Commit Graph

42674 Commits

Author SHA1 Message Date
Peter Maydell c3626ca7df Update version for v2.5.0-rc3 release
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2015-12-07 17:47:40 +00:00
Markus Armbruster ba306c7a55 sd: Mark brittle abuse of blk_attach_dev() FIXME
blk_attach_dev() fails here only when we're working for device
"sdhci-pci" (which already attached the backend), and then we don't
want to attach a second time.  If we ever create another failure mode,
we're setting up ourselves to using the same backend from multiple
frontends, which is likely to end in tears.  Can't clean this up this
close to the release, so mark it FIXME.

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Message-id: 1449503710-3707-3-git-send-email-armbru@redhat.com
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2015-12-07 17:13:10 +00:00
Markus Armbruster 79f2170789 sdhci: Sanitize "sdhci-pci" properties for future qomification
We currently fuse controller and card into a single device model, but
we intend qomify things properly and separate the two.  The properties
that really belong to the card would then have to somehow pass-through
to the card's properties.  To avoid that complication, either mark
them experimental or drop them.

Properties "capareg", "maxcurr" and the usual PCI device properties
belong to the controller.  Property "drive" belongs to the card;
rename it to "x-drive".  Properties "logical_block_size",
"physical_block_size", "min_io_size", "opt_io_size",
"discard_granularity" belong to the card, but have no effect; drop
them.

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Message-id: 1449503710-3707-2-git-send-email-armbru@redhat.com
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2015-12-07 17:13:10 +00:00
Fam Zheng a616fb75c2 virtio-blk: Drop x-data-plane option
The official way of enabling dataplane is through the "iothread"
property that references an iothread object created by "-object
iothread".  Since the old "x-data-plane=on" way now even crashes, it's
probably easier to just drop it:

$ qemu-system-x86_64 -drive file=null-co://,id=d0,if=none \
    -device virtio-blk-pci,drive=d0,x-data-plane=on

ERROR:/home/fam/work/qemu/qom/object.c:1515:
object_get_canonical_path_component: assertion failed: (obj->parent != NULL)
Aborted

Signed-off-by: Fam Zheng <famz@redhat.com>
Message-id: 1449485967-19240-1-git-send-email-famz@redhat.com
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2015-12-07 16:47:16 +00:00
Peter Maydell 84942979de -----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
 
 iQEcBAABAgAGBQJWZZJPAAoJEO8Ells5jWIRmp0H/26aFXVEgZykkUVNbqq05r7w
 AI7podQlFOAESJHqZtR8FMaH8TAZ5GhphP4pn0PsWp54VjwcYZbdoME+dhZ4Elyc
 WDanRHIweLv/zVg6+M8oHhw5GMaxtFLoLWrf0oanbUW9IZZmmM3COz/Y31hSVrR2
 EzEJi1VZZhpMj3ibeOJns4MrugYrne8MtOdvusE/Uw2rJBTiStnWw1eTk8RmkNcg
 5un1mQZxFU2AcNzmWdmWJmjY0rCnR3HhtTdZOwjM6uZGIJ9hbsItGzqiGadBfozI
 fUtIa2HZahioe0VIzoB0snXnAuhV1jA0Uy18i04dPvgQOmiVSRjQNE2/lwQflyE=
 =Pad3
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/jasowang/tags/net-pull-request' into staging

# gpg: Signature made Mon 07 Dec 2015 14:06:07 GMT using RSA key ID 398D6211
# gpg: Good signature from "Jason Wang (Jason Wang on RedHat) <jasowang@redhat.com>"
# gpg: WARNING: This key is not certified with sufficiently trusted signatures!
# gpg:          It is not certain that the signature belongs to the owner.
# Primary key fingerprint: 215D 46F4 8246 689E C77F  3562 EF04 965B 398D 6211

* remotes/jasowang/tags/net-pull-request:
  lan9118: log and ignore access to invalid registers, rather than aborting
  lan9118: fix emulation of MAC address loaded bit in E2P_CMD register
  vmxnet3: silence warning
  pcnet: fix rx buffer overflow(CVE-2015-7512)
  net: pcnet: add check to validate receive data size(CVE-2015-7504)
  e1000: fix hang of win2k12 shutdown with flood ping

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2015-12-07 14:18:31 +00:00
Andrew Baumann 52b4bb7383 lan9118: log and ignore access to invalid registers, rather than aborting
With this change, access to invalid/unimplemented device registers are
logged as a "guest error" rather than aborting qemu with
hw_error. This enables drivers for similar devices (e.g. SMSC 9221),
by simply ignoring the unimplemented writes. It's also closer to what
real hardware does.

Signed-off-by: Andrew Baumann <Andrew.Baumann@microsoft.com>
Signed-off-by: Jason Wang <jasowang@redhat.com>
2015-12-07 21:43:48 +08:00
Andrew Baumann 12fdd928c8 lan9118: fix emulation of MAC address loaded bit in E2P_CMD register
There appears to have been a longstanding typo in the implementation
of the "MAC address loaded" bit in the E2P_CMD (EEPROM command)
register. The code was using 0x10, but the controller spec says it
should be bit 8 (0x100).

Signed-off-by: Andrew Baumann <Andrew.Baumann@microsoft.com>
Signed-off-by: Jason Wang <jasowang@redhat.com>
2015-12-07 21:43:48 +08:00
Michael S. Tsirkin 6a9c647095 vmxnet3: silence warning
vmxnet3 always produces a warning under qtest.

This is not a user error, don't warn.

Suggested-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Jason Wang <jasowang@redhat.com>
2015-12-07 21:43:48 +08:00
Jason Wang 8b98a2f071 pcnet: fix rx buffer overflow(CVE-2015-7512)
Backends could provide a packet whose length is greater than buffer
size. Check for this and truncate the packet to avoid rx buffer
overflow in this case.

