aboutsummaryrefslogtreecommitdiff
AgeCommit message (Collapse)Author
2012-11-27rtc: Only call rtc_set_cmos when Register B SET flag is disabled.Alex Horn
This bug occurs when the SET flag of Register B is enabled. When an RTC data register (i.e. any of the ten time/calender CMOS bytes) is set, the data is (as expected) correctly stored in the cmos_data array. However, since the SET flag is enabled, the function rtc_set_time is not invoked. As a result, the field base_rtc in RTCState remains uninitialized. This causes a problem on subsequent writes which can end up overwriting data. To see this, consider writing data to Register A after having written data to any of the RTC data registers; the following figure illustrates the call stack for the Register A write operation: +- cmos_io_port_write +-- check_update_timer +---- get_next_alarm +------ rtc_update_time In rtc_update_time, get_guest_rtc calculates the wrong time and overwrites the previously written RTC data register values. Signed-off-by: Alex Horn <alex.horn@cs.ox.ac.uk> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com> Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2012-11-27virtio-rng: do not use g_assert_cmpintPaolo Bonzini
g_assert_cmpint is not available on glib 2.12, which is the minimum version required to build QEMU (we only require 2.16 to run tests, since that is the first version including GTester). Do not use it in hardware models, use a normal assertion instead. This fixes the buildbot failure for default_x86_64_rhel5. Signed-off-by: Paolo Bonzini <pbonzini@redhat.com> Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2012-11-27tests: make threadpool cancellation test looserPaolo Bonzini
The cancellation test is failing on the buildbots. While the failure merits a little more investigation to understand what is going on, the logs show that the failure is not impacting the coverage provided by the test. Hence, loosen a bit the assertions in a way that should let the test proceed and hopefully pass. Signed-off-by: Paolo Bonzini <pbonzini@redhat.com> Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2012-11-26Update version for 1.3.0-rc1v1.3.0-rc1Anthony Liguori
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2012-11-26virtio-rng: fix typos, commentsAmit Shah
Fix typos, whitespace and update comments to match current implementation. Signed-off-by: Amit Shah <amit.shah@redhat.com> Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2012-11-26virtio-rng: disable timer on device removalAmit Shah
Disable the rate-limit timer on device remove (e.g. hot-unplug). Signed-off-by: Amit Shah <amit.shah@redhat.com> Reviewed-by: Anthony Liguori <aliguori@us.ibm.com> Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2012-11-26virtio-rng: remove extra request for entropyAmit Shah
If we got fewer bytes from the backend than requested, don't poke the backend for more bytes; the guest will ask for more (or if the guest has already asked for more, the backend knows about it via handle_input()). Signed-off-by: Amit Shah <amit.shah@redhat.com> Reviewed-by: Anthony Liguori <aliguori@us.ibm.com> Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2012-11-26virtio-rng: use virtqueue_get_avail_bytes, fix migrationAmit Shah
Popping an elem from the vq just to find out its length causes problems with save/load later on. Use the new virtqueue_get_avail_bytes() function instead, saves us the complexity in the migration code, as well as makes the migration endian-safe. Signed-off-by: Amit Shah <amit.shah@redhat.com> Reviewed-by: Anthony Liguori <aliguori@us.ibm.com> Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2012-11-26i8259: Fix PIC_COMMON() macroAndreas Färber
It used a wrong struct type name since its introduction in 8f04ee0882aec9fe91fb70f767edf5dacff59835 (isa: pic: convert to QEMU Object Model), apparently it is unused so far. Signed-off-by: Andreas Färber <afaerber@suse.de> Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2012-11-26qapi: handle visitor->type_size() in QapiDeallocVisitorStefan Hajnoczi
