Merge remote-tracking branch 'remotes/otubo/tags/pull-seccomp-20141111' into staging
seccomp branch queue
# gpg: Signature made Tue 11 Nov 2014 16:12:48 GMT using RSA key ID 12F8BD2F
# gpg: Can't check signature: public key not found
* remotes/otubo/tags/pull-seccomp-20141111:
seccomp: change configure to avoid arm 32 to break
seccomp: whitelist syscalls fallocate(), fadvise64(), inotify_init1() and inotify_add_watch()
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
diff --git a/MAINTAINERS b/MAINTAINERS
index dd02d96..bcb69e8 100644
--- a/MAINTAINERS
+++ b/MAINTAINERS
@@ -880,6 +880,12 @@
F: qobject/
T: git git://repo.or.cz/qemu/qmp-unstable.git queue/qmp
+QEMU Guest Agent
+M: Michael Roth <mdroth@linux.vnet.ibm.com>
+S: Maintained
+F: qga/
+T: git git://github.com/mdroth/qemu.git qga
+
QOM
M: Anthony Liguori <aliguori@amazon.com>
M: Andreas Färber <afaerber@suse.de>
@@ -920,6 +926,15 @@
S: Odd Fixes
F: scripts/checkpatch.pl
+Migration
+M: Juan Quintela <quintela@redhat.com>
+S: Maintained
+F: include/migration/
+F: migration*
+F: savevm.c
+F: arch_init.c
+F: vmstate.c
+
Seccomp
M: Eduardo Otubo <eduardo.otubo@profitbricks.com>
S: Supported
@@ -1078,3 +1093,8 @@
M: Chrysostomos Nanakos <chris@include.gr>
S: Maintained
F: block/archipelago.c
+
+Bootdevice
+M: Gonglei <arei.gonglei@huawei.com>
+S: Maintained
+F: bootdevice.c
diff --git a/block.c b/block.c
index dacd881..c612826 100644
--- a/block.c
+++ b/block.c
@@ -3903,9 +3903,9 @@
} BdrvCoGetBlockStatusData;
/*
- * Returns true iff the specified sector is present in the disk image. Drivers
- * not implementing the functionality are assumed to not support backing files,
- * hence all their sectors are reported as allocated.
+ * Returns the allocation status of the specified sectors.
+ * Drivers not implementing the functionality are assumed to not support
+ * backing files, hence all their sectors are reported as allocated.
*
* If 'sector_num' is beyond the end of the disk image the return value is 0
* and 'pnum' is set to 0.
@@ -5608,11 +5608,6 @@
ret = bdrv_open(&bs, backing_file, NULL, NULL, back_flags,
backing_drv, &local_err);
if (ret < 0) {
- error_setg_errno(errp, -ret, "Could not open '%s': %s",
- backing_file,
- error_get_pretty(local_err));
- error_free(local_err);
- local_err = NULL;
goto out;
}
size = bdrv_getlength(bs);
diff --git a/block/vdi.c b/block/vdi.c
index e1d211c..39070b7 100644
--- a/block/vdi.c
+++ b/block/vdi.c
@@ -120,8 +120,18 @@
#define VDI_IS_ALLOCATED(X) ((X) < VDI_DISCARDED)
-/* max blocks in image is (0xffffffff / 4) */
-#define VDI_BLOCKS_IN_IMAGE_MAX 0x3fffffff
+/* The bmap will take up VDI_BLOCKS_IN_IMAGE_MAX * sizeof(uint32_t) bytes; since
+ * the bmap is read and written in a single operation, its size needs to be
+ * limited to INT_MAX; furthermore, when opening an image, the bmap size is
+ * rounded up to be aligned on BDRV_SECTOR_SIZE.
+ * Therefore this should satisfy the following:
+ * VDI_BLOCKS_IN_IMAGE_MAX * sizeof(uint32_t) + BDRV_SECTOR_SIZE == INT_MAX + 1
+ * (INT_MAX + 1 is the first value not representable as an int)
+ * This guarantees that any value below or equal to the constant will, when
+ * multiplied by sizeof(uint32_t) and rounded up to a BDRV_SECTOR_SIZE boundary,
+ * still be below or equal to INT_MAX. */
+#define VDI_BLOCKS_IN_IMAGE_MAX \
+ ((unsigned)((INT_MAX + 1u - BDRV_SECTOR_SIZE) / sizeof(uint32_t)))
#define VDI_DISK_SIZE_MAX ((uint64_t)VDI_BLOCKS_IN_IMAGE_MAX * \
(uint64_t)DEFAULT_CLUSTER_SIZE)
diff --git a/coroutine-sigaltstack.c b/coroutine-sigaltstack.c
index 3de0bb3..63519ff 100644
--- a/coroutine-sigaltstack.c
+++ b/coroutine-sigaltstack.c
@@ -155,7 +155,7 @@
