With Amazon eating Anthonys time status "Maintained" certainly isn't
true any more. Update entry accordingly.
Also add myself, so scripts/get_maintainer.pl will Cc: me, to reduce
the chance ui patches fall through the cracks on our pretty loaded
qemu-devel mailing list.
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
The relative pointer tracking mode was still buggy even after the
previous fix of the motion-notify-event since the events are filtered
out when the pointer moves outside the drawing window due to the
boundary check for the absolute mode.
This patch fixes the issue by moving the unnecessary boundary check
into the if block of absolute mode, and keep the coordinate in the
relative mode even if it's outside the drawing area. But this makes
the coordinate (last_x, last_y) possibly pointing to (-1,-1),
introduce a new flag to indicate the last coordinate has been
updated.
Reference: https://bugzilla.novell.com/show_bug.cgi?id=849587
Tested-by: Cole Robinson <crobinso@redhat.com>
Reviewed-by: Cole Robinson <crobinso@redhat.com>
Tested-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Takashi Iwai <tiwai@suse.de>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
The GDK motion-notify-event isn't generated when the pointer goes out
of the target window even if the pointer is grabbed, which essentially
means to lose the pointer tracking in gtk-ui.
Meanwhile the generic "event" signal is sent when the pointer is
grabbed, so we can use this and pick the motion notify events manually
there instead.
Reference: https://bugzilla.novell.com/show_bug.cgi?id=849587
Tested-by: Cole Robinson <crobinso@redhat.com>
Reviewed-by: Cole Robinson <crobinso@redhat.com>
Tested-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Takashi Iwai <tiwai@suse.de>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
The subsection already exists in one well-known enterprise Linux
distribution, but for some strange reason the fields were swapped
when forward-porting the patch to upstream.
Limit headaches for said enterprise Linux distributor when the
time will come to rebase their version of QEMU.
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Message-id: 1396452782-21473-1-git-send-email-pbonzini@redhat.com
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Block patches for 2.0.0
# gpg: Signature made Fri 04 Apr 2014 20:25:08 BST using RSA key ID C88F2FD6
# gpg: Good signature from "Kevin Wolf <kwolf@redhat.com>"
* remotes/kevin/tags/for-upstream:
dataplane: replace iothread object_add() with embedded instance
iothread: make IOThread struct definition public
dma-helpers: Initialize DMAAIOCB in_cancel flag
block: Check bdrv_getlength() return value in bdrv_append_temp_snapshot()
block: Fix snapshot=on for protocol parsed from filename
qemu-iotests: Remove CR line endings in reference output
block: Don't parse 'filename' option
qcow2: Put cache reference in error case
qcow2: Flush metadata during read-only reopen
iscsi: Don't set error if already set in iscsi_do_inquiry
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Before IOThread was its own object, each virtio-blk device would create
its own internal thread. We need to preserve this behavior for
backwards compatibility when users do not specify -device
virtio-blk-pci,iothread=<id>.
This patch changes how the internal IOThread object is created.
Previously we used the monitor object_add() function, which is really a
layering violation. The problem is that this needs to assign a name but
we don't have a name for this internal object.
Generating names for internal objects is a pain but even worse is that
they may collide with user-defined names.
Paolo Bonzini <pbonzini@redhat.com> suggested that the internal IOThread
object should not be named. This way the conflict cannot happen and we
no longer need object_add().
One gotcha is that internal IOThread objects will not be listed by the
query-iothreads command since they are not named. This is okay though
because query-iothreads is new and the internal IOThread is just for
backwards compatibility. New users should explicitly define IOThread
objects.
Reported-by: Christian Borntraeger <borntraeger@de.ibm.com>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
Reviewed-by: Paolo Bonzini <pbonzini@redhat.com>
Tested-by: Christian Borntraeger <borntraeger@de.ibm.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Initialize the dbs->in_cancel flag in dma_bdrv_io(), since qemu_aio_get()
does not return zero-initialized memory. Spotted by the clang sanitizer
(which complained when the value loaded in dma_complete() was not valid
for a bool type); this might have resulted in leaking the AIO block.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Since commit 9fd3171a, BDRV_O_SNAPSHOT uses an option QDict to specify
the originally requested image as the backing file of the newly created
temporary snapshot. This means that the filename is stored in
"file.filename", which is an option that is not parsed for protocol
names. Therefore things like -drive file=nbd:localhost:10809 were
broken because it looked for a local file with the literal name
'nbd:localhost:10809'.
This patch changes the way BDRV_O_SNAPSHOT works once again. We now open
the originally requested image as normal, and then do a similar
operation as for live snapshots to put the temporary snapshot on top.
This way, both driver specific options and parsed filenames work.
As a nice side effect, this results in code movement to factor
bdrv_append_temp_snapshot() out. This is a good preparation for moving
its call to drive_init() and friends eventually.
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Reviewed-by: Max Reitz <mreitz@redhat.com>
If the guest attempts to execute from unreadable memory, this will
cause us to longjmp back to the main loop from inside the
target frontend decoder. For linux-user mode, this means we will
still hold the tb_ctx.tb_lock, and will deadlock when we try to
start executing code again. Unlock the lock in the return-from-longjmp
code path to avoid this.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Acked-by: Andrei Warkentin <andrey.warkentin@gmail.com>
Reviewed-by: Richard Henderson <rth@twiddle.net>
When checking a page range, if we found that a page was
made read-only by QEMU because it contained translated code,
we were incorrectly returning immediately after unprotecting
that page, rather than continuing to check the entire range,
so we might fail to unprotect pages later in the range, or
might incorrectly return a "success" result even if later
pages were not writable.
In particular, this could cause segfaults in a case where
signals are delivered back to back on a target architecture
which uses trampoline code in the stack frame (as AArch64
currently does). The second signal causes a segfault because
the frame cannot be written to (it was protected because
we translated and executed the restorer trampoline, and the
unprotect logic did not unprotect the whole range).
Signed-off-by: Andrei Warkentin <andrey.warkentin@gmail.com
[PMM: expanded commit message a bit]
Reviewed-by: Richard Henderson <rth@twiddle.net>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
For the machine models which can have a Cortex-A15 CPU (vexpress-a15 and
midway), silently continue if the CPU object has no reset-cbar property
rather than failing. This allows these boards to be used under KVM with
the "-cpu host" option, since the 'host' CPU object has no reset-cbar
property.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Rob Herring <rob.herring@linaro.org>
If the user passes an unknown CPU name via the '-cpu' option, exit
with an error message rather than segfaulting.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Rob Herring <rob.herring@linaro.org>
qemu doesn't print these CRs any more. The test still didn't fail
because the output comparison ignores line endings, but the change turns
up each time when you want to update the output.
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Reviewed-by: Max Reitz <mreitz@redhat.com>
When using the QDict option 'filename', it is supposed to be interpreted
literally. The code did correctly avoid guessing the protocol from any
string before the first colon, but it still called bdrv_parse_filename()
which would, for example, incorrectly remove a 'file:' prefix in the
raw-posix driver.
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Reviewed-by: Max Reitz <mreitz@redhat.com>
When qcow2_get_cluster_offset() sees a zero cluster in a version 2
image, it (rightfully) returns an error. But in doing so it shouldn't
leak an L2 table cache reference.
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Reviewed-by: Max Reitz <mreitz@redhat.com>
If lazy refcounts are enabled for a backing file, committing to this
backing file may leave it in a dirty state even if the commit succeeds.
The reason is that the bdrv_flush() call in bdrv_commit() doesn't flush
refcount updates with lazy refcounts enabled, and qcow2_reopen_prepare()
doesn't take care to flush metadata.
In order to fix this, this patch also fixes qcow2_mark_clean(), which
contains another ineffective bdrv_flush() call beause lazy refcounts are
disabled only afterwards. All existing callers of qcow2_mark_clean()
either don't modify refcounts or already flush manually, so that this
fixes only a latent, but not yet actually triggerable bug.
Another instance of the same problem is live snapshots. Again, a real
corruption is prevented by an explicit flush for non-read-only images in
external_snapshot_prepare(), but images using lazy refcounts stay dirty.
Cc: qemu-stable@nongnu.org
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com>
This eliminates the possible assertion failure in error_setg().
Signed-off-by: Fam Zheng <famz@redhat.com>
Reviewed-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
FreeBSD 10.0-RELEASE has bswap16() etc. macros defined in sys/endian.h,
which leads to a conflict with our static inline definitions.
Force using the system version of the macros.
Signed-off-by: Andreas Färber <andreas.faerber@web.de>
Tested-by: Ed Maste <emaste@freebsd.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Max WRITE SAME length is also used when the UNMAP bit is zero, so it
should be queried even if LBPWS=0. Same for the optimal transfer
length.
However, the write_zeroes_alignment only matters for UNMAP=1 so we
still restrict it to LBPWS=1.
Reviewed-by: Peter Lieven <pl@kamp.de>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Non-block SCSI devices do not support flushing, but we may still send
them requests via bdrv_flush_all. Just ignore them.
Reviewed-by: Peter Lieven <pl@kamp.de>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Some targets may return "invalid field" as the ASCQ from WRITE SAME
if they support the command only without the UNMAP field. Recognize
that, and return ENOTSUP just like for "invalid operation code".
Reviewed-by: Peter Lieven <pl@kamp.de>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
This assertion is invalid, because get_sg_list can return an
empty sg-list even for commands that transfer no data (such
as SYNCHRONIZE CACHE).
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
SystemTap sdt.h sometimes results in compiled probes without sufficient
information to extract arguments. This can be solved in a slightly
hacky way by encouraging the compiler to place arguments into registers.
This patch fixes the apic_reset_irq_delivered() trace event on Fedora 20
with gcc-4.8.2-7.fc20 and systemtap-sdt-devel-2.4-2.fc20 on x86_64.
Signed-off-by: Frank Ch. Eigler <fche@redhat.com>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
preallocate() only links the first QCowL2Meta's data clusters into the
L2 table and ignores any chained QCowL2Metas in the linked list.
Chains of QCowL2Meta structs are built up when contiguous clusters span
L2 tables. Each QCowL2Meta describes one L2 table update. This is a
rare case in preallocate() but can happen.
This patch fixes preallocate() by iterating over the whole list of
QCowL2Metas. Compare with the qcow2_co_writev() function's
implementation, which is similar but also also handles request
dependencies. preallocate() only performs one allocation at a time so
there can be no dependencies.
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
This avoids a possible division by zero.
Convert s->tracks to unsigned as well because it feels better than
surviving just because the results of calculations with s->tracks are
converted to unsigned anyway.
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Reviewed-by: Max Reitz <mreitz@redhat.com>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
The first test case would cause a huge memory allocation, leading to a
qemu abort; the second one to a too small malloc() for the catalog
(smaller than s->catalog_size), which causes a read-only out-of-bounds
array access and on big endian hosts an endianess conversion for an
undefined memory area.
The sample image used here is not an original Parallels image. It was
created using an hexeditor on the basis of the struct that qemu uses.
Good enough for trying to crash the driver, but not for ensuring
compatibility.
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Reviewed-by: Max Reitz <mreitz@redhat.com>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
Even with a limit of 64k snapshots, each snapshot could have a filename
and an ID with up to 64k, which would still lead to pretty large
allocations, which could potentially lead to qemu aborting. Limit the
total size of the snapshot table to an average of 1k per entry when
the limit of 64k snapshots is fully used. This should be plenty for any
reasonable user.
This also fixes potential integer overflows of s->snapshot_size.
Suggested-by: Max Reitz <mreitz@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Reviewed-by: Max Reitz <mreitz@redhat.com>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
For the L1 table to loaded for an internal snapshot, the code allocated
only enough memory to hold the currently active L1 table. If the
snapshot's L1 table is actually larger than the current one, this leads
to a buffer overflow.
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Reviewed-by: Max Reitz <mreitz@redhat.com>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
The qcow2 code assumes that s->snapshots is non-NULL if s->nb_snapshots
!= 0. By having the initialisation of both fields separated in
qcow2_open(), any error occuring in between would cause the error path
to dereference NULL in qcow2_free_snapshots() if the image had any
snapshots.
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Reviewed-by: Max Reitz <mreitz@redhat.com>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
bs->total_sectors is not the highest possible sector number that could
be involved in a copy on write operation: VM state is after the end of
the virtual disk. This resulted in wrong values for the number of
sectors to be copied (n).
The code that checks for the end of the image isn't required any more
because the code hasn't been calling the block layer's bdrv_read() for a
long time; instead, it directly calls qcow2_readv(), which doesn't error
out on VM state sector numbers.
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Reviewed-by: Max Reitz <mreitz@redhat.com>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
Limiting the size of a single request to INT_MAX not only fixes a
direct integer overflow in bdrv_check_request() (which would only
trigger bad behaviour with ridiculously huge images, as in close to
2^64 bytes), but can also prevent overflows in all block drivers.
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Reviewed-by: Max Reitz <mreitz@redhat.com>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
This test checks for proper bounds checking of some VDI input
headers. The following is checked:
1. Max image size (1024TB) with the appropriate Blocks In Image
value (0x3fffffff) is detected as valid.
2. Image size exceeding max (1024TB) is seen as invalid
3. Valid image size but with Blocks In Image value that is too
small fails
4. Blocks In Image size exceeding max (0x3fffffff) is seen as invalid
5. 64MB image, with 64 Blocks In Image, and 1MB Block Size is seen
as valid
6. Block Size < 1MB not supported
7. Block Size > 1MB not supported
[Max Reitz <mreitz@redhat.com> pointed out that "1MB + 1" in the test
case is wrong. Change to "1MB + 64KB" to match the 0x110000 value.
--Stefan]
Signed-off-by: Jeff Cody <jcody@redhat.com>
Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
Both compressed and uncompressed I/O is buffered. dmg_open() calculates
the maximum buffer size needed from the metadata in the image file.
There is currently a buffer overflow since ->lengths[] is accounted
against the maximum compressed buffer size but actually uses the
uncompressed buffer:
switch (s->types[chunk]) {
case 1: /* copy */
ret = bdrv_pread(bs->file, s->offsets[chunk],
s->uncompressed_chunk, s->lengths[chunk]);
We must account against the maximum uncompressed buffer size for type=1
chunks.
This patch fixes the maximum buffer size calculation to take into
account the chunk type. It is critical that we update the correct
maximum since there are two buffers ->compressed_chunk and
->uncompressed_chunk.
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Reviewed-by: Max Reitz <mreitz@redhat.com>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
The DMG metadata is stored as uint64_t, so use the same type for
sector_num. int was a particularly poor choice since it is only 32-bit
and would truncate large values.
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Reviewed-by: Max Reitz <mreitz@redhat.com>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
Chunk length and sectorcount are used for decompression buffers as well
as the bdrv_pread() count argument. Ensure that they have reasonable
values so neither memory allocation nor conversion from uint64_t to int
will cause problems.
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Reviewed-by: Max Reitz <mreitz@redhat.com>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
Use the right types instead of signed int:
size_t new_size;
This is a byte count for g_realloc() that is calculated from uint32_t
and size_t values.
uint32_t chunk_count;
Use the same type as s->n_chunks, which is used together with
chunk_count.
This patch is a cleanup and does not fix bugs.
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Reviewed-by: Max Reitz <mreitz@redhat.com>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
It is not necessary to check errno for EINTR and the block layer does
not produce short reads. Therefore we can drop the loop that attempts
to read a compressed chunk.
The loop is buggy because it incorrectly adds the transferred bytes
twice:
do {
ret = bdrv_pread(...);
i += ret;
} while (ret >= 0 && ret + i < s->lengths[chunk]);
Luckily we can drop the loop completely and perform a single
bdrv_pread().
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Reviewed-by: Max Reitz <mreitz@redhat.com>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
When a terminator is reached the base for offsets and sectors is stored.
The following records that are processed will use this base value.
If the first record we encounter is a terminator, then calculating the
base values would result in out-of-bounds array accesses. Don't do
that.
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Reviewed-by: Max Reitz <mreitz@redhat.com>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
Clean up the mix of tabs and spaces, as well as the coding style
violations in block/dmg.c. There are no semantic changes since this
patch simply reformats the code.
This patch is necessary before we can make meaningful changes to this
file, due to the inconsistent formatting and confusing indentation.
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Reviewed-by: Max Reitz <mreitz@redhat.com>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
The size in bytes is assigned to an int later, so check that instead of
the number of entries.
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Reviewed-by: Max Reitz <mreitz@redhat.com>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
If the size becomes larger than what qcow2_open() would accept, fail the
growing operation.
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Reviewed-by: Max Reitz <mreitz@redhat.com>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
This ensures that the checks catch all invalid cluster indexes
instead of returning the refcount of a wrong cluster.
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Reviewed-by: Max Reitz <mreitz@redhat.com>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
free_cluster_index is only correct if update_refcount() was called from
an allocation function, and even there it's brittle because it's used to
protect unfinished allocations which still have a refcount of 0 - if it
moves in the wrong place, the unfinished allocation can be corrupted.
So not using it any more seems to be a good idea. Instead, use the
first requested cluster to do the calculations. Return -EAGAIN if
unfinished allocations could become invalid and let the caller restart
its search for some free clusters.
The context of creating a snapsnot is one situation where
update_refcount() is called outside of a cluster allocation. For this
case, the change fixes a buffer overflow if a cluster is referenced in
an L2 table that cannot be represented by an existing refcount block.
(new_table[refcount_table_index] was out of bounds)
[Bump the qemu-iotests 026 refblock_alloc.write leak count from 10 to
11.
--Stefan]
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Reviewed-by: Max Reitz <mreitz@redhat.com>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
len could become negative and would pass the check then. Nothing bad
happened because bdrv_pread() happens to return an error for negative
length values, but make variables for sizes unsigned anyway.
This patch also changes the behaviour to error out on invalid lengths
instead of silently truncating it to 1023.
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Reviewed-by: Max Reitz <mreitz@redhat.com>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
This avoid unbounded memory allocation and fixes a potential buffer
overflow on 32 bit hosts.
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Reviewed-by: Max Reitz <mreitz@redhat.com>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
The end of the refcount table must not exceed INT64_MAX so that integer
overflows are avoided.
Also check for misaligned refcount table. Such images are invalid and
probably the result of data corruption. Error out to avoid further
corruption.
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Reviewed-by: Max Reitz <mreitz@redhat.com>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
Limit the in-memory reference count table size to 8 MB, it's enough in
practice. This fixes an unbounded allocation as well as a buffer
overflow in qcow2_refcount_init().
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Reviewed-by: Max Reitz <mreitz@redhat.com>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
Header, header extension and the backing file name must all be stored in
the first cluster. Setting the backing file to a much higher value
allowed header extensions to become much bigger than we want them to be
(unbounded allocation).
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Reviewed-by: Max Reitz <mreitz@redhat.com>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
curl_read_cb is callback function for libcurl when data arrives. The
data size passed in here is not guaranteed to be within the range of
request we submitted, so we may overflow the guest IO buffer. Check the
real size we have before memcpy to buffer to avoid overflow.
Signed-off-by: Fam Zheng <famz@redhat.com>
Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Reviewed-by: Max Reitz <mreitz@redhat.com>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
Other variables (e.g. sectors_per_block) are calculated using these
variables, and if not range-checked illegal values could be obtained
causing infinite loops and other potential issues when calculating
BAT entries.
The 1.00 VHDX spec requires BlockSize to be min 1MB, max 256MB.
LogicalSectorSize is required to be either 512 or 4096 bytes.
Reported-by: Kevin Wolf <kwolf@redhat.com>
Signed-off-by: Jeff Cody <jcody@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Reviewed-by: Max Reitz <mreitz@redhat.com>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
The maximum blocks_in_image is 0xffffffff / 4, which also limits the
maximum disk_size for a VDI image to 1024TB. Note that this is the maximum
size that QEMU will currently support with this driver, not necessarily the
maximum size allowed by the image format.
This also fixes an incorrect error message, a bug introduced by commit
5b7aa9b56d (Reported by Stefan Weil)
Signed-off-by: Jeff Cody <jcody@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
This adds checks to make sure that max_table_entries and block_size
are in sane ranges. Memory is allocated based on max_table_entries,
and block_size is used to calculate indices into that allocated
memory, so if these values are incorrect that can lead to potential
unbounded memory allocation, or invalid memory accesses.
Also, the allocation of the pagetable is changed from g_malloc0()
to qemu_blockalign().
Signed-off-by: Jeff Cody <jcody@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Reviewed-by: Max Reitz <mreitz@redhat.com>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
It should neither become negative nor allow unbounded memory
allocations. This fixes aborts in g_malloc() and an s->catalog_bitmap
buffer overflow on big endian hosts.
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com>
Reviewed-by: Max Reitz <mreitz@redhat.com>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
Gets us rid of integer overflows resulting in negative sizes which
aren't correctly checked.
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com>
Reviewed-by: Max Reitz <mreitz@redhat.com>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
This is an on-disk structure, so offsets must be accurate.
Before this patch, sizeof(bochs) != sizeof(header_v1), which makes the
memcpy() between both invalid. We're lucky enough that the destination
buffer happened to be the larger one, and the memcpy size to be taken
from the smaller one, so we didn't get a buffer overflow in practice.
This patch unifies the both structures, eliminating the need to do a
memcpy in the first place. The common fields are extracted to the top
level of the struct and the actually differing part gets a union of the
two versions.
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com>
Reviewed-by: Max Reitz <mreitz@redhat.com>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
cloop stores the number of compressed blocks in the n_blocks header
field. The file actually contains n_blocks + 1 offsets, where the extra
offset is the end-of-file offset.
The following line in cloop_read_block() results in an out-of-bounds
offsets[] access:
uint32_t bytes = s->offsets[block_num + 1] - s->offsets[block_num];
This patch allocates and loads the extra offset so that
cloop_read_block() works correctly when the last block is accessed.
Notice that we must free s->offsets[] unconditionally now since there is
always an end-of-file offset.
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Reviewed-by: Max Reitz <mreitz@redhat.com>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
The offsets[] array allows efficient seeking and tells us the maximum
compressed data size. If the offsets are bogus the maximum compressed
data size will be unrealistic.
This could cause g_malloc() to abort and bogus offsets mean the image is
broken anyway. Therefore we should refuse such images.
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Reviewed-by: Max Reitz <mreitz@redhat.com>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
Limit offsets_size to 512 MB so that:
1. g_malloc() does not abort due to an unreasonable size argument.
2. offsets_size does not overflow the bdrv_pread() int size argument.
This limit imposes a maximum image size of 16 TB at 256 KB block size.
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Reviewed-by: Max Reitz <mreitz@redhat.com>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
The following integer overflow in offsets_size can lead to out-of-bounds
memory stores when n_blocks has a huge value:
uint32_t n_blocks, offsets_size;
[...]
ret = bdrv_pread(bs->file, 128 + 4, &s->n_blocks, 4);
[...]
s->n_blocks = be32_to_cpu(s->n_blocks);
/* read offsets */
offsets_size = s->n_blocks * sizeof(uint64_t);
s->offsets = g_malloc(offsets_size);
[...]
for(i=0;i<s->n_blocks;i++) {
s->offsets[i] = be64_to_cpu(s->offsets[i]);
offsets_size can be smaller than n_blocks due to integer overflow.
Therefore s->offsets[] is too small when the for loop byteswaps offsets.
This patch refuses to open files if offsets_size would overflow.
Note that changing the type of offsets_size is not a fix since 32-bit
hosts still only have 32-bit size_t.
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Reviewed-by: Max Reitz <mreitz@redhat.com>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
Avoid unbounded s->uncompressed_block memory allocation by checking that
the block_size header field has a reasonable value. Also enforce the
assumption that the value is a non-zero multiple of 512.
These constraints conform to cloop 2.639's code so we accept existing
image files.
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Reviewed-by: Max Reitz <mreitz@redhat.com>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
Add a cloop format-specific test case. Later patches add tests for
input validation to the script.
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Reviewed-by: Max Reitz <mreitz@redhat.com>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
Otherwise, the index of an input device like a usb-kbd is silently accepted.
(qemu) info mice
Mouse #2: QEMU PS/2 Mouse
* Mouse #3: QEMU HID Mouse
(qemu) mouse_set 1
(qemu) info mice
Mouse #2: QEMU PS/2 Mouse
* Mouse #3: QEMU HID Mouse
Also replace monitor_printf() call in do_mouse_set() with error_report() and
adjust error message.
Signed-off-by: Hani Benhabiles <hani@linux.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Flags NONBLOCK and CLOEXEC can have different values on the host and the
guest, so set correct host values before calling accept4().
This fixes several issues with accept4 system call and user-mode of QEMU.
Signed-off-by: Petar Jovanovic <petar.jovanovic@imgtec.com>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Riku Voipio <riku.voipio@linaro.org>
QOM/QTest infrastructure fixes
* Revised QTest SIGABRT fix
* Test cleanups for non-POSIX hosts
* QTest test cases for NVMe, virtio-9p, pvpanic, i82801b11
* QTest API addition for reading events
* TMP105 fix and regression test
# gpg: Signature made Mon 31 Mar 2014 22:08:10 BST using RSA key ID 3E7E013F
# gpg: Good signature from "Andreas Färber <afaerber@suse.de>"
# gpg: aka "Andreas Färber <afaerber@suse.com>"
* remotes/afaerber/tags/qom-devices-for-2.0:
tmp105-test: Test QOM property and precision
tmp105-test: Add a second sensor and test that one
tmp105-test: Wrap simple building blocks for testing
tmp105: Read temperature in milli-celsius
tests: Add i82801b11 qtest
pvpanic-test: Assert pause event
qtest: Factor out qtest_qmp_receive()
tests: Add pvpanic qtest
tests: Add virtio-9p qtest
tests: Add nvme qtest
nvme: Permit zero-length block devices
tests: Correctly skip qtest on non-POSIX hosts
tests: Skip POSIX-only tests on Windows
tests: Remove unsupported tests for MinGW
qtest: Keep list of qtest instances for SIGABRT handler
Revert "qtest: Fix crash if SIGABRT during qtest_init()"
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
This adds a regression test for commit
efdf6a56a7 (tmp105: Read temperature in
milli-celsius).
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Andreas Färber <afaerber@suse.de>
This will make it easier to reach the device under test via QOM.
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Andreas Färber <afaerber@suse.de>
The next patches will add more reads and writes. Add a simple testing
API for this.
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Andreas Färber <afaerber@suse.de>
Right now, the temperature property must be written in milli-celsius,
but it reads back the value in 8.8 fixed point. Fix this by letting the
property read back the original value (possibly rounded). Also simplify
the code that does the conversion.
Before:
(QEMU) qom-set path=/machine/peripheral/sensor property=temperature value=20000
{u'return': {}}
(QEMU) qom-get path=sensor property=temperature
{u'return': 5120}
After:
(QEMU) qom-set path=/machine/peripheral/sensor property=temperature value=20000
{u'return': {}}
(QEMU) qom-get path=sensor property=temperature
{u'return': 20000}
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Andreas Färber <afaerber@suse.de>
It may not be sensible for normal use cases, but it allows to use
/dev/null in QTest.
Acked-by: Keith Busch <keith.busch@intel.com>
Signed-off-by: Andreas Färber <afaerber@suse.de>
qtest test cases only work on POSIX hosts. The following line only
defines dependencies for qtest binaries on POSIX hosts:
check-qtest-$(CONFIG_POSIX)=$(foreach TARGET,$(TARGETS),$(check-qtest-$(TARGET)-y))
But the QTEST_TARGETS definition earlier in the Makefile fails to check
CONFIG_POSIX. This causes make targets to be generated for qtest test
cases even though we don't know how to build the binaries.
The following error message is printed when trying to run gtester on a
binary that was never built:
GLib-WARNING **: Failed to execute test binary: tests/endianness-test.exe: Failed to execute child process "tests/endianness-test.exe" (No such file or directory)
This patch makes QTEST_TARGETS empty on non-POSIX hosts. This prevents
the targets from being generated.
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
Signed-off-by: Andreas Färber <afaerber@suse.de>
test-rfifolock and test-vmstate only build on POSIX hosts. Exclude them
if building for Windows.
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
Reviewed-by: Stefan Weil <sw@weilnetz.de>
Signed-off-by: Andreas Färber <afaerber@suse.de>
test_timer_schedule and test_source_timer_schedule don't compile for MinGW
because some functions are not implemented for MinGW (qemu_pipe,
aio_set_fd_handler).
Signed-off-by: Stefan Weil <sw@weilnetz.de>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
Signed-off-by: Andreas Färber <afaerber@suse.de>
Keep track of active qtest instances so we can kill them when the test
aborts. This ensures no QEMU processes are left running after test
failure.
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
Reviewed-by: Marcel Apfelbaum <marcel.a@redhat.com>
Signed-off-by: Andreas Färber <afaerber@suse.de>
It turns out there are test cases that use multiple libqtest instances.
We cannot use a global qtest instance in the SIGABRT handler.
This reverts commit cb201b4872.
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
Reviewed-by: Marcel Apfelbaum <marcel.a@redhat.com>
Signed-off-by: Andreas Färber <afaerber@suse.de>
irq_state is cleared before calling pci_device_deassert_intx, but the
latter misbehaves if the former isn't accurate. In this case, any raised
IRQs are not cleared, which hits an assertion in pcibus_reset:
qemu-system-x86_64: hw/pci/pci.c:250: pcibus_reset: Assertion
`bus->irq_count[i] == 0' failed.
pci_device_deassert_intx should clear irq_state anyways, so add
an assert.
This fixes migration with usb2 + usb-tablet.
Signed-off-by: Cole Robinson <crobinso@redhat.com>
Message-id: 7da1ad94ce027183b4049c2de370cb191b0073c1.1396290569.git.crobinso@redhat.com
Reviewed-by: Paolo Bonzini <pbonzini@redhat.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
CPU address spaces touching load and store helpers as well as the
movement of (almost) all fields from CPU_COMMON to CPUState have led to
a noticeable increase of CPU() usage in "hot" paths for both TCG and KVM.
While CPU()'s OBJECT_CHECK() might help detect development errors, i.e.
in form of crashes due to QOM vs. non-QOM mismatches rather than QOM
type mismatches, it is not really needed at runtime since mostly used in
CPU-specific paths, coming from a target-specific CPU subtype. If that
pointer is damaged, other errors are highly likely to occur elsewhere
anyway.
Keep the CPU() macro for a consistent developer experience and for
flexibility to exchange its implementation, but turn it into a pure,
unchecked C cast for now.
Compare commit 6e42be7cd1.
Reported-by: Laurent Desnogues <laurent.desnogues@gmail.com>
Suggested-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Andreas Färber <afaerber@suse.de>
Linux guests, when using more than 4GB of RAM, may end up using 1GB pages
to store (kernel) data. When this happens, we're unable to debug a running
Linux kernel with GDB:
(gdb) p node_data[0]->node_id
Cannot access memory at address 0xffff88013fffd3a0
(gdb)
GDB returns this error because x86_cpu_get_phys_page_debug() doesn't support
translating 1GB pages in IA-32e paging mode and returns an error to GDB.
This commit adds support for 1GB page translation for IA32e paging.
Signed-off-by: Luiz Capitulino <lcapitulino@redhat.com>
Reviewed-by: Paolo Bonzini <pbonzini@redhat.com>
Reviewed-by: Jan Kiszka <jan.kiszka@siemens.com>
Signed-off-by: Andreas Färber <afaerber@suse.de>
acpi,pc,build bug fixes
Here are some bugfixes for 2.0.
A bugfix for acpi for pci bridges, and a build fix for
old systems without pthread_setname_np: both fix regressions
so we definitely want to include them.
HPET fix is not for a regression but looks very safe,
fixes a nasty bug and has been on list for a while.
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
# gpg: Signature made Fri 28 Mar 2014 12:00:12 GMT using RSA key ID D28D5469
# gpg: Good signature from "Michael S. Tsirkin <mst@kernel.org>"
# gpg: aka "Michael S. Tsirkin <mst@redhat.com>"
* remotes/mst/tags/for_upstream:
acpi: fix ACPI generation for pci bridges
Don't enable a HPET timer if HPET is disabled
Detect pthread_setname_np at configure time
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Commit 8dcf525abc
acpi-build: append description for non-hotplug
appended description for all occupied non hotpluggable PCI slots.
However the bridge devices are already added to SSDT,
adding them again will create an incorrect SSDT table.
Fixed by skipping the pci bridge devices, marking them as 'system'.
Signed-off-by: Marcel Apfelbaum <marcel.a@redhat.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
The arm ldrd/strd insns must cause alignment traps, whereas
at least for armv7 ldr/str must handle unaligned operations.
While this is hardly the only problem facing user-only emu,
this solves one problem for i386 on armv7 emulation.
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Reported-by: Huw Davies <huw@codeweavers.com>
Signed-off-by: Richard Henderson <rth@twiddle.net>
PowerPC queue for 2.0
* OpenPIC fix
* MSR fixes for POWER7 upwards
* TCG instruction set support fix for POWER8
# gpg: Signature made Thu 27 Mar 2014 16:12:12 GMT using RSA key ID 3E7E013F
# gpg: Good signature from "Andreas Färber <afaerber@suse.de>"
# gpg: aka "Andreas Färber <afaerber@suse.com>"
* remotes/afaerber/tags/ppc-for-2.0:
target-ppc: MSR_POW not supported on POWER7/7+/8
target-ppc: POWER7+ supports the MSR_VSX bit
target-ppc: POWER8 supports isel
target-ppc: POWER8 supports the MSR_LE bit
intc/openpic_kvm: Fix MemListener delete region callback function
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
trivial patches for 2014-03-27
# gpg: Signature made Thu 27 Mar 2014 15:23:53 GMT using RSA key ID 74F0C838
# gpg: Good signature from "Michael Tokarev <mjt@tls.msk.ru>"
# gpg: aka "Michael Tokarev <mjt@corpit.ru>"
# gpg: aka "Michael Tokarev <mjt@debian.org>"
# gpg: WARNING: This key is not certified with a trusted signature!
# gpg: There is no indication that the signature belongs to the owner.
# Primary key fingerprint: 6EE1 95D1 886E 8FFB 810D 4324 457C E0A0 8044 65C5
# Subkey fingerprint: E190 8639 3B10 B51B AC2C 8B73 5253 C5AD 74F0 C838
* remotes/mjt/tags/trivial-patches-2014-03-27: (23 commits)
linux-user: remove duplicate statement
hw/timer/grlib_gptimer: remove unnecessary assignment
hw/pci-host/apb.c: Avoid shifting left into sign bit
hw/intc/xilinx_intc: Avoid shifting left into sign bit
hw/intc/slavio_intctl: Avoid shifting left into sign bit
tests/libqos/pci-pc: Avoid shifting left into sign bit
hw/ppc: Avoid shifting left into sign bit
hw/intc/openpic: Avoid shifting left into sign bit
hw/usb/hcd-ohci.c: Avoid shifting left into sign bit
target-mips: Avoid shifting left into sign bit
hw/i386/acpi_build.c: Avoid shifting left into sign bit
hw/pci/pci_host.c: Avoid shifting left into sign bit
hw/intc/apic.c: Use uint32_t for mask word in foreach_apic
target-i386: Avoid shifting left into sign bit
CODING_STYLE: Section about mixed declarations
doc: update default PowerPC framebuffer settings
doc: update sun4m documentation
fix return check for KVM_GET_DIRTY_LOG ioctl
target-i386: Add missing 'static' and 'const' attributes
util: Add 'static' attribute to function implementation
...
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
A HPET timer can be started when HPET is not yet
enabled. This will not generate an interrupt
to the guest, but causes problems when HPET is later
enabled.
A timer that is created and expires at least once before
HPET is enabled will have an initialized comparator based
on a hpet_offset of 0 (uninitialized). When HPET is
enabled, hpet_set_timer() is called a second time, which
modifies the timer expiry to a time based on the
difference between current ticks (measured with the
newly initialized hpet_offset) and the timer's
comparator (which was generated before hpet_offset was
initialized). This results in a long period of no HPET
timer ticks.
When this occurs with a CentOS 5.x guest, the guest
may not receive timer interrupts during its narrow
timer check window and panic on boot.
Signed-off-by: Matt Lupfer <mlupfer@ddn.com>
Acked-by: Michael S. Tsirkin <mst@redhat.com>
Reviewed-by: Paolo Bonzini <pbonzini@redhat.com>
Warn if no way of setting thread name is available.
Signed-off-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
target-arm queue:
* Don't default to integratorcp board if no machine specified
# gpg: Signature made Thu 27 Mar 2014 14:09:12 GMT using RSA key ID 14360CDE
# gpg: Good signature from "Peter Maydell <peter.maydell@linaro.org>"
* remotes/pmaydell/tags/pull-target-arm-20140327:
vl.c: Improve message when no default machine is found
hw/arm: Stop specifying integratorcp as the default board
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Avoid undefined behaviour shifting left into the sign bit.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
Add U suffix when doing "1 << 31" to avoid undefined behaviour.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
Add U suffix to various places where we were doing "1 << 31",
which is undefined behaviour, and also to other constant
definitions in the same groups, for consistency.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
Add U suffix to avoid undefined behaviour. This is only strictly
necessary for the 1 << 31 cases; for consistency we extend it
to other constants in the same group.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
Add U suffix to avoid undefined behaviour. This is only
strictly necessary for the 1<<31 cases, but we add it for the
other constants in these groups for consistency.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
Add U suffix to various places where we shift a 1 left by 31,
to avoid undefined behaviour.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
Use unsigned arithmetic for operations on the mask word
in the foreach_apic() macro, to avoid relying on undefined
behaviour when shifting into the sign bit.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Stefan Weil <sw@weilnetz.de>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
Add 'U' suffixes where necessary to avoid (1 << 31) which
shifts left into the sign bit, which is undefined behaviour.
Add the suffix also for other constants in the same groupings
even if they don't shift into bit 31, for consistency.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
We had an unwritten rule about declarations having to be at beginning of
blocks. Make it a written rule.
Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
Reviewed-by: Stefan Weil <sw@weilnetz.de>
Reviewed-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
A few minor tidy-ups, plus add reference to the new -vga tcx and cg3 options.
Signed-off-by: Mark Cave-Ayland <mark.cave-ayland@ilande.co.uk>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
Fix return condition check from kvm_vm_ioctl(s, KVM_GET_DIRTY_LOG, &d) to
handle internal failures or no support for memory slot dirty bitmap.
Otherwise the ioctl succeeds and continues with migration.
Addresses BUG# 1294227
Signed-off-by: Mario Smarduch <m.smarduch@samsung.com>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
This fixes warnings from the static code analysis (smatch).
Signed-off-by: Stefan Weil <sw@weilnetz.de>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
The static code analyzer smatch complains because of a missing 'static'
attribute:
util/module.c:166:6: warning:
symbol 'module_load' was not declared. Should it be static?
'static' is used in the forward declaration, but not in the implementation.
Add it there, too.
Signed-off-by: Stefan Weil <sw@weilnetz.de>
Reviewed-by: Richard Henderson <rth@twiddle.net>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
This fixes a warning from the static code analysis (smatch).
Signed-off-by: Stefan Weil <sw@weilnetz.de>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
This fixes a warning from the static code analysis (smatch).
Signed-off-by: Stefan Weil <sw@weilnetz.de>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
This fixes warnings from the static code analysis (smatch).
Signed-off-by: Stefan Weil <sw@weilnetz.de>
Reviewed-by: Richard Henderson <rth@twiddle.net>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
Remove MSR_POW from the msr_mask for POWER7/7P/8.
Signed-off-by: Anton Blanchard <anton@samba.org>
Reviewed-by: Cédric Le Goater <clg@fr.ibm.com>
Tested-by: Cédric Le Goater <clg@fr.ibm.com>
Signed-off-by: Andreas Färber <afaerber@suse.de>
Without MSR_VSX we die early during a Linux boot.
Signed-off-by: Anton Blanchard <anton@samba.org>
Reviewed-by: Cédric Le Goater <clg@fr.ibm.com>
Tested-by: Cédric Le Goater <clg@fr.ibm.com>
Signed-off-by: Andreas Färber <afaerber@suse.de>
migration: traces
Adds trace messages to migration path. Patches have been on list for a
while, and have been reviewed by Juan.
# gpg: Signature made Thu 27 Mar 2014 10:44:21 GMT using RSA key ID 854083B6
# gpg: Can't check signature: public key not found
* remotes/amit-migration/tags/for_upstream:
migration: add more traces
util: add qemu_ether_ntoa
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Improve the clarity of the message QEMU prints when the user
doesn't specify a machine model to use and there is no default.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Paolo Bonzini <pbonzini@redhat.com>
Reviewed-by: Marcel Apfelbaum <marcel.a@redhat.com>
Currently for both qemu-system-arm and qemu-system-aarch64
the default board model if the user doesn't specify one
is the 'integratorcp'. This is a totally arbitrary historical
accident since it was the first board to be modelled.
