Git Repo - qemu.git/log

prepare for future GPLv2+ relicensing

All files under GPLv2 will get GPLv2+ changes starting tomorrow.
event_notifier.c and exec-obsolete.h were only ever touched by Red Hat
employees and can be relicensed now.

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>

virtio-console: no need to remove char handlers explicitly

qdev is now equipped (thanks to the last commit) to disassociate
chardevs from the qdev devices on the devices going away. So doing it
in the virtio-console driver is not necessary.

Since that was the only thing being done in the qdev exit method, drop
it entirely.

Signed-off-by: Amit Shah <amit.shah@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>

qdev: Add a 'free' method to disassociate chardev from qdev device

When a device is removed, remove the association with a chardev, if any,
so that the chardev can be re-used later for other devices.

Reported-by: Qunfang Zhang <qzhang@redhat.com>
Fix-suggested-by: Markus Armbruster <armbru@redhat.com>
Signed-off-by: Amit Shah <amit.shah@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>

vectorize is_dup_page

is_dup_page is already proceeding in 32-bit chunks. Changing it
to 16 bytes using Altivec or SSE is easy.

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>

virtio-blk: refuse SG_IO requests with scsi=off

QEMU does have a "scsi" option (to be used like -device
virtio-blk-pci,drive=foo,scsi=off). However, it only
masks the feature bit, and does not reject the command
if a malicious guest disregards the feature bits and
issues a request.

Without this patch, using scsi=off does not protect you
from CVE-2011-4127.

Reviewed-by: Stefan Hajnoczi <stefanha@linux.vnet.ibm.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>

vmstate: extract declarations out of hw/hw.h

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>

ptimer: move declarations to ptimer.h

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>

rtc: clear non-PF bits when reinjecting on ack

When an rtc interrupt is reinjected immediately after being acked,
other interrupts should not be reinjected, so do clear their bits.

Also, if the periodic interrupts have been disabled before acking,
do not reinject, as the guest might get very confused!

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>

rtc: raise PF bit when the periodic timer triggers but PIE=0

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>

rtc: raise AF bit when the alarm is encountered but AIE=0

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>

rtc: fix 12-hour mode

Hours in 12-hour mode are in the 1-12 range, not 0-11.

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>

qdev: fix device_del by refactoring reference counting

Commit 8eb0283 broken device_del by having too overzealous reference counting
checks. Move the reference count checks to qdev_free(), make sure to remove
the parent link on free, and decrement the reference count on property removal.

Reported-by: Markus Armbruster <armbru@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>

Merge remote-tracking branch 'stefanha/trivial-patches' into HEAD

* stefanha/trivial-patches:
  bt-host: add missing break statement
  virtfs-proxy-helper: Add missing printf format attribute
  virtfs-proxy-helper: Clean include files
  virtfs-proxy-helper: Fix compilation on newer systems
  hmp: Fix freeing of PciInfoList
  Add 'fall through' comments to case statements without break
  omap_dss: correct chip[1] index in RFBI_READ/RFBI_STATUS
  vnc: fix no-lock-key-sync strncmp() length
  vvfat: avoid leaking file descriptor in commit_one_file()
  Spelling fixes in comments and documentation
  tcg-arm: fix a typo in comments
  configure: Modify detection of supported warning options

target-i386: fix compilation with --enable-debug-tcg

Commit 2355c16e74ffa4d14e7fc2b4a23b055565ac0221 introduced a new ldmxcsr
helper taking an i32 argument, but the helper is actually passed a long.
Fix that by truncating the long to i32.

Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>

bt-host: add missing break statement

The switch statement in bt_host_read() is missing a break in one case.
Andrzej Zaborowski <andrew.zaborowski@intel.com> confirmed that this is
not an intentional fall-through.

Reviewed-by: Stefan Weil <sw@weilnetz.de>
Signed-off-by: Stefan Hajnoczi <stefanha@linux.vnet.ibm.com>

virtfs-proxy-helper: Add missing printf format attribute

Every function with printf like arguments must have it
(see file HACKING), so add it.

