review.tizen.org Git - sdk/emulator/qemu.git/log

exec: remove code duplication in qemu_ram_alloc() and qemu_ram_alloc_from_ptr()

Since most of the code in qemu_ram_alloc() and
qemu_ram_alloc_from_ptr() are duplicated, let
qemu_ram_alloc_from_ptr() to switch by checking void *host, and change
qemu_ram_alloc() to a wrapper.

Signed-off-by: Yoshiaki Tamura <tamura.yoshiaki@lab.ntt.co.jp>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>

exec: replace tabs by spaces.

Signed-off-by: Yoshiaki Tamura <tamura.yoshiaki@lab.ntt.co.jp>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>

arch_init: replace tabs by spaces.

Signed-off-by: Yoshiaki Tamura <tamura.yoshiaki@lab.ntt.co.jp>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>

pckbd: support for commands 0xf0-0xff: Pulse output bit

I have a guest OS which sends the command 0xfd to the keyboard
controller during initialization. To get rid of the message
"qemu: unsupported keyboard cmd=0x%02x\n" I added support for
the pulse output bit commands.

I found the following explanation here:
http://www.win.tue.nl/~aeb/linux/kbd/scancodes-11.html#ss11.3

Command 0xf0-0xff: Pulse output bit
Bits 3-0 of the output port P2 of the keyboard controller may
be pulsed low for approximately 6 µseconds. Bits 3-0 of this
command specify the output port bits to be pulsed. 0: Bit should
be pulsed. 1: Bit should not be modified. The only useful version
of this command is Command 0xfe.
(For MCA, replace 3-0 by 1-0 in the above.)

Command 0xfe: System reset
Pulse bit 0 of the output port P2 of the keyboard controller.
This will reset the CPU.

Signed-off-by: Bernhard Kohl <bernhard.kohl@nsn.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>

Replace qemu_malloc + memset with qemu_mallocz

Replace a qemu_malloc call, followed by a memset, with qemu_mallocz.

Found with this Coccinelle semantic patch, adapted from
Coccinelle test package rule 94:
@@
type T;
expression x;
expression E;
@@

- x = (T)qemu_malloc(E)
+ x = qemu_mallocz(E)
...
(
- memset(x,0,E);
|
- memset(x,0,sizeof(*x));
)

Some files (tests/*) had to be filtered out.

Signed-off-by: Blue Swirl <blauwirbel@gmail.com>

Use ARRAY_SIZE macro

Replace array size calculations with ARRAY_SIZE macro.

Implemented with this Coccinelle semantic patch, adapted from
Linux kernel:
@@
type T;
T[] E;
@@

- (sizeof(E)/sizeof(*E))
+ ARRAY_SIZE(E)

@@
type T;
T[] E;
@@

- (sizeof(E)/sizeof(E[...]))
+ ARRAY_SIZE(E)

@@
type T;
T[] E;
@@

- (sizeof(E)/sizeof(T))
+ ARRAY_SIZE(E)

Some files (*-dis.c, tests/*) had to be filtered out.

Signed-off-by: Blue Swirl <blauwirbel@gmail.com>

Remove useless NULL check for qemu_strdup return value

Found with this Coccinelle semantic patch:
@@
expression E;
identifier ptr;
identifier fn ~= "qemu_strn?dup";
@@

-ptr = fn(E);
-if (ptr == NULL) { ... }
-
+ptr = fn(E);

Signed-off-by: Blue Swirl <blauwirbel@gmail.com>

Remove useless NULL checks for qemu_malloc return value

Found with this Coccinelle semantic patch:
@@
expression E;
identifier ptr;
identifier fn ~= "qemu_mallocz*";
@@

-ptr = fn(E);
-if (ptr == NULL) { ... }
-
+ptr = fn(E);

Signed-off-by: Blue Swirl <blauwirbel@gmail.com>

savevm: Reset last block info at beginning of each save

If we save more than once we need to reset the last block info or else
only the first save has the actual block info and each subsequent save
will only use continue flags, making them unloadable independently.

Found-by: Miguel Di Ciurcio Filho <miguel.filho@gmail.com>
Signed-off-by: Alex Williamson <alex.williamson@redhat.com>
Acked-by: Glauber Costa <glommer@redhat.com>
Signed-off-by: Luiz Capitulino <lcapitulino@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>

set proper migration status on ->write error (v5)

If ->write fails, declare migration status as MIG_STATE_ERROR.

Also, in buffered_file.c, ->close the object in case of an
error.

