb.rst: Document how to debug multicore machines
Document how multicore machines appear to GDB when debugged
via the debug stub. This is particularly non-intuitive for
the "multiple heterogenous clusters" case, but unfortunately
as far as I know there is no way with the remote protocol
for the stub to tell gdb "I have 2 inferiors, please connect
to both", so the user must set it all up manually.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Signed-off-by: Alex Bennée <alex.bennee@linaro.org> Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Message-Id: <20210325175023.13838-3-peter.maydell@linaro.org>
Message-Id: <20210401102530.12030-10-alex.bennee@linaro.org>
Alex Bennée [Thu, 1 Apr 2021 10:25:26 +0000 (11:25 +0100)]
tests/tcg: relax the next step precision of the gdb sha1 test
Depending on the version of gdb we may not execute the first line of
SHA1Init when executing the first "next" command - instead just
stepping over the preamble. As we don't actually care about the
position of the PC after the steps and want to be sure the
context->state[] has been loaded before we inspect it do a double next
at the start.
Signed-off-by: Alex Bennée <alex.bennee@linaro.org> Tested-by: Richard Henderson <richard.henderson@linaro.org>
Message-Id: <20210401102530.12030-8-alex.bennee@linaro.org>
Alex Bennée [Thu, 1 Apr 2021 10:25:25 +0000 (11:25 +0100)]
tests/tcg/i386: force -fno-pie for test-i386
The containerised compiler defaults to no-pie anyway but if we are
relying on the users installed cross compiler we need to check it
works for building 16 bit code first.
Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
Message-Id: <20210401102530.12030-7-alex.bennee@linaro.org>
Alex Bennée [Thu, 1 Apr 2021 10:25:24 +0000 (11:25 +0100)]
tests/tcg/i386: expand .data sections for system tests
Newer compilers might end up putting some data in .data.rel.local
which was getting skipped resulting in hilarious confusion on some
tests. Fix that.
Signed-off-by: Alex Bennée <alex.bennee@linaro.org> Reviewed-by: Richard Henderson <richard.henderson@linaro.org> Reviewed-by: Thomas Huth <thuth@redhat.com>
Message-Id: <20210401102530.12030-6-alex.bennee@linaro.org>
Alex Bennée [Thu, 1 Apr 2021 10:25:23 +0000 (11:25 +0100)]
tests/tcg/configure.sh: make sure we pick up x86_64 cross compilers
While it's hard to find cross compilers packaged for arches other than
x86_64 the same cannot be said for the x86_64 compiler which is
available on Debians i386, arm64 and ppc64el release architectures.
Signed-off-by: Alex Bennée <alex.bennee@linaro.org> Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-Id: <20210401102530.12030-5-alex.bennee@linaro.org>
Alex Bennée [Thu, 1 Apr 2021 10:25:22 +0000 (11:25 +0100)]
tests/tcg: add concept of container_hosts
While docker is nominally multiarch these days it doesn't mean our
distros actually package all cross compilers for all architectures.
The upcoming Debian bullseye release will improve things further. At
least for now we can get things like the 32 bit ARM compiler on it's
64 bit cousin.
Signed-off-by: Alex Bennée <alex.bennee@linaro.org> Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-Id: <20210401102530.12030-4-alex.bennee@linaro.org>
Alex Bennée [Thu, 1 Apr 2021 10:25:20 +0000 (11:25 +0100)]
tests/tcg: update the defaults for x86 compilers
You don't usually notice this is broken on developer system on x86 as
we use the normal host compiler. However on other systems the -pc was
extraneous. Also for 32 bit only i686 packages exist now so we should
use those when available.
Signed-off-by: Alex Bennée <alex.bennee@linaro.org> Reviewed-by: Richard Henderson <richard.henderson@linaro.org> Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Message-Id: <20210401102530.12030-2-alex.bennee@linaro.org>
Jason Wang [Tue, 6 Apr 2021 04:03:30 +0000 (12:03 +0800)]
virtio-pci: compat page aligned ATS
Commit 4c70875372b8 ("pci: advertise a page aligned ATS") advertises
the page aligned via ATS capability (RO) to unbrek recent Linux IOMMU
drivers since 5.2. But it forgot the compat the capability which
breaks the migration from old machine type:
This patch introduces a new parameter "x-ats-page-aligned" for
virtio-pci device and turns it on for machine type which is newer than
5.1.
Cc: Michael S. Tsirkin <mst@redhat.com> Cc: Peter Xu <peterx@redhat.com> Cc: Dr. David Alan Gilbert <dgilbert@redhat.com> Cc: qemu-stable@nongnu.org Fixes: 4c70875372b8 ("pci: advertise a page aligned ATS") Signed-off-by: Jason Wang <jasowang@redhat.com>
Message-Id: <20210406040330.11306-1-jasowang@redhat.com> Reviewed-by: Michael S. Tsirkin <mst@redhat.com> Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
I'm leaving my current job and will no longer have access to the
hardware to test or maintain this port.
