Fam Zheng [Thu, 14 Jan 2016 08:41:01 +0000 (16:41 +0800)]
nbd: Always call "close_fn" in nbd_client_new
Rename the parameter "close" to "close_fn" to disambiguous with
close(2).
This unifies error handling paths of NBDClient allocation:
nbd_client_new will shutdown the socket and call the "close_fn" callback
if negotiation failed, so the caller don't need a different path than
the normal close.
The returned pointer is never used, make it void in preparation for the
next patch.
Zhu Lingshan [Tue, 29 Dec 2015 03:32:14 +0000 (11:32 +0800)]
iscsi: send readcapacity10 when readcapacity16 failed
When play with Dell MD3000 target, for sure it
is a TYPE_DISK, but readcapacity16 would fail.
Then we find that readcapacity10 succeeded. It
looks like the target just support readcapacity10
even through it is a TYPE_DISK or have some
TYPE_ROM characteristics.
This patch can give a chance to send
readcapacity16 when readcapacity10 failed.
This patch is not harmful to original pathes
The qemu-char.c contains two helper methods send_all
and recv_all. These are in fact declared in sockets.h
so ought to have been in util/qemu-sockets.c. For added
fun the impl of recv_all is completely missing on Win32.
Fortunately there is only a single caller of these
methods, the TPM passthrough code, which is only
ever compiled on Linux. With only a single caller
these helpers are not compelling enough to keep so
inline them in the TPM code, avoiding the need to
fix the missing recv_all on Win32.
P J P [Mon, 21 Dec 2015 09:43:13 +0000 (15:13 +0530)]
scsi: initialise info object with appropriate size
While processing controller 'CTRL_GET_INFO' command, the routine
'megasas_ctrl_get_info' overflows the '&info' object size. Use its
appropriate size to null initialise it.
P J P [Fri, 18 Dec 2015 06:05:07 +0000 (11:35 +0530)]
i386: avoid null pointer dereference
Hello,
A null pointer dereference issue was reported by Mr Ling Liu, CC'd here. It
occurs while doing I/O port write operations via hmp interface. In that,
'current_cpu' remains null as it is not called from cpu_exec loop, which
results in the said issue.
Below is a proposed (tested)patch to fix this issue; Does it look okay?
When I/O port write operation is called from hmp interface,
'current_cpu' remains null, as it is not called from cpu_exec()
loop. This leads to a null pointer dereference in vapic_write
routine. Add check to avoid it.
Paolo Bonzini [Tue, 17 Nov 2015 16:09:33 +0000 (17:09 +0100)]
target-i386: do not duplicate page protection checks
x86_cpu_handle_mmu_fault is currently checking twice for writability
and executability of pages; the first time to decide whether to
trigger a page fault, the second time to compute the "prot" argument
to tlb_set_page_with_attrs.
Reorganize code so that first "prot" is computed, then it is used
to check whether to raise a page fault, then finally PROT_WRITE is
removed if the D bit will have to be set.
Paolo Bonzini [Fri, 18 Dec 2015 08:54:53 +0000 (09:54 +0100)]
scsi: revert change to scsi_req_cancel_async and add assertions
Fam Zheng noticed that the change in commit 36896bf ("scsi: always call
notifier on async cancellation", 2015-12-16) could cause a leak of
the request; scsi_req_cancel_async now calls scsi_req_ref
multiple times for multiple cancellations, but there is only
one call to scsi_req_cancel_complete.
So revert the patch and instead assert that the problematic case (a call
to scsi_req_cancel_async after the aiocb has been completed) cannot
happen.
Peter Maydell [Fri, 15 Jan 2016 15:49:43 +0000 (15:49 +0000)]
Merge remote-tracking branch 'remotes/pmaydell/tags/pull-target-arm-20160115' into staging
target-arm queue:
* use the right MMU index when handling unaligned accesses
* xlnx-zynqmp: Add support for high DDR memory regions
* target-arm: support QMP dump-guest-memory
* ARM: virt: Don't generate RTC ACPI device when using UEFI
* remotes/pmaydell/tags/pull-target-arm-20160115:
ARM: virt: Don't generate RTC ACPI device when using UEFI
target-arm: dump-guest-memory: add vfp notes for arm
elf: add arm note types
target-arm: dump-guest-memory: add prfpreg notes for aarch64
target-arm: support QMP dump-guest-memory
dump: allow target to set the physical base
dump: allow target to set the page size
dump: qemunotes aren't commonly needed
qapi-schema: dump-guest-memory: Improve text
xlnx-zynqmp: Add support for high DDR memory regions
target-arm: Use the right MMU index in arm_regime_using_lpae_format
Shannon Zhao [Fri, 15 Jan 2016 14:11:31 +0000 (22:11 +0800)]
ARM: virt: Don't generate RTC ACPI device when using UEFI
When booting the VM with UEFI, UEFI takes ownership of the RTC hardware.
