summaryrefslogtreecommitdiff
AgeCommit message (Collapse)AuthorFilesLines
2012-05-12target-i386: Defer MCE initAndreas Färber3-2/+13
Commit de024815e3b523addf58f1f79846b7fe74643678 (target-i386: QOM'ify CPU init) moved mce_init() call from helper.c:cpu_x86_init() into X86CPU's cpu.c:x86_cpu_initfn(). mce_init() checks for a family >= 6 though, so we could end up with a sequence such as for -cpu somecpu,family=6: x86_cpu_initfn => X86CPU::family == 5 mce_init => no-op cpu_x86_register => X86CPU::family = 6 => MCE unexpectedly not init'ed or for -cpu someothercpu,family=5: x86_cpu_initfn => X86CPU::family == 6 mce_init => init'ed cpu_x86_register => X86CPU::family = 5 => MCE unexpectedly init'ed Therefore partially revert the above commit. To avoid moving mce_init() back into helper.c, foresightedly move it into a new x86_cpu_realize() function and, in lack of ObjectClass::realize, call it directly from cpu_x86_init(). While at it, move the qemu_init_vcpu() call that used to follow mce_init() in cpu_x86_init() into the new realizefn as well. Reported-by: Igor Mammedov <imammedo@redhat.com> Signed-off-by: Andreas Färber <afaerber@suse.de> Reviewed-by: Igor Mammedov <imammedo@redhat.com>
2012-05-12qom: Documentation addition for object_class_by_name()Paolo Bonzini1-0/+6
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com> [AF: Document the possible NULL return value] Signed-off-by: Andreas Färber <afaerber@suse.de>
2012-05-12target-mips: Remove commented-out function declarationAndreas Färber1-1/+0
There is no function cpu_mips_get_clock(), so drop it. Signed-off-by: Andreas Färber <afaerber@suse.de> Acked-by: Stefan Weil <sw@weilnetz.de>
2012-05-12sun4u: implement interrupt clearing registersArtyom Tarasenko1-0/+12
Implement registers for clearing OBIO and PCI interrupts Signed-off-by: Artyom Tarasenko <atar4qemu@gmail.com> Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
2012-05-12sun4u: initialize OBIO interrupt mappingsArtyom Tarasenko1-0/+6
Similarly to PCI interrupt mappings, the OBIO ones have to be initialized. Signed-off-by: Artyom Tarasenko <atar4qemu@gmail.com> Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
2012-05-12fix block loads broken in commit 30038fd818Artyom Tarasenko1-1/+1
Fix UltraSPARC/JPS1/UA2007 VIS block load instructions broken in 30038fd81808f7c3bca92be2369e74c8ca7b3d69. Signed-off-by: Artyom Tarasenko <atar4qemu@gmail.com> [blauwirbel@gmail.com: trimmed unwanted part of patch] Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
2012-05-12Implement address masking for SPARC v9 CPUsArtyom Tarasenko1-1/+24
According to UltraSPARC - IIi User's manual: 14.1.11 Address Masking (Impdep #125) When PSTATE.AM=1, the CALL, JMPL, and RDPC instructions and all traps transmit zero in the high-order 32-bits of the PC to their specified destination registers. Signed-off-by: Artyom Tarasenko <atar4qemu@gmail.com> Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
2012-05-12vga: disable default VGA if appropriate -device is usedPaolo Bonzini1-9/+14
This is a partial revert of commits a369da5 (vga: improve VGA logic, committed 2012-01-22) and c5bd4f3 (vga: fix -nodefaults -device VGA, 2012-01-24) which broke command-line option parsing in different ways. Since commit a369da5 it has become impossible to specify a VGA device entirely with QemuOpts-enabled options, i.e. without needing an explicit "-vga none". In addition, until commit c5bd4f3 -nodefaults would not disable the device you specified with the legacy "-vga" option, independent of the order. Since commit c5bd4f3 QEMU -nodefaults will override a previous -vga option. I did not reintroduce machine->no_vga. Boards can simply ignore the vga_interface_type variable, and most will indeed do so. Signed-off-by: Paolo Bonzini <pbonzini@redhat.com> Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
2012-05-12cputlb: fix watchpoints handlingMax Filippov1-2/+2
