qemu.git
9 years agoEliminate cpus-x86_64.conf file
Eduardo Habkost [Wed, 5 Sep 2012 20:41:11 +0000 (17:41 -0300)] 
Eliminate cpus-x86_64.conf file

This file is not needed anymore, as QEMU won't ship any config-based
cpudefs out of the box, relying only on the builtin CPU models.

Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
Reviewed-by: Igor Mammedov <imammedo@redhat.com>
Signed-off-by: Andreas Färber <afaerber@suse.de>
9 years agotarget-i386: Move CPU models from cpus-x86_64.conf to C
Eduardo Habkost [Wed, 5 Sep 2012 20:41:10 +0000 (17:41 -0300)] 
target-i386: Move CPU models from cpus-x86_64.conf to C

Those models are maintained by QEMU and may require compatibility code
to be added when making some changes. Keeping the data in the C source
code should make it simpler to handle those details.

Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
Reviewed-by: Igor Mammedov <imammedo@redhat.com>
Reviewed-by: Don Slutz <Don@CloudSwitch.com>
Signed-off-by: Andreas Färber <afaerber@suse.de>
9 years agotarget-i386: Add missing CPUID_* constants
Eduardo Habkost [Wed, 5 Sep 2012 20:41:09 +0000 (17:41 -0300)] 
target-i386: Add missing CPUID_* constants

Those constants will be used by new CPU model definitions.

Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
Reviewed-by: Igor Mammedov <imammedo@redhat.com>
Signed-off-by: Andreas Färber <afaerber@suse.de>
9 years agoDrop cpu_list_id macro
Peter Maydell [Wed, 5 Sep 2012 20:41:08 +0000 (17:41 -0300)] 
Drop cpu_list_id macro

Since the only user of the extended cpu_list_id() format
was the x86 ?model/?dump/?cpuid output, we can drop it
completely.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Eduardo Habkost <ehabkost@redhat.com>
Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
Reviewed-by: Igor Mammedov <imammedo@redhat.com>
Signed-off-by: Andreas Färber <afaerber@suse.de>
9 years agotarget-i386: Fold -cpu ?cpuid, ?model output into -cpu help, drop ?dump
Peter Maydell [Wed, 5 Sep 2012 20:41:07 +0000 (17:41 -0300)] 
target-i386: Fold -cpu ?cpuid, ?model output into -cpu help, drop ?dump

Commit c8057f95 (accidentally) disabled the ability to pass
option strings starting with '?' to the target-specific
cpu_list function, so the target-i386 specific "-cpu ?dump",
"-cpu ?cpuid" and "-cpu ?model" stopped working.

Since these options are undocumented and not used by libvirt,
simply drop them completely rather than reinstating them
with new style syntax. Instead, we fold the ?model and ?cpuid
output into the output of the plain "-cpu help" output. The
detailed output produced by ?dump is dropped.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
Reviewed-by: Eduardo Habkost <ehabkost@redhat.com>
Reviewed-by: Igor Mammedov <imammedo@redhat.com>
Signed-off-by: Andreas Färber <afaerber@suse.de>
9 years agoMAINTAINERS: Add entry for QOM CPU
Andreas Färber [Mon, 17 Sep 2012 17:10:32 +0000 (19:10 +0200)] 
MAINTAINERS: Add entry for QOM CPU

Signed-off-by: Andreas Färber <afaerber@suse.de>
9 years agotarget-xtensa: don't emit extra tcg_gen_goto_tb
Max Filippov [Thu, 20 Sep 2012 22:59:50 +0000 (02:59 +0400)] 
target-xtensa: don't emit extra tcg_gen_goto_tb

Unconditional gen_check_loop_end at the end of disas_xtensa_insn
can emit tcg_gen_goto_tb with slot id already used in the TB (e.g. when
TB ends at LEND with a branch).

Signed-off-by: Max Filippov <jcmvbkbc@gmail.com>
Cc: qemu-stable <qemu-stable@nongnu.org>
Signed-off-by: malc <av1474@comtv.ru>
9 years agotarget-xtensa: fix extui shift amount
Max Filippov [Thu, 20 Sep 2012 22:59:49 +0000 (02:59 +0400)] 
target-xtensa: fix extui shift amount

extui opcode only uses lowermost op1 bit for sa4.

Reported-by: malc <av1474@comtv.ru>
Signed-off-by: Max Filippov <jcmvbkbc@gmail.com>
Cc: qemu-stable <qemu-stable@nongnu.org>
Signed-off-by: malc <av1474@comtv.ru>
9 years agotcg/optimize: fix end of basic block detection
Aurelien Jarno [Wed, 19 Sep 2012 19:40:30 +0000 (21:40 +0200)] 
tcg/optimize: fix end of basic block detection

Commit e31b0a7c050711884ad570fe73df806520953618 fixed copy propagation on
32-bit host by restricting the copy between different types. This was the
wrong fix.

The real problem is that the all temps states should be reset at the end
of a basic block. This was done by adding such operations in the switch,
but brcond2 was forgotten (that's why the crash was only observed on 32-bit
hosts).

Fix that by looking at the TCG_OPF_BB_END instead. We need to keep the case
for op_set_label as temps might be modified through another path.

Cc: Blue Swirl <blauwirbel@gmail.com>
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
9 years agotarget-mips: Implement Loongson Multimedia Instructions
Richard Henderson [Wed, 19 Sep 2012 04:59:44 +0000 (21:59 -0700)] 
target-mips: Implement Loongson Multimedia Instructions

Implements all of the COP2 instructions except for the S<cond>
family of comparisons.  The documentation is unclear for those.

Signed-off-by: Richard Henderson <rth@twiddle.net>
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
9 years agotarget-mips: Always evaluate debugging macro arguments
Richard Henderson [Wed, 19 Sep 2012 04:55:34 +0000 (21:55 -0700)] 
target-mips: Always evaluate debugging macro arguments

this will prevent some of the compilation errors with debugging
enabled from creeping back in.

Signed-off-by: Richard Henderson <rth@twiddle.net>
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
9 years agotarget-mips: Fix MIPS_DEBUG.
Richard Henderson [Wed, 19 Sep 2012 04:55:33 +0000 (21:55 -0700)] 
target-mips: Fix MIPS_DEBUG.

The macro uses the DisasContext.  Pass it around as needed.

Signed-off-by: Richard Henderson <rth@twiddle.net>
Acked-by: Aurelien Jarno <aurelien@aurel32.net>
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
9 years agotarget-mips: Set opn in gen_ldst_multiple.
Richard Henderson [Wed, 19 Sep 2012 04:55:32 +0000 (21:55 -0700)] 
target-mips: Set opn in gen_ldst_multiple.

Used by MIPS_DEBUG, when enabled.

