| Age | Commit message (Collapse) | Author |
|---|
|
W10 insider has a bug where it ignores CPUID level and interprets
CPUID.(EAX=07H, ECX=0H) incorrectly, because CPUID in fact returned
CPUID.(EAX=04H, ECX=0H); this resulted in execution of unsupported
instructions.
While it's a Windows bug, there is no reason to emulate incorrect level.
I used http://instlatx64.atw.hu/ as a source of CPUID and checked that
it matches Penryn Xeon X5472, Westmere Xeon W3520, SandyBridge i5-2540M,
and Haswell i5-4670T.
kvm64 and qemu64 were bumped to 0xD to allow all available features for
them (and to avoid the same Windows bug).
Signed-off-by: Radim Krčmář <rkrcmar@redhat.com>
Reviewed-by: Eduardo Habkost <ehabkost@redhat.com>
Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
|
|
Now object_property_add_alias() calls g_strdup() on the target property
name, so we don't need to call g_strdup() ourselves.
Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
|
|
'remotes/pmaydell/tags/pull-target-arm-20150715' into staging
target arm queue:
* handle broken AArch64 kernels which assume DTB won't cross a 2MB boundary
* correct broken SCTLR_EL3 reset value
# gpg: Signature made Wed Jul 15 17:24:24 2015 BST using RSA key ID 14360CDE
# gpg: Good signature from "Peter Maydell <peter.maydell@linaro.org>"
* remotes/pmaydell/tags/pull-target-arm-20150715:
hw/arm/boot: Increase fdt alignment
target-arm: Fix broken SCTLR_EL3 reset
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
|
|
The Linux kernel on aarch64 creates a page table entry at early bootup
that spans the 2MB range on memory spanning the fdt start address:
[ ALIGN_DOWN(fdt, 2MB) ... ALIGN_DOWN(fdt, 2MB) + 2MB ]
This means that when our current 4k alignment happens to fall at the end
of the aligned region, Linux tries to access memory that is not mapped.
The easy fix is to instead increase the alignment to 2MB, making Linux's
logic always succeed.
We leave the existing 4k alignment for 32bit kernels to not cause any
regressions due to space constraints.
Reported-by: Andreas Schwab <schwab@suse.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
|
|
The SCTLR_EL3 cpreg definition was implicitly resetting the
register state to 0, which is both wrong and clashes with
the reset done via the SCTLR definition (since sctlr[3]
is unioned with sctlr_s). This went unnoticed until recently,
when an unrelated change (commit a903c449b41f105aa) happened to
perturb the order of enumeration through the cpregs hashtable for
reset such that the erroneous reset happened after the correct one
rather than before it. Fix this by marking SCTLR_EL3 as an alias,
so its reset is left up to the AArch32 view.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com>
|
|
'remotes/cody/tags/jtc-for-upstream-pull-request' into staging
# gpg: Signature made Wed Jul 15 03:25:16 2015 BST using RSA key ID C0DE3057
# gpg: Good signature from "Jeffrey Cody <jcody@redhat.com>"
# gpg: aka "Jeffrey Cody <jeff@codyprime.org>"
# gpg: aka "Jeffrey Cody <codyprime@gmail.com>"
# gpg: WARNING: This key is not certified with sufficiently trusted signatures!
# gpg: It is not certain that the signature belongs to the owner.
# Primary key fingerprint: 9957 4B4D 3474 90E7 9D98 D624 BDBE 7B27 C0DE 3057
* remotes/cody/tags/jtc-for-upstream-pull-request:
block/curl: Don't lose original error when a connection fails.
