[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Qemu-commits] [qemu/qemu] f47542: virtio-ccw: move virtio_ccw_stop_ioev
|
From: |
GitHub |
|
Subject: |
[Qemu-commits] [qemu/qemu] f47542: virtio-ccw: move virtio_ccw_stop_ioeventfd to virt... |
|
Date: |
Tue, 25 Mar 2014 07:30:08 -0700 |
Branch: refs/heads/stable-1.7
Home: https://github.com/qemu/qemu
Commit: f47542925e334e17204371df2a1c9a50fa4157af
https://github.com/qemu/qemu/commit/f47542925e334e17204371df2a1c9a50fa4157af
Author: Paolo Bonzini <address@hidden>
Date: 2014-02-20 (Thu, 20 Feb 2014)
Changed paths:
M hw/s390x/virtio-ccw.c
Log Message:
-----------
virtio-ccw: move virtio_ccw_stop_ioeventfd to virtio_ccw_busdev_unplug
Similar to the PCI bug that prompted these patches, virtio-ccw will
segfault after the reworking of hotplug/hot-unplug. Prepare for
this by moving virtio_ccw_stop_ioeventfd to before the freeing
of the proxy device.
A better place for this could be the device_unplugged callback
for the virtio-ccw bus. However, we do not yet have a callback
that works: this patch avoids the problem while leaving the tree
bisectable.
Cc: address@hidden
Reported-by: Cornelia Huck <address@hidden>
Suggested-by: Cornelia Huck <address@hidden>
Reviewed-by: Cornelia Huck <address@hidden>
Acked-by: Andreas Faerber <address@hidden>
Signed-off-by: Paolo Bonzini <address@hidden>
(cherry picked from commit 0b81c1ef5c677c2a07be5f8bf0dfe2c62ef52115)
Signed-off-by: Michael Roth <address@hidden>
Commit: d765275bb1785ceaef35feabab4071dedd6e2ecd
https://github.com/qemu/qemu/commit/d765275bb1785ceaef35feabab4071dedd6e2ecd
Author: Paolo Bonzini <address@hidden>
Date: 2014-02-20 (Thu, 20 Feb 2014)
Changed paths:
M hw/virtio/virtio-bus.c
M hw/virtio/virtio-mmio.c
M hw/virtio/virtio-pci.c
M include/hw/virtio/virtio-bus.h
Log Message:
-----------
virtio-bus: remove vdev field
The vdev field is complicated to synchronize. Just access the
BusState's list of children.
Cc: address@hidden
Acked-by: Andreas Faerber <address@hidden>
Signed-off-by: Paolo Bonzini <address@hidden>
(cherry picked from commit 06d3dff0723c712a4b109ced4243edf49ef850af)
Signed-off-by: Michael Roth <address@hidden>
Commit: a9b9ca7e0ebd9ce045158b0b00029cad827f3958
https://github.com/qemu/qemu/commit/a9b9ca7e0ebd9ce045158b0b00029cad827f3958
Author: Paolo Bonzini <address@hidden>
Date: 2014-02-20 (Thu, 20 Feb 2014)
Changed paths:
M hw/s390x/virtio-ccw.c
M hw/s390x/virtio-ccw.h
Log Message:
-----------
virtio-ccw: remove vdev field
The vdev field is complicated to synchronize. Just access the
BusState's list of children.
Cc: address@hidden
Reviewed-by: Cornelia Huck <address@hidden>
Acked-by: Andreas Faerber <address@hidden>
Signed-off-by: Paolo Bonzini <address@hidden>
(cherry picked from commit f24a684073bcdaf4e9d3c592345744ba3356d9e3)
Signed-off-by: Michael Roth <address@hidden>
Commit: cbf23fdf219a20191e115725fd15fb7521136dd4
https://github.com/qemu/qemu/commit/cbf23fdf219a20191e115725fd15fb7521136dd4
Author: Paolo Bonzini <address@hidden>
Date: 2014-02-20 (Thu, 20 Feb 2014)
Changed paths:
M hw/virtio/virtio-pci.c
M hw/virtio/virtio-pci.h
Log Message:
-----------
virtio-pci: remove vdev field
The vdev field is complicated to synchronize. Just access the
BusState's list of children.
Cc: address@hidden
Acked-by: Andreas Faerber <address@hidden>
Signed-off-by: Paolo Bonzini <address@hidden>
(cherry picked from commit a3fc66d9fd37acbfcee013692246a8ae42bd93bb)
Signed-off-by: Michael Roth <address@hidden>
Commit: 40699a469ec9ead969bb89e0cf6bd6254566bb54
https://github.com/qemu/qemu/commit/40699a469ec9ead969bb89e0cf6bd6254566bb54
Author: Paolo Bonzini <address@hidden>
Date: 2014-02-20 (Thu, 20 Feb 2014)
Changed paths:
M hw/virtio/virtio-bus.c
M hw/virtio/virtio.c
M include/hw/virtio/virtio-bus.h
M include/hw/virtio/virtio.h
Log Message:
-----------
virtio-bus: cleanup plug/unplug interface
Right now we have these pairs:
- virtio_bus_plug_device/virtio_bus_destroy_device. The first
takes a VirtIODevice, the second takes a VirtioBusState
- device_plugged/device_unplug callbacks in the VirtioBusClass
(here it's just the naming that is inconsistent)
- virtio_bus_destroy_device is not called by anyone (and since
it calls qdev_free, it would be called by the proxies---but
then the callback is useless since the proxies can do whatever
they want before calling virtio_bus_destroy_device)
And there is a k->init but no k->exit, hence virtio_device_exit is
overwritten by subclasses (except virtio-9p). This cleans it up by:
- renaming the device_unplug callback to device_unplugged
- renaming virtio_bus_plug_device to virtio_bus_device_plugged,
matching the callback name
- renaming virtio_bus_destroy_device to virtio_bus_device_unplugged,
removing the qdev_free, making it take a VirtIODevice and calling it
from virtio_device_exit
- adding a k->exit callback
virtio_device_exit is still overwritten, the next patches will fix that.
Cc: address@hidden
Acked-by: Andreas Faerber <address@hidden>
Signed-off-by: Paolo Bonzini <address@hidden>
(cherry picked from commit 5e96f5d2f8d2696ef7d2d8d7282c18fa6023470b)
Signed-off-by: Michael Roth <address@hidden>
Commit: e84e23de3595c48d58745d518c323350bbf228f0
https://github.com/qemu/qemu/commit/e84e23de3595c48d58745d518c323350bbf228f0
Author: Paolo Bonzini <address@hidden>
Date: 2014-02-20 (Thu, 20 Feb 2014)
Changed paths:
M hw/block/virtio-blk.c
Log Message:
-----------
virtio-blk: switch exit callback to VirtioDeviceClass
This ensures hot-unplug is handled properly by the proxy, and avoids
leaking bus_name which is freed by virtio_device_exit.
Cc: address@hidden
Acked-by: Andreas Faerber <address@hidden>
Signed-off-by: Paolo Bonzini <address@hidden>
(cherry picked from commit 40dfc16f5fe0afb66f9436718781264dfadb6c61)
Signed-off-by: Michael Roth <address@hidden>
Commit: e6c007056c3c40017bf8d00e4a0d259905f6e2cf
https://github.com/qemu/qemu/commit/e6c007056c3c40017bf8d00e4a0d259905f6e2cf
Author: Paolo Bonzini <address@hidden>
Date: 2014-02-20 (Thu, 20 Feb 2014)
Changed paths:
M hw/char/virtio-serial-bus.c
Log Message:
-----------
virtio-serial: switch exit callback to VirtioDeviceClass
This ensures hot-unplug is handled properly by the proxy, and avoids
leaking bus_name which is freed by virtio_device_exit.
Cc: address@hidden
Acked-by: Andreas Faerber <address@hidden>
Signed-off-by: Paolo Bonzini <address@hidden>
(cherry picked from commit 0e86c13fe2058adb8c792ebb7c51a6a7ca9d3d55)
Signed-off-by: Michael Roth <address@hidden>
Commit: 8f08550ee2c743c1c3057849d3fb4093afac3472
https://github.com/qemu/qemu/commit/8f08550ee2c743c1c3057849d3fb4093afac3472
Author: Paolo Bonzini <address@hidden>
Date: 2014-02-20 (Thu, 20 Feb 2014)
Changed paths:
M hw/net/virtio-net.c
Log Message:
-----------
virtio-net: switch exit callback to VirtioDeviceClass
This ensures hot-unplug is handled properly by the proxy, and avoids
leaking bus_name which is freed by virtio_device_exit.
