aboutsummaryrefslogtreecommitdiff
AgeCommit message (Collapse)Author
2016-10-24exec: split cpu_exec_init()Laurent Vivier
Put in cpu_exec_initfn() what initializes the CPU, and leave in cpu_exec_init() what adds it to the environment. As cpu_exec_initfn() is called by all XX_cpu_initfn(), call it directly in cpu_common_initfn(). cpu_exec_init() is now a realize function, it will be renamed to cpu_exec_realizefn() and moved to the XX_cpu_realizefn() function in a following patch. Signed-off-by: Laurent Vivier <lvivier@redhat.com> Reviewed-by: David Gibson <david@gibson.dropbear.id.au> Reviewed-by: Igor Mammedov <imammedo@redhat.com> Reviewed-by: Eduardo Habkost <ehabkost@redhat.com> Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
2016-10-24pc: q35: Bump max_cpus to 288Igor Mammedov
Along with it for machine versions 2.7 and older keep it at 255. Signed-off-by: Igor Mammedov <imammedo@redhat.com> Reviewed-by: Radim Krčmář <rkrcmar@redhat.com> Reviewed-by: Eduardo Habkost <ehabkost@redhat.com> Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
2016-10-24pc: Require IRQ remapping and EIM if there could be x2APIC CPUsIgor Mammedov
It would prevent starting guest with incorrect configs where interrupts couldn't be delivered to CPUs with APIC IDs > 255. Signed-off-by: Igor Mammedov <imammedo@redhat.com> Reviewed-by: Radim Krčmář <rkrcmar@redhat.com> Reviewed-by: Eduardo Habkost <ehabkost@redhat.com> Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
2016-10-24pc: Add 'etc/boot-cpus' fw_cfg file for machine with more than 255 CPUsIgor Mammedov
Currently firmware uses 1 byte at 0x5F offset in RTC CMOS to get number of CPUs present at boot. However 1 byte is not enough to handle more than 255 CPUs. So add a new fw_cfg file that would allow QEMU to tell it. For compat reasons add file only for machine types that support more than 255 CPUs. Signed-off-by: Igor Mammedov <imammedo@redhat.com> Reviewed-by: Eduardo Habkost <ehabkost@redhat.com> Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
2016-10-24Increase MAX_CPUMASK_BITS from 255 to 288Igor Mammedov
so that it would be possible to increase maxcpus limit for x86 target. Keep spapr/virt_arm at limit they used to have 255. Signed-off-by: Igor Mammedov <imammedo@redhat.com> Reviewed-by: Andrew Jones <drjones@redhat.com> Reviewed-by: Eduardo Habkost <ehabkost@redhat.com> Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
2016-10-24pc: Clarify FW_CFG_MAX_CPUS usage commentIgor Mammedov
Signed-off-by: Igor Mammedov <imammedo@redhat.com> Reviewed-by: Eduardo Habkost <ehabkost@redhat.com> Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
2016-10-24pc: kvm_apic: Pass APIC ID depending on xAPIC/x2APIC modeIgor Mammedov
Signed-off-by: Igor Mammedov <imammedo@redhat.com> Reviewed-by: Radim Krčmář <rkrcmar@redhat.com> Reviewed-by: Eduardo Habkost <ehabkost@redhat.com> Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
2016-10-24pc: apic_common: Reset APIC ID to initial ID when switching into x2APIC modeIgor Mammedov
SDM: x2APIC State Transitions: State Changes From xAPIC Mode to x2APIC Mode " Any APIC ID value written to the memory-mapped local APIC ID register is not preserved " Signed-off-by: Igor Mammedov <imammedo@redhat.com> Reviewed-by: Radim Krčmář <rkrcmar@redhat.com> Reviewed-by: Eduardo Habkost <ehabkost@redhat.com> Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
2016-10-24pc: apic_common: Restore APIC ID to initial ID on resetIgor Mammedov
APIC ID should be restored to initial APIC ID state after Reset and Power-On. Signed-off-by: Igor Mammedov <imammedo@redhat.com> Reviewed-by: Eduardo Habkost <ehabkost@redhat.com> Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
2016-10-24pc: apic_common: Extend APIC ID property to 32bitIgor Mammedov
ACPI ID is 32 bit wide on CPUs with x2APIC support. Extend 'id' property to support it. Signed-off-by: Igor Mammedov <imammedo@redhat.com> Reviewed-by: Eduardo Habkost <ehabkost@redhat.com> Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
2016-10-24pc: Leave max apic_id_limit only in legacy cpu hotplug codeIgor Mammedov
That's enough to make old code that depends on it to prevent QEMU starting with more than 255 CPUs. Signed-off-by: Igor Mammedov <imammedo@redhat.com> Reviewed-by: Eduardo Habkost <ehabkost@redhat.com> Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
2016-10-24acpi: cphp: Force switch to modern cpu hotplug if APIC ID > 254Igor Mammedov
Switch to modern cpu hotplug at machine startup time if a cpu present at boot has apic-id in range unsupported by legacy cpu hotplug interface (i.e. > 254), to avoid killing QEMU from legacy cpu hotplug code with error: "acpi: invalid cpu id: #apic-id#" Signed-off-by: Igor Mammedov <imammedo@redhat.com> Reviewed-by: Eduardo Habkost <ehabkost@redhat.com> Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
