review.tizen.org Git - sdk/emulator/qemu.git/log

tcg: Check for overflow via highwater mark

We currently pre-compute an worst case code size for any TB, which
works out to be 122kB. Since the average TB size is near 1kB, this
wastes quite a lot of storage.

Instead, check for overflow in between generating code for each opcode.
The overhead of the check isn't measurable and wastage is minimized.

Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Richard Henderson <rth@twiddle.net>

tcg: Allocate a guard page after code_gen_buffer

This will catch any overflow of the buffer.

Add a native win32 alternative for alloc_code_gen_buffer;
remove the malloc alternative.

Signed-off-by: Richard Henderson <rth@twiddle.net>

tcg: Emit prologue to the beginning of code_gen_buffer

By putting the prologue at the end, we risk overwriting the
prologue should our estimate of maximum TB size. Given the
two different placements of the call to tcg_prologue_init,
move the high water mark computation into tcg_prologue_init.

Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Richard Henderson <rth@twiddle.net>

tcg: Remove tcg_gen_code_search_pc

It's no longer used, so tidy up everything reached by it.

Reviewed-by: Aurelien Jarno <aurelien@aurel32.net>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Richard Henderson <rth@twiddle.net>

tcg: Remove gen_intermediate_code_pc

It is no longer used, so tidy up everything reached by it.
This includes the gen_opc_* arrays, the search_pc parameter
and the inline gen_intermediate_code_internal functions.

Reviewed-by: Aurelien Jarno <aurelien@aurel32.net>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Richard Henderson <rth@twiddle.net>

tcg: Save insn data and use it in cpu_restore_state_from_tb

We can now restore state without retranslation.

Reviewed-by: Aurelien Jarno <aurelien@aurel32.net>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Richard Henderson <rth@twiddle.net>

tcg: Pass data argument to restore_state_to_opc

The gen_opc_* arrays are already redundant with the data stored in
the insn_start arguments. Transition restore_state_to_opc to use
data from the latter.

Reviewed-by: Aurelien Jarno <aurelien@aurel32.net>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Richard Henderson <rth@twiddle.net>

tcg: Add TCG_MAX_INSNS

Adjust all translators to respect it.

Reviewed-by: Aurelien Jarno <aurelien@aurel32.net>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Richard Henderson <rth@twiddle.net>

target-*: Drop cpu_gen_code define

This symbol no longer exists.

Reviewed-by: Aurelien Jarno <aurelien@aurel32.net>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Richard Henderson <rth@twiddle.net>

tcg: Merge cpu_gen_code into tb_gen_code

As it's only caller, this tidies things a bit.

Reviewed-by: Aurelien Jarno <aurelien@aurel32.net>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Richard Henderson <rth@twiddle.net>

target-sparc: Add npc state to insn_start

Reviewed-by: Aurelien Jarno <aurelien@aurel32.net>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Richard Henderson <rth@twiddle.net>

target-sparc: Remove gen_opc_jump_pc

Since jump_pc[1] is always npc + 4, we can infer after incrementing
that jump_pc[1] == pc + 4. Because of that, we can encode the branch
destination into a single word, and store that in npc.

Reviewed-by: Aurelien Jarno <aurelien@aurel32.net>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Richard Henderson <rth@twiddle.net>

target-sparc: Split out gen_branch_n

Unify three copies of this code from different
branch types. Fix the case when npc == DYNAMIC_PC,
i.e. a branch within a delay slot.

Reviewed-by: Aurelien Jarno <aurelien@aurel32.net>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Richard Henderson <rth@twiddle.net>

target-sparc: Tidy gen_branch_a interface

We always pass pc2 == dc->npc and r_cond == cpu_cond,
and always set is_br afterward. Infer all of that.

Reviewed-by: Aurelien Jarno <aurelien@aurel32.net>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Richard Henderson <rth@twiddle.net>

target-cris: Mirror gen_opc_pc into insn_start

This perhaps isn't ideal in terms of (ab)using the "pc" field
to encode both pc and ppc + delay branch state, as one has to
be aware of this when examining opcode dumps.

But it preserves existing logic, which will be good for bisection,
and it certainly does save storage space.

Reviewed-by: Aurelien Jarno <aurelien@aurel32.net>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Richard Henderson <rth@twiddle.net>

target-sh4: Add flags state to insn_start

Reviewed-by: Aurelien Jarno <aurelien@aurel32.net>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Richard Henderson <rth@twiddle.net>

target-s390x: Add cc_op state to insn_start

Reviewed-by: Aurelien Jarno <aurelien@aurel32.net>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Richard Henderson <rth@twiddle.net>

target-mips: Add delayed branch state to insn_start

Reviewed-by: Aurelien Jarno <aurelien@aurel32.net>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Richard Henderson <rth@twiddle.net>

target-i386: Add cc_op state to insn_start

Reviewed-by: Aurelien Jarno <aurelien@aurel32.net>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Richard Henderson <rth@twiddle.net>

target-arm: Add condexec state to insn_start

Reviewed-by: Aurelien Jarno <aurelien@aurel32.net>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Richard Henderson <rth@twiddle.net>

tcg: Allow extra data to be attached to insn_start

With an eye toward having this data replace the gen_opc_* arrays
that each target collects in order to enable restore_state_from_tb.

Reviewed-by: Aurelien Jarno <aurelien@aurel32.net>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Richard Henderson <rth@twiddle.net>

target-*: Introduce and use cpu_breakpoint_test

Reduce the boilerplate required for each target. At the same time,
move the test for breakpoint after calling tcg_gen_insn_start.