Signed-off-by: Peter Chubb <peter.chubb@data61.csiro.au> Reviewed-by: Peter Maydell <peter.maydell@linaro.org> Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
This change turned out to be a bit half-baked, and doesn't
work with KVM, which fails with the error:
"qemu-system-aarch64: Failed to retrieve host CPU features"
because KVM does not allow accessing of the PMCR_EL0 value in
the scratch "query CPU ID registers" VM unless we have first
set the KVM_ARM_VCPU_PMU_V3 feature on the VM.
Peter Maydell [Thu, 25 Mar 2021 15:33:10 +0000 (15:33 +0000)]
hw/ppc/e500plat: Only try to add valid dynamic sysbus devices to platform bus
The e500plat machine device plug callback currently calls
platform_bus_link_device() for any sysbus device. This is overly
broad, because platform_bus_link_device() will unconditionally grab
the IRQs and MMIOs of the device it is passed, whether it was
intended for the platform bus or not. Restrict hotpluggability of
sysbus devices to only those devices on the dynamic sysbus allowlist.
We were mostly getting away with this because the board creates the
platform bus as the last device it creates, and so the hotplug
callback did not do anything for all the sysbus devices created by
the board itself. However if the user plugged in a device which
itself uses a sysbus device internally we would have mishandled this
and probably asserted. An example of this is:
qemu-system-ppc64 -M ppce500 -device macio-oldworld
This isn't a sensible command because the macio-oldworld device
is really specific to the 'g3beige' machine, but we now fail
with a reasonable error message rather than asserting:
qemu-system-ppc64: Device heathrow is not supported by this machine yet.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Reviewed-by: Richard Henderson <richard.henderson@linaro.org> Reviewed-by: Mark Cave-Ayland <mark.cave-ayland@ilande.co.uk> Reviewed-by: Eric Auger <eric.auger@redhat.com> Acked-by: David Gibson <david@gibson.dropbear.id.au>
Message-id: 20210325153310.9131-5-peter.maydell@linaro.org
Peter Maydell [Thu, 25 Mar 2021 15:33:09 +0000 (15:33 +0000)]
hw/arm/virt: Only try to add valid dynamic sysbus devices to platform bus
The virt machine device plug callback currently calls
platform_bus_link_device() for any sysbus device. This is overly
broad, because platform_bus_link_device() will unconditionally grab
the IRQs and MMIOs of the device it is passed, whether it was
intended for the platform bus or not. Restrict hotpluggability of
sysbus devices to only those devices on the dynamic sysbus
allowlist.
We were mostly getting away with this because the board creates the
platform bus as the last device it creates, and so the hotplug
callback did not do anything for all the sysbus devices created by
the board itself. However if the user plugged in a device which
itself uses a sysbus device internally we would have mishandled this
and probably asserted.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Reviewed-by: Richard Henderson <richard.henderson@linaro.org> Reviewed-by: Mark Cave-Ayland <mark.cave-ayland@ilande.co.uk> Reviewed-by: Eric Auger <eric.auger@redhat.com>
Message-id: 20210325153310.9131-4-peter.maydell@linaro.org
Peter Maydell [Thu, 25 Mar 2021 15:33:08 +0000 (15:33 +0000)]
machine: Provide a function to check the dynamic sysbus allowlist
Provide a new function dynamic_sysbus_dev_allowed() which checks the
per-machine list of permitted dynamic sysbus devices and returns a
boolean result indicating whether the device is allowed. We can use
this in the implementation of validate_sysbus_device(), but we will
also need it so that machine hotplug callbacks can validate devices
rather than assuming that any sysbus device might be hotpluggable
into the platform bus.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Reviewed-by: Richard Henderson <richard.henderson@linaro.org> Reviewed-by: Mark Cave-Ayland <mark.cave-ayland@ilande.co.uk> Reviewed-by: Eric Auger <eric.auger@redhat.com>
Message-id: 20210325153310.9131-3-peter.maydell@linaro.org
The function machine_class_allow_dynamic_sysbus_dev() is currently
undocumented; add a doc comment.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Reviewed-by: Richard Henderson <richard.henderson@linaro.org> Reviewed-by: Mark Cave-Ayland <mark.cave-ayland@ilande.co.uk> Reviewed-by: Eric Auger <eric.auger@redhat.com>
Message-id: 20210325153310.9131-2-peter.maydell@linaro.org
Pavel Dovgalyuk [Mon, 29 Mar 2021 07:42:10 +0000 (10:42 +0300)]
target/alpha: fix icount handling for timer instructions
This patch handles icount mode for timer read/write instructions,
because it is required to call gen_io_start in such cases.
