qemu.git
7 years agohw/intc/apic.c: Use uint32_t for mask word in foreach_apic
Peter Maydell [Mon, 17 Mar 2014 16:00:31 +0000 (16:00 +0000)] 
hw/intc/apic.c: Use uint32_t for mask word in foreach_apic

Use unsigned arithmetic for operations on the mask word
in the foreach_apic() macro, to avoid relying on undefined
behaviour when shifting into the sign bit.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Stefan Weil <sw@weilnetz.de>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
7 years agotarget-i386: Avoid shifting left into sign bit
Peter Maydell [Mon, 17 Mar 2014 16:00:30 +0000 (16:00 +0000)] 
target-i386: Avoid shifting left into sign bit

Add 'U' suffixes where necessary to avoid (1 << 31) which
shifts left into the sign bit, which is undefined behaviour.
Add the suffix also for other constants in the same groupings
even if they don't shift into bit 31, for consistency.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
7 years agoCODING_STYLE: Section about mixed declarations
Eduardo Habkost [Mon, 17 Mar 2014 18:26:31 +0000 (15:26 -0300)] 
CODING_STYLE: Section about mixed declarations

We had an unwritten rule about declarations having to be at beginning of
blocks. Make it a written rule.

Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
Reviewed-by: Stefan Weil <sw@weilnetz.de>
Reviewed-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
7 years agodoc: update default PowerPC framebuffer settings
Mark Cave-Ayland [Mon, 17 Mar 2014 21:46:26 +0000 (21:46 +0000)] 
doc: update default PowerPC framebuffer settings

Since 1.7, the default framebuffer settings for PowerPC are 800x600x32.

Signed-off-by: Mark Cave-Ayland <mark.cave-ayland@ilande.co.uk>
CC: qemu-ppc@nongnu.org
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
7 years agodoc: update sun4m documentation
Mark Cave-Ayland [Mon, 17 Mar 2014 21:46:25 +0000 (21:46 +0000)] 
doc: update sun4m documentation

A few minor tidy-ups, plus add reference to the new -vga tcx and cg3 options.

Signed-off-by: Mark Cave-Ayland <mark.cave-ayland@ilande.co.uk>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
7 years agofix return check for KVM_GET_DIRTY_LOG ioctl
Mario Smarduch [Wed, 19 Mar 2014 17:24:26 +0000 (10:24 -0700)] 
fix return check for KVM_GET_DIRTY_LOG ioctl

Fix return condition check from kvm_vm_ioctl(s, KVM_GET_DIRTY_LOG, &d) to
handle internal failures or no support for memory slot dirty bitmap.
Otherwise the ioctl succeeds and continues with migration.
Addresses BUG# 1294227

Signed-off-by: Mario Smarduch <m.smarduch@samsung.com>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
7 years agotarget-i386: Add missing 'static' and 'const' attributes
Stefan Weil [Sun, 16 Mar 2014 14:03:41 +0000 (15:03 +0100)] 
target-i386: Add missing 'static' and 'const' attributes

This fixes warnings from the static code analysis (smatch).

Signed-off-by: Stefan Weil <sw@weilnetz.de>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
7 years agoutil: Add 'static' attribute to function implementation
Stefan Weil [Sun, 16 Mar 2014 18:02:52 +0000 (19:02 +0100)] 
util: Add 'static' attribute to function implementation

The static code analyzer smatch complains because of a missing 'static'
attribute:

util/module.c:166:6: warning:
 symbol 'module_load' was not declared. Should it be static?

'static' is used in the forward declaration, but not in the implementation.
Add it there, too.

Signed-off-by: Stefan Weil <sw@weilnetz.de>
Reviewed-by: Richard Henderson <rth@twiddle.net>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
7 years agohw/ide: Add missing 'static' attributes
Stefan Weil [Sun, 16 Mar 2014 18:13:18 +0000 (19:13 +0100)] 
hw/ide: Add missing 'static' attributes

This fixes a warning from the static code analysis (smatch).

Signed-off-by: Stefan Weil <sw@weilnetz.de>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
7 years agotarget-arm: Add missing 'static' attribute
Stefan Weil [Sun, 16 Mar 2014 18:07:55 +0000 (19:07 +0100)] 
target-arm: Add missing 'static' attribute

This fixes a warning from the static code analysis (smatch).

Signed-off-by: Stefan Weil <sw@weilnetz.de>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
7 years agotarget-s390x: Add missing 'static' and 'const' attributes
Stefan Weil [Sun, 16 Mar 2014 13:49:11 +0000 (14:49 +0100)] 
target-s390x: Add missing 'static' and 'const' attributes

This fixes warnings from the static code analysis (smatch).

Signed-off-by: Stefan Weil <sw@weilnetz.de>
Reviewed-by: Richard Henderson <rth@twiddle.net>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
7 years agoMerge remote-tracking branch 'remotes/mcayland/qemu-sparc' into staging
Peter Maydell [Thu, 27 Mar 2014 10:54:17 +0000 (10:54 +0000)] 
Merge remote-tracking branch 'remotes/mcayland/qemu-sparc' into staging

* remotes/mcayland/qemu-sparc:
  target-sparc: fix 32bit integer division overflow

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
7 years agotarget-sparc: fix 32bit integer division overflow
Olivier Danet [Fri, 21 Mar 2014 01:25:19 +0000 (02:25 +0100)] 
target-sparc: fix 32bit integer division overflow

The signed integer division -0x8000_0000_0000_0000 / -1 must be handled
separately to avoid an overflow on the QEMU host.

Negative overflow must be a negative number for correct sign
extension in Sparc64 mode. Use <stdint.h> constants.

Signed-off-by: Olivier Danet <odanet@caramail.com>
Signed-off-by: Mark Cave-Ayland <mark.cave-ayland@ilande.co.uk>
7 years agoMerge remote-tracking branch 'remotes/riku/for-2.0' into staging
Peter Maydell [Wed, 26 Mar 2014 17:10:15 +0000 (17:10 +0000)] 
Merge remote-tracking branch 'remotes/riku/for-2.0' into staging

* remotes/riku/for-2.0:
  linux-user: Correct DLINFO_ITEMS

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
7 years agoMerge remote-tracking branch 'remotes/bonzini/scsi-next' into staging
Peter Maydell [Wed, 26 Mar 2014 16:17:36 +0000 (16:17 +0000)] 
Merge remote-tracking branch 'remotes/bonzini/scsi-next' into staging

* remotes/bonzini/scsi-next:
  spapr_vscsi: remove duplicate condition check
  scsi: check req pointer before dereferencing it

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
7 years agoMerge remote-tracking branch 'remotes/mst/tags/for_upstream' into staging
Peter Maydell [Wed, 26 Mar 2014 15:15:19 +0000 (15:15 +0000)] 
Merge remote-tracking branch 'remotes/mst/tags/for_upstream' into staging

acpi,virtio bug fixes

Two bugfixes for virtio-net, and one for a recent
regression in acpi.
Both issues have been reported in the wild, so
I think it's preferable to merge these ASAP so
that reporters can make sure RC fixes their issue.

Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
# gpg: Signature made Wed 26 Mar 2014 10:52:16 GMT using RSA key ID D28D5469
# gpg: Good signature from "Michael S. Tsirkin <mst@kernel.org>"
# gpg:                 aka "Michael S. Tsirkin <mst@redhat.com>"

* remotes/mst/tags/for_upstream:
  virtio-net: add vlan receive state to RxFilterInfo
  virtio-net: Do not filter VLANs without F_CTRL_VLAN
  Revert "acpi-test: rebuild SSDT"
  acpi: make SSDT 1.0 spec compliant when possible

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
7 years agoMerge remote-tracking branch 'remotes/weil/qemu-2.0' into staging
Peter Maydell [Wed, 26 Mar 2014 14:07:25 +0000 (14:07 +0000)] 
Merge remote-tracking branch 'remotes/weil/qemu-2.0' into staging

* remotes/weil/qemu-2.0:
  gtk: Support GTK without VTE

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
7 years agospapr_vscsi: remove duplicate condition check
Prasad Joshi [Mon, 24 Mar 2014 15:44:46 +0000 (21:14 +0530)] 
spapr_vscsi: remove duplicate condition check

Signed-off-by: Prasad Joshi <prasadjoshi.linux@gmail.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
7 years agoscsi: check req pointer before dereferencing it
Prasad Joshi [Wed, 19 Mar 2014 01:40:32 +0000 (07:10 +0530)] 
scsi: check req pointer before dereferencing it

Signed-off-by: Prasad Joshi <prasadjoshi.linux@gmail.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
7 years agolinux-user: Correct DLINFO_ITEMS
James Hogan [Tue, 25 Mar 2014 21:47:28 +0000 (21:47 +0000)] 
linux-user: Correct DLINFO_ITEMS

Commit a07c67dfccb1 (Implement AT_CLKTCK.) back in March 2008 added a
new auxvec entry but didn't increment DLINFO_ITEMS, so it's been out of
sync ever since.

