aboutsummaryrefslogtreecommitdiff
AgeCommit message (Collapse)Author
2016-11-14migration: Fix return code of ram_save_iterate()Thomas Huth
qemu_savevm_state_iterate() expects the iterators to return 1 when they are done, and 0 if there is still something left to do. However, ram_save_iterate() does not obey this rule and returns the number of saved pages instead. This causes a fatal hang with ppc64 guests when you run QEMU like this (also works with TCG): qemu-img create -f qcow2 /tmp/test.qcow2 1M qemu-system-ppc64 -nographic -nodefaults -m 256 \ -hda /tmp/test.qcow2 -serial mon:stdio ... then switch to the monitor by pressing CTRL-a c and try to save a snapshot with "savevm test1" for example. After the first iteration, ram_save_iterate() always returns 0 here, so that qemu_savevm_state_iterate() hangs in an endless loop and you can only "kill -9" the QEMU process. Fix it by using proper return values in ram_save_iterate(). Signed-off-by: Thomas Huth <thuth@redhat.com> Reviewed-by: Juan Quintela <quintela@redhat.com> Signed-off-by: Juan Quintela <quintela@redhat.com>
2016-11-14tests/test-vmstate.c: add array of pointer to structHalil Pasic
Increase test coverage by adding tests for the macro VMSTATE_ARRAY_OF_POINTER_TO_STRUCT. Signed-off-by: Halil Pasic <pasic@linux.vnet.ibm.com> Reviewed-by: Guenther Hutzl <hutzl@linux.vnet.ibm.com> Reviewed-by: Juan Quintela <quintela@redhat.com> Signed-off-by: Juan Quintela <quintela@redhat.com>
2016-11-14tests/test-vmstate.c: add save_buffer util funcHalil Pasic
Let us de-duplicate some code by introducing an utility function for saving a chunk of bytes (used when testing load based on wire). Signed-off-by: Halil Pasic <pasic@linux.vnet.ibm.com> Reviewed-by: Guenther Hutzl <hutzl@linux.vnet.ibm.com> Reviewed-by: Juan Quintela <quintela@redhat.com> Signed-off-by: Juan Quintela <quintela@redhat.com>
2016-11-14migration: fix missing assignment for has_x_checkpoint_delayzhanghailiang
We forgot to assign true to params->has_x_checkpoint_delay parameter in qmp_query_migrate_parameters. Without this, qmp command 'query-migrate-parameters' doesn't show the default value for x-checkpoint-delay option. This also fixes the fact that HMP was relying on unspecified behavior by reading x_checkpoint_delay without checking has_x_checkpoint_delay. Signed-off-by: zhanghailiang <zhang.zhanghailiang@huawei.com> Reviewed-by: Eric Blake <eblake@redhat.com> Reviewed-by: Juan Quintela <quintela@redhat.com> Signed-off-by: Juan Quintela <quintela@redhat.com>
2016-11-11Merge remote-tracking branch 'bonzini/tags/for-upstream' into stagingStefan Hajnoczi
Small fixes for hard freeze. # gpg: Signature made Thu 10 Nov 2016 03:34:24 PM GMT # gpg: using RSA key 0xBFFBD25F78C7AE83 # gpg: Good signature from "Paolo Bonzini <bonzini@gnu.org>" # gpg: aka "Paolo Bonzini <pbonzini@redhat.com>" # Primary key fingerprint: 46F5 9FBD 57D6 12E7 BFD4 E2F7 7E15 100C CD36 69B1 # Subkey fingerprint: F133 3857 4B66 2389 866C 7682 BFFB D25F 78C7 AE83 * bonzini/tags/for-upstream: nbd: Don't inf-loop on early EOF target-i386: document how x86 gdb_num_core_regs is computed. qdev: fix use-after-free regression from becdfa00cfa target-i386/machine: fix migrate faile because of Hyper-V HV_X64_MSR_VP_RUNTIME vl.c: move pidfile creation up the line target-i386: fix typo Message-id: 1478800362-18138-1-git-send-email-pbonzini@redhat.com Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2016-11-10MAINTAINERS: Remove obsolete stable branchesThomas Huth
There are only very old and orphaned stable branches listed in the MAINTAINERS file - so this section is pretty useless nowadays. Let's remove it. Reviewed-by: John Snow <jsnow@redhat.com> Signed-off-by: Thomas Huth <thuth@redhat.com>
2016-11-10MAINTAINERS: Add Fam and Jsnow for Bitmap supportJohn Snow
These files are currently unmaintained. I'm proposing that Fam and I co-maintain them; under the model that whomever between us isn't authoring a given series will be responsible for reviewing it. Signed-off-by: John Snow <jsnow@redhat.com> Acked-by: Fam Zheng <famz@redhat.com> Acked-by: Max Reitz <mreitz@redhat.com> Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com> Signed-off-by: Thomas Huth <thuth@redhat.com>
2016-11-10MAINTAINERS: Add an entry for the CHRP NVRAM filesThomas Huth
I recently added new files to the source tree that are not covered by any maintainer yet -- and since every new source file should have a maintainer nowadays, I volunteer to look after these files now, too. Reviewed-by: David Gibson <david@gibson.dropbear.id.au> Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com> Signed-off-by: Thomas Huth <thuth@redhat.com>
2016-11-10m68k: Update the 68k sections in the MAINTAINERS fileThomas Huth
