sdk/emulator/qemu.git
14 years agotcg-sparc: Implement neg.
Richard Henderson [Tue, 16 Feb 2010 21:55:15 +0000 (13:55 -0800)]
tcg-sparc: Implement neg.

The fallback implementation of "ret = 0 - arg1" isn't ideal,
first because of the extra tcg op to load the zero, and second
because we fail to handle zero as %g0 for arg1 of the sub.

Signed-off-by: Richard Henderson <rth@twiddle.net>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
14 years agoFix warning on mingw32
Blue Swirl [Sat, 20 Feb 2010 08:29:17 +0000 (08:29 +0000)]
Fix warning on mingw32

/src/qemu/hw/ide/core.c: In function 'ide_drive_pre_save':
/src/qemu/hw/ide/core.c:2740: warning: comparison is always false due to limited range of data type

Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
14 years agoFix warning on OpenBSD
Blue Swirl [Sat, 20 Feb 2010 08:20:18 +0000 (08:20 +0000)]
Fix warning on OpenBSD

/src/qemu/net.c: In function `net_check_clients':
/src/qemu/net.c:1287: warning: `has_nic' might be used uninitialized in this function
/src/qemu/net.c:1287: warning: `has_host_dev' might be used uninitialized in this function

Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
14 years agotcg/ppc: Consistently use calling convention selection macros
malc [Fri, 19 Feb 2010 22:47:35 +0000 (01:47 +0300)]
tcg/ppc: Consistently use calling convention selection macros

Signed-off-by: malc <av1474@comtv.ru>
14 years agoUse ppc host calling convention definitions to set TCG_TARGET_CALL_{ALIGN_ARGS,STACK_...
Juergen Lock [Fri, 19 Feb 2010 18:30:07 +0000 (19:30 +0100)]
Use ppc host calling convention definitions to set TCG_TARGET_CALL_{ALIGN_ARGS,STACK_OFFSET}.

New version after malc's comments.  (This avoids having to do
  #if defined __linux__ || defined __FreeBSD__ || defined __FreeBSD_kernel__
for the third case.)

Submitted by: Andreas Tobler <andreast@fgznet.ch>  (original version)

Signed-off-by: Juergen Lock <nox@jelal.kn-bremen.de>
Signed-off-by: malc <av1474@comtv.ru>
14 years agoAdd FreeBSD/ppc host ucontext definitions.
Juergen Lock [Fri, 19 Feb 2010 18:29:25 +0000 (19:29 +0100)]
Add FreeBSD/ppc host ucontext definitions.

Submitted by: Andreas Tobler <andreast@fgznet.ch>

Signed-off-by: Juergen Lock <nox@jelal.kn-bremen.de>
Signed-off-by: malc <av1474@comtv.ru>
14 years agoAdd FreeBSD/ppc host ppc_init_cacheline_sizes() implementation.
Juergen Lock [Fri, 19 Feb 2010 18:28:23 +0000 (19:28 +0100)]
Add FreeBSD/ppc host ppc_init_cacheline_sizes() implementation.

New version after malc's comments.  (Added error handling.)

Submitted by: Andreas Tobler <andreast@fgznet.ch>

Signed-off-by: Juergen Lock <nox@jelal.kn-bremen.de>
Signed-off-by: malc <av1474@comtv.ru>
14 years agoqemu-img: Fix error message
Kevin Wolf [Wed, 17 Feb 2010 11:33:17 +0000 (12:33 +0100)]
qemu-img: Fix error message

When qemu-img can't open the new backing file for a rebase, it prints an error
message which contains the file name of the old backing file. This is wrong,
obviously.

Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
14 years agoqemu-img: Fix segfault during rebase
Kevin Wolf [Wed, 17 Feb 2010 11:32:59 +0000 (12:32 +0100)]
qemu-img: Fix segfault during rebase

This fixes a possible read beyond the end of the temporary buffers used for
comparing data in the old and the new backing file.

Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
14 years agoqcow2: Fix access after end of array
Kevin Wolf [Tue, 16 Feb 2010 14:54:49 +0000 (15:54 +0100)]
qcow2: Fix access after end of array

If a write requests crosses a L2 table boundary and all clusters until the
end of the L2 table are usable for the request, we must not look at the next
L2 entry because we already have arrived at the end of the array.

Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
14 years agoqdev: Free opts on failed do_device_add
Kevin Wolf [Tue, 16 Feb 2010 12:12:38 +0000 (13:12 +0100)]
qdev: Free opts on failed do_device_add

If the device can't be created, don't leak the QemuOpts and release the id of
the device that should have been added by the failed device_add.

Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
14 years agoQEMU e820 reservation patch
Jes Sorensen [Mon, 15 Feb 2010 17:33:46 +0000 (18:33 +0100)]
QEMU e820 reservation patch

Hi,

Kevin and I have agreed on the approach for this one now. So here is
the latest version of the patch for QEMU, submitting e820 reservation
entries via fw_cfg.

Cheers,
Jes

Use qemu-cfg to provide the BIOS with an optional table of e820 entries.

Notify the BIOS of the location of the TSS+EPT range to by reserving
it via the e820 table.

This matches a corresponding patch for Seabios, however older versions
of Seabios will default to the hardcoded address range and stay
compatible with current QEMU.

Signed-off-by: Jes Sorensen <Jes.Sorensen@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
14 years agoide save/restore pio/atapi cmd transfer fields and io buffer
Marcelo Tosatti [Thu, 11 Feb 2010 20:19:44 +0000 (18:19 -0200)]
ide save/restore pio/atapi cmd transfer fields and io buffer

Save/restore information necessary to continue in progress PIO/ATAPI CMD
transfers.

This includes the IO buffer.

