aboutsummaryrefslogtreecommitdiff
AgeCommit message (Collapse)Author
2013-11-06timers: fix stop/cont with -icountPaolo Bonzini
Stop/cont commands are broken with -icount due to a deadlock. The real problem is that the computation of timers_state.cpu_ticks_offset makes no sense with -icount enabled: we set it to an icount clock value in cpu_disable_ticks, and subtract a TSC (or similar, whatever cpu_get_real_ticks happens to return) value in cpu_enable_ticks. The fix is simple. timers_state.cpu_ticks_offset is only used together with cpu_get_real_ticks, so we can use cpu_get_real_ticks in cpu_disable_ticks. There is no need to update cpu_ticks_prev at the time cpu_disable_ticks is called; instead, we can do it the next time cpu_get_ticks is called. The change to cpu_disable_ticks is the important part of the patch. The rest modifies the code to always check timers_state.cpu_ticks_prev, even when the ticks are not advancing (i.e. the VM is stopped). It also makes a similar change to cpu_get_clock_locked, so that the code remains similar for cpu_get_ticks and cpu_get_clock_locked. Signed-off-by: Paolo Bonzini <pbonzini@redhat.com> Message-id: 1382977938-13844-1-git-send-email-pbonzini@redhat.com Signed-off-by: Anthony Liguori <aliguori@amazon.com>
2013-11-06e1000/rtl8139: update HMP NIC when every bit is writtenAmos Kong
We currently just update the HMP NIC info when the last bit of macaddr is written. This assumes that guest driver will write all the macaddr from bit 0 to bit 5 when it changes the macaddr, this is the current behavior of linux driver (e1000/rtl8139cp), but we can't do this assumption. The macaddr that is used for rx-filter will be updated when every bit is changed. This patch updates the e1000/rtl8139 nic to update HMP NIC info when every bit is changed. It will be same as virtio-net. Signed-off-by: Amos Kong <akong@redhat.com> Reviewed-by: Alex Williamson <alex.williamson@redhat.com> Message-id: 1383650238-16015-1-git-send-email-akong@redhat.com Signed-off-by: Anthony Liguori <aliguori@amazon.com>
2013-11-06virtio-net: only delete bh that existedJason Wang
We delete without check whether it existed during exit. This will lead NULL pointer deference since it was created conditionally depends on guest driver status and features. So add a check of existence before trying to delete it. Cc: qemu-stable@nongnu.org Signed-off-by: Jason Wang <jasowang@redhat.com> Reviewed-by: Michael S. Tsirkin <mst@redhat.com> Message-id: 1383728288-28469-1-git-send-email-jasowang@redhat.com Signed-off-by: Anthony Liguori <aliguori@amazon.com>
2013-11-05rtc: remove dead SQW IRQ codeJan Kiszka
This was once introduced by commit 100d9891d6 but was never used in-tree and then got broken by commit 32e0c8260d. Time to clean up. Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com> Message-id: 520B6A27.4040207@siemens.com Signed-off-by: Anthony Liguori <aliguori@amazon.com>
2013-11-05vga: fix invalid read after freeMarc-André Lureau
After calling dpy_gfx_replace_surface(s->con, surface), the outer surface is invalid. ==5370== Invalid read of size 4 ==5370== at 0x460229: surface_bits_per_pixel (console.h:250) ==5370== by 0x466A81: get_depth_index (vga.c:1173) ==5370== by 0x467EC2: vga_draw_graphic (vga.c:1718) ==5370== by 0x4687A5: vga_update_display (vga.c:1914) ==5370== by 0x2A782E: qxl_hw_update (qxl.c:1766) ==5370== by 0x3EB83B: graphic_hw_update (console.c:254) ==5370== by 0x3FBE31: qemu_spice_display_refresh (spice-display.c:418) ==5370== by 0x2A7D01: display_refresh (qxl.c:1886) ==5370== by 0x3EEE1C: dpy_refresh (console.c:1436) ==5370== by 0x3EB543: gui_update (console.c:192) ==5370== by 0x3C43B3: timerlist_run_timers (qemu-timer.c:488) ==5370== by 0x3C4416: qemu_clock_run_timers (qemu-timer.c:499) ==5370== Address 0x22ffb1e0 is 0 bytes inside a block of size 56 free'd ==5370== at 0x4A074C4: free (in /usr/lib64/valgrind/vgpreload_memcheck-amd64-linux.so) ==5370== by 0x4245FC: free_and_trace (vl.c:2771) ==5370== by 0x50899AE: g_free (gmem.c:252) ==5370== by 0x3EE8D3: qemu_free_displaysurface (console.c:1332) ==5370== by 0x3EEDB7: dpy_gfx_replace_surface (console.c:1427) ==5370== by 0x467EB6: vga_draw_graphic (vga.c:1714) ==5370== by 0x4687A5: vga_update_display (vga.c:1914) ==5370== by 0x2A782E: qxl_hw_update (qxl.c:1766) ==5370== by 0x3EB83B: graphic_hw_update (console.c:254) ==5370== by 0x3FBE31: qemu_spice_display_refresh (spice-display.c:418) ==5370== by 0x2A7D01: display_refresh (qxl.c:1886) ==5370== by 0x3EEE1C: dpy_refresh (console.c:1436) Signed-off-by: Marc-André Lureau <marcandre.lureau@gmail.com> Reviewed-by: Gerd Hoffmann <kraxel@redhat.com> Message-id: 1383664554-15248-1-git-send-email-marcandre.lureau@gmail.com Signed-off-by: Anthony Liguori <aliguori@amazon.com>