Signed-off-by: Richard Henderson <rth@twiddle.net>
Acked-by: Aurelien Jarno <aurelien@aurel32.net>
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
9 years agohw/pflash_cfi0[12]: Use host-utils.h ctz32()
Peter Maydell [Tue, 18 Sep 2012 13:53:42 +0000 (14:53 +0100)] 
hw/pflash_cfi0[12]: Use host-utils.h ctz32()

Drop the private reimplementation of ctz32() from pflash_cfi0[12]
in favour of using the standard version from host-utils.h.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Stefan Weil <sw@weilnetz.de>
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
9 years agopflash_cfi01: fix vendor specific extended query
Aurelien Jarno [Mon, 3 Sep 2012 20:47:03 +0000 (22:47 +0200)] 
pflash_cfi01: fix vendor specific extended query

pflash_cfi01 announces a version number of 1.1, which implies
"Protection Register Information" and "Burst Read information"
sections, which are not provided.

Decrease the version number to 1.0 so that only the "Protection
Register Information" section is needed.

Set the number of protection fields (0x3f) to 0x01, as 0x00 means 256
protections field, which makes the CFI table bigger than the current
implementation, causing some kernels to fail to read it.

Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
9 years agorevert "TCG: fix copy propagation"
Aurelien Jarno [Mon, 10 Sep 2012 11:14:12 +0000 (13:14 +0200)] 
revert "TCG: fix copy propagation"

Given the copy propagation breakage on 32-bit hosts has been fixed
commit e31b0a7c050711884ad570fe73df806520953618 can be reverted.

Cc: Blue Swirl <blauwirbel@gmail.com>
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
9 years agotcg: mark set_label with TCG_OPF_BB_END flag
Aurelien Jarno [Mon, 10 Sep 2012 12:23:49 +0000 (14:23 +0200)] 
tcg: mark set_label with TCG_OPF_BB_END flag

set_label is effectively the end of a basic block, as no optimization
can be made accross it. It was treated as such in the liveness analysis
code, but as a special case.

Mark it with TCG_OPF_BB_END flag so that this information can be used
by other parts of the TCG code, and remove the special case in the liveness
analysis code.

Cc: Blue Swirl <blauwirbel@gmail.com>
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
9 years agotcg/i386: allow constants in load/store ops
Aurelien Jarno [Mon, 10 Sep 2012 11:56:24 +0000 (13:56 +0200)] 
tcg/i386: allow constants in load/store ops

On x86, it is possible to move a constant value to memory. Add code to
handle a constant argument to load/store ops.

Reviewed-by: Richard Henderson <rth@twiddle.net>
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
9 years agoxilinx_timer: Fix a compile error if debug enabled
Chris Wulff [Mon, 10 Sep 2012 00:20:07 +0000 (20:20 -0400)] 
xilinx_timer: Fix a compile error if debug enabled

There was a missing include of qemu-log and a variable name in a printf was out
of date.

Signed-off-by: Chris Wulff <crwulff@gmail.com>
Signed-off-by: Peter A. G. Crosthwaite <peter.crosthwaite@petalogix.com>
9 years agoxilinx: fix names of ethernet and dma links.
Peter A. G. Crosthwaite [Mon, 17 Sep 2012 04:06:32 +0000 (14:06 +1000)] 
xilinx: fix names of ethernet and dma links.

These names were incorrect. Fixed to match to actual link names

Signed-off-by: Peter A. G. Crosthwaite <peter.crosthwaite@petalogix.com>
9 years agoxilinx.h: Error check when setting links
Peter A. G. Crosthwaite [Mon, 17 Sep 2012 03:41:39 +0000 (13:41 +1000)] 
xilinx.h: Error check when setting links

Assert that the ethernet and dma controller are sucessfully linked to their
peers.

Signed-off-by: Peter A. G. Crosthwaite <peter.crosthwaite@petalogix.com>
9 years agoxilinx_timer: Fixed "frequency" prop name
Peter A. G. Crosthwaite [Fri, 29 Jun 2012 03:20:46 +0000 (13:20 +1000)] 
xilinx_timer: Fixed "frequency" prop name

The "frequency" qdev prop matches the "clock-frequency" property in Xilinx EDK.
Renamed "frequency" -> "clock-frequency" accordingly.

Signed-off-by: Peter A. G. Crosthwaite <peter.crosthwaite@petalogix.com>
9 years agoxilinx_timer: Send dbg msgs to stderr not stdout
Peter A. G. Crosthwaite [Thu, 28 Jun 2012 06:28:03 +0000 (16:28 +1000)] 
xilinx_timer: Send dbg msgs to stderr not stdout

Signed-off-by: Peter A. G. Crosthwaite <peter.crosthwaite@petalogix.com>
9 years agoxilinx_timer: Removed comma in device name
Peter A. G. Crosthwaite [Thu, 28 Jun 2012 02:52:23 +0000 (12:52 +1000)] 
xilinx_timer: Removed comma in device name

Fixes an error in a61e4b07a30c062260d2d01771773f14820d1eb7

Signed-off-by: Peter A. G. Crosthwaite <peter.crosthwaite@petalogix.com>
9 years agoarch_init.c: Improve '-soundhw help' for non-HAS_AUDIO_CHOICE archs
Peter Maydell [Wed, 19 Sep 2012 13:51:38 +0000 (14:51 +0100)] 
arch_init.c: Improve '-soundhw help' for non-HAS_AUDIO_CHOICE archs

For architectures which don't set HAS_AUDIO_CHOICE, improve the
'-soundhw help' message so that it doesn't simply print an empty
list, implying no sound support at all.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: malc <av1474@comtv.ru>
9 years agoMerge remote-tracking branch 'kiszka/queues/slirp' into staging
Anthony Liguori [Mon, 17 Sep 2012 15:23:20 +0000 (10:23 -0500)] 
Merge remote-tracking branch 'kiszka/queues/slirp' into staging

* kiszka/queues/slirp:
  slirp: Implement TFTP Blocksize option
  slirp: Remove unused return value of tftp_send_next_block
  slirp: Handle more than 65535 blocks in TFTP transfers
  slirp: improve TFTP performance
  slirp: Fix error reported by static code analysis
  slirp: Remove wrong type casts ins debug statements

9 years agoMerge remote-tracking branch 'kwolf/for-anthony' into staging
Anthony Liguori [Mon, 17 Sep 2012 15:23:15 +0000 (10:23 -0500)] 
Merge remote-tracking branch 'kwolf/for-anthony' into staging

* kwolf/for-anthony:
  block: Don't forget to delete temporary file
  Don't require encryption password for 'qemu-img info' command
  qemu-img: Add json output option to the info command.
  qapi: Add SnapshotInfo and ImageInfo.
  ahci: properly reset PxCMD on HBA reset
  block: fix block tray status
  vdi: Fix warning from clang
  block/curl: Fix wrong free statement
  ide: Fix error messages from static code analysis (no real error)
  ATAPI: STARTSTOPUNIT only eject/load media if powercondition is 0
  sheepdog: fix savevm and loadvm

9 years agoMerge remote-tracking branch 'stefanha/trivial-patches' into staging
Anthony Liguori [Mon, 17 Sep 2012 15:21:42 +0000 (10:21 -0500)] 
Merge remote-tracking branch 'stefanha/trivial-patches' into staging