That board is now just one target among many for us, and
is a very poor choice of default:
* it's an ancient board that is now only found in the
junkpiles of longtime ARM/Linux hackers, if at all
* it's an ARMv5 CPU, when most distros are now assuming
ARMv7
* it's pretty much unmaintained in QEMU
* it doesn't even have versatilepb's advantage of
supporting PCI
Making it or any other board the default serves only
to confuse people new to ARM who expect something more
like the x86 monoculture. Remove the is_default marker
from integratorcp, and don't set it for any other board,
to give users a nudge that they need to think about
which board they want a QEMU model of. (QEMU will produce
the admittedly slightly cryptic error "No machine found.")
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Paolo Bonzini <pbonzini@redhat.com>
This replaces DPRINTF macro with tracepoints.
This moves some messages from migration.c to savevm.c.
This adds tracepoint to signal about fileds failed to migrate.
Signed-off-by: Alexey Kardashevskiy <aik@ozlabs.ru>
Reviewed-by: Juan Quintela <quintela@redhat.com>
Signed-off-by: Amit Shah <amit.shah@redhat.com>
The signed integer division -0x8000_0000_0000_0000 / -1 must be handled
separately to avoid an overflow on the QEMU host.
Negative overflow must be a negative number for correct sign
extension in Sparc64 mode. Use <stdint.h> constants.
Signed-off-by: Olivier Danet <odanet@caramail.com>
Signed-off-by: Mark Cave-Ayland <mark.cave-ayland@ilande.co.uk>
acpi,virtio bug fixes
Two bugfixes for virtio-net, and one for a recent
regression in acpi.
Both issues have been reported in the wild, so
I think it's preferable to merge these ASAP so
that reporters can make sure RC fixes their issue.
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
# gpg: Signature made Wed 26 Mar 2014 10:52:16 GMT using RSA key ID D28D5469
# gpg: Good signature from "Michael S. Tsirkin <mst@kernel.org>"
# gpg: aka "Michael S. Tsirkin <mst@redhat.com>"
* remotes/mst/tags/for_upstream:
virtio-net: add vlan receive state to RxFilterInfo
virtio-net: Do not filter VLANs without F_CTRL_VLAN
Revert "acpi-test: rebuild SSDT"
acpi: make SSDT 1.0 spec compliant when possible
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Commit a07c67dfcc (Implement AT_CLKTCK.) back in March 2008 added a
new auxvec entry but didn't increment DLINFO_ITEMS, so it's been out of
sync ever since.
Bump it up to 14 so that it matches the number of NEW_AUX_ENT's that
need to be counted in create_elf_tables().
Signed-off-by: James Hogan <james.hogan@imgtec.com>
Cc: Riku Voipio <riku.voipio@iki.fi>
Cc: Paul Brook <paul@codesourcery.com>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Riku Voipio <riku.voipio@linaro.org>
Stefan Fritsch just fixed a virtio-net driver bug [1], virtio-net won't
filter out VLAN-tagged packets if VIRTIO_NET_F_CTRL_VLAN isn't negotiated.
This patch added a new field to @RxFilterInfo to indicate vlan receive
state ('normal', 'none', 'all'). If VIRTIO_NET_F_CTRL_VLAN isn't
negotiated, vlan receive state will be 'all', then all VLAN-tagged packets
will be received by guest.
This patch also fixed a boundary issue in visiting vlan table.
[1] http://lists.nongnu.org/archive/html/qemu-devel/2014-02/msg02604.html
Signed-off-by: Amos Kong <akong@redhat.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
If VIRTIO_NET_F_CTRL_VLAN is not negotiated, do not filter out all
VLAN-tagged packets but send them to the guest.
This fixes VLANs with OpenBSD guests (and probably NetBSD, too, because
the OpenBSD driver started as a port from NetBSD).
Signed-off-by: Stefan Fritsch <sf@sfritsch.de>
Signed-off-by: Amos Kong <akong@redhat.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
This reverts commit d07e0e9cdd.
Since
commit b4f4d54812
acpi: make SSDT 1.0 spec compliant when possible
We are back to old encoding.
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
The ACPI specification says:
The ASL compiler can emit two different AML opcodes for a Package
declaration, either PackageOp or VarPackageOp. For small, fixed-length
packages, the PackageOp is used and this opcode is compatible with ACPI
1.0. A VarPackageOp will be emitted if any of the following conditions
are true:
. The NumElements argument is a TermArg that can only be resolved at
runtime.
. At compile time, NumElements resolves to a constant that is larger than
255.
. The PackageList contains more than 255 initializer elements.
Note: The ability to create variable-sized packages was first introduced
in ACPI 2.0. ACPI 1.0 only allowed fixed-size packages with up to 255 elements.
So the spec seems to say a fixed value up to 255 must always
be used with PackageOp and not VarPackageOp, and some guests
(windows up to win2k8) seem to interpret it like this.
Let's do just this, choosing the encoding depending on
the number of elements.
Fixes 9bcc80cd71
(i386/acpi-build: allow more than 255 elements in CPON).
https://bugs.launchpad.net/bugs/1297651
Reported-by: Robert Hu <robert.hu@intel.com>
Cc: Laszlo Ersek <lersek@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
GTK without VTE is needed for hosts which don't support VTE (for example
all variants of MinGW), but it can also be reasonable for other hosts.
Signed-off-by: Stefan Weil <sw@weilnetz.de>
Previous implementation presumed that FPU registers are 64-bit and are
working in 64-bit mode. This change first checks MIPS_HFLAG_F64 and if not
set, it does load/store from the odd numbered register pair.
Patch by Matthew Fortune.
Signed-off-by: Matthew Fortune <matthew.fortune@imgtec.com>
Signed-off-by: Petar Jovanovic <petar.jovanovic@imgtec.com>
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
A couple trivial fixes for QEMU 2.0:
- Coding correction that allowed attempts to read the device
ROM after we'd already marked it failed (Bandan)
- Cosmetic error reporting fixes to remove unnecessary new lines
and fix a cut-n-paste wording error (Alex)
# gpg: Signature made Tue 25 Mar 2014 18:18:57 GMT using RSA key ID 3BB08B22
# gpg: Can't check signature: public key not found
* remotes/awilliam/tags/vfio-pci-for-qemu-20140325.0:
vfio: Cosmetic error reporting fixes
vfio: Correction in vfio_rom_read when attempting rom loading
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
* Remove terminating newlines from hw_error() and error_report() calls
* Fix cut-n-paste error in text (s/to/from/)
Signed-off-by: Alex Williamson <alex.williamson@redhat.com>
Net patches
# gpg: Signature made Tue 25 Mar 2014 15:02:48 GMT using RSA key ID 81AB73C8
# gpg: Good signature from "Stefan Hajnoczi <stefanha@redhat.com>"
# gpg: aka "Stefan Hajnoczi <stefanha@gmail.com>"
# gpg: WARNING: This key is not certified with a trusted signature!
# gpg: There is no indication that the signature belongs to the owner.
# Primary key fingerprint: 8695 A8BF D3F9 7CDA AC35 775A 9CA4 ABB3 81AB 73C8
* remotes/stefanha/tags/net-pull-request:
net: netmap_poll must update both read/write poll state
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Block pull request
# gpg: Signature made Tue 25 Mar 2014 14:34:45 GMT using RSA key ID 81AB73C8
# gpg: Good signature from "Stefan Hajnoczi <stefanha@redhat.com>"
# gpg: aka "Stefan Hajnoczi <stefanha@gmail.com>"
# gpg: WARNING: This key is not certified with a trusted signature!
# gpg: There is no indication that the signature belongs to the owner.
# Primary key fingerprint: 8695 A8BF D3F9 7CDA AC35 775A 9CA4 ABB3 81AB 73C8
* remotes/stefanha/tags/block-pull-request:
mirror: fix early wake from sleep due to aio
mirror: fix throttling delay calculation
Fixed various typos
qemu-img: mandate argument to 'qemu-img check --repair'
osdep: initialize glib threads in all QEMU tools
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
commit e638073c56 added a flag to track whether
a previous rom read had failed. Accidentally, the code
ended up adding vfio_load_option_rom twice. (Thanks to Alex
for spotting it)
Signed-off-by: Bandan Das <bsd@redhat.com>
Signed-off-by: Alex Williamson <alex.williamson@redhat.com>
The mirror blockjob coroutine rate-limits itself by sleeping. The
coroutine also performs I/O asynchronously so it's important that the
aio callback doesn't wake the coroutine early as that breaks
rate-limiting.
Reported-by: Joaquim Barrera <jbarrera@ac.upc.edu>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
The throttling delay calculation was using an inaccurate sector count to
calculate the time to sleep. This broke rate-limiting for the block
mirror job.
Move the delay calculation into mirror_iteration() where we know how
many sectors were transferred. This lets us calculate an accurate delay
time.
Reported-by: Joaquim Barrera <jbarrera@ac.upc.edu>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
qemu-img check --repair option accepts an argument. The argument to
--repair switch can either be 'all' or 'leak'. Fix the long option to
mandate argument with --repair switch.
The patch fixes following segmentation fault
Core was generated by `qemu-img check -f qcow2 --repair all t.qcow2'.
Program terminated with signal 11, Segmentation fault.
0 in img_check (argc=6, argv=0x7fffab9b8a10) at qemu-img.c:588
588 if (!strcmp(optarg, "leaks")) {
(gdb) bt
0 img_check (argc=6, argv=0x7fffab9b8a10) at qemu-img.c:588
1 __libc_start_main () from /lib/x86_64-linux-gnu/libc.so.6
2 _start ()
(gdb)
Signed-off-by: Prasad Joshi <prasadjoshi.linux@gmail.com>
Reviewed-by: Leandro Dorileo <l@dorileo.org>
Reviewed-by: Kevin Wolf <kwolf@redhat.com>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
glib versions prior to 2.31.0 require an explicit g_thread_init() call
to enable multi-threading.
Failure to initialize threading causes glib to take single-threaded code
paths without synchronization. For example, the g_slice allocator will
crash due to race conditions.
Fix this for all QEMU tool programs (qemu-nbd, qemu-io, qemu-img) by
moving the g_thread_init() call from vl.c:main() into a new
osdep.c:thread_init() constructor function.
thread_init() has __attribute__((constructor)) and is automatically
invoked by the runtime during startup.
We can now drop the "simple" trace backend's g_thread_init() call since
thread_init() already called it.
Note that we must keep coroutine-gthread.c's g_thread_init() call which
is located in a constructor function. There is no guarantee for
constructor function ordering so thread_init() may only be called later.
Reported-by: Mario de Chenno <mario.dechenno@unina2.it>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
target-arm queue for 2.0:
* Fix wrong-results bug in A64 Neon MLS instruction
* Fix loading of ELF images for 32 bit boards in qemu-system-aarch64
# gpg: Signature made Mon 24 Mar 2014 17:14:07 GMT using RSA key ID 14360CDE
# gpg: Good signature from "Peter Maydell <peter.maydell@linaro.org>"
* remotes/pmaydell/tags/pull-target-arm-20140324:
target-arm: Load ELF images with the correct machine type for CPU
target-arm: Fix A64 Neon MLS
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
acpi,pc,test bug fixes
More small fixes all over the place.
Notably fixes for big-endian hosts by Marcel.
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
# gpg: Signature made Mon 24 Mar 2014 10:41:07 GMT using RSA key ID D28D5469
# gpg: Good signature from "Michael S. Tsirkin <mst@kernel.org>"
# gpg: aka "Michael S. Tsirkin <mst@redhat.com>"
# gpg: WARNING: This key is not certified with a trusted signature!
# gpg: There is no indication that the signature belongs to the owner.
# Primary key fingerprint: 0270 606B 6F3C DF3D 0B17 0970 C350 3912 AFBE 8E67
# Subkey fingerprint: 5D09 FD08 71C8 F85B 94CA 8A0D 281F 0DB8 D28D 5469
* remotes/mst/tags/for_upstream:
tests/acpi-test: do not fail if iasl is broken
vl.c: Use MAX_CPUMASK_BITS macro instead of hardcoded constant
sysemu.h: Document what MAX_CPUMASK_BITS really limits
acpi: fix endian-ness for table ids
acpi-test: signature endian-ness fixes
i386/acpi-build: support hotplug of VCPU with APIC ID 0xFF
acpi-test: rebuild SSDT
i386/acpi-build: allow more than 255 elements in CPON
pc: Refuse max_cpus if it results in too large APIC ID
acpi: Don't use MAX_CPUMASK_BITS for APIC ID bitmap
acpi: Assert sts array limit on AcpiCpuHotplug_add()
pc: Refuse CPU hotplug if the resulting APIC ID is too large
acpi: Add ACPI_CPU_HOTPLUG_ID_LIMIT macro
acpi-test: update expected SSDT files
acpi-build: fix misaligned access
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
When trying to load an ELF file specified via -kernel, we need to
pass load_elf() the ELF machine type corresponding to the CPU we're
booting with, not the one corresponding to the softmmu binary
we happen to be running. (The two are different in the case of
loading a 32-bit ARM ELF file into a 32 bit CPU being emulated
by qemu-system aarch64.) This was causing us to incorrectly fail
to load ELF images in this situation.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Andreas Färber <afaerber@suse.de>
Message-id: 1395427476-25546-1-git-send-email-peter.maydell@linaro.org
The order of operands for the accumulate step in disas_simd_3same_int()
was reversed. This only affected the MLS instruction, since all the
other accumulating instructions in this category perform an addition
rather than a subtraction.
Reported-by: Laurent Desnogues <laurent.desnogues@gmail.com>
Tested-by: Laurent Desnogues <laurent.desnogues@gmail.com>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
There is an issue with iasl on big endian machines: It
cannot disassemble acpi tables taken from little endian
machines, so we cannot check the expected tables.
The acpi test will check if the expected aml files
can be disassembled, and will issue an warning not
failing the test on those machines until this
problem is solved by the acpica community.
Signed-off-by: Marcel Apfelbaum <marcel.a@redhat.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
Current tablet + spice is unusable. Regressed with the UI input rework.
Signed-off-by: Cole Robinson <crobinso@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
PowerPC queue for 2.0
* sPAPR loop fix
* SPR reset fix
* Reduce allocation size of indirect opcode tables
* Restrict number of CPU threads
* sPAPR H_SET_MODE fixes
* sPAPR firmware path fixes
* Static and constness cleanups
# gpg: Signature made Thu 20 Mar 2014 01:46:14 GMT using RSA key ID 3E7E013F
# gpg: Good signature from "Andreas Färber <afaerber@suse.de>"
# gpg: aka "Andreas Färber <afaerber@suse.com>"
* remotes/afaerber/tags/ppc-for-2.0:
spapr: Implement interface to fix device pathname
spapr: QOM'ify pseries machine
spapr_vio: Fix firmware names
spapr_llan: Add to boot device list
qdev: Introduce FWPathProvider interface
vl.c: Extend get_boot_devices_list() to ignore suffixes
spapr_hcall: Fix little-endian resource handling in H_SET_MODE
target-ppc: Introduce powerisa-207-server flag
target-ppc: Force CPU threads count to be a power of 2
target-ppc: Fix overallocation of opcode tables
target-ppc: Reset SPRs on CPU reset
spapr_hcall: Fix h_enter to loop correctly
target-ppc: Add missing 'static' and 'const' attributes
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
This extends the pseries machine type with the interface to fix firmware
pathnames for devices which have @bootindex property.
This fixes SCSI disks' device node names (which are wildcard nodes in
the device-tree), for spapr-vscsi, virtio-scsi and usb-storage.
This fixes PHB name from "pci" to "pci@XXXX" where XXXX is a BUID as
there is no bus on top of sPAPRPHBState where PHB firmware name could
be fixed using the BusClass::get_fw_dev_path() mechanism.
This stores the boot list in the /chosen/qemu,boot-list property of
the device tree. "\n" are replaced by spaces to support OF1275.
Signed-off-by: Alexey Kardashevskiy <aik@ozlabs.ru>
Signed-off-by: Andreas Färber <afaerber@suse.de>
This changes VIO bridge fw name from spapr-vio-bridge to vdevice and
vscsi/veth node names from QEMU object names to VIO specific device tree
names.
Signed-off-by: Alexey Kardashevskiy <aik@ozlabs.ru>
Signed-off-by: Andreas Färber <afaerber@suse.de>
QEMU supports firmware names for all devices in the QEMU tree but
some architectures expect some parts of firmware path names in different
format.
This introduces a firmware-pathname-change interface definition.
If some machines needs to redefine the firmware path format, it has
to add the TYPE_FW_PATH_PROVIDER interface to an object that is above
the device on the QOM tree (typically /machine).
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Alexey Kardashevskiy <aik@ozlabs.ru>
Signed-off-by: Andreas Färber <afaerber@suse.de>
As suffixes do not make sense for sPAPR's device tree and
there is no way to filter them out on the BusState::get_fw_dev_path()
level, let's add an ability for the external caller to specify
whether to apply suffixes or not.
We could handle suffixes in SLOF (ignored for now) but this would require
serious rework in the node opening code in SLOF, which has no obvious
benefit for the currently emulated sPAPR machine.
Signed-off-by: Alexey Kardashevskiy <aik@ozlabs.ru>
Signed-off-by: Andreas Färber <afaerber@suse.de>
This changes resource code definitions to ones used in the host kernel.
This fixes H_SET_MODE_RESOURCE_LE (switch between big endian and
little endian) to sync registers from KVM before changing LPCR value.
This adds a set_spr() helper to update an SPR in a CPU's context to avoid
possible races and makes use of it to change LPCR.
Signed-off-by: Alexey Kardashevskiy <aik@ozlabs.ru>
Reviewed-by: Greg Kurz <gkurz@linux.vnet.ibm.com>
Signed-off-by: Andreas Färber <afaerber@suse.de>
This flag will be used to decide whether to emulate some bits of
H_SET_MODE hypercall because some are POWER8-only.
While we are here, add 2.05 flag to POWER8 family too. POWER7/7+ already
have it.
Signed-off-by: Alexey Kardashevskiy <aik@ozlabs.ru>
Reviewed-by: Greg Kurz <gkurz@linux.vnet.ibm.com>
Signed-off-by: Andreas Färber <afaerber@suse.de>
PowerPC kernel expects the number of SMT threads in a core to be a power
of 2. Since QEMU doesn't enforce this, it leads to an early guest kernel
crash if invalid threads count is specified.
Prevent this crash and make it a graceful exit from QEMU itself by
validating the user-supplied threads count.
Signed-off-by: Bharata B Rao <bharata@linux.vnet.ibm.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Reviewed-by: Stewart Smith <stewart@linux.vnet.ibm.com>
Signed-off-by: Andreas Färber <afaerber@suse.de>
create_new_table() should allocate 0x20 opc_handler_t pointers, but
actually allocates 0x20 opc_handler_t structs. Fix this.
Signed-off-by: Stuart Brady <sdb@zubnet.me.uk>
Reviewed-by: Tom Musta <tommusta@gmail.com>
Tested-by: Tom Musta <tommusta@gmail.com>
Signed-off-by: Andreas Färber <afaerber@suse.de>
This resets SPR values to defaults on CPU reset. This should help
with little-endian guests reboot issues.
Signed-off-by: Alexey Kardashevskiy <aik@ozlabs.ru>
Reviewed-by: Greg Kurz <gkurz@linux.vnet.ibm.com>
Signed-off-by: Andreas Färber <afaerber@suse.de>
We wanted to loop till index is 8. On 8 we return with H_PTEG_FULL. If we
are successful in loading hpte with any other index, we continue with that
index value.
Reported-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Aneesh Kumar K.V <aneesh.kumar@linux.vnet.ibm.com>
Reviewed-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Andreas Färber <afaerber@suse.de>
PReP machine and devices
* Raven PCI host bridge memory fixes (remainder)
# gpg: Signature made Wed 19 Mar 2014 23:35:08 GMT using RSA key ID 3E7E013F
# gpg: Good signature from "Andreas Färber <afaerber@suse.de>"
# gpg: aka "Andreas Färber <afaerber@suse.com>"
* remotes/afaerber/tags/prep-for-2.0:
raven: Use raven_ for all function prefixes
raven: Fix PCI bus accesses with size > 1
raven: Add PCI bus mastering address space
raven: Set a correct PCI memory region
raven: Set a correct PCI I/O memory region
raven: Implement non-contiguous I/O region
raven: Rename intack region to pci_intack
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
This has been tested on Linux 2.4/PPC with the lsi53c895a SCSI adapter.
Signed-off-by: Hervé Poussineau <hpoussin@reactos.org>
Signed-off-by: Andreas Färber <andreas.faerber@web.de>
PCI memory region is 0x3f000000 bytes starting at 0xc0000000.
However, keep compatibility with Open Hack'Ware expectations
by adding a hack for Open Hack'Ware display.
Signed-off-by: Hervé Poussineau <hpoussin@reactos.org>
Signed-off-by: Andreas Färber <andreas.faerber@web.de>
PCI I/O region is 0x3f800000 bytes starting at 0x80000000.
Do not use global QEMU I/O region, which is only 64KB.
Signed-off-by: Hervé Poussineau <hpoussin@reactos.org>
Signed-off-by: Andreas Färber <andreas.faerber@web.de>
Regions added subsequently will also have the pci_ prefix.
Signed-off-by: Hervé Poussineau <hpoussin@reactos.org>
Signed-off-by: Andreas Färber <andreas.faerber@web.de>
QOM CPUState refactorings / X86CPU
* CPUState layout optimization for TCG
# gpg: Signature made Wed 19 Mar 2014 21:51:46 GMT using RSA key ID 3E7E013F
# gpg: Good signature from "Andreas Färber <afaerber@suse.de>"
# gpg: aka "Andreas Färber <afaerber@suse.com>"
* remotes/afaerber/tags/qom-cpu-for-2.0:
cpu: Move tcg_exit_req to the end of CPUState
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
QOM child properties take a reference to the object and release it when
the property is deleted. Therefore we should unref the default_backend
after we have added it as a child property.
Cc: KONRAD Frederic <fred.konrad@greensocs.com>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
Reviewed-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Andreas Färber <afaerber@suse.de>
There are currently three types of object_property_add_link() callers:
1. The link property may be set at any time.
2. The link property of a DeviceState instance may only be set before
realize.
3. The link property may never be set, it is read-only.
Something similar can already be achieved with
object_property_add_str()'s set() argument. Follow its example and add
a check() argument to object_property_add_link().
Also provide default check() functions for case #1 and #2. Case #3 is
covered by passing a NULL function pointer.
Cc: Peter Crosthwaite <peter.crosthwaite@petalogix.com>
Cc: Alexander Graf <agraf@suse.de>
Cc: Anthony Liguori <aliguori@amazon.com>
Cc: "Michael S. Tsirkin" <mst@redhat.com>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
Reviewed-by: Paolo Bonzini <pbonzini@redhat.com>
[AF: Tweaked documentation comment]
Signed-off-by: Andreas Färber <afaerber@suse.de>
Some object_property_add_link() callers expect property deletion to
unref the link property object. Other callers expect to manage the
refcount themselves. The former are currently broken and therefore leak
the link property object.
This patch adds a flags argument to object_property_add_link() so the
caller can specify which refcount behavior they require. The new
OBJ_PROP_LINK_UNREF_ON_RELEASE flag causes the link pointer to be
unreferenced when the property is deleted.
This fixes refcount leaks in qdev.c, xilinx_axidma.c, xilinx_axienet.c,
s390-virtio-bus.c, virtio-pci.c, virtio-rng.c, and ui/console.c.
Rationale for refcount behavior:
* hw/core/qdev.c
- bus children are explicitly unreferenced, don't interfere
- parent_bus is essentially a read-only property that doesn't hold a
refcount, don't unref
- hotplug_handler is leaked, do unref
* hw/dma/xilinx_axidma.c
- rx stream "dma" links are set using set_link, therefore they
need unref
- tx streams are set using set_link, therefore they need unref
* hw/net/xilinx_axienet.c
- same reasoning as hw/dma/xilinx_axidma.c
* hw/pcmcia/pxa2xx.c
- pxa2xx bypasses set_link and therefore does not use refcounts
* hw/s390x/s390-virtio-bus.c
* hw/virtio/virtio-pci.c
* hw/virtio/virtio-rng.c
* ui/console.c
- set_link is used and there is no explicit unref, do unref
Cc: Peter Crosthwaite <peter.crosthwaite@petalogix.com>
Cc: Alexander Graf <agraf@suse.de>
Cc: Anthony Liguori <aliguori@amazon.com>
Cc: "Michael S. Tsirkin" <mst@redhat.com>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
Reviewed-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Andreas Färber <afaerber@suse.de>
The error behavior of object_property_set_link() is dangerous. It sets
the link property object to NULL if an error occurs. A setter function
should either succeed or fail, it shouldn't leave the value NULL on
failure.
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
Reviewed-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Andreas Färber <afaerber@suse.de>
The path resolution logic in object_property_set_link() should be a
separate function. This makes the code easier to read and maintain.
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
Reviewed-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Andreas Färber <afaerber@suse.de>
Machine rewriting added MACHINE() macro which is
already in use by other OpenBSD library.
Since qemu/sockets.h exposes the OpenBSD namespace,
the minimalistic approach is to add it as the first QEMU include.
Reported-by: Brad Smith <brad@comstyle.com>
Signed-off-by: Marcel Apfelbaum <marcel.a@redhat.com>
Signed-off-by: Andreas Färber <afaerber@suse.de>
Since commit 261747f176 (vl: Use MachineClass instead of global
QEMUMachine list) valgrind complains about the following:
==54082== 57 bytes in 3 blocks are definitely lost in loss record 365 of
729
==54082== at 0x4031AFE: malloc (vg_replace_malloc.c:292)
==54082== by 0x4145569: g_malloc (in
/usr/lib64/libglib-2.0.so.0.3400.2)
==54082== by 0x415F9E9: g_strconcat (in
/usr/lib64/libglib-2.0.so.0.3400.2)
==54082== by 0x80157FE7: qemu_register_machine (vl.c:1597)
==54082== by 0x80208E6B: module_call_init (module.c:105)
==54082== by 0x80013B91: main (vl.c:3000)
Turns out that valgrind is right. We simply forget the memory that
g_strconcat() has allocated. Lets free it after the type_register().
We need a 2nd variable due to constness of the name part of the
type structure.
Signed-off-by: Christian Borntraeger <borntraeger@de.ibm.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Andreas Färber <afaerber@suse.de>
Commit 259186a7d2 (cpu: Move halted and
interrupt_request fields to CPUState) passed CPUState::env_ptr to
tlb_flush() directory rather than through a typed variable.
Commit 00c8cb0a36 (cputlb: Change
tlb_flush() argument to CPUState) now changed the argument type.
This was unnoticed by gcc because env_ptr is a void pointer.
Signed-off-by: Christian Borntraeger <borntraeger@de.ibm.com>
Signed-off-by: Andreas Färber <afaerber@suse.de>
This fixes warnings from the static code analysis (smatch).
Signed-off-by: Stefan Weil <sw@weilnetz.de>
Signed-off-by: Andreas Färber <afaerber@suse.de>
* remotes/riku/linux-user-for-upstream:
linux-user: Implement capget, capset
linux-user: Don't allow guest to block SIGSEGV
signal: added a wrapper for sigprocmask function
linux-user: Don't reserve space for commpage for AArch64
linux-user: implement F_[GS]ETOWN_EX
linux-user: Don't return uninitialized value for atomic_barrier syscall
linux-user/signal.c: Correct error path for AArch64 do_rt_sigreturn
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Block patches for 2.0.0-rc1
# gpg: Signature made Wed 19 Mar 2014 13:03:27 GMT using RSA key ID C88F2FD6
# gpg: Good signature from "Kevin Wolf <kwolf@redhat.com>"
* remotes/kevin/tags/for-upstream:
dataplane: fix implicit IOThread refcount
block/nfs: report errors from libnfs
block/nfs: bump libnfs requirement to 1.9.3
qcow2: Fix fail path in realloc_refcount_block()
qcow2: Correct comment for realloc_refcount_block()
qemu-io: Extended "--cmd" description in usage text
qemu-io-cmds: Fixed typo in example for writev.
block: Add error handling to bdrv_invalidate_cache()
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
target-arm queue:
* last few A64 Neon instructions
* fix some PL011 UART bugs causing occasional serial lockups
* fix the non-PCI AHCI device
# gpg: Signature made Wed 19 Mar 2014 12:00:59 GMT using RSA key ID 14360CDE
# gpg: Good signature from "Peter Maydell <peter.maydell@linaro.org>"
* remotes/pmaydell/tags/pull-target-arm-20140319:
target-arm: A64: Add saturating accumulate ops (USQADD/SUQADD)
target-arm: A64: Add saturating int ops (SQNEG/SQABS)
pl011: fix incorrect logic to set the RXFF flag
pl011: fix UARTRSR accesses corrupting the UARTCR value
pl011: reset the fifo when enabled or disabled
ahci: fix sysbus support
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
When creating an IOThread implicitly (the user did not specify
x-iothread=<id>) remember that iothread_find() does not return the
object with an incremented refcount.
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
Reviewed-by: Fam Zheng <famz@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
if an NFS operation fails we should report what libnfs knows
about the failure. It is likely more than just an error code.
Signed-off-by: Peter Lieven <pl@kamp.de>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
libnfs prior to 1.9.3 contains a bug that will report
wrong transfer sizes if the file offset grows beyond 4GB
and RPC responses are received out of order. this
error is not detectable and fixable in qemu.
additionally 1.9.3 introduces support for handling short
read/writes in general and takes care of the necessary
retransmissions internally.
Signed-off-by: Peter Lieven <pl@kamp.de>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
If qcow2_alloc_clusters() fails, new_offset and ret will both be
negative after the fail label, thus passing the first if condition and
subsequently resulting in a call of qcow2_free_clusters() with an
invalid (negative) offset parameter. Fix this by introducing a new label
"fail_free_cluster" which is only invoked if new_offset is indeed
pointing to a newly allocated cluster that should be cleaned up by
freeing it.
While we're at it, clean up the whole fail path. qcow2_cache_put()
should (and actually can) never fail, hence the return value can safely
be ignored (aside from asserting that it indeed did not fail).
Furthermore, there is no reason to give QCOW2_DISCARD_ALWAYS to
qcow2_free_clusters(), a mere QCOW2_DISCARD_OTHER will suffice.
Ultimately, rename the "fail" label to "done", as it is invoked both on
failure and success.
Suggested-by: Laszlo Ersek <lersek@redhat.com>
Signed-off-by: Max Reitz <mreitz@redhat.com>
Reviewed-by: Laszlo Ersek <lersek@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Contrary to the comment describing this function's behavior, it does not
return 0 on success, but rather the offset of the newly allocated
cluster. This patch adjusts the comment accordingly to reflect the
actual behavior.
Signed-off-by: Max Reitz <mreitz@redhat.com>
Reviewed-by: Laszlo Ersek <lersek@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
It's not clear from the usage description that "--cmd" option accepts
its argument as a string, so any special symbols have to be quoted from
the shell.
Updates in usage text:
- Specified parameter format for "--cmd" option.
- Added an instruction how to get help for "--cmd" option.
Signed-off-by: Maria Kustova <maria.k@catit.be>
Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
If it returns an error, the migrated VM will not be started, but qemu
exits with an error message.
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Reviewed-by: Juan Quintela <quintela@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Reviewed-by: Benoit Canet <benoit@irqsave.net>
Add the saturating accumulate operations USQADD and SUQADD
to the A64 instruction set. This completes coverage of A64 Neon.
These operations (which are unsigned + signed -> signed and
signed + unsigned -> unsigned) don't exist in the A32/T32
instruction set, so require a complete new set of helper functions.
Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Richard Henderson <rth@twiddle.net>
This mostly re-uses the existing NEON helpers with an additional two for
the 64 bit case. I also took the opportunity to add TCG_CALL_NO_RWG
options to the helpers as they don't modify globals (saturation flags
are in the CPU Environment).
Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Richard Henderson <rth@twiddle.net>
Offset 4 is UARTRSR/UARTECR, not the UARTCR. The UARTCR would be
corrupted if the UARTRSR is ever written. Fix by implementing a correct
model of the UARTRSR/UARTECR register. Reads of this register simply
reflect the error bits in data register. Only breaks can be triggered in
QEMU. With the pl011_can_receive function, we effectively have flow
control between the host and the model. Framing and parity errors simply
don't make sense in the model and will never occur.
Signed-off-by: Rob Herring <rob.herring@linaro.org>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Message-id: 1395166721-15716-3-git-send-email-robherring2@gmail.com
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Intermittent issues have been seen where no serial input occurs. It
appears the pl011 gets in a state where the rx interrupt never fires
because the rx interrupt only asserts when crossing the fifo trigger
level. The fifo state appears to get out of sync when the pl011 is
re-configured. This combined with the rx timeout interrupt not being
modeled results in no more rx interrupts.
Disabling the fifo is the recommended way to clear the tx fifo in the
TRM (section 3.3.8). The behavior in this case for the rx fifo is
undefined in the TRM, but having fifo contents to be maintained during
configuration changes is not likely expected behavior. Reseting the
fifo state when the fifo size is changed is the simplest solution.
Signed-off-by: Rob Herring <rob.herring@linaro.org>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Message-id: 1395166721-15716-2-git-send-email-robherring2@gmail.com
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Non-PCI AHCI support is broken due to assertion failures when trying
to convert AHCIState to a PCIDevice pointer as AHCIState can have
different container structs. Fix this by using the non-asserting object
cast and checking the returned pointer is not NULL.
The AddressSpace pointer is also being initialized to NULL and causing
dma_memory_map call to fail. Fix this by initializing to
address_space_memory for sysbus instances.
Also correct AHCI_VMSTATE to use the correct container SysbusAHCIState
for sysbus instances.
Signed-off-by: Rob Herring <rob.herring@linaro.org>
Message-id: 1392073373-3295-1-git-send-email-robherring2@gmail.com
[PMM: added linebreaks to fix overlong lines]
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
when using signature for table ID, we forgot to byte-swap it.
signatures are really ASCII strings, let's treat them as such.
While at it, get rid of most of _SIGNATURE macros.
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
Building on the previous patch, raise the maximal count of processor
objects / NTFY branches / CPON elements from 255 to 256. This allows the
VCPU with APIC ID 0xFF to be hotplugged.
Signed-off-by: Laszlo Ersek <lersek@redhat.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
commit 9bcc80cd71
i386/acpi-build: allow more than 255 elements in CPON
Replaces 0x1 with a smaller One constant.
rebuild expected SSDT.
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
The build_ssdt() function builds a number of AML objects that are related
to CPU hotplug, and whose IDs form a contiguous sequence of APIC IDs.
(APIC IDs are in fact discontiguous, but this is the traditional
interface: build a contiguous sequence from zero up that covers all
possible APIC IDs.) These objects are:
- a Processor() object for each VCPU,
- a NTFY method, with one branch for each VCPU,
- a CPON package with one element (hotplug status byte) for each VCPU.
The build_ssdt() function currently limits the *count* of processor
objects, and NTFY branches, and CPON elements, in 0xFF (see the assignment
to "acpi_cpus"). This allows for an inclusive APIC ID range of [0..254].
This is incorrect, because the highest APIC ID that we otherwise allow a
VCPU to take is 255.
In order to extend the maximum count to 256, and the traversed APIC ID
range correspondingly to [0..255]:
- the Processor() objects need no change,
- the NTFY method also needs no change,
- the CPON package must be updated, because it is defined with a
DefPackage, and the number of elements in such a package can be at most
255. We pick a DefVarPackage instead.
We replace the Op byte, and the encoding of the number of elements.
Compare:
DefPackage := PackageOp PkgLength NumElements PackageElementList
DefVarPackage := VarPackageOp PkgLength VarNumElements PackageElementList
PackageOp := 0x12
VarPackageOp := 0x13
NumElements := ByteData
VarNumElements := TermArg => Integer
The build_append_int() function implements precisely the following TermArg
encodings (a subset of what the ACPI spec describes):
TermArg := DataObject
DataObject := ComputationalData
ComputationalData := ConstObj | ByteConst | WordConst | DWordConst
directly encoded in the function, with build_append_byte():
ConstObj := ZeroOp | OneOp
ZeroOp := 0x00
OneOp := 0x01
call to build_append_value(..., 1):
ByteConst := BytePrefix ByteData
BytePrefix := 0x0A
ByteData := 0x00 - 0xFF
call to build_append_value(..., 2):
WordConst := WordPrefix WordData
WordPrefix := 0x0B
WordData := ByteData[0:7] ByteData[8:15]
call to build_append_value(..., 4):
DWordConst := DWordPrefix DWordData
DWordPrefix := 0x0C
DWordData := WordData[0:15] WordData[16:31]
Signed-off-by: Laszlo Ersek <lersek@redhat.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
This changes the PC initialization code to reject max_cpus if it results
in an APIC ID that's too large, instead of aborting or erroring out when
it is already too late.
Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
Reviewed-by: Laszlo Ersek <lersek@redhat.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
MAX_CPUMASK_BITS is a limit for max_cpus and CPU indexes, not for APIC
IDs.
ACPI_CPU_HOTPLUG_ID_LIMIT is the right macro for the limit on APIC IDs
on the ACPI and CPU hotplug code.
There are no functional changes introduced by this patch, as
MAX_CPUMASK_BITS + 1 == 255 + 1 == 256 == ACPI_CPU_HOTPLUG_ID_LIMIT.
Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
Reviewed-by: Laszlo Ersek <lersek@redhat.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
AcpiCpuHotplug_add() can't handle vCPU arch IDs larger than
ACPI_CPU_HOTPLUG_ID_LIMIT. Instead of corrupting memory in case the vCPU
ID is too large, use g_assert() to ensure we are not over the limit.
Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
Reviewed-by: Laszlo Ersek <lersek@redhat.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
The ACPI CPU hotplug code requires APIC IDs to be smaller than
ACPI_CPU_HOTPLUG_ID_LIMIT, so enforce the limit before trying to hotplug
a new vCPU, returning an error instead of crashing.
Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
Reviewed-by: Laszlo Ersek <lersek@redhat.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
The new macro will be helpful to allow us to detect too large SMP limits
before it is too late.
Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
Reviewed-by: Laszlo Ersek <lersek@redhat.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
this fixes invalid rectangle updates observed after commit 12b316d
with the vmware VGA driver. The issues occured because the server
and client surface update seems to be out of sync at some points
and the max width of the surface is not dividable by
VNC_DIRTY_BITS_PER_PIXEL (16).
Reported-by: Serge Hallyn <serge.hallyn@ubuntu.com>
Signed-off-by: Peter Lieven <pl@kamp.de>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
4 small patches:
- Fixing findings of valgrind regarding minor memory leaks:
Currently we forget the pointer of qemu_allocate_irqs. Since we never
free the irqs, this is not critical, but obviously not good programming
style. While we are at it, we dont need the irq infrastructure for
the sclp consoles.
- Handle new ELF error codes for BIOS loading
# gpg: Signature made Mon 17 Mar 2014 21:34:12 GMT using RSA key ID B5A61C7C
# gpg: Can't check signature: public key not found
* remotes/borntraeger/tags/kvm-s390-20140317:
s390x/sclpconsole-lm: Fix and simplify irq setup
s390x/sclpconsole: Fix and simplify interrupt injection
s390x/cpu hotplug: Fix memory leak
s390/ipl: Fix error path on BIOS loading
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
valgrind complains about a memory leak in irq setup of sclpconsole:
==42117== 8 bytes in 1 blocks are definitely lost in loss record 89of 833
==42117== at 0x4031AFE: malloc (vg_replace_malloc.c:292)
==42117== by 0x8022F855: malloc_and_trace (vl.c:2715)
==42117== by 0x4145569: g_malloc (in /usr/lib64/libglib-2.0.so.0.3400.2)
==42117== by 0x800F696D: qemu_extend_irqs (irq.c:51)
==42117== by 0x800F6AF7: qemu_allocate_irqs (irq.c:68)
==42117== by 0x800F5685: console_init (sclpconsole.c:235)
==42117== by 0x80297C79: event_realize (event-facility.c:386)
==42117== by 0x80105071: device_set_realized (qdev.c:693)
==42117== by 0x801CDC4B: property_set_bool (object.c:1337)
==42117== by 0x801CBD7F: object_property_set (object.c:819)
[...]
