Paolo Bonzini [Thu, 29 Nov 2012 17:11:50 +0000 (18:11 +0100)]
multiboot: fix e801 memory map
The e801 memory sizes in the multiboot structures hard-code the available
low memory to 640. However, the value should not include the size of the
EBDA. Fill the value in the option ROM, getting the size of low memory
from the BIOS.
Cc: Alexander Graf <agraf@suse.de>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
Eduardo Otubo [Thu, 29 Nov 2012 15:56:41 +0000 (13:56 -0200)]
seccomp: adding new syscalls (bugzilla 855162)
According to the bug 855162[0] - there's the need of adding new syscalls
to the whitelist when using Qemu with Libvirt.
[0] - https://bugzilla.redhat.com/show_bug.cgi?id=855162
Reported-by: Paul Moore <pmoore@redhat.com>
Tested-by: Paul Moore <pmoore@redhat.com>
Signed-off-by: Eduardo Otubo <otubo@linux.vnet.ibm.com>
Signed-off-by: Corey Bryant <coreyb@linux.vnet.ibm.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
Michael S. Tsirkin [Thu, 29 Nov 2012 22:02:56 +0000 (00:02 +0200)]
virtio: limit avail bytes lookahead
Commit
0d8d7690850eb0cf2b2b60933cf47669a6b6f18f introduced
a regression in virtio-net performance because it looks
into the ring aggressively while we really only care
about a single packet worth of buffers.
Reported as bugzilla 1066055 in launchpad.
To fix, add parameters limiting lookahead, and
use in virtqueue_avail_bytes.
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
Reported-by: Edivaldo de Araujo Pereira <edivaldoapereira@yahoo.com.br>
Tested-by: Edivaldo de Araujo Pereira <edivaldoapereira@yahoo.com.br>
Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
Max Filippov [Thu, 29 Nov 2012 15:53:20 +0000 (19:53 +0400)]
qemu-tech.texi: update implemented xtensa features list
Debug option is available since QEMU-1.2; FP coprocessor and
coprocessor context is available since QEMU-1.3.
Signed-off-by: Max Filippov <jcmvbkbc@gmail.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
Anthony Liguori [Thu, 29 Nov 2012 13:46:23 +0000 (07:46 -0600)]
qdev: relax bus type check in qdev_device_add() (v2)
We are currently checking for an exact type match. Use QOM dynamic_cast to
check for a compatible type instead.
Cc: Konrad Frederic <fred.konrad@greensocs.com>
Cc: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
---
v1 -> v2:
- also add cast to qbus_find_recursive (Peter)
- simplify by doing object_dynamic_cast instead of messing with classes
Jan Kiszka [Thu, 22 Nov 2012 19:56:11 +0000 (20:56 +0100)]
event notifier: Fix setup for win32
The event notifier state is only reset by test_and_clear. But we created
the windows event object with auto-reset, which subtly swallowed events.
Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com>
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
Anthony Liguori [Wed, 28 Nov 2012 19:19:30 +0000 (13:19 -0600)]
Merge remote-tracking branch 'bonzini/nbd-next' into staging
* bonzini/nbd-next:
nbd-server-add: Fix the default for 'writable'
nbd: fix use of two uninitialized bytes when connecting to a named export
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
Anthony Liguori [Wed, 28 Nov 2012 19:19:24 +0000 (13:19 -0600)]
Merge remote-tracking branch 'bonzini/scsi-next' into staging
* bonzini/scsi-next:
virtio-scsi: Fix subtle (guest) endian bug
virtio-scsi: Fix some endian bugs with virtio-scsi
iscsi: do not assume device is zero initialized
iscsi: fix deadlock during login
iscsi: fix segfault in url parsing
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
Anthony Liguori [Wed, 28 Nov 2012 19:19:16 +0000 (13:19 -0600)]
Merge remote-tracking branch 'agraf/s390-for-upstream-1.3' into staging
* agraf/s390-for-upstream-1.3:
sclp: Fix uninitialized var in handle_write_event_buf().
s390: Fix ram_size updating in machine init
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
Anthony Liguori [Wed, 28 Nov 2012 19:19:06 +0000 (13:19 -0600)]
Merge remote-tracking branch 'agraf/ppc-for-upstream-1.3' into staging
* agraf/ppc-for-upstream-1.3:
fbdev: fix pixman compile on old pixman
vl.c: Fix broken -usb option
pseries: Fix bug in PCI MSI allocation
kvm: fix incorrect length in a loop over kvm dirty pages map
PPC: Fix missing TRACE exception
hw/ide/macio: Fix segfault caused by NULL DMAContext*
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
Anthony Liguori [Wed, 28 Nov 2012 19:18:56 +0000 (13:18 -0600)]
Merge remote-tracking branch 'afaerber/qom-cpu-1.3' into staging
* afaerber/qom-cpu-1.3:
target-i386: Enable SSSE3 TCG support
target-i386/cpu: Add missing flags to Haswell CPU model
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
Paolo Bonzini [Wed, 28 Nov 2012 08:40:23 +0000 (09:40 +0100)]
build: compile translate.o with -fno-gcse option on GCC 4.6.x and 4.7.[012]
These versions of GCC require insane (>2GB) amounts of memory to compile
translate.o. As a countermeasure, disable the culprit optimization pass.
This should fix the buildbot failure for default_x86_64_fedora16. Anyway
this is a good thing to do because people will try to compile 1.3 with
less than 2GB of memory and complain.
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
David Gibson [Mon, 26 Nov 2012 01:33:52 +0000 (12:33 +1100)]
virtio-scsi: Fix subtle (guest) endian bug
The virtio-scsi config space is, by specification, in guest endian (which
is ill-defined, but there you go). In virtio_scsi_get_config() we set up
all the fields in there, using stl_raw(). Which is a problem for the
max_channel and max_target fields, which are 16-bit, not 32-bit. For
little-endian targets we get away with it by accident, since the first
two bytes will still be correct, and the extra two bytes written (with
zeroes) will be overwritten correctly by the next store.