Signed-off-by: Marcelo Tosatti <mtosatti@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
14 years agovirtio-serial: pci: Allow MSI to be disabled
Amit Shah [Fri, 12 Feb 2010 13:22:38 +0000 (18:52 +0530)]
virtio-serial: pci: Allow MSI to be disabled

Michael noted we don't allow disabling of MSI for the virtio-serial-pci
device. Fix that.

Signed-off-by: Amit Shah <amit.shah@redhat.com>
CC: "Michael S. Tsirkin" <mst@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
14 years agovirtio-serial: don't set MULTIPORT for 1 port dev
Michael S. Tsirkin [Mon, 15 Feb 2010 15:13:56 +0000 (20:43 +0530)]
virtio-serial: don't set MULTIPORT for 1 port dev

Since commit 98b19252cf1bd97c54bc4613f3537c5ec0aae263, all
serial devices declare MULTIPORT feature.
To allow 0.12 compatibility, we should clear this when
max_nr_ports is 1.

Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Amit Shah <amit.shah@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
14 years agopc: Add backward compatibility options for virtio-serial
Amit Shah [Mon, 15 Feb 2010 15:13:55 +0000 (20:43 +0530)]
pc: Add backward compatibility options for virtio-serial

virtio-serial-pci can support multiple ports in the current development
version that will become 0.13. Add compatibility options for the 0.12
and 0.11 pc machine types.

Signed-off-by: Amit Shah <amit.shah@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
14 years agopc: Bump up pc version to 0.13 and add a 0.12 compat version
Amit Shah [Mon, 15 Feb 2010 15:13:54 +0000 (20:43 +0530)]
pc: Bump up pc version to 0.13 and add a 0.12 compat version

The version 0.13 will be the new default and compatibility options will
be added to the 0.12 version.

Signed-off-by: Amit Shah <amit.shah@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
14 years agoUSB HID does not support Set_Idle
Kevin O'Connor [Sat, 13 Feb 2010 23:32:17 +0000 (18:32 -0500)]
USB HID does not support Set_Idle

I found that the QEMU USB keyboard support does not work properly with
the Set_Idle command.  Once a non-zero value is given to Set_Idle,
then the keyboard reports an event on every poll - not based on the
time issued in the Set_Idle command.

I changed the code (see patch below) and it works for me.  I'm not
that familiar with the qemu internals, so I'm not sure if this is the
best way to implement this feature.

-Kevin

Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
14 years agoblock: more read-only changes, related to backing files
Naphtali Sprei [Sun, 14 Feb 2010 11:39:18 +0000 (13:39 +0200)]
block: more read-only changes, related to backing files

Open backing file read-only where possible
Upgrade backing file to read-write during commit, back to read-only after commit
  If upgrade fail, back to read-only. If also fail, "disconnect" the drive.

Signed-off-by: Naphtali Sprei <nsprei@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
14 years agomingw32: Enable C99/POSIX format strings
Stefan Weil [Fri, 12 Feb 2010 10:02:08 +0000 (11:02 +0100)]
mingw32: Enable C99/POSIX format strings

Starting with mingw32-runtime 3.15, C99/POSIX
format strings (%zu, %lld, ...) are supported
by defining __USE_MINGW_ANSI_STDIO=1.

As QEMU uses such format strings, unconditionally
define this macro. It won't hurt on older revisions
of mingw32-runtime.

Tested with manually installed mingw32-runtime 3.15
on debian (cross compiled + wine).

Signed-off-by: Stefan Weil <weil@mail.berlios.de>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
14 years agoFix hanging user monitor when using balloon command
Adam Litke [Fri, 12 Feb 2010 20:55:56 +0000 (14:55 -0600)]
Fix hanging user monitor when using balloon command

Arghh... Adding missing S-O-B

Hi Anthony.  I wonder if there was a problem when importing my async
command handler patchset.  Since the 'balloon' command completes
immediately, it must call the completion callback before returning.
That call was missing but is added by the patch below.

Signed-off-by: Adam Litke <agl@us.ibm.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
14 years agoMonitor: Report more than one error in handlers
Luiz Capitulino [Thu, 11 Feb 2010 01:50:07 +0000 (23:50 -0200)]
Monitor: Report more than one error in handlers

Handlers can generate only one error in a call, we let the
programmer know if they brake this rule and clients will only
get the first generated error.

Signed-off-by: Luiz Capitulino <lcapitulino@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
14 years agoMonitor: Debug stray prints the right way
Luiz Capitulino [Thu, 11 Feb 2010 01:50:06 +0000 (23:50 -0200)]
Monitor: Debug stray prints the right way

QObject Monitor handlers should not call any Monitor print
function: they should only build objects, printing is done
by common code.

Current QMP code will ignore such calls, as we can't send
garbage to clients, additionally it will also emit an
undefined error on the assumption that print calls usually
report errors.

However, the right way to deal with this is to rely on a
return code. This has been fixed by other commit already.

Now, this commit drops the error from monitor_vprintf() and
adds a better debugging mechanism for those 'stray' prints:
we count them if debug is enabled and let the developer know
if a QObject handler is trying to print anything.

Signed-off-by: Luiz Capitulino <lcapitulino@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
14 years agoMonitor: Audit handler return
Luiz Capitulino [Thu, 11 Feb 2010 01:50:05 +0000 (23:50 -0200)]
Monitor: Audit handler return

This commit verifies the following two rules specified by
Markus Armbruster:

1. If the handler returns failure, it must have passed an error.

   If it didn't, it's broken. Report an internal error to the client,
   and report the bug to the programmer.

2. If the handler returns success, it must not have passed an error.

   If it did, it's broken. Report the error to the client, and report
   the bug to the programmer.