While UEFI can use libfdt to disable the RTC device node in the DTB that
it passes to the OS, it cannot modify AML. Therefore, we won't generate
the RTC ACPI device at all when using UEFI.
Andrew Jones [Mon, 11 Jan 2016 19:56:25 +0000 (20:56 +0100)]
target-arm: dump-guest-memory: add vfp notes for arm
gdb won't actually dump these with 'info all-registers' since
it first tries to confirm that it should by checking the VFP
hwcap in the .auxv note. Well, we don't generate an .auxv note.
Andrew Jones [Mon, 11 Jan 2016 19:56:21 +0000 (20:56 +0100)]
dump: allow target to set the physical base
crash assumes the physical base in the kdump subheader of
makedumpfile formatted dumps is correct. Zero is not correct
for all architectures, so allow it to be changed.
Andrew Jones [Mon, 11 Jan 2016 19:56:20 +0000 (20:56 +0100)]
dump: allow target to set the page size
This is necessary for targets that don't have TARGET_PAGE_SIZE ==
real-target-page-size. The target should set the page size to the
correct one, if known, or, if not known, to the maximum page size
it supports.
Andrew Jones [Mon, 11 Jan 2016 19:56:19 +0000 (20:56 +0100)]
dump: qemunotes aren't commonly needed
Only one of three architectures implementing qmp-dump-guest-memory write
qemu notes. And, another architecture (arm/aarch64) is coming, which
won't use them either. Make the common implementation truly common.
Alistair Francis [Tue, 12 Jan 2016 22:39:18 +0000 (14:39 -0800)]
xlnx-zynqmp: Add support for high DDR memory regions
The Xilinx ZynqMP SoC and EP108 board supports three memory regions:
- A 2GB region starting at 0
- A 32GB region starting at 32GB
- A 256GB region starting at 768GB
This patch adds support for the first two memory regions, which is
automatically created based on the size specified by the QEMU memory
command line argument.
On hardware the physical memory region is one continuous region, it is then
mapped into the three different regions by the DDRC. As we don't model the
DDRC this is done at startup by QEMU. The board creates the memory region and
then passes that memory region to the SoC. The SoC then maps the memory
regions.
Alvise Rigo [Fri, 15 Jan 2016 10:37:42 +0000 (11:37 +0100)]
target-arm: Use the right MMU index in arm_regime_using_lpae_format
arm_regime_using_lpae_format checks whether the LPAE extension is used
for stage 1 translation regimes. MMU indexes not exclusively of a stage 1
regime won't work with this method.
In case of ARMMMUIdx_S12NSE0 or ARMMMUIdx_S12NSE1, offset these values
by ARMMMUIdx_S1NSE0 to get the right index indicating a stage 1
translation regime.
Rename also the function to arm_s1_regime_using_lpae_format and update
the comments to reflect the change.
Commit 8acc216b956 attempted to silence some sign-compare
warnings in libvixl by adding -Wno-sign-compare to the CFLAGS
for the relevant objects. Unfortunately it was ineffective
because it was placed before $(QEMU_CFLAGS), so the -Wall in
the general flags overrode -Wno-sign-compare rather than
vice-versa. Reorder the flags so the warning suppression works.
Thanks to Franz-Josef Haider <[email protected]>
for pointing out what was wrong with the original patch.