disas/m68k.c obviously belong to the m68k CPU section in the MAINTAINERS file, but remove the hw/m68k/ directory here since it only contains machine (not CPU) related files, as requested by Laurent. Add the machine related files to the right machine sections instead. Reviewed-by: Laurent Vivier <laurent@vivier.eu> Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com> Signed-off-by: Thomas Huth <thuth@redhat.com>
2016-11-10sparc: Add slavio_misc.c and eccmemctl.c to the MAINTAINERS fileThomas Huth
Both files seem to belong to the Sun4m machine. Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com> Signed-off-by: Thomas Huth <thuth@redhat.com>
2016-11-10MAINTAINERS: Add some ARM related files to the corresponding sectionsThomas Huth
The files w/cpu/a*mpcore.c are already assigned to the ARM CPU section, but the corresponding headers include/hw/cpu/a*mpcore.h are still missing. The file hw/*/imx* are already assigned to the i.MX31 machine, but the corresponding header files include/hw/*/imx* are still missing. The file hw/misc/arm_integrator_debug.c seems to belong to Integrator CP, hw/cpu/realview_mpcore.c seems to belong to Real View, and hw/misc/mst_fpga.c seems to belong to PXA2XX. And the files hw/misc/zynq* and include/hw/misc/zynq* seem to belong to the Xilinx Zynq machine. Reviewed-by: Alistair Francis <alistair.francis@xilinx.com> Acked-by: Peter Maydell <peter.maydell@linaro.org> Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com> Signed-off-by: Thomas Huth <thuth@redhat.com>
2016-11-10Fix cursesw detectionSamuel Thibault
On systems which do not provide ncursesw.pc and whose /usr/include/curses.h does not include wide support, we should not only try with no -I, i.e. /usr/include, but also with -I/usr/include/ncursesw. To properly detect for wide support with and without -Werror, we need to check for the presence of e.g. the WACS_DEGREE macro. We also want to stop at the first curses_inc_list configuration which works, and make sure to set IFS to : at each new loop. Signed-off-by: Samuel Thibault <samuel.thibault@ens-lyon.org> Tested-by: Cornelia Huck <cornelia.huck@de.ibm.com> Message-id: 20161109102752.13255-1-samuel.thibault@ens-lyon.org Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2016-11-10hw/input/hid: support alternative sysrq/break scancodes for gtk-vncPeter Korsgaard
The printscreen/sysrq and pause/break keys currently don't work for guests using -usbdevice keyboard when accessed through vnc with a gtk-vnc based client. The reason for this is a mismatch between gtk-vnc and qemu in how these keys should be mapped to XT keycodes. On the original IBM XT these keys behaved differently than other keys. Quoting from https://www.win.tue.nl/~aeb/linux/kbd/scancodes-1.html: The keys PrtSc/SysRq and Pause/Break are special. The former produces scancode e0 2a e0 37 when no modifier key is pressed simultaneously, e0 37 together with Shift or Ctrl, but 54 together with (left or right) Alt. (And one gets the expected sequences upon release. But see below.) The latter produces scancode sequence e1 1d 45 e1 9d c5 when pressed (without modifier) and nothing at all upon release. However, together with (left or right) Ctrl, one gets e0 46 e0 c6, and again nothing at release. It does not repeat. Gtk-vnc supports the 'QEMU Extended Key Event Message' RFB extension to send raw XT keycodes directly to qemu, but the specification doesn't explicitly specify how to map such long/complicated keycode sequences. From the spec (https://github.com/rfbproto/rfbproto/blob/master/rfbproto.rst#qemu-extended-key-event-message) The keycode is the XT keycode that produced the keysym. An XT keycode is an XT make scancode sequence encoded to fit in a single U32 quantity. Single byte XT scancodes with a byte value less than 0x7f are encoded as is. 2-byte XT scancodes whose first byte is 0xe0 and second byte is less than 0x7f are encoded with the high bit of the first byte set hid.c currently expects the keycode sequence with shift/ctl for sysrq (e0 37 -> 0xb7 in RFB), whereas gtk-vnc uses the sequence with alt (0x54). Likewise, hid.c expects the code without modifiers (e1 1d 45 -> 0xc5 in RFB), whereas gtk-vnc sends the keycode sequence with ctrl for pause (e0 46 -> 0xc6 in RFB). See keymaps.cvs in gtk-vnc for the mapping used: https://git.gnome.org/browse/gtk-vnc/tree/src/keymaps.csv#n150 Now, it isn't obvious to me which sequence is really "right", but as the 0x54/0xc6 keycodes are currently unused in hid.c, supporting both seems like the pragmatic solution to me. The USB HID keyboard boot protocol used by hid.c doesn't have any other mapping applicable to these keys. The other guest keyboard interfaces (ps/2, virtio, ..) are not affected, because they handle these keys differently. Signed-off-by: Peter Korsgaard <peter@korsgaard.com> Message-id: 20161028145132.1702-1-peter@korsgaard.com Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2016-11-10ui/gtk: Fix build with older versions of gtkThomas Huth
