Commit Graph

25120 Commits

Author SHA1 Message Date
Markus Armbruster
44f3bcd2c7 qmp: Drop wasteful zero-initialization in qmp_memchar_read()
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2013-02-06 16:35:19 -06:00
Markus Armbruster
c287e99fe4 qmp: Drop superfluous special case "empty" in qmp_memchar_read()
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2013-02-06 16:35:18 -06:00
Markus Armbruster
13289fb5a7 qmp: Plug memory leaks in memchar-write, memchar-read
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2013-02-06 16:35:18 -06:00
Markus Armbruster
c4f331b6b3 qmp: Clean up type usage in qmp_memchar_write(), qmp_memchar_read()
Const-correctness, consistently use standard C types instead of mixing
them with GLib types.

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2013-02-06 16:35:17 -06:00
Markus Armbruster
1a69278e53 qmp: Use generic errors in memchar-read, memchar-write
New errors should be generic unless there's a real use case for rich
errors.

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2013-02-06 16:35:17 -06:00
Markus Armbruster
3ab651fc81 qmp: Clean up design of memchar-read
The data returned has a well-defined size, which makes the size
returned along with it redundant at best.  Drop it.

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2013-02-06 16:35:17 -06:00
Markus Armbruster
82e59a676c qmp: Fix design bug and read beyond buffer in memchar-write
Command memchar-write takes data and size parameter.  Begs the
question what happens when data doesn't match size.

With format base64, qmp_memchar_write() copies the full data argument,
regardless of size argument.

With format utf8, qmp_memchar_write() copies size bytes from data,
happily reading beyond data.  Copies crap from the heap or even
crashes.

Drop the size parameter, and always copy the full data argument.

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2013-02-06 16:35:17 -06:00
Michael Tokarev
2a0e1ad66e vnc: recognize Hungarian doubleacutes
As reported in http://bugs.debian.org/697641 , some Hungarian keys
does not work with qemu when using vnc display.

This is because while the Hungarian keymap mentions these symbols,
qemu know nothing about them.  So add them.

This patch is applicable to -stable for all previous releases.

Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
Reviewed-by: Laszlo Ersek <lersek@redhat.com>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2013-02-06 15:52:31 +01:00
Stefan Weil
f38f7a847e target-m68k: Fix comment
* spelling fix ito -> into
* reorder to match load/store

Signed-off-by: Stefan Weil <sw@weilnetz.de>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2013-02-06 15:52:07 +01:00
Michael Tokarev
15af6321f4 vnc: recognize Hungarian doubleacutes
As reported in http://bugs.debian.org/697641 , some Hungarian keys
does not work with qemu when using vnc display.

This is because while the Hungarian keymap mentions these symbols,
qemu know nothing about them.  So add them.

This patch is applicable to -stable for all previous releases.

Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2013-02-06 08:29:58 -06:00
Aneesh Kumar K.V
a911a182a6 qemu/9p: Don't ignore error in fid clunk
We use the clunk request to do the actual xattr operation. So don't
ignore the error value for fid clunk.

Security model "none" don't support posix acl. Without this patch
guest won't get EOPNOTSUPP error on setxattr("system.posix_acl_access")

Signed-off-by: Aneesh Kumar K.V <aneesh.kumar@linux.vnet.ibm.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2013-02-06 08:29:50 -06:00
Aneesh Kumar K.V
facf98ad98 qemu/iovec: Don't assert if sbytes is zero
Since these values can possibly be sent from guest (for hw/9pfs), do a sanity check
on them. A 9p write request with 0 bytes caused qemu to abort without this patch

Signed-off-by: Aneesh Kumar K.V <aneesh.kumar@linux.vnet.ibm.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2013-02-06 08:29:50 -06:00
Michael S. Tsirkin
ddcb73b778 e1000: fix link down handling with auto negotiation
Fixes a couple of regression bugs introduced by
b9d03e352c and related to
auto-negotiation:
-   Auto-negotiation currently sets link up even if it was
    forced down from the monitor.
-   If Auto-negotiation was in progress during migration,
    link will never come up.

As a fix, don't touch NC link_down field at all,
instead add code on receive path to check
guest link status.

Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2013-02-06 08:29:25 -06:00
Richard Henderson
84208085d3 configure: Fix build with XFree
The build is broken on ppc64-linux, possibly only with new binutils:

ld: hw/lm32/../milkymist-tmu2.o: undefined reference to symbol 'XFree'
ld: note: 'XFree' is defined in DSO /lib64/libX11.so.6 so try \
  adding it to the linker command line

So let's follow the linker's advice.

Signed-off-by: Richard Henderson <rth@twiddle.net>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2013-02-06 08:29:21 -06:00
Richard Henderson
91107fdf44 bswap: Fix width of swap in leul_to_cpu
The misnamed HOST_LONG_BITS is really HOST_POINTER_BITS.  Here we're
explicitly using an unsigned long, rather than uintptr_t, so it is
more correct to select the swap size via ULONG_MAX.

Acked-by: Andreas Färber <afaerber@suse.de>
Signed-off-by: Richard Henderson <rth@twiddle.net>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2013-02-06 08:29:21 -06:00
Anthony Liguori
5f876756c5 bios: recompile BIOS
SeaBIOS is really close to spilling over to 256k.  Until we can better
handle migration across RAM block size changes, recompile SeaBIOS with
a compiler that causes the binary to still fit in 128k.

This was built with:

gcc version 4.7.2 20121109 (Red Hat 4.7.2-8) (GCC)

On 64-bit Fedora 18.

Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2013-02-05 20:51:37 -06:00
Markus Armbruster
8f44015e46 trace: Fix location of simpletrace.py in docs
Missed when commit 4c3b5a48 moved it.

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Laszlo Ersek <lersek@redhat.com>
Reviewed-by: Harsh Prateek Bora <harsh@linux.vnet.ibm.com>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2013-02-05 21:52:55 +01:00
Markus Armbruster
b6b2c96280 trace: Clean up the "try to update atomic until it worked" loops
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Laszlo Ersek <lersek@redhat.com>
Reviewed-by: Harsh Prateek Bora <harsh@linux.vnet.ibm.com>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2013-02-05 21:52:55 +01:00
Markus Armbruster
e722d705ae trace: Direct access of atomics is verboten, use the API
The GLib Reference Manual says:

    It is very important that all accesses to a particular integer or
    pointer be performed using only this API and that different sizes
    of operation are not mixed or used on overlapping memory
    regions. Never read or assign directly from or to a value --
    always use this API.

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Laszlo Ersek <lersek@redhat.com>
Reviewed-by: Harsh Prateek Bora <harsh@linux.vnet.ibm.com>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2013-02-05 21:52:55 +01:00
Markus Armbruster
fb3a508531 trace: Fix simple trace dropped event record for big endian
We use atomic operations to keep track of dropped events.

Inconveniently, GLib supports only int and void * atomics, but the
counter dropped_events is uint64_t.  Can't stop commit 62bab732: a
quick (gint *)&dropped_events bludgeons the compiler into submission.

That cast is okay only when int is exactly 64 bits wide, which it
commonly isn't.

If int is even wider, we clobber whatever follows dropped_events.  Not
worth worrying about, as none of the machines that interest us have
such morbidly obese ints.

That leaves the common case: int narrower than 64 bits.

Harmless on little endian hosts: we just don't access the most
significant bits of dropped_events.  They remain zero.

On big endian hosts, we use only the most significant bits of
dropped_events as counter.  The least significant bits remain zero.
However, we write out the full value, which is the correct counter
shifted left a bunch of places.

Fix by changing the variables involved to int.

There's another, equally suspicious-looking (gint *)&trace_idx
argument to g_atomic_int_compare_and_exchange(), but that one casts
unsigned *, so it's okay.  But it's also superfluous, because GLib's
atomic int operations work just fine for unsigned.  Drop it.

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Laszlo Ersek <lersek@redhat.com>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2013-02-05 21:52:55 +01:00
Stefan Weil
b22dd1243f target-s390x: Fix wrong comparison in interrupt handling
gcc with -Wextra complains about an ordered pointer comparison:

target-s390x/helper.c:660:27: warning:
 ordered comparison of pointer with integer zero [-Wextra]

Obviously the index was missing in the code.

Signed-off-by: Stefan Weil <sw@weilnetz.de>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2013-02-04 15:24:15 -06:00
Anthony Liguori
0123c48636 s390x: silence warning from GCC on uninitialized values
As best I can tell, this is a false positive.