Peter Maydell [Thu, 14 Jan 2016 13:07:38 +0000 (13:07 +0000)]
Merge remote-tracking branch 'remotes/armbru/tags/pull-error-2016-01-13' into staging
Error reporting patches for 2016-01-13
# gpg: Signature made Wed 13 Jan 2016 14:21:48 GMT using RSA key ID EB918653
# gpg: Good signature from "Markus Armbruster <[email protected]>"
# gpg: aka "Markus Armbruster <[email protected]>"
* remotes/armbru/tags/pull-error-2016-01-13: (41 commits)
checkpatch: Detect newlines in error_report and other error functions
error: Consistently name Error * objects err, and not errp
s390/sclp: Simplify control flow in sclp_realize()
hw/s390x: Rename local variables Error *l_err to just err
error: Clean up errors with embedded newlines (again)
vhdx: Fix "log that needs to be replayed" error message
pci-assign: Clean up "Failed to assign" error messages
vmdk: Clean up "Invalid extent lines" error message
vmdk: Clean up control flow in vmdk_parse_extents() a bit
error: Strip trailing '\n' from error string arguments (again)
qemu-io qemu-nbd: Use error_report() etc. instead of fprintf()
migration: Use error_reportf_err() instead of monitor_printf()
spapr: Use error_reportf_err()
error: Use error_prepend() where it makes obvious sense
error: Use error_reportf_err() where it makes obvious sense
error: Don't decorate original error message when adding to it
error: New error_prepend(), error_reportf_err()
test-throttle: Simplify qemu_init_main_loop() error handling
qemu-nbd: Clean up "Failed to load snapshot" error message
block: Clean up "Could not create temporary overlay" error message
...
* remotes/amit-migration/tags/migration-for-2.6-1:
multithread decompression: Avoid one copy
Use qemu_get_buffer_in_place for xbzrle data
Migration: Emit event at start of pass
Postcopy: Send events/change state on incoming side
migration: Add state records for migration incoming
migration: Export migrate_set_state()
Jason J. Herne [Fri, 11 Dec 2015 18:30:42 +0000 (13:30 -0500)]
checkpatch: Detect newlines in error_report and other error functions
We don't want newlines embedded in error messages. This seems to be a common
problem with new code so let's try to catch it with checkpatch.
This will not catch cases where newlines are inserted into the middle of an
existing multi-line statement. But those cases should be rare.
Signed-off-by: Jason J. Herne <[email protected]>
Message-Id: <1449858642[email protected]>
[Rephrased "Error function text" to "Error messages", dropped
error_vprintf, error_printf, error_printf from $qemu_error_funcs,
because they may legitimately print newlines] Signed-off-by: Markus Armbruster <[email protected]>
error: Clean up errors with embedded newlines (again)
The arguments of error_report() should yield a short error string
without newlines.
A few places try to print additional help after the error message by
embedding newlines in the error string. That's nice, but let's do it
the right way. Commit 474c213 cleaned up some, but they keep coming
back. Offenders tracked down with the Coccinelle semantic patch from
commit 312fd5f.
vhdx: Fix "log that needs to be replayed" error message
The arguments of error_setg_errno() should yield a short error string
without newlines.
Here, we try to append additional help to the error message by
embedding newlines in the error string. That's nice, but it's doesn't
play nicely with the errno part. tests/qemu-iotests/070.out shows the
resulting mess:
can't open device TEST_DIR/iotest-dirtylog-10G-4M.vhdx: VHDX image file 'TEST_DIR/iotest-dirtylog-10G-4M.vhdx' opened read-only, but contains a log that needs to be replayed. To replay the log, execute:
qemu-img check -r all 'TEST_DIR/iotest-dirtylog-10G-4M.vhdx': Operation not permitted
Switch to error_setg() and error_append_hint(). Result:
can't open device TEST_DIR/iotest-dirtylog-10G-4M.vhdx: VHDX image file 'TEST_DIR/iotest-dirtylog-10G-4M.vhdx' opened read-only, but contains a log that needs to be replayed
To replay the log, run:
qemu-img check -r all 'TEST_DIR/iotest-dirtylog-10G-4M.vhdx'
pci-assign: Clean up "Failed to assign" error messages
The arguments of error_setg() & friends should yield a short error
string without newlines.
Two places try to append additional help to the error message by
embedding newlines in the error string. That's nice, but let's do it
the right way, with error_append_hint().
error: Strip trailing '\n' from error string arguments (again)
Commit 6daf194d, be62a2eb and 312fd5f got rid of a bunch, but they
keep coming back. Tracked down with the Coccinelle semantic patch
from commit 312fd5f.
migration: Use error_reportf_err() instead of monitor_printf()
Both error_reportf_err() and monitor_printf() print to the same
destination when monitor_printf() is used correctly, i.e. within an
HMP monitor. Elsewhere, monitor_printf() does nothing, while
error_reportf_err() reports to stderr.
