aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorStefan Hajnoczi <stefanha@redhat.com>2023-09-27 13:55:18 -0400
committerStefan Hajnoczi <stefanha@redhat.com>2023-09-27 13:55:18 -0400
commit5dfd80e38b63dc5bf2202bc87a9b1a3e1460efb9 (patch)
tree907bb976761c76cf78200231d9bd1fd86852a345
parent11a629d246e4e7785a6f0efb99bd15a32c04feda (diff)
parent417f8c8ebfa32823b23fed957dcbc7108cb77dea (diff)
Merge tag 'for-upstream' of https://gitlab.com/bonzini/qemu into staging
* new round of audio cleanups * various shadowed local variable fixes in vl, mptsas, pm_smbus, target/i386 * remove deprecated pc-i440fx-1.4 up to pc-i440fx-1.7 * remove PCI drivers from 128K bios.bin * remove unused variable in user-exec-stub.c * small fixes for ui/vnc * scsi-disk: Disallow block sizes smaller than 512 [CVE-2023-42467] # -----BEGIN PGP SIGNATURE----- # # iQFIBAABCAAyFiEE8TM4V0tmI4mGbHaCv/vSX3jHroMFAmUTDaoUHHBib256aW5p # QHJlZGhhdC5jb20ACgkQv/vSX3jHroMvEgf+NrSaP4pmHrYcVtm43fnKXoLHFrCx # KYfoK9Lke/DDkTff6rrcfW/Wyqid6Pp9Ch4Rrpr/X71X5gi+c6xb5klC8cpSfLg4 # gtuGctj7WL7KR/067EsLqHvzBob/iebFhZwhtsBrI+z65X+J9pOK78efBTdhezq4 # EEHTWohMAg1I/MWBK5VnOk2fI4+9z9K9zP5AtWmJzwwJkQUoEyl+YDkVmIhMYoGn # CapRO7i2wIvtoF4wuQUCGsOLmrcWTvRIOcV13k3b6PYCPC40/N9AOpiiyg3XqNah # UKKM9CcgVnCzCc4Jar2QD+MzkTDxhmQSyLFJgtzrW7CQSE5YB3sUHj3CXg== # =8nvs # -----END PGP SIGNATURE----- # gpg: Signature made Tue 26 Sep 2023 12:58:18 EDT # gpg: using RSA key F13338574B662389866C7682BFFBD25F78C7AE83 # gpg: issuer "pbonzini@redhat.com" # gpg: Good signature from "Paolo Bonzini <bonzini@gnu.org>" [full] # gpg: aka "Paolo Bonzini <pbonzini@redhat.com>" [full] # Primary key fingerprint: 46F5 9FBD 57D6 12E7 BFD4 E2F7 7E15 100C CD36 69B1 # Subkey fingerprint: F133 3857 4B66 2389 866C 7682 BFFB D25F 78C7 AE83 * tag 'for-upstream' of https://gitlab.com/bonzini/qemu: audio: remove shadowed locals compiler: introduce QEMU_ANNOTATE block: mark mixed functions that can suspend target/i386/svm_helper: eliminate duplicate local variable target/i386/seg_helper: remove shadowed variable target/i386/seg_helper: introduce tss_set_busy target/i386/translate: avoid shadowed local variables target/i386/cpu: avoid shadowed local variables target/i386/kvm: eliminate shadowed local variables m48t59-test: avoid possible overflow on ABS pm_smbus: rename variable to avoid shadowing mptsas: avoid shadowed local variables ui/vnc: fix handling of VNC_FEATURE_XVP ui/vnc: fix debug output for invalid audio message vl: remove shadowed local variables hw/scsi/scsi-disk: Disallow block sizes smaller than 512 [CVE-2023-42467] user-exec-stub: remove unused variable seabios: remove PCI drivers from bios.bin pc_piix: remove pc-i440fx-1.4 up to pc-i440fx-1.7 Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
-rw-r--r--accel/tcg/user-exec-stub.c2
-rw-r--r--audio/audio.c11
-rw-r--r--block/io.c5
-rw-r--r--block/qcow2.c2
-rw-r--r--block/qed.c4
-rw-r--r--block/throttle-groups.c4
-rw-r--r--docs/about/deprecated.rst8
-rw-r--r--docs/about/removed-features.rst4
-rw-r--r--hw/i2c/pm_smbus.c4
-rw-r--r--hw/i386/pc.c60
-rw-r--r--hw/i386/pc_piix.c73
-rw-r--r--hw/scsi/mptsas.c6
-rw-r--r--hw/scsi/scsi-disk.c5
-rw-r--r--include/qemu/compiler.h6
-rw-r--r--include/qemu/osdep.h6
-rw-r--r--pc-bios/bios.binbin131072 -> 131072 bytes
-rw-r--r--roms/config.seabios-128k27
-rw-r--r--softmmu/vl.c9
-rw-r--r--target/i386/cpu.c3
-rw-r--r--target/i386/kvm/kvm.c7
-rw-r--r--target/i386/tcg/seg_helper.c53
-rw-r--r--target/i386/tcg/sysemu/svm_helper.c2
-rw-r--r--target/i386/tcg/translate.c4
-rw-r--r--tests/qtest/m48t59-test.c17
-rw-r--r--tests/qtest/test-x86-cpuid-compat.c10
-rw-r--r--ui/vnc.c6
26 files changed, 102 insertions, 236 deletions
diff --git a/accel/tcg/user-exec-stub.c b/accel/tcg/user-exec-stub.c
index 874e1f1a20..2dc6fd9c4e 100644
--- a/accel/tcg/user-exec-stub.c
+++ b/accel/tcg/user-exec-stub.c
@@ -2,8 +2,6 @@
#include "hw/core/cpu.h"
#include "exec/replay-core.h"
