When running a libvirt test suite I've noticed the qemu-img is
crashing occasionally. Tracing the problem down led me to the
following valgrind output:
qemu.git $ valgrind -q ./qemu-img create -f qed -obacking_file=/dev/null,backing_fmt=raw qed
==14881== Invalid write of size 8
==14881== at 0x1D263F: qemu_opts_create (qemu-option.c:692)
==14881== by 0x130782: bdrv_img_create (block.c:5531)
==14881== by 0x118DE0: img_create (qemu-img.c:462)
==14881== by 0x11E7E4: main (qemu-img.c:2830)
==14881== Address 0x11fedd38 is 24 bytes inside a block of size 232 free'd
==14881== at 0x4C2CA5E: realloc (in /usr/lib64/valgrind/vgpreload_memcheck-amd64-linux.so)
==14881== by 0x592D35E: g_realloc (in /usr/lib64/libglib-2.0.so.0.3800.2)
==14881== by 0x1D38D8: qemu_opts_append (qemu-option.c:1129)
==14881== by 0x13075E: bdrv_img_create (block.c:5528)
==14881== by 0x118DE0: img_create (qemu-img.c:462)
==14881== by 0x11E7E4: main (qemu-img.c:2830)
==14881==
Formatting 'qed', fmt=qed size=0 backing_file='/dev/null' backing_fmt='raw' cluster_size=65536
==14881== Invalid write of size 8
==14881== at 0x1D28BE: qemu_opts_del (qemu-option.c:750)
==14881== by 0x130BF3: bdrv_img_create (block.c:5638)
==14881== by 0x118DE0: img_create (qemu-img.c:462)
==14881== by 0x11E7E4: main (qemu-img.c:2830)
==14881== Address 0x11fedd38 is 24 bytes inside a block of size 232 free'd
==14881== at 0x4C2CA5E: realloc (in /usr/lib64/valgrind/vgpreload_memcheck-amd64-linux.so)
==14881== by 0x592D35E: g_realloc (in /usr/lib64/libglib-2.0.so.0.3800.2)
==14881== by 0x1D38D8: qemu_opts_append (qemu-option.c:1129)
==14881== by 0x13075E: bdrv_img_create (block.c:5528)
==14881== by 0x118DE0: img_create (qemu-img.c:462)
==14881== by 0x11E7E4: main (qemu-img.c:2830)
==14881==
The problem is apparently in the qemu_opts_append(). Well, if it
gets called twice or more. On the first call, when @dst is NULL
some initialization is done during which @dst->head list gets
initialized. The list is initialized in a way, so that the list
tail points at the list head. However, the next time
qemu_opts_append() is called for new options to be added,
g_realloc() may move @dst to a new address making the old list tail
point at an invalid address. If that's the case, we must update the
list pointers.
Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
The only semantic change is that bs->open_flags gets BDRV_O_PROTOCOL set
now. This isn't useful, but it doesn't hurt either. The code that was
previously skipped by 'goto done' is automatically disabled because
protocol drivers don't support backing files (and if they did, this
would probably be a fix) and can't have snapshot_flags set.
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Since we parse backing.* options to add a backing file from the command
line when the driver didn't assign one, it has been possible to have a
backing file for e.g. raw images (it just was never accessed).
This is obvious nonsense and should be rejected.
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
This recursion was introduced in commit 505d7583 in order to allow
nesting image formats. It only ever takes effect when the user
explicitly specifies a driver name and that driver isn't suitable for
the protocol level.
We can check this earlier in bdrv_open() and if the explicitly
requested driver is a format driver, clear BDRV_O_PROTOCOL so that
another bs->file layer is opened.
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
It doesn't do much any more, we can move the code to bdrv_open() now.
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Reviewed-by: Benoit Canet <benoit@irqsave.net>
Reviewed-by: Eric Blake <eblake@redhat.com>
This moves the bdrv_open_file() call a bit down so that it can use the
bdrv_open() code that selects the right block driver.
The code between the old and the new call site is either common code
(the error message for an unknown driver has been unified now) or
doesn't run with cleared BDRV_O_PROTOCOL (added an if block in one
place, whereas the right path was already asserted in another place)
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Reviewed-by: Benoit Canet <benoit@irqsave.net>
The "driver" entry in the options QDict is now only missing if we're
opening an image with format probing.
