review.tizen.org Git - sdk/emulator/qemu.git/log

qjson: Inline token_is_keyword() and simplify

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Message-Id: <1448486613-17634-7-git-send-email-armbru@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>

qjson: Give each of the six structural chars its own token type

Simplifies things, because we always check for a specific one.

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Message-Id: <1448486613-17634-6-git-send-email-armbru@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>

qjson: Spell out some silent assumptions

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Message-Id: <1448486613-17634-5-git-send-email-armbru@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>

check-qjson: Add test for JSON nesting depth limit

This would have prevented the regression mentioned in the previous
commit.

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Message-Id: <1448486613-17634-4-git-send-email-armbru@redhat.com>

qjson: Don't crash when input exceeds nesting limit

We limit nesting depth and input size to defend against input
triggering excessive heap or stack memory use (commit 29c75dd
json-streamer: limit the maximum recursion depth and maximum token
count). However, when the nesting limit is exceeded,
parser_context_peek_token()'s assertion fails.

Broken in commit 65c0f1e "json-parser: don't replicate tokens at each
level of recursion".

To reproduce stuff 1025 open braces or brackets into QMP.

Fix by taking the error exit instead of the normal one.

Reported-by: Eric Blake <eblake@redhat.com>
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Message-Id: <1448486613-17634-3-git-send-email-armbru@redhat.com>

qjson: Apply nesting limit more sanely

The nesting limit from commit 29c75dd "json-streamer: limit the
maximum recursion depth and maximum token count" applies separately to
braces and brackets. This makes no sense. Apply it to their sum,
because that's actually a measure of recursion depth.

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Message-Id: <1448486613-17634-2-git-send-email-armbru@redhat.com>

monitor: Plug memory leak on QMP error

Leak introduced in commit 8a4f501..710aec9, v2.4.0.

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Message-Id: <1446117309-15322-1-git-send-email-armbru@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Reviewed-by: Luiz Capitulino <lcapitulino@redhat.com>

Merge remote-tracking branch 'remotes/kevin/tags/for-upstream' into staging

Block layer patches

# gpg: Signature made Wed 25 Nov 2015 13:33:14 GMT using RSA key ID C88F2FD6
# gpg: Good signature from "Kevin Wolf <kwolf@redhat.com>"

* remotes/kevin/tags/for-upstream:
  qemu-iotests: Add -nographic when starting QEMU in 119 and 120
  block/qapi: Plug memory leak on query-block error path
  raw-posix.c: Make GetBSDPath() handle caching options
  nand: fix flash erase when oob is in memory
  test-aio: Fix event notifier cleanup
  tests/Makefile: Add more dependencies for test-timed-average

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>

Merge remote-tracking branch 'mreitz/tags/pull-block-for-kevin-2015-11-25' into queue-block

One block patch for qemu 2.5-rc2.

# gpg: Signature made Wed Nov 25 14:30:45 2015 CET using RSA key ID E838ACAD
# gpg: Good signature from "Max Reitz <mreitz@redhat.com>"

* mreitz/tags/pull-block-for-kevin-2015-11-25:
qemu-iotests: Add -nographic when starting QEMU in 119 and 120

Signed-off-by: Kevin Wolf <kwolf@redhat.com>

qemu-iotests: Add -nographic when starting QEMU in 119 and 120

Otherwise, a window flashes on my desktop (built with SDL). Add this as
other cases have it.

Signed-off-by: Fam Zheng <famz@redhat.com>
Message-id: 1448245930-15031-1-git-send-email-famz@redhat.com
Signed-off-by: Max Reitz <mreitz@redhat.com>

block/qapi: Plug memory leak on query-block error path

Spotted by Coverity.

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Kevin Wolf <kwolf@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>

raw-posix.c: Make GetBSDPath() handle caching options

Add support for caching options that can be specified from the command
line.

The CD-ROM raw char device bypasses the host page cache and therefore
has alignment requirements. Alignment probing is necessary so only use
the raw char device if BDRV_O_NOCACHE is set.

This patch fixes -cdrom /dev/cdrom on Mac OS X hosts, where bdrv_read()
used to fail due to misaligned requests during image format probing.

Signed-off-by: John Arbuckle <programmingkidx@gmail.com>
Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>

nand: fix flash erase when oob is in memory

For the "main area on file, oob in memory" case, fix the shifts so that
we erase the correct number of pages.

Signed-off-by: Ricard Wanderlöf <ricardw@axis.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>

test-aio: Fix event notifier cleanup

One test case closed an event notifier (event_notifier_cleanup())
without first disabling it (set_event_notifier(..., NULL)). This
resulted in a leftover handle 0 that was added to each subsequent
WaitForMultipleObjects() call, causing the function to fail (invalid
handle).

Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Reviewed-by: Paolo Bonzini <pbonzini@redhat.com>
Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com>

tests/Makefile: Add more dependencies for test-timed-average

'make check' failed to compile the test case for mingw because of
undefined references. Pull in a few more dependencies so that it builds.

Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Reviewed-by: Paolo Bonzini <pbonzini@redhat.com>
Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com>

Merge remote-tracking branch 'remotes/sstabellini/tags/xen-20151125' into staging

Xen 2015/11/25

# gpg: Signature made Wed 25 Nov 2015 11:19:26 GMT using RSA key ID 70E1AE90
# gpg: Good signature from "Stefano Stabellini <stefano.stabellini@eu.citrix.com>"

* remotes/sstabellini/tags/xen-20151125:
xen_disk: Remove ioreq.postsync
xen: fix usage of xc_domain_create in domain builder

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>

Merge remote-tracking branch 'remotes/armbru/tags/pull-ivshmem-2015-11-25' into staging

ivshmem patches for 2.5

# gpg: Signature made Wed 25 Nov 2015 09:25:38 GMT using RSA key ID EB918653
# gpg: Good signature from "Markus Armbruster <armbru@redhat.com>"
# gpg:                 aka "Markus Armbruster <armbru@pond.sub.org>"

* remotes/armbru/tags/pull-ivshmem-2015-11-25:
  ivshmem: Rename property memdev to x-memdev for 2.5
  ivshmem: Mark questionable socket type test FIXME
  tests/ivshmem-test: Supply missing initializer in get_device()
  qemu-doc: Fix ivshmem usage example with shm=...
  qemu-doc: Fix ivshmem example markup

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>

xen_disk: Remove ioreq.postsync

This code has been dead for three years (since commit 7e7b7cba1).