mirror: correct buf_size
block: keep bitmap if incremental backup job is cancelled
blockdev: no need to drain in qmp_block_commit
block/mirror: Sleep periodically during bitmap scanning
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
|
|
'remotes/juanquintela/tags/migration/20150715-1' into staging
migration/next for 20150715
# gpg: Signature made Wed Jul 15 11:23:33 2015 BST using RSA key ID 5872D723
# gpg: Good signature from "Juan Quintela <quintela@redhat.com>"
# gpg: aka "Juan Quintela <quintela@trasno.org>"
* remotes/juanquintela/tags/migration/20150715-1:
migration: We also want to store the global state for savevm
migration: reduce the count of strlen call
migration: Register global state section before loadvm
migration: Write documetation for events capabilites
migration: Trace event and migration event are different things
migration: Only change state after migration has finished
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
|
|
Commit df4b1024526cae3479da3492d6371fd4a7324a03 introduced global_state
section. But it only filled the state while doing migration. While
doing a savevm, we stored an empty string as state. So when we did a
loadvm, it complained that state was invalid.
Fedora 21, 4.1.1, qemu 2.4.0-rc0
> ../../configure --target-list="x86_64-softmmu"
068 2s ... - output mismatch (see 068.out.bad)
--- /home/bos/jhuston/src/qemu/tests/qemu-iotests/068.out 2015-07-08
17:56:18.588164979 -0400
+++ 068.out.bad 2015-07-09 17:39:58.636651317 -0400
@@ -6,6 +6,8 @@
QEMU X.Y.Z monitor - type 'help' for more information
(qemu) savevm 0
(qemu) quit
+qemu-system-x86_64: Unknown savevm section or instance 'globalstate' 0
+qemu-system-x86_64: Error -22 while loading VM state
QEMU X.Y.Z monitor - type 'help' for more information
(qemu) quit
*** done
Failures: 068
Failed 1 of 1 tests
Actually, there were two problems here:
- we registered global_state too late for load_vm (fixed on another
patch on the list)
- we didn't store a valid state for savevm (fixed by this patch).
Reported-by: John Snow <jsnow@redhat.com>
Signed-off-by: Juan Quintela <quintela@redhat.com>
Reviewed-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
Reviewed-by: Amit Shah <amit.shah@redhat.com>
Tested-by: Christian Borntraeger <borntraeger@de.ibm.com>
|
|
'strlen' is called three times in 'save_page_header', it's
inefficient.
Signed-off-by: Liang Li <liang.z.li@intel.com>
Reviewed-by: Juan Quintela <quintela@redhat.com>
Reviewed-by: Amit Shah <amit.shah@redhat.com>
Signed-off-by: Juan Quintela <quintela@redhat.com>
|
|
Otherwise, it is not found
Signed-off-by: Juan Quintela <quintela@redhat.com>
|
|
Reported-by: Jiri Denemark <jdenemar@redhat.com>
Signed-off-by: Juan Quintela <quintela@redhat.com>
|
|
We can want the trace event even without migration events enabled.
Reported-by: Wen Congyang <ghostwcy@gmail.com>
Signed-off-by: Juan Quintela <quintela@redhat.com>
Reviewed-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
|
|
On previous change, we changed state at post load time if it was not
running, special casing the "running" change. Now, we change any states
at the end of the migration.
Signed-off-by: Juan Quintela <quintela@redhat.com>
Tested-by: Christian Borntraeger <borntraeger@de.ibm.com>
|
|
Currently if qemu is connected to a curl source (eg. web server), and
the web server fails / times out / dies, you always see a bogus EIO
"Input/output error".
For example, choose a large file located on any local webserver which
you control:
$ qemu-img convert -p http://example.com/large.iso /tmp/test
Once it starts copying the file, stop the webserver and you will see
qemu-img fail with:
qemu-img: error while reading sector 61440: Input/output error
This patch does two things: Firstly print the actual error from curl
so it doesn't get lost. Secondly, change EIO to EPROTO. EPROTO is a
POSIX.1 compatible errno which more accurately reflects that there was
a protocol error, rather than some kind of hardware failure.
