From 61348b076bf9b8cb31bdd26d2eeb41882ee27282 Mon Sep 17 00:00:00 2001 From: Kevin Wolf Date: Sat, 23 May 2009 11:21:33 +0200 Subject: e1000: Ignore reset command When a reset is requested, the current e1000 emulation never clears the reset bit which may cause a driver to hang. This patch masks the reset bit out when setting the control registert, so the reset is immediately completed. Signed-off-by: Kevin Wolf Signed-off-by: Anthony Liguori --- hw/e1000.c | 11 +++++++++-- 1 file changed, 9 insertions(+), 2 deletions(-) diff --git a/hw/e1000.c b/hw/e1000.c index 940e893ba..8c1741f17 100644 --- a/hw/e1000.c +++ b/hw/e1000.c @@ -189,6 +189,13 @@ rxbufsize(uint32_t v) return 2048; } +static void +set_ctrl(E1000State *s, int index, uint32_t val) +{ + /* RST is self clearing */ + s->mac_reg[CTRL] = val & ~E1000_CTRL_RST; +} + static void set_rx_control(E1000State *s, int index, uint32_t val) { @@ -783,12 +790,12 @@ enum { NREADOPS = ARRAY_SIZE(macreg_readops) }; static void (*macreg_writeops[])(E1000State *, int, uint32_t) = { putreg(PBA), putreg(EERD), putreg(SWSM), putreg(WUFC), putreg(TDBAL), putreg(TDBAH), putreg(TXDCTL), putreg(RDBAH), - putreg(RDBAL), putreg(LEDCTL), putreg(CTRL), putreg(VET), + putreg(RDBAL), putreg(LEDCTL), putreg(VET), [TDLEN] = set_dlen, [RDLEN] = set_dlen, [TCTL] = set_tctl, [TDT] = set_tctl, [MDIC] = set_mdic, [ICS] = set_ics, [TDH] = set_16bit, [RDH] = set_16bit, [RDT] = set_rdt, [IMC] = set_imc, [IMS] = set_ims, [ICR] = set_icr, - [EECD] = set_eecd, [RCTL] = set_rx_control, + [EECD] = set_eecd, [RCTL] = set_rx_control, [CTRL] = set_ctrl, [RA ... RA+31] = &mac_writereg, [MTA ... MTA+127] = &mac_writereg, [VFTA ... VFTA+127] = &mac_writereg, -- cgit v1.2.3 From 738208b656004e3e7a727b546107556213fbca82 Mon Sep 17 00:00:00 2001 From: Stefan Weil Date: Sun, 24 May 2009 22:33:34 +0200 Subject: VNC: Fix memory allocation (wrong structure size). Pointer vs addresses a VncDisplay structure, so it is sufficient to allocate sizeof(VncDisplay) or sizeof(*vs) bytes instead of the much larger sizeof(VncState). Maybe the misleading name should be fixed, too: the code contains many places where vs is used, sometimes it is a VncState *, sometimes it is a VncDisplay *. vd would be a better name. Signed-off-by: Stefan Weil Signed-off-by: Anthony Liguori --- vnc.c | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/vnc.c b/vnc.c index 783df8058..1d8ebe7b6 100644 --- a/vnc.c +++ b/vnc.c @@ -2306,9 +2306,8 @@ static void vnc_listen_read(void *opaque) void vnc_display_init(DisplayState *ds) { - VncDisplay *vs; + VncDisplay *vs = qemu_mallocz(sizeof(*vs)); - vs = qemu_mallocz(sizeof(VncState)); dcl = qemu_mallocz(sizeof(DisplayChangeListener)); ds->opaque = vs; -- cgit v1.2.3 From 5982abd9ca27b80e5d006982c427a5299e080fe9 Mon Sep 17 00:00:00 2001 From: Christoph Hellwig Date: Mon, 25 May 2009 10:08:52 +0200 Subject: fix raw_pread_aligned return value raw_pread_aligned currently returns the raw return value from lseek/read, which is always -1 in case of an error. But the callers higher up the stack expect it to return the negated errno just like raw_pwrite_aligned. Signed-off-by: Christoph Hellwig Signed-off-by: Anthony Liguori --- block-raw-posix.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/block-raw-posix.c b/block-raw-posix.c index 85ca70494..af3d46875 100644 --- a/block-raw-posix.c +++ b/block-raw-posix.c @@ -234,7 +234,7 @@ static int raw_pread_aligned(BlockDriverState *bs, int64_t offset, label__raw_read__success: - return ret; + return (ret < 0) ? -errno : ret; } /* -- cgit v1.2.3 From 71c55593c056db5cb80fd40889fa3c5ab9e8ad34 Mon Sep 17 00:00:00 2001 From: Chris Lalancette Date: Mon, 25 May 2009 16:38:23 +0200 Subject: Allow monitor interaction when using migrate -exec All, I've recently been playing around with migration via exec. Unfortunately, when starting the incoming qemu process with "-incoming exec:cmd", it suffers the same problem that -incoming tcp used to suffer; namely, that you can't interact with the monitor until after the migration has happened. This causes problems for libvirt usage of -incoming exec, since libvirt expects to be able to access the monitor ahead of time. This fairly simple patch allows you to access the monitor both before and after the migration has completed using exec. (note: developed/tested with qemu-kvm, but applies perfectly fine to qemu) Signed-off-by: Chris Lalancette Signed-off-by: Anthony Liguori --- hw/hw.h | 1 + migration-exec.c | 33 ++++++++++++++++++++++----------- savevm.c | 12 +++++++++++- 3 files changed, 34 insertions(+), 12 deletions(-) diff --git a/hw/hw.h b/hw/hw.h index d0cf59820..83ab3bcca 100644 --- a/hw/hw.h +++ b/hw/hw.h @@ -37,6 +37,7 @@ QEMUFile *qemu_fopen(const char *filename, const char *mode); QEMUFile *qemu_fopen_socket(int fd); QEMUFile *qemu_popen(FILE *popen_file, const char *mode); QEMUFile *qemu_popen_cmd(const char *command, const char *mode); +int qemu_popen_fd(QEMUFile *f); void qemu_fflush(QEMUFile *f); int qemu_fclose(QEMUFile *f); void qemu_put_buffer(QEMUFile *f, const uint8_t *buf, int size); diff --git a/migration-exec.c b/migration-exec.c index 6ed322a98..8e622437f 100644 --- a/migration-exec.c +++ b/migration-exec.c @@ -108,17 +108,11 @@ err_after_alloc: return NULL; } -int exec_start_incoming_migration(const char *command) +static void exec_accept_incoming_migration(void *opaque) { + QEMUFile *f = opaque; int ret; - QEMUFile *f; - dprintf("Attempting to start an incoming migration\n"); - f = qemu_popen_cmd(command, "r"); - if(f == NULL) { - dprintf("Unable to apply qemu wrapper to popen file\n"); - return -errno; - } vm_stop(0); /* just in case */ ret = qemu_loadvm_state(f); if (ret < 0) { @@ -127,11 +121,28 @@ int exec_start_incoming_migration(const char *command) } qemu_announce_self(); dprintf("successfully loaded vm state\n"); + /* we've successfully migrated, close the fd */ + qemu_set_fd_handler2(qemu_popen_fd(f), NULL, NULL, NULL, NULL); vm_start(); - qemu_fclose(f); - return 0; err: qemu_fclose(f); - return -errno; +} + +int exec_start_incoming_migration(const char *command) +{ + QEMUFile *f; + + dprintf("Attempting to start an incoming migration\n"); + f = qemu_popen_cmd(command, "r"); + if(f == NULL) { + dprintf("Unable to apply qemu wrapper to popen file\n"); + return -errno; + } + + qemu_set_fd_handler2(qemu_popen_fd(f), NULL, + exec_accept_incoming_migration, NULL, + (void *)(unsigned long)f); + + return 