2013-11-05tests: fix 64-bit int literals for 32-bit hostsStefan Hajnoczi
On 32-bit hosts: CC tests/test-opts-visitor.o tests/test-opts-visitor.c: In function 'test_value': tests/test-opts-visitor.c:128: warning: integer constant is too large for 'long' type CC tests/test-bitops.o tests/test-bitops.c:34: warning: integer constant is too large for 'long' type tests/test-bitops.c:35: warning: integer constant is too large for 'long' type tests/test-bitops.c:35: warning: integer constant is too large for 'long' type CC tests/endianness-test.o tests/endianness-test.c:47: warning: integer constant is too large for 'long' type Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com> Reviewed-by: Eric Blake <eblake@redhat.com> Message-id: 1383669768-23926-1-git-send-email-stefanha@redhat.com Signed-off-by: Anthony Liguori <aliguori@amazon.com>
2013-11-05docs/memory.txt: Clarify and expand priority/overlap documentationPeter Maydell
The documentation of how overlapping memory regions behave and how the priority system works was rather brief, and confusion about priorities seems to be quite common for developers trying to understand how the memory region system works, so expand and clarify it. This includes a worked example with overlaps, documentation of the behaviour when an overlapped container has "holes", and mention that it's valid for a region to have both MMIO callbacks and subregions (and how this interacts with priorities when it does). Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Reviewed-by: Michael S. Tsirkin <mst@redhat.com> Message-id: 1381848154-31602-1-git-send-email-peter.maydell@linaro.org Signed-off-by: Anthony Liguori <aliguori@amazon.com>
2013-11-05configure: detect endian via compile testMike Frysinger
This avoids needing to execute a program and keeping an (incomplete) list when cross-compiling. Signed-off-by: Mike Frysinger <vapier@gentoo.org> Reviewed-by: Richard Henderson <rth@twiddle.net> Tested-by: James Hogan <james.hogan@imgtec.com> [mips] Message-id: 1372649418-4987-1-git-send-email-vapier@gentoo.org Signed-off-by: Anthony Liguori <aliguori@amazon.com>
2013-11-05tests: fix memleak in error path test for input visitorWenchao Xia
Signed-off-by: Wenchao Xia <xiawenc@linux.vnet.ibm.com> Reviewed-by: Eric Blake <eblake@redhat.com> Message-id: 1383676551-18806-3-git-send-email-xiawenc@linux.vnet.ibm.com Cc: qemu-stable@nongnu.org Signed-off-by: Anthony Liguori <aliguori@amazon.com>
2013-11-05qapi: fix memleak by adding implict struct functions in dealloc visitorWenchao Xia
Otherwise member "base" is leaked in a qapi_free_STRUCTURE() call. Signed-off-by: Wenchao Xia <xiawenc@linux.vnet.ibm.com> Reviewed-by: Eric Blake <eblake@redhat.com> Message-id: 1383676551-18806-2-git-send-email-xiawenc@linux.vnet.ibm.com Cc: qemu-stable@nongnu.org Signed-off-by: Anthony Liguori <aliguori@amazon.com>
2013-11-05bswap.h: Remove cpu_to_32wu()Peter Maydell
Replace the legacy cpu_to_32wu() with stl_p(). Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Reviewed-by: Richard Henderson <rth@twiddle.net> Reviewed-by: Michael S. Tsirkin <mst@redhat.com> Message-id: 1383669517-25598-10-git-send-email-peter.maydell@linaro.org Signed-off-by: Anthony Liguori <aliguori@amazon.com>
2013-11-05bswap.h: Remove cpu_to_be64wu()Peter Maydell
Replace the legacy cpu_to_be64wu() with stq_be_p(). Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Reviewed-by: Richard Henderson <rth@twiddle.net> Reviewed-by: Michael S. Tsirkin <mst@redhat.com> Message-id: 1383669517-25598-9-git-send-email-peter.maydell@linaro.org Signed-off-by: Anthony Liguori <aliguori@amazon.com>
