qemu-stable-0.10.git
12 years agoRevert "fix broken migration" master
Glauber Costa [Mon, 31 Aug 2009 08:58:19 +0000 (04:58 -0400)] 
Revert "fix broken migration"

Nacked by Juan and Paolo.

This reverts commit f16f83481c428ff49c8c4c1567a0202d416df078.

12 years agovnc: rework VncState release workflow
Chris Webb [Wed, 26 Aug 2009 22:52:43 +0000 (22:52 +0000)] 
vnc: rework VncState release workflow

Split socket closing and releasing of VncState into two steps. First close
the socket and set the variable to -1 to indicate shutdown in progress. Do
the actual release in a few places where we can be sure it doesn't cause
trouble in form of use-after-free. Add some checks for a valid socket handle
to make sure we don't try to use the closed socket.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
Backported to 0.10-stable, removing references to vs->force_update and
changing vnc_disconnect_finish() to match the code in the 0.10 version of
vnc_client_io_error() in place of the master branch version.

Signed-off-by: Chris Webb <chris@arachsys.com>
Signed-off-by: Glauber Costa <glommer@redhat.com>
12 years agoDon't segfault when changing VNC password on an SDL display.
Zachary Amsden [Thu, 30 Jul 2009 10:15:00 +0000 (00:15 -1000)] 
Don't segfault when changing VNC password on an SDL display.

Signed-off-by: Zachary Amsden <zamsden@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
Signed-off-by: Glauber Costa <glommer@redhat.com>
12 years agoFix detached migration with exec.
Chris Lalancette [Wed, 5 Aug 2009 15:07:35 +0000 (17:07 +0200)] 
Fix detached migration with exec.

When trying to do detached migration with exec, I found that
the monitor wouldn't always return in a timely manner.  I
tracked this down to exec_start_outgoing_migration.  It
appeared we were setting the fd to NONBLOCK'ing, but in
point of fact we weren't.

This bugfix should also go onto the stable 0.10 branch

Signed-off-by: Chris Lalancette <clalance@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
Signed-off-by: Glauber Costa <glommer@redhat.com>
12 years agoBACKPORT: Fix segfault of qemu-system-arm with PXA target
Torsten Duwe [Sun, 23 Aug 2009 16:08:14 +0000 (18:08 +0200)] 
BACKPORT: Fix segfault of qemu-system-arm with PXA target

qemu-system-arm (0.10.5) segfaults when invoked with a PXA machine target,
e.g. -M tosa. The reason is fairly obvious:

[backport: current code uses struct scoop_info_s instead of a typedef ]

Signed-off-by: Torsten Duwe <duwe@lst.de>
Signed-off-by: Christoph Hellwig <hch@lst.de>
Signed-off-by: Andrzej Zaborowski <balrogg@gmail.com>
Signed-off-by: Glauber Costa <glommer@redhat.com>
12 years agomake windows notice media change
Gleb Natapov [Sun, 2 Aug 2009 08:36:47 +0000 (11:36 +0300)] 
make windows notice media change

Windows seems to be very stupid about cdrom media change. It polls
cdrom status and if status goes ready->media not present->ready
it assumes that media was changed. If "media not present" step doesn't
happen even if "medium may have changed" was seen it assumes media
haven't changed. Fake "media not present" step.

Filip Navara did a great job debugging this issue in Windows and this is
what he found out:

BINGO! ... The media present notifications were broken ever since
Windows 2000 it seems. The media change is detected properly and it's
passed to ClassSetMediaChangeState function which in turn calls
ClasspInternalSetMediaChangeState. This function is responsible for
changing some internal state of the device object and sending the PnP
events which later result in application notifications. It has this
tiny bit of code (not copied byte for byte):

if (oldMediaState == NewState) {
  // Media is in the same state it was before.
  return;
}

so the end result is that for the case of UNIT NEEDS ATTENTION /
MEDIUM MAY HAVE CHANGED without NOT READY in-between is really broken.
It results in the internal media change counter incremented, so the
media contents are re-read when necessary, instead of relying on the
cache, but the notifications to applications are never sent.

Signed-off-by: Gleb Natapov <gleb@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
Message-Id:

Signed-off-by: Glauber Costa <glommer@redhat.com>
12 years agoe1000.c doesn't properly emulate EERD and ICS registers
Bill Paul [Wed, 29 Jul 2009 17:22:55 +0000 (10:22 -0700)] 
e1000.c doesn't properly emulate EERD and ICS registers

Once again, the emulation of the EERD and ICS registers in e1000.c is
incorrect. Nobody has noticed this before because none of the Intel-written
e1000 drivers use these registers, and all of the independently written open
source drivers copy Intel's example, so they don't use them either.
Regardless, these registers are documented in the programmer's manuals, and
their emulated behavior doesn't match the verified behavior of real hardware,
so any software that does use them doesn't function correctly.

-Bill

Signed-off-by: Bill Paul <wpaul@windriver.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
Signed-off-by: Glauber Costa <glommer@redhat.com>
12 years agoBACKPORT: vnc: fix copyrect screen corruption
Gerd Hoffmann [Mon, 27 Jul 2009 15:10:48 +0000 (17:10 +0200)] 
BACKPORT: vnc: fix copyrect screen corruption

When sending a copyrect command to the vnc client, we must also update
the local server surface.  Otherwise the server's and the client's idea
of the screen content run out of sync and screen updates don't work
correctly.

[ backport: uses ds_get_data() instead of direct dereference ]
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
Signed-off-by: Glauber Costa <glommer@redhat.com>
12 years agofix migration to obey -S
Paolo Bonzini [Mon, 27 Jul 2009 21:17:51 +0000 (23:17 +0200)] 
fix migration to obey -S

Since migration returns right away, starting the VM right
after calling qemu_start_incoming_migration is wrong even
if -S is not passed.  We have to do this after migration
has completed.

Cc: Glauber Costa <glommer@redhat.com>
Cc: Anthony Liguori <aliguori@us.ibm.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
Signed-off-by: Glauber Costa <glommer@redhat.com>
12 years agofix broken migration
Glauber Costa [Fri, 24 Jul 2009 20:20:23 +0000 (16:20 -0400)] 
fix broken migration

While fixing migration with -S, commit
89befdd1a6b18215153b8976682d57b7d03d5782 broke the rest of us. Poor
glommer, with a poor family, spare him his life from this monstruosity.

Since the unconditional vm_start, not autostart was the villain, I'm putting
back autostart. Let me know if you prefer other solutions, it doesn't really matter,
doesn't really matter to me.

Any way the wind blows...