Signed-off-by: Stefan Weil <sw@weilnetz.de>
Signed-off-by: Stefan Hajnoczi <stefanha@linux.vnet.ibm.com>

virtfs-proxy-helper: Clean include files

The common standard include files are already included via qemu-common.h,
and for the socket related include files there is qemu_socket.h, so the
code can be reduced by some lines.

Signed-off-by: Stefan Weil <sw@weilnetz.de>
Signed-off-by: Stefan Hajnoczi <stefanha@linux.vnet.ibm.com>

virtfs-proxy-helper: Fix compilation on newer systems

Include file attr/xattr.h is not available on "newer" systems
(for example Fedora 12 or Debian Squeeze).

See comments in qemu-xattr.h for more information.
This file handles the system dependencies automatically.

Signed-off-by: Stefan Weil <sw@weilnetz.de>
Signed-off-by: Stefan Hajnoczi <stefanha@linux.vnet.ibm.com>

hmp: Fix freeing of PciInfoList

Remember the original PciInfoList in info_list and use
the info variable to traverse the list.

Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
Signed-off-by: Stefan Hajnoczi <stefanha@linux.vnet.ibm.com>

Add 'fall through' comments to case statements without break

These comments are used by static code analysis tools and in code reviews
to avoid false warnings because of missing break statements.

The case statements handled here were reported by coverity.

Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Stefan Weil <sw@weilnetz.de>
Signed-off-by: Stefan Hajnoczi <stefanha@linux.vnet.ibm.com>

omap_dss: correct chip[1] index in RFBI_READ/RFBI_STATUS

The RFBI_READ/RFBI_STATUS code incorrectly uses chip[0] when it should
be using chip[1]. Andrzej Zaborowski <balrog@zabor.org> confirmed this
bug since I don't know this code well.

Reported-by: Dr David Alan Gilbert <davidagilbert@uk.ibm.com>
Reviewed-by: Andrzej Zaborowski <andrew.zaborowski@intel.com>
Signed-off-by: Stefan Hajnoczi <stefanha@linux.vnet.ibm.com>

vnc: fix no-lock-key-sync strncmp() length

The no-lock-key-sync option is being parsed incorrectly because of an
outdated strcmp() length value. Use the correct length so that invalid
option names do not match.

Reported-by: Dr David Alan Gilbert <davidagilbert@uk.ibm.com>
Signed-off-by: Stefan Hajnoczi <stefanha@linux.vnet.ibm.com>

vvfat: avoid leaking file descriptor in commit_one_file()

Reported-by: Dr David Alan Gilbert <davidagilbert@uk.ibm.com>
Signed-off-by: Stefan Hajnoczi <stefanha@linux.vnet.ibm.com>

Spelling fixes in comments and documentation

Codespell detected these new spelling issues.

Signed-off-by: Stefan Weil <sw@weilnetz.de>
Signed-off-by: Stefan Hajnoczi <stefanha@linux.vnet.ibm.com>

tcg-arm: fix a typo in comments

ARM still doesn't support 16GB buffers in 32-bit modes, replace the
16GB by 16MB in the comment.

Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
Signed-off-by: Stefan Hajnoczi <stefanha@linux.vnet.ibm.com>

configure: Modify detection of supported warning options

Reversing the order of the warning options and -Werror is important
when clang is used instead of gcc. It changes nothing for gcc.

Signed-off-by: Stefan Weil <sw@weilnetz.de>
Signed-off-by: Stefan Hajnoczi <stefanha@linux.vnet.ibm.com>

cris: Update paths to match the move of tests/cris

Signed-off-by: Edgar E. Iglesias <edgar.iglesias@gmail.com>

check-qstring: remove check.h include

Reported-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>

MAINTAINERS: update tracing repo git URL

I have moved git hosting services.

