[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Qemu-commits] [qemu/qemu] d9bcd6: scsi-generic: Add share-rw option
|
From: |
GitHub |
|
Subject: |
[Qemu-commits] [qemu/qemu] d9bcd6: scsi-generic: Add share-rw option |
|
Date: |
Tue, 16 Jan 2018 09:09:57 -0800 |
Branch: refs/heads/master
Home: https://github.com/qemu/qemu
Commit: d9bcd6f7f23a13ea627d8edb85c0706525da0b75
https://github.com/qemu/qemu/commit/d9bcd6f7f23a13ea627d8edb85c0706525da0b75
Author: Fam Zheng <address@hidden>
Date: 2018-01-12 (Fri, 12 Jan 2018)
Changed paths:
M hw/scsi/scsi-generic.c
Log Message:
-----------
scsi-generic: Add share-rw option
Add the property to the device model, then parse it by calling
blkconf_apply_backend_options().
In addition to blk_set_perm(), the called function also handles error
options and wce. For error options we've already checked that the
default values are used, for wce we don't have the option either so it
is always the default (true). In other words there is no change of
behavior in these regards.
Signed-off-by: Fam Zheng <address@hidden>
Message-Id: <address@hidden>
Signed-off-by: Paolo Bonzini <address@hidden>
Commit: 2770c90d432b571cab718e28f838097f0b2201ec
https://github.com/qemu/qemu/commit/2770c90d432b571cab718e28f838097f0b2201ec
Author: Paolo Bonzini <address@hidden>
Date: 2018-01-12 (Fri, 12 Jan 2018)
Changed paths:
M scsi/utils.c
Log Message:
-----------
scsi: fix scsi_convert_sense crash when in_buf == NULL && in_len == 0
scsi_disk_emulate_command passes in_buf == NULL when sent a REQUEST
SENSE command. Check for in_len == 0 before dereferencing in_buf.
Fixes: f68d98b21fa74155dc7c1fd212474379ac3c7531
Reported-by: Roman Kagan <address@hidden>
Tested-by: Roman Kagan <address@hidden>
Signed-off-by: Paolo Bonzini <address@hidden>
Commit: 8cd91acec8dfea6065272ca828405333f564a612
https://github.com/qemu/qemu/commit/8cd91acec8dfea6065272ca828405333f564a612
Author: Haozhong Zhang <address@hidden>
Date: 2018-01-12 (Fri, 12 Jan 2018)
Changed paths:
M hw/i386/pc.c
Log Message:
-----------
pc: fail memory hot-plug/unplug with -no-acpi and Q35 machine type
When -no-acpi option is used with Q35 machine type, no guest ACPI is
built, but the ACPI device is still created, so only checking the
presence of ACPI device before memory plug/unplug is not enough in
such cases. Check whether ACPI is disabled globally in addition and
fail memory plug/unplug if it's disabled.
Signed-off-by: Haozhong Zhang <address@hidden>
Message-Id: <address@hidden>
Reviewed-by: Igor Mammedov <address@hidden>
Signed-off-by: Paolo Bonzini <address@hidden>
Commit: 829600a519386c7b188d5d813e78ba69bf0bd323
https://github.com/qemu/qemu/commit/829600a519386c7b188d5d813e78ba69bf0bd323
Author: Pavel Dovgalyuk <address@hidden>
Date: 2018-01-12 (Fri, 12 Jan 2018)
Changed paths:
M hw/timer/hpet.c
M include/hw/compat.h
Log Message:
-----------
hpet: recover timer offset correctly
HPET saves its state by calculating the current time and recovers timer
offset using this calculated value. But these calculations include
divisions and multiplications. Therefore the timer state cannot be recovered
precise enough.
This patch introduces saving of the original value of the offset to
preserve the determinism of the timer.
Signed-off-by: Pavel Dovgalyuk <address@hidden>
Signed-off-by: Maria Klimushenkova <address@hidden>
Reviewed-by: Juan Quintela <address@hidden>
--
v3: Added compat property for correct migration.
Signed-off-by: Paolo Bonzini <address@hidden>
Commit: 0b368a10c71af96f6cf93b0ba5c2ee3bdbd50e96
https://github.com/qemu/qemu/commit/0b368a10c71af96f6cf93b0ba5c2ee3bdbd50e96
Author: Jan Dakinevich <address@hidden>
Date: 2018-01-12 (Fri, 12 Jan 2018)
Changed paths:
M target/i386/kvm.c
Log Message:
-----------
i386/cpu/kvm: look at PMU's CPUID before setting MSRs
Certain PMU-related MSRs are not supported for CPUs with PMU
architecture below version 2. KVM rejects any access to them (see
intel_is_valid_msr_idx routine in KVM), and QEMU fails on the following
assertion:
kvm_put_msrs: Assertion `ret == cpu->kvm_msr_buf->nmsrs' failed.
QEMU also could fail if KVM exposes less fixed counters then 3. It could
happen if host system run inside another hypervisor, which is tweaking
PMU-related CPUID. To prevent possible fail, number of fixed counters now is
obtained in the same way as number of GP counters.
Reviewed-by: Roman Kagan <address@hidden>
Signed-off-by: Jan Dakinevich <address@hidden>
Message-Id: <address@hidden>
Signed-off-by: Paolo Bonzini <address@hidden>
Commit: 91e14fb8e9ee351f01ffe391d7a45cccc3b8da65
https://github.com/qemu/qemu/commit/91e14fb8e9ee351f01ffe391d7a45cccc3b8da65
Author: Peter Xu <address@hidden>
Date: 2018-01-12 (Fri, 12 Jan 2018)
Changed paths:
M chardev/char-fe.c
Log Message:
-----------
chardev: use backend chr context when watch for fe
In commit 6bbb6c0644 ("chardev: use per-dev context for
io_add_watch_poll", 2017-09-22) all the chardev watches are converted to
use per-chardev gcontext to support chardev to be run outside default
main thread. However that's still missing one call from the frontend
code. Touch that up.
Reviewed-by: Stefan Hajnoczi <address@hidden>
Reviewed-by: Marc-André Lureau <address@hidden>
Signed-off-by: Peter Xu <address@hidden>
Message-Id: <address@hidden>
Signed-off-by: Paolo Bonzini <address@hidden>
Commit: 938eb9e9c83d34d90cac6ec5c5388e7998840e4e
https://github.com/qemu/qemu/commit/938eb9e9c83d34d90cac6ec5c5388e7998840e4e
Author: Peter Xu <address@hidden>
Date: 2018-01-12 (Fri, 12 Jan 2018)
Changed paths:
M chardev/char-pty.c
Log Message:
-----------
chardev: let g_idle_add() be with chardev gcontext
The idle task will be attached to main gcontext even if the chardev
backend is running in another gcontext. Fix the only caller by
extending the g_idle_add() logic into the more powerful
g_source_attach(). It's basically g_idle_add_full() implementation, but
with the chardev's gcontext passed in.
Signed-off-by: Peter Xu <address@hidden>
Message-Id: <address@hidden>
Signed-off-by: Paolo Bonzini <address@hidden>
Commit: 2c716ba1506769c9be2caa02f0f6d6e7c00f4304
https://github.com/qemu/qemu/commit/2c716ba1506769c9be2caa02f0f6d6e7c00f4304
Author: Peter Xu <address@hidden>
Date: 2018-01-12 (Fri, 12 Jan 2018)
Changed paths:
M chardev/char-pty.c
M chardev/char-socket.c
M chardev/char.c
M hw/char/terminal3270.c
M include/chardev/char.h
Log Message:
-----------
chardev: introduce qemu_chr_timeout_add_ms()
It's a replacement of g_timeout_add[_seconds]() for chardevs. Chardevs
now can have dedicated gcontext, we should always bind chardev tasks
onto those gcontext rather than the default main context. Since there
are quite a few of g_timeout_add[_seconds]() callers, a new function
qemu_chr_timeout_add_ms() is introduced.
One thing to mention is that, terminal3270 is still always running on
main gcontext. However let's convert that as well since it's still part
of chardev codes and in case one day we'll miss that when we move it out
of main gcontext too.
Also, convert all the timers from GSource tags into GSource pointers.
Gsource tag IDs and g_source_remove()s can only work with default
gcontext, while now these GSources can logically be attached to other
contexts. So let's use explicit g_source_destroy() plus another
g_source_unref() to remove a timer.
Note: when in the timer handler, we don't need the g_source_destroy()
any more since that'll be done automatically if the timer handler
returns false (and that's what all the current handlers do).
Yet another note: in pty_chr_rearm_timer() we take special care for
ms=1000. This patch merged the two cases into one.
Signed-off-by: Peter Xu <address@hidden>
Message-Id: <address@hidden>
Signed-off-by: Paolo Bonzini <address@hidden>
Commit: 14ab3aa7dc43b2eebbdf8b04a3b351b5ca5e13fe
https://github.com/qemu/qemu/commit/14ab3aa7dc43b2eebbdf8b04a3b351b5ca5e13fe
Author: Marc-André Lureau <address@hidden>
Date: 2018-01-12 (Fri, 12 Jan 2018)
Changed paths:
M configure
Log Message:
-----------
build-sys: fix qemu-ga -pthread linking
When linking qemu-ga under some configuration (when gthread-2.0.pc
doesn't have -pthread, as happening atm with meson build), you may
have this linking issue:
/usr/bin/ld: libqemuutil.a(qemu-thread-posix.o): undefined reference to symbol
'pthread_setname_np@@GLIBC_2.12'
/usr/lib64/libpthread.so.0: error adding symbols: DSO missing from command line
Make sure qemu-ga links with the pthread library, by adding correct
flags to libs_qga.
