aboutsummaryrefslogtreecommitdiff
AgeCommit message (Collapse)Author
2013-02-15Update VERSION for releasev1.4.0Anthony Liguori
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2013-02-14Update VERSION of releasev1.4.0-rc2Anthony Liguori
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2013-02-14Revert "Update OpenBIOS images"Alexander Graf
This reverts commit 10442558ab1797bfbb01285b909e34c5cf038f12. With the updated OpenBIOS image, -M g3beige fails to boot quik. Signed-off-by: Alexander Graf <agraf@suse.de> Signed-off-by: Mark Cave-Ayland <mark.cave-ayland@ilande.co.uk> Message-id: 1360796292-27078-1-git-send-email-agraf@suse.de Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2013-02-13cadance_uart: Accept input after rx FIFO popPeter Crosthwaite
The device returns false from the can receive function when the FIFO is full. This means the device should check for buffered input whenever a byte is popped from the FIFO. Reported-by: Jason Wu <huanyu@xilinx.com> Signed-off-by: Peter Crosthwaite <peter.crosthwaite@xilinx.com> Message-id: 1360632571-25638-1-git-send-email-peter.crosthwaite@xilinx.com Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2013-02-13block/curl: only restrict protocols with libcurl>=7.19.4Stefan Hajnoczi
The curl_easy_setopt(state->curl, CURLOPT_PROTOCOLS, ...) interface was introduced in libcurl 7.19.4. Therefore we cannot protect against CVE-2013-0249 when linking against an older libcurl. This fixes the build failure introduced by fb6d1bbd246c7a57ef53d3847ef225cd1349d602. Reported-by: Andreas Färber <afaerber@suse.de> Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com> Tested-by: Andreas Färber <andreas.faeber@web.de> Message-id: 1360743934-8337-1-git-send-email-stefanha@redhat.com Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2013-02-13qapi: Flatten away ChardevPortMarkus Armbruster
Simplifies the schema and the code. QMP command { "execute" : "chardev-add", "arguments" : { "id" : "ser0", "backend" : { "type" : "port", "data" : { "type": "serial", "device":"/dev/ttyS0"} } } } becomes { "execute" : "chardev-add", "arguments" : { "id" : "ser0", "backend" : { "type" : "serial", "data" : { "device":"/dev/ttyS0"} } } } Bonus: nicer error messages. "unknown chardev port (1)" becomes "character device backend type 'parallel' not supported". Signed-off-by: Markus Armbruster <armbru@redhat.com> Reviewed-by: Laszlo Ersek <lersek@redhat.com> Message-id: 1360767256-610-3-git-send-email-armbru@redhat.com Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2013-02-13chardev: Fix manual page and qemu-doc for -chardev ttyMarkus Armbruster
Broken in commit d59044ef. Signed-off-by: Markus Armbruster <armbru@redhat.com> Reviewed-by: Laszlo Ersek <lersek@redhat.com> Message-id: 1360767256-610-2-git-send-email-armbru@redhat.com Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2013-02-13net: Avoid NULL function pointer dereference on cleanupAndreas Färber
The pSeries machine and some other devices don't supply a cleanup callback. Revert part of 1ceef9f27359cbe92ef124bf74de6f792e71f6fb that started calling it unconditionally. Cc: Jason Wang <jasowang@redhat.com> Signed-off-by: Andreas Färber <afaerber@suse.de> Message-id: 1360707366-9271-1-git-send-email-afaerber@suse.de Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2013-02-13s390: Fix handling of iscs.Cornelia Huck
There are two ways to express an interruption subclass: - As a bitmask, as used in cr6. - As a number, as used in the I/O interruption word. Unfortunately, we have treated to I/O interruption word as if it contained the bitmask as well, which went unnoticed so far as - (queued-for-next) kvm made the same mistake, and - Linux guest kernels don't check the isc value in the I/O interruption word for subchannel interrupts. Make sure that we treat the I/O interruption word correctly. Signed-off-by: Cornelia Huck <cornelia.huck@de.ibm.com> Signed-off-by: Alexander Graf <agraf@suse.de>
2013-02-13s390: Keep I/O interrupts enabled for all iscs.Cornelia Huck
do_io_interrupt() would stop scanning further iscs if it found an I/O interrupt it could inject. This might cause the pending interrupt indication for I/O interrupts to be reset although there might be queued I/O interrupts for subsequent iscs. Fix this by reordering the logic: Inject the I/O interrupt immediately and continue searching all iscs for queued interrupts. Signed-off-by: Cornelia Huck <cornelia.huck@de.ibm.com> Signed-off-by: Alexander Graf <agraf@suse.de>
