- tweak DEBUG behaviour for vm-test-build
- rename and update plug docs for versioning
- slim down MAIN_SOFTMMU_TARGETS
-----BEGIN PGP SIGNATURE-----
iQEzBAABCgAdFiEEZoWumedRZ7yvyN81+9DbCVqeKkQFAl3VG9cACgkQ+9DbCVqe
KkQvaAgAgfum+j9VZrgAakBKzmBuWV5IH5vJ+w9rzCP9/Y8XtQ7wd1le4jY0XtEb
6azCR0Fk4QivuXaH+YA3M6iV3Om5m5Tl6dIYsDt0Qk6jCkZE/Kfi/7jEQaPnVH0V
FQzSvXOtbMipBNBYp/WzMqNAdbIB3hI/oBXcxFqNiKrTsLylywSKCJCbHrJDNtCh
q0hHvqPVrCTXCSav16NqbxqibRn+gSkYFeAAE2LjaX9yVpa2bGMmjvQEJCeEBMxQ
76KzcLyKHhvl9NJWjd7UYaVLyXgGnOLtp3KjFaSM4+BU8CS/nY6h7Oiymyf8vShV
Bmx/Ju/m0J/H8RHfRdZcE0YGYuEmKA==
=EMcr
-----END PGP SIGNATURE-----
Merge remote-tracking branch 'remotes/stsquad/tags/pull-rc3-testing-and-tcg-201119-1' into staging
A few test and doc fixes:
- tweak DEBUG behaviour for vm-test-build
- rename and update plug docs for versioning
- slim down MAIN_SOFTMMU_TARGETS
# gpg: Signature made Wed 20 Nov 2019 10:56:23 GMT
# gpg: using RSA key 6685AE99E75167BCAFC8DF35FBD0DB095A9E2A44
# gpg: Good signature from "Alex Bennée (Master Work Key) <alex.bennee@linaro.org>" [full]
# Primary key fingerprint: 6685 AE99 E751 67BC AFC8 DF35 FBD0 DB09 5A9E 2A44
* remotes/stsquad/tags/pull-rc3-testing-and-tcg-201119-1:
tests/tcg: modify multiarch tests to work with clang
.travis.yml: drop 32 bit systems from MAIN_SOFTMMU_TARGETS
docs/devel: update tcg-plugins.rst with API versioning details
docs/devel: rename plugins.rst to tcg-plugins.rst
tests/vm: make --interactive (and therefore DEBUG=1) unconditional
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Fill the audio channel with required number of bytes to cover the
elapsed time. This prevents rate control reset, and avoids debug prints
like below
log:
Resetting rate control (65692 samples)
...
Resetting rate control (65721 samples)
...
Signed-off-by: Sai Pavan Boddu <sai.pavan.boddu@xilinx.com>
Reviewed-by: Alistair Francis <alistair.francis@wdc.com>
Message-id: 1573833408-2388-1-git-send-email-sai.pavan.boddu@xilinx.com
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
The older clangs are still struggling to build and run everything
withing the 50 minute timeout so lets lighten the load a bit more. We
still have coverage for GCC and hopefully no obscure 32 bit guest only
breakages slip through the cracks.
Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
Reviewed-by: Thomas Huth <thuth@redhat.com>
While we are at it fix up the quoted code sections with the inline ::
approach.
Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
Reviewed-by: Robert Foley <robert.foley@linaro.org>
This makes it a bit clearer what this is about.
Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
While the concept of only dropping to ssh if a test fails is nice it
is more useful for this to be unconditional. You usually just want to
get the build up and running and then noodle around debugging or
attempting to replicate.
Cc: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
Reviewed-by: Thomas Huth <thuth@redhat.com>
If IASL wasn't able to parse expected file, test will just
print warning
"Warning! iasl couldn't parse the expected aml\n"
and remove temporary table dumped from guest.
Typically expected tables are always valid, with an exception
when patchset introduces new tables.
Make sure dumped tables are retained even if expected files
are not valid, so one could have a chance to manualy check new
tables.
