Re: [Qemu-devel] [PATCH] add "info ioapic" monitor command
On Thu, Dec 31, 2009 at 12:57:44PM -0600, Anthony Liguori wrote: > On 12/31/2009 09:33 AM, Gleb Natapov wrote: > >On Thu, Dec 31, 2009 at 08:15:29AM -0600, Anthony Liguori wrote: > >>On 12/30/2009 06:16 PM, Gleb Natapov wrote: > >>>It helps debug problems and it is not intrusive. Since 0.12 will be used > >>>for a long time I want to add it there for convenience. > >> > >>stable is for bug fixes only. > >> > >This is to close minded. Not able to debug hard to reproduce problems when > >they appear > >at the environment you can't replicate is a bug. > > > Every feature is important to someone and there is at least someone > who wants just about every feature backported to stable. > Agree and that is why practical judgment is needed. Humans, not binary algorithm decides what to port and what not too. > Looking at this patch, it adds a new monitor command which > potentially means that the QMP protocol is changing (as there is now > a new command). This is definitely not something we want to do in > stable. > Does QMP expose list of available command through QMP protocol? Because if it is not, there is no such issues as you describe at all, but event if it is isn't the goal of QMP to make handling of such cases transparent for management software. There will be one more element returned in command list that is all. -- Gleb.
Re: [Qemu-devel] [PATCHv2] add "info ioapic" monitor command
On Thu, Dec 31, 2009 at 01:05:18PM -0600, Anthony Liguori wrote: > On 12/31/2009 09:42 AM, Gleb Natapov wrote: > >On Thu, Dec 31, 2009 at 08:20:06AM -0600, Anthony Liguori wrote: > >>On 12/30/2009 06:20 PM, Gleb Natapov wrote: > >>>I included only the state I need for debugging. I don't what to see > >>>complete state. It will just clatter important info. > >> > >>Someone may find that full state useful though. There's no good > >>reason to not show the entire device's state. > >> > >There is no good reason to not show the entire device's state in > >addition to nicely formated most useful part of it. Here I fixed it for > >you. > > > Have you even attempted to look at what the generic implementation > would be? ioapic has three vmstate fields. If you decode ioredtbl > into six subfields, then you're only adding two addition fields to > be printed. > I you seriously suggesting that we should tie the way device state is migrated to the way device information is printed? > I can't believe that having those two extra fields is really going > to make it any more difficult to debug. > Can't parse that. > And being able to dump any device state is certainly going to be > useful in the future. > No arguing with that. -- Gleb.
Re: [Qemu-devel] [PATCH] add "info ioapic" monitor command
On Thu, Dec 31, 2009 at 01:01:50PM -0600, Anthony Liguori wrote: > On 12/31/2009 09:39 AM, Gleb Natapov wrote: > >>The common case is where you just want to see the state of the > >>device. We support hundreds of devices. We can have one code path > >>that displays 95% of them with a couple devices that have exceptions > >>or we could have hundreds of these commands that aren't consistent > >>because they're all open-coded. > >I am not against having common code path that prints out state of all > >devices. It just different from what I am trying to achieve with my patch. > >My patch adds parsing and pretty-printing of device state and that's the > >part that is not addressed with your common code scenario. > > A common device printing mechanism is probably no more code than > your current patch. > Have you looked at my patch at all? What part of it can be made generic in your opinion? All it does is transforms ioapic state to human readable way (and that requires device internals kwoulage) and pot it into QObject form. > My position is that if that generic mechanism is not good enough for > you, then we should look at fixing that problem instead of > introducing a completely redundant mechanism. > Generic mechanism is by definition cannot decode device state with knowledge of device specific details. > Heck, even if you had a generic mechanism and then a big if in the > middle of it that treated ioapic better than other devices, it would > be 100x better than introducing a 1-off command. > The 'if' you are talking about (which is crazy by the way 'if' for each device in a common code?) will call the function my patch adds. -- Gleb.
[Qemu-devel] LatticeMico32/Milkymist support
Hi, Would anyone be interested in adding the support of the LatticeMico32 [1] microprocessor and the Milkymist System-on-Chip [2] to QEMU? This would help the open source hardware movement by easing software development on free platforms. Currently, QEMU only supports proprietary systems. Adding this support should be straightforward for anyone who has experience with the QEMU source code. LatticeMico32 is a fairly ordinary RISC processor (very similar to ARM or MIPS) and the Milkymist system-on-chip peripherals are made as simple as possible. Sébastien [1] http://www.milkymist.org/doc/lm32_archman.pdf [2] http://www.milkymist.org/doc/paper_overview.pdf
[Qemu-devel] [PATCH] PPC: Add wrapper for target long DCR operations
The recent transition to always have the DCR helper functions take 32 bit
values broke the PPC64 target, as tlong became 64 bits there.
This patch moves all translate.c callers to a _tl function that simply
calls the uint32_t functions. That way we don't need to mess with TCG
trying to pass registers as uint32_t variables to functions.