2013-11-05bswap.h: Remove cpu_to_be32wu()Peter Maydell
Replace the legacy cpu_to_be32wu() with stl_be_p(). Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Reviewed-by: Richard Henderson <rth@twiddle.net> Reviewed-by: Michael S. Tsirkin <mst@redhat.com> Message-id: 1383669517-25598-8-git-send-email-peter.maydell@linaro.org Signed-off-by: Anthony Liguori <aliguori@amazon.com>
2013-11-05bswap.h: Remove cpu_to_be16wu()Peter Maydell
Replace the legacy cpu_to_be16wu() with stw_be_p(). Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Reviewed-by: Richard Henderson <rth@twiddle.net> Reviewed-by: Michael S. Tsirkin <mst@redhat.com> Message-id: 1383669517-25598-7-git-send-email-peter.maydell@linaro.org Signed-off-by: Anthony Liguori <aliguori@amazon.com>
2013-11-05bswap.h: Remove be32_to_cpupu()Peter Maydell
Replace the legacy be32_to_cpupu() with ldl_be_p(). Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Reviewed-by: Richard Henderson <rth@twiddle.net> Reviewed-by: Michael S. Tsirkin <mst@redhat.com> Message-id: 1383669517-25598-6-git-send-email-peter.maydell@linaro.org Signed-off-by: Anthony Liguori <aliguori@amazon.com>
2013-11-05bswap.h: Remove le32_to_cpupu()Peter Maydell
Replace the legacy le32_to_cpupu() with ldl_le_p(). Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Reviewed-by: Richard Henderson <rth@twiddle.net> Reviewed-by: Michael S. Tsirkin <mst@redhat.com> Message-id: 1383669517-25598-5-git-send-email-peter.maydell@linaro.org Signed-off-by: Anthony Liguori <aliguori@amazon.com>
2013-11-05bswap.h: Remove le16_to_cpupu()Peter Maydell
Replace the legacy le16_to_cpupu() with lduw_le_p(). Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Reviewed-by: Richard Henderson <rth@twiddle.net> Reviewed-by: Michael S. Tsirkin <mst@redhat.com> Message-id: 1383669517-25598-4-git-send-email-peter.maydell@linaro.org Signed-off-by: Anthony Liguori <aliguori@amazon.com>
2013-11-05bswap.h: Remove cpu_to_le32wu()Peter Maydell
Replace the legacy cpu_to_le32wu() with stl_le_p(). Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Reviewed-by: Richard Henderson <rth@twiddle.net> Reviewed-by: Michael S. Tsirkin <mst@redhat.com> Message-id: 1383669517-25598-3-git-send-email-peter.maydell@linaro.org Signed-off-by: Anthony Liguori <aliguori@amazon.com>
2013-11-05bswap.h: Remove cpu_to_le16wu()Peter Maydell
Replace the legacy cpu_to_le16wu() with stw_le_p(). Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Reviewed-by: Richard Henderson <rth@twiddle.net> Reviewed-by: Michael S. Tsirkin <mst@redhat.com> Message-id: 1383669517-25598-2-git-send-email-peter.maydell@linaro.org Signed-off-by: Anthony Liguori <aliguori@amazon.com>
2013-11-05Merge remote-tracking branch 'afaerber/tags/qom-devices-for-anthony' into ↵Anthony Liguori
staging QOM device refactorings * QTest coverage for all machines * QOM realize for Milkymist UART * QOM realize for ARM MPCore * device_add bug fixes and cleanups * QOM for PCMCIA/MicroDrive (last legacy IDE device) # gpg: Signature made Tue 05 Nov 2013 09:07:03 AM PST using RSA key ID 3E7E013F # gpg: Can't check signature: public key not found # By Andreas Färber (49) and others # Via Andreas Färber * afaerber/tags/qom-devices-for-anthony: (54 commits) pcmcia/pxa2xx: QOM'ify PXA2xxPCMCIAState ide: Drop ide_init2_with_non_qdev_drives() microdrive: Coding Style cleanups pcmcia: QOM'ify PCMCIACardState and MicroDriveState pxa: Fix typo "dettach" qom: Fix pointer to int property helpers' documentation qdev-monitor: Inline qdev_init() for device_add qdev-monitor: Avoid qdev as variable name qdev: Drop misleading qdev_free() function qdev-monitor: Unref device when device_add fails qdev-monitor: Fix crash when device_add is called with abstract driver qdev-monitor: Clean up qdev_device_add() variable naming arm11mpcore: Split off RealView MPCore arm11mpcore: Prepare for QOM embedding arm11mpcore: Convert mpcore_rirq_state to QOM realize realview_gic: Prepare for QOM embedding realview_gic: Convert to QOM realize arm11mpcore: Convert ARM11MPCorePriveState to QOM realize arm11mpcore: Split off SCU device arm11mpcore: Create container MemoryRegion in instance_init ...
