virtio-blk: Fix geometry sector calculation
Currently the sector value for the geometry is masked, even if theuser usesa command line parameter that explicitely gives a number.This breaks dasd devices on s390. A dasd device can havea physical block size of 4096 (== same for logical block size)...
block: prevent snapshot mode $TMPDIR symlink attack
In snapshot mode, bdrv_open creates an empty temporary file withoutchecking for mkstemp or close failure, and ignoring the possibilityof a buffer overrun given a surprisingly long $TMPDIR.Change the get_tmp_filename function to return int (not void),...
sheepdog: fix return value of do_load_save_vm_state
bdrv_save_vmstate and bdrv_load_vmstate should return the vmstate sizeon success, and -errno on error.
Signed-off-by: MORITA Kazutaka <morita.kazutaka@lab.ntt.co.jp>Signed-off-by: Kevin Wolf <kwolf@redhat.com>
virtio: Fix compiler warning for non Linux hosts
The local variables ret, i are only used if linux is defined.
Signed-off-by: Stefan Weil <sw@weilnetz.de>Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Expose CPUID leaf 7 only for -cpu host
Changes v2 -> v3; - Check for kvm_enabled() before setting cpuid_7_0_ebx_features
Changes v1 -> v2: - Use kvm_arch_get_supported_cpuid() instead of host_cpuid() on cpu_x86_fill_host().
We should use GET_SUPPORTED_CPUID for all bits on "-cpu host"...
vnc: fix segfault in vnc_display_pw_expire()
NULL pointer dereference in case no vnc server is configured.Catch this and return -EINVAL like vnc_display_password() does.
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
xhci: add usage info to docs
vga: fix vram double-mapping with -vga std and -M pc-0.12
With pc-0.12, we map the video RAM both through the PCI BAR (the guest doesthis) and through a fixed mapping at 0xe0000000. The memory API doesn't allowthis double map, and aborts.
Fix by using an alias....
fix multiboot loading if load_end_addr == 0
The previous multiboot load code did not treat the case whereload_end_addr was 0 specially. The multiboot specification says thefollowing: * load_end_addr Contains the physical address of the end of the data segment....
pci: call object_unparent() before free_qdev()
Start VM with 8 multiple-function block devs, hot-removingthose block devs by 'device_del ...' would cause qemu abort.
| (qemu) device_del virti0-0-0 | (qemu) ** |ERROR:qom/object.c:389:object_delete: assertion failed: (obj->ref == 0)...
Merge remote-tracking branch 'afaerber-or/cocoa-for-upstream' into staging
cocoa: Suppress Cocoa frontend for -qtest
Signed-off-by: Andreas Färber <andreas.faerber@web.de>
arch_init: Fix AltiVec build on Darwin/ppc
Commit f29a56147b66845914d0a645bf9b4c5bb9a6af57 (implement-no-user-config command-line option (v3)) introduced uses of boolin arch_init.c. Shortly before that usage is support code forAltiVec (conditional to ALTIVEC)....
Merge remote-tracking branch 'sstabellini/for_1.1_rc3' into staging
Merge remote-tracking branch 'mdroth/qga-pull-5-24-12' into staging
Merge remote-tracking branch 'kwolf/for-anthony' into staging
Merge remote-tracking branch 'kiszka/queues/slirp' into staging
Merge remote-tracking branch 'bonzini/scsi-next' into staging
slirp: Avoid redefining MAX_TCPOPTLEN
MAX_TCPOPTLEN is being defined as 32. Darwin already has it as 40,causing a warning. The value is only used to declare an array,into which currently 4 bytes are written at most.
Therefore always override MAX_TCPOPTLEN for now....
slirp: Avoid statements without effect on Big Endian host
Darwin has HTON*/NTOH* macros that on BE simply return the argument.This is incompatible with SLIRP's use of these macros as a statement.
Undefine the macros in the HOST_WORDS_BIGENDIAN code path to redefine...
ISCSI: Switch to using READ16/WRITE16 for I/O to the LUN
This allows using LUNs bigger than 2TB. Keep using READ10 for otherdevice types such as MMC.