We dont need the indirection of an qemu irq to inject an slcp interrupt.
Fixes a valgrind error and makes the code simpler.
Signed-off-by: Christian Borntraeger <borntraeger@de.ibm.com>
Acked-by: Heinz Graalfs <graalfs@linux.vnet.ibm.com>
valgrind complains about a memory leak in irq setup of sclpconsole:
==42117== 8 bytes in 1 blocks are definitely lost in loss record 89 of 833
==42117== at 0x4031AFE: malloc (vg_replace_malloc.c:292)
==42117== by 0x8022F855: malloc_and_trace (vl.c:2715)
==42117== by 0x4145569: g_malloc (in /usr/lib64/libglib-2.0.so.0.3400.2)
==42117== by 0x800F696D: qemu_extend_irqs (irq.c:51)
==42117== by 0x800F6AF7: qemu_allocate_irqs (irq.c:68)
==42117== by 0x800F5685: console_init (sclpconsole.c:235)
==42117== by 0x80297C79: event_realize (event-facility.c:386)
==42117== by 0x80105071: device_set_realized (qdev.c:693)
==42117== by 0x801CDC4B: property_set_bool (object.c:1337)
==42117== by 0x801CBD7F: object_property_set (object.c:819)
[...]
Turns out that we actually dont need the indirection, so trigger the
sclp interrupt directly.
Signed-off-by: Christian Borntraeger <borntraeger@de.ibm.com>
Acked-by: Heinz Graalfs <graalfs@linux.vnet.ibm.com>
valgrind complains about the following:
==42117== 8 bytes in 1 blocks are definitely lost in loss record 88 of 833
==42117== at 0x4031AFE: malloc (vg_replace_malloc.c:292)
==42117== by 0x8022F855: malloc_and_trace (vl.c:2715)
==42117== by 0x4145569: g_malloc (in /usr/lib64/libglib-2.0.so.0.3400.2)
==42117== by 0x800F696D: qemu_extend_irqs (irq.c:51)
==42117== by 0x800F6AF7: qemu_allocate_irqs (irq.c:68)
==42117== by 0x8029FA4B: irq_cpu_hotplug_init (sclpcpu.c:84)
==42117== by 0x80297C79: event_realize (event-facility.c:386)
==42117== by 0x80105071: device_set_realized (qdev.c:693)
[...]
Right it is. Don't drop the pointer of the irq.
Signed-off-by: Christian Borntraeger <borntraeger@de.ibm.com>
Reviewed-by: Jason J. Herne <jjherne@us.ibm.com>
commit 18674b2678
(elf-loader: add more return codes) enabled the elf loader to return
other errors than -1.
Lets also handle that case for our "BIOS" on s390.
Signed-off-by: Christian Borntraeger <borntraeger@de.ibm.com>
CC: Alexey Kardashevskiy <aik@ozlabs.ru>
CC: Alexander Graf <agraf@suse.de>
All of the helpers with the explicit big/little endian option
require the return address as a parameter. Acquire this via
a trampoline.
Move the load of areg0 into the trampoline.
Signed-off-by: Richard Henderson <rth@twiddle.net>
Pass address registers explicitly, rather than as indicies of args[].
It's two argument registers either way. Use more TCGReg as appropriate.
Signed-off-by: Richard Henderson <rth@twiddle.net>
We were computing the full address into %o0 and then not using it.
Adjust some of the computation to rely less on having to pull immediate
values into registers.
Signed-off-by: Richard Henderson <rth@twiddle.net>
This adds support for [UF]RSQRTE instructions. It utilises the existing
NEON helpers with some changes. The changes include an explicit passing
of fpstatus (so the correct one is used between arm32 and aarch64),
denormilzation, more correct error handling and also proper scaling of
the fraction going into the estimate.
Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
Reviewed-by: Richard Henderson <rth@twiddle.net>
Message-id: 1394822294-14837-25-git-send-email-peter.maydell@linaro.org
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Implement the FCVTXN operation, which does a narrowing fp precision
conversion using the "round to odd" (von Neumann) mode. This can
conveniently be implemented as "do operation using round to zero;
then set the LSB of the mantissa to 1 if the Inexact flag was set".
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Richard Henderson <rth@twiddle.net>
Message-id: 1394822294-14837-24-git-send-email-peter.maydell@linaro.org
Implement URECPE and FRECPE instructions in both scalar and vector forms.
The actual reciprocal estimate function is shared with the A32/T32 Neon
code. However in A64 we aren't using the Neon "standard FPSCR value"
so extra checks are necessary to handle non-squashed denormal inputs
which can never happen for A32/T32. Calling conventions for the helpers
are thus modified to pass the fpst directly; we mark the helpers as
TCG_CALL_NO_RWG since we're changing the declarations anyway.
Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Richard Henderson <rth@twiddle.net>
Message-id: 1394822294-14837-21-git-send-email-peter.maydell@linaro.org
This implements the remaining [US][Q][R]SHR[U][N][2] opcodes, which are
saturating and narrowing shift right operations. These are used in
things like libav. Note signed shifts can have an "unsigned" saturating
narrow operation which will floor negative values.
Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
Reviewed-by: Richard Henderson <rth@twiddle.net>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Message-id: 1394822294-14837-7-git-send-email-peter.maydell@linaro.org
[PMM: Added the scalar encodings, style tweaks]
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Implement the PMULL instruction; this is the last unimplemented insn
in the three-reg-diff group.
Note that PMULL with size 3 is considered part of the AES part
of the crypto extensions (see the ID_AA64ISAR0_EL1 register definition
in the v8 ARM ARM), so it isn't necessary to burn an extra feature
bit on it, even though we're using more feature bits than a single
"crypto extension present/not present" toggle.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Richard Henderson <rth@twiddle.net>
Message-id: 1394822294-14837-2-git-send-email-peter.maydell@linaro.org
If the CPU is a Cortex-A9 then we should set its reset-cbar property
so that the guest can read the correct PERIPHBASE/CBAR register value;
newer versions of the Linux kernel (as of commit bc41b8724 in 3.12)
will otherwise assume the CPU is a buggy single core A9 SoC. The
realview-pbx-a9 is the only one of the cluster of boards in realview.c
which works with the Cortex-A9 (ie which gets an a9mpcore_priv device);
make sure it also has reset-cbar set correctly.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Peter Crosthwaite <peter.crosthwaite@xilinx.com>
Message-id: 1394462692-8871-3-git-send-email-peter.maydell@linaro.org
Newer versions of the Linux kernel (as of commit bc41b8724 in 3.12)
now assume that if the CPU is a Cortex-A9 and the reset value of the
PERIPHBASE/CBAR register is zero then the CPU is a specific buggy
single core A9 SoC, and will not try to start other cores. Since we
now have a CPU property for the reset value of the CBAR, we can
just fix the vexpress board model to correctly set CBAR so SMP
works again. To avoid duplicate boilerplate code in both the A9
and A15 daughterboard init functions, we split out the CPU and
private memory region init to its own function.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reported-by: Rob Herring <rob.herring@linaro.org>
Reviewed-by: Peter Crosthwaite <peter.crosthwaite@xilinx.com>
Message-id: 1394462692-8871-2-git-send-email-peter.maydell@linaro.org
gtk: warp bugfixes.
gtk: Allow to activate grab-on-hover from the command line
# gpg: Signature made Mon 17 Mar 2014 13:35:35 GMT using RSA key ID D3E87138
# gpg: Good signature from "Gerd Hoffmann (work) <kraxel@redhat.com>"
# gpg: aka "Gerd Hoffmann <gerd@kraxel.org>"
# gpg: aka "Gerd Hoffmann (private) <kraxel@gmail.com>"
* remotes/kraxel/tags/pull-gtk-3:
gtk: Don't warp absolute pointer
gtk: Fix mouse warping with gtk3
gtk: Allow to activate grab-on-hover from the command line
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
We were using the wrong coordinates, this fixes things to match the
original gtk2 implementation.
You can see this error in action by using -vga qxl, however even after this
patch the mouse warps in small increments up and to the left, -7x and -3y
pixels at a time, until the pointer is warped off the widget. I think it's
a qxl bug, but the next patch covers it up.
Signed-off-by: Cole Robinson <crobinso@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
As long as we have no persistent GTK configuration, this allows to
enable the useful grab-on-hover feature already when starting the VM.
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
[ kraxel: fix warning with CONFIG_GTK=n ]
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Implement the capget and capset syscalls. This is useful because
simple programs like 'ls' try to use it in AArch64, and otherwise
we emit a lot of noise about it being unimplemented.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Riku Voipio <riku.voipio@linaro.org>
Output error message using qemu's error_report() function when user
provides the invalid machine type on the command line. This also saves
time to find what issue is when you downgrade from one version of qemu
to another that doesn't support required machine type yet (the version
user downgraded to have to have this patch applied too, of course).
Signed-off-by: Miroslav Rezanina <mrezanin@redhat.com>
[Replace printf with error_printf, suggested by Markus Armbruster. - Paolo]
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Two missing braces, one close and one open, fabulously let the code
compile.
Reviewed-by: Richard Henderson <rth@twiddle.net>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
There are two issues in qemu-nbd: a missing return value check after
calling accept(), and file descriptor leaks in nbd_client_thread.
Reviewed-by: Markus Armbruster <armbru@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
This fixes a dangerous bug: "make clean" after "make distclean" will
delete every single file including those under .git, if you do in-tree
build!
Rationale: A first "make distclean" will unset $(DSOSUF), a following
"make distclean" or "make clean" will find all the files and delete it.
Fix it by explicitly typing the file extensions here, and combine
multiple find invocations into one.
Signed-off-by: Fam Zheng <famz@redhat.com>
Message-id: 1395020122-4957-1-git-send-email-famz@redhat.com
Reviewed-by: Stefan Weil <sw@weilnetz.de>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Don't allow the linux-user guest to block SIGSEGV -- QEMU needs this
signal to detect accesses to pages which it has marked read-only
because it has cached translated code from them.
We implement this by making the do_sigprocmask() wrapper suppress
SIGSEGV when doing the host process signal mask manipulation; instead
we store the current state of SIGSEGV in the TaskState struct.
If we get a SIGSEGV for the guest when the guest has blocked the
signal, we treat it as if the default SEGV handler was in place,
as the kernel does for forced SIGSEGV delivery.
This patch is based on an idea by Alex Barcelo, but rather than
simply lying to the guest about the SIGSEGV state we track it.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reported-by: Alex Barcelo <abarcelo@ac.upc.edu>
Signed-off-by: Riku Voipio <riku.voipio@linaro.org>
Create a wrapper for signal mask changes initiated by the guest;
(this includes syscalls and also the sigreturns from signal.c)
this will give us a place to put code which prevents the guest
from changing the handling of signals used by QEMU itself
internally.
The wrapper is called from all the guest-initiated sigprocmask, but
is not called from internal qemu sigprocmask calls.
Signed-off-by: Alex Barcelo <abarcelo@ac.upc.edu>
[PMM: Added calls to wrapper for sigprocmask uses in signal.c
when setting the signal mask on entry and exit from signal
handlers, since these also are guest-provided signal masks.]
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Riku Voipio <riku.voipio@linaro.org>
AArch64 Linux, unlike AArch32, doesn't use a commpage. This means we
should not be reserving room in the guest address space for one.
Fixes LP:1287195.
Reported-by: Amanieu d'Antras <amanieu@gmail.com>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Riku Voipio <riku.voipio@linaro.org>
F_GETOWN is replaced by F_GETOWN_EX inside the glibc fcntl wrapper
Signed-off-by: Andreas Schwab <schwab@suse.de>
Signed-off-by: Riku Voipio <riku.voipio@linaro.org>
QEMU's implementation of the m68k atomic_barrier syscall, like the kernel's,
is just a no-op. However we still need to return a result code from it.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Riku Voipio <riku.voipio@linaro.org>
The error path in AArch64 do_rt_sigreturn() which fails before
attempting lock_user_struct() was doing an unlock_user_struct()
on an uninitialized variable. Initialize frame to NULL so we
can use the same error-exit path in all cases (unlock of NULL
is permitted and does nothing).
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Riku Voipio <riku.voipio@linaro.org>
trivial patches for 2014-03-15
# gpg: Signature made Sat 15 Mar 2014 09:54:30 GMT using RSA key ID 74F0C838
# gpg: Good signature from "Michael Tokarev <mjt@tls.msk.ru>"
# gpg: aka "Michael Tokarev <mjt@corpit.ru>"
# gpg: aka "Michael Tokarev <mjt@debian.org>"
# gpg: WARNING: This key is not certified with a trusted signature!
# gpg: There is no indication that the signature belongs to the owner.
# Primary key fingerprint: 6EE1 95D1 886E 8FFB 810D 4324 457C E0A0 8044 65C5
# Subkey fingerprint: E190 8639 3B10 B51B AC2C 8B73 5253 C5AD 74F0 C838
* remotes/mjt/tags/trivial-patches-2014-03-15:
FSL eTSEC: Fix typo in rx ring
scripts/make-release: Don't distribute .git directories
configure: Don't use __int128_t for clang versions before 3.2
audio: Add 'static' attributes to several variables
tests: Fix 'make test' for i686 hosts (build regression)
misc: Fix typos in comments
Add qga/qapi-generated to .gitignore
hw/timer/grlib_gptimer: Avoid integer overflows
.travis.yml: add IRC notifications for build failures
.travis.yml: trivial whitespace fixup
.travis.yml: re-enable lttng user space trace test
.travis.yml: add a new build target with non-core devlibs
sasl: Avoid 'Could not find keytab file' in syslog
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
* remotes/rth/tcg-aarch-6-2:
tcg-aarch64: Introduce tcg_out_insn_3405
tcg-aarch64: Support div, rem
tcg-aarch64: Support muluh, mulsh
tcg-aarch64: Support add2, sub2
tcg-aarch64: Support deposit
tcg-aarch64: Use tcg_out_insn for setcond
tcg-aarch64: Support movcond
tcg-aarch64: Support andc, orc, eqv, not, neg
tcg-aarch64: Handle constant operands to and, or, xor
tcg-aarch64: Handle constant operands to add, sub, and compare
tcg-aarch64: Implement mov with tcg_out_insn
tcg-aarch64: Introduce tcg_out_insn_3401
tcg-aarch64: Convert shift insns to tcg_out_insn
tcg-aarch64: Introduce tcg_out_insn
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
'make test' is broken at least since commit
baacf04799. Several source files were moved
to util/, and some of them there split, so add the missing prefix and new
files to fix the compiler and linker errors.
There remain more issues, but these changes allow running the test on a
Linux i686 host.
Cc: qemu-stable@nongnu.org
Signed-off-by: Stefan Weil <sw@weilnetz.de>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
Codespell found and fixed these new typos:
* doesnt -> doesn't
* funtion -> function
* perfomance -> performance
* remaing -> remaining
A coding style issue (line too long) was fixed manually.
Signed-off-by: Stefan Weil <sw@weilnetz.de>
Reviewed-by: Andreas Färber <afaerber@suse.de>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
The folder "qga/qapi-generated" shows up after building QEMU, and
gets in the way during e.g. "git add ."; Add it to .gitignore to
keep it from accidentally ending up in the wrong place.
Signed-off-by: Gabriel Somlo <somlo@cmu.edu>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
The GPTIMER uses 32-bit registers. Use a 64-bit operation to get the
ptimer count, otherwise we end up with a count of 0 for GPTIMER counter
values of 0xffffffff.
Use the GPTIMER counter value for tracing to avoid an overflow of the
32-bit value passed to trace_grlib_gptimer_enable().
Reviewed-by: Fabien Chouteau <chouteau@adacore.com>
Signed-off-by: Sebastian Huber <sebastian.huber@embedded-brains.de>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
I'm trying to avoid spamming the IRC channel (not overly likely as
builds take a while). So failure will always be reported but if the
build continues to work then the IRC notifications will be quiet.
Note any GitHub based repository with Travis enabled will use this
notification. If it proves to be too spammy we may want to ask users not
to use Travis themselves although this seems sub-optimal.
Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
This build was disabled while the lttng tracing was broken. Stefan has
recently submitted a pull request with it re-enabled.
Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
The current builds don't include all the features which are
auto-detected and then disabled when the appropriate test packages don't
exist. I've added another target that enables all known additional
packages for increased coverage. I didn't add it to the core package
list to reduce build time.
Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
The "keytab" specification in "qemu.sasl" only makes sense if "gssapi" is
selected in "mech_list". Even if the latter is not done (ie. "gssapi" is
not selected), the cyrus-sasl library tries to open the specified keytab
file, although nothing has a use for it outside the gssapi backend.
Since the default keytab file "/etc/qemu/krb5.tab" is usually absent, the
cyrus-sasl library emits a warning to syslog at startup, which tends to
annoy users (who didn't ask for gssapi in the first place).
Comment out the keytab specification per default.
"qemu-doc.texi" already correctly explains how to use "mech_list: gssapi"
together with "keytab:".
See also:
- upstream libvirt commit fe772f24,
- Red Hat Bugzilla <https://bugzilla.redhat.com/show_bug.cgi?id=1018434>.
Signed-off-by: Laszlo Ersek <lersek@redhat.com>
ACKed-By: Cole Robinson <crobinso@redhat.com>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
Block pull request
# gpg: Signature made Fri 14 Mar 2014 16:12:14 GMT using RSA key ID 81AB73C8
# gpg: Good signature from "Stefan Hajnoczi <stefanha@redhat.com>"
# gpg: aka "Stefan Hajnoczi <stefanha@gmail.com>"
# gpg: WARNING: This key is not certified with a trusted signature!
# gpg: There is no indication that the signature belongs to the owner.
# Primary key fingerprint: 8695 A8BF D3F9 7CDA AC35 775A 9CA4 ABB3 81AB 73C8
* remotes/stefanha/tags/block-pull-request:
qemu-iotests: remove 085 and 087 from 'quick' group
qemu-iotests: add 083 NBD client disconnect tests
tests: add nbd-fault-injector.py utility
nbd: close socket if connection breaks
block: Explicitly specify 'unsigned long long' for VHDX 64-bit constants
blockdev: Refuse to open encrypted image unless paused
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
* remotes/bonzini/scsi-next:
virtio-scsi: actually honor sense_size from configuration space
scsi: Fix migration of scsi sense data
spapr-vscsi: fix CRQ status
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Clean up multiply at the same time.
For remainder, generic code will produce mul+sub,
whereas we can implement with msub.
Signed-off-by: Richard Henderson <rth@twiddle.net>
Reviewed-by: Claudio Fontana <claudio.fontana@huawei.com>
Tested-by: Claudio Fontana <claudio.fontana@huawei.com>
Handle a simplified set of logical immediates for the moment.
The way gcc and binutils do it, with 52k worth of tables, and
a binary search depth of log2(5334) = 13, seems slow for the
most common cases.
Signed-off-by: Richard Henderson <rth@twiddle.net>
Reviewed-by: Claudio Fontana <claudio.fontana@huawei.com>
Tested-by: Claudio Fontana <claudio.fontana@huawei.com>
The 'quick' group in qemu-iotests are not allowed to run QEMU since we
don't know which targets are available. In other words, they may only
use qemu-img, qemu-io, and qemu-nbd.
Drop 085 and 087 from the 'quick' group since they run QEMU. This
makes "make check-block" pass again.
Reported-by: Markus Armbruster <armbru@redhat.com>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
This new test case uses nbd-fault-injector.py to simulate broken TCP
connections at each stage in the NBD protocol. This way we can exercise
block/nbd-client.c's socket error handling code paths.
In particular, this serves as a regression test to make sure
nbd-client.c doesn't cause an infinite loop by leaving its
nbd_receive_reply() fd handler registered after the connection has been
closed. This bug was fixed in an earlier patch.
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
The nbd-fault-injector.py script is a special kind of NBD server. It
throws away all writes and produces zeroes for reads. Given a list of
fault injection rules, it can simulate NBD protocol errors and is useful
for testing NBD client error handling code paths.
See the patch for documentation. This scripts is modelled after Kevin
Wolf <kwolf@redhat.com>'s blkdebug block driver.
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
nbd_receive_reply() is called by the event loop whenever data is
available or the socket has been closed by the remote side.
This patch closes the socket when an error occurs to prevent the
nbd_receive_reply() handler from being called indefinitely after the
connection has failed.
Note that we were already correctly returning EIO for pending requests
but leaving the nbd_receive_reply() handler registered resulted in high
CPU consumption and a flood of error messages.
Reuse nbd_teardown_connection() to close the socket.
Reported-by: Zhifeng Cai <bluewindow@h3c.com>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
On 32-bit hosts, some compilers will warn on too large integer constants
for constants that are 64-bit in length. Explicitly put a 'ULL' suffix
on those defines.
Reported-by: Alexander Graf <agraf@suse.de>
Signed-off-by: Jeff Cody <jcody@redhat.com>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
Opening an encrypted image takes an additional step: setting the key.
Between open and the key set, the image must not be used.
We have some protection against accidental use in place: you can't
unpause a guest while we're missing keys. You can, however, hot-plug
block devices lacking keys into a running guest just fine, or insert
media lacking keys. In the latter case, notifying the guest of the
insert is delayed until the key is set, which may suffice to protect
at least some guests in common usage.
This patch makes the protection apply in more cases, in a rather
heavy-handed way: it doesn't let you open encrypted images unless
we're in a paused state.
It doesn't extend the protection to users other than the guest (block
jobs?). Use of runstate_check() from block.c is disgusting. Best I
can do right now.
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Reviewed-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
c5f52875 changed the size of sense array in vmstate_scsi_device by
mistake. This patch restores the old size, and add a subsection for the
remaining part of the buffer size. So that migration is not broken.
Signed-off-by: Fam Zheng <famz@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Normally VIOSRP_OK (0) means success and non-zero value means error
except VIOSRP_OK2 (0x99) which is another success code by weird accident.
This uses 0 as success code always as some guests do not cope with
the 0x99 value well. The existing linux driver checks for both VIOSRP_OK
and VIOSRP_OK2 since 2.6.32.
This returns non-zero code (VIOSRP_ADAPTER_FAIL == 0x10) on errors which
can only happen if DMA write failed.
Suggested-by: Benjamin Herrenschmidt <benh@kernel.crashing.org>
Signed-off-by: Alexey Kardashevskiy <aik@ozlabs.ru>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
PowerPC queue for 2.0
* Fixes for -device VGA
# gpg: Signature made Thu 13 Mar 2014 19:57:12 GMT using RSA key ID 3E7E013F
# gpg: Good signature from "Andreas Färber <afaerber@suse.de>"
# gpg: aka "Andreas Färber <afaerber@suse.com>"
* remotes/afaerber/tags/ppc-for-2.0:
spapr: Fix return value of vga initialization
Fix vga_interface_type for command line argument '-device VGA'
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
When running under qtest we don't actually have any vcpu threads
to be starved, so the warning about the I/O thread spinning isn't
relevant, and the way qtest manipulates the simulated clock means
the warning is produced a lot as a false positive. Suppress it if
qtest_enabled(), so 'make check' output is less noisy.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com>
Signed-off-by: Andreas Färber <afaerber@suse.de>
If an assertion fails during qtest_init() the SIGABRT handler is
invoked. This is the correct behavior since we need to kill the QEMU
process to avoid leaking it when the test dies.
The global_qtest pointer used by the SIGABRT handler is currently only
assigned after qtest_init() returns. This results in a segfault if an
assertion failure occurs during qtest_init().
Move global_qtest assignment inside qtest_init(). Not pretty but let's
face it - the signal handler depends on global state.
Reported-by: Marcel Apfelbaum <marcel.a@redhat.com>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
Tested-by: Marcel Apfelbaum <marcel.a@redhat.com>
Signed-off-by: Andreas Färber <afaerber@suse.de>
A test is only as good as its coverage - testing virtserialport in
addition to virtconsole showed that commit
0399a3819b (virtio-console: QOM cast
cleanup for VirtConsole) broke virtserialport.
Acked-by: Richard W.M. Jones <rjones@redhat.com>
Signed-off-by: Andreas Färber <afaerber@suse.de>
Commit 0399a3819b (virtio-console: QOM
cast cleanup for VirtConsole) broke virtserialport since it shares
functions and state struct with virtconsole. Let virtconsole inherit
from virtserialport, and use virtserialport type for casting.
Note that virtio-serial-port is the abstract base type in
virtio-serial-bus.c, whereas virtserialport is the user-instantiatable
type in virtio-console.c. Therefore using TYPE_VIRTIO_CONSOLE_SERIAL_PORT.
Reported-by: Richard W.M. Jones <rjones@redhat.com>
Acked-by: Richard W.M. Jones <rjones@redhat.com>
Signed-off-by: Andreas Färber <afaerber@suse.de>
Before spapr_vga_init will returned false if the vga is specified by
the command '-device VGA' because vga_interface_type was evaluated to
VGA_NONE. With the change in previous patch of this series,
spapr_vga_init should return true if it's told that the vga will be
initialized in flow of the generic devices initialization.
To keep '-nodefaults' have the semantics of bare minimum, it adds a
check of 'has_defaults' in usb_enabled() to avoid that a USB controller
is added by '-nodefautls, -device VGA' implicitly.
This patch also makes two cleanups:
1. skip initialization for VGA_NONE
2. remove the useless 'break'
Suggested-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Mark Wu <wudxw@linux.vnet.ibm.com>
Reviewed-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Andreas Färber <afaerber@suse.de>
Some machine (like pseries) initialization code determines if it has
graphics according to vga_interface_type. In the original code,
vga_interface_type is evaluated to VGA_NONE even if a VGA is added
via '-device VGA'. It causes the machine not aware of the graphics
device configured. Add a new VGA device type to indicate that it has a
VGA device, which will be initialized in QOM device initialization.
Suggested-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Mark Wu <wudxw@linux.vnet.ibm.com>
Reviewed-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Andreas Färber <afaerber@suse.de>
Raven datasheet explains where firmware lives in system memory, so do
it there instead of in board code. Other boards using the same PCI
host will not have to copy the firmware loading code.
Signed-off-by: Hervé Poussineau <hpoussin@reactos.org>
[AF: Drop BIOS size workaround in favor of replacing our firmware blob]
Signed-off-by: Andreas Färber <andreas.faerber@web.de>
Most targets were using offsetof(CPUFooState, breakpoints) to determine
how much of CPUFooState to clear on reset. Use the next field after
CPU_COMMON instead, if any, or sizeof(CPUFooState) otherwise.
Signed-off-by: Andreas Färber <afaerber@suse.de>
Note that while such functions may exist both for *-user and softmmu,
only *-user uses the CPUState hook, while softmmu reuses the prototype
for calling it directly.
Signed-off-by: Andreas Färber <afaerber@suse.de>
Remove the custom qemu_assert() function defined by target-m68k/translate.c
in favour of either using glib g_assert_not_reached() (for the genuinely
can't-happen cases) or cpu_abort() (for the "this isn't implemented",
in line with other unimplemented cases in the target).
This has the benefit of silencing some clang warnings about
variables used while uninitialized (which are emitted because
clang can't figure out that qemu_assert(0, something) never
returns.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Andreas Färber <afaerber@suse.de>
All targets using it gain the ability to set -cpu name,key=value,...
options via the default TYPE_CPU CPUClass::parse_features() implementation.
Signed-off-by: Andreas Färber <afaerber@suse.de>
CPUs who do not provide their own implementation of feature parsing
will treat each option as a QOM property and set it to the supplied
value.
Signed-off-by: Andreas Färber <afaerber@suse.de>
Factor cpu_model parsing out of cpu_sparc_find_by_name() by passing
cpu_sparc_find_by_name() the name portion only and calling
CPUClass::parse_features() from cpu_sparc_register() afterwards.
Tested-by: Mark Cave-Ayland <mark.cave-ayland@ilande.co.uk>
Signed-off-by: Andreas Färber <afaerber@suse.de>
Adapt the X86CPU implementation to suit the generic hook.
This involves a cleanup of error handling to cope with NULL errp.
Reviewed-by: Igor Mammedov <imammedo@redhat.com>
Signed-off-by: Andreas Färber <afaerber@suse.de>
Register separate QOM types for each x86 CPU model.
This will allow management code to more easily probe what each CPU model
provides, by simply creating objects using the appropriate class name,
without having to restart QEMU.
This also allows us to eliminate the qdev_prop_set_globals_for_type()
hack to set CPU-model-specific global properties.
Instead of creating separate class_init functions for each class, I just
used class_data to store a pointer to the X86CPUDefinition struct for
each CPU model. This should make the patch shorter and easier to review.
Later we can gradually convert each X86CPUDefinition field to lists of
per-class property defaults.
The "host" CPU model is special, as the feature flags depend on KVM
being initialized. So it has its own class_init and instance_init
function, and feature flags are set on instance_init instead of
class_init.
Signed-off-by: Andreas Färber <afaerber@suse.de>
Signed-off-by: Igor Mammedov <imammedo@redhat.com>
Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
Reviewed-by: Eduardo Habkost <ehabkost@redhat.com>
Tested-by: Eduardo Habkost <ehabkost@redhat.com>
[AF: Limit the host CPU type to CONFIG_KVM as build fix]
Signed-off-by: Andreas Färber <afaerber@suse.de>
When on KVM mode, enable x2apic by default on all CPU models.
Normally we try to keep the CPU model definitions as close as the real
CPUs as possible, but x2apic can be emulated by KVM without host CPU
support for x2apic, and it improves performance by reducing APIC access
overhead. x2apic emulation is available on KVM since 2009 (Linux
2.6.32-rc1), there's no reason for not enabling x2apic by default when
running KVM.
Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
Acked-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Andreas Färber <afaerber@suse.de>
Instead of the feature-specific disable_kvm_pv_eoi() function, create a
more general function that can be used to disable other feature bits in
machine-type compat code.
Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
Acked-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Andreas Färber <afaerber@suse.de>
We will later make the KVM-specific code affect other feature words,
too.
Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
Acked-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Andreas Färber <afaerber@suse.de>
Some of my recent changes introduced variable declarations in the middle
of code blocks.
Fix the code so that it compiles without warnings when using
-Wdeclaration-after-statement.
Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
Signed-off-by: Andreas Färber <afaerber@suse.de>
As the new X86CPU subclass code is going to change lots of the code
invoving x86_def_t, let's rename the struct to match coding style first.
Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
Reviewed-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Andreas Färber <afaerber@suse.de>
As we will initialize the X86CPU fields on instance_init eventually,
move the code that initializes the X86CPU data based on the CPU model
name closer to the object_new() call.
Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
Signed-off-by: Andreas Färber <afaerber@suse.de>
There isn't any kind of "registration" involved in cpu_x86_register()
anymore: it is simply looking up a CPU model name and loading the model
definition data into the X86CPU object. Rename it to x86_cpu_load_def()
to reflect what it does.
Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
Reviewed-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Andreas Färber <afaerber@suse.de>
Default to false.
Tidy variable naming and inline cast uses while at it.
Tested-by: Jia Liu <proljc@gmail.com> (or32)
Signed-off-by: Andreas Färber <afaerber@suse.de>
cpu->exit_request is part of the execution environment and should
not be cleared when a CPU resets.
Otherwise, we might deadlock QEMU if a CPU resets while there is
I/O going on.
Signed-off-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Andreas Färber <afaerber@suse.de>
The "host_device" protocol driver should strip the "host_device:" prefix
from filenames if present.
Signed-off-by: Max Reitz <mreitz@redhat.com>
Reviewed-by: Benoit Canet <benoit@irqsave.net>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
The hdev_create() implementation in block/raw-posix.c is used by the
"host_device", "host_cdrom" and "host_floppy" protocol block drivers
together. Thus, any of the associated prefixes may occur and exactly one
should should be stripped, if it does (thus,
"host_device:host_cdrom:/dev/cdrom" is not shortened to "/dev/cdrom").
Signed-off-by: Max Reitz <mreitz@redhat.com>
Reviewed-by: Benoit Canet <benoit@irqsave.net>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
The "host_cdrom" protocol drivers should strip the "host_cdrom:" prefix
from filenames if present.
Signed-off-by: Max Reitz <mreitz@redhat.com>
Reviewed-by: Benoit Canet <benoit@irqsave.net>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
The "host_floppy" protocol driver should strip the "host_floppy:" prefix
from filenames if present.
Signed-off-by: Max Reitz <mreitz@redhat.com>
Reviewed-by: Benoit Canet <benoit@irqsave.net>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
The "host_device" protocol driver should strip the "host_device:" prefix
from filenames if present.
Signed-off-by: Max Reitz <mreitz@redhat.com>
Reviewed-by: Benoit Canet <benoit@irqsave.net>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
Smatch complains about several global symbols which should be local.
Add the missing 'static' attributes and move the 'extern' declaration
of variable qemuio_misalign to qemu-io.h. This variable also changes
the type from 'int' to 'bool' which better fits documents its use.
Signed-off-by: Stefan Weil <sw@weilnetz.de>
Acked-by: Stefan Hajnoczi <stefanha@redhat.com>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
If the image file cannot be opened and was created as a temporary file,
it should be deleted; thus, in this case, we should jump to the
"unlink_and_fail" label and not just to "fail".
Reported-by: Benoît Canet <benoit@irqsave.net>
Signed-off-by: Max Reitz <mreitz@redhat.com>
Acked-by: Stefan Hajnoczi <stefanha@redhat.com>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
qcow2_open() causes writes when repairing an image with the dirty flag
set and when clearing autoclear flags. It shouldn't do this when another
qemu instance is still actively working on this image file.
One effect of the bug is that images may have a cleared dirty flag while
the migration source host still has it in use with lazy refcounts
enabled, so refcounts are not accurate and the dirty flag must remain
set.
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
Instead of manually building a list of all options from BDRVQcowState
values just reuse the options that were used to open the image.
qcow2_open() won't fully use all of the options in the QDict, but that's
okay.
This fixes all of the driver-specific options in qcow2, except for
lazy-refcounts, which was special cased before.
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Reviewed-by: Max Reitz <mreitz@redhat.com>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
The "query-iothreads" command returns a list of information about
iothreads. See the patch for API documentation.
Reviewed-by: Eric Blake <eblake@redhat.com>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
Keep the thread ID around so we can report it via QMP.
There's only one problem: qemu_get_thread_id() (gettid() wrapper on
Linux) must be called from the thread itself. There is no way to get
the thread ID outside the thread.
This patch uses a condvar to wait for iothread_run() to populate the
thread_id inside the thread.
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
Today virtio-blk dataplane uses a 1:1 device-per-thread model. Now that
IOThreads have been introduced we can generalize this to N:M devices per
threads.
This patch drops thread code from dataplane in favor of running inside
an IOThread AioContext.
As a bonus we solve the case where a guest keeps submitting I/O requests
while dataplane is trying to stop. Previously the dataplane thread
would continue to process requests until the request gave it a break.
Now we can shut down in bounded time thanks to
aio_context_acquire/release.
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
Add a "iothread" qdev property type so devices can be hooked up to an
IOThread from the comand-line:
qemu -object iothread,id=iothread0 \
-device some-device,x-iothread=iothread0
Note that Paolo Bonzini <pbonzini@redhat.com> has suggested using QOM
links instead. This way the relationship between the objects is
reflected in QOM. There are currently shortcomings of
object_property_add_link() which prevent this use case. I will attempt
to fix them and move to QOM links in a separate series.
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
get_pointer()'s print() callback might return a heap allocated
string, to avoid adding dedicated get_pointer_foo for this case
convert current print() callbacks to return temporary heap
allocated string and make get_pointer() free it.
Reviewed-by: Andreas Färber <afaerber@suse.de>
Signed-off-by: Igor Mammedov <imammedo@redhat.com>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
This is a stand-in for Michael Roth's QContext. I expect this to be
replaced once QContext is completed.
The IOThread object is an AioContext event loop thread. This patch adds
the concept of multiple event loop threads, allowing users to define
them.
When SMP guests run on SMP hosts it makes sense to instantiate multiple
IOThreads. This spreads event loop processing across multiple cores.
Note that additional patches are required to actually bind a device to
an IOThread.
[Andreas Färber <afaerber@suse.de> pointed out that the embedded parent
object instance should be called "parent_obj" and have a newline
afterwards. This patch has been changed to reflect this.
-- Stefan]
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
It can be useful to run an AioContext from a thread which normally does
not "own" the AioContext. For example, request draining can be
implemented by acquiring the AioContext and looping aio_poll() until all
requests have been completed.
The following pattern should work:
/* Event loop thread */
while (running) {
aio_context_acquire(ctx);
aio_poll(ctx, true);
aio_context_release(ctx);
}
/* Another thread */
aio_context_acquire(ctx);
bdrv_read(bs, 0x1000, buf, 1);
aio_context_release(ctx);
This patch implements aio_context_acquire() and aio_context_release().
Note that existing aio_poll() callers do not need to worry about
acquiring and releasing - it is only needed when multiple threads will
call aio_poll() on the same AioContext.
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
QemuMutex does not guarantee fairness and cannot be acquired
recursively:
Fairness means each locker gets a turn and the scheduler cannot cause
starvation.
Recursive locking is useful for composition, it allows a sequence of
locking operations to be invoked atomically by acquiring the lock around
them.
This patch adds RFifoLock, a recursive lock that guarantees FIFO order.
Its first user is added in the next patch.
RFifoLock has one additional feature: it can be initialized with an
optional contention callback. The callback is invoked whenever a thread
must wait for the lock. For example, it can be used to poke the current
owner so that they release the lock soon.
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
It is often useful to find an object's child property name. Also use
this new function to simplify the implementation of
object_get_canonical_path().
Reviewed-by: Andreas Färber <afaerber@suse.de>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
This patch keep the recursive way of doing things but simplify it by giving
two responsabilities to all block filters implementors.
They will need to do two things:
-Set the is_filter field of their block driver to true.
-Implement the bdrv_recurse_is_first_non_filter method of their block driver like
it is done on the Quorum block driver. (block/quorum.c)
[Paolo Bonzini <pbonzini@redhat.com> pointed out that this patch changes
the semantics of blkverify, which now recurses down both bs->file and
s->test_file.
-- Stefan]
Reported-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Benoit Canet <benoit@irqsave.net>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
Extend test file 060 by a test case for corruption occuring concurrently
to a COW request. QEMU should not crash but rather return an appropriate
error message.
Signed-off-by: Max Reitz <mreitz@redhat.com>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
Currently, bdrv_debug_resume() requires every bs->drv in the BDS stack
to be NULL until a bs->drv with an implementation of bdrv_debug_resume()
is found. For a normal function, this would be fine, but this is a
function for debugging purposes and should therefore allow intermediate
BDS not to have a driver (i.e., be "ejected"). Otherwise, it is hard to
debug such situations.
Signed-off-by: Max Reitz <mreitz@redhat.com>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
Before dereferencing bs->drv for a call to its member bdrv_co_readv(),
copy_sectors() should check whether that pointer is indeed valid, since
it may have been set to NULL by e.g. a concurrent write triggering the
corruption prevention mechanism.
Signed-off-by: Max Reitz <mreitz@redhat.com>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
After migration has completed, we call bdrv_invalidate_cache() so that
drivers which cache some data drop their stale copy of the data and
reread it from the image file to get a new version of data that the
source modified while the migration was running.
Reloading metadata from the image file is useless, though, if the size
of the image file stays stale (this is a value that is cached for all
image formats in block.c). Reads from (meta)data after the old EOF
return only zeroes, causing image corruption.
We need to update bs->total_sectors in all layers that could potentially
have changed their size (i.e. backing files are not a concern - if they
are changed, we're in bigger trouble)
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
When reading the refcount table entry in get_refcount(), only bits which
are actually significant for the refcount block offset should be taken
into account.
Signed-off-by: Max Reitz <mreitz@redhat.com>
Reviewed-by: Laszlo Ersek <lersek@redhat.com>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
Older versions of gcc (eg 4.6) can't handle varargs functions declared
inline for anything other than completely trivial uses, and complain:
tests/qom-test.c: In function 'qmp': tests/libqtest.h:359:60: sorry,
unimplemented: function 'qmp' can never be inlined because it uses
variable argument lists
Avoid this problem by putting the functions into libqtest.c instead
of using inline definitions in libqtest.h.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Andreas Färber <afaerber@suse.de>
Fix a bug that was introduced in commit 386a5a1e. A removal of a device
set the chr handlers to NULL. However when the device is plugged back,
its read callback is not restored so data can't be transferred from the
host to the guest (e.g. via the virtio-serial port).
https://bugzilla.redhat.com/show_bug.cgi?id=1027181
Signed-off-by: Gal Hammer <ghammer@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
This converts the old-style SysBusDevice::init() callback to a new-style
DeviceClass::realize() callback.
