From: Gonglei
1. avoid possible superflous checking
2. make code more robustness
Signed-off-by: Gonglei
---
v4: address possible integer underover [Stefan]
please review again, thanks
---
hw/block/virtio-blk.c | 28 ++--
1 file changed, 10 insertions(+), 18 deletion
From: Gonglei
1. avoid possible superflous checking
2. make code more robustness
Signed-off-by: Gonglei
Reviewed-by: Fam Zheng
---
v3: change the third condition too [Paolo]
add Fam's R-by
---
hw/block/virtio-blk.c | 27 +--
1 file changed, 9 insertions(+), 18 dele
From: Gonglei
1. avoid possible superflous checking
2. make code more robustness
Signed-off-by: Gonglei
---
v2: address Paolo's comments, thanks.
---
hw/block/virtio-blk.c | 27 +--
1 file changed, 9 insertions(+), 18 deletions(-)
diff --git a/hw/block/virtio-blk.c b/h
From: Gonglei
Signed-off-by: Gonglei
---
hw/block/virtio-blk.c | 4 +++-
1 file changed, 3 insertions(+), 1 deletion(-)
diff --git a/hw/block/virtio-blk.c b/hw/block/virtio-blk.c
index 093e475..752586d 100644
--- a/hw/block/virtio-blk.c
+++ b/hw/block/virtio-blk.c
@@ -409,18 +409,20 @@ void vi
From: Gonglei
>>> CID 1337991: Memory - illegal accesses (OVERRUN)
>>> Decrementing "i". The value of "i" is now 65534.
218 while (i--) {
219 event_notifier_cleanup(&peer->vectors[i]);
220 }
Signed-off-by: Gonglei
---
contrib/ivshmem-server/ivshmem-server.
From: Gonglei
vhost-scsi bootindex does't work because Qemu passes
wrong fireware path to seabios.
before:
/pci@i0cf8/scsi@7channel@0/vhost-scsi@0,0
after applying the patch:
/pci@i0cf8/scsi@7/channel@0/vhost-scsi@0,0
Reported-by: Subo
Signed-off-by: Gonglei
---
hw/scsi/vhost-scsi.c | 2
From: Lu Lina
Signed-off-by: Lu Lina
Signed-off-by: Gonglei
---
hw/scsi/vhost-scsi.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/hw/scsi/vhost-scsi.c b/hw/scsi/vhost-scsi.c
index 1941aa1..174b4d2 100644
--- a/hw/scsi/vhost-scsi.c
+++ b/hw/scsi/vhost-scsi.c
@@ -117,7 +11
From: Gonglei
If vnc's password is configured, it will leak memory
which cipher variable pointed on every vnc connection.
Cc: Daniel P. Berrange
Signed-off-by: Gonglei
---
ui/vnc.c | 5 -
1 file changed, 4 insertions(+), 1 deletion(-)
diff --git a/ui/vnc.c b/ui/vnc.c
index 1483958..e2697
From: Gonglei
fix CID 1311372.
Signed-off-by: Gonglei
---
hw/arm/xlnx-zynqmp.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/hw/arm/xlnx-zynqmp.c b/hw/arm/xlnx-zynqmp.c
index 5e72078..00c5943 100644
--- a/hw/arm/xlnx-zynqmp.c
+++ b/hw/arm/xlnx-zynqmp.c
@@ -144,7 +144,
From: Gonglei
Spotted by Coverity.
Gonglei (4):
cpu: fix memory leak
ppc/spapr_drc: fix memory leak
arm/xlnx-zynqmp: fix memory leak
vl.c: fix memory leak
hw/arm/xlnx-zynqmp.c | 4 ++--
hw/ppc/spapr_drc.c | 1 +
target-i386/cpu.c| 2 +-
vl.c | 5 -
4 files cha
From: Gonglei
fix CID 1311373.
Signed-off-by: Gonglei
---
hw/ppc/spapr_drc.c | 1 +
1 file changed, 1 insertion(+)
diff --git a/hw/ppc/spapr_drc.c b/hw/ppc/spapr_drc.c
index ef98538..ee87432 100644
--- a/hw/ppc/spapr_drc.c
+++ b/hw/ppc/spapr_drc.c
@@ -422,6 +422,7 @@ static void realize(Devic
From: Gonglei
Failing to save or free storage allocated
by "g_strdup(names[0])" leaks it. Actually,
we can pass names[0] directly.
Signed-off-by: Gonglei
---
target-i386/cpu.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/target-i386/cpu.c b/target-i386/cpu.c
index f9b178
From: Gonglei
Failing to save or free storage allocated
by "g_strdup(cmd)" leaks it. Let's use a
variable to storage it.