-bool enable_cpu_pm = false;
-
void cpu_resume(CPUState *cpu)
{
}
diff --git a/audio/audio.c b/audio/audio.c
index 90c7c49d11..2f47965711 100644
--- a/audio/audio.c
+++ b/audio/audio.c
@@ -1706,7 +1706,7 @@ static AudioState *audio_init(Audiodev *dev, const char *name)
size_t i;
int done = 0;
const char *drvname = NULL;
- VMChangeStateEntry *e;
+ VMChangeStateEntry *vmse;
AudioState *s;
struct audio_driver *driver;
/* silence gcc warning about uninitialized variable */
@@ -1824,8 +1824,8 @@ static AudioState *audio_init(Audiodev *dev, const char *name)
s->period_ticks = dev->timer_period * (int64_t)SCALE_US;
}
- e = qemu_add_vm_change_state_handler (audio_vm_change_state_handler, s);
- if (!e) {
+ vmse = qemu_add_vm_change_state_handler (audio_vm_change_state_handler, s);
+ if (!vmse) {
dolog ("warning: Could not register change state handler\n"
"(Audio can continue looping even after stopping the VM)\n");
}
@@ -1900,10 +1900,8 @@ CaptureVoiceOut *AUD_add_capture(
cap = audio_pcm_capture_find_specific(s, as);
if (cap) {
QLIST_INSERT_HEAD (&cap->cb_head, cb, entries);
- return cap;
} else {
HWVoiceOut *hw;
- CaptureVoiceOut *cap;
cap = g_malloc0(sizeof(*cap));
@@ -1937,8 +1935,9 @@ CaptureVoiceOut *AUD_add_capture(
QLIST_FOREACH(hw, &s->hw_head_out, entries) {
audio_attach_capture (hw);
}
- return cap;
}
+
+ return cap;
}
void AUD_del_capture (CaptureVoiceOut *cap, void *cb_opaque)
diff --git a/block/io.c b/block/io.c
index 209a6da0c8..e7f9448d5a 100644
--- a/block/io.c
+++ b/block/io.c
@@ -387,7 +387,8 @@ void bdrv_do_drained_begin_quiesce(BlockDriverState *bs, BdrvChild *parent)
bdrv_do_drained_begin(bs, parent, false);
}
-void bdrv_drained_begin(BlockDriverState *bs)
+void coroutine_mixed_fn
+bdrv_drained_begin(BlockDriverState *bs)
{
IO_OR_GS_CODE();
bdrv_do_drained_begin(bs, NULL, true);
@@ -506,7 +507,7 @@ void bdrv_drain_all_begin_nopoll(void)
}
}
-void bdrv_drain_all_begin(void)
+void coroutine_mixed_fn bdrv_drain_all_begin(void)
{
BlockDriverState *bs = NULL;
diff --git a/block/qcow2.c b/block/qcow2.c
index af43d59d76..5a3c537f14 100644
--- a/block/qcow2.c
+++ b/block/qcow2.c
@@ -5288,7 +5288,7 @@ static ImageInfoSpecific *qcow2_get_specific_info(BlockDriverState *bs,
return spec_info;
}
-static int qcow2_has_zero_init(BlockDriverState *bs)
+static int coroutine_mixed_fn qcow2_has_zero_init(BlockDriverState *bs)
{
BDRVQcow2State *s = bs->opaque;
bool preallocated;
diff --git a/block/qed.c b/block/qed.c
index b2604d9dad..45ae320290 100644
--- a/block/qed.c
+++ b/block/qed.c
@@ -570,8 +570,8 @@ static void coroutine_fn bdrv_qed_open_entry(void *opaque)
qemu_co_mutex_unlock(&s->table_lock);
}
-static int bdrv_qed_open(BlockDriverState *bs, QDict *options, int flags,
- Error **errp)
+static int coroutine_mixed_fn bdrv_qed_open(BlockDriverState *bs, QDict *options,
+ int flags, Error **errp)
{
QEDOpenCo qoc = {
.bs = bs,
diff --git a/block/throttle-groups.c b/block/throttle-groups.c
index 3eda4c4e3d..f5c0fac581 100644
--- a/block/throttle-groups.c
+++ b/block/throttle-groups.c
@@ -317,8 +317,8 @@ static bool coroutine_fn throttle_group_co_restart_queue(ThrottleGroupMember *tg
* @tgm: the current ThrottleGroupMember
* @direction: the ThrottleDirection
*/
-static void schedule_next_request(ThrottleGroupMember *tgm,
- ThrottleDirection direction)
+static void coroutine_mixed_fn schedule_next_request(ThrottleGroupMember *tgm,
+ ThrottleDirection direction)
{
ThrottleState *ts = tgm->throttle_state;
ThrottleGroup *tg = container_of(ts, ThrottleGroup, ts);
diff --git a/docs/about/deprecated.rst b/docs/about/deprecated.rst
index dc4da95329..8f3fef97bd 100644
--- a/docs/about/deprecated.rst
+++ b/docs/about/deprecated.rst
@@ -277,14 +277,6 @@ deprecated; use the new name ``dtb-randomness`` instead. The new name
better reflects the way this property affects all random data within
the device tree blob, not just the ``kaslr-seed`` node.