Signed-off-by: Alberto Garcia <berto@igalia.com>
Signed-off-by: Stefano Stabellini <stefano.stabellini@eu.citrix.com>
Reviewed-by: Stefano Stabellini <stefano.stabellini@eu.citrix.com>

ivshmem: Rename property memdev to x-memdev for 2.5

The device's guest interface and its QEMU user interface are
flawed^Whotly debated. We'll resolve that in the next development
cycle, probably by deprecating the device in favour of a cleaned up,
but not quite compatible revision.

To avoid adding more baggage to the soon-to-be-deprecated interface,
mark property "memdev" as experimental, by renaming it to "x-memdev".
It's the only recent user interface change.

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Message-Id: <1448384789-14830-6-git-send-email-armbru@redhat.com>
[Update of qemu-doc.texi squashed in]
Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com>

ivshmem: Mark questionable socket type test FIXME

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com>

tests/ivshmem-test: Supply missing initializer in get_device()

If the device isn't found, the assertion uses dev without
initialization. Fix that.

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Message-Id: <1448384789-14830-4-git-send-email-armbru@redhat.com>
Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com>

qemu-doc: Fix ivshmem usage example with shm=...

The example suggests you can omit "shm". This isn't true; you must
specify exactly one of "shm", "chardev", "memdev". Fix it.

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Message-Id: <1448384789-14830-3-git-send-email-armbru@redhat.com>
Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com>

qemu-doc: Fix ivshmem example markup

Use @var{foo} like we do everywhere else, not <foo>.

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Message-Id: <1448384789-14830-2-git-send-email-armbru@redhat.com>
Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com>

Merge remote-tracking branch 'remotes/lalrae/tags/mips-20151124' into staging

MIPS patches 2015-11-24

Changes:
* Fixes for enabling/disabling 64-bit addressing

# gpg: Signature made Tue 24 Nov 2015 14:54:35 GMT using RSA key ID 0B29DA6B
# gpg: Good signature from "Leon Alrae <leon.alrae@imgtec.com>"

* remotes/lalrae/tags/mips-20151124:
target-mips: flush QEMU TLB when disabling 64-bit addressing
target-mips: Fix exceptions while UX=0

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>

Merge remote-tracking branch 'remotes/pmaydell/tags/pull-target-arm-20151124' into staging

target-arm queue:
* fix minimum RAM check warning on xlnx-ep108
* remove unused define from aarch64-linux-user.mak config
* don't mask out bits [47:40] in ARMv8 LPAE descriptors
* correct unallocated instruction checks for ldst_excl

# gpg: Signature made Tue 24 Nov 2015 14:17:10 GMT using RSA key ID 14360CDE
# gpg: Good signature from "Peter Maydell <peter.maydell@linaro.org>"
# gpg:                 aka "Peter Maydell <pmaydell@gmail.com>"
# gpg:                 aka "Peter Maydell <pmaydell@chiark.greenend.org.uk>"

* remotes/pmaydell/tags/pull-target-arm-20151124:
  target-arm/translate-a64.c: Correct unallocated checks for ldst_excl
  target-arm: Don't mask out bits [47:40] in LPAE descriptors for v8
  default-configs/aarch64-linux-user.mak: Remove unused define
  xlnx-ep108: Fix minimum RAM check

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>

target-arm/translate-a64.c: Correct unallocated checks for ldst_excl

The checks for the unallocated encodings in the ldst_excl group
(exclusives and load-acquire/store-release) were not correct. This
error meant that in turn we ended up with code attempting to handle
the non-existent case of "non-exclusive load-acquire/store-release
pair". Delete that broken and now unreachable code.

Reported-by: Laurent Desnogues <laurent.desnogues@gmail.com>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Laurent Desnogues <laurent.desnogues@gmail.com>
Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com>
Reviewed-by: Sergey Fedorov <serge.fdrv@gmail.com>

target-arm: Don't mask out bits [47:40] in LPAE descriptors for v8

In an LPAE format descriptor in ARMv8 the address field extends
up to bit 47, not just bit 39. Correct the masking so we don't
give incorrect results if the output address size is greater
than 40 bits, as it can be for AArch64.

(Note that we don't yet support the new-in-v8 Address Size fault which
should be generated if any translation table entry or TTBR contains
an address with non-zero bits above the most significant bit of the
maximum output address size.)

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Laurent Desnogues <laurent.desnogues@gmail.com>
Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com>
Message-id: 1448029971-9875-1-git-send-email-peter.maydell@linaro.org

default-configs/aarch64-linux-user.mak: Remove unused define

The uses of the CONFIG_GDBSTUB_XML define were removed in commit
b77abd95a9484c, but the define in aarch64-linux-user.mak somehow
escaped the cull (the patchset probably crossed in the mail with
the patches adding aarch64 support). Remove the stray define.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Laurent Desnogues <laurent.desnogues@gmail.com>
Message-id: 1447690178-4560-1-git-send-email-peter.maydell@linaro.org

xlnx-ep108: Fix minimum RAM check

The minimum RAM check logic for the Xiilnx EP108 was off by one,
which caused a false positive. Correct the logic to only print
warnings when the RAM is below 0x8000000.

Signed-off-by: Alistair Francis <alistair.francis@xilinx.com>
Message-id: fba8112ca7b01efd72553332b8045ecf107b7662.1448021100.git.alistair.francis@xilinx.com
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>

target-mips: flush QEMU TLB when disabling 64-bit addressing

CP0.Status.KX/SX/UX bits are responsible for enabling access to 64-bit
Kernel/Supervisor/User Segments. If bit is cleared an access to
corresponding segment should generate Address Error Exception.

However, the guest may still be able to access some pages belonging to
the disabled 64-bit segment because we forget to flush QEMU TLB.

This patch fixes it.

Signed-off-by: Leon Alrae <leon.alrae@imgtec.com>

target-mips: Fix exceptions while UX=0

Commit 01f728857941 ("target-mips: Status.UX/SX/KX enable 32-bit address
wrapping") added a new hflag MIPS_HFLAG_AWRAP, which indicates that
64-bit addressing is disallowed in the current mode, so hflag users
don't need to worry about the complexities of working that out, for
example checking both MIPS_HFLAG_KSU and MIPS_HFLAG_UX.