Cc: Prasad J Pandit <pjp@fedoraproject.org>
Cc: qemu-stable@nongnu.org
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Jason Wang <jasowang@redhat.com>
2015-12-07 21:43:48 +08:00
Prasad J Pandit 837f21aacf net: pcnet: add check to validate receive data size(CVE-2015-7504)
In loopback mode, pcnet_receive routine appends CRC code to the
receive buffer. If the data size given is same as the buffer size,
the appended CRC code overwrites 4 bytes after s->buffer. Added a
check to avoid that.

Reported by: Qinghao Tang <luodalongde@gmail.com>
Cc: qemu-stable@nongnu.org
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Prasad J Pandit <pjp@fedoraproject.org>
Signed-off-by: Jason Wang <jasowang@redhat.com>
2015-12-07 21:43:48 +08:00
Denis V. Lunev 9596ef7c7b e1000: fix hang of win2k12 shutdown with flood ping
e1000 driver in Win2k12 is really well rotten. It 100% hangs on shutdown
of UP VM under flood ping. The guest checks card state and reinjects
itself interrupt in a loop. This is fatal for UP machine.

There is no good way to fix this misbehavior but to kludge it. The
emulation has interrupt throttling register aka ITR which limits
interrupt rate and allows the guest to proceed this phase.
There is no problem with this kludge for Linux guests - it adjust the
value of it itself.

On the other hand according to the initial research in
    commit e9845f0985
    Author: Vincenzo Maffione <v.maffione@gmail.com>
    Date:   Fri Aug 2 18:30:52 2013 +0200

    e1000: add interrupt mitigation support

    ...

    Interrupt mitigation boosts performance when the guest suffers from
    an high interrupt rate (i.e. receiving short UDP packets at high packet
    rate). For some numerical results see the following link
    http://info.iet.unipi.it/~luigi/papers/20130520-rizzo-vm.pdf

this should also boost performance a bit.

See https://bugzilla.redhat.com/show_bug.cgi?id=874406 for additional
details.

Signed-off-by: Denis V. Lunev <den@openvz.org>
CC: Vincenzo Maffione <v.maffione@gmail.com>
CC: Stefan Hajnoczi <stefanha@redhat.com>
Signed-off-by: Jason Wang <jasowang@redhat.com>
2015-12-07 21:43:43 +08:00
Peter Maydell a5582eac15 QOM infrastructure fixes and device conversions
* Documentation update
 * qom-test and related fixes
 -----BEGIN PGP SIGNATURE-----
 Version: GnuPG v2
 
 iQIcBAABAgAGBQJWYdNvAAoJEPou0S0+fgE/uroP/0I96lSIBzxmnw1WIXZgpDKF
 6y1sVEIEDAhkfWQkSOzvCZ0Er0rdh8621P5Jhj9707NMfK7271SocZK6N26ajECp
 FupZ+ZixKenMjGgTPJfsIVdzgxgA84O8D6DL6hOT3xK97viRGsomcaBUtQkJ1ASH
 HXjRCWHM006Q8DIMn9nPgDXCm+fr4EdXzARdpof5T074EBHunj3JLSL/MflqGxKT
 zC/KQ0sryZlrQaWJqfwj4VcjIkUROlJzuCt3XrVzQqwq7rhu5MBaXCApRD+jcMXI
 GnLZZUkW+/hLlDqnN5e4ARqXFIsf7Ugi6art5Bzwr5VlSGkf/Ts9UxAuOIW4fQoT
 D9pvHn+LdKlmLBP+7HYkWBZRZx8P+I01AoppG1hvjNZ9vhVtSteZrLPr/B5YnySZ
 XA6TRdFnXmWg0i8fzBDWQLLiNSDXtCW3GSg1uSQeWBbUsYi6HZ88yCbiesiQXVPh
 KqYYMF0lioAF5kp48Stw8rXs49jhZ1I3cTQ+2OKuUDXuEOaPKiRMUpF2mXZjn0Is
 37fWJzGEUWirjfGN2AuhFpv/EtTbXd2TO4OeyAPy74D1eNv/iARqsFeQ+oxMZWVp
 5POt6Hur1a5u+08J5lrtFxpCaj/d7w4ShgTsuGuk6tLgnU1VB/3kuCZzXfxOAVrX
 Nh9lmq9BiqI85KA1oWVD
 =LRWp
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/afaerber/tags/qom-devices-for-peter' into staging

QOM infrastructure fixes and device conversions

* Documentation update
* qom-test and related fixes

# gpg: Signature made Fri 04 Dec 2015 17:54:55 GMT using RSA key ID 3E7E013F
# gpg: Good signature from "Andreas Färber <afaerber@suse.de>"
# gpg:                 aka "Andreas Färber <afaerber@suse.com>"

* remotes/afaerber/tags/qom-devices-for-peter:
  qom-test: Fix qmp() leaks
  tests: Use proper functions types instead of void (*fn)
  qom: Update documentation comment of struct Object
  tests: Fix check-report-qtest-% target

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2015-12-04 18:11:40 +00:00
Marc-André Lureau 0d2cd785ef qom-test: Fix qmp() leaks
Before this patch ASAN reported:
SUMMARY: AddressSanitizer: 677165875 byte(s) leaked in 1272437 allocation(s)

After this patch:
SUMMARY: AddressSanitizer: 465 byte(s) leaked in 32 allocation(s)

Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Message-Id: <1448551895-871-1-git-send-email-marcandre.lureau@redhat.com>
[Straightforwardly rebased onto the previous patch]
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Signed-off-by: Andreas Färber <afaerber@suse.de>
2015-12-04 18:29:31 +01:00
Markus Armbruster 041088c719 tests: Use proper functions types instead of void (*fn)
We have several function parameters declared as void (*fn).  This is
just a stupid way to write void *, and the only purpose writing it
like that could serve is obscuring the sin of bypassing the type
system without need.

The original sin is commit 49ee359: its qtest_add_func() is a wrapper
for g_test_add_func().  Fix the parameter type to match
g_test_add_func()'s.  This uncovers type errors in ide-test.c; fix
them.

Commit 7949c0e faithfully repeated the sin for qtest_add_data_func().
Fix it the same way, along with a harmless type error uncovered in
vhost-user-test.c.

