- Oct 31, 2015
-
-
Michael Roth authored
Signed-off-by:Michael Roth <mdroth@linux.vnet.ibm.com>
-
Pavel Butsykin authored
When creating snapshot with the dataplane enabled, the snapshot file gets not the actual state of virtqueue, because the current state is stored in VirtIOBlockDataPlane. Therefore, before saving snapshot need to sync the dataplane vring state to the virtqueue. The dataplane will resume its work at the next notify virtqueue. When snapshot loads with loadvm we get a message: VQ 0 size 0x80 Guest index 0x15f5 inconsistent with Host index 0x0: delta 0x15f5 error while loading state for instance 0x0 of device '0000:00:08.0/virtio-blk' Error -1 while loading VM state to reproduce the error I used the following hmp commands: savevm snap1 loadvm snap1 qemu parameters: --enable-kvm -smp 4 -m 1024 -drive file=/var/lib/libvirt/images/centos6.4.qcow2,if=none,id=drive-virtio-disk0,format=qcow2,cache=none,aio=native -device virtio-blk-pci,scsi=off,bus=pci.0,addr=0x8,drive=drive-virtio-disk0,id=virtio-disk0 -set device.virtio-disk0.x-data-plane=on Signed-off-by:Pavel Butsykin <pbutsykin@virtuozzo.com> Signed-off-by:
Denis V. Lunev <den@openvz.org> Message-id: 1445859777-2982-1-git-send-email-den@openvz.org CC: Stefan Hajnoczi <stefanha@redhat.com> CC: "Michael S. Tsirkin" <mst@redhat.com> CC: Kevin Wolf <kwolf@redhat.com> CC: Paolo Bonzini <pbonzini@redhat.com> Signed-off-by:
Stefan Hajnoczi <stefanha@redhat.com> (cherry picked from commit 10a06fd6) Signed-off-by:
-
Max Filippov authored
Despite L32E and S32E primary use is for window underflow and overflow exception handlers they are just normal instructions, and thus need to check for window overflow. Cc: qemu-stable@nongnu.org Signed-off-by:
Max Filippov <jcmvbkbc@gmail.com> (cherry picked from commit f822b7e4) Signed-off-by:
-
Michael S. Tsirkin authored
commit 5be7d9f1 vhost-net: tell tap backend about the vnet endianness makes vhost net always try to set LE - even if that matches the native endian-ness. This makes it fail on older kernels on x86 without TUNSETVNETLE support. To fix, make qemu_set_vnet_le/qemu_set_vnet_be skip the ioctl if it matches the host endian-ness. Reported-by:
Marcel Apfelbaum <marcel@redhat.com> Cc: Greg Kurz <gkurz@linux.vnet.ibm.com> Cc: qemu-stable@nongnu.org Signed-off-by:
Michael S. Tsirkin <mst@redhat.com> Reviewed-by:
-
- Oct 28, 2015
-
-
Markus Armbruster authored
The test doesn't check that the output makes any sense, only that QEMU survives. Useful since we've had an astounding number of crash bugs around there. In fact, we have a bunch of them right now: a few devices crash or hang, and some leave dangling pointers behind. The test skips testing the broken parts. The next commits will fix them up, and drop the skipping. Signed-off-by:
Markus Armbruster <armbru@redhat.com> Reviewed-by:
Eric Blake <eblake@redhat.com> Message-Id: <1443689999-12182-8-git-send-email-armbru@redhat.com> (cherry picked from commit 2d1abb85) Signed-off-by:
-
Markus Armbruster authored
New convenience function hmp() to facilitate use of human-monitor-command in tests. Use it to simplify its existing uses. To blend into existing libqtest code, also add qtest_hmpv() and qtest_hmp(). That, and the egregiously verbose GTK-Doc comment format make this patch look bigger than it is. Signed-off-by:
Thomas Huth <thuth@redhat.com> Message-Id: <1443689999-12182-7-git-send-email-armbru@redhat.com> (cherry picked from commit 5fb48d96) Signed-off-by:
-
Markus Armbruster authored