stack_t oss;
sigset_t sigs;
sigset_t osigs;
- jmp_buf old_env;
+ sigjmp_buf old_env;
/* The way to manipulate stack is with the sigaltstack function. We
* prepare a stack, with it delivering a signal to ourselves and then
diff --git a/default-configs/mips-softmmu.mak b/default-configs/mips-softmmu.mak
index 71177ef..2a80b04 100644
--- a/default-configs/mips-softmmu.mak
+++ b/default-configs/mips-softmmu.mak
@@ -32,6 +32,5 @@
CONFIG_I8259=y
CONFIG_JAZZ_LED=y
CONFIG_MC146818RTC=y
-CONFIG_VT82C686=y
CONFIG_ISA_TESTDEV=y
CONFIG_EMPTY_SLOT=y
diff --git a/default-configs/mips64-softmmu.mak b/default-configs/mips64-softmmu.mak
index 617301b..f1f933b 100644
--- a/default-configs/mips64-softmmu.mak
+++ b/default-configs/mips64-softmmu.mak
@@ -32,6 +32,5 @@
CONFIG_I8259=y
CONFIG_JAZZ_LED=y
CONFIG_MC146818RTC=y
-CONFIG_VT82C686=y
CONFIG_ISA_TESTDEV=y
CONFIG_EMPTY_SLOT=y
diff --git a/default-configs/mipsel-softmmu.mak b/default-configs/mipsel-softmmu.mak
index 532a9ae..7708185 100644
--- a/default-configs/mipsel-softmmu.mak
+++ b/default-configs/mipsel-softmmu.mak
@@ -32,6 +32,5 @@
CONFIG_I8259=y
CONFIG_JAZZ_LED=y
CONFIG_MC146818RTC=y
-CONFIG_VT82C686=y
CONFIG_ISA_TESTDEV=y
CONFIG_EMPTY_SLOT=y
diff --git a/gdbstub.c b/gdbstub.c
index d1b5afd..0faca56 100644
--- a/gdbstub.c
+++ b/gdbstub.c
@@ -823,7 +823,10 @@
action = *p++;
signal = 0;
if (action == 'C' || action == 'S') {
- signal = strtoul(p, (char **)&p, 16);
+ signal = gdb_signal_to_target(strtoul(p, (char **)&p, 16));
+ if (signal == -1) {
+ signal = 0;
+ }
} else if (action != 'c' && action != 's') {
res = 0;
break;
diff --git a/hw/char/sclpconsole-lm.c b/hw/char/sclpconsole-lm.c
index 80dd0a9..a9f5e62 100644
--- a/hw/char/sclpconsole-lm.c
+++ b/hw/char/sclpconsole-lm.c
@@ -52,7 +52,8 @@
* event_pending is set when a newline character is encountered
*
* The maximum command line length is limited by the maximum
- * space available in an SCCB
+ * space available in an SCCB. Line mode console input is sent
+ * truncated to the guest in case it doesn't fit into the SCCB.
*/
static int chr_can_read(void *opaque)
@@ -61,10 +62,8 @@
if (scon->event.event_pending) {
return 0;
- } else if (SIZE_CONSOLE_BUFFER - scon->length) {
- return 1;
}
- return 0;
+ return 1;
}
static void chr_read(void *opaque, const uint8_t *buf, int size)
@@ -78,6 +77,10 @@
sclp_service_interrupt(0);
return;
}
+ if (scon->length == SIZE_CONSOLE_BUFFER) {
+ /* Eat the character, but still process CR and LF. */
+ return;
+ }
scon->buf[scon->length] = *buf;
scon->length += 1;
if (scon->echo) {
@@ -125,6 +128,7 @@
cons->length = 0;
/* data provided and no more data pending */
event->event_pending = false;
+ qemu_notify_event();
return 0;
}
diff --git a/hw/char/sclpconsole.c b/hw/char/sclpconsole.c
index fca105d..79891df 100644
--- a/hw/char/sclpconsole.c
+++ b/hw/char/sclpconsole.c
@@ -36,6 +36,7 @@
uint32_t iov_bs; /* offset in buf for char layer read operation */
uint32_t iov_data_len; /* length of byte stream in buffer */
uint32_t iov_sclp_rest; /* length of byte stream not read via SCLP */
+ bool notify; /* qemu_notify_event() req'd if true */
} SCLPConsole;
/* character layer call-back functions */
@@ -44,8 +45,12 @@
static int chr_can_read(void *opaque)
{
SCLPConsole *scon = opaque;
+ int avail = SIZE_BUFFER_VT220 - scon->iov_data_len;
- return SIZE_BUFFER_VT220 - scon->iov_data_len;
+ if (avail == 0) {
+ scon->notify = true;
+ }
+ return avail;
}
/* Send data from a char device over to the guest */
@@ -113,6 +118,10 @@
cons->iov_sclp += avail;
/* more data pending */
}
+ if (cons->notify) {
+ cons->notify = false;
+ qemu_notify_event();
+ }
}