Bump it up to 14 so that it matches the number of NEW_AUX_ENT's that
need to be counted in create_elf_tables().

Signed-off-by: James Hogan <james.hogan@imgtec.com>
Cc: Riku Voipio <riku.voipio@iki.fi>
Cc: Paul Brook <paul@codesourcery.com>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Riku Voipio <riku.voipio@linaro.org>
7 years agovirtio-net: add vlan receive state to RxFilterInfo
Amos Kong [Wed, 26 Mar 2014 00:19:43 +0000 (08:19 +0800)] 
virtio-net: add vlan receive state to RxFilterInfo

Stefan Fritsch just fixed a virtio-net driver bug [1], virtio-net won't
filter out VLAN-tagged packets if VIRTIO_NET_F_CTRL_VLAN isn't negotiated.

This patch added a new field to @RxFilterInfo to indicate vlan receive
state ('normal', 'none', 'all'). If VIRTIO_NET_F_CTRL_VLAN isn't
negotiated, vlan receive state will be 'all', then all VLAN-tagged packets
will be received by guest.

This patch also fixed a boundary issue in visiting vlan table.

[1] http://lists.nongnu.org/archive/html/qemu-devel/2014-02/msg02604.html

Signed-off-by: Amos Kong <akong@redhat.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
7 years agovirtio-net: Do not filter VLANs without F_CTRL_VLAN
Stefan Fritsch [Wed, 26 Mar 2014 10:29:52 +0000 (18:29 +0800)] 
virtio-net: Do not filter VLANs without F_CTRL_VLAN

If VIRTIO_NET_F_CTRL_VLAN is not negotiated, do not filter out all
VLAN-tagged packets but send them to the guest.

This fixes VLANs with OpenBSD guests (and probably NetBSD, too, because
the OpenBSD driver started as a port from NetBSD).

Signed-off-by: Stefan Fritsch <sf@sfritsch.de>
Signed-off-by: Amos Kong <akong@redhat.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
7 years agoRevert "acpi-test: rebuild SSDT"
Michael S. Tsirkin [Wed, 26 Mar 2014 10:42:31 +0000 (12:42 +0200)] 
Revert "acpi-test: rebuild SSDT"

This reverts commit d07e0e9cddf02dd2abedbbf7ab0e069c8f5dabfd.

Since
commit b4f4d54812624581ce429c805e5179c78222c707
    acpi: make SSDT 1.0 spec compliant when possible
We are back to old encoding.

Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
7 years agoacpi: make SSDT 1.0 spec compliant when possible
Michael S. Tsirkin [Wed, 26 Mar 2014 10:31:31 +0000 (12:31 +0200)] 
acpi: make SSDT 1.0 spec compliant when possible

The ACPI specification says:

The ASL compiler can emit two different AML opcodes for a Package
declaration, either PackageOp or VarPackageOp. For small, fixed-length
packages, the PackageOp is used and this opcode is compatible with ACPI
1.0. A VarPackageOp will be emitted if any of the following conditions
are true:
. The NumElements argument is a TermArg that can only be resolved at
runtime.
. At compile time, NumElements resolves to a constant that is larger than
255.
. The PackageList contains more than 255 initializer elements.
Note: The ability to create variable-sized packages was first introduced
in ACPI 2.0. ACPI 1.0 only allowed fixed-size packages with up to 255 elements.

So the spec seems to say a fixed value up to 255 must always
be used with PackageOp and not VarPackageOp, and some guests
(windows up to win2k8) seem to interpret it like this.

Let's do just this, choosing the encoding depending on
the number of elements.

Fixes 9bcc80cd71892df42605e0c097d85c0237ff45d1
(i386/acpi-build: allow more than 255 elements in CPON).

https://bugs.launchpad.net/bugs/1297651

Reported-by: Robert Hu <robert.hu@intel.com>
Cc: Laszlo Ersek <lersek@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
7 years agogtk: Support GTK without VTE
Stefan Weil [Wed, 19 Feb 2014 06:04:34 +0000 (07:04 +0100)] 
gtk: Support GTK without VTE

GTK without VTE is needed for hosts which don't support VTE (for example
all variants of MinGW), but it can also be reasonable for other hosts.

Signed-off-by: Stefan Weil <sw@weilnetz.de>
7 years agotarget-mips: fix MTHC1 and MFHC1 when FPU in FR=0 mode
Petar Jovanovic [Tue, 25 Mar 2014 13:35:18 +0000 (14:35 +0100)] 
target-mips: fix MTHC1 and MFHC1 when FPU in FR=0 mode

Previous implementation presumed that FPU registers are 64-bit and are
working in 64-bit mode. This change first checks MIPS_HFLAG_F64 and if not
set, it does load/store from the odd numbered register pair.
Patch by Matthew Fortune.

Signed-off-by: Matthew Fortune <matthew.fortune@imgtec.com>
Signed-off-by: Petar Jovanovic <petar.jovanovic@imgtec.com>
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
7 years agoMerge remote-tracking branch 'remotes/awilliam/tags/vfio-pci-for-qemu-20140325.0...
Peter Maydell [Tue, 25 Mar 2014 18:30:52 +0000 (18:30 +0000)] 
Merge remote-tracking branch 'remotes/awilliam/tags/vfio-pci-for-qemu-20140325.0' into staging

A couple trivial fixes for QEMU 2.0:
 - Coding correction that allowed attempts to read the device
   ROM after we'd already marked it failed (Bandan)
 - Cosmetic error reporting fixes to remove unnecessary new lines
   and fix a cut-n-paste wording error (Alex)

# gpg: Signature made Tue 25 Mar 2014 18:18:57 GMT using RSA key ID 3BB08B22
# gpg: Can't check signature: public key not found

* remotes/awilliam/tags/vfio-pci-for-qemu-20140325.0:
  vfio: Cosmetic error reporting fixes
  vfio: Correction in vfio_rom_read when attempting rom loading

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
7 years agovfio: Cosmetic error reporting fixes
Alex Williamson [Tue, 25 Mar 2014 18:08:52 +0000 (12:08 -0600)] 
vfio: Cosmetic error reporting fixes

* Remove terminating newlines from hw_error() and error_report() calls
* Fix cut-n-paste error in text (s/to/from/)

Signed-off-by: Alex Williamson <alex.williamson@redhat.com>
7 years agoMerge remote-tracking branch 'remotes/stefanha/tags/net-pull-request' into staging
Peter Maydell [Tue, 25 Mar 2014 17:49:45 +0000 (17:49 +0000)] 
Merge remote-tracking branch 'remotes/stefanha/tags/net-pull-request' into staging

Net patches

# gpg: Signature made Tue 25 Mar 2014 15:02:48 GMT using RSA key ID 81AB73C8
# gpg: Good signature from "Stefan Hajnoczi <stefanha@redhat.com>"
# gpg:                 aka "Stefan Hajnoczi <stefanha@gmail.com>"
# gpg: WARNING: This key is not certified with a trusted signature!
# gpg:          There is no indication that the signature belongs to the owner.
# Primary key fingerprint: 8695 A8BF D3F9 7CDA AC35  775A 9CA4 ABB3 81AB 73C8

* remotes/stefanha/tags/net-pull-request:
  net: netmap_poll must update both read/write poll state

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
7 years agoMerge remote-tracking branch 'remotes/stefanha/tags/block-pull-request' into staging
Peter Maydell [Tue, 25 Mar 2014 15:23:08 +0000 (15:23 +0000)] 
Merge remote-tracking branch 'remotes/stefanha/tags/block-pull-request' into staging

