Jeff Cody [Tue, 15 Jan 2013 15:47:24 +0000 (10:47 -0500)]
block: fix null-pointer bug on error case in block commit
This is a bug that was caught by a coverity run by Markus. In
the error case when we errored out to exit_restore_open early in the
function, 'overlay_bs' was still NULL at that point, although it is
used to look up flags and perform a bdrv_reopen().
Move the overlay_bs lookup to where it is needed, and check for NULL
before restoring the flags. Also get rid of the unneeded parameter
initialization.
Anthony Liguori [Wed, 16 Jan 2013 21:20:05 +0000 (15:20 -0600)]
Merge remote-tracking branch 'kraxel/chardev.1' into staging
# By Gerd Hoffmann
# Via Gerd Hoffmann
* kraxel/chardev.1:
chardev: add pty chardev support to chardev-add (qmp)
chardev: add socket chardev support to chardev-add (qmp)
chardev: add parallel chardev support to chardev-add (qmp)
chardev: add serial chardev support to chardev-add (qmp)
chardev: add file chardev support to chardev-add (qmp)
chardev: add hmp hotplug commands
chardev: add qmp hotplug commands, with null chardev support
chardev: reduce chardev ifdef mess a bit
chardev: fix QemuOpts lifecycle
chardev: add error reporting for qemu_chr_new_from_opts
Paolo Bonzini [Tue, 15 Jan 2013 08:49:36 +0000 (09:49 +0100)]
build: fix Win32 clean build
The version.o file did not appear explicitly as a dependency, and
this caused clean builds to fail. Force its build by making the
Makefile depend on version.o.
(We cannot add it to libqemuutil.a, because it doesn't export any
symbol and thus would not be pulled by the linker).
Andreas Färber [Wed, 16 Jan 2013 00:57:56 +0000 (01:57 +0100)]
tmp105: Fix I2C protocol bug
An early length postincrement in the TMP105's I2C TX path led to
transfers of more than one byte to place the second byte in the third
byte's place within the buffer and the third byte to get discarded.
Fix this by explictly incrementing the length after the checks but
before the callback is called, which again checks the length.
Gerd Hoffmann [Thu, 20 Dec 2012 12:53:12 +0000 (13:53 +0100)]
chardev: add socket chardev support to chardev-add (qmp)
qemu_chr_open_socket is split into two functions. All initialization
after creating the socket file handler is split away into the new
qemu_chr_open_socket_fd function.
chr->filename doesn't get filled from QemuOpts any more. Qemu gathers
the information using getsockname and getnameinfo instead. This way it
will also work correctly for file handles passed via file descriptor
passing.
Finally qmp_chardev_open_socket() is the actual qmp hotplug
implementation which basically just calls socket_listen or
socket_connect and the new qemu_chr_open_socket_fd function.
Gerd Hoffmann [Wed, 19 Dec 2012 12:50:29 +0000 (13:50 +0100)]
chardev: add serial chardev support to chardev-add (qmp)
Similar to file, except that no separate in/out files are supported
because it's pointless for direct device access. Also the special
tty ioctl hooks (pass through linespeed settings etc) are activated
on Unix.
Gerd Hoffmann [Wed, 19 Dec 2012 09:33:40 +0000 (10:33 +0100)]
chardev: add hmp hotplug commands
Add chardev-add and chardev-remove commands to the human monitor.
chardev-add accepts the same syntax as -chardev, chardev-remove
expects a chardev id.
Gerd Hoffmann [Mon, 15 Oct 2012 07:30:59 +0000 (09:30 +0200)]
chardev: fix QemuOpts lifecycle
qemu_chr_new_from_opts handles QemuOpts release now, so callers don't
have to worry. It will either be saved in CharDriverState, then
released in qemu_chr_delete, or in the error case released instantly.
Andreas Färber [Wed, 9 Jan 2013 02:58:11 +0000 (03:58 +0100)]
qdev: Prepare "realized" property
Introduce the QOM realizefn suggested by Anthony.
Detailed documentation is supplied in the qdev header.
For now this implements a default DeviceClass::realize callback that
just wraps DeviceClass::init, which it deprecates.
Once all devices have been converted to DeviceClass::realize,
DeviceClass::init is to be removed.
