Commit Graph

42646 Commits

Author SHA1 Message Date
Paolo Bonzini
e0df8f18f7 bt: avoid unintended sign extension
In the case of a 4-byte length, shifting a value by 24 may cause
an unintended sign extension when converting from int to size_t.
Use a uint32_t variable instead.

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Reviewed-by: Markus Armbruster <armbru@redhat.com>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
2015-12-04 09:39:55 +03:00
John Snow
624533e5a5 util/id: fully allocate names table
Trivial: this array should be allocated to have ID_MAX entries always.
Otherwise if someone were to forget to expand this table, the assertion
in the id generator won't actually trigger; it will read junk data.

Signed-off-by: John Snow <jsnow@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Reviewed-by: Jeff Cody <jcody@redhat.com>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
2015-12-04 09:39:55 +03:00
Prasad J Pandit
4c65fed8bd ui: vnc: avoid floating point exception
While sending 'SetPixelFormat' messages to a VNC server,
the client could set the 'red-max', 'green-max' and 'blue-max'
values to be zero. This leads to a floating point exception in
write_png_palette while doing frame buffer updates.

Reported-by: Lian Yihan <lianyihan@360.cn>
Signed-off-by: Prasad J Pandit <pjp@fedoraproject.org>
Reviewed-by: Gerd Hoffmann <kraxel@redhat.com>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2015-12-03 13:34:50 +00:00
Peter Maydell
efdeb96c5a -----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
 
 iQEcBAABAgAGBQJWX8xEAAoJEJykq7OBq3PIY+YH/0fhpy2S0G2LtfjYX3522Q81
 3SsIC+4934+SkGLkQflnNsy8HPKvqQndkV+5FEqbzUTwJ1kjixyKapfpLyA0tvbm
 +uxvC1Mn91nVfqlfh3zwGOqprcEwPvXtfIyeOlfeq+6m72fDLWUakIwzAfNGWeV8
 REc3j2yTEw2esRPKau5kP1q3taN7w6UvIx9I8g1/cbnq89ca0ici/+AhBz/XGGb1
 gTlxtBoVWfH+k0kO2rqhZt+RLi7u22cmtPOywOTuqIt3HEYgFdaaf6S0UcZ+mgno
 CNf0hhbHuMhBCgWvXcGXDssFrI2GoSl8hEuTBbLHyOSFSHZ8pfRLFmoFuZzXW0c=
 =TtA6
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/stefanha/tags/block-pull-request' into staging

# gpg: Signature made Thu 03 Dec 2015 04:59:48 GMT using RSA key ID 81AB73C8
# gpg: Good signature from "Stefan Hajnoczi <stefanha@redhat.com>"
# gpg:                 aka "Stefan Hajnoczi <stefanha@gmail.com>"

* remotes/stefanha/tags/block-pull-request:
  iotests: Add regresion test case for write notifier assertion failure
  iotests: Add "add_drive_raw" method
  block: Don't wait serialising for non-COR read requests
  iothread: include id in thread name

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2015-12-03 11:08:43 +00:00
Peter Maydell
eab0ebc7fe migration/next for 20151203
-----BEGIN PGP SIGNATURE-----
 Version: GnuPG v1
 
 iQIcBAABCAAGBQJWX3xuAAoJEPSH7xhYctcj9TMP/2zV51BQtlDYACAiMGQy028I
 bpY/oNlq0zNeNAGoTe9cGsYsEF5PUx5iPLZiFKnfkcL7zLeHX4O5WW+NlZTUF8LP
 ZaJg8Qq9rheTCv6Mgd7VKyRfbSR21FBYouOxIp0MMgoABlFNOeDWQczQSdi/AiYt
 glq9uMan3pxky3vxyfDxVTpvIi/wSfa6VviJMW15wsabflUTu+owieivMtlXby5u
 sGEvJYINVJOz0KwdXP6mYmPBhbPZHuu1Df6pnrXWbc2U4CqR0vortiZ0fynYAFiQ
 iFJNkJgq+FpUQciKa2x9ERKi6D+E2r48N72R/DlGOB1ICIpexoPryxlvV+dla1hR
 DYJAr8wpZpltcpx4/XDagY155Mllxg+/pX28f0yVQi5CHDgcqlEC1a/h9Jjvdm0p
 kP7lt4eCKmXmcjpgh7ofRrHDdyXzujiyleykaoPfrUqD8Vxa6/hfnPJ4Kf7vZU+U
 6O1J2CGjhYMb2fHoeh459Kzb8Z9W3l2YxLVY86LcHIheMBuoP/tij8oTVDHnfr0Q
 NyG9z6aS1+Rcrq1+c31zOl3Q1AOki4aJimW2Vw/Oh3YTjCIrtQlzjNM8DZOMrku8
 Z//KZsr39Pjpfv+T+TyxbMqaZzDn03Mlu7MwWG6ee6Gc21zlZ773YNJLduIjDkZc
 oPRPvMIhBOn2d56hr6bd
 =Vo4/
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/juanquintela/tags/migration/20151203' into staging

migration/next for 20151203

# gpg: Signature made Wed 02 Dec 2015 23:19:10 GMT using RSA key ID 5872D723
# gpg: Good signature from "Juan Quintela <quintela@redhat.com>"
# gpg:                 aka "Juan Quintela <quintela@trasno.org>"

* remotes/juanquintela/tags/migration/20151203:
  migration: do floating-point division
  migration: Clean up use of g_poll() in socket_writev_buffer()

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2015-12-03 10:43:43 +00:00
Fam Zheng
9cc0f19de2 iotests: Add regresion test case for write notifier assertion failure
The idea is to let the top level bs have a big request alignment with
blkdebug, so that the aio_write request issued from monitor will be
serialised. This tests that QEMU doesn't crash upon the read request
from the backup job's write notifier, which is a very special case of
"reentrant" request.

Signed-off-by: Fam Zheng <famz@redhat.com>
Message-id: 1448962590-2842-4-git-send-email-famz@redhat.com
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2015-12-03 11:08:07 +08:00
Fam Zheng
78b666f46b iotests: Add "add_drive_raw" method
This offers full manual control over the "-drive" options.