* stefanha/trivial-patches:
  configure: fix seccomp check
  arch_init.c: add missing '%' symbols before PRIu64 in debug printfs
  kvm: Fix warning from static code analysis
  qapi: Fix enumeration typo error
  console: Clean up bytes per pixel calculation
  Fix copy&paste typos in documentation comments
  linux-user: Remove #if 0'd cpu_get_real_ticks() definition
  ui: Fix spelling in comment (ressource -> resource)
  Spelling fixes in comments and macro names (ressource -> resource)
  Fix spelling (licenced -> licensed) in GPL
  Spelling fixes in comments and documentation
  srp: Don't use QEMU_PACKED for single elements of a structured type

9 years agoMerge remote-tracking branch 'spice/spice.v60' into staging
Anthony Liguori [Mon, 17 Sep 2012 15:21:09 +0000 (10:21 -0500)] 
Merge remote-tracking branch 'spice/spice.v60' into staging

* spice/spice.v60:
  hw/qxl: support client monitor configuration via device
  qxl: add trace-event for QXL_IO_LOG
  hw/qxl: tracing fixes
  qxl: better cleanup for surface destroy
  qxl: Ignore set_client_capabilities pre/post migrate
  qxl: dont update invalid area
  spice: send updates only for changed screen content
  spice: add screen mirror
  spice: split qemu_spice_create_update
  spice: switch to queue for vga mode updates

9 years agoMerge remote-tracking branch 'stefanha/net' into staging
Anthony Liguori [Mon, 17 Sep 2012 15:20:48 +0000 (10:20 -0500)] 
Merge remote-tracking branch 'stefanha/net' into staging

* stefanha/net:
  net: EAGAIN handling for net/socket.c TCP
  net: EAGAIN handling for net/socket.c UDP
  net: asynchronous send/receive infrastructure for net/socket.c
  net: broadcast hub packets if at least one port can receive
  net: fix usbnet_receive() packet drops
  net: clean up usbnet_receive()
  net: add -netdev options to man page
  net: do not report queued packets as sent
  net: add receive_disabled logic to iov delivery path
  eepro100: Fix network hang when rx buffers run out
  xen: flush queue when getting an event
  e1000: flush queue whenever can_receive can go from false to true
  net: notify iothread after flushing queue

9 years agoMerge remote-tracking branch 'qemu-kvm/uq/master' into staging
Anthony Liguori [Mon, 17 Sep 2012 15:20:27 +0000 (10:20 -0500)] 
Merge remote-tracking branch 'qemu-kvm/uq/master' into staging

* qemu-kvm/uq/master:
  kvm: Rename irqchip_inject_ioctl to irq_set_ioctl
  kvm: Stop flushing coalesced MMIO on vmexit
  VGA: Flush coalesced MMIO on related MMIO/PIO accesses
  memory: Flush coalesced MMIO on mapping and state changes
  memory: Fold memory_region_update_topology into memory_region_transaction_commit
  memory: Use transaction_begin/commit also for single-step operations
  memory: Flush coalesced MMIO on selected region access
  kvm-all.c: Move init of irqchip_inject_ioctl out of kvm_irqchip_create()
  update-linux-headers.sh: Don't hard code list of architectures

9 years agoRevert "Add ability to disable build of all targets"
Anthony Liguori [Fri, 14 Sep 2012 13:17:03 +0000 (08:17 -0500)] 
Revert "Add ability to disable build of all targets"

This reverts commit 66d5499b3754b83c09487259c08fe2ce73188a59.

This commit broke --target-list="x86_64-softmmu" and the fix isn't immediatley
obvious.

Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
9 years agocpu_physical_memory_write_rom() needs to do TB invalidates
David Gibson [Mon, 10 Sep 2012 02:30:57 +0000 (12:30 +1000)] 
cpu_physical_memory_write_rom() needs to do TB invalidates

cpu_physical_memory_write_rom(), despite the name, can also be used to
write images into RAM - and will often be used that way if the machine
uses load_image_targphys() into RAM addresses.

However, cpu_physical_memory_write_rom(), unlike cpu_physical_memory_rw()
doesn't invalidate any cached TBs which might be affected by the region
written.

This was breaking reset (under full emu) on the pseries machine - we loaded
our firmware image into RAM, and while executing it rewrite the code at
the entry point (correctly causing a TB invalidate/refresh).  When we
reset the firmware image was reloaded, but the TB from the rewrite was
still active and caused us to get an illegal instruction trap.

This patch fixes the bug by duplicating the tb invalidate code from
cpu_physical_memory_rw() in cpu_physical_memory_write_rom().

Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
9 years agoqemu-char: BUGFIX, don't call FD_ISSET with negative fd
David Gibson [Mon, 10 Sep 2012 02:30:56 +0000 (12:30 +1000)] 
qemu-char: BUGFIX, don't call FD_ISSET with negative fd

tcp_chr_connect(), unlike for example udp_chr_update_read_handler() does
not check if the fd it is using is valid (>= 0) before passing it to
qemu_set_fd_handler2().  If using e.g. a TCP serial port, which is not
initially connected, this can result in -1 being passed to FD_ISSET, which
has undefined behaviour.  On x86 it seems to harmlessly return 0, but on
PowerPC, it causes a fortify buffer overflow error to be thrown.

This patch fixes this by putting an extra test in tcp_chr_connect(), and
also adds an assert qemu_set_fd_handler2() to catch other such errors on
all platforms, rather than just some.

Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
9 years agoRevert 455aa1e08 and c3767ed0eb
Anthony Liguori [Wed, 12 Sep 2012 19:34:07 +0000 (14:34 -0500)] 
Revert 455aa1e08 and c3767ed0eb

    commit c3767ed0eb5d0bb25fe409ae5dec06e3411ff1b6
    qemu-char: (Re-)connect for tcp_chr_write() unconnected writing

Has no hope of working because tcp_chr_connect() does not actually connect.

455aa1e08 just fixes the SEGV with server() but the attempt to connect a client
socket is still completely broken.

This patch reverts both.

Reported-by: Richard W.M. Jones <rjones@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
9 years agopc: Drop practically unused BOCHS BIOS debug ports
Jan Kiszka [Tue, 11 Sep 2012 14:38:25 +0000 (16:38 +0200)] 
pc: Drop practically unused BOCHS BIOS debug ports

We have debugcon these days to listen on those ports that receive debug
messages. Also drop the others that have no effect anymore.

Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
9 years agoadd -machine mem-merge=on|off option
Luiz Capitulino [Wed, 5 Sep 2012 19:50:16 +0000 (16:50 -0300)] 
add -machine mem-merge=on|off option

It allows to disable memory merge support (KSM on Linux), which is
enabled by default otherwise.

Signed-off-by: Luiz Capitulino <lcapitulino@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
9 years agoRemove unused CONFIG_TCG_PASS_AREG0 and dead code
Blue Swirl [Sun, 2 Sep 2012 15:28:56 +0000 (15:28 +0000)] 
Remove unused CONFIG_TCG_PASS_AREG0 and dead code

Now that CONFIG_TCG_PASS_AREG0 is enabled for all targets,
remove dead code and support for !CONFIG_TCG_PASS_AREG0 case.

Remove dyngen-exec.h and all references to it. Although included by
hw/spapr_hcall.c, it does not seem to use it.

Remove unused HELPER_CFLAGS.

Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
Reviewed-by: Richard Henderson <rth@twiddle.net>
9 years agotarget-mips: switch to AREG0 free mode
Blue Swirl [Sun, 2 Sep 2012 14:52:59 +0000 (14:52 +0000)] 
target-mips: switch to AREG0 free mode

Add an explicit CPUState parameter instead of relying on AREG0
and switch to AREG0 free mode.

Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
Acked-by: Aurelien Jarno <aurelien@aurel32.net>
9 years agotarget-sh4: switch to AREG0 free mode
Blue Swirl [Sun, 2 Sep 2012 10:37:06 +0000 (10:37 +0000)] 
target-sh4: switch to AREG0 free mode

Add an explicit CPUState parameter instead of relying on AREG0
and switch to AREG0 free mode.

Acked-by: Aurelien Jarno <aurelien@aurel32.net>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
9 years agotarget-cris: Switch to AREG0 free mode
Aurelien Jarno [Fri, 7 Sep 2012 14:13:27 +0000 (16:13 +0200)] 
target-cris: Switch to AREG0 free mode

Add an explicit CPUCRISState parameter instead of relying on AREG0, and
use cpu_ld* in translation and interrupt handling. Remove AREG0 swapping
in tlb_fill(). Switch to AREG0 free mode

Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
9 years agotarget-cris: Avoid AREG0 for helpers
Aurelien Jarno [Thu, 30 Aug 2012 14:56:39 +0000 (16:56 +0200)] 
target-cris: Avoid AREG0 for helpers

Add an explicit CPUCRISState parameter instead of relying on AREG0.

Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
9 years agotarget-microblaze: switch to AREG0 free mode
Blue Swirl [Sun, 2 Sep 2012 08:39:22 +0000 (08:39 +0000)] 
target-microblaze: switch to AREG0 free mode

Add an explicit CPUState parameter instead of relying on AREG0
and switch to AREG0 free mode.

Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
9 years agotarget-arm: final conversion to AREG0 free mode
Blue Swirl [Tue, 4 Sep 2012 20:25:59 +0000 (20:25 +0000)] 
target-arm: final conversion to AREG0 free mode

Convert code load functions and switch to AREG0 free mode.

Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
9 years agotarget-arm: convert remaining helpers
Blue Swirl [Tue, 4 Sep 2012 20:19:15 +0000 (20:19 +0000)] 
target-arm: convert remaining helpers

Convert remaining helpers to AREG0 free mode: add an explicit
CPUState parameter instead of relying on AREG0.

Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
9 years agotarget-arm: convert void helpers
Blue Swirl [Tue, 4 Sep 2012 20:08:34 +0000 (20:08 +0000)] 
target-arm: convert void helpers

Add an explicit CPUState parameter instead of relying on AREG0.

For easier review, convert only op helpers which don't return any value.

Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
9 years agotarget-unicore32: switch to AREG0 free mode
Blue Swirl [Sun, 2 Sep 2012 07:42:33 +0000 (07:42 +0000)] 
target-unicore32: switch to AREG0 free mode

Add an explicit CPUState parameter instead of relying on AREG0
and switch to AREG0 free mode.

Tested-by: Guan Xuetao <gxt@mprc.pku.edu.cn>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
9 years agotarget-m68k: avoid using cpu_single_env
Blue Swirl [Sat, 8 Sep 2012 10:48:20 +0000 (10:48 +0000)] 
target-m68k: avoid using cpu_single_env

Pass around CPUState instead of using global cpu_single_env.

Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
9 years agotarget-m68k: switch to AREG0 free mode
Blue Swirl [Sun, 2 Sep 2012 07:27:38 +0000 (07:27 +0000)] 
target-m68k: switch to AREG0 free mode

Add an explicit CPUState parameter instead of relying on AREG0
and switch to AREG0 free mode.

Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
9 years agotarget-lm32: switch to AREG0 free mode
Blue Swirl [Sun, 2 Sep 2012 06:57:17 +0000 (06:57 +0000)] 
target-lm32: switch to AREG0 free mode

Add an explicit CPUState parameter instead of relying on AREG0
and switch to AREG0 free mode.

Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
9 years agotarget-s390x: avoid cpu_single_env
Blue Swirl [Sat, 8 Sep 2012 11:15:37 +0000 (11:15 +0000)] 
target-s390x: avoid cpu_single_env

Pass around CPUState instead of using global cpu_single_env.

Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
9 years agoconfigure: properly check if -lrt and -lm is needed
Natanael Copa [Wed, 12 Sep 2012 09:06:51 +0000 (09:06 +0000)] 
configure: properly check if -lrt and -lm is needed

Fixes build against uClibc.

uClibc provides 2 versions of clock_gettime(), one with realtime
support and one without (this is so you can avoid linking in -lrt
unless actually needed). This means that the clock_gettime() don't
need -lrt. We still need it for timer_create() so we check for this
function in addition.

We also need check if -lm is needed for isnan().

Both -lm and -lrt are needed for libs_qga.

Signed-off-by: Natanael Copa <ncopa@alpinelinux.org>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
9 years agotcg: Fix MAX_OPC_PARAM_IARGS
Stefan Weil [Wed, 12 Sep 2012 17:18:55 +0000 (19:18 +0200)] 
tcg: Fix MAX_OPC_PARAM_IARGS

DEF_HELPER_FLAGS_5 was added some time ago without adjusting
MAX_OPC_PARAM_IARGS.

Fixing the definition becomes more important as QEMU is using
an increasing number of helper functions called with 5 arguments.

Add also a comment to avoid future problems when DEF_HELPER_FLAGS_6
will be added.

Signed-off-by: Stefan Weil <sw@weilnetz.de>
Reviewed-by: Richard Henderson <rth@twiddle.net>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
9 years agoconfigure: fix seccomp check
Yann E. MORIN [Thu, 6 Sep 2012 20:40:30 +0000 (22:40 +0200)] 
configure: fix seccomp check

Currently, if libseccomp is missing but the user explicitly requested
seccomp support using --enable-seccomp, configure silently ignores the
situation and disables seccomp support.

This is unlike all other tests that explicitly fail in such situation.

Fix that.

Signed-off-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Reviewed-by: Andreas Färber <afaerber@suse.de>
Signed-off-by: Stefan Hajnoczi <stefanha@gmail.com>
9 years agonet: EAGAIN handling for net/socket.c TCP
Stefan Hajnoczi [Mon, 20 Aug 2012 09:14:35 +0000 (10:14 +0100)] 
net: EAGAIN handling for net/socket.c TCP

Replace spinning send_all() with a proper non-blocking send.  When the
socket write buffer limit is reached, we should stop trying to send and
wait for the socket to become writable again.

Non-blocking TCP sockets can return in two different ways when the write
buffer limit is reached:

1. ret = -1 and errno = EAGAIN/EWOULDBLOCK.  No data has been written.

2. ret < total_size.  Short write, only part of the message was
   transmitted.

Handle both cases and keep track of how many bytes have been written in
s->send_index.  (This includes the 'length' header before the actual
payload buffer.)

