[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Qemu-commits] [qemu/qemu] 78ee6b: various: Remove suspicious '\' charac
|
From: |
Peter Maydell |
|
Subject: |
[Qemu-commits] [qemu/qemu] 78ee6b: various: Remove suspicious '\' character outside o... |
|
Date: |
Wed, 29 Apr 2020 13:00:31 -0700 |
Branch: refs/heads/master
Home: https://github.com/qemu/qemu
Commit: 78ee6bd04821847036a805cb4bdd46464e1d3098
https://github.com/qemu/qemu/commit/78ee6bd04821847036a805cb4bdd46464e1d3098
Author: Philippe Mathieu-Daudé <address@hidden>
Date: 2020-04-29 (Wed, 29 Apr 2020)
Changed paths:
M block/replication.c
M block/vhdx.c
M dump/dump.c
M hw/net/virtio-net.c
M hw/riscv/sifive_u.c
M hw/scsi/scsi-disk.c
M hw/sd/sdhci.c
M target/i386/cpu.c
M target/microblaze/cpu.c
M target/ppc/translate_init.inc.c
Log Message:
-----------
various: Remove suspicious '\' character outside of #define in C code
Fixes the following coccinelle warnings:
$ spatch --sp-file --verbose-parsing ... \
scripts/coccinelle/remove_local_err.cocci
...
SUSPICIOUS: a \ character appears outside of a #define at
./target/ppc/translate_init.inc.c:5213
SUSPICIOUS: a \ character appears outside of a #define at
./target/ppc/translate_init.inc.c:5261
SUSPICIOUS: a \ character appears outside of a #define at
./target/microblaze/cpu.c:166
SUSPICIOUS: a \ character appears outside of a #define at
./target/microblaze/cpu.c:167
SUSPICIOUS: a \ character appears outside of a #define at
./target/microblaze/cpu.c:169
SUSPICIOUS: a \ character appears outside of a #define at
./target/microblaze/cpu.c:170
SUSPICIOUS: a \ character appears outside of a #define at
./target/microblaze/cpu.c:171
SUSPICIOUS: a \ character appears outside of a #define at
./target/microblaze/cpu.c:172
SUSPICIOUS: a \ character appears outside of a #define at
./target/microblaze/cpu.c:173
SUSPICIOUS: a \ character appears outside of a #define at
./target/i386/cpu.c:5787
SUSPICIOUS: a \ character appears outside of a #define at
./target/i386/cpu.c:5789
SUSPICIOUS: a \ character appears outside of a #define at
./target/i386/cpu.c:5800
SUSPICIOUS: a \ character appears outside of a #define at
./target/i386/cpu.c:5801
SUSPICIOUS: a \ character appears outside of a #define at
./target/i386/cpu.c:5802
SUSPICIOUS: a \ character appears outside of a #define at
./target/i386/cpu.c:5804
SUSPICIOUS: a \ character appears outside of a #define at
./target/i386/cpu.c:5805
SUSPICIOUS: a \ character appears outside of a #define at
./target/i386/cpu.c:5806
SUSPICIOUS: a \ character appears outside of a #define at
./target/i386/cpu.c:6329
SUSPICIOUS: a \ character appears outside of a #define at ./hw/sd/sdhci.c:1133
SUSPICIOUS: a \ character appears outside of a #define at
./hw/scsi/scsi-disk.c:3081
SUSPICIOUS: a \ character appears outside of a #define at
./hw/net/virtio-net.c:1529
SUSPICIOUS: a \ character appears outside of a #define at
./hw/riscv/sifive_u.c:468
SUSPICIOUS: a \ character appears outside of a #define at ./dump/dump.c:1895
SUSPICIOUS: a \ character appears outside of a #define at ./block/vhdx.c:2209
SUSPICIOUS: a \ character appears outside of a #define at ./block/vhdx.c:2215
SUSPICIOUS: a \ character appears outside of a #define at ./block/vhdx.c:2221
SUSPICIOUS: a \ character appears outside of a #define at ./block/vhdx.c:2222
SUSPICIOUS: a \ character appears outside of a #define at
./block/replication.c:172
SUSPICIOUS: a \ character appears outside of a #define at
./block/replication.c:173
Reviewed-by: Marc-André Lureau <address@hidden>
Signed-off-by: Philippe Mathieu-Daudé <address@hidden>
Message-Id: <address@hidden>
Reviewed-by: Alistair Francis <address@hidden>
Acked-by: David Gibson <address@hidden>
Signed-off-by: Markus Armbruster <address@hidden>
Commit: 32c2dcf5e87bf05153df92e49de75f72d4466e4e
https://github.com/qemu/qemu/commit/32c2dcf5e87bf05153df92e49de75f72d4466e4e
Author: Markus Armbruster <address@hidden>
Date: 2020-04-29 (Wed, 29 Apr 2020)
Changed paths:
M tests/test-qemu-opts.c
Log Message:
-----------
tests-qemu-opts: Cover has_help_option(), qemu_opt_has_help_opt()
The two turn out to be inconsistent for "a,b,,help". Test case
marked /* BUG */.
Signed-off-by: Markus Armbruster <address@hidden>
Message-Id: <address@hidden>
Reviewed-by: Eric Blake <address@hidden>
Commit: 6129803b55553b90805aa5012077b21c6c6eacdc
https://github.com/qemu/qemu/commit/6129803b55553b90805aa5012077b21c6c6eacdc
Author: Markus Armbruster <address@hidden>
Date: 2020-04-29 (Wed, 29 Apr 2020)
Changed paths:
M util/qemu-option.c
Log Message:
-----------
qemu-options: Factor out get_opt_name_value() helper
The next commits will put it to use.