GDK_KEY_Delete is only defined with gtk version 2.22 and newer, on older versions this key was called GDK_Delete instead. Since this is the case for all GDK_KEY_* defines, change the already existing preprocessor check there to test for version 2.22, so we know that we can remove this code block in case we require that version as a minimum one day. Signed-off-by: Thomas Huth <thuth@redhat.com> Reviewed-by: Daniel P. Berrange <berrange@redhat.com> Message-id: 1478081328-25515-1-git-send-email-thuth@redhat.com Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2016-11-10usbredir: free vm_change_state_handler in usbredir destroy dispatchLi Qiang
In usbredir destroy dispatch function, it doesn't free the vm change state handler once registered in usbredir_realize function. This will lead a memory leak issue. This patch avoid this. Signed-off-by: Li Qiang <liqiang6-s@360.cn> Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com> Message-id: 58216976.d0236b0a.77b99.bcd6@mx.google.com Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2016-11-10usb: ehci: fix memory leak in ehci_init_transferLi Qiang
In ehci_init_transfer function, if the 'cpage' is bigger than 4, it doesn't free the 'p->sgl' once allocated previously thus leading a memory leak issue. This patch avoid this. Signed-off-by: Li Qiang <liqiang6-s@360.cn> Message-id: 5821c0f4.091c6b0a.e0c92.e811@mx.google.com Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2016-11-10ipxe: update to 20161108 snapshotGerd Hoffmann
git shortlog 04186319..b991c67c =============================== Laszlo Ersek (3): [efi] Install the HII config access protocol on a child of the SNP handle [librm] Conditionalize the workaround for the Tivoli VMM's SSE garbling [build] Disable TIVOLI_VMM_WORKAROUND in the qemu configuration Lukas Grossar (1): [intel] Add PCI device ID for I219-V/LM Michael Brown (57): [efi] Fix uninitialised data in HII IFR structures [bios] Do not enable interrupts when printing to the console [pxe] Disable interrupts on the PIC before starting NBP [dhcp] Allow for variable encapsulation of architecture-specific options [dhcpv6] Include RFC5970 client architecture options in DHCPv6 requests [dhcpv6] Include vendor class identifier option in DHCPv6 requests [dhcp] Automatically generate vendor class identifier string [xfer] Send intf_close() if redirection fails [downloader] Treat redirection failures as fatal [iscsi] Treat redirection failures as fatal [debug] Allow per-object runtime enabling/disabling of debug messages [debug] Allow debug messages to be initially disabled at runtime [libc] Allow assertions to be globally enabled or disabled [profile] Allow profiling to be globally enabled or disabled [rng] Check for functioning RTC interrupt [acpi] Add support for ACPI power off [acpi] Allow time for ACPI power off to take effect [ipv4] Send gratuitous ARPs whenever a new IPv4 address is applied [intel] Strip spurious VLAN tags received by virtual function NICs [intel] Remove duplicate intelvf_mbox_queues() function [ipv6] Perform SLAAC only during autoconfiguration [settings] Create space for IPv6 in settings display order [ipv6] Rename ipv6_scope to dhcpv6_scope [settings] Correctly mortalise autovivified child settings blocks [ipv6] Allow settings to comprise arbitrary subsets of NDP options [ipv6] Expose IPv6 settings acquired through NDP [dhcpv6] Expose IPv6 address setting acquired through DHCPv6 [ipv6] Expose IPv6 link-local address settings [settings] Allow settings blocks to specify a sibling ordering [ipv6] Match user expectations for IPv6 settings priorities [ipv6] Create routing table based on IPv6 settings [ipv6] Rename ipv6_scope to ipv6_settings_scope [test] Update IPv6 tests to use okx() [ipv6] Allow for multiple routers [hyperv] Use instance UUID in device name [crypto] Remove obsolete extern declaration for asn1_invalidate_cursor() [crypto] Allow for parsing of partial ASN.1 cursors [image] Add image_asn1() to extract ASN.1 objects from image [crypto] Add DER image format [crypto] Add PEM image format [image] Use image_asn1() to extract data from CMS signature images [build] Remove obsolete explicit object requirements [crypto] Enable both DER and PEM formats by default [build] Remove more obsolete explicit object requirements [pixbuf] Enable PNG format by default [crypto] Add image_x509() to extract X.509 certificates from image [crypto] Generalise X.509 "valid" field to a "flags" field [list] Add list_next_entry() and list_prev_entry() [crypto] Expose certstore_del() to explicitly remove stored certificates [crypto] Allow certificates to be marked as having been added explicitly [crypto] Add certstat() to display basic certificate information [cmdline] Add certificate management commands [crypto] Mark permanent certificates as permanent [efi] Mark AppleNetBoot.h as a native iPXE header [efi] Update to current EDK2 headers [efi] Add EFI_BLOCK_IO2_PROTOCOL header and GUID definition [bzimage] Fix page alignment of initrd images Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2016-11-10nbd: Don't inf-loop on early EOFEric Blake
