- Sep 08, 2023
-
-
Hanna Czenczek authoredFor image creation code, we have central fallback code for protocols that do not support creating new images (like NBD or iscsi). So for them, you can only specify existing paths/exports that are overwritten to make clean new images. In such a case, if the given path cannot be opened (assuming a pre-existing image there), we print an error message that tries to describe what is going on: That with this protocol, you cannot create new images, but only overwrite existing ones; and the given path could not be opened as a pre-existing image. However, the current message is confusing, because it does not say that the protocol in question does not support creating new images, but instead that "image creation" is unsupported. This can be interpreted to mean that `qemu-img create` will not work in principle, which is not true. Be more verbose for clarity. Buglink: https://bugzilla.redhat.com/show_bug.cgi?id=2217204 Signed-off-by:
Hanna Czenczek <hreitz@redhat.com>
Message-ID: <20230720140024.46836-1-hreitz@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Reviewed-by: Kevin Wolf <kwolf@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com> -
Peter Maydell authored
In block/iscsi.c we use a raw malloc() call, which is unusual given the project standard is to use the glib memory allocation functions. Document why we do so, to avoid it being converted to g_malloc() by mistake. Signed-off-by:
Peter Maydell <peter.maydell@linaro.org>
Message-ID: <20230727150705.2664464-1-peter.maydell@linaro.org>
Reviewed-by: Kevin Wolf <kwolf@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com> -
Michael Tokarev authored
I'm getting io-qcow2-244 test failure on mips* due to output mismatch: Take an internal snapshot: -qemu-img: Could not create snapshot 'test': -95 (Operation not supported) +qemu-img: Could not create snapshot 'test': -122 (Operation not supported) No errors were found on the image. This is because errno values might be different across different architectures. This error message in qemu-img.c is the only one which prints errno directly, all the rest print strerror(errno) only. Fix this error message and the expected output of the 3 test cases too. Signed-off-by:
Michael Tokarev <mjt@tls.msk.ru>
Message-ID: <20230811110946.2435067-1-mjt@tls.msk.ru>
Reviewed-by: Kevin Wolf <kwolf@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com> -
Stefan Hajnoczi authored
CoMutex has poor performance when lock contention is high. The tracked requests list is accessed frequently and performance suffers in QEMU multi-queue block layer scenarios. It is not necessary to use CoMutex for the requests lock. The lock is always released across coroutine yield operations. It is held for relatively short periods of time and it is not beneficial to yield when the lock is held by another coroutine. Change the lock type from CoMutex to QemuMutex to improve multi-queue block layer performance. fio randread bs=4k iodepth=64 with 4 IOThreads handling a virtio-blk device with 8 virtqueues improves from 254k to 517k IOPS (+203%). Full benchmark results and configuration details are available here: https://gitlab.com/stefanha/virt-playbooks/-/commit/980c40845d540e3669add1528739503c2e817b57 In the future we may wish to introduce thread-local tracked requests lists to avoid lock contention completely. That would be much more involved though. Signed-off-by:
Stefan Hajnoczi <stefanha@redhat.com>
Message-ID: <20230808155852.2745350-3-stefanha@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Reviewed-by: Kevin Wolf <kwolf@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com> -
Stefan Hajnoczi authored
Signed-off-by:
Stefan Hajnoczi <stefanha@redhat.com>
Message-ID: <20230808155852.2745350-2-stefanha@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Reviewed-by: Kevin Wolf <kwolf@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com> -
Fiona Ebner authored
Since commit ca2a5e63 ("qemu_cleanup: begin drained section after vm_shutdown()"), there will be an additional pause for jobs during qemu_cleanup(). The reason is that the bdrv_drain_all() call in do_vm_stop() is not inside the drained section used by qemu_cleanup() anymore. I.e., there is a second drained section now that ends before the final one in qemu_cleanup() starts. Thus, job_pause() is called twice during cleanup (via child_job_drained_begin()). Test 185 needs to be adapted directly too, because it waits for a specific number of JOB_STATUS_CHANGE events before the BLOCK_JOB_CANCELLED event. Reported-by:
Kevin Wolf <kwolf@redhat.com>
Signed-off-by: Fiona Ebner <f.ebner@proxmox.com>
Message-ID: <20230817112538.255111-1-f.ebner@proxmox.com>
