Commit Graph

18736 Commits

Author SHA1 Message Date
Alon Levy
8db36e9ddd usb-desc: fix user trigerrable segfaults (!config)
Check for dev->config being NULL in two places:
 USB_REQ_GET_CONFIGURATION and USB_REQ_GET_STATUS.

The behavior of USB_REQ_GET_STATUS is unspecified in the Default state,
that corresponds to dev->config being NULL (it defaults to NULL and is
reset whenever a SET_CONFIGURATION with value 0, or attachment). I
implemented it to correspond with the state before
ed5a83ddd8, the commit moving SET_STATUS
to usb-desc; if dev->config is not set we return whatever is in the
first configuration.

The behavior of USB_REQ_GET_CONFIGURATION is also undefined before any
SET_CONFIGURATION, but here we just return 0 (same as specified for the
Address state).

A win7 guest failed to initialize the device before this patch,
segfaulting when GET_STATUS was called with dev->config == NULL. With
this patch the passthrough device still doesn't work but the failure is
unrelated.

Signed-off-by: Alon Levy <alevy@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-02-27 13:37:36 +01:00
Gerd Hoffmann
aa0568ff25 usb-ehci: sanity-check iso xfers
This patch adds a sanity check to itd processing to make sure the
endpoint addressed by the guest is actually an iso endpoint.  Also
verify that usb drivers don't return USB_RET_ASYNC which is illegal for
iso xfers.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-02-27 13:37:36 +01:00
Gerd Hoffmann
808aeb98ff usb: add tracepoint for usb packet state changes.
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-02-27 13:37:36 +01:00
Gerd Hoffmann
7d1994f863 usb-xhci: enable packet queuing
qemu usb core has packet queues now, so flip lets the switch.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-02-27 13:37:36 +01:00
Gerd Hoffmann
5a248289a8 usb-uhci: implement packet queuing
When a usb device is busy processing a packet (and returns
USB_RET_ASYNC), continue walking the transfer descriptor list
and process them to fill the request queue.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-02-27 11:13:27 +01:00
Gerd Hoffmann
971a5a406e usb-uhci: process uhci_handle_td return code via switch.
Restruct the uhci_handle_td return code processing to make the
control flow more clear and the code more readable.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-02-27 11:13:27 +01:00
Gerd Hoffmann
f8af1e889b usb-uhci: add UHCIQueue
UHCIAsync structs (in-flight requests) grouped in UHCIQueue now.
Each (active) usb endpoint gets its own UHCIQueue.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-02-27 11:13:27 +01:00
Gerd Hoffmann
326700e35d usb-uhci: cleanup UHCIAsync allocation & initialization.
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-02-27 11:13:26 +01:00
Gerd Hoffmann
81d37739df usb-ehci: fix reset
Two reset fixes:
  * pick up s->usbcmd value after ehci_reset call to make sure it
    keeps the reset value and doesn't get rubbish filled in when
    val is written back to the mmio register array later on.
  * make sure the frame timer is zapped on reset.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-02-27 11:13:26 +01:00
Gerd Hoffmann
299aa1c6df usb-hid: fix tablet activation
Activate usb hid pointer devices (mouse+tablet) unconditionally
on polls, even if we NAK the poll due to lack of new events.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-02-27 11:13:26 +01:00
Stefan Weil
b4bd0b168e audio: Add some fall through comments
Static code analysers expect these comments for case statements without
a break statement.

Signed-off-by: Stefan Weil <sw@weilnetz.de>
Signed-off-by: malc <av1474@comtv.ru>
2012-02-25 18:16:11 +04:00
Peter Maydell
cdf84806a1 configure: Check whether makecontext() is a glibc stub function
On some systems (notably ARM Linux) glibc provides implementations
of makecontext(), getcontext() and friends which are stubs which
always return failure. Make the configure test for makecontext()
also check for the presence of the __stub_makecontext macro which
indicates the presence of these stubs, so we can avoid trying to use
them and fall back to a different coroutine implementation instead.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2012-02-24 13:36:06 -06:00
Peter Maydell
967c0da73a vl.c: Avoid segfault when started with no arguments
Fix a bug (introduced in commit a0abe47) where a command line which
specified no machine arguments (either explicitly or implicitly via
-kernel &co) would result in a segfault because of a NULL pointer
returned from qemu_opts_find(qemu_find_opts("machine"), 0).

