Fix ivshmem build on 32-bit hosts
stat() fields can be more or less anything depending on configuration, castexplicitly to uint64_t to avoid printf() format mismatches.
Signed-off-by: Avi Kivity <avi@redhat.com>Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
hw/ivshmem.c don't check for negative values on unsigned data types
There is no need to check for dest < 0 or vector >= 0 as both areuint16_t.
This should fix problems with broken build with aggressive compilerflags. Reported by Xudong Hao <xudong.hao@intel.com>...
load_multiboot(): get_image_size() returns int
Do not store return of get_image_size() in a uint32_t as it makes itimpossible to detect error returns from get_image_size.
Signed-off-by: Jes Sorensen <Jes.Sorensen@redhat.com>Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
acpi: fix file size check with -acpitable.
acpi table file can be modified during load so file size checkshould be more strict.pointer calculation should be after qemu_realloc(). not before realloc().
Signed-off-by: Isaku Yamahata <yamahata@valinux.co.jp>...
isapc: fix segfault.
https://bugs.launchpad.net/bugs/611646reports that ./i386-softmmu/qemu -M isapc segfaults.This patch fixes the segfault introduced byf885f1eaa8711c06033ceb1599e3750fb37c306f
It's because i440fx_state in pc_init1() isn't initialized....
etraxfs_eth: correct use of ! and &
Combining bitwise AND and logical NOT is suspicious.
Fixed by this Coccinelle script:// From http://article.gmane.org/gmane.linux.kernel/646367@ expression E1,E2; @( !E1 & !E2 |- !E1 & E2+ !(E1 & E2))
@ expression E1,E2;
Acked-by: Edgar E. Iglesias <edgar.iglesias@gmail.com>...
ppc4xx: correct SDRAM controller warning message condition
The message "Truncating memory to %d MiB to fit SDRAM controller limits" should be displayed only when a user chooses an amount of RAM whichcan't be represented by the PPC 4xx SDRAM controller (e.g. 129MB, which...
ppc4xx: don't unregister RAM at reset
The PowerPC 4xx SDRAM controller emulation unregisters RAM in its resetcallback. However, qemu_system_reset() is now called at initializationtime, so all RAM is unregistered before starting the guest (!).
Signed-off-by: Hollis Blanchard <hollis@penguinppc.org>
ppc4xx: load Bamboo kernel, initrd, and fdt at fixed addresses
We can't use the return value of load_uimage() for the kernel because itcan't account for BSS size, and the PowerPC kernel does not relocateblobs before zeroing BSS.
Instead, we now load at the fixed addresses chosen by u-boot (the normal...
PPC: Add PV hypercall transport through fw_cfg
On KVM for PPC we need to tell the guest which instructions to use whendoing a hypercall. The clean way to do this is to go through an ioctlfrom userspace and passing it on to the guest using the device tree....
Rearrange block headers
Changing block.h or blockdev.h resulted in recompiling most objects.
Move DriveInfo typedef and BlockInterfaceType enum definitionsto qemu-common.h and rearrange blockdev.h use to decrease churn.
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
VGA: Don't register deprecated VBE range
Old versions of the BOCHs VGA BIOS (cira 2003) made use of VBEregisters at 0xff80/81. In VBE API version 0xb0c2 these weremoved to 0x1ce/cf. Unfortunately, QEMU still registers handlersfor the old range. If a guest attempts to assign an I/O device...
QemuOpts: make most qemu_*_opts static
Switch tree to lookup-by-name using qemu_find_opts().Also hook up virtfs options so qemu_find_opts works for them too.
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
pckbd: support for commands 0xf0-0xff: Pulse output bit
I have a guest OS which sends the command 0xfd to the keyboardcontroller during initialization. To get rid of the message"qemu: unsupported keyboard cmd=0x%02x\n" I added support forthe pulse output bit commands....
virtio-serial: Cleanup on device hot-unplug
Free malloc'ed memory, unregister from savevm and clean up virtio-commonbits on device hot-unplug.
This was found performing a migration after device hot-unplug.
Reported-by: <lihuang@redhat.com>Signed-off-by: Amit Shah <amit.shah@redhat.com>...
Replace qemu_malloc + memset with qemu_mallocz
Replace a qemu_malloc call, followed by a memset, with qemu_mallocz.