Fixes PPC64 build with --enable-debug-tcg
Signed-off-by: Alexander Graf
Reported-by: Stefan Weil
---
target-ppc/cpu.h |2 ++
target-ppc/helper.h|4 ++--
target-ppc/op_helper.c | 10 ++
target-ppc/translate.c | 12 ++--
4 files changed, 20 insertions(+), 8 deletions(-)
diff --git a/target-ppc/cpu.h b/target-ppc/cpu.h
index d15bba1..60a8b68 100644
--- a/target-ppc/cpu.h
+++ b/target-ppc/cpu.h
@@ -733,6 +733,8 @@ void ppc_store_slb (CPUPPCState *env, target_ulong rb,
target_ulong rs);
void ppc_store_sr (CPUPPCState *env, int srnum, target_ulong value);
#endif /* !defined(CONFIG_USER_ONLY) */
void ppc_store_msr (CPUPPCState *env, target_ulong value);
+void helper_store_dcr (uint32_t dcrn, uint32_t val);
+uint32_t helper_load_dcr (uint32_t dcrn);
void ppc_cpu_list (FILE *f, int (*cpu_fprintf)(FILE *f, const char *fmt, ...));
diff --git a/target-ppc/helper.h b/target-ppc/helper.h
index 40d4ced..86f0af7 100644
--- a/target-ppc/helper.h
+++ b/target-ppc/helper.h
@@ -359,8 +359,8 @@ DEF_HELPER_2(divo, tl, tl, tl)
DEF_HELPER_2(divs, tl, tl, tl)
DEF_HELPER_2(divso, tl, tl, tl)
-DEF_HELPER_1(load_dcr, i32, i32);
-DEF_HELPER_2(store_dcr, void, i32, i32)
+DEF_HELPER_1(load_dcr_tl, tl, tl);
+DEF_HELPER_2(store_dcr_tl, void, tl, tl)
DEF_HELPER_1(load_dump_spr, void, i32)
DEF_HELPER_1(store_dump_spr, void, i32)
diff --git a/target-ppc/op_helper.c b/target-ppc/op_helper.c
index cea27f2..6c375d3 100644
--- a/target-ppc/op_helper.c
+++ b/target-ppc/op_helper.c
@@ -1844,6 +1844,11 @@ uint32_t helper_load_dcr (uint32_t dcrn)
return val;
}
+target_ulong helper_load_dcr_tl (target_ulong dcrn)
+{
+return (uint32_t)helper_load_dcr((uint32_t)dcrn);
+}
+
void helper_store_dcr (uint32_t dcrn, uint32_t val)
{
if (unlikely(env->dcr_env == NULL)) {
@@ -1857,6 +1862,11 @@ void helper_store_dcr (uint32_t dcrn, uint32_t val)
}
}
+void helper_store_dcr_tl (target_ulong dcrn, target_ulong val)
+{
+helper_store_dcr((uint32_t)dcrn, (uint32_t)val);
+}
+
#if !defined(CONFIG_USER_ONLY)
void helper_40x_rfci (void)
{
diff --git a/target-ppc/translate.c b/target-ppc/translate.c
index d4e81ce..d83d196 100644
--- a/target-ppc/translate.c
+++ b/target-ppc/translate.c
@@ -5565,7 +5565,7 @@ static void gen_mfdcr(DisasContext *ctx)
/* NIP cannot be restored if the memory exception comes from an helper */
gen_update_nip(ctx, ctx->nip - 4);
dcrn = tcg_const_tl(SPR(ctx->opcode));
-gen_helper_load_dcr(cpu_gpr[rD(ctx->opcode)], dcrn);
+gen_helper_load_dcr_tl(cpu_gpr[rD(ctx->opcode)], dcrn);
tcg_temp_free(dcrn);
#endif
}
@@ -5584,7 +5584,7 @@ static void gen_mtdcr(DisasContext *ctx)
/* NIP cannot be restored if the memory exception comes from an helper */
gen_update_nip(ctx, ctx->nip - 4);
dcrn = tcg_const_tl(SPR(ctx->opcode));
-gen_helper_store_dcr(dcrn, cpu_gpr[rS(ctx->opcode)]);
+gen_helper_store_dcr_tl(dcrn, cpu_gpr[rS(ctx->opcode)]);
tcg_temp_free(dcrn);
#endif
}
@@ -5602,7 +5602,7 @@ static void gen_mfdcrx(DisasContext *ctx)
}
/* NIP cannot be restored if the memory exception comes from an helper */
gen_update_nip(ctx, ctx->nip - 4);
-gen_helper_load_dcr(cpu_gpr[rD(ctx->opcode)], cpu_gpr[rA(ctx->opcode)]);
+gen_helper_load_dcr_tl(cpu_gpr[rD(ctx->opcode)], cpu_gpr[rA(ctx->opcode)]);
/* Note: Rc update flag set leads to undefined state of Rc0 */
#endif
}
@@ -5620,7 +5620,7 @@ static void gen_mtdcrx(DisasContext *ctx)
}
/* NIP cannot be restored if the memory exception comes from an helper */
gen_update_nip(ctx, ctx->nip - 4);
-gen_helper_store_dcr(cpu_gpr[rA(ctx->opcode)], cpu_gpr[rS(ctx->opcode)]);
+gen_helper_store_dcr_tl(cpu_gpr[rA(ctx->opcode)],
cpu_gpr[rS(ctx->opcode)]);
/* Note: Rc update flag set leads to undefined state of Rc0 */
#endif
}
@@ -5630,7 +5630,7 @@ static void gen_mfdcrux(DisasContext *ctx)
{
/* NIP cannot be restored if the memory exception comes from an helper */
gen_update_nip(ctx, ctx->nip - 4);
-gen_helper_load_dcr(cpu_gpr[rD(ctx->opcode)], cpu_gpr[rA(ctx->opcode)]);
+gen_helper_load_dcr_tl(cpu_gpr[rD(ctx->opcode)], cpu_gpr[rA(ctx->opcode)]);
/* Note: Rc update flag set leads to undefined state of Rc0 */
}
@@ -5639,7 +5639,7 @@ static void gen_mtdcrux(DisasContext *ctx)
{
/* NIP cannot be restored if the memory exception comes from an helper */
gen_update_nip(ctx, ctx->nip - 4);
-gen_helper_store_dcr(cpu_gpr[rA(ctx->opcode)], cpu_gpr[rS(ctx->opcode)]);
+gen_helper_store_dcr_tl(cpu_gpr[rA(ctx->opcode)],
cpu_gpr[rS(ctx->opcode)]);
/* Note:
Re: [Qemu-devel] [PATCH 14/14] Add -fstack-protector-all to CFLAGS
On Thu, Dec 31, 2009 at 12:58 PM, Arnaud Patard wrote: > "Kirill A. Shutemov" writes: > Hi, > >> -fstack-protector-all emit extra code to check for buffer overflows, >> such as stack smashing attacks. This is done by adding a guard >> variable to functions with vulnerable objects. >> >> Signed-off-by: Kirill A. Shutemov >> --- >> configure | 1 + >> 1 files changed, 1 insertions(+), 0 deletions(-) >> >> diff --git a/configure b/configure >> index 0cdcdb3..16b70d8 100755 >> --- a/configure >> +++ b/configure >> @@ -98,6 +98,7 @@ QEMU_CFLAGS="-Wall -Wundef -Wendif-labels -Wwrite-strings >> -Wmissing-prototypes $ >> QEMU_CFLAGS="-Wstrict-prototypes -Wredundant-decls $QEMU_CFLAGS" >> QEMU_CFLAGS="-D_GNU_SOURCE -D_FILE_OFFSET_BITS=64 -D_LARGEFILE_SOURCE >> $QEMU_CFLAGS" >> QEMU_CFLAGS="-D_FORTIFY_SOURCE=2 $QEMU_CFLAGS" >> +QEMU_CFLAGS="-fstack-protector-all $QEMU_CFLAGS" > > afaik not all arches out there are supporting > -fstack-protector-all (to be more precise, some have no stack protector > support at all). iirc, gcc will emit a warning and still compile > but would be nice to avoid a warning. Thanks. Will be fixed.