Signed-off-by: Fam Zheng <famz@redhat.com>
Message-id: 1448962590-2842-3-git-send-email-famz@redhat.com
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2015-12-03 11:08:07 +08:00
Fam Zheng
61408b250e block: Don't wait serialising for non-COR read requests
The assertion problem was noticed in 06c3916b35, but it wasn't
completely fixed, because even though the req is not marked as
serialising, it still gets serialised by wait_serialising_requests
against other serialising requests, which could lead to the same
assertion failure.

Fix it by even more explicitly skipping the serialising for this
specific case.

Signed-off-by: Fam Zheng <famz@redhat.com>
Message-id: 1448962590-2842-2-git-send-email-famz@redhat.com
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2015-12-03 11:08:07 +08:00
Paolo Bonzini
d21e8776f6 iothread: include id in thread name
This makes it easier to find the desired thread.  Use "IO" plus the id;
even with the 14 character limit on the thread name, enough of the id should
be readable (e.g. "IO iothreadNNN" with three characters for the number).

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Reviewed-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
Message-id: 1448372804-5034-1-git-send-email-pbonzini@redhat.com
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2015-12-03 11:08:01 +08:00
Peter Maydell
ec1b9aa89d virtio,vhost,mmap fixes for 2.5
vhost test patches to fix the travis build
 virtio ccw patch to fix virtio 1
 virtio pci patch to fix pci express
 vhost user bridge patch to fix fd leaks
 mmap-alloc patch to fix hugetlbfs on ppc64
 remove dead code for vhost (trivial)
 
 Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
 -----BEGIN PGP SIGNATURE-----
 Version: GnuPG v1
 
 iQEcBAABAgAGBQJWX1bRAAoJECgfDbjSjVRpxlQIALPApovo4s4UfeGDptnEvBxv
 2UIREbYI8+VYjg/fjpGRpjjoYctpf+EDm3TKZvN8WfiKQ4578ySeVZkAs5IFvkNt
 Cakgfx6N5okJaeymoq6pcCvAXfBuqzt31H32xzh6D/V0kHCzwMLPf3CY9ZpQCrzf
 DucSr8z8wjxuiuO2f9Whc1Qk3WJoJgWNOdxvSepmRAfFYqUxplq10QSfRXVyHZ6m
 XfQ5RdGbEhCbFPYx3i+Atd2m0xXUdr2d1qOrABe9Uty3KhIzjfbt4teJktaCBEiI
 UQLieJNC1t/m5GZFb03bWWdFtVtRwG9yapCJLXQfavq4KqAVUE5Jgs9bmjfdgwQ=
 =jndJ
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/mst/tags/for_upstream' into staging

virtio,vhost,mmap fixes for 2.5

vhost test patches to fix the travis build
virtio ccw patch to fix virtio 1
virtio pci patch to fix pci express
vhost user bridge patch to fix fd leaks
mmap-alloc patch to fix hugetlbfs on ppc64
remove dead code for vhost (trivial)

Signed-off-by: Michael S. Tsirkin <mst@redhat.com>

# gpg: Signature made Wed 02 Dec 2015 20:38:41 GMT using RSA key ID D28D5469
# gpg: Good signature from "Michael S. Tsirkin <mst@kernel.org>"
# gpg:                 aka "Michael S. Tsirkin <mst@redhat.com>"

* remotes/mst/tags/for_upstream:
  util/mmap-alloc: fix hugetlb support on ppc64
  virtio-pci: Set the QEMU_PCI_CAP_EXPRESS capability early in its DeviceClass realize method
  virtio: handle non-virtio-1-capable backend for ccw
  tests/vhost-user-bridge.c: fix fd leakage
  vhost: drop dead code
  vhost-user: verify that number of queues is non-zero
  vhost-user-test: fix crash with glib < 2.36
  vhost-user-test: use unix port for migration
  vhost-user-test: fix chardriver race

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2015-12-02 23:11:24 +00:00
Paolo Bonzini
a694ee343d migration: do floating-point division
Dividing integer expressions transferred_bytes and time_spent, and then converting
the integer quotient to type double. Any remainder, or fractional part of the
quotient, is ignored.  Fix this.

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Reviewed-by: Juan Quintela <quintela@redhat.com>
Signed-off-by: Juan Quintela <quintela@redhat.com>
2015-12-03 00:03:00 +01:00
Markus Armbruster
4e39f57c00 migration: Clean up use of g_poll() in socket_writev_buffer()
socket_writev_buffer() writes in a loop, using g_poll() to block.  If
g_poll() fails, it tries to write more before the file descriptor is
ready.  In theory, this could go into a tight loop.  In practice,
errors other than EINTR are really unlikely, and when they happen,
we're probably screwed anyway, so we can just as well loop.

Clean it up a bit: retry poll on EINTR, keep ignoring other errors.

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Paolo Bonzini <pbonzini@redhat.com>
Reviewed-by: Juan Quintela <quintela@redhat.com>
Signed-off-by: Juan Quintela <quintela@redhat.com>
2015-12-03 00:03:00 +01:00
Michael S. Tsirkin
7197fb4058 util/mmap-alloc: fix hugetlb support on ppc64
Since commit 8561c9244d "exec: allocate PROT_NONE pages on top of
RAM", it is no longer possible to back guest RAM with hugepages on ppc64
hosts:

mmap(NULL, 285212672, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) =
0x3fff57000000
mmap(0x3fff57000000, 268435456, PROT_READ|PROT_WRITE,
MAP_PRIVATE|MAP_FIXED, 19, 0) = -1 EBUSY (Device or resource busy)

This is because on ppc64, Linux fixes a page size for a virtual address
at mmap time, so we can't switch a range of memory from anonymous
small pages to hugetlbs with MAP_FIXED.

See commit d0f13e3c20b6fb73ccb467bdca97fa7cf5a574cd
("[POWERPC] Introduce address space "slices"") in Linux
history for the details.

Detect this and create the PROT_NONE mapping using the same fd.

Naturally, this makes the guard page bigger with hugetlbfs.

Based on patch by Greg Kurz.

Acked-by: Rik van Riel <riel@redhat.com>
Reviewed-by: Greg Kurz <gkurz@linux.vnet.ibm.com>
Tested-by: Greg Kurz <gkurz@linux.vnet.ibm.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2015-12-02 22:38:23 +02:00
Shmulik Ladkani
0560b0e97d virtio-pci: Set the QEMU_PCI_CAP_EXPRESS capability early in its DeviceClass realize method
In 1811e64 'hw/virtio: Add PCIe capability to virtio devices', the
QEMU_PCI_CAP_EXPRESS capability was added to virtio's pci_dev, within
'virtio_pci_realize' - the pci device object realization method.