Signed-off-by: Markus Armbruster <address@hidden>
Reviewed-by: Eric Blake <address@hidden>
Reviewed-by: Kevin Wolf <address@hidden>
Message-Id: <address@hidden>
Commit: 933d1527785fe839300459abb486905094d192a7
https://github.com/qemu/qemu/commit/933d1527785fe839300459abb486905094d192a7
Author: Markus Armbruster <address@hidden>
Date: 2020-04-29 (Wed, 29 Apr 2020)
Changed paths:
M tests/test-qemu-opts.c
M util/qemu-option.c
Log Message:
-----------
qemu-option: Fix sloppy recognition of "id=..." after ",,"
Signed-off-by: Markus Armbruster <address@hidden>
Reviewed-by: Eric Blake <address@hidden>
Reviewed-by: Kevin Wolf <address@hidden>
Message-Id: <address@hidden>
Commit: 80a94855737622436a9b5cd25315b9c80d7e3ffa
https://github.com/qemu/qemu/commit/80a94855737622436a9b5cd25315b9c80d7e3ffa
Author: Markus Armbruster <address@hidden>
Date: 2020-04-29 (Wed, 29 Apr 2020)
Changed paths:
M tests/test-qemu-opts.c
M util/qemu-option.c
Log Message:
-----------
qemu-option: Fix has_help_option()'s sloppy parsing
has_help_option() uses its own parser. It's inconsistent with
qemu_opts_parse(), as demonstrated by test-qemu-opts case
/qemu-opts/has_help_option. Fix by reusing the common parser.
Signed-off-by: Markus Armbruster <address@hidden>
Message-Id: <address@hidden>
Reviewed-by: Eric Blake <address@hidden>
Commit: 59d27ebc446baec4a972cc146df732910b5aa2de
https://github.com/qemu/qemu/commit/59d27ebc446baec4a972cc146df732910b5aa2de
Author: Markus Armbruster <address@hidden>
Date: 2020-04-29 (Wed, 29 Apr 2020)
Changed paths:
M tests/test-qemu-opts.c
Log Message:
-----------
test-qemu-opts: Simplify test_has_help_option() after bug fix
Signed-off-by: Markus Armbruster <address@hidden>
Reviewed-by: Eric Blake <address@hidden>
Reviewed-by: Kevin Wolf <address@hidden>
Message-Id: <address@hidden>
Commit: 56a9efa199a603b77e7f2bd0e84e11e897bf7473
https://github.com/qemu/qemu/commit/56a9efa199a603b77e7f2bd0e84e11e897bf7473
Author: Markus Armbruster <address@hidden>
Date: 2020-04-29 (Wed, 29 Apr 2020)
Changed paths:
M util/qemu-option.c
Log Message:
-----------
qemu-option: Avoid has_help_option() in qemu_opts_parse_noisily()
When opts_parse() sets @invalidp to true, qemu_opts_parse_noisily()
uses has_help_option() to decide whether to print help. This parses
the input string a second time.
Easy to avoid: replace @invalidp by @help_wanted.
Signed-off-by: Markus Armbruster <address@hidden>
Reviewed-by: Eric Blake <address@hidden>
Message-Id: <address@hidden>
Commit: 6d2b5cbafb8fb4bb3563cbf698b3a0903a993d7a
https://github.com/qemu/qemu/commit/6d2b5cbafb8fb4bb3563cbf698b3a0903a993d7a
Author: Markus Armbruster <address@hidden>
Date: 2020-04-29 (Wed, 29 Apr 2020)
Changed paths:
M qemu-img.c
Log Message:
-----------
qemu-img: Factor out accumulate_options() helper
Signed-off-by: Markus Armbruster <address@hidden>
Reviewed-by: Eric Blake <address@hidden>
Reviewed-by: Kevin Wolf <address@hidden>
Message-Id: <address@hidden>
Commit: 80c710cb06ff40b45de033e4352528b3adcd2de9
https://github.com/qemu/qemu/commit/80c710cb06ff40b45de033e4352528b3adcd2de9
Author: Markus Armbruster <address@hidden>
Date: 2020-04-29 (Wed, 29 Apr 2020)
Changed paths:
M include/qemu/option.h
M qemu-img.c
M util/qemu-option.c
Log Message:
-----------
qemu-img: Move is_valid_option_list() to qemu-img.c and rewrite
is_valid_option_list()'s purpose is ensuring qemu-img.c's can safely
join multiple parameter strings separated by ',' like this:
g_strdup_printf("%s,%s", params1, params2);
How it does that is anything but obvious. A close reading of the code
reveals that it fails exactly when its argument starts with ',' or
ends with an odd number of ','. Makes sense, actually, because when
the argument starts with ',', a separating ',' preceding it would get
escaped, and when it ends with an odd number of ',', a separating ','
following it would get escaped.
Move it to qemu-img.c and rewrite it the obvious way.
Signed-off-by: Markus Armbruster <address@hidden>
Reviewed-by: Eric Blake <address@hidden>
Message-Id: <address@hidden>
Commit: f62514b3def5fb2acbef64d0e053c0c31fa45aff
https://github.com/qemu/qemu/commit/f62514b3def5fb2acbef64d0e053c0c31fa45aff
Author: Markus Armbruster <address@hidden>
Date: 2020-04-29 (Wed, 29 Apr 2020)
Changed paths:
M qemu-img.c
Log Message:
-----------
qemu-img: Reject broken -o ""
qemu-img create, convert, amend, and measure use accumulate_options()
to merge multiple -o options. This is broken for -o "":
$ qemu-img create -f qcow2 -o backing_file=a -o "" -o
backing_fmt=raw,size=1M new.qcow2
qemu-img: warning: Could not verify backing image. This may become an error
in future versions.