Signed-off-by: Ronnie Sahlberg <ronniesahlberg@gmail.com>
ISCSI: Only call READCAPACITY16 for SBC devices, use READCAPACITY10 for MMC
ISCSI: change num_blocks to 64-bit
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
ISCSI: get device type at connection time
This is needed to avoid READ CAPACITY for MMC devices.
Signed-off-by: Ronnie Sahlberg <ronniesahlberg@gmail.com>Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
ISCSI: redo how we set up the events
Call qemu_notify_event() after updating events. Otherwise, If we addan event for -is-writeable but the socket is already writeable theremay be a delay before the event callback is actually triggered.
Those delays would in particular hurt performance during BIOS boot and...
slirp: Untangle TCPOLEN_* from TCPOPT_*
Commit b72210568ef0c0fb141a01cffb71a09c4efa0364 (slirp: clean upconflicts with system headers) enclosed TCPOLEN_MAXSEG with an #ifdefTCPOPT_EOL. This broke the build on illumos, which has TCPOPT_*but not TCPOLEN_*....
tcg/ppc: Handle _CALL_DARWIN being undefined on Darwin
powerpc-apple-darwin9-gcc-4.2.1 (GCC) 4.2.1 (Apple Inc. build 5577)does not define _CALL_DARWIN, leading to unexpected behavior w.r.t.register clobbering and stack frame layout.
Since _CALL_DARWIN is a reserved identifier, define a custom...
fdc-test: introduced qtest no_media_on_start and cmos qtest for floppy
As default a guest has always one floppy drive so 0x10 byte in CMOShas to have 0x40 value. Higher 4 bits means that the first floppy driveis 1.44 Mb 3"5 drive and lower 4 bits means the second drive is not present....
fdc: fix media detection
We have to set up 'media_changed' after guest start so floppy drivercould detect that there is no media in drive. For this purpose we call'fdctrl_change_cb' instead of 'fd_revalidate' in 'fdctrl_connect_drives'.'fd_revalidate' is called inside 'fdctrl_change_cb'....
fdc: floppy drive should be visible after start without media
If you start guest with floppy drive but without media inserted, gueststill should see floppy drive pressent.
Signed-off-by: Pavel Hrdina <phrdina@redhat.com>Signed-off-by: Kevin Wolf <kwolf@redhat.com>
qemu-iotests: mark 035 qcow2-only
The 035 parallel aio write test relies on knowledge of qcow2 metadatalayout to stress parallel L2 table accesses. This only works for qcow2unless we add additional calculations for qed or other formats.
Mark this test as qcow2-only....
qcow2: don't leak buffer for unexpected qcow_version in header
Signed-off-by: Jim Meyering <meyering@redhat.com>Signed-off-by: Kevin Wolf <kwolf@redhat.com>
qemu-img: Explain how rebase operation can be used to perform a 'diff' operation.
Signed-off-by: Richard W.M. Jones <rjones@redhat.com>Signed-off-by: Kevin Wolf <kwolf@redhat.com>
sheepdog: mark image as snapshot when tag is specified
When a snapshot tag is specified in the filename, the opened image isa snapshot.
sheepdog: return -errno on error
On error, BlockDriver APIs should return -errno instead of -1.
sheepdog: use heap instead of stack for BDRVSheepdogState
bdrv_create() is called in coroutine context now, so we cannot usemore stack than 1 MB in the function if we use ucontext coroutine.This patch allocates BDRVSheepdogState, whose size is 4 MB, on the...
qcow2: Check qcow2_alloc_clusters_at() return value
When using qcow2_alloc_clusters_at(), the cluster allocation codechecked the wrong variable for an error code.
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
scsi: declare vmstate_info_scsi_requests to be static
Signed-off-by: Jim Meyering <meyering@redhat.com>
qemu-ga: Fix missing environ declaration
Commit 3674838cd05268954bb6473239cd7f700a79bf0f uses the environ globalvariable, but is relying on environ to be declared somewhere else.
This worked for me because on F16 environ is declared in <unistd.h>, butthat doesn't happen in OpenBSD for example, causing a build failure....
configure: check if environ is declared
Some systems may declare environ automatically, others don't. Check for it.
Signed-off-by: Luiz Capitulino <lcapitulino@redhat.com>Signed-off-by: Michael Roth <mdroth@linux.vnet.ibm.com>
audio: Always call fini on exit
Not only clean up enabled voices but any registered one. Backends likepulsaudio rely on unconditional fini handler invocations.
