sdk/emulator/qemu.git
10 years agoqom: Avoid leaking str and bool properties on failure
Stefan Hajnoczi [Tue, 4 Mar 2014 14:28:18 +0000 (15:28 +0100)]
qom: Avoid leaking str and bool properties on failure

When object_property_add_str() and object_property_add_bool() fail, they
leak their internal StringProperty and BoolProperty structs.  Remember
to free the structs on error.

Luckily this is a low-impact memory leak since most QOM properties are
static qdev properties that will never take the error case.
object_property_add() only fails if the property name is already in use.

Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Cc: qemu-stable@nongnu.org
Signed-off-by: Andreas Färber <afaerber@suse.de>
10 years agoqdev-monitor: Set properties after parent is assigned in device_add
Amos Kong [Mon, 3 Mar 2014 07:57:55 +0000 (15:57 +0800)]
qdev-monitor: Set properties after parent is assigned in device_add

Test steps:
 (qemu) device_add e1000,addr=adsf
  Property 'e1000.addr' doesn't take value 'adsf'
 (qemu) info qtree
  Then qemu crashed.

Currently we set a link to the new device from its parent bus, but the
device hasn't been added to QOM tree yet. When it fails to set properties,
object_unparent() can't clean up the device.

Delay setting of device properties until the device has been added to
the QOM composition tree. This way, when setting a property fails,
object_unparent() can clean up the device properly.

Signed-off-by: Amos Kong <akong@redhat.com>
Reviewed-by: Igor Mammedov <imammedo@redhat.com>
Signed-off-by: Andreas Färber <afaerber@suse.de>
10 years agoqdev: Set DeviceClass::hotpluggable default in class_init()
Igor Mammedov [Tue, 18 Feb 2014 16:56:53 +0000 (17:56 +0100)]
qdev: Set DeviceClass::hotpluggable default in class_init()

Move setting DeviceClass::hotpluggable default from device's
class_base_init() to device's class_init().

Reported-by: Andreas Färber <afaerber@suse.de>
Signed-off-by: Igor Mammedov <imammedo@redhat.com>
Signed-off-by: Andreas Färber <afaerber@suse.de>
10 years agoqdev: Fix bus dependency of DeviceState::hotpluggable getter
Andreas Färber [Fri, 7 Mar 2014 18:04:13 +0000 (19:04 +0100)]
qdev: Fix bus dependency of DeviceState::hotpluggable getter

Commit 1a37eca107cece3ed454bae29eef0bd1fac4a244 (qdev: add
"hotpluggable" property to Device) added a property "hotpluggable" to
each device, with its getter accessing parent_bus->allow_hotplug.

Add a NULL check.

Cc: Igor Mammedov <imammedo@redhat.com>
Signed-off-by: Andreas Färber <afaerber@suse.de>
10 years agoMerge remote-tracking branch 'remotes/afaerber/tags/prep-for-upstream' into staging
Peter Maydell [Wed, 12 Mar 2014 17:53:37 +0000 (17:53 +0000)]
Merge remote-tracking branch 'remotes/afaerber/tags/prep-for-upstream' into staging

PReP machine and devices

* ppc_rom.bin update and submodule

# gpg: Signature made Wed 12 Mar 2014 17:32:40 GMT using RSA key ID 3E7E013F
# gpg: Good signature from "Andreas Färber <afaerber@suse.de>"
# gpg:                 aka "Andreas Färber <afaerber@suse.com>"

* remotes/afaerber/tags/prep-for-upstream:
  prep: Update ppc_rom.bin
  Add OpenHack'Ware submodule

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
10 years agoMerge remote-tracking branch 'remotes/stefanha/tags/net-pull-request' into staging
Peter Maydell [Wed, 12 Mar 2014 16:45:25 +0000 (16:45 +0000)]
Merge remote-tracking branch 'remotes/stefanha/tags/net-pull-request' into staging

Net patches

# gpg: Signature made Wed 12 Mar 2014 13:48:20 GMT using RSA key ID 81AB73C8
# gpg: Good signature from "Stefan Hajnoczi <stefanha@redhat.com>"
# gpg:                 aka "Stefan Hajnoczi <stefanha@gmail.com>"
# gpg: WARNING: This key is not certified with a trusted signature!
# gpg:          There is no indication that the signature belongs to the owner.
# Primary key fingerprint: 8695 A8BF D3F9 7CDA AC35  775A 9CA4 ABB3 81AB 73C8

* remotes/stefanha/tags/net-pull-request:
  tap: avoid deadlocking rx

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
10 years agoprep: Update ppc_rom.bin
Andreas Färber [Sun, 2 Mar 2014 21:27:14 +0000 (22:27 +0100)]
prep: Update ppc_rom.bin

Functionally, this is a revert of Jocelyn's r3309 /
55aa45ddde3283cdd781326d001f7456bf02f684 (Quickly hack PowerPC BIOS
able to boot on CDROM again.), for which we do not have the sources.

Therefore the sources used are v0.4.1 plus pc-bios/ohw.diff plus a
workaround turning IDE errors into warnings.

Signed-off-by: Andreas Färber <andreas.faerber@web.de>
10 years agoAdd OpenHack'Ware submodule
Andreas Färber [Wed, 12 Mar 2014 16:16:56 +0000 (17:16 +0100)]
Add OpenHack'Ware submodule

This replaces the ohw.diff file on top of v0.4.1.

Signed-off-by: Andreas Färber <andreas.faerber@web.de>
10 years agoMerge remote-tracking branch 'remotes/stefanha/tags/tracing-pull-request' into staging
Peter Maydell [Wed, 12 Mar 2014 15:46:43 +0000 (15:46 +0000)]
Merge remote-tracking branch 'remotes/stefanha/tags/tracing-pull-request' into staging

Tracing pull request

# gpg: Signature made Wed 12 Mar 2014 13:20:10 GMT using RSA key ID 81AB73C8
# gpg: Good signature from "Stefan Hajnoczi <stefanha@redhat.com>"
# gpg:                 aka "Stefan Hajnoczi <stefanha@gmail.com>"
# gpg: WARNING: This key is not certified with a trusted signature!
# gpg:          There is no indication that the signature belongs to the owner.
# Primary key fingerprint: 8695 A8BF D3F9 7CDA AC35  775A 9CA4 ABB3 81AB 73C8

* remotes/stefanha/tags/tracing-pull-request:
  trace: Fix build warnings for Win32 build

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
10 years agoMerge remote-tracking branch 'remotes/kraxel/tags/pull-misc-1' into staging
Peter Maydell [Wed, 12 Mar 2014 15:03:42 +0000 (15:03 +0000)]
Merge remote-tracking branch 'remotes/kraxel/tags/pull-misc-1' into staging

Docs: Introduce multiport serial support in qemupciserial.inf.

# gpg: Signature made Wed 12 Mar 2014 09:35:55 GMT using RSA key ID D3E87138
# gpg: Good signature from "Gerd Hoffmann (work) <kraxel@redhat.com>"
# gpg:                 aka "Gerd Hoffmann <gerd@kraxel.org>"
# gpg:                 aka "Gerd Hoffmann (private) <kraxel@gmail.com>"

* remotes/kraxel/tags/pull-misc-1:
  Docs: Introduce multiport serial support in qemupciserial.inf.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
10 years agotrace: Fix build warnings for Win32 build
Peter Maydell [Thu, 20 Feb 2014 19:44:25 +0000 (19:44 +0000)]
trace: Fix build warnings for Win32 build

The Win32 build warns about trace/control-internal.h:

warning: 'trace_event_count' declared inline after being called

Fix this by simply reordering trace_event_id() and
trace_event_count().