0; } diff --git a/savevm.c b/savevm.c index cd833504e..cb6cd2e43 100644 --- a/savevm.c +++ b/savevm.c @@ -224,7 +224,6 @@ QEMUFile *qemu_popen(FILE *popen_file, const char *mode) } else { s->file = qemu_fopen_ops(s, popen_put_buffer, NULL, popen_close, NULL); } - fprintf(stderr, "qemu_popen: returning result of qemu_fopen_ops\n"); return s->file; } @@ -240,6 +239,17 @@ QEMUFile *qemu_popen_cmd(const char *command, const char *mode) return qemu_popen(popen_file, mode); } +int qemu_popen_fd(QEMUFile *f) +{ + QEMUFilePopen *p; + int fd; + + p = (QEMUFilePopen *)f->opaque; + fd = fileno(p->popen_file); + + return fd; +} + QEMUFile *qemu_fopen_socket(int fd) { QEMUFileSocket *s = qemu_mallocz(sizeof(QEMUFileSocket)); -- cgit v1.2.3 From 700ece804fd12cc76f42df74e8c3bcab4134e778 Mon Sep 17 00:00:00 2001 From: aliguori Date: Tue, 21 Apr 2009 19:56:11 +0000 Subject: net: Fix -net socket,listen (Jan Kiszka) In case no symbolic name is provided when requesting VLAN connection via listening TCP socket ('-net socket,listen=...'), qemu crashes. This fixes the cause. Signed-off-by: Jan Kiszka Signed-off-by: Anthony Liguori Signed-off-by: Glauber Costa --- net.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/net.c b/net.c index ae5442180..3938a029c 100644 --- a/net.c +++ b/net.c @@ -1468,7 +1468,7 @@ static int net_socket_listen_init(VLANState *vlan, } s->vlan = vlan; s->model = strdup(model); - s->name = strdup(name); + s->name = name ? strdup(name) : NULL; s->fd = fd; qemu_set_fd_handler(fd, net_socket_accept, NULL, s); return 0; -- cgit v1.2.3 From a8bc8570fa195ce5bb9a39d7b6d8d3a5f1b4fe5b Mon Sep 17 00:00:00 2001 From: Gleb Natapov Date: Thu, 21 May 2009 17:17:43 +0300 Subject: Minimal ethernet frame length is 64 bytes. Signed-off-by: Gleb Natapov Signed-off-by: Anthony Liguori Signed-off-by: Glauber Costa --- savevm.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/savevm.c b/savevm.c index cb6cd2e43..f186c5eb7 100644 --- a/savevm.c +++ b/savevm.c @@ -103,12 +103,13 @@ static int announce_self_create(uint8_t *buf, /* FIXME: should we send a different packet (arp/rarp/ping)? */ + memset(buf, 0, 64); memset(buf, 0xff, 6); /* h_dst */ memcpy(buf + 6, mac_addr, 6); /* h_src */ memcpy(buf + 12, &proto, 2); /* h_proto */ memcpy(buf + 14, &magic, 4); /* magic */ - return 18; /* len */ + return 64; /* len */ } void qemu_announce_self(void) -- cgit v1.2.3 From 9fb2ec9a1ea51b01cd8e001fd7e87408775fd6e3 Mon Sep 17 00:00:00 2001 From: Gleb Natapov Date: Thu, 21 May 2009 17:17:44 +0300 Subject: Don't send all gratuitous packets at once. Use timer to separate them in time. Signed-off-by: Gleb Natapov Signed-off-by: Anthony Liguori Signed-off-by: Glauber Costa --- savevm.c | 24 +++++++++++++++++++----- 1 file changed, 19 insertions(+), 5 deletions(-) diff --git a/savevm.c b/savevm.c index f186c5eb7..54137f87f 100644 --- a/savevm.c +++ b/savevm.c @@ -112,23 +112,37 @@ static int announce_self_create(uint8_t *buf, return 64; /* len */ } -void qemu_announce_self(void) +static void qemu_announce_self_once(void *opaque) { - int i, j, len; + int i, len; VLANState *vlan; VLANClientState *vc; uint8_t buf[256]; + static int count = SELF_ANNOUNCE_ROUNDS; + QEMUTimer *timer = *(QEMUTimer **)opaque; for (i = 0; i < MAX_NICS; i++) { if (!nd_table[i].used) continue; len = announce_self_create(buf, nd_table[i].macaddr); vlan = nd_table[i].vlan; - for(vc = vlan->first_client; vc != NULL; vc = vc->next) { - for (j=0; j < SELF_ANNOUNCE_ROUNDS; j++) - vc->fd_read(vc->opaque, buf, len); + for(vc = vlan->first_client; vc != NULL; vc = vc->next) { + vc->fd_read(vc->opaque, buf, len); } } + if (count--) { + qemu_mod_timer(timer, qemu_get_clock(rt_clock) + 100); + } else { + qemu_del_timer(timer); + qemu_free_timer(timer); + } +} + +void qemu_announce_self(void) +{ + static QEMUTimer *timer; + timer = qemu_new_timer(rt_clock, qemu_announce_self_once, &timer); + qemu_announce_self_once(&timer); } /***********************************************************/ -- cgit v1.2.3 From 75204ffc5b401a0df1cd611f8c98224c4fd21960 Mon Sep 17 00:00:00 2001 From: Jason Wessel Date: Mon, 18 May 2009 10:00:27 -0500 Subject: serial: fix lost character after sysrq After creating an automated regression test to test the sysrq responses while running a linux image in qemu, I found that the simulated uart was eating the character right after the sysrq about 75% of the time. The problem is that the qemu sets the LSR_DR (data ready) bit on a serial break. The automated tests can send a break and the sysrq character quickly enough that the qemu serial fifo has a real character available. When there is valid character in the fifo, it gets consumed by the serial driver in the guest OS. The real hardware also appears to set the LSR_DR but always appears to have a null byte in this condition. This patch changes the qemu behavior to match the tested characteristics of a real 16550 chip. Signed-off-by: Jason Wessel Signed-off-by: Glauber Costa Signed-off-by: Anthony Liguori --- hw/serial.c | 2 ++ 1 file changed, 2 insertions(+) diff --git a/hw/serial.c b/hw/serial.c index ac089fce6..113829c20 100644 --- a/hw/serial.c +++ b/hw/serial.c @@ -586,6 +586,8 @@ static int serial_can_receive(SerialState *s) static void serial_receive_break(SerialState *s) { s->rbr = 0; + /* When the LSR_DR is set a null byte is pushed into the fifo */ + fifo_put(s, RECV_FIFO, '\0'); s->lsr |= UART_LSR_BI | UART_LSR_DR; serial_update_irq(s); } -- cgit v1.2.3 From d13317e197da0e85ba9b57332182c6363aee085d Mon Sep 17 00:00:00 2001 From: Stefan Weil Date: Tue, 9 Jun 2009 23:36:03 +0200 Subject: Fix prototype of function zfree. (cherry picked from commit d084eab6f820bf914d798a99eaa4f20113f6e151) Signed-off-by: Stefan Weil Signed-off-by: Anthony Liguori --- loader.