2016-10-24pc: acpi: x2APIC support for SRAT tableIgor Mammedov
Signed-off-by: Igor Mammedov <imammedo@redhat.com> Reviewed-by: Eduardo Habkost <ehabkost@redhat.com> Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
2016-10-24pc: acpi: x2APIC support for MADT table and _MAT methodIgor Mammedov
Signed-off-by: Igor Mammedov <imammedo@redhat.com> Reviewed-by: Eduardo Habkost <ehabkost@redhat.com> Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
2016-10-24Merge remote-tracking branch 'remotes/bonzini/tags/for-upstream' into stagingPeter Maydell
* KVM run_on_cpu fix (Alex) * atomic usage fixes (Emilio, me) * hugetlbfs alignment fix (Haozhong) * CharBackend refactoring (Marc-André) * test-i386 fixes (me) * MemoryListener optimizations (me) * Miscellaneous bugfixes (me) * iSER support (Roy) * --version formatting (Thomas) # gpg: Signature made Mon 24 Oct 2016 14:46:19 BST # gpg: using RSA key 0xBFFBD25F78C7AE83 # gpg: Good signature from "Paolo Bonzini <bonzini@gnu.org>" # gpg: aka "Paolo Bonzini <pbonzini@redhat.com>" # Primary key fingerprint: 46F5 9FBD 57D6 12E7 BFD4 E2F7 7E15 100C CD36 69B1 # Subkey fingerprint: F133 3857 4B66 2389 866C 7682 BFFB D25F 78C7 AE83 * remotes/bonzini/tags/for-upstream: (50 commits) exec.c: workaround regression caused by alignment change in d2f39ad char: remove explicit_be_open from CharDriverState char: use common error path in qmp_chardev_add char: replace avail_connections char: remove unused qemu_chr_fe_event char: use an enum for CHR_EVENT char: remove unused CHR_EVENT_FOCUS char: move fe_open in CharBackend char: remove explicit_fe_open, use a set_handlers argument char: rename chr_close/chr_free char: move front end handlers in CharBackend tests: start chardev unit tests char: make some qemu_chr_fe skip if no driver char: replace qemu_chr_claim/release with qemu_chr_fe_init/deinit vhost-user: only initialize queue 0 CharBackend char: fold qemu_chr_set_handlers in qemu_chr_fe_set_handlers char: use qemu_chr_fe* functions with CharBackend argument colo: claim in find_and_check_chardev char: rename some frontend functions char: remaining switch to CharBackend in frontend ... Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2016-10-24exec.c: workaround regression caused by alignment change in d2f39adHaozhong Zhang
Commit d2f39ad "exec.c: Ensure right alignment also for file backed ram" added an additional alignment requirement on the size of backend file besides the previous page size. On x86, the alignment is changed from 4KB in QEMU 2.6 to 2MB in QEMU 2.7. This change breaks certain usages in QEMU 2.7 on x86, e.g. -object memory-backend-file,id=mem1,mem-path=/tmp/,size=$SZ -device pc-dimm,id=dimm1,memdev=mem1 where $SZ is multiple of 4KB but not 2MB (e.g. 1023M). QEMU 2.7 reports the following error message and aborts: qemu-system-x86_64: -device pc-dimm,memdev=mem1,id=nv1: backend memory size must be multiple of 0x200000 The same regression may also happen in other platforms as indicated by Igor Mammedov. This change is however necessary for s390 according to the commit message of d2f39ad, so we workaround the regression by taking the change only on s390. Signed-off-by: Haozhong Zhang <haozhong.zhang@intel.com> Reported-by: "Xu, Anthony" <anthony.xu@intel.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2016-10-24char: remove explicit_be_open from CharDriverStateMarc-André Lureau
It's only used in qmp_chardev_add(), so use a create() argument instead. Also switched to typedef functions for CharDriverParse/CharDriverCreate. Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com> Message-Id: <20161022100951.19562-7-marcandre.lureau@redhat.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2016-10-24char: use common error path in qmp_chardev_addMarc-André Lureau
Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com> Message-Id: <20161022100951.19562-6-marcandre.lureau@redhat.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2016-10-24char: replace avail_connectionsMarc-André Lureau
No need to count the users of a CharDriverState, it can rely on the fact of whether there is a CharBackend associated or if there is enough space in the muxer. Simplify and fold chr_mux_new_fe() in qemu_chr_fe_init() since there is a single user now. Also switch from fprintf to raising error instead. Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com> Message-Id: <20161022100951.19562-5-marcandre.lureau@redhat.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2016-10-24char: remove unused qemu_chr_fe_eventMarc-André Lureau