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Stefan Weil <sw@weilnetz.de>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
10 years agoMerge remote-tracking branch 'remotes/kiszka/queues/slirp' into staging
Peter Maydell [Wed, 12 Mar 2014 12:47:26 +0000 (12:47 +0000)]
Merge remote-tracking branch 'remotes/kiszka/queues/slirp' into staging

* remotes/kiszka/queues/slirp:
  slirp smb with modern win guests when samba is also running on host
  qemu/slirp: Fix SMB security configuration on newer samba versions

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
10 years agoMerge remote-tracking branch 'remotes/mcayland/qemu-sparc' into staging
Peter Maydell [Wed, 12 Mar 2014 11:44:59 +0000 (11:44 +0000)]
Merge remote-tracking branch 'remotes/mcayland/qemu-sparc' into staging

* remotes/mcayland/qemu-sparc:
  target-sparc: Add and use CPU_FEATURE_CASA

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
10 years agoMerge remote-tracking branch 'remotes/qmp-unstable/queue/qmp' into staging
Peter Maydell [Wed, 12 Mar 2014 10:47:07 +0000 (10:47 +0000)]
Merge remote-tracking branch 'remotes/qmp-unstable/queue/qmp' into staging

* remotes/qmp-unstable/queue/qmp:
  tests: test-qmp-commands: Fix double free
  qapi script: do not add "_" for every capitalized char in enum
  qapi script: do not allow string discriminator
  qapi: convert BlockdevOptions to use enum discriminator
  qapi script: support enum type as discriminator in union
  qapi script: use same function to generate enum string
  qapi script: code move for generate_enum_name()
  qapi script: check correctness of union
  qapi script: remember line number in schema parsing
  qapi script: add check for duplicated key
  qapi script: remember explicitly defined enum values

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
10 years agoDocs: Introduce multiport serial support in qemupciserial.inf.
Miki Mishael [Sun, 19 Jan 2014 16:43:05 +0000 (11:43 -0500)]
Docs: Introduce multiport serial support in qemupciserial.inf.

      Support for pci-serial-2x and pci-serial-4x
      was added to the inf file.
      Standard Windows driver mf.sys used to
      split single function device into per-port nodes.

Signed-off-by: Miki Mishael <mmishael@redhat.com>
Signed-off-by: Dmitry Fleytman <dfleytma@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
10 years agotap: avoid deadlocking rx
Stefan Hajnoczi [Sat, 8 Mar 2014 15:00:43 +0000 (16:00 +0100)]
tap: avoid deadlocking rx

The net subsystem has a control flow mechanism so peer NetClientStates
can tell each other to stop sending packets.  This is used to stop
monitoring the tap file descriptor for incoming packets if the guest rx
ring has no spare buffers.

There is a corner case when tap_can_send() is true at the beginning of
an event loop iteration but becomes false before the tap_send() fd
handler is invoked.

tap_send() will read the packet from the tap file descriptor and attempt
to send it.  The net queue will hold on to the packet and return 0,
indicating that further I/O is not possible.  tap then stops monitoring
the file descriptor for reads.

This is unlike the normal case where tap_can_send() is the same before
and during the event loop iteration.  The event loop would simply not
monitor the file descriptor if tap_can_send() returns true.  Upon next
iteration it would check tap_can_send() again and begin monitoring if we
can send.

The deadlock happens because tap_send() explicitly disabled read_poll.
This is done with the expectation that the peer will call
qemu_net_queue_flush().  But hw/net/virtio-net.c does not monitor
vm_running transitions and issue the flush.  Hence we're left with a
broken tap device.

Cc: qemu-stable@nongnu.org
Reported-by: Neil Skrypuch <neil@tembosocial.com>
Tested-by: Neil Skrypuch <neil@tembosocial.com>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
10 years agoslirp smb with modern win guests when samba is also running on host
Michael Tokarev [Thu, 28 Nov 2013 19:32:55 +0000 (23:32 +0400)]
slirp smb with modern win guests when samba is also running on host

After numerous reports that -smb (or -netdev user,smb=foo) not working
with modern windows (win7 and vista are reported as non-working), I
started digging myself.  And found that indeed it doesn't work, and
why.

The thing is that modern win tries to connect to port 445 (microsoft-ds)
first, and if that fails, it falls back to old port 139 (netbios-ssn).

slirp code in qemu only redirects port 139, it does not touch port 445.

So the prob is that if samba is also running on the host, guest will try
to communicate using port 445, and that will succed, but ofcourse guest
will not talk with our samba but with samba running on the host.

If samba is not running on the host, guest will fall back to port 139,
and will reach the redirecting rule and qemu will spawn smbd correctly.

The solution is to redirect both ports (139 and 445), and the fix is
a one-liner, adding second call to slirp_add_exec() at the end of
net/slirp.c:slirp_smb() function (provided below).

But it looks like that is not a proper fix really, since in theory
we should redirect both ports to the SAME, single samba instance,
but I'm not sure this is possible with slirp.  Well, even if two
smbd processes will be run on the same config dir, it should not
be a problem.

The one-liner (not exactly 1 since it touches previous line too) is like
this:

Signed-off-By: Michael Tokarev <mjt@tls.msk.ru>
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
10 years agoqemu/slirp: Fix SMB security configuration on newer samba versions
Michael Buesch [Fri, 1 Nov 2013 11:23:49 +0000 (12:23 +0100)]
qemu/slirp: Fix SMB security configuration on newer samba versions

The smb.conf automatically generated by qemu's -smb option fails on current
samba, because smbd rejects the security=share option with the following warning:

>   WARNING: Ignoring invalid value 'share' for parameter 'security'

Which makes it fall back to security=user without guest login.
This results in being unable to login to the samba server from the guest OS.

This fixes it by selecting 'user' explicitly and mapping
unknown users to guest logins.

Signed-off-by: Michael Buesch <m@bues.ch>
Reviewed-by: Michael Tokarev <mjt@tls.msk.ru>
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
10 years agotarget-sparc: Add and use CPU_FEATURE_CASA
Sebastian Huber [Tue, 11 Mar 2014 09:36:00 +0000 (10:36 +0100)]
target-sparc: Add and use CPU_FEATURE_CASA

The LEON3 processor has support for the CASA instruction which is
normally only available for SPARC V9 processors.  Binutils 2.24
and GCC 4.9 will support this instruction for LEON3.  GCC uses it to
generate C11 atomic operations.

The CAS synthetic instruction uses an ASI of 0x80.  If TARGET_SPARC64 is
not defined use a supervisor data load/store for an ASI of 0x80 in
helper_ld_asi()/helper_st_asi().  The supervisor data load/store was
choosen according to the LEON3 documentation.

The ASI 0x80 is defined in the SPARC V9 manual, Table 12—Address Space
Identifiers (ASIs).  Here we have: 0x80, ASI_PRIMARY, Unrestricted
access, Primary address space.

Tested with the following program:

  #include <assert.h>
  #include <stdatomic.h>

  void test(void)
  {
    atomic_int a;
    int e;
    _Bool b;

    atomic_store(&a, 1);
    e = 1;
    b = atomic_compare_exchange_strong(&a, &e, 2);
    assert(b);
    assert(atomic_load(&a) == 2);

    atomic_store(&a, 3);
    e = 4;
    b = atomic_compare_exchange_strong(&a, &e, 5);
    assert(!b);
    assert(atomic_load(&a) == 3);
  }

Tested also on a NGMP board with a LEON4 processor.

Reviewed-by: Fabien Chouteau <chouteau@adacore.com>
Reviewed-by: Andreas Färber <afaerber@suse.de>
Tested-by: Mark Cave-Ayland <mark.cave-ayland@ilande.co.uk>
Reviewed-by: Richard Henderson <rth@twiddle.net>
Signed-off-by: Sebastian Huber <sebastian.huber@embedded-brains.de>
Signed-off-by: Mark Cave-Ayland <mark.cave-ayland@ilande.co.uk>
10 years agoMerge remote-tracking branch 'remotes/mst/tags/for_upstream' into staging
Peter Maydell [Tue, 11 Mar 2014 19:52:32 +0000 (19:52 +0000)]
Merge remote-tracking branch 'remotes/mst/tags/for_upstream' into staging

acpi,pc,test bug fixes

More small fixes: the issues annoy developers so
I thought they are worth fixing quickly.

Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
# gpg: Signature made Tue 11 Mar 2014 11:27:44 GMT using RSA key ID D28D5469
# gpg: Good signature from "Michael S. Tsirkin <mst@kernel.org>"
# gpg:                 aka "Michael S. Tsirkin <mst@redhat.com>"
# gpg: WARNING: This key is not certified with a trusted signature!
# gpg:          There is no indication that the signature belongs to the owner.
# Primary key fingerprint: 0270 606B 6F3C DF3D 0B17  0970 C350 3912 AFBE 8E67
#      Subkey fingerprint: 5D09 FD08 71C8 F85B 94CA  8A0D 281F 0DB8 D28D 5469

* remotes/mst/tags/for_upstream:
  acpi-test: update expected SSDT files
  acpi-build: don't access unaligned addresses
  q35: Correct typo BRDIGE -> BRIDGE
  configure: don't modify .status on error
  pc: avoid duplicate names for ROM MRs
  loader: rename in_ram/has_mr

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
10 years agoMerge remote-tracking branch 'remotes/kvm/uq/master' into staging
Peter Maydell [Tue, 11 Mar 2014 19:39:17 +0000 (19:39 +0000)]
Merge remote-tracking branch 'remotes/kvm/uq/master' into staging

* remotes/kvm/uq/master:
  target-i386: bugfix of Intel MPX
  file_ram_alloc: unify mem-path,mem-prealloc error handling
  kvm-all: exit in case max vcpus exceeded

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
10 years agoqemu-thread-posix: Fix build against older glibc version
Jan Kiszka [Tue, 11 Mar 2014 15:49:23 +0000 (16:49 +0100)]
qemu-thread-posix: Fix build against older glibc version

pthread_setname_np was introduced with 2.12.

Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Reviewed-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
10 years agoMerge remote-tracking branch 'remotes/pmaydell/tags/pull-target-arm-20140310' into...
Peter Maydell [Tue, 11 Mar 2014 13:20:23 +0000 (13:20 +0000)]
Merge remote-tracking branch 'remotes/pmaydell/tags/pull-target-arm-20140310' into staging

target-arm queue:
 * implement WFE as yield (improves performance with emulated SMP)
 * fixes to avoid undefined behaviour shifting left into sign bit
 * libvixl format string fixes for 32 bit hosts
 * fix build error when intptr_t and tcg_target_long are different
   sizes (eg x32)
 * implement PMCCNTR register
 * fix incorrect setting of E bit in CPSR (broke booting under
   KVM on ARM)

# gpg: Signature made Mon 10 Mar 2014 15:05:25 GMT using RSA key ID 14360CDE
# gpg: Good signature from "Peter Maydell <peter.maydell@linaro.org>"

* remotes/pmaydell/tags/pull-target-arm-20140310:
  target-arm: Implement WFE as a yield operation
  hw/arm/musicpal: Avoid shifting left into sign bit
  hw/ssi/xilinx_spips.c: Avoid shifting left into sign bit
  hw/arm/omap1.c: Avoid shifting left into sign bit
  pxa2xx: Don't shift into sign bit
  libvixl: Fix format strings for several int64_t values
  target-arm: Fix intptr_t vs tcg_target_long
  target-arm: Implements the ARM PMCCNTR register
  target-arm: Fix incorrect setting of E bit in CPSR

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
10 years agotests: test-qmp-commands: Fix double free
Luiz Capitulino [Sat, 8 Mar 2014 17:20:06 +0000 (12:20 -0500)]
tests: test-qmp-commands: Fix double free

The ret variable is freed twice, but on the second time we actually want
to free ret3 instead. Don't know why this didn't explode.

Reported-by: Peter Maydell <peter.maydell@linaro.org>
Tested-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Eric Blake <eblake@redhat.com>
Signed-off-by: Luiz Capitulino <lcapitulino@redhat.com>
10 years agoqapi script: do not add "_" for every capitalized char in enum
Wenchao Xia [Wed, 5 Mar 2014 02:44:40 +0000 (18:44 -0800)]
qapi script: do not add "_" for every capitalized char in enum

Now "enum AIOContext" will generate AIO_CONTEXT instead of A_I_O_CONTEXT,
"X86CPU" will generate X86_CPU instead of X86_C_P_U.

Signed-off-by: Wenchao Xia <wenchaoqemu@gmail.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Reviewed-by: Markus Armbruster <armbru@redhat.com>
Signed-off-by: Luiz Capitulino <lcapitulino@redhat.com>
10 years agoqapi script: do not allow string discriminator
Wenchao Xia [Wed, 5 Mar 2014 02:44:39 +0000 (18:44 -0800)]
qapi script: do not allow string discriminator

Since enum based discriminators provide better type-safety and
ensure that future qapi additions do not forget to adjust dependent
unions, forbid using string as discriminator from now on.

Signed-off-by: Wenchao Xia <wenchaoqemu@gmail.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Reviewed-by: Markus Armbruster <armbru@redhat.com>
Signed-off-by: Luiz Capitulino <lcapitulino@redhat.com>
10 years agoqapi: convert BlockdevOptions to use enum discriminator
Wenchao Xia [Wed, 5 Mar 2014 02:44:38 +0000 (18:44 -0800)]
qapi: convert BlockdevOptions to use enum discriminator

After this patch, hidden enum type BlockdevOptionsKind will not
be generated, and other API can use enum BlockdevDriver.

Signed-off-by: Wenchao Xia <wenchaoqemu@gmail.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Reviewed-by: Markus Armbruster <armbru@redhat.com>
Signed-off-by: Luiz Capitulino <lcapitulino@redhat.com>
10 years agoqapi script: support enum type as discriminator in union
Wenchao Xia [Fri, 7 Mar 2014 01:08:56 +0000 (17:08 -0800)]
qapi script: support enum type as discriminator in union

By default, any union will automatically generate a enum type as
"[UnionName]Kind" in C code, and it is duplicated when the discriminator
is specified as a pre-defined enum type in schema. After this patch,
the pre-defined enum type will be really used as the switch case
condition in generated C code, if discriminator is an enum field.

Signed-off-by: Wenchao Xia <wenchaoqemu@gmail.com>
Reviewed-by: Markus Armbruster <armbru@redhat.com>
Signed-off-by: Luiz Capitulino <lcapitulino@redhat.com>
10 years agoqapi script: use same function to generate enum string
Wenchao Xia [Wed, 5 Mar 2014 02:44:36 +0000 (18:44 -0800)]
qapi script: use same function to generate enum string

Prior to this patch, qapi-visit.py used custom code to generate enum
names used for handling a qapi union. Fix it to instead reuse common
code, with identical generated results, and allowing future updates to
generation to only need to touch one place.

Signed-off-by: Wenchao Xia <wenchaoqemu@gmail.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Reviewed-by: Markus Armbruster <armbru@redhat.com>
Signed-off-by: Luiz Capitulino <lcapitulino@redhat.com>
10 years agoqapi script: code move for generate_enum_name()
Wenchao Xia [Wed, 5 Mar 2014 02:44:35 +0000 (18:44 -0800)]
qapi script: code move for generate_enum_name()

Later both qapi-types.py and qapi-visit.py need a common function
for enum name generation.

Signed-off-by: Wenchao Xia <wenchaoqemu@gmail.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Reviewed-by: Markus Armbruster <armbru@redhat.com>
Signed-off-by: Luiz Capitulino <lcapitulino@redhat.com>
10 years agoqapi script: check correctness of union
Wenchao Xia [Wed, 5 Mar 2014 02:44:34 +0000 (18:44 -0800)]
qapi script: check correctness of union

Since line info is remembered as QAPISchema.line now, this patch
uses it as additional info for every expr in QAPISchema inside qapi.py,
then improves error message with it in checking of exprs.

For common union the patch will check whether base is a valid complex
type if specified. For flat union it will check whether base presents,
whether discriminator is found in base, whether the key of every branch
is correct when discriminator is an enum type.

Signed-off-by: Wenchao Xia <wenchaoqemu@gmail.com>
Reviewed-by: Markus Armbruster <armbru@redhat.com>
Signed-off-by: Luiz Capitulino <lcapitulino@redhat.com>
10 years agoqapi script: remember line number in schema parsing
Wenchao Xia [Wed, 5 Mar 2014 02:44:33 +0000 (18:44 -0800)]
qapi script: remember line number in schema parsing

Before this patch, 'QAPISchemaError' scans whole input until 'pos'
to get error line number. After this patch, the scan is avoided since
line number is remembered in schema parsing. This patch also benefits
other error report functions, which would be introduced later.

Signed-off-by: Wenchao Xia <wenchaoqemu@gmail.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Reviewed-by: Markus Armbruster <armbru@redhat.com>
Signed-off-by: Luiz Capitulino <lcapitulino@redhat.com>
10 years agoqapi script: add check for duplicated key
Wenchao Xia [Wed, 5 Mar 2014 02:44:32 +0000 (18:44 -0800)]
qapi script: add check for duplicated key

It is bad that same key was specified twice, especially when a union has
two branches with same condition. This patch can prevent it.

Signed-off-by: Wenchao Xia <wenchaoqemu@gmail.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Reviewed-by: Markus Armbruster <armbru@redhat.com>
Signed-off-by: Luiz Capitulino <lcapitulino@redhat.com>
10 years agoqapi script: remember explicitly defined enum values
Wenchao Xia [Wed, 5 Mar 2014 02:44:31 +0000 (18:44 -0800)]
qapi script: remember explicitly defined enum values

Later other scripts will need to check the enum values.