But for big-endian guests, this means the max_target field ends up as zero,
which means the guest will only recognize a single disk on the virtio-scsi
bus. This patch fixes the problem.
Cc: Paolo Bonzini <pbonzini@redhat.com>
Cc: Paul 'Rusty' Russell <rusty@rustcorp.com.au>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
David Gibson [Fri, 23 Nov 2012 05:08:44 +0000 (16:08 +1100)]
virtio-scsi: Fix some endian bugs with virtio-scsi
The virtio-scsi specification does not specify the correct endianness for
fields in the request structure. It's therefore best to assume that it is
"guest native" endian since that's the (stupid and poorly defined) norm in
virtio.
However, the qemu device for virtio-scsi has no byteswaps at all, and so
will break if the guest has different endianness from the host. This patch
fixes it by adding tswap() calls for the sense_len and resid fields in
the request structure. In theory status_qualifier needs swaps as well,
but that field is never actually touched. The tag field is a uint64_t, but
since its value is completely arbitrary, it might as well be uint8_t[8]
and so it does not need swapping.
Cc: Paolo Bonzini <pbonzini@redhat.com>
Cc: Paul 'Rusty' Russell <rusty@rustcorp.com.au>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Peter Lieven [Sat, 17 Nov 2012 15:20:28 +0000 (16:20 +0100)]
iscsi: do not assume device is zero initialized
Without any complex checks we can't assume that an
iscsi target is initialized to zero.
Signed-off-by: Peter Lieven <pl@kamp.de>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Peter Lieven [Sat, 17 Nov 2012 13:37:39 +0000 (14:37 +0100)]
iscsi: fix deadlock during login
If the connection is interrupted before the first login is successfully
completed qemu-kvm is waiting forever in qemu_aio_wait().
This is fixed by performing an sync login to the target. If the
connection breaks after the first successful login errors are
handled internally by libiscsi.
Signed-off-by: Peter Lieven <pl@kamp.de>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Peter Lieven [Thu, 15 Nov 2012 14:42:06 +0000 (15:42 +0100)]
iscsi: fix segfault in url parsing
If an invalid URL is specified iscsi_get_error(iscsi) is called
with iscsi == NULL.
Signed-off-by: Peter Lieven <pl@kamp.de>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Michal Privoznik [Wed, 28 Nov 2012 10:46:39 +0000 (11:46 +0100)]
nbd-server-add: Fix the default for 'writable'
The documentation to this monitor command tells, that 'writable'
argument is optional and defaults to false. However, the code sets
true as the default. But since some applications may already been
using this, it's safer to fix the code and not documentation which
would break those applications.
Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Paolo Bonzini [Mon, 26 Nov 2012 14:19:31 +0000 (15:19 +0100)]
nbd: fix use of two uninitialized bytes when connecting to a named export
Reported-by: Michal Privoznik <mprivoznik@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Alex Horn [Mon, 26 Nov 2012 16:32:54 +0000 (17:32 +0100)]
rtc: Only call rtc_set_cmos when Register B SET flag is disabled.
This bug occurs when the SET flag of Register B is enabled. When an RTC
data register (i.e. any of the ten time/calender CMOS bytes) is set, the
data is (as expected) correctly stored in the cmos_data array. However,
since the SET flag is enabled, the function rtc_set_time is not invoked.
As a result, the field base_rtc in RTCState remains uninitialized. This
causes a problem on subsequent writes which can end up overwriting data.
To see this, consider writing data to Register A after having written
data to any of the RTC data registers; the following figure illustrates
the call stack for the Register A write operation:
+- cmos_io_port_write
+-- check_update_timer
+---- get_next_alarm
+------ rtc_update_time
In rtc_update_time, get_guest_rtc calculates the wrong time and
overwrites the previously written RTC data register values.
Signed-off-by: Alex Horn <alex.horn@cs.ox.ac.uk>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
Paolo Bonzini [Tue, 27 Nov 2012 08:16:24 +0000 (09:16 +0100)]
virtio-rng: do not use g_assert_cmpint
g_assert_cmpint is not available on glib 2.12, which is the minimum
version required to build QEMU (we only require 2.16 to run tests,
since that is the first version including GTester). Do not use it
in hardware models, use a normal assertion instead.
This fixes the buildbot failure for default_x86_64_rhel5.
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
Paolo Bonzini [Tue, 27 Nov 2012 08:51:48 +0000 (09:51 +0100)]
tests: make threadpool cancellation test looser
The cancellation test is failing on the buildbots. While the failure
merits a little more investigation to understand what is going on,
the logs show that the failure is not impacting the coverage
provided by the test. Hence, loosen a bit the assertions in a
way that should let the test proceed and hopefully pass.
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
Anthony Liguori [Mon, 26 Nov 2012 21:13:31 +0000 (15:13 -0600)]
Update version for 1.3.0-rc1
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
Amit Shah [Wed, 21 Nov 2012 05:51:21 +0000 (11:21 +0530)]
virtio-rng: fix typos, comments
Fix typos, whitespace and update comments to match current
implementation.
Signed-off-by: Amit Shah <amit.shah@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
Amit Shah [Wed, 21 Nov 2012 05:51:20 +0000 (11:21 +0530)]
virtio-rng: disable timer on device removal
Disable the rate-limit timer on device remove (e.g. hot-unplug).
Signed-off-by: Amit Shah <amit.shah@redhat.com>
Reviewed-by: Anthony Liguori <aliguori@us.ibm.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
Amit Shah [Wed, 21 Nov 2012 05:51:19 +0000 (11:21 +0530)]
virtio-rng: remove extra request for entropy
If we got fewer bytes from the backend than requested, don't poke the
backend for more bytes; the guest will ask for more (or if the guest has
already asked for more, the backend knows about it via handle_input()).
Signed-off-by: Amit Shah <amit.shah@redhat.com>
Reviewed-by: Anthony Liguori <aliguori@us.ibm.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
Amit Shah [Wed, 21 Nov 2012 05:51:18 +0000 (11:21 +0530)]
virtio-rng: use virtqueue_get_avail_bytes, fix migration
Popping an elem from the vq just to find out its length causes problems
with save/load later on. Use the new virtqueue_get_avail_bytes()
function instead, saves us the complexity in the migration code, as well
as makes the migration endian-safe.
