This would have prevented the regression mentioned in the previous
commit.
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Message-Id: <1448486613-17634-4-git-send-email-armbru@redhat.com>
We limit nesting depth and input size to defend against input
triggering excessive heap or stack memory use (commit 29c75dd
json-streamer: limit the maximum recursion depth and maximum token
count). However, when the nesting limit is exceeded,
parser_context_peek_token()'s assertion fails.
Broken in commit 65c0f1e "json-parser: don't replicate tokens at each
level of recursion".
To reproduce stuff 1025 open braces or brackets into QMP.
Fix by taking the error exit instead of the normal one.
Reported-by: Eric Blake <eblake@redhat.com>
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Message-Id: <1448486613-17634-3-git-send-email-armbru@redhat.com>
The nesting limit from commit 29c75dd "json-streamer: limit the
maximum recursion depth and maximum token count" applies separately to
braces and brackets. This makes no sense. Apply it to their sum,
because that's actually a measure of recursion depth.
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Message-Id: <1448486613-17634-2-git-send-email-armbru@redhat.com>
Commit "c7628bf vnc: only alloc server surface with clients connected"
missed one rarely used codepath (cirrus with guest drivers using 2d
accel) where we have to check for the server surface being present,
to avoid qemu crashing with a NULL pointer dereference. Add the check.
Reported-by: Anthony PERARD <anthony.perard@citrix.com>
Tested-by: Anthony PERARD <anthony.perard@citrix.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
With previous commit we added gspawn-win64-helper-console.exe,
required for gspawn() mingw implementation.
Unfortunatly when running as a service without interactive
desktop, gspawn() also requires another helper app.
Added gspawn-win64-helper.exe and gspawn-win32-helper.exe
for corresponding architectures.
Signed-off-by: Yuri Pudgorodskiy <yur@virtuozzo.com>
Signed-off-by: Denis V. Lunev <den@openvz.org>
CC: Michael Roth <mdroth@linux.vnet.ibm.com>
* remove trailing whitespace
Signed-off-by: Michael Roth <mdroth@linux.vnet.ibm.com>
Exposing OS-specific SEEK_ constants in our qapi was a mistake
(if the host has SEEK_CUR as 1, but the guest has it as 2, then
the semantics are unclear what should happen); if we had a time
machine, we would instead expose only a symbolic enum. It's too
late to change the fact that we have an integer in qapi, but we
can at least document what mapping we want to enforce for all
qga clients (and luckily, it happens to be the mapping that both
Linux and Windows use); then fix the code to match that mapping.
It also helps us filter out unsupported SEEK_DATA and SEEK_HOLE.
In the future, we may wish to move our QGA_SEEK_* constants into
qga/qapi-schema.json, along with updating the schema to take an
alternate type (either the integer, or the string value of the
enum name) - but that's too much risk during hard freeze.
Signed-off-by: Eric Blake <eblake@redhat.com>
Signed-off-by: Michael Roth <mdroth@linux.vnet.ibm.com>
This test exhibits a POSIX behaviour regarding switching between write
and read. It's undefined result if the application doesn't ensure a
flush between the two operations (with glibc, the flush can be implicit
when the buffer size is relatively small). The previous commit fixes
this test.
Related to:
https://bugzilla.redhat.com/show_bug.cgi?id=1210246
Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Signed-off-by: Michael Roth <mdroth@linux.vnet.ibm.com>
According to the specification:
http://pubs.opengroup.org/onlinepubs/9699919799/functions/fopen.html
"the application shall ensure that output is not directly followed by
input without an intervening call to fflush() or to a file positioning
function (fseek(), fsetpos(), or rewind()), and input is not directly
followed by output without an intervening call to a file positioning
function, unless the input operation encounters end-of-file."
Without this change, an fwrite() followed by an fread() may lose the
previously written content, as shown in the following test.
Fixes:
https://bugzilla.redhat.com/show_bug.cgi?id=1210246
Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
* don't confuse {write,read}() with f{write,read}() in
commit msg (Laszlo)
Signed-off-by: Michael Roth <mdroth@linux.vnet.ibm.com>
Use explicit timeouts instead of trying to approximate it by counting
the cumulative duration of nsleep calls.
In practice, the timeout if inb() dwarfed the nsleep delays, and as a
result the real timeout value became a lot larger than 5 seconds.
So: change the semantics from "Not sooner than 5 seconds" to "no more
than 5 seconds" to ensure we don't hang the tester for very long.
