don't dereference NULL after failed strdup
Most of these are obvious NULL-deref bug fixes, for example,the ones in these files:
block/curl.c net.c slirp/misc.c
and the first one in block/vvfat.c.The others in block/vvfat.c may not lead to an immediate segfault, but I...
qemu-img: use the heap instead of the huge stack array for win32
The default stack size of PE is 1MB on win32 and IO_BUF_SIZE inimg_convert() & img_rebase() is 2MB, so qemu-img will crash when doing"convert" & "rebase" on win32.Although we can improve the stack size of PE to resolve it, I think we...
Increase VNC_MAX_WIDTH
Increase VNC_MAX_WIDTH to match "commonly available" consumer level monitorsavailable these days.
This also closes KVM bug 2907597
Signed-off-by: Brian Jackson <iggy@theiggy.com>Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
qjson: Improve debugging
Add an assert() to qobject_from_jsonf() to assure that the returnedQObject is not NULL. Currently this is duplicated in the callers.
Signed-off-by: Luiz Capitulino <lcapitulino@redhat.com>Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
Monitor: remove unneeded checks
It's not needed to check the return of qobject_from_jsonf()anymore, as an assert() has been added there.
QError: Don't abort on multiple faults
Ideally, Monitor code should report an error only once andreturn the error information up the call chain.
To assure that this happens as expected and that no error islost, we have an assert() in qemu_error_internal()....
QMP: Don't leak on connection close
QMP's chardev event callback doesn't calljson_message_parser_destroy() on CHR_EVENT_CLOSED. As the callto json_message_parser_init() on CHR_EVENT_OPENED allocates memory,we'are leaking on close.
Fix that by just calling json_message_parser_destroy() on...
virtio-net: fix network stall under load
Fix a race condition where qemu finds that there are not enough virtioring buffers available and the guest make more buffers available beforeqemu can enable notifications.
Signed-off-by: Tom Lendacky <toml@us.ibm.com>...
json: fix PRId64 on Win32
OK we are fooled by the json lexer and parser. As we use %I64d toprint 'long long' variables in Win32, but lexer and parser only dealwith %lld but not %I64d, this patch add support for %I64d and solve'info pci', 'powser_reset' and 'power_powerdown' assert failure in...
iothread: fix vcpu stop with smp tcg
Round robin vcpus in tcg_cpu_next even if the vm stopped. Thisallows all cpus to enter stopped state.
Signed-off-by: Marcelo Tosatti <mtosatti@redhat.com>Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
fix inet_parse typo
qemu_opt_set wants on/off, not yes/no.
QMP: Add QEMU's version to the greeting message
With capability negotiation support clients will only have a chanceto check QEMU's version (ie. issue 'query-version') after thenegotiation procedure is done.
It might be useful to clients to check QEMU's version before...
QMP: Introduce the qmp_capabilities command
This command will be used to enable QMP capabilities advertisedby the capabilities array.
Note that it will be mandatory to issue this command in orderto make QMP functional (although this behavior is not being...
QMP: Enforce capability negotiation rules
With this commit QMP will be started in Capabilities Negotiationmode, where the only command allowed to run is 'qmp_capabilities'.
All other commands will return CommandNotFound error. Asynchronousmessages are not delivered either....
QMP: spec: Capability negotiation updates
audio streaming from usb devices
I have streaming audio devices working within qemu-kvm. This is a portof the changes to qemu.
Streaming audio generates a series of isochronous requests that arerepetitive and time sensitive. The URBs need to be submitted in...
segfault due to buffer overrun in usb-serial
This fixes a segfault due to buffer overrun in the usb-serial device.The memcpy was incrementing the start location by recv_used yet, thecomputation of first_size (how much to write at the end of the bufferbefore wrapping to the front) was not accounting for it. This causes the...
vnc: Migrate to using QTAILQ instead of custom implementation
Just a 1-1 conversion for now.
Signed-off-by: Amit Shah <amit.shah@redhat.com>Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
kvm: reduce code duplication in config_iothread
We have some duplicated code in the CONFIG_IOTHREAD #ifdef and #elsecases. Fix that.