Signed-off-by: Gonglei
---
vl.c | 5 -
1 file changed, 4 insertions(+), 1 deletion(-)
diff --git a/vl.c b/vl.c
index 3f269dc..399e816 100644
--- a/vl.c
+++ b/vl.c
@@ -1
From: Gonglei
Signed-off-by: Gonglei
---
qemu-doc.texi | 2 +-
qemu-options.hx | 2 +-
qemu-tech.texi | 2 +-
3 files changed, 3 insertions(+), 3 deletions(-)
diff --git a/qemu-doc.texi b/qemu-doc.texi
index 0125bc7..94af8c0 100644
--- a/qemu-doc.texi
+++ b/qemu-doc.texi
@@ -1061,7 +1061,7
From: Gonglei
Meanwhile, using g_new0 instead of g_malloc0,
refer to commit 5839e53.
Signed-off-by: Gonglei
---
hw/net/rocker/rocker.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/hw/net/rocker/rocker.c b/hw/net/rocker/rocker.c
index 4d25842..7e06015 100644
--- a/hw/ne
From: Gonglei
in_num = req->elem.in_num, and req->elem.in_num is
checked in line 489, so the check about in_num variable
is superflous, let's drop it.
Signed-off-by: Gonglei
---
hw/block/virtio-blk.c | 3 +--
1 file changed, 1 insertion(+), 2 deletions(-)
diff --git a/hw/block/virtio-blk.c b/
From: Gonglei
Variable "conf" going out of scope leaks the storage
it points to in line 856.
Signed-off-by: Gonglei
---
v2:
using an better way to avoid memory leak. (Markus)
---
audio/ossaudio.c | 9 +++--
1 file changed, 3 insertions(+), 6 deletions(-)
diff --git a/audio/ossaudio.c b/
From: Gonglei
Variable "r" going out of scope leaks the storage
it points to in line 3268.
Signed-off-by: Gonglei
Reviewed-by: Amit Shah
---
v2:
- Drop needless initialization. (Markus & Paolo)
- add Amit's R-by.
---
migration/rdma.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-
From: Gonglei
Potentially overflowing expression "1 << prop->bitnr" with
type "int" (32 bits, signed) is evaluated using 32-bit arithmetic,
and then used in a context that expects an expression of type
"uint64_t" (64 bits, unsigned).
Cc: Gerd Hoffmann
Signed-off-by: Paolo Bonzini
Signed-off-by
From: Gonglei
Overrunning array "proxy->guest_features" of 2 4-byte
elements at element index 2 (byte offset 8) using index
"proxy->gfselect" (which evaluates to 2). Normally, the
Linux kernel driver just read/write '0' or '1' as the
"proxy->gfselect" values, so using '<' instead of '=<' to
make
From: Gonglei
Gonglei (2):
virito-pci: fix OVERRUN problem
qdev: fix OVERFLOW_BEFORE_WIDEN
hw/core/qdev-properties.c | 2 +-
hw/virtio/virtio-pci.c| 4 ++--
2 files changed, 3 insertions(+), 3 deletions(-)
--
1.7.12.4
From: Gonglei
Variable "r" going out of scope leaks the storage
it points to in line 3268.
Signed-off-by: Gonglei
---
migration/rdma.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/migration/rdma.c b/migration/rdma.c
index cf5de7e..de80860 100644
--- a/migration/rdma.c
From: Gonglei
Variable "conf" going out of scope leaks the storage
it points to in line 856.
Signed-off-by: Gonglei
---
audio/ossaudio.c | 1 +
1 file changed, 1 insertion(+)
diff --git a/audio/ossaudio.c b/audio/ossaudio.c
index 11e76a1..7dbe333 100644
--- a/audio/ossaudio.c
+++ b/audio/ossa
From: Gonglei
before:
(qemu) 2015-05-21T02:07:43.695065Z qemu-system-x86_64: test
after applying this patch:
(qemu) [2015-05-21T02:21:46.023619Z UTC] qemu-system-x86_64: test
Cc: Eric Blake
Signed-off-by: Gonglei
---
util/qemu-error.c | 2 +-
1 file changed, 1 insertion(+), 1 de
From: Gonglei
Because DO_UPCAST() is long deprecated, let me do
some cleanup work.