static int read_event_data(SCLPEvent *event, EventBufferHeader *evt_buf_hdr,
@@ -229,6 +238,7 @@
scon->iov_bs = 0;
scon->iov_data_len = 0;
scon->iov_sclp_rest = 0;
+ scon->notify = false;
}
static int console_exit(SCLPEvent *event)
diff --git a/hw/char/virtio-serial-bus.c b/hw/char/virtio-serial-bus.c
index c6870f1..a7b1b68 100644
--- a/hw/char/virtio-serial-bus.c
+++ b/hw/char/virtio-serial-bus.c
@@ -871,7 +871,7 @@
return;
}
- if (find_port_by_name(port->name)) {
+ if (port->name != NULL && find_port_by_name(port->name)) {
error_setg(errp, "virtio-serial-bus: A port already exists by name %s",
port->name);
return;
diff --git a/hw/cpu/icc_bus.c b/hw/cpu/icc_bus.c
index 9575fd6..6646ea2 100644
--- a/hw/cpu/icc_bus.c
+++ b/hw/cpu/icc_bus.c
@@ -73,11 +73,11 @@
MemoryRegion apic_container;
} ICCBridgeState;
-#define ICC_BRIGDE(obj) OBJECT_CHECK(ICCBridgeState, (obj), TYPE_ICC_BRIDGE)
+#define ICC_BRIDGE(obj) OBJECT_CHECK(ICCBridgeState, (obj), TYPE_ICC_BRIDGE)
static void icc_bridge_init(Object *obj)
{
- ICCBridgeState *s = ICC_BRIGDE(obj);
+ ICCBridgeState *s = ICC_BRIDGE(obj);
SysBusDevice *sb = SYS_BUS_DEVICE(obj);
qbus_create_inplace(&s->icc_bus, sizeof(s->icc_bus), TYPE_ICC_BUS,
diff --git a/include/block/block.h b/include/block/block.h
index 13e4537..5450610 100644
--- a/include/block/block.h
+++ b/include/block/block.h
@@ -83,7 +83,9 @@
#define BDRV_SECTOR_SIZE (1ULL << BDRV_SECTOR_BITS)
#define BDRV_SECTOR_MASK ~(BDRV_SECTOR_SIZE - 1)
-/* BDRV_BLOCK_DATA: data is read from bs->file or another file
+/*
+ * Allocation status flags
+ * BDRV_BLOCK_DATA: data is read from bs->file or another file
* BDRV_BLOCK_ZERO: sectors read as zero
* BDRV_BLOCK_OFFSET_VALID: sector stored in bs->file as raw data
* BDRV_BLOCK_ALLOCATED: the content of the block is determined by this
diff --git a/include/hw/sysbus.h b/include/hw/sysbus.h
index 6175bf9..d1f3f00 100644
--- a/include/hw/sysbus.h
+++ b/include/hw/sysbus.h
@@ -10,7 +10,7 @@
#define QDEV_MAX_PIO 32
#define TYPE_SYSTEM_BUS "System"
-#define SYSTEM_BUS(obj) OBJECT_CHECK(IDEBus, (obj), TYPE_IDE_BUS)
+#define SYSTEM_BUS(obj) OBJECT_CHECK(BusState, (obj), TYPE_SYSTEM_BUS)
typedef struct SysBusDevice SysBusDevice;
diff --git a/include/sysemu/sysemu.h b/include/sysemu/sysemu.h
index 6f9b82b..9fea3bc 100644
--- a/include/sysemu/sysemu.h
+++ b/include/sysemu/sysemu.h
@@ -161,6 +161,7 @@
extern NodeInfo numa_info[MAX_NODES];
void set_numa_nodes(void);
void set_numa_modes(void);
+void query_numa_node_mem(uint64_t node_mem[]);
extern QemuOptsList qemu_numa_opts;
int numa_init_func(QemuOpts *opts, void *opaque);
diff --git a/linux-user/elfload.c b/linux-user/elfload.c
index 84123ba..e2596a4 100644
--- a/linux-user/elfload.c
+++ b/linux-user/elfload.c
@@ -1824,7 +1824,7 @@
if (a < loaddr) {
loaddr = a;
}
- a += phdr[i].p_memsz;
+ a = phdr[i].p_vaddr + phdr[i].p_memsz;
if (a > hiaddr) {
hiaddr = a;
}
diff --git a/linux-user/syscall.c b/linux-user/syscall.c
index a175cc1..aaac6a2 100644
--- a/linux-user/syscall.c
+++ b/linux-user/syscall.c
@@ -5473,6 +5473,27 @@
return get_errno(sys_openat(dirfd, path(pathname), flags, mode));
}
+#define TIMER_MAGIC 0x0caf0000
+#define TIMER_MAGIC_MASK 0xffff0000
+
+/* Convert QEMU provided timer ID back to internal 16bit index format */
+static target_timer_t get_timer_id(abi_long arg)
+{
+ target_timer_t timerid = arg;
+
+ if ((timerid & TIMER_MAGIC_MASK) != TIMER_MAGIC) {
+ return -TARGET_EINVAL;
+ }
+
+ timerid &= 0xffff;
+
+ if (timerid >= ARRAY_SIZE(g_posix_timers)) {
+ return -TARGET_EINVAL;
+ }
+
+ return timerid;
+}
+
/* do_syscall() should always have a single exit point at the end so
that actions, such as logging of syscall results, can be performed.