Found with this Coccinelle semantic patch, adapted fromCoccinelle test package rule 94:@type T;expression x;expression E;@
@type T;expression x;expression E;
- x = (T)qemu_malloc(E)...
Remove useless NULL check for qemu_strdup return value
Found with this Coccinelle semantic patch:@expression E;identifier ptr;identifier fn ~= "qemu_strn?dup";@
@expression E;identifier ptr;identifier fn ~= "qemu_strn?dup";
ptr = fn(E);-if (ptr == NULL) { ... }+ptr = fn(E);
sparc escc IUS improvements (SunOS 4.1.4 fix)
According to scc_escc_um.pdf: - Reset Highest IUS must update irq status to allow processing of the next priority interrupt. - rx interrupt has always higher priority than tx on same channel
The documentation only explicitly says that Reset Highest IUS...
RESEND: Inter-VM shared memory PCI device
resend for bug fix related to removal of irqfd
Support an inter-vm shared memory device that maps a shared-memory object as aPCI device in the guest. This patch also supports interrupts between guest bycommunicating over a unix domain socket. This patch applies to the qemu-kvm...
Support marking a device as non-migratable
A non-migratable device should be removed before migration and re-added after.
Signed-off-by: Cam Macdonell <cam@cs.ualberta.ca>Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
Merge remote branch 'kwolf/for-anthony' into staging
sparc32: use FW_CFG_CMDLINE_SIZE
Add support for getting kernel command line size withFW_CFG_CMDLINE_SIZE.
ide: Avoid canceling IDE DMA
The reason for not actually canceling the I/O is because withvirtualization and lots of VM running, a guest fs may mistake aoverload of the host, as an IDE timeout. So rather than canceling theI/O, it's safer to wait I/O completion and simulate that the I/O has...
fix last cpu timer initialization
The timer #0 is the system timer, so the timer #num_cpu is thetimer of the last CPU, and it must be initialized in slavio_timer_reset.
Don't mark non-existing timers as running.
Signed-off-by: Artyom Tarasenko <atar4qemu@gmail.com>...
jazz led: Fix debug prints
Add a macro to easily enable/disable debug printsAlso fix wrong printf formatters
Signed-off-by: Hervé Poussineau <hpoussin@reactos.org>Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
xilinx-s3adsp: Add support for loading u-boot images.
Signed-off-by: Edgar E. Iglesias <edgar.iglesias@gmail.com>
xilinx-s3adsp: Fix loading of raw binaries.
Set high to a word aligned address beyond loaded image.
Remove unused eventfd.h
This header is not present on my system and causes a buildfailure, but is also not used in these files, so remove it.
Signed-off-by: Mike McCormack <mikem@ring3k.org>Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
mips64el: fulong: PCI_DEVFN() clean up.
Use PCI_DEVFN() where appropriate.The resulted stripped binary remains samewith/without thie patch.
Cc: Huacai Chen <zltjiangshi@gmail.com>Cc: Aurelien Jarno <aurelien@aurel32.net>Signed-off-by: Isaku Yamahata <yamahata@valinux.co.jp>...
remove dead code from hw/loader.c
Removing dead code. Above we already continued whenrom->addr + valuegreaterthan0 < addr so this condition is always false.
Signed-off-by: Joel Schopp <jschopp@austin.ibm.com>Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
virtio-serial: Check if more max_ports specified than we can handle
Currently virtio-serial supports a maximum of 31 ports. Specifying the'max_ports' parameter to be > 31 on the cmd line causes badness.
Ensure we initialise virtio-serial only if max_ports is within the...
Merge branch 'for-anthony' of git://repo.or.cz/qemu/kevin
Fix uint8_t comparisons with negative values
Fix the following warnings:/src/qemu/hw/ide/core.c: In function `ide_drive_pio_post_load':/src/qemu/hw/ide/core.c:2767: warning: comparison is always false due to limited range of data type
/src/qemu/ui/vnc-enc-tight.c: In function `tight_detect_smooth_image':...
Revert "ide save/restore current transfer fields"
This reverts commit 42ee76fe82093ba914f0dc83d2decbcf68866144.