2013-11-05pcmcia/pxa2xx: QOM'ify PXA2xxPCMCIAStateAndreas Färber
Turn it into a SysBusDevice and use a container MemoryRegion. Add a link<pcmcia-card> property to the PCMCIACardState. Signed-off-by: Andreas Färber <afaerber@suse.de>
2013-11-05ide: Drop ide_init2_with_non_qdev_drives()Andreas Färber
All its users have finally been converted. Signed-off-by: Andreas Färber <afaerber@suse.de>
2013-11-05microdrive: Coding Style cleanupsAndreas Färber
Add missing braces. Signed-off-by: Andreas Färber <afaerber@suse.de>
2013-11-05pcmcia: QOM'ify PCMCIACardState and MicroDriveStateAndreas Färber
Turn PCMCIACardState into a device. Move callbacks to new PCMCIACardClass. Derive TYPE_MICRODRIVE from TYPE_PCMCIA_CARD. Replace ide_init2_with_non_qdev_drives(). Signed-off-by: Othmar Pasteka <pasteka@kabsi.at> Signed-off-by: Andreas Färber <afaerber@suse.de>
2013-11-05pxa: Fix typo "dettach"Andreas Färber
Signed-off-by: Andreas Färber <afaerber@suse.de>
2013-11-05qom: Fix pointer to int property helpers' documentationMichael S. Tsirkin
Relocate to alongside the other object_property_add_* helpers while at it. Signed-off-by: Andreas Färber <afaerber@suse.de>
2013-11-05qdev-monitor: Inline qdev_init() for device_addAndreas Färber
For historic reasons, qdev_init() unparents the device on failure. Inline this to make the error paths clearer and consistent. Reviewed-by: Igor Mammedov <imammedo@redhat.com> Signed-off-by: Andreas Färber <afaerber@suse.de>
2013-11-05qdev-monitor: Avoid qdev as variable nameAndreas Färber
Prepares for bringing error cleanup code into canonical QOM form. Includes a whitespace removal after curly brace by Stefan. Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com> Reviewed-by: Igor Mammedov <imammedo@redhat.com> Signed-off-by: Andreas Färber <afaerber@suse.de>
2013-11-05qdev: Drop misleading qdev_free() functionStefan Hajnoczi
The qdev_free() function name is misleading since all the function does is unlink the device from its parent. The device is not necessarily freed. The device will be freed when its QObject refcount reaches zero. It is usual for the parent (bus) to hold the final reference but there are cases where something else holds a reference so "free" is a misleading name. Call object_unparent(obj) directly instead of having a qdev wrapper function. Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com> Reviewed-by: Eric Blake <eblake@redhat.com> Signed-off-by: Andreas Färber <afaerber@suse.de>
2013-11-05qdev-monitor: Unref device when device_add failsStefan Hajnoczi
qdev_device_add() leaks the created device upon failure. I suspect this problem crept in because qdev_free() unparents the device but does not drop a reference - confusing name. Cc: qemu-stable@nongnu.org Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com> Reviewed-by: Eric Blake <eblake@redhat.com> Signed-off-by: Andreas Färber <afaerber@suse.de>
2013-11-05qdev-monitor: Fix crash when device_add is called with abstract driverIgor Mammedov
User is able to crash running QEMU when following monitor command is called: device_add intel-hda-generic Crash is caused by assertion in object_initialize_with_type() when type is abstract. Checking if type is abstract before instance is created in qdev_device_add() allows to prevent crash on incorrect user input. Cc: qemu-stable@nongnu.org Signed-off-by: Igor Mammedov <imammedo@redhat.com> Signed-off-by: Andreas Färber <afaerber@suse.de>
2013-11-05qdev-monitor: Clean up qdev_device_add() variable namingAndreas Färber
Avoid confusion between object (obj) and object class (oc). Tidy DeviceClass variable while at it (k -> dc). Signed-off-by: Andreas Färber <afaerber@suse.de>
