Merge remote-tracking branch 'remotes/riku/tags/pull-linux-user-20171120' into staging
late linux-user fixes for Qemu 2.11
# gpg: Signature made Mon 20 Nov 2017 21:19:00 GMT
# gpg: using RSA key 0xB44890DEDE3C9BC0
# gpg: Good signature from "Riku Voipio <riku.voipio@iki.fi>"
# gpg: aka "Riku Voipio <riku.voipio@linaro.org>"
# Primary key fingerprint: FF82 03C8 C391 98AE 0581 41EF B448 90DE DE3C 9BC0
* remotes/riku/tags/pull-linux-user-20171120:
linux-user: Fix calculation of auxv length
linux-user: Handle rt_sigaction correctly for SPARC
linux-user/sparc: Put address for data faults where linux-user expects it
linux-user/ppc: Report correct fault address for data faults
linux-user/s390x: Mask si_addr for SIGSEGV
linux-user: return EINVAL from prctl(PR_*_SECCOMP)
linux-user: fix 'finshed' typo in comment
linux-user/syscall.c: Handle SH4's exceptional alignment for p{read, write}64
linux-user: Handle TARGET_MAP_STACK and TARGET_MAP_HUGETLB
linux-user/hppa: Fix TARGET_F_RDLCK, TARGET_F_WRLCK, TARGET_F_UNLCK
linux-user/hppa: Fix TARGET_MAP_TYPE
linux-user/hppa: Fix typo for TARGET_NR_epoll_wait
linux-user/hppa: Fix cpu_clone_regs
linux-user/hppa: Fix TARGET_SA_* defines
linux-user: Restrict usage of sa_restorer
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
diff --git a/MAINTAINERS b/MAINTAINERS
index 0cd4d02..83434e0 100644
--- a/MAINTAINERS
+++ b/MAINTAINERS
@@ -564,6 +564,23 @@
S: Maintained
F: hw/arm/netduino2.c
+SmartFusion2
+M: Subbaraya Sundeep <sundeep.lkml@gmail.com>
+S: Maintained
+F: hw/arm/msf2-soc.c
+F: hw/misc/msf2-sysreg.c
+F: hw/timer/mss-timer.c
+F: hw/ssi/mss-spi.c
+F: include/hw/arm/msf2-soc.h
+F: include/hw/misc/msf2-sysreg.h
+F: include/hw/timer/mss-timer.h
+F: include/hw/ssi/mss-spi.h
+
+Emcraft M2S-FG484
+M: Subbaraya Sundeep <sundeep.lkml@gmail.com>
+S: Maintained
+F: hw/arm/msf2-som.c
+
CRIS Machines
-------------
Axis Dev88
@@ -1166,6 +1183,11 @@
S: Maintained
F: hw/net/e1000e*
+eepro100
+M: Stefan Weil <sw@weilnetz.de>
+S: Maintained
+F: hw/net/eepro100.c
+
Generic Loader
M: Alistair Francis <alistair.francis@xilinx.com>
S: Maintained
diff --git a/Makefile b/Makefile
index 0496c50..d2e31d9 100644
--- a/Makefile
+++ b/Makefile
@@ -6,7 +6,7 @@
# Before including a proper config-host.mak, assume we are in the source tree
SRC_PATH=.
-UNCHECKED_GOALS := %clean TAGS cscope ctags docker docker-%
+UNCHECKED_GOALS := %clean TAGS cscope ctags docker docker-% help
# All following code might depend on configuration variables
ifneq ($(wildcard config-host.mak),)
@@ -405,7 +405,7 @@
CAP_CFLAGS += -DCAPSTONE_HAS_X86
subdir-capstone: .git-submodule-status
- $(call quiet-command,$(MAKE) -C $(SRC_PATH)/capstone CAPSTONE_SHARED=no BUILDDIR="$(BUILD_DIR)/capstone" CC="$(CC)" AR="$(AR)" LD="$(LD)" CFLAGS="$(CAP_CFLAGS)" $(SUBDIR_MAKEFLAGS) $(BUILD_DIR)/capstone/$(LIBCAPSTONE))
+ $(call quiet-command,$(MAKE) -C $(SRC_PATH)/capstone CAPSTONE_SHARED=no BUILDDIR="$(BUILD_DIR)/capstone" CC="$(CC)" AR="$(AR)" LD="$(LD)" RANLIB="$(RANLIB)" CFLAGS="$(CAP_CFLAGS)" $(SUBDIR_MAKEFLAGS) $(BUILD_DIR)/capstone/$(LIBCAPSTONE))
$(SUBDIR_RULES): libqemuutil.a $(common-obj-y) $(chardev-obj-y) \
$(qom-obj-y) $(crypto-aes-obj-$(CONFIG_USER_ONLY))
diff --git a/VERSION b/VERSION
index 098bbf1..2b4095b 100644
--- a/VERSION
+++ b/VERSION
@@ -1 +1 @@
-2.10.90
+2.10.91
diff --git a/accel/tcg/atomic_template.h b/accel/tcg/atomic_template.h
index b400b2a..1c7c175 100644
--- a/accel/tcg/atomic_template.h
+++ b/accel/tcg/atomic_template.h
@@ -62,7 +62,9 @@
ABI_TYPE cmpv, ABI_TYPE newv EXTRA_ARGS)
{
DATA_TYPE *haddr = ATOMIC_MMU_LOOKUP;
- return atomic_cmpxchg__nocheck(haddr, cmpv, newv);
+ DATA_TYPE ret = atomic_cmpxchg__nocheck(haddr, cmpv, newv);
+ ATOMIC_MMU_CLEANUP;
+ return ret;
}
#if DATA_SIZE >= 16
@@ -70,6 +72,7 @@
{
DATA_TYPE val, *haddr = ATOMIC_MMU_LOOKUP;
__atomic_load(haddr, &val, __ATOMIC_RELAXED);
+ ATOMIC_MMU_CLEANUP;
return val;
}
@@ -78,13 +81,16 @@
{
DATA_TYPE *haddr = ATOMIC_MMU_LOOKUP;
__atomic_store(haddr, &val, __ATOMIC_RELAXED);
+ ATOMIC_MMU_CLEANUP;
}
#else
ABI_TYPE ATOMIC_NAME(xchg)(CPUArchState *env, target_ulong addr,
ABI_TYPE val EXTRA_ARGS)
{
DATA_TYPE *haddr = ATOMIC_MMU_LOOKUP;
- return atomic_xchg__nocheck(haddr, val);
+ DATA_TYPE ret = atomic_xchg__nocheck(haddr, val);
+ ATOMIC_MMU_CLEANUP;
+ return ret;
}
#define GEN_ATOMIC_HELPER(X) \
@@ -92,8 +98,10 @@
ABI_TYPE val EXTRA_ARGS) \
{ \
DATA_TYPE *haddr = ATOMIC_MMU_LOOKUP; \
- return atomic_##X(haddr, val); \
-} \
+ DATA_TYPE ret = atomic_##X(haddr, val); \
+ ATOMIC_MMU_CLEANUP; \
+ return ret; \
+}
GEN_ATOMIC_HELPER(fetch_add)
GEN_ATOMIC_HELPER(fetch_and)
@@ -123,7 +131,9 @@
ABI_TYPE cmpv, ABI_TYPE newv EXTRA_ARGS)
{
DATA_TYPE *haddr = ATOMIC_MMU_LOOKUP;
- return BSWAP(atomic_cmpxchg__nocheck(haddr, BSWAP(cmpv), BSWAP(newv)));
+ DATA_TYPE ret = atomic_cmpxchg__nocheck(haddr, BSWAP(cmpv), BSWAP(newv));
+ ATOMIC_MMU_CLEANUP;
+ return BSWAP(ret);
}
#if DATA_SIZE >= 16
@@ -131,6 +141,7 @@
{
DATA_TYPE val, *haddr = ATOMIC_MMU_LOOKUP;
__atomic_load(haddr, &val, __ATOMIC_RELAXED);
+ ATOMIC_MMU_CLEANUP;
return BSWAP(val);
}
@@ -140,13 +151,16 @@
DATA_TYPE *haddr = ATOMIC_MMU_LOOKUP;
val = BSWAP(val);
__atomic_store(haddr, &val, __ATOMIC_RELAXED);
+ ATOMIC_MMU_CLEANUP;
}
#else
ABI_TYPE ATOMIC_NAME(xchg)(CPUArchState *env, target_ulong addr,
ABI_TYPE val EXTRA_ARGS)
{
DATA_TYPE *haddr = ATOMIC_MMU_LOOKUP;
- return BSWAP(atomic_xchg__nocheck(haddr, BSWAP(val)));
+ ABI_TYPE ret = atomic_xchg__nocheck(haddr, BSWAP(val));
+ ATOMIC_MMU_CLEANUP;
+ return BSWAP(ret);
}
#define GEN_ATOMIC_HELPER(X) \
@@ -154,7 +168,9 @@
ABI_TYPE val EXTRA_ARGS) \
{ \
DATA_TYPE *haddr = ATOMIC_MMU_LOOKUP; \
- return BSWAP(atomic_##X(haddr, BSWAP(val))); \
+ DATA_TYPE ret = atomic_##X(haddr, BSWAP(val)); \
+ ATOMIC_MMU_CLEANUP; \
+ return BSWAP(ret); \
}
GEN_ATOMIC_HELPER(fetch_and)
@@ -180,6 +196,7 @@
sto = BSWAP(ret + val);
ldn = atomic_cmpxchg__nocheck(haddr, ldo, sto);
if (ldn == ldo) {
+ ATOMIC_MMU_CLEANUP;
return ret;
}
ldo = ldn;
@@ -198,6 +215,7 @@
sto = BSWAP(ret);
ldn = atomic_cmpxchg__nocheck(haddr, ldo, sto);
if (ldn == ldo) {
+ ATOMIC_MMU_CLEANUP;
return ret;
}
ldo = ldn;
diff --git a/accel/tcg/cpu-exec.c b/accel/tcg/cpu-exec.c
index 61297f8..9b544d8 100644
--- a/accel/tcg/cpu-exec.c
+++ b/accel/tcg/cpu-exec.c
@@ -470,48 +470,51 @@
static inline bool cpu_handle_exception(CPUState *cpu, int *ret)
{
- if (cpu->exception_index >= 0) {
- if (cpu->exception_index >= EXCP_INTERRUPT) {
- /* exit request from the cpu execution loop */
- *ret = cpu->exception_index;
- if (*ret == EXCP_DEBUG) {
- cpu_handle_debug_exception(cpu);
- }
- cpu->exception_index = -1;
- return true;
- } else {
-#if defined(CONFIG_USER_ONLY)
- /* if user mode only, we simulate a fake exception
- which will be handled outside the cpu execution
- loop */
-#if defined(TARGET_I386)
- CPUClass *cc = CPU_GET_CLASS(cpu);
- cc->do_interrupt(cpu);
-#endif
- *ret = cpu->exception_index;
- cpu->exception_index = -1;
- return true;
-#else
- if (replay_exception()) {
- CPUClass *cc = CPU_GET_CLASS(cpu);
- qemu_mutex_lock_iothread();
- cc->do_interrupt(cpu);
- qemu_mutex_unlock_iothread();
- cpu->exception_index = -1;
- } else if (!replay_has_interrupt()) {
- /* give a chance to iothread in replay mode */
- *ret = EXCP_INTERRUPT;
- return true;
- }
-#endif
- }
+ if (cpu->exception_index < 0) {
#ifndef CONFIG_USER_ONLY
- } else if (replay_has_exception()
+ if (replay_has_exception()
&& cpu->icount_decr.u16.low + cpu->icount_extra == 0) {
- /* try to cause an exception pending in the log */
- cpu_exec_nocache(cpu, 1, tb_find(cpu, NULL, 0, curr_cflags()), true);
- *ret = -1;
+ /* try to cause an exception pending in the log */
+ cpu_exec_nocache(cpu, 1, tb_find(cpu, NULL, 0, curr_cflags()), true);
+ }
+#endif
+ if (cpu->exception_index < 0) {
+ return false;
+ }
+ }
+
+ if (cpu->exception_index >= EXCP_INTERRUPT) {
+ /* exit request from the cpu execution loop */
+ *ret = cpu->exception_index;
+ if (*ret == EXCP_DEBUG) {
+ cpu_handle_debug_exception(cpu);
+ }
+ cpu->exception_index = -1;
return true;
+ } else {
+#if defined(CONFIG_USER_ONLY)
+ /* if user mode only, we simulate a fake exception
+ which will be handled outside the cpu execution
+ loop */
+#if defined(TARGET_I386)
+ CPUClass *cc = CPU_GET_CLASS(cpu);
+ cc->do_interrupt(cpu);
+#endif
+ *ret = cpu->exception_index;
+ cpu->exception_index = -1;
+ return true;
+#else
+ if (replay_exception()) {
+ CPUClass *cc = CPU_GET_CLASS(cpu);
+ qemu_mutex_lock_iothread();
+ cc->do_interrupt(cpu);
+ qemu_mutex_unlock_iothread();
+ cpu->exception_index = -1;
+ } else if (!replay_has_interrupt()) {
+ /* give a chance to iothread in replay mode */
+ *ret = EXCP_INTERRUPT;
+ return true;
+ }
#endif
}
@@ -522,6 +525,19 @@
TranslationBlock **last_tb)
{
CPUClass *cc = CPU_GET_CLASS(cpu);
+ int32_t insns_left;
+
+ /* Clear the interrupt flag now since we're processing
+ * cpu->interrupt_request and cpu->exit_request.
+ */
+ insns_left = atomic_read(&cpu->icount_decr.u32);
+ atomic_set(&cpu->icount_decr.u16.high, 0);
+ if (unlikely(insns_left < 0)) {
+ /* Ensure the zeroing of icount_decr comes before the next read
+ * of cpu->exit_request or cpu->interrupt_request.
+ */
+ smp_mb();
+ }
if (unlikely(atomic_read(&cpu->interrupt_request))) {
int interrupt_request;
@@ -618,17 +634,14 @@
*last_tb = NULL;
insns_left = atomic_read(&cpu->icount_decr.u32);
- atomic_set(&cpu->icount_decr.u16.high, 0);
if (insns_left < 0) {
/* Something asked us to stop executing chained TBs; just
* continue round the main loop. Whatever requested the exit
* will also have set something else (eg exit_request or
- * interrupt_request) which we will handle next time around
- * the loop. But we need to ensure the zeroing of icount_decr
- * comes before the next read of cpu->exit_request
- * or cpu->interrupt_request.
+ * interrupt_request) which will be handled by
+ * cpu_handle_interrupt. cpu_handle_interrupt will also
+ * clear cpu->icount_decr.u16.high.
*/
- smp_mb();
return;
}
diff --git a/accel/tcg/cputlb.c b/accel/tcg/cputlb.c
index a23919c..d071ca4 100644
--- a/accel/tcg/cputlb.c
+++ b/accel/tcg/cputlb.c
@@ -1041,6 +1041,7 @@
#define ATOMIC_NAME(X) \
HELPER(glue(glue(glue(atomic_ ## X, SUFFIX), END), _mmu))
#define ATOMIC_MMU_LOOKUP atomic_mmu_lookup(env, addr, oi, retaddr)
+#define ATOMIC_MMU_CLEANUP do { } while (0)
#define DATA_SIZE 1
#include "atomic_template.h"
diff --git a/accel/tcg/translate-all.c b/accel/tcg/translate-all.c
index 34c5e28..e7f0329 100644
--- a/accel/tcg/translate-all.c
+++ b/accel/tcg/translate-all.c
@@ -352,36 +352,42 @@
return 0;
}
-bool cpu_restore_state(CPUState *cpu, uintptr_t retaddr)
+bool cpu_restore_state(CPUState *cpu, uintptr_t host_pc)
{
TranslationBlock *tb;
bool r = false;
+ uintptr_t check_offset;
- /* A retaddr of zero is invalid so we really shouldn't have ended
- * up here. The target code has likely forgotten to check retaddr
- * != 0 before attempting to restore state. We return early to
- * avoid blowing up on a recursive tb_lock(). The target must have
- * previously survived a failed cpu_restore_state because
- * tb_find_pc(0) would have failed anyway. It still should be
- * fixed though.
+ /* The host_pc has to be in the region of current code buffer. If
+ * it is not we will not be able to resolve it here. The two cases
+ * where host_pc will not be correct are:
+ *
+ * - fault during translation (instruction fetch)
+ * - fault from helper (not using GETPC() macro)
+ *
+ * Either way we need return early to avoid blowing up on a
+ * recursive tb_lock() as we can't resolve it here.
+ *
+ * We are using unsigned arithmetic so if host_pc <
+ * tcg_init_ctx.code_gen_buffer check_offset will wrap to way
+ * above the code_gen_buffer_size
*/
+ check_offset = host_pc - (uintptr_t) tcg_init_ctx.code_gen_buffer;
- if (!retaddr) {
- return r;
- }
-
- tb_lock();
- tb = tb_find_pc(retaddr);
- if (tb) {
- cpu_restore_state_from_tb(cpu, tb, retaddr);
- if (tb->cflags & CF_NOCACHE) {
- /* one-shot translation, invalidate it immediately */
- tb_phys_invalidate(tb, -1);
- tb_remove(tb);
+ if (check_offset < tcg_init_ctx.code_gen_buffer_size) {
+ tb_lock();
+ tb = tb_find_pc(host_pc);
+ if (tb) {
+ cpu_restore_state_from_tb(cpu, tb, host_pc);
+ if (tb->cflags & CF_NOCACHE) {
+ /* one-shot translation, invalidate it immediately */
+ tb_phys_invalidate(tb, -1);
+ tb_remove(tb);
+ }
+ r = true;
}
- r = true;
+ tb_unlock();
}
- tb_unlock();
return r;
}
diff --git a/accel/tcg/user-exec.c b/accel/tcg/user-exec.c
index 492ea08..0324ba8 100644
--- a/accel/tcg/user-exec.c
+++ b/accel/tcg/user-exec.c
@@ -39,6 +39,8 @@
#include <sys/ucontext.h>
#endif
+__thread uintptr_t helper_retaddr;
+
//#define DEBUG_SIGNAL
/* exit the current TB from a signal handler. The host registers are
@@ -62,6 +64,27 @@
CPUClass *cc;
int ret;
+ /* We must handle PC addresses from two different sources:
+ * a call return address and a signal frame address.
+ *
+ * Within cpu_restore_state_from_tb we assume the former and adjust
+ * the address by -GETPC_ADJ so that the address is within the call
+ * insn so that addr does not accidentally match the beginning of the
+ * next guest insn.
+ *
+ * However, when the PC comes from the signal frame, it points to
+ * the actual faulting host insn and not a call insn. Subtracting
+ * GETPC_ADJ in that case may accidentally match the previous guest insn.
+ *
+ * So for the later case, adjust forward to compensate for what
+ * will be done later by cpu_restore_state_from_tb.
+ */
+ if (helper_retaddr) {
+ pc = helper_retaddr;
+ } else {
+ pc += GETPC_ADJ;
+ }
+
/* For synchronous signals we expect to be coming from the vCPU
* thread (so current_cpu should be valid) and either from running
* code or during translation which can fault as we cross pages.
@@ -84,21 +107,24 @@
switch (page_unprotect(h2g(address), pc)) {
case 0:
/* Fault not caused by a page marked unwritable to protect
- * cached translations, must be the guest binary's problem
+ * cached translations, must be the guest binary's problem.
*/
break;
case 1:
/* Fault caused by protection of cached translation; TBs
- * invalidated, so resume execution
+ * invalidated, so resume execution. Retain helper_retaddr
+ * for a possible second fault.
*/
return 1;
case 2:
/* Fault caused by protection of cached translation, and the
* currently executing TB was modified and must be exited
- * immediately.
+ * immediately. Clear helper_retaddr for next execution.
*/
+ helper_retaddr = 0;
cpu_exit_tb_from_sighandler(cpu, old_set);
- g_assert_not_reached();
+ /* NORETURN */
+
default:
g_assert_not_reached();
}
@@ -112,17 +138,25 @@
/* see if it is an MMU fault */
g_assert(cc->handle_mmu_fault);
ret = cc->handle_mmu_fault(cpu, address, is_write, MMU_USER_IDX);
+
+ if (ret == 0) {
+ /* The MMU fault was handled without causing real CPU fault.
+ * Retain helper_retaddr for a possible second fault.
+ */
+ return 1;
+ }
+
+ /* All other paths lead to cpu_exit; clear helper_retaddr
+ * for next execution.
+ */
+ helper_retaddr = 0;
+
if (ret < 0) {
return 0; /* not an MMU fault */
}
- if (ret == 0) {
- return 1; /* the MMU fault was handled without causing real CPU fault */
- }
- /* Now we have a real cpu fault. Since this is the exact location of
- * the exception, we must undo the adjustment done by cpu_restore_state
- * for handling call return addresses. */
- cpu_restore_state(cpu, pc + GETPC_ADJ);
+ /* Now we have a real cpu fault. */
+ cpu_restore_state(cpu, pc);
sigprocmask(SIG_SETMASK, old_set, NULL);
cpu_loop_exit(cpu);
@@ -585,11 +619,13 @@
if (unlikely(addr & (size - 1))) {
cpu_loop_exit_atomic(ENV_GET_CPU(env), retaddr);
}
+ helper_retaddr = retaddr;
return g2h(addr);
}
/* Macro to call the above, with local variables from the use context. */
#define ATOMIC_MMU_LOOKUP atomic_mmu_lookup(env, addr, DATA_SIZE, GETPC())
+#define ATOMIC_MMU_CLEANUP do { helper_retaddr = 0; } while (0)
#define ATOMIC_NAME(X) HELPER(glue(glue(atomic_ ## X, SUFFIX), END))
#define EXTRA_ARGS
diff --git a/block.c b/block.c
index 684cb01..6c8ef98 100644
--- a/block.c
+++ b/block.c
@@ -261,6 +261,11 @@
return 0;
}
+/* TODO Remove (deprecated since 2.11)
+ * Block drivers are not supposed to automatically change bs->read_only.
+ * Instead, they should just check whether they can provide what the user
+ * explicitly requested and error out if read-write is requested, but they can
+ * only provide read-only access. */
int bdrv_set_read_only(BlockDriverState *bs, bool read_only, Error **errp)
{
int ret = 0;
@@ -715,6 +720,10 @@
{
BlockDriver *drv = bs->drv;
+ if (!drv) {
+ return -ENOMEDIUM;
+ }
+
/* Do not attempt drv->bdrv_getlength() on scsi-generic devices */
if (bdrv_is_sg(bs))
return 0;
@@ -998,7 +1007,7 @@
ret = bdrv_change_backing_file(parent, filename,
base->drv ? base->drv->format_name : "");
if (ret < 0) {
- error_setg_errno(errp, ret, "Could not update backing file link");
+ error_setg_errno(errp, -ret, "Could not update backing file link");
}
if (!(orig_flags & BDRV_O_RDWR)) {
@@ -3069,19 +3078,26 @@
const QDictEntry *entry = qdict_first(reopen_state->options);
do {
- QString *new_obj = qobject_to_qstring(entry->value);
- const char *new = qstring_get_str(new_obj);
- /*
- * Caution: while qdict_get_try_str() is fine, getting
- * non-string types would require more care. When
- * bs->options come from -blockdev or blockdev_add, its
- * members are typed according to the QAPI schema, but
- * when they come from -drive, they're all QString.
- */
- const char *old = qdict_get_try_str(reopen_state->bs->options,
- entry->key);
+ QObject *new = entry->value;
+ QObject *old = qdict_get(reopen_state->bs->options, entry->key);
- if (!old || strcmp(new, old)) {
+ /*
+ * TODO: When using -drive to specify blockdev options, all values
+ * will be strings; however, when using -blockdev, blockdev-add or
+ * filenames using the json:{} pseudo-protocol, they will be
+ * correctly typed.
+ * In contrast, reopening options are (currently) always strings
+ * (because you can only specify them through qemu-io; all other
+ * callers do not specify any options).
+ * Therefore, when using anything other than -drive to create a BDS,
+ * this cannot detect non-string options as unchanged, because
+ * qobject_is_equal() always returns false for objects of different
+ * type. In the future, this should be remedied by correctly typing
+ * all options. For now, this is not too big of an issue because
+ * the user can simply omit options which cannot be changed anyway,
+ * so they will stay unchanged.
+ */
+ if (!qobject_is_equal(new, old)) {
error_setg(errp, "Cannot change the option '%s'", entry->key);
ret = -EINVAL;
goto error;
@@ -3419,6 +3435,10 @@
BlockDriver *drv = bs->drv;
int ret;
+ if (!drv) {
+ return -ENOMEDIUM;
+ }
+
/* Backing file format doesn't make sense without a backing file */
if (backing_fmt && !backing_file) {
return -EINVAL;
@@ -3904,7 +3924,9 @@
int bdrv_has_zero_init(BlockDriverState *bs)
{
- assert(bs->drv);
+ if (!bs->drv) {
+ return 0;
+ }
/* If BS is a copy on write image, it is initialized to
the contents of the base image, which may not be zeroes. */
@@ -4169,7 +4191,29 @@
}
}
+ /*
+ * Update permissions, they may differ for inactive nodes.
+ *
+ * Note that the required permissions of inactive images are always a
+ * subset of the permissions required after activating the image. This
+ * allows us to just get the permissions upfront without restricting
+ * drv->bdrv_invalidate_cache().
+ *
+ * It also means that in error cases, we don't have to try and revert to
+ * the old permissions (which is an operation that could fail, too). We can
+ * just keep the extended permissions for the next time that an activation
+ * of the image is tried.
+ */
bs->open_flags &= ~BDRV_O_INACTIVE;
+ bdrv_get_cumulative_perm(bs, &perm, &shared_perm);
+ ret = bdrv_check_perm(bs, NULL, perm, shared_perm, NULL, &local_err);
+ if (ret < 0) {
+ bs->open_flags |= BDRV_O_INACTIVE;
+ error_propagate(errp, local_err);
+ return;
+ }
+ bdrv_set_perm(bs, perm, shared_perm);
+
if (bs->drv->bdrv_invalidate_cache) {
bs->drv->bdrv_invalidate_cache(bs, &local_err);
if (local_err) {
@@ -4186,16 +4230,6 @@
return;
}
- /* Update permissions, they may differ for inactive nodes */
- bdrv_get_cumulative_perm(bs, &perm, &shared_perm);
- ret = bdrv_check_perm(bs, NULL, perm, shared_perm, NULL, &local_err);
- if (ret < 0) {
- bs->open_flags |= BDRV_O_INACTIVE;
- error_propagate(errp, local_err);
- return;
- }
- bdrv_set_perm(bs, perm, shared_perm);
-
QLIST_FOREACH(parent, &bs->parents, next_parent) {
if (parent->role->activate) {
parent->role->activate(parent, &local_err);
@@ -4221,6 +4255,7 @@
aio_context_release(aio_context);
if (local_err) {
error_propagate(errp, local_err);
+ bdrv_next_cleanup(&it);
return;
}
}
@@ -4232,6 +4267,10 @@
BdrvChild *child, *parent;
int ret;
+ if (!bs->drv) {
+ return -ENOMEDIUM;
+ }
+
if (!setting_flag && bs->drv->bdrv_inactivate) {
ret = bs->drv->bdrv_inactivate(bs);
if (ret < 0) {
@@ -4292,6 +4331,7 @@
for (bs = bdrv_first(&it); bs; bs = bdrv_next(&it)) {
ret = bdrv_inactivate_recurse(bs, pass);
if (ret < 0) {
+ bdrv_next_cleanup(&it);
goto out;
}
}
@@ -4766,6 +4806,9 @@
int bdrv_amend_options(BlockDriverState *bs, QemuOpts *opts,
BlockDriverAmendStatusCB *status_cb, void *cb_opaque)
{
+ if (!bs->drv) {
+ return -ENOMEDIUM;
+ }
if (!bs->drv->bdrv_amend_options) {
return -ENOTSUP;
}
@@ -4823,6 +4866,7 @@
/* candidate is the first non filter */
if (perm) {
+ bdrv_next_cleanup(&it);
return true;
}
}
diff --git a/block/block-backend.c b/block/block-backend.c
index 45d9101..5836cb3 100644
--- a/block/block-backend.c
+++ b/block/block-backend.c
@@ -442,21 +442,37 @@
* the monitor or attached to a BlockBackend */
BlockDriverState *bdrv_next(BdrvNextIterator *it)
{
- BlockDriverState *bs;
+ BlockDriverState *bs, *old_bs;
+
+ /* Must be called from the main loop */
+ assert(qemu_get_current_aio_context() == qemu_get_aio_context());
/* First, return all root nodes of BlockBackends. In order to avoid
* returning a BDS twice when multiple BBs refer to it, we only return it
* if the BB is the first one in the parent list of the BDS. */
if (it->phase == BDRV_NEXT_BACKEND_ROOTS) {
+ BlockBackend *old_blk = it->blk;
+
+ old_bs = old_blk ? blk_bs(old_blk) : NULL;
+
do {
it->blk = blk_all_next(it->blk);
bs = it->blk ? blk_bs(it->blk) : NULL;
} while (it->blk && (bs == NULL || bdrv_first_blk(bs) != it->blk));
+ if (it->blk) {
+ blk_ref(it->blk);
+ }
+ blk_unref(old_blk);
+
if (bs) {
+ bdrv_ref(bs);
+ bdrv_unref(old_bs);
return bs;
}
it->phase = BDRV_NEXT_MONITOR_OWNED;
+ } else {
+ old_bs = it->bs;
}
/* Then return the monitor-owned BDSes without a BB attached. Ignore all
@@ -467,18 +483,46 @@
bs = it->bs;
} while (bs && bdrv_has_blk(bs));
+ if (bs) {
+ bdrv_ref(bs);
+ }
+ bdrv_unref(old_bs);
+
return bs;
}
-BlockDriverState *bdrv_first(BdrvNextIterator *it)
+static void bdrv_next_reset(BdrvNextIterator *it)
{
*it = (BdrvNextIterator) {
.phase = BDRV_NEXT_BACKEND_ROOTS,
};
+}
+BlockDriverState *bdrv_first(BdrvNextIterator *it)
+{
+ bdrv_next_reset(it);
return bdrv_next(it);
}
+/* Must be called when aborting a bdrv_next() iteration before
+ * bdrv_next() returns NULL */
+void bdrv_next_cleanup(BdrvNextIterator *it)
+{
+ /* Must be called from the main loop */
+ assert(qemu_get_current_aio_context() == qemu_get_aio_context());
+
+ if (it->phase == BDRV_NEXT_BACKEND_ROOTS) {
+ if (it->blk) {
+ bdrv_unref(blk_bs(it->blk));
+ blk_unref(it->blk);
+ }
+ } else {
+ bdrv_unref(it->bs);
+ }
+
+ bdrv_next_reset(it);
+}
+
/*
* Add a BlockBackend into the list of backends referenced by the monitor, with
* the given @name acting as the handle for the monitor.
@@ -655,12 +699,16 @@
*/
void blk_remove_bs(BlockBackend *blk)
{
- ThrottleTimers *tt;
+ ThrottleGroupMember *tgm = &blk->public.throttle_group_member;
+ BlockDriverState *bs;
notifier_list_notify(&blk->remove_bs_notifiers, blk);
- if (blk->public.throttle_group_member.throttle_state) {
- tt = &blk->public.throttle_group_member.throttle_timers;
- throttle_timers_detach_aio_context(tt);
+ if (tgm->throttle_state) {
+ bs = blk_bs(blk);
+ bdrv_drained_begin(bs);
+ throttle_group_detach_aio_context(tgm);
+ throttle_group_attach_aio_context(tgm, qemu_get_aio_context());
+ bdrv_drained_end(bs);
}
blk_update_root_state(blk);
@@ -674,6 +722,7 @@
*/
int blk_insert_bs(BlockBackend *blk, BlockDriverState *bs, Error **errp)
{
+ ThrottleGroupMember *tgm = &blk->public.throttle_group_member;
blk->root = bdrv_root_attach_child(bs, "root", &child_root,
blk->perm, blk->shared_perm, blk, errp);
if (blk->root == NULL) {
@@ -682,10 +731,9 @@
bdrv_ref(bs);
notifier_list_notify(&blk->insert_bs_notifiers, blk);
- if (blk->public.throttle_group_member.throttle_state) {
- throttle_timers_attach_aio_context(
- &blk->public.throttle_group_member.throttle_timers,
- bdrv_get_aio_context(bs));
+ if (tgm->throttle_state) {
+ throttle_group_detach_aio_context(tgm);
+ throttle_group_attach_aio_context(tgm, bdrv_get_aio_context(bs));
}
return 0;
@@ -1748,8 +1796,10 @@
if (bs) {
if (tgm->throttle_state) {
+ bdrv_drained_begin(bs);
throttle_group_detach_aio_context(tgm);
throttle_group_attach_aio_context(tgm, new_context);
+ bdrv_drained_end(bs);
}
bdrv_set_aio_context(bs, new_context);
}
@@ -1974,10 +2024,16 @@
void blk_io_limits_disable(BlockBackend *blk)
{
- assert(blk->public.throttle_group_member.throttle_state);
- bdrv_drained_begin(blk_bs(blk));
- throttle_group_unregister_tgm(&blk->public.throttle_group_member);
- bdrv_drained_end(blk_bs(blk));
+ BlockDriverState *bs = blk_bs(blk);
+ ThrottleGroupMember *tgm = &blk->public.throttle_group_member;
+ assert(tgm->throttle_state);
+ if (bs) {
+ bdrv_drained_begin(bs);
+ }
+ throttle_group_unregister_tgm(tgm);
+ if (bs) {
+ bdrv_drained_end(bs);
+ }
}
/* should be called before blk_set_io_limits if a limit is set */
diff --git a/block/bochs.c b/block/bochs.c
index a759b6e..50c6300 100644
--- a/block/bochs.c
+++ b/block/bochs.c
@@ -28,6 +28,7 @@
#include "block/block_int.h"
#include "qemu/module.h"
#include "qemu/bswap.h"
+#include "qemu/error-report.h"
/**************************************************************/
@@ -110,9 +111,15 @@
return -EINVAL;
}
- ret = bdrv_set_read_only(bs, true, errp); /* no write support yet */
- if (ret < 0) {
- return ret;
+ if (!bdrv_is_read_only(bs)) {
+ error_report("Opening bochs images without an explicit read-only=on "
+ "option is deprecated. Future versions will refuse to "
+ "open the image instead of automatically marking the "
+ "image read-only.");
+ ret = bdrv_set_read_only(bs, true, errp); /* no write support yet */
+ if (ret < 0) {
+ return ret;
+ }
}
ret = bdrv_pread(bs->file, 0, &bochs, sizeof(bochs));
diff --git a/block/cloop.c b/block/cloop.c
index d6597fc..2be6898 100644
--- a/block/cloop.c
+++ b/block/cloop.c
@@ -23,6 +23,7 @@
*/
#include "qemu/osdep.h"
#include "qapi/error.h"
+#include "qemu/error-report.h"
#include "qemu-common.h"
#include "block/block_int.h"
#include "qemu/module.h"
@@ -72,9 +73,15 @@
return -EINVAL;
}
- ret = bdrv_set_read_only(bs, true, errp);
- if (ret < 0) {
- return ret;
+ if (!bdrv_is_read_only(bs)) {
+ error_report("Opening cloop images without an explicit read-only=on "
+ "option is deprecated. Future versions will refuse to "
+ "open the image instead of automatically marking the "
+ "image read-only.");
+ ret = bdrv_set_read_only(bs, true, errp);
+ if (ret < 0) {
+ return ret;
+ }
}
/* read header */
diff --git a/block/dmg.c b/block/dmg.c
index 6c0711f..c9b3c51 100644
--- a/block/dmg.c
+++ b/block/dmg.c
@@ -419,9 +419,15 @@
return -EINVAL;
}
- ret = bdrv_set_read_only(bs, true, errp);
- if (ret < 0) {
- return ret;
+ if (!bdrv_is_read_only(bs)) {
+ error_report("Opening dmg images without an explicit read-only=on "
+ "option is deprecated. Future versions will refuse to "
+ "open the image instead of automatically marking the "
+ "image read-only.");
+ ret = bdrv_set_read_only(bs, true, errp);
+ if (ret < 0) {
+ return ret;
+ }
}
block_module_load_one("dmg-bz2");
diff --git a/block/io.c b/block/io.c
index 3d5ef2c..4fdf93a 100644
--- a/block/io.c
+++ b/block/io.c
@@ -853,6 +853,10 @@
assert(!(flags & ~BDRV_REQ_MASK));
+ if (!drv) {
+ return -ENOMEDIUM;
+ }
+
if (drv->bdrv_co_preadv) {
return drv->bdrv_co_preadv(bs, offset, bytes, qiov, flags);
}
@@ -894,6 +898,10 @@
assert(!(flags & ~BDRV_REQ_MASK));
+ if (!drv) {
+ return -ENOMEDIUM;
+ }
+
if (drv->bdrv_co_pwritev) {
ret = drv->bdrv_co_pwritev(bs, offset, bytes, qiov,
flags & bs->supported_write_flags);
@@ -945,6 +953,10 @@
{
BlockDriver *drv = bs->drv;
+ if (!drv) {
+ return -ENOMEDIUM;
+ }
+
if (!drv->bdrv_co_pwritev_compressed) {
return -ENOTSUP;
}
@@ -975,6 +987,10 @@
BDRV_REQUEST_MAX_BYTES);
unsigned int progress = 0;
+ if (!drv) {
+ return -ENOMEDIUM;
+ }
+
/* FIXME We cannot require callers to have write permissions when all they
* are doing is a read request. If we did things right, write permissions
* would be obtained anyway, but internally by the copy-on-read code. As
@@ -1291,6 +1307,10 @@
bs->bl.request_alignment);
int max_transfer = MIN_NON_ZERO(bs->bl.max_transfer, MAX_BOUNCE_BUFFER);
+ if (!drv) {
+ return -ENOMEDIUM;
+ }
+
assert(alignment % bs->bl.request_alignment == 0);
head = offset % alignment;
tail = (offset + bytes) % alignment;
@@ -1397,6 +1417,10 @@
uint64_t bytes_remaining = bytes;
int max_transfer;
+ if (!drv) {
+ return -ENOMEDIUM;
+ }
+
if (bdrv_has_readonly_bitmaps(bs)) {
return -EPERM;
}
@@ -1863,6 +1887,8 @@
bytes = n;
}
+ /* Must be non-NULL or bdrv_getlength() would have failed */
+ assert(bs->drv);
if (!bs->drv->bdrv_co_get_block_status) {
*pnum = bytes;
ret = BDRV_BLOCK_DATA | BDRV_BLOCK_ALLOCATED;
@@ -2373,6 +2399,12 @@
}
BLKDBG_EVENT(bs->file, BLKDBG_FLUSH_TO_DISK);
+ if (!bs->drv) {
+ /* bs->drv->bdrv_co_flush() might have ejected the BDS
+ * (even in case of apparent success) */
+ ret = -ENOMEDIUM;
+ goto out;
+ }
if (bs->drv->bdrv_co_flush_to_disk) {
ret = bs->drv->bdrv_co_flush_to_disk(bs);
} else if (bs->drv->bdrv_aio_flush) {
@@ -2542,6 +2574,10 @@
num = max_pdiscard;
}
+ if (!bs->drv) {
+ ret = -ENOMEDIUM;
+ goto out;
+ }
if (bs->drv->bdrv_co_pdiscard) {
ret = bs->drv->bdrv_co_pdiscard(bs, offset, num);
} else {
diff --git a/block/nbd-client.c b/block/nbd-client.c
index b44d4d4..9206652 100644
--- a/block/nbd-client.c
+++ b/block/nbd-client.c
@@ -78,7 +78,7 @@
while (!s->quit) {
assert(s->reply.handle == 0);
ret = nbd_receive_reply(s->ioc, &s->reply, &local_err);
- if (ret < 0) {
+ if (local_err) {
error_report_err(local_err);
}
if (ret <= 0) {
@@ -216,7 +216,7 @@
offset = payload_advance64(&payload);
hole_size = payload_advance32(&payload);
- if (offset < orig_offset || hole_size > qiov->size ||
+ if (!hole_size || offset < orig_offset || hole_size > qiov->size ||
offset > orig_offset + qiov->size - hole_size) {
error_setg(errp, "Protocol error: server sent chunk exceeding requested"
" region");
@@ -248,7 +248,7 @@
error = nbd_errno_to_system_errno(payload_advance32(&payload));
if (error == 0) {
- error_setg(errp, "Protocol error: server sent structured error chunk"
+ error_setg(errp, "Protocol error: server sent structured error chunk "
"with error = 0");
return -EINVAL;
}
@@ -257,7 +257,7 @@
message_size = payload_advance16(&payload);
if (message_size > chunk->length - sizeof(error) - sizeof(message_size)) {
- error_setg(errp, "Protocol error: server sent structured error chunk"
+ error_setg(errp, "Protocol error: server sent structured error chunk "
"with incorrect message size");
return -EINVAL;
}
@@ -281,7 +281,8 @@
assert(nbd_reply_is_structured(&s->reply));
- if (chunk->length < sizeof(offset)) {
+ /* The NBD spec requires at least one byte of payload */
+ if (chunk->length <= sizeof(offset)) {
error_setg(errp, "Protocol error: invalid payload for "
"NBD_REPLY_TYPE_OFFSET_DATA");
return -EINVAL;
@@ -293,6 +294,7 @@
be64_to_cpus(&offset);
data_size = chunk->length - sizeof(offset);
+ assert(data_size);
if (offset < orig_offset || data_size > qiov->size ||
offset > orig_offset + qiov->size - data_size) {
error_setg(errp, "Protocol error: server sent chunk exceeding requested"
@@ -408,7 +410,12 @@
if (chunk->type == NBD_REPLY_TYPE_NONE) {
if (!(chunk->flags & NBD_REPLY_FLAG_DONE)) {
error_setg(errp, "Protocol error: NBD_REPLY_TYPE_NONE chunk without"
- "NBD_REPLY_FLAG_DONE flag set");
+ " NBD_REPLY_FLAG_DONE flag set");
+ return -EINVAL;
+ }
+ if (chunk->length) {
+ error_setg(errp, "Protocol error: NBD_REPLY_TYPE_NONE chunk with"
+ " nonzero length");
return -EINVAL;
}
return 0;
@@ -674,6 +681,9 @@
assert(bytes <= NBD_MAX_BUFFER_SIZE);
assert(!flags);
+ if (!bytes) {
+ return 0;
+ }
ret = nbd_co_send_request(bs, &request, NULL);
if (ret < 0) {
return ret;
@@ -681,7 +691,7 @@
ret = nbd_co_receive_cmdread_reply(client, request.handle, offset, qiov,
&local_err);
- if (ret < 0) {
+ if (local_err) {
error_report_err(local_err);
}
return ret;
@@ -697,6 +707,7 @@
.len = bytes,
};
+ assert(!(client->info.flags & NBD_FLAG_READ_ONLY));
if (flags & BDRV_REQ_FUA) {
assert(client->info.flags & NBD_FLAG_SEND_FUA);
request.flags |= NBD_CMD_FLAG_FUA;
@@ -704,6 +715,9 @@
assert(bytes <= NBD_MAX_BUFFER_SIZE);
+ if (!bytes) {
+ return 0;
+ }
return nbd_co_request(bs, &request, qiov);
}
@@ -717,6 +731,7 @@
.len = bytes,
};
+ assert(!(client->info.flags & NBD_FLAG_READ_ONLY));
if (!(client->info.flags & NBD_FLAG_SEND_WRITE_ZEROES)) {
return -ENOTSUP;
}
@@ -729,6 +744,9 @@
request.flags |= NBD_CMD_FLAG_NO_HOLE;
}
+ if (!bytes) {
+ return 0;
+ }
return nbd_co_request(bs, &request, NULL);
}
@@ -756,7 +774,8 @@
.len = bytes,
};
- if (!(client->info.flags & NBD_FLAG_SEND_TRIM)) {
+ assert(!(client->info.flags & NBD_FLAG_READ_ONLY));
+ if (!(client->info.flags & NBD_FLAG_SEND_TRIM) || !bytes) {
return 0;
}
@@ -814,6 +833,12 @@
logout("Failed to negotiate with the NBD server\n");
return ret;
}
+ if (client->info.flags & NBD_FLAG_READ_ONLY &&
+ !bdrv_is_read_only(bs)) {
+ error_setg(errp,
+ "request for write access conflicts with read-only export");
+ return -EACCES;
+ }
if (client->info.flags & NBD_FLAG_SEND_FUA) {
bs->supported_write_flags = BDRV_REQ_FUA;
bs->supported_zero_flags |= BDRV_REQ_FUA;
diff --git a/block/parallels.c b/block/parallels.c
index 2b6c6e5..9545761 100644
--- a/block/parallels.c
+++ b/block/parallels.c
@@ -35,6 +35,7 @@
#include "qemu/module.h"
#include "qemu/bswap.h"
#include "qemu/bitmap.h"
+#include "migration/blocker.h"
/**************************************************************/
@@ -100,6 +101,7 @@
unsigned int tracks;
unsigned int off_multiplier;
+ Error *migration_blocker;
} BDRVParallelsState;
@@ -708,7 +710,7 @@
s->prealloc_mode = PRL_PREALLOC_MODE_FALLOCATE;
}
- if (flags & BDRV_O_RDWR) {
+ if ((flags & BDRV_O_RDWR) && !(flags & BDRV_O_INACTIVE)) {
s->header->inuse = cpu_to_le32(HEADER_INUSE_MAGIC);
ret = parallels_update_header(bs);
if (ret < 0) {
@@ -720,6 +722,16 @@
s->bat_dirty_bmap =
bitmap_new(DIV_ROUND_UP(s->header_size, s->bat_dirty_block));
+ /* Disable migration until bdrv_invalidate_cache method is added */
+ error_setg(&s->migration_blocker, "The Parallels format used by node '%s' "
+ "does not support live migration",
+ bdrv_get_device_or_node_name(bs));
+ ret = migrate_add_blocker(s->migration_blocker, &local_err);
+ if (local_err) {
+ error_propagate(errp, local_err);
+ error_free(s->migration_blocker);
+ goto fail;
+ }
qemu_co_mutex_init(&s->lock);
return 0;
@@ -741,18 +753,18 @@
{
BDRVParallelsState *s = bs->opaque;
- if (bs->open_flags & BDRV_O_RDWR) {
+ if ((bs->open_flags & BDRV_O_RDWR) && !(bs->open_flags & BDRV_O_INACTIVE)) {
s->header->inuse = 0;
parallels_update_header(bs);
- }
-
- if (bs->open_flags & BDRV_O_RDWR) {
