Commit Graph

29046 Commits

Author SHA1 Message Date
Max Reitz 37d41f0a04 qcow2: Always use error path on writing snapshots
qcow2_write_snapshots does contain a fail label and there is no reason
not to use it on some errors; therefore, we should always jump there on
error.

Signed-off-by: Max Reitz <mreitz@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2013-10-11 16:49:59 +02:00
Max Reitz 8f730dd24e qcow2: Free preallocated zero clusters
In qcow2_free_any_clusters, preallocated zero clusters should be freed
just as normal clusters are.

Signed-off-by: Max Reitz <mreitz@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2013-10-11 16:49:59 +02:00
Max Reitz 998b959c1e qcow2: Use pread for inactive L1 in overlap check
Currently, qcow2_check_metadata_overlap uses bdrv_read to read inactive
L1 tables from disk. The number of sectors to read is calculated through
a truncating integer division, therefore, if the L1 table size is not a
multiple of the sector size, the final entries will not be read and
their entries in memory remain undefined (from the g_malloc).
Using bdrv_pread fixes this.

Signed-off-by: Max Reitz <mreitz@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2013-10-11 16:49:59 +02:00
Max Reitz f252080453 qcow2: Alignment of snapshot table entries
The qcow2 specification does not explicitly state so far that every
snapshot table entry is aligned to 8 bytes. QEMU, in contrast, does this
alignment, thus it should be properly documented (which this patch
does).

Signed-off-by: Max Reitz <mreitz@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2013-10-11 16:49:58 +02:00
Max Reitz 3677e6f625 qemu-iotests: Additional info from qemu-img info
Add a test for the additional information now provided by qemu-img info
when used on qcow2 images. It also tests the qemu QMP output from the
query-block command when running qemu with different runtime options
than specified in the image (ImageInfoSpecific should always refer to
the image).

Signed-off-by: Max Reitz <mreitz@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2013-10-11 16:49:50 +02:00
Max Reitz 4c2e946500 qemu-iotests: Discard specific info in _img_info
In _img_info, filter out additional information specific to the image
format provided by qemu-img info, since tests designed for multiple
image formats would produce different outputs for every image format
otherwise.

In a human-readable dump, that new information will always be last for
each "image information block" (multiple blocks are emitted when
inspecting the backing file chain). Every block is separated by an empty
line. Therefore, in this case, everything starting with the line "Format
specific information:" up to that empty line (or EOF, if it is the last
block) has to be stripped.

The JSON dump will always emit pretty JSON data. Therefore, the opening
and closing braces of every object will be on lines which are indented
by exactly the same amount, and all lines in between will have more
indentation. Thus, in this case, everything starting with a line
matching the regular expression /^ *"format-specific": {/ until /^ *},?/
has to be stripped, where the number of spaces at the beginning of the
respective lines is equal.

Signed-off-by: Max Reitz <mreitz@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2013-10-11 14:04:58 +02:00
Max Reitz 37764dfb71 qcow2: Add support for ImageInfoSpecific
Add a new ImageInfoSpecificQCow2 type as a subtype of ImageInfoSpecific.
This contains the compatibility level as a string and an optional
lazy_refcounts boolean (optional means mandatory for compat >= 1.1 and
not available for compat == 0.10).

Also, add qcow2_get_specific_info, which returns this information.

Signed-off-by: Max Reitz <mreitz@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2013-10-11 14:03:57 +02:00
Max Reitz a8d8ecb77f block/qapi: Human-readable ImageInfoSpecific dump
Add a function for generically dumping the ImageInfoSpecific information
in a human-readable format to block/qapi.c.

Use this function in bdrv_image_info_dump and qemu-io-cmds.c:info_f to
allow qemu-img info resp. qemu-io -c info to print that format specific
information.

Signed-off-by: Max Reitz <mreitz@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2013-10-11 10:52:54 +02:00
Max Reitz eae041fe6f block: Add bdrv_get_specific_info
Add a function for retrieving an ImageInfoSpecific object from a block
driver.

