* [Qemu-devel] [PATCH v3 0/9] virtio: avoid inappropriate QEMU termination
@ 2016-09-26 8:33 Greg Kurz
2016-09-26 8:33 ` [Qemu-devel] [PATCH v3 1/9] virtio-9p: add parentheses to sizeof operator Greg Kurz
` (9 more replies)
0 siblings, 10 replies; 20+ messages in thread
From: Greg Kurz @ 2016-09-26 8:33 UTC (permalink / raw)
To: qemu-devel
Cc: Kevin Wolf, Michael S. Tsirkin, Jason Wang, Greg Kurz, Max Reitz,
Aneesh Kumar K.V, Stefan Hajnoczi, Cornelia Huck, Paolo Bonzini
Stefan Hajnoczi recently posted a patchset to avoid exit() when a virtio
device enters invalid states:
<1474473146-19337-1-git-send-email-stefanha@redhat.com>
The above patchset provides the ability to deactivate a virtio device if it
encounters an unrecoverable issue, with the introduction of a broken
state. It also converts the core virtio code to do that, instead of
terminating QEMU.
The patchset is now in the virtio maintainer tree, and is expected to be
merged soon into QEMU master.
Stefan also sent another patchset to detach VirtQueueElements freed by reset:
<1474291685-24226-1-git-send-email-stefanha@redhat.com>
Patch 1/3 of this patchset brings a new virtio_detach_element() function
which should be called when a VirtQueueElement isn't needed anymore. It was
originally introduced to be used on outstanding requests when a device
is reset. But it turns out that it is also needed if a device moves to
the broken state.
This series leverages the above to address all exit() call sites in the virtio
blk, net and scsi device code, where the error is about a missing or malformed
in/out header sent by the guest. They are converted to use virtio_error(),
detach and free any queued VirtQueueElement and stop any processing, instead
of forcing QEMU to exit.
The 9P code currently calls assert() instead of exit(), but it also about
malformed or missing headers, so it gets converted the same way.
The remaining exit() call sites are related to a host misconfiguration or a
migration stream issue, and thus shouldn't be converted.
Next work will be to check all assert() call sites in the device code, in
case some of them actually refer to a bug in the guest, and should be
converted to use virtio_error() as well.
This series is based on the virtio maintainer tree:
https://git.kernel.org/pub/scm/virt/kvm/mst/qemu.git fb9f592623b0
and the "virtio: add virtio_detach_element()" patch:
<1474291685-24226-2-git-send-email-stefanha@redhat.com>
Please review.
---
Greg Kurz (9):
virtio-9p: add parentheses to sizeof operator
virtio-blk: make some functions static
virtio-9p: handle handle_9p_output() error
virtio-blk: handle virtio_blk_handle_request() errors
virtio-net: handle virtio_net_handle_ctrl() error
virtio-net: handle virtio_net_receive() errors
virtio-net: handle virtio_net_flush_tx() errors
virtio-scsi: convert virtio_scsi_bad_req() to use virtio_error()
virtio-scsi: handle virtio_scsi_set_config() error
hw/9pfs/virtio-9p-device.c | 30 +++++++++++++++-----
hw/block/virtio-blk.c | 46 +++++++++++++++++++++----------
hw/net/virtio-net.c | 60 +++++++++++++++++++++++++---------------
hw/scsi/virtio-scsi.c | 49 +++++++++++++++++++++++----------
include/hw/virtio/virtio-blk.h | 8 -----
5 files changed, 127 insertions(+), 66 deletions(-)
--
Greg
^ permalink raw reply [flat|nested] 20+ messages in thread
* [Qemu-devel] [PATCH v3 1/9] virtio-9p: add parentheses to sizeof operator
2016-09-26 8:33 [Qemu-devel] [PATCH v3 0/9] virtio: avoid inappropriate QEMU termination Greg Kurz
@ 2016-09-26 8:33 ` Greg Kurz
2016-09-26 8:34 ` [Qemu-devel] [PATCH v3 2/9] virtio-blk: make some functions static Greg Kurz
` (8 subsequent siblings)
9 siblings, 0 replies; 20+ messages in thread
From: Greg Kurz @ 2016-09-26 8:33 UTC (permalink / raw)
To: qemu-devel
Cc: Kevin Wolf, Michael S. Tsirkin, Jason Wang, Greg Kurz, Max Reitz,
Aneesh Kumar K.V, Stefan Hajnoczi, Cornelia Huck, Paolo Bonzini
Signed-off-by: Greg Kurz <groug@kaod.org>
Reviewed-by: Cornelia Huck <cornelia.huck@de.ibm.com>
Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com>
---
v3: - added Cornelia's and Stefan's R-b tags
---
hw/9pfs/virtio-9p-device.c | 6 +++---
1 file changed, 3 insertions(+), 3 deletions(-)
diff --git a/hw/9pfs/virtio-9p-device.c b/hw/9pfs/virtio-9p-device.c
index 009b43f6d045..e7ea0e45f3dd 100644
--- a/hw/9pfs/virtio-9p-device.c
+++ b/hw/9pfs/virtio-9p-device.c
@@ -57,12 +57,12 @@ static void handle_9p_output(VirtIODevice *vdev, VirtQueue *vq)
}
BUG_ON(elem->out_num == 0 || elem->in_num == 0);
- QEMU_BUILD_BUG_ON(sizeof out != 7);
+ QEMU_BUILD_BUG_ON(sizeof(out) != 7);
v->elems[pdu->idx] = elem;
len = iov_to_buf(elem->out_sg, elem->out_num, 0,
- &out, sizeof out);
- BUG_ON(len != sizeof out);
+ &out, sizeof(out));
+ BUG_ON(len != sizeof(out));
pdu->size = le32_to_cpu(out.size_le);
^ permalink raw reply related [flat|nested] 20+ messages in thread
* [Qemu-devel] [PATCH v3 2/9] virtio-blk: make some functions static
2016-09-26 8:33 [Qemu-devel] [PATCH v3 0/9] virtio: avoid inappropriate QEMU termination Greg Kurz
2016-09-26 8:33 ` [Qemu-devel] [PATCH v3 1/9] virtio-9p: add parentheses to sizeof operator Greg Kurz
@ 2016-09-26 8:34 ` Greg Kurz
2016-09-26 16:15 ` Stefan Hajnoczi
2016-09-26 8:34 ` [Qemu-devel] [PATCH v3 3/9] virtio-9p: handle handle_9p_output() error Greg Kurz
` (7 subsequent siblings)
9 siblings, 1 reply; 20+ messages in thread
From: Greg Kurz @ 2016-09-26 8:34 UTC (permalink / raw)
To: qemu-devel
Cc: Kevin Wolf, Michael S. Tsirkin, Jason Wang, Greg Kurz, Max Reitz,
Aneesh Kumar K.V, Stefan Hajnoczi, Cornelia Huck, Paolo Bonzini
Some functions that were called from the dataplane code are now only used
locally:
virtio_blk_init_request()
virtio_blk_handle_request()
virtio_blk_submit_multireq()
since commit "03de2f527499 virtio-blk: do not use vring in dataplane", and
virtio_blk_free_request()
since commit "6aa46d8ff1ee virtio: move VirtQueueElement at the beginning
of the structs".
This patch converts them to static.
Signed-off-by: Greg Kurz <groug@kaod.org>
---
v3: This was "virtio-blk: turn virtio_blk_handle_request() into a static
function" in v2. It turns out that there are some more candidates.
---
hw/block/virtio-blk.c | 10 +++++-----
include/hw/virtio/virtio-blk.h | 8 --------
2 files changed, 5 insertions(+), 13 deletions(-)
diff --git a/hw/block/virtio-blk.c b/hw/block/virtio-blk.c
index c7ca4d6769cb..bbacd562cefb 100644
--- a/hw/block/virtio-blk.c
+++ b/hw/block/virtio-blk.c
@@ -29,8 +29,8 @@
#include "hw/virtio/virtio-bus.h"
#include "hw/virtio/virtio-access.h"
-void virtio_blk_init_request(VirtIOBlock *s, VirtQueue *vq,
- VirtIOBlockReq *req)
+static void virtio_blk_init_request(VirtIOBlock *s, VirtQueue *vq,
+ VirtIOBlockReq *req)
{
req->dev = s;
req->vq = vq;
@@ -40,7 +40,7 @@ void virtio_blk_init_request(VirtIOBlock *s, VirtQueue *vq,
req->mr_next = NULL;
}
-void virtio_blk_free_request(VirtIOBlockReq *req)
+static void virtio_blk_free_request(VirtIOBlockReq *req)
{
if (req) {
g_free(req);
@@ -381,7 +381,7 @@ static int multireq_compare(const void *a, const void *b)
}
}
-void virtio_blk_submit_multireq(BlockBackend *blk, MultiReqBuffer *mrb)
+static void virtio_blk_submit_multireq(BlockBackend *blk, MultiReqBuffer *mrb)
{
int i = 0, start = 0, num_reqs = 0, niov = 0, nb_sectors = 0;
uint32_t max_transfer;
@@ -468,7 +468,7 @@ static bool virtio_blk_sect_range_ok(VirtIOBlock *dev,
return true;
}
-void virtio_blk_handle_request(VirtIOBlockReq *req, MultiReqBuffer *mrb)
+static void virtio_blk_handle_request(VirtIOBlockReq *req, MultiReqBuffer *mrb)
{
uint32_t type;
struct iovec *in_iov = req->elem.in_sg;
diff --git a/include/hw/virtio/virtio-blk.h b/include/hw/virtio/virtio-blk.h
index 180bd8db5df2..9734b4c446c5 100644
--- a/include/hw/virtio/virtio-blk.h
+++ b/include/hw/virtio/virtio-blk.h
@@ -80,14 +80,6 @@ typedef struct MultiReqBuffer {
bool is_write;
} MultiReqBuffer;
-void virtio_blk_init_request(VirtIOBlock *s, VirtQueue *vq,
- VirtIOBlockReq *req);
-void virtio_blk_free_request(VirtIOBlockReq *req);
-
-void virtio_blk_handle_request(VirtIOBlockReq *req, MultiReqBuffer *mrb);
-
-void virtio_blk_submit_multireq(BlockBackend *blk, MultiReqBuffer *mrb);
-
void virtio_blk_handle_vq(VirtIOBlock *s, VirtQueue *vq);
#endif
^ permalink raw reply related [flat|nested] 20+ messages in thread
* [Qemu-devel] [PATCH v3 3/9] virtio-9p: handle handle_9p_output() error
2016-09-26 8:33 [Qemu-devel] [PATCH v3 0/9] virtio: avoid inappropriate QEMU termination Greg Kurz
2016-09-26 8:33 ` [Qemu-devel] [PATCH v3 1/9] virtio-9p: add parentheses to sizeof operator Greg Kurz
2016-09-26 8:34 ` [Qemu-devel] [PATCH v3 2/9] virtio-blk: make some functions static Greg Kurz
@ 2016-09-26 8:34 ` Greg Kurz
2016-09-26 16:21 ` Stefan Hajnoczi
2016-09-26 8:34 ` [Qemu-devel] [PATCH v3 4/9] virtio-blk: handle virtio_blk_handle_request() errors Greg Kurz
` (6 subsequent siblings)
9 siblings, 1 reply; 20+ messages in thread
From: Greg Kurz @ 2016-09-26 8:34 UTC (permalink / raw)
To: qemu-devel
Cc: Kevin Wolf, Michael S. Tsirkin, Jason Wang, Greg Kurz, Max Reitz,
Aneesh Kumar K.V, Stefan Hajnoczi, Cornelia Huck, Paolo Bonzini
A broken guest may send a request without providing buffers for the reply
or for the request itself, and virtqueue_pop() will return an element with
either in_num == 0 or out_num == 0.
All 9P requests are expected to start with the following 7-byte header:
uint32_t size_le;
uint8_t id;
uint16_t tag_le;
If iov_to_buf() fails to return these 7 bytes, then something is wrong in
the guest.
In both cases, it is wrong to crash QEMU, since the root cause lies in the
guest.
This patch hence does the following:
- keep the check of in_num since pdu_complete() assumes it has enough
space to store the reply and we will send something broken to the guest
- let iov_to_buf() handle out_num == 0, since it will return 0 just like
if the guest had provided an zero-sized buffer.
- call virtio_error() to inform the guest that the device is now broken,
instead of aborting
- detach the request from the virtqueue and free it
Signed-off-by: Greg Kurz <groug@kaod.org>
---
v3: - dropped the out_num check (already covered by iov_to_buf())
- reworded the in_num error message
- added an error path to detach and free the virtqueue element
I haven't added the R-b tags received during v2 because of the above
changes.
---
hw/9pfs/virtio-9p-device.c | 26 +++++++++++++++++++++-----
1 file changed, 21 insertions(+), 5 deletions(-)
diff --git a/hw/9pfs/virtio-9p-device.c b/hw/9pfs/virtio-9p-device.c
index e7ea0e45f3dd..a338f6400264 100644
--- a/hw/9pfs/virtio-9p-device.c
+++ b/hw/9pfs/virtio-9p-device.c
@@ -41,6 +41,7 @@ static void handle_9p_output(VirtIODevice *vdev, VirtQueue *vq)
V9fsState *s = &v->state;
V9fsPDU *pdu;
ssize_t len;
+ VirtQueueElement *elem;
while ((pdu = pdu_alloc(s))) {
struct {
@@ -48,21 +49,28 @@ static void handle_9p_output(VirtIODevice *vdev, VirtQueue *vq)
uint8_t id;
uint16_t tag_le;
} QEMU_PACKED out;
- VirtQueueElement *elem;
elem = virtqueue_pop(vq, sizeof(VirtQueueElement));
if (!elem) {
- pdu_free(pdu);
- break;
+ goto out_free_pdu;
}
- BUG_ON(elem->out_num == 0 || elem->in_num == 0);
+ if (elem->in_num == 0) {
+ virtio_error(vdev,
+ "The guest sent a VirtFS request without space for "
+ "the reply");
+ goto out_free_req;
+ }
QEMU_BUILD_BUG_ON(sizeof(out) != 7);
v->elems[pdu->idx] = elem;
len = iov_to_buf(elem->out_sg, elem->out_num, 0,
&out, sizeof(out));
- BUG_ON(len != sizeof(out));
+ if (len != sizeof(out)) {
+ virtio_error(vdev, "The guest sent a malformed VirtFS request: "
+ "header size is %zd, should be 7", len);
+ goto out_free_req;
+ }
pdu->size = le32_to_cpu(out.size_le);
@@ -72,6 +80,14 @@ static void handle_9p_output(VirtIODevice *vdev, VirtQueue *vq)
qemu_co_queue_init(&pdu->complete);
pdu_submit(pdu);
}
+
+ return;
+
+out_free_req:
+ virtqueue_detach_element(vq, elem, 0);
+ g_free(elem);
+out_free_pdu:
+ pdu_free(pdu);
}
static uint64_t virtio_9p_get_features(VirtIODevice *vdev, uint64_t features,
^ permalink raw reply related [flat|nested] 20+ messages in thread
* [Qemu-devel] [PATCH v3 4/9] virtio-blk: handle virtio_blk_handle_request() errors
2016-09-26 8:33 [Qemu-devel] [PATCH v3 0/9] virtio: avoid inappropriate QEMU termination Greg Kurz
` (2 preceding siblings ...)
2016-09-26 8:34 ` [Qemu-devel] [PATCH v3 3/9] virtio-9p: handle handle_9p_output() error Greg Kurz
@ 2016-09-26 8:34 ` Greg Kurz
2016-09-26 16:24 ` Stefan Hajnoczi
2016-09-26 8:34 ` [Qemu-devel] [PATCH v3 5/9] virtio-net: handle virtio_net_handle_ctrl() error Greg Kurz
` (5 subsequent siblings)
9 siblings, 1 reply; 20+ messages in thread
From: Greg Kurz @ 2016-09-26 8:34 UTC (permalink / raw)
To: qemu-devel
Cc: Kevin Wolf, Michael S. Tsirkin, Jason Wang, Greg Kurz, Max Reitz,
Aneesh Kumar K.V, Stefan Hajnoczi, Cornelia Huck, Paolo Bonzini
All these errors are caused by a buggy guest: QEMU should not exit.
With this patch, if virtio_blk_handle_request() detects a buggy request, it
marks the device as broken and returns an error to the caller so it takes
appropriate action.