Signed-off-by: Stefan Hajnoczi <stefanha@linux.vnet.ibm.com>
9 years agonet: EAGAIN handling for net/socket.c UDP
Stefan Hajnoczi [Mon, 20 Aug 2012 09:28:53 +0000 (10:28 +0100)] 
net: EAGAIN handling for net/socket.c UDP

Implement asynchronous send for UDP (or other SOCK_DGRAM) sockets.  If
send fails with EAGAIN we wait for the socket to become writable again.

Signed-off-by: Stefan Hajnoczi <stefanha@linux.vnet.ibm.com>
9 years agonet: asynchronous send/receive infrastructure for net/socket.c
Stefan Hajnoczi [Mon, 20 Aug 2012 09:21:54 +0000 (10:21 +0100)] 
net: asynchronous send/receive infrastructure for net/socket.c

The net/socket.c net client is not truly asynchronous.  This patch
borrows the qemu_set_fd_handler2() code from net/tap.c as the basis for
proper asynchronous send/receive.

Only read packets from the socket when the peer is able to receive.
This avoids needless queuing.

Later patches implement asynchronous send.

Signed-off-by: Stefan Hajnoczi <stefanha@linux.vnet.ibm.com>
9 years agonet: broadcast hub packets if at least one port can receive
Stefan Hajnoczi [Fri, 24 Aug 2012 12:50:30 +0000 (13:50 +0100)] 
net: broadcast hub packets if at least one port can receive

In commit 60c07d933c66c4b30a83b7ccbc8a0cb3df1b2d0e ("net: fix
qemu_can_send_packet logic") the "VLAN" broadcast behavior was changed
to queue packets if any net client cannot receive.  It turns out that
this was not actually the right fix and just hides the real bug that
hw/usb/dev-network.c:usbnet_receive() clobbers its receive buffer when
called multiple times in a row.  The commit also introduced a new bug
that "VLAN" packets would not be sent if one of multiple net clients was
down.

The hw/usb/dev-network.c bug has since been fixed, so this patch reverts
broadcast behavior to send packets as long as one net client can
receive.  Packets simply get queued for the net clients that are
temporarily unable to receive.

Reported-by: Roy.Li <rongqing.li@windriver.com>
Signed-off-by: Stefan Hajnoczi <stefanha@linux.vnet.ibm.com>
9 years agonet: fix usbnet_receive() packet drops
Stefan Hajnoczi [Fri, 24 Aug 2012 12:37:29 +0000 (13:37 +0100)] 
net: fix usbnet_receive() packet drops

The USB network interface has a single buffer which the guest reads
from.  This patch prevents multiple calls to usbnet_receive() from
clobbering the input buffer.  Instead we queue packets until buffer
space becomes available again.

This is inspired by virtio-net and e1000 rxbuf handling.

Signed-off-by: Stefan Hajnoczi <stefanha@linux.vnet.ibm.com>
9 years agonet: clean up usbnet_receive()
Stefan Hajnoczi [Fri, 24 Aug 2012 12:32:16 +0000 (13:32 +0100)] 
net: clean up usbnet_receive()

The USB network interface has two code paths depending on whether or not
RNDIS mode is enabled.  Refactor usbnet_receive() so that there is a
common path throughout the function instead of duplicating everything
across if (is_rndis(s)) ... else ... code paths.

Clean up coding style and 80 character line wrap along the way.

Signed-off-by: Stefan Hajnoczi <stefanha@linux.vnet.ibm.com>
9 years agonet: add -netdev options to man page
Stefan Hajnoczi [Tue, 14 Aug 2012 13:14:27 +0000 (14:14 +0100)] 
net: add -netdev options to man page

Document the -netdev syntax which supercedes the older -net syntax.
This patch is a first step to making -netdev prominent in the QEMU
manual.

Reported-by: Anatoly Techtonik <techtonik@gmail.com>
Signed-off-by: Stefan Hajnoczi <stefanha@linux.vnet.ibm.com>
9 years agonet: do not report queued packets as sent
Stefan Hajnoczi [Mon, 20 Aug 2012 12:35:23 +0000 (13:35 +0100)] 
net: do not report queued packets as sent

Net send functions have a return value where 0 means the packet has not
been sent and will be queued.  A non-zero value means the packet was
sent or an error caused the packet to be dropped.

This patch fixes two instances where packets are queued but we return
their size.  This causes callers to believe the packets were sent.  When
the caller uses the async send interface this creates a real problem
because the callback will be invoked for a packet that the caller
believed to be already sent.  This bug can cause double-frees in the
caller.

Signed-off-by: Stefan Hajnoczi <stefanha@linux.vnet.ibm.com>
9 years agonet: add receive_disabled logic to iov delivery path
Stefan Hajnoczi [Fri, 17 Aug 2012 20:16:42 +0000 (21:16 +0100)] 
net: add receive_disabled logic to iov delivery path

This patch adds the missing NetClient->receive_disabled logic in the
sendv delivery code path.  It seems that commit
893379efd0e1b84ceb0c42a713293f3dbd27b1bd ("net: disable receiving if
client returns zero") only added the logic to qemu_deliver_packet() and
not qemu_deliver_packet_iov().

The receive_disabled flag should be automatically set when .receive(),
.receive_raw(), or .receive_iov() return 0.  No further packets will be
delivered to the NetClient until the receive_disabled flag is cleared
again by calling qemu_flush_queued_packets().

Typically the NetClient will wait until its file descriptor becomes
writable and then invoke qemu_flush_queued_packets() to resume
transmission.

Signed-off-by: Stefan Hajnoczi <stefanha@linux.vnet.ibm.com>
9 years agoeepro100: Fix network hang when rx buffers run out
Bo Yang [Wed, 29 Aug 2012 11:26:11 +0000 (19:26 +0800)] 
eepro100: Fix network hang when rx buffers run out

This is reported by QA. When installing os with pxe, after the initial
kernel and initrd are loaded, the procedure tries to copy files from install
server to local harddisk, the network becomes stall because of running out of
receive descriptor.

[Whitespace fixes and removed qemu_notify_event() because Paolo's
earlier net patches have moved it into qemu_flush_queued_packets().

Additional info:

I can reproduce the network hang with a tap device doing a iPXE HTTP
boot as follows:

  $ qemu -enable-kvm -m 1024 \
    -netdev tap,id=netdev0,script=no,downscript=no \
    -device i82559er,netdev=netdev0,romfile=80861209.rom \
    -drive if=virtio,cache=none,file=test.img
  iPXE> ifopen net0
  iPXE> config # set static network configuration
  iPXE> kernel http://mirror.bytemark.co.uk/fedora/linux/releases/17/Fedora/x86_64/os/images/pxeboot/vmlinuz

I needed a vanilla iPXE ROM to get to the iPXE prompt.  I think the boot
prompt has been disabled in the ROMs that ship with QEMU to reduce boot
time.

During the vmlinuz HTTP download there is a network hang.  hw/eepro100.c
has reached the end of the rx descriptor list.  When the iPXE driver
replenishes the rx descriptor list we don't kick the QEMU net subsystem
and event loop, thereby leaving the tap netdev without its file
descriptor in select(2).