Signed-off-by: Max Reitz <mreitz@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2013-10-11 10:52:54 +02:00
Max Reitz f2bb8a8a47 qapi: Add ImageInfoSpecific type
Add a new type ImageInfoSpecific as a union for image format specific
information in ImageInfo.

Signed-off-by: Max Reitz <mreitz@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2013-10-11 10:52:54 +02:00
Fam Zheng 79e14bf778 qapi: make use of new BlockJobType
Switch the string to enum type BlockJobType in BlockJobDriver.

Signed-off-by: Fam Zheng <famz@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2013-10-11 10:52:54 +02:00
Fam Zheng 2cb5b22286 qapi: Introduce enum BlockJobType
This will replace the open coded block job type string for mirror,
commit and backup.

Signed-off-by: Fam Zheng <famz@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2013-10-11 10:52:54 +02:00
Fam Zheng 3fc4b10af0 blockjob: rename BlockJobType to BlockJobDriver
We will use BlockJobType as the enum type name of block jobs in QAPI,
rename current BlockJobType to BlockJobDriver, which will eventually
become a set of operations, similar to block drivers.

Signed-off-by: Fam Zheng <famz@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2013-10-11 10:52:54 +02:00
Anthony Liguori 39c153b80f QOM CPUState refactorings / X86CPU
* Fix for X86CPU model field of qemu32/qemu64 CPU models
 * Bug fix for longjmp on FreeBSD
 * Removal of unused function
 * Confinement of clone syscall infrastructure to linux-user
 -----BEGIN PGP SIGNATURE-----
 Version: GnuPG v2.0.19 (GNU/Linux)
 
 iQIcBAABAgAGBQJSVTKzAAoJEPou0S0+fgE/7tYP/i5dgm6q7jSnhJcwzgHlCHDE
 c0BTwnvFjdBdkuAARYb/soo0m9QWfsW/dgC4bG3rO5j3o84PLstMjiZSQch0pqM1
 YhA0hYSiFjHrMcRk9FOwIECPIe+QcHZ79iNML+9G4K13D7qg36aJWISbVOWy24Dp
 kj5D0wBBDNw032Oh/3z3EAK4U+vLc/+i4s8XjfwtbuBCCn7GMCE3mRnEqnf8ZX3o
 H3Il3h/o+I3XQSzIJKXXyJZ5ZVXTtlj0z/0ShQXe8o8u1hINXE2Nf9lB6WG/6sh0
 Y43d0uU/e9fWDer25j9yis9KfDNErgYyxlBMUA2X1+Rny5P0twjnnBr5GTAeKgSq
 Kcux8Ov7W8cbVoM/px03rnynF9rbFbgmGlx82L+QsNMKWhjnEsfs6unpccpGhHR5
 UuZX3ZPrmeHfjv0AZD/U2ya3jfrp0v+9gsTqy3QV1rCPbqPDcJ6jg8jzbPZYjEfa
 /Zy0e/0O3sytSyiaAfBg3MzVPBxdzPcn0JjExJQV9BHsUlkZIVCZVMfePw1oIaf+
 coyV4cT3hCe8LrSCzPZlRYP+1hIg41W4NicLbDxtS8lqgfRbcglvqw6NFdAM+NcB
 z3heQ7IFstQ+pEINXQNy6bS8orv8F1VVvCtZaV+2pzB4TZzjPYuGsrqygre4QkLU
 mtpN9BTfmSIjzyo6iYBv
 =hQfy
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'afaerber/tags/qom-cpu-for-anthony' into staging

QOM CPUState refactorings / X86CPU

* Fix for X86CPU model field of qemu32/qemu64 CPU models
* Bug fix for longjmp on FreeBSD
* Removal of unused function
* Confinement of clone syscall infrastructure to linux-user