Please review,
thanks
Cc: Michael S. Tsirkin
Cc: Paolo Bonzini
Gonglei (6):
pci-assign: QOMify
piix: piix3 QOMify
piix4: QOMify
wdt_i6300esb: QOMify
xen_pt: QOMify
vt82c686: QOMify
hw/i386/kvm/p
From: Gonglei
Signed-off-by: Gonglei
---
hw/isa/vt82c686.c | 47 ---
1 file changed, 32 insertions(+), 15 deletions(-)
diff --git a/hw/isa/vt82c686.c b/hw/isa/vt82c686.c
index b8197b1..bb6f6df 100644
--- a/hw/isa/vt82c686.c
+++ b/hw/isa/vt82c686.c
@@
From: Gonglei
Signed-off-by: Gonglei
---
hw/watchdog/wdt_i6300esb.c | 14 +-
1 file changed, 9 insertions(+), 5 deletions(-)
diff --git a/hw/watchdog/wdt_i6300esb.c b/hw/watchdog/wdt_i6300esb.c
index 4ebdbb8..cfa2b1b 100644
--- a/hw/watchdog/wdt_i6300esb.c
+++ b/hw/watchdog/wdt_i63
From: Gonglei
Signed-off-by: Gonglei
---
hw/pci-host/piix.c | 57 +-
1 file changed, 31 insertions(+), 26 deletions(-)
diff --git a/hw/pci-host/piix.c b/hw/pci-host/piix.c
index 723836f..f0fe4a1 100644
--- a/hw/pci-host/piix.c
+++ b/hw/pci-ho
From: Gonglei
Cc: Stefano Stabellini
Signed-off-by: Gonglei
---
hw/xen/xen_pt.c | 10 +-
hw/xen/xen_pt.h | 4
2 files changed, 9 insertions(+), 5 deletions(-)
diff --git a/hw/xen/xen_pt.c b/hw/xen/xen_pt.c
index d095c08..6674974 100644
--- a/hw/xen/xen_pt.c
+++ b/hw/xen/xen_pt.c
From: Gonglei
Signed-off-by: Gonglei
---
hw/isa/piix4.c | 8 ++--
1 file changed, 6 insertions(+), 2 deletions(-)
diff --git a/hw/isa/piix4.c b/hw/isa/piix4.c
index d9522b1..2c59e91 100644
--- a/hw/isa/piix4.c
+++ b/hw/isa/piix4.c
@@ -34,6 +34,10 @@ typedef struct PIIX4State {
PCIDevi
From: Gonglei
Signed-off-by: Gonglei
---
hw/i386/kvm/pci-assign.c | 39 +--
1 file changed, 21 insertions(+), 18 deletions(-)
diff --git a/hw/i386/kvm/pci-assign.c b/hw/i386/kvm/pci-assign.c
index 9db7c77..74d22f4 100644
--- a/hw/i386/kvm/pci-assign.c
+++ b/
From: Gonglei
Signed-off-by: Gonglei
---
hw/display/vga-pci.c | 48 ++--
1 file changed, 30 insertions(+), 18 deletions(-)
diff --git a/hw/display/vga-pci.c b/hw/display/vga-pci.c
index aabfc23..ff5dfb2 100644
--- a/hw/display/vga-pci.c
+++ b/hw/disp
From: Gonglei
Signed-off-by: Gonglei
---
hw/display/qxl.c | 44 ++--
hw/display/qxl.h | 3 +++
2 files changed, 29 insertions(+), 18 deletions(-)
diff --git a/hw/display/qxl.c b/hw/display/qxl.c
index 0cd314c..8f40dfb 100644
--- a/hw/display/qxl.c
+++ b
From: Gonglei
QOMify pci-cirrus-vga like isa-cirrus-vga device.
Signed-off-by: Gonglei
---
hw/display/cirrus_vga.c | 8 ++--
1 file changed, 6 insertions(+), 2 deletions(-)
diff --git a/hw/display/cirrus_vga.c b/hw/display/cirrus_vga.c
index 8765a7e..5198037 100644
--- a/hw/display/cirrus
From: Gonglei
Hi,
These three patches just some cleanup work about DO_UPCAST().
