- 31 7月, 2017 36 次提交
-
-
由 Peter Maydell 提交于
target-arm queue: * fix broken properties on MPS2 SCC device * fix MPU trace handling of write vs exec * fix MPU M profile bugs: - not handling system space or PPB region correctly - not resetting state - not migrating MPU_RNR # gpg: Signature made Mon 31 Jul 2017 13:21:40 BST # gpg: using RSA key 0x3C2525ED14360CDE # gpg: Good signature from "Peter Maydell <peter.maydell@linaro.org>" # gpg: aka "Peter Maydell <pmaydell@gmail.com>" # gpg: aka "Peter Maydell <pmaydell@chiark.greenend.org.uk>" # Primary key fingerprint: E1A5 C593 CD41 9DE2 8E83 15CF 3C25 25ED 1436 0CDE * remotes/pmaydell/tags/pull-target-arm-20170731: hw/mps2_scc: fix incorrect properties target/arm: Migrate MPU_RNR register state for M profile cores target/arm: Move PMSAv7 reset into arm_cpu_reset() so M profile MPUs get reset target/arm: Rename cp15.c6_rgnr to pmsav7.rnr target/arm: Don't allow guest to make System space executable for M profile target/arm: Don't do MPU lookups for addresses in M profile PPB region target/arm: Correct MPU trace handling of write vs execute Signed-off-by: NPeter Maydell <peter.maydell@linaro.org>
-
由 Peter Maydell 提交于
This reverts commit bc658e4a. Some versions of gcc warn about this: linux-user/syscall.c: In function ‘do_ioctl_rt’: linux-user/syscall.c:5577:37: error: ‘host_rt_dev_ptr’ may be used uninitialized in this function [-Werror=uninitialized] and in particular the Travis builds fail; they use gcc (Ubuntu/Linaro 4.6.3-1ubuntu5) 4.6.3. Revert the change to fix the travis builds. Signed-off-by: NPeter Maydell <peter.maydell@linaro.org>
-
由 Philippe Mathieu-Daudé 提交于
Signed-off-by: NPhilippe Mathieu-Daudé <f4bug@amsat.org> Message-id: 20170729234930.725-1-f4bug@amsat.org Reviewed-by: NPeter Maydell <peter.maydell@linaro.org> Signed-off-by: NPeter Maydell <peter.maydell@linaro.org>
-
由 Peter Maydell 提交于
The PMSAv7 region number register is migrated for R profile cores using the cpreg scheme, but M profile doesn't use cpregs, and so we weren't migrating the MPU_RNR register state at all. Fix that by adding a migration subsection for the M profile case. Signed-off-by: NPeter Maydell <peter.maydell@linaro.org> Reviewed-by: NPhilippe Mathieu-Daudé <f4bug@amsat.org> Message-id: 1501153150-19984-6-git-send-email-peter.maydell@linaro.org
-
由 Peter Maydell 提交于
When the PMSAv7 implementation was originally added it was for R profile CPUs only, and reset was handled using the cpreg .resetfn hooks. Unfortunately for M profile cores this doesn't work, because they do not register any cpregs. Move the reset handling into arm_cpu_reset(), where it will work for both R profile and M profile cores. Signed-off-by: NPeter Maydell <peter.maydell@linaro.org> Reviewed-by: NPhilippe Mathieu-Daudé <f4bug@amsat.org> Message-id: 1501153150-19984-5-git-send-email-peter.maydell@linaro.org
-
由 Peter Maydell 提交于
Almost all of the PMSAv7 state is in the pmsav7 substruct of the ARM CPU state structure. The exception is the region number register, which is in cp15.c6_rgnr. This exception is a bit odd for M profile, which otherwise generally does not store state in the cp15 substruct. Rename cp15.c6_rgnr to pmsav7.rnr accordingly. Signed-off-by: NPeter Maydell <peter.maydell@linaro.org> Reviewed-by: NPhilippe Mathieu-Daudé <f4bug@amsat.org> Message-id: 1501153150-19984-4-git-send-email-peter.maydell@linaro.org