2013-02-13s390/sclpconsole: prevent char layer callback during initializationChristian Borntraeger
Starting a qemu with an sclp console and pressing a key very early can result in "qemu-system-s390x: hw/s390x/sclpconsole.c:60: receive_from_chr_layer: Assertion `scon->iov' failed." Lets make sure that the init process is finished, since the iov is allocated after CHR_EVENT_OPENED by also checking for scon->iov. Signed-off-by: Christian Borntraeger <borntraeger@de.ibm.com> Signed-off-by: Alexander Graf <agraf@suse.de>
2013-02-13xilinx.h: s/xilinx_axiethernetdma()/xilinx_axidma()Peter Crosthwaite
This function has nothing to do with ethernet. Its reusable for all DMA clients. Dropped the "ethernet" in the name accordingly. Signed-off-by: Peter Crosthwaite <peter.crosthwaite@xilinx.com> Signed-off-by: Edgar E. Iglesias <edgar.iglesias@gmail.com>
2013-02-13xilinx.h: Dont qdev_create from ethernet_create()Peter Crosthwaite
Pulled the qdev_create functionality out of xilinx_axiethernet_create() and pushed it up to the petalogix_ml605_mmu machine model. This makes the ethernet create+init process consistent with the AXI DMA. Renamed function to xilinx_axiethernet_init accordingly. Signed-off-by: Peter Crosthwaite <peter.crosthwaite@xilinx.com> Signed-off-by: Edgar E. Iglesias <edgar.iglesias@gmail.com>
2013-02-12Merge remote-tracking branch 'stefanha/block' into stagingAnthony Liguori
* stefanha/block: Revert "block/vpc: Fix size calculation" block/raw-posix: detect readonly Linux block devices using BLKROGET
2013-02-12block-migration: fix pending() and iterate() return valuesStefan Hajnoczi
The return value of .save_live_pending() is the number of bytes remaining. This is just an estimate because we do not know how many blocks will be dirtied by the running guest. Currently our return value for .save_live_pending() is wrong because it includes dirty blocks but not in-flight bdrv_aio_readv() requests or unsent blocks. Crucially, it also doesn't include the bulk phase where the entire device is transferred - therefore we risk completing block migration before all blocks have been transferred! The return value of .save_live_iterate() is the number of bytes transferred this iteration. Currently we return whether there are bytes remaining, which is incorrect. Move the bytes remaining calculation into .save_live_pending() and really return the number of bytes transferred this iteration in .save_live_iterate(). Also fix the %ld format specifier which was used for a uint64_t argument. PRIu64 must be use to avoid warnings on 32-bit hosts. Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com> Reviewed-by: Juan Quintela <quintela@redhat.com> Message-id: 1360661835-28663-3-git-send-email-stefanha@redhat.com Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2013-02-12migration: make qemu_ftell() public and support writable filesStefan Hajnoczi
Migration .save_live_iterate() functions return the number of bytes transferred. The easiest way of doing this is by calling qemu_ftell(f) at the beginning and end of the function to calculate the difference. Make qemu_ftell() public so that block-migration will be able to use it. Also adjust the ftell calculation for writable files where buf_offset does not include buf_size. Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com> Reviewed-by: Juan Quintela <quintela@redhat.com> Message-id: 1360661835-28663-2-git-send-email-stefanha@redhat.com Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2013-02-12trace: deal with deprecated glib thread functionsStefan Hajnoczi
g_thread_create() was deprecated in favor of g_thread_new() and g_cond_new() was deprecated in favor of GCond initialization. If the host has glib 2.31 or newer, avoid using the deprecated functions. This patch solves compiler warnings that are generated when glib's deprecated functions are used. Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com> Message-id: 1360676045-9204-3-git-send-email-stefanha@redhat.com Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2013-02-12trace: use glib atomic int typesStefan Hajnoczi
