qemu.git
3 years agoxen/9pfs: introduce Xen 9pfs backend
Stefano Stabellini [Tue, 21 Mar 2017 20:51:34 +0000 (13:51 -0700)] 
xen/9pfs: introduce Xen 9pfs backend

Introduce the Xen 9pfs backend: add struct XenDevOps to register as a
Xen backend and add struct V9fsTransport to register as v9fs transport.

All functions are empty stubs for now.

Signed-off-by: Stefano Stabellini <stefano@aporeto.com>
Reviewed-by: Greg Kurz <groug@kaod.org>
CC: anthony.perard@citrix.com
CC: jgross@suse.com
CC: Aneesh Kumar K.V <aneesh.kumar@linux.vnet.ibm.com>
CC: Greg Kurz <groug@kaod.org>
3 years ago9p: introduce a type for the 9p header
Stefano Stabellini [Tue, 21 Mar 2017 20:51:34 +0000 (13:51 -0700)] 
9p: introduce a type for the 9p header

Use the new type in virtio-9p-device.

Signed-off-by: Stefano Stabellini <stefano@aporeto.com>
Reviewed-by: Greg Kurz <groug@kaod.org>
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
CC: anthony.perard@citrix.com
CC: jgross@suse.com
CC: Aneesh Kumar K.V <aneesh.kumar@linux.vnet.ibm.com>
CC: Greg Kurz <groug@kaod.org>
3 years agoxen: import ring.h from xen
Stefano Stabellini [Tue, 21 Mar 2017 20:51:25 +0000 (13:51 -0700)] 
xen: import ring.h from xen

Do not use the ring.h header installed on the system. Instead, import
the header into the QEMU codebase. This avoids problems when QEMU is
built against a Xen version too old to provide all the ring macros.

Signed-off-by: Stefano Stabellini <stefano@aporeto.com>
Reviewed-by: Greg Kurz <groug@kaod.org>
CC: anthony.perard@citrix.com
CC: jgross@suse.com
3 years agoconfigure: use pkg-config for obtaining xen version
Juergen Gross [Mon, 27 Mar 2017 07:42:45 +0000 (09:42 +0200)] 
configure: use pkg-config for obtaining xen version

Instead of trying to guess the Xen version to use by compiling various
test programs first just ask the system via pkg-config. Only if it
can't return the version fall back to the test program scheme.

If configure is being called with dedicated flags for the Xen libraries
use those instead of the pkg-config output. This will avoid breaking
an in-tree Xen build of an old Xen version while a new Xen version is
installed on the build machine: pkg-config would pick up the installed
Xen config files as the Xen tree wouldn't contain any of them.

Signed-off-by: Juergen Gross <jgross@suse.com>
Signed-off-by: Stefano Stabellini <sstabellini@kernel.org>
Tested-by: Paul Durrant <paul.durrant@citrix.com>
Reviewed-by: Stefano Stabellini <sstabellini@kernel.org>
3 years agoxen: additionally restrict xenforeignmemory operations
Paul Durrant [Tue, 28 Mar 2017 15:54:55 +0000 (16:54 +0100)] 
xen: additionally restrict xenforeignmemory operations

Commit f0f272baf3a7 "xen: use libxendevice model to restrict operations"
added a command-line option (-xen-domid-restrict) to limit operations
using the libxendevicemodel API to a specified domid. The commit also
noted that the restriction would be extended to cover operations issued
via other xen libraries by subsequent patches.

My recent Xen patch [1] added a call to the xenforeignmemory API to allow
it to be restricted. This patch now makes use of that new call when the
-xen-domid-restrict option is passed.

[1] http://xenbits.xen.org/gitweb/?p=xen.git;a=commit;h=5823d6eb

Signed-off-by: Paul Durrant <paul.durrant@citrix.com>
Signed-off-by: Stefano Stabellini <sstabellini@kernel.org>
Reviewed-by: Stefano Stabellini <sstabellini@kernel.org>
3 years agoxen: use libxendevice model to restrict operations
Paul Durrant [Wed, 22 Mar 2017 09:39:15 +0000 (09:39 +0000)] 
xen: use libxendevice model to restrict operations

This patch adds a command-line option (-xen-domid-restrict) which will
use the new libxendevicemodel API to restrict devicemodel [1] operations
to the specified domid. (Such operations are not applicable to the xenpv
machine type).

This patch also adds a tracepoint to allow successful enabling of the
restriction to be monitored.

[1] I.e. operations issued by libxendevicemodel. Operation issued by other
    xen libraries (e.g. libxenforeignmemory) are currently still unrestricted
    but this will be rectified by subsequent patches.

Signed-off-by: Paul Durrant <paul.durrant@citrix.com>
Reviewed-by: Stefano Stabellini <sstabellini@kernel.org>
3 years agoxen: use 5 digit xen versions
Juergen Gross [Thu, 16 Mar 2017 14:19:52 +0000 (15:19 +0100)] 
xen: use 5 digit xen versions

Today qemu is using e.g. the value 480 for Xen version 4.8.0. As some
Xen version tests are using ">" relations this scheme will lead to
problems when Xen version 4.10.0 is being reached.

Instead of the 3 digit schem use a 5 digit scheme (e.g. 40800 for
version 4.8.0).

Signed-off-by: Juergen Gross <jgross@suse.com>
Signed-off-by: Stefano Stabellini <sstabellini@kernel.org>
Reviewed-by: Stefano Stabellini <sstabellini@kernel.org>
3 years agoxen: use libxendevicemodel when available
Paul Durrant [Tue, 7 Mar 2017 10:55:34 +0000 (10:55 +0000)] 
xen: use libxendevicemodel when available

This patch modifies the wrapper functions in xen_common.h to use the
new xendevicemodel interface if it is available along with compatibility
code to use the old libxenctrl interface if it is not.

Signed-off-by: Paul Durrant <paul.durrant@citrix.com>
Signed-off-by: Stefano Stabellini <sstabellini@kernel.org>
Reviewed-by: Anthony Perard <anthony.perard@citrix.com>
Reviewed-by: Stefano Stabellini <sstabellini@kernel.org>
3 years agoconfigure: detect presence of libxendevicemodel
Paul Durrant [Tue, 7 Mar 2017 10:55:33 +0000 (10:55 +0000)] 
configure: detect presence of libxendevicemodel

This patch adds code in configure to set CONFIG_XEN_CTRL_INTERFACE_VERSION
to a new value of 490 if libxendevicemodel is present in the build
environment.

Signed-off-by: Paul Durrant <paul.durrant@citrix.com>
Signed-off-by: Stefano Stabellini <sstabellini@kernel.org>
Reviewed-by: Anthony Perard <anthony.perard@citrix.com>
Reviewed-by: Stefano Stabellini <sstabellini@kernel.org>
3 years agoxen: create wrappers for all other uses of xc_hvm_XXX() functions
Paul Durrant [Tue, 7 Mar 2017 10:55:32 +0000 (10:55 +0000)] 
xen: create wrappers for all other uses of xc_hvm_XXX() functions

This patch creates inline wrapper functions in xen_common.h for all open
coded calls to xc_hvm_XXX() functions outside of xen_common.h so that use
of xen_xc can be made implicit. This again is in preparation for the move
to using libxendevicemodel.

Signed-off-by: Paul Durrant <paul.durrant@citrix.com>
Reviewed-by: Anthony Perard <anthony.perard@citrix.com>
Reviewed-by: Stefano Stabellini <sstabellini@kernel.org>
3 years agoxen: rename xen_modified_memory() to xen_hvm_modified_memory()
Paul Durrant [Tue, 7 Mar 2017 10:55:31 +0000 (10:55 +0000)] 
xen: rename xen_modified_memory() to xen_hvm_modified_memory()

This patch is a purely cosmetic change that avoids a name collision in
a subsequent patch.

Signed-off-by: Paul Durrant <paul.durrant@citrix.com>
Reviewed-by: Anthony Perard <anthony.perard@citrix.com>
Reviewed-by: Stefano Stabellini <sstabellini@kernel.org>
3 years agoxen: make use of xen_xc implicit in xen_common.h inlines
Paul Durrant [Tue, 7 Mar 2017 10:55:30 +0000 (10:55 +0000)] 
xen: make use of xen_xc implicit in xen_common.h inlines

Doing this will make the transition to using the new libxendevicemodel
interface less intrusive on the callers of these functions, since using
the new library will require a change of handle.

NOTE: The patch also moves the 'externs' for xen_xc and xen_fmem from
      xen_backend.h to xen_common.h, and the declarations from
      xen_backend.c to xen-common.c, which is where they belong.

Signed-off-by: Paul Durrant <paul.durrant@citrix.com>
Reviewed-by: Anthony Perard <anthony.perard@citrix.com>
Reviewed-by: Stefano Stabellini <sstabellini@kernel.org>
3 years agoUpdate version for v2.9.0-rc1 release v2.9.0-rc1
Peter Maydell [Tue, 21 Mar 2017 17:13:29 +0000 (17:13 +0000)] 
Update version for v2.9.0-rc1 release

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
3 years agoconfigure: Warn about deprecated hosts
Peter Maydell [Tue, 21 Mar 2017 14:31:57 +0000 (14:31 +0000)] 
configure: Warn about deprecated hosts

We plan to drop support in a future QEMU release for host OSes
and host architectures for which we have no test machine where
we can build and run tests. For the 2.9 release, make configure
print a warning if it is run on such a host, so that the user
has some warning of the plans and can volunteer to help us
maintain the port if they need it to continue to function.

