sdk/emulator/qemu.git
9 years agoerror: Use error_report_err() where appropriate
Markus Armbruster [Thu, 12 Feb 2015 12:55:05 +0000 (13:55 +0100)]
error: Use error_report_err() where appropriate

Coccinelle semantic patch:

    @@
    expression E;
    @@
    -    error_report("%s", error_get_pretty(E));
    -    error_free(E);
    +    error_report_err(E);
    @@
    expression E, S;
    @@
    -    error_report("%s", error_get_pretty(E));
    +    error_report_err(E);
    (
         exit(S);
    |
         abort();
    )

Trivial manual touch-ups in block/sheepdog.c.

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
9 years agoerror: New convenience function error_report_err()
Markus Armbruster [Fri, 6 Feb 2015 14:27:19 +0000 (15:27 +0100)]
error: New convenience function error_report_err()

I've typed error_report("%s", error_get_pretty(ERR)) too many times
already, and I've fixed too many instances of qerror_report_err(ERR)
to error_report("%s", error_get_pretty(ERR)) as well.  Capture the
pattern in a convenience function.

Since it's almost invariably followed by error_free(), stuff that into
the convenience function as well.

The next patch will put it to use.

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
9 years agovhost-scsi: Improve error reporting for invalid vhostfd
Markus Armbruster [Mon, 9 Feb 2015 10:49:08 +0000 (11:49 +0100)]
vhost-scsi: Improve error reporting for invalid vhostfd

We get two error messages: one from monitor_handle_fd_param2(), and
another one from vhost_scsi_realize().  The second one gets suppressed
in QMP context.

That's because monitor_handle_fd_param() calls qerror_report_err().
Calling qerror_report_err() is always inappropriate in realize
methods, because it doesn't return the Error object.  It either
reports the error to stderr or the human monitor, or it stores it in
the QMP monitor, where it makes the QMP command fail even when the
realize method ignores the error and succeeds.  Fortunately,
vhost_scsi_realize() doesn't do that.

Fix by switching to monitor_handle_fd_param2().

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Acked-by: Paolo Bonzini <pbonzini@redhat.com>
9 years agoMerge remote-tracking branch 'remotes/rth/tags/pull-tcg-20150212' into staging
Peter Maydell [Fri, 13 Feb 2015 11:44:49 +0000 (11:44 +0000)]
Merge remote-tracking branch 'remotes/rth/tags/pull-tcg-20150212' into staging

Convert to linked list.

# gpg: Signature made Fri 13 Feb 2015 05:40:41 GMT using RSA key ID 4DD0279B
# gpg: Good signature from "Richard Henderson <rth7680@gmail.com>"
# gpg:                 aka "Richard Henderson <rth@redhat.com>"
# gpg:                 aka "Richard Henderson <rth@twiddle.net>"

* remotes/rth/tags/pull-tcg-20150212:
  tcg: Remove unused opcodes
  tcg: Implement insert_op_before
  tcg: Remove opcodes instead of noping them out
  tcg: Put opcodes in a linked list
  tcg: Introduce tcg_op_buf_count and tcg_op_buf_full
  tcg: Move emit of INDEX_op_end into gen_tb_end
  tcg: Reduce ifdefs in tcg-op.c
  tcg: Move some opcode generation functions out of line

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
9 years agoMerge remote-tracking branch 'remotes/pmaydell/tags/pull-target-arm-20150213' into...
Peter Maydell [Fri, 13 Feb 2015 11:19:22 +0000 (11:19 +0000)]
Merge remote-tracking branch 'remotes/pmaydell/tags/pull-target-arm-20150213' into staging

target-arm queue:
 * PCIe support in virt board
 * Support 32-bit guests on 64-bit KVM hosts in virt board
 * Fixes to avoid C undefined behaviour

# gpg: Signature made Fri 13 Feb 2015 05:53:07 GMT using RSA key ID 14360CDE
# gpg: Good signature from "Peter Maydell <peter.maydell@linaro.org>"

* remotes/pmaydell/tags/pull-target-arm-20150213:
  target-arm: A64: Avoid signed shifts in disas_ldst_pair()
  target-arm: A64: Avoid left shifting negative integers in disas_pc_rel_addr
  target-arm: A64: Fix handling of rotate in logic_imm_decode_wmask
  target-arm: A64: Fix shifts into sign bit
  target-arm: Add AArch32 guest support to KVM64
  target-arm: Add 32/64-bit register sync
  target-arm: Add feature parsing to virt
  target-arm: Add CPU property to disable AArch64
  pci: Move PCI VGA to pci.mak
  arm: Add PCIe host bridge in virt machine
  pci: Add generic PCIe host bridge
  pci: Allocate PCIe host bridge PCI ID

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
9 years agotarget-arm: A64: Avoid signed shifts in disas_ldst_pair()
Peter Maydell [Fri, 13 Feb 2015 05:46:09 +0000 (05:46 +0000)]
target-arm: A64: Avoid signed shifts in disas_ldst_pair()

Avoid shifting potentially negative signed offset values in
disas_ldst_pair() by keeping the offset in a uint64_t rather
than an int64_t.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Message-id: 1423233250-15853-5-git-send-email-peter.maydell@linaro.org

9 years agotarget-arm: A64: Avoid left shifting negative integers in disas_pc_rel_addr
Peter Maydell [Fri, 13 Feb 2015 05:46:09 +0000 (05:46 +0000)]
target-arm: A64: Avoid left shifting negative integers in disas_pc_rel_addr

Shifting a negative integer left is undefined behaviour in C.
Avoid it by assembling and shifting the offset fields as
unsigned values and then sign extending as the final action.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Message-id: 1423233250-15853-4-git-send-email-peter.maydell@linaro.org

9 years agotarget-arm: A64: Fix handling of rotate in logic_imm_decode_wmask
Peter Maydell [Fri, 13 Feb 2015 05:46:09 +0000 (05:46 +0000)]
target-arm: A64: Fix handling of rotate in logic_imm_decode_wmask

The code in logic_imm_decode_wmask attempts to rotate a mask
value within the bottom 'e' bits of the value with
    mask = (mask >> r) | (mask << (e - r));
This has two issues:
 * if the element size is 64 then a rotate by zero results
   in a shift left by 64, which is undefined behaviour
 * if the element size is smaller than 64 then this will
   leave junk in the value at bit 'e' and above, which is
   not valid input to bitfield_replicate(). As it happens,
   the bits at bit 'e' to '2e - r' are exactly the ones
   which bitfield_replicate is going to copy in there,
   so this isn't a "wrong code generated" bug, but it's
   confusing and if we ever put an assert in
   bitfield_replicate it would fire on valid guest code.

Fix the former by not doing anything if r is zero, and
the latter by masking with bitmask64(e).

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Message-id: 1423233250-15853-3-git-send-email-peter.maydell@linaro.org

9 years agotarget-arm: A64: Fix shifts into sign bit
Peter Maydell [Fri, 13 Feb 2015 05:46:08 +0000 (05:46 +0000)]
target-arm: A64: Fix shifts into sign bit

Fix attempts to shift into the sign bit of an int, which is undefined
behaviour in C and warned about by the clang sanitizer.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Message-id: 1423233250-15853-2-git-send-email-peter.maydell@linaro.org

9 years agotarget-arm: Add AArch32 guest support to KVM64
Greg Bellows [Fri, 13 Feb 2015 05:46:08 +0000 (05:46 +0000)]
target-arm: Add AArch32 guest support to KVM64

Add 32-bit to/from 64-bit register synchronization on register gets and puts.
Set EL1_32BIT feature flag passed to KVM

Signed-off-by: Greg Bellows <greg.bellows@linaro.org>
Message-id: 1423736974-14254-5-git-send-email-greg.bellows@linaro.org
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
9 years agotarget-arm: Add 32/64-bit register sync
Greg Bellows [Fri, 13 Feb 2015 05:46:08 +0000 (05:46 +0000)]
target-arm: Add 32/64-bit register sync

Add AArch32 to AArch64 register sychronization functions.
Replace manual register synchronization with new functions in
aarch64_cpu_do_interrupt() and HELPER(exception_return)().

Signed-off-by: Greg Bellows <greg.bellows@linaro.org>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Message-id: 1423736974-14254-4-git-send-email-greg.bellows@linaro.org
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
9 years agotarget-arm: Add feature parsing to virt
Greg Bellows [Fri, 13 Feb 2015 05:46:08 +0000 (05:46 +0000)]
target-arm: Add feature parsing to virt

Added machvirt parsing of feature keywords added to the -cpu command line
option.  Parsing occurs during machine initialization.

Signed-off-by: Greg Bellows <greg.bellows@linaro.org>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Message-id: 1423736974-14254-3-git-send-email-greg.bellows@linaro.org
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
9 years agotarget-arm: Add CPU property to disable AArch64
Greg Bellows [Fri, 13 Feb 2015 05:46:08 +0000 (05:46 +0000)]
target-arm: Add CPU property to disable AArch64

Adds registration and get/set functions for enabling/disabling the AArch64
execution state on AArch64 CPUs.  By default AArch64 execution state is enabled
on AArch64 CPUs, setting the property to off, will disable the execution state.
The below QEMU invocation would have AArch64 execution state disabled.

