vga_putcharxy()'s underline code sets font_data to 0xffff instead of
0xff. vga_putcharxy() then reads dmask16[0xffff >> 4] and
dmask4[0xffff >> 6]. In practice, these out-of-bounds subscripts
"only" put a few crap bits into the display surface.
For 32 bit pixels, there's no array access. font_data's extra bits go
straight into the display surface.
Broken when commit 6d6f7c28 implemented underline.
Spotted by Coverity.
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
The caller of qemu_timedate_diff() does not expect that tm it passes to
the function will be modified, but mktime() is destructive and modifies
its argument. Pass a copy of tm to it and set tm_isdst so that mktime()
will not rely on it since its value may be outdated.
Signed-off-by: Gleb Natapov <gleb@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
We disable vm_clock when pausing all vcpus, but we forget to
reenable it when resuming all vcpus. It will cause that the
guest can not be rebooted.
Tested-by: Zhi Yong Wu <zwu.kernel@gmai.com>
Reviewed-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Wen Congyang <wency@cn.fujitsu.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
Commit 0a039dc700 broke vga modes for
qxl-vga by loosing vga_ioport_read windup. qxl needs to hook into
vga port writes only and used to realize that by letting vga_init() do
the work for both reads and writes, then overwrite the write function.
That little detail was missed while doing the conversion ...
This patch fixes it. It also switch qxl vga ioport registration to
portio lists while being at it.
Cc: Hans de Goede <hdegoede@redhat.com>
Acked-by: Alon Levy <alevy@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
This patch removes the code lines which set the subsystem id for the
emulated ac97 card to 8086:0000. Due to the device id being zero the
subsystem id isn't vaild anyway. With the patch applied the sound card
gets the default qemu subsystem id (1af4:1100) instead.
[ v2: old & broken id is maintained for -M pc-$oldqemuversion ]
Cc: Takashi Iwai <tiwai@suse.de>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
sgabios hasn't gotten a lot of coverage since it was not shipped. For 1.0,
let's disable the automatic loading of the option ROM in -nographic
mode. We can put it back for 1.1.
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
The rom was not added together with the sgabios device and is
not installed.
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
readline_hist_add() moves the history entry to the end of history. It
uses memmove() to move rs->history[idx + 1..] to rs->history[idx..].
However, its size argument is off by two array elements, so it writes
one element beyond rs->history[], and reads two.
On my system, this clobbers rs->hist_entry and the hole right after
it. Since the function assigns to rs->hist_entry in time, the bug has
no ill effects for me.
Spotted by Coverity.
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Signed-off-by: Stefan Hajnoczi <stefanha@linux.vnet.ibm.com>
The first enable set/clear register (which controls the PPIs and SGIs)
is supposed to be banked for each processor. Currently it is just
handled globally and this prevents recent SMP Linux kernels from
booting, because CPU0 stops receiving localtimer interrupts when CPU1
disables them locally.
To fix this, allow the enable bits to be enabled per-cpu. For SPIs,
always enable/disable ALL_CPU_MASK.
Signed-off-by: Rabin Vincent <rabin@rab.in>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
First determine FAT12/16/32, then compute geometry from that for both
FDD and HDD. For 1.44MB floppies, and 2.88MB floppies using FAT16,
change to 1 sector/cluster. The default remains 2.88MB with FAT12
and 2 sectors/cluster. Both DOS and mkdosfs by default format a 2.88MB
floppy as FAT12.
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
The sector count is stored in the partition and hence must not include the
sectors before its start. At the same time, remove the useless special
casing for 1.44 MB floppies. This fixes fsck on VVFAT hard disks,
which otherwise tries to seek past the end of the disk.
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
This is consistent with what "real" floppies have, so file(1)
now actually recognizes the VVFAT image as a 1.44 MB floppy.
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
If the number of "faked sectors" + the number of sectors that are
part of a cluster does not sum up to the total number of sectors,
qemu-img convert fails. Read these spare sectors as all zeros.
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
When reading the address of the first free entry, you cannot
use array_get without first marking all entries as occupied.
This is visible if you change the sectors per cluster on a
floppy from 2 to 1.
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
With the conversion of the block layer to coroutines, bdrv_read/write
have changed to run a nested event loop that calls qemu_bh_poll.
Consequently a scheduled BH can be called while a DMA transfer handler
runs and this means that DMA_run becomes reentrant.
Devices haven't been designed to cope with that, so instead of running a
nested transfer handler just wait for the next invocation of the BH from the
main loop.
This fixes some problems with the floppy device.
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Without this fix, some qiovs can be leaked if an error occurs. Also a semicolon
at the end of the command line would make the code walk beyond the end of argv.
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Callers of create_iovec() didn't check for failure and continued with
uninitialised data in error cases. This patch adds checks to each call.
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
* 'xtensa' of git://jcmvbkbc.spb.ru/dumb/qemu-xtensa:
xtensa_lx60: fix build date code and change memory region names
xtensa_lx60: pass kernel arguments from -append
xtensa_lx60: add FLASH support
target-xtensa: raise an exception for invalid and reserved opcodes
target-xtensa: handle cache options in the overlay tool
target-xtensa: mask out undefined bits of WINDOWSTART SR
* 'tci' of git://qemu.weilnetz.de/qemu:
tcg: Add tcg interpreter to configure / make
tcg: Add tci disassembler
tcg: Add interpreter for bytecode
tcg: Add bytecode generator for tcg interpreter
tcg: Make ARRAY_SIZE(tcg_op_defs) globally available
tcg: TCG targets may define tcg_qemu_tb_exec
apic id returned to guest kernel in ebx for cpuid(function=1) depends on
CPUX86State->cpuid_apic_id which gets populated after the cpuid information
is cached in the host kernel. This results in broken CPU topology in guest.
Fix this by setting cpuid_apic_id before cpuid information is passed to
the host kernel. This is done by moving the setting of cpuid_apic_id
to cpu_x86_init() where it will work for both KVM as well as TCG modes.
Acked-by: Jan Kiszka <jan.kiszka@siemens.com>
Signed-off-by: Bharata B Rao <bharata.rao@gmail.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
commit ba43d28916 introduces a bug:
The stream-not-found case doesn't error out any more, instead the
code silently uses the first stream. Fix it.
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
When SCSI passthrough is being used by the guest with virtio-blk, the
guest is not able to detect disk failures. This is because the status
field is expected by the guest driver to include also the msg_status,
host_status and driver_status fields, but the device is only passing
down the SCSI status.
The patch fixes this, and also makes sure that the guest always sees a
CHECK_CONDITION status when there is valid sense data.
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
Markus Armbruster <armbru@redhat.com> sent fixes for va_list vararg
issues in v9fs_string_alloc_printf(). It turns out the function
duplicates g_vasprintf() and can therefore be eliminated entirely.
Signed-off-by: Stefan Hajnoczi <stefanha@linux.vnet.ibm.com>
Signed-off-by: Aneesh Kumar K.V <aneesh.kumar@linux.vnet.ibm.com>
Fix date code to uses MMDDYYYY notation.
Change memory region names to reflect specification that defines them.
Signed-off-by: Max Filippov <jcmvbkbc@gmail.com>
LX60 carry 4 Mbyte FLASH and 128 Kbyte SRAM, LX200 carry 16 Mbyte FLASH
and 32 Mbyte SRAM. Either of these memories may be mapped to the system
ROM region.
Select boot from FLASH if -kernel option is not specified, otherwise
boot from SRAM.
Signed-off-by: Max Filippov <jcmvbkbc@gmail.com>
This includes opcodes from disabled features and those marked reserved in the ISA.
Also end TB on opcodes that definitely generate an exception: illegal
instructions, syscall and privileged instructions.
Signed-off-by: Max Filippov <jcmvbkbc@gmail.com>
The error being caused by the failure to copy the other half of
the input to the output after having narrowed the deposit operation.
Signed-off-by: Richard Henderson <rth@twiddle.net>
Signed-off-by: malc <av1474@comtv.ru>
Update lnkst on link state changes so that guests can obtain this
information via reading back the LED output pin. Works for Linux but
not for guests that depend on the missing PHY.
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
Implement the various IO access widths according to the spec. This
specifically unbreaks word and dword access to the PROM area that is
mapped into IO space. It also drops redundant upper limit checks and
spurious "return void".
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
This moves BCR defines to the common header and immediately makes use of
them to add BCR_APROMWE, replacing the open-coded write check in
pcnet_aprom_writeb.
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
This patch would try sort the command list in monitor at runtime. As a result,
command help and help info would show a more friendly sorted command list.
For eg:
(qemu)help
acl_add
acl_policy
acl_remove
acl_reset
acl_show
balloon
block_passwd
...
the command list is sorted.
v3: using qsort function to sort the command list.
Tested-by: Wenyi Gao <wenyi@linux.vnet.ibm.com>
Signed-off-by: Wayne Xia <xiawenc@linux.vnet.ibm.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
Move the parsing of a filedescriptor into a common function
qemu_parse_fd() so others can use it as well. Have net.c call this
function.
v2:
- moving qemu_parse_fd into cutils.c
Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
Suppress confusing messages from pkg_config when probing for
'check' by sending them to /dev/null as we do with other
similar probes.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
Currently, virtio devices are usually presented to the guest as an
emulated PCI device, virtio_pci. Although the actual IO operations
are done through system memory, the configuration of the virtio device
is done through the one PCI IO space BAR that virtio_pci presents.
But PCI IO space (aka PIO) is deprecated for modern PCI devices, and
on some systems with many PCI domains accessing PIO space can be
problematic. For example on the existing PowerVM implementation of
the PAPR spec, PCI PIO access is not supported at all. We're hoping
that our KVM implementation will support PCI PIO (once we support PCI
at all), but it will probably have some irritating limitations.
This patch, therefore, extends the virtio_pci device to have a PCI
memory space (MMIO) BAR as well as the IO BAR. The MMIO BAR contains
exactly the same registers, in exactly the same layout as the existing
PIO BAR.
Because the PIO BAR is still present, existing guest drivers should
still work fine. With this change in place, future guest drivers can
check for an MMIO BAR and use that if present (falling back to PIO
when possible to support older qemu versions).
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
This updates the usb-uhci device emulation to use the explicit PCI DMA
wrapper to initialize its scatter/gathjer structure. This means this
driver should not need further changes when the sglist interface is
extended to support IOMMUs.
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
This updates the usb-ehci device emulation to use the explicit PCI DMA
wrapper to initialize its scatter/gathjer structure. This means this
driver should not need further changes when the sglist interface is
extended to support IOMMUs.
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
This updates the PCI IDE device emulation to use the explicit PCI DMA
wrapper to initialize its scatter/gathjer structure. This means this
driver should not need further changes when the sglist interface is
extended to support IOMMUs.
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
This updates the intel-hda device emulation to use the explicit PCI DMA
functions, instead of directly calling physical memory access functions.
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Signed-off-by: Alexey Kardashevskiy <aik@ozlabs.ru>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
This updates the pcnet-pci device emulation to use the explicit PCI DMA
functions, instead of directly calling physical memory access functions.
Signed-off-by: Eduard - Gabriel Munteanu <eduard.munteanu@linux360.ro>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
This updates the lsi53c895a device emulation to use the explicit PCI DMA
functions, instead of directly calling physical memory access functions.
Signed-off-by: Eduard - Gabriel Munteanu <eduard.munteanu@linux360.ro>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
This updates the e1000 device emulation to use the explicit PCI DMA
functions, instead of directly calling physical memory access functions.
Signed-off-by: Eduard - Gabriel Munteanu <eduard.munteanu@linux360.ro>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
This updates the es1370 device emulation to use the explicit PCI DMA
functions, instead of directly calling physical memory access functions.
Signed-off-by: Eduard - Gabriel Munteanu <eduard.munteanu@linux360.ro>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
This updates the ac97 device emulation to use the explicit PCI DMA
functions, instead of directly calling physical memory access functions.
Signed-off-by: Eduard - Gabriel Munteanu <eduard.munteanu@linux360.ro>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
This updates the eepro100 device emulation to use the explicit PCI DMA
functions, instead of directly calling physical memory access functions.
Signed-off-by: Eduard - Gabriel Munteanu <eduard.munteanu@linux360.ro>
Signed-off-by: David Gibson <dwg@au1.ibm.com>
Signed-off-by: Alexey Kardashevskiy <aik@ozlabs.ru>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
This updates the rtl8139 device emulation to use the explicit PCI DMA
functions, instead of directly calling physical memory access functions.
Signed-off-by: Eduard - Gabriel Munteanu <eduard.munteanu@linux360.ro>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
This patch adds functions to pci.[ch] to perform PCI DMA operations.
At present, these are just stubs which perform directly cpu physical
memory accesses. Stubs are included which are analogous to
cpu_physical_memory_{read,write}(), the stX_phys() and ldX_phys()
functions and cpu_physical_memory_{map,unmap}().
In addition, a wrapper around qemu_sglist_init() is provided, which
also takes a PCIDevice *. It's assumed that _init() is the only
sglist function which will need wrapping, the idea being that once we
have IOMMU support whatever IOMMU context handle the wrapper derives
from the PCI device will be stored within the sglist structure for
later use.