This commit flags up as deprecated the CPU architectures:
 * ia64
 * sparc
 * anything which we don't have a TCG port for
   (and which was presumably using TCI)
and the OSes:
 * GNU/kFreeBSD
 * DragonFly BSD
 * NetBSD
 * OpenBSD
 * Solaris
 * AIX
 * Haiku

It also makes entirely unrecognized host OS strings be
rejected rather than treated as if they were Linux (which
likely never worked).

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Message-id: 1490106717-9542-1-git-send-email-peter.maydell@linaro.org

3 years agoMerge remote-tracking branch 'remotes/gkurz/tags/for-upstream' into staging
Peter Maydell [Tue, 21 Mar 2017 14:32:51 +0000 (14:32 +0000)] 
Merge remote-tracking branch 'remotes/gkurz/tags/for-upstream' into staging

This pull request fixes a potential QEMU hang in 9pfs and two issues
reported by Coverity.

# gpg: Signature made Tue 21 Mar 2017 09:57:58 GMT
# gpg:                using DSA key 0x02FC3AEB0101DBC2
# gpg: Good signature from "Greg Kurz <groug@kaod.org>"
# gpg:                 aka "Greg Kurz <groug@free.fr>"
# gpg:                 aka "Greg Kurz <gkurz@linux.vnet.ibm.com>"
# gpg:                 aka "Gregory Kurz (Groug) <groug@free.fr>"
# gpg:                 aka "[jpeg image of size 3330]"
# gpg: WARNING: This key is not certified with a trusted signature!
# gpg:          There is no indication that the signature belongs to the owner.
# Primary key fingerprint: 2BD4 3B44 535E C0A7 9894  DBA2 02FC 3AEB 0101 DBC2

* remotes/gkurz/tags/for-upstream:
  9pfs: proxy: assert if unmarshal fails
  9pfs: don't try to flush self and avoid QEMU hang on reset

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
3 years agoadd opengl_cflags to QEMU_CFLAGS
Gerd Hoffmann [Tue, 21 Mar 2017 07:04:48 +0000 (08:04 +0100)] 
add opengl_cflags to QEMU_CFLAGS

... and drop OPENGL_CFLAGS from Makefiles.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Message-id: 1490079888-29029-1-git-send-email-kraxel@redhat.com
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
3 years ago9pfs: proxy: assert if unmarshal fails
Greg Kurz [Tue, 21 Mar 2017 08:12:47 +0000 (09:12 +0100)] 
9pfs: proxy: assert if unmarshal fails

Replies from the virtfs proxy are made up of a fixed-size header (8 bytes)
and a payload of variable size (maximum 64kb). When receiving a reply,
the proxy backend first reads the whole header and then unmarshals it.
If the header is okay, it then does the same operation with the payload.

Since the proxy backend uses a pre-allocated buffer which has enough room
for a header and the maximum payload size, marshalling should never fail
with fixed size arguments. Any error here is likely to result from a more
serious corruption in QEMU and we'd better dump core right away.

This patch adds error checks where they are missing and converts the
associated error paths into assertions.

This should also address Coverity's complaints CID 1348519 and CID 1348520,
about not always checking the return value of proxy_unmarshal().

Signed-off-by: Greg Kurz <groug@kaod.org>
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
3 years ago9pfs: don't try to flush self and avoid QEMU hang on reset
Greg Kurz [Tue, 21 Mar 2017 08:12:47 +0000 (09:12 +0100)] 
9pfs: don't try to flush self and avoid QEMU hang on reset

According to the 9P spec [*], when a client wants to cancel a pending I/O
request identified by a given tag (uint16), it must send a Tflush message
and wait for the server to respond with a Rflush message before reusing this
tag for another I/O. The server may still send a completion message for the
I/O if it wasn't actually cancelled but the Rflush message must arrive after
that.

QEMU hence waits for the flushed PDU to complete before sending the Rflush
message back to the client.

If a client sends 'Tflush tag oldtag' and tag == oldtag, QEMU will then
allocate a PDU identified by tag, find it in the PDU list and wait for
this same PDU to complete... i.e. wait for a completion that will never
happen. This causes a tag and ring slot leak in the guest, and a PDU
leak in QEMU, all of them limited by the maximal number of PDUs (128).
But, worse, this causes QEMU to hang on device reset since v9fs_reset()
wants to drain all pending I/O.

This insane behavior is likely to denote a bug in the client, and it would
deserve an Rerror message to be sent back. Unfortunately, the protocol
allows it and requires all flush requests to suceed (only a Tflush response
is expected).

The only option is to detect when we have to handle a self-referencing
flush request and report success to the client right away.

[*] http://man.cat-v.org/plan_9/5/flush

Reported-by: Al Viro <viro@ZenIV.linux.org.uk>
Signed-off-by: Greg Kurz <groug@kaod.org>
3 years agoMerge remote-tracking branch 'remotes/bonzini/tags/for-upstream' into staging
Peter Maydell [Mon, 20 Mar 2017 16:34:26 +0000 (16:34 +0000)] 
Merge remote-tracking branch 'remotes/bonzini/tags/for-upstream' into staging

fixes for 2.9-rc1, plus removal of -mno-cygwin references

# gpg: Signature made Mon 20 Mar 2017 11:25:07 GMT
# gpg:                using RSA key 0xBFFBD25F78C7AE83
# gpg: Good signature from "Paolo Bonzini <bonzini@gnu.org>"
# gpg:                 aka "Paolo Bonzini <pbonzini@redhat.com>"
# Primary key fingerprint: 46F5 9FBD 57D6 12E7 BFD4  E2F7 7E15 100C CD36 69B1
#      Subkey fingerprint: F133 3857 4B66 2389 866C  7682 BFFB D25F 78C7 AE83

* remotes/bonzini/tags/for-upstream:
  hax: fix breakage in locking
  configure: remove Cygwin
  xen: do not build backends for targets that do not support xen
  qemu-ga: obey LISTEN_PID when using systemd socket activation

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
3 years agoaudio: catch missing sdl support
Gerd Hoffmann [Mon, 20 Mar 2017 09:05:43 +0000 (10:05 +0100)] 
audio: catch missing sdl support

sdl is probed before audio, so we can simply look at $sdl so see
whenever we have support or not.  Throw an error in case sdl audio
is requested without sdl being available.

Reported-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Tested-by: Peter Maydell <peter.maydell@linaro.org>
Message-id: 1490000743-3615-1-git-send-email-kraxel@redhat.com
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
3 years agoconfigure: remove Cygwin
Paolo Bonzini [Fri, 17 Mar 2017 16:08:11 +0000 (17:08 +0100)] 
configure: remove Cygwin

The Cygwin target is really compiling for native Win32 with -mno-cygwin.
Except, GCC 4.7.0 has finally removed the long deprecated -mno-cygwin
option, and that happened about five years ago.

Let it rest in peace.

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Reviewed-by: Stefan Weil <sw@weilnetz.de>
Message-id: 20170317160811.28370-1-pbonzini@redhat.com
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
3 years agoMerge remote-tracking branch 'remotes/yongbok/tags/mips-20170320' into staging
Peter Maydell [Mon, 20 Mar 2017 13:53:14 +0000 (13:53 +0000)] 
Merge remote-tracking branch 'remotes/yongbok/tags/mips-20170320' into staging

MIPS patches 2017-03-20

Changes:
* Fix clang warnings
* Fix delay slot detection in gen_msa_branch()
* Fix rc4030 interval timer
* Fix rc4030 to tranlate memory accesses only when they occur
* Fix 4c4030 a mixed declarations and code warning
* Update MAINTAINERS file

# gpg: Signature made Mon 20 Mar 2017 12:46:01 GMT
# gpg:                using RSA key 0x2238EB86D5F797C2
# gpg: Good signature from "Yongbok Kim <yongbok.kim@imgtec.com>"
# gpg: WARNING: This key is not certified with sufficiently trusted signatures!
# gpg:          It is not certain that the signature belongs to the owner.
# Primary key fingerprint: 8600 4CF5 3415 A5D9 4CFA  2B5C 2238 EB86 D5F7 97C2

* remotes/yongbok/tags/mips-20170320:
  MAINTAINERS: update for MIPS devices
  dma/rc4030: fix a mixed declarations and code warning
  dma/rc4030: translate memory accesses only when they occur
  dma: rc4030: limit interval timer reload value
  target/mips: fix delay slot detection in gen_msa_branch()
  target-mips: replace few LOG_DISAS() with trace points
  target-mips: replace break by goto cp0_unimplemented
  target-mips: log bad coprocessor0 register accesses with LOG_UNIMP
  target-mips: remove old & unuseful comments
  target-mips: fix compiler warnings (clang 5)

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
3 years agoMerge remote-tracking branch 'remotes/pmaydell/tags/pull-target-arm-20170320' into...
Peter Maydell [Mon, 20 Mar 2017 12:56:42 +0000 (12:56 +0000)] 
Merge remote-tracking branch 'remotes/pmaydell/tags/pull-target-arm-20170320' into staging

target-arm queue:
 * fix MSR/MRS decoding for M profile CPUs

# gpg: Signature made Mon 20 Mar 2017 12:53:26 GMT
# gpg:                using RSA key 0x3C2525ED14360CDE
# gpg: Good signature from "Peter Maydell <peter.maydell@linaro.org>"
# gpg:                 aka "Peter Maydell <pmaydell@gmail.com>"
# gpg:                 aka "Peter Maydell <pmaydell@chiark.greenend.org.uk>"
# Primary key fingerprint: E1A5 C593 CD41 9DE2 8E83  15CF 3C25 25ED 1436 0CDE

* remotes/pmaydell/tags/pull-target-arm-20170320:
  arm: Fix APSR writes via M profile MSR
  arm: Enforce should-be-1 bits in MRS decoding
  arm: Don't decode MRS(banked) or MSR(banked) for M profile
  arm: HVC and SMC encodings don't exist for M profile

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
3 years agoarm: Fix APSR writes via M profile MSR
Peter Maydell [Mon, 20 Mar 2017 12:41:44 +0000 (12:41 +0000)] 
arm: Fix APSR writes via M profile MSR

Our implementation of writes to the APSR for M-profile via the MSR
instruction was badly broken.

