When the i386 cmpxchg instruction is executed with a memory operand
and the comparison result is "unequal", do the memory write before
changing the accumulator instead of the other way around, because
otherwise the new accumulator value will incorrectly be used in the
comparison when the instruction is restarted after a page fault.
This bug was originally reported on 2010-04-25 as
https://bugs.launchpad.net/qemu/+bug/569760
Signed-off-by: Andreas Gustafsson <gson@gson.org>
W32 does not support line buffering, but it supports unbuffered output.
Unbuffered output is better for writing to qemu.log than fully buffered
output because it also shows the latest log messages when an application
crash occurs.
Signed-off-by: Stefan Weil <sw@weilnetz.de>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
Since commit 1d14ffa97eacd3cb722271eaf6f093038396eac4 (in 2005),
QEMU applications on W32 don't use the default SDL compiler flags:
Instead of a GUI application, a console application is created.
This has disadvantages (there is always an empty console window) and
no obvious reason, so this patch removes the strange flag modification.
The SDL GUI applications still can be run from a console window
and even send stdout and stderr to that console by setting environment
variable SDL_STDIO_REDIRECT=no.
Signed-off-by: Stefan Weil <sw@weilnetz.de>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
Enable build by default PIE / read-only relocation sections for the QEMU
binaries on OpenBSD amd64/i386.
Signed-off-by: Brad Smith <brad@comstyle.com>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
This bug was spotted by cppcheck.
Using g_try_malloc0 (as does the linux-user code) fixes this.
v2:
Use g_free in bsdload.c, too. Thanks to Peter Maydell for this hint.
Signed-off-by: Stefan Weil <sw@weilnetz.de>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
Unfortunately, this conversion required an additional change.
In the old QMP command, the 'snapshot-file' argument is specified as
optional. The idea is to take the snapshot internally if 'snapshot-file'
is not passed. However, internal snapshots are not supported yet so
the command returns a MissingParamater error if 'snapshot-file' is not
passed. Which makes the argument actually required and will cause
compatibility breakage if we change that in the future.
To fix this the QAPI converted blockdev_snapshot_sync command makes the
'snapshot-file' argument required. Again, in practice it's actually required,
so this is not incompatible.
If we do implement internal snapshots someday, we'll need a new argument
for it.
Note that this discussion doesn't affect HMP.
Signed-off-by: Luiz Capitulino <lcapitulino@redhat.com>
Note that the command being dropped uses the deprecated MONITOR_CMD_ASYNC
API, but the new command is a regular synchronous command. There shouldn't
be visible differences though, as MONITOR_CMD_ASYNC is internal only.
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
Signed-off-by: Luiz Capitulino <lcapitulino@redhat.com>
Please, note that the QMP command has a new 'cpu-index' parameter.
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
Signed-off-by: Luiz Capitulino <lcapitulino@redhat.com>
Commit e235cec3762d2aa20b548114ea7b172113690463 converted the query-mice
command to the QAPI but forgot to remove two prototypes used by the old
QAPI. Drop them.
Signed-off-by: Luiz Capitulino <lcapitulino@redhat.com>
Commit 5bc465e4b1b6f4582a400c0a7033a1c841744278 converted only
the HMP part of the system_powerdown command to the QAPI, this
commit completes it by converting the QMP part too.
Signed-off-by: Luiz Capitulino <lcapitulino@redhat.com>
It has been superseded by the two previous commits, which introduced
the test-qmp-output-visitor and test-qmp-input-visitor tests.
Signed-off-by: Luiz Capitulino <lcapitulino@redhat.com>
test-coroutine is listed as a libcheck test in the 'checks' variable. This
is not right because 'make check' won't run test-coroutine if libcheck
tests are not enabled (either because libcheck isn't detected or because
--disable-check-utests is passed).
Tests using the glib test framework are independent from libcheck and
afaik are always present (although having a configure switch to disable
them is probably worth it).
Untangle test-coroutine from the libcheck tests by introducing the
'test_progs' variable and using it to generate the test list used by
'make check'.
Reviewed-by: Andreas Färber <afaerber@suse.de>
Signed-off-by: Luiz Capitulino <lcapitulino@redhat.com>
Anthony wrote this quickly to aid in testing. It's similar to qmp-shell with
a few important differences:
1) It is not interactive. That makes it useful for scripting.
2) qmp-shell:
(QEMU) set_password protocol=vnc password=foo
3) qmp:
$ qmp set_password --protocol=vnc --password=foo
4) Extensible, git-style interface. If an invalid command name is
passed, it will try to exec qmp-$1.
5) It attempts to pretty print the JSON responses in a shell friendly
format such that tools can work with the output.
Hope others will also find it useful.
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
Signed-off-by: Mark Wu <wudxw@linux.vnet.ibm.com>
Signed-off-by: Luiz Capitulino <lcapitulino@redhat.com>
Ignore attempts to complete non-existent IRQs; this fixes a buffer
overrun if the guest writes a bad value to the GICC_EOIR register.
(This case is UNPREDICTABLE so ignoring it is a valid choice.)
Note that doing nothing if the guest writes 1023 to this register
is not in fact a change in behaviour: the old code would also
always do nothing in this case but in a non-obvious way.