Fixes "migrate -d "exec:dd of=file", where dd fails to open file.

Signed-off-by: Marcelo Tosatti <mtosatti@redhat.com>
Signed-off-by: Luiz Capitulino <lcapitulino@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>

rtc: Remove TARGET_I386 from qemu-config.c, enables driftfix

qemu-config.c doesn't contain any target-specific code, and the
TARGET_I386 conditional code didn't get compiled as a result. Removing
this enables the driftfix parameter for rtc.

Signed-off-by: Amit Shah <amit.shah@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>

QEMUFileBuffered: indicate that we're ready when the underlying file is ready

QEMUFileBuffered stops writing when the underlying QEMUFile is not ready,
and tells its producer so.  However, when the underlying QEMUFile becomes
ready, it neglects to pass that information along, resulting in stoppage
of all data until the next tick (a tenths of a second).

Usually this doesn't matter, because most QEMUFiles used with QEMUFileBuffered
are almost always ready, but in the case of exec: migration this is not true,
due to the small pipe buffers used to connect to the target process.  The
result is very slow migration.

Fix by detecting the readiness notification and propagating it.  The detection
is a little ugly since QEMUFile overloads put_buffer() to send it, but that's
the suject for a different patch.

Signed-off-by: Avi Kivity <avi@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>

sparc escc IUS improvements (SunOS 4.1.4 fix)

According to scc_escc_um.pdf:
- Reset Highest IUS must update irq status to allow processing
of the next priority interrupt.
- rx interrupt has always higher priority than tx on same channel

The documentation only explicitly says that Reset Highest IUS
command (0x38) clears IUS bits, not that it clears the corresponding
interrupt too, so don't clear interrupts on this command.

The patch allows SunOS 4.1.4 to use the serial ports

Signed-off-by: Artyom Tarasenko <atar4qemu@gmail.com>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>

Fix mingw32 build

Don't define qemu_chr_open_eventfd() on Windows.

Signed-off-by: Blue Swirl <blauwirbel@gmail.com>

win32: Avoid compiler warning (WIN32_LEAN_AND_MEAN redefined)

configure adds the macro WIN32_LEAN_AND_MEAN to
QEMU_CFLAGS, and SDL_syswm.h defines it, too.

This results in a compiler warning (redefinition of
WIN32_LEAN_AND_MEAN in SDL_syswm.h. That warning prevents
compilations for win32 with warning = error).

Fix this by removing the definition of WIN32_LEAN_AND_MEAN
before including SDL_syswm.h.

[blauwirbel@gmail.com: rebased]
Signed-off-by: Stefan Weil <weil@mail.berlios.de>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>

win32: Add missing function setenv

Mingw32 does not provide a declaration and implementation of function
setenv (which is used in sdl.c), so this patch adds both.

Signed-off-by: Stefan Weil <weil@mail.berlios.de>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>

Disable build of ivshmem on non-KVM systems

Signed-off-by: Cam Macdonell <cam@cs.ualberta.ca>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>

Add kvm_set_ioeventfd_mmio_long definition for non-KVM systems

Signed-off-by: Cam Macdonell <cam@cs.ualberta.ca>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>

TCG: Revert ppc64 tcg_out_movi32 change

3b6dac34161bc0a342336072643c2f6d17e0ec45 apparently broke the ppc64 TCG target
compilation in the code path without guest base.

Reverting this line fixes the build.

Signed-off-by: Andreas F?rber <andreas.faerber@web.de>
Cc: malc <av1474@comtv.ru>
Cc: Aurelien Jarno <aurelien@aurel32.net>
Cc: Richard Henderson <rth@twiddle.net>
Signed-off-by: malc <av1474@comtv.ru>

TCG: Fix Darwin/ppc calling convention recognition

5da79c86a3744e3a901c7986c109dd06951befd2 broke compilation on Mac OS X v10.5 ppc.
Apple's GCC 4.0.1 does not define _CALL_DARWIN. Recognize __APPLE__ again as well.

Signed-off-by: Andreas F?rber <andreas.faerber@web.de>
Cc: malc <av1474@comtv.ru>
Cc: Paolo Bonzini <pbonzini@redhat.com>
Cc: J?rgen Lock <nox@jelal.kn-bremen.de>
Cc: Stefan Weil <weil@mail.berlios.de>
Signed-off-by: malc <av1474@comtv.ru>

RESEND: Inter-VM shared memory PCI device

resend for bug fix related to removal of irqfd

Support an inter-vm shared memory device that maps a shared-memory object as a
PCI device in the guest.  This patch also supports interrupts between guest by
communicating over a unix domain socket.  This patch applies to the qemu-kvm
repository.