First and worst, we had the sense wrong on the test of bit 2 of the
SYSm field -- this is supposed to request an APSR write if bit 2 is 0
but we were doing it if bit 2 was 1.  This bug was introduced in
commit 58117c9bb429cd, so hasn't been in a QEMU release.

Secondly, the choice of exactly which parts of APSR should be written
is defined by bits in the 'mask' field.  We were not passing these
through from instruction decode, making it impossible to check them
in the helper.

Pass the mask bits through from the instruction decode to the helper
function and process them appropriately; fix the wrong sense of the
SYSm bit 2 check.

Invalid mask values and invalid combinations of mask and register
number are UNPREDICTABLE; we choose to treat them as if the mask
values were valid.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Message-id: 1487616072-9226-5-git-send-email-peter.maydell@linaro.org
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
3 years agoarm: Enforce should-be-1 bits in MRS decoding
Peter Maydell [Mon, 20 Mar 2017 12:41:44 +0000 (12:41 +0000)] 
arm: Enforce should-be-1 bits in MRS decoding

The MRS instruction requires that bits [19..16] are all 1s, and for
A/R profile also that bits [7..0] are all 0s.  At this point in the
decode tree we have checked all of the rest of the instruction but
were allowing these to be any value.  If these bits are not set then
the result is architecturally UNPREDICTABLE, but choosing to UNDEF is
more helpful to the user and avoids unexpected odd behaviour if the
encodings are used for some purpose in future architecture versions.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Message-id: 1487616072-9226-4-git-send-email-peter.maydell@linaro.org

3 years agoarm: Don't decode MRS(banked) or MSR(banked) for M profile
Peter Maydell [Mon, 20 Mar 2017 12:41:44 +0000 (12:41 +0000)] 
arm: Don't decode MRS(banked) or MSR(banked) for M profile

M profile doesn't have the MSR(banked) and MRS(banked) instructions
and uses the encodings for different kinds of M-profile MRS/MSR.
Guard the relevant bits of the decode logic to make sure we don't
accidentally fall into them by accident on M-profile.

(The bit being checked for this (bit 5) is part of the SYSm field on
M-profile, but since no currently allocated system registers have
encodings with bit 5 of SYSm set, this hasn't been a problem in
practice.)

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Message-id: 1487616072-9226-3-git-send-email-peter.maydell@linaro.org

3 years agoarm: HVC and SMC encodings don't exist for M profile
Peter Maydell [Mon, 20 Mar 2017 12:41:44 +0000 (12:41 +0000)] 
arm: HVC and SMC encodings don't exist for M profile

M profile doesn't have the HVC or SMC encodings, so make them always
UNDEF rather than generating calls to helper functions that assume
A/R profile.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Message-id: 1487616072-9226-2-git-send-email-peter.maydell@linaro.org

3 years agohax: fix breakage in locking
Vincent Palatin [Mon, 20 Mar 2017 10:15:49 +0000 (11:15 +0100)] 
hax: fix breakage in locking

use qemu_mutex_lock_iothread consistently in qemu_hax_cpu_thread_fn() as
done in other _thread_fn functions, instead of grabbing directly the
BQL. This way we ensure that iothread_locked is properly set.

On v2.9.0-rc0, QEMU was dying in an assertion in the mutex code when
running with '--enable-hax' either on OSX or Windows. This bug was triggered
since the code modification for multithreading added new usages of
qemu_mutex_iothread_locked.
This fixes the breakage on both platforms, I can now run again a full
Chromium OS image with HAX kernel acceleration.

Signed-off-by: Vincent Palatin <vpalatin@chromium.org>
Message-Id: <20170320101549.150076-1-vpalatin@chromium.org>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
3 years agoMAINTAINERS: update for MIPS devices
Yongbok Kim [Fri, 10 Mar 2017 15:32:32 +0000 (15:32 +0000)] 
MAINTAINERS: update for MIPS devices

Add myself to MIPSSIM and new entry for Fulong 2E.
Add an entry for Boston machine (Paul Burton).

cc: Paul Burton <paul.burton@imgtec.com>
Signed-off-by: Yongbok Kim <yongbok.kim@imgtec.com>
Reviewed-by: Thomas Huth <thuth@redhat.com>
3 years agodma/rc4030: fix a mixed declarations and code warning
Yongbok Kim [Tue, 14 Mar 2017 16:51:56 +0000 (16:51 +0000)] 
dma/rc4030: fix a mixed declarations and code warning

Signed-off-by: Yongbok Kim <yongbok.kim@imgtec.com>
Reviewed-by: Hervé Poussineau <hpoussin@reactos.org>
3 years agodma/rc4030: translate memory accesses only when they occur
Hervé Poussineau [Fri, 18 Nov 2016 22:43:36 +0000 (23:43 +0100)] 
dma/rc4030: translate memory accesses only when they occur

This simplifies the code a lot, and this fixes big memory leaks
introduced in a3d586f704609a45b6037534cb2f34da5dfd8895

Windows NT is now able to boot without using gigabytes of ram on the host.

Signed-off-by: Hervé Poussineau <hpoussin@reactos.org>
Reviewed-by: Yongbok Kim <yongbok.kim@imgtec.com>
Signed-off-by: Yongbok Kim <yongbok.kim@imgtec.com>
3 years agodma: rc4030: limit interval timer reload value
Prasad J Pandit [Wed, 12 Oct 2016 12:37:41 +0000 (18:07 +0530)] 
dma: rc4030: limit interval timer reload value

The JAZZ RC4030 chipset emulator has a periodic timer and
associated interval reload register. The reload value is used
as divider when computing timer's next tick value. If reload
value is large, it could lead to divide by zero error. Limit
the interval reload value to avoid it.

Reported-by: Huawei PSIRT <psirt@huawei.com>
Signed-off-by: Prasad J Pandit <pjp@fedoraproject.org>
Tested-by: Hervé Poussineau <hpoussin@reactos.org>
Signed-off-by: Yongbok Kim <yongbok.kim@imgtec.com>
3 years agotarget/mips: fix delay slot detection in gen_msa_branch()
Yongbok Kim [Tue, 7 Mar 2017 15:37:34 +0000 (15:37 +0000)] 
target/mips: fix delay slot detection in gen_msa_branch()

It is unnecessary to test R6 from delay/forbidden slot check
in gen_msa_branch().

https://bugs.launchpad.net/qemu/+bug/1663287

Reported-by: Brian Campbell <bacam@z273.org.uk>
Signed-off-by: Yongbok Kim <yongbok.kim@imgtec.com>
3 years agotarget-mips: replace few LOG_DISAS() with trace points
Philippe Mathieu-Daudé [Sat, 4 Mar 2017 18:56:52 +0000 (15:56 -0300)] 
target-mips: replace few LOG_DISAS() with trace points

Signed-off-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Reviewed-by: Yongbok Kim <yongbok.kim@imgtec.com>
Signed-off-by: Yongbok Kim <yongbok.kim@imgtec.com>
3 years agotarget-mips: replace break by goto cp0_unimplemented
Philippe Mathieu-Daudé [Sat, 4 Mar 2017 18:56:51 +0000 (15:56 -0300)] 
target-mips: replace break by goto cp0_unimplemented

this fixes many warnings like:

target/mips/translate.c:6253:13: warning: Value stored to 'rn' is never read
            rn = "invalid sel";
            ^    ~~~~~~~~~~~~~

Reported-by: Clang Static Analyzer
Signed-off-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Reviewed-by: Yongbok Kim <yongbok.kim@imgtec.com>
Signed-off-by: Yongbok Kim <yongbok.kim@imgtec.com>
3 years agotarget-mips: log bad coprocessor0 register accesses with LOG_UNIMP
Philippe Mathieu-Daudé [Sat, 4 Mar 2017 18:56:50 +0000 (15:56 -0300)] 
target-mips: log bad coprocessor0 register accesses with LOG_UNIMP

Signed-off-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Reviewed-by: Yongbok Kim <yongbok.kim@imgtec.com>
Signed-off-by: Yongbok Kim <yongbok.kim@imgtec.com>
3 years agotarget-mips: remove old & unuseful comments
Philippe Mathieu-Daudé [Sat, 4 Mar 2017 18:56:49 +0000 (15:56 -0300)] 
target-mips: remove old & unuseful comments

Signed-off-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Reviewed-by: Yongbok Kim <yongbok.kim@imgtec.com>
Signed-off-by: Yongbok Kim <yongbok.kim@imgtec.com>
3 years agotarget-mips: fix compiler warnings (clang 5)
Philippe Mathieu-Daudé [Sat, 4 Mar 2017 18:56:48 +0000 (15:56 -0300)] 
target-mips: fix compiler warnings (clang 5)

static code analyzer complain:

target/mips/helper.c:453:5: warning: Function call argument is an uninitialized value
    qemu_log_mask(CPU_LOG_MMU,
    ^~~~~~~~~~~~~~~~~~~~~~~~~~

'physical' and 'prot' are uninitialized if 'ret' is not TLBRET_MATCH.