In the case of virtio_blk_handle_vq(), we detach the request from the
virtqueue, free its allocated memory and stop popping new requests.
We don't need to bother about multireq since virtio_blk_handle_request()
errors out early and mrb.num_reqs == 0.
In the case of virtio_blk_dma_restart_bh(), we need to detach and free all
queued requests as well.
Signed-off-by: Greg Kurz <groug@kaod.org>
---
v3: - turned goto out_err to break in virtio_blk_handle_vq()
- detach and free request in virtio_blk_handle_vq()
- detach and free all queued requests in virtio_blk_dma_restart_bh()
- updated changelog
---
hw/block/virtio-blk.c | 38 ++++++++++++++++++++++++++++----------
1 file changed, 28 insertions(+), 10 deletions(-)
diff --git a/hw/block/virtio-blk.c b/hw/block/virtio-blk.c
index bbacd562cefb..0ddd7fbbe54f 100644
--- a/hw/block/virtio-blk.c
+++ b/hw/block/virtio-blk.c
@@ -468,30 +468,32 @@ static bool virtio_blk_sect_range_ok(VirtIOBlock *dev,
return true;
}
-static void virtio_blk_handle_request(VirtIOBlockReq *req, MultiReqBuffer *mrb)
+static int virtio_blk_handle_request(VirtIOBlockReq *req, MultiReqBuffer *mrb)
{
uint32_t type;
struct iovec *in_iov = req->elem.in_sg;
struct iovec *iov = req->elem.out_sg;
unsigned in_num = req->elem.in_num;
unsigned out_num = req->elem.out_num;
+ VirtIOBlock *s = req->dev;
+ VirtIODevice *vdev = VIRTIO_DEVICE(s);
if (req->elem.out_num < 1 || req->elem.in_num < 1) {
- error_report("virtio-blk missing headers");
- exit(1);
+ virtio_error(vdev, "virtio-blk missing headers");
+ return -1;
}
if (unlikely(iov_to_buf(iov, out_num, 0, &req->out,
sizeof(req->out)) != sizeof(req->out))) {
- error_report("virtio-blk request outhdr too short");
- exit(1);
+ virtio_error(vdev, "virtio-blk request outhdr too short");
+ return -1;
}
iov_discard_front(&iov, &out_num, sizeof(req->out));
if (in_iov[in_num - 1].iov_len < sizeof(struct virtio_blk_inhdr)) {
- error_report("virtio-blk request inhdr too short");
- exit(1);
+ virtio_error(vdev, "virtio-blk request inhdr too short");
+ return -1;
}
/* We always touch the last byte, so just see how big in_iov is. */
@@ -529,7 +531,7 @@ static void virtio_blk_handle_request(VirtIOBlockReq *req, MultiReqBuffer *mrb)
block_acct_invalid(blk_get_stats(req->dev->blk),
is_write ? BLOCK_ACCT_WRITE : BLOCK_ACCT_READ);
virtio_blk_free_request(req);
- return;
+ return 0;
}
block_acct_start(blk_get_stats(req->dev->blk),
@@ -576,6 +578,7 @@ static void virtio_blk_handle_request(VirtIOBlockReq *req, MultiReqBuffer *mrb)
virtio_blk_req_complete(req, VIRTIO_BLK_S_UNSUPP);
virtio_blk_free_request(req);
}
+ return 0;
}
void virtio_blk_handle_vq(VirtIOBlock *s, VirtQueue *vq)
@@ -586,7 +589,11 @@ void virtio_blk_handle_vq(VirtIOBlock *s, VirtQueue *vq)
blk_io_plug(s->blk);
while ((req = virtio_blk_get_request(s, vq))) {
- virtio_blk_handle_request(req, &mrb);
+ if (virtio_blk_handle_request(req, &mrb)) {
+ virtqueue_detach_element(req->vq, &req->elem, 0);
+ virtio_blk_free_request(req);
+ break;
+ }
}
if (mrb.num_reqs) {
@@ -625,7 +632,18 @@ static void virtio_blk_dma_restart_bh(void *opaque)
while (req) {
VirtIOBlockReq *next = req->next;
- virtio_blk_handle_request(req, &mrb);
+ if (virtio_blk_handle_request(req, &mrb)) {
+ /* Device is now broken and won't do any processing until it gets
+ * reset. Already queued requests will be lost: let's purge them.
+ */
+ while (req) {
+ next = req->next;
+ virtqueue_detach_element(req->vq, &req->elem, 0);
+ virtio_blk_free_request(req);
+ req = next;
+ }
+ break;
+ }
req = next;
}
^ permalink raw reply related [flat|nested] 20+ messages in thread
* [Qemu-devel] [PATCH v3 5/9] virtio-net: handle virtio_net_handle_ctrl() error
2016-09-26 8:33 [Qemu-devel] [PATCH v3 0/9] virtio: avoid inappropriate QEMU termination Greg Kurz
` (3 preceding siblings ...)
2016-09-26 8:34 ` [Qemu-devel] [PATCH v3 4/9] virtio-blk: handle virtio_blk_handle_request() errors Greg Kurz
@ 2016-09-26 8:34 ` Greg Kurz
2016-09-26 16:25 ` Stefan Hajnoczi
2016-09-26 8:34 ` [Qemu-devel] [PATCH v3 6/9] virtio-net: handle virtio_net_receive() errors Greg Kurz
` (4 subsequent siblings)
9 siblings, 1 reply; 20+ messages in thread
From: Greg Kurz @ 2016-09-26 8:34 UTC (permalink / raw)
To: qemu-devel
Cc: Kevin Wolf, Michael S. Tsirkin, Jason Wang, Greg Kurz, Max Reitz,
Aneesh Kumar K.V, Stefan Hajnoczi, Cornelia Huck, Paolo Bonzini
This error is caused by a buggy guest: let's switch the device to the
broken state instead of terminating QEMU. Also we detach the element
from the virtqueue and free it.
Signed-off-by: Greg Kurz <groug@kaod.org>
---
v3: - detach and free element
- updated changelog
---
hw/net/virtio-net.c | 7 +++++--
1 file changed, 5 insertions(+), 2 deletions(-)
diff --git a/hw/net/virtio-net.c b/hw/net/virtio-net.c
index 01f1351554aa..2c02ba8a70a4 100644
--- a/hw/net/virtio-net.c
+++ b/hw/net/virtio-net.c
@@ -875,6 +875,7 @@ static int virtio_net_handle_mq(VirtIONet *n, uint8_t cmd,
return VIRTIO_NET_OK;
}
+
static void virtio_net_handle_ctrl(VirtIODevice *vdev, VirtQueue *vq)
{
VirtIONet *n = VIRTIO_NET(vdev);
@@ -892,8 +893,10 @@ static void virtio_net_handle_ctrl(VirtIODevice *vdev, VirtQueue *vq)
}
if (iov_size(elem->in_sg, elem->in_num) < sizeof(status) ||
iov_size(elem->out_sg, elem->out_num) < sizeof(ctrl)) {
- error_report("virtio-net ctrl missing headers");
- exit(1);
+ virtio_error(vdev, "virtio-net ctrl missing headers");
+ virtqueue_detach_element(vq, elem, 0);
+ g_free(elem);
+ break;
}
iov_cnt = elem->out_num;
^ permalink raw reply related [flat|nested] 20+ messages in thread
* [Qemu-devel] [PATCH v3 6/9] virtio-net: handle virtio_net_receive() errors
2016-09-26 8:33 [Qemu-devel] [PATCH v3 0/9] virtio: avoid inappropriate QEMU termination Greg Kurz
` (4 preceding siblings ...)
2016-09-26 8:34 ` [Qemu-devel] [PATCH v3 5/9] virtio-net: handle virtio_net_handle_ctrl() error Greg Kurz
@ 2016-09-26 8:34 ` Greg Kurz
2016-09-26 16:27 ` Stefan Hajnoczi
2016-09-26 8:34 ` [Qemu-devel] [PATCH v3 7/9] virtio-net: handle virtio_net_flush_tx() errors Greg Kurz
` (3 subsequent siblings)
9 siblings, 1 reply; 20+ messages in thread
From: Greg Kurz @ 2016-09-26 8:34 UTC (permalink / raw)
To: qemu-devel
Cc: Kevin Wolf, Michael S. Tsirkin, Jason Wang, Greg Kurz, Max Reitz,
Aneesh Kumar K.V, Stefan Hajnoczi, Cornelia Huck, Paolo Bonzini
All these errors are caused by a buggy guest: let's switch the device to
the broken state instead of terminating QEMU. Also we detach the element
from the virtqueue and free it.
Signed-off-by: Greg Kurz <groug@kaod.org>
Reviewed-by: Cornelia Huck <cornelia.huck@de.ibm.com>
---
v3: - detach and free element
- updated changelog
---
hw/net/virtio-net.c | 27 +++++++++++++++------------
1 file changed, 15 insertions(+), 12 deletions(-)
diff --git a/hw/net/virtio-net.c b/hw/net/virtio-net.c
index 2c02ba8a70a4..10a4c745f0bd 100644
--- a/hw/net/virtio-net.c
+++ b/hw/net/virtio-net.c
@@ -1125,21 +1125,24 @@ static ssize_t virtio_net_receive(NetClientState *nc, const uint8_t *buf, size_t
elem = virtqueue_pop(q->rx_vq, sizeof(VirtQueueElement));
if (!elem) {
- if (i == 0)
- return -1;
- error_report("virtio-net unexpected empty queue: "
- "i %zd mergeable %d offset %zd, size %zd, "
- "guest hdr len %zd, host hdr len %zd "
- "guest features 0x%" PRIx64,
- i, n->mergeable_rx_bufs, offset, size,
- n->guest_hdr_len, n->host_hdr_len,
- vdev->guest_features);
- exit(1);
+ if (i) {
+ virtio_error(vdev, "virtio-net unexpected empty queue: "
+ "i %zd mergeable %d offset %zd, size %zd, "
+ "guest hdr len %zd, host hdr len %zd "
+ "guest features 0x%" PRIx64,
+ i, n->mergeable_rx_bufs, offset, size,
+ n->guest_hdr_len, n->host_hdr_len,
+ vdev->guest_features);
+ }
+ return -1;
}
if (elem->in_num < 1) {
- error_report("virtio-net receive queue contains no in buffers");
- exit(1);
+ virtio_error(vdev,
+ "virtio-net receive queue contains no in buffers");
+ virtqueue_detach_element(q->rx_vq, elem, 0);
+ g_free(elem);
+ return -1;
}
sg = elem->in_sg;
^ permalink raw reply related [flat|nested] 20+ messages in thread
* [Qemu-devel] [PATCH v3 7/9] virtio-net: handle virtio_net_flush_tx() errors
2016-09-26 8:33 [Qemu-devel] [PATCH v3 0/9] virtio: avoid inappropriate QEMU termination Greg Kurz
` (5 preceding siblings ...)
2016-09-26 8:34 ` [Qemu-devel] [PATCH v3 6/9] virtio-net: handle virtio_net_receive() errors Greg Kurz
@ 2016-09-26 8:34 ` Greg Kurz
2016-09-26 16:28 ` Stefan Hajnoczi
2016-09-26 8:34 ` [Qemu-devel] [PATCH v3 8/9] virtio-scsi: convert virtio_scsi_bad_req() to use virtio_error() Greg Kurz
` (2 subsequent siblings)
9 siblings, 1 reply; 20+ messages in thread
From: Greg Kurz @ 2016-09-26 8:34 UTC (permalink / raw)
To: qemu-devel
Cc: Kevin Wolf, Michael S. Tsirkin, Jason Wang, Greg Kurz, Max Reitz,
Aneesh Kumar K.V, Stefan Hajnoczi, Cornelia Huck, Paolo Bonzini
All these errors are caused by a buggy guest: let's switch the device to
the broken state instead of terminating QEMU. Also we detach the element
from the virtqueue and free it.
If this happens, virtio_net_flush_tx() also returns -EINVAL, so that all
callers can stop processing the virtqueue immediatly.
Signed-off-by: Greg Kurz <groug@kaod.org>
---
v3: - detach and free element
- updated changelog
---
hw/net/virtio-net.c | 26 ++++++++++++++++++--------
1 file changed, 18 insertions(+), 8 deletions(-)
diff --git a/hw/net/virtio-net.c b/hw/net/virtio-net.c
index 10a4c745f0bd..6eb571616884 100644
--- a/hw/net/virtio-net.c
+++ b/hw/net/virtio-net.c
@@ -1244,15 +1244,19 @@ static int32_t virtio_net_flush_tx(VirtIONetQueue *q)
out_num = elem->out_num;
out_sg = elem->out_sg;
if (out_num < 1) {
- error_report("virtio-net header not in first element");
- exit(1);
+ virtio_error(vdev, "virtio-net header not in first element");
+ virtqueue_detach_element(q->tx_vq, elem, 0);
+ g_free(elem);
+ return -EINVAL;
}
if (n->has_vnet_hdr) {
if (iov_to_buf(out_sg, out_num, 0, &mhdr, n->guest_hdr_len) <
n->guest_hdr_len) {
- error_report("virtio-net header incorrect");
- exit(1);
+ virtio_error(vdev, "virtio-net header incorrect");
+ virtqueue_detach_element(q->tx_vq, elem, 0);
+ g_free(elem);
+ return -EINVAL;
}
if (n->needs_vnet_hdr_swap) {
virtio_net_hdr_swap(vdev, (void *) &mhdr);
@@ -1320,7 +1324,9 @@ static void virtio_net_handle_tx_timer(VirtIODevice *vdev, VirtQueue *vq)
virtio_queue_set_notification(vq, 1);
timer_del(q->tx_timer);
q->tx_waiting = 0;
- virtio_net_flush_tx(q);
+ if (virtio_net_flush_tx(q) == -EINVAL) {
+ return;
+ }
} else {
timer_mod(q->tx_timer,
qemu_clock_get_ns(QEMU_CLOCK_VIRTUAL) + n->tx_timeout);
@@ -1391,8 +1397,9 @@ static void virtio_net_tx_bh(void *opaque)
}
ret = virtio_net_flush_tx(q);
- if (ret == -EBUSY) {
- return; /* Notification re-enable handled by tx_complete */
+ if (ret == -EBUSY || ret == -EINVAL) {
+ return; /* Notification re-enable handled by tx_complete or device
+ * broken */
}
/* If we flush a full burst of packets, assume there are
@@ -1407,7 +1414,10 @@ static void virtio_net_tx_bh(void *opaque)
* anything that may have come in while we weren't looking. If
* we find something, assume the guest is still active and reschedule */
virtio_queue_set_notification(q->tx_vq, 1);
- if (virtio_net_flush_tx(q) > 0) {
+ ret = virtio_net_flush_tx(q);
+ if (ret == -EINVAL) {
+ return;
+ } else if (ret > 0) {
virtio_queue_set_notification(q->tx_vq, 0);
qemu_bh_schedule(q->tx_bh);
q->tx_waiting = 1;
^ permalink raw reply related [flat|nested] 20+ messages in thread
* [Qemu-devel] [PATCH v3 8/9] virtio-scsi: convert virtio_scsi_bad_req() to use virtio_error()
2016-09-26 8:33 [Qemu-devel] [PATCH v3 0/9] virtio: avoid inappropriate QEMU termination Greg Kurz
` (6 preceding siblings ...)
2016-09-26 8:34 ` [Qemu-devel] [PATCH v3 7/9] virtio-net: handle virtio_net_flush_tx() errors Greg Kurz
@ 2016-09-26 8:34 ` Greg Kurz
2016-09-26 16:35 ` Stefan Hajnoczi
2016-09-26 8:35 ` [Qemu-devel] [PATCH v3 9/9] virtio-scsi: handle virtio_scsi_set_config() error Greg Kurz
2016-09-26 9:00 ` [Qemu-devel] [PATCH v3 0/9] virtio: avoid inappropriate QEMU termination no-reply
9 siblings, 1 reply; 20+ messages in thread
From: Greg Kurz @ 2016-09-26 8:34 UTC (permalink / raw)
To: qemu-devel
Cc: Kevin Wolf, Michael S. Tsirkin, Jason Wang, Greg Kurz, Max Reitz,
Aneesh Kumar K.V, Stefan Hajnoczi, Cornelia Huck, Paolo Bonzini
The virtio_scsi_bad_req() function is called when a guest sends a
request with missing or ill-sized headers. This generally happens
when the virtio_scsi_parse_req() function returns an error.