Commit 7d3123e converted a single read_sync() into a while loop that assumed that read_sync() would either make progress or give an error. But when the server hangs up early, the client sees EOF (a read_sync() of 0) and never makes progress, which in turn caused qemu-iotest './check -nbd 83' to go into an infinite loop. Rework the loop to accomodate reads cut short by EOF. Reported-by: Max Reitz <mreitz@redhat.com> Signed-off-by: Eric Blake <eblake@redhat.com> Message-Id: <1478551093-32757-1-git-send-email-eblake@redhat.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2016-11-10target-i386: document how x86 gdb_num_core_regs is computed.Doug Evans
It helps when reading the code to see how the number is arrived at. Signed-off-by: Doug Evans <dje@google.com> Message-Id: <94eb2c187eda43dba005406c86f7@google.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2016-11-10qdev: fix use-after-free regression from becdfa00cfaMarc-André Lureau
Spotted by Coverity, CID 1365383. Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com> Message-Id: <20161107095922.31676-1-marcandre.lureau@redhat.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2016-11-10target-i386/machine: fix migrate faile because of Hyper-V HV_X64_MSR_VP_RUNTIMEZhuangYanying
Hyper-V HV_X64_MSR_VP_RUNTIME was introduced in linux-4.4 + qemu-2.5. As long as the KVM module supports, qemu will save / load the vmstate_msr_hyperv_runtime register during the migration. Regardless of whether the hyperv_runtime configuration of x86_cpu_properties is enabled. The qemu-2.3 does not support this feature, of course, failed to migrate. linux-BGSfqC:/home/qemu # ./x86_64-softmmu/qemu-system-x86_64 --enable-kvm \ -nodefaults -machine pc-i440fx-2.3,accel=kvm,usb=off -smp 4 -m 4096 -drive \ file=/work/suse/sles11sp3.img.bak,format=raw,if=none,id=drive-virtio-disk0,cache=none \ -device virtio-blk-pci,scsi=off,bus=pci.0,addr=0x5,drive=drive-virtio-disk0,id=virtio-disk0 \ -vnc :99 -device cirrus-vga,id=video0,vgamem_mb=8,bus=pci.0,addr=0x2 -monitor vc save_section_header:se->section_id=3,se->idstr:ram,se->instance_id=0,se->version_id=4 save_section_header:se->section_id=0,se->idstr:timer,se->instance_id=0,se->version_id=2 save_section_header:se->section_id=4,se->idstr:cpu_common,se->instance_id=0,se->version_id=1 save_section_header:se->section_id=5,se->idstr:cpu,se->instance_id=0,se->version_id=12 vmstate_subsection_save:vmsd->name:cpu/async_pf_msr hyperv_runtime_enable_needed:env->msr_hv_runtime=128902811 vmstate_subsection_save:vmsd->name:cpu/msr_hyperv_runtime Since hyperv_runtime is false, vm will not use hv->runtime_offset, then vmstate_msr_hyperv_runtime is no need to transfer while migrating. Signed-off-by: ann.zhuangyanying@huawei.com Message-Id: <1478247398-5016-1-git-send-email-ann.zhuangyanying@huawei.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2016-11-09vl.c: move pidfile creation up the lineMichael Tokarev
With current code, pid file is open after various sockets, chardevs, fsdevs and the like. This causes interesting effects, for example when monitor is a unix-socket, and another qemu instance is already running, new qemu first "damages" the socket and next complain that it can't acquire the pid file and exits, making running qemu unreachable. Move pid file creation earlier, right after the call to os_daemonize(), where we know our process id (pid). Signed-off-by: Michael Tokarev <mjt@tls.msk.ru> Message-Id: <1478096330-18081-1-git-send-email-mjt@msgid.tls.msk.ru> Reviewed-by: Daniel P. Berrange <berrange@redhat.com> Reviewed-by: Markus Armbruster <armbru@redhat.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2016-11-09target-i386: fix typoPaolo Bonzini
The impact is small because kvm_get_vcpu_events fixes env->hflags, but it is wrong and could cause INITs to be delayed arbitrarily with -machine kernel_irqchip=off. Reported-by: Achille Fouilleul <achille.fouilleul@gadz.org> Reviewed-by: Richard Henderson <rth@twiddle.net> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2016-11-09Merge remote-tracking branch 'public/tags/tracing-pull-request' into stagingStefan Hajnoczi