I introduced this function in d61b0c9a2f7f, but it isn't used. Furthermore, it was incomplete, as it would need to translate QEMU chr events to Spice port events. (presumably it was used in the follow-up NBD-spice series that was not completed: http://lists.gnu.org/archive/html/qemu-devel/2013-11/msg02024.html) Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com> Message-Id: <20161022100951.19562-4-marcandre.lureau@redhat.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2016-10-24char: use an enum for CHR_EVENTMarc-André Lureau
This may help to catch unhandled cases, and avoid having to maintain numbering. Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com> Message-Id: <20161022100951.19562-3-marcandre.lureau@redhat.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2016-10-24char: remove unused CHR_EVENT_FOCUSMarc-André Lureau
Usage has long been removed, since commit f220174de8d9. Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com> Message-Id: <20161022100951.19562-2-marcandre.lureau@redhat.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2016-10-24char: move fe_open in CharBackendMarc-André Lureau
The fe_open state belongs to front end. Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com> Message-Id: <20161022100951.19562-1-marcandre.lureau@redhat.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2016-10-24char: remove explicit_fe_open, use a set_handlers argumentMarc-André Lureau
No need to keep explicit_fe_open around if it affects only a qemu_chr_fe_set_handlers(). Use an additional argument instead. Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com> Message-Id: <20161022095318.17775-24-marcandre.lureau@redhat.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2016-10-24char: rename chr_close/chr_freeMarc-André Lureau
The function is used to free the backend opaque pointer, let's name it accordingly. Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com> Message-Id: <20161022095318.17775-23-marcandre.lureau@redhat.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2016-10-24char: move front end handlers in CharBackendMarc-André Lureau
Since the hanlders are associated with a CharBackend, rather than the CharDriverState, it is more appropriate to store in CharBackend. This avoids the handler copy dance in qemu_chr_fe_set_handlers() then mux_chr_update_read_handler(), by storing the CharBackend pointer directly. Also a mux CharDriver should go through mux->backends[focused], since chr->be will stay NULL. Before that, it was possible to call chr->handler by mistake with surprising results, for ex through qemu_chr_be_can_write(), which would result in calling the last set handler front end, not the one with focus. Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com> Message-Id: <20161022095318.17775-22-marcandre.lureau@redhat.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2016-10-24tests: start chardev unit testsMarc-André Lureau
Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com> Message-Id: <20161022095318.17775-21-marcandre.lureau@redhat.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2016-10-24char: make some qemu_chr_fe skip if no driverMarc-André Lureau
In most cases, front ends do not care about the side effect of CharBackend, so we can simply skip the checks and call the qemu_chr_fe functions even without associated CharDriver. Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com> Message-Id: <20161022095318.17775-20-marcandre.lureau@redhat.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2016-10-24char: replace qemu_chr_claim/release with qemu_chr_fe_init/deinitMarc-André Lureau
Now that all front end use qemu_chr_fe_init(), we can move chardev claiming in init(), and add a function deinit() to release the chardev and cleanup handlers. The qemu_chr_fe_claim_no_fail() for property are gone, since the property will raise an error instead. In other cases, where there is already an error path, an error is raised instead. Finally, other cases are handled by &error_abort in qemu_chr_fe_init(). Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com> Message-Id: <20161022095318.17775-19-marcandre.lureau@redhat.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2016-10-24vhost-user: only initialize queue 0 CharBackendMarc-André Lureau
All the queues share the same chardev. Initialize only the first queue CharBackend, and pass it to other queues. This will allow to claim the chardev only once in a later change. Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com> Message-Id: <20161022095318.17775-18-marcandre.lureau@redhat.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2016-10-24char: fold qemu_chr_set_handlers in qemu_chr_fe_set_handlersMarc-André Lureau
qemu_chr_add_handlers*() have been removed in previous change, so the common qemu_chr_set_handlers() is no longer needed. Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com> Message-Id: <20161022095318.17775-17-marcandre.lureau@redhat.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2016-10-24char: use qemu_chr_fe* functions with CharBackend argumentMarc-André Lureau
