from pcie spec 7.8.17, the End-End TLP Prefix Blocking bit local
is 15(e.g. 0x8000) in device control 2 register.
Signed-off-by: Chen Fan <chen.fan.fnst@cn.fujitsu.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
All four leaks are similar, so fix them in one patch.
Signed-off-by: Stefan Weil <sw@weilnetz.de>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
We don't validate the existence of handle_output which may let a buggy
guest to trigger a SIGSEV easily. E.g:
1) write 10 to queue_sel to a virtio net device with only 1 queue
2) setup an arbitrary pfn
3) then notify queue 10
Fixing this by validating the existence of handle_output before.
Cc: qemu-stable@nongnu.org
Cc: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Jason Wang <jasowang@redhat.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
Reviewed-by: Don Koch <dkoch@verizon.com>
Reviewed-by: Fam Zheng <famz@redhat.com>
The anonymous struct only has a single field now, drop the wrapper
structure.
Suggested-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
Acked-by: Paolo Bonzini <pbonzini@redhat.com>
cdb is now part of cmd, drop it from req.
There's also nothing to check using build assert now.
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
Acked-by: Paolo Bonzini <pbonzini@redhat.com>
Commit "virtio-scsi: use standard-headers" added
cdb and sense into req/rep structures, which
breaks uses of sizeof for these structures,
since qemu adds its own arrays on top.
To fix, redefine CDB/sense field size to 0.
Reported-by: Fam Zheng <famz@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
QEMU wants to use virtio scsi structures with
a different VIRTIO_SCSI_CDB_SIZE/VIRTIO_SCSI_SENSE_SIZE,
let's add ifdefs to allow overriding them.
Keep the old defines under new names:
VIRTIO_SCSI_CDB_DEFAULT_SIZE/VIRTIO_SCSI_SENSE_DEFAULT_SIZE,
since that's what these values really are:
defaults for cdb/sense size fields.
Suggested-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
Acked-by: Paolo Bonzini <pbonzini@redhat.com>
As noted by Andreas, hw/boards.h shouldn't be used outside softmmu code.
Include it conditionally, and drop the (now unnecessary) ifdef guards in
hw/boards.h
Reported-by: Andreas Färber <afaerber@suse.de>
Cc: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
Reviewed-by: Andreas Färber <afaerber@suse.de>
It's sad when a friend leaves, but we have to move on.
Drop Anthony's email from MAINTAINERS so he stops getting
irrelevant email.
Got Anthony's ack off-list.
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
Acked-by: Anthony Liguori <aliguori@amazon.com>
Move the memory subregion function into the DeviceClass realize function
due to isa_address_space (now) crashing if called in the instance init
function.
Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
Acked-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
Reviewed-by: Paolo Bonzini <pbonzini@redhat.com>
Acked-by: Paolo Bonzini <pbonzini@redhat.com>
qdev_init() is deprecated, and will be removed when its callers have
been weaned off it.
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Acked-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
Running
qemu-bin ... -machine pc,mem-merge=on
leads to crash:
x86_64-softmmu/qemu-system-x86_64 -machine pc,dump-guest-core=on
qemu-system-x86_64: qemu/util/qemu-option.c:387: qemu_opt_get_bool_helper:
Assertion `opt->desc && opt->desc->type == QEMU_OPT_BOOL' failed. Aborted
(core dumped)
This happens because the commit e79d5a6 ("machine: remove qemu_machine_opts
global list") removed the global option descriptions and moved them to
MachineState's QOM properties.
Fix this by querying machine properties through designated wrappers.
Signed-off-by: Marcel Apfelbaum <marcel@redhat.com>
Acked-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
Reviewed-by: Paolo Bonzini <pbonzini@redhat.com>
Running
qemu-bin ... -machine pc,dump-guest-core=on
leads to crash:
x86_64-softmmu/qemu-system-x86_64 -machine pc,dump-guest-core=on
qemu-system-x86_64: qemu/util/qemu-option.c:387: qemu_opt_get_bool_helper:
Assertion `opt->desc && opt->desc->type == QEMU_OPT_BOOL' failed. Aborted
(core dumped)
This happens because the commit e79d5a6 ("machine: remove qemu_machine_opts
global list") removed the global option descriptions and moved them to
MachineState's QOM properties.
Fix this by querying machine properties through designated wrappers.
Signed-off-by: Marcel Apfelbaum <marcel@redhat.com>
Acked-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
Reviewed-by: Paolo Bonzini <pbonzini@redhat.com>
Make it safe to include hw/boards.h in exec.c
for linux-user configurations.
We don't need any of its contents though.