-
由 Peter Maydell 提交于
For an M profile v7PMSA, the system space (0xe0000000 - 0xffffffff) can never be executable, even if the guest tries to set the MPU registers up that way. Enforce this restriction. Signed-off-by: NPeter Maydell <peter.maydell@linaro.org> Reviewed-by: NPhilippe Mathieu-Daudé <f4bug@amsat.org> Message-id: 1501153150-19984-3-git-send-email-peter.maydell@linaro.org
-
由 Peter Maydell 提交于
The M profile PMSAv7 specification says that if the address being looked up is in the PPB region (0xe0000000 - 0xe00fffff) then we do not use the MPU regions but always use the default memory map. Implement this (we were previously behaving like an R profile PMSAv7, which does not special case this). Signed-off-by: NPeter Maydell <peter.maydell@linaro.org> Reviewed-by: NPhilippe Mathieu-Daudé <f4bug@amsat.org> Message-id: 1501153150-19984-2-git-send-email-peter.maydell@linaro.org
-
由 Peter Maydell 提交于
Correct off-by-one bug in the PSMAv7 MPU tracing where it would print a write access as "reading", an insn fetch as "writing", and a read access as "execute". Since we have an MMUAccessType enum now, we can make the code clearer in the process by using that rather than the raw 0/1/2 values. Signed-off-by: NPeter Maydell <peter.maydell@linaro.org> Reviewed-by: NRichard Henderson <rth@twiddle.net> Message-id: 1500906792-18010-1-git-send-email-peter.maydell@linaro.org
-
由 Peter Maydell 提交于
trivial patches for 2017-07-31 # gpg: Signature made Mon 31 Jul 2017 11:18:57 BST # gpg: using RSA key 0x701B4F6B1A693E59 # gpg: Good signature from "Michael Tokarev <mjt@tls.msk.ru>" # gpg: aka "Michael Tokarev <mjt@corpit.ru>" # gpg: aka "Michael Tokarev <mjt@debian.org>" # Primary key fingerprint: 6EE1 95D1 886E 8FFB 810D 4324 457C E0A0 8044 65C5 # Subkey fingerprint: 7B73 BAD6 8BE7 A2C2 8931 4B22 701B 4F6B 1A69 3E59 * remotes/mjt/tags/trivial-patches-fetch: (25 commits) docs: fix broken paths to docs/specs/ivshmem-spec.txt docs: fix broken paths to docs/config/ich9-ehci-uhci.cfg docs: fix broken paths to docs/devel/tracing.txt docs: fix broken paths to docs/devel/atomics.txt docs: fix broken paths to docs/devel/qapi-code-gen.txt docs: fix broken paths to docs/interop/qcow2.txt docs: fix broken paths to docs/interop dir thunk: assert nb_fields is valid syscall: check inotify() and eventfd() return value syscall: fix use of uninitialized values syscall: fix dereference of undefined pointer linux-user/sh4: fix incorrect memory write m68k/translate: fix incorrect copy/paste net/eth: fix incorrect check of iov_to_buf() return value ui/vnc: fix leak of SocketAddress ** qcow2: fix null pointer dereference ivshmem: fix incorrect error handling in ivshmem_recv_msg() loader: check get_image_size() return value tests: add missing dependency to build QTEST_QEMU_BINARY qemu-system-tricore: segfault when entering "x 0" on the monitor ... Signed-off-by: NPeter Maydell <peter.maydell@linaro.org>