Signed-off-by: Glauber Costa <glommer@redhat.com>
CC: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
Signed-off-by: Glauber Costa <glommer@redhat.com>
12 years agovmdk: Fix backing file handling
Kevin Wolf [Fri, 17 Jul 2009 06:20:41 +0000 (08:20 +0200)] 
vmdk: Fix backing file handling

Instead of storing the backing file in its own BlockDriverState, VMDK uses the
BlockDriverState of the raw image file it opened. This is wrong and breaks
functions that access the backing file or protocols. This fix replaces all
occurrences of s->hd->backing_* with bs->backing_*.

This fixes qemu-iotests failure in 020 (Commit changes to backing file).

Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
Signed-off-by: Glauber Costa <glommer@redhat.com>
12 years agoBACKPORT: Add save/restore support to the LSI logic SCSI device model.
Nolan [Mon, 20 Jul 2009 21:11:35 +0000 (14:11 -0700)] 
BACKPORT: Add save/restore support to the LSI logic SCSI device model.

This patch requires "Handle BH's queued by AIO completions in
qemu_aio_flush()" to work reliably.  The combination of those two
patches survived 300+ migrations with heavy IO load running in the
guest.

Signed-off-by: Nolan Leake <nolan <at> sigbus.net>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
Signed-off-by: Glauber Costa <glommer@redhat.com>
12 years agoHandle BH's queued by AIO completions in qemu_aio_flush()
Nolan [Mon, 20 Jul 2009 21:01:25 +0000 (14:01 -0700)] 
Handle BH's queued by AIO completions in qemu_aio_flush()

Without this, the call to qemu_aio_flush during migration doesn't
actually flush all in-flight SCSI IOs.

Signed-off-by: Nolan Leake <nolan <at> sigbus.net>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
Signed-off-by: Glauber Costa <glommer@redhat.com>
12 years agofix for bad macaddr of e1000 in Windows 2003 server with original MS driver
Naphtali Sprei [Thu, 16 Jul 2009 15:17:53 +0000 (18:17 +0300)] 
fix for bad macaddr of e1000 in Windows 2003 server with original MS driver

The sequence of reading from eeprom is "offset by one" moved because of a false
detection of a clock cycle after an eeprom reset. Keeping the last clock value
after a reset keeps it in sync.

Signed-off-by: Naphtali Sprei <nsprei@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
Signed-off-by: Glauber Costa <glommer@redhat.com>
12 years agoUpdate changelot for 0.10.6 release
Anthony Liguori [Thu, 16 Jul 2009 23:50:52 +0000 (18:50 -0500)] 
Update changelot for 0.10.6 release

12 years agoInitialize PS2 keyboard / mouse state on reset
Dinesh Subhraveti [Wed, 15 Jul 2009 01:30:53 +0000 (18:30 -0700)] 
Initialize PS2 keyboard / mouse state on reset

Currently only common PS2 state is initialized, leaving keyboard and
mouse specific state to contain stale values.

Signed-off-by: Dinesh Subhraveti <dineshs@us.ibm.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
12 years agoReset HPET config register on hpet_reset
Beth Kon [Mon, 13 Jul 2009 23:43:13 +0000 (19:43 -0400)] 
Reset HPET config register on hpet_reset

Without this, after system reset, hpet does not detect transition from
non-legacy to legacy mode.

Signed-off-by: Beth Kon <eak@us.ibm.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
12 years agohonor -S on incoming migration
Paolo Bonzini [Tue, 14 Jul 2009 16:07:50 +0000 (18:07 +0200)] 
honor -S on incoming migration

-S is not honored by qemu on incoming migration.  If a domain is migrated
while paused, thus, it will start running on the remote machine; this
is wrong.

Given the trivial patch to fix this, it looks more like a thinko
than anything else, probably dating back to the qemu-kvm merge.
The interesting part is that the -S mechanism was in fact *used* when
migrating (setting autostart = 0) and the incoming migration code was
starting the VM at the end of the migration.

Since I was removing the vm_start from there, I also corrected a related
imprecision.  The code was doing a vm_stop "just in case", but we can
be sure that the VM is not running---the vm_start call in vl.c has not
been reached yet.  So the vm_stop is removed together with the vm_start.

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
12 years agoUpdate for 0.10.6 release
Anthony Liguori [Fri, 10 Jul 2009 22:55:45 +0000 (17:55 -0500)] 
Update for 0.10.6 release

12 years agoRevert "Make sure to use SDL_CFLAGS everywhere we include SDL headers"
Anthony Liguori [Fri, 10 Jul 2009 22:57:08 +0000 (17:57 -0500)] 
Revert "Make sure to use SDL_CFLAGS everywhere we include SDL headers"

This reverts commit accceed914ff6cd0ba9258ff76659141ea24bb62.

This has proven to cause all sorts of odd build breakages.  I don't think it's
quite ready for stable.

Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
12 years agoflush pending aio requests
Glauber Costa [Mon, 6 Jul 2009 13:32:09 +0000 (09:32 -0400)] 
flush pending aio requests

When we finish migration, there may be pending async io requests
in flight. If we don't flush it before stage3 starting, it might be
the case that the guest loses it.

Signed-off-by: Glauber Costa <glommer@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
12 years agoMake sure to only vm_start() a failed migration if we were running to begin
Anthony Liguori [Thu, 9 Jul 2009 18:25:47 +0000 (13:25 -0500)] 
Make sure to only vm_start() a failed migration if we were running to begin
with.

Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
12 years agoUnregister savevm callback in eeprom93xx_free()
Mark McLoughlin [Wed, 1 Jul 2009 22:06:19 +0000 (23:06 +0100)] 
Unregister savevm callback in eeprom93xx_free()

Otherwise if you hot remove an eepro100 NIC and then migrate,
you get:

  Unknown savevm section or instance 'eeprom' 0

on the destination side.

Signed-off-by: Mark McLoughlin <markmc@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
12 years agoDon't leak VLANClientState on PCI hot remove
Mark McLoughlin [Wed, 1 Jul 2009 15:46:38 +0000 (16:46 +0100)] 
Don't leak VLANClientState on PCI hot remove

destroy_nic() requires that NICInfo::private by a PCIDevice pointer,
but then goes on to require that the same pointer matches
VLANClientState::opaque.

That is no longer the case for virtio-net since qdev and wasn't
previously the case for rtl8139, ne2k_pci or eepro100.

Make the situation a lot more clear by maintaining a VLANClientState
pointer in NICInfo.

Signed-off-by: Mark McLoughlin <markmc@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
12 years agoSubstitute O_DSYNC with O_SYNC or O_FSYNC when needed.
G 3 [Wed, 1 Jul 2009 17:28:32 +0000 (13:28 -0400)] 
Substitute O_DSYNC with O_SYNC or O_FSYNC when needed.