bdrv_truncate(bs->file, s->data_end << BDRV_SECTOR_BITS,
PREALLOC_MODE_OFF, NULL);
}
g_free(s->bat_dirty_bmap);
qemu_vfree(s->header);
+
+ migrate_del_blocker(s->migration_blocker);
+ error_free(s->migration_blocker);
}
static QemuOptsList parallels_create_opts = {
diff --git a/block/qapi.c b/block/qapi.c
index 7fa2437..fc10f0a 100644
--- a/block/qapi.c
+++ b/block/qapi.c
@@ -39,8 +39,14 @@
{
ImageInfo **p_image_info;
BlockDriverState *bs0;
- BlockDeviceInfo *info = g_malloc0(sizeof(*info));
+ BlockDeviceInfo *info;
+ if (!bs->drv) {
+ error_setg(errp, "Block device %s is ejected", bs->node_name);
+ return NULL;
+ }
+
+ info = g_malloc0(sizeof(*info));
info->file = g_strdup(bs->filename);
info->ro = bs->read_only;
info->drv = g_strdup(bs->drv->format_name);
diff --git a/block/qcow2-cache.c b/block/qcow2-cache.c
index 75746a7..c48ffeb 100644
--- a/block/qcow2-cache.c
+++ b/block/qcow2-cache.c
@@ -62,6 +62,18 @@
return idx;
}
+static inline const char *qcow2_cache_get_name(BDRVQcow2State *s, Qcow2Cache *c)
+{
+ if (c == s->refcount_block_cache) {
+ return "refcount block";
+ } else if (c == s->l2_table_cache) {
+ return "L2 table";
+ } else {
+ /* Do not abort, because this is not critical */
+ return "unknown";
+ }
+}
+
static void qcow2_cache_table_release(BlockDriverState *bs, Qcow2Cache *c,
int i, int num_tables)
{
@@ -73,7 +85,7 @@
size_t mem_size = (size_t) s->cluster_size * num_tables;
size_t offset = QEMU_ALIGN_UP((uintptr_t) t, align) - (uintptr_t) t;
size_t length = QEMU_ALIGN_DOWN(mem_size - offset, align);
- if (length > 0) {
+ if (mem_size > offset && length > 0) {
madvise((uint8_t *) t + offset, length, MADV_DONTNEED);
}
#endif
@@ -314,9 +326,18 @@
uint64_t min_lru_counter = UINT64_MAX;
int min_lru_index = -1;
+ assert(offset != 0);
+
trace_qcow2_cache_get(qemu_coroutine_self(), c == s->l2_table_cache,
offset, read_from_disk);
+ if (offset_into_cluster(s, offset)) {
+ qcow2_signal_corruption(bs, true, -1, -1, "Cannot get entry from %s "
+ "cache: Offset %#" PRIx64 " is unaligned",
+ qcow2_cache_get_name(s, c), offset);
+ return -EIO;
+ }
+
/* Check if the table is already cached */
i = lookup_index = (offset / s->cluster_size * 4) % c->size;
do {
diff --git a/block/qcow2-cluster.c b/block/qcow2-cluster.c
index fb10e26..a3fec27 100644
--- a/block/qcow2-cluster.c
+++ b/block/qcow2-cluster.c
@@ -278,6 +278,14 @@
goto fail;
}
+ /* If we're allocating the table at offset 0 then something is wrong */
+ if (l2_offset == 0) {
+ qcow2_signal_corruption(bs, true, -1, -1, "Preventing invalid "
+ "allocation of L2 table at offset 0");
+ ret = -EIO;
+ goto fail;
+ }
+
ret = qcow2_cache_flush(bs, s->refcount_block_cache);
if (ret < 0) {
goto fail;
@@ -1300,10 +1308,21 @@
(!*host_offset ||
start_of_cluster(s, *host_offset) == (entry & L2E_OFFSET_MASK)))
{
+ int preallocated_nb_clusters;
+
+ if (offset_into_cluster(s, entry & L2E_OFFSET_MASK)) {
+ qcow2_signal_corruption(bs, true, -1, -1, "Preallocated zero "
+ "cluster offset %#llx unaligned (guest "
+ "offset: %#" PRIx64 ")",
+ entry & L2E_OFFSET_MASK, guest_offset);
+ ret = -EIO;
+ goto fail;
+ }
+
/* Try to reuse preallocated zero clusters; contiguous normal clusters
* would be fine, too, but count_cow_clusters() above has limited
* nb_clusters already to a range of COW clusters */
- int preallocated_nb_clusters =
+ preallocated_nb_clusters =
count_contiguous_clusters(nb_clusters, s->cluster_size,
&l2_table[l2_index], QCOW_OFLAG_COPIED);
assert(preallocated_nb_clusters > 0);
diff --git a/block/qcow2-refcount.c b/block/qcow2-refcount.c
index aa3fd6c..3de1ab5 100644
--- a/block/qcow2-refcount.c
+++ b/block/qcow2-refcount.c
@@ -367,6 +367,13 @@
return new_block;
}
+ /* If we're allocating the block at offset 0 then something is wrong */
+ if (new_block == 0) {
+ qcow2_signal_corruption(bs, true, -1, -1, "Preventing invalid "
+ "allocation of refcount block at offset 0");
+ return -EIO;
+ }
+
#ifdef DEBUG_ALLOC2
fprintf(stderr, "qcow2: Allocate refcount block %d for %" PRIx64
" at %" PRIx64 "\n",
@@ -1075,6 +1082,13 @@
return new_cluster;
}
+ if (new_cluster == 0) {
+ qcow2_signal_corruption(bs, true, -1, -1, "Preventing invalid "
+ "allocation of compressed cluster "
+ "at offset 0");
+ return -EIO;
+ }
+
if (!offset || ROUND_UP(offset, s->cluster_size) != new_cluster) {
offset = new_cluster;
free_in_cluster = s->cluster_size;
@@ -3063,16 +3077,40 @@
return ret;
}
+static int64_t get_refblock_offset(BlockDriverState *bs, uint64_t offset)
+{
+ BDRVQcow2State *s = bs->opaque;
+ uint32_t index = offset_to_reftable_index(s, offset);
+ int64_t covering_refblock_offset = 0;
+
+ if (index < s->refcount_table_size) {
+ covering_refblock_offset = s->refcount_table[index] & REFT_OFFSET_MASK;
+ }
+ if (!covering_refblock_offset) {
+ qcow2_signal_corruption(bs, true, -1, -1, "Refblock at %#" PRIx64 " is "
+ "not covered by the refcount structures",
+ offset);
+ return -EIO;
+ }
+
+ return covering_refblock_offset;
+}
+
static int qcow2_discard_refcount_block(BlockDriverState *bs,
uint64_t discard_block_offs)
{
BDRVQcow2State *s = bs->opaque;
- uint64_t refblock_offs = get_refblock_offset(s, discard_block_offs);
+ int64_t refblock_offs;
uint64_t cluster_index = discard_block_offs >> s->cluster_bits;
uint32_t block_index = cluster_index & (s->refcount_block_size - 1);
void *refblock;
int ret;
+ refblock_offs = get_refblock_offset(bs, discard_block_offs);
+ if (refblock_offs < 0) {
+ return refblock_offs;
+ }
+
assert(discard_block_offs != 0);
ret = qcow2_cache_get(bs, s->refcount_block_cache, refblock_offs,
diff --git a/block/qcow2.c b/block/qcow2.c
index 92cb9f9..1914a94 100644
--- a/block/qcow2.c
+++ b/block/qcow2.c
@@ -126,6 +126,7 @@
/* Zero fill remaining space in cluster so it has predictable
* content in case of future spec changes */
clusterlen = size_to_clusters(s, headerlen) * s->cluster_size;
+ assert(qcow2_pre_write_overlap_check(bs, 0, ret, clusterlen) == 0);
ret = bdrv_pwrite_zeroes(bs->file,
ret + headerlen,
clusterlen - headerlen, 0);
@@ -375,6 +376,8 @@
default:
/* unknown magic - save it in case we need to rewrite the header */
+ /* If you add a new feature, make sure to also update the fast
+ * path of qcow2_make_empty() to deal with it. */
{
Qcow2UnknownHeaderExtension *uext;
@@ -1280,6 +1283,12 @@
goto fail;
}
+ if (header.refcount_table_clusters == 0 && !(flags & BDRV_O_CHECK)) {
+ error_setg(errp, "Image does not contain a reference count table");
+ ret = -EINVAL;
+ goto fail;
+ }
+
ret = validate_table_offset(bs, s->refcount_table_offset,
s->refcount_table_size, sizeof(uint64_t));
if (ret < 0) {
@@ -1468,7 +1477,10 @@
BdrvCheckResult result = {0};
ret = qcow2_check(bs, &result, BDRV_FIX_ERRORS | BDRV_FIX_LEAKS);
- if (ret < 0) {
+ if (ret < 0 || result.check_errors) {
+ if (ret >= 0) {
+ ret = -EIO;
+ }
error_setg_errno(errp, -ret, "Could not repair dirty image");
goto fail;
}
@@ -3349,6 +3361,10 @@
return bdrv_truncate(bs->file, cluster_offset, PREALLOC_MODE_OFF, NULL);
}
+ if (offset_into_cluster(s, offset)) {
+ return -EINVAL;
+ }
+
buf = qemu_blockalign(bs, s->cluster_size);
if (bytes != s->cluster_size) {
if (bytes > s->cluster_size ||
@@ -3593,13 +3609,16 @@
l1_clusters = DIV_ROUND_UP(s->l1_size, s->cluster_size / sizeof(uint64_t));
- if (s->qcow_version >= 3 && !s->snapshots &&
- 3 + l1_clusters <= s->refcount_block_size) {
- /* The following function only works for qcow2 v3 images (it requires
- * the dirty flag) and only as long as there are no snapshots (because
- * it completely empties the image). Furthermore, the L1 table and three
- * additional clusters (image header, refcount table, one refcount
- * block) have to fit inside one refcount block. */
+ if (s->qcow_version >= 3 && !s->snapshots && !s->nb_bitmaps &&
+ 3 + l1_clusters <= s->refcount_block_size &&
+ s->crypt_method_header != QCOW_CRYPT_LUKS) {
+ /* The following function only works for qcow2 v3 images (it
+ * requires the dirty flag) and only as long as there are no
+ * features that reserve extra clusters (such as snapshots,
+ * LUKS header, or persistent bitmaps), because it completely
+ * empties the image. Furthermore, the L1 table and three
+ * additional clusters (image header, refcount table, one
+ * refcount block) have to fit inside one refcount block. */
return make_completely_empty(bs);
}
@@ -4062,6 +4081,9 @@
error_report("Changing the encryption format is not supported");
return -ENOTSUP;
}
+ } else if (g_str_has_prefix(desc->name, "encrypt.")) {
+ error_report("Changing the encryption parameters is not supported");
+ return -ENOTSUP;
} else if (!strcmp(desc->name, BLOCK_OPT_CLUSTER_SIZE)) {
cluster_size = qemu_opt_get_size(opts, BLOCK_OPT_CLUSTER_SIZE,
cluster_size);
diff --git a/block/qcow2.h b/block/qcow2.h
index 782a206..6f0ff15 100644
--- a/block/qcow2.h
+++ b/block/qcow2.h
@@ -527,12 +527,6 @@
return offset >> (s->refcount_block_bits + s->cluster_bits);
}
-static inline uint64_t get_refblock_offset(BDRVQcow2State *s, uint64_t offset)
-{
- uint32_t index = offset_to_reftable_index(s, offset);
- return s->refcount_table[index] & REFT_OFFSET_MASK;
-}
-
/* qcow2.c functions */
int qcow2_backing_read1(BlockDriverState *bs, QEMUIOVector *qiov,
int64_t sector_num, int nb_sectors);
diff --git a/block/rbd.c b/block/rbd.c
index 144f350..a76a5e8 100644
--- a/block/rbd.c
+++ b/block/rbd.c
@@ -665,10 +665,16 @@
/* If we are using an rbd snapshot, we must be r/o, otherwise
* leave as-is */
if (s->snap != NULL) {
- r = bdrv_set_read_only(bs, true, &local_err);
- if (r < 0) {
- error_propagate(errp, local_err);
- goto failed_open;
+ if (!bdrv_is_read_only(bs)) {
+ error_report("Opening rbd snapshots without an explicit "
+ "read-only=on option is deprecated. Future versions "
+ "will refuse to open the image instead of "
+ "automatically marking the image read-only.");
+ r = bdrv_set_read_only(bs, true, &local_err);
+ if (r < 0) {
+ error_propagate(errp, local_err);
+ goto failed_open;
+ }
}
}
diff --git a/block/replication.c b/block/replication.c
index 3a4e682..e41e293 100644
--- a/block/replication.c
+++ b/block/replication.c
@@ -161,10 +161,13 @@
uint64_t perm, uint64_t shared,
uint64_t *nperm, uint64_t *nshared)
{
- *nperm = *nshared = BLK_PERM_CONSISTENT_READ \
- | BLK_PERM_WRITE \
- | BLK_PERM_WRITE_UNCHANGED;
-
+ *nperm = BLK_PERM_CONSISTENT_READ;
+ if ((bs->open_flags & (BDRV_O_INACTIVE | BDRV_O_RDWR)) == BDRV_O_RDWR) {
+ *nperm |= BLK_PERM_WRITE;
+ }
+ *nshared = BLK_PERM_CONSISTENT_READ \
+ | BLK_PERM_WRITE \
+ | BLK_PERM_WRITE_UNCHANGED;
return;
}
@@ -339,12 +342,24 @@
return;
}
+ if (!s->active_disk->bs->drv) {
+ error_setg(errp, "Active disk %s is ejected",
+ s->active_disk->bs->node_name);
+ return;
+ }
+
ret = s->active_disk->bs->drv->bdrv_make_empty(s->active_disk->bs);
if (ret < 0) {
error_setg(errp, "Cannot make active disk empty");
return;
}
+ if (!s->hidden_disk->bs->drv) {
+ error_setg(errp, "Hidden disk %s is ejected",
+ s->hidden_disk->bs->node_name);
+ return;
+ }
+
ret = s->hidden_disk->bs->drv->bdrv_make_empty(s->hidden_disk->bs);
if (ret < 0) {
error_setg(errp, "Cannot make hidden disk empty");
@@ -508,6 +523,9 @@
return;
}
+ /* Must be true, or the bdrv_getlength() calls would have failed */
+ assert(s->active_disk->bs->drv && s->hidden_disk->bs->drv);
+
if (!s->active_disk->bs->drv->bdrv_make_empty ||
!s->hidden_disk->bs->drv->bdrv_make_empty) {
error_setg(errp,
diff --git a/block/snapshot.c b/block/snapshot.c
index a46564e..be0743a 100644
--- a/block/snapshot.c
+++ b/block/snapshot.c
@@ -181,10 +181,24 @@
{
BlockDriver *drv = bs->drv;
int ret, open_ret;
+ int64_t len;
if (!drv) {
return -ENOMEDIUM;
}
+
+ len = bdrv_getlength(bs);
+ if (len < 0) {
+ return len;
+ }
+ /* We should set all bits in all enabled dirty bitmaps, because dirty
+ * bitmaps reflect active state of disk and snapshot switch operation
+ * actually dirties active state.
+ * TODO: It may make sense not to set all bits but analyze block status of
+ * current state and destination snapshot and do not set bits corresponding
+ * to both-zero or both-unallocated areas. */
+ bdrv_set_dirty(bs, 0, len);
+
if (drv->bdrv_snapshot_goto) {
return drv->bdrv_snapshot_goto(bs, snapshot_id);
}
@@ -403,6 +417,7 @@
}
aio_context_release(ctx);
if (!ok) {
+ bdrv_next_cleanup(&it);
goto fail;
}
}
@@ -430,6 +445,7 @@
}
aio_context_release(ctx);
if (ret < 0) {
+ bdrv_next_cleanup(&it);
goto fail;
}
}
@@ -455,6 +471,7 @@
}
aio_context_release(ctx);
if (err < 0) {
+ bdrv_next_cleanup(&it);
goto fail;
}
}
@@ -480,6 +497,7 @@
}
aio_context_release(ctx);
if (err < 0) {
+ bdrv_next_cleanup(&it);
goto fail;
}
}
@@ -511,6 +529,7 @@
}
aio_context_release(ctx);
if (err < 0) {
+ bdrv_next_cleanup(&it);
goto fail;
}
}
@@ -534,6 +553,7 @@
aio_context_release(ctx);
if (found) {
+ bdrv_next_cleanup(&it);
break;
}
}
diff --git a/block/throttle-groups.c b/block/throttle-groups.c
index b291a88..f26bcb5 100644
--- a/block/throttle-groups.c
+++ b/block/throttle-groups.c
@@ -593,7 +593,25 @@
void throttle_group_detach_aio_context(ThrottleGroupMember *tgm)
{
+ ThrottleGroup *tg = container_of(tgm->throttle_state, ThrottleGroup, ts);
ThrottleTimers *tt = &tgm->throttle_timers;
+ int i;
+
+ /* Requests must have been drained */
+ assert(tgm->pending_reqs[0] == 0 && tgm->pending_reqs[1] == 0);
+ assert(qemu_co_queue_empty(&tgm->throttled_reqs[0]));
+ assert(qemu_co_queue_empty(&tgm->throttled_reqs[1]));
+
+ /* Kick off next ThrottleGroupMember, if necessary */
+ qemu_mutex_lock(&tg->lock);
+ for (i = 0; i < 2; i++) {
+ if (timer_pending(tt->timers[i])) {
+ tg->any_timer_armed[i] = false;
+ schedule_next_request(tgm, i);
+ }
+ }
+ qemu_mutex_unlock(&tg->lock);
+
throttle_timers_detach_aio_context(tt);
tgm->aio_context = NULL;
}
diff --git a/block/vhdx.c b/block/vhdx.c
index 7ae4589..9956933 100644
--- a/block/vhdx.c
+++ b/block/vhdx.c
@@ -1008,13 +1008,6 @@
goto fail;
}
- if (flags & BDRV_O_RDWR) {
- ret = vhdx_update_headers(bs, s, false, NULL);
- if (ret < 0) {
- goto fail;
- }
- }
-
/* TODO: differencing files */
return 0;
diff --git a/block/vvfat.c b/block/vvfat.c
index a0f2335..a690595 100644
--- a/block/vvfat.c
+++ b/block/vvfat.c
@@ -1259,7 +1259,11 @@
"Unable to set VVFAT to 'rw' when drive is read-only");
goto fail;
}
- } else {
+ } else if (!bdrv_is_read_only(bs)) {
+ error_report("Opening non-rw vvfat images without an explicit "
+ "read-only=on option is deprecated. Future versions "
+ "will refuse to open the image instead of "
+ "automatically marking the image read-only.");
/* read only is the default for safety */
ret = bdrv_set_read_only(bs, true, &local_err);
if (ret < 0) {
@@ -2943,7 +2947,7 @@
return ret;
}
- if (s->qcow->bs->drv->bdrv_make_empty) {
+ if (s->qcow->bs->drv && s->qcow->bs->drv->bdrv_make_empty) {
s->qcow->bs->drv->bdrv_make_empty(s->qcow->bs);
}
diff --git a/configure b/configure
index a6055c0..0e856bb 100755
--- a/configure
+++ b/configure
@@ -482,6 +482,7 @@
cpp="${CPP-$cc -E}"
objcopy="${OBJCOPY-${cross_prefix}objcopy}"
ld="${LD-${cross_prefix}ld}"
+ranlib="${RANLIB-${cross_prefix}ranlib}"
nm="${NM-${cross_prefix}nm}"
strip="${STRIP-${cross_prefix}strip}"
windres="${WINDRES-${cross_prefix}windres}"
@@ -6288,6 +6289,7 @@
echo "CPP=$cpp" >> $config_host_mak
echo "OBJCOPY=$objcopy" >> $config_host_mak
echo "LD=$ld" >> $config_host_mak
+echo "RANLIB=$ranlib" >> $config_host_mak
echo "NM=$nm" >> $config_host_mak
echo "WINDRES=$windres" >> $config_host_mak
echo "CFLAGS=$CFLAGS" >> $config_host_mak
@@ -6782,6 +6784,7 @@
echo "OBJCOPY=objcopy" >> $config_mak
echo "IASL=$iasl" >> $config_mak
echo "LD=$ld" >> $config_mak
+ echo "RANLIB=$ranlib" >> $config_mak
done
# set up tests data directory
diff --git a/crypto/cipher.c b/crypto/cipher.c
index 0aad9d6..bcbfb3d 100644
--- a/crypto/cipher.c
+++ b/crypto/cipher.c
@@ -164,11 +164,10 @@
{
QCryptoCipher *cipher;
void *ctx = NULL;
- Error *err2 = NULL;
QCryptoCipherDriver *drv = NULL;
#ifdef CONFIG_AF_ALG
- ctx = qcrypto_afalg_cipher_ctx_new(alg, mode, key, nkey, &err2);
+ ctx = qcrypto_afalg_cipher_ctx_new(alg, mode, key, nkey, NULL);
if (ctx) {
drv = &qcrypto_cipher_afalg_driver;
}
@@ -177,12 +176,10 @@
if (!ctx) {
ctx = qcrypto_cipher_ctx_new(alg, mode, key, nkey, errp);
if (!ctx) {
- error_free(err2);
return NULL;
}
drv = &qcrypto_cipher_lib_driver;
- error_free(err2);
}
cipher = g_new0(QCryptoCipher, 1);
diff --git a/crypto/hash.c b/crypto/hash.c
index ac59c63..8dab25d 100644
--- a/crypto/hash.c
+++ b/crypto/hash.c
@@ -48,19 +48,16 @@
{
#ifdef CONFIG_AF_ALG
int ret;
-
- ret = qcrypto_hash_afalg_driver.hash_bytesv(alg, iov, niov,
- result, resultlen,
- errp);
- if (ret == 0) {
- return ret;
- }
-
/*
* TODO:
* Maybe we should treat some afalg errors as fatal
*/
- error_free(*errp);
+ ret = qcrypto_hash_afalg_driver.hash_bytesv(alg, iov, niov,
+ result, resultlen,
+ NULL);
+ if (ret == 0) {
+ return ret;
+ }
#endif
return qcrypto_hash_lib_driver.hash_bytesv(alg, iov, niov,
diff --git a/crypto/hmac.c b/crypto/hmac.c
index 82b0055..f6c2d8d 100644
--- a/crypto/hmac.c
+++ b/crypto/hmac.c
@@ -90,11 +90,10 @@
{
QCryptoHmac *hmac;
void *ctx = NULL;
- Error *err2 = NULL;
QCryptoHmacDriver *drv = NULL;
#ifdef CONFIG_AF_ALG
- ctx = qcrypto_afalg_hmac_ctx_new(alg, key, nkey, &err2);
+ ctx = qcrypto_afalg_hmac_ctx_new(alg, key, nkey, NULL);
if (ctx) {
drv = &qcrypto_hmac_afalg_driver;
}
@@ -107,7 +106,6 @@
}
drv = &qcrypto_hmac_lib_driver;
- error_free(err2);
}
hmac = g_new0(QCryptoHmac, 1);
diff --git a/default-configs/arm-softmmu.mak b/default-configs/arm-softmmu.mak
index 5059d13..d37edc4 100644
--- a/default-configs/arm-softmmu.mak
+++ b/default-configs/arm-softmmu.mak
@@ -130,3 +130,5 @@
CONFIG_ASPEED_SOC=y
CONFIG_GPIO_KEY=y
CONFIG_MSF2=y
+
+CONFIG_FW_CFG_DMA=y
diff --git a/default-configs/i386-softmmu.mak b/default-configs/i386-softmmu.mak
index a685c43..95ac4b4 100644
--- a/default-configs/i386-softmmu.mak
+++ b/default-configs/i386-softmmu.mak
@@ -60,3 +60,4 @@
CONFIG_HYPERV_TESTDEV=$(CONFIG_KVM)
CONFIG_PXB=y
CONFIG_ACPI_VMGENID=y
+CONFIG_FW_CFG_DMA=y
diff --git a/default-configs/x86_64-softmmu.mak b/default-configs/x86_64-softmmu.mak
index ea69e82..0221236 100644
--- a/default-configs/x86_64-softmmu.mak
+++ b/default-configs/x86_64-softmmu.mak
@@ -60,3 +60,4 @@
CONFIG_HYPERV_TESTDEV=$(CONFIG_KVM)
CONFIG_PXB=y
CONFIG_ACPI_VMGENID=y
+CONFIG_FW_CFG_DMA=y
diff --git a/disas.c b/disas.c
index 92b389d..d4ad108 100644
--- a/disas.c
+++ b/disas.c
@@ -220,6 +220,77 @@
return CS_ERR_OK;
}
+static void cap_dump_insn_units(disassemble_info *info, cs_insn *insn,
+ int i, int n)
+{
+ fprintf_function print = info->fprintf_func;
+ FILE *stream = info->stream;
+
+ switch (info->cap_insn_unit) {
+ case 4:
+ if (info->endian == BFD_ENDIAN_BIG) {
+ for (; i < n; i += 4) {
+ print(stream, " %08x", ldl_be_p(insn->bytes + i));
+
+ }
+ } else {
+ for (; i < n; i += 4) {
+ print(stream, " %08x", ldl_le_p(insn->bytes + i));
+ }
+ }
+ break;
+
+ case 2:
+ if (info->endian == BFD_ENDIAN_BIG) {
+ for (; i < n; i += 2) {
+ print(stream, " %04x", lduw_be_p(insn->bytes + i));
+ }
+ } else {
+ for (; i < n; i += 2) {
+ print(stream, " %04x", lduw_le_p(insn->bytes + i));
+ }
+ }
+ break;
+
+ default:
+ for (; i < n; i++) {
+ print(stream, " %02x", insn->bytes[i]);
+ }
+ break;
+ }
+}
+
+static void cap_dump_insn(disassemble_info *info, cs_insn *insn)
+{
+ fprintf_function print = info->fprintf_func;
+ int i, n, split;
+
+ print(info->stream, "0x%08" PRIx64 ": ", insn->address);
+
+ n = insn->size;
+ split = info->cap_insn_split;
+
+ /* Dump the first SPLIT bytes of the instruction. */
+ cap_dump_insn_units(info, insn, 0, MIN(n, split));
+
+ /* Add padding up to SPLIT so that mnemonics line up. */
+ if (n < split) {
+ int width = (split - n) / info->cap_insn_unit;
+ width *= (2 * info->cap_insn_unit + 1);
+ print(info->stream, "%*s", width, "");
+ }
+
+ /* Print the actual instruction. */
+ print(info->stream, " %-8s %s\n", insn->mnemonic, insn->op_str);
+
+ /* Dump any remaining part of the insn on subsequent lines. */
+ for (i = split; i < n; i += split) {
+ print(info->stream, "0x%08" PRIx64 ": ", insn->address + i);
+ cap_dump_insn_units(info, insn, i, MIN(n, i + split));
+ print(info->stream, "\n");
+ }
+}
+
/* Disassemble SIZE bytes at PC for the target. */
static bool cap_disas_target(disassemble_info *info, uint64_t pc, size_t size)
{
@@ -242,10 +313,7 @@
size -= tsize;
while (cs_disasm_iter(handle, &cbuf, &csize, &pc, insn)) {
- (*info->fprintf_func)(info->stream,
- "0x%08" PRIx64 ": %-12s %s\n",
- insn->address, insn->mnemonic,
- insn->op_str);
+ cap_dump_insn(info, insn);
}
/* If the target memory is not consumed, go back for more... */
@@ -290,10 +358,7 @@
pc = (uintptr_t)code;
while (cs_disasm_iter(handle, &cbuf, &size, &pc, insn)) {
- (*info->fprintf_func)(info->stream,
- "0x%08" PRIx64 ": %-12s %s\n",
- insn->address, insn->mnemonic,
- insn->op_str);
+ cap_dump_insn(info, insn);
}
if (size != 0) {
(*info->fprintf_func)(info->stream,
@@ -337,10 +402,7 @@
csize += tsize;
if (cs_disasm_iter(handle, &cbuf, &csize, &pc, insn)) {
- (*info->fprintf_func)(info->stream,
- "0x%08" PRIx64 ": %-12s %s\n",
- insn->address, insn->mnemonic,
- insn->op_str);
+ cap_dump_insn(info, insn);
if (--count <= 0) {
break;
}
@@ -376,6 +438,8 @@
s.info.print_address_func = generic_print_address;
s.info.cap_arch = -1;
s.info.cap_mode = 0;
+ s.info.cap_insn_unit = 4;
+ s.info.cap_insn_split = 4;
#ifdef TARGET_WORDS_BIGENDIAN
s.info.endian = BFD_ENDIAN_BIG;
@@ -427,6 +491,8 @@
s.info.buffer_length = size;
s.info.cap_arch = -1;
s.info.cap_mode = 0;
+ s.info.cap_insn_unit = 4;
+ s.info.cap_insn_split = 4;
#ifdef HOST_WORDS_BIGENDIAN
s.info.endian = BFD_ENDIAN_BIG;
@@ -440,11 +506,15 @@
print_insn = print_insn_i386;
s.info.cap_arch = CS_ARCH_X86;
s.info.cap_mode = CS_MODE_32;
+ s.info.cap_insn_unit = 1;
+ s.info.cap_insn_split = 8;
#elif defined(__x86_64__)
s.info.mach = bfd_mach_x86_64;
print_insn = print_insn_i386;
s.info.cap_arch = CS_ARCH_X86;
s.info.cap_mode = CS_MODE_64;
+ s.info.cap_insn_unit = 1;
+ s.info.cap_insn_split = 8;
#elif defined(_ARCH_PPC)
s.info.disassembler_options = (char *)"any";
print_insn = print_insn_ppc;
@@ -537,6 +607,8 @@
s.info.buffer_vma = pc;
s.info.cap_arch = -1;
s.info.cap_mode = 0;
+ s.info.cap_insn_unit = 4;
+ s.info.cap_insn_split = 4;
#ifdef TARGET_WORDS_BIGENDIAN
s.info.endian = BFD_ENDIAN_BIG;
diff --git a/docs/specs/tpm.txt b/docs/specs/tpm.txt
index 914daac..d1d7157 100644
--- a/docs/specs/tpm.txt
+++ b/docs/specs/tpm.txt
@@ -121,3 +121,82 @@
PCR-00: 35 4E 3B CE 23 9F 38 59 ...
...
PCR-23: 00 00 00 00 00 00 00 00 ...
+
+
+== The QEMU TPM emulator device ==
+
+The TPM emulator device uses an external TPM emulator called 'swtpm' for
+sending TPM commands to and receiving responses from. The swtpm program
+must have been started before trying to access it through the TPM emulator
+with QEMU.
+
+The TPM emulator implements a command channel for transferring TPM commands
+and responses as well as a control channel over which control commands can
+be sent. The specification for the control channel can be found here:
+
+https://github.com/stefanberger/swtpm/blob/master/man/man3/swtpm_ioctls.pod
+
+
+The control channel serves the purpose of resetting, initializing, and
+migrating the TPM state, among other things.
+
+The swtpm program behaves like a hardware TPM and therefore needs to be
+initialized by the firmware running inside the QEMU virtual machine.
+One necessary step for initializing the device is to send the TPM_Startup
+command to it. SeaBIOS, for example, has been instrumented to initialize
+a TPM 1.2 or TPM 2 device using this command.
+
+
+QEMU files related to the TPM emulator device:
+ - hw/tpm/tpm_emulator.c
+ - hw/tpm/tpm_util.c
+ - hw/tpm/tpm_util.h
+
+
+The following commands start the swtpm with a UnixIO control channel over
+a socket interface. They do not need to be run as root.
+
+mkdir /tmp/mytpm1
+swtpm socket --tpmstate dir=/tmp/mytpm1 \
+ --ctrl type=unixio,path=/tmp/mytpm1/swtpm-sock \
+ --log level=20
+
+Command line to start QEMU with the TPM emulator device communicating with
+the swtpm:
+
+qemu-system-x86_64 -display sdl -enable-kvm \
+ -m 1024 -boot d -bios bios-256k.bin -boot menu=on \
+ -chardev socket,id=chrtpm,path=/tmp/mytpm1/swtpm-sock \
+ -tpmdev emulator,id=tpm0,chardev=chrtpm \
+ -device tpm-tis,tpmdev=tpm0 test.img
+
+
+In case SeaBIOS is used as firmware, it should show the TPM menu item
+after entering the menu with 'ESC'.
+
+Select boot device:
+1. DVD/CD [ata1-0: QEMU DVD-ROM ATAPI-4 DVD/CD]
+[...]
+5. Legacy option rom
+
+t. TPM Configuration
+
+
+The following commands should result in similar output inside the VM with a
+Linux kernel that either has the TPM TIS driver built-in or available as a
+module:
+
+#> dmesg | grep -i tpm
+[ 0.711310] tpm_tis 00:06: 1.2 TPM (device=id 0x1, rev-id 1)
+
+#> dmesg | grep TCPA
+[ 0.000000] ACPI: TCPA 0x0000000003FFD191C 000032 (v02 BOCHS \
+ BXPCTCPA 0000001 BXPC 00000001)
+
+#> ls -l /dev/tpm*
+crw-------. 1 root root 10, 224 Jul 11 10:11 /dev/tpm0
+
+#> find /sys/devices/ | grep pcrs$ | xargs cat
+PCR-00: 35 4E 3B CE 23 9F 38 59 ...
+...
+PCR-23: 00 00 00 00 00 00 00 00 ...
diff --git a/exec.c b/exec.c
index 97a24a8..2202f2d 100644
--- a/exec.c
+++ b/exec.c
@@ -410,22 +410,16 @@
{
MemoryRegionSection *section = atomic_read(&d->mru_section);
subpage_t *subpage;
- bool update;
- if (section && section != &d->map.sections[PHYS_SECTION_UNASSIGNED] &&
- section_covers_addr(section, addr)) {
- update = false;
- } else {
+ if (!section || section == &d->map.sections[PHYS_SECTION_UNASSIGNED] ||
+ !section_covers_addr(section, addr)) {
section = phys_page_find(d, addr);
- update = true;
+ atomic_set(&d->mru_section, section);
}
if (resolve_subpage && section->mr->subpage) {
subpage = container_of(section->mr, subpage_t, iomem);
section = &d->map.sections[subpage->sub_section[SUBPAGE_IDX(addr)]];
}
- if (update) {
- atomic_set(&d->mru_section, section);
- }
return section;
}
@@ -792,11 +786,12 @@
void cpu_exec_realizefn(CPUState *cpu, Error **errp)
{
CPUClass *cc = CPU_GET_CLASS(cpu);
+ static bool tcg_target_initialized;
cpu_list_add(cpu);
- if (tcg_enabled() && !cc->tcg_initialized) {
- cc->tcg_initialized = true;
+ if (tcg_enabled() && !tcg_target_initialized) {
+ tcg_target_initialized = true;
cc->tcg_initialize();
}
diff --git a/hw/arm/aspeed.c b/hw/arm/aspeed.c
index ab895ad..7088c90 100644
--- a/hw/arm/aspeed.c
+++ b/hw/arm/aspeed.c
@@ -186,6 +186,15 @@
&error_abort);
object_property_set_int(OBJECT(&bmc->soc), cfg->num_cs, "num-cs",
&error_abort);
+ if (machine->kernel_filename) {
+ /*
+ * When booting with a -kernel command line there is no u-boot
+ * that runs to unlock the SCU. In this case set the default to
+ * be unlocked as the kernel expects
+ */
+ object_property_set_int(OBJECT(&bmc->soc), ASPEED_SCU_PROT_KEY,
+ "hw-prot-key", &error_abort);
+ }
object_property_set_bool(OBJECT(&bmc->soc), true, "realized",
&error_abort);
diff --git a/hw/arm/aspeed_soc.c b/hw/arm/aspeed_soc.c
index 5aa3d2d..c83b7e2 100644
--- a/hw/arm/aspeed_soc.c
+++ b/hw/arm/aspeed_soc.c
@@ -154,6 +154,8 @@
"hw-strap1", &error_abort);
object_property_add_alias(obj, "hw-strap2", OBJECT(&s->scu),
"hw-strap2", &error_abort);
+ object_property_add_alias(obj, "hw-prot-key", OBJECT(&s->scu),
+ "hw-prot-key", &error_abort);
object_initialize(&s->fmc, sizeof(s->fmc), sc->info->fmc_typename);
object_property_add_child(obj, "fmc", OBJECT(&s->fmc), NULL);
diff --git a/hw/arm/exynos4_boards.c b/hw/arm/exynos4_boards.c
index f1441ec..750162c 100644
--- a/hw/arm/exynos4_boards.c
+++ b/hw/arm/exynos4_boards.c
@@ -27,7 +27,6 @@
#include "qemu-common.h"
#include "cpu.h"
#include "sysemu/sysemu.h"
-#include "sysemu/qtest.h"
#include "hw/sysbus.h"
#include "net/net.h"
#include "hw/arm/arm.h"
@@ -129,13 +128,6 @@
Exynos4BoardType board_type)
{
Exynos4BoardState *s = g_new(Exynos4BoardState, 1);
- MachineClass *mc = MACHINE_GET_CLASS(machine);
-
- if (smp_cpus != EXYNOS4210_NCPUS && !qtest_enabled()) {
- error_report("%s board supports only %d CPU cores, ignoring smp_cpus"
- " value",
- mc->name, EXYNOS4210_NCPUS);
- }
exynos4_board_binfo.ram_size = exynos4_board_ram_size[board_type];
exynos4_board_binfo.board_id = exynos4_board_id[board_type];
@@ -189,6 +181,8 @@
mc->desc = "Samsung NURI board (Exynos4210)";
mc->init = nuri_init;
mc->max_cpus = EXYNOS4210_NCPUS;
+ mc->min_cpus = EXYNOS4210_NCPUS;
+ mc->default_cpus = EXYNOS4210_NCPUS;
mc->ignore_memory_transaction_failures = true;
}
@@ -205,6 +199,8 @@
mc->desc = "Samsung SMDKC210 board (Exynos4210)";
mc->init = smdkc210_init;
mc->max_cpus = EXYNOS4210_NCPUS;
+ mc->min_cpus = EXYNOS4210_NCPUS;
+ mc->default_cpus = EXYNOS4210_NCPUS;
mc->ignore_memory_transaction_failures = true;
}
diff --git a/hw/arm/highbank.c b/hw/arm/highbank.c
index 354c6b2..287392b 100644
--- a/hw/arm/highbank.c
+++ b/hw/arm/highbank.c
@@ -34,6 +34,7 @@
#include "hw/ide/ahci.h"
#include "hw/cpu/a9mpcore.h"
#include "hw/cpu/a15mpcore.h"
+#include "qemu/log.h"
#define SMP_BOOT_ADDR 0x100
#define SMP_BOOT_REG 0x40
@@ -117,14 +118,26 @@
}
}
- regs[offset/4] = value;
+ if (offset / 4 >= NUM_REGS) {
+ qemu_log_mask(LOG_GUEST_ERROR,
+ "highbank: bad write offset 0x%" HWADDR_PRIx "\n", offset);
+ return;
+ }
+ regs[offset / 4] = value;
}
static uint64_t hb_regs_read(void *opaque, hwaddr offset,
unsigned size)
{
+ uint32_t value;
uint32_t *regs = opaque;
- uint32_t value = regs[offset/4];
+
+ if (offset / 4 >= NUM_REGS) {
+ qemu_log_mask(LOG_GUEST_ERROR,
+ "highbank: bad read offset 0x%" HWADDR_PRIx "\n", offset);
+ return 0;
+ }
+ value = regs[offset / 4];
if ((offset == 0x100) || (offset == 0x108) || (offset == 0x10C)) {
value |= 0x30000000;
diff --git a/hw/arm/raspi.c b/hw/arm/raspi.c
index 5941c9f..cd5fa8c 100644
--- a/hw/arm/raspi.c
+++ b/hw/arm/raspi.c
@@ -167,6 +167,8 @@
mc->no_floppy = 1;
mc->no_cdrom = 1;
mc->max_cpus = BCM2836_NCPUS;
+ mc->min_cpus = BCM2836_NCPUS;
+ mc->default_cpus = BCM2836_NCPUS;
mc->default_ram_size = 1024 * 1024 * 1024;
mc->ignore_memory_transaction_failures = true;
};
diff --git a/hw/arm/xlnx-zcu102.c b/hw/arm/xlnx-zcu102.c
index e2d15a1..bbe7d04 100644
--- a/hw/arm/xlnx-zcu102.c
+++ b/hw/arm/xlnx-zcu102.c
@@ -24,6 +24,7 @@
#include "qemu/error-report.h"
#include "exec/address-spaces.h"
#include "qemu/log.h"
+#include "sysemu/qtest.h"
typedef struct XlnxZCU102 {
MachineState parent_obj;
@@ -164,6 +165,11 @@
{
XlnxZCU102 *s = EP108_MACHINE(machine);
+ if (!qtest_enabled()) {
+ info_report("The Xilinx EP108 machine is deprecated, please use the "
+ "ZCU102 machine (which has the same features) instead.");
+ }
+
xlnx_zynqmp_init(s, machine);
}
@@ -185,6 +191,8 @@
mc->block_default_type = IF_IDE;
mc->units_per_default_bus = 1;
mc->ignore_memory_transaction_failures = true;
+ mc->max_cpus = XLNX_ZYNQMP_NUM_APU_CPUS + XLNX_ZYNQMP_NUM_RPU_CPUS;
+ mc->default_cpus = XLNX_ZYNQMP_NUM_APU_CPUS;
}
static const TypeInfo xlnx_ep108_machine_init_typeinfo = {
@@ -235,12 +243,14 @@
{
MachineClass *mc = MACHINE_CLASS(oc);
- mc->desc = "Xilinx ZynqMP ZCU102 board";
+ mc->desc = "Xilinx ZynqMP ZCU102 board with 4xA53s and 2xR5s based on " \
+ "the value of smp";
mc->init = xlnx_zcu102_init;
mc->block_default_type = IF_IDE;
mc->units_per_default_bus = 1;
mc->ignore_memory_transaction_failures = true;
mc->max_cpus = XLNX_ZYNQMP_NUM_APU_CPUS + XLNX_ZYNQMP_NUM_RPU_CPUS;
+ mc->default_cpus = XLNX_ZYNQMP_NUM_APU_CPUS;
}
static const TypeInfo xlnx_zcu102_machine_init_typeinfo = {
diff --git a/hw/arm/xlnx-zynqmp.c b/hw/arm/xlnx-zynqmp.c
index d4b6560..c707c66 100644
--- a/hw/arm/xlnx-zynqmp.c
+++ b/hw/arm/xlnx-zynqmp.c
@@ -98,8 +98,9 @@
{
Error *err = NULL;
int i;
+ int num_rpus = MIN(smp_cpus - XLNX_ZYNQMP_NUM_APU_CPUS, XLNX_ZYNQMP_NUM_RPU_CPUS);
- for (i = 0; i < XLNX_ZYNQMP_NUM_RPU_CPUS; i++) {
+ for (i = 0; i < num_rpus; i++) {
char *name;
object_initialize(&s->rpu_cpu[i], sizeof(s->rpu_cpu[i]),
@@ -132,8 +133,9 @@
{
XlnxZynqMPState *s = XLNX_ZYNQMP(obj);
int i;
+ int num_apus = MIN(smp_cpus, XLNX_ZYNQMP_NUM_APU_CPUS);
- for (i = 0; i < XLNX_ZYNQMP_NUM_APU_CPUS; i++) {
+ for (i = 0; i < num_apus; i++) {
object_initialize(&s->apu_cpu[i], sizeof(s->apu_cpu[i]),
"cortex-a53-" TYPE_ARM_CPU);
object_property_add_child(obj, "apu-cpu[*]", OBJECT(&s->apu_cpu[i]),
@@ -182,6 +184,7 @@
MemoryRegion *system_memory = get_system_memory();
uint8_t i;
uint64_t ram_size;
+ int num_apus = MIN(smp_cpus, XLNX_ZYNQMP_NUM_APU_CPUS);
const char *boot_cpu = s->boot_cpu ? s->boot_cpu : "apu-cpu[0]";
ram_addr_t ddr_low_size, ddr_high_size;
qemu_irq gic_spi[GIC_NUM_SPI_INTR];
@@ -233,10 +236,10 @@
qdev_prop_set_uint32(DEVICE(&s->gic), "num-irq", GIC_NUM_SPI_INTR + 32);
qdev_prop_set_uint32(DEVICE(&s->gic), "revision", 2);
- qdev_prop_set_uint32(DEVICE(&s->gic), "num-cpu", XLNX_ZYNQMP_NUM_APU_CPUS);
+ qdev_prop_set_uint32(DEVICE(&s->gic), "num-cpu", num_apus);
/* Realize APUs before realizing the GIC. KVM requires this. */
- for (i = 0; i < XLNX_ZYNQMP_NUM_APU_CPUS; i++) {
+ for (i = 0; i < num_apus; i++) {
char *name;
object_property_set_int(OBJECT(&s->apu_cpu[i]), QEMU_PSCI_CONDUIT_SMC,
@@ -292,7 +295,7 @@
}
}
- for (i = 0; i < XLNX_ZYNQMP_NUM_APU_CPUS; i++) {
+ for (i = 0; i < num_apus; i++) {
qemu_irq irq;
sysbus_connect_irq(SYS_BUS_DEVICE(&s->gic), i,
@@ -307,11 +310,14 @@
}
if (s->has_rpu) {
- xlnx_zynqmp_create_rpu(s, boot_cpu, &err);
- if (err) {
- error_propagate(errp, err);
- return;
- }
+ info_report("The 'has_rpu' property is no longer required, to use the "
+ "RPUs just use -smp 6.");
+ }
+
+ xlnx_zynqmp_create_rpu(s, boot_cpu, &err);
+ if (err) {
+ error_propagate(errp, err);
+ return;
}
if (!s->boot_cpu_ptr) {
diff --git a/hw/char/serial.c b/hw/char/serial.c
index 376bd2f..eb72191 100644
--- a/hw/char/serial.c
+++ b/hw/char/serial.c
@@ -1005,7 +1005,7 @@
uint64_t value, unsigned size)
{
SerialState *s = opaque;
- value &= ~0u >> (32 - (size * 8));
+ value &= 255;
serial_ioport_write(s, addr >> s->it_shift, value, 1);
}
@@ -1014,16 +1014,22 @@
.read = serial_mm_read,
.write = serial_mm_write,
.endianness = DEVICE_NATIVE_ENDIAN,
+ .valid.max_access_size = 8,
+ .impl.max_access_size = 8,
},
[DEVICE_LITTLE_ENDIAN] = {
.read = serial_mm_read,
.write = serial_mm_write,
.endianness = DEVICE_LITTLE_ENDIAN,
+ .valid.max_access_size = 8,
+ .impl.max_access_size = 8,
},
[DEVICE_BIG_ENDIAN] = {
.read = serial_mm_read,
.write = serial_mm_write,
.endianness = DEVICE_BIG_ENDIAN,
+ .valid.max_access_size = 8,
+ .impl.max_access_size = 8,
},
};
diff --git a/hw/display/sm501.c b/hw/display/sm501.c
index 6eddac9..7f18224 100644
--- a/hw/display/sm501.c
+++ b/hw/display/sm501.c
@@ -1758,7 +1758,7 @@
dc->reset = sm501_reset_sysbus;
dc->vmsd = &vmstate_sm501_sysbus;
/* Note: pointer property "chr-state" may remain null, thus
- * no need for dc->cannot_instantiate_with_device_add_yet = true;
+ * no need for dc->user_creatable = false;
*/
}
diff --git a/hw/display/vga.c b/hw/display/vga.c
index 1d19f6b..a64a094 100644
--- a/hw/display/vga.c
+++ b/hw/display/vga.c
@@ -1666,9 +1666,9 @@
/* scanline wraps from end of video memory to the start */
assert(force_shadow);
update = memory_region_snapshot_get_dirty(&s->vram, snap,
- page0, 0);
+ page0, s->vbe_size - page0);
update |= memory_region_snapshot_get_dirty(&s->vram, snap,
- page1, 0);
+ 0, page1);
} else {
update = memory_region_snapshot_get_dirty(&s->vram, snap,
page0, page1 - page0);
diff --git a/hw/display/virtio-gpu.c b/hw/display/virtio-gpu.c
index 43bbe09..274e365 100644
--- a/hw/display/virtio-gpu.c
+++ b/hw/display/virtio-gpu.c
@@ -322,6 +322,18 @@
}
}
+static uint32_t calc_image_hostmem(pixman_format_code_t pformat,
+ uint32_t width, uint32_t height)
+{
+ /* Copied from pixman/pixman-bits-image.c, skip integer overflow check.