With this patch, virtio_scsi_bad_req() will mark the device as broken,
detach the request from the virtqueue and free it, instead of forcing
QEMU to exit.
In nearly all locations where virtio_scsi_bad_req() is called, the only
thing to do next is to return to the caller.
The virtio_scsi_handle_cmd_req_prepare() function is an exception though.
It is called in a loop by virtio_scsi_handle_cmd_vq() and passed requests
freshly popped from a cmd virtqueue; virtio_scsi_handle_cmd_req_prepare()
does some sanity checks on the request and returns a boolean flag to
indicate whether the request should be queued or not. In the latter case,
virtio_scsi_handle_cmd_req_prepare() has detected a non-fatal error and
sent a response back to the guest.
We have now a new condition to take into account: the device is broken
and should stop all processing.
The return value of virtio_scsi_handle_cmd_req_prepare() is hence changed
to an int. A return value of zero means that the request should be queued.
Other non-fatal error cases where the reqyest shoudn't be queued return
a negative errno (values are vaguely inspired by the error condition, but
the only goal here is to discriminate the case we're interested in).
And finally, if virtio_scsi_bad_req() was called, -EINVAL is returned. In
this case, virtio_scsi_handle_cmd_vq() detaches and frees already queued
requests, instead of submitting them.
Signed-off-by: Greg Kurz <groug@kaod.org>
---
v3: - detach and free element in virtio_scsi_bad_req()
- detach and free all queued requests in virtio_scsi_handle_cmd_vq()
- updated changelog
---
hw/scsi/virtio-scsi.c | 44 +++++++++++++++++++++++++++++++-------------
1 file changed, 31 insertions(+), 13 deletions(-)
diff --git a/hw/scsi/virtio-scsi.c b/hw/scsi/virtio-scsi.c
index e596b6474131..fca23185a7fd 100644
--- a/hw/scsi/virtio-scsi.c
+++ b/hw/scsi/virtio-scsi.c
@@ -81,10 +81,11 @@ static void virtio_scsi_complete_req(VirtIOSCSIReq *req)
virtio_scsi_free_req(req);
}
-static void virtio_scsi_bad_req(void)
+static void virtio_scsi_bad_req(VirtIOSCSIReq *req)
{
- error_report("wrong size for virtio-scsi headers");
- exit(1);
+ virtio_error(VIRTIO_DEVICE(req->dev), "wrong size for virtio-scsi headers");
+ virtqueue_detach_element(req->vq, &req->elem, 0);
+ virtio_scsi_free_req(req);
}
static size_t qemu_sgl_concat(VirtIOSCSIReq *req, struct iovec *iov,
@@ -387,7 +388,7 @@ static void virtio_scsi_handle_ctrl_req(VirtIOSCSI *s, VirtIOSCSIReq *req)
if (iov_to_buf(req->elem.out_sg, req->elem.out_num, 0,
&type, sizeof(type)) < sizeof(type)) {
- virtio_scsi_bad_req();
+ virtio_scsi_bad_req(req);
return;
}
@@ -395,7 +396,8 @@ static void virtio_scsi_handle_ctrl_req(VirtIOSCSI *s, VirtIOSCSIReq *req)
if (type == VIRTIO_SCSI_T_TMF) {
if (virtio_scsi_parse_req(req, sizeof(VirtIOSCSICtrlTMFReq),
sizeof(VirtIOSCSICtrlTMFResp)) < 0) {
- virtio_scsi_bad_req();
+ virtio_scsi_bad_req(req);
+ return;
} else {
r = virtio_scsi_do_tmf(s, req);
}
@@ -404,7 +406,8 @@ static void virtio_scsi_handle_ctrl_req(VirtIOSCSI *s, VirtIOSCSIReq *req)
type == VIRTIO_SCSI_T_AN_SUBSCRIBE) {
if (virtio_scsi_parse_req(req, sizeof(VirtIOSCSICtrlANReq),
sizeof(VirtIOSCSICtrlANResp)) < 0) {
- virtio_scsi_bad_req();
+ virtio_scsi_bad_req(req);
+ return;
} else {
req->resp.an.event_actual = 0;
req->resp.an.response = VIRTIO_SCSI_S_OK;
@@ -521,7 +524,7 @@ static void virtio_scsi_fail_cmd_req(VirtIOSCSIReq *req)
virtio_scsi_complete_cmd_req(req);
}
-static bool virtio_scsi_handle_cmd_req_prepare(VirtIOSCSI *s, VirtIOSCSIReq *req)
+static int virtio_scsi_handle_cmd_req_prepare(VirtIOSCSI *s, VirtIOSCSIReq *req)
{
VirtIOSCSICommon *vs = &s->parent_obj;
SCSIDevice *d;
@@ -532,17 +535,18 @@ static bool virtio_scsi_handle_cmd_req_prepare(VirtIOSCSI *s, VirtIOSCSIReq *req
if (rc < 0) {
if (rc == -ENOTSUP) {
virtio_scsi_fail_cmd_req(req);
+ return -ENOTSUP;
} else {
- virtio_scsi_bad_req();
+ virtio_scsi_bad_req(req);
+ return -EINVAL;
}
- return false;
}
d = virtio_scsi_device_find(s, req->req.cmd.lun);
if (!d) {
req->resp.cmd.response = VIRTIO_SCSI_S_BAD_TARGET;
virtio_scsi_complete_cmd_req(req);
- return false;
+ return -ENOENT;
}
virtio_scsi_ctx_check(s, d);
req->sreq = scsi_req_new(d, req->req.cmd.tag,
@@ -554,7 +558,7 @@ static bool virtio_scsi_handle_cmd_req_prepare(VirtIOSCSI *s, VirtIOSCSIReq *req
req->sreq->cmd.xfer > req->qsgl.size)) {
req->resp.cmd.response = VIRTIO_SCSI_S_OVERRUN;
virtio_scsi_complete_cmd_req(req);
- return false;
+ return -ENOBUFS;
}
scsi_req_ref(req->sreq);
blk_io_plug(d->conf.blk);
@@ -574,11 +578,24 @@ static void virtio_scsi_handle_cmd_req_submit(VirtIOSCSI *s, VirtIOSCSIReq *req)
void virtio_scsi_handle_cmd_vq(VirtIOSCSI *s, VirtQueue *vq)
{
VirtIOSCSIReq *req, *next;
+ int ret;
+
QTAILQ_HEAD(, VirtIOSCSIReq) reqs = QTAILQ_HEAD_INITIALIZER(reqs);
while ((req = virtio_scsi_pop_req(s, vq))) {
- if (virtio_scsi_handle_cmd_req_prepare(s, req)) {
+ ret = virtio_scsi_handle_cmd_req_prepare(s, req);
+ if (!ret) {
QTAILQ_INSERT_TAIL(&reqs, req, next);
+ } else if (ret == -EINVAL) {
+ /* The device is broken and shouldn't process any request */
+ while (!QTAILQ_EMPTY(&reqs)) {
+ req = QTAILQ_FIRST(&reqs);
+ QTAILQ_REMOVE(&reqs, req, next);
+ blk_io_unplug(req->sreq->dev->conf.blk);
+ scsi_req_unref(req->sreq);
+ virtqueue_detach_element(req->vq, &req->elem, 0);
+ virtio_scsi_free_req(req);
+ }
}
}
@@ -708,7 +725,8 @@ void virtio_scsi_push_event(VirtIOSCSI *s, SCSIDevice *dev,
}
if (virtio_scsi_parse_req(req, 0, sizeof(VirtIOSCSIEvent))) {
- virtio_scsi_bad_req();
+ virtio_scsi_bad_req(req);
+ goto out;
}
evt = &req->resp.event;
^ permalink raw reply related [flat|nested] 20+ messages in thread
* [Qemu-devel] [PATCH v3 9/9] virtio-scsi: handle virtio_scsi_set_config() error
2016-09-26 8:33 [Qemu-devel] [PATCH v3 0/9] virtio: avoid inappropriate QEMU termination Greg Kurz
` (7 preceding siblings ...)
2016-09-26 8:34 ` [Qemu-devel] [PATCH v3 8/9] virtio-scsi: convert virtio_scsi_bad_req() to use virtio_error() Greg Kurz
@ 2016-09-26 8:35 ` Greg Kurz
2016-09-26 16:36 ` Stefan Hajnoczi
2016-09-26 9:00 ` [Qemu-devel] [PATCH v3 0/9] virtio: avoid inappropriate QEMU termination no-reply
9 siblings, 1 reply; 20+ messages in thread
From: Greg Kurz @ 2016-09-26 8:35 UTC (permalink / raw)
To: qemu-devel
Cc: Kevin Wolf, Michael S. Tsirkin, Jason Wang, Greg Kurz, Max Reitz,
Aneesh Kumar K.V, Stefan Hajnoczi, Cornelia Huck, Paolo Bonzini
This error is caused by a buggy guest: let's switch the device to the
broken state instead of terminating QEMU.
Signed-off-by: Greg Kurz <groug@kaod.org>
---
hw/scsi/virtio-scsi.c | 5 +++--
1 file changed, 3 insertions(+), 2 deletions(-)
diff --git a/hw/scsi/virtio-scsi.c b/hw/scsi/virtio-scsi.c
index fca23185a7fd..c424c591ca95 100644
--- a/hw/scsi/virtio-scsi.c
+++ b/hw/scsi/virtio-scsi.c
@@ -644,8 +644,9 @@ static void virtio_scsi_set_config(VirtIODevice *vdev,
if ((uint32_t) virtio_ldl_p(vdev, &scsiconf->sense_size) >= 65536 ||
(uint32_t) virtio_ldl_p(vdev, &scsiconf->cdb_size) >= 256) {
- error_report("bad data written to virtio-scsi configuration space");
- exit(1);
+ virtio_error(vdev,
+ "bad data written to virtio-scsi configuration space");
+ return;
}
vs->sense_size = virtio_ldl_p(vdev, &scsiconf->sense_size);
^ permalink raw reply related [flat|nested] 20+ messages in thread
* Re: [Qemu-devel] [PATCH v3 0/9] virtio: avoid inappropriate QEMU termination
2016-09-26 8:33 [Qemu-devel] [PATCH v3 0/9] virtio: avoid inappropriate QEMU termination Greg Kurz
` (8 preceding siblings ...)
2016-09-26 8:35 ` [Qemu-devel] [PATCH v3 9/9] virtio-scsi: handle virtio_scsi_set_config() error Greg Kurz
@ 2016-09-26 9:00 ` no-reply
9 siblings, 0 replies; 20+ messages in thread
From: no-reply @ 2016-09-26 9:00 UTC (permalink / raw)
To: groug
Cc: famz, qemu-devel, kwolf, mst, jasowang, mreitz, aneesh.kumar,
stefanha, cornelia.huck, pbonzini
Hi,
Your series failed automatic build test. Please find the testing commands and
their output below. If you have docker installed, you can probably reproduce it
locally.
Message-id: 147487882735.6679.8076815106195077844.stgit@bahia
Subject: [Qemu-devel] [PATCH v3 0/9] virtio: avoid inappropriate QEMU termination
Type: series
=== TEST SCRIPT BEGIN ===
#!/bin/bash
set -e
git submodule update --init dtc
# Let docker tests dump environment info
export SHOW_ENV=1
make J=8 docker-test-quick@centos6
make J=8 docker-test-mingw@fedora
=== TEST SCRIPT END ===
Updating 3c8cf5a9c21ff8782164d1def7f44bd888713384
From https://github.com/patchew-project/qemu
- [tag update] patchew/1474291685-24226-1-git-send-email-stefanha@redhat.com -> patchew/1474291685-24226-1-git-send-email-stefanha@redhat.com
- [tag update] patchew/1474615909-17069-1-git-send-email-pbonzini@redhat.com -> patchew/1474615909-17069-1-git-send-email-pbonzini@redhat.com
* [new tag] patchew/147487882735.6679.8076815106195077844.stgit@bahia -> patchew/147487882735.6679.8076815106195077844.stgit@bahia
Switched to a new branch 'test'
61c4f06 virtio-scsi: handle virtio_scsi_set_config() error
8f3d3fc virtio-scsi: convert virtio_scsi_bad_req() to use virtio_error()
aecb2f7 virtio-net: handle virtio_net_flush_tx() errors
7ce4651 virtio-net: handle virtio_net_receive() errors
c2c6e4e virtio-net: handle virtio_net_handle_ctrl() error
acf061d virtio-blk: handle virtio_blk_handle_request() errors
415e19a virtio-9p: handle handle_9p_output() error
9ac585e virtio-blk: make some functions static
bbfeed8 virtio-9p: add parentheses to sizeof operator
=== OUTPUT BEGIN ===
Submodule 'dtc' (git://git.qemu-project.org/dtc.git) registered for path 'dtc'
Cloning into 'dtc'...