    $ ./qemu-system-aarch64 -machine virt -cpu cortex-a57,aarch64=off

Also adds stripping of features from CPU model string in acquiring the ARM CPU
by name.

Signed-off-by: Greg Bellows <greg.bellows@linaro.org>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Message-id: 1423736974-14254-2-git-send-email-greg.bellows@linaro.org
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
9 years agopci: Move PCI VGA to pci.mak
Alexander Graf [Fri, 13 Feb 2015 05:46:08 +0000 (05:46 +0000)]
pci: Move PCI VGA to pci.mak

Every platform that supports PCI can also spawn the Bochs VGA PCI adapter. Move
it to pci.mak to enable it for everyone.

Signed-off-by: Alexander Graf <agraf@suse.de>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
9 years agoarm: Add PCIe host bridge in virt machine
Alexander Graf [Fri, 13 Feb 2015 05:46:08 +0000 (05:46 +0000)]
arm: Add PCIe host bridge in virt machine

Now that we have a working "generic" PCIe host bridge driver, we can plug
it into ARM's virt machine to always have PCIe available to normal ARM VMs.

I've successfully managed to expose a Bochs VGA device, XHCI and an e1000
into an AArch64 VM with this and they all lived happily ever after.

Signed-off-by: Alexander Graf <agraf@suse.de>
Tested-by: Claudio Fontana <claudio.fontana@huawei.com>
[PMM: Squashed in fix for off-by-one error in bus-range DT property
 from Laszlo Ersek <lersek@redhat.com>]
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
9 years agopci: Add generic PCIe host bridge
Alexander Graf [Fri, 13 Feb 2015 05:46:07 +0000 (05:46 +0000)]
pci: Add generic PCIe host bridge

With simple exposure of MMFG, ioport window, mmio window and an IRQ line we
can successfully create a workable PCIe host bridge that can be mapped anywhere
and only needs to get described to the OS using whatever means it likes.

This patch implements such a "generic" host bridge. It handles 4 legacy IRQ
lines. MSIs need to be handled external to the host bridge.

This device is particularly useful for the "pci-host-ecam-generic" driver in
Linux.

Signed-off-by: Alexander Graf <agraf@suse.de>
Reviewed-by: Claudio Fontana <claudio.fontana@huawei.com>
Tested-by: Claudio Fontana <claudio.fontana@huawei.com>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
9 years agopci: Allocate PCIe host bridge PCI ID
Alexander Graf [Fri, 13 Feb 2015 05:46:07 +0000 (05:46 +0000)]
pci: Allocate PCIe host bridge PCI ID

We are going to introduce a PCIe host controller that doesn't exist that
way in real hardware, but still needs to expose some PCIe root device which
has PCI IDs.

Allocate a PCI ID in the Red Hat space that we use for other devices of this
kind.

Signed-off-by: Alexander Graf <agraf@suse.de>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
9 years agotcg: Remove unused opcodes
Richard Henderson [Mon, 31 Mar 2014 03:40:35 +0000 (20:40 -0700)]
tcg: Remove unused opcodes

We no longer need INDEX_op_end to terminate the list, nor do we
need 5 forms of nop, since we just remove the TCGOp instead.

Reviewed-by: Bastian Koppelmann <kbastian@mail.uni-paderborn.de>
Signed-off-by: Richard Henderson <rth@twiddle.net>
9 years agotcg: Implement insert_op_before
Richard Henderson [Mon, 31 Mar 2014 00:14:02 +0000 (17:14 -0700)]
tcg: Implement insert_op_before

Rather reserving space in the op stream for optimization,
let the optimizer add ops as necessary.

Reviewed-by: Bastian Koppelmann <kbastian@mail.uni-paderborn.de>
Signed-off-by: Richard Henderson <rth@twiddle.net>
9 years agotcg: Remove opcodes instead of noping them out
Richard Henderson [Sun, 30 Mar 2014 23:51:54 +0000 (16:51 -0700)]
tcg: Remove opcodes instead of noping them out

With the linked list scheme we need not leave nops in the stream
that we need to process later.

Reviewed-by: Bastian Koppelmann <kbastian@mail.uni-paderborn.de>
Signed-off-by: Richard Henderson <rth@twiddle.net>
9 years agotcg: Put opcodes in a linked list
Richard Henderson [Fri, 19 Sep 2014 20:49:15 +0000 (13:49 -0700)]
tcg: Put opcodes in a linked list

The previous setup required ops and args to be completely sequential,
and was error prone when it came to both iteration and optimization.

Reviewed-by: Bastian Koppelmann <kbastian@mail.uni-paderborn.de>
Signed-off-by: Richard Henderson <rth@twiddle.net>
9 years agotcg: Introduce tcg_op_buf_count and tcg_op_buf_full
Richard Henderson [Sun, 30 Mar 2014 22:36:56 +0000 (15:36 -0700)]
tcg: Introduce tcg_op_buf_count and tcg_op_buf_full

The method by which we count the number of ops emitted
is going to change.  Abstract that away into some inlines.

Reviewed-by: Bastian Koppelmann <kbastian@mail.uni-paderborn.de>
Signed-off-by: Richard Henderson <rth@twiddle.net>
9 years agotcg: Move emit of INDEX_op_end into gen_tb_end
Richard Henderson [Sun, 30 Mar 2014 21:50:30 +0000 (14:50 -0700)]
tcg: Move emit of INDEX_op_end into gen_tb_end

Reviewed-by: Bastian Koppelmann <kbastian@mail.uni-paderborn.de>
Signed-off-by: Richard Henderson <rth@twiddle.net>
9 years agotcg: Reduce ifdefs in tcg-op.c
Richard Henderson [Fri, 19 Sep 2014 18:41:05 +0000 (11:41 -0700)]
tcg: Reduce ifdefs in tcg-op.c

Almost completely eliminates the ifdefs in this file, improving
confidence in the lesser used 32-bit builds.

Reviewed-by: Bastian Koppelmann <kbastian@mail.uni-paderborn.de>
Signed-off-by: Richard Henderson <rth@twiddle.net>
9 years agotcg: Move some opcode generation functions out of line
Richard Henderson [Fri, 19 Sep 2014 18:39:20 +0000 (11:39 -0700)]
tcg: Move some opcode generation functions out of line

Some of these functions are really quite large.  We have a number of
things that ought to be circularly dependent, but we duplicated code
to break that chain for the inlines.

This saved 25% of the code size of one of the translators I examined.

Reviewed-by: Bastian Koppelmann <kbastian@mail.uni-paderborn.de>
Signed-off-by: Richard Henderson <rth@twiddle.net>
9 years agoMerge remote-tracking branch 'remotes/awilliam/tags/vfio-update-20150210.0' into...
Peter Maydell [Wed, 11 Feb 2015 05:14:41 +0000 (05:14 +0000)]
Merge remote-tracking branch 'remotes/awilliam/tags/vfio-update-20150210.0' into staging

RCU fixes and cleanup (Paolo Bonzini)
Switch to v2 IOMMU interface (Alex Williamson)
DEBUG build fix (Alexey Kardashevskiy)

# gpg: Signature made Tue 10 Feb 2015 17:37:06 GMT using RSA key ID 3BB08B22
# gpg: Good signature from "Alex Williamson <alex.williamson@redhat.com>"
# gpg:                 aka "Alex Williamson <alex@shazbot.org>"
# gpg:                 aka "Alex Williamson <alwillia@redhat.com>"
# gpg:                 aka "Alex Williamson <alex.l.williamson@gmail.com>"

* remotes/awilliam/tags/vfio-update-20150210.0:
  vfio: Fix debug message compile error
  vfio: Use vfio type1 v2 IOMMU interface
  vfio: unmap and free BAR data in instance_finalize
  vfio: free dynamically-allocated data in instance_finalize
  vfio: cleanup vfio_get_device error path, remove vfio_populate_device callback
  memory: unregister AddressSpace MemoryListener within BQL

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
9 years agovfio: Fix debug message compile error
Alexey Kardashevskiy [Tue, 10 Feb 2015 17:25:44 +0000 (10:25 -0700)]
vfio: Fix debug message compile error

This fixes a compiler error which occurs if DEBUG_VFIO is defined.

Signed-off-by: Alexey Kardashevskiy <aik@ozlabs.ru>
Signed-off-by: Alex Williamson <alex.williamson@redhat.com>
9 years agovfio: Use vfio type1 v2 IOMMU interface
Alex Williamson [Tue, 10 Feb 2015 17:25:44 +0000 (10:25 -0700)]
vfio: Use vfio type1 v2 IOMMU interface

The difference between v1 and v2 is fairly subtle, simply more
deterministic behavior for unmaps.  The v1 interface allows the user
to attempt to unmap sub-regions of previous mappings, returning
success with zero size if unable to comply.  This was a reflection of
the underlying IOMMU API.  The v2 interface requires that the user
may only unmap fully contained mappings, ie. an unmap cannot intersect
or bisect a previous mapping, but may cover multiple mappings.  QEMU
never made use of the sub-region v1 support anyway, so we can support
either v1 or v2.  We'll favor v2 since it's newer.

