aboutsummaryrefslogtreecommitdiff
AgeCommit message (Collapse)Author
2017-04-04pci: Only unmap bus_master_enabled_region if was added previouslyAlexey Kardashevskiy
Normally pci_init_bus_master() would be called either via bus->machine_done.notify or directly from do_pci_register_device(). However if a device's realize() failed, pci_init_bus_master() is not called, and do_pci_unregister_device() fails on memory_region_del_subregion() as it was not mapped. This adds a check that subregion was mapped before unmapping it. Fixes: c53598ed18e4 ("pci: Add missing drop of bus master AS reference") Signed-off-by: Alexey Kardashevskiy <aik@ozlabs.ru> Reviewed-by: Michael S. Tsirkin <mst@redhat.com> Signed-off-by: Michael S. Tsirkin <mst@redhat.com> Reviewed-by: Max Reitz <mreitz@redhat.com> Reviewed-by: Marcel Apfelbaum <marcel@redhat.com> Acked-by: Paolo Bonzini <pbonzini@redhat.com> Tested-by: John Snow <jsnow@redhat.com>
2017-04-04Merge remote-tracking branch 'remotes/bonzini/tags/for-upstream' into stagingPeter Maydell
* MemoryRegionCache revert * glib optimization workaround * fix "info lapic" segfault on isapc * fix QIOChannel memory leak # gpg: Signature made Mon 03 Apr 2017 18:17:00 BST # gpg: using RSA key 0xBFFBD25F78C7AE83 # gpg: Good signature from "Paolo Bonzini <bonzini@gnu.org>" # gpg: aka "Paolo Bonzini <pbonzini@redhat.com>" # Primary key fingerprint: 46F5 9FBD 57D6 12E7 BFD4 E2F7 7E15 100C CD36 69B1 # Subkey fingerprint: F133 3857 4B66 2389 866C 7682 BFFB D25F 78C7 AE83 * remotes/bonzini/tags/for-upstream: main-loop: Acquire main_context lock around os_host_main_loop_wait. exec: revert MemoryRegionCache nbd: fix memory leak on socket_connect failed ipmi: Fix macro issues target-i386: fix "info lapic" segfault on isapc iscsi: drop unused IscsiAIOCB.qiov field Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2017-04-03tests/libqtest.c: Delete possible stale unix socketsPeter Maydell
Occasionally if a test crashes or is interrupted by the user at the wrong moment it could leave behind a stale UNIX socket in /tmp/. This will then cause a subsequent test run to fail spuriously with tests/libqtest.c:70:init_socket: assertion failed (ret != -1): (-1 != -1) if it happens to reuse the same PID. Defend against this by deleting any stray stale socket before trying to open the new ones for this test. Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org> Reviewed-by: Eric Blake <eblake@redhat.com> Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com> Message-id: 1490963801-27870-1-git-send-email-peter.maydell@linaro.org
2017-04-03main-loop: Acquire main_context lock around os_host_main_loop_wait.Richard W.M. Jones
When running virt-rescue the serial console hangs from time to time. Virt-rescue runs an ordinary Linux kernel "appliance", but there is only a single idle process running inside, so the qemu main loop is largely idle. With virt-rescue >= 1.37 you may be able to observe the hang by doing: $ virt-rescue -e ^] --scratch ><rescue> while true; do ls -l /usr/bin; done The hang in virt-rescue can be resolved by pressing a key on the serial console. Possibly with the same root cause, we also observed hangs during very early boot of regular Linux VMs with a serial console. Those hangs are extremely rare, but you may be able to observe them by running this command on baremetal for a sufficiently long time: $ while libguestfs-test-tool -t 60 >& /tmp/log ; do echo -n . ; done (Check in /tmp/log that the failure was caused by a hang during early boot, and not some other reason) During investigation of this bug, Paolo Bonzini wrote: > glib is expecting QEMU to use g_main_context_acquire around accesses to > GMainContext. However QEMU is not doing that, instead it is taking its > own mutex. So we should add g_main_context_acquire and > g_main_context_release in the two implementations of > os_host_main_loop_wait; these should undo the effect of Frediano's > glib patch. This patch exactly implements Paolo's suggestion in that paragraph. This fixes the serial console hang in my testing, across 3 different physical machines (AMD, Intel Core i7 and Intel Xeon), over many hours of automated testing. I wasn't able to reproduce the early boot hangs (but as noted above, these are extremely rare in any case). Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=1435432 Reported-by: Richard W.M. Jones <rjones@redhat.com> Tested-by: Richard W.M. Jones <rjones@redhat.com> Signed-off-by: Richard W.M. Jones <rjones@redhat.com> Message-Id: <20170331205133.23906-1-rjones@redhat.com> [Paolo: this is actually a glib bug: recent glib versions are also expecting g_main_context_acquire around g_poll---but that is not documented and probably not even intended]. Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2017-04-03Merge remote-tracking branch 'remotes/maxreitz/tags/pull-block-2017-04-03' ↵Peter Maydell