Cleanup commit e554861766d9ae84dd5720baa4869f4ed711506f have changed code_address calculation in the tlb_set_page function in case of access to a page with a watchpoint. This caused QEMU segfault in the xtensa test_break unit test. Fix it by moving code_address assignment above memory_region_section_get_iotlb call. Signed-off-by: Max Filippov <jcmvbkbc@gmail.com> Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
2012-05-10target-arm/cpu.h: Make cpu_init("nonexistent cpu") return NULLPeter Maydell1-1/+9
The macro definition of cpu_init meant that if cpu_arm_init() returned NULL this wouldn't result in cpu_init() itself returning NULL. This had the effect that "-cpu foo" for some unknown CPU name 'foo' would cause ARM targets to segfault rather than generating a useful error message. Fix this by making cpu_init a simple inline function. Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Acked-by: Andreas Färber <afaerber@suse.de>
2012-05-10target-arm: When setting FPSCR.QC, don't clear other FPSCR bitsMatt Craighead1-1/+1
This patch fixes a bug affecting a variety of Neon instructions, such as VQADD. Signed-off-by: Matt Craighead <mjcraighead@gmail.com> Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2012-05-09Update version for 1.1.0-rc0 releaseAnthony Liguori1-1/+1
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2012-05-09tcg/ppc: Fix CONFIG_TCG_PASS_AREG0 modeAndreas Färber1-1/+32
Adjust the tcg_out_qemu_{ld,st}() slow paths to pass AREG0 in r3, based on patches by malc. Also adjust the registers clobbered, based on patch by Alex. Signed-off-by: Andreas Färber <afaerber@suse.de> Acked-by: Alexander Graf <agraf@suse.de> [AF: Do not hardcode r3 for AREG0, requested by Alex] Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2012-05-09tcg/ppc: Clobber r5 for 64-bit qemu_ldAndreas Färber1-0/+3
This accounts for the additional addr_reg2 register. Signed-off-by: Andreas Färber <afaerber@suse.de> Acked-by: Alexander Graf <agraf@suse.de> Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2012-05-09tcg/ppc: Don't hardcode register numbersAndreas Färber1-12/+17
Also assure i64 alignment where necessary. Alignment code optimization suggested by malc. Signed-off-by: Andreas Färber <afaerber@suse.de> Acked-by: Alexander Graf <agraf@suse.de> Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2012-05-09tcg/ppc: Do not overwrite lower address word on Darwin and AIXAndreas Färber1-4/+0
For targets where TARGET_LONG_BITS != 32, i.e. 64-bit guests, addr_reg is moved to r4. For hosts without TCG_TARGET_CALL_ALIGN_ARGS either data_reg2 or data_reg or a masked version thereof would overwrite r4. Place it in r5 instead, matching TCG_TARGET_CALL_ALIGN_ARGS hosts. This fixes immediate crashes of 64-bit guests observed on Darwin/ppc but not on Darwin/ppc64. Signed-off-by: Andreas Färber <andreas.faerber@web.de> Acked-by: malc <av1474@comtv.ru> Acked-by: Alexander Graf <agraf@suse.de> Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2012-05-08Merge remote-tracking branch 'qmp/queue/qmp' into stagingAnthony Liguori6-12/+29
* qmp/queue/qmp: hmp: fix bad value conversion for M type hmp: expr_unary(): check for overflow in strtoul()/strtoull() vl: drop is_suspended variable runstate: introduce suspended state qapi-schema.json: fix RunState enums alphabetical order wakeup on migration
2012-05-08hmp: fix bad value conversion for M typeLuiz Capitulino1-2/+6
The M type converts from megabytes to bytes. However, the value can be negative before the conversion, which will lead to a flawed conversion. For example, this: (qemu) balloon -1000000000000011 (qemu) Just "works", but the value passed by the balloon command will be something else. This patch fixes this problem by requering a positive value before converting. There's really no reason to accept a negative value for the M type. Signed-off-by: Luiz Capitulino <lcapitulino@redhat.com> Reviewed-by: Eric Blake <eblake@redhat.com>