Stefan Hajnoczi <stefanha@gmail.com>]

Signed-off-by: Bo Yang <boyang@suse.com>
Signed-off-by: Stefan Hajnoczi <stefanha@gmail.com>
9 years agoxen: flush queue when getting an event
Paolo Bonzini [Thu, 9 Aug 2012 14:45:57 +0000 (16:45 +0200)] 
xen: flush queue when getting an event

xen does not have a register that, when written, will cause can_receive
to go from false to true.  However, flushing the queue can be attempted
whenever the front-end raises its side of the Xen event channel.  There
is a single event channel for tx and rx.

Cc: Stefano Stabellini <stefano.stabellini@eu.citrix.com>
Cc: Stefan Hajnoczi <stefanha@linux.vnet.ibm.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Reviewed-by: Amos Kong <akong@redhat.com>
Signed-off-by: Stefan Hajnoczi <stefanha@linux.vnet.ibm.com>
9 years agoe1000: flush queue whenever can_receive can go from false to true
Paolo Bonzini [Thu, 9 Aug 2012 14:45:56 +0000 (16:45 +0200)] 
e1000: flush queue whenever can_receive can go from false to true

When the guests replenish the receive ring buffer, the network device
should flush its queue of pending packets.  This is done with
qemu_flush_queued_packets.

e1000's can_receive can go from false to true when RCTL or RDT are
modified.

Reported-by: Luigi Rizzo <rizzo@iet.unipi.it>
Cc: Stefan Hajnoczi <stefanha@linux.vnet.ibm.com>
Cc: Jan Kiszka <jan.kiszka@siemens.de>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Reviewed-by: Amos Kong <akong@redhat.com>
Signed-off-by: Stefan Hajnoczi <stefanha@linux.vnet.ibm.com>
9 years agonet: notify iothread after flushing queue
Paolo Bonzini [Thu, 9 Aug 2012 14:45:55 +0000 (16:45 +0200)] 
net: notify iothread after flushing queue

virtio-net has code to flush the queue and notify the iothread
whenever new receive buffers are added by the guest.  That is
fine, and indeed we need to do the same in all other drivers.
However, notifying the iothread should be work for the network
subsystem.  And since we are at it we can add a little smartness:
if some of the queued packets already could not be delivered,
there is no need to notify the iothread.

Reported-by: Luigi Rizzo <rizzo@iet.unipi.it>
Cc: Stefan Hajnoczi <stefanha@linux.vnet.ibm.com>
Cc: Jan Kiszka <jan.kiszka@siemens.de>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Reviewed-by: Amos Kong <akong@redhat.com>
Signed-off-by: Stefan Hajnoczi <stefanha@linux.vnet.ibm.com>
9 years agoarch_init.c: add missing '%' symbols before PRIu64 in debug printfs
Igor Mitsyanko [Wed, 5 Sep 2012 09:04:56 +0000 (13:04 +0400)] 
arch_init.c: add missing '%' symbols before PRIu64 in debug printfs

'%' symbols were missing in front of PRIu64 macros in DPRINTF() messages in
arch_init.c, this caused compilation warnings when compiled with DEBUG_ARCH_INIT defined.

Signed-off-by: Igor Mitsyanko <i.mitsyanko@samsung.com>
Signed-off-by: Stefan Hajnoczi <stefanha@gmail.com>
9 years agokvm: Fix warning from static code analysis
Stefan Weil [Mon, 3 Sep 2012 20:40:40 +0000 (22:40 +0200)] 
kvm: Fix warning from static code analysis

Report from smatch:

kvm-all.c:1373 kvm_init(135) warn:
 variable dereferenced before check 's' (see line 1360)

's' cannot by NULL (it was alloced using g_malloc0), so there is no need
to check it here.

Signed-off-by: Stefan Weil <sw@weilnetz.de>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Stefan Hajnoczi <stefanha@gmail.com>
9 years agoqapi: Fix enumeration typo error
Lei Li [Thu, 23 Aug 2012 05:14:25 +0000 (13:14 +0800)] 
qapi: Fix enumeration typo error

Signed-off-by: Lei Li <lilei@linux.vnet.ibm.com>
Reviewed-by: Luiz Capitulino <lcapitulino@redhat.com>
Signed-off-by: Stefan Hajnoczi <stefanha@gmail.com>
9 years agoconsole: Clean up bytes per pixel calculation
BALATON Zoltan [Wed, 22 Aug 2012 15:19:42 +0000 (17:19 +0200)] 
console: Clean up bytes per pixel calculation

Division with round up is the correct way to compute this even if the
only case where division with round down gives incorrect result is
probably 15 bpp. This case was explicitely patched up in one of these
functions but was unhandled in the other. (I'm not sure about setting
16 bpp for the 15bpp case either but I left that there for now.)

Signed-off-by: BALATON Zoltan <balaton@eik.bme.hu>
Signed-off-by: Stefan Hajnoczi <stefanha@linux.vnet.ibm.com>
9 years agoFix copy&paste typos in documentation comments
BALATON Zoltan [Wed, 22 Aug 2012 15:18:38 +0000 (17:18 +0200)] 
Fix copy&paste typos in documentation comments

Signed-off-by: BALATON Zoltan <balaton@eik.bme.hu>
Signed-off-by: Stefan Hajnoczi <stefanha@linux.vnet.ibm.com>
9 years agolinux-user: Remove #if 0'd cpu_get_real_ticks() definition
Peter Maydell [Mon, 20 Aug 2012 13:03:36 +0000 (14:03 +0100)] 
linux-user: Remove #if 0'd cpu_get_real_ticks() definition

Remove the cpu_get_real_ticks() definition from linux-user/main.c.
This has been disabled via #if 0 and unused since commit 1dce7c3c22
in 2006; the definitions we actually use are in qemu-timer.h.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Stefan Hajnoczi <stefanha@linux.vnet.ibm.com>
9 years agoui: Fix spelling in comment (ressource -> resource)
Stefan Weil [Fri, 17 Aug 2012 13:20:00 +0000 (15:20 +0200)] 
ui: Fix spelling in comment (ressource -> resource)

The function is called interface_release_resource.

Signed-off-by: Stefan Weil <sw@weilnetz.de>
Signed-off-by: Stefan Hajnoczi <stefanha@linux.vnet.ibm.com>
9 years agoSpelling fixes in comments and macro names (ressource -> resource)
Stefan Weil [Thu, 16 Aug 2012 13:12:21 +0000 (15:12 +0200)] 
Spelling fixes in comments and macro names (ressource -> resource)

Macro XEN_HOST_PCI_RESOURCE_BUFFER_SIZE is only used locally,
so the change should be safe.

Signed-off-by: Stefan Weil <sw@weilnetz.de>
Signed-off-by: Stefan Hajnoczi <stefanha@linux.vnet.ibm.com>
9 years agoFix spelling (licenced -> licensed) in GPL
Stefan Weil [Fri, 10 Aug 2012 20:03:26 +0000 (22:03 +0200)] 
Fix spelling (licenced -> licensed) in GPL

The patch also fixes the case of "written".