  [aliguori@ccnode4 qemu-s390]$ make
    CC    s390x-softmmu/target-s390x/helper.o
  /home/aliguori/git/qemu/target-s390x/helper.c: In function ‘do_interrupt’:
  /home/aliguori/git/qemu/target-s390x/helper.c:673:17: error: ‘addr’ may be used uninitialized in this function [-Werror=maybe-uninitialized]
  /home/aliguori/git/qemu/target-s390x/helper.c:620:20: note: ‘addr’ was declared here
  /home/aliguori/git/qemu/target-s390x/helper.c:673:17: error: ‘mask’ may be used uninitialized in this function [-Werror=maybe-uninitialized]
  /home/aliguori/git/qemu/target-s390x/helper.c:620:14: note: ‘mask’ was declared here
  cc1: all warnings being treated as errors
  make[1]: *** [target-s390x/helper.o] Error 1
  make: *** [subdir-s390x-softmmu] Error 2

Cc: Cornelia Huck <cornelia.huck@de.ibm.com>
Cc: Stefan Weil <sw@weilnetz.de>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2013-02-04 15:24:15 -06:00
Michael Roth
ded67782e6 acpi_piix4: fix segfault migrating from 1.2
b0b873a078 bumped the vmstate version and
introduced an old-style load function to handle migration from prior
(<= 1.2) versions.

The load function passes the top-level PIIX4PMState pointer to
vmstate_load_state() to handle nested structs for APMState and
pci_status, which leads to corruption of the top-level PIIX4PMState,
since pointers to the nested structs are expected.

A segfault can be fairly reliably triggered by migrating from 1.2 and
issuing a reset, which will trigger a number of QOM operations which
rely on the now corrupted ObjectClass/Object members.

Fix this by passing in the expected pointers for vmstate_load_state().

Cc: qemu-stable@nongnu.org
Signed-off-by: Michael Roth <mdroth@linux.vnet.ibm.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2013-02-04 14:39:07 -06:00
Eduardo Habkost
c881e20eed vl.c: validate -numa "cpus" parameter properly
- Accept empty strings without aborting
- Use parse_uint*() to parse numbers
- Abort if anything except '-' or end-of-string is found after the first
  number.
- Check for endvalue < value

Also change the MAX_CPUMASK_BITS warning message from "A max of %d CPUs
are supported in a guest" to "qemu: NUMA: A max of %d VCPUs are
supported".

Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2013-02-04 14:38:35 -06:00
Eduardo Habkost
845e5bf9cd vl.c: Extract -numa "cpus" parsing to separate function
This will make it easier to refactor that code later.

Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2013-02-04 14:38:34 -06:00
Eduardo Habkost
5f1399651e vl.c: Use parse_uint_full() for NUMA nodeid
This should catch many kinds of errors that the current code wasn't
checking for:

 - Values that can't be parsed as a number
 - Negative values
 - Overflow
 - Empty string

Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2013-02-04 14:38:34 -06:00
Eduardo Habkost
e4ce85b258 vl.c: numa_add(): Validate nodeid before using it
Without this check, QEMU will corrupt memory if a too-large nodeid is
provided in the command-line. e.g.:

  -numa node,mem=...,cpus=...,nodeid=65

This changes nodenr to unsigned long long, to avoid integer conversion
issues when converting the strtoull() result to int.

Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2013-02-04 14:38:33 -06:00
Eduardo Habkost
ca4c6d3631 vl.c: Check for NUMA node limit inside numa_add()
Instead of checking the limit before calling numa_add(), check the limit
only when we already know we're going to add a new node.

Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2013-02-04 14:38:33 -06:00
Eduardo Habkost
12e53a9d59 vl.c: Abort on unknown -numa option type
Abort in case an invalid -numa option is provided, instead of silently
ignoring it.

Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2013-02-04 14:38:33 -06:00
Eduardo Habkost
8f302cb090 vl.c: Fix off-by-one bug when handling "-numa node" argument
The numa_add() code was unconditionally adding 1 to the get_opt_name()
return value, making it point after the end of the string if no ','
separator is present.

