Commit 07a7484e5d accidentally introduced a bug
in the initialisation of the second macio DMA device which could cause some
DMA operations to segfault QEMU.
CC: Andreas Färber <afaerber@suse.de>
Signed-off-by: Mark Cave-Ayland <mark.cave-ayland@ilande.co.uk>
Acked-by: Andreas Färber <afaerber@suse.de>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
Done with this script:
cd hw
for i in `find . -name '*.h' | sed 's/^..//'`; do
echo '\,^#.*include.*["<]'$i'[">], s,'$i',hw/&,'
done | sed -i -f - `find . -type f`
This is so that paths remain valid as files are moved.
Instead, files in hw/dataplane are referenced with the relative path.
We know they are not going to move to include/, and they are the only
include files that are in subdirectories _and_ move.
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
The situation with device-hotplug.c is similar to qdev-monitor.c.
Add a stub for pci_drive_hot_add, so that it can be compiled once,
and move it out of hw/.
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
qdev-monitor.c is the only "core qdev" file that is not used in
user-mode emulation, and it does not define anything that is used
by hardware models. Remove it from the hw/ directory and
remove hw/qdev-monitor.h from hw/qdev.h too; this requires
some files to have some new explicitly includes.
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
This doesn't happen in the real hardware. The Zynq TRM explicitly states that
this bit has no effect on the rx descriptor pointer ("The receive queue
pointer register is unaffected").
Signed-off-by: Peter Crosthwaite <peter.crosthwaite@xilinx.com>
Message-id: 06fdf92b78ee62d8965779bafd29c8df1a5d2718.1360901435.git.peter.crosthwaite@xilinx.com
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Bits in the ISR were continually mirroring their corresponding TX/RX SR bits.
This is incorrect. The ISR bits are only ever set at the time their
corresponding event occurs.
Signed-off-by: Peter Crosthwaite <peter.crosthwaite@xilinx.com>
Message-id: cedfb6d108318846480b416a6041023ea5a353d6.1360901435.git.peter.crosthwaite@xilinx.com
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
The gem_receive() function replicates the logic for whether or not the device
can rx. Just call the actual gem_can_receive() function in place.
Signed-off-by: Peter Crosthwaite <peter.crosthwaite@xilinx.com>
Message-id: bf7f93969f3e01fbc76d68d2955307fdbad11bb1.1360901435.git.peter.crosthwaite@xilinx.com
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Currently, M25P80 uses an object property to differentiate between flash parts.
Changed this over to use QOM sub-classes - the actual names of the different parts
are used to create a set of dynamic classes which passes the part info as class
data. The object no longer needs to search the known_devices table for itself,
instead it just gets its info from its own class.
Kept the intermediate class definition private to m25p80.c for the moment, as
the expectation is parts will only be added as new entries in the table. We can
factor out the TYPE_M25P80 abstraction into a header on a demand basis.
Signed-off-by: Peter Crosthwaite <peter.crosthwaite@xilinx.com>
Message-id: e24e156d-ff96-4901-997a-e31178b08bee@VA3EHSMHS021.ehs.local
Reviewed-by: Andreas Färber <afaerber@suse.de>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
The Xilinx Zynq device has two SDHCI controllers. Added to the machine model.
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Peter Crosthwaite <peter.crosthwaite@xilinx.com>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Device model for standard SD Host Controller Interface (SDHCI) compliant with
version 2.00 of SD association specification.
Signed-off-by: Peter Crosthwaite <peter.crosthwaite@xilinx.com>
Signed-off-by: Igor Mitsyanko <i.mitsyanko@samsung.com>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Split the SCU in a9mpcore out into its own object definition. mpcore is now
just a container for the mpcore components.
Signed-off-by: Peter Crosthwaite <peter.crosthwaite@xilinx.com>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
This field was write only and thus unused. Removed.