into staging Block patches for 2.9-rc3 # gpg: Signature made Mon 03 Apr 2017 16:29:49 BST # gpg: using RSA key 0xF407DB0061D5CF40 # gpg: Good signature from "Max Reitz <mreitz@redhat.com>" # Primary key fingerprint: 91BE B60A 30DB 3E88 57D1 1829 F407 DB00 61D5 CF40 * remotes/maxreitz/tags/pull-block-2017-04-03: block/parallels: Avoid overflows iotests: Improve image-clear tests on non-aligned image qcow2: Discard unaligned tail when wiping image iotests: fix 097 when run with qcow qemu-io-cmds: Assert that global and nofile commands don't use ct->perms sheepdog: Fix blockdev-add nbd: Tidy up blockdev-add interface sockets: New helper socket_address_crumple() qapi-schema: SocketAddressFlat variants 'vsock' and 'fd' gluster: Prepare for SocketAddressFlat extension block: Document -drive problematic code and bugs io vnc sockets: Clean up SocketAddressKind switches char: Fix socket with "type": "vsock" address nbd sockets vnc: Mark problematic address family tests TODO block: add missed aio_context_acquire into release_drive Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2017-04-03block/parallels: Avoid overflowsMax Reitz
Change the types of variables in allocate_clusters() to int64_t so we do not have to worry about potential overflows. Add an assertion that our accesses to s->bat[] do not result in a buffer overflow and that the implicit conversion performed when invoking bat_entry_off() does not result in an integer overflow. Coverity-id: 1307776 Signed-off-by: Max Reitz <mreitz@redhat.com> Message-id: 20170331170512.10381-1-mreitz@redhat.com Reviewed-by: Eric Blake <eblake@redhat.com> Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org> Signed-off-by: Max Reitz <mreitz@redhat.com>
2017-04-03iotests: Improve image-clear tests on non-aligned imageEric Blake
Tweak 097 and 176 to operate on an image that is not cluster-aligned, to give further coverage of clearing out an entire image, including the recent fix to eliminate the difference between fast path (97) and slow (176) for qcow2. Also tested on qcow (97 only, since qcow lacks snapshots). Signed-off-by: Eric Blake <eblake@redhat.com> Message-id: 20170331185356.2479-4-eblake@redhat.com Reviewed-by: Max Reitz <mreitz@redhat.com> Signed-off-by: Max Reitz <mreitz@redhat.com>
2017-04-03qcow2: Discard unaligned tail when wiping imageEric Blake
There is a subtle difference between the fast (qcow2v3 with no extra data) and slow path (qcow2v2 format [aka 0.10], or when a snapshot is present) of qcow2_make_empty(). The slow path fails to discard the final (partial) cluster of an unaligned image. The problem stems from the fact that qcow2_discard_clusters() was silently ignoring sub-cluster head and tail on unaligned requests. A quick audit of all callers shows that qcow2_snapshot_create() has always passed a cluster-aligned request since the call was added in commit 1ebf561; qcow2_co_pdiscard() has passed a cluster-aligned request since commit ecdbead taught the block layer about preferred discard alignment; and qcow2_make_empty() was fixed to pass an aligned start (but not necessarily end) in commit a3e1505. Asserting that the start is always aligned also points out that we now have a dead check: rounding the end offset down can never result in a value less than the aligned start offset (the check was rendered dead with commit ecdbead). Meanwhile, we do not want to round the end cluster down in the one case of the end offset matching the (unaligned) file size - that final partial cluster should still be discarded. With those fixes in place, the fast and slow paths are back in sync at discarding an entire image; the next patch will update qemu-iotests to ensure we don't regress. Note that bdrv_co_pdiscard ignores ALL partial cluster requests, including the partial cluster at the end of an image; it can be argued that the partial cluster at the end should be special-cased so that a guest issuing discard requests at proper alignments everywhere else can likewise empty the entire image. But that optimization is left for another day. Signed-off-by: Eric Blake <eblake@redhat.com> Message-id: 20170331185356.2479-3-eblake@redhat.com Reviewed-by: Max Reitz <mreitz@redhat.com> Signed-off-by: Max Reitz <mreitz@redhat.com>
2017-04-03iotests: fix 097 when run with qcowDaniel P. Berrange
The previous commit: commit a3e1505daec31ef56f0489f8c8fff1b8e4ca92bd Author: Eric Blake <eblake@redhat.com> Date: Mon Dec 5 09:49:34 2016 -0600 qcow2: Don't strand clusters near 2G intervals during commit extended the 097 test case so that it did two passes, once with an internal snapshot, once without. qcow (v1) does not support internal snapshots, so this change broke test 097 when run against qcow. This splits 097 in two, creating a new 176 that tests the internal snapshot codepath, effectively putting 097 back to its content before the above commit. Reviewed-by: Max Reitz <mreitz@redhat.com> Signed-off-by: Daniel P. Berrange <berrange@redhat.com> Message-Id: <20170221115512.21918-8-berrange@redhat.com> [eblake: test collisions: s/173/176/g] Signed-off-by: Eric Blake <eblake@redhat.com> Message-id: 20170331185356.2479-2-eblake@redhat.com Signed-off-by: Max Reitz <mreitz@redhat.com>
2017-04-03qemu-io-cmds: Assert that global and nofile commands don't use ct->permsPeter Maydell