Signed-off-by: Alex Williamson <alex.williamson@redhat.com>
9 years agovfio: unmap and free BAR data in instance_finalize
Paolo Bonzini [Tue, 10 Feb 2015 17:25:44 +0000 (10:25 -0700)]
vfio: unmap and free BAR data in instance_finalize

In the case of VFIO, the unrealize callback is too early to munmap the
BARs.  The munmap must be delayed until memory accesses are complete.
To do this, split vfio_unmap_bars in two.  The removal step, now called
vfio_unregister_bars, remains in vfio_exitfn.  The reclamation step
is vfio_unmap_bars and is moved to the instance_finalize callback.

Similarly, quirk MemoryRegions have to be removed during
vfio_unregister_bars, but freeing the data structure must be delayed
to vfio_unmap_bars.

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Alex Williamson <alex.williamson@redhat.com>
9 years agovfio: free dynamically-allocated data in instance_finalize
Paolo Bonzini [Tue, 10 Feb 2015 17:25:44 +0000 (10:25 -0700)]
vfio: free dynamically-allocated data in instance_finalize

In order to enable out-of-BQL address space lookup, destruction of
devices needs to be split in two phases.

Unrealize is the first phase; once it complete no new accesses will
be started, but there may still be pending memory accesses can still
be completed.

The second part is freeing the device, which only happens once all memory
accesses are complete.  At this point the reference count has dropped to
zero, an RCU grace period must have completed (because the RCU-protected
FlatViews hold a reference to the device via memory_region_ref).  This is
when instance_finalize is called.

Freeing data belongs in an instance_finalize callback, because the
dynamically allocated memory can still be used after unrealize by the
pending memory accesses.

This starts the process by creating an instance_finalize callback and
freeing most of the dynamically-allocated data in instance_finalize.
Because instance_finalize is also called on error paths or also when
the device is actually not realized, the common code needs some changes
to be ready for this.  The error path in vfio_initfn can be simplified too.

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Alex Williamson <alex.williamson@redhat.com>
9 years agovfio: cleanup vfio_get_device error path, remove vfio_populate_device callback
Paolo Bonzini [Tue, 10 Feb 2015 17:25:44 +0000 (10:25 -0700)]
vfio: cleanup vfio_get_device error path, remove vfio_populate_device callback

Now that vfio_put_base_device is called unconditionally at instance_finalize
time, it can be called twice if vfio_populate_device fails.  This works
but it is slightly harder to follow.

Change vfio_get_device to not touch the vbasedev struct until it will
definitely succeed, moving the vfio_populate_device call back to vfio-pci.
This way, vfio_put_base_device will only be called once.

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Alex Williamson <alex.williamson@redhat.com>
9 years agomemory: unregister AddressSpace MemoryListener within BQL
Paolo Bonzini [Tue, 10 Feb 2015 17:25:44 +0000 (10:25 -0700)]
memory: unregister AddressSpace MemoryListener within BQL

address_space_destroy_dispatch is called from an RCU callback and hence
outside the iothread mutex (BQL).  However, after address_space_destroy
no new accesses can hit the destroyed AddressSpace so it is not necessary
to observe changes to the memory map.  Move the memory_listener_unregister
call earlier, to make it thread-safe again.

Reported-by: Alex Williamson <alex.williamson@redhat.com>
Fixes: 374f2981d1f10bc4307f250f24b2a7ddb9b14be0
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Alex Williamson <alex.williamson@redhat.com>
9 years agoMerge remote-tracking branch 'remotes/mjt/tags/pull-trivial-patches-2015-02-10' into...
Peter Maydell [Tue, 10 Feb 2015 09:51:46 +0000 (09:51 +0000)]
Merge remote-tracking branch 'remotes/mjt/tags/pull-trivial-patches-2015-02-10' into staging

trivial patches for 2015-02-10

# gpg: Signature made Tue 10 Feb 2015 07:27:11 GMT using RSA key ID A4C3D7DB
# gpg: Good signature from "Michael Tokarev <mjt@tls.msk.ru>"
# gpg:                 aka "Michael Tokarev <mjt@corpit.ru>"
# gpg:                 aka "Michael Tokarev <mjt@debian.org>"

* remotes/mjt/tags/pull-trivial-patches-2015-02-10: (45 commits)
  virtio: Fix warning caused by missing 'static' attribute
  vga: Fix warning caused by missing 'static' attribute
  stubs: Fix warning caused by missing include statement
  spice: Add missing 'static' attribute
  serial: Fix warnings caused by missing 'static' attribute
  moxie: Fix warning caused by missing include statement
  migration: Fix warnings caused by missing 'static' attribute
  migration: Fix warning caused by missing declaration of vmstate_dummy
  disas/sh4: Fix warning caused by missing 'static' attribute
  translate-all: Use g_try_malloc() for dynamic translator buffer
  vnc: g_realloc() can't fail, bury dead error handling
  rdma: g_malloc0() can't fail, bury dead error handling
  kvm: g_malloc() can't fail, bury dead error handling
  rtl8139: g_malloc() can't fail, bury dead error handling
  onenand: g_malloc() can't fail, bury dead error handling
  Fix name error in migration stream analyzation script
  QJSON: fix typo in author's email address
  util/uri: URI member path can be null, compare more carfully
  util/uri: realloc2n() can't fail, drop dead error handling
  util/uri: uri_new() can't fail, drop dead error handling
  ...

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
9 years agovirtio: Fix warning caused by missing 'static' attribute
Stefan Weil [Fri, 6 Feb 2015 21:43:17 +0000 (22:43 +0100)]
virtio: Fix warning caused by missing 'static' attribute

Warning from the Sparse static analysis tool:

hw/char/virtio-serial-bus.c:31:3:
 warning: symbol 'vserdevices' was not declared. Should it be static?

Cc: Amit Shah <amit.shah@redhat.com>
Cc: Anthony Liguori <aliguori@amazon.com>
Cc: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Stefan Weil <sw@weilnetz.de>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
9 years agovga: Fix warning caused by missing 'static' attribute
Stefan Weil [Fri, 6 Feb 2015 21:43:16 +0000 (22:43 +0100)]
vga: Fix warning caused by missing 'static' attribute

Warning from the Sparse static analysis tool:

hw/display/vga.c:2012:26: warning:
 symbol 'vmstate_vga_endian' was not declared. Should it be static?

Signed-off-by: Stefan Weil <sw@weilnetz.de>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
9 years agostubs: Fix warning caused by missing include statement
Stefan Weil [Fri, 6 Feb 2015 21:43:15 +0000 (22:43 +0100)]
stubs: Fix warning caused by missing include statement

Warning from the Sparse static analysis tool:

stubs/qtest.c:14:6:
 warning: symbol 'qtest_allowed' was not declared. Should it be static?

Add the missing include statement which declares qtest_allowed.

Signed-off-by: Stefan Weil <sw@weilnetz.de>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
9 years agospice: Add missing 'static' attribute
Stefan Weil [Fri, 6 Feb 2015 21:43:14 +0000 (22:43 +0100)]
spice: Add missing 'static' attribute

Signed-off-by: Stefan Weil <sw@weilnetz.de>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
9 years agoserial: Fix warnings caused by missing 'static' attribute
Stefan Weil [Fri, 6 Feb 2015 21:43:13 +0000 (22:43 +0100)]
serial: Fix warnings caused by missing 'static' attribute

Warnings from the Sparse static analysis tool:

hw/char/serial.c:630:26: warning: symbol
 'vmstate_serial_thr_ipending' was not declared. Should it be static?
hw/char/serial.c:646:26: warning: symbol
 'vmstate_serial_tsr' was not declared. Should it be static?
hw/char/serial.c:665:26: warning: symbol
 'vmstate_serial_recv_fifo' was not declared. Should it be static?
hw/char/serial.c:681:26: warning: symbol
 'vmstate_serial_xmit_fifo' was not declared. Should it be static?
hw/char/serial.c:697:26: warning: symbol
 'vmstate_serial_fifo_timeout_timer' was not declared. Should it be static?
hw/char/serial.c:713:26: warning: symbol
 'vmstate_serial_timeout_ipending' was not declared. Should it be static?
hw/char/serial.c:729:26: warning: symbol
 'vmstate_serial_poll' was not declared. Should it be static?

Signed-off-by: Stefan Weil <sw@weilnetz.de>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
9 years agomoxie: Fix warning caused by missing include statement
Stefan Weil [Fri, 6 Feb 2015 21:43:12 +0000 (22:43 +0100)]
moxie: Fix warning caused by missing include statement

Warning from the Sparse static analysis tool:

target-moxie/machine.c:4:26:
 warning: symbol 'vmstate_moxie_cpu' was not declared. Should it be static?

machine.h includes the missing declaration.

Cc: Anthony Green <green@moxielogic.com>
Signed-off-by: Stefan Weil <sw@weilnetz.de>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
9 years agomigration: Fix warnings caused by missing 'static' attribute
Stefan Weil [Fri, 6 Feb 2015 21:43:11 +0000 (22:43 +0100)]
migration: Fix warnings caused by missing 'static' attribute

Warnings from the Sparse static analysis tool:

migration-rdma.c:151:12: warning:
 symbol 'wrid_desc' was not declared. Should it be static?
migration-rdma.c:190:12: warning:
 symbol 'control_desc' was not declared. Should it be static?
migration-rdma.c:3301:19: warning:
 symbol 'rdma_read_ops' was not declared. Should it be static?
migration-rdma.c:3308:19: warning:
 symbol 'rdma_write_ops' was not declared. Should it be static?