Both changed functions are HMP command handlers. These should only
run within an HMP monitor.
Unlike monitor_printf(), error_reportf_err() uses the error whole
instead of just its message obtained with error_get_pretty(). This
avoids suppressing its hint (see commit 50b7b00), but I don't think
the errors touched in this commit can come with hints.
followed by manual cleanup, first because I can't figure out how to
make Coccinelle transform strings, and second to get rid of now
superfluous error_propagate().
We now use or propagate the original error whole instead of just its
message obtained with error_get_pretty(). This avoids suppressing its
hint (see commit 50b7b00), but I can't see how the errors touched in
this commit could come with hints. It also improves the message
printed with &error_abort when we screw up (see commit 1e9b65b).
followed by a replace of '%s"/*@@@*/' by '"' and some line rewrapping,
because I can't figure out how to make Coccinelle transform strings.
We now use the error whole instead of just its message obtained with
error_get_pretty(). This avoids suppressing its hint (see commit 50b7b00), but I can't see how the errors touched in this commit could
come with hints.
This is suboptimal, because it loses err's hint (if any). Moreover,
when errp is &error_abort or is subsequently propagated to
&error_abort, the abort message points to the place where we last
added to the error, not to the place where it originated.
To avoid these issues, provide means to add to an error's message in
place:
The code looks like it tries to check for both qemu_init_main_loop()
and qemu_get_aio_context() failure in one conditional. In fact,
qemu_get_aio_context() can fail only after qemu_init_main_loop()
failed.
Simplify accordingly: check for qemu_init_main_loop() error directly,
without bothering to improve its error message. Call
qemu_get_aio_context() only when qemu_get_aio_context() succeeded. It
can't fail then, so no need to check.
qemu-nbd: Clean up "Failed to load snapshot" error message
bdrv_snapshot_load_tmp() sets an error and returns -errno on failure.
We report both even though the error message is self-contained. Drop
the redundant strerror().
While there: setting errno right before exit() is pointless, so drop
that, too.
block: Clean up "Could not create temporary overlay" error message
bdrv_create() sets an error and returns -errno on failure. When the
latter is interesting, the error is created with error_setg_errno().
bdrv_append_temp_snapshot() uses the error's message to create a new
one with error_setg_errno(). This adds a strerror() that is either
uninteresting or duplicate. Use error_setg() instead.
error: Use error_report_err() instead of ad hoc prints
Unlike ad hoc prints, error_report_err() uses the error whole instead
of just its message obtained with error_get_pretty(). This avoids
suppressing its hint (see commit 50b7b00). Example:
$ bld/ivshmem-server -l 42@
Parameter 'shm_size' expects a size
You may use k, M, G or T suffixes for kilobytes, megabytes, gigabytes and terabytes.
The last line is new with this patch.
While there, drop a "cannot parse shm size: " message prefix; it's
redundant, because the error message proper is always of the form
"Parameter 'shm_size' expects ...".
error: Use error_report_err() instead of monitor_printf()
Both error_report_err() and monitor_printf() print to the same
destination when monitor_printf() is used correctly, i.e. within an
HMP monitor. Elsewhere, monitor_printf() does nothing, while
error_report_err() reports to stderr.
Most changed functions are HMP command handlers. These should only
run within an HMP monitor. The one exception is bdrv_password_cb(),
which should also only run within an HMP monitor.
Four command handlers prefix the error message with the command name:
balloon, migrate_set_capability, migrate_set_parameter, migrate.
Pointless, drop.
Unlike monitor_printf(), error_report_err() uses the error whole
instead of just its message obtained with error_get_pretty(). This
avoids suppressing its hint (see commit 50b7b00). Example:
(qemu) device_add ivshmem,id=666
Parameter 'id' expects an identifier
Identifiers consist of letters, digits, '-', '.', '_', starting with a letter.
Try "help device_add" for more information
The "Identifiers consist of..." line is new with this patch.