Signed-off-by: John Arbuckle <programmingkidx@gmail.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
12 years agosdl: Fix memory leakage
Jan Kiszka [Sat, 27 Jun 2009 07:59:40 +0000 (09:59 +0200)] 
sdl: Fix memory leakage

Valgrind was so kind to remark that no one bothers to release keycodes
after use and that something is fishy about cleaning up the requested
keyboard descriptor. With this patch applied, we no longer leak about
12k during startup.

Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
12 years agocpu_unregister_map_client: fix memory leak.
Isaku Yamahata [Fri, 26 Jun 2009 09:57:18 +0000 (18:57 +0900)] 
cpu_unregister_map_client: fix memory leak.

fix memory leak in cpu_unregister_map_client() and cpu_notify_map_clients().

Signed-off-by: Isaku Yamahata <yamahata@valinux.co.jp>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
12 years agoFix vga_screen_dump_blank() PPM generation
Eduardo Habkost [Mon, 25 May 2009 21:20:05 +0000 (18:20 -0300)] 
Fix vga_screen_dump_blank() PPM generation

vga_screen_dump_blank() was not generating a valid PPM file: the width of the
image made no sense (why it was multiplied by sizeof(uint32_t)?), and there was
only one sample per pixel, instead of three.

(cherry picked from commit 77d4db015c99ce7083fd5b33f0c650176fe8bc98)

Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
12 years agoPrevent CD-ROM media eject while device is locked
Mark McLoughlin [Wed, 27 May 2009 09:06:11 +0000 (10:06 +0100)] 
Prevent CD-ROM media eject while device is locked

Section 10.8.25 ("START/STOP UNIT Command") of SFF-8020i states that
if the device is locked we should refuse to eject if the device is
locked.

ASC_MEDIA_REMOVAL_PREVENTED is the appropriate return in this case.

In order to stop itself from ejecting the media it is running from,
Fedora's installer (anaconda) requires the CDROMEJECT ioctl() to fail
if the drive has been previously locked.

See also https://bugzilla.redhat.com/501412

(cherry picked from commit aea2a33c73f28ecd8f10b242ecadddcc79c1c28b)

Signed-off-by: Mark McLoughlin <markmc@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
12 years agokvm: Fix IRQ injection into full queue
Jan Kiszka [Sat, 30 May 2009 08:01:45 +0000 (10:01 +0200)] 
kvm: Fix IRQ injection into full queue

User space may only inject interrupts during kvm_arch_pre_run if
ready_for_interrupt_injection is set in kvm_run. But that field is
updated on exit from KVM_RUN, so we must ensure that we enter the
kernel after potentially queuing an interrupt, otherwise we risk to
loose one - like it happens with the current code against latest
kernel modules (since kvm-86) that started to queue only a single
interrupt.

Fix the problem by reordering kvm_cpu_exec.

Credits go to Gleb Natapov for analyzing the issue in details.

(cherry picked from commit 8c14c17395809dfb2b20bd3598e067d2c5af7dc4)

Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
12 years agoQEMU KVM: i386: Fix the cpu reset state
Nitin A Kamble [Thu, 4 Jun 2009 21:29:50 +0000 (14:29 -0700)] 
QEMU KVM: i386: Fix the cpu reset state

As per the IA32 processor manual, the accessed bit is set to 1 in the
processor state after reset. qemu pc cpu_reset code was missing this
accessed bit setting.

(cherry picked from commit 538f368612565f7c7672145c31e87f1d3d02d545)

Signed-off-by: Nitin A Kamble <nitin.a.kamble@intel.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
12 years agovirtio blk: fix warning.
Gerd Hoffmann [Fri, 12 Jun 2009 07:50:18 +0000 (09:50 +0200)] 
virtio blk: fix warning.

(cherry picked from commit 5c5dafdc5ecb2fd5080189e9ea4adcfa4e03ad5d)

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
12 years agolsi53c895a: Implement write access to DMA Byte Counter
Sebastian Herbszt [Sat, 13 Jun 2009 21:03:29 +0000 (23:03 +0200)] 
lsi53c895a: Implement write access to DMA Byte Counter

Adds CASE_SET_REG24 and fixes the following errors:

lsi_scsi: error: Unhandled writeb 0x24 = 0x0
lsi_scsi: error: Unhandled writeb 0x25 = 0x0

(cherry picked from commit 49c47daa3221aaf3765e9fb77cb98e62a55b7bf8)

Signed-off-by: Sebastian Herbszt <herbszt@gmx.de>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
12 years agolsi53c895a: Implement read and write access to DMA Next Address
Sebastian Herbszt [Sat, 13 Jun 2009 21:03:27 +0000 (23:03 +0200)] 
lsi53c895a: Implement read and write access to DMA Next Address

Fixes the following errors:

lsi_scsi: error: Unhandled writeb 0x28 = 0x0
lsi_scsi: error: Unhandled writeb 0x29 = 0x0
lsi_scsi: error: Unhandled writeb 0x2a = 0x0
lsi_scsi: error: Unhandled writeb 0x2b = 0x0

(cherry picked from commit 4b9a2d6de77ccd1e3fb40a0d0c8cd9eddf35e3ab)

Signed-off-by: Sebastian Herbszt <herbszt@gmx.de>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
12 years agolsi53c895a: Implement Scratch Byte Register
Sebastian Herbszt [Sat, 13 Jun 2009 21:03:26 +0000 (23:03 +0200)] 
lsi53c895a: Implement Scratch Byte Register

Fixes the following errors:

lsi_scsi: error: Unhandled writeb 0x3a = 0x0
lsi_scsi: error: readb 0x3a

(cherry picked from commit bd8ee11a6b19343f4ad0a1c5d16869584f609369)

Signed-off-by: Sebastian Herbszt <herbszt@gmx.de>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
12 years agoMake sure to use SDL_CFLAGS everywhere we include SDL headers
Anthony Liguori [Tue, 16 Jun 2009 20:17:22 +0000 (15:17 -0500)] 
Make sure to use SDL_CFLAGS everywhere we include SDL headers

(cherry picked from commit 537fe2d63f744e7c96ff45b60d09486a81958e06)

Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
12 years agofix qemu_aio_flush
Andrea Arcangeli [Mon, 15 Jun 2009 11:52:27 +0000 (13:52 +0200)] 
fix qemu_aio_flush

qemu_aio_wait by invoking the bh or one of the aio completion
callbacks, could end up submitting new pending aio, breaking the
invariant that qemu_aio_flush returns only when no pending aio is
outstanding (possibly a problem for migration as such).