It would be a bug for a command with the CMD_NOFILE_OK or CMD_FLAG_GLOBAL flags set to also set the ct->perms field, because the former says "OK for a file not to be open" but the latter is a check on a file. Add an assertion in qemuio_add_command() so we can catch that sort of buggy command definition immediately rather than it being a bug that only manifests when a particular set of command line options is used. (Coverity gets confused about this (CID 1371723) and reports that we might dereference a NULL blk pointer in this case, because it can't tell that that code path never happens with the cmdinfo_t that we have. This commit won't help unconfuse it, but it does fix the underlying issue.) Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Message-id: 1490967529-4767-1-git-send-email-peter.maydell@linaro.org Signed-off-by: Max Reitz <mreitz@redhat.com>
2017-04-03sheepdog: Fix blockdev-addMarkus Armbruster
Commit 831acdc "sheepdog: Implement bdrv_parse_filename()" and commit d282f34 "sheepdog: Support blockdev-add" have different ideas on how the QemuOpts parameters for the server address are named. Fix that. While there, rename BlockdevOptionsSheepdog member addr to server, for consistency with BlockdevOptionsSsh, BlockdevOptionsGluster, BlockdevOptionsNbd. Commit 831acdc's example becomes --drive driver=sheepdog,server.type=inet,server.host=fido,server.port=7000,vdi=dolly instead of --drive driver=sheepdog,host=fido,vdi=dolly Signed-off-by: Markus Armbruster <armbru@redhat.com> Reviewed-by: Eric Blake <eblake@redhat.com> Tested-by: Kashyap Chamarthy <kchamart@redhat.com> Message-id: 1490895797-29094-10-git-send-email-armbru@redhat.com Signed-off-by: Max Reitz <mreitz@redhat.com>
2017-04-03nbd: Tidy up blockdev-add interfaceMarkus Armbruster
SocketAddress is a simple union, and simple unions are awkward: they have their variant members wrapped in a "data" object on the wire, and require additional indirections in C. I intend to limit its use to existing external interfaces, and convert all internal interfaces to SocketAddressFlat. BlockdevOptionsNbd is an external interface using SocketAddress. We already use SocketAddressFlat elsewhere in blockdev-add. Replace it by SocketAddressFlat while we can (it's new in 2.9) for simplicity and consistency. For example, { "execute": "blockdev-add", "arguments": { "node-name": "foo", "driver": "nbd", "server": { "type": "inet", "data": { "host": "localhost", "port": "12345" } } } } becomes { "execute": "blockdev-add", "arguments": { "node-name": "foo", "driver": "nbd", "server": { "type": "inet", "host": "localhost", "port": "12345" } } } Since the internal interfaces still take SocketAddress, this requires conversion function socket_address_crumple(). It'll go away when I update the interfaces. Unfortunately, SocketAddress is also visible in -drive since 2.8: -drive if=none,driver=nbd,server.type=inet,server.data.host=127.0.0.1,server.data.port=12345 Nobody should be using it, as it's fairly new and has never been documented, so adding still more compatibility gunk to keep it working isn't worth the trouble. You now have to use -drive if=none,driver=nbd,server.type=inet,server.host=127.0.0.1,server.port=12345 Signed-off-by: Markus Armbruster <armbru@redhat.com> Message-id: 1490895797-29094-9-git-send-email-armbru@redhat.com [mreitz: Change iotest 147 accordingly] Because of this interface change, iotest 147 has to be adapted. Unfortunately, we cannot just flatten all of the addresses because nbd-server-start still takes a plain SocketAddress. Therefore, we need both and this is most easily achieved by writing the SocketAddress into the code and flattening it where necessary. Signed-off-by: Max Reitz <mreitz@redhat.com> Message-id: 20170330221243.17333-1-mreitz@redhat.com Reviewed-by: Eric Blake <eblake@redhat.com> Signed-off-by: Max Reitz <mreitz@redhat.com>
2017-04-03sockets: New helper socket_address_crumple()Markus Armbruster
SocketAddress is a simple union, and simple unions are awkward: they have their variant members wrapped in a "data" object on the wire, and require additional indirections in C. I intend to limit its use to existing external interfaces. New ones should use SocketAddressFlat. I further intend to convert all internal interfaces to SocketAddressFlat. This helper should go away then. Signed-off-by: Markus Armbruster <armbru@redhat.com> Message-id: 1490895797-29094-8-git-send-email-armbru@redhat.com Reviewed-by: Eric Blake <eblake@redhat.com> Signed-off-by: Max Reitz <mreitz@redhat.com>
2017-04-03qapi-schema: SocketAddressFlat variants 'vsock' and 'fd'Markus Armbruster
Note that the new variants are impossible in qemu_gluster_glfs_init(), because the gconf->server can only come from qemu_gluster_parse_uri() or qemu_gluster_parse_json(), and neither can create anything but 'inet' or 'unix'. Signed-off-by: Markus Armbruster <armbru@redhat.com> Reviewed-by: Max Reitz <mreitz@redhat.com> Reviewed-by: Eric Blake <eblake@redhat.com> Message-id: 1490895797-29094-7-git-send-email-armbru@redhat.com Signed-off-by: Max Reitz <mreitz@redhat.com>
2017-04-03gluster: Prepare for SocketAddressFlat extensionMarkus Armbruster
qemu_gluster_glfs_init() and qemu_gluster_parse_json() rely on the fact that SocketAddressFlatType has only two members SOCKET_ADDRESS_FLAT_TYPE_INET and SOCKET_ADDRESS_FLAT_TYPE_UNIX. Correct, but won't stay correct. Make them more robust. Signed-off-by: Markus Armbruster <armbru@redhat.com> Reviewed-by: Max Reitz <mreitz@redhat.com> Reviewed-by: Jeff Cody <jcody@redhat.com> Message-id: 1490895797-29094-6-git-send-email-armbru@redhat.com Signed-off-by: Max Reitz <mreitz@redhat.com>
2017-04-03block: Document -drive problematic code and bugsMarkus Armbruster