Re: [Qemu-devel] [PATCH 12/14] linux-user/mmap.c: fix warnings with _FORTIFY_SOURCE
On Thu, Dec 31, 2009 at 12:50 PM, Arnaud Patard wrote: > "Kirill A. Shutemov" writes: > > Hi, > >> CC i386-linux-user/mmap.o >> cc1: warnings being treated as errors >> /usr/src/RPM/BUILD/qemu-0.11.92/linux-user/mmap.c: In function 'mmap_frag': >> /usr/src/RPM/BUILD/qemu-0.11.92/linux-user/mmap.c:253: error: ignoring >> return value of 'pread', declared with attribute warn_unused_result >> /usr/src/RPM/BUILD/qemu-0.11.92/linux-user/mmap.c: In function 'target_mmap': >> /usr/src/RPM/BUILD/qemu-0.11.92/linux-user/mmap.c:477: error: ignoring >> return value of 'pread', declared with attribute warn_unused_result >> make[1]: *** [mmap.o] Error 1 >> >> Signed-off-by: Kirill A. Shutemov >> --- >> linux-user/mmap.c | 6 -- >> 1 files changed, 4 insertions(+), 2 deletions(-) >> >> diff --git a/linux-user/mmap.c b/linux-user/mmap.c >> index 144fb7c..e496c64 100644 >> --- a/linux-user/mmap.c >> +++ b/linux-user/mmap.c >> @@ -250,7 +250,8 @@ static int mmap_frag(abi_ulong real_start, >> mprotect(host_start, qemu_host_page_size, prot1 | PROT_WRITE); >> >> /* read the corresponding file data */ >> - pread(fd, g2h(start), end - start, offset); >> + if (pread(fd, g2h(start), end - start, offset) == -1) >> + return -errno; > > This needs to be checked but iirc, it's wrong. One should set errno and > return -1. Please double check and fix if needed. Thanks.
Re: [Qemu-devel] [PATCH] debugcon: support for debugging consoles (e.g. Bochs port 0xe9)
On 12/30/2009 08:49 AM, Kevin O'Connor wrote: > On Tue, Dec 29, 2009 at 01:51:36PM -0800, H. Peter Anvin wrote: >> Add generic support for debugging consoles (simple I/O ports which >> when written to cause debugging output to be written to a target.) >> The current implementation matches Bochs' port 0xe9, allowing the same >> debugging code to be used for both Bochs and Qemu. >> >> There is no vm state associated with the debugging port, simply >> because it has none -- the entire interface is a single, stateless, >> write-only port. >> >> Most of the code was cribbed from the serial port driver. > > Hi, > > SeaBIOS writes debugging info to port 0x0402. Unfortunately, qemu has > to be recompiled in order to display this info. Will your patch > enable one to get at the 0x0402 data without recompiling? > Yes. -hpa -- H. Peter Anvin, Intel Open Source Technology Center I work for Intel. I don't speak on their behalf.
Re: [Qemu-devel] [PATCH] debugcon: support for debugging consoles (e.g. Bochs port 0xe9)
On 12/30/2009 08:49 AM, Kevin O'Connor wrote: > > Hi, > > SeaBIOS writes debugging info to port 0x0402. Unfortunately, qemu has > to be recompiled in order to display this info. Will your patch > enable one to get at the 0x0402 data without recompiling? > > -Kevin > Incidentally, it's somewhat unusual choice of ports... port 0x80 is the normal port for BIOSes to display debugging information on. -hpa -- H. Peter Anvin, Intel Open Source Technology Center I work for Intel. I don't speak on their behalf.
[Qemu-devel] [PATCH 01/15] Introduce qemu_write_full()
A variant of write(2) which handles partial write.
Signed-off-by: Kirill A. Shutemov
---
osdep.c | 27 +++
qemu-common.h |2 ++
2 files changed, 29 insertions(+), 0 deletions(-)
diff --git a/osdep.c b/osdep.c
index e4836e7..8ae48fe 100644
--- a/osdep.c
+++ b/osdep.c
@@ -243,6 +243,33 @@ int qemu_open(const char *name, int flags, ...)
return ret;
}
+/*
+ * A variant of write(2) which handles partial write.
+ *
+ * Return the number of bytes transferred.
+ * Set errno if fewer than `count' bytes are written.