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/loader.c b/loader.c index 55625cf5b..23bb03982 100644 --- a/loader.c +++ b/loader.c @@ -383,7 +383,7 @@ static void *zalloc(void *x, unsigned items, unsigned size) return (p); } -static void zfree(void *x, void *addr, unsigned nb) +static void zfree(void *x, void *addr) { qemu_free(addr); } @@ -431,7 +431,7 @@ static ssize_t gunzip(void *dst, size_t dstlen, uint8_t *src, } s.zalloc = zalloc; - s.zfree = (free_func)zfree; + s.zfree = zfree; r = inflateInit2(&s, -MAX_WBITS); if (r != Z_OK) { -- cgit v1.2.3 From 936d7bf94412d08933389139631531ebc85b66ea Mon Sep 17 00:00:00 2001 From: Uri Lublin Date: Mon, 8 Jun 2009 19:27:21 +0300 Subject: exec-migration: handle EINTR in popen_get_buffer() Sometimes, upon interrupt, fread returns with no data, and the (incoming exec) migration fails. Fix by retrying on such a case. (cherry picked from commit 8a67ec4d84f7db9add9a0b017a968d340fbfb807) Signed-off-by: Uri Lublin Signed-off-by: Anthony Liguori --- savevm.c | 9 ++++++++- 1 file changed, 8 insertions(+), 1 deletion(-) diff --git a/savevm.c b/savevm.c index 54137f87f..c7bc398d9 100644 --- a/savevm.c +++ b/savevm.c @@ -210,7 +210,14 @@ static int popen_put_buffer(void *opaque, const uint8_t *buf, int64_t pos, int s static int popen_get_buffer(void *opaque, uint8_t *buf, int64_t pos, int size) { QEMUFilePopen *s = opaque; - return fread(buf, 1, size, s->popen_file); + FILE *fp = s->popen_file; + int bytes; + + do { + clearerr(fp); + bytes = fread(buf, 1, size, fp); + } while ((bytes == 0) && ferror(fp) && (errno == EINTR)); + return bytes; } static int popen_close(void *opaque) -- cgit v1.2.3 From 17489dd7e9605eaac85290ba9d15211914064e59 Mon Sep 17 00:00:00 2001 From: Uri Lublin Date: Mon, 8 Jun 2009 14:28:01 +0300 Subject: migrate_fd_close: delete associated io-handler before closing the fd It may happen that the io-handler is still registered. That causes select() to return with EBADF, not calling handlers for other fds. The io-handler would be registered when (on the source) the whole state was written but not yet flushed. For example when using QEMUFileBuffered, (tcp-migration) there may be data left in a buffer waiting to be transferred. In such a case buffered_close() calls buffered_flush() which calls migrate_fd_put_buffer, which may, upon EAGAIN, register migrate_fd_put_notify as a handler. (cherry picked from commit e19252d32c45e92c919109ec32616382eb2afe6b) Signed-off-by: Uri Lublin Signed-off-by: Anthony Liguori --- migration.c | 2 ++ 1 file changed, 2 insertions(+) diff --git a/migration.c b/migration.c index 06ea795cf..41a703af4 100644 --- a/migration.c +++ b/migration.c @@ -283,5 +283,7 @@ void migrate_fd_wait_for_unfreeze(void *opaque) int migrate_fd_close(void *opaque) { FdMigrationState *s = opaque; + + qemu_set_fd_handler2(s->fd, NULL, NULL, NULL, NULL); return s->close(s); } -- cgit v1.2.3 From f29602ca0ed75cac4ef6749bbe9912c33210f72b Mon Sep 17 00:00:00 2001 From: Andrea Arcangeli Date: Mon, 15 Jun 2009 13:52:27 +0200 Subject: fix qemu_aio_flush qemu_aio_wait by invoking the bh or one of the aio completion callbacks, could end up submitting new pending aio, breaking the invariant that qemu_aio_flush returns only when no pending aio is outstanding (possibly a problem for migration as such). (cherry picked from commit 986c28d655dc9196c9c426c667c1764bd3d6d5bd) Signed-off-by: Andrea Arcangeli Signed-off-by: Christoph Hellwig Acked-by: Kevin Wolf --- aio.c | 8 ++++++-- qemu-aio.h | 7 ++++--- 2 files changed, 10 insertions(+), 5 deletions(-) diff --git a/aio.c b/aio.c index 11fbb6c0c..dc9b85d16 100644 --- a/aio.c +++ b/aio.c @@ -103,11 +103,15 @@ void qemu_aio_flush(void) do { ret = 0; + /* + * If there are pending emulated aio start them now so flush + * will be able to return 1. + */ + qemu_aio_wait(); + LIST_FOREACH(node, &aio_handlers, node) { ret |= node->io_flush(node->opaque); } - - qemu_aio_wait(); } while (ret > 0); } diff --git a/qemu-aio.h b/qemu-aio.h index 79678293e..f262344af 100644 --- a/qemu-aio.h +++ b/qemu-aio.h @@ -24,9 +24,10 @@ typedef int (AioFlushHandler)(void *opaque); * outstanding AIO operations have been completed or cancelled. */ void qemu_aio_flush(void); -/* Wait for a single AIO completion to occur. This function will until a - * single AIO opeartion has completed. It is intended to be used as a looping - * primative when simulating synchronous IO based on asynchronous IO. */ +/* Wait for a single AIO completion to occur. This function will wait + * until a single AIO event has completed and it will ensure something + * has moved before returning. This can issue new pending aio as + * result of executing I/O completion or bh callbacks. */ void qemu_aio_wait(void); /* Register a file descriptor and associated callbacks. Behaves very similarly -- cgit v1.2.3 From accceed914ff6cd0ba9258ff76659141ea24bb62 Mon Sep 17 00:00:00 2001 From: Anthony Liguori Date: Tue, 16 Jun 2009 15:17:22 -0500 Subject: Make sure to use SDL_CFLAGS everywhere we include SDL headers (cherry picked from commit 537fe2d63f744e7c96ff45b60d09486a81958e06) Signed-off-by: Anthony Liguori --- Makefile | 2 +- Makefile.target | 2 ++ 2 files changed, 3 insertions(+), 1 deletion(-) diff --git a/Makefile b/Makefile index 4f7a55ae0..289449660 100644 --- a/Makefile +++ b/Makefile @@ -163,7 +163,7 @@ cocoa.o: cocoa.m sdl.o: sdl.c keymaps.c sdl_keysym.h -sdl.o audio/sdlaudio.o: CFLAGS += $(SDL_CFLAGS) +sdl.o audio/sdlaudio.o baum.o: CFLAGS += $(SDL_CFLAGS) vnc.o: vnc.c keymaps.c sdl_keysym.h vnchextile.h d3des.c d3des.h diff --git a/Makefile.target b/Makefile.target index f33f7621f..ba315d6cc 100644 --- a/Makefile.target +++ b/Makefile.target @@ -724,6 +724,8 @@ LDFLAGS+=-p main.o: CFLAGS+=-p endif +vl.o: CFLAGS+=$(SDL_CFLAGS) + $(QEMU_PROG): LIBS += $(SDL_LIBS) $(COCOA_LIBS) $(CURSES_LIBS) $(BRLAPI_LIBS) $(VDE_LIBS) $(QEMU_PROG): $(OBJS) ../libqemu_common.a libqemu.a -- cgit v1.2.3 From 04f4e710a06cc024a98e3e90be6fcf096d0dd0d3 Mon Sep 17 00:00:00 2001 From: Sebastian Herbszt Date: Sat, 13 Jun 2009 23:03:26 +0200 Subject: lsi53c895a: Implement Scratch Byte Register Fixes the following errors: lsi_scsi: error: Unhandled writeb 0x3a = 0x0 lsi_scsi: error: readb 0x3a (cherry picked from commit bd8ee11a6b19343f4ad0a1c5d16869584f609369) Signed-off-by: Sebastian Herbszt Signed-off-by: Anthony Liguori --- hw/lsi53c895a.c | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/hw/lsi53c895a.c b/hw/lsi53c895a.c index 1f4f8b7ef..c22bd1598 100644 --- a/hw/lsi53c895a.c +++ b/hw/lsi53c895a.c @@ -262,6 +262,7 @@ typedef struct { uint32_t sbc; uint32_t csbc; uint32_t scratch[18]; /* SCRATCHA-SCRATCHR */ + uint8_t sbr; /* Script ram is stored as 32-bit words in host byteorder. */ uint32_t script_ram[2048]; @@ -330,6 +331,7 @@ static void lsi_soft_reset(LSIState *s) s->ia = 0; s->sbc = 0; s->csbc = 0; + s->sbr = 0; } static int lsi_dma_40bit(LSIState *s) @@ -1407,6 +1409,8 @@ static uint8_t lsi_reg_readb(LSIState *s, int offset) return s->dmode; case 0x39: /* DIEN */ return s->dien; + case 0x3a: /* SBR */ + return s->sbr; case 0x3b: /* DCNTL */ return