Signed-off-by: Pavel Dovgalyuk <pavel.dovgalyuk@ispras.ru> Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-Id: <161700373035.1135822.16451510827008616793.stgit@pasha-ThinkPad-X280> Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Kele Huang [Thu, 1 Apr 2021 10:04:57 +0000 (18:04 +0800)]
tcg/mips: Fix SoftTLB comparison on mips backend
The addrl used to compare with SoftTLB entry should be sign-extended
in common case, and it will cause constant failing in SoftTLB
comparisons for the addrl whose address is over 0x80000000 on the
emulation of 32-bit guest on 64-bit host.
This is an important performance bug fix. Spec2000 gzip rate increase
from ~45 to ~140 on Loongson 3A4000 (MIPS compatible platform).
Signed-off-by: Kele Huang <kele.hwang@gmail.com> Reviewed-by: Alex Bennée <alex.bennee@linaro.org> Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Message-Id: <20210401100457.191458-1-kele.hwang@gmail.com> Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Niklas Cassel [Tue, 23 Mar 2021 11:18:25 +0000 (11:18 +0000)]
hw/block/nvme: remove description for zoned.append_size_limit
The description was originally removed in commit 578d914b263c
("hw/block/nvme: align zoned.zasl with mdts") together with the removal
of the zoned.append_size_limit parameter itself.
However, it was (most likely accidentally), re-added in commit f7dcd31885cb ("hw/block/nvme: add non-mdts command size limit for verify").
Remove the description again, since the parameter it describes,
zoned.append_size_limit, no longer exists.
Signed-off-by: Niklas Cassel <niklas.cassel@wdc.com> Signed-off-by: Klaus Jensen <k.jensen@samsung.com>
Paolo Bonzini [Fri, 2 Apr 2021 08:21:28 +0000 (10:21 +0200)]
x86: rename oem-id and oem-table-id properties
After introducing non-scalar machine properties, it would be preferrable
to have a single acpitable property which includes both generic
information (such as the OEM ids) and custom tables currently
passed via -acpitable.
Do not saddle ourselves with legacy oem-id and oem-table-id
properties, instead mark them as experimental.
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Message-Id: <20210402082128.13854-1-pbonzini@redhat.com> Reviewed-by: Michael S. Tsirkin <mst@redhat.com> Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
Peter Maydell [Sun, 4 Apr 2021 20:48:45 +0000 (21:48 +0100)]
Merge remote-tracking branch 'remotes/xtensa/tags/20210403-xtensa' into staging
target/xtensa fixes for v6.0:
- make meson.build pick up all available xtensa core definitions;
- don't modify Makefile.objs in import_core.sh;
- add sed rule to import_core.sh to make xtensa_modules variable static.
Max Filippov [Tue, 30 Mar 2021 07:25:24 +0000 (00:25 -0700)]
target/xtensa: fix meson.build rule for xtensa cores
import_core.sh tries to change Makefile.objs when importing new xtensa
core, but that file no longer exists. Rewrite meson.build rule to pick
up all source files that match core-*.c pattern and drop commands that
change Makefile.objs.
Cc: qemu-stable@nongnu.org # v5.2.0 Signed-off-by: Max Filippov <jcmvbkbc@gmail.com> Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Peter Maydell [Fri, 2 Apr 2021 10:53:18 +0000 (11:53 +0100)]
Merge remote-tracking branch 'remotes/mst/tags/for_upstream' into staging
pc,virtio,pci: bugfixes
Fixes all over the place.
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
# gpg: Signature made Thu 01 Apr 2021 17:22:03 BST
# gpg: using RSA key 5D09FD0871C8F85B94CA8A0D281F0DB8D28D5469
# gpg: issuer "mst@redhat.com"
# gpg: Good signature from "Michael S. Tsirkin <mst@kernel.org>" [full]
# gpg: aka "Michael S. Tsirkin <mst@redhat.com>" [full]
# Primary key fingerprint: 0270 606B 6F3C DF3D 0B17 0970 C350 3912 AFBE 8E67
# Subkey fingerprint: 5D09 FD08 71C8 F85B 94CA 8A0D 281F 0DB8 D28D 5469
* remotes/mst/tags/for_upstream:
pci: sprinkle assert in PCI pin number
isa/v582c686: Reinitialize ACPI PM device on reset
vt82c686.c: don't raise SCI when PCI_INTERRUPT_PIN isn't setup
acpi/piix4: reinitialize acpi PM device on reset
virtio-pci: remove explicit initialization of val
virtio-pci: add check for vdev in virtio_pci_isr_read
vhost-user-blk: add immediate cleanup on shutdown
vhost-user-blk: perform immediate cleanup if disconnect on initialization
vhost-user-blk: use different event handlers on initialization
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
* remotes/thuth-gitlab/tags/pull-request-2021-04-01:
device-crash-test: Ignore errors about a bus not being available
docs: Fix typo in the default name of the qemu-system-x86_64 binary
docs: Remove obsolete paragraph about config-target.mak
util/compatfd.c: Fixed style issues
qom: Fix default values in help
MAINTAINERS: Mark SH-4 hardware emulation orphan
MAINTAINERS: Mark RX hardware emulation orphan
MAINTAINERS: add virtio-fs mailing list
MAINTAINERS: Drop the line with Xiang Zheng
MAINTAINERS: replace Huawei's email to personal one
MAINTAINERS: Drop the lines with Sarah Harris
MAINTAINERS: add/replace backups for some s390 areas
MAINTAINERS: Fix tests/migration maintainers
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Isaku Yamahata [Tue, 23 Mar 2021 20:52:27 +0000 (13:52 -0700)]
pci: sprinkle assert in PCI pin number
If a device model
(a) doesn't set the value to a correct interrupt number and then
(b) triggers an interrupt for itself,
it's device model bug. Add assert on interrupt pin number to catch
this kind of bug more obviously.