# gpg: Signature made Tue 08 Nov 2016 06:17:13 PM GMT # gpg: using RSA key 0x9CA4ABB381AB73C8 # gpg: Good signature from "Stefan Hajnoczi <stefanha@redhat.com>" # gpg: aka "Stefan Hajnoczi <stefanha@gmail.com>" # Primary key fingerprint: 8695 A8BF D3F9 7CDA AC35 775A 9CA4 ABB3 81AB 73C8 * public/tags/tracing-pull-request: docs/tracing.txt: Update documentation of default backend Message-id: 1478629053-31709-1-git-send-email-stefanha@redhat.com Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2016-11-09Merge remote-tracking branch 'public/tags/block-pull-request' into stagingStefan Hajnoczi
# gpg: Signature made Tue 08 Nov 2016 06:12:29 PM GMT # gpg: using RSA key 0x9CA4ABB381AB73C8 # gpg: Good signature from "Stefan Hajnoczi <stefanha@redhat.com>" # gpg: aka "Stefan Hajnoczi <stefanha@gmail.com>" # Primary key fingerprint: 8695 A8BF D3F9 7CDA AC35 775A 9CA4 ABB3 81AB 73C8 * public/tags/block-pull-request: aio-posix: simplify aio_epoll_update aio-posix: avoid NULL pointer dereference in aio_epoll_update block: Don't mark node clean after failed flush Message-id: 1478628762-31050-1-git-send-email-stefanha@redhat.com Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2016-11-08docs/tracing.txt: Update documentation of default backendPeter Maydell
In commit baf86d6b3c we switched the default trace backend from "nop" to "log". Update the documentation to match. Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Message-id: 1478276837-31780-1-git-send-email-peter.maydell@linaro.org Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2016-11-08aio-posix: simplify aio_epoll_updatePaolo Bonzini
Extract common code out of the "if". Reviewed-by: Fam Zheng <famz@redhat.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com> Message-id: 20161108135524.25927-3-pbonzini@redhat.com Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2016-11-08aio-posix: avoid NULL pointer dereference in aio_epoll_updatePaolo Bonzini
aio_epoll_update dereferences parameter "node", but it could have been NULL if deleting an fd handler that was not registered in the first place. Signed-off-by: Paolo Bonzini <pbonzini@redhat.com> Reviewed-by: Fam Zheng <famz@redhat.com> Message-id: 20161108135524.25927-2-pbonzini@redhat.com Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2016-11-08block: Don't mark node clean after failed flushKevin Wolf
Commit 3ff2f67a changed bdrv_co_flush() so that no flush is issues if the image hasn't been dirtied since the last flush. This is not quite correct: The condition should be that the image hasn't been dirtied since the last _successful_ flush. This patch changes the logic accordingly. Without this fix, subsequent bdrv_co_flush() calls would return success without actually doing anything even though the image is still dirty. The difference is visible in some blkdebug test cases where error messages incorrectly disappeared after commit 3ff2f67a. Cc: qemu-stable@nongnu.org Signed-off-by: Kevin Wolf <kwolf@redhat.com> Reviewed-by: Denis V. Lunev <den@openvz.org> Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com> Reviewed-by: John Snow <jsnow@redhat.com> Message-id: 1478300595-10090-1-git-send-email-kwolf@redhat.com Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2016-11-07Merge remote-tracking branch 'pm215/tags/pull-target-arm-20161107' into stagingStefan Hajnoczi
target-arm queue: * bitbang_i2c: Handle NACKs from devices * Fix corruption of CPSR when SCTLR.EE is set * nvic: set pending status for not active interrupts * char: cadence: check baud rate generator and divider values # gpg: Signature made Mon 07 Nov 2016 10:43:07 AM GMT # gpg: using RSA key 0x3C2525ED14360CDE # gpg: Good signature from "Peter Maydell <peter.maydell@linaro.org>" # gpg: aka "Peter Maydell <pmaydell@gmail.com>" # gpg: aka "Peter Maydell <pmaydell@chiark.greenend.org.uk>" # Primary key fingerprint: E1A5 C593 CD41 9DE2 8E83 15CF 3C25 25ED 1436 0CDE * pm215/tags/pull-target-arm-20161107: hw/i2c/bitbang_i2c: Handle NACKs from devices Fix corruption of CPSR when SCTLR.EE is set nvic: set pending status for not active interrupts char: cadence: check baud rate generator and divider values Message-id: 1478515653-6361-1-git-send-email-peter.maydell@linaro.org Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2016-11-07s390x/kvm: fix run_on_cpu sigp conversionsCornelia Huck
Commit 14e6fe12a ("*_run_on_cpu: introduce run_on_cpu_data type") attempted to convert all users of run_on_cpu to use the new run_on_cpu_data type. It missed to change the called sigp_* routines, however. Fix that. Fixes: 14e6fe12a ("*_run_on_cpu: introduce run_on_cpu_data type") Signed-off-by: Cornelia Huck <cornelia.huck@de.ibm.com> Acked-by: Christian Borntraeger <borntraeger@de.ibm.com> Message-id: 20161102162103.66480-1-cornelia.huck@de.ibm.com Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2016-11-07hw/i2c/bitbang_i2c: Handle NACKs from devicesPeter Maydell