-blockdev and blockdev_add convert their arguments via QObject to BlockdevOptions for qmp_blockdev_add(), which converts them back to QObject, then to a flattened QDict. The QDict's members are typed according to the QAPI schema. -drive converts its argument via QemuOpts to a (flat) QDict. This QDict's members are all QString. Thus, the QType of a flat QDict member depends on whether it comes from -drive or -blockdev/blockdev_add, except when the QAPI type maps to QString, which is the case for 'str' and enumeration types. The block layer core extracts generic configuration from the flat QDict, and the block driver extracts driver-specific configuration. Both commonly do so by converting (parts of) the flat QDict to QemuOpts, which turns all values into strings. Not exactly elegant, but correct. However, A few places access the flat QDict directly: * Most of them access members that are always QString. Correct. * bdrv_open_inherit() accesses a boolean, carefully. Correct. * nfs_config() uses a QObject input visitor. Correct only because the visited type contains nothing but QStrings. * nbd_config() and ssh_config() use a QObject input visitor, and the visited types contain non-QStrings: InetSocketAddress members @numeric, @to, @ipv4, @ipv6. -drive works as long as you don't try to use them (they're all optional). @to is ignored anyway. Reproducer: -drive driver=ssh,server.host=h,server.port=22,server.ipv4,path=p -drive driver=nbd,server.type=inet,server.data.host=h,server.data.port=22,server.data.ipv4 both fail with "Invalid parameter type for 'data.ipv4', expected: boolean" Add suitable comments to all these places. Mark the buggy ones FIXME. "Fortunately", -drive's driver-specific options are entirely undocumented. Signed-off-by: Markus Armbruster <armbru@redhat.com> Message-id: 1490895797-29094-5-git-send-email-armbru@redhat.com [mreitz: Fixed two typos] Reviewed-by: Eric Blake <eblake@redhat.com> Signed-off-by: Max Reitz <mreitz@redhat.com>
2017-04-03io vnc sockets: Clean up SocketAddressKind switchesMarkus Armbruster
We have quite a few switches over SocketAddressKind. Some have case labels for all enumeration values, others rely on a default label. Some abort when the value isn't a valid SocketAddressKind, others report an error then. Unify as follows. Always provide case labels for all enumeration values, to clarify intent. Abort when the value isn't a valid SocketAddressKind, because the program state is messed up then. Improve a few error messages while there. Signed-off-by: Markus Armbruster <armbru@redhat.com> Reviewed-by: Max Reitz <mreitz@redhat.com> Message-id: 1490895797-29094-4-git-send-email-armbru@redhat.com Signed-off-by: Max Reitz <mreitz@redhat.com>
2017-04-03char: Fix socket with "type": "vsock" addressMarkus Armbruster
Watch this: $ qemu-system-x86_64 -nodefaults -S -display none -qmp stdio {"QMP": {"version": {"qemu": {"micro": 91, "minor": 8, "major": 2}, "package": " (v2.8.0-1195-gf84141e-dirty)"}, "capabilities": []}} { "execute": "qmp_capabilities" } {"return": {}} { "execute": "chardev-add", "arguments": { "id": "chr0", "backend": { "type": "socket", "data": { "addr": { "type": "vsock", "data": { "cid": "CID", "port": "P" }}}}}} Aborted (core dumped) Crashes because SocketAddress_to_str() is blissfully unaware of SOCKET_ADDRESS_KIND_VSOCK. Fix that. Pick the output format to match socket_parse(), just like the existing formats. Cc: Stefan Hajnoczi <stefanha@redhat.com> Cc: Paolo Bonzini <pbonzini@redhat.com> Cc: Marc-André Lureau <marcandre.lureau@redhat.com> Signed-off-by: Markus Armbruster <armbru@redhat.com> Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com> Reviewed-by: Max Reitz <mreitz@redhat.com> Message-id: 1490895797-29094-3-git-send-email-armbru@redhat.com Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com> Signed-off-by: Max Reitz <mreitz@redhat.com>
2017-04-03nbd sockets vnc: Mark problematic address family tests TODOMarkus Armbruster
Certain features make sense only with certain address families. For instance, passing file descriptors requires AF_UNIX. Testing SocketAddress's saddr->type == SOCKET_ADDRESS_KIND_UNIX is obvious, but problematic: it can't recognize AF_UNIX when type == SOCKET_ADDRESS_KIND_FD. Mark such tests of saddr->type TODO. We may want to check the address family with getsockname() there. Cc: Paolo Bonzini <pbonzini@redhat.com> Cc: Gerd Hoffmann <kraxel@redhat.com> Cc: Daniel P. Berrange <berrange@redhat.com> Signed-off-by: Markus Armbruster <armbru@redhat.com> Reviewed-by: Max Reitz <mreitz@redhat.com> Reviewed-by: Eric Blake <eblake@redhat.com> Message-id: 1490895797-29094-2-git-send-email-armbru@redhat.com Signed-off-by: Max Reitz <mreitz@redhat.com>
2017-04-03block: add missed aio_context_acquire into release_driveDenis V. Lunev