However when exceptions are taken outside of exception level,
mips_cpu_do_interrupt() manipulates the env->hflags directly rather than
using compute_hflags() to update them, and this code wasn't updated
accordingly. As a result, when UX is cleared, MIPS_HFLAG_AWRAP is set,
but it doesn't get cleared on entry back into kernel mode due to an
exception. Kernel mode then cannot access the 64-bit segments resulting
in a nested exception loop. The same applies to errors and debug
exceptions.

Fix by updating mips_cpu_do_interrupt() to clear the MIPS_HFLAG_WRAP
flag when necessary, according to compute_hflags().

Fixes: 01f728857941 ("target-mips: Status.UX/SX/KX enable 32-bit...")
Signed-off-by: James Hogan <james.hogan@imgtec.com>
Cc: Leon Alrae <leon.alrae@imgtec.com>
Cc: Aurelien Jarno <aurelien@aurel32.net>
Reviewed-by: Leon Alrae <leon.alrae@imgtec.com>
Signed-off-by: Leon Alrae <leon.alrae@imgtec.com>

Merge remote-tracking branch 'remotes/stefanha/tags/block-pull-request' into staging

# gpg: Signature made Tue 24 Nov 2015 08:04:07 GMT using RSA key ID 81AB73C8
# gpg: Good signature from "Stefan Hajnoczi <stefanha@redhat.com>"
# gpg:                 aka "Stefan Hajnoczi <stefanha@gmail.com>"

* remotes/stefanha/tags/block-pull-request:
  virtio-blk: Move resetting of req->mr_next to virtio_blk_handle_rw_error
  parallels: dirty BAT properly for continuous allocations

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>

virtio-blk: Move resetting of req->mr_next to virtio_blk_handle_rw_error

"werror=report" would free the req in virtio_blk_handle_rw_error, we
mustn't write to it in that case.

Reported-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Fam Zheng <famz@redhat.com>
Message-id: 1448239280-15025-1-git-send-email-famz@redhat.com
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>

parallels: dirty BAT properly for continuous allocations

This patch marks part of the BAT dirty properly. There is a possibility that
multy-block allocation could have one block allocated on one BAT page and
next block on the next page. The code without the patch could not save
updated position to the file.

Signed-off-by: Vladimir Sementsov-Ogievskiy <vsementsov@virtuozzo.com>
Signed-off-by: Denis V. Lunev <den@openvz.org>
Message-id: 1447779778-26062-1-git-send-email-den@openvz.org
CC: Stefan Hajnoczi <stefanha@redhat.com>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>

Merge remote-tracking branch 'remotes/ehabkost/tags/numa-pull-request' into staging

NUMA fix for -rc2

# gpg: Signature made Mon 23 Nov 2015 12:45:34 GMT using RSA key ID 984DC5A6
# gpg: Good signature from "Eduardo Habkost <ehabkost@redhat.com>"

* remotes/ehabkost/tags/numa-pull-request:
hostmem: Ignore ENOSYS while setting MPOL_DEFAULT

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>

Merge remote-tracking branch 'remotes/rth/tags/pull-tcg-20151123' into staging

Last minute fix.

# gpg: Signature made Mon 23 Nov 2015 12:17:26 GMT using RSA key ID 4DD0279B
# gpg: Good signature from "Richard Henderson <rth7680@gmail.com>"
# gpg:                 aka "Richard Henderson <rth@redhat.com>"
# gpg:                 aka "Richard Henderson <rth@twiddle.net>"

* remotes/rth/tags/pull-tcg-20151123:
  tcg: Fix highwater check

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>

hostmem: Ignore ENOSYS while setting MPOL_DEFAULT

Currently hostmem backend fails if CONFIG_NUMA is enabled in QEMU
(the default) but NUMA is not supported by the kernel. This makes
it impossible to use ivshmem in such configurations.

This patch fixes the problem by ignoring ENOSYS error if policy is set to
MPOL_DEFAULT. This way the code behaves in the same way as if CONFIG_NUMA
was not defined. qemu will still fail if the user specifies some other
policy, so that the user knows it.

Signed-off-by: Pavel Fedin <p.fedin@samsung.com>
Reviewed-by: Eduardo Habkost <ehabkost@redhat.com>
Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>

tcg: Fix highwater check

A simple typo in the variable to use when comparing vs the highwater mark.
Reports are that qemu can in fact segfault occasionally due to this mistake.

Signed-off-by: John Clarke <johnc@kirriwa.net>
Signed-off-by: Richard Henderson <rth@twiddle.net>

Update version for v2.5.0-rc1 release

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>

tests: fix cdrom_pio_impl in ide-test

The check for the cleared BSY flag has to be performed
before each data transfer and not just before the
first one.

Commit 5f81724d revealed this glitch as the BSY flag
was not set in ATAPI PIO transfers before.

While at it fix the descriptions and add a comment before
the nested for loop that transfers the data.

Signed-off-by: Peter Lieven <pl@kamp.de>
Message-id: 1448029742-19771-1-git-send-email-pl@kamp.de
Reviewed-by: Kevin Wolf <kwolf@redhat.com>
Reviewed-by: John Snow <jsnow@redhat.com>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>

Merge remote-tracking branch 'remotes/afaerber/tags/qom-devices-for-peter' into staging

QOM infrastructure fixes and device conversions

* Fix for properties on objects > 4 GiB
* Performance improvements for QOM property handling
* Assertion cleanups
* MAINTAINERS additions

# gpg: Signature made Thu 19 Nov 2015 14:32:16 GMT using RSA key ID 3E7E013F
# gpg: Good signature from "Andreas Färber <afaerber@suse.de>"
# gpg:                 aka "Andreas Färber <afaerber@suse.com>"

* remotes/afaerber/tags/qom-devices-for-peter:
  MAINTAINERS: Add check-qom-{interface,proplist} to QOM
  qom: Clean up assertions to display values on failure
  qom: Replace object property list with GHashTable
  qom: Add a test case for complex property finalization
  net: Convert net filter code to use object property iterators
  ppc: Convert spapr code to use object property iterators
  vl: Convert machine help code to use object property iterators
  qmp: Convert QMP code to use object property iterators
  qom: Introduce ObjectPropertyIterator struct for iteration
  qdev: Change Property::offset field to ptrdiff_t type

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>

Merge remote-tracking branch 'remotes/mst/tags/for_upstream' into staging

vhost, pc: fixes for 2.5

Fixes all over the place.