s->dcntl; case 0x40: /* SIEN0 */ @@ -1621,6 +1625,9 @@ static void lsi_reg_writeb(LSIState *s, int offset, uint8_t val) s->dien = val; lsi_update_irq(s); break; + case 0x3a: /* SBR */ + s->sbr = val; + break; case 0x3b: /* DCNTL */ s->dcntl = val & ~(LSI_DCNTL_PFF | LSI_DCNTL_STD); if ((val & LSI_DCNTL_STD) && (s->istat1 & LSI_ISTAT1_SRUN) == 0) -- cgit v1.2.3 From 73cf22cb601aa2295ce749286d9370a5ddb8be44 Mon Sep 17 00:00:00 2001 From: Sebastian Herbszt Date: Sat, 13 Jun 2009 23:03:27 +0200 Subject: lsi53c895a: Implement read and write access to DMA Next Address Fixes the following errors: lsi_scsi: error: Unhandled writeb 0x28 = 0x0 lsi_scsi: error: Unhandled writeb 0x29 = 0x0 lsi_scsi: error: Unhandled writeb 0x2a = 0x0 lsi_scsi: error: Unhandled writeb 0x2b = 0x0 (cherry picked from commit 4b9a2d6de77ccd1e3fb40a0d0c8cd9eddf35e3ab) Signed-off-by: Sebastian Herbszt Signed-off-by: Anthony Liguori --- hw/lsi53c895a.c | 2 ++ 1 file changed, 2 insertions(+) diff --git a/hw/lsi53c895a.c b/hw/lsi53c895a.c index c22bd1598..3470047ae 100644 --- a/hw/lsi53c895a.c +++ b/hw/lsi53c895a.c @@ -1402,6 +1402,7 @@ static uint8_t lsi_reg_readb(LSIState *s, int offset) CASE_GET_REG24(dbc, 0x24) case 0x27: /* DCMD */ return s->dcmd; + CASE_GET_REG32(dnad, 0x28) CASE_GET_REG32(dsp, 0x2c) CASE_GET_REG32(dsps, 0x30) CASE_GET_REG32(scratch[0], 0x34) @@ -1594,6 +1595,7 @@ static void lsi_reg_writeb(LSIState *s, int offset, uint8_t val) } s->ctest5 = val; break; + CASE_SET_REG32(dnad, 0x28) case 0x2c: /* DSP[0:7] */ s->dsp &= 0xffffff00; s->dsp |= val; -- cgit v1.2.3 From a5617318fe3b24621ff682a144c53e5dc953dc08 Mon Sep 17 00:00:00 2001 From: Sebastian Herbszt Date: Sat, 13 Jun 2009 23:03:29 +0200 Subject: lsi53c895a: Implement write access to DMA Byte Counter Adds CASE_SET_REG24 and fixes the following errors: lsi_scsi: error: Unhandled writeb 0x24 = 0x0 lsi_scsi: error: Unhandled writeb 0x25 = 0x0 (cherry picked from commit 49c47daa3221aaf3765e9fb77cb98e62a55b7bf8) Signed-off-by: Sebastian Herbszt Signed-off-by: Anthony Liguori --- hw/lsi53c895a.c | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/hw/lsi53c895a.c b/hw/lsi53c895a.c index 3470047ae..d4805c421 100644 --- a/hw/lsi53c895a.c +++ b/hw/lsi53c895a.c @@ -1491,6 +1491,11 @@ static uint8_t lsi_reg_readb(LSIState *s, int offset) static void lsi_reg_writeb(LSIState *s, int offset, uint8_t val) { +#define CASE_SET_REG24(name, addr) \ + case addr : s->name &= 0xffffff00; s->name |= val; break; \ + case addr + 1: s->name &= 0xffff00ff; s->name |= val << 8; break; \ + case addr + 2: s->name &= 0xff00ffff; s->name |= val << 16; break; + #define CASE_SET_REG32(name, addr) \ case addr : s->name &= 0xffffff00; s->name |= val; break; \ case addr + 1: s->name &= 0xffff00ff; s->name |= val << 8; break; \ @@ -1595,6 +1600,7 @@ static void lsi_reg_writeb(LSIState *s, int offset, uint8_t val) } s->ctest5 = val; break; + CASE_SET_REG24(dbc, 0x24) CASE_SET_REG32(dnad, 0x28) case 0x2c: /* DSP[0:7] */ s->dsp &= 0xffffff00; @@ -1709,6 +1715,7 @@ static void lsi_reg_writeb(LSIState *s, int offset, uint8_t val) BADF("Unhandled writeb 0x%x = 0x%x\n", offset, val); } } +#undef CASE_SET_REG24 #undef CASE_SET_REG32 } -- cgit v1.2.3 From 71080d96fd424a2da5771820e62b28971dc54008 Mon Sep 17 00:00:00 2001 From: Gerd Hoffmann Date: Fri, 12 Jun 2009 09:50:18 +0200 Subject: virtio blk: fix warning. (cherry picked from commit 5c5dafdc5ecb2fd5080189e9ea4adcfa4e03ad5d) Signed-off-by: Gerd Hoffmann Signed-off-by: Anthony Liguori --- hw/virtio-blk.c | 1 + 1 file changed, 1 insertion(+) diff --git a/hw/virtio-blk.c b/hw/virtio-blk.c index 520ad1bf2..0b3c2ac62 100644 --- a/hw/virtio-blk.c +++ b/hw/virtio-blk.c @@ -247,6 +247,7 @@ static void virtio_blk_update_config(VirtIODevice *vdev, uint8_t *config) bdrv_get_geometry(s->bs, &capacity); bdrv_get_geometry_hint(s->bs, &cylinders, &heads, &secs); + memset(&blkcfg, 0, sizeof(blkcfg)); stq_raw(&blkcfg.capacity, capacity); stl_raw(&blkcfg.seg_max, 128 - 2); stw_raw(&blkcfg.cylinders, cylinders); -- cgit v1.2.3 From ea0c91a0afa73a942e95eafcceae0d26022d3715 Mon Sep 17 00:00:00 2001 From: Nitin A Kamble Date: Thu, 4 Jun 2009 14:29:50 -0700 Subject: QEMU KVM: i386: Fix the cpu reset state As per the IA32 processor manual, the accessed bit is set to 1 in the processor state after reset. qemu pc cpu_reset code was missing this accessed bit setting. (cherry picked from commit 538f368612565f7c7672145c31e87f1d3d02d545) Signed-off-by: Nitin A Kamble Signed-off-by: Anthony Liguori --- target-i386/helper.c | 18 ++++++++++++------ 1 file changed, 12 insertions(+), 6 deletions(-) diff --git a/target-i386/helper.c b/target-i386/helper.c index e71499415..981ee1fd9 100644 --- a/target-i386/helper.c +++ b/target-i386/helper.c @@ -494,17 +494,23 @@ void cpu_reset(CPUX86State *env) env->tr.flags = DESC_P_MASK | (11 << DESC_TYPE_SHIFT); cpu_x86_load_seg_cache(env, R_CS, 0xf000, 0xffff0000, 0xffff, - DESC_P_MASK | DESC_S_MASK | DESC_CS_MASK | DESC_R_MASK); + DESC_P_MASK | DESC_S_MASK | DESC_CS_MASK | + DESC_R_MASK | DESC_A_MASK); cpu_x86_load_seg_cache(env, R_DS, 0, 0, 0xffff, - DESC_P_MASK | DESC_S_MASK | DESC_W_MASK); + DESC_P_MASK | DESC_S_MASK | DESC_W_MASK | + DESC_A_MASK); cpu_x86_load_seg_cache(env, R_ES, 0, 0, 0xffff, - DESC_P_MASK | DESC_S_MASK | DESC_W_MASK); + DESC_P_MASK | DESC_S_MASK | DESC_W_MASK | + DESC_A_MASK); cpu_x86_load_seg_cache(env, R_SS, 0, 0, 0xffff, - DESC_P_MASK | DESC_S_MASK | DESC_W_MASK); + DESC_P_MASK | DESC_S_MASK | DESC_W_MASK | + DESC_A_MASK); cpu_x86_load_seg_cache(env, R_FS, 0, 0, 0xffff, - DESC_P_MASK | DESC_S_MASK | DESC_W_MASK); + DESC_P_MASK | DESC_S_MASK | DESC_W_MASK | + DESC_A_MASK); cpu_x86_load_seg_cache(env, R_GS, 0, 0, 0xffff, - DESC_P_MASK | DESC_S_MASK | DESC_W_MASK); + DESC_P_MASK | DESC_S_MASK | DESC_W_MASK | + DESC_A_MASK); env->eip = 0xfff0; env->regs[R_EDX] = env->cpuid_version; -- cgit v1.2.3 From 80de8ace664689f2ba1eae307bb8d48abc343063 Mon Sep 17 00:00:00 2001 From: Jan Kiszka Date: Sat, 30 May 2009 10:01:45 +0200 Subject: kvm: Fix IRQ injection into full queue User space may only inject interrupts during kvm_arch_pre_run if ready_for_interrupt_injection is set in kvm_run. But that field is updated on exit from KVM_RUN, so we must ensure that we enter the kernel after potentially queuing an interrupt, otherwise we risk to loose one - like it happens with the current code against latest kernel modules (since kvm-86) that started to queue only a