This fixes "Memory pool destroyed but not all memory blocks freed!" warnings on VM shutdowns when pa is used and lockups of QEMU on shutdown...
es1370: Fix debug code
When DEBUG_ES1370 is defined, the compiler shows these warnings:
hw/es1370.c: In function ?es1370_update_voices?:hw/es1370.c:414: warning: format ?%d? expects type ?int?, but argument 3 has type ?size_t?hw/es1370.c: In function ?es1370_writel?:...
Update version for 1.1.0-rc3
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
qdev: Fix memory leak
The str allocated in visit_type_str was not freed.
The visit_type_str function is an input visitor(<QMP/String/etc>-to-native)here, it will allocate memory for caller, so the caller is responsible forfreeing the memory.
Reviewed-by: Stefan Weil <sw@weilnetz.de>...
xen: Fix PV-on-HVM
In the context of PV-on-HVM under Xen, the emulated nics are supposed to beunplug before the guest drivers are initialized, when the guest write to aspecific IO port.
Without this patch, the guest end up with two nics with the same MAC, the...
use an uint64_t for the max_sz parameter in load_image_targphys
Allow load_image_targphys to load files on systems with more than 2G ofemulated memory by changing the max_sz parameter from an int to anuint64_t.
Reviewed-by: Andreas F=E4rber <afaerber@suse.de>...
virtio-blk: report non-zero status when failing SG_IO requests
Linux really looks only at scsi->errors for SG_IO requests; it doesnot look at the virtio request status at all. Because of this, whena SG_IO request is failed early with virtio_blk_req_complete(req,...
virtio-blk: blockdev_mark_auto_del is transport-independent
Move it from virtio_blk_exit_pci to virtio_blk_exit.
This is included here because the next patch removes proxy->block.
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
virtio-blk: define VirtIOBlkConf
We will have to add another field to the virtio-blk configuration inthe next patch. Avoid a proliferation of arguments to virtio_blk_init.
virtio-blk: always enable VIRTIO_BLK_F_SCSI
VIRTIO_BLK_F_SCSI is supposed to mean whether the host can parseSCSI requests, not execute them. You could run QEMU with scsi=onand a file-backed disk, and QEMU would fail all SCSI requests eventhough it advertises VIRTIO_BLK_F_SCSI....
virtio: check virtio_load return code
Otherwise we crash on error.
Signed-off-by: Ulrich Obergfell <uobergfe@redhat.com>Signed-off-by: Orit Wassermann <owasserm@redhat.com>Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
Merge remote-tracking branch 'mdroth/qga-pull-5-15-12' into staging
tests: Add rtc-test (fix test regression)
Commit 93e9eb6808c886f5f1c903b7ced1eed65de2ba39 added fdc-test,but accidentally removed rtc-test because check-qtest-i386-y wasnot enhanced but set twice.
This patch adds rtc-test again (and sorts both tests alphabetically)....
tests: Fix linker failure for fdc-test
When QEMU was built with the simple trace backend, linking failed:
LINK tests/fdc-testoslib-posix.o: In function `trace_qemu_memalign':qemu/bin/debug/x86/./trace.h:31: undefined reference to `trace3'oslib-posix.o: In function `trace_qemu_vmalloc':...
mips: Fix BC1ANY24F instructions
There's some dodgy application of De Morgan's law in the emulationof the MIPS BC1ANY24F instructions: they end up branching onlyif all CCs are false, rather than if one CC is.
Tested on mips64-linux-gnu, where it fixes the GCC MIPS3D tests....
linux-user: Fix stale tbs after mmap
If we execute linux-user code that does the following:
we end up executing a stale cached tb that contains translated code...
virtio-pci: add missing 'static'
There are no outside references to virtio_portio.Add missing 'static' specifier.