Recently we expirience hang with iothreads enabled with the following call trace: Thread 1 (Thread 0x7fa95efebc80 (LWP 177117)): 0 ppoll () from /lib64/libc.so.6 2 qemu_poll_ns () at qemu-timer.c:313 3 aio_poll () at aio-posix.c:457 4 bdrv_flush () at block/io.c:2641 5 bdrv_close () at block.c:2143 6 bdrv_delete () at block.c:2352 7 bdrv_unref () at block.c:3429 8 blk_remove_bs () at block/block-backend.c:427 9 blk_delete () at block/block-backend.c:178 10 blk_unref () at block/block-backend.c:226 11 object_property_del_all () at qom/object.c:399 12 object_finalize () at qom/object.c:461 13 object_unref () at qom/object.c:898 14 object_property_del_child () at qom/object.c:422 15 qmp_marshal_device_del () at qmp-marshal.c:1145 16 handle_qmp_command () at /usr/src/debug/qemu-2.6.0/monitor.c:3929 Technically bdrv_flush() stucks in while (rwco.ret == NOT_DONE) { aio_poll(aio_context, true); } but rwco.ret is equal to 0 thus we have missed wakeup. Code investigation reveals that we do not have performed aio_context_acquire() on this call stack. This patch adds missed lock. Signed-off-by: Denis V. Lunev <den@openvz.org> CC: Kevin Wolf <kwolf@redhat.com> CC: Max Reitz <mreitz@redhat.com> CC: Eric Blake <eblake@redhat.com> CC: Markus Armbruster <armbru@redhat.com> Message-id: 1490717566-25516-1-git-send-email-den@openvz.org Reviewed-by: Fam Zheng <famz@redhat.com> Signed-off-by: Max Reitz <mreitz@redhat.com>
2017-04-03usb-host: switch to LIBUSB_API_VERSIONGerd Hoffmann
libusbx doesn't exist any more, the fork got merged back to libusb. So stop using LIBUSBX_API_VERSION and use LIBUSB_API_VERSION instead. For backward compatibility alias LIBUSB_API_VERSION to LIBUSBX_API_VERSION in case we figure LIBUSB_API_VERSION isn't defined. Signed-off-by: Gerd Hoffmann <kraxel@redhat.com> Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com> Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org> Tested-by: Peter Maydell <peter.maydell@linaro.org> Message-id: 20170403105238.23262-1-kraxel@redhat.com
2017-04-03disas/cris.c: Avoid unintentional sign extensionPeter Maydell
Commit 001ebaca7b11 fixed some unintended sign extension issues spotted by Coverity (CID 1005402, 1005403), but didn't catch all of them. Fix the rest, so we behave consistently whether 'long' is 32 bit or 64 bit. Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com> Message-id: 1490970671-20560-1-git-send-email-peter.maydell@linaro.org
2017-04-03configure: Mark SPARC as supportedPeter Maydell
Thanks to John Paul Adrian Glaubitz <glaubitz@physik.fu-berlin.de> and the Debian Project, we now have access to a SPARC Linux system we can use for build testing. Move SPARC back into the "supported" list. Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Message-id: 1490698718-23762-1-git-send-email-peter.maydell@linaro.org
2017-04-03tcg/sparc: Zero extend address argument to ld/st helpersPeter Maydell
The C store helper functions take the address argument as a target_ulong type; if this is 32 bit but the host is 64 bit then the SPARC calling convention requires that the caller must zero extend the value. We weren't doing this, which meant we could pass values to the caller with high bits set and QEMU would crash if it was compiled with optimizations. In particular, the i386 BIOS would not start. Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Message-id: 1490871151-29029-3-git-send-email-peter.maydell@linaro.org Reviewed-by: Richard Henderson <rth@twiddle.net>
2017-04-03tcg/sparc: Zero extend data argument to store helpersPeter Maydell
The C store helper functions take the data argument as a uint8_t, uint16_t, etc depending on the store size. The SPARC calling convention requires that data types smaller than the register size must be extended by the caller. We weren't doing this, which meant that if QEMU was compiled with optimizations enabled we could end up storing incorrect values to guest memory. (In particular the i386 guest BIOS would crash on startup.) Add code to the trampolines that call the store helpers to do the zero extension as required. Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org> Message-id: 1490871151-29029-2-git-send-email-peter.maydell@linaro.org Reviewed-by: Richard Henderson <rth@twiddle.net>
2017-04-03exec: revert MemoryRegionCachePaolo Bonzini
MemoryRegionCache did not know about virtio support for IOMMUs (because the two features were developed at the same time). Revert MemoryRegionCache to "normal" address_space_* operations for 2.9, as it is simpler than undoing the virtio patches. Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2017-04-03Merge remote-tracking branch 'remotes/kraxel/tags/pull-fixes-20170403-1' ↵Peter Maydell
into staging bugfixes: xhci, input-linux and vnc # gpg: Signature made Mon 03 Apr 2017 11:25:29 BST # gpg: using RSA key 0x4CB6D8EED3E87138 # gpg: Good signature from "Gerd Hoffmann (work) <kraxel@redhat.com>" # gpg: aka "Gerd Hoffmann <gerd@kraxel.org>" # gpg: aka "Gerd Hoffmann (private) <kraxel@gmail.com>" # Primary key fingerprint: A032 8CFF B93A 17A7 9901 FE7D 4CB6 D8EE D3E8 7138 * remotes/kraxel/tags/pull-fixes-20170403-1: vnc: allow to connect with add_client when -vnc none Fix input-linux reading from device xhci: flush dequeue pointer to endpoint context Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2017-04-03Merge remote-tracking branch 'remotes/dgibson/tags/ppc-for-2.9-20170403' ↵Peter Maydell
