1. 10 11月, 2015 28 次提交
  2. 09 11月, 2015 12 次提交
    • P
      hw/timer/hpet.c: Avoid signed integer overflow which results in bugs on OSX · d17008bc
      Peter Maydell 提交于
      Signed integer overflow in C is undefined behaviour, and the compiler
      is at liberty to assume it can never happen and optimize accordingly.
      In particular, the subtractions in hpet_time_after() and hpet_time_after64()
      were causing OSX clang to optimize the code such that it was prone to
      hangs and complaints about the main loop stalling (presumably because
      we were spending all our time trying to service very high frequency
      HPET timer callbacks). The clang sanitizer confirms the UB:
      
      hw/timer/hpet.c:119:26: runtime error: signed integer overflow: -2146967296 - 2147003978 cannot be represented in type 'int'
      
      Fix this by doing the subtraction as an unsigned operation and then
      converting to signed for the comparison.
      Reported-by: NAaron Elkins <threcius@yahoo.com>
      Cc: qemu-stable@nongnu.org
      Signed-off-by: NPeter Maydell <peter.maydell@linaro.org>
      Message-id: 1447080991-24995-1-git-send-email-peter.maydell@linaro.org
      d17008bc
    • E
      qapi: Simplify non-error testing in test-qmp-* · 3f66f764
      Eric Blake 提交于
      By using &error_abort, we can avoid a local err variable in
      situations where we expect success.  It also has the nice
      effect that if the test breaks, the error message from
      error_abort tends to be nicer than that of g_assert().
      
      This patch has an additional bonus of fixing several call sites that
      were passing &err to two different functions without checking it in
      between.  In general that is unsafe practice; because if the first
      function sets an error, the second function could abort() if it tries to
      set a different error. We got away with it because we were asserting
      that err was NULL through the entire chain, but switching to
      &error_abort avoids the questionable practice up front.
      Signed-off-by: NEric Blake <eblake@redhat.com>
      Message-Id: <1446791754-23823-7-git-send-email-eblake@redhat.com>
      Signed-off-by: NMarkus Armbruster <armbru@redhat.com>
      3f66f764
    • E
      qapi: Plug leaks in test-qmp-* · b18f1141
      Eric Blake 提交于
      Make valgrind happy with the current state of the tests, so that
      it is easier to see if future patches introduce new memory problems
      without being drowned in noise.  Many of the leaks were due to
      calling a second init without tearing down the data from an earlier
      visit.  But since teardown is already idempotent, and we already
      register teardown as part of input_visitor_test_add(), it is nicer
      to just make init() safe to call multiple times than it is to have
      to make all tests call teardown.
      
      Another common leak was forgetting to clean up an error object,
      after testing that an error was raised.
      
      Another leak was in test_visitor_in_struct_nested(), failing to
      clean the base member of UserDefTwo.  Cleaning that up left
      check_and_free_str() as dead code (since using the qapi_free_*
      takes care of recursion, and we don't want double frees).
      
      A final leak was in test_visitor_out_any(), which was reassigning
      the qobj local variable to a subset of the overall structure
      needing freeing; it did not result in a use-after-free, but
      was not cleaning up all the qdict.
      
      test-qmp-event and test-qmp-commands were already clean.
      Signed-off-by: NEric Blake <eblake@redhat.com>
      Message-Id: <1446791754-23823-6-git-send-email-eblake@redhat.com>
      Signed-off-by: NMarkus Armbruster <armbru@redhat.com>
      b18f1141
    • E
      qapi: Share test_init code in test-qmp-input* · 0920a171
      Eric Blake 提交于
      Rather than duplicate the body of two functions just to
      decide between qobject_from_jsonv() and qobject_from_json(),
      exploit the fact that qobject_from_jsonv() intentionally
      takes 'va_list *' instead of the more common 'va_list', and
      that qobject_from_json() just calls qobject_from_jsonv(,NULL).
      For each file, our two existing init functions then become
      thin wrappers around a new internal function, and future
      updates to initialization don't have to be duplicated.
      Suggested-by: NMarkus Armbruster <armbru@redhat.com>
      Signed-off-by: NEric Blake <eblake@redhat.com>
      Message-Id: <1446791754-23823-5-git-send-email-eblake@redhat.com>
      [Two old comment typos fixed]
      Signed-off-by: NMarkus Armbruster <armbru@redhat.com>
      0920a171
    • E
      qobject: Protect against use-after-free in qobject_decref() · cc9f60d4
      Eric Blake 提交于
      Adding an assertion to qobject_decref() will ensure that a
      programming error causing use-after-free will result in
      immediate failure (provided no other thread has started
      using the memory) instead of silently attempting to wrap
      refcnt around and leaving the problem to potentially bite
      later at a harder point to diagnose.
      Suggested-by: NMarkus Armbruster <armbru@redhat.com>
      Signed-off-by: NEric Blake <eblake@redhat.com>
      Message-Id: <1446791754-23823-4-git-send-email-eblake@redhat.com>
      Signed-off-by: NMarkus Armbruster <armbru@redhat.com>
      cc9f60d4
    • E
      qapi: Strengthen test of TestStructList · bd20588d
      Eric Blake 提交于
      Make each list element different, to ensure that order is
      preserved, and use the generated free function instead of
      hand-rolling our own to ensure (under valgrind) that the
      list is properly cleaned.
      Suggested-by: NMarkus Armbruster <armbru@redhat.com>
      Signed-off-by: NEric Blake <eblake@redhat.com>
      Message-Id: <1446791754-23823-3-git-send-email-eblake@redhat.com>
      Signed-off-by: NMarkus Armbruster <armbru@redhat.com>
      bd20588d
    • E
      qapi: Use generated TestStruct machinery in tests · 748053c9
      Eric Blake 提交于
      Commit d88f5fd1 and friends first introduced the various test-qmp-*
      tests in 2011, with duplicated hand-rolled TestStruct machinery,
      to make sure the qapi visitor interface was tested.  Later, commit
      4f193e34 in 2013 added a .json file for further testing use by the
      files, but without consolidating any of the existing hand-rolled
      visitors.  And with four copies, subtle differences have crept in,
      between the tests themselves (mainly whitespace differences, but
      also a question of whether to use NULL or "TestStruct" when
      calling visit_start_struct()) and from what the generator produces
      (the hand-rolled versions did not cater to partially-allocated
      objects, because they did not have a deallocation usage).
      