Please review,
Thanks
Cc: Gerd Hoffmann
Gonglei (3):
vga-pci: QOMify
cirrus_vga: QOMify
qxl: QOMify
hw/display/cirrus_vga.c | 8 ++--
hw/display/qxl.c| 44 ++--
From: Gonglei
Signed-off-by: Gonglei
---
hw/usb/dev-audio.c | 23 +--
1 file changed, 13 insertions(+), 10 deletions(-)
diff --git a/hw/usb/dev-audio.c b/hw/usb/dev-audio.c
index 67deffe..f092bb8 100644
--- a/hw/usb/dev-audio.c
+++ b/hw/usb/dev-audio.c
@@ -361,6 +361,9 @@ t
From: Gonglei
Signed-off-by: Gonglei
---
hw/usb/dev-serial.c | 43 +++
1 file changed, 27 insertions(+), 16 deletions(-)
diff --git a/hw/usb/dev-serial.c b/hw/usb/dev-serial.c
index 67c2072..6ca3da9 100644
--- a/hw/usb/dev-serial.c
+++ b/hw/usb/dev-seria
From: Gonglei
Signed-off-by: Gonglei
---
hw/usb/dev-network.c | 11 +++
1 file changed, 7 insertions(+), 4 deletions(-)
diff --git a/hw/usb/dev-network.c b/hw/usb/dev-network.c
index 1866991..5f2ffd0 100644
--- a/hw/usb/dev-network.c
+++ b/hw/usb/dev-network.c
@@ -648,6 +648,9 @@ typed
From: Gonglei
Signed-off-by: Gonglei
---
hw/usb/dev-hub.c | 11 +++
1 file changed, 7 insertions(+), 4 deletions(-)
diff --git a/hw/usb/dev-hub.c b/hw/usb/dev-hub.c
index 0482f58..c8c6855 100644
--- a/hw/usb/dev-hub.c
+++ b/hw/usb/dev-hub.c
@@ -41,6 +41,9 @@ typedef struct USBHubState
From: Gonglei
When x-root property not be configured, will cause segfault
because of null pointer accessing. Add a check for s->root
property avoid segfault.
Signed-off-by: Gonglei
---
hw/usb/dev-mtp.c | 4
1 file changed, 4 insertions(+)
diff --git a/hw/usb/dev-mtp.c b/hw/usb/dev-mtp.c
From: Gonglei
Signed-off-by: Gonglei
---
hw/usb/redirect.c | 25 ++---
1 file changed, 14 insertions(+), 11 deletions(-)
diff --git a/hw/usb/redirect.c b/hw/usb/redirect.c
index 2416de8..242a654 100644
--- a/hw/usb/redirect.c
+++ b/hw/usb/redirect.c
@@ -130,6 +130,9 @@ stru
From: Gonglei
Signed-off-by: Gonglei
---
hw/usb/dev-uas.c | 15 +--
1 file changed, 9 insertions(+), 6 deletions(-)
diff --git a/hw/usb/dev-uas.c b/hw/usb/dev-uas.c
index 04fc515..38b26c5 100644
--- a/hw/usb/dev-uas.c
+++ b/hw/usb/dev-uas.c
@@ -127,6 +127,9 @@ struct UASDevice {
From: Gonglei
Signed-off-by: Gonglei
---
hw/usb/dev-storage.c | 32
1 file changed, 20 insertions(+), 12 deletions(-)
diff --git a/hw/usb/dev-storage.c b/hw/usb/dev-storage.c
index ae8d40d..abe0e1d 100644
--- a/hw/usb/dev-storage.c
+++ b/hw/usb/dev-storage.c
@@
From: Gonglei
Signed-off-by: Gonglei
---
hw/usb/dev-hid.c | 34 --
1 file changed, 20 insertions(+), 14 deletions(-)
diff --git a/hw/usb/dev-hid.c b/hw/usb/dev-hid.c
index 507c966..9623e72 100644
--- a/hw/usb/dev-hid.c
+++ b/hw/usb/dev-hid.c
@@ -51,6 +51,9 @@ ty
From: Gonglei
Because DO_UPCAST() is long deprecated, let me do
some cleanup work for usb sub-system, which I have
said in previous conversation of a bugfix.
Patch 7 is a bugfix.
Please review, thanks :)
Gonglei (14):
uhci: QOMify
usb: usb-audio QOMify
usb: usb-bt QOMify
usb: usb-hi
From: Gonglei
Signed-off-by: Gonglei
---
hw/usb/dev-smartcard-reader.c | 50 ---
1 file changed, 28 insertions(+), 22 deletions(-)
diff --git a/hw/usb/dev-smartcard-reader.c b/hw/usb/dev-smartcard-reader.c
index 78ce681..2d29367 100644
--- a/hw/usb/dev-s
From: Gonglei
Signed-off-by: Gonglei
---
hw/usb/dev-bluetooth.c | 13 -
1 file changed, 8 insertions(+), 5 deletions(-)
diff --git a/hw/usb/dev-bluetooth.c b/hw/usb/dev-bluetooth.c
index 9bf6730..b19ec76 100644
--- a/hw/usb/dev-bluetooth.c
+++ b/hw/usb/dev-bluetooth.c
@@ -49,6 +49,
From: Gonglei
Signed-off-by: Gonglei
---
hw/usb/dev-wacom.c | 9 ++---
1 file changed, 6 insertions(+), 3 deletions(-)
diff --git a/hw/usb/dev-wacom.c b/hw/usb/dev-wacom.c
index 844eafa..c2450e7 100644
--- a/hw/usb/dev-wacom.c
+++ b/hw/usb/dev-wacom.c
@@ -56,6 +56,9 @@ typedef struct USBWa
From: Gonglei
Signed-off-by: Gonglei
---
hw/usb/dev-mtp.c | 11 +++
1 file changed, 7 insertions(+), 4 deletions(-)
diff --git a/hw/usb/dev-mtp.c b/hw/usb/dev-mtp.c
index 108ece8..c9c1f32 100644
--- a/hw/usb/dev-mtp.c
+++ b/hw/usb/dev-mtp.c
@@ -130,6 +130,9 @@ struct MTPState {
QT
From: Gonglei
Cc: Gerd Hoffmann
Signed-off-by: Gonglei
---
hw/usb/hcd-uhci.c | 43 +++
1 file changed, 31 insertions(+), 12 deletions(-)
diff --git a/hw/usb/hcd-uhci.c b/hw/usb/hcd-uhci.c
index 327f26d..64a7d87 100644
--- a/hw/usb/hcd-uhci.c
+++ b/hw/us
From: Gonglei
Coveristy reports that variable prom_buf/params_buf going
out of scope leaks the storage it points to.