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
Commit e79d5a6 ("machine: remove qemu_machine_opts global list") removed
the global option descriptions and moved them to MachineState's QOM
properties.
Query phandle-start by accessing machine properties through designated
wrappers.
Signed-off-by: Marcel Apfelbaum <marcel@redhat.com>
Acked-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
Reviewed-by: Paolo Bonzini <pbonzini@redhat.com>
Commit e79d5a6 ("machine: remove qemu_machine_opts global list") removed
the global option descriptions and moved them to MachineState's QOM
properties.
Query kvm-shadow-mem by accessing machine properties through designated
wrappers.
Signed-off-by: Marcel Apfelbaum <marcel@redhat.com>
Acked-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
Reviewed-by: Paolo Bonzini <pbonzini@redhat.com>
Needed to query machine's properties.
Signed-off-by: Marcel Apfelbaum <marcel@redhat.com>
Acked-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
Reviewed-by: Paolo Bonzini <pbonzini@redhat.com>
Running
x86_64-softmmu/qemu-system-x86_64 -machine pc,kernel_irqchip=on -enable-kvm
leads to crash:
qemu-system-x86_64: qemu/util/qemu-option.c:387: qemu_opt_get_bool_helper:
Assertion `opt->desc && opt->desc->type == QEMU_OPT_BOOL' failed. Aborted
(core dumped)
This happens because the commit e79d5a6 ("machine: remove qemu_machine_opts
global list") removed the global option descriptions and moved them to
MachineState's QOM properties.
Fix this by querying machine properties through designated wrappers.
Signed-off-by: Marcel Apfelbaum <marcel@redhat.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
The code using kernel-irqchip property requires 'allowed/required'
functionality. Replace machine's kernel_irqchip field with two fields
representing the new functionality and expose them through wrappers.
Signed-off-by: Marcel Apfelbaum <marcel@redhat.com>
Acked-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
Reviewed-by: Paolo Bonzini <pbonzini@redhat.com>
Reviewed-by: Paolo Bonzini <pbonzini@redhat.com>
Fixes a QEMU crash when passing iommu parameter in command line.
Running
x86_64-softmmu/qemu-system-x86_64 -machine pc,iommu=on -enable-kvm
leads to crash:
qemu-system-x86_64: qemu/util/qemu-option.c:387: qemu_opt_get_bool_helper:
Assertion `opt->desc && opt->desc->type == QEMU_OPT_BOOL' failed.
Aborted (core dumped)
This happens because commit e79d5a6 ("machine: remove qemu_machine_opts global
list") removed the global option descriptions and moved them to MachineState's
QOM properties.
Fix this by querying machine properties through designated wrappers.
Signed-off-by: Marcel Apfelbaum <marcel@redhat.com>
Acked-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
Reviewed-by: Paolo Bonzini <pbonzini@redhat.com>
clang undefined behaviour sanitizer reports:
> hw/pci/shpc.c:162:27: runtime error: left shift of 1 by 31 places
> cannot be represented in type 'int'
Caused by the usual lack of a 'U' qualifier on a constant 1 being
shifted left. Fix it up.
Reported-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
commit ecdc7bab09
"acpi: fix aml_equal term implementation"
dropped a useless Zero in generated code,
update expected files appropriately.
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
The DefLEqual op does not have a target operand. Remove it.
Signed-off-by: Marcel Apfelbaum <marcel@redhat.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
Reviewed-by: Igor Mammedov <imammedo@redhat.com>
Opcodes are raw bytes, they shouldn't be added
using build_append_int. This only happens to work
with 0 and 1 opcodes.
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
Reviewed-by: Igor Mammedov <imammedo@redhat.com>
this code:
aml_append(foo, bar);
might, non-intuitively, modify bar, which means that e.g. the following
might not DTRT:
c = ....;
aml_append(a, c);
aml_append(b, c);
to fix, simply allocate an intermediate array,
and always modify that.
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
Reviewed-by: Igor Mammedov <imammedo@redhat.com>
Coverity reports that s->chr is checked after put_packet dereferences it.
Move the check earlier, consistent with the code used for user-mode
emulation.
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
man gcc:
Warn if in a loop with constant number of iterations the compiler
detects undefined behavior in some statement during one or more of
the iterations.
Milkymist pfpu has no jump instructions, so checking for MICROCODE_WORDS
instructions should have kept us in bounds of s->microcode, but i++
allowed one loop too many,
hw/misc/milkymist-pfpu.c: In function ‘pfpu_write’:
hw/misc/milkymist-pfpu.c:365:20: error: loop exit may only be reached after undefined behavior [-Werror=aggressive-loop-optimizations]
if (i++ >= MICROCODE_WORDS) {
^
hw/misc/milkymist-pfpu.c:167:14: note: possible undefined statement is here
uint32_t insn = s->microcode[pc];
^
The code can still access out of bounds, because it presumes that PC register
always begins at 0, and we allow writing to it.