Commit 063c23d repeated it for qtest_add_abrt_handler().  The screwy
parameter gets assigned to GHook member func, so change its type to
match.  Requires wrapping kill_qemu() to keep the type checker happy.

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
[AF/armbru: Inline GTestFunc/GTestDataFunc typedef for old GLib]
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Signed-off-by: Andreas Färber <afaerber@suse.de>
2015-12-04 18:25:42 +01:00
Peter Maydell 61e3aa25b1 trivial patches for 2015-12-04
-----BEGIN PGP SIGNATURE-----
 Version: GnuPG v1
 
 iQEcBAABAgAGBQJWYTVXAAoJEL7lnXSkw9fbrMUH/1HGP6+Rki8Q9yATYiYyxaE+
 BLHXwUEVpN+zlH98MW5Ezoj9UJrJg6OE+vhmiOpf09Qe1oGRwzMLwm5VsgA00/B5
 aGfGx3Ao7jG5aNNCOyeBVFRZED3j56ieMTe2EponpQiA8fV8itta90nIbfTRVP+J
 9FRAUriKpeVJaYyGR77+aHELQS9q6eTlJ5w9FxsxAhy1FzT5BrE2VWye+sn83/eT
 SQnDEy8UXupNN6Gr2GS7RgfoLrJiZ8VM3EHv3FIRIMDXZkXmW49WeNo+AmN6krPM
 Gwgl4HCbzjTlHWBlehFGa2McxczfcQiAMpoT7gm6Anf0w09BO9+Oh3smfFvePEw=
 =3qeW
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/mjt/tags/pull-trivial-patches-2015-12-04' into staging

trivial patches for 2015-12-04

# gpg: Signature made Fri 04 Dec 2015 06:40:23 GMT using RSA key ID A4C3D7DB
# gpg: Good signature from "Michael Tokarev <mjt@tls.msk.ru>"
# gpg:                 aka "Michael Tokarev <mjt@corpit.ru>"
# gpg:                 aka "Michael Tokarev <mjt@debian.org>"

* remotes/mjt/tags/pull-trivial-patches-2015-12-04:
  bt: check struct sizes
  typedefs: Put them back into alphabetical order
  scsi: remove scsi_req_free prototype
  gt64xxx: fix decoding of ISD register
  configure: use appropriate code fragment for -fstack-protector checks
  crypto: avoid two coverity false positive error reports
  configure: Diagnose broken linkers directly
  bt: avoid unintended sign extension
  util/id: fully allocate names table

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2015-12-04 10:55:03 +00:00
Peter Maydell f33d046d23 ppc patch queue for 2.5 2015-12-04
This contains some last minute QOM behaviour fixes from Markus
 Armbruster.
 -----BEGIN PGP SIGNATURE-----
 Version: GnuPG v1
 
 iQIcBAABAgAGBQJWYTYqAAoJEGw4ysog2bOSJUAQAKFxBs0QMmW/1NWlFAhHqbFN
 yMaG996TiHScVORI0GF7HdxCywNuVz+sNgPiWIxQRd6Lpp0ENZfMyZOvfLjCrjUW
 GAIWwaBrY+ysGpiUdSuyIwuf+OVOILpnWlCX8m9D0qV9nfiVMCfgt/aG88g5q9Ow
 MGaJgBrSSiHITtaBoVJfHvwryLQMv605PZrU9s7xX4qFvMgvGoIKvTi1Ar+eaKw2
 xURBu7SKW5Iu6GhZCuwt3tu4AilJsasPVKFbCNzcol+Rv8yBInrE6TbRvj92kgDt
 8leqLQQAdNgXx/ZUx/eZ5SNo0Y1AjjjECsRwmf3pZbeErQ8Rd24tTplPDwEaRDbW
 maDAUEcymGa4FVYHSvBD51BwWzaPxiOZE6dd+id1QRjrINNJLt8NkvUobS6y5G0s
 o66F/0k83h8QnjS4UJOLPQ2moDm38cCpOHhDE86AyrIS6C6n39FYDaPDxOneR7fT
 CyXJ5VfsH+DvRZWHcaSxceu4Nnk6QBaQnrAS0xbGLmqD2NOlP7OwGEyhWpUzHTav
 ihom6ktASbt1BtSNvdcSnUnyN1a3vwrOalMapCqMnqVf2+/aVoeL4+RiVnDXsqqw
 AvvS+MM/qeaVvb8r0bd3YO5yPlMCgP5pGhOog9A63yPOOWdHY6e+zgmefdI10SHw
 rSsqkjAK6OuVOQFZqGrL
 =SaYM
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/dgibson/tags/ppc-for-2.5-20151204' into staging

ppc patch queue for 2.5 2015-12-04

This contains some last minute QOM behaviour fixes from Markus
Armbruster.

# gpg: Signature made Fri 04 Dec 2015 06:43:54 GMT using RSA key ID 20D9B392
# gpg: Good signature from "David Gibson <david@gibson.dropbear.id.au>"
# gpg:                 aka "David Gibson (Red Hat) <dgibson@redhat.com>"
# gpg:                 aka "David Gibson (ozlabs.org) <dgibson@ozlabs.org>"
# gpg: WARNING: This key is not certified with sufficiently trusted signatures!
# gpg:          It is not certain that the signature belongs to the owner.
# Primary key fingerprint: 75F4 6586 AE61 A66C C44E  87DC 6C38 CACA 20D9 B392

* remotes/dgibson/tags/ppc-for-2.5-20151204:
  spapr_drc: Change value of property "fdt" from null back to {}
  spapr_drc: Make device "spapr-dr-connector" unavailable with -device
  spapr_drc: Handle visitor errors properly

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2015-12-04 09:49:28 +00:00
Paolo Bonzini 98475746b3 bt: check struct sizes
See http://permalink.gmane.org/gmane.linux.bluez.kernel/36505.  For historical
reasons these do not use sizeof, and Coverity caught a mistake in
EVT_ENCRYPT_CHANGE_SIZE.