Could not open 'a,backing_fmt=raw': No such file or directory
Formatting 'new.qcow2', fmt=qcow2 size=1048576
backing_file=a,,backing_fmt=raw cluster_size=65536 lazy_refcounts=off
refcount_bits=16
$ qemu-img info new.qcow2
image: new.qcow2
file format: qcow2
virtual size: 1 MiB (1048576 bytes)
disk size: 196 KiB
cluster_size: 65536
--> backing file: a,backing_fmt=raw
Format specific information:
compat: 1.1
lazy refcounts: false
refcount bits: 16
corrupt: false
Merging these three -o the obvious way is wrong, because it results in
an unwanted ',' escape:
backing_file=a,,backing_fmt=raw,size=1M
~~
We could silently drop -o "", but Kevin asked me to reject it instead.
Signed-off-by: Markus Armbruster <address@hidden>
Message-Id: <address@hidden>
Reviewed-by: Eric Blake <address@hidden>
Commit: 2a340b67bd0a702e6d2102691cb2cb2177b7e210
https://github.com/qemu/qemu/commit/2a340b67bd0a702e6d2102691cb2cb2177b7e210
Author: Markus Armbruster <address@hidden>
Date: 2020-04-29 (Wed, 29 Apr 2020)
Changed paths:
M backends/cryptodev-builtin.c
Log Message:
-----------
cryptodev: Fix cryptodev_builtin_cleanup() error API violation
The Error ** argument must be NULL, &error_abort, &error_fatal, or a
pointer to a variable containing NULL. Passing an argument of the
latter kind twice without clearing it in between is wrong: if the
first call sets an error, it no longer points to NULL for the second
call.
cryptodev_builtin_cleanup() passes @errp to
cryptodev_builtin_sym_close_session() in a loop. Harmless, because
cryptodev_builtin_sym_close_session() can't actually fail. Fix it
anyway.
Cc: Gonglei <address@hidden>
Signed-off-by: Markus Armbruster <address@hidden>
Message-Id: <address@hidden>
Commit: 77ed971b9d96a288e497509054e1e59493ffd1fc
https://github.com/qemu/qemu/commit/77ed971b9d96a288e497509054e1e59493ffd1fc
Author: Markus Armbruster <address@hidden>
Date: 2020-04-29 (Wed, 29 Apr 2020)
Changed paths:
M block/file-posix.c
Log Message:
-----------
block/file-posix: Fix check_cache_dropped() error handling
The Error ** argument must be NULL, &error_abort, &error_fatal, or a
pointer to a variable containing NULL. Passing an argument of the
latter kind twice without clearing it in between is wrong: if the
first call sets an error, it no longer points to NULL for the second
call.
check_cache_dropped() calls error_setg() in a loop. It fails to break
the loop in one instance. If a subsequent iteration error_setg()s
again, it trips error_setv()'s assertion.
Fix it to break the loop.
Fixes: 31be8a2a97ecba7d31a82932286489cac318e9e9
Cc: Stefan Hajnoczi <address@hidden>
Signed-off-by: Markus Armbruster <address@hidden>
Reviewed-by: Eric Blake <address@hidden>
Message-Id: <address@hidden>
Commit: abc9bf69a66a11499a801ff545b8fe7adbb3a04c
https://github.com/qemu/qemu/commit/abc9bf69a66a11499a801ff545b8fe7adbb3a04c
Author: Markus Armbruster <address@hidden>
Date: 2020-04-29 (Wed, 29 Apr 2020)
Changed paths:
M cpus.c
Log Message:
-----------
cpus: Fix configure_icount() error API violation
The Error ** argument must be NULL, &error_abort, &error_fatal, or a
pointer to a variable containing NULL. Passing an argument of the
latter kind twice without clearing it in between is wrong: if the
first call sets an error, it no longer points to NULL for the second
call.
configure_icount() is wrong that way. Harmless, because its @errp is
always &error_abort or &error_fatal.
Just as wrong (and just as harmless): when it fails, it can still
update global state.
Fix all that.
Cc: Paolo Bonzini <address@hidden>
Signed-off-by: Markus Armbruster <address@hidden>
Message-Id: <address@hidden>
Commit: 9ec374a781c34daa6e70fcd885ef30e090cc2384
https://github.com/qemu/qemu/commit/9ec374a781c34daa6e70fcd885ef30e090cc2384
Author: Markus Armbruster <address@hidden>
Date: 2020-04-29 (Wed, 29 Apr 2020)
Changed paths:
M cpus.c
Log Message:
-----------
cpus: Proper range-checking for -icount shift=N
timers_state.icount_time_shift must be in [0,63] to avoid undefined
behavior when shifting by it, e.g. in cpu_icount_to_ns().
icount_adjust() clamps it to [0,MAX_ICOUNT_SHIFT], with
MAX_ICOUNT_SHIFT = 10. configure_icount() doesn't. Fix that.
Fixes: a8bfac37085c3372366d722f131a7e18d664ee4d
Cc: Paolo Bonzini <address@hidden>
Signed-off-by: Markus Armbruster <address@hidden>
Message-Id: <address@hidden>
Commit: 0fbddcecf23dcc311b42d9faf87dc2656dadd62a
https://github.com/qemu/qemu/commit/0fbddcecf23dcc311b42d9faf87dc2656dadd62a
Author: Markus Armbruster <address@hidden>
Date: 2020-04-29 (Wed, 29 Apr 2020)
Changed paths:
M hw/arm/virt.c
Log Message:
-----------
arm/virt: Fix virt_machine_device_plug_cb() error API violation
The Error ** argument must be NULL, &error_abort, &error_fatal, or a
pointer to a variable containing NULL. Passing an argument of the
latter kind twice without clearing it in between is wrong: if the
first call sets an error, it no longer points to NULL for the second
call.
virt_machine_device_plug_cb() passes @errp to
cryptodev_builtin_sym_close_session() in a loop. Harmless, because
cryptodev_builtin_sym_close_session() can't actually fail. Fix by
dropping its Error ** parameter.
