Fam Zheng [Tue, 6 Aug 2013 07:44:54 +0000 (15:44 +0800)]
vmdk: use heap allocation for whole_grain
We should never grow the stack beyond 1 MB, otherwise we'll fall off the
end. Thread stacks and coroutine stacks (1 MB) do not grow.
get_cluster_offset() allocates a big stack offset, it will fail for big
cluster images, change to heap allocated buffer.
Signed-off-by: Fam Zheng <famz@redhat.com> Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Fam Zheng [Tue, 6 Aug 2013 07:44:53 +0000 (15:44 +0800)]
vmdk: check l1 size before opening image
L1 table size is calculated from capacity, granularity and l2 table
size. If capacity is too big or later two are too small, the L1 table
will be too big to allocate in memory. Limit it to a reasonable range.
Signed-off-by: Fam Zheng <famz@redhat.com> Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Fam Zheng [Tue, 6 Aug 2013 07:44:51 +0000 (15:44 +0800)]
vmdk: check granularity field in opening
Granularity is used to calculate the cluster size and allocate r/w
buffer. Check the value from image before using it, so we don't abort()
for unbounded memory allocation.
Signed-off-by: Fam Zheng <famz@redhat.com> Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Stefan Hajnoczi [Tue, 6 Aug 2013 07:44:49 +0000 (15:44 +0800)]
qemu-iotests: add poke_file utility function
The new poke_file function sets bytes at an offset in a file given a
printf-style format string. It can be used to corrupt an image file for
test coverage of error paths.
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com> Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Liu Yuan [Tue, 6 Aug 2013 06:44:37 +0000 (14:44 +0800)]
sheepdog: add missing .bdrv_has_zero_init
Commit 3ac21627 changed the behaviour of bdrv_has_zero_init() to default
to 0. In the review for Sheepdog it turned out that enabling it is safe,
so that commit updated one BlockDriver definition of sheepdog to use
bdrv_has_zero_init_1, missed however that there are more BlockDrivers in
the driver. Fix these now.
Cc: Kevin Wolf <kwolf@redhat.com> Cc: Stefan Hajnoczi <stefanha@redhat.com> Signed-off-by: Liu Yuan <namei.unix@gmail.com> Reviewed-by: MORITA Kazutaka <morita.kazutaka@lab.ntt.co.jp> Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Without this patch, iov_send_recv() never returns when do_send_recv()
returns zero.
Signed-off-by: MORITA Kazutaka <morita.kazutaka@lab.ntt.co.jp> Reviewed-by: Paolo Bonzini <pbonzini@redhat.com> Signed-off-by: Kevin Wolf <kwolf@redhat.com>
This prevents the tools from being stopped when they write data to a
closed connection in the other side.
Signed-off-by: MORITA Kazutaka <morita.kazutaka@lab.ntt.co.jp> Reviewed-by: Paolo Bonzini <pbonzini@redhat.com> Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Kevin Wolf [Mon, 5 Aug 2013 08:53:04 +0000 (10:53 +0200)]
qemu-img: Error out for excess arguments
Don't silently ignore excess arguments at the end of the command line,
but error out instead. This can catch typos like 'resize test.img + 1G',
which doesn't increase the image size by 1G as intended, but truncates
the image to 1G. Even for less dangerous commands, the old behaviour is
confusing.
Signed-off-by: Kevin Wolf <kwolf@redhat.com> Reviewed-by: Laszlo Ersek <lersek@redhat.com> Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com>
semaphore: fix a hangup problem under load on NetBSD hosts.
Fix following bugs in "fallback implementation of counting semaphores
with mutex+condvar" added in c166cb72f1676855816340666c3b618beef4b976:
- waiting threads are not restarted properly if more than one threads
are waiting unblock signals in qemu_sem_timedwait()
- possible missing pthread_cond_signal(3) calls when waiting threads
are returned by ETIMEDOUT
- fix an uninitialized variable
The problem is analyzed by and fix is provided by Noriyuki Soda.