-``pc-i440fx-1.4`` up to ``pc-i440fx-1.7`` (since 7.0)
-'''''''''''''''''''''''''''''''''''''''''''''''''''''
-
-These old machine types are quite neglected nowadays and thus might have
-various pitfalls with regards to live migration. Use a newer machine type
-instead.
-
-
Backend options
---------------
diff --git a/docs/about/removed-features.rst b/docs/about/removed-features.rst
index c2043fd415..97ec47f1d2 100644
--- a/docs/about/removed-features.rst
+++ b/docs/about/removed-features.rst
@@ -715,8 +715,8 @@ mips ``fulong2e`` machine alias (removed in 6.0)
This machine has been renamed ``fuloong2e``.
-``pc-0.10`` up to ``pc-1.3`` (removed in 4.0 up to 6.0)
-'''''''''''''''''''''''''''''''''''''''''''''''''''''''
+``pc-0.10`` up to ``pc-i440fx-1.7`` (removed in 4.0 up to 8.2)
+''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''
These machine types were very old and likely could not be used for live
migration from old QEMU versions anymore. Use a newer machine type instead.
diff --git a/hw/i2c/pm_smbus.c b/hw/i2c/pm_smbus.c
index 9ad6a47739..4e1b8a5182 100644
--- a/hw/i2c/pm_smbus.c
+++ b/hw/i2c/pm_smbus.c
@@ -279,7 +279,7 @@ static void smb_ioport_writeb(void *opaque, hwaddr addr, uint64_t val,
if (!read && s->smb_index == s->smb_data0) {
uint8_t prot = (s->smb_ctl >> 2) & 0x07;
uint8_t cmd = s->smb_cmd;
- uint8_t addr = s->smb_addr >> 1;
+ uint8_t smb_addr = s->smb_addr >> 1;
int ret;
if (prot == PROT_I2C_BLOCK_READ) {
@@ -287,7 +287,7 @@ static void smb_ioport_writeb(void *opaque, hwaddr addr, uint64_t val,
goto out;
}
- ret = smbus_write_block(s->smbus, addr, cmd, s->smb_data,
+ ret = smbus_write_block(s->smbus, smb_addr, cmd, s->smb_data,
s->smb_data0, !s->i2c_enable);
if (ret < 0) {
s->smb_stat |= STS_DEV_ERR;
diff --git a/hw/i386/pc.c b/hw/i386/pc.c
index 3db0743f31..5d399b6247 100644
--- a/hw/i386/pc.c
+++ b/hw/i386/pc.c
@@ -359,60 +359,6 @@ GlobalProperty pc_compat_2_0[] = {
};
const size_t pc_compat_2_0_len = G_N_ELEMENTS(pc_compat_2_0);
-GlobalProperty pc_compat_1_7[] = {
- PC_CPU_MODEL_IDS("1.7.0")
- { TYPE_USB_DEVICE, "msos-desc", "no" },
- { "PIIX4_PM", ACPI_PM_PROP_ACPI_PCIHP_BRIDGE, "off" },
- { "hpet", HPET_INTCAP, "4" },
-};
-const size_t pc_compat_1_7_len = G_N_ELEMENTS(pc_compat_1_7);
-
-GlobalProperty pc_compat_1_6[] = {
- PC_CPU_MODEL_IDS("1.6.0")
- { "e1000", "mitigation", "off" },
- { "qemu64-" TYPE_X86_CPU, "model", "2" },
- { "qemu32-" TYPE_X86_CPU, "model", "3" },
- { "i440FX-pcihost", "short_root_bus", "1" },
- { "q35-pcihost", "short_root_bus", "1" },
-};
-const size_t pc_compat_1_6_len = G_N_ELEMENTS(pc_compat_1_6);
-
-GlobalProperty pc_compat_1_5[] = {
- PC_CPU_MODEL_IDS("1.5.0")
- { "Conroe-" TYPE_X86_CPU, "model", "2" },
- { "Conroe-" TYPE_X86_CPU, "min-level", "2" },
- { "Penryn-" TYPE_X86_CPU, "model", "2" },
- { "Penryn-" TYPE_X86_CPU, "min-level", "2" },
- { "Nehalem-" TYPE_X86_CPU, "model", "2" },
- { "Nehalem-" TYPE_X86_CPU, "min-level", "2" },
- { "virtio-net-pci", "any_layout", "off" },
- { TYPE_X86_CPU, "pmu", "on" },
- { "i440FX-pcihost", "short_root_bus", "0" },
- { "q35-pcihost", "short_root_bus", "0" },
-};
-const size_t pc_compat_1_5_len = G_N_ELEMENTS(pc_compat_1_5);
-
-GlobalProperty pc_compat_1_4[] = {
- PC_CPU_MODEL_IDS("1.4.0")
- { "scsi-hd", "discard_granularity", "0" },
- { "scsi-cd", "discard_granularity", "0" },
- { "ide-hd", "discard_granularity", "0" },
- { "ide-cd", "discard_granularity", "0" },
- { "virtio-blk-pci", "discard_granularity", "0" },
- /* DEV_NVECTORS_UNSPECIFIED as a uint32_t string: */
- { "virtio-serial-pci", "vectors", "0xFFFFFFFF" },
- { "virtio-net-pci", "ctrl_guest_offloads", "off" },
- { "e1000", "romfile", "pxe-e1000.rom" },
- { "ne2k_pci", "romfile", "pxe-ne2k_pci.rom" },
- { "pcnet", "romfile", "pxe-pcnet.rom" },
- { "rtl8139", "romfile", "pxe-rtl8139.rom" },
- { "virtio-net-pci", "romfile", "pxe-virtio.rom" },
- { "486-" TYPE_X86_CPU, "model", "0" },
- { "n270" "-" TYPE_X86_CPU, "movbe", "off" },
- { "Westmere" "-" TYPE_X86_CPU, "pclmulqdq", "off" },
-};
-const size_t pc_compat_1_4_len = G_N_ELEMENTS(pc_compat_1_4);
-
GSIState *pc_gsi_create(qemu_irq **irqs, bool pci_enabled)
{
GSIState *s;
@@ -1293,9 +1239,9 @@ void pc_basic_device_init(struct PCMachineState *pcms,
exit(1);
}
/*
- * For pc-piix-*, hpet's intcap is always IRQ2. For pc-q35-1.7 and
- * earlier, use IRQ2 for compat. Otherwise, use IRQ16~23, IRQ8 and
- * IRQ2.