Signed-off-by: Wenchao Xia <wenchaoqemu@gmail.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Reviewed-by: Markus Armbruster <armbru@redhat.com>
Signed-off-by: Luiz Capitulino <lcapitulino@redhat.com>
10 years agoMerge remote-tracking branch 'remotes/spice/tags/pull-spice-4' into staging
Peter Maydell [Tue, 11 Mar 2014 13:03:21 +0000 (13:03 +0000)]
Merge remote-tracking branch 'remotes/spice/tags/pull-spice-4' into staging

minor spice patches.

# gpg: Signature made Mon 10 Mar 2014 13:13:14 GMT using RSA key ID D3E87138
# gpg: Good signature from "Gerd Hoffmann (work) <kraxel@redhat.com>"
# gpg:                 aka "Gerd Hoffmann <gerd@kraxel.org>"
# gpg:                 aka "Gerd Hoffmann (private) <kraxel@gmail.com>"

* remotes/spice/tags/pull-spice-4:
  configure: Prettify message for hosts without spice support
  spice: QemuUIInfo windup
  spice: fix simple display surface handling

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
10 years agoMerge remote-tracking branch 'remotes/kraxel/tags/pull-input-5' into staging
Peter Maydell [Tue, 11 Mar 2014 12:52:08 +0000 (12:52 +0000)]
Merge remote-tracking branch 'remotes/kraxel/tags/pull-input-5' into staging

input: fixes for the rewrite.

# gpg: Signature made Mon 10 Mar 2014 12:50:25 GMT using RSA key ID D3E87138
# gpg: Good signature from "Gerd Hoffmann (work) <kraxel@redhat.com>"
# gpg:                 aka "Gerd Hoffmann <gerd@kraxel.org>"
# gpg:                 aka "Gerd Hoffmann (private) <kraxel@gmail.com>"

* remotes/kraxel/tags/pull-input-5:
  input: map INPUT_BUTTON_WHEEL_{UP,DOWN} to legacy input z axis moves.
  input: sdl: fix guest_cursor logic.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
10 years agoacpi-test: update expected SSDT files
Michael S. Tsirkin [Mon, 10 Mar 2014 19:13:59 +0000 (21:13 +0200)]
acpi-test: update expected SSDT files

SSDT doesn't have _SUN for non hotpluggable slots
anymore.

Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
10 years agoacpi-build: don't access unaligned addresses
Michael S. Tsirkin [Mon, 10 Mar 2014 19:30:16 +0000 (21:30 +0200)]
acpi-build: don't access unaligned addresses

casting an unaligned address to e.g.
uint32_t can trigger undefined behaviour in C.
Replace cast + assignment with memcpy.

Reported-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
10 years agoq35: Correct typo BRDIGE -> BRIDGE
BALATON Zoltan [Fri, 28 Feb 2014 10:28:03 +0000 (11:28 +0100)]
q35: Correct typo BRDIGE -> BRIDGE

Signed-off-by: BALATON Zoltan <balaton@eik.bme.hu>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
10 years agoconfigure: don't modify .status on error
Michael S. Tsirkin [Sun, 9 Mar 2014 15:37:49 +0000 (17:37 +0200)]
configure: don't modify .status on error

./configure --help
make

will try to re-run configure with --help
which isn't what was intended.

The reason is that config.status was written
even on configure error.
Defer writing config.status until configure
has completed successfully.

Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
10 years agopc: avoid duplicate names for ROM MRs
Michael S. Tsirkin [Thu, 6 Mar 2014 12:57:09 +0000 (14:57 +0200)]
pc: avoid duplicate names for ROM MRs

Since
commit 04920fc0faa4760f9c4fc0e73b992b768099be70
    loader: store FW CFG ROM files in RAM
RAM MRs including ROM files in FW CFGs are created
and named using the file basename.

This becomes problematic if these names are
supplied by user, since the basename might not
be unique.

There are two cases we care about:
- option-rom flag.
- option ROM for devices. This triggers e.g. when
  using rombar=0.

At the moment we get an assert. E.g
qemu -option-rom /usr/share/ipxe/8086100e.rom -option-rom
/usr/share/ipxe.efi/8086100e.rom
RAMBlock "/rom@genroms/8086100e.rom" already registered, abort!

This is a regression from 1.6.

For now let's keep it simple and just avoid creating the
MRs in case of option ROMs.

when using 1.7 machine types, enable
option ROMs in RAM to match that version.

Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
10 years agoMerge remote-tracking branch 'remotes/kraxel/tags/pull-vnc-1' into staging
Peter Maydell [Tue, 11 Mar 2014 10:53:17 +0000 (10:53 +0000)]
Merge remote-tracking branch 'remotes/kraxel/tags/pull-vnc-1' into staging

vnc dirty tracking optinizations.
various vnc bugfixes.

# gpg: Signature made Mon 10 Mar 2014 12:39:54 GMT using RSA key ID D3E87138
# gpg: Good signature from "Gerd Hoffmann (work) <kraxel@redhat.com>"
# gpg:                 aka "Gerd Hoffmann <gerd@kraxel.org>"
# gpg:                 aka "Gerd Hoffmann (private) <kraxel@gmail.com>"

* remotes/kraxel/tags/pull-vnc-1:
  ui/vnc: disable adaptive update calculations if not needed
  ui/vnc: optimize setting in vnc_dpy_update()
  ui/vnc: optimize clearing in find_and_clear_dirty_height()
  ui/vnc: optimize dirty bitmap tracking
  ui/vnc: derive cmp_bytes from VNC_DIRTY_PIXELS_PER_BIT
  ui/vnc: introduce VNC_DIRTY_PIXELS_PER_BIT macro
  vnc: fix use-after-free in vnc_update_client_sync
  vnc: Fix qemu crashed when vnc client disconnect suddenly
  vnc: Fix tight_detect_smooth_image() for lossless case

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
10 years agotarget-i386: bugfix of Intel MPX
Liu, Jinsong [Mon, 3 Mar 2014 05:24:14 +0000 (05:24 +0000)]
target-i386: bugfix of Intel MPX

The correct size of cpuid 0x0d sub-leaf 4 is 0x40, not 0x10.
This is confirmed by Anvin H Peter and Mallick Asit K.

Signed-off-by: Liu Jinsong <jinsong.liu@intel.com>
Cc: H. Peter Anvin <hpa@zytor.com>
Cc: Asit K Mallick <asit.k.mallick@intel.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Liu, Jinsong <jinsong.liu@intel.com>
10 years agoMerge remote-tracking branch 'remotes/mst/tags/for_upstream' into staging
Peter Maydell [Mon, 10 Mar 2014 19:14:11 +0000 (19:14 +0000)]
Merge remote-tracking branch 'remotes/mst/tags/for_upstream' into staging

acpi,pc,pci,virtio,memory bug fixes

This collects several small fixes from all over the place.
Additionally, Marcel's changes make acpi unit tests more robust.

Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
# gpg: Signature made Sun 09 Mar 2014 19:14:57 GMT using RSA key ID D28D5469
# gpg: Good signature from "Michael S. Tsirkin <mst@kernel.org>"
# gpg:                 aka "Michael S. Tsirkin <mst@redhat.com>"
# gpg: WARNING: This key is not certified with a trusted signature!
# gpg:          There is no indication that the signature belongs to the owner.
# Primary key fingerprint: 0270 606B 6F3C DF3D 0B17  0970 C350 3912 AFBE 8E67
#      Subkey fingerprint: 5D09 FD08 71C8 F85B 94CA  8A0D 281F 0DB8 D28D 5469

* remotes/mst/tags/for_upstream:
  qemu: x86: ignore ioapic polarity
  pckbd: return 'keyboard enabled' on read input port command
  pam: partly fix write-only mode
  acpi-test: issue errors instead of warnings when possible
  acpi-test: retain both asl and aml files on failure
  MAINTAINERS: drop an out of date address
  Add a 'name' parameter to qemu_thread_create
  Add 'debug-threads' suboption to --name
  Rework --name to use QemuOpts
  PCIE: fix regression with coldplugged multifunction device
  memory_region_present: return false if address is not found in child MemoryRegion
  virtio-net: remove function calls from assert
  acpi-test-data: update expected files
  acpi-build: append description for non-hotplug

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
10 years agos390/kvm: Add Maintainers for s390/kvm
Christian Borntraeger [Thu, 6 Mar 2014 08:49:25 +0000 (09:49 +0100)]
s390/kvm: Add Maintainers for s390/kvm

Lets add Conny and myself as maintainers for s390/kvm and
related code. This does not include any tcg related code,
which is maintained by Richard and Alex.