+ */
+size_t qemu_write_full(int fd, const void *buf, size_t count)
+{
+ssize_t ret;
+size_t total = 0;
+
+while (count) {
+ret = write(fd, buf, count);
+if (ret < 0) {
+if (errno == EINTR)
+continue;
+break;
+}
+
+count -= ret;
+buf += ret;
+total += ret;
+}
+
+return total;
+}
+
#ifndef _WIN32
/*
* Creates a pipe with FD_CLOEXEC set on both file descriptors
diff --git a/qemu-common.h b/qemu-common.h
index 8630f8c..7231348 100644
--- a/qemu-common.h
+++ b/qemu-common.h
@@ -160,6 +160,8 @@ void qemu_mutex_lock_iothread(void);
void qemu_mutex_unlock_iothread(void);
int qemu_open(const char *name, int flags, ...);
+size_t qemu_write_full(int fd, const void *buf, size_t count)
+__attribute__ ((warn_unused_result));
void qemu_set_cloexec(int fd);
#ifndef _WIN32
--
1.6.5.7
[Qemu-devel] [PATCH 02/15] posix-aio-compat.c: fix warning with _FORTIFY_SOURCE
CCposix-aio-compat.o
cc1: warnings being treated as errors
posix-aio-compat.c: In function 'aio_signal_handler':
posix-aio-compat.c:505: error: ignoring return value of 'write', declared with
attribute warn_unused_result
make: *** [posix-aio-compat.o] Error 1
Signed-off-by: Kirill A. Shutemov
---
posix-aio-compat.c |5 -
1 files changed, 4 insertions(+), 1 deletions(-)
diff --git a/posix-aio-compat.c b/posix-aio-compat.c
index dc14f53..1272e84 100644
--- a/posix-aio-compat.c
+++ b/posix-aio-compat.c
@@ -501,8 +501,11 @@ static void aio_signal_handler(int signum)
{
if (posix_aio_state) {
char byte = 0;
+int ret;
-write(posix_aio_state->wfd, &byte, sizeof(byte));
+ret = write(posix_aio_state->wfd, &byte, sizeof(byte));
+if (ret < 0 && (errno != EINTR && errno != EAGAIN))
+die("write()");
}
qemu_service_io();
--
1.6.5.7
[Qemu-devel] [PATCH 03/15] block/cow.c: fix warnings with _FORTIFY_SOURCE
CCblock/cow.o
cc1: warnings being treated as errors
block/cow.c: In function 'cow_create':
block/cow.c:251: error: ignoring return value of 'write', declared with
attribute warn_unused_result
block/cow.c:253: error: ignoring return value of 'ftruncate', declared with
attribute warn_unused_result
make: *** [block/cow.o] Error 1
Signed-off-by: Kirill A. Shutemov
---
block/cow.c | 19 ---
1 files changed, 16 insertions(+), 3 deletions(-)
diff --git a/block/cow.c b/block/cow.c
index a70854e..ba07b97 100644
--- a/block/cow.c
+++ b/block/cow.c
@@ -209,6 +209,7 @@ static int cow_create(const char *filename,
QEMUOptionParameter *options)
struct stat st;
int64_t image_sectors = 0;
const char *image_filename = NULL;
+int ret;
/* Read out options */
while (options && options->name) {
@@ -248,11 +249,23 @@ static int cow_create(const char *filename,
QEMUOptionParameter *options)
}
cow_header.sectorsize = cpu_to_be32(512);
cow_header.size = cpu_to_be64(image_sectors * 512);
-write(cow_fd, &cow_header, sizeof(cow_header));
+ret = qemu_write_full(cow_fd, &cow_header, sizeof(cow_header));
+if (ret != sizeof(cow_header)) {
+ret = -errno;
+goto exit;
+}
+
/* resize to include at least all the bitmap */
-ftruncate(cow_fd, sizeof(cow_header) + ((image_sectors + 7) >> 3));
+ret = ftruncate(cow_fd, sizeof(cow_header) + ((image_sectors + 7) >> 3));
+if (ret) {
+ret = -errno;
+goto exit;
+}
+
+ret = 0;
+exit:
close(cow_fd);
-return 0;
+return ret;
}
static void cow_flush(BlockDriverState *bs)
--
1.6.5.7
[Qemu-devel] [PATCH 04/15] block/qcow.c: fix warnings with _FORTIFY_SOURCE
CCblock/qcow.o
cc1: warnings being treated as errors
block/qcow.c: In function 'qcow_create':
block/qcow.c:804: error: ignoring return value of 'write', declared with
attribute warn_unused_result
block/qcow.c:806: error: ignoring return value of 'write', declared with
attribute warn_unused_result
block/qcow.c:811: error: ignoring return value of 'write', declared with
attribute warn_unused_result
make: *** [block/qcow.o] Error 1
Signed-off-by: Kirill A. Shutemov
---
block/qcow.c | 25 +
1 files changed, 21 insertions(+), 4 deletions(-)
diff --git a/block/qcow.c b/block/qcow.c
index 7fc85ae..28cc092 100644
--- a/block/qcow.c
+++ b/block/qcow.c
@@ -750,6 +750,7 @@ static int qcow_create(const char *filename,
QEMUOptionParameter *options)
int64_t total_size = 0;
const char *backing_file = NULL;
int flags = 0;
+int ret;
/* Read out options */
while (options && options->name) {
@@ -801,17 +802,33 @@ static int qcow_create(const char *filename,
QEMUOptionParameter *options)
}
/* write all the data */
-write(fd, &header, sizeof(header));
+ret = qemu_write_full(fd, &header, sizeof(header));
+if (ret != sizeof(header)) {
+ret = -errno;
+goto exit;
+}
+
if (backing_file) {
-write(fd, backing_file, backing_filename_len);
+ret = qemu_write_full(fd, backing_file, backing_filename_len);
+if (ret != backing_filename_len) {
+ret = -errno;
+goto exit;
+}
}
lseek(fd, header_size, SEEK_SET);
tmp = 0;
for(i = 0;i < l1_size; i++) {
-write(fd, &tmp, sizeof(tmp));
+ret = qemu_write_full(fd, &tmp, sizeof(tmp));
+if (ret != sizeof(tmp)) {
+ret = -errno;
+goto exit;
+}
}
+
+ret = 0;
+exit:
close(fd);
-return 0;
+return ret;
}
static int qcow_make_empty(BlockDriverState *bs)