visit_type_size() requires either visitor->type_size() or visitor_uint64() to be implemented, otherwise a NULL function pointer is invoked. It is possible to trigger this crash as follows: $ qemu-system-x86_64 -netdev tap,sndbuf=0,id=netdev0 \ -device virtio-blk-pci,netdev=netdev0 The 'sndbuf' option has type "size". Reviewed-by: Andreas Färber <afaerber@suse.de> Reviewed-by: Michael Roth <mdroth@linux.vnet.ibm.com> Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com> Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2012-11-26target-i386: cpu: add missing flags to Haswell CPU modelEduardo Habkost
When adding the Haswell CPU model, I intended to make it a superset of the features present on the SandyBridge model, but I have removed the SEP and RDTSCP features from the feature list by mistake. This patch adds the missing SEP and RDTSCP features (that are present on SandyBridge) to Haswell. Reported-by: Martin Kletzander <mkletzan@redhat.com> Acked-by: Andreas Färber <afaerber@suse.de> Signed-off-by: Eduardo Habkost <ehabkost@redhat.com> Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2012-11-26vl.c: Fix broken -usb optionPeter Maydell
Commit 094b287f0b accidentally broke the "-usb" command line option, so it would have no effect if the user had not specified any machine options at that point. (the return value from 'qemu_opts_find(qemu_find_opts("machine"), 0);' is NULL if there are no user specified options, so it is only to be used for looking up an option, not when trying to set one.) Similarly, would '-usbdevice' no longer cause USB to default to enabled. Fix this regression by using the same style of code for forcing the usb=on machine option that we use for other aliases such as '-enable-kvm'. Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2012-11-26qom: make object_finalize staticPaolo Bonzini
It is not used anymore, and there is no need to make it public. Signed-off-by: Paolo Bonzini <pbonzini@redhat.com> Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2012-11-26qdev: simplify (de)allocation of busesPaolo Bonzini
All conditional deallocation can now be done with object_delete. Remove the @qom_allocated and @glib_allocated fields; replace the latter with a direct assignment of the @free function pointer. Signed-off-by: Paolo Bonzini <pbonzini@redhat.com> Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2012-11-26qom: make object_delete usable for statically-allocated objectsPaolo Bonzini
Store in the object the freeing function that will be used at deletion time. This makes it possible to use object_delete on statically-allocated (embedded) objects. Dually, it makes it possible to use object_unparent and object_unref without leaking memory, when the lifetime of object might extend until after the call to object_delete. Reviewed-by: Andreas Färber <afaerber@suse.de> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com> Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2012-11-26qdev: move bus removal to object_unparentPaolo Bonzini
Add an ObjectClass method that is done at object_unparent time. It should remove any backlinks to the object in the composition tree, so that object_delete will be able to drop the last reference and free the object. Use it for qdev buses. Reviewed-by: Andreas Färber <afaerber@suse.de> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com> Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2012-11-26qom: fix refcount of non-heap-allocated objectsPaolo Bonzini
The reference count for embedded objects is always one too low, because object_initialize_with_type returns with zero references to the object. This causes premature finalization of the object (or an assertion failure) after calling object_ref to add an extra reference and object_unref to remove it. The fix is to move the initial object_ref call from object_new_with_type to object_initialize_with_type. Acked-by: Andreas Färber <afaerber@suse.de> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com> Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2012-11-26hmp: do not crash on invalid SCSI hotplugPaolo Bonzini