Andreas Färber [Wed, 9 Jan 2013 02:58:10 +0000 (03:58 +0100)]
qdev: Fold state enum into bool realized
Whether the device was initialized or not is QOM-level information and
currently unused. Drop it from device. This leaves the boolean state of
whether or not DeviceClass::init was called or not, a.k.a. "realized".
Avik Sil [Tue, 8 Jan 2013 07:06:31 +0000 (12:36 +0530)]
pseries: set no default boot order
This patch removes the default boot order for pseries machine. This allows
the machine to handle a NULL boot order in case no -boot option is provided.
Thus it helps SLOF firmware to verify if boot order is specified in command
line or not. If no boot order is provided SLOF tries to boot from the
device set in the nvram.
Avik Sil [Tue, 8 Jan 2013 07:06:30 +0000 (12:36 +0530)]
Make default boot order machine specific
This patch makes default boot order machine specific instead of
set globally. The default boot order can be set per machine in
QEMUMachine boot_order. This also allows a machine to receive a
NULL boot order when -boot isn't used and take an appropriate action
accordingly. This helps machine boots from the devices as set in
guest's non-volatile memory location in case no boot order is
provided by the user.
It leaks memory and fails to adjust qemu_acl member nentries. Future
acl_add become confused: can misreport the position, and can silently
fail to add.
Anthony Liguori [Tue, 15 Jan 2013 22:54:41 +0000 (16:54 -0600)]
Merge remote-tracking branch 'afaerber/memory-ioport' into staging
* afaerber/memory-ioport:
acpi_piix4: Do not use old_portio-style callbacks
xen_platform: Do not use old_portio-style callbacks
hw/dma.c: Fix conversion of ioport_register* to MemoryRegion
Anthony Liguori [Tue, 15 Jan 2013 22:52:56 +0000 (16:52 -0600)]
Merge remote-tracking branch 'stefanha/block' into staging
* stefanha/block:
block: Fix how mirror_run() frees its buffer
win32-aio: Fix how win32_aio_process_completion() frees buffer
scsi-disk: qemu_vfree(NULL) is fine, simplify
w32: Make qemu_vfree() accept NULL like the POSIX implementation
sheepdog: clean up sd_aio_setup()
sheepdog: multiplex the rw FD to flush cache
block: clear dirty bitmap when discarding
ide: issue discard asynchronously but serialize the pieces
ide: fix TRIM with empty range entry
block: make discard asynchronous
raw: support discard on block devices
raw-posix: remember whether discard failed
raw-posix: support discard on more filesystems
block: fix initialization in bdrv_io_limits_enable()
qcow2: Fix segfault on zero-length write
Anthony Liguori [Tue, 15 Jan 2013 22:52:39 +0000 (16:52 -0600)]
Merge remote-tracking branch 'afaerber/qom-cpu' into staging
* afaerber/qom-cpu:
target-i386: Use switch in check_hw_breakpoints()
target-i386: Avoid goto in hw_breakpoint_insert()
target-i386: Introduce hw_{local,global}_breakpoint_enabled()
target-i386: Define DR7 bit field constants
target-i386: Move kvm_check_features_against_host() check to realize time
target-i386: cpu_x86_register() consolidate freeing resources
target-i386: Move setting defaults out of cpu_x86_parse_featurestr()
target-i386: check/enforce: Check all feature words
target-i386/cpu.c: Add feature name array for ext4_features
target-i386: kvm_check_features_against_host(): Use feature_word_info
target-i386/cpu: Introduce FeatureWord typedefs
target-i386: Disable kvm_mmu by default
kvm: Add fake KVM constants to avoid #ifdefs on KVM-specific code
exec: Return CPUState from qemu_get_cpu()
xen: Simplify halting of first CPU
kvm: Pass CPUState to kvm_init_vcpu()
cpu: Move cpu_index field to CPUState
cpu: Move numa_node field to CPUState
target-mips: Clean up mips_cpu_map_tc() documentation
cpu: Move nr_{cores,threads} fields to CPUState
Before the previous commit, which converted ioport_register_* to
MemoryRegion, the DMA controller registered 8 ioports with the following
formula:
base + ((8 + i) << d->shift) where 0 <= i < 8
When an IO occured within a Memory Region, DMA callback receives an
offset relative to the start address. Here the start address is:
base + (8 << d->shift).