We also catch cases now where both the drv argument and a "driver"
option is specified, e.g. by specifying -drive format=qcow2,driver=raw
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
The idea of bdrv_fill_options() is to convert every parameter for
opening images, in particular the filename and flags, to entries in the
options QDict.
This patch starts with moving the filename parsing and driver probing
part from bdrv_file_open() to the new function.
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
upcoming libnfs will feature internal readahead support.
Add a knob to pass the optional readahead value as a URL
parameter.
Signed-off-by: Peter Lieven <pl@kamp.de>
Reviewed-by: Eric Blake <eblake@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
this patch fixes the incorrect usage of strncmp and
adds simple error checking by means of parse_uint_full
instead of atoi for the supplied URL parameters.
Signed-off-by: Peter Lieven <pl@kamp.de>
Reviewed-by: Eric Blake <eblake@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
All behavior and invariant should hold for images with 0 length, so
add a class to repeat all the tests in TestSingleDrive.
Hide two unapplicable test methods that would fail with 0 image length
because it's also used as cluster size.
Signed-off-by: Fam Zheng <famz@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
There should be a BLOCK_JOB_READY event with active commit, regardless
of image length. Let's test the 0 length image case, and make sure it
goes through the ready->complete process.
Signed-off-by: Fam Zheng <famz@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
When mirroring or active committing a zero length image, BLOCK_JOB_READY
is not reported now, instead the job completes because we short circuit
the mirror job loop.
This is inconsistent with non-zero length images, and only confuses
management software.
Let's do the same thing when seeing a 0-length image: report ready
immediately; wait for block-job-cancel or block-job-complete; clear the
cancel flag as existing non-zero image synced case (cancelled after
ready); then jump to the exit.
Reported-by: Eric Blake <eblake@redhat.com>
Signed-off-by: Fam Zheng <famz@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
This will unset busy flag and put coroutine to sleep, can be used to
wait for QMP complete/cancel.
Signed-off-by: Fam Zheng <famz@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)
iQEcBAABAgAGBQJTqaJDAAoJEL7lnXSkw9fbPNQIAIrqFqWaQWUNX0ANKBkmEt9w
iX/gQ0v6EXJ2eHcPvZcr5xb/5PAcPuxVzc37Nd+C0ncIdyJKZvJszxLAHMlDhwEa
ewcl2JrHxPTLJkWZVtDEalpwg9rngKfybMlNDBosSpqUcligd/RObrp28wD+OFi1
QyRMrVEaWp+40Wc6n7tdWBECw1eSNTOFislWZe6HpbfQxRICKg00g/FeODsF5R3h
xvSJA706Z2uAMVEHJMvXzCPjVwY4GY5GNV8V6ULUB+hfwB7pwlGVeRq7TZhqmjsd
XdXA2TEceH0mP5jDpyhQP9sJqnsHwfh+zfhXNZ80cYZIP0KNSuzZcsA9SjBjyEs=
=feeM
-----END PGP SIGNATURE-----
Merge remote-tracking branch 'remotes/mjt/tags/trivial-patches-2014-06-24' into staging
trivial patches for 2014-06-24
# gpg: Signature made Tue 24 Jun 2014 17:07:31 BST using RSA key ID A4C3D7DB
# gpg: Good signature from "Michael Tokarev <mjt@tls.msk.ru>"
# gpg: aka "Michael Tokarev <mjt@corpit.ru>"
# gpg: aka "Michael Tokarev <mjt@debian.org>"
# gpg: WARNING: This key is not certified with a trusted signature!
# gpg: There is no indication that the signature belongs to the owner.
# Primary key fingerprint: 6EE1 95D1 886E 8FFB 810D 4324 457C E0A0 8044 65C5
# Subkey fingerprint: 6F67 E18E 7C91 C5B1 5514 66A7 BEE5 9D74 A4C3 D7DB
* remotes/mjt/tags/trivial-patches-2014-06-24:
Add support for the arm breakpoint syscall
Increase maximum number of session of the internal TFTP server.