(cherry picked from commit 986c28d655dc9196c9c426c667c1764bd3d6d5bd)

Signed-off-by: Andrea Arcangeli <aarcange@redhat.com>
Signed-off-by: Christoph Hellwig <hch@lst.de>
Acked-by: Kevin Wolf <kwolf@redhat.com>
12 years agomigrate_fd_close: delete associated io-handler before closing the fd
Uri Lublin [Mon, 8 Jun 2009 11:28:01 +0000 (14:28 +0300)] 
migrate_fd_close: delete associated io-handler before closing the fd

It may happen that the io-handler is still registered. That causes
select() to return with EBADF, not calling handlers for other fds.

The io-handler would be registered when (on the source) the whole state
was written but not yet flushed. For example when using QEMUFileBuffered,
(tcp-migration) there may be data left in a buffer waiting to be transferred.
In such a case buffered_close() calls buffered_flush() which calls
migrate_fd_put_buffer, which may, upon EAGAIN, register migrate_fd_put_notify
as a handler.

(cherry picked from commit e19252d32c45e92c919109ec32616382eb2afe6b)

Signed-off-by: Uri Lublin <uril@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
12 years agoexec-migration: handle EINTR in popen_get_buffer()
Uri Lublin [Mon, 8 Jun 2009 16:27:21 +0000 (19:27 +0300)] 
exec-migration: handle EINTR in popen_get_buffer()

Sometimes, upon interrupt, fread returns with no data, and
the (incoming exec) migration fails.

Fix by retrying on such a case.

(cherry picked from commit 8a67ec4d84f7db9add9a0b017a968d340fbfb807)

Signed-off-by: Uri Lublin <uril@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
12 years agoFix prototype of function zfree.
Stefan Weil [Tue, 9 Jun 2009 21:36:03 +0000 (23:36 +0200)] 
Fix prototype of function zfree.

(cherry picked from commit d084eab6f820bf914d798a99eaa4f20113f6e151)

Signed-off-by: Stefan Weil <weil@mail.berlios.de>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
13 years agoserial: fix lost character after sysrq
Jason Wessel [Mon, 18 May 2009 15:00:27 +0000 (10:00 -0500)] 
serial: fix lost character after sysrq

After creating an automated regression test to test the sysrq
responses while running a linux image in qemu, I found that the
simulated uart was eating the character right after the sysrq about
75% of the time.

The problem is that the qemu sets the LSR_DR (data ready) bit on a
serial break.  The automated tests can send a break and the sysrq
character quickly enough that the qemu serial fifo has a real
character available. When there is valid character in the fifo, it
gets consumed by the serial driver in the guest OS.

The real hardware also appears to set the LSR_DR but always appears to
have a null byte in this condition.  This patch changes the qemu
behavior to match the tested characteristics of a real 16550 chip.

Signed-off-by: Jason Wessel <jason.wessel@windriver.com>
Signed-off-by: Glauber Costa <glommer@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
13 years agoDon't send all gratuitous packets at once.
Gleb Natapov [Thu, 21 May 2009 14:17:44 +0000 (17:17 +0300)] 
Don't send all gratuitous packets at once.

Use timer to separate them in time.

Signed-off-by: Gleb Natapov <gleb@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
Signed-off-by: Glauber Costa <glommer@redhat.com>
13 years agoMinimal ethernet frame length is 64 bytes.
Gleb Natapov [Thu, 21 May 2009 14:17:43 +0000 (17:17 +0300)] 
Minimal ethernet frame length is 64 bytes.

Signed-off-by: Gleb Natapov <gleb@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
Signed-off-by: Glauber Costa <glommer@redhat.com>
13 years agonet: Fix -net socket,listen (Jan Kiszka)
aliguori [Tue, 21 Apr 2009 19:56:11 +0000 (19:56 +0000)] 
net: Fix -net socket,listen (Jan Kiszka)

In case no symbolic name is provided when requesting VLAN connection via
listening TCP socket ('-net socket,listen=...'), qemu crashes. This
fixes the cause.

Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
Signed-off-by: Glauber Costa <glommer@redhat.com>
13 years agoAllow monitor interaction when using migrate -exec
Chris Lalancette [Mon, 25 May 2009 14:38:23 +0000 (16:38 +0200)] 
Allow monitor interaction when using migrate -exec

All,
     I've recently been playing around with migration via exec.  Unfortunately,
when starting the incoming qemu process with "-incoming exec:cmd", it suffers
the same problem that -incoming tcp used to suffer; namely, that you can't
interact with the monitor until after the migration has happened.  This causes
problems for libvirt usage of -incoming exec, since libvirt expects to be able
to access the monitor ahead of time.  This fairly simple patch allows you to
access the monitor both before and after the migration has completed using exec.

(note: developed/tested with qemu-kvm, but applies perfectly fine to qemu)

Signed-off-by: Chris Lalancette <clalance@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
13 years agofix raw_pread_aligned return value
Christoph Hellwig [Mon, 25 May 2009 08:08:52 +0000 (10:08 +0200)] 
fix raw_pread_aligned return value

raw_pread_aligned currently returns the raw return value from
lseek/read, which is always -1 in case of an error.  But the
callers higher up the stack expect it to return the negated
errno just like raw_pwrite_aligned.

Signed-off-by: Christoph Hellwig <hch@lst.de>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
13 years agoVNC: Fix memory allocation (wrong structure size).
Stefan Weil [Sun, 24 May 2009 20:33:34 +0000 (22:33 +0200)] 
VNC: Fix memory allocation (wrong structure size).

Pointer vs addresses a VncDisplay structure,
so it is sufficient to allocate sizeof(VncDisplay)
or sizeof(*vs) bytes instead of the much larger
sizeof(VncState).

Maybe the misleading name should be fixed, too:
the code contains many places where vs is used,
sometimes it is a VncState *, sometimes it is a
VncDisplay *. vd would be a better name.

Signed-off-by: Stefan Weil <weil@mail.berlios.de>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
13 years agoe1000: Ignore reset command
Kevin Wolf [Sat, 23 May 2009 09:21:33 +0000 (11:21 +0200)] 
e1000: Ignore reset command

When a reset is requested, the current e1000 emulation never clears the
reset bit which may cause a driver to hang. This patch masks the reset
bit out when setting the control registert, so the reset is immediately
completed.

