aboutsummaryrefslogtreecommitdiff
path: root/hw
AgeCommit message (Collapse)Author
2013-06-18scsi-generic: check the return value of bdrv_aio_ioctl in execute_commandPavel Hrdina
This fixes the bug introduced by this commit ad54ae80c73f. The bdrv_aio_ioctl() still could return null and we should return an error in that case. Cc: qemu-stable@nongnu.org Signed-off-by: Pavel Hrdina <phrdina@redhat.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2013-06-18scsi-generic: fix sign extension of READ CAPACITY(10) dataPaolo Bonzini
Issuing the READ CAPACITY(10) command in the guest will cause QEMU to update its knowledge of the maximum accessible LBA in the disk. The recorded maximum LBA will be wrong if the disk is bigger than 1TB, because ldl_be_p returns a signed int. When this is fixed, a latent bug will be unmasked. If the READ CAPACITY(10) command reported an overflow (0xFFFFFFFF), we must not overwrite the previously-known maximum accessible LBA, or the guest will fail to access the disk above the first 2TB. Cc: qemu-stable@nongnu.org Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2013-06-18scsi: reset cdrom tray statuses on scsi_disk_resetPavel Hrdina
Tray statuses should be also reset. Some guests may lock the tray and right after resetting the guest it should be unlocked and closed. This is done on power-on, reset and resume from suspend/hibernate on bare-metal. This fix is already committed for IDE CD. Check the commit a7f3d65b65b8c86a5ff0c0abcfefb45e2ec6fe4c. Test results on bare-metal: - on reset/power-on the CD-ROM tray is closed even before the monitor is turned on - on resume from suspend/hibernate the tray is also closed before the monitor is turned on From test results it seems that this behavior is OS and probably BIOS independent. Cc: qemu-stable@nongnu.org Signed-off-by: Pavel Hrdina <phrdina@redhat.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2013-06-18intc/xilinx_intc: Dont lower IRQ when HIE clearedPeter Crosthwaite
This is a little strange. It is lowering the parent IRQ pin on input when HIE is cleared. There is no such behaviour in the real hardware. ISR changes based on interrupt pin state are already guarded on HIE being set. So we can just delete this if in its entirety. Signed-off-by: Peter Crosthwaite <peter.crosthwaite@xilinx.com> Signed-off-by: Edgar E. Iglesias <edgar.iglesias@gmail.com>
2013-06-18intc/xilinx_intc: Inhibit write to ISR when HIEPeter Crosthwaite
When the Hardware Interrupt Enable (HIE) bit is set, software cannot change ISR. Add write guard accordingly. Signed-off-by: Peter Crosthwaite <peter.crosthwaite@xilinx.com> Signed-off-by: Edgar E. Iglesias <edgar.iglesias@gmail.com>
2013-06-18intc/xilinx_intc: Handle level interrupt retriggeringPeter Crosthwaite
Acking a level sensitive interrupt should have no effect if the interrupt pin is still asserted. The current implementation requires and edge condition to occur for setting a level sensitive IRQ, which means an ACK can clear a level sensitive interrupt, until the original source strobes the interrupt again. Fix by keeping track of the interrupt pin state and setting ISR based on this every time update_irq() is called. Signed-off-by: Peter Crosthwaite <peter.crosthwaite@xilinx.com> Signed-off-by: Edgar E. Iglesias <edgar.iglesias@gmail.com>
2013-06-18intc/xilinx_intc: Don't clear level sens. IRQs without ACKPeter Crosthwaite
For level sensitive interrupts, ISR bits are cleared when the input pin is lowered. This is incorrect. Only software can clear ISR bits (via IAR or direct write to ISR with !MER(2)). Signed-off-by: Peter Crosthwaite <peter.crosthwaite@xilinx.com> Signed-off-by: Edgar E. Iglesias <edgar.iglesias@gmail.com>
2013-06-18microblaze/petalogix_s3adsp1800_mmu: Fix UART IRQPeter Crosthwaite
The UART IRQ is edge sensitive, whereas the machine was registering it as level sensitive. Fix. Signed-off-by: Peter Crosthwaite <peter.crosthwaite@xilinx.com> Signed-off-by: Edgar E. Iglesias <edgar.iglesias@gmail.com>
2013-06-17NVMe: Initial commit for new storage interfaceKeith Busch