As a part of conversion, this replaces fprintf(stderr) with error_setg()
as realize() does not "return" any value, instead it puts the extended
error into **errp.
Signed-off-by: Alexey Kardashevskiy <aik@ozlabs.ru>
Reviewed-by: Mike Day <ncmike@ncultra.org>
Signed-off-by: Andreas Färber <afaerber@suse.de>
Currently interrupt priorities are set to 0 (highest) at the very
beginning of the guest execution which is not correct and makes the guest
produce random interrupt error messages such as:
"Interrupt 0x1001 (real) is invalid, disabling it".
This also prevents interrupt states from correct migration.
This initializes priority to 0xFF as the emulated XICS does.
Suggested-by: Paul Mackerras <paulus@samba.org>
Signed-off-by: Alexey Kardashevskiy <aik@ozlabs.ru>
Signed-off-by: Andreas Färber <afaerber@suse.de>
The changelog is:
> version: update to 20140304
> Introduce dummy console device
> vio-vscsi: Fix CRQ allocation alignment
> version: update to 20140204
> virtio-9p: disable unused structure
> Make "boot net:dhcp" boot from IPv4 only
> Fix virtio device shutdown
> Change shutdown method name for virtio-scsi
> Add support for 64bit LE ABI v1 and v2 support
> Change representation of string environment variable
> cas: return error when unknown node found
> version: update
> Reset obp-tftp arguments before parsing
> Enable seamless netboot on IPv6 network
> Fix shutdown for virtio devices
> Fix zero checksum in UDP header
> Handle router advertisement message properly
> [oex]hci_exit: Check before freeing/unmapping memory
> Work around missing sc 1 traps on pHyp
> fix print_version() to return where it came from
> usb-xhci: memory freeing and using returns as bool uniformly
> Output banner and initial display output in VNC window
> use VERSION file to generate FW version
> cas: remove warning
> Add support for loading little endian ELF binaries.
> Add bswap_{16,32,64}p
> dhcpv6 and other minor net-snk fixes
> Fix missing drop in virtio-fs setup-alias
> Find next available alias name
> SLOF does not exit if given 1KB disk
> boot: enable support for bootindex
> pci-properties: add properties to enable hotplug for spapr
> e1000: remember node handle
> Increase quiesce tokens array size
> virtio: timeout after 5sec
> Enable IPv6 support in dns
> usb-ohci: fix warnings
> Add ipv6 support in net-snk
> ipv4: fix frame overwriting following arp_send_request
> e1000: fix SLOF_dma_map_out arguments
> Maintain single global packet buffer for tftp
> Increase virtio-net receive queue size
> Increase veth receive queue size
> Fix dprintf macros at various points
> usb-ohci: rewrite done_head processing code
> boot: add net in default boot order
> block 0 address in the allocator
> scsi: make-media-alias fix
> usb-xhci: add xhci host controller support
> usb-xhci: add xhci support
> Avoid veth read/write calls with zero length buffer
> boot: include other aliases
> usb-core: disable xhci
Cc: Andreas Färber <afaerber@suse.de>
Cc: Nikunj A Dadhania <nikunj@linux.vnet.ibm.com>
Signed-off-by: Alexey Kardashevskiy <aik@ozlabs.ru>
As reported in commit 9c06a1f79f, xen.h is
not self-contained with regards to its use of QEMUMachine. Fix this.
Reported-by: Alexander Graf <agraf@suse.de>
Suggested-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Andreas Färber <afaerber@suse.de>
This reverts commit 9c06a1f79f.
The new header sysemu/qemumachine.h is undesired.
Suggested-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Andreas Färber <afaerber@suse.de>
'socket_accept' waits for QEMU to init its unix socket.
If QEMU encounters an error during command line parsing,
it can exit before initializing the communication channel.
Using a timeout for sockets fixes the issue.
Reviewed-by: Eric Blake <eblake@redhat.com>
Signed-off-by: Marcel Apfelbaum <marcel.a@redhat.com>
Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com>
Signed-off-by: Andreas Färber <afaerber@suse.de>
Use the realize and unrealize hooks to register and unregister
vmstate_pcibus respectively.
Relocate some stuff to avoid forward declarations.
Signed-off-by: Bandan Das <bsd@redhat.com>
Acked-by: Michael S. Tsirkin <mst@redhat.com>
[AF: Keep using PCI_BUS() cast macro]
Signed-off-by: Andreas Färber <afaerber@suse.de>
Integrate (un)realization of child buses with realization/unrealization
of the device hosting them. Code in device_unparent() is reordered for
unrealization of buses to work as part of device unrealization.
That way no changes need to be made to bus instantiation.
Signed-off-by: Bandan Das <bsd@redhat.com>
Signed-off-by: Andreas Färber <afaerber@suse.de>
Add a "realized" property calling realize/unrealize hooks as for devices.
Signed-off-by: Bandan Das <bsd@redhat.com>
Signed-off-by: Andreas Färber <afaerber@suse.de>
This adds a test whether sPAPR PHB can be added via the command line.
Signed-off-by: Alexey Kardashevskiy <aik@ozlabs.ru>
Signed-off-by: Andreas Färber <afaerber@suse.de>
Recursively walk all properties under /machine and try to retrieve their
value. This is a regression test for link<> properties and the
DeviceState::hotpluggable property.
Cf. be2f78b6b0 and
1a37eca107
Signed-off-by: Andreas Färber <afaerber@suse.de>
In order to allow attaching machine options to a machine instance,
current_machine is converted into MachineState.
As a first step of deprecating QEMUMachine, some of the functions
were modified to return MachineClass.
Signed-off-by: Marcel Apfelbaum <marcel.a@redhat.com>
Signed-off-by: Andreas Färber <afaerber@suse.de>
The machine registration flow is refactored to use the QOM functionality.
Instead of linking the machines into a list, each machine has a type
and the types can be traversed in the QOM way.
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Marcel Apfelbaum <marcel.a@redhat.com>
Signed-off-by: Andreas Färber <afaerber@suse.de>
The main functional change is to convert QEMUMachine into MachineClass
and QEMUMachineInitArgs into MachineState, instance of MachineClass.
As a first step, in order to make possible an incremental development,
both QEMUMachine and QEMUMachineInitArgs are being embedded into the
new types.
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Marcel Apfelbaum <marcel.a@redhat.com>
Signed-off-by: Andreas Färber <afaerber@suse.de>
Test the error class instead. Expecting a specific message is
fragile. In fact, it broke once already, in commit 75884af. Restore
the test of error member "class" dropped there, and drop the test of
error member "desc".
There are no other tests of "desc" as far as I can tell.
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com>
Signed-off-by: Andreas Färber <afaerber@suse.de>
Use g_assert_cmpstr() instead of combining g_assert() and strcmp(3).
This simplifies the code since we no longer have to play games to
distinguish NULL from "" using "(null)".
gcc extension haters will also be happy that ?: was dropped.
Suggested-by: Markus Armbruster <armbru@redhat.com>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com>
Signed-off-by: Andreas Färber <afaerber@suse.de>
Previously libvirt required the first/default PCI bus to have name "pci".
Since QEMU can support multiple buses now, libvirt wants "pci.0" now.
This removes custom bus name and lets QEMU make up default names.
Signed-off-by: Alexey Kardashevskiy <aik@ozlabs.ru>
Signed-off-by: Andreas Färber <afaerber@suse.de>
There are no usages left of this legacy cast. Delete.
Signed-off-by: Peter Crosthwaite <peter.crosthwaite@xilinx.com>
[AF: Rename SSISlave parent field]
Signed-off-by: Andreas Färber <afaerber@suse.de>
ssi: Rename parent field
Define and use QOM cast macro. Removes some usages of legacy casting
systems.
Signed-off-by: Peter Crosthwaite <peter.crosthwaite@xilinx.com>
[AF: Rename parent field]
Signed-off-by: Andreas Färber <afaerber@suse.de>
Create an abstract class that encompasses both max111x variants. This is
needed for QOM cast macro creation (and is the right thing to do
anyway). Macroify type-names in the process.
Signed-off-by: Peter Crosthwaite <peter.crosthwaite@xilinx.com>
Signed-off-by: Andreas Färber <afaerber@suse.de>
Remove two legacy ->qbus style casts from TYPE_SSI_BUS to TYPE_BUS in
ssi.c.
Signed-off-by: Peter Crosthwaite <peter.crosthwaite@xilinx.com>
[AF: Convert one missing ->qbus and rename parent field]
Signed-off-by: Andreas Färber <afaerber@suse.de>
Convert legacy ->qdev style casts from TYPE_SSI_SLAVE to TYPE_DEVICE.
Signed-off-by: Peter Crosthwaite <peter.crosthwaite@xilinx.com>
[AF: Introduce local DeviceState variable for transition to QOM realize]
Signed-off-by: Andreas Färber <afaerber@suse.de>
When object_property_add_str() and object_property_add_bool() fail, they
leak their internal StringProperty and BoolProperty structs. Remember
to free the structs on error.
Luckily this is a low-impact memory leak since most QOM properties are
static qdev properties that will never take the error case.
object_property_add() only fails if the property name is already in use.
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Cc: qemu-stable@nongnu.org
Signed-off-by: Andreas Färber <afaerber@suse.de>
Test steps:
(qemu) device_add e1000,addr=adsf
Property 'e1000.addr' doesn't take value 'adsf'
(qemu) info qtree
Then qemu crashed.
Currently we set a link to the new device from its parent bus, but the
device hasn't been added to QOM tree yet. When it fails to set properties,
object_unparent() can't clean up the device.
Delay setting of device properties until the device has been added to
the QOM composition tree. This way, when setting a property fails,
object_unparent() can clean up the device properly.
Signed-off-by: Amos Kong <akong@redhat.com>
Reviewed-by: Igor Mammedov <imammedo@redhat.com>
Signed-off-by: Andreas Färber <afaerber@suse.de>
Move setting DeviceClass::hotpluggable default from device's
class_base_init() to device's class_init().
Reported-by: Andreas Färber <afaerber@suse.de>
Signed-off-by: Igor Mammedov <imammedo@redhat.com>
Signed-off-by: Andreas Färber <afaerber@suse.de>
Commit 1a37eca107 (qdev: add
"hotpluggable" property to Device) added a property "hotpluggable" to
each device, with its getter accessing parent_bus->allow_hotplug.
Add a NULL check.
Cc: Igor Mammedov <imammedo@redhat.com>
Signed-off-by: Andreas Färber <afaerber@suse.de>
Net patches
# gpg: Signature made Wed 12 Mar 2014 13:48:20 GMT using RSA key ID 81AB73C8
# gpg: Good signature from "Stefan Hajnoczi <stefanha@redhat.com>"
# gpg: aka "Stefan Hajnoczi <stefanha@gmail.com>"
# gpg: WARNING: This key is not certified with a trusted signature!
# gpg: There is no indication that the signature belongs to the owner.
# Primary key fingerprint: 8695 A8BF D3F9 7CDA AC35 775A 9CA4 ABB3 81AB 73C8
* remotes/stefanha/tags/net-pull-request:
tap: avoid deadlocking rx
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Functionally, this is a revert of Jocelyn's r3309 /
55aa45ddde (Quickly hack PowerPC BIOS
able to boot on CDROM again.), for which we do not have the sources.
Therefore the sources used are v0.4.1 plus pc-bios/ohw.diff plus a
workaround turning IDE errors into warnings.
Signed-off-by: Andreas Färber <andreas.faerber@web.de>
Tracing pull request
# gpg: Signature made Wed 12 Mar 2014 13:20:10 GMT using RSA key ID 81AB73C8
# gpg: Good signature from "Stefan Hajnoczi <stefanha@redhat.com>"
# gpg: aka "Stefan Hajnoczi <stefanha@gmail.com>"
# gpg: WARNING: This key is not certified with a trusted signature!
# gpg: There is no indication that the signature belongs to the owner.
# Primary key fingerprint: 8695 A8BF D3F9 7CDA AC35 775A 9CA4 ABB3 81AB 73C8
* remotes/stefanha/tags/tracing-pull-request:
trace: Fix build warnings for Win32 build
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Docs: Introduce multiport serial support in qemupciserial.inf.
# gpg: Signature made Wed 12 Mar 2014 09:35:55 GMT using RSA key ID D3E87138
# gpg: Good signature from "Gerd Hoffmann (work) <kraxel@redhat.com>"
# gpg: aka "Gerd Hoffmann <gerd@kraxel.org>"
# gpg: aka "Gerd Hoffmann (private) <kraxel@gmail.com>"
* remotes/kraxel/tags/pull-misc-1:
Docs: Introduce multiport serial support in qemupciserial.inf.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
The Win32 build warns about trace/control-internal.h:
warning: 'trace_event_count' declared inline after being called
Fix this by simply reordering trace_event_id() and
trace_event_count().
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Stefan Weil <sw@weilnetz.de>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
* remotes/kiszka/queues/slirp:
slirp smb with modern win guests when samba is also running on host
qemu/slirp: Fix SMB security configuration on newer samba versions
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
* remotes/qmp-unstable/queue/qmp:
tests: test-qmp-commands: Fix double free
qapi script: do not add "_" for every capitalized char in enum
qapi script: do not allow string discriminator
qapi: convert BlockdevOptions to use enum discriminator
qapi script: support enum type as discriminator in union
qapi script: use same function to generate enum string
qapi script: code move for generate_enum_name()
qapi script: check correctness of union
qapi script: remember line number in schema parsing
qapi script: add check for duplicated key
qapi script: remember explicitly defined enum values
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Hook into scroll-event to properly forward mouse wheel movements to the
guest, just like we already do in SDL.
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Restores traditional behavior: Keyboard input will be routed to the most
recently added keyboard. Without this all kbd input goes to the ps/2
keyboard, even if you add a usb keyboard to your guest.
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Support for pci-serial-2x and pci-serial-4x
was added to the inf file.
Standard Windows driver mf.sys used to
split single function device into per-port nodes.
Signed-off-by: Miki Mishael <mmishael@redhat.com>
Signed-off-by: Dmitry Fleytman <dfleytma@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
The net subsystem has a control flow mechanism so peer NetClientStates
can tell each other to stop sending packets. This is used to stop
monitoring the tap file descriptor for incoming packets if the guest rx
ring has no spare buffers.
There is a corner case when tap_can_send() is true at the beginning of
an event loop iteration but becomes false before the tap_send() fd
handler is invoked.
tap_send() will read the packet from the tap file descriptor and attempt
to send it. The net queue will hold on to the packet and return 0,
indicating that further I/O is not possible. tap then stops monitoring
the file descriptor for reads.
This is unlike the normal case where tap_can_send() is the same before
and during the event loop iteration. The event loop would simply not
monitor the file descriptor if tap_can_send() returns true. Upon next
iteration it would check tap_can_send() again and begin monitoring if we
can send.
The deadlock happens because tap_send() explicitly disabled read_poll.
This is done with the expectation that the peer will call
qemu_net_queue_flush(). But hw/net/virtio-net.c does not monitor
vm_running transitions and issue the flush. Hence we're left with a
broken tap device.
Cc: qemu-stable@nongnu.org
Reported-by: Neil Skrypuch <neil@tembosocial.com>
Tested-by: Neil Skrypuch <neil@tembosocial.com>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
After numerous reports that -smb (or -netdev user,smb=foo) not working
with modern windows (win7 and vista are reported as non-working), I
started digging myself. And found that indeed it doesn't work, and
why.
The thing is that modern win tries to connect to port 445 (microsoft-ds)
first, and if that fails, it falls back to old port 139 (netbios-ssn).
slirp code in qemu only redirects port 139, it does not touch port 445.
So the prob is that if samba is also running on the host, guest will try
to communicate using port 445, and that will succed, but ofcourse guest
will not talk with our samba but with samba running on the host.
If samba is not running on the host, guest will fall back to port 139,
and will reach the redirecting rule and qemu will spawn smbd correctly.
The solution is to redirect both ports (139 and 445), and the fix is
a one-liner, adding second call to slirp_add_exec() at the end of
net/slirp.c:slirp_smb() function (provided below).
But it looks like that is not a proper fix really, since in theory
we should redirect both ports to the SAME, single samba instance,
but I'm not sure this is possible with slirp. Well, even if two
smbd processes will be run on the same config dir, it should not
be a problem.
The one-liner (not exactly 1 since it touches previous line too) is like
this:
Signed-off-By: Michael Tokarev <mjt@tls.msk.ru>
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
The smb.conf automatically generated by qemu's -smb option fails on current
samba, because smbd rejects the security=share option with the following warning:
> WARNING: Ignoring invalid value 'share' for parameter 'security'
Which makes it fall back to security=user without guest login.
This results in being unable to login to the samba server from the guest OS.
This fixes it by selecting 'user' explicitly and mapping
unknown users to guest logins.
Signed-off-by: Michael Buesch <m@bues.ch>
Reviewed-by: Michael Tokarev <mjt@tls.msk.ru>
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
The LEON3 processor has support for the CASA instruction which is
normally only available for SPARC V9 processors. Binutils 2.24
and GCC 4.9 will support this instruction for LEON3. GCC uses it to
generate C11 atomic operations.
The CAS synthetic instruction uses an ASI of 0x80. If TARGET_SPARC64 is
not defined use a supervisor data load/store for an ASI of 0x80 in
helper_ld_asi()/helper_st_asi(). The supervisor data load/store was
choosen according to the LEON3 documentation.
The ASI 0x80 is defined in the SPARC V9 manual, Table 12—Address Space
Identifiers (ASIs). Here we have: 0x80, ASI_PRIMARY, Unrestricted
access, Primary address space.
Tested with the following program:
#include <assert.h>
#include <stdatomic.h>
void test(void)
{
atomic_int a;
int e;
_Bool b;
atomic_store(&a, 1);
e = 1;
b = atomic_compare_exchange_strong(&a, &e, 2);
assert(b);
assert(atomic_load(&a) == 2);
atomic_store(&a, 3);
e = 4;
b = atomic_compare_exchange_strong(&a, &e, 5);
assert(!b);
assert(atomic_load(&a) == 3);
}
Tested also on a NGMP board with a LEON4 processor.
Reviewed-by: Fabien Chouteau <chouteau@adacore.com>
Reviewed-by: Andreas Färber <afaerber@suse.de>
Tested-by: Mark Cave-Ayland <mark.cave-ayland@ilande.co.uk>
Reviewed-by: Richard Henderson <rth@twiddle.net>
Signed-off-by: Sebastian Huber <sebastian.huber@embedded-brains.de>
Signed-off-by: Mark Cave-Ayland <mark.cave-ayland@ilande.co.uk>
acpi,pc,test bug fixes
More small fixes: the issues annoy developers so
I thought they are worth fixing quickly.
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
# gpg: Signature made Tue 11 Mar 2014 11:27:44 GMT using RSA key ID D28D5469
# gpg: Good signature from "Michael S. Tsirkin <mst@kernel.org>"
# gpg: aka "Michael S. Tsirkin <mst@redhat.com>"
# gpg: WARNING: This key is not certified with a trusted signature!
# gpg: There is no indication that the signature belongs to the owner.
# Primary key fingerprint: 0270 606B 6F3C DF3D 0B17 0970 C350 3912 AFBE 8E67
# Subkey fingerprint: 5D09 FD08 71C8 F85B 94CA 8A0D 281F 0DB8 D28D 5469
* remotes/mst/tags/for_upstream:
acpi-test: update expected SSDT files
acpi-build: don't access unaligned addresses
q35: Correct typo BRDIGE -> BRIDGE
configure: don't modify .status on error
pc: avoid duplicate names for ROM MRs
loader: rename in_ram/has_mr
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
* remotes/kvm/uq/master:
target-i386: bugfix of Intel MPX
file_ram_alloc: unify mem-path,mem-prealloc error handling
kvm-all: exit in case max vcpus exceeded
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
target-arm queue:
* implement WFE as yield (improves performance with emulated SMP)
* fixes to avoid undefined behaviour shifting left into sign bit
* libvixl format string fixes for 32 bit hosts
* fix build error when intptr_t and tcg_target_long are different
sizes (eg x32)
* implement PMCCNTR register
* fix incorrect setting of E bit in CPSR (broke booting under
KVM on ARM)
# gpg: Signature made Mon 10 Mar 2014 15:05:25 GMT using RSA key ID 14360CDE
# gpg: Good signature from "Peter Maydell <peter.maydell@linaro.org>"
* remotes/pmaydell/tags/pull-target-arm-20140310:
target-arm: Implement WFE as a yield operation
hw/arm/musicpal: Avoid shifting left into sign bit
hw/ssi/xilinx_spips.c: Avoid shifting left into sign bit
hw/arm/omap1.c: Avoid shifting left into sign bit
pxa2xx: Don't shift into sign bit
libvixl: Fix format strings for several int64_t values
target-arm: Fix intptr_t vs tcg_target_long
target-arm: Implements the ARM PMCCNTR register
target-arm: Fix incorrect setting of E bit in CPSR
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Now "enum AIOContext" will generate AIO_CONTEXT instead of A_I_O_CONTEXT,
"X86CPU" will generate X86_CPU instead of X86_C_P_U.
Signed-off-by: Wenchao Xia <wenchaoqemu@gmail.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Reviewed-by: Markus Armbruster <armbru@redhat.com>
Signed-off-by: Luiz Capitulino <lcapitulino@redhat.com>
Since enum based discriminators provide better type-safety and
ensure that future qapi additions do not forget to adjust dependent
unions, forbid using string as discriminator from now on.
Signed-off-by: Wenchao Xia <wenchaoqemu@gmail.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Reviewed-by: Markus Armbruster <armbru@redhat.com>
Signed-off-by: Luiz Capitulino <lcapitulino@redhat.com>
After this patch, hidden enum type BlockdevOptionsKind will not
be generated, and other API can use enum BlockdevDriver.
Signed-off-by: Wenchao Xia <wenchaoqemu@gmail.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Reviewed-by: Markus Armbruster <armbru@redhat.com>
Signed-off-by: Luiz Capitulino <lcapitulino@redhat.com>
By default, any union will automatically generate a enum type as
"[UnionName]Kind" in C code, and it is duplicated when the discriminator
is specified as a pre-defined enum type in schema. After this patch,
the pre-defined enum type will be really used as the switch case
condition in generated C code, if discriminator is an enum field.
Signed-off-by: Wenchao Xia <wenchaoqemu@gmail.com>
Reviewed-by: Markus Armbruster <armbru@redhat.com>
Signed-off-by: Luiz Capitulino <lcapitulino@redhat.com>
Prior to this patch, qapi-visit.py used custom code to generate enum
names used for handling a qapi union. Fix it to instead reuse common
code, with identical generated results, and allowing future updates to
generation to only need to touch one place.
Signed-off-by: Wenchao Xia <wenchaoqemu@gmail.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Reviewed-by: Markus Armbruster <armbru@redhat.com>
Signed-off-by: Luiz Capitulino <lcapitulino@redhat.com>
Since line info is remembered as QAPISchema.line now, this patch
uses it as additional info for every expr in QAPISchema inside qapi.py,
then improves error message with it in checking of exprs.
For common union the patch will check whether base is a valid complex
type if specified. For flat union it will check whether base presents,
whether discriminator is found in base, whether the key of every branch
is correct when discriminator is an enum type.
Signed-off-by: Wenchao Xia <wenchaoqemu@gmail.com>
Reviewed-by: Markus Armbruster <armbru@redhat.com>
Signed-off-by: Luiz Capitulino <lcapitulino@redhat.com>
Before this patch, 'QAPISchemaError' scans whole input until 'pos'
to get error line number. After this patch, the scan is avoided since
line number is remembered in schema parsing. This patch also benefits
other error report functions, which would be introduced later.
Signed-off-by: Wenchao Xia <wenchaoqemu@gmail.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Reviewed-by: Markus Armbruster <armbru@redhat.com>
Signed-off-by: Luiz Capitulino <lcapitulino@redhat.com>
It is bad that same key was specified twice, especially when a union has
two branches with same condition. This patch can prevent it.
Signed-off-by: Wenchao Xia <wenchaoqemu@gmail.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Reviewed-by: Markus Armbruster <armbru@redhat.com>
Signed-off-by: Luiz Capitulino <lcapitulino@redhat.com>
casting an unaligned address to e.g.
uint32_t can trigger undefined behaviour in C.
Replace cast + assignment with memcpy.
Reported-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
./configure --help
make
will try to re-run configure with --help
which isn't what was intended.
The reason is that config.status was written
even on configure error.
Defer writing config.status until configure
has completed successfully.
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Since
commit 04920fc0fa
loader: store FW CFG ROM files in RAM
RAM MRs including ROM files in FW CFGs are created
and named using the file basename.
This becomes problematic if these names are
supplied by user, since the basename might not
be unique.
There are two cases we care about:
- option-rom flag.
- option ROM for devices. This triggers e.g. when
using rombar=0.
At the moment we get an assert. E.g
qemu -option-rom /usr/share/ipxe/8086100e.rom -option-rom
/usr/share/ipxe.efi/8086100e.rom
RAMBlock "/rom@genroms/8086100e.rom" already registered, abort!
This is a regression from 1.6.
For now let's keep it simple and just avoid creating the
MRs in case of option ROMs.
when using 1.7 machine types, enable
option ROMs in RAM to match that version.
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
acpi,pc,pci,virtio,memory bug fixes
This collects several small fixes from all over the place.
Additionally, Marcel's changes make acpi unit tests more robust.
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
# gpg: Signature made Sun 09 Mar 2014 19:14:57 GMT using RSA key ID D28D5469
# gpg: Good signature from "Michael S. Tsirkin <mst@kernel.org>"
# gpg: aka "Michael S. Tsirkin <mst@redhat.com>"
# gpg: WARNING: This key is not certified with a trusted signature!
# gpg: There is no indication that the signature belongs to the owner.
# Primary key fingerprint: 0270 606B 6F3C DF3D 0B17 0970 C350 3912 AFBE 8E67
# Subkey fingerprint: 5D09 FD08 71C8 F85B 94CA 8A0D 281F 0DB8 D28D 5469
* remotes/mst/tags/for_upstream:
qemu: x86: ignore ioapic polarity
pckbd: return 'keyboard enabled' on read input port command
pam: partly fix write-only mode
acpi-test: issue errors instead of warnings when possible
acpi-test: retain both asl and aml files on failure
MAINTAINERS: drop an out of date address
Add a 'name' parameter to qemu_thread_create
Add 'debug-threads' suboption to --name
Rework --name to use QemuOpts
PCIE: fix regression with coldplugged multifunction device
memory_region_present: return false if address is not found in child MemoryRegion
virtio-net: remove function calls from assert
acpi-test-data: update expected files
acpi-build: append description for non-hotplug
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
* remotes/riku/linux-user-for-upstream:
linux-user: set minimum kernel version to 2.6.32
linux-user: correct handling of break exception for MIPS
linux-user: translate signal number on return from sigtimedwait
linux-user: Implement sendmmsg syscall
linux-user: Fix getresuid, getresgid if !USE_UID16
linux-user: Don't use UID16 on AArch64
linux-user: AArch64: Implement SA_RESTORER for signal handlers
linux-user/signal.c: Fix AArch64 big-endian FP register restore
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Implement WFE to yield our timeslice to the next CPU.
This avoids slowdowns in multicore configurations caused
by one core busy-waiting on a spinlock which can't possibly
be unlocked until the other core has an opportunity to run.
This speeds up my test case A15 dual-core boot by a factor
of three (though it is still four or five times slower than
a single-core boot).
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Message-id: 1393339545-22111-1-git-send-email-peter.maydell@linaro.org
Reviewed-by: Richard Henderson <rth@twiddle.net>
Tested-by: Rob Herring <rob.herring@linaro.org>
Commit 4cc35614a moved the exception mask bits out of env->uncached_cpsr
and into env->daif. However the env->daif contents are AArch64 style
mask bits, which include not just the AArch32 AIF bits but also the
new D bit (masks debug exceptions). This means that when reconstructing
the AArch32 CPSR value we must not allow the D bit in env->daif to get
into the CPSR, because the corresponding bit in the CPSR is E, the
endianness bit.
This bug didn't affect execution under TCG because we don't implement
endianness-swapping and so simply ignored the E bit; however it meant
that kernel booting under KVM failed, because KVM does honour the E bit.
Reported-by: Alexey Ignatov <lexszero@gmail.com>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Instead of
spice support no (/)
configure now prints
spice support no
Signed-off-by: Stefan Weil <sw@weilnetz.de>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
* remotes/rth/tcg-aarch-6-1:
tcg-aarch64: Remove nop from qemu_st slow path
tcg-aarch64: Simplify tcg_out_ldst_9 encoding
tcg-aarch64: Use intptr_t apropriately
tcg-aarch64: Remove the shift_imm parameter from tcg_out_cmp
tcg-aarch64: Hoist common argument loads in tcg_out_op
tcg-aarch64: Don't handle mov/movi in tcg_out_op
tcg-aarch64: Set ext based on TCG_OPF_64BIT
tcg-aarch64: Change all ext variables to TCGType
tcg-aarch64: Remove redundant CPU_TLB_ENTRY_BITS check
tcg-aarch64: Enable builtin disassembler
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Popular glibc based distributions[1] require minimum
2.6.32 as kernel version. For some targets 2.6.18
would be enough, but dropping so low would mean some
suboptimal system calls could get used.
Set the minimum kernel advertized to 2.6.32 for
all architectures but aarch64 to ensure working qemu
linux-user in case host kernel is older.
[1] https://bugs.launchpad.net/ubuntu/+source/eglibc/+bug/921078
Signed-off-by: Riku Voipio <riku.voipio@linaro.org>
migration/next for 20140308
# gpg: Signature made Sat 08 Mar 2014 21:26:01 GMT using RSA key ID 5872D723
# gpg: Can't check signature: public key not found
* remotes/juanquintela/tags/migration/20140308-1:
migration: extend section_start/end traces
vl: add system_wakeup_request tracepoint
qemu_file: Fix mismerge of "use fwrite() correctly"
XBZRLE: Fix qemu crash when resize the xbzrle cache
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
The following artifical test (just the bitmap operation part) running
vnc_update_client 65536 times on a 2560x2048 surface illustrates the
performance difference:
All bits clean - vnc_update_client_new: 0.07 secs
vnc_update_client_new2: 0.07 secs
vnc_update_client_old: 10.98 secs
All bits dirty - vnc_update_client_new: 11.26 secs
- vnc_update_client_new2: 0.29 secs
vnc_update_client_old: 20.19 secs
Few bits dirty - vnc_update_client_new: 0.07 secs
- vnc_update_client_new2: 0.07 secs
vnc_update_client_old: 10.98 secs
vnc_update_client_new2 shows the performance of vnc_update_client
with this patch added.
Comparing with the test run of the last patch the performance
is at least unchanged while it is significantly improved
for the all bits dirty case.
Signed-off-by: Peter Lieven <pl@kamp.de>
Reviewed-by: Wenchao Xia <xiawenc@linux.vnet.ibm.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
vnc_update_client currently scans the dirty bitmap of each client
bitwise which is a very costly operation if only few bits are dirty.
vnc_refresh_server_surface does almost the same.
this patch optimizes both by utilizing the heavily optimized
function find_next_bit to find the offset of the next dirty
bit in the dirty bitmaps.
The following artifical test (just the bitmap operation part) running
vnc_update_client 65536 times on a 2560x2048 surface illustrates the
performance difference:
All bits clean - vnc_update_client_new: 0.07 secs
vnc_update_client_old: 10.98 secs
All bits dirty - vnc_update_client_new: 11.26 secs
vnc_update_client_old: 20.19 secs
Few bits dirty - vnc_update_client_new: 0.08 secs
vnc_update_client_old: 10.98 secs
The case for all bits dirty is still rather slow, this
is due to the implementation of find_and_clear_dirty_height.
This will be addresses in a separate patch.
Signed-off-by: Peter Lieven <pl@kamp.de>
Reviewed-by: Wenchao Xia <xiawenc@linux.vnet.ibm.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
this allows for setting VNC_DIRTY_PIXELS_PER_BIT to different
values than 16 if desired.
Reviewed-by: Wenchao Xia <xiawenc@linux.vnet.ibm.com>
Signed-off-by: Peter Lieven <pl@kamp.de>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Spotted by Coverity:
876 static int vnc_update_client_sync(VncState *vs, int has_dirty)
877 {
(1) Event freed_arg: "vnc_update_client(VncState *, int)" frees "vs". [details]
Also see events: [deref_arg]
878 int ret = vnc_update_client(vs, has_dirty);
(2) Event deref_arg: Calling "vnc_jobs_join(VncState *)" dereferences freed pointer "vs". [details]
Also see events: [freed_arg]
879 vnc_jobs_join(vs);
880 return ret;
881 }
Remove vnc_update_client_sync wrapper, replace it with an additional
argument to vnc_update_client, so we can so the sync properly in
vnc_update_client (i.e. skip it in case of a client disconnect).
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Reviewed-by: Markus Armbruster <armbru@redhat.com>
Hi,
When I use RealVNC viewer client (http://www.realvnc.com/) to connect vnc server,
the client disconnect suddenly, and I click reconnect button immediately, then the Qemu crashed.
In the function vnc_worker_thread_loop, will call vnc_async_encoding_start
to set the local vs->output buffer by global queue's buffer. Then send rectangles to
the vnc client call function vnc_send_framebuffer_update. Finally, Under normal circumstances,
call vnc_async_encoding_end to set the global queue'buffer by the local vs->output conversely.
When the vnc client disconnect, the job->vs->csock will be set to -1. And the current prcoess
logic will goto disconnected partion without call function vnc_async_encoding_end.
But, the function vnc_send_framebuffer_update will call buffer_reserve, which
maybe call g_realloc reset the local vs's buffer, meaning the global queue's buffer is modified also.
If anyone use the original global queue's buffer memory will cause corruption and then crash qemu.
This patch assure the function vnc_async_encoding_end being called
even though the vnc client disconnect suddenly.
Signed-off-by: Gonglei <arei.gonglei@huawei.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
VncTight member uint8_t quality is either (uint8_t)-1 for lossless or
less than 10 for lossy.
tight_detect_smooth_image() first promotes it to int, then compares
with -1. Always unequal, so we always execute the lossy code. Reads
beyond tight_conf[] and returns crap when quality is actually
lossless.
Compare to (uint8_t)-1 instead, like we do elsewhere.
Spotted by Coverity.
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
we put copy of ROMs in MR for migration.
but the name rom_in_ram makes one think we
load it in guest RAM.
Rename has_mr to make intent clearer.
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
Both QEMU and KVM have already accumulated a significant number of
optimizations based on the hard-coded assumption that ioapic polarity
will always use the ActiveHigh convention, where the logical and
physical states of level-triggered irq lines always match (i.e.,
active(asserted) == high == 1, inactive == low == 0). QEMU guests
are expected to follow directions given via ACPI and configure the
ioapic with polarity 0 (ActiveHigh). However, even when misbehaving
guests (e.g. OS X <= 10.9) set the ioapic polarity to 1 (ActiveLow),
QEMU will still use the ActiveHigh signaling convention when
interfacing with the emulated ioapic.
This patch modifies the emulated ioapic to completely ignore polarity
as set by the guest OS, enabling misbehaving guests to work alongside
those which comply with the ActiveHigh polarity specified by QEMU's
ACPI tables.
Signed-off-by: Gabriel L. Somlo <somlo@cmu.edu>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
Bit 7 of Input Port is the keyboard inhibit switch.
0 means keyboard inhibited, while 1 means keyboard enabled.
Incidentaly, this also fixes an error encountered while booting
an Award BIOS: "Keyboard is locked out - Unlock the key".
Signed-off-by: Hervé Poussineau <hpoussin@reactos.org>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
In write-only mode, writes are forwarded to RAM, while reads should not be
handled (ie should return 0xff).
Assume that in this mode, no read access is ever done, as they shouldn't
give any sensible result.
So, in write-only mode, alias PAM region to RAM, instead of PCI memory
(which can even be mapped to some device!)
This fixes Award BIOS, which use this mode to shadow system BIOS and video BIOS.
Signed-off-by: Hervé Poussineau <hpoussin@reactos.org>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
If the expected (offline) acpi tables loaded correctly,
it is safe to assume the iasl installation is OK and
issue an error if the actual tables failed to load.
Signed-off-by: Marcel Apfelbaum <marcel.a@redhat.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
Updated the error message while at it.
Signed-off-by: Marcel Apfelbaum <marcel.a@redhat.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
Gleb's address seems to be out of date. Since it stayed like that for a
while now, I'm guessing he's no longer interested in getting mail.
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
If enabled, set the thread name at creation (on GNU systems with
pthread_set_np)
Fix up all the callers with a thread name
Signed-off-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
Acked-by: Michael S. Tsirkin <mst@redhat.com>
Reviewed-by: Laszlo Ersek <lersek@redhat.com>
Add flag storage to qemu-thread-* to store the namethreads flag
Signed-off-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
Acked-by: Michael S. Tsirkin <mst@redhat.com>
Reviewed-by: Laszlo Ersek <lersek@redhat.com>
Windows XP shows COM2 port as non functional in
"Device Manager" although no COM2 port backing device
is present in QEMU.
This regression is really due to
3bb28b7208b349e7a1b326e3c6ef9efac1d462bf?
memory: Provide separate handling of unassigned io ports accesses
That is caused by the fact that QEMU reports to
OSPM that device is present by setting 5th bit in
PII4XPM.pci_conf[0x67] register when COM2 doesn't
exist.
It happens due to memory_region_present(io_as, 0x2f8)
returning false positive since 0x2f8 address eventually
translates into catchall io_as address space.
Fix memory_region_present(parent, addr) by returning
true only if addr maps into a MemoryRegion within
parent (excluding parent itself), to match its
doc comment.
While at it fix copy/paste error in
memory_region_present() doc comment.
Note: this is a temporary hack: we really need better handling for
unassigned regions, we should avoid fallback regions since they are bad
for performance (breaking radix tree assumption that the data structure
is sparsely populated); for memory we need to fix this to implement PCI
master abort properly, anyway.
Cc: Jan Kiszka <jan.kiszka@siemens.com>
Signed-off-by: Igor Mammedov <imammedo@redhat.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
peer_{de,at}tach were called from inside assert().
We don't support building without NDEBUG but it's not tidy.
Rearrange to attach peer outside assert calls.
Signed-off-by: Joel Stanley <joel@jms.id.au>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
As reported in
http://article.gmane.org/gmane.comp.emulators.qemu/253987
Mac OSX actually requires describing all occupied slots
in ACPI - even if hotplug isn't enabled.
I didn't expect this so I dropped description of all
non hotpluggable slots from ACPI.
As a result: before
commit 99fd437dee (enable
hotplug for pci bridges), PCI cards show up in the "device tree" of OS X
(System Information). E.g., on MountainLion users have:
Hardware -> PCI Cards:
Card Type Driver Installed Slot
*ethernet Ethernet Controller Yes PCI Slot 2
pci8086,2934 USB UHC Yes PCI Slot 29
ethernet:
Type: Ethernet Controller
Driver Installed: Yes
MSI: No
Bus: PCI
Slot PCI Slot 2
Vendor ID: 0x8086
Device ID: 0x100e
Subsystem Vendor ID: 0x1af4
Subsystem ID: 0x1100
Revision ID: 0x0003
Hardware -> Ethernet Cards
ethernet:
Type: Ethernet Controller
Bus: PCI
Slot PCI Slot 2
Vendor ID: 0x8086
Device ID: 0x100e
Subsystem Vendor ID: 0x1af4
Subsystem ID: 0x1100
Revision ID: 0x0003
BSD name: en0
Kext name: AppleIntel8254XEthernet.kext
Location: /System/Library/Extensions/...
Version: 3.1.1b1
After commit 99fd437dee, users get:
Hardware -> PCI Cards:
This computer doesn't contain any PCI cards. If you installed PCI
cards, make sure they're properly installed.
Hardware -> Ethernet Cards
ethernet:
Type: Ethernet Controller
Bus: PCI
Vendor ID: 0x8086
Device ID: 0x100e
Subsystem Vendor ID: 0x1af4
Subsystem ID: 0x1100
Revision ID: 0x0003
BSD name: en0
Kext name: AppleIntel8254XEthernet.kext
Location: /System/Library/Extensions/...
Version: 3.1.1b1
Ethernet still works, but it's not showing up on the PCI bus, and it
no longer thinks it's plugged in to slot #2, as it used to before the
change.
To fix, append description for all occupied non hotpluggable PCI slots.
One need to be careful when doing this: VGA devices
are now described in SSDT, so we need to drop description from DSDT.
And ISA devices are used in DSDT so drop them from SSDT.