Signed-off-by: Peter Crosthwaite <peter.crosthwaite@xilinx.com>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
In QEMU emulation, there is no functional difference between the ARM mpcore
private timers and watchdogs. Removed all the distinction between the two from
arm_mptimer.c and converted it to be just the mptimer. a9mpcore and arm11mpcore
just instantiate the same mptimer object twice to get both timer and WDT.
If in the future we want to make the WDT functionally different then we can use
either QOM hierarchy to derive WDT from from mptimer, or we can add a property
"is-wdt" or some such.
Signed-off-by: Peter Crosthwaite <peter.crosthwaite@xilinx.com>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
To conform with QEMU coding style.
Signed-off-by: Peter Crosthwaite <peter.crosthwaite@xilinx.com>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Trivial find replace on type names "timerblock" and "arm_mptimer_state" to
conform with QEMU coding style.
Signed-off-by: Peter Crosthwaite <peter.crosthwaite@xilinx.com>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
The code for handling the default "unknown command state" case in
pflash_read in pflash_cfi01.c comments "reset state & treat it as
a read". However the code doesn't actually do this. Moving the
default case to the top of the switch so it can fall through into
the read case brings this file into line with pflash_cfi02 and
makes the code behave as the comments suggest.
The pflash_cfi01 code has always had this bug -- it was presumably
introduced when the original author copied the cfi02 code and
rearranged the order of the switch statement without noticing
that the default case relied on the fall-through.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Peter Crosthwaite <peter.crosthwaite@xilinx.com>
Tested-by: Peter Crosthwaite <peter.crosthwaite@xilinx.com>
Message-id: 1358777318-7579-3-git-send-email-peter.maydell@linaro.org
The Intel flash command set requires that a read operation after
doing a 'single byte write' command returns the status register;
add this case to pflash_read() so we return the correct information.
Similarly, the case for the 0x28 flavour of block erase was missing.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Peter Crosthwaite <peter.crosthwaite@xilinx.com>
Tested-by: Peter Crosthwaite <peter.crosthwaite@xilinx.com>
Message-id: 1358777318-7579-2-git-send-email-peter.maydell@linaro.org
The proper mapping between 24 hours and 12 hours modes is:
0 12 AM
1-11 1-11 AM
12 12 PM
13-23 1-11 PM
Fix code accordingly.
Signed-off-by: Antoine Mathys <barsamin@gmail.com>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
The virtio-serial device is expected to use 2 MSI vectors, one for
control queue and a second shared for all queues.
Signed-off-by: Gal Hammer <ghammer@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
This commit does the same for the ICH9 LPC as commit 1ec4ba74 for the
PIIX3. For the present we're ignoring the Full Reset (FULL_RST) and System
Reset (SYS_RST) bits; the guest can read them back but that's it.
Signed-off-by: Laszlo Ersek <lersek@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
This patch addresses the issue fully described here:
http://lists.nongnu.org/archive/html/qemu-devel/2013-02/msg01804.html
Linux kernels prior to 2.6.36 do not disable the PCI device during
enumeration process. Since lower and higher parts of a 64bit BAR
are programmed separately this leads to qemu receiving a request to occupy
a completely wrong address region for a short period of time.
We have found that the boot process screws up completely if kvm-apic range
is overlapped even for a short period of time (it is fine for other
regions though).
This patch raises the priority of the kvm-apic memory region, so it is
never pushed out by PCI devices. The patch is quite safe as it does not
touch memory manager.
Signed-off-by: Alexey Korolev <akorolex@gmail.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
QEMU 1.3 does not emulate the link auto negotiation, so if migrate to a
1.3 machine during link auto negotiation, the guest link will be set to down.
Fix this by just disabling auto negotiation for 1.3 and older.
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
Edivaldo reports a problem that the array of NetClientState in NICState is too
large - MAX_QUEUE_NUM(1024) which will wastes memory even if multiqueue is not
used.