We want to run qom-test for every architecture, without having to manually add it to every architecture's list of tests. Commit 3687d532 accomplished this by adding it to every architecture's list automatically. However, some architectures inherit their tests from others, like this: check-qtest-x86_64-y = $(check-qtest-i386-y) check-qtest-microblazeel-y = $(check-qtest-microblaze-y) check-qtest-xtensaeb-y = $(check-qtest-xtensa-y) For such architectures, we ended up running the (slow!) test twice. Commit 2b8419cb attempted to avoid this by adding the test only when it's not already present. Works only as long as we consider adding the test to the architectures on the left hand side *after* the ones on the right hand side: x86_64 after i386, microblazeel after microblaze, xtensaeb after xtensa. Turns out we consider them in $(SYSEMU_TARGET_LIST) order. Defined as SYSEMU_TARGET_LIST := $(subst -softmmu.mak,,$(notdir \ $(wildcard $(SRC_PATH)/default-configs/*-softmmu.mak))) On my machine, this results in the oder xtensa, x86_64, microblazeel, microblaze, i386. Consequently, qom-test runs twice for microblazeel and x86_64. Replace this complex and flawed machinery with a much simpler one: add generic tests (currently just qom-test) to check-qtest-generic-y instead of check-qtest-$(target)-y for every target, then run $(check-qtest-generic-y) for every target. Signed-off-by:
Andreas Färber <afaerber@suse.de> Message-Id: <1443689999-12182-5-git-send-email-armbru@redhat.com> (cherry picked from commit e253c287) Signed-off-by:
-
Paolo Bonzini authored
DBDMA_init is not idempotent, and calling it from instance_init breaks a simple object_new/object_unref pair. Work around this, pending qdev-ification of DBDMA, by moving the call to realize. Reported-by:
Paolo Bonzini <pbonzini@redhat.com> Reviewed-by:
-
Paolo Bonzini authored
This causes the region to outlive the object, because it attaches the region to /machine. This is not nice for the "realize" method, but much worse for "instance_init" because it can cause dangling pointers after a simple object_new/object_unref pair. Reported-by:
Peter Maydell <peter.maydell@linaro.org> Tested-by:
-
Paolo Bonzini authored
This is legal; the MemoryRegion will simply unreference all the existing subregions and possibly bring them down with it as well. However, it requires a bit of care to avoid an infinite loop. Finalizing a memory region cannot trigger an address space update, but memory_region_del_subregion errs on the side of caution and might trigger a spurious update: avoid that by resetting mr->enabled first. Signed-off-by:
-
Markus Armbruster authored
The next commit will compile hw/input/virtio-input.c and hw/input/virtio-input-hid.c even when CONFIG_LINUX is off. These files include both "include/standard-headers/linux/input.h" and <windows.h> then. Doesn't work, because both define SW_MAX. We don't actually use it. Patch input.h to define SW_MAX_ instead. Signed-off-by:
Gerd Hoffmann <kraxel@redhat.com> (cherry picked from commit ac98fa84) Conflicts: scripts/update-linux-headers.sh * remove dependency on eddb4de3 Signed-off-by:
-
Paolo Bonzini authored
The malloc vtable is not supported anymore in glib, because it broke when constructors called g_malloc. Remove tracing of g_malloc, g_realloc and g_free calls. Note that, for systemtap users, glib also provides tracepoints glib.mem_alloc, glib.mem_free, glib.mem_realloc, glib.slice_alloc and glib.slice_free. Signed-off-by:
Alberto Garcia <berto@igalia.com> Message-id: 1442417924-25831-1-git-send-email-pbonzini@redhat.com Signed-off-by:
-
- Oct 21, 2015