Cc: Juan Quintela <quintela@redhat.com>
Cc: Amit Shah <amit.shah@redhat.com>
Signed-off-by: Stefan Weil <sw@weilnetz.de>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
9 years agomigration: Fix warning caused by missing declaration of vmstate_dummy
Stefan Weil [Fri, 6 Feb 2015 21:43:10 +0000 (22:43 +0100)]
migration: Fix warning caused by missing declaration of vmstate_dummy

Warning from the Sparse static analysis tool:

stubs/vmstate.c:4:26: warning:
 symbol 'vmstate_dummy' was not declared. Should it be static?

Cc: Juan Quintela <quintela@redhat.com>
Cc: Amit Shah <amit.shah@redhat.com>
Signed-off-by: Stefan Weil <sw@weilnetz.de>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
9 years agodisas/sh4: Fix warning caused by missing 'static' attribute
Stefan Weil [Fri, 6 Feb 2015 21:43:09 +0000 (22:43 +0100)]
disas/sh4: Fix warning caused by missing 'static' attribute

Warning from the Sparse static analysis tool:

disas/sh4.c:335:22: warning:
 symbol 'sh_table' was not declared. Should it be static?

Signed-off-by: Stefan Weil <sw@weilnetz.de>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
9 years agotranslate-all: Use g_try_malloc() for dynamic translator buffer
Markus Armbruster [Wed, 4 Feb 2015 10:26:07 +0000 (11:26 +0100)]
translate-all: Use g_try_malloc() for dynamic translator buffer

The USE_MMAP code can fail, and the caller handles the failure
already.  Let the !USE_MMAP code fail as well, for consistency.

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Reviewed-by: Gonglei <arei.gonglei@huawei.com>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
9 years agovnc: g_realloc() can't fail, bury dead error handling
Markus Armbruster [Wed, 4 Feb 2015 10:26:06 +0000 (11:26 +0100)]
vnc: g_realloc() can't fail, bury dead error handling

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Reviewed-by: Gonglei <arei.gonglei@huawei.com>
Reviewed-by: Thomas Huth <thuth@linux.vnet.ibm.com>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
9 years agordma: g_malloc0() can't fail, bury dead error handling
Markus Armbruster [Wed, 4 Feb 2015 10:26:05 +0000 (11:26 +0100)]
rdma: g_malloc0() can't fail, bury dead error handling

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Reviewed-by: Gonglei <arei.gonglei@huawei.com>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
9 years agokvm: g_malloc() can't fail, bury dead error handling
Markus Armbruster [Wed, 4 Feb 2015 10:26:04 +0000 (11:26 +0100)]
kvm: g_malloc() can't fail, bury dead error handling

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Reviewed-by: Gonglei <arei.gonglei@huawei.com>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
9 years agortl8139: g_malloc() can't fail, bury dead error handling
Markus Armbruster [Wed, 4 Feb 2015 10:26:03 +0000 (11:26 +0100)]
rtl8139: g_malloc() can't fail, bury dead error handling

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Reviewed-by: Gonglei <arei.gonglei@huawei.com>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
9 years agoonenand: g_malloc() can't fail, bury dead error handling
Markus Armbruster [Wed, 4 Feb 2015 10:26:02 +0000 (11:26 +0100)]
onenand: g_malloc() can't fail, bury dead error handling

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Reviewed-by: Gonglei <arei.gonglei@huawei.com>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
9 years agoFix name error in migration stream analyzation script
Greg Kurz [Sat, 7 Feb 2015 10:25:14 +0000 (11:25 +0100)]
Fix name error in migration stream analyzation script

It fixes the following error:

Traceback (most recent call last):
  File "./scripts/analyze-migration.py", line 584, in <module>
    dump.read(dump_memory = args.memory)
  File "./scripts/analyze-migration.py", line 528, in read
    self.sections[section_id].read()
  File "./scripts/analyze-migration.py", line 250, in read
    self.file.readvar(n_valid * HASH_PTE_SIZE_64)
NameError: global name 'HASH_PTE_SIZE_64' is not defined

Signed-off-by: Greg Kurz <gkurz@linux.vnet.ibm.com>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
9 years agoQJSON: fix typo in author's email address
Greg Kurz [Sat, 7 Feb 2015 10:25:50 +0000 (11:25 +0100)]
QJSON: fix typo in author's email address

Signed-off-by: Greg Kurz <gkurz@linux.vnet.ibm.com>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
9 years agoutil/uri: URI member path can be null, compare more carfully
Markus Armbruster [Tue, 27 Jan 2015 16:13:52 +0000 (17:13 +0100)]
util/uri: URI member path can be null, compare more carfully

uri_resolve_relative() calls strcmp(bas->path, ref->path).  However,
either argument could be null!  Evidence: the code checks for null
after the comparison.  Spotted by Coverity.

I suspect this was screwed up when we stole the code from libxml2.
There the conditional reads

    xmlStrEqual((xmlChar *)bas->path, (xmlChar *)ref->path)

with

    int
    xmlStrEqual(const xmlChar *str1, const xmlChar *str2) {
if (str1 == str2) return(1);
if (str1 == NULL) return(0);
if (str2 == NULL) return(0);
do {
    if (*str1++ != *str2) return(0);
} while (*str2++);
return(1);
    }

Fix by replicating libxml2's logic faithfully.

Cc: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
9 years agoutil/uri: realloc2n() can't fail, drop dead error handling
Markus Armbruster [Tue, 27 Jan 2015 16:13:51 +0000 (17:13 +0100)]
util/uri: realloc2n() can't fail, drop dead error handling

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
9 years agoutil/uri: uri_new() can't fail, drop dead error handling
Markus Armbruster [Tue, 27 Jan 2015 16:13:50 +0000 (17:13 +0100)]
util/uri: uri_new() can't fail, drop dead error handling

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
9 years agousb: Pair g_malloc() with g_free(), not free()
Markus Armbruster [Wed, 28 Jan 2015 14:54:04 +0000 (15:54 +0100)]
usb: Pair g_malloc() with g_free(), not free()

Spotted by Coverity with preview checker ALLOC_FREE_MISMATCH enabled
and my "coverity: Model g_free() isn't necessarily free()" model patch
applied.

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
9 years agospapr_vio: Pair g_malloc() with g_free(), not free()
Markus Armbruster [Wed, 28 Jan 2015 14:54:03 +0000 (15:54 +0100)]
spapr_vio: Pair g_malloc() with g_free(), not free()

Spotted by Coverity with preview checker ALLOC_FREE_MISMATCH enabled
and my "coverity: Model g_free() isn't necessarily free()" model patch
applied.

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Gonglei <arei.gonglei@huawei.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
9 years agoqemu-option: Pair g_malloc() with g_free(), not free()
Markus Armbruster [Wed, 28 Jan 2015 14:54:02 +0000 (15:54 +0100)]
qemu-option: Pair g_malloc() with g_free(), not free()

Spotted by Coverity with preview checker ALLOC_FREE_MISMATCH enabled
and my "coverity: Model g_free() isn't necessarily free()" model patch
applied.

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Gonglei <arei.gonglei@huawei.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
9 years agoqemu-option: Replace pointless use of g_malloc0() by g_malloc()
Markus Armbruster [Wed, 28 Jan 2015 14:54:01 +0000 (15:54 +0100)]
qemu-option: Replace pointless use of g_malloc0() by g_malloc()

get_opt_value() takes a write-only buffer, so zeroing it is pointless.
We don't do it elsewhere, either.

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Gonglei <arei.gonglei@huawei.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
9 years agolibcacard: stop linking against every single 3rd party library
Daniel P. Berrange [Tue, 3 Feb 2015 11:31:30 +0000 (11:31 +0000)]
libcacard: stop linking against every single 3rd party library