Commit 0d93692 (qdev: Convert busses to QEMU Object Model, 2012-05-02) removed a check on the type of the bus where a SCSI disk is hotplugged. However, hot-plugging to the wrong kind of device now causes a crash due to either a NULL pointer dereference (avoided by the previous patch) or a failed QOM cast. Instead, in this case we need to use object_dynamic_cast and check for the result, similar to what was done before that commit. Reported-by: Markus Armbruster <armbru@redhat.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com> Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2012-11-26qom: dynamic_cast of NULL is always NULLPaolo Bonzini
Trying to cast a NULL value will cause a crash. Returning NULL is also sensible, and it is also what the type-unsafe DO_UPCAST macro does. Reported-by: Markus Armbruster <armbru@redhat.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com> Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2012-11-26tests: add thread pool unit testsPaolo Bonzini
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com> Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2012-11-26tests: add AioContext unit testsPaolo Bonzini
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com> Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2012-11-26aio: avoid livelock behavior for Win32Paolo Bonzini
The repeated calls to WaitForMultipleObjects may cause a livelock in aio_poll, where no progress is made on bottom halves. This patch matches the behavior of the POSIX code. Signed-off-by: Paolo Bonzini <pbonzini@redhat.com> Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2012-11-26q35: Add kvmclock supportJan Kiszka
Reviewed-by: Paolo Bonzini <pbonzini@redhat.com> Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com> Signed-off-by: Jason Baron <jbaron@redhat.com> Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2012-11-26q35: Fix non-PCI IRQ processing in ich9_lpc_update_apicJan Kiszka
Avoid passing a non-PCI IRQ to ich9_gsi_to_pirq. It's wrong and triggers an assertion. Reviewed-by: Paolo Bonzini <pbonzini@redhat.com> Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com> Signed-off-by: Jason Baron <jbaron@redhat.com> Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2012-11-26q35: Suppress SMM BIOS initialization under KVMJan Kiszka
Same as for i44fx: KVM does not support SMM yet. Signal it initialized to Seabios to avoid failures. Reviewed-by: Paolo Bonzini <pbonzini@redhat.com> Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com> Signed-off-by: Jason Baron <jbaron@redhat.com> Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2012-11-26ich9: Add i82801b11 dmi-to-pci bridgeJason Baron
Add the dmi-to-pci i82801b11 bridge chip. This is the pci bridge chip that q35 uses on its host bus for PCI bus arbitration. Signed-off-by: Isaku Yamahata <yamahata@valinux.co.jp> Signed-off-by: Jason Baron <jbaron@redhat.com> Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2012-11-26q35: Introduce q35 pc based chipset emulatorIsaku Yamahata
pc q35 based chipset emulator to support pci express natively. Based on Anthony Liguori's suggestion, the machine name is 'q35-next', with an alias of 'q35'. At this point, there are no compatibility guarantees. When the chipset stabilizes more, we will begin to version the machine names. Major features which still need to be added: -Migration support (mostly around ahci) -ACPI hotplug support (pcie hotplug support is working) -Passthrough support Signed-off-by: Isaku Yamahata <yamahata@valinux.co.jp> Signed-off-by: Jason Baron <jbaron@redhat.com> Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2012-11-26ich9: Add smbusJason Baron
Add support for the ich9 smbus chip. Signed-off-by: Isaku Yamahata <yamahata@valinux.co.jp> Signed-off-by: Jason Baron <jbaron@redhat.com> Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2012-11-26ich9: Add the lpc chipJason Baron
Add support for the ICH9 LPC chip. Signed-off-by: Isaku Yamahata <yamahata@valinux.co.jp> Signed-off-by: Jason Baron <jbaron@redhat.com> Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2012-11-26ich9: Add acpi support and definitionsJason Baron
Lay the groundwork for subsequent ich9 support. Signed-off-by: Isaku Yamahata <yamahata@valinux.co.jp> Signed-off-by: Jason Baron <jbaron@redhat.com> Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2012-11-26pc/piix_pci: factor out smram/pam logicIsaku Yamahata