Signed-off-by: Igor Mammedov <imammedo@redhat.com>
Message-Id: <1574240560-12538-1-git-send-email-imammedo@redhat.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
The virtqueue element returned by vu_queue_pop() is allocated using
malloc(3) by virtqueue_alloc_element(). Use the matching free(3)
function instead of glib's g_free().
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
Message-Id: <20191119111626.112206-1-stefanha@redhat.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Use a zero-initialized VuVirtqInflightDesc struct to avoid
that scan-build reports that vq->resubmit_list[0].counter may
be garbage value in vu_check_queue_inflights().
Fixes: 5f9ff1eff ("libvhost-user: Support tracking inflight I/O in
shared memory")
Reported-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Signed-off-by: Xie Yongji <xieyongji@baidu.com>
Message-Id: <20191119075759.4334-1-xieyongji@baidu.com>
Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
With current code audio recording with all audio backends
except PulseAudio and DirectSound is broken. The generic audio
recording buffer management forgot to update the current read
position after a read.
Fixes: ff095e5231 "audio: api for mixeng code free backends"
Signed-off-by: Volker Rümelin <vr_qemu@t-online.de>
Reviewed-by: Zoltán Kővágó <DirtY.iCE.hu@gmail.com>
Message-id: 2fc947cf-7b42-de68-3f11-cbcf1c096be9@t-online.de
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
format. We failed at noticing it for the 4.1 release, and LP#1844817
was opened to track it. Fix this regression for the next release.
-----BEGIN PGP SIGNATURE-----
iQIzBAABCAAdFiEEicHnj2Ae6GyGdJXLoqP9bt6twN4FAl3T9KIACgkQoqP9bt6t
wN7sBA/9EXyDpqnHuVQ/BKqLxp47lTrcolD2tDC21Y7ITTqxgQ4jORqd0UFnV/JD
PgZkCn2slP4W45UW930K3nBBoibV/lwyH0FqW+Ilj0+ojFdhd/pLcObxoCjo4WUm
b+w1I/Iu1Dg6cGNZncfR3OUvTL1WrOSARXwGex4Bg1OdnlEwgqEQcem/QvY89IkK
fIsnzeNDGjJlJE50u/9wwZuGjgq71yD17nWGmqpEhrAMjI+/pNbOJPoJ9HQ6vedz
kWMx6gKFNXVB9G+SjAQf3xuaolFXtUHJb3gKYiVA3xrX6ypbUfuWqSYlUbenEGPL
ZAO2v6LKWopnv0f2pPUfs0N6YG/pDAdS6/ZlmOQzYIUQhyZr+cxkLgR6sG8ayVZP
KeQ18kbmhtpf4gJW0T575RNSCyv2Ns86XffVVdD7ExSoVleJApUUgYlL3NNDYTdS
1phED79HtvzK4+xf6EPZHixcKkWtjpdp4dCteKT7Wej+rFZbFsyur4ElpmL4WGJh
OwTwF2zY5QU++YEkM0o9KIovGYuAjh4frwmjuMstUNpsMUhujcIVOME4qbgyo/aV
Oxl4fgglPu4PgcW6l838sLwjIvqwItYKCuiwbxnsvWPxxYquPHcmCA9qyXpiLqnT
nMtFXxV9ClWGORnVvCcNypNoZ17IyDqMMj6XAfuC6+n8W/mr5UM=
=mVGc
-----END PGP SIGNATURE-----
Merge remote-tracking branch 'remotes/philmd-gitlab/tags/mips-next-20191119' into staging
The DTrace via SystemTap backend can not support the dynamic '*' width
format. We failed at noticing it for the 4.1 release, and LP#1844817
was opened to track it. Fix this regression for the next release.
# gpg: Signature made Tue 19 Nov 2019 13:56:50 GMT
# gpg: using RSA key 89C1E78F601EE86C867495CBA2A3FD6EDEADC0DE
# gpg: Good signature from "Philippe Mathieu-Daudé (Phil) <philmd@redhat.com>" [marginal]
# gpg: WARNING: This key is not certified with sufficiently trusted signatures!
# gpg: It is not certain that the signature belongs to the owner.
# Primary key fingerprint: 89C1 E78F 601E E86C 8674 95CB A2A3 FD6E DEAD C0DE
* remotes/philmd-gitlab/tags/mips-next-20191119:
hw/mips/gt64xxx: Remove dynamic field width from trace events
hw/block/pflash: Remove dynamic field width from trace events
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Since not all trace backends support dynamic field width in
format (dtrace via stap does not), replace by a static field
width instead.