Signed-off-by: Kevin Wolf <mail@kevin-wolf.de>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
13 years agoUpdate for 0.10.5 release
Anthony Liguori [Wed, 20 May 2009 20:42:42 +0000 (15:42 -0500)] 
Update for 0.10.5 release

Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
13 years agokvm: work around supported cpuid ioctl() brokenness
Mark McLoughlin [Wed, 20 May 2009 18:36:18 +0000 (15:36 -0300)] 
kvm: work around supported cpuid ioctl() brokenness

KVM_GET_SUPPORTED_CPUID has been known to fail to return -E2BIG
when it runs out of entries. Detect this by always trying again
with a bigger table if the ioctl() fills the table.

Signed-off-by: Mark McLoughlin <markmc@redhat.com>
Signed-off-by: Glauber Costa <glommer@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
13 years agoRemove noisy printf when KVM masks CPU features
Anthony Liguori [Wed, 20 May 2009 18:36:17 +0000 (15:36 -0300)] 
Remove noisy printf when KVM masks CPU features

Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
Signed-off-by: Glauber Costa <glommer@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
13 years agokvm: Trim cpu features not supported by kvm
Avi Kivity [Wed, 20 May 2009 18:36:16 +0000 (15:36 -0300)] 
kvm: Trim cpu features not supported by kvm

Remove cpu features that are not supported by kvm from the cpuid features
reported to the guest.

Signed-off-by: Avi Kivity <avi@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
Signed-off-by: Glauber Costa <glommer@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
13 years agoFix x86 feature modifications for features that set multiple bits
Avi Kivity [Wed, 20 May 2009 18:36:15 +0000 (15:36 -0300)] 
Fix x86 feature modifications for features that set multiple bits

QEMU allows adding or removing cpu features by using the syntax '-cpu +feature'
or '-cpu -feature'.  Some cpuid features cause more than one bit to be set or
cleared; but QEMU stops after just one bit has been modified, causing the
feature bits to be inconsistent.

Fix by allowing all feature bits corresponding to a given name to be set.

Signed-off-by: Avi Kivity <avi@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
Signed-off-by: Glauber Costa <glommer@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
13 years agoMake x86 cpuid feature names available in file scope
Avi Kivity [Wed, 20 May 2009 18:36:14 +0000 (15:36 -0300)] 
Make x86 cpuid feature names available in file scope

To be used later.

Signed-off-by: Avi Kivity <avi@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
Signed-off-by: Glauber Costa <glommer@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
13 years agokvm: Add support for querying supported cpu features
Avi Kivity [Wed, 20 May 2009 18:36:13 +0000 (15:36 -0300)] 
kvm: Add support for querying supported cpu features

kvm does not support all cpu features; add support for dunamically querying
the supported feature set.

Signed-off-by: Avi Kivity <avi@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
Signed-off-by: Glauber Costa <glommer@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
13 years agoIntroduce kvm_check_extension to check if KVM extensions are supported
Anthony Liguori [Wed, 20 May 2009 18:36:12 +0000 (15:36 -0300)] 
Introduce kvm_check_extension to check if KVM extensions are supported

Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
Signed-off-by: Glauber Costa <glommer@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
13 years agokvm: add error message for when SMP is requested
Mark McLoughlin [Tue, 12 May 2009 11:43:19 +0000 (12:43 +0100)] 
kvm: add error message for when SMP is requested

Right now, if you try e.g. '-smp 2' you just get 'failed to
initialize KVM'.

Signed-off-by: Mark McLoughlin <markmc@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
13 years agoRemove initrd warning message
Richard W.M. Jones [Tue, 12 May 2009 07:12:05 +0000 (08:12 +0100)] 
Remove initrd warning message

Signed-off-by: Richard W.M. Jones <rjones@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
13 years agoinitialize struct sigevent before timer_create
Jean-Christophe Dubois [Sun, 17 May 2009 16:41:16 +0000 (18:41 +0200)] 
initialize struct sigevent before timer_create

When qemu is run under valgrind, valgrind shows the following output
on exit:

==3648== 1 errors in context 2 of 2:
==3648== Syscall param timer_create(evp) points to uninitialised byte(s)
==3648==    at 0x54E936A: timer_create (in /lib/librt-2.9.so)
==3648==    by 0x405DCF: dynticks_start_timer (vl.c:1549)
==3648==    by 0x40A966: main (vl.c:1726)
==3648==  Address 0x7fefffb34 is on thread 1's stack
==3648==  Uninitialised value was created by a stack allocation
==3648==    at 0x405D60: dynticks_start_timer (vl.c:1534)

This patch is a simple fix to remove this potential problem.

Signed-off-by: Jean-Christophe DUBOIS <jcd@tribudubois.net>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
13 years agoFix NULL alarm_timer pointer at exit
Jean-Christophe Dubois [Sun, 17 May 2009 16:38:39 +0000 (18:38 +0200)] 
Fix NULL alarm_timer pointer at exit

This fixes a SIGSEGV error on qemu exit.

Here is the valgrind output related to this error

==3648== Process terminating with default action of signal 11 (SIGSEGV)
==3648==  Access not within mapped region at address 0x8
==3648==    at 0x40636B: host_alarm_handler (vl.c:1345)
==3648==    by 0x52D807F: (within /lib/libpthread-2.9.so)
==3648==    by 0x5C0A12E: tcsetattr (in /lib/libc-2.9.so)
==3648==    by 0x4DD601: term_exit (qemu-char.c:700)
==3648==    by 0x5B636EC: exit (in /lib/libc-2.9.so)
==3648==    by 0x5B4B5AC: (below main) (in /lib/libc-2.9.so)

This simple fix check for a valid pointer as host_alarm_handler is
also called after alarm_timer is released in the exit path.

Signed-off-by: Jean-Christophe DUBOIS <jcd@tribudubois.net>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
13 years agokeep initrd in below 4g area.
Glauber Costa [Mon, 18 May 2009 20:35:58 +0000 (16:35 -0400)] 
keep initrd in below 4g area.

initrd must be kept on the memory area below 4g. By not doing this,
we're seeing guests break while using -initrd and values of -mem
superior to 4096.

Signed-off-by: Glauber Costa <glommer@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
13 years agomigrate.c: migrate_fd_put_buffer: Do not busyloop: stop writing if EWOULDBLOCK
Uri Lublin [Tue, 19 May 2009 11:08:53 +0000 (14:08 +0300)] 
migrate.c: migrate_fd_put_buffer: Do not busyloop: stop writing if EWOULDBLOCK

The migration code is non-blocking, designed for live migration.

Practically migrate_fd_put_buffer busy-loops trying to write, as
on many machines EWOULDBLOCK==EAGAIN (look in include/asm-generic/errno.h).