Signed-off-by: Luiz Capitulino <lcapitulino@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
14 years agoMonitor: Drop the print disabling mechanism
Luiz Capitulino [Thu, 11 Feb 2010 01:50:04 +0000 (23:50 -0200)]
Monitor: Drop the print disabling mechanism

We can ignore calls to monitor_vprintf() in QMP mode and use
monitor_puts() directly in monitor_json_emitter().

This allows us to drop this ugly hack.

Signed-off-by: Luiz Capitulino <lcapitulino@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
14 years agoMonitor: Debugging support
Luiz Capitulino [Thu, 11 Feb 2010 01:50:03 +0000 (23:50 -0200)]
Monitor: Debugging support

Add configure options (--enable-debug-mon and --disable-debug-mon)
plus the MON_DEBUG() macro.

Signed-off-by: Luiz Capitulino <lcapitulino@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
14 years agoMonitor: Rename cmd_new_ret()
Luiz Capitulino [Thu, 11 Feb 2010 01:50:02 +0000 (23:50 -0200)]
Monitor: Rename cmd_new_ret()

Now that all handlers are converted to cmd_new_ret(), we can rename
it back to cmd_new(). But now it returns a value.

Signed-off-by: Luiz Capitulino <lcapitulino@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
14 years agoMonitor: Convert do_change() to cmd_new_ret()
Luiz Capitulino [Thu, 11 Feb 2010 01:50:01 +0000 (23:50 -0200)]
Monitor: Convert do_change() to cmd_new_ret()

Not that trivial as the call chain also has to be modified.

Signed-off-by: Luiz Capitulino <lcapitulino@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
14 years agoMonitor: Convert do_info() to cmd_new_ret()
Luiz Capitulino [Thu, 11 Feb 2010 01:50:00 +0000 (23:50 -0200)]
Monitor: Convert do_info() to cmd_new_ret()

Note that this function only fails in QMP, in the user Monitor
it prints the help text instead.

Signed-off-by: Luiz Capitulino <lcapitulino@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
14 years agoMonitor: Convert do_physical_memory_save() to cmd_new_ret()
Luiz Capitulino [Thu, 11 Feb 2010 01:49:59 +0000 (23:49 -0200)]
Monitor: Convert do_physical_memory_save() to cmd_new_ret()

Signed-off-by: Luiz Capitulino <lcapitulino@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
14 years agoMonitor: Convert do_memory_save() to cmd_new_ret()
Luiz Capitulino [Thu, 11 Feb 2010 01:49:58 +0000 (23:49 -0200)]
Monitor: Convert do_memory_save() to cmd_new_ret()

Signed-off-by: Luiz Capitulino <lcapitulino@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
14 years agoMonitor: Convert do_migrate() to cmd_new_ret()
Luiz Capitulino [Thu, 11 Feb 2010 01:49:57 +0000 (23:49 -0200)]
Monitor: Convert do_migrate() to cmd_new_ret()

While there I'm also dropping a unneeded else clause (the last
one in the function).

Signed-off-by: Luiz Capitulino <lcapitulino@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
14 years agoMonitor: Convert pci_device_hot_remove() to cmd_new_ret()
Luiz Capitulino [Thu, 11 Feb 2010 01:49:56 +0000 (23:49 -0200)]
Monitor: Convert pci_device_hot_remove() to cmd_new_ret()

Signed-off-by: Luiz Capitulino <lcapitulino@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
14 years agoMonitor: Convert pci_device_hot_add() to cmd_new_ret()
Luiz Capitulino [Thu, 11 Feb 2010 01:49:55 +0000 (23:49 -0200)]
Monitor: Convert pci_device_hot_add() to cmd_new_ret()

Signed-off-by: Luiz Capitulino <lcapitulino@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
14 years agoMonitor: Convert do_closefd() to cmd_new_ret()
Luiz Capitulino [Thu, 11 Feb 2010 01:49:54 +0000 (23:49 -0200)]
Monitor: Convert do_closefd() to cmd_new_ret()

Signed-off-by: Luiz Capitulino <lcapitulino@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
14 years agoMonitor: Convert do_getfd() to cmd_new_ret()
Luiz Capitulino [Thu, 11 Feb 2010 01:49:53 +0000 (23:49 -0200)]
Monitor: Convert do_getfd() to cmd_new_ret()

Signed-off-by: Luiz Capitulino <lcapitulino@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
14 years agoMonitor: Convert do_block_set_passwd() to cmd_new_ret()
Luiz Capitulino [Thu, 11 Feb 2010 01:49:52 +0000 (23:49 -0200)]
Monitor: Convert do_block_set_passwd() to cmd_new_ret()

Signed-off-by: Luiz Capitulino <lcapitulino@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
14 years agoMonitor: Convert do_cpu_set() to cmd_new_ret()
Luiz Capitulino [Thu, 11 Feb 2010 01:49:51 +0000 (23:49 -0200)]
Monitor: Convert do_cpu_set() to cmd_new_ret()

Signed-off-by: Luiz Capitulino <lcapitulino@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
14 years agoMonitor: Convert do_eject() to cmd_new_ret()
Luiz Capitulino [Thu, 11 Feb 2010 01:49:50 +0000 (23:49 -0200)]
Monitor: Convert do_eject() to cmd_new_ret()

Signed-off-by: Luiz Capitulino <lcapitulino@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
14 years agoMonitor: Convert do_cont() to cmd_new_ret()
Luiz Capitulino [Thu, 11 Feb 2010 01:49:49 +0000 (23:49 -0200)]
Monitor: Convert do_cont() to cmd_new_ret()

Signed-off-by: Luiz Capitulino <lcapitulino@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
14 years agoMonitor: Convert simple handlers to cmd_new_ret()
Luiz Capitulino [Thu, 11 Feb 2010 01:49:48 +0000 (23:49 -0200)]
Monitor: Convert simple handlers to cmd_new_ret()

The following handlers always succeed and hence can be converted
to cmd_new_ret() in the same commit.