Cc: address@hidden
Acked-by: Andreas Faerber <address@hidden>
Signed-off-by: Paolo Bonzini <address@hidden>
(cherry picked from commit 3786cff5eb384d058395a2729af627fa3253d056)
Signed-off-by: Michael Roth <address@hidden>
Commit: 478f1f6ccfc4195d6ad136e1108199c091214c9f
https://github.com/qemu/qemu/commit/478f1f6ccfc4195d6ad136e1108199c091214c9f
Author: Paolo Bonzini <address@hidden>
Date: 2014-02-20 (Thu, 20 Feb 2014)
Changed paths:
M hw/scsi/vhost-scsi.c
M hw/scsi/virtio-scsi.c
M include/hw/virtio/virtio-scsi.h
Log Message:
-----------
virtio-scsi: switch exit callback to VirtioDeviceClass
This ensures hot-unplug is handled properly by the proxy, and avoids
leaking bus_name which is freed by virtio_device_exit.
Cc: address@hidden
Acked-by: Andreas Faerber <address@hidden>
Signed-off-by: Paolo Bonzini <address@hidden>
(cherry picked from commit e3c9d76acc984218264bbc6435b0c09f959ed9b8)
Signed-off-by: Michael Roth <address@hidden>
Commit: def56d28cfc58ffd6945947421447ab6cd6c73de
https://github.com/qemu/qemu/commit/def56d28cfc58ffd6945947421447ab6cd6c73de
Author: Paolo Bonzini <address@hidden>
Date: 2014-02-20 (Thu, 20 Feb 2014)
Changed paths:
M hw/virtio/virtio-balloon.c
Log Message:
-----------
virtio-balloon: switch exit callback to VirtioDeviceClass
This ensures hot-unplug is handled properly by the proxy, and avoids
leaking bus_name which is freed by virtio_device_exit.
Cc: address@hidden
Acked-by: Andreas Faerber <address@hidden>
Signed-off-by: Paolo Bonzini <address@hidden>
(cherry picked from commit baa61b9870dd7e0bb07e0ae61c6ec805db13f699)
Signed-off-by: Michael Roth <address@hidden>
Commit: 3220207c276500cc335476f95c6e35c80709bc34
https://github.com/qemu/qemu/commit/3220207c276500cc335476f95c6e35c80709bc34
Author: Paolo Bonzini <address@hidden>
Date: 2014-02-20 (Thu, 20 Feb 2014)
Changed paths:
M hw/virtio/virtio-rng.c
Log Message:
-----------
virtio-rng: switch exit callback to VirtioDeviceClass
This ensures hot-unplug is handled properly by the proxy, and avoids
leaking bus_name which is freed by virtio_device_exit.
Cc: address@hidden
Acked-by: Andreas Faerber <address@hidden>
Signed-off-by: Paolo Bonzini <address@hidden>
(cherry picked from commit 7bb6edb0e3dd78d74e0ac980cf6c0a07307f61bf)
Signed-off-by: Michael Roth <address@hidden>
Commit: 810766d9dd78ebe61891deff6b73efa85934c260
https://github.com/qemu/qemu/commit/810766d9dd78ebe61891deff6b73efa85934c260
Author: Paolo Bonzini <address@hidden>
Date: 2014-02-20 (Thu, 20 Feb 2014)
Changed paths:
M hw/virtio/virtio-pci.c
Log Message:
-----------
virtio-pci: add device_unplugged callback
This fixes a crash in hot-unplug of virtio-pci devices behind a PCIe
switch. The crash happens because the ioeventfd is still set whent the
child is destroyed (destruction happens in postorder). Then the proxy
tries to unset to ioeventfd, but the virtqueue structure that holds the
EventNotifier has been trashed in the meanwhile. kvm_set_ioeventfd_pio
does not expect failure and aborts.
The fix is simply to move parts of uninitialization to a new
device_unplugged callback, which is called before the child is destroyed.
Cc: address@hidden
Acked-by: Andreas Faerber <address@hidden>
Signed-off-by: Paolo Bonzini <address@hidden>
(cherry picked from commit 06a1307379fcd6c551185ad87679cd7ed896b9ea)
Signed-off-by: Michael Roth <address@hidden>
Commit: df3e347891e4aaf84af983f9e3229079f1b9d2c4
https://github.com/qemu/qemu/commit/df3e347891e4aaf84af983f9e3229079f1b9d2c4
Author: Paolo Bonzini <address@hidden>
Date: 2014-02-20 (Thu, 20 Feb 2014)
Changed paths:
M hw/scsi/scsi-bus.c
Log Message:
-----------
scsi-bus: fix transfer length and direction for VERIFY command
The amount of bytes to transfer depends on the BYTCHK field.
If any data is transferred, it is sent to the device.
Cc: address@hidden
Tested-by: Hervé Poussineau <address@hidden>
Signed-off-by: Paolo Bonzini <address@hidden>
(cherry picked from commit d12ad44cc4cc9142179e64295608611f118b8ad8)
Signed-off-by: Michael Roth <address@hidden>
Commit: 30a08ab4e15a5fc810c9b4541456d2ebac68c646
https://github.com/qemu/qemu/commit/30a08ab4e15a5fc810c9b4541456d2ebac68c646
Author: Paolo Bonzini <address@hidden>
Date: 2014-02-20 (Thu, 20 Feb 2014)
Changed paths:
M hw/scsi/scsi-disk.c
Log Message:
-----------
scsi-disk: fix VERIFY emulation
VERIFY emulation was completely botched (and remained botched through
all the refactorings). The command must be emulated both in check-medium
mode (BYTCHK=00, which we implement by doing nothing) and in check-bytes
mode (which we do not implement yet). Unlike WRITE AND VERIFY (which we
treat simply as WRITE with FUA bit set), VERIFY cannot be handled like
READ. In fact the device is _receiving_ data for VERIFY, not _sending_
it like READ.
Cc: address@hidden
Tested-by: Hervé Poussineau <address@hidden>
Signed-off-by: Paolo Bonzini <address@hidden>
(cherry picked from commit d97e7730816094a71cd1f19a56d7a73f77cdbf96)
Conflicts:
hw/scsi/scsi-disk.c
*fixed up WRITE_SAME_* conflicts due to 84f94a9a not being in 1.7.0
Signed-off-by: Michael Roth <address@hidden>
Commit: 97f74de48cbedeb2555ddf85c2cfe822ef8eadb2
https://github.com/qemu/qemu/commit/97f74de48cbedeb2555ddf85c2cfe822ef8eadb2
Author: Gerd Hoffmann <address@hidden>
Date: 2014-02-20 (Thu, 20 Feb 2014)
Changed paths:
M hw/audio/intel-hda.c
Log Message:
-----------
intel-hda: fix position buffer
Fix position buffer updates to use the correct stream offset.
Without this patch both IN (record) and OUT (playback) streams
will update the IN buffer positions. The linux kernel notices
and complains:
hda-intel: Invalid position buffer, using LPIB read method instead.
The bug may also lead to glitches when recording and playing
at the same time:
https://bugzilla.redhat.com/show_bug.cgi?id=947785
Cc: address@hidden
Signed-off-by: Gerd Hoffmann <address@hidden>
(cherry picked from commit d58ce68a454e5ae9cbde0308def379e272f13b10)
Signed-off-by: Michael Roth <address@hidden>
Commit: 8fa58fe91014abfde61c759e805b8a3bda33bef0
https://github.com/qemu/qemu/commit/8fa58fe91014abfde61c759e805b8a3bda33bef0
Author: Marcel Apfelbaum <address@hidden>
Date: 2014-02-20 (Thu, 20 Feb 2014)
Changed paths:
M memory.c
Log Message:
-----------
memory.c: bugfix - ref counting mismatch in memory_region_find
'address_space_get_flatview' gets a reference to a FlatView.
If the flatview lookup fails, the code returns without
"unreferencing" the view.
Cc: address@hidden
Signed-off-by: Marcel Apfelbaum <address@hidden>
Reviewed-by: Paolo Bonzini <address@hidden>
Reviewed-by: Michael S. Tsirkin <address@hidden>
Signed-off-by: Michael S. Tsirkin <address@hidden>
(cherry picked from commit 6307d974f9a28bb6652352f52da97f820427d29d)
Signed-off-by: Michael Roth <address@hidden>
Commit: 2dc79753001520d94ed0373357a1be88a02a015a
https://github.com/qemu/qemu/commit/2dc79753001520d94ed0373357a1be88a02a015a
Author: Peter Crosthwaite <address@hidden>
Date: 2014-02-20 (Thu, 20 Feb 2014)
Changed paths:
M include/qom/object.h
M qom/object.c
Log Message:
-----------
qom: Split out object and class caches
The object-cast and class-cast caches cannot be shared because class
caching is conditional on the target type not being an interface and
object caching is unconditional. Leads to a bug when a class cast
to an interface follows an object cast to the same interface type:
FooObject = FOO(obj);
FooClass = FOO_GET_CLASS(obj);
Where TYPE_FOO is an interface. The first (object) cast will be
successful and cache the casting result (i.e. TYPE_FOO will be cached).