2013-11-05arm11mpcore: Split off RealView MPCoreAndreas Färber
Reviewed-by: Peter Maydell <peter.maydell@linaro.org> Signed-off-by: Andreas Färber <afaerber@suse.de>
2013-11-05arm11mpcore: Prepare for QOM embeddingAndreas Färber
Move state struct, type constant and cast macro to a new header. Reviewed-by: Peter Maydell <peter.maydell@linaro.org> Signed-off-by: Andreas Färber <afaerber@suse.de>
2013-11-05arm11mpcore: Convert mpcore_rirq_state to QOM realizeAndreas Färber
Embed ARM11MPCorePriveState and RealViewGICState and replace SysBus initfn with realizefn. Reviewed-by: Peter Maydell <peter.maydell@linaro.org> Signed-off-by: Andreas Färber <afaerber@suse.de>
2013-11-05realview_gic: Prepare for QOM embeddingAndreas Färber
Move state struct, type constant and cast macro to a new header. Reviewed-by: Peter Maydell <peter.maydell@linaro.org> Signed-off-by: Andreas Färber <afaerber@suse.de>
2013-11-05realview_gic: Convert to QOM realizeAndreas Färber
Embed GICState and replace SysBus initfn with realizefn. Reviewed-by: Peter Maydell <peter.maydell@linaro.org> Signed-off-by: Andreas Färber <afaerber@suse.de>
2013-11-05arm11mpcore: Convert ARM11MPCorePriveState to QOM realizeAndreas Färber
Embed child devices and replace SysBus initfn with realizefn. Reviewed-by: Peter Maydell <peter.maydell@linaro.org> Signed-off-by: Andreas Färber <afaerber@suse.de>
2013-11-05arm11mpcore: Split off SCU deviceAndreas Färber
Inspired by a9scu. Reviewed-by: Peter Maydell <peter.maydell@linaro.org> Signed-off-by: Andreas Färber <afaerber@suse.de>
2013-11-05arm11mpcore: Create container MemoryRegion in instance_initAndreas Färber
This allows to map the region directly after object initialization. Reviewed-by: Peter Maydell <peter.maydell@linaro.org> Signed-off-by: Andreas Färber <afaerber@suse.de>
2013-11-05arm11mpcore: Drop unused fieldsAndreas Färber
Reviewed-by: Peter Maydell <peter.maydell@linaro.org> Signed-off-by: Andreas Färber <afaerber@suse.de>
2013-11-05arm11mpcore: Fix typo in MemoryRegion nameAndreas Färber
"mpcode" -> "mpcore" Reviewed-by: Peter Maydell <peter.maydell@linaro.org> Signed-off-by: Andreas Färber <afaerber@suse.de>
2013-11-05a9scu: Build only onceAndreas Färber
It does not have a target or ARMCPU dependency. Reviewed-by: Peter Maydell <peter.maydell@linaro.org> Signed-off-by: Andreas Färber <afaerber@suse.de>
2013-11-05a15mpcore: Prepare for QOM embeddingAndreas Färber
Reviewed-by: Peter Maydell <peter.maydell@linaro.org> Signed-off-by: Andreas Färber <andreas.faerber@web.de>
2013-11-05a15mpcore: Convert to QOM realizeAndreas Färber
Turn SysBusDevice initfn into a QOM realizefn. Reviewed-by: Peter Maydell <peter.maydell@linaro.org> Signed-off-by: Andreas Färber <andreas.faerber@web.de>
2013-11-05a15mpcore: Embed GICStateAndreas Färber
This covers both emulated and KVM GIC. Prepares for QOM realize. Reviewed-by: Peter Maydell <peter.maydell@linaro.org> Signed-off-by: Andreas Färber <andreas.faerber@web.de>
2013-11-05a15mpcore: Split off instance_initAndreas Färber
Prepares for QOM realize. Reviewed-by: Peter Maydell <peter.maydell@linaro.org> Signed-off-by: Andreas Färber <andreas.faerber@web.de>
2013-11-05a9mpcore: Prepare for QOM embeddingAndreas Färber
Reviewed-by: Peter Maydell <peter.maydell@linaro.org> Signed-off-by: Andreas Färber <andreas.faerber@web.de>
2013-11-05a9mpcore: Convert to QOM realizeAndreas Färber
Reviewed-by: Peter Maydell <peter.maydell@linaro.org> Signed-off-by: Andreas Färber <andreas.faerber@web.de>
2013-11-05a9mpcore: Embed ARMMPTimerStateAndreas Färber
Prepares for QOM realize. Reviewed-by: Peter Maydell <peter.maydell@linaro.org> Signed-off-by: Andreas Färber <andreas.faerber@web.de>