In addition:

- remove status from create_conn_cancel_cp; the "status" field is only
in rp structs.  Note that this means that the OCF_CREATE_CONN_CANCEL
could never have worked (it would have failed the LENGTH_CHECK), but
I am keeping it anyway.

- OCF_READ_LINK_QUALITY similarly could never have worked, but I am
fixing read_link_quality_cp anyway.

- fix inquiry_info which is shorter by one: the kernel has a struct that
is 14 byte long, but not counting the initial num_responses byte which
the kernel parses separately;

- remove extended_inquiry_info altogether, since it's not used and unlike
the other inquiry structs does not have the initial num_responses byte.

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
2015-12-04 09:39:55 +03:00
Markus Armbruster 2988cbeaf9 typedefs: Put them back into alphabetical order
"Please keep this list in alphabetical order" has been more honoured
in the breach than in the observance.  Clean up.

While there, drop a redundant struct declaration.

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
2015-12-04 09:39:55 +03:00
Hervé Poussineau 8ea9900330 scsi: remove scsi_req_free prototype
Function has been deleted in ad2d30f79d.

Signed-off-by: Hervé Poussineau <hpoussin@reactos.org>
Reviewed-by: Fam Zheng <famz@redhat.com>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
2015-12-04 09:39:55 +03:00
Paolo Bonzini 63fc7375d6 gt64xxx: fix decoding of ISD register
The GT64xxx's internal registers can be placed above the first 4 GiB
in the address space, but not above the first 64 GiB.  Correctly cast
the register to a 64-bit integer, and mask away bits above bit 35.

Datasheet at http://pdf.datasheetarchive.com/datasheetsmain/Datasheets-33/DSA-655889.pdf
(bug reported by Coverity).

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
2015-12-04 09:39:55 +03:00
Rodrigo Rebello fccd35a046 configure: use appropriate code fragment for -fstack-protector checks
The check for stack-protector support consisted in compiling and linking
the test program below (output by function write_c_skeleton()) with the
compiler flag -fstack-protector-strong first and then with
-fstack-protector-all if the first one failed to work:

  int main(void) { return 0; }

This caused false positives when using certain toolchains in which the
compiler accepted -fstack-protector-strong but no support was provided
by the C library, since for this stack-protector variant the compiler
emits canary code only for functions that meet specific conditions
(local arrays, memory references to local variables, etc.) and the code
fragment under test included none of them (hence no stack protection
code generated, no link failure).

This fix changes the test program used for -fstack-protector checks to
include a function that meets conditions which cause the compiler to
generate canary code in all variants.

Signed-off-by: Rodrigo Rebello <rprebello@gmail.com>
Reviewed-by: Markus Armbruster <armbru@redhat.com>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
2015-12-04 09:39:55 +03:00
Daniel P. Berrange 0e1d02452b crypto: avoid two coverity false positive error reports
In qcrypto_tls_creds_get_path() coverity complains that
we are checking '*creds' for NULL, despite having
dereferenced it previously. This is harmless bug due
to fact that the trace call was too early. Moving it
after the cleanup gets the desired semantics.

In qcrypto_tls_creds_check_cert_key_purpose() coverity
complains that we're passing a pointer to a previously
free'd buffer into gnutls_x509_crt_get_key_purpose_oid()
This is harmless because we're passing a size == 0, so
gnutls won't access the buffer, but rather just report
what size it needs to be. We can avoid it though by
explicitly setting the buffer to NULL after free'ing
it.

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
2015-12-04 09:39:55 +03:00
Peter Maydell 0ef74c7496 configure: Diagnose broken linkers directly
Currently if the user's compiler works for creating .o files but
their linker is broken such that compiling an executable from a
C file does not work, we will report a misleading error message
about the compiler not supporting __thread (since that happens
to be the first test we run which requires a working linker).
Explicitly check that compile_prog works as well as compile_object,
so that people whose toolchain setup is broken get a more helpful
error message.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
2015-12-04 09:39:55 +03:00
Paolo Bonzini e0df8f18f7 bt: avoid unintended sign extension
In the case of a 4-byte length, shifting a value by 24 may cause
an unintended sign extension when converting from int to size_t.
Use a uint32_t variable instead.

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Reviewed-by: Markus Armbruster <armbru@redhat.com>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
2015-12-04 09:39:55 +03:00
John Snow 624533e5a5 util/id: fully allocate names table
Trivial: this array should be allocated to have ID_MAX entries always.
Otherwise if someone were to forget to expand this table, the assertion
in the id generator won't actually trigger; it will read junk data.

Signed-off-by: John Snow <jsnow@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Reviewed-by: Jeff Cody <jcody@redhat.com>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
2015-12-04 09:39:55 +03:00
Markus Armbruster ab8bf1d735 spapr_drc: Change value of property "fdt" from null back to {}
prop_get_fdt() misuses the visitor API: when fdt is null, it doesn't
visit anything.  object_property_get_qobject() happily
object_property_get_qobject().  Amazingly, the latter survives the
misuse.  Turns out we've papered over it long before prop_get_fdt()
existed, in commit 1d10b44.

However, commit 6c2f9a1 changed how we paper over it, and as a side
effect changed qom-get's value from {} to null.  Change it right back
by fixing the visitor misuse.

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
2015-12-04 16:50:59 +11:00
Markus Armbruster c401ae8c9c spapr_drc: Make device "spapr-dr-connector" unavailable with -device
It should only be created via spapr_dr_connector_new().  Attempting to
create it with -device crashes.

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
2015-12-04 10:56:29 +11:00
Markus Armbruster c75304a139 spapr_drc: Handle visitor errors properly
Since prop_get_fdt() is only used with QmpOutputVisitor, errors
shouldn't actually happen, so this is only a latent bug.

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
2015-12-04 10:56:29 +11:00
Cao jin 70ae0b6d0e qom: Update documentation comment of struct Object
It doesn't have "GSList *interfaces" anymore, drop the paragraph.