The second (class) cast will then check the shared cast cache
and register a hit. The issue is, when a class cast hits in the cache
it just returns a pointer cast of the input class (i.e. the concrete
class).
When casting to an interface, the cast itself must return the
interface class, not the concrete class. The implementation of class
cast caching already ensures that the returned cast result is only
a pointer cast before caching. The object cast logic however does
not have this check.
Resolve by just splitting the object and class caches.
Cc: address@hidden
Signed-off-by: Peter Crosthwaite <address@hidden>
Reviewed-by: Paolo Bonzini <address@hidden>
Tested-by: Nathan Rossi <address@hidden>
Reviewed-by: Edgar E. Iglesias <address@hidden>
Signed-off-by: Andreas Färber <address@hidden>
(cherry picked from commit 0ab4c94c844cb3953adedbd27adc378b3cf31d9e)
Signed-off-by: Michael Roth <address@hidden>
Commit: f227ed1842180b0faeef0b4f9cde184cfd46cafc
https://github.com/qemu/qemu/commit/f227ed1842180b0faeef0b4f9cde184cfd46cafc
Author: Matthew Garrett <address@hidden>
Date: 2014-02-20 (Thu, 20 Feb 2014)
Changed paths:
M migration.c
Log Message:
-----------
migration: Fix rate limit
The migration thread appears to want to allow writeout to occur at full
speed rather than being rate limited during completion of state saving,
but sets the limit to INT_MAX when xfer_limit is INT64_MAX. This causes
problems if there's more than 2GB of state left to save at this point. It
probably ought to just be INT64_MAX instead.
Signed-off-by: Matthew Garrett <address@hidden>
Reviewed-by: Paolo Bonzini <address@hidden>
Signed-off-by: Juan Quintela <address@hidden>
(cherry picked from commit 40596834c0d57a223124a956ccbe39dfeadc9f0e)
Signed-off-by: Michael Roth <address@hidden>
Commit: 50a203c3b926466c59f122943804c6bc36256848
https://github.com/qemu/qemu/commit/50a203c3b926466c59f122943804c6bc36256848
Author: Paolo Bonzini <address@hidden>
Date: 2014-02-20 (Thu, 20 Feb 2014)
Changed paths:
M vl.c
Log Message:
-----------
vl: add missing transition debug->finish_migrate
This fixes an abort if you invoke the "migrate" command while the
guest is being debugged.
Cc: address@hidden
Cc: address@hidden
Signed-off-by: Paolo Bonzini <address@hidden>
Signed-off-by: Luiz Capitulino <address@hidden>
(cherry picked from commit eca01d3a93be4041ac5858ef7676e60352e9c2ed)
Signed-off-by: Michael Roth <address@hidden>
Commit: b8fca09eecd364e79f29294aa5366718ffc9469a
https://github.com/qemu/qemu/commit/b8fca09eecd364e79f29294aa5366718ffc9469a
Author: Alexander Graf <address@hidden>
Date: 2014-02-20 (Thu, 20 Feb 2014)
Changed paths:
M target-i386/helper.c
Log Message:
-----------
x86: only allow real mode to access 32bit without LMA
When we're running in non-64bit mode with qemu-system-x86_64 we can
still end up with virtual addresses that are above the 32bit boundary
if a segment offset is set up.
GNU Hurd does exactly that. It sets the segment offset to 0x80000000 and
puts its EIP value to 0x8xxxxxxx to access low memory.
This doesn't hit us when we enable paging, as there we just mask away the
unused bits. But with real mode, we assume that vaddr == paddr which is
wrong in this case. Real hardware wraps the virtual address around at the
32bit boundary. So let's do the same.
This fixes booting GNU Hurd in qemu-system-x86_64 for me.
Reported-by: Michael Tokarev <address@hidden>
Signed-off-by: Alexander Graf <address@hidden>
Reviewed-by: Richard Henderson <address@hidden>
Signed-off-by: Michael Tokarev <address@hidden>
(cherry picked from commit 33dfdb56f2f3c8686d218395b871ec12fd5bf30b)
Signed-off-by: Michael Roth <address@hidden>
Commit: 29b0fcc181341bf1308a7c7645401815d5834232
https://github.com/qemu/qemu/commit/29b0fcc181341bf1308a7c7645401815d5834232
Author: Markus Armbruster <address@hidden>
Date: 2014-02-20 (Thu, 20 Feb 2014)
Changed paths:
M qdev-monitor.c
Log Message:
-----------
qdev-monitor: Avoid device_add crashing on non-device driver name
Watch this:
$ upstream-qemu -nodefaults -S -display none -monitor stdio
QEMU 1.7.50 monitor - type 'help' for more information
(qemu) device_add rng-egd
/work/armbru/qemu/qdev-monitor.c:491:qdev_device_add: Object 0x2089b00 is
not an instance of type device
Aborted (core dumped)
Crashes because "rng-egd" exists, but isn't a subtype of TYPE_DEVICE.
Broken in commit 18b6dad.
Cc: address@hidden
Signed-off-by: Markus Armbruster <address@hidden>
Signed-off-by: Andreas Färber <address@hidden>
(cherry picked from commit 061e84f7a469ad1f94f3b5f6a5361b346ab990e8)
Signed-off-by: Michael Roth <address@hidden>
Commit: e480a1b8ff8292c6d014b930dff0ffbcaf14508a
https://github.com/qemu/qemu/commit/e480a1b8ff8292c6d014b930dff0ffbcaf14508a
Author: Paolo Bonzini <address@hidden>
Date: 2014-02-20 (Thu, 20 Feb 2014)
Changed paths:
M exec.c
M translate-all.c
M translate-all.h
Log Message:
-----------
split definitions for exec.c and translate-all.c radix trees
The exec.c and translate-all.c radix trees are quite different, and
the exec.c one in particular is not limited to the CPU---it can be
used also by devices that do DMA, and in that case the address space
is not limited to TARGET_PHYS_ADDR_SPACE_BITS bits.
We want to make exec.c's radix trees 64-bit wide. As a first step,
stop sharing the constants between exec.c and translate-all.c.
exec.c gets P_L2_* constants, translate-all.c gets V_L2_*, for
consistency with the existing V_L1_* symbols. Though actually
in the softmmu case translate-all.c is also indexed by physical
addresses...
This patch has no semantic change.
Signed-off-by: Paolo Bonzini <address@hidden>
Signed-off-by: Michael S. Tsirkin <address@hidden>
(cherry picked from commit 03f4995781a64e106e6f73864a1e9c4163dac53b)
*prereq for 53cb28c backport
Signed-off-by: Michael Roth <address@hidden>
Commit: 6a108c4802809f9f3c7e5cc49724f5131acb5bb8
https://github.com/qemu/qemu/commit/6a108c4802809f9f3c7e5cc49724f5131acb5bb8
Author: Michael S. Tsirkin <address@hidden>
Date: 2014-02-20 (Thu, 20 Feb 2014)
Changed paths:
M exec.c
Log Message:
-----------
exec: replace leaf with skip
In preparation for dynamic radix tree depth support, rename is_leaf
field to skip, telling us how many bits to skip to next level.
Set to 0 for leaf.
Signed-off-by: Michael S. Tsirkin <address@hidden>
(cherry picked from commit 9736e55b78dc49b7f3a265932ab32ed360f633e4)
*prereq for 53cb28c backport
Signed-off-by: Michael Roth <address@hidden>
Commit: 4c3e00d83f19206cd916edb3d6869478dcbc3ab0
https://github.com/qemu/qemu/commit/4c3e00d83f19206cd916edb3d6869478dcbc3ab0
Author: Michael S. Tsirkin <address@hidden>
Date: 2014-02-20 (Thu, 20 Feb 2014)
Changed paths:
M exec.c
Log Message:
-----------
exec: pass hw address to phys_page_find
callers always shift by target page bits so let's just do this
internally.