Submodule path 'dtc': checked out '65cc4d2748a2c2e6f27f1cf39e07a5dbabd80ebf'
BUILD centos6
ARCHIVE qemu.tgz
ARCHIVE dtc.tgz
COPY RUNNER
RUN test-quick in centos6
Packages installed:
SDL-devel-1.2.14-7.el6_7.1.x86_64
ccache-3.1.6-2.el6.x86_64
epel-release-6-8.noarch
gcc-4.4.7-17.el6.x86_64
git-1.7.1-4.el6_7.1.x86_64
glib2-devel-2.28.8-5.el6.x86_64
libfdt-devel-1.4.0-1.el6.x86_64
make-3.81-23.el6.x86_64
package g++ is not installed
pixman-devel-0.32.8-1.el6.x86_64
tar-1.23-15.el6_8.x86_64
zlib-devel-1.2.3-29.el6.x86_64
Environment variables:
PACKAGES=libfdt-devel ccache tar git make gcc g++ zlib-devel glib2-devel SDL-devel pixman-devel epel-release
HOSTNAME=0e4c4671e57f
TERM=xterm
MAKEFLAGS= -j8
HISTSIZE=1000
J=8
USER=root
CCACHE_DIR=/var/tmp/ccache
EXTRA_CONFIGURE_OPTS=
V=
SHOW_ENV=1
MAIL=/var/spool/mail/root
PATH=/usr/lib/ccache:/usr/lib64/ccache:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
PWD=/
LANG=en_US.UTF-8
TARGET_LIST=
HISTCONTROL=ignoredups
SHLVL=1
HOME=/root
TEST_DIR=/tmp/qemu-test
LOGNAME=root
LESSOPEN=||/usr/bin/lesspipe.sh %s
FEATURES= dtc
DEBUG=
G_BROKEN_FILENAMES=1
CCACHE_HASHDIR=
_=/usr/bin/env
Configure options:
--enable-werror --target-list=x86_64-softmmu,aarch64-softmmu --prefix=/tmp/qemu-test/src/tests/docker/install
No C++ compiler available; disabling C++ specific optional code
Install prefix /tmp/qemu-test/src/tests/docker/install
BIOS directory /tmp/qemu-test/src/tests/docker/install/share/qemu
binary directory /tmp/qemu-test/src/tests/docker/install/bin
library directory /tmp/qemu-test/src/tests/docker/install/lib
module directory /tmp/qemu-test/src/tests/docker/install/lib/qemu
libexec directory /tmp/qemu-test/src/tests/docker/install/libexec
include directory /tmp/qemu-test/src/tests/docker/install/include
config directory /tmp/qemu-test/src/tests/docker/install/etc
local state directory /tmp/qemu-test/src/tests/docker/install/var
Manual directory /tmp/qemu-test/src/tests/docker/install/share/man
ELF interp prefix /usr/gnemul/qemu-%M
Source path /tmp/qemu-test/src
C compiler cc
Host C compiler cc
C++ compiler
Objective-C compiler cc
ARFLAGS rv
CFLAGS -O2 -U_FORTIFY_SOURCE -D_FORTIFY_SOURCE=2 -pthread -I/usr/include/glib-2.0 -I/usr/lib64/glib-2.0/include -g
QEMU_CFLAGS -I/usr/include/pixman-1 -fPIE -DPIE -m64 -D_GNU_SOURCE -D_FILE_OFFSET_BITS=64 -D_LARGEFILE_SOURCE -Wstrict-prototypes -Wredundant-decls -Wall -Wundef -Wwrite-strings -Wmissing-prototypes -fno-strict-aliasing -fno-common -fwrapv -Wendif-labels -Wmissing-include-dirs -Wempty-body -Wnested-externs -Wformat-security -Wformat-y2k -Winit-self -Wignored-qualifiers -Wold-style-declaration -Wold-style-definition -Wtype-limits -fstack-protector-all
LDFLAGS -Wl,--warn-common -Wl,-z,relro -Wl,-z,now -pie -m64 -g
make make
install install
python python -B
smbd /usr/sbin/smbd
module support no
host CPU x86_64
host big endian no
target list x86_64-softmmu aarch64-softmmu
tcg debug enabled no
gprof enabled no
sparse enabled no
strip binaries yes
profiler no
static build no
pixman system
SDL support yes (1.2.14)
GTK support no
GTK GL support no
VTE support no
TLS priority NORMAL
GNUTLS support no
GNUTLS rnd no
libgcrypt no
libgcrypt kdf no
nettle no
nettle kdf no
libtasn1 no
curses support no
virgl support no
curl support no
mingw32 support no
Audio drivers oss
Block whitelist (rw)
Block whitelist (ro)
VirtFS support no
VNC support yes
VNC SASL support no
VNC JPEG support no
VNC PNG support no
xen support no
brlapi support no
bluez support no
Documentation no
PIE yes
vde support no
netmap support no
Linux AIO support no
ATTR/XATTR support yes
Install blobs yes
KVM support yes
RDMA support no
TCG interpreter no
fdt support yes
preadv support yes
fdatasync yes
madvise yes
posix_madvise yes
libcap-ng support no
vhost-net support yes
vhost-scsi support yes
vhost-vsock support yes
Trace backends log
spice support no
rbd support no
xfsctl support no
smartcard support no
libusb no
usb net redir no
OpenGL support no
OpenGL dmabufs no
libiscsi support no
libnfs support no
build guest agent yes
QGA VSS support no
QGA w32 disk info no
QGA MSI support no
seccomp support no
coroutine backend ucontext
coroutine pool yes
GlusterFS support no
Archipelago support no
gcov gcov
gcov enabled no
TPM support yes
libssh2 support no
TPM passthrough yes
QOM debugging yes
lzo support no
snappy support no
bzip2 support no
NUMA host support no
tcmalloc support no
jemalloc support no
avx2 optimization no
replication support yes
GEN x86_64-softmmu/config-devices.mak.tmp
GEN aarch64-softmmu/config-devices.mak.tmp
GEN config-host.h
GEN qemu-options.def
GEN qmp-commands.h
GEN qapi-types.h
GEN qapi-visit.h
GEN qapi-event.h
GEN x86_64-softmmu/config-devices.mak
GEN aarch64-softmmu/config-devices.mak
GEN qmp-introspect.h
GEN module_block.h
GEN tests/test-qapi-types.h
GEN tests/test-qapi-visit.h
GEN tests/test-qmp-commands.h
GEN tests/test-qapi-event.h
GEN tests/test-qmp-introspect.h
GEN config-all-devices.mak
GEN trace/generated-events.h
GEN trace/generated-tracers.h
GEN trace/generated-tcg-tracers.h
GEN trace/generated-helpers-wrappers.h
GEN trace/generated-helpers.h
CC tests/qemu-iotests/socket_scm_helper.o
GEN qga/qapi-generated/qga-qapi-types.h
GEN qga/qapi-generated/qga-qapi-visit.h
GEN qga/qapi-generated/qga-qmp-commands.h
GEN qga/qapi-generated/qga-qapi-types.c
GEN qga/qapi-generated/qga-qapi-visit.c
GEN qga/qapi-generated/qga-qmp-marshal.c
GEN qmp-introspect.c
GEN qapi-types.c
GEN qapi-visit.c
GEN qapi-event.c
CC qapi/qapi-visit-core.o
CC qapi/qapi-dealloc-visitor.o
CC qapi/qmp-input-visitor.o
CC qapi/qmp-output-visitor.o
CC qapi/qmp-registry.o
CC qapi/qmp-dispatch.o
CC qapi/string-input-visitor.o
CC qapi/opts-visitor.o
CC qapi/string-output-visitor.o
CC qapi/qapi-clone-visitor.o
CC qapi/qmp-event.o
CC qapi/qapi-util.o
CC qobject/qnull.o
CC qobject/qint.o
CC qobject/qstring.o
CC qobject/qdict.o
CC qobject/qlist.o
CC qobject/qfloat.o
CC qobject/qbool.o
CC qobject/qjson.o
CC qobject/qobject.o
CC qobject/json-lexer.o
CC qobject/json-streamer.o
CC qobject/json-parser.o
GEN trace/generated-events.c
CC trace/control.o
CC trace/qmp.o
CC util/osdep.o
CC util/cutils.o
CC util/unicode.o
CC util/qemu-timer-common.o
CC util/bufferiszero.o
CC util/compatfd.o
CC util/event_notifier-posix.o
CC util/mmap-alloc.o
CC util/oslib-posix.o
CC util/qemu-openpty.o
CC util/qemu-thread-posix.o
CC util/memfd.o
CC util/envlist.o
CC util/path.o
CC util/module.o
CC util/bitmap.o
CC util/hbitmap.o
CC util/bitops.o
CC util/fifo8.o
CC util/acl.o
CC util/error.o
CC util/qemu-error.o
CC util/id.o
CC util/iov.o
CC util/qemu-config.o
CC util/qemu-sockets.o
CC util/uri.o
CC util/notify.o
CC util/qemu-option.o
CC util/qemu-progress.o
CC util/hexdump.o
CC util/crc32c.o
CC util/uuid.o
CC util/throttle.o
CC util/getauxval.o
CC util/readline.o
CC util/rfifolock.o
CC util/rcu.o
CC util/qemu-coroutine.o
CC util/qemu-coroutine-lock.o
CC util/qemu-coroutine-io.o
CC util/qemu-coroutine-sleep.o
CC util/coroutine-ucontext.o
CC util/buffer.o
CC util/timed-average.o
CC util/base64.o
CC util/log.o
CC util/qdist.o
CC util/qht.o
CC util/range.o
CC crypto/pbkdf-stub.o
CC stubs/arch-query-cpu-def.o
/tmp/qemu-test/src/util/qht.c: In function ‘qht_reset_size’:
/tmp/qemu-test/src/util/qht.c:413: warning: ‘new’ may be used uninitialized in this function
CC stubs/arch-query-cpu-model-expansion.o
CC stubs/arch-query-cpu-model-comparison.o
CC stubs/arch-query-cpu-model-baseline.o
CC stubs/bdrv-next-monitor-owned.o
CC stubs/blk-commit-all.o
CC stubs/blockdev-close-all-bdrv-states.o
CC stubs/clock-warp.o
CC stubs/cpu-get-clock.o
CC stubs/cpu-get-icount.o
CC stubs/dump.o
CC stubs/fdset-add-fd.o
CC stubs/fdset-find-fd.o
CC stubs/fdset-get-fd.o
CC stubs/fdset-remove-fd.o
CC stubs/gdbstub.o
CC stubs/get-fd.o
CC stubs/get-next-serial.o
CC stubs/get-vm-name.o
CC stubs/iothread-lock.o
CC stubs/is-daemonized.o
CC stubs/machine-init-done.o
CC stubs/migr-blocker.o
CC stubs/mon-is-qmp.o
CC stubs/mon-printf.o
CC stubs/monitor-init.o
CC stubs/notify-event.o
CC stubs/qtest.o
CC stubs/replay.o
CC stubs/replay-user.o
CC stubs/reset.o
CC stubs/runstate-check.o
CC stubs/set-fd-handler.o
CC stubs/slirp.o
CC stubs/sysbus.o
CC stubs/trace-control.o
CC stubs/uuid.o
CC stubs/vm-stop.o
CC stubs/vmstate.o
CC stubs/cpus.o
CC stubs/kvm.o
CC stubs/qmp_pc_dimm_device_list.o
CC stubs/target-monitor-defs.o
CC stubs/target-get-monitor-def.o
CC stubs/vhost.o
CC stubs/iohandler.o
CC stubs/smbios_type_38.o
CC stubs/ipmi.o
CC stubs/pc_madt_cpu_entry.o
CC contrib/ivshmem-client/ivshmem-client.o
CC contrib/ivshmem-client/main.o
CC contrib/ivshmem-server/ivshmem-server.o
CC contrib/ivshmem-server/main.o
CC qemu-nbd.o
CC async.o
CC thread-pool.o
CC block.o
CC blockjob.o
CC main-loop.o
CC iohandler.o
CC qemu-timer.o
CC aio-posix.o
CC qemu-io-cmds.o
CC replication.o
CC block/raw_bsd.o
CC block/qcow.o
CC block/vdi.o
CC block/vmdk.o
CC block/cloop.o
CC block/bochs.o
CC block/vpc.o
CC block/vvfat.o
CC block/dmg.o
CC block/qcow2.o
CC block/qcow2-refcount.o
CC block/qcow2-cluster.o
CC block/qcow2-snapshot.o
CC block/qcow2-cache.o
CC block/qed.o
CC block/qed-gencb.o
CC block/qed-l2-cache.o
CC block/qed-table.o
CC block/qed-cluster.o
CC block/qed-check.o
CC block/vhdx.o
CC block/vhdx-endian.o
CC block/vhdx-log.o
CC block/quorum.o
CC block/parallels.o
CC block/blkdebug.o
CC block/blkverify.o
CC block/blkreplay.o
CC block/block-backend.o
CC block/snapshot.o
CC block/qapi.o
CC block/raw-posix.o
CC block/null.o
CC block/mirror.o
CC block/commit.o
CC block/io.o
CC block/throttle-groups.o
CC block/nbd.o
CC block/nbd-client.o
CC block/sheepdog.o
CC block/accounting.o
CC block/dirty-bitmap.o
CC block/write-threshold.o
CC block/backup.o
CC block/replication.o
CC block/crypto.o
CC nbd/server.o
CC nbd/client.o
CC nbd/common.o
CC crypto/init.o
CC crypto/hash.o
CC crypto/hash-glib.o
CC crypto/aes.o
CC crypto/desrfb.o
CC crypto/cipher.o
CC crypto/tlscreds.o
CC crypto/tlscredsanon.o
CC crypto/tlscredsx509.o
CC crypto/tlssession.o
CC crypto/secret.o
CC crypto/random-platform.o
CC crypto/pbkdf.o
CC crypto/ivgen.o
CC crypto/ivgen-essiv.o
CC crypto/ivgen-plain.o
CC crypto/ivgen-plain64.o
CC crypto/afsplit.o
CC crypto/xts.o
CC crypto/block.o
CC crypto/block-qcow.o
CC crypto/block-luks.o
CC io/channel.o
CC io/channel-buffer.o
CC io/channel-command.o
CC io/channel-file.o
CC io/channel-socket.o
CC io/channel-tls.o
CC io/channel-watch.o
CC io/channel-websock.o
CC io/channel-util.o
CC io/task.o
CC qom/object.o
CC qom/container.o
CC qom/qom-qobject.o
CC qom/object_interfaces.o
GEN qemu-img-cmds.h
CC qemu-io.o
CC qemu-bridge-helper.o
CC blockdev.o
CC blockdev-nbd.o
CC iothread.o
CC qdev-monitor.o
CC device-hotplug.o
CC os-posix.o
CC qemu-char.o
CC page_cache.o
CC accel.o
CC bt-host.o
CC bt-vhci.o
CC dma-helpers.o
CC vl.o
CC tpm.o
CC device_tree.o
GEN qmp-marshal.c
CC qmp.o
CC hmp.o
CC tcg-runtime.o
CC audio/audio.o
CC audio/noaudio.o
CC audio/wavaudio.o
CC audio/mixeng.o
CC audio/sdlaudio.o
CC audio/ossaudio.o
CC audio/wavcapture.o
CC backends/rng.o
CC backends/rng-egd.o
CC backends/rng-random.o
CC backends/msmouse.o
CC backends/testdev.o
CC backends/tpm.o
CC backends/hostmem.o
CC backends/hostmem-ram.o
CC backends/hostmem-file.o
CC block/stream.o
CC disas/arm.o
CC disas/i386.o
CC fsdev/qemu-fsdev-dummy.o
CC fsdev/qemu-fsdev-opts.o
CC hw/acpi/core.o
CC hw/acpi/piix4.o
CC hw/acpi/pcihp.o
CC hw/acpi/ich9.o
CC hw/acpi/tco.o
CC hw/acpi/cpu_hotplug.o
CC hw/acpi/memory_hotplug.o
CC hw/acpi/memory_hotplug_acpi_table.o
CC hw/acpi/cpu.o
CC hw/acpi/acpi_interface.o
CC hw/acpi/bios-linker-loader.o
CC hw/acpi/aml-build.o
CC hw/acpi/ipmi.o
CC hw/audio/sb16.o
CC hw/audio/es1370.o
CC hw/audio/ac97.o
CC hw/audio/fmopl.o
CC hw/audio/adlib.o
CC hw/audio/gus.o
CC hw/audio/gusemu_hal.o
CC hw/audio/gusemu_mixer.o
CC hw/audio/cs4231a.o
CC hw/audio/intel-hda.o
CC hw/audio/hda-codec.o