Cc: Peter Maydell <address@hidden>
Cc: address@hidden
Signed-off-by: Markus Armbruster <address@hidden>
Reviewed-by: Philippe Mathieu-Daudé <address@hidden>
Message-Id: <address@hidden>
Commit: 07a978ef376cde544cca564ec225a8eb79ff2d54
https://github.com/qemu/qemu/commit/07a978ef376cde544cca564ec225a8eb79ff2d54
Author: Markus Armbruster <address@hidden>
Date: 2020-04-29 (Wed, 29 Apr 2020)
Changed paths:
M hw/block/fdc.c
Log Message:
-----------
fdc: Fix fallback=auto error handling
fdctrl_realize_common() rejects fallback=auto. Used by devices
"isa-fdc", "sysbus-fdc", "SUNW,fdtwo". The error handling is broken:
$ qemu-system-x86_64 -nodefaults -device isa-fdc,fallback=auto,driveA=fd0
-drive if=none,id=fd0
**
ERROR:/work/armbru/qemu/hw/block/fdc.c:434:pick_drive_type: assertion
failed: (drv->drive != FLOPPY_DRIVE_TYPE_AUTO)
Aborted (core dumped)
Cause: fdctrl_realize_common() neglects to bail out after setting the
error. Fix that.
Fixes: a73275dd6fc3bfda33165bebc28e0c33c20cb0a0
Cc: John Snow <address@hidden>
Signed-off-by: Markus Armbruster <address@hidden>
Reviewed-by: Philippe Mathieu-Daudé <address@hidden>
Message-Id: <address@hidden>
Commit: ee29f6e92d987bd7f37e3a0002dd839f8431adb1
https://github.com/qemu/qemu/commit/ee29f6e92d987bd7f37e3a0002dd839f8431adb1
Author: Markus Armbruster <address@hidden>
Date: 2020-04-29 (Wed, 29 Apr 2020)
Changed paths:
M hw/display/bochs-display.c
Log Message:
-----------
bochs-display: Fix vgamem=SIZE error handling
bochs_display_realize() rejects out-of-range vgamem. The error
handling is broken:
$ qemu-system-x86_64 -S -display none -monitor stdio
QEMU 4.2.93 monitor - type 'help' for more information
(qemu) device_add bochs-display,vgamem=1
Error: bochs-display: video memory too small
(qemu) device_add bochs-display,vgamem=1
RAMBlock "0000:00:04.0/bochs-display-vram" already registered, abort!
Aborted (core dumped)
Cause: bochs_display_realize() neglects to bail out after setting the
error. Fix that.
Fixes: 765c94290863eef1fc4a67819d452cc13b7854a1
Cc: Gerd Hoffmann <address@hidden>
Signed-off-by: Markus Armbruster <address@hidden>
Reviewed-by: Philippe Mathieu-Daudé <address@hidden>
Message-Id: <address@hidden>
Reviewed-by: Gerd Hoffmann <address@hidden>
Commit: 843c4cfcf445fc3d6458ff31136c44e03dda8866
https://github.com/qemu/qemu/commit/843c4cfcf445fc3d6458ff31136c44e03dda8866
Author: Markus Armbruster <address@hidden>
Date: 2020-04-29 (Wed, 29 Apr 2020)
Changed paths:
M hw/net/virtio-net.c
Log Message:
-----------
virtio-net: Fix duplex=... and speed=... error handling
virtio_net_device_realize() rejects invalid duplex and speed values.
The error handling is broken:
$ ../qemu/bld-sani/x86_64-softmmu/qemu-system-x86_64 -S -display none
-monitor stdio
QEMU 4.2.93 monitor - type 'help' for more information
(qemu) device_add virtio-net,duplex=x
Error: 'duplex' must be 'half' or 'full'
(qemu) c
=================================================================
==15654==ERROR: AddressSanitizer: heap-use-after-free on address
0x62e000014590 at pc 0x560b75c8dc13 bp 0x7fffdf1a6950 sp 0x7fffdf1a6940
READ of size 8 at 0x62e000014590 thread T0
#0 0x560b75c8dc12 in object_dynamic_cast_assert
/work/armbru/qemu/qom/object.c:826
#1 0x560b74c38ac0 in virtio_vmstate_change
/work/armbru/qemu/hw/virtio/virtio.c:3210
#2 0x560b74d9765e in vm_state_notify /work/armbru/qemu/softmmu/vl.c:1271
#3 0x560b7494ba72 in vm_prepare_start /work/armbru/qemu/cpus.c:2156
#4 0x560b7494bacd in vm_start /work/armbru/qemu/cpus.c:2162
#5 0x560b75a7d890 in qmp_cont /work/armbru/qemu/monitor/qmp-cmds.c:160
#6 0x560b75a8d70a in hmp_cont /work/armbru/qemu/monitor/hmp-cmds.c:1043
#7 0x560b75a799f2 in handle_hmp_command
/work/armbru/qemu/monitor/hmp.c:1082
[...]