Signed-off-by: Michael S. Tsirkin <address@hidden>
(cherry picked from commit 97115a8d4500abeb090b968f01605e0bdafcdfd3)
*prereq for 53cb28c backport
Signed-off-by: Michael Roth <address@hidden>
Commit: 44c68b84aed0b642514b75dc980779c79ca37d45
https://github.com/qemu/qemu/commit/44c68b84aed0b642514b75dc980779c79ca37d45
Author: Marcel Apfelbaum <address@hidden>
Date: 2014-02-20 (Thu, 20 Feb 2014)
Changed paths:
M exec.c
Log Message:
-----------
exec: separate sections and nodes per address space
Every address space has its own nodes and sections, but
it uses the same global arrays of nodes/section.
This limits the number of devices that can be attached
to the guest to 20-30 devices. It happens because:
- The sections array is limited to 2^12 entries.
- The main memory has at least 100 sections.
- Each device address space is actually an alias to
main memory, multiplying its number of nodes/sections.
Remove the limitation by using separate arrays of
nodes and sections for each address space.
Signed-off-by: Marcel Apfelbaum <address@hidden>
Reviewed-by: Michael S. Tsirkin <address@hidden>
Reviewed-by: Paolo Bonzini <address@hidden>
Signed-off-by: Michael S. Tsirkin <address@hidden>
(cherry picked from commit 53cb28cbfea038f8ad50132dc8a684e638c7d48b)
Conflicts:
exec.c
*removed dependency on b35ba30
Signed-off-by: Michael Roth <address@hidden>
Commit: 8b6d92a56592a97c83da211c20864f4e754bbd9e
https://github.com/qemu/qemu/commit/8b6d92a56592a97c83da211c20864f4e754bbd9e
Author: Michael S. Tsirkin <address@hidden>
Date: 2014-02-20 (Thu, 20 Feb 2014)
Changed paths:
M hw/i386/pc.c
M hw/i386/pc_piix.c
M hw/pci-host/piix.c
M hw/pci-host/q35.c
M include/hw/i386/pc.h
M include/hw/pci-host/q35.h
Log Message:
-----------
pc: map PCI address space as catchall region for not mapped addresses
With a help of negative memory region priority PCI address space
is mapped underneath RAM regions effectively catching every access
to addresses not mapped by any other region.
It simplifies PCI address space mapping into system address space.
Signed-off-by: Michael S. Tsirkin <address@hidden>
Signed-off-by: Igor Mammedov <address@hidden>
(cherry picked from commit 83d08f2673504a299194dcac1657a13754b5932a)
*prereq for ddaaefb backport
Signed-off-by: Michael Roth <address@hidden>
Commit: 03bc4f66280023cba17f8cdbd3a5b6589db343be
https://github.com/qemu/qemu/commit/03bc4f66280023cba17f8cdbd3a5b6589db343be
Author: Gerd Hoffmann <address@hidden>
Date: 2014-02-20 (Thu, 20 Feb 2014)
Changed paths:
M hw/i386/pc_piix.c
M hw/pci-host/piix.c
M include/hw/i386/pc.h
Log Message:
-----------
piix: fix 32bit pci hole
Make the 32bit pci hole start at end of ram, so all possible address
space is covered.
We used to try and make addresses aligned so they are easier to cover
with MTRRs, but since they are cosmetic on KVM, this is probably not
worth worrying about.
Of course the firmware can use less than that. Leaving space unused is
no problem, mapping pci bars outside the hole causes problems though.
Signed-off-by: Gerd Hoffmann <address@hidden>
Signed-off-by: Laszlo Ersek <address@hidden>
Reviewed-by: Michael S. Tsirkin <address@hidden>
Signed-off-by: Michael S. Tsirkin <address@hidden>
(cherry picked from commit ddaaefb4dd427d6d2e41c1cfbe0cd8d8e8d6aad9)
Signed-off-by: Michael Roth <address@hidden>
Commit: b9cabc36a20a43a5b96686a1df47984ff983c395
https://github.com/qemu/qemu/commit/b9cabc36a20a43a5b96686a1df47984ff983c395
Author: Petar Jovanovic <address@hidden>
Date: 2014-02-20 (Thu, 20 Feb 2014)
Changed paths:
M target-mips/translate.c
Log Message:
-----------
target-mips: fix 64-bit FPU config for user-mode emulation
FR bit should be initialized to 1 for MIPS64, under condition that this
bit is writable and that CPU has an FPU unit. It should be initialized to
zero for MIPS32.
This fixes different MIPS32 issues with FPU instructions whose behaviour
defaulted to 64-bit FPU mode.
Signed-off-by: Petar Jovanovic <address@hidden>
Signed-off-by: Aurelien Jarno <address@hidden>
(cherry picked from commit 4d66261f71f2efa31e1052e4041c5ee505572fe5)
Signed-off-by: Michael Roth <address@hidden>
Commit: 0bc4142e7f44c11c65b25646d5f4d2243eef60a0
https://github.com/qemu/qemu/commit/0bc4142e7f44c11c65b25646d5f4d2243eef60a0
Author: Petar Jovanovic <address@hidden>
Date: 2014-02-20 (Thu, 20 Feb 2014)
Changed paths:
M linux-user/syscall.c
Log Message:
-----------
linux-user: pass correct parameter to do_shmctl()
Fix shmctl issue by passing correct parameter buf to do_shmctl().
Signed-off-by: Petar Jovanovic <address@hidden>
Signed-off-by: Riku Voipio <address@hidden>
(cherry picked from commit a29267846a52b4ca294ba3a962b74b67df7ce6d2)
Signed-off-by: Michael Roth <address@hidden>
Commit: 75b4b747a24d5a6e51fb6eb5fb33e2a83748eb80
https://github.com/qemu/qemu/commit/75b4b747a24d5a6e51fb6eb5fb33e2a83748eb80
Author: Petar Jovanovic <address@hidden>
Date: 2014-02-21 (Fri, 21 Feb 2014)
Changed paths:
A linux-user/aarch64/target_structs.h
A linux-user/alpha/target_structs.h
A linux-user/arm/target_structs.h
A linux-user/cris/target_structs.h
A linux-user/i386/target_structs.h
A linux-user/m68k/target_structs.h
A linux-user/microblaze/target_structs.h
A linux-user/mips/target_structs.h
M linux-user/mips64/target_cpu.h
A linux-user/mips64/target_structs.h
A linux-user/openrisc/target_structs.h
A linux-user/ppc/target_structs.h
M linux-user/qemu.h
A linux-user/s390x/target_structs.h
A linux-user/sh4/target_structs.h
A linux-user/sparc/target_structs.h
A linux-user/sparc64/target_structs.h
M linux-user/syscall.c
A linux-user/unicore32/target_structs.h
A linux-user/x86_64/target_structs.h
Log Message:
-----------
linux-user: create target_structs header to place ipc_perm and shmid_ds
Creating target_structs header in linux-user/$arch/ and making
target_ipc_perm and target_shmid_ds its first inhabitants.
The struct defintions may/should be further fine-tuned by arch maintainers.
Signed-off-by: Petar Jovanovic <address@hidden>
Signed-off-by: Riku Voipio <address@hidden>
(cherry picked from commit 55a2b1631fb343edac4a2d4596c72e58ee1372b3)
Signed-off-by: Michael Roth <address@hidden>
Commit: 0e282aca861e63125ddd2da4fc954ee7421edc8d
https://github.com/qemu/qemu/commit/0e282aca861e63125ddd2da4fc954ee7421edc8d
Author: Brad <address@hidden>
Date: 2014-02-21 (Fri, 21 Feb 2014)
Changed paths:
M configure
M pc-bios/optionrom/Makefile
Log Message:
-----------
Fix QEMU build on OpenBSD on x86 archs
This resolves the build issue with building the ROMs on OpenBSD on x86 archs.
As of OpenBSD 5.3 the compiler builds PIE binaries by default and thus the
whole OS/packages and so forth. The ROMs need to have PIE disabled.
Check in configure whether the compiler supports the flags for disabling
PIE, and if it does then use them for building the ROMs. This fixes the
following buildbot failure:
>From the OpenBSD buildbots..