Reported-by: Clang Static Analyzer
Signed-off-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Reviewed-by: Yongbok Kim <yongbok.kim@imgtec.com>
Signed-off-by: Yongbok Kim <yongbok.kim@imgtec.com>
3 years agoMerge remote-tracking branch 'remotes/cohuck/tags/s390x-20170320' into staging
Peter Maydell [Mon, 20 Mar 2017 10:51:30 +0000 (10:51 +0000)] 
Merge remote-tracking branch 'remotes/cohuck/tags/s390x-20170320' into staging

One bugfix for device plug/unplug and migration in the
channel subsystem code.

# gpg: Signature made Mon 20 Mar 2017 08:45:59 GMT
# gpg:                using RSA key 0xDECF6B93C6F02FAF
# gpg: Good signature from "Cornelia Huck <huckc@linux.vnet.ibm.com>"
# gpg:                 aka "Cornelia Huck <cornelia.huck@de.ibm.com>"
# Primary key fingerprint: C3D0 D66D C362 4FF6 A8C0  18CE DECF 6B93 C6F0 2FAF

* remotes/cohuck/tags/s390x-20170320:
  s390x/css: reassign subchannel if schid is changed after migration

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
3 years agoMerge remote-tracking branch 'remotes/kraxel/tags/pull-fixes-20170320-1' into staging
Peter Maydell [Mon, 20 Mar 2017 10:05:45 +0000 (10:05 +0000)] 
Merge remote-tracking branch 'remotes/kraxel/tags/pull-fixes-20170320-1' into staging

fixes for 2.9: vnc, cirrus, tcg display updates.

# gpg: Signature made Mon 20 Mar 2017 08:52:34 GMT
# gpg:                using RSA key 0x4CB6D8EED3E87138
# gpg: Good signature from "Gerd Hoffmann (work) <kraxel@redhat.com>"
# gpg:                 aka "Gerd Hoffmann <gerd@kraxel.org>"
# gpg:                 aka "Gerd Hoffmann (private) <kraxel@gmail.com>"
# Primary key fingerprint: A032 8CFF B93A 17A7 9901  FE7D 4CB6 D8EE D3E8 7138

* remotes/kraxel/tags/pull-fixes-20170320-1:
  vnc: fix a qio-channel leak
  cirrus: fix off-by-one in cirrus_bitblt_rop_bkwd_transp_*_16
  ui/console: ensure graphic updates don't race with TCG vCPUs

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
3 years agos390x/css: reassign subchannel if schid is changed after migration
Dong Jia Shi [Thu, 16 Feb 2017 05:27:33 +0000 (06:27 +0100)] 
s390x/css: reassign subchannel if schid is changed after migration

The subchannel is a means to access a device. While the device number is
assigned by the administrator, the subchannel number is assigned by
the channel subsystem in an ascending order on cold and hot plug.
When doing unplug and replug operations, the same device may end up on
a different subchannel; for example

- We start with a device fe.1.2222, which ends up at subchannel
  fe.1.0000.
- Now we detach the device, attach a device fe.1.3333 (which would get
  the now-free subchannel fe.1.0000), re-attach fe.1.2222 (which ends
  up at subchannel fe.1.0001) and detach fe.1.3333.
- We now have the same device (fe.1.2222) available to the guest; it
  just shows up on a different subchannel.

In such a case, the subchannel numbers are different from what a
QEMU would create during cold plug when parsing the command line.

As this would cause a guest visible change on migration, we do restore
the source system's value of the subchannel number on load.

So we are now fine from the guest perspective. From the host
perspective this will cause an inconsistent state in our internal data
structures, though.

For example, the subchannel 0 might not be at array position 0. This will
lead to problems when we continue doing hot (un/re) plug operations.

Let's fix this by cleaning up our internal data structures.

Reported-by: Cornelia Huck <cornelia.huck@de.ibm.com>
Signed-off-by: Dong Jia Shi <bjsdjshi@linux.vnet.ibm.com>
Cc: qemu-stable@nongnu.org
Signed-off-by: Cornelia Huck <cornelia.huck@de.ibm.com>
3 years agovnc: fix a qio-channel leak
Marc-André Lureau [Fri, 17 Mar 2017 09:28:02 +0000 (13:28 +0400)] 
vnc: fix a qio-channel leak

Spotted by ASAN.

Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Reviewed-by: Daniel P. Berrange <berrange@redhat.com>
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Message-id: 20170317092802.17973-1-marcandre.lureau@redhat.com
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
3 years agoconfigure: remove Cygwin
Paolo Bonzini [Fri, 17 Mar 2017 15:32:47 +0000 (16:32 +0100)] 
configure: remove Cygwin

The Cygwin target is really compiling for native Win32 with -mno-cygwin.
Except, GCC 4.7.0 has finally removed the long deprecated -mno-cygwin
option, and that happened about five years ago.

Let it rest in peace.

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
3 years agoxen: do not build backends for targets that do not support xen
Stefano Stabellini [Thu, 16 Mar 2017 20:01:50 +0000 (13:01 -0700)] 
xen: do not build backends for targets that do not support xen

Change Makefile.objs to use CONFIG_XEN instead of CONFIG_XEN_BACKEND, so
that the Xen backends are only built for targets that support Xen.

Set CONFIG_XEN in the toplevel Makefile to ensure that files that are
built only once pick up Xen support properly.

Signed-off-by: Stefano Stabellini <stefano@aporeto.com>
Tested-by: Greg Kurz <groug@kaod.org>
Reviewed-by: Greg Kurz <groug@kaod.org>
CC: pbonzini@redhat.com
CC: peter.maydell@linaro.org
CC: rth@twiddle.net
CC: stefanha@redhat.com
Message-Id: <1489694518-16978-1-git-send-email-sstabellini@kernel.org>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
3 years agoqemu-ga: obey LISTEN_PID when using systemd socket activation
Paolo Bonzini [Thu, 16 Mar 2017 15:29:45 +0000 (16:29 +0100)] 
qemu-ga: obey LISTEN_PID when using systemd socket activation

qemu-ga's socket activation support was not obeying the LISTEN_PID
environment variable, which avoids that a process uses a socket-activation
file descriptor meant for its parent.

Mess can for example ensue if a process forks a children before consuming
the socket-activation file descriptor and therefore setting O_CLOEXEC
on it.

Luckily, qemu-nbd also got socket activation code, and its copy does
support LISTEN_PID.  Some extra fixups are needed to ensure that the
code can be used for both, but that's what this patch does.  The
main change is to replace get_listen_fds's "consume" argument with
the FIRST_SOCKET_ACTIVATION_FD macro from the qemu-nbd code.

Cc: "Richard W.M. Jones" <rjones@redhat.com>
Cc: Stefan Hajnoczi <stefanha@redhat.com>
Reviewed-by: Daniel P. Berrange <berrange@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
3 years agonios2: iic: Convert CPU prop to qom link
Marek Vasut [Fri, 17 Mar 2017 21:06:27 +0000 (22:06 +0100)] 
nios2: iic: Convert CPU prop to qom link

Add a const qom link between the CPU and the IIC instead
of passing the CPU link through a qom property.

Signed-off-by: Marek Vasut <marex@denx.de>
Reviewed-by: Markus Armbruster <armbru@redhat.com>
Message-id: 20170317210627.23532-1-marex@denx.de
Cc: Alexander Graf <agraf@suse.de>
Cc: Chris Wulff <crwulff@gmail.com>
Cc: Igor Mammedov <imammedo@redhat.com>
Cc: Jeff Da Silva <jdasilva@altera.com>
Cc: Ley Foon Tan <lftan@altera.com>
Cc: Markus Armbruster <armbru@redhat.com>
Cc: Richard Henderson <rth@twiddle.net>
Cc: Sandra Loosemore <sandra@codesourcery.com>
Cc: Yves Vandervennet <yvanderv@altera.com>
Reviewed-by: Markus Armbruster <armbru@redhat.com>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
3 years agoMerge remote-tracking branch 'remotes/xtensa/tags/20170317-xtensa' into staging
Peter Maydell [Sat, 18 Mar 2017 17:24:49 +0000 (17:24 +0000)] 
Merge remote-tracking branch 'remotes/xtensa/tags/20170317-xtensa' into staging

target/xtensa fixes for 2.9:

- fix build failure when FDT support is not enabled;
- correctly pass command line arguments to semihosting guests.

# gpg: Signature made Fri 17 Mar 2017 18:14:01 GMT
# gpg:                using RSA key 0x51F9CC91F83FA044
# gpg: Good signature from "Max Filippov <filippov@cadence.com>"
# gpg:                 aka "Max Filippov <max.filippov@cogentembedded.com>"
# gpg:                 aka "Max Filippov <jcmvbkbc@gmail.com>"
# Primary key fingerprint: 2B67 854B 98E5 327D CDEB  17D8 51F9 CC91 F83F A044

* remotes/xtensa/tags/20170317-xtensa:
  target/xtensa: fix semihosting argc/argv implementation
  target/xtensa: xtfpga: load DTB only when FDT support is enabled

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
3 years agooslib-posix: fix compilation on OpenBSD
Paolo Bonzini [Fri, 17 Mar 2017 15:22:14 +0000 (16:22 +0100)] 
oslib-posix: fix compilation on OpenBSD

si_band is not found in OpenBSD.   It is marked as obsolescent in
POSIX, so we can delete it without any remorse.