+ * For pc-piix-*, hpet's intcap is always IRQ2. For pc-q35-*,
+ * use IRQ16~23, IRQ8 and IRQ2. If the user has already set
+ * the property, use whatever mask they specified.
*/
uint8_t compat = object_property_get_uint(OBJECT(hpet),
HPET_INTCAP, NULL);
diff --git a/hw/i386/pc_piix.c b/hw/i386/pc_piix.c
index 8321f36f97..ff8654ecda 100644
--- a/hw/i386/pc_piix.c
+++ b/hw/i386/pc_piix.c
@@ -423,27 +423,6 @@ static void pc_compat_2_0_fn(MachineState *machine)
pc_compat_2_1_fn(machine);
}
-static void pc_compat_1_7_fn(MachineState *machine)
-{
- pc_compat_2_0_fn(machine);
- x86_cpu_change_kvm_default("x2apic", NULL);
-}
-
-static void pc_compat_1_6_fn(MachineState *machine)
-{
- pc_compat_1_7_fn(machine);
-}
-
-static void pc_compat_1_5_fn(MachineState *machine)
-{
- pc_compat_1_6_fn(machine);
-}
-
-static void pc_compat_1_4_fn(MachineState *machine)
-{
- pc_compat_1_5_fn(machine);
-}
-
#ifdef CONFIG_ISAPC
static void pc_init_isa(MachineState *machine)
{
@@ -876,58 +855,6 @@ static void pc_i440fx_2_0_machine_options(MachineClass *m)
DEFINE_I440FX_MACHINE(v2_0, "pc-i440fx-2.0", pc_compat_2_0_fn,
pc_i440fx_2_0_machine_options);
-static void pc_i440fx_1_7_machine_options(MachineClass *m)
-{
- PCMachineClass *pcmc = PC_MACHINE_CLASS(m);
-
- pc_i440fx_2_0_machine_options(m);
- m->hw_version = "1.7.0";
- m->default_machine_opts = NULL;
- m->option_rom_has_mr = true;
- m->deprecation_reason = "old and unattended - use a newer version instead";
- compat_props_add(m->compat_props, pc_compat_1_7, pc_compat_1_7_len);
- pcmc->smbios_defaults = false;
- pcmc->gigabyte_align = false;
- pcmc->legacy_acpi_table_size = 6414;
-}
-
-DEFINE_I440FX_MACHINE(v1_7, "pc-i440fx-1.7", pc_compat_1_7_fn,
- pc_i440fx_1_7_machine_options);
-
-static void pc_i440fx_1_6_machine_options(MachineClass *m)
-{
- PCMachineClass *pcmc = PC_MACHINE_CLASS(m);
-
- pc_i440fx_1_7_machine_options(m);
- m->hw_version = "1.6.0";
- m->rom_file_has_mr = false;
- compat_props_add(m->compat_props, pc_compat_1_6, pc_compat_1_6_len);
- pcmc->has_acpi_build = false;
-}
-
-DEFINE_I440FX_MACHINE(v1_6, "pc-i440fx-1.6", pc_compat_1_6_fn,
- pc_i440fx_1_6_machine_options);
-
-static void pc_i440fx_1_5_machine_options(MachineClass *m)
-{
- pc_i440fx_1_6_machine_options(m);
- m->hw_version = "1.5.0";
- compat_props_add(m->compat_props, pc_compat_1_5, pc_compat_1_5_len);
-}
-
-DEFINE_I440FX_MACHINE(v1_5, "pc-i440fx-1.5", pc_compat_1_5_fn,
- pc_i440fx_1_5_machine_options);
-
-static void pc_i440fx_1_4_machine_options(MachineClass *m)
-{
- pc_i440fx_1_5_machine_options(m);
- m->hw_version = "1.4.0";
- compat_props_add(m->compat_props, pc_compat_1_4, pc_compat_1_4_len);
-}
-
-DEFINE_I440FX_MACHINE(v1_4, "pc-i440fx-1.4", pc_compat_1_4_fn,