target-s390x: Remove unused ld_code6() function
hw/moxie/moxiesim.c: Remove unused moxie_intc_create()
target-unicore: Remove unused functions
build-sys: introduce install-prog macro to install&strip binaries and use it
tcg: mark tcg_out* and tcg_patch* with attribute 'unused'
rng-random: NULL check not needed before g_free()
block.c: Remove useless 'buf' variable
vscclient: Add required headers to fix build on FreeBSD
target-ppc: Fix compiler warning
configure: Enable TPM by default, add --disable-tpm
Fix new typos (found by codespell)
virtio-serial: remove useless set_config function
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
OABI arm used a software interrupt(0xef9f0001) for breakpoints.
Since 2005 gdb has used the break instruction(0xe7f001f0) for EABI.
Apparently Steel Bank Common Lisp still uses the swi instruction.
This is the kernel implementation:
http://lxr.free-electrons.com/source/arch/arm/kernel/traps.c#L598
Signed-off-by: Hunter Laux <hunterlaux@gmail.com>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
Grub fails to boot from internal TFTP server when loading more than
3 initrd files.
Grub first opens a session to the TFTP server for every initrd file and
retrieves only the file size for all.
Then it wants to download the content using the old sessions which are
already expired.
Increasing the maximum number of session of the internal TFTP
server avoids this issue.
The error message reads as following:
error: timeout reading
`/boot/ISO.ROOT/BOOTMGR'.
Press any key to continue...
Signed-off-by: Bernhard Übelacker <bernhardu@vr-web.de>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
The ld_code6() function is unused; remove it.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Richard Henderson <rth@twiddle.net>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
The function moxie_intc_create() is unused; remove it.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
The functions gen_st64, gen_ld64, gen_mulxy, ucf64_itod and
ucf64_dtoi are all unused; remove them.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
Use common rule (macro) to install and strip binaries, and use
it in all places where we install binaries, instead of fixing
bugs like 1319493 in every place.
(This fixes https://bugs.launchpad.net/bugs/1319493)
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
The tcg_out* and tcg_patch* functions are utility routines that may or
may not be used by a particular backend; mark them with the 'unused'
attribute to suppress spurious warnings if they aren't used.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
g_free() is NULL-safe.
Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
Reviewed-by: Markus Armbruster <armbru@redhat.com>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
'buf' is not used actually, so remove it and related snprintf() statement.
Signed-off-by: Chen Gang <gang.chen.5i5j@gmail.com>
Reviewed-by: Kevin Wolf <kwolf@redhat.com>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
gcc reports a warning which is usually wrong:
target-ppc/dfp_helper.c: In function ‘dfp_get_digit’:
target-ppc/dfp_helper.c:417:1: warning:
control reaches end of non-void function [-Wreturn-type]
The compiler shows the warning if assert is not marked with the noreturn
attribute or if the code is compiled with -DNDEBUG.
Using g_assert_not_reached better documents the intention and does not
have these problems.
Signed-off-by: Stefan Weil <sw@weilnetz.de>
Reviewed-by: Alexander Graf <agraf@suse.de>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
I don't see why tpm is disabled by default: it doesn't have any
external dependencies, or change default behavior. Leaving it disabled
is just going to cause it to bit rot.
Enable it by default, and add a --disable-tpm option.
Signed-off-by: Cole Robinson <crobinso@redhat.com>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
Its only contents are a dead memcpy. Since it is optional,
drop the function altogether.