# gpg: Signature made Wed 09 Oct 2013 03:40:51 AM PDT using RSA key ID 3E7E013F
# gpg: Can't check signature: public key not found

# By Andreas Färber (2) and others
# Via Andreas Färber
* afaerber/tags/qom-cpu-for-anthony:
  cpu: Drop cpu_model_str from CPU_COMMON
  cpu: Move cpu_copy() into linux-user
  cputlb: Remove dead function tlb_update_dirty()
  cpu-exec: Also reload CPUClass *cc after longjmp return in cpu_exec()
  target-i386: Set model=6 on qemu64 & qemu32 CPU models
2013-10-10 13:16:25 -07:00
Anthony Liguori e8f2f59aaf Merge remote-tracking branch 'amit/char-remove-watch-on-unplug' into staging
# By Amit Shah
# Via Amit Shah
* amit/char-remove-watch-on-unplug:
  char: remove watch callback on chardev detach from frontend
  char: use common function to disable callbacks on chardev close
  char: move backends' io watch tag to CharDriverState

Message-id: 20131004154802.GA25646@grmbl.mre
Signed-off-by: Anthony Liguori <aliguori@amazon.com>
2013-10-10 13:16:02 -07:00
Anthony Liguori 88b70e56b9 Merge remote-tracking branch 'otubo/seccomp' into staging
# By Eduardo Otubo
# Via Eduardo Otubo
* otubo/seccomp:
  seccomp: fine tuning whitelist by adding times()

Message-id: 1380047458-21673-1-git-send-email-otubo@linux.vnet.ibm.com
Signed-off-by: Anthony Liguori <aliguori@amazon.com>
2013-10-10 13:15:46 -07:00
Anthony Liguori e572398de1 Merge remote-tracking branch 'mcayland/qemu-openbios' into staging
* mcayland/qemu-openbios:
  Update OpenBIOS images

Signed-off-by: Anthony Liguori <aliguori@amazon.com>
2013-10-10 13:00:03 -07:00
Anthony Liguori f2c6bcfc2e Merge remote-tracking branch 'sstabellini/xen-2013-10-10' into staging
# By Matthew Daley (1) and Roger Pau Monné (1)
# Via Stefano Stabellini
* sstabellini/xen-2013-10-10:
  qemu/xen: make use of xenstore relative paths
  xen_disk: mark ioreq as mapped before unmapping in error case
2013-10-10 10:03:38 -07:00
Anthony Liguori 634ebf4b17 Merge remote-tracking branch 'bonzini/scsi-next' into staging
# By Asias He (1) and Peter Lieven (1)
# Via Paolo Bonzini
* bonzini/scsi-next:
  scsi: Allocate SCSITargetReq r->buf dynamically [CVE-2013-4344]
  block/iscsi: reenable iscsi_co_get_block_status

Message-id: 1381332391-8781-1-git-send-email-pbonzini@redhat.com
Signed-off-by: Anthony Liguori <aliguori@amazon.com>
2013-10-10 10:03:00 -07:00
Anthony Liguori c4ca690158 Update email address
Amazon is now funding my work as QEMU maintainer so update addresses
accordingly.

Signed-off-by: Anthony Liguori <aliguori@amazon.com>
2013-10-10 09:56:25 -07:00
Roger Pau Monné 33876dfad6 qemu/xen: make use of xenstore relative paths
Qemu has several hardcoded xenstore paths that are only valid on Dom0.
Attempts to launch a Qemu instance (to act as a userspace backend for
PV disks) will fail because Qemu is not able to access those paths
when running on a domain different than Dom0.

Instead make the xenstore paths relative to the domain where Qemu is
actually running.