If the guest attempts to talk to a nonexistent device over i2c, the i2c_start_transfer() function will return non-zero, indicating that the bus is signalling a NACK. Similarly, if the i2c_send() function returns nonzero then the target device returned a NACK. Handle this possibility in the bitbang_i2c code, by returning the state machine to the STOPPED state and returning the NACK bit to the guest. This bit of missing functionality was spotted by Coverity (it noticed that we weren't checking the return value from i2c_start_transfer()). Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Message-id: 1477332749-27098-1-git-send-email-peter.maydell@linaro.org
2016-11-07Fix corruption of CPSR when SCTLR.EE is setJulian Brown
Fix a typo in arm_cpu_do_interrupt_aarch32 (OR'ing with ~CPSR_E instead of CPSR_E) which meant that when we took an interrupt with SCTLR.EE set we would corrupt the CPSR. Signed-off-by: Julian Brown <julian@codesourcery.com> Reviewed-by: Peter Maydell <peter.maydell@linaro.org> Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2016-11-07nvic: set pending status for not active interruptsMarcin Krzeminski
According to ARM DUI 0552A 4.2.10. NVIC set pending status also for disabled interrupts. Correct the logic for when interrupts are marked pending both on input level transition and when interrupts are dismissed, to match the NVIC behaviour rather than the 11MPCore GIC. Signed-off-by: Marcin Krzeminski <marcin.krzeminski@nokia.com> Reviewed-by: Peter Maydell <peter.maydell@linaro.org> Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2016-11-07char: cadence: check baud rate generator and divider valuesPrasad J Pandit
The Cadence UART device emulator calculates speed by dividing the baud rate by a 'baud rate generator' & 'baud rate divider' value. The device specification defines these register values to be non-zero and within certain limits. Add checks for these limits to avoid errors like divide by zero. Reported-by: Huawei PSIRT <psirt@huawei.com> Signed-off-by: Prasad J Pandit <pjp@fedoraproject.org> Reviewed-by: Alistair Francis <alistair.francis@xilinx.com> Message-id: 1477596278-1470-1-git-send-email-ppandit@redhat.com Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2016-11-04Merge remote-tracking branch 'sstabellini/tags/xen-20161102-tag' into stagingStefan Hajnoczi
Xen 2016/11/02 # gpg: Signature made Wed 02 Nov 2016 07:28:40 PM GMT # gpg: using RSA key 0x894F8F4870E1AE90 # gpg: Good signature from "Stefano Stabellini <sstabellini@kernel.org>" # gpg: aka "Stefano Stabellini <stefano.stabellini@eu.citrix.com>" # Primary key fingerprint: D04E 33AB A51F 67BA 07D3 0AEA 894F 8F48 70E1 AE90 * sstabellini/tags/xen-20161102-tag: PCMachineState: introduce acpi_build_enabled field hw/xen/xen_pvdev: Include qemu/log.h for qemu_log_vprintf() Message-id: alpine.DEB.2.10.1611021227530.19454@sstabellini-ThinkPad-X260 Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2016-11-03Merge remote-tracking branch 'remotes/bonzini/tags/for-upstream' into stagingStefan Hajnoczi
* NBD bugfix (Changlong) * NBD write zeroes support (Eric) * Memory backend fixes (Haozhong) * Atomics fix (Alex) * New AVX512 features (Luwei) * "make check" logging fix (Paolo) * Chardev refactoring fallout (Paolo) * Small checkpatch improvements (Paolo, Jeff) # gpg: Signature made Wed 02 Nov 2016 08:31:11 AM GMT # gpg: using RSA key 0xBFFBD25F78C7AE83 # gpg: Good signature from "Paolo Bonzini <bonzini@gnu.org>" # gpg: aka "Paolo Bonzini <pbonzini@redhat.com>" # Primary key fingerprint: 46F5 9FBD 57D6 12E7 BFD4 E2F7 7E15 100C CD36 69B1 # Subkey fingerprint: F133 3857 4B66 2389 866C 7682 BFFB D25F 78C7 AE83 * remotes/bonzini/tags/for-upstream: (30 commits) main-loop: Suppress I/O thread warning under qtest docs/rcu.txt: Fix minor typo vl: exit qemu on guest panic if -no-shutdown is not set checkpatch: allow spaces before parenthesis for 'coroutine_fn' x86: add AVX512_4VNNIW and AVX512_4FMAPS features slirp: fix CharDriver breakage qemu-char: do not forward events through the mux until QEMU has started nbd: Implement NBD_CMD_WRITE_ZEROES on client nbd: Implement NBD_CMD_WRITE_ZEROES on server nbd: Improve server handling of shutdown requests nbd: Refactor conversion to errno to silence checkpatch nbd: Support shorter handshake nbd: Less allocation during NBD_OPT_LIST nbd: Let client skip portions of server reply nbd: Let server know when client gives up negotiation nbd: Share common option-sending code in client nbd: Send message along with server NBD_REP_ERR errors nbd: Share common reply-sending code in server nbd: Rename struct nbd_request and nbd_reply nbd: Rename NbdClientSession to NBDClientSession ... Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2016-11-03Merge remote-tracking branch 'remotes/mst/tags/for_upstream' into stagingStefan Hajnoczi