Building optionrom/multiboot.img
ld: multiboot.o: relocation R_X86_64_16 can not be used when making a shared
object; recompile with -fPIC
Signed-off by: Brad Smith <address@hidden>
Reviewed-by: Stefan Hajnoczi <address@hidden>
Signed-off-by: Peter Maydell <address@hidden>
(cherry picked from commit 46eef33b89e936ca793e13c4aeea1414e97e8dbb)
Signed-off-by: Michael Roth <address@hidden>
Commit: 6ec62b79e34fb2d3948432df2e7a6bb963c2eae1
https://github.com/qemu/qemu/commit/6ec62b79e34fb2d3948432df2e7a6bb963c2eae1
Author: Aurelien Jarno <address@hidden>
Date: 2014-02-21 (Fri, 21 Feb 2014)
Changed paths:
M tcg/optimize.c
Log Message:
-----------
tcg/optimize: fix known-zero bits for right shift ops
32-bit versions of sar and shr ops should not propagate known-zero bits
from the unused 32 high bits. For sar it could even lead to wrong code
being generated.
Cc: address@hidden
Reviewed-by: Paolo Bonzini <address@hidden>
Signed-off-by: Aurelien Jarno <address@hidden>
Signed-off-by: Richard Henderson <address@hidden>
(cherry picked from commit e46b225a3137e62c975c49aaae7bb5f9583cc428)
Signed-off-by: Michael Roth <address@hidden>
Commit: 9692bad34dcb0dcfc46a968ee1d7c69510d268a7
https://github.com/qemu/qemu/commit/9692bad34dcb0dcfc46a968ee1d7c69510d268a7
Author: Michael S. Tsirkin <address@hidden>
Date: 2014-02-21 (Fri, 21 Feb 2014)
Changed paths:
M hw/timer/hpet.c
M include/hw/timer/hpet.h
Log Message:
-----------
hpet: fix build with CONFIG_HPET off
make hpet_find inline so we don't need
to build hpet.c to check if hpet is enabled.
Fixes link error with CONFIG_HPET off.
Cc: address@hidden
Signed-off-by: Michael S. Tsirkin <address@hidden>
(cherry picked from commit 142e0950cfaf023a81112dc3cdfa799d769886a4)
Signed-off-by: Michael Roth <address@hidden>
Commit: 02e1c55ddd971a565dbf473c23ed29d4e07ad42b
https://github.com/qemu/qemu/commit/02e1c55ddd971a565dbf473c23ed29d4e07ad42b
Author: Peter Lieven <address@hidden>
Date: 2014-02-21 (Fri, 21 Feb 2014)
Changed paths:
M block/iscsi.c
Log Message:
-----------
block/iscsi: use a bh to schedule co reentrance
this fixes a potential segfault and performance regression.
If the coroutine is reentered directly in the iscsi_co_generic_cb
iscsi_process_{read,write} are interrupted and reentered any
time later. One the one hand this could happen after an iscsi_close
where the iscsi context is already gone (segfault). On the
other hand this limits the number of processed callbacks
in each aio_dispatch to one (potential performance regression).
Cc: address@hidden
Signed-off-by: Peter Lieven <address@hidden>
Signed-off-by: Paolo Bonzini <address@hidden>
(cherry picked from commit 8b9dfe9098d91e06a3dd6376624307fe5fa13be8)
Signed-off-by: Michael Roth <address@hidden>
Commit: dc9e1e798c9a967727d100da2f082e8f456c60fa
https://github.com/qemu/qemu/commit/dc9e1e798c9a967727d100da2f082e8f456c60fa
Author: Laszlo Ersek <address@hidden>
Date: 2014-02-21 (Fri, 21 Feb 2014)
Changed paths:
M vl.c
Log Message:
-----------
qemu_opts_parse(): always check return value
qemu_opts_parse() can always return NULL, even if the QemuOptsList.desc in
question would be trivial to satisfy (eg. because it's empty). For
example:
qemu_opts_parse()
opts_parse()
qemu_opts_create()
id_wellformed()
In practice:
$ .../qemu-system-x86_64 -acpitable id=3
qemu-system-x86_64: -acpitable id=3: Parameter 'id' expects an identifier
**
ERROR:vl.c:3491:main: assertion failed: (opts != NULL)
Aborted (core dumped)
$ .../qemu-system-x86_64 -smbios id=3
qemu-system-x86_64: -smbios id=3: Parameter 'id' expects an identifier
Segmentation fault (core dumped)
I checked all qemu_opts_parse() invocations (and all drive_def()
invocations too, because it blindly forwards the former's retval). Only
the two above examples look problematic.
Signed-off-by: Laszlo Ersek <address@hidden>
Reviewed-by: Markus Armbruster <address@hidden>
Message-id: address@hidden
Signed-off-by: Anthony Liguori <address@hidden>
(cherry picked from commit f46e720a82ccdf1a521cf459448f3f96ed895d43)
Signed-off-by: Michael Roth <address@hidden>
Commit: c2f6dc66bcdee73cc7fd14fd82f570ccce382a1f
https://github.com/qemu/qemu/commit/c2f6dc66bcdee73cc7fd14fd82f570ccce382a1f
Author: Cornelia Huck <address@hidden>
Date: 2014-02-21 (Fri, 21 Feb 2014)
Changed paths:
M target-s390x/cpu.h
M target-s390x/kvm.c
Log Message:
-----------
s390x/kvm: Fix diagnose handling.
The instruction intercept handler for diagnose used only the displacement
when trying to calculate the function code. This is only correct for base
0, however; we need to perform a complete base/displacement address
calculation and use bits 48-63 as the function code.
Reviewed-by: Thomas Huth <address@hidden>
Signed-off-by: Cornelia Huck <address@hidden>
Signed-off-by: Jens Freimann <address@hidden>
Signed-off-by: Alexander Graf <address@hidden>
(cherry picked from commit 638129ff475dd3b4c0e57e0be598efe41461e9b3)
Signed-off-by: Michael Roth <address@hidden>
Commit: 109b2439f01247b5c8a5313c367ec6b11cb46259
https://github.com/qemu/qemu/commit/109b2439f01247b5c8a5313c367ec6b11cb46259
Author: Corey Bryant <address@hidden>
Date: 2014-02-21 (Fri, 21 Feb 2014)
Changed paths:
M qemu-seccomp.c
Log Message:
-----------
seccomp: exit if seccomp_init() fails
This fixes a bug where we weren't exiting if seccomp_init() failed.
Signed-off-by: Corey Bryant <address@hidden>
Acked-by: Eduardo Otubo <address@hidden>
Acked-by: Paul Moore <address@hidden>
(cherry picked from commit 2a13f991123fa16841e6d94b02a9cc2c76d91725)
Signed-off-by: Michael Roth <address@hidden>
Commit: 88d08de7e5d08bfa44613e492cd64f8b3974d62e
https://github.com/qemu/qemu/commit/88d08de7e5d08bfa44613e492cd64f8b3974d62e
Author: Stefan Weil <address@hidden>
Date: 2014-02-21 (Fri, 21 Feb 2014)
Changed paths:
M hw/arm/mainstone.c
Log Message:
-----------
mainstone: Fix duplicate array values for key 'space'
cgcc reported a duplicate initialisation. Mainstone includes a matrix
keyboard where two different positions map to 'space'.
QEMU uses the reversed mapping and does not map 'space' to two different
matrix positions.
Some other keys are either missing or might be mapped wrongly (cf. Linux
kernel code). Don't fix these until someone can test them with real
hardware, but add TODO comments.
Signed-off-by: Stefan Weil <address@hidden>
Reviewed-by: Peter Maydell <address@hidden>
Signed-off-by: Michael Tokarev <address@hidden>
(cherry picked from commit 7dbc1158bc63fdbad849d21409eeeb53f5230445)
Signed-off-by: Michael Roth <address@hidden>
Commit: 15a14f2eeb76f82b742d009cf320972e7d173f49
https://github.com/qemu/qemu/commit/15a14f2eeb76f82b742d009cf320972e7d173f49
Author: Luiz Capitulino <address@hidden>
Date: 2014-02-21 (Fri, 21 Feb 2014)
Changed paths:
M migration.c
Log Message:
-----------
migration: qmp_migrate(): keep working after syntax error
If a user or QMP client enter a bad syntax for the migrate
command in QMP/HMP, then the migrate command will never succeed
from that point on.
For example, if you enter:
(qemu) migrate tcp;0:4444
migrate: Parameter 'uri' expects a valid migration protocol
Then the migrate command will always fail from now on:
(qemu) migrate tcp:0:4444
migrate: There's a migration process in progress
The problem is that qmp_migrate() sets the migration status to
MIG_STATE_SETUP and doesn't reset it on syntax error. This bug
was introduced by commit 29ae8a4133082e16970c9d4be09f4b6a15034617.