We previously passed to the trace API 'width << 1' as the number
of hex characters to display (the dynamic field width). We don't
need this anymore. Instead, display the size of bytes accessed.
Fixes: ab6bff424f ("gt64xxx_pci: Convert debug printf to trace events")
Reported-by: Eric Blake <eblake@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Buglink: https://bugs.launchpad.net/qemu/+bug/1844817
Signed-off-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Since not all trace backends support dynamic field width in
format (dtrace via stap does not), replace by a static field
width instead.
We previously passed to the trace API 'width << 1' as the number
of hex characters to display (the dynamic field width). We don't
need this anymore. Instead, display the size of bytes accessed.
Fixes: e8aa2d95ea ("pflash: Simplify trace_pflash_io_read/write")
Fixes: c1474acd5d ("pflash: Simplify trace_pflash_data_read/write")
Reported-by: Eric Blake <eblake@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Buglink: https://bugs.launchpad.net/qemu/+bug/1844817
Signed-off-by: Philippe Mathieu-Daudé <philmd@redhat.com>
* Support EL0 v7m msr/mrs for CONFIG_USER_ONLY
* Relax r13 restriction for ldrex/strex for v8.0
* Do not reject rt == rt2 for strexd
* net/cadence_gem: Set PHY autonegotiation restart status
* ssi: xilinx_spips: Skip spi bus update for a few register writes
* pl031: Expose RTCICR as proper WC register
-----BEGIN PGP SIGNATURE-----
iQJNBAABCAA3FiEE4aXFk81BneKOgxXPPCUl7RQ2DN4FAl3T7nsZHHBldGVyLm1h
eWRlbGxAbGluYXJvLm9yZwAKCRA8JSXtFDYM3uMOD/4xK9KDvUyCxwJkEziskodk
3d9JHrG3YWhpCzUpO01DmqYS6Hy32HYctoSYGoF3eWVYBoA+axqUtiVmcskYOx2F
BIhBtTW3Svq8I5xP9jYOTS/wTUcHUJ+mWkl1aMDPRD7VJ2TJDUqD8ncFHg0aJI1S
USFMj8D9bZiyGb5E+JI26LwKmvJO4G+upDyysL7Tmf5n3eTp6W1wdjrriAjFZeq4
+nMg9Qk3X5hpM3o86acGr3wnLyw3ECMAq932bpcjjRJyHaaYFuz8hF/gQaKohUAB
KCD7zv/sEu0i4XlzS69J3milFWAl32qF9wCrbWLgb4WMDWVnB4EKKmo5tk92jIK+
CmddGgJHeyaR2UB6Fczk8khCWB5NpdnECi/7bcVfTBf/ceelrDWUebNztZbKR4UH
UYpk1GPYbsFTsZyFj0x+b3PcRVDYKgPKrgsHNU3pAZDNwqRXh+R1SBApcQWy7ZDR
wMTX1Sw92MoigiQS0phqDeUe0saToS3lkNchuFOOW224FsEwk0OpkvXi0c54Wn87
ao4ScCyxMJkE7lDH0GWpz9w3f8co/+B20X1HwpaCkkm2MvkV4stjuej8O80mtLqE
kK5CirW9kOjkzhy47L7muAwZlciUlA9p+ZdVTwfTwWSb5aYUuIfHQV5Bz+Pq4uHu
215+GvJhFCtdcstDu8l+Qg==
=9Prn
-----END PGP SIGNATURE-----
Merge remote-tracking branch 'remotes/pmaydell/tags/pull-target-arm-20191119' into staging
target-arm queue:
* Support EL0 v7m msr/mrs for CONFIG_USER_ONLY
* Relax r13 restriction for ldrex/strex for v8.0
* Do not reject rt == rt2 for strexd
* net/cadence_gem: Set PHY autonegotiation restart status
* ssi: xilinx_spips: Skip spi bus update for a few register writes
* pl031: Expose RTCICR as proper WC register
# gpg: Signature made Tue 19 Nov 2019 13:30:35 GMT
# gpg: using RSA key E1A5C593CD419DE28E8315CF3C2525ED14360CDE
# gpg: issuer "peter.maydell@linaro.org"
# gpg: Good signature from "Peter Maydell <peter.maydell@linaro.org>" [ultimate]
# gpg: aka "Peter Maydell <pmaydell@gmail.com>" [ultimate]
# gpg: aka "Peter Maydell <pmaydell@chiark.greenend.org.uk>" [ultimate]
# Primary key fingerprint: E1A5 C593 CD41 9DE2 8E83 15CF 3C25 25ED 1436 0CDE
* remotes/pmaydell/tags/pull-target-arm-20191119:
target/arm: Support EL0 v7m msr/mrs for CONFIG_USER_ONLY