Reviewed-by: Kevin Wolf <kwolf@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com> -
Philippe Mathieu-Daudé authored
Use autofree heap allocation instead of variable-length array on the stack. Here we don't expect the bitmap size to be enormous, and since we're about to read/write it to disk the overhead of the allocation should be fine. The codebase has very few VLAs, and if we can get rid of them all we can make the compiler error on new additions. This is a defensive measure against security bugs where an on-stack dynamic allocation isn't correctly size-checked (e.g. CVE-2021-3527). Signed-off-by:
Philippe Mathieu-Daudé <philmd@redhat.com>
[PMM: expanded commit message]
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Message-ID: <20230811175229.808139-1-peter.maydell@linaro.org>
Reviewed-by: Kevin Wolf <kwolf@redhat.com>
Reviewed-by: Francisco Iglesias <frasse.iglesias@gmail.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
-
- Sep 07, 2023
-
-
https://gitlab.com/jsnow/qemuStefan Hajnoczi authored
IDE Pull request # -----BEGIN PGP SIGNATURE----- # # iQIzBAABCAAdFiEE+ber27ys35W+dsvQfe+BBqr8OQ4FAmT5RpYACgkQfe+BBqr8 # OQ7GuA//S/gyyqsnltz4W9D0liaan1a2YsSx7Q2gcKdotdmFwgEHWWuVKorCteQt # 1AtkFiA1bawF9ZSRQIpQzMNDOkSJHOs/0HXhdbNRs6JZ6C+c/aLnNSpxIfFpkP3I # Wcrmi98F8zHlRc+KGqvZFHW+woqWJxTvglG4OmpMhMWCZRuqADeaxWaywgSXxlK+ # MtmpsslPeTxHdwa6ijXCJd2ghP59z391Ulo4kZ7YOMou/YLEd/AnezBDtepDGnbb # TnyDcvGf+Dp5nJ4Rcp22frZdcxb44+wt2QlQFDp+h6r7KzIEwGIK2LL37sN8VHwU # B8GbYkjoPnau2cOaLgmpC1reWkdwaiXfaI+1B/35/jg6hwYHFe6F03+JstMWXHXt # ++Wy4MKDx5wRt7cmOu6htS776UC15NMcZB0AzxQuE5mL+eSNp1n5Nw5UW2iD/USL # LD2dlMO05acdqn2iXoMTX/K1cUo1wRkEns7PISk+F2ve0PTS1RJUvuiNXs+aDrt9 # +AfE/e025YMQY8CWLiaihfNH7/QY8vS874SrcDr5rtfhitu16nqq5JpjnyzkqgbR # PE+5JWT3QGBOcDMQeNUDfxFlcCVDm3ffIKo/7/PDCfeKQsJkG/nVGF7OmlAVmoUD # GsvIlKBegIQvpp8LRabzfeTfbj7NGKFwaShQ6wcqxOakjy+iKx8= # =ZRVt # -----END PGP SIGNATURE----- # gpg: Signature made Wed 06 Sep 2023 23:42:14 EDT # gpg: using RSA key F9B7ABDBBCACDF95BE76CBD07DEF8106AAFC390E # gpg: Good signature from "John Snow (John Huston) <jsnow@redhat.com>" [unknown] # gpg: WARNING: This key is not certified with a trusted signature! # gpg: There is no indication that the signature belongs to the owner. # Primary key fingerprint: FAEB 9711 A12C F475 812F 18F2 88A9 064D 1835 61EB # Subkey fingerprint: F9B7 ABDB BCAC DF95 BE76 CBD0 7DEF 8106 AAFC 390E * tag 'ide-pull-request' of https://gitlab.com/jsnow/qemu : hw/ide/ahci: fix broken SError handling hw/ide/ahci: fix ahci_write_fis_sdb() hw/ide/ahci: PxCI should not get cleared when ERR_STAT is set hw/ide/ahci: PxSACT and PxCI is cleared when PxCMD.ST is cleared hw/ide/ahci: simplify and document PxCI handling hw/ide/ahci: write D2H FIS when processing NCQ command hw/ide/core: set ERR_STAT in unsupported command completion Signed-off-by:
Stefan Hajnoczi <stefanha@redhat.com> -
https://src.openvz.org/scm/~den/qemuStefan Hajnoczi authored
Parallels format driver changes: * Fix comments formatting inside parallels driver * Incorrect data end calculation in parallels_open() * Check if data_end greater than the file size * Add "explicit" argument to parallels_check_leak() * Add data_start field to BDRVParallelsState * Add checking and repairing duplicate offsets in BAT * Image repairing in parallels_open() * Use bdrv_co_getlength() in parallels_check_outside_image() * Add data_off check * Add data_off repairing to parallels_open() * Fix record in MAINTAINERS Parallels format driver tests: * Add out-of-image check test for parallels format * Add leak check test for parallels format * Add test for BAT entries duplication check * Refactor tests of parallels images checks (131) * Fix cluster size in parallels images tests (131) * Fix test 131 after repair was added to parallels_open() * Add test for data_off check # -----BEGIN PGP SIGNATURE----- # # iQHDBAABCgAtFiEE9vE2f3B8+RUZInytPzClrpN3nJ8FAmT4nUgPHGRlbkBvcGVu # dnoub3JnAAoJED8wpa6Td5yf1F4L/j4RsGv+NRJRqZb9JNn2wUm4JdWGyv6ftuuh # hT25F44B5S6J3tR3LalDFxHpr+kCXD1Xa3ZJNK14d1G9atw7Bsp5ntxpCmzEALBk # 0PH+5fvNuhvt4ZnuYwQX70n3ZmalgzGpwf/jbs9mXUhdLinEr1RWi2f9yfCLmeZU # x+0MSOhAdC6ZVsJOTJhGuRWWKL1q5KteuTwQlRCwDay8KF/Mc1OS/iPFqfmlWenM # dc88PZBlg2Le15sWWNLc1AZHYguO+4xEPw6fk6RcswccILB2gCUPS6BJB0AuKNOO # STPIgzUFMXfgIFhNUOvz58A7UnQGI4dMsRe/2UJIG+Y3qkM4DpjcZ7U/rHxhR6t0 # +GeeLS+a+aObz79TpB3gZi7leX2bpRUZ8nLkaAnL2umhtdFo5sdqD3xo4xcg4Ebk # TbYSmgIM0eZ75d+48g7A+ddkyKYCmworGS9g9Cry6udclbs8yXhVB8KkUbYwtJlC # HtNzgaWlw6J7n0MoSpz4OQVKq3bY0A== # =grCk # -----END PGP SIGNATURE----- # gpg: Signature made Wed 06 Sep 2023 11:39:52 EDT # gpg: using RSA key F6F1367F707CF91519227CAD3F30A5AE93779C9F # gpg: issuer "den@openvz.org" # gpg: Good signature from "Denis V. Lunev <den@openvz.org>" [unknown] # gpg: WARNING: The key's User ID is not certified with a trusted signature! # gpg: There is no indication that the signature belongs to the owner. # Primary key fingerprint: F6F1 367F 707C F915 1922 7CAD 3F30 A5AE 9377 9C9F * tag 'pull-parallels-2023-09-06' of https://src.openvz.org/scm/~den/qemu : iotests: Add test for data_off check iotests: Fix test 131 after repair was added to parallels_open() iotests: Fix cluster size in parallels images tests (131) iotests: Refactor tests of parallels images checks (131) iotests: Add test for BAT entries duplication check iotests: Add leak check test for parallels format iotests: Add out-of-image check test for parallels format parallels: Add data_off repairing to parallels_open() parallels: Add data_off check parallels: Use bdrv_co_getlength() in parallels_check_outside_image() parallels: Image repairing in parallels_open() parallels: Add checking and repairing duplicate offsets in BAT parallels: Add data_start field to BDRVParallelsState parallels: Add "explicit" argument to parallels_check_leak() parallels: Check if data_end greater than the file size parallels: Incorrect data end calculation in parallels_open() parallels: Fix comments formatting inside parallels driver MAINTAINERS: add tree to keep parallels format driver changes Signed-off-by:
Stefan Hajnoczi <stefanha@redhat.com> -
https://github.com/legoater/qemuStefan Hajnoczi authored
ppc queue : * debug facility improvements * timebase and decrementer fixes * record-replay fixes * TCG fixes * XIVE model improvements for multichip # -----BEGIN PGP SIGNATURE----- # # iQIzBAABCAAdFiEEoPZlSPBIlev+awtgUaNDx8/77KEFAmT4WKoACgkQUaNDx8/7 # 7KHjOg//bwENCptopnvX5XVTdGLRgBKoMWPkQhWPv4aHYz4t+bxHVWopdMU7i0aL # hge+ZCCkMKsg2rADczbpWytAvC3vo1Pn4zZhZNQuEvYKIpiWVN6hSflmXWP/bN1I # AGHlptKvNYKlPfGsmzZ2OZ2yItzrOwKFC/PnPSEc6dxjWfe9hEwzApxaAkOfX8wf # C+oH8DPvFmh3PH3rI4psCn/xYtxAPW1zosBtgT7Ii1XreABMHLIfIpOmPPh1yF0d # J7BgBdmxIvsN+syH/vh5jTtU4N/gQVorwyds9MX82Y3j0roxBVVLqH8rFjJA3Jsq # c/g8WTi1hHiDd8G4m1JcLI1VAhsgh1KhqG9pDaSdQXhP0E4p8N/XjxOR5ro+KxM3 # Dz/Q77VoEKuat+AXg71kc68i11CninhTVSyGnjI80ISWWYvHFQ2Sv8J9U6sS/d0m # +fo6hed7DDgfXg4OMtedF4HMmc6JAfm9eBzHUoanaoIzX0vX6vetXeMfWh6iceYW # KNcQuUi3Pvvh/AjE36jusqTkbTleP5Yo4OKNJz4pEP4sU2wQPYU32Lo7Kg7p4WPA # j+emWmWX4gcn9zTvm2LPYwkdgQ5HgigUJzq9i9qlMqfOOCpRwAsE7V0KxyV0NwDT # cAAOBCdNm4t94Ni3KEING7xuDzERvJ7H2D6uRQjVsre8cMUO0QE= # =BUg6 # -----END PGP SIGNATURE----- # gpg: Signature made Wed 06 Sep 2023 06:47:06 EDT # gpg: using RSA key A0F66548F04895EBFE6B0B6051A343C7CFFBECA1 # gpg: Good signature from "Cédric Le Goater <clg@redhat.com>" [unknown] # gpg: aka "Cédric Le Goater <clg@kaod.org>" [unknown] # gpg: WARNING: This key is not certified with a trusted signature! # gpg: There is no indication that the signature belongs to the owner. # Primary key fingerprint: A0F6 6548 F048 95EB FE6B 0B60 51A3 43C7 CFFB ECA1 * tag 'pull-ppc-20230906' of https://github.com/legoater/qemu : (35 commits) ppc/xive: Add support for the PC MMIOs ppc/xive: Handle END triggers between chips with MMIOs ppc/xive: Introduce a new XiveRouter end_notify() handler ppc/xive: Use address_space routines to access the machine RAM target/ppc: Fix the order of kvm_enable judgment about kvmppc_set_interrupt() hw/ppc/e500: fix broken snapshot replay target/ppc: Flush inputs to zero with NJ in ppc_store_vscr target/ppc: Fix LQ, STQ register-pair order for big-endian tests/avocado: ppc64 reverse debugging tests for pseries and powernv tests/avocado: reverse-debugging cope with re-executing breakpoints tests/avocado: boot ppc64 pseries replay-record test to Linux VFS mount spapr: Fix record-replay machine reset consuming too many events spapr: Fix machine reset deadlock from replay-record target/ppc: Fix timebase reset with record-replay target/ppc: Fix CPU reservation migration for record-replay hw/ppc: Read time only once to perform decrementer write hw/ppc: Reset timebase facilities on machine reset target/ppc: Migrate DECR SPR hw/ppc: Always store the decrementer value target/ppc: Sign-extend large decrementer to 64-bits ... Signed-off-by:
Stefan Hajnoczi <stefanha@redhat.com> -
Niklas Cassel authored
When encountering an NCQ error, you should not write the NCQ tag to the SError register. This is completely wrong. The SError register has a clear definition, where each bit represents a different error, see PxSERR definition in AHCI 1.3.1. If we write a random value (like the NCQ tag) in SError, e.g. Linux will read SError, and will trigger arbitrary error handling depending on the NCQ tag that happened to be executing. In case of success, ncq_cb() will call ncq_finish(). In case of error, ncq_cb() will call ncq_err() (which will clear ncq_tfs->used), and then call ncq_finish(), thus using ncq_tfs->used is sufficient to tell if finished should get set or not. Signed-off-by:
Niklas Cassel <niklas.cassel@wdc.com>
Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Message-id: 20230609140844.202795-9-nks@flawful.org
Signed-off-by: John Snow <jsnow@redhat.com> -
Niklas Cassel authored
When there is an error, we need to raise a TFES error irq, see AHCI 1.3.1, 5.3.13.1 SDB:Entry. If ERR_STAT is set, we jump to state ERR:FatalTaskfile, which will raise a TFES IRQ unconditionally, regardless if the I bit is set in the FIS or not. Thus, we should never raise a normal IRQ after having sent an error IRQ. It is valid to signal successfully completed commands as finished in the same SDB FIS that generates the error IRQ. The important thing is that commands that did not complete successfully (e.g. commands that were aborted, do not get the finished bit set). Before this commit, there was never a TFES IRQ raised on NCQ error. Signed-off-by:
Niklas Cassel <niklas.cassel@wdc.com>
Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Message-id: 20230609140844.202795-8-nks@flawful.org
Signed-off-by: John Snow <jsnow@redhat.com> -
Niklas Cassel authored
For NCQ, PxCI is cleared on command queued successfully. For non-NCQ, PxCI is cleared on command completed successfully. Successfully means ERR_STAT, BUSY and DRQ are all cleared. A command that has ERR_STAT set, does not get to clear PxCI. See AHCI 1.3.1, section 5.3.8, states RegFIS:Entry and RegFIS:ClearCI, and 5.3.16.5 ERR:FatalTaskfile. In the case of non-NCQ commands, not clearing PxCI is needed in order for host software to be able to see which command slot that failed. Signed-off-by:
Niklas Cassel <niklas.cassel@wdc.com>
Message-id: 20230609140844.202795-7-nks@flawful.org
Signed-off-by: John Snow <jsnow@redhat.com> -
Niklas Cassel authored
According to AHCI 1.3.1 definition of PxSACT: This field is cleared when PxCMD.ST is written from a '1' to a '0' by software. This field is not cleared by a COMRESET or a software reset. According to AHCI 1.3.1 definition of PxCI: This field is also cleared when PxCMD.ST is written from a '1' to a '0' by software. Clearing PxCMD.ST is part of the error recovery procedure, see AHCI 1.3.1, section "6.2 Error Recovery". If we don't clear PxCI on error recovery, the previous command will incorrectly still be marked as pending after error recovery. Signed-off-by:
Niklas Cassel <niklas.cassel@wdc.com>
Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Message-id: 20230609140844.202795-6-nks@flawful.org
Signed-off-by: John Snow <jsnow@redhat.com> -
Niklas Cassel authored
The AHCI spec states that: For NCQ, PxCI is cleared on command queued successfully. For non-NCQ, PxCI is cleared on command completed successfully. (A non-NCQ command that completes with error does not clear PxCI.) The current QEMU implementation either clears PxCI in check_cmd(), or in ahci_cmd_done(). check_cmd() will clear PxCI for a command if handle_cmd() returns 0. handle_cmd() will return -1 if BUSY or DRQ is set. The QEMU implementation for NCQ commands will currently not set BUSY or DRQ, so they will always have PxCI cleared by handle_cmd(). ahci_cmd_done() will never even get called for NCQ commands. Non-NCQ commands are executed by ide_bus_exec_cmd(). Non-NCQ commands in QEMU are implemented either in a sync or in an async way. For non-NCQ commands implemented in a sync way, the command handler will return true, and when ide_bus_exec_cmd() sees that a command handler returns true, it will call ide_cmd_done() (which will call ahci_cmd_done()). For a command implemented in a sync way, ahci_cmd_done() will do nothing (since busy_slot is not set). Instead, after ide_bus_exec_cmd() has finished, check_cmd() will clear PxCI for these commands. For non-NCQ commands implemented in an async way (using either aiocb or pio_aiocb), the command handler will return false, ide_bus_exec_cmd() will not call ide_cmd_done(), instead it is expected that the async callback function will call ide_cmd_done() once the async command is done. handle_cmd() will set busy_slot, if and only if BUSY or DRQ is set, and this is checked _after_ ide_bus_exec_cmd() has returned. handle_cmd() will return -1, so check_cmd() will not clear PxCI. When the async callback calls ide_cmd_done() (which will call ahci_cmd_done()), it will see that busy_slot is set, and ahci_cmd_done() will clear PxCI. This seems racy, since busy_slot is set _after_ ide_bus_exec_cmd() has returned. The callback might come before busy_slot gets set. And it is quite confusing that ahci_cmd_done() will be called for all non-NCQ commands when the command is done, but will only clear PxCI in certain cases, even though it will always write a D2H FIS and raise an IRQ. Even worse, in the case where ahci_cmd_done() does not clear PxCI, it still raises an IRQ. Host software might thus read an old PxCI value, since PxCI is cleared (by check_cmd()) after the IRQ has been raised. Try to simplify this by always setting busy_slot for non-NCQ commands, such that ahci_cmd_done() will always be responsible for clearing PxCI for non-NCQ commands. For NCQ commands, clear PxCI when we receive the D2H FIS, but before raising the IRQ, see AHCI 1.3.1, section 5.3.8, states RegFIS:Entry and RegFIS:ClearCI. Signed-off-by:
Niklas Cassel <niklas.cassel@wdc.com>
Message-id: 20230609140844.202795-5-nks@flawful.org
Signed-off-by: John Snow <jsnow@redhat.com> -
Niklas Cassel authored
The way that BUSY + PxCI is cleared for NCQ (FPDMA QUEUED) commands is described in SATA 3.5a Gold: 11.15 FPDMA QUEUED command protocol DFPDMAQ2: ClearInterfaceBsy "Transmit Register Device to Host FIS with the BSY bit cleared to zero and the DRQ bit cleared to zero and Interrupt bit cleared to zero to mark interface ready for the next command." PxCI is currently cleared by handle_cmd(), but we don't write the D2H FIS to the FIS Receive Area that actually caused PxCI to be cleared. Similar to how ahci_pio_transfer() calls ahci_write_fis_pio() with an additional parameter to write a PIO Setup FIS without raising an IRQ, add a parameter to ahci_write_fis_d2h() so that ahci_write_fis_d2h() also can write the FIS to the FIS Receive Area without raising an IRQ. Change process_ncq_command() to call ahci_write_fis_d2h() without raising an IRQ (similar to ahci_pio_transfer()), such that the FIS Receive Area is in sync with the PxTFD shadow register. E.g. Linux reads status and error fields from the FIS Receive Area directly, so it is wise to keep the FIS Receive Area and the PxTFD shadow register in sync. Signed-off-by:
Niklas Cassel <niklas.cassel@wdc.com>
Message-id: 20230609140844.202795-4-nks@flawful.org
Signed-off-by: John Snow <jsnow@redhat.com> -
Niklas Cassel authored
Currently, the first time sending an unsupported command (e.g. READ LOG DMA EXT) will not have ERR_STAT set in the completion. Sending the unsupported command again, will correctly have ERR_STAT set. When ide_cmd_permitted() returns false, it calls ide_abort_command(). ide_abort_command() first calls ide_transfer_stop(), which will call ide_transfer_halt() and ide_cmd_done(), after that ide_abort_command() sets ERR_STAT in status. ide_cmd_done() for AHCI will call ahci_write_fis_d2h() which writes the current status in the FIS, and raises an IRQ. (The status here will not have ERR_STAT set!). Thus, we cannot call ide_transfer_stop() before setting ERR_STAT, as ide_transfer_stop() will result in the FIS being written and an IRQ being raised. The reason why it works the second time, is that ERR_STAT will still be set from the previous command, so when writing the FIS, the completion will correctly have ERR_STAT set. Set ERR_STAT before writing the FIS (calling cmd_done), so that we will raise an error IRQ correctly when receiving an unsupported command. Signed-off-by:
Niklas Cassel <niklas.cassel@wdc.com>
Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Message-id: 20230609140844.202795-3-nks@flawful.org
Signed-off-by: John Snow <jsnow@redhat.com>
-
- Sep 06, 2023
-
-
Alexander Ivanov authored
Write a pattern to the first cluster. Corrupt the data_off field and check if the field was repaired on image opening and the pattern has not changed. Signed-off-by:
Alexander Ivanov <alexander.ivanov@virtuozzo.com>
Reviewed-by: Denis V. Lunev <den@openvz.org>
Signed-off-by: Denis V. Lunev <den@openvz.org> -
Alexander Ivanov authored
Images repairing in parallels_open() was added, thus parallels tests fail. Access to an image leads to repairing the image. Further image check don't detect any corruption. Remove reads after image creation in test 131. Signed-off-by:
Alexander Ivanov <alexander.ivanov@virtuozzo.com>
Reviewed-by: Denis V. Lunev <den@openvz.org>
Signed-off-by: Denis V. Lunev <den@openvz.org> -
Alexander Ivanov authored
In this test cluster size is 64k, but modern tools generate images with cluster size 1M. Calculate cluster size using track field from image header. Signed-off-by:
Alexander Ivanov <alexander.ivanov@virtuozzo.com>
Reviewed-by: Denis V. Lunev <den@openvz.org>
Signed-off-by: Denis V. Lunev <den@openvz.org> -
Alexander Ivanov authored
Replace hardcoded numbers by variables. Signed-off-by:
Alexander Ivanov <alexander.ivanov@virtuozzo.com>
Reviewed-by: Denis V. Lunev <den@openvz.org>
Signed-off-by: Denis V. Lunev <den@openvz.org> -
Alexander Ivanov authored