    -device ivshmem,size=<size in format accepted by -m>[,shm=<shm name>]

Interrupts are supported between multiple VMs by using a shared memory server
by using a chardev socket.

    -device ivshmem,size=<size in format accepted by -m>[,shm=<shm name>]
           [,chardev=<id>][,msi=on][,ioeventfd=on][,vectors=n][,role=peer|master]
    -chardev socket,path=<path>,id=<id>

The shared memory server, sample programs and init scripts are in a git repo here:

    www.gitorious.org/nahanni

Signed-off-by: Cam Macdonell <cam@cs.ualberta.ca>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>

Support marking a device as non-migratable

A non-migratable device should be removed before migration and re-added after.

Signed-off-by: Cam Macdonell <cam@cs.ualberta.ca>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>

Add function to assign ioeventfd to MMIO.

Signed-off-by: Cam Macdonell <cam@cs.ualberta.ca>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>

Device specification for shared memory PCI device

Signed-off-by: Cam Macdonell <cam@cs.ualberta.ca>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>

Add qemu_ram_alloc_from_ptr function

Provide a function to add an allocated region of memory to the qemu RAM.

This patch is copied from Marcelo's qemu_ram_map() in qemu-kvm and given the
clearer name qemu_ram_alloc_from_ptr().

Signed-off-by: Cam Macdonell <cam@cs.ualberta.ca>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>

Merge remote branch 'kwolf/for-anthony' into staging

microblaze: Fix the target version of stat64 struct

MicroBlaze needs TARGET_STAT64_HAS_BROKEN_ST_INO.

Signed-off-by: Edgar E. Iglesias <edgar.iglesias@petalogix.com>

audio/sdl: return on error

Signed-off-by: malc <av1474@comtv.ru>

mips: Add support for VInt and VEIC irq modes

Signed-off-by: Edgar E. Iglesias <edgar@axis.com>

audio/sdl: be more anal about errors

Signed-off-by: malc <av1474@comtv.ru>

audio: make audio_pt_init block all signals

Signed-off-by: malc <av1474@comtv.ru>

sparc32: use FW_CFG_CMDLINE_SIZE

Add support for getting kernel command line size with
FW_CFG_CMDLINE_SIZE.

Signed-off-by: Blue Swirl <blauwirbel@gmail.com>

ide: Avoid canceling IDE DMA

The reason for not actually canceling the I/O is because with
virtualization and lots of VM running, a guest fs may mistake a
overload of the host, as an IDE timeout. So rather than canceling the
I/O, it's safer to wait I/O completion and simulate that the I/O has
completed just before the io cancellation was requested by the
guest. This way if ntfs or an app writes data without checking for
-EIO retval, and it thinks the write has succeeded, it's less likely
to run into troubles. Similar issues for reads.

Furthermore because the DMA operation is splitted into many synchronous
aio_read/write if there's more than one entry in the SG table, without this
patch the DMA would be cancelled in the middle, something we've no idea if it
happens on real hardware too or not. Overall this seems a great risk for zero
gain.

This approach is sure safer than previous code given we can't pretend all guest
fs code out there to check for errors and reply the DMA if it was completed
partially, given a timeout would never materialize on a real harddisk unless
there are defective blocks (and defective blocks are practically only an issue
for reads never for writes in any recent hardware as writing to blocks is the
way to fix them) or the harddisk breaks as a whole.

Signed-off-by: Izik Eidus <ieidus@redhat.com>
Signed-off-by: Andrea Arcangeli <aarcange@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>

block: Change bdrv_eject() not to drop the image

bdrv_eject() gets called when a device model opens or closes the tray.

If the block driver implements method bdrv_eject(), that method gets
called.  Drivers host_cdrom implements it, and it opens and closes the
physical tray, and nothing else.  When a device model opens, then
closes the tray, media changes only if the user actively changes the
physical media while the tray is open.  This is matches how physical
hardware behaves.

If the block driver doesn't implement method bdrv_eject(), we do
something quite different: opening the tray severs the connection to
the image by calling bdrv_close(), and closing the tray does nothing.
When the device model opens, then closes the tray, media is gone,
unless the user actively inserts another one while the tray is open,
with a suitable change command in the monitor.  This isn't how
physical hardware behaves.  Rather inconvenient when programs
"helpfully" eject media to give you a chance to change it.  The way
bdrv_eject() behaves here turns that chance into a must, which is not
what these programs or their users expect.