Signed-off-by: Roger Pau Monné <roger.pau@citrix.com>
Signed-off-by: Stefano Stabellini <stefano.stabellini@eu.citrix.com>
Reviewed-by: Anthony PERARD <anthony.perard@citrix.com>
Cc: xen-devel@lists.xenproject.org
Cc: Anthony PERARD <anthony.perard@citrix.com>
2013-10-10 14:25:52 +00:00
Matthew Daley a76f48e533 xen_disk: mark ioreq as mapped before unmapping in error case
Commit 4472beae modified the semantics of ioreq_{un,}map so that they are
idempotent if called when they're not needed (ie., twice in a row). However,
it neglected to handle the case where batch mapping is not being used (the
default), and one of the grants fails to map. In this case, ioreq_unmap will
be called to unwind and unmap any mappings already performed, but ioreq_unmap
simply returns due to the aforementioned change (the ioreq has not already
been marked as mapped).

The frontend user can therefore force xen_disk to leak grant mappings, a
per-domain limited resource.

Fix by marking the ioreq as mapped before calling ioreq_unmap in this
situation.

Signed-off-by: Matthew Daley <mattjd@gmail.com>
Signed-off-by: Stefano Stabellini <stefano.stabellini@eu.citrix.com>
2013-10-10 14:23:45 +00:00
Asias He 846424350b scsi: Allocate SCSITargetReq r->buf dynamically [CVE-2013-4344]
r->buf is hardcoded to 2056 which is (256 + 1) * 8, allowing 256 luns at
most. If more than 256 luns are specified by user, we have buffer
overflow in scsi_target_emulate_report_luns.

To fix, we allocate the buffer dynamically.

Signed-off-by: Asias He <asias@redhat.com>
Tested-by: Michael Roth <mdroth@linux.vnet.ibm.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2013-10-09 17:24:18 +02:00
Anthony Liguori a107170537 Merge remote-tracking branch 'stefanha/block' into staging
# By Max Reitz (5) and others
# Via Stefan Hajnoczi
* stefanha/block:
  block: use correct filename
  qemu-iotests: Correct 026 output
  qcow2: Free allocated L2 cluster on error
  qcow2: Switch L1 table in a single sequence
  block: vhdx - add migration blocker
  block: use correct filename for error report
  qcow2: CHECK_OFLAG_COPIED is obsolete
  qcow2: Correct endianness in overlap check

Message-id: 1381145289-6591-1-git-send-email-stefanha@redhat.com
Signed-off-by: Anthony Liguori <anthony@codemonkey.ws>
2013-10-09 07:54:42 -07:00
Anthony Liguori 80dfc87394 Merge remote-tracking branch 'mjt/trivial-patches' into staging
# By Stefan Weil (5) and others
# Via Michael Tokarev
* mjt/trivial-patches:
  migration: Fix compiler warning ('caps' may be used uninitialized)
  util/path: Fix type which is longer than 8 bit for MinGW
  hw/9pfs: Fix errno value for xattr functions
  vl: Clean up unnecessary boot_order complications
  qemu-char: Fix potential out of bounds access to local arrays
  pci-ohci: Add missing 'break' in ohci_service_td
  sh4: Fix serial line access for Linux kernels later than 3.2
  hw/alpha: Fix compiler warning (integer constant is too large)
  target-i386: Fix compiler warning (integer constant is too large)
  block: Remove unused assignment (fixes warning from clang)
  exec: cleanup DEBUG_SUBPAGE
  tests: Fix schema parser test for in-tree build
  tests: Update .gitignore for test-int128 and test-bitops
  .gitignore: ignore tests/qemu-iotests/socket_scm_helper

Message-id: 1381051979-25742-1-git-send-email-mjt@msgid.tls.msk.ru
Signed-off-by: Anthony Liguori <anthony@codemonkey.ws>
2013-10-09 07:54:21 -07:00
Anthony Liguori 576e81be39 Merge remote-tracking branch 'rth/tcg-arm-pull' into staging
# By Richard Henderson
# Via Richard Henderson
* rth/tcg-arm-pull:
  tcg-arm: Move the tlb addend load earlier
  tcg-arm: Remove restriction on qemu_ld output register
  tcg-arm: Return register containing tlb addend
  tcg-arm: Move load of tlb addend into tcg_out_tlb_read
  tcg-arm: Use QEMU_BUILD_BUG_ON to verify constraints on tlb
  tcg-arm: Use strd for tcg_out_arg_reg64
  tcg-arm: Rearrange slow-path qemu_ld/st
  tcg-arm: Use ldrd/strd for appropriate qemu_ld/st64