Using these stubs, however, distinguishes PCI device DMA transactions from
other accesses to physical memory, which will allow PCI IOMMU support to
be added in one place, rather than updating every PCI driver at that time.
That is, it allows us to update individual PCI drivers to support an IOMMU
without having yet determined the details of how the IOMMU emulation will
operate. This will let us remove the most bitrot-sensitive part of an
IOMMU patch in advance.
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Signed-off-by: Alexey Kardashevskiy <aik@ozlabs.ru>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
This patch uses the newly created dma_addr_t type throughout the
scatter/gather handling code in dma-helpers.c whenever we need to
represent a dma bus address. This makes a better distinction as to
what is a bus address and what is a cpu physical address. Since we
don't support IOMMUs yet, they can't be very different for now, but
that will change in future, and this preliminary helps clarify what's
going on.
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
As a preliminary to adding more extensive DMA and IOMMU infrastructure
support into qemu, this patch defines a dma_addr_t for storing DMA bus
addresses and a DMADirection enum which describes whether a DMA is
from an external device to main memory or from main memory to an
external device.
For now dma_addr_t is just defined to be target_phys_addr_t, but in
future, we can change this to support machines where we have bus
addresses which don't necessarily have the same format as CPU physical
addresses.
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
Make the ps2 device track its ledstate so that we can migrate it.
Otherwise it gets lost across migration, and spice-server gets
confused about the actual keyboard state and sends bogus
caps/scroll/num key events. This fixes RH bug #729294
We only need to migrate the state when it is different of the default
one (0).
Signed-off-by: Christophe Fergeau <cfergeau@redhat.com>
Signed-off-by: Juan Quintela <quintela@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
Please note that mechlist still uses malloc / strdup / free.
Signed-off-by: Stefan Weil <sw@weilnetz.de>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
There are 508 non-indented (non-default) labels, and 511 that are
indented. So the rule is debatable at least. Actually, in the
common case of labels at the outermost scope, there is really just
one place where to put the label, so the rule is just wrong IMHO.
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
And kvm_ioctl(s, KVM_CREATE_VM, 0)'s return value can be < -1,
so change the check of vmfd at label 'err'.
Signed-off-by: Xu He Jie <xuhj@linux.vnet.ibm.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
* 'ppc-next' of git://repo.or.cz/qemu/agraf: (24 commits)
pseries: Add partial support for PCI
ppc: Alter CPU state to mask out TCG unimplemented instructions as appropriate
pseries: Allow writes to KVM accelerated TCE table
KVM: PPC: Override host vmx/vsx/dfp only when information known
ppc: Fix up usermode only builds
pseries: Correct vmx/dfp handling in both KVM and TCG cases
PPC: Fail configure when libfdt is not available
ppc: Avoid decrementer related kvm exits
PPC: Disable non-440 CPUs for ppcemb target
PPC: Bump qemu-system-ppc to 64-bit physical address space
pseries: Under kvm use guest cpu = host cpu by default
ppc: Add cpu defs for POWER7 revisions 2.1 and 2.3
ppc: First cut implementation of -cpu host
ppc: Remove broken partial PVR matching
pseries: Update SLOF firmware image
pseries: Add device tree properties for VMX/VSX and DFP under kvm
ppc: Generalize the kvmppc_get_clockfreq() function
Set an invalid-bits mask for each SPE instructions
pseries: Update SLOF firmware image
pseries: Use Book3S-HV TCE acceleration capabilities
...
If no disk image is specified, the Cocoa frontend displays a modal sheet
to let the user select an image file to boot from.
This sheet is never closed and it permanently obscures the emulator window.
Close it after obtaining the file name in case the user did select a file.
Otherwise we exit immediately, so no need to close then.
Signed-off-by: Juan Pineda <juan@logician.com>
Signed-off-by: Andreas Färber <andreas.faerber@web.de>
GThread-ERROR **: GThread system may only be initialized once.
aborting...
Making the g_thread_init() call in vl.c conditional resolves an abort on
Mac OS X, where coroutine-gthread.c seems to call it before vl.c.
Reported-by: Juan Pineda <juan@logician.com>
Signed-off-by: Andreas Färber <andreas.faerber@web.de>
Cc: Daniel P. Berrange <berrange@redhat.com>
OpenCores 10/100 Mbps Ethernet MAC specification doesn't clearly state
whether FCS is counted in the RX frame length or not. Looks like it is.
Append zero FCS to the received frames.
Get rid of big static buffer for RX frame padding, optimize it for the
most common MINFL value range.
Set RXD_TL for the long frames only when HUGEN bit is set.
Signed-off-by: Max Filippov <jcmvbkbc@gmail.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
This patch increases robustness when migrating to a file with
two little changes:
(1) Before closing the migration file handle checks if it happens to be
a regular file and if so it issues a fsync. This way the data is
flushed to disk before qemu sends the migration completed event.
(2) It adds error checking. In case either fsync or close syscall
fails pass up the error (and fail migration).
[ v2: return -errno instead of -1 ]
Cc: Juan Quintela <quintela@redhat.com>
Cc: Jiri Denemark <jdenemar@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
There is a "test-coroutine" which isn't in the list.
Add it so "make check" runs it too.
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
Add some Makefile glue so we have a simple "make check"
to run the unit tests.
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
Create a new CHECKS variable. Put the checks there instead
of adding them to the TOOLS variable.
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
Probe for libcheck and build checks (if found) by default.
Can be explicitly disabled using --disable-check-utests.
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
Undefine ABS to avoid a clash with the macro that glib.h
helpfully defines for us (and a resulting build failure
on ia64 hosts).
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
A simple migration reproduces it:
1. Start the source VM with:
# qemu [...] -S
2. Start the destination VM with:
# qemu <source VM cmd-line> -incoming tcp:0:4444
3. In the source VM:
(qemu) migrate -d tcp:0:4444
4. The source VM will segfault as soon as migration completes (might not
happen in the first try)
What is happening here is that qemu_file_put_notify() can end up closing
's->file' (in which case it's also set to NULL). The call stack is rather
complex, but Eduardo helped tracking it to:
select loop -> migrate_fd_put_notify() -> qemu_file_put_notify() ->
buffered_put_buffer() -> migrate_fd_put_ready() ->
migrate_fd_completed() -> migrate_fd_cleanup().
To be honest, it's not completely clear to me in which cases 's->file'
is not closed (on error maybe)? But I doubt this fix will make anything
worse.
Reviewed-by: Paolo Bonzini <pbonzini@redhat.com>
Acked-by: Eduardo Habkost <ehabkost@redhat.com>
Signed-off-by: Luiz Capitulino <lcapitulino@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
.gitignore already lists the qapi-generated subdirectory which includes a
number of files generated during build. However, there are some additional
files generated by the qapi build which go in the top level directory.
This patch adds them to .gitignore, removing the irritating noise from
diffs and the like.
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
qemu-barrier.h tests if macro __powerpc__ is defined, however, the
preprocessor on PowerPC Mac OS X defines only __POWERPC__, not
__powerpc__. Resolve by testing instead for qemu-provided _ARCH_PPC.
Signed-off-by: Eric Sunshine <sunshine@sunshineco.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
After the removal of the non-threaded mode cpu_exec_all is now only used
by TCG. Refactor it accordingly, also dropping its unused return value.
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
Make cpu_single_env thread-local. This fixes a regression
in handling of multi-threaded programs in linux-user mode
(bug 823902).
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
[Peter Maydell: rename tls_cpu_single_env to cpu_single_env]
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Andreas Färber <afaerber@suse.de>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
Drop the cpu_single_env definition as it is unused.
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
Add an abstraction layer for defining and using thread-local
variables. For the moment this is implemented only for Linux,
which means they can only be used in restricted circumstances.
The abstraction layer allows us to add POSIX and Win32 support
later.
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
Spotted via code review, we initialize offset to 0 to avoid a
compiler warning, but in the unlikely case that offset is
never set to something else, we should abort instead of return
a value that will almost certainly cause problems.
Signed-off-by: Alex Williamson <alex.williamson@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
The whole usb_host_close() function is skipped in case the device is not
in attached state. This is wrong though, only then usb_device_detach()
must be skipped, all other cleanup (especially device reset and closing
the file handle) still needs to be done. There are code paths where
usb_host_close() is called with the device in detached state already.
This fixes usb-host devices not being released and returned to the host
after removing them with device_del.
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Some USB drivers, for example USBASPI.SYS, will skip different type of
device which has same VID/PID. The following patch helps preventing
usb-msd being skipped by the driver.
Signed-off-by: Roy Tam <roytam@gmail.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Valgrind is a tool which can automatically detect many kinds of bugs.
Running QEMU on Valgrind with x86_64 hosts was not possible because
Valgrind aborts when memalign is called with an alignment larger than
1 MiB. QEMU normally uses 2 MiB on Linux x86_64.
Now the alignment is reduced to the page size when QEMU is running on
Valgrind.
v2:
Instead of using the macro RUNNING_ON_VALGRIND from valgrind.h,
the patch now uses a hack from libvirt which tests for the pre-loaded
vgpreload_*.so shared libraries. This avoids the need for valgrind.h.
Signed-off-by: Stefan Weil <sw@weilnetz.de>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
A basic wildcard matching is supported in both the monitor command
"trace-event" and the events list file. That means you can enable/disable
the events having a common prefix in a batch. For example, virtio-blk trace
events could be enabled using:
trace-event virtio_blk_* on
Signed-off-by: Mark Wu <wudxw@linux.vnet.ibm.com>
Signed-off-by: Stefan Hajnoczi <stefanha@linux.vnet.ibm.com>
When attaching a new device we must send a wakeup request to the root
hub, otherwise the guest will not notice the new device in case the
usb hub is suspended.
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
RHBZ 740547
If we migrate when the device is in vga state the guest
still believes the slots are created, and will cause operations
that reference the slots, causing a "panic: virtual address out of range"
on the first of them. Easy to see by migrating in vga mode with
a driver loaded, for instance windows cmd window in full screen mode,
and then exiting vga mode back to native mode will cause said panic.
Fixed by doing the slot recreation in post_load for vga mode as well.
Note that compat does not require any changes because it creates it's
only slot by a side effect of QXL_IO_SET_MODE.
Signed-off-by: Alon Levy <alevy@redhat.com>
The qxl renderer works only with a shared displaysurface. So better
make sure we actually have one and restore it when needed.
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
spice uses negative stride value to signal the bitmap is upside down.
The qxl renderer (used for scl, vnc and screenshots) wants a positive
value because it is easier to work with. The positive value is then
stored in the very same variable, which has the drawback that the
upside-down test works only once. Fix by using two variables.
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Reproducer:
$ MALLOC_PERTURB_=234 qemu-system-x86_64 -vnc :0,acl,sasl [...]
QEMU 0.15.50 monitor - type 'help' for more information
(qemu) acl_add vnc.username fred allow
acl: added rule at position 1
(qemu) acl_reset vnc.username
Segmentation fault (core dumped)
Spotted by Coverity.
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Signed-off-by: Stefan Hajnoczi <stefanha@linux.vnet.ibm.com>
C99 7.15.1: Each invocation of the va_start and va_copy macros shall
be matched by a corresponding invocation of the va_end macro in the
same function.
Spotted by Coverity. Harmless on the (common) systems where va_end()
does nothing.
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Signed-off-by: Stefan Hajnoczi <stefanha@linux.vnet.ibm.com>
I'm getting:
could not configure /dev/net/tun (tap%d): Operation not permitted
When the ioctl() fails, ifr.ifr_name will most likely not be overwritten.
So we better only use it when ifname contains a string.
Signed-off-by: Luiz Capitulino <lcapitulino@redhat.com>
Signed-off-by: Stefan Hajnoczi <stefanha@linux.vnet.ibm.com>
Unlike other tcg target code generators, this one does not generate
machine code for some cpu. It generates machine independent bytecode
which is interpreted later.
This allows running QEMU on any host.
Interpreted bytecode is slower than direct execution of generated
machine code.
Signed-off-by: Stefan Weil <sw@weilnetz.de>
tcg_op_defs was already a global array.
The tci disassembler also needs ARRAY_SIZE(tcg_op_defs),
so add a new global constant with this value.
Signed-off-by: Stefan Weil <sw@weilnetz.de>
Targets may use a non standard definition of tcg_tb_exec
by defining this macro in their tcg_target.h.
This is used here by ppc. It will be used by the TCG interpreter, too.
Cc: malc <av1474@comtv.ru>
Signed-off-by: Stefan Weil <sw@weilnetz.de>
Use QLIST_INSERT_HEAD_RCU and rcu_read_lock/unlock instead of rwlocks.
Use v9fs_synth_mutex as a write-only mutex to handle concurrent writers.
Signed-off-by: Harsh Prateek Bora <harsh@linux.vnet.ibm.com>
Signed-off-by: Aneesh Kumar K.V <aneesh.kumar@linux.vnet.ibm.com>
SynthFS needs a QLIST_INSERT_HEAD_RCU to make sure list instructions are not
re-ordered and therefore avoiding a crash. There may be parallel readers which
should be allowed for lock-free access and this variant allows us to get rid
of rwlocks used by readers.