Signed-off-by: Amit Shah <amit.shah@redhat.com>
Reviewed-by: Anthony Liguori <aliguori@us.ibm.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
Andreas Färber [Sun, 25 Nov 2012 19:44:33 +0000 (20:44 +0100)]
i8259: Fix PIC_COMMON() macro
It used a wrong struct type name since its introduction in
8f04ee0882aec9fe91fb70f767edf5dacff59835 (isa: pic: convert to QEMU
Object Model), apparently it is unused so far.
Signed-off-by: Andreas Färber <afaerber@suse.de>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
Stefan Hajnoczi [Mon, 26 Nov 2012 12:10:12 +0000 (13:10 +0100)]
qapi: handle visitor->type_size() in QapiDeallocVisitor
visit_type_size() requires either visitor->type_size() or
visitor_uint64() to be implemented, otherwise a NULL function pointer is
invoked.
It is possible to trigger this crash as follows:
$ qemu-system-x86_64 -netdev tap,sndbuf=0,id=netdev0 \
-device virtio-blk-pci,netdev=netdev0
The 'sndbuf' option has type "size".
Reviewed-by: Andreas Färber <afaerber@suse.de>
Reviewed-by: Michael Roth <mdroth@linux.vnet.ibm.com>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
Eduardo Habkost [Thu, 22 Nov 2012 15:31:03 +0000 (13:31 -0200)]
target-i386: cpu: add missing flags to Haswell CPU model
When adding the Haswell CPU model, I intended to make it a superset of the
features present on the SandyBridge model, but I have removed the SEP and
RDTSCP features from the feature list by mistake. This patch adds the missing
SEP and RDTSCP features (that are present on SandyBridge) to Haswell.
Reported-by: Martin Kletzander <mkletzan@redhat.com>
Acked-by: Andreas Färber <afaerber@suse.de>
Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
Peter Maydell [Thu, 22 Nov 2012 16:48:45 +0000 (16:48 +0000)]
vl.c: Fix broken -usb option
Commit
094b287f0b accidentally broke the "-usb" command line
option, so it would have no effect if the user had not specified
any machine options at that point. (the return value from
'qemu_opts_find(qemu_find_opts("machine"), 0);' is NULL if there
are no user specified options, so it is only to be used for
looking up an option, not when trying to set one.) Similarly,
would '-usbdevice' no longer cause USB to default to enabled.
Fix this regression by using the same style of code for forcing
the usb=on machine option that we use for other aliases such as
'-enable-kvm'.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
Paolo Bonzini [Fri, 23 Nov 2012 08:47:16 +0000 (09:47 +0100)]
qom: make object_finalize static
It is not used anymore, and there is no need to make it public.
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
Paolo Bonzini [Fri, 23 Nov 2012 08:47:15 +0000 (09:47 +0100)]
qdev: simplify (de)allocation of buses
All conditional deallocation can now be done with object_delete.
Remove the @qom_allocated and @glib_allocated fields; replace the latter
with a direct assignment of the @free function pointer.
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
Paolo Bonzini [Fri, 23 Nov 2012 08:47:14 +0000 (09:47 +0100)]
qom: make object_delete usable for statically-allocated objects
Store in the object the freeing function that will be used at deletion
time. This makes it possible to use object_delete on statically-allocated
(embedded) objects. Dually, it makes it possible to use object_unparent
and object_unref without leaking memory, when the lifetime of object
might extend until after the call to object_delete.
Reviewed-by: Andreas Färber <afaerber@suse.de>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
Paolo Bonzini [Fri, 23 Nov 2012 08:47:13 +0000 (09:47 +0100)]
qdev: move bus removal to object_unparent
Add an ObjectClass method that is done at object_unparent time. It
should remove any backlinks to the object in the composition tree,
so that object_delete will be able to drop the last reference and
free the object.
Use it for qdev buses.
Reviewed-by: Andreas Färber <afaerber@suse.de>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
Paolo Bonzini [Fri, 23 Nov 2012 08:47:12 +0000 (09:47 +0100)]
qom: fix refcount of non-heap-allocated objects
The reference count for embedded objects is always one too low, because
object_initialize_with_type returns with zero references to the object.
This causes premature finalization of the object (or an assertion failure)
after calling object_ref to add an extra reference and object_unref to
remove it.
The fix is to move the initial object_ref call from object_new_with_type
to object_initialize_with_type.
Acked-by: Andreas Färber <afaerber@suse.de>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
Cornelia Huck [Fri, 23 Nov 2012 00:18:12 +0000 (00:18 +0000)]
sclp: Fix uninitialized var in handle_write_event_buf().
Some gcc versions rightly complain about a possibly unitialized rc,
so let's move setting it before the QTAILQ_FOREACH().
Signed-off-by: Cornelia Huck <cornelia.huck@de.ibm.com>
Signed-off-by: Christian Borntraeger <borntraeger@de.ibm.com>
Signed-off-by: Jens Freimann <jfrei@linux.vnet.ibm.com>
Signed-off-by: Alexander Graf <agraf@suse.de>
Heinz Graalfs [Mon, 19 Nov 2012 23:28:34 +0000 (23:28 +0000)]
s390: Fix ram_size updating in machine init
The global variable 'ram_size' is hidden by the local variable
declaration in s390_init(). Since we want to update the global
ram size in certain cases we must not use a local ram_size
variable.
- This fixes booting with unusual ram sizes like -m 67001
- This changes behaviour back to the situation before commit
5f072e1f3075bd869e0ace9f2545a85992ac0084
(create struct for machine initialization arguments)
Signed-off-by: Heinz Graalfs <graalfs@linux.vnet.ibm.com>
Reviewed-by: Eduardo Habkost <ehabkost@redhat.com>
Signed-off-by: Christian Borntraeger <borntraeger@de.ibm.com>
Signed-off-by: Alexander Graf <agraf@suse.de>
Alexander Graf [Mon, 26 Nov 2012 18:49:58 +0000 (19:49 +0100)]
fbdev: fix pixman compile on old pixman
My QEMU compile failed with the following error:
qemu-pixman.c: In function ‘qemu_pixman_get_type’:
qemu-pixman.c:24: error: ‘PIXMAN_TYPE_BGRA’ undeclared (first use in this function)
qemu-pixman.c:24: error: (Each undeclared identifier is reported only once
qemu-pixman.c:24: error: for each function it appears in.)