--
1.6.5.7
[Qemu-devel] [PATCH 05/15] block/vmdk.o: fix warnings with _FORTIFY_SOURCE
CCblock/vmdk.o
cc1: warnings being treated as errors
block/vmdk.c: In function 'vmdk_snapshot_create':
block/vmdk.c:236: error: ignoring return value of 'ftruncate', declared with
attribute warn_unused_result
block/vmdk.c: In function 'vmdk_create':
block/vmdk.c:775: error: ignoring return value of 'write', declared with
attribute warn_unused_result
block/vmdk.c:776: error: ignoring return value of 'write', declared with
attribute warn_unused_result
block/vmdk.c:778: error: ignoring return value of 'ftruncate', declared with
attribute warn_unused_result
block/vmdk.c:784: error: ignoring return value of 'write', declared with
attribute warn_unused_result
block/vmdk.c:790: error: ignoring return value of 'write', declared with
attribute warn_unused_result
block/vmdk.c:807: error: ignoring return value of 'write', declared with
attribute warn_unused_result
make: *** [block/vmdk.o] Error 1
Signed-off-by: Kirill A. Shutemov
---
block/vmdk.c | 50 --
1 files changed, 40 insertions(+), 10 deletions(-)
diff --git a/block/vmdk.c b/block/vmdk.c
index 4e48622..58fc04b 100644
--- a/block/vmdk.c
+++ b/block/vmdk.c
@@ -233,7 +233,8 @@ static int vmdk_snapshot_create(const char *filename, const
char *backing_file)
memset(&header, 0, sizeof(header));
memcpy(&header,&hdr[4], sizeof(header)); // skip the VMDK4_MAGIC
-ftruncate(snp_fd, header.grain_offset << 9);
+if (ftruncate(snp_fd, header.grain_offset << 9))
+goto fail;
/* the descriptor offset = 0x200 */
if (lseek(p_fd, 0x200, SEEK_SET) == -1)
goto fail;
@@ -716,6 +717,7 @@ static int vmdk_create(const char *filename,
QEMUOptionParameter *options)
int64_t total_size = 0;
const char *backing_file = NULL;
int flags = 0;
+int ret;
// Read out options
while (options && options->name) {
@@ -772,22 +774,44 @@ static int vmdk_create(const char *filename,
QEMUOptionParameter *options)
header.check_bytes[3] = 0xa;
/* write all the data */
-write(fd, &magic, sizeof(magic));
-write(fd, &header, sizeof(header));
+ret = qemu_write_full(fd, &magic, sizeof(magic));
+if (ret != sizeof(magic)) {
+ret = -errno;
+goto exit;
+}
+ret = qemu_write_full(fd, &header, sizeof(header));
+if (ret != sizeof(header)) {
+ret = -errno;
+goto exit;
+}
-ftruncate(fd, header.grain_offset << 9);
+ret = ftruncate(fd, header.grain_offset << 9);
+if (ret < 0) {
+ret = -errno;
+goto exit;
+}
/* write grain directory */
lseek(fd, le64_to_cpu(header.rgd_offset) << 9, SEEK_SET);
for (i = 0, tmp = header.rgd_offset + gd_size;
- i < gt_count; i++, tmp += gt_size)
-write(fd, &tmp, sizeof(tmp));
+ i < gt_count; i++, tmp += gt_size) {
+ret = qemu_write_full(fd, &tmp, sizeof(tmp));
+if (ret != sizeof(tmp)) {
+ret = -errno;
+goto exit;
+}
+}
/* write backup grain directory */
lseek(fd, le64_to_cpu(header.gd_offset) << 9, SEEK_SET);
for (i = 0, tmp = header.gd_offset + gd_size;
- i < gt_count; i++, tmp += gt_size)
-write(fd, &tmp, sizeof(tmp));
+ i < gt_count; i++, tmp += gt_size) {
+ret = qemu_write_full(fd, &tmp, sizeof(tmp));
+if (ret != sizeof(tmp)) {
+ret = -errno;
+goto exit;
+}
+}
/* compose the descriptor */
real_filename = filename;
@@ -804,10 +828,16 @@ static int vmdk_create(const char *filename,
QEMUOptionParameter *options)
/* write the descriptor */
lseek(fd, le64_to_cpu(header.desc_offset) << 9, SEEK_SET);
-write(fd, desc, strlen(desc));
+ret = qemu_write_full(fd, desc, strlen(desc));
+if (ret != strlen(desc)) {
+ret = -errno;
+goto exit;
+}
+ret = 0;
+exit:
close(fd);
-return 0;
+return ret;
}
static void vmdk_close(BlockDriverState *bs)
--
1.6.5.7
[Qemu-devel] [PATCH 06/15] block/vvfat.c: fix warnings with _FORTIFY_SOURCE
CCblock/vvfat.o
cc1: warnings being treated as errors
block/vvfat.c: In function 'commit_one_file':
block/vvfat.c:2259: error: ignoring return value of 'ftruncate', declared with
attribute warn_unused_result
make: *** [block/vvfat.o] Error 1
CCblock/vvfat.o
In file included from /usr/include/stdio.h:912,
from ./qemu-common.h:19,
from block/vvfat.c:27:
In function 'snprintf',
inlined from 'init_directories' at block/vvfat.c:871,
inlined from 'vvfat_open' at block/vvfat.c:1068:
/usr/include/bits/stdio2.h:65: error: call to __builtin___snprintf_chk will
always overflow destination buffer
make: *** [block/vvfat.o] Error 1
Signed-off-by: Kirill A. Shutemov
---
block/vvfat.c |7 +--
1 files changed, 5 insertions(+), 2 deletions(-)
diff --git a/block/vvfat.c b/block/vvfat.c
index 063f731..8140dbc 100644
--- a/block/vvfat.c
+++ b/block/vvfat.c
@@ -868,7 +868,7 @@ static int init_directories(BDRVVVFATState* s,
{
direntry_t* entry=array_get_next(&(s->directory));
entry->attributes=0x28; /* archive | volume label */
- snprintf((char*)entry->name,11,"QEMU VVFAT");
+memcpy(entry->name, "QEMU VVFAT", 11);
}
/* Now build FAT, and write back information into directory */
@@ -2256,7 +2256,10 @@ static int commit_one_file(BDRVVVFATState* s,
c = c1;
}
-ftruncate(fd, size);
+if (ftruncate(fd, size)) {