Instead of static arrays, solving this issue by allocating the queues on demand
for both the NetClientState array in NICState and VirtIONetQueue array in
VirtIONet.
Tested by myself, with single virtio-net-pci device. The memory allocation is
almost the same as when multiqueue is not merged.
Cc: Edivaldo de Araujo Pereira <edivaldoapereira@yahoo.com.br>
Cc: qemu-stable@nongnu.org
Signed-off-by: Jason Wang <jasowang@redhat.com>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
This fixes two bugs related to memory sync during
migration:
- ram address calculation was missing the chunk
address, so the wrong page was dirtied
- one after last was used instead of the
end address of a region, which might overflow to 0
and cause us to skip the region when the region ends at
~0x0ull.
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
Tested-by: Jason Wang <jasowang@redhat.com>
# By Paolo Bonzini (7) and others
# Via Kevin Wolf
* kwolf/for-anthony: (22 commits)
pc: add compatibility machine types for 1.4
blockdev: enable discard by default
qemu-nbd: add --discard option
blockdev: add discard suboption to -drive
block: implement BDRV_O_UNMAP
block: complete all IOs before .bdrv_truncate
coroutine: trim down nesting level in perf_nesting test
coroutine: move pooling to common code
qemu-iotests: Test qcow2 image creation options
qemu-iotests: Add qemu-img compare test
qemu-img: Add compare subcommand
qemu-img: Add "Quiet mode" option
block: Add synchronous wrapper for bdrv_co_is_allocated_above
block: refuse negative iops and bps values
block: use Error in do_check_io_limits()
qcow2: support compressed clusters in BlockFragInfo
qemu-img: add compressed clusters to BlockFragInfo
qemu-img: fix missing space in qemu-img check output
qcow2: record fragmentation statistics during check
qcow2: introduce check_refcounts_l1/l2() flags
...
This fixes the following compilation error:
hw/usb/hcd-xhci.c:1156:17: error: format ‘%llx’ expects argument of type
‘long long unsigned int’, but argument 4 has type ‘unsigned int’
Signed-off-by: Hervé Poussineau <hpoussin@reactos.org>
Reviewed-by: Stefan Weil <sw@weilnetz.de>
Acked-by: Gerd Hoffmann <kraxel@redhat.com>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
Because discard is now a host parameter, we can always fake it as enabled
in the guest. This is an extension of the current choice to ignore
"not supported" errors from the host when discard_granularity is set
to nonzero.
The default granularity is set to the logical block size or 4k, whichever
is largest, because cluster sizes below 4k are rarely used and 4K is a
typical block size for files.
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Commit 8550a02d12 added a streams
parameter to usb_wakeup and didn't update redirect.c. Fix it.
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
In case host and guest endianness differ the vga code first creates
a shared surface (using qemu_create_displaysurface_from), then goes
patch the surface format to indicate that the bytes must be swapped.
The switch to pixman broke that hack as the format patching isn't
propagated into the pixman image, so ui code using the pixman image
directly (such as vnc) uses the wrong format.
Fix that by adding a byteswap parameter to
qemu_create_displaysurface_from, so we'll use the correct format
when creating the surface (and the pixman image) and don't have
to patch the format afterwards.
[ v2: unbreak xen build ]
Cc: qemu-stable@nongnu.org
Cc: mark.cave-ayland@ilande.co.uk
Cc: agraf@suse.de
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Message-id: 1361349432-23884-1-git-send-email-kraxel@redhat.com
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
I was trying to launch a PowerPC "bamboo" machine with more than 256MB of RAM
with qemu-system-ppc -M bamboo -kernel $kernel -initrd $ramdisk -m 512, but QEMU
would just hang. However, when I used -m 256, the machine would boot.
I looked through the code in hw/ and it seems there is an error when the
RAM memory is setup (if my understanding is correct).
After patching it, the machine launched and booted successfully with 512MB of
RAM.