Documentation: Add command line options to function index
Signed-off-by: Stefan Weil <weil@mail.berlios.de>Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
Documentation: Enhance documentation (index, keywords)
Documentation: Add monitor commands to function index
Documentation: Add direntry for info format
update-info-dir maintains an index of all availabledocumentation in info format (the file /usr/share/info/dir).
It reads special @direntry tags in info files.
This patch (extracted from a larger patch provided by...
Documentation: Use UTF-8 encoding and fix one wrong encoding
At least for Linux distributions UTF-8 is now standard,so the QEMU documentation should use this encoding, too.
Even if there was currently only a single special characterusing ISO-8859-1, this might change in the future....
Documentation: Add some basic documentation on make targets
This should help new users to get started.
Documentation: Fix item list
@itemize @minus does not work as expected(the items start with "* -").
A simple @itemize gives a better result.
block: BLOCK_IO_ERROR QMP event
This commit introduces the bdrv_mon_event() function, whichshould be called by block subsystems (eg. IDE) when a I/Oerror occurs, so that an QMP event is emitted.
The following information is currently provided in the event:...
ide: Generate BLOCK_IO_ERROR QMP event
Just call bdrv_mon_event() in the right place.
scsi: Generate BLOCK_IO_ERROR QMP event
virtio-blk: Generate BLOCK_IO_ERROR QMP event
block: saner flags filtering in bdrv_open2
Clean up the current mess about figuring out which flags to pass to thedriver. BDRV_O_FILE, BDRV_O_SNAPSHOT and BDRV_O_NO_BACKING are flagsonly used by the block layer internally so filter them out directly.Previously BDRV_O_NO_BACKING could accidentally be passed to the drivers,...
QMP: BLOCK_IO_ERROR event handling
This commit adds the basic definitions for the BLOCK_IO_ERRORevent, but actual event emission will be introduced by thenext commits.
qcow2: Fix signedness bugs
Checking for return codes < 0 isn't really going to work with unsignedtypes. Use signed types instead.
Signed-off-by: Kevin Wolf <kwolf@redhat.com>Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
do not loop on an incomplete io_thread_fd read
No need to loop if less than a full buffer is read, the nextread would return EAGAIN.
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
loop write in qemu_event_increment upon EINTR
Same as what qemu-kvm does.
fix placement of config-host.h inclusion
The #ifdef CONFIG_SOLARIS below was useless without this patch.
Documentation: Add build support for documentation in pdf format
Makefile already supported dvi, html and info formats,but pdf was missing.
pdf is especially convenient for printing and fordocumentation reviews. I hope it will help toimprove qemu's documentation....
Do not ignore error, if open file failed (-serial /dev/tty)
In case, when qemu is executed with option like-serial /dev/ttyS0, report if there are problems withopening of devices. At now errors are silently ignoring.
Signed-off-by: Evgeniy Dushistov <dushistov@mail.ru>...
doc: Update mingw cross compile instructions
The "Cross compilation for Windows with Linux" section of qemu-doc.texistill instructs the user to use 'configure --enable-mingw32'even after the option was removed in Aug 2008:http://git.savannah.gnu.org/cgit/qemu.git/commit/?id=cd01b4a312248dd4e12c3d389d1a349cea4015d8...
qemu-img: Fix qemu-img can't create qcow image based on read-only image
Commit 03cbdac7 "Disable fall-back to read-only when cannot open drive'sfile for read-write" result in read-only image can't be used as backedimage in qemu-img.
Cc: Naphtali Sprei <nsprei@redhat.com>...
Tranfer dirty blocks during iterative phase
Start transfer dirty blocks during the iterative stage. That willreduce the time that the guest will be suspended
Signed-off-by: Liran Schour <lirans@il.ibm.com>Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
Count dirty blocks and expose an API to get dirty count
This will manage dirty counter for each device and will allow to get thedirty counter from above.