Initial commit for emulated Non-Volatile-Memory Express (NVMe) pci storage device. NVMe is an open, industry driven storage specification defining an optimized register and command set designed to deliver the full capabilities of non-volatile memory on PCIe SSDs. Further information may be found on the organizations website at: http://www.nvmexpress.org/ This commit implements the minimum from the specification to work with existing drivers. Cc: Keith Busch <keith.busch@gmail.com> Signed-off-by: Keith Busch <keith.busch@intel.com> Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com> Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2013-06-17Merge remote-tracking branch 'pmaydell/configury.next' into stagingAnthony Liguori
# By Paolo Bonzini (4) and others # Via Peter Maydell * pmaydell/configury.next: ppc: Remove CONFIG_FDT conditionals microblaze: Remove CONFIG_FDT conditionals arm: Remove CONFIG_FDT conditionals configure: Require libfdt for arm, ppc, microblaze softmmu targets configure: dtc: Probe for libfdt_env.h build: drop TARGET_TYPE main: use TARGET_ARCH only for the target-specific #define build: do not use TARGET_ARCH build: rename TARGET_ARCH2 to TARGET_NAME Add a stp file for usage from build directory Message-id: 1371221594-11556-1-git-send-email-peter.maydell@linaro.org Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2013-06-17char/serial: fix copy&paste error (fifo8_is_full vs empty)Vladimir Senkov
Copy&paste error in serial.c causes a crash when attempting to read from UART (if there is no data to be read) Signed-off-by: Vladimir Senkov <hangup@gmail.com> Reviewed-by: Peter Crosthwaite <peter.crosthwaite@xilinx.com> Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
2013-06-15Merge branch 'realize-isa.v2' of git://github.com/afaerber/qemu-cpuBlue Swirl
* 'realize-isa.v2' of git://github.com/afaerber/qemu-cpu: qdev: Drop FROM_QBUS() macro isa: QOM'ify ISADevice isa: QOM'ify ISABus i8259: Convert PICCommonState to use QOM realizefn kvm/i8259: QOM'ify some more i8259: QOM'ify some more i8254: Convert PITCommonState to QOM realizefn kvm/i8254: QOM'ify some more i8254: QOM'ify some more isa: Use realizefn for ISADevice cs4231a: QOM'ify some more gus: QOM'ify some more
2013-06-14ppc: Remove CONFIG_FDT conditionalsPeter Maydell
Now that we know we're compiling with libfdt we can remove the CONFIG_FDT conditionals. Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Reviewed-by: Edgar E. Iglesias <edgar.iglesias@gmail.com> Reviewed-by: Peter Crosthwaite <peter.crosthwaite@xilinx.com> Tested-by: Edgar E. Iglesias <edgar.iglesias@gmail.com> Message-id: 1369409217-7553-5-git-send-email-peter.maydell@linaro.org
2013-06-14microblaze: Remove CONFIG_FDT conditionalsPeter Maydell
Now that we know we're compiling with libfdt we can remove the CONFIG_FDT conditionals. Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Reviewed-by: Edgar E. Iglesias <edgar.iglesias@gmail.com> Reviewed-by: Peter Crosthwaite <peter.crosthwaite@xilinx.com> Tested-by: Edgar E. Iglesias <edgar.iglesias@gmail.com> Message-id: 1369409217-7553-4-git-send-email-peter.maydell@linaro.org
2013-06-14arm: Remove CONFIG_FDT conditionalsPeter Maydell
Now that we know we're compiling with libfdt, we can remove the CONFIG_FDT conditionals. Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Reviewed-by: Edgar E. Iglesias <edgar.iglesias@gmail.com> Reviewed-by: Peter Crosthwaite <peter.crosthwaite@xilinx.com> Tested-by: Edgar E. Iglesias <edgar.iglesias@gmail.com> Message-id: 1369409217-7553-3-git-send-email-peter.maydell@linaro.org
2013-06-14audio/intel-hda: QOM casting sweepPeter Crosthwaite
Define and use standard QOM cast macro. Remove usages of DO_UPCAST and direct -> style casting. Signed-off-by: Peter Crosthwaite <peter.crosthwaite@xilinx.com> Reviewed-by: Andreas Färber <afaerber@suse.de> Reviewed-by: Gerd Hoffmann <kraxel@redhat.com> Message-id: 96f00396338321f5a76c9b86c629b69895e4d2d0.1370496582.git.peter.crosthwaite@xilinx.com Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2013-06-14audio/intel-hda: Fix Inheritance hierachyPeter Crosthwaite