-
-
Jason Wang authored
When packet is truncated during receiving, we drop the packets but neither discard the descriptor nor add and signal used descriptor. This will lead several issues: - sg mappings are leaked - rx will be stalled if a lots of packets were truncated In order to be consistent with vhost, fix by discarding the descriptor in this case. Cc: Michael S. Tsirkin <mst@redhat.com> Signed-off-by:
Jason Wang <jasowang@redhat.com> Reviewed-by:
-
Jason Wang authored
This patch introduces virtqueue_discard() to discard a descriptor and unmap the sgs. This will be used by the patch that will discard descriptor when packet is truncated. Cc: Michael S. Tsirkin <mst@redhat.com> Signed-off-by:
-
Jason Wang authored
Factor out sg unmapping logic. This will be reused by the patch that can discard descriptor. Cc: Michael S. Tsirkin <mst@redhat.com> Cc: Andrew James <andrew.james@hpe.com> Signed-off-by:
-
Gerd Hoffmann authored
Cc: qemu-stable@nongnu.org Signed-off-by:
-
Dr. David Alan Gilbert authored
The current migration-completed event is generated a bit too early, which means that an eager libvirt that's ready to go as soon as it sees the event ends up racing with the actual end of migration. This corresponds to RH bug: https://bugzilla.redhat.com/show_bug.cgi?id=1271145 Signed-off-by:
Dr. David Alan Gilbert <dgilbert@redhat.com> Reviewed-by:
Juan Quintela <quintela@redhat.com> Reviewed-by:
Amit Shah <amit.shah@redhat.com> xSigned-off-by:
-
Tony Krowiak authored
Commit 0a7cf217 ("util/qemu-config: fix regression of qmp_query_command_line_options") aimed to restore parsing of global machine options, but missed two: "aes-key-wrap" and "dea-key-wrap" (which were present in the initial version of that patch). Let's add them to the machine_opts again. Fixes: 0a7cf217 ("util/qemu-config: fix regression of qmp_query_command_line_options") CC: Marcel Apfelbaum <marcel@redhat.com> CC: qemu-stable@nongnu.org Signed-off-by:
Tony Krowiak <akrowiak@linux.vnet.ibm.com> Reviewed-by:
Christian Borntraeger <borntraeger@de.ibm.com> Message-Id: <1444664181-28023-1-git-send-email-akrowiak@linux.vnet.ibm.com> Signed-off-by:
Cornelia Huck <cornelia.huck@de.ibm.com> (cherry picked from commit 5bcfa0c5) Signed-off-by:
-
Christian Borntraeger authored
Device hotplugs trigger a crw machine check. All machine checks have validity bits for certain register types. With vector support we also have to claim that vector registers are valid. This is a band-aid suitable for stable. Long term we should create the full mcic value dynamically depending on the active features in the kernel interrupt handler. Signed-off-by:
-
Peter Crosthwaite authored
The /4 for offset calculation in MMIO writes was happening twice giving wrong write offsets. Fix. While touching the code, change the if-else to be a short returning if and convert the debug message to a GUEST_ERROR, which is more accurate for this condition. Cc: qemu-stable@nongnu.org Cc: Guenter Roeck <linux@roeck-us.net> Signed-off-by:
Peter Crosthwaite <crosthwaite.peter@gmail.com> Reviewed-by:
Alistair Francis <alistair.francis@xilinx.com> Signed-off-by:
-
Markus Armbruster authored