target/arm: Relax r13 restriction for ldrex/strex for v8.0
target/arm: Do not reject rt == rt2 for strexd
net/cadence_gem: Set PHY autonegotiation restart status
ssi: xilinx_spips: Skip spi bus update for a few register writes
target/arm: Merge arm_cpu_vq_map_next_smaller into sole caller
pl031: Expose RTCICR as proper WC register
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Simply moving the non-stub helper_v7m_mrs/msr outside of
!CONFIG_USER_ONLY is not an option, because of all of the
other system-mode helpers that are called.
But we can split out a few subroutines to handle the few
EL0 accessible registers without duplicating code.
Reported-by: Christophe Lyon <christophe.lyon@linaro.org>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Message-id: 20191118194916.3670-1-richard.henderson@linaro.org
[PMM: deleted now-redundant comment; added a default case
to switch in v7m_msr helper]
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Armv8-A removes UNPREDICTABLE for R13 for these cases.
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Message-id: 20191117090621.32425-3-richard.henderson@linaro.org
[PMM: changed ENABLE_ARCH_8 checks to check a new bool 'v8a',
since these cases are still UNPREDICTABLE for v8M]
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
There was too much cut and paste between ldrexd and strexd,
as ldrexd does prohibit two output registers the same.
Fixes: af28822899
Reported-by: Michael Goffioul <michael.goffioul@gmail.com>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Message-id: 20191117090621.32425-2-richard.henderson@linaro.org
Reviewed-by: Robert Foley <robert.foley@linaro.org>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
The Linux kernel PHY driver sets AN_RESTART in the BMCR of the
PHY when autonegotiation is started.
Recently the kernel started to read back the PHY's AN_RESTART
bit and now checks whether the autonegotiation is complete and
the bit was cleared [1]. Otherwise the link status is down.
The emulated PHY needs to clear AN_RESTART immediately to inform
the kernel driver about the completion of autonegotiation phase.
[1] https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=c36757eb9dee
Signed-off-by: Linus Ziegert <linus.ziegert+qemu@holoplot.com>
Reviewed-by: Alistair Francis <alistair.francis@wdc.com>
Message-id: 20191104181604.21943-1-linus.ziegert+qemu@holoplot.com
Cc: qemu-stable@nongnu.org
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
A few configuration register writes need not update the spi bus state, so just
return after the register write.
Signed-off-by: Sai Pavan Boddu <sai.pavan.boddu@xilinx.com>
Reviewed-by: Alistair Francis <alistair.francis@wdc.com>
Reviewed-by: Francisco Iglesias <frasse.iglesias@gmail.com>
Tested-by: Francisco Iglesias <frasse.iglesias@gmail.com>
Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com>
Message-id: 1573830705-14579-1-git-send-email-sai.pavan.boddu@xilinx.com
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Coverity reports, in sve_zcr_get_valid_len,
"Subtract operation overflows on operands
arm_cpu_vq_map_next_smaller(cpu, start_vq + 1U) and 1U"
First, the aarch32 stub version of arm_cpu_vq_map_next_smaller,
returning 0, does exactly what Coverity reports. Remove it.