This occurs to late, as 'pci_qdev_realize' (DeviceClass.realize of
TYPE_PCI_DEVICE) has already been called, without knowing that the
device instance is indeed an "express" instance, thus allocating
insufficient pci config space.

As a result, device may crash upon attempt to write to the PCIE config
space.

Fix, by arming the QEMU_PCI_CAP_EXPRESS capability early in virtio-pci's
own DeviceClass realize method.

This also makes code cleaner, as 'virtio_pci_realize' may now access the
'pci_is_express' predicate when needed.

Signed-off-by: Shmulik Ladkani <shmulik.ladkani@ravellosystems.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
Reviewed-by: Marcel Apfelbaum <marcel@redhat.com>
Tested-by: Marcel Apfelbaum <marcel@redhat.com>
2015-12-02 21:51:33 +02:00
Cornelia Huck
11380b3619 virtio: handle non-virtio-1-capable backend for ccw
If you run a qemu advertising VERSION_1 with an old kernel where
vhost did not yet support VERSION_1, you'll end up with a device
that is {modern pci|ccw revision 1} but does not advertise VERSION_1.
This is not a sensible configuration and is rejected by the Linux
guest drivers.

To fix this, add a ->post_plugged() callback invoked after features
have been queried that can handle the VERSION_1 bit being withdrawn
and change ccw to fall back to revision 0 if VERSION_1 is gone.

Note that pci is _not_ fixed; we'll need to rethink the approach
for the next release but at least for pci it's not a regression.

Signed-off-by: Cornelia Huck <cornelia.huck@de.ibm.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2015-12-02 19:34:11 +02:00
Victor Kaplansky
6d0b908a62 tests/vhost-user-bridge.c: fix fd leakage
This fixes file descriptor leakage in vhost-user-bridge
application. Whenever a new callfd or kickfd is set, the previous
one should be explicitly closed. File descriptors used to map
guest's memory are closed immediately after mmap call.

Signed-off-by: Victor Kaplansky <victork@redhat.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2015-12-02 19:27:26 +02:00
Peter Maydell
cf22132367 Block layer patches
-----BEGIN PGP SIGNATURE-----
 Version: GnuPG v2.0.22 (GNU/Linux)
 
 iQIcBAABAgAGBQJWXxTvAAoJEH8JsnLIjy/Wg5gQAKREoHJUx9x35EHJO+bIfCzd
 vBYbMS53VZAO308twPmA4Jxg0GyEna65Fn7qoeI0fCPSKSNibHxg+uKi/xopIsaD
 aKo+7ypp9aCqsZXDpMKMYn0JKBXIdGObE/FuQRv7ALqe9uEts8TLUzOtPNmn95YL
 nx7BJsJ+mCJucBP8owOPCNHMDnYvIpHj6bG2JxOZB+K5AFeT92gEgRKd9oPQOOY8
 N/oAqLaMkSPLDmG0ox+xbVrQflTTgktENRJpDIiYiSTRXg/5UGZs2UdqbAzCs9GA
 IBvUlrbDpEzCfnydX6r4lg7Ve5al0uWuHM31wzjeJw4zLvx7sLf5qfn9PZws/WOr
 33sq2ar0rcVpOJD03m+IYtAU8EOVrc/ek012AELJBA2pSmR//GrMVlGRfqbNWq5m
 7dgsnVaMrzESqJkiRQGn4STHAPOFHmOcK3sDq37En9rB2dbzPZr0J8YTyTp075ah
 /vujdzfacH7fkmqa4Pcz984pZoUohce5Gj8zWx8j3acl50sHCyg8tdb0P6VB+Mau
 +cL+kRPj0Lzk3opJsyylTSwyn8srLc+KMuZ2KhG30d8Dg7ogRIcoICRdq6yEM5kg
 hx3c5MS/3ArVno9OMxAz111JEr5t4bBUk1AUJszrqPuOEnCEmzktFa2ihFZ6BWbo
 3sqrpUwInznKu1mhW+Ab
 =Dtb6
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/kevin/tags/for-upstream' into staging

Block layer patches

# gpg: Signature made Wed 02 Dec 2015 15:57:35 GMT using RSA key ID C88F2FD6
# gpg: Good signature from "Kevin Wolf <kwolf@redhat.com>"

* remotes/kevin/tags/for-upstream:
  blkdebug: silence warning under qtest
  qcow2: Fix potential qemu-img check crash on 32 bit hosts

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2015-12-02 17:05:34 +00:00
Peter Maydell
2196b6f5dd -----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
 
 iQIcBAABAgAGBQJWXxIgAAoJEL2+eyfA3jBXBhkP/06PCkWeIoDt+qTRyDpKuT1e
 e+enf3Dl998/nr57nAYx1V7/fmfSnvlY2XP/+3jTaPSj0D59teUfcbaZfZCKzsJq
 ikcQiRCfq5FwtNtf40Z+paA2hmJNcbz2PcldYNd+FpY+5QoMF3JMcBm9Ju6Q5O2m
 zUAmDMsz1S25RRtKWCadsQGQW8J7dnrD/pxeYj4JmH6xTIPvT0yRZV+gh14fh2GJ
 SN4oRICd9Ov3x/n5UDu64z/7Rvk4O0ykNivrc3EN8icPJfe/fJk3zyHbBTibGwDf
 N3JHyPRBexj/uIdbo3UTCAwMj9IVQewdQbx8RnfLDK4rHpZL621hhWbbr20dOD3E
 MQBdVISE+dWlXWClYhwcVrDPVVyMVNmOTkzPsKROwsoU48nDWNhmS4OtJrbJpx2Y
 00/463/cozMMW/2Y/mD8hBJXspXOEkIXaCZeGIoo4JeOGU9CGkpvfhoj1g9AwIwM
 n8jpjurtS6qLbAuDJ19SqS7borHLaJmqdTp56qT/lkd/0WNTkCLAjhOxuuv6ysJg
 mmMfUKKww/s9YRX+nAN9nN72DEqCEEuM13nCrK8unEKdk8ltOe2cCHYxlSmEHSGR
 /QrWU9rB+V8k4GmC9sBVRTmMxadAiN0iLCRLmscGXjYswlmwOQA0KN+JqqzkUAZc
 clK1cBGgTspmvu6oZLkM
 =SdYa
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/cody/tags/block-pull-request' into staging