This reverts commit 31bed550. The reverted commit changed qdev_device_help() to reject abstract devices and devices that have cannot_instantiate_with_device_add_yet set, to fix crash bugs like -device x86_64-cpu,help. Rejecting abstract devices makes sense: they're purely internal, and the implementation of the help feature can't cope with them. Rejecting non-pluggable devices makes less sense: even though you can't use them with -device, the help may still be useful elsewhere, for instance with -global. This is a regression: -device FOO,help used to help even for FOO that aren't pluggable. The previous two commits fixed the crash bug at a lower layer, so reverting this one is now safe. Fixes the -device FOO,help regression, except for the broken devices marked cannot_even_create_with_object_new_yet. For those, the error message is improved. Example of a device where the regression is fixed: $ qemu-system-x86_64 -device PIIX4_PM,help PIIX4_PM.command_serr_enable=bool (on/off) PIIX4_PM.multifunction=bool (on/off) PIIX4_PM.rombar=uint32 PIIX4_PM.romfile=str PIIX4_PM.addr=int32 (Slot and optional function number, example: 06.0 or 06) PIIX4_PM.memory-hotplug-support=bool PIIX4_PM.acpi-pci-hotplug-with-bridge-support=bool PIIX4_PM.s4_val=uint8 PIIX4_PM.disable_s4=uint8 PIIX4_PM.disable_s3=uint8 PIIX4_PM.smb_io_base=uint32 Example of a device where it isn't fixed: $ qemu-system-x86_64 -device host-x86_64-cpu,help Can't list properties of device 'host-x86_64-cpu' Both failed with "Parameter 'driver' expects pluggable device type" before. Cc: qemu-stable@nongnu.org Signed-off-by:
Eduardo Habkost <ehabkost@redhat.com> Message-Id: <1443689999-12182-11-git-send-email-armbru@redhat.com> (cherry picked from commit 33fe9683) Signed-off-by:
-
Markus Armbruster authored
Several devices don't survive object_unref(object_new(T)): they crash or hang during cleanup, or they leave dangling pointers behind. This breaks at least device-list-properties, because qmp_device_list_properties() needs to create a device to find its properties. Broken in commit f4eb32b5 "qmp: show QOM properties in device-list-properties", v2.1. Example reproducer: $ qemu-system-aarch64 -nodefaults -display none -machine none -S -qmp stdio {"QMP": {"version": {"qemu": {"micro": 50, "minor": 4, "major": 2}, "package": ""}, "capabilities": []}} { "execute": "qmp_capabilities" } {"return": {}} { "execute": "device-list-properties", "arguments": { "typename": "pxa2xx-pcmcia" } } qemu-system-aarch64: /home/armbru/work/qemu/memory.c:1307: memory_region_finalize: Assertion `((&mr->subregions)->tqh_first == ((void *)0))' failed. Aborted (core dumped) [Exit 134 (SIGABRT)] Unfortunately, I can't fix the problems in these devices right now. Instead, add DeviceClass member cannot_destroy_with_object_finalize_yet to mark them: * Hang during cleanup (didn't debug, so I can't say why): "realview_pci", "versatile_pci". * Dangling pointer in cpus: most CPUs, plus "allwinner-a10", "digic", "fsl,imx25", "fsl,imx31", "xlnx,zynqmp", because they create such CPUs * Assert kvm_enabled(): "host-x86_64-cpu", host-i386-cpu", "host-powerpc64-cpu", "host-embedded-powerpc-cpu", "host-powerpc-cpu" (the powerpc ones can't currently reach the assertion, because the CPUs are only registered when KVM is enabled, but the assertion is arguably in the wrong place all the same) Make qmp_device_list_properties() fail cleanly when the device is so marked. This improves device-list-properties from "crashes, hangs or leaves dangling pointers behind" to "fails". Not a complete fix, just a better-than-nothing work-around. In the above reproducer, device-list-properties now fails with "Can't list properties of device 'pxa2xx-pcmcia'". This also protects -device FOO,help, which uses the same machinery since commit ef523587 "qdev-monitor: include QOM properties in -device FOO, help output", v2.2. Example reproducer: $ qemu-system-aarch64 -machine none -device