Block pull request

# gpg: Signature made Tue 25 Mar 2014 14:34:45 GMT using RSA key ID 81AB73C8
# gpg: Good signature from "Stefan Hajnoczi <stefanha@redhat.com>"
# gpg:                 aka "Stefan Hajnoczi <stefanha@gmail.com>"
# gpg: WARNING: This key is not certified with a trusted signature!
# gpg:          There is no indication that the signature belongs to the owner.
# Primary key fingerprint: 8695 A8BF D3F9 7CDA AC35  775A 9CA4 ABB3 81AB 73C8

* remotes/stefanha/tags/block-pull-request:
  mirror: fix early wake from sleep due to aio
  mirror: fix throttling delay calculation
  Fixed various typos
  qemu-img: mandate argument to 'qemu-img check --repair'
  osdep: initialize glib threads in all QEMU tools

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
7 years agovfio: Correction in vfio_rom_read when attempting rom loading
Bandan Das [Tue, 25 Mar 2014 14:24:20 +0000 (08:24 -0600)] 
vfio: Correction in vfio_rom_read when attempting rom loading

commit e638073c569e801ce9de added a flag to track whether
a previous rom read had failed. Accidentally, the code
ended up adding vfio_load_option_rom twice. (Thanks to Alex
for spotting it)

Signed-off-by: Bandan Das <bsd@redhat.com>
Signed-off-by: Alex Williamson <alex.williamson@redhat.com>
7 years agomirror: fix early wake from sleep due to aio
Stefan Hajnoczi [Fri, 21 Mar 2014 12:55:19 +0000 (13:55 +0100)] 
mirror: fix early wake from sleep due to aio

The mirror blockjob coroutine rate-limits itself by sleeping.  The
coroutine also performs I/O asynchronously so it's important that the
aio callback doesn't wake the coroutine early as that breaks
rate-limiting.

Reported-by: Joaquim Barrera <jbarrera@ac.upc.edu>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
7 years agomirror: fix throttling delay calculation
Paolo Bonzini [Fri, 21 Mar 2014 12:55:18 +0000 (13:55 +0100)] 
mirror: fix throttling delay calculation

The throttling delay calculation was using an inaccurate sector count to
calculate the time to sleep.  This broke rate-limiting for the block
mirror job.

Move the delay calculation into mirror_iteration() where we know how
many sectors were transferred.  This lets us calculate an accurate delay
time.

Reported-by: Joaquim Barrera <jbarrera@ac.upc.edu>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
7 years agoFixed various typos
Deepak Kathayat [Mon, 24 Mar 2014 08:30:17 +0000 (16:30 +0800)] 
Fixed various typos

Signed-off-by: Deepak Kathayat <deepak.mk17@gmail.com>
Reviewed-by: Andreas Färber <afaerber@suse.de>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
7 years agoqemu-img: mandate argument to 'qemu-img check --repair'
Prasad Joshi [Mon, 24 Mar 2014 18:38:54 +0000 (00:08 +0530)] 
qemu-img: mandate argument to 'qemu-img check --repair'

qemu-img check --repair option accepts an argument. The argument to
--repair switch can either be 'all' or 'leak'. Fix the long option to
mandate argument with --repair switch.

The patch fixes following segmentation fault

Core was generated by `qemu-img check -f qcow2 --repair all t.qcow2'.
Program terminated with signal 11, Segmentation fault.
0  in img_check (argc=6, argv=0x7fffab9b8a10) at qemu-img.c:588
588             if (!strcmp(optarg, "leaks")) {
(gdb) bt
  0  img_check (argc=6, argv=0x7fffab9b8a10) at qemu-img.c:588
  1  __libc_start_main () from /lib/x86_64-linux-gnu/libc.so.6
  2  _start ()
(gdb)

Signed-off-by: Prasad Joshi <prasadjoshi.linux@gmail.com>
Reviewed-by: Leandro Dorileo <l@dorileo.org>
Reviewed-by: Kevin Wolf <kwolf@redhat.com>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
7 years agoosdep: initialize glib threads in all QEMU tools
Stefan Hajnoczi [Tue, 8 Oct 2013 09:58:31 +0000 (11:58 +0200)] 
osdep: initialize glib threads in all QEMU tools

glib versions prior to 2.31.0 require an explicit g_thread_init() call
to enable multi-threading.

Failure to initialize threading causes glib to take single-threaded code
paths without synchronization.  For example, the g_slice allocator will
crash due to race conditions.

Fix this for all QEMU tool programs (qemu-nbd, qemu-io, qemu-img) by
moving the g_thread_init() call from vl.c:main() into a new
osdep.c:thread_init() constructor function.

thread_init() has __attribute__((constructor)) and is automatically
invoked by the runtime during startup.

We can now drop the "simple" trace backend's g_thread_init() call since
thread_init() already called it.

Note that we must keep coroutine-gthread.c's g_thread_init() call which
is located in a constructor function.  There is no guarantee for
constructor function ordering so thread_init() may only be called later.

Reported-by: Mario de Chenno <mario.dechenno@unina2.it>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
7 years agonet: netmap_poll must update both read/write poll state
Prasad Joshi [Sun, 23 Mar 2014 09:28:43 +0000 (14:58 +0530)] 
net: netmap_poll must update both read/write poll state

Signed-off-by: Prasad Joshi <prasadjoshi.linux@gmail.com>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
7 years agoMerge remote-tracking branch 'remotes/pmaydell/tags/pull-target-arm-20140324' into...
Peter Maydell [Mon, 24 Mar 2014 19:25:09 +0000 (19:25 +0000)] 
Merge remote-tracking branch 'remotes/pmaydell/tags/pull-target-arm-20140324' into staging

target-arm queue for 2.0:
 * Fix wrong-results bug in A64 Neon MLS instruction
 * Fix loading of ELF images for 32 bit boards in qemu-system-aarch64

# gpg: Signature made Mon 24 Mar 2014 17:14:07 GMT using RSA key ID 14360CDE
# gpg: Good signature from "Peter Maydell <peter.maydell@linaro.org>"

* remotes/pmaydell/tags/pull-target-arm-20140324:
  target-arm: Load ELF images with the correct machine type for CPU
  target-arm: Fix A64 Neon MLS

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
7 years agoMerge remote-tracking branch 'remotes/mst/tags/for_upstream' into staging
Peter Maydell [Mon, 24 Mar 2014 19:00:02 +0000 (19:00 +0000)] 
Merge remote-tracking branch 'remotes/mst/tags/for_upstream' into staging

acpi,pc,test bug fixes

More small fixes all over the place.
Notably fixes for big-endian hosts by Marcel.

Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
# gpg: Signature made Mon 24 Mar 2014 10:41:07 GMT using RSA key ID D28D5469
# gpg: Good signature from "Michael S. Tsirkin <mst@kernel.org>"
# gpg:                 aka "Michael S. Tsirkin <mst@redhat.com>"
# gpg: WARNING: This key is not certified with a trusted signature!
# gpg:          There is no indication that the signature belongs to the owner.
# Primary key fingerprint: 0270 606B 6F3C DF3D 0B17  0970 C350 3912 AFBE 8E67
#      Subkey fingerprint: 5D09 FD08 71C8 F85B 94CA  8A0D 281F 0DB8 D28D 5469

* remotes/mst/tags/for_upstream:
  tests/acpi-test: do not fail if iasl is broken
  vl.c: Use MAX_CPUMASK_BITS macro instead of hardcoded constant
  sysemu.h: Document what MAX_CPUMASK_BITS really limits
  acpi: fix endian-ness for table ids
  acpi-test: signature endian-ness fixes
  i386/acpi-build: support hotplug of VCPU with APIC ID 0xFF
  acpi-test: rebuild SSDT
  i386/acpi-build: allow more than 255 elements in CPON
  pc: Refuse max_cpus if it results in too large APIC ID
  acpi: Don't use MAX_CPUMASK_BITS for APIC ID bitmap
  acpi: Assert sts array limit on AcpiCpuHotplug_add()
  pc: Refuse CPU hotplug if the resulting APIC ID is too large
  acpi: Add ACPI_CPU_HOTPLUG_ID_LIMIT macro
  acpi-test: update expected SSDT files
  acpi-build: fix misaligned access