Signed-off-by: Uri Lublin <uril@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
13 years agoremove gcc 3.x requirement from documentation
Hollis Blanchard [Tue, 19 May 2009 20:08:25 +0000 (15:08 -0500)] 
remove gcc 3.x requirement from documentation

This text is no longer accurate. After the patch is applied, the
generated version at http://www.nongnu.org/qemu/qemu-doc.html should be
regenerated.

This patch is also a candidate for the stable branch. (The URL above is
probably generated from the stable branch anyways, so maybe it goes
without saying.)

Signed-off-by: Hollis Blanchard <hollisb@us.ibm.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
13 years agoETRAX: Correct passing of kernel command line.
Edgar E. Iglesias [Fri, 15 May 2009 14:53:53 +0000 (16:53 +0200)] 
ETRAX: Correct passing of kernel command line.

Signed-off-by: Edgar E. Iglesias <edgar.iglesias@gmail.com>
13 years agoETRAX: Correct setting of ethernet station address.
Edgar E. Iglesias [Wed, 13 May 2009 08:17:21 +0000 (10:17 +0200)] 
ETRAX: Correct setting of ethernet station address.

Signed-off-by: Edgar E. Iglesias <edgar.iglesias@gmail.com>
13 years agoCRIS: Fix bmi.
Edgar E. Iglesias [Tue, 12 May 2009 14:12:50 +0000 (16:12 +0200)] 
CRIS: Fix bmi.

Signed-off-by: Edgar E. Iglesias <edgar.iglesias@gmail.com>
13 years agoFix DMA API when handling an immediate error from block layer (Avi Kivity)
aliguori [Sat, 28 Mar 2009 16:11:25 +0000 (16:11 +0000)] 
Fix DMA API when handling an immediate error from block layer (Avi Kivity)

The block layer may signal an immediate error on an asynchronous request
by returning NULL.  The DMA API did not handle this correctly, returning
an AIO request which would never complete (and which would crash if
cancelled).

Fix by detecting the failure and propagating it.

Signed-off-by: Avi Kivity <avi@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
git-svn-id: svn://svn.savannah.nongnu.org/qemu/trunk@6893 c046a42c-6fe2-441c-8c8c-71466251a162

13 years agoFix vectored aio bounce handling immediate errors (Avi Kivity)
aliguori [Sat, 28 Mar 2009 16:11:20 +0000 (16:11 +0000)] 
Fix vectored aio bounce handling immediate errors (Avi Kivity)

If a bounced vectored aio fails immediately (the inner aio submission
returning NULL) then the bounce handler erronously returns an aio
request which will never be completed (and which crashes when cancelled).

Fix by detecting that the inner request has failed and propagating the
error.

Signed-off-by: Avi Kivity <avi@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
git-svn-id: svn://svn.savannah.nongnu.org/qemu/trunk@6892 c046a42c-6fe2-441c-8c8c-71466251a162

13 years agoMove block dma helpers aiocb to store dma state (Avi Kivity)
aliguori [Fri, 20 Mar 2009 18:26:16 +0000 (18:26 +0000)] 
Move block dma helpers aiocb to store dma state (Avi Kivity)

Use the dedicated dma aiocb to store intermediate state for dma block
transactions.

Signed-off-by: Avi Kivity <avi@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
git-svn-id: svn://svn.savannah.nongnu.org/qemu/trunk@6874 c046a42c-6fe2-441c-8c8c-71466251a162

13 years agoUse vectored aiocb storage to store vector translation state (Avi Kivity)
aliguori [Fri, 20 Mar 2009 18:26:12 +0000 (18:26 +0000)] 
Use vectored aiocb storage to store vector translation state (Avi Kivity)

Now that we have a dedicated acb pool for vector translation acbs, we can
store the vector translation state in the acbs instead of in an external
structure.

Signed-off-by: Avi Kivity <avi@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
git-svn-id: svn://svn.savannah.nongnu.org/qemu/trunk@6873 c046a42c-6fe2-441c-8c8c-71466251a162

13 years agoreset state for load_linux
Glauber Costa [Fri, 8 May 2009 05:22:13 +0000 (02:22 -0300)] 
reset state for load_linux

The linux loader is just an option rom like any other, just with
some special requirements. Right now, our option rom resetting
mechanism is not being applied to it. As a result, users using
-kernel will not be able to successfully reboot their machines

This patch fixes it by saving all the data we generated in
the load_linux() function, to be used later by the option rom
resetting mechanism.

This also includes Mark's fix for -kernel

Signed-off-by: Glauber Costa <glommer@redhat.com>
Signed-off-by: Mark McLoughlin <markmc@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
13 years agoRevert "reset state for load_linux"
Anthony Liguori [Wed, 13 May 2009 13:06:54 +0000 (08:06 -0500)] 
Revert "reset state for load_linux"

This reverts commit 2da1e398641d9fccf683645c808dee0d088f84cf.

This fix on the stable branch:

  commit 2da1e398641d9fccf683645c808dee0d088f84cf
  Author: Glauber Costa <glommer@redhat.com>
  Date:   Fri May 8 02:22:13 2009 -0300

    reset state for load_linux

Caused -kernel to break.

The problem is that we're passing the ROM's ram_addr_t to
load_linux() rather than its target_phys_addr_t. We also
need to register the memory before trying to write to
it.

Signed-off-by: Mark McLoughlin <markmc@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
13 years agoUpdate for 0.10.4 release
Anthony Liguori [Mon, 11 May 2009 18:13:19 +0000 (13:13 -0500)] 
Update for 0.10.4 release

Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
13 years agoImprove block range checks
Kevin Wolf [Fri, 8 May 2009 12:47:24 +0000 (14:47 +0200)] 
Improve block range checks

This patch makes the range checks for block requests more strict: It fixes a
potential integer overflow and checks for negative offsets. Also, it adds the
check for compressed writes.

Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
13 years agoe1000: Do not reinit pci config space to 0
Amit Shah [Mon, 4 May 2009 12:32:04 +0000 (18:02 +0530)] 
e1000: Do not reinit pci config space to 0

pci_register_device already mallocs the pci config space buffer filled
with zeroes.

Doing this again breaks some default config space writes like
setting the subsystem vendor id and subsystem device id.

Signed-off-by: Amit Shah <amit.shah@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
13 years agoAIO deletion race fix
Alexander Graf [Wed, 6 May 2009 00:58:48 +0000 (02:58 +0200)] 
AIO deletion race fix

When deleting an fd event there is a chance the object doesn't get
deleted, but only ->deleted set positive and deleted somewhere later.

Now, if we create a handler for the fd again before the actual
deletion occurs, we end up writing data into an object that has
->deleted set, which is obviously wrong.