single interrupt. Fix the problem by reordering kvm_cpu_exec. Credits go to Gleb Natapov for analyzing the issue in details. (cherry picked from commit 8c14c17395809dfb2b20bd3598e067d2c5af7dc4) Signed-off-by: Jan Kiszka Signed-off-by: Anthony Liguori --- kvm-all.c | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/kvm-all.c b/kvm-all.c index 541b200e3..8e72c6d5a 100644 --- a/kvm-all.c +++ b/kvm-all.c @@ -451,14 +451,13 @@ int kvm_cpu_exec(CPUState *env) dprintf("kvm_cpu_exec()\n"); do { - kvm_arch_pre_run(env, run); - if (env->exit_request) { dprintf("interrupt exit requested\n"); ret = 0; break; } + kvm_arch_pre_run(env, run); ret = kvm_vcpu_ioctl(env, KVM_RUN, 0); kvm_arch_post_run(env, run); -- cgit v1.2.3 From 3e6b53eb32400a9ef172b34a6168ec563c9db74e Mon Sep 17 00:00:00 2001 From: Mark McLoughlin Date: Wed, 27 May 2009 10:06:11 +0100 Subject: Prevent CD-ROM media eject while device is locked Section 10.8.25 ("START/STOP UNIT Command") of SFF-8020i states that if the device is locked we should refuse to eject if the device is locked. ASC_MEDIA_REMOVAL_PREVENTED is the appropriate return in this case. In order to stop itself from ejecting the media it is running from, Fedora's installer (anaconda) requires the CDROMEJECT ioctl() to fail if the drive has been previously locked. See also https://bugzilla.redhat.com/501412 (cherry picked from commit aea2a33c73f28ecd8f10b242ecadddcc79c1c28b) Signed-off-by: Mark McLoughlin Signed-off-by: Anthony Liguori --- block.c | 9 ++++++++- block.h | 2 +- hw/ide.c | 26 ++++++++++++++++++-------- 3 files changed, 27 insertions(+), 10 deletions(-) diff --git a/block.c b/block.c index b68a8da09..e5cd23d34 100644 --- a/block.c +++ b/block.c @@ -1664,11 +1664,15 @@ int bdrv_media_changed(BlockDriverState *bs) /** * If eject_flag is TRUE, eject the media. Otherwise, close the tray */ -void bdrv_eject(BlockDriverState *bs, int eject_flag) +int bdrv_eject(BlockDriverState *bs, int eject_flag) { BlockDriver *drv = bs->drv; int ret; + if (bs->locked) { + return -EBUSY; + } + if (!drv || !drv->bdrv_eject) { ret = -ENOTSUP; } else { @@ -1677,7 +1681,10 @@ void bdrv_eject(BlockDriverState *bs, int eject_flag) if (ret == -ENOTSUP) { if (eject_flag) bdrv_close(bs); + ret = 0; } + + return ret; } int bdrv_is_locked(BlockDriverState *bs) diff --git a/block.h b/block.h index 979781a12..e1070e9c3 100644 --- a/block.h +++ b/block.h @@ -132,7 +132,7 @@ int bdrv_is_inserted(BlockDriverState *bs); int bdrv_media_changed(BlockDriverState *bs); int bdrv_is_locked(BlockDriverState *bs); void bdrv_set_locked(BlockDriverState *bs, int locked); -void bdrv_eject(BlockDriverState *bs, int eject_flag); +int bdrv_eject(BlockDriverState *bs, int eject_flag); void bdrv_set_change_cb(BlockDriverState *bs, void (*change_cb)(void *opaque), void *opaque); void bdrv_get_format(BlockDriverState *bs, char *buf, int buf_size); diff --git a/hw/ide.c b/hw/ide.c index 6ad1d081a..9b93e7f67 100644 --- a/hw/ide.c +++ b/hw/ide.c @@ -359,6 +359,7 @@ #define ASC_INCOMPATIBLE_FORMAT 0x30 #define ASC_MEDIUM_NOT_PRESENT 0x3a #define ASC_SAVING_PARAMETERS_NOT_SUPPORTED 0x39 +#define ASC_MEDIA_REMOVAL_PREVENTED 0x53 #define CFA_NO_ERROR 0x00 #define CFA_MISC_ERROR 0x09 @@ -1818,18 +1819,27 @@ static void ide_atapi_cmd(IDEState *s) break; case GPCMD_START_STOP_UNIT: { - int start, eject; + int start, eject, err = 0; start = packet[4] & 1; eject = (packet[4] >> 1) & 1; - if (eject && !start) { - /* eject the disk */ - bdrv_eject(s->bs, 1); - } else if (eject && start) { - /* close the tray */ - bdrv_eject(s->bs, 0); + if (eject) { + err = bdrv_eject(s->bs, !start); + } + + switch (err) { + case 0: + ide_atapi_cmd_ok(s); + break; + case -EBUSY: + ide_atapi_cmd_error(s, SENSE_NOT_READY, + ASC_MEDIA_REMOVAL_PREVENTED); + break; + default: + ide_atapi_cmd_error(s, SENSE_NOT_READY, + ASC_MEDIUM_NOT_PRESENT); + break; } - ide_atapi_cmd_ok(s); } break; case GPCMD_MECHANISM_STATUS: -- cgit v1.2.3 From 41de90f32c39cb1da68f78815aac2021ae868d9b Mon Sep 17 00:00:00 2001 From: Eduardo Habkost Date: Mon, 25 May 2009 18:20:05 -0300 Subject: Fix vga_screen_dump_blank() PPM generation vga_screen_dump_blank() was not generating a valid PPM file: the width of the image made no sense (why it was multiplied by sizeof(uint32_t)?), and there was only one sample per pixel, instead of three. (cherry picked from commit 77d4db015c99ce7083fd5b33f0c650176fe8bc98) Signed-off-by: Eduardo Habkost Signed-off-by: Anthony Liguori --- hw/vga.c | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/hw/vga.c b/hw/vga.c index 709d6bb99..00a7ae5a1 100644 --- a/hw/vga.c +++ b/hw/vga.c @@ -2606,8 +2606,9 @@ static void vga_screen_dump_blank(VGAState *s, const char *filename) { FILE *f; unsigned int y, x, w, h; + unsigned char blank_sample[3] = { 0, 0, 0 }; - w = s->last_scr_width * sizeof(uint32_t); + w = s->last_scr_width; h = s->last_scr_height; f = fopen(filename, "wb"); @@ -2616,7 +2617,7 @@ static void vga_screen_dump_blank(VGAState *s, const char *filename) fprintf(f, "P6\n%d %d\n%d\n", w, h, 255); for (y = 0; y < h; y++) { for (x = 0; x < w; x++) { - fputc(0, f); + fwrite(blank_sample, 3, 1, f); } } fclose(f); -- cgit v1.2.3 From 259cf68eb197a49c90810b2874a18fb99d36447a Mon Sep 17 00:00:00 2001 From: Isaku Yamahata Date: Fri, 26 Jun 2009 18:57:18 +0900 Subject: cpu_unregister_map_client: fix memory leak. fix memory leak in cpu_unregister_map_client() and cpu_notify_map_clients(). Signed-off-by: Isaku Yamahata Signed-off-by: Anthony Liguori --- exec.