All errnos that do_syscall() returns must be -TARGET_<errcode>. */
@@ -9579,7 +9600,6 @@
/* args: clockid_t clockid, struct sigevent *sevp, timer_t *timerid */
struct sigevent host_sevp = { {0}, }, *phost_sevp = NULL;
- struct target_timer_t *ptarget_timer;
int clkid = arg1;
int timer_index = next_free_host_timer();
@@ -9601,11 +9621,9 @@
if (ret) {
phtimer = NULL;
} else {
- if (!lock_user_struct(VERIFY_WRITE, ptarget_timer, arg3, 1)) {
+ if (put_user(TIMER_MAGIC | timer_index, arg3, target_timer_t)) {
goto efault;
}
- ptarget_timer->ptr = tswap32(0xcafe0000 | timer_index);
- unlock_user_struct(ptarget_timer, arg3, 1);
}
}
break;
@@ -9617,9 +9635,11 @@
{
/* args: timer_t timerid, int flags, const struct itimerspec *new_value,
* struct itimerspec * old_value */
- target_ulong timerid = arg1;
+ target_timer_t timerid = get_timer_id(arg1);
- if (arg3 == 0 || timerid >= ARRAY_SIZE(g_posix_timers)) {
+ if (timerid < 0) {
+ ret = timerid;
+ } else if (arg3 == 0) {
ret = -TARGET_EINVAL;
} else {
timer_t htimer = g_posix_timers[timerid];
@@ -9638,12 +9658,12 @@
case TARGET_NR_timer_gettime:
{
/* args: timer_t timerid, struct itimerspec *curr_value */
- target_ulong timerid = arg1;
+ target_timer_t timerid = get_timer_id(arg1);
- if (!arg2) {
- return -TARGET_EFAULT;
- } else if (timerid >= ARRAY_SIZE(g_posix_timers)) {
- ret = -TARGET_EINVAL;
+ if (timerid < 0) {
+ ret = timerid;
+ } else if (!arg2) {
+ ret = -TARGET_EFAULT;
} else {
timer_t htimer = g_posix_timers[timerid];
struct itimerspec hspec;
@@ -9661,10 +9681,10 @@
case TARGET_NR_timer_getoverrun:
{
/* args: timer_t timerid */
- target_ulong timerid = arg1;
+ target_timer_t timerid = get_timer_id(arg1);
- if (timerid >= ARRAY_SIZE(g_posix_timers)) {
- ret = -TARGET_EINVAL;
+ if (timerid < 0) {
+ ret = timerid;
} else {
timer_t htimer = g_posix_timers[timerid];
ret = get_errno(timer_getoverrun(htimer));
@@ -9677,10 +9697,10 @@
case TARGET_NR_timer_delete:
{
/* args: timer_t timerid */
- target_ulong timerid = arg1;
+ target_timer_t timerid = get_timer_id(arg1);
- if (timerid >= ARRAY_SIZE(g_posix_timers)) {
- ret = -TARGET_EINVAL;
+ if (timerid < 0) {
+ ret = timerid;
} else {
timer_t htimer = g_posix_timers[timerid];
ret = get_errno(timer_delete(htimer));
diff --git a/linux-user/syscall_defs.h b/linux-user/syscall_defs.h
index c9e6323..ebb3be1 100644
--- a/linux-user/syscall_defs.h
+++ b/linux-user/syscall_defs.h
@@ -2564,10 +2564,7 @@
#endif
-
-struct target_timer_t {
- abi_ulong ptr;
-};
+typedef int32_t target_timer_t;
#define TARGET_SIGEV_MAX_SIZE 64
diff --git a/monitor.c b/monitor.c
index 905d8cf..fa00594 100644
--- a/monitor.c
+++ b/monitor.c
@@ -1948,7 +1948,10 @@
{
int i;
CPUState *cpu;
+ uint64_t *node_mem;
+ node_mem = g_new0(uint64_t, nb_numa_nodes);
+ query_numa_node_mem(node_mem);
monitor_printf(mon, "%d nodes\n", nb_numa_nodes);
for (i = 0; i < nb_numa_nodes; i++) {
monitor_printf(mon, "node %d cpus:", i);
@@ -1959,8 +1962,9 @@
}
monitor_printf(mon, "\n");
monitor_printf(mon, "node %d size: %" PRId64 " MB\n", i,
- numa_info[i].node_mem >> 20);
+ node_mem[i] >> 20);
}
+ g_free(node_mem);
}
#ifdef CONFIG_PROFILER
diff --git a/net/slirp.c b/net/slirp.c
index 920af30..dc89e6b 100644
--- a/net/slirp.c
+++ b/net/slirp.c
@@ -523,15 +523,21 @@
fprintf(f,
"[global]\n"
"private dir=%s\n"
- "socket address=127.0.0.1\n"
+ "interfaces=127.0.0.1\n"
+ "bind interfaces only=yes\n"
"pid directory=%s\n"
"lock directory=%s\n"
"state directory=%s\n"
+ "cache directory=%s\n"
"ncalrpc dir=%s/ncalrpc\n"
"log file=%s/log.smbd\n"
"smb passwd file=%s/smbpasswd\n"
"security = user\n"
"map to guest = Bad User\n"
+ "load printers = no\n"
+ "printing = bsd\n"
+ "disable spoolss = yes\n"
+ "usershare max shares = 0\n"
"[qemu]\n"
"path=%s\n"
"read only=no\n"
@@ -544,6 +550,7 @@
s->smb_dir,
s->smb_dir,
s->smb_dir,
+ s->smb_dir,
exported_dir,