Signed-off-by: Cao jin <caoj.fnst@cn.fujitsu.com>
Signed-off-by: Andreas Färber <afaerber@suse.de>
2015-12-03 20:10:22 +01:00
Andreas Färber b5e62af8aa tests: Fix check-report-qtest-% target
Commit e253c28 ("tests: Fix how qom-test is run") introduced
$(qtest-generic-y) and used it for check-qtest-% target, but did not
update check-report-qtest-%. This causes check-report-qtest-aarch64.xml
target to fail with a gtester usage error for lack of test arguments.

Fix this by adding $(qtest-generic-y) in check-report-qtest-%.
Also add it in check-clean target, spotted by Markus.

Reviewed-by: Markus Armbruster <armbru@redhat.com>
Signed-off-by: Andreas Färber <afaerber@suse.de>
2015-12-03 20:07:05 +01:00
Prasad J Pandit 4c65fed8bd ui: vnc: avoid floating point exception
While sending 'SetPixelFormat' messages to a VNC server,
the client could set the 'red-max', 'green-max' and 'blue-max'
values to be zero. This leads to a floating point exception in
write_png_palette while doing frame buffer updates.

Reported-by: Lian Yihan <lianyihan@360.cn>
Signed-off-by: Prasad J Pandit <pjp@fedoraproject.org>
Reviewed-by: Gerd Hoffmann <kraxel@redhat.com>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2015-12-03 13:34:50 +00:00
Peter Maydell efdeb96c5a -----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
 
 iQEcBAABAgAGBQJWX8xEAAoJEJykq7OBq3PIY+YH/0fhpy2S0G2LtfjYX3522Q81
 3SsIC+4934+SkGLkQflnNsy8HPKvqQndkV+5FEqbzUTwJ1kjixyKapfpLyA0tvbm
 +uxvC1Mn91nVfqlfh3zwGOqprcEwPvXtfIyeOlfeq+6m72fDLWUakIwzAfNGWeV8
 REc3j2yTEw2esRPKau5kP1q3taN7w6UvIx9I8g1/cbnq89ca0ici/+AhBz/XGGb1
 gTlxtBoVWfH+k0kO2rqhZt+RLi7u22cmtPOywOTuqIt3HEYgFdaaf6S0UcZ+mgno
 CNf0hhbHuMhBCgWvXcGXDssFrI2GoSl8hEuTBbLHyOSFSHZ8pfRLFmoFuZzXW0c=
 =TtA6
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/stefanha/tags/block-pull-request' into staging

# gpg: Signature made Thu 03 Dec 2015 04:59:48 GMT using RSA key ID 81AB73C8
# gpg: Good signature from "Stefan Hajnoczi <stefanha@redhat.com>"
# gpg:                 aka "Stefan Hajnoczi <stefanha@gmail.com>"

* remotes/stefanha/tags/block-pull-request:
  iotests: Add regresion test case for write notifier assertion failure
  iotests: Add "add_drive_raw" method
  block: Don't wait serialising for non-COR read requests
  iothread: include id in thread name

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2015-12-03 11:08:43 +00:00
Peter Maydell eab0ebc7fe migration/next for 20151203
-----BEGIN PGP SIGNATURE-----
 Version: GnuPG v1
 
 iQIcBAABCAAGBQJWX3xuAAoJEPSH7xhYctcj9TMP/2zV51BQtlDYACAiMGQy028I
 bpY/oNlq0zNeNAGoTe9cGsYsEF5PUx5iPLZiFKnfkcL7zLeHX4O5WW+NlZTUF8LP
 ZaJg8Qq9rheTCv6Mgd7VKyRfbSR21FBYouOxIp0MMgoABlFNOeDWQczQSdi/AiYt
 glq9uMan3pxky3vxyfDxVTpvIi/wSfa6VviJMW15wsabflUTu+owieivMtlXby5u
 sGEvJYINVJOz0KwdXP6mYmPBhbPZHuu1Df6pnrXWbc2U4CqR0vortiZ0fynYAFiQ
 iFJNkJgq+FpUQciKa2x9ERKi6D+E2r48N72R/DlGOB1ICIpexoPryxlvV+dla1hR
 DYJAr8wpZpltcpx4/XDagY155Mllxg+/pX28f0yVQi5CHDgcqlEC1a/h9Jjvdm0p
 kP7lt4eCKmXmcjpgh7ofRrHDdyXzujiyleykaoPfrUqD8Vxa6/hfnPJ4Kf7vZU+U
 6O1J2CGjhYMb2fHoeh459Kzb8Z9W3l2YxLVY86LcHIheMBuoP/tij8oTVDHnfr0Q
 NyG9z6aS1+Rcrq1+c31zOl3Q1AOki4aJimW2Vw/Oh3YTjCIrtQlzjNM8DZOMrku8
 Z//KZsr39Pjpfv+T+TyxbMqaZzDn03Mlu7MwWG6ee6Gc21zlZ773YNJLduIjDkZc
 oPRPvMIhBOn2d56hr6bd
 =Vo4/
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/juanquintela/tags/migration/20151203' into staging

migration/next for 20151203

# gpg: Signature made Wed 02 Dec 2015 23:19:10 GMT using RSA key ID 5872D723
# gpg: Good signature from "Juan Quintela <quintela@redhat.com>"
# gpg:                 aka "Juan Quintela <quintela@trasno.org>"

* remotes/juanquintela/tags/migration/20151203:
  migration: do floating-point division
  migration: Clean up use of g_poll() in socket_writev_buffer()

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2015-12-03 10:43:43 +00:00
Fam Zheng 9cc0f19de2 iotests: Add regresion test case for write notifier assertion failure
The idea is to let the top level bs have a big request alignment with
blkdebug, so that the aio_write request issued from monitor will be
serialised. This tests that QEMU doesn't crash upon the read request
from the backup job's write notifier, which is a very special case of
"reentrant" request.

Signed-off-by: Fam Zheng <famz@redhat.com>
Message-id: 1448962590-2842-4-git-send-email-famz@redhat.com
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2015-12-03 11:08:07 +08:00
Fam Zheng 78b666f46b iotests: Add "add_drive_raw" method
This offers full manual control over the "-drive" options.