into staging ppc patch queue 2017-04-03 A single bugfix in this pull request, for an ugly assert() failure, if the user ignores the information in query-hotpluggable-cpus and tries to hot add CPUs to pseries with bad parameters. # gpg: Signature made Mon 03 Apr 2017 11:06:58 BST # gpg: using RSA key 0x6C38CACA20D9B392 # gpg: Good signature from "David Gibson <david@gibson.dropbear.id.au>" # gpg: aka "David Gibson (Red Hat) <dgibson@redhat.com>" # gpg: aka "David Gibson (ozlabs.org) <dgibson@ozlabs.org>" # gpg: aka "David Gibson (kernel.org) <dwg@kernel.org>" # Primary key fingerprint: 75F4 6586 AE61 A66C C44E 87DC 6C38 CACA 20D9 B392 * remotes/dgibson/tags/ppc-for-2.9-20170403: pseries: Enforce homogeneous threads-per-core Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2017-04-03vnc: allow to connect with add_client when -vnc noneMarc-André Lureau
Do not skip VNC initialization, in particular of auth method when vnc is configured without sockets, since we should still allow connections through QMP add_client. Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=1434551 Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com> Message-id: 20170328160646.21250-1-marcandre.lureau@redhat.com Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2017-04-03Fix input-linux reading from deviceJavier Celaya
The evdev devices in input-linux.c are read in blocks of one whole event. If there are not enough bytes available, they are discarded, instead of being kept for the next read operation. This results in lost events, of even non-working devices. This patch keeps track of the number of bytes to be read to fill up a whole event, and then handle it. Changes from v1 to v2: - Fix: Calculate offset on each iteration Changes from v2 to v3: - Fix coding style - Store offset instead of bytes to be read Signed-off-by: Javier Celaya <jcelaya@gmail.com> Message-id: 20170327182624.2914-1-jcelaya@gmail.com Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2017-04-03xhci: flush dequeue pointer to endpoint contextGerd Hoffmann
When done processing a endpoint ring we must update the dequeue pointer in the endpoint context in guest memory. This is needed to make sure the guest has a correct view of things and also to make live migration work properly, because xhci post_load restores alot of the state from xhci data structures in guest memory. Add xhci_set_ep_state() call to do that. The recursive calls stopped by commit ddb603ab6c981c1d67cb42266fc700c33e5b2d8f had the (unintentional) side effect to hiding this bug. xhci_set_ep_state() was called before processing, to set the state to running, which updated the dequeue pointer too. Reported-by: Dr. David Alan Gilbert <dgilbert@redhat.com> Signed-off-by: Gerd Hoffmann <kraxel@redhat.com> Tested-by: Dr. David Alan Gilbert <dgilbert@redhat.com> Message-id: 20170331102521.29253-1-kraxel@redhat.com
2017-04-03Merge remote-tracking branch 'remotes/cody/tags/block-pull-request' into stagingPeter Maydell
# gpg: Signature made Sat 01 Apr 2017 02:23:29 BST # gpg: using RSA key 0xBDBE7B27C0DE3057 # gpg: Good signature from "Jeffrey Cody <jcody@redhat.com>" # gpg: aka "Jeffrey Cody <jeff@codyprime.org>" # gpg: aka "Jeffrey Cody <codyprime@gmail.com>" # Primary key fingerprint: 9957 4B4D 3474 90E7 9D98 D624 BDBE 7B27 C0DE 3057 * remotes/cody/tags/block-pull-request: block/curl: Check protocol prefix qapi/curl: Extend and fix blockdev-add schema rbd: Fix regression in legacy key/values containing escaped : Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2017-04-03pseries: Enforce homogeneous threads-per-coreDavid Gibson
For reasons that may be useful in future, CPU core objects, as used on the pseries machine type have their own nr-threads property, potentially allowing cores with different numbers of threads in the same system. If the user/management uses the values specified in query-hotpluggable-cpus as they're expected to do, this will never matter in pratice. But that's not actually enforced - it's possible to manually specify a core with a different number of threads from that in -smp. That will confuse the platform - most immediately, this can be used to create a CPU thread with index above max_cpus which leads to an assertion failure in spapr_cpu_core_realize(). For now, enforce that all cores must have the same, standard, number of threads. Signed-off-by: David Gibson <david@gibson.dropbear.id.au> Reviewed-by: Bharata B Rao <bharata@linux.vnet.ibm.com>
2017-04-02nbd: fix memory leak on socket_connect failedyaolujing
When TCP connection fails between nbd server and client, the local var, sioc, memory leak. This patch fixes the memory leak. Signed-off-by: yaolujing <yaolujing@huawei.com> Reviewed-by: Eric Blake <eblake@redhat.com> Message-Id: <1491005709-29989-1-git-send-email-yaolujing@huawei.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2017-04-02ipmi: Fix macro issuesCorey Minyard
Macro parameters should almost always have () around them when used. llvm reported an error on this. Remove redundant parenthesis and put parenthesis around the entire macros with assignments in case they are used in an expression. Remove some unused macros. Reported in https://bugs.launchpad.net/bugs/1651167 Signed-off-by: Corey Minyard <cminyard@mvista.com> Reviewed-by: Eric Blake <eblake@redhat.com> Message-Id: <1490894892-8055-1-git-send-email-minyard@acm.org> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2017-04-02target-i386: fix "info lapic" segfault on isapcTejaswini Poluri
Start QEMU with "qemu-system-x86_64 -nographic -M isapc -serial none-monitor stdio" and enter "info lapic" at the monitor prompt ⇒ Segmentation fault Signed-off-by: Tejaswini Poluri <tejaswinipoluri3@gmail.com> Message-Id: <1490685583-16987-1-git-send-email-tejaswinipoluri3@gmail.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2017-04-02iscsi: drop unused IscsiAIOCB.qiov fieldStefan Hajnoczi