Signed-off-by: Stefan Hajnoczi <stefanha@linux.vnet.ibm.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>

Support for UDP unicast network backend

Signed-off-by: Benjamin MARSILI <mlspirat42@gmail.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>

cleanup, save a syscall

Signed-off-by: Lai Jiangshan <laijs@cn.fujitsu.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>

cleanup, Remove duplicated code

These two blocks of code are exactly the same, remove one.

Signed-off-by: Lai Jiangshan <laijs@cn.fujitsu.com>
Signed-off-by: Lai Jiangshan <laijs@cn.fujitsu.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>

test: eliminate libcheck tests and have make check use gtester

Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>

check-qjson: enable disabled tests

gtest does the right thing here so there's no need to comment these tests out.

Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>

check-qjson: convert to gtest

Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>

check-qlist: convert to gtest

Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>

check-qstring: convert to gtest

Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>

check-qint: convert to gtest

Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>

check-qfloat: convert to gtest

Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>

check-qdict: convert to gtest

Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>

build: split unit test builds to a separate makefile fragment

Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>

tests: mv tests/* -> tests/tcg

Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>

vga: optimize ppm_save() divisions

ppm_save() spends upwards of 50% of its time doing divisions. Replace them
with shifts.

Reviewed-by: Alon Levy <alevy@redhat.com>
Signed-off-by: Avi Kivity <avi@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>

Fix qapi code generation fix

The fixes to qapi code generation had multiple bugs:
- the Null class used to drop output was missing some methods
- in some scripts it was never instantiated, leading to a None return,
which is missing even more methods
- the --source and --header options were swapped

Luckily, all those bugs were hidden by a makefile bug which caused the
old behaviour (with the race) to be invoked.

Signed-off-by: Avi Kivity <avi@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>

etraxfs-dma: Model metadata and eop

- Send EOP flags to the out channels.
- Send data descriptor metadata to the out channels.

Signed-off-by: Lars Persson <larper@axis.com>
Signed-off-by: Edgar E. Iglesias <edgar.iglesias@gmail.com>

microblaze: Break the tb at memory barriers

Signed-off-by: Edgar E. Iglesias <edgar.iglesias@gmail.com>

microblaze: Emulate the hw stackprotector

Signed-off-by: Edgar E. Iglesias <edgar.iglesias@gmail.com>

microblaze: Add support for the clz insn

Signed-off-by: Edgar E. Iglesias <edgar.iglesias@gmail.com>

target-i386: fix SSE rounding and flush to zero

SSE rounding and flush to zero control has never been implemented. However
given that softfloat-native was using a single state for FPU and SSE and
given that glibc is setting both FPU and SSE state in fesetround(), this
was working correctly up to the switch to softfloat.

Fix that by adding an update_sse_status() function similar to
update_fpu_status(), and callin git on write to mxcsr.

Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>

target-i386: fix dpps and dppd SSE2 instructions

The helpers implemented dpps and dppd SSE instructions are not passing
the correct argument types to the softfloat functions. While they do
work anyway providing a correct behaviour, this patch fixes that.

Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>

target-i386: fix round{pd,ps,sd,ss} SSE2 instructions

roundps and roundss SSE2 instructions have been broken when switching
target-i386 to softfloat. They use float64_round_to_int to convert a
float32, and while the implicit conversion from float32 to float64 was
correct for softfloat-native, it is not for pure softfloat. Fix that by
using the correct registers and correct functions.

Also fix roundpd and roundsd implementation at the same time, even if
these functions are behaving correctly.

Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>

target-i386: fix {min,max}{pd,ps,sd,ss} SSE2 instructions

minpd, minps, minsd, minss and maxpd, maxps, maxsd, maxss SSE2
instructions have been broken when switching target-i386 to softfloat.
It's not possible to use comparison instructions on float types anymore
to softfloat, so use the floatXX_lt function instead, as the
float_XX_min and float_XX_max functions can't be used due to the Intel
specific behaviour.

As it implements the correct NaNs behaviour, let's remove the
corresponding entry from the TODO.