CC hw/audio/pcspk.o
CC hw/audio/wm8750.o
CC hw/audio/pl041.o
CC hw/audio/lm4549.o
CC hw/audio/marvell_88w8618.o
CC hw/block/block.o
CC hw/block/cdrom.o
CC hw/block/hd-geometry.o
CC hw/block/fdc.o
CC hw/block/m25p80.o
CC hw/block/nand.o
CC hw/block/pflash_cfi01.o
CC hw/block/pflash_cfi02.o
CC hw/block/ecc.o
CC hw/block/onenand.o
CC hw/block/nvme.o
CC hw/bt/core.o
CC hw/bt/l2cap.o
CC hw/bt/sdp.o
CC hw/bt/hci.o
CC hw/bt/hid.o
CC hw/bt/hci-csr.o
CC hw/char/ipoctal232.o
CC hw/char/parallel.o
CC hw/char/pl011.o
CC hw/char/serial.o
CC hw/char/serial-isa.o
CC hw/char/serial-pci.o
CC hw/char/virtio-console.o
CC hw/char/cadence_uart.o
CC hw/char/debugcon.o
CC hw/char/imx_serial.o
CC hw/core/qdev.o
CC hw/core/qdev-properties.o
CC hw/core/bus.o
CC hw/core/fw-path-provider.o
CC hw/core/irq.o
CC hw/core/hotplug.o
CC hw/core/ptimer.o
CC hw/core/sysbus.o
CC hw/core/machine.o
CC hw/core/null-machine.o
CC hw/core/loader.o
CC hw/core/qdev-properties-system.o
CC hw/core/register.o
CC hw/core/platform-bus.o
CC hw/display/ads7846.o
CC hw/display/cirrus_vga.o
CC hw/display/pl110.o
CC hw/display/ssd0303.o
CC hw/display/ssd0323.o
CC hw/display/vga-pci.o
CC hw/display/vga-isa.o
CC hw/display/vmware_vga.o
CC hw/display/blizzard.o
CC hw/display/exynos4210_fimd.o
CC hw/display/framebuffer.o
CC hw/display/tc6393xb.o
CC hw/dma/pl080.o
CC hw/dma/pl330.o
CC hw/dma/i8257.o
CC hw/dma/xlnx-zynq-devcfg.o
CC hw/gpio/max7310.o
CC hw/gpio/pl061.o
CC hw/gpio/zaurus.o
CC hw/gpio/gpio_key.o
CC hw/i2c/core.o
CC hw/i2c/smbus.o
CC hw/i2c/smbus_eeprom.o
CC hw/i2c/i2c-ddc.o
CC hw/i2c/versatile_i2c.o
CC hw/i2c/smbus_ich9.o
CC hw/i2c/pm_smbus.o
CC hw/i2c/bitbang_i2c.o
CC hw/i2c/exynos4210_i2c.o
CC hw/i2c/imx_i2c.o
CC hw/i2c/aspeed_i2c.o
CC hw/ide/core.o
CC hw/ide/atapi.o
CC hw/ide/qdev.o
CC hw/ide/pci.o
CC hw/ide/isa.o
CC hw/ide/piix.o
CC hw/ide/microdrive.o
CC hw/ide/ahci.o
CC hw/ide/ich.o
CC hw/input/hid.o
CC hw/input/lm832x.o
CC hw/input/pckbd.o
CC hw/input/pl050.o
CC hw/input/ps2.o
CC hw/input/stellaris_input.o
CC hw/input/tsc2005.o
CC hw/input/vmmouse.o
CC hw/input/virtio-input.o
CC hw/input/virtio-input-hid.o
CC hw/input/virtio-input-host.o
CC hw/intc/i8259_common.o
CC hw/intc/i8259.o
CC hw/intc/pl190.o
CC hw/intc/imx_avic.o
CC hw/intc/realview_gic.o
CC hw/intc/ioapic_common.o
CC hw/intc/arm_gic_common.o
CC hw/intc/arm_gic.o
CC hw/intc/arm_gicv2m.o
CC hw/intc/arm_gicv3_common.o
CC hw/intc/arm_gicv3.o
CC hw/intc/arm_gicv3_dist.o
CC hw/intc/arm_gicv3_redist.o
CC hw/ipack/ipack.o
CC hw/ipack/tpci200.o
CC hw/ipmi/ipmi.o
CC hw/ipmi/ipmi_bmc_sim.o
CC hw/ipmi/ipmi_bmc_extern.o
CC hw/ipmi/isa_ipmi_kcs.o
CC hw/ipmi/isa_ipmi_bt.o
CC hw/isa/isa-bus.o
CC hw/isa/apm.o
CC hw/mem/pc-dimm.o
CC hw/mem/nvdimm.o
CC hw/misc/applesmc.o
CC hw/misc/max111x.o
CC hw/misc/tmp105.o
CC hw/misc/debugexit.o
CC hw/misc/sga.o
CC hw/misc/pc-testdev.o
CC hw/misc/pci-testdev.o
CC hw/misc/arm_l2x0.o
CC hw/misc/arm_integrator_debug.o
CC hw/misc/a9scu.o
CC hw/misc/arm11scu.o
CC hw/net/ne2000.o
CC hw/net/eepro100.o
CC hw/net/pcnet-pci.o
CC hw/net/pcnet.o
CC hw/net/e1000.o
CC hw/net/e1000x_common.o
CC hw/net/net_tx_pkt.o
CC hw/net/net_rx_pkt.o
CC hw/net/e1000e.o
CC hw/net/e1000e_core.o
CC hw/net/rtl8139.o
CC hw/net/vmxnet3.o
CC hw/net/smc91c111.o
CC hw/net/lan9118.o
CC hw/net/ne2000-isa.o
CC hw/net/xgmac.o
CC hw/net/allwinner_emac.o
CC hw/net/imx_fec.o
CC hw/net/cadence_gem.o
CC hw/net/stellaris_enet.o
CC hw/net/rocker/rocker.o
CC hw/net/rocker/rocker_fp.o
CC hw/net/rocker/rocker_desc.o
CC hw/net/rocker/rocker_world.o
CC hw/net/rocker/rocker_of_dpa.o
CC hw/nvram/eeprom93xx.o
CC hw/nvram/fw_cfg.o
CC hw/pci-bridge/pci_bridge_dev.o
CC hw/pci-bridge/pci_expander_bridge.o
CC hw/pci-bridge/xio3130_upstream.o
CC hw/pci-bridge/xio3130_downstream.o
CC hw/pci-bridge/ioh3420.o
CC hw/pci-bridge/i82801b11.o
CC hw/pci-host/pam.o
CC hw/pci-host/versatile.o
CC hw/pci-host/piix.o
/tmp/qemu-test/src/hw/nvram/fw_cfg.c: In function ‘fw_cfg_dma_transfer’:
/tmp/qemu-test/src/hw/nvram/fw_cfg.c:330: warning: ‘read’ may be used uninitialized in this function
CC hw/pci-host/q35.o
CC hw/pci-host/gpex.o
CC hw/pci/pci.o
CC hw/pci/pci_bridge.o
CC hw/pci/msix.o
CC hw/pci/msi.o
CC hw/pci/shpc.o
CC hw/pci/slotid_cap.o
CC hw/pci/pci_host.o
CC hw/pci/pcie_host.o
CC hw/pci/pcie.o
CC hw/pci/pcie_aer.o
CC hw/pci/pcie_port.o
CC hw/pci/pci-stub.o
CC hw/pcmcia/pcmcia.o
CC hw/scsi/scsi-disk.o
CC hw/scsi/scsi-generic.o
CC hw/scsi/scsi-bus.o
CC hw/scsi/lsi53c895a.o
CC hw/scsi/mptsas.o
CC hw/scsi/mptconfig.o
CC hw/scsi/mptendian.o
CC hw/scsi/megasas.o
CC hw/scsi/vmw_pvscsi.o
CC hw/scsi/esp.o
CC hw/sd/pl181.o
CC hw/scsi/esp-pci.o
CC hw/sd/ssi-sd.o
CC hw/sd/sd.o
CC hw/sd/core.o
CC hw/sd/sdhci.o
CC hw/smbios/smbios.o
CC hw/smbios/smbios_type_38.o
CC hw/ssi/pl022.o
CC hw/ssi/ssi.o
CC hw/ssi/xilinx_spips.o
CC hw/ssi/aspeed_smc.o
CC hw/timer/arm_timer.o
CC hw/timer/arm_mptimer.o
CC hw/timer/a9gtimer.o
CC hw/timer/cadence_ttc.o
CC hw/timer/ds1338.o
CC hw/timer/hpet.o
CC hw/timer/i8254_common.o
CC hw/timer/i8254.o
CC hw/timer/pl031.o
CC hw/timer/twl92230.o
CC hw/timer/imx_epit.o
CC hw/timer/imx_gpt.o
CC hw/timer/stm32f2xx_timer.o
CC hw/timer/aspeed_timer.o
CC hw/tpm/tpm_tis.o
CC hw/tpm/tpm_passthrough.o
CC hw/tpm/tpm_util.o
CC hw/usb/core.o
CC hw/usb/combined-packet.o
CC hw/usb/bus.o
CC hw/usb/libhw.o
CC hw/usb/desc.o
CC hw/usb/desc-msos.o
CC hw/usb/hcd-uhci.o
CC hw/usb/hcd-ohci.o
CC hw/usb/hcd-ehci.o
CC hw/usb/hcd-ehci-pci.o
CC hw/usb/hcd-ehci-sysbus.o
CC hw/usb/hcd-xhci.o
CC hw/usb/hcd-musb.o
CC hw/usb/dev-hub.o
CC hw/usb/dev-hid.o
CC hw/usb/dev-wacom.o
CC hw/usb/dev-storage.o
CC hw/usb/dev-uas.o
CC hw/usb/dev-audio.o
CC hw/usb/dev-serial.o
CC hw/usb/dev-network.o
CC hw/usb/dev-bluetooth.o
CC hw/usb/dev-smartcard-reader.o
CC hw/usb/dev-mtp.o
CC hw/usb/host-stub.o
CC hw/virtio/virtio-rng.o
CC hw/virtio/virtio-pci.o
CC hw/virtio/virtio-bus.o
CC hw/virtio/virtio-mmio.o
CC hw/watchdog/watchdog.o
CC hw/watchdog/wdt_i6300esb.o
CC hw/watchdog/wdt_ib700.o
CC migration/migration.o
CC migration/socket.o
CC migration/fd.o
CC migration/exec.o
CC migration/tls.o
CC migration/vmstate.o
CC migration/qemu-file.o
CC migration/qemu-file-channel.o
CC migration/xbzrle.o
CC migration/postcopy-ram.o
CC migration/qjson.o
CC migration/block.o
CC net/net.o
CC net/queue.o
CC net/checksum.o
CC net/util.o
CC net/hub.o
CC net/socket.o
CC net/dump.o
CC net/eth.o
CC net/l2tpv3.o
CC net/tap.o
CC net/vhost-user.o
CC net/tap-linux.o
CC net/slirp.o
CC net/filter.o
CC net/filter-buffer.o
CC net/filter-mirror.o
CC qom/cpu.o
CC replay/replay.o
CC replay/replay-internal.o
CC replay/replay-events.o
/tmp/qemu-test/src/replay/replay-internal.c: In function ‘replay_put_array’:
/tmp/qemu-test/src/replay/replay-internal.c:68: warning: ignoring return value of ‘fwrite’, declared with attribute warn_unused_result
CC replay/replay-time.o
CC replay/replay-input.o
CC slirp/cksum.o
CC replay/replay-char.o
CC slirp/if.o
CC slirp/ip_icmp.o
CC slirp/ip6_icmp.o
CC slirp/ip6_input.o
CC slirp/ip6_output.o
CC slirp/ip_input.o
CC slirp/ip_output.o
CC slirp/dnssearch.o
CC slirp/dhcpv6.o
CC slirp/slirp.o
CC slirp/mbuf.o
CC slirp/misc.o
CC slirp/sbuf.o
CC slirp/socket.o
CC slirp/tcp_input.o
CC slirp/tcp_output.o
CC slirp/tcp_subr.o
CC slirp/tcp_timer.o
CC slirp/udp.o
CC slirp/udp6.o
CC slirp/bootp.o
/tmp/qemu-test/src/slirp/tcp_input.c: In function ‘tcp_input’:
/tmp/qemu-test/src/slirp/tcp_input.c:219: warning: ‘save_ip.ip_p’ may be used uninitialized in this function
/tmp/qemu-test/src/slirp/tcp_input.c:219: warning: ‘save_ip.ip_len’ may be used uninitialized in this function
/tmp/qemu-test/src/slirp/tcp_input.c:219: warning: ‘save_ip.ip_tos’ may be used uninitialized in this function
/tmp/qemu-test/src/slirp/tcp_input.c:219: warning: ‘save_ip.ip_id’ may be used uninitialized in this function
/tmp/qemu-test/src/slirp/tcp_input.c:219: warning: ‘save_ip.ip_off’ may be used uninitialized in this function
/tmp/qemu-test/src/slirp/tcp_input.c:219: warning: ‘save_ip.ip_ttl’ may be used uninitialized in this function
/tmp/qemu-test/src/slirp/tcp_input.c:219: warning: ‘save_ip.ip_sum’ may be used uninitialized in this function
/tmp/qemu-test/src/slirp/tcp_input.c:219: warning: ‘save_ip.ip_src.s_addr’ may be used uninitialized in this function
/tmp/qemu-test/src/slirp/tcp_input.c:219: warning: ‘save_ip.ip_dst.s_addr’ may be used uninitialized in this function
/tmp/qemu-test/src/slirp/tcp_input.c:220: warning: ‘save_ip6.ip_nh’ may be used uninitialized in this function
CC slirp/tftp.o
CC slirp/arp_table.o
CC slirp/ndp_table.o
CC ui/keymaps.o
CC ui/console.o
CC ui/cursor.o
CC ui/qemu-pixman.o
CC ui/input.o
CC ui/input-keymap.o
CC ui/input-legacy.o
CC ui/input-linux.o
CC ui/sdl.o
CC ui/sdl_zoom.o
CC ui/x_keymap.o
CC ui/vnc.o
CC ui/vnc-enc-zlib.o
CC ui/vnc-enc-hextile.o
CC ui/vnc-enc-tight.o
CC ui/vnc-palette.o
CC ui/vnc-enc-zrle.o
CC ui/vnc-auth-vencrypt.o
CC ui/vnc-ws.o
CC ui/vnc-jobs.o
LINK tests/qemu-iotests/socket_scm_helper
CC qga/commands.o
CC qga/guest-agent-command-state.o
CC qga/main.o
CC qga/commands-posix.o
CC qga/channel-posix.o
CC qga/qapi-generated/qga-qapi-types.o
CC qga/qapi-generated/qga-qapi-visit.o
CC qga/qapi-generated/qga-qmp-marshal.o
CC qmp-introspect.o
CC qapi-types.o
CC qapi-visit.o
CC qapi-event.o
AR libqemustub.a
CC qemu-img.o
CC qmp-marshal.o
AS optionrom/multiboot.o
AS optionrom/linuxboot.o
CC optionrom/linuxboot_dma.o
cc: unrecognized option '-no-integrated-as'
cc: unrecognized option '-no-integrated-as'
AS optionrom/kvmvapic.o
CC trace/generated-events.o
Building optionrom/linuxboot_dma.img
Building optionrom/multiboot.img
Building optionrom/linuxboot.img
Building optionrom/linuxboot_dma.raw
Building optionrom/multiboot.raw
Building optionrom/linuxboot.raw
Building optionrom/kvmvapic.img
AR libqemuutil.a
Building optionrom/kvmvapic.raw
Signing optionrom/multiboot.bin
Signing optionrom/linuxboot.bin
Signing optionrom/linuxboot_dma.bin
Signing optionrom/kvmvapic.bin
LINK qemu-ga
LINK ivshmem-client
LINK ivshmem-server
LINK qemu-nbd
LINK qemu-img
LINK qemu-io
LINK qemu-bridge-helper
GEN x86_64-softmmu/hmp-commands.h
GEN x86_64-softmmu/hmp-commands-info.h
GEN x86_64-softmmu/config-target.h
GEN aarch64-softmmu/hmp-commands.h
GEN aarch64-softmmu/hmp-commands-info.h
GEN aarch64-softmmu/config-target.h
CC x86_64-softmmu/exec.o
CC x86_64-softmmu/translate-all.o
CC x86_64-softmmu/cpu-exec.o
CC x86_64-softmmu/translate-common.o
CC x86_64-softmmu/cpu-exec-common.o
CC x86_64-softmmu/tcg/tcg.o
CC x86_64-softmmu/tcg/tcg-op.o
CC x86_64-softmmu/tcg/optimize.o
CC x86_64-softmmu/tcg/tcg-common.o
CC aarch64-softmmu/exec.o
CC aarch64-softmmu/translate-all.o
CC x86_64-softmmu/fpu/softfloat.o
CC x86_64-softmmu/disas.o
CC aarch64-softmmu/cpu-exec.o
CC x86_64-softmmu/arch_init.o
CC x86_64-softmmu/cpus.o
CC x86_64-softmmu/monitor.o
CC x86_64-softmmu/gdbstub.o
CC aarch64-softmmu/translate-common.o
CC aarch64-softmmu/cpu-exec-common.o
CC x86_64-softmmu/balloon.o
CC x86_64-softmmu/ioport.o
CC aarch64-softmmu/tcg/tcg.o
CC x86_64-softmmu/numa.o
CC x86_64-softmmu/qtest.o
CC aarch64-softmmu/tcg/tcg-op.o
CC x86_64-softmmu/bootdevice.o
CC aarch64-softmmu/tcg/optimize.o
CC aarch64-softmmu/tcg/tcg-common.o
CC x86_64-softmmu/kvm-all.o
CC aarch64-softmmu/fpu/softfloat.o
CC aarch64-softmmu/disas.o
GEN aarch64-softmmu/gdbstub-xml.c
CC aarch64-softmmu/kvm-stub.o
CC x86_64-softmmu/memory.o
CC aarch64-softmmu/arch_init.o
CC aarch64-softmmu/cpus.o
CC x86_64-softmmu/cputlb.o
CC aarch64-softmmu/monitor.o
CC x86_64-softmmu/memory_mapping.o
CC aarch64-softmmu/gdbstub.o
CC aarch64-softmmu/balloon.o
CC x86_64-softmmu/dump.o
CC x86_64-softmmu/migration/ram.o
CC x86_64-softmmu/migration/savevm.o
CC aarch64-softmmu/ioport.o
CC aarch64-softmmu/numa.o
CC aarch64-softmmu/qtest.o
CC aarch64-softmmu/bootdevice.o
CC x86_64-softmmu/xen-common-stub.o
CC x86_64-softmmu/xen-hvm-stub.o
CC aarch64-softmmu/memory.o
CC aarch64-softmmu/cputlb.o