Change the default action not to call bdrv_close().  Instead, note the
tray status in new BlockDriverState member tray_open.  Use it in
bdrv_is_inserted().

Arguably, the device models should keep track of tray status
themselves.  But this is less invasive.

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>

block: Fix bdrv_has_zero_init

Assuming that any image on a block device is not properly zero-initialized is
actually wrong: Only raw images have this problem. Any other image format
shouldn't care about it, they initialize everything properly themselves.

Signed-off-by: Kevin Wolf <kwolf@redhat.com>

block migration: replace tabs by spaces.

Signed-off-by: Yoshiaki Tamura <tamura.yoshiaki@lab.ntt.co.jp>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>

loadvm: improve tests before bdrv_snapshot_goto()

This patch improves the resilience of the load_vmstate() function, doing
further and better ordered tests.

In load_vmstate(), if there is any error on bdrv_snapshot_goto(), except if the
error is on VM state device, load_vmstate() will return zero and the VM will be
started with major corruption chances.

The current process:
- test if there is any writable device without snapshot support
    - if exists return -error
- get the device that saves the VM state, possible return -error but unlikely
because it was tested earlier
- flush I/O
- run bdrv_snapshot_goto() on devices
    - if fails, give an warning and goes to the next (not good!)
    - if fails on the VM state device, return zero (not good!)
- check if the requested snapshot exists on the device that saves the VM state
and the state is not zero
    - if fails return -error
- open the file with the VM state
    - if fails return -error
- load the VM state
    - if fails return -error
- return zero

New behavior:
- get the device that saves the VM state
    - if fails return -error
- check if the requested snapshot exists on the device that saves the VM state
and the state is not zero
    - if fails return -error
- test if there is any writable device without snapshot support
    - if exists return -error
- test if the devices with snapshot support have the requested snapshot
    - if anyone fails, return -error
- flush I/O
- run snapshot_goto() on devices
    - if anyone fails, return -error
- open the file with the VM state
    - if fails return -error
- load the VM state
    - if fails return -error
- return zero

do_loadvm must not call vm_start if any error has occurred in load_vmstate.

Signed-off-by: Miguel Di Ciurcio Filho <miguel.filho@gmail.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>

block: Change bdrv_commit to handle multiple sectors at once

bdrv_commit copies the image to its backing file sector by sector, which
is (surprise!) relatively slow. Let's take a larger buffer and handle more
sectors at once if possible.

With a 1G qcow2 file, this brought the time bdrv_commit takes down from
5:06 min to 1:14 min for me.

Signed-off-by: Kevin Wolf <kwolf@redhat.com>

fix last cpu timer initialization

The timer #0 is the system timer, so the timer #num_cpu is the
timer of the last CPU, and it must be initialized in slavio_timer_reset.

Don't mark non-existing timers as running.

Signed-off-by: Artyom Tarasenko <atar4qemu@gmail.com>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>

Initialize a variable in all cases

Commit d167f9bc06a577d6c85b8ed6991c1efe175aae7d missed this one:
/src/qemu/ui/vnc-enc-tight.c:1483: warning: 'ret' may be used uninitialized in this function

Signed-off-by: Blue Swirl <blauwirbel@gmail.com>

Fix uint8_t comparison with negative value

Commit 7bccf57383cca60a778d5c543ac80c9f62d89ef2 missed this one:
/src/qemu/ui/vnc-enc-tight.c: In function 'send_sub_rect':
/src/qemu/ui/vnc-enc-tight.c:1527: warning: comparison is always true due to limited range of data type

Signed-off-by: Blue Swirl <blauwirbel@gmail.com>

Fix a warning on OpenSolaris

Add a missing #include statement to avoid a warning:
/src/qemu/net/tap-solaris.c: In function 'tap_open':
/src/qemu/net/tap-solaris.c:189: warning: implicit declaration of function 'error_report'

Signed-off-by: Blue Swirl <blauwirbel@gmail.com>

Correctly identify multiple cpus in SMP systems

Signed-off-by: Hervé Poussineau <hpoussin@reactos.org>
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>

Remove unused constant

Remove unused constant MIPS_FCR0

Signed-off-by: Hervé Poussineau <hpoussin@reactos.org>
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>

jazz led: Fix debug prints

Add a macro to easily enable/disable debug prints
Also fix wrong printf formatters

Signed-off-by: Hervé Poussineau <hpoussin@reactos.org>
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>

xilinx-s3adsp: Add support for loading u-boot images.