SynthFS is a special case where we dont really need full RCU capabilities as
it doesnt allow list entry deletion but concurrent readers/writers and
instruction re-ordering should not result in a crash.
Also, once the real rcu is available, dummy rcu macro definitions will go away
and the code will still work as expected.
This patchwork is based on inputs from Paolo Bonzini.
Signed-off-by: Harsh Prateek Bora <harsh@linux.vnet.ibm.com>
Signed-off-by: Aneesh Kumar K.V <aneesh.kumar@linux.vnet.ibm.com>
This patch create a synthetic file system with mount tag
v_synth when -virtfs_synth command line option is specified
in qemu. The synthetic file system can be mounted in guest
using 9p using the below command line
mount -t 9p -oversion=9p2000.L,trans=virtio v_synth <mountpint>
Synthetic file system enabled different qemu subsystem to register
callbacks for read and write events from guest. The subsystem
can create directories and files in the synthetic file system as show
in ex below
qemu_v9fs_synth_mkdir(NULL, 0777, "test2", &node);
qemu_v9fs_synth_add_file(node, 0777, "testfile",
my_test_read, NULL, NULL);
Signed-off-by: Aneesh Kumar K.V <aneesh.kumar@linux.vnet.ibm.com>
To implement synthetic file system in Qemu we may not really
require file descriptor and Dir *. Make generic code use
V9fsFidOpenState instead.
Signed-off-by: Aneesh Kumar K.V <aneesh.kumar@linux.vnet.ibm.com>
A new fsdev parameter "readonly" is introduced to control accessing 9p export.
"readonly" can be used to specify the access type. By default "rw" access
is given to 9p export.
Signed-off-by: M. Mohan Kumar <mohan@in.ibm.com>
Signed-off-by: Aneesh Kumar K.V <aneesh.kumar@linux.vnet.ibm.com>
According to David Gibson for some compiler/libc combinations, open_by_handle_at
test in configure isn't quite right: because the file_handle pointer is never
dereferenced, gcc doesn't complain even if it is undefined. Change the test
as suggested by him.
Signed-off-by: Aneesh Kumar K.V <aneesh.kumar@linux.vnet.ibm.com>
This driver emulates the ARM AACI interface (PL041) connected to a LM4549 codec.
It enables audio playback for the Versatile/PB platform.
Limitations:
- Supports only a playback on one channel (Versatile/Vexpress)
- Supports only one TX FIFO in compact-mode or non-compact mode.
- Supports playback of 12, 16, 18 and 20 bits samples.
- Record is not supported.
- The PL041 is hardwired to a LM4549 codec.
Versatile/PB test build:
linux-2.6.38.5
buildroot-2010.11
alsa-lib-1.0.22
alsa-utils-1.0.22
mpg123-0.66
Qemu host: Ubuntu 10.04 in Vmware/OS X
Playback tested successfully with speaker-test/aplay/mpg123.
Signed-off-by: Mathieu Sonet <contact@elasticsheep.com>
[Peter Maydell: fixed typo in code clearing SL1RXBUSY/SL2RXBUSY
bits, as spotted by Andrzej Zaborowski]
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Andrzej Zaborowski <andrew.zaborowski@intel.com>
This patch adds a PCI bus to the pseries machine. This instantiates
the qemu generic PCI bus code, advertises a PCI host bridge in the
guest's device tree and implements the RTAS methods specified by PAPR
to access PCI config space. It also sets up the memory regions we
need to provide windows into the PCI memory and IO space, and
advertises those to the guest.
However, because qemu can't yet emulate an IOMMU, which is mandatory on
pseries, PCI devices which use DMA (i.e. most of them) will not work with
this code alone. Still, this is enough to support the virtio_pci device
(which probably _should_ use emulated PCI DMA, but is specced to use
direct hypervisor access to guest physical memory instead).
[agraf] remove typedef which could cause compile errors
Signed-off-by: Alexey Kardashevskiy <aik@au1.ibm.com>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Signed-off-by: Alexander Graf <agraf@suse.de>
The CPU state contains two bitmaps, initialized from the CPU spec
which describes which instructions are implemented on the CPU. A
couple of bits are defined which cover instructions (VSX and DFP)
which are not currently implemented in TCG. So far, these are only
used to handle the case of -cpu host because a KVM guest can use
the instructions when the host CPU supports them.
However, it's a mild layering violation to simply not include those
bits in the CPU descriptions for those CPUs that do support them,
just because we can't handle them in TCG. This patch corrects the
situation, so that the instruction bits _are_ shown correctly in the
cpu spec table, but are masked out from the cpu state in the non-KVM
case.
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Signed-off-by: Alexander Graf <agraf@suse.de>
Sufficiently recent kernels include a KVM call to accelerate use of
PAPR TCE tables (IOMMU), which are used by PAPR virtual IO devices.
This involves qemu mapping the TCE table in from a kernel obtained fd,
which currently we do with PROT_READ only. This is a hangover from
early (never released) versions of this kernel interface which only
permitted read-only mappings and required us to destroy and recreate
the table when we needed to clear it from qemu.
Now, the kernel permits read-write mappings, and we rely on this to
clear the table in spapr_vio_quiesce_one(). However, due to
insufficient testing, I forgot to update the actual mapping of the
table in kvmppc_create_spapr_tce() to add PROT_WRITE to the mmap().
This patch corrects the oversight.
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Signed-off-by: Alexander Graf <agraf@suse.de>
The -cpu host feature tries to find out the host capabilities based
on device tree information. However, we don't always have that available
because it's an optional property in dt.
So instead of force unsetting values depending on an unreliable source
of information, let's just try to be clever about it and not override
capabilities when we don't know the device tree pieces.
This fixes altivec with -cpu host on YDL PowerStations.
Reported-by: Nishanth Aravamudan <nacc@us.ibm.com>
Acked-by: David Gibson <david@gibson.dropbear.id.au>
Signed-off-by: Alexander Graf <agraf@suse.de>
The recent usage of MemoryRegion in kvm_ppc.h breaks builds with
CONFIG_USER_ONLY=y. This patch fixes it.
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Signed-off-by: Alexander Graf <agraf@suse.de>
Currently, when KVM is enabled, the pseries machine checks if the host
CPU supports VMX, VSX and/or DFP instructions and advertises
accordingly in the guest device tree. It does this regardless of what
CPU is selected on the command line. On the other hand, when in TCG
mode, it never advertises any of these facilities, even basic VMX
(Altivec) which is supported in TCG.
Now that we have a -cpu host option for ppc, it is fairly
straightforward to fix both problems. This patch changes the -cpu
host code to override the basic cpu spec derived from the PVR with
information queried from the host avout VMX, VSX and DFP capability.
The pseries code then uses the instruction availability advertised in
the cpu state to set the guest device tree correctly for both the KVM
and TCG cases.
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Signed-off-by: Alexander Graf <agraf@suse.de>
We have several targets in the PPC tree now that basically require libfdt
to function properly, namely the pseries and the e500 targets. This dependency
will rather increase than decrease in the future, so I want to make sure
that people building shiny new 1.0 actually have libfdt installed to get
rid of a few ifdefs in the code.
Warning: This patch will likely make configure fail for people who don't
select their own --target-list, but don't have libfdt development packages
installed. However, we really need this new dependency to move on.
Signed-off-by: Alexander Graf <agraf@suse.de>
---
v1 -> v2:
- no paranthesis
- no fdt check for config_pseries
- add . in error message
In __cpu_ppc_store_decr(), we set up a regular timer used to trigger
decrementer interrupts. This is necessary to implement the decrementer
properly under TCG, but is unnecessary under KVM (true for both Book3S-PR
and Book3S-HV KVM variants), because the kernel handles generating and
delivering decrementer exceptions.
Under kvm, in fact, the timer causes expensive and unnecessary exits from
kvm to qemu. This patch, therefore, disables setting the timer when kvm
is in use.
Signed-off-by: Anton Blanchard <anton@au1.ibm.com>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Signed-off-by: Alexander Graf <agraf@suse.de>
The sole reason we have the ppcemb target is to support MMUs that have
less than the usual 4k possible page size. There are very few of these
chips and I don't want to add additional QA and testing burden to everyone
to ensure that code still works when TARGET_PAGE_SIZE is not 4k.
So this patch disables all CPUs except for MMU_BOOKE capable ones from
the ppcemb target.
Signed-off-by: Alexander Graf <agraf@suse.de>
Some 32-bit PPC CPUs can use up to 36 bit of physical address space.
Treat them accordingly in the qemu-system-ppc binary type.
Signed-off-by: Alexander Graf <agraf@suse.de>
Now that we've implemented -cpu host for ppc, this patch updates the
pseries machine to use the host cpu as the guest cpu by default when
running under KVM. This is important because under KVM Book3S-HV the guest
cpu _cannot_ be of a different type to the host cpu (at the moment
KVM Book3S-HV will silently virtualize the host cpu instead of whatever was
requested, but in future it is likely to simply refuse to run the VM if
a cpu model other than the host's is requested).
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Signed-off-by: Alexander Graf <agraf@suse.de>
This patch adds cpu specs to the table for POWER7 revisions 2.1 and 2.3.
This allows -cpu host to be used on these host cpus.
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Signed-off-by: Alexander Graf <agraf@suse.de>
For convenience with kvm, x86 allows the user to specify -cpu host on the
qemu command line, which means make the guest cpu the same as the host
cpu. This patch implements the same option for ppc targets.
For now, this just read the host PVR (Processor Version Register) and
selects one of our existing CPU specs based on it. This means that the
option will not work if the host cpu is not supported by TCG, even if that
wouldn't matter for use under kvm.
In future, we can extend this in future to override parts of the cpu spec
based on information obtained from the host (via /proc/cpuinfo, the host
device tree, or explicit KVM calls). That will let us handle cases where
the real kvm-virtualized CPU doesn't behave exactly like the TCG-emulated
CPU. With appropriate annotation of the CPU specs we'll also then be able
to use host cpus under kvm even when there isn't a matching full TCG model.
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Signed-off-by: Alexander Graf <agraf@suse.de>
The ppc target contains a ppc_find_by_pvr() function, which looks up a
CPU spec based on a PVR (that is, based on the value in the target cpu's
Processor Version Register). PVR values contain information on both the
cpu model (upper 16 bits, usually) and on the precise revision (low 16
bits, usually).
ppc_find_by_pvr, as well as making exact PVR matches, attempts to find
"close" PVR matches, when we don't have a CPU spec for the exact revision
specified. This sounds like a good idea, execpt that the current logic
is completely nonsensical.
It seems to assume CPU families are subdivided bit by bit in the PVR in a
way they just aren't. Specifically, it requires a match on all bits of the
specified pvr up to the last non-zero bit. This has the bizarre effect
that when the low bits are simply a sequential revision number (a common
though not universal pattern), then odd specified revisions must be matched
exactly, whereas even specified revisions will also match the next odd
revision, likewise for powers of 4, 8 and so forth.
To correctly do inexact matching we'd need to re-organize the table of CPU
specs to include a mask showing what PVR range the spec is compatible with
(similar to the cputable code in the Linux kernel).
For now, just remove the bogosity by only permitting exact PVR matches.
That at least makes the matching simple and consistent. If we need inexact
matching we can add the necessary per-subfamily masks later.
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Signed-off-by: Alexander Graf <agraf@suse.de>
This patch is a general update to the SLOF firmware image used on the
pseries machine. This doesn't contain updates for specific features but
contains a number of bugfixes and enhancements in the main SLOF tree from
Thomas Huth.
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Signed-off-by: Alexander Graf <agraf@suse.de>
Sufficiently recent PAPR specifications define properties "ibm,vmx"
and "ibm,dfp" on the CPU node which advertise whether the VMX vector
extensions (or the later VSX version) and/or the Decimal Floating
Point operations from IBM's recent POWER CPUs are available.
Currently we do not put these in the guest device tree and the guest
kernel will consequently assume they are not available. This is good,
because they are not supported under TCG. VMX is similar enough to
Altivec that it might be trivial to support, but VSX and DFP would
both require significant work to support in TCG.
However, when running under kvm on a host which supports these
instructions, there's no reason not to let the guest use them. This
patch, therefore, checks for the relevant support on the host CPU
and, if present, advertises them to the guest as well.
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Signed-off-by: Alexander Graf <agraf@suse.de>
Currently the kvmppc_get_clockfreq() function reads the host's clock
frequency from /proc/device-tree, which is useful to past to the guest
in KVM setups. However, there are some other host properties
advertised in the device tree which can also be relevant to the
guests.
This patch, therefore, replaces kvmppc_get_clockfreq() which can
retrieve any named, single integer property from the host device
tree's CPU node.