Note that arm and aarch64 do not use cpu_breakpoint_test, but still
move the inline test down after tcg_gen_insn_start.

Reviewed-by: Aurelien Jarno <aurelien@aurel32.net>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Richard Henderson <rth@twiddle.net>

target-*: Increment num_insns immediately after tcg_gen_insn_start

This does tidy the icount test common to all targets.

Reviewed-by: Aurelien Jarno <aurelien@aurel32.net>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Richard Henderson <rth@twiddle.net>

target-*: Unconditionally emit tcg_gen_insn_start

While we're at it, emit the opcode adjacent to where we currently
record data for search_pc. This puts gen_io_start et al on the
"correct" side of the marker.

Reviewed-by: Aurelien Jarno <aurelien@aurel32.net>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Richard Henderson <rth@twiddle.net>

tcg: Rename debug_insn_start to insn_start

With an eye toward making it mandatory.

Reviewed-by: Aurelien Jarno <aurelien@aurel32.net>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Richard Henderson <rth@twiddle.net>

Merge remote-tracking branch 'remotes/ehabkost/tags/x86-pull-request' into staging

X86 queue, 2015-10-05

# gpg: Signature made Mon 05 Oct 2015 17:04:38 BST using RSA key ID 984DC5A6
# gpg: Good signature from "Eduardo Habkost <ehabkost@redhat.com>"

* remotes/ehabkost/tags/x86-pull-request:
  icc_bus: drop the unused files
  cpu/apic: drop icc bus/bridge
  x86: use new method to correct reset sequence
  apic: move APIC's MMIO region mapping into APIC
  Correctly re-init EFER state during INIT IPI
  target-i386: add ABM to Haswell* and Broadwell* CPU models
  target-i386: get/put MSR_TSC_AUX across reset and migration
  target-i386: Make check_hw_breakpoints static
  target-i386: Move breakpoint related functions to new file
  target-i386: Convert kvm_default_*features to property/value pairs
  vl: Add another sanity check to smp_parse() function
  cpu: Introduce X86CPUTopoInfo structure for argument simplification

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>

Merge remote-tracking branch 'remotes/jnsnow/tags/ide-pull-request' into staging

# gpg: Signature made Mon 05 Oct 2015 17:01:11 BST using RSA key ID AAFC390E
# gpg: Good signature from "John Snow (John Huston) <jsnow@redhat.com>"

* remotes/jnsnow/tags/ide-pull-request:
  qtest/ide-test: ppc64be correction for ATAPI tests
  MAINTAINERS: Small IDE/FDC touchup
  qtest/ahci: fix redundant assertion

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>

tests: vhost-user: disable unless CONFIG_VHOST_NET

vhost-user depends on vhost-net. We should probably fix that.
For now, let's disable the test otherwise.

Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>

qtest/ide-test: ppc64be correction for ATAPI tests

the 16bit ide data register is LE by definition.

Signed-off-by: John Snow <jsnow@redhat.com>
Reviewed-by: Kevin Wolf <kwolf@redhat.com>
Message-id: 1443461938-30039-1-git-send-email-jsnow@redhat.com

MAINTAINERS: Small IDE/FDC touchup

libqos/ahci and tests/fdc-test are under my purview also,
include them in the appropriate stanzas.

Signed-off-by: John Snow <jsnow@redhat.com>
Message-id: 1443117055-29240-1-git-send-email-jsnow@redhat.com

qtest/ahci: fix redundant assertion

Fixes https://bugs.launchpad.net/qemu/+bug/1497711

(!ncq || (ncq && lba48)) is the same as
(!ncq || lba48).

The intention is simply: "If a command is NCQ,
it must also be LBA48."

Signed-off-by: John Snow <jsnow@redhat.com>
Message-id: 1442868929-17777-1-git-send-email-jsnow@redhat.com

icc_bus: drop the unused files

ICC bus impl has been droped, so all icc related files are not useful
any more; delete them.

Signed-off-by: Zhu Guihua <zhugh.fnst@cn.fujitsu.com>
Reviewed-by: Igor Mammedov <imammedo@redhat.com>
Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>

cpu/apic: drop icc bus/bridge

After CPU hotplug has been converted to BUS-less hot-plug infrastructure,
the only function ICC bus performs is to propagate reset to LAPICs. However
LAPIC could be reset by registering its reset handler after all device are
initialized.
Do so and drop ~30LOC of not needed anymore ICCBus related code.

Signed-off-by: Chen Fan <chen.fan.fnst@cn.fujitsu.com>
Signed-off-by: Zhu Guihua <zhugh.fnst@cn.fujitsu.com>
Reviewed-by: Igor Mammedov <imammedo@redhat.com>
Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>

x86: use new method to correct reset sequence

During reset some devices (such as hpet, rtc) might send IRQ to APIC
which changes APIC's state from default one it's supposed to have
at machine startup time.
Fix this by resetting APIC after devices have been reset to cancel
any changes that qemu_devices_reset() might have done to its state.

Signed-off-by: Zhu Guihua <zhugh.fnst@cn.fujitsu.com>
Reviewed-by: Igor Mammedov <imammedo@redhat.com>
Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>

apic: move APIC's MMIO region mapping into APIC

When ICC bus/bridge is removed, APIC MMIO will be left
unmapped since it was mapped into system's address space
indirectly by ICC bridge.
Fix it by moving mapping into APIC code, so it would be
possible to remove ICC bus/bridge code later.