- do_stop()
- do_quit()
- do_system_reset()
- do_system_powerdown()
- do_migrate_cancel()
- do_qmp_capabilities()
- do_migrate_set_speed()
- do_migrate_set_downtime()

Signed-off-by: Luiz Capitulino <lcapitulino@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
14 years agoMonitor: Introduce cmd_new_ret()
Luiz Capitulino [Thu, 11 Feb 2010 01:49:47 +0000 (23:49 -0200)]
Monitor: Introduce cmd_new_ret()

In order to implement the new error handling and debugging
mechanism for command handlers, we need to change the cmd_new()
callback to return a value.

This commit introduces cmd_new_ret(), which returns a value and
will be used only temporarily to handle the transition from
cmd_new().

That is, as soon as all command handlers are ported to cmd_new_ret(),
it will be renamed back to cmd_new() and the new error handling
and debugging mechanism will be added on top of it.

Signed-off-by: Luiz Capitulino <lcapitulino@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
14 years agomove default allocator to console.c
Paolo Bonzini [Wed, 10 Feb 2010 23:29:57 +0000 (00:29 +0100)]
move default allocator to console.c

Moving stuff in console.c to avoid the need for prototypes makes
this patch a bit bigger, but there's no change in the code.

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
14 years agoremove knowledge of defaultallocator_free_displaysurface from sdl.c
Paolo Bonzini [Wed, 10 Feb 2010 23:29:56 +0000 (00:29 +0100)]
remove knowledge of defaultallocator_free_displaysurface from sdl.c

Let register_displayallocator hand over the old width/height to the new
allocator.

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
14 years agouse lazy initialization for display_state
Paolo Bonzini [Wed, 10 Feb 2010 23:29:55 +0000 (00:29 +0100)]
use lazy initialization for display_state

Ensure initialization of a dumb display, if needed, by making
all accesses go through get_displaystate.

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
14 years agoMerge remote branch 'mst/for_anthony' into staging
Anthony Liguori [Fri, 19 Feb 2010 19:02:10 +0000 (13:02 -0600)]
Merge remote branch 'mst/for_anthony' into staging

14 years agonet: Monitor command set_link finds only VLAN clients, fix
Markus Armbruster [Thu, 11 Feb 2010 13:45:02 +0000 (14:45 +0100)]
net: Monitor command set_link finds only VLAN clients, fix

Clients not associated with a VLAN exist since commit d80b9fc6.

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
14 years agonet: info network shows only VLAN clients, fix
Markus Armbruster [Thu, 11 Feb 2010 13:45:01 +0000 (14:45 +0100)]
net: info network shows only VLAN clients, fix

Clients not associated with a VLAN exist since commit d80b9fc6.

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
14 years agonet: net_check_clients() checks only VLAN clients, fix
Markus Armbruster [Thu, 11 Feb 2010 13:45:00 +0000 (14:45 +0100)]
net: net_check_clients() checks only VLAN clients, fix

Clients not associated with a VLAN exist since commit d80b9fc6.

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
14 years agonet: Fix bogus "Warning: vlan 0 with no nics" with -device
Markus Armbruster [Thu, 11 Feb 2010 13:44:59 +0000 (14:44 +0100)]
net: Fix bogus "Warning: vlan 0 with no nics" with -device

net_check_clients() prints this when an VLAN has host devices, but no
guest devices.  It uses VLANState members nb_guest_devs and
nb_host_devs to keep track of these devices.  However, -device does
not update nb_guest_devs, only net_init_nic() does that, for -net nic.

Check the VLAN clients directly, and remove the counters.

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
14 years agonet: net_check_clients() runs too early to see -device, fix
Markus Armbruster [Thu, 11 Feb 2010 13:44:58 +0000 (14:44 +0100)]
net: net_check_clients() runs too early to see -device, fix

Call it right after -device devices get created.

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
14 years agonet: Remove unused net_client_uninit()
Markus Armbruster [Thu, 11 Feb 2010 13:44:57 +0000 (14:44 +0100)]
net: Remove unused net_client_uninit()

Unused since commit 9ad4531e.

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
14 years agoFix strace or FUTEX_PRIVATE_FLAG
Paul Brook [Fri, 19 Feb 2010 16:04:51 +0000 (16:04 +0000)]
Fix strace or FUTEX_PRIVATE_FLAG

FUTEX_PRIVATE_FLAG is a bit orred with an existing futex op,
not a distinct value.

Signed-off-by: Paul Brook <paul@codesourcery.com>
14 years agotarget-arm: support thumb exception handlers
Rabin Vincent [Sun, 14 Feb 2010 18:32:36 +0000 (00:02 +0530)]
target-arm: support thumb exception handlers

When handling an exception, switch to the correct mode based on the
Thumb Exception (TE) bit in the SCTLR.

Signed-off-by: Rabin Vincent <rabin@rab.in>
14 years agotarget-arm: implement Thumb-2 exception return
Rabin Vincent [Sun, 14 Feb 2010 18:32:35 +0000 (00:02 +0530)]
target-arm: implement Thumb-2 exception return

Support the "subs pc, lr" Thumb-2 exception return instruction.

Signed-off-by: Rabin Vincent <rabin@rab.in>
Signed-off-by: Paul Brook <paul@codesourcery.com>
14 years agotarget-arm: fix thumb CPS
Rabin Vincent [Sun, 14 Feb 2010 18:32:34 +0000 (00:02 +0530)]
target-arm: fix thumb CPS

The Thumb CPS currently does not work correctly: CPSID touches more bits
than the instruction wants to, and CPSIE does nothing.  Fix it by
passing the correct mask (the "affect" bits) and value.