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
7 years agoMerge remote-tracking branch 'remotes/spice/tags/pull-spice-5' into staging
Peter Maydell [Mon, 24 Mar 2014 18:47:19 +0000 (18:47 +0000)] 
Merge remote-tracking branch 'remotes/spice/tags/pull-spice-5' into staging

spice: input: Fix absolute mouse y coordinates

# gpg: Signature made Mon 24 Mar 2014 07:44:11 GMT using RSA key ID D3E87138
# gpg: Good signature from "Gerd Hoffmann (work) <kraxel@redhat.com>"
# gpg:                 aka "Gerd Hoffmann <gerd@kraxel.org>"
# gpg:                 aka "Gerd Hoffmann (private) <kraxel@gmail.com>"

* remotes/spice/tags/pull-spice-5:
  spice: input: Fix absolute mouse y coordinates

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
7 years agobackends/baum.c: Fix compilation when SDL is not available.
Richard W.M. Jones [Fri, 21 Mar 2014 21:29:37 +0000 (21:29 +0000)] 
backends/baum.c: Fix compilation when SDL is not available.

backends/baum.c: In function ‘chr_baum_init’:
backends/baum.c:569:64: error: missing binary operator before token "("
 #if defined(CONFIG_SDL) && SDL_COMPILEDVERSION < SDL_VERSIONNUM(2, 0, 0)
                                                                ^
backends/baum.c:598:64: error: missing binary operator before token "("
 #if defined(CONFIG_SDL) && SDL_COMPILEDVERSION < SDL_VERSIONNUM(2, 0, 0)

Signed-off-by: Richard W.M. Jones <rjones@redhat.com>
Message-id: 1395437377-5779-1-git-send-email-rjones@redhat.com
Reviewed-by: Stefan Weil <sw@weilnetz.de>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
7 years agotarget-arm: Load ELF images with the correct machine type for CPU
Peter Maydell [Fri, 21 Mar 2014 18:44:36 +0000 (18:44 +0000)] 
target-arm: Load ELF images with the correct machine type for CPU

When trying to load an ELF file specified via -kernel, we need to
pass load_elf() the ELF machine type corresponding to the CPU we're
booting with, not the one corresponding to the softmmu binary
we happen to be running. (The two are different in the case of
loading a 32-bit ARM ELF file into a 32 bit CPU being emulated
by qemu-system aarch64.) This was causing us to incorrectly fail
to load ELF images in this situation.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Andreas Färber <afaerber@suse.de>
Message-id: 1395427476-25546-1-git-send-email-peter.maydell@linaro.org

7 years agotarget-arm: Fix A64 Neon MLS
Peter Maydell [Mon, 24 Mar 2014 15:59:02 +0000 (15:59 +0000)] 
target-arm: Fix A64 Neon MLS

The order of operands for the accumulate step in disas_simd_3same_int()
was reversed. This only affected the MLS instruction, since all the
other accumulating instructions in this category perform an addition
rather than a subtraction.

Reported-by: Laurent Desnogues <laurent.desnogues@gmail.com>
Tested-by: Laurent Desnogues <laurent.desnogues@gmail.com>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
7 years agotests/acpi-test: do not fail if iasl is broken
Marcel Apfelbaum [Mon, 24 Mar 2014 10:02:33 +0000 (12:02 +0200)] 
tests/acpi-test: do not fail if iasl is broken

There is an issue with iasl on big endian machines: It
cannot disassemble acpi tables taken from little endian
machines, so we cannot check the expected tables.

The acpi test will check if the expected aml files
can be disassembled, and will issue an warning not
failing the test on those machines until this
problem is solved by the acpica community.

Signed-off-by: Marcel Apfelbaum <marcel.a@redhat.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
7 years agospice: input: Fix absolute mouse y coordinates
Cole Robinson [Fri, 21 Mar 2014 18:28:49 +0000 (14:28 -0400)] 
spice: input: Fix absolute mouse y coordinates

Current tablet + spice is unusable. Regressed with the UI input rework.

Signed-off-by: Cole Robinson <crobinso@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
7 years agoMerge remote-tracking branch 'remotes/afaerber/tags/ppc-for-2.0' into staging
Peter Maydell [Thu, 20 Mar 2014 11:45:37 +0000 (11:45 +0000)] 
Merge remote-tracking branch 'remotes/afaerber/tags/ppc-for-2.0' into staging

PowerPC queue for 2.0

* sPAPR loop fix
* SPR reset fix
* Reduce allocation size of indirect opcode tables
* Restrict number of CPU threads
* sPAPR H_SET_MODE fixes
* sPAPR firmware path fixes
* Static and constness cleanups

# gpg: Signature made Thu 20 Mar 2014 01:46:14 GMT using RSA key ID 3E7E013F
# gpg: Good signature from "Andreas Färber <afaerber@suse.de>"
# gpg:                 aka "Andreas Färber <afaerber@suse.com>"

* remotes/afaerber/tags/ppc-for-2.0:
  spapr: Implement interface to fix device pathname
  spapr: QOM'ify pseries machine
  spapr_vio: Fix firmware names
  spapr_llan: Add to boot device list
  qdev: Introduce FWPathProvider interface
  vl.c: Extend get_boot_devices_list() to ignore suffixes
  spapr_hcall: Fix little-endian resource handling in H_SET_MODE
  target-ppc: Introduce powerisa-207-server flag
  target-ppc: Force CPU threads count to be a power of 2
  target-ppc: Fix overallocation of opcode tables
  target-ppc: Reset SPRs on CPU reset
  spapr_hcall: Fix h_enter to loop correctly
  target-ppc: Add missing 'static' and 'const' attributes

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
7 years agospapr: Implement interface to fix device pathname
Alexey Kardashevskiy [Mon, 17 Mar 2014 02:40:27 +0000 (13:40 +1100)] 
spapr: Implement interface to fix device pathname

This extends the pseries machine type with the interface to fix firmware
pathnames for devices which have @bootindex property.

This fixes SCSI disks' device node names (which are wildcard nodes in
the device-tree), for spapr-vscsi, virtio-scsi and usb-storage.

This fixes PHB name from "pci" to "pci@XXXX" where XXXX is a BUID as
there is no bus on top of sPAPRPHBState where PHB firmware name could
be fixed using the BusClass::get_fw_dev_path() mechanism.

This stores the boot list in the /chosen/qemu,boot-list property of
the device tree. "\n" are replaced by spaces to support OF1275.

Signed-off-by: Alexey Kardashevskiy <aik@ozlabs.ru>
Signed-off-by: Andreas Färber <afaerber@suse.de>
7 years agospapr: QOM'ify pseries machine
Alexey Kardashevskiy [Mon, 17 Mar 2014 02:40:26 +0000 (13:40 +1100)] 
spapr: QOM'ify pseries machine

Signed-off-by: Alexey Kardashevskiy <aik@ozlabs.ru>
Signed-off-by: Andreas Färber <afaerber@suse.de>
7 years agospapr_vio: Fix firmware names
Alexey Kardashevskiy [Mon, 17 Mar 2014 02:40:25 +0000 (13:40 +1100)] 
spapr_vio: Fix firmware names

This changes VIO bridge fw name from spapr-vio-bridge to vdevice and
vscsi/veth node names from QEMU object names to VIO specific device tree
names.

Signed-off-by: Alexey Kardashevskiy <aik@ozlabs.ru>
Signed-off-by: Andreas Färber <afaerber@suse.de>
7 years agospapr_llan: Add to boot device list
Alexey Kardashevskiy [Mon, 17 Mar 2014 02:40:24 +0000 (13:40 +1100)] 
spapr_llan: Add to boot device list

Signed-off-by: Alexey Kardashevskiy <aik@ozlabs.ru>
Signed-off-by: Andreas Färber <afaerber@suse.de>
7 years agoqdev: Introduce FWPathProvider interface
Paolo Bonzini [Mon, 17 Mar 2014 02:40:23 +0000 (13:40 +1100)] 
qdev: Introduce FWPathProvider interface

QEMU supports firmware names for all devices in the QEMU tree but
some architectures expect some parts of firmware path names in different
format.

This introduces a firmware-pathname-change interface definition.
If some machines needs to redefine the firmware path format, it has
to add the TYPE_FW_PATH_PROVIDER interface to an object that is above
the device on the QOM tree (typically /machine).