Guard the PIXMAN_TYPE_BGRA branch like in the case right above the failing
case, so that compilation is fixed. Functionality on such old pixman is a
different question ;-).
Signed-off-by: Alexander Graf <agraf@suse.de>
Peter Maydell [Thu, 22 Nov 2012 06:48:45 +0000 (06:48 +0000)]
vl.c: Fix broken -usb option
Commit
094b287f0b accidentally broke the "-usb" command line
option, so it would have no effect if the user had not specified
any machine options at that point. (the return value from
'qemu_opts_find(qemu_find_opts("machine"), 0);' is NULL if there
are no user specified options, so it is only to be used for
looking up an option, not when trying to set one.) Similarly,
would '-usbdevice' no longer cause USB to default to enabled.
Fix this regression by using the same style of code for forcing
the usb=on machine option that we use for other aliases such as
'-enable-kvm'.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Alexander Graf <agraf@suse.de>
Alexey Kardashevskiy [Mon, 12 Nov 2012 16:46:59 +0000 (16:46 +0000)]
pseries: Fix bug in PCI MSI allocation
In one of the recent reworks to the XICS code, a bug was introduced where
we use the wrong sense and allocate level interrupts instead of message
interrupts for PCI MSIs. This patch fixes it.
Signed-off-by: Alexey Kardashevskiy <aik@ozlabs.ru>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Signed-off-by: Alexander Graf <agraf@suse.de>
Alexey Kardashevskiy [Mon, 19 Nov 2012 15:40:47 +0000 (15:40 +0000)]
kvm: fix incorrect length in a loop over kvm dirty pages map
QEMU allocates a map enough for 4k pages. However the system page size
can be 64K (for example on POWER) and the host kernel uses only a small
part of it as one big stores a dirty flag for 16 pages 4K each,
the hpratio variable stores this ratio and
the kvm_get_dirty_pages_log_range function handles it correctly.
However kvm_get_dirty_pages_log_range still goes beyond the data
provided by the host kernel which is not correct. It does not cause
errors at the moment as the whole bitmap is zeroed before doing KVM ioctl.
The patch reduces number of iterations over the map.
Signed-off-by: Alexey Kardashevskiy <aik@ozlabs.ru>
Signed-off-by: Alexander Graf <agraf@suse.de>
Julio Guerra [Fri, 19 Oct 2012 00:17:13 +0000 (00:17 +0000)]
PPC: Fix missing TRACE exception
This patch fixes bug 1031698 :
https://bugs.launchpad.net/qemu/+bug/1031698
If we look at the (truncated) translation of the conditional branch
instruction in the test submitted in the bug post, the call to the
exception helper is missing in the "bne-false" chunk of translated
code :
IN:
bne- 0x1800278
OUT:
0xb544236d: jne 0xb5442396
0xb5442373: mov %ebp,(%esp)
0xb5442376: mov $0x44,%ebx
0xb544237b: mov %ebx,0x4(%esp)
0xb544237f: mov $0x1800278,%ebx
0xb5442384: mov %ebx,0x25c(%ebp)
0xb544238a: call 0x827475a
^^^^^^^^^^^^^^^^^^
0xb5442396: mov %ebp,(%esp)
0xb5442399: mov $0x44,%ebx
0xb544239e: mov %ebx,0x4(%esp)
0xb54423a2: mov $0x1800270,%ebx
0xb54423a7: mov %ebx,0x25c(%ebp)
Indeed, gen_exception(ctx, excp) called by gen_goto_tb (called by
gen_bcond) changes ctx->exception's value to excp's :
gen_bcond()
{
gen_goto_tb(ctx, 0, ctx->nip + li - 4);
/* ctx->exception value is POWERPC_EXCP_BRANCH */
gen_goto_tb(ctx, 1, ctx->nip);
/* ctx->exception now value is POWERPC_EXCP_TRACE */
}
Making the following gen_goto_tb()'s test false during the second call :
if ((ctx->singlestep_enabled &
(CPU_BRANCH_STEP | CPU_SINGLE_STEP)) &&
ctx->exception == POWERPC_EXCP_BRANCH /* false...*/) {
target_ulong tmp = ctx->nip;
ctx->nip = dest;
/* ... and this is the missing call */
gen_exception(ctx, POWERPC_EXCP_TRACE);
ctx->nip = tmp;
}
So the patch simply adds the missing matching case, fixing our problem.
Signed-off-by: Julio Guerra <guerr@julio.in>
Signed-off-by: Alexander Graf <agraf@suse.de>
Peter Maydell [Tue, 20 Nov 2012 08:16:51 +0000 (08:16 +0000)]
hw/ide/macio: Fix segfault caused by NULL DMAContext*
Pass qemu_sglist_init the global dma_context_memory rather than a NULL
pointer; this fixes a segfault in dma_memory_map() when the guest
starts using DMA.
Reported-by: Amadeusz Sławiński <amade@asmblr.net>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Alexander Graf <agraf@suse.de>
Aurelien Jarno [Sat, 24 Nov 2012 14:07:01 +0000 (15:07 +0100)]
target-i386: Enable SSSE3 TCG support
SSSE3 support has been added to TCG more than 4 years ago in commit
4242b1bd8acc19aaaacffdaad4ac23213d72a72b. It has been disabled by
mistake in commit
551a2dec8fa55006a68393b9d6fb63577d2b3f1c.
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
Signed-off-by: Andreas Färber <afaerber@suse.de>
Eduardo Habkost [Thu, 22 Nov 2012 15:31:03 +0000 (13:31 -0200)]
target-i386/cpu: Add missing flags to Haswell CPU model
When adding the Haswell CPU model, I intended to make it a superset of the
features present on the SandyBridge model, but I have removed the SEP and
RDTSCP features from the feature list by mistake. This patch adds the
missing SEP and RDTSCP features (that are present on SandyBridge) to
Haswell.