- pc_i440fx_1_4_machine_options);
-
#ifdef CONFIG_ISAPC
static void isapc_machine_options(MachineClass *m)
{
diff --git a/hw/scsi/mptsas.c b/hw/scsi/mptsas.c
index 3de288b454..75d3ab8bd1 100644
--- a/hw/scsi/mptsas.c
+++ b/hw/scsi/mptsas.c
@@ -192,7 +192,7 @@ static dma_addr_t mptsas_ld_sg_base(MPTSASState *s, uint32_t flags_and_length,
return addr;
}
-static int mptsas_build_sgl(MPTSASState *s, MPTSASRequest *req, hwaddr addr)
+static int mptsas_build_sgl(MPTSASState *s, MPTSASRequest *req, hwaddr req_addr)
{
PCIDevice *pci = (PCIDevice *) s;
hwaddr next_chain_addr;
@@ -201,8 +201,8 @@ static int mptsas_build_sgl(MPTSASState *s, MPTSASRequest *req, hwaddr addr)
uint32_t chain_offset;
chain_offset = req->scsi_io.ChainOffset;
- next_chain_addr = addr + chain_offset * sizeof(uint32_t);
- sgaddr = addr + sizeof(MPIMsgSCSIIORequest);
+ next_chain_addr = req_addr + chain_offset * sizeof(uint32_t);
+ sgaddr = req_addr + sizeof(MPIMsgSCSIIORequest);
pci_dma_sglist_init(&req->qsg, pci, 4);
left = req->scsi_io.DataLength;
diff --git a/hw/scsi/scsi-disk.c b/hw/scsi/scsi-disk.c
index e0d79c7966..477ee2bcd4 100644
--- a/hw/scsi/scsi-disk.c
+++ b/hw/scsi/scsi-disk.c
@@ -1628,9 +1628,10 @@ static void scsi_disk_emulate_mode_select(SCSIDiskReq *r, uint8_t *inbuf)
* Since the existing code only checks/updates bits 8-15 of the block
* size, restrict ourselves to the same requirement for now to ensure
* that a block size set by a block descriptor and then read back by
- * a subsequent SCSI command will be the same
+ * a subsequent SCSI command will be the same. Also disallow a block
+ * size of 256 since we cannot handle anything below BDRV_SECTOR_SIZE.
*/
- if (bs && !(bs & ~0xff00) && bs != s->qdev.blocksize) {
+ if (bs && !(bs & ~0xfe00) && bs != s->qdev.blocksize) {
s->qdev.blocksize = bs;
trace_scsi_disk_mode_select_set_blocksize(s->qdev.blocksize);
}
diff --git a/include/qemu/compiler.h b/include/qemu/compiler.h
index a309f90c76..7fda29b445 100644
--- a/include/qemu/compiler.h
+++ b/include/qemu/compiler.h
@@ -197,4 +197,10 @@
#define BUILTIN_SUBCLL_BROKEN
#endif
+#if __has_attribute(annotate)
+#define QEMU_ANNOTATE(x) __attribute__((annotate(x)))
+#else
+#define QEMU_ANNOTATE(x)
+#endif
+
#endif /* COMPILER_H */
diff --git a/include/qemu/osdep.h b/include/qemu/osdep.h
index 2897720fac..e4a4eb2d61 100644
--- a/include/qemu/osdep.h
+++ b/include/qemu/osdep.h
@@ -185,7 +185,7 @@ extern "C" {
* }
*/
#ifdef __clang__
-#define coroutine_fn __attribute__((__annotate__("coroutine_fn")))
+#define coroutine_fn QEMU_ANNOTATE("coroutine_fn")
#else
#define coroutine_fn
#endif
@@ -195,7 +195,7 @@ extern "C" {
* but can handle running in non-coroutine context too.