It fixes GDM screen display on Debian Lenny.

Thanks to Peter Maydell and Jason Wessel for their analysis of the
problem.

Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>

wm8750: Fix calculation of number of array elements

Coverity says that the division by sizeof(*s->rate) might be wrong.
I think that coverity is right.

Signed-off-by: Stefan Weil <sw@weilnetz.de>
Signed-off-by: Andrzej Zaborowski <andrew.zaborowski@intel.com>

elf: Improve symbol lookup (optimize, fix for bsd-user)

Coverity complained about local variable key which was only partially
initiated. Only key.st_value was set. As this was also the only part
of key which was used in function symfind, the code could be optimized
by directly passing a pointer to orig_addr.

In bsd-user/elfload.c, fix ec822001a2f26eef8701194714f6482b6d852de2
was missing. This was a simple replacement of > by >= in symfind, so
I fixed it here without creating an additional patch.

Signed-off-by: Stefan Weil <sw@weilnetz.de>
Signed-off-by: Andrzej Zaborowski <andrew.zaborowski@intel.com>

hw/integratorcp: Simplify flash remap code

Use the new memory mutator API to simplify the flash remap code;
this allows us to drop the flash_mapped flag.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Andreas Färber <afaerber@suse.de>
Signed-off-by: Andrzej Zaborowski <andrew.zaborowski@intel.com>

hw/integratorcp: Fix sense of REMAP bit

Fix the sense of the REMAP bit: 0 should mean "map flash",
1 should mean "map RAM".

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Andrzej Zaborowski <andrew.zaborowski@intel.com>

Merge branch 's390-next' of git://repo.or.cz/qemu/agraf

* 's390-next' of git://repo.or.cz/qemu/agraf:
  s390: fix cpu hotplug / cpu activity on interrupts
  s390x: add TR function for EXECUTE
  Expose drive_add on all architectures
  Add generic drive hotplugging
  Compile device-hotplug on all targets
  [S390] Add hotplug support

PPC: Fix linker scripts on ppc hosts

When compiling qemu statically with multilib on PPC, we hit the
same issue that commit 845f2c2812d9ed24b36c02a3d06ee83aeafe8b49
is fixing. Do the same here.

Signed-off-by: Alexander Graf <agraf@suse.de>
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>

target-sh4: ignore ocbp and ocbwb instructions

ocbp and ocbwb controls the writeback of a cache line to memory. They
are supposed to do nothing in case of a cache miss. Given QEMU only
partially emulate caches, it is safe to ignore these instructions.

This fixes a kernel oops when trying to access an rtl8139 NIC with
recent versions.

Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>

tcg/arm: Use r6 as TCG_AREG0 to avoid clash with Thumb framepointer

On ARM, in Thumb mode r7 is used for the framepointer; this meant
that we would fail to compile in debug mode because we were using r7
for TCG_AREG0. Shift to r6 instead to avoid this clash.
(Bug reported as LP:870990.)

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Andrzej Zaborowski <andrew.zaborowski@intel.com>

cris-dis: Clean memory allocation

The old code used sizeof(const struct cris_opcode **) where it should
have used sizeof(const struct cris_opcode *). As both sizes give the
same value, the resulting binary was ok, but static code analyzers
like coverity and clang complained.

This is fixed here, and the code is also simplified by using g_new0.

Signed-off-by: Stefan Weil <sw@weilnetz.de>
Signed-off-by: Edgar E. Iglesias <edgar.iglesias@gmail.com>

Merge remote-tracking branch 'qemu-kvm/fix-vhost-after-memory-listener' into staging

* qemu-kvm/fix-vhost-after-memory-listener:
  vhost: improve region filtering
  vhost: fix mem_sections memory corruption
  vhost: fix incorrect userspace address

vhost: improve region filtering

vhost memory management doesn't care about non-memory (e.g. PIO) or non-RAM
regions. Adjust the filtering to reflect that, and move it earlier so it
applies to mem_sections too.