Building QEMU results in a libcacard.so that links against
practically the entire world

linux-vdso.so.1 =>  (0x00007fff71e99000)
libssl3.so => /usr/lib64/libssl3.so (0x00007f49f94b6000)
libsmime3.so => /usr/lib64/libsmime3.so (0x00007f49f928e000)
libnss3.so => /usr/lib64/libnss3.so (0x00007f49f8f67000)
libnssutil3.so => /usr/lib64/libnssutil3.so (0x00007f49f8d3b000)
libplds4.so => /usr/lib64/libplds4.so (0x00007f49f8b36000)
libplc4.so => /usr/lib64/libplc4.so (0x00007f49f8931000)
libnspr4.so => /usr/lib64/libnspr4.so (0x00007f49f86f2000)
libdl.so.2 => /usr/lib64/libdl.so.2 (0x00007f49f84ed000)
libm.so.6 => /usr/lib64/libm.so.6 (0x00007f49f81e5000)
libgthread-2.0.so.0 => /usr/lib64/libgthread-2.0.so.0 (0x00007f49f7fe3000)
librt.so.1 => /usr/lib64/librt.so.1 (0x00007f49f7dda000)
libz.so.1 => /usr/lib64/libz.so.1 (0x00007f49f7bc4000)
libcap-ng.so.0 => /usr/lib64/libcap-ng.so.0 (0x00007f49f79be000)
libuuid.so.1 => /usr/lib64/libuuid.so.1 (0x00007f49f77b8000)
libgnutls.so.28 => /usr/lib64/libgnutls.so.28 (0x00007f49f749a000)
libSDL-1.2.so.0 => /usr/lib64/libSDL-1.2.so.0 (0x00007f49f71fd000)
libpthread.so.0 => /usr/lib64/libpthread.so.0 (0x00007f49f6fe0000)
libvte.so.9 => /usr/lib64/libvte.so.9 (0x00007f49f6d3f000)
libXext.so.6 => /usr/lib64/libXext.so.6 (0x00007f49f6b2d000)
libgtk-x11-2.0.so.0 => /usr/lib64/libgtk-x11-2.0.so.0 (0x00007f49f64a0000)
libgdk-x11-2.0.so.0 => /usr/lib64/libgdk-x11-2.0.so.0 (0x00007f49f61de000)
libpangocairo-1.0.so.0 => /usr/lib64/libpangocairo-1.0.so.0 (0x00007f49f5fd1000)
libatk-1.0.so.0 => /usr/lib64/libatk-1.0.so.0 (0x00007f49f5daa000)
libcairo.so.2 => /usr/lib64/libcairo.so.2 (0x00007f49f5a9d000)
libgdk_pixbuf-2.0.so.0 => /usr/lib64/libgdk_pixbuf-2.0.so.0 (0x00007f49f5878000)
libgio-2.0.so.0 => /usr/lib64/libgio-2.0.so.0 (0x00007f49f5500000)
libpangoft2-1.0.so.0 => /usr/lib64/libpangoft2-1.0.so.0 (0x00007f49f52eb000)
libpango-1.0.so.0 => /usr/lib64/libpango-1.0.so.0 (0x00007f49f50a0000)
libgobject-2.0.so.0 => /usr/lib64/libgobject-2.0.so.0 (0x00007f49f4e4e000)
libglib-2.0.so.0 => /usr/lib64/libglib-2.0.so.0 (0x00007f49f4b15000)
libfontconfig.so.1 => /usr/lib64/libfontconfig.so.1 (0x00007f49f48d6000)
libfreetype.so.6 => /usr/lib64/libfreetype.so.6 (0x00007f49f462b000)
libX11.so.6 => /usr/lib64/libX11.so.6 (0x00007f49f42e8000)
libxenstore.so.3.0 => /usr/lib64/libxenstore.so.3.0 (0x00007f49f40de000)
libxenctrl.so.4.4 => /usr/lib64/libxenctrl.so.4.4 (0x00007f49f3eb6000)
libxenguest.so.4.4 => /usr/lib64/libxenguest.so.4.4 (0x00007f49f3c8b000)
libseccomp.so.2 => /usr/lib64/libseccomp.so.2 (0x00007f49f3a74000)
librdmacm.so.1 => /usr/lib64/librdmacm.so.1 (0x00007f49f385d000)
libibverbs.so.1 => /usr/lib64/libibverbs.so.1 (0x00007f49f364a000)
libutil.so.1 => /usr/lib64/libutil.so.1 (0x00007f49f3447000)
libc.so.6 => /usr/lib64/libc.so.6 (0x00007f49f3089000)
/lib64/ld-linux-x86-64.so.2 (0x00007f49f9902000)
libp11-kit.so.0 => /usr/lib64/libp11-kit.so.0 (0x00007f49f2e23000)
libtspi.so.1 => /usr/lib64/libtspi.so.1 (0x00007f49f2bb2000)
libtasn1.so.6 => /usr/lib64/libtasn1.so.6 (0x00007f49f299f000)
libnettle.so.4 => /usr/lib64/libnettle.so.4 (0x00007f49f276d000)
libhogweed.so.2 => /usr/lib64/libhogweed.so.2 (0x00007f49f2545000)
libgmp.so.10 => /usr/lib64/libgmp.so.10 (0x00007f49f22cd000)
libncurses.so.5 => /usr/lib64/libncurses.so.5 (0x00007f49f20a5000)
libtinfo.so.5 => /usr/lib64/libtinfo.so.5 (0x00007f49f1e7a000)
libgmodule-2.0.so.0 => /usr/lib64/libgmodule-2.0.so.0 (0x00007f49f1c76000)
libXfixes.so.3 => /usr/lib64/libXfixes.so.3 (0x00007f49f1a6f000)
libXrender.so.1 => /usr/lib64/libXrender.so.1 (0x00007f49f1865000)
libXinerama.so.1 => /usr/lib64/libXinerama.so.1 (0x00007f49f1662000)
libXi.so.6 => /usr/lib64/libXi.so.6 (0x00007f49f1452000)
libXrandr.so.2 => /usr/lib64/libXrandr.so.2 (0x00007f49f1247000)
libXcursor.so.1 => /usr/lib64/libXcursor.so.1 (0x00007f49f103c000)
libXcomposite.so.1 => /usr/lib64/libXcomposite.so.1 (0x00007f49f0e39000)
libXdamage.so.1 => /usr/lib64/libXdamage.so.1 (0x00007f49f0c35000)
libharfbuzz.so.0 => /usr/lib64/libharfbuzz.so.0 (0x00007f49f09dd000)
libpixman-1.so.0 => /usr/lib64/libpixman-1.so.0 (0x00007f49f072f000)
libEGL.so.1 => /usr/lib64/libEGL.so.1 (0x00007f49f0505000)
libpng16.so.16 => /usr/lib64/libpng16.so.16 (0x00007f49f02d2000)
libxcb-shm.so.0 => /usr/lib64/libxcb-shm.so.0 (0x00007f49f00cd000)
libxcb-render.so.0 => /usr/lib64/libxcb-render.so.0 (0x00007f49efec3000)
libxcb.so.1 => /usr/lib64/libxcb.so.1 (0x00007f49efca1000)
libGL.so.1 => /usr/lib64/libGL.so.1 (0x00007f49efa06000)
libffi.so.6 => /usr/lib64/libffi.so.6 (0x00007f49ef7fe000)
libselinux.so.1 => /usr/lib64/libselinux.so.1 (0x00007f49ef5d8000)
libresolv.so.2 => /usr/lib64/libresolv.so.2 (0x00007f49ef3be000)
libexpat.so.1 => /usr/lib64/libexpat.so.1 (0x00007f49ef193000)
libbz2.so.1 => /usr/lib64/libbz2.so.1 (0x00007f49eef83000)
libgcc_s.so.1 => /usr/lib64/libgcc_s.so.1 (0x00007f49eed6c000)
liblzma.so.5 => /usr/lib64/liblzma.so.5 (0x00007f49eeb46000)
libnl-route-3.so.200 => /usr/lib64/libnl-route-3.so.200 (0x00007f49ee8e2000)
libnl-3.so.200 => /usr/lib64/libnl-3.so.200 (0x00007f49ee6c4000)
libcrypto.so.10 => /usr/lib64/libcrypto.so.10 (0x00007f49ee2d6000)
libssl.so.10 => /usr/lib64/libssl.so.10 (0x00007f49ee067000)
libgraphite2.so.3 => /usr/lib64/libgraphite2.so.3 (0x00007f49ede48000)
libX11-xcb.so.1 => /usr/lib64/libX11-xcb.so.1 (0x00007f49edc46000)
libxcb-dri2.so.0 => /usr/lib64/libxcb-dri2.so.0 (0x00007f49eda41000)
libxcb-xfixes.so.0 => /usr/lib64/libxcb-xfixes.so.0 (0x00007f49ed838000)
libxcb-shape.so.0 => /usr/lib64/libxcb-shape.so.0 (0x00007f49ed634000)
libgbm.so.1 => /usr/lib64/libgbm.so.1 (0x00007f49ed426000)
libwayland-client.so.0 => /usr/lib64/libwayland-client.so.0 (0x00007f49ed217000)
libwayland-server.so.0 => /usr/lib64/libwayland-server.so.0 (0x00007f49ed005000)
libglapi.so.0 => /usr/lib64/libglapi.so.0 (0x00007f49ecddb000)
libdrm.so.2 => /usr/lib64/libdrm.so.2 (0x00007f49ecbce000)
libXau.so.6 => /usr/lib64/libXau.so.6 (0x00007f49ec9ca000)
libxcb-glx.so.0 => /usr/lib64/libxcb-glx.so.0 (0x00007f49ec7b0000)
libxcb-dri3.so.0 => /usr/lib64/libxcb-dri3.so.0 (0x00007f49ec5ad000)
libxcb-present.so.0 => /usr/lib64/libxcb-present.so.0 (0x00007f49ec3aa000)
libxcb-randr.so.0 => /usr/lib64/libxcb-randr.so.0 (0x00007f49ec19b000)
libxcb-sync.so.1 => /usr/lib64/libxcb-sync.so.1 (0x00007f49ebf94000)
libxshmfence.so.1 => /usr/lib64/libxshmfence.so.1 (0x00007f49ebd91000)
libXxf86vm.so.1 => /usr/lib64/libXxf86vm.so.1 (0x00007f49ebb8a000)
libpcre.so.1 => /usr/lib64/libpcre.so.1 (0x00007f49eb91d000)
libgssapi_krb5.so.2 => /usr/lib64/libgssapi_krb5.so.2 (0x00007f49eb6cf000)
libkrb5.so.3 => /usr/lib64/libkrb5.so.3 (0x00007f49eb3ec000)
libcom_err.so.2 => /usr/lib64/libcom_err.so.2 (0x00007f49eb1e8000)
libk5crypto.so.3 => /usr/lib64/libk5crypto.so.3 (0x00007f49eafb4000)
libkrb5support.so.0 => /usr/lib64/libkrb5support.so.0 (0x00007f49eada5000)
libkeyutils.so.1 => /usr/lib64/libkeyutils.so.1 (0x00007f49eaba0000)

All libcacard actually needs are the NSS libs. Linking against the entire
world is a regression caused by

  commit 9d171bd9375e4d08feff9adda15163e0811f5f42
  Author: Michael Tokarev <mjt@tls.msk.ru>
  Date:   Thu May 8 16:48:27 2014 +0400

    libcacard: remove libcacard-specific CFLAGS and LIBS from global vars

Which removed the setting of the LIBS variable in libcacard/Makefile.

