Age | Commit message (Collapse) | Author |
|
Hello,
the real world issue is that the hardware allows sends up to 2600 bytes,
and for some reason FreeBSD sometimes sends frames larger than the
ethernet frame size (102+1460 is the maximum I have seen so far),
overflowing the on-stack tx buffer of the driver.
Independent of that, the code should avoid allowing the guest to
overwrite the stack.
This is a minimal patch to fix the issue (you could leave out the size
change of the buf array as well, networking still seems to work either
way). Obviously there are better ways to handle it, but a proper fix IMO
would involve first getting rid of the code duplication and given the
number of patches pending for that code I see no point in working on that now.
Signed-off-by: Reimar Döffinger <Reimar.Doeffinger@gmx.de>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
|
|
If a flash file of size smaller than the flash size is specified in
the -pflash option, the block driver returns error. But the
pflash_cfi0x ignores the error. This results in a flash content of all
zeroes. And the simulation aborts while executing code.
This patch adds the checks for errors from bdrv_read and escalates it
to the calling code.
Signed-off-by: Vijay Kumar B. <vijaykumar@bravegnu.org>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
|
|
cpu_synchronize_state() is a little unreadable since the 'modified'
argument isn't self-explanatory. Simplify it by making it always
synchronize the kernel state into qemu, and automatically flush the
registers back to the kernel if they've been synchronized on this
exit.
Signed-off-by: Avi Kivity <avi@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
|
|
-watchdog NAME is now equivalent to -device NAME, except it treats
option argument '?' specially, and supports only one watchdog.
A side effect is that a device created with -watchdog may now receive
a different PCI address.
i6300esb is now available on any machine with a PCI bus, not just PCs.
ib700 is still PC only, but that could be changed easily.
The only remaining use of struct WatchdogTimerModel and
watchdog_add_model() is supporting '-watchdog ?'. Should be replaced
by searching device_info_list for watchdog devices when we can
identify them there.
Also fixes ib700 not to use vm_clock before it is initialized: in
wdt_ib700_init(), called from register_watchdogs(), which runs before
init_timers(). The bug made ib700_write_enable_reg() crash in
qemu_del_timer().
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
|
|
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
|
|
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
|
|
The bdrv_aio_{read,write} routines can return a NULL pointer when the
I/O submission fails. Currently we ignore this and will wait forever
for an I/O completion and leading to a hang of the guest.
I can easily reproduce this using the native Linux AIO patch, but it's
also possible using normal pthreads-based AIO.
Signed-off-by: Christoph Hellwig <hch@lst.de>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
|
|
It isn't obvious what 'dvq' stands for. Since it's the output queue and
the corresponding input queue is called 'ivq', call this 'ovq'
Signed-off-by: Amit Shah <amit.shah@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
|
|
Remove some redundant definitions for PCI classes:
PCI_CLASS_SERIAL_OTHER already exists as PCI_CLASS_COMMUNICATION_OTHER
and PCI_CLASS_PROCESSOR_CO is redefined.
PCI_CLASS_SERIAL_OTHER is not used anywhere.
Signed-off-by: Amit Shah <amit.shah@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
|
|
This uses a run_after_load() function, and VMSTATE_PCI_DEVICE()
It could be made smaller changing the type of pm_io_space_update()
to return an int.
Signed-off-by: Juan Quintela <quintela@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
|
|
Signed-off-by: Juan Quintela <quintela@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
|
|
This uses a variant of buffer, with extra checks. Also uses the new
support for cheking that a read value is less or equal than a field.
Signed-off-by: Juan Quintela <quintela@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
|
|
It is needed for VMState
Signed-off-by: Juan Quintela <quintela@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
|
|
We read the saved value and check that it is less or equal than the one
stored in the structure.
Signed-off-by: Juan Quintela <quintela@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
|
|
This uses STRUCT and BUFFER
Signed-off-by: Juan Quintela <quintela@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
|
|
This patch adds support for static sized buffer and typecheks that the buffer is right.
Signed-off-by: Juan Quintela <quintela@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
|
|
This uses VARRAY and INT32_EQUAL values
Signed-off-by: Juan Quintela <quintela@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
|
|
This patch add supports for variable sized arrays whose size is
another field of the state.