*/
#ifdef __clang__
-#define coroutine_mixed_fn __attribute__((__annotate__("coroutine_mixed_fn")))
+#define coroutine_mixed_fn QEMU_ANNOTATE("coroutine_mixed_fn")
#else
#define coroutine_mixed_fn
#endif
@@ -224,7 +224,7 @@ extern "C" {
* }
*/
#ifdef __clang__
-#define no_coroutine_fn __attribute__((__annotate__("no_coroutine_fn")))
+#define no_coroutine_fn QEMU_ANNOTATE("no_coroutine_fn")
#else
#define no_coroutine_fn
#endif
diff --git a/pc-bios/bios.bin b/pc-bios/bios.bin
index 6a196cf72a..d3abd947da 100644
--- a/pc-bios/bios.bin
+++ b/pc-bios/bios.bin
Binary files differ
diff --git a/roms/config.seabios-128k b/roms/config.seabios-128k
index d18c802c46..0b144bb1de 100644
--- a/roms/config.seabios-128k
+++ b/roms/config.seabios-128k
@@ -1,21 +1,30 @@
-# for qemu machine types 1.7 + older
-# need to turn off features (xhci,uas) to make it fit into 128k
+# SeaBIOS Configuration for -M isapc
+
CONFIG_QEMU=y
CONFIG_ROM_SIZE=128
CONFIG_ATA_DMA=n
-CONFIG_BOOTSPLASH=n
CONFIG_XEN=n
-CONFIG_USB_OHCI=n
-CONFIG_USB_XHCI=n
-CONFIG_USB_UAS=n
+CONFIG_ATA_PIO32=n
+CONFIG_AHCI=n
CONFIG_SDCARD=n
-CONFIG_TCGBIOS=n
-CONFIG_MPT_SCSI=n
+CONFIG_VIRTIO_BLK=n
+CONFIG_VIRTIO_SCSI=n
+CONFIG_PVSCSI=n
CONFIG_ESP_SCSI=n
+CONFIG_LSI_SCSI=n
CONFIG_MEGASAS=n
-CONFIG_PVSCSI=n
+CONFIG_MPT_SCSI=n
CONFIG_NVME=n
CONFIG_USE_SMM=n
CONFIG_VGAHOOKS=n
CONFIG_HOST_BIOS_GEOMETRY=n
+CONFIG_USB=n
+CONFIG_PMTIMER=n
+CONFIG_PCIBIOS=n
+CONFIG_DISABLE_A20=n
+CONFIG_WRITABLE_UPPERMEMORY=n
+CONFIG_TCGBIOS=n
+CONFIG_ACPI=n
CONFIG_ACPI_PARSE=n
+CONFIG_DEBUG_SERIAL=n
+CONFIG_DEBUG_SERIAL_MMIO=n
diff --git a/softmmu/vl.c b/softmmu/vl.c
index db04f98c36..59a472a0b1 100644
--- a/softmmu/vl.c
+++ b/softmmu/vl.c
@@ -3214,7 +3214,6 @@ void qemu_init(int argc, char **argv)
}
break;
case QEMU_OPTION_watchdog_action: {
- QemuOpts *opts;
opts = qemu_opts_create(qemu_find_opts("action"), NULL, 0, &error_abort);
qemu_opt_set(opts, "watchdog", optarg, &error_abort);
break;
@@ -3525,16 +3524,16 @@ void qemu_init(int argc, char **argv)
break;
case QEMU_OPTION_compat:
{
- CompatPolicy *opts;
+ CompatPolicy *opts_policy;
Visitor *v;
v = qobject_input_visitor_new_str(optarg, NULL,
&error_fatal);
- visit_type_CompatPolicy(v, NULL, &opts, &error_fatal);
- QAPI_CLONE_MEMBERS(CompatPolicy, &compat_policy, opts);
+ visit_type_CompatPolicy(v, NULL, &opts_policy, &error_fatal);
+ QAPI_CLONE_MEMBERS(CompatPolicy, &compat_policy, opts_policy);
- qapi_free_CompatPolicy(opts);
+ qapi_free_CompatPolicy(opts_policy);
visit_free(v);
break;
}
diff --git a/target/i386/cpu.c b/target/i386/cpu.c
index 7836aa6692..ed72883bf3 100644
--- a/target/i386/cpu.c
+++ b/target/i386/cpu.c
@@ -5976,9 +5976,10 @@ static void x86_register_cpudef_types(const X86CPUDefinition *def)
/* Versioned models: */
for (vdef = x86_cpu_def_get_versions(def); vdef->version; vdef++) {
- X86CPUModel *m = g_new0(X86CPUModel, 1);
g_autofree char *name =
x86_cpu_versioned_model_name(def, vdef->version);
+
+ m = g_new0(X86CPUModel, 1);
m->cpudef = def;
m->version = vdef->version;
m->note = vdef->note;
diff --git a/target/i386/kvm/kvm.c b/target/i386/kvm/kvm.c
index af101fcdf6..f6c7f7e268 100644
--- a/target/i386/kvm/kvm.c
+++ b/target/i386/kvm/kvm.c
@@ -2699,8 +2699,6 @@ int kvm_arch_init(MachineState *ms, KVMState *s)
if (enable_cpu_pm) {
int disable_exits = kvm_check_extension(s, KVM_CAP_X86_DISABLE_EXITS);
- int ret;
-
/* Work around for kernel header with a typo. TODO: fix header and drop. */
#if defined(KVM_X86_DISABLE_EXITS_HTL) && !defined(KVM_X86_DISABLE_EXITS_HLT)
#define KVM_X86_DISABLE_EXITS_HLT KVM_X86_DISABLE_EXITS_HTL
@@ -3610,7 +3608,7 @@ static int kvm_put_msrs(X86CPU *cpu, int level)
if (kvm_enabled() && cpu->enable_pmu &&
(env->features[FEAT_7_0_EDX] & CPUID_7_0_EDX_ARCH_LBR)) {
uint64_t depth;
- int i, ret;
+ int ret;
/*
* Only migrate Arch LBR states when the host Arch LBR depth