Example of weird behavior caused by the bug:

  $ qemu-img create -f qcow2 this-file-image-has,cpus=5,mem=1000,in-its-name.qcow2 5G
  Formatting 'this-file-image-has,cpus=5,mem=1000,in-its-name.qcow2', fmt=qcow2 size=5368709120 encryption=off cluster_size=65536
  $ ./x86_64-softmmu/qemu-system-x86_64 -S -monitor stdio -numa node 'this-file-image-has,cpus=5,mem=1000,in-its-name.qcow2'
  QEMU 1.3.50 monitor - type 'help' for more information
  (qemu) info numa
  1 nodes
  node 0 cpus: 0
  node 0 size: 1000 MB
  (qemu)

This changes the code to nove the pointer only if ',' is found.

Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2013-02-04 14:38:33 -06:00
Eduardo Habkost
e3f9fe2d40 cutils: unsigned int parsing functions
There are lots of duplicate parsing code using strto*() in QEMU, and
most of that code is broken in one way or another. Even the visitors
code have duplicate integer parsing code[1]. This introduces functions
to help parsing unsigned int values: parse_uint() and parse_uint_full().

Parsing functions for signed ints and floats will be submitted later.

parse_uint_full() has all the checks made by opts_type_uint64() at
opts-visitor.c:

 - Check for NULL (returns -EINVAL)
 - Check for negative numbers (returns -EINVAL)
 - Check for empty string (returns -EINVAL)
 - Check for overflow or other errno values set by strtoll() (returns
   -errno)
 - Check for end of string (reject invalid characters after number)
   (returns -EINVAL)

parse_uint() does everything above except checking for the end of the
string, so callers can continue parsing the remainder of string after
the number.

Unit tests included.

[1] string-input-visitor.c:parse_int() could use the same parsing code
    used by opts-visitor.c:opts_type_int(), instead of duplicating that
    logic.

Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Reviewed-by: Laszlo Ersek <lersek@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2013-02-04 14:38:33 -06:00
Andreas Färber
ff057ccb07 target-cris: Build fix for debug output
Around r3361 (81fdc5f8d2) env->debug1 used
to contain the address of an MMU fault. This is now written into
env->pregs[PR_EDA] instead.

Signed-off-by: Andreas Färber <afaerber@suse.de>
Signed-off-by: Edgar E. Iglesias <edgar.iglesias@gmail.com>
2013-02-04 16:12:57 +01:00
Paolo Bonzini
fbeadf50f2 bitops: unify bitops_ffsl with the one in host-utils.h, call it bitops_ctzl
We had two copies of a ffs function for longs with subtly different
semantics and, for the one in bitops.h, a confusing name: the result
was off-by-one compared to the library function ffsl.

Unify the functions into one, and solve the name problem by calling
the 0-based functions "bitops_ctzl" and "bitops_ctol" respectively.

This also fixes the build on platforms with ffsl, including Mac OS X
and Windows.

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Tested-by: Andreas Färber <afaerber@suse.de>
Tested-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
2013-02-02 20:16:00 +00:00
Stefan Weil
7b2d977981 util: Fix compilation of envlist.c for MinGW
MinGW has no strtok_r, so we need a declaration in sysemu/os-win32.h.
We must also fix the include statements in util/envlist.c to include
that file.

We currently don't need an implementation of strtok_r because the
code is compiled but not linked for MinGW.

Signed-off-by: Stefan Weil <sw@weilnetz.de>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
2013-02-02 20:13:19 +00:00
Anthony Liguori
abd8d4a4d6 Update version for 1.4.0-rc0
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2013-02-01 18:05:30 -06:00
Anthony Liguori
02cd809099 tap: unbreak -netdev tap,fd=X
The multiqueue patch series broke -netdev tap,fd=X which manifests
as libvirt not being able to start a guest.  This was because it
passed NULL for the netdev name which results in an anonymous netdev
device regardless of what the user specified.

Cc: Jason Wang <jasowang@redhat.com>
Cc: Bruce Rogers <brogers@suse.com>
Reported-by: Bruce Rogers <brogers@suse.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2013-02-01 18:05:30 -06:00
Paolo Bonzini
b76facc35b qom: remove object_delete
This is now unused.  Document the initial reference count of an object
and when it will be freed/finalized.

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2013-02-01 15:53:11 -06:00
Paolo Bonzini
5c099537a6 cpu: do not use object_delete
CPUs are never added to the composition tree, so delete is achieved
simply by removing the last references to them.