After this patch is applied, the error changes to:
$ qemu-img convert -p http://example.com/large.iso /tmp/test
qemu-img: curl: transfer closed with 469989 bytes remaining to read
qemu-img: error while reading sector 16384: Protocol error
Signed-off-by: Richard W.M. Jones <rjones@redhat.com>
Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com>
Signed-off-by: Jeff Cody <jcody@redhat.com>
|
|
If bus_size is less than 0, the command fails.
If buf_size is 0, use DEFAULT_MIRROR_BUF_SIZE.
If buf_size % granularity is not 0, mirror_free_init() will
do dangerous things.
Signed-off-by: Wen Congyang <wency@cn.fujitsu.com>
Reviewed-by: Fam Zheng <famz@redhat.com>
Message-id: 5555A588.3080907@cn.fujitsu.com
Signed-off-by: Jeff Cody <jcody@redhat.com>
|
|
Reclaim the dirty bitmap if an incremental backup block job is
cancelled. The ret variable may be 0 when the job is cancelled so it's
not enough to check ret < 0.
Reviewed-by: John Snow <jsnow@redhat.com>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
Message-id: 1434380534-7680-1-git-send-email-stefanha@redhat.com
Signed-off-by: Jeff Cody <jcody@redhat.com>
|
|
Draining is not necessary, I/O can happen as soon as the
commit coroutine yields. Draining can be necessary before
reopening the file for read/write, or while modifying the
backing file chain, but that is done separately in
bdrv_reopen_multiple or bdrv_close; this particular
bdrv_drain_all does nothing for that.
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Reviewed-by: Fam Zheng <famz@redhat.com>
Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com>
Message-id: 1432822903-25821-1-git-send-email-pbonzini@redhat.com
Signed-off-by: Jeff Cody <jcody@redhat.com>
|
|
Before, we only yield after initializing dirty bitmap, where the QMP
command would return. That may take very long, and guest IO will be
blocked.
Add sleep points like the later mirror iterations.
Signed-off-by: Fam Zheng <famz@redhat.com>
Reviewed-by: Wen Congyang <wency@cn.fujitsu.com>
Reviewed-by: Paolo Bonzini <pbonzini@redhat.com>
Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com>
Message-id: 1431486673-19280-1-git-send-email-famz@redhat.com
Signed-off-by: Jeff Cody <jcody@redhat.com>
|
|
s390x fixes for 2.4:
- virtio migration regression
- missing diag288 watchdog resets
# gpg: Signature made Tue Jul 14 18:17:54 2015 BST using RSA key ID C6F02FAF
# gpg: Good signature from "Cornelia Huck <huckc@linux.vnet.ibm.com>"
# gpg: aka "Cornelia Huck <cornelia.huck@de.ibm.com>"
* remotes/cohuck/tags/s390x-20150714:
s390/virtio-ccw: Fix migration
watchdog/diag288: correctly register for system reset requests
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
|
|
commit 213941d73b ("virtio-ccw: migrate ->revision") broke
migration:
2015-07-07T11:22:55.570968Z qemu-system-s390x: VQ 39 address 0x0 inconsistent with Host index 0x100
2015-07-07T11:22:55.571008Z qemu-system-s390x: error while loading state for instance 0x0 of
If thinint support is active, the config_load function returns early.
Make sure to load the revision all the time.
Signed-off-by: Christian Borntraeger <borntraeger@de.ibm.com>
Fixes: 213941d73b ("virtio-ccw: migrate ->revision")
Message-Id: <1436269643-66303-1-git-send-email-borntraeger@de.ibm.com>
Signed-off-by: Cornelia Huck <cornelia.huck@de.ibm.com>
|
|
The diag288 watchdog is no sysbus device, therefore it doesn't get
triggered on resets automatically using dc->reset.
Let's register the reset handler manually, so we get correctly notified
again when a system reset was requested. Also reset the watchdog on
subsystem resets that don't trigger a full system reset.