+ * pixman_image_create_bits will fail in case it overflow.
+ */
+
+ int bpp = PIXMAN_FORMAT_BPP(pformat);
+ int stride = ((width * bpp + 0x1f) >> 5) * sizeof(uint32_t);
+ return height * stride;
+}
+
static void virtio_gpu_resource_create_2d(VirtIOGPU *g,
struct virtio_gpu_ctrl_command *cmd)
{
@@ -366,7 +378,7 @@
return;
}
- res->hostmem = PIXMAN_FORMAT_BPP(pformat) * c2d.width * c2d.height;
+ res->hostmem = calc_image_hostmem(pformat, c2d.width, c2d.height);
if (res->hostmem + g->hostmem < g->conf.max_hostmem) {
res->image = pixman_image_create_bits(pformat,
c2d.width,
@@ -1087,7 +1099,7 @@
return -EINVAL;
}
- res->hostmem = PIXMAN_FORMAT_BPP(pformat) * res->width * res->height;
+ res->hostmem = calc_image_hostmem(pformat, res->width, res->height);
res->addrs = g_new(uint64_t, res->iov_cnt);
res->iov = g_new(struct iovec, res->iov_cnt);
diff --git a/hw/display/vmware_vga.c b/hw/display/vmware_vga.c
index cdc3fed..0e6673a 100644
--- a/hw/display/vmware_vga.c
+++ b/hw/display/vmware_vga.c
@@ -679,10 +679,9 @@
if (cursor.width > 256
|| cursor.height > 256
|| cursor.bpp > 32
- || SVGA_BITMAP_SIZE(x, y)
- > sizeof(cursor.mask) / sizeof(cursor.mask[0])
+ || SVGA_BITMAP_SIZE(x, y) > ARRAY_SIZE(cursor.mask)
|| SVGA_PIXMAP_SIZE(x, y, cursor.bpp)
- > sizeof(cursor.image) / sizeof(cursor.image[0])) {
+ > ARRAY_SIZE(cursor.image)) {
goto badcmd;
}
diff --git a/hw/i386/pc.c b/hw/i386/pc.c
index e11a65b..c3afe5b 100644
--- a/hw/i386/pc.c
+++ b/hw/i386/pc.c
@@ -1448,6 +1448,28 @@
pcms->ioapic_as = &address_space_memory;
}
+/*
+ * The 64bit pci hole starts after "above 4G RAM" and
+ * potentially the space reserved for memory hotplug.
+ */
+uint64_t pc_pci_hole64_start(void)
+{
+ PCMachineState *pcms = PC_MACHINE(qdev_get_machine());
+ PCMachineClass *pcmc = PC_MACHINE_GET_CLASS(pcms);
+ uint64_t hole64_start = 0;
+
+ if (pcmc->has_reserved_memory && pcms->hotplug_memory.base) {
+ hole64_start = pcms->hotplug_memory.base;
+ if (!pcmc->broken_reserved_end) {
+ hole64_start += memory_region_size(&pcms->hotplug_memory.mr);
+ }
+ } else {
+ hole64_start = 0x100000000ULL + pcms->above_4g_mem_size;
+ }
+
+ return ROUND_UP(hole64_start, 1ULL << 30);
+}
+
qemu_irq pc_allocate_cpu_irq(void)
{
return qemu_allocate_irq(pic_irq_request, NULL, 0);
@@ -2325,6 +2347,7 @@
mc->cpu_index_to_instance_props = pc_cpu_index_to_props;
mc->get_default_cpu_node_id = pc_get_default_cpu_node_id;
mc->possible_cpu_arch_ids = pc_possible_cpu_arch_ids;
+ mc->auto_enable_numa_with_memhp = true;
mc->has_hotpluggable_cpus = true;
mc->default_boot_order = "cad";
mc->hot_add_cpu = pc_hot_add_cpu;
diff --git a/hw/i386/pc_piix.c b/hw/i386/pc_piix.c
index f79d5cb..5e47528 100644
--- a/hw/i386/pc_piix.c
+++ b/hw/i386/pc_piix.c
@@ -446,6 +446,7 @@
m->is_default = 0;
m->alias = NULL;
SET_MACHINE_COMPAT(m, PC_COMPAT_2_10);
+ m->auto_enable_numa_with_memhp = false;
}
DEFINE_I440FX_MACHINE(v2_10, "pc-i440fx-2.10", NULL,
diff --git a/hw/i386/pc_q35.c b/hw/i386/pc_q35.c
index da3ea60..d606004 100644
--- a/hw/i386/pc_q35.c
+++ b/hw/i386/pc_q35.c
@@ -318,6 +318,7 @@
m->alias = NULL;
SET_MACHINE_COMPAT(m, PC_COMPAT_2_10);
m->numa_auto_assign_ram = numa_legacy_auto_assign_ram;
+ m->auto_enable_numa_with_memhp = false;
}
DEFINE_Q35_MACHINE(v2_10, "pc-q35-2.10", NULL,
diff --git a/hw/intc/armv7m_nvic.c b/hw/intc/armv7m_nvic.c
index be46639..5d9c883 100644
--- a/hw/intc/armv7m_nvic.c
+++ b/hw/intc/armv7m_nvic.c
@@ -977,7 +977,7 @@
if (region >= cpu->pmsav7_dregion) {
return 0;
}
- return (cpu->env.pmsav7.drbar[region] & 0x1f) | (region & 0xf);
+ return (cpu->env.pmsav7.drbar[region] & ~0x1f) | (region & 0xf);
}
case 0xda0: /* MPU_RASR (v7M), MPU_RLAR (v8M) */
case 0xda8: /* MPU_RASR_A1 (v7M), MPU_RLAR_A1 (v8M) */
diff --git a/hw/intc/ioapic.c b/hw/intc/ioapic.c
index 37c4386..36139a4 100644
--- a/hw/intc/ioapic.c
+++ b/hw/intc/ioapic.c
@@ -35,15 +35,6 @@
#include "hw/i386/x86-iommu.h"
#include "trace.h"
-//#define DEBUG_IOAPIC
-
-#ifdef DEBUG_IOAPIC
-#define DPRINTF(fmt, ...) \
- do { printf("ioapic: " fmt , ## __VA_ARGS__); } while (0)
-#else
-#define DPRINTF(fmt, ...)
-#endif
-
#define APIC_DELIVERY_MODE_SHIFT 8
#define APIC_POLARITY_SHIFT 14
#define APIC_TRIG_MODE_SHIFT 15
@@ -157,7 +148,7 @@
* to GSI 2. GSI maps to ioapic 1-1. This is not
* the cleanest way of doing it but it should work. */
- DPRINTF("%s: %s vec %x\n", __func__, level ? "raise" : "lower", vector);
+ trace_ioapic_set_irq(vector, level);
if (vector == 0) {
vector = 2;
}
@@ -290,11 +281,10 @@
}
}
}
- DPRINTF("read: %08x = %08x\n", s->ioregsel, val);
break;
}
- trace_ioapic_mem_read(addr, size, val);
+ trace_ioapic_mem_read(addr, s->ioregsel, size, val);
return val;
}
@@ -335,7 +325,7 @@
int index;
addr &= 0xff;
- trace_ioapic_mem_write(addr, size, val);
+ trace_ioapic_mem_write(addr, s->ioregsel, size, val);
switch (addr) {
case IOAPIC_IOREGSEL:
@@ -345,7 +335,6 @@
if (size != 4) {
break;
}
- DPRINTF("write: %08x = %08" PRIx64 "\n", s->ioregsel, val);
switch (s->ioregsel) {
case IOAPIC_REG_ID:
s->id = (val >> IOAPIC_ID_SHIFT) & IOAPIC_ID_MASK;
diff --git a/hw/intc/trace-events b/hw/intc/trace-events
index b86f242..b298fac 100644
--- a/hw/intc/trace-events
+++ b/hw/intc/trace-events
@@ -18,8 +18,9 @@
ioapic_set_remote_irr(int n) "set remote irr for pin %d"
ioapic_clear_remote_irr(int n, int vector) "clear remote irr for pin %d vector %d"
ioapic_eoi_broadcast(int vector) "EOI broadcast for vector %d"
-ioapic_mem_read(uint8_t addr, uint8_t size, uint32_t val) "ioapic mem read addr 0x%"PRIx8" size 0x%"PRIx8" retval 0x%"PRIx32
-ioapic_mem_write(uint8_t addr, uint8_t size, uint32_t val) "ioapic mem write addr 0x%"PRIx8" size 0x%"PRIx8" val 0x%"PRIx32
+ioapic_mem_read(uint8_t addr, uint8_t regsel, uint8_t size, uint32_t val) "ioapic mem read addr 0x%"PRIx8" regsel: 0x%"PRIx8" size 0x%"PRIx8" retval 0x%"PRIx32
+ioapic_mem_write(uint8_t addr, uint8_t regsel, uint8_t size, uint32_t val) "ioapic mem write addr 0x%"PRIx8" regsel: 0x%"PRIx8" size 0x%"PRIx8" val 0x%"PRIx32
+ioapic_set_irq(int vector, int level) "vector: %d level: %d"
# hw/intc/slavio_intctl.c
slavio_intctl_mem_readl(uint32_t cpu, uint64_t addr, uint32_t ret) "read cpu %d reg 0x%"PRIx64" = 0x%x"
diff --git a/hw/intc/xics.c b/hw/intc/xics.c
index cc9816e..a1cc0e4 100644
--- a/hw/intc/xics.c
+++ b/hw/intc/xics.c
@@ -40,11 +40,17 @@
void icp_pic_print_info(ICPState *icp, Monitor *mon)
{
+ ICPStateClass *icpc = ICP_GET_CLASS(icp);
int cpu_index = icp->cs ? icp->cs->cpu_index : -1;
if (!icp->output) {
return;
}
+
+ if (icpc->synchronize_state) {
+ icpc->synchronize_state(icp);
+ }
+
monitor_printf(mon, "CPU %d XIRR=%08x (%p) PP=%02x MFRR=%02x\n",
cpu_index, icp->xirr, icp->xirr_owner,
icp->pending_priority, icp->mfrr);
@@ -52,6 +58,7 @@
void ics_pic_print_info(ICSState *ics, Monitor *mon)
{
+ ICSStateClass *icsc = ICS_BASE_GET_CLASS(ics);
uint32_t i;
monitor_printf(mon, "ICS %4x..%4x %p\n",
@@ -61,6 +68,10 @@
return;
}
+ if (icsc->synchronize_state) {
+ icsc->synchronize_state(ics);
+ }
+
for (i = 0; i < ics->nr_irqs; i++) {
ICSIRQState *irq = ics->irqs + i;
diff --git a/hw/intc/xics_kvm.c b/hw/intc/xics_kvm.c
index 3091ad3..89fb20e 100644
--- a/hw/intc/xics_kvm.c
+++ b/hw/intc/xics_kvm.c
@@ -81,6 +81,18 @@
& KVM_REG_PPC_ICP_PPRI_MASK;
}
+static void do_icp_synchronize_state(CPUState *cpu, run_on_cpu_data arg)
+{
+ icp_get_kvm_state(arg.host_ptr);
+}
+
+static void icp_synchronize_state(ICPState *icp)
+{
+ if (icp->cs) {
+ run_on_cpu(icp->cs, do_icp_synchronize_state, RUN_ON_CPU_HOST_PTR(icp));
+ }
+}
+
static int icp_set_kvm_state(ICPState *icp, int version_id)
{
uint64_t state;
@@ -156,6 +168,7 @@
icpc->post_load = icp_set_kvm_state;
icpc->realize = icp_kvm_realize;
icpc->reset = icp_kvm_reset;
+ icpc->synchronize_state = icp_synchronize_state;
}
static const TypeInfo icp_kvm_info = {
@@ -234,6 +247,11 @@
}
}
+static void ics_synchronize_state(ICSState *ics)
+{
+ ics_get_kvm_state(ics);
+}
+
static int ics_set_kvm_state(ICSState *ics, int version_id)
{
uint64_t state;
@@ -347,6 +365,7 @@
icsc->realize = ics_kvm_realize;
icsc->pre_save = ics_get_kvm_state;
icsc->post_load = ics_set_kvm_state;
+ icsc->synchronize_state = ics_synchronize_state;
}
static const TypeInfo ics_kvm_info = {
diff --git a/hw/misc/Makefile.objs b/hw/misc/Makefile.objs
index 19202d9..10c88a8 100644
--- a/hw/misc/Makefile.objs
+++ b/hw/misc/Makefile.objs
@@ -9,7 +9,7 @@
common-obj-$(CONFIG_EDU) += edu.o
common-obj-y += unimp.o
-common-obj-y += vmcoreinfo.o
+common-obj-$(CONFIG_FW_CFG_DMA) += vmcoreinfo.o
obj-$(CONFIG_VMPORT) += vmport.o
diff --git a/hw/misc/aspeed_scu.c b/hw/misc/aspeed_scu.c
index 95022d3..74537ce 100644
--- a/hw/misc/aspeed_scu.c
+++ b/hw/misc/aspeed_scu.c
@@ -85,7 +85,6 @@
#define BMC_REV TO_REG(0x19C)
#define BMC_DEV_ID TO_REG(0x1A4)
-#define PROT_KEY_UNLOCK 0x1688A8A8
#define SCU_IO_REGION_SIZE 0x1000
static const uint32_t ast2400_a0_resets[ASPEED_SCU_NR_REGS] = {
@@ -192,7 +191,7 @@
}
if (reg > PROT_KEY && reg < CPU2_BASE_SEG1 &&
- s->regs[PROT_KEY] != PROT_KEY_UNLOCK) {
+ s->regs[PROT_KEY] != ASPEED_SCU_PROT_KEY) {
qemu_log_mask(LOG_GUEST_ERROR, "%s: SCU is locked!\n", __func__);
return;
}
@@ -246,6 +245,7 @@
s->regs[SILICON_REV] = s->silicon_rev;
s->regs[HW_STRAP1] = s->hw_strap1;
s->regs[HW_STRAP2] = s->hw_strap2;
+ s->regs[PROT_KEY] = s->hw_prot_key;
}
static uint32_t aspeed_silicon_revs[] = {
@@ -299,6 +299,7 @@
DEFINE_PROP_UINT32("silicon-rev", AspeedSCUState, silicon_rev, 0),
DEFINE_PROP_UINT32("hw-strap1", AspeedSCUState, hw_strap1, 0),
DEFINE_PROP_UINT32("hw-strap2", AspeedSCUState, hw_strap2, 0),
+ DEFINE_PROP_UINT32("hw-prot-key", AspeedSCUState, hw_prot_key, 0),
DEFINE_PROP_END_OF_LIST(),
};
diff --git a/hw/misc/vmcoreinfo.c b/hw/misc/vmcoreinfo.c
index a618e12..31db57a 100644
--- a/hw/misc/vmcoreinfo.c
+++ b/hw/misc/vmcoreinfo.c
@@ -79,6 +79,7 @@
dc->vmsd = &vmstate_vmcoreinfo;
dc->realize = vmcoreinfo_realize;
dc->hotpluggable = false;
+ set_bit(DEVICE_CATEGORY_MISC, dc->categories);
}
static const TypeInfo vmcoreinfo_device_info = {
diff --git a/hw/net/e1000.c b/hw/net/e1000.c
index c0abee4..05a00cb 100644
--- a/hw/net/e1000.c
+++ b/hw/net/e1000.c
@@ -503,7 +503,7 @@
n = cse + 1;
if (sloc < n-1) {
sum = net_checksum_add(n-css, data+css);
- stw_be_p(data + sloc, net_checksum_finish(sum));
+ stw_be_p(data + sloc, net_checksum_finish_nozero(sum));
}
}
diff --git a/hw/net/eepro100.c b/hw/net/eepro100.c
index 80b8f47..1c0def5 100644
--- a/hw/net/eepro100.c
+++ b/hw/net/eepro100.c
@@ -754,8 +754,8 @@
static void tx_command(EEPRO100State *s)
{
- uint32_t tbd_array = le32_to_cpu(s->tx.tbd_array_addr);
- uint16_t tcb_bytes = (le16_to_cpu(s->tx.tcb_bytes) & 0x3fff);
+ uint32_t tbd_array = s->tx.tbd_array_addr;
+ uint16_t tcb_bytes = s->tx.tcb_bytes & 0x3fff;
/* Sends larger than MAX_ETH_FRAME_SIZE are allowed, up to 2600 bytes. */
uint8_t buf[2600];
uint16_t size = 0;
@@ -774,23 +774,11 @@
}
assert(tcb_bytes <= sizeof(buf));
while (size < tcb_bytes) {
- uint32_t tx_buffer_address = ldl_le_pci_dma(&s->dev, tbd_address);
- uint16_t tx_buffer_size = lduw_le_pci_dma(&s->dev, tbd_address + 4);
-#if 0
- uint16_t tx_buffer_el = lduw_le_pci_dma(&s->dev, tbd_address + 6);
-#endif
- if (tx_buffer_size == 0) {
- /* Prevent an endless loop. */
- logout("loop in %s:%u\n", __FILE__, __LINE__);
- break;
- }
- tbd_address += 8;
TRACE(RXTX, logout
("TBD (simplified mode): buffer address 0x%08x, size 0x%04x\n",
- tx_buffer_address, tx_buffer_size));
- tx_buffer_size = MIN(tx_buffer_size, sizeof(buf) - size);
- pci_dma_read(&s->dev, tx_buffer_address, &buf[size], tx_buffer_size);
- size += tx_buffer_size;
+ tbd_address, tcb_bytes));
+ pci_dma_read(&s->dev, tbd_address, &buf[size], tcb_bytes);
+ size += tcb_bytes;
}
if (tbd_array == 0xffffffff) {
/* Simplified mode. Was already handled by code above. */
diff --git a/hw/net/net_rx_pkt.c b/hw/net/net_rx_pkt.c
index cef1c2e..98a5030 100644
--- a/hw/net/net_rx_pkt.c
+++ b/hw/net/net_rx_pkt.c
@@ -518,7 +518,7 @@
cntr += net_checksum_add_iov(pkt->vec, pkt->vec_len,
pkt->l4hdr_off, csl, cso);
- csum = net_checksum_finish(cntr);
+ csum = net_checksum_finish_nozero(cntr);
trace_net_rx_pkt_l4_csum_calc_csum(pkt->l4hdr_off, csl, cntr, csum);
diff --git a/hw/net/net_tx_pkt.c b/hw/net/net_tx_pkt.c
index 20b2549..e29c881 100644
--- a/hw/net/net_tx_pkt.c
+++ b/hw/net/net_tx_pkt.c
@@ -486,7 +486,7 @@
net_checksum_add_iov(iov, iov_len, pkt->virt_hdr.csum_start, csl, cso);
/* Put the checksum obtained into the packet */
- csum = cpu_to_be16(net_checksum_finish(csum_cntr));
+ csum = cpu_to_be16(net_checksum_finish_nozero(csum_cntr));
iov_from_buf(iov, iov_len, csum_offset, &csum, sizeof csum);
}
diff --git a/hw/net/vmware_utils.h b/hw/net/vmware_utils.h
index 5500601..6b1e251 100644
--- a/hw/net/vmware_utils.h
+++ b/hw/net/vmware_utils.h
@@ -83,6 +83,7 @@
{
uint16_t res;
pci_dma_read(d, addr, &res, 2);
+ res = le16_to_cpu(res);
VMW_SHPRN("SHMEM load16: %" PRIx64 " (value 0x%X)", addr, res);
return res;
}
@@ -91,6 +92,7 @@
vmw_shmem_st16(PCIDevice *d, hwaddr addr, uint16_t value)
{
VMW_SHPRN("SHMEM store16: %" PRIx64 " (value 0x%X)", addr, value);
+ value = cpu_to_le16(value);
pci_dma_write(d, addr, &value, 2);
}
@@ -99,6 +101,7 @@
{
uint32_t res;
pci_dma_read(d, addr, &res, 4);
+ res = le32_to_cpu(res);
VMW_SHPRN("SHMEM load32: %" PRIx64 " (value 0x%X)", addr, res);
return res;
}
@@ -107,6 +110,7 @@
vmw_shmem_st32(PCIDevice *d, hwaddr addr, uint32_t value)
{
VMW_SHPRN("SHMEM store32: %" PRIx64 " (value 0x%X)", addr, value);
+ value = cpu_to_le32(value);
pci_dma_write(d, addr, &value, 4);
}
@@ -115,6 +119,7 @@
{
uint64_t res;
pci_dma_read(d, addr, &res, 8);
+ res = le64_to_cpu(res);
VMW_SHPRN("SHMEM load64: %" PRIx64 " (value %" PRIx64 ")", addr, res);
return res;
}
@@ -123,6 +128,7 @@
vmw_shmem_st64(PCIDevice *d, hwaddr addr, uint64_t value)
{
VMW_SHPRN("SHMEM store64: %" PRIx64 " (value %" PRIx64 ")", addr, value);
+ value = cpu_to_le64(value);
pci_dma_write(d, addr, &value, 8);
}
diff --git a/hw/net/vmxnet3.c b/hw/net/vmxnet3.c
index 8c4bae5..b8404cb 100644
--- a/hw/net/vmxnet3.c
+++ b/hw/net/vmxnet3.c
@@ -222,7 +222,7 @@
"addr %" PRIx64 ", len: %d, gen: %d, rsvd: %d, "
"dtype: %d, ext1: %d, msscof: %d, hlen: %d, om: %d, "
"eop: %d, cq: %d, ext2: %d, ti: %d, tci: %d",
- le64_to_cpu(descr->addr), descr->len, descr->gen, descr->rsvd,
+ descr->addr, descr->len, descr->gen, descr->rsvd,
descr->dtype, descr->ext1, descr->msscof, descr->hlen, descr->om,
descr->eop, descr->cq, descr->ext2, descr->ti, descr->tci);
}
@@ -241,7 +241,7 @@
{
VMW_PKPRN("RX DESCR: addr %" PRIx64 ", len: %d, gen: %d, rsvd: %d, "
"dtype: %d, ext1: %d, btype: %d",
- le64_to_cpu(descr->addr), descr->len, descr->gen,
+ descr->addr, descr->len, descr->gen,
descr->rsvd, descr->dtype, descr->ext1, descr->btype);
}
@@ -535,7 +535,8 @@
memset(&txcq_descr, 0, sizeof(txcq_descr));
txcq_descr.txdIdx = tx_ridx;
txcq_descr.gen = vmxnet3_ring_curr_gen(&s->txq_descr[qidx].comp_ring);
-
+ txcq_descr.val1 = cpu_to_le32(txcq_descr.val1);
+ txcq_descr.val2 = cpu_to_le32(txcq_descr.val2);
vmxnet3_ring_write_curr_cell(d, &s->txq_descr[qidx].comp_ring, &txcq_descr);
/* Flush changes in TX descriptor before changing the counter value */
@@ -685,6 +686,16 @@
}
}
+static inline void
+vmxnet3_ring_read_curr_txdesc(PCIDevice *pcidev, Vmxnet3Ring *ring,
+ struct Vmxnet3_TxDesc *txd)
+{
+ vmxnet3_ring_read_curr_cell(pcidev, ring, txd);
+ txd->addr = le64_to_cpu(txd->addr);
+ txd->val1 = le32_to_cpu(txd->val1);
+ txd->val2 = le32_to_cpu(txd->val2);
+}
+
static inline bool
vmxnet3_pop_next_tx_descr(VMXNET3State *s,
int qidx,
@@ -694,12 +705,12 @@
Vmxnet3Ring *ring = &s->txq_descr[qidx].tx_ring;
PCIDevice *d = PCI_DEVICE(s);
- vmxnet3_ring_read_curr_cell(d, ring, txd);
+ vmxnet3_ring_read_curr_txdesc(d, ring, txd);
if (txd->gen == vmxnet3_ring_curr_gen(ring)) {
/* Only read after generation field verification */
smp_rmb();
/* Re-read to be sure we got the latest version */
- vmxnet3_ring_read_curr_cell(d, ring, txd);
+ vmxnet3_ring_read_curr_txdesc(d, ring, txd);
VMXNET3_RING_DUMP(VMW_RIPRN, "TX", qidx, ring);
*descr_idx = vmxnet3_ring_curr_cell_idx(ring);
vmxnet3_inc_tx_consumption_counter(s, qidx);
@@ -749,7 +760,7 @@
if (!s->skip_current_tx_pkt) {
data_len = (txd.len > 0) ? txd.len : VMXNET3_MAX_TX_BUF_SIZE;
- data_pa = le64_to_cpu(txd.addr);
+ data_pa = txd.addr;
if (!net_tx_pkt_add_raw_fragment(s->tx_pkt,
data_pa,
@@ -792,6 +803,9 @@
Vmxnet3Ring *ring = &s->rxq_descr[qidx].rx_ring[ridx];
*didx = vmxnet3_ring_curr_cell_idx(ring);
vmxnet3_ring_read_curr_cell(d, ring, dbuf);
+ dbuf->addr = le64_to_cpu(dbuf->addr);
+ dbuf->val1 = le32_to_cpu(dbuf->val1);
+ dbuf->ext1 = le32_to_cpu(dbuf->ext1);
}
static inline uint8_t
@@ -811,6 +825,9 @@
pci_dma_read(PCI_DEVICE(s),
daddr, &rxcd, sizeof(struct Vmxnet3_RxCompDesc));
+ rxcd.val1 = le32_to_cpu(rxcd.val1);
+ rxcd.val2 = le32_to_cpu(rxcd.val2);
+ rxcd.val3 = le32_to_cpu(rxcd.val3);
ring_gen = vmxnet3_ring_curr_gen(&s->rxq_descr[qidx].comp_ring);
if (rxcd.gen != ring_gen) {
@@ -972,7 +989,8 @@
data = (uint8_t *)pkt_data + vhdr->csum_start;
len = pkt_len - vhdr->csum_start;
/* Put the checksum obtained into the packet */
- stw_be_p(data + vhdr->csum_offset, net_raw_checksum(data, len));
+ stw_be_p(data + vhdr->csum_offset,
+ net_checksum_finish_nozero(net_checksum_add(len, data)));
vhdr->flags &= ~VIRTIO_NET_HDR_F_NEEDS_CSUM;
vhdr->flags |= VIRTIO_NET_HDR_F_DATA_VALID;
@@ -1060,6 +1078,16 @@
}
}
+static void
+vmxnet3_pci_dma_write_rxcd(PCIDevice *pcidev, dma_addr_t pa,
+ struct Vmxnet3_RxCompDesc *rxcd)
+{
+ rxcd->val1 = cpu_to_le32(rxcd->val1);
+ rxcd->val2 = cpu_to_le32(rxcd->val2);
+ rxcd->val3 = cpu_to_le32(rxcd->val3);
+ pci_dma_write(pcidev, pa, rxcd, sizeof(*rxcd));
+}
+
static bool
vmxnet3_indicate_packet(VMXNET3State *s)
{
@@ -1098,15 +1126,14 @@
}
chunk_size = MIN(bytes_left, rxd.len);
- vmxnet3_pci_dma_writev(d, data, bytes_copied,
- le64_to_cpu(rxd.addr), chunk_size);
+ vmxnet3_pci_dma_writev(d, data, bytes_copied, rxd.addr, chunk_size);
bytes_copied += chunk_size;
bytes_left -= chunk_size;
vmxnet3_dump_rx_descr(&rxd);
if (ready_rxcd_pa != 0) {
- pci_dma_write(d, ready_rxcd_pa, &rxcd, sizeof(rxcd));
+ vmxnet3_pci_dma_write_rxcd(d, ready_rxcd_pa, &rxcd);
}
memset(&rxcd, 0, sizeof(struct Vmxnet3_RxCompDesc));
@@ -1138,7 +1165,7 @@
rxcd.eop = 1;
rxcd.err = (bytes_left != 0);
- pci_dma_write(d, ready_rxcd_pa, &rxcd, sizeof(rxcd));
+ vmxnet3_pci_dma_write_rxcd(d, ready_rxcd_pa, &rxcd);
/* Flush RX descriptor changes */
smp_wmb();
diff --git a/hw/net/vmxnet3.h b/hw/net/vmxnet3.h
index f9352c4..5b3b76b 100644
--- a/hw/net/vmxnet3.h
+++ b/hw/net/vmxnet3.h
@@ -226,39 +226,49 @@
struct Vmxnet3_TxDesc {
__le64 addr;
+ union {
+ struct {
#ifdef __BIG_ENDIAN_BITFIELD
- u32 msscof:14; /* MSS, checksum offset, flags */
- u32 ext1:1;
- u32 dtype:1; /* descriptor type */
- u32 rsvd:1;
- u32 gen:1; /* generation bit */
- u32 len:14;
+ u32 msscof:14; /* MSS, checksum offset, flags */
+ u32 ext1:1;
+ u32 dtype:1; /* descriptor type */
+ u32 rsvd:1;
+ u32 gen:1; /* generation bit */
+ u32 len:14;
#else
- u32 len:14;
- u32 gen:1; /* generation bit */
- u32 rsvd:1;
- u32 dtype:1; /* descriptor type */
- u32 ext1:1;
- u32 msscof:14; /* MSS, checksum offset, flags */
+ u32 len:14;
+ u32 gen:1; /* generation bit */
+ u32 rsvd:1;
+ u32 dtype:1; /* descriptor type */
+ u32 ext1:1;
+ u32 msscof:14; /* MSS, checksum offset, flags */
#endif /* __BIG_ENDIAN_BITFIELD */
-
+ };
+ u32 val1;
+ };
+
+ union {
+ struct {
#ifdef __BIG_ENDIAN_BITFIELD
- u32 tci:16; /* Tag to Insert */
- u32 ti:1; /* VLAN Tag Insertion */
- u32 ext2:1;
- u32 cq:1; /* completion request */
- u32 eop:1; /* End Of Packet */
- u32 om:2; /* offload mode */
- u32 hlen:10; /* header len */
+ u32 tci:16; /* Tag to Insert */
+ u32 ti:1; /* VLAN Tag Insertion */
+ u32 ext2:1;
+ u32 cq:1; /* completion request */
+ u32 eop:1; /* End Of Packet */
+ u32 om:2; /* offload mode */
+ u32 hlen:10; /* header len */
#else
- u32 hlen:10; /* header len */
- u32 om:2; /* offload mode */
- u32 eop:1; /* End Of Packet */
- u32 cq:1; /* completion request */
- u32 ext2:1;
- u32 ti:1; /* VLAN Tag Insertion */
- u32 tci:16; /* Tag to Insert */
+ u32 hlen:10; /* header len */
+ u32 om:2; /* offload mode */
+ u32 eop:1; /* End Of Packet */
+ u32 cq:1; /* completion request */
+ u32 ext2:1;
+ u32 ti:1; /* VLAN Tag Insertion */
+ u32 tci:16; /* Tag to Insert */
#endif /* __BIG_ENDIAN_BITFIELD */
+ };
+ u32 val2;
+ };
};
/* TxDesc.OM values */
@@ -291,33 +301,57 @@
#define VMXNET3_TCD_GEN_DWORD_SHIFT 3
struct Vmxnet3_TxCompDesc {
- u32 txdIdx:12; /* Index of the EOP TxDesc */
- u32 ext1:20;
-
+ union {
+ struct {
+#ifdef __BIG_ENDIAN_BITFIELD
+ u32 ext1:20;
+ u32 txdIdx:12; /* Index of the EOP TxDesc */
+#else
+ u32 txdIdx:12; /* Index of the EOP TxDesc */
+ u32 ext1:20;
+#endif
+ };
+ u32 val1;
+ };
__le32 ext2;
__le32 ext3;
- u32 rsvd:24;
- u32 type:7; /* completion type */
- u32 gen:1; /* generation bit */
+ union {
+ struct {
+#ifdef __BIG_ENDIAN_BITFIELD
+ u32 gen:1; /* generation bit */
+ u32 type:7; /* completion type */
+ u32 rsvd:24;
+#else
+ u32 rsvd:24;
+ u32 type:7; /* completion type */
+ u32 gen:1; /* generation bit */
+#endif
+ };
+ u32 val2;
+ };
};
struct Vmxnet3_RxDesc {
__le64 addr;
-
+ union {
+ struct {
#ifdef __BIG_ENDIAN_BITFIELD
- u32 gen:1; /* Generation bit */
- u32 rsvd:15;
- u32 dtype:1; /* Descriptor type */
- u32 btype:1; /* Buffer Type */
- u32 len:14;
+ u32 gen:1; /* Generation bit */
+ u32 rsvd:15;
+ u32 dtype:1; /* Descriptor type */
+ u32 btype:1; /* Buffer Type */
+ u32 len:14;
#else
- u32 len:14;
- u32 btype:1; /* Buffer Type */
- u32 dtype:1; /* Descriptor type */
- u32 rsvd:15;
- u32 gen:1; /* Generation bit */
+ u32 len:14;
+ u32 btype:1; /* Buffer Type */
+ u32 dtype:1; /* Descriptor type */
+ u32 rsvd:15;
+ u32 gen:1; /* Generation bit */
#endif
+ };
+ u32 val1;
+ };
u32 ext1;
};
@@ -330,66 +364,80 @@
#define VMXNET3_RXD_GEN_SHIFT 31
struct Vmxnet3_RxCompDesc {
+ union {
+ struct {
#ifdef __BIG_ENDIAN_BITFIELD
- u32 ext2:1;
- u32 cnc:1; /* Checksum Not Calculated */
- u32 rssType:4; /* RSS hash type used */
- u32 rqID:10; /* rx queue/ring ID */
- u32 sop:1; /* Start of Packet */
- u32 eop:1; /* End of Packet */
- u32 ext1:2;
- u32 rxdIdx:12; /* Index of the RxDesc */
+ u32 ext2:1;
+ u32 cnc:1; /* Checksum Not Calculated */
+ u32 rssType:4; /* RSS hash type used */
+ u32 rqID:10; /* rx queue/ring ID */
+ u32 sop:1; /* Start of Packet */
+ u32 eop:1; /* End of Packet */
+ u32 ext1:2;
+ u32 rxdIdx:12; /* Index of the RxDesc */
#else
- u32 rxdIdx:12; /* Index of the RxDesc */
- u32 ext1:2;
- u32 eop:1; /* End of Packet */
- u32 sop:1; /* Start of Packet */
- u32 rqID:10; /* rx queue/ring ID */
- u32 rssType:4; /* RSS hash type used */
- u32 cnc:1; /* Checksum Not Calculated */
- u32 ext2:1;
+ u32 rxdIdx:12; /* Index of the RxDesc */
+ u32 ext1:2;
+ u32 eop:1; /* End of Packet */
+ u32 sop:1; /* Start of Packet */
+ u32 rqID:10; /* rx queue/ring ID */
+ u32 rssType:4; /* RSS hash type used */
+ u32 cnc:1; /* Checksum Not Calculated */
+ u32 ext2:1;
#endif /* __BIG_ENDIAN_BITFIELD */
+ };
+ u32 val1;
+ };
__le32 rssHash; /* RSS hash value */
+ union {
+ struct {
#ifdef __BIG_ENDIAN_BITFIELD
- u32 tci:16; /* Tag stripped */
- u32 ts:1; /* Tag is stripped */
- u32 err:1; /* Error */
- u32 len:14; /* data length */
+ u32 tci:16; /* Tag stripped */
+ u32 ts:1; /* Tag is stripped */
+ u32 err:1; /* Error */
+ u32 len:14; /* data length */
#else
- u32 len:14; /* data length */
- u32 err:1; /* Error */
- u32 ts:1; /* Tag is stripped */
- u32 tci:16; /* Tag stripped */
+ u32 len:14; /* data length */
+ u32 err:1; /* Error */
+ u32 ts:1; /* Tag is stripped */
+ u32 tci:16; /* Tag stripped */
#endif /* __BIG_ENDIAN_BITFIELD */
+ };
+ u32 val2;
+ };
-
+ union {
+ struct {
#ifdef __BIG_ENDIAN_BITFIELD
- u32 gen:1; /* generation bit */
- u32 type:7; /* completion type */
- u32 fcs:1; /* Frame CRC correct */
- u32 frg:1; /* IP Fragment */
- u32 v4:1; /* IPv4 */
- u32 v6:1; /* IPv6 */
- u32 ipc:1; /* IP Checksum Correct */
- u32 tcp:1; /* TCP packet */
- u32 udp:1; /* UDP packet */
- u32 tuc:1; /* TCP/UDP Checksum Correct */
- u32 csum:16;
+ u32 gen:1; /* generation bit */
+ u32 type:7; /* completion type */
+ u32 fcs:1; /* Frame CRC correct */
+ u32 frg:1; /* IP Fragment */
+ u32 v4:1; /* IPv4 */
+ u32 v6:1; /* IPv6 */
+ u32 ipc:1; /* IP Checksum Correct */
+ u32 tcp:1; /* TCP packet */
+ u32 udp:1; /* UDP packet */
+ u32 tuc:1; /* TCP/UDP Checksum Correct */
+ u32 csum:16;
#else
- u32 csum:16;
- u32 tuc:1; /* TCP/UDP Checksum Correct */
- u32 udp:1; /* UDP packet */
- u32 tcp:1; /* TCP packet */
- u32 ipc:1; /* IP Checksum Correct */
- u32 v6:1; /* IPv6 */
- u32 v4:1; /* IPv4 */
- u32 frg:1; /* IP Fragment */
- u32 fcs:1; /* Frame CRC correct */
- u32 type:7; /* completion type */
- u32 gen:1; /* generation bit */
+ u32 csum:16;
+ u32 tuc:1; /* TCP/UDP Checksum Correct */
+ u32 udp:1; /* UDP packet */
+ u32 tcp:1; /* TCP packet */
+ u32 ipc:1; /* IP Checksum Correct */
+ u32 v6:1; /* IPv6 */
+ u32 v4:1; /* IPv4 */
+ u32 frg:1; /* IP Fragment */
+ u32 fcs:1; /* Frame CRC correct */
+ u32 type:7; /* completion type */
+ u32 gen:1; /* generation bit */
#endif /* __BIG_ENDIAN_BITFIELD */
+ };
+ u32 val3;
+ };
};
/* fields in RxCompDesc we access via Vmxnet3_GenericDesc.dword[3] */
diff --git a/hw/pci-bridge/Makefile.objs b/hw/pci-bridge/Makefile.objs
index 666db37..1b05023 100644
--- a/hw/pci-bridge/Makefile.objs
+++ b/hw/pci-bridge/Makefile.objs
@@ -1,5 +1,5 @@
-common-obj-y += pci_bridge_dev.o pcie_pci_bridge.o
-common-obj-$(CONFIG_PCIE_PORT) += pcie_root_port.o gen_pcie_root_port.o
+common-obj-y += pci_bridge_dev.o
+common-obj-$(CONFIG_PCIE_PORT) += pcie_root_port.o gen_pcie_root_port.o pcie_pci_bridge.o
common-obj-$(CONFIG_PXB) += pci_expander_bridge.o
common-obj-$(CONFIG_XIO3130) += xio3130_upstream.o xio3130_downstream.o
common-obj-$(CONFIG_IOH3420) += ioh3420.o
diff --git a/hw/pci-host/piix.c b/hw/pci-host/piix.c
index a7e2256..a684a7c 100644
--- a/hw/pci-host/piix.c
+++ b/hw/pci-host/piix.c
@@ -50,6 +50,7 @@
PCIHostState parent_obj;
Range pci_hole;
uint64_t pci_hole64_size;
+ bool pci_hole64_fix;
uint32_t short_root_bus;
} I440FXState;
@@ -112,6 +113,9 @@
#define I440FX_PAM_SIZE 7
#define I440FX_SMRAM 0x72
+/* Keep it 2G to comply with older win32 guests */
+#define I440FX_PCI_HOST_HOLE64_SIZE_DEFAULT (1ULL << 31)
+
/* Older coreboot versions (4.0 and older) read a config register that doesn't
* exist in real hardware, to get the RAM size from QEMU.