Signed-off-by: John Snow <jsnow@redhat.com>
Reviewed-by: Kevin Wolf <kwolf@redhat.com>
Message-id: 1448393771-15483-2-git-send-email-jsnow@redhat.com
This helper, gspawn-win64-helper-console.exe for 64-bit and
gspawn-win32-helper-console.exe for 32-bit environment,
is needed for gspawn() mingw implementation, used by guest-exec command.
Without these files guest-exec command on Windows will not
work with "file not found" diagnostic message.
Signed-off-by: Yuri Pudgorodskiy <yur@virtuozzo.com>
Signed-off-by: Denis V. Lunev <den@openvz.org>
CC: Michael Roth <mdroth@linux.vnet.ibm.com>
Signed-off-by: Michael Roth <mdroth@linux.vnet.ibm.com>
ab59e3e introduced a fix for `make install` on w32 that involved
filtering out qemu-ga from $TOOLS install recipe so that we could
append $(EXESUF) to it before attempting to install the binary
via install-prog function.
install-prog takes a list of binaries to install to a particular
directory. If the list is empty it breaks. We guard against this
by ensuring $TOOLS is not empty prior to calling.
However, ab59e3e introduces extra filtering after this check which
can still result on us attempting to call install-prog with an
empty list of binaries. In particular, this occurs if we
build with the --disable-tools configure option, which results
in qemu-ga being the only member of $TOOLS.
Fix this by doing a simple s/qemu-ga/qemu-ga$(EXESUF)/ pass through
$TOOLS instead of filtering out qemu-ga to handle it seperately.
Reported-by: Steve Ellcey <sellcey@imgtec.com>
Cc: Stefan Weil <sw@weilnetz.de>
Signed-off-by: Michael Roth <mdroth@linux.vnet.ibm.com>
If we set migration speed in a very large value, block-migration will try to read
all data to the memory. Because
(block_mig_state.submitted + block_mig_state.read_done) * BLOCK_SIZE
will be overflow, and it will be always less than rate limit.
There is no need to read too many data into memory when the rate limit is very large.
So limit the memory usage can fix the overflow problem.
Signed-off-by: Wen Congyang <wency@cn.fujitsu.com>
Reviewed-by: Juan Quintela <quintela@redhat.com>
Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com>
Signed-off-by: Juan Quintela <quintela@redhat.com>
madvise() returns EINVAL in the case of many failures, but also
returns it in cases where the host kernel doesn't have THP enabled.
Postcopy only really cares that THP is off before it detects faults,
and turns it back on afterwards; so we're going to have
to assume that if the madvise fails then the host just doesn't do
THP and we can carry on with the postcopy.
Signed-off-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
Tested-by: Jason J. Herne <jjherne@linux.vnet.ibm.com>
Reviewed-by: Juan Quintela <quintela@redhat.com>
Reviewed-by: Amit Shah <amit.shah@redhat.com>
Signed-off-by: Juan Quintela <quintela@redhat.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2
iQEcBAABCAAGBQJWVbgFAAoJEDuxQgLoOKytEoUIAILrb9wJ77ihJF2EjpRG/yBR
lx3t7mzXlEANQlWx8fAraDRi7rZDohVtpRpKZSrnHgZ1/Hc03thMFW15gB4N2T5g
vwgB2CjKjM+pkcobdhqUwjWhwjK6BidMMmi7dtHchGBmWd9AiPofThqP2zlxhwBa
3WCYNjQgy5o/kXnMGV/5tlGzQmqM8hRigUusDUMQY6woWI6+R2fsBPWrYgZAis9W
0H2oO8Uf/D0a8LdsqkAth4PDErE1A6DDGDCkECYpnLIuwXcmeQLMEKfpeNtSYATl
pcLTru4jSZtoc6wTvejjMUeZUPkJNcrc3g6LbN3lX+pS5FObBZOTgTrw/CtkulQ=
=++eW
-----END PGP SIGNATURE-----
Merge remote-tracking branch 'mreitz/tags/pull-block-for-kevin-2015-11-25' into queue-block
One block patch for qemu 2.5-rc2.
# gpg: Signature made Wed Nov 25 14:30:45 2015 CET using RSA key ID E838ACAD
# gpg: Good signature from "Max Reitz <mreitz@redhat.com>"
* mreitz/tags/pull-block-for-kevin-2015-11-25:
qemu-iotests: Add -nographic when starting QEMU in 119 and 120
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Otherwise, a window flashes on my desktop (built with SDL). Add this as
other cases have it.
Signed-off-by: Fam Zheng <famz@redhat.com>
Message-id: 1448245930-15031-1-git-send-email-famz@redhat.com
Signed-off-by: Max Reitz <mreitz@redhat.com>
Spotted by Coverity.