Signed-off-by: Edgar E. Iglesias <edgar.iglesias@gmail.com>

xilinx-s3adsp: Fix loading of raw binaries.

Set high to a word aligned address beyond loaded image.

Signed-off-by: Edgar E. Iglesias <edgar.iglesias@gmail.com>

Remove unused eventfd.h

This header is not present on my system and causes a build
failure, but is also not used in these files, so remove it.

Signed-off-by: Mike McCormack <mikem@ring3k.org>
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>

migration: Accept 'cont' only after successful incoming migration

When a 'cont' is issued on a VM that's just waiting for an incoming
migration, the VM reboots and boots into the guest, possibly corrupting
its storage since it could be shared with another VM running elsewhere.

Ensure that a VM started with '-incoming' is only run when an incoming
migration successfully completes.

A new qerror, QERR_MIGRATION_EXPECTED, is added to signal that 'cont'
failed due to no incoming migration has been attempted yet.

Reported-by: Laine Stump <laine@redhat.com>
Signed-off-by: Amit Shah <amit.shah@redhat.com>
Reviewed-by: Luiz Capitulino <lcapitulino@redhat.com>
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>

mips64el: fulong: PCI_DEVFN() clean up.

Use PCI_DEVFN() where appropriate.
The resulted stripped binary remains same
with/without thie patch.

Cc: Huacai Chen <zltjiangshi@gmail.com>
Cc: Aurelien Jarno <aurelien@aurel32.net>
Signed-off-by: Isaku Yamahata <yamahata@valinux.co.jp>
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>

remove pointless if from vl.c

We already set sockets to nonzero in the code above.
So this if statement always evaluates true. Remove it.

Signed-off-by: Joel Schopp <jschopp@austin.ibm.com>
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>

fix variable type in qemu-io.c

The variable len can get a negative return value from cvtnum,
which we check for, but which is impossible with the current
unsigned variable type. Currently the if(len < 0) check is
pointless. This patch fixes that.

Signed-off-by: Joel Schopp <jschopp@austin.ibm.com>
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>

remove dead code from hw/loader.c

Removing dead code. Above we already continued when
rom->addr + valuegreaterthan0 < addr so this condition is always false.

Signed-off-by: Joel Schopp <jschopp@austin.ibm.com>
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>

savevm: Fix memory leak of compat struct

Forgot to check for and free these.

Found-by: Zachary Amsden <zamsden@redhat.com>
Signed-off-by: Alex Williamson <alex.williamson@redhat.com>
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>

virtio-serial: Check if more max_ports specified than we can handle

Currently virtio-serial supports a maximum of 31 ports. Specifying the
'max_ports' parameter to be > 31 on the cmd line causes badness.

Ensure we initialise virtio-serial only if max_ports is within the
supported range.

Signed-off-by: Amit Shah <amit.shah@redhat.com>
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>

Merge branch 'for-anthony' of git://repo.or.cz/qemu/kevin

* 'for-anthony' of git://repo.or.cz/qemu/kevin:
  Fix -snapshot deleting images on disk change
  block: Use error codes from lower levels for error message
  block: default to 0 minimal / optiomal I/O size
  move 'unsafe' to end of caching modes in help
  virtio-blk: Create exit function to unregister savevm
  block migration: propagate return value when bdrv_write() returns < 0
  ide/atapi: add support for GET EVENT STATUS NOTIFICATION

linux-user: fix build on hosts not using guest base

Commit 68a1c816868b3e35a1da698af412b29e61b1948a broke qemu on hosts not
using guest base. It uses reserved_va unconditionally in mmap.c. To
avoid to many #ifdef #endif blocks, define RESERVED_VA as either
reserved_va or 0ul, and use it instead of reserved_va, similarly to what
has been done with guest_base/GUEST_BASE.

linux-user: Protect against allocation failure in load_symbols.

Cc: malc <av1474@comtv.ru>
Signed-off-by: Richard Henderson <rth@twiddle.net>
Signed-off-by: malc <av1474@comtv.ru>

cris: Correct settls1 testcase.

Signed-off-by: Edgar E. Iglesias <edgar.iglesias@gmail.com>

cris: Correct ADDO and ADDOQ testcases.

Verified on real HW.

Signed-off-by: Edgar E. Iglesias <edgar@axis.com>

linux-user: Re-use load_elf_image for the main binary.