Signed-off-by: Fam Zheng <famz@redhat.com>
Message-id: 1448962590-2842-3-git-send-email-famz@redhat.com
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2015-12-03 11:08:07 +08:00
Fam Zheng 61408b250e block: Don't wait serialising for non-COR read requests
The assertion problem was noticed in 06c3916b35, but it wasn't
completely fixed, because even though the req is not marked as
serialising, it still gets serialised by wait_serialising_requests
against other serialising requests, which could lead to the same
assertion failure.

Fix it by even more explicitly skipping the serialising for this
specific case.

Signed-off-by: Fam Zheng <famz@redhat.com>
Message-id: 1448962590-2842-2-git-send-email-famz@redhat.com
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2015-12-03 11:08:07 +08:00
Paolo Bonzini d21e8776f6 iothread: include id in thread name
This makes it easier to find the desired thread.  Use "IO" plus the id;
even with the 14 character limit on the thread name, enough of the id should
be readable (e.g. "IO iothreadNNN" with three characters for the number).

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Reviewed-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
Message-id: 1448372804-5034-1-git-send-email-pbonzini@redhat.com
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2015-12-03 11:08:01 +08:00
Peter Maydell ec1b9aa89d virtio,vhost,mmap fixes for 2.5
vhost test patches to fix the travis build
 virtio ccw patch to fix virtio 1
 virtio pci patch to fix pci express
 vhost user bridge patch to fix fd leaks
 mmap-alloc patch to fix hugetlbfs on ppc64
 remove dead code for vhost (trivial)
 
 Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
 -----BEGIN PGP SIGNATURE-----
 Version: GnuPG v1
 
 iQEcBAABAgAGBQJWX1bRAAoJECgfDbjSjVRpxlQIALPApovo4s4UfeGDptnEvBxv
 2UIREbYI8+VYjg/fjpGRpjjoYctpf+EDm3TKZvN8WfiKQ4578ySeVZkAs5IFvkNt
 Cakgfx6N5okJaeymoq6pcCvAXfBuqzt31H32xzh6D/V0kHCzwMLPf3CY9ZpQCrzf
 DucSr8z8wjxuiuO2f9Whc1Qk3WJoJgWNOdxvSepmRAfFYqUxplq10QSfRXVyHZ6m
 XfQ5RdGbEhCbFPYx3i+Atd2m0xXUdr2d1qOrABe9Uty3KhIzjfbt4teJktaCBEiI
 UQLieJNC1t/m5GZFb03bWWdFtVtRwG9yapCJLXQfavq4KqAVUE5Jgs9bmjfdgwQ=
 =jndJ
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/mst/tags/for_upstream' into staging

virtio,vhost,mmap fixes for 2.5

vhost test patches to fix the travis build
virtio ccw patch to fix virtio 1
virtio pci patch to fix pci express
vhost user bridge patch to fix fd leaks
mmap-alloc patch to fix hugetlbfs on ppc64
remove dead code for vhost (trivial)

Signed-off-by: Michael S. Tsirkin <mst@redhat.com>

# gpg: Signature made Wed 02 Dec 2015 20:38:41 GMT using RSA key ID D28D5469
# gpg: Good signature from "Michael S. Tsirkin <mst@kernel.org>"
# gpg:                 aka "Michael S. Tsirkin <mst@redhat.com>"

* remotes/mst/tags/for_upstream:
  util/mmap-alloc: fix hugetlb support on ppc64
  virtio-pci: Set the QEMU_PCI_CAP_EXPRESS capability early in its DeviceClass realize method
  virtio: handle non-virtio-1-capable backend for ccw
  tests/vhost-user-bridge.c: fix fd leakage
  vhost: drop dead code
  vhost-user: verify that number of queues is non-zero
  vhost-user-test: fix crash with glib < 2.36
  vhost-user-test: use unix port for migration
  vhost-user-test: fix chardriver race

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2015-12-02 23:11:24 +00:00
Paolo Bonzini a694ee343d migration: do floating-point division
Dividing integer expressions transferred_bytes and time_spent, and then converting
the integer quotient to type double. Any remainder, or fractional part of the
quotient, is ignored.  Fix this.

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Reviewed-by: Juan Quintela <quintela@redhat.com>
Signed-off-by: Juan Quintela <quintela@redhat.com>
2015-12-03 00:03:00 +01:00
Markus Armbruster 4e39f57c00 migration: Clean up use of g_poll() in socket_writev_buffer()
socket_writev_buffer() writes in a loop, using g_poll() to block.  If
g_poll() fails, it tries to write more before the file descriptor is
ready.  In theory, this could go into a tight loop.  In practice,
errors other than EINTR are really unlikely, and when they happen,
we're probably screwed anyway, so we can just as well loop.

Clean it up a bit: retry poll on EINTR, keep ignoring other errors.

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Paolo Bonzini <pbonzini@redhat.com>
Reviewed-by: Juan Quintela <quintela@redhat.com>
Signed-off-by: Juan Quintela <quintela@redhat.com>
2015-12-03 00:03:00 +01:00
Michael S. Tsirkin 7197fb4058 util/mmap-alloc: fix hugetlb support on ppc64
Since commit 8561c9244d "exec: allocate PROT_NONE pages on top of
RAM", it is no longer possible to back guest RAM with hugepages on ppc64
hosts:

mmap(NULL, 285212672, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) =
0x3fff57000000
mmap(0x3fff57000000, 268435456, PROT_READ|PROT_WRITE,
MAP_PRIVATE|MAP_FIXED, 19, 0) = -1 EBUSY (Device or resource busy)

This is because on ppc64, Linux fixes a page size for a virtual address
at mmap time, so we can't switch a range of memory from anonymous
small pages to hugetlbs with MAP_FIXED.

See commit d0f13e3c20b6fb73ccb467bdca97fa7cf5a574cd
("[POWERPC] Introduce address space "slices"") in Linux
history for the details.

Detect this and create the PROT_NONE mapping using the same fd.