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Kevin Wolf <kwolf@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Add support for caching options that can be specified from the command
line.
The CD-ROM raw char device bypasses the host page cache and therefore
has alignment requirements. Alignment probing is necessary so only use
the raw char device if BDRV_O_NOCACHE is set.
This patch fixes -cdrom /dev/cdrom on Mac OS X hosts, where bdrv_read()
used to fail due to misaligned requests during image format probing.
Signed-off-by: John Arbuckle <programmingkidx@gmail.com>
Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
For the "main area on file, oob in memory" case, fix the shifts so that
we erase the correct number of pages.
Signed-off-by: Ricard Wanderlöf <ricardw@axis.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
One test case closed an event notifier (event_notifier_cleanup())
without first disabling it (set_event_notifier(..., NULL)). This
resulted in a leftover handle 0 that was added to each subsequent
WaitForMultipleObjects() call, causing the function to fail (invalid
handle).
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Reviewed-by: Paolo Bonzini <pbonzini@redhat.com>
Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com>
'make check' failed to compile the test case for mingw because of
undefined references. Pull in a few more dependencies so that it builds.
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Reviewed-by: Paolo Bonzini <pbonzini@redhat.com>
Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com>
Now some vhost-user-bridge parameters can be passed from the
command line:
Usage: prog [-u ud_socket_path] [-l lhost:lport] [-r rhost:rport]
-u path to unix doman socket. default: /tmp/vubr.sock
-l local host and port. default: 127.0.0.1:4444
-r remote host and port. default: 127.0.0.1:5555
Signed-off-by: Victor Kaplansky <victork@redhat.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
The backend has to know whether VIRTIO_NET_F_GUEST_ANNOUNCE was
negotiated, so, as a hack we propose the feature by
vhost-user-bridge during the feature negotiation.
Signed-off-by: Victor Kaplansky <victork@redhat.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
It seems that we currently have some duplication between
started and enabled states.
The actual reason is that enable is not documented correctly:
what it does is connecting ring to the backend.
This is important for MQ, because a Linux guest expects TX
packets to be completed even if it disables some queues
temporarily.
Cc: Yuanhan Liu <yuanhan.liu@linux.intel.com>
Cc: Victor Kaplansky <victork@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Wen Congyang <wency@cn.fujitsu.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
Reviewed-by: Yuanhan Liu <yuanhan.liu@linux.intel.com>
Now that qemu_hw_version() returns a fixed "2.5+" string instead
of QEMU_VERSION, we don't need to set hw_version on pc-*-2.5
explicitly.
Suggested-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
There are two issues with qemu_hw_version() today:
1) If a machine has hw_version set, the value returned by it is
not very useful, because it is not the actual QEMU version.
2) If a machine does't set hw_version, the return value of
qemu_hw_version() is broken, because it will change when
upgrading QEMU.
For those reasons, using qemu_hw_version() is strongly
discouraged, and should be used only in code that used
QEMU_VERSION in the past and needs to keep compatibility.
To fix (2), instead of making every machine broken by default
unless they set hw_version, make qemu_hw_version() simply return
"2.5+" if qemu_set_hw_version() is not called.
Suggested-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
This code has been dead for three years (since commit 7e7b7cba1).
Signed-off-by: Alberto Garcia <berto@igalia.com>
Signed-off-by: Stefano Stabellini <stefano.stabellini@eu.citrix.com>
Reviewed-by: Stefano Stabellini <stefano.stabellini@eu.citrix.com>
The device's guest interface and its QEMU user interface are
flawed^Whotly debated. We'll resolve that in the next development
cycle, probably by deprecating the device in favour of a cleaned up,
but not quite compatible revision.
To avoid adding more baggage to the soon-to-be-deprecated interface,
mark property "memdev" as experimental, by renaming it to "x-memdev".
It's the only recent user interface change.
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Message-Id: <1448384789-14830-6-git-send-email-armbru@redhat.com>
[Update of qemu-doc.texi squashed in]
Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com>
If the device isn't found, the assertion uses dev without
initialization. Fix that.
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Message-Id: <1448384789-14830-4-git-send-email-armbru@redhat.com>
Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com>
The example suggests you can omit "shm". This isn't true; you must
specify exactly one of "shm", "chardev", "memdev". Fix it.
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Message-Id: <1448384789-14830-3-git-send-email-armbru@redhat.com>
Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Use @var{foo} like we do everywhere else, not <foo>.