Signed-off-by: Chen Fan <chen.fan.fnst@cn.fujitsu.com>
Signed-off-by: Zhu Guihua <zhugh.fnst@cn.fujitsu.com>
Reviewed-by: Igor Mammedov <imammedo@redhat.com>
Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>

Correctly re-init EFER state during INIT IPI

When doing a re-initialization of a CPU core, the default state is to _not_
have 64-bit long mode enabled. This means the LME (long mode enable) and LMA
(long mode active) bits in the EFER model-specific register should be cleared.

However, the EFER state is part of the CPU environment which is
preserved by do_cpu_init(), so if EFER.LME and EFER.LMA were set at the
time an INIT IPI was received, they will remain set after the init completes.

This is contrary to what the Intel architecture manual describes and what
happens on real hardware, and it leaves the CPU in a weird state that the
guest can't clear.

To fix this, the 'efer' member of the CPUX86State structure has been moved
to an area outside the region preserved by do_cpu_init(), so that it can
be properly re-initialized by x86_cpu_reset().

Signed-off-by: Bill Paul <wpaul@windriver.com>
CC: Paolo Bonzini <pbonzini@redhat.com>
CC: Richard Henderson <rth@twiddle.net>
CC: Eduardo Habkost <ehabkost@redhat.com>
Reviewed-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>

target-i386: add ABM to Haswell* and Broadwell* CPU models

ABM is only implemented as a single instruction set by AMD; all AMD
processors support both instructions or neither. Intel considers POPCNT
as part of SSE4.2, and LZCNT as part of BMI1, but Intel also uses AMD's
ABM flag to indicate support for both POPCNT and LZCNT. It has to be
added to Haswell and Broadwell because Haswell, by adding LZCNT, has
completed the ABM.

Tested with "qemu-kvm -cpu Haswell-noTSX,enforce" (and also with older
machine types) on an Haswell-EP machine.

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Reviewed-by: Eduardo Habkost <ehabkost@redhat.com>
Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>

target-i386: get/put MSR_TSC_AUX across reset and migration

There's one report of migration breaking due to missing MSR_TSC_AUX
save/restore. Fix this by adding a new subsection that saves the state
of this MSR.

https://bugzilla.redhat.com/show_bug.cgi?id=1261797

Reported-by: Xiaoqing Wei <xwei@redhat.com>
Signed-off-by: Amit Shah <amit.shah@redhat.com>
CC: Paolo Bonzini <pbonzini@redhat.com>
CC: Juan Quintela <quintela@redhat.com>
CC: "Dr. David Alan Gilbert" <dgilbert@redhat.com>
CC: Marcelo Tosatti <mtosatti@redhat.com>
CC: Richard Henderson <rth@twiddle.net>
CC: Eduardo Habkost <ehabkost@redhat.com>
Reviewed-by: Eduardo Habkost <ehabkost@redhat.com>
Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>

target-i386: Make check_hw_breakpoints static

The function is now only used from within a single file.

Reviewed-by: Eduardo Habkost <ehabkost@redhat.com>
Signed-off-by: Richard Henderson <rth@twiddle.net>
Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>

target-i386: Move breakpoint related functions to new file

Reviewed-by: Eduardo Habkost <ehabkost@redhat.com>
Signed-off-by: Richard Henderson <rth@twiddle.net>
Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>

target-i386: Convert kvm_default_*features to property/value pairs

Convert the kvm_default_features and kvm_default_unset_features arrays
into a simple list of property/value pairs that will be applied to
X86CPU objects when using KVM.

Acked-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>

vl: Add another sanity check to smp_parse() function

The code in smp_parse already checks the topology information for
sockets * cores * threads < cpus and bails out with an error in
that case. However, it is still possible to supply a bad configuration
the other way round, e.g. with:

qemu-system-xxx -smp 4,sockets=1,cores=4,threads=2

QEMU then still starts the guest, with topology configuration that
is rather incomprehensible and likely not what the user wanted.
So let's add another check to refuse such wrong configurations.

Signed-off-by: Thomas Huth <thuth@redhat.com>
Reviewed-by: Eduardo Habkost <ehabkost@redhat.com>
Acked-by: Cornelia Huck <cornelia.huck@de.ibm.com>
Acked-by: Bastian Koppelmann <kbastian@mail.uni-paderborn.de>
Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>

cpu: Introduce X86CPUTopoInfo structure for argument simplification

In order to simplify arguments of function, introduce a new struct
named X86CPUTopoInfo.

Signed-off-by: Chen Fan <chen.fan.fnst@cn.fujitsu.com>
Signed-off-by: Zhu Guihua <zhugh.fnst@cn.fujitsu.com>
Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>

Merge remote-tracking branch 'remotes/mst/tags/for_upstream' into staging

virtio,pc features, fixes

New features:
    guest RAM buffer overrun mitigation
    RAM physical address gaps for memory hotplug
    (except refactoring which got some review comments)

Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
# gpg: Signature made Fri 02 Oct 2015 15:04:56 BST using RSA key ID D28D5469
# gpg: Good signature from "Michael S. Tsirkin <mst@kernel.org>"
# gpg:                 aka "Michael S. Tsirkin <mst@redhat.com>"