*/
@@ -238,29 +242,52 @@
visit_type_uint32(v, name, &value, errp);
}
+/*
+ * The 64bit PCI hole start is set by the Guest firmware
+ * as the address of the first 64bit PCI MEM resource.
+ * If no PCI device has resources on the 64bit area,
+ * the 64bit PCI hole will start after "over 4G RAM" and the
+ * reserved space for memory hotplug if any.
+ */
static void i440fx_pcihost_get_pci_hole64_start(Object *obj, Visitor *v,
const char *name,
void *opaque, Error **errp)
{
PCIHostState *h = PCI_HOST_BRIDGE(obj);
+ I440FXState *s = I440FX_PCI_HOST_BRIDGE(obj);
Range w64;
uint64_t value;
pci_bus_get_w64_range(h->bus, &w64);
value = range_is_empty(&w64) ? 0 : range_lob(&w64);
+ if (!value && s->pci_hole64_fix) {
+ value = pc_pci_hole64_start();
+ }
visit_type_uint64(v, name, &value, errp);
}
+/*
+ * The 64bit PCI hole end is set by the Guest firmware
+ * as the address of the last 64bit PCI MEM resource.
+ * Then it is expanded to the PCI_HOST_PROP_PCI_HOLE64_SIZE
+ * that can be configured by the user.
+ */
static void i440fx_pcihost_get_pci_hole64_end(Object *obj, Visitor *v,
const char *name, void *opaque,
Error **errp)
{
PCIHostState *h = PCI_HOST_BRIDGE(obj);
+ I440FXState *s = I440FX_PCI_HOST_BRIDGE(obj);
+ uint64_t hole64_start = pc_pci_hole64_start();
Range w64;
- uint64_t value;
+ uint64_t value, hole64_end;
pci_bus_get_w64_range(h->bus, &w64);
value = range_is_empty(&w64) ? 0 : range_upb(&w64) + 1;
+ hole64_end = ROUND_UP(hole64_start + s->pci_hole64_size, 1ULL << 30);
+ if (s->pci_hole64_fix && value < hole64_end) {
+ value = hole64_end;
+ }
visit_type_uint64(v, name, &value, errp);
}
@@ -863,8 +890,9 @@
static Property i440fx_props[] = {
DEFINE_PROP_SIZE(PCI_HOST_PROP_PCI_HOLE64_SIZE, I440FXState,
- pci_hole64_size, DEFAULT_PCI_HOLE64_SIZE),
+ pci_hole64_size, I440FX_PCI_HOST_HOLE64_SIZE_DEFAULT),
DEFINE_PROP_UINT32("short_root_bus", I440FXState, short_root_bus, 0),
+ DEFINE_PROP_BOOL("x-pci-hole64-fix", I440FXState, pci_hole64_fix, true),
DEFINE_PROP_END_OF_LIST(),
};
diff --git a/hw/pci-host/q35.c b/hw/pci-host/q35.c
index ddaa7d1..6cb9a8d 100644
--- a/hw/pci-host/q35.c
+++ b/hw/pci-host/q35.c
@@ -37,6 +37,8 @@
* Q35 host
*/
+#define Q35_PCI_HOST_HOLE64_SIZE_DEFAULT (1ULL << 35)
+
static void q35_host_realize(DeviceState *dev, Error **errp)
{
PCIHostState *pci = PCI_HOST_BRIDGE(dev);
@@ -99,29 +101,52 @@
visit_type_uint32(v, name, &value, errp);
}
+/*
+ * The 64bit PCI hole start is set by the Guest firmware
+ * as the address of the first 64bit PCI MEM resource.
+ * If no PCI device has resources on the 64bit area,
+ * the 64bit PCI hole will start after "over 4G RAM" and the
+ * reserved space for memory hotplug if any.
+ */
static void q35_host_get_pci_hole64_start(Object *obj, Visitor *v,
const char *name, void *opaque,
Error **errp)
{
PCIHostState *h = PCI_HOST_BRIDGE(obj);
+ Q35PCIHost *s = Q35_HOST_DEVICE(obj);
Range w64;
uint64_t value;
pci_bus_get_w64_range(h->bus, &w64);
value = range_is_empty(&w64) ? 0 : range_lob(&w64);
+ if (!value && s->pci_hole64_fix) {
+ value = pc_pci_hole64_start();
+ }
visit_type_uint64(v, name, &value, errp);
}
+/*
+ * The 64bit PCI hole end is set by the Guest firmware
+ * as the address of the last 64bit PCI MEM resource.
+ * Then it is expanded to the PCI_HOST_PROP_PCI_HOLE64_SIZE
+ * that can be configured by the user.
+ */
static void q35_host_get_pci_hole64_end(Object *obj, Visitor *v,
const char *name, void *opaque,
Error **errp)
{
PCIHostState *h = PCI_HOST_BRIDGE(obj);
+ Q35PCIHost *s = Q35_HOST_DEVICE(obj);
+ uint64_t hole64_start = pc_pci_hole64_start();
Range w64;
- uint64_t value;
+ uint64_t value, hole64_end;
pci_bus_get_w64_range(h->bus, &w64);
value = range_is_empty(&w64) ? 0 : range_upb(&w64) + 1;
+ hole64_end = ROUND_UP(hole64_start + s->mch.pci_hole64_size, 1ULL << 30);
+ if (s->pci_hole64_fix && value < hole64_end) {
+ value = hole64_end;
+ }
visit_type_uint64(v, name, &value, errp);
}
@@ -133,16 +158,25 @@
visit_type_uint64(v, name, &e->size, errp);
}
+/*
+ * NOTE: setting defaults for the mch.* fields in this table
+ * doesn't work, because mch is a separate QOM object that is
+ * zeroed by the object_initialize(&s->mch, ...) call inside
+ * q35_host_initfn(). The default values for those
+ * properties need to be initialized manually by
+ * q35_host_initfn() after the object_initialize() call.
+ */
static Property q35_host_props[] = {
DEFINE_PROP_UINT64(PCIE_HOST_MCFG_BASE, Q35PCIHost, parent_obj.base_addr,
MCH_HOST_BRIDGE_PCIEXBAR_DEFAULT),
DEFINE_PROP_SIZE(PCI_HOST_PROP_PCI_HOLE64_SIZE, Q35PCIHost,
- mch.pci_hole64_size, DEFAULT_PCI_HOLE64_SIZE),
+ mch.pci_hole64_size, Q35_PCI_HOST_HOLE64_SIZE_DEFAULT),
DEFINE_PROP_UINT32("short_root_bus", Q35PCIHost, mch.short_root_bus, 0),
DEFINE_PROP_SIZE(PCI_HOST_BELOW_4G_MEM_SIZE, Q35PCIHost,
mch.below_4g_mem_size, 0),
DEFINE_PROP_SIZE(PCI_HOST_ABOVE_4G_MEM_SIZE, Q35PCIHost,
mch.above_4g_mem_size, 0),
+ DEFINE_PROP_BOOL("x-pci-hole64-fix", Q35PCIHost, pci_hole64_fix, true),
DEFINE_PROP_END_OF_LIST(),
};
@@ -174,7 +208,9 @@
object_property_add_child(OBJECT(s), "mch", OBJECT(&s->mch), NULL);
qdev_prop_set_int32(DEVICE(&s->mch), "addr", PCI_DEVFN(0, 0));
qdev_prop_set_bit(DEVICE(&s->mch), "multifunction", false);
-
+ /* mch's object_initialize resets the default value, set it again */
+ qdev_prop_set_uint64(DEVICE(s), PCI_HOST_PROP_PCI_HOLE64_SIZE,
+ Q35_PCI_HOST_HOLE64_SIZE_DEFAULT);
object_property_add(obj, PCI_HOST_PROP_PCI_HOLE_START, "uint32",
q35_host_get_pci_hole_start,
NULL, NULL, NULL, NULL);
diff --git a/hw/pci/pci.c b/hw/pci/pci.c
index 5ed3c8d..b2d139b 100644
--- a/hw/pci/pci.c
+++ b/hw/pci/pci.c
@@ -1030,6 +1030,7 @@
pci_dev->devfn = devfn;
pci_dev->requester_id_cache = pci_req_id_cache_get(pci_dev);
+ pstrcpy(pci_dev->name, sizeof(pci_dev->name), name);
memory_region_init(&pci_dev->bus_master_container_region, OBJECT(pci_dev),
"bus master container", UINT64_MAX);
@@ -1039,7 +1040,6 @@
if (qdev_hotplug) {
pci_init_bus_master(pci_dev);
}
- pstrcpy(pci_dev->name, sizeof(pci_dev->name), name);
pci_dev->irq_state = 0;
pci_config_alloc(pci_dev);
diff --git a/hw/ppc/e500.c b/hw/ppc/e500.c
index 9178e70..5cf0dab 100644
--- a/hw/ppc/e500.c
+++ b/hw/ppc/e500.c
@@ -729,15 +729,13 @@
return dev;
}
-static qemu_irq *ppce500_init_mpic(MachineState *machine, PPCE500Params *params,
- MemoryRegion *ccsr, qemu_irq **irqs)
+static DeviceState *ppce500_init_mpic(MachineState *machine,
+ PPCE500Params *params,
+ MemoryRegion *ccsr,
+ qemu_irq **irqs)
{
- qemu_irq *mpic;
DeviceState *dev = NULL;
SysBusDevice *s;
- int i;
-
- mpic = g_new0(qemu_irq, 256);
if (kvm_enabled()) {
Error *err = NULL;
@@ -756,15 +754,11 @@
dev = ppce500_init_mpic_qemu(params, irqs);
}
- for (i = 0; i < 256; i++) {
- mpic[i] = qdev_get_gpio_in(dev, i);
- }
-
s = SYS_BUS_DEVICE(dev);
memory_region_add_subregion(ccsr, MPC8544_MPIC_REGS_OFFSET,
s->mmio[0].memory);
- return mpic;
+ return dev;
}
static void ppce500_power_off(void *opaque, int line, int on)
@@ -796,8 +790,8 @@
/* irq num for pin INTA, INTB, INTC and INTD is 1, 2, 3 and
* 4 respectively */
unsigned int pci_irq_nrs[PCI_NUM_PINS] = {1, 2, 3, 4};
- qemu_irq **irqs, *mpic;
- DeviceState *dev;
+ qemu_irq **irqs;
+ DeviceState *dev, *mpicdev;
CPUPPCState *firstenv = NULL;
MemoryRegion *ccsr_addr_space;
SysBusDevice *s;
@@ -866,18 +860,18 @@
memory_region_add_subregion(address_space_mem, params->ccsrbar_base,
ccsr_addr_space);
- mpic = ppce500_init_mpic(machine, params, ccsr_addr_space, irqs);
+ mpicdev = ppce500_init_mpic(machine, params, ccsr_addr_space, irqs);
/* Serial */
if (serial_hds[0]) {
serial_mm_init(ccsr_addr_space, MPC8544_SERIAL0_REGS_OFFSET,
- 0, mpic[42], 399193,
+ 0, qdev_get_gpio_in(mpicdev, 42), 399193,
serial_hds[0], DEVICE_BIG_ENDIAN);
}
if (serial_hds[1]) {
serial_mm_init(ccsr_addr_space, MPC8544_SERIAL1_REGS_OFFSET,
- 0, mpic[42], 399193,
+ 0, qdev_get_gpio_in(mpicdev, 42), 399193,
serial_hds[1], DEVICE_BIG_ENDIAN);
}
@@ -895,7 +889,7 @@
qdev_init_nofail(dev);
s = SYS_BUS_DEVICE(dev);
for (i = 0; i < PCI_NUM_PINS; i++) {
- sysbus_connect_irq(s, i, mpic[pci_irq_nrs[i]]);
+ sysbus_connect_irq(s, i, qdev_get_gpio_in(mpicdev, pci_irq_nrs[i]));
}
memory_region_add_subregion(ccsr_addr_space, MPC8544_PCI_REGS_OFFSET,
@@ -926,7 +920,7 @@
dev = qdev_create(NULL, "mpc8xxx_gpio");
s = SYS_BUS_DEVICE(dev);
qdev_init_nofail(dev);
- sysbus_connect_irq(s, 0, mpic[MPC8XXX_GPIO_IRQ]);
+ sysbus_connect_irq(s, 0, qdev_get_gpio_in(mpicdev, MPC8XXX_GPIO_IRQ));
memory_region_add_subregion(ccsr_addr_space, MPC8XXX_GPIO_OFFSET,
sysbus_mmio_get_region(s, 0));
@@ -946,7 +940,7 @@
for (i = 0; i < params->platform_bus_num_irqs; i++) {
int irqn = params->platform_bus_first_irq + i;
- sysbus_connect_irq(s, i, mpic[irqn]);
+ sysbus_connect_irq(s, i, qdev_get_gpio_in(mpicdev, irqn));
}
memory_region_add_subregion(address_space_mem,
diff --git a/hw/ppc/spapr.c b/hw/ppc/spapr.c
index d682f01..6285f72 100644
--- a/hw/ppc/spapr.c
+++ b/hw/ppc/spapr.c
@@ -44,6 +44,7 @@
#include "migration/register.h"
#include "mmu-hash64.h"
#include "mmu-book3s-v3.h"
+#include "cpu-models.h"
#include "qom/cpu.h"
#include "hw/boards.h"
@@ -252,9 +253,10 @@
}
/* Populate the "ibm,pa-features" property */
-static void spapr_populate_pa_features(CPUPPCState *env, void *fdt, int offset,
- bool legacy_guest)
+static void spapr_populate_pa_features(PowerPCCPU *cpu, void *fdt, int offset,
+ bool legacy_guest)
{
+ CPUPPCState *env = &cpu->env;
uint8_t pa_features_206[] = { 6, 0,
0xf6, 0x1f, 0xc7, 0x00, 0x80, 0xc0 };
uint8_t pa_features_207[] = { 24, 0,
@@ -287,23 +289,22 @@
/* 60: NM atomic, 62: RNG */
0x80, 0x00, 0x80, 0x00, 0x00, 0x00, /* 60 - 65 */
};
- uint8_t *pa_features;
+ uint8_t *pa_features = NULL;
size_t pa_size;
- switch (POWERPC_MMU_VER(env->mmu_model)) {
- case POWERPC_MMU_VER_2_06:
+ if (ppc_check_compat(cpu, CPU_POWERPC_LOGICAL_2_06, 0, cpu->compat_pvr)) {
pa_features = pa_features_206;
pa_size = sizeof(pa_features_206);
- break;
- case POWERPC_MMU_VER_2_07:
+ }
+ if (ppc_check_compat(cpu, CPU_POWERPC_LOGICAL_2_07, 0, cpu->compat_pvr)) {
pa_features = pa_features_207;
pa_size = sizeof(pa_features_207);
- break;
- case POWERPC_MMU_VER_3_00:
+ }
+ if (ppc_check_compat(cpu, CPU_POWERPC_LOGICAL_3_00, 0, cpu->compat_pvr)) {
pa_features = pa_features_300;
pa_size = sizeof(pa_features_300);
- break;
- default:
+ }
+ if (!pa_features) {
return;
}
@@ -340,7 +341,6 @@
CPU_FOREACH(cs) {
PowerPCCPU *cpu = POWERPC_CPU(cs);
- CPUPPCState *env = &cpu->env;
DeviceClass *dc = DEVICE_GET_CLASS(cs);
int index = spapr_vcpu_id(cpu);
int compat_smt = MIN(smp_threads, ppc_compat_max_threads(cpu));
@@ -384,7 +384,7 @@
return ret;
}
- spapr_populate_pa_features(env, fdt, offset,
+ spapr_populate_pa_features(cpu, fdt, offset,
spapr->cas_legacy_guest_workaround);
}
return ret;
@@ -579,7 +579,7 @@
page_sizes_prop, page_sizes_prop_size)));
}
- spapr_populate_pa_features(env, fdt, offset, false);
+ spapr_populate_pa_features(cpu, fdt, offset, false);
_FDT((fdt_setprop_cell(fdt, offset, "ibm,chip-id",
cs->cpu_index / vcpus_per_socket)));
@@ -949,7 +949,11 @@
26, 0x40, /* Radix options: GTSE == yes. */
};
- if (kvm_enabled()) {
+ if (!ppc_check_compat(first_ppc_cpu, CPU_POWERPC_LOGICAL_3_00, 0,
+ first_ppc_cpu->compat_pvr)) {
+ /* If we're in a pre POWER9 compat mode then the guest should do hash */
+ val[3] = 0x00; /* Hash */
+ } else if (kvm_enabled()) {
if (kvmppc_has_cap_mmu_radix() && kvmppc_has_cap_mmu_hash_v3()) {
val[3] = 0x80; /* OV5_MMU_BOTH */
} else if (kvmppc_has_cap_mmu_radix()) {
@@ -958,13 +962,8 @@
val[3] = 0x00; /* Hash */
}
} else {
- if (first_ppc_cpu->env.mmu_model & POWERPC_MMU_V3) {
- /* V3 MMU supports both hash and radix (with dynamic switching) */
- val[3] = 0xC0;
- } else {
- /* Otherwise we can only do hash */
- val[3] = 0x00;
- }
+ /* V3 MMU supports both hash and radix in tcg (with dynamic switching) */
+ val[3] = 0xC0;
}
_FDT(fdt_setprop(fdt, chosen, "ibm,arch-vec-5-platform-support",
val, sizeof(val)));
@@ -1412,6 +1411,19 @@
}
}
+static int spapr_reset_drcs(Object *child, void *opaque)
+{
+ sPAPRDRConnector *drc =
+ (sPAPRDRConnector *) object_dynamic_cast(child,
+ TYPE_SPAPR_DR_CONNECTOR);
+
+ if (drc) {
+ spapr_drc_reset(drc);
+ }
+
+ return 0;
+}
+
static void ppc_spapr_reset(void)
{
MachineState *machine = MACHINE(qdev_get_machine());
@@ -1435,6 +1447,14 @@
}
qemu_devices_reset();
+
+ /* DRC reset may cause a device to be unplugged. This will cause troubles
+ * if this device is used by another device (eg, a running vhost backend
+ * will crash QEMU if the DIMM holding the vring goes away). To avoid such
+ * situations, we reset DRCs after all devices have been reset.
+ */
+ object_child_foreach_recursive(object_get_root(), spapr_reset_drcs, NULL);
+
spapr_clear_pending_events(spapr);
/*
diff --git a/hw/ppc/spapr_drc.c b/hw/ppc/spapr_drc.c
index 915e9b5..e3b1229 100644
--- a/hw/ppc/spapr_drc.c
+++ b/hw/ppc/spapr_drc.c
@@ -455,11 +455,6 @@
}
}
-static void drc_reset(void *opaque)
-{
- spapr_drc_reset(SPAPR_DR_CONNECTOR(opaque));
-}
-
bool spapr_drc_needed(void *opaque)
{
sPAPRDRConnector *drc = (sPAPRDRConnector *)opaque;
@@ -518,7 +513,6 @@
}
vmstate_register(DEVICE(drc), spapr_drc_index(drc), &vmstate_spapr_drc,
drc);
- qemu_register_reset(drc_reset, drc);
trace_spapr_drc_realize_complete(spapr_drc_index(drc));
}
@@ -529,7 +523,6 @@
gchar *name;
trace_spapr_drc_unrealize(spapr_drc_index(drc));
- qemu_unregister_reset(drc_reset, drc);
vmstate_unregister(DEVICE(drc), &vmstate_spapr_drc, drc);
root_container = container_get(object_get_root(), DRC_CONTAINER_PATH);
name = g_strdup_printf("%x", spapr_drc_index(drc));
diff --git a/hw/ppc/spapr_hcall.c b/hw/ppc/spapr_hcall.c
index 0d59d15..be22a6b 100644
--- a/hw/ppc/spapr_hcall.c
+++ b/hw/ppc/spapr_hcall.c
@@ -1636,6 +1636,12 @@
spapr->cas_legacy_guest_workaround = !spapr_ovec_test(ov1_guest,
OV1_PPC_3_00);
if (!spapr->cas_reboot) {
+ /* If ppc_spapr_reset() did not set up a HPT but one is necessary
+ * (because the guest isn't going to use radix) then set it up here. */
+ if ((spapr->patb_entry & PATBE1_GR) && !guest_radix) {
+ /* legacy hash or new hash: */
+ spapr_setup_hpt_and_vrma(spapr);
+ }
spapr->cas_reboot =
(spapr_h_cas_compose_response(spapr, args[1], args[2],
ov5_updates) != 0);
@@ -1644,13 +1650,6 @@
if (spapr->cas_reboot) {
qemu_system_reset_request(SHUTDOWN_CAUSE_GUEST_RESET);
- } else {
- /* If ppc_spapr_reset() did not set up a HPT but one is necessary
- * (because the guest isn't going to use radix) then set it up here. */
- if ((spapr->patb_entry & PATBE1_GR) && !guest_radix) {
- /* legacy hash or new hash: */
- spapr_setup_hpt_and_vrma(spapr);
- }
}
return H_SUCCESS;
diff --git a/hw/s390x/s390-pci-bus.c b/hw/s390x/s390-pci-bus.c
index e7a58e8..2b1e140 100644
--- a/hw/s390x/s390-pci-bus.c
+++ b/hw/s390x/s390-pci-bus.c
@@ -715,7 +715,7 @@
pbdev->pdev = pdev;
pbdev->iommu = s390_pci_get_iommu(s, pdev->bus, pdev->devfn);
pbdev->iommu->pbdev = pbdev;
- pbdev->state = ZPCI_FS_STANDBY;
+ pbdev->state = ZPCI_FS_DISABLED;
if (s390_pci_msix_init(pbdev)) {
error_setg(errp, "MSI-X support is mandatory "
diff --git a/hw/scsi/vhost-user-scsi.c b/hw/scsi/vhost-user-scsi.c
index 500fa6a..f7561e2 100644
--- a/hw/scsi/vhost-user-scsi.c
+++ b/hw/scsi/vhost-user-scsi.c
@@ -135,6 +135,8 @@
DEFINE_PROP_CHR("chardev", VirtIOSCSICommon, conf.chardev),
DEFINE_PROP_UINT32("boot_tpgt", VirtIOSCSICommon, conf.boot_tpgt, 0),
DEFINE_PROP_UINT32("num_queues", VirtIOSCSICommon, conf.num_queues, 1),
+ DEFINE_PROP_UINT32("virtqueue_size", VirtIOSCSICommon, conf.virtqueue_size,
+ 128),
DEFINE_PROP_UINT32("max_sectors", VirtIOSCSICommon, conf.max_sectors,
0xFFFF),
DEFINE_PROP_UINT32("cmd_per_lun", VirtIOSCSICommon, conf.cmd_per_lun, 128),
diff --git a/hw/tpm/tpm_emulator.c b/hw/tpm/tpm_emulator.c
index 9aaec8e..e1a6810 100644
--- a/hw/tpm/tpm_emulator.c
+++ b/hw/tpm/tpm_emulator.c
@@ -71,15 +71,21 @@
ptm_cap caps; /* capabilities of the TPM */
uint8_t cur_locty_number; /* last set locality */
Error *migration_blocker;
+
+ QemuMutex mutex;
} TPMEmulator;
-static int tpm_emulator_ctrlcmd(CharBackend *dev, unsigned long cmd, void *msg,
+static int tpm_emulator_ctrlcmd(TPMEmulator *tpm, unsigned long cmd, void *msg,
size_t msg_len_in, size_t msg_len_out)
{
+ CharBackend *dev = &tpm->ctrl_chr;
uint32_t cmd_no = cpu_to_be32(cmd);
ssize_t n = sizeof(uint32_t) + msg_len_in;
uint8_t *buf = NULL;
+ int ret = -1;
+
+ qemu_mutex_lock(&tpm->mutex);
buf = g_alloca(n);
memcpy(buf, &cmd_no, sizeof(cmd_no));
@@ -87,17 +93,21 @@
n = qemu_chr_fe_write_all(dev, buf, n);
if (n <= 0) {
- return -1;
+ goto end;
}
if (msg_len_out != 0) {
n = qemu_chr_fe_read_all(dev, msg, msg_len_out);
if (n <= 0) {
- return -1;
+ goto end;
}
}
- return 0;
+ ret = 0;
+
+end:
+ qemu_mutex_unlock(&tpm->mutex);
+ return ret;
}
static int tpm_emulator_unix_tx_bufs(TPMEmulator *tpm_emu,
@@ -154,7 +164,7 @@
DPRINTF("setting locality : 0x%x", locty_number);
loc.u.req.loc = locty_number;
- if (tpm_emulator_ctrlcmd(&tpm_emu->ctrl_chr, CMD_SET_LOCALITY, &loc,
+ if (tpm_emulator_ctrlcmd(tpm_emu, CMD_SET_LOCALITY, &loc,
sizeof(loc), sizeof(loc)) < 0) {
error_setg(errp, "tpm-emulator: could not set locality : %s",
strerror(errno));
@@ -202,8 +212,8 @@
static int tpm_emulator_probe_caps(TPMEmulator *tpm_emu)
{
DPRINTF("%s", __func__);
- if (tpm_emulator_ctrlcmd(&tpm_emu->ctrl_chr, CMD_GET_CAPABILITY,
- &tpm_emu->caps, 0, sizeof(tpm_emu->caps)) < 0) {
+ if (tpm_emulator_ctrlcmd(tpm_emu, CMD_GET_CAPABILITY,
+ &tpm_emu->caps, 0, sizeof(tpm_emu->caps)) < 0) {
error_report("tpm-emulator: probing failed : %s", strerror(errno));
return -1;
}
@@ -254,8 +264,8 @@
ptm_res res;
DPRINTF("%s", __func__);
- if (tpm_emulator_ctrlcmd(&tpm_emu->ctrl_chr, CMD_INIT, &init, sizeof(init),
- sizeof(init)) < 0) {
+ if (tpm_emulator_ctrlcmd(tpm_emu, CMD_INIT, &init, sizeof(init),
+ sizeof(init)) < 0) {
error_report("tpm-emulator: could not send INIT: %s",
strerror(errno));
goto err_exit;
@@ -278,7 +288,7 @@
ptm_est est;
DPRINTF("%s", __func__);
- if (tpm_emulator_ctrlcmd(&tpm_emu->ctrl_chr, CMD_GET_TPMESTABLISHED, &est,
+ if (tpm_emulator_ctrlcmd(tpm_emu, CMD_GET_TPMESTABLISHED, &est,
0, sizeof(est)) < 0) {
error_report("tpm-emulator: Could not get the TPM established flag: %s",
strerror(errno));
@@ -302,7 +312,7 @@
}
reset_est.u.req.loc = tpm_emu->cur_locty_number;
- if (tpm_emulator_ctrlcmd(&tpm_emu->ctrl_chr, CMD_RESET_TPMESTABLISHED,
+ if (tpm_emulator_ctrlcmd(tpm_emu, CMD_RESET_TPMESTABLISHED,
&reset_est, sizeof(reset_est),
sizeof(reset_est)) < 0) {
error_report("tpm-emulator: Could not reset the establishment bit: %s",
@@ -330,7 +340,7 @@
return;
}
- if (tpm_emulator_ctrlcmd(&tpm_emu->ctrl_chr, CMD_CANCEL_TPM_CMD, &res, 0,
+ if (tpm_emulator_ctrlcmd(tpm_emu, CMD_CANCEL_TPM_CMD, &res, 0,
sizeof(res)) < 0) {
error_report("tpm-emulator: Could not cancel command: %s",
strerror(errno));
@@ -378,8 +388,8 @@
qemu_chr_fe_set_msgfds(&tpm_emu->ctrl_chr, fds + 1, 1);
- if (tpm_emulator_ctrlcmd(&tpm_emu->ctrl_chr, CMD_SET_DATAFD, &res, 0,
- sizeof(res)) || res != 0) {
+ if (tpm_emulator_ctrlcmd(tpm_emu, CMD_SET_DATAFD, &res, 0,
+ sizeof(res)) < 0 || res != 0) {
error_report("tpm-emulator: Failed to send CMD_SET_DATAFD: %s",
strerror(errno));
goto err_exit;
@@ -501,6 +511,7 @@
DPRINTF("%s", __func__);
tpm_emu->options = g_new0(TPMEmulatorOptions, 1);
tpm_emu->cur_locty_number = ~0;
+ qemu_mutex_init(&tpm_emu->mutex);
}
/*
@@ -510,8 +521,7 @@
{
ptm_res res;
- if (tpm_emulator_ctrlcmd(&tpm_emu->ctrl_chr, CMD_SHUTDOWN, &res, 0,
- sizeof(res)) < 0) {
+ if (tpm_emulator_ctrlcmd(tpm_emu, CMD_SHUTDOWN, &res, 0, sizeof(res)) < 0) {
error_report("tpm-emulator: Could not cleanly shutdown the TPM: %s",
strerror(errno));
} else if (res != 0) {
@@ -536,6 +546,8 @@
migrate_del_blocker(tpm_emu->migration_blocker);
error_free(tpm_emu->migration_blocker);
}
+
+ qemu_mutex_destroy(&tpm_emu->mutex);
}
static void tpm_emulator_class_init(ObjectClass *klass, void *data)
diff --git a/hw/tpm/tpm_tis.c b/hw/tpm/tpm_tis.c
index 7402528..42d647d 100644
--- a/hw/tpm/tpm_tis.c
+++ b/hw/tpm/tpm_tis.c
@@ -545,7 +545,7 @@
uint8_t v;
if (tpm_backend_had_startup_error(s->be_driver)) {
- return val;
+ return 0;
}
switch (offset) {
@@ -1008,6 +1008,10 @@
{
TPMState *s = TPM(obj);
+ if (tpm_backend_had_startup_error(s->be_driver)) {
+ return TPM_VERSION_UNSPEC;
+ }
+
return tpm_backend_get_tpm_version(s->be_driver);
}
diff --git a/hw/virtio/virtio.c b/hw/virtio/virtio.c
index 5884ce3..ea532dc 100644
--- a/hw/virtio/virtio.c
+++ b/hw/virtio/virtio.c
@@ -2491,6 +2491,7 @@
virtio_bus_device_plugged(vdev, &err);
if (err != NULL) {
error_propagate(errp, err);
+ vdc->unrealize(dev, NULL);
return;
}
diff --git a/include/block/block.h b/include/block/block.h
index fbc21da..c05cac5 100644
--- a/include/block/block.h
+++ b/include/block/block.h
@@ -461,6 +461,7 @@
BlockDriverState *bdrv_first(BdrvNextIterator *it);
BlockDriverState *bdrv_next(BdrvNextIterator *it);
+void bdrv_next_cleanup(BdrvNextIterator *it);
BlockDriverState *bdrv_next_monitor_owned(BlockDriverState *bs);
bool bdrv_is_encrypted(BlockDriverState *bs);
diff --git a/include/block/nbd.h b/include/block/nbd.h
index 92d1723..113c707 100644
--- a/include/block/nbd.h
+++ b/include/block/nbd.h
@@ -86,15 +86,23 @@
} QEMU_PACKED;
} NBDReply;
-/* Header of NBD_REPLY_TYPE_OFFSET_DATA, complete NBD_REPLY_TYPE_OFFSET_HOLE */
-typedef struct NBDStructuredRead {
- NBDStructuredReplyChunk h;
+/* Header of chunk for NBD_REPLY_TYPE_OFFSET_DATA */
+typedef struct NBDStructuredReadData {
+ NBDStructuredReplyChunk h; /* h.length >= 9 */
uint64_t offset;
-} QEMU_PACKED NBDStructuredRead;
+ /* At least one byte of data payload follows, calculated from h.length */
+} QEMU_PACKED NBDStructuredReadData;
+
+/* Complete chunk for NBD_REPLY_TYPE_OFFSET_HOLE */
+typedef struct NBDStructuredReadHole {
+ NBDStructuredReplyChunk h; /* h.length == 12 */
+ uint64_t offset;
+ uint32_t length;
+} QEMU_PACKED NBDStructuredReadHole;
/* Header of all NBD_REPLY_TYPE_ERROR* errors */
typedef struct NBDStructuredError {
- NBDStructuredReplyChunk h;
+ NBDStructuredReplyChunk h; /* h.length >= 6 */
uint32_t error;
uint16_t message_length;
} QEMU_PACKED NBDStructuredError;
diff --git a/include/disas/bfd.h b/include/disas/bfd.h
index 1f88c9e..46c7ec3 100644
--- a/include/disas/bfd.h
+++ b/include/disas/bfd.h
@@ -374,6 +374,8 @@
/* Options for Capstone disassembly. */
int cap_arch;
int cap_mode;
+ int cap_insn_unit;
+ int cap_insn_split;
} disassemble_info;
diff --git a/include/exec/cpu_ldst.h b/include/exec/cpu_ldst.h
index 6eb5fe8..191f2e9 100644
--- a/include/exec/cpu_ldst.h
+++ b/include/exec/cpu_ldst.h
@@ -76,6 +76,8 @@
#if defined(CONFIG_USER_ONLY)
+extern __thread uintptr_t helper_retaddr;
+
/* In user-only mode we provide only the _code and _data accessors. */
#define MEMSUFFIX _data
diff --git a/include/exec/cpu_ldst_useronly_template.h b/include/exec/cpu_ldst_useronly_template.h
index 7b8c7c5..c168f31 100644
--- a/include/exec/cpu_ldst_useronly_template.h
+++ b/include/exec/cpu_ldst_useronly_template.h
@@ -73,7 +73,11 @@
target_ulong ptr,
uintptr_t retaddr)
{
- return glue(glue(cpu_ld, USUFFIX), MEMSUFFIX)(env, ptr);
+ RES_TYPE ret;
+ helper_retaddr = retaddr;
+ ret = glue(glue(cpu_ld, USUFFIX), MEMSUFFIX)(env, ptr);
+ helper_retaddr = 0;
+ return ret;
}
#if DATA_SIZE <= 2
@@ -93,7 +97,11 @@
target_ulong ptr,
uintptr_t retaddr)
{
- return glue(glue(cpu_lds, SUFFIX), MEMSUFFIX)(env, ptr);
+ int ret;
+ helper_retaddr = retaddr;
+ ret = glue(glue(cpu_lds, SUFFIX), MEMSUFFIX)(env, ptr);
+ helper_retaddr = 0;
+ return ret;
}
#endif
@@ -116,7 +124,9 @@
RES_TYPE v,
uintptr_t retaddr)
{
+ helper_retaddr = retaddr;
glue(glue(cpu_st, SUFFIX), MEMSUFFIX)(env, ptr, v);
+ helper_retaddr = 0;
}
#endif
diff --git a/include/exec/exec-all.h b/include/exec/exec-all.h
index 923ece3..0f51c92 100644
--- a/include/exec/exec-all.h
+++ b/include/exec/exec-all.h
@@ -45,6 +45,17 @@
target_ulong *data);
void cpu_gen_init(void);
+
+/**
+ * cpu_restore_state:
+ * @cpu: the vCPU state is to be restore to
+ * @searched_pc: the host PC the fault occurred at
+ * @return: true if state was restored, false otherwise
+ *
+ * Attempt to restore the state for a fault occurring in translated
+ * code. If the searched_pc is not in translated code no state is
+ * restored and the function returns false.
+ */
bool cpu_restore_state(CPUState *cpu, uintptr_t searched_pc);
void QEMU_NORETURN cpu_loop_exit_noexc(CPUState *cpu);
diff --git a/include/hw/boards.h b/include/hw/boards.h
index 191a5b3..156b16f 100644
--- a/include/hw/boards.h
+++ b/include/hw/boards.h
@@ -102,6 +102,9 @@
/**
* MachineClass:
+ * @max_cpus: maximum number of CPUs supported. Default: 1
+ * @min_cpus: minimum number of CPUs supported. Default: 1
+ * @default_cpus: number of CPUs instantiated if none are specified. Default: 1
* @get_hotplug_handler: this function is called during bus-less
* device hotplug. If defined it returns pointer to an instance
* of HotplugHandler object, which handles hotplug operation
@@ -167,6 +170,8 @@
BlockInterfaceType block_default_type;
int units_per_default_bus;
int max_cpus;
+ int min_cpus;
+ int default_cpus;
unsigned int no_serial:1,
no_parallel:1,
use_virtcon:1,
@@ -192,6 +197,7 @@
bool ignore_memory_transaction_failures;
int numa_mem_align_shift;
const char **valid_cpu_types;
+ bool auto_enable_numa_with_memhp;
void (*numa_auto_assign_ram)(MachineClass *mc, NodeInfo *nodes,
int nb_nodes, ram_addr_t size);
diff --git a/include/hw/i386/pc.h b/include/hw/i386/pc.h
index 087d184..ef438bd 100644
--- a/include/hw/i386/pc.h
+++ b/include/hw/i386/pc.h
@@ -238,7 +238,6 @@
#define PCI_HOST_PROP_PCI_HOLE64_SIZE "pci-hole64-size"
#define PCI_HOST_BELOW_4G_MEM_SIZE "below-4g-mem-size"
#define PCI_HOST_ABOVE_4G_MEM_SIZE "above-4g-mem-size"
-#define DEFAULT_PCI_HOLE64_SIZE (~0x0ULL)
void pc_pci_as_mapping_init(Object *owner, MemoryRegion *system_memory,
@@ -249,6 +248,7 @@
MemoryRegion *system_memory,
MemoryRegion *rom_memory,
MemoryRegion **ram_memory);
+uint64_t pc_pci_hole64_start(void);
qemu_irq pc_allocate_cpu_irq(void);
DeviceState *pc_vga_init(ISABus *isa_bus, PCIBus *pci_bus);
void pc_basic_device_init(ISABus *isa_bus, qemu_irq *gsi,
@@ -375,6 +375,14 @@
.driver = TYPE_X86_CPU,\
.property = "x-hv-max-vps",\
.value = "0x40",\
+ },{\
+ .driver = "i440FX-pcihost",\
+ .property = "x-pci-hole64-fix",\
+ .value = "off",\
+ },{\
+ .driver = "q35-pcihost",\
+ .property = "x-pci-hole64-fix",\
+ .value = "off",\
},
#define PC_COMPAT_2_9 \
diff --git a/include/hw/misc/aspeed_scu.h b/include/hw/misc/aspeed_scu.h
index bd4ac01..d70cc0a 100644
--- a/include/hw/misc/aspeed_scu.h
+++ b/include/hw/misc/aspeed_scu.h
@@ -29,6 +29,7 @@
uint32_t silicon_rev;
uint32_t hw_strap1;
uint32_t hw_strap2;
+ uint32_t hw_prot_key;
} AspeedSCUState;
#define AST2400_A0_SILICON_REV 0x02000303U
@@ -38,6 +39,8 @@
extern bool is_supported_silicon_rev(uint32_t silicon_rev);
+#define ASPEED_SCU_PROT_KEY 0x1688A8A8
+
/*
* Extracted from Aspeed SDK v00.03.21. Fixes and extra definitions
* were added.
diff --git a/include/hw/pci-host/q35.h b/include/hw/pci-host/q35.h
index 58983c0..8f4ddde 100644
--- a/include/hw/pci-host/q35.h
+++ b/include/hw/pci-host/q35.h
@@ -68,6 +68,7 @@
PCIExpressHost parent_obj;
/*< public >*/
+ bool pci_hole64_fix;
MCHPCIState mch;
} Q35PCIHost;
diff --git a/include/hw/ppc/xics.h b/include/hw/ppc/xics.h
index 28d248a..2df99be 100644
--- a/include/hw/ppc/xics.h
+++ b/include/hw/ppc/xics.h
@@ -69,6 +69,7 @@
void (*pre_save)(ICPState *icp);
int (*post_load)(ICPState *icp, int version_id);
void (*reset)(ICPState *icp);
+ void (*synchronize_state)(ICPState *icp);
};
struct ICPState {
@@ -119,6 +120,7 @@
void (*reject)(ICSState *s, uint32_t irq);
void (*resend)(ICSState *s);
void (*eoi)(ICSState *s, uint32_t irq);
+ void (*synchronize_state)(ICSState *s);
};
struct ICSState {
diff --git a/include/net/checksum.h b/include/net/checksum.h
index 7df472c..05a0d27 100644
--- a/include/net/checksum.h
+++ b/include/net/checksum.h
@@ -34,6 +34,12 @@
}
static inline uint16_t
+net_checksum_finish_nozero(uint32_t sum)
+{
+ return net_checksum_finish(sum) ?: 0xFFFF;
+}
+
+static inline uint16_t
net_raw_checksum(uint8_t *data, int length)
{
return net_checksum_finish(net_checksum_add(length, data));
diff --git a/include/qapi/qmp/qbool.h b/include/qapi/qmp/qbool.h
index a41111c..f77ea86 100644
--- a/include/qapi/qmp/qbool.h
+++ b/include/qapi/qmp/qbool.h
@@ -24,6 +24,7 @@
QBool *qbool_from_bool(bool value);
bool qbool_get_bool(const QBool *qb);
QBool *qobject_to_qbool(const QObject *obj);
+bool qbool_is_equal(const QObject *x, const QObject *y);
void qbool_destroy_obj(QObject *obj);
#endif /* QBOOL_H */
diff --git a/include/qapi/qmp/qdict.h b/include/qapi/qmp/qdict.h
index 6588c7f..fc218e7 100644
--- a/include/qapi/qmp/qdict.h
+++ b/include/qapi/qmp/qdict.h
@@ -15,6 +15,7 @@
#include "qapi/qmp/qobject.h"
#include "qapi/qmp/qlist.h"
+#include "qapi/qmp/qnull.h"
#include "qapi/qmp/qnum.h"
#include "qemu/queue.h"
@@ -42,6 +43,7 @@
int qdict_haskey(const QDict *qdict, const char *key);
QObject *qdict_get(const QDict *qdict, const char *key);
QDict *qobject_to_qdict(const QObject *obj);
+bool qdict_is_equal(const QObject *x, const QObject *y);
void qdict_iter(const QDict *qdict,
void (*iter)(const char *key, QObject *obj, void *opaque),
void *opaque);
diff --git a/include/qapi/qmp/qlist.h b/include/qapi/qmp/qlist.h
index c4b5fda..ec3fcc1 100644
--- a/include/qapi/qmp/qlist.h
+++ b/include/qapi/qmp/qlist.h
@@ -15,6 +15,7 @@
#include "qapi/qmp/qobject.h"
#include "qapi/qmp/qnum.h"
+#include "qapi/qmp/qnull.h"
#include "qemu/queue.h"
typedef struct QListEntry {
@@ -37,6 +38,8 @@
qlist_append(qlist, qbool_from_bool(value))
#define qlist_append_str(qlist, value) \
qlist_append(qlist, qstring_from_str(value))
+#define qlist_append_null(qlist) \
+ qlist_append(qlist, qnull())
#define QLIST_FOREACH_ENTRY(qlist, var) \
for ((var) = ((qlist)->head.tqh_first); \
@@ -58,6 +61,7 @@
int qlist_empty(const QList *qlist);
size_t qlist_size(const QList *qlist);
QList *qobject_to_qlist(const QObject *obj);
+bool qlist_is_equal(const QObject *x, const QObject *y);
void qlist_destroy_obj(QObject *obj);
static inline const QListEntry *qlist_first(const QList *qlist)
diff --git a/include/qapi/qmp/qnull.h b/include/qapi/qmp/qnull.h
new file mode 100644
index 0000000..c992ee2
--- /dev/null
+++ b/include/qapi/qmp/qnull.h
@@ -0,0 +1,32 @@
+/*
+ * QNull
+ *
+ * Copyright (C) 2015 Red Hat, Inc.