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Alexey Kardashevskiy <aik@ozlabs.ru>
Signed-off-by: Andreas Färber <afaerber@suse.de>
7 years agovl.c: Extend get_boot_devices_list() to ignore suffixes
Alexey Kardashevskiy [Mon, 17 Mar 2014 02:40:22 +0000 (13:40 +1100)] 
vl.c: Extend get_boot_devices_list() to ignore suffixes

As suffixes do not make sense for sPAPR's device tree and
there is no way to filter them out on the BusState::get_fw_dev_path()
level, let's add an ability for the external caller to specify
whether to apply suffixes or not.

We could handle suffixes in SLOF (ignored for now) but this would require
serious rework in the node opening code in SLOF, which has no obvious
benefit for the currently emulated sPAPR machine.

Signed-off-by: Alexey Kardashevskiy <aik@ozlabs.ru>
Signed-off-by: Andreas Färber <afaerber@suse.de>
7 years agospapr_hcall: Fix little-endian resource handling in H_SET_MODE
Alexey Kardashevskiy [Fri, 7 Mar 2014 04:37:40 +0000 (15:37 +1100)] 
spapr_hcall: Fix little-endian resource handling in H_SET_MODE

This changes resource code definitions to ones used in the host kernel.

This fixes H_SET_MODE_RESOURCE_LE (switch between big endian and
little endian) to sync registers from KVM before changing LPCR value.

This adds a set_spr() helper to update an SPR in a CPU's context to avoid
possible races and makes use of it to change LPCR.

Signed-off-by: Alexey Kardashevskiy <aik@ozlabs.ru>
Reviewed-by: Greg Kurz <gkurz@linux.vnet.ibm.com>
Signed-off-by: Andreas Färber <afaerber@suse.de>
7 years agotarget-ppc: Introduce powerisa-207-server flag
Alexey Kardashevskiy [Fri, 7 Mar 2014 04:37:39 +0000 (15:37 +1100)] 
target-ppc: Introduce powerisa-207-server flag

This flag will be used to decide whether to emulate some bits of
H_SET_MODE hypercall because some are POWER8-only.

While we are here, add 2.05 flag to POWER8 family too. POWER7/7+ already
have it.

Signed-off-by: Alexey Kardashevskiy <aik@ozlabs.ru>
Reviewed-by: Greg Kurz <gkurz@linux.vnet.ibm.com>
Signed-off-by: Andreas Färber <afaerber@suse.de>
7 years agotarget-ppc: Force CPU threads count to be a power of 2
Bharata B Rao [Wed, 5 Mar 2014 08:32:36 +0000 (14:02 +0530)] 
target-ppc: Force CPU threads count to be a power of 2

PowerPC kernel expects the number of SMT threads in a core to be a power
of 2. Since QEMU doesn't enforce this, it leads to an early guest kernel
crash if invalid threads count is specified.

Prevent this crash and make it a graceful exit from QEMU itself by
validating the user-supplied threads count.

Signed-off-by: Bharata B Rao <bharata@linux.vnet.ibm.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Reviewed-by: Stewart Smith <stewart@linux.vnet.ibm.com>
Signed-off-by: Andreas Färber <afaerber@suse.de>
7 years agotarget-ppc: Fix overallocation of opcode tables
Stuart Brady [Wed, 19 Mar 2014 14:07:26 +0000 (14:07 +0000)] 
target-ppc: Fix overallocation of opcode tables

create_new_table() should allocate 0x20 opc_handler_t pointers, but
actually allocates 0x20 opc_handler_t structs.  Fix this.

Signed-off-by: Stuart Brady <sdb@zubnet.me.uk>
Reviewed-by: Tom Musta <tommusta@gmail.com>
Tested-by: Tom Musta <tommusta@gmail.com>
Signed-off-by: Andreas Färber <afaerber@suse.de>
7 years agotarget-ppc: Reset SPRs on CPU reset
Alexey Kardashevskiy [Wed, 19 Mar 2014 13:03:57 +0000 (00:03 +1100)] 
target-ppc: Reset SPRs on CPU reset

This resets SPR values to defaults on CPU reset. This should help
with little-endian guests reboot issues.

Signed-off-by: Alexey Kardashevskiy <aik@ozlabs.ru>
Reviewed-by: Greg Kurz <gkurz@linux.vnet.ibm.com>
Signed-off-by: Andreas Färber <afaerber@suse.de>
7 years agospapr_hcall: Fix h_enter to loop correctly
Aneesh Kumar K.V [Fri, 14 Mar 2014 13:51:49 +0000 (19:21 +0530)] 
spapr_hcall: Fix h_enter to loop correctly

We wanted to loop till index is 8. On 8 we return with H_PTEG_FULL. If we
are successful in loading hpte with any other index, we continue with that
index value.

Reported-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Aneesh Kumar K.V <aneesh.kumar@linux.vnet.ibm.com>
Reviewed-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Andreas Färber <afaerber@suse.de>
7 years agoMerge remote-tracking branch 'remotes/afaerber/tags/prep-for-2.0' into staging
Peter Maydell [Wed, 19 Mar 2014 23:34:42 +0000 (23:34 +0000)] 
Merge remote-tracking branch 'remotes/afaerber/tags/prep-for-2.0' into staging

PReP machine and devices

* Raven PCI host bridge memory fixes (remainder)

# gpg: Signature made Wed 19 Mar 2014 23:35:08 GMT using RSA key ID 3E7E013F
# gpg: Good signature from "Andreas Färber <afaerber@suse.de>"
# gpg:                 aka "Andreas Färber <afaerber@suse.com>"

* remotes/afaerber/tags/prep-for-2.0:
  raven: Use raven_ for all function prefixes
  raven: Fix PCI bus accesses with size > 1
  raven: Add PCI bus mastering address space
  raven: Set a correct PCI memory region
  raven: Set a correct PCI I/O memory region
  raven: Implement non-contiguous I/O region
  raven: Rename intack region to pci_intack

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
7 years agoraven: Use raven_ for all function prefixes
Hervé Poussineau [Mon, 17 Mar 2014 22:00:25 +0000 (23:00 +0100)] 
raven: Use raven_ for all function prefixes

Signed-off-by: Hervé Poussineau <hpoussin@reactos.org>
Signed-off-by: Andreas Färber <andreas.faerber@web.de>
7 years agoraven: Fix PCI bus accesses with size > 1
Hervé Poussineau [Mon, 17 Mar 2014 22:00:24 +0000 (23:00 +0100)] 
raven: Fix PCI bus accesses with size > 1

Signed-off-by: Hervé Poussineau <hpoussin@reactos.org>
Reviewed-by: Artyom Tarasenko <atar4qemu@gmail.com>
Signed-off-by: Andreas Färber <andreas.faerber@web.de>
7 years agoraven: Add PCI bus mastering address space
Hervé Poussineau [Mon, 17 Mar 2014 22:00:23 +0000 (23:00 +0100)] 
raven: Add PCI bus mastering address space

This has been tested on Linux 2.4/PPC with the lsi53c895a SCSI adapter.

Signed-off-by: Hervé Poussineau <hpoussin@reactos.org>
Signed-off-by: Andreas Färber <andreas.faerber@web.de>
7 years agoraven: Set a correct PCI memory region
Hervé Poussineau [Mon, 17 Mar 2014 22:00:22 +0000 (23:00 +0100)] 
raven: Set a correct PCI memory region

PCI memory region is 0x3f000000 bytes starting at 0xc0000000.

However, keep compatibility with Open Hack'Ware expectations
by adding a hack for Open Hack'Ware display.

Signed-off-by: Hervé Poussineau <hpoussin@reactos.org>
Signed-off-by: Andreas Färber <andreas.faerber@web.de>
7 years agoraven: Set a correct PCI I/O memory region
Hervé Poussineau [Mon, 17 Mar 2014 22:00:21 +0000 (23:00 +0100)] 
raven: Set a correct PCI I/O memory region

PCI I/O region is 0x3f800000 bytes starting at 0x80000000.
Do not use global QEMU I/O region, which is only 64KB.

Signed-off-by: Hervé Poussineau <hpoussin@reactos.org>
Signed-off-by: Andreas Färber <andreas.faerber@web.de>
7 years agoraven: Implement non-contiguous I/O region
Hervé Poussineau [Mon, 17 Mar 2014 22:00:20 +0000 (23:00 +0100)] 
raven: Implement non-contiguous I/O region

Remove now duplicated code from prep board.