Signed-off-by: Xu Wang <gesaint@linux.vnet.ibm.com>
Reviewed-by: David Hildenbrand <dahi@linux.vnet.ibm.com>
Signed-off-by: Cornelia Huck <cornelia.huck@de.ibm.com>
Tested-by: Christian Borntraeger <borntraeger@de.ibm.com>
Reviewed-by: Andreas Färber <afaerber@suse.de>
|
|
Block layer patches for 2.4.0-rc1
# gpg: Signature made Tue Jul 14 16:15:35 2015 BST using RSA key ID C88F2FD6
# gpg: Good signature from "Kevin Wolf <kwolf@redhat.com>"
* remotes/kevin/tags/for-upstream:
rbd: fix ceph settings precedence
rbd: make qemu's cache setting override any ceph setting
MAINTAINERS: update email address
rbd: remove unused constants and fields
block: Fix backing file child when modifying graph
block: Reorder cleanups in bdrv_close()
block: Introduce bdrv_unref_child()
block: Introduce bdrv_open_child()
block: Move bdrv_attach_child() calls up the call chain
nvme: properly report volatile write caches
nvme: implement the Flush command
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
|
|
Apply the ceph settings from a config file before any ceph settings
from the command line. Since the ceph config file location may be
specified on the command line, parse it once to read the config file,
and do a second pass to apply the rest of the command line ceph
options.
Signed-off-by: Josh Durgin <jdurgin@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
|
|
To be safe, when cache=none is used ceph settings should not be able
to override it to turn on caching. This was previously possible with
rbd_cache=true in the rbd device configuration or a ceph configuration
file. Similarly, rbd settings could have turned off caching when qemu
requested it, although this would just be a performance problem.
Fix this by changing rbd's cache setting to match qemu after all other
ceph settings have been applied.
Signed-off-by: Josh Durgin <jdurgin@redhat.com>
Reviewed-by: Jeff Cody <jcody@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
|
|
The old one still works for now, but will not work indefinitely.
Signed-off-by: Josh Durgin <jdurgin@redhat.com>
Reviewed-by: Jeff Cody <jcody@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
|
|
RBDAIOCB.status was only used for cancel, which was removed in
7691e24dbebb46658e89b3f950fda6ec78bbb823.
RBDAIOCB.sector_num was never used.
RADOSCB.done and rcbid were never used.
RBD_FD* are obsolete since the pipe was removed in
e04fb07fd1676e9facd7f3f878c1bbe03bccd26b.
Signed-off-by: Josh Durgin <jdurgin@redhat.com>
Reviewed-by: Jeff Cody <jcody@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
|
|
This patch moves bdrv_attach_child() from the individual places that add
a backing file to a BDS to bdrv_set_backing_hd(), which is called by all
of them. It also adds bdrv_detach_child() there.
For normal operation (starting with one backing file chain and not
changing it until the topmost image is closed) and live snapshots, this
constitutes no change in behaviour.
For all other cases, this is a fix for the bug that the old backing file
was still referenced as a child, and the new one wasn't referenced.
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Reviewed-by: Max Reitz <mreitz@redhat.com>
|
|
Block drivers may still want to access their child nodes in their
.bdrv_close handler. If they unref and/or detach a child by themselves,
this should not result in a double free.
There is additional code for backing files, which are just a special
case of child nodes. The same applies for them.
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Reviewed-by: Max Reitz <mreitz@redhat.com>
|
|
This is the counterpart for bdrv_open_child(). It decreases the
reference count of the child BDS and removes it from the list of
children of the given parent BDS.
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Reviewed-by: Max Reitz <mreitz@redhat.com>
|
|
It is the same as bdrv_open_image(), except that it doesn't only return
success or failure, but the newly created BdrvChild object for the new
child node.
As the BdrvChild object already contains a BlockDriverState pointer (and
this is supposed to become the only pointer so that bdrv_append() and
friends can just change a single pointer in BdrvChild), the pbs
parameter is removed for bdrv_open_child().