This requires moving the PT_INTERP extraction and GUEST_BASE
handling into load_elf_image. Key this off a non-null pointer
argument to receive the interpreter name.

Signed-off-by: Richard Henderson <rth@twiddle.net>
Signed-off-by: Edgar E. Iglesias <edgar.iglesias@gmail.com>

linux-user: Extract load_elf_image from load_elf_interp.

Moving toward a single copy of the elf binary loading code.
Fill in the details of the loaded image into a struct image_info.

Adjust create_elf_tables to read from such structures instead
of from a collection of passed arguments. Don't return error
values from load_elf_interp; always exit(-1) with a message to
stderr. Collect elf_interpreter handling in load_elf_binary
to a common spot.

Signed-off-by: Richard Henderson <rth@twiddle.net>
Signed-off-by: Edgar E. Iglesias <edgar.iglesias@gmail.com>

linux-user: Remove partial support for a.out interpreters.

At the bottom of the a.out support was the unimplemented load_aout_interp
function. There were other portions of the support that didn't look
right; when I went to look in the Linux kernel for clarification, I found
that the support for such interpreters has been removed from binfmt_elf.
There doesn't seem to be any reason to keep this broken support in qemu.

Signed-off-by: Richard Henderson <rth@twiddle.net>
Signed-off-by: Edgar E. Iglesias <edgar.iglesias@gmail.com>

linux-user: Put the stack guard page at the top.

There are no supported stack-grows-up targets. We were putting
the guard page at the highest address, i.e. the bottom of the stack.
Use the maximum of host and guest page size for the guard size.

Signed-off-by: Richard Henderson <rth@twiddle.net>
Signed-off-by: Edgar E. Iglesias <edgar.iglesias@gmail.com>

linux-user: Improve consistency checking in elf headers.

Validate more fields of the elf header. Extract those checks
into two common functions to be used in both load_elf_interp
and load_elf_binary.

Signed-off-by: Richard Henderson <rth@twiddle.net>
Signed-off-by: Edgar E. Iglesias <edgar.iglesias@gmail.com>

linux-user: Load symbols from the interpreter.

First, adjust load_symbols to accept a load_bias parameter.  At the same
time, read the entire section header table in one go, use pread instead
f lseek+read for the symbol and string tables, and properly free
allocated structures on error exit paths.

Second, adjust load_elf_interp to compute load_bias.  This requires
finding out the built-in load addresses.  Which allows us to honor a
pre-linked interpreter image when possible, and eliminate the hard-coded
INTERP_MAP_SIZE value.

Signed-off-by: Richard Henderson <rth@twiddle.net>
Signed-off-by: Edgar E. Iglesias <edgar.iglesias@gmail.com>

linux-user: Clean up byte-swapping in elfload.c.

Remove ifdefs from code by defining empty inline functions
when byte swapping isn't needed. Push loops over swapping
arrays of structures into the swapping functions.

Signed-off-by: Richard Henderson <rth@twiddle.net>
Signed-off-by: Edgar E. Iglesias <edgar.iglesias@gmail.com>

linux-user: Define ELF_DATA generically.

The only consideration on this value is the target endianness.
The existing defines were incorrect for alpha and sh4eb.

Signed-off-by: Richard Henderson <rth@twiddle.net>
Signed-off-by: Edgar E. Iglesias <edgar.iglesias@gmail.com>

linux-user: Reduce lseek+reads while loading elf files.

Define BPRM_BUF_SIZE to 1k and read that amount initially. If the
data we want from the binary is in this buffer, use it instead of
reading from the file again.

Signed-off-by: Richard Henderson <rth@twiddle.net>
Signed-off-by: Edgar E. Iglesias <edgar.iglesias@gmail.com>

linux-user: Reindent elfload.c.

Signed-off-by: Richard Henderson <rth@twiddle.net>
Signed-off-by: Edgar E. Iglesias <edgar.iglesias@gmail.com>

Add more DT_* and AT_* constants to qemu's copy of elf.h.

Moving some PPC AT_* constants from elfload.c at the same time.

Signed-off-by: Richard Henderson <rth@twiddle.net>
Signed-off-by: Edgar E. Iglesias <edgar.iglesias@gmail.com>

linux-user: Handle filesz < memsz for any PT_LOAD segment.

I caught padzero not properly initializing the .bss segment
on a statically linked Alpha program. Rather than a minimal
patch, replace the gross code with a single mmap+memset.