Also put additional cleanup suggested by Laszlo Ersek:
- make QemuSemaphore.count unsigned (it won't be negative)
- check a return value of in pthread_cond_wait() in qemu_sem_wait()
Isaku Yamahata [Sun, 4 Aug 2013 02:54:54 +0000 (22:54 -0400)]
rdma: memory leak RDMAContext::host
It is allocated by g_strdup(), so needs to be freed.
Reviewed-by: Michael R. Hines <mrhines@us.ibm.com> Signed-off-by: Isaku Yamahata <yamahata@private.email.ne.jp> Signed-off-by: Michael R. Hines <mrhines@us.ibm.com>
Message-id: 1375584894-9917-8-git-send-email-mrhines@linux.vnet.ibm.com Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
Isaku Yamahata [Sun, 4 Aug 2013 02:54:53 +0000 (22:54 -0400)]
rdma: use RDMA_WRID_READY
Reviewed-by: Michael R. Hines <mrhines@us.ibm.com> Signed-off-by: Isaku Yamahata <yamahata@private.email.ne.jp> Signed-off-by: Michael R. Hines <mrhines@us.ibm.com>
Message-id: 1375584894-9917-7-git-send-email-mrhines@linux.vnet.ibm.com Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
RDMA_WRID_CONTROL should be used. And remove related work around.
Reviewed-by: Michael R. Hines <mrhines@us.ibm.com> Signed-off-by: Isaku Yamahata <yamahata@private.email.ne.jp> Signed-off-by: Michael R. Hines <mrhines@us.ibm.com>
Message-id: 1375584894-9917-6-git-send-email-mrhines@linux.vnet.ibm.com Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
Isaku Yamahata [Sun, 4 Aug 2013 02:54:51 +0000 (22:54 -0400)]
rdma: don't use negative index to array
Reviewed-by: Michael R. Hines <mrhines@us.ibm.com> Signed-off-by: Isaku Yamahata <yamahata@private.email.ne.jp> Signed-off-by: Michael R. Hines <mrhines@us.ibm.com>
Message-id: 1375584894-9917-5-git-send-email-mrhines@linux.vnet.ibm.com Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
Don't print newlines on the error_setg() function,
but still allow newlines on fprintf().
Signed-off-by: Michael R. Hines <mrhines@us.ibm.com>
Message-id: 1375584894-9917-4-git-send-email-mrhines@linux.vnet.ibm.com Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
Signed-off-by: Michael R. Hines <mrhines@us.ibm.com>
Message-id: 1375584894-9917-3-git-send-email-mrhines@linux.vnet.ibm.com Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
RDMA does not use sockets, so we cannot use many of the socket
helper functions, but we *do* use inet_parse() which gives
RDMA all the necessary details of the connection parameters.
However, when testing with libvirt, a simple IPv6 migration test failed
because we were not using getaddrinfo() properly.
This makes IPv6 migration over RDMA work.
Signed-off-by: Michael R. Hines <mrhines@us.ibm.com>
Message-id: 1375584894-9917-2-git-send-email-mrhines@linux.vnet.ibm.com Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
Andreas Färber [Sun, 4 Aug 2013 13:05:01 +0000 (15:05 +0200)]
pxa2xx: Avoid object_get_link_property() assertion for "parent_bus"
pxa2xx_i2c_init() creates a pxa2xx-i2c-slave device on a second i2c-bus,
which has a NULL parent device. This causes an assertion in
object_get_canonical_path() when accessing pxa2xx-i2c-slave's
"parent_bus" link<bus> property in tosa and likely other PXA2xx machines.
Fix this by using the pxa2xx_i2c device, created just before, as parent.
Signed-off-by: Andreas Färber <afaerber@suse.de> Signed-off-by: Andreas Färber <afaerber@suse.de>
Message-id: 1375621501-5564-1-git-send-email-afaerber@suse.de Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
Anthony Liguori [Mon, 5 Aug 2013 13:01:32 +0000 (08:01 -0500)]
Merge remote-tracking branch 'mjt/trivial-patches' into staging
# By Fam Zheng (1) and others
# Via Michael Tokarev
* mjt/trivial-patches:
vmdk: fix comment for vmdk_co_write_zeroes
memory.c: drop kvm.h dependency
block/iscsi.c: Fix printf format error.
qemu-ga: build it even if !system
Message-id: 1375453248-7178-1-git-send-email-mjt@msgid.tls.msk.ru Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
Jan Kiszka [Fri, 2 Aug 2013 19:48:18 +0000 (21:48 +0200)]
pcnet: Flush queued packets on end of STOP state
Analogously to other NICs, we have to inform the network layer when
the can_receive handler will no longer report 0. Without this, we may
get stuck waiting on queued incoming packets.