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Signed-off-by: Alexander Graf <agraf@suse.de>
SPE instructions are defined by pairs. Currently, the invalid-bits mask is set
for the first instruction, but the second one can have a different mask.
example:
GEN_SPE(efdcmpeq, efdcfs, 0x17, 0x0B, 0x00600000, 0x00180000, PPC_SPE_DOUBLE),
Signed-off-by: Fabien Chouteau <chouteau@adacore.com>
Signed-off-by: Alexander Graf <agraf@suse.de>
This patch updates the SLOF submodule and precompiled image. The new
SLOF versions contains two changes of note:
* The previous SLOF has a bug in SCSI condition handling that was
exposed by recent updates to qemu's SCSI emulation. This update
fixes the bug.
* The previous SLOF has a bug in its addressing of SCSI devices,
which can be exposed under certain conditions. The new SLOF also
fixes this.
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Signed-off-by: Alexander Graf <agraf@suse.de>
The pseries machine of qemu implements the TCE mechanism used as a
virtual IOMMU for the PAPR defined virtual IO devices. Because the
PAPR spec only defines a small DMA address space, the guest VIO
drivers need to update TCE mappings very frequently - the virtual
network device is particularly bad. This means many slow exits to
qemu to emulate the H_PUT_TCE hypercall.
Sufficiently recent kernels allow this to be mitigated by implementing
H_PUT_TCE in the host kernel. To make use of this, however, qemu
needs to initialize the necessary TCE tables, and map them into itself
so that the VIO device implementations can retrieve the mappings when
they access guest memory (which is treated as a virtual DMA
operation).
This patch adds the necessary calls to use the KVM TCE acceleration.
If the kernel does not support acceleration, or there is some other
error creating the accelerated TCE table, then it will still fall back
to full userspace TCE implementation.
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Signed-off-by: Alexander Graf <agraf@suse.de>
At present, using the hypervisor aware Book3S-HV KVM will only work
with qemu on POWER7 CPUs. PPC970 CPUs also have hypervisor
capability, but they lack the VRMA feature which makes assigning guest
memory easier.
In order to allow KVM Book3S-HV on PPC970, we need to specially
allocate the first chunk of guest memory (the "Real Mode Area" or
RMA), so that it is physically contiguous.
Sufficiently recent host kernels allow such contiguous RMAs to be
allocated, with a kvm capability advertising whether the feature is
available and/or necessary on this hardware. This patch enables qemu
to use this support, thus allowing kvm acceleration of pseries qemu
machines on PPC970 hardware.
Signed-off-by: Paul Mackerras <paulus@samba.org>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Signed-off-by: Alexander Graf <agraf@suse.de>
---
agraf: fix to use memory api
Alex Graf has already made qemu support KVM for the pseries machine
when using the Book3S-PR KVM variant (which runs the guest in
usermode, emulating supervisor operations). This code allows gets us
very close to also working with KVM Book3S-HV (using the hypervisor
capabilities of recent POWER CPUs).
This patch moves us another step towards Book3S-HV support by
correctly handling SMT (multithreaded) POWER CPUs. There are two
parts to this:
* Querying KVM to check SMT capability, and if present, adjusting the
cpu numbers that qemu assigns to cause KVM to assign guest threads
to cores in the right way (this isn't automatic, because the POWER
HV support has a limitation that different threads on a single core
cannot be in different guests at the same time).
* Correctly informing the guest OS of the SMT thread to core mappings
via the device tree.
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Signed-off-by: Alexander Graf <agraf@suse.de>
When access PPCE500_PCI_IW1 the previous index get overflow.
The patch fix the issue and update all to keep consistent style.
Signed-off-by: Liu Yu <yu.liu@freescale.com>
Signed-off-by: Alexander Graf <agraf@suse.de>
If the deposit replaces the entire word, optimize to a move.
If we're inserting to the top of the word, avoid the mask of arg2
as we'll be shifting out all of the garbage and shifting in zeros.
If the host is 32-bit, reduce a 64-bit deposit to a 32-bit deposit
when possible.
Signed-off-by: Richard Henderson <rth@twiddle.net>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
this patch fix multiple issues with VirtFS tracing.
a) Add tracepoint to the correct code path. We handle error in complete_pdu
b) Fix indentation in python script
c) Fix variable naming issue in python script
Signed-off-by: Aneesh Kumar K.V <aneesh.kumar@linux.vnet.ibm.com>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
Adding an offset to a void pointer works with gcc but is not allowed
by the current C standards. With -pedantic, gcc complains:
exec-all.h:344: error: pointer of type ‘void *’ used in arithmetic
Fix this, and also replace (unsigned long) by (uintptr_t) in the same
statement.
Signed-off-by: Stefan Weil <sw@weilnetz.de>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
linux-headers/asm is a symlink generated during configure. It should not,
therefore be committed to git, nor show up in git diffs and the like.
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Reviewed-by: Juan Quintela <quintela@redhat.com>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
scsi-block is a new device that supports device passthrough of Linux
block devices (i.e. /dev/sda, not /dev/sg0). It uses SG_IO for commands
other than I/O commands, and regular AIO read/writes for I/O commands.
Besides being simpler to configure (no mapping required to scsi-generic
device names), this removes the need for a large bounce buffer and,
in the future, will get scatter/gather support for free from scsi-disk.
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
The request restart mechanism is generic and could be reused for
scsi-generic. In the meanwhile, pushing it to SCSIDevice avoids
that scsi_dma_restart_bh looks at SCSIGenericReqs when working on
a scsi-block device.
The code is the same that is already in hw/scsi-disk.c, with
the type flags replaced by req->cmd.mode and a more generic way to
requeue SCSI_XFER_NONE commands.
I also added a missing call to qemu_del_vm_change_state_handler.
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
In some cases a request may be canceled before the completion callback
runs. Keep a reference to the request between starting an AIO operation
and the corresponding scsi_req_cancel or scsi_*_complete.
When a request has to be retried, the request can be dropped because
scsi_dma_restart_bh only looks at requests that are enqueued. As such,
they always have at least a reference.
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Otherwise, if cancellation is "faked" by the AIO layer and goes
through qemu_aio_flush, the whole request is completed synchronously
during scsi_req_cancel.
Using the enqueued flag would work here, but not in the next patches,
so I'm introducing a new io_canceled flag. That's because scsi_req_data
is a synchronous callback and the enqueued flag might be reset by the
time it returns. scsi-disk cannot unref the request until after calling
scsi_req_data.
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
This will let scsi-block choose between passthrough and emulation.
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Also delete a stale occurrence of SCSIReqOps inside SCSIDeviceInfo.
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
The field is only in scsi-disk for now. Moving it up to SCSIDevice makes
it easier to reuse the scsi-generic reqops elsewhere.
At the same time, make scsi-generic get max_lba from snooped READ CAPACITY
commands as well.
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Set s->removable, s->qdev.blocksize and s->qdev.type in the callers
of scsi_initfn.
With this in place, s->qdev.type is allowed, and we can just reuse it
as the first byte in VPD data (just like we do in standard INQUIRY data).
Also set s->removable is set consistently and we can use it.
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
This field is redundant, and having it makes it more complicated
to share reqops between the upcoming scsi-block and scsi-generic.
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Same as for scsi-generic, avoid duplication even if it causes longer
lines.
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Instead of "guessing" the block size when there is no medium in the
drive, wait for the guest to send a READ CAPACITY command and snoop
it from there.
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Pass down the host status so that failing transport can be detected
by the guest. Similar treatment of host status could be done in
virtio-blk, too.
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
A succeeding ioctl does not imply that the SCSI command succeeded.
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
This is not needed anymore, since asynchronous ioctls were introduced
by commit 221f715 (new scsi-generic abstraction, use SG_IO, 2009-03-28).
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
It is not needed, because s->bs is already stored in SCSIDevice, and
can be reached from the conf.bs member.
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Flush does not go anymore through scsi_disk_emulate_command.
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Tested by the Windows Logo Kit SCSI Compliance test. From SBC-3, paragraph
5.25: "The LOGICAL BLOCK ADDRESS field shall be set to zero if the PMI
bit is set to zero. If the PMI bit is set to zero and the LOGICAL BLOCK
ADDRESS field is not set to zero, then the device server shall terminate
the command with CHECK CONDITION status with the sense key set to ILLEGAL
REQUEST and the additional sense code set to INVALID FIELD IN CDB".
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
This also requires little more than adding the new argument to
scsi_device_find, and the qdev property. All devices by default
end up on channel 0.
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
This only requires changes in two places: in SCSIBus, we need to look
for a free LUN if somebody creates a device with a pre-existing scsi-id
but the default LUN (-1, meaning "search for a free spot"); in vSCSI,
we need to actually parse the LUN according to the SCSI spec.
For vSCSI, max_target/max_lun are set according to the logical unit
addressing format in SAM.
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Change the devs array into a linked list, and add a scsi_device_find
function to navigate the children list instead. This lets the SCSI
bus use more complex addressing, and HBAs can talk to the correct device
when there are multiple LUNs per target.
scsi_device_find may return another LUN on the same target if none is
found that matches exactly.
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
SCSI buses will need to read the children list first-to-last. This
requires using a QTAILQ, because hell breaks loose if you just try
inserting at the tail (thus reversing the order of all existing
visits from last-to-first to first-to-tail).
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
This adds support for media change notification via the GET EVENT STATUS
NOTIFICATION command, used by Linux versions 2.6.38 and newer.
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
This patch adds to scsi-disk the missing mode page 0x01 for both disk
and CD-ROM drives, and mode page 0x0e for CD drives only.
A few offsets were wrong in atapi.c. Also change the 2Ah mode page to
expose DVD media read capabilities in the IDE cdrom. This lets you run
dvd+rw-mediainfo on the virtual DVD drives.
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
A small refactoring of the MODE SENSE implementation in scsi-disk.
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
This patch adds a few stub implementations for MMC commands to
scsi-disk, to be filled in later in the series. It also adds to
scsi-defs.h constants for commands implemented by ide/atapi.c,
when missing.
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Building on the previous patch, this one adds a media change callback
to scsi-disk.
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Reporting media change events via unit attention sense codes requires
a small state machine: first report "NO MEDIUM", then report "MEDIUM MAY
HAVE CHANGED". Unfortunately there is no good hooking point for the
device to notice that its pending unit attention condition has been
reported. This patch reworks the generic machinery to add one.
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
The first two bytes (after the 8-byte ATAPI header) are the mode page
number and the number of bytes after the length field itself. Make
this clear in the code.
The AUDIO_CTL page was filled with wrong values. It is not anymore in
MMC, but at least keep the values sane.
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
As a complement to the previous patch, move definitions for GET EVENT
STATUS NOTIFICATION from the two functions to scsi-defs.h.
The NCR_* constants are just bit values corresponding to the ENC_*
values, with no offsets even, so keep just one copy.
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
The definitions in ide/internal.h are duplicates, since ATAPI commands
actually come from SCSI. Use the ones in scsi-defs.h and move the
missing ones there. Two exceptions:
- MODE_PAGE_WRITE_PARMS conflicts with the "flexible disk geometry"
page in scsi-disk.c. It is unused, so pick the latter.
- GPCMD_* is left in ide/internal.h, at least for now.
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Several BlockDriverState fields are not being reinitialized across
bdrv_close()/bdrv_open(). Make sure they are reset to their default
values.
Signed-off-by: Stefan Hajnoczi <stefanha@linux.vnet.ibm.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Several block drivers set bs->read_only in .bdrv_open() but
block.c:bdrv_open_common() clobbers its value. Additionally, QED uses
bdrv_is_read_only() in .bdrv_open() to decide whether to perform
consistency checks.
The correct ordering is to initialize bs->read_only from the open flags
before calling .bdrv_open(). This way block drivers can override it if
necessary and can use bdrv_is_read_only() in .bdrv_open().
Signed-off-by: Stefan Hajnoczi <stefanha@linux.vnet.ibm.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Using bdrv_close() is not enough to free a BlockDriverState. Since we
explicitly create it with bdrv_new(), use bdrv_delete() to close and
delete it.
Signed-off-by: Stefan Hajnoczi <stefanha@linux.vnet.ibm.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
This patch adds a short description of how to specify a NBD device
to QEMU.
Syntax for both TCP and Unix Domain Sockets are provided as well
as examples.
Signed-off-by: Ronnie Sahlberg <ronniesahlberg@gmail.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Data we read from the disk isn't necessarily null terminated and may not
contain the string we're looking for. The code needs to be a bit more careful
here.
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
tmp_filename was used outside the block it was defined in, i.e. after it went
out of scope. Move its declaration to the top level.
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
An entry in the VDI block map will hold an offset to the actual block if
the block is allocated, or one of two specially-interpreted values if
not allocated. Using VirtualBox terminology, value VDI_IMAGE_BLOCK_FREE
(0xffffffff) represents a never-allocated block (semantically arbitrary
content). VDI_IMAGE_BLOCK_ZERO (0xfffffffe) represents a "discarded"
block (semantically zero-filled). block/vdi knows only about
VDI_IMAGE_BLOCK_FREE. Teach it about VDI_IMAGE_BLOCK_ZERO.
Signed-off-by: Eric Sunshine <sunshine@sunshineco.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
This provides built-in support for iSCSI to QEMU.