Try not to exceed max downtime on stage3
Move to stage3 only when remaining work can be done below max downtime.Use qemu_get_clock_ns for measuring read performance.
qemu: memory notifiers
This adds notifiers for phys memory changes: a set of callbacks thatvhost can register and update kernel accordingly. Down the road, kvmcode can be switched to use these as well, instead of calling kvm codedirectly from exec.c as is done now....
kvm: move kvm_set_phys_mem around
move kvm_set_phys_mem so that it willbe later available earlier in the file.needed for next patch using memory notifiers.
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>Acked-by: Avi Kivity <avi@redhat.com>Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
kvm: move kvm to use memory notifiers
remove direct kvm calls from exec.c, makekvm use memory notifiers framework instead.
Remove unused code
blk_mig_save_bulked_block is never called with sync flag. Remove the syncflag. Calculate bulk completion during blk_mig_save_bulked_block.Remove unused constants.
add qemu_get_clock_ns
Some places use get_clock directly because they want to access thert_clock with nanosecond precision. Add a function to do exactly thatinstead of using internal interfaces.
tcg/mips: fix crash in tcg_out_qemu_ld()
The address register is overriden when it corresponds to v0 and the fastpath is taken, which leads to a crash. Fix that by using the a0 registerinstead.
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
target-sh4: MMU: separate execute and read/write permissions
On SH4, the ITLB and UTLB configurations are memory mapped, so loadingITLB entries from UTLB has to be simulated correctly. For that the QEMUTLB has to be handle the execute (ITLB) and read/write permissions...
target-sh4: MMU: fix mem_idx computation
The mem_idx is wrongly computed. As written in target-sh4/cpu.h, mode 0corresponds to kernel mode (SR_MD = 1), while mode 1 corresponds to usermode (SR_MD = 0).
target-sh4: MMU: simplify call to tlb_set_page()
tlb_set_page() doesn't need addresses with offset, but simply thepage aligned addresses.
target-sh4: MMU: fix ITLB priviledge check
There is an ITLB access violation if SR_MD=0 (user mode) whilethe high bit of the protection key is 0 (priviledge mode).
target-sh4: MMU: optimize UTLB accesses
With the current code, the QEMU TLB is setup to match the read/writemode of the MMU fault. This means when read access is done, the pageis setup in read-only mode. When the page is later accessed in writemode, an MMU fault happened, and the page is switch in write-only...
target-sh4: MMU: reduce the size of a TLB entry
Reduce the size of the TLB entry from 32 to 16 bytes, reorganisingmembers and using a bit field.
target-sh4: MMU: remove dead code
target-sh4: MMU: fix store queue addresses
The store queues are located from 0xe0000000 to 0xe3ffffff.
sh7750: handle MMUCR TI bit
When the MMUCR TI bit is set, all the UTLB and ITLB entries should beflushed.
tcg/mips: implement setcond2
Merge remote branch 'linux-user/linux-user-for-upstream' into staging-tmp
Merge remote branch 'qemu-kvm/uq/master' into staging-tmp
tcg/mips: implement setcond
configure: fix the static compilation for sdl
The static compilation for sdl is broken after79427693174a553d62f3da44aacd3f19ba8df3a7.
Signed-off-by: TeLeMan <geleman@gmail.com>Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
configure: Add --enable-docs and --disable-docs to --help
This patch adds the documentation-related options "--enable-docs" and"--disable-docs" to the help message of "configure".
Signed-off-by: Dirk Ullrich <dirk.ullrich@googlemail.com>Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
target-sh4: minor optimisations
SH4/R2D: fix poweroff
The write the the PA_POWOFF register is currently ignored. Fix that bycalling qemu_system_shutdown_request() when a poweroff is requested.
tcg: move setcond* ops to non-optional section
setcond is not an optional op, move it to the non-optional section.
tcg: add setcondi pseudo-op
block/curl: %Z is not a valid conversion specifier
Signed-off-by: malc <av1474@comtv.ru>
Revert "On some systems printf is a macro"
This reverts commit bc5b6004588ad17370e0416e40b4aa9cf977023b.
qemu-img: avoid preprocessor directives in a printf call
Other choices include using "(printf)", but this one is not bad interms of readability.