0x62e000014590 is located 33168 bytes inside of 42288-byte region
[0x62e00000c400,0x62e000016930)
freed by thread T1 here:
#0 0x7feadd39491f in __interceptor_free (/lib64/libasan.so.5+0x10d91f)
#1 0x7feadcebcd7c in g_free (/lib64/libglib-2.0.so.0+0x55d7c)
#2 0x560b75c8fd40 in object_unref /work/armbru/qemu/qom/object.c:1128
#3 0x560b7498a625 in memory_region_unref /work/armbru/qemu/memory.c:1762
#4 0x560b74999fa4 in do_address_space_destroy
/work/armbru/qemu/memory.c:2788
#5 0x560b762362fc in call_rcu_thread /work/armbru/qemu/util/rcu.c:283
#6 0x560b761c8884 in qemu_thread_start
/work/armbru/qemu/util/qemu-thread-posix.c:519
#7 0x7fead9be34bf in start_thread (/lib64/libpthread.so.0+0x84bf)
previously allocated by thread T0 here:
#0 0x7feadd394d18 in __interceptor_malloc (/lib64/libasan.so.5+0x10dd18)
#1 0x7feadcebcc88 in g_malloc (/lib64/libglib-2.0.so.0+0x55c88)
#2 0x560b75c8cf8a in object_new /work/armbru/qemu/qom/object.c:699
#3 0x560b75010ad9 in qdev_device_add
/work/armbru/qemu/qdev-monitor.c:654
#4 0x560b750120c2 in qmp_device_add /work/armbru/qemu/qdev-monitor.c:805
#5 0x560b75012c1b in hmp_device_add /work/armbru/qemu/qdev-monitor.c:905
[...]
==15654==ABORTING
Cause: virtio_net_device_realize() neglects to bail out after setting
the error. Fix that.
Fixes: 9473939ed7addcaaeb8fde5c093918fb7fa0919c
Cc: "Michael S. Tsirkin" <address@hidden>
Cc: Jason Wang <address@hidden>
Signed-off-by: Markus Armbruster <address@hidden>
Reviewed-by: Philippe Mathieu-Daudé <address@hidden>
Message-Id: <address@hidden>
Acked-by: Michael S. Tsirkin <address@hidden>
Commit: c61d1d9e4976d127a73bec14376d8e828491f62c
https://github.com/qemu/qemu/commit/c61d1d9e4976d127a73bec14376d8e828491f62c
Author: Markus Armbruster <address@hidden>
Date: 2020-04-29 (Wed, 29 Apr 2020)
Changed paths:
M hw/xen/xen_pt.c
Log Message:
-----------
xen/pt: Fix flawed conversion to realize()
The conversion of xen_pt_initfn() to xen_pt_realize() blindly replaced
XEN_PT_ERR() by error_setg(). Several error conditions that did not
fail xen_pt_initfn() now fail xen_pt_realize(). Unsurprisingly, the
cleanup on these errors looks highly suspicious.
Revert the inappropriate replacements.
Fixes: 5a11d0f7549e24a10e178a9dc8ff5e698031d9a6
Cc: Stefano Stabellini <address@hidden>
Cc: Anthony Perard <address@hidden>
Cc: Paul Durrant <address@hidden>
Cc: address@hidden
Signed-off-by: Markus Armbruster <address@hidden>
Reviewed-by: Paul Durrant <address@hidden>
Message-Id: <address@hidden>
Commit: fdceb4ab4d7ba920bb094ab477df4221261b291e
https://github.com/qemu/qemu/commit/fdceb4ab4d7ba920bb094ab477df4221261b291e
Author: Markus Armbruster <address@hidden>
Date: 2020-04-29 (Wed, 29 Apr 2020)
Changed paths:
M io/channel-socket.c
Log Message:
-----------
io: Fix qio_channel_socket_close() error handling
The Error ** argument must be NULL, &error_abort, &error_fatal, or a
pointer to a variable containing NULL. Passing an argument of the
latter kind twice without clearing it in between is wrong: if the
first call sets an error, it no longer points to NULL for the second
call.
qio_channel_socket_close() passes @errp first to
socket_listen_cleanup(), and then, if closesocket() fails, to
error_setg_errno(). If socket_listen_cleanup() failed, this will trip
the assertion in error_setv().
Fix by ignoring a second error.
Fixes: 73564c407caedf992a1c688b5fea776a8b56ba2a
Cc: Daniel P. Berrangé <address@hidden>
Signed-off-by: Markus Armbruster <address@hidden>
Reviewed-by: Daniel P. Berrangé <address@hidden>
Message-Id: <address@hidden>
Commit: 735527e17907cca330ec369a13566fab2ef9adf6
https://github.com/qemu/qemu/commit/735527e17907cca330ec369a13566fab2ef9adf6
Author: Markus Armbruster <address@hidden>
Date: 2020-04-29 (Wed, 29 Apr 2020)
Changed paths:
M migration/colo.c
Log Message:
-----------
migration/colo: Fix qmp_xen_colo_do_checkpoint() error handling
The Error ** argument must be NULL, &error_abort, &error_fatal, or a
pointer to a variable containing NULL. Passing an argument of the
latter kind twice without clearing it in between is wrong: if the
first call sets an error, it no longer points to NULL for the second
call.
qmp_xen_colo_do_checkpoint() passes @errp first to
replication_do_checkpoint_all(), and then to
colo_notify_filters_event(). If both fail, this will trip the
assertion in error_setv().
Similar code in secondary_vm_do_failover() calls
colo_notify_filters_event() only after replication_do_checkpoint_all()
succeeded. Do the same here.