# gpg: Signature made Wed 02 Dec 2015 15:45:36 GMT using RSA key ID C0DE3057
# gpg: Good signature from "Jeffrey Cody <jcody@redhat.com>"
# gpg:                 aka "Jeffrey Cody <jeff@codyprime.org>"
# gpg:                 aka "Jeffrey Cody <codyprime@gmail.com>"

* remotes/cody/tags/block-pull-request:
  mirror: Quiesce source during "mirror_exit"

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2015-12-02 16:24:26 +00:00
Michael S. Tsirkin
b0ae1536c5 vhost: drop dead code
commit 1e7398a1 ("vhost: enable vhost without without MSI-X"_
dropped the implementation of vhost_dev_query,
drop it from the header file as well.

Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
Reviewed-by: Yuanhan Liu <yuanhan.liu@linux.intel.com>
2015-12-02 17:59:13 +02:00
Fam Zheng
176c36997f mirror: Quiesce source during "mirror_exit"
With dataplane, the ioeventfd events could be dispatched after
mirror_run releases the dirty bitmap, but before mirror_exit actually
does the device switch, because the iothread will still be running, and
it will cause silent data loss.

Fix this by adding a bdrv_drained_begin/end pair around the window, so
that no new external request will be handled.

Signed-off-by: Fam Zheng <famz@redhat.com>
Signed-off-by: Jeff Cody <jcody@redhat.com>
2015-12-02 10:44:06 -05:00
Peter Maydell
30a9fd5d13 * exec.c use after free
* Xen 32-on-64 breakage
 * missing EINTR
 * naughty warning under qtest
 -----BEGIN PGP SIGNATURE-----
 Version: GnuPG v2
 
 iQEcBAABCAAGBQJWXuCDAAoJEL/70l94x66DEMMH/3MDMvuFCRHM9CgBkX/VV6hZ
 S+5WLs+lit3AJ68Fas+Q/lF1inWzzR3QQFqRJUACdoKMx8B/bH3oQws42WemGIJX
 pIhgDWolTn5lRAo/9nQBUEnm2RBzAkS0qbIoXunFDGxfuZDWJDS/0sdUonrvS1X/
 3/TXsKw9/7YzaZ2x2NK7ZxCdl/XR1mw/YWHS7/TbjHWOS2HEsGB8f5xKLBUYPWPi
 /Ph41Z4Yb7biztoQ8HHOve4jfzuo3hqPp6qxvcqPfXSprEMjmpz7HiJALJXsu2O1
 uTng5/Nod6Cdm3ZrA9fTvZQH0OM7KHsLH3mcvn5NzFdfXV0EvLpH70SDmSSWRNM=
 =K3Wn
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/bonzini/tags/for-upstream' into staging

* exec.c use after free
* Xen 32-on-64 breakage
* missing EINTR
* naughty warning under qtest

# gpg: Signature made Wed 02 Dec 2015 12:13:55 GMT using RSA key ID 78C7AE83
# gpg: Good signature from "Paolo Bonzini <bonzini@gnu.org>"
# gpg:                 aka "Paolo Bonzini <pbonzini@redhat.com>"

* remotes/bonzini/tags/for-upstream:
  translate-all: ensure host page mask is always extended with 1's
  main-loop: suppress warnings under qtest
  qemu-char: retry g_poll on EINTR
  exec: Stop using memory after free

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2015-12-02 15:41:38 +00:00
Kevin Wolf
ab7fe3a29a One block patch for qemu 2.5-rc3.
-----BEGIN PGP SIGNATURE-----
 Version: GnuPG v2
 
 iQEcBAABCAAGBQJWXw5NAAoJEDuxQgLoOKytL2MIAIGgdYXmxgi9cvw8JclBAInO
 tcTh4zdv2IkoF4mGol4upUwf9vIjaHIJux9ZkyV65Vq5E8GL07xCZfUYAtv3SiAe
 cz76or9bXe3uwfgNW3uNyVAMtdzc7iL+m9cgvqXd5Kntc+P1P5v9EmLZgbZc87CZ
 HDYQeU7sfFqnUFkKYiNrpfCB2LLkvyvO5u7KPydrj11HBmtbDCypXIEp5LK6xRMK
 nZQ50k9CkIfmjuSu/6j2LeTqKJsKzjKMmiX7+ObcrOEbYXvNB1h0CGBB7IPYKPuj
 o+LCB9f5AFDcol4zMDmbQdeIkhqBOedZGYO2OcJ+RoZGO7m2tbJnQXjKr0usSVE=
 =U0uZ
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'mreitz/tags/pull-block-for-kevin-2015-12-02' into queue-block

One block patch for qemu 2.5-rc3.

# gpg: Signature made Wed Dec  2 16:29:17 2015 CET using RSA key ID E838ACAD
# gpg: Good signature from "Max Reitz <mreitz@redhat.com>"

* mreitz/tags/pull-block-for-kevin-2015-12-02:
  blkdebug: silence warning under qtest

Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2015-12-02 16:38:03 +01:00
Michael S. Tsirkin
20873526a3 blkdebug: silence warning under qtest
make check always outputs warnings, this
is not nice.  Disable blkdebug warnings under qtest.

Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
Message-id: 1448883874-17933-1-git-send-email-mst@redhat.com
Signed-off-by: Max Reitz <mreitz@redhat.com>
2015-12-02 16:28:10 +01:00
Victor Kaplansky
6f6f9512ea vhost-user: verify that number of queues is non-zero
Fix QEMU crash when -netdev type=vhost-user,queues=n is passed
with zero number of queues.

Signed-off-by: Victor Kaplansky <victork@redhat.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
Acked-by: Jason Wang <jasowang@redhat.com>
2015-12-02 16:42:27 +02:00
Marc-André Lureau
45ce512670 vhost-user-test: fix crash with glib < 2.36
The prepare callback needs to be implemented with glib < 2.36,
quoting glib documentation:
"Since 2.36 this may be NULL, in which case the effect is as if the
function always returns FALSE with a timeout of -1."

Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2015-12-02 16:42:26 +02:00
Marc-André Lureau
a899b1ea2a vhost-user-test: use unix port for migration
TCP port 1234 may be used by another process concurrently. Instead use a
temporary unix socket.

Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2015-12-02 16:42:26 +02:00
Marc-André Lureau
9732baf678 vhost-user-test: fix chardriver race
vhost-user-tests uses a helper thread to dispatch the vhost-user servers
sources. However the CharDriverState is not thread-safe. Therefore, when
it's given to the thread, it shouldn't be manipulated concurrently.

We dispatch cleaning the server in an idle source. By the end of the
test, we ensure not to leave anything behind by joining the thread and
finishing the sources dispatch.

Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2015-12-02 16:42:26 +02:00
Kevin Wolf
c2551b47c9 qcow2: Fix potential qemu-img check crash on 32 bit hosts
This crash was caught with qemu-iotests test case 138.

Commit b6d36de already fixed a few 32 bit truncation bugs that could
cause qemu-img check to allocate too little memory and consequently
it would segfault. On 32 bit hosts, there is one more place that needs
to be fixed because size_t was involved in the calculation and is a
32 bit type there.

Cc: qemu-stable@nongnu.org
Reported-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Tested-by: Michael S. Tsirkin <mst@redhat.com>
2015-12-02 13:22:29 +01:00
Paolo Bonzini
0c2d70c448 translate-all: ensure host page mask is always extended with 1's
Anthony reported that >4GB guests on Xen with 32bit QEMU broke after
commit 4ed023c ("Round up RAMBlock sizes to host page sizes", 2015-11-05).

In that patch sizes are masked against qemu_host_page_size/mask which
are uintptr_t, and thus 32bit on a 32bit QEMU, even though the ram space
might be bigger than 4GB on Xen.

Since ram_addr_t is not available on user-mode emulation targets, ensure
that we get a sign extension when masking away the low bits of the address.
Remove the ~10 year old scary comment that the type of these variables
is probably wrong, with another equally scary comment.  The new comment
however does not have "???" in it, which is arguably an improvement.

For completeness use the alignment macros in linux-user and bsd-user
instead of manually doing an &.  linux-user and bsd-user are not affected
by the Xen issue, however.

Reviewed-by: Juan Quintela <quintela@redhat.com>
Reported-by: Anthony PERARD <anthony.perard@citrix.com>
Fixes: 4ed023ce2a
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2015-12-02 13:12:30 +01:00
Michael S. Tsirkin
21a24302e8 main-loop: suppress warnings under qtest
commit 01c22f2cdd ("main-loop: Suppress
"I/O thread spun" warnings for qtest") doesn't actually disable the
warning for everyone since some tests don't run under the qtest
accelerator.

Check qtest_driver instead.

Cc: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
Message-Id: <1448882964-22433-1-git-send-email-mst@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2015-12-02 12:01:43 +01:00
Paolo Bonzini
c1f2448998 qemu-char: retry g_poll on EINTR
This is a case where pty_chr_update_read_handler_locked's lack
of error checking can produce incorrect values.  We are not using
SIGUSR1 anymore, so this is quite theoretical, but easy to fix.

Reported-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Markus Armbruster <armbru@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2015-12-02 12:01:43 +01:00
Don Slutz
55b4e80b04 exec: Stop using memory after free
memory_region_unref(mr) can free memory.

For example I got:

Program received signal SIGSEGV, Segmentation fault.
[Switching to Thread 0x7f43280d4700 (LWP 4462)]
0x00007f43323283c0 in phys_section_destroy (mr=0x7f43259468b0)
    at /home/don/xen/tools/qemu-xen-dir/exec.c:1023
1023        if (mr->subpage) {
(gdb) bt
    at /home/don/xen/tools/qemu-xen-dir/exec.c:1023
    at /home/don/xen/tools/qemu-xen-dir/exec.c:1034
    at /home/don/xen/tools/qemu-xen-dir/exec.c:2205
(gdb) p mr
$1 = (MemoryRegion *) 0x7f43259468b0

And this change prevents this.

Signed-off-by: Don Slutz <Don.Slutz@Gmail.com>
Message-Id: <1448921464-21845-1-git-send-email-Don.Slutz@Gmail.com>
Cc: qemu-stable@nongnu.org
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2015-12-02 12:01:43 +01:00
Peter Maydell
9d7b969ea6 Last minute fix
-----BEGIN PGP SIGNATURE-----
 Version: GnuPG v1
 
 iQEcBAABAgAGBQJWXiElAAoJEK0ScMxN0Cebz8IH/ilyHyS+Y8po4IguufcaYjNW
 PXU7PGSezut9WjTcJ1QGGiQVLex2SAPBWNdfVxuA4uinKmBtp3qUfdETcVWWug9k
 eXXWFnGqYJMg9FnyGIUObrQLQCbBwEDAfNEfS3UBX8j/uaedrPQBbUYVwHBx9arA
 vYnoZZcxWMfyFQmDXiiF4XO8yXuRpH6WGRL7pGCPBr4yvbBNFpLosQ3p+ADvkvqI
 oJ5ktv9bKXUfIeiUN71BGybEdz3/Up1Awv+W6lVWjtdgjCBJY51TyurVW5OK79TD
 VmkjJyg/Se3pv4px8pWFWEun3S6VXukSRwHMaGUG15T5C2KHSifafLESS1UdL9M=
 =vlPh
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/rth/tags/pull-tcg-20151201' into staging

Last minute fix

# gpg: Signature made Tue 01 Dec 2015 22:37:25 GMT using RSA key ID 4DD0279B
# gpg: Good signature from "Richard Henderson <rth7680@gmail.com>"
# gpg:                 aka "Richard Henderson <rth@redhat.com>"
# gpg:                 aka "Richard Henderson <rth@twiddle.net>"

* remotes/rth/tags/pull-tcg-20151201:
  tcg: Increase the highwater reservation

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2015-12-02 10:16:53 +00:00
Richard Henderson
b17a6d3390 tcg: Increase the highwater reservation
If there are a lot of guest memory ops in the TB, the amount of
code generated by tcg_out_tb_finalize could be well more than 1k.
In the short term, increase the reservation larger than any TB
seen in practice.