This also switches from qemu_chr_add_handlers() to qemu_chr_fe_set_handlers(). Note that qemu_chr_fe_set_handlers() now takes the focus when fe_open (qemu_chr_add_handlers() did take the focus) Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com> Message-Id: <20161022095318.17775-16-marcandre.lureau@redhat.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2016-10-24colo: claim in find_and_check_chardevMarc-André Lureau
This factors out claiming of chardev, and changes the call to non-fatal to return an error like the rest of the chardev checks. Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com> Message-Id: <20161022095318.17775-15-marcandre.lureau@redhat.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2016-10-24char: rename some frontend functionsMarc-André Lureau
qemu_chr_accept_input() and qemu_chr_disconnect() are only used by frontend, so use qemu_chr_fe prefix. Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com> Message-Id: <20161022095318.17775-14-marcandre.lureau@redhat.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2016-10-24char: remaining switch to CharBackend in frontendMarc-André Lureau
Similar to previous change, for the remaining CharDriverState front ends users. Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com> Message-Id: <20161022095318.17775-13-marcandre.lureau@redhat.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2016-10-24char: replace PROP_CHR with CharBackendMarc-André Lureau
Store the property in a CharBackend instead of CharDriverState*. This also replace systematically chr by chr.chr to access the CharDriverState*. The following patches will replace it with calls to qemu_chr_fe CharBackend functions. Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com> Message-Id: <20161022095318.17775-12-marcandre.lureau@redhat.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2016-10-24char: start converting mux driver to use CharBackendMarc-André Lureau
Start using qemu_chr_fe* CharBackend functions: initialize a CharBackend and use qemu_chr_fe_set_handlers(). Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com> Message-Id: <20161022095318.17775-11-marcandre.lureau@redhat.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2016-10-24char: introduce CharBackendMarc-André Lureau
This new structure is meant to keep the details associated with a char driver usage. On initialization, it gets a tag from the mux backend. It can change its handlers thanks to qemu_chr_fe_set_handlers(). This structure is introduced so that all frontend will be moved to hold and use a CharBackend. This will allow to better track char usage and allocation, and help prevent some memory leaks or corruption. Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com> Message-Id: <20161022095318.17775-10-marcandre.lureau@redhat.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2016-10-24mux: split mux_chr_update_read_handler()Marc-André Lureau
Make qemu_chr_add_handlers_full() aware of mux handling. This allows introduction of a tag associated with the fe handlers and a qemu_chr_set_handlers() function to set the handler for a particular tag. That will allow to get rid of qemu_chr_add_handlers*() in later changes, in favor of qemu_chr_fe_set_handler(). To this end, chr_update_read_handler callback is enhanced with a tag argument, and mux_chr_update_read_handler() is splitted in new functions: mux_chr_new_handler_tag(), mux_chr_set_handlers(), mux_set_focus(). Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com> Message-Id: <20161022095318.17775-9-marcandre.lureau@redhat.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2016-10-24xilinx: fix buffer overflow on realizePaolo Bonzini
ASAN complains about buffer overflow when running: aarch64-softmmu/qemu-system-aarch64 -machine xilinx-zynq-a9 ==476==ERROR: AddressSanitizer: heap-buffer-overflow on address 0x602000035e38 at pc 0x000000f75253 bp 0x7ffc597e0ec0 sp 0x7ffc597e0eb0 READ of size 8 at 0x602000035e38 thread T0 #0 0xf75252 in xilinx_spips_realize hw/ssi/xilinx_spips.c:623 #1 0xb9ef6c in device_set_realized hw/core/qdev.c:918 #2 0x129ae01 in property_set_bool qom/object.c:1854 #3 0x1296e70 in object_property_set qom/object.c:1088 #4 0x129dd1b in object_property_set_qobject qom/qom-qobject.c:27 #5 0x1297168 in object_property_set_bool qom/object.c:1157 #6 0xb9aeac in qdev_init_nofail hw/core/qdev.c:358 #7 0x78a5bf in zynq_init_spi_flashes /home/elmarco/src/qemu/hw/arm/xilinx_zynq.c:125 #8 0x78af60 in zynq_init /home/elmarco/src/qemu/hw/arm/xilinx_zynq.c:238 #9 0x998eac in main /home/elmarco/src/qemu/vl.c:4534 #10 0x7f96ed692730 in __libc_start_main (/lib64/libc.so.6+0x20730) #11 0x41d0a8 in _start (/home/elmarco/src/qemu/aarch64-softmmu/qemu-system-aarch64+0x41d0a8) 0x602000035e38 is located 0 bytes to