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/exec.c b/exec.c index 61a55325e..9bd84b46b 100644 --- a/exec.c +++ b/exec.c @@ -3110,6 +3110,7 @@ void cpu_unregister_map_client(void *_client) MapClient *client = (MapClient *)_client; LIST_REMOVE(client, link); + qemu_free(client); } static void cpu_notify_map_clients(void) @@ -3119,7 +3120,7 @@ static void cpu_notify_map_clients(void) while (!LIST_EMPTY(&map_client_list)) { client = LIST_FIRST(&map_client_list); client->callback(client->opaque); - LIST_REMOVE(client, link); + cpu_unregister_map_client(client); } } -- cgit v1.2.3 From fc78bd45039bcc8f3c4572b5921cf5144d438d01 Mon Sep 17 00:00:00 2001 From: Jan Kiszka Date: Sat, 27 Jun 2009 09:59:40 +0200 Subject: sdl: Fix memory leakage Valgrind was so kind to remark that no one bothers to release keycodes after use and that something is fishy about cleaning up the requested keyboard descriptor. With this patch applied, we no longer leak about 12k during startup. Signed-off-by: Jan Kiszka Signed-off-by: Anthony Liguori --- sdl.c | 39 +++++++++++++++++++++------------------ 1 file changed, 21 insertions(+), 18 deletions(-) diff --git a/sdl.c b/sdl.c index 74f084c0f..95efe8df1 100644 --- a/sdl.c +++ b/sdl.c @@ -144,32 +144,35 @@ static uint8_t sdl_keyevent_to_keycode(const SDL_KeyboardEvent *ev) static int check_for_evdev(void) { SDL_SysWMinfo info; - XkbDescPtr desc; + XkbDescPtr desc = NULL; int has_evdev = 0; - const char *keycodes; + char *keycodes = NULL; SDL_VERSION(&info.version); - if (!SDL_GetWMInfo(&info)) + if (!SDL_GetWMInfo(&info)) { return 0; - + } desc = XkbGetKeyboard(info.info.x11.display, XkbGBN_AllComponentsMask, XkbUseCoreKbd); - if (desc == NULL || desc->names == NULL) - return 0; - - keycodes = XGetAtomName(info.info.x11.display, desc->names->keycodes); - if (keycodes == NULL) - fprintf(stderr, "could not lookup keycode name\n"); - else if (strstart(keycodes, "evdev", NULL)) - has_evdev = 1; - else if (!strstart(keycodes, "xfree86", NULL)) - fprintf(stderr, - "unknown keycodes `%s', please report to qemu-devel@nongnu.org\n", - keycodes); - - XkbFreeClientMap(desc, XkbGBN_AllComponentsMask, True); + if (desc && desc->names) { + keycodes = XGetAtomName(info.info.x11.display, desc->names->keycodes); + if (keycodes == NULL) { + fprintf(stderr, "could not lookup keycode name\n"); + } else if (strstart(keycodes, "evdev", NULL)) { + has_evdev = 1; + } else if (!strstart(keycodes, "xfree86", NULL)) { + fprintf(stderr, "unknown keycodes `%s', please report to " + "qemu-devel@nongnu.org\n", keycodes); + } + } + if (desc) { + XkbFreeKeyboard(desc, XkbGBN_AllComponentsMask, True); + } + if (keycodes) { + XFree(keycodes); + } return has_evdev; } #else -- cgit v1.2.3 From 960b646371d9c91bbb908fc97ae277a384777136 Mon Sep 17 00:00:00 2001 From: G 3 Date: Wed, 1 Jul 2009 13:28:32 -0400 Subject: Substitute O_DSYNC with O_SYNC or O_FSYNC when needed. Signed-off-by: John Arbuckle Signed-off-by: Anthony Liguori --- block-raw-posix.c | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/block-raw-posix.c b/block-raw-posix.c index af3d46875..49dd528d2 100644 --- a/block-raw-posix.c +++ b/block-raw-posix.c @@ -75,7 +75,11 @@ /* OS X does not have O_DSYNC */ #ifndef O_DSYNC +#ifdef O_SYNC #define O_DSYNC O_SYNC +#elif defined(O_FSYNC) +#define O_DSYNC O_FSYNC +#endif #endif /* Approximate O_DIRECT with O_DSYNC if O_DIRECT isn't available */ -- cgit v1.2.3 From ed8f8da7a67999cd8b89e449b8b101f14fa16272 Mon Sep 17 00:00:00 2001 From: Mark McLoughlin Date: Wed, 1 Jul 2009 16:46:38 +0100 Subject: Don't leak VLANClientState on PCI hot remove destroy_nic() requires that NICInfo::private by a PCIDevice pointer, but then goes on to require that the same pointer matches VLANClientState::opaque. That is no longer the case for virtio-net since qdev and wasn't previously the case for rtl8139, ne2k_pci or eepro100. Make the situation a lot more clear by maintaining a VLANClientState pointer in NICInfo. Signed-off-by: Mark McLoughlin Signed-off-by: Anthony Liguori --- hw/device-hotplug.c | 7 +------ hw/etraxfs_eth.c | 6 +++--- hw/mcf_fec.c | 6 +++--- hw/mipsnet.c | 7 ++++--- hw/ne2000.c | 6 +++--- hw/usb-net.c | 8 ++++---- net.h | 1 + 7 files changed, 19 insertions(+), 22 deletions(-) diff --git a/hw/device-hotplug.c b/hw/device-hotplug.c index 3bdc048c6..e17808341 100644 --- a/hw/device-hotplug.c +++ b/hw/device-hotplug.c @@ -55,12 +55,7 @@ void destroy_nic(dev_match_fn *match_fn, void *arg) nic = &nd_table[i]; if (nic->used) { if (nic->private && match_fn(nic->private, arg)) { - if (nic->vlan) { - VLANClientState *vc; - vc = qemu_find_vlan_client(nic->vlan, nic->private); - if (vc) - qemu_del_vlan_client(vc); - } + qemu_del_vlan_client(nic->vc); net_client_uninit(nic); } } diff --git a/hw/etraxfs_eth.c b/hw/etraxfs_eth.c index bfc19262f..67568c35c 100644 --- a/hw/etraxfs_eth.c +++ b/hw/etraxfs_eth.c @@ -594,9 +594,9 @@ void *etraxfs_eth_init(NICInfo *nd, CPUState *env, eth->ethregs = cpu_register_io_memory(0, eth_read, eth_write, eth); cpu_register_physical_memory (base, 0x5c, eth->ethregs); - eth->vc = qemu_new_vlan_client(nd->vlan, nd->model, nd->name, - eth_receive, eth_can_receive, - eth_cleanup, eth); + eth->vc = nd->vc = qemu_new_vlan_client(nd->vlan, nd->model, nd->name, + eth_receive, eth_can_receive, + eth_cleanup, eth); eth->vc->opaque = eth; eth->vc->link_status_changed = eth_set_link; diff --git a/hw/mcf_fec.c b/hw/mcf_fec.c index 1ca847b22..539495615 100644 --- a/hw/mcf_fec.c +++ b/hw/mcf_fec.c @@ -463,9 +463,9 @@ void mcf_fec_init(NICInfo *nd, target_phys_addr_t base, qemu_irq *irq) mcf_fec_writefn, s); cpu_register_physical_memory(base, 0x400, s->mmio_index); - s->vc = qemu_new_vlan_client(nd->vlan, nd->model, nd->name, - mcf_fec_receive, mcf_fec_can_receive, - mcf_fec_cleanup, s); + s->vc = nd->vc = qemu_new_vlan_client(nd->vlan, nd->model, nd->name, + mcf_fec_receive, mcf_fec_can_receive, + mcf_fec_cleanup, s); memcpy(s->macaddr, nd->macaddr, 6); qemu_format_nic_info_str(s->vc, s->macaddr); } diff --git a/hw/mipsnet.c b/hw/mipsnet.c index e84298421..eba60e554 100644 --- a/hw/mipsnet.c +++ b/hw/mipsnet.c @@ -261,9 +261,10 @@ void mipsnet_init (int base, qemu_irq irq, NICInfo *nd) s->io_base = base; s->irq = irq; if (nd && nd->vlan) { - s->vc = qemu_new_vlan_client(nd->vlan, nd->model, nd->name, - mipsnet_receive, mipsnet_can_receive, - mipsnet_cleanup, s); + s->vc = nd->vc = qemu_new_vlan_client(nd->vlan, nd->model, nd->name, + mipsnet_receive, + mipsnet_can_receive, + mipsnet_cleanup, s); } else { s->vc = NULL; } diff --git a/hw/ne2000.c b/hw/ne2000.c index 975951755..6f24fb71d 100644 --- a/hw/ne2000.c +++ b/hw/ne2000.c @@ -756,9 +756,9 @@ void isa_ne2000_init(int base, qemu_irq irq, NICInfo *nd) ne2000_reset(s); - s->vc = qemu_new_vlan_client(nd->vlan, nd->model, nd->name, - ne2000_receive, ne2000_can_receive, - isa_ne2000_cleanup, s); + s->vc = nd->vc = qemu_new_vlan_client(nd->vlan, nd->model, nd->name, + ne2000_receive, ne2000_can_receive, + isa_ne2000_cleanup, s); qemu_format_nic_info_str(s->vc, s->macaddr); diff --git a/hw/usb-net.c b/hw/usb-net.c index 9e6442506..60bddd1af 100644 --- a/hw/usb-net.c +++ b/hw/usb-net.c @@ -1457,10 +1457,10 @@ USBDevice *usb_net_init(NICInfo *nd) pstrcpy(s->dev.devname, sizeof(s->dev.devname), "QEMU USB Network Interface"); - s->vc = qemu_new_vlan_client(nd->vlan, nd->model, nd->name, - usbnet_receive, - usbnet_can_receive, - usbnet_cleanup, s); + s->vc = nd->vc = qemu_new_vlan_client(nd->vlan, nd->model, nd->name, + usbnet_receive, + usbnet_can_receive, + usbnet_cleanup, s); qemu_format_nic_info_str(s->vc, s->mac); diff --git a/net.h b/net.h index a8bef3e65..59588c5ea 100644 --- a/net.h +++ b/net.h @@ -68,6 +68,7 @@ struct NICInfo { const char *model; const char *name; VLANState *vlan; + VLANClientState *vc; void *private; int used; }; -- cgit v1.2.3 From 51224c6f783ad0f711d69068ce8e0a3e60deb032 Mon Sep 17 00:00:00 2001 From: Mark McLoughlin Date: Wed, 1 Jul 2009 23:06:19 +0100 Subject: Unregister savevm callback in eeprom93xx_free() Otherwise if you hot remove an eepro100 NIC and then migrate, you get: Unknown savevm section or instance 'eeprom' 0 on the destination side. Signed-off-by: Mark McLoughlin Signed-off-by: Anthony Liguori --- hw/eeprom93xx.c | 1 + 1 file changed, 1 insertion(+) diff --git a/hw/eeprom93xx.c b/hw/eeprom93xx.c index 896cffd44..6de970adf 100644 --- a/hw/eeprom93xx.c +++ b/hw/eeprom93xx.c @@ -301,6 +301,7 @@ void eeprom93xx_free(eeprom_t *eeprom) { /* Destroy EEPROM. */ logout("eeprom = 0x%p\n", eeprom); + unregister_savevm("eeprom", eeprom); qemu_free(eeprom); } -- cgit v1.2.3 From 2872b8a445ad666b471d5dd1583ab4e51e962205 Mon Sep 17 00:00:00 2001 From: Anthony Liguori Date: Thu, 9 Jul 2009 13:25:47 -0500 Subject: Make sure to only vm_start() a failed migration if we were running to begin with. Signed-off-by: Anthony Liguori --- migration.c | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/migration.c b/migration.c index 41a703af4..61c92fe5f 100644 --- a/migration.c +++ b/migration.c @@ -213,12 +213,16 @@ void migrate_fd_put_ready(void *opaque) dprintf("iterate\n"); if (qemu_savevm_state_iterate(s->file) == 1) { int state; + int old_vm_running = vm_running; + dprintf("done iterating\n"); vm_stop(0); bdrv_flush_all(); if ((qemu_savevm_state_complete(s->file)) < 0) { - vm_start(); + if (old_vm_running) { + vm_start(); + } state = MIG_STATE_ERROR; } else { state = MIG_STATE_COMPLETED; -- cgit v1.2.3 From aae9547639f0b6c3090f759d7a1653c583ff7da7 Mon Sep 17 00:00:00 2001 From: Glauber Costa Date: Mon, 6 Jul 2009 09:32:09 -0400 Subject: flush pending aio requests When we finish migration, there may be pending async io requests in flight. If we don't flush it before stage3 starting, it might be the case that the guest loses it. Signed-off-by: Glauber Costa Signed-off-by: Anthony Liguori --- migration.c | 1 + 1 file changed, 1 insertion(+) diff --git a/migration.c b/migration.c index 61c92fe5f..86ebbf0a2 100644 --- a/migration.c +++ b/migration.c @@ -218,6 +218,7 @@ void migrate_fd_put_ready(void *opaque) dprintf("done iterating\n"); vm_stop(0); + qemu_aio_flush(); bdrv_flush_all(); if ((qemu_savevm_state_complete(s->file)) < 0) { if (old_vm_running) { -- cgit v1.2.3 From 2670257db0b987176c8d3fd5194fcdee835f893f Mon Sep 17 00:00:00 2001 From: Anthony Liguori Date: Fri, 10 Jul 2009 17:57:08 -0500 Subject: Revert "Make sure to use SDL_CFLAGS everywhere we include SDL headers" This reverts commit accceed914ff6cd0ba9258ff76659141ea24bb62. This has proven to cause all sorts of odd build breakages. I don't think it's quite ready for stable. Signed-off-by: Anthony Liguori --- Makefile | 2 +- Makefile.target | 2 -- 2 files changed, 1 insertion(+), 3 deletions(-) diff --git a/Makefile b/Makefile index 289449660..4f7a55ae0 100644 --- a/Makefile +++ b/Makefile @@ -163,7 +163,7 @@ cocoa.o: cocoa.m sdl.o: sdl.c keymaps.c sdl_keysym.h -sdl.o audio/sdlaudio.o baum.o: CFLAGS += $(SDL_CFLAGS) +sdl.o audio/sdlaudio.o: CFLAGS += $(SDL_CFLAGS) vnc.o: vnc.c keymaps.c sdl_keysym.h vnchextile.h d3des.c d3des.h diff --git a/Makefile.target b/Makefile.target index ba315d6cc..f33f7621f 100644 --- a/Makefile.target +++ b/Makefile.target @@ -724,8 +724,6 @@ LDFLAGS+=-p main.o: CFLAGS+=-p endif -vl.o: CFLAGS+=$(SDL_CFLAGS) - $(QEMU_PROG): LIBS += $(SDL_LIBS) $(COCOA_LIBS) $(CURSES_LIBS) $(BRLAPI_LIBS) $(VDE_LIBS) $(QEMU_PROG): $(OBJS) ../libqemu_common.a libqemu.a -- cgit v1.2.3 From cc15f92832f484d01e3e973105737053f69104e2 Mon Sep 17 00:00:00 2001 From: Anthony Liguori Date: Fri, 10 Jul 2009 17:55:45 -0500 Subject: Update for 0.10.6 release --- Changelog | 26 ++++++++++++++++++++++++++ VERSION | 2 +- 2 files changed, 27 insertions(+), 1 deletion(-) diff --git a/Changelog b/Changelog index feef3bb18..99d282f89 100644 --- a/Changelog +++ b/Changelog @@ -1,3 +1,29 @@ +version 0.10.6: + - e1000: ignore reset command (Kevin Wolf) + - fix VNC memory allocation (Stefan Weil) + - fix raw_pread_aligned return value (Christoph Hellwig) + - allow monitor interaction when using -incoming exec: (Chris Lalancette) + - fix -net socket,listen (Jan Kiszka) + - live migration: don't send gratuitous packets all at once (Gleb Natapov) + - serial: fix lost characters after sysrq (Jason Wessel) + - Fix prototype of zfree (Stefan Weil) + - Handle EINTR with exec: migration (Uri Lublin) + - Delete io-handler before closing fd after migration (Uri Lublin) + - Fix qemu_aio_flush (Andrea Arcangeli) + - lsi53c895a: Implement additional registers (Sebastian Herbszt) + - virtio-blk: fix warning (Gerd Hoffman) + - i386: fix cpu reset (Nitin Kamble) + - kvm: fix irq injection into full queue (Jan Kiszka) + - Prevent CD-ROM eject while device is locked (Mark McLoughlin) + - Fix screen dump with blank screen (Eduardo Habkost) + - Fix memory leak with cpu_unregister_map_client (Isaku Yamahata) + - Fix memory leak in SDL (Jan Kiszka) + - Fix build on OS X 10.4 (John Arbuckle) + - Fix leak of vlan clients after hot remove (Mark McLoughlin) + - Fix migration after hot remove with eepro100 (Mark McLoughlin) + - Don't start a VM after failed migration if stopped (Anthony Liguori) + - Fix live migration under heavy IO load (Glauber Costa) + version 0.10.5: - kvm: trim unsupported cpu features from cpuid (Avi Kivity) - kvm: provide a better error message for -smp > 1 (Mark McLoughlin) diff --git a/VERSION b/VERSION index 9028ec636..69da6ebcd 100644 --- a/VERSION +++ b/VERSION @@ -1 +1 @@ -0.10.5 +0.10.6 -- cgit v1.2.3 From df97ff696bcf4d81e36468e33e2c7797acbe4c6c Mon Sep 17 00:00:00 2001 From: Paolo Bonzini Date: Tue, 14 Jul 2009 18:07:50 +0200 Subject: honor -S on incoming migration -S is not honored by qemu on incoming migration. If a domain is migrated while paused, thus, it will start running on the remote machine; this is wrong. Given the trivial patch