54b840b37a
port that now also works for the 32 bit "qemu" executable on amd64 (if you build with the KQEMU knob on, you have to deinstall the old kqemu-kmod first if it is installed) - Add an ALL_TARGETS knob that, if turned off, omits the remaining dyngen targets, eliminating the need for gcc 3.4 (everything but ppc and sh4 has been converted to tcg in this snapshot) - Add tcg fixes for amd64 guests on i386 hosts (two of three have been committed to qemu svn in the meantime) [1] - Update the pkg-message about kqemu on amd64, and add a note about using nfs with slirp, the latter [2] - Homepage now at http://bellard.org/qemu/ - update links Submitted by: nox [1] Submitted by: joerg [2]
187 lines
6.9 KiB
Text
187 lines
6.9 KiB
Text
Index: qemu-0.8.2/hw/dma.c
|
|
===================================================================
|
|
--- qemu-0.8.2.orig/hw/dma.c 2006-07-22 20:23:34.000000000 +0300
|
|
+++ qemu-0.8.2/hw/dma.c 2007-04-20 06:05:59.000000000 +0300
|
|
@@ -340,9 +340,11 @@ static void channel_run (int ncont, int
|
|
#endif
|
|
|
|
r = dma_controllers[ncont].regs + ichan;
|
|
- n = r->transfer_handler (r->opaque, ichan + (ncont << 2),
|
|
- r->now[COUNT], (r->base[COUNT] + 1) << ncont);
|
|
- r->now[COUNT] = n;
|
|
+ if (r->transfer_handler) {
|
|
+ n = r->transfer_handler (r->opaque, ichan + (ncont << 2),
|
|
+ r->now[COUNT], (r->base[COUNT] + 1) << ncont);
|
|
+ r->now[COUNT] = n;
|
|
+ }
|
|
ldebug ("dma_pos %d size %d\n", n, (r->base[COUNT] + 1) << ncont);
|
|
}
|
|
|
|
Index: qemu/hw/fdc.c
|
|
@@ -1322,7 +1322,8 @@
|
|
fd_sector(cur_drv));
|
|
return 0;
|
|
}
|
|
- if (bdrv_read(cur_drv->bs, fd_sector(cur_drv), fdctrl->fifo, 1) < 0) {
|
|
+ if (cur_drv->bs == NULL ||
|
|
+ bdrv_read(cur_drv->bs, fd_sector(cur_drv), fdctrl->fifo, 1) < 0) {
|
|
FLOPPY_DPRINTF("error getting sector %d\n",
|
|
fd_sector(cur_drv));
|
|
/* Sure, image size is too small... */
|
|
@@ -1776,7 +1777,8 @@
|
|
if (pos == FD_SECTOR_LEN - 1 ||
|
|
fdctrl->data_pos == fdctrl->data_len) {
|
|
cur_drv = get_cur_drv(fdctrl);
|
|
- if (bdrv_write(cur_drv->bs, fd_sector(cur_drv), fdctrl->fifo, 1) < 0) {
|
|
+ if (cur_drv->bs == NULL ||
|
|
+ bdrv_write(cur_drv->bs, fd_sector(cur_drv), fdctrl->fifo, 1) < 0) {
|
|
FLOPPY_ERROR("writing sector %d\n", fd_sector(cur_drv));
|
|
return;
|
|
}
|
|
Index: qemu-0.8.2/hw/pc.c
|
|
===================================================================
|
|
--- qemu-0.8.2.orig/hw/pc.c 2007-04-20 06:05:58.000000000 +0300
|
|
+++ qemu-0.8.2/hw/pc.c 2007-04-20 06:05:59.000000000 +0300
|
|
@@ -312,7 +312,8 @@ void bochs_bios_write(void *opaque, uint
|
|
case 0x400:
|
|
case 0x401:
|
|
fprintf(stderr, "BIOS panic at rombios.c, line %d\n", val);
|
|
- exit(1);
|
|
+ /* according to documentation, these can be safely ignored */
|
|
+ break;
|
|
case 0x402:
|
|
case 0x403:
|
|
#ifdef DEBUG_BIOS
|
|
@@ -335,8 +336,9 @@ void bochs_bios_write(void *opaque, uint
|
|
/* LGPL'ed VGA BIOS messages */
|
|
case 0x501:
|
|
case 0x502:
|
|
+ /* according to documentation, these can be safely ignored */
|
|
fprintf(stderr, "VGA BIOS panic, line %d\n", val);
|
|
- exit(1);
|
|
+ break;
|
|
case 0x500:
|
|
case 0x503:
|
|
#ifdef DEBUG_BIOS
|
|
Index: qemu-0.8.2/hw/sb16.c
|
|
===================================================================
|
|
--- qemu-0.8.2.orig/hw/sb16.c 2006-07-22 20:23:34.000000000 +0300
|
|
+++ qemu-0.8.2/hw/sb16.c 2007-04-20 06:05:59.000000000 +0300
|
|
@@ -1235,8 +1235,10 @@ static int SB_read_DMA (void *opaque, in
|
|
s->block_size);
|
|
#endif
|
|
|
|
- while (s->left_till_irq <= 0) {
|
|
- s->left_till_irq = s->block_size + s->left_till_irq;
|
|
+ if (s->block_size) {
|
|