This is really a QEMU bug, because it's QEMU code that's using pthread
functions, and so we must explicitly link against pthreads. The bug
was just masked by the fact that often some pkg-config or another for
one of our dependencies will add -pthread to the link line anyway.
Signed-off-by: Marc-André Lureau <address@hidden>
Reviewed-by: Peter Maydell <address@hidden>
Message-Id: <address@hidden>
Signed-off-by: Paolo Bonzini <address@hidden>
Commit: 42a77f1ce4934b243df003f95bda88530631387a
https://github.com/qemu/qemu/commit/42a77f1ce4934b243df003f95bda88530631387a
Author: Marc-André Lureau <address@hidden>
Date: 2018-01-12 (Fri, 12 Jan 2018)
Changed paths:
M Makefile
M rules.mak
Log Message:
-----------
build-sys: silence make by default or V=0
Move generic make flags in MAKEFLAGS (SUBDIR_MAKEFLAGS is more qemu specific).
Use --quiet to silence make 'is up to date' message.
Signed-off-by: Marc-André Lureau <address@hidden>
Tested-by: Eric Blake <address@hidden>
Reviewed-by: Paolo Bonzini <address@hidden>
Message-Id: <address@hidden>
Signed-off-by: Paolo Bonzini <address@hidden>
Commit: de1da442ea38b7f4627072df0cd80f3537cf8390
https://github.com/qemu/qemu/commit/de1da442ea38b7f4627072df0cd80f3537cf8390
Author: Marc-André Lureau <address@hidden>
Date: 2018-01-12 (Fri, 12 Jan 2018)
Changed paths:
M Makefile
M docs/devel/build-system.txt
Log Message:
-----------
build-sys: add a rule to print a variable
$ make print-CFLAGS
CFLAGS=-fsanitize=address -Og -g
Trick from various sources:
https://stackoverflow.com/questions/16467718/how-to-print-out-a-variable-in-makefile
https://www.cmcrossroads.com/article/printing-value-makefile-variable
Signed-off-by: Marc-André Lureau <address@hidden>
Reviewed-by: Eric Blake <address@hidden>
Message-Id: <address@hidden>
Tested-by: Philippe Mathieu-Daudé <address@hidden>
Reviewed-by: Philippe Mathieu-Daudé <address@hidden>
Signed-off-by: Paolo Bonzini <address@hidden>
Commit: 906548689e37ab6cca1e93b3f8d9327a4e17e8af
https://github.com/qemu/qemu/commit/906548689e37ab6cca1e93b3f8d9327a4e17e8af
Author: Marc-André Lureau <address@hidden>
Date: 2018-01-12 (Fri, 12 Jan 2018)
Changed paths:
M configure
Log Message:
-----------
build-sys: compile with -Og or -O1 when --enable-debug
When --enable-debug is turned on, configure doesn't set -O level, and
uses default compiler -O0 level, which is slow.
Instead, use -Og if supported by the compiler (optimize debugging
experience), or -O1 (keeps code somewhat debuggable and works around
compiler bugs).
Unfortunately, gcc has many false-positive maybe-uninitialized
errors with Og and O1 (f27 gcc 7.2.1 20170915):
/home/elmarco/src/qemu/hw/ipmi/isa_ipmi_kcs.c: In function
‘ipmi_kcs_ioport_read’:
/home/elmarco/src/qemu/hw/ipmi/isa_ipmi_kcs.c:279:12: error: ‘ret’ may be used
uninitialized in this function [-Werror=maybe-uninitialized]
return ret;
^~~
cc1: all warnings being treated as errors
make: *** [/home/elmarco/src/qemu/rules.mak:66: hw/ipmi/isa_ipmi_kcs.o] Error 1
make: *** Waiting for unfinished jobs....
/home/elmarco/src/qemu/hw/ide/ahci.c: In function ‘ahci_populate_sglist’:
/home/elmarco/src/qemu/hw/ide/ahci.c:903:58: error: ‘tbl_entry_size’ may be
used uninitialized in this function [-Werror=maybe-uninitialized]
if ((off_idx == -1) || (off_pos < 0) || (off_pos > tbl_entry_size)) {
~~~~~~~~~^~~~~~~~~~~~~~~~~
cc1: all warnings being treated as errors
make: *** [/home/elmarco/src/qemu/rules.mak:66: hw/ide/ahci.o] Error 1
/home/elmarco/src/qemu/hw/display/qxl.c: In function ‘qxl_add_memslot’:
/home/elmarco/src/qemu/hw/display/qxl.c:1397:52: error: ‘pci_start’ may be used
uninitialized in this function [-Werror=maybe-uninitialized]
memslot.virt_end = virt_start + (guest_end - pci_start);
~~~~~~~~~~~~~^~~~~~~~~~~~
/home/elmarco/src/qemu/hw/display/qxl.c:1389:9: error: ‘pci_region’ may be used
uninitialized in this function [-Werror=maybe-uninitialized]
qxl_set_guest_bug(d, "%s: pci_region = %d", __func__, pci_region);
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
cc1: all warnings being treated as errors
There seems to be a long list of related bugs in upstream GCC, some of
them are being fixed very recently:
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=24639
For now, let's workaround it by using Wno-maybe-uninitialized (gcc-only).
Suggested-by: Paolo Bonzini <address@hidden>
Signed-off-by: Marc-André Lureau <address@hidden>
Message-Id: <address@hidden>
Tested-by: Philippe Mathieu-Daudé <address@hidden>
Signed-off-by: Paolo Bonzini <address@hidden>
Commit: c08d08b27cadb0809eea25b49d8128e9335b5dce
https://github.com/qemu/qemu/commit/c08d08b27cadb0809eea25b49d8128e9335b5dce
Author: Marc-André Lureau <address@hidden>
Date: 2018-01-12 (Fri, 12 Jan 2018)
Changed paths:
M tests/docker/dockerfiles/fedora.docker
Log Message:
-----------
tests/docker: add some sanitizers to fedora dockerfile
Build fedora image with ASAN/UBSan support.
Signed-off-by: Marc-André Lureau <address@hidden>
Message-Id: <address@hidden>
Tested-by: Philippe Mathieu-Daudé <address@hidden>
Reviewed-by: Philippe Mathieu-Daudé <address@hidden>
Signed-off-by: Paolo Bonzini <address@hidden>
Commit: 11545663d1277c5aecb6ccbcbf6cce78340df7db
https://github.com/qemu/qemu/commit/11545663d1277c5aecb6ccbcbf6cce78340df7db
Author: Marc-André Lureau <address@hidden>
Date: 2018-01-12 (Fri, 12 Jan 2018)
Changed paths:
M tests/docker/test-clang
A tests/docker/test-debug
M tests/docker/test-mingw
Log Message:
-----------
tests/docker: add test-debug
Add a new test with --enable-debug using clang/asan/ubsan, remove
--enable-debug from test-clang & test-mingw.
Signed-off-by: Marc-André Lureau <address@hidden>
Message-Id: <address@hidden>
Tested-by: Philippe Mathieu-Daudé <address@hidden>
Reviewed-by: Philippe Mathieu-Daudé <address@hidden>
Signed-off-by: Paolo Bonzini <address@hidden>
Commit: 87c258cd1e1c10faaeee8016ab6c67de97d6b996
https://github.com/qemu/qemu/commit/87c258cd1e1c10faaeee8016ab6c67de97d6b996
Author: Marc-André Lureau <address@hidden>
Date: 2018-01-16 (Tue, 16 Jan 2018)
Changed paths:
M tests/check-qobject.c
Log Message:
-----------
tests: fix check-qobject leak
/public/qobject_is_equal_conversion: OK
=================================================================
==14396==ERROR: LeakSanitizer: detected memory leaks
Direct leak of 56 byte(s) in 1 object(s) allocated from:
#0 0x7f07682c5850 in malloc (/lib64/libasan.so.4+0xde850)
#1 0x7f0767d12f0c in g_malloc ../glib/gmem.c:94
#2 0x7f0767d131cf in g_malloc_n ../glib/gmem.c:331
#3 0x562bd767371f in do_test_equality
/home/elmarco/src/qq/tests/check-qobject.c:49
#4 0x562bd7674a35 in qobject_is_equal_dict_test
/home/elmarco/src/qq/tests/check-qobject.c:267
#5 0x7f0767d37b04 in test_case_run ../glib/gtestutils.c:2237
#6 0x7f0767d37ec4 in g_test_run_suite_internal ../glib/gtestutils.c:2321
#7 0x7f0767d37f6d in g_test_run_suite_internal ../glib/gtestutils.c:2333
#8 0x7f0767d38184 in g_test_run_suite ../glib/gtestutils.c:2408
#9 0x7f0767d36e0d in g_test_run ../glib/gtestutils.c:1674
#10 0x562bd7674e75 in main /home/elmarco/src/qq/tests/check-qobject.c:327
#11 0x7f0766009039 in __libc_start_main (/lib64/libc.so.6+0x21039)
Signed-off-by: Marc-André Lureau <address@hidden>
Reviewed-by: Markus Armbruster <address@hidden>
Reviewed-by: Philippe Mathieu-Daudé <address@hidden>
Message-Id: <address@hidden>
Signed-off-by: Paolo Bonzini <address@hidden>
Commit: 354711279fcc532cee310ed8098f51403dfef5d9
https://github.com/qemu/qemu/commit/354711279fcc532cee310ed8098f51403dfef5d9
Author: Marc-André Lureau <address@hidden>
Date: 2018-01-16 (Tue, 16 Jan 2018)
Changed paths:
M vl.c
Log Message:
-----------
vl: fix direct firmware directories leak
Note that data_dir[] will now point to allocated strings.