Signed-off-by: Hervé Poussineau <hpoussin@reactos.org>
Signed-off-by: Andreas Färber <andreas.faerber@web.de>
7 years agoraven: Rename intack region to pci_intack
Hervé Poussineau [Mon, 17 Mar 2014 22:00:19 +0000 (23:00 +0100)] 
raven: Rename intack region to pci_intack

Regions added subsequently will also have the pci_ prefix.

Signed-off-by: Hervé Poussineau <hpoussin@reactos.org>
Signed-off-by: Andreas Färber <andreas.faerber@web.de>
7 years agoMerge remote-tracking branch 'remotes/afaerber/tags/qom-cpu-for-2.0' into staging
Peter Maydell [Wed, 19 Mar 2014 22:36:44 +0000 (22:36 +0000)] 
Merge remote-tracking branch 'remotes/afaerber/tags/qom-cpu-for-2.0' into staging

QOM CPUState refactorings / X86CPU

* CPUState layout optimization for TCG

# gpg: Signature made Wed 19 Mar 2014 21:51:46 GMT using RSA key ID 3E7E013F
# gpg: Good signature from "Andreas Färber <afaerber@suse.de>"
# gpg:                 aka "Andreas Färber <afaerber@suse.com>"

* remotes/afaerber/tags/qom-cpu-for-2.0:
  cpu: Move tcg_exit_req to the end of CPUState

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
7 years agoMerge remote-tracking branch 'remotes/afaerber/tags/qom-devices-for-2.0' into staging
Peter Maydell [Wed, 19 Mar 2014 21:45:41 +0000 (21:45 +0000)] 
Merge remote-tracking branch 'remotes/afaerber/tags/qom-devices-for-2.0' into staging

QOM/QTest infrastructure fixes

* QOM machine memory and build fixes
* QOM link<> and child<> property reference counting fixes

# gpg: Signature made Wed 19 Mar 2014 21:44:04 GMT using RSA key ID 3E7E013F
# gpg: Good signature from "Andreas Färber <afaerber@suse.de>"
# gpg:                 aka "Andreas Färber <afaerber@suse.com>"

* remotes/afaerber/tags/qom-devices-for-2.0:
  virtio-rng: Avoid default_backend refcount leak
  qom: Add check() argument to object_property_add_link()
  qom: Make QOM link property unref optional
  qom: Don't make link NULL on object_property_set_link() failure
  qom: Split object_property_set_link()
  vl.c: Fix OpenBSD compilation issue due to namespace collisions
  vl.c: Fix memory leak in qemu_register_machine()

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
7 years agovirtio-rng: Avoid default_backend refcount leak
Stefan Hajnoczi [Wed, 19 Mar 2014 07:58:57 +0000 (08:58 +0100)] 
virtio-rng: Avoid default_backend refcount leak

QOM child properties take a reference to the object and release it when
the property is deleted.  Therefore we should unref the default_backend
after we have added it as a child property.

Cc: KONRAD Frederic <fred.konrad@greensocs.com>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
Reviewed-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Andreas Färber <afaerber@suse.de>
7 years agoqom: Add check() argument to object_property_add_link()
Stefan Hajnoczi [Wed, 19 Mar 2014 07:58:56 +0000 (08:58 +0100)] 
qom: Add check() argument to object_property_add_link()

There are currently three types of object_property_add_link() callers:

1. The link property may be set at any time.
2. The link property of a DeviceState instance may only be set before
   realize.
3. The link property may never be set, it is read-only.

Something similar can already be achieved with
object_property_add_str()'s set() argument.  Follow its example and add
a check() argument to object_property_add_link().

Also provide default check() functions for case #1 and #2.  Case #3 is
covered by passing a NULL function pointer.

Cc: Peter Crosthwaite <peter.crosthwaite@petalogix.com>
Cc: Alexander Graf <agraf@suse.de>
Cc: Anthony Liguori <aliguori@amazon.com>
Cc: "Michael S. Tsirkin" <mst@redhat.com>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
Reviewed-by: Paolo Bonzini <pbonzini@redhat.com>
[AF: Tweaked documentation comment]
Signed-off-by: Andreas Färber <afaerber@suse.de>
7 years agocpu: Move tcg_exit_req to the end of CPUState
Richard Henderson [Fri, 14 Mar 2014 22:30:10 +0000 (15:30 -0700)] 
cpu: Move tcg_exit_req to the end of CPUState

Reverse an increase in the size of generated code.

Signed-off-by: Richard Henderson <rth@twiddle.net>
Signed-off-by: Andreas Färber <afaerber@suse.de>
7 years agoqom: Make QOM link property unref optional
Stefan Hajnoczi [Wed, 19 Mar 2014 07:58:55 +0000 (08:58 +0100)] 
qom: Make QOM link property unref optional

Some object_property_add_link() callers expect property deletion to
unref the link property object.  Other callers expect to manage the
refcount themselves.  The former are currently broken and therefore leak
the link property object.

This patch adds a flags argument to object_property_add_link() so the
caller can specify which refcount behavior they require.  The new
OBJ_PROP_LINK_UNREF_ON_RELEASE flag causes the link pointer to be
unreferenced when the property is deleted.

This fixes refcount leaks in qdev.c, xilinx_axidma.c, xilinx_axienet.c,
s390-virtio-bus.c, virtio-pci.c, virtio-rng.c, and ui/console.c.

Rationale for refcount behavior:

 * hw/core/qdev.c
   - bus children are explicitly unreferenced, don't interfere
   - parent_bus is essentially a read-only property that doesn't hold a
     refcount, don't unref
   - hotplug_handler is leaked, do unref

 * hw/dma/xilinx_axidma.c
   - rx stream "dma" links are set using set_link, therefore they
     need unref
   - tx streams are set using set_link, therefore they need unref

 * hw/net/xilinx_axienet.c
   - same reasoning as hw/dma/xilinx_axidma.c

 * hw/pcmcia/pxa2xx.c
   - pxa2xx bypasses set_link and therefore does not use refcounts

 * hw/s390x/s390-virtio-bus.c
 * hw/virtio/virtio-pci.c
 * hw/virtio/virtio-rng.c
 * ui/console.c
   - set_link is used and there is no explicit unref, do unref

Cc: Peter Crosthwaite <peter.crosthwaite@petalogix.com>
Cc: Alexander Graf <agraf@suse.de>
Cc: Anthony Liguori <aliguori@amazon.com>
Cc: "Michael S. Tsirkin" <mst@redhat.com>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
Reviewed-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Andreas Färber <afaerber@suse.de>
7 years agoqom: Don't make link NULL on object_property_set_link() failure
Stefan Hajnoczi [Wed, 19 Mar 2014 07:58:54 +0000 (08:58 +0100)] 
qom: Don't make link NULL on object_property_set_link() failure

The error behavior of object_property_set_link() is dangerous.  It sets
the link property object to NULL if an error occurs.  A setter function
should either succeed or fail, it shouldn't leave the value NULL on
failure.

Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
Reviewed-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Andreas Färber <afaerber@suse.de>
7 years agoqom: Split object_property_set_link()
Stefan Hajnoczi [Wed, 19 Mar 2014 07:58:53 +0000 (08:58 +0100)] 
qom: Split object_property_set_link()

The path resolution logic in object_property_set_link() should be a
separate function.  This makes the code easier to read and maintain.

Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
Reviewed-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Andreas Färber <afaerber@suse.de>
7 years agovl.c: Fix OpenBSD compilation issue due to namespace collisions
Marcel Apfelbaum [Tue, 18 Mar 2014 15:26:35 +0000 (17:26 +0200)] 
vl.c: Fix OpenBSD compilation issue due to namespace collisions

Machine rewriting added MACHINE() macro which is
already in use by other OpenBSD library.
Since qemu/sockets.h exposes the OpenBSD namespace,
the minimalistic approach is to add it as the first QEMU include.