pxa2xx-pcmcia,help Before: qemu-system-aarch64: .../memory.c:1307: memory_region_finalize: Assertion `((&mr->subregions)->tqh_first == ((void *)0))' failed. After: Can't list properties of device 'pxa2xx-pcmcia' Cc: "Andreas Färber" <afaerber@suse.de> Cc: "Edgar E. Iglesias" <edgar.iglesias@gmail.com> Cc: Alexander Graf <agraf@suse.de> Cc: Anthony Green <green@moxielogic.com> Cc: Aurelien Jarno <aurelien@aurel32.net> Cc: Bastian Koppelmann <kbastian@mail.uni-paderborn.de> Cc: Blue Swirl <blauwirbel@gmail.com> Cc: Eduardo Habkost <ehabkost@redhat.com> Cc: Guan Xuetao <gxt@mprc.pku.edu.cn> Cc: Jia Liu <proljc@gmail.com> Cc: Leon Alrae <leon.alrae@imgtec.com> Cc: Mark Cave-Ayland <mark.cave-ayland@ilande.co.uk> Cc: Max Filippov <jcmvbkbc@gmail.com> Cc: Michael Walle <michael@walle.cc> Cc: Paolo Bonzini <pbonzini@redhat.com> Cc: Peter Maydell <peter.maydell@linaro.org> Cc: Richard Henderson <rth@twiddle.net> Cc: qemu-ppc@nongnu.org Cc: qemu-stable@nongnu.org Signed-off-by:
-
Markus Armbruster authored
Broken in commit f4eb32b5 "qmp: show QOM properties in device-list-properties", v2.1. Cc: qemu-stable@nongnu.org Signed-off-by:
-
Fam Zheng authored
Commit 6e99c631 ("net/socket: Drop net_socket_can_send") changed the semantics around .can_receive for sockets to now require the device to flush queued pkts when transitioning to a .can_receive=true state. But it's OK to drop incoming packets when the link is not active. Signed-off-by:
Fam Zheng <famz@redhat.com> Signed-off-by:
-
Jason Wang authored
After commit 019a3edb ("virtio: make features 64bit wide"). Device's guest_features was actually set after vdc->load(). This breaks the assumption that device specific load() function can check guest_features. For virtio-net, self announcement and guest offloads won't work after migration. Fixing this by defer them to virtio_net_load() where guest_features were guaranteed to be set. Other virtio devices looks fine. Fixes: 019a3edb ("virtio: make features 64bit wide") Cc: qemu-stable@nongnu.org Cc: Gerd Hoffmann <kraxel@redhat.com> Signed-off-by:
-
Cornelia Huck authored
Commit ef546f12 ("virtio: add feature checking helpers") introduced a helper __virtio_has_feature. We don't want to use reserved identifiers, though, so let's rename __virtio_has_feature to virtio_has_feature and virtio_has_feature to virtio_vdev_has_feature. Signed-off-by:
-
Aurelien Jarno authored
The xscmpodp and xscmpudp instructions only have the AX, BX bits in there encoding, the lowest bit (usually TX) is marked as an invalid bit. We therefore can't decode them with GEN_XX2FORM, which decodes the two lowest bit. Introduce a new form GEN_XX2FORM, which decodes AX and BX and mark the lowest bit as invalid. Signed-off-by:
Aurelien Jarno <aurelien@aurel32.net> Reviewed-by:
Richard Henderson <rth@twiddle.net> Tested-by:
Richard W.M. Jones <rjones@redhat.com> Signed-off-by:
Alexander Graf <agraf@suse.de> (cherry picked from commit 8f60f8e2) Signed-off-by:
-
Aurelien Jarno authored
For vector instructions, the helpers get pointers to the vector register in arguments. Some operands might point to the same register, including the operand holding the result. When emulating instructions which access the vector elements in a non-linear way, we need to store the result in an temporary variable. This fixes openssl when emulating a POWER8 CPU. Signed-off-by:
-
James Hogan authored