Fixes:
Direct leak of 16 byte(s) in 1 object(s) allocated from:
#0 0x7f1448181850 in malloc (/lib64/libasan.so.4+0xde850)
#1 0x7f1446ed8f0c in g_malloc ../glib/gmem.c:94
#2 0x7f1446ed91cf in g_malloc_n ../glib/gmem.c:331
#3 0x7f1446ef739a in g_strsplit ../glib/gstrfuncs.c:2364
#4 0x55cf276439d7 in main /home/elmarco/src/qq/vl.c:4311
#5 0x7f143dfad039 in __libc_start_main (/lib64/libc.so.6+0x21039)
Signed-off-by: Marc-André Lureau <address@hidden>
Reviewed-by: Eric Blake <address@hidden>
Message-Id: <address@hidden>
Signed-off-by: Paolo Bonzini <address@hidden>
Commit: e5dc1a6c6c4359cd783810f63eb68e9e09350708
https://github.com/qemu/qemu/commit/e5dc1a6c6c4359cd783810f63eb68e9e09350708
Author: Marc-André Lureau <address@hidden>
Date: 2018-01-16 (Tue, 16 Jan 2018)
Changed paths:
M include/qemu/readline.h
M monitor.c
M util/readline.c
Log Message:
-----------
readline: add a free function
Fixes leaks such as:
Direct leak of 2 byte(s) in 1 object(s) allocated from:
#0 0x7eff58beb850 in malloc (/lib64/libasan.so.4+0xde850)
#1 0x7eff57942f0c in g_malloc ../glib/gmem.c:94
#2 0x7eff579431cf in g_malloc_n ../glib/gmem.c:331
#3 0x7eff5795f6eb in g_strdup ../glib/gstrfuncs.c:363
#4 0x55db720f1d46 in readline_hist_add
/home/elmarco/src/qq/util/readline.c:258
#5 0x55db720f2d34 in readline_handle_byte
/home/elmarco/src/qq/util/readline.c:387
#6 0x55db71539d00 in monitor_read /home/elmarco/src/qq/monitor.c:3896
#7 0x55db71f9be35 in qemu_chr_be_write_impl
/home/elmarco/src/qq/chardev/char.c:167
#8 0x55db71f9bed3 in qemu_chr_be_write
/home/elmarco/src/qq/chardev/char.c:179
#9 0x55db71fa013c in fd_chr_read /home/elmarco/src/qq/chardev/char-fd.c:66
#10 0x55db71fe18a8 in qio_channel_fd_source_dispatch
/home/elmarco/src/qq/io/channel-watch.c:84
#11 0x7eff5793a90b in g_main_dispatch ../glib/gmain.c:3182
#12 0x7eff5793b7ac in g_main_context_dispatch ../glib/gmain.c:3847
#13 0x55db720af3bd in glib_pollfds_poll
/home/elmarco/src/qq/util/main-loop.c:214
#14 0x55db720af505 in os_host_main_loop_wait
/home/elmarco/src/qq/util/main-loop.c:261
#15 0x55db720af6d6 in main_loop_wait
/home/elmarco/src/qq/util/main-loop.c:515
#16 0x55db7184e0de in main_loop /home/elmarco/src/qq/vl.c:1995
#17 0x55db7185e956 in main /home/elmarco/src/qq/vl.c:4914
#18 0x7eff4ea17039 in __libc_start_main (/lib64/libc.so.6+0x21039)
(while at it, use g_new0(ReadLineState), it's a bit easier to read)
Signed-off-by: Marc-André Lureau <address@hidden>
Reviewed-by: Dr. David Alan Gilbert <address@hidden>
Reviewed-by: Philippe Mathieu-Daudé <address@hidden>
Message-Id: <address@hidden>
Signed-off-by: Paolo Bonzini <address@hidden>
Commit: 890241ab6942a0186eaf485dabf266a5a7aac428
https://github.com/qemu/qemu/commit/890241ab6942a0186eaf485dabf266a5a7aac428
Author: Marc-André Lureau <address@hidden>
Date: 2018-01-16 (Tue, 16 Jan 2018)
Changed paths:
M tests/migration-test.c
Log Message:
-----------
tests: fix migration-test leak
Direct leak of 12 byte(s) in 2 object(s) allocated from:
#0 0x7f50d403c850 in malloc (/lib64/libasan.so.4+0xde850)
#1 0x7f50d1ddf98f in vasprintf (/lib64/libc.so.6+0x8098f)
Signed-off-by: Marc-André Lureau <address@hidden>
Reviewed-by: Dr. David Alan Gilbert <address@hidden>
Reviewed-by: Philippe Mathieu-Daudé <address@hidden>
Message-Id: <address@hidden>
Signed-off-by: Paolo Bonzini <address@hidden>
Commit: 83e33300a2342c5d0bf48474fdf8da22c22b4973
https://github.com/qemu/qemu/commit/83e33300a2342c5d0bf48474fdf8da22c22b4973
Author: Marc-André Lureau <address@hidden>
Date: 2018-01-16 (Tue, 16 Jan 2018)
Changed paths:
M crypto/ivgen-essiv.c
Log Message:
-----------
crypto: fix stack-buffer-overflow error
ASAN complains about:
==8856==ERROR: AddressSanitizer: stack-buffer-overflow on address
0x7ffd8a1fe168 at pc 0x561136cb4451 bp 0x7ffd8a1fe130 sp 0x7ffd8a1fd8e0
READ of size 16 at 0x7ffd8a1fe168 thread T0
#0 0x561136cb4450 in __asan_memcpy
(/home/elmarco/src/qq/build/tests/test-crypto-ivgen+0x110450)
#1 0x561136d2a6a7 in qcrypto_ivgen_essiv_calculate
/home/elmarco/src/qq/crypto/ivgen-essiv.c:83:5
#2 0x561136d29af8 in qcrypto_ivgen_calculate
/home/elmarco/src/qq/crypto/ivgen.c:72:12
#3 0x561136d07c8e in test_ivgen
/home/elmarco/src/qq/tests/test-crypto-ivgen.c:148:5
#4 0x7f77772c3b04 in test_case_run
/home/elmarco/src/gnome/glib/builddir/../glib/gtestutils.c:2237
#5 0x7f77772c3ec4 in g_test_run_suite_internal
/home/elmarco/src/gnome/glib/builddir/../glib/gtestutils.c:2321
#6 0x7f77772c3f6d in g_test_run_suite_internal
/home/elmarco/src/gnome/glib/builddir/../glib/gtestutils.c:2333
#7 0x7f77772c3f6d in g_test_run_suite_internal
/home/elmarco/src/gnome/glib/builddir/../glib/gtestutils.c:2333
#8 0x7f77772c3f6d in g_test_run_suite_internal
/home/elmarco/src/gnome/glib/builddir/../glib/gtestutils.c:2333
#9 0x7f77772c4184 in g_test_run_suite
/home/elmarco/src/gnome/glib/builddir/../glib/gtestutils.c:2408
#10 0x7f77772c2e0d in g_test_run
/home/elmarco/src/gnome/glib/builddir/../glib/gtestutils.c:1674
#11 0x561136d0799b in main
/home/elmarco/src/qq/tests/test-crypto-ivgen.c:173:12
#12 0x7f77756e6039 in __libc_start_main (/lib64/libc.so.6+0x21039)
#13 0x561136c13d89 in _start
(/home/elmarco/src/qq/build/tests/test-crypto-ivgen+0x6fd89)
Address 0x7ffd8a1fe168 is located in stack of thread T0 at offset 40 in frame
#0 0x561136d2a40f in qcrypto_ivgen_essiv_calculate
/home/elmarco/src/qq/crypto/ivgen-essiv.c:76
This frame has 1 object(s):
[32, 40) 'sector.addr' <== Memory access at offset 40 overflows this
variable
HINT: this may be a false positive if your program uses some custom stack
unwind mechanism or swapcontext
(longjmp and C++ exceptions *are* supported)
SUMMARY: AddressSanitizer: stack-buffer-overflow
(/home/elmarco/src/qq/build/tests/test-crypto-ivgen+0x110450) in __asan_memcpy
Shadow bytes around the buggy address:
0x100031437bd0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0x100031437be0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0x100031437bf0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0x100031437c00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0x100031437c10: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
=>0x100031437c20: 00 00 00 00 00 00 00 00 f1 f1 f1 f1 00[f3]f3 f3
0x100031437c30: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0x100031437c40: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0x100031437c50: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0x100031437c60: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0x100031437c70: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Shadow byte legend (one shadow byte represents 8 application bytes):
Addressable: 00
Partially addressable: 01 02 03 04 05 06 07
Heap left redzone: fa
Freed heap region: fd
Stack left redzone: f1
Stack mid redzone: f2
Stack right redzone: f3
Stack after return: f5
Stack use after scope: f8
Global redzone: f9
Global init order: f6
Poisoned by user: f7
Container overflow: fc
Array cookie: ac
Intra object redzone: bb
ASan internal: fe
Left alloca redzone: ca
Right alloca redzone: cb
It looks like the rest of the code copes with ndata being larger than
sizeof(sector), so limit the memcpy() range.