Signed-off-by: Rabin Vincent <rabin@rab.in>
14 years agoget rid of hostregs_helper.h
Paolo Bonzini [Thu, 18 Feb 2010 20:25:23 +0000 (21:25 +0100)]
get rid of hostregs_helper.h

Since b567b38 (target-arm: remove T0 and T1, 2009-10-16) the only global
register that is used is AREG0, so the complexity of hostregs_helper.h
is unused.  Use regular assignments and a compiler optimization barrier.

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
14 years agoremove dead m68k definitions
Paolo Bonzini [Thu, 18 Feb 2010 20:25:22 +0000 (21:25 +0100)]
remove dead m68k definitions

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
14 years agotcg: Add consistency checks for op definitions
Stefan Weil [Mon, 15 Feb 2010 16:17:21 +0000 (17:17 +0100)]
tcg: Add consistency checks for op definitions

When compiled with CONFIG_DEBUG_TCG, this code looks
for missing, duplicate and wrong entries in the
op definitions.

Errors will raise an assertion at program start
(all checks are done in the initial phase).

The current code contains such errors, at least for
i386 guest on i386 host.

Signed-off-by: Stefan Weil <weil@mail.berlios.de>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
14 years agotcg-sparc: Implement setcond, setcond2.
Richard Henderson [Tue, 16 Feb 2010 05:22:59 +0000 (21:22 -0800)]
tcg-sparc: Implement setcond, setcond2.

Signed-off-by: Richard Henderson <rth@twiddle.net>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
14 years agotcg: Add tcg_swap_cond.
Richard Henderson [Tue, 9 Feb 2010 20:33:09 +0000 (12:33 -0800)]
tcg: Add tcg_swap_cond.

Returns the condition as if with swapped comparison operands.

Signed-off-by: Richard Henderson <rth@twiddle.net>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
14 years agocrisv10: Prettify.
Edgar E. Iglesias [Mon, 15 Feb 2010 22:39:48 +0000 (23:39 +0100)]
crisv10: Prettify.

Signed-off-by: Edgar E. Iglesias <edgar.iglesias@gmail.com>
14 years agosparc32 fix spurious dma interrupts v2
Artyom Tarasenko [Mon, 15 Feb 2010 17:39:50 +0000 (18:39 +0100)]
sparc32 fix spurious dma interrupts v2

Don't raise irq when not enabled.
Raise irq on enabling if DMA_INTR is set
Don't clear irq unless it was raised by DMA, as there are other irq sources
Don't set DMA_INTR bit spuriously.

v1->v2:
 - Don't clear irq unless it was raised by DMA
 - Raise irq on enabling if DMA_INTR is set
 - Assume revertion of 787cfbc432bf1d353a77cbdb613754f3963371a3

Signed-off-by: Artyom Tarasenko <atar4qemu@gmail.com>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
14 years agoRevert "Sparc32: improve DMA controller IRQ debugging"
Blue Swirl [Mon, 15 Feb 2010 17:49:06 +0000 (17:49 +0000)]
Revert "Sparc32: improve DMA controller IRQ debugging"

This reverts commit 787cfbc432bf1d353a77cbdb613754f3963371a3.

14 years agocris: Add support for CRISv10 translation.
Edgar E. Iglesias [Mon, 15 Feb 2010 11:18:57 +0000 (12:18 +0100)]
cris: Add support for CRISv10 translation.

Signed-off-by: Edgar E. Iglesias <edgar.iglesias@gmail.com>
14 years agocris: Use tcg_gen_movi_tl.
Edgar E. Iglesias [Mon, 15 Feb 2010 11:15:07 +0000 (12:15 +0100)]
cris: Use tcg_gen_movi_tl.

Signed-off-by: Edgar E. Iglesias <edgar.iglesias@gmail.com>
14 years agocris: Add v10 style interrupts.
Edgar E. Iglesias [Mon, 15 Feb 2010 10:47:34 +0000 (11:47 +0100)]
cris: Add v10 style interrupts.

Signed-off-by: Edgar E. Iglesias <edgar.iglesias@gmail.com>
14 years agocrisv10: Always clear the V and C flags on btst.
Edgar E. Iglesias [Mon, 15 Feb 2010 10:20:30 +0000 (11:20 +0100)]
crisv10: Always clear the V and C flags on btst.

Signed-off-by: Edgar E. Iglesias <edgar.iglesias@gmail.com>
14 years agocris: Prepare for CRISv10.
Edgar E. Iglesias [Mon, 15 Feb 2010 10:17:33 +0000 (11:17 +0100)]
cris: Prepare for CRISv10.

* Add prefix flag and special reg.
* Add interrupt lockout.
* Add CC_OP_MSTEP.

Signed-off-by: Edgar E. Iglesias <edgar.iglesias@gmail.com>
14 years agoversatile_pci: cleanup
Michael S. Tsirkin [Mon, 8 Feb 2010 21:36:02 +0000 (23:36 +0200)]
versatile_pci: cleanup

Cleanup versatile_pci: no need to re-set fields
to zero (pci core sets 0 already), use set_word
for status field. Compile-tested only, but seems obvious.

Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
Acked-by: Anthony Liguori <aliguori@us.ibm.com>
14 years agoversatile_pci: convert to symbolic names
Michael S. Tsirkin [Mon, 8 Feb 2010 21:33:33 +0000 (23:33 +0200)]
versatile_pci: convert to symbolic names

This converts versatile_pci to use symbolic
constants. Verified by comparing binary to
original one.

Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
Acked-by: Anthony Liguori <aliguori@us.ibm.com>
14 years agoPPC: Add timer when running KVM
Alexander Graf [Tue, 9 Feb 2010 16:37:10 +0000 (17:37 +0100)]
PPC: Add timer when running KVM

For some odd reason we sometimes hang inside KVM forever. I'd guess it's
a race condition where we actually have a level triggered interrupt, but
the infrastructure can't expose that yet, so the guest ACKs it, goes to
sleep and never gets notified that there's still an interrupt pending.