Second, the aarch64 version of arm_cpu_vq_map_next_smaller has
a set of asserts, but they don't cover the case in question.
Further, there is a fair amount of extra arithmetic needed to
convert from the 0-based zcr register, to the 1-base vq form,
to the 0-based bitmap, and back again. This can be simplified
by leaving the value in the 0-based form.
Finally, use test_bit to simplify the common case, where the
length in the zcr registers is in fact a supported length.
Reported-by: Coverity (CID 1407217)
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Reviewed-by: Andrew Jones <drjones@redhat.com>
Message-id: 20191118091414.19440-1-richard.henderson@linaro.org
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
The current PL031 RTCICR register implementation always clears the
IRQ pending status on a register write, regardless of the value the
guest writes.
To justify that behavior, it references the ARM926EJ-S Development
Chip Reference Manual (DDI0287B) and indicates that said document
states that any write clears the internal IRQ state. It is indeed
true that in section 11.1 this document says:
"The interrupt is cleared by writing any data value to the
interrupt clear register RTCICR".
However, later in section 11.2.2 it contradicts itself by saying:
"Writing 1 to bit 0 of RTCICR clears the RTCINTR flag."
The latter statement matches the PL031 TRM (DDI0224C), which says:
"Writing 1 to bit position 0 clears the corresponding interrupt.
Writing 0 has no effect."
Let's assume that the self-contradictory DDI0287B is in error, and
follow the reference manual for the device itself, by making the
register write-one-to-clear.
Reported-by: Hendrik Borghorst <hborghor@amazon.de>
Signed-off-by: Alexander Graf <graf@amazon.com>
Message-id: 20191104115228.30745-1-graf@amazon.com
[PMM: updated commit message to note that DDI0287B says two
conflicting things]
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Commit 369b41359a broke timer interrupt
reinjection when there is no period change by the guest. In that
case, old_period is 0, which ends up zeroing irq_coalesced (counter of
reinjected interrupts).
The consequence is Windows 7 is unable to synchronize time via NTP.
Easily reproducible by playing a fullscreen video with cirrus and VNC.
Fix by passing s->period when periodic_timer_update is called due to
expiration of the timer. With this change, old_period == 0 only
means that the periodic timer was off.
Reported-by: Marcelo Tosatti <mtosatti@redhat.com>
Co-developed-by: Marcelo Tosatti <mtosatti@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
It's an old compatibility shim that just delegates to scsi-cd or scsi-hd.
Just like ide-drive, we don't need this.
Acked-by: Peter Krempa <pkrempa@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Attempting to migrate a VM using the microvm machine class results in the source
QEMU aborting with the following message/backtrace:
target/i386/machine.c:955:tsc_khz_needed: Object 0x555556608fa0 is not an
instance of type generic-pc-machine
abort()
object_class_dynamic_cast_assert()
vmstate_save_state_v()
vmstate_save_state()
vmstate_save()
qemu_savevm_state_complete_precopy()
migration_thread()
migration_thread()
migration_thread()
qemu_thread_start()
start_thread()
clone()
The access to the machine class returned by MACHINE_GET_CLASS() in
tsc_khz_needed() is crashing as it is trying to dereference a different
type of machine class object (TYPE_PC_MACHINE) to that of this microVM.
This can be resolved by extending the changes in the following commit
f0bb276bf8 ("hw/i386: split PCMachineState deriving X86MachineState from it")
and moving the save_tsc_khz field in PCMachineClass to X86MachineClass.
Fixes: f0bb276bf8 ("hw/i386: split PCMachineState deriving X86MachineState from it")
Signed-off-by: Liam Merwick <liam.merwick@oracle.com>
Reviewed-by: Darren Kenny <darren.kenny@oracle.com>
Message-Id: <1574075605-25215-1-git-send-email-liam.merwick@oracle.com>
Reviewed-by: Sergio Lopez <slp@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Add a new section explaining the particularities of the microvm
machine type for triggering a guest-initiated shut down.