Reported-by: Gabriel L. Somlo <gsomlo@gmail.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
Also update generated dsdt and pcihp hex dump files.
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
At first glance the code appears to be using 1's compliment encoding,
a-la AArch32. Except that the constant is "off", creating a complicated
split field 2's compliment encoding.
Much clearer to just use a normal mask and shift.
Reviewed-by: Claudio Fontana <claudio.fontana@huawei.com>
Signed-off-by: Richard Henderson <rth@twiddle.net>
It was unused. Let's not overcomplicate things before we need them.
Reviewed-by: Claudio Fontana <claudio.fontana@huawei.com>
Signed-off-by: Richard Henderson <rth@twiddle.net>
We assert that the values for _I32 and _I64 are 0 and 1 respectively.
This will make a couple of functions declared by tcg.c cleaner.
Reviewed-by: Claudio Fontana <claudio.fontana@huawei.com>
Signed-off-by: Richard Henderson <rth@twiddle.net>
This adds @idstr to savevm_section_start and savevm_section_end
tracepoints.
Signed-off-by: Alexey Kardashevskiy <aik@ozlabs.ru>
Signed-off-by: Amit Shah <amit.shah@redhat.com>
Signed-off-by: Juan Quintela <quintela@redhat.com>
Resizing the xbzrle cache during migration causes qemu-crash,
because the main-thread and migration-thread modify the xbzrle
cache size concurrently without lock-protection.
Signed-off-by: ChenLiang <chenliang88@huawei.com>
Signed-off-by: Gonglei <arei.gonglei@huawei.com>
Reviewed-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
Signed-off-by: Juan Quintela <quintela@redhat.com>
* remotes/kvaneesh/for-upstream:
hw/9pfs: Include virtio-9p-device.o in build
hw/9pfs: use g_strdup_printf() instead of PATH_MAX limitation
hw/9pfs/virtio-9p-local.c: use snprintf() instead of sprintf()
hw/9pfs/virtio-9p-local.c: move v9fs_string_free() to below "err_out:"
fsdev: Fix overrun after readlink() fills buffer completely
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Block patches
# gpg: Signature made Fri 07 Mar 2014 13:30:04 GMT using RSA key ID C88F2FD6
# gpg: Good signature from "Kevin Wolf <kwolf@redhat.com>"
* remotes/kevin/tags/for-upstream:
block: qemu-iotests 085 - live snapshots tests
hw/ide/ahci.h: Avoid shifting left into sign bit
block: Fix error path segfault in bdrv_open()
qemu-iotests: Test a few blockdev-add error cases
blockdev: Fix NULL pointer dereference in blockdev-add
blockdev: Fail blockdev-add with encrypted images
block/raw-win32: Strip "file:" prefix on creation
block/raw-win32: Implement bdrv_parse_filename()
block/raw-posix: Strip "file:" prefix on creation
block/raw-posix: Implement bdrv_parse_filename()
block: Keep "filename" option after parsing
block: mirror - remove code cruft that has no function
block: make bdrv_swap rebuild the bs graph node list field.
block: Fix bs->request_alignment assertion for bs->sg=1
iscsi: Use bs->sg for everything else than disks
qemu-iotests: Test progress output for conversion
qemu-img convert: Fix progress output
gluster: Remove unused defines and header include
gluster: Change licence to GPLv2+
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Input handling rewrite.
SDL2 support.
# gpg: Signature made Wed 05 Mar 2014 11:16:08 GMT using RSA key ID D3E87138
# gpg: Good signature from "Gerd Hoffmann (work) <kraxel@redhat.com>"
# gpg: aka "Gerd Hoffmann <gerd@kraxel.org>"
# gpg: aka "Gerd Hoffmann (private) <kraxel@gmail.com>"
* remotes/kraxel/tags/pull-input-4: (38 commits)
ui/sdl2 : initial port to SDL 2.0 (v2.0)
console: add QemuUIInfo
console: add head to index to qemu consoles.
input: remove index_from_keycode (no users)
input: move do_mouse_set to new core
input: move qmp_query_mice to new core
input: add input_mouse_mode tracepoint
input: move mouse mode notifier to new core
input-legacy: remove kbd_mouse_event
input-legacy: remove kbd_mouse_is_absolute
input-legacy: remove kbd_mouse_has_absolute
input-legacy: remove kbd_put_keycode
input: trace events
input: mouse: switch cocoa ui to new core
input: keyboard: switch cocoa ui to new core
input: mouse: switch monitor to new core
input: mouse: switch spice ui to new core
input: mouse: switch vnc ui to new core
input: mouse: switch sdl ui to new core
input: mouse: switch gtk ui to new core
...
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Patch queue for ppc - 2014-03-05
This pull request includes:
- VSX emulation support
- book3s pr/hv selection
- some bug fixes
- qdev stable numbering
- eTSEC emulation
# gpg: Signature made Wed 05 Mar 2014 02:14:19 GMT using RSA key ID 03FEDC60
# gpg: Can't check signature: public key not found
* remotes/agraf/tags/signed-ppc-for-upstream: (130 commits)
target-ppc: spapr: e500: fix to use cpu_dt_id
target-ppc: add PowerPCCPU::cpu_dt_id
target-ppc: Introduce hypervisor call H_GET_TCE
target-ppc: Update ppc_hash64_store_hpte to support updating in-kernel htab
target-ppc: Change the hpte store API
target-ppc: Fix page table lookup with kvm enabled
target-ppc: Fix htab_mask calculation
target-ppc: Use Additional Temporary in stqcx Case
target-ppc: Fix Compiler Warnings Due to 64-Bit Constants Declared as UL
PPC: sPAPR: Only use getpagesize() when we run with kvm
target-ppc/translate.c: Use ULL suffix for 64 bit constants
spapr-vlan: flush queue whenever can_receive can go from false to true
target-ppc: Altivec 2.07: Vector Permute and Exclusive OR
target-ppc: Altivec 2.07: Vector SHA Sigma Instructions
target-ppc: Altivec 2.07: AES Instructions
target-ppc: Altivec 2.07: Binary Coded Decimal Instructions
target-ppc: Altivec 2.07: Vector Polynomial Multiply Sum
target-ppc: Altivec 2.07: Vector Gather Bits by Bytes
target-ppc: Altivec 2.07: Doubleword Compares
target-ppc: Altivec 2.07: vbpermq Instruction
...
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
One patch introducing support for adapter interrupts in virtio-ccw.
This improves performance for those guests that issue the new
CCW_CMD_SET_IND_ADAPTER channel command.
# gpg: Signature made Wed 05 Mar 2014 08:48:18 GMT using RSA key ID C6F02FAF
# gpg: Can't check signature: public key not found
* remotes/cohuck/tags/virtio-ccw-20140305:
s390x/virtio-ccw: Adapter interrupt support.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
This adds tests for live snapshots, both through the single
snapshot command, and the transaction group snapshot command.
The snapshots are done through the QMP interface, using the
following commands for snapshots:
Single snapshot:
{ 'execute': 'blockdev-snapshot-sync', 'arguments':
{ 'device': 'virtio0', 'snapshot-file':'...',
'format': 'qcow2' } }"
Group snapshot:
{ 'execute': 'transaction', 'arguments':
{'actions': [
{ 'type': 'blockdev-snapshot-sync', 'data' :
{ 'device': 'virtio0', 'snapshot-file': '...' } },
{ 'type': 'blockdev-snapshot-sync', 'data' :
{ 'device': 'virtio1', 'snapshot-file': '...' } } ]
} }
Signed-off-by: Jeff Cody <jcody@redhat.com>
Reviewed-by: Benoit Canet <benoit@irqsave.net>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Add 'U' suffixes to avoid undefined behaviour shifting left into
the signed bit of a signed integer type. Clang's sanitizer will
warn about this:
hw/ide/ahci.c:1210:27: runtime error: left shift of 1 by 31 places cannot be represented in type 'int'
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Peter Crosthwaite <peter.crosthwaite@xilinx.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
MacOSX doesn't pull .o files from .a archives if the symbol that it
requires is one which the .o file defines as a common symbol.
(Common symbols are those declared without "extern"; the linker
will merge together common symbols with the same name, so
redeclaring the same variable in two compilation units results in
them referring to the same symbol rather than a compilation error).
This MacOSX difference from traditional linker behaviour means that
"make check" produces link errors:
Undefined symbols for architecture x86_64:
"_cur_mon", referenced from:
_error_vprintf in libqemuutil.a(qemu-error.o)
_error_printf in libqemuutil.a(qemu-error.o)
_error_printf_unless_qmp in libqemuutil.a(qemu-error.o)
_error_print_loc in libqemuutil.a(qemu-error.o)
_error_report in libqemuutil.a(qemu-error.o)
ld: symbol(s) not found for architecture x86_64
in this case because "cur_mon" is a common symbol in
libqemustub.a(mon-set-error.o).
In QEMU we don't make any use at all of the common symbol
functionality, so we can avoid this problem entirely simply
by compiling with -fno-common. Enable this option for all
builds, not just MacOSX, so that if we ever inadvertently
introduce multiple definitions of some variable that will
be immediately spotted as a build error rather than only
breaking the MacOSX build.
Suggested-by: Markus Armbruster <armbru@redhat.com>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Richard Henderson <rth@twiddle.net>
Message-id: 1393451610-24617-1-git-send-email-peter.maydell@linaro.org
gcc's C++ compiler complains about being passed some -W options
which make sense for C but not for C++. This means we mustn't try
a C++ compile with QEMU_CFLAGS, but only with a filtered version
that removes the offending options. This filtering was already being
done for uses of C++ in the build itself, but was omitted for the
"does C++ work?" configure test. This only showed up when doing
builds which explicitly enabled -Werror with --enable-werror,
because the "do the compilers work" tests were mistakenly placed
above the "default werror based on whether compiling from git" code.
Another error in this category is that clang warns if you ask it to
compile C++ code from a file named "foo.c". Further, because we
were running do_cc in a subshell in the condition part of an "if",
the error_exit inside do_compiler wouldn't terminate configure and
we would plunge on regardless. Fix this complex of errors:
1. Move the default-werror code up so that there are no invocations
of compile_object and friends between it and the point where we
set $werror explicitly based on the --enable-werror command line
option.
2. Provide a mechanism for filtering QEMU_CFLAGS to create
QEMU_CXXFLAGS, and use it for the test we run here.
3. Provide a do_cxx function to run a test with the C++ compiler
rather than doing cute tricks with subshells and do_cc.
4. Use a new temporary file TMPCXX for the C++ program fragment.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Message-id: 1393352869-22257-1-git-send-email-peter.maydell@linaro.org
Tested-by: Andreas Färber <afaerber@suse.de>
Using an invalid option for a block device that is opened with
BDRV_O_PROTOCOL led to drv = NULL, and when trying to include the driver
name in the error message, qemu dereferenced it:
$ x86_64-softmmu/qemu-system-x86_64 -drive file=/tmp/test.qcow2,file.foo=bar
Segmentation fault (core dumped)
With this patch applied, the expected error message is printed:
$ x86_64-softmmu/qemu-system-x86_64 -drive file=/tmp/test.qcow2,file.foo=bar
qemu-system-x86_64: -drive file=/tmp/test.qcow2,file.foo=bar: could
not open disk image /tmp/test.qcow2: Block protocol 'file' doesn't
support the option 'foo'
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Reviewed-by: Benoit Canet <benoit@irqsave.net>
If aio=native, we check that cache.direct is set as well. If however
cache wasn't specified at all, qemu just segfaulted.
The old condition didn't make any sense anyway because it effectively
only checked for the default cache mode case, but not for an explicitly
set cache.direct=off mode.
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Reviewed-by: Benoit Canet <benoit@irqsave.net>
Reviewed-by: Eric Blake <eblake@redhat.com>
Encrypted images need a password before they can be used, and we don't
want blockdev-add to create BDSes that aren't fully initialised. So for
now simply forbid encrypted images; we can come back to it later if we
need the functionality.
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
The bdrv_create() implementation of the block/raw-win32 "file" protocol
driver should strip the "file:" prefix from filenames if present.
Signed-off-by: Max Reitz <mreitz@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Reviewed-by: Benoit Canet <benoit@irqsave.net>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
The bdrv_create() implementation of the block/raw-posix "file" protocol
driver should strip the "file:" prefix from filenames if present.
Signed-off-by: Max Reitz <mreitz@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Reviewed-by: Benoit Canet <benoit@irqsave.net>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Currently, bdrv_file_open() always removes the "filename" option from
the options QDict after bdrv_parse_filename() has been (successfully)
called. However, for drivers with bdrv_needs_filename, it makes more
sense for bdrv_parse_filename() to overwrite the "filename" option and
for bdrv_file_open() to fetch the filename from there.
Since there currently are no drivers that implement
bdrv_parse_filename() and have bdrv_needs_filename set, this does not
change current behavior.
Signed-off-by: Max Reitz <mreitz@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Reviewed-by: Benoit Canet <benoit@irqsave.net>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Originally, this built up the error message with the backing filename,
so that errp was set as follows:
error_set(errp, QERR_OPEN_FILE_FAILED, backing_filename);
However, we now propagate the local_error from the
bdrv_open_backing_file() call instead, making these 2 lines useless
code.
Signed-off-by: Jeff Cody <jcody@redhat.com>
Reviewed-by: Benoit Canet <benoit@irqsave.net>
Reviewed-by: Eric Blake <eblake@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Moving only the node_name one field could lead to some inconsitencies where a
node_name was defined on a bs which was not registered in the graph node list.
bdrv_swap between a named node bs and a non named node bs would lead to this.
bdrv_make_anon would then crash because it would try to remove the bs from the
graph node list while it is not in it.
This patch remove named node bses from the graph node list before doing the swap
then insert them back.
Signed-off-by: Benoit Canet <benoit@irqsave.net>
Reviewed-by: Max Reitz <mreitz@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
The current iscsi block driver code makes the rather arbitrary decision
that TYPE_MEDIUM_CHANGER and TYPE_TAPE devices have bs->sg = 1 and all
other device types are disks.
Instead of this, check for TYPE_DISK to expose the disk interface and
make everything else bs->sg = 1. In particular, this includes devices
with TYPE_STORAGE_ARRAY, which is what LUN 0 of an iscsi target is.
(See https://bugzilla.redhat.com/show_bug.cgi?id=1067784 for the exact
scenario.)
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Reviewed-by: Benoit Canet <benoit@irqsave.net>
Acked-by: Paolo Bonzini <pbonzini@redhat.com>
Initialise progress output only when the -p and -q options have already
been parsed, otherwise it's always disabled.
Reported-by: Peter Lieven <pl@kamp.de>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Remove the definitions of GLUSTER_FD_WRITE and GLUSTER_FD_READ which are
no longer used. Also sockets.h isn't needed any more.
Signed-off-by: Bharata B Rao <bharata@linux.vnet.ibm.com>
Acked-by: Stefan Hajnoczi <stefanha@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Pipe handling mechanism in gluster driver was based on similar implementation
in RBD driver and hence had GPLv2 and associated copyright information.
After changing gluster driver to coroutine based implementation, the pipe
handling code no longer exists and hence change gluster driver's licence to
GPLv2+ and remove RBD copyrights.
Signed-off-by: Bharata B Rao <bharata@linux.vnet.ibm.com>
Acked-by: Stefan Hajnoczi <stefanha@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
I've ported the SDL1.2 code over, and rewritten it to use the SDL2 interface.
The biggest changes were in the input handling, where SDL2 has done a major
overhaul, and I've had to include a generated translation file to get from
SDL2 codes back to qemu compatible ones. I'm still not sure how the keyboard
layout code works in qemu, so there may be further work if someone can point
me a test case that works with SDL1.2 and doesn't with SDL2.
Some SDL env vars we used to set are no longer used by SDL2,
Windows, OSX support is untested,
I don't think we can link to SDL1.2 and SDL2 at the same time, so I felt
using --with-sdlabi=2.0 to select the new code should be fine, like how
gtk does it.
v1.1: fix keys in text console
v1.2: fix shutdown, cleanups a bit of code, support ARGB cursor
v2.0: merge the SDL multihead patch into this, g_new the number of consoles
needed, wrap DCL inside per-console structure.
Signed-off-by: Dave Airlie <airlied@redhat.com>
Fixes & improvements by kraxel:
* baum build fix
* remove text console logic
* adapt to new input core
* codestyle fixups
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
This removes the last user of the lecagy input mouse handler list,
so we can remove more legacy bits with this.
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
legacy mouse event handlers are registered in the new core,
so they receive events submitted to the new input core.
legacy kbd_mouse_event() continues to use the old code paths.
So new-core event handlers wouldn't see events submitted via
kbd_mouse_event.
This leads to the constrain that we we must transition all
kbd_mouse_event() users first to keep things working. But
that is easier to handle than translating legacy mouse events
into new-core mouse events ;)
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Transform absolute mouse events according to graphic_rotate.
Legacy input code does it for both absolute and relative events,
but the logic is broken for relative coordinates, so this is
most likely not used anyway.
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Likewise a bunch of helper functions to manage mouse button
and movement events, again to make life easier for the ui code.
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
legacy kbd event handlers are registered in the new core,
so they receive events from the new input core code.
keycode -> scancode translation needed here.
legacy kbd_put_keycode() sends events to the new core.
scancode -> keycode translation needed here.
So with this patch the new input core is fully functional
for keyboard events. New + legacy interfaces can be mixed
in any way.
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
A bunch of helper functions to manage keyboard events,
to make life simpler for the ui code when submitting
keyboard events.
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Define input event types, using qapi. So we get nicely autogenerated
types for our input events. And when it comes to qmp support some day
things will be a lot easier.
Types are modeled after the linux input layer. There are separate
event types for each value. There is a sync to indicate the end
of a event group.
Mouse events are split into motion events (one for each axis) and
button events, which are grouped by sync.
Keyboard events are using the existing KeyValue type.
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Handle the new CCW_CMD_SET_IND_ADAPTER command enabling adapter interrupts
on guest request. When active, host->guest notifications will be handled
via global_indicator -> queue indicators instead of queue indicators +
subchannel I/O interrupt. Indicators for virtqueues may be present at an
offset.
Acked-by: Christian Borntraeger <borntraeger@de.ibm.com>
Signed-off-by: Cornelia Huck <cornelia.huck@de.ibm.com>
This makes use of @cpu_dt_id and related API in:
1. emulated XICS hypercall handlers as they receive fixed CPU indexes;
2. XICS-KVM to enable in-kernel XICS on right CPU;
3. device-tree renderer.
This removes @cpu_index fixup as @cpu_dt_id is used instead so QEMU monitor
can accept command-line CPU indexes again.
This changes kvm_arch_vcpu_id() to use ppc_get_vcpu_dt_id() as at the moment
KVM CPU id and device tree ID are calculated using the same algorithm.
Signed-off-by: Alexey Kardashevskiy <aik@ozlabs.ru>
Acked-by: Mike Day <ncmike@ncultra.org>
Signed-off-by: Alexander Graf <agraf@suse.de>
Normally CPUState::cpu_index is used to pick the right CPU for various
operations. However default consecutive numbering does not always work
for POWERPC.
These indexes are reflected in /proc/device-tree/cpus/PowerPC,POWER7@XX
and used to call KVM VCPU's ioctls. In order to achieve this,
kvmppc_fixup_cpu() was introduced. Roughly speaking, it multiplies
cpu_index by the number of threads per core.
This approach has disadvantages such as:
1. NUMA configuration stays broken after the fixup;
2. CPU-targeted commands from the QEMU Monitor do not work properly as
CPU indexes have been fixed and there is no clear way for the user to
know what the new CPU indexes are.
This introduces a @cpu_dt_id field in the CPUPPCState struct which
is initialized from @cpu_index by default and can be fixed later
to meet the device tree requirements.
This adds an API to handle @cpu_dt_id.
This removes kvmppc_fixup_cpu() as it is not more needed, @cpu_dt_id
is calculated in ppc_cpu_realize().
This will be used later in machine code.
Signed-off-by: Alexey Kardashevskiy <aik@ozlabs.ru>
Acked-by: Mike Day <ncmike@ncultra.org>
Signed-off-by: Alexander Graf <agraf@suse.de>
This patch introduces the hypervisor call H_GET_TCE which is basically the
reverse of H_PUT_TCE, as defined in the Power Architecture Platform
Requirements (PAPR).
The hcall H_GET_TCE is required by the kdump kernel which is calling it to
retrieve the TCE set up by the panicing kernel.
Signed-off-by: Laurent Dufour <ldufour@linux.vnet.ibm.com>
Signed-off-by: Alexander Graf <agraf@suse.de>
This support updating htab managed by the hypervisor. Currently we don't have
any user for this feature. This actually bring the store_hpte interface
in-line with the load_hpte one. We may want to use this when we want to
emulate henter hcall in qemu for HV kvm.
Signed-off-by: Aneesh Kumar K.V <aneesh.kumar@linux.vnet.ibm.com>
[ folded fix for the "warn_unused_result" build break in
kvmppc_hash64_write_pte(), Greg Kurz <gkurz@linux.vnet.ibm.com> ]
Signed-off-by: Greg Kurz <gkurz@linux.vnet.ibm.com>
Signed-off-by: Alexander Graf <agraf@suse.de>
With kvm enabled, we store the hash page table information in the hypervisor.
Use ioctl to read the htab contents. Without this we get the below error when
trying to read the guest address
(gdb) x/10 do_fork
0xc000000000098660 <do_fork>: Cannot access memory at address 0xc000000000098660
(gdb)
Signed-off-by: Aneesh Kumar K.V <aneesh.kumar@linux.vnet.ibm.com>
[ fixes for 32 bit build (casts!), ldq_phys() API change,
Greg Kurz <gkurz@linux.vnet.ibm.com ]
Signed-off-by: Greg Kurz <gkurz@linux.vnet.ibm.com>
Signed-off-by: Alexander Graf <agraf@suse.de>
Correctly update the htab_mask using the return value of
KVM_PPC_ALLOCATE_HTAB ioctl. Also we don't update sdr1
on GET_SREGS for HV. We check for external htab and if
found true, we don't need to update sdr1
Signed-off-by: Aneesh Kumar K.V <aneesh.kumar@linux.vnet.ibm.com>
[ fixed pte group offset computation in ppc_hash64_htab_lookup() that
caused TCG to fail, Greg Kurz <gkurz@linux.vnet.ibm.com> ]
Signed-off-by: Greg Kurz <gkurz@linux.vnet.ibm.com>
Signed-off-by: Alexander Graf <agraf@suse.de>
Per Alex Graf's suggestion, the recently added case to gen_conditional_store
for stqcx should use an additional temporary when accessing the second
doubleword. This avoids the mutation of the EA argument to the function,
which is counter intuitive.
Signed-off-by: Tom Musta <tommusta@gmail.com>
Signed-off-by: Alexander Graf <agraf@suse.de>
This patch fixes 64 bit constants that were erroneously declared as "ul" instead of
"ull". The preferred form "ULL" is used.
Signed-off-by: Tom Musta <tommusta@gmail.com>
Signed-off-by: Alexander Graf <agraf@suse.de>
We currently size the msi window trap page according to the host's page
size so that we poke a working hole into a memory slot in case we overlap.
However, this is only ever necessary with KVM active. Without KVM, we should
rather try to be host platform agnostic and use a constant size: 4k.
This fixes a build breakage on win32 hosts.
Signed-off-by: Alexander Graf <agraf@suse.de>
64 bit constants need the "ULL" suffix, not just "UL", because
on 32 bit platforms 'long' is not large enough and this will
cause a compiler warning.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Stefan Weil <sw@weilnetz.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
When the guests adds buffers to receive queue, the network device
should flush its queue of pending packets. This is done with
qemu_flush_queued_packets.
This adds a call to qemu_flush_queued_packets() which wakes up the main
loop and let QEMU update the network device status which now is "can
receive". The patch basically does the same thing as e8b4c68 does.
Suggested-by: Max Filippov <jcmvbkbc@gmail.com>
Signed-off-by: Alexey Kardashevskiy <aik@ozlabs.ru>
Signed-off-by: Alexander Graf <agraf@suse.de>
This patch adds the Vector Permuate and Exclusive OR (vpermxor)
instruction introduced in Power ISA Version 2.07.
Signed-off-by: Tom Musta <tommusta@gmail.com>
Signed-off-by: Alexander Graf <agraf@suse.de>
This patch adds the Vector SHA Sigma instructions introduced in Power
ISA Version 2.07:
- Vector SHA-512 Sigma Doubleword (vshasigmad)
- Vector SHA-256 Sigma Word (vshasigmaw)
Signed-off-by: Tom Musta <tommusta@gmail.com>
Signed-off-by: Alexander Graf <agraf@suse.de>
This patch adds the Vector AES instructions introduced in Power ISA
Version 2.07:
- Vector AES Cipher (vcipher)
- Vector AES Cipher Last (vcipherlast)
- Vector AES Inverse Cipher (vncipher)
- Vector AES Inverse Cipher Last (vncipherlast)
- Vector AES SubBytes (vsbox)
Note that the implementation of vncipher deviates from the RTL in
ISA V2.07. However it does match the verbal description in the
third paragraph. The RTL will be fixed in ISA V2.07B. The
implementation here has been tested against actual P8 hardware.
Signed-off-by: Tom Musta <tommusta@gmail.com>
Signed-off-by: Alexander Graf <agraf@suse.de>
This patch add the Binary Coded Decimal instructions bcdadd. and
bcdsub.
Signed-off-by: Tom Musta <tommusta@gmail.com>
Signed-off-by: Alexander Graf <agraf@suse.de>
This patch adds the Vectory Polynomial Multiply Sum instructions
introduced in Power ISA Version 2.07:
- Vectory Polynomial Multiply Sum Byte (vpmsumb)
- Vectory Polynomial Multiply Sum Halfword (vpmsumh)
- Vectory Polynomial Multiply Sum Word (vpmsumw)
- Vectory Polynomial Multiply Sum Doubleword (vpmsumd)
Signed-off-by: Tom Musta <tommusta@gmail.com>
Signed-off-by: Alexander Graf <agraf@suse.de>
This patch adds the Vector Gather Bits by Bytes Doubleword (vgbbd)
instruction which is introduced in Power ISA Version 2.07.
Signed-off-by: Tom Musta <tommusta@gmail.com>
Signed-off-by: Alexander Graf <agraf@suse.de>
This patch adds the Vector Compare Doubleword instructions introduced
by Power ISA Version 2.07:
- Vector Compare Equal to Unsigned Doubleword (vcmpequd)
- Vector Compare Greater Than Signed Doubleword (vcmpgtsd)
- Vector Compare Greater Than Unsigned Doubleword (vcmpgtud)
These instructions are encoded with bit 31 set to 1 and so are duals with
vcmpeqfp, vcmpgtfp and vcmpbfp respectively.
The helper macro for integer compares is enhanced to account for 64-bit
operands.
Signed-off-by: Tom Musta <tommusta@gmail.com>
Signed-off-by: Alexander Graf <agraf@suse.de>
This patch adds the Vector Bit Permute Quadword (vbpermq) instruction
introduced in Power ISA Version 2.07.
Signed-off-by: Tom Musta <tommusta@gmail.com>
Signed-off-by: Alexander Graf <agraf@suse.de>
This patch adds the vector doublword rotate and shift instructions
introduced in Power ISA Version 2.07:
- Vector Rotate Left Doubleword instruction (vrld)
- Vector Shift Left Doubleword (vsld)
- Vector Shift Right Doubleword (vsrd)
- Vector Shift Right Algegbraic Doubleword (vsrad)
Signed-off-by: Tom Musta <tommusta@gmail.com>
Signed-off-by: Alexander Graf <agraf@suse.de>
Existing code in the VROTATE, VSL and VSR macros for the Altivec rotate and shift
helpers uses a formula to compute a bit mask used to extract the rotate/shift
amount from the VRB register. What is desired is:
mask = (1 << (3 + log2(sizeof(element)))) - 1
but what is implemented is:
mask = (1 << (3 + (sizeof(element)/2))) - 1
This produces correct answers when "element" is uint8_t, uint16_t or uint_32t. But
it breaks down when element is uint64_t.
This patch corrects the situation. Since the mask is known at compile time, the
macros are changed to simply accept the mask as an argument.
Subsequent patches in this series will add double-word variants of rotates and
shifts and thus take advantage of this fix.
Signed-off-by: Tom Musta <tommusta@gmail.com>
Signed-off-by: Alexander Graf <agraf@suse.de>
This patch adds the Vector Merge Even Word (vmrgew) and Vector
Merge Odd Word (vmrgow) instructions introduced in Power ISA
Version 2.07.
Signed-off-by: Tom Musta <tommusta@gmail.com>
Signed-off-by: Alexander Graf <agraf@suse.de>
This patch adds the Unpack Signed Word instructions introduced in
Power ISA Version 2.07:
- Vector Unpack High Signed Word (vupkusw)
- Vector Unpack Low Signed Word (vupklsw)
Signed-off-by: Tom Musta <tommusta@gmail.com>
Signed-off-by: Alexander Graf <agraf@suse.de>
This patch adds the Vector Pack Doubleword instructions introduced in
Power ISA Version 2.07:
- Vector Pack Signed Doubleword Signed Saturate (vpksdss)
- Vector Pack Signed Doubleword Unsigned Saturate (vpksdus)
- Vector Pack Unsigned Doubleword Unsigned Modulo (vpkudum)
- Vector Pack Unsigned Doubleword Unsigned Saturate (vpkudus)
Signed-off-by: Tom Musta <tommusta@gmail.com>
Signed-off-by: Alexander Graf <agraf@suse.de>
This patch adds the Vector Minimum and Maximum Doubleword instructions
that are introduced in Power ISA Version 2.07.
Signed-off-by: Tom Musta <tommusta@gmail.com>
Signed-off-by: Alexander Graf <agraf@suse.de>
This patch adds the Vector Population Count instructions introduced in Power
ISA Version 2.07: vpopcntb, vpopcnth, vpopcntw and vpopcntd.
Signed-off-by: Tom Musta <tommusta@gmail.com>
Signed-off-by: Alexander Graf <agraf@suse.de>
This patch adds the Vector Count Leading Zeroes instructions introduced
in Power ISA Version 2.07 - vclzb, vclzh, vclzw and vclzd.
Signed-off-by: Tom Musta <tommusta@gmail.com>
Signed-off-by: Alexander Graf <agraf@suse.de>
This patch adds the Vector Multiply Unsigned Word Modulo (vmuluwm)
instruction.
The existing VARITH_DO macro is re-used to (trivially) instantiate
the helper code.
Since bits 21-31 of any vmuluwm instruction is 137, the instruction
is coded as a dual to vmulouw (bits 21-31 = 136).
Signed-off-by: Tom Musta <tommusta@gmail.com>
Signed-off-by: Alexander Graf <agraf@suse.de>
This patch adds the Multilpy Even/Odd Word instructions that are introduced
in Power ISA Version 2.07:
- Vector Multiply Even Unsigned Word (vmuleuw)
- Vector Multiply Even Signed Word (vmulesw)
- Vector Multiply Odd Unsigned Word (vmulouw)
- Vector Multiply Odd Signed Word (vmulosw)
Signed-off-by: Tom Musta <tommusta@gmail.com>
Signed-off-by: Alexander Graf <agraf@suse.de>
This VMUL_DO macro provides support for the various vmule* and vmulo*
instructions. These instructions multiply vector elements, producing
products that are one size larger; e.g. vmuleub multiplies unsigned 8-bit
elements and produces a 16 bit unsigned element.
The existing macro works correctly for the existing instructions (8-bit,
and 16-bit source elements) but does not work correctly for 32-bit
source elements.
This patch adds an explicit cast to the multiplicands, forcing them to be
of the target element type. This is required for the forthcoming patches
that add the vmul[eo][us]w instructions.
Signed-off-by: Tom Musta <tommusta@gmail.com>
Signed-off-by: Alexander Graf <agraf@suse.de>
This patch adds two Altivec unsigned doublword modulo instructions that
are introduced in Power ISA Version V2.07:
- vaddudm : Vector Add Unsigned Doubleword Modulo
- vsubudm : Vector Subtrace Unsigned Doubleword Modulo
Signed-off-by: Tom Musta <tommusta@gmail.com>
Signed-off-by: Alexander Graf <agraf@suse.de>
This patch adds the Vector Logical Instructions that are introduced
in Power ISA Version 2.07: veqv, vnand and vorc.
Signed-off-by: Tom Musta <tommusta@gmail.com>
Signed-off-by: Alexander Graf <agraf@suse.de>
Some Alitvec instructions introduced in Power ISA Version 2.07 use bit 31
(aka the "Rc" bit) as an opcode but also use bit 21 as an actual Rc
bit. QEMU for PowerPC typically uses bits 0-5 and 21-30 for opcodes.
This patch introduces a generator macro that injects an auxiliary handler
which decodes both bits 21 and 31 and invokes one of four standard
handlers. Since the instructions are not, in general, from the same version
of the ISA, two sets of PPC_*/PPC2_* flags are supported.
This patch also introduces a macro to insert two entries into the opcode
table -- one for bit 21 equal to 0 and one for bit 21 equal to 1.
Signed-off-by: Tom Musta <tommusta@gmail.com>
Signed-off-by: Alexander Graf <agraf@suse.de>
This patch adds a macro to insert an entry into the opcode table for Altivec
Power ISA Version 2.07 instructions. The macro is similar to the GEN_VXFORM macro
except that it tags the entry with the PPC2_ALTIVEC_207 flag rather than
PPC_ALTIVEC.
Signed-off-by: Tom Musta <tommusta@gmail.com>
Signed-off-by: Alexander Graf <agraf@suse.de>
Some Alitvec instructions introduced in Power ISA Version 2.07 use bit 31
(aka the "Rc" bit) as an opcode bit. However, QEMU for PowerPC uses
bits 0-5 and 21-30 for opcodes and not bit 31.
This patch introduces macros that will handle this situation by injecting
an auxiliary handler which decodes bit 31 in invokes one of two standard
handlers. Since the instructions are not, in general, from the same version
of the ISA, two sets of PPC_*/PPC2_* instruction tags are supported.
Signed-off-by: Tom Musta <tommusta@gmail.com>
Signed-off-by: Alexander Graf <agraf@suse.de>
This patch adds generator macro for Altivec instructions that have 3
source AVR operands. The macro is similar to the 2 operand form.
Signed-off-by: Tom Musta <tommusta@gmail.com>
Signed-off-by: Alexander Graf <agraf@suse.de>
This patch updates the ppc_avr_t data structure to include elements for
signed 64-bit integers and (conditionally) unsigned 128 bit integers.
These elements will be in instructions models later on in this patch series.
Signed-off-by: Tom Musta <tommusta@gmail.com>
Signed-off-by: Alexander Graf <agraf@suse.de>
This patch adds a flag that will be used to tag the Altivec instructions
introduced in Power ISA Version 2.07.
The flag is added to Power8 model since P8 supports these instructions.
Signed-off-by: Tom Musta <tommusta@gmail.com>
Signed-off-by: Alexander Graf <agraf@suse.de>
This patch adds the Store Quadword Conditionl (stqcx.) instruction
which is introduced in Power ISA 2.07.
Signed-off-by: Tom Musta <tommusta@gmail.com>
[agraf: fix compile error when !TARGET_PPC64]
Signed-off-by: Alexander Graf <agraf@suse.de>
This patch adds the Load Quadword and Reserve (lqarx) instruction,
which is new in Power ISA 2.07.
Signed-off-by: Tom Musta <tommusta@gmail.com>
Signed-off-by: Alexander Graf <agraf@suse.de>
This patch adds support for the Store Quadword instruction in user mode. Prior
to Power ISA 2.07, stq was legal only in privileged mode. Support for Little
Endian mode is also new in ISA 2.07.
Signed-off-by: Tom Musta <tommusta@gmail.com>
Signed-off-by: Alexander Graf <agraf@suse.de>
This patch adds the Book I (user space) Load Quadword (lq) instruction.
This instruction was introduced into Book I in Power ISA V2.07. Previous
versions of the architecture supported this as a privileged instruction.
Previous versions of the architecture also did not support Little Endian
mode.
Note that this patch also adds the PPC_64BX flag to the Power8 model,
which enables the lq instruction.
Signed-off-by: Tom Musta <tommusta@gmail.com>
Signed-off-by: Alexander Graf <agraf@suse.de>
This patch adds a boolean function is_user_mode that can be re-used
in translation code that is sensitive to the MSR[PR] (user-mode)
state.
Signed-off-by: Tom Musta <tommusta@gmail.com>
Signed-off-by: Alexander Graf <agraf@suse.de>
This patch adds a flag to identify the load/store quadword instructions
that are introduced with Power ISA 2.07.
The flag is added to the Power8 model since P8 supports these
instructions.
Signed-off-by: Tom Musta <tommusta@gmail.com>
Signed-off-by: Alexander Graf <agraf@suse.de>
This patch adds the Branch Conditional to Address Register (bctar)
instruction.
Signed-off-by: Tom Musta <tommusta@gmail.com>
Signed-off-by: Alexander Graf <agraf@suse.de>
This patch adds support for the Target Address Register (TAR) to the Power8
model.
Because supported SPRs are typically identified in an init_proc_*()
function and because the Power8 model is currently just using the
init_proc_POWER7() function, a new init_proc_POWER8() function
is added and plugged into the P8 model.
Signed-off-by: Tom Musta <tommusta@gmail.com>
Signed-off-by: Alexander Graf <agraf@suse.de>
This patch adds a flag for the bctar instruction. This instruction
is being introduced via Power ISA 2.07.
Also, the flag is added to the Power8 machine model since the P8
processor supports this instruction.
Signed-off-by: Tom Musta <tommusta@gmail.com>
Signed-off-by: Alexander Graf <agraf@suse.de>
The existing implementation of xxpermdi is defective if the target
VSR is also a source VSR. This patch fixes the defect in this case
but also preserves the simpler, two TCG operation implementation
when the target is not once of the two sources.
Signed-off-by: Tom Musta <tommusta@gmail.com>
Signed-off-by: Alexander Graf <agraf@suse.de>
When we have 2 separate qdev devices that both create a qbus of the
same type without specifying a bus name or device name, we end up
with two buses of the same name, such as ide.0 on the Mac machines:
dev: macio-ide, id ""
bus: ide.0
type IDE
dev: macio-ide, id ""
bus: ide.0
type IDE
If we now spawn a device that connects to a ide.0 the last created
bus gets the device, with the first created bus inaccessible to the
command line.
After some discussion on IRC we concluded that the best quick fix way
forward for this is to make automated bus-class type based allocation
count a global counter. That's what this patch implements. With this
we instead get
dev: macio-ide, id ""
bus: ide.1
type IDE
dev: macio-ide, id ""
bus: ide.0
type IDE
on the example mentioned above.
This also means that if you did -device ...,bus=ide.0 you got a device
on the first bus (the last created one) before this patch and get that
device on the second one (the first created one) now. Breaks
migration unless you change bus=ide.0 to bus=ide.1 on the destination.
This is intended and makes the bus enumeration work as expected.
As per review request follows a list of otherwise affected boards and
the reasoning for the conclusion that they are ok:
target machine bus id times
------ ------- ------ -----
aarch64 n800 i2c-bus.0 2
aarch64 n810 i2c-bus.0 2
arm n800 i2c-bus.0 2
arm n810 i2c-bus.0 2
-> Devices are only created explicitly on one of the two buses, using
s->mpu->i2c[0], so no change to the guest.
aarch64 vexpress-a15 virtio-mmio-bus.0 4
aarch64 vexpress-a9 virtio-mmio-bus.0 4
aarch64 virt virtio-mmio-bus.0 32
arm vexpress-a15 virtio-mmio-bus.0 4
arm vexpress-a9 virtio-mmio-bus.0 4
arm virt virtio-mmio-bus.0 32
-> Makes -device bus= work for all virtio-mmio buses. Breaks
migration. Workaround for migration from old to new: specify
virtio-mmio-bus.4 or .32 respectively rather than .0 on the
destination.
aarch64 xilinx-zynq-a9 usb-bus.0 2
arm xilinx-zynq-a9 usb-bus.0 2
mips64el fulong2e usb-bus.0 2
-> Normal USB operation not affected. Migration driver needs command
line to use the other bus.
i386 isapc ide.0 2
x86_64 isapc ide.0 2
mips mips ide.0 2
mips64 mips ide.0 2
mips64el mips ide.0 2
mipsel mips ide.0 2
ppc g3beige ide.0 2
ppc mac99 ide.0 2
ppc prep ide.0 2
ppc64 g3beige ide.0 2
ppc64 mac99 ide.0 2
ppc64 prep ide.0 2
-> Makes -device bus= work for all IDE buses. Breaks migration.