2012-05-08hmp: expr_unary(): check for overflow in strtoul()/strtoull()Luiz Capitulino1-0/+4
It's not checked currently, so something like: (qemu) balloon -100000000000001111114334234 (qemu) Will just "work" (in this case the balloon command will get a random value). Fix it by checking if strtoul()/strtoull() overflowed. Signed-off-by: Luiz Capitulino <lcapitulino@redhat.com> Reviewed-by: Eric Blake <eblake@redhat.com>
2012-05-08vl: drop is_suspended variableLuiz Capitulino1-5/+2
Check for the RUN_STATE_SUSPENDED state instead. Signed-off-by: Luiz Capitulino <lcapitulino@redhat.com>
2012-05-08runstate: introduce suspended stateLuiz Capitulino4-3/+14
QEMU enters in this state when the guest suspends to ram (S3). This is important so that HMP users and QMP clients can know that the guest is suspended. QMP also has an event for this, but events are not reliable and are limited (ie. a client can connect to QEMU after the event has been emitted). Having a different state for S3 brings a new issue, though. Every device that doesn't run when the VM is stopped but wants to run when the VM is suspended has to check for RUN_STATE_SUSPENDED explicitly. This is the case for the keyboard and mouse devices, for example. Signed-off-by: Luiz Capitulino <lcapitulino@redhat.com> Acked-by: Gerd Hoffmann <kraxel@redhat.com>
2012-05-08qapi-schema.json: fix RunState enums alphabetical orderLuiz Capitulino1-2/+2
Signed-off-by: Luiz Capitulino <lcapitulino@redhat.com>
2012-05-08wakeup on migrationGerd Hoffmann1-0/+1
Wakeup the guest when the live part of the migation is finished. This avoids being in suspended state on migration, so we don't have to save the is_suspended bit. Signed-off-by: Gerd Hoffmann <kraxel@redhat.com> Reviewed-by: Luiz Capitulino <lcapitulino@redhat.com>
2012-05-08user-exec.c: Don't assert on segfaults for non-valid addressesPeter Maydell1-1/+2
h2g() will assert if passed an address that's not a valid guest address, so handle_cpu_signal() needs to check before passing "data address which caused a segfault" to it, since for a misbehaving guest that could be anything. If the address isn't a valid guest address then we can simply skip the attempt to unprotect a guest page which was made read-only to catch self-modifying code. This assertion probably fires more readily now than it used to do because of recent changes to default to reserving guest address space. Acked-by: Alexander Graf <agraf@suse.de> Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2012-05-08scripts/qemu-binfmt-conf.sh: Fix shell syntaxAndreas Färber1-0/+1
The script is organized as a sequence of binfmt registrations, with a check whether the to be registered architecture matches the host. Add a missing fi for the SuperH section. Reported-by: Alexander Graf <agraf@suse.de> Reviewed-by: Paolo Bonzini <pbonzini@redhat.com> Signed-off-by: Andreas Färber <afaerber@suse.de> Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2012-05-08cpu: Update documentation and commentAndreas Färber1-2/+2
State struct CPU had been renamed to CPUState, former CPUState to CPUArchState. Signed-off-by: Andreas Färber <afaerber@suse.de> Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2012-05-08configure: Assure printing "yes" or "no" for VirtFS supportAndreas Färber1-0/+1
When auto-detecting VirtFS support, virtfs="". Set it to "no" after checking whether it was explicitly requested through --enable-virtfs. Signed-off-by: Andreas Färber <afaerber@suse.de> Cc: Aneesh Kumar K.V <aneesh.kumar@linux.vnet.ibm.com> Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2012-05-08configure: Reindent VirtFS checkAndreas Färber1-7/+7
Avoid tab-indention and fit in with the surrounding code. Signed-off-by: Andreas Färber <afaerber@suse.de> Cc: Aneesh Kumar K.V <aneesh.kumar@linux.vnet.ibm.com> Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2012-05-08tci: Fix wrong macro name for debug codeStefan Weil1-1/+1