As a quick workaround, let's just wake up every 500 ms. That way we can
assure that we're always reinjecting interrupts in time.

Signed-off-by: Alexander Graf <agraf@suse.de>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
14 years agoPPC: Fix large pages
Alexander Graf [Tue, 9 Feb 2010 16:37:09 +0000 (17:37 +0100)]
PPC: Fix large pages

We were masking 1TB SLB entries on the feature bit of 16 MB pages. Obviously
that breaks, so let's just ignore 1TB SLB entries for now and instead do
16MB pages correctly.

This fixes PPC64 Linux boot with -m above 256.

Signed-off-by: Alexander Graf <agraf@suse.de>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
14 years agoPPC: Add USB per default on U3
Alexander Graf [Tue, 9 Feb 2010 16:37:08 +0000 (17:37 +0100)]
PPC: Add USB per default on U3

Linux with CONFIG_PPC64 doesn't support ADB devices anymore, so we have to
use USB for keyboard and mouse.

This patch enables USB per default on U3 and adds a virtual keyboard and mouse
there.

Signed-off-by: Alexander Graf <agraf@suse.de>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
14 years agoPPC: Get rid of segfaults in DBDMA emulation
Alexander Graf [Tue, 9 Feb 2010 16:37:07 +0000 (17:37 +0100)]
PPC: Get rid of segfaults in DBDMA emulation

While trying to find the right channel number for the DBDMA emulation I
stumbled across segmentation faults that were purely triggered by the guest.

The guest should never have the possiblity to segfault us, so let's check
all indirect function calls on a channel, so the code even works for channels
that have not been reserved.

Signed-off-by: Alexander Graf <agraf@suse.de>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
14 years agoPPC: Use macio IDE controller for Newworld
Alexander Graf [Tue, 9 Feb 2010 16:37:06 +0000 (17:37 +0100)]
PPC: Use macio IDE controller for Newworld

Per default Linux doesn't come with a lot of storage adapters enabled on
Mac configurations. The one that's pretty much always present is the pmac-ide,
while the cmd64x is almost never included in any distribution.

So let's switch to use the MacIO based IDE controller. There is corresponding
OpenBIOS code to get interrupts working properly.

Signed-off-by: Alexander Graf <agraf@suse.de>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
14 years agoPPC: tell the guest about the time base frequency
Alexander Graf [Tue, 9 Feb 2010 16:37:05 +0000 (17:37 +0100)]
PPC: tell the guest about the time base frequency

Our guest systems need to know by how much the timebase increases every second,
so there usually is a "timebase-frequency" property in the cpu leaf of the
device tree.

This property is missing in OpenBIOS.

With qemu, Linux's fallback timebase speed and qemu's internal timebase speed
match up. With KVM, that is no longer true. The guest is running at the same
timebase speed as the host.

This leads to massive timing problems. On my test machine, a "sleep 2" takes
about 14 seconds with KVM enabled.

This patch exports the timebase frequency to OpenBIOS, so it can then put them
into the device tree.

Signed-off-by: Alexander Graf <agraf@suse.de>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
14 years agoPPC: Make interrupts work
Alexander Graf [Tue, 9 Feb 2010 16:37:04 +0000 (17:37 +0100)]
PPC: Make interrupts work

The interrupt code as is didn't really work for me. I couldn't even convince
Linux to take interrupt 9 in an interrupt-map.

So let's do this right. Let's map all PCI interrupts to 0x1b - 0x1e. That way
we're at least a small step closer to what real hardware does.

I also took the interrupt pin to line conversion from OpenBIOS, which at least
assures us we're compatible with our firmware :-).

A dump of the PCI interrupt-map from a U2 (iBook):

00009000 00000000 00000000 00000000 ff97c528 00000034 00000001
0000d800 00000000 00000000 00000000 ff97c528 0000003f 00000001
0000c000 00000000 00000000 00000000 ff97c528 0000001b 00000001
0000c800 00000000 00000000 00000000 ff97c528 0000001c 00000001
0000d000 00000000 00000000 00000000 ff97c528 0000001d 00000001

Signed-off-by: Alexander Graf <agraf@suse.de>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
14 years agoPPC: Include dump of lspci -nn on real G5
Alexander Graf [Tue, 9 Feb 2010 16:37:03 +0000 (17:37 +0100)]
PPC: Include dump of lspci -nn on real G5

To ease debugging and to know what we're lacking, I found it really useful to
have an lspci dump of a real U3 based G5 around. So I added a comment for it.

If people don't think it's important enough to include this information in the
sources, just don't apply this patch.

Signed-off-by: Alexander Graf <agraf@suse.de>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
14 years agoPPC: Use Mac99_U3 type on ppc64
Alexander Graf [Tue, 9 Feb 2010 16:37:02 +0000 (17:37 +0100)]
PPC: Use Mac99_U3 type on ppc64

The "Mac99" type so far defines a "U2" based configuration. Unfortunately,
there have never been any U2 based PPC64 machines. That's what the U3 was
developed for.

So let's split the Mac99 machine in a PPC64 and a PPC32 machine. The PPC32
machine stays "Mac99", while the PPC64 one becomes "Mac99_U3". All peripherals
stay the same.

Signed-off-by: Alexander Graf <agraf@suse.de>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
14 years agoPPC: Uninorth config space accessor
Alexander Graf [Tue, 9 Feb 2010 16:37:01 +0000 (17:37 +0100)]
PPC: Uninorth config space accessor

The Uninorth PCI bridge requires different layouts in its PCI config space
accessors.

This patch introduces a conversion function that makes it compatible with
the way Linux accesses it.

I also kept an OpenBIOS compatibility hack in. I think it'd be better to
take small steps here and do the config space access rework in OpenBIOS
later on. When that's done we can remove that hack.