Coccinelle semantic patch:
@@
expression M, E;
@@
- monitor_printf(M, "%s\n", error_get_pretty(E));
- error_free(E);
+ error_report_err(E);
@r1@
expression M, E;
format F;
position p;
@@
- monitor_printf(M, "...%@F@\n", error_get_pretty(E));@p
- error_free(E);
+ error_report_err(E);
@script:python@
p << r1.p;
@@
print "%s:%s:%s: prefix dropped" % (p[0].file, p[0].line, p[0].column)
error: Use error_report_err() where appropriate (again)
Same Coccinelle semantic patch as in commit 565f65d.
We now use the original error whole instead of just its message
obtained with error_get_pretty(). This avoids suppressing its hint
(see commit 50b7b00), but I don't think the errors touched in this
commit can come with hints.
audio: Clean up inappropriate and unreachable use of hw_error()
audio_init() should not use hw_error(), because dumping CPU registers
is unhelpful there, and aborting is wrong, because it can be called
called from an audio device's realize() method.
The two uses of hw_error() come from commit 0d9acba:
* When qemu_new_timer() fails. It couldn't fail back then, and it
can't fail now. Drop the unreachable error handling.
* When no_audio_driver can't be initialized. It couldn't fail back
then, and it can't fail now. Replace the error handling by an
assertion.
isa_bus_irqs(), isa_create() and isa_try_create() call hw_error() when
passed a null bus. Use of hw_error() has always been questionable,
because these are used only during machine initialization, and
printing CPU registers isn't useful there.
Since the previous commit, passing a null bus is a programming error.
Drop the hw_error() and simply let it crash.
We can have at most one ISA bus. If you try to create another one,
isa_bus_new() complains to stderr and returns null.
isa_bus_new() is called in two contexts, machine's init() and device's
realize() methods. Since complaining to stderr is not proper in the
latter context, convert isa_bus_new() to Error.
Machine's init():
* mips_jazz_init(), called from the init() methods of machines
"magnum" and "pica"
* mips_r4k_init(), the init() method of machine "mips"
* pc_init1() called from the init() methods of non-q35 PC machines
* typhoon_init(), called from clipper_init(), the init() method of
machine "clipper"
These callers always create the first ISA bus, hence isa_bus_new()
can't fail. Simply pass &error_abort.
Device's realize():
* i82378_realize(), of PCI device "i82378"
* ich9_lpc_realize(), of PCI device "ICH9-LPC"
* pci_ebus_realize(), of PCI device "ebus"
* piix3_realize(), of PCI device "pci-piix3", abstract parent of
"PIIX3" and "PIIX3-xen"
* piix4_realize(), of PCI device "PIIX4"
* vt82c686b_realize(), of PCI device "VT82C686B"
Propagate the error. Note that these devices are typically created
only by machine init() methods with qdev_init_nofail() or similar. If
we screwed up and created an ISA bus before that call, we now give up
right away. Before, we'd hobble on, and typically die in
isa_bus_irqs(). Similar if someone finds a way to hot-plug one of
these critters.
sysbus: Don't use hw_error() in machine_init_done_notifiers
platform_bus_map_irq() and platform_bus_map_mmio() use hw_error() to
fail. They run in machine_init_done_notifiers, via
platform_bus_init_notify() and link_sysbus_device(). Printing CPU
registers is not helpful there.
Replace hw_error() by error_report(); exit(1). If these are
programming errors, it should be replaced by an assertion instead.
While there, observe that both functions always return 0, and
link_sysbus_device() ignores the return value. Change them to void.
virt_set_gic_version() calls exit(1) when passed an invalid property
value. Property setters are not supposed to do that. Screwed up in
commit b92ad39. Harmless, because the property belongs to a machine.
Set an error object instead.
error: Don't append a newline when printing the error hint
Since commit 50b7b00, we have error_append_hint() to conveniently
accumulate Error member @hint. error_report_err() prints it with a
newline appended. Consequently, users of error_append_hint() need to
know whether theirs is the final line of the hint to decide whether it
needs a newline. Not a nice interface.
Change error_report_err() to print just the hint, and the (still few)
users of error_append_hint() to add the required newline.