Signed-off-by: Sergio Lopez <slp@redhat.com>
Message-Id: <20191115161338.42864-3-slp@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Fix the alignment of the items in the "Limitations" section.
Signed-off-by: Sergio Lopez <slp@redhat.com>
Message-Id: <20191115161338.42864-2-slp@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
hw/vfio/display.c needs the EDID subsystem, select it.
Cc: Alex Williamson <alex.williamson@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
When CONFIG_IDE_ISA is disabled, compilation currently fails:
hw/i386/pc_piix.c: In function ‘pc_init1’:
hw/i386/pc_piix.c:81:9: error: unused variable ‘i’ [-Werror=unused-variable]
Move the variable declaration to the right code block to avoid
this problem.
Fixes: 4501d317b5 ("hw/i386/pc: Extract pc_i8259_create()")
Signed-off-by: Thomas Huth <thuth@redhat.com>
Message-Id: <20191115145049.26868-1-thuth@redhat.com>
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
TSX Async Abort (TAA) is a side channel attack on internal buffers in
some Intel processors similar to Microachitectural Data Sampling (MDS).
Some future Intel processors will use the ARCH_CAP_TAA_NO bit in the
IA32_ARCH_CAPABILITIES MSR to report that they are not vulnerable to
TAA. Make this bit available to guests.
Signed-off-by: Pawan Gupta <pawan.kumar.gupta@linux.intel.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
In microvm_fix_kernel_cmdline(), fw_cfg_modify_string() is duplicating
cmdline instead of taking ownership of it. Free it afterwards to avoid
leaking it.
Reported-by: Coverity (CID 1407218)
Suggested-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Sergio Lopez <slp@redhat.com>
Message-Id: <20191112163423.91884-1-slp@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Recent git versions support worktrees where .git is not a directory but
a file with a path to the .git repository; however the get_maintainer.pl
script only recognises the .git directory, let's fix it.
Signed-off-by: Alexey Kardashevskiy <aik@ozlabs.ru>
Reviewed-by: Greg Kurz <groug@kaod.org>
Reviewed-by: Stefano Garzarella <sgarzare@redhat.com>
Tested-by: Stefano Garzarella <sgarzare@redhat.com>
Message-Id: <20191112034532.69079-1-aik@ozlabs.ru>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
When a monitor's queue is filled up in handle_qmp_command()
it gets suspended. It's the dispatcher bh's job currently to
resume the monitor, which it does after processing an event
from the queue. However, it is possible for a
CHR_EVENT_CLOSED event to be processed before before the bh
is scheduled, which will clear the queue without resuming
the monitor, thereby preventing the dispatcher from reaching
the resume() call.
Any new connections to the qmp socket will be accept()ed and
show the greeting, but will not respond to any messages sent
afterwards (as they will not be read from the
still-suspended socket).
Fix this by resuming the monitor when clearing a queue which
was filled up.
Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
Message-Id: <20191115085914.21287-1-w.bumiller@proxmox.com>
Run the core of the test twice, once without iothreads, and again
with, for more coverage of both setups.
Suggested-by: Nir Soffer <nsoffer@redhat.com>
Signed-off-by: Eric Blake <eblake@redhat.com>
Reviewed-by: Max Reitz <mreitz@redhat.com>
Message-Id: <20191114213415.23499-5-eblake@redhat.com>
We generally include relevant HMP input in .out files, by virtue of
the fact that HMP echoes its input. But QMP does not, so we have to
explicitly inject it in the output stream (appropriately filtered to
keep the tests passing), in order to make it easier to read .out files
to see what behavior is being tested (especially true where the output
file is a sequence of {'return': {}}).
Suggested-by: Max Reitz <mreitz@redhat.com>
Signed-off-by: Eric Blake <eblake@redhat.com>
Message-Id: <20191114213415.23499-4-eblake@redhat.com>
Reviewed-by: Max Reitz <mreitz@redhat.com>
Up to now, all it took to cause a lot of iotest failures was to have a
background process such as 'nbdkit -p 10810 null' running, because we
hard-coded the TCP port. Switching to a Unix socket eliminates this
contention. We still have TCP coverage in test 233, and that test is
more careful to not pick a hard-coded port.