Reported-by: Aurelien Jarno <aurelien@aurel32.net>
Reviewed-by: Aurelien Jarno <aurelien@aurel32.net>
Tested-by: Aurelien Jarno <aurelien@aurel32.net>
Signed-off-by: Richard Henderson <rth@twiddle.net>
2015-12-01 14:36:32 -08:00
Peter Maydell
8d3a5d9b0f ui/cocoa.m: Prevent activation clicks from going to guest
When QEMU is brought to the foreground, the click event that activates QEMU
should not go to the guest. Accidents happen when they do go to the guest
without giving the user a chance to handle them. In particular, if the
guest input device is not an absolute-position one then the location of
the guest cursor (and thus the click) will likely not be the location of
the host cursor when it is clicked, and could be completely obscured
below another window. Don't send mouse clicks to QEMU unless the
window either has focus or has grabbed mouse events.

Reported-by: John Arbuckle <programmingkidx@gmail.com>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: John Arbuckle <programmingkidx@gmail.com>
Message-id: 1448551168-13196-1-git-send-email-peter.maydell@linaro.org
2015-12-01 21:22:41 +00:00
Peter Maydell
e3d58827fe Last round of s390x fixes for 2.5:
- The bios should be built for the first z machine, so that newer
   instructions don't creep in.
 - Silence annoying message when running make check.
 - Fix a problem with the pci iommu exposed by recent changes.
 -----BEGIN PGP SIGNATURE-----
 Version: GnuPG v1.4.11 (GNU/Linux)
 
 iQIcBAABAgAGBQJWXWF+AAoJEN7Pa5PG8C+vGboP/3HPOv/khkfJI4EVwheXg+av
 tSCOxizp0oPg02kDfOvmBl0czVL7UQN8cR6sLcEvXADJIvHqiryX8PA+1FOVpZwx
 m0ZJTb3Vt2biPbhgMf9l0d+xOAo1EQSSxeys84Z22xwNA7wCGZQN9ysBmyjCBiKh
 Oq/9D5qLGlmLb4Oz3Cb25Tw0Qhj4g7xdoNJOvfYycK8eDPxGhhSBKSm8QwKhOZY/
 o+SB4Mj/86P8UrWa037DMpYY893RRBX9YfJTEQrNG8el47rXeU8PMo79AYFtuj78
 Ps71pxMnb/UpNq5vy5Oz6qyFsqJtzfuFhDbLYHIanw1zBW8tKhHDFGd56Gz0syWe
 E8wyB6Q4hP/xYX2ozT+z+uq8/W7BGY33vk1e5jU6WWaoBypVt0gPZ4KM+g5F86JH
 ixsZFpJtijLg0CUmhubdFeiiH2j9xA99ICdqlcwdoMpK8GwPPza5tJ6LxJglU+nq
 4FOaEdkx6B3c4crwvWcWLFU3lZuQ3TVm5HcapAcq2tqO0jw7WP1gDm6c2KGrof6H
 OdPYnPARH5OboEMzcFsEVCjmY5SGhmk39FqYpa92lFfhD+jKgMqXTWR3n96HWTAu
 rNGhacPibiyohLrm0wVO1rk8kajhNK18dQA1+gYVO6DU9O0ODgS1Oozbc83PfwE7
 EIiGY4Hc9y3wB/aPTrco
 =xIKz
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/cohuck/tags/s390x-20151201' into staging

Last round of s390x fixes for 2.5:
- The bios should be built for the first z machine, so that newer
  instructions don't creep in.
- Silence annoying message when running make check.
- Fix a problem with the pci iommu exposed by recent changes.

# gpg: Signature made Tue 01 Dec 2015 08:59:42 GMT using RSA key ID C6F02FAF
# gpg: Good signature from "Cornelia Huck <huckc@linux.vnet.ibm.com>"
# gpg:                 aka "Cornelia Huck <cornelia.huck@de.ibm.com>"

* remotes/cohuck/tags/s390x-20151201:
  s390x/pci: fix up IOMMU size
  s390x: no deprecation warning while testing
  pc-bios/s390-ccw: rebuild image
  pc-bios/s390-ccw: build for z900

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2015-12-01 16:30:27 +00:00
Yi Min Zhao
f0a399dbae s390x/pci: fix up IOMMU size
Present code uses @size==UINT64_MAX to initialize IOMMU. It infers that it
can map any 64-bit IOVA whatsoever. But in fact, the largest DMA range for
each PCI Device on s390x is from ZPCI_SDMA_ADDR to ZPCI_EDMA_ADDR. The largest
value is returned from hardware, which is to indicate the largest range
hardware can support. But the real IOMMU size for specific PCI Device is
obtained once qemu intercepts mpcifc instruction that guest is requesting a
DMA range for that PCI Device. Therefore, before intercepting mpcifc instruction,
qemu cannot be aware of the size of IOMMU region that guest will use.

Moreover, iommu replay during device initialization for the whole region in
4k steps takes a very long time.

In conclusion, this patch intializes IOMMU region for each PCI Device when
intercept mpcifc instruction which is to register DMA range for the PCI Device.
And then, destroy IOMMU region when guest wants to deregister IOAT.

Signed-off-by: Yi Min Zhao <zyimin@linux.vnet.ibm.com>
Reviewed-by: Cornelia Huck <cornelia.huck@de.ibm.com>
Signed-off-by: Cornelia Huck <cornelia.huck@de.ibm.com>
2015-12-01 09:57:28 +01:00
Cornelia Huck
567c88c354 s390x: no deprecation warning while testing
'make check' tries to start all available machines; the deprecation
message for the s390-virtio machine is both useless and annoying
there. Silence it while testing.

Reported-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Cornelia Huck <cornelia.huck@de.ibm.com>
Acked-by: Christian Borntraeger <borntraeger@de.ibm.com>
Acked-by: Michael S. Tsirkin <mst@redhat.com>
2015-12-01 09:57:27 +01:00
Cornelia Huck
07af4c53a5 pc-bios/s390-ccw: rebuild image
Contains:
- pc-bios/s390-ccw: build for z900

Signed-off-by: Cornelia Huck <cornelia.huck@de.ibm.com>
2015-12-01 09:57:27 +01:00
Christian Borntraeger
7619562a64 pc-bios/s390-ccw: build for z900
Newer distributions have an architecture level set to z9, z196
or similar - also as default option for the compiler.