Signed-off-by: Avi Kivity <avi@redhat.com>
Acked-by: Michael S. Tsirkin <mst@redhat.com>

vhost: fix mem_sections memory corruption

A memset() used to delete an entry in an array did not take into account
the array element's size.

Signed-off-by: Avi Kivity <avi@redhat.com>
Acked-by: Michael S. Tsirkin <mst@redhat.com>

vhost: fix incorrect userspace address

MemoryListener::region_add() gives us a slice of a MemoryRegion, not a
region. Adjust the userspace address to reflect that.

Signed-off-by: Avi Kivity <avi@redhat.com>
Acked-by: Michael S. Tsirkin <mst@redhat.com>

Fix vmstate_register_ram() for rom/device regions

rom/device regions have a ram_addr that is composed of both an I/O handler
(low bits) and RAM region (high bits); but qemu_ram_set_idstr() expects just
a RAM region. Mask the I/O handler to make it happy.

Tested-by: Stefan Weil <sw@weilnetz.de>
Signed-off-by: Avi Kivity <avi@redhat.com>

memory: Fix adjust_endianness()

Commit a621f38de85598a13d8d8524d1a94fc6a1818215 (Direct dispatch
through MemoryRegion) moved byte swaps to a central function.

Add a missing break, so that long-sized byte swaps don't abort.

Signed-off-by: Andreas Färber <afaerber@suse.de>
Reviewed-by: Aurelien Jarno <aurelien@aurel32.net>
Signed-off-by: Avi Kivity <avi@redhat.com>

memory: Fix memory_region_wrong_endianness()

Since commit be675c972088eba210e18dc125613e9f205a6bfb (memory: move
endianness compensation to memory core) it was checking for
TARGET_BIG_ENDIAN instead of TARGET_WORDS_BIGENDIAN, thereby not
swapping correctly for Big Endian targets.

Signed-off-by: Andreas Färber <afaerber@suse.de>
Reviewed-by: Aurelien Jarno <aurelien@aurel32.net>
Signed-off-by: Avi Kivity <avi@redhat.com>

kvm: fix build error in ppc kvm due to memory_region_init_ram_ptr() change

Commit c5705a772 ("vmstate, memory: decouple vmstate from memory API") changed
the signature of memory_region_init_ram_ptr() but did not update a caller in
the ppc kvm module. Fix.

Signed-off-by: Avi Kivity <avi@redhat.com>

Merge branch 'target-arm.for-upstream' of git://git.linaro.org/people/pmaydell/qemu-arm

* 'target-arm.for-upstream' of git://git.linaro.org/people/pmaydell/qemu-arm:
  arm: add dummy A9-specific cp15 registers
  target-arm: Ignore attempts to set invalid modes in CPSR
  target-arm: Don't use cpu_single_env in bank_number()

Merge branch 'ppc-next' of git://repo.or.cz/qemu/agraf

* 'ppc-next' of git://repo.or.cz/qemu/agraf:
  PPC: Add description for the Freescale e500mc core.
  pseries: Check for duplicate addresses on the spapr-vio bus
  pseries: Populate "/chosen/linux,stdout-path" in the FDT
  pseries: Add a routine to find a stable "default" vty and use it
  pseries: Emit device tree nodes in reg order
  pseries: FDT NUMA extensions to support multi-node guests
  pseries: Remove hcalls callback
  kvm-ppc: halt secondary cpus when guest reset
  console: Fix segfault on screendump without VGA adapter
  PPC: monitor: add ability to dump SLB entries

sm501: Fix size of color_reg

color_reg is expected to hold 32 bit values, so it was too small.

This bug was reported by coverity:

hw/sm501.c:624:
result_independent_of_operands:
color_reg >> 16 is 0 regardless of the values of its operands.
This occurs as the bitwise first operand of '&'.