Suggested-by: Peter Maydell <peter.maydell@linaro.org> Signed-off-by: Isaku Yamahata <isaku.yamahata@intel.com>
Message-Id: <9cf8ac3b17e162daac0971d7be32deb6a33ae6ec.1616532563.git.isaku.yamahata@intel.com> Reviewed-by: Michael S. Tsirkin <mst@redhat.com> Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
Isaku Yamahata [Tue, 23 Mar 2021 20:52:26 +0000 (13:52 -0700)]
isa/v582c686: Reinitialize ACPI PM device on reset
Commit 6be8cf56bc8b made sure that SCI is enabled in PM1.CNT
on reset in acpi_only mode by modifying acpi_pm1_cnt_reset() and
that worked for q35 as expected.
This patch adds reset ACPI PM related registers on vt82c686 reset time
and de-assert sci.
via_pm_realize() initializes acpi pm tmr, evt, cnt and gpe.
Reset them on device reset.
Cc: BALATON Zoltan <balaton@eik.bme.hu> Cc: Huacai Chen <chenhuacai@kernel.org> Cc: "Philippe Mathieu-Daudé" <f4bug@amsat.org> Cc: Jiaxun Yang <jiaxun.yang@flygoat.com> Signed-off-by: Isaku Yamahata <isaku.yamahata@intel.com>
Message-Id: <0a3fe998525552860919a690ce83dab8f663ab99.1616532563.git.isaku.yamahata@intel.com> Reviewed-by: Michael S. Tsirkin <mst@redhat.com> Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
Isaku Yamahata [Tue, 23 Mar 2021 20:52:25 +0000 (13:52 -0700)]
vt82c686.c: don't raise SCI when PCI_INTERRUPT_PIN isn't setup
Without this patch, the following patch will triger clan runtime
sanitizer warnings as follows. This patch proactively works around it.
I leave a correct fix to v582c686.c maintainerfix as I'm not sure
about fuloong2e device model.
Isaku Yamahata [Tue, 23 Mar 2021 20:52:24 +0000 (13:52 -0700)]
acpi/piix4: reinitialize acpi PM device on reset
Commit 6be8cf56bc8b made sure that SCI is enabled in PM1.CNT
on reset in acpi_only mode by modifying acpi_pm1_cnt_reset() and
that worked for q35 as expected.
The function was introduced by commit eaba51c573a (acpi, acpi_piix, vt82c686: factor out PM1_CNT logic)
that forgot to actually call it at piix4 reset time and as result
SCI_EN wasn't set as was expected by 6be8cf56bc8b in acpi_only mode.
So Windows crashes when it notices that SCI_EN is not set and FADT is
not providing information about how to enable it anymore.
Reproducer:
qemu-system-x86_64 -enable-kvm -M pc-i440fx-6.0,smm=off -cdrom any_windows_10x64.iso
Fix it by calling acpi_pm1_cnt_reset() at piix4 reset time.
Occasionally this patch adds reset acpi PM related registers on
piix4 reset time and de-assert sci.
piix4_pm_realize() initializes acpi pm tmr, evt, cnt and gpe.
Reset them on device reset. pm_reset() in ich9.c correctly calls
corresponding reset functions.
Fixes: 6be8cf56bc8b (acpi/core: always set SCI_EN when SMM isn't supported) Reported-by: Reinoud Zandijk <reinoud@NetBSD.org> Co-developed-by: Igor Mammedov <imammedo@redhat.com> Signed-off-by: Igor Mammedov <imammedo@redhat.com> Signed-off-by: Isaku Yamahata <isaku.yamahata@intel.com>
Message-Id: <8a5bbd19727045ec863523830078dd4ca63f6a9a.1616532563.git.isaku.yamahata@intel.com> Reviewed-by: Michael S. Tsirkin <mst@redhat.com> Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
* remotes/marcandre/tags/for-6.0-pull-request:
tests: Add tests for yank with the chardev-change case
chardev: Fix yank with the chardev-change case
chardev/char.c: Always pass id to chardev_new
chardev/char.c: Move object_property_try_add_child out of chardev_new
yank: Always link full yank code
yank: Remove dependency on qiochannel
docs: simplify each section title
dbus-vmstate: Increase the size of input stream buffer used during load
util: fix use-after-free in module_load_one
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Yuri Benditovich [Mon, 15 Mar 2021 11:59:37 +0000 (13:59 +0200)]
virtio-pci: remove explicit initialization of val
The value is assigned later in this procedure.