Adding it back as an empty assignment brings the linked libs back to a more
reasonable set

linux-vdso.so.1 =>  (0x00007fff575c1000)
libssl3.so => /usr/lib64/libssl3.so (0x00007f7f753b1000)
libsmime3.so => /usr/lib64/libsmime3.so (0x00007f7f75189000)
libnss3.so => /usr/lib64/libnss3.so (0x00007f7f74e62000)
libnssutil3.so => /usr/lib64/libnssutil3.so (0x00007f7f74c36000)
libplds4.so => /usr/lib64/libplds4.so (0x00007f7f74a31000)
libplc4.so => /usr/lib64/libplc4.so (0x00007f7f7482c000)
libnspr4.so => /usr/lib64/libnspr4.so (0x00007f7f745ed000)
libpthread.so.0 => /usr/lib64/libpthread.so.0 (0x00007f7f743d0000)
libdl.so.2 => /usr/lib64/libdl.so.2 (0x00007f7f741cc000)
libgthread-2.0.so.0 => /usr/lib64/libgthread-2.0.so.0 (0x00007f7f73fca000)
libglib-2.0.so.0 => /usr/lib64/libglib-2.0.so.0 (0x00007f7f73c90000)
libc.so.6 => /usr/lib64/libc.so.6 (0x00007f7f738d3000)
libz.so.1 => /usr/lib64/libz.so.1 (0x00007f7f736bd000)
librt.so.1 => /usr/lib64/librt.so.1 (0x00007f7f734b4000)
/lib64/ld-linux-x86-64.so.2 (0x00007f7f757fd000)

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
Cc: <qemu-stable@nongnu.org>
Reviewed-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
9 years agolinux-user: wrong TARGET_SI_PAD_SIZE value for some targets.
Maxim Ostapenko [Mon, 2 Feb 2015 14:18:29 +0000 (18:18 +0400)]
linux-user: wrong TARGET_SI_PAD_SIZE value for some targets.

Fix TARGET_SI_PAD_SIZE calculation to match the way the kernel does it.
Use different TARGET_SI_PREAMBLE_SIZE for 32-bit and 64-bit targets.

Signed-off-by: Maxim Ostapenko <m.ostapenko@partner.samsung.com>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
9 years agoqemu-sockets: Fix buffer overflow in inet_parse()
Kevin Wolf [Fri, 30 Jan 2015 19:37:55 +0000 (20:37 +0100)]
qemu-sockets: Fix buffer overflow in inet_parse()

The size of the stack allocated host[] array didn't account for the
terminating '\0' byte that sscanf() writes. Fix the array size.

Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Reviewed-by: John Snow <jsnow@redhat.com>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
9 years agovl.c: fix memory leak spotted by valgrind
Christian Borntraeger [Wed, 28 Jan 2015 15:07:17 +0000 (16:07 +0100)]
vl.c: fix memory leak spotted by valgrind

valgrind complains about:
==42062== 16 bytes in 1 blocks are definitely lost in loss record 387 of 1,048
==42062==    at 0x402DCB2: malloc (vg_replace_malloc.c:299)
==42062==    by 0x40C1BE3: g_malloc (in /usr/lib64/libglib-2.0.so.0.3800.2)
==42062==    by 0x40DA133: g_slice_alloc (in /usr/lib64/libglib-2.0.so.0.3800.2)
==42062==    by 0x40DB2E5: g_slist_prepend (in /usr/lib64/libglib-2.0.so.0.3800.2)
==42062==    by 0x801637FF: object_class_get_list_tramp (object.c:690)
==42062==    by 0x40A96C9: g_hash_table_foreach (in /usr/lib64/libglib-2.0.so.0.3800.2)
==42062==    by 0x80164885: object_class_foreach (object.c:665)
==42062==    by 0x80164975: object_class_get_list (object.c:698)
==42062==    by 0x800100A5: machine_parse (vl.c:2447)
==42062==    by 0x800100A5: main (vl.c:3756)

Lets free machines in case of mc.

Signed-off-by: Christian Borntraeger <borntraeger@de.ibm.com>
Reviewed-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
9 years agoaes: remove a dead return statement
Paolo Bonzini [Mon, 26 Jan 2015 11:12:26 +0000 (12:12 +0100)]
aes: remove a dead return statement

bits is checked to be 128, 192 or 256 at the beginning of the function.

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
9 years agoqemu-sockets: improve error reporting in unix_listen_opts
Paolo Bonzini [Mon, 26 Jan 2015 11:12:24 +0000 (12:12 +0100)]
qemu-sockets: improve error reporting in unix_listen_opts

Coverity complains about not checking the returned value of mkstemp.  While
at it, also improve error checking for snprintf, and refine error messages
in general.

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
9 years agocpu-exec: simplify icount code
Paolo Bonzini [Mon, 26 Jan 2015 11:12:22 +0000 (12:12 +0100)]
cpu-exec: simplify icount code

Use MIN instead of an "if" statement.  Move "tb" assignment where
the value is actually used.

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
9 years agocpu-exec: drop dead assignment
Paolo Bonzini [Mon, 26 Jan 2015 11:12:21 +0000 (12:12 +0100)]
cpu-exec: drop dead assignment

All uses of TB inside cpu_exec are dominated by "tb = tb_find_fast(env)",
and there are no uses after the switch statement.  So the assignment
is dead, as reported by Coverity.

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
9 years agoqemu-log: Correct help text of 'log cpu_reset'
Thomas Huth [Tue, 27 Jan 2015 12:11:26 +0000 (13:11 +0100)]
qemu-log: Correct help text of 'log cpu_reset'

The logging of the CPU state during reset is done for all architectures
nowadays (see cpu_common_reset() in qom/cpu.c), so the "x86 only" text
does not apply here anymore.

Signed-off-by: Thomas Huth <thuth@linux.vnet.ibm.com>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
9 years agolinux-user/syscall.c: do_ioctl_dm: Need to call unlock_user() before going to failure...
Chen Gang S [Sun, 25 Jan 2015 00:00:42 +0000 (08:00 +0800)]
linux-user/syscall.c: do_ioctl_dm: Need to call unlock_user() before going to failure return in default case

In abi_long do_ioctl_dm(), after lock_user() call, the code does
not call unlock_user() before going to failure return in default case.

Signed-off-by: Chen Gang <gang.chen.5i5j@gmail.com>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
9 years agolinux-user/main.c: Use TARGET_SIG* instead of SIG*
Chen Gang S [Sun, 25 Jan 2015 11:35:58 +0000 (19:35 +0800)]
linux-user/main.c: Use TARGET_SIG* instead of SIG*

In main.c, all SIG* should be TARGET_SIG*, since the relevant functions
(queue_signal() and gdb_handlesig()) expect TARGET_SIG*.

The corresponding vi command is "1,$ s/\<SIG/TARGET_SIG/g".

Signed-off-by: Chen Gang <gang.chen.5i5j@gmail.com>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
9 years agolinux-user/syscall.c: Fix typo issue for using target_vec[i].iov_len instead of targe...
Chen Gang S [Fri, 23 Jan 2015 10:07:50 +0000 (18:07 +0800)]
linux-user/syscall.c: Fix typo issue for using target_vec[i].iov_len instead of target_vec[i].iov_base

It is only a typo issue, need use tswapal(target_vec[i].iov_len) for the
len.

Signed-off-by: Chen Gang <gang.chen.5i5j@gmail.com>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
9 years agolinux-user/syscall.c: lock_iovec: unlock vec[i] in failure processing code block
Chen Gang S [Fri, 23 Jan 2015 10:01:09 +0000 (18:01 +0800)]
linux-user/syscall.c: lock_iovec: unlock vec[i] in failure processing code block

When failure occurs during locking of vec[i], we also need to unlock all
already locked vec[i] in failure processing code block before return.

Code in unlock_user() checks vec[i].iov_base for NULL, so there's no
need not check it .

If error is EFAULT when "i == 0", vec[i].iov_base is NULL, we can just
skip it, so can still use "while (--i >= 0)" loop condition.

Signed-off-by: Chen Gang <gang.chen.5i5j@gmail.com>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
9 years agovirtfs-proxy-helper: Fix possible socket leak.
Gonglei [Thu, 13 Nov 2014 12:17:06 +0000 (20:17 +0800)]
virtfs-proxy-helper: Fix possible socket leak.