virtio, pc: fixes and features nvdimm hotplug support virtio migration and ioeventfd rework virtio crypto device ipmi fixes Signed-off-by: Michael S. Tsirkin <mst@redhat.com> # gpg: Signature made Tue 01 Nov 2016 05:23:40 PM GMT # gpg: using RSA key 0x281F0DB8D28D5469 # gpg: Good signature from "Michael S. Tsirkin <mst@kernel.org>" # gpg: aka "Michael S. Tsirkin <mst@redhat.com>" # Primary key fingerprint: 0270 606B 6F3C DF3D 0B17 0970 C350 3912 AFBE 8E67 # Subkey fingerprint: 5D09 FD08 71C8 F85B 94CA 8A0D 281F 0DB8 D28D 5469 * remotes/mst/tags/for_upstream: (47 commits) acpi: fix assert failure caused by commit 35c5a52d acpi/ipmi: Initialize the fwinfo before fetching it ipmi: Add graceful shutdown handling to the external BMC ipmi: fix build config variable name for ipmi_bmc_extern.o ipmi: Implement shutdown via ACPI overtemp ipmi: chassis poweroff should use qemu_system_shutdown_request() ipmi_bmc_sim: Remove an unnecessary mutex ipmi: Remove hotplug from IPMI BMCs pc: memhp: enable nvdimm device hotplug nvdimm acpi: introduce _FIT nvdimm acpi: introduce fit buffer nvdimm acpi: prebuild nvdimm devices for available slots nvdimm acpi: use common macros instead of magic names acpi nvdimm: rename result_size to dsm_out_buf_siz nvdimm acpi: compile nvdimm acpi code arch-independently acpi nvdimm: fix Arg6 usage acpi nvdimm: fix ARG3 conflict acpi nvdimm: fix device physical address base acpi nvdimm: fix OperationRegion definition acpi nvdimm: fix wrong buffer size returned by DSM method ... Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2016-11-02PCMachineState: introduce acpi_build_enabled fieldWei Liu
Introduce this field to control whether ACPI build is enabled by a particular machine or accelerator. It defaults to true if the machine itself supports ACPI build. Xen accelerator will disable it because Xen is in charge of building ACPI tables for the guest. Signed-off-by: Wei Liu <wei.liu2@citrix.com> Signed-off-by: Stefano Stabellini <sstabellini@kernel.org> Reviewed-by: Stefano Stabellini <sstabellini@kernel.org> Reviewed-by: Eduardo Habkost <ehabkost@redhat.com> Tested-by: Sander Eikelenboom <linux@eikelenboom.it>
2016-11-02hw/xen/xen_pvdev: Include qemu/log.h for qemu_log_vprintf()Thomas Huth
Olaf Hering reported a build failure due to an undefined reference to 'qemu_log_vprintf'. Explicitely including qemu/log.h seems to fix the issue. Signed-off-by: Thomas Huth <thuth@redhat.com> Signed-off-by: Stefano Stabellini <sstabellini@kernel.org> Acked-by: Stefano Stabellini <sstabellini@kernel.org> Tested-by: Olaf Hering <olaf@aepfle.de>
2016-11-02main-loop: Suppress I/O thread warning under qtestMax Reitz
We do not want to display the "I/O thread spun" warning for test cases that run under qtest. The first attempt for this (commit 01c22f2cdd4fcf02276ea10f48253850a5fd7259) tested whether qtest_enabled() was true. Commit 21a24302e85024dd7b2a151158adbc1f5dc5c4dd correctly recognized that just testing qtest_enabled() is not sufficient since there are some tests that do not use the qtest accelerator but just the qtest character device, and thus replaced qtest_enabled() by qtest_driver(). However, there are also some tests that only use the qtest accelerator and not the qtest chardev; perhaps most notably the bash iotests. Therefore, we have to check both qtest_enabled() and qtest_driver(). Signed-off-by: Max Reitz <mreitz@redhat.com> Message-Id: <20161017180939.27912-1-mreitz@redhat.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2016-11-02docs/rcu.txt: Fix minor typoPranith Kumar
s/presented/prevented/ Signed-off-by: Pranith Kumar <bobby.prani@gmail.com> Message-Id: <20161018050418.4912-1-bobby.prani@gmail.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2016-11-02vl: exit qemu on guest panic if -no-shutdown is not setChristian Borntraeger
For automated testing purposes it can be helpful to exit qemu (poweroff) when the guest panics. Make this the default unless -no-shutdown is specified. For internal-errors like errors from KVM_RUN the behaviour is not changed, in other words QEMU does not exit to allow debugging in the QEMU monitor. Signed-off-by: Christian Borntraeger <borntraeger@de.ibm.com> Message-Id: <1476775794-108012-1-git-send-email-borntraeger@de.ibm.com> Reviewed-by: Eric Blake <eblake@redhat.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2016-11-02checkpatch: allow spaces before parenthesis for 'coroutine_fn'Jeff Cody
Signed-off-by: Jeff Cody <jcody@redhat.com> Message-Id: <83b0fae0728906e18849c971d22d077d7fc0f179.1478010883.git.jcody@redhat.com> Reviewed-by: Eric Blake <eblake@redhat.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2016-11-02x86: add AVX512_4VNNIW and AVX512_4FMAPS featuresLuwei Kang