* remotes/mst/tags/for_upstream:
  vhost-user-test: fix predictable filename on tmpfs
  vhost-user-test: use tmpfs by default
  pc: memhp: force gaps between DIMM's GPA
  memhp: extend address auto assignment to support gaps
  vhost-user: unit test for new messages
  vhost-user-test: do not reinvent glib-compat.h
  virtio: Notice when the system doesn't support MSIx at all
  pc: Add a comment explaining why pc_compat_2_4() doesn't exist
  exec: allocate PROT_NONE pages on top of RAM
  oslib: allocate PROT_NONE pages on top of RAM
  oslib: rework anonimous RAM allocation
  virtio-net: correctly drop truncated packets
  virtio: introduce virtqueue_discard()
  virtio: introduce virtqueue_unmap_sg()

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>

Merge remote-tracking branch 'remotes/riku/tags/pull-linux-user-20151002' into staging

First set of Linux-user que patches for 2.5

# gpg: Signature made Fri 02 Oct 2015 13:38:00 BST using RSA key ID DE3C9BC0
# gpg: Good signature from "Riku Voipio <riku.voipio@iki.fi>"
# gpg:                 aka "Riku Voipio <riku.voipio@linaro.org>"

* remotes/riku/tags/pull-linux-user-20151002:
  linux-user: assert that target_mprotect cannot fail
  linux-user/signal.c: Use setup_rt_frame() instead of setup_frame() for target openrisc
  linux-user/syscall.c: Add EAGAIN to host_to_target_errno_table for
  linux-user: add name_to_handle_at/open_by_handle_at
  linux-user: Return target error number in do_fork()
  linux-user: fix cmsg conversion in case of multiple headers
  linux-user: remove MAX_ARG_PAGES limit
  linux-user: remove unused image_info members
  linux-user: Treat --foo options the same as -foo
  linux-user: use EXIT_SUCCESS and EXIT_FAILURE
  linux-user: Add proper error messages for bad options
  linux-user: Add -help
  linux-user: Exit 0 when -h is used

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>

vhost-user-test: fix predictable filename on tmpfs

vhost-user-test uses getpid to create a unique filename. This name is
predictable, and a security problem. Instead, use a tmp directory
created by mkdtemp, which is a suggested best practice.

Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com>

vhost-user-test: use tmpfs by default

Most people don't run make check by default, so they skip vhost-user
unit tests. Solve this by using tmpfs instead, unless hugetlbfs is
specified (using an environment variable).

Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com>

pc: memhp: force gaps between DIMM's GPA

mapping DIMMs non contiguously allows to workaround
virtio bug reported earlier:
http://lists.nongnu.org/archive/html/qemu-devel/2015-08/msg00522.html
in this case guest kernel doesn't allocate buffers
that can cross DIMM boundary keeping each buffer
local to a DIMM.

Suggested-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Igor Mammedov <imammedo@redhat.com>
Acked-by: Eduardo Habkost <ehabkost@redhat.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>

memhp: extend address auto assignment to support gaps

setting gap to TRUE will make sparse DIMM
address auto allocation, leaving gaps between
a new DIMM address and preceeding existing DIMM.

Signed-off-by: Igor Mammedov <imammedo@redhat.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>

vhost-user: unit test for new messages

Data is empty for now, but do make sure master
sets the new feature bit flag.

Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>

vhost-user-test: do not reinvent glib-compat.h

glib-compat.h has the gunk to support both old-style and new-style
gthread functions. Use it instead of reinventing it.

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Tested-by: Marc-André Lureau <marcandre.lureau@redhat.com>

Merge remote-tracking branch 'remotes/kevin/tags/for-upstream' into staging

Block layer patches

# gpg: Signature made Fri 02 Oct 2015 12:49:13 BST using RSA key ID C88F2FD6
# gpg: Good signature from "Kevin Wolf <kwolf@redhat.com>"

* remotes/kevin/tags/for-upstream:
  block/raw-posix: Open file descriptor O_RDWR to work around glibc posix_fallocate emulation issue.
  block: disable I/O limits at the beginning of bdrv_close()
  iotests: Fix test 128 for password-less sudo
  tests: Fix test 049 fallout from improved HMP error messages
  raw-win32: Fix write request error handling

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>

block/raw-posix: Open file descriptor O_RDWR to work around glibc posix_fallocate emulation issue.

  https://bugzilla.redhat.com/show_bug.cgi?id=1265196

The following command fails on an NFS mountpoint:

  $ qemu-img create -f qcow2 -o preallocation=falloc disk.img 262144
  Formatting 'disk.img', fmt=qcow2 size=262144 encryption=off cluster_size=65536 preallocation='falloc' lazy_refcounts=off
  qemu-img: disk.img: Could not preallocate data for the new file: Bad file descriptor

The reason turns out to be because NFS doesn't support the
posix_fallocate call.  glibc emulates it instead.  However glibc's
emulation involves using the pread(2) syscall.  The pread syscall
fails with EBADF if the file descriptor is opened without the read
open-flag (ie. open (..., O_WRONLY)).

I contacted glibc upstream about this, and their response is here:

  https://bugzilla.redhat.com/show_bug.cgi?id=1265196#c9

There are two possible fixes: Use Linux fallocate directly, or (this
fix) work around the problem in qemu by opening the file with O_RDWR
instead of O_WRONLY.

Signed-off-by: Richard W.M. Jones <rjones@redhat.com>
BZ: https://bugzilla.redhat.com/show_bug.cgi?id=1265196
Reviewed-by: Jeff Cody <jcody@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>

block: disable I/O limits at the beginning of bdrv_close()

Disabling I/O limits from a BDS also drains all pending throttled
requests, so it should be done at the beginning of bdrv_close() with
the rest of the bdrv_drain() calls before the BlockDriver is closed.