Reviewed-by: Stefan Weil <sw@weilnetz.de>Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
sparc64: fix initrd loading
Initrd load address is too low, it conflicts with kernel loadaddress:rom: requested regions overlap (rom phdr #0: /tmp/vmlinux-debian-6.0.4-sparc64. free=0x0000000000742519, addr=0x0000000000400000)rom loading failed
Fix by making the initrd address variable, load initrd after kernel...
audio: split IN_T into two separate constants
Split IN_T into BSIZE and ITYPE, to avoid expansion if the OS hasdefined macros for the intX_t and uintX_t types. The IN_T constant isthen defined in mixeng_template.h so it can be used by thefunctions/macros on this header file....
target-microblaze: impelemented swapx instructions
Implemented the swapb and swaph byte/halfword reversal instructions addedto microblaze v8.30
Signed-off-by: Peter A. G. Crosthwaite <peter.crosthwaite@petalogix.com>Signed-off-by: Edgar E. Iglesias <edgar.iglesias@gmail.com>
Call xc_domain_shutdown with the reboot flag when the guest requests a reboot.
Signed-off-by: John V. Baboval <john.baboval@virtualcomputer.com>Signed-off-by: Tom Goetz <tom.goetz@virtualcomputer.com>Signed-off-by: Anthony PERARD <anthony.perard@citrix.com>...
xen_disk: remove syncwrite option
This patch removes a dead option.
The same can be achieved removing BDRV_O_NOCACHE and BDRV_O_CACHE_WBfrom the flags passed to bdrv_open.
Signed-off-by: Stefano Stabellini <stefano.stabellini@eu.citrix.com>
xen_disk: use bdrv_aio_flush instead of bdrv_flush
Use bdrv_aio_flush instead of bdrv_flush.
Make sure to call bdrv_aio_writev/readv after the presync bdrv_aio_flush is fullycompleted and make sure to call the postsync bdrv_aio_flush afterbdrv_aio_writev/readv is fully completed....
xen_disk: properly update stats in ioreq_release()
While for the "normal" case (called from blk_send_response_all())decrementing requests_finished is correct, doing so in the parse errorcase is wrong; requests_inflight needs to be decremented instead....
xen: do not initialize the interval timer and PCSPK emulator
PIT and PCSPK are emulated by the hypervisor so we don't need to emulatethem in Qemu: this patch prevents Qemu from waking up needlessly atPIT_FREQ on Xen.
xen: disable rtc_clock
rtc_clock is only used by the RTC emulator (mc146818rtc.c), however Xenhas its own RTC emulator in the hypervisor so we can disable it.
qemu-ga: align versioning with QEMU_VERSION
Previously qemu-ga version was defined seperately. Since it is alignedwith QEMU releases, use QEMU_VERSION instead. This also implies theversion bump for 1.1[-rcN] release of qemu-ga.
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>...
qemu-ga: fix segv after failure to open log file
Currently, if we fail to open the specified log file (generally due to apermissions issue), we'll assign NULL to the logfile handle (stderr,initially) used by the logging routines, which can cause a segfault to...
qapi: add support for command options
Options allow for changes in commands behavior. This commit introducesthe QCO_NO_SUCCESS_RESP option, which causes a command to not emit asuccess response.
This is needed by commands such as qemu-ga's guest-shutdown, which...
qemu-ga: don't warn on no command return
This is a valid condition when a command chooses to not emit asuccess response.
qemu-ga: guest-shutdown: don't emit a success response
Today, qemu-ga may not be able to emit a success response whenguest-shutdown completes. This happens because the VM may vanishbefore qemu-ga is able to emit a response.
This semantic is a bit confusing, as it's not clear for clients if...
qemu-ga: guest-suspend-disk: don't emit a success response
Today, qemu-ga may not be able to emit a success response whenguest-suspend-disk completes. This happens because the VM mayvanish before qemu-ga is able to emit a response.
qemu-ga: guest-suspend-ram: don't emit a success response
Today, qemu-ga may not be able to emit a success response whenguest-suspend-ram completes. This happens because the VM maysuspend before qemu-ga is able to emit a response.
qemu-ga: guest-suspend-hybrid: don't emit a success response
Today, qemu-ga may not be able to emit a success response whenguest-suspend-hybrid completes. This happens because the VM maysuspend before qemu-ga is able to emit a response.
qemu-ga: make reopen_fd_to_null() public
The next commit wants to use it.