Naturally, this makes the guard page bigger with hugetlbfs.

Based on patch by Greg Kurz.

Acked-by: Rik van Riel <riel@redhat.com>
Reviewed-by: Greg Kurz <gkurz@linux.vnet.ibm.com>
Tested-by: Greg Kurz <gkurz@linux.vnet.ibm.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2015-12-02 22:38:23 +02:00
Shmulik Ladkani 0560b0e97d virtio-pci: Set the QEMU_PCI_CAP_EXPRESS capability early in its DeviceClass realize method
In 1811e64 'hw/virtio: Add PCIe capability to virtio devices', the
QEMU_PCI_CAP_EXPRESS capability was added to virtio's pci_dev, within
'virtio_pci_realize' - the pci device object realization method.

This occurs to late, as 'pci_qdev_realize' (DeviceClass.realize of
TYPE_PCI_DEVICE) has already been called, without knowing that the
device instance is indeed an "express" instance, thus allocating
insufficient pci config space.

As a result, device may crash upon attempt to write to the PCIE config
space.

Fix, by arming the QEMU_PCI_CAP_EXPRESS capability early in virtio-pci's
own DeviceClass realize method.

This also makes code cleaner, as 'virtio_pci_realize' may now access the
'pci_is_express' predicate when needed.

Signed-off-by: Shmulik Ladkani <shmulik.ladkani@ravellosystems.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
Reviewed-by: Marcel Apfelbaum <marcel@redhat.com>
Tested-by: Marcel Apfelbaum <marcel@redhat.com>
2015-12-02 21:51:33 +02:00
Cornelia Huck 11380b3619 virtio: handle non-virtio-1-capable backend for ccw
If you run a qemu advertising VERSION_1 with an old kernel where
vhost did not yet support VERSION_1, you'll end up with a device
that is {modern pci|ccw revision 1} but does not advertise VERSION_1.
This is not a sensible configuration and is rejected by the Linux
guest drivers.

To fix this, add a ->post_plugged() callback invoked after features
have been queried that can handle the VERSION_1 bit being withdrawn
and change ccw to fall back to revision 0 if VERSION_1 is gone.

Note that pci is _not_ fixed; we'll need to rethink the approach
for the next release but at least for pci it's not a regression.

Signed-off-by: Cornelia Huck <cornelia.huck@de.ibm.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2015-12-02 19:34:11 +02:00
Victor Kaplansky 6d0b908a62 tests/vhost-user-bridge.c: fix fd leakage
This fixes file descriptor leakage in vhost-user-bridge
application. Whenever a new callfd or kickfd is set, the previous
one should be explicitly closed. File descriptors used to map
guest's memory are closed immediately after mmap call.

Signed-off-by: Victor Kaplansky <victork@redhat.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2015-12-02 19:27:26 +02:00
Peter Maydell cf22132367 Block layer patches
-----BEGIN PGP SIGNATURE-----
 Version: GnuPG v2.0.22 (GNU/Linux)
 
 iQIcBAABAgAGBQJWXxTvAAoJEH8JsnLIjy/Wg5gQAKREoHJUx9x35EHJO+bIfCzd
 vBYbMS53VZAO308twPmA4Jxg0GyEna65Fn7qoeI0fCPSKSNibHxg+uKi/xopIsaD
 aKo+7ypp9aCqsZXDpMKMYn0JKBXIdGObE/FuQRv7ALqe9uEts8TLUzOtPNmn95YL
 nx7BJsJ+mCJucBP8owOPCNHMDnYvIpHj6bG2JxOZB+K5AFeT92gEgRKd9oPQOOY8
 N/oAqLaMkSPLDmG0ox+xbVrQflTTgktENRJpDIiYiSTRXg/5UGZs2UdqbAzCs9GA
 IBvUlrbDpEzCfnydX6r4lg7Ve5al0uWuHM31wzjeJw4zLvx7sLf5qfn9PZws/WOr
 33sq2ar0rcVpOJD03m+IYtAU8EOVrc/ek012AELJBA2pSmR//GrMVlGRfqbNWq5m
 7dgsnVaMrzESqJkiRQGn4STHAPOFHmOcK3sDq37En9rB2dbzPZr0J8YTyTp075ah
 /vujdzfacH7fkmqa4Pcz984pZoUohce5Gj8zWx8j3acl50sHCyg8tdb0P6VB+Mau
 +cL+kRPj0Lzk3opJsyylTSwyn8srLc+KMuZ2KhG30d8Dg7ogRIcoICRdq6yEM5kg
 hx3c5MS/3ArVno9OMxAz111JEr5t4bBUk1AUJszrqPuOEnCEmzktFa2ihFZ6BWbo
 3sqrpUwInznKu1mhW+Ab
 =Dtb6
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/kevin/tags/for-upstream' into staging

Block layer patches

# gpg: Signature made Wed 02 Dec 2015 15:57:35 GMT using RSA key ID C88F2FD6
# gpg: Good signature from "Kevin Wolf <kwolf@redhat.com>"

* remotes/kevin/tags/for-upstream:
  blkdebug: silence warning under qtest
  qcow2: Fix potential qemu-img check crash on 32 bit hosts