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2012-02-24 13:36:06 -06:00
Gerd Hoffmann
9ebe95fb60 nic: zap obsolote romloading bits from ne2k + pcnet
These days one just needs to specify the romfile in PCiDeviceInfo and
everything magically works.  It also allows to disable pxe rom loading
via "romfile=<emptystring>" like it is possible for all other nics.

[ v2: rebased & adapted to qom changes ]

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2012-02-24 13:36:05 -06:00
Gerd Hoffmann
5bc62e01cd build: allow turning off debuginfo
This patch adds --{enable,disable}-debug-info switches to configure
which allows to include/exclude the '-g' switch on the gcc & ld
command lines.  Not building debug info reduces ressource usage
(especially disk) alot and is quite useful for test builds.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2012-02-24 13:36:05 -06:00
Gerd Hoffmann
45efb16124 optimize screendump for the common non-switch case
switch console only if needed, also pass down whenever the console was
switched or not because a displaysurface redraw is only needed in case
the console was switched.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2012-02-24 13:36:05 -06:00
Gerd Hoffmann
1673510204 Remove screendump dummy functions.
The code in console.c verifies whenever a screen_dump function
pointer is present before calling it, so there is no need to supply an
dummy function.  Remove them.  Also report an error to notify the user
that he didn't got a screenshot.

Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2012-02-24 13:36:04 -06:00
Gerd Hoffmann
9a51f5b067 vga: simplify screendump
The displaychangelistener isn't needed at all, we can simply save the
image when vga_hw_update is done instead of hooking into the update
process.

Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2012-02-24 13:36:04 -06:00
Gerd Hoffmann
53370b78ec suspend: add qmp events
Send qmp events on suspend and wakeup so libvirt
has a chance to track the vm state.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2012-02-24 13:36:04 -06:00
Gerd Hoffmann
6595abc044 suspend: make acpi timer wakeup the guest.
Make the acpi timer wake up the guest.
Guests can enable/disable this via acpi too.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2012-02-24 13:36:04 -06:00
Gerd Hoffmann
62aeb0f765 suspend: make rtc alarm wakeup the guest.
Make the rtc wake up the guest when the alarm fires.
Add acpi windup to property support RTC_EN, so guests
can enable and disable this.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2012-02-24 13:36:03 -06:00
Gerd Hoffmann
9826fd597d suspend: make serial ports wakeup the guest.
Add a 'wakeup' property to the serial port.  It is off by default.  When
enabled any incoming character on the serial line will wake up the
guest.  Useful for guests which have a serial console configured.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2012-02-24 13:36:03 -06:00
Gerd Hoffmann
fd214d1828 suspend: make ps/2 devices wakeup the guest
This patch adds wakeup support to ps/2 emulation.  Any key press on the
ps/2 keyboard will wakeup the guest.  Likewise any mouse button press
will wakeup the guest.  Mouse moves are ignored, so the guest will not
wakeup in case your mouse crosses the vnc window of a suspended guest by
accident.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2012-02-24 13:36:03 -06:00
Gerd Hoffmann
9b9df25a47 suspend: add system_wakeup monitor command
This patch adds the system_wakeup monitor command which will simply
wake up suspended guests.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2012-02-24 13:36:03 -06:00
Gerd Hoffmann
da98c8eb4c suspend: switch acpi s3 to new infrastructure.
This patch switches pc s3 suspend over to the new infrastructure.
The cmos_s3 qemu_irq is killed, the new notifier is used instead.
The xen hack goes away with that too, the hypercall can simply be
done in a notifier function now.

This patch also makes the guest actually stay suspended instead
of leaving suspend instantly, so it is useful for more than just
testing whenever the suspend/resume cycle actually works.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2012-02-24 13:36:03 -06:00
Gerd Hoffmann
95b363b5c6 suspend: add infrastructure
This patch adds some infrastructure to handle suspend and resume to
qemu.  First there are two functions to switch state and second there
is a suspend notifier:

 * qemu_system_suspend_request is supposed to be called when the
   guest asks for being be suspended, for example via ACPI.