Fill a parallels image with a pattern and write another pattern to the second cluster. Corrupt the image and check if the pattern changes. Repair the image and check the patterns on guest and host sides. Signed-off-by:
Alexander Ivanov <alexander.ivanov@virtuozzo.com>
Reviewed-by: Denis V. Lunev <den@openvz.org>
Signed-off-by: Denis V. Lunev <den@openvz.org> -
Alexander Ivanov authored
Write a pattern to the last cluster, extend the image by 1 claster, repair and check that the last cluster still has the same pattern. Signed-off-by:
Alexander Ivanov <alexander.ivanov@virtuozzo.com>
Reviewed-by: Denis V. Lunev <den@openvz.org>
Signed-off-by: Denis V. Lunev <den@openvz.org> -
Alexander Ivanov authored
Fill the image with a pattern to generate entries in the BAT, set the first BAT entry outside the image, try to read the corrupted image. At the image opening it should be repaired, check for zeroes in the first cluster. Signed-off-by:
Alexander Ivanov <alexander.ivanov@virtuozzo.com>
Reviewed-by: Denis V. Lunev <den@openvz.org>
Signed-off-by: Denis V. Lunev <den@openvz.org> -
Alexander Ivanov authored
Place data_start/data_end calculation after reading the image header to s->header. Set s->data_start to the offset calculated in parallels_test_data_off(). Call bdrv_check() if data_off is incorrect. Signed-off-by:
Alexander Ivanov <alexander.ivanov@virtuozzo.com>
Reviewed-by: Denis V. Lunev <den@openvz.org>
Signed-off-by: Denis V. Lunev <den@openvz.org> -
Alexander Ivanov authored
data_off field of the parallels image header can be corrupted. Check if this field greater than the header + BAT size and less than file size. Signed-off-by:
Alexander Ivanov <alexander.ivanov@virtuozzo.com>
Reviewed-by: Denis V. Lunev <den@openvz.org>
Signed-off-by: Denis V. Lunev <den@openvz.org> -
Alexander Ivanov authored
bdrv_co_getlength() should be used in coroutine context. Replace bdrv_getlength() by bdrv_co_getlength() in parallels_check_outside_image(). Signed-off-by:
Alexander Ivanov <alexander.ivanov@virtuozzo.com>
Reviewed-by: Denis V. Lunev <den@openvz.org>
Signed-off-by: Denis V. Lunev <den@openvz.org> -
Alexander Ivanov authored
Repair an image at opening if the image is unclean or out-of-image corruption was detected. Signed-off-by:
Alexander Ivanov <alexander.ivanov@virtuozzo.com>
Reviewed-by: Denis V. Lunev <den@openvz.org>
Signed-off-by: Denis V. Lunev <den@openvz.org> -
Alexander Ivanov authored
Cluster offsets must be unique among all the BAT entries. Find duplicate offsets in the BAT and fix it by copying the content of the relevant cluster to a newly allocated cluster and set the new cluster offset to the duplicated entry. Add host_cluster_index() helper to deduplicate the code. When new clusters are allocated, the file size increases by 128 Mb. Call parallels_check_leak() to fix this leak. Signed-off-by:
Alexander Ivanov <alexander.ivanov@virtuozzo.com>
Reviewed-by: Denis V. Lunev <den@openvz.org>
Signed-off-by: Denis V. Lunev <den@openvz.org> -
Alexander Ivanov authored
In the next patch we will need the offset of the data area for host cluster index calculation. Add this field and setting up code. Signed-off-by:
Alexander Ivanov <alexander.ivanov@virtuozzo.com>
Reviewed-by: Denis V. Lunev <den@openvz.org>
Signed-off-by: Denis V. Lunev <den@openvz.org> -
Alexander Ivanov authored
In the on of the next patches we need to repair leaks without changing leaks and leaks_fixed info in res. Also we don't want to print any warning about leaks. Add "explicit" argument to skip info changing if the argument is false. Signed-off-by:
Alexander Ivanov <alexander.ivanov@virtuozzo.com>
Reviewed-by: Denis V. Lunev <den@openvz.org>
Signed-off-by: Denis V. Lunev <den@openvz.org> -
Alexander Ivanov authored
Initially data_end is set to the data_off image header field and must not be greater than the file size. Signed-off-by:
Alexander Ivanov <alexander.ivanov@virtuozzo.com>
Reviewed-by: Denis V. Lunev <den@openvz.org>
Signed-off-by: Denis V. Lunev <den@openvz.org> -
Alexander Ivanov authored
The BDRVParallelsState structure contains data_end field that is measured in sectors. In parallels_open() initially this field is set by data_off field from parallels image header. According to the parallels format documentation, data_off field contains an offset, in sectors, from the start of the file to the start of the data area. For "WithoutFreeSpace" images: if data_off is zero, the offset is calculated as the end of the BAT table plus some padding to ensure sector size alignment. The parallels_open() function has code for handling zero value in data_off, but in the result data_end contains the offset in bytes. Replace the alignment to sector size by division by sector size and fix the comparision with s->header_size. Signed-off-by:
Alexander Ivanov <alexander.ivanov@virtuozzo.com>
Reviewed-by: Denis V. Lunev <den@openvz.org>
Reviewed-by: Hanna Czenczek <hreitz@redhat.com>
Signed-off-by: Denis V. Lunev <den@openvz.org> -
Alexander Ivanov authored
This patch is technically necessary as git patch rendering could result in moving some code from one place to the another and that hits checkpatch.pl warning. This problem specifically happens within next series. Signed-off-by:
Alexander Ivanov <alexander.ivanov@virtuozzo.com>
Reviewed-by: Denis V. Lunev <den@openvz.org>
Signed-off-by: Denis V. Lunev <den@openvz.org> -
Denis V. Lunev authored
Driver changes are driving by me for now. At least we need to get functionally complete check and repair procedure for now. Signed-off-by:
Denis V. Lunev <den@openvz.org>
Reviewed-by: Vladimir Sementsov-Ogievskiy <vsementsov@yandex-team.ru>
CC: Stefan Hajnoczi <stefanha@redhat.com> -
https://gitlab.com/marcandre.lureau/qemuStefan Hajnoczi authored
UI patch queue - misc fixes and improvement - cleanups and refactoring in ui/vc code # -----BEGIN PGP SIGNATURE----- # # iQJQBAABCAA6FiEEh6m9kz+HxgbSdvYt2ujhCXWWnOUFAmT1wuYcHG1hcmNhbmRy # ZS5sdXJlYXVAcmVkaGF0LmNvbQAKCRDa6OEJdZac5UhmD/wPCVZ/Vipmbexc8eBd # wbI7i0zR5Hj7szU4D1MV+fvi5Y6Z7PWvPxnQOIoWbmEGuhOm5P73oRz1jlBDXGLP # Nh1kh2RvuWILF0Vu+QjJHL5FyA0XJcl/Qhsn1tc7pYMbEOBCpPfpmWRiXrEUDc7/ # S1iSPkB2a7YYwuMW6ksPyKlsb4tjGyea/HYz1lTdw8bJxaFVXMFX35lrqz+A5ZGz # XAk/6OyMtkMbBi8hWcd6IweYyc/DYaK8emqppQLIUenZEz7nKSWlEUIKcXpf9U4n # 3W+BISACxnw7KbXrrZl2KJf2Bix6LRureoscZTKawnB/D5hV+g7PtEjNMUQsxjg3 # RyV9+zSPsIg5zXunrHIs1rrUtGS5SvdQbIQYqHPNdL86iuWKer+EnwA06vflweLw # P7FZhuBNvuY3gU2sdCk5Q7My92YT5DRWjoJRHLFGNYTxPA6MYPivIu8RqsBiu+JX # BvK1FfhG2JsR9XuuOFR968AXLfMc0hOlHfHWvORk3s/9zIpeEWmQbnGxr1sN9El8 # o+rDIkcadELuzcTJcoHCKdCzjFbLdNNKgvbcVQdw3rdp2rvQ6CZalyh+qZEihAy4 # xLVO+hUypxNhRAg/DtZilUW6cPavn0OjoH/3BgY0F0GiwvhFMntyVGN7eBdwnC7c # sV5s4Xnafmh5xnGf0GS3UyuX9g== # =JxZP # -----END PGP SIGNATURE----- # gpg: Signature made Mon 04 Sep 2023 07:43:34 EDT # gpg: using RSA key 87A9BD933F87C606D276F62DDAE8E10975969CE5 # gpg: issuer "marcandre.lureau@redhat.com" # gpg: Good signature from "Marc-André Lureau <marcandre.lureau@redhat.com>" [full] # gpg: aka "Marc-André Lureau <marcandre.lureau@gmail.com>" [full] # Primary key fingerprint: 87A9 BD93 3F87 C606 D276 F62D DAE8 E109 7596 9CE5 * tag 'ui-pull-request' of https://gitlab.com/marcandre.lureau/qemu : (52 commits) ui/gtk: fix leaks found wtih fuzzing ui/vdagent: Unregister input handler of mouse during finalization ui/vdagent: call vdagent_disconnect() when agent connection is lost ui/dbus: implement damage regions for GL ui/dbus: Properly dispose touch/mouse dbus objects ui/vnc-enc-tight: Avoid dynamic stack allocation ui/vnc-enc-hextile: Use static rather than dynamic length stack array ui/spice-display: Avoid dynamic stack allocation ui/vc: change the argument for QemuTextConsole ui/vc: do not parse VC-specific options in Spice and GTK ui/vc: move text console invalidate in helper ui/console: minor stylistic changes ui/vc: skip text console resize when possible ui/console: fold text_console_update_cursor_timer ui/console: assert(surface) where appropriate ui/console: rename vga_ functions with qemu_console_ ui/console: use QEMU_PIXMAN_COLOR helpers ui/console: declare console types in console.h ui/vc: use common text console surface creation ui/console: remove need for g_width/g_height ... Signed-off-by:
Stefan Hajnoczi <stefanha@redhat.com> -
https://gitlab.com/rth7680/qemuStefan Hajnoczi authored
linux-user: Rewrite and improve /proc/pid/maps linux-user: Fix shmdt and improve shm region tracking linux-user: Remove ELF_START_MMAP and image_info.start_mmap # -----BEGIN PGP SIGNATURE----- # # iQFRBAABCgA7FiEEekgeeIaLTbaoWgXAZN846K9+IV8FAmTyTEcdHHJpY2hhcmQu # aGVuZGVyc29uQGxpbmFyby5vcmcACgkQZN846K9+IV8aZAf/UVKDv0FwEzxn3wzx # pT+NbP4adHCew5ovDq94In9OpwG4+PtZj3x+EdPCFxAvVb9KdOs001a9zSRYSwWi # 0p9ZkOgtq58/Wr34dl6C8oPZP8bnw7hfVcXWYwdsBq9K+dmW9Tu4LgZSc92NWYiE # SGBATB/cF4keLlDJrm1YBfb6cVKmYHdgQzMHr4g4TitBOO3lic8HQglXN8eKvQyd # ZKuMxFwfSGjaNXsoBLmzPBEqJCLzj5JNtOb8maIN9oPTkkC66XvkBmD/4UrQ7K3x # aX2QgZpxZYZsyKfWJd4EkrJl+0JZYvGW4vBX1c+vBdIYQZoBHlWwZQBqsi+AMA6J # ASc3hQ== # =QWfr # -----END PGP SIGNATURE----- # gpg: Signature made Fri 01 Sep 2023 16:40:39 EDT # gpg: using RSA key 7A481E78868B4DB6A85A05C064DF38E8AF7E215F # gpg: issuer "richard.henderson@linaro.org" # gpg: Good signature from "Richard Henderson <richard.henderson@linaro.org>" [full] # Primary key fingerprint: 7A48 1E78 868B 4DB6 A85A 05C0 64DF 38E8 AF7E 215F * tag 'pull-lu-20230901' of https://gitlab.com/rth7680/qemu : linux-user: Track shm regions with an interval tree linux-user: Fix shmdt linux-user: Use WITH_MMAP_LOCK_GUARD in target_{shmat,shmdt} linux-user: Move shmat and shmdt implementations to mmap.c linux-user: Remove ELF_START_MMAP and image_info.start_mmap linux-user: Emulate the Anonymous: keyword in /proc/self/smaps linux-user: Show heap address in /proc/pid/maps linux-user: Adjust brk for load_bias linux-user: Use walk_memory_regions for open_self_maps util/selfmap: Use dev_t and ino_t in MapInfo linux-user: Emulate /proc/cpuinfo for Alpha linux-user: Emulate /proc/cpuinfo on aarch64 and arm linux-user: Split out cpu/target_proc.h Signed-off-by:
Stefan Hajnoczi <stefanha@redhat.com> -
https://github.com/legoater/qemuStefan Hajnoczi authored
aspeed queue: * Fixes for the Aspeed I2C model * New SDK image for avocado tests * blockdev support for flash device definition * SD refactoring preparing ground for eMMC support # -----BEGIN PGP SIGNATURE----- # # iQIzBAABCAAdFiEEoPZlSPBIlev+awtgUaNDx8/77KEFAmTxsaQACgkQUaNDx8/7 # 7KGXmg//XJNisscl/VWSBaGmH5MbQUAg/QCRalXx1V/lJ8rhE/JqwnWKuoPFd4EN # iDlh3ufpzxPhHFc9boechuM5ytlrJxpLJoCIJ4sw/4qnO3Dy3Q6BCy1t8Ma62D1u # oE7cAMHsriJ1uTJNHUTFo72VapTaH2XwFN9lFDuQW45d+WWAXtVJsqvRgFETNmw6 # YYnTTpH2gLTZZFEgOixhWpGLh4Ibc/l8U1VzL0ctQmC11xng0bqk3PAqU9NGzcM5 # MJmEGAxg43CnFu9NJI1nMqC/coi/8PFtrM7HprSwE3H8Jkwncs4ePVT+kZQC+VNQ # 7EaVkksfEGHlN8XP5+eQDrQ5yT6ve+fbHTLQhwULfeyt0GlQ8h1yewvHCDWo/zw3 # XI1ZyOcNZ2yiaenSUrTPzu0LiqZEJQnzRjPCpgTi1fU08ryEMEaPtr176YDLCguQ # cpRj4QSZHCrGl/Eo9NlkFP/2rQDKTvCcedKPkYLQtsurSiH/36Oj9YvZycNtZ574 # ortKAtru4YV/rglNX4L8JDhdI+nqvy1liifpJsiS/2KBZDpVFaP8PzGIV40HNy3G # 8/LVTnaggZaScF3ftHhkg84uQumELS9l2dhsNCL9HqdlrNXLQrVAIR6iuQlpOKBa # 5S/6h7ZXGOb1qNVQjYp4HCrB7X1KIJYksZ3GdUREf8ot5Ds1FhE= # =ymmX # -----END PGP SIGNATURE----- # gpg: Signature made Fri 01 Sep 2023 05:40:52 EDT # gpg: using RSA key A0F66548F04895EBFE6B0B6051A343C7CFFBECA1 # gpg: Good signature from "Cédric Le Goater <clg@redhat.com>" [unknown] # gpg: aka "Cédric Le Goater <clg@kaod.org>" [unknown] # gpg: WARNING: This key is not certified with a trusted signature! # gpg: There is no indication that the signature belongs to the owner. # Primary key fingerprint: A0F6 6548 F048 95EB FE6B 0B60 51A3 43C7 CFFB ECA1 * tag 'pull-aspeed-20230901' of https://github.com/legoater/qemu : (26 commits) hw/sd: Introduce a "sd-card" SPI variant model hw/sd: Add sd_cmd_SET_BLOCK_COUNT() handler hw/sd: Add sd_cmd_SEND_TUNING_BLOCK() handler hw/sd: Add sd_cmd_SEND_RELATIVE_ADDR() handler hw/sd: Add sd_cmd_ALL_SEND_CID() handler hw/sd: Add sd_cmd_SEND_OP_CMD() handler hw/sd: Add sd_cmd_GO_IDLE_STATE() handler hw/sd: Add sd_cmd_unimplemented() handler hw/sd: Add sd_cmd_illegal() handler hw/sd: Introduce sd_cmd_handler type hw/sd: Move proto_name to SDProto structure hw/sd: When card is in wrong state, log which spec version is used hw/sd: When card is in wrong state, log which state it is hw/sd/sdcard: Return ILLEGAL for CMD19/CMD23 prior SD spec v3.01 aspeed: Get the BlockBackend of FMC0 from the flash device m25p80: Introduce an helper to retrieve the BlockBackend of a device aspeed: Create flash devices only when defaults are enabled hw/ssi: Check for duplicate CS indexes aspeed/smc: Wire CS lines at reset hw/ssi: Introduce a ssi_get_cs() helper ... Signed-off-by:
Stefan Hajnoczi <stefanha@redhat.com> -
Cédric Le Goater authored
The XIVE interrupt contoller maintains various fields on interrupt targets in a structure called NVT. Each unit has a NVT cache, backed by RAM. When the NVT structure is not local (in RAM) to the chip, the XIVE interrupt controller forwards the memory operation to the owning chip using the PC MMIO region configured for this purpose. QEMU does not need to be so precise since software shouldn't perform any of these operations. The model implementation is simplified to return the RAM address of the NVT structure which is then used by pnv_xive_vst_write or read to perform the operation in RAM. Remove the last use of pnv_xive_get_remote(). Reviewed-by:
Frederic Barrat <fbarrat@linux.ibm.com>
Signed-off-by: Cédric Le Goater <clg@kaod.org> -
Cédric Le Goater authored
The notify page of the interrupt controller can either be used to receive trigger events from the HW controllers (PHB, PSI) or to reroute interrupts between Interrupt Controllers. In which case, the VSD table is used to determine the address of the notify page of the remote IC and the store data is forwarded. Today, our model grabs the remote VSD (EAS, END, NVT) address using pnv_xive_get_remote() helper. Be more precise and implement remote END triggers using a store on the remote IC notify page. We still have a shortcut in the model for the NVT accesses which we will address later. Reviewed-by:
Frederic Barrat <fbarrat@linux.ibm.com>
Signed-off-by: Cédric Le Goater <clg@kaod.org>
-