Reported-by: Brad Smith <brad@comstyle.com>
Signed-off-by: Marcel Apfelbaum <marcel.a@redhat.com>
Signed-off-by: Andreas Färber <afaerber@suse.de>
7 years agovl.c: Fix memory leak in qemu_register_machine()
Christian Borntraeger [Wed, 19 Mar 2014 11:24:27 +0000 (12:24 +0100)] 
vl.c: Fix memory leak in qemu_register_machine()

Since commit 261747f176f6 (vl: Use MachineClass instead of global
QEMUMachine list) valgrind complains about the following:

==54082== 57 bytes in 3 blocks are definitely lost in loss record 365 of
729
==54082==    at 0x4031AFE: malloc (vg_replace_malloc.c:292)
==54082==    by 0x4145569: g_malloc (in
/usr/lib64/libglib-2.0.so.0.3400.2)
==54082==    by 0x415F9E9: g_strconcat (in
/usr/lib64/libglib-2.0.so.0.3400.2)
==54082==    by 0x80157FE7: qemu_register_machine (vl.c:1597)
==54082==    by 0x80208E6B: module_call_init (module.c:105)
==54082==    by 0x80013B91: main (vl.c:3000)

Turns out that valgrind is right. We simply forget the memory that
g_strconcat() has allocated. Lets free it after the type_register().
We need a 2nd variable due to constness of the name part of the
type structure.

Signed-off-by: Christian Borntraeger <borntraeger@de.ibm.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Andreas Färber <afaerber@suse.de>
7 years agoMerge remote-tracking branch 'remotes/afaerber/tags/qom-cpu-for-2.0' into staging
Peter Maydell [Wed, 19 Mar 2014 19:05:13 +0000 (19:05 +0000)] 
Merge remote-tracking branch 'remotes/afaerber/tags/qom-cpu-for-2.0' into staging

QOM CPUState refactorings / X86CPU

* Fix pointer type mismatch

# gpg: Signature made Wed 19 Mar 2014 18:51:47 GMT using RSA key ID 3E7E013F
# gpg: Good signature from "Andreas Färber <afaerber@suse.de>"
# gpg:                 aka "Andreas Färber <afaerber@suse.com>"

* remotes/afaerber/tags/qom-cpu-for-2.0:
  exec: Fix CPU rework fallout

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
7 years agoexec: Fix CPU rework fallout
Christian Borntraeger [Mon, 17 Mar 2014 16:13:12 +0000 (17:13 +0100)] 
exec: Fix CPU rework fallout

Commit 259186a7d2f7184efc96ae99bc5658e6159f53ad (cpu: Move halted and
interrupt_request fields to CPUState) passed CPUState::env_ptr to
tlb_flush() directory rather than through a typed variable.

Commit 00c8cb0a36f51a6866a83c08962d12a0eb21864b (cputlb: Change
tlb_flush() argument to CPUState) now changed the argument type.
This was unnoticed by gcc because env_ptr is a void pointer.

Signed-off-by: Christian Borntraeger <borntraeger@de.ibm.com>
Signed-off-by: Andreas Färber <afaerber@suse.de>
7 years agolinux-user: Fix build if headers don't define _LINUX_CAPABILITY_VERSION_1
Peter Maydell [Wed, 19 Mar 2014 16:07:30 +0000 (16:07 +0000)] 
linux-user: Fix build if headers don't define _LINUX_CAPABILITY_VERSION_1

Older kernel headers don't define _LINUX_CAPABILITY_VERSION_1.
Switch to using the older _LINUX_CAPABILITY_VERSION; newer headers
still define this for source compatibility.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reported-by: Laurent Desnogues <laurent.desnogues@gmail.com>
Reviewed-by: Laurent Desnogues <laurent.desnogues@gmail.com>
Acked-by: Riku Voipio <riku.voipio@iki.fi>
7 years agotarget-ppc: Add missing 'static' and 'const' attributes
Stefan Weil [Sun, 16 Mar 2014 13:49:54 +0000 (14:49 +0100)] 
target-ppc: Add missing 'static' and 'const' attributes

This fixes warnings from the static code analysis (smatch).

Signed-off-by: Stefan Weil <sw@weilnetz.de>
Signed-off-by: Andreas Färber <afaerber@suse.de>
7 years agoMerge remote-tracking branch 'remotes/riku/linux-user-for-upstream' into staging
Peter Maydell [Wed, 19 Mar 2014 14:14:15 +0000 (14:14 +0000)] 
Merge remote-tracking branch 'remotes/riku/linux-user-for-upstream' into staging

* remotes/riku/linux-user-for-upstream:
  linux-user: Implement capget, capset
  linux-user: Don't allow guest to block SIGSEGV
  signal: added a wrapper for sigprocmask function
  linux-user: Don't reserve space for commpage for AArch64
  linux-user: implement F_[GS]ETOWN_EX
  linux-user: Don't return uninitialized value for atomic_barrier syscall
  linux-user/signal.c: Correct error path for AArch64 do_rt_sigreturn

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
7 years agoMerge remote-tracking branch 'remotes/kevin/tags/for-upstream' into staging
Peter Maydell [Wed, 19 Mar 2014 13:47:22 +0000 (13:47 +0000)] 
Merge remote-tracking branch 'remotes/kevin/tags/for-upstream' into staging

Block patches for 2.0.0-rc1

# gpg: Signature made Wed 19 Mar 2014 13:03:27 GMT using RSA key ID C88F2FD6
# gpg: Good signature from "Kevin Wolf <kwolf@redhat.com>"

* remotes/kevin/tags/for-upstream:
  dataplane: fix implicit IOThread refcount
  block/nfs: report errors from libnfs
  block/nfs: bump libnfs requirement to 1.9.3
  qcow2: Fix fail path in realloc_refcount_block()
  qcow2: Correct comment for realloc_refcount_block()
  qemu-io: Extended "--cmd" description in usage text
  qemu-io-cmds: Fixed typo in example for writev.
  block: Add error handling to bdrv_invalidate_cache()

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
7 years agoMerge remote-tracking branch 'remotes/pmaydell/tags/pull-target-arm-20140319' into...
Peter Maydell [Wed, 19 Mar 2014 13:00:41 +0000 (13:00 +0000)] 
Merge remote-tracking branch 'remotes/pmaydell/tags/pull-target-arm-20140319' into staging

target-arm queue:
 * last few A64 Neon instructions
 * fix some PL011 UART bugs causing occasional serial lockups
 * fix the non-PCI AHCI device

# gpg: Signature made Wed 19 Mar 2014 12:00:59 GMT using RSA key ID 14360CDE
# gpg: Good signature from "Peter Maydell <peter.maydell@linaro.org>"

* remotes/pmaydell/tags/pull-target-arm-20140319:
  target-arm: A64: Add saturating accumulate ops (USQADD/SUQADD)
  target-arm: A64: Add saturating int ops (SQNEG/SQABS)
  pl011: fix incorrect logic to set the RXFF flag
  pl011: fix UARTRSR accesses corrupting the UARTCR value
  pl011: reset the fifo when enabled or disabled
  ahci: fix sysbus support

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
7 years agovl.c: Use MAX_CPUMASK_BITS macro instead of hardcoded constant
Eduardo Habkost [Tue, 18 Mar 2014 19:29:24 +0000 (16:29 -0300)] 
vl.c: Use MAX_CPUMASK_BITS macro instead of hardcoded constant

Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
7 years agosysemu.h: Document what MAX_CPUMASK_BITS really limits
Eduardo Habkost [Tue, 18 Mar 2014 19:29:23 +0000 (16:29 -0300)] 
sysemu.h: Document what MAX_CPUMASK_BITS really limits

Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
7 years agodataplane: fix implicit IOThread refcount
Stefan Hajnoczi [Tue, 18 Mar 2014 16:50:52 +0000 (17:50 +0100)] 
dataplane: fix implicit IOThread refcount

When creating an IOThread implicitly (the user did not specify
x-iothread=<id>) remember that iothread_find() does not return the
object with an incremented refcount.

Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
Reviewed-by: Fam Zheng <famz@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
7 years agoblock/nfs: report errors from libnfs
Peter Lieven [Mon, 17 Mar 2014 08:37:21 +0000 (09:37 +0100)] 
block/nfs: report errors from libnfs

if an NFS operation fails we should report what libnfs knows
about the failure. It is likely more than just an error code.

Signed-off-by: Peter Lieven <pl@kamp.de>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
7 years agoblock/nfs: bump libnfs requirement to 1.9.3
Peter Lieven [Mon, 17 Mar 2014 08:37:33 +0000 (09:37 +0100)] 
block/nfs: bump libnfs requirement to 1.9.3

libnfs prior to 1.9.3 contains a bug that will report
wrong transfer sizes if the file offset grows beyond 4GB
and RPC responses are received out of order. this
error is not detectable and fixable in qemu.

additionally 1.9.3 introduces support for handling short
read/writes in general and takes care of the necessary
retransmissions internally.