Signed-off-by: Alin Tomescu <tomescu.alin@gmail.com>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
This gives an awful silent failure when it doesn't work. Assert against link
creation failure.
Signed-off-by: Peter Crosthwaite <peter.crosthwaite@xilinx.com>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
Add streams support to the xhci emulation. No secondary streams yet,
only linear stream arays are supported for now.
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
This patch adds support for usb3 streams to the usb subsystem core.
This is just adding a streams field / parameter in a number of places.
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Fix the ordering of the endpoint descriptors for superspeed endpoints:
The superspeed companion must come first, possible additional
descriptors for the endpoint after that.
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
usb_packet_copy can handle combined packets now,
so it isn't needed to special-case them any more.
Also use the new usb_packet_size() function.
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
The code handling the "-usbdevice host:..." legacy command line
syntax is moved to the new hw/usb/host-legacy.c file.
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Leave the core usb devices (usb hub, tablet, mouse, keyboard)
enabled unconditionally. Make the other ones configurable.
Exceptions:
- bluetooth: not qdevified yet, has a vl.c dependency because
of that, thus disabling isn't as easy as not linking the
object file.
- smardcard: ccid-card-emulated depends on that one *and*
CONFIG_SMARTCARD_NSS. So it isn't a one-liner and comes
as separate patch because of that.
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Prepares for assigning IRQs before QOM realize.
Signed-off-by: Andreas Färber <afaerber@suse.de>
Signed-off-by: Andreas Färber <afaerber@suse.de>
Message-id: 1361010446-1427-1-git-send-email-afaerber@suse.de
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
In order to instantiate a CPU subtype we will need to know which type,
so move the cpu_model splitting into cpu_x86_init().
Parameters need to be set on the X86CPU instance, so move
cpu_x86_parse_featurestr() into cpu_x86_init() as well.
This leaves cpu_x86_register() operating on the model name only.
Signed-off-by: Andreas Färber <afaerber@suse.de>
Signed-off-by: Igor Mammedov <imammedo@redhat.com>
Reviewed-by: Eduardo Habkost <ehabkost@redhat.com>
Signed-off-by: Andreas Färber <afaerber@suse.de>
The helper functions all access ppc-specific fields only so don't bother
to change arguments to PowerPCCPU and use env_ptr instead.
No functional change.
Acked-by: Alexander Graf <agraf@suse.de>
Signed-off-by: Andreas Färber <afaerber@suse.de>
Potentially env could be NULL whereas cpu would still be valid and
correspond to a previous env.
Wrapping this in qemu_get_cpu(), env is no longer needed, so simplify
code that existed before 55e5c28502.
Acked-by: Alexander Graf <agraf@suse.de>
Signed-off-by: Andreas Färber <afaerber@suse.de>
Since we still need env for ppc-specific fields, obtain it via the new
env_ptr fields to avoid "cpu" name conflicts between CPUState and
PowerPCCPU for now.
This fixes a potential issue with env being NULL at the end of the loop
but cpu still being a valid pointer corresponding to a previous env.
Acked-by: Alexander Graf <agraf@suse.de>
Signed-off-by: Andreas Färber <afaerber@suse.de>
Explictly NULL it on CPU reset since it was located before breakpoints.
Change vapic_report_tpr_access() argument to CPUState. This also
resolves the use of void* for cpu.h independence.
Change vAPIC patch_instruction() argument to X86CPU.
Signed-off-by: Andreas Färber <afaerber@suse.de>
Rename the public-facing function cpu_set_log to qemu_set_log. This
requires us to rename the internal-only qemu_set_log() to
do_qemu_set_log().
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Andreas Färber <afaerber@suse.de>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
The device returns false from the can receive function when the FIFO is
full. This means the device should check for buffered input whenever a byte is
popped from the FIFO.