Code which is compiled with CONFIG_TCG_DEBUG (set by configure option --enable-debug-tcg) should not disable the assert macro by defining NDEBUG. With the wrong macro name CONFIG_TCG_DEBUG, all assertions in tci.c were completely useless because NDEBUG was always defined. Reviewed-by: Peter Maydell <peter.maydell@linaro.org> Signed-off-by: Stefan Weil <sw@weilnetz.de> Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2012-05-08qemu-timer: Move include for __FreeBSD_version to headerAndreas Faerber2-4/+4
sys/param.h is needed for __FreeBSD_version. Pointed out by Juergen, thanks. Signed-off-by: Andreas Faerber <andreas.faerber@web.de> Cc: Juergen Lock <nox@jelal.kn-bremen.de> Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2012-05-08Merge remote-tracking branch 'mst/tags/for_anthony' into stagingAnthony Liguori1-1/+1
* mst/tags/for_anthony: rtl8139: fix regression in TxStatus/TxAddr read
2012-05-08Merge remote-tracking branch 'kwolf/for-anthony' into stagingAnthony Liguori5-25/+73
* kwolf/for-anthony: fdc: simplify media change handling qcow2: lock on prealloc block: make bdrv_create adopt coroutine qcow2: Limit COW to where it's needed sheepdog: switch to writethrough mode if cluster doesn't support flush
2012-05-08Merge remote-tracking branch 'bonzini/scsi-next' into stagingAnthony Liguori5-87/+171
* bonzini/scsi-next: scsi: Add assertion for use-after-free errors scsi: remove useless debug messages scsi: set VALID bit to 0 in fixed format sense data scsi: do not require a minimum allocation length for REQUEST SENSE scsi: do not require a minimum allocation length for INQUIRY scsi: parse 16-byte tape CDBs scsi: do not report bogus overruns for commands in the 0x00-0x1F range scsi-disk: add dpofua property scsi: change "removable" field to host many features scsi: Specify the xfer direction for UNMAP and ATA_PASSTHROUGH commands scsi: fix WRITE SAME transfer length and direction scsi: fix refcounting for reads scsi: prevent data transfer overflow ISCSI: Add support for thin-provisioning via discard/UNMAP and bigger LUNs
2012-05-08Merge remote-tracking branch 'riku/linux-user-for-upstream' into stagingAnthony Liguori1-5/+41
* riku/linux-user-for-upstream: linux-user: fix emulation of /proc/self/maps linux-user: Clean up interim solution for exit syscall
2012-05-08Merge remote-tracking branch 'spice/spice.v54' into stagingAnthony Liguori8-55/+198
* spice/spice.v54: qxl: don't assert on guest create_guest_primary qxl: ioport_write: remove guest trigerrable abort qxl: qxl_add_memslot: remove guest trigerrable panics qxl: interface_notify_update: remove guest trigerrable abort qxl: cleanup s/__FUNCTION__/__func__/ qxl: don't abort on guest trigerrable ring indices mismatch qxl: fix > 80 chars line qxl: replace panic with guest bug in qxl_track_command qxl: check for NULL return from qxl_phys2virt hw/qxl.c: qxl_phys2virt: replace panics with guest_bug spice_info: add mouse_mode spice: require spice-protocol >= 0.8.1
2012-05-08Merge remote-tracking branch 'sweil/fixes' into stagingAnthony Liguori6-69/+63
* sweil/fixes: qemu-timer: Fix limits for w32 mmtimer qom: Fix memory leak in function container_get hw/pc_sysfw: Fix memory leak qdev: Fix memory leak in function set_pci_devfn arm-semi: Rename SYS_XXX macros to TARGET_SYS_XXX (fixes compiler warning) target-mips: Remove unused inline function
2012-05-08rtl8139: fix regression in TxStatus/TxAddr readAvi Kivity1-1/+1
Commit afe0a595356192 added byte reads for TxStatus/TxAddr, but broke 32-bit reads; the mask generation (1 << (8 * size)) - 1 is unspecified in C for size >= sizeof(int), and in fact returns 0 on x86. Fix by using a larger type. Fixes (at least) Fedora 9 i386 with -machine kernel_irqchip=on. I didn't see it with the qemu APIC implementation; may be due to timing or (more likely) a tester error. Signed-off-by: Avi Kivity <avi@redhat.com> Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2012-05-07fdc: simplify media change handlingHervé Poussineau1-18/+11