Workaround for migration from old to new: specify ide.1 rather than
ide.0 on the destination.
Signed-off-by: Alexander Graf <agraf@suse.de>
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Andreas Faerber <afaerber@suse.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
We will use this in later patches to make sure we use the right load
functions when copying hpte entries.
Signed-off-by: Aneesh Kumar K.V <aneesh.kumar@linux.vnet.ibm.com>
Signed-off-by: Alexander Graf <agraf@suse.de>
This makes use of new error codes which load_elf() can return and
prints more informative error message.
Signed-off-by: Alexey Kardashevskiy <aik@ozlabs.ru>
Signed-off-by: Alexander Graf <agraf@suse.de>
The existing load_elf() just returns -1 if it fails to load ELF. However
it could be smarter than this and tell more about the failure such as
wrong endianness or incompatible platform.
This adds additional return codes for wrong architecture, wrong
endianness and if the image is not ELF at all.
This adds a load_elf_strerror() helper to convert return codes into
string messages.
This fixes handling of what load_elf() returns for s390x, other
callers just check the return value for <0 and this remains unchanged.
Signed-off-by: Alexey Kardashevskiy <aik@ozlabs.ru>
Signed-off-by: Alexander Graf <agraf@suse.de>
At the moment in the case of error, load_elf() returns -1 so load_kernel()
will not signal error at all.
Signed-off-by: Alexey Kardashevskiy <aik@ozlabs.ru>
Signed-off-by: Alexander Graf <agraf@suse.de>
Currently everybody uses ELF kernel images with "-kernel" option on
pseries machine but QEMU still tries to boot from an image even it
fails to recognize it is ELF. This produces undefined behaviour if
the user tries a kernel image compiled for another architecture.
This removes support of raw kernel images.
Signed-off-by: Alexey Kardashevskiy <aik@ozlabs.ru>
Signed-off-by: Alexander Graf <agraf@suse.de>
This implementation doesn't include ring priority, TCP/IP Off-Load, QoS.
Signed-off-by: Fabien Chouteau <chouteau@adacore.com>
Signed-off-by: Alexander Graf <agraf@suse.de>
PR KVM lacks support of many SPRs in set/get one register API but it does
really break PR KVM. So convert them to switchable traces for now.
Signed-off-by: Alexey Kardashevskiy <aik@ozlabs.ru>
Signed-off-by: Alexander Graf <agraf@suse.de>
Signed-off-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com>
[agraf: fix up stray quotes and newlines in strings]
Signed-off-by: Alexander Graf <agraf@suse.de>
When ppc_store_slb() is called from kvm_arch_get_registers(), it stores
a SLB in CPUPPCState::slb[slot]. However it drops the slot number from
ESID so when kvm_arch_put_registers() puts SLBs back to KVM, they do not
have correct "index" field anymore. This broke migration with LPCR_AIR
enabled as now the guest is handling interrupts in virtual mode and unable
to reconstruct correct SLBs anymore.
This adds "index" field for valid SLBs when putting them to KVM.
Signed-off-by: Alexey Kardashevskiy <aik@ozlabs.ru>
Reviewed-by: Aneesh Kumar K.V <aneesh.kumar@linux.vnet.ibm.com>
Cc: qemu-stable@nongnu.org
Signed-off-by: Alexander Graf <agraf@suse.de>
This patch adds the Load Floating Point as Integer Word and
Zero Indexed (lfiwzx) instruction which was introduced in
Power ISA 2.06.
Signed-off-by: Tom Musta <tommusta@gmail.com>
Reviewed-by: Richard Henderson <rth@twiddle.net>
Signed-off-by: Alexander Graf <agraf@suse.de>
The frsqrtes instruction was introduced prior to ISA 2.06 and is
support on both the Power7 and Power8 processors. However, this
instruction is handled as illegal in the current QEMU emulation
machines. This patch enables the existing implemention of frsqrtes
in the P7 and P8 machines.
Signed-off-by: Tom Musta <tommusta@gmail.com>
Reviewed-by: Richard Henderson <rth@twiddle.net>
Signed-off-by: Alexander Graf <agraf@suse.de>
This patch adds the Floating Point Test for Square Root instruction
which was introduced in Power ISA 2.06.
Signed-off-by: Tom Musta <tommusta@gmail.com>
Reviewed-by: Richard Henderson <rth@twiddle.net>
Signed-off-by: Alexander Graf <agraf@suse.de>
This patch adds the Floating Point Test for Divide instruction which
was introduced in Power ISA 2.06B.
Signed-off-by: Tom Musta <tommusta@gmail.com>
Reviewed-by: Richard Henderson <rth@twiddle.net>
Signed-off-by: Alexander Graf <agraf@suse.de>
This patch adds a flag for Floating Point Test instructions that were
introduced in Power ISA V2.06B.
Signed-off-by: Tom Musta <tommusta@gmail.com>
Reviewed-by: Richard Henderson <rth@twiddle.net>
Signed-off-by: Alexander Graf <agraf@suse.de>
The fri* series of instructions was introduced prior to ISA 2.06 and
is supported on Power7 and Power8 hardware. However, the instruction
is still considered illegal in the P7 and P8 QEMU emulation models.
This patch enables these instructions for the P7 and P8 machines.
Also, the existing helper is modified to correctly handle some of
the boundary cases (NaNs and the inexact flag).
Signed-off-by: Tom Musta <tommusta@gmail.com>
Reviewed-by: Richard Henderson <rth@twiddle.net>
Signed-off-by: Alexander Graf <agraf@suse.de>
This patch adds the fcfids, fcfidu and fcfidus instructions which
were introduced in Power ISA 2.06B. A common macro is provided to
eliminate repetitious code, and the existing fcfid instruction is
refactored to use this macro.
Signed-off-by: Tom Musta <tommusta@gmail.com>
Reviewed-by: Richard Henderson <rth@twiddle.net>
Signed-off-by: Alexander Graf <agraf@suse.de>
This patch adds the four floating point to integer conversion instructions
introduced by Power ISA V2.06:
- Floating Convert to Integer Word Unsigned (fctiwu)
- Floating Convert to Integer Word Unsigned with Round Toward
Zero (fctiwuz)
- Floating Convert to Integer Doubleword Unsigned (fctidu)
- Floating Convert to Integer Doubleword Unsigned with Round
Toward Zero (fctiduz)
A common macro is developed to eliminate repetitious code. Existing instructions
are also refactoried to use this macro (fctiw, fctiwz, fctid, fctidz).
Signed-off-by: Tom Musta <tommusta@gmail.com>
Reviewed-by: Richard Henderson <rth@twiddle.net>
Signed-off-by: Alexander Graf <agraf@suse.de>
This patch adds a flag for the floating point conversion instructions
introduced in Power ISA 2.06B.
Signed-off-by: Tom Musta <tommusta@gmail.com>
Reviewed-by: Richard Henderson <rth@twiddle.net>
Signed-off-by: Alexander Graf <agraf@suse.de>
This patch adds the byte and halfword variants of the Store Conditional
instructions. A common macro is introduced and the existing implementations
of stwcx. and stdcx. are refactored to use this macro.
Signed-off-by: Tom Musta <tommusta@gmail.com>
Reviewed-by: Richard Henderson <rth@twiddle.net>
Signed-off-by: Alexander Graf <agraf@suse.de>
This patch adds the byte and halfword variants of the Load and
Reserve instructions. Since there is much commonality among
all forms of Load and Reserve, a macro is provided and the existing
implementations of lwarx and ldarx are refactoried to use this
macro.
Signed-off-by: Tom Musta <tommusta@gmail.com>
Reviewed-by: Richard Henderson <rth@twiddle.net>
Signed-off-by: Alexander Graf <agraf@suse.de>
This patch adds a flag for the atomic instructions introduced
in Power ISA V2.06B.
Signed-off-by: Tom Musta <tommusta@gmail.com>
Reviewed-by: Richard Henderson <rth@twiddle.net>
Signed-off-by: Alexander Graf <agraf@suse.de>
This patch addes the signed Divide Word Extended instructions
which were introduced in Power ISA 2.06B.
Signed-off-by: Tom Musta <tommusta@gmail.com>
Reviewed-by: Richard Henderson <rth@twiddle.net>
Signed-off-by: Alexander Graf <agraf@suse.de>
This patch addes the Unsigned Divide Word Extended instructions
which were introduced in Power ISA 2.06B.
Signed-off-by: Tom Musta <tommusta@gmail.com>
Reviewed-by: Richard Henderson <rth@twiddle.net>
Signed-off-by: Alexander Graf <agraf@suse.de>
This patch adds the Divide Doubleword Extended instructions.
The implementation builds on the unsigned helper provided in
the previous patch.
Signed-off-by: Tom Musta <tommusta@gmail.com>
Reviewed-by: Richard Henderson <rth@twiddle.net>
Signed-off-by: Alexander Graf <agraf@suse.de>
This patch adds the Divide Doubleword Extended Unsigned
instructions. This instruction requires dividing a 128-bit
value by a 64 bit value. Since 128 bit integer division is
not supported in TCG, a helper is used. An architecture
independent 128-bit division routine is added to host-utils.
Signed-off-by: Tom Musta <tommusta@gmail.com>
Reviewed-by: Richard Henderson <rth@twiddle.net>
[agraf: use ||]
Signed-off-by: Alexander Graf <agraf@suse.de>
This patch adds a flag for the Divide Extended instructions that
were introduced in Power ISA V2.06B. The flag is added to the
Power7 and Power8 models.
Signed-off-by: Tom Musta <tommusta@gmail.com>
Reviewed-by: Richard Henderson <rth@twiddle.net>
Signed-off-by: Alexander Graf <agraf@suse.de>
This patch adds the Bit Permute Doubleword (bpermd) instruction,
which was introduced in Power ISA 2.06 as part of the base 64-bit
architecture.
Signed-off-by: Tom Musta <tommusta@gmail.com>
Reviewed-by: Richard Henderson <rth@twiddle.net>
Signed-off-by: Alexander Graf <agraf@suse.de>
This patch adds the non-signalling scalar conversion instructions:
- VSX Scalar Convert Single Precision to Double Precision
Non-Signalling (xscvspdpn)
- VSX Scalar Convert Double Precision to Single Precision
Non-Signalling (xscvdpspn)
Signed-off-by: Tom Musta <tommusta@gmail.com>
Reviewed-by: Richard Henderson <rth@twiddle.net>
Signed-off-by: Alexander Graf <agraf@suse.de>
This patch adds the VSX Scalar Round to Single Precision (xsrsp)
instruction.
Signed-off-by: Tom Musta <tommusta@gmail.com>
Reviewed-by: Richard Henderson <rth@twiddle.net>
Signed-off-by: Alexander Graf <agraf@suse.de>
This patch adds the Floating Merge Even Word (fmrgew) and Floating
Merge Odd Word (fmrgow) instructions.
Signed-off-by: Tom Musta <tommusta@gmail.com>
Reviewed-by: Richard Henderson <rth@twiddle.net>
Signed-off-by: Alexander Graf <agraf@suse.de>
This patch adds the Move To VSR instructions (mfvsrd, mfvsrwz)
and Move From VSR instructions (mtvsrd, mtvsrwa, mtvsrwz). These
instructions are unusual in that they are considered a floating
point instruction if the indexed VSR is in the first half of the
array (0-31) but they are considered vector instructions if the
indexed VSR is in the second half of the array (32-63).
Signed-off-by: Tom Musta <tommusta@gmail.com>
Reviewed-by: Richard Henderson <rth@twiddle.net>
Signed-off-by: Alexander Graf <agraf@suse.de>
This patchs adds the VSX Logical instructions that are new with
ISA V2.07:
- VSX Logical Equivalence (xxleqv)
- VSX Logical NAND (xxlnand)
- VSX Logical ORC (xxlorc)
Signed-off-by: Tom Musta <tommusta@gmail.com>
Reviewed-by: Richard Henderson <rth@twiddle.net>
Signed-off-by: Alexander Graf <agraf@suse.de>
This patch adds the VSX Scalar Convert Unsigned Integer Doubleword
to Floating Point Format and Round to Single Precision (xscvuxdsp)
and VSX Scalar Convert Signed Integer Douglbeword to Floating Point
Format and Round to Single Precision (xscvsxdsp) instructions.
The existing integer to floating point conversion macro (VSX_CVT_INT_TO_FP)
is modified to support the rounding of the intermediate floating point
result to single precision.
Signed-off-by: Tom Musta <tommusta@gmail.com>
Reviewed-by: Richard Henderson <rth@twiddle.net>
Signed-off-by: Alexander Graf <agraf@suse.de>
This patch adds the Single Precision VSX Scalar Fused Multiply-Add
instructions: xsmaddasp, xsmaddmsp, xssubasp, xssubmsp, xsnmaddasp,
xsnmaddmsp, xsnmsubasp, xsnmsubmsp.
The existing VSX_MADD() macro is modified to support rounding of the
intermediate double precision result to single precision.
Signed-off-by: Tom Musta <tommusta@gmail.com>
Reviewed-by: Richard Henderson <rth@twiddle.net>
Signed-off-by: Alexander Graf <agraf@suse.de>
This patch adds the VSX Scalar Reciprocal Square Root Estimate
Single Precision (xsrsqrtesp) instruction.
The existing VSX_RSQRTE() macro is modified to support rounding
of the intermediate double-precision result to single precision.
Signed-off-by: Tom Musta <tommusta@gmail.com>
Reviewed-by: Richard Henderson <rth@twiddle.net>
Signed-off-by: Alexander Graf <agraf@suse.de>
This patch adds the VSX Scalar Square Root Single Precision (xssqrtsp)
instruction.
The existing VSX_SQRT() macro is modified to support rounding of the
intermediate double-precision result to single-precision.
Signed-off-by: Tom Musta <tommusta@gmail.com>
Reviewed-by: Richard Henderson <rth@twiddle.net>
Signed-off-by: Alexander Graf <agraf@suse.de>
This patch adds the VSX Scalar Reciprocal Estimate Single Precision
(xsresp) instruction.
The existing VSX_RE macro is modified to support rounding of the
intermediate double precision result to single precision.
Signed-off-by: Tom Musta <tommusta@gmail.com>
Reviewed-by: Richard Henderson <rth@twiddle.net>
Signed-off-by: Alexander Graf <agraf@suse.de>
This patch adds the VSX Scalar Divide Single Precision (xsdivsp)
instruction.
The existing VSX_DIV macro is modified to support rounding of the
intermediate double precision result to single precision.
Signed-off-by: Tom Musta <tommusta@gmail.com>
Reviewed-by: Richard Henderson <rth@twiddle.net>
Signed-off-by: Alexander Graf <agraf@suse.de>
This patch adds the VSX Scalar Multiply Single-Precision (xsmulsp)
instruction.
The existing VSX_MUL macro is modified to support rounding of the
intermediate result to single precision.
Signed-off-by: Tom Musta <tommusta@gmail.com>
Reviewed-by: Richard Henderson <rth@twiddle.net>
Signed-off-by: Alexander Graf <agraf@suse.de>
This patch adds the VSX Scalar Add Single-Precision (xsaddsp) and
VSX Scalar Subtract Single-Precision (xssubsp) instructions.
The existing VSX_ADD_SUB macro is modified to support the rounding
of the (intermediate) result to single-precision.
Signed-off-by: Tom Musta <tommusta@gmail.com>
Reviewed-by: Richard Henderson <rth@twiddle.net>
Signed-off-by: Alexander Graf <agraf@suse.de>
This patch adds two store scalar instructions:
- Store VSX Scalar as Integer Word Indexed (stxsiwx)
- Store VSX Scalar Single-Precision Indexed (stxsspx)
Signed-off-by: Tom Musta <tommusta@gmail.com>
Reviewed-by: Richard Henderson <rth@twiddle.net>
Signed-off-by: Alexander Graf <agraf@suse.de>
This patch refactors the stxsdx instruction. Reusable code is
extracted into a macro which will be used in subsequent patches
in this series.
Signed-off-by: Tom Musta <tommusta@gmail.com>
Reviewed-by: Richard Henderson <rth@twiddle.net>
Signed-off-by: Alexander Graf <agraf@suse.de>
This patch adds the scalar load instructions introduced in ISA
V2.07:
- Load VSX Scalar as Integer Word Algebraic Indexd (lxsiwax)
- Load VSX Scalar as Integer Word and Zero Indexed (lxsiwzx)
- Load VSX Scalar Single-Precision Indexed (lxsspx)
Signed-off-by: Tom Musta <tommusta@gmail.com>
Reviewed-by: Richard Henderson <rth@twiddle.net>
Signed-off-by: Alexander Graf <agraf@suse.de>
This patch refactors the lxsdx generator. Resuable code is isolated
into a macro. The macro will be used in subsequent patches in this
series to implement other scalar load instructions.
Signed-off-by: Tom Musta <tommusta@gmail.com>
Reviewed-by: Richard Henderson <rth@twiddle.net>
Signed-off-by: Alexander Graf <agraf@suse.de>
This patch adds a flag to identify those VSX instructions that are
new to Power ISA V2.07. The flag is added to the Power 8 processor
initialization so that the P8 models understand how to decode and
emulate instructions in this category.
Signed-off-by: Tom Musta <tommusta@gmail.com>
Reviewed-by: Richard Henderson <rth@twiddle.net>
Signed-off-by: Alexander Graf <agraf@suse.de>
This patch adds the VSX instructions that convert between floating
point formats: xscvdpsp, xscvspdp, xvcvdpsp, xvcvspdp.
Signed-off-by: Tom Musta <tommusta@gmail.com>
Reviewed-by: Richard Henderson <rth@twiddle.net>
Signed-off-by: Alexander Graf <agraf@suse.de>
This patch adds the VSX floating point compare vector instructions:
- xvcmpeqdp[.], xvcmpgedp[.], xvcmpgtdp[.]
- xvcmpeqsp[.], xvcmpgesp[.], xvcmpgtsp[.]
Signed-off-by: Tom Musta <tommusta@gmail.com>
Reviewed-by: Richard Henderson <rth@twiddle.net>
Signed-off-by: Alexander Graf <agraf@suse.de>
This patch adds the VSX floating point maximum and minimum
instructions:
- xsmaxdp, xvmaxdp, xvmaxsp
- xsmindp, xvmindp, xvminsp
Because of the Power ISA definitions of maximum and minimum
on various boundary cases, the standard softfloat comparison
routines (e.g. float64_lt) do not work as well as one might
think. Therefore specific routines for comparing 64 and 32
bit floating point numbers are implemented in the PowerPC
helper code.
Signed-off-by: Tom Musta <tommusta@gmail.com>
Reviewed-by: Richard Henderson <rth@twiddle.net>
Signed-off-by: Alexander Graf <agraf@suse.de>
This patch adds the VSX scalar floating point compare ordered
and unordered instructions.
Signed-off-by: Tom Musta <tommusta@gmail.com>
Reviewed-by: Richard Henderson <rth@twiddle.net>
Signed-off-by: Alexander Graf <agraf@suse.de>
This patch adds the VSX floating point test for software square
root instructions defined by V2.06 of the PowerPC ISA: xstsqrtdp,
xvtsqrtdp, xvtsqrtsp.
Signed-off-by: Tom Musta <tommusta@gmail.com>
Reviewed-by: Richard Henderson <rth@twiddle.net>
Signed-off-by: Alexander Graf <agraf@suse.de>
This patch adds the VSX floating point test for software divide
instructions defined by V2.06 of the PowerPC ISA: xstdivdp, xvtdivdp,
and xvtdivsp.
Signed-off-by: Tom Musta <tommusta@gmail.com>
Reviewed-by: Richard Henderson <rth@twiddle.net>
Signed-off-by: Alexander Graf <agraf@suse.de>
This patch adds the VSX floating point reciprocal square root
estimate instructions defined by V2.06 of the PowerPC ISA: xsrsqrtedp,
xvrsqrtedp, xvrsqrtesp.
Signed-off-by: Tom Musta <tommusta@gmail.com>
Reviewed-by: Richard Henderson <rth@twiddle.net>
Signed-off-by: Alexander Graf <agraf@suse.de>
This patch adds the VSX floating point square root instructions
defined by V2.06 of the PowerPC ISA: xssqrtdp, xvsqrtdp, xvsqrtsp.
Signed-off-by: Tom Musta <tommusta@gmail.com>
Reviewed-by: Richard Henderson <rth@twiddle.net>
Signed-off-by: Alexander Graf <agraf@suse.de>
This patch adds the VSX floating point reciprocal estimate instructions
defined by V2.06 of the PowerPC ISA: xsredp, xvredp, xvresp.
Signed-off-by: Tom Musta <tommusta@gmail.com>
Reviewed-by: Richard Henderson <rth@twiddle.net>
Signed-off-by: Alexander Graf <agraf@suse.de>
This patch adds the VSX floating point divide instructions defined
by V2.06 of the PowerPC ISA: xsdivdp, xvdivdp, xvdivsp.
Signed-off-by: Tom Musta <tommusta@gmail.com>
Reviewed-by: Richard Henderson <rth@twiddle.net>
Signed-off-by: Alexander Graf <agraf@suse.de>
This patch adds the VSX floating point multiply instructions defined
by V2.06 of the PowerPC ISA: xsmuldp, xvmuldp, xvmulsp.
Signed-off-by: Tom Musta <tommusta@gmail.com>
Reviewed-by: Richard Henderson <rth@twiddle.net>
Signed-off-by: Alexander Graf <agraf@suse.de>
This patch adds the floating point addition and subtraction
instructions defined by V2.06 of the PowerPC ISA: xssubdp,
xvsubdp and xvsubsp.
Signed-off-by: Tom Musta <tommusta@gmail.com>
Reviewed-by: Richard Henderson <rth@twiddle.net>
Signed-off-by: Alexander Graf <agraf@suse.de>
This patch adds general support that will be used by the VSX helper
routines:
- a union describing the various VSR subfields.
- access routines to get and set VSRs
- VSX decoders
- a general routine to generate a handler that invokes a VSX
helper.
Signed-off-by: Tom Musta <tommusta@gmail.com>
Reviewed-by: Richard Henderson <rth@twiddle.net>
Signed-off-by: Alexander Graf <agraf@suse.de>
The fload_invalid_op_excp() function sets assorted invalid
operation status bits. However, it also implicitly modifies
the FPRF field of the PowerPC FPSCR. Many VSX instructions
set invalid operation bits but do not alter FPRF. Thus the
function is more generally useful if the setting of the FPRF
field is made conditional via a parameter.
All invocations of this routine in existing instructions are
modified to pass 1 and thus retain their current behavior.
Signed-off-by: Tom Musta <tommusta@gmail.com>
Reviewed-by: Richard Henderson <rth@twiddle.net>
Signed-off-by: Alexander Graf <agraf@suse.de>
The Figure 17 "SPR encodings" of the PowerISA 2.07 describes CTRL SPR as:
priviledged
# spr5-9 spr0-4 name mtspr mfspr len cat
136 00100 01000 CTRL - no 32 S
152 00100 11000 CTRL yes - 32 S
According to this chart, the hypervisor's CTRL (#152) does not support
reading, the user-space's CTRL (UCTRL, #136) does not support writing.
This replaces unsupported operations with the default SPR_NOACCESS hook.
Signed-off-by: Alexey Kardashevskiy <aik@ozlabs.ru>
Signed-off-by: Alexander Graf <agraf@suse.de>
Intercept REPORT_LUNS commands addressed either to SRP LUN 0 or the well-known
LUN for REPORT_LUNS commands. This is required to implement the SAM and SPC
specifications.
Since SRP implements only a single SCSI target port per connection, the SRP
target is required to report all available LUNs in response to a REPORT_LUNS
command addressed either to LUN 0 or the well-known LUN. Instead, QEMU was
forwarding such requests to the first QEMU SCSI target, with the result that
initiators that relied on this feature would only see LUNs on the first QEMU
SCSI target.
Behavior for REPORT_LUNS commands addressed to any other LUN is not specified
by the standard and so is left unchanged. This preserves behavior under Linux
and SLOF, which enumerate possible LUNs by hand and so address no commands
either to LUN 0 or the well-known REPORT_LUNS LUN.
Signed-off-by: Nathan Whitehorn <nwhitehorn@freebsd.org>
Acked-by: Paolo Bonzini <pbonzini@redhat.com>
[agraf: define constant as ULL for 32bit hosts]
Signed-off-by: Alexander Graf <agraf@suse.de>
Recent changes introduced cannot_instantiate_with_device_add_yet
and removed capability of adding yet another PCI host bridge via
command line for SPAPR platform (POWERPC64 server).
This brings the capability back and puts SPAPR PHB into "bridge"
category.
This is not much use for emulated PHB but it is absolutely required
for VFIO as we put an IOMMU group onto a separate PHB on SPAPR.
Signed-off-by: Alexey Kardashevskiy <aik@ozlabs.ru>
Signed-off-by: Alexander Graf <agraf@suse.de>
The LPCR special purpose register was introduced with the PowerPC 970MP family.
This patch initializes LPCR for the following families:
- 970 MP
- POWER5+
- POWER7
- POWER8
Signed-off-by: Greg Kurz <gkurz@linux.vnet.ibm.com>
Signed-off-by: Alexander Graf <agraf@suse.de>
Due to missing @one_reg_id assignment in _spr_register(),
the kvm_get_one_reg/kvm_set_one_reg API has never really been working.
This reenables the API by assigning the @one_reg_id field in the SPR
descriptor.
Signed-off-by: Alexey Kardashevskiy <aik@ozlabs.ru>
Reviewed-by: Greg Kurz <gkurz@linux.vnet.ibm.com>
Signed-off-by: Alexander Graf <agraf@suse.de>
commit f80872e21c (mmu-hash64: Implement
Virtual Page Class Key Protection) added a new page protection
mechanism based on page keys and the AMR register to control access.
The AMR register allows or prohibits reads and/or writes on a page
depending on the control bits associated to the key. A store or a load
is only permitted if the associate bit is 0 (Power ISA), and not 1 as
the code is currently doing. This patch modifies ppc_hash64_amr_prot()
to correct the protection check.
This issue was unvailed by commit ccfb53ed6360cac0d5f6f7915ca9ae7eed866412
(target-ppc: fix Authority Mask Register init value) which changed the
initialisation value of the AMR register to 0.
Signed-off-by: Cédric Le Goater <clg@fr.ibm.com>
Signed-off-by: Alexander Graf <agraf@suse.de>
The existing default value (-1) of the AMR register forbids data access
to all 32 classes. Since the guest linux does not change this register,
we end up with the guest hanging right after switching from the real to
protected mode.
This sets the default AMR value to zero what enables data access for all
classes.
The only reason for not hitting this bug before is that
kvm_arch_put_registers() did not put any SPR to KVM due to missing
assignment of @one_reg_id in _spr_register() (which is going to be fixed
by a separate patch).
Signed-off-by: Alexey Kardashevskiy <aik@ozlabs.ru>
Reviewed-by: Greg Kurz <gkurz@linux.vnet.ibm.com>
Signed-off-by: Alexander Graf <agraf@suse.de>
The DAR and DSISR can be very useful when debugging issues, so add
them to ppc_cpu_dump_state. We had another bug in this area: all
of the v2.06 MMU types were missing.
Signed-off-by: Anton Blanchard <anton@samba.org>
Signed-off-by: Alexander Graf <agraf@suse.de>
Targets like ppc64 support different types of KVM, one which use
hypervisor mode and the other which doesn't. Add a new machine
option kvm-type that helps in selecting the respective ones
We also add a new QEMUMachine callback get_vm_type that helps
in mapping the string representation of kvm type specified.
Signed-off-by: Aneesh Kumar K.V <aneesh.kumar@linux.vnet.ibm.com>
[agraf: spelling fixes, use error_report(), use qemumachine.h]
Signed-off-by: Alexander Graf <agraf@suse.de>
Older gcc versions (such as the one in SLES11) get confused when you declare
a typedef on the same struct twice.
To work around that limitation, let's extract the QEMUMachine typedef into a
separate header file that is guarded by preprocessor duplicate include checks.
This fixes the following type of compile errors for me:
In file included from vl.c:125:
include/hw/xen/xen.h:39: error: redefinition of typedef "QEMUMachine"
include/sysemu/kvm.h:155: error: previous declaration of "QEMUMachine" was here
Signed-off-by: Alexander Graf <agraf@suse.de>
SPR_750FX_HID2 and L2CR are not defined in 970* user manuals nor POWER5
bookIV nor PowerISA 2.04, the numbers assigned to them are not defined
either so remove them.
Signed-off-by: Alexey Kardashevskiy <aik@ozlabs.ru>
Signed-off-by: Alexander Graf <agraf@suse.de>
PowerISA 2.04+ puts MMUCFG and MMUCSR0 SPRs to "E" (embedded) category so
remove it from POWER7/8 class as it is "S" (server) category.
Signed-off-by: Alexey Kardashevskiy <aik@ozlabs.ru>
Signed-off-by: Alexander Graf <agraf@suse.de>
Assuming that "U" in SPR_UCTRL is for "user", there is inconsistency with
970 user manuals/P5-bookIV/PowerISA204 which define the number as:
priviledged
# spr5-9 spr0-4 name mtspr mfspr len cat
136 00100 01000 CTRL - no 32 S
152 00100 11000 CTRL yes - 32 S
This swaps the numbers. No effect from this change is expected though.
Signed-off-by: Alexey Kardashevskiy <aik@ozlabs.ru>
Signed-off-by: Alexander Graf <agraf@suse.de>
The 970GX definition was added in 2007 and it made sense then but this
version has never been released to the markets and it does not exist in
the real world so there is no point in emulating it.
This removes 970GX.
Signed-off-by: Alexey Kardashevskiy <aik@ozlabs.ru>
Signed-off-by: Alexander Graf <agraf@suse.de>
PowerISA defines LPCR SPR number as 318=0x13E but QEMU uses the value of
316.
This fixes the definition of LPCR SPR.
Signed-off-by: Alexey Kardashevskiy <aik@ozlabs.ru>
Signed-off-by: Alexander Graf <agraf@suse.de>
Since last use of PPC_DUMP_CPU by whoever he/she was, env->tlb became
a union and POWERPC CPU class got QOM'ed so defining PPC_DUMP_CPU
breaks compile.
This fixes compiler errors.
Signed-off-by: Alexey Kardashevskiy <aik@ozlabs.ru>
Signed-off-by: Alexander Graf <agraf@suse.de>
Commit adccfbcd60 (block: gluster - add
reopen support.) did not supply the qemu_gluster_init() Error **
argument, needed since commit a7451cb850
(gluster: correctly propagate errors).
Pass through qemu_gluster_reopen_prepare()'s errp, as done in
qemu_gluster_open().
Cc: Stefan Hajnoczi <stefanha@redhat.com>
Signed-off-by: Andreas Färber <afaerber@suse.de>
Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
trivial patches for 2014-03-04
# gpg: Signature made Tue 04 Mar 2014 06:13:56 GMT using RSA key ID 74F0C838
# gpg: Good signature from "Michael Tokarev <mjt@tls.msk.ru>"
# gpg: aka "Michael Tokarev <mjt@corpit.ru>"
# gpg: aka "Michael Tokarev <mjt@debian.org>"
# gpg: WARNING: This key is not certified with a trusted signature!
# gpg: There is no indication that the signature belongs to the owner.
# Primary key fingerprint: 6EE1 95D1 886E 8FFB 810D 4324 457C E0A0 8044 65C5
# Subkey fingerprint: E190 8639 3B10 B51B AC2C 8B73 5253 C5AD 74F0 C838
* remotes/mjt/tags/trivial-patches-2014-03-04:
vl: Remove unneeded include file
qga: Remove unneeded include file
qemu-img: Remove unneeded include files
exec: Remove unneeded include files
util/iov: Use qemu/sockets.h instead of conditional code
qjson.h: Remove spurious GCC_FMT_ATTR markup from qobject_from_json() declaration
tests/test-int128: Don't use __noclone__ attribute on clang
stubs: Optimize dependencies for gdbstub.c
tcg: Fix typo in comment (dependancies -> dependencies)
bswap: Modify prototypes of st[wl]_{le, be}_p (avoid type conversions)
bswap: Modify prototype of stb_p (avoid type conversions)
object: Report type in error when not user creatable.
include/qemu/host-utils.h: Trivial typo: ctz->cto
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
* remotes/qmp-unstable/queue/qmp: (32 commits)
qapi: Add missing null check to opts_start_struct()
qapi: Clean up superfluous null check in qapi_dealloc_type_str()
qapi: Clean up null checking in generated visitors
qapi: Drop unused code in qapi-commands.py
qapi: Drop nonsensical header guard in generated qapi-visit.c
qapi: Fix licensing of scripts
tests/qapi-schema: Cover flat union types
tests/qapi-schema: Cover union types with base
tests/qapi-schema: Cover complex types with base
tests/qapi-schema: Cover anonymous union types
tests/qapi-schema: Cover simple argument types
tests/qapi-schema: Cover optional command arguments
tests/qapi-schema: Actually check successful QMP command response
monitor: Remove left-over code in do_info_profile.
qerror: Improve QERR_DEVICE_NOT_ACTIVE message
qmp: Check for returned data from __json_read in get_events
dump: add 'query-dump-guest-memory-capability' command
Define the architecture for compressed dump format
dump: make kdump-compressed format available for 'dump-guest-memory'
dump: add API to write dump pages
...
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Block pull request
# gpg: Signature made Fri 28 Feb 2014 18:27:24 GMT using RSA key ID 81AB73C8
# gpg: Good signature from "Stefan Hajnoczi <stefanha@redhat.com>"
# gpg: aka "Stefan Hajnoczi <stefanha@gmail.com>"
# gpg: WARNING: This key is not certified with a trusted signature!
# gpg: There is no indication that the signature belongs to the owner.
# Primary key fingerprint: 8695 A8BF D3F9 7CDA AC35 775A 9CA4 ABB3 81AB 73C8
* remotes/stefanha/tags/block-pull-request:
block/vmdk: do not report file offset for compressed extents
discard rbd error output when not relevant in qemu-iotests
block: use /var/tmp instead of /tmp for -snapshot
qemu-io-test: Disable Quorum test when not compiled in.
qmp: Make Quorum error events more palatable.
qmp: Fix BlockdevOptionQuorum.
block: gluster - add reopen support.
block: gluster - code movements, state storage changes
qemu-iotests: add more tests to the "quick" group
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
* remotes/rth/i386-fix:
target-i386: Fix ucomis and comis memory access
target-i386: Fix SSE status flag corruption
target-i386: Fix CC_OP_CLR vs PF
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Several features, fixes and cleanups for kvm/s390:
- sclp event facility: cleanup structure. This allows to use
realize/unrealize as well as migration support via vmsd
- reboot: Two fixes that make reboot much more reliable
- ipl: make elf loading more robust
- flic interrupt controller: This allows to migrate floating
interrupts, as well as clear them on reset etc.
- enable async_pf feature of KVM on s390
- several sclp fixes and cleanups
- several sigp fixes and cleanups
* remotes/borntraeger/tags/kvm-s390-20140227: (22 commits)
s390x/ipl: Fix crash of ELF images with arbitrary entry points
s390x/kvm: Rework priv instruction handlers
s390x/kvm: Add missing SIGP CPU RESET order
s390x/kvm: Rework SIGP INITIAL CPU RESET handler
s390x/cpu: Use ioctl to reset state in the kernel
s390-ccw.img: new binary rom to match latest fixes
s390-ccw.img: Fix sporadic errors with ccw boot image - initialize css
s390-ccw.img: Fix sporadic reboot hangs: Initialize next_idx
s390x/event-facility: exploit realize/unrealize
s390x/event-facility: add support for live migration
s390x/event-facility: code restructure
s390x/event-facility: some renaming
s390x/sclp: Fixed setting of condition code register
s390x/sclp: Add missing checks to SCLP handler
s390x/sclp: Fixed the size of sccb and code parameter
s390x/eventfacility: mask out commands
s390x/virtio-hcall: Specification exception for illegal subcodes
s390x/virtio-hcall: Add range check for hypervisor call
s390x/kvm: Fixed bad SIGP SET-ARCHITECTURE handler
s390x/async_pf: Check for apf extension and enable pfault
...
Conflicts:
linux-headers/linux/kvm.h
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
* remotes/bonzini/scsi-next:
block/iscsi: fix segfault if writesame fails
scsi-disk: Add support for port WWN and index descriptors in VPD page 83h
block/iscsi: query for supported VPD pages
block/iscsi: fix deadlock on scsi check condition
scsi-bus: Fix transfer length for VERIFY with BYTCHK=11b
scsi: report thin provisioning errors with werror=report
scsi: Change scsi sense buf size to 252
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
* remotes/mcayland/qemu-sparc:
sun4m: Add Sun CG3 framebuffer initialisation function
sun4m: Add Sun CG3 framebuffer and corresponding OpenBIOS FCode ROM
sun4m: fix slavio timer RUN/STOP bit
sun4m: Set HostID in NVRAM
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Comment from Makefile.objs:
The system emulation needs this dependency (which was missing in Makefile),
otherwise builds without tools (or massive parallel builds) fail.
Signed-off-by: Stefan Weil <sw@weilnetz.de>
Reviewed-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
After commit ba1183da9a we are including
hw/Makefile.objs directly from Makefile.target. Make sure hw/Makefile.objs
rules doesn't depend on variable defined in Makefile.objs
Tested-by: Serge Hallyn <serge.hallyn@ubuntu.com>
Signed-off-by: Aneesh Kumar K.V <aneesh.kumar@linux.vnet.ibm.com>
Exception with break instruction has not been correctly propagated as
SIGTRAP. This resolves crash issues with examples that use break
instruction on MIPS.
Signed-off-by: Petar Jovanovic <petar.jovanovic@imgtec.com>
Signed-off-by: Riku Voipio <riku.voipio@linaro.org>
On success, sigtimedwait() returns a signal number that needs to be
translated from a host value to a target value.
This change also fixes issues with sigwait (that is implemented using
sigtimedwait()).
Signed-off-by: Petar Jovanovic <petar.jovanovic@imgtec.com>
Signed-off-by: Riku Voipio <riku.voipio@linaro.org>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Glibc when built for newer kernels assumes that the sendmmsg syscall is
available. Without it, dns resolution simply fails to work.
Wrap the syscall with existing infrastructure so that we don't have a host
dependency on sendmmsg.
To avoid locking the same area of guest memory twice (which will break if
DEBUG_REMAP is defined) we pull the lock/unlock part of do_sendrecvmsg()
out into its own function so the actual implementation can be shared.
Signed-off-by: Alexander Graf <agraf@suse.de>
[PMM: add recvmmsg support;
handle errors (which also implies support for non-blocking operations);
cap the vector length as the kernel implementation does;
don't lock guest memory twice;
support MSG_WAITFORONE flag]
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Riku Voipio <riku.voipio@linaro.org>
Reviewed-by: Richard Henderson <rth@twiddle.net>
The size of the UID/GID types depends on whether USE_UID16 is
defined. Define a new put_user_id() which writes a uid/gid
type to guest memory. This fixes getresuid and getresgid, which
were always storing 16 bits even if the uid type was 32 bits.
Reported-by: Michael Matz <matz@suse.de>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Riku Voipio <riku.voipio@linaro.org>
Reviewed-by: Andreas Färber <afaerber@suse.de>
Reviewed-by: Richard Henderson <rth@twiddle.net>
The AArch64 kernel defines its __kernel_uid_t type as 32 bits, unlike
32 bit ARM, so don't enable our 16-bit UID wrapper handling.
Signed-off-by: Andreas Schwab <schwab@suse.de>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Riku Voipio <riku.voipio@linaro.org>
Reviewed-by: Richard Henderson <rth@twiddle.net>
Implement support for signal handlers with the SA_RESTORER
flag set.
Signed-off-by: Michael Matz <matz@suse.de>
[PMM: minor tweaks to make patch apply to current master]
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Riku Voipio <riku.voipio@linaro.org>
Reviewed-by: Richard Henderson <rth@twiddle.net>
Fix the loop restoring the FP registers from the signal frame to match
the one used when setting up the signal frame, so that it handles
TARGET_WORDS_BIGENDIAN being set.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Riku Voipio <riku.voipio@linaro.org>
Reviewed-by: Richard Henderson <rth@twiddle.net>
When path is truncated by PATH_MAX limitation, it causes QEMU to access
incorrect file. So use original full path instead of PATH_MAX within
9pfs (need check/process ENOMEM for related memory allocation).