Share more code between load_elf_interp and load_elf_binary.

Legally, an ELF program need not have just a single .bss;
and PT_LOAD segment can have memsz > filesz.

Signed-off-by: Richard Henderson <rth@twiddle.net>
Signed-off-by: Edgar E. Iglesias <edgar.iglesias@gmail.com>

Update version for 0.13.x

Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>

Fix mingw32 build

Fix mingw32 build errors like
/src/qemu/ui/vnc-enc-tight.c: In function 'tight_detect_smooth_image24':
/src/qemu/ui/vnc-enc-tight.c:119: error: 'uint' undeclared (first use in this function)

Replace 'uint' with proper 'unsigned int'.

Signed-off-by: Blue Swirl <blauwirbel@gmail.com>

Initialize a variable in all cases

Fix a warning with some GCCs:
/src/qemu/ui/vnc-enc-tight.c: In function `send_sub_rect_nojpeg':
/src/qemu/ui/vnc-enc-tight.c:1458: warning: `ret' might be used uninitialized in this function

Signed-off-by: Blue Swirl <blauwirbel@gmail.com>

Fix uint8_t comparisons with negative values

Fix the following warnings:
/src/qemu/hw/ide/core.c: In function `ide_drive_pio_post_load':
/src/qemu/hw/ide/core.c:2767: warning: comparison is always false due to limited range of data type

/src/qemu/ui/vnc-enc-tight.c: In function `tight_detect_smooth_image':
/src/qemu/ui/vnc-enc-tight.c:284: warning: comparison is always true due to limited range of data type
/src/qemu/ui/vnc-enc-tight.c:297: warning: comparison is always true due to limited range of data type
/src/qemu/ui/vnc-enc-tight.c: In function `tight_encode_indexed_rect16':
/src/qemu/ui/vnc-enc-tight.c:456: warning: comparison is always false due to limited range of data type
/src/qemu/ui/vnc-enc-tight.c: In function `tight_encode_indexed_rect32':
/src/qemu/ui/vnc-enc-tight.c:457: warning: comparison is always false due to limited range of data type

Signed-off-by: Blue Swirl <blauwirbel@gmail.com>

Update version for 0.13.0-rc0

Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>

vnc: better default values for VNC options

vnc_jpeg and vnc_png are now "auto" by default, this means that
if the dependencies are installed (libjpeg or libpng), then they
will be enabled.

vnc_thread is disabled by default. It should be enabled by default
as soon as it's stable enougth.

Signed-off-by: Corentin Chary <corentincj@iksaif.net>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>

vnc: tight: split send_sub_rect

Split send_sub_rect in send_sub_rect_jpeg and send_sub_rect_nojpeg to
remove all these #ifdef CONFIG_JPEG.

Signed-off-by: Corentin Chary <corentincj@iksaif.net>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>

vnc: tight: fix rgb_prepare_row

rgb_prepare_row bpp depends on the server display surface, not
the client.

Signed-off-by: Corentin Chary <corentincj@iksaif.net>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>

vnc: add missing lock for vnc_cursor_define()

All vnc_write() calls must be locked (except the ones present before
the protocol initialization).

Signed-off-by: Corentin Chary <corentincj@iksaif.net>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>

vnc: threaded VNC server

Implement a threaded VNC server using the producer-consumer model.
The main thread will push encoding jobs (a list a rectangles to update)
in a queue, and the VNC worker thread will consume that queue and send
framebuffer updates to the output buffer.

The threaded VNC server can be enabled with ./configure --enable-vnc-thread.

If you don't want it, just use ./configure --disable-vnc-thread and a syncrhonous
queue of job will be used (which as exactly the same behavior as the old queue).
If you disable the VNC thread, all thread related code will not be built and there will
be no overhead.

Signed-off-by: Corentin Chary <corentincj@iksaif.net>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>

qemu-thread: add qemu_mutex/cond_destroy and qemu_mutex_exit

Add some missing functions in qemu-thread. Currently qemu-thread
is only used for io-thread but it will used by the vnc server soon
and we need those functions instead of calling pthread directly.

Signed-off-by: Corentin Chary <corentincj@iksaif.net>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>

vnc: fix tight png memory leak

The tight.png buffer was never released.

Signed-off-by: Corentin Chary <corentincj@iksaif.net>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>

vnc: encapsulate encoding members

This will allow to implement the threaded VNC server in a
more cleaner way.