Signed-off-by: Juan Quintela <quintela@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
|
|
We read the saved value and check that it is the same that the one
is stored in the structure.
Signed-off-by: Juan Quintela <quintela@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
|
|
Signed-off-by: Juan Quintela <quintela@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
|
|
This patch add supports for arrays of structs
Signed-off-by: Juan Quintela <quintela@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
|
|
This patch adds support for saving one VMStateDescription from other
VMStateDescription.
Signed-off-by: Juan Quintela <quintela@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
|
|
Signed-off-by: Juan Quintela <quintela@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
|
|
This patch adds support for saving arrays inside the struct
Signed-off-by: Juan Quintela <quintela@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
|
|
This patch adds support for saving pointers to values
Signed-off-by: Juan Quintela <quintela@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
|
|
This patch introduces VMState infrastructure, to convert the save/load
functions of devices to a table approach. This new approach has the
following advantages:
- it is type-safe
- you can't have load/save functions out of sync
- will allows us to have new interesting commands, like dump <device>, that
shows all its internal state.
- Just now, the only added type is arrays, but we can add structures.
- Uses old load_state() function for loading old state.
Signed-off-by: Juan Quintela <quintela@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
|
|
Signed-off-by: Juan Quintela <quintela@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
|
|
Now with isa-bus maintaining the isa irqs we can move the
isa_connect_irq() calls into isa_create_simple().
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
|
|
Introduce isa_reserve_irq() which marks an irq reserved and returns
the appropriate qemu_irq entry from the i8259 table.
isa_reserve_irq() is a temporary interface to be used to allocate ISA
IRQs for devices which have not yet been converted to qdev, and for
special cases which are not suited for qdev conversions, such as the
'ferr'.
This patch goes on top of Gerd Hoffmann's which makes isa-bus.c own
the ISA irq table.
[ added isa-bus.o to some targets to fix build failures -- kraxel ]
Signed-off-by: Jes Sorensen <jes@sgi.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
|
|
Changes:
(1) make isa-bus maintain isa irqs, complain when allocating
already taken irqs.
(2) note that (1) works only for isa devices converted to qdev
already (floppy and ps2/kbd/mouse right now), so more work
is needed to make this really useful.
(3) split floppy init into isa and sysbus versions.
(4) add sysbus->isa bridge & fix -M isapc breakage.
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
|
|
Bug fix for segfault when run as i82551 HW:
Use Extended TBD only when HW supports it (i82558 and up).
Added assertions to guard from such buffer overflow
Introduce the MAX_TCB_BYTE_COUNT macro
Allocate buf big enough as HW needs (MAX_ETH_FRAME_SIZE -> MAX_TCB_BYTE_COUNT)
I don't feel 100% OK with the "s->device >= i82558B" condition
since it relies on the numeric (hex) value of those defines, which currently
is correct, but changes (which I don't forsee now) might break it.
Signed-off-by: Naphtali Sprei <nsprei@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
|
|
Suppress the following compiler warning emitted by at least gcc version 4.2.1 (SUSE Linux)
and gcc version 3.4.5 (mingw32 special):
hw/pci-hotplug.c: In function 'pci_device_hot_add':
hw/pci-hotplug.c:102: warning: 'dinfo' may be used uninitialized in this function
hw/pci-hotplug.c:102: note: 'dinfo' was declared here
Signed-off-by: Sebastian Herbszt <herbszt@gmx.de>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
|
|
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Cc: Chris Lalancette <clalance@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
|
|
Level 15 interrupts are broadcast to all CPUs, each CPU can clear the
interrupt using the local Clear Pending register.
Update intbit_to_level table.
Don't try to raise level 0 interrupts.
Calculate pending interrupts based on the separate inputs from master
register. Setting or resetting the pending level isn't correct because of
overlap of levels.
Level 14 is always used for CPU timer interrupts, remove the property.
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
|
|
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
|
|
The ne2k is an ancient card that performs pretty terribly under QEMU. In many
modern OSes, there is no longer drivers available for the ne2k.
