From c167e2e7eda609bbbb58650c1b82e8168106e40e Mon Sep 17 00:00:00 2001 From: Stefan Weil Date: Fri, 20 Mar 2015 18:11:58 +0100 Subject: [PATCH 1/3] acpi: Add missing GCC_FMT_ATTR to local function MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit This fixes these gcc warnings (not enabled in default build): hw/acpi/aml-build.c:83:5: warning: function might be possible candidate for ‘gnu_printf’ format attribute [-Wsuggest-attribute=format] hw/acpi/aml-build.c:88:5: warning: function might be possible candidate for ‘gnu_printf’ format attribute [-Wsuggest-attribute=format] Cc: Michael S. Tsirkin Signed-off-by: Stefan Weil Reviewed-by: Michael S. Tsirkin Signed-off-by: Michael S. Tsirkin --- hw/acpi/aml-build.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/hw/acpi/aml-build.c b/hw/acpi/aml-build.c index 6242908d6c..d7945f6e2d 100644 --- a/hw/acpi/aml-build.c +++ b/hw/acpi/aml-build.c @@ -68,7 +68,7 @@ build_append_nameseg(GArray *array, const char *seg) g_array_append_vals(array, "____", ACPI_NAMESEG_LEN - len); } -static void +static void GCC_FMT_ATTR(2, 0) build_append_namestringv(GArray *array, const char *format, va_list ap) { /* It would be nicer to use g_string_vprintf but it's only there in 2.22 */ From 7976a6d23151c780474bdac106f3cf1343a2d6ca Mon Sep 17 00:00:00 2001 From: "Michael S. Tsirkin" Date: Wed, 25 Mar 2015 12:33:55 +0100 Subject: [PATCH 2/3] virtio-serial: fix virtio config size commit 9b70c1790acacae54d559d38ca69186a85040bb8 virtio-serial: switch to standard-headers changes virtio_console_config size from 8 to 12 bytes: it adds an optional 4 byte emerg_wr field. As this crosses a power of two boundary, this changes the PCI BAR size, which breaks migration compatibility with old qemu machine types. It's probably a problem for other transports as well. As a temporary fix, as we don't yet support this new field anyway, simply make the config size smaller at init time. Long terms we probably want something along the lines of virtio_net_set_config_size. Reported-by: Cole Robinson Signed-off-by: Michael S. Tsirkin Tested-by: Cole Robinson --- hw/char/virtio-serial-bus.c | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/hw/char/virtio-serial-bus.c b/hw/char/virtio-serial-bus.c index d14e872d34..e336bdb4a9 100644 --- a/hw/char/virtio-serial-bus.c +++ b/hw/char/virtio-serial-bus.c @@ -980,8 +980,10 @@ static void virtio_serial_device_realize(DeviceState *dev, Error **errp) return; } + /* We don't support emergency write, skip it for now. */ + /* TODO: cleaner fix, depending on host features. */ virtio_init(vdev, "virtio-serial", VIRTIO_ID_CONSOLE, - sizeof(struct virtio_console_config)); + offsetof(struct virtio_console_config, emerg_wr)); /* Spawn a new virtio-serial bus on which the ports will ride as devices */ qbus_create_inplace(&vser->bus, sizeof(vser->bus), TYPE_VIRTIO_SERIAL_BUS, From 7e0e736ecdfeac6d3517513d3a702304e4f6cf59 Mon Sep 17 00:00:00 2001 From: Jason Wang Date: Fri, 20 Mar 2015 14:07:50 +0800 Subject: [PATCH 3/3] virtio-net: validate backend queue numbers against bus limitation We don't validate the backend queue numbers against bus limitation, this will easily crash qemu if it exceeds the limitation which will hit the abort() in virtio_del_queue(). An example is trying to starting a virtio-net device with 256 queues. E.g: ./qemu-system-x86_64 -netdev tap,id=hn0,queues=256 -device virtio-net-pci,netdev=hn0 Fixing this by doing the validation and fail early. Cc: Michael S. Tsirkin Cc: qemu-stable Signed-off-by: Jason Wang Reviewed-by: Michael S. Tsirkin Signed-off-by: Michael S. Tsirkin Reviewed-by: Stefan Hajnoczi --- hw/net/virtio-net.c | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/hw/net/virtio-net.c b/hw/net/virtio-net.c index 27adcc5467..59f76bcf76 100644 --- a/hw/net/virtio-net.c +++ b/hw/net/virtio-net.c @@ -1588,6 +1588,13 @@ static void virtio_net_device_realize(DeviceState *dev, Error **errp) virtio_init(vdev, "virtio-net", VIRTIO_ID_NET, n->config_size); n->max_queues = MAX(n->nic_conf.peers.queues, 1); + if (n->max_queues * 2 + 1 > VIRTIO_PCI_QUEUE_MAX) { + error_setg(errp, "Invalid number of queues (= %" PRIu32 "), " + "must be a postive integer less than %d.", + n->max_queues, (VIRTIO_PCI_QUEUE_MAX - 1) / 2); + virtio_cleanup(vdev); + return; + } n->vqs = g_malloc0(sizeof(VirtIONetQueue) * n->max_queues); n->vqs[0].rx_vq = virtio_add_queue(vdev, 256, virtio_net_handle_rx); n->curr_queues = 1;