+ *
+ * Authors:
+ * Markus Armbruster <armbru@redhat.com>
+ *
+ * This work is licensed under the terms of the GNU LGPL, version 2.1
+ * or later. See the COPYING.LIB file in the top-level directory.
+ */
+
+#ifndef QNULL_H
+#define QNULL_H
+
+#include "qapi/qmp/qobject.h"
+
+struct QNull {
+ QObject base;
+};
+
+extern QNull qnull_;
+
+static inline QNull *qnull(void)
+{
+ QINCREF(&qnull_);
+ return &qnull_;
+}
+
+bool qnull_is_equal(const QObject *x, const QObject *y);
+
+#endif /* QNULL_H */
diff --git a/include/qapi/qmp/qnum.h b/include/qapi/qmp/qnum.h
index d6b0791..c3d8679 100644
--- a/include/qapi/qmp/qnum.h
+++ b/include/qapi/qmp/qnum.h
@@ -69,6 +69,7 @@
char *qnum_to_string(QNum *qn);
QNum *qobject_to_qnum(const QObject *obj);
+bool qnum_is_equal(const QObject *x, const QObject *y);
void qnum_destroy_obj(QObject *obj);
#endif /* QNUM_H */
diff --git a/include/qapi/qmp/qobject.h b/include/qapi/qmp/qobject.h
index eab29ed..38ac688 100644
--- a/include/qapi/qmp/qobject.h
+++ b/include/qapi/qmp/qobject.h
@@ -68,6 +68,15 @@
}
/**
+ * qobject_is_equal(): Return whether the two objects are equal.
+ *
+ * Any of the pointers may be NULL; return true if both are. Always
+ * return false if only one is (therefore a QNull object is not
+ * considered equal to a NULL pointer).
+ */
+bool qobject_is_equal(const QObject *x, const QObject *y);
+
+/**
* qobject_destroy(): Free resources used by the object
*/
void qobject_destroy(QObject *obj);
@@ -93,16 +102,4 @@
return obj->type;
}
-struct QNull {
- QObject base;
-};
-
-extern QNull qnull_;
-
-static inline QNull *qnull(void)
-{
- QINCREF(&qnull_);
- return &qnull_;
-}
-
#endif /* QOBJECT_H */
diff --git a/include/qapi/qmp/qstring.h b/include/qapi/qmp/qstring.h
index 10076b7..65c05a9 100644
--- a/include/qapi/qmp/qstring.h
+++ b/include/qapi/qmp/qstring.h
@@ -31,6 +31,7 @@
void qstring_append(QString *qstring, const char *str);
void qstring_append_chr(QString *qstring, int c);
QString *qobject_to_qstring(const QObject *obj);
+bool qstring_is_equal(const QObject *x, const QObject *y);
void qstring_destroy_obj(QObject *obj);
#endif /* QSTRING_H */
diff --git a/include/qapi/qmp/types.h b/include/qapi/qmp/types.h
index a4bc662..749ac44 100644
--- a/include/qapi/qmp/types.h
+++ b/include/qapi/qmp/types.h
@@ -19,5 +19,6 @@
#include "qapi/qmp/qstring.h"
#include "qapi/qmp/qdict.h"
#include "qapi/qmp/qlist.h"
+#include "qapi/qmp/qnull.h"
#endif /* QAPI_QMP_TYPES_H */
diff --git a/include/qemu/thread-posix.h b/include/qemu/thread-posix.h
index f4296d3..f3f47e4 100644
--- a/include/qemu/thread-posix.h
+++ b/include/qemu/thread-posix.h
@@ -7,7 +7,7 @@
typedef QemuMutex QemuRecMutex;
#define qemu_rec_mutex_destroy qemu_mutex_destroy
#define qemu_rec_mutex_lock qemu_mutex_lock
-#define qemu_rec_mutex_try_lock qemu_mutex_try_lock
+#define qemu_rec_mutex_trylock qemu_mutex_trylock
#define qemu_rec_mutex_unlock qemu_mutex_unlock
struct QemuMutex {
diff --git a/include/qom/cpu.h b/include/qom/cpu.h
index fa4b0c9..c2fa151 100644
--- a/include/qom/cpu.h
+++ b/include/qom/cpu.h
@@ -209,7 +209,6 @@
/* Keep non-pointer data at the end to minimize holes. */
int gdb_num_core_regs;
bool gdb_stop_before_watchpoint;
- bool tcg_initialized;
} CPUClass;
#ifdef HOST_WORDS_BIGENDIAN
diff --git a/migration/block.c b/migration/block.c
index 3282809..7147171 100644
--- a/migration/block.c
+++ b/migration/block.c
@@ -415,6 +415,7 @@
sectors = bdrv_nb_sectors(bs);
if (sectors <= 0) {
ret = sectors;
+ bdrv_next_cleanup(&it);
goto out;
}
diff --git a/nbd/client.c b/nbd/client.c
index 3d680e6..eea236c 100644
--- a/nbd/client.c
+++ b/nbd/client.c
@@ -79,12 +79,12 @@
stl_be_p(&req.length, len);
if (nbd_write(ioc, &req, sizeof(req), errp) < 0) {
- error_prepend(errp, "Failed to send option request header");
+ error_prepend(errp, "Failed to send option request header: ");
return -1;
}
if (len && nbd_write(ioc, (char *) data, len, errp) < 0) {
- error_prepend(errp, "Failed to send option request data");
+ error_prepend(errp, "Failed to send option request data: ");
return -1;
}
@@ -113,7 +113,7 @@
{
QEMU_BUILD_BUG_ON(sizeof(*reply) != 20);
if (nbd_read(ioc, reply, sizeof(*reply), errp) < 0) {
- error_prepend(errp, "failed to read option reply");
+ error_prepend(errp, "failed to read option reply: ");
nbd_send_opt_abort(ioc);
return -1;
}
@@ -166,7 +166,7 @@
msg = g_malloc(reply->length + 1);
if (nbd_read(ioc, msg, reply->length, errp) < 0) {
error_prepend(errp, "failed to read option error 0x%" PRIx32
- " (%s) message",
+ " (%s) message: ",
reply->type, nbd_rep_lookup(reply->type));
goto cleanup;
}
@@ -277,7 +277,7 @@
return -1;
}
if (nbd_read(ioc, &namelen, sizeof(namelen), errp) < 0) {
- error_prepend(errp, "failed to read option name length");
+ error_prepend(errp, "failed to read option name length: ");
nbd_send_opt_abort(ioc);
return -1;
}
@@ -290,7 +290,8 @@
}
if (namelen != strlen(want)) {
if (nbd_drop(ioc, len, errp) < 0) {
- error_prepend(errp, "failed to skip export name with wrong length");
+ error_prepend(errp,
+ "failed to skip export name with wrong length: ");
nbd_send_opt_abort(ioc);
return -1;
}
@@ -299,14 +300,14 @@
assert(namelen < sizeof(name));
if (nbd_read(ioc, name, namelen, errp) < 0) {
- error_prepend(errp, "failed to read export name");
+ error_prepend(errp, "failed to read export name: ");
nbd_send_opt_abort(ioc);
return -1;
}
name[namelen] = '\0';
len -= namelen;
if (nbd_drop(ioc, len, errp) < 0) {
- error_prepend(errp, "failed to read export description");
+ error_prepend(errp, "failed to read export description: ");
nbd_send_opt_abort(ioc);
return -1;
}
@@ -390,7 +391,7 @@
return -1;
}
if (nbd_read(ioc, &type, sizeof(type), errp) < 0) {
- error_prepend(errp, "failed to read info type");
+ error_prepend(errp, "failed to read info type: ");
nbd_send_opt_abort(ioc);
return -1;
}
@@ -405,13 +406,13 @@
return -1;
}
if (nbd_read(ioc, &info->size, sizeof(info->size), errp) < 0) {
- error_prepend(errp, "failed to read info size");
+ error_prepend(errp, "failed to read info size: ");
nbd_send_opt_abort(ioc);
return -1;
}
be64_to_cpus(&info->size);
if (nbd_read(ioc, &info->flags, sizeof(info->flags), errp) < 0) {
- error_prepend(errp, "failed to read info flags");
+ error_prepend(errp, "failed to read info flags: ");
nbd_send_opt_abort(ioc);
return -1;
}
@@ -428,7 +429,7 @@
}
if (nbd_read(ioc, &info->min_block, sizeof(info->min_block),
errp) < 0) {
- error_prepend(errp, "failed to read info minimum block size");
+ error_prepend(errp, "failed to read info minimum block size: ");
nbd_send_opt_abort(ioc);
return -1;
}
@@ -441,7 +442,8 @@
}
if (nbd_read(ioc, &info->opt_block, sizeof(info->opt_block),
errp) < 0) {
- error_prepend(errp, "failed to read info preferred block size");
+ error_prepend(errp,
+ "failed to read info preferred block size: ");
nbd_send_opt_abort(ioc);
return -1;
}
@@ -455,7 +457,7 @@
}
if (nbd_read(ioc, &info->max_block, sizeof(info->max_block),
errp) < 0) {
- error_prepend(errp, "failed to read info maximum block size");
+ error_prepend(errp, "failed to read info maximum block size: ");
nbd_send_opt_abort(ioc);
return -1;
}
@@ -467,7 +469,7 @@
default:
trace_nbd_opt_go_info_unknown(type, nbd_info_lookup(type));
if (nbd_drop(ioc, len, errp) < 0) {
- error_prepend(errp, "Failed to read info payload");
+ error_prepend(errp, "Failed to read info payload: ");
nbd_send_opt_abort(ioc);
return -1;
}
@@ -618,7 +620,7 @@
}
if (nbd_read(ioc, buf, 8, errp) < 0) {
- error_prepend(errp, "Failed to read data");
+ error_prepend(errp, "Failed to read data: ");
goto fail;
}
@@ -637,7 +639,7 @@
}
if (nbd_read(ioc, &magic, sizeof(magic), errp) < 0) {
- error_prepend(errp, "Failed to read magic");
+ error_prepend(errp, "Failed to read magic: ");
goto fail;
}
magic = be64_to_cpu(magic);
@@ -649,7 +651,7 @@
bool fixedNewStyle = false;
if (nbd_read(ioc, &globalflags, sizeof(globalflags), errp) < 0) {
- error_prepend(errp, "Failed to read server flags");
+ error_prepend(errp, "Failed to read server flags: ");
goto fail;
}
globalflags = be16_to_cpu(globalflags);
@@ -665,7 +667,7 @@
/* client requested flags */
clientflags = cpu_to_be32(clientflags);
if (nbd_write(ioc, &clientflags, sizeof(clientflags), errp) < 0) {
- error_prepend(errp, "Failed to send clientflags field");
+ error_prepend(errp, "Failed to send clientflags field: ");
goto fail;
}
if (tlscreds) {
@@ -727,13 +729,13 @@
/* Read the response */
if (nbd_read(ioc, &info->size, sizeof(info->size), errp) < 0) {
- error_prepend(errp, "Failed to read export length");
+ error_prepend(errp, "Failed to read export length: ");
goto fail;
}
be64_to_cpus(&info->size);
if (nbd_read(ioc, &info->flags, sizeof(info->flags), errp) < 0) {
- error_prepend(errp, "Failed to read export flags");
+ error_prepend(errp, "Failed to read export flags: ");
goto fail;
}
be16_to_cpus(&info->flags);
@@ -750,13 +752,13 @@
}
if (nbd_read(ioc, &info->size, sizeof(info->size), errp) < 0) {
- error_prepend(errp, "Failed to read export length");
+ error_prepend(errp, "Failed to read export length: ");
goto fail;
}
be64_to_cpus(&info->size);
if (nbd_read(ioc, &oldflags, sizeof(oldflags), errp) < 0) {
- error_prepend(errp, "Failed to read export flags");
+ error_prepend(errp, "Failed to read export flags: ");
goto fail;
}
be32_to_cpus(&oldflags);
@@ -772,7 +774,7 @@
trace_nbd_receive_negotiate_size_flags(info->size, info->flags);
if (zeroes && nbd_drop(ioc, 124, errp) < 0) {
- error_prepend(errp, "Failed to read reserved block");
+ error_prepend(errp, "Failed to read reserved block: ");
goto fail;
}
rc = 0;
@@ -979,6 +981,7 @@
int nbd_receive_reply(QIOChannel *ioc, NBDReply *reply, Error **errp)
{
int ret;
+ const char *type;
ret = nbd_read_eof(ioc, &reply->magic, sizeof(reply->magic), errp);
if (ret <= 0) {
@@ -993,23 +996,18 @@
if (ret < 0) {
break;
}
-
trace_nbd_receive_simple_reply(reply->simple.error,
nbd_err_lookup(reply->simple.error),
reply->handle);
- if (reply->simple.error == NBD_ESHUTDOWN) {
- /* This works even on mingw which lacks a native ESHUTDOWN */
- error_setg(errp, "server shutting down");
- return -EINVAL;
- }
break;
case NBD_STRUCTURED_REPLY_MAGIC:
ret = nbd_receive_structured_reply_chunk(ioc, &reply->structured, errp);
if (ret < 0) {
break;
}
+ type = nbd_reply_type_lookup(reply->structured.type);
trace_nbd_receive_structured_reply_chunk(reply->structured.flags,
- reply->structured.type,
+ reply->structured.type, type,
reply->structured.handle,
reply->structured.length);
break;
diff --git a/nbd/server.c b/nbd/server.c
index 70b40ed..7d6801b 100644
--- a/nbd/server.c
+++ b/nbd/server.c
@@ -423,6 +423,7 @@
break;
}
}
+ assert(length == 0);
exp = nbd_export_find(name);
if (!exp) {
@@ -433,7 +434,7 @@
/* Don't bother sending NBD_INFO_NAME unless client requested it */
if (sendname) {
- rc = nbd_negotiate_send_info(client, opt, NBD_INFO_NAME, length, name,
+ rc = nbd_negotiate_send_info(client, opt, NBD_INFO_NAME, namelen, name,
errp);
if (rc < 0) {
return rc;
@@ -1272,6 +1273,21 @@
stl_be_p(&chunk->length, length);
}
+static int coroutine_fn nbd_co_send_structured_done(NBDClient *client,
+ uint64_t handle,
+ Error **errp)
+{
+ NBDStructuredReplyChunk chunk;
+ struct iovec iov[] = {
+ {.iov_base = &chunk, .iov_len = sizeof(chunk)},
+ };
+
+ trace_nbd_co_send_structured_done(handle);
+ set_be_chunk(&chunk, NBD_REPLY_FLAG_DONE, NBD_REPLY_TYPE_NONE, handle, 0);
+
+ return nbd_co_send_iov(client, iov, 1, errp);
+}
+
static int coroutine_fn nbd_co_send_structured_read(NBDClient *client,
uint64_t handle,
uint64_t offset,
@@ -1279,12 +1295,13 @@
size_t size,
Error **errp)
{
- NBDStructuredRead chunk;
+ NBDStructuredReadData chunk;
struct iovec iov[] = {
{.iov_base = &chunk, .iov_len = sizeof(chunk)},
{.iov_base = data, .iov_len = size}
};
+ assert(size);
trace_nbd_co_send_structured_read(handle, offset, data, size);
set_be_chunk(&chunk.h, NBD_REPLY_FLAG_DONE, NBD_REPLY_TYPE_OFFSET_DATA,
handle, sizeof(chunk) - sizeof(chunk.h) + size);
@@ -1349,15 +1366,6 @@
return -EIO;
}
- /* Check for sanity in the parameters, part 1. Defer as many
- * checks as possible until after reading any NBD_CMD_WRITE
- * payload, so we can try and keep the connection alive. */
- if ((request->from + request->len) < request->from) {
- error_setg(errp,
- "integer overflow detected, you're probably being attacked");
- return -EINVAL;
- }
-
if (request->type == NBD_CMD_READ || request->type == NBD_CMD_WRITE) {
if (request->len > NBD_MAX_BUFFER_SIZE) {
error_setg(errp, "len (%" PRIu32" ) is larger than max len (%u)",
@@ -1382,12 +1390,21 @@
request->len);
}
- /* Sanity checks, part 2. */
- if (request->from + request->len > client->exp->size) {
+ /* Sanity checks. */
+ if (client->exp->nbdflags & NBD_FLAG_READ_ONLY &&
+ (request->type == NBD_CMD_WRITE ||
+ request->type == NBD_CMD_WRITE_ZEROES ||
+ request->type == NBD_CMD_TRIM)) {
+ error_setg(errp, "Export is read-only");
+ return -EROFS;
+ }
+ if (request->from > client->exp->size ||
+ request->from + request->len > client->exp->size) {
error_setg(errp, "operation past EOF; From: %" PRIu64 ", Len: %" PRIu32
", Size: %" PRIu64, request->from, request->len,
(uint64_t)client->exp->size);
- return request->type == NBD_CMD_WRITE ? -ENOSPC : -EINVAL;
+ return (request->type == NBD_CMD_WRITE ||
+ request->type == NBD_CMD_WRITE_ZEROES) ? -ENOSPC : -EINVAL;
}
valid_flags = NBD_CMD_FLAG_FUA;
if (request->type == NBD_CMD_READ && client->structured_reply) {
@@ -1465,12 +1482,6 @@
break;
case NBD_CMD_WRITE:
- if (exp->nbdflags & NBD_FLAG_READ_ONLY) {
- error_setg(&local_err, "Export is read-only");
- ret = -EROFS;
- break;
- }
-
flags = 0;
if (request.flags & NBD_CMD_FLAG_FUA) {
flags |= BDRV_REQ_FUA;
@@ -1483,12 +1494,6 @@
break;
case NBD_CMD_WRITE_ZEROES:
- if (exp->nbdflags & NBD_FLAG_READ_ONLY) {
- error_setg(&local_err, "Export is read-only");
- ret = -EROFS;
- break;
- }
-
flags = 0;
if (request.flags & NBD_CMD_FLAG_FUA) {
flags |= BDRV_REQ_FUA;
@@ -1543,10 +1548,13 @@
if (ret < 0) {
ret = nbd_co_send_structured_error(req->client, request.handle,
-ret, msg, &local_err);
- } else {
+ } else if (reply_data_len) {
ret = nbd_co_send_structured_read(req->client, request.handle,
request.from, req->data,
reply_data_len, &local_err);
+ } else {
+ ret = nbd_co_send_structured_done(req->client, request.handle,
+ &local_err);
}
} else {
ret = nbd_co_send_simple_reply(req->client, request.handle,
diff --git a/nbd/trace-events b/nbd/trace-events
index 4a13757..92568ed 100644
--- a/nbd/trace-events
+++ b/nbd/trace-events
@@ -27,7 +27,7 @@
nbd_client_clear_socket(void) "Clearing NBD socket"
nbd_send_request(uint64_t from, uint32_t len, uint64_t handle, uint16_t flags, uint16_t type, const char *name) "Sending request to server: { .from = %" PRIu64", .len = %" PRIu32 ", .handle = %" PRIu64 ", .flags = 0x%" PRIx16 ", .type = %" PRIu16 " (%s) }"
nbd_receive_simple_reply(int32_t error, const char *errname, uint64_t handle) "Got simple reply: { .error = %" PRId32 " (%s), handle = %" PRIu64" }"
-nbd_receive_structured_reply_chunk(uint16_t flags, uint16_t type, uint64_t handle, uint32_t length) "Got structured reply chunk: { flags = 0x%" PRIx16 ", type = %d, handle = %" PRIu64 ", length = %" PRIu32 " }"
+nbd_receive_structured_reply_chunk(uint16_t flags, uint16_t type, const char *name, uint64_t handle, uint32_t length) "Got structured reply chunk: { flags = 0x%" PRIx16 ", type = %d (%s), handle = %" PRIu64 ", length = %" PRIu32 " }"
# nbd/common.c
nbd_unknown_error(int err) "Squashing unexpected error %d to EINVAL"
@@ -55,6 +55,7 @@
nbd_blk_aio_attached(const char *name, void *ctx) "Export %s: Attaching clients to AIO context %p\n"
nbd_blk_aio_detach(const char *name, void *ctx) "Export %s: Detaching clients from AIO context %p\n"
nbd_co_send_simple_reply(uint64_t handle, uint32_t error, const char *errname, int len) "Send simple reply: handle = %" PRIu64 ", error = %" PRIu32 " (%s), len = %d"
+nbd_co_send_structured_done(uint64_t handle) "Send structured reply done: handle = %" PRIu64
nbd_co_send_structured_read(uint64_t handle, uint64_t offset, void *data, size_t size) "Send structured read data reply: handle = %" PRIu64 ", offset = %" PRIu64 ", data = %p, len = %zu"
nbd_co_send_structured_error(uint64_t handle, int err, const char *errname, const char *msg) "Send structured error reply: handle = %" PRIu64 ", error = %d (%s), msg = '%s'"
nbd_co_receive_request_decode_type(uint64_t handle, uint16_t type, const char *name) "Decoding type: handle = %" PRIu64 ", type = %" PRIu16 " (%s)"
diff --git a/net/colo-compare.c b/net/colo-compare.c
index b3f35d7..1ce195f 100644
--- a/net/colo-compare.c
+++ b/net/colo-compare.c
@@ -113,10 +113,30 @@
}
/*
+ * Return 1 on success, if return 0 means the
+ * packet will be dropped
+ */
+static int colo_insert_packet(GQueue *queue, Packet *pkt)
+{
+ if (g_queue_get_length(queue) <= MAX_QUEUE_SIZE) {
+ if (pkt->ip->ip_p == IPPROTO_TCP) {
+ g_queue_insert_sorted(queue,
+ pkt,
+ (GCompareDataFunc)seq_sorter,
+ NULL);
+ } else {
+ g_queue_push_tail(queue, pkt);
+ }
+ return 1;
+ }
+ return 0;
+}
+
+/*
* Return 0 on success, if return -1 means the pkt
* is unsupported(arp and ipv6) and will be sent later
*/
-static int packet_enqueue(CompareState *s, int mode)
+static int packet_enqueue(CompareState *s, int mode, Connection **con)
{
ConnectionKey key;
Packet *pkt = NULL;
@@ -149,32 +169,17 @@
}
if (mode == PRIMARY_IN) {
- if (g_queue_get_length(&conn->primary_list) <=
- MAX_QUEUE_SIZE) {
- g_queue_push_tail(&conn->primary_list, pkt);
- if (conn->ip_proto == IPPROTO_TCP) {
- g_queue_sort(&conn->primary_list,
- (GCompareDataFunc)seq_sorter,
- NULL);
- }
- } else {
+ if (!colo_insert_packet(&conn->primary_list, pkt)) {
error_report("colo compare primary queue size too big,"
"drop packet");
}
} else {
- if (g_queue_get_length(&conn->secondary_list) <=
- MAX_QUEUE_SIZE) {
- g_queue_push_tail(&conn->secondary_list, pkt);
- if (conn->ip_proto == IPPROTO_TCP) {
- g_queue_sort(&conn->secondary_list,
- (GCompareDataFunc)seq_sorter,
- NULL);
- }
- } else {
+ if (!colo_insert_packet(&conn->secondary_list, pkt)) {
error_report("colo compare secondary queue size too big,"
"drop packet");
}
}
+ *con = conn;
return 0;
}
@@ -475,7 +480,9 @@
/*
* Called from the compare thread on the primary
- * for compare connection
+ * for compare packet with secondary list of the
+ * specified connection when a new packet was
+ * queued to it.
*/
static void colo_compare_connection(void *opaque, void *user_data)
{
@@ -724,28 +731,30 @@
static void compare_pri_rs_finalize(SocketReadState *pri_rs)
{
CompareState *s = container_of(pri_rs, CompareState, pri_rs);
+ Connection *conn = NULL;
- if (packet_enqueue(s, PRIMARY_IN)) {
+ if (packet_enqueue(s, PRIMARY_IN, &conn)) {
trace_colo_compare_main("primary: unsupported packet in");
compare_chr_send(s,
pri_rs->buf,
pri_rs->packet_len,
pri_rs->vnet_hdr_len);
} else {
- /* compare connection */
- g_queue_foreach(&s->conn_list, colo_compare_connection, s);
+ /* compare packet in the specified connection */
+ colo_compare_connection(conn, s);
}
}
static void compare_sec_rs_finalize(SocketReadState *sec_rs)
{
CompareState *s = container_of(sec_rs, CompareState, sec_rs);
+ Connection *conn = NULL;
- if (packet_enqueue(s, SECONDARY_IN)) {
+ if (packet_enqueue(s, SECONDARY_IN, &conn)) {
trace_colo_compare_main("secondary: unsupported packet in");
} else {
- /* compare connection */
- g_queue_foreach(&s->conn_list, colo_compare_connection, s);
+ /* compare packet in the specified connection */
+ colo_compare_connection(conn, s);
}
}
diff --git a/net/colo.c b/net/colo.c
index 28ce7c8..a39d600 100644
--- a/net/colo.c
+++ b/net/colo.c
@@ -82,6 +82,14 @@
return 0;
}
+void extract_ip_and_port(uint32_t tmp_ports, ConnectionKey *key, Packet *pkt)
+{
+ key->src = pkt->ip->ip_src;
+ key->dst = pkt->ip->ip_dst;
+ key->src_port = ntohs(tmp_ports >> 16);
+ key->dst_port = ntohs(tmp_ports & 0xffff);
+}
+
void fill_connection_key(Packet *pkt, ConnectionKey *key)
{
uint32_t tmp_ports;
@@ -97,17 +105,11 @@
case IPPROTO_SCTP:
case IPPROTO_UDPLITE:
tmp_ports = *(uint32_t *)(pkt->transport_header);
- key->src = pkt->ip->ip_src;
- key->dst = pkt->ip->ip_dst;
- key->src_port = ntohs(tmp_ports & 0xffff);
- key->dst_port = ntohs(tmp_ports >> 16);
+ extract_ip_and_port(tmp_ports, key, pkt);
break;
case IPPROTO_AH:
tmp_ports = *(uint32_t *)(pkt->transport_header + 4);
- key->src = pkt->ip->ip_src;
- key->dst = pkt->ip->ip_dst;
- key->src_port = ntohs(tmp_ports & 0xffff);
- key->dst_port = ntohs(tmp_ports >> 16);
+ extract_ip_and_port(tmp_ports, key, pkt);
break;
default:
break;
diff --git a/net/colo.h b/net/colo.h
index caedb0d..0658e86 100644
--- a/net/colo.h
+++ b/net/colo.h
@@ -76,6 +76,7 @@
uint32_t connection_key_hash(const void *opaque);
int connection_key_equal(const void *opaque1, const void *opaque2);
int parse_packet_early(Packet *pkt);
+void extract_ip_and_port(uint32_t tmp_ports, ConnectionKey *key, Packet *pkt);
void fill_connection_key(Packet *pkt, ConnectionKey *key);
void reverse_connection_key(ConnectionKey *key);
Connection *connection_new(ConnectionKey *key);
diff --git a/net/socket.c b/net/socket.c
index e6b471c..6917fbc 100644
--- a/net/socket.c
+++ b/net/socket.c
@@ -373,7 +373,7 @@
net_socket_read_poll(s, true);
/* mcast: save bound address as dst */
- if (is_connected) {
+ if (is_connected && mcast != NULL) {
s->dgram_dst = saddr;
snprintf(nc->info_str, sizeof(nc->info_str),
"socket: fd=%d (cloned mcast=%s:%d)",
@@ -695,8 +695,8 @@
assert(netdev->type == NET_CLIENT_DRIVER_SOCKET);
sock = &netdev->u.socket;
- if (sock->has_listen + sock->has_connect + sock->has_mcast +
- sock->has_udp > 1) {
+ if (sock->has_fd + sock->has_listen + sock->has_connect + sock->has_mcast +
+ sock->has_udp != 1) {
error_setg(errp, "exactly one of listen=, connect=, mcast= or udp="
" is required");
return -1;
diff --git a/numa.c b/numa.c
index 8d78d95..7151b24 100644
--- a/numa.c
+++ b/numa.c
@@ -216,6 +216,7 @@
}
numa_info[nodenr].present = true;
max_numa_nodeid = MAX(max_numa_nodeid, nodenr + 1);
+ nb_numa_nodes++;
}
static void parse_numa_distance(NumaDistOptions *dist, Error **errp)
@@ -282,7 +283,6 @@
if (err) {
goto end;
}
- nb_numa_nodes++;
break;
case NUMA_OPTIONS_TYPE_DIST:
parse_numa_distance(&object->u.dist, &err);
@@ -433,6 +433,25 @@
exit(1);
}
+ /*
+ * If memory hotplug is enabled (slots > 0) but without '-numa'
+ * options explicitly on CLI, guestes will break.
+ *
+ * Windows: won't enable memory hotplug without SRAT table at all
+ *
+ * Linux: if QEMU is started with initial memory all below 4Gb
+ * and no SRAT table present, guest kernel will use nommu DMA ops,
+ * which breaks 32bit hw drivers when memory is hotplugged and
+ * guest tries to use it with that drivers.
+ *
+ * Enable NUMA implicitly by adding a new NUMA node automatically.
+ */
+ if (ms->ram_slots > 0 && nb_numa_nodes == 0 &&
+ mc->auto_enable_numa_with_memhp) {
+ NumaNodeOptions node = { };
+ parse_numa_node(ms, &node, NULL);
+ }
+
assert(max_numa_nodeid <= MAX_NODES);
/* No support for sparse NUMA node IDs yet: */
diff --git a/pc-bios/bios-256k.bin b/pc-bios/bios-256k.bin
index 3431468..e1d6b15 100644
--- a/pc-bios/bios-256k.bin
+++ b/pc-bios/bios-256k.bin
Binary files differ
diff --git a/pc-bios/bios.bin b/pc-bios/bios.bin
index 0de6417..140e33c 100644
--- a/pc-bios/bios.bin
+++ b/pc-bios/bios.bin
Binary files differ
diff --git a/pc-bios/s390-ccw.img b/pc-bios/s390-ccw.img
index 75b604e..7415f1a 100644
--- a/pc-bios/s390-ccw.img
+++ b/pc-bios/s390-ccw.img
Binary files differ
diff --git a/pc-bios/s390-ccw/virtio-scsi.c b/pc-bios/s390-ccw/virtio-scsi.c
index c92f5d3..4fe4b9d 100644
--- a/pc-bios/s390-ccw/virtio-scsi.c
+++ b/pc-bios/s390-ccw/virtio-scsi.c
@@ -223,7 +223,8 @@
for (target = 0; target <= vdev->config.scsi.max_target; target++) {
sdev->channel = channel;
- sdev->target = target; /* sdev->lun will be 0 here */
+ sdev->target = target;
+ sdev->lun = 0; /* LUN has to be 0 for REPORT LUNS */
if (!scsi_report_luns(vdev, data, sizeof(data))) {
if (resp.response == VIRTIO_SCSI_S_BAD_TARGET) {
continue;
diff --git a/pc-bios/vgabios-cirrus.bin b/pc-bios/vgabios-cirrus.bin
index 1ea28f2..3c8d507 100644
--- a/pc-bios/vgabios-cirrus.bin
+++ b/pc-bios/vgabios-cirrus.bin
Binary files differ
diff --git a/pc-bios/vgabios-qxl.bin b/pc-bios/vgabios-qxl.bin
index 32bda23..1c9ec0f 100644
--- a/pc-bios/vgabios-qxl.bin
+++ b/pc-bios/vgabios-qxl.bin
Binary files differ
diff --git a/pc-bios/vgabios-stdvga.bin b/pc-bios/vgabios-stdvga.bin
index bda1998..b84ae22 100644
--- a/pc-bios/vgabios-stdvga.bin
+++ b/pc-bios/vgabios-stdvga.bin
Binary files differ
diff --git a/pc-bios/vgabios-virtio.bin b/pc-bios/vgabios-virtio.bin
index 16c7c7d..aebc7f8 100644
--- a/pc-bios/vgabios-virtio.bin
+++ b/pc-bios/vgabios-virtio.bin
Binary files differ
diff --git a/pc-bios/vgabios-vmware.bin b/pc-bios/vgabios-vmware.bin
index b08fdf4..76314aa 100644
--- a/pc-bios/vgabios-vmware.bin
+++ b/pc-bios/vgabios-vmware.bin
Binary files differ
diff --git a/pc-bios/vgabios.bin b/pc-bios/vgabios.bin
index b1c1942..066a40b 100644
--- a/pc-bios/vgabios.bin
+++ b/pc-bios/vgabios.bin
Binary files differ
diff --git a/qapi/block-core.json b/qapi/block-core.json
index ab96e34..76bf50f 100644
--- a/qapi/block-core.json
+++ b/qapi/block-core.json
@@ -3134,8 +3134,11 @@
# This option is required on the top level of blockdev-add.
# @discard: discard-related options (default: ignore)
# @cache: cache-related options
-# @read-only: whether the block device should be read-only
-# (default: false)
+# @read-only: whether the block device should be read-only (default: false).
+# Note that some block drivers support only read-only access,
+# either generally or in certain configurations. In this case,
+# the default value does not work and the option must be
+# specified explicitly.
# @detect-zeroes: detect and optimize zero writes (Since 2.1)
# (default: off)
# @force-share: force share all permission on added nodes.
diff --git a/qapi/qapi-clone-visitor.c b/qapi/qapi-clone-visitor.c
index d8b6279..daab681 100644
--- a/qapi/qapi-clone-visitor.c
+++ b/qapi/qapi-clone-visitor.c
@@ -12,6 +12,7 @@
#include "qapi/clone-visitor.h"
#include "qapi/visitor-impl.h"
#include "qapi/error.h"
+#include "qapi/qmp/qnull.h"
struct QapiCloneVisitor {
Visitor visitor;
diff --git a/qapi/string-input-visitor.c b/qapi/string-input-visitor.c
index 67a0a4a..b3fdd08 100644
--- a/qapi/string-input-visitor.c
+++ b/qapi/string-input-visitor.c
@@ -16,6 +16,7 @@
#include "qapi/string-input-visitor.h"
#include "qapi/visitor-impl.h"
#include "qapi/qmp/qerror.h"
+#include "qapi/qmp/qnull.h"
#include "qemu/option.h"
#include "qemu/queue.h"
#include "qemu/range.h"
diff --git a/qemu-doc.texi b/qemu-doc.texi
index 8c10956..d383ac4 100644
--- a/qemu-doc.texi
+++ b/qemu-doc.texi
@@ -2537,6 +2537,13 @@
The ``spapr-pci-vfio-host-bridge'' device type is replaced by
the ``spapr-pci-host-bridge'' device type.
+@section System emulator machines
+
+@subsection Xilinx EP108 (since 2.11.0)
+
+The ``xlnx-ep108'' machine has been replaced by the ``xlnx-zcu102'' machine.
+The ``xlnx-zcu102'' machine has the same features and capabilites in QEMU.
+
@node License
@appendix License
diff --git a/qobject/qbool.c b/qobject/qbool.c
index 0606bbd..ac825fc 100644
--- a/qobject/qbool.c
+++ b/qobject/qbool.c
@@ -52,6 +52,14 @@
}
/**
+ * qbool_is_equal(): Test whether the two QBools are equal
+ */
+bool qbool_is_equal(const QObject *x, const QObject *y)
+{
+ return qobject_to_qbool(x)->value == qobject_to_qbool(y)->value;
+}
+
+/**
* qbool_destroy_obj(): Free all memory allocated by a
* QBool object
*/
diff --git a/qobject/qdict.c b/qobject/qdict.c
index 576018e..e8f15f1 100644
--- a/qobject/qdict.c
+++ b/qobject/qdict.c
@@ -403,6 +403,35 @@
}
/**
+ * qdict_is_equal(): Test whether the two QDicts are equal
+ *
+ * Here, equality means whether they contain the same keys and whether
+ * the respective values are in turn equal (i.e. invoking
+ * qobject_is_equal() on them yields true).
+ */
+bool qdict_is_equal(const QObject *x, const QObject *y)
+{
+ const QDict *dict_x = qobject_to_qdict(x);
+ const QDict *dict_y = qobject_to_qdict(y);
+ const QDictEntry *e;
+
+ if (qdict_size(dict_x) != qdict_size(dict_y)) {
+ return false;
+ }
+
+ for (e = qdict_first(dict_x); e; e = qdict_next(dict_x, e)) {
+ const QObject *obj_x = qdict_entry_value(e);
+ const QObject *obj_y = qdict_get(dict_y, qdict_entry_key(e));
+
+ if (!qobject_is_equal(obj_x, obj_y)) {
+ return false;
+ }
+ }
+
+ return true;
+}
+
+/**
* qdict_destroy_obj(): Free all the memory allocated by a QDict
*/
void qdict_destroy_obj(QObject *obj)
diff --git a/qobject/qlist.c b/qobject/qlist.c
index 86b60cb..3ef57d3 100644
--- a/qobject/qlist.c
+++ b/qobject/qlist.c
@@ -140,6 +140,38 @@
}
/**
+ * qlist_is_equal(): Test whether the two QLists are equal
+ *
+ * In order to be considered equal, the respective two objects at each
+ * index of the two lists have to compare equal (regarding
+ * qobject_is_equal()), and both lists have to have the same number of
+ * elements.
+ * That means both lists have to contain equal objects in equal order.
+ */
+bool qlist_is_equal(const QObject *x, const QObject *y)
+{
+ const QList *list_x = qobject_to_qlist(x);
+ const QList *list_y = qobject_to_qlist(y);
+ const QListEntry *entry_x, *entry_y;
+
+ entry_x = qlist_first(list_x);
+ entry_y = qlist_first(list_y);
+
+ while (entry_x && entry_y) {
+ if (!qobject_is_equal(qlist_entry_obj(entry_x),
+ qlist_entry_obj(entry_y)))
+ {
+ return false;
+ }
+
+ entry_x = qlist_next(entry_x);
+ entry_y = qlist_next(entry_y);
+ }
+
+ return !entry_x && !entry_y;
+}
+
+/**
* qlist_destroy_obj(): Free all the memory allocated by a QList
*/
void qlist_destroy_obj(QObject *obj)
diff --git a/qobject/qnull.c b/qobject/qnull.c
index 69a21d1..f6f55f1 100644
--- a/qobject/qnull.c
+++ b/qobject/qnull.c
@@ -12,7 +12,7 @@
#include "qemu/osdep.h"
#include "qemu-common.h"
-#include "qapi/qmp/qobject.h"
+#include "qapi/qmp/qnull.h"
QNull qnull_ = {
.base = {
@@ -20,3 +20,12 @@
.refcnt = 1,
},
};
+
+/**
+ * qnull_is_equal(): Always return true because any two QNull objects
+ * are equal.
+ */
+bool qnull_is_equal(const QObject *x, const QObject *y)
+{
+ return true;
+}
diff --git a/qobject/qnum.c b/qobject/qnum.c
index 476e81c..410686a 100644
--- a/qobject/qnum.c
+++ b/qobject/qnum.c
@@ -213,6 +213,60 @@
}
/**
+ * qnum_is_equal(): Test whether the two QNums are equal
+ *
+ * Negative integers are never considered equal to unsigned integers,
+ * but positive integers in the range [0, INT64_MAX] are considered
+ * equal independently of whether the QNum's kind is i64 or u64.
+ *
+ * Doubles are never considered equal to integers.