+perror("ftruncate()");
+abort();
+}
close(fd);
return commit_mappings(s, first_cluster, dir_index);
--
1.6.5.7
[Qemu-devel] [PATCH 07/15] block/qcow2.c: fix warnings with _FORTIFY_SOURCE
CCblock/qcow2.o
cc1: warnings being treated as errors
block/qcow2.c: In function 'qcow_create2':
block/qcow2.c:829: error: ignoring return value of 'write', declared with
attribute warn_unused_result
block/qcow2.c:838: error: ignoring return value of 'write', declared with
attribute warn_unused_result
block/qcow2.c:839: error: ignoring return value of 'write', declared with
attribute warn_unused_result
block/qcow2.c:841: error: ignoring return value of 'write', declared with
attribute warn_unused_result
block/qcow2.c:844: error: ignoring return value of 'write', declared with
attribute warn_unused_result
block/qcow2.c:849: error: ignoring return value of 'write', declared with
attribute warn_unused_result
block/qcow2.c:852: error: ignoring return value of 'write', declared with
attribute warn_unused_result
block/qcow2.c:855: error: ignoring return value of 'write', declared with
attribute warn_unused_result
make: *** [block/qcow2.o] Error 1
Signed-off-by: Kirill A. Shutemov
---
block/qcow2.c | 55 +--
1 files changed, 45 insertions(+), 10 deletions(-)
diff --git a/block/qcow2.c b/block/qcow2.c
index 984264b..1874124 100644
--- a/block/qcow2.c
+++ b/block/qcow2.c
@@ -743,7 +743,7 @@ static int qcow_create2(const char *filename, int64_t
total_size,
uint64_t tmp, offset;
QCowCreateState s1, *s = &s1;
QCowExtension ext_bf = {0, 0};
-
+int ret;
memset(s, 0, sizeof(*s));
@@ -826,7 +826,11 @@ static int qcow_create2(const char *filename, int64_t
total_size,
ref_clusters * s->cluster_size);
/* write all the data */
-write(fd, &header, sizeof(header));
+ret = qemu_write_full(fd, &header, sizeof(header));
+if (ret != sizeof(header)) {
+ret = -errno;
+goto exit;
+}
if (backing_file) {
if (backing_format_len) {
char zero[16];
@@ -835,25 +839,56 @@ static int qcow_create2(const char *filename, int64_t
total_size,
memset(zero, 0, sizeof(zero));
cpu_to_be32s(&ext_bf.magic);
cpu_to_be32s(&ext_bf.len);
-write(fd, &ext_bf, sizeof(ext_bf));
-write(fd, backing_format, backing_format_len);
+ret = qemu_write_full(fd, &ext_bf, sizeof(ext_bf));
+if (ret != sizeof(ext_bf)) {
+ret = -errno;
+goto exit;
+}
+ret = qemu_write_full(fd, backing_format, backing_format_len);
+if (ret != backing_format_len) {
+ret = -errno;
+goto exit;
+}
if (padding > 0) {
-write(fd, zero, padding);
+ret = qemu_write_full(fd, zero, padding);
+if (ret != padding) {
+ret = -errno;
+goto exit;
+}
}
}
-write(fd, backing_file, backing_filename_len);
+ret = qemu_write_full(fd, backing_file, backing_filename_len);
+if (ret != backing_filename_len) {
+ret = -errno;
+goto exit;
+}
}
lseek(fd, s->l1_table_offset, SEEK_SET);
tmp = 0;
for(i = 0;i < l1_size; i++) {
-write(fd, &tmp, sizeof(tmp));
+ret = qemu_write_full(fd, &tmp, sizeof(tmp));
+if (ret != sizeof(tmp)) {
+ret = -errno;
+goto exit;
+}
}
lseek(fd, s->refcount_table_offset, SEEK_SET);
-write(fd, s->refcount_table, s->cluster_size);
+ret = qemu_write_full(fd, s->refcount_table, s->cluster_size);
+if (ret != s->cluster_size) {
+ret = -errno;
+goto exit;
+}
lseek(fd, s->refcount_block_offset, SEEK_SET);
-write(fd, s->refcount_block, ref_clusters * s->cluster_size);
+ret = qemu_write_full(fd, s->refcount_block,
+ref_clusters * s->cluster_size);
+if (ret != s->cluster_size) {
+ret = -errno;
+goto exit;
+}
+ret = 0;
+exit:
qemu_free(s->refcount_table);
qemu_free(s->refcount_block);
close(fd);
@@ -867,7 +902,7 @@ static int qcow_create2(const char *filename, int64_t
total_size,
bdrv_close(bs);
}
-return 0;
+return ret;
}
static int qcow_create(const char *filename, QEMUOptionParameter *options)
--
1.6.5.7
[Qemu-devel] [PATCH 08/15] net/slirp.c: fix warning with _FORTIFY_SOURCE
CCnet/slirp.o
cc1: warnings being treated as errors
net/slirp.c: In function 'slirp_smb_cleanup':
net/slirp.c:470: error: ignoring return value of 'system', declared with
attribute warn_unused_result
make: *** [net/slirp.o] Error 1
Signed-off-by: Kirill A. Shutemov
---
net/slirp.c |9 -
1 files changed, 8 insertions(+), 1 deletions(-)
diff --git a/net/slirp.c b/net/slirp.c
index 3f91c4b..ef7c8e4 100644
--- a/net/slirp.c
+++ b/net/slirp.c
@@ -464,10 +464,17 @@ int net_slirp_redir(const char *redir_str)
static void slirp_smb_cleanup(SlirpState *s)
{
char cmd[128];
+int ret;
if (s->smb_dir[0] != '\0') {
snprintf(cmd, sizeof(cmd), "rm -rf %s", s->smb_dir);
-system(cmd);
+ret = system(cmd);
+if (ret == -1) {
+perror("system()");
+} else if (WEXITSTATUS(ret)) {
+qemu_error("'%s' failed. Error code: %d\n",
+cmd, WEXITSTATUS(ret));
+}
s->smb_dir[0] = '\0';
}
}
--
1.6.5.7
[Qemu-devel] [PATCH 09/15] usb-linux.c: fix warning with _FORTIFY_SOURCE
CCusb-linux.o
cc1: warnings being treated as errors
usb-linux.c: In function 'usb_host_read_file':
usb-linux.c:1204: error: ignoring return value of 'fgets', declared with
attribute warn_unused_result