The ich6 and ich9 variants either need to inherit one from the other, or both from a common base class, otherwise its not possible to create a QOM cast macro for use by the shared implementation functions. Went for option B, with a common base class. Signed-off-by: Peter Crosthwaite <peter.crosthwaite@xilinx.com> Reviewed-by: Andreas Färber <afaerber@suse.de> Reviewed-by: Gerd Hoffmann <kraxel@redhat.com> Message-id: 54453b6aa8afa1a76b2ec1932f1d7fd25205d0bc.1370496582.git.peter.crosthwaite@xilinx.com Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2013-06-14smbios: Check R in -smbios type=0, release=R parses okayMarkus Armbruster
Signed-off-by: Markus Armbruster <armbru@redhat.com> Reviewed-by: Laszlo "ever the optimist" Ersek <lersek@redhat.com> Message-id: 1370610036-10577-7-git-send-email-armbru@redhat.com Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2013-06-14smbios: Fix -smbios type=0, release=... for big endian hostsMarkus Armbruster
Classic endianness bug due to careless dirty coding: assuming reading a byte from an int variable gets the least significant byte. Signed-off-by: Markus Armbruster <armbru@redhat.com> Reviewed-by: Laszlo "ever the optimist" Ersek <lersek@redhat.com> Message-id: 1370610036-10577-6-git-send-email-armbru@redhat.com Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2013-06-14smbios: Clean up smbios_add_field() parametersMarkus Armbruster
Having size precede the associated pointer is odd. Swap them, and fix up the types. Signed-off-by: Markus Armbruster <armbru@redhat.com> Reviewed-by: Laszlo "ever the optimist" Ersek <lersek@redhat.com> Message-id: 1370610036-10577-5-git-send-email-armbru@redhat.com Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2013-06-14smbios: Convert to error_report()Markus Armbruster
Improves diagnistics from ad hoc messages like Invalid SMBIOS UUID string to qemu-system-x86_64: -smbios type=1,uuid=gaga: Invalid UUID Signed-off-by: Markus Armbruster <armbru@redhat.com> Reviewed-by: Laszlo "ever the optimist" Ersek <lersek@redhat.com> Message-id: 1370610036-10577-4-git-send-email-armbru@redhat.com Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2013-06-14Merge remote-tracking branch 'mjt/trivial-patches-next' into stagingAnthony Liguori
# By Michael Tokarev (4) and others # Via Michael Tokarev * mjt/trivial-patches-next: (26 commits) piix: fix some printf errors when debug is enabled cputlb: fix debug logs create qemu_openpty_raw() helper function and move it to a separate file main-loop: do not include slirp/slirp.h, use libslirp.h instead libcacard/vscclient: fix leakage of socket on error paths linux-headers: Update to v3.10-rc5 KVM: PPC: Add dummy kvm_arch_init_irq_routing() KVM: S390: Add dummy kvm_arch_init_irq_routing() KVM: ARM: Add dummy kvm_arch_init_irq_routing() ivshmem: add missing error exit(2) hw/xen: Use g_free instead of free and fix potential memory leaks target-sparc: Replace free by g_free hw/scsi: Don't increment a boolean value device tree: Fix cppcheck warning Makefile: Install qemu-img and qemu-nbd man pages only if built Unbreak -no-quit for GTK, validate SDL options gtk: implement -full-screen char/serial: serial_ioport_write: Factor out common code char/serial: Use generic Fifo8 char/serial: cosmetic fixes. ... Message-id: 1371207042-17980-1-git-send-email-mjt@msgid.tls.msk.ru Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2013-06-14piix: fix some printf errors when debug is enabledHu Tao
And use PRIxxx macros if possible. Signed-off-by: Hu Tao <hutao@cn.fujitsu.com> Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
2013-06-13spapr_rtas: Abstract rtas_start_cpu() with qemu_get_cpu()Andreas Färber
Instead of looping over all CPUArchState, use a helper to obtain the desired CPUState. Free the "cpu" variable for PowerPCCPU, to access its CPUPPCState. Signed-off-by: Andreas Färber <afaerber@suse.de>
2013-06-12spapr_rtas: Abstract rtas_query_cpu_stopped_state() with qemu_get_cpu()Andreas Färber
Instead of looping over all CPUArchState, use a helper to obtain the desired CPUState directly. Saves a CPUPPCState variable and QOM cast. Signed-off-by: Andreas Färber <afaerber@suse.de>
2013-06-12ivshmem: add missing error exit(2)Stefan Hajnoczi