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Reviewed-by: Max Reitz <mreitz@redhat.com>
|
|
Let the callers of bdrv_open_inherit() call bdrv_attach_child(). It
needs to be called in all cases where bdrv_open_inherit() succeeds (i.e.
returns 0) and a child_role is given.
bdrv_attach_child() is moved upwards to avoid a forward declaration.
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Reviewed-by: Max Reitz <mreitz@redhat.com>
|
|
Implement support in Identify and Get/Set Features to properly report
and allow to change the Volatile Write Cache status reported by the
virtual NVMe device.
Signed-off-by: Christoph Hellwig <hch@lst.de>
Acked-by: Keith Busch <keith.busch@intel.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
|
|
Implement a real flush instead of faking it. This is especially important
as Qemu assume Write back cashing by default and thus requires a working
cache flush operation for data integrity.
Signed-off-by: Christoph Hellwig <hch@lst.de>
Acked-by: Keith Busch <keith.busch@intel.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
|
|
staging
vnc: fix vnc client authentication
# gpg: Signature made Tue Jul 14 14:38:48 2015 BST using RSA key ID D3E87138
# gpg: Good signature from "Gerd Hoffmann (work) <kraxel@redhat.com>"
# gpg: aka "Gerd Hoffmann <gerd@kraxel.org>"
# gpg: aka "Gerd Hoffmann (private) <kraxel@gmail.com>"
* remotes/kraxel/tags/pull-vnc-20150714-1:
vnc: fix vnc client authentication
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
|
|
Commit 800567a61 updated the code to the generic crypto API
and mixed up encrypt and decrypt functions in
procotol_client_auth_vnc.
(Used to be: deskey(key, EN0) which encrypts, and was
changed to qcrypto_cipher_decrypt in 800567a61.)
Changed it to qcrypto_cipher_encrypt now.
Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
|
|
pc,virtio: fixes for 2.4
pc and virtio changes, bugfixes only.
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
# gpg: Signature made Mon Jul 13 13:03:38 2015 BST using RSA key ID D28D5469
# gpg: Good signature from "Michael S. Tsirkin <mst@kernel.org>"
# gpg: aka "Michael S. Tsirkin <mst@redhat.com>"
* remotes/mst/tags/for_upstream:
pc: fix reuse of pc-i440fx-2.4 in pc-i440fx-2.3
Revert "virtio-net: enable virtio 1.0"
virtio-pci: don't crash on illegal length
qdev: fix 64 bit properties
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
|
|
commit fddd179ab962f6f78a8493742e1068d6a620e059,
"pc: Convert *_MACHINE_OPTIONS macros into functions"
broke the chaining of *_machine_options() functions on
pc-i440fx-2.3, at:
-#define PC_I440FX_2_3_MACHINE_OPTIONS \
- PC_I440FX_2_4_MACHINE_OPTIONS, \
- .alias = NULL, \
- .is_default = 0
+static void pc_i440fx_2_3_machine_options(QEMUMachine *m)
+{
+ pc_i440fx_machine_options(m);
+ m->alias = NULL;
+ m->is_default = 0;
+}
I have replaced PC_I440FX_2_4_MACHINE_OPTIONS with a
pc_i440fx_machine_options() call, instead of calling
pc_i440fx_2_4_machine_options(). This broke the setting of default_machine_opts
and default_display on pc-i440fx-{2.0,2,1,2.2,2.3}.
Fix this by making pc_i440fx_2_3_machine_options() reuse
pc_i440fx_2_4_machine_options().
Reported-by: "Dr. David Alan Gilbert" <dgilbert@redhat.com>
Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
Signed-off-by: Michael Roth <mdroth@linux.vnet.ibm.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
Reviewed-by: Laszlo Ersek <lersek@redhat.com>
|
|
This reverts commit df91055db5c9cee93d70ca8c08d72119a240b987.
This is because:
- vhost support virtio 1.0 now
- transport code (e.g virtio-pci) set this feature when modern is
enabled, setting this unconditionally will break disable-modern=on.