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2013-02-01 15:53:11 -06:00
Paolo Bonzini
b09995aef1 qdev: drop extra references at creation time
qdev_free and qbus_free have to do unparent+unref, because nobody else
drops the initial reference (the one included by object_initialize)
before them.

For device_init_func and do_device_add, this is trivially correct,
since the DeviceState goes out of scope.

For qdev_create, qdev_try_create and qbus_init, it is a bit more tricky.
What we are doing here is just assuming that the caller knows what it's
doing, and won't call qdev_free/qbus_free while the device is still there.
This is a pretty reasonable assumption and (behind the scenes) is also
what GObject/GTK does.  GTK actually has a "floating reference" that
goes away as soon as the caller does gtk_container_add or something
like that, but in the end qbus_init and qdev_try_create are already
adding the new object to its qdev parent!  So in the end the two solutions
are the same.

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2013-02-01 15:53:11 -06:00
Paolo Bonzini
dc7389b79a qdev: inline object_delete into qbus_free/qdev_free
We want object_delete to disappear, and we will do this one class at a
time.  Inline it for the qdev case, which we will tackle first.

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2013-02-01 15:53:10 -06:00
Paolo Bonzini
62d7ba669d qdev: add reference for the bus while it is referred to by the DeviceState
Now that the unparent callbacks are complete, we can correctly account
more missing references.

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2013-02-01 15:53:10 -06:00
Paolo Bonzini
06f7f2bb56 qdev: move unrealization of devices from finalize to unparent
Similarly, a bus holds a reference back to the device, and this will
prevent the device from going away as soon as this reference is counted
properly.  To avoid this, move the unrealization of devices to the
unparent callback.  This includes recursively unparenting all the buses
and (after the previous patch) the devices on those buses, which ensures
that the web of references completely disappears for all devices that
reside (in the qdev tree) below the one being unplugged.

After this patch, the qdev tree and the bus<->child relationship is
defined as "A is above B, iff unplugging A will automatically unplug B".

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2013-02-01 15:53:10 -06:00
Paolo Bonzini
6853d27a12 qdev: move deletion of children from finalize to unparent
A device will never be finalized as long as it has a reference from
other devices that sit on its buses.  To ensure that the references
go away, deassociate a bus from its children in the unparent callback
for the bus.

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2013-02-01 15:53:10 -06:00
Paolo Bonzini
9d127820eb qdev: add reference count to a device for the BusChild
Each device has a reference through the BusChild.  This reference
was not accounted for, add it now.

Reviewed-by: Andreas Färber <afaerber@suse.de>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2013-02-01 15:53:10 -06:00
Paolo Bonzini
6c232d2ffb qom: document reference counting of link properties
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2013-02-01 15:53:10 -06:00
Paolo Bonzini
52e636cdd8 qom: preserve object while unparenting it
Avoid that the object disappears after it's deleted from the QOM
composition tree, in case that was the only reference to it.

Acked-by: Andreas Färber <afaerber@suse.de>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2013-02-01 15:53:09 -06:00
Paolo Bonzini
4fec640446 pci: use qbus_create in pci_bus_new
Remove knowledge of QOM innards.  The common part of pci_bus_new and
pci_bus_new_inplace is moved to a new function pci_bus_init.

Acked-by: Andreas Färber <afaerber@suse.de>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2013-02-01 15:53:09 -06:00
Paolo Bonzini
39355c3826 qdev: change first argument of qbus_create_inplace to void *
Make it clear that no BUS() macro is needed in the callers (in fact it
wouldn't work because the object has not been initialized yet with the
right class).

Suggested-by: Andreas Faerber <afaerber@suse.de>
Acked-by: Andreas F=E4rber <afaerber@suse.de>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2013-02-01 15:53:09 -06:00
Paolo Bonzini
013e118247 qdev: remove duplication between qbus_create and qbus_create_inplace
Move the common part to qbus_realize.

Acked-by: Andreas Färber <afaerber@suse.de>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2013-02-01 15:53:09 -06:00
liguang
d5286af5ef accel: change {xen, kvm, tcg, qtest}_allowed from int to bool
Signed-off-by: liguang <lig.fnst@cn.fujitsu.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2013-02-01 15:08:02 -06:00