Juan reported that RHEL 6.4 hosts give compiler warnings because we use unsigned int while glib prototypes use volatile gint in trace/simple.c. trace/simple.c:223: error: pointer targets in passing argument 1 of 'g_atomic_int_compare_and_exchange' differ in signedness These variables are only accessed with glib atomic int functions so let's play it by the book and use volatile gint. Reported-by: Juan Quintela <quintela@redhat.com> Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com> Message-id: 1360676045-9204-2-git-send-email-stefanha@redhat.com Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2013-02-12Revert "block/vpc: Fix size calculation"Stefan Hajnoczi
This reverts commit f880defbb06708d30a38ce9f2667067626acdd38. Jeff Cody's testing revealed that the interpretation of size differs even between VirtualPC and HyperV. Revert this so there is time to consider the impact of any backwards incompatible behavior this change creates. Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2013-02-12block/raw-posix: detect readonly Linux block devices using BLKROGETStefan Hajnoczi
Linux block devices can be set read-only with "blockdev --setro <device>". The same thing can be done for LVM volumes using "lvchange --permission r <volume>". This read-only setting is independent of device node permissions. Therefore the device can still be opened O_RDWR but actual writes will fail. This results in odd behavior for QEMU. bdrv_open() is supposed to fail if a read-only image is being opened with BDRV_O_RDWR. By not failing for Linux block devices, the guest boots up but every write produces an I/O error. This patch checks whether the block device is read-only so that Linux block devices behave like regular files. Reported-by: Sibiao Luo <sluo@redhat.com> Suggested-by: Paolo Bonzini <pbonzini@redhat.com> Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com> Reviewed-by: Markus Armbruster <armbru@redhat.com> Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2013-02-12hw/m25p80.c: add WRSR(0x01) supportKuo-Jung Su
Atmel, SST and Intel/Numonyx serial flash tend to power up with the software protection bits set. And thus the new m25p80.c in linux kernel would always tries to use WREN(0x06) + WRSR(0x01) to turn-off the protection. The WEL(0x02) of status register is supposed to be cleared after WRSR(0x01). There are also some drivers (i.e mine for RTOSes) would check the WEL(0x02) in status register to make sure the protection is correctly turned off. Signed-off-by: Kuo-Jung Su <dantesu@faraday-tech.com> Cc: Peter Crosthwaite <peter.crosthwaite@xilinx.com> Cc: Peter Maydell <peter.maydell@linaro.org> Cc: Edgar E. Iglesias <edgar.iglesias@gmail.com> Reviewed-by: Peter Crosthwaite <peter.crosthwaite@xilinx.com> Signed-off-by: Edgar E. Iglesias <edgar.iglesias@gmail.com>
2013-02-11qapi: Improve chardev-add documentationMarkus Armbruster
Signed-off-by: Markus Armbruster <armbru@redhat.com> Message-id: 1360602348-4727-1-git-send-email-armbru@redhat.com Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2013-02-11migration: restrict scope of incoming fd read handlerStefan Hajnoczi
The incoming migration is processed in a coroutine and uses an fd read handler to enter the yielded coroutine when data becomes available. The read handler was set too broadly, so that spurious coroutine entries were be triggered if other coroutine users yielded (like the block layer's bdrv_write() function). Install the fd read only only when yielding for more data to become available. This prevents spurious coroutine entries which break code that assumes only a specific set of places can re-enter the coroutine. This patch fixes crashes in block/raw-posix.c that are triggered with "migrate -b" when qiov becomes a dangling pointer due to a spurious coroutine entry that frees qiov early. Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com> Message-id: 1360598505-5512-1-git-send-email-stefanha@redhat.com Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2013-02-11libi2c-omap: Fix endianness dependencyAndreas Färber