Signed-off-by: Yuri Benditovich <yuri.benditovich@daynix.com>
Message-Id: <20210315115937.14286-3-yuri.benditovich@daynix.com> Reviewed-by: Michael S. Tsirkin <mst@redhat.com> Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
Yuri Benditovich [Mon, 15 Mar 2021 11:59:36 +0000 (13:59 +0200)]
virtio-pci: add check for vdev in virtio_pci_isr_read
https://bugzilla.redhat.com/show_bug.cgi?id=1743098
This commit completes the solution of segfault in hot unplug flow
(by commit ccec7e9603f446fe75c6c563ba335c00cfda6a06).
Added missing check for vdev in virtio_pci_isr_read.
Typical stack of crash:
virtio_pci_isr_read ../hw/virtio/virtio-pci.c:1365 with proxy-vdev = 0
memory_region_read_accessor at ../softmmu/memory.c:442
access_with_adjusted_size at ../softmmu/memory.c:552
memory_region_dispatch_read1 at ../softmmu/memory.c:1420
memory_region_dispatch_read at ../softmmu/memory.c:1449
flatview_read_continue at ../softmmu/physmem.c:2822
flatview_read at ../softmmu/physmem.c:2862
address_space_read_full at ../softmmu/physmem.c:2875
Signed-off-by: Yuri Benditovich <yuri.benditovich@daynix.com>
Message-Id: <20210315115937.14286-2-yuri.benditovich@daynix.com> Reviewed-by: Michael S. Tsirkin <mst@redhat.com> Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
Denis Plotnikov [Thu, 25 Mar 2021 15:12:17 +0000 (18:12 +0300)]
vhost-user-blk: add immediate cleanup on shutdown
Qemu crashes on shutdown if the chardev used by vhost-user-blk has been
finalized before the vhost-user-blk.
This happens with char-socket chardev operating in the listening mode (server).
The char-socket chardev emits "close" event at the end of finalizing when
its internal data is destroyed. This calls vhost-user-blk event handler
which in turn tries to manipulate with destroyed chardev by setting an empty
event handler for vhost-user-blk cleanup postponing.
This patch separates the shutdown case from the cleanup postponing removing
the need to set an event handler.
Signed-off-by: Denis Plotnikov <den-plotnikov@yandex-team.ru>
Message-Id: <20210325151217.262793-4-den-plotnikov@yandex-team.ru> Reviewed-by: Michael S. Tsirkin <mst@redhat.com> Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
Denis Plotnikov [Thu, 25 Mar 2021 15:12:16 +0000 (18:12 +0300)]
vhost-user-blk: perform immediate cleanup if disconnect on initialization
Commit 4bcad76f4c39 ("vhost-user-blk: delay vhost_user_blk_disconnect")
introduced postponing vhost_dev cleanup aiming to eliminate qemu aborts
because of connection problems with vhost-blk daemon.
However, it introdues a new problem. Now, any communication errors
during execution of vhost_dev_init() called by vhost_user_blk_device_realize()
lead to qemu abort on assert in vhost_dev_get_config().
This happens because vhost_user_blk_disconnect() is postponed but
it should have dropped s->connected flag by the time
vhost_user_blk_device_realize() performs a new connection opening.
On the connection opening, vhost_dev initialization in
vhost_user_blk_connect() relies on s->connection flag and
if it's not dropped, it skips vhost_dev initialization and returns
with success. Then, vhost_user_blk_device_realize()'s execution flow
goes to vhost_dev_get_config() where it's aborted on the assert.
To fix the problem this patch adds immediate cleanup on device
initialization(in vhost_user_blk_device_realize()) using different
event handlers for initialization and operation introduced in the
previous patch.
On initialization (in vhost_user_blk_device_realize()) we fully
control the initialization process. At that point, nobody can use the
device since it isn't initialized and we don't need to postpone any
cleanups, so we can do cleaup right away when there is a communication
problem with the vhost-blk daemon.
On operation we leave it as is, since the disconnect may happen when
the device is in use, so the device users may want to use vhost_dev's data
to do rollback before vhost_dev is re-initialized (e.g. in vhost_dev_set_log()).
Signed-off-by: Denis Plotnikov <den-plotnikov@yandex-team.ru> Reviewed-by: Raphael Norwitz <raphael.norwitz@nutanix.com>
Message-Id: <20210325151217.262793-3-den-plotnikov@yandex-team.ru> Reviewed-by: Michael S. Tsirkin <mst@redhat.com> Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
Denis Plotnikov [Thu, 25 Mar 2021 15:12:15 +0000 (18:12 +0300)]
vhost-user-blk: use different event handlers on initialization
It is useful to use different connect/disconnect event handlers
on device initialization and operation as seen from the further
commit fixing a bug on device initialization.