This also re-enables a test we disabled in 2.5 cycle
now that there's a way not to get a warning from it.

Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
# gpg: Signature made Thu 19 Nov 2015 13:27:43 GMT using RSA key ID D28D5469
# gpg: Good signature from "Michael S. Tsirkin <mst@kernel.org>"
# gpg:                 aka "Michael S. Tsirkin <mst@redhat.com>"

* remotes/mst/tags/for_upstream:
  exec: silence hugetlbfs warning under qtest
  tests: re-enable vhost-user-test
  acpi: fix buffer overrun on migration
  vhost-user: fix log size
  vhost-user: ignore qemu-only features
  specs/vhost-user: fix spec to match reality
  tests/vhost-user-bridge: implement logging of dirty pages
  i440fx: print an error message if user tries to enable iommu
  q35: Check propery to determine if iommu is set
  vhost-user: start/stop all rings
  vhost-user: print original request on error
  vhost-user-test: support VHOST_USER_SET_VRING_ENABLE
  vhost-user: update spec description
  vhost: don't send RESET_OWNER at stop
  vhost: let SET_VRING_ENABLE message depends on protocol feature

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>

Merge remote-tracking branch 'remotes/pmaydell/tags/pull-target-arm-20151119' into staging

target-arm queue:
* add missing condexec updates when emulating architectural breakpoints
   and coprocessor access checks in Thumb translation (could in theory
   cause problems when these happened inside a Thumb IT block and an
   exception was taken)
* arm_gic: correctly restore nested IRQ priority

# gpg: Signature made Thu 19 Nov 2015 13:29:37 GMT using RSA key ID 14360CDE
# gpg: Good signature from "Peter Maydell <peter.maydell@linaro.org>"
# gpg:                 aka "Peter Maydell <pmaydell@gmail.com>"
# gpg:                 aka "Peter Maydell <pmaydell@chiark.greenend.org.uk>"

* remotes/pmaydell/tags/pull-target-arm-20151119:
  target-arm: Update condexec before arch BP check in AA32 translation
  target-arm: Update condexec before CP access check in AA32 translation
  hw/arm_gic: Correctly restore nested irq priority

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>

Merge remote-tracking branch 'remotes/juanquintela/tags/migration/20151119' into staging

migration/next for 20151119

# gpg: Signature made Thu 19 Nov 2015 11:17:07 GMT using RSA key ID 5872D723
# gpg: Good signature from "Juan Quintela <quintela@redhat.com>"
# gpg:                 aka "Juan Quintela <quintela@trasno.org>"

* remotes/juanquintela/tags/migration/20151119:
  migration: normalize locking in migration/savevm.c
  migration: implement bdrv_all_find_vmstate_bs helper
  migration: reorder processing in hmp_savevm
  snapshot: create bdrv_all_create_snapshot helper
  migration: drop find_vmstate_bs check in hmp_delvm
  snapshot: create bdrv_all_find_snapshot helper
  migration: factor our snapshottability check in load_vmstate
  snapshot: create bdrv_all_goto_snapshot helper
  snapshot: create bdrv_all_delete_snapshot helper
  snapshot: return error code from bdrv_snapshot_delete_by_id_or_name
  snapshot: create helper to test that block drivers supports snapshots
  Unneeded NULL check
  migration: Dead assignment of current_time
  Set last_sent_block

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>

MAINTAINERS: Add check-qom-{interface,proplist} to QOM

Add the QOM unit tests to the QOM maintenance area so that maintainers
get CC'ed on changes and to document QOM test coverage.

Reviewed-by: Daniel P. Berrange <berrange@redhat.com>
Reviewed-by: Igor Mammedov <imammedo@redhat.com>
Signed-off-by: Andreas Färber <afaerber@suse.de>

qom: Clean up assertions to display values on failure

Instead of using g_assert() for integer comparisons, use
g_assert_cmpint() so that we can see the respective values.

While at it, fix one stray indentation.

Reviewed-by: Daniel P. Berrange <berrange@redhat.com>
Signed-off-by: Andreas Färber <afaerber@suse.de>

qom: Replace object property list with GHashTable

ARM GICv3 systems with large number of CPUs create lots of IRQ pins. Since
every pin is represented as a property, number of these properties becomes
very large. Every property add first makes sure there's no duplicates.
Traversing the list becomes very slow, therefore QEMU initialization takes
significant time (several seconds for e. g. 16 CPUs).

This patch replaces list with GHashTable, making lookup very fast. The only
drawback is that object_child_foreach() and object_child_foreach_recursive()
cannot add or remove properties during traversal, since GHashTableIter does
not have modify-safe version. However, the code seems not to modify objects
via these functions.

Signed-off-by: Pavel Fedin <p.fedin@samsung.com>
Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
Tested-by: Pavel Fedin <p.fedin@samsung.com>
[AF: Fixed object_property_del_{all,child}() issues;
g_hash_table_contains() -> g_hash_table_lookup(), suggested by Daniel]
Reviewed-by: Daniel P. Berrange <berrange@redhat.com>
Signed-off-by: Andreas Färber <afaerber@suse.de>

exec: silence hugetlbfs warning under qtest

vhost-user-test prints a warning. A test should not need to run on
hugetlbfs, let's silence the warning under qtest. The
condition can't check on qtest_enabled() since vhost-user-test actually
doesn't use qtest accel. However, qtest_driver() can be used, if
qtest_init() is called early enough. For that reason, move chardev and
qtest initialization early.

Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>

tests: re-enable vhost-user-test

Commit 7fe34ca9c2e actually disabled vhost-user-test altogether,
since CONFIG_VHOST_NET is a per-target config variable.

tests/vhost-user-test is already x86/x64 softmmu specific test, in order
to enable it correctly, kvm & vhost-net are also conditions. To check
that, set CONFIG_VHOST_NET_TEST_$target when kvm is also enabled.

Since "check-qtest-x86_64-y = $(check-qtest-i386-y)", avoid duplication
when both x86 & x64 are enabled.

Other targets than x86 aren't enabled yet, and is intentionally left as
a future improvement, since I can't easily test those.

Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>

acpi: fix buffer overrun on migration

ich calls acpi_gpe_init with length ICH9_PMIO_GPE0_LEN so
ICH9_PMIO_GPE0_LEN/2 bytes are allocated, but then the full
ICH9_PMIO_GPE0_LEN bytes are migrated.

As a quick work-around, allocate twice the memory.
We'll probably want to tweak code to avoid
migrating the extra ICH9_PMIO_GPE0_LEN/2 bytes,
but that is a bit trickier to do without breaking
migration compatibility.

Tested-by: "Dr. David Alan Gilbert" <dgilbert@redhat.com>
Reported-by: "Dr. David Alan Gilbert" <dgilbert@redhat.com>
Cc: qemu-stable@nongnu.org
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>

target-arm: Update condexec before arch BP check in AA32 translation

Architectural breakpoint check could raise an exceptions, thus condexec
bits should be updated before calling gen_helper_check_breakpoints().

Signed-off-by: Sergey Fedorov <serge.fdrv@gmail.com>
Message-id: 1447767527-21268-3-git-send-email-serge.fdrv@gmail.com
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>

target-arm: Update condexec before CP access check in AA32 translation

Coprocessor access instructions are allowed inside IT block.
gen_helper_access_check_cp_reg() can raise an exceptions thus condexec
bits should be updated before.

Signed-off-by: Sergey Fedorov <serge.fdrv@gmail.com>
Message-id: 1447767527-21268-2-git-send-email-serge.fdrv@gmail.com
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>

hw/arm_gic: Correctly restore nested irq priority

Upon activating an interrupt, set the corresponding priority bit in the
APR/NSAPR registers without touching the currently set bits. In the event
of nested interrupts, the GIC will then have the information it needs to
restore the priority of the pre-empted interrupt once the higher priority
interrupt finishes execution.

Signed-off-by: François Baldassari <francois@pebble.com>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>

migration: normalize locking in migration/savevm.c

basically all bdrv_* operations must be called under aio_context_acquire
except ones with bdrv_all prefix.

Signed-off-by: Denis V. Lunev <den@openvz.org>
Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com>
Reviewed-by: Fam Zheng <famz@redhat.com>
CC: Juan Quintela <quintela@redhat.com>
CC: Kevin Wolf <kwolf@redhat.com>
Tested-by: Greg Kurz <gkurz@linux.vnet.ibm.com>
Signed-off-by: Juan Quintela <quintela@redhat.com>

migration: implement bdrv_all_find_vmstate_bs helper

The patch also ensures proper locking for the operation.

Signed-off-by: Denis V. Lunev <den@openvz.org>
Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com>
Reviewed-by: Fam Zheng <famz@redhat.com>
Reviewed-by: Juan Quintela <quintela@redhat.com>
CC: Kevin Wolf <kwolf@redhat.com>
Tested-by: Greg Kurz <gkurz@linux.vnet.ibm.com>
Signed-off-by: Juan Quintela <quintela@redhat.com>

migration: reorder processing in hmp_savevm

State deletion can be performed on running VM which reduces VM downtime
This approach looks a bit more natural.

Signed-off-by: Denis V. Lunev <den@openvz.org>
Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com>
Reviewed-by: Fam Zheng <famz@redhat.com>
Reviewed-by: Juan Quintela <quintela@redhat.com>
Tested-by: Greg Kurz <gkurz@linux.vnet.ibm.com>
Signed-off-by: Juan Quintela <quintela@redhat.com>

snapshot: create bdrv_all_create_snapshot helper

to create snapshot for all loaded block drivers.

The patch also ensures proper locking.

Signed-off-by: Denis V. Lunev <den@openvz.org>
Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com>
Reviewed-by: Fam Zheng <famz@redhat.com>
Reviewed-by: Juan Quintela <quintela@redhat.com>
CC: Kevin Wolf <kwolf@redhat.com>
Tested-by: Greg Kurz <gkurz@linux.vnet.ibm.com>
Signed-off-by: Juan Quintela <quintela@redhat.com>

migration: drop find_vmstate_bs check in hmp_delvm

There is no much sense to do the check and write warning.

Signed-off-by: Denis V. Lunev <den@openvz.org>
Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com>
Reviewed-by: Fam Zheng <famz@redhat.com>
Reviewed-by: Juan Quintela <quintela@redhat.com>
Tested-by: Greg Kurz <gkurz@linux.vnet.ibm.com>
Signed-off-by: Juan Quintela <quintela@redhat.com>

snapshot: create bdrv_all_find_snapshot helper

to check that snapshot is available for all loaded block drivers.
The check bs != bs1 in hmp_info_snapshots is an optimization. The check
for availability of this snapshot will return always true as the list
of snapshots was collected from that image.

The patch also ensures proper locking.

Signed-off-by: Denis V. Lunev <den@openvz.org>
Reviewed-by: Fam Zheng <famz@redhat.com>
Reviewed-by: Juan Quintela <quintela@redhat.com>
CC: Stefan Hajnoczi <stefanha@redhat.com>
CC: Kevin Wolf <kwolf@redhat.com>
Tested-by: Greg Kurz <gkurz@linux.vnet.ibm.com>
Signed-off-by: Juan Quintela <quintela@redhat.com>

migration: factor our snapshottability check in load_vmstate

We should check that all inserted and not read-only images support
snapshotting. This could be made using already invented helper
bdrv_all_can_snapshot().

Signed-off-by: Denis V. Lunev <den@openvz.org>
Reviewed-by: Juan Quintela <quintela@redhat.com>
Reviewed-by: Fam Zheng <famz@redhat.com>
CC: Stefan Hajnoczi <stefanha@redhat.com>
CC: Kevin Wolf <kwolf@redhat.com>
Tested-by: Greg Kurz <gkurz@linux.vnet.ibm.com>
Signed-off-by: Juan Quintela <quintela@redhat.com>

snapshot: create bdrv_all_goto_snapshot helper

to switch to snapshot on all loaded block drivers.

The patch also ensures proper locking.

Signed-off-by: Denis V. Lunev <den@openvz.org>
Reviewed-by: Greg Kurz <gkurz@linux.vnet.ibm.com>
Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com>
Reviewed-by: Fam Zheng <famz@redhat.com>
Reviewed-by: Juan Quintela <quintela@redhat.com>
CC: Kevin Wolf <kwolf@redhat.com>
Tested-by: Greg Kurz <gkurz@linux.vnet.ibm.com>
Signed-off-by: Juan Quintela <quintela@redhat.com>

snapshot: create bdrv_all_delete_snapshot helper

to delete snapshots from all loaded block drivers.