Cc: Aurelien Jarno
Cc: Leon Alrae
Signed-off-by: Gonglei
---
hw/mips/mips_fulong2e.c | 1 +
hw/mips/mips_malta.c| 1 +
hw/mips/mips_r4k.c | 1 +
3 files changed, 3 in
From: Gonglei
Value from xfer->packet.ep is assigned to ep here, but that
stored value is not used before it is overwritten. Remove it.
Cc: Gerd Hoffmann
Signed-off-by: Gonglei
---
hw/usb/hcd-xhci.c | 1 -
1 file changed, 1 deletion(-)
diff --git a/hw/usb/hcd-xhci.c b/hw/usb/hcd-xhci.c
index
From: Gonglei
Signed-off-by: Gonglei
---
hw/virtio/vhost-user.c | 22 +++---
1 file changed, 11 insertions(+), 11 deletions(-)
diff --git a/hw/virtio/vhost-user.c b/hw/virtio/vhost-user.c
index aefe0bb..e7ab829 100644
--- a/hw/virtio/vhost-user.c
+++ b/hw/virtio/vhost-user.c
@@
From: Gonglei
These trivial patches are collected by me
during qemu 2.3 hard-freeze time, which spoted by coverity.
Please ack or review if possible, thanks.
Gonglei (3):
target-mips: fix memory leak
xhci: remove unused code
vhost-user: remove superfluous '\n' around error_report()
hw/m
From: Gonglei
Add a space after comma.
Signed-off-by: Gonglei
---
bootdevice.c | 2 +-
tests/usb-hcd-ohci-test.c | 2 +-
tests/usb-hcd-uhci-test.c | 2 +-
tests/usb-hcd-xhci-test.c | 2 +-
4 files changed, 4 insertions(+), 4 deletions(-)
diff --git a/bootdevice.c b/bootdevice.c
i
From: Gonglei
When hot-unplugging the usb controllers (ehci/uhci),
we have to clean all resouce of these devices,
involved registered reset handler. Otherwise, it
may cause NULL pointer access and/or segmentation fault
if we reboot the guest os after hot-unplugging.
Let's hook up reset via Devic
From: Gonglei
When hot-unplugging the usb controllers (ehci/uhci),
we have to clean all resouce of these devices,
involved registered reset handler. Otherwise, it
may cause NULL pointer access and/or segmentation fault
if we reboot the guest os after hot-unplugging.
Let's hook up reset via Devic
From: Gonglei
When hot-unplugging the usb controllers (ehci/uhci),
we have to clean all resouce of these devices,
involved registered reset handler. Otherwise, it
may cause NULL pointer access and/or segmentation fault
if we reboot the guest os after hot-unplugging.
Let's hook up reset via D
From: Gonglei
When hot-unplugging the usb controllers (ehci/uhci),
we have to clean all resouce of these devices,
involved registered reset handler. Otherwise, it
may cause NULL pointer access and/or segmentation fault
if we reboot the guest os after hot-unplugging.
Let's hook up reset via Devic
From: Gonglei
When hot-unplugging the usb controllers (ehci/uhci),
we have to clean all resouce of these devices,
involved registered reset handler. Otherwise, it
may cause NULL pointer access and/or segmentation fault
if we reboot the guest os after hot-unplugging.
Let's hook up reset via Devic
From: Gonglei
When hot-unplugging the usb controllers (ehci/uhci),
we have to clean all resouce of these devices,
involved registered reset handler. Otherwise, it
may cause NULL pointer access and/or segmentation fault
if we reboot the guest os after hot-unplugging.
Let's hook up reset via D
From: Gonglei
When hot-unplugging the usb controllers (ehci/uhci),
we have to clean all resouce of these devices,
involved registered reset handler. Otherwise, it
may cause NULL pointer access and/or segmentation fault
if we reboot the guest os after hot-unplugging.