This patch refactors the code to make use of them: we don't rely any
more on the VM state for choosing how to cleanup the device, instead
we explicitly use the proper event handler depending on whether
the device has been initialized.
Signed-off-by: Denis Plotnikov <den-plotnikov@yandex-team.ru> Reviewed-by: Raphael Norwitz <raphael.norwitz@nutanix.com>
Message-Id: <20210325151217.262793-2-den-plotnikov@yandex-team.ru> Reviewed-by: Michael S. Tsirkin <mst@redhat.com> Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
* remotes/bonzini-gitlab/tags/for-upstream:
docs: Add a QEMU Code of Conduct and Conflict Resolution Policy document
hexagon: do not specify Python scripts as inputs
hexagon: do not specify executables as inputs
configure: Do not use default_feature for EXESUF
target/openrisc: fix icount handling for timer instructions
replay: notify CPU on event
icount: get rid of static variable
Revert "qom: use qemu_printf to print help for user-creatable objects"
replay: fix recursive checkpoints
qapi: qom: do not use target-specific conditionals
target/i386: Verify memory operand for lcall and ljmp
meson: Propagate gnutls dependency to migration
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Thomas Huth [Tue, 23 Mar 2021 16:47:18 +0000 (17:47 +0100)]
device-crash-test: Ignore errors about a bus not being available
Recent QEMU versions now sometimes exit cleanly with an error message
that a bus is not available for a specified device. Don't flag those
as an error in the device-crash-test script.
Message-Id: <20210323164718.1393792-1-thuth@redhat.com> Acked-by: John Snow <jsnow@redhat.com> Signed-off-by: Thomas Huth <thuth@redhat.com>
Output of default values in device help is broken:
$ ./qemu-system-x86_64 -S -display none -monitor stdio
QEMU 5.2.50 monitor - type 'help' for more information
(qemu) device_add pvpanic,help
pvpanic options:
events=<uint8> - (default: (null))
ioport=<uint16> - (default: (null))
pvpanic[0]=<child<qemu:memory-region>>
The "(null)" is glibc printing a null pointer. Other systems crash
instead. Having a help request crash a running VM can really spoil
your day.
Root cause is a botched replacement of qstring_free() by
g_string_free(): to get the string back, we need to pass true to the
former, but false to the latter. Fix the argument.
Fixes: eab3a4678b07267c39e7290a6e9e7690b1d2a521 Reported-by: Thomas Huth <thuth@redhat.com> Signed-off-by: Markus Armbruster <armbru@redhat.com> Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com> Reviewed-by: Thomas Huth <thuth@redhat.com>
Message-Id: <20210324084130.3986072-1-armbru@redhat.com> Signed-off-by: Thomas Huth <thuth@redhat.com>
Yoshinori Sato doesn't have time to manage QEMU reviews.
The code is in good shape and hasn't started to bitrot,
so mark the SH-4 hardware as orphan to give the possibility
to any contributor to step in and fill the gap.
Signed-off-by: Philippe Mathieu-Daudé <f4bug@amsat.org> CC: Magnus Damm <magnus.damm@gmail.com> Cc: Aurelien Jarno <aurelien@aurel32.net> Cc: Yoshinori Sato <ysato@users.sourceforge.jp>
Message-Id: <20210312155513.1849109-3-f4bug@amsat.org> Acked-by: Richard Henderson <richard.henderson@linaro.org> Signed-off-by: Thomas Huth <thuth@redhat.com>
Yoshinori Sato doesn't have time to manage QEMU reviews.
The code is in good shape and hasn't started to bitrot,
so mark the RX target and hardware as orphan to give the
possibility to any contributor to step in and fill the gap.
Signed-off-by: Philippe Mathieu-Daudé <f4bug@amsat.org> Cc: Yoshinori Sato <ysato@users.sourceforge.jp>
Message-Id: <20210312155513.1849109-2-f4bug@amsat.org> Acked-by: Richard Henderson <richard.henderson@linaro.org> Signed-off-by: Thomas Huth <thuth@redhat.com>
Connor Kuehl [Thu, 18 Mar 2021 15:41:57 +0000 (10:41 -0500)]
MAINTAINERS: add virtio-fs mailing list
General discussion and patch reviews take place on this list for both
virtiofsd (tools/virtiofsd/*) and the guest kernel module.
Signed-off-by: Connor Kuehl <ckuehl@redhat.com> Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com> Reviewed-by: Dr. David Alan Gilbert <dgilbert@redhat.com> Reviewed-by: Vivek Goyal <vgoyal@redhat.com>
Message-Id: <20210318154157.1357224-1-ckuehl@redhat.com> Signed-off-by: Thomas Huth <thuth@redhat.com>
Thomas Huth [Thu, 1 Apr 2021 06:24:26 +0000 (08:24 +0200)]
MAINTAINERS: Drop the lines with Sarah Harris
In a mail to the qemu-devel mailing list, Sarah wrote:
"I was added as a reviewer (in MAINTAINERS) for the AVR target for the
duration of my research work using it.