-
由 Philippe Mathieu-Daudé 提交于
When this file was rewritten/renamed in fdee2025, a reference path was not updated. Signed-off-by: NPhilippe Mathieu-Daudé <f4bug@amsat.org> Signed-off-by: NMichael Tokarev <mjt@tls.msk.ru>
-
由 Philippe Mathieu-Daudé 提交于
With the move of some docs/ to docs/devel/ on ac06724a, a reference path was not updated. Signed-off-by: NPhilippe Mathieu-Daudé <f4bug@amsat.org> Signed-off-by: NMichael Tokarev <mjt@tls.msk.ru>
-
由 Philippe Mathieu-Daudé 提交于
With the move of some docs/ to docs/devel/ on ac06724a, no references were updated. Signed-off-by: NPhilippe Mathieu-Daudé <f4bug@amsat.org> Reviewed-by: NStefan Hajnoczi <stefanha@redhat.com> Signed-off-by: NMichael Tokarev <mjt@tls.msk.ru>
-
由 Philippe Mathieu-Daudé 提交于
With the move of some docs/ to docs/devel/ on ac06724a, a couple of references were not updated. Signed-off-by: NPhilippe Mathieu-Daudé <f4bug@amsat.org> Signed-off-by: NMichael Tokarev <mjt@tls.msk.ru>
-
由 Philippe Mathieu-Daudé 提交于
With the move of some docs to docs/interop on ac06724a, a couple of references were not updated. Signed-off-by: NPhilippe Mathieu-Daudé <f4bug@amsat.org> Signed-off-by: NMichael Tokarev <mjt@tls.msk.ru>
-
由 Philippe Mathieu-Daudé 提交于
With the move of some docs to docs/interop on d59157ea, a reference path was not updated. Signed-off-by: NPhilippe Mathieu-Daudé <f4bug@amsat.org> Reviewed-by: NKevin Wolf <kwolf@redhat.com> Signed-off-by: NMichael Tokarev <mjt@tls.msk.ru>
-
由 Cleber Rosa 提交于
With the move of some docs to docs/interop on d59157ea, a couple of references were not updated. Signed-off-by: NCleber Rosa <crosa@redhat.com> [PMD: fixed a typo and another reference of docs/interop/qmp-spec.txt] Signed-off-by: NPhilippe Mathieu-Daudé <f4bug@amsat.org> Reviewed-by: NEric Blake <eblake@redhat.com> Signed-off-by: NMichael Tokarev <mjt@tls.msk.ru>
-
由 Philippe Mathieu-Daudé 提交于
thunk.c:91:32: warning: Call to 'malloc' has an allocation size of 0 bytes se->field_offsets[i] = malloc(nb_fields * sizeof(int)); ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Reported-by: Clang Static Analyzer Signed-off-by: NPhilippe Mathieu-Daudé <f4bug@amsat.org> Signed-off-by: NMichael Tokarev <mjt@tls.msk.ru>
-
由 Philippe Mathieu-Daudé 提交于
linux-user/syscall.c:555:25: warning: Out of bound memory access (accessed memory precedes memory block) target_fd_trans[fd] = trans; ~~~~~~~~~~~~~~~~~~~~^~~~~~~ Reported-by: Clang Static Analyzer Suggested-by: NLaurent Vivier <lvivier@redhat.com> Signed-off-by: NPhilippe Mathieu-Daudé <f4bug@amsat.org> Reviewed-by: NLaurent Vivier <laurent@vivier.eu> Signed-off-by: NMichael Tokarev <mjt@tls.msk.ru>
-
由 Philippe Mathieu-Daudé 提交于
linux-user/syscall.c:1627:35: warning: 1st function call argument is an uninitialized value target_saddr->sa_family = tswap16(addr->sa_family); ^~~~~~~~~~~~~~~~~~~~~~~~ linux-user/syscall.c:1629:25: warning: The left operand of '==' is a garbage value if (addr->sa_family == AF_NETLINK && len >= sizeof(struct sockaddr_nl)) { ~~~~~~~~~~~~~~~ ^ Reported-by: Clang Static Analyzer Signed-off-by: NPhilippe Mathieu-Daudé <f4bug@amsat.org> Reviewed-by: NLaurent Vivier <laurent@vivier.eu> Signed-off-by: NMichael Tokarev <mjt@tls.msk.ru>