CC x86_64-softmmu/hw/acpi/nvdimm.o
CC aarch64-softmmu/memory_mapping.o
CC x86_64-softmmu/hw/block/virtio-blk.o
CC aarch64-softmmu/dump.o
CC aarch64-softmmu/migration/ram.o
CC aarch64-softmmu/migration/savevm.o
CC x86_64-softmmu/hw/block/dataplane/virtio-blk.o
CC aarch64-softmmu/xen-common-stub.o
CC aarch64-softmmu/xen-hvm-stub.o
CC aarch64-softmmu/hw/block/virtio-blk.o
CC aarch64-softmmu/hw/block/dataplane/virtio-blk.o
CC x86_64-softmmu/hw/char/virtio-serial-bus.o
CC aarch64-softmmu/hw/char/exynos4210_uart.o
CC aarch64-softmmu/hw/char/omap_uart.o
CC x86_64-softmmu/hw/core/nmi.o
CC aarch64-softmmu/hw/char/digic-uart.o
CC aarch64-softmmu/hw/char/stm32f2xx_usart.o
CC x86_64-softmmu/hw/cpu/core.o
CC aarch64-softmmu/hw/char/bcm2835_aux.o
CC aarch64-softmmu/hw/char/virtio-serial-bus.o
CC x86_64-softmmu/hw/display/vga.o
CC x86_64-softmmu/hw/display/virtio-gpu.o
CC x86_64-softmmu/hw/display/virtio-gpu-3d.o
CC x86_64-softmmu/hw/display/virtio-gpu-pci.o
CC x86_64-softmmu/hw/display/virtio-vga.o
CC x86_64-softmmu/hw/intc/apic.o
CC x86_64-softmmu/hw/intc/apic_common.o
CC x86_64-softmmu/hw/intc/ioapic.o
CC x86_64-softmmu/hw/isa/lpc_ich9.o
CC aarch64-softmmu/hw/core/nmi.o
CC x86_64-softmmu/hw/misc/vmport.o
CC x86_64-softmmu/hw/misc/ivshmem.o
CC x86_64-softmmu/hw/misc/pvpanic.o
CC x86_64-softmmu/hw/misc/edu.o
CC x86_64-softmmu/hw/misc/hyperv_testdev.o
CC x86_64-softmmu/hw/net/virtio-net.o
CC x86_64-softmmu/hw/net/vhost_net.o
CC aarch64-softmmu/hw/cpu/arm11mpcore.o
CC aarch64-softmmu/hw/cpu/realview_mpcore.o
CC aarch64-softmmu/hw/cpu/a9mpcore.o
CC aarch64-softmmu/hw/cpu/a15mpcore.o
CC aarch64-softmmu/hw/cpu/core.o
CC x86_64-softmmu/hw/scsi/virtio-scsi.o
CC aarch64-softmmu/hw/display/omap_dss.o
CC aarch64-softmmu/hw/display/omap_lcdc.o
CC x86_64-softmmu/hw/scsi/virtio-scsi-dataplane.o
CC x86_64-softmmu/hw/scsi/vhost-scsi.o
CC aarch64-softmmu/hw/display/pxa2xx_lcd.o
CC aarch64-softmmu/hw/display/bcm2835_fb.o
CC x86_64-softmmu/hw/timer/mc146818rtc.o
CC aarch64-softmmu/hw/display/vga.o
CC x86_64-softmmu/hw/vfio/common.o
CC x86_64-softmmu/hw/vfio/pci.o
CC aarch64-softmmu/hw/display/virtio-gpu.o
CC x86_64-softmmu/hw/vfio/pci-quirks.o
CC aarch64-softmmu/hw/display/virtio-gpu-3d.o
CC aarch64-softmmu/hw/display/virtio-gpu-pci.o
/tmp/qemu-test/src/hw/block/virtio-blk.c: In function ‘virtio_blk_handle_request’:
/tmp/qemu-test/src/hw/block/virtio-blk.c:482: warning: implicit declaration of function ‘virtio_error’
/tmp/qemu-test/src/hw/block/virtio-blk.c:482: warning: nested extern declaration of ‘virtio_error’
/tmp/qemu-test/src/hw/block/virtio-blk.c: In function ‘virtio_blk_handle_vq’:
/tmp/qemu-test/src/hw/block/virtio-blk.c:593: warning: implicit declaration of function ‘virtqueue_detach_element’
/tmp/qemu-test/src/hw/block/virtio-blk.c:593: warning: nested extern declaration of ‘virtqueue_detach_element’
CC aarch64-softmmu/hw/display/xlnx_dp.o
CC aarch64-softmmu/hw/display/dpcd.o
CC x86_64-softmmu/hw/vfio/platform.o
CC aarch64-softmmu/hw/dma/xlnx_dpdma.o
CC aarch64-softmmu/hw/dma/omap_dma.o
CC aarch64-softmmu/hw/dma/soc_dma.o
CC aarch64-softmmu/hw/dma/pxa2xx_dma.o
CC aarch64-softmmu/hw/dma/bcm2835_dma.o
CC aarch64-softmmu/hw/gpio/omap_gpio.o
CC aarch64-softmmu/hw/gpio/imx_gpio.o
CC aarch64-softmmu/hw/i2c/omap_i2c.o
CC aarch64-softmmu/hw/input/pxa2xx_keypad.o
CC aarch64-softmmu/hw/input/tsc210x.o
CC aarch64-softmmu/hw/intc/armv7m_nvic.o
/tmp/qemu-test/src/hw/block/virtio-blk.c: In function ‘virtio_blk_handle_request’:
/tmp/qemu-test/src/hw/block/virtio-blk.c:482: warning: implicit declaration of function ‘virtio_error’
/tmp/qemu-test/src/hw/block/virtio-blk.c:482: warning: nested extern declaration of ‘virtio_error’
/tmp/qemu-test/src/hw/block/virtio-blk.c: In function ‘virtio_blk_handle_vq’:
/tmp/qemu-test/src/hw/block/virtio-blk.c:593: warning: implicit declaration of function ‘virtqueue_detach_element’
/tmp/qemu-test/src/hw/block/virtio-blk.c:593: warning: nested extern declaration of ‘virtqueue_detach_element’
CC aarch64-softmmu/hw/intc/exynos4210_gic.o
CC x86_64-softmmu/hw/vfio/calxeda-xgmac.o
CC aarch64-softmmu/hw/intc/exynos4210_combiner.o
CC aarch64-softmmu/hw/intc/omap_intc.o
CC x86_64-softmmu/hw/vfio/amd-xgbe.o
CC aarch64-softmmu/hw/intc/bcm2835_ic.o
CC x86_64-softmmu/hw/vfio/spapr.o
CC aarch64-softmmu/hw/intc/bcm2836_control.o
CC aarch64-softmmu/hw/intc/allwinner-a10-pic.o
CC x86_64-softmmu/hw/virtio/virtio.o
CC aarch64-softmmu/hw/intc/aspeed_vic.o
CC x86_64-softmmu/hw/virtio/virtio-balloon.o
CC aarch64-softmmu/hw/intc/arm_gicv3_cpuif.o
CC x86_64-softmmu/hw/virtio/vhost.o
CC x86_64-softmmu/hw/virtio/vhost-backend.o
CC x86_64-softmmu/hw/virtio/vhost-user.o
CC aarch64-softmmu/hw/misc/ivshmem.o
CC x86_64-softmmu/hw/virtio/vhost-vsock.o
CC x86_64-softmmu/hw/i386/multiboot.o
CC x86_64-softmmu/hw/i386/pc.o
CC aarch64-softmmu/hw/misc/arm_sysctl.o
CC x86_64-softmmu/hw/i386/pc_piix.o
CC x86_64-softmmu/hw/i386/pc_q35.o
CC x86_64-softmmu/hw/i386/pc_sysfw.o
CC x86_64-softmmu/hw/i386/x86-iommu.o
CC aarch64-softmmu/hw/misc/cbus.o
CC aarch64-softmmu/hw/misc/exynos4210_pmu.o
/tmp/qemu-test/src/hw/i386/pc_piix.c: In function ‘igd_passthrough_isa_bridge_create’:
/tmp/qemu-test/src/hw/i386/pc_piix.c:1046: warning: ‘pch_rev_id’ may be used uninitialized in this function
CC aarch64-softmmu/hw/misc/imx_ccm.o
CC x86_64-softmmu/hw/i386/intel_iommu.o
CC aarch64-softmmu/hw/misc/imx31_ccm.o
CC x86_64-softmmu/hw/i386/kvmvapic.o
CC aarch64-softmmu/hw/misc/imx25_ccm.o
/tmp/qemu-test/src/hw/scsi/virtio-scsi.c: In function ‘virtio_scsi_bad_req’:
/tmp/qemu-test/src/hw/scsi/virtio-scsi.c:86: warning: implicit declaration of function ‘virtio_error’
/tmp/qemu-test/src/hw/scsi/virtio-scsi.c:86: warning: nested extern declaration of ‘virtio_error’
/tmp/qemu-test/src/hw/scsi/virtio-scsi.c:87: warning: implicit declaration of function ‘virtqueue_detach_element’
/tmp/qemu-test/src/hw/scsi/virtio-scsi.c:87: warning: nested extern declaration of ‘virtqueue_detach_element’
CC aarch64-softmmu/hw/misc/imx6_ccm.o
CC aarch64-softmmu/hw/misc/imx6_src.o
CC x86_64-softmmu/hw/i386/acpi-build.o
CC aarch64-softmmu/hw/misc/omap_clk.o
CC aarch64-softmmu/hw/misc/mst_fpga.o
CC aarch64-softmmu/hw/misc/omap_gpmc.o
CC aarch64-softmmu/hw/misc/omap_l4.o
CC x86_64-softmmu/hw/i386/pci-assign-load-rom.o
CC x86_64-softmmu/hw/i386/kvm/clock.o
/tmp/qemu-test/src/hw/net/virtio-net.c: In function ‘virtio_net_handle_ctrl’:
/tmp/qemu-test/src/hw/net/virtio-net.c:896: warning: implicit declaration of function ‘virtio_error’
/tmp/qemu-test/src/hw/net/virtio-net.c:896: warning: nested extern declaration of ‘virtio_error’
/tmp/qemu-test/src/hw/net/virtio-net.c:897: warning: implicit declaration of function ‘virtqueue_detach_element’
/tmp/qemu-test/src/hw/net/virtio-net.c:897: warning: nested extern declaration of ‘virtqueue_detach_element’
CC x86_64-softmmu/hw/i386/kvm/apic.o
/tmp/qemu-test/src/hw/i386/acpi-build.c: In function ‘build_append_pci_bus_devices’:
/tmp/qemu-test/src/hw/i386/acpi-build.c:471: warning: ‘notify_method’ may be used uninitialized in this function
CC x86_64-softmmu/hw/i386/kvm/i8259.o
CC x86_64-softmmu/hw/i386/kvm/ioapic.o
CC x86_64-softmmu/hw/i386/kvm/i8254.o
CC aarch64-softmmu/hw/misc/omap_sdrc.o
CC aarch64-softmmu/hw/misc/omap_tap.o
CC x86_64-softmmu/hw/i386/kvm/pci-assign.o
CC x86_64-softmmu/target-i386/translate.o
CC x86_64-softmmu/target-i386/helper.o
CC aarch64-softmmu/hw/misc/bcm2835_mbox.o
CC x86_64-softmmu/target-i386/cpu.o
CC aarch64-softmmu/hw/misc/bcm2835_property.o
CC aarch64-softmmu/hw/misc/zynq_slcr.o
CC aarch64-softmmu/hw/misc/zynq-xadc.o
CC aarch64-softmmu/hw/misc/stm32f2xx_syscfg.o
CC aarch64-softmmu/hw/misc/edu.o
CC x86_64-softmmu/target-i386/bpt_helper.o
CC x86_64-softmmu/target-i386/excp_helper.o
CC x86_64-softmmu/target-i386/fpu_helper.o
CC aarch64-softmmu/hw/misc/auxbus.o
CC aarch64-softmmu/hw/misc/aspeed_scu.o
CC x86_64-softmmu/target-i386/cc_helper.o
CC aarch64-softmmu/hw/misc/aspeed_sdmc.o
CC aarch64-softmmu/hw/net/virtio-net.o
CC x86_64-softmmu/target-i386/int_helper.o
CC aarch64-softmmu/hw/net/vhost_net.o
CC aarch64-softmmu/hw/pcmcia/pxa2xx.o
CC aarch64-softmmu/hw/scsi/virtio-scsi.o
CC x86_64-softmmu/target-i386/svm_helper.o
CC aarch64-softmmu/hw/scsi/virtio-scsi-dataplane.o
CC aarch64-softmmu/hw/scsi/vhost-scsi.o
CC aarch64-softmmu/hw/sd/omap_mmc.o
CC aarch64-softmmu/hw/sd/pxa2xx_mmci.o
CC aarch64-softmmu/hw/ssi/omap_spi.o
CC x86_64-softmmu/target-i386/smm_helper.o
CC aarch64-softmmu/hw/ssi/imx_spi.o
CC aarch64-softmmu/hw/timer/exynos4210_mct.o
CC x86_64-softmmu/target-i386/misc_helper.o
CC aarch64-softmmu/hw/timer/exynos4210_pwm.o
CC aarch64-softmmu/hw/timer/exynos4210_rtc.o
CC aarch64-softmmu/hw/timer/omap_gptimer.o
CC aarch64-softmmu/hw/timer/omap_synctimer.o
CC aarch64-softmmu/hw/timer/pxa2xx_timer.o
CC aarch64-softmmu/hw/timer/digic-timer.o
CC x86_64-softmmu/target-i386/mem_helper.o
CC aarch64-softmmu/hw/timer/allwinner-a10-pit.o
CC aarch64-softmmu/hw/usb/tusb6010.o
CC aarch64-softmmu/hw/vfio/common.o
CC x86_64-softmmu/target-i386/seg_helper.o
CC aarch64-softmmu/hw/vfio/pci.o
CC x86_64-softmmu/target-i386/mpx_helper.o
CC x86_64-softmmu/target-i386/gdbstub.o
CC aarch64-softmmu/hw/vfio/pci-quirks.o
CC x86_64-softmmu/target-i386/machine.o
CC x86_64-softmmu/target-i386/arch_memory_mapping.o
CC aarch64-softmmu/hw/vfio/platform.o
CC x86_64-softmmu/target-i386/arch_dump.o
CC x86_64-softmmu/target-i386/monitor.o
CC x86_64-softmmu/target-i386/kvm.o
CC x86_64-softmmu/target-i386/hyperv.o
CC aarch64-softmmu/hw/vfio/calxeda-xgmac.o
CC aarch64-softmmu/hw/vfio/amd-xgbe.o
CC aarch64-softmmu/hw/vfio/spapr.o
CC aarch64-softmmu/hw/virtio/virtio.o
CC aarch64-softmmu/hw/virtio/virtio-balloon.o
GEN trace/generated-helpers.c
CC aarch64-softmmu/hw/virtio/vhost.o
CC x86_64-softmmu/trace/control-target.o
CC aarch64-softmmu/hw/virtio/vhost-backend.o
CC aarch64-softmmu/hw/virtio/vhost-user.o
CC aarch64-softmmu/hw/virtio/vhost-vsock.o
CC aarch64-softmmu/hw/arm/boot.o
CC aarch64-softmmu/hw/arm/collie.o
CC aarch64-softmmu/hw/arm/exynos4_boards.o
CC aarch64-softmmu/hw/arm/gumstix.o
CC aarch64-softmmu/hw/arm/highbank.o
CC aarch64-softmmu/hw/arm/digic_boards.o
CC aarch64-softmmu/hw/arm/integratorcp.o
CC aarch64-softmmu/hw/arm/mainstone.o
CC aarch64-softmmu/hw/arm/musicpal.o
CC aarch64-softmmu/hw/arm/nseries.o
CC aarch64-softmmu/hw/arm/omap_sx1.o
CC aarch64-softmmu/hw/arm/palm.o
CC aarch64-softmmu/hw/arm/realview.o
CC aarch64-softmmu/hw/arm/spitz.o
CC aarch64-softmmu/hw/arm/stellaris.o
CC aarch64-softmmu/hw/arm/tosa.o
CC aarch64-softmmu/hw/arm/versatilepb.o
CC aarch64-softmmu/hw/arm/vexpress.o
CC x86_64-softmmu/trace/generated-helpers.o
CC aarch64-softmmu/hw/arm/virt.o
CC aarch64-softmmu/hw/arm/xilinx_zynq.o
CC aarch64-softmmu/hw/arm/z2.o
CC aarch64-softmmu/hw/arm/virt-acpi-build.o
CC aarch64-softmmu/hw/arm/netduino2.o
CC aarch64-softmmu/hw/arm/sysbus-fdt.o
CC aarch64-softmmu/hw/arm/armv7m.o
CC aarch64-softmmu/hw/arm/exynos4210.o
LINK x86_64-softmmu/qemu-system-x86_64
CC aarch64-softmmu/hw/arm/pxa2xx.o
CC aarch64-softmmu/hw/arm/pxa2xx_pic.o
CC aarch64-softmmu/hw/arm/pxa2xx_gpio.o
CC aarch64-softmmu/hw/arm/digic.o
CC aarch64-softmmu/hw/arm/omap1.o
CC aarch64-softmmu/hw/arm/omap2.o
CC aarch64-softmmu/hw/arm/strongarm.o
CC aarch64-softmmu/hw/arm/allwinner-a10.o
CC aarch64-softmmu/hw/arm/cubieboard.o
CC aarch64-softmmu/hw/arm/bcm2835_peripherals.o
CC aarch64-softmmu/hw/arm/bcm2836.o
CC aarch64-softmmu/hw/arm/raspi.o
CC aarch64-softmmu/hw/arm/stm32f205_soc.o
CC aarch64-softmmu/hw/arm/xlnx-zynqmp.o
CC aarch64-softmmu/hw/arm/xlnx-ep108.o
CC aarch64-softmmu/hw/arm/fsl-imx25.o
CC aarch64-softmmu/hw/arm/imx25_pdk.o
CC aarch64-softmmu/hw/arm/fsl-imx31.o
CC aarch64-softmmu/hw/arm/kzm.o
CC aarch64-softmmu/hw/arm/fsl-imx6.o
CC aarch64-softmmu/hw/arm/sabrelite.o
CC aarch64-softmmu/hw/arm/aspeed_soc.o
CC aarch64-softmmu/hw/arm/aspeed.o