The libqos driver for omap_i2c currently does not work on Big Endian. Introduce helpers for reading from and writing to 16-bit armel registers. This fixes tmp105-test failures on ppc. To prepare for a QTest-level endianness solution, poison mem{read,write} and always use the helpers. Adopt the expected signatures. To avoid an unused variable warning, assert the STAT Single Byte Data bit but, due to it not getting cleared, only it being set when len == 1. Signed-off-by: Andreas Färber <andreas.faerber@web.de> Message-id: 1360600914-5448-3-git-send-email-afaerber@suse.de Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2013-02-11qtest: Use strtoull() for uint64_tAndreas Färber
On 32-bit hosts, unsigned long may be uint32_t and uint64_t may be unsigned long long. Account for this by always using strtoull(). We were already using strtoll() for int64_t. Signed-off-by: Andreas Färber <afaerber@suse.de> Reviewed-by: Anthony Liguori <aliguori@us.ibm.com> Message-id: 1360600914-5448-2-git-send-email-afaerber@suse.de Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2013-02-11libqtest: Fix documentation copy&paste errorsAndreas Färber
The [qtest_]in[bwl]() functions/macros don't have a value argument. Signed-off-by: Andreas Färber <afaerber@suse.de> Message-id: 1360604139-16797-1-git-send-email-afaerber@suse.de Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2013-02-11block/vpc: Fix size calculationStefan Weil
The size calculated from the CHS values is not the real image (disk) size, but usually a smaller value. This is caused by rounding effects. Only older operating systems use CHS. Such guests won't be able to use the whole disk. All modern operating systems use the real size. This patch fixes https://bugs.launchpad.net/qemu/+bug/1105670/. Signed-off-by: Stefan Weil <sw@weilnetz.de> Message-id: 1360265212-22037-1-git-send-email-sw@weilnetz.de Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2013-02-11block-migration: fix block_save_iterate() return valueStefan Hajnoczi
The .save_live_iterate() function returns 0 to continue iterating or 1 to stop iterating. Since 16310a3cca7320edb9341c976f7819de0a8c27e0 it only ever returns 0, leading to an infinite loop. Return 1 if we have finished sending dirty blocks. Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com> Reviewed-by: Paolo Bonzini <pbonzini@redhat.com> Message-id: 1360534366-26723-4-git-send-email-stefanha@redhat.com Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2013-02-11block-migration: fix blk_mig_save_dirty_block() return value checkingStefan Hajnoczi
Commit 43be3a25c931a7f61a76fbfc9d35584cbfc5fb58 changed the blk_mig_save_dirty_block() return code handling. The function's doc comment says: /* return value: * 0: too much data for max_downtime * 1: few enough data for max_downtime */ Because of the 1 return value, callers must check for ret < 0 instead of just: if (ret) { ... } We do not want to bail when 1 is returned, only on error. Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com> Message-id: 1360534366-26723-3-git-send-email-stefanha@redhat.com Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2013-02-11block-migration: improve "Unknown flags" error messageStefan Hajnoczi
Show the actual flags value and include "block migration" in the error message so it's clear where the error is coming from. Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com> Message-id: 1360534366-26723-2-git-send-email-stefanha@redhat.com Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2013-02-11vl: Exit unsuccessfully on option argument syntax errorMarkus Armbruster
We exit successfully after reporting syntax error for argument of --sandbox and --add-fd. We continue undaunted after reporting it for argument of -boot, --option-rom and --object. Change all five to exit unsuccessfully, like the other options. Signed-off-by: Markus Armbruster <armbru@redhat.com> Message-id: 1360354939-10994-7-git-send-email-armbru@redhat.com Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2013-02-11vl: Drop redundant "parse error" reportsMarkus Armbruster
qemu_opts_parse() reports the error already, and in a much more useful way. Signed-off-by: Markus Armbruster <armbru@redhat.com> Message-id: 1360354939-10994-6-git-send-email-armbru@redhat.com Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2013-02-11qemu-option: Disable two helpful messages that got broken recentlyMarkus Armbruster