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Message-Id: <1448384789-14830-2-git-send-email-armbru@redhat.com>
Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Commit 5f81724d made PIO read requests async but didn't add the
relevant block_acct_failed() and block_acct_invalid() calls.
Signed-off-by: Alberto Garcia <berto@igalia.com>
Reviewed-by: John Snow <jsnow@redhat.com>
Message-id: 9b87e09d61019c128139b6c999ed0c07f0674170.1448367341.git.berto@igalia.com
Signed-off-by: John Snow <jsnow@redhat.com>
Final tidying: move the interrupt wait into the loop,
document that the status read clears the IRQ, and move
the final interrupt check outside of the loop.
This should be functionally equivalent to how it works
currently, but a little less ambiguous and slightly more
explicit about the state transitions.
Signed-off-by: John Snow <jsnow@redhat.com>
Reviewed-by: Kevin Wolf <kwolf@redhat.com>
Message-id: 1448060035-31973-3-git-send-email-jsnow@redhat.com
The checks for the unallocated encodings in the ldst_excl group
(exclusives and load-acquire/store-release) were not correct. This
error meant that in turn we ended up with code attempting to handle
the non-existent case of "non-exclusive load-acquire/store-release
pair". Delete that broken and now unreachable code.
Reported-by: Laurent Desnogues <laurent.desnogues@gmail.com>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Laurent Desnogues <laurent.desnogues@gmail.com>
Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com>
Reviewed-by: Sergey Fedorov <serge.fdrv@gmail.com>
In an LPAE format descriptor in ARMv8 the address field extends
up to bit 47, not just bit 39. Correct the masking so we don't
give incorrect results if the output address size is greater
than 40 bits, as it can be for AArch64.
(Note that we don't yet support the new-in-v8 Address Size fault which
should be generated if any translation table entry or TTBR contains
an address with non-zero bits above the most significant bit of the
maximum output address size.)
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Laurent Desnogues <laurent.desnogues@gmail.com>
Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com>
Message-id: 1448029971-9875-1-git-send-email-peter.maydell@linaro.org
The uses of the CONFIG_GDBSTUB_XML define were removed in commit
b77abd95a9, but the define in aarch64-linux-user.mak somehow
escaped the cull (the patchset probably crossed in the mail with
the patches adding aarch64 support). Remove the stray define.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Laurent Desnogues <laurent.desnogues@gmail.com>
Message-id: 1447690178-4560-1-git-send-email-peter.maydell@linaro.org
The minimum RAM check logic for the Xiilnx EP108 was off by one,
which caused a false positive. Correct the logic to only print
warnings when the RAM is below 0x8000000.
Signed-off-by: Alistair Francis <alistair.francis@xilinx.com>
Message-id: fba8112ca7b01efd72553332b8045ecf107b7662.1448021100.git.alistair.francis@xilinx.com
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
CP0.Status.KX/SX/UX bits are responsible for enabling access to 64-bit
Kernel/Supervisor/User Segments. If bit is cleared an access to
corresponding segment should generate Address Error Exception.
However, the guest may still be able to access some pages belonging to
the disabled 64-bit segment because we forget to flush QEMU TLB.
This patch fixes it.
Signed-off-by: Leon Alrae <leon.alrae@imgtec.com>
Commit 01f7288579 ("target-mips: Status.UX/SX/KX enable 32-bit address
wrapping") added a new hflag MIPS_HFLAG_AWRAP, which indicates that
64-bit addressing is disallowed in the current mode, so hflag users
don't need to worry about the complexities of working that out, for
example checking both MIPS_HFLAG_KSU and MIPS_HFLAG_UX.
However when exceptions are taken outside of exception level,
mips_cpu_do_interrupt() manipulates the env->hflags directly rather than
using compute_hflags() to update them, and this code wasn't updated
accordingly. As a result, when UX is cleared, MIPS_HFLAG_AWRAP is set,
but it doesn't get cleared on entry back into kernel mode due to an
exception. Kernel mode then cannot access the 64-bit segments resulting
in a nested exception loop. The same applies to errors and debug
exceptions.
Fix by updating mips_cpu_do_interrupt() to clear the MIPS_HFLAG_WRAP
flag when necessary, according to compute_hflags().
Fixes: 01f7288579 ("target-mips: Status.UX/SX/KX enable 32-bit...")
Signed-off-by: James Hogan <james.hogan@imgtec.com>
Cc: Leon Alrae <leon.alrae@imgtec.com>
Cc: Aurelien Jarno <aurelien@aurel32.net>
Reviewed-by: Leon Alrae <leon.alrae@imgtec.com>
Signed-off-by: Leon Alrae <leon.alrae@imgtec.com>