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com> Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
Kevin Wolf [Tue, 30 Jul 2013 12:58:27 +0000 (14:58 +0200)]
block: Disable driver-specific options for 1.6
We don't want to commit to the API yet before everything is worked out.
Like already for 1.5, disable it again for the 1.6 release. This commit
is meant to be reverted after the 1.6 release.
The disabling of the driver-specific options is achieved by applying the
old checks while parsing the command line.
Signed-off-by: Kevin Wolf <kwolf@redhat.com> Reviewed-by: Eric Blake <eblake@redhat.com> Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
block/iscsi.c: In function ‘is_request_lun_aligned’:
block/iscsi.c:251:26: error: format ‘%ld’ expects argument of type ‘long int’, but argument 3 has type ‘int64_t’ [-Werror=format=]
iscsilun->block_size, sector_num, nb_sectors);
^
This also splits the long line to comply with qemu coding guidelines.
Signed-off-by: Richard W.M. Jones <rjones@redhat.com> Reviewed-by: Stefan Weil <sw@weilnetz.de> Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com> Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
Michael Tokarev [Wed, 31 Jul 2013 10:22:07 +0000 (14:22 +0400)]
qemu-ga: build it even if !system
Move qemu-ga build check out of if softmmu.. into its own section.
We want to build qemu-ga for _guest_ even if system build isn't
done. It is controlled separately using --enable-guest-agent.
Additionally, give error message if guest agent is requested but
not supported.
Anthony Liguori [Thu, 1 Aug 2013 22:09:28 +0000 (17:09 -0500)]
Merge remote-tracking branch 'afaerber/tags/prep-for-upstream' into staging
PReP machine and devices
* Fixes for i82378 PCI-ISA bridge endianness handling
# gpg: Signature made Wed 31 Jul 2013 04:25:51 PM CDT using RSA key ID 3E7E013F
# gpg: Can't check signature: public key not found
# By Hervé Poussineau
# Via Andreas Färber
* afaerber/tags/prep-for-upstream:
i82378: Cleanup implementation
pci-host/prep: Set isa_mem_base in the PCI host bridge
In virtio_9p_device_init() there are 6x goto out that will lead to
v9fs_path_free() attempting to free unitialized path.data field.
Easiest way to trigger is: qemu-system-x86_64 -device virtio-9p-pci
Fix this by moving v9fs_path_init() before any goto out.
Signed-off-by: Andreas Färber <afaerber@suse.de> Signed-off-by: Andreas Färber <afaerber@suse.de>
Message-id: 1375315187-16534-1-git-send-email-afaerber@suse.de Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
Anthony Liguori [Thu, 1 Aug 2013 16:18:04 +0000 (11:18 -0500)]
Merge remote-tracking branch 'luiz/queue/qmp' into staging
# By Pawit Pornkitprasan
# Via Luiz Capitulino
* luiz/queue/qmp:
migration: don't use uninitialized variables
migration: send total time in QMP at "completed" stage
Message-id: 1375367564-4797-1-git-send-email-lcapitulino@redhat.com Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
The qmp_migrate method uses the 'blk' and 'inc' parameter without
checking if they're valid or not (they may be uninitialized if
command is received via QMP)
Guest trying to reset a endpoint of a disconnected device resulted in
xhci trying to dereference uport while being NULL, thereby crashing
qemu. Fix that by adding a check. Drop unused dev variable while
touching that code bit.
- i82378 only exists on PCI bus; do not split implementation in 2 structs
- remove BARs, which are not specified in datasheet
- replace custom isa_mmio implementation by PCI bus IO region usage
- use QOM casts when required
Signed-off-by: Hervé Poussineau <hpoussin@reactos.org>
[AF: Style- and QOM-related changes, dropped no_user, reverted VMSD name] Signed-off-by: Andreas Färber <andreas.faerber@web.de>
We can compute a floor log2 value with clz rather than a division loop.