Signed-off-by: Marc-André Lureau <address@hidden>
Reviewed-by: Daniel P. Berrange <address@hidden>
Message-Id: <address@hidden>
Tested-by: Thomas Huth <address@hidden>
Reviewed-by: Thomas Huth <address@hidden>
Signed-off-by: Paolo Bonzini <address@hidden>
Commit: b11e20fb6c658bc13b2e4dfc1b86c2eb8731e374
https://github.com/qemu/qemu/commit/b11e20fb6c658bc13b2e4dfc1b86c2eb8731e374
Author: Marc-André Lureau <address@hidden>
Date: 2018-01-16 (Tue, 16 Jan 2018)
Changed paths:
M util/qemu-config.c
Log Message:
-----------
qemu-config: fix leak in query-command-line-options
Direct leak of 160 byte(s) in 4 object(s) allocated from:
#0 0x55ed7678cda8 in calloc
(/home/elmarco/src/qq/build/x86_64-softmmu/qemu-system-x86_64+0x797da8)
#1 0x7f3f5e725f75 in g_malloc0
/home/elmarco/src/gnome/glib/builddir/../glib/gmem.c:124
#2 0x55ed778aa3a7 in query_option_descs
/home/elmarco/src/qq/util/qemu-config.c:60:16
#3 0x55ed778aa307 in get_drive_infolist
/home/elmarco/src/qq/util/qemu-config.c:140:19
#4 0x55ed778a9f40 in qmp_query_command_line_options
/home/elmarco/src/qq/util/qemu-config.c:254:36
#5 0x55ed76d4868c in qmp_marshal_query_command_line_options
/home/elmarco/src/qq/build/qmp-marshal.c:3078:14
#6 0x55ed77855dd5 in do_qmp_dispatch
/home/elmarco/src/qq/qapi/qmp-dispatch.c:104:5
#7 0x55ed778558cc in qmp_dispatch
/home/elmarco/src/qq/qapi/qmp-dispatch.c:131:11
#8 0x55ed768b592f in handle_qmp_command
/home/elmarco/src/qq/monitor.c:3840:11
#9 0x55ed7786ccfe in json_message_process_token
/home/elmarco/src/qq/qobject/json-streamer.c:105:5
#10 0x55ed778fe37c in json_lexer_feed_char
/home/elmarco/src/qq/qobject/json-lexer.c:323:13
#11 0x55ed778fdde6 in json_lexer_feed
/home/elmarco/src/qq/qobject/json-lexer.c:373:15
#12 0x55ed7786cd83 in json_message_parser_feed
/home/elmarco/src/qq/qobject/json-streamer.c:124:12
#13 0x55ed768b559e in monitor_qmp_read /home/elmarco/src/qq/monitor.c:3882:5
#14 0x55ed77714f29 in qemu_chr_be_write_impl
/home/elmarco/src/qq/chardev/char.c:167:9
#15 0x55ed77714fde in qemu_chr_be_write
/home/elmarco/src/qq/chardev/char.c:179:9
#16 0x55ed7772ffad in tcp_chr_read
/home/elmarco/src/qq/chardev/char-socket.c:440:13
#17 0x55ed7777113b in qio_channel_fd_source_dispatch
/home/elmarco/src/qq/io/channel-watch.c:84:12
#18 0x7f3f5e71d90b in g_main_dispatch
/home/elmarco/src/gnome/glib/builddir/../glib/gmain.c:3182
#19 0x7f3f5e71e7ac in g_main_context_dispatch
/home/elmarco/src/gnome/glib/builddir/../glib/gmain.c:3847
#20 0x55ed77886ffc in glib_pollfds_poll
/home/elmarco/src/qq/util/main-loop.c:214:9
#21 0x55ed778865fd in os_host_main_loop_wait
/home/elmarco/src/qq/util/main-loop.c:261:5
#22 0x55ed77886222 in main_loop_wait
/home/elmarco/src/qq/util/main-loop.c:515:11
#23 0x55ed76d2a4df in main_loop /home/elmarco/src/qq/vl.c:1995:9
#24 0x55ed76d1cb4a in main /home/elmarco/src/qq/vl.c:4914:5
#25 0x7f3f555f6039 in __libc_start_main (/lib64/libc.so.6+0x21039)
Signed-off-by: Marc-André Lureau <address@hidden>
Reviewed-by: Eric Blake <address@hidden>
Message-Id: <address@hidden>
Signed-off-by: Paolo Bonzini <address@hidden>
Commit: e313d5cec564a9b708bad1bb44c291530a5a4935
https://github.com/qemu/qemu/commit/e313d5cec564a9b708bad1bb44c291530a5a4935
Author: Marc-André Lureau <address@hidden>
Date: 2018-01-16 (Tue, 16 Jan 2018)
Changed paths:
M tests/qmp-test.c
Log Message:
-----------
tests: fix qmp-test leak
Direct leak of 913 byte(s) in 43 object(s) allocated from:
#0 0x55880a15df60 in __interceptor_malloc
(/home/elmarco/src/qq/build/tests/qmp-test+0x110f60)
#1 0x7f3f20fd098f in _IO_vasprintf (/lib64/libc.so.6+0x8098f)
Signed-off-by: Marc-André Lureau <address@hidden>
Reviewed-by: Markus Armbruster <address@hidden>
Reviewed-by: Philippe Mathieu-Daudé <address@hidden>
Message-Id: <address@hidden>
Signed-off-by: Paolo Bonzini <address@hidden>
Commit: 6b2fef739127ee6135d5ccc2da0bf1f3bebf66b7
https://github.com/qemu/qemu/commit/6b2fef739127ee6135d5ccc2da0bf1f3bebf66b7
Author: Marc-André Lureau <address@hidden>
Date: 2018-01-16 (Tue, 16 Jan 2018)
Changed paths:
M tests/test-coroutine.c
Log Message:
-----------
tests: fix coroutine leak in /basic/entered
The coroutine is not finished by the time the test ends, resulting in
ASAN warning:
==7005==ERROR: LeakSanitizer: detected memory leaks
Direct leak of 312 byte(s) in 1 object(s) allocated from:
#0 0x7fd35290fa38 in __interceptor_calloc (/lib64/libasan.so.4+0xdea38)
#1 0x7fd3506c5f75 in g_malloc0 ../glib/gmem.c:124
#2 0x55994af03e47 in qemu_coroutine_new
/home/elmarco/src/qemu/util/coroutine-ucontext.c:144
#3 0x55994aefed99 in qemu_coroutine_create
/home/elmarco/src/qemu/util/qemu-coroutine.c:76
#4 0x55994ac1eb50 in verify_entered_step_1
/home/elmarco/src/qemu/tests/test-coroutine.c:80
#5 0x55994af03c75 in coroutine_trampoline
/home/elmarco/src/qemu/util/coroutine-ucontext.c:119
#6 0x7fd34ec02bef (/lib64/libc.so.6+0x50bef)
Do not yield() to let the coroutine terminate.
Signed-off-by: Marc-André Lureau <address@hidden>
Reviewed-by: Stefan Hajnoczi <address@hidden>
Message-Id: <address@hidden>
Signed-off-by: Paolo Bonzini <address@hidden>
Commit: b7438458a1f801096afe984e959855e77d22dc2e
https://github.com/qemu/qemu/commit/b7438458a1f801096afe984e959855e77d22dc2e
Author: Marc-André Lureau <address@hidden>
Date: 2018-01-16 (Tue, 16 Jan 2018)
Changed paths:
M hw/nvram/ds1225y.c
Log Message:
-----------
mips: fix potential fopen(NULL,...)
Spotted thanks to ASAN.