Reported-by: Jason Wu <huanyu@xilinx.com>
Signed-off-by: Peter Crosthwaite <peter.crosthwaite@xilinx.com>
Message-id: 1360632571-25638-1-git-send-email-peter.crosthwaite@xilinx.com
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
There are two ways to express an interruption subclass:
- As a bitmask, as used in cr6.
- As a number, as used in the I/O interruption word.
Unfortunately, we have treated to I/O interruption word as if it
contained the bitmask as well, which went unnoticed so far as
- (queued-for-next) kvm made the same mistake, and
- Linux guest kernels don't check the isc value in the I/O interruption
word for subchannel interrupts.
Make sure that we treat the I/O interruption word correctly.
Signed-off-by: Cornelia Huck <cornelia.huck@de.ibm.com>
Signed-off-by: Alexander Graf <agraf@suse.de>
Starting a qemu with an sclp console and pressing a key very early
can result in
"qemu-system-s390x: hw/s390x/sclpconsole.c:60: receive_from_chr_layer:
Assertion `scon->iov' failed."
Lets make sure that the init process is finished, since the iov is
allocated after CHR_EVENT_OPENED by also checking for scon->iov.
Signed-off-by: Christian Borntraeger <borntraeger@de.ibm.com>
Signed-off-by: Alexander Graf <agraf@suse.de>
This function has nothing to do with ethernet. Its reusable for all DMA clients.
Dropped the "ethernet" in the name accordingly.
Signed-off-by: Peter Crosthwaite <peter.crosthwaite@xilinx.com>
Signed-off-by: Edgar E. Iglesias <edgar.iglesias@gmail.com>
Pulled the qdev_create functionality out of xilinx_axiethernet_create() and
pushed it up to the petalogix_ml605_mmu machine model. This makes the ethernet
create+init process consistent with the AXI DMA. Renamed function to
xilinx_axiethernet_init accordingly.
Signed-off-by: Peter Crosthwaite <peter.crosthwaite@xilinx.com>
Signed-off-by: Edgar E. Iglesias <edgar.iglesias@gmail.com>
Atmel, SST and Intel/Numonyx serial flash tend to power up
with the software protection bits set.
And thus the new m25p80.c in linux kernel would always tries
to use WREN(0x06) + WRSR(0x01) to turn-off the protection.
The WEL(0x02) of status register is supposed to be cleared after
WRSR(0x01). There are also some drivers (i.e mine for RTOSes)
would check the WEL(0x02) in status register to make sure the
protection is correctly turned off.
Signed-off-by: Kuo-Jung Su <dantesu@faraday-tech.com>
Cc: Peter Crosthwaite <peter.crosthwaite@xilinx.com>
Cc: Peter Maydell <peter.maydell@linaro.org>
Cc: Edgar E. Iglesias <edgar.iglesias@gmail.com>
Reviewed-by: Peter Crosthwaite <peter.crosthwaite@xilinx.com>
Signed-off-by: Edgar E. Iglesias <edgar.iglesias@gmail.com>
Use error_printf() instead, so the help gets presented more nicely.
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Message-id: 1360354939-10994-3-git-send-email-armbru@redhat.com
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
The arguments of error_report() should yield a short error string
without newlines.
A few places try to print additional help after the error message by
embedding newlines in the error string. That's nice, but let's do it
the right way.
Since I'm touching these lines anyway, drop a stray preposition and
some tabs. We don't use tabs for similar messages elsewhere.
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Message-id: 1360354939-10994-2-git-send-email-armbru@redhat.com
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
The IRQ number of the second EHCI controller should be 76, not 75.
Signed-off-by: Liming Wang <walimisdev@gmail.com>
Tested-by: Peter Crosthwaite <peter.crosthwaite@petalogix.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
The new multiqueue feature adds fields to the virtio device config, which
breaks Windows guests. Disable the feature by default until the Windows
drivers are fixed.