Reported-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Message-id: 20170317152214.6148-1-pbonzini@redhat.com
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Tested-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
3 years agocurl: fix compilation on OpenBSD
Paolo Bonzini [Fri, 17 Mar 2017 15:24:12 +0000 (16:24 +0100)] 
curl: fix compilation on OpenBSD

EPROTO is not found in OpenBSD.   We usually use EIO when no better
errno is available, do that here too.

Reported-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Message-id: 20170317152412.8472-1-pbonzini@redhat.com
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Tested-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
3 years agoMerge remote-tracking branch 'remotes/kevin/tags/for-upstream' into staging
Peter Maydell [Fri, 17 Mar 2017 13:26:10 +0000 (13:26 +0000)] 
Merge remote-tracking branch 'remotes/kevin/tags/for-upstream' into staging

Block layer fixes for 2.9.0-rc1

# gpg: Signature made Fri 17 Mar 2017 12:06:04 GMT
# gpg:                using RSA key 0x7F09B272C88F2FD6
# gpg: Good signature from "Kevin Wolf <kwolf@redhat.com>"
# Primary key fingerprint: DC3D EB15 9A9A F95D 3D74  56FE 7F09 B272 C88F 2FD6

* remotes/kevin/tags/for-upstream:
  block: quiesce AioContext when detaching from it
  thread-pool: add missing qemu_bh_cancel in completion function
  block: Propagate error in bdrv_open_backing_file
  blockdev: fix bitmap clear undo
  block: Always call bdrv_child_check_perm first
  file-posix: Don't leak fd in hdev_get_max_segments
  replication: clarify permissions
  file-posix: clean up max_segments buffer termination

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
3 years agoMerge remote-tracking branch 'mreitz/tags/pull-block-2017-03-17' into queue-block
Kevin Wolf [Fri, 17 Mar 2017 12:03:44 +0000 (13:03 +0100)] 
Merge remote-tracking branch 'mreitz/tags/pull-block-2017-03-17' into queue-block

Block patches for 2.9-rc1

# gpg: Signature made Fri Mar 17 12:59:20 2017 CET
# gpg:                using RSA key 0xF407DB0061D5CF40
# gpg: Good signature from "Max Reitz <mreitz@redhat.com>"
# Primary key fingerprint: 91BE B60A 30DB 3E88 57D1  1829 F407 DB00 61D5 CF40

* mreitz/tags/pull-block-2017-03-17:
  block: quiesce AioContext when detaching from it

Signed-off-by: Kevin Wolf <kwolf@redhat.com>
3 years agoblock: quiesce AioContext when detaching from it
Paolo Bonzini [Tue, 14 Mar 2017 11:11:57 +0000 (12:11 +0100)] 
block: quiesce AioContext when detaching from it

While it is true that bdrv_set_aio_context only works on a single
BlockDriverState subtree (see commit message for 53ec73e, "block: Use
bdrv_drain to replace uncessary bdrv_drain_all", 2015-07-07), it works
at the AioContext level rather than the BlockDriverState level.

Therefore, it is also necessary to trigger pending bottom halves too,
even if no requests are pending.

For NBD this ensures that the aio_co_schedule of a previous call to
nbd_attach_aio_context is completed before detaching from the old
AioContext; it fixes qemu-iotest 094.  Another similar bug happens
when the VM is stopped and the virtio-blk dataplane irqfd is torn down.
In this case it's possible that guest I/O gets stuck if notify_guest_bh
was scheduled but doesn't run.

Calling aio_poll from another AioContext is safe if non-blocking; races
such as the one mentioned in the commit message for c9d1a56 ("block:
only call aio_poll on the current thread's AioContext", 2016-10-28)
are a concern for blocking calls.

I considered other options, including:

- moving the bs->wakeup mechanism to AioContext, and letting the caller
check.  This might work for virtio which has a clear place to wakeup
(notify_place_bh) and check the condition (virtio_blk_data_plane_stop).
For aio_co_schedule I couldn't find a clear place to check the condition.

- adding a dummy oneshot bottom half and waiting for it to trigger.
This has the complication that bottom half list is LIFO for historical
reasons.  There were performance issues caused by bottom half ordering
in the past, so I decided against it for 2.9.

Fixes: 99723548561978da8ef44cf804fb7912698f5d88
Reported-by: Max Reitz <mreitz@redhat.com>
Reported-by: Halil Pasic <pasic@linux.vnet.ibm.com>
Tested-by: Halil Pasic <pasic@linux.vnet.ibm.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Message-id: 20170314111157.14464-2-pbonzini@redhat.com
Reviewed-by: Eric Blake <eblake@redhat.com>
Signed-off-by: Max Reitz <mreitz@redhat.com>
3 years agothread-pool: add missing qemu_bh_cancel in completion function
Peter Lieven [Thu, 16 Mar 2017 16:02:49 +0000 (17:02 +0100)] 
thread-pool: add missing qemu_bh_cancel in completion function

commit 3c80ca15 fixed a deadlock scenarion with nested aio_poll invocations.

However, the rescheduling of the completion BH introcuded unnecessary spinning
in the main-loop. On very fast file backends this can even lead to the
"WARNING: I/O thread spun for 1000 iterations" message popping up.

Callgrind reports about 3-4% less instructions with this patch running
qemu-img bench on a ramdisk based VMDK file.

Fixes: 3c80ca158c96ff902a30883a8933e755988948b1
Cc: qemu-stable@nongnu.org
Signed-off-by: Peter Lieven <pl@kamp.de>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
3 years agoblock: Propagate error in bdrv_open_backing_file
Fam Zheng [Fri, 17 Mar 2017 01:56:30 +0000 (09:56 +0800)] 
block: Propagate error in bdrv_open_backing_file

Signed-off-by: Fam Zheng <famz@redhat.com>
Reviewed-by: Alberto Garcia <berto@igalia.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
3 years agoblockdev: fix bitmap clear undo
John Snow [Wed, 15 Mar 2017 21:28:11 +0000 (17:28 -0400)] 
blockdev: fix bitmap clear undo

Only undo the action if we actually prepared the action.

Signed-off-by: John Snow <jsnow@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
3 years agoblock: Always call bdrv_child_check_perm first
Fam Zheng [Tue, 14 Mar 2017 02:30:50 +0000 (10:30 +0800)] 
block: Always call bdrv_child_check_perm first

bdrv_child_set_perm alone is not very usable because the caller must
call bdrv_child_check_perm first. This is already encapsulated
conveniently in bdrv_child_try_set_perm, so remove the other prototypes
from the header and fix the one wrong caller, block/mirror.c.

Signed-off-by: Fam Zheng <famz@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
3 years agofile-posix: Don't leak fd in hdev_get_max_segments
Fam Zheng [Tue, 14 Mar 2017 16:12:05 +0000 (00:12 +0800)] 
file-posix: Don't leak fd in hdev_get_max_segments

This fixes a leaked fd introduced in commit 9103f1ce.

Signed-off-by: Fam Zheng <famz@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
3 years agoreplication: clarify permissions
Changlong Xie [Tue, 14 Mar 2017 11:46:52 +0000 (19:46 +0800)] 
replication: clarify permissions

Even if hidden_disk, secondary_disk are backing files, they all need
write permissions in replication scenario. Otherwise we will encouter
below exceptions on secondary side during adding nbd server:

{'execute': 'nbd-server-add', 'arguments': {'device': 'colo-disk', 'writable': true } }
{"error": {"class": "GenericError", "desc": "Conflicts with use by hidden-qcow2-driver as 'backing', which does not allow 'write' on sec-qcow2-driver-for-nbd"}}

CC: Zhang Hailiang <zhang.zhanghailiang@huawei.com>
CC: Zhang Chen <zhangchen.fnst@cn.fujitsu.com>
CC: Wen Congyang <wencongyang2@huawei.com>
Signed-off-by: Changlong Xie <xiecl.fnst@cn.fujitsu.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
3 years agofile-posix: clean up max_segments buffer termination
Stefan Hajnoczi [Tue, 14 Mar 2017 09:09:22 +0000 (17:09 +0800)] 
file-posix: clean up max_segments buffer termination

The following pattern is unsafe:

  char buf[32];
  ret = read(fd, buf, sizeof(buf));
  ...
  buf[ret] = 0;

If read(2) returns 32 then a byte beyond the end of the buffer is
zeroed.

In practice this buffer overflow does not occur because the sysfs
max_segments file only contains an unsigned short + '\n'.  The string is
always shorter than 32 bytes.

Regardless, avoid this pattern because static analysis tools might
complain and it could lead to real buffer overflows if copy-pasted
elsewhere in the codebase.

Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
3 years agocirrus: fix off-by-one in cirrus_bitblt_rop_bkwd_transp_*_16
Gerd Hoffmann [Fri, 17 Mar 2017 07:21:36 +0000 (08:21 +0100)] 
cirrus: fix off-by-one in cirrus_bitblt_rop_bkwd_transp_*_16

The switch from pointers to addresses (commit
026aeffcb4752054830ba203020ed6eb05bcaba8 and
ffaf857778286ca54e3804432a2369a279e73aa7) added
a off-by-one bug to 16bit backward blits.  Fix.