Signed-off-by: Gonglei <arei.gonglei@huawei.com>
Reviewed-by: Markus Armbruster <armbru@redhat.com>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
9 years agovl: Fix bogus error message for implied mon ID clashing
Markus Armbruster [Tue, 13 Jan 2015 13:19:13 +0000 (14:19 +0100)]
vl: Fix bogus error message for implied mon ID clashing

monitor_parse() desugars --monitor, --qmp and -qmp-pretty to --mon.
The ID it picks can clash with a user-specified ID.  When it happens,
the error message is misleading.

Reproducer:

    $ qemu --mon id=compat_monitor0 --monitor stdio

Message before the patch:

    duplicate chardev: compat_monitor0

There's no "duplicate chardev" here.  The problem is a duplicate
monitor ID.  Moreover, the message provides no clue which option
caused the problem.  The patch changes the message to:

    qemu: --monitor stdio: Duplicate ID 'compat_monitor0' for mon

monitor_parse() is also used for creating a default monitor, but
that's not done when the user specifies a monitor, so an ID clash is
impossible then.

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
9 years agoConvert some debugging printfs to trace calls in pcnet.c.
Don Koch [Fri, 16 Jan 2015 19:21:39 +0000 (14:21 -0500)]
Convert some debugging printfs to trace calls in pcnet.c.

Signed-off-by: Don Koch <dkoch@verizon.com>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
9 years agoAdd/convert trace calls in pcnet-pci.c.
Don Koch [Fri, 16 Jan 2015 19:21:38 +0000 (14:21 -0500)]
Add/convert trace calls in pcnet-pci.c.

Add trace calls. Convert some #ifdef DEBUG printfs to trace.

Signed-off-by: Don Koch <dkoch@verizon.com>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
9 years agoAdd trace to ps2.c.
Don Koch [Fri, 16 Jan 2015 19:21:37 +0000 (14:21 -0500)]
Add trace to ps2.c.

Signed-off-by: Don Koch <dkoch@verizon.com>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
9 years agoAdd tracing to xenfb.
Don Koch [Fri, 16 Jan 2015 19:21:36 +0000 (14:21 -0500)]
Add tracing to xenfb.

Signed-off-by: Don Koch <dkoch@verizon.com>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
9 years agofw_cfg: fix typos in comments: patch -> path
Gonglei [Mon, 19 Jan 2015 03:45:12 +0000 (11:45 +0800)]
fw_cfg: fix typos in comments: patch -> path

Signed-off-by: Gonglei <arei.gonglei@huawei.com>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
9 years agotarget-mips: Clean up switch fall through after commit fecd264
Markus Armbruster [Tue, 20 Jan 2015 09:59:23 +0000 (10:59 +0100)]
target-mips: Clean up switch fall through after commit fecd264

Commit fecd264 added a number of fall-throughs, but neglected to
properly document them as intentional.  Commit d922445 cleaned that up
for many, but not all cases.  Take care of the remaining ones.

Spotted by Coverity.

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
9 years agoqmp: unbreak build for non-vnc configuration
Leon Yu [Mon, 2 Feb 2015 05:08:51 +0000 (05:08 +0000)]
qmp: unbreak build for non-vnc configuration

Signed-off-by: Leon Yu <chianglungyu@gmail.com>
Message-id: 1422853731-5282-1-git-send-email-chianglungyu@gmail.com
Fixes: df887684603a ("monitor: add query-vnc-servers command")
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
9 years agoMerge remote-tracking branch 'remotes/kevin/tags/for-upstream' into staging
Peter Maydell [Fri, 6 Feb 2015 18:06:07 +0000 (18:06 +0000)]
Merge remote-tracking branch 'remotes/kevin/tags/for-upstream' into staging

Block patches for 2.3

# gpg: Signature made Fri 06 Feb 2015 17:14:10 GMT using RSA key ID C88F2FD6
# gpg: Good signature from "Kevin Wolf <kwolf@redhat.com>"

* remotes/kevin/tags/for-upstream: (47 commits)
  block/raw-posix.c: Fix raw_getlength() on Mac OS X block devices
  block: Eliminate silly QERR_ macros used for encryption keys
  block: New bdrv_add_key(), convert monitor to use it
  blockdev: Eliminate silly QERR_BLOCK_JOB_NOT_ACTIVE macro
  blockdev: Give find_block_job() an Error ** parameter
  qcow2: Rewrite qcow2_alloc_bytes()
  block: Give always priority to unused entries in the qcow2 L2 cache
  nbd: fix max_discard/max_transfer_length
  block: introduce BDRV_REQUEST_MAX_SECTORS
  nbd: Improve error messages
  iotests: Fix 104 for NBD
  iotests: Fix 100 for nbd
  iotests: Fix 083
  block: fix off-by-one error in qcow and qcow2
  qemu-iotests: add 116 invalid QED input file tests
  qed: check for header size overflow
  block/dmg: improve zeroes handling
  block/dmg: support bzip2 block entry types
  block/dmg: factor out block type check
  block/dmg: use SectorNumber from BLKX header
  ...

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
9 years agoblock/raw-posix.c: Fix raw_getlength() on Mac OS X block devices
Programmingkid [Mon, 19 Jan 2015 22:12:55 +0000 (17:12 -0500)]
block/raw-posix.c: Fix raw_getlength() on Mac OS X block devices

This patch replaces the dummy code in raw_getlength() for block devices
on OS X, which always returned LLONG_MAX, with a real implementation
that returns the actual block device size.

Signed-off-by: John Arbuckle <programmingkidx@gmail.com>
Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com>
Tested-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
9 years agoMerge remote-tracking branch 'mreitz/block' into queue-block
Kevin Wolf [Fri, 6 Feb 2015 17:00:14 +0000 (18:00 +0100)]
Merge remote-tracking branch 'mreitz/block' into queue-block

* mreitz/block:
  block: Eliminate silly QERR_ macros used for encryption keys
  block: New bdrv_add_key(), convert monitor to use it
  blockdev: Eliminate silly QERR_BLOCK_JOB_NOT_ACTIVE macro
  blockdev: Give find_block_job() an Error ** parameter

9 years agoblock: Eliminate silly QERR_ macros used for encryption keys
Markus Armbruster [Thu, 29 Jan 2015 09:37:01 +0000 (10:37 +0100)]
block: Eliminate silly QERR_ macros used for encryption keys

The QERR_ macros are leftovers from the days of "rich" error objects.
They're used with error_set() and qerror_report(), and expand into the
first *two* arguments.  This trickiness has become pointless.  Clean
up QERR_DEVICE_ENCRYPTED and QERR_DEVICE_NOT_ENCRYPTED.

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Message-id: 1422524221-8566-5-git-send-email-armbru@redhat.com
Reviewed-by: Max Reitz <mreitz@redhat.com>
Signed-off-by: Max Reitz <mreitz@redhat.com>
9 years agoblock: New bdrv_add_key(), convert monitor to use it
Markus Armbruster [Thu, 29 Jan 2015 09:37:00 +0000 (10:37 +0100)]
block: New bdrv_add_key(), convert monitor to use it

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Message-id: 1422524221-8566-4-git-send-email-armbru@redhat.com
Reviewed-by: Max Reitz <mreitz@redhat.com>
Signed-off-by: Max Reitz <mreitz@redhat.com>
9 years agoblockdev: Eliminate silly QERR_BLOCK_JOB_NOT_ACTIVE macro
Markus Armbruster [Thu, 29 Jan 2015 09:36:59 +0000 (10:36 +0100)]
blockdev: Eliminate silly QERR_BLOCK_JOB_NOT_ACTIVE macro

The QERR_ macros are leftovers from the days of "rich" error objects.
They're used with error_set() and qerror_report(), and expand into the
first *two* arguments.  This trickiness has become pointless.  Clean
this one up.

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Message-id: 1422524221-8566-3-git-send-email-armbru@redhat.com
Reviewed-by: Max Reitz <mreitz@redhat.com>
Signed-off-by: Max Reitz <mreitz@redhat.com>
9 years agoblockdev: Give find_block_job() an Error ** parameter
Markus Armbruster [Thu, 29 Jan 2015 09:36:58 +0000 (10:36 +0100)]
blockdev: Give find_block_job() an Error ** parameter

When find_block_job() fails, all its callers build the same Error
object.  Build it in find_block_job() instead.

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Message-id: 1422524221-8566-2-git-send-email-armbru@redhat.com
Reviewed-by: Max Reitz <mreitz@redhat.com>
Signed-off-by: Max Reitz <mreitz@redhat.com>
9 years agoqcow2: Rewrite qcow2_alloc_bytes()
Max Reitz [Fri, 6 Feb 2015 14:39:16 +0000 (09:39 -0500)]
qcow2: Rewrite qcow2_alloc_bytes()

qcow2_alloc_bytes() is a function with insufficient error handling and
an unnecessary goto. This patch rewrites it.

Signed-off-by: Max Reitz <mreitz@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
9 years agoblock: Give always priority to unused entries in the qcow2 L2 cache
Alberto Garcia [Thu, 5 Feb 2015 12:55:31 +0000 (14:55 +0200)]
block: Give always priority to unused entries in the qcow2 L2 cache

The current algorithm to replace entries from the L2 cache gives
priority to newer hits by dividing the hit count of all existing
entries by two everytime there is a cache miss.