Signed-off-by: Jesse Larrew <jlarrew@linux.vnet.ibm.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
Currently, the config size for virtio devices is hard coded. When a new
feature is added that changes the config size, drivers that assume a static
config size will break. For purposes of backward compatibility, there needs
to be a way to inform drivers of the config size needed to accommodate the
set of features enabled.
aliguori: merged in
- hw/virtio-net: use existing macros to implement endof
- hw/virtio-net: fix config_size data type
Signed-off-by: Jesse Larrew <jlarrew@linux.vnet.ibm.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
When the pxa2xx performance counter related cp14 registers were converted
from a switch-statement implementation to the new table driven cpregs
format in commit dc2a9045c, the crn and crm values for all these
registers were accidentally transposed. Fix this mistake, which was
causing OpenBSD for Zaurus to fail to boot.
Reported-by: Jonathan Gray <jsg@jsg.id.au>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
We use the clunk request to do the actual xattr operation. So don't
ignore the error value for fid clunk.
Security model "none" don't support posix acl. Without this patch
guest won't get EOPNOTSUPP error on setxattr("system.posix_acl_access")
Signed-off-by: Aneesh Kumar K.V <aneesh.kumar@linux.vnet.ibm.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
Fixes a couple of regression bugs introduced by
b9d03e352c and related to
auto-negotiation:
- Auto-negotiation currently sets link up even if it was
forced down from the monitor.
- If Auto-negotiation was in progress during migration,
link will never come up.
As a fix, don't touch NC link_down field at all,
instead add code on receive path to check
guest link status.
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
b0b873a078 bumped the vmstate version and
introduced an old-style load function to handle migration from prior
(<= 1.2) versions.
The load function passes the top-level PIIX4PMState pointer to
vmstate_load_state() to handle nested structs for APMState and
pci_status, which leads to corruption of the top-level PIIX4PMState,
since pointers to the nested structs are expected.
A segfault can be fairly reliably triggered by migrating from 1.2 and
issuing a reset, which will trigger a number of QOM operations which
rely on the now corrupted ObjectClass/Object members.
Fix this by passing in the expected pointers for vmstate_load_state().
Cc: qemu-stable@nongnu.org
Signed-off-by: Michael Roth <mdroth@linux.vnet.ibm.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
qdev_free and qbus_free have to do unparent+unref, because nobody else
drops the initial reference (the one included by object_initialize)
before them.
For device_init_func and do_device_add, this is trivially correct,
since the DeviceState goes out of scope.
For qdev_create, qdev_try_create and qbus_init, it is a bit more tricky.
What we are doing here is just assuming that the caller knows what it's
doing, and won't call qdev_free/qbus_free while the device is still there.
This is a pretty reasonable assumption and (behind the scenes) is also
what GObject/GTK does. GTK actually has a "floating reference" that
goes away as soon as the caller does gtk_container_add or something
like that, but in the end qbus_init and qdev_try_create are already
adding the new object to its qdev parent! So in the end the two solutions
are the same.
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
We want object_delete to disappear, and we will do this one class at a
time. Inline it for the qdev case, which we will tackle first.
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
Now that the unparent callbacks are complete, we can correctly account
more missing references.
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
Similarly, a bus holds a reference back to the device, and this will
prevent the device from going away as soon as this reference is counted
properly. To avoid this, move the unrealization of devices to the
unparent callback. This includes recursively unparenting all the buses
and (after the previous patch) the devices on those buses, which ensures
that the web of references completely disappears for all devices that
reside (in the qdev tree) below the one being unplugged.
After this patch, the qdev tree and the bus<->child relationship is
defined as "A is above B, iff unplugging A will automatically unplug B".
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
A device will never be finalized as long as it has a reference from
other devices that sit on its buses. To ensure that the references
go away, deassociate a bus from its children in the unparent callback
for the bus.
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
Each device has a reference through the BusChild. This reference
was not accounted for, add it now.
Reviewed-by: Andreas Färber <afaerber@suse.de>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>