Message-id: 1380663109-14434-1-git-send-email-rth@twiddle.net
Signed-off-by: Anthony Liguori <anthony@codemonkey.ws>
2013-10-09 07:52:57 -07:00
Anthony Liguori 9e8f8b1cd8 Merge remote-tracking branch 'sweil/mingw' into staging
# By Sebastian Ottlik
# Via Stefan Weil
* sweil/mingw:
  util: call socket_set_fast_reuse instead of setting SO_REUSEADDR
  slirp: call socket_set_fast_reuse instead of setting SO_REUSEADDR
  net: call socket_set_fast_reuse instead of setting SO_REUSEADDR
  gdbstub: call socket_set_fast_reuse instead of setting SO_REUSEADDR
  util: add socket_set_fast_reuse function which will replace setting SO_REUSEADDR

Message-id: 1380735690-24009-1-git-send-email-sw@weilnetz.de
Signed-off-by: Anthony Liguori <anthony@codemonkey.ws>
2013-10-09 07:52:21 -07:00
Anthony Liguori dfe2279975 Merge remote-tracking branch 'kraxel/chardev.8' into staging
# By Gerd Hoffmann
# Via Gerd Hoffmann
* kraxel/chardev.8:
  chardev: handle qmp_chardev_add(KIND_MUX) failure

Message-id: 1380708925-6721-1-git-send-email-kraxel@redhat.com
Signed-off-by: Anthony Liguori <anthony@codemonkey.ws>
2013-10-09 07:52:11 -07:00
Anthony Liguori ce079abb41 Merge remote-tracking branch 'sweil/tci' into staging
# By Stefan Weil
# Via Stefan Weil
* sweil/tci:
  misc: Use new rotate functions
  bitops: Add rotate functions (rol8, ror8, ...)
  tci: Add implementation of rotl_i64, rotr_i64

Message-id: 1380137693-3729-1-git-send-email-sw@weilnetz.de
Signed-off-by: Anthony Liguori <anthony@codemonkey.ws>
2013-10-09 07:51:23 -07:00
Peter Lieven 24c7608a5d block/iscsi: reenable iscsi_co_get_block_status
Commit f35c934a accidently disabled iscsi_co_get_block_status for all
libiscsi versions. Its not possible to check for enumeration constants
in the C preprocessor. This patch changes the check to the preprocessor
constant LIBISCSI_FEATURE_IOVECTOR which was introduced shortly after
get_lba_status support was added to libiscsi.

Signed-off-by: Peter Lieven <pl@kamp.de>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2013-10-09 10:43:42 +02:00
Dunrong Huang d4cea8dfb9 block: use correct filename
The content filename point to may be erased by qemu_opts_absorb_qdict()
in raw_open_common() in drv->bdrv_file_open()

So it's better to use bs->filename.

Signed-off-by: Dunrong Huang <riegamaths@gmail.com>
Reviewed-by: Max Reitz <mreitz@redhat.com>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2013-10-07 13:23:19 +02:00
Max Reitz 5c1fa87708 qemu-iotests: Correct 026 output
Because l2_allocate now frees the unused L2 cluster on error, the
according test cases in 026 don't result in one leaked cluster anymore.

Signed-off-by: Max Reitz <mreitz@redhat.com>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2013-10-07 13:23:19 +02:00
Max Reitz e3b21ef9e0 qcow2: Free allocated L2 cluster on error
If an error occurs in l2_allocate, the allocated (but unused) L2 cluster
should be freed.