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2015-12-02 17:05:34 +00:00
Peter Maydell 2196b6f5dd -----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
 
 iQIcBAABAgAGBQJWXxIgAAoJEL2+eyfA3jBXBhkP/06PCkWeIoDt+qTRyDpKuT1e
 e+enf3Dl998/nr57nAYx1V7/fmfSnvlY2XP/+3jTaPSj0D59teUfcbaZfZCKzsJq
 ikcQiRCfq5FwtNtf40Z+paA2hmJNcbz2PcldYNd+FpY+5QoMF3JMcBm9Ju6Q5O2m
 zUAmDMsz1S25RRtKWCadsQGQW8J7dnrD/pxeYj4JmH6xTIPvT0yRZV+gh14fh2GJ
 SN4oRICd9Ov3x/n5UDu64z/7Rvk4O0ykNivrc3EN8icPJfe/fJk3zyHbBTibGwDf
 N3JHyPRBexj/uIdbo3UTCAwMj9IVQewdQbx8RnfLDK4rHpZL621hhWbbr20dOD3E
 MQBdVISE+dWlXWClYhwcVrDPVVyMVNmOTkzPsKROwsoU48nDWNhmS4OtJrbJpx2Y
 00/463/cozMMW/2Y/mD8hBJXspXOEkIXaCZeGIoo4JeOGU9CGkpvfhoj1g9AwIwM
 n8jpjurtS6qLbAuDJ19SqS7borHLaJmqdTp56qT/lkd/0WNTkCLAjhOxuuv6ysJg
 mmMfUKKww/s9YRX+nAN9nN72DEqCEEuM13nCrK8unEKdk8ltOe2cCHYxlSmEHSGR
 /QrWU9rB+V8k4GmC9sBVRTmMxadAiN0iLCRLmscGXjYswlmwOQA0KN+JqqzkUAZc
 clK1cBGgTspmvu6oZLkM
 =SdYa
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/cody/tags/block-pull-request' into staging

# gpg: Signature made Wed 02 Dec 2015 15:45:36 GMT using RSA key ID C0DE3057
# gpg: Good signature from "Jeffrey Cody <jcody@redhat.com>"
# gpg:                 aka "Jeffrey Cody <jeff@codyprime.org>"
# gpg:                 aka "Jeffrey Cody <codyprime@gmail.com>"

* remotes/cody/tags/block-pull-request:
  mirror: Quiesce source during "mirror_exit"

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2015-12-02 16:24:26 +00:00
Michael S. Tsirkin b0ae1536c5 vhost: drop dead code
commit 1e7398a1 ("vhost: enable vhost without without MSI-X"_
dropped the implementation of vhost_dev_query,
drop it from the header file as well.

Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
Reviewed-by: Yuanhan Liu <yuanhan.liu@linux.intel.com>
2015-12-02 17:59:13 +02:00
Fam Zheng 176c36997f mirror: Quiesce source during "mirror_exit"
With dataplane, the ioeventfd events could be dispatched after
mirror_run releases the dirty bitmap, but before mirror_exit actually
does the device switch, because the iothread will still be running, and
it will cause silent data loss.

Fix this by adding a bdrv_drained_begin/end pair around the window, so
that no new external request will be handled.

Signed-off-by: Fam Zheng <famz@redhat.com>
Signed-off-by: Jeff Cody <jcody@redhat.com>
2015-12-02 10:44:06 -05:00
Peter Maydell 30a9fd5d13 * exec.c use after free
* Xen 32-on-64 breakage
 * missing EINTR
 * naughty warning under qtest
 -----BEGIN PGP SIGNATURE-----
 Version: GnuPG v2
 
 iQEcBAABCAAGBQJWXuCDAAoJEL/70l94x66DEMMH/3MDMvuFCRHM9CgBkX/VV6hZ
 S+5WLs+lit3AJ68Fas+Q/lF1inWzzR3QQFqRJUACdoKMx8B/bH3oQws42WemGIJX
 pIhgDWolTn5lRAo/9nQBUEnm2RBzAkS0qbIoXunFDGxfuZDWJDS/0sdUonrvS1X/
 3/TXsKw9/7YzaZ2x2NK7ZxCdl/XR1mw/YWHS7/TbjHWOS2HEsGB8f5xKLBUYPWPi
 /Ph41Z4Yb7biztoQ8HHOve4jfzuo3hqPp6qxvcqPfXSprEMjmpz7HiJALJXsu2O1
 uTng5/Nod6Cdm3ZrA9fTvZQH0OM7KHsLH3mcvn5NzFdfXV0EvLpH70SDmSSWRNM=
 =K3Wn
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/bonzini/tags/for-upstream' into staging

* exec.c use after free
* Xen 32-on-64 breakage
* missing EINTR
* naughty warning under qtest

# gpg: Signature made Wed 02 Dec 2015 12:13:55 GMT using RSA key ID 78C7AE83
# gpg: Good signature from "Paolo Bonzini <bonzini@gnu.org>"
# gpg:                 aka "Paolo Bonzini <pbonzini@redhat.com>"

* remotes/bonzini/tags/for-upstream:
  translate-all: ensure host page mask is always extended with 1's
  main-loop: suppress warnings under qtest
  qemu-char: retry g_poll on EINTR
  exec: Stop using memory after free

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2015-12-02 15:41:38 +00:00
Kevin Wolf ab7fe3a29a One block patch for qemu 2.5-rc3.
-----BEGIN PGP SIGNATURE-----
 Version: GnuPG v2
 
 iQEcBAABCAAGBQJWXw5NAAoJEDuxQgLoOKytL2MIAIGgdYXmxgi9cvw8JclBAInO
 tcTh4zdv2IkoF4mGol4upUwf9vIjaHIJux9ZkyV65Vq5E8GL07xCZfUYAtv3SiAe
 cz76or9bXe3uwfgNW3uNyVAMtdzc7iL+m9cgvqXd5Kntc+P1P5v9EmLZgbZc87CZ
 HDYQeU7sfFqnUFkKYiNrpfCB2LLkvyvO5u7KPydrj11HBmtbDCypXIEp5LK6xRMK
 nZQ50k9CkIfmjuSu/6j2LeTqKJsKzjKMmiX7+ObcrOEbYXvNB1h0CGBB7IPYKPuj
 o+LCB9f5AFDcol4zMDmbQdeIkhqBOedZGYO2OcJ+RoZGO7m2tbJnQXjKr0usSVE=
 =U0uZ
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'mreitz/tags/pull-block-for-kevin-2015-12-02' into queue-block

One block patch for qemu 2.5-rc3.

# gpg: Signature made Wed Dec  2 16:29:17 2015 CET using RSA key ID E838ACAD
# gpg: Good signature from "Max Reitz <mreitz@redhat.com>"

* mreitz/tags/pull-block-for-kevin-2015-12-02:
  blkdebug: silence warning under qtest

Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2015-12-02 16:38:03 +01:00