-
由 Philippe Mathieu-Daudé 提交于
linux-user/syscall.c:5581:9: warning: Dereference of undefined pointer value if (*host_rt_dev_ptr != 0) { ^~~~~~~~~~~~~~~~ Reported-by: Clang Static Analyzer Suggested-by: NLaurent Vivier <lvivier@redhat.com> Signed-off-by: NPhilippe Mathieu-Daudé <f4bug@amsat.org> Reviewed-by: NLaurent Vivier <laurent@vivier.eu> Signed-off-by: NMichael Tokarev <mjt@tls.msk.ru>
-
由 Philippe Mathieu-Daudé 提交于
not hit since 2009! :) linux-user/elfload.c:1102:20: warning: Out of bound memory access (access exceeds upper limit of memory block) (*regs[i]) = tswap32(env->gregs[i]); ~~~~~~~~~~~^~~~~~~~~~~~~~~~~~~~~~~~ Reported-by: Clang Static Analyzer Signed-off-by: NPhilippe Mathieu-Daudé <f4bug@amsat.org> Reviewed-by: NLaurent Vivier <laurent@vivier.eu> Signed-off-by: NMichael Tokarev <mjt@tls.msk.ru>
-
由 Philippe Mathieu-Daudé 提交于
db3d7945 extended gen_cc_cond() for cond [6, 7, 9, 10] but misswrote [4, 5] target/m68k/translate.c:1323:70: warning: identical expressions on both sides of logical operator if (op == CC_OP_ADDB || op == CC_OP_ADDW || op == CC_OP_ADDL || op == CC_OP_ADDB || op == CC_OP_ADDW || op == CC_OP_ADDL) { ~~~~~~~~~~~~~~~~ ~~~~~~~~~~~~~~~~ ~~~~~~~~~~~~~~~~ ^ Reported-by: Clang Static Analyzer Signed-off-by: NPhilippe Mathieu-Daudé <f4bug@amsat.org> Reviewed-by: NLaurent Vivier <laurent@vivier.eu> Reviewed-by: NRichard Henderson <rth@twiddle.net> Signed-off-by: NMichael Tokarev <mjt@tls.msk.ru>
-
由 Philippe Mathieu-Daudé 提交于
So we have sizeof(struct in6_address) != sizeof(uintptr_t) and Clang > Coverity on this, see 4555ca68 :) net/eth.c:426:30: warning: The code calls sizeof() on a pointer type. This can produce an unexpected result return bytes_read == sizeof(dst_addr); ^ ~~~~~~~~~~ net/eth.c:475:34: warning: The code calls sizeof() on a pointer type. This can produce an unexpected result return bytes_read == sizeof(src_addr); ^ ~~~~~~~~~~ Reported-by: Clang Static Analyzer Signed-off-by: NPhilippe Mathieu-Daudé <f4bug@amsat.org> Reviewed-by: NDmitry Fleytman <dmitry@daynix.com> Signed-off-by: NMichael Tokarev <mjt@tls.msk.ru>
-
由 Philippe Mathieu-Daudé 提交于
Extract the (correct) cleaning code as a new function vnc_free_addresses() then use it to remove the memory leaks. Reported-by: Clang Static Analyzer Signed-off-by: NPhilippe Mathieu-Daudé <f4bug@amsat.org> Reviewed-by: NDaniel P. Berrange <berrange@redhat.com> Signed-off-by: NMichael Tokarev <mjt@tls.msk.ru>
-
由 Philippe Mathieu-Daudé 提交于
It seems this assert() was somehow misplaced. block/qcow2-refcount.c:2193:42: warning: Array access (from variable 'on_disk_reftable') results in a null pointer dereference on_disk_reftable[refblock_index] = refblock_offset; ~~~~~~~~~~~~~~~~ ^ Reported-by: Clang Static Analyzer Signed-off-by: NPhilippe Mathieu-Daudé <f4bug@amsat.org> Reviewed-by: NEric Blake <eblake@redhat.com> Signed-off-by: NMichael Tokarev <mjt@tls.msk.ru>
-
由 Philippe Mathieu-Daudé 提交于