Factor out smram/pam logic for use by other chipsets, namely q35 at this point. Note: Should be factored out into a generic North Bridge Class. [jbaron@redhat.com: changes for updated memory API] Signed-off-by: Isaku Yamahata <yamahata@valinux.co.jp> Signed-off-by: Jason Baron <jbaron@redhat.com> Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2012-11-26pc_piix: Move kvm irq routing functions out of pc_piix.cJason Baron
Rename: kvm_piix3_gsi_handlei() -> kvm_pc_gsi_handler() kvm_piix3_setup_irq_routing() -> kvm_pc_setup_irq_routing() This is in preparation for other users, namely q35 at this time. Signed-off-by: Jason Baron <jbaron@redhat.com> Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2012-11-26pc: Move ioapic_init() from pc_piix.c to pc.cJason Baron
Move ioapic_init() from pc_piix.c to pc.c, to make it a common function. Rename ioapic_init() -> ioapic_init_gsi(). Move to pc.h so q35 can use them as well. Reviewed-by: Paolo Bonzini <pbonzini@redhat.com> Signed-off-by: Jason Baron <jbaron@redhat.com> Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2012-11-26pc, pc_piix: split out pc nic initializationIsaku Yamahata
Factor out pc nic initialization. This simplifies the pc initialization and will reduce the code duplication of q35 pc initialization. Reviewed-by: Paolo Bonzini <pbonzini@redhat.com> Reviewed-by: Anthony Liguori <aliguori@us.ibm.com> Signed-off-by: Isaku Yamahata <yamahata@valinux.co.jp> Signed-off-by: Jason Baron <jbaron@redhat.com> Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2012-11-26Merge remote-tracking branch 'qemu-kvm/uq/master' into stagingAnthony Liguori
* qemu-kvm/uq/master: Legacy qemu-kvm options have no argument Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2012-11-26Merge remote-tracking branch 'kraxel/usb.72' into stagingAnthony Liguori
* kraxel/usb.72: usb-redir: Don't handle interrupt output packets async usb-redir: Split usb_handle_interrupt_data into separate in/out functions usb-smartcard-reader: Properly NAK interrupt eps when we've no events usb-bt: Return NAK instead of STALL when interrupt ep has no data uhci: Fix double unlink uhci: Don't allow the guest to set port-enabled when there is no dev connected uhci: Add a completions_only flag for async completions Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2012-11-26Merge remote-tracking branch 'spice/spice.v64' into stagingAnthony Liguori
* spice/spice.v64: spice: add new spice-server callbacks to ui/spice-display.c Fix the inconsistency in x509-dh-key-file parameter Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2012-11-26Merge remote-tracking branch 'stefanha/block' into stagingAnthony Liguori
* stefanha/block: ide: Fix status register after short PRDs ide: Fix crash with too long PRD use int64_t for return values from rbd instead of int vdi: don't override libuuid symbols block: add bdrv_reopen() support for raw hdev, floppy, and cdrom Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2012-11-26Merge remote-tracking branch 'stefanha/net' into stagingAnthony Liguori
* stefanha/net: tap: reset vnet header size on open Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2012-11-26vnc: fix option misspelling ("non-adapative" -> "non-adaptive")Catalin Patulea
Signed-off-by: Catalin Patulea <catalinp@google.com> Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2012-11-24chardev: Use real-time clock for open timerJan Kiszka
The vm clock may be stopped, and then we won't get open events anymore. Seen with QMP sessions. Reported-by: Dietmar Maurer <dietmar@proxmox.com> Tested-by: Luiz Capitulino <lcapitulino@redhat.com> Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com> Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
2012-11-24Build system fix distclean error for pixmanWenchao Xia
Currently Makefile test if pixman have configure log, but the script directly return error if that file do not exist. This patch fix it. Signed-off-by: Wenchao Xia <xiawenc@linux.vnet.ibm.com> Reviewed-by: Peter Maydell <peter.maydell@linaro.org> Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com> Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
2012-11-24block: Fix regression for MinGW (assertion caused by short string)Stefan Weil