+ */
+bool qnum_is_equal(const QObject *x, const QObject *y)
+{
+ QNum *num_x = qobject_to_qnum(x);
+ QNum *num_y = qobject_to_qnum(y);
+
+ switch (num_x->kind) {
+ case QNUM_I64:
+ switch (num_y->kind) {
+ case QNUM_I64:
+ /* Comparison in native int64_t type */
+ return num_x->u.i64 == num_y->u.i64;
+ case QNUM_U64:
+ /* Implicit conversion of x to uin64_t, so we have to
+ * check its sign before */
+ return num_x->u.i64 >= 0 && num_x->u.i64 == num_y->u.u64;
+ case QNUM_DOUBLE:
+ return false;
+ }
+ abort();
+ case QNUM_U64:
+ switch (num_y->kind) {
+ case QNUM_I64:
+ return qnum_is_equal(y, x);
+ case QNUM_U64:
+ /* Comparison in native uint64_t type */
+ return num_x->u.u64 == num_y->u.u64;
+ case QNUM_DOUBLE:
+ return false;
+ }
+ abort();
+ case QNUM_DOUBLE:
+ switch (num_y->kind) {
+ case QNUM_I64:
+ case QNUM_U64:
+ return false;
+ case QNUM_DOUBLE:
+ /* Comparison in native double type */
+ return num_x->u.dbl == num_y->u.dbl;
+ }
+ abort();
+ }
+
+ abort();
+}
+
+/**
* qnum_destroy_obj(): Free all memory allocated by a
* QNum object
*/
diff --git a/qobject/qobject.c b/qobject/qobject.c
index b0cafb6..b2a5360 100644
--- a/qobject/qobject.c
+++ b/qobject/qobject.c
@@ -27,3 +27,32 @@
assert(QTYPE_QNULL < obj->type && obj->type < QTYPE__MAX);
qdestroy[obj->type](obj);
}
+
+
+static bool (*qis_equal[QTYPE__MAX])(const QObject *, const QObject *) = {
+ [QTYPE_NONE] = NULL, /* No such object exists */
+ [QTYPE_QNULL] = qnull_is_equal,
+ [QTYPE_QNUM] = qnum_is_equal,
+ [QTYPE_QSTRING] = qstring_is_equal,
+ [QTYPE_QDICT] = qdict_is_equal,
+ [QTYPE_QLIST] = qlist_is_equal,
+ [QTYPE_QBOOL] = qbool_is_equal,
+};
+
+bool qobject_is_equal(const QObject *x, const QObject *y)
+{
+ /* We cannot test x == y because an object does not need to be
+ * equal to itself (e.g. NaN floats are not). */
+
+ if (!x && !y) {
+ return true;
+ }
+
+ if (!x || !y || x->type != y->type) {
+ return false;
+ }
+
+ assert(QTYPE_NONE < x->type && x->type < QTYPE__MAX);
+
+ return qis_equal[x->type](x, y);
+}
diff --git a/qobject/qstring.c b/qobject/qstring.c
index 5da7b5f..74182a1 100644
--- a/qobject/qstring.c
+++ b/qobject/qstring.c
@@ -129,6 +129,15 @@
}
/**
+ * qstring_is_equal(): Test whether the two QStrings are equal
+ */
+bool qstring_is_equal(const QObject *x, const QObject *y)
+{
+ return !strcmp(qobject_to_qstring(x)->string,
+ qobject_to_qstring(y)->string);
+}
+
+/**
* qstring_destroy_obj(): Free all memory allocated by a QString
* object
*/
diff --git a/roms/seabios b/roms/seabios
index cd47172..63451fc 160000
--- a/roms/seabios
+++ b/roms/seabios
@@ -1 +1 @@
-Subproject commit cd47172a673762a05a0c7bd27df6e3cc8febe8d6
+Subproject commit 63451fca13c75870e1703eb3e20584d91179aebc
diff --git a/scripts/coccinelle/qobject.cocci b/scripts/coccinelle/qobject.cocci
index 1120eb1..47bcafe 100644
--- a/scripts/coccinelle/qobject.cocci
+++ b/scripts/coccinelle/qobject.cocci
@@ -41,4 +41,7 @@
|
- qlist_append(Obj, qstring_from_str(E));
+ qlist_append_str(Obj, E);
+|
+- qlist_append(Obj, qnull());
++ qlist_append_null(Obj);
)
diff --git a/scripts/update-linux-headers.sh b/scripts/update-linux-headers.sh
index ad80fe3..76fd894 100755
--- a/scripts/update-linux-headers.sh
+++ b/scripts/update-linux-headers.sh
@@ -106,7 +106,7 @@
if [ $arch = x86 ]; then
cat <<-EOF >"$output/include/standard-headers/asm-x86/hyperv.h"
/* this is a temporary placeholder until kvm_para.h stops including it */
- EOF
+EOF
cp "$tmpdir/include/asm/unistd_32.h" "$output/linux-headers/asm-x86/"
cp "$tmpdir/include/asm/unistd_x32.h" "$output/linux-headers/asm-x86/"
cp "$tmpdir/include/asm/unistd_64.h" "$output/linux-headers/asm-x86/"
diff --git a/slirp/tcp_subr.c b/slirp/tcp_subr.c
index dc8b4bb..da0d537 100644
--- a/slirp/tcp_subr.c
+++ b/slirp/tcp_subr.c
@@ -148,7 +148,16 @@
m->m_data += IF_MAXLINKHDR;
*mtod(m, struct tcpiphdr *) = *ti;
ti = mtod(m, struct tcpiphdr *);
- memset(&ti->ti, 0, sizeof(ti->ti));
+ switch (af) {
+ case AF_INET:
+ ti->ti.ti_i4.ih_x1 = 0;
+ break;
+ case AF_INET6:
+ ti->ti.ti_i6.ih_x1 = 0;
+ break;
+ default:
+ g_assert_not_reached();
+ }
flags = TH_ACK;
} else {
/*
diff --git a/target/arm/cpu.c b/target/arm/cpu.c
index 47c8b2a..7f7a3d1 100644
--- a/target/arm/cpu.c
+++ b/target/arm/cpu.c
@@ -489,13 +489,19 @@
info->print_insn = print_insn_arm_a64;
#endif
info->cap_arch = CS_ARCH_ARM64;
+ info->cap_insn_unit = 4;
+ info->cap_insn_split = 4;
} else {
int cap_mode;
if (env->thumb) {
info->print_insn = print_insn_thumb1;
+ info->cap_insn_unit = 2;
+ info->cap_insn_split = 4;
cap_mode = CS_MODE_THUMB;
} else {
info->print_insn = print_insn_arm;
+ info->cap_insn_unit = 4;
+ info->cap_insn_split = 4;
cap_mode = CS_MODE_ARM;
}
if (arm_feature(env, ARM_FEATURE_V8)) {
diff --git a/target/arm/helper-a64.c b/target/arm/helper-a64.c
index d0e435c..b84ebca 100644
--- a/target/arm/helper-a64.c
+++ b/target/arm/helper-a64.c
@@ -432,9 +432,8 @@
/* Returns 0 on success; 1 otherwise. */
static uint64_t do_paired_cmpxchg64_le(CPUARMState *env, uint64_t addr,
uint64_t new_lo, uint64_t new_hi,
- bool parallel)
+ bool parallel, uintptr_t ra)
{
- uintptr_t ra = GETPC();
Int128 oldv, cmpv, newv;
bool success;
@@ -456,6 +455,8 @@
#ifdef CONFIG_USER_ONLY
/* ??? Enforce alignment. */
uint64_t *haddr = g2h(addr);
+
+ helper_retaddr = ra;
o0 = ldq_le_p(haddr + 0);
o1 = ldq_le_p(haddr + 1);
oldv = int128_make128(o0, o1);
@@ -465,6 +466,7 @@
stq_le_p(haddr + 0, int128_getlo(newv));
stq_le_p(haddr + 1, int128_gethi(newv));
}
+ helper_retaddr = 0;
#else
int mem_idx = cpu_mmu_index(env, false);
TCGMemOpIdx oi0 = make_memop_idx(MO_LEQ | MO_ALIGN_16, mem_idx);
@@ -488,20 +490,19 @@
uint64_t HELPER(paired_cmpxchg64_le)(CPUARMState *env, uint64_t addr,
uint64_t new_lo, uint64_t new_hi)
{
- return do_paired_cmpxchg64_le(env, addr, new_lo, new_hi, false);
+ return do_paired_cmpxchg64_le(env, addr, new_lo, new_hi, false, GETPC());
}
uint64_t HELPER(paired_cmpxchg64_le_parallel)(CPUARMState *env, uint64_t addr,
uint64_t new_lo, uint64_t new_hi)
{
- return do_paired_cmpxchg64_le(env, addr, new_lo, new_hi, true);
+ return do_paired_cmpxchg64_le(env, addr, new_lo, new_hi, true, GETPC());
}
static uint64_t do_paired_cmpxchg64_be(CPUARMState *env, uint64_t addr,
uint64_t new_lo, uint64_t new_hi,
- bool parallel)
+ bool parallel, uintptr_t ra)
{
- uintptr_t ra = GETPC();
Int128 oldv, cmpv, newv;
bool success;
@@ -523,6 +524,8 @@
#ifdef CONFIG_USER_ONLY
/* ??? Enforce alignment. */
uint64_t *haddr = g2h(addr);
+
+ helper_retaddr = ra;
o1 = ldq_be_p(haddr + 0);
o0 = ldq_be_p(haddr + 1);
oldv = int128_make128(o0, o1);
@@ -532,6 +535,7 @@
stq_be_p(haddr + 0, int128_gethi(newv));
stq_be_p(haddr + 1, int128_getlo(newv));
}
+ helper_retaddr = 0;
#else
int mem_idx = cpu_mmu_index(env, false);
TCGMemOpIdx oi0 = make_memop_idx(MO_BEQ | MO_ALIGN_16, mem_idx);
@@ -555,11 +559,11 @@
uint64_t HELPER(paired_cmpxchg64_be)(CPUARMState *env, uint64_t addr,
uint64_t new_lo, uint64_t new_hi)
{
- return do_paired_cmpxchg64_be(env, addr, new_lo, new_hi, false);
+ return do_paired_cmpxchg64_be(env, addr, new_lo, new_hi, false, GETPC());
}
uint64_t HELPER(paired_cmpxchg64_be_parallel)(CPUARMState *env, uint64_t addr,
uint64_t new_lo, uint64_t new_hi)
{
- return do_paired_cmpxchg64_be(env, addr, new_lo, new_hi, true);
+ return do_paired_cmpxchg64_be(env, addr, new_lo, new_hi, true, GETPC());
}
diff --git a/target/arm/helper.c b/target/arm/helper.c
index f61fb3e..91a9300 100644
--- a/target/arm/helper.c
+++ b/target/arm/helper.c
@@ -2169,7 +2169,7 @@
ret = get_phys_addr(env, value, access_type, mmu_idx, &phys_addr, &attrs,
&prot, &page_size, &fsr, &fi, &cacheattrs);
- if (extended_addresses_enabled(env)) {
+ if (arm_s1_regime_using_lpae_format(env, mmu_idx)) {
/* fsr is a DFSR/IFSR value for the long descriptor
* translation table format, but with WnR always clear.
* Convert it to a 64-bit PAR.
@@ -4549,6 +4549,33 @@
}
}
+/* We don't know until after realize whether there's a GICv3
+ * attached, and that is what registers the gicv3 sysregs.
+ * So we have to fill in the GIC fields in ID_PFR/ID_PFR1_EL1/ID_AA64PFR0_EL1
+ * at runtime.
+ */
+static uint64_t id_pfr1_read(CPUARMState *env, const ARMCPRegInfo *ri)
+{
+ ARMCPU *cpu = arm_env_get_cpu(env);
+ uint64_t pfr1 = cpu->id_pfr1;
+
+ if (env->gicv3state) {
+ pfr1 |= 1 << 28;
+ }
+ return pfr1;
+}
+
+static uint64_t id_aa64pfr0_read(CPUARMState *env, const ARMCPRegInfo *ri)
+{
+ ARMCPU *cpu = arm_env_get_cpu(env);
+ uint64_t pfr0 = cpu->id_aa64pfr0;
+
+ if (env->gicv3state) {
+ pfr0 |= 1 << 24;
+ }
+ return pfr0;
+}
+
void register_cp_regs_for_features(ARMCPU *cpu)
{
/* Register all the coprocessor registers based on feature bits */
@@ -4573,10 +4600,14 @@
.opc0 = 3, .opc1 = 0, .crn = 0, .crm = 1, .opc2 = 0,
.access = PL1_R, .type = ARM_CP_CONST,
.resetvalue = cpu->id_pfr0 },
+ /* ID_PFR1 is not a plain ARM_CP_CONST because we don't know
+ * the value of the GIC field until after we define these regs.
+ */
{ .name = "ID_PFR1", .state = ARM_CP_STATE_BOTH,
.opc0 = 3, .opc1 = 0, .crn = 0, .crm = 1, .opc2 = 1,
- .access = PL1_R, .type = ARM_CP_CONST,
- .resetvalue = cpu->id_pfr1 },
+ .access = PL1_R, .type = ARM_CP_NO_RAW,
+ .readfn = id_pfr1_read,
+ .writefn = arm_cp_write_ignore },
{ .name = "ID_DFR0", .state = ARM_CP_STATE_BOTH,
.opc0 = 3, .opc1 = 0, .crn = 0, .crm = 1, .opc2 = 2,
.access = PL1_R, .type = ARM_CP_CONST,
@@ -4692,10 +4723,15 @@
* define new registers here.
*/
ARMCPRegInfo v8_idregs[] = {
+ /* ID_AA64PFR0_EL1 is not a plain ARM_CP_CONST because we don't
+ * know the right value for the GIC field until after we
+ * define these regs.
+ */
{ .name = "ID_AA64PFR0_EL1", .state = ARM_CP_STATE_AA64,
.opc0 = 3, .opc1 = 0, .crn = 0, .crm = 4, .opc2 = 0,
- .access = PL1_R, .type = ARM_CP_CONST,
- .resetvalue = cpu->id_aa64pfr0 },
+ .access = PL1_R, .type = ARM_CP_NO_RAW,
+ .readfn = id_aa64pfr0_read,
+ .writefn = arm_cp_write_ignore },
{ .name = "ID_AA64PFR1_EL1", .state = ARM_CP_STATE_AA64,
.opc0 = 3, .opc1 = 0, .crn = 0, .crm = 4, .opc2 = 1,
.access = PL1_R, .type = ARM_CP_CONST,
diff --git a/target/arm/translate-a64.c b/target/arm/translate-a64.c
index caca05a..625ef2d 100644
--- a/target/arm/translate-a64.c
+++ b/target/arm/translate-a64.c
@@ -2351,6 +2351,8 @@
post_index = false;
writeback = true;
break;
+ default:
+ g_assert_not_reached();
}
if (rn == 31) {
diff --git a/target/i386/cpu.c b/target/i386/cpu.c
index 6f21a5e..045d661 100644
--- a/target/i386/cpu.c
+++ b/target/i386/cpu.c
@@ -347,7 +347,7 @@
.feat_names = {
"kvmclock", "kvm-nopiodelay", "kvm-mmu", "kvmclock",
"kvm-asyncpf", "kvm-steal-time", "kvm-pv-eoi", "kvm-pv-unhalt",
- NULL, NULL, NULL, NULL,
+ NULL, "kvm-pv-tlb-flush", NULL, NULL,
NULL, NULL, NULL, NULL,
NULL, NULL, NULL, NULL,
NULL, NULL, NULL, NULL,
@@ -4109,6 +4109,8 @@
info->cap_mode = (env->hflags & HF_CS64_MASK ? CS_MODE_64
: env->hflags & HF_CS32_MASK ? CS_MODE_32
: CS_MODE_16);
+ info->cap_insn_unit = 1;
+ info->cap_insn_split = 8;
}
static Property x86_cpu_properties[] = {
diff --git a/target/ppc/compat.c b/target/ppc/compat.c
index f8729fe..ad8f93c 100644
--- a/target/ppc/compat.c
+++ b/target/ppc/compat.c
@@ -141,7 +141,7 @@
cpu_synchronize_state(CPU(cpu));
if (kvm_enabled() && cpu->compat_pvr != compat_pvr) {
- int ret = kvmppc_set_compat(cpu, cpu->compat_pvr);
+ int ret = kvmppc_set_compat(cpu, compat_pvr);
if (ret < 0) {
error_setg_errno(errp, -ret,
"Unable to set CPU compatibility mode in KVM");
diff --git a/target/s390x/helper.c b/target/s390x/helper.c
index f78983d..246ba20 100644
--- a/target/s390x/helper.c
+++ b/target/s390x/helper.c
@@ -279,7 +279,7 @@
sa->ars[i] = cpu_to_be32(cpu->env.aregs[i]);
}
for (i = 0; i < 16; ++i) {
- sa->ars[i] = cpu_to_be64(cpu->env.cregs[i]);
+ sa->crs[i] = cpu_to_be64(cpu->env.cregs[i]);
}
cpu_physical_memory_unmap(sa, len, 1, len);
diff --git a/target/s390x/misc_helper.c b/target/s390x/misc_helper.c
index 4afd90b..d272851 100644
--- a/target/s390x/misc_helper.c
+++ b/target/s390x/misc_helper.c
@@ -103,7 +103,9 @@
break;
case 0x308:
/* ipl */
+ qemu_mutex_lock_iothread();
handle_diag_308(env, r1, r3);
+ qemu_mutex_unlock_iothread();
r = 0;
break;
case 0x288:
diff --git a/target/s390x/translate.c b/target/s390x/translate.c
index dee72a7..85d0a6c 100644
--- a/target/s390x/translate.c
+++ b/target/s390x/translate.c
@@ -3432,6 +3432,7 @@
/* Adjust the arguments for the specific insn. */
switch (s->fields->op2) {
case 0x55: /* risbg */
+ case 0x59: /* risbgn */
i3 &= 63;
i4 &= 63;
pmask = ~0;
@@ -3447,7 +3448,7 @@
pmask = 0x00000000ffffffffull;
break;
default:
- abort();
+ g_assert_not_reached();
}
/* MASK is the set of bits to be inserted from R2.
@@ -3464,11 +3465,7 @@
insns, we need to keep the other half of the register. */
imask = ~mask | ~pmask;
if (do_zero) {
- if (s->fields->op2 == 0x55) {
- imask = 0;
- } else {
- imask = ~pmask;
- }
+ imask = ~pmask;
}
len = i4 - i3 + 1;
diff --git a/tests/.gitignore b/tests/.gitignore
index 53cb2ef..74e55d7 100644
--- a/tests/.gitignore
+++ b/tests/.gitignore
@@ -8,6 +8,7 @@
check-qlist
check-qlit
check-qnull
+check-qobject
check-qstring
check-qom-interface
check-qom-proplist
diff --git a/tests/Makefile.include b/tests/Makefile.include
index 434a2ce..c002352 100644
--- a/tests/Makefile.include
+++ b/tests/Makefile.include
@@ -41,6 +41,7 @@
gcov-files-check-qlist-y = qobject/qlist.c
check-unit-y += tests/check-qnull$(EXESUF)
gcov-files-check-qnull-y = qobject/qnull.c
+check-unit-y += tests/check-qobject$(EXESUF)
check-unit-y += tests/check-qjson$(EXESUF)
gcov-files-check-qjson-y = qobject/qjson.c
check-unit-y += tests/check-qlit$(EXESUF)
@@ -546,7 +547,7 @@
tests/test-qmp-introspect.h
test-obj-y = tests/check-qnum.o tests/check-qstring.o tests/check-qdict.o \
- tests/check-qlist.o tests/check-qnull.o \
+ tests/check-qlist.o tests/check-qnull.o tests/check-qobject.o \
tests/check-qjson.o tests/check-qlit.o \
tests/test-coroutine.o tests/test-string-output-visitor.o \
tests/test-string-input-visitor.o tests/test-qobject-output-visitor.o \
@@ -580,6 +581,7 @@
tests/check-qdict$(EXESUF): tests/check-qdict.o $(test-util-obj-y)
tests/check-qlist$(EXESUF): tests/check-qlist.o $(test-util-obj-y)
tests/check-qnull$(EXESUF): tests/check-qnull.o $(test-util-obj-y)
+tests/check-qobject$(EXESUF): tests/check-qobject.o $(test-util-obj-y)
tests/check-qjson$(EXESUF): tests/check-qjson.o $(test-util-obj-y)
tests/check-qlit$(EXESUF): tests/check-qlit.o $(test-util-obj-y)
tests/check-qom-interface$(EXESUF): tests/check-qom-interface.o $(test-qom-obj-y)
diff --git a/tests/acpi-test-data/pc/DSDT b/tests/acpi-test-data/pc/DSDT
index 15c3135..99f05a5 100644
--- a/tests/acpi-test-data/pc/DSDT
+++ b/tests/acpi-test-data/pc/DSDT
Binary files differ
diff --git a/tests/acpi-test-data/pc/DSDT.bridge b/tests/acpi-test-data/pc/DSDT.bridge
index d38586c..cf23343 100644
--- a/tests/acpi-test-data/pc/DSDT.bridge
+++ b/tests/acpi-test-data/pc/DSDT.bridge
Binary files differ
diff --git a/tests/acpi-test-data/pc/DSDT.cphp b/tests/acpi-test-data/pc/DSDT.cphp
index 2dd70bf..c99c49f 100644
--- a/tests/acpi-test-data/pc/DSDT.cphp
+++ b/tests/acpi-test-data/pc/DSDT.cphp
Binary files differ
diff --git a/tests/acpi-test-data/pc/DSDT.ipmikcs b/tests/acpi-test-data/pc/DSDT.ipmikcs
index 2796d96..5e970fd 100644
--- a/tests/acpi-test-data/pc/DSDT.ipmikcs
+++ b/tests/acpi-test-data/pc/DSDT.ipmikcs
Binary files differ
diff --git a/tests/acpi-test-data/pc/DSDT.memhp b/tests/acpi-test-data/pc/DSDT.memhp
index 53f6d58..1fe6871 100644
--- a/tests/acpi-test-data/pc/DSDT.memhp
+++ b/tests/acpi-test-data/pc/DSDT.memhp
Binary files differ
diff --git a/tests/acpi-test-data/q35/DSDT b/tests/acpi-test-data/q35/DSDT
index a080e2a..aa402cc 100644
--- a/tests/acpi-test-data/q35/DSDT
+++ b/tests/acpi-test-data/q35/DSDT
Binary files differ
diff --git a/tests/acpi-test-data/q35/DSDT.bridge b/tests/acpi-test-data/q35/DSDT.bridge
index 31a7673..fc3e79c 100644
--- a/tests/acpi-test-data/q35/DSDT.bridge
+++ b/tests/acpi-test-data/q35/DSDT.bridge
Binary files differ
diff --git a/tests/acpi-test-data/q35/DSDT.cphp b/tests/acpi-test-data/q35/DSDT.cphp
index 3e23cb6..fd3cb34 100644
--- a/tests/acpi-test-data/q35/DSDT.cphp
+++ b/tests/acpi-test-data/q35/DSDT.cphp
Binary files differ
diff --git a/tests/acpi-test-data/q35/DSDT.ipmibt b/tests/acpi-test-data/q35/DSDT.ipmibt
index 9c5e03f..3322375 100644
--- a/tests/acpi-test-data/q35/DSDT.ipmibt
+++ b/tests/acpi-test-data/q35/DSDT.ipmibt
Binary files differ
diff --git a/tests/acpi-test-data/q35/DSDT.memhp b/tests/acpi-test-data/q35/DSDT.memhp
index 1b7c484..f0a27e1 100644
--- a/tests/acpi-test-data/q35/DSDT.memhp
+++ b/tests/acpi-test-data/q35/DSDT.memhp
Binary files differ
diff --git a/tests/acpi-utils.h b/tests/acpi-utils.h
index f8d8723..d5ca5b6 100644
--- a/tests/acpi-utils.h
+++ b/tests/acpi-utils.h
@@ -28,24 +28,9 @@
bool tmp_files_retain; /* do not delete the temp asl/aml */
} AcpiSdtTable;
-#define ACPI_READ_FIELD(field, addr) \
- do { \
- switch (sizeof(field)) { \
- case 1: \
- field = readb(addr); \
- break; \
- case 2: \
- field = readw(addr); \
- break; \
- case 4: \
- field = readl(addr); \
- break; \
- case 8: \
- field = readq(addr); \
- break; \
- default: \
- g_assert(false); \
- } \
+#define ACPI_READ_FIELD(field, addr) \
+ do { \
+ memread(addr, &field, sizeof(field)); \
addr += sizeof(field); \
} while (0);
@@ -74,16 +59,14 @@
} while (0);
#define ACPI_ASSERT_CMP(actual, expected) do { \
- uint32_t ACPI_ASSERT_CMP_le = cpu_to_le32(actual); \
char ACPI_ASSERT_CMP_str[5] = {}; \
- memcpy(ACPI_ASSERT_CMP_str, &ACPI_ASSERT_CMP_le, 4); \
+ memcpy(ACPI_ASSERT_CMP_str, &actual, 4); \
g_assert_cmpstr(ACPI_ASSERT_CMP_str, ==, expected); \
} while (0)
#define ACPI_ASSERT_CMP64(actual, expected) do { \
- uint64_t ACPI_ASSERT_CMP_le = cpu_to_le64(actual); \
char ACPI_ASSERT_CMP_str[9] = {}; \
- memcpy(ACPI_ASSERT_CMP_str, &ACPI_ASSERT_CMP_le, 8); \
+ memcpy(ACPI_ASSERT_CMP_str, &actual, 8); \
g_assert_cmpstr(ACPI_ASSERT_CMP_str, ==, expected); \
} while (0)
diff --git a/tests/bios-tables-test.c b/tests/bios-tables-test.c
index 564da45..e28e0c9 100644
--- a/tests/bios-tables-test.c
+++ b/tests/bios-tables-test.c
@@ -96,17 +96,20 @@
static void test_acpi_rsdt_table(test_data *data)
{
AcpiRsdtDescriptorRev1 *rsdt_table = &data->rsdt_table;
- uint32_t addr = data->rsdp_table.rsdt_physical_address;
+ uint32_t addr = le32_to_cpu(data->rsdp_table.rsdt_physical_address);
uint32_t *tables;
int tables_nr;
uint8_t checksum;
+ uint32_t rsdt_table_length;
/* read the header */
ACPI_READ_TABLE_HEADER(rsdt_table, addr);
ACPI_ASSERT_CMP(rsdt_table->signature, "RSDT");
+ rsdt_table_length = le32_to_cpu(rsdt_table->length);
+
/* compute the table entries in rsdt */
- tables_nr = (rsdt_table->length - sizeof(AcpiRsdtDescriptorRev1)) /
+ tables_nr = (rsdt_table_length - sizeof(AcpiRsdtDescriptorRev1)) /
sizeof(uint32_t);
g_assert(tables_nr > 0);
@@ -114,7 +117,7 @@
tables = g_new0(uint32_t, tables_nr);
ACPI_READ_ARRAY_PTR(tables, tables_nr, addr);
- checksum = acpi_calc_checksum((uint8_t *)rsdt_table, rsdt_table->length) +
+ checksum = acpi_calc_checksum((uint8_t *)rsdt_table, rsdt_table_length) +
acpi_calc_checksum((uint8_t *)tables,
tables_nr * sizeof(uint32_t));
g_assert(!checksum);
@@ -130,7 +133,7 @@
uint32_t addr;
/* FADT table comes first */
- addr = data->rsdt_tables_addr[0];
+ addr = le32_to_cpu(data->rsdt_tables_addr[0]);
ACPI_READ_TABLE_HEADER(fadt_table, addr);
ACPI_READ_FIELD(fadt_table->firmware_ctrl, addr);
@@ -187,13 +190,14 @@
ACPI_READ_GENERIC_ADDRESS(fadt_table->xgpe1_block, addr);
ACPI_ASSERT_CMP(fadt_table->signature, "FACP");
- g_assert(!acpi_calc_checksum((uint8_t *)fadt_table, fadt_table->length));
+ g_assert(!acpi_calc_checksum((uint8_t *)fadt_table,
+ le32_to_cpu(fadt_table->length)));
}
static void test_acpi_facs_table(test_data *data)
{
AcpiFacsDescriptorRev1 *facs_table = &data->facs_table;
- uint32_t addr = data->fadt_table.firmware_ctrl;
+ uint32_t addr = le32_to_cpu(data->fadt_table.firmware_ctrl);
ACPI_READ_FIELD(facs_table->signature, addr);
ACPI_READ_FIELD(facs_table->length, addr);
@@ -212,7 +216,8 @@
ACPI_READ_TABLE_HEADER(&sdt_table->header, addr);
- sdt_table->aml_len = sdt_table->header.length - sizeof(AcpiTableHeader);
+ sdt_table->aml_len = le32_to_cpu(sdt_table->header.length)
+ - sizeof(AcpiTableHeader);
sdt_table->aml = g_malloc0(sdt_table->aml_len);
ACPI_READ_ARRAY_PTR(sdt_table->aml, sdt_table->aml_len, addr);
@@ -226,7 +231,7 @@
static void test_acpi_dsdt_table(test_data *data)
{
AcpiSdtTable dsdt_table;
- uint32_t addr = data->fadt_table.dsdt;
+ uint32_t addr = le32_to_cpu(data->fadt_table.dsdt);
memset(&dsdt_table, 0, sizeof(dsdt_table));
data->tables = g_array_new(false, true, sizeof(AcpiSdtTable));
@@ -245,9 +250,10 @@
for (i = 0; i < tables_nr; i++) {
AcpiSdtTable ssdt_table;
+ uint32_t addr;
memset(&ssdt_table, 0, sizeof(ssdt_table));
- uint32_t addr = data->rsdt_tables_addr[i + 1]; /* fadt is first */
+ addr = le32_to_cpu(data->rsdt_tables_addr[i + 1]); /* fadt is first */
test_dst_table(&ssdt_table, addr);
g_array_append_val(data->tables, ssdt_table);
}
@@ -268,9 +274,8 @@
g_assert(sdt->aml);
if (rebuild) {
- uint32_t signature = cpu_to_le32(sdt->header.signature);
aml_file = g_strdup_printf("%s/%s/%.4s%s", data_dir, data->machine,
- (gchar *)&signature, ext);
+ (gchar *)&sdt->header.signature, ext);
fd = g_open(aml_file, O_WRONLY|O_TRUNC|O_CREAT,
S_IRUSR|S_IWUSR|S_IRGRP|S_IWGRP|S_IROTH);
} else {
@@ -381,7 +386,6 @@
GArray *exp_tables = g_array_new(false, true, sizeof(AcpiSdtTable));
for (i = 0; i < data->tables->len; ++i) {
AcpiSdtTable exp_sdt;
- uint32_t signature;
gchar *aml_file = NULL;
const char *ext = data->variant ? data->variant : "";
@@ -390,11 +394,9 @@
memset(&exp_sdt, 0, sizeof(exp_sdt));
exp_sdt.header.signature = sdt->header.signature;
- signature = cpu_to_le32(sdt->header.signature);
-
try_again:
aml_file = g_strdup_printf("%s/%s/%.4s%s", data_dir, data->machine,
- (gchar *)&signature, ext);
+ (gchar *)&sdt->header.signature, ext);
if (getenv("V")) {
fprintf(stderr, "\nLooking for expected file '%s'\n", aml_file);
}
@@ -571,12 +573,12 @@
{
DECLARE_BITMAP(struct_bitmap, SMBIOS_MAX_TYPE+1) = { 0 };
struct smbios_21_entry_point *ep_table = &data->smbios_ep_table;
- uint32_t addr = ep_table->structure_table_address;
+ uint32_t addr = le32_to_cpu(ep_table->structure_table_address);
int i, len, max_len = 0;
uint8_t type, prv, crt;
/* walk the smbios tables */
- for (i = 0; i < ep_table->number_of_structures; i++) {
+ for (i = 0; i < le16_to_cpu(ep_table->number_of_structures); i++) {
/* grab type and formatted area length from struct header */
type = readb(addr);
@@ -608,9 +610,9 @@
}
/* total table length and max struct size must match entry point values */
- g_assert_cmpuint(ep_table->structure_table_length, ==,
- addr - ep_table->structure_table_address);
- g_assert_cmpuint(ep_table->max_structure_size, ==, max_len);
+ g_assert_cmpuint(le16_to_cpu(ep_table->structure_table_length), ==,
+ addr - le32_to_cpu(ep_table->structure_table_address));
+ g_assert_cmpuint(le16_to_cpu(ep_table->max_structure_size), ==, max_len);
/* required struct types must all be present */
for (i = 0; i < data->required_struct_types_len; i++) {
diff --git a/tests/check-qnull.c b/tests/check-qnull.c
index 5c6eb0a..afa4400 100644
--- a/tests/check-qnull.c
+++ b/tests/check-qnull.c
@@ -8,7 +8,7 @@
*/
#include "qemu/osdep.h"
-#include "qapi/qmp/qobject.h"
+#include "qapi/qmp/qnull.h"
#include "qemu-common.h"
#include "qapi/qobject-input-visitor.h"
#include "qapi/qobject-output-visitor.h"
diff --git a/tests/check-qobject.c b/tests/check-qobject.c
new file mode 100644
index 0000000..03e9175
--- /dev/null
+++ b/tests/check-qobject.c
@@ -0,0 +1,328 @@
+/*
+ * Generic QObject unit-tests.
+ *
+ * Copyright (C) 2017 Red Hat Inc.
+ *
+ * This work is licensed under the terms of the GNU LGPL, version 2.1 or later.
+ * See the COPYING.LIB file in the top-level directory.
+ */
+#include "qemu/osdep.h"
+
+#include "qapi/qmp/types.h"
+#include "qemu-common.h"
+
+#include <math.h>
+
+/* Marks the end of the test_equality() argument list.
+ * We cannot use NULL there because that is a valid argument. */
+static QObject test_equality_end_of_arguments;
+
+/**
+ * Test whether all variadic QObject *arguments are equal (@expected
+ * is true) or whether they are all not equal (@expected is false).
+ * Every QObject is tested to be equal to itself (to test
+ * reflexivity), all tests are done both ways (to test symmetry), and
+ * transitivity is not assumed but checked (each object is compared to
+ * every other one).
+ *
+ * Note that qobject_is_equal() is not really an equivalence relation,
+ * so this function may not be used for all objects (reflexivity is
+ * not guaranteed, e.g. in the case of a QNum containing NaN).
+ *
+ * The @_ argument is required because a boolean may not be the last
+ * argument before a variadic argument list (C11 7.16.1.4 para. 4).
+ */
+static void do_test_equality(bool expected, int _, ...)
+{
+ va_list ap_count, ap_extract;
+ QObject **args;
+ int arg_count = 0;
+ int i, j;
+
+ va_start(ap_count, _);
+ va_copy(ap_extract, ap_count);
+ while (va_arg(ap_count, QObject *) != &test_equality_end_of_arguments) {
+ arg_count++;
+ }
+ va_end(ap_count);
+
+ args = g_new(QObject *, arg_count);
+ for (i = 0; i < arg_count; i++) {
+ args[i] = va_arg(ap_extract, QObject *);
+ }
+ va_end(ap_extract);
+
+ for (i = 0; i < arg_count; i++) {
+ g_assert(qobject_is_equal(args[i], args[i]) == true);
+
+ for (j = i + 1; j < arg_count; j++) {
+ g_assert(qobject_is_equal(args[i], args[j]) == expected);
+ }
+ }
+}
+
+#define check_equal(...) \
+ do_test_equality(true, 0, __VA_ARGS__, &test_equality_end_of_arguments)
+#define check_unequal(...) \
+ do_test_equality(false, 0, __VA_ARGS__, &test_equality_end_of_arguments)
+
+static void do_free_all(int _, ...)
+{
+ va_list ap;
+ QObject *obj;
+
+ va_start(ap, _);
+ while ((obj = va_arg(ap, QObject *)) != NULL) {
+ qobject_decref(obj);
+ }
+ va_end(ap);
+}
+
+#define free_all(...) \
+ do_free_all(0, __VA_ARGS__, NULL)
+
+static void qobject_is_equal_null_test(void)
+{
+ check_unequal(qnull(), NULL);
+}
+
+static void qobject_is_equal_num_test(void)
+{
+ QNum *u0, *i0, *d0, *dnan, *um42, *im42, *dm42;
+
+ u0 = qnum_from_uint(0u);
+ i0 = qnum_from_int(0);
+ d0 = qnum_from_double(0.0);
+ dnan = qnum_from_double(NAN);
+ um42 = qnum_from_uint((uint64_t)-42);
+ im42 = qnum_from_int(-42);
+ dm42 = qnum_from_double(-42.0);
+
+ /* Integers representing a mathematically equal number should
+ * compare equal */
+ check_equal(u0, i0);
+ /* Doubles, however, are always unequal to integers */
+ check_unequal(u0, d0);
+ check_unequal(i0, d0);
+
+ /* Do not assume any object is equal to itself -- note however
+ * that NaN cannot occur in a JSON object anyway. */
+ g_assert(qobject_is_equal(QOBJECT(dnan), QOBJECT(dnan)) == false);
+
+ /* No unsigned overflow */
+ check_unequal(um42, im42);
+ check_unequal(um42, dm42);
+ check_unequal(im42, dm42);
+
+ free_all(u0, i0, d0, dnan, um42, im42, dm42);
+}
+
+static void qobject_is_equal_bool_test(void)
+{
+ QBool *btrue_0, *btrue_1, *bfalse_0, *bfalse_1;
+
+ btrue_0 = qbool_from_bool(true);
+ btrue_1 = qbool_from_bool(true);
+ bfalse_0 = qbool_from_bool(false);
+ bfalse_1 = qbool_from_bool(false);
+
+ check_equal(btrue_0, btrue_1);
+ check_equal(bfalse_0, bfalse_1);
+ check_unequal(btrue_0, bfalse_0);
+
+ free_all(btrue_0, btrue_1, bfalse_0, bfalse_1);
+}
+
+static void qobject_is_equal_string_test(void)
+{
+ QString *str_base, *str_whitespace_0, *str_whitespace_1, *str_whitespace_2;
+ QString *str_whitespace_3, *str_case, *str_built;
+
+ str_base = qstring_from_str("foo");
+ str_whitespace_0 = qstring_from_str(" foo");
+ str_whitespace_1 = qstring_from_str("foo ");
+ str_whitespace_2 = qstring_from_str("foo\b");
+ str_whitespace_3 = qstring_from_str("fooo\b");
+ str_case = qstring_from_str("Foo");
+
+ /* Should yield "foo" */
+ str_built = qstring_from_substr("form", 0, 1);
+ qstring_append_chr(str_built, 'o');
+
+ check_unequal(str_base, str_whitespace_0, str_whitespace_1,
+ str_whitespace_2, str_whitespace_3, str_case);
+
+ check_equal(str_base, str_built);
+
+ free_all(str_base, str_whitespace_0, str_whitespace_1, str_whitespace_2,
+ str_whitespace_3, str_case, str_built);
+}
+
+static void qobject_is_equal_list_test(void)
+{
+ QList *list_0, *list_1, *list_cloned;
+ QList *list_reordered, *list_longer, *list_shorter;
+
+ list_0 = qlist_new();
+ list_1 = qlist_new();
+ list_reordered = qlist_new();
+ list_longer = qlist_new();
+ list_shorter = qlist_new();
+
+ qlist_append_int(list_0, 1);
+ qlist_append_int(list_0, 2);
+ qlist_append_int(list_0, 3);
+
+ qlist_append_int(list_1, 1);
+ qlist_append_int(list_1, 2);
+ qlist_append_int(list_1, 3);
+
+ qlist_append_int(list_reordered, 1);
+ qlist_append_int(list_reordered, 3);
+ qlist_append_int(list_reordered, 2);
+
+ qlist_append_int(list_longer, 1);
+ qlist_append_int(list_longer, 2);
+ qlist_append_int(list_longer, 3);
+ qlist_append_null(list_longer);
+
+ qlist_append_int(list_shorter, 1);
+ qlist_append_int(list_shorter, 2);
+
+ list_cloned = qlist_copy(list_0);
+
+ check_equal(list_0, list_1, list_cloned);
+ check_unequal(list_0, list_reordered, list_longer, list_shorter);
+
+ /* With a NaN in it, the list should no longer compare equal to
+ * itself */
+ qlist_append(list_0, qnum_from_double(NAN));
+ g_assert(qobject_is_equal(QOBJECT(list_0), QOBJECT(list_0)) == false);
+
+ free_all(list_0, list_1, list_cloned, list_reordered, list_longer,
+ list_shorter);
+}
+
+static void qobject_is_equal_dict_test(void)
+{
+ Error *local_err = NULL;
+ QDict *dict_0, *dict_1, *dict_cloned;
+ QDict *dict_different_key, *dict_different_value, *dict_different_null_key;
+ QDict *dict_longer, *dict_shorter, *dict_nested;
+ QDict *dict_crumpled;
+
+ dict_0 = qdict_new();
+ dict_1 = qdict_new();
+ dict_different_key = qdict_new();
+ dict_different_value = qdict_new();
+ dict_different_null_key = qdict_new();
+ dict_longer = qdict_new();
+ dict_shorter = qdict_new();
+ dict_nested = qdict_new();
+
+ qdict_put_int(dict_0, "f.o", 1);
+ qdict_put_int(dict_0, "bar", 2);
+ qdict_put_int(dict_0, "baz", 3);
+ qdict_put_null(dict_0, "null");
+
+ qdict_put_int(dict_1, "f.o", 1);
+ qdict_put_int(dict_1, "bar", 2);
+ qdict_put_int(dict_1, "baz", 3);
+ qdict_put_null(dict_1, "null");
+
+ qdict_put_int(dict_different_key, "F.o", 1);
+ qdict_put_int(dict_different_key, "bar", 2);
+ qdict_put_int(dict_different_key, "baz", 3);
+ qdict_put_null(dict_different_key, "null");
+
+ qdict_put_int(dict_different_value, "f.o", 42);
+ qdict_put_int(dict_different_value, "bar", 2);
+ qdict_put_int(dict_different_value, "baz", 3);
+ qdict_put_null(dict_different_value, "null");
+
+ qdict_put_int(dict_different_null_key, "f.o", 1);
+ qdict_put_int(dict_different_null_key, "bar", 2);
+ qdict_put_int(dict_different_null_key, "baz", 3);
+ qdict_put_null(dict_different_null_key, "none");
+
+ qdict_put_int(dict_longer, "f.o", 1);
+ qdict_put_int(dict_longer, "bar", 2);
+ qdict_put_int(dict_longer, "baz", 3);
+ qdict_put_int(dict_longer, "xyz", 4);
+ qdict_put_null(dict_longer, "null");
+
+ qdict_put_int(dict_shorter, "f.o", 1);
+ qdict_put_int(dict_shorter, "bar", 2);
+ qdict_put_int(dict_shorter, "baz", 3);
+
+ qdict_put(dict_nested, "f", qdict_new());
+ qdict_put_int(qdict_get_qdict(dict_nested, "f"), "o", 1);
+ qdict_put_int(dict_nested, "bar", 2);
+ qdict_put_int(dict_nested, "baz", 3);
+ qdict_put_null(dict_nested, "null");
+
+ dict_cloned = qdict_clone_shallow(dict_0);
+
+ check_equal(dict_0, dict_1, dict_cloned);
+ check_unequal(dict_0, dict_different_key, dict_different_value,
+ dict_different_null_key, dict_longer, dict_shorter,
+ dict_nested);
+
+ dict_crumpled = qobject_to_qdict(qdict_crumple(dict_1, &local_err));
+ g_assert(!local_err);
+ check_equal(dict_crumpled, dict_nested);
+
+ qdict_flatten(dict_nested);
+ check_equal(dict_0, dict_nested);
+
+ /* Containing an NaN value will make this dict compare unequal to
+ * itself */
+ qdict_put(dict_0, "NaN", qnum_from_double(NAN));
+ g_assert(qobject_is_equal(QOBJECT(dict_0), QOBJECT(dict_0)) == false);
+
+ free_all(dict_0, dict_1, dict_cloned, dict_different_key,
+ dict_different_value, dict_different_null_key, dict_longer,
+ dict_shorter, dict_nested, dict_crumpled);
+}
+
+static void qobject_is_equal_conversion_test(void)
+{
+ QNum *u0, *i0, *d0;
+ QString *s0, *s_empty;
+ QBool *bfalse;
+
+ u0 = qnum_from_uint(0u);
+ i0 = qnum_from_int(0);
+ d0 = qnum_from_double(0.0);
+ s0 = qstring_from_str("0");
+ s_empty = qstring_new();
+ bfalse = qbool_from_bool(false);
+
+ /* No automatic type conversion */
+ check_unequal(u0, s0, s_empty, bfalse, qnull(), NULL);
+ check_unequal(i0, s0, s_empty, bfalse, qnull(), NULL);
+ check_unequal(d0, s0, s_empty, bfalse, qnull(), NULL);
+
+ free_all(u0, i0, d0, s0, s_empty, bfalse);
+}
+
+int main(int argc, char **argv)
+{
+ g_test_init(&argc, &argv, NULL);
+
+ g_test_add_func("/public/qobject_is_equal_null",
+ qobject_is_equal_null_test);
+ g_test_add_func("/public/qobject_is_equal_num", qobject_is_equal_num_test);
+ g_test_add_func("/public/qobject_is_equal_bool",
+ qobject_is_equal_bool_test);
+ g_test_add_func("/public/qobject_is_equal_string",
+ qobject_is_equal_string_test);
+ g_test_add_func("/public/qobject_is_equal_list",
+ qobject_is_equal_list_test);
+ g_test_add_func("/public/qobject_is_equal_dict",
+ qobject_is_equal_dict_test);
+ g_test_add_func("/public/qobject_is_equal_conversion",
+ qobject_is_equal_conversion_test);
+
+ return g_test_run();
+}
diff --git a/tests/docker/Makefile.include b/tests/docker/Makefile.include
index f1a398e..de87341 100644
--- a/tests/docker/Makefile.include
+++ b/tests/docker/Makefile.include
@@ -109,7 +109,7 @@
@echo ' DEBUG=1 Stop and drop to shell in the created container'
@echo ' before running the command.'
@echo ' NETWORK=1 Enable virtual network interface with default backend.'
- @echo ' NETWORK=$BACKEND Enable virtual network interface with $BACKEND.'
+ @echo ' NETWORK=$$BACKEND Enable virtual network interface with $$BACKEND.'
@echo ' NOUSER Define to disable adding current user to containers passwd.'
@echo ' NOCACHE=1 Ignore cache when build images.'
@echo ' EXECUTABLE=<path> Include executable in image.'
diff --git a/tests/docker/docker.py b/tests/docker/docker.py
index 08122ca..1246ba9 100755
--- a/tests/docker/docker.py
+++ b/tests/docker/docker.py
@@ -105,6 +105,28 @@
so_path = os.path.dirname(l)
_copy_with_mkdir(l , dest_dir, so_path)
+def _read_qemu_dockerfile(img_name):
+ df = os.path.join(os.path.dirname(__file__), "dockerfiles",
+ img_name + ".docker")
+ return open(df, "r").read()
+
+def _dockerfile_preprocess(df):
+ out = ""
+ for l in df.splitlines():
+ if len(l.strip()) == 0 or l.startswith("#"):
+ continue
+ from_pref = "FROM qemu:"
+ if l.startswith(from_pref):
+ # TODO: Alternatively we could replace this line with "FROM $ID"
+ # where $ID is the image's hex id obtained with
+ # $ docker images $IMAGE --format="{{.Id}}"
+ # but unfortunately that's not supported by RHEL 7.
+ inlining = _read_qemu_dockerfile(l[len(from_pref):])
+ out += _dockerfile_preprocess(inlining)
+ continue
+ out += l + "\n"
+ return out
+
class Docker(object):
""" Running Docker commands """
def __init__(self):
@@ -196,7 +218,7 @@
checksum = self.get_image_dockerfile_checksum(tag)
except Exception:
return False
- return checksum == _text_checksum(dockerfile)
+ return checksum == _text_checksum(_dockerfile_preprocess(dockerfile))
def run(self, cmd, keep, quiet):
label = uuid.uuid1().hex
diff --git a/tests/qemu-iotests/020 b/tests/qemu-iotests/020
index 7a11110..cefe3a8 100755
--- a/tests/qemu-iotests/020
+++ b/tests/qemu-iotests/020
@@ -110,6 +110,33 @@
io_zero readv $(( offset + 64 * 1024 + 65536 * 4 )) 65536 65536 1
done
_check_test_img
+_cleanup
+TEST_IMG=$TEST_IMG_SAVE
+
+echo
+echo 'Testing failing commit'
+echo
+
+# Create an image with a null backing file to which committing will fail (with
+# ENOSPC so we can distinguish the result from some generic EIO which may be
+# generated anywhere in the block layer)
+_make_test_img -b "json:{'driver': 'raw',
+ 'file': {
+ 'driver': 'blkdebug',
+ 'inject-error': [{
+ 'event': 'write_aio',
+ 'errno': 28,
+ 'once': true
+ }],
+ 'image': {
+ 'driver': 'null-co'
+ }}}"
+
+# Just write anything so committing will not be a no-op
+$QEMU_IO -c 'writev 0 64k' "$TEST_IMG" | _filter_qemu_io
+
+$QEMU_IMG commit "$TEST_IMG"
+_cleanup_test_img
# success, all done
echo "*** done"
diff --git a/tests/qemu-iotests/020.out b/tests/qemu-iotests/020.out
index 42f6c1b..165b70a 100644
--- a/tests/qemu-iotests/020.out
+++ b/tests/qemu-iotests/020.out
@@ -1075,4 +1075,21 @@
read 65536/65536 bytes at offset 4295294976
64 KiB, X ops; XX:XX:XX.X (XXX YYY/sec and XXX ops/sec)
No errors were found on the image.