@@ -3643,8 +3641,6 @@ static int kvm_put_msrs(X86CPU *cpu, int level)
}
if (env->mcg_cap) {
- int i;
-
kvm_msr_entry_add(cpu, MSR_MCG_STATUS, env->mcg_status);
kvm_msr_entry_add(cpu, MSR_MCG_CTL, env->mcg_ctl);
if (has_msr_mcg_ext_ctl) {
@@ -4041,7 +4037,6 @@ static int kvm_get_msrs(X86CPU *cpu)
if (kvm_enabled() && cpu->enable_pmu &&
(env->features[FEAT_7_0_EDX] & CPUID_7_0_EDX_ARCH_LBR)) {
uint64_t depth;
- int i, ret;
ret = kvm_get_one_msr(cpu, MSR_ARCH_LBR_DEPTH, &depth);
if (ret == 1 && depth == ARCH_LBR_NR_ENTRIES) {
diff --git a/target/i386/tcg/seg_helper.c b/target/i386/tcg/seg_helper.c
index e8d19c65fd..2b92aee207 100644
--- a/target/i386/tcg/seg_helper.c
+++ b/target/i386/tcg/seg_helper.c
@@ -226,14 +226,29 @@ static void tss_load_seg(CPUX86State *env, X86Seg seg_reg, int selector,
}
}
+static void tss_set_busy(CPUX86State *env, int tss_selector, bool value,
+ uintptr_t retaddr)
+{
+ target_ulong ptr = env->gdt.base + (env->tr.selector & ~7);
+ uint32_t e2 = cpu_ldl_kernel_ra(env, ptr + 4, retaddr);
+
+ if (value) {
+ e2 |= DESC_TSS_BUSY_MASK;
+ } else {
+ e2 &= ~DESC_TSS_BUSY_MASK;
+ }
+
+ cpu_stl_kernel_ra(env, ptr + 4, e2, retaddr);
+}
+
#define SWITCH_TSS_JMP 0
#define SWITCH_TSS_IRET 1
#define SWITCH_TSS_CALL 2
-/* XXX: restore CPU state in registers (PowerPC case) */
-static void switch_tss_ra(CPUX86State *env, int tss_selector,
- uint32_t e1, uint32_t e2, int source,
- uint32_t next_eip, uintptr_t retaddr)
+/* return 0 if switching to a 16-bit selector */
+static int switch_tss_ra(CPUX86State *env, int tss_selector,
+ uint32_t e1, uint32_t e2, int source,
+ uint32_t next_eip, uintptr_t retaddr)
{
int tss_limit, tss_limit_max, type, old_tss_limit_max, old_type, v1, v2, i;
target_ulong tss_base;
@@ -341,13 +356,7 @@ static void switch_tss_ra(CPUX86State *env, int tss_selector,
/* clear busy bit (it is restartable) */
if (source == SWITCH_TSS_JMP || source == SWITCH_TSS_IRET) {
- target_ulong ptr;
- uint32_t e2;
-
- ptr = env->gdt.base + (env->tr.selector & ~7);
- e2 = cpu_ldl_kernel_ra(env, ptr + 4, retaddr);
- e2 &= ~DESC_TSS_BUSY_MASK;
- cpu_stl_kernel_ra(env, ptr + 4, e2, retaddr);
+ tss_set_busy(env, env->tr.selector, 0, retaddr);
}
old_eflags = cpu_compute_eflags(env);
if (source == SWITCH_TSS_IRET) {
@@ -399,13 +408,7 @@ static void switch_tss_ra(CPUX86State *env, int tss_selector,
/* set busy bit */
if (source == SWITCH_TSS_JMP || source == SWITCH_TSS_CALL) {
- target_ulong ptr;
- uint32_t e2;
-
- ptr = env->gdt.base + (tss_selector & ~7);
- e2 = cpu_ldl_kernel_ra(env, ptr + 4, retaddr);
- e2 |= DESC_TSS_BUSY_MASK;
- cpu_stl_kernel_ra(env, ptr + 4, e2, retaddr);
+ tss_set_busy(env, tss_selector, 1, retaddr);
}
/* set the new CPU state */
@@ -499,13 +502,14 @@ static void switch_tss_ra(CPUX86State *env, int tss_selector,
cpu_x86_update_dr7(env, env->dr[7] & ~DR7_LOCAL_BP_MASK);
}
#endif
+ return type >> 3;
}
-static void switch_tss(CPUX86State *env, int tss_selector,
- uint32_t e1, uint32_t e2, int source,
- uint32_t next_eip)
+static int switch_tss(CPUX86State *env, int tss_selector,
+ uint32_t e1, uint32_t e2, int source,
+ uint32_t next_eip)
{
- switch_tss_ra(env, tss_selector, e1, e2, source, next_eip, 0);
+ return switch_tss_ra(env, tss_selector, e1, e2, source, next_eip, 0);
}
static inline unsigned int get_sp_mask(unsigned int e2)
@@ -647,14 +651,11 @@ static void do_interrupt_protected(CPUX86State *env, int intno, int is_int,
if (!(e2 & DESC_P_MASK)) {
raise_exception_err(env, EXCP0B_NOSEG, intno * 8 + 2);
}
- switch_tss(env, intno * 8, e1, e2, SWITCH_TSS_CALL, old_eip);
+ shift = switch_tss(env, intno * 8, e1, e2, SWITCH_TSS_CALL, old_eip);
if (has_error_code) {
- int type;
uint32_t mask;
/* push the error code */
- type = (env->tr.flags >> DESC_TYPE_SHIFT) & 0xf;
- shift = type >> 3;
if (env->segs[R_SS].flags & DESC_B_MASK) {
mask = 0xffffffff;
} else {