This has the advantage that the iSCSI devices need not be made visible to the host, which is useful if you have very many virtual machines and very many iscsi devices.
It also has the benefit that non-root users of QEMU can access iSCSI devices across the network without requiring root privilege on the host.
This driver interfaces with the multiplatform posix library for iscsi initiator/client access to iscsi devices hosted at
git://github.com/sahlberg/libiscsi.git
The patch adds the driver to interface with the iscsi library.
It also updated the configure script to
* by default, probe is libiscsi is available and if so, build
qemu against libiscsi.
* --enable-libiscsi
Force a build against libiscsi. If libiscsi is not available
the build will fail.
* --disable-libiscsi
Do not link against libiscsi, even if it is available.
When linked with libiscsi, qemu gains support to access iscsi resources such as disks and cdrom directly, without having to make the devices visible to the host.
You can specify devices using a iscsi url of the form :
iscsi://[<username>[:<password>@]]<host>[:<port]/<target-iqn-name>/<lun>
When using authentication, the password can optionally be set with
LIBISCSI_CHAP_PASSWORD="password" to avoid it showing up in the process list
Signed-off-by: Ronnie Sahlberg <ronniesahlberg@gmail.com>
Reviewed-by: Stefan Hajnoczi <stefanha@linux.vnet.ibm.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Previous commits dropped most qobjects usage from qemu modules
(now they are a low level interface used by the QAPI). However,
some modules still include the qemu-objects.h header file.
This commit drops qemu-objects.h from some of those modules
and includes qjson.h instead, which is what they actually need.
Signed-off-by: Luiz Capitulino <lcapitulino@redhat.com>
Previous commits converted all existing QMP commands to the QAPI,
now each info command does its own QMP call.
Let's then drop all QMP command handling code from do_info().
Signed-off-by: Luiz Capitulino <lcapitulino@redhat.com>
Because QMP development originated in the monitor, it has
inherited the monitor's distinction between query- and
non-query commands.
However, previous commits unified both commands and the
distinction is gone. This commit drops the query commands
dispatch table and does some simplifications along the way.
Signed-off-by: Luiz Capitulino <lcapitulino@redhat.com>
This also fixes a bug with the old version: QMP would invert device id
and vendor id. This would look ok on HMP because it was printing
"device:vendor" instead of "vendor:device".
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
Signed-off-by: Luiz Capitulino <lcapitulino@redhat.com>
Please, note that some of the code supporting memory statistics is
still around (eg. virtio_balloon_receive_stats() and reset_stats()).
Also, the qmp_query_balloon() function is synchronous and thus doesn't
make any use of the (not fully working) monitor's asynchronous command
support (the old non-qapi implementation did).
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
Signed-off-by: Luiz Capitulino <lcapitulino@redhat.com>
There are three important remarks in relation to the non-qapi command:
1. This commit also fixes the behavior of the 'query-vnc' and 'info vnc'
commands to return an error when qemu is built without VNC support
(ie. --disable-vnc). The non-qapi command would return the OK
response in QMP and no response in HMP
2. The qapi version explicitly marks the fields 'host', 'family',
'service' and 'auth' as optional. Their are not documented as optional
in the non-qapi command doc, but they would not be returned if
vnc support is disabled. The qapi version maintains the same
semantics, but documents those fields correctly
3. The 'clients' field, which is a list, is marked as optional but is
always returned. If there are no clients connected an empty list
is returned. This is not the Right Way to this in the qapi but it's
how the non-qapi command used to work
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
Signed-off-by: Luiz Capitulino <lcapitulino@redhat.com>
The biggest change is to rename its prefix from BDRV_IOS to
BLOCK_DEVICE_IO_STATUS.
Next commit will convert the query-block command to the QAPI
and that's how the enumeration is going to be generated.
Signed-off-by: Luiz Capitulino <lcapitulino@redhat.com>
A future commit will convert bdrv_info() to the QAPI and it won't
provide IOS_INVAL.
Luckily all we have to do is to add a new 'iostatus_enabled'
member to BlockDriverState and use it instead.
Signed-off-by: Luiz Capitulino <lcapitulino@redhat.com>
Today we generate something like this:
int qmp_marshal_input_query_foo(...)
...
retval = qmp_query_foo(errp);
qmp_marshal_output_query_foo(retval, ret, errp);
...
However, if qmp_query_foo() fails 'retval' will probably be NULL,
which can cause a segfault as not all visitors check if 'retval'
is valid.
This commit fixes that by changing the code generator to only
call the output marshal if qmp_query_foo() succeeds, like this:
retval = qmp_query_foo(errp);
if (!error_is_set(errp)) {
qmp_marshal_output_query_foo(retval, ret, errp);
}
Signed-off-by: Luiz Capitulino <lcapitulino@redhat.com>
Use target_ulong instead of hard-coded uint32_t.
Remove the disabled printf's that are redundant with -strace.
Signed-off-by: Richard Henderson <rth@twiddle.net>
Signed-off-by: Riku Voipio <riku.voipio@linaro.org>
Don't confuse the load address with the load bias. They're equal
for ET_DYN objects (i.e. ld.so) but different for ET_EXEC objects
(i.e. statically linked).
Signed-off-by: Richard Henderson <rth@twiddle.net>
Signed-off-by: Riku Voipio <riku.voipio@linaro.org>
For OBS, we're running a full cross-guest inside of a VM. When a build
is done there, we reboot the guest as shutdown mechanism.
Unfortunately, reboot is not implemented in linux-user. So this mechanism
fails, spilling unpretty warnings. This patch implements sys_reboot()
emulation.
Signed-off-by: Alexander Graf <agraf@suse.de>
Signed-off-by: Riku Voipio <riku.voipio@iki.fi>
When running openat using qemu-arm, we stumbled over invalid permissions
on the created files. The reason for this is that the mode parameter gets
treates as an O_... flag, which it isn't - it's a permission bitmask.
This patch removes the needless translation of the mode parameter,
rendering permission passing of openat() to work with linux-user.
Reported-by: Dirk Mueller <dmueller@suse.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
Signed-off-by: Riku Voipio <riku.voipio@iki.fi>
abi_(u)long might be different from target_ulong, so don't use tswapl
but introduce a new tswapal
Signed-off-by: Matthias Braun <matze@braunis.de>
Signed-off-by: Riku Voipio <riku.voipio@iki.fi>
While ALIGNADDR was implemented out-of-line, ALIGNADDRL was not
implemeneted at all. However, this is a very simple operation
so we're better off doing this inline.
Signed-off-by: Richard Henderson <rth@twiddle.net>
This reduces the size of the individual translation blocks, since
we only emit a single call for each FOP rather than three. In
addition, clear_float_exceptions expands inline to a single byte store.
Signed-off-by: Richard Henderson <rth@twiddle.net>
This allows a more efficient representation for 64-bit hosts.
It should be about the same for 32-bit hosts, as we can still
access the individual pieces of the double.
Signed-off-by: Richard Henderson <rth@twiddle.net>
Begin using i64 quantities to manipulate double-precision values.
On a 64-bit host this will, for the moment, generate less efficient
code; on a 32-bit host code quality should be largely unchanged.
Code quality for 64-bit will be adjusted with a subsequent patch.
Signed-off-by: Richard Henderson <rth@twiddle.net>
Load, store, and "create destination". This version attempts to
change the behaviour of the translator as little as possible. We
previously used cpu_tmp32 as the temporary destination, and we
continue to use that. This will eventually allow a change in
representation of the fprs.
Change the name of the cpu_fpr array to make certain that all
instances are converted.
Signed-off-by: Richard Henderson <rth@twiddle.net>
Before the next patch, fix coding style of the areas affected.
Reviewed-by: Richard Henderson <rth@twiddle.net>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
Make [su]div{,cc} helpers take a parameter for CPUState instead
of relying on global env. Move the functions to helper.c.
Reviewed-by: Richard Henderson <rth@twiddle.net>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
Make softint op helpers and Leon cache irq manager take a parameter
for CPUState instead of relying on global env. Move the functions
to int{32,64}_helper.c.
Reviewed-by: Richard Henderson <rth@twiddle.net>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
Make CWP and PSTATE helpers take a parameter for CPUState instead
of relying on global env. Remove wrapper functions.
Reviewed-by: Richard Henderson <rth@twiddle.net>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
- Add all dependencies of the block layer to block-obj-y, and all
dependencies of QObject to qobject-obj-y
- Remove the block layer from tools-obj-y, add it to qemu-img, qemu-nbd,
qemu-io
- Add qobject-obj-y and tools-obj-y wherever useful, remove duplicates
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Stefan Hajnoczi <stefanha@linux.vnet.ibm.com>
'ret' is unconditionally overwitten by qed_read_l1_table_sync()
Spotted by Clang Analyzer
Signed-off-by: Pavel Borzenkov <pavel.borzenkov@gmail.com>
Signed-off-by: Stefan Hajnoczi <stefanha@linux.vnet.ibm.com>
Spotted by Clang Analyzer
[Note this memcpy call has always been safe because the length will be 0
when the pointer is NULL]
Signed-off-by: Pavel Borzenkov <pavel.borzenkov@gmail.com>
Signed-off-by: Stefan Hajnoczi <stefanha@linux.vnet.ibm.com>
stdint.h defines the POSIX data types and is needed
for MinGW-w64 (and maybe other hosts).
v2: Instead of adding stdint.h directly, qemu-common.h is now
included and duplicate include statements were removed.
Signed-off-by: Stefan Weil <sw@weilnetz.de>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
g_malloc0 needs g_free instead of free.
While fixing this, I also replaced g_malloc0 by g_new0
as was suggested by Stuart Brady.
Cc: Blue Swirl <blauwirbel@gmail.com>
Signed-off-by: Stefan Weil <sw@weilnetz.de>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
The MinGW-w64 gcc complains about wrong parameters for
gen_helper_fpadd16_s and three other functions.
gen_helper_fpadd16_s is declared like this (hidden in lots of macros):
static inline void
gen_helper_fpadd16s(TCGv_i32 retval, TCGv_ptr arg1,
TCGv_i32 arg2, TCGv_i32 arg3);
So it looks like cpu_env should be the 2nd parameter.
Please review this patch as I have no environment to test it
(maybe the 1st parameter should be cpu_dst?).
Cc: Blue Swirl <blauwirbel@gmail.com>
Signed-off-by: Stefan Weil <sw@weilnetz.de>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
Windows 7 may use the same stream number for input and output.
Current code will confuse streams.
Changes since v1:
- keep running_compat[] for migration version 1
- add running_real[] for migration version 2
Signed-off-by: Marc-Andr? Lureau <marcandre.lureau@redhat.com>
Signed-off-by: malc <av1474@comtv.ru>
Windows 7 may use the same stream number for input and output.
That will result in lot of garbage on playback.
The hardcoded value of 4 needs to be in sync with GCAP streams
description and IN/OUT registers.
Signed-off-by: Marc-Andr? Lureau <marcandre.lureau@redhat.com>
Signed-off-by: malc <av1474@comtv.ru>
assert("...") will never do anything. This assertion handles a case
which should never occur, so it must be assert(!"...").
Cc: Alon Levy <alevy@redhat.com>
Signed-off-by: Stefan Weil <sw@weilnetz.de>
Setting both read and write handlers to NULL in qemu_set_fd_handler
is not enougth to make qemu purge the file handle from the list.
We must set opaque to NULL too.
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
update init_qxl_ram to reset update_surface to 0. This fixes one case
of breakage when installing an old driver in a vm that had a new driver
installed. The newer driver would know about surface creation and would
change update_surface to !=0, then a reset would happen, all surfaces
are destroyed, then the old driver is initialized and issues an
UPDATE_AREA, and spice server aborts on invalid surface.
RHBZ: 690427
Signed-off-by: Alon Levy <alevy@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
(1) If the guest cursor command is empty, don't reload it after migration.
(2) Cleaning the guest cursor when it is released by
the spice server. In addition, explicitly reset the
cursor in spice upon destroying the primary surface
(was done by spice-server implicitly). This will prevent
access to pci memory that was released.
RHBZ: 744518
Signed-off-by: Yonit Halperin <yhalperi@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
This was only a best-effort attempt, by far not guaranteed to have an
effect. Drop it so that also no direct pthread usage remain in the
device model.
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Use QEMU thread API instead of pthread directly. We still need to get
rid of pthread_yield, though, to drop pthread.h inclusion.
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
No need to use pthread directly, we have proper abstractions for
identity checking.
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
RHBZ 737921
Spice client is required to connect to the migration target before/as migration
starts. Since after migration starts, the target qemu is blocked and cannot accept new spice client
we trigger the connection to the target upon client_migrate_info command.
client_migrate_info completion cb will be called after spice client has been
connected to the target (or a timeout). See following patches and spice patches.
Signed-off-by: Yonit Halperin <yhalperi@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
It's needed for its default value - bit 0 specifies that "rep movs" is
good enough for memcpy, and Linux may use a slower memcpu if it is not set,
depending on cpu family/model.