Screwed up in commit 3a55fc0f, v2.6.0. If qemu_chr_fe_read_all() returns -EINTR the do {} statement continues and the n accumulator used to complete reads upto sizeof(msg) is decremented by 4 (the value of EINTR on Linux). To avoid that, use simpler if() statements and continue if EINTR occured. hw/misc/ivshmem.c:650:14: warning: Loss of sign in implicit conversion } while (n < sizeof(msg)); ^ Reported-by: Clang Static Analyzer Signed-off-by: NPhilippe Mathieu-Daudé <f4bug@amsat.org> Reviewed-by: NMarkus Armbruster <armbru@redhat.com> Signed-off-by: NMichael Tokarev <mjt@tls.msk.ru>
-
由 Philippe Mathieu-Daudé 提交于
since a negative value means it errored. hw/core/loader.c:149:9: warning: Loss of sign in implicit conversion if (size > max_sz) { ^~~~ hw/core/loader.c:171:9: warning: Loss of sign in implicit conversion if (size > memory_region_size(mr)) { ^~~~ Reported-by: Clang Static Analyzer Signed-off-by: NPhilippe Mathieu-Daudé <f4bug@amsat.org> Reviewed-by: NEric Blake <eblake@redhat.com> Reviewed-by: NAlistair Francis <alistair.francis@xilinx.com> Signed-off-by: NMichael Tokarev <mjt@tls.msk.ru>
-
由 Philippe Mathieu-Daudé 提交于
This allow a one liner from fresh repository clone, i.e.: ./configure && make -j check-qtest-aarch64 Signed-off-by: NPhilippe Mathieu-Daudé <f4bug@amsat.org> Reviewed-by: NAlex Bennée <alex.bennee@linaro.org> Reviewed-by: NStefan Hajnoczi <stefanha@redhat.com> Reviewed-by: NJohn Snow <jsnow@redhat.com> Signed-off-by: NMichael Tokarev <mjt@tls.msk.ru>
-
由 Eduardo Otubo 提交于
Starting Qemu with "qemu-system-tricore -nographic -M tricore_testboard -S" and entering "x 0" at the monitor prompt leads to Segmentation fault. This happens because tricore_cpu_get_phys_page_debug() is not implemented yet, this is a temporary workaround to avoid the crash. Signed-off-by: NEduardo Otubo <otubo@redhat.com> Tested-by: NThomas Huth <thuth@redhat.com> Signed-off-by: NMichael Tokarev <mjt@tls.msk.ru>
-
由 Marc-André Lureau 提交于
It got moved in qga/main.c from commit 2870dc34. Signed-off-by: NMarc-André Lureau <marcandre.lureau@redhat.com> Reviewed-by: NMichael Roth <mdroth@linux.vnet.ibm.com> Signed-off-by: NMichael Tokarev <mjt@tls.msk.ru>
-
由 Marc-André Lureau 提交于
If slirp is disabled, it will fail with: qemu-system-x86_64: -netdev user,id=qtest-bn0: Parameter 'type' expects a netdev backend type Signed-off-by: NMarc-André Lureau <marcandre.lureau@redhat.com> Signed-off-by: NMichael Tokarev <mjt@tls.msk.ru>
-
由 Thomas Huth 提交于
Currently get_maintainers.pl claims that the configure script is maintained by Kamil: $ scripts/get_maintainer.pl -f configure Kamil Rytarowski <kamil@netbsd.org> (maintainer:NETBSD) qemu-devel@nongnu.org (open list:All patches CC here) This happens because the regex pattern for the NETBSD entry triggers on everything that contains the keyword "NetBSD". Ease the situation a little bit by restricting this to "Subject:" lines only, like we do it in the "trivial patches" section already. Reported-by: NPhilippe Mathieu-Daudé <f4bug@amsat.org> Signed-off-by: NThomas Huth <thuth@redhat.com> Reviewed-by: NEric Blake <eblake@redhat.com> Signed-off-by: NMichael Tokarev <mjt@tls.msk.ru>
-
由 Eduardo Otubo 提交于