I see two ways to fix this:

1. Don't return ->deleted objects in the search
2. Unset ->deleted in the search

This patch implements 1. which feels safer to do. It fixes AIO issues
I've seen with curl, as libcurl unsets fd event listeners pretty
frequently.

Signed-off-by: Alexander Graf <alex@csgraf.de>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
13 years agoreset state for load_linux
Glauber Costa [Fri, 8 May 2009 05:22:13 +0000 (02:22 -0300)] 
reset state for load_linux

The linux loader is just an option rom like any other, just with
some special requirements. Right now, our option rom resetting
mechanism is not being applied to it. As a result, users using
-kernel will not be able to successfully reboot their machines

This patch fixes it by saving all the data we generated in
the load_linux() function, to be used later by the option rom
resetting mechanism.

Signed-off-by: Glauber Costa <glommer@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
13 years agoregister reset handler for option_roms
Glauber Costa [Fri, 8 May 2009 05:22:12 +0000 (02:22 -0300)] 
register reset handler for option_roms

Currently, boot options are not preserved across a system reset.
option roms can modify themselves, or can for instance restore the real
int 0x19 vector after they tried to boot from it.

To properly do that, we need a reset handler registered to deal with option
roms. This patch is based on current version on qemu-kvm.git

Signed-off-by: Glauber Costa <glommer@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
13 years agoFix cluster freeing in qcow2
Gleb Natapov [Thu, 7 May 2009 08:31:44 +0000 (11:31 +0300)] 
Fix cluster freeing in qcow2

Need to drop QCOW_OFLAG_COPIED from a cluster pointer before freeing it.

Add an explanation how thing meant to work.

Signed-off-by: Gleb Natapov <gleb@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
13 years agoEnable power button even generation.
Anthony Liguori [Fri, 8 May 2009 15:13:01 +0000 (10:13 -0500)] 
Enable power button even generation.

Signed-off-by: Gleb Natapov <gleb@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
13 years agoUpdate version for 0.10.3 release
Anthony Liguori [Fri, 1 May 2009 16:57:29 +0000 (11:57 -0500)] 
Update version for 0.10.3 release

Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
13 years agoImplement cancellation method for dma async I/O (Avi Kivity)
aliguori [Fri, 20 Mar 2009 18:26:07 +0000 (18:26 +0000)] 
Implement cancellation method for dma async I/O (Avi Kivity)

Move the dma helpers to a private aio pool, and implement a cancellation
method for them.  Should prevent issues when cancelling I/O while dma is
in progress.

Signed-off-by: Avi Kivity <avi@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
git-svn-id: svn://svn.savannah.nongnu.org/qemu/trunk@6872 c046a42c-6fe2-441c-8c8c-71466251a162

13 years agoConvert vectored aio emulation to use a dedicated pool (Avi Kivity)
aliguori [Fri, 20 Mar 2009 18:26:03 +0000 (18:26 +0000)] 
Convert vectored aio emulation to use a dedicated pool (Avi Kivity)

This allows us to remove a hack in the vectored aio cancellation code.

Signed-off-by: Avi Kivity <avi@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
git-svn-id: svn://svn.savannah.nongnu.org/qemu/trunk@6871 c046a42c-6fe2-441c-8c8c-71466251a162

13 years agoRefactor aio callback allocation to use an aiocb pool (Avi Kivity)
aliguori [Fri, 20 Mar 2009 18:25:59 +0000 (18:25 +0000)] 
Refactor aio callback allocation to use an aiocb pool (Avi Kivity)

Move the AIOCB allocation code to use a dedicate structure, AIOPool.  AIOCB
specific information, such as the AIOCB size and cancellation routine, is
moved into the pool.

At present, there is exactly one pool per block format driver, maintaining
the status quo.

Signed-off-by: Avi Kivity <avi@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
git-svn-id: svn://svn.savannah.nongnu.org/qemu/trunk@6870 c046a42c-6fe2-441c-8c8c-71466251a162

13 years agoFix hw/acpi.c build w/ DEBUG enabled
Alex Williamson [Wed, 14 May 2008 16:38:46 +0000 (10:38 -0600)] 
Fix hw/acpi.c build w/ DEBUG enabled

Trivial build warning/fixes when the local DEBUG define is enabled.

Signed-off-by: Alex Williamson <alex.williamson@hp.com>
Signed-off-by: Avi Kivity <avi@qumranet.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
13 years agoMake sure not to fall through on error in loadvm
Anthony Liguori [Fri, 1 May 2009 14:36:03 +0000 (09:36 -0500)] 
Make sure not to fall through on error in loadvm

This is from the KVM tree

Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
13 years agoPci nic: pci_register_device can fail
Chris Wright [Mon, 21 Apr 2008 23:02:48 +0000 (16:02 -0700)] 
Pci nic: pci_register_device can fail

The pci_register_device() call in PCI nic initialization routines can
fail.  Handle this failure and propagate a meaningful error message to
the user instead of generating a SEGV.

Cc: Marcelo Tosatti <mtosatti@redhat.com>
Signed-off-by: Chris Wright <chrisw@sous-sol.org>
Signed-off-by: Avi Kivity <avi@qumranet.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
13 years agoFix serial option with -drive
Anthony Liguori [Fri, 1 May 2009 14:26:16 +0000 (09:26 -0500)] 
Fix serial option with -drive

This is from the KVM tree.

Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
13 years agosuport device driver initialization model
Glauber Costa [Thu, 23 Apr 2009 19:20:55 +0000 (15:20 -0400)] 
suport device driver initialization model

According to PnP specification, Appendix B, Option ROMs
that support DDIM (device driver initialization model) should
have their memory space writeable.

KVM deviates from us here, by removing the IO_MEM_ROM flag,
to allow for PCI option ROMs (they require DDIM). However,
there's absolutely no reason we can't do the same.

Signed-off-by: Glauber Costa <glommer@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
13 years agokvm: Avoid COW if KVM MMU is asynchronous
Jan Kiszka [Sun, 26 Apr 2009 16:03:40 +0000 (18:03 +0200)] 
kvm: Avoid COW if KVM MMU is asynchronous

Avi Kivity wrote:
> Suggest wrapping in a function and hiding it deep inside kvm-all.c.
>

Done in v2:

---------->

If the KVM MMU is asynchronous (kernel does not support MMU_NOTIFIER),
we have to avoid COW for the guest memory. Otherwise we risk serious
breakage when guest pages change there physical locations due to COW
after fork. Seen when forking smbd during runtime via -smb.

Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
13 years agovnc: windup keypad keys for qemu console emulation
Gerd Hoffmann [Tue, 28 Apr 2009 10:06:47 +0000 (12:06 +0200)] 
vnc: windup keypad keys for qemu console emulation

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
13 years agoblock-vpc: Don't silently create smaller image than requested (Kevin Wolf)
aliguori [Sat, 18 Apr 2009 15:39:10 +0000 (15:39 +0000)] 
block-vpc: Don't silently create smaller image than requested (Kevin Wolf)

The algorithm from the VHD specification for CHS calculation silently limits
images to 127 GB which may confuse a user who requested a larger image. Better
output an error message and abort.

Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
git-svn-id: svn://svn.savannah.nongnu.org/qemu/branches/stable_0_10@7183 c046a42c-6fe2-441c-8c8c-71466251a162

13 years agoRegenerate BIOS for stable branch
aliguori [Fri, 17 Apr 2009 21:12:04 +0000 (21:12 +0000)] 
Regenerate BIOS for stable branch

Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
git-svn-id: svn://svn.savannah.nongnu.org/qemu/branches/stable_0_10@7173 c046a42c-6fe2-441c-8c8c-71466251a162

13 years agoFix non-ACPI Timer Interrupt Routing (Beth Kon)
aliguori [Fri, 17 Apr 2009 21:09:14 +0000 (21:09 +0000)] 
Fix non-ACPI Timer Interrupt Routing (Beth Kon)

Replicate ACPI irq0->inti2 override in mp table for non-acpi case.

v1 -> v2 adds comment suggested by Ryan.

Signed-off-by: Beth Kon <eak@us.ibm.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
git-svn-id: svn://svn.savannah.nongnu.org/qemu/branches/stable_0_10@7172 c046a42c-6fe2-441c-8c8c-71466251a162

13 years agohpet: Fix emulation of HPET_TN_SETVAL (Jan Kiszka)
aliguori [Fri, 17 Apr 2009 21:05:45 +0000 (21:05 +0000)] 
hpet: Fix emulation of HPET_TN_SETVAL (Jan Kiszka)

While Intel's spec is not that clear here, latest changes to Linux' HPET
code (commit c23e253e67c9d8a91a0ffa33c1f571a17f0a2403, "x86: hpet: stop
HPET_COUNTER when programming periodic mode") strongly suggest that
HPET_TN_SETVAL rather means: Set _both_ the comparator value and
register.

With this patch applied, I'm again able to boot 2.6.30-rc kernels as
they no longer panic like this (which was due to the comparator
register remaining 0):

ENABLING IO-APIC IRQs
..TIMER: vector=0x30 apic1=0 pin1=2 apic2=-1 pin2=-1
..MP-BIOS bug: 8254 timer not connected to IO-APIC
...trying to set up timer (IRQ0) through the 8259A ...
..... (found apic 0 pin 2) ...
....... failed.
...trying to set up timer as Virtual Wire IRQ...
..... failed.
...trying to set up timer as ExtINT IRQ...
..... failed :(.
Kernel panic - not syncing: IO-APIC + timer doesn't work! [...]

Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
git-svn-id: svn://svn.savannah.nongnu.org/qemu/branches/stable_0_10@7171 c046a42c-6fe2-441c-8c8c-71466251a162

13 years agokvm: Fix cpuid initialization (Jan Kiszka)
aliguori [Fri, 17 Apr 2009 21:05:41 +0000 (21:05 +0000)] 
kvm: Fix cpuid initialization (Jan Kiszka)

Fix (more or less) spurious guest boot failures due to corrupted cpuid
states. The reason was insufficient initialization of cpuid entries
before passing them to the kernel.

At this chance also fix improper entry pointer progression and simplify
the code a bit.

Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
git-svn-id: svn://svn.savannah.nongnu.org/qemu/branches/stable_0_10@7170 c046a42c-6fe2-441c-8c8c-71466251a162

13 years agoqcow2 corruption: Fix alloc_cluster_link_l2 (Kevin Wolf)
aliguori [Fri, 17 Apr 2009 20:44:41 +0000 (20:44 +0000)] 
qcow2 corruption: Fix alloc_cluster_link_l2 (Kevin Wolf)

This patch fixes a qcow2 corruption bug introduced in SVN Rev 5861. L2 tables
are big endian, so entries must be converted before being passed to functions.

This bug is easy to trigger. The following script will create and destroy a
qcow2 image (the header is gone after three loop iterations):

    #!/bin/bash
    qemu-img create -f qcow2 test.qcow 1M
    for i in $(seq 1 10); do
    qemu-system-x86_64 -hda test.qcow -monitor stdio > /dev/null 2>&1 <<EOF
    savevm test-$i
    quit
    EOF
    done

Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
git-svn-id: svn://svn.savannah.nongnu.org/qemu/branches/stable_0_10@7166 c046a42c-6fe2-441c-8c8c-71466251a162

13 years agoFree VLANClientState using qemu_free() (Mark McLoughlin)
aliguori [Fri, 17 Apr 2009 18:07:01 +0000 (18:07 +0000)] 
Free VLANClientState using qemu_free() (Mark McLoughlin)

It's allocated using qemu_mallocz(), so ...

The name and model strings are strdup() allocated, so free()
is still appropriate for them.

Reported-by: Jan Kiszka <jan.kiszka@siemens.com>
Signed-off-by: Mark McLoughlin <markmc@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
git-svn-id: svn://svn.savannah.nongnu.org/qemu/branches/stable_0_10@7161 c046a42c-6fe2-441c-8c8c-71466251a162

13 years agoIntroduce VLANClientState::cleanup() (Mark McLoughlin)
aliguori [Fri, 17 Apr 2009 18:06:56 +0000 (18:06 +0000)] 
Introduce VLANClientState::cleanup() (Mark McLoughlin)

We're currently leaking memory and file descriptors on device
hot-unplug.

Signed-off-by: Mark McLoughlin <markmc@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
git-svn-id: svn://svn.savannah.nongnu.org/qemu/branches/stable_0_10@7160 c046a42c-6fe2-441c-8c8c-71466251a162

13 years agoUse NICInfo::model for eepro100 savevm ID string (Mark McLoughlin)
aliguori [Fri, 17 Apr 2009 18:06:50 +0000 (18:06 +0000)] 
Use NICInfo::model for eepro100 savevm ID string (Mark McLoughlin)

NICInfo::model will always be identical to the device name strings
we're currently passing to nic_init(). Just re-use NICInfo::model.

This makes it clear why we use vc->model for unregister_savevm()
in a subsequent patch.

Signed-off-by: Mark McLoughlin <markmc@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
git-svn-id: svn://svn.savannah.nongnu.org/qemu/branches/stable_0_10@7159 c046a42c-6fe2-441c-8c8c-71466251a162