Let's hook up reset via Devic
From: Gonglei
When hot-unplugging the usb controllers (ehci/uhci),
we have to clean all resouce of these devices,
involved registered reset handler. Otherwise, it
may cause NULL pointer access and/or segmentation fault
if we reboot the guest os after hot-unplugging.
Let's hook up reset via Devic
From: Gonglei
When hot-unplugging the usb controllers (ehci/uhci),
we have to clean all resouce of these devices,
involved registered reset handler. Otherwise, it
may cause NULL pointer access and/or segmentation fault
if we reboot the guest os after hot-unplugging.
Let's hook up reset via D
From: Gonglei
When hot-unplugging the usb controllers (ehci/uhci),
we have to clean all resouce of these devices,
involved registered reset handler. Otherwise, it
may cause NULL pointer access and/or segmentation fault
if we reboot the guest os after hot-unplugging.
Let's hook up reset via Devic
From: Gonglei
When hot-unplugging the usb controllers (ehci/uhci),
we have to clean all resouce of these devices,
involved registered reset handler. Otherwise, it
may cause NULL pointer access and/or segmentation fault
if we reboot the guest os after hot-unplugging.
Let's hook up reset via Devic
From: Gonglei
When hot-unplugging the usb controllers (ehci/uhci),
we have to clean all resouce of these devices,
involved registered reset handler. Otherwise, it
may cause NULL pointer access and/or segmentation fault
if we reboot the guest os after hot-unplugging.
Let's hook up reset via Devic
From: Gonglei
When hot-unplugging the usb controllers (ehci/uhci),
we have to clean all resouce of these devices,
involed registered reset handler. Otherwise, it
may cause NULL pointer access and/or segmentation fault
if we reboot the guest os after hot-unplugging.
Cc: qemu-stable
Reported-by:
From: Gonglei
Reproducer:
#./qemu-system-x86_64 -vnc :0,ip
qemu-system-x86_64: -vnc :1,ip: Invalid parameter 'ip'
Segmentation fault (core dumped)
Signed-off-by: Gonglei
---
v2: remove useless initialization for variable id. (mjt)
---
ui/vnc.c | 7 ++-
1 file changed, 6 insertions(+), 1 d
From: Gonglei
Reproducer:
#./qemu-system-x86_64 -vnc :0,ip
qemu-system-x86_64: -vnc :1,ip: Invalid parameter 'ip'
Segmentation fault (core dumped)
Signed-off-by: Gonglei
---
This patch bases on Gerd's vnc queue.
---
ui/vnc.c | 7 ++-
1 file changed, 6 insertions(+), 1 deletion(-)
diff -
From: Gonglei
vs->lsock may equal to 0, modify the check condition,
avoid possible vs->lsock leak.
Signed-off-by: Gonglei
---
ui/vnc.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/ui/vnc.c b/ui/vnc.c
index 10a2724..259eca2 100644
--- a/ui/vnc.c
+++ b/ui/vnc.c
@@ -3641,7
From: Gonglei
patch 1 reported by coverity several month ago,
patch 2 is founded by code review.
Gonglei (2):
ui/console: fix OVERFLOW_BEFORE_WIDEN
vnc: avoid possible file handler leak
ui/console.c | 4 ++--
ui/vnc.c | 2 +-
2 files changed, 3 insertions(+), 3 deletions(-)
--
1.7.1
From: Gonglei
Signed-off-by: Gonglei
---
ui/console.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/ui/console.c b/ui/console.c
index 87af6b5..b15ca87 100644
--- a/ui/console.c
+++ b/ui/console.c
@@ -1285,9 +1285,9 @@ DisplaySurface *qemu_create_displaysurface_guestmem
From: Gonglei
When not assign a -dtb argument, the variable dtb_filename
storage returned from qemu_find_file(), which should be freed
after use. Alternatively we define a local variable filename,
with 'char *' type, free after use.
Cc: Michael Tokarev
Cc: Edgar E. Iglesias
Signed-off-by: Gong
From: Gonglei
Cc: Michael Tokarev
Cc: Peter Maydell
Signed-off-by: Gonglei
---
v2:
Fix a complier error, remove `const' from the variable
declaration. (mjt)
---
hw/arm/digic_boards.c | 1 +
hw/arm/highbank.c | 1 +
hw/arm/vexpress.c | 3 ++-
hw/arm/virt.c | 3 ++-
4 files c
From: Gonglei
Either 'once' option or 'order' option can take effect for -boot at
the same time, that is say initial startup processing can check only
one. And pc.c's set_boot_dev() fails when its boot order argument
is invalid. This patch provide a solution fix this problem:
1. If "once" is gi
From: Gonglei
qemu_boot_set() can't fail in restore_boot_order(),
then simply assert it doesn't fail, by passing
&error_abort if boot_set_handler set.