The offset should be: (i << d->shift). After the shift is reverted, the
offsets are 0..7 not 1..8.
w32: Make qemu_vfree() accept NULL like the POSIX implementation
On POSIX, qemu_vfree() accepts NULL, because it's merely wrapper
around free(). As far as I can tell, the Windows implementation
doesn't. Breeds bugs that bite only under Windows.
Make the Windows implementation behave like the POSIX implementation.
Paolo Bonzini [Mon, 14 Jan 2013 15:26:58 +0000 (16:26 +0100)]
block: clear dirty bitmap when discarding
Note that resetting bits in the dirty bitmap is done _before_ actually
processing the request. Writes, instead, set bits after the request
is completed.
This way, when there are concurrent write and discard requests, the
outcome will always be that the blocks are marked dirty. This scenario
should never happen, but it is safer to do it this way.
Paolo Bonzini [Mon, 14 Jan 2013 15:26:57 +0000 (16:26 +0100)]
ide: issue discard asynchronously but serialize the pieces
Now that discard can take a long time, make it asynchronous.
Each LBA range entry is processed separately because discard
can be an expensive operation.
Paolo Bonzini [Mon, 14 Jan 2013 15:26:56 +0000 (16:26 +0100)]
ide: fix TRIM with empty range entry
ATA-ACS-3 says "If the two byte range length is zero, then the LBA
Range Entry shall be discarded as padding." iovecs are used as if
they are linearized, so it is incorrect to discard the rest of
this iovec.
Paolo Bonzini [Mon, 14 Jan 2013 15:26:55 +0000 (16:26 +0100)]
block: make discard asynchronous
This is easy with the thread pool, because we can use s->is_xfs and
s->has_discard from the worker function.
QEMU has a widespread assumption that each I/O operation writes less
than 2^32 bytes. This patch doesn't fix it throughout of course,
but it starts correcting struct RawPosixAIOData so that there is
no regression with respect to the synchronous discard implementation.
Paolo Bonzini [Mon, 14 Jan 2013 15:26:53 +0000 (16:26 +0100)]
raw-posix: remember whether discard failed
Avoid sending system calls repeatedly if they shall fail. This
does not apply to XFS: if the filesystem-specific ioctl fails,
something weird is happening.
Kusanagi Kouichi [Mon, 14 Jan 2013 15:26:52 +0000 (16:26 +0100)]
raw-posix: support discard on more filesystems
Linux 2.6.38 introduced the filesystem independent interface to
deallocate part of a file. As of Linux 3.7, btrfs, ext4, ocfs2,
tmpfs and xfs support it.
Even though the system calls here are in practice issued on Linux,
the code is structured to allow plugging in alternatives for other Unix
variants. EOPNOTSUPP is used unconditionally in this patch, but it is
supported in both OpenBSD and Mac OS X since forever (see for example
http://lists.debian.org/debian-glibc/2006/02/msg00337.html).
if (bytes_base + bytes_res <= bytes_limit) {
/* no wait */
} else {
/* operation needs to be throttled */
}
As a result, any I/O operations that are triggered between now and
bs->slice_end are incorrectly limited. If 10 MB of data has been
written since the VM was started, QEMU thinks that 10 MB of data has
been written in this slice. This leads to a I/O lockup in the guest.
We fix this by delaying the start of a new slice to the next
call of bdrv_exceed_io_limits().
hw_breakpoint_enabled() returned a bit field indicating whether a local
breakpoint and/or global breakpoint was enabled. Avoid this number magic
by using explicit boolean helper functions hw_local_breakpoint_enabled()
and hw_global_breakpoint_enabled(), to aid readability.
Reuse them for the hw_breakpoint_enabled() implementation and change
its return type to bool.
While at it, fix Coding Style issues (missing braces).
Kevin Wolf [Mon, 14 Jan 2013 16:31:31 +0000 (17:31 +0100)]
qcow2: Fix segfault on zero-length write
One of the recent refactoring patches (commit f50f88b9) didn't take care
to initialise l2meta properly, so with zero-length writes, which don't
even enter the write loop, qemu just segfaulted.