Device realize() methods aren't supposed to call hw_error(), they
should set an error and fail cleanly. Blindly doing that would be
easy enough, but then realize() would fail without undoing its side
effects. Just mark it FIXME for now.
omap: Don't use hw_error() in device init() methods
Device init() methods aren't supposed to call hw_error(), they should
report the error and fail cleanly. Do that.
The errors are all device misconfiguration. All callers use
qdev_init_nofail(), so this patch merely converts hw_error() crashes
into &error_abort crashes. Improvement, because now it crashes closer
to where the misconfiguration bug would be, and a few more bad
examples of hw_error() use are gone.
hw: Don't use hw_error() for machine initialization errors
Printing CPU registers is not helpful during machine initialization.
Moreover, these are straightforward configuration or "can get
resources" errors, so dumping core isn't appropriate either. Replace
hw_error() by error_report(); exit(1). Matches how we report these
errors in other machine initializations.
Emit an event each time we sync the dirty bitmap on the source;
this helps libvirt use postcopy by giving it a kick when it
might be a good idea to start the postcopy.
Postcopy: Send events/change state on incoming side
I missed the calls to send migration events on the destination side
as we enter postcopy.
Take care when adding them not to do it after state has been freed.
Yi Min Zhao [Wed, 16 Dec 2015 09:36:31 +0000 (17:36 +0800)]
s390x/pci: return real state during listing PCI
At present, list_pci() shows all PCI devices as being in configured
state. As devices can be deconfigured by the guest, we need to show
the real configuration status instead.
Halil Pasic [Mon, 7 Dec 2015 14:21:46 +0000 (15:21 +0100)]
virtio-ccw: fix sanity check for vector
The commit 8dfbaa6ac ("virtio-ccw: introduce ccw specific queue limit")
did not touch the sanity check for the vector argument of the method
virtio_ccw_notify, despite intended as seen from
https://lists.nongnu.org/archive/html/qemu-devel/2015-04/msg02705.html
To be able to scale number of virtqueues using the constant this sanity
check needs to be altered.
Yi Min Zhao [Mon, 14 Dec 2015 08:50:44 +0000 (16:50 +0800)]
s390x/pci: reject some operations to disabled PCI function
According to the s390 architecture, any mpcifc, pcilg, pcistg,
pcistb and rpcit instructions issued to disabled PCI functions
are rejected, and the instruction completes by setting condition
code 3. In addition, any DMA and MSIX interruption operations
are ignored.
Peter Maydell [Tue, 12 Jan 2016 17:37:22 +0000 (17:37 +0000)]
Merge remote-tracking branch 'remotes/kvaneesh/tags/for-upstream-signed' into staging
VirtFS update:
Cleanups mostly isolating virtio related details into separate files. This
is done to enable easy addition of Xen transport for VirtFS.
The changes include:
1. Rename a bunch of files and functions to make clear they are generic.
2. disentangle virtio transport code and generic 9pfs code.
3. Some function name clean-up.
# gpg: Signature made Tue 12 Jan 2016 06:04:35 GMT using RSA key ID 04C4E23A
# gpg: Good signature from "Aneesh Kumar K.V <[email protected]>"
# gpg: WARNING: This key is not certified with a trusted signature!
# gpg: There is no indication that the signature belongs to the owner.
# Primary key fingerprint: 4846 9DE7 1860 360F A6E9 968C DE41 A4FE 04C4 E23A
* remotes/kvaneesh/tags/for-upstream-signed: (25 commits)
9pfs: introduce V9fsVirtioState
9pfs: factor out v9fs_device_{,un}realize_common
9pfs: rename virtio-9p.c to 9p.c
9pfs: rename virtio_9p_set_fd_limit to use v9fs_ prefix
9pfs: move handle_9p_output and make it static function
9pfs: export pdu_{submit,alloc,free}
9pfs: factor out virtio_9p_push_and_notify
9pfs: break out 9p.h from virtio-9p.h
9pfs: break out virtio_init_iov_from_pdu
9pfs: factor out pdu_push_and_notify
9pfs: factor out virtio_pdu_{,un}marshal
9pfs: make pdu_{,un}marshal proper functions
9pfs: PDU processing functions should start pdu_ prefix
9pfs: PDU processing functions don't need to take V9fsState as argument
fsdev: rename virtio-9p-marshal.{c,h} to 9p-iov-marshal.{c,h}
fsdev: break out 9p-marshal.{c,h} from virtio-9p-marshal.{c,h}
9pfs: remove dead code
9pfs: merge hw/virtio/virtio-9p.h into hw/9pfs/virtio-9p.h
9pfs: rename virtio-9p-xattr{,-user}.{c,h} to 9p-xattr{,-user}.{c,h}
9pfs: rename virtio-9p-synth.{c,h} to 9p-synth.{c,h}
...