 * qemu_system_wakeup_request is supposed to be called on events
   which should wake up the guest.

 * qemu_register_suspend_notifier can be used to register a notifier
   which will be called when the guest is suspended.  Machine types
   and device models can hook in there to modify state if needed.

 * qemu_register_wakeup_notifier can be used to register a notifier
   which will be called when the guest is woken up.  Machine types
   and device models can hook in there to modify state if needed.

 * qemu_system_wakeup_enable can be used to enable/disable wakeup
   events.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2012-02-24 13:36:02 -06:00
Gerd Hoffmann
8283c4f565 acpi: add acpi_pm1_evt_write_en
Do APCIREGS->pm1.evt.en updates using the new acpi_pm1_evt_write_en
function, so the acpi code will see those updates.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2012-02-24 13:36:02 -06:00
Gerd Hoffmann
2886be1b01 acpi: don't pass overflow_time to acpi_pm1_evt_get_sts
Pretty pointless, can easily be reached via ACPIREGS now.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2012-02-24 13:36:02 -06:00
Gerd Hoffmann
355bf2e5ba acpi: add ACPIREGS
All those acpi structs are not independent from each other.
Various acpi functions expecting multiple acpi structs passed
in are a clean indicator for that ;)

So this patch bundles all acpi structs in the new ACPIREGS
struct, then use it everythere pass around acpi state.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2012-02-24 13:36:02 -06:00
Gerd Hoffmann
067866d61c acpi: move around structs
Group all structs at the top of hw/acpi.h.
Just moving around lines, no code changes.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2012-02-24 13:36:02 -06:00
Anthony Liguori
85f3855303 Merge remote-tracking branch 'stefanha/trivial-patches' into staging
* stefanha/trivial-patches:
  slirp/misc: fix gcc __warn_memset_zero_len warnings
  vl.c: Increase width of machine name column in "-M ?" output
  tcg: Remove unneeded include statements
2012-02-24 09:51:24 -06:00
Anthony Liguori
18ac549958 Merge remote-tracking branch 'mdroth/qga-win32-pull-2-23-12' into staging
* mdroth/qga-win32-pull-2-23-12:
  qemu-ga: add win32 guest-shutdown command
  qemu-ga: add Windows service integration
  qemu-ga: add initial win32 support
  qemu-ga: fixes for win32 build of qemu-ga
  qemu-ga: rename guest-agent-commands.c -> commands-posix.c
  qemu-ga: separate out common commands from posix-specific ones
  qemu-ga: move channel/transport functionality into wrapper class
  qemu-ga: Add schema documentation for types
2012-02-24 09:50:37 -06:00
Anthony Liguori
7c1daf341f Merge remote-tracking branch 'qmp/queue/qmp' into staging
* qmp/queue/qmp:
  qmp: add DEVICE_TRAY_MOVED event
  ide: drop ide_tray_state_post_load()
  block: Don't call bdrv_eject() if the tray state didn't change
  block: bdrv_eject(): Make eject_flag a real bool
  block: Rename bdrv_mon_event() & BlockMonEventAction
2012-02-24 09:45:22 -06:00
Anthony Liguori
5105b6d88d Merge remote-tracking branch 'kwolf/for-anthony' into staging
* kwolf/for-anthony: (46 commits)
  qemu-iotests: common.config: Allow use of arbitrary qemu* paths
  qemu-iotests: check: print relevant path information
  qemu-iotests: test loading internal snapshots
  qemu-iotests: Update filter for default cluster size
  qemu-iotests: add qed support to 025 image resize test
  qemu-iotests: Update rbd support
  qemu-iotests: common.config: Fix no $TEST_DIR directory
  qemu-iotests: only run 016 for file and sheepdog protocols
  qemu-iotests: Use zero-based offsets for IO patterns
  qemu-iotests: add support for rbd and sheepdog protocols
  qemu-iotests: filter IMGFMT correctly in 019
  qemu-iotests: README: Fix spelling
  qemu-iotests: add support for qed format
  qemu-iotests: filter TEST_DIR correctly in 019
  qemu-iotests: fix 019 golden output
  qemu-iotests: update expected results after qemu-img changes
  qemu-iotests: add read/write from smaller backing image test
  qemu-iotests: add sub-cluster allocating write test for sparse image formats
  qemu-iotests: improve test for qemu-img convert with backing file
  qemu-iotests: consider more cases in parsing qemu-io output
  ...
2012-02-24 09:37:27 -06:00
Anthony Liguori
9ef1300b1b Merge remote-tracking branch 'bonzini/virtio-scsi' into staging
* bonzini/virtio-scsi:
  scsi-block: always use scsi_generic_ops for cache != none
  scsi: fix searching for an empty id
  scsi: fix wrong return for target INQUIRY
  virtio-scsi: add migration support
  virtio-scsi: process control queue requests
  virtio-scsi: add basic SCSI bus operation
  virtio-scsi: Add basic request processing infrastructure
  virtio-scsi: Add virtio-scsi stub device
  scsi-disk: add migration support
  scsi-generic: add migration support
  scsi: add SCSIDevice vmstate definitions
  scsi-disk: enable scatter/gather functionality
  scsi: add scatter/gather functionality
  scsi: pass residual amount to command_complete
  ahci: use new DMA helpers
  dma-helpers: add accounting wrappers
  dma-helpers: add dma_buf_read and dma_buf_write
  dma-helpers: make QEMUSGList target independent
2012-02-24 09:33:03 -06:00
Andreas Färber
dcce6675de target-i386: Introduce x86_cpuid_set_model_id()
Move the logic to transform the 48-char model ID into the 12-word model
value into a helper.