Signed-off-by: Alexander Graf <agraf@suse.de>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
14 years agopci_host: rewrite using rwhandler
Michael S. Tsirkin [Sat, 16 Jan 2010 17:20:07 +0000 (19:20 +0200)]
pci_host: rewrite using rwhandler

Save a ton of code by switching pcihost to use rwhandler.

Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
14 years agorwhandler: simplified way to register for mem/io
Michael S. Tsirkin [Thu, 14 Jan 2010 14:00:14 +0000 (16:00 +0200)]
rwhandler: simplified way to register for mem/io

Some users prefer a single callback with length passed as parameter to
using b/w/l callbacks. It would maybe be cleaner to just pass length to
existing callbacks but that's a lot of churn.  So for now add a wrapper.
For convenience use pcibus_t for address so a single callback can be
used for pci io and pci memory.

I did have to resort to preprocessor to reduce code duplication.  It is
however slightly more straightforward, and better contained than what we
had with pci_host_template.h. Again, it would go away if we just passed
len to existing callbacks.

Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
14 years agobwap: add qemu_bswap helper
Michael S. Tsirkin [Thu, 14 Jan 2010 13:58:52 +0000 (15:58 +0200)]
bwap: add qemu_bswap helper

add helper that can swap values of 4, 2, 1 bytes

Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
14 years agopci: move pcibus_t to qemu-common
Michael S. Tsirkin [Wed, 10 Feb 2010 19:25:42 +0000 (21:25 +0200)]
pci: move pcibus_t to qemu-common

move pcibus_t to qemu-common.h to simplify header dependencies.

Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
14 years agodec: use PCI accessors
Blue Swirl [Sun, 14 Feb 2010 09:01:14 +0000 (09:01 +0000)]
dec: use PCI accessors

Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
14 years agosparc64: use PCI accessors for APB/PBM
Blue Swirl [Sun, 14 Feb 2010 08:27:19 +0000 (08:27 +0000)]
sparc64: use PCI accessors for APB/PBM

Remove useless set to zero lines. Latency programming should be
done by BIOS, reset value is zero.

Add revision to APB, don't enable PCI_COMMAND_MASTER and set status
according to APB specification.

Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
14 years agoRemove conditional rom loading support
Blue Swirl [Sun, 14 Feb 2010 07:24:03 +0000 (07:24 +0000)]
Remove conditional rom loading support

Commit c2039bd0ffce8807e0eaac55254fde790825fa92 made rom loading
automatic for non-PC architectures. Remove now mostly unused
conditional rom loading support.

Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
14 years agoFix incorrect exception_index use
Blue Swirl [Sun, 14 Feb 2010 07:23:50 +0000 (07:23 +0000)]
Fix incorrect exception_index use

env->exception_index should be cleared with -1, not 0.

See also 821b19fe923ac49a24cdb4af902584fdd019cee6.

Spotted by Igor Kovalenko.

Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
14 years agopci: fix info pci with host bridge.
Isaku Yamahata [Mon, 8 Feb 2010 06:40:38 +0000 (15:40 +0900)]
pci: fix info pci with host bridge.

This patch fixes 525e05147d5a3bdc08caa422d108c1ef71b584b5.
pci host bridge doesn't have header type of bridge.
The check should be by header type, instead of pci class device.

Cc: Blue Swirl <blauwirbel@gmail.com>
Cc: "Michael S. Tsirkin" <mst@redhat.com>
Signed-off-by: Isaku Yamahata <yamahata@valinux.co.jp>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
14 years agoMerge branch 'for_anthony' of git://git.kernel.org/pub/scm/linux/kernel/git/mst/qemu
Blue Swirl [Sat, 13 Feb 2010 07:00:05 +0000 (09:00 +0200)]
Merge branch 'for_anthony' of git://git./linux/kernel/git/mst/qemu

* 'for_anthony' of git://git.kernel.org/pub/scm/linux/kernel/git/mst/qemu:
  pci: fix pci_find_bus()

14 years agoide: add topology support
Christoph Hellwig [Wed, 10 Feb 2010 22:37:51 +0000 (23:37 +0100)]
ide: add topology support

Export the physical block size in the ATA IDENTIFY command.  The
other topology values are not supported in ATA so skip them.

Signed-off-by: Christoph Hellwig <hch@lst.de>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
14 years agoscsi: add topology support
Christoph Hellwig [Wed, 10 Feb 2010 22:37:37 +0000 (23:37 +0100)]
scsi: add topology support

Export the physical block size in the READ CAPACITY (16) command,
and add the new block limits VPD page to export the minimum and
optiomal I/O sizes.

Note that we also need to bump the scsi revision level to SPC-2
as that is the minimum requirement by at least the Linux kernel
to try READ CAPACITY (16) first and look at the block limits VPD
page.

Signed-off-by: Christoph Hellwig <hch@lst.de>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
14 years agovirtio-blk: add topology support
Christoph Hellwig [Wed, 10 Feb 2010 22:37:25 +0000 (23:37 +0100)]
virtio-blk: add topology support

Export all topology information in the block config structure,
guarded by a new VIRTIO_BLK_F_TOPOLOGY feature flag.

Signed-off-by: Christoph Hellwig <hch@lst.de>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
14 years agoblock: add topology qdev properties
Christoph Hellwig [Wed, 10 Feb 2010 22:37:09 +0000 (23:37 +0100)]
block: add topology qdev properties

Add three new qdev properties to export block topology information to
the guest.  This is needed to get optimal I/O alignment for RAID arrays
or SSDs.

The options are:

 - physical_block_size to specify the physical block size of the device,
   this is going to increase from 512 bytes to 4096 kilobytes for many
   modern storage devices
 - min_io_size to specify the minimal I/O size without performance impact,
   this is typically set to the RAID chunk size for arrays.
 - opt_io_size to specify the optimal sustained I/O size, this is
   typically the RAID stripe width for arrays.