This also (partly) fixes IBM OS/2 Warp 4.0 floppy installation, where not all floppies have the same format (2x80x18 for the first ones, 2x80x23 for the next ones). Signed-off-by: Hervé Poussineau <hpoussin@reactos.org> Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2012-05-07qcow2: lock on preallocZhi Yong Wu1-0/+3
preallocate() will be locked. This is required because qcow2_alloc_cluster_link_l2() assumes that it runs under a lock that it can drop while COW is being performed. Signed-off-by: Zhi Yong Wu <wuzhy@linux.vnet.ibm.com> Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2012-05-07block: make bdrv_create adopt coroutineZhi Yong Wu1-2/+42
The current qemu.git introduces failure with preallocation and some sizes: qemu-img create -f qcow2 new.img 976563K -o preallocation=metadata qemu-img: qemu-coroutine-lock.c:111: qemu_co_mutex_unlock: Assertion `mutex->locked == 1' failed. And lock needs to work in coroutine context. So to fix this issue, we need to make bdrv_create adopt coroutine at first. Signed-off-by: Zhi Yong Wu <wuzhy@linux.vnet.ibm.com> Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2012-05-07qcow2: Limit COW to where it's neededKevin Wolf1-5/+9
This fixes a regression introduced in commit 250196f1. The bug leads to data corruption, found during an Autotest run with a Fedora 8 guest. Consider a write request whose first part is covered by an already allocated cluster, but additional clusters need to be newly allocated. When counting the number of clusters to allocate, the qcow2 code would decide to do COW for all remaining clusters of the write request, even if some of them are already allocated. If during this COW operation another write request is issued that touches the same cluster, it will still refer to the old cluster. When the COW completes, the first request will update the L2 table and the second write request will be lost. Note that the requests need not overlap, it's enough for them to touch the same cluster. This patch ensures that only clusters that really require COW are considered for allocation. In this case any other request writing to the same cluster will be an allocating write and gets serialised. Reported-by: Marcelo Tosatti <mtosatti@redhat.com> Tested-by: Marcelo Tosatti <mtosatti@redhat.com> Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2012-05-07sheepdog: switch to writethrough mode if cluster doesn't support flushMORITA Kazutaka1-0/+8
This is necessary for qemu to work with the older version of Sheepdog which doesn't support SD_OP_FLUSH_VDI. Signed-off-by: MORITA Kazutaka <morita.kazutaka@gmail.com> Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2012-05-07hw/ac97: Mask out the EAPD bit on Powerdown Ctrl/Stat writesHans de Goede1-1/+1
The Linux AC97 driver tests this bit to decide wether or not to show an External amplifier toggle control. This patch was also tested with a Windows XP guest without any issues. Signed-off-by: Hans de Goede <hdegoede@redhat.com> Signed-off-by: malc <av1474@comtv.ru>
2012-05-07hw/ac97: Mask out unused bits of volume controlsHans de Goede1-5/+15
The Linux ac97 drivers does a number of register read/write tests to see how much resolution a volume control actually has. This patch takes this into account by masking out any bits written to a volume control reg which should not be there according to the spec. After this the Linux ac97 driver correctly uses a range of 0 - 0x1f for the PCM out volume, as stated in the spec, and we can fix the FIXME in update_combined_volume_out(). This patch was also tested with a Windows XP guest without any issues. Signed-off-by: Hans de Goede <hdegoede@redhat.com> Signed-off-by: malc <av1474@comtv.ru>
2012-05-07hw/ac97: Use AC97_Record_Gain_Mute not AC97_Line_In_Volume_MuteHans de Goede1-4/+5