the right of 8-byte region [0x602000035e30,0x602000035e38) allocated by thread T0 here: #0 0x7f970b014e60 in malloc (/lib64/libasan.so.3+0xc6e60) #1 0x7f96f15b0e18 in g_malloc (/lib64/libglib-2.0.so.0+0x4ee18) #2 0xb9ef6c in device_set_realized hw/core/qdev.c:918 #3 0x129ae01 in property_set_bool qom/object.c:1854 #4 0x1296e70 in object_property_set qom/object.c:1088 #5 0x129dd1b in object_property_set_qobject qom/qom-qobject.c:27 #6 0x1297168 in object_property_set_bool qom/object.c:1157 #7 0xb9aeac in qdev_init_nofail hw/core/qdev.c:358 #8 0x78a5bf in zynq_init_spi_flashes /home/elmarco/src/qemu/hw/arm/xilinx_zynq.c:125 #9 0x78af60 in zynq_init /home/elmarco/src/qemu/hw/arm/xilinx_zynq.c:238 #10 0x998eac in main /home/elmarco/src/qemu/vl.c:4534 #11 0x7f96ed692730 in __libc_start_main (/lib64/libc.so.6+0x20730) s->spi is allocated with the size of num_busses which may be 1 (by default). Change to use a loop up to s->num_busses also for the call to ssi_auto_connect_slaves(). Reported-by: Marc-André Lureau <marcandre.lureau@redhat.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2016-10-24char: remove init callbackMarc-André Lureau
The CharDriverState.init() callback is no longer set since commit a61ae7f88ce and thus unused. The only user, the malta FGPA display has been converted to use an event "opened" callback instead. Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com> Message-Id: <20161022095318.17775-7-marcandre.lureau@redhat.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2016-10-24malta: replace chr init by CHR_EVENT_OPENED handlerMarc-André Lureau
The CharDriverState.init() callback was introduced in commit ceecf1d158. It is only called from text_console_do_init(), but it is no longer set since commit a61ae7f88 (init assignment has been removed by accident). It seems correct to use an event callback instead and print the console text on CHR_EVENT_OPENED. That way we can remove the single user of CharDriverState init(). Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com> Message-Id: <20161022095318.17775-6-marcandre.lureau@redhat.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2016-10-24sun4uv: fix serial initialization regressionMarc-André Lureau
Since commit b6607a1a204d, serial_hds_isa_init() was introduced to factor out serial_isa_init() loops. However, sun4uv shouldn't start from 0 when there is a mm serial on 0 already. Add a "from" argument to serial_hds_isa_init(). Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com> Message-Id: <20161022095318.17775-5-marcandre.lureau@redhat.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2016-10-24ringbuf: fix chr_write return valueMarc-André Lureau
It should return the number of written bytes. Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com> Message-Id: <20161022095318.17775-4-marcandre.lureau@redhat.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2016-10-24char: remove use-after-free on win-stdioMarc-André Lureau
Found by reviewing the code, win_stdio_close() is called by qemu_chr_free() which then call qemu_chr_free_common() taking care of freeing CharDriverState*. Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com> Message-Id: <20161022095318.17775-3-marcandre.lureau@redhat.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2016-10-24rng: remove unused included headerMarc-André Lureau
DEFINE_PROP_CHR is not used (rng is not of TYPE_DEVICE) Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com> Message-Id: <20161022095318.17775-2-marcandre.lureau@redhat.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2016-10-24char.h: misc doc fixMarc-André Lureau
Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com> Message-Id: <20161011152012.3228-1-marcandre.lureau@redhat.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2016-10-24char: serial: check divider value against baud basePrasad J Pandit
16550A UART device uses an oscillator to generate frequencies (baud base), which decide communication speed. This speed could be changed by dividing it by a divider. If the divider is greater than the baud base, speed is set to zero, leading to a divide by zero error. Add check to avoid it. Reported-by: Huawei PSIRT <psirt@huawei.com> Signed-off-by: Prasad J Pandit <pjp@fedoraproject.org> Message-Id: <1476251888-20238-1-git-send-email-ppandit@redhat.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2016-10-24memory: optimize memory_region_sync_dirty_bitmapPaolo Bonzini
Avoid walking the FlatView of all address spaces. Most of the address spaces will have no log_sync callback on their listeners. Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2016-10-24memory: optimize memory_global_dirty_log_syncPaolo Bonzini
Only return a nonzero dirty_log_mask for RAM/ROM memory regions. Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>