commit 8be7e7e4 and commit ec7b2ccb messed up the ordering of error message and the helpful explanation that should follow it, like this: $ qemu-system-x86_64 --nodefaults -S --vnc :0 --chardev null,id=, Identifiers consist of letters, digits, '-', '.', '_', starting with a letter. qemu-system-x86_64: -chardev null,id=,: Parameter 'id' expects an identifier $ qemu-system-x86_64 --nodefaults -S --vnc :0 --machine kvm_shadow_mem=dunno You may use k, M, G or T suffixes for kilobytes, megabytes, gigabytes and terabytes. qemu-system-x86_64: -machine kvm_shadow_mem=dunno: Parameter 'kvm_shadow_mem' expects a size Pity. Disable them for now. Signed-off-by: Markus Armbruster <armbru@redhat.com> Message-id: 1360354939-10994-5-git-send-email-armbru@redhat.com Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2013-02-11error: Strip trailing '\n' from error string arguments (again)Markus Armbruster
Commit 6daf194d and be62a2eb got rid of a bunch, but they keep coming back. Tracked down with this Coccinelle semantic patch: @r@ expression err, eno, cls, fmt; position p; @@ ( error_report(fmt, ...)@p | error_set(err, cls, fmt, ...)@p | error_set_errno(err, eno, cls, fmt, ...)@p | error_setg(err, fmt, ...)@p | error_setg_errno(err, eno, fmt, ...)@p ) @script:python@ fmt << r.fmt; p << r.p; @@ if "\\n" in str(fmt): print "%s:%s:%s:%s" % (p[0].file, p[0].line, p[0].column, fmt) Signed-off-by: Markus Armbruster <armbru@redhat.com> Message-id: 1360354939-10994-4-git-send-email-armbru@redhat.com Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2013-02-11error: Clean up abuse of error_report() for helpMarkus Armbruster
Use error_printf() instead, so the help gets presented more nicely. Signed-off-by: Markus Armbruster <armbru@redhat.com> Message-id: 1360354939-10994-3-git-send-email-armbru@redhat.com Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2013-02-11error: Clean up error strings with embedded newlinesMarkus Armbruster
The arguments of error_report() should yield a short error string without newlines. A few places try to print additional help after the error message by embedding newlines in the error string. That's nice, but let's do it the right way. Since I'm touching these lines anyway, drop a stray preposition and some tabs. We don't use tabs for similar messages elsewhere. Signed-off-by: Markus Armbruster <armbru@redhat.com> Message-id: 1360354939-10994-2-git-send-email-armbru@redhat.com Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2013-02-11Merge remote-tracking branch 'luiz/queue/qmp' into stagingAnthony Liguori
# By Peter Maydell # Via Luiz Capitulino * luiz/queue/qmp: tests/test-string-input-visitor: Handle errors provoked by fuzz test
2013-02-09Update OpenBIOS imagesBlue Swirl
Update OpenBIOS images to SVN r1097 built from submodule. Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
2013-02-08xilinx_zynq: Fix wrong IRQ number of the second EHCI controllerLiming Wang
The IRQ number of the second EHCI controller should be 76, not 75. Signed-off-by: Liming Wang <walimisdev@gmail.com> Tested-by: Peter Crosthwaite <peter.crosthwaite@petalogix.com> Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2013-02-08block/curl: disable extra protocols to prevent CVE-2013-0249Stefan Hajnoczi
There is a buffer overflow in libcurl POP3/SMTP/IMAP. The workaround is simple: disable extra protocols so that they cannot be exploited. Full details here: http://curl.haxx.se/docs/adv_20130206.html QEMU only cares about HTTP, HTTPS, FTP, FTPS, and TFTP. I have tested that this fix prevents the exploit on my host with libcurl-7.27.0-5.fc18. Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com> Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2013-02-08qemu-nbd: document --cache and --aio optionsPaolo Bonzini
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com> Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2013-02-08hw/virtio-net: disable multiqueue by defaultJesse Larrew
The new multiqueue feature adds fields to the virtio device config, which breaks Windows guests. Disable the feature by default until the Windows drivers are fixed. Signed-off-by: Jesse Larrew <jlarrew@linux.vnet.ibm.com> Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2013-02-08hw/virtio-net.c: set config size using host featuresJesse Larrew