+ while (s->left_till_irq <= 0) {
|
|
+ s->left_till_irq = s->block_size + s->left_till_irq;
|
|
+ }
|
|
}
|
|
|
|
return dma_pos;
|
|
Index: qemu-0.8.2/slirp/slirp.c
|
|
===================================================================
|
|
--- qemu-0.8.2.orig/slirp/slirp.c 2006-07-22 20:23:34.000000000 +0300
|
|
+++ qemu-0.8.2/slirp/slirp.c 2007-04-20 06:05:59.000000000 +0300
|
|
@@ -611,6 +611,10 @@ void slirp_input(const uint8_t *pkt, int
|
|
if (!m)
|
|
return;
|
|
/* Note: we add to align the IP header */
|
|
+ /* taviso: large values in ne2k TCNT register may exceed msize on transmit */
|
|
+ if (M_FREEROOM(m) < pkt_len + 2) {
|
|
+ m_inc(m, pkt_len + 2);
|
|
+ }
|
|
m->m_len = pkt_len + 2;
|
|
memcpy(m->m_data + 2, pkt, pkt_len);
|
|
|
|
Index: qemu-0.8.2/target-i386/translate.c
|
|
===================================================================
|
|
--- qemu-0.8.2.orig/target-i386/translate.c 2006-07-22 20:23:34.000000000 +0300
|
|
+++ qemu-0.8.2/target-i386/translate.c 2007-04-20 06:05:59.000000000 +0300
|
|
@@ -5292,6 +5297,7 @@ static target_ulong disas_insn(DisasCont
|
|
gen_jmp_im(pc_start - s->cs_base);
|
|
gen_op_into(s->pc - pc_start);
|
|
break;
|
|
+#ifdef WANT_ICEBP
|
|
case 0xf1: /* icebp (undocumented, exits to external debugger) */
|
|
#if 1
|
|
gen_debug(s, pc_start - s->cs_base);
|
|
@@ -5301,6 +5307,7 @@ static target_ulong disas_insn(DisasCont
|
|
cpu_set_log(CPU_LOG_INT | CPU_LOG_TB_IN_ASM);
|
|
#endif
|
|
break;
|
|
+#endif /* icebp */
|
|
case 0xfa: /* cli */
|
|
if (!s->vm86) {
|
|
if (s->cpl <= s->iopl) {
|
|
Index: qemu-0.8.2/vl.c
|
|
===================================================================
|
|
--- qemu-0.8.2.orig/vl.c 2007-04-20 06:05:59.000000000 +0300
|
|
+++ qemu-0.8.2/vl.c 2007-04-20 06:05:59.000000000 +0300
|
|
@@ -3139,8 +3139,8 @@ typedef struct NetSocketState {
|
|
VLANClientState *vc;
|
|
int fd;
|
|
int state; /* 0 = getting length, 1 = getting data */
|
|
- int index;
|
|
- int packet_len;
|
|
+ unsigned int index;
|
|
+ unsigned int packet_len;
|
|
uint8_t buf[4096];
|
|
struct sockaddr_in dgram_dst; /* contains inet host and port destination iff connectionless (SOCK_DGRAM) */
|
|
} NetSocketState;
|
|
@@ -3171,7 +3171,8 @@ static void net_socket_receive_dgram(voi
|
|
static void net_socket_send(void *opaque)
|
|
{
|
|
NetSocketState *s = opaque;
|
|
- int l, size, err;
|
|
+ int size, err;
|
|
+ unsigned l;
|
|
uint8_t buf1[4096];
|
|
const uint8_t *buf;
|
|
|
|
@@ -3210,7 +3211,15 @@ static void net_socket_send(void *opaque
|
|
l = s->packet_len - s->index;
|
|
if (l > size)
|
|
l = size;
|
|
- memcpy(s->buf + s->index, buf, l);
|
|
+ if (s->index + l <= sizeof(s->buf)) {
|
|
+ memcpy(s->buf + s->index, buf, l);
|
|
+ } else {
|
|
+ fprintf(stderr, "serious error: oversized packet received,"
|
|
+ "connection terminated.\n");
|
|
+ s->state = 0;
|
|
+ goto eoc;
|
|
+ }
|
|
+
|
|
s->index += l;
|
|
buf += l;
|
|
size -= l;
|
|
Index: qemu/block.c
|
|
@@ -539,8 +539,15 @@
|
|
return -ENOMEDIUM;
|
|
if (bs->read_only)
|
|
return -EACCES;
|
|
+ if (sector_num < 0)
|
|
+ return -EACCES;
|
|
if (sector_num == 0 && bs->boot_sector_enabled && nb_sectors > 0) {
|
|
memcpy(bs->boot_sector_data, buf, 512);
|
|
+ }
|
|
+ {
|
|
+ unsigned int ns = sector_num * 512;
|
|
+ if (ns < 0)
|
|
+ return -EACCES;
|
|
}
|
|
if (drv->bdrv_pwrite) {
|
|
int ret, len;
|
|
Index: qemu/hw/i8259.c
|
|
@@ -302,7 +302,8 @@
|
|
s->init4 = val & 1;
|
|
s->single_mode = val & 2;
|
|
if (val & 0x08)
|
|
- hw_error("level sensitive irq not supported");
|
|
+ /* hw_error("level sensitive irq not supported"); */
|
|
+ return;
|
|
} else if (val & 0x08) {
|
|
if (val & 0x04)
|
|
s->poll = 1;
|