Signed-off-by: Christian Borntraeger <borntraeger@de.ibm.com>
Acked-by: Cornelia Huck <cornelia.huck@de.ibm.com>
Acked-by: Paolo Bonzini <pbonzini@redhat.com>
Acked-by: Alexander Graf <agraf@suse.de>
Message-id: 1394095765-29686-2-git-send-email-borntraeger@de.ibm.com
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
10 years agoMerge remote-tracking branch 'remotes/riku/linux-user-for-upstream' into staging
Peter Maydell [Mon, 10 Mar 2014 16:22:39 +0000 (16:22 +0000)]
Merge remote-tracking branch 'remotes/riku/linux-user-for-upstream' into staging

* remotes/riku/linux-user-for-upstream:
  linux-user: set minimum kernel version to 2.6.32
  linux-user: correct handling of break exception for MIPS
  linux-user: translate signal number on return from sigtimedwait
  linux-user: Implement sendmmsg syscall
  linux-user: Fix getresuid, getresgid if !USE_UID16
  linux-user: Don't use UID16 on AArch64
  linux-user: AArch64: Implement SA_RESTORER for signal handlers
  linux-user/signal.c: Fix AArch64 big-endian FP register restore

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
10 years agoMerge remote-tracking branch 'remotes/mcayland/qemu-openbios' into staging
Peter Maydell [Mon, 10 Mar 2014 15:36:12 +0000 (15:36 +0000)]
Merge remote-tracking branch 'remotes/mcayland/qemu-openbios' into staging

* remotes/mcayland/qemu-openbios:
  Update OpenBIOS images

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
10 years agotarget-arm: Implement WFE as a yield operation
Peter Maydell [Mon, 10 Mar 2014 14:56:30 +0000 (14:56 +0000)]
target-arm: Implement WFE as a yield operation

Implement WFE to yield our timeslice to the next CPU.
This avoids slowdowns in multicore configurations caused
by one core busy-waiting on a spinlock which can't possibly
be unlocked until the other core has an opportunity to run.
This speeds up my test case A15 dual-core boot by a factor
of three (though it is still four or five times slower than
a single-core boot).

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Message-id: 1393339545-22111-1-git-send-email-peter.maydell@linaro.org
Reviewed-by: Richard Henderson <rth@twiddle.net>
Tested-by: Rob Herring <rob.herring@linaro.org>
10 years agohw/arm/musicpal: Avoid shifting left into sign bit
Peter Maydell [Mon, 10 Mar 2014 14:56:30 +0000 (14:56 +0000)]
hw/arm/musicpal: Avoid shifting left into sign bit

Add missing 'U' suffixes to avoid shifting left into sign
bit of a signed integer.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Message-id: 1392988008-15938-5-git-send-email-peter.maydell@linaro.org

10 years agohw/ssi/xilinx_spips.c: Avoid shifting left into sign bit
Peter Maydell [Mon, 10 Mar 2014 14:56:30 +0000 (14:56 +0000)]
hw/ssi/xilinx_spips.c: Avoid shifting left into sign bit

Add missing 'U' suffix to avoid shifting left into sign bit of
a signed integer.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Message-id: 1392988008-15938-4-git-send-email-peter.maydell@linaro.org

10 years agohw/arm/omap1.c: Avoid shifting left into sign bit
Peter Maydell [Mon, 10 Mar 2014 14:56:29 +0000 (14:56 +0000)]
hw/arm/omap1.c: Avoid shifting left into sign bit

Add missing 'U' suffix to avoid shifting left into sign bit.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Message-id: 1392988008-15938-3-git-send-email-peter.maydell@linaro.org

10 years agopxa2xx: Don't shift into sign bit
Peter Maydell [Mon, 10 Mar 2014 14:56:29 +0000 (14:56 +0000)]
pxa2xx: Don't shift into sign bit

Add  missing 'U' suffixes to avoid potentially shifting into
the sign bit of a signed integer.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Message-id: 1392988008-15938-2-git-send-email-peter.maydell@linaro.org

10 years agolibvixl: Fix format strings for several int64_t values
Stefan Weil [Mon, 10 Mar 2014 14:56:29 +0000 (14:56 +0000)]
libvixl: Fix format strings for several int64_t values

"%d" or "%x" won't work on hosts where int values are smaller than 64 bit.

Signed-off-by: Stefan Weil <sw@weilnetz.de>
Message-id: 1394219753-26106-1-git-send-email-sw@weilnetz.de
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
10 years agotarget-arm: Fix intptr_t vs tcg_target_long
Richard Henderson [Mon, 10 Mar 2014 14:56:29 +0000 (14:56 +0000)]
target-arm: Fix intptr_t vs tcg_target_long

Fixes a build error when these are different, e.g. x32.

Signed-off-by: Richard Henderson <rth@twiddle.net>
Message-id: 1394043257-4800-1-git-send-email-rth@twiddle.net
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
10 years agotarget-arm: Implements the ARM PMCCNTR register
Alistair Francis [Mon, 10 Mar 2014 14:56:28 +0000 (14:56 +0000)]
target-arm: Implements the ARM PMCCNTR register

This patch implements the ARM PMCCNTR register including
the disable and reset components of the PMCR register.

Signed-off-by: Alistair Francis <alistair.francis@xilinx.com>
Message-id: bbf405e1feaf352cf39d5db402c9efcbd0f57c78.1393459802.git.alistair.francis@xilinx.com
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
10 years agotarget-arm: Fix incorrect setting of E bit in CPSR
Peter Maydell [Mon, 10 Mar 2014 14:56:28 +0000 (14:56 +0000)]
target-arm: Fix incorrect setting of E bit in CPSR

Commit 4cc35614a moved the exception mask bits out of env->uncached_cpsr
and into env->daif. However the env->daif contents are AArch64 style
mask bits, which include not just the AArch32 AIF bits but also the
new D bit (masks debug exceptions). This means that when reconstructing
the AArch32 CPSR value we must not allow the D bit in env->daif to get
into the CPSR, because the corresponding bit in the CPSR is E, the
endianness bit.

This bug didn't affect execution under TCG because we don't implement
endianness-swapping and so simply ignored the E bit; however it meant
that kernel booting under KVM failed, because KVM does honour the E bit.

Reported-by: Alexey Ignatov <lexszero@gmail.com>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
10 years agoconfigure: Prettify message for hosts without spice support
Stefan Weil [Thu, 6 Mar 2014 17:13:33 +0000 (18:13 +0100)]
configure: Prettify message for hosts without spice support

Instead of

    spice support     no (/)

configure now prints

    spice support     no

Signed-off-by: Stefan Weil <sw@weilnetz.de>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
10 years agospice: QemuUIInfo windup
Gerd Hoffmann [Fri, 24 Jan 2014 17:47:20 +0000 (18:47 +0100)]
spice: QemuUIInfo windup

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
10 years agospice: fix simple display surface handling
Gerd Hoffmann [Fri, 24 Jan 2014 09:48:58 +0000 (10:48 +0100)]
spice: fix simple display surface handling

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
10 years agoinput: map INPUT_BUTTON_WHEEL_{UP,DOWN} to legacy input z axis moves.
Gerd Hoffmann [Mon, 10 Mar 2014 08:31:01 +0000 (09:31 +0100)]
input: map INPUT_BUTTON_WHEEL_{UP,DOWN} to legacy input z axis moves.

Unbreaks mouse wheel.

Reported-by: BALATON Zoltan <balaton@eik.bme.hu>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
10 years agoinput: sdl: fix guest_cursor logic.
Gerd Hoffmann [Mon, 10 Mar 2014 08:22:16 +0000 (09:22 +0100)]
input: sdl: fix guest_cursor logic.

Unbreaks relative mouse mode with SDL.