Cc: Shin-ichiro Kawasaki <kawasaki@juno.dti.ne.jp>
Signed-off-by: Stefan Weil <sw@weilnetz.de>
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>

target-sh4: Fix operands for fipr, ftrv instructions

Coverity complained about right shifts of opcode (16, 18) which were
larger than the size of opcode (16 bit).

Using the correct shift values fixes this.

Cc: Aurelien Jarno <aurelien@aurel32.net>
Signed-off-by: Stefan Weil <sw@weilnetz.de>
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>

malta: Fix regression (i8259 interrupts did not work)

Commit 5632ae46d5bda798e971dae48ebb318ac2c3686a passes the address
of i8259 to qemu_irq_proxy. i8259 is an auto variable with undefined
value outside of mips_malta_init.

This made the interrupt proxy unusable: either QEMU crashes, or
the interrupt handler was not called.

Ethernet for example no longer worked with MIPS Malta.

v2:
While v1 used a static variable for i8259, this patch introduces
a qdev for the malta machine. i8259 is now part of the device status.
This is a minimal qdev implementation to keep the patch small.

Signed-off-by: Stefan Weil <sw@weilnetz.de>
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>

Merge remote-tracking branch 'stefanha/trivial-patches' into staging

* stefanha/trivial-patches:
  qemu-nbd: drop loop which can never loop
  Make python mandatory
  net/socket.c: Fix fd leak in net_socket_listen_init() error paths
  gdbstub: Fix fd leak in gdbserver_open() error path
  configure: Fix test for supported host CPU type
  configure: CONFIG_QEMU_INTERP_PREFIX only for user mode
  scsi virtio-blk usb-msd: Clean up device init error messages
  Strip trailing '\n' from error_report()'s first argument (again)
  qemu-options.hx: fix tls-channel help text

virtio-9p-proxy: Fix typo causing compile failure on 32 bit hosts

Fix a compile failure on 32 bit hosts (integer constant is too large
for 'unsigned long' type) by correcting a typo where the mask used
for filling in the second f_fsid word had too many 'F's in it.
Also drop the 'L' suffix that allowed this typo to go undetected on
64 bit hosts.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>

qemu-nbd: drop loop which can never loop

For some reason nbd_client_thread() has a do..while loop which can never
loop, the condition is bogus because we would take a goto instead. Drop
the loop.

Reported-by: Dr David Alan Gilbert <davidagilbert@uk.ibm.com>
Reviewed-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Stefan Hajnoczi <stefanha@linux.vnet.ibm.com>

Make python mandatory

The QEMU build depends on Python so make it an explicit requirement.

Reviewed-by: Stefan Weil <sw@weilnetz.de>
Signed-off-by: Sebastian Herbszt <herbszt@gmx.de>
Signed-off-by: Stefan Hajnoczi <stefanha@linux.vnet.ibm.com>

net/socket.c: Fix fd leak in net_socket_listen_init() error paths

Fix a leak of a file descriptor due to missing closesocket() calls
in error paths in net_socket_listen_init().

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Stefan Hajnoczi <stefanha@linux.vnet.ibm.com>

gdbstub: Fix fd leak in gdbserver_open() error path

Fix a leak of a file descriptor in error exit paths in
gdbserver_open().

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Stefan Hajnoczi <stefanha@linux.vnet.ibm.com>

configure: Fix test for supported host CPU type

The test for whether the host CPU is supported had several problems:
* the attempt to fall back to TCI was done as a duplicate
   test, very late (so "--cpu foo" would fail early but "--cpu unicore32"
   would fail late, differently, and after configure had already
   printed a lot of output)
* a number of CPUs only supported as guests were included in the
   list of CPUs we would accept as valid hosts, which would result
   in a late compile failure on those systems rather than a
   configure failure or fallback to TCI
* bailing out for an unsupported CPU happened before the main
   option parsing, so "configure --help" wouldn't work

Fix these by folding the setting of ARCH into the first test for
supported host CPU, removing spurious guest-only CPU names from it,
and moving the "fall back to TCI" code earlier.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Stefan Hajnoczi <stefanha@linux.vnet.ibm.com>

configure: CONFIG_QEMU_INTERP_PREFIX only for user mode

Signed-off-by: Stefan Weil <sw@weilnetz.de>
Signed-off-by: Stefan Hajnoczi <stefanha@linux.vnet.ibm.com>

scsi virtio-blk usb-msd: Clean up device init error messages

Replace

error_report("DEVICE-NAME: MESSAGE");

by just

error_report("MESSAGE");

in block device init functions.