Signed-off-by: Richard Henderson <rth@twiddle.net>
Message-id: 1375208443-17288-3-git-send-email-rth@twiddle.net Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
Signed-off-by: Richard Henderson <rth@twiddle.net>
Message-id: 1375208443-17288-2-git-send-email-rth@twiddle.net Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
Andreas Färber [Mon, 29 Jul 2013 14:05:33 +0000 (16:05 +0200)]
mips_r4k: Silence BIOS loading warning for qtest
Signed-off-by: Andreas Färber <afaerber@suse.de> Reviewed-by: Anthony Liguori <aliguori@us.ibm.com> Signed-off-by: Andreas Färber <afaerber@suse.de>
Message-id: 1375106733-832-6-git-send-email-afaerber@suse.de Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
Andreas Färber [Mon, 29 Jul 2013 14:05:32 +0000 (16:05 +0200)]
mips_jazz: Silence BIOS loading warning for qtest
Signed-off-by: Andreas Färber <afaerber@suse.de> Reviewed-by: Anthony Liguori <aliguori@us.ibm.com> Signed-off-by: Andreas Färber <afaerber@suse.de>
Message-id: 1375106733-832-5-git-send-email-afaerber@suse.de Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
Andreas Färber [Mon, 29 Jul 2013 14:05:31 +0000 (16:05 +0200)]
mips_malta: Silence BIOS loading warning for qtest
Signed-off-by: Andreas Färber <afaerber@suse.de> Reviewed-by: Anthony Liguori <aliguori@us.ibm.com> Signed-off-by: Andreas Färber <afaerber@suse.de>
Message-id: 1375106733-832-4-git-send-email-afaerber@suse.de Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
Andreas Färber [Mon, 29 Jul 2013 14:05:30 +0000 (16:05 +0200)]
mips_fulong2e: Silence BIOS loading warning for qtest
Signed-off-by: Andreas Färber <afaerber@suse.de> Reviewed-by: Anthony Liguori <aliguori@us.ibm.com> Signed-off-by: Andreas Färber <afaerber@suse.de>
Message-id: 1375106733-832-3-git-send-email-afaerber@suse.de Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
Andreas Färber [Mon, 29 Jul 2013 14:05:29 +0000 (16:05 +0200)]
target-ppc: Suppress TCG instruction emulation warnings for qtest
Signed-off-by: Andreas Färber <afaerber@suse.de> Reviewed-by: Anthony Liguori <aliguori@us.ibm.com> Signed-off-by: Andreas Färber <afaerber@suse.de>
Message-id: 1375106733-832-2-git-send-email-afaerber@suse.de Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
Michael Roth [Tue, 30 Jul 2013 18:04:22 +0000 (13:04 -0500)]
chardev: fix CHR_EVENT_OPENED events for mux chardevs
As of bd5c51ee6c4f1c79cae5ad2516d711a27b4ea8ec, chardevs no longer use
bottom-halves to issue CHR_EVENT_OPENED events. To maintain past
semantics, we instead defer the CHR_EVENT_OPENED events toward the end
of chardev initialization.
For muxes, this isn't good enough, since a range of FEs must be able
to attach to the mux prior to any CHR_EVENT_OPENED being issued, else
each FE will immediately print it's initial output (prompts, banners,
etc.) just prior to us switching to the next FE as part of
initialization.
The is new and confusing behavior for users, as they'll see output for
things like the HMP monitor, even though their the current mux focus
may be a guest serial port with potentially no output.
We fix this by further deferring CHR_EVENT_OPENED events for FEs
associated with muxes until after machine init by flagging mux chardevs
with 'explicit_be_open', which suppresses emission of CHR_EVENT_OPENED
events until we explicitly set the mux as opened later.
Currently, we must defer till after machine init since we potentially
associate FEs with muxes as part of realize (for instance,
serial_isa_realizefn).