Reported-by: 李强 <liqiang6-s@360.cn>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Reviewed-by: Li Qiang <liqiang6-s@360.cn>
Message-id: 1489735296-19047-1-git-send-email-kraxel@redhat.com

3 years agoui/console: ensure graphic updates don't race with TCG vCPUs
Alex Bennée [Wed, 15 Mar 2017 14:48:25 +0000 (14:48 +0000)] 
ui/console: ensure graphic updates don't race with TCG vCPUs

Commit 8d04fb55..

  tcg: drop global lock during TCG code execution

..broke the assumption that updates to the GUI couldn't happen at the
same time as TCG vCPUs where running. As a result the TCG vCPU could
still be updating a directly mapped frame-buffer while the display
side was updating. This would cause artefacts to appear when the
update code assumed that memory block hadn't changed.

The simplest solution is to ensure the two things can't happen at the
same time like the old BQL locking scheme. Here we use the solution
introduced for MTTCG and schedule the update as async_safe_work when
we know no vCPUs can be running.

Reported-by: Mark Cave-Ayland <mark.cave-ayland@ilande.co.uk>
Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
Message-id: 20170315144825.3108-1-alex.bennee@linaro.org
Cc: BALATON Zoltan <balaton@eik.bme.hu>
Cc: Gerd Hoffmann <kraxel@redhat.com>
Cc: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
[ kraxel: updated comment clarifying the display adapters are buggy
          and this is a temporary workaround ]

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
3 years agoMerge remote-tracking branch 'remotes/kraxel/tags/pull-cirrus-20170316-1' into staging
Peter Maydell [Thu, 16 Mar 2017 16:40:44 +0000 (16:40 +0000)] 
Merge remote-tracking branch 'remotes/kraxel/tags/pull-cirrus-20170316-1' into staging

cirrus: blitter fixes.

# gpg: Signature made Thu 16 Mar 2017 09:05:22 GMT
# gpg:                using RSA key 0x4CB6D8EED3E87138
# gpg: Good signature from "Gerd Hoffmann (work) <kraxel@redhat.com>"
# gpg:                 aka "Gerd Hoffmann <gerd@kraxel.org>"
# gpg:                 aka "Gerd Hoffmann (private) <kraxel@gmail.com>"
# Primary key fingerprint: A032 8CFF B93A 17A7 9901  FE7D 4CB6 D8EE D3E8 7138

* remotes/kraxel/tags/pull-cirrus-20170316-1:
  cirrus: stop passing around src pointers in the blitter
  cirrus: stop passing around dst pointers in the blitter
  cirrus: fix cirrus_invalidate_region
  cirrus: add option to disable blitter
  cirrus: switch to 4 MB video memory by default
  cirrus/vnc: zap bitblit support from console code.
  fix :cirrus_vga fix OOB read case qemu Segmentation fault

# Conflicts:
# include/hw/compat.h

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
3 years agoMerge remote-tracking branch 'remotes/juanquintela/tags/migration/20170316' into...
Peter Maydell [Thu, 16 Mar 2017 15:32:07 +0000 (15:32 +0000)] 
Merge remote-tracking branch 'remotes/juanquintela/tags/migration/20170316' into staging

migration/next for 20170316

# gpg: Signature made Thu 16 Mar 2017 08:21:51 GMT
# gpg:                using RSA key 0xF487EF185872D723
# gpg: Good signature from "Juan Quintela <quintela@redhat.com>"
# gpg:                 aka "Juan Quintela <quintela@trasno.org>"
# Primary key fingerprint: 1899 FF8E DEBF 58CC EE03  4B82 F487 EF18 5872 D723

* remotes/juanquintela/tags/migration/20170316:
  postcopy: Check for shared memory
  RAMBlocks: qemu_ram_is_shared
  vmstate: fix failed iotests case 68 and 91
  migration/block: Avoid invoking blk_drain too frequently
  migration: use "" as the default for tls-creds/hostname
  Change the method to calculate dirty-pages-rate

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
3 years agoMerge remote-tracking branch 'remotes/stefanha/tags/tracing-pull-request' into staging
Peter Maydell [Thu, 16 Mar 2017 14:23:10 +0000 (14:23 +0000)] 
Merge remote-tracking branch 'remotes/stefanha/tags/tracing-pull-request' into staging

Pull request

Tracing makefile fixes for QEMU 2.9.

# gpg: Signature made Thu 16 Mar 2017 06:56:10 GMT
# gpg:                using RSA key 0x9CA4ABB381AB73C8
# gpg: Good signature from "Stefan Hajnoczi <stefanha@redhat.com>"
# gpg:                 aka "Stefan Hajnoczi <stefanha@gmail.com>"
# Primary key fingerprint: 8695 A8BF D3F9 7CDA AC35  775A 9CA4 ABB3 81AB 73C8

* remotes/stefanha/tags/tracing-pull-request:
  trace: ensure $(tracetool-y) is defined in top level makefile
  makefile: generate trace-events-all upfront
  makefile: merge GENERATED_HEADERS & GENERATED_SOURCES variables

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
3 years agodtc: Revert unintentional submodule downgrade from commit c2cabb34220d63f9
Peter Maydell [Thu, 16 Mar 2017 14:11:15 +0000 (14:11 +0000)] 
dtc: Revert unintentional submodule downgrade from commit c2cabb34220d63f9

Commit c2cabb34220d63f9 inadvertently downgraded the 'dtc' submodule,
undoing the increments added in earlier commits. Revert this,
returning the submodule state to where we should be.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
3 years agoMerge remote-tracking branch 'remotes/armbru/tags/pull-qapi-2017-03-16' into staging
Peter Maydell [Thu, 16 Mar 2017 12:05:02 +0000 (12:05 +0000)] 
Merge remote-tracking branch 'remotes/armbru/tags/pull-qapi-2017-03-16' into staging

QAPI patches for 2017-03-16

# gpg: Signature made Thu 16 Mar 2017 06:18:38 GMT
# gpg:                using RSA key 0x3870B400EB918653
# gpg: Good signature from "Markus Armbruster <armbru@redhat.com>"
# gpg:                 aka "Markus Armbruster <armbru@pond.sub.org>"
# Primary key fingerprint: 354B C8B3 D7EB 2A6B 6867  4E5F 3870 B400 EB91 8653

* remotes/armbru/tags/pull-qapi-2017-03-16: (49 commits)
  qapi: Fix a misleading parser error message
  qapi: Make pylint a bit happier
  qapi: Drop unused .check_clash() parameter schema
  qapi: union_types is a list used like a dict, make it one
  qapi: struct_types is a list used like a dict, make it one
  qapi: enum_types is a list used like a dict, make it one
  qapi: Factor add_name() calls out of the meta conditional
  qapi: Simplify what gets stored in enum_types
  qapi: Drop unused variable events
  qapi: Eliminate check_docs() and drop QAPIDoc.expr
  qapi: Fix detection of bogus member documentation
  tests/qapi-schema: Improve coverage of bogus member docs
  tests/qapi-schema: Rename doc-bad-args to doc-bad-command-arg
  qapi: Move empty doc section checking to doc parser
  qapi: Improve error message on @NAME: in free-form doc
  qapi: Move detection of doc / expression name mismatch
  qapi: Fix detection of doc / expression mismatch
  tests/qapi-schema: Improve doc / expression mismatch coverage
  qapi2texi: Use category "Object" for all object types
  qapi2texi: Generate descriptions for simple union tags
  ...

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
3 years agoMerge remote-tracking branch 'remotes/mst/tags/for_upstream' into staging
Peter Maydell [Thu, 16 Mar 2017 11:05:47 +0000 (11:05 +0000)] 
Merge remote-tracking branch 'remotes/mst/tags/for_upstream' into staging

virtio, pci: fixes

More fixes missed in the previous pull request.

Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
# gpg: Signature made Thu 16 Mar 2017 02:29:49 GMT
# gpg:                using RSA key 0x281F0DB8D28D5469
# gpg: Good signature from "Michael S. Tsirkin <mst@kernel.org>"
# gpg:                 aka "Michael S. Tsirkin <mst@redhat.com>"
# Primary key fingerprint: 0270 606B 6F3C DF3D 0B17  0970 C350 3912 AFBE 8E67
#      Subkey fingerprint: 5D09 FD08 71C8 F85B 94CA  8A0D 281F 0DB8 D28D 5469

* remotes/mst/tags/for_upstream:
  virtio-serial-bus: Delete timer from list before free it
  hw/virtio: fix Power Management Control Register for PCI Express virtio devices
  hw/virtio: fix Link Control Register for PCI Express virtio devices
  hw/virtio: fix error enabling flags in Device Control register
  hw/pcie: fix Extended Configuration Space for devices with no Extended Capabilities

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
3 years agoMerge remote-tracking branch 'remotes/jnsnow/tags/ide-pull-request' into staging
Peter Maydell [Thu, 16 Mar 2017 10:04:41 +0000 (10:04 +0000)] 
Merge remote-tracking branch 'remotes/jnsnow/tags/ide-pull-request' into staging

# gpg: Signature made Thu 16 Mar 2017 00:52:41 GMT
# gpg:                using RSA key 0x7DEF8106AAFC390E
# gpg: Good signature from "John Snow (John Huston) <jsnow@redhat.com>"
# Primary key fingerprint: FAEB 9711 A12C F475 812F  18F2 88A9 064D 1835 61EB
#      Subkey fingerprint: F9B7 ABDB BCAC DF95 BE76  CBD0 7DEF 8106 AAFC 390E

* remotes/jnsnow/tags/ide-pull-request:
  ide: ahci: call cleanup function in ahci unit
  ide: core: add cleanup function
  ide: qdev: register ide bus unrealize function

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
3 years agopostcopy: Check for shared memory
Dr. David Alan Gilbert [Tue, 7 Mar 2017 18:36:37 +0000 (18:36 +0000)] 
postcopy: Check for shared memory

Postcopy doesn't support migration of RAM shared with another process
yet (we've got a bunch of things to understand).
Check for the case and don't allow postcopy to be enabled.