Cc: Cornelia Huck <cornelia.huck@de.ibm.com>
Signed-off-by: Jason Wang <jasowang@redhat.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
|
|
Some guests seem to access cfg with an illegal length value.
It's worth fixing them but debugging is easier if
qemu does not crash.
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
|
|
64 bit props used 32 bit callbacks in two places, leading to broken
feature bits on virtio (example: got 0x31000000000006d4 which is
obviously bogus). Fix this.
Fixes: fdba6d96 ("qdev: add 64bit properties")
Signed-off-by: Cornelia Huck <cornelia.huck@de.ibm.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
Tested-by: Christian Borntraeger <borntraeger@de.ibm.com>
Acked-by: Paolo Bonzini <pbonzini@redhat.com>
|
|
Commit 59227d5d45bb3c31dc2118011691c35b3c00879c did not update the
code in tcg/tci/tcg-target.c for those two cases.
Signed-off-by: Stefan Weil <sw@weilnetz.de>
Message-id: 1436556159-3002-1-git-send-email-sw@weilnetz.de
Reviewed-by: Richard Henderson <rth@twiddle.net>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
|
|
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
|
|
Compilation of TCI was accidentally broken by the recent disassembler
changes:
CC x86_64-softmmu/arch_init.o
In file included from target-i386/cpu-qom.h:23:0,
from target-i386/cpu.h:986,
from include/qemu-common.h:122,
from include/disas/bfd.h:12,
from disas/tci.c:20:
include/qom/cpu.h:178:43: error: unknown type name ‘disassemble_info’
void (*disas_set_info)(CPUState *cpu, disassemble_info *info);
^
include/qom/cpu.h:179:1: error:
no semicolon at end of struct or union [-Werror]
} CPUClass;
^
cc1: all warnings being treated as errors
The underlying cause of this is an include loop:
bfd.h -> qemu-common.h -> target-arm/cpu.h -> target-arm/cpu-qom.h
-> qom/cpu.h -> bfd.h
which means that if bfd.h is included first then qom/cpu.h doesn't
get the definition of the disassemble_info type that it wanted.
The easiest fix for this is to include qemu-common.h from tci.c
before including disas/bfd.h.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
|
|
Fixes for two bad bugs. For 2.4-rc0.
# gpg: Signature made Thu Jul 9 15:54:19 2015 BST using RSA key ID 78C7AE83
# gpg: Good signature from "Paolo Bonzini <bonzini@gnu.org>"
# gpg: aka "Paolo Bonzini <pbonzini@redhat.com>"
# gpg: WARNING: This key is not certified with sufficiently trusted signatures!
# gpg: It is not certain that the signature belongs to the owner.
# Primary key fingerprint: 46F5 9FBD 57D6 12E7 BFD4 E2F7 7E15 100C CD36 69B1
# Subkey fingerprint: F133 3857 4B66 2389 866C 7682 BFFB D25F 78C7 AE83
* remotes/bonzini/tags/for-upstream:
crypto: fix builtin qcrypto_cipher_free
migration: fix RCU deadlock
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
|
|
This was dereferencing a pointer before checking if it was NULL.