Signed-off-by: Andreas Färber <afaerber@suse.de>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2012-02-24 09:06:58 -06:00
Andreas Färber
38c3dc4622 target-i386: Introduce x86_cpuid_version_set_stepping()
Move the logic for setting the stepping field into a helper function.

To make the function self-contained and to prepare for future
unordered/multiple uses, mask out any previous stepping values first.

Signed-off-by: Andreas Färber <afaerber@suse.de>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2012-02-24 09:06:58 -06:00
Andreas Färber
b0704cbd3f target-i386: Introduce x86_cpuid_version_set_model()
Move the logic for setting the model and extended model fields
into a helper function.

To make the function self-contained and to prepare for future
unordered/multiple uses, mask out any previous model values first.

Signed-off-by: Andreas Färber <afaerber@suse.de>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2012-02-24 09:06:58 -06:00
Andreas Färber
ed5e1ec3fc target-i386: Introduce x86_cpuid_version_set_family()
Move the logic for setting the family and extended family into a
helper function.

To make the helper self-contained and in preparation of future
unordered/multiple uses, mask out any previous family values first.

Signed-off-by: Andreas Färber <afaerber@suse.de>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2012-02-24 09:06:58 -06:00
Markus Armbruster
8811e1e174 console: Eliminate text_consoles[]
Simply use consoles[] instead.

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2012-02-24 09:06:58 -06:00
Markus Armbruster
877691f96f sockets: Clean up inet_listen_opts()'s convoluted bind() loop
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2012-02-24 09:06:58 -06:00
Markus Armbruster
136faa362d sockets: Drop sockets_debug debug code
I'm trying to improve this code's error reporting, and the debug code
is getting in my way: it clutters the code, it clobbers errno in
inconvenient places, and it uses the same fprintf() both for error
reporting and debug output in a few places.

Get rid of it.  Once decent error reporting is in place, adding back
whatever debug code we need shouldn't be hard.

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2012-02-24 09:06:58 -06:00
Markus Armbruster
ef0c4a0d89 gdbstub: Error locations for -gdb
Stash away the option argument with add_device_config(), so we still
have its location when we get around to parsing it.

This doesn't improve any messages I can see just yet, but that'll
change shortly.

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2012-02-24 09:06:58 -06:00
Markus Armbruster
d9a5954dbf vl.c: Error locations for options using add_device_config()
These are -bt, -serial, -virtcon, -parallel, -debugcon, -usbdevice.
Improves messages emitted via proper error reporting interfaces.  For
instance:

    $ qemu-system-x86_64 -nodefaults -S -usb -usbdevice net:vlan=xxx
    qemu-system-x86_64: Parameter 'vlan' expects a number

becomes:

    qemu-system-x86_64: -usbdevice net:vlan=xxx: Parameter 'vlan' expects a number

Many more remain unimproved, because they're fprintf()ed.  The next
few commits will take care of that.