Switch the default network adapter to e1000. This card is more widely
suppported and performs rather well under QEMU. There may be very old OSes
that had a ne2k driver but not an e1000 driver but I think this is likely the
exception.
I think the average user is better served with an e1000 vs ne2k.
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
|
|
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
|
|
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
|
|
While reading Chris's code for fd migration I noticed the duplication
between QEMUFilePopen and QEMUFileStdio. This fixes it, and makes
qemu_fopen more similar qemu_popen.
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
|
|
kqemu introduces a number of restrictions on the i386 target. The worst is that
it prevents large memory from working in the default build.
Furthermore, kqemu is fundamentally flawed in a number of ways. It relies on
the TSC as a time source which will not be reliable on a multiple processor
system in userspace. Since most modern processors are multicore, this severely
limits the utility of kqemu.
kvm is a viable alternative for people looking to accelerate qemu and has the
benefit of being supported by the upstream Linux kernel. If someone can
implement work arounds to remove the restrictions introduced by kqemu, I'm
happy to avoid and/or revert this patch.
N.B. kqemu will still function in the 0.11 series but this patch removes it from
the 0.12 series.
Paul, please Ack or Nack this patch.
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
|
|
Instead of calling the IOAPIC from the PIC, raise IOAPIC irqs via the ISA bus.
As a side effect, IOAPIC lines 16-23 are enabled.
Signed-off-by: Avi Kivity <avi@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
|
|
A PC has its motherboard IRQ lines connected to both the PIC and IOAPIC.
Currently, qemu routes IRQs to the PIC which then calls the IOAPIC, an
incestuous arrangement. In order to clean this up, create a new ISA IRQ
abstraction, and have devices raise ISA IRQs (which in turn raise the i8259
IRQs as usual).
Signed-off-by: Avi Kivity <avi@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
|
|
Hi,
After discussing the issue with Avi, Gleb and a couple others on irq,
we came to the conclusion that it is preferred to have QEMU request
features from the BIOS, rather than notifying the BIOS that it is
running on QEMU or KVM. This way memory ranges can change etc. and
an older BIOS will continue to work on newer QEMU if it receives the
info as a fw_cfg value.
This one also matches what qemu-kvm does for irq0override, except I
haven't made it configurable. I leave that as an exercise for whoever
would be interested in switching off irq0override.
Thanks,
Jes
Set irq0 override in fw_cfg, informing the BIOS that QEMU expects
override on irq0. This matches qemu-kvm, and will help sharing a
single BIOS binary.
Signed-off-by: Jes Sorensen <jes@sgi.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
|
|
For the lulz I implemented basic SMART functionality in ide.c. smartctl
on linux recognizes it just fine and starting self tests with it
complete successfully.
Signed-off-by: Brian Wheeler <bdwheele@indiana.edu>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
|
|
Hi all,
currently the vga screen_dump code doesn't use the DisplayState
interface properly and tries to replace it temporarily while taking the
screenshot.
A better approach is to register a DisplayChangeListener, call
vga_hw_update, and finally write the ppm in the next call from dpy_update.
Testing is appreciated.
Signed-off-by: Stefano Stabellini <stefano.stabellini@eu.citrix.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
|
|
Signed-off-by: malc <av1474@comtv.ru>
|
|
Signed-off-by: Juan Quintela <quintela@redhat.com>
|
|
was incorrect.
|
|
qemu-system-arm (0.10.5) segfaults when invoked with a PXA machine target,
e.g. -M tosa. The reason is fairly obvious:
Signed-off-by: Torsten Duwe <duwe@lst.de>
Signed-off-by: Christoph Hellwig <hch@lst.de>
Signed-off-by: Andrzej Zaborowski <balrogg@gmail.com>
|
|
Hello,
for what I can tell, there is no way for vmware_vga to work correctly
right now. It assumes that the framebuffer bits-per-pixel and the one
from the DisplaySurface are identical (it uses directly the VRAM from
vga.c), but it always assumes 3 bytes per pixel, which is never possible
with the current version of DisplaySurface.
Attached patch fixes that by using ds_get_bits_per_pixel.
|