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>Signed-off-by: malc <av1474@comtv.ru>
cope with printf macro definition in readline.c
do not interpolate % from vl.c to qemu-options.h
Since qemu-options.h is only used in vl.c, we can avoid usingbrittle interpolation from a generated file.
vl.c: avoid preprocessor directives in a printf call
Similar to the qemu-img.c patch, but I also have to unescape remaining% signs in qemu-options.hx.
dec: actually implement PCI bridging
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
esp: use CamelCaseFunc for function types
fw_cfg: don't use reserved _ prefix
fdc: don't use reserved _ prefix
fdc: don't use reserved _t suffix
escc: don't use reserved _t suffix
m48t59: don't use reserved _t suffix
tcg/ppc64: implement setcond
tcg/ppc32: proper setcond implementation
tcg/ppc32: implement setcond2
On some systems printf is a macro
Do not use dprintf
dprintf is already claimed by POSIX1, and on at least one systemis implemented as a macro
[1] http://www.opengroup.org/onlinepubs/9699919799/functions/dprintf.html
arm host: fix compiler warning
Compilation for arm (native or cross) results in thiswarning:
fpu/softfloat-native.c: In function ‘float64_round_to_int’:fpu/softfloat-native.c:387: error: control reaches end of non-void function
float64_round_to_int uses special assembler code for arm...
tcg-i386: Implement setcond.
Signed-off-by: Richard Henderson <rth@twiddle.net>Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
tcg-i386: Implement small forward branches.
There are places, like brcond2, where we know that the destinationof a forward branch will be within 127 bytes.
Add the R_386_PC8 relocation type to support this. Add a flag totcg_out_jxx and tcg_out_brcond* to enable it. Set the flag in the...
Add -static earlier to LDFLAGS for compile_prog()
Add -static to LDFLAGS earlier as to run the compile_prog() tests withthis flags, this will avoid turning on features for which a sharedlibrary is available but not a static one.
Signed-off-by: Loïc Minier <lool@dooz.org>...
Fix missing symbols in .rel/.rela.plt sections
Fix .rel.plt sections in the output to not only include .rel.pltsections from the input but also the .rel.iplt sections and to definethe hidden symbols __rel_iplt_start and __rel_iplt_end around.rel.iplt as otherwise we get undefined references to these when...
configure: remove debugging code introduced in aa527b65d8187b97d73f889b6cae7b6ac6f82d32
configure: fix compilation on hosts without -fstack-protector-all
Commit a0f291fc101a7ab3e40850a329da2cc2f2cd1f2d has enabled-fstack-protector-all on all targets, as the configure test is bogus.GCC only emits a warning and not an error if this option is not...
Update MAINTAINERS
Remove Thiemo from the maintainers. Requiescat in pace.
target-mips: don't call cpu_loop_exit() from helper.c
In helper.c AREG0 may not correspond do env, so it's not possible tocall cpu_loop_exit() here. Call it from op_helper.c instead.
linux-user: adapt uname machine to emulated CPU
This patch for linux-user adapts the output of the emulated uname()syscall to match the configured CPU. Tested with x86, x86-64 and armemulation.
Signed-off-by: Riku Voipio <riku.voipio@iki.fi>Signed-off-by: Loïc Minier <lool@dooz.org>
fix locking error with current_tb
Signed-off-by: Riku Voipio <riku.voipio@nokia.com>
linux-user: remove signal handler before calling abort()
Qemu may hang in host_signal_handler after qemu has done aseppuku with cpu_abort(). But at this stage we are not reallyinterested in target process coredump anymore, so unregisterhost_signal_handler to die grafefully....
target-arm: refactor cp15.c13 register access
Access the cp15.c13 TLS registers directly with TCG ops instead of witha slow helper. If the the cp15 read/write was not TLS register access,fall back to the cp15 helper.
This makes accessing __thread variables in linux-user when apps are compiled...
target-ppc: change DCR helpers to target_long arguments
The recent transition to always have the DCR helper functions take 32 bitvalues broke the PPC64 target, as target_long became 64 bits there.
This patch changes DCR helpers to target_long arguments, and cast the values...