passwd->pw_name
);
diff --git a/numa.c b/numa.c
index 3b98135..afd2866 100644
--- a/numa.c
+++ b/numa.c
@@ -35,6 +35,7 @@
#include "hw/boards.h"
#include "sysemu/hostmem.h"
#include "qmp-commands.h"
+#include "hw/mem/pc-dimm.h"
QemuOptsList qemu_numa_opts = {
.name = "numa",
@@ -315,6 +316,43 @@
}
}
+static void numa_stat_memory_devices(uint64_t node_mem[])
+{
+ MemoryDeviceInfoList *info_list = NULL;
+ MemoryDeviceInfoList **prev = &info_list;
+ MemoryDeviceInfoList *info;
+
+ qmp_pc_dimm_device_list(qdev_get_machine(), &prev);
+ for (info = info_list; info; info = info->next) {
+ MemoryDeviceInfo *value = info->value;
+
+ if (value) {
+ switch (value->kind) {
+ case MEMORY_DEVICE_INFO_KIND_DIMM:
+ node_mem[value->dimm->node] += value->dimm->size;
+ break;
+ default:
+ break;
+ }
+ }
+ }
+ qapi_free_MemoryDeviceInfoList(info_list);
+}
+
+void query_numa_node_mem(uint64_t node_mem[])
+{
+ int i;
+
+ if (nb_numa_nodes <= 0) {
+ return;
+ }
+
+ numa_stat_memory_devices(node_mem);
+ for (i = 0; i < nb_numa_nodes; i++) {
+ node_mem[i] += numa_info[i].node_mem;
+ }
+}
+
static int query_memdev(Object *obj, void *opaque)
{
MemdevList **list = opaque;
diff --git a/pc-bios/petalogix-s3adsp1800.dtb b/pc-bios/petalogix-s3adsp1800.dtb
index 93c5973..8ac80f2 100644
--- a/pc-bios/petalogix-s3adsp1800.dtb
+++ b/pc-bios/petalogix-s3adsp1800.dtb
Binary files differ
diff --git a/qapi/block-core.json b/qapi/block-core.json
index 77a0cfb..8c3e45d 100644
--- a/qapi/block-core.json
+++ b/qapi/block-core.json
@@ -1422,7 +1422,9 @@
'refblock_alloc.write_blocks', 'refblock_alloc.write_table',
'refblock_alloc.switch_table', 'cluster_alloc',
'cluster_alloc_bytes', 'cluster_free', 'flush_to_os',
- 'flush_to_disk' ] }
+ 'flush_to_disk', 'pwritev_rmw.head', 'pwritev_rmw.after_head',
+ 'pwritev_rmw.tail', 'pwritev_rmw.after_tail', 'pwritev',
+ 'pwritev_zero', 'pwritev_done', 'empty_image_prepare' ] }
##
# @BlkdebugInjectErrorOptions
diff --git a/qemu-doc.texi b/qemu-doc.texi
index 9973090..ad418f8 100644
--- a/qemu-doc.texi
+++ b/qemu-doc.texi
@@ -1631,7 +1631,7 @@
# certtool --generate-certificate \
--load-ca-certificate ca-cert.pem \
--load-ca-privkey ca-key.pem \
- --load-privkey server server-key.pem \
+ --load-privkey server-key.pem \
--template server.info \
--outfile server-cert.pem
@end example
@@ -1654,7 +1654,7 @@
country = GB
state = London
locality = London
-organiazation = Name of your organization
+organization = Name of your organization
cn = client.foo.example.com
tls_www_client
encryption_key
diff --git a/qemu-img.c b/qemu-img.c
index 66a7eb4..a42335c 100644
--- a/qemu-img.c
+++ b/qemu-img.c
@@ -1126,7 +1126,6 @@
blk1 = img_open("image_1", filename1, fmt1, flags, true, quiet);
if (!blk1) {
- error_report("Can't open file %s", filename1);
ret = 2;
goto out3;
}
@@ -1134,7 +1133,6 @@
blk2 = img_open("image_2", filename2, fmt2, flags, true, quiet);
if (!blk2) {
- error_report("Can't open file %s", filename2);
ret = 2;
goto out2;
}
@@ -1482,7 +1480,6 @@
true, quiet);
g_free(id);
if (!blk[bs_i]) {
- error_report("Could not open '%s'", argv[optind + bs_i]);
ret = -1;
goto out;
}
@@ -2962,7 +2959,6 @@
blk = img_open("image", filename, fmt, flags, true, quiet);
if (!blk) {
- error_report("Could not open image '%s'", filename);
ret = -1;
goto out;
}
diff --git a/target-i386/cpu.c b/target-i386/cpu.c
index fa860de..3f13dfe 100644
--- a/target-i386/cpu.c
+++ b/target-i386/cpu.c
@@ -540,8 +540,8 @@
* otherwise the string is assumed to sized by a terminating nul.
* Return lexical ordering of *s1:*s2.
*/
-static int sstrcmp(const char *s1, const char *e1, const char *s2,
- const char *e2)
+static int sstrcmp(const char *s1, const char *e1,
+ const char *s2, const char *e2)
{
for (;;) {
if (!*s1 || !*s2 || *s1 != *s2)
@@ -1859,7 +1859,7 @@
* if flags, suppress names undefined in featureset.