Signed-off-by: Peter Lieven <pl@kamp.de>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
7 years agoqcow2: Fix fail path in realloc_refcount_block()
Max Reitz [Mon, 17 Mar 2014 22:04:52 +0000 (23:04 +0100)] 
qcow2: Fix fail path in realloc_refcount_block()

If qcow2_alloc_clusters() fails, new_offset and ret will both be
negative after the fail label, thus passing the first if condition and
subsequently resulting in a call of qcow2_free_clusters() with an
invalid (negative) offset parameter. Fix this by introducing a new label
"fail_free_cluster" which is only invoked if new_offset is indeed
pointing to a newly allocated cluster that should be cleaned up by
freeing it.

While we're at it, clean up the whole fail path. qcow2_cache_put()
should (and actually can) never fail, hence the return value can safely
be ignored (aside from asserting that it indeed did not fail).

Furthermore, there is no reason to give QCOW2_DISCARD_ALWAYS to
qcow2_free_clusters(), a mere QCOW2_DISCARD_OTHER will suffice.

Ultimately, rename the "fail" label to "done", as it is invoked both on
failure and success.

Suggested-by: Laszlo Ersek <lersek@redhat.com>
Signed-off-by: Max Reitz <mreitz@redhat.com>
Reviewed-by: Laszlo Ersek <lersek@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
7 years agoqcow2: Correct comment for realloc_refcount_block()
Max Reitz [Mon, 17 Mar 2014 22:04:51 +0000 (23:04 +0100)] 
qcow2: Correct comment for realloc_refcount_block()

Contrary to the comment describing this function's behavior, it does not
return 0 on success, but rather the offset of the newly allocated
cluster. This patch adjusts the comment accordingly to reflect the
actual behavior.

Signed-off-by: Max Reitz <mreitz@redhat.com>
Reviewed-by: Laszlo Ersek <lersek@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
7 years agoqemu-io: Extended "--cmd" description in usage text
Maria Kustova [Tue, 18 Mar 2014 05:59:19 +0000 (09:59 +0400)] 
qemu-io: Extended "--cmd" description in usage text

It's not clear from the usage description that "--cmd" option accepts
its argument as a string, so any special symbols have to be quoted from
the shell.

Updates in usage text:
 - Specified parameter format for "--cmd" option.
 - Added an instruction how to get help for "--cmd" option.

Signed-off-by: Maria Kustova <maria.k@catit.be>
Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
7 years agoqemu-io-cmds: Fixed typo in example for writev.
Maria Kustova [Tue, 18 Mar 2014 05:59:17 +0000 (09:59 +0400)] 
qemu-io-cmds: Fixed typo in example for writev.

Signed-off-by: Maria Kustova <maria.k@catit.be>
Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
7 years agoblock: Add error handling to bdrv_invalidate_cache()
Kevin Wolf [Wed, 12 Mar 2014 14:59:16 +0000 (15:59 +0100)] 
block: Add error handling to bdrv_invalidate_cache()

If it returns an error, the migrated VM will not be started, but qemu
exits with an error message.

Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Reviewed-by: Juan Quintela <quintela@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Reviewed-by: Benoit Canet <benoit@irqsave.net>
7 years agotarget-arm: A64: Add saturating accumulate ops (USQADD/SUQADD)
Alex Bennée [Tue, 18 Mar 2014 23:10:06 +0000 (23:10 +0000)] 
target-arm: A64: Add saturating accumulate ops (USQADD/SUQADD)

Add the saturating accumulate operations USQADD and SUQADD
to the A64 instruction set. This completes coverage of A64 Neon.
These operations (which are unsigned + signed -> signed and
signed + unsigned -> unsigned) don't exist in the A32/T32
instruction set, so require a complete new set of helper functions.

Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Richard Henderson <rth@twiddle.net>
7 years agotarget-arm: A64: Add saturating int ops (SQNEG/SQABS)
Alex Bennée [Tue, 18 Mar 2014 23:10:06 +0000 (23:10 +0000)] 
target-arm: A64: Add saturating int ops (SQNEG/SQABS)

This mostly re-uses the existing NEON helpers with an additional two for
the 64 bit case. I also took the opportunity to add TCG_CALL_NO_RWG
options to the helpers as they don't modify globals (saturation flags
are in the CPU Environment).

Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Richard Henderson <rth@twiddle.net>
7 years agopl011: fix incorrect logic to set the RXFF flag
Rob Herring [Tue, 18 Mar 2014 18:18:41 +0000 (13:18 -0500)] 
pl011: fix incorrect logic to set the RXFF flag

The receive fifo full bit should be set when 1 character is received and
the fifo is disabled or when 16 characters are in the fifo.

Signed-off-by: Rob Herring <rob.herring@linaro.org>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Message-id: 1395166721-15716-4-git-send-email-robherring2@gmail.com
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
7 years agopl011: fix UARTRSR accesses corrupting the UARTCR value
Rob Herring [Tue, 18 Mar 2014 18:18:40 +0000 (13:18 -0500)] 
pl011: fix UARTRSR accesses corrupting the UARTCR value

Offset 4 is UARTRSR/UARTECR, not the UARTCR. The UARTCR would be
corrupted if the UARTRSR is ever written. Fix by implementing a correct
model of the UARTRSR/UARTECR register. Reads of this register simply
reflect the error bits in data register. Only breaks can be triggered in
QEMU. With the pl011_can_receive function, we effectively have flow
control between the host and the model. Framing and parity errors simply
don't make sense in the model and will never occur.

Signed-off-by: Rob Herring <rob.herring@linaro.org>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Message-id: 1395166721-15716-3-git-send-email-robherring2@gmail.com
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
7 years agopl011: reset the fifo when enabled or disabled
Rob Herring [Tue, 18 Mar 2014 18:18:39 +0000 (13:18 -0500)] 
pl011: reset the fifo when enabled or disabled

Intermittent issues have been seen where no serial input occurs. It
appears the pl011 gets in a state where the rx interrupt never fires
because the rx interrupt only asserts when crossing the fifo trigger
level. The fifo state appears to get out of sync when the pl011 is
re-configured. This combined with the rx timeout interrupt not being
modeled results in no more rx interrupts.

Disabling the fifo is the recommended way to clear the tx fifo in the
TRM (section 3.3.8). The behavior in this case for the rx fifo is
undefined in the TRM, but having fifo contents to be maintained during
configuration changes is not likely expected behavior. Reseting the
fifo state when the fifo size is changed is the simplest solution.

Signed-off-by: Rob Herring <rob.herring@linaro.org>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Message-id: 1395166721-15716-2-git-send-email-robherring2@gmail.com
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
7 years agoahci: fix sysbus support
Rob Herring [Tue, 18 Mar 2014 19:36:13 +0000 (19:36 +0000)] 
ahci: fix sysbus support

Non-PCI AHCI support is broken due to assertion failures when trying
to convert AHCIState to a PCIDevice pointer as AHCIState can have
different container structs. Fix this by using the non-asserting object
cast and checking the returned pointer is not NULL.

The AddressSpace pointer is also being initialized to NULL and causing
dma_memory_map call to fail. Fix this by initializing to
address_space_memory for sysbus instances.

Also correct AHCI_VMSTATE to use the correct container SysbusAHCIState
for sysbus instances.

Signed-off-by: Rob Herring <rob.herring@linaro.org>
Message-id: 1392073373-3295-1-git-send-email-robherring2@gmail.com
[PMM: added linebreaks to fix overlong lines]
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
7 years agoMerge remote-tracking branch 'remotes/kraxel/tags/pull-vnc-2' into staging
Peter Maydell [Tue, 18 Mar 2014 16:39:29 +0000 (16:39 +0000)] 
Merge remote-tracking branch 'remotes/kraxel/tags/pull-vnc-2' into staging

vnc: fix vmware VGA incompatiblities

# gpg: Signature made Tue 18 Mar 2014 07:23:10 GMT using RSA key ID D3E87138
# gpg: Good signature from "Gerd Hoffmann (work) <kraxel@redhat.com>"
# gpg:                 aka "Gerd Hoffmann <gerd@kraxel.org>"
# gpg:                 aka "Gerd Hoffmann (private) <kraxel@gmail.com>"

* remotes/kraxel/tags/pull-vnc-2:
  ui/vnc: fix vmware VGA incompatiblities

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>