After commit 19677a380a70348134ed7650b294522617eb03fc: "hw/ac97: add support for volume control" We are (correctly) using AC97_Record_Gain_Mute and not AC97_Line_In_Volume_Mute for recording volume, but various places in hw/ac97 were still assumimg that we are using AC97_Line_In_Volume_Mute for record volume control, this patch fixes this. Signed-off-by: Hans de Goede <hdegoede@redhat.com> Signed-off-by: malc <av1474@comtv.ru>
2012-05-07hw/ac97: Make a bunch of mixer registers read onlyHans de Goede1-7/+27
The Linux ac97 driver tries to see if optional things like video input volume control are available in 2 ways: 1) See if the mute bit is set after reset, if it is no further tests are done 2) If the mute bit is not set it does a write/read test of the mute bit This patch changes our ac97 to conform to what the Linux driver expects, it initializes registers for things which we don't emulate to 0 (so the mute bit is not set) and makes them read only. This causes Linux to now longer show the following (functionless) controls in alsamixer: Master Mono vol + mute 3d Control toggle PCM out pre / post 3d select Surround toggle CD vol + mute Mic vol + mute Mic boost toggle Mic mic1 / mic2 select Video vol + mute Phone vol + mute Beep mono vol + mute Aux vol + mute Mono "output mic" / "mix" select Sigmatel 4 speaker stereo toggle Sigmatel ADC 6Db att toggle Sigmatel DAC 6Db att toggle This patch was also tested with a Windows XP guest and there it also makes a number of functionless mixer controls go away. Signed-off-by: Hans de Goede <hdegoede@redhat.com> Signed-off-by: malc <av1474@comtv.ru>
2012-05-07hw/ac97: Fix log message in mixer_loadHans de Goede1-1/+1
Fix a small copy and paste error in logging. Signed-off-by: Hans de Goede <hdegoede@redhat.com> Signed-off-by: malc <av1474@comtv.ru>
2012-05-07scsi: Add assertion for use-after-free errorsStefan Weil1-0/+1
The QEMU emulation which is currently used with Raspberry PI images (qemu-system-arm -M versatilepb ...) accesses memory which was freed. Valgrind output (extract): ==17857== Invalid write of size 4 ==17857== at 0x24EB06: scsi_req_unref (scsi-bus.c:1273) ==17857== by 0x24FFAE: scsi_read_complete (scsi-disk.c:277) ==17857== by 0x152ACC: bdrv_co_em_bh (block.c:3363) ==17857== by 0x13D49C: qemu_bh_poll (async.c:71) ==17857== by 0x211A8C: main_loop_wait (main-loop.c:503) ==17857== by 0x207954: main_loop (vl.c:1555) ==17857== by 0x20E9C9: main (vl.c:3653) ==17857== Address 0x1c54383c is 12 bytes inside a block of size 260 free'd ==17857== at 0x4824B3A: free (vg_replace_malloc.c:366) ==17857== by 0x20ADFA: free_and_trace (vl.c:2250) ==17857== by 0x4899FC5: g_free (in /lib/libglib-2.0.so.0.2400.1) ==17857== by 0x24EB3B: scsi_req_unref (scsi-bus.c:1277) ==17857== by 0x24F003: scsi_req_complete (scsi-bus.c:1383) ==17857== by 0x25022A: scsi_read_data (scsi-disk.c:334) ==17857== by 0x24EB9F: scsi_req_continue (scsi-bus.c:1289) ==17857== by 0x1C7787: lsi_do_dma (lsi53c895a.c:575) ==17857== by 0x1C8CDA: lsi_execute_script (lsi53c895a.c:1147) ==17857== by 0x1C74EA: lsi_resume_script (lsi53c895a.c:510) ==17857== by 0x1C7ECD: lsi_transfer_data (lsi53c895a.c:746) ==17857== by 0x24EC90: scsi_req_data (scsi-bus.c:1307) (There are some more similar messages.) This patch adds an assertion which also detects those errors: Calling scsi_req_unref is not allowed when the previous call of that function has decremented refcount to 0, because in this case req was freed. Signed-off-by: Stefan Weil <sw@weilnetz.de> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2012-05-07scsi: remove useless debug messagesPaolo Bonzini1-13/+0
Optional inquiry information is declared obsolete in the latest versions of the standard; invalid CDBs or unsupported VPD pages are supported can be diagnosed with trace_scsi_inquiry. Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2012-05-07scsi: set VALID bit to 0 in fixed format sense dataPaolo Bonzini1-2/+2
The INFORMATION field (bytes 3..6) is never set by QEMU, so the VALID bit must be 0. Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>