Signed-off-by: Corentin Chary <corentincj@iksaif.net>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>

vnc: tight: stop using qdict for palette stuff

Profiling with callgrind seems to show that a lot of time is spent
in the palette code (mostly due to memory allocation and qdict to int
conversion).

This patch adds a VncPalette implementation. The palette is stored
in a hash table, like qdict, but which does way less memory allocations,
and doesn't suffer from the QObject overhead.

Signed-off-by: Corentin Chary <corentincj@iksaif.net>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>

vnc: tight: specific zlib level and filters for each compression level

Disable png filters for lower compression levels. This should lower
the CPU consumption and reduce encoding time.

This isn't in tight_conf because:
* tight_conf structure must not change, because it's shared with other
tight implementations (libvncserver, etc..).
* it'd exceed the 80 col limit.
* PNG_ macros are only defined if CONFIG_VNC_PNG is defined

Signed-off-by: Corentin Chary <corentincj@iksaif.net>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>

vnc: tight add PNG encoding

Introduce a new encoding: VNC_ENCODING_TIGHT_PNG [1] (-269) with a new
tight filter VNC_TIGHT_PNG (0x0A). When the client tells it supports the Tight PNG
encoding, the server will use tight, but will always send encoding pixels using
PNG instead of zlib. If the client also told it support JPEG, then the server can
send JPEG, because PNG will only be used in the cases zlib was used in normal tight.

This encoding was introduced to speed up HTML5 based VNC clients like noVNC [2], but
can also be used on devices like iPhone where PNG can be rendered in hardware.

[1] http://wiki.qemu.org/VNC_Tight_PNG
[2] http://github.com/kanaka/noVNC/

Signed-off-by: Corentin Chary <corentincj@iksaif.net>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>

vnc: tight: remove a memleak in send_jpeg_rect()

buf was never freed.

Signed-off-by: Corentin Chary <corentincj@iksaif.net>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>

vnc: tight: don't forget do at the last color

While using indexed colors, the last color was never added to the palette.
Triggered with ubuntu livecd.

Signed-off-by: Corentin Chary <corentincj@iksaif.net>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>

vnc: rename vnc-encoding-* vnc-enc-*

For the same reason that we don't use vnc-authentication-sasl.c but
vnc-auth-sals.c. Because it's tooooo long.

Signed-off-by: Corentin Chary <corentincj@iksaif.net>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>

ui: move all ui components in ui/

Move sdl, vnc, curses and cocoa UI into ui/ to cleanup
the root directory. Also remove some unnecessary explicit
targets from Makefile.

aliguori: fix build when srcdir != objdir

Signed-off-by: Corentin Chary <corentincj@iksaif.net>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>

vnc: add lossy option

The lossy option can be used to enable lossy compression
methods like gradient or jpeg. This patch disable them by
default.

Signed-off-by: Corentin Chary <corentincj@iksaif.net>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>

vnc: JPEG should be disabled if the client don't set tight quality

Disable JPEG compression by default and only enable it if the
VNC client has sent the requested quality.

Signed-off-by: Corentin Chary <corentincj@iksaif.net>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>

vnc: tight: add JPEG and gradient subencoding with smooth image detection

Add gradient filter and JPEG compression with an heuristic to detect how
lossy the comppression will be. This code has been adapted from
libvncserver/tight.c.

JPEG support can be enabled/disabled at compile time with --enable-vnc-jpeg
and --disable-vnc-jpeg.

Signed-off-by: Corentin Chary <corentincj@iksaif.net>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>

Initial documentation for migration

Signed-off-by: Juan Quintela <quintela@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>

ide: fix migration in the middle of a bmdma transfer

It reintroduces
Revert "ide save/restore pio/atapi cmd transfer fields and io buffer"

but using subsections. Added bonus is the addition of ide_dummy_transfer_stop
to transfer_end_table, that was missing.

Signed-off-by: Juan Quintela <quintela@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>

ide: fix migration in the middle of pio operation

Signed-off-by: Juan Quintela <quintela@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>

vmstate: add subsections code

This commit adds subsections for each device section.
Subsections is the way to handle information that don't need to be sent
to de destination of a migration because its values are not needed.  It is
the way to handle optional information.  Notice that only the source can
decide if the information is optional or not.  The destination needs to
understand all subsections that it receives to have a sucessful load.

Signed-off-by: Juan Quintela <quintela@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>

Revert "ide save/restore current transfer fields"

This reverts commit 42ee76fe82093ba914f0dc83d2decbcf68866144.

Signed-off-by: Juan Quintela <quintela@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>