Signed-off-by: Alberto Garcia <berto@igalia.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>

iotests: Fix test 128 for password-less sudo

As of 934659c460d46c948cf348822fda1d38556ed9a4, $QEMU_IO is generally no
longer a program name, and therefore "sudo -n $QEMU_IO" will no longer
work.

Fix this by copying the qemu-io invocation function from common.config,
making it use $sudo for invoking $QEMU_IO_PROG, and then use that
function instead of $QEMU_IO.

Reported-by: Fam Zheng <famz@redhat.com>
Signed-off-by: Max Reitz <mreitz@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>

tests: Fix test 049 fallout from improved HMP error messages

Commit 50b7b000 improved HMP error messages, but forgot to update
qemu-iotests to match.

Reported-by: Kevin Wolf <kwolf@redhat.com>
Signed-off-by: Eric Blake <eblake@redhat.com>
Reviewed-by: John Snow <jsnow@redhat.com>
Reviewed-by: Alberto Garcia <berto@igalia.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>

raw-win32: Fix write request error handling

aio_worker() wrote the return code to the wrong variable.

Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Tested-by: Guangmu Zhu <guangmuzhu@gmail.com>
Reviewed-by: Eric Blake <eblake@redhat.com>

Merge remote-tracking branch 'remotes/cody/tags/block-pull-request' into staging

# gpg: Signature made Thu 01 Oct 2015 20:02:33 BST using RSA key ID C0DE3057
# gpg: Good signature from "Jeffrey Cody <jcody@redhat.com>"
# gpg:                 aka "Jeffrey Cody <jeff@codyprime.org>"
# gpg:                 aka "Jeffrey Cody <codyprime@gmail.com>"

* remotes/cody/tags/block-pull-request:
  block: mirror - fix full sync mode when target does not support zero init

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>

target-microblaze: Set the PC in reset instead of realize

Set the Microblaze CPU PC in the reset instead of setting it
in the realize. This is required as the PC is zeroed in the
reset function and causes problems in some situations.

Signed-off-by: Alistair Francis <alistair.francis@xilinx.com>
Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com>
Signed-off-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com>

disas/cris: Fix typo in comment

Signed-off-by: Stefan Weil <sw@weilnetz.de>
Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com>
Signed-off-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com>

block: mirror - fix full sync mode when target does not support zero init

During mirror, if the target device does not support zero init, a
mirror may result in a corrupted image for sync="full" mode.

This is due to how the initial dirty bitmap is set up prior to copying
data - we did not mark sectors as dirty that are unallocated.  This
means those unallocated sectors are skipped over on the target, and for
a device without zero init, invalid data may reside in those holes.

If both of the following conditions are true, then we will explicitly
mark all sectors as dirty:

    1.) sync = "full"
    2.) bdrv_has_zero_init(target) == false

If the target does support zero init, but a target image is passed in
with data already present (i.e. an "existing" image), it is assumed the
data present in the existing image is valid data for those sectors.

Reviewed-by: Paolo Bonzini <pbonzini@redhat.com>
Message-id: 91ed4bc5bda7e2b09eb508b07c83f4071fe0b3c9.1443705220.git.jcody@redhat.com
Signed-off-by: Jeff Cody <jcody@redhat.com>

virtio: Notice when the system doesn't support MSIx at all

And do not issue an error_report in that case.

Signed-off-by: Richard Henderson <rth@twiddle.net>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>

pc: Add a comment explaining why pc_compat_2_4() doesn't exist

pc_compat_2_4() doesn't exist, and we shouldn't create one. Add a
comment explaining why the function doesn't exist and why pc_compat_*()
functions are deprecated.

Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>

exec: allocate PROT_NONE pages on top of RAM

This inserts a read and write protected page between RAM and QEMU
memory, for file-backend RAM.
This makes it harder to exploit QEMU bugs resulting from buffer
overflows in devices using variants of cpu_physical_memory_map,
dma_memory_map etc.

Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
Reviewed-by: Paolo Bonzini <pbonzini@redhat.com>
Acked-by: Paolo Bonzini <pbonzini@redhat.com>

oslib: allocate PROT_NONE pages on top of RAM

This inserts a read and write protected page between RAM and QEMU
memory. This makes it harder to exploit QEMU bugs resulting from buffer
overflows in devices using variants of cpu_physical_memory_map,
dma_memory_map etc.

Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
Reviewed-by: Paolo Bonzini <pbonzini@redhat.com>
Acked-by: Paolo Bonzini <pbonzini@redhat.com>

oslib: rework anonimous RAM allocation

At the moment we first allocate RAM, sometimes more than necessary for
alignment reasons. We then free the extra RAM.

Rework this to avoid the temporary allocation: reserve the
range by mapping it with PROT_NONE, then use just the
necessary range with MAP_FIXED.

Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
Reviewed-by: Paolo Bonzini <pbonzini@redhat.com>
Acked-by: Paolo Bonzini <pbonzini@redhat.com>

virtio-net: correctly drop truncated packets

When packet is truncated during receiving, we drop the packets but
neither discard the descriptor nor add and signal used
descriptor. This will lead several issues:

- sg mappings are leaked
- rx will be stalled if a lots of packets were truncated

In order to be consistent with vhost, fix by discarding the descriptor
in this case.

Cc: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Jason Wang <jasowang@redhat.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>

virtio: introduce virtqueue_discard()

This patch introduces virtqueue_discard() to discard a descriptor and
unmap the sgs. This will be used by the patch that will discard
descriptor when packet is truncated.