Igor Mammedov [Fri, 11 Jan 2013 02:10:17 +0000 (03:10 +0100)]
target-i386: Move kvm_check_features_against_host() check to realize time
kvm_check_features_against_host() should be called when features can't
be changed, and when features are converted to properties it would be
possible to change them until realize time, so correct way is to call
kvm_check_features_against_host() in x86_cpu_realize().
This will ensure the "enforce" flag works as it should: it won't allow
QEMU to be started unless every flag that was requested by the user or
defined in the CPU model is supported by the host.
This patch may cause existing configurations where "enforce" wasn't
preventing QEMU from being started to abort QEMU. But that's exactly the
point of this patch: if a flag was not supported by the host and QEMU
wasn't aborting, it was a bug in the "enforce" code.
Eduardo Habkost [Mon, 7 Jan 2013 18:20:46 +0000 (16:20 -0200)]
target-i386: kvm_check_features_against_host(): Use feature_word_info
Instead of carrying the CPUID leaf/register and feature name array on
the model_features_t struct, move that information into
feature_word_info so it can be reused by other functions.
The goal is to eventually kill model_features_t entirely, but to do that
we have to either convert x86_def_t.features to an array or use
offsetof() inside FeatureWordInfo (to replace the pointers inside
model_features_t). So by now just move most of the model_features_t
fields to FeatureWordInfo except for the two pointers to local
arguments.
Eduardo Habkost [Mon, 7 Jan 2013 18:20:45 +0000 (16:20 -0200)]
target-i386/cpu: Introduce FeatureWord typedefs
This introduces a FeatureWord enum, FeatureWordInfo struct (with
generation information about a feature word), and a FeatureWordArray
typedef, and changes add_flagname_to_bitmaps() code and
cpu_x86_parse_featurestr() to use the new typedefs instead of separate
variables for each feature word.
This will help us keep the code at kvm_check_features_against_host(),
cpu_x86_parse_featurestr() and add_flagname_to_bitmaps() sane while
adding new feature name arrays.
Eduardo Habkost [Mon, 7 Jan 2013 18:20:44 +0000 (16:20 -0200)]
target-i386: Disable kvm_mmu by default
KVM_CAP_PV_MMU capability reporting was removed from the kernel since
v2.6.33 (see commit a68a6a7282373), and was completely removed from the
kernel since v3.3 (see commit fb92045843). It doesn't make sense to keep
it enabled by default, as it would cause unnecessary hassle when using
the "enforce" flag.
This disables kvm_mmu on all machine-types. With this fix, the possible
scenarios when migrating from QEMU <= 1.3 to QEMU 1.4 are:
------------+----------+----------------------------------------------------
src kernel | dst kern.| Result
------------+----------+----------------------------------------------------
>= 2.6.33 | any | kvm_mmu was already disabled and will stay disabled
<= 2.6.32 | >= 3.3 | correct live migration is impossible
<= 2.6.32 | <= 3.2 | kvm_mmu will be disabled on next guest reboot *
------------+----------+----------------------------------------------------
* If they are running kernel <= 2.6.32 and want kvm_mmu to be kept
enabled on guest reboot, they can explicitly add +kvm_mmu to the QEMU
command-line. Using 2.6.33 and higher, it is not possible to enable
kvm_mmu explicitly anymore.
Andreas Färber [Mon, 17 Dec 2012 02:27:07 +0000 (03:27 +0100)]
cpu: Move nr_{cores,threads} fields to CPUState
To facilitate the field movements, pass MIPSCPU to malta_mips_config();
avoid that for mips_cpu_map_tc() since callers only access MIPS Thread
Contexts, inside TCG helpers.
Blue Swirl [Sun, 13 Jan 2013 08:12:45 +0000 (08:12 +0000)]
pc87312: Avoid define conflict on mingw32
Mingw32 headers define FAR, causing this warning:
/src/qemu/hw/pc87312.c:38:0: warning: "FAR" redefined [enabled by default]
In file included from /usr/local/lib/gcc/i686-mingw32msvc/4.7.0/../../../../i686-mingw32msvc/include/windows.h:48:0,
from /src/qemu/include/sysemu/os-win32.h:29,
from /src/qemu/include/qemu-common.h:46,
from /src/qemu/include/exec/ioport.h:27,
from /src/qemu/hw/isa.h:6,
from /src/qemu/hw/pc87312.h:28,
from /src/qemu/hw/pc87312.c:26:
/usr/local/lib/gcc/i686-mingw32msvc/4.7.0/../../../../i686-mingw32msvc/include/windef.h:34:0: note: this is the location of the previous definition
KONRAD Frederic [Mon, 14 Jan 2013 21:52:02 +0000 (22:52 +0100)]
virtio-9p: fix compilation error.