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2012-02-24 09:06:58 -06:00
Markus Armbruster
d7378ee1c1 qemu-char: qemu_chr_open_fd() can't fail, don't check
Cleaned up silently in commit aad04cd0, but that just got reverted.
Re-apply this part.

Reviewed-by: Anthony Liguori <aliguori@us.ibm.com>
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2012-02-24 09:06:57 -06:00
Markus Armbruster
a89dd6c32e qemu-char: Re-apply style fixes from just reverted aad04cd0
Reviewed-by: Anthony Liguori <aliguori@us.ibm.com>
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2012-02-24 09:06:57 -06:00
Markus Armbruster
b181e04777 qemu-char: Use qemu_open() to avoid leaking fds to children
Fixed silently in commit aad04cd0, but that just got reverted.
Re-apply the fixes, plus one missed instance: parport on Linux.

Reviewed-by: Anthony Liguori <aliguori@us.ibm.com>
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2012-02-24 09:06:57 -06:00
Markus Armbruster
1f51470d04 Revert "qemu-char: Print strerror message on failure" and deps
The commit's purpose is laudable:

    The only way for chardev drivers to communicate an error was to
    return a NULL pointer, which resulted in an error message that
    said _that_ something went wrong, but not _why_.

It attempts to achieve it by changing the interface to return 0/-errno
and update qemu_chr_open_opts() to use strerror() to display a more
helpful error message.  Unfortunately, it has serious flaws:

1. Backends "socket" and "udp" return bogus error codes, because
qemu_chr_open_socket() and qemu_chr_open_udp() assume that
unix_listen_opts(), unix_connect_opts(), inet_listen_opts(),
inet_connect_opts() and inet_dgram_opts() fail with errno set
appropriately.  That assumption is wrong, and the commit turns
unspecific error messages into misleading error messages.  For
instance:

    $ qemu-system-x86_64 -nodefaults -vnc :0 -chardev socket,id=bar,host=xxx
    inet_connect: host and/or port not specified
    chardev: opening backend "socket" failed: No such file or directory

ENOENT is what happens to be in my errno when the backend returns
-errno.  Let's put ERANGE there just for giggles:

    $ qemu-system-x86_64 -nodefaults -vnc :0 -chardev socket,id=bar,host=xxx -drive if=none,iops=99999999999999999999
    inet_connect: host and/or port not specified
    chardev: opening backend "socket" failed: Numerical result out of range

Worse: when errno happens to be zero, return -errno erroneously
signals success, and qemu_chr_new_from_opts() dies dereferencing
uninitialized chr.  I observe this with "-serial unix:".

2. All qemu_chr_open_opts() knows about the error is an errno error
code.  That's simply not enough for a decent message.  For instance,
when inet_dgram() can't resolve the parameter host, which errno code
should it use?  What if it can't resolve parameter localaddr?

Clue: many backends already report errors in their open methods.
Let's revert the flawed commit along with its dependencies, and fix up
the silent error paths instead.

This reverts commit 6e1db57b2a.

Conflicts:

	console.c
	hw/baum.c
	qemu-char.c

This reverts commit aad04cd024.

The parts of commit db418a0a "Add stdio char device on windows" that
depend on the reverted change fixed up.

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2012-02-24 09:06:56 -06:00
Paolo Bonzini
eaccf49e95 scsi-block: always use scsi_generic_ops for cache != none
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2012-02-24 14:54:51 +01:00
Paolo Bonzini
d3d250bddb scsi: fix searching for an empty id
The conditions for detecting no free target or LUN were wrong.

The LUN loop was followed by an "if" condition that is never
true, because the loop is exited as soon as lun becomes equal
to bus->info->max_lun, and never becomes greater than it.

The target loop had a wrong condition (<= instead of <).  Once
this is fixed, the loop would fail in the same way as the LUN
loop.

The fix is to see whether scsi_device_find returned the device with the
last (channel, target, LUN) pair, and fail if so.

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2012-02-24 14:54:51 +01:00