Cc: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Jason Wang <jasowang@redhat.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>

virtio: introduce virtqueue_unmap_sg()

Factor out sg unmapping logic. This will be reused by the patch that
can discard descriptor.

Cc: Michael S. Tsirkin <mst@redhat.com>
Cc: Andrew James <andrew.james@hpe.com>
Signed-off-by: Jason Wang <jasowang@redhat.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>

Merge remote-tracking branch 'remotes/juanquintela/tags/migration/20150930' into staging

migration/next for 20150930

# gpg: Signature made Wed 30 Sep 2015 09:24:02 BST using RSA key ID 5872D723
# gpg: Good signature from "Juan Quintela <quintela@redhat.com>"
# gpg:                 aka "Juan Quintela <quintela@trasno.org>"

* remotes/juanquintela/tags/migration/20150930:
  migration: Disambiguate MAX_THROTTLE
  qmp/hmp: Add throttle ratio to query-migrate and info migrate
  migration: Dynamic cpu throttling for auto-converge
  migration: Parameters for auto-converge cpu throttling
  cpu: Provide vcpu throttling interface
  migration: yet more possible state transitions

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>

linux-user: assert that target_mprotect cannot fail

All error conditions that target_mprotect checks are also checked
by target_mmap. EACCESS cannot happen because we are just removing
PROT_WRITE. ENOMEM should not happen because we are modifying a
whole VMA (and we have bigger problems anyway if it happens).

Fixes a Coverity false positive, where Coverity complains about
target_mprotect's return value being passed to tb_invalidate_phys_range.

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Riku Voipio <riku.voipio@linaro.org>

linux-user/signal.c: Use setup_rt_frame() instead of setup_frame() for target openrisc

qemu has already considered about some targets may have no traditional
signals. And openrisc's setup_frame() is dummy, but it can be supported
by setup_rt_frame().

Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Chen Gang <gang.chen.5i5j@gmail.com>
Signed-off-by: Riku Voipio <riku.voipio@linaro.org>

migration: Disambiguate MAX_THROTTLE

Migration has a define for MAX_THROTTLE. Update comment to clarify that this is
used for throttling transfer speed. Hopefully this will prevent it from being
confused with a guest cpu throttling entity.

Signed-off-by: Jason J. Herne <jjherne@linux.vnet.ibm.com>
Reviewed-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Signed-off-by: Juan Quintela <quintela@redhat.com>
Reviewed-by: Juan Quintela <quintela@redhat.com>

qmp/hmp: Add throttle ratio to query-migrate and info migrate

Report throttle percentage in info migrate and query-migrate responses when
cpu throttling is active.

Signed-off-by: Jason J. Herne <jjherne@linux.vnet.ibm.com>
Reviewed-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
Signed-off-by: Juan Quintela <quintela@redhat.com>
Reviewed-by: Juan Quintela <quintela@redhat.com>

migration: Dynamic cpu throttling for auto-converge

Remove traditional auto-converge static 30ms throttling code and replace it
with a dynamic throttling algorithm.

Additionally, be more aggressive when deciding when to start throttling.
Previously we waited until four unproductive memory passes. Now we begin
throttling after only two unproductive memory passes. Four seemed quite
arbitrary and only waiting for two passes allows us to complete the migration
faster.

Signed-off-by: Jason J. Herne <jjherne@linux.vnet.ibm.com>
Reviewed-by: Matthew Rosato <mjrosato@linux.vnet.ibm.com>
Signed-off-by: Juan Quintela <quintela@redhat.com>
Reviewed-by: Juan Quintela <quintela@redhat.com>

migration: Parameters for auto-converge cpu throttling

Add migration parameters to allow the user to adjust the parameters
that control cpu throttling when auto-converge is in effect. The added
parameters are as follows:

x-cpu-throttle-initial : Initial percantage of time guest cpus are throttled
when migration auto-converge is activated.

x-cpu-throttle-increment: throttle percantage increase each time
auto-converge detects that migration is not making progress.

Signed-off-by: Jason J. Herne <jjherne@linux.vnet.ibm.com>
Reviewed-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
Signed-off-by: Juan Quintela <quintela@redhat.com>
Reviewed-by: Juan Quintela <quintela@redhat.com>

cpu: Provide vcpu throttling interface

Provide a method to throttle guest cpu execution. CPUState is augmented with
timeout controls and throttle start/stop functions. To throttle the guest cpu
the caller simply has to call the throttle set function and provide a percentage
of throttle time.

Signed-off-by: Jason J. Herne <jjherne@linux.vnet.ibm.com>
Reviewed-by: Matthew Rosato <mjrosato@linux.vnet.ibm.com>
Signed-off-by: Juan Quintela <quintela@redhat.com>
Reviewed-by: Juan Quintela <quintela@redhat.com>

migration: yet more possible state transitions

On destination, we move from INMIGRATE to FINISH_MIGRATE. Add that to
the list of allowed states.