Signed-off-by: Avi Kivity <avi@redhat.com>
Signed-off-by: Marcelo Tosatti <mtosatti@redhat.com>
KVM add emulation of lapic tsc deadline timer for guest.
This patch is co-operation work at qemu side.
Use subsections to save/restore the field (mtosatti).
Signed-off-by: Liu, Jinsong <jinsong.liu@intel.com>
Signed-off-by: Marcelo Tosatti <mtosatti@redhat.com>
mmio callbacks invoked by kvm_flush_coalesced_mmio_buffer() may
themselves indirectly call kvm_flush_coalesced_mmio_buffer().
Prevent reentering the function by checking a flag that indicates
we're processing coalesced mmio requests.
Signed-off-by: Avi Kivity <avi@redhat.com>
Simple implementation of an stdio char device on Windows.
Signed-off-by: Fabien Chouteau <chouteau@adacore.com>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
Make lazy condition code helpers take a parameter for CPUState instead
of relying on global env.
Reviewed-by: Richard Henderson <rth@twiddle.net>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
Move lazy condition code handling op helpers to cc_helper.c.
Reviewed-by: Richard Henderson <rth@twiddle.net>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
Make floating point and VIS ops take a parameter for CPUState instead
of relying on global env.
Reviewed-by: Richard Henderson <rth@twiddle.net>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
Move FPU op helpers to fop_helper.c. Move VIS op helpers to vis_helper.c,
compile it only for Sparc64.
Reviewed-by: Richard Henderson <rth@twiddle.net>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
Before the next patches, fix coding style of the areas affected.
Reviewed-by: Richard Henderson <rth@twiddle.net>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
Make raise_exception() and helper_debug() take a parameter for
CPUState instead of relying on global env. Move the functions
to helper.c.
Reviewed-by: Richard Henderson <rth@twiddle.net>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
These functions don't need access to CPUState or already pass it,
so relocating them from op_helper.c to helper.c and int64_helper.c
is trivial.
Reviewed-by: Richard Henderson <rth@twiddle.net>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
Move CPU init to cpu_init.c and interrupt handling to int32_helper.c
for Sparc32 and int64_helper.c for Sparc64.
Reviewed-by: Richard Henderson <rth@twiddle.net>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
Before the next patch, fix coding style of the areas affected.
Reviewed-by: Richard Henderson <rth@twiddle.net>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
Fix incorrect order of arguments, letting writes to NVRAM succeed.
It looks like guests never write to the device, only read from it, since the bug
originates back to 819385c58b.
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
These will be used when moving icount accounting to cpus.c.
Reviewed-by: Anthony Liguori <aliguori@us.ibm.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Fix the "-version" option, which was accidentally broken in commit
fc9c541:
* exit after printing version information rather than proceeding
blithely onward (and likely printing the full usage message)
* correct the cut-n-paste error in the usage message for it
* don't insist on the presence of a following argument for
options which don't take an argument (this was preventing
'qemu-arm -version' from working)
* remove a spurious argc check from the beginning of main() which
meant 'QEMU_VERSION=1 qemu-arm' didn't work.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Andrzej Zaborowski <andrew.zaborowski@intel.com>
Since coroutine operation is now mandatory, convert both bdrv_discard
implementations to coroutines. For qcow2, this means taking the lock
around the operation. raw-posix remains synchronous.
The bdrv_discard callback is then unused and can be eliminated.
Reviewed-by: Kevin Wolf <kwolf@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Since coroutine operation is now mandatory, convert all bdrv_flush
implementations to coroutines. For qcow2, this means taking the lock.
Other implementations are simpler and just forward bdrv_flush to the
underlying protocol, so they can avoid the lock.
The bdrv_flush callback is then unused and can be eliminated.
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
This does the first part of the conversion to coroutines, by
wrapping bdrv_write implementations to take the mutex.
Drivers that implement bdrv_write rather than bdrv_co_writev can
then benefit from asynchronous operation (at least if the underlying
protocol supports it, which is not the case for raw-win32), even
though they still operate with a bounce buffer.
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
This does the first part of the conversion to coroutines, by
wrapping bdrv_read implementations to take the mutex.
Drivers that implement bdrv_read rather than bdrv_co_readv can
then benefit from asynchronous operation (at least if the underlying
protocol supports it, which is not the case for raw-win32), even
though they still operate with a bounce buffer.
raw-win32 does not need the lock, because it cannot yield.
nbd also doesn't probably, but better be safe.
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
The big conversion of bdrv_read/write to coroutines caused the two
homonymous callbacks in BlockDriver to become reentrant. It goes
like this:
1) bdrv_read is now called in a coroutine, and calls bdrv_read or
bdrv_pread.
2) the nested bdrv_read goes through the fast path in bdrv_rw_co_entry;
3) in the common case when the protocol is file, bdrv_co_do_readv calls
bdrv_co_readv_em (and from here goes to bdrv_co_io_em), which yields
until the AIO operation is complete;
4) if bdrv_read had been called from a bottom half, the main loop
is free to iterate again: a device model or another bottom half
can then come and call bdrv_read again.
This applies to all four of read/write/flush/discard. It would also
apply to is_allocated, but it is not used from within coroutines:
besides qemu-img.c and qemu-io.c, which operate synchronously, the
only user is the monitor. Copy-on-read will introduce a use in the
block layer, and will require converting it.
The solution is "simply" to convert all drivers to coroutines! We
just need to add a CoMutex that is taken around affected operations.
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Move vmdk_parent_open to vmdk_open. There's another path how
vmdk_parent_open can be reached:
vmdk_parse_extents() -> vmdk_open_sparse() -> vmdk_open_vmdk4() ->
vmdk_open_desc_file().
If that can happen, however, the code is bogus. vmdk_parent_open
reads from bs->file:
if (bdrv_pread(bs->file, s->desc_offset, desc, DESC_SIZE) != DESC_SIZE) {
but it is always called with s->desc_offset == 0 and with the same
bs->file. So the data that vmdk_parent_open reads comes always from the
same place, and anyway there is only one place where it can write it,
namely bs->backing_file.
So, if it cannot happen, the patched code is okay.
It is also possible that the recursive call can happen, but only once. In
that case there would still be a bug in vmdk_open_desc_file setting
s->desc_offset = 0, but the patched code is okay.
Finally, in the case where multiple recursive calls can happen the code
would need to be rewritten anyway. It is likely that this would anyway
involve adding several parameters to vmdk_parent_open, and calling it from
vmdk_open_vmdk4.
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
While vmdk_open_desc_file (touched by the patch) correctly changed -1
to -EINVAL, vmdk_open did not. Fix it directly in vmdk_parent_open.
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Commit 63ffb564 broke floppy devices specified on the command line like
-drive file=...,if=none,id=floppy -global isa-fdc.driveA=floppy because it
relies on drive_get() which works only with -fda/-drive if=floppy.
This patch resembles what we're already doing for IDE, i.e. remember the floppy
device that was created and use that to extract the BlockDriverStates where
needed.
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Reviewed-by: Markus Armbruster <armbru@redhat.com>
If during allocation of compressed clusters the cluster was already allocated
uncompressed, fail and properly release the l2_table (the latter avoids a
failed assertion).
While at it, make it return some real error numbers instead of -1.
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Reviewed-by: Dong Xu Wang <wdongxu@linux.vnet.ibm.com>
Only qcow and qcow2 can do compression at all, and they require unallocated
clusters when writing the compressed data.
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Reviewed-by: Stefan Hajnoczi <stefanha@linux.vnet.ibm.com>
The floppy device was broken by commit 212ec7ba (fdc: Convert to
isa_register_portio_list). While the old interface provided the port number
relative to the floppy drive's io_base, the new one provides the real port
number, so we need to apply a bitmask now to get the register number.
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
This similarly adds support for coroutine and asynchronous discard.
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Block drivers now only need to provide either of .bdrv_co_flush,
.bdrv_aio_flush() or for legacy drivers .bdrv_flush(). Remove
the redundant .bdrv_flush() implementations.
[Paolo Bonzini: change raw driver to bdrv_co_flush]
Signed-off-by: Stefan Hajnoczi <stefanha@linux.vnet.ibm.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Add coroutine support for flush and apply the same emulation that
we already do for read/write. bdrv_aio_flush is simplified to always
go through a coroutine.
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
The synchronous .bdrv_flush callback doesn't exist any more and a device really
shouldn't poke into the block layer internals anyway. All drivers are supposed
to have a correctly working bdrv_flush, so let's just hard-code this.
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
The OMAP2430 version of the omap-gpio device has five GPIO modules,
not four like the other OMAP2 versions; wire up the fifth module's
IRQ line correctly.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Andrzej Zaborowski <andrew.zaborowski@intel.com>
Commit c572f23a3e added trace events
with mismatching format string and arguments.
gcc reports these errors:
In file included from trace.c:2:0:
trace.h: In function ‘trace_v9fs_attach’:
trace.h:2850:9: error: too many arguments for format [-Werror=format-extra-args]
trace.h: In function ‘trace_v9fs_wstat’:
trace.h:3039:9: error: too many arguments for format [-Werror=format-extra-args]
trace.h: In function ‘trace_v9fs_mkdir’:
trace.h:3088:9: error: too many arguments for format [-Werror=format-extra-args]
trace.h: In function ‘trace_v9fs_mkdir_return’:
trace.h:3095:9: error: too many arguments for format [-Werror=format-extra-args]
Fix the format strings and also use %u instead of %d for unsigned values
in the changed strings. There are more minor errors of this kind
which I did not fix because that would make the review more difficult.
v2: Fixed position of } for v9fs_mkdir_return.
Cc: Harsh Prateek Bora <harsh@linux.vnet.ibm.com>
Signed-off-by: Stefan Weil <sw@weilnetz.de>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
env is allocated in cpu_arm_init() with g_malloc0(), so free with g_free().
Signed-off-by: Andreas Färber <afaerber@suse.de>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Files are almost identical in functionality, just remove the
differences that make no sense.
Signed-off-by: Juan Quintela <quintela@redhat.com>
Reviewed-by: Anthony Liguori <aliguori@us.ibm.com>
unix and tcp outgoing migration have error values, but didn't returned
it. Make them return the error. Notice that EINPROGRESS & EWOULDBLOCK
are not considered errors as call will be retry later.
Signed-off-by: Juan Quintela <quintela@redhat.com>
Reviewed-by: Anthony Liguori <aliguori@us.ibm.com>
This means we can remove the two forward declarations.
Signed-off-by: Juan Quintela <quintela@redhat.com>
Reviewed-by: Anthony Liguori <aliguori@us.ibm.com>
It is only used inside migration.c, and fields on that struct are
accessed all around the place on that file.
Signed-off-by: Juan Quintela <quintela@redhat.com>
We called it from a single place, and always with state !=
MIG_STATE_ACTIVE. Just remove the whole callback. For users of the
notifier, notice that this is exactly the case where they don't care,
we are just freeing the state from previous failed migration (it can't
be a sucessful one, otherwise we would not be running on that machine
in the first place).
Signed-off-by: Juan Quintela <quintela@redhat.com>
Reviewed-by: Anthony Liguori <aliguori@us.ibm.com>
This function is a bit different of the others that change the state,
in the sense that if migrate_fd_cleanup() returns an error, it set the
status to error, not completed.
Signed-off-by: Juan Quintela <quintela@redhat.com>
Use MIG_STATE_ACTIVE only when migration has really started. Use this
new state to setup migration parameters. Change defines for an
anonymous struct.
Signed-off-by: Juan Quintela <quintela@redhat.com>
Once there, remove all parameters that don't need to be passed to
*start_outgoing_migration() functions
Signed-off-by: Juan Quintela <quintela@redhat.com>
Reviewed-by: Anthony Liguori <aliguori@us.ibm.com>
I have to move two functions postions to avoid forward declarations
Signed-off-by: Juan Quintela <quintela@redhat.com>
Reviewed-by: Anthony Liguori <aliguori@us.ibm.com>
Make *save_live() return negative values when there is one error, and
updates all callers to check for the error.
Signed-off-by: Juan Quintela <quintela@redhat.com>
Now the field contains the last error name, so rename acordingly.
Signed-off-by: Juan Quintela <quintela@redhat.com>
Reviewed-by: Anthony Liguori <aliguori@us.ibm.com>
Now the function returned errno, so it is better the new name.
Signed-off-by: Juan Quintela <quintela@redhat.com>
Reviewed-by: Anthony Liguori <aliguori@us.ibm.com>
make functions propagate errno, instead of just using -EIO. Add a
comment about what are the return value of qemu_savevm_state_iterate().
Signed-off-by: Juan Quintela <quintela@redhat.com>
Instead of having two has_error fields in QEMUFile & QEMUBufferedFile,
reuse the 1st one. Notice that the one in buffered_file is only set
after a file operation.
Signed-off-by: Juan Quintela <quintela@redhat.com>
Reviewed-by: Anthony Liguori <aliguori@us.ibm.com>
buffered_close 's' variable is of type QEMUFileBuffered, and
wait_for_unfreeze() expect to receive a MigrationState, that
'coincidentaly' is s->opaque.