DEVICE-NAME is bogus in some cases: it's "scsi-disk" for device
scsi-hd and scsi-cd, "virtio-blk-pci" for virtio-blk-s390, and
"usb-msd" for usb-storage.

There is no real need to put a device name in the message, because
error_report() points to the offending command line option already:

$ qemu-system-x86_64 --nodefaults --enable-kvm -vnc :0 -S -monitor stdio -usb -device virtio-blk-pci
upstream-qemu: -device virtio-blk-pci: virtio-blk-pci: drive property not set
upstream-qemu: -device virtio-blk-pci: Device 'virtio-blk-pci' could not be initialized

And for a monitor command, it's obvious anyway:

$ qemu-system-x86_64 --nodefaults --enable-kvm -vnc :0 -S -monitor stdio -usb
(qemu) device_add virtio-blk-pci
virtio-blk-pci: drive property not set
Device 'virtio-blk-pci' could not be initialized

Reported-by: Amit Shah <amit.shah@redhat.com>
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Signed-off-by: Stefan Hajnoczi <stefanha@linux.vnet.ibm.com>

Strip trailing '\n' from error_report()'s first argument (again)

Commit 6daf194d got rid of them, but Hans and Gerd added some more
lately.  Tracked down with this Coccinelle semantic patch:

@r@
    expression fmt;
    position p;
@@
    error_report(fmt, ...)@p
@script:python@
    fmt << r.fmt;
    p << r.p;
@@
if "\\n" in str(fmt):
    print "%s:%s:%s:%s" % (p[0].file, p[0].line, p[0].column, fmt)

Signed-off-by: Markus Armbruster <armbru@redhat.com>

qemu-options.hx: fix tls-channel help text

Remove the default compiled out tunnel channel, add the always available
cursor channel. Optimally the man page would depend on compiled in
options, but that's harder to do.

RHBZ: 688586

Acked-by: Gerd Hoffmann <kraxel@redhat.com>
Signed-off-by: Alon Levy <alevy@redhat.com>
Signed-off-by: Stefan Hajnoczi <stefanha@linux.vnet.ibm.com>

Merge remote-tracking branch 'amit/master' into staging

* amit/master:
virtio-console: Fix failure on unconnected pty

Merge remote-tracking branch 'aneesh/for-upstream' into staging

* aneesh/for-upstream:
  hw/9pfs: Add support to use named socket for proxy FS
  hw/9pfs: man page for proxy helper
  hw/9pfs: Documentation changes related to proxy fs
  hw/9pfs: Proxy getversion
  hw/9pfs: xattr interfaces in proxy filesystem driver
  hw/9pfs: File ownership and others
  hw/9pfs: Add stat/readlink/statfs for proxy FS
  hw/9pfs: Create other filesystem objects
  hw/9pfs: Open and create files
  hw/9pfs: File system helper process for qemu 9p proxy FS
  hw/9pfs: Add new proxy filesystem driver
  hw/9pfs: Add validation to {un}marshal code
  hw/9pfs: Move pdu_marshal/unmarshal code to a seperate file
  hw/9pfs: Move opt validation to FsDriver callback

Merge remote-tracking branch 'sstabellini/xen_mem_fix' into staging

* sstabellini/xen_mem_fix:
xen: Fix after recent change in dirty bitmap tracking.