Signed-off-by: Juan Quintela <quintela@redhat.com>Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
vmstate: add subsections code
This commit adds subsections for each device section.Subsections is the way to handle information that don't need to be sentto de destination of a migration because its values are not needed. It isthe way to handle optional information. Notice that only the source can...
ide: fix migration in the middle of pio operation
ide: fix migration in the middle of a bmdma transfer
It reintroduces Revert "ide save/restore pio/atapi cmd transfer fields and io buffer"
but using subsections. Added bonus is the addition of ide_dummy_transfer_stopto transfer_end_table, that was missing....
Revert "ide save/restore pio/atapi cmd transfer fields and io buffer"
This reverts commit ed487bb1d69040b9dac64a4fc076d8dd82b131d6.
The conflicts are due to commit 4fc8d6711aff7a9c11e402c3d77b481609f9f486that is a fix to the ide_drive_pre_save() function. It reverts both...
Merge remote branch 'mst/for_anthony' into staging
ide/atapi: add support for GET EVENT STATUS NOTIFICATION
The GET EVENT STATUS NOTIFICATION is a mandatory command accordingto MMC-3, even if event status notification is not supported.
This patch adds support for this command. It returns NEA ("No Event...
virtio-blk: Create exit function to unregister savevm
Otherwise we can't migrate after we've removed a virtio block device.
Signed-off-by: Alex Williamson <alex.williamson@redhat.com>Signed-off-by: Kevin Wolf <kwolf@redhat.com>
etrax: Update ethernet mgm-ctrl reg on writes
Some SW drivers dont keep track of what they've written anddepend on the HW latching write contents for laterread+modify+write sequences.
Signed-off-by: Edgar E. Iglesias <edgar@axis.com>
mips: more fixes to the MIPS interrupt glue logic
Commit 36388314febad3d7675ab919287f03733a560ff6 moved most of theinterrupt logic to cpu-exec.c. Remove the remaining useless codeand fix software interrupts.
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>...
mips: Correct MIPS interrupt glue logic for icount
When hw interrupt pending bits in CP0_Cause are set, the CPU shouldsee the hw interrupt line as active. The CPU may or may not take theinterrupt based on internal state (global irq mask etc) but the glue...
e1000: Fix wrong microwire EEPROM state initialization
This change fixes initialization of e1000's microwire EEPROM internalstate values so that qemu's e1000 emulation works on NetBSD,which doesn't use Intel's em driver but has its own wm driverfor the Intel i8254x Gigabit Ethernet....
scsi: Dequeue requests before invoking completion callback
The request completion callback of the LSI controller may start the nextrequest that can use the same tag as the completed one. As the latter isstill enqueued at that point, scsi_send_command will complain about the...
virtio-serial: Fix compat property name
Starting with qemu -M pc-0.12 -device virtio-serial
results in
-device virtio-serial: Property 'virtio-serial-pci.max_nr_ports' not found
The property name 'max_ports' is incorrectly named 'max_nr_ports'. Fixthat....
Sparc32: reserve addresses for unimplemented devices on SS-20
Use empty_slot to reserve addresses for several unimplemented devices so they won't fault. - BPP (parallel port), DBRI (audio), SX (pixel processor), and vsimms (framebuffer)OBP for SS-20 either assumes these devices exist or probes without expecting faults....
vhost: fix miration during device start
We need to know ring layout to allocate log buffer.So init rings first.
Also fixes a theoretical memory-leak-on-error.
https://bugzilla.redhat.com/show_bug.cgi?id=615228
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>...
e1000: fix access 4 bytes beyond buffer end
We do range check for size, and get size as buffer,but copy size + 4 bytes (4 is for FCS).Let's copy size bytes but put size + 4 in length.
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
e1000: secrc support
Add support for secrc field. Reportedly needed by old RHEL guests.
Merge remote branch 'origin/master' into staging
hw/bonito: remove incorrect pci_mem_base setting
This mistake makes PCI devices can't work correctly.
Signed-off-by: Huacai Chen <zltjiangshi@gmail.com>Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
virtio-pci: Check for virtio_blk_init() failure
It can't actually fail now, but the next commit will change that.
s390_virtio_blk_init() already checks for failure, butvirtio_blk_init_pci() doesn't. Fix that.