The MIPS TCG backend implements qemu_ld with 64-bit targets using the v0 register (base) as a temporary to load the upper half of the QEMU TLB comparator (see line 5 below), however this happens before the input address is used (line 8 to mask off the low bits for the TLB comparison, and line 12 to add the host-guest offset). If the input address (addrl) also happens to have been placed in v0 (as in the second column below), it gets clobbered before it is used. addrl in t2 addrl in v0 1 srl a0,t2,0x7 srl a0,v0,0x7 2 andi a0,a0,0x1fe0 andi a0,a0,0x1fe0 3 addu a0,a0,s0 addu a0,a0,s0 4 lw at,9136(a0) lw at,9136(a0) set TCG_TMP0 (at) 5 lw v0,9140(a0) lw v0,9140(a0) set base (v0) 6 li t9,-4093 li t9,-4093 7 lw a0,9160(a0) lw a0,9160(a0) set addend (a0) 8 and t9,t9,t2 and t9,t9,v0 use addrl 9 bne at,t9,0x836d8c8 bne at,t9,0x836d838 use TCG_TMP0 10 nop nop 11 bne v0,t8,0x836d8c8 bne v0,a1,0x836d838 use base 12 addu v0,a0,t2 addu v0,a0,v0 use addrl, addend 13 lw t0,0(v0) lw t0,0(v0) Fix by using TCG_TMP0 (at) as the temporary instead of v0 (base), pushing the load on line 5 forward into the delay slot of the low comparison (line 10). The early load of the addend on line 7 also needs pushing even further for 64-bit targets, or it will clobber a0 before we're done with it. The output for 32-bit targets is unaffected. srl a0,v0,0x7 andi a0,a0,0x1fe0 addu a0,a0,s0 lw at,9136(a0) -lw v0,9140(a0) load high comparator li t9,-4093 -lw a0,9160(a0) load addend and t9,t9,v0 bne at,t9,0x836d838 - nop + lw at,9140(a0) load high comparator +lw a0,9160(a0) load addend -bne v0,a1,0x836d838 +bne at,a1,0x836d838 addu v0,a0,v0 lw t0,0(v0) Cc: qemu-stable@nongnu.org Reviewed-by:James Hogan <james.hogan@imgtec.com> Signed-off-by:
-
Markus Armbruster authored
When a function returns a null pointer on error and only on error, you can do if (!foo(foos, errp)) { ... handle error ... } instead of the more cumbersome Error *err = NULL; if (!foo(foos, &err)) { error_propagate(errp, err); ... handle error ... } A StringProperty's getter, however, may return null on success! We then fail to call visit_type_str(). Screwed up in 6a146eba, v1.1. Fails tests/qom-test in my current, heavily hacked QAPI branch. No reproducer for master known (but I didn't look hard). Cc: Anthony Liguori <anthony@codemonkey.ws> Signed-off-by: -
Markus Armbruster authored
The argument for an Error **errp parameter must point to a null pointer. If it doesn't, and an error happens, error_set() fails its assertion. Instead of foo(foos, errp); bar(bars, errp); you need to do something like Error *err = NULL; foo(foos, &err); if (err) { error_propagate(errp, err); goto out; } bar(bars, errp); out: Screwed up in commit 0e558843 (v1.3.0): property_get_bool(). Screwed up in commit 1f21772d (v2.1.0): object_property_get_enum() and object_property_get_uint16List(). Screwed up in commit a8e3fbed (v2.4.0): property_get_enum(), property_set_enum(). Found by inspection, no actual crashes observed. Fix them up. Cc: Anthony Liguori <anthony@codemonkey.ws> Cc: Hu Tao <hutao@cn.fujitsu.com> Cc: Daniel P. Berrange <berrange@redhat.com> Signed-off-by:Daniel P. Berrange <berrange@redhat.com> Cc: qemu-stable@nongnu.org Signed-off-by:
-
John Snow authored
IDEState's io_buffer_offset was originally added to keep track of offsets in AHCI rather exclusively, but it was added to IDEState instead of an AHCI-specific structure. AHCI fakes all PIO transfers using DMA and a scatter-gather list. When the core or atapi layers invoke HBA-specific mechanisms for transfers, they do not always know that it is being backed by DMA or a sglist, so this offset is not always updated by the HBA code everywhere. If we modify it in dma_buf_commit, however, any HBA that needs to use this offset to manage operating on only part of a sglist will have access to it. This will fix ATAPI PIO transfers performed through the AHCI HBA, which were previously not modifying this value appropriately. This will fix ATAPI PIO transfers larger than one sector. Reported-by:
Hannes Reinecke <hare@suse.de> Signed-off-by:
John Snow <jsnow@redhat.com> Reviewed-by:
Laszlo Ersek <lersek@redhat.com> Message-id: 1440546331-29087-2-git-send-email-jsnow@redhat.com CC: qemu-stable@nongnu.org (cherry picked from commit aaeda4a3) Signed-off-by:
-
Stefan Weil authored
Signed-off-by:
Stefan Weil <sw@weilnetz.de> (cherry picked from commit a246a016) Signed-off-by:
-
Wen Congyang authored
If the socket fd is shutdown, there may be some data which is received before shutdown. We will read the data and do read/write in nbd_trip(). But the exp's blk is NULL, and it will cause qemu crashed. Reported-by:
Li Zhijian <lizhijian@cn.fujitsu.com> Signed-off-by:
Wen Congyang <wency@cn.fujitsu.com> Message-Id: <55F929E2.1020501@cn.fujitsu.com> Signed-off-by:
-
Michael Roth authored
PAPR requires ibm,req#msi and ibm,req#msi-x to be present in the device node to define the number of msi/msi-x interrupts the device supports, respectively. Currently we have ibm,req#msi-x hardcoded to a non-sensical constant that happens to be 2, and are missing ibm,req#msi entirely. The result of that is that msi-x capable devices get limited to 2 msi-x interrupts (which can impact performance), and msi-only devices likely wouldn't work at all. Additionally, if devices expect a minimum that exceeds 2, the guest driver may fail to load entirely. SLOF still owns the generation of these properties at boot-time (although other device properties have since been offloaded to QEMU), but for hotplugged devices we rely on the values generated by QEMU and thus hit the limitations above. Fix this by generating these properties in QEMU as expected by guests. In the future it may make sense to modify SLOF to pass through these values directly as we do with other props since we're duplicating SLOF code. Cc: qemu-ppc@nongnu.org Cc: qemu-stable@nongnu.org Cc: David Gibson <david@gibson.dropbear.id.au> Cc: Nikunj A Dadhania <nikunj@linux.vnet.ibm.com> Signed-off-by:
David Gibson <david@gibson.dropbear.id.au> Signed-off-by:
-
Alberto Garcia authored
The QEMU code is not internationalized and assumes that it runs under the C locale, but if we use the GTK+ UI we'll end up importing the locale settings from the environment. This can break things, such as the JSON generator and iotest 120 in locales that use a decimal comma. We do however have translations for a few simple strings for the GTK+ menu items, so in order to run QEMU using the C locale, and yet have a translated UI let's use setlocale() for LC_MESSAGES only. Cc: qemu-stable@nongnu.org Signed-off-by:
-
John Snow authored
We're a little too lenient with what we'll let an ATAPI drive handle. Clamp down on the IDE command execution table to remove CD_OK permissions from commands that are not and have never been ATAPI commands. For ATAPI command validity, please see: - ATA4 Section 6.5 ("PACKET Command feature set") - ATA8/ACS Section 4.3 ("The PACKET feature set") - ACS3 Section 4.3 ("The PACKET feature set") ACS3 has a historical command validity table in Table B.4 ("Historical Command Assignments") that can be referenced to find when a command was introduced, deprecated, obsoleted, etc. The only reference for ATAPI command validity is by checking that version's PACKET feature