make: *** [usb-linux.o] Error 1
Signed-off-by: Kirill A. Shutemov
---
usb-linux.c |8 ++--
1 files changed, 6 insertions(+), 2 deletions(-)
diff --git a/usb-linux.c b/usb-linux.c
index 88728e9..8673474 100644
--- a/usb-linux.c
+++ b/usb-linux.c
@@ -1201,9 +1201,13 @@ static int usb_host_read_file(char *line, size_t
line_size, const char *device_f
device_file);
f = fopen(filename, "r");
if (f) {
-fgets(line, line_size, f);
+if (fgets(line, line_size, f)) {
+ret = 1;
+} else {
+ret = 0;
+}
+
fclose(f);
-ret = 1;
#if 0
} else {
if (mon)
--
1.6.5.7
[Qemu-devel] [PATCH 11/15] monitor.c: fix warnings with _FORTIFY_SOURCE
CCi386-softmmu/monitor.o
cc1: warnings being treated as errors
/usr/src/RPM/BUILD/qemu-0.11.92/monitor.c: In function 'do_memory_save':
/usr/src/RPM/BUILD/qemu-0.11.92/monitor.c:1318: error: ignoring return value of
'fwrite', declared with attribute warn_unused_result
/usr/src/RPM/BUILD/qemu-0.11.92/monitor.c: In function
'do_physical_memory_save':
/usr/src/RPM/BUILD/qemu-0.11.92/monitor.c:1345: error: ignoring return value of
'fwrite', declared with attribute warn_unused_result
make[1]: *** [monitor.o] Error 1
Signed-off-by: Kirill A. Shutemov
---
monitor.c | 12 ++--
1 files changed, 10 insertions(+), 2 deletions(-)
diff --git a/monitor.c b/monitor.c
index c0dc48e..54c7323 100644
--- a/monitor.c
+++ b/monitor.c
@@ -1320,10 +1320,14 @@ static void do_memory_save(Monitor *mon, const QDict
*qdict, QObject **ret_data)
if (l > size)
l = size;
cpu_memory_rw_debug(env, addr, buf, l, 0);
-fwrite(buf, 1, l, f);
+if (fwrite(buf, 1, l, f) != l) {
+monitor_printf(mon, "fwrite() failed\n");
+goto exit;
+}
addr += l;
size -= l;
}
+exit:
fclose(f);
}
@@ -1347,11 +1351,15 @@ static void do_physical_memory_save(Monitor *mon, const
QDict *qdict,
if (l > size)
l = size;
cpu_physical_memory_rw(addr, buf, l, 0);
-fwrite(buf, 1, l, f);
+if (fwrite(buf, 1, l, f) != l) {
+monitor_printf(mon, "fwrite() failed\n");
+goto exit;
+}
fflush(f);
addr += l;
size -= l;
}
+exit:
fclose(f);
}
--
1.6.5.7
[Qemu-devel] [PATCH 10/15] vl.c: fix warning with _FORTIFY_SOURCE
CCi386-softmmu/vl.o
cc1: warnings being treated as errors
/usr/src/RPM/BUILD/qemu-0.11.92/vl.c: In function 'qemu_event_increment':
/usr/src/RPM/BUILD/qemu-0.11.92/vl.c:3404: error: ignoring return value of
'write', declared with attribute warn_unused_result
/usr/src/RPM/BUILD/qemu-0.11.92/vl.c: In function 'main':
/usr/src/RPM/BUILD/qemu-0.11.92/vl.c:5774: error: ignoring return value of
'write', declared with attribute warn_unused_result
/usr/src/RPM/BUILD/qemu-0.11.92/vl.c:6064: error: ignoring return value of
'chdir', declared with attribute warn_unused_result
/usr/src/RPM/BUILD/qemu-0.11.92/vl.c:6083: error: ignoring return value of
'chdir', declared with attribute warn_unused_result
make[1]: *** [vl.o] Error 1
Signed-off-by: Kirill A. Shutemov
---
vl.c | 33 +
1 files changed, 21 insertions(+), 12 deletions(-)
diff --git a/vl.c b/vl.c
index e881e45..7fcde35 100644
--- a/vl.c
+++ b/vl.c
@@ -3390,11 +3390,17 @@ static int io_thread_fd = -1;
static void qemu_event_increment(void)
{
static const char byte = 0;
+int ret;
if (io_thread_fd == -1)
return;
-write(io_thread_fd, &byte, sizeof(byte));
+ret = write(io_thread_fd, &byte, sizeof(byte));
+if (ret < 0 && (errno != EINTR && errno != EAGAIN)) {
+fprintf(stderr, "qemu_event_increment: write() filed: %s\n",
+strerror(errno));
+exit (1);
+}
}
static void qemu_event_read(void *opaque)
@@ -5778,7 +5784,10 @@ int main(int argc, char **argv, char **envp)
#ifndef _WIN32
if (daemonize) {
uint8_t status = 1;
-write(fds[1], &status, 1);
+if (qemu_write_full(fds[1], &status, 1) != 1) {
+perror("write()");
+exit(1);
+}
} else
#endif
fprintf(stderr, "Could not acquire pid file: %s\n",
strerror(errno));
@@ -6065,18 +6074,15 @@ int main(int argc, char **argv, char **envp)
#ifndef _WIN32
if (daemonize) {
uint8_t status = 0;
- ssize_t len;
-again1:
- len = write(fds[1], &status, 1);
- if (len == -1 && (errno == EINTR))
- goto again1;
-
- if (len != 1)
+ if (qemu_write_full(fds[1], &status, 1) != 1)
exit(1);
- chdir("/");
- TFR(fd = qemu_open("/dev/null", O_RDWR));
+if (chdir("/")) {
+perror("chdir()");
+exit(1);
+}
+TFR(fd = qemu_open("/dev/null", O_RDWR));
if (fd == -1)
exit(1);
}
@@ -6094,7 +6100,10 @@ int main(int argc, char **argv, char **envp)
fprintf(stderr, "chroot failed\n");
exit(1);
}
-chdir("/");
+if (chdir("/")) {
+perror("chdir()");
+exit(1);
+}
}
if (run_as) {
--
1.6.5.7
[Qemu-devel] [PATCH 12/15] linux-user/mmap.c: fix warnings with _FORTIFY_SOURCE
CCi386-linux-user/mmap.o
cc1: warnings being treated as errors
/usr/src/RPM/BUILD/qemu-0.11.92/linux-user/mmap.c: In function 'mmap_frag':
/usr/src/RPM/BUILD/qemu-0.11.92/linux-user/mmap.c:253: error: ignoring return
value of 'pread', declared with attribute warn_unused_result
/usr/src/RPM/BUILD/qemu-0.11.92/linux-user/mmap.c: In function 'target_mmap':
/usr/src/RPM/BUILD/qemu-0.11.92/linux-user/mmap.c:477: error: ignoring return
value of 'pread', declared with attribute warn_unused_result