Reported-by: Gabriel L. Somlo <gsomlo@gmail.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
10 years agoMerge remote-tracking branch 'remotes/rth/tcg-aarch-6-1' into staging
Peter Maydell [Mon, 10 Mar 2014 12:34:41 +0000 (12:34 +0000)]
Merge remote-tracking branch 'remotes/rth/tcg-aarch-6-1' into staging

* remotes/rth/tcg-aarch-6-1:
  tcg-aarch64: Remove nop from qemu_st slow path
  tcg-aarch64: Simplify tcg_out_ldst_9 encoding
  tcg-aarch64: Use intptr_t apropriately
  tcg-aarch64: Remove the shift_imm parameter from tcg_out_cmp
  tcg-aarch64: Hoist common argument loads in tcg_out_op
  tcg-aarch64: Don't handle mov/movi in tcg_out_op
  tcg-aarch64: Set ext based on TCG_OPF_64BIT
  tcg-aarch64: Change all ext variables to TCGType
  tcg-aarch64: Remove redundant CPU_TLB_ENTRY_BITS check
  tcg-aarch64: Enable builtin disassembler

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
10 years agolinux-user: set minimum kernel version to 2.6.32
Riku Voipio [Wed, 19 Feb 2014 12:50:41 +0000 (14:50 +0200)]
linux-user: set minimum kernel version to 2.6.32

Popular glibc based distributions[1] require minimum
2.6.32 as kernel version. For some targets 2.6.18
would be enough, but dropping so low would mean some
suboptimal system calls could get used.

Set the minimum kernel advertized to 2.6.32 for
all architectures but aarch64 to ensure working qemu
linux-user in case host kernel is older.

[1] https://bugs.launchpad.net/ubuntu/+source/eglibc/+bug/921078

Signed-off-by: Riku Voipio <riku.voipio@linaro.org>
10 years agoMerge remote-tracking branch 'remotes/juanquintela/tags/migration/20140308-1' into...
Peter Maydell [Mon, 10 Mar 2014 11:48:42 +0000 (11:48 +0000)]
Merge remote-tracking branch 'remotes/juanquintela/tags/migration/20140308-1' into staging

migration/next for 20140308

# gpg: Signature made Sat 08 Mar 2014 21:26:01 GMT using RSA key ID 5872D723
# gpg: Can't check signature: public key not found

* remotes/juanquintela/tags/migration/20140308-1:
  migration: extend section_start/end traces
  vl: add system_wakeup_request tracepoint
  qemu_file: Fix mismerge of "use fwrite() correctly"
  XBZRLE: Fix qemu crash when resize the xbzrle cache

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
10 years agoui/vnc: disable adaptive update calculations if not needed
Peter Lieven [Wed, 8 Jan 2014 09:08:38 +0000 (10:08 +0100)]
ui/vnc: disable adaptive update calculations if not needed

Signed-off-by: Peter Lieven <pl@kamp.de>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
10 years agoui/vnc: optimize setting in vnc_dpy_update()
Peter Lieven [Wed, 8 Jan 2014 09:08:37 +0000 (10:08 +0100)]
ui/vnc: optimize setting in vnc_dpy_update()

Signed-off-by: Peter Lieven <pl@kamp.de>
Reviewed-by: Wenchao Xia <xiawenc@linux.vnet.ibm.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
10 years agoui/vnc: optimize clearing in find_and_clear_dirty_height()
Peter Lieven [Wed, 8 Jan 2014 09:08:36 +0000 (10:08 +0100)]
ui/vnc: optimize clearing in find_and_clear_dirty_height()

The following artifical test (just the bitmap operation part) running
vnc_update_client 65536 times on a 2560x2048 surface illustrates the
performance difference:

All bits clean - vnc_update_client_new: 0.07 secs
                 vnc_update_client_new2: 0.07 secs
                 vnc_update_client_old: 10.98 secs

All bits dirty - vnc_update_client_new: 11.26 secs
               - vnc_update_client_new2: 0.29 secs
                 vnc_update_client_old: 20.19 secs

Few bits dirty - vnc_update_client_new: 0.07 secs
               - vnc_update_client_new2: 0.07 secs
                 vnc_update_client_old: 10.98 secs

vnc_update_client_new2 shows the performance of vnc_update_client
with this patch added.

Comparing with the test run of the last patch the performance
is at least unchanged while it is significantly improved
for the all bits dirty case.

Signed-off-by: Peter Lieven <pl@kamp.de>
Reviewed-by: Wenchao Xia <xiawenc@linux.vnet.ibm.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
10 years agoui/vnc: optimize dirty bitmap tracking
Peter Lieven [Wed, 8 Jan 2014 09:08:35 +0000 (10:08 +0100)]
ui/vnc: optimize dirty bitmap tracking

vnc_update_client currently scans the dirty bitmap of each client
bitwise which is a very costly operation if only few bits are dirty.
vnc_refresh_server_surface does almost the same.
this patch optimizes both by utilizing the heavily optimized
function find_next_bit to find the offset of the next dirty
bit in the dirty bitmaps.

The following artifical test (just the bitmap operation part) running
vnc_update_client 65536 times on a 2560x2048 surface illustrates the
performance difference:

All bits clean - vnc_update_client_new: 0.07 secs
 vnc_update_client_old: 10.98 secs

All bits dirty - vnc_update_client_new: 11.26 secs
 vnc_update_client_old: 20.19 secs

Few bits dirty - vnc_update_client_new: 0.08 secs
 vnc_update_client_old: 10.98 secs

The case for all bits dirty is still rather slow, this
is due to the implementation of find_and_clear_dirty_height.
This will be addresses in a separate patch.

Signed-off-by: Peter Lieven <pl@kamp.de>
Reviewed-by: Wenchao Xia <xiawenc@linux.vnet.ibm.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
10 years agoui/vnc: derive cmp_bytes from VNC_DIRTY_PIXELS_PER_BIT
Peter Lieven [Wed, 8 Jan 2014 09:08:34 +0000 (10:08 +0100)]
ui/vnc: derive cmp_bytes from VNC_DIRTY_PIXELS_PER_BIT

this allows for setting VNC_DIRTY_PIXELS_PER_BIT to different
values than 16 if desired.

Reviewed-by: Wenchao Xia <xiawenc@linux.vnet.ibm.com>
Signed-off-by: Peter Lieven <pl@kamp.de>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
10 years agoui/vnc: introduce VNC_DIRTY_PIXELS_PER_BIT macro
Peter Lieven [Wed, 8 Jan 2014 09:08:33 +0000 (10:08 +0100)]
ui/vnc: introduce VNC_DIRTY_PIXELS_PER_BIT macro

Signed-off-by: Peter Lieven <pl@kamp.de>
Reviewed-by: Wenchao Xia <xiawenc@linux.vnet.ibm.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
10 years agovnc: fix use-after-free in vnc_update_client_sync
Gerd Hoffmann [Thu, 6 Mar 2014 12:54:28 +0000 (13:54 +0100)]
vnc: fix use-after-free in vnc_update_client_sync

Spotted by Coverity:

876     static int vnc_update_client_sync(VncState *vs, int has_dirty)
877     {

(1) Event freed_arg:    "vnc_update_client(VncState *, int)" frees "vs".  [details]
Also see events:        [deref_arg]

878         int ret = vnc_update_client(vs, has_dirty);

(2) Event deref_arg:    Calling "vnc_jobs_join(VncState *)" dereferences freed pointer "vs". [details]
Also see events:        [freed_arg]

879         vnc_jobs_join(vs);
880         return ret;
881     }

Remove vnc_update_client_sync wrapper, replace it with an additional
argument to vnc_update_client, so we can so the sync properly in
vnc_update_client (i.e. skip it in case of a client disconnect).

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Reviewed-by: Markus Armbruster <armbru@redhat.com>
10 years agovnc: Fix qemu crashed when vnc client disconnect suddenly
Gonglei (Arei) [Thu, 23 Jan 2014 13:30:57 +0000 (13:30 +0000)]
vnc: Fix qemu crashed when vnc client disconnect suddenly

Hi,

When I use RealVNC viewer client (http://www.realvnc.com/) to connect vnc server,
the client disconnect suddenly, and I click reconnect button immediately, then the Qemu crashed.

In the function vnc_worker_thread_loop, will call vnc_async_encoding_start
to set the local vs->output buffer by global queue's buffer. Then send rectangles to
the vnc client call function vnc_send_framebuffer_update. Finally, Under normal circumstances,
call vnc_async_encoding_end to set the global queue'buffer by the local vs->output conversely.

When the vnc client disconnect, the job->vs->csock will be set to -1. And the current prcoess
logic will goto disconnected partion without call function vnc_async_encoding_end.
But, the function vnc_send_framebuffer_update will call buffer_reserve, which
maybe call g_realloc reset the local vs's buffer, meaning the global queue's buffer is modified also.
If anyone use the original global queue's buffer memory will cause corruption and then crash qemu.

This patch assure the function vnc_async_encoding_end being called
even though the vnc client disconnect suddenly.