Suggested-by: Markus Armbruster
Signed-off-by: Gonglei
Reviewed-by: Markus Armbruster
---
bootdevice.c |4 +++-
1 file changed, 3 inserti
From: Gonglei
The following changes since commit 0856579cac2f1dacecd847cfcd89680d26ff78f5:
Revert "Merge remote-tracking branch 'remotes/ehabkost/tags/x86-pull-request'
into staging" (2015-03-03 00:29:17 +)
are available in the git repository at:
https://github.com/gongleiarei/qemu.gi
From: Gonglei
Signed-off-by: Gonglei
---
v2: fix compilation complaint. (mjt)
---
hw/ppc/e500.c | 2 ++
1 file changed, 2 insertions(+)
diff --git a/hw/ppc/e500.c b/hw/ppc/e500.c
index 7e17d18..c060b50 100644
--- a/hw/ppc/e500.c
+++ b/hw/ppc/e500.c
@@ -309,8 +309,10 @@ static int ppce500_load_
From: Wang Xin
numero sign is the number sign key of Russian keyboard layout, we
get this key with press 'shift + 3'. It's missing in current
Russian keymap file, this patch fix it.
As number sign is not exsit in Russian keyboard layout[1][2], this
patch also remove the 'numbersign' from Russian
From: Wang Xin
This patch adds missing cyrillic characters 'numerosign' to the VNC
keysym table, it's need by Russian keyboard. And I get the keysym from
'', the current keysym table in Qemu was generated from
it.
Signed-off-by: Wang xin
Signed-off-by: Gonglei
---
ui/vnc_keysym.h | 1 +
1 fil
From: Wang Xin
Add the keysym and keycode of 'numerosign' in Russian keyboard layout
to VNC keysyms table and keymap.
v2->v1:
Remove the key 'numbersign' from Russian keymap as it is not exsit
in Russian keyboard layout.
Wang Xin (2):
qemu-char: add cyrillic characters 'numerosign' to VNC k
From: Gonglei
When not assign a -dtb argument, the variable dtb_filename
storage returned from qemu_find_file(), which should be freed
after using.
Signed-off-by: Gonglei
---
hw/microblaze/boot.c | 4 +++-
1 file changed, 3 insertions(+), 1 deletion(-)
diff --git a/hw/microblaze/boot.c b/hw/m
From: Gonglei
If ret = macio_initfn_ide() is less than 0, the timer_memory
will leak the memory it points to.
Signed-off-by: Gonglei
---
hw/misc/macio/macio.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/hw/misc/macio/macio.c b/hw/misc/macio/macio.c
index e0f1e88..bf96
From: Gonglei
Signed-off-by: Gonglei
---
block/nbd.c | 1 +
1 file changed, 1 insertion(+)
diff --git a/block/nbd.c b/block/nbd.c
index 2f3b9ad..b9955cb 100644
--- a/block/nbd.c
+++ b/block/nbd.c
@@ -273,6 +273,7 @@ static int nbd_open(BlockDriverState *bs, QDict *options,
int flags,
*/
From: Gonglei
Signed-off-by: Gonglei
---
hw/core/sysbus.c | 2 ++
1 file changed, 2 insertions(+)
diff --git a/hw/core/sysbus.c b/hw/core/sysbus.c
index 84af593..b53c351 100644
--- a/hw/core/sysbus.c
+++ b/hw/core/sysbus.c
@@ -91,6 +91,8 @@ bool sysbus_has_irq(SysBusDevice *dev, int n)
Ob
From: Gonglei
All those defects are spotted by Coverity, which
classed in high impact outstanding defects.
Reports come from scan.coverity.com for Qemu.