Signed-off-by: Juan Quintela <quintela@redhat.com>
Reviewed-by: Anthony Liguori <aliguori@us.ibm.com>
Although migrate_fd_put_buffer() sets MIG_STATE_ERROR if it failed,
since migrate_fd_put_notify() isn't checking error of underlying
QEMUFile, those resources are kept open. This patch checks it and
calls migrate_fd_error() in case of error.
Signed-off-by: Yoshiaki Tamura <tamura.yoshiaki@lab.ntt.co.jp>
Signed-off-by: Juan Quintela <quintela@redhat.com>
Reviewed-by: Anthony Liguori <aliguori@us.ibm.com>
Once there, make sure that if we already know that there is one error,
just call migration_fd_cleanup() with the ERROR state.
Signed-off-by: Juan Quintela <quintela@redhat.com>
Reviewed-by: Anthony Liguori <aliguori@us.ibm.com>
QEMUFile * is only intended for migration nowadays. Using it for
anything else just adds pain and a layer of buffers for no good
reason.
Signed-off-by: Juan Quintela <quintela@redhat.com>
Reviewed-by: Anthony Liguori <aliguori@us.ibm.com>
This reverts commit eb60260de0.
Conflicts:
savevm.c
We changed qemu_peek_byte() prototype, just fixed the rejects.
Signed-off-by: Juan Quintela<quintela@redhat.com>
Reviewed-by: Anthony Liguori <aliguori@us.ibm.com>
We add qemu_peek_buffer, that is identical to qemu_get_buffer, just
that it don't update f->buf_index.
We add a paramenter to qemu_peek_byte() to be able to peek more than
one byte.
Once this is done, to see if we have a subsection we look:
- 1st byte is QEMU_VM_SUBSECTION
- 2nd byte is a length, and is bigger than section name
- 3rd element is a string that starts with section_name
So, we shouldn't have false positives (yes, content could still get us
wrong but probabilities are really low).
v2:
- Alex Williamsom found that we could get negative values on index.
- Rework code to fix that part.
- Rewrite qemu_get_buffer() using qemu_peek_buffer()
v3:
- return "done" on error case
v4:
- fix qemu_file_skip() off by one.
Signed-off-by: Juan Quintela <quintela@redhat.com>
This patch will make moving code on next patches and having checkpatch
happy easier.
Signed-off-by: Juan Quintela<quintela@redhat.com>
Reviewed-by: Anthony Liguori <aliguori@us.ibm.com>
We will need on next patch to be able to lookahead on next patch
v2: rename "used" to "pending" (Alex Williams)
Signed-off-by: Juan Quintela<quintela@redhat.com>
Reviewed-by: Anthony Liguori <aliguori@us.ibm.com>
Implement the fused multiply-accumulate instructions (VFMA, VFMS,
VFNMA, VFNMS) which are new in VFPv4.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Implement fused multiply-add as a softfloat primitive. This implements
"a+b*c" as a single step without any intermediate rounding; it is
specified in IEEE 754-2008 and implemented in a number of CPUs.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Add support for UDIV and SDIV in ARM mode. This is a new optional
feature for A profile cores (Thumb mode has had UDIV and SDIV for
M profile cores for some time).
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Rename the ARM_FEATURE_DIV feature bit to _THUMB_DIV, to
make room for a new feature switch enabling DIV in the ARM
encoding. (Cores may implement either (a) no divide insns
(b) divide insns in Thumb encodings only (c) divide insns
in both ARM and Thumb encodings.)
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Clean up the decoding of the v6 media multiply space so that we UNDEF
on unassigned encodings rather than randomly interpreting them as
some instruction in this space.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
It should be a matter of allowing the transition POSTMIGRATE ->
FINISH_MIGRATE, but it turns out that the VM won't do the
transition the second time because it's already stopped.
So this commit also adds vm_stop_force_state() which performs
the transition even if the VM is already stopped.
While there also allow other states to migrate.
Signed-off-by: Luiz Capitulino <lcapitulino@redhat.com>
qemu_savevm_state() has some logic to stop the VM and to (or not to)
resume it. But this seems to be a big noop, as qemu_savevm_state()
is only called by do_savevm() when the VM is already stopped.
So, let's drop qemu_savevm_state()'s stop VM logic.
Reviewed-by: Michael Roth <mdroth@linux.vnet.ibm.com>
Reviewed-by: Kevin Wolf <kwolf@redhat.com>
Reviewed-by: Juan Quintela <quintela@redhat.com>
Signed-off-by: Luiz Capitulino <lcapitulino@redhat.com>
The user may already have paused the VM before starting the
migration process. If s/he does that, then the state will be
'paused' when we finish the migration process. In that case
we want to transition from 'paused' to 'postmigrate' as the
latter is now the real reason why the VM is stopped.
Signed-off-by: Luiz Capitulino <lcapitulino@redhat.com>
The memory API supports 64-bit buses (e.g. PCI). A size on such a bus cannot
be represented with a 64-bit data type, if both 0 and the entire address
space size are to be represented. Futhermore, any address arithemetic may
overflow and return unexpected results.
Introduce a 128-bit signed integer type for use in such cases. Addition,
subtraction, and comparison are the only operations supported.
Signed-off-by: Avi Kivity <avi@redhat.com>
This key cleanup step requires to move the IRQ debugging bit from
i8259_set_irq directly to the per-PIC pic_set_irq, to pass the PIC
parameters (I/O base, ELCR address and mask, master/slave mode) as
qdev properties, and to interconnect the PICs with their environment via
GPIO pins.
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
Introduce a reference to the slave PIC for the few cases we need to
access it without a proper pointer at hand and drop PicState2. We could
even live without slave_pic if we had a better way of modeling the
cascade bus the PICs are attached to (in addition to the ISA bus).
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
This reflects how real PICs indentify their role (in non-buffered mode):
Pass the state of the /SP input on pic_init and use it instead of
pics_state to differentiate between master and slave mode.
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
There is nothing in the i8259 spec that justifies the special
pic_intack_read. At least the Linux PREP kernels configure the PICs
properly so that pic_read_irq returns identical values, and setting
read_reg_select in PIC0 cannot be derived from any special i8259 mode.
So switch ppc_prep to pic_read_irq and drop the now unused PIC code.
CC: Andreas Färber <andreas.faerber@web.de>
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
This was probably never used so far: According to the spec, polling
means ack'ing the pending IRQ and setting its corresponding bit in isr.
Moreover, we have to signal a pending IRQ via bit 7 of the returned
value, and we must not return a spurious IRQ if none is pending.
This implements the poll command without the help of pic_poll_read which
is left untouched as pic_intack_read is still using it.
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
This converts pic_update_irq to work against a single PIC instead of the
complete cascade. Along this change, the required update after
pic_set_irq1 is now moved into that function.
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
The ELCR is actually part of the chipset but we model it here for
simplicity reasons. The PIIX3 clears the ELCR on reset, which was once
broken by 4dbe19e181. Fix this by splitting up pic_init_reset from
pic_reset and clearing the register in the latter.
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
MIPS and PPC users of the i8259 output signal expect us to report state
updates also after reset. As no consumer (including the master PIC) can
misinterpret the deassert as an activation event, it is safe to simply
update the IRQ state after reset.
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
As we want to move the IRQ update to pic_intack, ordering matters: the
slave ack must be executed before the master ack to avoid missing
further pending slave IRQs.
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
If pic_poll_read finds no pending IRQ and return a spurious one instead,
no PIC state is changed, thus we do not need to call pic_update_irq.
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
As a first step towards more generic master-slave support, remove
parent_irq in favor of a per-PIC output interrupt line. The slave's
line is attached to IRQ2 of the master, but it remains unused for now.
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
We are about to call the latter from the former. No functional changes.
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
The master PIC is connected to the LINTIN0 of the APICs. As the APIC
currently does not track the state of that line, we have to ask the PIC
to reinject its IRQ after the CPU picked up an event from the APIC.
This introduces pic_get_output to read the master PIC IRQ line state
without changing it. The APIC uses this function to decide if a PIC IRQ
should be reinjected on apic_update_irq. This reflects better how the
real hardware works.
The patch fixes some failures of the kvm unit tests apic and eventinj by
allowing to enable the proper CPU IRQ deassertion when the guest masks
some pending IRQs at PIC level.
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
Will be required when we no longer let i8259_init allocate the PIC IRQs
but convert that chips to qdev.
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
The ISA bus IRQ range is 0..15. What isa_irq_handler and IsaIrqState are
actually dealing with are the Global System Interrupts. Refactor the
code to clarify this.
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
IsaIrqState::ioapic is always non-NULL. Probably, the concrete
qemu_irq was supposed to be tested, but that's already done by
qemu_set_irq.
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
These boards carry similar hardware: SDRAM (48M for LX110, 64M for LX60,
96M for LX200), 16 Mbyte FLASH, FPGA, 10/100 Mbps Ethernet PHY and 16550
UART. FPGA may be loaded with almost any Tensilica processor. It is also
used to implement Ethernet MAC, e.g. OpenCores 10/100 Mbps Ethernet MAC
and LED/DIP switches access.
Signed-off-by: Max Filippov <jcmvbkbc@gmail.com>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
This is to get aligned with the linux name for this machine.
Signed-off-by: Max Filippov <jcmvbkbc@gmail.com>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
This is FSF big endian core implemented through linux overlay.
Signed-off-by: Max Filippov <jcmvbkbc@gmail.com>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
This is Diamond 232L Standard Core Rev.B (LE), implemented through
linux/gdb overlay.
Signed-off-by: Max Filippov <jcmvbkbc@gmail.com>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
Introduce overlay_tool.h that defines core configuration blocks from
data available in the linux architecture variant overlay.
Overlay data is automatically generated in the core configuration
process by Tensilica tools and can be directly converted to qemu xtensa
core description by overlay_tool.h
Signed-off-by: Max Filippov <jcmvbkbc@gmail.com>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
Xtensa cores may have different mapping of external interrupt pins to
internal IRQ numers. Implement API to acquire core IRQ by its external
interrupt number.
Signed-off-by: Max Filippov <jcmvbkbc@gmail.com>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
- add separate options for each operation in the MISC_OP;
- add an option for MULSH/MULUH;
- put S32C1I under conditional store option.
Signed-off-by: Max Filippov <jcmvbkbc@gmail.com>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
See ISA, 4.3.7 for the details.
- add ACC and MR special registers;
- implement MAC16 and all inner MAC* opcode groups.
Signed-off-by: Max Filippov <jcmvbkbc@gmail.com>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
QEMU timer is used to post CCOMPARE interrupt when the core is halted.
If that CCOMPARE interrupt is masked off then the timer must be rearmed
in the callback, otherwise it will be rearmed next time the core goes to
halt by the waiti instruction.
Add test case into timer testsuite.
Signed-off-by: Max Filippov <jcmvbkbc@gmail.com>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
We flush coalesced MMIO in the device models now, and VNC - for which
this was once introduced - is also fine without it as it has its own
refresh timer.
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
This is conceptually cleaner and will allow us to drop the nographic
timer. Moreover, it will be mandatory to fully exploit future per-device
coalesced MMIO rings.
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
Plan is to replace the existing debug infrastructure with Qemu tracing
infrastructure so that user can dynamically enable/disable trace events and
therefore a meaningful trace log can be generated which can be further
filtered using an analysis script.
Note: Because of current simpletrace limitations, the trace events are
logging at max 6 args, however, once the more args are supported, we can
change trace events to log more info as well. Also, This initial patch only
provides a replacement for existing debug infra. More trace events to be
added later for newly added handlers and sub-routines.
Reviewed-by: Stefan Hajnoczi <stefanha@linux.vnet.ibm.com>
Signed-off-by: Harsh Prateek Bora <harsh@linux.vnet.ibm.com>
Signed-off-by: Aneesh Kumar K.V <aneesh.kumar@linux.vnet.ibm.com>
This patch use file system specific ioctl for getting i_generation
value. Not all file system support the ioctl. So we add an export
specific extended operation and assign right callback for the
file system that support i_generation ioctl
["M. Mohan Kumar" <mohan@in.ibm.com> we can do ioctl only for
regular files and directories on the server]
Signed-off-by: Harsh Prateek Bora <harsh@linux.vnet.ibm.com>
Signed-off-by: Aneesh Kumar K.V <aneesh.kumar@linux.vnet.ibm.com>
If the 9pfs mount tag is longer than MAX_TAG_LEN bytes, rather than
silently truncating the tag which will likely break the guest OS,
report an immediate error and exit QEMU
* hw/9pfs/virtio-9p-device.c: Report error & exit if mount tag is
too long
Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
Signed-off-by: Aneesh Kumar K.V <aneesh.kumar@linux.vnet.ibm.com>
Also don't do glibc version check to find handle support. Instead
do handle syscall support in configure.
Signed-off-by: Aneesh Kumar K.V <aneesh.kumar@linux.vnet.ibm.com>
Commit cd74d83345e0e3b708330ab8c4cd9111bb82cda6 ("block: switch
bdrv_read()/bdrv_write() to coroutines") removed the bdrv_has_async_rw()
callers. This patch removes bdrv_has_async_rw() since it is no longer
used.