The VIXL code includes some equality comparisons between signed
and unsigned types. Modern gcc and clang do not complain about
these, but older versions of gcc such as gcc 4.6.3 do. Since
libvixl is an upstream library, the simplest approach is to
suppress the warnings by applying -Wno-sign-compare to the
relevant files.
(GCC 4.6 is not quite yet irrelevant for us; it is the gcc
shipped with Ubuntu Precise, for example, which is an LTS
release not yet out of its support period.)
John Snow [Mon, 11 Jan 2016 19:10:43 +0000 (14:10 -0500)]
libqos/ahci: add ahci_exec
add ahci_exec, which is a standard purpose flexible command dispatcher
and tester for the AHCI device. The intent is to eventually cut down on
the absurd amount of boilerplate inside of the AHCI qtest.
John Snow [Mon, 11 Jan 2016 19:10:43 +0000 (14:10 -0500)]
libqos/ahci: allow nondata commands for ahci_io variants
These variants try to set a data offset, even if you don't specify one.
In the cases where the offset is zero and it's a nondata command, just
ignore the instruction.
John Snow [Mon, 11 Jan 2016 19:10:43 +0000 (14:10 -0500)]
libqos: allow zero-size allocations
As part of streamlining the AHCI tests interface, it'd be nice
if specying a size of zero could be handled without special branches
and the allocator could handle this special case gracefully.
This lets me use the "ahci_io" macros for non-data commands, too,
which moves me forward towards shepherding all AHCI qtests into
a common set of commands in a unified pipeline.
John Snow [Mon, 11 Jan 2016 19:10:43 +0000 (14:10 -0500)]
libqos/ahci: Switch to mutable properties
ATAPI commands are, unfortunately, weird in that they can
be either DMA or PIO depending on a header bit. In order to
accommodate them, I'll need to make AHCI command properties
mutable so we can toggle between which "flavor" of ATAPI command
we want to test.
The default ATAPI transfer mechanism is PIO and the default
properties are adjusted accordingly.
John Snow [Mon, 11 Jan 2016 19:10:42 +0000 (14:10 -0500)]
libqos/ahci: ATAPI support
Add pathways to tolerate ATAPI commands.
Notably, unlike ATA, each SCSI command's layout is a little different,
so support will have to be patched in for each command as we want to
test them in e.g. ahci_command_set_sizes and ahci_command_set_offset.
For now, I'm adding support for 0x28, READ (10).
[Maintainer edit: replaced type-punning with stl_be_p(). --js]
When processing NCQ commands, AHCI device emulation prepares a
NCQ transfer object; To which an aio control block(aiocb) object
is assigned in 'execute_ncq_command'. In case, when the NCQ
command is invalid, the 'aiocb' object is not assigned, and NCQ
transfer object is left as 'used'. This leads to a use after
free kind of error in 'bdrv_aio_cancel_async' via 'ahci_reset_port'.
Reset NCQ transfer object to 'unused' to avoid it.
[Maintainer edit: s/ACHI/AHCI/ in the commit message. --js]
Mark Cave-Ayland [Mon, 11 Jan 2016 19:10:42 +0000 (14:10 -0500)]
macio: fix overflow in lba to offset conversion for ATAPI devices
As the IDEState lba field is an int32_t, make sure we cast to int64_t before
shifting to calculate the offset. Otherwise we end up with an overflow when
trying to access sectors beyond 2GB as can occur when using DVD images.
Ashok Kumar [Mon, 11 Jan 2016 15:52:18 +0000 (15:52 +0000)]
hw/arm/virt: Support legacy -nic command line syntax
Support the legacy -nic syntax for creating PCI network devices
as well as the new-style -device options. This makes life easier
for people moving from x86 KVM virtualization to ARM KVM virtualization
and expecting their network configuration options to work the same
way for both setups.
We use "virtio" as the default NIC model if the user doesn't specify one.
projects / qemu.git / log