Signed-off-by: Luiz Capitulino <lcapitulino@redhat.com>Reviewed-by: Eric Blake <eblake@redhat.com>Signed-off-by: Michael Roth <mdroth@linux.vnet.ibm.com>
qemu-ga: become_daemon(): reopen standard fds to /dev/null
This fixes a bug where qemu-ga doesn't suspend the guest because itfails to detect suspend support even when the guest does supportsuspend. This happens because of the way qemu-ga fds are managed in...
qemu-ga: guest-suspend: make the API synchronous
Currently, qemu-ga has a SIGCHLD handler that automatically reaps terminatedchildren processes. The idea is to avoid having qemu-ga commands blockedwaiting for children to terminate.
That approach has two problems:...
qemu-ga: guest-shutdown: become synchronous
Last commit dropped qemu-ga's SIGCHLD handler, used to automaticallyreap terminated children processes. This introduced a bug toqmp_guest_shutdown(): it will generate zombies.
This problem probably doesn't matter in the success case, as the VM...
qemu-ga: guest-shutdown: use only async-signal-safe functions
POSIX mandates1 that a child process of a multi-thread program usesonly async-signal-safe functions before exec(). We consider qemu-gato be multi-thread, because it uses glib.
However, qmp_guest_shutdown() uses functions that are not...
Update version to 1.1.0-rc2
tcg/ppc64: Don't hardcode register numbers for qemu_ld/st
Facilitates using r3 for prepended AREG0.
Signed-off-by: Andreas F?rber <afaerber@suse.de>Signed-off-by: malc <av1474@comtv.ru>
tcg/ppc64: Fix CONFIG_TCG_PASS_AREG0
In qemu_ld/st load the registers for the helper calls directly ratherthan rotating them around afterwards for AREG0.
Also clobber the additional register.
Merge remote-tracking branch 'qmp/queue/qmp' into staging
Merge remote-tracking branch 'afaerber-or/qom-1.1' into staging
Merge remote-tracking branch 'kraxel/usb.50' into staging
Merge remote-tracking branch 'spice/spice.v55' into staging
Merge remote-tracking branch 'sweil/for-1.1' into staging
qdev: fix -device foo,?
Since most property types do not have a parse property now, this wasbroken. Fix it by looking at the setter instead.
Reviewed-by: Anthony Liguori <aliguori@us.ibm.com>Acked-by: Andreas F=E4rber <afaerber@suse.de>Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>...
coroutine: Fix setup of sigaltstack coroutines
Use pthread_kill instead of process-wide kill to invoke the signalhandler used for stack switching. This may fix spurious lock-ups withthis backend, easily triggerable by extending the time window betweenkill and sigsuspend....
qcow2: Don't ignore failure to clear autoclear flags
qemu-img: Fix segmentation fault
The following command generates a segmentation fault.qemu-img convert -O vpc -o ? test test2This is because the 'goto out;' statement calls qemu_progress_endbefore qemu_progress_init is called resulting in a NULL pointer...
Merge remote-tracking branch 'origin/master' into staging
qapi: QMP input visitor, handle floats parsed as ints
JSON numbers can be interpreted as either integers or floating pointvalues depending on their representation. As a result, QMP input visitormight visit a QInt when it was expecting a QFloat, so add handling to...
usb-host: handle guest-issued clear halt
Most important here is to update our internal endpoint state so we knowthe endpoint isn't in halted state any more. Without this usb-hosttries to clear halt again with the next data transfer submitted. Doingthis twice is (a) not correct and (b) confuses some usb devices,...
qxl: set size of PCI IO BAR correctly (16) for revision 2
Also move it up into switch(qxl->revision) block
Signed-off-by: Uri Lublin <uril@redhat.com>Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
qemu-doc: Add missing parameter in description of -D option
'logfile' is a place holder for a non optional parameter.
Signed-off-by: Stefan Weil <sw@weilnetz.de>
qemu-doc: Fix executable name in examples
The executable name qemu was replaced some time ago by qemu-system-i386.Fix all examples accordingly.
Some examples will only work with qemu-system-i386 or qemu-system-x86_64for obvious reasons ("dos.img").
To keep things simple, I did not vary the executable name....
qemu-doc: Use QEMU instead of qemu for product name
When 'qemu' was used as a product name or as a generic process name,it is now replaced by the official upper case 'QEMU'.
v2:Added missing period (hint from Andreas Färber).
Reviewed-by: Andreas Färber <afaerber@suse.de>...