We should build the bios for z900 to allow it to run with
all 64bit CPUs. This will become more important as soon as
QEMU/KVM does support CPU models.

Signed-off-by: Christian Borntraeger <borntraeger@de.ibm.com>
Acked-by: Cornelia Huck <cornelia.huck@de.ibm.com>
Reviewed-by: David Hildenbrand <dahi@linux.vnet.ibm.com>
Reviewed-By: Sascha Silbe <silbe@linux.vnet.ibm.com>
Signed-off-by: Cornelia Huck <cornelia.huck@de.ibm.com>
2015-12-01 09:57:27 +01:00
Peter Maydell
d90eb45902 Two fixes for virtfs/9p from Paolo.
-----BEGIN PGP SIGNATURE-----
 Version: GnuPG v1
 
 iEYEABECAAYFAlZcWOcACgkQAvw66wEB28J96QCgoMJRcWSdhboxEXPasd9Pc4UK
 N3EAn2L/vkcFaC6cCt81jZell+jrhzCH
 =Z5Wi
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/gkurz/tags/for-upstream' into staging

Two fixes for virtfs/9p from Paolo.

# gpg: Signature made Mon 30 Nov 2015 14:10:47 GMT using DSA key ID 0101DBC2
# gpg: Good signature from "Greg Kurz <gkurz@fr.ibm.com>"
# gpg:                 aka "Greg Kurz <groug@free.fr>"
# gpg:                 aka "Greg Kurz <gkurz@linux.vnet.ibm.com>"
# gpg:                 aka "Gregory Kurz (Groug) <groug@free.fr>"
# gpg:                 aka "Gregory Kurz (Cimai Technology) <gkurz@cimai.com>"
# gpg:                 aka "Gregory Kurz (Meiosys Technology) <gkurz@meiosys.com>"
# gpg: WARNING: This key is not certified with a trusted signature!
# gpg:          There is no indication that the signature belongs to the owner.
# Primary key fingerprint: 2BD4 3B44 535E C0A7 9894  DBA2 02FC 3AEB 0101 DBC2

* remotes/gkurz/tags/for-upstream:
  virtio-9p: use QEMU thread pool
  fsdev-proxy-helper: avoid TOC/TOU race

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2015-11-30 21:59:22 +00:00
Peter Maydell
a2485925f7 ppc patch queue for qemu-2.5 20151130
target-ppc and related bugfix patches for qemu-2.5
 
 I don't have the facilities to test the Macintosh and BookE related
 patches.  I've sanity checked them (inspection + make check), but I'm
 otherwise relying on the submitters.
 -----BEGIN PGP SIGNATURE-----
 Version: GnuPG v1
 
 iQIcBAABAgAGBQJWXAvZAAoJEGw4ysog2bOSoysQALRPBXJfhPpX/tZ8+EtS5nto
 vyjghW3UGQWOi3TTBedVbFqvaOpkqh2MjtE3WVtK+TK0vy9uY1hOjBhJrJjL93eZ
 pC0Soh2cN7vsKxkDF18UFhISxnfzmozQ4F8UnhaX/IO3HiIIzhfaIAbOZ1ztrPNG
 72YztHUjilpfS2cX4fYbpk+znGzOaNCS99iSbxMsXiM44DT8ehp1Zs9LAfP+PoPa
 JN7138vmVVJmkkkeHh74SnG9XATvwtPnjvcf9sRAq5FjAW4+BsfeXYTK1wDouXGc
 nm4DlmiQNFXJMJ0Wa0rVa61WMmSrSNUe++HNPV03huVrrZPmVByH2l7qQHBufJ3e
 BVciQvtA7oVt6Zu34qHLTORxkSS7pg6SOqNTTNPPfdBzHg0WCOj20EYO8I76fCBN
 Pz6iHEeLfUmCWNKVcNix+S0AN5X/oalG/VkhH9JPzyGmJRLPBDE/TG4qgdMXIN97
 AlnVb6l4zDNj6XVuKKuWNIAP9bCZS2nOn5huijL3YlG4HhymAXqfx/Gb9pyJM9jq
 sDR+m2r5ku+D6keyfyGy4Yko0+1THZ6ViJe7d+3oELV4wXnf4Mt7LaJbdoL+uicy
 OZEnPknu/7bM7IFBGOFVxPRrcVkPaiwFOXAa+7evcDM3MiJvHfuT8SHiu7HUgyX0
 KDov5hfObYa9W88FlkHr
 =yDkn
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/dgibson/tags/ppc-for-2.5-20151130' into staging

ppc patch queue for qemu-2.5 20151130

target-ppc and related bugfix patches for qemu-2.5

I don't have the facilities to test the Macintosh and BookE related
patches.  I've sanity checked them (inspection + make check), but I'm
otherwise relying on the submitters.

# gpg: Signature made Mon 30 Nov 2015 08:42:01 GMT using RSA key ID 20D9B392
# gpg: Good signature from "David Gibson <david@gibson.dropbear.id.au>"
# gpg:                 aka "David Gibson (Red Hat) <dgibson@redhat.com>"
# gpg:                 aka "David Gibson (ozlabs.org) <dgibson@ozlabs.org>"
# gpg: WARNING: This key is not certified with sufficiently trusted signatures!
# gpg:          It is not certain that the signature belongs to the owner.
# Primary key fingerprint: 75F4 6586 AE61 A66C C44E  87DC 6C38 CACA 20D9 B392

* remotes/dgibson/tags/ppc-for-2.5-20151130:
  target-ppc/fpu_helper: fix FPSCR_FX bit shift operation
  target-ppc: Move the FPSCR bit update macros to cpu.h
  hw/ppc/ppc405_boards: Fix infinite recursion by converting taihu_cpld from old_mmio
  hw/ppc/spapr: Remove duplicated "pseries" alias
  mac_dbdma: always initialize channel field in DBDMA_channel