Signed-off-by: Radim Krčmář <rkrcmar@redhat.com>
Acked-by: Michael Walle <michael@walle.cc>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
man gcc:
Warn about logical not used on the left hand side operand of a
comparison. This option does not warn if the RHS operand is of a
boolean type.
By preferring bool over int where sensible, but without modifying any
depending code, make GCC happy in cases like this,
qemu-img.c: In function ‘compare_sectors’:
qemu-img.c:992:39: error: logical not is only applied to the left hand
side of comparison [-Werror=logical-not-parentheses]
if (!!memcmp(buf1, buf2, 512) != res) {
hw/ide/core.c:1836 doesn't throw an error,
assert(!!s->error == !!(s->status & ERR_STAT));
even thought the second operand is int (and first hunk of this patch has
a very similar case), maybe GCC developers still have a little faith in
C programmers.
Signed-off-by: Radim Krčmář <rkrcmar@redhat.com>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
* Remove trailing whitespace (fixes 9 errors from checkpatch.pl).
One comment line was longer than 80 characters, so wrap it
and fix a typo, too.
* Replace tabs by blanks (fixes 1 error).
Signed-off-by: Stefan Weil <sw@weilnetz.de>
Reviewed-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
gcc reports this warning with -Wclobbered:
util/oslib-posix.c: In function ‘os_mem_prealloc’:
util/oslib-posix.c:374:49: error: argument ‘memory’ might be clobbered by
‘longjmp’ or ‘vfork’ [-Werror=clobbered]
Fix this and simplify the code by using an existing macro.
Signed-off-by: Stefan Weil <sw@weilnetz.de>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
Warnings from the Sparse static analysis tool:
disas/microblaze.c:289:3: warning:
symbol 'opcodes' was not declared. Should it be static?
disas/microblaze.c:570:6: warning:
symbol 'register_prefix' was not declared. Should it be static?
disas/microblaze.c:571:6: warning:
symbol 'special_register_prefix' was not declared. Should it be static?
disas/microblaze.c:572:6: warning:
symbol 'fsl_register_prefix' was not declared. Should it be static?
disas/microblaze.c:573:6: warning:
symbol 'pvr_register_prefix' was not declared. Should it be static?
Remove the unused variable special_register_prefix.
The variable pvr_register_prefix was unused, too, but can be used.
Add also 'const' where possible.
Signed-off-by: Stefan Weil <sw@weilnetz.de>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
Warnings from the Sparse static analysis tool:
disas/arm.c:1552:15: warning:
symbol 'last_type' was not declared. Should it be static?
disas/arm.c:1553:5: warning:
symbol 'last_mapping_sym' was not declared. Should it be static?
disas/arm.c:1554:9: warning:
symbol 'last_mapping_addr' was not declared. Should it be static?
Instead of adding 'static', the unused variables and the unused code which
refers to those variables (which was deactivated a long time ago in
commit 4b0f1a8b) are removed.
Signed-off-by: Stefan Weil <sw@weilnetz.de>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
If ret = macio_initfn_ide() is less than 0, the timer_memory
will leak the memory it points to.
Signed-off-by: Gonglei <arei.gonglei@huawei.com>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
numero sign is the number sign key of Russian keyboard layout, we
get this key with 'shift + 3'. It's missing in current Russian keymap file,
this patch fixes it.
As number sign does not exsit in Russian keyboard layout[1][2], this
patch also removes the 'numbersign' from Russian keymap.
[1] http://en.wikipedia.org/wiki/Keyboard_layout#Russian
[2] http://kbd-intl.narod.ru/english/layouts
Signed-off-by: Wang Xin <wangxinxin.wang@huawei.com>
Signed-off-by: Gonglei <arei.gonglei@huawei.com>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
This patch adds missing cyrillic character 'numerosign' to the VNC
keysym table, it's needed by Russian keyboard. And I get the keysym from
'<X11/keysymdef.h>', the current keysym table in Qemu was generated from
it.
Signed-off-by: Wang xin <wangxinxin.wang@huawei.com>
Signed-off-by: Gonglei <arei.gonglei@huawei.com>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
The value is called channel-type, not connection-type
Signed-off-by: Cole Robinson <crobinso@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
The function is not used anymore, and thus can be deleted.
Signed-off-by: Thomas Huth <thuth@linux.vnet.ibm.com>
Acked-by: Stefano Stabellini <stefano.stabellini@eu.citrix.com>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