Fixes: 0e8818f023616677416840d6ddc880db8de3c967
Cc: Zhang Chen <address@hidden>
Cc: zhanghailiang <address@hidden>
Signed-off-by: Markus Armbruster <address@hidden>
Reviewed-by: zhanghailiang <address@hidden>
Reviewed-by: Philippe Mathieu-Daudé <address@hidden>
Reviewed-by: Zhang Chen <address@hidden>
Message-Id: <address@hidden>
Commit: 131889924bb31a6a371ed9300efb2036edd6b40b
https://github.com/qemu/qemu/commit/131889924bb31a6a371ed9300efb2036edd6b40b
Author: Markus Armbruster <address@hidden>
Date: 2020-04-29 (Wed, 29 Apr 2020)
Changed paths:
M tests/test-logging.c
Log Message:
-----------
tests/test-logging: Fix test for -dfilter 0..0xffffffffffffffff
Fixes: 58e19e6e7914354242a67442d0006f9e31684d1a
Signed-off-by: Markus Armbruster <address@hidden>
Message-Id: <address@hidden>
Reviewed-by: Philippe Mathieu-Daudé <address@hidden>
Commit: 4155c998b6f7618aad0e67c34c2a4aea841114cf
https://github.com/qemu/qemu/commit/4155c998b6f7618aad0e67c34c2a4aea841114cf
Author: Markus Armbruster <address@hidden>
Date: 2020-04-29 (Wed, 29 Apr 2020)
Changed paths:
M qga/commands-posix.c
Log Message:
-----------
qga: Fix qmp_guest_get_memory_blocks() error handling
The Error ** argument must be NULL, &error_abort, &error_fatal, or a
pointer to a variable containing NULL. Passing an argument of the
latter kind twice without clearing it in between is wrong: if the
first call sets an error, it no longer points to NULL for the second
call.
qmp_guest_get_memory_blocks() passes &local_err to
transfer_memory_block() in a loop. If this fails in more than one
iteration, it can trip error_setv()'s assertion.
Fix it to break the loop.
Cc: Michael Roth <address@hidden>
Signed-off-by: Markus Armbruster <address@hidden>
Message-Id: <address@hidden>
Reviewed-by: Eric Blake <address@hidden>
Commit: 51bd45816615bdb22a31a86f02d601ce536034e3
https://github.com/qemu/qemu/commit/51bd45816615bdb22a31a86f02d601ce536034e3
Author: Markus Armbruster <address@hidden>
Date: 2020-04-29 (Wed, 29 Apr 2020)
Changed paths:
M qga/commands-win32.c
Log Message:
-----------
qga: Fix qmp_guest_suspend_{disk, ram}() error handling
The Error ** argument must be NULL, &error_abort, &error_fatal, or a
pointer to a variable containing NULL. Passing an argument of the
latter kind twice without clearing it in between is wrong: if the
first call sets an error, it no longer points to NULL for the second
qmp_guest_suspend_disk() and qmp_guest_suspend_ram() pass @local_err
first to check_suspend_mode(), then to acquire_privilege(), then to
execute_async(). Continuing after errors here can only end in tears.
For instance, we risk tripping error_setv()'s assertion.
Fixes: aa59637ea1c6a4c83430933f9c44c43e6c3f1b69
Fixes: f54603b6aa765514b2519e74114a2f417759d727
Cc: Michael Roth <address@hidden>
Signed-off-by: Markus Armbruster <address@hidden>
Message-Id: <address@hidden>
Reviewed-by: Eric Blake <address@hidden>
Reviewed-by: Philippe Mathieu-Daudé <address@hidden>
Commit: fc0cfc1decb5457058d7cbfeb7ae26ad5d6ecba4
https://github.com/qemu/qemu/commit/fc0cfc1decb5457058d7cbfeb7ae26ad5d6ecba4
Author: Markus Armbruster <address@hidden>
Date: 2020-04-29 (Wed, 29 Apr 2020)
Changed paths:
M hw/ppc/sam460ex.c
Log Message:
-----------
sam460ex: Suppress useless warning on -m 32 and -m 64
Requesting 32 or 64 MiB of RAM with the sam460ex machine type produces
a useless warning:
qemu-system-ppc: warning: Memory size is too small for SDRAM type,
adjusting type
This is because sam460ex_init() asks spd_data_generate() for DDR2,
which is impossible, so spd_data_generate() corrects it to DDR.
The warning goes back to commit 08fd99179a "sam460ex: Clean up SPD
EEPROM creation".
Make sam460ex_init() pass the correct SDRAM type to get rid of the
warning.
Signed-off-by: Markus Armbruster <address@hidden>
Message-Id: <address@hidden>
Reviewed-by: Philippe Mathieu-Daudé <address@hidden>
Commit: f26740c61a57f1a1556f79a49c6863479fe5aa6b
https://github.com/qemu/qemu/commit/f26740c61a57f1a1556f79a49c6863479fe5aa6b
Author: Markus Armbruster <address@hidden>
Date: 2020-04-29 (Wed, 29 Apr 2020)
Changed paths:
M hw/i2c/smbus_eeprom.c
M hw/mips/mips_fulong2e.c
M hw/ppc/sam460ex.c
M include/hw/i2c/smbus_eeprom.h
Log Message:
-----------
smbus: Fix spd_data_generate() error API violation
The Error ** argument must be NULL, &error_abort, &error_fatal, or a
pointer to a variable containing NULL. Passing an argument of the
latter kind twice without clearing it in between is wrong: if the
first call sets an error, it no longer points to NULL for the second
call.
spd_data_generate() can pass @errp to error_setg() more than once when
it adjusts both memory size and type. Harmless, because no caller
passes anything that needs adjusting. Until the previous commit,
sam460ex passed types that needed adjusting, but not sizes.
spd_data_generate()'s contract is rather awkward:
If everything's fine, return non-null and don't set an error.