(The buffer overrun was noted by Coverity, see bug 887883.)
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Andrzej Zaborowski <andrew.zaborowski@intel.com>
Drop the distinction between armv4l/armv4b in the $cpu variable
(ie host cpu type) in favour of calling everything 'arm'. This
makes it the same as the ARCH setting and removes some special
casing. The only thing we were using the distinction for was to
decide which endianness to use in cross compilation; do a cpp
define check there instead.
Reviewed-by: Andreas Färber <afaerber@suse.de>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Andrzej Zaborowski <andrew.zaborowski@intel.com>
spapr_populate_pci_devices() containd a loop with PCI_NUM_REGIONS (7)
iterations. However this overruns the 'bars' global array, which only has
6 elements. In fact we only want to run this loop for things listed in the
bars array, so this patch corrects the loop bounds to reflect that.
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Signed-off-by: Andrzej Zaborowski <andrew.zaborowski@intel.com>
Clarify some slightly misleading comments in the Thumb decoder's
handling of the memory hint space -- in particular one code path
marked as 'UNPREDICTABLE or unallocated hint' also includes some
legitimate preload instructions.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Andrzej Zaborowski <andrew.zaborowski@intel.com>
Two of the calls to hw_error() in arm_timer.c contain the wrong function name.
As suggested by Andreas Färber, use the C99 standard __func__ macro to
get the correct name, instead of putting the name directly into the code.
Signed-off-by: Peter Chubb <peter.chubb@nicta.com.au>
Signed-off-by: Andrzej Zaborowski <andrew.zaborowski@intel.com>
Many places in QEMU call qemu_aio_flush() to complete all pending
asynchronous I/O. Most of these places actually want to drain all block
requests but there is no block layer API to do so.
This patch introduces the bdrv_drain_all() API to wait for requests
across all BlockDriverStates to complete. As a bonus we perform checks
after qemu_aio_wait() to ensure that requests really have finished.
Signed-off-by: Stefan Hajnoczi <stefanha@linux.vnet.ibm.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Debugging a reentrant request deadlock was fun but in the future we need
a quick and obvious way of detecting such bugs. Add an assert that
checks we are not about to deadlock when waiting for another request.
Suggested-by: Kevin Wolf <kwolf@redhat.com>
Signed-off-by: Stefan Hajnoczi <stefanha@linux.vnet.ibm.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Cases beyond the end of the disk image are only implemented for block
drivers that do not provide .bdrv_co_is_allocated(). It's worth making
these cases generic so that block drivers that do implement
.bdrv_co_is_allocated() also get them for free.
Suggested-by: Mark Wu <wudxw@linux.vnet.ibm.com>
Signed-off-by: Stefan Hajnoczi <stefanha@linux.vnet.ibm.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Now that bdrv_co_is_allocated() is available we can use it instead of
the synchronous bdrv_is_allocated() interface. This is a follow-up that
Kevin Wolf <kwolf@redhat.com> pointed out after applying the series that
introduces bdrv_co_is_allocated().
It is safe to make cow_read() a coroutine_fn because its only caller is
a coroutine_fn.
Signed-off-by: Stefan Hajnoczi <stefanha@linux.vnet.ibm.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
This patch adds the -drive copy-on-read=on|off command-line option:
copy-on-read=on|off
copy-on-read is "on" or "off" and enables whether to copy read backing
file sectors into the image file. Copy-on-read avoids accessing the
same backing file sectors repeatedly and is useful when the backing
file is over a slow network. By default copy-on-read is off.
Signed-off-by: Stefan Hajnoczi <stefanha@linux.vnet.ibm.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Detect overlapping requests and remember to align to cluster boundaries
if the image format uses them. This assumes that allocating I/O is
performed in cluster granularity - which is true for qcow2, qed, etc.
Signed-off-by: Stefan Hajnoczi <stefanha@linux.vnet.ibm.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
When copy-on-read is enabled it is necessary to wait for overlapping
requests before issuing new requests. This prevents races between the
copy-on-read and a write request.
Signed-off-by: Stefan Hajnoczi <stefanha@linux.vnet.ibm.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
The bdrv_enable_copy_on_read()/bdrv_disable_copy_on_read() functions can
be used to programmatically enable or disable copy-on-read for a block
device. Later patches add the actual copy-on-read logic.
Signed-off-by: Stefan Hajnoczi <stefanha@linux.vnet.ibm.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
The block layer does not know about pending requests. This information
is necessary for copy-on-read since overlapping requests must be
serialized to prevent races that corrupt the image.
The BlockDriverState gets a new tracked_request list field which
contains all pending requests. Each request is a BdrvTrackedRequest
record with sector_num, nb_sectors, and is_write fields.
Note that request tracking is always enabled but hopefully this extra
work is so small that it doesn't justify adding an enable/disable flag.
Signed-off-by: Stefan Hajnoczi <stefanha@linux.vnet.ibm.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
It's common to wake up all waiting coroutines. Introduce the
qemu_co_queue_restart_all() function to do this instead of looping over
qemu_co_queue_next() in every caller.
Signed-off-by: Stefan Hajnoczi <stefanha@linux.vnet.ibm.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