The patch also ensures proper locking.

Signed-off-by: Denis V. Lunev <den@openvz.org>
Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com>
Reviewed-by: Fam Zheng <famz@redhat.com>
Reviewed-by: Juan Quintela <quintela@redhat.com>
CC: Kevin Wolf <kwolf@redhat.com>
Tested-by: Greg Kurz <gkurz@linux.vnet.ibm.com>
Signed-off-by: Juan Quintela <quintela@redhat.com>

snapshot: return error code from bdrv_snapshot_delete_by_id_or_name

this will make code better in the next patch

Signed-off-by: Denis V. Lunev <den@openvz.org>
Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com>
Reviewed-by: Fam Zheng <famz@redhat.com>
Reviewed-by: Juan Quintela <quintela@redhat.com>
CC: Kevin Wolf <kwolf@redhat.com>
Tested-by: Greg Kurz <gkurz@linux.vnet.ibm.com>
Signed-off-by: Juan Quintela <quintela@redhat.com>

snapshot: create helper to test that block drivers supports snapshots

The patch enforces proper locking for this operation.

Signed-off-by: Denis V. Lunev <den@openvz.org>
Reviewed-by: Greg Kurz <gkurz@linux.vnet.ibm.com>
Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com>
Reviewed-by: Fam Zheng <famz@redhat.com>
Reviewed-by: Juan Quintela <quintela@redhat.com>
CC: Kevin Wolf <kwolf@redhat.com>
Tested-by: Greg Kurz <gkurz@linux.vnet.ibm.com>
Signed-off-by: Juan Quintela <quintela@redhat.com>

Unneeded NULL check

The check is unneccesary, we read the value at the start of the
thread, use it, and never change it. The value is checked to be
non-NULL before thread creation.

Spotted by coverity, CID 1339211

Signed-off-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
Signed-off-by: Juan Quintela <quintela@redhat.com>

migration: Dead assignment of current_time

I set current_time before the postcopy test but never use it;
(I think this was from the original version where it was time based).
Spotted by coverity, CID 1339208

Signed-off-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
Signed-off-by: Juan Quintela <quintela@redhat.com>

Set last_sent_block

In a82d593b61054b3dea43 I accidentally removed the setting of
last_sent_block,  put it back.

Symptoms:
  Multithreaded compression only uses one thread.
  Migration is a bit less efficient since it won't use 'cont' flags.

Signed-off-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
Fixes: a82d593b61054b3dea43
Signed-off-by: Juan Quintela <quintela@redhat.com>

qom: Add a test case for complex property finalization

Devices have some quite complex object child/link relationships
which place some requirements on the object_property_del_all()
function to consider that properties can be modified while
being iterated over.

This extends the QOM property test case to replicate the
device like structure and expose any potential bugs in the
object_property_del_all() function.

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
Signed-off-by: Andreas Färber <afaerber@suse.de>

net: Convert net filter code to use object property iterators

Stop directly accessing the Object::properties field data
structure and instead use the formal object property iterator
APIs. This insulates the code from future data structure
changes in the Object struct.

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
Tested-by: Pavel Fedin <p.fedin@samsung.com>
Signed-off-by: Andreas Färber <afaerber@suse.de>

ppc: Convert spapr code to use object property iterators

Stop directly accessing the Object::properties field data
structure and instead use the formal object property iterator
APIs. This insulates the code from future data structure
changes in the Object struct.

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
Tested-by: Pavel Fedin <p.fedin@samsung.com>
Signed-off-by: Andreas Färber <afaerber@suse.de>

vl: Convert machine help code to use object property iterators

Stop directly accessing the Object::properties field data
structure and instead use the formal object property iterator
APIs. This insulates the code from future data structure
changes in the Object struct.

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
Tested-by: Pavel Fedin <p.fedin@samsung.com>
Signed-off-by: Andreas Färber <afaerber@suse.de>

qmp: Convert QMP code to use object property iterators

Stop directly accessing the Object::properties field data
structure and instead use the formal object property iterator
APIs. This insulates the code from future data structure
changes in the Object struct.

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
Tested-by: Pavel Fedin <p.fedin@samsung.com>
Signed-off-by: Andreas Färber <afaerber@suse.de>

qom: Introduce ObjectPropertyIterator struct for iteration

Some users of QOM need to be able to iterate over properties
defined against an object instance. Currently they are just
directly using the QTAIL macros against the object properties
data structure.

This is bad because it exposes them to changes in the data
structure used to store properties, as well as changes in
functionality such as ability to register properties against
the class.

This provides an ObjectPropertyIterator struct which will
insulate the callers from the particular data structure
used to store properties. It can be used thus

  ObjectProperty *prop;
  ObjectPropertyIterator *iter;

  iter = object_property_iter_init(obj);
  while ((prop = object_property_iter_next(iter))) {
      ... do something with prop ...
  }
  object_property_iter_free(iter);

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
Tested-by: Pavel Fedin <p.fedin@samsung.com>
[AF: Fixed examples, style cleanups]
Signed-off-by: Andreas Färber <afaerber@suse.de>

qdev: Change Property::offset field to ptrdiff_t type

Property::offset field is calculated as a diff between two pointers:

arrayprop->prop.offset = eltptr - (void *)dev;

If offset is declared as int, this subtraction can cause type overflow,
thus leading to failure of the subsequent assertion:

assert(qdev_get_prop_ptr(dev, &arrayprop->prop) == eltptr);

So ptrdiff_t should be used instead.

Signed-off-by: Ildar Isaev <ild@inbox.ru>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Andreas Färber <afaerber@suse.de>

Merge remote-tracking branch 'remotes/kevin/tags/for-upstream' into staging

Block layer patches

# gpg: Signature made Wed 18 Nov 2015 15:28:32 GMT using RSA key ID C88F2FD6
# gpg: Good signature from "Kevin Wolf <kwolf@redhat.com>"

* remotes/kevin/tags/for-upstream:
  block: Call external_snapshot_clean after blockdev-snapshot
  blockdev: Add missing bdrv_unref() in drive-backup
  iotests: fix race in 030
  nand: fix address overflow

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>

vhost-user: fix log size

commit 2b8819c6eee517c1582983773f8555bb3f9ed645
("vhost-user: modify SET_LOG_BASE to pass mmap size and offset")
passes log size in units of 4 byte chunks instead of the
expected size in bytes.