If the user fails to specify 'chardev' or 'shm' then we cannot continue. Exit right away so that we don't invoke shm_open(3) with a NULL pointer. It would be nice to replace exit(1) with error returns in the PCI device .init() function, but leave that for another patch since exit(1) is currently used elsewhere. Spotted by Coverity. Cc: Cam Macdonell <cam@cs.ualberta.ca> Cc: qemu-stable@nongnu.org Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com> Reviewed-by: Eric Blake <eblake@redhat.com> Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
2013-06-11hw/xen: Use g_free instead of free and fix potential memory leaksStefan Weil
The wrong functions and the missing calls of g_free were reported by cppcheck. Signed-off-by: Stefan Weil <sw@weilnetz.de> Acked-by: Stefano Stabellini <stefano.stabellini@eu.citrix.com> Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
2013-06-11hw/scsi: Don't increment a boolean valueStefan Weil
This fixes a warning from cppcheck. Signed-off-by: Stefan Weil <sw@weilnetz.de> Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
2013-06-11char/serial: serial_ioport_write: Factor out common codePeter Crosthwaite
These three lines are common to both FIFO and regular mode. Just factor them out to outside the if rather than replicate the same lines inside both if and else. Cc: qemu-trivial@nongnu.org Signed-off-by: Peter Crosthwaite <peter.crosthwaite@xilinx.com> Reviewed-by: Andreas Färber <afaerber@suse.de> Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
2013-06-11char/serial: Use generic Fifo8Peter Crosthwaite
Use the generic Fifo8 helper provided by QEMU, rather than re-implement privately. Signed-off-by: Peter Crosthwaite <peter.crosthwaite@xilinx.com> Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
2013-06-11char/serial: cosmetic fixes.Peter Crosthwaite
Some cosmetic fixes to char/serial fixing some checkpatch errors. Cc: qemu-trivial@nongnu.org Signed-off-by: Peter Crosthwaite <peter.crosthwaite@xilinx.com> Reviewed-by: Andreas Färber <afaerber@suse.de> Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
2013-06-11intc/xilinx_intc: Use qemu_set_irqPeter Crosthwaite
Use qemu_set_irq rather than if-elsing qemu_irq_(lower|raise). No functional change, just reduces verbosity. Cc: qemu-trivial@nongnu.org Signed-off-by: Peter Crosthwaite <peter.crosthwaite@xilinx.com> Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
2013-06-10target-i386: Update model values on Conroe/Penryn/Nehalem CPU modelsEduardo Habkost
The CPUID model values on Conroe, Penryn, and Nehalem are too conservative and don't reflect the values found on real Conroe, Penryn, and Nehalem CPUs. This causes at least one known problems: Windows XP disables sysenter when (family == 6 && model <= 2), but Skype tries to use the sysenter instruction anyway because it is reported as available on CPUID, making it crash. This patch sets appropriate model values that correspond to real Conroe, Penryn, and Nehalem CPUs. Signed-off-by: Eduardo Habkost <ehabkost@redhat.com> Reviewed-by: Igor Mammedov <imammedo@redhat.com> Signed-off-by: Andreas Färber <afaerber@suse.de>
2013-06-10pc: Create pc-*-1.6 machine-typesEduardo Habkost
Some CPU model fixes are going to be included and they will require compatibility properties in the pc-*-1.5 machine-types. Signed-off-by: Eduardo Habkost <ehabkost@redhat.com> Reviewed-by: Igor Mammedov <imammedo@redhat.com> Signed-off-by: Andreas Färber <afaerber@suse.de>
2013-06-10pc: Fix crash when attempting to hotplug CPU with negative IDIgor Mammedov
QMP command "{ 'execute': 'cpu-add', 'arguments': { 'id': -1 }}" may cause QEMU SIGSEGV at: piix4_cpu_hotplug_req () ... g->sts[cpu_id / 8] |= (1 << (cpu_id % 8)); ... Since for PC in current implementation id should be in range [0...maxcpus) and maxcpus is already checked, add check for lower bound and error out on incorrect value. Signed-off-by: Igor Mammedov <imammedo@redhat.com> Signed-off-by: Andreas Färber <afaerber@suse.de>
2013-06-10Merge remote-tracking branch 'stefanha/net' into stagingAnthony Liguori