Merge remote-tracking branch 'kraxel/usb.33' into staging

* kraxel/usb.33:
  usb-ohci: td.cbp incorrectly updated near page end
  usb-host: properly release port on unplug & exit
  usb-storage: cancel I/O on reset
  Fix parse of usb device description with multiple configurations

usb-ohci: td.cbp incorrectly updated near page end

The current code that updates the cbp value after a transfer looks like this:
td.cbp += ret;
if ((td.cbp & 0xfff) + ret > 0xfff) {
<handle page overflow>
because the 'ret' value is effectively added twice the check may fire too early
when the overflow hasn't happened yet.

Below is one of the possible changes that correct the behavior:

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>

usb-host: properly release port on unplug & exit

Factor out port release into a separate function.  Call release function
in exit notifier too.  Add explicit call the USBDEVFS_RELEASE_PORT
ioctl, just closing the hub file handle seems not to be enougth.  Make
sure we release the port before resetting the device, otherwise host
drivers will not re-attach.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>

usb-storage: cancel I/O on reset

When resetting the usb-storage device we'll have to carefully cancel
and clear any requests which might be in flight, otherwise we'll confuse
the state machine.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>

arm: add dummy A9-specific cp15 registers

Add dummy register support for the cp15, CRn=c15 registers.

config_base_register and power_control_register currently
default to 0, but may have improved support after the QOM
CPU patches are finished.

Signed-off-by: Mark Langsdorf <mark.langsdorf@calxeda.com>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>

target-arm: Ignore attempts to set invalid modes in CPSR

Ignore attempts to set the CPSR mode field to an invalid value.
This is UNPREDICTABLE, but we should not cpu_abort() for things
a malicious guest (or a confused user on the gdbstub interface)
can provoke.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>

target-arm: Don't use cpu_single_env in bank_number()

Avoid using cpu_single_env in bank_number() -- if we were
called via the gdb stub reading or writing the CPSR then
it is NULL and we will segfault if we take the cpu_abort().

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>

xen: Fix after recent change in dirty bitmap tracking.

A recent patch set from Avi break the dirty bitmap support of Xen. But
this is because xen_sync_dirty_bitmap will return an error for an
unhandled memory range (a0000 - bffff). However this is not a fatal
error, so we should just continue instead of aborting.

There is now an error printed when the Xen call failed.

Signed-off-by: Anthony PERARD <anthony.perard@citrix.com>
Acked-by: Stefano Stabellini <stefano.stabellini@eu.citrix.com>

Merge remote-tracking branch 'pmaydell/arm-devs.for-upstream' into staging

* pmaydell/arm-devs.for-upstream:
  add L2x0/PL310 cache controller device
  arm: add dummy gic security registers
  arm: Set frequencies for arm_timer
  arm: add missing scu registers
  hw/omap_gpmc: Fix region map/unmap when configuring prefetch engine
  hw/omap1.c: Drop unused includes
  hw/omap1.c: Separate dpll_ctl from omap_mpu_state
  hw/omap1.c: Separate PWT from omap_mpu_state
  hw/omap1.c: Separate PWL from omap_mpu_state
  hw/omap1.c: omap_mpuio_init() need not be public
  hw/pl110.c: Add post-load hook to invalidate display
  hw/pl181.c: Add save/load support

hw/9pfs: Add support to use named socket for proxy FS

Add option to use named socket for communicating between proxy helper
and qemu proxy FS. Access to socket can be given by using command line
options -u and -g.

Signed-off-by: M. Mohan Kumar <mohan@in.ibm.com>
Signed-off-by: Aneesh Kumar K.V <aneesh.kumar@linux.vnet.ibm.com>

hw/9pfs: man page for proxy helper

Signed-off-by: M. Mohan Kumar <mohan@in.ibm.com>
Signed-off-by: Aneesh Kumar K.V <aneesh.kumar@linux.vnet.ibm.com>

hw/9pfs: Documentation changes related to proxy fs

Signed-off-by: M. Mohan Kumar <mohan@in.ibm.com>
Signed-off-by: Aneesh Kumar K.V <aneesh.kumar@linux.vnet.ibm.com>