make[1]: *** [mmap.o] Error 1
Signed-off-by: Kirill A. Shutemov
test
---
linux-user/mmap.c |6 --
1 files changed, 4 insertions(+), 2 deletions(-)
diff --git a/linux-user/mmap.c b/linux-user/mmap.c
index 144fb7c..c1c7e48 100644
--- a/linux-user/mmap.c
+++ b/linux-user/mmap.c
@@ -250,7 +250,8 @@ static int mmap_frag(abi_ulong real_start,
mprotect(host_start, qemu_host_page_size, prot1 | PROT_WRITE);
/* read the corresponding file data */
-pread(fd, g2h(start), end - start, offset);
+if (pread(fd, g2h(start), end - start, offset) == -1)
+return -1;
/* put final protection */
if (prot_new != (prot1 | PROT_WRITE))
@@ -474,7 +475,8 @@ abi_long target_mmap(abi_ulong start, abi_ulong len, int
prot,
-1, 0);
if (retaddr == -1)
goto fail;
-pread(fd, g2h(start), len, offset);
+if (pread(fd, g2h(start), len, offset) == -1)
+goto fail;
if (!(prot & PROT_WRITE)) {
ret = target_mprotect(start, len, prot);
if (ret != 0) {
--
1.6.5.7
[Qemu-devel] [PATCH 13/15] Enable _FORTIFY_SOURCE=2
_FORTIFY_SOURCE is a Glibc feature which adds memory and string function protection. Signed-off-by: Kirill A. Shutemov --- configure |2 +- 1 files changed, 1 insertions(+), 1 deletions(-) diff --git a/configure b/configure index 18aed43..0cdcdb3 100755 --- a/configure +++ b/configure @@ -97,7 +97,7 @@ CFLAGS="-g $CFLAGS" QEMU_CFLAGS="-Wall -Wundef -Wendif-labels -Wwrite-strings -Wmissing-prototypes $QEMU_CFLAGS" QEMU_CFLAGS="-Wstrict-prototypes -Wredundant-decls $QEMU_CFLAGS" QEMU_CFLAGS="-D_GNU_SOURCE -D_FILE_OFFSET_BITS=64 -D_LARGEFILE_SOURCE $QEMU_CFLAGS" -QEMU_CFLAGS="-U_FORTIFY_SOURCE $QEMU_CFLAGS" +QEMU_CFLAGS="-D_FORTIFY_SOURCE=2 $QEMU_CFLAGS" QEMU_CFLAGS="-I. -I\$(SRC_PATH) $QEMU_CFLAGS" LDFLAGS="-g $LDFLAGS" -- 1.6.5.7
[Qemu-devel] [PATCH 14/15] Add -fstack-protector-all to CFLAGS
-fstack-protector-all emit extra code to check for buffer overflows,
such as stack smashing attacks. This is done by adding a guard
variable to functions with vulnerable objects.
Signed-off-by: Kirill A. Shutemov
---
configure |8
1 files changed, 8 insertions(+), 0 deletions(-)
diff --git a/configure b/configure
index 0cdcdb3..ec4175a 100755
--- a/configure
+++ b/configure
@@ -123,6 +123,14 @@ else
exit 1
fi
+# check -fstack-protector-all
+cat > $TMPC << EOF
+int foo(void) {char X[2]; return 3;}
+EOF
+if compile_object "$QEMU_CFLAGS" -fstack-protector-all; then
+QEMU_CFLAGS="-fstack-protector-all $QEMU_CFLAGS"
+fi
+
check_define() {
cat > $TMPC <
[Qemu-devel] [PATCH 15/15] linux-user: fix return value of mmap_frag()
mmap_frag() returns -1 on error and set errno.
Signed-off-by: Kirill A. Shutemov
---
linux-user/mmap.c |6 --
1 files changed, 4 insertions(+), 2 deletions(-)
diff --git a/linux-user/mmap.c b/linux-user/mmap.c
index c1c7e48..47bc339 100644
--- a/linux-user/mmap.c
+++ b/linux-user/mmap.c
@@ -242,8 +242,10 @@ static int mmap_frag(abi_ulong real_start,
/* msync() won't work here, so we return an error if write is
possible while it is a shared mapping */
if ((flags & MAP_TYPE) == MAP_SHARED &&
-(prot & PROT_WRITE))
-return -EINVAL;
+(prot & PROT_WRITE)) {
+errno = -EINVAL;
+return -1;
+}
/* adjust protection to be able to read */
if (!(prot1 & PROT_WRITE))
--
1.6.5.7
[Qemu-devel] USB-UHCI skipping frames from the frame list
Given below is the debug o/p from usb-uhci,strangely it seems to skip the frames after 118 it jumps to 145 .. similar is the case with frame 0 , it doesn't load frame 0 rather jumps to frame 1.The guest is minix 3.1.5 and the o/p was generated from the driver under development,i have notice the same behavior with NetBSD uhci: new frame #117 uhci: processing frame 117 addr 0x125251d4 uhci: TD 0x11cc02a0 load. link 0x125272a2 ctrl 0x200 token 0x0 qh 0x0 uhci: TD 0x11cc02a0 skip. link 0x125272a2 ctrl 0x200 token 0x0 qh 0x0 uhci: QH 0x125272a2 load. link 0x12529002 elink 0x1 uhci: QH 0x12529002 load. link 0x12528002 elink 0x1 uhci: QH 0x12528002 load. link 0x12526002 elink 0x1 uhci: QH 0x12526002 load. link 0x1 elink 0x11cc1000 uhci: TD 0x11cc1000 load. link 0x1 ctrl 0x0 token 0x0 qh 0x12526002 uhci: TD 0x11cc1000 skip. link 0x1 ctrl 0x0 token 0x0 qh 0x12526002 uhci: new frame #118 uhci: processing frame 118 addr 0x125251d8 uhci: TD 0x11cc02c0 load. link 0x125272c2 ctrl 0x200 token 0x0 qh 0x0 uhci: TD 0x11cc02c0 skip. link 0x125272c2 ctrl 0x200 token 0x0 qh 0x0 uhci: QH 0x125272c2 load. link 0x12529002 elink 0x1 uhci: new frame #145 uhci: processing frame 145 addr 0x12525244 uhci: TD 0x11cc0220 load. link 0x12527222 ctrl 0x200 token 0x0 qh 0x0 uhci: TD 0x11cc0220 skip. link 0x12527222 ctrl 0x200 token 0x0 qh 0x0 uhci: QH 0x12527222 load. link 0x12529002 elink 0x1 uhci: QH 0x12529002 load. link 0x12528002 elink 0x1 uhci: QH 0x12528002 load. link 0x12526002 elink 0x1 uhci: QH 0x12526002 load. link 0x1 elink 0x11cc1000 uhci: TD 0x11cc1000 load. link 0x1 ctrl 0x0 token 0x0 qh 0x12526002 uhci: TD 0x11cc1000 skip. link 0x1 ctrl 0x0 token 0x0 qh 0x12526002 uhci: new frame #146 uhci: processing frame 146 addr 0x12525248