Fix this up.

Signed-off-by: Michael S. Tsirkin <mst@redhat.com>

vhost-user: ignore qemu-only features

Some features (such as ctrl vq) are supported
by qemu without need to communicate with the
backend.

Drop them from the feature mask so we set them
unconditionally.

Reported-by: Victor Kaplansky <vkaplans@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>

Merge remote-tracking branch 'remotes/berrange/tags/qcrypto-fixes-20151118-1' into staging

Pull qcrypto fixes 2015/11/18 v1

# gpg: Signature made Wed 18 Nov 2015 15:44:07 GMT using RSA key ID 15104FDF
# gpg: Good signature from "Daniel P. Berrange <dan@berrange.com>"
# gpg:                 aka "Daniel P. Berrange <berrange@redhat.com>"

* remotes/berrange/tags/qcrypto-fixes-20151118-1:
  crypto: avoid passing NULL to access() syscall
  crypto: fix leaks in TLS x509 helper functions
  crypto: fix mistaken setting of Error in success code path
  crypto: fix leak of gnutls_dh_params_t data on credential unload

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>

crypto: avoid passing NULL to access() syscall

The qcrypto_tls_creds_x509_sanity_check() checks whether
certs exist by calling access(). It is valid for this
method to be invoked with certfile==NULL though, since
for client credentials the cert is optional. This caused
it to call access(NULL), which happens to be harmless on
current Linux, but should none the less be avoided.

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>

Merge remote-tracking branch 'mreitz/tags/pull-block-for-kevin-2015-11-18' into queue-block

One block patch for qemu 2.5-rc1.

# gpg: Signature made Wed Nov 18 16:26:59 2015 CET using RSA key ID E838ACAD
# gpg: Good signature from "Max Reitz <mreitz@redhat.com>"

* mreitz/tags/pull-block-for-kevin-2015-11-18:
block: Call external_snapshot_clean after blockdev-snapshot

Signed-off-by: Kevin Wolf <kwolf@redhat.com>

block: Call external_snapshot_clean after blockdev-snapshot

Otherwise the AioContext will never be released.

Signed-off-by: Alberto Garcia <berto@igalia.com>
Message-id: 1447419624-21918-1-git-send-email-berto@igalia.com
Reviewed-by: Fam Zheng <famz@redhat.com>
Signed-off-by: Max Reitz <mreitz@redhat.com>

blockdev: Add missing bdrv_unref() in drive-backup

All error paths after a successful bdrv_open() of target_bs should
contain a bdrv_unref(target_bs). This one did not yet, so add it.

Signed-off-by: Max Reitz <mreitz@redhat.com>
Reviewed-by: Alberto Garcia <berto@igalia.com>
Reviewed-by: Kevin Wolf <kwolf@redhat.com>
Reviewed-by: Fam Zheng <famz@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>

crypto: fix leaks in TLS x509 helper functions

The test_tls_get_ipaddr() method forgot to free the returned data
from getaddrinfo().

The test_tls_write_cert_chain() method forgot to free the allocated
buffer holding the certificate data after writing it out to a file.

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>

crypto: fix mistaken setting of Error in success code path

The qcrypto_tls_session_check_certificate() method was setting
an Error even when the ACL check suceeded. This didn't affect
the callers detection of errors because they relied on the
function return status, but this did cause a memory leak since
the caller would not free an Error they did not expect to be
set.

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>

crypto: fix leak of gnutls_dh_params_t data on credential unload

The QCryptoTLSCredsX509 object was not free'ing the allocated
gnutls_dh_params_t data when unloading the credentials

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>

iotests: fix race in 030

the stop_test case tests that we can resume a block-stream
command after it has stopped/paused due to error. We cannot
always reliably query it before it finishes after resume, though,
so make this a conditional.

The important thing is that we are still testing that it has stopped,
and that it finishes successfully after we send a resume command.

Signed-off-by: John Snow <jsnow@redhat.com>
Reviewed-by: Fam Zheng <famz@redhat.com>
Reviewed-by: Alberto Garcia <berto@igalia.com>
Reviewed-by: Jeff Cody <jcody@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>

nand: fix address overflow

The shifts of the address mask and value shift beyond 32 bits when there
are 5 address cycles.

Cc: qemu-stable@nongnu.org
Signed-off-by: Rabin Vincent <rabin.vincent@axis.com>
Reviewed-by: Paolo Bonzini <pbonzini@redhat.com>
Reviewed-by: Peter Crosthwaite <crosthwaite.peter@gmail.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>

Merge remote-tracking branch 'remotes/mdroth/tags/qga-pull-2015-11-13-v2-tag' into staging

qemu-ga patch queue for 2.5

* fixes for guest-exec gspawn() usage:
  - inherit default lookup path by default instead of
    explicitly defining it as being empty.
  - don't inherit default PATH when PATH/ENV are explicit

v2:

* added fix for w32 'make install' target
* added version check for new g_spawn() flag

# gpg: Signature made Tue 17 Nov 2015 22:33:03 GMT using RSA key ID F108B584
# gpg: Good signature from "Michael Roth <flukshun@gmail.com>"
# gpg:                 aka "Michael Roth <mdroth@utexas.edu>"
# gpg:                 aka "Michael Roth <mdroth@linux.vnet.ibm.com>"

* remotes/mdroth/tags/qga-pull-2015-11-13-v2-tag:
  makefile: fix w32 install target for qemu-ga
  qga: allow to lookup in PATH from the passed envp for guest-exec
  qga: fix for default env processing for guest-exec

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>

Merge remote-tracking branch 'remotes/jnsnow/tags/ide-pull-request' into staging

# gpg: Signature made Tue 17 Nov 2015 20:06:58 GMT using RSA key ID AAFC390E
# gpg: Good signature from "John Snow (John Huston) <jsnow@redhat.com>"

* remotes/jnsnow/tags/ide-pull-request:
  ide: enable buffered requests for PIO read requests
  ide: enable buffered requests for ATAPI devices
  ide: orphan all buffered requests on DMA cancel
  ide: add support for IDEBufferedRequest
  block: add blk_abort_aio_request
  ide/atapi: make PIO read requests async

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>

makefile: fix w32 install target for qemu-ga

fafcaf1 added a 'qemu-ga' install target on w32, which can be used
in place of the existing qemu-ga.exe target to also handle dealing
with other components such as DLLs for VSS/fsfreeze and generating
an MSI package if appropriate configure options are present.