Signed-off-by: Marc-André Lureau <address@hidden>
Message-Id: <address@hidden>
Signed-off-by: Paolo Bonzini <address@hidden>
Commit: 02a2ad217b0de16cc6c4f36fe325907cdbe7766b
https://github.com/qemu/qemu/commit/02a2ad217b0de16cc6c4f36fe325907cdbe7766b
Author: Marc-André Lureau <address@hidden>
Date: 2018-01-16 (Tue, 16 Jan 2018)
Changed paths:
M disas/s390.c
Log Message:
-----------
disas/s390: fix global-buffer-overflow
Spotted thanks to ASAN:
==25226==ERROR: AddressSanitizer: global-buffer-overflow on address
0x556715a1f120 at pc 0x556714b6f6b1 bp 0x7ffcdfac1360 sp 0x7ffcdfac1350
READ of size 1 at 0x556715a1f120 thread T0
#0 0x556714b6f6b0 in init_disasm /home/elmarco/src/qemu/disas/s390.c:219
#1 0x556714b6fa6a in print_insn_s390 /home/elmarco/src/qemu/disas/s390.c:294
#2 0x55671484d031 in monitor_disas /home/elmarco/src/qemu/disas.c:635
#3 0x556714862ec0 in memory_dump /home/elmarco/src/qemu/monitor.c:1324
#4 0x55671486342a in hmp_memory_dump /home/elmarco/src/qemu/monitor.c:1418
#5 0x5567148670be in handle_hmp_command
/home/elmarco/src/qemu/monitor.c:3109
#6 0x5567148674ed in qmp_human_monitor_command
/home/elmarco/src/qemu/monitor.c:613
#7 0x556714b00918 in qmp_marshal_human_monitor_command
/home/elmarco/src/qemu/build/qmp-marshal.c:1704
#8 0x556715138a3e in do_qmp_dispatch
/home/elmarco/src/qemu/qapi/qmp-dispatch.c:104
#9 0x556715138f83 in qmp_dispatch
/home/elmarco/src/qemu/qapi/qmp-dispatch.c:131
#10 0x55671485cf88 in handle_qmp_command
/home/elmarco/src/qemu/monitor.c:3839
#11 0x55671514e80b in json_message_process_token
/home/elmarco/src/qemu/qobject/json-streamer.c:105
#12 0x5567151bf2dc in json_lexer_feed_char
/home/elmarco/src/qemu/qobject/json-lexer.c:323
#13 0x5567151bf827 in json_lexer_feed
/home/elmarco/src/qemu/qobject/json-lexer.c:373
#14 0x55671514ee62 in json_message_parser_feed
/home/elmarco/src/qemu/qobject/json-streamer.c:124
#15 0x556714854b1f in monitor_qmp_read /home/elmarco/src/qemu/monitor.c:3881
#16 0x556715045440 in qemu_chr_be_write_impl
/home/elmarco/src/qemu/chardev/char.c:172
#17 0x556715047184 in qemu_chr_be_write
/home/elmarco/src/qemu/chardev/char.c:184
#18 0x55671505a8e6 in tcp_chr_read
/home/elmarco/src/qemu/chardev/char-socket.c:440
#19 0x5567150943c3 in qio_channel_fd_source_dispatch
/home/elmarco/src/qemu/io/channel-watch.c:84
#20 0x7fb90292b90b in g_main_dispatch ../glib/gmain.c:3182
#21 0x7fb90292c7ac in g_main_context_dispatch ../glib/gmain.c:3847
#22 0x556715162eca in glib_pollfds_poll
/home/elmarco/src/qemu/util/main-loop.c:214
#23 0x556715163001 in os_host_main_loop_wait
/home/elmarco/src/qemu/util/main-loop.c:261
#24 0x5567151631fa in main_loop_wait
/home/elmarco/src/qemu/util/main-loop.c:515
#25 0x556714ad6d3b in main_loop /home/elmarco/src/qemu/vl.c:1950
#26 0x556714ade329 in main /home/elmarco/src/qemu/vl.c:4865
#27 0x7fb8fe5c9009 in __libc_start_main (/lib64/libc.so.6+0x21009)
#28 0x5567147af4d9 in _start
(/home/elmarco/src/qemu/build/s390x-softmmu/qemu-system-s390x+0xf674d9)
0x556715a1f120 is located 32 bytes to the left of global variable
'char_hci_type_info' defined in '/home/elmarco/src/qemu/hw/bt/hci-csr.c:493:23'
(0x556715a1f140) of size 104
0x556715a1f120 is located 8 bytes to the right of global variable
's390_opcodes' defined in '/home/elmarco/src/qemu/disas/s390.c:860:33'
(0x556715a15280) of size 40600
This fix is based on Andreas Arnez <address@hidden> upstream
commit:
https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;a=commitdiff;h=9ace48f3d7d80ce09c5df60cccb433470410b11b
2014-08-19 Andreas Arnez <address@hidden>
* s390-dis.c (init_disasm): Simplify initialization of
opc_index[]. This also fixes an access after the last element
of s390_opcodes[].
Signed-off-by: Marc-André Lureau <address@hidden>
Message-Id: <address@hidden>
Signed-off-by: Paolo Bonzini <address@hidden>
Commit: 24355b79bdaf6ab12f7c610b032fc35ec045cd55
https://github.com/qemu/qemu/commit/24355b79bdaf6ab12f7c610b032fc35ec045cd55
Author: Stefan Hajnoczi <address@hidden>
Date: 2018-01-16 (Tue, 16 Jan 2018)
Changed paths:
M hw/scsi/scsi-disk.c
Log Message:
-----------
scsi-disk: release AioContext in unaligned WRITE SAME case
scsi_write_same_complete() can retry the write if the request was
unaligned. Make sure to release the AioContext when that code path is
taken!
This patch fixes a hang when QEMU terminates after an unaligned WRITE
SAME request has been processed with dataplane. The hang occurs because
iothread_stop_all() cannot acquire the AioContext lock that was leaked
by the IOThread in scsi_write_same_complete().
Fixes: b9e413dd37 ("block: explicitly acquire aiocontext in aio callbacks that
need it").
Cc: Paolo Bonzini <address@hidden>
Cc: address@hidden
Reported-by: Cong Li <address@hidden>
Signed-off-by: Stefan Hajnoczi <address@hidden>
Message-Id: <address@hidden>
Signed-off-by: Paolo Bonzini <address@hidden>
Commit: acf53766fc26fd90a0b06bae81638502d249f7e7
https://github.com/qemu/qemu/commit/acf53766fc26fd90a0b06bae81638502d249f7e7
Author: Thomas Huth <address@hidden>
Date: 2018-01-16 (Tue, 16 Jan 2018)
Changed paths:
M tests/Makefile.include
M tests/boot-serial-test.c
Log Message:
-----------
tests/boot-serial-test: Add tests for microblaze boards
This adds two simple TCG + UART tests for the microblaze boards,
one in big endian mode, and one in little endian mode.
Signed-off-by: Thomas Huth <address@hidden>
Message-Id: <address@hidden>
Signed-off-by: Paolo Bonzini <address@hidden>
Commit: 7244edf22e6c158036e21567c4cf6e4ddce84092
https://github.com/qemu/qemu/commit/7244edf22e6c158036e21567c4cf6e4ddce84092
Author: Thomas Huth <address@hidden>
Date: 2018-01-16 (Tue, 16 Jan 2018)
Changed paths:
M tests/Makefile.include
M tests/boot-serial-test.c
Log Message:
-----------
tests/boot-serial-test: Add a test for the moxiesim machine
Now that moxiesim supports the -bios parameter, we can check this machine
in the boot-serial tester, too, by supplying a mini bios that only writes
'T' characters to the UART.
Signed-off-by: Thomas Huth <address@hidden>
Message-Id: <address@hidden>
Signed-off-by: Paolo Bonzini <address@hidden>
Commit: 52cb6817a715dde6bc0ba531b23c2525f298925d
https://github.com/qemu/qemu/commit/52cb6817a715dde6bc0ba531b23c2525f298925d
Author: Thomas Huth <address@hidden>
Date: 2018-01-16 (Tue, 16 Jan 2018)
Changed paths:
M tests/Makefile.include
M tests/boot-serial-test.c
Log Message:
-----------
tests/boot-serial-test: Add support for the raspi2 machine
The raspi2 machine supports loading firmware images, so we can easily
load a small test sequence as raw binary blob here to test the UART.
Signed-off-by: Thomas Huth <address@hidden>
Message-Id: <address@hidden>
Signed-off-by: Paolo Bonzini <address@hidden>
Commit: 35b1b927514d34862e352ff83ab0cbb1439b5303
https://github.com/qemu/qemu/commit/35b1b927514d34862e352ff83ab0cbb1439b5303
Author: Tao Wu <address@hidden>
Date: 2018-01-16 (Tue, 16 Jan 2018)
Changed paths:
M target/i386/cpu.c
M target/i386/cpu.h
M target/i386/kvm.c
Log Message:
-----------
target/i386: move hflags update code to a function
We will share the same code for hax/kvm.
Signed-off-by: Tao Wu <address@hidden>
Message-Id: <address@hidden>
Signed-off-by: Paolo Bonzini <address@hidden>
Commit: e527f86e3eb5a973d2e11f8ea08937bcc166d17a
https://github.com/qemu/qemu/commit/e527f86e3eb5a973d2e11f8ea08937bcc166d17a
Author: Tao Wu <address@hidden>
Date: 2018-01-16 (Tue, 16 Jan 2018)
Changed paths:
M target/i386/hax-all.c
Log Message:
-----------
target/i386: hax: change to use x86_update_hflags
Change to use x86_update_hflags instead of keeping another copy
at hax side. This also fix bug like HF_CPL_MASK should be SS.DPL,
not CS.DPL.
Signed-off-by: Tao Wu <address@hidden>
Message-Id: <address@hidden>
Signed-off-by: Paolo Bonzini <address@hidden>
Commit: df16af8741398fee4f8bd5112a00730b1ec6a0f6
https://github.com/qemu/qemu/commit/df16af8741398fee4f8bd5112a00730b1ec6a0f6
Author: Tao Wu <address@hidden>
Date: 2018-01-16 (Tue, 16 Jan 2018)
Changed paths:
M target/i386/hax-all.c
Log Message:
-----------
target/i386: hax: Move x86_update_hflags.
x86_update_hflags reference env->efer which is updated in hax_get_msrs,
so it has to be called after hax_get_msrs. This fix the bug that sometimes
dump_state show 32 bits regs even in 64 bits mode.