CC aarch64-softmmu/target-arm/arm-semi.o
CC aarch64-softmmu/target-arm/machine.o
CC aarch64-softmmu/target-arm/psci.o
CC aarch64-softmmu/target-arm/arch_dump.o
CC aarch64-softmmu/target-arm/monitor.o
CC aarch64-softmmu/target-arm/kvm-stub.o
CC aarch64-softmmu/target-arm/translate.o
CC aarch64-softmmu/target-arm/op_helper.o
CC aarch64-softmmu/target-arm/helper.o
CC aarch64-softmmu/target-arm/cpu.o
CC aarch64-softmmu/target-arm/neon_helper.o
/tmp/qemu-test/src/hw/scsi/virtio-scsi.c: In function ‘virtio_scsi_bad_req’:
/tmp/qemu-test/src/hw/scsi/virtio-scsi.c:86: warning: implicit declaration of function ‘virtio_error’
/tmp/qemu-test/src/hw/scsi/virtio-scsi.c:86: warning: nested extern declaration of ‘virtio_error’
/tmp/qemu-test/src/hw/scsi/virtio-scsi.c:87: warning: implicit declaration of function ‘virtqueue_detach_element’
/tmp/qemu-test/src/hw/scsi/virtio-scsi.c:87: warning: nested extern declaration of ‘virtqueue_detach_element’
CC aarch64-softmmu/target-arm/iwmmxt_helper.o
CC aarch64-softmmu/target-arm/gdbstub.o
CC aarch64-softmmu/target-arm/cpu64.o
CC aarch64-softmmu/target-arm/translate-a64.o
CC aarch64-softmmu/target-arm/helper-a64.o
CC aarch64-softmmu/target-arm/gdbstub64.o
CC aarch64-softmmu/target-arm/crypto_helper.o
CC aarch64-softmmu/target-arm/arm-powerctl.o
/tmp/qemu-test/src/hw/net/virtio-net.c: In function ‘virtio_net_handle_ctrl’:
/tmp/qemu-test/src/hw/net/virtio-net.c:896: warning: implicit declaration of function ‘virtio_error’
/tmp/qemu-test/src/hw/net/virtio-net.c:896: warning: nested extern declaration of ‘virtio_error’
/tmp/qemu-test/src/hw/net/virtio-net.c:897: warning: implicit declaration of function ‘virtqueue_detach_element’
/tmp/qemu-test/src/hw/net/virtio-net.c:897: warning: nested extern declaration of ‘virtqueue_detach_element’
/tmp/qemu-test/src/target-arm/translate-a64.c: In function ‘handle_shri_with_rndacc’:
/tmp/qemu-test/src/target-arm/translate-a64.c:6333: warning: ‘tcg_src_hi’ may be used uninitialized in this function
/tmp/qemu-test/src/target-arm/translate-a64.c: In function ‘disas_simd_scalar_two_reg_misc’:
/tmp/qemu-test/src/target-arm/translate-a64.c:8060: warning: ‘rmode’ may be used uninitialized in this function
GEN trace/generated-helpers.c
CC aarch64-softmmu/trace/control-target.o
CC aarch64-softmmu/gdbstub-xml.o
CC aarch64-softmmu/trace/generated-helpers.o
LINK aarch64-softmmu/qemu-system-aarch64
hw/block/virtio-blk.o: In function `virtio_blk_handle_request':
/tmp/qemu-test/src/hw/block/virtio-blk.c:482: undefined reference to `virtio_error'
/tmp/qemu-test/src/hw/block/virtio-blk.c:495: undefined reference to `virtio_error'
/tmp/qemu-test/src/hw/block/virtio-blk.c:488: undefined reference to `virtio_error'
hw/block/virtio-blk.o: In function `virtio_blk_dma_restart_bh':
/tmp/qemu-test/src/hw/block/virtio-blk.c:641: undefined reference to `virtqueue_detach_element'
hw/block/virtio-blk.o: In function `virtio_blk_handle_vq':
/tmp/qemu-test/src/hw/block/virtio-blk.c:593: undefined reference to `virtqueue_detach_element'
hw/net/virtio-net.o: In function `virtio_net_receive':
/tmp/qemu-test/src/hw/net/virtio-net.c:1129: undefined reference to `virtio_error'
/tmp/qemu-test/src/hw/net/virtio-net.c:1141: undefined reference to `virtio_error'
/tmp/qemu-test/src/hw/net/virtio-net.c:1143: undefined reference to `virtqueue_detach_element'
hw/net/virtio-net.o: In function `virtio_net_flush_tx':
/tmp/qemu-test/src/hw/net/virtio-net.c:1256: undefined reference to `virtio_error'
/tmp/qemu-test/src/hw/net/virtio-net.c:1257: undefined reference to `virtqueue_detach_element'
hw/net/virtio-net.o: In function `virtio_net_handle_ctrl':
/tmp/qemu-test/src/hw/net/virtio-net.c:896: undefined reference to `virtio_error'
/tmp/qemu-test/src/hw/net/virtio-net.c:897: undefined reference to `virtqueue_detach_element'
hw/scsi/virtio-scsi.o: In function `virtio_scsi_bad_req':
/tmp/qemu-test/src/hw/scsi/virtio-scsi.c:86: undefined reference to `virtio_error'
/tmp/qemu-test/src/hw/scsi/virtio-scsi.c:87: undefined reference to `virtqueue_detach_element'
hw/scsi/virtio-scsi.o: In function `virtio_scsi_handle_cmd_vq':
/tmp/qemu-test/src/hw/scsi/virtio-scsi.c:596: undefined reference to `virtqueue_detach_element'
hw/scsi/virtio-scsi.o: In function `virtio_scsi_set_config':
/tmp/qemu-test/src/hw/scsi/virtio-scsi.c:647: undefined reference to `virtio_error'
collect2: ld returned 1 exit status
make[1]: *** [qemu-system-x86_64] Error 1
make: *** [subdir-x86_64-softmmu] Error 2
make: *** Waiting for unfinished jobs....
hw/block/virtio-blk.o: In function `virtio_blk_handle_request':
/tmp/qemu-test/src/hw/block/virtio-blk.c:482: undefined reference to `virtio_error'
/tmp/qemu-test/src/hw/block/virtio-blk.c:495: undefined reference to `virtio_error'
/tmp/qemu-test/src/hw/block/virtio-blk.c:488: undefined reference to `virtio_error'
hw/block/virtio-blk.o: In function `virtio_blk_dma_restart_bh':
/tmp/qemu-test/src/hw/block/virtio-blk.c:641: undefined reference to `virtqueue_detach_element'
hw/block/virtio-blk.o: In function `virtio_blk_handle_vq':
/tmp/qemu-test/src/hw/block/virtio-blk.c:593: undefined reference to `virtqueue_detach_element'
hw/net/virtio-net.o: In function `virtio_net_receive':
/tmp/qemu-test/src/hw/net/virtio-net.c:1129: undefined reference to `virtio_error'
/tmp/qemu-test/src/hw/net/virtio-net.c:1141: undefined reference to `virtio_error'
/tmp/qemu-test/src/hw/net/virtio-net.c:1143: undefined reference to `virtqueue_detach_element'
hw/net/virtio-net.o: In function `virtio_net_flush_tx':
/tmp/qemu-test/src/hw/net/virtio-net.c:1256: undefined reference to `virtio_error'
/tmp/qemu-test/src/hw/net/virtio-net.c:1257: undefined reference to `virtqueue_detach_element'
hw/net/virtio-net.o: In function `virtio_net_handle_ctrl':
/tmp/qemu-test/src/hw/net/virtio-net.c:896: undefined reference to `virtio_error'
/tmp/qemu-test/src/hw/net/virtio-net.c:897: undefined reference to `virtqueue_detach_element'
hw/scsi/virtio-scsi.o: In function `virtio_scsi_bad_req':
/tmp/qemu-test/src/hw/scsi/virtio-scsi.c:86: undefined reference to `virtio_error'
/tmp/qemu-test/src/hw/scsi/virtio-scsi.c:87: undefined reference to `virtqueue_detach_element'
hw/scsi/virtio-scsi.o: In function `virtio_scsi_handle_cmd_vq':
/tmp/qemu-test/src/hw/scsi/virtio-scsi.c:596: undefined reference to `virtqueue_detach_element'
hw/scsi/virtio-scsi.o: In function `virtio_scsi_set_config':
/tmp/qemu-test/src/hw/scsi/virtio-scsi.c:647: undefined reference to `virtio_error'
collect2: ld returned 1 exit status
make[1]: *** [qemu-system-aarch64] Error 1
make: *** [subdir-aarch64-softmmu] Error 2
tests/docker/Makefile.include:107: recipe for target 'docker-run-test-quick@centos6' failed
make: *** [docker-run-test-quick@centos6] Error 2
=== OUTPUT END ===
Test command exited with code: 2
---
Email generated automatically by Patchew [http://patchew.org/].
Please send your feedback to patchew-devel@freelists.org
^ permalink raw reply [flat|nested] 20+ messages in thread
* Re: [Qemu-devel] [PATCH v3 2/9] virtio-blk: make some functions static
2016-09-26 8:34 ` [Qemu-devel] [PATCH v3 2/9] virtio-blk: make some functions static Greg Kurz
@ 2016-09-26 16:15 ` Stefan Hajnoczi
0 siblings, 0 replies; 20+ messages in thread
From: Stefan Hajnoczi @ 2016-09-26 16:15 UTC (permalink / raw)
To: Greg Kurz
Cc: qemu-devel, Kevin Wolf, Michael S. Tsirkin, Jason Wang,
Max Reitz, Aneesh Kumar K.V, Cornelia Huck, Paolo Bonzini
[-- Attachment #1: Type: text/plain, Size: 929 bytes --]
On Mon, Sep 26, 2016 at 10:34:05AM +0200, Greg Kurz wrote:
> Some functions that were called from the dataplane code are now only used
> locally:
>
> virtio_blk_init_request()
> virtio_blk_handle_request()
> virtio_blk_submit_multireq()
>
> since commit "03de2f527499 virtio-blk: do not use vring in dataplane", and
>
> virtio_blk_free_request()
>
> since commit "6aa46d8ff1ee virtio: move VirtQueueElement at the beginning
> of the structs".
>
> This patch converts them to static.
>
> Signed-off-by: Greg Kurz <groug@kaod.org>
> ---
> v3: This was "virtio-blk: turn virtio_blk_handle_request() into a static
> function" in v2. It turns out that there are some more candidates.
> ---
> hw/block/virtio-blk.c | 10 +++++-----
> include/hw/virtio/virtio-blk.h | 8 --------
> 2 files changed, 5 insertions(+), 13 deletions(-)
Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com>
[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 455 bytes --]
^ permalink raw reply [flat|nested] 20+ messages in thread
* Re: [Qemu-devel] [PATCH v3 3/9] virtio-9p: handle handle_9p_output() error
2016-09-26 8:34 ` [Qemu-devel] [PATCH v3 3/9] virtio-9p: handle handle_9p_output() error Greg Kurz
@ 2016-09-26 16:21 ` Stefan Hajnoczi
0 siblings, 0 replies; 20+ messages in thread
From: Stefan Hajnoczi @ 2016-09-26 16:21 UTC (permalink / raw)
To: Greg Kurz
Cc: qemu-devel, Kevin Wolf, Michael S. Tsirkin, Jason Wang,
Max Reitz, Aneesh Kumar K.V, Cornelia Huck, Paolo Bonzini
[-- Attachment #1: Type: text/plain, Size: 1600 bytes --]
On Mon, Sep 26, 2016 at 10:34:15AM +0200, Greg Kurz wrote:
> A broken guest may send a request without providing buffers for the reply
> or for the request itself, and virtqueue_pop() will return an element with
> either in_num == 0 or out_num == 0.
>
> All 9P requests are expected to start with the following 7-byte header:
>
> uint32_t size_le;
> uint8_t id;
> uint16_t tag_le;
>
> If iov_to_buf() fails to return these 7 bytes, then something is wrong in
> the guest.
>
> In both cases, it is wrong to crash QEMU, since the root cause lies in the
> guest.
>
> This patch hence does the following:
> - keep the check of in_num since pdu_complete() assumes it has enough
> space to store the reply and we will send something broken to the guest
> - let iov_to_buf() handle out_num == 0, since it will return 0 just like
> if the guest had provided an zero-sized buffer.
> - call virtio_error() to inform the guest that the device is now broken,
> instead of aborting
> - detach the request from the virtqueue and free it
>
> Signed-off-by: Greg Kurz <groug@kaod.org>
> ---
> v3: - dropped the out_num check (already covered by iov_to_buf())
> - reworded the in_num error message
> - added an error path to detach and free the virtqueue element
>
> I haven't added the R-b tags received during v2 because of the above
> changes.
> ---
> hw/9pfs/virtio-9p-device.c | 26 +++++++++++++++++++++-----
> 1 file changed, 21 insertions(+), 5 deletions(-)
Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com>
[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 455 bytes --]
^ permalink raw reply [flat|nested] 20+ messages in thread
* Re: [Qemu-devel] [PATCH v3 4/9] virtio-blk: handle virtio_blk_handle_request() errors
2016-09-26 8:34 ` [Qemu-devel] [PATCH v3 4/9] virtio-blk: handle virtio_blk_handle_request() errors Greg Kurz
@ 2016-09-26 16:24 ` Stefan Hajnoczi
0 siblings, 0 replies; 20+ messages in thread
From: Stefan Hajnoczi @ 2016-09-26 16:24 UTC (permalink / raw)
To: Greg Kurz
Cc: qemu-devel, Kevin Wolf, Michael S. Tsirkin, Jason Wang,
Max Reitz, Aneesh Kumar K.V, Cornelia Huck, Paolo Bonzini
[-- Attachment #1: Type: text/plain, Size: 1160 bytes --]
On Mon, Sep 26, 2016 at 10:34:24AM +0200, Greg Kurz wrote:
> All these errors are caused by a buggy guest: QEMU should not exit.
>
> With this patch, if virtio_blk_handle_request() detects a buggy request, it
> marks the device as broken and returns an error to the caller so it takes
> appropriate action.
>
> In the case of virtio_blk_handle_vq(), we detach the request from the
> virtqueue, free its allocated memory and stop popping new requests.
> We don't need to bother about multireq since virtio_blk_handle_request()
> errors out early and mrb.num_reqs == 0.
>
> In the case of virtio_blk_dma_restart_bh(), we need to detach and free all
> queued requests as well.