Starting qemu-system-unicore32 without the -kernel parameter results in an assert() returns false and aborts qemu. This patch replaces it with a proper error message followed by exit(1). Signed-off-by: NEduardo Otubo <otubo@redhat.com> Tested-by: NThomas Huth <thuth@redhat.com> Signed-off-by: NMichael Tokarev <mjt@tls.msk.ru>
-
由 Marc-André Lureau 提交于
user_creatable_add_opts() returns a reference (the other reference is for the root parent/child link). Leak introduced in commit a1af255f. Signed-off-by: NMarc-André Lureau <marcandre.lureau@redhat.com> Reviewed-by: NMarkus Armbruster <armbru@redhat.com> Signed-off-by: NMichael Tokarev <mjt@tls.msk.ru>
-
由 Peter Maydell 提交于
ppc patch queue 2017-07-31 This has a couple of last minute bugfixes for qemu 2.10. # gpg: Signature made Mon 31 Jul 2017 05:25:54 BST # gpg: using RSA key 0x6C38CACA20D9B392 # gpg: Good signature from "David Gibson <david@gibson.dropbear.id.au>" # gpg: aka "David Gibson (Red Hat) <dgibson@redhat.com>" # gpg: aka "David Gibson (ozlabs.org) <dgibson@ozlabs.org>" # gpg: aka "David Gibson (kernel.org) <dwg@kernel.org>" # Primary key fingerprint: 75F4 6586 AE61 A66C C44E 87DC 6C38 CACA 20D9 B392 * remotes/dgibson/tags/ppc-for-2.10-20170731: Revert "spapr: populate device tree depending on XIVE_EXPLOIT option" spapr_drc: fix realize and unrealize Signed-off-by: NPeter Maydell <peter.maydell@linaro.org>
-
- 29 7月, 2017 4 次提交
-
-
由 David Gibson 提交于
This reverts commit b8768042. I thought this was a harmless preliminary for XIVE enablement patches we expect later on. However, due to some subtle interactions between qemu and SLOF (guest firmware) this breaks some things. Revert it for now, we'll work out how to fix it when the rest of the XIVE patches are ready. Signed-off-by: NDavid Gibson <david@gibson.dropbear.id.au>
-
由 Greg Kurz 提交于
If object_property_add_alias() returns an error in realize(), we should propagate it to the caller and certainly not unref the DRC. Same thing goes for unrealize(). Since object_property_del() is the last call, we can even get rid of the intermediate Error *. And finally, unrealize() should undo all registrations performed by realize(). Signed-off-by: NGreg Kurz <groug@kaod.org> Signed-off-by: NDavid Gibson <david@gibson.dropbear.id.au>
-
由 Peter Maydell 提交于
nbd patches for 2017-07-28 - Philippe Mathieu-Daudé - nbd: fix memory leak in nbd_opt_go() # gpg: Signature made Fri 28 Jul 2017 17:59:39 BST # gpg: using RSA key 0xA7A16B4A2527436A # gpg: Good signature from "Eric Blake <eblake@redhat.com>" # gpg: aka "Eric Blake (Free Software Programmer) <ebb9@byu.net>" # gpg: aka "[jpeg image of size 6874]" # Primary key fingerprint: 71C2 CC22 B1C4 6029 27D2 F3AA A7A1 6B4A 2527 436A * remotes/ericb/tags/pull-nbd-2017-07-28: nbd: fix memory leak in nbd_opt_go() Signed-off-by: NPeter Maydell <peter.maydell@linaro.org>
-
由 Philippe Mathieu-Daudé 提交于
nbd/client.c:385:12: warning: Potential leak of memory pointed to by 'buf' Reported-by: Clang Static Analyzer Signed-off-by: NPhilippe Mathieu-Daudé <f4bug@amsat.org> Reviewed-by: NEric Blake <eblake@redhat.com> Message-Id: <20170727024224.22900-5-f4bug@amsat.org> [introduced in commit 8ecaeae8] Signed-off-by: NEric Blake <eblake@redhat.com>
-