However, if there are several cache misses the hit count of the
existing entries can easily go down to 0. This will result in those
entries being replaced even when there are others that have never been
used.

This problem is more noticeable with larger disk images and cache
sizes, since the chances of having several misses before the cache is
full are higher.

If we make sure that the hit count can never go down to 0 again,
unused entries will always have priority.

Signed-off-by: Alberto Garcia <berto@igalia.com>
Reviewed-by: Max Reitz <mreitz@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
9 years agonbd: fix max_discard/max_transfer_length
Denis V. Lunev [Fri, 6 Feb 2015 11:24:43 +0000 (14:24 +0300)]
nbd: fix max_discard/max_transfer_length

nbd_co_discard calls nbd_client_session_co_discard which uses uint32_t
as the length in bytes of the data to discard due to the following
definition:

struct nbd_request {
    uint32_t magic;
    uint32_t type;
    uint64_t handle;
    uint64_t from;
    uint32_t len; <-- the length of data to be discarded, in bytes
} QEMU_PACKED;

Thus we should limit bl_max_discard to UINT32_MAX >> BDRV_SECTOR_BITS to
avoid overflow.

NBD read/write code uses the same structure for transfers. Fix
max_transfer_length accordingly.

Signed-off-by: Denis V. Lunev <den@openvz.org>
CC: Peter Lieven <pl@kamp.de>
CC: Kevin Wolf <kwolf@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
9 years agoblock: introduce BDRV_REQUEST_MAX_SECTORS
Peter Lieven [Fri, 6 Feb 2015 10:54:11 +0000 (11:54 +0100)]
block: introduce BDRV_REQUEST_MAX_SECTORS

we check and adjust request sizes at several places with
sometimes inconsistent checks or default values:
 INT_MAX
 INT_MAX >> BDRV_SECTOR_BITS
 UINT_MAX >> BDRV_SECTOR_BITS
 SIZE_MAX >> BDRV_SECTOR_BITS

This patches introdocues a macro for the maximal allowed sectors
per request and uses it at several places.

Signed-off-by: Peter Lieven <pl@kamp.de>
Reviewed-by: Denis V. Lunev <den@openvz.org>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
9 years agonbd: Improve error messages
Max Reitz [Tue, 27 Jan 2015 02:02:59 +0000 (21:02 -0500)]
nbd: Improve error messages

This patch makes use of the Error object for nbd_receive_negotiate() so
that errors during negotiation look nicer.

Furthermore, this patch adds an additional error message if the received
magic was wrong, but would be correct for the other protocol version,
respectively: So if an export name was specified, but the NBD server
magic corresponds to an old handshake, this condition is explicitly
signaled to the user, and vice versa.

As these messages are now part of the "Could not open image" error
message, additional filtering has to be employed in iotest 083, which
this patch does as well.

Signed-off-by: Max Reitz <mreitz@redhat.com>
Reviewed-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
9 years agoiotests: Fix 104 for NBD
Max Reitz [Tue, 27 Jan 2015 02:02:58 +0000 (21:02 -0500)]
iotests: Fix 104 for NBD

_make_test_img sets up an NBD server, _cleanup_test_img shuts it down;
thus, _cleanup_test_img has to be called before _make_test_img is
invoked another time.

Furthermore, the pipe through _filter_test_img was unnecessary;
_make_test_img already takes care of that.

And finally, a filter is added to _filter_img_info to replace
"nbd://127.0.0.1:10810" by "TEST_DIR/t.IMGFMT", since the former is the
way to express the full image path (normally the latter) for NBD tests.

Signed-off-by: Max Reitz <mreitz@redhat.com>
Reviewed-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
9 years agoiotests: Fix 100 for nbd
Max Reitz [Tue, 27 Jan 2015 02:02:57 +0000 (21:02 -0500)]
iotests: Fix 100 for nbd

In case of NBD, _make_test_img starts a new NBD server. Therefore,
_cleanup_test_img (which shuts that server down) has to be invoked
before the next _make_test_img call in order to make 100 work for NBD.

Signed-off-by: Max Reitz <mreitz@redhat.com>
Reviewed-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
9 years agoiotests: Fix 083
Max Reitz [Tue, 27 Jan 2015 02:02:56 +0000 (21:02 -0500)]
iotests: Fix 083

As of 8f9e835fd2e687d2bfe936819c3494af4343614d, probing should be
disabled in the qemu-iotests (at least when using qemu-io). This broke
083's reference output (which consisted mostly of "Could not read image
for determining its format").

This patch fixes it.

Note that one case which failed before is now successful: Disconnect
after data. This is due to qemu having read twice before (once for
probing, once for the qemu-io read command), but only once now (the
qemu-io read command). Therefore, reading is successful (which is
correct).

Signed-off-by: Max Reitz <mreitz@redhat.com>
Reviewed-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
9 years agoblock: fix off-by-one error in qcow and qcow2
Jeff Cody [Tue, 27 Jan 2015 13:33:55 +0000 (08:33 -0500)]
block: fix off-by-one error in qcow and qcow2

This fixes an off-by-one error introduced in 9a29e18.  Both qcow and
qcow2 need to make sure to leave room for string terminator '\0' for
the backing file, so the max length of the non-terminated string is
either 1023 or PATH_MAX - 1.

Reported-by: Kevin Wolf <kwolf@redhat.com>
Signed-off-by: Jeff Cody <jcody@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
9 years agoqemu-iotests: add 116 invalid QED input file tests
Stefan Hajnoczi [Mon, 12 Jan 2015 12:31:33 +0000 (12:31 +0000)]
qemu-iotests: add 116 invalid QED input file tests

These tests exercise error code paths in the QED image format.  The
tests are very simple, they just prove that the error path exits
cleanly.

Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
Message-id: 1421065893-18875-3-git-send-email-stefanha@redhat.com
Reviewed-by: Kevin Wolf <kwolf@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
9 years agoqed: check for header size overflow
Stefan Hajnoczi [Mon, 12 Jan 2015 12:31:32 +0000 (12:31 +0000)]
qed: check for header size overflow

Header size is denoted in clusters.  The maximum cluster size is 64 MB
but there is no limit on header size.  Check for uint32_t overflow in
case the header size field has a whacky value.

Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
Message-id: 1421065893-18875-2-git-send-email-stefanha@redhat.com
Reviewed-by: Kevin Wolf <kwolf@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
9 years agoblock/dmg: improve zeroes handling
Peter Wu [Tue, 6 Jan 2015 17:48:15 +0000 (18:48 +0100)]
block/dmg: improve zeroes handling

Disk images may contain large all-zeroes gaps (1.66k sectors or 812 MiB
is seen in the real world). These blocks (type 2) do not need to be
extracted into a temporary buffer, there is no need to allocate memory
for these blocks nor to check its length.

(For the test image, the maximum uncompressed size is 1054371 bytes,
probably for a bzip2-compressed block.)

Signed-off-by: Peter Wu <peter@lekensteyn.nl>
Reviewed-by: John Snow <jsnow@redhat.com>
Message-id: 1420566495-13284-13-git-send-email-peter@lekensteyn.nl
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
9 years agoblock/dmg: support bzip2 block entry types
Peter Wu [Tue, 6 Jan 2015 17:48:14 +0000 (18:48 +0100)]
block/dmg: support bzip2 block entry types

This patch adds support for bzip2-compressed block entries as introduced
with OS X 10.4 (source: https://en.wikipedia.org/wiki/Apple_Disk_Image).

It was tested against a 5.2G "OS X Yosemite" installation image which
stores the BLXX block in the XML property list (instead of resource
forks) and has over 5k chunks.

New configure entries are added (--enable-bzip2 / --disable-bzip2) to
control inclusion of bzip2 functionality (which requires linking against
libbz2). The help message suggests that this option is needed for DMG
files, but the tests are generic enough that other parts of QEMU can use
bzip2 if needed.

The identifiers are based on http://newosxbook.com/DMG.html.

The decompression routines are based on the zlib case, but as there is
no way to reset the decompression state (unlike zlib), memory is
allocated and deallocated for every decompression. This should not be
problematic as the decompression takes most of the time and as blocks
are typically about/over 1 MiB in size, only one allocation is done
every 2000 sectors.

Signed-off-by: Peter Wu <peter@lekensteyn.nl>
Reviewed-by: John Snow <jsnow@redhat.com>
Acked-by: Paolo Bonzini <pbonzini@redhat.com>
Message-id: 1420566495-13284-12-git-send-email-peter@lekensteyn.nl
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
9 years agoblock/dmg: factor out block type check
Peter Wu [Tue, 6 Jan 2015 17:48:13 +0000 (18:48 +0100)]
block/dmg: factor out block type check

In preparation for adding bzip2 support, split the type check into a
separate function. Make all offsets relative to the begin of a chunk
such that it is easier to recognize the position without having to
add up all offsets. Some comments are added to describe the fields.

There is no functional change.

Signed-off-by: Peter Wu <peter@lekensteyn.nl>
Reviewed-by: John Snow <jsnow@redhat.com>
Message-id: 1420566495-13284-11-git-send-email-peter@lekensteyn.nl
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>