Signed-off-by: Gonglei <arei.gonglei@huawei.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
10 years agovnc: Fix tight_detect_smooth_image() for lossless case
Markus Armbruster [Fri, 21 Feb 2014 15:42:52 +0000 (16:42 +0100)]
vnc: Fix tight_detect_smooth_image() for lossless case

VncTight member uint8_t quality is either (uint8_t)-1 for lossless or
less than 10 for lossy.

tight_detect_smooth_image() first promotes it to int, then compares
with -1.  Always unequal, so we always execute the lossy code.  Reads
beyond tight_conf[] and returns crap when quality is actually
lossless.

Compare to (uint8_t)-1 instead, like we do elsewhere.

Spotted by Coverity.

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
10 years agoUpdate OpenBIOS images
Mark Cave-Ayland [Mon, 10 Mar 2014 08:48:31 +0000 (08:48 +0000)]
Update OpenBIOS images

Update OpenBIOS images to SVN r1280 built from submodule.

Signed-off-by: Mark Cave-Ayland <mark.cave-ayland@ilande.co.uk>
10 years agoloader: rename in_ram/has_mr
Michael S. Tsirkin [Sun, 9 Mar 2014 16:42:06 +0000 (18:42 +0200)]
loader: rename in_ram/has_mr

we put copy of ROMs in MR for migration.
but the name rom_in_ram makes one think we
load it in guest RAM.
Rename has_mr to make intent clearer.

Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
10 years agoqemu: x86: ignore ioapic polarity
Gabriel L. Somlo [Fri, 28 Feb 2014 18:57:19 +0000 (13:57 -0500)]
qemu: x86: ignore ioapic polarity

Both QEMU and KVM have already accumulated a significant number of
optimizations based on the hard-coded assumption that ioapic polarity
will always use the ActiveHigh convention, where the logical and
physical states of level-triggered irq lines always match (i.e.,
active(asserted) == high == 1, inactive == low == 0). QEMU guests
are expected to follow directions given via ACPI and configure the
ioapic with polarity 0 (ActiveHigh). However, even when misbehaving
guests (e.g. OS X <= 10.9) set the ioapic polarity to 1 (ActiveLow),
QEMU will still use the ActiveHigh signaling convention when
interfacing with the emulated ioapic.

This patch modifies the emulated ioapic to completely ignore polarity
as set by the guest OS, enabling misbehaving guests to work alongside
those which comply with the ActiveHigh polarity specified by QEMU's
ACPI tables.

Signed-off-by: Gabriel L. Somlo <somlo@cmu.edu>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
10 years agopckbd: return 'keyboard enabled' on read input port command
Hervé Poussineau [Tue, 11 Feb 2014 22:46:03 +0000 (23:46 +0100)]
pckbd: return 'keyboard enabled' on read input port command

Bit 7 of Input Port is the keyboard inhibit switch.
0 means keyboard inhibited, while 1 means keyboard enabled.

Incidentaly, this also fixes an error encountered while booting
an Award BIOS: "Keyboard is locked out - Unlock the key".

Signed-off-by: Hervé Poussineau <hpoussin@reactos.org>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
10 years agopam: partly fix write-only mode
Hervé Poussineau [Tue, 11 Feb 2014 22:46:02 +0000 (23:46 +0100)]
pam: partly fix write-only mode

In write-only mode, writes are forwarded to RAM, while reads should not be
handled (ie should return 0xff).
Assume that in this mode, no read access is ever done, as they shouldn't
give any sensible result.

So, in write-only mode, alias PAM region to RAM, instead of PCI memory
(which can even be mapped to some device!)

This fixes Award BIOS, which use this mode to shadow system BIOS and video BIOS.

Signed-off-by: Hervé Poussineau <hpoussin@reactos.org>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
10 years agoacpi-test: issue errors instead of warnings when possible
Marcel Apfelbaum [Thu, 27 Feb 2014 14:17:32 +0000 (16:17 +0200)]
acpi-test: issue errors instead of warnings when possible

If the expected (offline) acpi tables loaded correctly,
it is safe to assume the iasl installation is OK and
issue an error if the actual tables failed to load.

Signed-off-by: Marcel Apfelbaum <marcel.a@redhat.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
10 years agoacpi-test: retain both asl and aml files on failure
Marcel Apfelbaum [Thu, 27 Feb 2014 14:17:31 +0000 (16:17 +0200)]
acpi-test: retain both asl and aml files on failure

Updated the error message while at it.

Signed-off-by: Marcel Apfelbaum <marcel.a@redhat.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
10 years agoMAINTAINERS: drop an out of date address
Michael S. Tsirkin [Wed, 19 Feb 2014 13:46:07 +0000 (15:46 +0200)]
MAINTAINERS: drop an out of date address

Gleb's address seems to be out of date.  Since it stayed like that for a
while now, I'm guessing he's no longer interested in getting mail.

Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
10 years agoAdd a 'name' parameter to qemu_thread_create
Dr. David Alan Gilbert [Thu, 30 Jan 2014 10:20:32 +0000 (10:20 +0000)]
Add a 'name' parameter to qemu_thread_create

If enabled, set the thread name at creation (on GNU systems with
  pthread_set_np)
Fix up all the callers with a thread name

Signed-off-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
Acked-by: Michael S. Tsirkin <mst@redhat.com>
Reviewed-by: Laszlo Ersek <lersek@redhat.com>
10 years agoAdd 'debug-threads' suboption to --name
Dr. David Alan Gilbert [Thu, 30 Jan 2014 10:20:31 +0000 (10:20 +0000)]
Add 'debug-threads' suboption to --name

Add flag storage to qemu-thread-* to store the namethreads flag

Signed-off-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
Acked-by: Michael S. Tsirkin <mst@redhat.com>
Reviewed-by: Laszlo Ersek <lersek@redhat.com>
10 years agoRework --name to use QemuOpts
Dr. David Alan Gilbert [Thu, 30 Jan 2014 10:20:30 +0000 (10:20 +0000)]
Rework --name to use QemuOpts

Signed-off-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Acked-by: Michael S. Tsirkin <mst@redhat.com>
Reviewed-by: Laszlo Ersek <lersek@redhat.com>
10 years agoPCIE: fix regression with coldplugged multifunction device
Igor Mammedov [Mon, 17 Feb 2014 14:00:06 +0000 (15:00 +0100)]
PCIE: fix regression with coldplugged multifunction device

PCIE is causing asserts each time a multifunction device is added
on command line (coldplug).

This is caused by
commit a66e657e18cd9b70e9f57ae5512c07faf2bc508f
    pci/pcie: convert PCIE hotplug to use hotplug-handler API
QEMU abort is caused by misplaced assertion, which should
be checked only when device is hotplugged.

Reference to regression report:
 http://www.mail-archive.com/qemu-devel@nongnu.org/msg216226.html

Fixes: a66e657e18cd9b70e9f57ae5512c07faf2bc508f

Reported-By: Nigel Kukard <nkukard+qemu@lbsd.net>
Signed-off-by: Igor Mammedov <imammedo@redhat.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
10 years agomemory_region_present: return false if address is not found in child MemoryRegion
Igor Mammedov [Thu, 6 Feb 2014 10:24:33 +0000 (11:24 +0100)]
memory_region_present: return false if address is not found in child MemoryRegion

Windows XP shows COM2 port as non functional in
"Device Manager" although no COM2 port backing device
is present in QEMU.

This regression is really due to
3bb28b7208b349e7a1b326e3c6ef9efac1d462bf?
    memory: Provide separate handling of unassigned io ports accesses

That is caused by the fact that QEMU reports to
OSPM that device is present by setting 5th bit in
PII4XPM.pci_conf[0x67] register when COM2 doesn't
exist.

It happens due to memory_region_present(io_as, 0x2f8)
returning false positive since 0x2f8 address eventually
translates into catchall io_as address space.

Fix memory_region_present(parent, addr) by returning
true only if addr maps into a MemoryRegion within
parent (excluding parent itself), to match its
doc comment.

While at it fix copy/paste error in
memory_region_present() doc comment.

Note: this is a temporary hack: we really need better handling for
unassigned regions, we should avoid fallback regions since they are bad
for performance (breaking radix tree assumption that the data structure
is sparsely populated); for memory we need to fix this to implement PCI
master abort properly, anyway.

Cc: Jan Kiszka <jan.kiszka@siemens.com>
Signed-off-by: Igor Mammedov <imammedo@redhat.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
10 years agovirtio-net: remove function calls from assert
Joel Stanley [Tue, 11 Feb 2014 00:12:02 +0000 (10:42 +1030)]
virtio-net: remove function calls from assert

peer_{de,at}tach were called from inside assert().
We don't support building without NDEBUG but it's not tidy.
Rearrange to attach peer outside assert calls.