Signed-off-by: Juan Quintela <quintela@redhat.com>
Reviewed-by: Juan Quintela <quintela@redhat.com>

Merge remote-tracking branch 'remotes/amit-migration/tags/for-juan-201509' into staging

Migration queue

# gpg: Signature made Tue 29 Sep 2015 07:13:55 BST using RSA key ID 854083B6
# gpg: Good signature from "Amit Shah <amit@amitshah.net>"
# gpg:                 aka "Amit Shah <amit@kernel.org>"
# gpg:                 aka "Amit Shah <amitshah@gmx.net>"

* remotes/amit-migration/tags/for-juan-201509:
  ram_find_and_save_block: Split out the finding
  Move dirty page search state into separate structure
  migration: Use g_new() & friends where that makes obvious sense
  migration: qemu-file more size_t'ifying
  migration: size_t'ify some of qemu-file
  Init page sizes in qtest
  Split out end of migration code from migration_thread
  migration/ram.c: Use RAMBlock rather than MemoryRegion
  vmstate: Remove redefinition of VMSTATE_UINT32_ARRAY

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>

ram_find_and_save_block: Split out the finding

Split out the finding of the dirty page and all the wrap detection
into a separate function since it was getting a bit hairy.

Signed-off-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
Message-Id: <1443018431-11170-3-git-send-email-dgilbert@redhat.com>
Reviewed-by: Amit Shah <amit.shah@redhat.com>
[Fix comment -- Amit]
Signed-off-by: Amit Shah <amit.shah@redhat.com>

Move dirty page search state into separate structure

Pull the search state for one iteration of the dirty page
search into a structure.

Signed-off-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
Reviewed-by: Amit Shah <amit.shah@redhat.com>
Message-Id: <1443018431-11170-2-git-send-email-dgilbert@redhat.com>
Reviewed-by: Amit Shah <amit.shah@redhat.com>
Signed-off-by: Amit Shah <amit.shah@redhat.com>

migration: Use g_new() & friends where that makes obvious sense

g_new(T, n) is neater than g_malloc(sizeof(T) * n).  It's also safer,
for two reasons.  One, it catches multiplication overflowing size_t.
Two, it returns T * rather than void *, which lets the compiler catch
more type errors.

This commit only touches allocations with size arguments of the form
sizeof(T).  Same Coccinelle semantic patch as in commit b45c03f.

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Message-Id: <1442231491-23352-1-git-send-email-armbru@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Reviewed-by: zhanghailiang <zhang.zhanghailiang@huawei.com>
Reviewed-by: Amit Shah <amit.shah@redhat.com>
Signed-off-by: Amit Shah <amit.shah@redhat.com>

migration: qemu-file more size_t'ifying

This time convert the external functions:
qemu_get_buffer, qemu_peek_buffer
qemu_put_buffer and qemu_put_buffer_async

Signed-off-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
Message-Id: <1439463094-5394-6-git-send-email-dgilbert@redhat.com>
Reviewed-by: zhanghailiang <zhang.zhanghailiang@huawei.com>
Reviewed-by: Amit Shah <amit.shah@redhat.com>
Signed-off-by: Amit Shah <amit.shah@redhat.com>

migration: size_t'ify some of qemu-file

This is a start on using size_t more in qemu-file and friends;
it fixes up QEMUFilePutBufferFunc and QEMUFileGetBufferFunc
to take size_t lengths and return ssize_t return values (like read(2))
and fixes up all the different implementations of them.

Note that I've not yet followed this deeply into bdrv_ implementations.

Signed-off-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
Message-Id: <1439463094-5394-5-git-send-email-dgilbert@redhat.com>
Reviewed-by: zhanghailiang <zhang.zhanghailiang@huawei.com>
Reviewed-by: Amit Shah <amit.shah@redhat.com>
Signed-off-by: Amit Shah <amit.shah@redhat.com>

Init page sizes in qtest

One of my patches used a loop that was based on host page size;
it dies in qtest since qtest hadn't bothered init'ing it.

Signed-off-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
Reviewed-by: Juan Quintela <quintela@redhat.com>
Reviewed-by: Amit Shah <amit.shah@redhat.com>
Message-Id: <1439463094-5394-4-git-send-email-dgilbert@redhat.com>
Signed-off-by: Amit Shah <amit.shah@redhat.com>

Split out end of migration code from migration_thread

The code that gets run at the end of the migration process
is getting large, and I'm about to add more for postcopy.
Split it into a separate function.

Signed-off-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
Message-Id: <1439463094-5394-3-git-send-email-dgilbert@redhat.com>
Reviewed-by: zhanghailiang <zhang.zhanghailiang@huawei.com>
Reviewed-by: Amit Shah <amit.shah@redhat.com>
Signed-off-by: Amit Shah <amit.shah@redhat.com>

migration/ram.c: Use RAMBlock rather than MemoryRegion

RAM migration mainly works on RAMBlocks but in a few places
uses data from MemoryRegions to access the same information that's
already held in RAMBlocks; clean it up just to avoid the
MemoryRegion use.

Signed-off-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
Message-Id: <1439463094-5394-2-git-send-email-dgilbert@redhat.com>
Acked-by: Paolo Bonzini <pbonzini@redhat.com>
Reviewed-by: Amit Shah <amit.shah@redhat.com>
Signed-off-by: Amit Shah <amit.shah@redhat.com>

vmstate: Remove redefinition of VMSTATE_UINT32_ARRAY

The macro is defined twice in identical ways.

Signed-off-by: Soren Brinkmann <soren.brinkmann@xilinx.com>
Message-Id: <1439532987-16335-1-git-send-email-soren.brinkmann@xilinx.com>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Amit Shah <amit.shah@redhat.com>
Signed-off-by: Amit Shah <amit.shah@redhat.com>

linux-user/syscall.c: Add EAGAIN to host_to_target_errno_table for

Under Alpha host, EAGAIN is redefined to 35, so it need be remapped too.

Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Chen Gang <gang.chen.5i5j@gmail.com>
Signed-off-by: Riku Voipio <riku.voipio@linaro.org>

linux-user: add name_to_handle_at/open_by_handle_at

This patch allows to run example given by open_by_handle_at(2):

      The following shell session demonstrates the use of these two programs:

           $ echo 'Can you please think about it?' > cecilia.txt
           $ ./t_name_to_handle_at cecilia.txt > fh
           $ ./t_open_by_handle_at < fh
           open_by_handle_at: Operation not permitted
           $ sudo ./t_open_by_handle_at < fh      # Need CAP_SYS_ADMIN
           Read 31 bytes
           $ rm cecilia.txt

       Now  we delete and (quickly) re-create the file so that it has the same
       content and (by chance) the  same  inode.[...]

           $ stat --printf="%i\n" cecilia.txt     # Display inode number
           4072121
           $ rm cecilia.txt
           $ echo 'Can you please think about it?' > cecilia.txt
           $ stat --printf="%i\n" cecilia.txt     # Check inode number
           4072121
           $ sudo ./t_open_by_handle_at < fh
           open_by_handle_at: Stale NFS file handle

See the man page for source code.

Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Laurent Vivier <laurent@vivier.eu>
Signed-off-by: Riku Voipio <riku.voipio@linaro.org>

linux-user: Return target error number in do_fork()

Whilst calls to do_fork() are wrapped in get_errno() this does not
translate return values.

Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Timothy Edward Baldwin <T.E.Baldwin99@members.leeds.ac.uk>
Signed-off-by: Riku Voipio <riku.voipio@linaro.org>

linux-user: fix cmsg conversion in case of multiple headers

Currently, __target_cmsg_nxthdr compares a pointer derived from
target_cmsg against the msg_control field of target_msgh (through
subtraction).  This failed for me when emulating i386 code under x86_64,
because pointers in the host address space and pointers in the guest
address space were not the same.  This patch passes the initial value of
target_cmsg into __target_cmsg_nxthdr.

I found and fixed two more related bugs:
- __target_cmsg_nxthdr now returns the new cmsg pointer instead of the
  old one.
- tgt_space (in host_to_target_cmsg) doesn't count "sizeof (struct
  target_cmsghdr)" twice anymore.

Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Jonathan Neuschäfer <j.neuschaefer@gmx.net>
Signed-off-by: Riku Voipio <riku.voipio@linaro.org>

linux-user: remove MAX_ARG_PAGES limit

Instead of creating a temporary copy for the whole environment and
the arguments, directly copy everything to the target stack.

For this to work, we have to change the order of stack creation and
copying the arguments.

Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Stefan Brüns <stefan.bruens@rwth-aachen.de>
Signed-off-by: Riku Voipio <riku.voipio@linaro.org>

linux-user: remove unused image_info members

Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Stefan Brüns <stefan.bruens@rwth-aachen.de>
Signed-off-by: Riku Voipio <riku.voipio@linaro.org>

linux-user: Treat --foo options the same as -foo

The system mode binaries provide a similar alias
and it makes common options like --version and --help
work as expected.

Signed-off-by: Meador Inge <meadori@codesourcery.com>
Signed-off-by: Riku Voipio <riku.voipio@linaro.org>

linux-user: use EXIT_SUCCESS and EXIT_FAILURE

As suggested by Laurent, use EXIT_SUCCESS and EXIT_FAILURE from
stdlib.h instead of numeric values.

Cc: Laurent Vivier <laurent@vivier.eu>
Signed-off-by: Riku Voipio <riku.voipio@linaro.org>

linux-user: Add proper error messages for bad options

This patch adds better support for diagnosing option
parser errors. The previous implementation just printed
the usage text and exited when a bad option or argument
was found. This made it very difficult to determine why
the usage was being displayed and it was doubly confusing
for cases like '--help' (it wasn't clear that --help was
actually an error).

Signed-off-by: Meador Inge <meadori@codesourcery.com>
Signed-off-by: Riku Voipio <riku.voipio@linaro.org>

linux-user: Add -help

This option is already available on the system mode
binaries. It would be better if long options were
supported (i.e. --help), but this is okay for now.

Signed-off-by: Meador Inge <meadori@codesourcery.com>
Signed-off-by: Riku Voipio <riku.voipio@linaro.org>

linux-user: Exit 0 when -h is used

Signed-off-by: Meador Inge <meadori@codesourcery.com>
Signed-off-by: Riku Voipio <riku.voipio@linaro.org>

Merge remote-tracking branch 'remotes/pmaydell/tags/pull-cocoa-20150925-1' into staging

cocoa queue:
* fix stuck-key bug if keys were down when QEMU lost focus
* prompt the user whether they really meant to quit
* remove the 'open image file' dialog box we used to display
   if the user started QEMU without arguments

# gpg: Signature made Fri 25 Sep 2015 23:17:19 BST using RSA key ID 14360CDE
# gpg: Good signature from "Peter Maydell <peter.maydell@linaro.org>"
# gpg:                 aka "Peter Maydell <pmaydell@gmail.com>"
# gpg:                 aka "Peter Maydell <pmaydell@chiark.greenend.org.uk>"

* remotes/pmaydell/tags/pull-cocoa-20150925-1:
  ui/cocoa.m: remove open dialog code
  ui/cocoa.m: prevent stuck key situation
  ui/cocoa.m: verify with user before quitting QEMU

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>