Signed-off-by: Tao Wu <address@hidden>
Message-Id: <address@hidden>
Signed-off-by: Paolo Bonzini <address@hidden>
Commit: 809092f313a7430afcd8cf53d1392624915a90e0
https://github.com/qemu/qemu/commit/809092f313a7430afcd8cf53d1392624915a90e0
Author: Paolo Bonzini <address@hidden>
Date: 2018-01-16 (Tue, 16 Jan 2018)
Changed paths:
M target/i386/hvf/x86hvf.c
Log Message:
-----------
target-i386: update hflags on Hypervisor.framework
This ensures that x86_cpu_dump_state shows registers with the correct
size.
Signed-off-by: Paolo Bonzini <address@hidden>
Commit: f1cd52d8912f124cc513a00143fe3baeb44772d1
https://github.com/qemu/qemu/commit/f1cd52d8912f124cc513a00143fe3baeb44772d1
Author: Alex Bennée <address@hidden>
Date: 2018-01-16 (Tue, 16 Jan 2018)
Changed paths:
M scripts/qemu-gdb.py
A scripts/qemugdb/tcg.py
Log Message:
-----------
scripts/qemu-gdb: add simple tcg lock status helper
Add a simple helper to dump lock state.
Signed-off-by: Alex Bennée <address@hidden>
Signed-off-by: Paolo Bonzini <address@hidden>
Commit: c24999fa53e581335413c33f68748c1fc7b3d84b
https://github.com/qemu/qemu/commit/c24999fa53e581335413c33f68748c1fc7b3d84b
Author: Alex Bennée <address@hidden>
Date: 2018-01-16 (Tue, 16 Jan 2018)
Changed paths:
M scripts/qemu-gdb.py
A scripts/qemugdb/timers.py
Log Message:
-----------
scripts/qemu-gdb/timers.py: new helper to dump timer state
This introduces the qemu-gdb command "qemu timers" which will dump the
state of the main timers in the system.
Signed-off-by: Alex Bennée <address@hidden>
Reviewed-by: Philippe Mathieu-Daudé <address@hidden>
Signed-off-by: Paolo Bonzini <address@hidden>
Commit: b39e3f34c9de7ead6a11a74aa2de78baf41d81a7
https://github.com/qemu/qemu/commit/b39e3f34c9de7ead6a11a74aa2de78baf41d81a7
Author: Pavel Dovgalyuk <address@hidden>
Date: 2018-01-16 (Tue, 16 Jan 2018)
Changed paths:
M cpus.c
Log Message:
-----------
icount: fixed saving/restoring of icount warp timers
This patch adds saving and restoring of the icount warp
timers in the vmstate.
It is needed because there timers affect the virtual clock value.
Therefore determinism of the execution in icount record/replay mode
depends on determinism of the timers.
Signed-off-by: Pavel Dovgalyuk <address@hidden>
Acked-by: Paolo Bonzini <address@hidden>
Signed-off-by: Paolo Bonzini <address@hidden>
Signed-off-by: Pavel Dovgalyuk <address@hidden>
Commit: db08b687cdd5319286665aabd34f82665630416f
https://github.com/qemu/qemu/commit/db08b687cdd5319286665aabd34f82665630416f
Author: Paolo Bonzini <address@hidden>
Date: 2018-01-16 (Tue, 16 Jan 2018)
Changed paths:
M cpus.c
Log Message:
-----------
cpus: unify qemu_*_wait_io_event
Except for round-robin TCG, every other accelerator is using more or
less the same code around qemu_wait_io_event_common. The exception
is HAX, which also has to eat the dummy APC that is queued by
qemu_cpu_kick_thread.
We can add the SleepEx call to qemu_wait_io_event under "if
(!tcg_enabled())", since that is the condition that is used in
qemu_cpu_kick_thread, and unify the function for KVM, HAX, HVF and
multi-threaded TCG. Single-threaded TCG code can also be simplified
since it is only used in the round-robin, sleep-if-all-CPUs-idle case.
Signed-off-by: Paolo Bonzini <address@hidden>
Commit: 01960e6d21dcfbfc8a03d8fd6284c448cf75865b
https://github.com/qemu/qemu/commit/01960e6d21dcfbfc8a03d8fd6284c448cf75865b
Author: linzhecheng <address@hidden>
Date: 2018-01-16 (Tue, 16 Jan 2018)
Changed paths:
M target/i386/kvm.c
Log Message:
-----------
irq: fix memory leak
entry is moved from list but is not freed.
Signed-off-by: linzhecheng <address@hidden>
Message-Id: <address@hidden>
Signed-off-by: Paolo Bonzini <address@hidden>
Commit: 1b4c0a0436f8741ad19e03a5822d1c546dfceecc
https://github.com/qemu/qemu/commit/1b4c0a0436f8741ad19e03a5822d1c546dfceecc
Author: Eric Blake <address@hidden>
Date: 2018-01-16 (Tue, 16 Jan 2018)
Changed paths:
M hw/net/pcnet.c
Log Message:
-----------
net: Drop unusual use of do { } while (0);
For a couple of macros in pcnet.c, we have to provide a new scope
to avoid compiler warnings about declarations in the middle of a
switch statement that aren't in a sub-scope. But use of
'do { ... } while (0);' merely to provide that new scope is arcane
overkill, compared to just using '{ ... }'.
Signed-off-by: Eric Blake <address@hidden>
Reviewed-by: Thomas Huth <address@hidden>
Message-Id: <address@hidden>
Signed-off-by: Paolo Bonzini <address@hidden>
Commit: 94f5c480e9b5ce95394026b3f025816470e23eaf
https://github.com/qemu/qemu/commit/94f5c480e9b5ce95394026b3f025816470e23eaf
Author: Eric Blake <address@hidden>
Date: 2018-01-16 (Tue, 16 Jan 2018)
Changed paths:
M target/mips/msa_helper.c
Log Message:
-----------
mips: Tweak location of ';' in macros
It is more typical to provide the ';' by the caller of a macro
than to embed it in the macro itself; this is because syntax
highlight engines can get confused if a macro is called without
a semicolon before the closing '}'.
Signed-off-by: Eric Blake <address@hidden>
Reviewed-by: Philippe Mathieu-Daudé <address@hidden>
Message-Id: <address@hidden>
Signed-off-by: Paolo Bonzini <address@hidden>
Commit: 19a4d43ef05e323f811cf944980639449dbb39ac
https://github.com/qemu/qemu/commit/19a4d43ef05e323f811cf944980639449dbb39ac
Author: Eric Blake <address@hidden>
Date: 2018-01-16 (Tue, 16 Jan 2018)
Changed paths:
M chardev/char-serial.c
Log Message:
-----------
chardev: Use goto/label instead of do/break/while(0)
Use of a do/while(0) control flow in order to permit an early break
is an unusual paradigm, and triggers a false positive with a planned
future syntax check against 'while (0);'. Rewrite the code to use a
goto instead. This patch temporarily keeps an extra level of
indentation to highlight the change; the next patch cleans it up.
Signed-off-by: Eric Blake <address@hidden>
Message-Id: <address@hidden>
Reviewed-by: Marc-André Lureau <address@hidden>
Signed-off-by: Paolo Bonzini <address@hidden>
Commit: 539022dd6089cdef36589d608ed63cbdaacfd71f
https://github.com/qemu/qemu/commit/539022dd6089cdef36589d608ed63cbdaacfd71f
Author: Eric Blake <address@hidden>
Date: 2018-01-16 (Tue, 16 Jan 2018)
Changed paths:
M chardev/char-serial.c
Log Message:
-----------
chardev: Clean up previous patch indentation
The previous patch left in an extra scope layer for ease of
review; time to remove it. No semantic change.
Signed-off-by: Eric Blake <address@hidden>
Message-Id: <address@hidden>
Reviewed-by: Marc-André Lureau <address@hidden>
Signed-off-by: Paolo Bonzini <address@hidden>
Commit: 241187c11818e5223c4bdfac79f28fdf63731733
https://github.com/qemu/qemu/commit/241187c11818e5223c4bdfac79f28fdf63731733
Author: Eric Blake <address@hidden>
Date: 2018-01-16 (Tue, 16 Jan 2018)
Changed paths:
M tests/vhost-user-bridge.c
Log Message:
-----------
tests: Avoid 'do/while(false); ' in vhost-user-bridge
Use of a do/while(0) loop as a way to allow break statements in
the middle of execute-once code is unusual. More typical is
the use of goto for early exits, with a label at the end of
the execute-once code, rather than nesting code in a scope;
however, the comment at the end of the existing code makes this
alternative a bit unpractical.
So, to avoid false positives from a future syntax check about
'while (false);', and to keep the loop form (in case someone
ever does add DONTWAIT support, where they can just as easily
manipulate the initial loop condition or add an if around the
final 'break'), I opted to use the form of a while(1) loop (the
break as an early exit is more idiomatic there), coupled with
a final break preserving the original comment.