Signed-off-by: Stefan Weil <sw@weilnetz.de>
Signed-off-by: Stefan Hajnoczi <stefanha@linux.vnet.ibm.com>
9 years agoSpelling fixes in comments and documentation
Stefan Weil [Fri, 10 Aug 2012 20:03:25 +0000 (22:03 +0200)] 
Spelling fixes in comments and documentation

These wrong spellings were detected by codespell:

* successully -> successfully

* alot -> a lot

* wanna -> want to

* infomation -> information

* occured -> occurred

["also is" -> "is also" and "ressources" -> "resources" suggested by
Peter Maydell <peter.maydell@linaro.org>]

Signed-off-by: Stefan Weil <sw@weilnetz.de>
Signed-off-by: Stefan Hajnoczi <stefanha@linux.vnet.ibm.com>
9 years agosrp: Don't use QEMU_PACKED for single elements of a structured type
Stefan Weil [Fri, 10 Aug 2012 20:03:27 +0000 (22:03 +0200)] 
srp: Don't use QEMU_PACKED for single elements of a structured type

QEMU_PACKED results in a MinGW compiler warning when it is
used for single structure elements:

warning: 'gcc_struct' attribute ignored

Using QEMU_PACKED for the whole structure avoids the compiler warning
without changing the memory layout.

Signed-off-by: Stefan Weil <sw@weilnetz.de>
Signed-off-by: Stefan Hajnoczi <stefanha@linux.vnet.ibm.com>
9 years agoslirp: Implement TFTP Blocksize option
Hervé Poussineau [Thu, 13 Sep 2012 05:55:01 +0000 (07:55 +0200)] 
slirp: Implement TFTP Blocksize option

This option is described in RFC 1783. As this is only an optional field,
we may ignore it in some situations and handle it in some others.

However, MS Windows 2003 PXE boot client requests a block size of the MTU
(most of the times 1472 bytes), and doesn't work if the option is not
acknowledged (with whatever value).

According to the RFC 1783, we cannot acknowledge the option with a bigger
value than the requested one.

As current implementation is using 512 bytes by block, accept the option
with a value of 512 if the option was specified, and don't acknowledge it
if it is not present or less than 512 bytes.

Signed-off-by: Hervé Poussineau <hpoussin@reactos.org>
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
9 years agoslirp: Remove unused return value of tftp_send_next_block
Jan Kiszka [Thu, 13 Sep 2012 10:44:27 +0000 (12:44 +0200)] 
slirp: Remove unused return value of tftp_send_next_block

No caller actually makes use of this value, so let's simplify the code.

Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
9 years agoslirp: Handle more than 65535 blocks in TFTP transfers
Hervé Poussineau [Thu, 13 Sep 2012 10:39:36 +0000 (12:39 +0200)] 
slirp: Handle more than 65535 blocks in TFTP transfers

RFC 1350 does not mention block count roll-over. However, a lot of TFTP servers
implement it to be able to transmit big files, so do it also.

Current block size is 512 bytes, so TFTP files were limited to 32 MB.

Signed-off-by: Hervé Poussineau <hpoussin@reactos.org>
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
9 years agoslirp: improve TFTP performance
Hervé Poussineau [Mon, 10 Sep 2012 18:52:25 +0000 (20:52 +0200)] 
slirp: improve TFTP performance

When transferring a file, keep it open during the whole transfer,
instead of opening/closing it for each block.

Signed-off-by: Hervé Poussineau <hpoussin@reactos.org>
Reviewed-by: Aurelien Jarno <aurelien@aurel32.net>
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
9 years agoslirp: Fix error reported by static code analysis
Stefan Weil [Tue, 4 Sep 2012 21:20:36 +0000 (23:20 +0200)] 
slirp: Fix error reported by static code analysis

Report from smatch:

slirp/tcp_subr.c:127 tcp_respond(17) error:
 we previously assumed 'tp' could be null (see line 124)

Return if 'tp' is NULL.

Signed-off-by: Stefan Weil <sw@weilnetz.de>
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
9 years agoslirp: Remove wrong type casts ins debug statements
Stefan Weil [Tue, 4 Sep 2012 21:20:35 +0000 (23:20 +0200)] 
slirp: Remove wrong type casts ins debug statements

The type casts of pointers to long are not allowed
when sizeof(pointer) != sizeof(long).

Signed-off-by: Stefan Weil <sw@weilnetz.de>
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
9 years agohw/qxl: support client monitor configuration via device
Alon Levy [Wed, 12 Sep 2012 13:13:28 +0000 (16:13 +0300)] 
hw/qxl: support client monitor configuration via device

Until now we used only the agent to change the monitor count and each
monitor resolution. This patch introduces the qemu part of using the
device as the mediator instead of the agent via virtio-serial.

Spice (>=0.11.5) calls the new QXLInterface::client_monitors_config,
which returns wether the interrupt is enabled, and if so and given a non
NULL monitors config will
generate an interrupt QXL_INTERRUPT_CLIENT_MONITORS_CONFIG with crc
checksum for the guest to verify a second call hasn't interfered.

The maximal number of monitors is limited on the QXLRom to 64.

Signed-off-by: Alon Levy <alevy@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
9 years agoqxl: add trace-event for QXL_IO_LOG
Alon Levy [Wed, 12 Sep 2012 13:13:27 +0000 (16:13 +0300)] 
qxl: add trace-event for QXL_IO_LOG

Signed-off-by: Alon Levy <alevy@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
9 years agohw/qxl: tracing fixes
Alon Levy [Wed, 12 Sep 2012 13:13:26 +0000 (16:13 +0300)] 
hw/qxl: tracing fixes

Add two new trace events:
qxl_send_events(int qid, uint32_t events) "%d %d"
qxl_set_guest_bug(int qid) "%d"

Change qxl_io_unexpected_vga_mode parameters to be equivalent to those
of qxl_io_write for easier grouping under a single systemtap probe.

Change d to qxl in one place.

Signed-off-by: Alon Levy <alevy@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
9 years agoblock: Don't forget to delete temporary file
Dunrong Huang [Wed, 5 Sep 2012 13:26:22 +0000 (21:26 +0800)] 
block: Don't forget to delete temporary file

The caller would not delete temporary file after failed get_tmp_filename().

Signed-off-by: Dunrong Huang <riegamaths@gmail.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
9 years agoDon't require encryption password for 'qemu-img info' command
Daniel P. Berrange [Mon, 10 Sep 2012 11:11:31 +0000 (12:11 +0100)] 
Don't require encryption password for 'qemu-img info' command

The encryption password is only required if I/O is going to be
performed on a disk image. The 'qemu-img info' command merely
reports metadata, so it should not ask for a decryption password

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
9 years agoqemu-img: Add json output option to the info command.
Benoît Canet [Wed, 5 Sep 2012 11:09:02 +0000 (13:09 +0200)] 
qemu-img: Add json output option to the info command.