Reviewed-by: Michael R. Hines <address@hidden>
Signed-off-by: Luiz Capitulino <address@hidden>
(cherry picked from commit c950114286ea358a93ce632db0421945e1008395)
Signed-off-by: Michael Roth <address@hidden>
Commit: c426a2da12447a55f52276e763a513c81fc7c1d7
https://github.com/qemu/qemu/commit/c426a2da12447a55f52276e763a513c81fc7c1d7
Author: Alex Williamson <address@hidden>
Date: 2014-02-21 (Fri, 21 Feb 2014)
Changed paths:
M hw/misc/vfio.c
Log Message:
-----------
vfio-pci: Release all MSI-X vectors when disabled
We were relying on msix_unset_vector_notifiers() to release all the
vectors when we disable MSI-X, but this only happens when MSI-X is
still enabled on the device. Perform further cleanup by releasing
any remaining vectors listed as in-use after this call. This caused
a leak of IRQ routes on hotplug depending on how the guest OS prepared
the device for removal.
Signed-off-by: Alex Williamson <address@hidden>
Cc: address@hidden
(cherry picked from commit 3e40ba0faf0822fa78336fe6cd9d677ea9b14f1b)
Signed-off-by: Michael Roth <address@hidden>
Commit: b54720b5d65efaa10bf5f992e623accb80a5a573
https://github.com/qemu/qemu/commit/b54720b5d65efaa10bf5f992e623accb80a5a573
Author: Peter Maydell <address@hidden>
Date: 2014-02-21 (Fri, 21 Feb 2014)
Changed paths:
M block/curl.c
Log Message:
-----------
block/curl: Implement the libcurl timer callback interface
libcurl versions 7.16.0 and later have a timer callback interface which
must be implemented in order for libcurl to make forward progress (it
will sometimes rely on being called back on the timeout if there are
no file descriptors registered). Implement the callback, and use a
QEMU AIO timer to ensure we prod libcurl again when it asks us to.
Based on Peter's original patch plus my fix to add curl_multi_timeout_do.
Should compile just fine even on older versions of libcurl.
I also tried copy-on-read and streaming:
$ ./qemu-img create -f qcow2 -o \
backing_file=http://download.fedoraproject.org/pub/fedora/linux/releases/20/Live/x86_64/Fedora-Live-Desktop-x86_64-20-1.iso
\
foo.qcow2 1G
$ x86_64-softmmu/qemu-system-x86_64 \
-drive if=none,file=foo.qcow2,copy-on-read=on,id=cd \
-device ide-cd,drive=cd --enable-kvm -m 1024
Direct http usage is probably too slow, but with copy-on-read ultimately
the image does boot!
After some time, streaming gets canceled by an EIO, which needs further
investigation.
Signed-off-by: Peter Maydell <address@hidden>
Signed-off-by: Paolo Bonzini <address@hidden>
Signed-off-by: Kevin Wolf <address@hidden>
(cherry picked from commit 031fd1be5618c347f9aeb44ec294f14a541e42b2)
Signed-off-by: Michael Roth <address@hidden>
Commit: 6b7ed87665736c40bc5a001656248698e4402899
https://github.com/qemu/qemu/commit/6b7ed87665736c40bc5a001656248698e4402899
Author: Paolo Bonzini <address@hidden>
Date: 2014-02-21 (Fri, 21 Feb 2014)
Changed paths:
M hw/scsi/scsi-bus.c
Log Message:
-----------
scsi: Support TEST UNIT READY in the dummy LUN0
SeaBIOS waits for LUN0 to respond to the TEST UNIT READY command
in order to decide whether it should part of the boot sequence.
If LUN0 does not respond to the command, boot is delayed by up
to 5 seconds. This currently happens when there is no LUN0 on
a target. Fix that by adding a trivial implementation of the
command.
Cc: address@hidden
Signed-off-by: Paolo Bonzini <address@hidden>
(cherry picked from commit 1cb27d9233d572826b45bd8498d2fab1b6f01df9)
Signed-off-by: Michael Roth <address@hidden>
Commit: ad0a6444adf5cb21304fddcf594b2bb563cceaf8
https://github.com/qemu/qemu/commit/ad0a6444adf5cb21304fddcf594b2bb563cceaf8
Author: Paolo Bonzini <address@hidden>
Date: 2014-02-21 (Fri, 21 Feb 2014)
Changed paths:
M hw/scsi/scsi-disk.c
Log Message:
-----------
scsi: Assign cancel_io vector for scsi_disk_emulate_ops
Some emulated disk operations (MODE SELECT, UNMAP, WRITE SAME)
can trigger asynchronous I/Os. Provide the cancel_io callback
to ensure that AIOCBs are properly cleaned up.
Signed-off-by: Eric Farman <address@hidden>
Cc: address@hidden
[Tweak commit message. - Paolo]
Signed-off-by: Paolo Bonzini <address@hidden>
(cherry picked from commit 33325a53f15ab5370e1917b2a11cadffc77c5a52)
Signed-off-by: Michael Roth <address@hidden>
Commit: 30a0fc36075aee75db639db9b9bc70dc682656d7
https://github.com/qemu/qemu/commit/30a0fc36075aee75db639db9b9bc70dc682656d7
Author: Eric Farman <address@hidden>
Date: 2014-02-21 (Fri, 21 Feb 2014)
Changed paths:
M hw/scsi/virtio-scsi.c
Log Message:
-----------
virtio-scsi: Cleanup of I/Os that never started
There is still a small window that occurs when a cancel I/O affects
an asynchronous I/O operation that hasn't started. In other words,
when the residual data length equals the expected data length.
Today, the routine virtio_scsi_command_complete fails because the
VirtIOSCSIReq pointer (from the hba_private field in SCSIRequest)
was cleared earlier when virtio_scsi_complete_req was called by
the virtio_scsi_request_cancelled routine. As a result, the
virtio_scsi_command_complete routine needs to simply return when
it is processing a SCSIRequest block that was marked canceled.
Signed-off-by: Eric Farman <address@hidden>
Cc: address@hidden
Signed-off-by: Paolo Bonzini <address@hidden>
(cherry picked from commit e9c0f0f58ad0a41c3c4b19e1911cfe095afc09ca)
Signed-off-by: Michael Roth <address@hidden>
Commit: a5221ee1430928ac013f9723134dacb62359247e
https://github.com/qemu/qemu/commit/a5221ee1430928ac013f9723134dacb62359247e
Author: Eric Farman <address@hidden>
Date: 2014-02-21 (Fri, 21 Feb 2014)
Changed paths:
M hw/scsi/virtio-scsi.c
Log Message:
-----------
virtio-scsi: Prevent assertion on missed events
In some cases, an unplug can cause events to be dropped, which
leads to an assertion failure when preparing to notify the guest
kernel.
Signed-off-by: Eric Farman <address@hidden>
Cc: address@hidden
Signed-off-by: Paolo Bonzini <address@hidden>
(cherry picked from commit 49fb65c7f985baa56d2964e0a85c1f098e3e2a9d)
Signed-off-by: Michael Roth <address@hidden>
Commit: 47c6edce7a2ed614bfe40c5d542275330975d1b6
https://github.com/qemu/qemu/commit/47c6edce7a2ed614bfe40c5d542275330975d1b6
Author: thomas knych <address@hidden>
Date: 2014-02-21 (Fri, 21 Feb 2014)
Changed paths:
M kvm-all.c
Log Message:
-----------
KVM: Retry KVM_CREATE_VM on EINTR
Upstreaming this change from Android
(https://android-review.googlesource.com/54211).
On heavily loaded machines with many VM instances we see KVM_CREATE_VM
failing with EINTR on this path:
kvm_dev_ioctl_create_vm -> kvm_create_vm -> kvm_init_mmu_notifier ->
mmu_notifier_register -> do_mmu_notifier_register -> mm_take_all_locks
which checks if any signals have been raised while it was attaining locks
and returns EINTR. Retrying the system call greatly improves reliability.
Cc: address@hidden
Signed-off-by: thomas knych <address@hidden>
Signed-off-by: Paolo Bonzini <address@hidden>
(cherry picked from commit 94ccff133820552a859c0fb95e33a539e0b90a75)
Signed-off-by: Michael Roth <address@hidden>
Commit: 6b579c8c53d15dd67c5103d2476b8da73c321148
https://github.com/qemu/qemu/commit/6b579c8c53d15dd67c5103d2476b8da73c321148
Author: Stefan Weil <address@hidden>
Date: 2014-02-21 (Fri, 21 Feb 2014)
Changed paths:
M hw/i386/bios-linker-loader.c
Log Message:
-----------
i386: Add missing include file for QEMU_PACKED
Instead of packing BiosLinkerLoaderEntry, an unused global variable called
QEMU_PACKED was created (detected by smatch static code analysis).