Signed-off-by: Eric Blake <address@hidden>
Message-Id: <address@hidden>
Signed-off-by: Paolo Bonzini <address@hidden>
Commit: 2562755ee78983930d0662fa4d3bc5e2ac166350
https://github.com/qemu/qemu/commit/2562755ee78983930d0662fa4d3bc5e2ac166350
Author: Eric Blake <address@hidden>
Date: 2018-01-16 (Tue, 16 Jan 2018)
Changed paths:
M audio/paaudio.c
M hw/adc/stm32f2xx_adc.c
M hw/block/m25p80.c
M hw/char/cadence_uart.c
M hw/char/stm32f2xx_usart.c
M hw/display/cg3.c
M hw/display/dpcd.c
M hw/display/xlnx_dp.c
M hw/dma/pl330.c
M hw/dma/xlnx-zynq-devcfg.c
M hw/dma/xlnx_dpdma.c
M hw/i2c/i2c-ddc.c
M hw/misc/auxbus.c
M hw/misc/macio/mac_dbdma.c
M hw/misc/mmio_interface.c
M hw/misc/stm32f2xx_syscfg.c
M hw/misc/zynq_slcr.c
M hw/net/cadence_gem.c
M hw/ssi/mss-spi.c
M hw/ssi/stm32f2xx_spi.c
M hw/ssi/xilinx_spi.c
M hw/ssi/xilinx_spips.c
M hw/timer/a9gtimer.c
M hw/timer/cadence_ttc.c
M hw/timer/mss-timer.c
M hw/timer/stm32f2xx_timer.c
M hw/tpm/tpm_passthrough.c
M hw/tpm/tpm_tis.c
M migration/rdma.c
M target/arm/translate-a64.c
M target/s390x/kvm.c
M tests/acpi-utils.h
M tests/tcg/test-mmap.c
M ui/sdl_zoom_template.h
Log Message:
-----------
maint: Fix macros with broken 'do/while(0); ' usage
The point of writing a macro embedded in a 'do { ... } while (0)'
loop (particularly if the macro has multiple statements or would
otherwise end with an 'if' statement) is so that the macro can be
used as a drop-in statement with the caller supplying the
trailing ';'. Although our coding style frowns on brace-less 'if':
if (cond)
statement;
else
something else;
that is the classic case where failure to use do/while(0) wrapping
would cause the 'else' to pair with any embedded 'if' in the macro
rather than the intended outer 'if'. But conversely, if the macro
includes an embedded ';', then the same brace-less coding style
would now have two statements, making the 'else' a syntax error
rather than pairing with the outer 'if'. Thus, even though our
coding style with required braces is not impacted, ending a macro
with ';' makes our code harder to port to projects that use
brace-less styles.
The change should have no semantic impact. I was not able to
fully compile-test all of the changes (as some of them are
examples of the ugly bit-rotting debug print statements that are
completely elided by default, and I didn't want to recompile
with the necessary -D witnesses - cleaning those up is left as a
bite-sized task for another day); I did, however, audit that for
all files touched, all callers of the changed macros DID supply
a trailing ';' at the callsite, and did not appear to be used
as part of a brace-less conditional.
Found mechanically via: $ git grep -B1 'while (0);' | grep -A1 \\\\
Signed-off-by: Eric Blake <address@hidden>
Acked-by: Cornelia Huck <address@hidden>
Reviewed-by: Michael S. Tsirkin <address@hidden>
Acked-by: Dr. David Alan Gilbert <address@hidden>
Message-Id: <address@hidden>
Reviewed-by: Juan Quintela <address@hidden>
Signed-off-by: Paolo Bonzini <address@hidden>
Commit: f4bdc13e492208f4f9cad0ff1c14247dea1cd197
https://github.com/qemu/qemu/commit/f4bdc13e492208f4f9cad0ff1c14247dea1cd197
Author: Eric Blake <address@hidden>
Date: 2018-01-16 (Tue, 16 Jan 2018)
Changed paths:
M scripts/checkpatch.pl
Log Message:
-----------
checkpatch: Enforce proper do/while (0) style
Use of a loop construct for code that is not intended to repeat
does not make much idiomatic sense, except in one place: it is a
common usage in macros in order to wrap arbitrary code with
single-statement semantics. But when used in a macro, it is more
typical for the caller to supply the trailing ';' when calling
the macro.
Although qemu coding style frowns on bare:
if (cond)
statement1;
else
statement2;
where extra semicolons actually cause syntax errors, we still
want our macro styles to be easily copied to other projects.
Thus, declare it an error if we encounter any form of 'while (0)'
with a semicolon in the same line.
Signed-off-by: Eric Blake <address@hidden>
Message-Id: <address@hidden>
Signed-off-by: Paolo Bonzini <address@hidden>
Commit: aa777e297c8408ee5bebc4f6a2e00071224e4a64
https://github.com/qemu/qemu/commit/aa777e297c8408ee5bebc4f6a2e00071224e4a64
Author: Dr. David Alan Gilbert <address@hidden>
Date: 2018-01-16 (Tue, 16 Jan 2018)
Changed paths:
M include/exec/ram_addr.h
Log Message:
-----------
cpu_physical_memory_sync_dirty_bitmap: Another alignment fix
This code has an optimised, word aligned version, and a boring
unaligned version. My commit f70d345 fixed one alignment issue, but
there's another.
The optimised version operates on 'longs' dealing with (typically) 64
pages at a time, replacing the whole long by a 0 and counting the bits.
If the Ramblock is less than 64bits in length that long can contain bits
representing two different RAMBlocks, but the code will update the
bmap belinging to the 1st RAMBlock only while having updated the total
dirty page count for both.
This probably didn't matter prior to 6b6712ef which split the dirty
bitmap by RAMBlock, but now they're separate RAMBlocks we end up
with a count that doesn't match the state in the bitmaps.
Symptom:
Migration showing a few dirty pages left to be sent constantly
Seen on aarch64 and x86 with x86+ovmf
Signed-off-by: Dr. David Alan Gilbert <address@hidden>
Reported-by: Wei Huang <address@hidden>
Fixes: 6b6712efccd383b48a909bee0b29e079a57601ec
Signed-off-by: Paolo Bonzini <address@hidden>
Commit: 154cc9ea3bc840199714ee7b95277c572c5d1533
https://github.com/qemu/qemu/commit/154cc9ea3bc840199714ee7b95277c572c5d1533
Author: Dr. David Alan Gilbert <address@hidden>
Date: 2018-01-16 (Tue, 16 Jan 2018)
Changed paths:
M exec.c
M trace-events
Log Message:
-----------
find_ram_offset: Add comments and tracing
Add some comments so I can understand the various nested loops.
Add some tracing so I can see what they're doing.
Signed-off-by: Dr. David Alan Gilbert <address@hidden>
Message-Id: <address@hidden>
Signed-off-by: Paolo Bonzini <address@hidden>
Commit: 801110ab22be1ef258338345fc0b645af074d5bf
https://github.com/qemu/qemu/commit/801110ab22be1ef258338345fc0b645af074d5bf
Author: Dr. David Alan Gilbert <address@hidden>
Date: 2018-01-16 (Tue, 16 Jan 2018)
Changed paths:
M exec.c
Log Message:
-----------
find_ram_offset: Align ram_addr_t allocation on long boundaries
The dirty bitmaps are built from 'long's and there is fast-path code
for synchronising the case where the RAMBlock is aligned to the start
of a long boundary. Align the allocation to this boundary
to cause the fast path to be used.
Offsets before change:
address@hidden:find_ram_offset size: 0x1e0000 @ 0x8000000
address@hidden:find_ram_offset size: 0x20000 @ 0x81e0000
address@hidden:find_ram_offset size: 0x20000 @ 0x8200000
address@hidden:find_ram_offset size: 0x1000000 @ 0x8220000
address@hidden:find_ram_offset size: 0x10000 @ 0x9220000
address@hidden:find_ram_offset size: 0x40000 @ 0x9230000
address@hidden:find_ram_offset size: 0x200000 @ 0x9270000
address@hidden:find_ram_offset size: 0x1000 @ 0x9470000
address@hidden:find_ram_offset size: 0x1000 @ 0x9471000
after change:
address@hidden:find_ram_offset size: 0x1e0000 @ 0x8000000
address@hidden:find_ram_offset size: 0x20000 @ 0x8200000
address@hidden:find_ram_offset size: 0x20000 @ 0x8240000
address@hidden:find_ram_offset size: 0x1000000 @ 0x8280000
address@hidden:find_ram_offset size: 0x10000 @ 0x9280000
address@hidden:find_ram_offset size: 0x40000 @ 0x92c0000
address@hidden:find_ram_offset size: 0x200000 @ 0x9300000
address@hidden:find_ram_offset size: 0x1000 @ 0x9500000
address@hidden:find_ram_offset size: 0x1000 @ 0x9540000
Suggested-by: Paolo Bonzini <address@hidden>
Signed-off-by: Dr. David Alan Gilbert <address@hidden>
Message-Id: <address@hidden>
Signed-off-by: Paolo Bonzini <address@hidden>
Commit: 79f9c75e1707082e56723787e6b3610a46843e20
https://github.com/qemu/qemu/commit/79f9c75e1707082e56723787e6b3610a46843e20
Author: Peter Lieven <address@hidden>
Date: 2018-01-16 (Tue, 16 Jan 2018)
Changed paths:
M block/iscsi.c
Log Message:
-----------
block/iscsi: fix initialization of iTask in iscsi_co_get_block_status
in case of unaligned requests or on a target that does not support
block provisioning we leave iTask uninitialized and check iTask.task
for NULL later.