As part of that, qemu-ga$(EXESUF) was removed from $TOOLS in favor
of this new qemu-ga target.

The install rule however relies on a direct mapping of the $TOOLS
entry to the actual resulting binary. In the case of w32, qemu-ga
is not identical to qemu-ga$(EXESUF), and the install recipe fails
to find the 'qemu-ga' binary.

Fix this by essentially remapping 'qemu-ga' back to 'qemu-ga.exe'
in the install recipe.

This raises the question of whether or not qemu-ga should continue
to live in TOOLS as opposed to its own special target, but as a
late fix for a regression in 2.5 this commit should be safer, since
we rely on qemu-ga's presence in $TOOLS in several places throughout
Makefile.

Reported-by: Stefan Weil <sw@weilnetz.de>
Cc: Paolo Bonzini <pbonzini@redhat.com>
Reviewed-by: Stefan Weil <sw@weilnetz.de>
Signed-off-by: Michael Roth <mdroth@linux.vnet.ibm.com>

qga: allow to lookup in PATH from the passed envp for guest-exec

This was original behaviour before GLIB gspawn() rework and we rely on
this behaviour.

Signed-off-by: Yuri Pudgorodskiy <yur@virtuozzo.com>
Signed-off-by: Denis V. Lunev <den@openvz.org>
CC: Michael Roth <mdroth@linux.vnet.ibm.com>
* add version check (2.33.2) for G_SPAWN_SEARCH_PATH_FROM_ENVP
Signed-off-by: Michael Roth <mdroth@linux.vnet.ibm.com>

qga: fix for default env processing for guest-exec

envp == NULL must be passed inside gspawn() if it was not passed with
the command line. Original code inherits environment from the QGA,
which is wrong.

Signed-off-by: Yuri Pudgorodskiy <yur@virtuozzo.com>
Signed-off-by: Denis V. Lunev <den@openvz.org>
CC: Michael Roth <mdroth@linux.vnet.ibm.com>
Signed-off-by: Michael Roth <mdroth@linux.vnet.ibm.com>

Merge remote-tracking branch 'remotes/ehabkost/tags/x86-pull-request' into staging

X86 fixes, 2015-11-17

Two X86 fixes, hopefully in time for -rc1.

# gpg: Signature made Tue 17 Nov 2015 19:06:53 GMT using RSA key ID 984DC5A6
# gpg: Good signature from "Eduardo Habkost <ehabkost@redhat.com>"

* remotes/ehabkost/tags/x86-pull-request:
target-i386: Disable rdtscp on Opteron_G* CPU models
target-i386: Fix mulx for identical target regs

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>

ide: enable buffered requests for PIO read requests

Signed-off-by: Peter Lieven <pl@kamp.de>
Reviewed-by: Fam Zheng <famz@redhat.com>
Message-id: 1447345846-15624-7-git-send-email-pl@kamp.de
Signed-off-by: John Snow <jsnow@redhat.com>

ide: enable buffered requests for ATAPI devices

Signed-off-by: Peter Lieven <pl@kamp.de>
Reviewed-by: Fam Zheng <famz@redhat.com>
Message-id: 1447345846-15624-6-git-send-email-pl@kamp.de
Signed-off-by: John Snow <jsnow@redhat.com>

ide: orphan all buffered requests on DMA cancel

If the guests canceles a DMA request we can prematurely
invoke all callbacks of buffered requests and flag all them
as orphaned. Ideally this avoids the need for draining all
requests. For CDROM devices this works in 100% of all cases.

Signed-off-by: Peter Lieven <pl@kamp.de>
Reviewed-by: Fam Zheng <famz@redhat.com>
Message-id: 1447345846-15624-5-git-send-email-pl@kamp.de
Signed-off-by: John Snow <jsnow@redhat.com>

ide: add support for IDEBufferedRequest

this patch adds a new aio readv compatible function which copies
all data through a bounce buffer. These buffered requests can be
flagged as orphaned which means that their original callback has
already been invoked and the request has just not been completed
by the backend storage. The bounce buffer guarantees that guest
memory corruption is avoided when such a orphaned request is
completed by the backend at a later stage.

This trick only works for read requests as a write request completed
at a later stage might corrupt data as there is no way to control
if and what data has already been written to the storage.

Signed-off-by: Peter Lieven <pl@kamp.de>
Reviewed-by: Fam Zheng <famz@redhat.com>
Message-id: 1447345846-15624-4-git-send-email-pl@kamp.de
Signed-off-by: John Snow <jsnow@redhat.com>

block: add blk_abort_aio_request

Signed-off-by: Peter Lieven <pl@kamp.de>
Reviewed-by: Fam Zheng <famz@redhat.com>
Message-id: 1447345846-15624-3-git-send-email-pl@kamp.de
Signed-off-by: John Snow <jsnow@redhat.com>

ide/atapi: make PIO read requests async

PIO read requests on the ATAPI interface used to be sync blk requests.
This has two significant drawbacks. First the main loop hangs util an
I/O request is completed and secondly if the I/O request does not
complete (e.g. due to an unresponsive storage) Qemu hangs completely.

Note: Due to possible race conditions requests during an ongoing
elementary transfer are still sync.

Signed-off-by: Peter Lieven <pl@kamp.de>
Reviewed-by: John Snow <jsnow@redhat.com>
Message-id: 1447345846-15624-2-git-send-email-pl@kamp.de
Signed-off-by: John Snow <jsnow@redhat.com>

target-i386: Disable rdtscp on Opteron_G* CPU models

KVM can't virtualize rdtscp on AMD CPUs yet, so there's no point
in enabling it by default on AMD CPU models, as all we are
getting are confused users because of the "host doesn't support
requested feature" warnings.

Disable rdtscp on Opteron_G* models, but keep compatibility on
pc-*-2.4 and older (just in case there are people are doing funny
stuff using AMD CPU models on Intel hosts).

Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>