Including qemu-common.h gets the right definition and also includes some
standard include files which now can be removed here.
Cc: address@hidden
Signed-off-by: Stefan Weil <address@hidden>
Signed-off-by: Michael Tokarev <address@hidden>
(cherry picked from commit c428c5a21ce9a9861839ee544afd10638016e3f5)
Signed-off-by: Michael Roth <address@hidden>
Commit: 424388980dbcaf812ad2863cf3af9c6ed63dc915
https://github.com/qemu/qemu/commit/424388980dbcaf812ad2863cf3af9c6ed63dc915
Author: Stefan Weil <address@hidden>
Date: 2014-02-21 (Fri, 21 Feb 2014)
Changed paths:
M linux-user/signal.c
Log Message:
-----------
linux-user: Fix trampoline code for CRIS
__put_user can write bytes, words (2 bytes) or longwords (4 bytes).
Here obviously words should have been written, but bytes were written,
so values like 0x9c5f were truncated to 0x5f.
Fix this by changing retcode from uint8_t to to uint16_t in
target_signal_frame and also in the unused rt_signal_frame.
This problem was reported by static code analysis (smatch).
Cc: address@hidden
Signed-off-by: Stefan Weil <address@hidden>
Acked-by: Riku Voipio <address@hidden>
Reviewed-by: Peter Maydell <address@hidden>
Tested-by: Edgar E. Iglesias <address@hidden>
Reviewed-by: Edgar E. Iglesias <address@hidden>
Signed-off-by: Edgar E. Iglesias <address@hidden>
(cherry picked from commit 8cfc114a2f293c40077d1bdb7500b29db359ca22)
Signed-off-by: Michael Roth <address@hidden>
Commit: ec6428b598b599e385d70057f6dbecea9ad52455
https://github.com/qemu/qemu/commit/ec6428b598b599e385d70057f6dbecea9ad52455
Author: Mark Cave-Ayland <address@hidden>
Date: 2014-02-21 (Fri, 21 Feb 2014)
Changed paths:
M pc-bios/QEMU,tcx.bin
M pc-bios/README
M pc-bios/openbios-ppc
M pc-bios/openbios-sparc32
M pc-bios/openbios-sparc64
M roms/openbios
Log Message:
-----------
Update OpenBIOS images
Update OpenBIOS images to SVN r1246 built from submodule.
Signed-off-by: Mark Cave-Ayland <address@hidden>
(cherry picked from commit fbb9c590cacf1cefb516f523427a920c2fe8c135)
Signed-off-by: Michael Roth <address@hidden>
Commit: 819ddf7d1fbcb74ecab885dc35fea741c6316b17
https://github.com/qemu/qemu/commit/819ddf7d1fbcb74ecab885dc35fea741c6316b17
Author: Paolo Bonzini <address@hidden>
Date: 2014-02-21 (Fri, 21 Feb 2014)
Changed paths:
M exec.c
Log Message:
-----------
memory: fix limiting of translation at a page boundary
Commit 360e607 (address_space_translate: do not cross page boundaries,
2014-01-30) broke MMIO accesses in cases where the section is shorter
than the full register width. This can happen for example with the
Bochs DISPI registers, which are 16 bits wide but have only a 1-byte
long MemoryRegion (if you write to the "second byte" of the register
your access is discarded; it doesn't write only to half of the register).
Restrict the action of commit 360e607 to direct RAM accesses. This
is enough for Xen, since MMIO will not go through the mapcache.
Reported-by: Mark Cave-Ayland <address@hidden>
Cc: address@hidden
Signed-off-by: Paolo Bonzini <address@hidden>
Tested-by: Mark Cave-Ayland <address@hidden>
Signed-off-by: Peter Maydell <address@hidden>
(cherry picked from commit a87f39543a9259f671c5413723311180ee2ad2a8)
Signed-off-by: Michael Roth <address@hidden>
Commit: 2cd72adb1c0ec75164f8fa296ace3221f03c3ab8
https://github.com/qemu/qemu/commit/2cd72adb1c0ec75164f8fa296ace3221f03c3ab8
Author: Huw Davies <address@hidden>
Date: 2014-02-21 (Fri, 21 Feb 2014)
Changed paths:
M tcg/arm/tcg-target.c
Log Message:
-----------
tcg-arm: The shift count of op_rotl_i32 is in args[2] not args[1].
It's this that should be subtracted from 0x20 when converting to a right rotate.
Cc: address@hidden
Signed-off-by: Huw Davies <address@hidden>
Signed-off-by: Richard Henderson <address@hidden>
(cherry picked from commit 7a3a00979d9dfe2aaa66ce5fc68cd161b4f900ba)
Signed-off-by: Michael Roth <address@hidden>
Commit: c885105bf3dc367019daba2926ecec150452a9b5
https://github.com/qemu/qemu/commit/c885105bf3dc367019daba2926ecec150452a9b5
Author: Paolo Bonzini <address@hidden>
Date: 2014-02-21 (Fri, 21 Feb 2014)
Changed paths:
M hw/audio/adlib.c
Log Message:
-----------
adlib: fix patching of port I/O addresses
Commit 2b21fb5 (adlib: sort offsets in portio registration, 2013-08-14)
fixed the offsets in adlib_portio_list, but forgot the matching indices
in adlib_realizefn.
Reported at http://virtuallyfun.superglobalmegacorp.com/?p=3616 by
"neozeed".
Signed-off-by: Paolo Bonzini <address@hidden>
Reviewed-by: Hervé Poussineau <address@hidden>
Signed-off-by: Gerd Hoffmann <address@hidden>
(cherry picked from commit 7f0ba7bb4378f22b017e08947219a352d491bac4)
Signed-off-by: Michael Roth <address@hidden>
Commit: 68e3bb1128f792407550f47de444f5814e8d18a8
https://github.com/qemu/qemu/commit/68e3bb1128f792407550f47de444f5814e8d18a8
Author: Tomoki Sekiyama <address@hidden>
Date: 2014-02-25 (Tue, 25 Feb 2014)
Changed paths:
M qga/vss-win32/provider.cpp
M qga/vss-win32/requester.cpp
Log Message:
-----------
qga: vss-win32: Use NULL as an invalid pointer for OpenEvent and CreateEvent
OpenEvent and CreateEvent WinAPI return NULL when failed to open/create
events handles, instead of INVALID_HANDLE_VALUE (although their return
types are HANDLE).
This replaces INVALID_HANDLE_VALUE related to event handles with NULL.
Signed-off-by: Tomoki Sekiyama <address@hidden>
Reviewed-by: Gal Hammer <address@hidden>
Reviewed-by: Yan Vugenfirer <address@hidden>
Signed-off-by: Michael Roth <address@hidden>
(cherry picked from commit 4c1b8f1e8357d85c613d779596e4079cc581d74f)
Signed-off-by: Michael Roth <address@hidden>
Commit: 5e5d4fc68e1e0bcc29ab2354f32c37a754fd9192
https://github.com/qemu/qemu/commit/5e5d4fc68e1e0bcc29ab2354f32c37a754fd9192
Author: Tomoki Sekiyama <address@hidden>
Date: 2014-02-25 (Tue, 25 Feb 2014)
Changed paths:
M qga/vss-win32/provider.cpp
M qga/vss-win32/requester.cpp
Log Message:
-----------
qga: vss-win32: Fix interference with snapshot creation by other VSS
requesters
When a VSS requester such as vshadow.exe or diskshadow.exe requests to
create disk snapshots, Windows may choose qemu-ga VSS provider if it is
only provider registered on the system. However, because it provides only a
function to freeze the filesystem, the snapshotting fails.
This patch adds a check into CQGAVssProvider::IsVolumeSupported() to reject
the request from other VSS requesters, so that the other provider is chosen.
The check of requester is done by confirming event channels between
qemu-ga's requester and provider established. To ensure that the events are
initialized when CQGAVssProvider::IsVolumeSupported() is called, it moves
the initialization earlier.
Signed-off-by: Tomoki Sekiyama <address@hidden>
Reviewed-by: Gal Hammer <address@hidden>
Reviewed-by: Yan Vugenfirer <address@hidden>
Signed-off-by: Michael Roth <address@hidden>
(cherry picked from commit ff8adbcfdbbd9c0f2b01ff8a32bc75082fdd9844)
Signed-off-by: Michael Roth <address@hidden>
Commit: 6d0a48acd8442e1a74443c190b58c60547788fdc
https://github.com/qemu/qemu/commit/6d0a48acd8442e1a74443c190b58c60547788fdc
Author: Tomoki Sekiyama <address@hidden>
Date: 2014-02-25 (Tue, 25 Feb 2014)
Changed paths:
M qga/vss-win32/provider.cpp
Log Message:
-----------
qga: vss-win32: Fix interference with snapshot deletion by other VSS request
When a VSS requester such as vshadow.exe or diskshadow.exe requests to
delete snapshots, qemu-ga VSS provider's DeleteSnapshots() is also called
and returns E_NOTIMPL, that makes the deletion fail.