Signed-off-by: Joel Stanley <joel@jms.id.au>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
10 years agoacpi-test-data: update expected files
Michael S. Tsirkin [Mon, 17 Feb 2014 04:42:11 +0000 (06:42 +0200)]
acpi-test-data: update expected files

Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
10 years agoacpi-build: append description for non-hotplug
Michael S. Tsirkin [Tue, 4 Feb 2014 15:43:47 +0000 (17:43 +0200)]
acpi-build: append description for non-hotplug

As reported in
http://article.gmane.org/gmane.comp.emulators.qemu/253987
Mac OSX actually requires describing all occupied slots
in ACPI - even if hotplug isn't enabled.

I didn't expect this so I dropped description of all
non hotpluggable slots from ACPI.
As a result: before
commit 99fd437dee468609de8218f0eb3b16621fb6a9c9 (enable
hotplug for pci bridges), PCI cards show up in the "device tree" of OS X
(System Information). E.g., on MountainLion users have:

Hardware -> PCI Cards:

  Card          Type                 Driver Installed  Slot
 *ethernet      Ethernet Controller  Yes               PCI Slot 2
  pci8086,2934  USB UHC              Yes               PCI Slot 29

  ethernet:
    Type:                 Ethernet Controller
    Driver Installed:     Yes
    MSI:                  No
    Bus:                  PCI
    Slot                  PCI Slot 2
    Vendor ID:            0x8086
    Device ID:            0x100e
    Subsystem Vendor ID:  0x1af4
    Subsystem ID:         0x1100
    Revision ID:          0x0003

Hardware -> Ethernet Cards

  ethernet:
    Type:                 Ethernet Controller
    Bus:                  PCI
    Slot                  PCI Slot 2
    Vendor ID:            0x8086
    Device ID:            0x100e
    Subsystem Vendor ID:  0x1af4
    Subsystem ID:         0x1100
    Revision ID:          0x0003
    BSD name:             en0
    Kext name:            AppleIntel8254XEthernet.kext
    Location:             /System/Library/Extensions/...
    Version:              3.1.1b1

After commit 99fd437dee468609de8218f0eb3b16621fb6a9c9, users get:

Hardware -> PCI Cards:

  This computer doesn't contain any PCI cards. If you installed PCI
  cards, make sure they're properly installed.

Hardware -> Ethernet Cards

  ethernet:
    Type:                 Ethernet Controller
    Bus:                  PCI
    Vendor ID:            0x8086
    Device ID:            0x100e
    Subsystem Vendor ID:  0x1af4
    Subsystem ID:         0x1100
    Revision ID:          0x0003
    BSD name:             en0
    Kext name:            AppleIntel8254XEthernet.kext
    Location:             /System/Library/Extensions/...
    Version:              3.1.1b1

Ethernet still works, but it's not showing up on the PCI bus, and it
no longer thinks it's plugged in to slot #2, as it used to before the
change.

To fix, append description for all occupied non hotpluggable PCI slots.

One need to be careful when doing this: VGA devices
are now described in SSDT, so we need to drop description from DSDT.
And ISA devices are used in DSDT so drop them from SSDT.

Reported-by: Gabriel L. Somlo <gsomlo@gmail.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
Also update generated dsdt and pcihp hex dump files.

Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
10 years agotcg-aarch64: Remove nop from qemu_st slow path
Richard Henderson [Mon, 3 Mar 2014 23:43:27 +0000 (15:43 -0800)]
tcg-aarch64: Remove nop from qemu_st slow path

Commit 023261ef851b22a04f6c5d76da870051031757a6 failed to remove a
nop that's no longer required.

Reviewed-by: Claudio Fontana <claudio.fontana@huawei.com>
Signed-off-by: Richard Henderson <rth@twiddle.net>
10 years agotcg-aarch64: Simplify tcg_out_ldst_9 encoding
Richard Henderson [Tue, 4 Mar 2014 16:52:49 +0000 (08:52 -0800)]
tcg-aarch64: Simplify tcg_out_ldst_9 encoding

At first glance the code appears to be using 1's compliment encoding,
a-la AArch32.  Except that the constant is "off", creating a complicated
split field 2's compliment encoding.

Much clearer to just use a normal mask and shift.

Reviewed-by: Claudio Fontana <claudio.fontana@huawei.com>
Signed-off-by: Richard Henderson <rth@twiddle.net>
10 years agotcg-aarch64: Use intptr_t apropriately
Richard Henderson [Tue, 4 Mar 2014 01:55:33 +0000 (17:55 -0800)]
tcg-aarch64: Use intptr_t apropriately

As opposed to tcg_target_long.

Reviewed-by: Claudio Fontana <claudio.fontana@huawei.com>
Signed-off-by: Richard Henderson <rth@twiddle.net>
10 years agotcg-aarch64: Remove the shift_imm parameter from tcg_out_cmp
Richard Henderson [Wed, 11 Sep 2013 23:36:12 +0000 (16:36 -0700)]
tcg-aarch64: Remove the shift_imm parameter from tcg_out_cmp

It was unused.  Let's not overcomplicate things before we need them.

Reviewed-by: Claudio Fontana <claudio.fontana@huawei.com>
Signed-off-by: Richard Henderson <rth@twiddle.net>
10 years agotcg-aarch64: Hoist common argument loads in tcg_out_op
Richard Henderson [Thu, 15 Aug 2013 16:40:57 +0000 (09:40 -0700)]
tcg-aarch64: Hoist common argument loads in tcg_out_op

This reduces the code size of the function significantly.

Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Reviewed-by: Claudio Fontana <claudio.fontana@huawei.com>
Signed-off-by: Richard Henderson <rth@twiddle.net>
10 years agotcg-aarch64: Don't handle mov/movi in tcg_out_op
Richard Henderson [Thu, 15 Aug 2013 18:13:06 +0000 (11:13 -0700)]
tcg-aarch64: Don't handle mov/movi in tcg_out_op

Reviewed-by: Claudio Fontana <claudio.fontana@huawei.com>
Signed-off-by: Richard Henderson <rth@twiddle.net>
10 years agotcg-aarch64: Set ext based on TCG_OPF_64BIT
Richard Henderson [Thu, 15 Aug 2013 16:11:46 +0000 (09:11 -0700)]
tcg-aarch64: Set ext based on TCG_OPF_64BIT

Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Reviewed-by: Claudio Fontana <claudio.fontana@huawei.com>
Signed-off-by: Richard Henderson <rth@twiddle.net>
10 years agotcg-aarch64: Change all ext variables to TCGType
Richard Henderson [Thu, 15 Aug 2013 18:11:00 +0000 (11:11 -0700)]
tcg-aarch64: Change all ext variables to TCGType

We assert that the values for _I32 and _I64 are 0 and 1 respectively.
This will make a couple of functions declared by tcg.c cleaner.

Reviewed-by: Claudio Fontana <claudio.fontana@huawei.com>
Signed-off-by: Richard Henderson <rth@twiddle.net>
10 years agotcg-aarch64: Remove redundant CPU_TLB_ENTRY_BITS check
Richard Henderson [Thu, 15 Aug 2013 20:36:00 +0000 (13:36 -0700)]
tcg-aarch64: Remove redundant CPU_TLB_ENTRY_BITS check

Removed from other targets in 56bbc2f967ce185fa1c5c39e1aeb5b68b26242e9.

Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Reviewed-by: Claudio Fontana <claudio.fontana@huawei.com>
Signed-off-by: Richard Henderson <rth@twiddle.net>
10 years agotcg-aarch64: Enable builtin disassembler
Richard Henderson [Tue, 4 Mar 2014 03:53:27 +0000 (22:53 -0500)]
tcg-aarch64: Enable builtin disassembler

Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Reviewed-by: Claudio Fontana <claudio.fontana@huawei.com>
Signed-off-by: Richard Henderson <rth@twiddle.net>
10 years agomigration: extend section_start/end traces
Alexey Kardashevskiy [Thu, 6 Mar 2014 20:03:37 +0000 (01:33 +0530)]
migration: extend section_start/end traces

This adds @idstr to savevm_section_start and savevm_section_end
tracepoints.

Signed-off-by: Alexey Kardashevskiy <aik@ozlabs.ru>
Signed-off-by: Amit Shah <amit.shah@redhat.com>
Signed-off-by: Juan Quintela <quintela@redhat.com>