The funding for my project expires in the middle of April, so I will not be
able to provide time for reviewing patches from that point."
Thus let's remove the corresponding lines in the MAINTAINERS file.
Message-Id: <20210401062426.3192118-1-thuth@redhat.com> Reviewed-by: Sarah Harris <S.E.Harris@kent.ac.uk> Signed-off-by: Thomas Huth <thuth@redhat.com>
Lukas Straub [Tue, 30 Mar 2021 18:13:31 +0000 (20:13 +0200)]
chardev: Fix yank with the chardev-change case
When changing from chardev-socket (which supports yank) to
chardev-socket again, it fails, because the new chardev attempts
to register a new yank instance. This in turn fails, as there
still is the yank instance from the current chardev. Also,
the old chardev shouldn't unregister the yank instance when it
is freed.
To fix this, now the new chardev only registers a yank instance if
the current chardev doesn't support yank and thus hasn't registered
one already. Also, when the old chardev is freed, it now only
unregisters the yank instance if the new chardev doesn't need it.
If the initialization of the new chardev fails, it still has
chr->handover_yank_instance set and won't unregister the yank
instance when it is freed.
s->registered_yank is always true here, as chardev-change only works
on user-visible chardevs and those are guraranteed to register a
yank instance as they are initialized via
chardev_new()
qemu_char_open()
cc->open() (qmp_chardev_open_socket()).
Lukas Straub [Tue, 30 Mar 2021 18:13:28 +0000 (20:13 +0200)]
chardev/char.c: Always pass id to chardev_new
Always pass the id to chardev_new, since it is needed to register
the yank instance for the chardev. Also, after checking that
nothing calls chardev_new with id=NULL, assert() that id!=NULL.
This fixes a crash when using chardev-change to change a chardev
to chardev-socket, which attempts to register a yank instance.
This in turn tries to dereference the NULL-pointer.
Lukas Straub [Tue, 30 Mar 2021 18:13:25 +0000 (20:13 +0200)]
chardev/char.c: Move object_property_try_add_child out of chardev_new
Move object_property_try_add_child out of chardev_new into it's
callers. This is a preparation for the next patches to fix yank
with the chardev-change case.
Now that we merged into one doc, it makes the nav looks nicer.
Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Message-Id: <20210323074704.4078381-1-marcandre.lureau@redhat.com> Reviewed-by: Daniel P. Berrangé <berrange@redhat.com> Reviewed-by: John Snow <jsnow@redhat.com>
Priyankar Jain [Tue, 2 Feb 2021 13:54:20 +0000 (13:54 +0000)]
dbus-vmstate: Increase the size of input stream buffer used during load
This commit fixes an issue where migration is failing in the load phase
because of a false alarm about data unavailability.
Following is the error received when the amount of data to be transferred
exceeds the default buffer size setup by G_BUFFERED_INPUT_STREAM(4KiB),
even when the maximum data size supported by this backend is 1MiB
(DBUS_VMSTATE_SIZE_LIMIT):
dbus_vmstate_post_load: Invalid vmstate size: 4364
qemu-kvm: error while loading state for instance 0x0 of device 'dbus-vmstate/dbus-vmstate'
This commit sets the size of the input stream buffer used during load to
DBUS_VMSTATE_SIZE_LIMIT which is the maximum amount of data a helper can
send during save phase.
Secondly, this commit makes sure that the input stream buffer is loaded before
checking the size of the data available in it, rectifying the false alarm about
data unavailability.
g_hash_table_add always retains ownership of the pointer passed in as
the key. Its return status merely indicates whether the added entry was
new, or replaced an existing entry. Thus key must never be freed after
this method returns.
Spotted by ASAN:
==2407186==ERROR: AddressSanitizer: heap-use-after-free on address 0x6020003ac4f0 at pc 0x7ffff766659c bp 0x7fffffffd1d0 sp 0x7fffffffc980
READ of size 1 at 0x6020003ac4f0 thread T0
#0 0x7ffff766659b (/lib64/libasan.so.6+0x8a59b)
#1 0x7ffff6bfa843 in g_str_equal ../glib/ghash.c:2303
#2 0x7ffff6bf8167 in g_hash_table_lookup_node ../glib/ghash.c:493
#3 0x7ffff6bf9b78 in g_hash_table_insert_internal ../glib/ghash.c:1598
#4 0x7ffff6bf9c32 in g_hash_table_add ../glib/ghash.c:1689
#5 0x5555596caad4 in module_load_one ../util/module.c:233
#6 0x5555596ca949 in module_load_one ../util/module.c:225
#7 0x5555596ca949 in module_load_one ../util/module.c:225
#8 0x5555596cbdf4 in module_load_qom_all ../util/module.c:349
Typical C bug...