Signed-off-by: Michael Roth <mdroth@linux.vnet.ibm.com>
Message-id: 1375207462-8141-1-git-send-email-mdroth@linux.vnet.ibm.com Cc: qemu-stable@nongnu.org Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
Signed-off-by: Stefan Weil <sw@weilnetz.de>
Message-id: 1375216883-23969-1-git-send-email-sw@weilnetz.de Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
Petar Jovanovic [Mon, 29 Jul 2013 10:49:05 +0000 (12:49 +0200)]
target-mips: correct the values in the DSP tests
Five tests files for DSP instructions had wrong expected values in the tests.
This change fixes this, and this has been cross-checked by running the same
test binaries on Malta 74K board.
Signed-off-by: Petar Jovanovic <petar.jovanovic@imgtec.com> Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
s390: Implement dump-guest-memory support for target s390x
With this patch dump-guest-memory on s390 produces an ELF formatted,
crash-readable dump.
In order to implement this, the arch-specific part of dump-guest-memory
was added:
target-s390x/arch_dump.c contains the whole set of function for writing
Elf note sections of all types for s390x.
Signed-off-by: Ekaterina Tumanova <tumanova@linux.vnet.ibm.com> Signed-off-by: Jens Freimann <jfrei@linux.vnet.ibm.com>
[fixed indentation, use CamelCase, rename note_t to Note, use S390CPU] Reviewed-by: Andreas Färber <afaerber@suse.de> Signed-off-by: Christian Borntraeger <borntraeger@de.ibm.com>
Thomas Huth [Tue, 2 Jul 2013 12:45:16 +0000 (14:45 +0200)]
s390x/kvm: Remove redundant return code
Removed the redundant return code statement from handle_instruction() - it
always returned 0 and never reports any errors to its caller, since errors
from the sub-functions are already reported via program exceptions instead.
Signed-off-by: Thomas Huth <thuth@linux.vnet.ibm.com> Signed-off-by: Christian Borntraeger <borntraeger@de.ibm.com>
Thomas Huth [Mon, 24 Jun 2013 13:17:34 +0000 (15:17 +0200)]
s390x/kvm: Reworked/fixed handling of cc3 in kvm_handle_css_inst()
Consolidated the setting of the condition code in kvm_handle_css_inst().
For the (unhandled) instructions EQBS and SQBS, we have to return
an operation exception instead of cc3. Also removed the is_ioinst()
function to avoid decoding the opcode twice.
Signed-off-by: Thomas Huth <thuth@linux.vnet.ibm.com> Reviewed-by: Cornelia Huck <cornelia.huck@de.ibm.com> Signed-off-by: Christian Borntraeger <borntraeger@de.ibm.com>
Thomas Huth [Fri, 21 Jun 2013 11:12:45 +0000 (13:12 +0200)]
s390x/ioinst: Throw addressing exception when memory_map failed
So far, the IO instructions were throwing specification exceptions when
there was a problem with accessing the memory. However, the better way
is to throw an addressing exception instead.
Signed-off-by: Thomas Huth <thuth@linux.vnet.ibm.com> Reviewed-by: Cornelia Huck <cornelia.huck@de.ibm.com> Signed-off-by: Christian Borntraeger <borntraeger@de.ibm.com>
Current hcd-ohci does not handle DMA errors. However they may happen
so here we introduce simple error handling.
On such errors, a typical OHCI will stop operating, signal the guest
about the error by sending "UnrecoverableError Event", set itself into
error state and set "Detected Parity Error" in its PCI config space
to signal that it got an error and so does the patch.
This also adds ohci_die() call to ohci_bus_start() to handle possible
failure of qemu_new_timer_ns().
Spice has two display interface implementations: One integrated into
the qxl graphics card, and one generic which can operate with every
qemu-emulated graphics card.
The generic one is activated in case spice is used without qxl. The
logic for that only caught the "-vga qxl" case, "-device qxl-vga" goes
unnoticed. Fix that by adding a check in the spice interface
registration so we'll notice the qxl card no matter how it is created.