The IscsiAIOCB.qiov field has been unused since commit 063c3378a9e3c25cc0afac3c72e4823d0621e352 ("block/iscsi: introduce bdrv_co_{readv, writev, flush_to_disk}") back in 2013. Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com> Message-Id: <20170327165005.22038-1-stefanha@redhat.com> Reviewed-by: Eric Blake <eblake@redhat.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2017-03-31block/curl: Check protocol prefixMax Reitz
If the user has explicitly specified a block driver and thus a protocol, we have to make sure the URL's protocol prefix matches. Otherwise the latter will silently override the former which might catch some users by surprise. Signed-off-by: Max Reitz <mreitz@redhat.com> Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org> Reviewed-by: Jeff Cody <jcody@redhat.com> Reviewed-by: Eric Blake <eblake@redhat.com> Message-id: 20170331120431.1767-3-mreitz@redhat.com Signed-off-by: Jeff Cody <jcody@redhat.com>
2017-03-31qapi/curl: Extend and fix blockdev-add schemaMax Reitz
The curl block driver accepts more options than just "filename"; also, the URL is actually expected to be passed through the "url" option instead of "filename". Signed-off-by: Max Reitz <mreitz@redhat.com> Reviewed-by: Jeff Cody <jcody@redhat.com> Reviewed-by: Eric Blake <eblake@redhat.com> Message-id: 20170331120431.1767-2-mreitz@redhat.com Signed-off-by: Jeff Cody <jcody@redhat.com>
2017-03-31rbd: Fix regression in legacy key/values containing escaped :Eric Blake
Commit c7cacb3 accidentally broke legacy key-value parsing through pseudo-filename parsing of -drive file=rbd://..., for any key that contains an escaped ':'. Such a key is surprisingly common, thanks to mon_host specifying a 'host:port' string. The break happens because passing things from QDict through QemuOpts back to another QDict requires that we pack our parsed key/value pairs into a string, and then reparse that string, but the intermediate string that we created ("key1=value1:key2=value2") lost the \: escaping that was present in the original, so that we could no longer see which : were used as separators vs. those used as part of the original input. Fix it by collecting the key/value pairs through a QList, and sending that list on a round trip through a JSON QString (as in '["key1","value1","key2","value2"]') on its way through QemuOpts, rather than hand-rolling our own string. Since the string is only handled internally, this was faster than creating a full-blown struct of '[{"key1":"value1"},{"key2":"value2"}]', and safer at guaranteeing order compared to '{"key1":"value1","key2":"value2"}'. It would be nicer if we didn't have to round-trip through QemuOpts in the first place, but that's a much bigger task for later. Reproducer: ./x86_64-softmmu/qemu-system-x86_64 -nodefaults -nographic -qmp stdio \ -drive 'file=rbd:volumes/volume-ea141b5c-cdb3-4765-910d-e7008b209a70'\ ':id=compute:key=AQAVkvxXAAAAABAA9ZxWFYdRmV+DSwKr7BKKXg=='\ ':auth_supported=cephx\;none:mon_host=192.168.1.2\:6789'\ ',format=raw,if=none,id=drive-virtio-disk0,'\ 'serial=ea141b5c-cdb3-4765-910d-e7008b209a70,cache=writeback' Even without an RBD setup, this serves a test of whether we get the incorrect parser error of: qemu-system-x86_64: -drive file=rbd:...cache=writeback: conf option 6789 has no value or the correct behavior of hanging while trying to connect to the requested mon_host of 192.168.1.2:6789. Reported-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com> Signed-off-by: Eric Blake <eblake@redhat.com> Reviewed-by: Jeff Cody <jcody@redhat.com> Reviewed-by: Max Reitz <mreitz@redhat.com> Message-id: 20170331152730.12514-1-eblake@redhat.com Signed-off-by: Jeff Cody <jcody@redhat.com>
2017-03-31Merge remote-tracking branch 'remotes/awilliam/tags/vfio-updates-20170331.0' ↵Peter Maydell
into staging VFIO fixes 2017-03-31 - We can't disable stolen memory for UPT mode, it breaks Windows drivers on Gen9+ IGD (Xiong Zhang) # gpg: Signature made Fri 31 Mar 2017 17:13:48 BST # gpg: using RSA key 0x239B9B6E3BB08B22 # gpg: Good signature from "Alex Williamson <alex.williamson@redhat.com>" # gpg: aka "Alex Williamson <alex@shazbot.org>" # gpg: aka "Alex Williamson <alwillia@redhat.com>" # gpg: aka "Alex Williamson <alex.l.williamson@gmail.com>" # Primary key fingerprint: 42F6 C04E 540B D1A9 9E7B 8A90 239B 9B6E 3BB0 8B22 * remotes/awilliam/tags/vfio-updates-20170331.0: Revert "vfio/pci-quirks.c: Disable stolen memory for igd VFIO" Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2017-03-31Revert "vfio/pci-quirks.c: Disable stolen memory for igd VFIO"Xiong Zhang
This reverts commit c2b2e158cc7b1cb431bd6039824ec13c3184a775. The original patch intend to prevent linux i915 driver from using stolen meory. But this patch breaks windows IGD driver loading on Gen9+, as IGD HW will use stolen memory on Gen9+, once windows IGD driver see zero size stolen memory, it will unload. Meanwhile stolen memory will be disabled in 915 when i915 run as a guest. Signed-off-by: Xiong Zhang <xiong.y.zhang@intel.com> [aw: Gen9+ is SkyLake and newer] Signed-off-by: Alex Williamson <alex.williamson@redhat.com>