Signed-off-by: Max Reitz <mreitz@redhat.com>
Reviewed-by: Benoit Canet <benoit@irqsave.net>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2013-10-07 13:23:19 +02:00
Andreas Färber 51fb256ab5 cpu: Drop cpu_model_str from CPU_COMMON
Since this is only read in cpu_copy() and linux-user has a global
cpu_model, drop the field from generic code.

Signed-off-by: Andreas Färber <afaerber@suse.de>
2013-10-07 11:48:47 +02:00
Andreas Färber 30ba0ee52d cpu: Move cpu_copy() into linux-user
It is only used there and is deemed very fragile if not incorrect in its
current memcpy() form. Moving it into linux-user will allow to move
parts into target_cpu.h headers and only copy what the ABI mandates.

Signed-off-by: Andreas Färber <afaerber@suse.de>
2013-10-07 11:48:39 +02:00
liguang 812586405c cputlb: Remove dead function tlb_update_dirty()
Signed-off-by: liguang <lig.fnst@cn.fujitsu.com>
Reviewed-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Andreas Färber <afaerber@suse.de>
2013-10-07 11:48:03 +02:00
Juergen Lock 6c78f29a24 cpu-exec: Also reload CPUClass *cc after longjmp return in cpu_exec()
Local variable CPUClass *cc needs to be reloaded after return from longjmp,
too.  (This fixes a mips-softmmu crash observed on FreeBSD when QEMU is
built with clang.)

Reported-by: Dimitry Andric <dim@FreeBSD.org>
Signed-off-by: Juergen Lock <nox@jelal.kn-bremen.de>
Signed-off-by: Andreas Färber <afaerber@suse.de>
2013-10-07 11:46:58 +02:00
Michael Tokarev 387eedebf6 migration: Fix compiler warning ('caps' may be used uninitialized)
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
Reviewed-by: Stefan Weil <sw@weilnetz.de>
2013-10-05 14:02:29 +04:00
Stefan Weil ddd23638d7 util/path: Fix type which is longer than 8 bit for MinGW
While dirent->d_type is 8 bit for most systems, it is 32 bit for MinGW.
Reducing it to 8 bit results in a compiler warning because the macro
is_dir_maybe compares that 8 bit value with 32 bit constants.

Using 'unsigned' instead of 'unsigned char' matches the declaration for
MinGW and does not harm the other systems.

MinGW-w64 is not affected: it does not declare d_type.

Signed-off-by: Stefan Weil <sw@weilnetz.de>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
2013-10-05 14:01:47 +04:00
Daniel P. Berrange 8af0020544 hw/9pfs: Fix errno value for xattr functions
If there is no operation driver for the xattr type the
functions return '-1' and set errno to '-EOPNOTSUPP'.
When the calling code sets 'ret = -errno' this turns
into a large positive number.

In Linux 3.11, the kernel has switched to using 9p
version 9p2000.L, instead of 9p2000.u, which enables
support for xattr operations. This on its own is harmless,
but for another change which makes it request the xattr
with a name 'security.capability'.

The result is that the guest sees a succesful return
of 95 bytes of data, instead of a failure with errno
set to 95. Since the kernel expects a maximum of 20
bytes for an xattr return this gets translated to the
unexpected errno ERANGE.

This all means that when running a binary off a 9p fs
in 3.11 kernels you get a fun result of:

  # ./date
  sh: ./date: Numerical result out of range

The only workaround is to pass 'version=9p2000.u' when
mounting the 9p fs in the guest, to disable all use of
xattrs.

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
Reviewed-by: Aneesh Kumar K.V <aneesh.kumar@linux.vnet.ibm.com>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
2013-10-05 13:05:28 +04:00
Markus Armbruster e3fdc535f2 vl: Clean up unnecessary boot_order complications
Messed up in commit 8281abd.

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
2013-10-05 13:05:28 +04:00
Stefan Weil 49aa4058ac qemu-char: Fix potential out of bounds access to local arrays
Latest gcc-4.8 supports a new option -fsanitize=address which activates
an AddressSanitizer. This AddressSanitizer stops the QEMU system emulation
very early because two character arrays of size 8 are potentially written
with 9 bytes.