Paul Moore [Thu, 18 Jul 2013 13:57:03 +0000 (09:57 -0400)]
seccomp: add arch_prctl() to the syscall whitelist
It appears that even a very simple /etc/qemu-ifup configuration can
require the arch_prctl() syscall, see the example below:
#!/bin/sh
/sbin/ifconfig $1 0.0.0.0 up
/usr/sbin/brctl addif <switch> $1
Signed-off-by: Paul Moore <pmoore@redhat.com> Reviewed-by: Eduardo Otubo <otubo@linux.vnet.ibm.com>
Message-id: 20130718135703.8247.19213.stgit@localhost Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
Paul Moore [Mon, 15 Jul 2013 19:32:01 +0000 (15:32 -0400)]
seccomp: add additional asynchronous I/O syscalls
A previous commit, "seccomp: add the asynchronous I/O syscalls to the
whitelist", added several asynchronous I/O syscalls but left out the
io_submit() and io_cancel() syscalls. This patch corrects this by
adding the two missing asynchronous I/O syscalls.
Signed-off-by: Paul Moore <pmoore@redhat.com> Reviewed-by: Eduardo Otubo <otubo@linux.vnet.ibm.com>
Message-id: 20130715193201.943.4913.stgit@localhost Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
Peter Maydell [Mon, 29 Jul 2013 10:31:49 +0000 (11:31 +0100)]
linux-user: Return success from m68k set_thread_area syscall
The m68k set_thread_area syscall implementation failed to set the
return value. Correctly set it zero, since this syscall will always
succeed.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Message-id: 1375093909-13653-1-git-send-email-peter.maydell@linaro.org Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
Peter Maydell [Mon, 29 Jul 2013 11:00:32 +0000 (12:00 +0100)]
linux-user/signal.c: Avoid using uninitialized data in ARM sigreturn
Rephrase code used in ARM sigreturn functions to avoid using
uninitialized variables. This fixes one genuine problem ('frame'
would not be initialized if we took the error-exit path because
our stackpointer was misaligned) and one which is clang being
alarmist (frame_addr wouldn't be initialized, though this is
harmless since unlock_user_struct ignores its second argument
in these cases; however since we don't generally make use of
this not-really-documented effect it's better avoided).
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Message-id: 1375095632-13735-3-git-send-email-peter.maydell@linaro.org Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
Silence a clang warning in a PPC signal return function:
/home/petmay01/linaro/qemu-from-laptop/qemu/linux-user/signal.c:4611:9: error: variable 'sr_addr' is used
uninitialized whenever 'if' condition is true [-Werror,-Wsometimes-uninitialized]
if (!lock_user_struct(VERIFY_READ, sc, sc_addr, 1))
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
/home/petmay01/linaro/qemu-from-laptop/qemu/linux-user/signal.c:4636:28: note: uninitialized use occurs here
unlock_user_struct(sr, sr_addr, 1);
^~~~~~~
/home/petmay01/linaro/qemu-from-laptop/qemu/linux-user/qemu.h:442:27: note: expanded from macro 'unlock_user_struct'
unlock_user(host_ptr, guest_addr, (copy) ? sizeof(*host_ptr) : 0)
^
This happens when we unlock a user struct which we never
attempted to lock. Strictly, clang is actually wrong here -- it
hasn't been able to spot that unlock_user_struct() doesn't use
its second argument if the first is NULL. However it doesn't
seem too unreasonable to demand that we pass in initialized
values to it.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Message-id: 1375095632-13735-2-git-send-email-peter.maydell@linaro.org Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
Peter Maydell [Mon, 29 Jul 2013 12:16:39 +0000 (13:16 +0100)]
spapr: Rename 'dprintf' to 'DPRINTF'
'dprintf' is the name of a POSIX standard function so we should not be
stealing it for our debug macro. Rename to 'DPRINTF' (in line with
a number of other source files.)
Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Reviewed-by: Andreas Färber <afaerber@suse.de> Reviewed-by: MORITA Kazutaka <morita.kazutaka@lab.ntt.co.jp> Acked-by: Richard Henderson <rth@twiddle.net> Acked-by: Kevin Wolf <kwolf@redhat.com>
Message-id: 1375100199-13934-5-git-send-email-peter.maydell@linaro.org Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
Peter Maydell [Mon, 29 Jul 2013 12:16:38 +0000 (13:16 +0100)]
target-ppc/kvm.c: Rename 'dprintf' to 'DPRINTF'
'dprintf' is the name of a POSIX standard function so we should not be
stealing it for our debug macro. Rename to 'DPRINTF' (in line with
a number of other source files.)
Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Reviewed-by: Andreas Färber <afaerber@suse.de> Reviewed-by: MORITA Kazutaka <morita.kazutaka@lab.ntt.co.jp> Acked-by: Richard Henderson <rth@twiddle.net> Acked-by: Kevin Wolf <kwolf@redhat.com>
Message-id: 1375100199-13934-4-git-send-email-peter.maydell@linaro.org Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
Peter Maydell [Mon, 29 Jul 2013 12:16:37 +0000 (13:16 +0100)]
s390x: Rename 'dprintf' to 'DPRINTF'
'dprintf' is the name of a POSIX standard function so we should not be
stealing it for our debug macro. Rename to 'DPRINTF' (in line with
a number of other source files.)
Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Reviewed-by: Andreas Färber <afaerber@suse.de> Reviewed-by: MORITA Kazutaka <morita.kazutaka@lab.ntt.co.jp> Acked-by: Richard Henderson <rth@twiddle.net> Acked-by: Kevin Wolf <kwolf@redhat.com>
Message-id: 1375100199-13934-3-git-send-email-peter.maydell@linaro.org Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
Peter Maydell [Mon, 29 Jul 2013 12:16:36 +0000 (13:16 +0100)]
block/sheepdog: Rename 'dprintf' to 'DPRINTF'
'dprintf' is the name of a POSIX standard function so we should not be
stealing it for our debug macro. Rename to 'DPRINTF' (in line with
a number of other source files.)
Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Reviewed-by: Andreas Färber <afaerber@suse.de> Reviewed-by: MORITA Kazutaka <morita.kazutaka@lab.ntt.co.jp> Acked-by: Richard Henderson <rth@twiddle.net> Acked-by: Kevin Wolf <kwolf@redhat.com>
Message-id: 1375100199-13934-2-git-send-email-peter.maydell@linaro.org Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
Igor Mammedov [Mon, 29 Jul 2013 14:47:57 +0000 (16:47 +0200)]
pc: limit 64 bit hole to 2G by default
It turns out that some 32 bit windows guests crash
if 64 bit PCI hole size is >2G.
Limit it to 2G for piix and q35 by default.
User may override default 64-bit PCI hole size by
using "pci-hole64-size" property.
Reported-by: Igor Mammedov <imammedo@redhat.com>, Signed-off-by: Michael S. Tsirkin <mst@redhat.com> Signed-off-by: Igor Mammedov <imammedo@redhat.com> Reviewed-by: Michael S. Tsirkin <mst@redhat.com> Reviewed-by: Andreas Färber <afaerber@suse.de>
Message-id: 1375109277-25561-8-git-send-email-imammedo@redhat.com Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
Signed-off-by: Ian Molton <ian.molton@collabora.co.uk> Signed-off-by: Vasilis Liaskovitis <vasilis.liaskovitis@profitbricks.com> Signed-off-by: Hu Tao <hutao@cn.fujitsu.com> Signed-off-by: Igor Mammedov <imammedo@redhat.com> Reviewed-by: Michael S. Tsirkin <mst@redhat.com> Reviewed-by: Andreas Färber <afaerber@suse.de>
Message-id: 1375109277-25561-7-git-send-email-imammedo@redhat.com Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
Currently visit_type_size checks if the visitor's type_size function pointer is
NULL. If not, it calls it, otherwise it calls v->type_uint64(). But neither of
these pointers are ever set. Fallback to calling v->type_int() in this third
(default) case.