To avoid this issue, return S_OK and set values that represent no snapshots
are deleted by qemu-ga VSS provider.
Signed-off-by: Tomoki Sekiyama <address@hidden>
Reviewed-by: Gal Hammer <address@hidden>
Reviewed-by: Yan Vugenfirer <address@hidden>
Signed-off-by: Michael Roth <address@hidden>
(cherry picked from commit d9e1f574cb6eac0a3a2f97b67d2e7a3ad9c1dc95)
Signed-off-by: Michael Roth <address@hidden>
Commit: 4736fb34f7d6ca2962c0a943ca4835fd25ca6140
https://github.com/qemu/qemu/commit/4736fb34f7d6ca2962c0a943ca4835fd25ca6140
Author: Markus Armbruster <address@hidden>
Date: 2014-02-25 (Tue, 25 Feb 2014)
Changed paths:
M qga/commands-posix.c
Log Message:
-----------
qga: Fix memory allocation pasto
qmp_guest_file_seek() allocates memory for a GuestFileRead object
instead of the GuestFileSeek object it actually uses. Harmless,
because the GuestFileRead is slightly larger.
Signed-off-by: Markus Armbruster <address@hidden>
Reviewed-by: Eric Blake <address@hidden>
Signed-off-by: Michael Roth <address@hidden>
(cherry picked from commit 10b7c5dd0da1a92182e87f5fc1887d779ad1a9e8)
Signed-off-by: Michael Roth <address@hidden>
Commit: e498311693377ee6aa599a37c643d364f7072170
https://github.com/qemu/qemu/commit/e498311693377ee6aa599a37c643d364f7072170
Author: Peter Maydell <address@hidden>
Date: 2014-02-27 (Thu, 27 Feb 2014)
Changed paths:
M hw/misc/arm_sysctl.c
Log Message:
-----------
hw/misc/arm_sysctl: Fix bad boundary check on mb clock accesses
Fix incorrect use of sizeof() rather than ARRAY_SIZE() to guard
accesses into the mb_clock[] array, which was allowing a malicious
guest to overwrite the end of the array.
Signed-off-by: Peter Maydell <address@hidden>
Reviewed-by: Paolo Bonzini <address@hidden>
Reviewed-by: Andreas Färber <address@hidden>
Message-id: address@hidden
Cc: address@hidden
(cherry picked from commit ec1efab95767312ff4afb816d0d4b548e093b031)
Signed-off-by: Michael Roth <address@hidden>
Commit: 5444df15819cc1fa5a95876967d726b80f594e31
https://github.com/qemu/qemu/commit/5444df15819cc1fa5a95876967d726b80f594e31
Author: Peter Maydell <address@hidden>
Date: 2014-02-27 (Thu, 27 Feb 2014)
Changed paths:
M hw/timer/arm_timer.c
Log Message:
-----------
hw/timer/arm_timer: Avoid array overrun for bad addresses
The integrator's timer read/write functions log an error for
bad addresses in guest accesses, but were falling through and
using an out of bounds array index rather than returning early.
Fix this.
Signed-off-by: Peter Maydell <address@hidden>
Reviewed-by: Paolo Bonzini <address@hidden>
Reviewed-by: Andreas Färber <address@hidden>
Message-id: address@hidden
Cc: address@hidden
(cherry picked from commit cba933b2257ef0ad241756a0ff86bc0acda685ca)
Signed-off-by: Michael Roth <address@hidden>
Commit: ff51a1d589b07d7f95a5355b31a9f962203fd9cd
https://github.com/qemu/qemu/commit/ff51a1d589b07d7f95a5355b31a9f962203fd9cd
Author: Peter Maydell <address@hidden>
Date: 2014-02-27 (Thu, 27 Feb 2014)
Changed paths:
M hw/intc/exynos4210_combiner.c
Log Message:
-----------
hw/intc/exynos4210_combiner: Don't overrun output_irq array in init
The Exynos4210 combiner has IIC_NIRQ inputs and IIC_NGRP outputs;
use the correct constant in the loop initializing our output
sysbus IRQs so that we don't overrun the output_irq[] array.
Signed-off-by: Peter Maydell <address@hidden>
Message-id: address@hidden
Reviewed-by: Andreas Färber <address@hidden>
Cc: address@hidden
(cherry picked from commit fce0a826083e0416981e2ea9518ce5faa75b81a3)
Signed-off-by: Michael Roth <address@hidden>
Commit: fa98e47a250516d83dd3712e9456bf795c83627b
https://github.com/qemu/qemu/commit/fa98e47a250516d83dd3712e9456bf795c83627b
Author: Peter Maydell <address@hidden>
Date: 2014-02-27 (Thu, 27 Feb 2014)
Changed paths:
M hw/arm/musicpal.c
Log Message:
-----------
hw/arm/musicpal: Remove nonexistent CDTP2, CDTP3 registers
The ethernet device in the musicpal only has two tx queues,
but we modelled it with four CTDP registers, presumably a
cut and paste from the rx queue registers. Since the tx_queue[]
array is only 2 entries long this allowed a guest to overrun
this buffer. Remove the nonexistent registers.
Signed-off-by: Peter Maydell <address@hidden>
Message-id: address@hidden
Acked-by: Jan Kiszka <address@hidden>
Cc: address@hidden
(cherry picked from commit cf143ad35018c5fc1da6365b45acda2b34aba90a)
Signed-off-by: Michael Roth <address@hidden>
Commit: e50218c2697812c7f2068f190a2868e4836874fe
https://github.com/qemu/qemu/commit/e50218c2697812c7f2068f190a2868e4836874fe
Author: Christoffer Dall <address@hidden>
Date: 2014-02-27 (Thu, 27 Feb 2014)
Changed paths:
M hw/intc/gic_internal.h
Log Message:
-----------
hw/intc/arm_gic: Fix GIC_SET_LEVEL
The GIC_SET_LEVEL macro unfortunately overwrote the entire level
bitmask instead of just or'ing on the necessary bits, causing active
level PPIs on a core to clear PPIs on other cores.
Cc: address@hidden
Reported-by: Rob Herring <address@hidden>
Signed-off-by: Christoffer Dall <address@hidden>
Message-id: address@hidden
Signed-off-by: Peter Maydell <address@hidden>
(cherry picked from commit 6453fa998a11e133e673c0a613b88484a8231d1d)
Signed-off-by: Michael Roth <address@hidden>
Commit: d689974b513f29342d65ffc991c6c1a4437d5d1d
https://github.com/qemu/qemu/commit/d689974b513f29342d65ffc991c6c1a4437d5d1d
Author: Alexander Graf <address@hidden>
Date: 2014-02-27 (Thu, 27 Feb 2014)
Changed paths:
M kvm-all.c
Log Message:
-----------
KVM: Use return value for error print
Commit 94ccff13 introduced a more verbose failure message and retry
operations on KVM VM creation. However, it ended up using a variable
for its failure message that hasn't been initialized yet.
Fix it to use the value it meant to set.
Cc: address@hidden
Signed-off-by: Alexander Graf <address@hidden>
Signed-off-by: Paolo Bonzini <address@hidden>
(cherry picked from commit 521f438e36b0265d66862e9cd35e4db82686ca9f)
Signed-off-by: Michael Roth <address@hidden>
Commit: ba014af39c6f9ee5af70d39ef495ac9f2bd4a76c
https://github.com/qemu/qemu/commit/ba014af39c6f9ee5af70d39ef495ac9f2bd4a76c
Author: Michael Roth <address@hidden>
Date: 2014-03-03 (Mon, 03 Mar 2014)
Changed paths:
M VERSION
Log Message:
-----------
Update VERSION for 1.7.1 release
Signed-off-by: Michael Roth <address@hidden>
Compare: https://github.com/qemu/qemu/compare/f47542925e33^...ba014af39c6f
| [Prev in Thread] |
Current Thread |
[Next in Thread] |
- [Qemu-commits] [qemu/qemu] f47542: virtio-ccw: move virtio_ccw_stop_ioeventfd to virt...,
GitHub <=