Reported-by: Christian Borntraeger <borntraeger@de.ibm.com>
Reported-by: Aurelien Jarno <aurelien@aurel32.net>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
|
|
staging
QOM CPUState and X86CPU
* Further QOM'ification of CPU initialization
* Propagation of CPUState arguments and elimination of ENV_GET_CPU() usage
* cpu_set_pc() abstraction
* CPUClass::disas_set_info() hook
# gpg: Signature made Thu Jul 9 14:23:12 2015 BST using RSA key ID 3E7E013F
# gpg: Good signature from "Andreas Färber <afaerber@suse.de>"
# gpg: aka "Andreas Färber <afaerber@suse.com>"
* remotes/afaerber/tags/qom-cpu-for-peter: (22 commits)
disas: cris: QOMify target specific disas setup
disas: cris: Fix 0 buffer length case
disas: microblaze: QOMify target specific disas setup
disas: arm: QOMify target specific disas setup
disas: arm-a64: Make printfer and stream variable
disas: QOMify target specific setup
disas: Add print_insn to disassemble info
microblaze: boot: Use cpu_set_pc()
hw/arm/boot: Use cpu_set_pc()
gdbstub: Use cpu_set_pc() helper
cpu: Add wrapper for the set_pc() hook
cpu-exec: Purge all uses of ENV_GET_CPU()
cpu: Change cpu_exec_init() arg to cpu, not env
cpu: Change tcg_cpu_exec() arg to cpu, not env
gdbstub: Change gdbserver_fork() to accept cpu instead of env
translate-all: Change tb_flush() env argument to cpu
target-ppc: Move cpu_exec_init() call to realize function
cpu: Convert cpu_index into a bitmap
cpu: Add Error argument to cpu_exec_init()
cpu: Reorder cpu->as, cpu->thread_id, cpu->memory_dispatch init
...
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
|
|
Move the target_disas() cris specifics to the QOM disas_set_info() hook
and delete the cris specific code in disas.c.
This also now adds support for monitor_disas() to cris.
E.g.
(qemu) xp 0x40004000
0000000040004000: 0x1e6f25f0
And before this patch:
(qemu) xp/i 0x40004000
0x40004000: Asm output not supported on this arch
After:
(qemu) xp/i 0x40004000
0x40004000: di
(qemu) xp/i 0x40004002
0x40004002: move.d 0xb003c004,$r1
Note: second example is 6-byte misaligned instruction!
Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com>
Signed-off-by: Peter Crosthwaite <crosthwaite.peter@gmail.com>
Signed-off-by: Andreas Färber <afaerber@suse.de>
|
|
Cris has the complication of variable length instructions and has
a check in place to clamp memory reads in case the disas request
doesn't have enough bytes for the instruction being disas'd. This
breaks down in the case where disassembling for the monitor where
the buffer length is defaulted to 0.
The buffer length should never be zero for a regular target_disas,
so we can safely assume the 0 case is for the monitor in which case
consider the buffer length to be the max for cris instructions.
Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com>
Signed-off-by: Peter Crosthwaite <crosthwaite.peter@gmail.com>
Signed-off-by: Andreas Färber <afaerber@suse.de>
|
|
Move the target_disas() MB specifics to the QOM disas_set_info hook
and delete the MB specific code in disas.c.
This also now adds support for monitor_disas() to Microblaze.
E.g.
(qemu) xp 0x90000000
0000000090000000: 0x94208001
And before this patch:
(qemu) xp/i 0x90000000
0x90000000: Asm output not supported on this arch
After:
(qemu) xp/i 0x90000000
0x90000000: mfs r1, rmsr
Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com>
Signed-off-by: Peter Crosthwaite <crosthwaite.peter@gmail.com>
Signed-off-by: Andreas Färber <afaerber@suse.de>
|
|
Move the target_disas() ARM specifics to the QOM disas_set_info hook
and delete the ARM specific code in disas.c.
This has the extra advantage of the more fully featured target_disas()
implementation now applying to monitor_disas().
Currently, target_disas() has multi-endian, thumb and AArch64
support whereas the existing monitor_disas() support only has vanilla
AA32 support.
E.G. Running an AA64 linux kernel the following -d in_asm disas happens
(taget_disas()):
IN:
0x0000000040000000: 580000c0 ldr x0, pc+24 (addr 0x40000018)
0x0000000040000004: aa1f03e1 mov x1, xzr
However before this patch, disasing the same from the monitor:
(qemu) xp/i 0x40000000
0x0000000040000000: 580000c0 stmdapl r0, {r6, r7}
After this patch:
(qemu) xp/i 0x40000000
0x0000000040000000: 580000c0 ldr x0, pc+24 (addr 0x40000018)
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Peter Crosthwaite <crosthwaite.peter@gmail.com>
Signed-off-by: Andreas Färber <afaerber@suse.de>
|