*/
static void listflags(char *buf, int bufsize, uint32_t fbits,
- const char **featureset, uint32_t flags)
+ const char **featureset, uint32_t flags)
{
const char **p = &featureset[31];
char *q, *b, bit;
diff --git a/target-mips/cpu.h b/target-mips/cpu.h
index d21da8e..c01bbda 100644
--- a/target-mips/cpu.h
+++ b/target-mips/cpu.h
@@ -424,17 +424,25 @@
#define CP0C2_SA 0
int32_t CP0_Config3;
#define CP0C3_M 31
+#define CP0C3_BPG 30
+#define CP0C3_CMCGR 29
#define CP0C3_MSAP 28
#define CP0C3_BP 27
#define CP0C3_BI 26
+#define CP0C3_IPLW 21
+#define CP0C3_MMAR 18
+#define CP0C3_MCU 17
#define CP0C3_ISA_ON_EXC 16
+#define CP0C3_ISA 14
#define CP0C3_ULRI 13
#define CP0C3_RXI 12
+#define CP0C3_DSP2P 11
#define CP0C3_DSPP 10
#define CP0C3_LPA 7
#define CP0C3_VEIC 6
#define CP0C3_VInt 5
#define CP0C3_SP 4
+#define CP0C3_CDMM 3
#define CP0C3_MT 2
#define CP0C3_SM 1
#define CP0C3_TL 0
@@ -443,6 +451,11 @@
#define CP0C4_M 31
#define CP0C4_IE 29
#define CP0C4_KScrExist 16
+#define CP0C4_MMUExtDef 14
+#define CP0C4_FTLBPageSize 8
+#define CP0C4_FTLBWays 4
+#define CP0C4_FTLBSets 0
+#define CP0C4_MMUSizeExt 0
uint32_t CP0_Config5;
uint32_t CP0_Config5_rw_bitmask;
#define CP0C5_M 31
diff --git a/target-mips/translate.c b/target-mips/translate.c
index 2117ce8..f0b8e6f 100644
--- a/target-mips/translate.c
+++ b/target-mips/translate.c
@@ -8104,6 +8104,7 @@
MIPS_DEBUG("%s: cond %02x target " TARGET_FMT_lx, opn,
ctx->hflags, btarget);
ctx->btarget = btarget;
+ ctx->hflags |= MIPS_HFLAG_BDS32;
out:
tcg_temp_free_i64(t0);
@@ -13613,8 +13614,13 @@
check_insn(ctx, ASE_MIPS3D);
/* Fall through */
do_cp1branch:
- gen_compute_branch1(ctx, mips32_op,
- (ctx->opcode >> 18) & 0x7, imm << 1);
+ if (env->CP0_Config1 & (1 << CP0C1_FP)) {
+ check_cp1_enabled(ctx);
+ gen_compute_branch1(ctx, mips32_op,
+ (ctx->opcode >> 18) & 0x7, imm << 1);
+ } else {
+ generate_exception_err(ctx, EXCP_CpU, 1);
+ }
break;
case BPOSGE64:
case BPOSGE32:
@@ -19106,7 +19112,7 @@
gen_io_end();
}
if (cs->singlestep_enabled && ctx.bstate != BS_BRANCH) {
- save_cpu_state(&ctx, ctx.bstate == BS_NONE);
+ save_cpu_state(&ctx, ctx.bstate != BS_EXCP);
gen_helper_0e0i(raise_exception, EXCP_DEBUG);
} else {
switch (ctx.bstate) {
@@ -19279,14 +19285,12 @@
regnames[i]);
for (i = 0; i < 32; i++) {
- int off = offsetof(CPUMIPSState, active_fpu.fpr[i]);
- fpu_f64[i] = tcg_global_mem_new_i64(TCG_AREG0, off, fregnames[i]);
- }
-
- for (i = 0; i < 32; i++) {
int off = offsetof(CPUMIPSState, active_fpu.fpr[i].wr.d[0]);
msa_wr_d[i * 2] =
tcg_global_mem_new_i64(TCG_AREG0, off, msaregnames[i * 2]);
+ /* The scalar floating-point unit (FPU) registers are mapped on
+ * the MSA vector registers. */
+ fpu_f64[i] = msa_wr_d[i * 2];
off = offsetof(CPUMIPSState, active_fpu.fpr[i].wr.d[1]);
msa_wr_d[i * 2 + 1] =
tcg_global_mem_new_i64(TCG_AREG0, off, msaregnames[i * 2 + 1]);
diff --git a/target-mips/translate_init.c b/target-mips/translate_init.c
index 4dee1ca..148b394 100644
--- a/target-mips/translate_init.c
+++ b/target-mips/translate_init.c
@@ -333,7 +333,8 @@
(0 << CP0C1_DS) | (3 << CP0C1_DL) | (1 << CP0C1_DA) |
(1 << CP0C1_CA),
.CP0_Config2 = MIPS_CONFIG2,
- .CP0_Config3 = MIPS_CONFIG3 | (0 << CP0C3_VInt) | (1 << CP0C3_DSPP),
+ .CP0_Config3 = MIPS_CONFIG3 | (1 << CP0C3_DSP2P) | (1 << CP0C3_DSPP) |
+ (0 << CP0C3_VInt),
.CP0_LLAddr_rw_bitmask = 0,
.CP0_LLAddr_shift = 4,
.SYNCI_Step = 32,
@@ -376,7 +377,7 @@
(0x93 << FCR0_PRID),
.SEGBITS = 32,
.PABITS = 32,
- .insn_flags = CPU_MIPS32R5 | ASE_MIPS16 | ASE_DSP | ASE_DSPR2 | ASE_MSA,
+ .insn_flags = CPU_MIPS32R5 | ASE_MIPS16 | ASE_MSA,
.mmu_type = MMU_TYPE_R4000,
},
#if defined(TARGET_MIPS64)
@@ -601,7 +602,8 @@
(2 << CP0C1_DS) | (4 << CP0C1_DL) | (3 << CP0C1_DA) |
(1 << CP0C1_PC) | (1 << CP0C1_WR) | (1 << CP0C1_EP),
.CP0_Config2 = MIPS_CONFIG2,
- .CP0_Config3 = MIPS_CONFIG3 | (1 << CP0C3_LPA),
+ .CP0_Config3 = MIPS_CONFIG3 | (1U << CP0C3_M) | (1 << CP0C3_DSP2P) |
+ (1 << CP0C3_DSPP) | (1 << CP0C3_LPA),
.CP0_LLAddr_rw_bitmask = 0,
.CP0_LLAddr_shift = 0,
.SYNCI_Step = 32,
diff --git a/target-s390x/kvm.c b/target-s390x/kvm.c
index 5b10a25..d247471 100644
--- a/target-s390x/kvm.c
+++ b/target-s390x/kvm.c
@@ -827,18 +827,18 @@
return r;
}
-static int handle_eb(S390CPU *cpu, struct kvm_run *run, uint8_t ipa1)
+static int handle_eb(S390CPU *cpu, struct kvm_run *run, uint8_t ipbl)
{
int r = 0;
- switch (ipa1) {
+ switch (ipbl) {
case PRIV_EB_SQBS:
/* just inject exception */
r = -1;
break;
default:
r = -1;
- DPRINTF("KVM: unhandled PRIV: 0xeb%x\n", ipa1);
+ DPRINTF("KVM: unhandled PRIV: 0xeb%x\n", ipbl);
break;
}
@@ -1039,7 +1039,7 @@
r = handle_b9(cpu, run, ipa1);