Else, if memory size or type need adjusting, return non-null and
set an error describing the adjustment.
Else, return null and set an error reporting why no data can be
generated.
Its callers treat the error as a warning even when null is returned.
They don't create the "smbus-eeprom" device then. Suspicious.
Since the previous commit, only "everything's fine" can actually
happen. Drop the unused code and simplify the callers. This gets rid
of the error API violation.
Signed-off-by: Markus Armbruster <address@hidden>
Message-Id: <address@hidden>
Commit: 0f1eddf5ed7e35d8d16dfa042ced1107c762cec4
https://github.com/qemu/qemu/commit/0f1eddf5ed7e35d8d16dfa042ced1107c762cec4
Author: Markus Armbruster <address@hidden>
Date: 2020-04-29 (Wed, 29 Apr 2020)
Changed paths:
M hw/ppc/ppc4xx_devs.c
Log Message:
-----------
bamboo, sam460ex: Tidy up error message for unsupported RAM size
Improve
$ ppc-softmmu/qemu-system-ppc -M sam460ex -m 4096
qemu-system-ppc: Max 1 banks of 2048 ,1024 ,512 ,256 ,128 ,64 ,32 MB
DIMM/bank supported
qemu-system-ppc: Possible valid RAM size: 2048
to
qemu-system-ppc: at most 1 bank of 2048, 1024, 512, 256, 128, 64, 32 MiB
each supported
Possible valid RAM size: 1024 MiB
Signed-off-by: Markus Armbruster <address@hidden>
Message-Id: <address@hidden>
Reviewed-by: BALATON Zoltan <address@hidden>
Reviewed-by: Philippe Mathieu-Daudé <address@hidden>
Commit: 32c82f0eaf9919cb0268d18d86a94bfd7ff5d1b2
https://github.com/qemu/qemu/commit/32c82f0eaf9919cb0268d18d86a94bfd7ff5d1b2
Author: Markus Armbruster <address@hidden>
Date: 2020-04-29 (Wed, 29 Apr 2020)
Changed paths:
M hw/i2c/smbus_eeprom.c
Log Message:
-----------
smbus: Fix spd_data_generate() for number of banks > 2
spd_data_generate() splits @ram_size bytes into @nbanks RAM banks of
1 << sz_log2 MiB each, like this:
size = ram_size >> 20; /* work in terms of megabytes */
[...]
nbanks = 1;
while (sz_log2 > max_log2 && nbanks < 8) {
sz_log2--;
nbanks++;
}
Each iteration halves the size of a bank, and increments the number of
banks. Wrong: it should double the number of banks.
The bug goes back all the way to commit b296b664ab "smbus: Add a
helper to generate SPD EEPROM data".
It can't bite because spd_data_generate()'s current users pass only
@ram_size that result in *zero* iterations:
machine RAM size #banks type bank size
fulong2e 256 MiB 1 DDR 256 MiB
sam460ex 2048 MiB 1 DDR2 2048 MiB
1024 MiB 1 DDR2 1024 MiB
512 MiB 1 DDR2 512 MiB
256 MiB 1 DDR2 256 MiB
128 MiB 1 SDR 128 MiB
64 MiB 1 SDR 64 MiB
32 MiB 1 SDR 32 MiB
Apply the obvious, minimal fix. I admit I'm tempted to rip out the
unused (and obviously untested) feature instead, because YAGNI.
Note that this is not the final result, as spd_data_generate() next
increases #banks from 1 to 2 if possible. This is done "to avoid a
bug in MIPS Malta firmware". We don't even use this function with
machine type malta. *Shrug*
Signed-off-by: Markus Armbruster <address@hidden>
Message-Id: <address@hidden>
Commit: 14b6ce68cc8658be107247544e9a287ed17aaf76
https://github.com/qemu/qemu/commit/14b6ce68cc8658be107247544e9a287ed17aaf76
Author: Markus Armbruster <address@hidden>
Date: 2020-04-29 (Wed, 29 Apr 2020)
Changed paths:
M Makefile
Log Message:
-----------
Makefile: Drop unused, broken target recurse-fuzz
Target recurse-fuzz depends on pc-bios/optionrom/fuzz, which can't be
made. It's not used anywhere. Added in commit c621dc3e01c, looks
like cargo cult. Delete.
Signed-off-by: Markus Armbruster <address@hidden>
Message-Id: <address@hidden>
Reviewed-by: Alexander Bulekov <address@hidden>
Commit: a56f3cdbdf328d95398c70432bba638a6b3f63fa
https://github.com/qemu/qemu/commit/a56f3cdbdf328d95398c70432bba638a6b3f63fa
Author: Markus Armbruster <address@hidden>
Date: 2020-04-29 (Wed, 29 Apr 2020)
Changed paths:
M tests/qtest/fuzz/qos_fuzz.c
M tests/qtest/libqos/qos_external.c
M tests/qtest/libqos/qos_external.h
M tests/qtest/qos-test.c
Log Message:
-----------
fuzz: Simplify how we compute available machines and types
apply_to_qlist(), apply_to_node() work with QObjects. This is
designed for use by tests/qtest/qos-test.c, which gets the data in
that form via QMP. Goes back to commit fc281c8020 "tests: qgraph API
for the qtest driver framework".
Commit 275ab39d86 "fuzz: add support for qos-assisted fuzz targets"
added another user: qtest/fuzz/qos_fuzz.c. To get the data as
QObjects, it uses qmp_marshal_query_machines() and
qmp_marshal_qom_list_types().
All this code is rather cumbersome. Switch to working with generated
QAPI types instead:
* Replace apply_to_qlist() & friends by machines_apply_to_node() and
types_apply_to_node().