+
+Testing failing commit
+
+Formatting 'TEST_DIR/t.IMGFMT', fmt=IMGFMT size=1073741824 backing_file=json:{'driver': 'raw',,
+ 'file': {
+ 'driver': 'blkdebug',,
+ 'inject-error': [{
+ 'event': 'write_aio',,
+ 'errno': 28,,
+ 'once': true
+ }],,
+ 'image': {
+ 'driver': 'null-co'
+ }}}
+wrote 65536/65536 bytes at offset 0
+64 KiB, X ops; XX:XX:XX.X (XXX YYY/sec and XXX ops/sec)
+qemu-img: Block job failed: No space left on device
*** done
diff --git a/tests/qemu-iotests/030 b/tests/qemu-iotests/030
index 1883894..457984b 100755
--- a/tests/qemu-iotests/030
+++ b/tests/qemu-iotests/030
@@ -666,6 +666,7 @@
if event['event'] == 'BLOCK_JOB_ERROR':
self.assert_qmp(event, 'data/device', 'drive0')
self.assert_qmp(event, 'data/operation', 'read')
+ error = True
result = self.vm.qmp('query-block-jobs')
self.assert_qmp(result, 'return[0]/paused', True)
@@ -676,9 +677,11 @@
self.assert_qmp(result, 'return', {})
result = self.vm.qmp('query-block-jobs')
+ if result == {'return': []}:
+ # Race; likely already finished. Check.
+ continue
self.assert_qmp(result, 'return[0]/paused', False)
self.assert_qmp(result, 'return[0]/io-status', 'ok')
- error = True
elif event['event'] == 'BLOCK_JOB_COMPLETED':
self.assertTrue(error, 'job completed unexpectedly')
self.assert_qmp(event, 'data/type', 'stream')
@@ -792,13 +795,14 @@
self.assert_no_active_block_jobs()
+ self.vm.pause_drive('drive0')
result = self.vm.qmp('block-stream', device='drive0')
self.assert_qmp(result, 'return', {})
result = self.vm.qmp('block-job-set-speed', device='drive0', speed=-1)
self.assert_qmp(result, 'error/class', 'GenericError')
- self.cancel_and_wait()
+ self.cancel_and_wait(resume=True)
if __name__ == '__main__':
iotests.main(supported_fmts=['qcow2', 'qed'])
diff --git a/tests/qemu-iotests/040 b/tests/qemu-iotests/040
index c284d08..90b5b4f 100755
--- a/tests/qemu-iotests/040
+++ b/tests/qemu-iotests/040
@@ -289,7 +289,7 @@
qemu_img('create', '-f', iotests.imgfmt, '-o', 'backing_file=%s' % mid_img, test_img)
qemu_io('-f', iotests.imgfmt, '-c', 'write -P 0x1 0 512', test_img)
qemu_io('-f', iotests.imgfmt, '-c', 'write -P 0xef 524288 524288', mid_img)
- self.vm = iotests.VM().add_drive(test_img)
+ self.vm = iotests.VM().add_drive('blkdebug::' + test_img)
self.vm.launch()
def tearDown(self):
diff --git a/tests/qemu-iotests/055 b/tests/qemu-iotests/055
index e1206ca..8a5d9fd 100755
--- a/tests/qemu-iotests/055
+++ b/tests/qemu-iotests/055
@@ -48,7 +48,7 @@
def setUp(self):
qemu_img('create', '-f', iotests.imgfmt, blockdev_target_img, str(image_len))
- self.vm = iotests.VM().add_drive(test_img)
+ self.vm = iotests.VM().add_drive('blkdebug::' + test_img)
self.vm.add_drive(blockdev_target_img, interface="none")
if iotests.qemu_default_machine == 'pc':
self.vm.add_drive(None, 'media=cdrom', 'ide')
@@ -65,10 +65,11 @@
def do_test_cancel(self, cmd, target):
self.assert_no_active_block_jobs()
+ self.vm.pause_drive('drive0')
result = self.vm.qmp(cmd, device='drive0', target=target, sync='full')
self.assert_qmp(result, 'return', {})
- event = self.cancel_and_wait()
+ event = self.cancel_and_wait(resume=True)
self.assert_qmp(event, 'data/type', 'backup')
def test_cancel_drive_backup(self):
@@ -166,7 +167,7 @@
def setUp(self):
qemu_img('create', '-f', iotests.imgfmt, blockdev_target_img, str(image_len))
- self.vm = iotests.VM().add_drive(test_img)
+ self.vm = iotests.VM().add_drive('blkdebug::' + test_img)
self.vm.add_drive(blockdev_target_img, interface="none")
self.vm.launch()
@@ -246,6 +247,8 @@
def test_set_speed_invalid_blockdev_backup(self):
self.do_test_set_speed_invalid('blockdev-backup', 'drive1')
+# Note: We cannot use pause_drive() here, or the transaction command
+# would stall. Instead, we limit the block job speed here.
class TestSingleTransaction(iotests.QMPTestCase):
def setUp(self):
qemu_img('create', '-f', iotests.imgfmt, blockdev_target_img, str(image_len))
@@ -271,7 +274,8 @@
'type': cmd,
'data': { 'device': 'drive0',
'target': target,
- 'sync': 'full' },
+ 'sync': 'full',
+ 'speed': 64 * 1024 },
}
])
@@ -289,12 +293,12 @@
def do_test_pause(self, cmd, target, image):
self.assert_no_active_block_jobs()
- self.vm.pause_drive('drive0')
result = self.vm.qmp('transaction', actions=[{
'type': cmd,
'data': { 'device': 'drive0',
'target': target,
- 'sync': 'full' },
+ 'sync': 'full',
+ 'speed': 64 * 1024 },
}
])
self.assert_qmp(result, 'return', {})
@@ -302,7 +306,9 @@
result = self.vm.qmp('block-job-pause', device='drive0')
self.assert_qmp(result, 'return', {})
- self.vm.resume_drive('drive0')
+ result = self.vm.qmp('block-job-set-speed', device='drive0', speed=0)
+ self.assert_qmp(result, 'return', {})
+
self.pause_job('drive0')
result = self.vm.qmp('query-block-jobs')
@@ -461,7 +467,7 @@
pass
def do_prepare_drives(self, fmt, args, attach_target):
- self.vm = iotests.VM().add_drive(test_img)
+ self.vm = iotests.VM().add_drive('blkdebug::' + test_img)
qemu_img('create', '-f', fmt, blockdev_target_img,
str(TestDriveCompression.image_len), *args)
@@ -500,10 +506,11 @@
self.assert_no_active_block_jobs()
+ self.vm.pause_drive('drive0')
result = self.vm.qmp(cmd, device='drive0', sync='full', compress=True, **args)
self.assert_qmp(result, 'return', {})
- event = self.cancel_and_wait()
+ event = self.cancel_and_wait(resume=True)
self.assert_qmp(event, 'data/type', 'backup')
self.vm.shutdown()
diff --git a/tests/qemu-iotests/058 b/tests/qemu-iotests/058
index 2253c6a..5eb8784 100755
--- a/tests/qemu-iotests/058
+++ b/tests/qemu-iotests/058
@@ -117,15 +117,15 @@
echo
echo "== verifying the exported snapshot with patterns, method 1 =="
-$QEMU_IO_NBD -c 'read -P 0xa 0x1000 0x1000' "$nbd_snapshot_img" | _filter_qemu_io
-$QEMU_IO_NBD -c 'read -P 0xb 0x2000 0x1000' "$nbd_snapshot_img" | _filter_qemu_io
+$QEMU_IO_NBD -r -c 'read -P 0xa 0x1000 0x1000' "$nbd_snapshot_img" | _filter_qemu_io
+$QEMU_IO_NBD -r -c 'read -P 0xb 0x2000 0x1000' "$nbd_snapshot_img" | _filter_qemu_io
_export_nbd_snapshot1 sn1
echo
echo "== verifying the exported snapshot with patterns, method 2 =="
-$QEMU_IO_NBD -c 'read -P 0xa 0x1000 0x1000' "$nbd_snapshot_img" | _filter_qemu_io
-$QEMU_IO_NBD -c 'read -P 0xb 0x2000 0x1000' "$nbd_snapshot_img" | _filter_qemu_io
+$QEMU_IO_NBD -r -c 'read -P 0xa 0x1000 0x1000' "$nbd_snapshot_img" | _filter_qemu_io
+$QEMU_IO_NBD -r -c 'read -P 0xb 0x2000 0x1000' "$nbd_snapshot_img" | _filter_qemu_io
$QEMU_IMG convert "$TEST_IMG" -l sn1 -O qcow2 "$converted_image"
diff --git a/tests/qemu-iotests/060 b/tests/qemu-iotests/060
index 8e95c45..1eca094 100755
--- a/tests/qemu-iotests/060
+++ b/tests/qemu-iotests/060
@@ -242,6 +242,190 @@
# Should emit two error messages
$QEMU_IO -c "discard 0 64k" -c "read 64k 64k" "$TEST_IMG" | _filter_qemu_io
+echo
+echo "=== Testing empty refcount table ==="
+echo
+_make_test_img 64M
+poke_file "$TEST_IMG" "$rt_offset" "\x00\x00\x00\x00\x00\x00\x00\x00"
+$QEMU_IO -c "write 0 64k" "$TEST_IMG" | _filter_qemu_io
+# Repair the image
+_check_test_img -r all
+
+echo
+echo "=== Testing empty refcount table with valid L1 and L2 tables ==="
+echo
+_make_test_img 64M
+$QEMU_IO -c "write 0 64k" "$TEST_IMG" | _filter_qemu_io
+poke_file "$TEST_IMG" "$rt_offset" "\x00\x00\x00\x00\x00\x00\x00\x00"
+# Since the first data cluster is already allocated this triggers an
+# allocation with an explicit offset (using qcow2_alloc_clusters_at())
+# causing a refcount block to be allocated at offset 0
+$QEMU_IO -c "write 0 128k" "$TEST_IMG" | _filter_qemu_io
+# Repair the image
+_check_test_img -r all
+
+echo
+echo "=== Testing empty refcount block ==="
+echo
+_make_test_img 64M
+poke_file "$TEST_IMG" "$rb_offset" "\x00\x00\x00\x00\x00\x00\x00\x00"
+$QEMU_IO -c "write 0 64k" "$TEST_IMG" | _filter_qemu_io
+# Repair the image
+_check_test_img -r all
+
+echo
+echo "=== Testing empty refcount block with compressed write ==="
+echo
+_make_test_img 64M
+$QEMU_IO -c "write 64k 64k" "$TEST_IMG" | _filter_qemu_io
+poke_file "$TEST_IMG" "$rb_offset" "\x00\x00\x00\x00\x00\x00\x00\x00"
+# The previous write already allocated an L2 table, so now this new
+# write will try to allocate a compressed data cluster at offset 0.
+$QEMU_IO -c "write -c 0k 64k" "$TEST_IMG" | _filter_qemu_io
+# Repair the image
+_check_test_img -r all
+
+echo
+echo "=== Testing zero refcount table size ==="
+echo
+_make_test_img 64M
+poke_file "$TEST_IMG" "56" "\x00\x00\x00\x00"
+$QEMU_IO -c "write 0 64k" "$TEST_IMG" 2>&1 | _filter_testdir | _filter_imgfmt
+# Repair the image
+_check_test_img -r all
+
+echo
+echo "=== Testing incorrect refcount table offset ==="
+echo
+_make_test_img 64M
+poke_file "$TEST_IMG" "48" "\x00\x00\x00\x00\x00\x00\x00\x00"
+$QEMU_IO -c "write 0 64k" "$TEST_IMG" | _filter_qemu_io
+
+echo
+echo "=== Testing dirty corrupt image ==="
+echo
+
+_make_test_img 64M
+
+# Let the refblock appear unaligned
+poke_file "$TEST_IMG" "$rt_offset" "\x00\x00\x00\x00\xff\xff\x2a\x00"
+# Mark the image dirty, thus forcing an automatic check when opening it
+poke_file "$TEST_IMG" 72 "\x00\x00\x00\x00\x00\x00\x00\x01"
+# Open the image (qemu should refuse to do so)
+$QEMU_IO -c close "$TEST_IMG" 2>&1 | _filter_testdir | _filter_imgfmt
+
+echo '--- Repairing ---'
+
+# The actual repair should have happened (because of the dirty bit),
+# but some cleanup may have failed (like freeing the old reftable)
+# because the image was already marked corrupt by that point
+_check_test_img -r all
+
+echo
+echo "=== Writing to an unaligned preallocated zero cluster ==="
+echo
+
+_make_test_img 64M
+
+# Allocate the L2 table
+$QEMU_IO -c "write 0 64k" -c "discard 0 64k" "$TEST_IMG" | _filter_qemu_io
+# Pretend there is a preallocated zero cluster somewhere inside the
+# image header
+poke_file "$TEST_IMG" "$l2_offset" "\x80\x00\x00\x00\x00\x00\x2a\x01"
+# Let's write to it!
+$QEMU_IO -c "write 0 64k" "$TEST_IMG" | _filter_qemu_io
+
+# Can't repair this yet (TODO: We can just deallocate the cluster)
+
+echo
+echo '=== Discarding with an unaligned refblock ==='
+echo
+
+_make_test_img 64M
+
+$QEMU_IO -c "write 0 128k" "$TEST_IMG" | _filter_qemu_io
+# Make our refblock unaligned
+poke_file "$TEST_IMG" "$(($rt_offset))" "\x00\x00\x00\x00\x00\x00\x2a\x00"
+# Now try to discard something that will be submitted as two requests
+# (main part + tail)
+$QEMU_IO -c "discard 0 65537" "$TEST_IMG"
+
+echo '--- Repairing ---'
+# Fails the first repair because the corruption prevents the check
+# function from double-checking
+# (Using -q for the first invocation, because otherwise the
+# double-check error message appears above the summary for some
+# reason -- so let's just hide the summary)
+_check_test_img -q -r all
+_check_test_img -r all
+
+echo
+echo "=== Discarding an out-of-bounds refblock ==="
+echo
+
+_make_test_img 64M
+
+# Pretend there's a refblock really up high
+poke_file "$TEST_IMG" "$(($rt_offset+8))" "\x00\xff\xff\xff\x00\x00\x00\x00"
+# Let's try to shrink the qcow2 image so that the block driver tries
+# to discard that refblock (and see what happens!)
+$QEMU_IMG resize --shrink "$TEST_IMG" 32M
+
+echo '--- Checking and retrying ---'
+# Image should not be resized
+_img_info | grep 'virtual size'
+# But it should pass this check, because the "partial" resize has
+# already overwritten refblocks past the end
+_check_test_img -r all
+# So let's try again
+$QEMU_IMG resize --shrink "$TEST_IMG" 32M
+_img_info | grep 'virtual size'
+
+echo
+echo "=== Discarding a non-covered in-bounds refblock ==="
+echo
+
+IMGOPTS='refcount_bits=1' _make_test_img 64M
+
+# Pretend there's a refblock somewhere where there is no refblock to
+# cover it (but the covering refblock has a valid index in the
+# reftable)
+# Every refblock covers 65536 * 8 * 65536 = 32 GB, so we have to point
+# to 0x10_0000_0000 (64G) to point to the third refblock
+poke_file "$TEST_IMG" "$(($rt_offset+8))" "\x00\x00\x00\x10\x00\x00\x00\x00"
+$QEMU_IMG resize --shrink "$TEST_IMG" 32M
+
+echo '--- Checking and retrying ---'
+# Image should not be resized
+_img_info | grep 'virtual size'
+# But it should pass this check, because the "partial" resize has
+# already overwritten refblocks past the end
+_check_test_img -r all
+# So let's try again
+$QEMU_IMG resize --shrink "$TEST_IMG" 32M
+_img_info | grep 'virtual size'
+
+echo
+echo "=== Discarding a refblock covered by an unaligned refblock ==="
+echo
+
+IMGOPTS='refcount_bits=1' _make_test_img 64M
+
+# Same as above
+poke_file "$TEST_IMG" "$(($rt_offset+8))" "\x00\x00\x00\x10\x00\x00\x00\x00"
+# But now we actually "create" an unaligned third refblock
+poke_file "$TEST_IMG" "$(($rt_offset+16))" "\x00\x00\x00\x00\x00\x00\x02\x00"
+$QEMU_IMG resize --shrink "$TEST_IMG" 32M
+
+echo '--- Repairing ---'
+# Fails the first repair because the corruption prevents the check
+# function from double-checking
+# (Using -q for the first invocation, because otherwise the
+# double-check error message appears above the summary for some
+# reason -- so let's just hide the summary)
+_check_test_img -q -r all
+_check_test_img -r all
+
# success, all done
echo "*** done"
rm -f $seq.full
diff --git a/tests/qemu-iotests/060.out b/tests/qemu-iotests/060.out
index 5ca3af4..56f5eb1 100644
--- a/tests/qemu-iotests/060.out
+++ b/tests/qemu-iotests/060.out
@@ -181,4 +181,222 @@
discard 65536/65536 bytes at offset 0
64 KiB, X ops; XX:XX:XX.X (XXX YYY/sec and XXX ops/sec)
read failed: Input/output error
+
+=== Testing empty refcount table ===
+
+Formatting 'TEST_DIR/t.IMGFMT', fmt=IMGFMT size=67108864
+qcow2: Marking image as corrupt: Preventing invalid write on metadata (overlaps with refcount table); further corruption events will be suppressed
+write failed: Input/output error
+ERROR cluster 0 refcount=0 reference=1
+ERROR cluster 1 refcount=0 reference=1
+ERROR cluster 3 refcount=0 reference=1
+Rebuilding refcount structure
+Repairing cluster 1 refcount=1 reference=0
+The following inconsistencies were found and repaired:
+
+ 0 leaked clusters
+ 3 corruptions
+
+Double checking the fixed image now...
+No errors were found on the image.
+
+=== Testing empty refcount table with valid L1 and L2 tables ===
+
+Formatting 'TEST_DIR/t.IMGFMT', fmt=IMGFMT size=67108864
+wrote 65536/65536 bytes at offset 0
+64 KiB, X ops; XX:XX:XX.X (XXX YYY/sec and XXX ops/sec)
+qcow2: Marking image as corrupt: Preventing invalid allocation of refcount block at offset 0; further corruption events will be suppressed
+write failed: Input/output error
+ERROR cluster 0 refcount=0 reference=1
+ERROR cluster 1 refcount=0 reference=1
+ERROR cluster 3 refcount=0 reference=1
+ERROR cluster 4 refcount=0 reference=1
+ERROR cluster 5 refcount=0 reference=1
+Rebuilding refcount structure
+Repairing cluster 1 refcount=1 reference=0
+The following inconsistencies were found and repaired:
+
+ 0 leaked clusters
+ 5 corruptions
+
+Double checking the fixed image now...
+No errors were found on the image.
+
+=== Testing empty refcount block ===
+
+Formatting 'TEST_DIR/t.IMGFMT', fmt=IMGFMT size=67108864
+qcow2: Marking image as corrupt: Preventing invalid allocation of L2 table at offset 0; further corruption events will be suppressed
+write failed: Input/output error
+ERROR cluster 0 refcount=0 reference=1
+ERROR cluster 1 refcount=0 reference=1
+ERROR cluster 2 refcount=0 reference=1
+ERROR cluster 3 refcount=0 reference=1
+Rebuilding refcount structure
+Repairing cluster 1 refcount=1 reference=0
+Repairing cluster 2 refcount=1 reference=0
+The following inconsistencies were found and repaired:
+
+ 0 leaked clusters
+ 4 corruptions
+
+Double checking the fixed image now...
+No errors were found on the image.
+
+=== Testing empty refcount block with compressed write ===
+
+Formatting 'TEST_DIR/t.IMGFMT', fmt=IMGFMT size=67108864
+wrote 65536/65536 bytes at offset 65536
+64 KiB, X ops; XX:XX:XX.X (XXX YYY/sec and XXX ops/sec)
+qcow2: Marking image as corrupt: Preventing invalid allocation of compressed cluster at offset 0; further corruption events will be suppressed
+write failed: Input/output error
+ERROR cluster 0 refcount=0 reference=1
+ERROR cluster 1 refcount=0 reference=1
+ERROR cluster 2 refcount=0 reference=1
+ERROR cluster 3 refcount=0 reference=1
+Rebuilding refcount structure
+Repairing cluster 1 refcount=1 reference=0
+Repairing cluster 2 refcount=1 reference=0
+The following inconsistencies were found and repaired:
+
+ 0 leaked clusters
+ 4 corruptions
+
+Double checking the fixed image now...
+No errors were found on the image.
+
+=== Testing zero refcount table size ===
+
+Formatting 'TEST_DIR/t.IMGFMT', fmt=IMGFMT size=67108864
+can't open device TEST_DIR/t.IMGFMT: Image does not contain a reference count table
+ERROR cluster 0 refcount=0 reference=1
+ERROR cluster 3 refcount=0 reference=1
+Rebuilding refcount structure
+The following inconsistencies were found and repaired:
+
+ 0 leaked clusters
+ 2 corruptions
+
+Double checking the fixed image now...
+No errors were found on the image.
+
+=== Testing incorrect refcount table offset ===
+
+Formatting 'TEST_DIR/t.IMGFMT', fmt=IMGFMT size=67108864
+qcow2: Marking image as corrupt: Preventing invalid allocation of L2 table at offset 0; further corruption events will be suppressed
+write failed: Input/output error
+
+=== Testing dirty corrupt image ===
+
+Formatting 'TEST_DIR/t.IMGFMT', fmt=IMGFMT size=67108864
+ERROR refcount block 0 is not cluster aligned; refcount table entry corrupted
+IMGFMT: Marking image as corrupt: Refblock offset 0xffff2a00 unaligned (reftable index: 0); further corruption events will be suppressed
+Can't get refcount for cluster 0: Input/output error
+Can't get refcount for cluster 1: Input/output error
+Can't get refcount for cluster 2: Input/output error
+Can't get refcount for cluster 3: Input/output error
+Rebuilding refcount structure
+Repairing cluster 1 refcount=1 reference=0
+can't open device TEST_DIR/t.IMGFMT: Could not repair dirty image: Input/output error
+--- Repairing ---
+Leaked cluster 1 refcount=1 reference=0
+Repairing cluster 1 refcount=1 reference=0
+The following inconsistencies were found and repaired:
+
+ 1 leaked clusters
+ 0 corruptions
+
+Double checking the fixed image now...
+No errors were found on the image.
+
+=== Writing to an unaligned preallocated zero cluster ===
+
+Formatting 'TEST_DIR/t.IMGFMT', fmt=IMGFMT size=67108864
+wrote 65536/65536 bytes at offset 0
+64 KiB, X ops; XX:XX:XX.X (XXX YYY/sec and XXX ops/sec)
+discard 65536/65536 bytes at offset 0
+64 KiB, X ops; XX:XX:XX.X (XXX YYY/sec and XXX ops/sec)
+qcow2: Marking image as corrupt: Preallocated zero cluster offset 0x2a00 unaligned (guest offset: 0); further corruption events will be suppressed
+write failed: Input/output error
+
+=== Discarding with an unaligned refblock ===
+
+Formatting 'TEST_DIR/t.IMGFMT', fmt=IMGFMT size=67108864
+wrote 131072/131072 bytes at offset 0
+128 KiB, X ops; XX:XX:XX.X (XXX YYY/sec and XXX ops/sec)
+qcow2: Marking image as corrupt: Refblock offset 0x2a00 unaligned (reftable index: 0); further corruption events will be suppressed
+qcow2_free_clusters failed: Input/output error
+discard failed: No medium found
+--- Repairing ---
+ERROR refcount block 0 is not cluster aligned; refcount table entry corrupted
+qcow2: Marking image as corrupt: Refblock offset 0x2a00 unaligned (reftable index: 0); further corruption events will be suppressed
+Can't get refcount for cluster 0: Input/output error
+Can't get refcount for cluster 1: Input/output error
+Can't get refcount for cluster 2: Input/output error
+Can't get refcount for cluster 3: Input/output error
+Can't get refcount for cluster 4: Input/output error
+Can't get refcount for cluster 5: Input/output error
+Can't get refcount for cluster 6: Input/output error
+Rebuilding refcount structure
+Repairing cluster 1 refcount=1 reference=0
+qemu-img: Check failed: No medium found
+Leaked cluster 1 refcount=1 reference=0
+Repairing cluster 1 refcount=1 reference=0
+The following inconsistencies were found and repaired:
+
+ 1 leaked clusters
+ 0 corruptions
+
+Double checking the fixed image now...
+No errors were found on the image.
+
+=== Discarding an out-of-bounds refblock ===
+
+Formatting 'TEST_DIR/t.IMGFMT', fmt=IMGFMT size=67108864
+qcow2: Marking image as corrupt: Refblock at 0xffffff00000000 is not covered by the refcount structures; further corruption events will be suppressed
+qemu-img: Failed to discard unused refblocks: Input/output error
+--- Checking and retrying ---
+virtual size: 64M (67108864 bytes)
+No errors were found on the image.
+Image resized.
+virtual size: 32M (33554432 bytes)
+
+=== Discarding a non-covered in-bounds refblock ===
+
+Formatting 'TEST_DIR/t.IMGFMT', fmt=IMGFMT size=67108864
+qcow2: Marking image as corrupt: Refblock at 0x1000000000 is not covered by the refcount structures; further corruption events will be suppressed
+qemu-img: Failed to discard unused refblocks: Input/output error
+--- Checking and retrying ---
+virtual size: 64M (67108864 bytes)
+No errors were found on the image.
+Image resized.
+virtual size: 32M (33554432 bytes)
+
+=== Discarding a refblock covered by an unaligned refblock ===
+
+Formatting 'TEST_DIR/t.IMGFMT', fmt=IMGFMT size=67108864
+qcow2: Marking image as corrupt: Cannot get entry from refcount block cache: Offset 0x200 is unaligned; further corruption events will be suppressed
+qemu-img: Failed to discard unused refblocks: Input/output error
+--- Repairing ---
+Repairing refcount block 1 is outside image
+ERROR refcount block 2 is not cluster aligned; refcount table entry corrupted
+qcow2: Marking image as corrupt: Refblock offset 0x200 unaligned (reftable index: 0x2); further corruption events will be suppressed
+Can't get refcount for cluster 1048576: Input/output error
+Rebuilding refcount structure
+Repairing cluster 1 refcount=1 reference=0
+Repairing cluster 2 refcount=1 reference=0
+Repairing cluster 1048576 refcount=1 reference=0
+qemu-img: Check failed: No medium found
+Leaked cluster 1 refcount=1 reference=0
+Leaked cluster 2 refcount=1 reference=0
+Leaked cluster 1048576 refcount=1 reference=0
+Repairing cluster 1 refcount=1 reference=0
+Repairing cluster 2 refcount=1 reference=0
+Repairing cluster 1048576 refcount=1 reference=0
+The following inconsistencies were found and repaired:
+
+ 3 leaked clusters
+ 0 corruptions
+
+Double checking the fixed image now...
+No errors were found on the image.
*** done
diff --git a/tests/qemu-iotests/077 b/tests/qemu-iotests/077
index d2d2a2d..b3c6fb1 100755
--- a/tests/qemu-iotests/077
+++ b/tests/qemu-iotests/077
@@ -188,7 +188,8 @@
test_io | $QEMU_IO | _filter_qemu_io | \
sed -e 's,[0-9/]* bytes at offset [0-9]*,XXX/XXX bytes at offset XXX,g' \
-e 's/^[0-9]* \(bytes\|KiB\)/XXX bytes/' \
- -e '/Suspended/d'
+ -e '/Suspended/d' \
+ -e '/blkdebug: Resuming request/d'
echo
echo "== Verify image content =="
diff --git a/tests/qemu-iotests/077.out b/tests/qemu-iotests/077.out
index 16f951f..4aae82f 100644
--- a/tests/qemu-iotests/077.out
+++ b/tests/qemu-iotests/077.out
@@ -4,17 +4,6 @@
== Some concurrent requests involving RMW ==
wrote XXX/XXX bytes at offset XXX
XXX bytes, X ops; XX:XX:XX.X (XXX YYY/sec and XXX ops/sec)
-blkdebug: Resuming request 'A'
-wrote XXX/XXX bytes at offset XXX
-XXX bytes, X ops; XX:XX:XX.X (XXX YYY/sec and XXX ops/sec)
-wrote XXX/XXX bytes at offset XXX
-XXX bytes, X ops; XX:XX:XX.X (XXX YYY/sec and XXX ops/sec)
-blkdebug: Resuming request 'A'
-wrote XXX/XXX bytes at offset XXX
-XXX bytes, X ops; XX:XX:XX.X (XXX YYY/sec and XXX ops/sec)
-wrote XXX/XXX bytes at offset XXX
-XXX bytes, X ops; XX:XX:XX.X (XXX YYY/sec and XXX ops/sec)
-blkdebug: Resuming request 'A'
wrote XXX/XXX bytes at offset XXX
XXX bytes, X ops; XX:XX:XX.X (XXX YYY/sec and XXX ops/sec)
wrote XXX/XXX bytes at offset XXX
@@ -31,51 +20,46 @@
XXX bytes, X ops; XX:XX:XX.X (XXX YYY/sec and XXX ops/sec)
wrote XXX/XXX bytes at offset XXX
XXX bytes, X ops; XX:XX:XX.X (XXX YYY/sec and XXX ops/sec)
-blkdebug: Resuming request 'A'
-wrote XXX/XXX bytes at offset XXX
-XXX bytes, X ops; XX:XX:XX.X (XXX YYY/sec and XXX ops/sec)
-blkdebug: Resuming request 'B'
wrote XXX/XXX bytes at offset XXX
XXX bytes, X ops; XX:XX:XX.X (XXX YYY/sec and XXX ops/sec)
wrote XXX/XXX bytes at offset XXX
XXX bytes, X ops; XX:XX:XX.X (XXX YYY/sec and XXX ops/sec)
-blkdebug: Resuming request 'B'
-wrote XXX/XXX bytes at offset XXX
-XXX bytes, X ops; XX:XX:XX.X (XXX YYY/sec and XXX ops/sec)
-blkdebug: Resuming request 'A'
wrote XXX/XXX bytes at offset XXX
XXX bytes, X ops; XX:XX:XX.X (XXX YYY/sec and XXX ops/sec)
wrote XXX/XXX bytes at offset XXX
XXX bytes, X ops; XX:XX:XX.X (XXX YYY/sec and XXX ops/sec)
-blkdebug: Resuming request 'A'
-wrote XXX/XXX bytes at offset XXX
-XXX bytes, X ops; XX:XX:XX.X (XXX YYY/sec and XXX ops/sec)
-blkdebug: Resuming request 'B'
wrote XXX/XXX bytes at offset XXX
XXX bytes, X ops; XX:XX:XX.X (XXX YYY/sec and XXX ops/sec)
wrote XXX/XXX bytes at offset XXX
XXX bytes, X ops; XX:XX:XX.X (XXX YYY/sec and XXX ops/sec)
-blkdebug: Resuming request 'B'
-wrote XXX/XXX bytes at offset XXX
-XXX bytes, X ops; XX:XX:XX.X (XXX YYY/sec and XXX ops/sec)
-blkdebug: Resuming request 'A'
wrote XXX/XXX bytes at offset XXX
XXX bytes, X ops; XX:XX:XX.X (XXX YYY/sec and XXX ops/sec)
wrote XXX/XXX bytes at offset XXX
XXX bytes, X ops; XX:XX:XX.X (XXX YYY/sec and XXX ops/sec)
-blkdebug: Resuming request 'A'
wrote XXX/XXX bytes at offset XXX
XXX bytes, X ops; XX:XX:XX.X (XXX YYY/sec and XXX ops/sec)
wrote XXX/XXX bytes at offset XXX
XXX bytes, X ops; XX:XX:XX.X (XXX YYY/sec and XXX ops/sec)
-blkdebug: Resuming request 'A'
-blkdebug: Resuming request 'C'
wrote XXX/XXX bytes at offset XXX
XXX bytes, X ops; XX:XX:XX.X (XXX YYY/sec and XXX ops/sec)
-blkdebug: Resuming request 'B'
wrote XXX/XXX bytes at offset XXX
XXX bytes, X ops; XX:XX:XX.X (XXX YYY/sec and XXX ops/sec)
-blkdebug: Resuming request 'A'
+wrote XXX/XXX bytes at offset XXX
+XXX bytes, X ops; XX:XX:XX.X (XXX YYY/sec and XXX ops/sec)
+wrote XXX/XXX bytes at offset XXX
+XXX bytes, X ops; XX:XX:XX.X (XXX YYY/sec and XXX ops/sec)
+wrote XXX/XXX bytes at offset XXX
+XXX bytes, X ops; XX:XX:XX.X (XXX YYY/sec and XXX ops/sec)
+wrote XXX/XXX bytes at offset XXX
+XXX bytes, X ops; XX:XX:XX.X (XXX YYY/sec and XXX ops/sec)
+wrote XXX/XXX bytes at offset XXX
+XXX bytes, X ops; XX:XX:XX.X (XXX YYY/sec and XXX ops/sec)
+wrote XXX/XXX bytes at offset XXX
+XXX bytes, X ops; XX:XX:XX.X (XXX YYY/sec and XXX ops/sec)
+wrote XXX/XXX bytes at offset XXX
+XXX bytes, X ops; XX:XX:XX.X (XXX YYY/sec and XXX ops/sec)
+wrote XXX/XXX bytes at offset XXX
+XXX bytes, X ops; XX:XX:XX.X (XXX YYY/sec and XXX ops/sec)
wrote XXX/XXX bytes at offset XXX
XXX bytes, X ops; XX:XX:XX.X (XXX YYY/sec and XXX ops/sec)
wrote XXX/XXX bytes at offset XXX
diff --git a/tests/qemu-iotests/083 b/tests/qemu-iotests/083
index 0306f11..3c1adbf 100755
--- a/tests/qemu-iotests/083
+++ b/tests/qemu-iotests/083
@@ -86,6 +86,7 @@
rm -f "$TEST_DIR/nbd.sock"
+ echo > "$TEST_DIR/nbd-fault-injector.out"
$PYTHON nbd-fault-injector.py $extra_args "$nbd_addr" "$TEST_DIR/nbd-fault-injector.conf" >"$TEST_DIR/nbd-fault-injector.out" 2>&1 &
# Wait for server to be ready
@@ -94,7 +95,8 @@
done
# Extract the final address (port number has now been assigned in tcp case)
- nbd_addr=$(sed 's/Listening on \(.*\)$/\1/' "$TEST_DIR/nbd-fault-injector.out")
+ nbd_addr=$(sed -n 's/^Listening on //p' \
+ "$TEST_DIR/nbd-fault-injector.out")
if [ "$proto" = "tcp" ]; then
nbd_url="nbd+tcp://$nbd_addr/$export_name"
diff --git a/tests/qemu-iotests/087 b/tests/qemu-iotests/087
index 27ab6c5..2561a14 100755
--- a/tests/qemu-iotests/087
+++ b/tests/qemu-iotests/087
@@ -102,7 +102,14 @@
echo === aio=native without O_DIRECT ===
echo
-run_qemu <<EOF
+# Skip this test if AIO is not enabled in this build
+function run_qemu_filter_aio()
+{
+ run_qemu "$@" | \
+ sed -e 's/is not supported in this build/it requires cache.direct=on, which was not specified/'
+}
+
+run_qemu_filter_aio <<EOF
{ "execute": "qmp_capabilities" }
{ "execute": "blockdev-add",
"arguments": {
diff --git a/tests/qemu-iotests/093 b/tests/qemu-iotests/093
index ef39972..5c36a5f 100755
--- a/tests/qemu-iotests/093
+++ b/tests/qemu-iotests/093
@@ -308,6 +308,68 @@
groupname = "group%d" % i
self.verify_name(devname, groupname)
+class ThrottleTestRemovableMedia(iotests.QMPTestCase):
+ def setUp(self):
+ self.vm = iotests.VM()
+ if iotests.qemu_default_machine == 's390-ccw-virtio':
+ self.vm.add_device("virtio-scsi-ccw,id=virtio-scsi")
+ else:
+ self.vm.add_device("virtio-scsi-pci,id=virtio-scsi")
+ self.vm.launch()
+
+ def tearDown(self):
+ self.vm.shutdown()
+
+ def test_removable_media(self):
+ # Add a couple of dummy nodes named cd0 and cd1
+ result = self.vm.qmp("blockdev-add", driver="null-aio",
+ node_name="cd0")
+ self.assert_qmp(result, 'return', {})
+ result = self.vm.qmp("blockdev-add", driver="null-aio",
+ node_name="cd1")
+ self.assert_qmp(result, 'return', {})
+
+ # Attach a CD drive with cd0 inserted
+ result = self.vm.qmp("device_add", driver="scsi-cd",
+ id="dev0", drive="cd0")
+ self.assert_qmp(result, 'return', {})
+
+ # Set I/O limits
+ args = { "id": "dev0", "iops": 100, "iops_rd": 0, "iops_wr": 0,
+ "bps": 50, "bps_rd": 0, "bps_wr": 0 }
+ result = self.vm.qmp("block_set_io_throttle", conv_keys=False, **args)
+ self.assert_qmp(result, 'return', {})
+
+ # Check that the I/O limits have been set
+ result = self.vm.qmp("query-block")
+ self.assert_qmp(result, 'return[0]/inserted/iops', 100)
+ self.assert_qmp(result, 'return[0]/inserted/bps', 50)
+
+ # Now eject cd0 and insert cd1
+ result = self.vm.qmp("blockdev-open-tray", id='dev0')
+ self.assert_qmp(result, 'return', {})
+ result = self.vm.qmp("x-blockdev-remove-medium", id='dev0')
+ self.assert_qmp(result, 'return', {})
+ result = self.vm.qmp("x-blockdev-insert-medium", id='dev0', node_name='cd1')
+ self.assert_qmp(result, 'return', {})
+
+ # Check that the I/O limits are still the same
+ result = self.vm.qmp("query-block")
+ self.assert_qmp(result, 'return[0]/inserted/iops', 100)
+ self.assert_qmp(result, 'return[0]/inserted/bps', 50)
+
+ # Eject cd1
+ result = self.vm.qmp("x-blockdev-remove-medium", id='dev0')
+ self.assert_qmp(result, 'return', {})
+
+ # Check that we can't set limits if the device has no medium
+ result = self.vm.qmp("block_set_io_throttle", conv_keys=False, **args)
+ self.assert_qmp(result, 'error/class', 'GenericError')
+
+ # Remove the CD drive
+ result = self.vm.qmp("device_del", id='dev0')
+ self.assert_qmp(result, 'return', {})
+
if __name__ == '__main__':
iotests.main(supported_fmts=["raw"])
diff --git a/tests/qemu-iotests/093.out b/tests/qemu-iotests/093.out
index 2f7d390..594c16f 100644
--- a/tests/qemu-iotests/093.out
+++ b/tests/qemu-iotests/093.out
@@ -1,5 +1,5 @@
-.......
+........
----------------------------------------------------------------------
-Ran 7 tests
+Ran 8 tests
OK
diff --git a/tests/qemu-iotests/133 b/tests/qemu-iotests/133
index 9d35a6a..af6b3e1 100755
--- a/tests/qemu-iotests/133
+++ b/tests/qemu-iotests/133
@@ -83,6 +83,15 @@
$QEMU_IO -c 'reopen -o file.driver=file' $TEST_IMG
$QEMU_IO -c 'reopen -o backing.driver=qcow2' $TEST_IMG
+echo
+echo "=== Check that reopening works with non-string options ==="
+echo
+
+# Using the json: pseudo-protocol we can create non-string options
+# (Invoke 'info' just so we get some output afterwards)
+IMGOPTSSYNTAX=false $QEMU_IO -f null-co -c 'reopen' -c 'info' \
+ "json:{'driver': 'null-co', 'size': 65536}"
+
# success, all done
echo "*** done"
rm -f $seq.full
diff --git a/tests/qemu-iotests/133.out b/tests/qemu-iotests/133.out
index cc86b94..f4a85ae 100644
--- a/tests/qemu-iotests/133.out
+++ b/tests/qemu-iotests/133.out
@@ -19,4 +19,9 @@
=== Check that unchanged driver is okay ===
+
+=== Check that reopening works with non-string options ===
+
+format name: null-co
+format name: null-co
*** done
diff --git a/tests/qemu-iotests/136 b/tests/qemu-iotests/136
index 4b99489..88b97ea 100644
--- a/tests/qemu-iotests/136
+++ b/tests/qemu-iotests/136
@@ -238,6 +238,18 @@
for i in range(failed_wr_ops):
ops.append("aio_write %d 512" % bad_offset)
+ # We need an extra aio_flush to settle all outstanding AIO
+ # operations before we can advance the virtual clock, so that
+ # the last access happens before clock_step and idle_time_ns
+ # will be greater than 0
+ extra_flush = 0
+ if rd_ops + wr_ops + invalid_rd_ops + invalid_wr_ops + \
+ failed_rd_ops + failed_wr_ops > 0:
+ extra_flush = 1
+
+ if extra_flush > 0:
+ ops.append("aio_flush")
+
if failed_wr_ops > 0:
highest_offset = max(highest_offset, bad_offset + 512)
@@ -251,7 +263,7 @@
self.total_wr_bytes += wr_ops * wr_size
self.total_wr_ops += wr_ops
self.total_wr_merged += wr_merged
- self.total_flush_ops += flush_ops
+ self.total_flush_ops += flush_ops + extra_flush
self.invalid_rd_ops += invalid_rd_ops
self.invalid_wr_ops += invalid_wr_ops
self.failed_rd_ops += failed_rd_ops
diff --git a/tests/qemu-iotests/140 b/tests/qemu-iotests/140
index f89d0d6..a8fc951 100755
--- a/tests/qemu-iotests/140
+++ b/tests/qemu-iotests/140
@@ -78,7 +78,7 @@
'arguments': { 'device': 'drv' }}" \
'return'
-$QEMU_IO_PROG -f raw -c 'read -P 42 0 64k' \
+$QEMU_IO_PROG -f raw -r -c 'read -P 42 0 64k' \
"nbd+unix:///drv?socket=$TEST_DIR/nbd" 2>&1 \
| _filter_qemu_io | _filter_nbd
@@ -87,7 +87,7 @@
'arguments': { 'device': 'drv' }}" \
'return'
-$QEMU_IO_PROG -f raw -c close \
+$QEMU_IO_PROG -f raw -r -c close \
"nbd+unix:///drv?socket=$TEST_DIR/nbd" 2>&1 \
| _filter_qemu_io | _filter_nbd
diff --git a/tests/qemu-iotests/147 b/tests/qemu-iotests/147
index db34838..90f40ed 100755
--- a/tests/qemu-iotests/147
+++ b/tests/qemu-iotests/147
@@ -43,6 +43,7 @@
'driver': 'raw',
'file': {
'driver': 'nbd',
+ 'read-only': True,
'server': address
} }
if export is not None:
diff --git a/tests/qemu-iotests/176 b/tests/qemu-iotests/176
index 950b287..0f31a20 100755
--- a/tests/qemu-iotests/176
+++ b/tests/qemu-iotests/176
@@ -3,10 +3,11 @@
# Commit changes into backing chains and empty the top image if the
# backing image is not explicitly specified.
#
-# Variant of 097, which includes snapshots to test different codepath
-# in qcow2
+# Variant of 097, which includes snapshots and persistent bitmaps, to
+# tickle the slow codepath in qcow2. See also 198, for another feature
+# that tickles the slow codepath.
#
-# Copyright (C) 2014 Red Hat, Inc.
+# Copyright (C) 2014, 2017 Red Hat, Inc.