Currently, the config size for virtio devices is hard coded. When a new feature is added that changes the config size, drivers that assume a static config size will break. For purposes of backward compatibility, there needs to be a way to inform drivers of the config size needed to accommodate the set of features enabled. aliguori: merged in - hw/virtio-net: use existing macros to implement endof - hw/virtio-net: fix config_size data type Signed-off-by: Jesse Larrew <jlarrew@linux.vnet.ibm.com> Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2013-02-08virtio-net: pass host features to virtio_net_initAnthony Liguori
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2013-02-07net: fix infinite loop on exitMichael Roth
1ceef9f27359cbe92ef124bf74de6f792e71f6fb added handling for cleaning up multiple queues in qemu_del_nic() for cases where multiqueue is in use. To determine the number of queues it looks at nic->conf->queues, then iterates through all the queues to cleanup the associated NetClientStates. If no queues are found, no NetClientStates are deleted. However, nic->conf->queues is only set when a peer is created via -netdev or netdev_add, and is otherwise 0. This causes us to spin in net_cleanup() if we attempt to shut down qemu before adding a host device. Since qemu_new_nic() unconditionally creates at least 1 queue/NetClientState at queue idx 0, make qemu_del_nic() always attempt to clean it up. Signed-off-by: Michael Roth <mdroth@linux.vnet.ibm.com> Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2013-02-07tests/test-string-input-visitor: Handle errors provoked by fuzz testPeter Maydell
It's OK and expected for visitors to return errors when presented with the fuzz test's random data. Since the fuzzer doesn't care about errors, we pass in NULL rather than an Error**. This fixes a bug in the fuzzer where it was passing the same Error** into each visitor, with the effect that once one visitor returned an error, each later visitor would notice that it had been passed in an Error** representing an already set error, and do nothing. For the case of visit_type_str() we also need to handle the case where an error means that the visitor doesn't set our char*. We initialize the pointer to NULL so we can safely g_free() it regardless of whether the visitor allocated a string for us or not. This fixes a problem where this test failed the MacOSX malloc() consistency checks and might segfault on other platforms [due to calling free() on an uninitialized pointer variable when visit_type_str() failed.]. Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Reviewed-by: Andreas Färber <afaerber@suse.de> Signed-off-by: Luiz Capitulino <lcapitulino@redhat.com>
2013-02-06Update version for releasev1.4.0-rc1Anthony Liguori
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2013-02-06Merge branch 'for-linux-user' of ↵Anthony Liguori
https://git.gitorious.org/qemu-m68k/qemu-m68k into staging * 'for-linux-user' of https://git.gitorious.org/qemu-m68k/qemu-m68k: linux-user: correct reboot() linux-user: correct setsockopt() linux-user: correct print_timeval() swap tv_sec and tv_usec linux-user: correct msgrcv() Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2013-02-06linux-user: Restore cast to target type in get_user()Peter Maydell
Commit 658f2dc97 accidentally dropped the cast to the target type of the value loaded by get_user(). The most visible effect of this would be that the sequence "uint64_t v; get_user_u32(v, addr)" would sign extend the 32 bit loaded value into v rather than zero extending as would be expected for a _u32 accessor. Put the cast back again to restore the old behaviour. Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2013-02-06hw/pxa2xx: Fix transposed crn/crm values for pxa2xx cp14 perf regsPeter Maydell
When the pxa2xx performance counter related cp14 registers were converted from a switch-statement implementation to the new table driven cpregs format in commit dc2a9045c, the crn and crm values for all these registers were accidentally transposed. Fix this mistake, which was causing OpenBSD for Zaurus to fail to boot. Reported-by: Jonathan Gray <jsg@jsg.id.au> Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>