Signed-off-by: Markus Armbruster <armbru@redhat.com>...
virtio-blk: Fix virtio-blk-s390 to require drive
Move the check from virtio_blk_init_pci(), where it protects onlyvirtio-blk-pci, to virtio_blk_init(). Without that, virtio-blk-s390initializes without a drive. I figure that can lead to null pointerdereferences....
ide scsi virtio-blk: Reject empty drives unless media is removable
Disks without media make no sense. For SCSI, a Linux guest kernelcomplains during boot. I didn't try other combinations.
scsi-generic doesn't need the additional check, because it already...
pc: Avoid registering zero sized memory
No need to call cpu_register_physical_memory() for a zero sized area.
Signed-off-by: Alex Williamson <alex.williamson@redhat.com>Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
virtio-9p: Avoid SEGV when log file couldn't be opened
While running in debug mode if 9P server is unable to open the log fileit results in a SEGV deep down in glibc:
Program received signal SIGSEGV, Segmentation fault.0x008fca8c in fwrite () from /lib/libc.so.6...
virtio-serial: Check if virtio queue is ready before consuming data
If a virtio-serial port is removed before the guest comes up andinitialises the virtqueues, qemu exits with the message
Guest moved used index from 0 to 61440
This happens because we try to clear any pending buffers from the...
virtio-serial: Assert for virtio queue ready before virtqueue operations
In addition to the previous fix for calling do_flush_queued_data() onlywhen the virtqueue is ready, ensure do_flush_queued_data() gets a vqthat's suitably initialised.
Signed-off-by: Amit Shah <amit.shah@redhat.com>...
pci/multi function bit: fix vt82c686.c.
The file, vt82c686.c, was added after the change set ofb80d4a9887fa4b6cc63f8c3a13ab2a45054d3e5c andfecb93c45c749a4c994d8d12bdee17ce2012de9eare created, but before the patch series was commit.So similar fix is needed to vt82c686.c....
pci hotplug: make pci hotplug return value to caller
make pci hotplug callback return value to caller.And when returning error, allocated resources are freed.
Signed-off-by: Isaku Yamahata <yamahata@valinux.co.jp>Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
virtio-net: correct packet length math
We were requesting too much when checking bufferlength: size already includes host header length.
Further, we should not exit if we get a packet thatis too long, since this might not be under controlof the guest. Just drop the packet....
pci: fix bridge update
bridge config write should trigger updateson the secondary bus. never on the primary bus.
rtl8139: address TODOs
Make rtl8139 spec compliant, fixing reset valuesfor command register.
vmware_vga: fix reset value for command register
Make init value for this register match the spec.BAR address is 0 at init, so enabling itonly works by chance.
pcnet: address TODOs
pcnet enables memory/io on init, whichdoes not make sense as BAR values are wrong.
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>Tested-by: Jan Kiszka <jan.kiszka@siemens.com>
pci hotplug: make pci_device_hot_remove() static
Signed-off-by: Isaku Yamahata <yamahata@valinux.co.jp>Acked-by: Gerd Hoffmann <kraxel@redhat.com>Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
pci: fix pci_device_reset
Clear interrupt disable bit on reset, according to PCI spec.Fix pci_device_reset() with 64bit BAR.
AppleSMC device emulation
Intel Macs have a chip called the "AppleSMC" which they use to controlcertain Apple specific parts of the hardware, like the keyboard backgroundlight.
That chip is also used to store a key that Mac OS X uses to decrypt binaries....
pci: set PCI multi-function bit appropriately.
Set PCI multi-function bit according to multifunction property.PCI address, devfn ,is exported to users as addr property,so users can populate pci function(PCIDevice in qemu)at arbitrary devfn.It means each function(PCIDevice) don't know whether pci device...
pci: set multifunction property for normal device.
use pci_create_simple_multifunction() for normal device which setsmultifunction bit.At the moment, only pc_piix.c and mips_malta.c uses multifunctiondevices with piix3/4 pci-isa bridge.And other boards don't populate those devices....
pci_bridge: make pci bridge aware of pci multi function bit.
make pci bridge aware of pci multi function property and let pci genericcode to set the bit.
Cc: Blue Swirl <blauwirbel@gmail.com>Signed-off-by: Isaku Yamahata <yamahata@valinux.co.jp>Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
pci: introduce multifunction property.
introduce multifunction property.Also introduce new convenient device creation function whichwill be used later.
For bisectability this patch doesn't do anything, but sets the propertyresulting in no functional changes....
qdev: implement qdev_prop_set_bit().
implement qdev_prop_set_bit().