* Have qos_fuzz.c use qmp_query_machines() and qmp_qom_list_types()
instead.
* Have qos_test.c convert from QObject to the QAPI types.
Signed-off-by: Markus Armbruster <address@hidden>
Message-Id: <address@hidden>
Reviewed-by: Philippe Mathieu-Daudé <address@hidden>
Reviewed-by: Alexander Bulekov <address@hidden>
Commit: f6528054f2ef7aab5c70664419b982b50142c25a
https://github.com/qemu/qemu/commit/f6528054f2ef7aab5c70664419b982b50142c25a
Author: Markus Armbruster <address@hidden>
Date: 2020-04-29 (Wed, 29 Apr 2020)
Changed paths:
M tests/qtest/libqos/qos_external.c
M tests/qtest/libqos/qos_external.h
Log Message:
-----------
libqos: Give get_machine_allocator() internal linkage
Signed-off-by: Markus Armbruster <address@hidden>
Message-Id: <address@hidden>
Reviewed-by: Philippe Mathieu-Daudé <address@hidden>
Commit: 8ef3a4be27efccd791d05e74b7b17d918f511a76
https://github.com/qemu/qemu/commit/8ef3a4be27efccd791d05e74b7b17d918f511a76
Author: Masahiro Yamada <address@hidden>
Date: 2020-04-29 (Wed, 29 Apr 2020)
Changed paths:
M softmmu/vl.c
Log Message:
-----------
qemu-option: pass NULL rather than 0 to the id of qemu_opts_set()
The second argument 'id' is a pointer. Pass NULL rather than 0.
Signed-off-by: Masahiro Yamada <address@hidden>
Message-Id: <address@hidden>
Reviewed-by: Markus Armbruster <address@hidden>
Signed-off-by: Markus Armbruster <address@hidden>
Commit: 648db19685b7030aa558a4ddbd3a8e53d8c9a062
https://github.com/qemu/qemu/commit/648db19685b7030aa558a4ddbd3a8e53d8c9a062
Author: Peter Maydell <address@hidden>
Date: 2020-04-29 (Wed, 29 Apr 2020)
Changed paths:
M Makefile
M backends/cryptodev-builtin.c
M block/file-posix.c
M block/replication.c
M block/vhdx.c
M cpus.c
M dump/dump.c
M hw/arm/virt.c
M hw/block/fdc.c
M hw/display/bochs-display.c
M hw/i2c/smbus_eeprom.c
M hw/mips/mips_fulong2e.c
M hw/net/virtio-net.c
M hw/ppc/ppc4xx_devs.c
M hw/ppc/sam460ex.c
M hw/riscv/sifive_u.c
M hw/scsi/scsi-disk.c
M hw/sd/sdhci.c
M hw/xen/xen_pt.c
M include/hw/i2c/smbus_eeprom.h
M include/qemu/option.h
M io/channel-socket.c
M migration/colo.c
M qemu-img.c
M qga/commands-posix.c
M qga/commands-win32.c
M softmmu/vl.c
M target/i386/cpu.c
M target/microblaze/cpu.c
M target/ppc/translate_init.inc.c
M tests/qtest/fuzz/qos_fuzz.c
M tests/qtest/libqos/qos_external.c
M tests/qtest/libqos/qos_external.h
M tests/qtest/qos-test.c
M tests/test-logging.c
M tests/test-qemu-opts.c
M util/qemu-option.c
Log Message:
-----------
Merge remote-tracking branch 'remotes/armbru/tags/pull-misc-2020-04-29' into
staging
Miscellaneous patches for 2020-04-29
# gpg: Signature made Wed 29 Apr 2020 07:42:52 BST
# gpg: using RSA key 354BC8B3D7EB2A6B68674E5F3870B400EB918653
# gpg: issuer "address@hidden"
# gpg: Good signature from "Markus Armbruster <address@hidden>" [full]
# gpg: aka "Markus Armbruster <address@hidden>" [full]
# Primary key fingerprint: 354B C8B3 D7EB 2A6B 6867 4E5F 3870 B400 EB91 8653
* remotes/armbru/tags/pull-misc-2020-04-29: (32 commits)
qemu-option: pass NULL rather than 0 to the id of qemu_opts_set()
libqos: Give get_machine_allocator() internal linkage
fuzz: Simplify how we compute available machines and types
Makefile: Drop unused, broken target recurse-fuzz
smbus: Fix spd_data_generate() for number of banks > 2
bamboo, sam460ex: Tidy up error message for unsupported RAM size
smbus: Fix spd_data_generate() error API violation
sam460ex: Suppress useless warning on -m 32 and -m 64
qga: Fix qmp_guest_suspend_{disk, ram}() error handling
qga: Fix qmp_guest_get_memory_blocks() error handling
tests/test-logging: Fix test for -dfilter 0..0xffffffffffffffff
migration/colo: Fix qmp_xen_colo_do_checkpoint() error handling
io: Fix qio_channel_socket_close() error handling
xen/pt: Fix flawed conversion to realize()
virtio-net: Fix duplex=... and speed=... error handling
bochs-display: Fix vgamem=SIZE error handling
fdc: Fix fallback=auto error handling
arm/virt: Fix virt_machine_device_plug_cb() error API violation
cpus: Proper range-checking for -icount shift=N
cpus: Fix configure_icount() error API violation
...
Signed-off-by: Peter Maydell <address@hidden>
Compare: https://github.com/qemu/qemu/compare/a7922a3c81f3...648db19685b7
| [Prev in Thread] |
Current Thread |
[Next in Thread] |
- [Qemu-commits] [qemu/qemu] 78ee6b: various: Remove suspicious '\' character outside o...,
Peter Maydell <=