This option --output=[human|json] make qemu-img info output on
human or JSON representation at the choice of the user.

example:
{
    "snapshots": [
        {
            "vm-clock-nsec": 637102488,
            "name": "vm-20120821145509",
            "date-sec": 1345553709,
            "date-nsec": 220289000,
            "vm-clock-sec": 20,
            "id": "1",
            "vm-state-size": 96522745
        },
        {
            "vm-clock-nsec": 28210866,
            "name": "vm-20120821154059",
            "date-sec": 1345556459,
            "date-nsec": 171392000,
            "vm-clock-sec": 46,
            "id": "2",
            "vm-state-size": 101208714
        }
    ],
    "virtual-size": 1073741824,
    "filename": "snap.qcow2",
    "cluster-size": 65536,
    "format": "qcow2",
    "actual-size": 985587712,
    "dirty-flag": false
}

Signed-off-by: Benoit Canet <benoit@irqsave.net>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
9 years agoqapi: Add SnapshotInfo and ImageInfo.
Benoît Canet [Wed, 5 Sep 2012 11:09:01 +0000 (13:09 +0200)] 
qapi: Add SnapshotInfo and ImageInfo.

Signed-off-by: Benoit Canet <benoit@irqsave.net>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
9 years agoahci: properly reset PxCMD on HBA reset
Jason Baron [Tue, 4 Sep 2012 20:08:08 +0000 (16:08 -0400)] 
ahci: properly reset PxCMD on HBA reset

While testing q35, I found that windows 7 (specifically, windows 7 ultimate
with sp1 x64), wouldn't install because it can't find the cdrom or disk drive.
The failure message is: 'A required cd/dvd device driver is missing. If you
have a driver floppy disk, CD, DVD, or USB flash drive, please insert it now.'
This can also be reproduced on piix by adding an ahci controller, and
observing that windows 7 does not see any devices behind it.

The problem is that when windows issues a HBA reset, qemu does not reset the
individual ports' PxCMD register. Windows 7 then reads back the PxCMD register
and presumably assumes that the ahci controller has already been initialized.
Windows then never sets up the PxIE register to enable interrupts, and thus it
never gets irqs back when it sends ata device inquiry commands.

This change brings qemu into ahci 1.3 specification compliance.

Section 10.4.3 HBA Reset:

"
When GHC.HR is set to '1', GHC.AE, GHC.IE, the IS register, and all port
register fields (except PxFB/PxFBU/PxCLB/PxCLBU) that are not HwInit in the
HBA's register memory space are reset.
"

I've also re-tested Fedora 16 and 17 to verify that they continue to work with
this change.

Signed-off-by: Jason Baron <jbaron@redhat.com>
Acked-by: Alexander Graf <agraf@suse.de>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
9 years agoblock: fix block tray status
Pavel Hrdina [Thu, 9 Aug 2012 10:44:48 +0000 (12:44 +0200)] 
block: fix block tray status

The tray status should change also if you eject empty block device.

Signed-off-by: Pavel Hrdina <phrdina@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
9 years agovdi: Fix warning from clang
Stefan Weil [Fri, 17 Aug 2012 13:23:24 +0000 (15:23 +0200)] 
vdi: Fix warning from clang

ccc-analyzer reports these warnings:

block/vdi.c:704:13: warning: Dereference of null pointer
            bmap[i] = VDI_UNALLOCATED;
            ^
block/vdi.c:702:13: warning: Dereference of null pointer
            bmap[i] = i;
            ^

Moving some code into the if block fixes this.
It also avoids calling function write with 0 bytes of data.

Signed-off-by: Stefan Weil <sw@weilnetz.de>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
9 years agoblock/curl: Fix wrong free statement
Stefan Weil [Sat, 1 Sep 2012 09:06:45 +0000 (11:06 +0200)] 
block/curl: Fix wrong free statement

Report from smatch:
block/curl.c:546 curl_close(21) info: redundant null check on s->url calling free()

The check was redundant, and free was also wrong because the memory
was allocated using g_strdup.

Signed-off-by: Stefan Weil <sw@weilnetz.de>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
9 years agoide: Fix error messages from static code analysis (no real error)
Stefan Weil [Mon, 3 Sep 2012 20:13:56 +0000 (22:13 +0200)] 
ide: Fix error messages from static code analysis (no real error)

Report from smatch:
hw/ide/core.c:1472 ide_exec_cmd(423) error: buffer overflow 'smart_attributes' 8 <= 29
hw/ide/core.c:1474 ide_exec_cmd(425) error: buffer overflow 'smart_attributes' 8 <= 29
hw/ide/core.c:1475 ide_exec_cmd(426) error: buffer overflow 'smart_attributes' 8 <= 29
...

The upper limit of 30 was never reached because both for loops terminated
when 'smart_attributes' reached end of list, so there was no real buffer
overflow.

Nevertheless, changing the code not only fixes the error report, but also
reduces the size of smart_attributes and simplifies the for loops.

Signed-off-by: Stefan Weil <sw@weilnetz.de>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
9 years agoATAPI: STARTSTOPUNIT only eject/load media if powercondition is 0
Ronnie Sahlberg [Tue, 31 Jul 2012 01:28:26 +0000 (11:28 +1000)] 
ATAPI: STARTSTOPUNIT only eject/load media if powercondition is 0

The START STOP UNIT command will only eject/load media if
power condition is zero.

If power condition is !0 then LOEJ and START will be ignored.

From MMC (sbc contains similar wordings too)
  The Power Conditions field requests the block device to be placed
  in the power condition defined in
  Table 558. If this field has a value other than 0h then the Start
  and LoEj bits shall be ignored.

Signed-off-by: Ronnie Sahlberg <ronniesahlberg@gmail.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
9 years agosheepdog: fix savevm and loadvm
MORITA Kazutaka [Wed, 29 Aug 2012 18:39:45 +0000 (03:39 +0900)] 
sheepdog: fix savevm and loadvm

This patch sets data to be sent to Sheepdog correctly and fixes savevm
and loadvm operations on a Sheepdog image.

Signed-off-by: MORITA Kazutaka <morita.kazutaka@lab.ntt.co.jp>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
9 years agoqxl: better cleanup for surface destroy
Uri Lublin [Tue, 11 Sep 2012 07:09:58 +0000 (10:09 +0300)] 
qxl: better cleanup for surface destroy

Add back a call to qxl_spice_destroy_surface_wait_complete() in qxl_spice_destroy_surface_wait(),
that was removed by commit c480bb7da465186b84d8427e068ef7502e47ffbf

It is needed to complete surface-removal cleanup, for non async.
For async, qxl_spice_destroy_surface_wait_complete is called upon operation completion.

Signed-off-by: Uri Lublin <uril@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
9 years agoqxl: Ignore set_client_capabilities pre/post migrate
Hans de Goede [Fri, 7 Sep 2012 19:48:22 +0000 (21:48 +0200)] 
qxl: Ignore set_client_capabilities pre/post migrate

The recent introduction of set_client_capabilities has broken
(seamless) migration by trying to call qxl_send_events pre (seamless
incoming) and post (*) migration, triggering the following assert:
qxl_send_events: Assertion `qemu_spice_display_is_running(&d->ssd)' failed.

The solution is easy, pre migration the guest will have already received
the client caps on the migration source side, and post migration there no
longer is a guest, so we can simply ignore the set_client_capabilities call
in both those scenarios.

*) Post migration, so not fatal for to the migration itself, but still a crash

Signed-off-by: Hans de Goede <hdegoede@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>