Signed-off-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
Reviewed-by: Juan Quintela <quintela@redhat.com>
Signed-off-by: Juan Quintela <quintela@redhat.com>
3 years agoRAMBlocks: qemu_ram_is_shared
Dr. David Alan Gilbert [Tue, 7 Mar 2017 18:36:36 +0000 (18:36 +0000)] 
RAMBlocks: qemu_ram_is_shared

Provide a helper to say whether a RAMBlock was created as a
shared mapping.

Signed-off-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
Reviewed-by: Juan Quintela <quintela@redhat.com>
Signed-off-by: Juan Quintela <quintela@redhat.com>
3 years agovmstate: fix failed iotests case 68 and 91
QingFeng Hao [Fri, 10 Mar 2017 04:44:02 +0000 (05:44 +0100)] 
vmstate: fix failed iotests case 68 and 91

This problem affects s390x only if we are running without KVM.
Basically, S390CPU.irqstate is unused if we do not use KVM,
and thus no buffer is allocated.
This causes size=0, first_elem=NULL and n_elems=1 in
vmstate_load_state and vmstate_save_state. And the assert fails.
With this fix we can go back to the old behavior and support
VMS_VBUFFER with size 0 and nullptr.

Signed-off-by: QingFeng Hao <haoqf@linux.vnet.ibm.com>
Signed-off-by: Halil Pasic <pasic@linux.vnet.ibm.com>
Reviewed-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
Signed-off-by: Juan Quintela <quintela@redhat.com>
3 years agomigration/block: Avoid invoking blk_drain too frequently
Lidong Chen [Wed, 15 Mar 2017 03:37:33 +0000 (11:37 +0800)] 
migration/block: Avoid invoking blk_drain too frequently

Increase bmds->cur_dirty after submit io, so reduce the frequency
involve into blk_drain, and improve the performance obviously
when block migration.

The performance test result of this patch:

During the block dirty save phase, this patch improve guest os IOPS
from 4.0K to 9.5K. and improve the migration speed from
505856 rsec/s to 855756 rsec/s.

Signed-off-by: Lidong Chen <jemmy858585@gmail.com>
Reviewed-by: Fam Zheng <famz@redhat.com>
Signed-off-by: Juan Quintela <quintela@redhat.com>
3 years agocirrus: stop passing around src pointers in the blitter
Gerd Hoffmann [Wed, 15 Mar 2017 13:28:07 +0000 (14:28 +0100)] 
cirrus: stop passing around src pointers in the blitter

Does basically the same as "cirrus: stop passing around dst pointers in
the blitter", just for the src pointer instead of the dst pointer.

For the src we have to care about cputovideo blits though and fetch the
data from s->cirrus_bltbuf instead of vga memory.  The cirrus_src*()
helper functions handle that.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Message-id: 1489584487-3489-1-git-send-email-kraxel@redhat.com

3 years agocirrus: stop passing around dst pointers in the blitter
Gerd Hoffmann [Wed, 15 Mar 2017 10:47:52 +0000 (11:47 +0100)] 
cirrus: stop passing around dst pointers in the blitter

Instead pass around the address (aka offset into vga memory).  Calculate
the pointer in the rop_* functions, after applying the mask to the
address, to make sure the address stays within the valid range.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Message-id: 1489574872-8679-1-git-send-email-kraxel@redhat.com

3 years agocirrus: fix cirrus_invalidate_region
Gerd Hoffmann [Wed, 15 Mar 2017 12:06:46 +0000 (13:06 +0100)] 
cirrus: fix cirrus_invalidate_region

off_cur_end is exclusive, so off_cur_end == cirrus_addr_mask is valid.
Fix calculation to make sure to allow that, otherwise the assert added
by commit f153b563f8cf121aebf5a2fff5f0110faf58ccb3 can trigger for valid
blits.

Test case: boot windows nt 4.0

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Message-id: 1489579606-26020-1-git-send-email-kraxel@redhat.com

3 years agocirrus: add option to disable blitter
Gerd Hoffmann [Tue, 14 Mar 2017 12:29:00 +0000 (13:29 +0100)] 
cirrus: add option to disable blitter

Ok, we have this beast in the cirrus code which is not used at all by
modern guests, except when you try to find security holes in qemu.  So,
add an option to disable blitter altogether.  Guests released within
the last ten years should not show any rendering issues if you turn off
blitter support.

There are no known bugs in the cirrus blitter code.  But in the past we
hoped a few times already that we've finally nailed the last issue.  So
having some easy way to mitigate in case yet another blitter issue shows
up certainly makes me sleep a bit better at night.

For completeness:  The by far better way to mitigate is to switch away
from cirrus and use stdvga instead.  Or something more modern like
virtio-vga in case your guest has support for it.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Message-id: 1489494540-15745-1-git-send-email-kraxel@redhat.com

3 years agocirrus: switch to 4 MB video memory by default
Gerd Hoffmann [Tue, 14 Mar 2017 12:28:34 +0000 (13:28 +0100)] 
cirrus: switch to 4 MB video memory by default

Quoting cirrus source code:
   Follow real hardware, cirrus card emulated has 4 MB video memory.
   Also accept 8 MB/16 MB for backward compatibility.

So just use 4MB by default.  We decided to leave that at 8MB by default
a while ago, for live migration compatibility reasons.  But we have
compat properties to handle that, so that isn't a compeling reason.

This also removes some sanity check inconsistencies in the cirrus code.
Some places check against the allocated video memory, some places check
against the 4MB physical hardware has.  Guest code can trigger asserts
because of that.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Message-id: 1489494514-15606-1-git-send-email-kraxel@redhat.com

3 years agocirrus/vnc: zap bitblit support from console code.
Gerd Hoffmann [Tue, 14 Mar 2017 12:26:59 +0000 (13:26 +0100)] 
cirrus/vnc: zap bitblit support from console code.

There is a special code path (dpy_gfx_copy) to allow graphic emulation
notify user interface code about bitblit operations carryed out by
guests.  It is supported by cirrus and vnc server.  The intended purpose
is to optimize display scrolls and just send over the scroll op instead
of a full display update.

This is rarely used these days though because modern guests simply don't
use the cirrus blitter any more.  Any linux guest using the cirrus drm
driver doesn't.  Any windows guest newer than winxp doesn't ship with a
cirrus driver any more and thus uses the cirrus as simple framebuffer.

So this code tends to bitrot and bugs can go unnoticed for a long time.
See for example commit "3e10c3e vnc: fix qemu crash because of SIGSEGV"
which fixes a bug lingering in the code for almost a year, added by
commit "c7628bf vnc: only alloc server surface with clients connected".

Also the vnc server will throttle the frame rate in case it figures the
network can't keep up (send buffers are full).  This doesn't work with
dpy_gfx_copy, for any copy operation sent to the vnc client we have to
send all outstanding updates beforehand, otherwise the vnc client might
run the client side blit on outdated data and thereby corrupt the
display.  So this dpy_gfx_copy "optimization" might even make things
worse on slow network links.

Lets kill it once for all.

Oh, and one more reason: Turns out (after writing the patch) we have a
security bug in that code path ...

Fixes: CVE-2016-9603
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Message-id: 1489494419-14340-1-git-send-email-kraxel@redhat.com

3 years agofix :cirrus_vga fix OOB read case qemu Segmentation fault
hangaohuai [Tue, 14 Mar 2017 06:39:19 +0000 (14:39 +0800)] 
fix :cirrus_vga fix OOB read case qemu Segmentation fault

check the validity of parameters in cirrus_bitblt_rop_fwd_transp_xxx
and cirrus_bitblt_rop_fwd_xxx to avoid the OOB read which causes qemu Segmentation fault.

After the fix, we will touch the assert in
cirrus_invalidate_region:
assert(off_cur_end >= off_cur);

Signed-off-by: fangying <fangying1@huawei.com>
Signed-off-by: hangaohuai <hangaohuai@huawei.com>
Message-id: 20170314063919.16200-1-hangaohuai@huawei.com
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
3 years agomigration: use "" as the default for tls-creds/hostname
Daniel P. Berrange [Wed, 15 Mar 2017 16:16:03 +0000 (16:16 +0000)] 
migration: use "" as the default for tls-creds/hostname

The tls-creds parameter has a default value of NULL indicating
that TLS should not be used. Setting it to non-NULL enables
use of TLS. Once tls-creds are set to a non-NULL value via the
monitor, it isn't possible to set them back to NULL again, due
to current implementation limitations. The empty string is not
a valid QObject identifier, so this switches to use "" as the
default, indicating that TLS will not be used

The tls-hostname parameter has a default value of NULL indicating
the the hostname from the migrate connection URI should be used.
Again, once tls-hostname is set non-NULL, to override the default
hostname for x509 cert validation, it isn't possible to reset it
back to NULL via the monitor. The empty string is not a valid
hostname, so this switches to use "" as the default, indicating
that the migrate URI hostname should be used.

Using "" as the default for both, also means that the monitor
commands "info migrate_parameters" / "query-migrate-parameters"
will report existance of tls-creds/tls-parameters even when set
to their default values.