2017-03-31Merge remote-tracking branch 'remotes/dgilbert/tags/pull-hmp-20170331' into ↵Peter Maydell
staging HMP pull (one bugfix) # gpg: Signature made Fri 31 Mar 2017 11:57:17 BST # gpg: using RSA key 0x0516331EBC5BFDE7 # gpg: Good signature from "Dr. David Alan Gilbert (RH2) <dgilbert@redhat.com>" # gpg: WARNING: This key is not certified with a trusted signature! # gpg: There is no indication that the signature belongs to the owner. # Primary key fingerprint: 45F5 C71B 4A0C B7FB 977A 9FA9 0516 331E BC5B FDE7 * remotes/dgilbert/tags/pull-hmp-20170331: hmp: fix "dump-quest-memory" segfault Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2017-03-31hw/intc/arm_gicv3_kvm: Check KVM_DEV_ARM_VGIC_GRP_CPU_SYSREGS in resetEric Auger
KVM_DEV_ARM_VGIC_GRP_CPU_SYSREGS needs to be checked before attempting to read ICC_CTLR_EL1; otherwise kernel versions not exposing this kvm device group will be incompatible with qemu 2.9. Fixes: 07a5628 ("hw/intc/arm_gicv3_kvm: Reset GICv3 cpu interface registers") Signed-off-by: Eric Auger <eric.auger@redhat.com> Reported-by: Prakash B <bjsprakash.linux@gmail.com> Tested-by: Alexander Graf <agraf@suse.de> Message-id: 1490721640-13052-1-git-send-email-eric.auger@redhat.com Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2017-03-31hmp: fix "dump-quest-memory" segfaultIwona Kotlarska
Running QEMU with "qemu-system-x86_64 -M none -nographic -m 256" and executing "dump-guest-memory /dev/null 0 8192" results in segfault. Fix by checking if we have CPU. Signed-off-by: Iwona Kotlarska <iwona260909@gmail.com> Message-Id: <20170330050924.22134-1-iwona260909@gmail.com> Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com> Reviewed-by: Marcel Apfelbaum <marcel@redhat.com> Reviewed-by: Eduardo Habkost <ehabkost@redhat.com> Signed-off-by: Dr. David Alan Gilbert <dgilbert@redhat.com> Fixed up title
2017-03-31Merge remote-tracking branch 'remotes/mdroth/tags/qga-pull-2017-03-30-tag' ↵Peter Maydell
into staging qemu-ga patch queue for 2.9 * fix make check failure of guest-get-fsinfo when nested virtual block device partitions are mounted in the test environment * fix static compilation for mingw builds # gpg: Signature made Fri 31 Mar 2017 04:52:40 BST # gpg: using RSA key 0x3353C9CEF108B584 # gpg: Good signature from "Michael Roth <flukshun@gmail.com>" # gpg: aka "Michael Roth <mdroth@utexas.edu>" # gpg: aka "Michael Roth <mdroth@linux.vnet.ibm.com>" # Primary key fingerprint: CEAC C9E1 5534 EBAB B82D 3FA0 3353 C9CE F108 B584 * remotes/mdroth/tags/qga-pull-2017-03-30-tag: qga: Make qemu-ga compile statically for Windows qga: don't fail if mount doesn't have slave devices Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2017-03-31Merge remote-tracking branch 'remotes/jasowang/tags/net-pull-request' into ↵Peter Maydell
staging # gpg: Signature made Fri 31 Mar 2017 01:50:55 BST # gpg: using RSA key 0xEF04965B398D6211 # gpg: Good signature from "Jason Wang (Jason Wang on RedHat) <jasowang@redhat.com>" # gpg: WARNING: This key is not certified with sufficiently trusted signatures! # gpg: It is not certain that the signature belongs to the owner. # Primary key fingerprint: 215D 46F4 8246 689E C77F 3562 EF04 965B 398D 6211 * remotes/jasowang/tags/net-pull-request: e1000: disable debug by default virtio-net: avoid call tap_enable when there's only one queue Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2017-03-30qga: Make qemu-ga compile statically for WindowsSameeh Jubran
Attempting to compile qemu-ga statically as follows for Windows causes the following error: Compilation: ./configure --disable-docs --target-list=x86_64-softmmu \ --cross-prefix=x86_64-w64-mingw32- --static \ --enable-guest-agent-msi --with-vss-sdk=/path/to/VSSSDK72 make -j8 qemu-ga Error: path/to/qemu/stubs/error-printf.c:7: undefined reference to `__imp_g_test_config_vars' collect2: error: ld returned 1 exit status Makefile:444: recipe for target 'qemu-ga.exe' failed make: *** [qemu-ga.exe] Error 1 This is caused by a bug in the pkg-config file for glib as it doesn't define GLIB_STATIC_COMPILATION for pkg-config --static. Signed-off-by: Sameeh Jubran <sameeh@daynix.com> Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com> Signed-off-by: Michael Roth <mdroth@linux.vnet.ibm.com>
2017-03-31e1000: disable debug by defaultJason Wang
Disable debug output by default, the information were not needed for release. Cc: Peter Maydell <peter.maydell@linaro.org> Cc: Stefan Hajnoczi <stefanha@gmail.com> Cc: Leonid Bloch <leonid.bloch@ravellosystems.com> Cc: Dmitry Fleytman <dmitry.fleytman@ravellosystems.com> Cc: qemu-stable@nongnu.org Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com> Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org> Signed-off-by: Jason Wang <jasowang@redhat.com>
2017-03-31virtio-net: avoid call tap_enable when there's only one queueJason Wang
We call tap_enable() even if for multiqueue is not enabled. This is wrong since it should be used for multiqueue codes to enable a disabled queue. Fixing this by only calling this when multiqueue is used. Fixes: 16dbaf905b72 ("tap: support enabling or disabling a queue") Reported-by: Andrew Baumann <Andrew.Baumann@microsoft.com> Tested-by: Andrew Baumann <Andrew.Baumann@microsoft.com> Cc: qemu-stable@nongnu.org Signed-off-by: Jason Wang <jasowang@redhat.com>