The related test:
- Environments (for qemu-devel):
- Host is under fedora17 desktop with ext4fs:
qemu-system-x86_64 -hda test.img -m 1024 \
-net nic,vlan=4,model=virtio,macaddr=00:16:35:AF:94:04 \
-net tap,vlan=4,ifname=tap4,script=no,downscript=no \
-device virtio-9p-pci,id=fs0,fsdev=fsdev0,mount_tag=hostshare \
-fsdev local,security_model=passthrough,id=fsdev0,\
path=/upstream/vm/data/share/1234567890abcdefghijklmnopqrstuvwxyz\
ABCDEFGHIJKLMNOPQRSTUVWXYZ1234567890acdefghijklmnopqrstuvwxyz\
ABCDEFGHIJKLMNOPQRSTUVWXYZ1234567890/111111111111111111111111111\
1111111111111111111111111111111111111111111111111111222222222222\
2222222222222222222222222222222222222222222222222222222222222222\
2222222222222222222222222222222222233333333333333333333333333333\
3333333333333333333333333333333333
- Guest is ubuntu12 server with 9pfs.
mount -t 9p -o trans=virtio,version=9p2000.L hostshare /share
- Limitations:
full path limitation is PATH_MAX (4096B include nul) under Linux.
file/dir node name maximized length is 256 (include nul) under ext4.
- Special test:
Under host, modify the file: "/upstream/vm/data/share/1234567890abcdefg\
hijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ1234567890acdefghijklmno\
pqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ1234567890/111111111111111111111\
111111111111111111111111111111111111111111111111111111111122222222222\
222222222222222222222222222222222222222222222222222222222222222222222\
222222222222222222222222222222233333333333333333333333333333333333333\
3333333333333333333333333/4444444444444444444444444444444444444444444\
444444444444444444444444444444444444444444444444444444444444444444444\
444444444444444444444444444444444444444444444444444444444444444444444\
444444444444444444444444444444444444444/55555555555555555555555555555\
555555555555555555555555555555555555555555555555555555555555555555555\
555555555555555555555555555555555555555555555555555555555555555555555\
555555555555555555555555555555555555555555555555555555555555555555555\
55555555/666666666666666666666666666666666666666666666666666666666666\
666666666666666666666666666666666666666666666666666666666666666666666\
666666666666666666666666666666666666666666666666666666666666666666666\
666666666666666666666/77777777777777777777777777777777777777777777777\
777777777777777777777777777777777777777777777777777777777777777777777\
777777777777777777777777777777777777777777777777777777777777777777777\
77777777777777777777777777777777777777777777777777777777777/888888888\
888888888888888888888888888888888888888888888888888888888888888888888\
888888888888888888888888888888888888888888888888888888888888888888888\
888888888888888888888888888888888888888888888888888888888888888888888\
888888888/99999999999999999999999999999999999999999999999999999999999\
999999999999999999999999999999999999999999999999999999999999999999999\
999999999999999999999999999999999999999999999999999999999999999999999\
99999999999999999999999999999999999999999/000000000000000000000000000\
000000000000000000000000000000000000000000000000000000000000000000000\
000000000000000000000000000000000000000000000000000000000000000000000\
000000000000000000000000000000000000000000000000/aaaaaaaaaaaaaaaaaaaa\
aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\
aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\
aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/bbbbbbbbbbbbbbbbbbbbbbb\
bbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbb\
bbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbb\
bbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbb/ccccccccc\
ccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccc\
ccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccc\
ccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccc\
cccccccccc/dddddddddddddddddddddddddddddddddddddddddddddddddddddddddd\
ddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddd\
ddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddd\
dddddddddddddddddddddd/eeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeee\
eeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeee\
eeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeee\
eeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeee/fffffffffffffff\
fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff\
fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff\
ffffffffffffffffffffffffffffffffffffffffffffffffffffffffff/gggggggggg\
ggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggg\
ggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggg\
ggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggg\
ggggggggggggggggggggggg/iiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiii\
iiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiii\
iiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiii\
iiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiii/jjjjjjjjjjjjj\
jjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjj\
jjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjj/ppppppppppppppppppppp\
ppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppp\
ppppppppppppppppppppppppppppppppppppppp/test1234567890file.log"
(need enter dir firstly, then modify file, or can not open it).
Under guest, still allow modify "test1234567890file.log" (will generate
"test123456" file with contents).
After apply this patch, can not open "test1234567890file.log" under guest
(permission denied).
- Common test:
All are still OK after apply this path.
"mkdir -p", "create/open file/dir", "modify file/dir", "rm file/dir".
change various mount point paths under host and/or guest.
Signed-off-by: Chen Gang <gang.chen.5i5j@gmail.com>
Signed-off-by: Aneesh Kumar K.V <aneesh.kumar@linux.vnet.ibm.com>
'ctx->fs_root' + 'path'/'fullname.data' may be larger than PATH_MAX, so
need use snprintf() instead of sprintf() just like another area have done
in 9pfs. This could possibly result in the truncation of pathname, which we
address in the follow up patch.
Signed-off-by: Chen Gang <gang.chen.5i5j@gmail.com>
Signed-off-by: Aneesh Kumar K.V <aneesh.kumar@linux.vnet.ibm.com>
When "goto err_out", 'v9fs_string' already was allocated, so still need
free 'v9fs_string' before return.
Signed-off-by: Chen Gang <gang.chen.5i5j@gmail.com>
Signed-off-by: Aneesh Kumar K.V <aneesh.kumar@linux.vnet.ibm.com>
Argument is null when visiting an unboxed struct. I can't see such a
visit in the current code. Fix it anyway.
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Signed-off-by: Luiz Capitulino <lcapitulino@redhat.com>
Argument can't be null. No other Visitor method type_str() checks for
null.
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Signed-off-by: Luiz Capitulino <lcapitulino@redhat.com>
Visitors get passed a pointer to the visited object. The generated
visitors try to cope with this pointer being null in some places, for
instance like this:
visit_start_optional(m, obj ? &(*obj)->has_name : NULL, "name", &err);
visit_start_optional() passes its second argument to Visitor method
start_optional. Three out of three methods dereference it
unconditionally.
I fail to see how this pointer could legitimately be null.
All this useless null checking is highly redundant, which Coverity
duly reports. About 200 times.
Remove the useless null checks.
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Signed-off-by: Luiz Capitulino <lcapitulino@redhat.com>
The scripts carry this copyright notice:
# This work is licensed under the terms of the GNU GPLv2.
# See the COPYING.LIB file in the top-level directory.
The sentences contradict each other, as COPYING.LIB contains the LGPL
2.1. Michael Roth says this was a simple pasto, and he meant to refer
COPYING. Let's fix that.
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Signed-off-by: Luiz Capitulino <lcapitulino@redhat.com>
The test demonstrates a generator bug: the generated struct
UserDefFlatUnion doesn't include members for the indirect base
UserDefZero.
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Signed-off-by: Luiz Capitulino <lcapitulino@redhat.com>
There is no dependency on windows.h, and the standard include files are
already included by qemu-common.h.
Signed-off-by: Stefan Weil <sw@weilnetz.de>
Reviewed-by: Paolo Bonzini <pbonzini@redhat.com>
Reviewed-by: Andreas Färber <afaerber@suse.de>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
The function qobject_from_json() doesn't actually allow its
argument to be a format string -- it passes a NULL va_list*
to qobject_from_jsonv(), and the parser code will then never
actually interpret %-escape sequences (it tests whether the
va_list pointer is NULL and will stop with a parse error).
The spurious attribute markup causes clang warnings in some
of the test cases where we programmatically construct JSON
to feed to qobject_from_json():
tests/test-qmp-input-visitor.c:76:35: warning: format string is not a
string literal (potentially insecure) [-Wformat-security]
data->obj = qobject_from_json(json_string);
^~~~~~~~~~~
Remove the incorrect attribute.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Suggested-by: Paolo Bonzini <pbonzini@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Reviewed-by: Andreas Färber <afaerber@suse.de>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
clang doesn't support the __noclone__ attribute and emits a warning about
it. Fortunately clang also implements a mechanism for asking if a particular
attribute is implemented; use it. We assume that if the compiler doesn't
support __has_attribute() then it must be GCC and must support __noclone__.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
It does not need qemu-common.h. Including exec/gdbstub.h fixes a warning
from static code analyzers and avoids mismatching declarations for
xml_builtin.
Signed-off-by: Stefan Weil <sw@weilnetz.de>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
The functions use uint16_t or uint32_t values, so show this in the function
prototypes. Non-optimizing compilers will avoid unnecessary type
conversions when generating calls of these inline functions.
stq_le_p, stq_be_p already use similar prototypes.
Signed-off-by: Stefan Weil <sw@weilnetz.de>
Reviewed-by: Laszlo Ersek <lersek@redhat.com>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
The function uses an uint8_t value, so show this in the function
prototype. Non-optimizing compilers will avoid unnecessary type
conversions from (u)int8_t to int and back to uint8_t when generating
calls of this inline function.
stw_p, stl_p and stq_p already use similar prototypes.
Signed-off-by: Stefan Weil <sw@weilnetz.de>
Reviewed-by: Laszlo Ersek <lersek@redhat.com>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
The error message as currently used is confusing as there are no "balloon" or
"spice" devices.
(qemu) balloon 1024
balloon: Device 'balloon' has not been activated
With this patch:
(qemu) balloon 1024
balloon: No balloon device has been activated
Signed-off-by: Hani Benhabiles <hani@linux.com>
Suggested-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Markus Armbruster <armbru@redhat.com>
Signed-off-by: Luiz Capitulino <lcapitulino@redhat.com>
When QEMU process aborts and socket is closed, qmp client will not
detect it. When this happens, some qemu-iotests scripts will enter an
endless loop waiting for qmp events.
It's better we raise an exception in qmp.py to catch this and make the
test script stop.
Signed-off-by: Fam Zheng <famz@redhat.com>
Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com>
Signed-off-by: Luiz Capitulino <lcapitulino@redhat.com>
Suppress rbd progress messages with --no-progress so they are not
confused with an error output when comparing test results ( progress is
displayed on stderr ).
Signed-off-by: Loic Dachary <loic@dachary.org>
Reviewed-by: Josh Durgin <josh.durgin@inktank.com>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
If TMPDIR is not specified, the default was to use /tmp for the working
copy of the block devices. Update this to /var/tmp instead, so systems
using tmp-on-tmpfs don't end up inadvertently using RAM for the block
device.
Signed-off-by: Amit Shah <amit.shah@redhat.com>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
Quorum is not compiled by default: make the quorum 081 test aware of this.
Signed-off-by: Benoit Canet <benoit@irqsave.net>
Reviewed-by: Fam Zheng <famz@redhat.com>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
Insert quorum QMP events documentation alphabetically.
Also change the "ret" errno value by an optional "error" being an strerror(-ret)
in the QUORUM_REPORT_BAD qmp event.
Signed-off-by: Benoit Canet <benoit@irqsave.net>
Reviewed-by: Eric Blake <eblake@redhat.com>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
Gluster does parse open flags in its .bdrv_open() implementation,
and the .bdrv_reopen_* implementations need to do the same.
A new gluster connection to the image file to be created is established
in the .bdrv_reopen_prepare(), and the image file opened with the new
flags.
If this is successful, then the old image file is closed, and the
old connection torn down. The relevant structure pointers in the gluster
state structure are updated to the new connection.
If it is not successful, then the new file handle and connection is
abandoned (if it exists), while the old connection is not modified at
all.
With reopen supported, block-commit (and offline commit) is now also
supported for image files whose base image uses the native gluster
protocol driver.
Signed-off-by: Jeff Cody <jcody@redhat.com>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
In preparation for supporting reopen on gluster, move flag
parsing out to a function. Also, add a NULL check in the
gconf cleanup.
Signed-off-by: Jeff Cody <jcody@redhat.com>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
None of these needs QEMU_PROG, and they all take but a few seconds.
We need to point the launching script to qemu-nbd, though.
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
'query-dump-guest-memory-capability' is used to query the available formats for
'dump-guest-memory'. The output of the command will be like:
-> { "execute": "query-dump-guest-memory-capability" }
<- { "return": { "formats":
["elf", "kdump-zlib", "kdump-lzo", "kdump-snappy"] }
Signed-off-by: Qiao Nuohan <qiaonuohan@cn.fujitsu.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Signed-off-by: Luiz Capitulino <lcapitulino@redhat.com>
Make monitor command 'dump-guest-memory' be able to dump in kdump-compressed
format. The command's usage:
dump [-p] protocol [begin] [length] [format]
'format' is used to specified the format of vmcore and can be:
1. 'elf': ELF format, without compression
2. 'kdump-zlib': kdump-compressed format, with zlib-compressed
3. 'kdump-lzo': kdump-compressed format, with lzo-compressed
4. 'kdump-snappy': kdump-compressed format, with snappy-compressed
Without 'format' being set, it is same as 'elf'. And if non-elf format is
specified, paging and filter is not allowed.
Note:
1. The kdump-compressed format is readable only with the crash utility and
makedumpfile, and it can be smaller than the ELF format because of the
compression support.
2. The kdump-compressed format is the 6th edition.
Signed-off-by: Qiao Nuohan <qiaonuohan@cn.fujitsu.com>
Reviewed-by: Laszlo Ersek <lersek@redhat.com>
Signed-off-by: Luiz Capitulino <lcapitulino@redhat.com>
functions are used to write page to vmcore. vmcore is written page by page.
page desc is used to store the information of a page, including a page's size,
offset, compression format, etc.
Signed-off-by: Qiao Nuohan <qiaonuohan@cn.fujitsu.com>
Reviewed-by: Laszlo Ersek <lersek@redhat.com>
Signed-off-by: Luiz Capitulino <lcapitulino@redhat.com>
DataCache is used to store data temporarily, then the data will be written to
vmcore. These functions will be called later when writing data of page to
vmcore.
Signed-off-by: Qiao Nuohan <qiaonuohan@cn.fujitsu.com>
Reviewed-by: Laszlo Ersek <lersek@redhat.com>
Signed-off-by: Luiz Capitulino <lcapitulino@redhat.com>
functions are used to write 1st and 2nd dump_bitmap of kdump-compressed format,
which is used to indicate whether the corresponded page is existed in vmcore.
1st and 2nd dump_bitmap are same, because dump level is specified to 1 here.
Signed-off-by: Qiao Nuohan <qiaonuohan@cn.fujitsu.com>
Reviewed-by: Laszlo Ersek <lersek@redhat.com>
Signed-off-by: Luiz Capitulino <lcapitulino@redhat.com>
the functions are used to write header of kdump-compressed format to vmcore.
Header of kdump-compressed format includes:
1. common header: DiskDumpHeader32 / DiskDumpHeader64
2. sub header: KdumpSubHeader32 / KdumpSubHeader64
3. extra information: only elf notes here
Signed-off-by: Qiao Nuohan <qiaonuohan@cn.fujitsu.com>
Reviewed-by: Laszlo Ersek <lersek@redhat.com>
Signed-off-by: Luiz Capitulino <lcapitulino@redhat.com>
add some members to DumpState that will be used in writing vmcore in
kdump-compressed format. some of them, like page_size, will be initialized
in the patch.
Signed-off-by: Qiao Nuohan <qiaonuohan@cn.fujitsu.com>
Reviewed-by: Laszlo Ersek <lersek@redhat.com>
Signed-off-by: Luiz Capitulino <lcapitulino@redhat.com>
kdump-compressed format supports three compression format, zlib/lzo/snappy.
Currently, only zlib is available. This patch is used to support lzo/snappy.
'--enable-lzo/--enable-snappy' is needed to be specified with configure to make
lzo/snappy available for qemu
Signed-off-by: Qiao Nuohan <qiaonuohan@cn.fujitsu.com>
Reviewed-by: Laszlo Ersek <lersek@redhat.com>
Signed-off-by: Luiz Capitulino <lcapitulino@redhat.com>
the function can be used by write_elf32_notes/write_elf64_notes to write notes
to a buffer. If fd_write_vmcore is used, write_elf32_notes/write_elf64_notes
will write elf notes to vmcore directly. Instead, if buf_write_note is used,
elf notes will be written to opaque->note_buf at first.
Signed-off-by: Qiao Nuohan <qiaonuohan@cn.fujitsu.com>
Reviewed-by: Laszlo Ersek <lersek@redhat.com>
Signed-off-by: Luiz Capitulino <lcapitulino@redhat.com>
Function is used to write vmcore in flatten format. In flatten format, data is
written block by block, and in front of each block, a struct
MakedumpfileDataHeader is stored there to indicate the offset and size of the
data block.
struct MakedumpfileDataHeader {
int64_t offset;
int64_t buf_size;
};
Signed-off-by: Qiao Nuohan <qiaonuohan@cn.fujitsu.com>
Reviewed-by: Laszlo Ersek <lersek@redhat.com>
Signed-off-by: Luiz Capitulino <lcapitulino@redhat.com>
flatten format will be used when writing kdump-compressed format. The format is
also used by makedumpfile, you can refer to the following URL to get more
detailed information about flatten format of kdump-compressed format:
http://sourceforge.net/projects/makedumpfile/
The two functions here are used to write start flat header and end flat header
to vmcore, and they will be called later when flatten format is used.
struct MakedumpfileHeader stored at the head of vmcore is used to indicate the
vmcore is in flatten format.
struct MakedumpfileHeader {
char signature[16]; /* = "makedumpfile" */
int64_t type; /* = 1 */
int64_t version; /* = 1 */
};
And struct MakedumpfileDataHeader, with offset and buf_size set to -1, is used
to indicate the end of vmcore in flatten format.
struct MakedumpfileDataHeader {
int64_t offset; /* = -1 */
int64_t buf_size; /* = -1 */
};
Signed-off-by: Qiao Nuohan <qiaonuohan@cn.fujitsu.com>
Reviewed-by: Laszlo Ersek <lersek@redhat.com>
Signed-off-by: Luiz Capitulino <lcapitulino@redhat.com>
write_elf32_notes/wirte_elf64_notes use fd_write_vmcore to write elf notes to
vmcore. Adding parameter "WriteCoreDumpFunction f" makes it available to choose
the method of writing elf notes
Signed-off-by: Qiao Nuohan <qiaonuohan@cn.fujitsu.com>
Reviewed-by: Laszlo Ersek <lersek@redhat.com>
Signed-off-by: Luiz Capitulino <lcapitulino@redhat.com>
WriteCoreDumpFunction is a function pointer that points to the function used to
write content in "buf" into core file, so "buf" should be const-qualify.
Signed-off-by: Qiao Nuohan <qiaonuohan@cn.fujitsu.com>
Reviewed-by: Laszlo Ersek <lersek@redhat.com>
Signed-off-by: Luiz Capitulino <lcapitulino@redhat.com>
We were loading 16 bytes for both single and double-precision
scalar comparisons.
Reported-by: Alexander Bluhm <bluhm@openbsd.org>
Signed-off-by: Richard Henderson <rth@twiddle.net>
When we restore the mxcsr register with FXRSTOR, or set it with gdb,
we need to update the various SSE status flags in CPUX86State
Reported-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Reviewed-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Richard Henderson <rth@twiddle.net>
This commit updates the status for the HMP, QAPI and QMP trees from
"Supported" to "Maintained".
In practice this means that patch review and pull requests may take
longer. Also, I'll rely more on reviewers such as Eric Blake so that
I'm able to send pull requests regularly.
Reviewed-by: Eric Blake <eblake@redhat.com>
Signed-off-by: Luiz Capitulino <lcapitulino@redhat.com>
As another convenience to allow using commands that expect a dict as
argument, this patch adds support for foo.bar=value syntax, similar to
command line argument style:
(QEMU) blockdev-add options.driver=file options.id=drive1 options.filename=...
Signed-off-by: Fam Zheng <famz@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com>
Signed-off-by: Luiz Capitulino <lcapitulino@redhat.com>
-mem-prealloc asks to preallocate memory residing on -mem-path path.
Currently QEMU exits in case:
- Memory file has been created but allocation via explicit write
fails.
And it fallbacks to malloc in case:
- Querying huge page size fails.
- Lack of sync MMU support.
- Open fails.
- mmap fails.
Have the same behaviour for all cases: fail in case -mem-path and
-mem-prealloc are specified for regions where the requested size is
suitable for hugepages.
Signed-off-by: Marcelo Tosatti <mtosatti@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Rather than fall back to TCG (so the user has to discover
whats happening, in case of no access to qemu stdout/stderr).
Signed-off-by: Marcelo Tosatti <mtosatti@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Updates include:
- Coverify fixes for vfio & pci-assign (Markus)
- VFIO blacklisting support for known brokwn PCI option ROMs (Bandan)
# gpg: Signature made Wed 26 Feb 2014 18:15:28 GMT using RSA key ID 3BB08B22
# gpg: Can't check signature: public key not found
* remotes/awilliam/tags/vfio-pci-for-qemu-20140226.0:
vfio: blacklist loading of unstable roms
qdev-monitor: set DeviceState opts before calling realize
pci-assign: Fix potential read beyond buffer on -EBUSY
vfio: Fix overrun after readlink() fills buffer completely
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
In order to allow the user to choose the framebuffer for sparc-softmmu, add
-vga tcx and -vga cg3 options to the QEMU command line. If no option is
specified, the default TCX framebuffer is used.
Since proprietary FCode ROMs use a resolution of 1152x900, slightly relax the
validation rules to allow both displays to be initiated at the higher
resolution used by these ROMs upon request (OpenBIOS FCode ROMs default to
the normal QEMU sun4m default resolution of 1024x768).
Finally move any fprintf(stderr ...) statements in the areas affected by this
patch over to the new error_report() function.
Signed-off-by: Mark Cave-Ayland <mark.cave-ayland@ilande.co.uk>
CC: Blue Swirl <blauwirbel@gmail.com>
CC: Anthony Liguori <aliguori@amazon.com>
CC: Peter Maydell <peter.maydell@linaro.org>
CC: Bob Breuer <breuerr@mc.net>
CC: Artyom Tarasenko <atar4qemu@gmail.com>
The sun4m architecture has one 'system' timer and one timer per CPU.
The CPU timers can be configured in two modes:
* 22 bits Counter/Timer. Periodic interrupts.
* 54 bits User timer. For profiling. In this mode, the Run/Stop bit
controls the timer.
The run/stop bit controls the timer only when it is in "User" mode, but
its state shall be persistent.
Signed-off-by: Olivier Danet <odanet@caramail.com>
Signed-off-by: Mark Cave-Ayland <mark.cave-ayland@ilande.co.uk>
On SparcStations, the HostID field in the NVRAM is equal to the last
three bytes of the MAC address (which is also stored in the NVRAM).
This constant is used as an identification/serial number on Solaris.
Signed-off-by: Olivier Danet <odanet@caramail.com>
Signed-off-by: Mark Cave-Ayland <mark.cave-ayland@ilande.co.uk>
When loading S390 kernels, the current code expects an ELF file with the
start address 0x10000. Other ELF files cause a segmentation fault. To avoid
these crashes, we should get the start address from the ELF file instead
of always using a hard-coded address.
Signed-off-by: Thomas Huth <thuth@linux.vnet.ibm.com>
Acked-by: Cornelia Huck <cornelia.huck@de.ibm.com>
Signed-off-by: Christian Borntraeger <borntraeger@de.ibm.com>
The current implementation uses the second byte of the instruction
to identify the instruction handler. This is not sufficient to
support instructions not starting with 0xb2. This patch
adds separate handlers for 0xb2, 0xb9 and 0xeb to be able to
support the full instruction set.
Signed-off-by: Frank Blaschka <blaschka@linux.vnet.ibm.com>
Reviewed-by: Cornelia Huck <cornelia.huck@de.ibm.com>
Reviewed-by: Christian Borntraeger <borntraeger@de.ibm.com>
Signed-off-by: Christian Borntraeger <borntraeger@de.ibm.com>
The SIGP order CPU RESET was still missing in the list of our
supported handler. This patch now adds a simple implementation,
by using the cpu_reset() function that is already available in
target-s390x/cpu.c.
Signed-off-by: Thomas Huth <thuth@linux.vnet.ibm.com>
Reviewed-by: Christian Borntraeger <borntraeger@de.ibm.com>
Reviewed-by: Cornelia Huck <cornelia.huck@de.ibm.com>
Signed-off-by: Christian Borntraeger <borntraeger@de.ibm.com>
The s390_cpu_initial_reset() function had two deficiencies: First, it
used an ioctl for the destination CPU, and this ioctl could block
nearly forever, as long as the destination CPU was running in the SIE
loop. Second, it also cleared the general purpose registers - something
it should not do according to the Principles of Operations.
Since we've already got another function for the initial CPU reset in
cpu.c, we can also use that function instead. And by using run_on_cpu()
for executing this code, we make sure that the destination CPU is
correctly kicked out of kernel mode now.
Suggested-by: Christian Borntraeger <borntraeger@de.ibm.com>
Signed-off-by: Thomas Huth <thuth@linux.vnet.ibm.com>
Reviewed-by: Cornelia Huck <cornelia.huck@de.ibm.com>
Signed-off-by: Christian Borntraeger <borntraeger@de.ibm.com>
Some of the state in the kernel can not be reset from QEMU yet.
For this we've got to use the KVM_S390_INITIAL_RESET ioctl to make
sure that the state in the kernel is set to the right values during
initial CPU reset, too.
Signed-off-by: Thomas Huth <thuth@linux.vnet.ibm.com>
Acked-by: Cornelia Huck <cornelia.huck@de.ibm.com>
Signed-off-by: Christian Borntraeger <borntraeger@de.ibm.com>
We have to set the cssid to 0, otherwise the stsch code will
return an operand exception without the m bit. In the same way
we should set m=0.
This case was triggered in some cases during reboot, if for some
reason the location of blk_schid.cssid contains 1 and m was 0.
Turns out that the qemu elf loader does not zero out the bss section
on reboot.
The symptom was an dump of the old kernel with several areas
overwritten. The bootloader does not register a program check
handler, so bios exception jumped back into the old kernel.
Lets just use a local struct with a designed initializer. That
will guarantee that all other subelements are initialized to 0.
Signed-off-by: Christian Borntraeger <borntraeger@de.ibm.com>
Reviewed-by: Cornelia Huck <cornelia.huck@de.ibm.com>
The current code does not initialize next_idx in the virtio ring.
As the ccw bios will always use guest memory at a fixed location,
this queue might != 0 after a reboot.
Lets make the initialization explicit.
Signed-off-by: Christian Borntraeger <borntraeger@de.ibm.com>
Reviewed-by: Cornelia Huck <cornelia.huck@de.ibm.com>
Code restructure in order to simplify class hierarchy
- remove S390SCLPDevice abstract base class
and move function pointers into new SCLPEventFacilityClass
- implement SCLPEventFacility as SysBusDevice
- use define constants for instance creation strings
The following ascii-art shows the class structure wrt the SCLP EventFacility
before (CURRENT) and after the restructure (NEW):
----
CURRENT:
"s390-sclp-events-bus"
+-------------------------+
| SCLPEventsBus |
|-------------------------|
|BusState qbus |
+-------------------------+
+-------------------------+
| SCLPEventFacility | - to be replaced by new SCLPEventFacility,
|-------------------------| which will be a SysBusDevice
|SCLPEventsBus sbus |
|DeviceState *qdev |
|unsigned int receive_mask|
+-------------------------+
+-------------------------+
| S390SCLPDeviceClass | - to be replaced by new SCLPEventFacilityClass
|-------------------------|
|DeviceClass qdev |
|*(init)() |
+-------------------------+
"s390-sclp-event-facility"
|
instance-of
|
V
"s390-sclp-device" - this is an abstract class
+-------------------------+
| S390SCLPDevice (A)| - to be replaced by new SCLPEventFacility
|-------------------------|
|SysBusDevice busdev |
|SCLPEventFacility *ef |
| |
|*(sclp_command_handler)()| - these 2 go to new SCLPEventFacilityClass
|*(event_pending)() |
+-------------------------+
----
NEW:
"s390-sclp-events-bus"
+-------------------------+
| SCLPEventsBus |
|-------------------------|
|BusState qbus |
+-------------------------+
+-------------------------+
| SCLPEventFacilityClass |
|-------------------------|
|DeviceClass parent_class |
| |
|*(init)() |
|*(command_handler)() |
|*(event_pending)() |
+-------------------------+
"s390-sclp-event-facility"
+-------------------------+
| SCLPEventFacility |
|-------------------------|
|SysBusDevice parent_class|
|SCLPEventsBus sbus |
|unsigned int receive_mask|
+-------------------------+
Signed-off-by: Heinz Graalfs <graalfs@linux.vnet.ibm.com>
Reviewed-by: Cornelia Huck <cornelia.huck@de.ibm.com>
Signed-off-by: Christian Borntraeger <borntraeger@de.ibm.com>
If the 51 most significant bits of the SCCB address are zero or equal to
the prefix, we should throw an specification exception, too.
Also moved the check for privileged mode to sclp_service_call() to have
all program checks in one place now.
Signed-off-by: Thomas Huth <thuth@linux.vnet.ibm.com>
Reviewed-by: Cornelia Huck <cornelia.huck@de.ibm.com>
Signed-off-by: Christian Borntraeger <borntraeger@de.ibm.com>
The pointer to the SCCB should not be limited to 32 bits only.
In contrast to this, the command word parameter is only 32 bits
(the upper 32 bits should be ignored).
Signed-off-by: Thomas Huth <thuth@linux.vnet.ibm.com>
Reviewed-by: Cornelia Huck <cornelia.huck@de.ibm.com>
Signed-off-by: Christian Borntraeger <borntraeger@de.ibm.com>
As a followup to commit 5f04c14a10
(s390-sclp: Define New SCLP Codes) we should mask the sclp command
not only in base sclp, but also in the event facility.
Based on an initial patch from Ralf Hoppe.
Signed-off-by: Christian Borntraeger <borntraeger@de.ibm.com>
So far, the DIAG 500 hypervisor call was only setting -EINVAL in
R2 when a guest tried to call this function with an illegal subcode.
This patch now changes the behavior so that a specification exception
is thrown instead, since this is the common behavior of other DIAG
functions (and other CPU instructions) when being called with illegal
parameters.
Signed-off-by: Thomas Huth <thuth@linux.vnet.ibm.com>
Reviewed-by: Cornelia Huck <cornelia.huck@de.ibm.com>
Signed-off-by: Christian Borntraeger <borntraeger@de.ibm.com>
The SET-ARCHITECTURE handler in QEMU caused a program interruption.
This is wrong according to the "Principles of Operations" specification
(since SIGP should never cause a program interrupt) and was likely only
introduced for debugging purposes. Since we handle SET-ARCHITECTURE in
the kernel already and only dropped to user space in case of bad mode
parameters, we should just report INVALID PARAMETER in QEMU instead.
Signed-off-by: Thomas Huth <thuth@linux.vnet.ibm.com>
Reviewed-by: Cornelia Huck <cornelia.huck@de.ibm.com>
Signed-off-by: Christian Borntraeger <borntraeger@de.ibm.com>
S390 can also use async page faults, to enhance guest scheduling.
In case of live migration we want to disable the feature and let
all pending request finish.
Signed-off-by: Dominik Dingel <dingel@linux.vnet.ibm.com>
Signed-off-by: Jens Freimann <jfrei@linux.vnet.ibm.com>
Signed-off-by: Christian Borntraeger <borntraeger@de.ibm.com>
This patch implements a floating-interrupt controller device (flic)
which interacts with the s390 flic kvm_device.
Signed-off-by: Jens Freimann <jfrei@linux.vnet.ibm.com>
Reviewed-by: Cornelia Huck <cornelia.huck@de.ibm.com>
Signed-off-by: Christian Borntraeger <borntraeger@de.ibm.com>
This updates the kvm headers to
commit d3714010c307d26df251c45be9cd12ab6d41f0c4
KVM: x86: emulator_cmpxchg_emulated should mark_page_dirty
in kvm/next.
Signed-off-by: Christian Borntraeger <borntraeger@de.ibm.com>
target-arm queue:
* fixes for various Coverity-spotted bugs
* support new KVM device control API for VGIC
* support KVM VGIC save/restore/migration
* more AArch64 system mode foundations
* support ARMv8 CRC instructions for A32/T32
* PL330 minor fixes and cleanup
# gpg: Signature made Wed 26 Feb 2014 17:51:32 GMT using RSA key ID 14360CDE
# gpg: Good signature from "Peter Maydell <peter.maydell@linaro.org>"
* remotes/pmaydell/tags/pull-target-arm-20140226: (45 commits)
dma/pl330: implement dmaadnh instruction
dma/pl330: Fix buffer depth
dma/pl330: Add event debugging printfs
dma/pl330: Rename parent_obj
dma/pl330: printf format type sweep.
dma/pl330: Fix misleading type
dma/pl330: Delete overly verbose debug printf
target-arm: Add support for AArch32 ARMv8 CRC32 instructions
include/qemu/crc32c.h: Rename include guards to match filename
target-arm: Add utility function for checking AA32/64 state of an EL
target-arm: Implement AArch64 view of CPACR
target-arm: A64: Implement MSR (immediate) instructions
target-arm: Store AIF bits in env->pstate for AArch32
target-arm: A64: Implement WFI
target-arm: Get MMU index information correct for A64 code
target-arm: Implement AArch64 OSLAR_EL1 sysreg as WI
target-arm: Implement AArch64 dummy breakpoint and watchpoint registers
target-arm: Implement AArch64 ID and feature registers
target-arm: Implement AArch64 generic timers
target-arm: Implement AArch64 MPIDR
...
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
migration/next for 20140225
# gpg: Signature made Tue 25 Feb 2014 14:04:31 GMT using RSA key ID 5872D723
# gpg: Can't check signature: public key not found
* remotes/juanquintela/tags/migration/20140225:
rdma: rename 'x-rdma' => 'rdma'
Fix two XBZRLE corruption issues
Fix vmstate_info_int32_le comparison/assign
qemu_file: use fwrite() correctly
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Net patches
# gpg: Signature made Tue 25 Feb 2014 13:32:33 GMT using RSA key ID 81AB73C8
# gpg: Good signature from "Stefan Hajnoczi <stefanha@redhat.com>"
# gpg: aka "Stefan Hajnoczi <stefanha@gmail.com>"
# gpg: WARNING: This key is not certified with a trusted signature!
# gpg: There is no indication that the signature belongs to the owner.
# Primary key fingerprint: 8695 A8BF D3F9 7CDA AC35 775A 9CA4 ABB3 81AB 73C8
* remotes/stefanha/tags/net-pull-request:
virtio-net: use qemu_get_queue() where possible
vhost_net: use offload API instead of bypassing it
net: remove implicit peer from offload API
net: Disable netmap backend when not supported
net: add offloading support to netmap backend
net: make tap offloading callbacks static
net: virtio-net and vmxnet3 use offloading API
net: TAP uses NetClientInfo offloading callbacks
net: extend NetClientInfo for offloading
net: change vnet-hdr TAP prototypes
opencores_eth: flush queue whenever can_receive can go from false to true
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Certain cards such as the Broadcom BCM57810 have rom quirks
that exhibit unstable system behavior duing device assignment. In
the particular case of 57810, rom execution hangs and if a FLR
follows, the device becomes inoperable until a power cycle. This
change blacklists loading of rom for such cards unless the user
specifies a romfile or rombar=1 on the cmd line
Signed-off-by: Bandan Das <bsd@redhat.com>
Signed-off-by: Alex Williamson <alex.williamson@redhat.com>
Setting opts before the realize property is set allows the
following patch to make decisions based on whether the user
specified "rombar". This also avoids having to create a new
tristate property especially for this purpose
Reviewed-by: Andreas Färber <afaerber@suse.de>
Signed-off-by: Bandan Das <bsd@redhat.com>
Signed-off-by: Alex Williamson <alex.williamson@redhat.com>
readlink() doesn't write a terminating null byte.
assign_failed_examine() passes the unterminated string to strrchr().
Oops. Terminate it.
Spotted by Coverity.
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Alex Williamson <alex.williamson@redhat.com>
readlink() returns the number of bytes written to the buffer, and it
doesn't write a terminating null byte. vfio_init() writes it itself.
Overruns the buffer when readlink() filled it completely.
Fix by treating readlink() filling the buffer completely as error,
like we do in pci-assign.c's assign_failed_examine().
Spotted by Coverity.
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Signed-off-by: Alex Williamson <alex.williamson@redhat.com>
Add support for AArch32 CRC32 and CRC32C instructions added in ARMv8
and add a CPU feature flag to enable these instructions.
The CRC32-C implementation used is the built-in qemu implementation
and The CRC-32 implementation is from zlib. This requires adding zlib
to LIBS to ensure it is linked for the linux-user binary.
Signed-off-by: Will Newton <will.newton@linaro.org>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Message-id: 1393411566-24104-3-git-send-email-will.newton@linaro.org
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
There are various situations where we need to behave differently
depending on whether a given exception level is in AArch64 or
AArch32 state. The state of the current exception level is stored
in env->aarch64, but there's no equivalent guest-visible architected
state bits for the status of the exception levels "above" the
current one which may still affect execution. At the moment we
only support EL1 (ie no EL2 or EL3) and insist that AArch64
capable CPUs run with EL1 in AArch64 state, but these may change
in the future, so abstract out the "what state is this?" check
into a utility function which can be enhanced later if necessary.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Peter Crosthwaite <peter.crosthwaite@xilinx.com>
Implement the AArch64 view of the CPACR. The AArch64
CPACR is defined to have a lot of RES0 bits, but since
the architecture defines that RES0 bits may be implemented
as reads-as-written and we know that a v8 CPU will have
no registered coprocessors for cp0..cp13 we can safely
implement the whole register this way.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Peter Crosthwaite <peter.crosthwaite@xilinx.com>
Implement the MSR (immediate) instructions, which can update the
PSTATE SP and DAIF fields.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Peter Crosthwaite <peter.crosthwaite@xilinx.com>
To avoid complication in code that otherwise would not need to
care about whether EL1 is AArch32 or AArch64, we should store
the interrupt mask bits (CPSR.AIF in AArch32 and PSTATE.DAIF
in AArch64) in one place consistently regardless of EL1's mode.
Since AArch64 has an extra enable bit (D for debug exceptions)
which isn't visible in AArch32, this means we need to keep
the enables in env->pstate. (This is also consistent with the
general approach we're taking that we handle 32 bit CPUs as
being like AArch64/ARMv8 CPUs but which only run in 32 bit mode.)
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Peter Crosthwaite <peter.crosthwaite@xilinx.com>
Implement the WFI instruction for A64; this just involves wiring
up the instruction, and adding a gen_a64_set_pc_im() which was
accidentally omitted from the A64 decoder top loop.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Peter Crosthwaite <peter.crosthwaite@xilinx.com>
Emit the correct MMU index information for loads and stores from
A64 code, rather than hardwiring it to "always kernel mode",
by storing the exception level in the TB flags, and make
cpu_mmu_index() return the right answer when the CPU is in
AArch64 mode.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Peter Crosthwaite <peter.crosthwaite@xilinx.com>
Define a dummy version of the AArch64 OSLAR_EL1 system register
which just ignores writes. Linux will always write to this (it
is the OS lock used for debugging), but we don't support debug.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Peter Crosthwaite <peter.crosthwaite@xilinx.com>
In AArch64 the breakpoint and watchpoint registers are mandatory, so the
kernel always accesses them on bootup. Implement dummy versions, which
read as written but have no actual effect.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Peter Crosthwaite <peter.crosthwaite@xilinx.com>
Implement the AArch64-specific ID and feature registers. Although
many of these are currently not used by the architecture (and so
always zero for all implementations), we define the full set of
fields in the ARMCPU struct for symmetry.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Peter Crosthwaite <peter.crosthwaite@xilinx.com>
Implement the AArch64 TTBR* registers. For v7 these were already 64 bits
to handle LPAE, but implemented as two separate uint32_t fields.
Combine them into a single uint64_t which can be used for all purposes.
Since this requires touching every use, take the opportunity to rename
the field to the architectural name.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Peter Crosthwaite <peter.crosthwaite@xilinx.com>
Implement the AArch64 TCR_EL1, which is the 64 bit view of
the AArch32 TTBCR. (The uses of the bits in the register are
completely different, but in any given situation the CPU will
always interpret them one way or the other. In fact for QEMU EL1
is always 64 bit, but we share the state field because this
is the correct mapping to permit a future implementation of EL2.)
We also make the AArch64 view the 'master' as far as migration
and reset is concerned.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Peter Crosthwaite <peter.crosthwaite@xilinx.com>
Implement the AArch64 memory attribute registers. Since QEMU doesn't
model caches it does not need to care about memory attributes at all,
and we can simply make these read-as-written.