I decided to not auto-probe these values from blkid which might easily
be possible as I don't know how to deal with these issues on migration.

Note that we specificly only set the physical_block_size, and not the
logial one which is the unit all I/O is described in.  The reason for
that is that IDE does not support increasing the logical block size and
at last for now I want to stick to one meachnisms in queue and allow
for easy switching of transports for a given backing image which would
not be possible if scsi and virtio use real 4k sectors, while ide only
uses the physical block exponent.

To make this more common for the different block drivers introduce a
new BlockConf structure holding all common block properties and a
DEFINE_BLOCK_PROPERTIES macro to add them all together, mirroring
what is done for network drivers.  Also switch over all block drivers
to use it, except for the floppy driver which has weird driveA/driveB
properties and probably won't require any advanced block options ever.

Example usage for a virtio device with 4k physical block size and
8k optimal I/O size:

  -drive file=scratch.img,media=disk,cache=none,id=scratch \
  -device virtio-blk-pci,drive=scratch,physical_block_size=4096,opt_io_size=8192

aliguori: updated patch to take into account BLOCK events

Signed-off-by: Christoph Hellwig <hch@lst.de>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
14 years agovirtio-blk: revert serial number support
hch@lst.de [Wed, 10 Feb 2010 22:36:49 +0000 (23:36 +0100)]
virtio-blk: revert serial number support

The addition of the whole ATA IDENTIY page caused the config space to
go above the allowed size in the PCI spec, and thus the feature was
already reverted in the Linux guest driver and disabled by default in
qemu.

Signed-off-by: Christoph Hellwig <hch@lst.de>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
14 years agoIncrease VNC_MAX_WIDTH
Brian Jackson [Mon, 8 Feb 2010 20:22:29 +0000 (14:22 -0600)]
Increase VNC_MAX_WIDTH

Increase VNC_MAX_WIDTH to match "commonly available" consumer level monitors
available these days.

This also closes KVM bug 2907597

Signed-off-by: Brian Jackson <iggy@theiggy.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
14 years agoqemu-img: use the heap instead of the huge stack array for win32
TeLeMan [Mon, 8 Feb 2010 08:20:00 +0000 (16:20 +0800)]
qemu-img: use the heap instead of the huge stack array for win32

The default stack size of PE is 1MB on win32 and IO_BUF_SIZE in
img_convert() & img_rebase() is 2MB, so qemu-img will crash when doing
"convert" & "rebase" on win32.
Although we can improve the stack size of PE to resolve it, I think we
should avoid using the huge stack variables.

Signed-off-by: TeLeMan <geleman@gmail.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
14 years agodon't dereference NULL after failed strdup
Jim Meyering [Mon, 8 Feb 2010 18:28:38 +0000 (19:28 +0100)]
don't dereference NULL after failed strdup

Most of these are obvious NULL-deref bug fixes, for example,
the ones in these files:

  block/curl.c
  net.c
  slirp/misc.c

and the first one in block/vvfat.c.
The others in block/vvfat.c may not lead to an immediate segfault, but I
traced the two schedule_rename(..., strdup(path)) uses, and a failed
strdup would appear to trigger this assertion in handle_renames_and_mkdirs:

    assert(commit->path);

The conversion to use qemu_strdup in envlist_to_environ is not technically
needed, but does avoid a theoretical leak in the caller when strdup fails
for one value, but later succeeds in allocating another buffer(plausible,
if one string length is much larger than the others).  The caller does
not know the length of the returned list, and as such can only free
pointers until it hits the first NULL.  If there are non-NULL pointers
beyond the first, their buffers would be leaked.  This one is admittedly
far-fetched.

The two in linux-user/main.c are worth fixing to ensure that an
OOM error is diagnosed up front, rather than letting it provoke some
harder-to-diagnose secondary error, in case of exec failure, or worse, in
case the exec succeeds but with an invalid list of command line options.
However, considering how unlikely it is to encounter a failed strdup early
in main, this isn't a big deal.  Note that adding the required uses of
qemu_strdup here and in envlist.c induce link failures because qemu_strdup
is not currently in any library they're linked with.  So for now, I've
omitted those changes, as well as the fixes in target-i386/helper.c
and target-sparc/helper.c.

If you'd like to see the above discussion (or anything else)
in the commit log, just let me know and I'll be happy to adjust.

>From 9af42864fd1ea666bd25e2cecfdfae74c20aa8c7 Mon Sep 17 00:00:00 2001
From: Jim Meyering <meyering@redhat.com>
Date: Mon, 8 Feb 2010 18:29:29 +0100
Subject: [PATCH] don't dereference NULL after failed strdup

Handle failing strdup by replacing each use with qemu_strdup,
so as not to dereference NULL or trigger a failing assertion.
* block/curl.c (curl_open): s/\bstrdup\b/qemu_strdup/
* block/vvfat.c (init_directories): Likewise.
(get_cluster_count_for_direntry, check_directory_consistency): Likewise.
* net.c (parse_host_src_port): Likewise.
* slirp/misc.c (fork_exec): Likewise.

Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
14 years agoQMP: Don't leak on connection close
Luiz Capitulino [Mon, 8 Feb 2010 19:01:30 +0000 (17:01 -0200)]
QMP: Don't leak on connection close

QMP's chardev event callback doesn't call
json_message_parser_destroy() on CHR_EVENT_CLOSED. As the call
to json_message_parser_init() on CHR_EVENT_OPENED allocates memory,
we'are leaking on close.

Fix that by just calling json_message_parser_destroy() on
CHR_EVENT_CLOSED.

Signed-off-by: Luiz Capitulino <lcapitulino@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>