Signed-off-by: Isaku Yamahata <yamahata@valinux.co.jp>Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
pci: remove PCIDeviceInfo::header_type
replace PCIDeviceInfo::header_type with is_bridgeas suggested by Michael S. Tsirkin <mst@redhat.com>
pci: don't overwrite multi functio bit in pci header type.
Don't overwrite pci header type.Otherwise, multi function bit which pci_init_header_type() setsappropriately is lost.Anyway PCI_HEADER_TYPE_NORMAL is zero, so it is unnecessary to zerowhich is already zero cleared....
pci: insert assert that auto-assigned-address function is single function device.
Auto-assigned-address pci function (passing devfn = -1) is alwayssingle function.This patch adds assert() to guarantee that auto-assigned-address functionis always single function device at function = 0....
pci: use PCI_DEVFN() where appropriate.
Use PCI_DEVFN() and PCI_FUNC_MAX where appropriate.This patch make it clear that func = 0.
test:The following object files with/without this patch are stripped and compared.They remains same. arm-softmmu/versatile_pci.o...
qdev: Add a get_dev_path() function to BusInfo
This function is meant to provide a stable device path for buseswhich are able to implement it. If a bus has a globally uniqueaddresses scheme, one address level may be sufficient to providea path. Other buses may need to recursively traverse up the...
pci: Implement BusInfo.get_dev_path()
This works great for PCI since a <segment>:<bus>:<dev>.<fn> uniquelydescribes a global address. No need to traverse up the qdev tree.PCI segment support is a placeholder for compatibility once wesupport multiple segments....
savevm: Add DeviceState param
When available, we'd like to be able to access the DeviceStatewhen registering a savevm. For buses with a get_dev_path()function, this will allow us to create more unique savevmid strings.
Signed-off-by: Alex Williamson <alex.williamson@redhat.com>...
eepro100: Add a dev field to eeprom new/free functions
This allows us to create a more meaningful savevm string.
virtio-net: Incorporate a DeviceState pointer and let savevm track instances
Stuff a pointer to the DeviceState into the VirtIONet structure so thatwe can easily remove the vmstate entry later. Also, let vmstate trackthe instance number (it should always be zero internally since the...
qemu_ram_alloc: Add DeviceState and name parameters
These will be used to generate unique id strings for ramblocks. The namefield is required, the device pointer is optional as most callers don'thave a device. When there's no device or the device isn't a child of...
pci: Free the space allocated for the option rom on removal
scsi: Fix SCSI bus reset
When the controller raises the SCSI reset line, we have to perform therequested reset on all disks attached to the controller's bus. Moreover,reset is edge triggered, so avoid repeating it if the line was alreadyhigh.
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>...
make rtc alatm work
Convert alarm time from BCD if needed before comparing with currenttime.
Signed-off-by: Gleb Natapov <gleb@redhat.com>Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
pc: Allocate all ram in a single qemu_ram_alloc()
This will benefit us when we migrate based on ramblock name sincewe won't be bouncing between separate blocks.
ide: Reject readonly drives unless CD-ROM
drive_init() doesn't permit option readonly for if=ide, but that'sworthless: we get it via if=none and -device.
Signed-off-by: Markus Armbruster <armbru@redhat.com>Signed-off-by: Kevin Wolf <kwolf@redhat.com>
ide: Reject invalid CHS geometry
drive_init() doesn't permit invalid CHS for if=ide, but that'sworthless: we get it via if=none and -device.
qdev: Don't hw_error() in qdev_init_nofail()
Some of the failures are internal errors, and hw_error() is okay then.But the common way to fail is bad user input, e.g. -globalisa-fdc.driveA=foo where drive foo has an unsupported rerror value.
exit(1) instead....
scsi: Reject unimplemented error actions
drive_init() doesn't permit rerror for if=scsi, but that's worthless:we get it via if=none and -device.
Moreover, scsi-generic doesn't support werror. Since drive_init()doesn't catch that, option werror was silently ignored even with...
scsi: Error locations for -drive if=scsi device initialization
ide: Improve error messages
Use error_report(), because it points to the error location.
Reword "tried to assign twice" messages to make it clear that we'recomplaining about the unit property.
Report invalid unit property instead of failing silently....
ide: Replace IDEState members is_cdrom, is_cf by drive_kind
The two aren't independent variables. Make that obvious.
ide: Make ide_init_drive() return success
It still always succeeds. The next commits will add failures.