to fix this, it looks more like a thinko than anything else, probably dating back to the qemu-kvm merge. The interesting part is that the -S mechanism was in fact *used* when migrating (setting autostart = 0) and the incoming migration code was starting the VM at the end of the migration. Since I was removing the vm_start from there, I also corrected a related imprecision. The code was doing a vm_stop "just in case", but we can be sure that the VM is not running---the vm_start call in vl.c has not been reached yet. So the vm_stop is removed together with the vm_start. Signed-off-by: Paolo Bonzini Signed-off-by: Anthony Liguori --- migration-exec.c | 2 -- migration-tcp.c | 3 --- vl.c | 4 +--- 3 files changed, 1 insertion(+), 8 deletions(-) diff --git a/migration-exec.c b/migration-exec.c index 8e622437f..2e7fdc21d 100644 --- a/migration-exec.c +++ b/migration-exec.c @@ -113,7 +113,6 @@ static void exec_accept_incoming_migration(void *opaque) QEMUFile *f = opaque; int ret; - vm_stop(0); /* just in case */ ret = qemu_loadvm_state(f); if (ret < 0) { fprintf(stderr, "load of migration failed\n"); @@ -123,7 +122,6 @@ static void exec_accept_incoming_migration(void *opaque) dprintf("successfully loaded vm state\n"); /* we've successfully migrated, close the fd */ qemu_set_fd_handler2(qemu_popen_fd(f), NULL, NULL, NULL, NULL); - vm_start(); err: qemu_fclose(f); diff --git a/migration-tcp.c b/migration-tcp.c index 3f5b1049c..0875c23c9 100644 --- a/migration-tcp.c +++ b/migration-tcp.c @@ -159,7 +159,6 @@ static void tcp_accept_incoming_migration(void *opaque) goto out; } - vm_stop(0); /* just in case */ ret = qemu_loadvm_state(f); if (ret < 0) { fprintf(stderr, "load of migration failed\n"); @@ -172,8 +171,6 @@ static void tcp_accept_incoming_migration(void *opaque) qemu_set_fd_handler2(s, NULL, NULL, NULL, NULL); close(s); - vm_start(); - out_fopen: qemu_fclose(f); out: diff --git a/vl.c b/vl.c index 56623fb57..6cd0ce750 100644 --- a/vl.c +++ b/vl.c @@ -5721,10 +5721,8 @@ int main(int argc, char **argv, char **envp) if (loadvm) do_loadvm(loadvm); - if (incoming) { - autostart = 0; /* fixme how to deal with -daemonize */ + if (incoming) qemu_start_incoming_migration(incoming); - } if (autostart) vm_start(); -- cgit v1.2.3 From ca888361bbe8c2b66b6619ba8714a396e98f67c9 Mon Sep 17 00:00:00 2001 From: Beth Kon Date: Mon, 13 Jul 2009 19:43:13 -0400 Subject: Reset HPET config register on hpet_reset Without this, after system reset, hpet does not detect transition from non-legacy to legacy mode. Signed-off-by: Beth Kon Signed-off-by: Anthony Liguori --- hw/hpet.c | 1 + 1 file changed, 1 insertion(+) diff --git a/hw/hpet.c b/hw/hpet.c index c7945ecde..336c731bd 100644 --- a/hw/hpet.c +++ b/hw/hpet.c @@ -554,6 +554,7 @@ static void hpet_reset(void *opaque) { /* 64-bit main counter; 3 timers supported; LegacyReplacementRoute. */ s->capability = 0x8086a201ULL; s->capability |= ((HPET_CLK_PERIOD) << 32); + s->config = 0ULL; if (count > 0) /* we don't enable pit when hpet_reset is first called (by hpet_init) * because hpet is taking over for pit here. On subsequent invocations, -- cgit v1.2.3 From 0def14568c73b84715eddf7493fd9abff72db3a6 Mon Sep 17 00:00:00 2001 From: Dinesh Subhraveti Date: Tue, 14 Jul 2009 18:30:53 -0700 Subject: Initialize PS2 keyboard / mouse state on reset MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Currently only common PS2 state is initialized, leaving keyboard and mouse specific state to contain stale values. Signed-off-by: Dinesh Subhraveti  Signed-off-by: Anthony Liguori --- hw/ps2.c | 38 ++++++++++++++++++++++++++++++++------ 1 file changed, 32 insertions(+), 6 deletions(-) diff --git a/hw/ps2.c b/hw/ps2.c index fb7700523..0915b9faf 100644 --- a/hw/ps2.c +++ b/hw/ps2.c @@ -488,9 +488,8 @@ void ps2_write_mouse(void *opaque, int val) } } -static void ps2_reset(void *opaque) +static void ps2_common_reset(PS2State *s) { - PS2State *s = (PS2State *)opaque; PS2Queue *q; s->write_cmd = -1; q = &s->queue; @@ -500,6 +499,33 @@ static void ps2_reset(void *opaque) s->update_irq(s->update_arg, 0); } +static void ps2_kbd_reset(void *opaque) +{ + PS2KbdState *s = (PS2KbdState *) opaque; + + ps2_common_reset(&s->common); + s->scan_enabled = 0; + s->translate = 0; + s->scancode_set = 0; +} + +static void ps2_mouse_reset(void *opaque) +{ + PS2MouseState *s = (PS2MouseState *) opaque; + + ps2_common_reset(&s->common); + s->mouse_status = 0; + s->mouse_resolution = 0; + s->mouse_sample_rate = 0; + s->mouse_wrap = 0; + s->mouse_type = 0; + s->mouse_detect_state = 0; + s->mouse_dx = 0; + s->mouse_dy = 0; + s->mouse_dz = 0; + s->mouse_buttons = 0; +} + static void ps2_common_save (QEMUFile *f, PS2State *s) { qemu_put_be32 (f, s->write_cmd); @@ -590,10 +616,10 @@ void *ps2_kbd_init(void (*update_irq)(void *, int), void *update_arg) s->common.update_irq = update_irq; s->common.update_arg = update_arg; s->scancode_set = 2; - ps2_reset(&s->common); + ps2_kbd_reset(s); register_savevm("ps2kbd", 0, 3, ps2_kbd_save, ps2_kbd_load, s); qemu_add_kbd_event_handler(ps2_put_keycode, s); - qemu_register_reset(ps2_reset, &s->common); + qemu_register_reset(ps2_kbd_reset, s); return s; } @@ -603,9 +629,9 @@ void *ps2_mouse_init(void (*update_irq)(void *, int), void *update_arg) s->common.update_irq = update_irq; s->common.update_arg = update_arg; - ps2_reset(&s->common); + ps2_mouse_reset(s); register_savevm("ps2mouse", 0, 2, ps2_mouse_save, ps2_mouse_load, s); qemu_add_mouse_event_handler(ps2_mouse_event, s, 0, "QEMU PS/2 Mouse"); - qemu_register_reset(ps2_reset, &s->common); + qemu_register_reset(ps2_mouse_reset, s); return s; } -- cgit v1.2.3 From 9eab386edbf8cf002a731f8204a156f243a47a57 Mon Sep 17 00:00:00 2001 From: Anthony Liguori Date: Thu, 16 Jul 2009 18:50:52 -0500 Subject: Update changelot for 0.10.6 release --- Changelog | 3 +++ 1 file changed, 3 insertions(+) diff --git a/Changelog b/Changelog index 99d282f89..19a57b223 100644 --- a/Changelog +++ b/Changelog @@ -23,6 +23,9 @@ version 0.10.6: - Fix migration after hot remove with eepro100 (Mark McLoughlin) - Don't start a VM after failed migration if stopped (Anthony Liguori) - Fix live migration under heavy IO load (Glauber Costa) + - Honor -S on incoming migration (Paolo Bonzini) + - Reset HPET config register on reset (Beth Kon) + - Reset PS2 keyboard/mouse on reset (Dinesh Subraveti) version 0.10.5: - kvm: trim unsupported cpu features from cpuid (Avi Kivity) -- cgit v1.2.3