Fixes: 90629122d2e ("module: use g_hash_table_add()") Cc: qemu-stable@nongnu.org Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com> Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
Message-Id: <20210316134456.3243102-1-marcandre.lureau@redhat.com> Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Paolo Bonzini [Wed, 31 Mar 2021 14:35:27 +0000 (16:35 +0200)]
docs: Add a QEMU Code of Conduct and Conflict Resolution Policy document
In an ideal world, we would all get along together very well, always be
polite and never end up in huge conflicts. And even if there are conflicts,
we would always handle each other fair and respectfully. Unfortunately,
this is not an ideal world and sometimes people forget how to interact with
each other in a professional and respectful way. Fortunately, this seldom
happens in the QEMU community, but for such rare cases it is preferrable
to have a basic code of conduct document available to show to people
who are misbehaving. In case that does not help yet, we should also have
a conflict resolution policy ready that can be applied in the worst case.
The Code of Conduct document tries to be short and to the point while
trying to remain friendly and welcoming; it is based on the Fedora Code
of Conduct[1] with extra detail added based on the Contributor Covenant
1.3.0[2]. Other proposals included the Contributor Covenant 1.3.0 itself
or the Django Code of Conduct[3] (which is also a derivative of Fedora's)
but, in any case, there was agreement on keeping the conflict resolution
policy separate from the CoC itself.
An important point is whether to apply the code of conduct to violations
that occur outside public spaces. The text herein restricts that to
individuals acting as a representative or a member of the project or
its community. This is intermediate between the Contributor Covenant
(which only mentions representatives of the community, for example using
an official project e-mail address or posting via an official social media
account), and the Django Code of Conduct, which says that violations of
this code outside these spaces "may" be considered but otherwise applies
no limit.
The conflict resolution policy is based on the Drupal Conflict Resolution
Policy[4] and its derivative, the Mozilla Consequence Ladder[5].
Co-developed-by: Thomas Huth <thuth@redhat.com> Reviewed-by: David Edmondson <david.edmondson@oracle.com> Reviewed-by: Alex Bennée <alex.bennee@linaro.org> Reviewed-by: Thomas Huth <thuth@redhat.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Paolo Bonzini [Tue, 9 Mar 2021 15:15:30 +0000 (16:15 +0100)]
hexagon: do not specify Python scripts as inputs
Python scripts are not inputs, and putting them in @INPUT@. This
puts requirements on the command line format, keeping all inputs
close to the name of the script. Avoid that by not including the
script in the command and not in the inputs.
Also wrap "PYTHONPATH" usage with "env", since setting the environment
this way is not valid under Windows.
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Paolo Bonzini [Tue, 9 Mar 2021 15:15:30 +0000 (16:15 +0100)]
hexagon: do not specify executables as inputs
gen_semantics is an executable, not an input. Meson 0.57 special cases
the first argument and @INPUT@ is not expanded there. Fix that by
not including it in the input, only in the command.
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Commit "c87ea11631 configure: add --without-default-features" use
default_feature to set default values for configure option. This value
is used for EXESUF too.
However, EXESUF is not option to be tested, it is just append to any
binary name so using --without-default-features set EXESUF to "n"o and
all binaries using it has form <name>no (e.g. qemu-imgno).
This is not expected behavior as disabling features should not cause
generating different binary names.
Reverting back to setting EXESUF to empty value unless needed otherwise.
Signed-off-by: Miroslav Rezanina <mrezanin@redhat.com>
Message-Id: <20210331081845.105089-1-mrezanin@redhat.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Pavel Dovgalyuk [Thu, 1 Apr 2021 08:19:51 +0000 (11:19 +0300)]
replay: notify CPU on event
This patch enables vCPU notification to wake it up
when new async event comes in replay mode.
The motivation of this patch is the following.
Consider recorded block async event. It is saved into the log
with one of the checkpoints. This checkpoint may be passed in
vCPU loop. In replay mode when this async event is read from
the log, and block thread task is not finished yet, vCPU thread
goes to sleep. That is why this patch adds waking up the vCPU
to process this finished event.
Signed-off-by: Pavel Dovgalyuk <Pavel.Dovgalyuk@ispras.ru>
Message-Id: <161726519158.1476949.7614181684462079836.stgit@pasha-ThinkPad-X280> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Pavel Dovgalyuk [Mon, 29 Mar 2021 10:22:30 +0000 (13:22 +0300)]
icount: get rid of static variable
This patch moves static last_delta variable into timers_state
structure to allow correct vmstate operations with icount shift=auto enabled.
Signed-off-by: Pavel Dovgalyuk <Pavel.Dovgalyuk@ispras.ru>
Message-Id: <161701335066.1180180.7104085247702343395.stgit@pasha-ThinkPad-X280> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
The real code change had already been added by Kevin's commit da0a932bbf
("hmp: QAPIfy object_add") and commit 6d9abb6d just added a duplicated
include statement as a left-over of a rebase.
Signed-off-by: Thomas Huth <thuth@redhat.com>
Message-Id: <20210328054758.2351461-1-thuth@redhat.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
projects / qemu-xen.git / log