set section. ATAPI was introduced by T13 into ATA4, all commands retired prior to ATA4 therefore are assumed to have never been ATAPI commands. Mandatory commands, as listed in ATA8-ACS3, are: - DEVICE RESET - EXECUTE DEVICE DIAGNOSTIC - IDENTIFY DEVICE - IDENTIFY PACKET DEVICE - NOP - PACKET - READ SECTOR(S) - SET FEATURES Optional commands as listed in ATA8-ACS3, are: - FLUSH CACHE - READ LOG DMA EXT - READ LOG EXT - WRITE LOG DMA EXT - WRITE LOG EXT All other commands are illegal to send to an ATAPI device and should be rejected by the device. CD_OK removal justifications: 0x06 WIN_DSM Defined in ACS2. Not valid for ATAPI. 0x21 WIN_READ_ONCE Retired in ATA5. Not ATAPI in ATA4. 0x94 WIN_STANDBYNOW2 Retired in ATA4. Did not coexist with ATAPI. 0x95 WIN_IDLEIMMEDIATE2 Retired in ATA4. Did not coexist with ATAPI. 0x96 WIN_STANDBY2 Retired in ATA4. Did not coexist with ATAPI. 0x97 WIN_SETIDLE2 Retired in ATA4. Did not coexist with ATAPI. 0x98 WIN_CHECKPOWERMODE2 Retired in ATA4. Did not coexist with ATAPI. 0x99 WIN_SLEEPNOW2 Retired in ATA4. Did not coexist with ATAPI. 0xE0 WIN_STANDBYNOW1 Not part of ATAPI in ATA4, ACS or ACS3. 0xE1 WIN_IDLEIMMDIATE Not part of ATAPI in ATA4, ACS or ACS3. 0xE2 WIN_STANDBY Not part of ATAPI in ATA4, ACS or ACS3. 0xE3 WIN_SETIDLE1 Not part of ATAPI in ATA4, ACS or ACS3. 0xE4 WIN_CHECKPOWERMODE1 Not part of ATAPI in ATA4, ACS or ACS3. 0xE5 WIN_SLEEPNOW1 Not part of ATAPI in ATA4, ACS or ACS3. 0xF8 WIN_READ_NATIVE_MAX Obsoleted in ACS3. Not ATAPI in ATA4 or ACS. This patch fixes a divide by zero fault that can be caused by sending the WIN_READ_NATIVE_MAX command to an ATAPI drive, which causes it to attempt to use zeroed CHS values to perform sector arithmetic. Reported-by:Qinghao Tang <luodalongde@gmail.com> Signed-off-by:
-
Hanna Reitz authored
Sadly, some images may have more clusters than what can be represented using a plain int. We should be prepared for that case (in qcow2_check_refcounts() we actually were trying to catch that case, but since size_to_clusters() truncated the returned value, that check never did anything useful). Cc: qemu-stable <qemu-stable@nongnu.org> Signed-off-by:
Max Reitz <mreitz@redhat.com> Signed-off-by:
Kevin Wolf <kwolf@redhat.com> (cherry picked from commit b6d36def) Conflicts: block/qcow2-cluster.c block/qcow2.h * removed context dependency on ff99129a Signed-off-by:
-
Richard Henderson authored
This is a bug fix for aarch64. At present, we have branches using the 32-bit (translate.c) versions of cpu_[NZCV]F, but we set the flags using the 64-bit (translate-a64.c) versions of cpu_[NZCV]F. From the view of the TCG code generator, these are unrelated variables. The bug is hard to see because we currently only read these variables from branches, and upon reaching a branch TCG will first spill live variables and then reload the arguments of the branch. Since the 32-bit versions were never live until reaching the branch, we'd re-read the data that had just been spilled from the 64-bit versions. There is currently no such problem with the cpu_exclusive_* variables, but there's no point in tempting fate. Cc: qemu-stable@nongnu.org Reviewed-by:
-
Pierre Morel authored
Let dataplane allocate different region for the desc/avail/used ring regions. Take VIRTIO_RING_F_EVENT_IDX into account to increase the used/avail rings accordingly. [Fix 32-bit builds by changing 16lx format specifier to HWADDR_PRIx. --Stefan] Signed-off-by:
Pierre Morel <pmorel@linux.vnet.ibm.com> Tested-by:
Greg Kurz <gkurz@linux.vnet.ibm.com> Signed-off-by:
-