Commit 6ea314d914 added the code.

There is no obvious reason why width or height could need 8 characters,
so reduce it to 7 characters which together with the terminating '\0'
fit into the arrays.

Cc: qemu-stable <qemu-stable@nongnu.org>
Signed-off-by: Stefan Weil <sw@weilnetz.de>
Reviewed-by: Alex Bennée <alex@bennee.com>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
2013-10-05 13:05:15 +04:00
Mark Cave-Ayland ad98acb9b1 Update OpenBIOS images
Update OpenBIOS images to SVN r1229 built from submodule.

Signed-off-by: Mark Cave-Ayland <mark.cave-ayland@ilande.co.uk>
2013-10-03 00:04:20 +01:00
Ján Veselý 4b351a0f21 pci-ohci: Add missing 'break' in ohci_service_td
Device communication errors need to be reported to driver.
Add a debug message while at it.

Signed-off-by: Jan Vesely <jano.vesely@gmail.com>
Acked-by: Gerd Hoffmann <kraxel@gmail.com>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
2013-10-02 22:55:28 +04:00
Guenter Roeck 84faf7c392 sh4: Fix serial line access for Linux kernels later than 3.2
With Linux kernel version 3.3 or later, qemu fails with the following message:

sh_serial: unsupported read from 0x18
  Aborted

Reported-and-analyzed-by: Rob Landley <rob@landley.net>
Signed-off-by: Guenter Roeck <linux@roeck-us.net>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
2013-10-02 22:55:28 +04:00
Stefan Weil 9b2caaf40b hw/alpha: Fix compiler warning (integer constant is too large)
From buildbot default_i386_rhel61:

  CC    alpha-softmmu/hw/alpha/typhoon.o
hw/alpha/typhoon.c: In function 'typhoon_translate_iommu':
hw/alpha/typhoon.c:703: warning: integer constant is too large for 'long' type
hw/alpha/typhoon.c:703: warning: integer constant is too large for 'long' type

Signed-off-by: Stefan Weil <sw@weilnetz.de>
Acked-by: Richard Henderson <rth@twiddle.net>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
2013-10-02 22:55:28 +04:00
Stefan Weil 00fdef6586 target-i386: Fix compiler warning (integer constant is too large)
From buildbot default_i386_rhel61:

  CC    i386-softmmu/target-i386/arch_memory_mapping.o
target-i386/arch_memory_mapping.c: In function 'walk_pde':
target-i386/arch_memory_mapping.c:110: warning:
 integer constant is too large for 'long' type

Signed-off-by: Stefan Weil <sw@weilnetz.de>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
2013-10-02 22:55:28 +04:00
Stefan Weil 3a6f270326 block: Remove unused assignment (fixes warning from clang)
blockdev.c:1929:13: warning: Value stored to 'ret' is never read
            ret = 0;
            ^     ~

Signed-off-by: Stefan Weil <sw@weilnetz.de>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
2013-10-02 22:55:28 +04:00
Amos Kong 016e9d62fe exec: cleanup DEBUG_SUBPAGE
Touched some error after enabling DEBUG_SUBPAGE.

Signed-off-by: Amos Kong <akong@redhat.com>
Reviewed-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
2013-10-02 22:55:28 +04:00
Markus Armbruster d8039e58b1 tests: Fix schema parser test for in-tree build
Commit 4f193e3 added the test, but screwed up in-tree builds
(SRCDIR=.): the tests's output overwrites the expected output, and is
thus compared to itself.

Cc: qemu-stable@nongnu.org
Reported-by: Laszlo Ersek <lersek@redhat.com>
Reviewed-by: Andreas Färber <afaerber@suse.de>
Reviewed-by: Laszlo Ersek <lersek@redhat.com>
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
2013-10-02 22:55:27 +04:00