We did not previously implement the AArch32 versions of the MAIR
registers, which went unnoticed because of the overbroad TLB_LOCKDOWN
reginfo definition; provide them now to keep the 64<->32 register
relationship clear.
We already provided AMAIR registers for 32 bit as simple RAZ/WI;
extend that to provide a 64 bit RAZ/WI AMAIR_EL1.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Peter Crosthwaite <peter.crosthwaite@xilinx.com>
We don't support letting the guest do debug, but Linux prods the
monitor debug system control register anyway, so implement a dummy
RAZ/WI version.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Peter Crosthwaite <peter.crosthwaite@xilinx.com>
Implement the AArch64 TLB invalidate operations. This is
the full set of TLBI ops defined for a CPU which doesn't
implement EL2 or EL3.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Implement all the AArch64 cache invalidate and clean ops
(which are all NOPs since QEMU doesn't emulate the cache).
The only remaining unimplemented cache op is DC ZVA.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Peter Crosthwaite <peter.crosthwaite@xilinx.com>
Implement the AArch64 view of the MIDR system register
(for AArch64 it is a simple constant, unlike the complicated
mess that TI925 imposes on the 32-bit view).
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Peter Crosthwaite <peter.crosthwaite@xilinx.com>
Make the cache ID system registers (CLIDR, CSSELR, CCSIDR, CTR)
visible to AArch64. These are mostly simple 64-bit extensions of the
existing 32 bit system registers and so can share reginfo definitions.
CTR needs to have a split definition, but we can clean up the
temporary user-mode implementation in favour of using the CPU-specified
reset value, and implement the system-mode-required semantics of
restricting its EL0 accessibility if SCTLR.UCT is not set.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Peter Crosthwaite <peter.crosthwaite@xilinx.com>
The raw read and write functions were using the ARM_CP_64BIT flag in
ri->type to determine whether to treat the register's state field as
uint32_t or uint64_t; however AArch64 register info structs don't use
that flag. Abstract out the "how big is the field?" test into a
function and fix it to work for AArch64 registers. For this to work
we must ensure that the reginfo structs put into the hashtable have
the correct state field for their use, not the placeholder STATE_BOTH.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Save and restore the ARM KVM VGIC state from the kernel. We rely on
QEMU to marshal the GICState data structure and therefore simply
synchronize the kernel state with the QEMU emulated state in both
directions.
We take some care on the restore path to check the VGIC has been
configured with enough IRQs and CPU interfaces that we can properly
restore the state, and for separate set/clear registers we first fully
clear the registers and then set the required bits.
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Christoffer Dall <christoffer.dall@linaro.org>
Message-id: 1392687921-26921-1-git-send-email-christoffer.dall@linaro.org
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Support creating the ARM vgic device through the device control API and
setting the base address for the distributor and cpu interfaces in KVM
VMs using this API.
Because the older KVM_CREATE_IRQCHIP interface needs the irq chip to be
created prior to creating the VCPUs, we first test if we can use the
device control API in kvm_arch_irqchip_create (using the test flag from
the device control API). If we cannot, it means we have to fall back to
KVM_CREATE_IRQCHIP and use the older ioctl at this point in time. If
however, we can use the device control API, we don't do anything and
wait until the arm_gic_kvm driver initializes and let that use the
device control API.
Signed-off-by: Christoffer Dall <christoffer.dall@linaro.org>
Message-id: 1392687720-26806-5-git-send-email-christoffer.dall@linaro.org
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
In ARMv5 level 2 page table descriptors, each 4K or 64K page is split into
four subpages, each of which can have different access permission settings,
which are specified by four two-bit fields in the l2 descriptor. A
long-standing cut-and-paste error meant we were using the wrong bits in
the virtual address to select the access-permission field for 4K pages.
The error has presumably not been noticed before because most guests don't
make use of the ability to set the access permissions differently for
each 1K subpage: if the guest gives the whole page the same access
permissions it doesn't matter which of the 4 AP fields we select.
(The whole issue is irrelevant for ARMv7 CPUs anyway because subpages
aren't supported there.)
Reported-by: Vivek Rai <Vivek.Rai@emulex.com>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Message-id: 1392667690-8731-1-git-send-email-peter.maydell@linaro.org
The ethernet device in the musicpal only has two tx queues,
but we modelled it with four CTDP registers, presumably a
cut and paste from the rx queue registers. Since the tx_queue[]
array is only 2 entries long this allowed a guest to overrun
this buffer. Remove the nonexistent registers.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Message-id: 1392737293-10073-1-git-send-email-peter.maydell@linaro.org
Acked-by: Jan Kiszka <jan.kiszka@web.de>
Cc: qemu-stable@nongnu.org
Add a cast to avoid an unintended sign extension that
would mean we returned 0xffffffff in the high 32 bits
for an IA0 read if bit 31 in the MAC address was 1.
(This is harmless since we'll only be doing 4 byte
reads, but it could be confusing, so best avoided.)
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Paolo Bonzini <pbonzini@redhat.com>
Reviewed-by: Andreas Färber <afaerber@suse.de>
Message-id: 1392647854-8067-3-git-send-email-peter.maydell@linaro.org
readlink() returns the number of bytes written to the buffer, and it
doesn't write a terminating null byte. do_readlink() writes it
itself. Overruns the buffer when readlink() filled it completely.
Fix by reserving space for the null byte when calling readlink(), like
we do elsewhere.
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Signed-off-by: Aneesh Kumar K.V <aneesh.kumar@linux.vnet.ibm.com>
Inline the only usage of each of xilinx_axiethernet_init and
xilinx_axidma_init. Converts this init to at least a semi-recent QOM
styling.
Signed-off-by: Peter Crosthwaite <peter.crosthwaite@xilinx.com>
Signed-off-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com>
Define (missing) macros for the interrupt and memory maps for the sake
of self documentation.
Signed-off-by: Peter Crosthwaite <peter.crosthwaite@xilinx.com>
Signed-off-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com>
gmodule-2.0's pkg-config files include -Wl,--export-dynamic, which breaks
static builds. It is a glib bug, but we need to support --static builds for
the linux-user targets, and in the end all that is needed to fix this is:
* outlaw --enable-modules --static, which makes little sense anyway
* only include gmodule-2.0's cflags and ldflags if --enable-modules is
specified on the command line.
Reported-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Message-id: 1393346215-5636-1-git-send-email-pbonzini@redhat.com
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
qemu_get_queue() is a shorthand for qemu_get_subqueue(n->nic, 0). Use
the shorthand where possible.
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
There is no need to access backend->info->has_vnet_hdr() and friends
anymore. Use the qemu_has_vnet_hdr() API instead.
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
The virtio_net offload APIs are used on the NIC's peer (i.e. the tap
device). The API was defined to implicitly use nc->peer, saving the
caller the trouble.
This wasn't ideal because:
1. There are callers who have the peer but not the NIC. Currently they
are forced to bypass the API and access peer->info->... directly.
2. The rest of the net.h API uses nc, not nc->peer, so it is
inconsistent.
This patch pushes nc->peer back up to callers.
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
As far as we can tell, all known bugs have been fixed:
1. Parallel migrations are working
2. IPv6 migration is working
3. virt-test is working
I'm not comfortable sending the revised libvirt patch
until this is accepted or review suggestions are addressed,
(including pin-all support. It does not make sense to
remove experimental for one thing and not the other. That's
too many trips through the libvirt community).
Reviewed-by: Eric Blake <eblake@redhat.com>
Signed-off-by: Michael R. Hines <mrhines@us.ibm.com>
Signed-off-by: Juan Quintela <quintela@redhat.com>
Push zero'd pages into the XBZRLE cache
A page that was cached by XBZRLE, zero'd and then XBZRLE'd again
was being compared against a stale cache value
Don't use 'qemu_put_buffer_async' to put pages from the XBZRLE cache
Since the cache might change before the data hits the wire
Signed-off-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
Signed-off-by: Juan Quintela <quintela@redhat.com>
Fix comparison of vmstate_info_int32_le so that it succeeds if loaded
value is (l)ess than or (e)qual
When the comparison succeeds, assign the value loaded
This is a change in behaviour but I think the original intent, since
the idea is to check if the version/size of the thing you're loading is
less than some limit, but you might well want to do something based on
the actual version/size in the file
Fix up comment and name text
Signed-off-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
Signed-off-by: Juan Quintela <quintela@redhat.com>
fwrite() returns the number of items written. But when there is one
error, it can return a short write.
In the particular bug that I was tracking, I did a migration to a
read-only filesystem. And it was able to finish the migration
correctly. fwrite() never returned a negative error code, nor zero,
always 4096. (migration writes chunks of about 14000 bytes). And it
was able to "complete" the migration with success (yes, reading the
file was a bit more difficult).
To add insult to injury, if your amount of memory was big enough (12GB
on my case), it overwrote some important structure, and from them,
malloc failed. This check makes the problem go away.
Signed-off-by: Juan Quintela <quintela@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Reviewed-by: Markus Armbruster <armbru@redhat.com>
Signed-off-by: Juan Quintela <quintela@redhat.com>
* remotes/mdroth/qga-pull-2014-02-24:
qemu-ga: isa-serial support on Windows
qga: Fix memory allocation pasto
qga: Don't require 'time' argument in guest-set-time command
qga: vss-win32: Fix interference with snapshot deletion by other VSS request
qga: vss-win32: Fix interference with snapshot creation by other VSS requesters
qga: vss-win32: Use NULL as an invalid pointer for OpenEvent and CreateEvent
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Xtensa fixes and improvements queue 2014-02-24:
- add support for ML605 and KC705 FPGA boards;
- flush opencores_eth queue when new RX descriptor is available;
- add basic checks to cache opcodes;
- make core configuration available to tests;
- implement HW config ID special registers.
# gpg: Signature made Mon 24 Feb 2014 00:52:42 GMT using RSA key ID F83FA044
# gpg: Good signature from "Max Filippov <max.filippov@cogentembedded.com>"
# gpg: aka "Max Filippov <jcmvbkbc@gmail.com>"
* remotes/xtensa/tags/20140224-xtensa:
target-xtensa: provide HW confg ID registers
target-xtensa: refactor standard core configuration
target-xtensa: add basic tests for cache opcodes
target-xtensa: allow using core configuration in tests
target-xtensa: add overridable test_init macro
target-xtensa: add basic checks to icache opcodes
target-xtensa: add basic checks to dcache opcodes
target-xtensa: add RRRI4 opcode format fields
opencores_eth: flush queue whenever can_receive can go from false to true
hw/xtensa: add support for ML605 and KC705 FPGA board
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
This patch fixes configure so that the netmap backend is not compiled in if the
host doesn't support an API version >= 11. A version upper bound (15) has been
added so that the netmap API can be extended with some minor features without
requiring QEMU code modifications.
Moreover, some changes have been done to net/netmap.c in order to reflect the
current netmap API/ABI (11).
The NETMAP_WITH_LIBS macro makes possible to include some utilities (e.g.
netmap ring macros, D(), RD() and other high level functions) through the netmap
headers. In this way we get rid of the D and RD macro definitions in the QEMU
code, and we open the way for further code simplifications that will be
introduced by future patches.
Signed-off-by: Vincenzo Maffione <v.maffione@gmail.com>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
Whit this patch, the netmap backend supports TSO/UFO/CSUM
offloadings, and accepts the virtio-net header, similarly to what
happens with TAP. The offloading callbacks in the NetClientInfo
interface have been implemented.
Signed-off-by: Vincenzo Maffione <v.maffione@gmail.com>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
Since TAP offloadings are manipulated through a new API, it's
not necessary to export them in include/net/tap.h anymore.
Signed-off-by: Vincenzo Maffione <v.maffione@gmail.com>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
With this patch, virtio-net and vmxnet3 frontends make
use of the qemu_peer_* API for backend offloadings manipulations,
instead of calling TAP-specific functions directly.
We also remove the existing checks which prevent those frontends
from using offloadings with backends different from TAP (e.g. netmap).
Signed-off-by: Vincenzo Maffione <v.maffione@gmail.com>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
The TAP NetClientInfo structure is inizialized with the TAP-specific
functions that manipulates offloading features.
Signed-off-by: Vincenzo Maffione <v.maffione@gmail.com>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
Some new callbacks have been added to generalize the operations done
by virtio-net and vmxnet3 frontends to manipulate TAP offloadings.
Signed-off-by: Vincenzo Maffione <v.maffione@gmail.com>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
The tap_has_vnet_hdr() and tap_has_vnet_hdr_len() functions used
to return int, even though they only return true/false values.
This patch changes the prototypes to return bool.
Signed-off-by: Vincenzo Maffione <v.maffione@gmail.com>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
The following registers control whether MAC can receive frames:
- MODER.RXEN bit that enables/disables receiver;
- TX_BD_NUM register that specifies number of RX descriptors.
Notify QEMU networking core when the MAC is ready to receive frames.
Discard frame and raise BUSY interrupt when the frame arrives but the
current RX descriptor is not empty.
Signed-off-by: Max Filippov <jcmvbkbc@gmail.com>
Reviewed-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
Block patches
# gpg: Signature made Fri 21 Feb 2014 21:42:24 GMT using RSA key ID C88F2FD6
# gpg: Good signature from "Kevin Wolf <kwolf@redhat.com>"
* remotes/kevin/tags/for-upstream: (54 commits)
iotests: Mixed quorum child device specifications
quorum: Simplify quorum_open()
quorum: Add unit test.
quorum: Add quorum_open() and quorum_close().
quorum: Implement recursive .bdrv_recurse_is_first_non_filter in quorum.
quorum: Add quorum_co_flush().
quorum: Add quorum_invalidate_cache().
quorum: Add quorum_getlength().
quorum: Add quorum mechanism.
quorum: Add quorum_aio_readv.
blkverify: Extract qemu_iovec_clone() and qemu_iovec_compare() from blkverify.
quorum: Add quorum_aio_writev and its dependencies.
quorum: Create BDRVQuorumState and BlkDriver and do init.
quorum: Create quorum.c, add QuorumChildRequest and QuorumAIOCB.
check-qdict: Test termination of qdict_array_split()
check-qdict: Adjust test for qdict_array_split()
qdict: Extract non-QDicts in qdict_array_split()
qemu-config: Sections must consist of keys
qemu-iotests: Check qemu-img command line parsing
qemu-img: Allow -o help with incomplete argument list
...
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
* remotes/bonzini/configure:
build: softmmu targets do not have a "main.o" file
configure: Disable libtool if -fPIE does not work with it (bug #1257099)
block: convert block drivers linked with libs to modules
Makefile: introduce common-obj-m and block-obj-m for DSO
Makefile: install modules with "make install"
module: implement module loading
rules.mak: introduce DSO rules
darwin: do not use -mdynamic-no-pic
block: use per-object cflags and libs
rules.mak: allow per object cflags and libs
rules.mak: fix $(obj) to a real relative path
util: Split out exec_dir from os_find_datadir
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Check that the C++ compiler works with the C compiler; if it
does not, then don't pass CXX to the build process. This
fixes a regression where QEMU was no longer building if the
build environment didn't have a C++ compiler (introduced
in commit 3144f78b, which incorrectly assumed that rules.mak
would only see a non-empty $(CXX) if configure had actually
found a working C++ compiler).
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reported-by: Alexey Kardashevskiy <aik@ozlabs.ru>
Reported-by: Thomas Huth <thuth@linux.vnet.ibm.com>
Tested-by: Thomas Huth <thuth@linux.vnet.ibm.com>
Tested-by: Alexey Kardashevskiy <aik@ozlabs.ru>
Message-id: 1392909016-14028-1-git-send-email-peter.maydell@linaro.org
Coalesce all standard configuration sections into single
DEFAULT_SECTIONS macro for all cores. This allows to add new features in
a single place: overlay_tool.h
Signed-off-by: Max Filippov <jcmvbkbc@gmail.com>
Test that non-locking prefetch operations don't cause exceptions on
missing TLB and that other 'hit' cache operations do.
Signed-off-by: Max Filippov <jcmvbkbc@gmail.com>
Add path to the core configuration directory to test build command and
replace .include asm directive with #include to enable preprocessing.
Signed-off-by: Max Filippov <jcmvbkbc@gmail.com>
Some test suites, like MMU, need per-test initialization. Don't make them
redefine test macro, add test_init for that purpose.
Signed-off-by: Max Filippov <jcmvbkbc@gmail.com>
Check privilege level for privileged instructions (IHU, III, IIU and IPFL
are privileged), memory accessibility for instructions that reference memory
(IH* and IPFL) and windowed register validity for all instruction cache
instructions.
Signed-off-by: Max Filippov <jcmvbkbc@gmail.com>
Check privilege level for privileged instructions (DHI, DHU, DII, DIU, DIWB,
DIWBI, DPFL are privileged), memory accessibility for instructions that
reference memory (all DH* and DPFL) and windowed register validity for all
data cache instructions.
Signed-off-by: Max Filippov <jcmvbkbc@gmail.com>
The following registers control whether MAC can receive frames:
- MODER.RXEN bit that enables/disables receiver;
- TX_BD_NUM register that specifies number of RX descriptors.
Notify QEMU networking core when the MAC is ready to receive frames.
Discard frame and raise BUSY interrupt when the frame arrives but the
current RX descriptor is not empty.
Signed-off-by: Max Filippov <jcmvbkbc@gmail.com>
Reviewed-by: Paolo Bonzini <pbonzini@redhat.com>
Add support for isa-serial method for qemu-ga on Windows,
Added -p command line parameter for serial port name
specification, e.g. "-p COM15".
Signed-off-by: Miki Mishael <mmishael@redhat.com>
Signed-off-by: Dmitry Fleytman <dfleytma@redhat.com>
*added default isa-serial path to help output
Signed-off-by: Michael Roth <mdroth@linux.vnet.ibm.com>
qmp_guest_file_seek() allocates memory for a GuestFileRead object
instead of the GuestFileSeek object it actually uses. Harmless,
because the GuestFileRead is slightly larger.
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Signed-off-by: Michael Roth <mdroth@linux.vnet.ibm.com>
As the description to the guest-set-time states, the command is
there to ease time synchronization after resume. If guest was
suspended for longer period of time, its system time can go off
so badly, that even NTP refuses to set it. That's why the command
was invented: to give users chance to set the time (not
necessarily 100% correct). However, there's is no real need for
us to require users to pass an arbitrary time. Especially if we
can read the correct value from RTC (boiling down to reading
host's time). Hence this commit enables logic:
guest-set-time() == guest-set-time($now_from_rtc)
Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Signed-off-by: Michael Roth <mdroth@linux.vnet.ibm.com>
When a VSS requester such as vshadow.exe or diskshadow.exe requests to
delete snapshots, qemu-ga VSS provider's DeleteSnapshots() is also called
and returns E_NOTIMPL, that makes the deletion fail.
To avoid this issue, return S_OK and set values that represent no snapshots
are deleted by qemu-ga VSS provider.
Signed-off-by: Tomoki Sekiyama <tomoki.sekiyama@hds.com>
Reviewed-by: Gal Hammer <ghammer@redhat.com>
Reviewed-by: Yan Vugenfirer <yvugenfi@redhat.com>
Signed-off-by: Michael Roth <mdroth@linux.vnet.ibm.com>
When a VSS requester such as vshadow.exe or diskshadow.exe requests to
create disk snapshots, Windows may choose qemu-ga VSS provider if it is
only provider registered on the system. However, because it provides only a
function to freeze the filesystem, the snapshotting fails.
This patch adds a check into CQGAVssProvider::IsVolumeSupported() to reject
the request from other VSS requesters, so that the other provider is chosen.
The check of requester is done by confirming event channels between
qemu-ga's requester and provider established. To ensure that the events are
initialized when CQGAVssProvider::IsVolumeSupported() is called, it moves
the initialization earlier.
Signed-off-by: Tomoki Sekiyama <tomoki.sekiyama@hds.com>
Reviewed-by: Gal Hammer <ghammer@redhat.com>
Reviewed-by: Yan Vugenfirer <yvugenfi@redhat.com>
Signed-off-by: Michael Roth <mdroth@linux.vnet.ibm.com>
OpenEvent and CreateEvent WinAPI return NULL when failed to open/create
events handles, instead of INVALID_HANDLE_VALUE (although their return
types are HANDLE).
This replaces INVALID_HANDLE_VALUE related to event handles with NULL.
Signed-off-by: Tomoki Sekiyama <tomoki.sekiyama@hds.com>
Reviewed-by: Gal Hammer <ghammer@redhat.com>
Reviewed-by: Yan Vugenfirer <yvugenfi@redhat.com>
Signed-off-by: Michael Roth <mdroth@linux.vnet.ibm.com>
commit fa6252b0 introduced a segfault because it tries
to read iTask.task->sense after iTask.task has been
freed.
Signed-off-by: Peter Lieven <pl@kamp.de>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
To make a VM more convincing to my application, it's useful to be able
to add a port WWN and relative target port index to the descriptors
returned for VPD page 83h. Add device properties to allow setting
these, and return them from INQUIRY commands.
Signed-off-by: Roland Dreier <roland@purestorage.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
this patch ensures that we only query for block provisioning and
block limits vpd pages if they are advertised. It also cleans
up the inquiry code and eliminates some redundant code.
Signed-off-by: Peter Lieven <pl@kamp.de>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
the retry logic was broken because the complete status
of the task structure was not reset. this resulted in
an infinite loop retrying the command over and over.
CC: qemu-stable@nongnu.org
Signed-off-by: Peter Lieven <pl@kamp.de>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
The transfer length depends on field BYTCHK, which is encoded in byte
1, bits 1..2. However, the guard for for case BYTCHK=11b doesn't
work, and we get case 01b instead. Fix it.
Note that since emulated scsi-hd fails the command outright, it takes
SCSI passthrough of a device that actually implements VERIFY with
BYTCHK=11b to make the bug bite.
Screwed up in commit d12ad44. Spotted by Coverity.
Cc: qemu-stable@nongnu.org
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
SCSI defines a status code for when a thin-provisioned LUNs would
exceed the allocated space, map ENOSPC to it.
Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Current buffer size fails the assersion check in like
hw/scsi/scsi-bus.c:1655: assert(req->sense_len <= sizeof(req->sense));
when backend (block/iscsi.c) returns more data then 96.
Exercise the core dump path by booting an Gentoo ISO with scsi-generic
device backed with iscsi (built with libiscsi 1.7.0):
x86_64-softmmu/qemu-system-x86_64 \
-drive file=iscsi://localhost:3260/iqn.foobar/0,if=none,id=drive-disk \
-device virtio-scsi-pci,id=scsi1,bus=pci.0,addr=0x6 \
-device scsi-generic,drive=drive-disk,bus=scsi1.0,id=iscsi-disk \
-boot d \
-cdrom gentoo.iso
qemu-system-x86_64: hw/scsi/scsi-bus.c:1655: scsi_req_complete:
Assertion `req->sense_len <= sizeof(req->sense)' failed.
According to SPC-4, section 4.5.2.1, 252 is the limit of sense data. So
increase the value to fix it.
Also remove duplicated define for the macro.
Signed-off-by: Fam Zheng <famz@redhat.com>
Reviewed-by: Benoit Canet <benoit@irqsave.net>
Cc: qemu-stable@nongnu.org
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Add a test case to test 081 for mixing full option dicts and reference
strings of specifying the quorum child block devices through QMP.
Signed-off-by: Max Reitz <mreitz@redhat.com>
Reviewed-by: Benoit Canet <benoit@irqsave.net>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Although it may not look like it, this patch simplifies quorum_open().
qdict_array_split() is now able to return QLists with different objects
than only QDicts, therefore it will now do all the work and
quorum_open() does not have to handle reference strings by itself.
This allows mixing full option dicts and reference strings for
specifying the child block devices of quorum; furthermore, it improves
handling of malformed specifications.
Signed-off-by: Max Reitz <mreitz@redhat.com>
Reviewed-by: Benoit Canet <benoit@irqsave.net>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Example of command line:
-drive if=virtio,driver=quorum,\
children.0.file.filename=1.raw,\
children.0.node-name=1.raw,\
children.0.driver=raw,\
children.1.file.filename=2.raw,\
children.1.node-name=2.raw,\
children.1.driver=raw,\
children.2.file.filename=3.raw,\
children.2.node-name=3.raw,\
children.2.driver=raw,\
vote-threshold=2
blkverify=on with vote-threshold=2 and two files can be passed to
emulate blkverify.
Signed-off-by: Benoit Canet <benoit@irqsave.net>
Reviewed-by: Max Reitz <mreitz@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
We really want that live migration works with quorum so implement
quorum_invalidate_cache().
Signed-off-by: Benoit Canet <benoit@irqsave.net>
Reviewed-by: Max Reitz <mreitz@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Check that every bs file returns the same length.
Otherwise, return -EIO to disable the quorum and
avoid length discrepancy.
Signed-off-by: Benoit Canet <benoit@irqsave.net>
Reviewed-by: Max Reitz <mreitz@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
This patchset enables the core of the quorum mechanism.
The num_children reads are compared to get the majority version and if this
version exists more than threshold times the guest won't see the error at all.
If a block is corrupted or if an error occurs during an IO or if the quorum
cannot be established QMP events are used to report to the management.
Use gnutls's SHA-256 to compare versions.
--enable-quorum must be used to enable the feature.
Signed-off-by: Benoit Canet <benoit@irqsave.net>
Reviewed-by: Max Reitz <mreitz@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Add code to do num_children reads in parallel and cleanup the structures
afterwards.
Signed-off-by: Benoit Canet <benoit@irqsave.net>
Reviewed-by: Max Reitz <mreitz@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
qemu_iovec_compare() will be used to compare IOs vectors in quorum blkverify
mode. The patch extracts these functions in order to factorize the code.
Signed-off-by: Benoit Canet <benoit@irqsave.net>
Reviewed-by: Max Reitz <mreitz@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Create the structure holding the quorum settings and write the minimal block
driver instanciation boilerplate.
Signed-off-by: Benoit Canet <benoit@irqsave.net>
Reviewed-by: Max Reitz <mreitz@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Quorum is a block filter mirroring writes to num_children children.
For reads quorum reads each children and does a vote.
If more than vote_threshold versions are identical the quorum is reached and
this winning version is returned to the guest. So quorum prevents bit corruption.
For high availability purpose minority errors are reported via QMP but the guest
does not see them.
This patch creates the driver C source file and introduces the structures that
will be used in asynchronous reads and writes.
Signed-off-by: Benoit Canet <benoit@irqsave.net>
Reviewed-by: Max Reitz <mreitz@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
qdict_array_split() should terminate if it encounters both an entry with
a key of "%u" and entries with keys prefixed "%u." for the same index.
This patch adds a test for this case.
Signed-off-by: Max Reitz <mreitz@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Test the new functionality of qdict_array_split(), that is, splitting
off single objects.
Signed-off-by: Max Reitz <mreitz@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Currently, qdict_array_split() only splits off entries with a key prefix
of "%u.", packing them into a new QDict. This patch makes it support
entries with the plain key "%u" as well, directly putting them into the
new QList without creating a QDict.
If there is both an entry with a key of "%u" and other entries with keys
prefixed "%u." (for the same index), the function simply terminates.
To do this, this patch also adds a static function which tests whether a
given QDict contains any keys with the given prefix. This is used to test
whether entries with a key prefixed "%u." do exist in the source QDict
without modifying it.
Signed-off-by: Max Reitz <mreitz@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
In config_parse_qdict_section(), the QList returned by
qdict_array_split() is assumed to only contain QDicts. Currently, this
is true but it may (and will) change in the future. Therefore, check
whether the assumption actually holds.
Signed-off-by: Max Reitz <mreitz@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
This patch allows using 'qemu-img $subcmd -o help' for the create,
convert and amend subcommands, without specifying the previously
required filename arguments.
Note that it's still allowed and meaningful to specify a filename: An
invocation like 'qemu-img create -o help sheepdog:foo' will also display
options that are provided by the Sheepdog driver.
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Reviewed-by: Jeff Cody <jcody@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Instead of ignoring all option values but the last one, multiple -o
options now have the same meaning as having a single option with all
settings in the order of their respective -o options.
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Reviewed-by: Jeff Cody <jcody@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Instead of ignoring all option values but the last one, multiple -o
options now have the same meaning as having a single option with all
settings in the order of their respective -o options.
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Reviewed-by: Jeff Cody <jcody@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
If you specified multiple -o options for qemu-img create, it would
silently ignore all but the last one. This patch fixes the problem.
Now multiple -o options has the same meaning as having a single option
with all settings in the order of their respective -o options.
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Reviewed-by: Jeff Cody <jcody@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
has_help_option() checks if any help option ('help' or '?') occurs
anywhere in an option string, so that things like 'cluster_size=4k,help'
are recognised.
is_valid_option_list() ensures that the option list doesn't have options
with leading commas or trailing unescaped commas.
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Reviewed-by: Jeff Cody <jcody@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Instead of just putting it in debugging output, we can now put the
value in an Error.
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Reviewed-by: Fam Zheng <famz@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Returning "Wrong medium type" for an image that does not have a valid
header is a bit weird. Improve the error by mentioning what format
was trying to open it.
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Reviewed-by: Fam Zheng <famz@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Now that we can return the "right" errors, use the Error** parameter
to pass them back instead of just printing them.
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Reviewed-by: Fam Zheng <famz@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
This prepares for propagating errors from vmdk_open_sparse and
vmdk_open_desc_file up to the caller of vmdk_open.
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Reviewed-by: Fam Zheng <famz@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Currently, we just try reading a VMDK file as both image and descriptor.
This makes it hard to choose which of the two attempts gave the best error.
We'll decide in advance if the file looks like an image or a descriptor,
and this patch is the first step to that end.
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Reviewed-by: Fam Zheng <famz@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Before:
$ ./qemu-io-old
qemu-io-old> open -r -o driver=vvfat,fat-type=24,dir=i386-softmmu
Valid FAT types are only 12, 16 and 32
qemu-io-old: can't open device (null): Could not open image: Invalid argument
After:
$ ./qemu-io
qemu-io> open -r -o driver=vvfat,fat-type=24,dir=i386-softmmu
qemu-io: can't open device (null): Valid FAT types are only 12, 16 and 32
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Reviewed-by: Fam Zheng <famz@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Currently, "gluster:///volname/img" and (using file. options)
"file.driver=gluster,file.filename=foo" will segfault. Also,
"//host/volname/img" will be rejected, but it is a valid URL
that should be accepted just fine with "file.driver=gluster".
Accept all of these, by inferring missing transport and host
as TCP and localhost respectively.
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Reviewed-by: Fam Zheng <famz@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Before:
$ ./qemu-io-old
qemu-io-old> open -r -o file.driver=iscsi,file.filename=foo
Failed to parse URL : foo
qemu-io-old: can't open device (null): Could not open 'foo': Invalid argument
After:
$ ./qemu-io
qemu-io> open -r -o file.driver=iscsi,file.filename=foo
qemu-io: can't open device (null): Failed to parse URL : foo
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Reviewed-by: Fam Zheng <famz@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
qemu-nbd is one of the few valid users of qerror_report_err. Move
the error-reporting socket wrappers there.
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Reviewed-by: Fam Zheng <famz@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Before:
$ ./qemu-io-old
qemu-io-old> open -r -o file.driver=nbd
one of path and host must be specified.
qemu-io-old: can't open device (null): Could not open image: Invalid argument
$ ./qemu-io-old
qemu-io-old> open -r -o file.driver=nbd,file.host=foo,file.path=bar
path and host may not be used at the same time.
qemu-io-old: can't open device (null): Could not open image: Invalid argument
After:
$ ./qemu-io
qemu-io> open -r -o file.driver=nbd
qemu-io: can't open device (null): one of path and host must be specified.
$ ./qemu-io
qemu-io> open -r -o file.driver=nbd,file.host=foo,file.path=bar
qemu-io: can't open device (null): path and host may not be used at the same time.
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Reviewed-by: Fam Zheng <famz@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Before:
$ qemu-io-old
qemu-io-old> open -r -o file.driver=nbd
qemu-io-old: can't open device (null): Could not open image: Invalid argument
$ ./qemu-io-old
qemu-io-old> open -r -o file.driver=nbd,file.host=foo,file.path=bar
path and host may not be used at the same time.
qemu-io-old: can't open device (null): Could not open image: Invalid argument
After:
$ ./qemu-io
qemu-io> open -r -o file.driver=nbd
one of path and host must be specified.
qemu-io: can't open device (null): Could not open image: Invalid argument
$ ./qemu-io
qemu-io> open -r -o file.driver=nbd,file.host=foo,file.path=bar
path and host may not be used at the same time.
qemu-io: can't open device (null): Could not open image: Invalid argument
Next patch will fix the error propagation.
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Reviewed-by: Fam Zheng <famz@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
This option is now unnecessary since specifying BDRV_O_PROTOCOL as flag
will do exactly the same.
Signed-off-by: Max Reitz <mreitz@redhat.com>
Reviewed-by: Benoit Canet <benoit@irqsave.net>
Reviewed-by: Kevin Wolf <kwolf@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
The fail and success paths of bdrv_file_open() may be further shortened
by reusing code already existent in bdrv_open(). This includes
bdrv_file_open() not taking the reference to options which allows the
removal of QDECREF(options) in that function.
Signed-off-by: Max Reitz <mreitz@redhat.com>
Reviewed-by: Kevin Wolf <kwolf@redhat.com>
Reviewed-by: Benoit Canet <benoit@irqsave.net>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
The fail paths of bdrv_file_open() and bdrv_open() naturally exhibit
similarities, thus it is possible to reuse the one from bdrv_open() and
shorten the one in bdrv_file_open() accordingly.
Also, setting bs->options in bdrv_file_open() is not necessary if it is
already done in bdrv_open().
Signed-off-by: Max Reitz <mreitz@redhat.com>
Reviewed-by: Benoit Canet <benoit@irqsave.net>
Reviewed-by: Kevin Wolf <kwolf@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Change bdrv_file_open() to take a simple pointer to an already existing
BDS instead of an indirect one. The BDS will be created in bdrv_open()
if necessary.
Signed-off-by: Max Reitz <mreitz@redhat.com>
Reviewed-by: Benoit Canet <benoit@irqsave.net>
Reviewed-by: Kevin Wolf <kwolf@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Remove the reference parameter and the related handling code from
bdrv_file_open(), since it exists in bdrv_open() now as well.
Signed-off-by: Max Reitz <mreitz@redhat.com>
Reviewed-by: Benoit Canet <benoit@irqsave.net>
Reviewed-by: Kevin Wolf <kwolf@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Add the bdrv_open() option BDRV_O_PROTOCOL which results in passing the
call to bdrv_file_open(). Additionally, make bdrv_file_open() static and
therefore bdrv_open() the only way to call it.
Consequently, all existing calls to bdrv_file_open() have to be adjusted
to use bdrv_open() with the BDRV_O_PROTOCOL flag instead.
Signed-off-by: Max Reitz <mreitz@redhat.com>
Reviewed-by: Kevin Wolf <kwolf@redhat.com>
Reviewed-by: Benoit Canet <benoit@irqsave.net>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Allow bdrv_open() to handle references to existing block devices just as
bdrv_file_open() is already capable of.
Signed-off-by: Max Reitz <mreitz@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Make bdrv_open() take a pointer to a BDS pointer, similarly to
bdrv_file_open(). If a pointer to a NULL pointer is given, bdrv_open()
will create a new BDS with an empty name; if the BDS pointer is not
NULL, that existing BDS will be reused (in the same way as bdrv_open()
already did).
Signed-off-by: Max Reitz <mreitz@redhat.com>
Reviewed-by: Kevin Wolf <kwolf@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Instead of making the backing file contents visible again after a discard
request, set the zero flag if possible (i.e. on version >= 3).
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Commit 94ccff13 introduced a more verbose failure message and retry
operations on KVM VM creation. However, it ended up using a variable
for its failure message that hasn't been initialized yet.
Fix it to use the value it meant to set.
Cc: qemu-stable@nongnu.org
Signed-off-by: Alexander Graf <agraf@suse.de>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
bdrv_acct_done was called unconditional. But in case the ioreq has no
segments there is no matching bdrv_acct_start call. This could lead to
bogus accounting values.
Found by code inspection.
Signed-off-by: Olaf Hering <olaf@aepfle.de>
Signed-off-by: Stefano Stabellini <stefano.stabellini@eu.citrix.com>
Adjust TMPO and added TMPB, TMPL, and TMPA. libtool needs the names
to be fixed (TMPB).
Add new functions do_libtool and libtool_prog.
Add check for broken gcc and libtool.
Signed-off-by: Don Slutz <dslutz@verizon.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
$(common-obj-m) will include $(block-obj-m), like $(common-obj-y) does
for $(block-obj-y).
Signed-off-by: Fam Zheng <famz@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
This patch adds loading, stamp checking and initialization of modules.
The init function of dynamic module is no longer directly called as
__attribute__((constructor)) in static linked version, it is called
only after passed the checking of presense of stamp symbol:
qemu_stamp_$RELEASEHASH
where $RELEASEHASH is generated by hashing version strings and content
of configure script.
With this, modules built from a different tree/version/configure will
not be loaded.
The module loading code requires gmodule-2.0.
Modules are searched under
- CONFIG_MODDIR
- executable folder (to allow running qemu-{img,io} in the build
directory)
- ../ of executable folder (to allow running system emulator in the
build directory)
Modules are linked under their subdir respectively, then copied to top
level of build directory for above convinience, e.g.:
$(BUILD_DIR)/block/curl.so -> $(BUILD_DIR)/block-curl.so
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Fam Zheng <famz@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Add necessary rules and flags for shared object generation.
The new rules introduced here are:
1) %.o in $(common-obj-m) is compiled to %.o, then linked to %.so.
2) %.mo in $(common-obj-m) is the placeholder for %.so for pattern
matching in Makefile. It's linked to "-shared" with all its dependencies
(multiple *.o) as input. Which means the list of depended objects must
be specified in each sub-Makefile.objs:
foo.mo-objs := bar.o baz.o qux.o
in the same style with foo.o-cflags and foo.o-libs. The objects here
will be prefixed with "$(obj)/" if it's a subdirectory Makefile.objs.
3) For all files ending up in %.so, the following is added automatically:
foo.o-cflags += -fPIC -DBUILD_DSO
Also introduce --enable-modules in configure, the option will enable
support of shared object build. Otherwise objects are static linked to
executables.
Signed-off-by: Fam Zheng <famz@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
While -mdynamic-no-pic can speed up the code somewhat, it is only used
on the legacy PowerPC Mac OS X, and I am not sure if anyone is still
testing that. Disabling PIC can cause problems when enabling modules,
so do not do that.
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Fam Zheng <famz@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
No longer adds flags and libs for them to global variables, instead
create config-host.mak variables like FOO_CFLAGS and FOO_LIBS, which is
used as per object cflags and libs.
This removes unwanted dependencies from libcacard.
Signed-off-by: Fam Zheng <famz@redhat.com>
[Split from Fam's patch to enable modules. - Paolo]
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Fam Zheng <famz@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Adds extract-libs in LINK to expand any "per object libs", the syntax to define
such a libs options is like:
foo.o-libs := $(CURL_LIBS)
in block/Makefile.objs.
Similarly,
foo.o-cflags := $(FOO_CFLAGS)
is also supported.
"foo.o" must be listed in a nested var (e.g. common-obj-y) to make the
option variables effective.
Signed-off-by: Fam Zheng <famz@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Makefile.target includes rule.mak and unnested common-obj-y, then prefix
them with '../', this will ignore object specific QEMU_CFLAGS in subdir
Makefile.objs:
$(obj)/curl.o: QEMU_CFLAGS += $(CURL_CFLAGS)
Because $(obj) here is './block', instead of '../block'. This doesn't
hurt compiling because we basically build all .o from top Makefile,
before entering Makefile.target, but it will affact arriving per-object
libs support.
The starting point of $(obj) is passed in as argument of unnest-vars, as
well as nested variables, so that different Makefiles can pass in a
right value.
Signed-off-by: Fam Zheng <famz@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
With this change, main() calls qemu_init_exec_dir and uses argv[0] to
init exec_dir. The saved value can be retrieved with
qemu_get_exec_dir later. It will be reused by module loading.
Signed-off-by: Fam Zheng <famz@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2014-02-20 13:12:54 +01:00
752 changed files with 33376 additions and 10943 deletions
Some files were not shown because too many files have changed in this diff
Show More
Reference in New Issue
Block a user
Blocking a user prevents them from interacting with repositories, such as opening or commenting on pull requests or issues. Learn more about blocking a user.