Reported-by: Martin Kletzander <mkletzan@redhat.com>
Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
Signed-off-by: Andreas Färber <afaerber@suse.de>
Paolo Bonzini [Fri, 23 Nov 2012 15:56:18 +0000 (16:56 +0100)]
hmp: do not crash on invalid SCSI hotplug
Commit 0d93692 (qdev: Convert busses to QEMU Object Model, 2012-05-02)
removed a check on the type of the bus where a SCSI disk is hotplugged.
However, hot-plugging to the wrong kind of device now causes a crash
due to either a NULL pointer dereference (avoided by the previous patch)
or a failed QOM cast.
Instead, in this case we need to use object_dynamic_cast and check for
the result, similar to what was done before that commit.
Reported-by: Markus Armbruster <armbru@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
Paolo Bonzini [Fri, 23 Nov 2012 15:56:17 +0000 (16:56 +0100)]
qom: dynamic_cast of NULL is always NULL
Trying to cast a NULL value will cause a crash. Returning
NULL is also sensible, and it is also what the type-unsafe
DO_UPCAST macro does.
Reported-by: Markus Armbruster <armbru@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
Paolo Bonzini [Fri, 23 Nov 2012 15:13:24 +0000 (16:13 +0100)]
tests: add thread pool unit tests
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
Paolo Bonzini [Fri, 23 Nov 2012 15:13:23 +0000 (16:13 +0100)]
tests: add AioContext unit tests
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
Paolo Bonzini [Fri, 23 Nov 2012 14:59:43 +0000 (15:59 +0100)]
aio: avoid livelock behavior for Win32
The repeated calls to WaitForMultipleObjects may cause a livelock in aio_poll,
where no progress is made on bottom halves. This patch matches the behavior
of the POSIX code.
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
Jan Kiszka [Wed, 14 Nov 2012 20:54:08 +0000 (15:54 -0500)]
q35: Add kvmclock support
Reviewed-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Signed-off-by: Jason Baron <jbaron@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
Jan Kiszka [Wed, 14 Nov 2012 20:54:08 +0000 (15:54 -0500)]
q35: Fix non-PCI IRQ processing in ich9_lpc_update_apic
Avoid passing a non-PCI IRQ to ich9_gsi_to_pirq. It's wrong and triggers
an assertion.
Reviewed-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Signed-off-by: Jason Baron <jbaron@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
Jan Kiszka [Wed, 14 Nov 2012 20:54:07 +0000 (15:54 -0500)]
q35: Suppress SMM BIOS initialization under KVM
Same as for i44fx: KVM does not support SMM yet. Signal it initialized
to Seabios to avoid failures.
Reviewed-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Signed-off-by: Jason Baron <jbaron@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
Jason Baron [Wed, 14 Nov 2012 20:54:07 +0000 (15:54 -0500)]
ich9: Add i82801b11 dmi-to-pci bridge
Add the dmi-to-pci i82801b11 bridge chip. This is the pci bridge chip
that q35 uses on its host bus for PCI bus arbitration.
Signed-off-by: Isaku Yamahata <yamahata@valinux.co.jp>
Signed-off-by: Jason Baron <jbaron@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
Isaku Yamahata [Wed, 14 Nov 2012 20:54:06 +0000 (15:54 -0500)]
q35: Introduce q35 pc based chipset emulator
pc q35 based chipset emulator to support pci express natively. Based on
Anthony Liguori's suggestion, the machine name is 'q35-next', with an alias
of 'q35'. At this point, there are no compatibility guarantees. When the
chipset stabilizes more, we will begin to version the machine names.
Major features which still need to be added:
-Migration support (mostly around ahci)
-ACPI hotplug support (pcie hotplug support is working)
-Passthrough support
Signed-off-by: Isaku Yamahata <yamahata@valinux.co.jp>
Signed-off-by: Jason Baron <jbaron@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
Jason Baron [Fri, 23 Nov 2012 03:06:42 +0000 (22:06 -0500)]
ich9: Add smbus
Add support for the ich9 smbus chip.
Signed-off-by: Isaku Yamahata <yamahata@valinux.co.jp>
Signed-off-by: Jason Baron <jbaron@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
Jason Baron [Wed, 14 Nov 2012 20:54:05 +0000 (15:54 -0500)]
ich9: Add the lpc chip
Add support for the ICH9 LPC chip.
Signed-off-by: Isaku Yamahata <yamahata@valinux.co.jp>
Signed-off-by: Jason Baron <jbaron@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
Jason Baron [Fri, 23 Nov 2012 03:05:06 +0000 (22:05 -0500)]
ich9: Add acpi support and definitions
Lay the groundwork for subsequent ich9 support.
Signed-off-by: Isaku Yamahata <yamahata@valinux.co.jp>
Signed-off-by: Jason Baron <jbaron@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
Isaku Yamahata [Wed, 14 Nov 2012 20:54:02 +0000 (15:54 -0500)]
pc/piix_pci: factor out smram/pam logic
Factor out smram/pam logic for use by other chipsets, namely q35
at this point.
Note: Should be factored out into a generic North Bridge Class.
[jbaron@redhat.com: changes for updated memory API]
Signed-off-by: Isaku Yamahata <yamahata@valinux.co.jp>
Signed-off-by: Jason Baron <jbaron@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
Jason Baron [Wed, 14 Nov 2012 20:54:02 +0000 (15:54 -0500)]
pc_piix: Move kvm irq routing functions out of pc_piix.c
Rename: kvm_piix3_gsi_handlei() -> kvm_pc_gsi_handler()
kvm_piix3_setup_irq_routing() -> kvm_pc_setup_irq_routing()
This is in preparation for other users, namely q35 at this time.