# By Jason Wang (1) and Stefan Hajnoczi (1) # Via Stefan Hajnoczi * stefanha/net: tap: fix NULL dereference when passing invalid parameters to tap vmxnet3: fix NICState cleanup Message-id: 1370613288-14933-1-git-send-email-stefanha@redhat.com Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2013-06-10xilinx_axidma: Do not set DMA .notify to NULL after notifyWendy Liang
If a stream notify function is not ready, it may re-populate the notify call- back to indicate it should be re-polled later. This break in this usage, as immediately following the notify() call, .notify is set to NULL. reverse the ordering of the notify call and NULL assignment accordingly. [PC: Reworked commit message] Signed-off-by: Wendy Liang <jliang@xilinx.com> Signed-off-by: Peter Crosthwaite <peter.crosthwaite@xilinx.com> Signed-off-by: Edgar E. Iglesias <edgar.iglesias@gmail.com>
2013-06-10xilinx_axienet: Fix bit mask codeStefan Weil
Obviously the code wanted to mask the lower bits but failed to do so because of a missing "<". cppcheck detected a conditional expression which was always true (1 < 7). Signed-off-by: Stefan Weil <sw@weilnetz.de> Signed-off-by: Edgar E. Iglesias <edgar.iglesias@gmail.com>
2013-06-07Merge remote-tracking branch 'stefanha/block' into stagingAnthony Liguori
# By Kevin Wolf (19) and others # Via Stefan Hajnoczi * stefanha/block: (26 commits) hmp: add parameters device and -v for info block hmp: show ImageInfo in 'info block' qmp: add ImageInfo in BlockDeviceInfo used by query-block block: add image info query function bdrv_query_image_info() block: add snapshot info query function bdrv_query_snapshot_info_list() ide-test: Add FLUSH CACHE test case ide: Set BSY bit during FLUSH ide-test: Add enum value for DEV blkdebug: Add BLKDBG_FLUSH_TO_OS/DISK events Make qemu-io commands available in HMP qemu-io: Use the qemu version for -V qemu-io: Interface cleanup qemu-io: Move remaining helpers from cmd.c qemu-io: Move command_loop() and friends qemu-io: Move functions for registering and running commands qemu-io: Move qemu_strsep() to cutils.c qemu-io: Move 'quit' function qemu-io: Move 'help' function qemu-io: Factor out qemuio_command qemu-io: Split off commands to qemu-io-cmds.c ... Message-id: 1370606325-10680-1-git-send-email-stefanha@redhat.com Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2013-06-07qdev: Drop FROM_QBUS() macroAndreas Färber
Use QOM cast macros I2C_BUS(), SSI_BUS(), PCI_BUS() instead. Signed-off-by: Andreas Färber <afaerber@suse.de>
2013-06-07isa: QOM'ify ISADeviceAndreas Färber
Rename its parent field and use DEVICE() where necessary. Signed-off-by: Andreas Färber <afaerber@suse.de>
2013-06-07isa: QOM'ify ISABusAndreas Färber
Rename its parent field and use ISA_BUS() where necessary. Signed-off-by: Andreas Färber <afaerber@suse.de>
2013-06-07i8259: Convert PICCommonState to use QOM realizefnAndreas Färber
Instead of having the parent provide PICCommonClass::init, let the children override DeviceClass::realize themselves. This pushes the responsibility of saving and calling the parent's realizefn to the children. Signed-off-by: Andreas Färber <afaerber@suse.de>
2013-06-07kvm/i8259: QOM'ify some moreAndreas Färber
Introduce type constant. Prepares for PIC realizefn. Signed-off-by: Andreas Färber <afaerber@suse.de>
2013-06-07i8259: QOM'ify some moreAndreas Färber
Introduce type constant. Prepares for PIC realizefn. Signed-off-by: Andreas Färber <afaerber@suse.de>
2013-06-07i8254: Convert PITCommonState to QOM realizefnAndreas Färber
Instead of having the parent provide PITCommonClass::init, let the children override DeviceClass::realize themselves. This pushes the responsibility for saving and calling the parent's realizefn to the children. Signed-off-by: Andreas Färber <afaerber@suse.de>
2013-06-07kvm/i8254: QOM'ify some moreAndreas Färber
Introduce type constant and cast macro to obsolete DO_UPCAST(). Prepares for PIT realizefn. Signed-off-by: Andreas Färber <afaerber@suse.de>
2013-06-07i8254: QOM'ify some moreAndreas Färber
Introduce type constant and avoid DO_UPCAST(). Prepares for PIT realizefn. Signed-off-by: Andreas Färber <afaerber@suse.de>
2013-06-07isa: Use realizefn for ISADeviceAndreas Färber
Drop ISADeviceClass::init and the resulting no-op initfn and let children implement their own realizefn. Adapt error handling. Split off an instance_init where sensible. Signed-off-by: Andreas Färber <afaerber@suse.de>
2013-06-06cs4231a: QOM'ify some moreAndreas Färber
Introduce type constant and cast macro. Replace reset hook with DeviceClass::reset callback. Signed-off-by: Andreas Färber <afaerber@suse.de>