Fixes: e38bc23454ef763deb4405ebdee6a1081aa00bc8
Signed-off-by: Peter Lieven <address@hidden>
Reviewed-by: Eric Blake <address@hidden>
Message-Id: <address@hidden>
Signed-off-by: Paolo Bonzini <address@hidden>
Commit: 15a356c49ac747a7202ed703949a178a054f2a55
https://github.com/qemu/qemu/commit/15a356c49ac747a7202ed703949a178a054f2a55
Author: Pavel Dovgalyuk <address@hidden>
Date: 2018-01-16 (Tue, 16 Jan 2018)
Changed paths:
M exec.c
Log Message:
-----------
cpu: flush TB cache when loading VMState
Flushing TB cache is required because TBs key in the cache may match
different code which existed in the previous state.
Signed-off-by: Pavel Dovgalyuk <address@hidden>
Signed-off-by: Maria Klimushenkova <address@hidden>
Message-Id: <address@hidden>
[Add comment suggested by Peter Maydell. - Paolo]
Signed-off-by: Paolo Bonzini <address@hidden>
Signed-off-by: Pavel Dovgalyuk <address@hidden>
Commit: 6c27a0ded992c2daddf12a225b71e42c965c4c6a
https://github.com/qemu/qemu/commit/6c27a0ded992c2daddf12a225b71e42c965c4c6a
Author: Alex Bennée <address@hidden>
Date: 2018-01-16 (Tue, 16 Jan 2018)
Changed paths:
M include/qemu/thread.h
M util/qemu-thread-posix.c
M util/qemu-thread-win32.c
M util/trace-events
Log Message:
-----------
util/qemu-thread-*: add qemu_lock, locked and unlock trace events
Signed-off-by: Alex Bennée <address@hidden>
Signed-off-by: Paolo Bonzini <address@hidden>
Commit: b5976c2e46e86b36b01d8ac380a182e22209a7cd
https://github.com/qemu/qemu/commit/b5976c2e46e86b36b01d8ac380a182e22209a7cd
Author: Alex Bennée <address@hidden>
Date: 2018-01-16 (Tue, 16 Jan 2018)
Changed paths:
A scripts/analyse-locks-simpletrace.py
Log Message:
-----------
scripts/analyse-locks-simpletrace.py: script to analyse lock times
This script allows analysis of mutex acquisition and hold times based
on a trace file. Given a trace control file of:
qemu_mutex_lock
qemu_mutex_locked
qemu_mutex_unlock
And running with:
$QEMU $QEMU_ARGS -trace events=./lock-trace
You can analyse the results with:
./scripts/analyse-locks-simpletrace.py trace-events-all ./trace-21812
Signed-off-by: Alex Bennée <address@hidden>
Signed-off-by: Paolo Bonzini <address@hidden>
Commit: c1d5b9add7b04661bedef9a3379a8b82547b53db
https://github.com/qemu/qemu/commit/c1d5b9add7b04661bedef9a3379a8b82547b53db
Author: Peter Maydell <address@hidden>
Date: 2018-01-16 (Tue, 16 Jan 2018)
Changed paths:
M Makefile
M audio/paaudio.c
M block/iscsi.c
M chardev/char-fe.c
M chardev/char-pty.c
M chardev/char-serial.c
M chardev/char-socket.c
M chardev/char.c
M configure
M cpus.c
M crypto/ivgen-essiv.c
M disas/s390.c
M docs/devel/build-system.txt
M exec.c
M hw/adc/stm32f2xx_adc.c
M hw/block/m25p80.c
M hw/char/cadence_uart.c
M hw/char/stm32f2xx_usart.c
M hw/char/terminal3270.c
M hw/display/cg3.c
M hw/display/dpcd.c
M hw/display/xlnx_dp.c
M hw/dma/pl330.c
M hw/dma/xlnx-zynq-devcfg.c
M hw/dma/xlnx_dpdma.c
M hw/i2c/i2c-ddc.c
M hw/i386/pc.c
M hw/misc/auxbus.c
M hw/misc/macio/mac_dbdma.c
M hw/misc/mmio_interface.c
M hw/misc/stm32f2xx_syscfg.c
M hw/misc/zynq_slcr.c
M hw/net/cadence_gem.c
M hw/net/pcnet.c
M hw/nvram/ds1225y.c
M hw/scsi/scsi-disk.c
M hw/scsi/scsi-generic.c
M hw/ssi/mss-spi.c
M hw/ssi/stm32f2xx_spi.c
M hw/ssi/xilinx_spi.c
M hw/ssi/xilinx_spips.c
M hw/timer/a9gtimer.c
M hw/timer/cadence_ttc.c
M hw/timer/hpet.c
M hw/timer/mss-timer.c
M hw/timer/stm32f2xx_timer.c
M hw/tpm/tpm_passthrough.c
M hw/tpm/tpm_tis.c
M include/chardev/char.h
M include/exec/ram_addr.h
M include/hw/compat.h
M include/qemu/readline.h
M include/qemu/thread.h
M migration/rdma.c
M monitor.c
M rules.mak
A scripts/analyse-locks-simpletrace.py
M scripts/checkpatch.pl
M scripts/qemu-gdb.py
A scripts/qemugdb/tcg.py
A scripts/qemugdb/timers.py
M scsi/utils.c
M target/arm/translate-a64.c
M target/i386/cpu.c
M target/i386/cpu.h
M target/i386/hax-all.c
M target/i386/hvf/x86hvf.c
M target/i386/kvm.c
M target/mips/msa_helper.c
M target/s390x/kvm.c
M tests/Makefile.include
M tests/acpi-utils.h
M tests/boot-serial-test.c
M tests/check-qobject.c
M tests/docker/dockerfiles/fedora.docker
M tests/docker/test-clang
A tests/docker/test-debug
M tests/docker/test-mingw
M tests/qmp-test.c
M tests/tcg/test-mmap.c
M tests/test-coroutine.c
M tests/vhost-user-bridge.c
M trace-events
M ui/sdl_zoom_template.h
M util/qemu-config.c
M util/qemu-thread-posix.c
M util/qemu-thread-win32.c
M util/readline.c
M util/trace-events
M vl.c
Log Message:
-----------
Merge remote-tracking branch 'remotes/bonzini/tags/for-upstream' into staging
* QemuMutex tracing improvements (Alex)
* ram_addr_t optimization (David)
* SCSI fixes (Fam, Stefan, me)
* do {} while (0) fixes (Eric)
* KVM fix for PMU (Jan)
* memory leak fixes from ASAN (Marc-André)
* migration fix for HPET, icount, loadvm (Maria, Pavel)
* hflags fixes (me, Tao)
* block/iscsi uninitialized variable (Peter L.)
* full support for GMainContexts in character devices (Peter Xu)
* more boot-serial-test (Thomas)
* Memory leak fix (Zhecheng)
# gpg: Signature made Tue 16 Jan 2018 14:15:45 GMT
# gpg: using RSA key 0xBFFBD25F78C7AE83
# gpg: Good signature from "Paolo Bonzini <address@hidden>"
# gpg: aka "Paolo Bonzini <address@hidden>"
# Primary key fingerprint: 46F5 9FBD 57D6 12E7 BFD4 E2F7 7E15 100C CD36 69B1
# Subkey fingerprint: F133 3857 4B66 2389 866C 7682 BFFB D25F 78C7 AE83
* remotes/bonzini/tags/for-upstream: (51 commits)
scripts/analyse-locks-simpletrace.py: script to analyse lock times
util/qemu-thread-*: add qemu_lock, locked and unlock trace events
cpu: flush TB cache when loading VMState
block/iscsi: fix initialization of iTask in iscsi_co_get_block_status
find_ram_offset: Align ram_addr_t allocation on long boundaries
find_ram_offset: Add comments and tracing
cpu_physical_memory_sync_dirty_bitmap: Another alignment fix
checkpatch: Enforce proper do/while (0) style
maint: Fix macros with broken 'do/while(0); ' usage
tests: Avoid 'do/while(false); ' in vhost-user-bridge
chardev: Clean up previous patch indentation
chardev: Use goto/label instead of do/break/while(0)
mips: Tweak location of ';' in macros
net: Drop unusual use of do { } while (0);
irq: fix memory leak
cpus: unify qemu_*_wait_io_event
icount: fixed saving/restoring of icount warp timers
scripts/qemu-gdb/timers.py: new helper to dump timer state
scripts/qemu-gdb: add simple tcg lock status helper
target-i386: update hflags on Hypervisor.framework
...
Signed-off-by: Peter Maydell <address@hidden>
Compare: https://github.com/qemu/qemu/compare/aae39d24a387...c1d5b9add7b0
| [Prev in Thread] |
Current Thread |
[Next in Thread] |
- [Qemu-commits] [qemu/qemu] d9bcd6: scsi-generic: Add share-rw option,
GitHub <=