Signed-off-by: Jason Baron <jbaron@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
Jason Baron [Wed, 14 Nov 2012 20:54:01 +0000 (15:54 -0500)]
pc: Move ioapic_init() from pc_piix.c to pc.c
Move ioapic_init() from pc_piix.c to pc.c, to make it a common function.
Rename ioapic_init() -> ioapic_init_gsi().
Move to pc.h so q35 can use them as well.
Reviewed-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Jason Baron <jbaron@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
Isaku Yamahata [Wed, 14 Nov 2012 20:54:01 +0000 (15:54 -0500)]
pc, pc_piix: split out pc nic initialization
Factor out pc nic initialization.
This simplifies the pc initialization and will reduce the code
duplication of q35 pc initialization.
Reviewed-by: Paolo Bonzini <pbonzini@redhat.com>
Reviewed-by: Anthony Liguori <aliguori@us.ibm.com>
Signed-off-by: Isaku Yamahata <yamahata@valinux.co.jp>
Signed-off-by: Jason Baron <jbaron@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
Anthony Liguori [Mon, 26 Nov 2012 14:19:45 +0000 (08:19 -0600)]
Merge remote-tracking branch 'qemu-kvm/uq/master' into staging
* qemu-kvm/uq/master:
Legacy qemu-kvm options have no argument
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
Anthony Liguori [Mon, 26 Nov 2012 14:19:20 +0000 (08:19 -0600)]
Merge remote-tracking branch 'kraxel/usb.72' into staging
* kraxel/usb.72:
usb-redir: Don't handle interrupt output packets async
usb-redir: Split usb_handle_interrupt_data into separate in/out functions
usb-smartcard-reader: Properly NAK interrupt eps when we've no events
usb-bt: Return NAK instead of STALL when interrupt ep has no data
uhci: Fix double unlink
uhci: Don't allow the guest to set port-enabled when there is no dev connected
uhci: Add a completions_only flag for async completions
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
Anthony Liguori [Mon, 26 Nov 2012 14:19:07 +0000 (08:19 -0600)]
Merge remote-tracking branch 'spice/spice.v64' into staging
* spice/spice.v64:
spice: add new spice-server callbacks to ui/spice-display.c
Fix the inconsistency in x509-dh-key-file parameter
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
Anthony Liguori [Mon, 26 Nov 2012 14:18:25 +0000 (08:18 -0600)]
Merge remote-tracking branch 'stefanha/block' into staging
* stefanha/block:
ide: Fix status register after short PRDs
ide: Fix crash with too long PRD
use int64_t for return values from rbd instead of int
vdi: don't override libuuid symbols
block: add bdrv_reopen() support for raw hdev, floppy, and cdrom
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
Anthony Liguori [Mon, 26 Nov 2012 14:18:06 +0000 (08:18 -0600)]
Merge remote-tracking branch 'stefanha/net' into staging
* stefanha/net:
tap: reset vnet header size on open
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
Catalin Patulea [Sat, 10 Nov 2012 00:01:26 +0000 (19:01 -0500)]
vnc: fix option misspelling ("non-adapative" -> "non-adaptive")
Signed-off-by: Catalin Patulea <catalinp@google.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
Jan Kiszka [Thu, 22 Nov 2012 17:30:02 +0000 (18:30 +0100)]
chardev: Use real-time clock for open timer
The vm clock may be stopped, and then we won't get open events anymore.
Seen with QMP sessions.
Reported-by: Dietmar Maurer <dietmar@proxmox.com>
Tested-by: Luiz Capitulino <lcapitulino@redhat.com>
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
Wenchao Xia [Sat, 24 Nov 2012 09:27:18 +0000 (17:27 +0800)]
Build system fix distclean error for pixman
Currently Makefile test if pixman have configure log, but the script directly
return error if that file do not exist. This patch fix it.
Signed-off-by: Wenchao Xia <xiawenc@linux.vnet.ibm.com>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
Stefan Weil [Thu, 22 Nov 2012 06:25:48 +0000 (07:25 +0100)]
block: Fix regression for MinGW (assertion caused by short string)
The local string tmp_filename is passed to function get_tmp_filename
which expects a string with minimum size MAX_PATH for w32 hosts.
MAX_PATH is 260 and PATH_MAX is 259, so tmp_filename was too short.
Commit
eba25057b9a5e19d10ace2bc7716667a31297169 introduced this
regression.
Signed-off-by: Stefan Weil <sw@weilnetz.de>
Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
Richard Henderson [Mon, 19 Nov 2012 20:43:14 +0000 (12:43 -0800)]
tci: Fix type of tci_read_label
Fixes the pointer truncation that was occurring for branches.
Cc: Stefan Weil <sw@weilnetz.de>
Cc: Blue Swirl <blauwirbel@gmail.com>
Signed-off-by: Richard Henderson <rth@twiddle.net>
Reviewed-by: Stefan Weil <sw@weilnetz.de>
Tested-by: Stefan Weil <sw@weilnetz.de>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
Aurelien Jarno [Sat, 24 Nov 2012 12:35:06 +0000 (13:35 +0100)]
target-mips: remove POOL48A from the microMIPS decoding
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
Aurelien Jarno [Sat, 24 Nov 2012 10:53:55 +0000 (11:53 +0100)]
tcg: mark local temps as MEM in dead_temp()
In dead_temp, local temps should always be marked as back to memory,
even if they have not been allocated (i.e. they are discared before
cross a basic block).
It fixes the following assertion in target-xtensa:
qemu-system-xtensa: tcg/tcg.c:1665: temp_save: Assertion `s->temps[temp].val_type == 2 || s->temps[temp].fixed_reg' failed.
Aborted
Reported-by: Max Filippov <jcmvbkbc@gmail.com>
Tested-by: Max Filippov <jcmvbkbc@gmail.com>
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
陳韋任 (Wei-Ren Chen) [Wed, 21 Nov 2012 06:04:41 +0000 (14:04 +0800)]
target-mips: Clean up microMIPS32 major opcode
I check MIPS microMIPS manual [1], and found the major opcode might
be wrong. I add a comment to explicitly indicate what manual I am refering
to, and according that manual I remove microMIPS32 major opcodes 0x1f.