break;
case IPA0_EB:
- r = handle_eb(cpu, run, ipa1);
+ r = handle_eb(cpu, run, run->s390_sieic.ipb & 0xff);
break;
case IPA0_DIAG:
r = handle_diag(cpu, run, run->s390_sieic.ipb);
@@ -1272,7 +1272,7 @@
struct kvm_s390_irq irq = {
.type = KVM_S390_MCHK,
.u.mchk.cr14 = 1 << 28,
- .u.mchk.mcic = 0x00400f1d40330000,
+ .u.mchk.mcic = 0x00400f1d40330000ULL,
};
kvm_s390_floating_interrupt(&irq);
}
diff --git a/target-xtensa/cpu.h b/target-xtensa/cpu.h
index beb5486..ac463f2 100644
--- a/target-xtensa/cpu.h
+++ b/target-xtensa/cpu.h
@@ -472,6 +472,12 @@
env->itlb[wi] + ei;
}
+static inline uint32_t xtensa_replicate_windowstart(CPUXtensaState *env)
+{
+ return env->sregs[WINDOW_START] |
+ (env->sregs[WINDOW_START] << env->config->nareg / 4);
+}
+
/* MMU modes definitions */
#define MMU_MODE0_SUFFIX _ring0
#define MMU_MODE1_SUFFIX _ring1
diff --git a/target-xtensa/op_helper.c b/target-xtensa/op_helper.c
index dae1386..872e5a8 100644
--- a/target-xtensa/op_helper.c
+++ b/target-xtensa/op_helper.c
@@ -235,6 +235,12 @@
pc, env->sregs[PS]);
HELPER(exception_cause)(env, pc, ILLEGAL_INSTRUCTION_CAUSE);
} else {
+ uint32_t windowstart = xtensa_replicate_windowstart(env) >>
+ (env->sregs[WINDOW_BASE] + 1);
+
+ if (windowstart & ((1 << callinc) - 1)) {
+ HELPER(window_check)(env, pc, callinc);
+ }
env->regs[(callinc << 2) | (s & 3)] = env->regs[s] - (imm << 3);
rotate_window(env, callinc);
env->sregs[WINDOW_START] |=
diff --git a/tests/qemu-iotests/084 b/tests/qemu-iotests/084
index 2712c02..733018d 100755
--- a/tests/qemu-iotests/084
+++ b/tests/qemu-iotests/084
@@ -66,15 +66,15 @@
# check for image size too large
# poke max image size, and appropriate blocks_in_image value
-echo "Test 1: Maximum size (1024 TB):"
-poke_file "$TEST_IMG" "$ds_offset" "\x00\x00\xf0\xff\xff\xff\x03\x00"
-poke_file "$TEST_IMG" "$bii_offset" "\xff\xff\xff\x3f"
+echo "Test 1: Maximum size (512 TB - 128 MB):"
+poke_file "$TEST_IMG" "$ds_offset" "\x00\x00\x00\xf8\xff\xff\x01\x00"
+poke_file "$TEST_IMG" "$bii_offset" "\x80\xff\xff\x1f"
_img_info
echo
-echo "Test 2: Size too large (1024TB + 1)"
+echo "Test 2: Size too large (512 TB - 128 MB + 64 kB)"
# This should be too large (-EINVAL):
-poke_file "$TEST_IMG" "$ds_offset" "\x00\x00\xf1\xff\xff\xff\x03\x00"
+poke_file "$TEST_IMG" "$ds_offset" "\x00\x00\x01\xf8\xff\xff\x01\x00"
_img_info
echo
@@ -89,9 +89,9 @@
echo
echo "Test 4: Size valid (64M), but Blocks In Image exceeds max allowed"
-# Now check the bounds of blocks_in_image - 0x3fffffff should be the max
+# Now check the bounds of blocks_in_image - 0x1fffff80 should be the max
# value here, and we should get -ENOTSUP
-poke_file "$TEST_IMG" "$bii_offset" "\x00\x00\x00\x40"
+poke_file "$TEST_IMG" "$bii_offset" "\x81\xff\xff\x1f"
_img_info
# Finally, 1MB is the only block size supported. Verify that
diff --git a/tests/qemu-iotests/084.out b/tests/qemu-iotests/084.out
index ea29ae0..5ece829 100644
--- a/tests/qemu-iotests/084.out
+++ b/tests/qemu-iotests/084.out
@@ -17,17 +17,20 @@
virtual size: 64M (67108864 bytes)
cluster_size: 1048576
disk image file size in bytes: 1024
-Test 1: Maximum size (1024 TB):
-qemu-img: Could not open 'TEST_DIR/t.IMGFMT': Could not open 'TEST_DIR/t.IMGFMT': Invalid argument
+Test 1: Maximum size (512 TB - 128 MB):
+image: TEST_DIR/t.IMGFMT
+file format: IMGFMT
+virtual size: 512T (562949819203584 bytes)
+cluster_size: 1048576
-Test 2: Size too large (1024TB + 1)
-qemu-img: Could not open 'TEST_DIR/t.IMGFMT': Unsupported VDI image size (size is 0x3fffffff10000, max supported is 0x3fffffff00000)
+Test 2: Size too large (512 TB - 128 MB + 64 kB)
+qemu-img: Could not open 'TEST_DIR/t.IMGFMT': Unsupported VDI image size (size is 0x1fffff8010000, max supported is 0x1fffff8000000)
Test 3: Size valid (64M), but Blocks In Image too small (63)
qemu-img: Could not open 'TEST_DIR/t.IMGFMT': unsupported VDI image (disk size 67108864, image bitmap has room for 66060288)
Test 4: Size valid (64M), but Blocks In Image exceeds max allowed
-qemu-img: Could not open 'TEST_DIR/t.IMGFMT': unsupported VDI image (too many blocks 1073741824, max is 1073741823)
+qemu-img: Could not open 'TEST_DIR/t.IMGFMT': unsupported VDI image (too many blocks 536870785, max is 536870784)
Test 5: Valid Image: 64MB, Blocks In Image 64, Block Size 1MB
image: TEST_DIR/t.IMGFMT
diff --git a/tests/qemu-iotests/111 b/tests/qemu-iotests/111
new file mode 100755
index 0000000..6011c94
--- /dev/null
+++ b/tests/qemu-iotests/111
@@ -0,0 +1,53 @@
+#!/bin/bash
+#
+# Test case for non-existing backing file when creating a qcow2 image
+# and not specifying the size
+#
+# Copyright (C) 2014 Red Hat, Inc.