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
Reviewed-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Signed-off-by: Juan Quintela <quintela@redhat.com>
3 years agoChange the method to calculate dirty-pages-rate
Chao Fan [Tue, 14 Mar 2017 01:55:07 +0000 (09:55 +0800)] 
Change the method to calculate dirty-pages-rate

In function cpu_physical_memory_sync_dirty_bitmap, file
include/exec/ram_addr.h:

if (src[idx][offset]) {
    unsigned long bits = atomic_xchg(&src[idx][offset], 0);
    unsigned long new_dirty;
    new_dirty = ~dest[k];
    dest[k] |= bits;
    new_dirty &= bits;
    num_dirty += ctpopl(new_dirty);
}

After these codes executed, only the pages not dirtied in bitmap(dest),
but dirtied in dirty_memory[DIRTY_MEMORY_MIGRATION] will be calculated.
For example:
When ram_list.dirty_memory[DIRTY_MEMORY_MIGRATION] = 0b00001111,
and atomic_rcu_read(&migration_bitmap_rcu)->bmap = 0b00000011,
the new_dirty will be 0b00001100, and this function will return 2 but not
4 which is expected.
the dirty pages in dirty_memory[DIRTY_MEMORY_MIGRATION] are all new,
so these should be calculated also.

Signed-off-by: Chao Fan <fanc.fnst@cn.fujitsu.com>
Signed-off-by: Li Zhijian <lizhijian@cn.fujitsu.com>
Reviewed-by: Juan Quintela <quintela@redhat.com>
Signed-off-by: Juan Quintela <quintela@redhat.com>
3 years agoMerge remote-tracking branch 'remotes/mcayland/tags/qemu-openbios-signed' into staging
Peter Maydell [Thu, 16 Mar 2017 07:47:12 +0000 (07:47 +0000)] 
Merge remote-tracking branch 'remotes/mcayland/tags/qemu-openbios-signed' into staging

Update OpenBIOS images

# gpg: Signature made Wed 15 Mar 2017 21:01:53 GMT
# gpg:                using RSA key 0x5BC2C56FAE0F321F
# gpg: Good signature from "Mark Cave-Ayland <mark.cave-ayland@ilande.co.uk>"
# Primary key fingerprint: CC62 1AB9 8E82 200D 915C  C9C4 5BC2 C56F AE0F 321F

* remotes/mcayland/tags/qemu-openbios-signed:
  Update OpenBIOS images to f233c3f built from submodule.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
3 years agoqapi: Fix a misleading parser error message
Markus Armbruster [Wed, 15 Mar 2017 12:57:36 +0000 (13:57 +0100)] 
qapi: Fix a misleading parser error message

When choking on a token where an expression is expected, we report
'Expected "{", "[" or string'.  Close, but no cigar.  Fix it to
Expected '"{", "[", string, boolean or "null"'.

Missed in commit e53188a.

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Message-Id: <1489582656-31133-48-git-send-email-armbru@redhat.com>

3 years agoqapi: Make pylint a bit happier
Markus Armbruster [Wed, 15 Mar 2017 12:57:35 +0000 (13:57 +0100)] 
qapi: Make pylint a bit happier

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Message-Id: <1489582656-31133-47-git-send-email-armbru@redhat.com>

3 years agoqapi: Drop unused .check_clash() parameter schema
Markus Armbruster [Wed, 15 Mar 2017 12:57:34 +0000 (13:57 +0100)] 
qapi: Drop unused .check_clash() parameter schema

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Message-Id: <1489582656-31133-46-git-send-email-armbru@redhat.com>

3 years agoqapi: union_types is a list used like a dict, make it one
Markus Armbruster [Wed, 15 Mar 2017 12:57:33 +0000 (13:57 +0100)] 
qapi: union_types is a list used like a dict, make it one

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Message-Id: <1489582656-31133-45-git-send-email-armbru@redhat.com>

3 years agoqapi: struct_types is a list used like a dict, make it one
Markus Armbruster [Wed, 15 Mar 2017 12:57:32 +0000 (13:57 +0100)] 
qapi: struct_types is a list used like a dict, make it one

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Message-Id: <1489582656-31133-44-git-send-email-armbru@redhat.com>

3 years agoqapi: enum_types is a list used like a dict, make it one
Markus Armbruster [Wed, 15 Mar 2017 12:57:31 +0000 (13:57 +0100)] 
qapi: enum_types is a list used like a dict, make it one

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Message-Id: <1489582656-31133-43-git-send-email-armbru@redhat.com>

3 years agoqapi: Factor add_name() calls out of the meta conditional
Markus Armbruster [Wed, 15 Mar 2017 12:57:30 +0000 (13:57 +0100)] 
qapi: Factor add_name() calls out of the meta conditional

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Message-Id: <1489582656-31133-42-git-send-email-armbru@redhat.com>

3 years agoqapi: Simplify what gets stored in enum_types
Markus Armbruster [Wed, 15 Mar 2017 12:57:29 +0000 (13:57 +0100)] 
qapi: Simplify what gets stored in enum_types

Don't invent a new dictionary structure just for enum_types, simply
store the defining expression, like we do for struct_types and
union_types.

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Message-Id: <1489582656-31133-41-git-send-email-armbru@redhat.com>

3 years agoqapi: Drop unused variable events
Markus Armbruster [Wed, 15 Mar 2017 12:57:28 +0000 (13:57 +0100)] 
qapi: Drop unused variable events

Missed in commit e98859a

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Message-Id: <1489582656-31133-40-git-send-email-armbru@redhat.com>

3 years agoqapi: Eliminate check_docs() and drop QAPIDoc.expr
Markus Armbruster [Wed, 15 Mar 2017 12:57:27 +0000 (13:57 +0100)] 
qapi: Eliminate check_docs() and drop QAPIDoc.expr

Move what's left in check_docs() to check_expr().  Delegate the actual
checking to new QAPIDoc.check_expr().

QAPIDoc.expr is now unused; drop it.

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Message-Id: <1489582656-31133-39-git-send-email-armbru@redhat.com>

3 years agoqapi: Fix detection of bogus member documentation
Markus Armbruster [Wed, 15 Mar 2017 12:57:26 +0000 (13:57 +0100)] 
qapi: Fix detection of bogus member documentation

check_definition_doc() checks for member documentation without a
matching member.  It laboriously second-guesses what members
QAPISchema._def_exprs() will create.  That's a stupid game.

Move the check into QAPISchema.check(), where the members are known.
Delegate the actual checking to new QAPIDoc.check().

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Message-Id: <1489582656-31133-38-git-send-email-armbru@redhat.com>

3 years agotests/qapi-schema: Improve coverage of bogus member docs
Markus Armbruster [Wed, 15 Mar 2017 12:57:25 +0000 (13:57 +0100)] 
tests/qapi-schema: Improve coverage of bogus member docs

New test doc-bad-union-member.json shows we can fail to reject
documentation for nonexistent members.

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Message-Id: <1489582656-31133-37-git-send-email-armbru@redhat.com>

3 years agotests/qapi-schema: Rename doc-bad-args to doc-bad-command-arg
Markus Armbruster [Wed, 15 Mar 2017 12:57:24 +0000 (13:57 +0100)] 
tests/qapi-schema: Rename doc-bad-args to doc-bad-command-arg

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Message-Id: <1489582656-31133-36-git-send-email-armbru@redhat.com>

3 years agoqapi: Move empty doc section checking to doc parser
Markus Armbruster [Wed, 15 Mar 2017 12:57:23 +0000 (13:57 +0100)] 
qapi: Move empty doc section checking to doc parser

Results in a more precise error location, but the real reason is
emptying out check_docs() step by step.

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Message-Id: <1489582656-31133-35-git-send-email-armbru@redhat.com>

3 years agoqapi: Improve error message on @NAME: in free-form doc
Markus Armbruster [Wed, 15 Mar 2017 12:57:22 +0000 (13:57 +0100)] 
qapi: Improve error message on @NAME: in free-form doc

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Message-Id: <1489582656-31133-34-git-send-email-armbru@redhat.com>

3 years agoqapi: Move detection of doc / expression name mismatch
Markus Armbruster [Wed, 15 Mar 2017 12:57:21 +0000 (13:57 +0100)] 
qapi: Move detection of doc / expression name mismatch

Move the check whether the doc matches the expression name from
check_definition_doc() to check_exprs().  This changes the error
location from the comment to the expression.  Makes sense as the
message talks about the expression: "Definition of '%s' follows
documentation for '%s'".  It's also a step towards getting rid of
check_docs().

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Message-Id: <1489582656-31133-33-git-send-email-armbru@redhat.com>

3 years agoqapi: Fix detection of doc / expression mismatch
Markus Armbruster [Wed, 15 Mar 2017 12:57:20 +0000 (13:57 +0100)] 
qapi: Fix detection of doc / expression mismatch

This fixes the errors uncovered by the previous commit.

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Message-Id: <1489582656-31133-32-git-send-email-armbru@redhat.com>

3 years agotests/qapi-schema: Improve doc / expression mismatch coverage
Markus Armbruster [Wed, 15 Mar 2017 12:57:19 +0000 (13:57 +0100)] 
tests/qapi-schema: Improve doc / expression mismatch coverage

New tests doc-before-include.json and doc-before-pragma.json show we
fail to reject a misplaced expression comment.

New test doc-no-symbol.json shows a bad error message.

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Message-Id: <1489582656-31133-31-git-send-email-armbru@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>