Cc: Paolo Bonzini
Cc: Markus Armbruster
Cc: qemu-triv...@nongnu.org
Gonglei (9):
nbd: fix resource leak
arm: fix memory leak
sparc/leo
From: Gonglei
Reproducer:
$./qemu-system-x86_64 --enable-kvm -kernel /home/vmlinuz-2.6.32.12-0.7-default
\
-initrd /home/initrd-2.6.32.12-0.7-default -append \
"root=/dev/ram rw console=ttyS0,115200" -dtb guest.dtb -vnc :10 --monitor
stdio -smp 2
QEMU 2.2.50 monitor - type 'help' for more
From: Gonglei
Signed-off-by: Gonglei
Reviewed-by: Markus Armbruster
---
hw/arm/digic_boards.c | 6 +++---
1 file changed, 3 insertions(+), 3 deletions(-)
diff --git a/hw/arm/digic_boards.c b/hw/arm/digic_boards.c
index 2a4b872..7114c36 100644
--- a/hw/arm/digic_boards.c
+++ b/hw/arm/digic_boa
From: Gonglei
Signed-off-by: Gonglei
Reviewed-by: Markus Armbruster
---
hw/virtio/vhost-backend.c | 2 +-
net/vhost-user.c | 4 ++--
2 files changed, 3 insertions(+), 3 deletions(-)
diff --git a/hw/virtio/vhost-backend.c b/hw/virtio/vhost-backend.c
index ff4f200..4d68a27 100644
--- a
From: Gonglei
Signed-off-by: Gonglei
Reviewed-by: Markus Armbruster
---
hw/timer/a9gtimer.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/hw/timer/a9gtimer.c b/hw/timer/a9gtimer.c
index 435142a..b087bbd 100644
--- a/hw/timer/a9gtimer.c
+++ b/hw/timer/a9gtimer.c
@@ -289,7
From: Gonglei
Signed-off-by: Gonglei
Reviewed-by: Markus Armbruster
---
hw/tpm/tpm_passthrough.c | 12 ++--
tpm.c| 2 +-
2 files changed, 7 insertions(+), 7 deletions(-)
diff --git a/hw/tpm/tpm_passthrough.c b/hw/tpm/tpm_passthrough.c
index 2bf3c6f..13ac1d2 100644
From: Gonglei
Signed-off-by: Gonglei
Reviewed-by: Markus Armbruster
---
hw/xtensa/sim.c| 2 +-
hw/xtensa/xtfpga.c | 10 +-
2 files changed, 6 insertions(+), 6 deletions(-)
diff --git a/hw/xtensa/sim.c b/hw/xtensa/sim.c
index 37ea9ae..328d209 100644
--- a/hw/xtensa/sim.c
+++ b/hw/
From: Gonglei
Signed-off-by: Gonglei
Reviewed-by: Markus Armbruster
---
exec.c | 2 +-
hw/ide/pci.c | 2 +-
hw/microblaze/boot.c | 2 +-
migration/rdma.c | 2 +-
target-s390x/kvm.c | 2 +-
trace/control.c | 2 +-
6 files changed, 6 insertions(+), 6 deletions(-)
From: Gonglei
Signed-off-by: Gonglei
Reviewed-by: Markus Armbruster
---
hw/dma/pl330.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/hw/dma/pl330.c b/hw/dma/pl330.c
index 16cf77e..5be3df5 100644
--- a/hw/dma/pl330.c
+++ b/hw/dma/pl330.c
@@ -1566,7 +1566,7 @@ static vo
From: Gonglei
Signed-off-by: Gonglei
Reviewed-by: Markus Armbruster
---
block/archipelago.c | 6 +++---
hw/block/nand.c | 2 +-
qemu-img.c | 2 +-
3 files changed, 5 insertions(+), 5 deletions(-)
diff --git a/block/archipelago.c b/block/archipelago.c
index a8114b5..855655c 100644
From: Gonglei
Signed-off-by: Gonglei
Reviewed-by: Markus Armbruster
---
numa.c | 6 +++---
1 file changed, 3 insertions(+), 3 deletions(-)
diff --git a/numa.c b/numa.c
index afd2866..6decd13 100644
--- a/numa.c
+++ b/numa.c
@@ -59,7 +59,7 @@ static void numa_node_parse(NumaNodeOptions *node,
From: Gonglei
Signed-off-by: Gonglei
Reviewed-by: Markus Armbruster
---
hw/scsi/vhost-scsi.c | 6 +++---
1 file changed, 3 insertions(+), 3 deletions(-)
diff --git a/hw/scsi/vhost-scsi.c b/hw/scsi/vhost-scsi.c
index dcb2bc5..54f916e 100644
--- a/hw/scsi/vhost-scsi.c
+++ b/hw/scsi/vhost-scsi.c
From: Gonglei
Signed-off-by: Gonglei
Reviewed-by: Markus Armbruster
---
hw/vfio/common.c | 10 +-
1 file changed, 5 insertions(+), 5 deletions(-)
diff --git a/hw/vfio/common.c b/hw/vfio/common.c
index c5d1551..9289389 100644
--- a/hw/vfio/common.c
+++ b/hw/vfio/common.c
@@ -201,7 +201
From: Gonglei
v2 -> v1:
- remove superfluous "" in patch 3. (Michael Tokarev)
- move qemu-img.c hunk from patch 5 to patch 1. (Markus)
- add 'R-by' tag for this patch series.
Yestoday, I found that some files have superflous '\n' charactor
around error_report/error_setg when reviewed patches.
1 - 100 of 951 matches
Mail list logo