The local string tmp_filename is passed to function get_tmp_filename which expects a string with minimum size MAX_PATH for w32 hosts. MAX_PATH is 260 and PATH_MAX is 259, so tmp_filename was too short. Commit eba25057b9a5e19d10ace2bc7716667a31297169 introduced this regression. Signed-off-by: Stefan Weil <sw@weilnetz.de> Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com> Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
2012-11-24tci: Fix type of tci_read_labelRichard Henderson
Fixes the pointer truncation that was occurring for branches. Cc: Stefan Weil <sw@weilnetz.de> Cc: Blue Swirl <blauwirbel@gmail.com> Signed-off-by: Richard Henderson <rth@twiddle.net> Reviewed-by: Stefan Weil <sw@weilnetz.de> Tested-by: Stefan Weil <sw@weilnetz.de> Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
2012-11-24target-mips: remove POOL48A from the microMIPS decodingAurelien Jarno
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
2012-11-24tcg: mark local temps as MEM in dead_temp()Aurelien Jarno
In dead_temp, local temps should always be marked as back to memory, even if they have not been allocated (i.e. they are discared before cross a basic block). It fixes the following assertion in target-xtensa: qemu-system-xtensa: tcg/tcg.c:1665: temp_save: Assertion `s->temps[temp].val_type == 2 || s->temps[temp].fixed_reg' failed. Aborted Reported-by: Max Filippov <jcmvbkbc@gmail.com> Tested-by: Max Filippov <jcmvbkbc@gmail.com> Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
2012-11-24target-mips: Clean up microMIPS32 major opcode陳韋任 (Wei-Ren Chen)
I check MIPS microMIPS manual [1], and found the major opcode might be wrong. I add a comment to explicitly indicate what manual I am refering to, and according that manual I remove microMIPS32 major opcodes 0x1f. As for others, like 0x16, 0x17, 0x36 and 0x37, they are for higher-order MIPS ISA level or new revision of this microMIPS architecture. Quote from Johnson, they are belong MIPS64 [2]. [1] http://www.mips.com/products/architectures/micromips/#specifications MIPS Architecture for Programmers Volume II-B: The microMIPS32 Instruction Set (Revision 3.05) MD00582-2B-microMIPS-AFP-03.05.pdf [2] http://www.mips.com/products/architectures/mips64/ MIPS Architecture For Programmers Volume II-A: The MIPS64 Instruction Set MD00087-2B-MIPS64BIS-AFP-03.51.pdf Signed-off-by: Chen Wei-Ren <chenwj@iis.sinica.edu.tw> Reviewed-by: Eric Johnson <ericj@mips.com> Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
2012-11-24target-mips: Add comments on POOL32Axf encoding陳韋任 (Wei-Ren Chen)
Current QEMU MIPS POOL32AXF encoding comes from microMIPS32 and microMIPS32 DSP. Add comment here to help reading. Signed-off-by: Chen Wei-Ren <chenwj@iis.sinica.edu.tw> Reviewed-by: Eric Johnson <ericj@mips.com> Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
2012-11-24target-openrisc: remove conflicting definitions from cpu.hAurelien Jarno
On an ARM host, the registers definitions from cpu.h clash with /usr/include/sys/ucontext.h. As there are unused, just remove them. Cc: Jia Liu <proljc@gmail.com> Cc: qemu-stable@nongnu.org Reviewed-by: Peter Maydell <peter.maydell@linaro.org> Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
2012-11-24tcg/arm: fix cross-endian qemu_st16Aurelien Jarno
The bswap16 TCG opcode assumes that the high bytes of the temp equal to 0 before calling it. The ARM backend implementation takes this assumption to slightly optimize the generated code. The same implementation is called for implementing the cross-endian qemu_st16 opcode, where this assumption is not true anymore. One way to fix that would be to zero the high bytes before calling it. Given the store instruction just ignore them, it is possible to provide a slightly more optimized version. With ARMv6+ the rev16 instruction does the work correctly. For lower ARM versions the patch provides a version which behaves correctly with non-zero high bytes, but fill them with junk. Cc: Andrzej Zaborowski <balrogg@gmail.com> Cc: Peter Maydell <peter.maydell@linaro.org> Cc: qemu-stable@nongnu.org Reviewed-by: Peter Maydell <peter.maydell@linaro.org> Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>