Add a comment explaining where the format layer applies when using
NBD as protocol (until NBD gains support for a resize extension, we
only pipe raw bytes over the wire).
Signed-off-by: Eric Blake <eblake@redhat.com>
Message-Id: <20191114213415.23499-3-eblake@redhat.com>
[eblake: Tweak socket name per Max Reitz' review]
This test has been broken since 3.0. It used TEST_IMG to influence
the name of a file created during _make_test_img, but commit 655ae6bb
changed things so that the wrong file name is being created, which
then caused _launch_qemu to fail. In the meantime, the set of events
issued for the actions of the test has increased.
Why haven't we noticed the failure? Because the test rarely gets run:
'./check -qcow2 173' is insufficient (that defaults to using file protocol)
'./check -nfs 173' is insufficient (that defaults to using raw format)
so the test is only run with:
./check -qcow2 -nfs 173
Note that we already have a number of other problems with -nfs:
./check -nfs (fails 18/30)
./check -qcow2 -nfs (fails 45/76 after this patch, if exports does
not permit 'insecure')
and it's not on my priority list to fix those. Rather, I found this
because of my next patch's work on tests using _send_qemu_cmd.
Fixes: 655ae6b
Signed-off-by: Eric Blake <eblake@redhat.com>
Reviewed-by: Max Reitz <mreitz@redhat.com>
Message-Id: <20191114213415.23499-2-eblake@redhat.com>
Qemu as server currently won't accept export names larger than 256
bytes, nor create dirty bitmap names longer than 1023 bytes, so most
uses of qemu as client or server have no reason to get anywhere near
the NBD spec maximum of a 4k limit per string.
However, we weren't actually enforcing things, ignoring when the
remote side violates the protocol on input, and also having several
code paths where we send oversize strings on output (for example,
qemu-nbd --description could easily send more than 4k). Tighten
things up as follows:
client:
- Perform bounds check on export name and dirty bitmap request prior
to handing it to server
- Validate that copied server replies are not too long (ignoring
NBD_INFO_* replies that are not copied is not too bad)
server:
- Perform bounds check on export name and description prior to
advertising it to client
- Reject client name or metadata query that is too long
- Adjust things to allow full 4k name limit rather than previous
256 byte limit
Signed-off-by: Eric Blake <eblake@redhat.com>
Message-Id: <20191114024635.11363-4-eblake@redhat.com>
Reviewed-by: Maxim Levitsky <mlevitsk@redhat.com>
Reviewed-by: Vladimir Sementsov-Ogievskiy <vsementsov@virtuozzo.com>
We document that for qcow2 persistent bitmaps, the name cannot exceed
1023 bytes. It is inconsistent if transient bitmaps do not have to
abide by the same limit, and it is unlikely that any existing client
even cares about using bitmap names this long. It's time to codify
that ALL bitmaps managed by qemu (whether persistent in qcow2 or not)
have a documented maximum length.
Signed-off-by: Eric Blake <eblake@redhat.com>
Message-Id: <20191114024635.11363-3-eblake@redhat.com>
Reviewed-by: Maxim Levitsky <mlevitsk@redhat.com>
Reviewed-by: Vladimir Sementsov-Ogievskiy <vsementsov@virtuozzo.com>
As long as we limit NBD names to 256 bytes (the bare minimum permitted
by the standard), stack-allocation works for parsing a name received
from the client. But as mentioned in a comment, we eventually want to
permit up to the 4k maximum of the NBD standard, which is too large
for stack allocation; so switch everything in the server to use heap
allocation. For now, there is no change in actually supported name
length.
Signed-off-by: Eric Blake <eblake@redhat.com>
Message-Id: <20191114024635.11363-2-eblake@redhat.com>
[eblake: fix uninit variable compile failure]
Reviewed-by: Maxim Levitsky <mlevitsk@redhat.com>
Reviewed-by: Vladimir Sementsov-Ogievskiy <vsementsov@virtuozzo.com>