Fix the compilation error introduced by msg new field.
CC hw/9pfs/virtio-9p.o
In file included from /home/konradf/Documents/safe/greensocs/virtio-project/x86-qemu/qemu/hw/9pfs/virtio-9p.c:17:0:
/home/konradf/Documents/safe/greensocs/virtio-project/x86-qemu/qemu/hw/virtio-pci.h:30:16: erreur: field ‘msg’ has incomplete type
make: *** [hw/9pfs/virtio-9p.o] Erreur 1
Michael Roth [Mon, 14 Jan 2013 19:20:13 +0000 (13:20 -0600)]
dataplane: fix build breakage on set_guest_notifiers()
virtio_pci_set_guest_notifiers() now takes an additional argument to
specify the number of virtqueues to assign a guest notifier for. This
causes a build breakage for CONFIG_VIRTIO_BLK_DATA_PLANE builds:
/home/mdroth/w/qemu2.git/hw/dataplane/virtio-blk.c: In function
‘virtio_blk_data_plane_start’:
/home/mdroth/w/qemu2.git/hw/dataplane/virtio-blk.c:451:47: error: too
few arguments to function ‘s->vdev->binding->set_guest_notifiers’
/home/mdroth/w/qemu2.git/hw/dataplane/virtio-blk.c: In function
‘virtio_blk_data_plane_stop’:
/home/mdroth/w/qemu2.git/hw/dataplane/virtio-blk.c:511:5: error: too few
arguments to function ‘s->vdev->binding->set_guest_notifiers’
make[1]: *** [hw/dataplane/virtio-blk.o] Error 1
make[1]: *** Waiting for unfinished jobs....
make: *** [subdir-x86_64-softmmu] Error 2
Fix this by passing 1 as the number of virtqueues to assign notifiers
for.
Michael Roth [Mon, 14 Jan 2013 19:20:12 +0000 (13:20 -0600)]
virtio-pci: build for uninitialized return value in vq_vector_unmask
Fixes the following:
/home/mdroth/w/qemu2.git/hw/virtio-pci.c: In function
‘kvm_virtio_pci_vector_unmask’:
/home/mdroth/w/qemu2.git/hw/virtio-pci.c:673:12: error: ‘ret’ may be
used uninitialized in this function [-Werror=uninitialized]
cc1: all warnings being treated as errors
make: *** [hw/virtio-pci.o] Error 1
make: *** Waiting for unfinished jobs....
Alberto Garcia [Fri, 11 Jan 2013 17:25:30 +0000 (18:25 +0100)]
Add GE IP-Octal 232 IndustryPack emulation
The GE IP-Octal 232 is an IndustryPack module that implements eight
RS-232 serial ports, each one of which can be redirected to a
character device in the host.
Roger Pau Monne [Mon, 14 Jan 2013 18:28:19 +0000 (18:28 +0000)]
xen_disk: add persistent grant support to xen_disk backend
This protocol extension reuses the same set of grant pages for all
transactions between the front/back drivers, avoiding expensive tlb
flushes, grant table lock contention and switches between userspace
and kernel space. The full description of the protocol can be found in
the public blkif.h header.
Roger Pau Monne [Mon, 14 Jan 2013 18:26:53 +0000 (18:26 +0000)]
xen_disk: fix memory leak
On ioreq_release the full ioreq was memset to 0, loosing all the data
and memory allocations inside the QEMUIOVector, which leads to a
memory leak. Create a new function to specifically reset ioreq.
qemu-ga: Handle errors uniformely in ga_channel_open()
We detect errors in several places. One reports with g_error(), which
calls abort(), the others report with g_critical(). Three of them
exit(), three return false.
Always report with g_critical(), and return false.
projects / qemu.git / log