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
Don's patches to limit below-4g ram for pc
Marcel's pcie hotplug rewrite
Gabriel's changes to e1000 auto-negotiation
qemu char bugfixes by Stefan
misc bugfixes
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQEcBAABAgAGBQJTqEbfAAoJECgfDbjSjVRpFkoIAKj/JZvwQfOkDON12iIou8Fm
qFhn9t6Tf/HHvwhsrLrPH3wnmTiwJpnSrU2/X9SjSBqugiG4NdS2BrzGS1T5mNET
Q8q2CdYhrWzriCnNMotoug8oXIJGSfORITsU2c3zH7mLJHi5V6m78PZzLiiyTgJW
VS0Zb/F2YFn9vDA6vzSX3dUCH/1MGVwTf3pSaGBs3k1DwPT9OpV7ejdhqJ0SB03t
ih//P3E5t2+kkoUEUEqHVhRepvn0nrDq9fxL97scUbhx5Lz3hBteoewNjlqDsrCv
kbX+PswfSRWTEbjQ3yeGSyyzITIe/6W7rLb2gYAl2Efn/WDGIw2JXff2XPiro1I=
=qjXy
-----END PGP SIGNATURE-----
Merge remote-tracking branch 'remotes/mst/tags/for_upstream' into staging
pc,pci,vhost,net fixes, enhancements
Don's patches to limit below-4g ram for pc
Marcel's pcie hotplug rewrite
Gabriel's changes to e1000 auto-negotiation
qemu char bugfixes by Stefan
misc bugfixes
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
# gpg: Signature made Mon 23 Jun 2014 16:25:19 BST using RSA key ID D28D5469
# gpg: Good signature from "Michael S. Tsirkin <mst@kernel.org>"
# gpg: aka "Michael S. Tsirkin <mst@redhat.com>"
* remotes/mst/tags/for_upstream: (23 commits)
xen-hvm: Handle machine opt max-ram-below-4g
pc & q35: Add new machine opt max-ram-below-4g
xen-hvm: Fix xen_hvm_init() to adjust pc memory layout
pcie: coding style tweak
hw/pcie: better hotplug/hotunplug support
hw/pcie: implement power controller functionality
hw/pcie: correct debug message
q35: Use PC_Q35_COMPAT_1_4 on pc-q35-1.4 compat_props
virtio-pci: Report an error when msix vectors init fails
qemu-char: avoid leaking unused fds in tcp_get_msgfds()
qemu-char: fix qemu_chr_fe_get_msgfd()
qapi/string-output-visitor: fix human output
e1000: factor out checking for auto-negotiation availability
e1000: move e1000_autoneg_timer() to after set_ics()
e1000: signal guest on successful link auto-negotiation
e1000: improve auto-negotiation reporting via mii-tool
e1000: emulate auto-negotiation during external link status change
qtest: fix vhost-user-test unbalanced mutex locks
qtest: fix qtest for vhost-user
libqemustub: add more stubs for qemu-char
...
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
* remotes/rth/tcg-ppc-merge-1: (25 commits)
tcg-ppc: Use the return address as a base pointer
tcg-ppc: Merge cache-utils into the backend
qemu/osdep: Remove the need for qemu_init_auxval
tcg-ppc: Rename the tcg/ppc64 backend
tcg-ppc: Remove the backend
tcg-ppc64: Merge ppc32 shifts
tcg-ppc64: Support mulsh_i32
tcg-ppc64: Merge ppc32 register usage
tcg-ppc64: Merge ppc32 qemu_ld/st
tcg-ppc64: Merge ppc32 brcond2, setcond2, muluh
tcg-ppc64: Begin merging ppc32 with ppc64
tcg-ppc64: Fix sub2 implementation
tcg-ppc64: Merge 32-bit ABIs into the prologue / frame code
tcg-ppc64: Adjust tcg_out_call for ELFv2
tcg-ppc64: Support the ppc64 elfv2 ABI
tcg-ppc64: Use the correct test in tcg_out_call
tcg-ppc64: Better parameterize the stack frame
tcg-ppc64: Fix TCG_TARGET_CALL_STACK_OFFSET
tcg-ppc64: Move call macros out of tcg-target.h
tcg-ppc64: Make TCG_AREG0 and TCG_REG_CALL_STACK enum constants
...
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
This commit refactor the simple tests to test all integer types. We
move to hex because it is easier to read values of different types.
Signed-off-by: Juan Quintela <quintela@redhat.com>
Reviewed-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
If there is an error while loading a field, we should stop reading and
not continue with the rest of fields. And we should also set an error
in qemu_file.
Signed-off-by: Juan Quintela <quintela@redhat.com>
Reviewed-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
This shows how the script deals with substructures added to vmstate
descriptions that don't change the on-wire format.
Signed-off-by: Amit Shah <amit.shah@redhat.com>
Reviewed-by: Juan Quintela <quintela@redhat.com>
Signed-off-by: Juan Quintela <quintela@redhat.com>