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
@@ -43,11 +44,18 @@
. ./common.filter
. ./common.pattern
-# Any format supporting backing files and bdrv_make_empty
+# This test is specific to qcow2
_supported_fmt qcow2
_supported_proto file
_supported_os Linux
+function run_qemu()
+{
+ $QEMU -nographic -qmp stdio -serial none "$@" 2>&1 \
+ | _filter_testdir | _filter_qmp | _filter_qemu
+}
+
+for reason in snapshot bitmap; do
# Four passes:
# 0: Two-layer backing chain, commit to upper backing file (implicitly)
@@ -66,14 +74,29 @@
for i in 0 1 2 3; do
echo
-echo "=== Test pass $i ==="
+echo "=== Test pass $reason.$i ==="
echo
len=$((2100 * 1024 * 1024 + 512)) # larger than 2G, and not cluster aligned
TEST_IMG="$TEST_IMG.base" _make_test_img $len
TEST_IMG="$TEST_IMG.itmd" _make_test_img -b "$TEST_IMG.base" $len
_make_test_img -b "$TEST_IMG.itmd" $len
-$QEMU_IMG snapshot -c snap "$TEST_IMG"
+# Update the top image to use a feature that is incompatible with fast path
+case $reason in
+ snapshot) $QEMU_IMG snapshot -c snap "$TEST_IMG" ;;
+ bitmap)
+ run_qemu <<EOF
+{ "execute": "qmp_capabilities" }
+{ "execute": "blockdev-add",
+ "arguments": { "driver": "qcow2", "node-name": "drive0",
+ "file": { "driver": "file", "filename": "$TEST_IMG" } } }
+{ "execute": "block-dirty-bitmap-add",
+ "arguments": { "node": "drive0", "name": "bitmap0",
+ "persistent": true, "autoload": true } }
+{ "execute": "quit" }
+EOF
+ ;;
+esac
$QEMU_IO -c "write -P 1 0x7ffd0000 192k" "$TEST_IMG.base" | _filter_qemu_io
$QEMU_IO -c "write -P 2 0x7ffe0000 128k" "$TEST_IMG.itmd" | _filter_qemu_io
@@ -122,8 +145,26 @@
$QEMU_IMG map "$TEST_IMG.itmd" | _filter_qemu_img_map
$QEMU_IMG map "$TEST_IMG" | _filter_qemu_img_map
-done
+# Check that the reason for slow path is still present, as appropriate
+case $reason in
+ snapshot)
+ $QEMU_IMG snapshot -l "$TEST_IMG" |
+ sed 's/^\(.\{20\}\).*/\1/; s/ *$//' ;;
+ bitmap)
+ run_qemu <<EOF
+{ "execute": "qmp_capabilities" }
+{ "execute": "blockdev-add",
+ "arguments": { "driver": "qcow2", "node-name": "drive0",
+ "file": { "driver": "file", "filename": "$TEST_IMG" } } }
+{ "execute": "x-debug-block-dirty-bitmap-sha256",
+ "arguments": { "node": "drive0", "name": "bitmap0" } }
+{ "execute": "quit" }
+EOF
+ ;;
+esac
+done
+done
# success, all done
echo "*** done"
diff --git a/tests/qemu-iotests/176.out b/tests/qemu-iotests/176.out
index 6271fa7..e62085c 100644
--- a/tests/qemu-iotests/176.out
+++ b/tests/qemu-iotests/176.out
@@ -1,6 +1,6 @@
QA output created by 176
-=== Test pass 0 ===
+=== Test pass snapshot.0 ===
Formatting 'TEST_DIR/t.IMGFMT.base', fmt=IMGFMT size=2202010112
Formatting 'TEST_DIR/t.IMGFMT.itmd', fmt=IMGFMT size=2202010112 backing_file=TEST_DIR/t.IMGFMT.base
@@ -36,8 +36,11 @@
0x7ffd0000 0x10000 TEST_DIR/t.IMGFMT.base
0x7ffe0000 0x20000 TEST_DIR/t.IMGFMT.itmd
0x83400000 0x200 TEST_DIR/t.IMGFMT.itmd
+Snapshot list:
+ID TAG
+1 snap
-=== Test pass 1 ===
+=== Test pass snapshot.1 ===
Formatting 'TEST_DIR/t.IMGFMT.base', fmt=IMGFMT size=2202010112
Formatting 'TEST_DIR/t.IMGFMT.itmd', fmt=IMGFMT size=2202010112 backing_file=TEST_DIR/t.IMGFMT.base
@@ -74,8 +77,11 @@
0x7ffe0000 0x10000 TEST_DIR/t.IMGFMT.itmd
0x7fff0000 0x10000 TEST_DIR/t.IMGFMT
0x83400000 0x200 TEST_DIR/t.IMGFMT
+Snapshot list:
+ID TAG
+1 snap
-=== Test pass 2 ===
+=== Test pass snapshot.2 ===
Formatting 'TEST_DIR/t.IMGFMT.base', fmt=IMGFMT size=2202010112
Formatting 'TEST_DIR/t.IMGFMT.itmd', fmt=IMGFMT size=2202010112 backing_file=TEST_DIR/t.IMGFMT.base
@@ -112,8 +118,11 @@
0x7ffe0000 0x10000 TEST_DIR/t.IMGFMT.itmd
0x7fff0000 0x10000 TEST_DIR/t.IMGFMT
0x83400000 0x200 TEST_DIR/t.IMGFMT
+Snapshot list:
+ID TAG
+1 snap
-=== Test pass 3 ===
+=== Test pass snapshot.3 ===
Formatting 'TEST_DIR/t.IMGFMT.base', fmt=IMGFMT size=2202010112
Formatting 'TEST_DIR/t.IMGFMT.itmd', fmt=IMGFMT size=2202010112 backing_file=TEST_DIR/t.IMGFMT.base
@@ -147,4 +156,203 @@
0x7ffe0000 0x10000 TEST_DIR/t.IMGFMT.itmd
0x7fff0000 0x10000 TEST_DIR/t.IMGFMT
0x83400000 0x200 TEST_DIR/t.IMGFMT
+Snapshot list:
+ID TAG
+1 snap
+
+=== Test pass bitmap.0 ===
+
+Formatting 'TEST_DIR/t.IMGFMT.base', fmt=IMGFMT size=2202010112
+Formatting 'TEST_DIR/t.IMGFMT.itmd', fmt=IMGFMT size=2202010112 backing_file=TEST_DIR/t.IMGFMT.base
+Formatting 'TEST_DIR/t.IMGFMT', fmt=IMGFMT size=2202010112 backing_file=TEST_DIR/t.IMGFMT.itmd
+QMP_VERSION
+{"return": {}}
+{"return": {}}
+{"return": {}}
+{"return": {}}
+{"timestamp": {"seconds": TIMESTAMP, "microseconds": TIMESTAMP}, "event": "SHUTDOWN", "data": {"guest": false}}
+wrote 196608/196608 bytes at offset 2147287040
+192 KiB, X ops; XX:XX:XX.X (XXX YYY/sec and XXX ops/sec)
+wrote 131072/131072 bytes at offset 2147352576
+128 KiB, X ops; XX:XX:XX.X (XXX YYY/sec and XXX ops/sec)
+wrote 65536/65536 bytes at offset 2147418112
+64 KiB, X ops; XX:XX:XX.X (XXX YYY/sec and XXX ops/sec)
+wrote 512/512 bytes at offset 2202009600
+512 bytes, X ops; XX:XX:XX.X (XXX YYY/sec and XXX ops/sec)
+Image committed.
+read 196608/196608 bytes at offset 2147287040
+192 KiB, X ops; XX:XX:XX.X (XXX YYY/sec and XXX ops/sec)
+read 512/512 bytes at offset 2202009600
+512 bytes, X ops; XX:XX:XX.X (XXX YYY/sec and XXX ops/sec)
+read 65536/65536 bytes at offset 2147287040
+64 KiB, X ops; XX:XX:XX.X (XXX YYY/sec and XXX ops/sec)
+read 65536/65536 bytes at offset 2147352576
+64 KiB, X ops; XX:XX:XX.X (XXX YYY/sec and XXX ops/sec)
+read 65536/65536 bytes at offset 2147418112
+64 KiB, X ops; XX:XX:XX.X (XXX YYY/sec and XXX ops/sec)
+read 512/512 bytes at offset 2202009600
+512 bytes, X ops; XX:XX:XX.X (XXX YYY/sec and XXX ops/sec)
+Offset Length File
+0x7ffd0000 0x30000 TEST_DIR/t.IMGFMT.base
+Offset Length File
+0x7ffd0000 0x10000 TEST_DIR/t.IMGFMT.base
+0x7ffe0000 0x20000 TEST_DIR/t.IMGFMT.itmd
+0x83400000 0x200 TEST_DIR/t.IMGFMT.itmd
+Offset Length File
+0x7ffd0000 0x10000 TEST_DIR/t.IMGFMT.base
+0x7ffe0000 0x20000 TEST_DIR/t.IMGFMT.itmd
+0x83400000 0x200 TEST_DIR/t.IMGFMT.itmd
+QMP_VERSION
+{"return": {}}
+{"return": {}}
+{"return": {"sha256": "e12600978d86b5a453861ae5c17d275204673fef3874b7c3c5433c6153d84706"}}
+{"return": {}}
+{"timestamp": {"seconds": TIMESTAMP, "microseconds": TIMESTAMP}, "event": "SHUTDOWN", "data": {"guest": false}}
+
+=== Test pass bitmap.1 ===
+
+Formatting 'TEST_DIR/t.IMGFMT.base', fmt=IMGFMT size=2202010112
+Formatting 'TEST_DIR/t.IMGFMT.itmd', fmt=IMGFMT size=2202010112 backing_file=TEST_DIR/t.IMGFMT.base
+Formatting 'TEST_DIR/t.IMGFMT', fmt=IMGFMT size=2202010112 backing_file=TEST_DIR/t.IMGFMT.itmd
+QMP_VERSION
+{"return": {}}
+{"return": {}}
+{"return": {}}
+{"return": {}}
+{"timestamp": {"seconds": TIMESTAMP, "microseconds": TIMESTAMP}, "event": "SHUTDOWN", "data": {"guest": false}}
+wrote 196608/196608 bytes at offset 2147287040
+192 KiB, X ops; XX:XX:XX.X (XXX YYY/sec and XXX ops/sec)
+wrote 131072/131072 bytes at offset 2147352576
+128 KiB, X ops; XX:XX:XX.X (XXX YYY/sec and XXX ops/sec)
+wrote 65536/65536 bytes at offset 2147418112
+64 KiB, X ops; XX:XX:XX.X (XXX YYY/sec and XXX ops/sec)
+wrote 512/512 bytes at offset 2202009600
+512 bytes, X ops; XX:XX:XX.X (XXX YYY/sec and XXX ops/sec)
+Image committed.
+read 196608/196608 bytes at offset 2147287040
+192 KiB, X ops; XX:XX:XX.X (XXX YYY/sec and XXX ops/sec)
+read 512/512 bytes at offset 2202009600
+512 bytes, X ops; XX:XX:XX.X (XXX YYY/sec and XXX ops/sec)
+read 65536/65536 bytes at offset 2147287040
+64 KiB, X ops; XX:XX:XX.X (XXX YYY/sec and XXX ops/sec)
+read 65536/65536 bytes at offset 2147352576
+64 KiB, X ops; XX:XX:XX.X (XXX YYY/sec and XXX ops/sec)
+read 65536/65536 bytes at offset 2147418112
+64 KiB, X ops; XX:XX:XX.X (XXX YYY/sec and XXX ops/sec)
+read 512/512 bytes at offset 2202009600
+512 bytes, X ops; XX:XX:XX.X (XXX YYY/sec and XXX ops/sec)
+Offset Length File
+0x7ffd0000 0x30000 TEST_DIR/t.IMGFMT.base
+Offset Length File
+0x7ffd0000 0x10000 TEST_DIR/t.IMGFMT.base
+0x7ffe0000 0x20000 TEST_DIR/t.IMGFMT.itmd
+0x83400000 0x200 TEST_DIR/t.IMGFMT.itmd
+Offset Length File
+0x7ffd0000 0x10000 TEST_DIR/t.IMGFMT.base
+0x7ffe0000 0x10000 TEST_DIR/t.IMGFMT.itmd
+0x7fff0000 0x10000 TEST_DIR/t.IMGFMT
+0x83400000 0x200 TEST_DIR/t.IMGFMT
+QMP_VERSION
+{"return": {}}
+{"return": {}}
+{"return": {"sha256": "e12600978d86b5a453861ae5c17d275204673fef3874b7c3c5433c6153d84706"}}
+{"return": {}}
+{"timestamp": {"seconds": TIMESTAMP, "microseconds": TIMESTAMP}, "event": "SHUTDOWN", "data": {"guest": false}}
+
+=== Test pass bitmap.2 ===
+
+Formatting 'TEST_DIR/t.IMGFMT.base', fmt=IMGFMT size=2202010112
+Formatting 'TEST_DIR/t.IMGFMT.itmd', fmt=IMGFMT size=2202010112 backing_file=TEST_DIR/t.IMGFMT.base
+Formatting 'TEST_DIR/t.IMGFMT', fmt=IMGFMT size=2202010112 backing_file=TEST_DIR/t.IMGFMT.itmd
+QMP_VERSION
+{"return": {}}
+{"return": {}}
+{"return": {}}
+{"return": {}}
+{"timestamp": {"seconds": TIMESTAMP, "microseconds": TIMESTAMP}, "event": "SHUTDOWN", "data": {"guest": false}}
+wrote 196608/196608 bytes at offset 2147287040
+192 KiB, X ops; XX:XX:XX.X (XXX YYY/sec and XXX ops/sec)
+wrote 131072/131072 bytes at offset 2147352576
+128 KiB, X ops; XX:XX:XX.X (XXX YYY/sec and XXX ops/sec)
+wrote 65536/65536 bytes at offset 2147418112
+64 KiB, X ops; XX:XX:XX.X (XXX YYY/sec and XXX ops/sec)
+wrote 512/512 bytes at offset 2202009600
+512 bytes, X ops; XX:XX:XX.X (XXX YYY/sec and XXX ops/sec)
+Image committed.
+read 196608/196608 bytes at offset 2147287040
+192 KiB, X ops; XX:XX:XX.X (XXX YYY/sec and XXX ops/sec)
+read 512/512 bytes at offset 2202009600
+512 bytes, X ops; XX:XX:XX.X (XXX YYY/sec and XXX ops/sec)
+read 65536/65536 bytes at offset 2147287040
+64 KiB, X ops; XX:XX:XX.X (XXX YYY/sec and XXX ops/sec)
+read 65536/65536 bytes at offset 2147352576
+64 KiB, X ops; XX:XX:XX.X (XXX YYY/sec and XXX ops/sec)
+read 65536/65536 bytes at offset 2147418112
+64 KiB, X ops; XX:XX:XX.X (XXX YYY/sec and XXX ops/sec)
+read 512/512 bytes at offset 2202009600
+512 bytes, X ops; XX:XX:XX.X (XXX YYY/sec and XXX ops/sec)
+Offset Length File
+0x7ffd0000 0x30000 TEST_DIR/t.IMGFMT.base
+Offset Length File
+0x7ffd0000 0x10000 TEST_DIR/t.IMGFMT.base
+0x7ffe0000 0x20000 TEST_DIR/t.IMGFMT.itmd
+0x83400000 0x200 TEST_DIR/t.IMGFMT.itmd
+Offset Length File
+0x7ffd0000 0x10000 TEST_DIR/t.IMGFMT.base
+0x7ffe0000 0x10000 TEST_DIR/t.IMGFMT.itmd
+0x7fff0000 0x10000 TEST_DIR/t.IMGFMT
+0x83400000 0x200 TEST_DIR/t.IMGFMT
+QMP_VERSION
+{"return": {}}
+{"return": {}}
+{"return": {"sha256": "e12600978d86b5a453861ae5c17d275204673fef3874b7c3c5433c6153d84706"}}
+{"return": {}}
+{"timestamp": {"seconds": TIMESTAMP, "microseconds": TIMESTAMP}, "event": "SHUTDOWN", "data": {"guest": false}}
+
+=== Test pass bitmap.3 ===
+
+Formatting 'TEST_DIR/t.IMGFMT.base', fmt=IMGFMT size=2202010112
+Formatting 'TEST_DIR/t.IMGFMT.itmd', fmt=IMGFMT size=2202010112 backing_file=TEST_DIR/t.IMGFMT.base
+Formatting 'TEST_DIR/t.IMGFMT', fmt=IMGFMT size=2202010112 backing_file=TEST_DIR/t.IMGFMT.itmd
+QMP_VERSION
+{"return": {}}
+{"return": {}}
+{"return": {}}
+{"return": {}}
+{"timestamp": {"seconds": TIMESTAMP, "microseconds": TIMESTAMP}, "event": "SHUTDOWN", "data": {"guest": false}}
+wrote 196608/196608 bytes at offset 2147287040
+192 KiB, X ops; XX:XX:XX.X (XXX YYY/sec and XXX ops/sec)
+wrote 131072/131072 bytes at offset 2147352576
+128 KiB, X ops; XX:XX:XX.X (XXX YYY/sec and XXX ops/sec)
+wrote 65536/65536 bytes at offset 2147418112
+64 KiB, X ops; XX:XX:XX.X (XXX YYY/sec and XXX ops/sec)
+wrote 512/512 bytes at offset 2202009600
+512 bytes, X ops; XX:XX:XX.X (XXX YYY/sec and XXX ops/sec)
+Image committed.
+read 65536/65536 bytes at offset 2147287040
+64 KiB, X ops; XX:XX:XX.X (XXX YYY/sec and XXX ops/sec)
+read 65536/65536 bytes at offset 2147352576
+64 KiB, X ops; XX:XX:XX.X (XXX YYY/sec and XXX ops/sec)
+read 65536/65536 bytes at offset 2147418112
+64 KiB, X ops; XX:XX:XX.X (XXX YYY/sec and XXX ops/sec)
+read 512/512 bytes at offset 2202009600
+512 bytes, X ops; XX:XX:XX.X (XXX YYY/sec and XXX ops/sec)
+Offset Length File
+0x7ffd0000 0x30000 TEST_DIR/t.IMGFMT.base
+0x83400000 0x200 TEST_DIR/t.IMGFMT.base
+Offset Length File
+0x7ffd0000 0x10000 TEST_DIR/t.IMGFMT.base
+0x7ffe0000 0x20000 TEST_DIR/t.IMGFMT.itmd
+0x83400000 0x200 TEST_DIR/t.IMGFMT.base
+Offset Length File
+0x7ffd0000 0x10000 TEST_DIR/t.IMGFMT.base
+0x7ffe0000 0x10000 TEST_DIR/t.IMGFMT.itmd
+0x7fff0000 0x10000 TEST_DIR/t.IMGFMT
+0x83400000 0x200 TEST_DIR/t.IMGFMT
+QMP_VERSION
+{"return": {}}
+{"return": {}}
+{"return": {"sha256": "e12600978d86b5a453861ae5c17d275204673fef3874b7c3c5433c6153d84706"}}
+{"return": {}}
+{"timestamp": {"seconds": TIMESTAMP, "microseconds": TIMESTAMP}, "event": "SHUTDOWN", "data": {"guest": false}}
*** done
diff --git a/tests/qemu-iotests/182 b/tests/qemu-iotests/182
index 2e078ce..4b31592 100755
--- a/tests/qemu-iotests/182
+++ b/tests/qemu-iotests/182
@@ -62,7 +62,7 @@
echo
echo "Starting a second QEMU using the same image should fail"
-echo 'quit' | $QEMU -monitor stdio \
+echo 'quit' | $QEMU -nographic -monitor stdio \
-drive file=$TEST_IMG,if=none,id=drive0,file.locking=on \
-device $virtioblk,drive=drive0 2>&1 | _filter_testdir 2>&1 |
_filter_qemu |
diff --git a/tests/qemu-iotests/194 b/tests/qemu-iotests/194
index 8d973b4..1d4214a 100755
--- a/tests/qemu-iotests/194
+++ b/tests/qemu-iotests/194
@@ -21,7 +21,7 @@
import iotests
-iotests.verify_image_format(unsupported_fmts=['luks'])
+iotests.verify_image_format(supported_fmts=['qcow2', 'qed', 'raw', 'dmg'])
iotests.verify_platform(['linux'])
with iotests.FilePath('source.img') as source_img_path, \
diff --git a/tests/qemu-iotests/196 b/tests/qemu-iotests/196
new file mode 100755
index 0000000..4116ebc
--- /dev/null
+++ b/tests/qemu-iotests/196
@@ -0,0 +1,66 @@
+#!/usr/bin/env python
+#
+# Test clearing unknown autoclear_features flag by qcow2 after
+# migration. This test mimics migration to older qemu.
+#
+# Copyright (c) 2017 Parallels International GmbH
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation; either version 2 of the License, or
+# (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program. If not, see <http://www.gnu.org/licenses/>.
+#
+
+import os
+import iotests
+from iotests import qemu_img
+
+disk = os.path.join(iotests.test_dir, 'disk')
+migfile = os.path.join(iotests.test_dir, 'migfile')
+
+class TestInvalidateAutoclear(iotests.QMPTestCase):
+
+ def tearDown(self):
+ self.vm_a.shutdown()
+ self.vm_b.shutdown()
+ os.remove(disk)
+ os.remove(migfile)
+
+ def setUp(self):
+ qemu_img('create', '-f', iotests.imgfmt, disk, '1M')
+
+ self.vm_a = iotests.VM(path_suffix='a').add_drive(disk)
+ self.vm_a.launch()
+
+ self.vm_b = iotests.VM(path_suffix='b').add_drive(disk)
+ self.vm_b.add_incoming("exec: cat '" + migfile + "'")
+
+ def test_migration(self):
+ result = self.vm_a.qmp('migrate', uri='exec:cat>' + migfile)
+ self.assert_qmp(result, 'return', {});
+ self.assertNotEqual(self.vm_a.event_wait("STOP"), None)
+
+ with open(disk, 'r+b') as f:
+ f.seek(88) # first byte of autoclear_features field
+ f.write(b'\xff')
+
+ self.vm_b.launch()
+ while True:
+ result = self.vm_b.qmp('query-status')
+ if result['return']['status'] == 'running':
+ break
+
+ with open(disk, 'rb') as f:
+ f.seek(88)
+ self.assertEqual(f.read(1), b'\x00')
+
+if __name__ == '__main__':
+ iotests.main(supported_fmts=['qcow2'])
diff --git a/tests/qemu-iotests/196.out b/tests/qemu-iotests/196.out
new file mode 100644
index 0000000..ae1213e
--- /dev/null
+++ b/tests/qemu-iotests/196.out
@@ -0,0 +1,5 @@
+.
+----------------------------------------------------------------------
+Ran 1 tests
+
+OK
diff --git a/tests/qemu-iotests/198 b/tests/qemu-iotests/198
new file mode 100755
index 0000000..34ef666
--- /dev/null
+++ b/tests/qemu-iotests/198
@@ -0,0 +1,104 @@
+#!/bin/bash
+#
+# Test commit of encrypted qcow2 files
+#
+# Copyright (C) 2017 Red Hat, Inc.
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation; either version 2 of the License, or
+# (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program. If not, see <http://www.gnu.org/licenses/>.
+#
+
+# creator
+owner=berrange@redhat.com
+
+seq=`basename $0`
+echo "QA output created by $seq"
+
+here=`pwd`
+status=1 # failure is the default!
+
+_cleanup()
+{
+ _cleanup_test_img
+}
+trap "_cleanup; exit \$status" 0 1 2 3 15
+
+# get standard environment, filters and checks
+. ./common.rc
+. ./common.filter
+
+_supported_fmt qcow2
+_supported_proto generic
+_supported_os Linux
+
+
+size=16M
+TEST_IMG_BASE=$TEST_IMG.base
+SECRET0="secret,id=sec0,data=astrochicken"
+SECRET1="secret,id=sec1,data=furby"
+
+TEST_IMG_SAVE=$TEST_IMG
+TEST_IMG=$TEST_IMG_BASE
+echo "== create base =="
+_make_test_img --object $SECRET0 -o "encrypt.format=luks,encrypt.key-secret=sec0,encrypt.iter-time=10" $size
+TEST_IMG=$TEST_IMG_SAVE
+
+IMGSPECBASE="driver=$IMGFMT,file.filename=$TEST_IMG_BASE,encrypt.key-secret=sec0"
+IMGSPECLAYER="driver=$IMGFMT,file.filename=$TEST_IMG,encrypt.key-secret=sec1"
+IMGSPEC="$IMGSPECLAYER,backing.driver=$IMGFMT,backing.file.filename=$TEST_IMG_BASE,backing.encrypt.key-secret=sec0"
+QEMU_IO_OPTIONS=$QEMU_IO_OPTIONS_NO_FMT
+
+echo
+echo "== writing whole image base =="
+$QEMU_IO --object $SECRET0 -c "write -P 0xa 0 $size" --image-opts $IMGSPECBASE | _filter_qemu_io | _filter_testdir
+
+echo "== create overlay =="
+_make_test_img --object $SECRET1 -o "encrypt.format=luks,encrypt.key-secret=sec1,encrypt.iter-time=10" -u -b "$TEST_IMG_BASE" $size
+
+echo
+echo "== writing whole image layer =="
+$QEMU_IO --object $SECRET0 --object $SECRET1 -c "write -P 0x9 0 $size" --image-opts $IMGSPEC | _filter_qemu_io | _filter_testdir
+
+echo
+echo "== verify pattern base =="
+$QEMU_IO --object $SECRET0 -c "read -P 0xa 0 $size" --image-opts $IMGSPECBASE | _filter_qemu_io | _filter_testdir
+
+echo
+echo "== verify pattern layer =="
+$QEMU_IO --object $SECRET0 --object $SECRET1 -c "read -P 0x9 0 $size" --image-opts $IMGSPEC | _filter_qemu_io | _filter_testdir
+
+echo
+echo "== committing layer into base =="
+$QEMU_IMG commit --object $SECRET0 --object $SECRET1 --image-opts $IMGSPEC | _filter_testdir
+
+echo
+echo "== verify pattern base =="
+$QEMU_IO --object $SECRET0 -c "read -P 0x9 0 $size" --image-opts $IMGSPECBASE | _filter_qemu_io | _filter_testdir
+
+echo
+echo "== verify pattern layer =="
+$QEMU_IO --object $SECRET0 --object $SECRET1 -c "read -P 0x9 0 $size" --image-opts $IMGSPEC | _filter_qemu_io | _filter_testdir
+
+echo
+echo "== checking image base =="
+$QEMU_IMG info --image-opts $IMGSPECBASE | _filter_img_info | _filter_testdir | sed -e "/^disk size:/ D"
+
+echo
+echo "== checking image layer =="
+$QEMU_IMG info --image-opts $IMGSPECLAYER | _filter_img_info | _filter_testdir | sed -e "/^disk size:/ D"
+
+
+# success, all done
+echo "*** done"
+rm -f $seq.full
+status=0
diff --git a/tests/qemu-iotests/198.out b/tests/qemu-iotests/198.out
new file mode 100644
index 0000000..2db565e
--- /dev/null
+++ b/tests/qemu-iotests/198.out
@@ -0,0 +1,126 @@
+QA output created by 198
+== create base ==
+Formatting 'TEST_DIR/t.IMGFMT.base', fmt=IMGFMT size=16777216 encrypt.format=luks encrypt.key-secret=sec0 encrypt.iter-time=10
+
+== writing whole image base ==
+wrote 16777216/16777216 bytes at offset 0
+16 MiB, X ops; XX:XX:XX.X (XXX YYY/sec and XXX ops/sec)
+== create overlay ==
+Formatting 'TEST_DIR/t.IMGFMT', fmt=IMGFMT size=16777216 backing_file=TEST_DIR/t.IMGFMT.base encrypt.format=luks encrypt.key-secret=sec1 encrypt.iter-time=10
+
+== writing whole image layer ==
+wrote 16777216/16777216 bytes at offset 0
+16 MiB, X ops; XX:XX:XX.X (XXX YYY/sec and XXX ops/sec)
+
+== verify pattern base ==
+read 16777216/16777216 bytes at offset 0
+16 MiB, X ops; XX:XX:XX.X (XXX YYY/sec and XXX ops/sec)
+
+== verify pattern layer ==
+read 16777216/16777216 bytes at offset 0
+16 MiB, X ops; XX:XX:XX.X (XXX YYY/sec and XXX ops/sec)
+
+== committing layer into base ==
+Image committed.
+
+== verify pattern base ==
+read 16777216/16777216 bytes at offset 0
+16 MiB, X ops; XX:XX:XX.X (XXX YYY/sec and XXX ops/sec)
+
+== verify pattern layer ==
+read 16777216/16777216 bytes at offset 0
+16 MiB, X ops; XX:XX:XX.X (XXX YYY/sec and XXX ops/sec)
+
+== checking image base ==
+image: json:{"encrypt.key-secret": "sec0", "driver": "IMGFMT", "file": {"driver": "file", "filename": "TEST_DIR/t.IMGFMT.base"}}
+file format: IMGFMT
+virtual size: 16M (16777216 bytes)
+Format specific information:
+ compat: 1.1
+ lazy refcounts: false
+ refcount bits: 16
+ encrypt:
+ ivgen alg: plain64
+ hash alg: sha256
+ cipher alg: aes-256
+ uuid: 00000000-0000-0000-0000-000000000000
+ format: luks
+ cipher mode: xts
+ slots:
+ [0]:
+ active: true
+ iters: 1024
+ key offset: 4096
+ stripes: 4000
+ [1]:
+ active: false
+ key offset: 262144
+ [2]:
+ active: false
+ key offset: 520192
+ [3]:
+ active: false
+ key offset: 778240
+ [4]:
+ active: false
+ key offset: 1036288
+ [5]:
+ active: false
+ key offset: 1294336
+ [6]:
+ active: false
+ key offset: 1552384
+ [7]:
+ active: false
+ key offset: 1810432
+ payload offset: 2068480
+ master key iters: 1024
+ corrupt: false
+
+== checking image layer ==
+image: json:{"encrypt.key-secret": "sec1", "driver": "IMGFMT", "file": {"driver": "file", "filename": "TEST_DIR/t.IMGFMT"}}
+file format: IMGFMT
+virtual size: 16M (16777216 bytes)
+backing file: TEST_DIR/t.IMGFMT.base
+Format specific information:
+ compat: 1.1
+ lazy refcounts: false
+ refcount bits: 16
+ encrypt:
+ ivgen alg: plain64
+ hash alg: sha256
+ cipher alg: aes-256
+ uuid: 00000000-0000-0000-0000-000000000000
+ format: luks
+ cipher mode: xts
+ slots:
+ [0]:
+ active: true
+ iters: 1024
+ key offset: 4096
+ stripes: 4000
+ [1]:
+ active: false
+ key offset: 262144
+ [2]:
+ active: false
+ key offset: 520192
+ [3]:
+ active: false
+ key offset: 778240
+ [4]:
+ active: false
+ key offset: 1036288
+ [5]:
+ active: false
+ key offset: 1294336
+ [6]:
+ active: false
+ key offset: 1552384
+ [7]:
+ active: false
+ key offset: 1810432
+ payload offset: 2068480
+ master key iters: 1024
+ corrupt: false
+*** done
diff --git a/tests/qemu-iotests/common.filter b/tests/qemu-iotests/common.filter
index 873ca6b..d923779 100644
--- a/tests/qemu-iotests/common.filter
+++ b/tests/qemu-iotests/common.filter
@@ -157,7 +157,9 @@
-e "/lazy_refcounts: \\(on\\|off\\)/d" \
-e "/block_size: [0-9]\\+/d" \
-e "/block_state_zero: \\(on\\|off\\)/d" \
- -e "/log_size: [0-9]\\+/d"
+ -e "/log_size: [0-9]\\+/d" \
+ -e "s/iters: [0-9]\\+/iters: 1024/" \
+ -e "s/uuid: [-a-f0-9]\\+/uuid: 00000000-0000-0000-0000-000000000000/"
}
# filter out offsets and file names from qemu-img map; good for both
diff --git a/tests/qemu-iotests/common.rc b/tests/qemu-iotests/common.rc
index 0e8a33c..dbae7d7 100644
--- a/tests/qemu-iotests/common.rc
+++ b/tests/qemu-iotests/common.rc
@@ -242,7 +242,7 @@
if [ $IMGPROTO = "nbd" ]; then
# Pass a sufficiently high number to -e that should be enough for all
# tests
- eval "$QEMU_NBD -v -t -b 127.0.0.1 -p 10810 -f $IMGFMT -e 42 $TEST_IMG_FILE >/dev/null &"
+ eval "$QEMU_NBD -v -t -b 127.0.0.1 -p 10810 -f $IMGFMT -e 42 -x '' $TEST_IMG_FILE >/dev/null &"
sleep 1 # FIXME: qemu-nbd needs to be listening before we continue
fi
diff --git a/tests/qemu-iotests/group b/tests/qemu-iotests/group
index 24e5ad1..1fad602 100644
--- a/tests/qemu-iotests/group
+++ b/tests/qemu-iotests/group
@@ -193,4 +193,6 @@
192 rw auto quick
194 rw auto migration quick
195 rw auto quick
+196 rw auto quick
197 rw auto quick
+198 rw auto
diff --git a/tests/test-aio-multithread.c b/tests/test-aio-multithread.c
index 549d784..d396185 100644
--- a/tests/test-aio-multithread.c
+++ b/tests/test-aio-multithread.c
@@ -144,17 +144,16 @@
static coroutine_fn void test_multi_co_schedule_entry(void *opaque)
{
g_assert(to_schedule[id] == NULL);
- atomic_mb_set(&to_schedule[id], qemu_coroutine_self());
while (!atomic_mb_read(&now_stopping)) {
int n;
n = g_test_rand_int_range(0, NUM_CONTEXTS);
schedule_next(n);
- qemu_coroutine_yield();
- g_assert(to_schedule[id] == NULL);
atomic_mb_set(&to_schedule[id], qemu_coroutine_self());
+ qemu_coroutine_yield();
+ g_assert(to_schedule[id] == NULL);
}
}
diff --git a/tests/test-crypto-block.c b/tests/test-crypto-block.c
index bd7fe59..fd29a04 100644
--- a/tests/test-crypto-block.c
+++ b/tests/test-crypto-block.c
@@ -28,7 +28,8 @@
#include <sys/resource.h>
#endif
-#if (defined(_WIN32) || defined RUSAGE_THREAD)
+#if (defined(_WIN32) || defined RUSAGE_THREAD) && \
+ (defined(CONFIG_NETTLE_KDF) || defined(CONFIG_GCRYPT_KDF))
#define TEST_LUKS
#else
#undef TEST_LUKS
diff --git a/tests/vmgenid-test.c b/tests/vmgenid-test.c
index b6e7b3b..5a86b40 100644
--- a/tests/vmgenid-test.c
+++ b/tests/vmgenid-test.c
@@ -38,7 +38,7 @@
uint32_t rsdp_offset;
uint32_t guid_offset = 0;
AcpiRsdpDescriptor rsdp_table;
- uint32_t rsdt;
+ uint32_t rsdt, rsdt_table_length;
AcpiRsdtDescriptorRev1 rsdt_table;
size_t tables_nr;
uint32_t *tables;
@@ -56,14 +56,15 @@
acpi_parse_rsdp_table(rsdp_offset, &rsdp_table);
- rsdt = rsdp_table.rsdt_physical_address;
+ rsdt = le32_to_cpu(rsdp_table.rsdt_physical_address);
/* read the header */
ACPI_READ_TABLE_HEADER(&rsdt_table, rsdt);
ACPI_ASSERT_CMP(rsdt_table.signature, "RSDT");
+ rsdt_table_length = le32_to_cpu(rsdt_table.length);
/* compute the table entries in rsdt */
- g_assert_cmpint(rsdt_table.length, >, sizeof(AcpiRsdtDescriptorRev1));
- tables_nr = (rsdt_table.length - sizeof(AcpiRsdtDescriptorRev1)) /
+ g_assert_cmpint(rsdt_table_length, >, sizeof(AcpiRsdtDescriptorRev1));
+ tables_nr = (rsdt_table_length - sizeof(AcpiRsdtDescriptorRev1)) /
sizeof(uint32_t);
/* get the addresses of the tables pointed by rsdt */
@@ -71,23 +72,24 @@
ACPI_READ_ARRAY_PTR(tables, tables_nr, rsdt);
for (i = 0; i < tables_nr; i++) {
- ACPI_READ_TABLE_HEADER(&ssdt_table, tables[i]);
+ uint32_t addr = le32_to_cpu(tables[i]);
+ ACPI_READ_TABLE_HEADER(&ssdt_table, addr);
if (!strncmp((char *)ssdt_table.oem_table_id, "VMGENID", 7)) {
/* the first entry in the table should be VGIA
* That's all we need
*/
- ACPI_READ_FIELD(vgid_table.name_op, tables[i]);
+ ACPI_READ_FIELD(vgid_table.name_op, addr);
g_assert(vgid_table.name_op == 0x08); /* name */
- ACPI_READ_ARRAY(vgid_table.vgia, tables[i]);
+ ACPI_READ_ARRAY(vgid_table.vgia, addr);
g_assert(memcmp(vgid_table.vgia, "VGIA", 4) == 0);
- ACPI_READ_FIELD(vgid_table.val_op, tables[i]);
+ ACPI_READ_FIELD(vgid_table.val_op, addr);
g_assert(vgid_table.val_op == 0x0C); /* dword */
- ACPI_READ_FIELD(vgid_table.vgia_val, tables[i]);
+ ACPI_READ_FIELD(vgid_table.vgia_val, addr);
/* The GUID is written at a fixed offset into the fw_cfg file
* in order to implement the "OVMF SDT Header probe suppressor"
* see docs/specs/vmgenid.txt for more details
*/
- guid_offset = vgid_table.vgia_val + VMGENID_GUID_OFFSET;
+ guid_offset = le32_to_cpu(vgid_table.vgia_val) + VMGENID_GUID_OFFSET;
break;
}
}
diff --git a/ui/console-gl.c b/ui/console-gl.c
index 5b77e7a..a56e1cd 100644
--- a/ui/console-gl.c
+++ b/ui/console-gl.c
@@ -48,7 +48,7 @@
DisplaySurface *surface)
{
assert(gls);
- assert(surface_stride(surface) % surface_bytes_per_pixel(surface) == 0);
+ assert(QEMU_IS_ALIGNED(surface_stride(surface), surface_bytes_per_pixel(surface)));
switch (surface->format) {
case PIXMAN_BE_b8g8r8x8:
diff --git a/ui/console.c b/ui/console.c
index eca854c..c4c95ab 100644
--- a/ui/console.c
+++ b/ui/console.c
@@ -1471,6 +1471,7 @@
dcl->con->dcls--;
}
QLIST_REMOVE(dcl, next);
+ dcl->ds = NULL;
gui_setup_refresh(ds);
}
diff --git a/ui/sdl2.c b/ui/sdl2.c
index 53dd447..8718cf3 100644
--- a/ui/sdl2.c
+++ b/ui/sdl2.c
@@ -169,10 +169,10 @@
return;
}
- if (qemu_input_is_absolute()) {
- SDL_ShowCursor(1);
- SDL_SetCursor(sdl_cursor_hidden);
- } else {
+ SDL_ShowCursor(SDL_DISABLE);
+ SDL_SetCursor(sdl_cursor_hidden);
+
+ if (!qemu_input_is_absolute()) {
SDL_SetRelativeMouseMode(SDL_TRUE);
}
}
@@ -185,14 +185,16 @@
if (!qemu_input_is_absolute()) {
SDL_SetRelativeMouseMode(SDL_FALSE);
- SDL_ShowCursor(1);
- if (guest_cursor &&
- (gui_grab || qemu_input_is_absolute() || absolute_enabled)) {
- SDL_SetCursor(guest_sprite);
- } else {
- SDL_SetCursor(sdl_cursor_normal);
- }
}
+
+ if (guest_cursor &&
+ (gui_grab || qemu_input_is_absolute() || absolute_enabled)) {
+ SDL_SetCursor(guest_sprite);
+ } else {
+ SDL_SetCursor(sdl_cursor_normal);
+ }
+
+ SDL_ShowCursor(SDL_ENABLE);
}
static void sdl_grab_start(struct sdl2_console *scon)
@@ -440,6 +442,7 @@
sdl2_reset_keys(scon);
return;
}
+ sdl2_reset_keys(scon);
gui_keysym = 0;
}
if (!gui_keysym) {
@@ -468,8 +471,9 @@
SDL_GetWindowSize(scon->real_window, &scr_w, &scr_h);
max_x = scr_w - 1;
max_y = scr_h - 1;
- if (gui_grab && (ev->motion.x == 0 || ev->motion.y == 0 ||
- ev->motion.x == max_x || ev->motion.y == max_y)) {
+ if (gui_grab && !gui_fullscreen
+ && (ev->motion.x == 0 || ev->motion.y == 0 ||
+ ev->motion.x == max_x || ev->motion.y == max_y)) {
sdl_grab_end(scon);
}
if (!gui_grab &&
@@ -566,20 +570,21 @@
update_displaychangelistener(&scon->dcl, 500);
break;
case SDL_WINDOWEVENT_CLOSE:
- if (!no_quit) {
- no_shutdown = 0;
- qemu_system_shutdown_request(SHUTDOWN_CAUSE_HOST_UI);
+ if (qemu_console_is_graphic(scon->dcl.con)) {
+ if (!no_quit) {
+ no_shutdown = 0;
+ qemu_system_shutdown_request(SHUTDOWN_CAUSE_HOST_UI);
+ }
+ } else {
+ SDL_HideWindow(scon->real_window);
+ scon->hidden = true;
}
break;
case SDL_WINDOWEVENT_SHOWN:
- if (scon->hidden) {
- SDL_HideWindow(scon->real_window);
- }
+ scon->hidden = false;
break;
case SDL_WINDOWEVENT_HIDDEN:
- if (!scon->hidden) {
- SDL_ShowWindow(scon->real_window);
- }
+ scon->hidden = true;
break;
}
}
diff --git a/util/async.c b/util/async.c
index 355af73..0e1bd87 100644
--- a/util/async.c
+++ b/util/async.c
@@ -174,7 +174,7 @@
*/
void qemu_bh_cancel(QEMUBH *bh)
{
- bh->scheduled = 0;
+ atomic_mb_set(&bh->scheduled, 0);
}
/* This func is async.The bottom half will do the delete action at the finial
diff --git a/util/stats64.c b/util/stats64.c
index 9968fcc..389c365 100644
--- a/util/stats64.c
+++ b/util/stats64.c
@@ -91,7 +91,7 @@
low = atomic_read(&s->low);
orig = ((uint64_t)high << 32) | low;
- if (orig < value) {
+ if (value < orig) {
/* We have to set low before high, just like stat64_min reads
* high before low. The value may become higher temporarily, but
* stat64_get does not notice (it takes the lock) and the only ill
@@ -120,7 +120,7 @@
low = atomic_read(&s->low);
orig = ((uint64_t)high << 32) | low;
- if (orig > value) {
+ if (value > orig) {
/* We have to set low before high, just like stat64_max reads
* high before low. The value may become lower temporarily, but
* stat64_get does not notice (it takes the lock) and the only ill
diff --git a/vl.c b/vl.c
index ec29909..1ad1c04 100644
--- a/vl.c
+++ b/vl.c
@@ -160,8 +160,8 @@
Chardev *sclp_hds[MAX_SCLP_CONSOLES];
int win2k_install_hack = 0;
int singlestep = 0;
-int smp_cpus = 1;
-unsigned int max_cpus = 1;
+int smp_cpus;
+unsigned int max_cpus;
int smp_cores = 1;
int smp_threads = 1;
int acpi_enabled = 1;
@@ -4327,9 +4327,24 @@
exit(0);
}
+ /* machine_class: default to UP */
+ machine_class->max_cpus = machine_class->max_cpus ?: 1;
+ machine_class->min_cpus = machine_class->min_cpus ?: 1;
+ machine_class->default_cpus = machine_class->default_cpus ?: 1;
+
+ /* default to machine_class->default_cpus */
+ smp_cpus = machine_class->default_cpus;
+ max_cpus = machine_class->default_cpus;
+
smp_parse(qemu_opts_find(qemu_find_opts("smp-opts"), NULL));
- machine_class->max_cpus = machine_class->max_cpus ?: 1; /* Default to UP */
+ /* sanity-check smp_cpus and max_cpus against machine_class */
+ if (smp_cpus < machine_class->min_cpus) {
+ error_report("Invalid SMP CPUs %d. The min CPUs "
+ "supported by machine '%s' is %d", smp_cpus,
+ machine_class->name, machine_class->min_cpus);
+ exit(1);
+ }
if (max_cpus > machine_class->max_cpus) {
error_report("Invalid SMP CPUs %d. The max CPUs "
"supported by machine '%s' is %d", max_cpus,
@@ -4675,8 +4690,6 @@
default_drive(default_floppy, snapshot, IF_FLOPPY, 0, FD_OPTS);
default_drive(default_sdcard, snapshot, IF_SD, 0, SD_OPTS);
- parse_numa_opts(current_machine);
-
if (qemu_opts_foreach(qemu_find_opts("mon"),
mon_init_func, NULL, NULL)) {
exit(1);
@@ -4726,6 +4739,7 @@
current_machine->boot_order = boot_order;
current_machine->cpu_model = cpu_model;
+ parse_numa_opts(current_machine);
/* parse features once if machine provides default cpu_type */
if (machine_class->default_cpu_type) {