As for others, like 0x16, 0x17, 0x36 and 0x37, they are for higher-order
MIPS ISA level or new revision of this microMIPS architecture. Quote
from Johnson, they are belong MIPS64 [2].
[1] http://www.mips.com/products/architectures/micromips/#specifications
MIPS Architecture for Programmers Volume II-B:
The microMIPS32 Instruction Set (Revision 3.05)
MD00582-2B-microMIPS-AFP-03.05.pdf
[2] http://www.mips.com/products/architectures/mips64/
MIPS Architecture For Programmers
Volume II-A: The MIPS64 Instruction Set
MD00087-2B-MIPS64BIS-AFP-03.51.pdf
Signed-off-by: Chen Wei-Ren <chenwj@iis.sinica.edu.tw>
Reviewed-by: Eric Johnson <ericj@mips.com>
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
陳韋任 (Wei-Ren Chen) [Wed, 21 Nov 2012 05:50:45 +0000 (13:50 +0800)]
target-mips: Add comments on POOL32Axf encoding
Current QEMU MIPS POOL32AXF encoding comes from microMIPS32
and microMIPS32 DSP. Add comment here to help reading.
Signed-off-by: Chen Wei-Ren <chenwj@iis.sinica.edu.tw>
Reviewed-by: Eric Johnson <ericj@mips.com>
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
Aurelien Jarno [Tue, 9 Oct 2012 19:53:12 +0000 (21:53 +0200)]
target-openrisc: remove conflicting definitions from cpu.h
On an ARM host, the registers definitions from cpu.h clash
with /usr/include/sys/ucontext.h. As there are unused, just remove
them.
Cc: Jia Liu <proljc@gmail.com>
Cc: qemu-stable@nongnu.org
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
Aurelien Jarno [Tue, 9 Oct 2012 19:53:11 +0000 (21:53 +0200)]
tcg/arm: fix cross-endian qemu_st16
The bswap16 TCG opcode assumes that the high bytes of the temp equal
to 0 before calling it. The ARM backend implementation takes this
assumption to slightly optimize the generated code.
The same implementation is called for implementing the cross-endian
qemu_st16 opcode, where this assumption is not true anymore. One way to
fix that would be to zero the high bytes before calling it. Given the
store instruction just ignore them, it is possible to provide a slightly
more optimized version. With ARMv6+ the rev16 instruction does the work
correctly. For lower ARM versions the patch provides a version which
behaves correctly with non-zero high bytes, but fill them with junk.
Cc: Andrzej Zaborowski <balrogg@gmail.com>
Cc: Peter Maydell <peter.maydell@linaro.org>
Cc: qemu-stable@nongnu.org
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
Aurelien Jarno [Tue, 9 Oct 2012 19:53:11 +0000 (21:53 +0200)]
tcg/arm: fix TLB access in qemu-ld/st ops
The TCG arm backend considers likely that the offset to the TLB
entries does not exceed 12 bits for mem_index = 0. In practice this is
not true for at least the MIPS target.
The current patch fixes that by loading the bits 23-12 with a separate
instruction, and using loads with address writeback, independently of
the value of mem_idx. In total this allow a 24-bit offset, which is a
lot more than needed.
Cc: Andrzej Zaborowski <balrogg@gmail.com>
Cc: Peter Maydell <peter.maydell@linaro.org>
Cc: qemu-stable@nongnu.org
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
Bruce Rogers [Tue, 20 Nov 2012 14:11:21 +0000 (07:11 -0700)]
Legacy qemu-kvm options have no argument
The options no-kvm, no-kvm-pit, no-kvm-pit-reinjection, and no-kvm-irqchip
should be marked as having no argument.
Signed-off-by: Bruce Rogers <brogers@suse.com>
Reviewed-by: Jan Kiszka <jan.kiszka@siemens.com>
Signed-off-by: Marcelo Tosatti <mtosatti@redhat.com>
Hans de Goede [Sat, 17 Nov 2012 11:26:57 +0000 (12:26 +0100)]
usb-redir: Don't handle interrupt output packets async
Instead report them as successfully completed directly on submission, this
has 2 advantages:
1) This matches the timing of interrupt output packets on real hardware,
with the previous async handling, if an ep has an interval of say 500 ms,
then there would be 500+ ms between the submission and the guest seeing the
completion, as we wont do the write back until the qh gets polled again. And
in the mean time the guest may very well have timed out, as the guest can
reasonable expect a much quicker completion.
2) This fixes interrupt output packets potentially getting send twice
surrounding a migration. As we delay the writeback to guest memory until
the qh gets polled again, there is a window between completion and writeback
where migration can happen, in this case the destination will not know
about the completion, and it will execute the packet *again*
But it does also come with a disadvantage:
1) If the actual interrupt out to the real usb device fails, there is no
way to report this back to the guest.
This patch assumes however that interrupt outs in practice never fail, as
they are only used by specialized drivers, which are unlikely to issue illegal
requests (unlike general class drivers which often issue requests which some
devices don't implement). And that thus the advantages outway the disadvantage.
Signed-off-by: Hans de Goede <hdegoede@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Hans de Goede [Sat, 17 Nov 2012 11:26:56 +0000 (12:26 +0100)]
usb-redir: Split usb_handle_interrupt_data into separate in/out functions
No functional changes.
Signed-off-by: Hans de Goede <hdegoede@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Hans de Goede [Sat, 17 Nov 2012 11:15:02 +0000 (12:15 +0100)]
usb-smartcard-reader: Properly NAK interrupt eps when we've no events
When we've no data to return from the interrupt endpoint, return NAK rather
then a 0 length packet.
CC: Alon Levy <alevy@redhat.com>
Signed-off-by: Hans de Goede <hdegoede@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Hans de Goede [Sat, 17 Nov 2012 11:15:01 +0000 (12:15 +0100)]
usb-bt: Return NAK instead of STALL when interrupt ep has no data
I noticed this while making all devices with interrupt endpoints properly
do wakeup. While at it also add wakeup support.
Note that I've not tested this, but returning STALL for an interrupt ep
which has no data is cleary the wrong thing to do.