The spec can be found in Intel Software Developer Manual or in Instruction Set Extensions Programming Reference. Signed-off-by: Piotr Luc <piotr.luc@intel.com> Signed-off-by: Luwei Kang <luwei.kang@intel.com> Message-Id: <1477902446-5932-1-git-send-email-he.chen@linux.intel.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2016-11-02slirp: fix CharDriver breakagePaolo Bonzini
SLIRP expects a CharBackend as the third argument to slirp_add_exec, but net/slirp.c was passing a CharDriverState. Fix this to restore guestfwd functionality. Reported-by: Dr. David Alan Gilbert <dgilbert@redhat.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2016-11-02qemu-char: do not forward events through the mux until QEMU has startedPaolo Bonzini
Otherwise, the CHR_EVENT_OPENED event is sent twice: first when the backend (for example "stdio") is opened, and second after processing the command line. The incorrect sending of the event prints the monitor banner when QEMU is started with "-serial mon:stdio". This includes the "(qemu)" prompt; thus the monitor seems to be dead, whereas actually the active front-end is the serial port. Reported-by: Dr. David Alan Gilbert <dgilbert@redhat.com> Tested-by: Dr. David Alan Gilbert <dgilbert@redhat.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2016-11-02nbd: Implement NBD_CMD_WRITE_ZEROES on clientEric Blake
Upstream NBD protocol recently added the ability to efficiently write zeroes without having to send the zeroes over the wire, along with a flag to control whether the client wants a hole. The generic block code takes care of falling back to the obvious write of lots of zeroes if we return -ENOTSUP because the server does not have WRITE_ZEROES. Ideally, since NBD_CMD_WRITE_ZEROES does not involve any data over the wire, we want to support transactions that are much larger than the normal 32M limit imposed on NBD_CMD_WRITE. But the server may still have a limit smaller than UINT_MAX, so until experimental NBD protocol additions for advertising various command sizes is finalized (see [1], [2]), for now we just stick to the same limits as normal writes. [1] https://github.com/yoe/nbd/blob/extension-info/doc/proto.md [2] https://sourceforge.net/p/nbd/mailman/message/35081223/ Signed-off-by: Eric Blake <eblake@redhat.com> Message-Id: <1476469998-28592-17-git-send-email-eblake@redhat.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2016-11-02nbd: Implement NBD_CMD_WRITE_ZEROES on serverEric Blake
Upstream NBD protocol recently added the ability to efficiently write zeroes without having to send the zeroes over the wire, along with a flag to control whether the client wants to allow a hole. Note that when it comes to requiring full allocation, vs. permitting optimizations, the NBD spec intentionally picked a different sense for the flag; the rules in qemu are: MAY_UNMAP == 0: must write zeroes MAY_UNMAP == 1: may use holes if reads will see zeroes while in NBD, the rules are: FLAG_NO_HOLE == 1: must write zeroes FLAG_NO_HOLE == 0: may use holes if reads will see zeroes In all cases, the 'may use holes' scenario is optional (the server need not use a hole, and must not use a hole if subsequent reads would not see zeroes). Signed-off-by: Eric Blake <eblake@redhat.com> Message-Id: <1476469998-28592-16-git-send-email-eblake@redhat.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2016-11-02nbd: Improve server handling of shutdown requestsEric Blake
NBD commit 6d34500b clarified how clients and servers are supposed to behave before closing a connection. It added NBD_REP_ERR_SHUTDOWN (for the server to announce it is about to go away during option haggling, so the client should quit sending NBD_OPT_* other than NBD_OPT_ABORT) and ESHUTDOWN (for the server to announce it is about to go away during transmission, so the client should quit sending NBD_CMD_* other than NBD_CMD_DISC). It also clarified that NBD_OPT_ABORT gets a reply, while NBD_CMD_DISC does not. This patch merely adds the missing reply to NBD_OPT_ABORT and teaches the client to recognize server errors. Actually teaching the server to send NBD_REP_ERR_SHUTDOWN or ESHUTDOWN would require knowing that the server has been requested to shut down soon (maybe we could do that by installing a SIGINT handler in qemu-nbd, which transitions from RUNNING to a new state that waits for the client to react, rather than just out-right quitting - but that's a bigger task for another day). Signed-off-by: Eric Blake <eblake@redhat.com> Message-Id: <1476469998-28592-15-git-send-email-eblake@redhat.com> [Move dummy ESHUTDOWN to include/qemu/osdep.h. - Paolo] Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>