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation; either version 2 of the License, or
+# (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program. If not, see <http://www.gnu.org/licenses/>.
+#
+
+# creator
+owner=mreitz@redhat.com
+
+seq="$(basename $0)"
+echo "QA output created by $seq"
+
+here="$PWD"
+tmp=/tmp/$$
+status=1 # failure is the default!
+
+_cleanup()
+{
+ _cleanup_test_img
+}
+trap "_cleanup; exit \$status" 0 1 2 3 15
+
+# get standard environment, filters and checks
+. ./common.rc
+. ./common.filter
+
+_supported_fmt qed qcow qcow2 vmdk
+_supported_proto file
+_supported_os Linux
+_unsupported_imgopts "subformat=monolithicFlat" "subformat=twoGbMaxExtentFlat"
+
+$QEMU_IMG create -f $IMGFMT -b "$TEST_IMG.inexistent" "$TEST_IMG" 2>&1 \
+ | _filter_testdir | _filter_imgfmt
+
+# success, all done
+echo '*** done'
+rm -f $seq.full
+status=0
diff --git a/tests/qemu-iotests/111.out b/tests/qemu-iotests/111.out
new file mode 100644
index 0000000..683c01a
--- /dev/null
+++ b/tests/qemu-iotests/111.out
@@ -0,0 +1,3 @@
+QA output created by 111
+qemu-img: TEST_DIR/t.IMGFMT: Could not open 'TEST_DIR/t.IMGFMT.inexistent': No such file or directory
+*** done
diff --git a/tests/qemu-iotests/group b/tests/qemu-iotests/group
index 7b2c666..7dfe469 100644
--- a/tests/qemu-iotests/group
+++ b/tests/qemu-iotests/group
@@ -111,3 +111,4 @@
105 rw auto quick
107 rw auto quick
108 rw auto quick
+111 rw auto quick
diff --git a/tests/tcg/xtensa/test_windowed.S b/tests/tcg/xtensa/test_windowed.S
index 3de6d37..d851e8f 100644
--- a/tests/tcg/xtensa/test_windowed.S
+++ b/tests/tcg/xtensa/test_windowed.S
@@ -299,4 +299,55 @@
entry_test 12
test_end
+.macro entry_overflow_test window, free, next_window
+ set_vector window_overflow_4, 0
+ set_vector window_overflow_8, 0
+ set_vector window_overflow_12, 0
+ set_vector window_overflow_\next_window, 10f
+
+ movi a2, \window
+ movi a2, \free
+ movi a2, \next_window
+ reset_window %(1 | ((1 | (1 << ((\next_window) / 4))) << ((\free) / 4)))
+ reset_ps
+ movi a2, 0x4000f | ((\window) << 14)
+ wsr a2, ps
+ isync
+ movi a3, 0x12345678
+ j 1f
+ .align 4
+1:
+ entry a3, 0x5678
+ test_fail
+ .align 4
+10:
+ rsr a2, epc1
+ movi a3, 1b
+ assert eq, a2, a3
+ movi a2, 2f
+ wsr a2, epc1
+
+ rsr a2, windowbase
+ movi a3, (\free) / 4
+ assert eq, a2, a3
+ rfwo
+2:
+.endm
+
+.macro all_entry_overflow_tests
+ .irp window, 4, 8, 12
+ .irp next_window, 4, 8, 12
+ .irp free, 4, 8, 12
+ .if \free <= \window
+ entry_overflow_test \window, \free, \next_window
+ .endif
+ .endr
+ .endr
+ .endr
+.endm
+
+test entry_overflow
+ all_entry_overflow_tests
+test_end
+
test_suite_end
diff --git a/xen-hvm.c b/xen-hvm.c
index 21f1cbb..7548794 100644
--- a/xen-hvm.c
+++ b/xen-hvm.c
@@ -993,9 +993,8 @@
static void xen_hvm_change_state_handler(void *opaque, int running,
RunState rstate)
{
- XenIOState *xstate = opaque;
if (running) {
- xen_main_loop_prepare(xstate);
+ xen_main_loop_prepare((XenIOState *)opaque);
}
}