Signed-off-by: Hans de Goede <hdegoede@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Hans de Goede [Sat, 17 Nov 2012 11:11:51 +0000 (12:11 +0100)]
uhci: Fix double unlink
uhci_async_cancel() already does a uhci_async_unlink().
Signed-off-by: Hans de Goede <hdegoede@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Hans de Goede [Sat, 17 Nov 2012 11:11:50 +0000 (12:11 +0100)]
uhci: Don't allow the guest to set port-enabled when there is no dev connected
It is possible for device disconnect and the guest trying to reset the port
(because of USB xact errors prior to the disconnect getting signaled) to race,
when we hit this race, the guest will write the port-control register with its
pre-disconnect value + the reset bit set, after which we have a disconnected
device with its port-enabled bit set in its port-control register, which
is no good :)
Signed-off-by: Hans de Goede <hdegoede@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Hans de Goede [Sat, 17 Nov 2012 11:11:49 +0000 (12:11 +0100)]
uhci: Add a completions_only flag for async completions
Add a completions_only flag, and set this when running process_frame for async
completion handling, this fixes 2 issues in a single patch:
1) It makes sure async completed packets get written to guest mem immediately,
even if all the bandwidth for the frame was consumed from the timer run
process_frame. This is necessary as delaying their writeback to the next frame
can cause the completion to get lost on migration.
2) The calling of process_frame from a bh on async completion causes iso
tds to get server more often they should, messing up usb sound class device
timing. By only processing completed packets, the iso tds get skipped fixing
this.
Signed-off-by: Hans de Goede <hdegoede@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Gerd Hoffmann [Wed, 21 Nov 2012 13:41:48 +0000 (14:41 +0100)]
spice: add new spice-server callbacks to ui/spice-display.c
Otherwise qemu crashes with non-qxl graphics cards.
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Lei Li [Mon, 19 Nov 2012 09:15:08 +0000 (17:15 +0800)]
Fix the inconsistency in x509-dh-key-file parameter
Commit
c448e8552b0f6135dabddf944a7110f929c08320 (spice: tls
support) added options to the -spice command line. But there
is an inconsistency between the declaration of the option
'x509-dh-key-file' to -spice command line and its parameter
parsing 'x509-dh-file' in function qemu_spice_init.
https://bugs.launchpad.net/qemu/+bug/1035042
Reported-by: Alon Bar-Lev <alon.barlev@gmail.com>
Signed-off-by: Lei Li <lilei@linux.vnet.ibm.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Kevin Wolf [Tue, 20 Nov 2012 16:27:44 +0000 (17:27 +0100)]
ide: Fix status register after short PRDs
When failing a request because the length of the regions described by
the PRDT was too short for the requested number of sectors, the IDE
emulation forgot to update the status register, so that the device would
keep the BSY flag set indefinitely.
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
Kevin Wolf [Tue, 20 Nov 2012 16:27:43 +0000 (17:27 +0100)]
ide: Fix crash with too long PRD
Without this, s->nsector can become negative and badness happens (trying
to malloc huge amount of memory and glib calls abort())
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
Stefan Priebe [Tue, 20 Nov 2012 12:44:55 +0000 (13:44 +0100)]
use int64_t for return values from rbd instead of int
rbd / rados tends to return pretty often length of writes
or discarded blocks. These values might be bigger than int.
The steps to reproduce are:
mkfs.xfs -f a whole device bigger than int in bytes. mkfs.xfs sends
a discard. Important is that you use scsi-hd and set
discard_granularity=512. Otherwise rbd disabled discard support.
Signed-off-by: Stefan Priebe <s.priebe@profihost.ag>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
Stefan Hajnoczi [Tue, 20 Nov 2012 15:34:17 +0000 (16:34 +0100)]
vdi: don't override libuuid symbols
It's poor symbol hygiene to provide a global symbols that collide with a
common library like libuuid. If QEMU links against a shared library
that depends on uuid_generate() it can end up calling our stub version
of the function.
This exact scenario happened with GlusterFS libgfapi.so, which depends
on libglusterfs.so's uuid_generate().
Scope the uuid stubs for vdi.c only and avoid affecting other shared
objects.
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
Reviewed-by: Kevin Wolf <kwolf@redhat.com>
Jeff Cody [Tue, 20 Nov 2012 15:21:10 +0000 (10:21 -0500)]
block: add bdrv_reopen() support for raw hdev, floppy, and cdrom
For hdev, floppy, and cdrom, the reopen() handlers are the same as
for the file reopen handler. For floppy and cdrom types, however,
we keep O_NONBLOCK, as in the _open function.
Signed-off-by: Jeff Cody <jcody@redhat.com>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
Anthony PERARD [Fri, 16 Nov 2012 04:08:14 +0000 (04:08 +0000)]
qemu-sockets: Fix parsing of the inet option 'to'.
Having a qemu command line argument like "-vnc 127.0.0.1:0,to=99" is broken.
This have been break with commit
879e45c72da1569e07fbbc6a1aa2a708ea796044.
Signed-off-by: Anthony PERARD <anthony.perard@citrix.com>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
Signed-off-by: malc <av1474@comtv.ru>
malc [Wed, 21 Nov 2012 06:55:28 +0000 (10:55 +0400)]
tcg/ppc: Fix !softmmu case
Signed-off-by: malc <av1474@comtv.ru>
Michael S. Tsirkin [Tue, 13 Nov 2012 10:23:23 +0000 (12:23 +0200)]
tap: reset vnet header size on open
For tap, we currently assume the vnet header size is 10
(the default value) but that might not be the case
if tap is persistent and has been used by qemu previously.
To fix, set host header size in tap device on open.
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
Tested-by: Alexander Graf <agraf@suse.de>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
Anthony Liguori [Mon, 19 Nov 2012 16:31:17 +0000 (10:31 -0600)]
Update version for 1.3.0-rc0 release
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
malc [Mon, 19 Nov 2012 18:26:13 +0000 (22:26 +0400)]
audio/audio_pt_int: Clarify licensing
Signed-off-by: malc <av1474@comtv.ru>