Signed-off-by: Vasilis Liaskovitis <vasilis.liaskovitis@profitbricks.com> Signed-off-by: Hu Tao <hutao@cn.fujitsu.com> Signed-off-by: Igor Mammedov <imammedo@redhat.com> Reviewed-by: Michael S. Tsirkin <mst@redhat.com> Reviewed-by: Andreas Färber <afaerber@suse.de>
Message-id: 1375109277-25561-6-git-send-email-imammedo@redhat.com Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
Igor Mammedov [Mon, 29 Jul 2013 14:47:54 +0000 (16:47 +0200)]
pc: add Q35 to QOM composition tree under /machine
Signed-off-by: Igor Mammedov <imammedo@redhat.com> Reviewed-by: Andreas Färber <afaerber@suse.de> Reviewed-by: Michael S. Tsirkin <mst@redhat.com> Reviewed-by: Andreas Färber <afaerber@suse.de>
Message-id: 1375109277-25561-5-git-send-email-imammedo@redhat.com Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
Igor Mammedov [Mon, 29 Jul 2013 14:47:53 +0000 (16:47 +0200)]
pc: replace i440fx_common_init() with i440fx_init()
It isn't used anywhere else.
Signed-off-by: Igor Mammedov <imammedo@redhat.com> Reviewed-by: Andreas Färber <afaerber@suse.de> Reviewed-by: Michael S. Tsirkin <mst@redhat.com> Reviewed-by: Andreas Färber <afaerber@suse.de>
Message-id: 1375109277-25561-4-git-send-email-imammedo@redhat.com Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
Igor Mammedov [Mon, 29 Jul 2013 14:47:52 +0000 (16:47 +0200)]
pc: add I440FX QOM cast macro
Signed-off-by: Igor Mammedov <imammedo@redhat.com> Reviewed-by: Michael S. Tsirkin <mst@redhat.com> Reviewed-by: Andreas Färber <afaerber@suse.de>
Message-id: 1375109277-25561-3-git-send-email-imammedo@redhat.com Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
pc: move IO_APIC_DEFAULT_ADDRESS to include/hw/i386/ioapic.h
Signed-off-by: Michael S. Tsirkin <mst@redhat.com> Signed-off-by: Laszlo Ersek <lersek@redhat.com> Signed-off-by: Igor Mammedov <imammedo@redhat.com> Reviewed-by: Andreas Färber <afaerber@suse.de> Reviewed-by: Michael S. Tsirkin <mst@redhat.com> Reviewed-by: Andreas Färber <afaerber@suse.de>
Message-id: 1375109277-25561-2-git-send-email-imammedo@redhat.com Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
Anthony Liguori [Mon, 29 Jul 2013 19:39:49 +0000 (14:39 -0500)]
Merge remote-tracking branch 'afaerber/tags/qom-devices-for-anthony' into staging
QOM device refactorings
* Replace all uses of FROM_SYSBUS() macro with QOM cast macros
i) "QOM cast cleanup for X"
Indicates a mechanical 1:1 between TYPE_* and *State.
ii) "QOM'ify X and Y"
Indicates abstract types may have been inserted or similar changes
to type hierarchy.
ii) Renames
Coding Style fixes such as CamelCase have been applied in some cases.
* Fix for sparc floppy - cf. ii) above
* Change PCI type hierarchy to provide PCI_BRIDGE() casts
* In doing so, prepare for adopting QOM realize
# gpg: Signature made Mon 29 Jul 2013 02:15:22 PM CDT using RSA key ID 3E7E013F
# gpg: Can't check signature: public key not found
# By Andreas Färber (171) and others
# Via Andreas Färber
* afaerber/tags/qom-devices-for-anthony: (173 commits)
sysbus: QOM parent field cleanup for SysBusDevice
spapr_pci: QOM cast cleanup
ioapic: QOM cast cleanup
kvm/ioapic: QOM cast cleanup
kvmvapic: QOM cast cleanup
mipsnet: QOM cast cleanup
opencores_eth: QOM cast cleanup
exynos4210_i2c: QOM cast cleanup
sysbus: Remove unused sysbus_new() prototype
sysbus: Drop FROM_SYSBUS()
xilinx_timer: QOM cast cleanup
tusb6010: QOM cast cleanup
slavio_timer: QOM cast cleanup
pxa2xx_timer: QOM'ify pxa25x-timer and pxa27x-timer
puv3_ost: QOM cast cleanup
pl031: QOM cast cleanup
pl031: Rename pl031_state to PL031State
milkymist-sysctl: QOM cast cleanup
m48t59: QOM cast cleanup for M48t59SysBusState
lm32_timer: QOM cast cleanup
...
projects / qemu-upstream-4.4-testing.git / log