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2015-11-30 17:09:35 +00:00
Peter Maydell
680617ed43 wxx patch queue
-----BEGIN PGP SIGNATURE-----
 Version: GnuPG v1
 
 iQIcBAABCAAGBQJWW+MxAAoJEOCMIdVndFCtGhYQAIfazbA61o4HPUDHDjvELcm1
 7+Osu16c8pDgyuYoMZXQI3S9e6SugnVCF416LZ4xk9U4Tl2/7RXgxb0Yk46BoIXx
 t3b0zlCmopBxYUqCzfrZ+Ncy7uPttXeOUJ2l9SxZQY0cwHPXmZcsW59o1VWhVhKl
 EE6u1Yi//4MDeXgJQ2c+YQ8n5E/vdgLtKR3lUUV9o8xnHflE9hjwG1W7A8W/axgg
 Z3aVdL/sgiBcVQDuEqwNCZ0LcGlmL7NeEAHuTevll6Rzb/O4R+uhxvk1yv6LyXZs
 +/tlAyNA/Atedv7miqBsnXvQ0in+xf1fMJhfAiTte8o/wA+HgXzedg+p7M7eQrtR
 iWac+A/hgqg/EYBN/48ZkTQ4bBo7k5Vuh0SUcktMzExmQCgacsAH/B6gpqnkN3ps
 i80tlCME+voI596vEa6pLJXsPNmAo/LEo6Nd4JJ/Cp3RwljFc+8T9CF+K0cIYeUl
 x+mf4ULwgEL/Ix0u3INCCwH45o7KWg0hDjs4oGnjUgfe29CDlXI7aKfT2MjvjJlO
 th3cq4vL3bX1z3F6ZJ2b4xifmWSy6X4LrKeIYTLBaUNUnMbyuV0yJswsPU84DbJB
 RxkIKw7JVITFdfNuFnFnabcZ/lvlaIrSBksAPFMD27HWyS/bW8c1JoNAJf04OqU/
 36CAparz1QYJVEw3+xhA
 =JQbu
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/weil/tags/pull-wxx-20151130' into staging

wxx patch queue

# gpg: Signature made Mon 30 Nov 2015 05:48:33 GMT using RSA key ID 677450AD
# gpg: Good signature from "Stefan Weil <sw@weilnetz.de>"
# gpg:                 aka "Stefan Weil <stefan.weil@weilnetz.de>"
# gpg:                 aka "Stefan Weil <stefan.weil@bib.uni-mannheim.de>"
# gpg: WARNING: This key is not certified with sufficiently trusted signatures!
# gpg:          It is not certain that the signature belongs to the owner.
# Primary key fingerprint: 4923 6FEA 75C9 5D69 8EC2  B78A E08C 21D5 6774 50AD

* remotes/weil/tags/pull-wxx-20151130:
  w32: Use gcc option -mthreads
  oslib-win32: Change return type of function getpagesize
  trace/simple: Fix warning and wrong trace file name for MinGW

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2015-11-30 15:35:20 +00:00
Paolo Bonzini
ebac1202c9 virtio-9p: use QEMU thread pool
The QEMU thread pool already has a mechanism to invoke callbacks in the main
thread.  It does not need an EventNotifier and it is more efficient too.
Use it instead of GAsyncQueue + GThreadPool + glue.

As a side effect, it silences Coverity's complaint about an unchecked
return value for event_notifier_init.

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Reviewed-by: Greg Kurz <gkurz@linux.vnet.ibm.com>
(removed no more needed #include <glib.h> from virtio-9p-coth.h)
Signed-off-by: Greg Kurz <gkurz@linux.vnet.ibm.com>
2015-11-30 12:36:12 +01:00
Paolo Bonzini
49f817caaf fsdev-proxy-helper: avoid TOC/TOU race
There is a minor time of check/time of use race between statfs and chroot.
It can be fixed easily by stat-ing the root after it has been changed.

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Reviewed-by: Greg Kurz <gkurz@linux.vnet.ibm.com>
Signed-off-by: Greg Kurz <gkurz@linux.vnet.ibm.com>
2015-11-30 12:31:53 +01:00
Madhavan Srinivasan
7624789234 target-ppc/fpu_helper: fix FPSCR_FX bit shift operation
Currently in TCG mode, updating floating exception
summary bit (FPSCR_FX) in fpscr also updates
the upper 32bits of fpscr with all 1s.
Modify the bit shift operation statement to use
1ULL instead.

Signed-off-by: Madhavan Srinivasan <maddy@linux.vnet.ibm.com>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
2015-11-30 19:39:01 +11:00
Madhavan Srinivasan
dbdc13a1ac target-ppc: Move the FPSCR bit update macros to cpu.h
Move the FPSCR bit update macros defined in dfp_helper
to cpu.h. This way, fpu_helper functions can also use them

Signed-off-by: Madhavan Srinivasan <maddy@linux.vnet.ibm.com>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
2015-11-30 19:39:01 +11:00
Peter Maydell
e2a176dfda hw/ppc/ppc405_boards: Fix infinite recursion by converting taihu_cpld from old_mmio
The taihu_cpld_writel() function had an obvious typo that meant that
if it was ever called it would go into an infinite recursion. Newer
versions of clang will detect and warn about this:
  hw/ppc/ppc405_boards.c:481:1: warning: all paths through this function will call itself [-Winfinite-recursion]

Fix this by converting taihu_cpld from the legacy old_mmio accessors
to new-style ones, with an impl {} declaration to cause the core
memory code to do the splitting of 16 bit and 32 bit accesses into
multiple 8-bit accesses.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
2015-11-30 19:39:00 +11:00
Thomas Huth
9b7a70e63e hw/ppc/spapr: Remove duplicated "pseries" alias
The "pseries" alias is currently set twice, one time for the
pseries-2.4 machine and one time for the "pseries-2.5" machine.
To avoid confusion with the alias, let's remove the one from
the older machine class. And while we're at it, also remove
the "is_default = 0" there since the is_default variable
should be set to zero by default already.

Signed-off-by: Thomas Huth <thuth@redhat.com>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
2015-11-30 19:39:00 +11:00
Hervé Poussineau
7f0d763ce6 mac_dbdma: always initialize channel field in DBDMA_channel
dbdma_from_ch() uses channel field to return the right DBDMA object.
Previous code was working if guest OS was only using registered DMA channels.
However, it lead to QEMU crashes if guest OS was using unregistered DMA channels.

Signed-off-by: Hervé Poussineau <hpoussin@reactos.org>
Reviewed-by: Mark Cave-Ayland <mark.cave-ayland@ilande.co.uk>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
2015-11-30 19:38:44 +11:00