>
> Signed-off-by: Greg Kurz <groug@kaod.org>
> ---
> v3: - turned goto out_err to break in virtio_blk_handle_vq()
> - detach and free request in virtio_blk_handle_vq()
> - detach and free all queued requests in virtio_blk_dma_restart_bh()
> - updated changelog
> ---
> hw/block/virtio-blk.c | 38 ++++++++++++++++++++++++++++----------
> 1 file changed, 28 insertions(+), 10 deletions(-)
Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com>
[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 455 bytes --]
^ permalink raw reply [flat|nested] 20+ messages in thread
* Re: [Qemu-devel] [PATCH v3 5/9] virtio-net: handle virtio_net_handle_ctrl() error
2016-09-26 8:34 ` [Qemu-devel] [PATCH v3 5/9] virtio-net: handle virtio_net_handle_ctrl() error Greg Kurz
@ 2016-09-26 16:25 ` Stefan Hajnoczi
0 siblings, 0 replies; 20+ messages in thread
From: Stefan Hajnoczi @ 2016-09-26 16:25 UTC (permalink / raw)
To: Greg Kurz
Cc: qemu-devel, Kevin Wolf, Michael S. Tsirkin, Jason Wang,
Max Reitz, Aneesh Kumar K.V, Cornelia Huck, Paolo Bonzini
[-- Attachment #1: Type: text/plain, Size: 508 bytes --]
On Mon, Sep 26, 2016 at 10:34:32AM +0200, Greg Kurz wrote:
> This error is caused by a buggy guest: let's switch the device to the
> broken state instead of terminating QEMU. Also we detach the element
> from the virtqueue and free it.
>
> Signed-off-by: Greg Kurz <groug@kaod.org>
> ---
> v3: - detach and free element
> - updated changelog
> ---
> hw/net/virtio-net.c | 7 +++++--
> 1 file changed, 5 insertions(+), 2 deletions(-)
Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com>
[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 455 bytes --]
^ permalink raw reply [flat|nested] 20+ messages in thread
* Re: [Qemu-devel] [PATCH v3 6/9] virtio-net: handle virtio_net_receive() errors
2016-09-26 8:34 ` [Qemu-devel] [PATCH v3 6/9] virtio-net: handle virtio_net_receive() errors Greg Kurz
@ 2016-09-26 16:27 ` Stefan Hajnoczi
0 siblings, 0 replies; 20+ messages in thread
From: Stefan Hajnoczi @ 2016-09-26 16:27 UTC (permalink / raw)
To: Greg Kurz
Cc: qemu-devel, Kevin Wolf, Michael S. Tsirkin, Jason Wang,
Max Reitz, Aneesh Kumar K.V, Cornelia Huck, Paolo Bonzini
[-- Attachment #1: Type: text/plain, Size: 594 bytes --]
On Mon, Sep 26, 2016 at 10:34:40AM +0200, Greg Kurz wrote:
> All these errors are caused by a buggy guest: let's switch the device to
> the broken state instead of terminating QEMU. Also we detach the element
> from the virtqueue and free it.
>
> Signed-off-by: Greg Kurz <groug@kaod.org>
> Reviewed-by: Cornelia Huck <cornelia.huck@de.ibm.com>
> ---
> v3: - detach and free element
> - updated changelog
> ---
> hw/net/virtio-net.c | 27 +++++++++++++++------------
> 1 file changed, 15 insertions(+), 12 deletions(-)
Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com>
[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 455 bytes --]
^ permalink raw reply [flat|nested] 20+ messages in thread
* Re: [Qemu-devel] [PATCH v3 7/9] virtio-net: handle virtio_net_flush_tx() errors
2016-09-26 8:34 ` [Qemu-devel] [PATCH v3 7/9] virtio-net: handle virtio_net_flush_tx() errors Greg Kurz
@ 2016-09-26 16:28 ` Stefan Hajnoczi
0 siblings, 0 replies; 20+ messages in thread
From: Stefan Hajnoczi @ 2016-09-26 16:28 UTC (permalink / raw)
To: Greg Kurz
Cc: qemu-devel, Kevin Wolf, Michael S. Tsirkin, Jason Wang,
Max Reitz, Aneesh Kumar K.V, Cornelia Huck, Paolo Bonzini
[-- Attachment #1: Type: text/plain, Size: 672 bytes --]
On Mon, Sep 26, 2016 at 10:34:48AM +0200, Greg Kurz wrote:
> All these errors are caused by a buggy guest: let's switch the device to
> the broken state instead of terminating QEMU. Also we detach the element
> from the virtqueue and free it.
>
> If this happens, virtio_net_flush_tx() also returns -EINVAL, so that all
> callers can stop processing the virtqueue immediatly.
>
> Signed-off-by: Greg Kurz <groug@kaod.org>
> ---
> v3: - detach and free element
> - updated changelog
> ---
> hw/net/virtio-net.c | 26 ++++++++++++++++++--------
> 1 file changed, 18 insertions(+), 8 deletions(-)
Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com>
[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 455 bytes --]
^ permalink raw reply [flat|nested] 20+ messages in thread
* Re: [Qemu-devel] [PATCH v3 8/9] virtio-scsi: convert virtio_scsi_bad_req() to use virtio_error()
2016-09-26 8:34 ` [Qemu-devel] [PATCH v3 8/9] virtio-scsi: convert virtio_scsi_bad_req() to use virtio_error() Greg Kurz
@ 2016-09-26 16:35 ` Stefan Hajnoczi
2016-09-26 19:25 ` Greg Kurz
0 siblings, 1 reply; 20+ messages in thread
From: Stefan Hajnoczi @ 2016-09-26 16:35 UTC (permalink / raw)
To: Greg Kurz
Cc: qemu-devel, Kevin Wolf, Michael S. Tsirkin, Jason Wang,
Max Reitz, Aneesh Kumar K.V, Cornelia Huck, Paolo Bonzini
[-- Attachment #1: Type: text/plain, Size: 2666 bytes --]
On Mon, Sep 26, 2016 at 10:34:56AM +0200, Greg Kurz wrote:
> The virtio_scsi_bad_req() function is called when a guest sends a
> request with missing or ill-sized headers. This generally happens
> when the virtio_scsi_parse_req() function returns an error.
>
> With this patch, virtio_scsi_bad_req() will mark the device as broken,
> detach the request from the virtqueue and free it, instead of forcing
> QEMU to exit.
>
> In nearly all locations where virtio_scsi_bad_req() is called, the only
> thing to do next is to return to the caller.
>
> The virtio_scsi_handle_cmd_req_prepare() function is an exception though.
>
> It is called in a loop by virtio_scsi_handle_cmd_vq() and passed requests
> freshly popped from a cmd virtqueue; virtio_scsi_handle_cmd_req_prepare()
> does some sanity checks on the request and returns a boolean flag to
> indicate whether the request should be queued or not. In the latter case,
> virtio_scsi_handle_cmd_req_prepare() has detected a non-fatal error and
> sent a response back to the guest.
>
> We have now a new condition to take into account: the device is broken
> and should stop all processing.
>
> The return value of virtio_scsi_handle_cmd_req_prepare() is hence changed
> to an int. A return value of zero means that the request should be queued.
> Other non-fatal error cases where the reqyest shoudn't be queued return
s/reqyest/request/
> @@ -574,11 +578,24 @@ static void virtio_scsi_handle_cmd_req_submit(VirtIOSCSI *s, VirtIOSCSIReq *req)
> void virtio_scsi_handle_cmd_vq(VirtIOSCSI *s, VirtQueue *vq)
> {
> VirtIOSCSIReq *req, *next;
> + int ret;
> +
> QTAILQ_HEAD(, VirtIOSCSIReq) reqs = QTAILQ_HEAD_INITIALIZER(reqs);
>
> while ((req = virtio_scsi_pop_req(s, vq))) {
> - if (virtio_scsi_handle_cmd_req_prepare(s, req)) {
> + ret = virtio_scsi_handle_cmd_req_prepare(s, req);
> + if (!ret) {
> QTAILQ_INSERT_TAIL(&reqs, req, next);
> + } else if (ret == -EINVAL) {
> + /* The device is broken and shouldn't process any request */
> + while (!QTAILQ_EMPTY(&reqs)) {
> + req = QTAILQ_FIRST(&reqs);
> + QTAILQ_REMOVE(&reqs, req, next);
> + blk_io_unplug(req->sreq->dev->conf.blk);
Are you sure blk_io_plug() was called for this request? If we returned
early in virtio_scsi_handle_cmd_req_prepare() then it wasn't called.
> + scsi_req_unref(req->sreq);
Which scsi_req_ref() is this paired with? If it's the call in
scsi_req_enqueue() then that function was never called and we shouldn't
unref.
[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 455 bytes --]
^ permalink raw reply [flat|nested] 20+ messages in thread
* Re: [Qemu-devel] [PATCH v3 9/9] virtio-scsi: handle virtio_scsi_set_config() error
2016-09-26 8:35 ` [Qemu-devel] [PATCH v3 9/9] virtio-scsi: handle virtio_scsi_set_config() error Greg Kurz
@ 2016-09-26 16:36 ` Stefan Hajnoczi
0 siblings, 0 replies; 20+ messages in thread
From: Stefan Hajnoczi @ 2016-09-26 16:36 UTC (permalink / raw)
To: Greg Kurz
Cc: qemu-devel, Kevin Wolf, Michael S. Tsirkin, Jason Wang,
Max Reitz, Aneesh Kumar K.V, Cornelia Huck, Paolo Bonzini
[-- Attachment #1: Type: text/plain, Size: 379 bytes --]
On Mon, Sep 26, 2016 at 10:35:04AM +0200, Greg Kurz wrote:
> This error is caused by a buggy guest: let's switch the device to the
> broken state instead of terminating QEMU.
>
> Signed-off-by: Greg Kurz <groug@kaod.org>
> ---
> hw/scsi/virtio-scsi.c | 5 +++--
> 1 file changed, 3 insertions(+), 2 deletions(-)
Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com>
[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 455 bytes --]
^ permalink raw reply [flat|nested] 20+ messages in thread
* Re: [Qemu-devel] [PATCH v3 8/9] virtio-scsi: convert virtio_scsi_bad_req() to use virtio_error()
2016-09-26 16:35 ` Stefan Hajnoczi
@ 2016-09-26 19:25 ` Greg Kurz
0 siblings, 0 replies; 20+ messages in thread
From: Greg Kurz @ 2016-09-26 19:25 UTC (permalink / raw)
To: Stefan Hajnoczi
Cc: qemu-devel, Kevin Wolf, Michael S. Tsirkin, Jason Wang,
Max Reitz, Aneesh Kumar K.V, Cornelia Huck, Paolo Bonzini
[-- Attachment #1: Type: text/plain, Size: 3588 bytes --]
On Mon, 26 Sep 2016 17:35:38 +0100
Stefan Hajnoczi <stefanha@redhat.com> wrote:
> On Mon, Sep 26, 2016 at 10:34:56AM +0200, Greg Kurz wrote:
> > The virtio_scsi_bad_req() function is called when a guest sends a
> > request with missing or ill-sized headers. This generally happens
> > when the virtio_scsi_parse_req() function returns an error.
> >
> > With this patch, virtio_scsi_bad_req() will mark the device as broken,
> > detach the request from the virtqueue and free it, instead of forcing
> > QEMU to exit.
> >
> > In nearly all locations where virtio_scsi_bad_req() is called, the only
> > thing to do next is to return to the caller.
> >
> > The virtio_scsi_handle_cmd_req_prepare() function is an exception though.
> >
> > It is called in a loop by virtio_scsi_handle_cmd_vq() and passed requests
> > freshly popped from a cmd virtqueue; virtio_scsi_handle_cmd_req_prepare()
> > does some sanity checks on the request and returns a boolean flag to
> > indicate whether the request should be queued or not. In the latter case,
> > virtio_scsi_handle_cmd_req_prepare() has detected a non-fatal error and
> > sent a response back to the guest.
> >
> > We have now a new condition to take into account: the device is broken
> > and should stop all processing.
> >
> > The return value of virtio_scsi_handle_cmd_req_prepare() is hence changed
> > to an int. A return value of zero means that the request should be queued.
> > Other non-fatal error cases where the reqyest shoudn't be queued return
>
> s/reqyest/request/
>
oops...
> > @@ -574,11 +578,24 @@ static void virtio_scsi_handle_cmd_req_submit(VirtIOSCSI *s, VirtIOSCSIReq *req)
> > void virtio_scsi_handle_cmd_vq(VirtIOSCSI *s, VirtQueue *vq)
> > {
> > VirtIOSCSIReq *req, *next;
> > + int ret;
> > +
> > QTAILQ_HEAD(, VirtIOSCSIReq) reqs = QTAILQ_HEAD_INITIALIZER(reqs);
> >
> > while ((req = virtio_scsi_pop_req(s, vq))) {
> > - if (virtio_scsi_handle_cmd_req_prepare(s, req)) {
> > + ret = virtio_scsi_handle_cmd_req_prepare(s, req);
> > + if (!ret) {
> > QTAILQ_INSERT_TAIL(&reqs, req, next);
> > + } else if (ret == -EINVAL) {
> > + /* The device is broken and shouldn't process any request */
> > + while (!QTAILQ_EMPTY(&reqs)) {
> > + req = QTAILQ_FIRST(&reqs);
> > + QTAILQ_REMOVE(&reqs, req, next);
> > + blk_io_unplug(req->sreq->dev->conf.blk);
>
> Are you sure blk_io_plug() was called for this request? If we returned
> early in virtio_scsi_handle_cmd_req_prepare() then it wasn't called.
>
Early return in virtio_scsi_handle_cmd_req_prepare() means an error was
detected, in which case the request didn't get queued; we are sure that
blk_io_plug() was called for all requests in this queue.
> > + scsi_req_unref(req->sreq);
>
> Which scsi_req_ref() is this paired with? If it's the call in
> scsi_req_enqueue() then that function was never called and we shouldn't
> unref.
It is paired with the one in virtio_scsi_handle_cmd_req_prepare(), which
is called just before blk_io_plug().
But looking at the patch again, I realize I missed this:
@@ -562,7 +562,7 @@ static int virtio_scsi_handle_cmd_req_prepare(VirtIOSCSI *s,
}
scsi_req_ref(req->sreq);
blk_io_plug(d->conf.blk);
- return true;
+ return 0;
}
static void virtio_scsi_handle_cmd_req_submit(VirtIOSCSI *s, VirtIOSCSIReq *req
I'll send a v4.
Cheers.
--
Greg
[-- Attachment #2: OpenPGP digital signature --]
[-- Type: application/pgp-signature, Size: 181 bytes --]
^ permalink raw reply [flat|nested] 20+ messages in thread
end of thread, other threads:[~2016-09-26 19:25 UTC | newest]
Thread overview: 20+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2016-09-26 8:33 [Qemu-devel] [PATCH v3 0/9] virtio: avoid inappropriate QEMU termination Greg Kurz
2016-09-26 8:33 ` [Qemu-devel] [PATCH v3 1/9] virtio-9p: add parentheses to sizeof operator Greg Kurz
2016-09-26 8:34 ` [Qemu-devel] [PATCH v3 2/9] virtio-blk: make some functions static Greg Kurz
2016-09-26 16:15 ` Stefan Hajnoczi
2016-09-26 8:34 ` [Qemu-devel] [PATCH v3 3/9] virtio-9p: handle handle_9p_output() error Greg Kurz
2016-09-26 16:21 ` Stefan Hajnoczi
2016-09-26 8:34 ` [Qemu-devel] [PATCH v3 4/9] virtio-blk: handle virtio_blk_handle_request() errors Greg Kurz
2016-09-26 16:24 ` Stefan Hajnoczi
2016-09-26 8:34 ` [Qemu-devel] [PATCH v3 5/9] virtio-net: handle virtio_net_handle_ctrl() error Greg Kurz
2016-09-26 16:25 ` Stefan Hajnoczi
2016-09-26 8:34 ` [Qemu-devel] [PATCH v3 6/9] virtio-net: handle virtio_net_receive() errors Greg Kurz
2016-09-26 16:27 ` Stefan Hajnoczi
2016-09-26 8:34 ` [Qemu-devel] [PATCH v3 7/9] virtio-net: handle virtio_net_flush_tx() errors Greg Kurz
2016-09-26 16:28 ` Stefan Hajnoczi
2016-09-26 8:34 ` [Qemu-devel] [PATCH v3 8/9] virtio-scsi: convert virtio_scsi_bad_req() to use virtio_error() Greg Kurz
2016-09-26 16:35 ` Stefan Hajnoczi
2016-09-26 19:25 ` Greg Kurz
2016-09-26 8:35 ` [Qemu-devel] [PATCH v3 9/9] virtio-scsi: handle virtio_scsi_set_config() error Greg Kurz
2016-09-26 16:36 ` Stefan Hajnoczi
2016-09-26 9:00 ` [Qemu-devel] [PATCH v3 0/9] virtio: avoid inappropriate QEMU termination no-reply
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.