      Of course, just because the visitor interface is tested does not
      mean it is a sane interface; and future patches will be changing
      some of the visitor contracts.  Rather than having to duplicate
      the cleanup work in each copy of the TestStruct visitor, and keep
      each hand-rolled copy in sync with what the generator supplies, we
      might as well just test what the generator should give us in the
      first place.
      Signed-off-by: NEric Blake <eblake@redhat.com>
      Message-Id: <1446791754-23823-2-git-send-email-eblake@redhat.com>
      Signed-off-by: NMarkus Armbruster <armbru@redhat.com>
      748053c9
    • P
      Merge remote-tracking branch 'remotes/stefanha/tags/block-pull-request' into staging · 9d5c1dc1
      Peter Maydell 提交于
      # gpg: Signature made Mon 09 Nov 2015 10:08:17 GMT using RSA key ID 81AB73C8
      # gpg: Good signature from "Stefan Hajnoczi <stefanha@redhat.com>"
      # gpg:                 aka "Stefan Hajnoczi <stefanha@gmail.com>"
      
      * remotes/stefanha/tags/block-pull-request:
        blockdev: acquire AioContext in hmp_commit()
        monitor: add missed aio_context_acquire into vm_completion call
        aio: Introduce aio-epoll.c
        aio: Introduce aio_context_setup
        aio: Introduce aio_external_disabled
        dataplane: support non-contigious s/g
        dataplane: simplify indirect descriptor read
      Signed-off-by: NPeter Maydell <peter.maydell@linaro.org>
      9d5c1dc1
    • S
      blockdev: acquire AioContext in hmp_commit() · 84aa0140
      Stefan Hajnoczi 提交于
      This one slipped through.  Although we acquire AioContext when
      committing all devices we don't for just a single device.
      
      AioContext must be acquired before calling bdrv_*() functions to
      synchronize access with other threads that may be using the AioContext.
      Signed-off-by: NStefan Hajnoczi <stefanha@redhat.com>
      Signed-off-by: NDenis V. Lunev <den@openvz.org>
      Reviewed-by: NJeff Cody <jcody@redhat.com>
      Signed-off-by: NStefan Hajnoczi <stefanha@redhat.com>
      84aa0140
    • D
      monitor: add missed aio_context_acquire into vm_completion call · 6bf1faa8
      Denis V. Lunev 提交于
      Signed-off-by: NDenis V. Lunev <den@openvz.org>
      CC: Stefan Hajnoczi <stefanha@redhat.com>
      CC: Kevin Wolf <kwolf@redhat.com>
      CC: Luiz Capitulino <lcapitulino@redhat.com>
      CC: Markus Armbruster <armbru@redhat.com>
      Signed-off-by: NStefan Hajnoczi <stefanha@redhat.com>
      6bf1faa8
    • F
      aio: Introduce aio-epoll.c · fbe3fc5c
      Fam Zheng 提交于
      To minimize code duplication, epoll is hooked into aio-posix's
      aio_poll() instead of rolling its own. This approach also has both
      compile-time and run-time switchability.
      
      1) When QEMU starts with a small number of fds in the event loop, ppoll
      is used.
      
      2) When QEMU starts with a big number of fds, or when more devices are
      hot plugged, epoll kicks in when the number of fds hits the threshold.
      
      3) Some fds may not support epoll, such as tty based stdio. In this
      case, it falls back to ppoll.
      
      A rough benchmark with scsi-disk on virtio-scsi dataplane (epoll gets
      enabled from 64 onward). Numbers are in MB/s.
      
      ===============================================
                   |     master     |     epoll
                   |                |
      scsi disks # | read    randrw | read    randrw
      -------------|----------------|----------------
      1            | 86      36     | 92      45
      8            | 87      43     | 86      41
      64           | 71      32     | 70      38
      128          | 48      24     | 58      31
      256          | 37      19     | 57      28
      ===============================================
      
      To comply with aio_{disable,enable}_external, we always use ppoll when
      aio_external_disabled() is true.
      
      [Removed #ifdef CONFIG_EPOLL around AioContext epollfd field declaration
      since the field is also referenced outside CONFIG_EPOLL code.
      --Stefan]
      Signed-off-by: NFam Zheng <famz@redhat.com>
      Message-id: 1446177989-6702-4-git-send-email-famz@redhat.com
      Signed-off-by: NStefan Hajnoczi <stefanha@redhat.com>
      fbe3fc5c
    • F
      aio: Introduce aio_context_setup · 37fcee5d
      Fam Zheng 提交于
      This is the place to initialize platform specific bits of AioContext.
      Signed-off-by: NFam Zheng <famz@redhat.com>
      Message-id: 1446177989-6702-3-git-send-email-famz@redhat.com
      Signed-off-by: NStefan Hajnoczi <stefanha@redhat.com>
      37fcee5d