diff --git a/target/i386/tcg/sysemu/svm_helper.c b/target/i386/tcg/sysemu/svm_helper.c
index 2d27731b60..32ff0dbb13 100644
--- a/target/i386/tcg/sysemu/svm_helper.c
+++ b/target/i386/tcg/sysemu/svm_helper.c
@@ -387,8 +387,6 @@ void helper_vmrun(CPUX86State *env, int aflag, int next_eip_addend)
env->hflags2 |= HF2_GIF_MASK;
if (ctl_has_irq(env)) {
- CPUState *cs = env_cpu(env);
-
cs->interrupt_request |= CPU_INTERRUPT_VIRQ;
}
diff --git a/target/i386/tcg/translate.c b/target/i386/tcg/translate.c
index c98e42f17a..72635b87d3 100644
--- a/target/i386/tcg/translate.c
+++ b/target/i386/tcg/translate.c
@@ -3242,7 +3242,7 @@ static bool disas_insn(DisasContext *s, CPUState *cpu)
case 0x30 ... 0x35:
case 0x38 ... 0x3d:
{
- int op, f, val;
+ int f;
op = (b >> 3) & 7;
f = (b >> 1) & 3;
@@ -3302,8 +3302,6 @@ static bool disas_insn(DisasContext *s, CPUState *cpu)
case 0x81:
case 0x83:
{
- int val;
-
ot = mo_b_d(b, dflag);
modrm = x86_ldub_code(env, s);
diff --git a/tests/qtest/m48t59-test.c b/tests/qtest/m48t59-test.c
index 9487faff1a..b9cd209165 100644
--- a/tests/qtest/m48t59-test.c
+++ b/tests/qtest/m48t59-test.c
@@ -192,19 +192,22 @@ static void bcd_check_time(void)
}
if (!(tm_cmp(&start, datep) <= 0 && tm_cmp(datep, &end) <= 0)) {
- long t, s;
+ long date_s, start_s;
+ unsigned long diff;
start.tm_isdst = datep->tm_isdst;
- t = (long)mktime(datep);
- s = (long)mktime(&start);
- if (t < s) {
- g_test_message("RTC is %ld second(s) behind wall-clock", (s - t));
+ date_s = (long)mktime(datep);
+ start_s = (long)mktime(&start);
+ if (date_s < start_s) {
+ diff = start_s - date_s;
+ g_test_message("RTC is %ld second(s) behind wall-clock", diff);
} else {
- g_test_message("RTC is %ld second(s) ahead of wall-clock", (t - s));
+ diff = date_s - start_s;
+ g_test_message("RTC is %ld second(s) ahead of wall-clock", diff);
}
- g_assert_cmpint(ABS(t - s), <=, wiggle);
+ g_assert_cmpint(diff, <=, wiggle);
}
qtest_quit(qts);
diff --git a/tests/qtest/test-x86-cpuid-compat.c b/tests/qtest/test-x86-cpuid-compat.c
index b39c9055b3..6a39454fce 100644
--- a/tests/qtest/test-x86-cpuid-compat.c
+++ b/tests/qtest/test-x86-cpuid-compat.c
@@ -313,18 +313,10 @@ int main(int argc, char **argv)
"xlevel2", 0);
}
/*
- * QEMU 1.4.0 had auto-level enabled for CPUID[7], already,
+ * QEMU 2.3.0 had auto-level enabled for CPUID[7], already,
* and the compat code that sets default level shouldn't
* disable the auto-level=7 code:
*/
- if (qtest_has_machine("pc-i440fx-1.4")) {
- add_cpuid_test("x86/cpuid/auto-level7/pc-i440fx-1.4/off",
- "-machine pc-i440fx-1.4 -cpu Nehalem",
- "level", 2);
- add_cpuid_test("x86/cpuid/auto-level7/pc-i440fx-1.5/on",
- "-machine pc-i440fx-1.4 -cpu Nehalem,smap=on",
- "level", 7);
- }
if (qtest_has_machine("pc-i440fx-2.3")) {
add_cpuid_test("x86/cpuid/auto-level7/pc-i440fx-2.3/off",
"-machine pc-i440fx-2.3 -cpu Penryn",
diff --git a/ui/vnc.c b/ui/vnc.c
index 6fd86996a5..c302bb07a5 100644
--- a/ui/vnc.c
+++ b/ui/vnc.c
@@ -2205,7 +2205,7 @@ static void set_encodings(VncState *vs, int32_t *encodings, size_t n_encodings)
break;
case VNC_ENCODING_XVP:
if (vs->vd->power_control) {
- vs->features |= VNC_FEATURE_XVP;
+ vs->features |= VNC_FEATURE_XVP_MASK;
send_xvp_message(vs, VNC_XVP_CODE_INIT);
}
break;
@@ -2454,7 +2454,7 @@ static int protocol_client_msg(VncState *vs, uint8_t *data, size_t len)
vnc_client_cut_text(vs, read_u32(data, 4), data + 8);
break;
case VNC_MSG_CLIENT_XVP:
- if (!(vs->features & VNC_FEATURE_XVP)) {
+ if (!vnc_has_feature(vs, VNC_FEATURE_XVP)) {
error_report("vnc: xvp client message while disabled");
vnc_client_error(vs);
break;
@@ -2551,7 +2551,7 @@ static int protocol_client_msg(VncState *vs, uint8_t *data, size_t len)
vs, vs->ioc, vs->as.fmt, vs->as.nchannels, vs->as.freq);
break;
default:
- VNC_DEBUG("Invalid audio message %d\n", read_u8(data, 4));
+ VNC_DEBUG("Invalid audio message %d\n", read_u8(data, 2));
vnc_client_error(vs);
break;
}