Signed-off-by: Stefan Hajnoczi <stefanha@linux.vnet.ibm.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
There is no need to emulate .bdrv_read()/.bdrv_write() since these
interfaces are only called if aio and coroutine interfaces are not
present. All valid BlockDrivers must implement either sync, aio, or
coroutine interfaces.
Signed-off-by: Stefan Hajnoczi <stefanha@linux.vnet.ibm.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
The raw format delegates all operations to bs->file (the protocol).
Previously this block driver exposed both sync and aio interfaces.
Since the block layer now works in terms of coroutines, expose the
coroutine interfaces and drop the others. This avoids unnecessary
emulation of sync and aio interfaces.
Signed-off-by: Stefan Hajnoczi <stefanha@linux.vnet.ibm.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Block drivers only need to provide one of sync, aio, or coroutine
interfaces. Since raw-posix.c provides aio interfaces, simply drop the
synchronous interfaces since they can be emulated using aio and
coroutines.
Signed-off-by: Stefan Hajnoczi <stefanha@linux.vnet.ibm.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Block drivers that implement coroutine functions used to get sync and
aio wrappers. This is no longer necessary since all request processing
now happens in a coroutine. If a block driver implements the coroutine
interface then none of the other interfaces will be invoked.
Signed-off-by: Stefan Hajnoczi <stefanha@linux.vnet.ibm.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
cppcheck reported this error:
qemu/block/qcow.c:599: error: Mismatching allocation and deallocation: cluster_data
Signed-off-by: Stefan Weil <sw@weilnetz.de>
Signed-off-by: Stefan Hajnoczi <stefanha@linux.vnet.ibm.com>
cppcheck reported these errors:
qemu-char.c:1667: error: Mismatching allocation and deallocation: s
qemu-char.c:1668: error: Mismatching allocation and deallocation: chr
qemu-char.c:1769: error: Mismatching allocation and deallocation: s
qemu-char.c:1770: error: Mismatching allocation and deallocation: chr
Tested-by: Dongxu Wang <wdongxu@linux.vnet.ibm.com>
Signed-off-by: Stefan Weil <sw@weilnetz.de>
Signed-off-by: Stefan Hajnoczi <stefanha@linux.vnet.ibm.com>
Preprocessor directives cannot be used in STEXI/ETEXI sections since
they are not passed through the preprocessor. The spicevmc chardev
option help currently uses #if, which is included verbatim in the man
page output.
Fix this by simply stating that spicevmc chardevs are available only in
builds with spice support.
Signed-off-by: Stefan Hajnoczi <stefanha@linux.vnet.ibm.com>
This is the linux-aio version of commits 22afa7b5 (raw-posix, synchronous) and
ba1d1afd (posix-aio-compat). Reads now produce zeros after the end of file
instead of failing or resulting in short reads, making linux-aio compatible
with the behaviour of synchronous raw-posix requests and posix-aio-compat.
The problem can be reproduced like this:
dd if=/dev/zero of=/tmp/test.raw bs=1 count=1234
./qemu-io -k -n -g -c 'read -p 1024 512' /tmp/test.raw
Previously, the result of this was 'read failed: Invalid argument', now the
read completes successfully.
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Reviewed-by: Stefan Hajnoczi <stefanha@linux.vnet.ibm.com>
More sync, aio, and coroutine unification. Make bdrv_aio_writev() go
through coroutine request processing.
Remove the dirty block callback mechanism which was needed only for aio
processing and can be done more naturally in coroutine context.
Signed-off-by: Stefan Hajnoczi <stefanha@linux.vnet.ibm.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
The aio write operation marks blocks dirty when the write operation
completes. The coroutine write operation marks blocks dirty before
issuing the write operation.
It seems safest to mark the block dirty when the operation completes so
that anything tracking dirty blocks will not act before the change has
been made to the image file.
Make the coroutine write operation dirty blocks on write completion.
Signed-off-by: Stefan Hajnoczi <stefanha@linux.vnet.ibm.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
More sync, aio, and coroutine unification. Make bdrv_aio_readv() go
through coroutine request processing.
Signed-off-by: Stefan Hajnoczi <stefanha@linux.vnet.ibm.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
The bdrv_read()/bdrv_write() functions call .bdrv_read()/.bdrv_write().
They should go through bdrv_co_do_readv() and bdrv_co_do_writev()
instead in order to unify request processing code across sync, aio, and
coroutine interfaces. This is also an important step towards removing
BlockDriverState .bdrv_read()/.bdrv_write() in the future.
Signed-off-by: Stefan Hajnoczi <stefanha@linux.vnet.ibm.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
The public interface for I/O in coroutine context is bdrv_co_readv() and
bdrv_co_writev(). Split out the request processing code into
bdrv_co_do_readv() and bdrv_co_writev() so that it can be called
internally when we refactor all request processing to use coroutines.
Signed-off-by: Stefan Hajnoczi <stefanha@linux.vnet.ibm.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
The emulation functions which supply default BlockDriver .bdrv_*()
functions given another implemented .bdrv_*() function should not use
public bdrv_*() interfaces. This patch ensures they invoke .bdrv_*()
directly to avoid adding an extra layer of coroutine request processing
and possibly entering an infinite loop.
Signed-off-by: Stefan Hajnoczi <stefanha@linux.vnet.ibm.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
We will unify block layer request processing across sync, aio, and
coroutines and this means a .bdrv_co_*() emulation function should not
call back into the public interface. There's no need here, just call
.bdrv_aio_*() directly.
The gory details: bdrv_co_io_em() cannot call back into the public
bdrv_aio_*() interface since that will be handled using coroutines,
which causes us to call into bdrv_co_io_em() again in an infinite loop
:).
Signed-off-by: Stefan Hajnoczi <stefanha@linux.vnet.ibm.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Calling usb_packet_complete() recursively when passing up the completion
event up the chain for devices connected via usb hub will trigger an
assert. So don't do that, make the usb hub emulation call the upstream
completion callback directly instead.
Based on a patch from Stefan Hajnoczi <stefanha@gmail.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
qemu uses the ps/2 mouse by default. The usb tablet (or mouse) is
activated as soon as qemu sees some guest activity on the device,
i.e. polling for HID events. That used to work fine for both fresh
boot and migration.
Remote wakeup support changed the picture though: There will be no
polling after migration in case the guest suspended the usb bus,
waiting for wakeup events. Result is that the ps/2 mouse stays
active.
Fix this by activating the usb tablet / mouse in post_load() in case
the guest enabled remote wakeup.
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Honour the maximum packet size for endpoints; this applies when
sending non-isochronous data and means we transfer only as
much as the endpoint allows, leaving the transfer descriptor
on the list for another go next time around. This allows
usb-net to work when connected to an OHCI controller model.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
The OHCI Transfer Descriptor T (DataToggle) bits are 24 and 25;
fix an error which accidentally overlaid them both on the same bit.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
In case the host uses the usb device usbfs will refuse to set the
configuration due to the device being busy. Handle this case by
disconnection the interfaces, then trying again.
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Move code to claim usb ports and to disconnect usb interfaces into
usb_host_claim_port and usb_host_disconnect_ifaces functions. No
functional change.
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
commit 891fb2cd45 removed the implicit
detach before (re-)attaching in usb_attach(). Some usb host controllers
used that behavior though to do a port reset by a detach+attach
sequence.
This patch establishes old behavior by adding a new usb_reset() function
for port resets and putting it into use, thereby also unifying port
reset behavior of all host controllers. The patch also adds asserts to
usb_attach() and usb_detach() to make sure the calls are symmetrical.
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
When a usb packet is canceled we need to check whenever we actually have
a scsi request in flight before we try to cancel it.
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
All users have been converted to either isa_register_ioport
or isa_register_old_portio_list.
Signed-off-by: Richard Henderson <rth@twiddle.net>
Signed-off-by: Avi Kivity <avi@redhat.com>
[jan: fix cut'n'paste errors]
[avi: adjust pci variants not to use isa functions]
Signed-off-by: Richard Henderson <rth@twiddle.net>
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Signed-off-by: Avi Kivity <avi@redhat.com>
As we register old portio regions via ioport_register, we are also
responsible for providing the word access wrapper.
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Signed-off-by: Avi Kivity <avi@redhat.com>
Add a type and methods for manipulating a list of disjoint I/O ports,
used in some older hardware devices.
Based on original patch by Richard Henderson.
Signed-off-by: Richard Henderson <rth@twiddle.net>
Signed-off-by: Avi Kivity <avi@redhat.com>
cppcheck reported memory leaks and mismatched g_malloc() with free()
instead of g_free().
Fix these errors.
Cc: Kevin Wolf <kwolf@redhat.com>
Signed-off-by: Stefan Weil <weil@mail.berlios.de>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Contains the I/O status for the given device. The key is only present
if the device supports it and the VM is configured to stop on errors.
Please, check the documentation being added in this commit for more
information.
Signed-off-by: Luiz Capitulino <lcapitulino@redhat.com>
Reviewed-by: Markus Armbruster <armbru@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
This commit adds support to the BlockDriverState type to keep track
of devices' I/O status.
There are three possible status: BDRV_IOS_OK (no error), BDRV_IOS_ENOSPC
(no space error) and BDRV_IOS_FAILED (any other error). The distinction
between no space and other errors is important because a management
application may want to watch for no space in order to extend the
space assigned to the VM and put it to run again.
Qemu devices supporting the I/O status feature have to enable it
explicitly by calling bdrv_iostatus_enable() _and_ have to be
configured to stop the VM on errors (ie. werror=stop|enospc or
rerror=stop).
In case of multiple errors being triggered in sequence only the first
one is stored. The I/O status is always reset to BDRV_IOS_OK when the
'cont' command is issued.
Next commits will add support to some devices and extend the
query-block/info block commands to return the I/O status information.
Signed-off-by: Luiz Capitulino <lcapitulino@redhat.com>
Reviewed-by: Markus Armbruster <armbru@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
The error handling order was in the wrong order, so that either the ACB would
be leaked or the counter would be decremented when it shouldn't.
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Allow to resize images that reside on host devices up to the available
space. This allows to grow images after resizing the device manually or
vice versa.
Signed-off-by: Christoph Hellwig <hch@lst.de>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
The only user of ISADevice.ioports is isabus_get_fw_dev_path, and it
only looks at the first entry of the array. Which suggests that this
entire array+sort operation can be replaced by a simple minimum.
Signed-off-by: Richard Henderson <rth@twiddle.net>
Signed-off-by: Avi Kivity <avi@redhat.com>
Clean up versatile_pci to expose the various PCI mmio regions
properly as separate mmio regions rather than as a single mmio
which uses callbacks to map and unmap everything.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Avi Kivity <avi@redhat.com>
Clean up the initialisation of the realview_mpcore device to avoid
using sysbus_init_mmio_cb2(): we can pass through the MemoryRegion
of the private arm11mpcore_priv device directly now.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Avi Kivity <avi@redhat.com>
On i386, these errors were reported:
qemu/hw/alpha_dp264.c: In function ‘clipper_init’:
qemu/hw/alpha_dp264.c:158: error: integer constant is too large for ‘unsigned long’ type
qemu/hw/alpha_typhoon.c: In function ‘typhoon_init’:
qemu/hw/alpha_typhoon.c:737: error: integer constant is too large for ‘long’ type
qemu/hw/alpha_typhoon.c:741: error: integer constant is too large for ‘long’ type
qemu/hw/alpha_typhoon.c:745: error: integer constant is too large for ‘long’ type
qemu/hw/alpha_typhoon.c:749: error: integer constant is too large for ‘long’ type
qemu/hw/alpha_typhoon.c:757: error: integer constant is too large for ‘long’ type
qemu/hw/alpha_typhoon.c:767: error: integer constant is too large for ‘long’ type
qemu/hw/alpha_typhoon.c:772: error: integer constant is too large for ‘long’ type
Signed-off-by: Stefan Weil <sw@weilnetz.de>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
The alarm is a fully general one-shot time comparator, which will be
usable under Linux as a hrtimer source. It's much more flexible than
the RTC source available on real hardware.
The wall clock allows the guest access to the host timekeeping. Much
like the KVM wall clock source for other guests.
Both are accessed via the PALcode Cserve entry point.
Signed-off-by: Richard Henderson <rth@twiddle.net>
This is a DP264 variant, SMP capable, no unusual hardware present.
The emulation does not currently include any PCI IOMMU code.
Hopefully the generic support for that can be merged to HEAD soon.
Signed-off-by: Richard Henderson <rth@twiddle.net>
* 'for-upstream' of git://git.serverraum.org/git/mw/qemu-lm32:
milkymist: new interrupt map
milkymist_uart: support new core version
lm32: add missing qemu_init_vcpu() call
Remove the unused function tcg_out_addi() from the s390 TCG backend;
this brings it into line with other backends.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Acked-by: Richard Henderson <rth@twiddle.net>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
Remove the unused function tcg_out_addi() from the ia64 TCG backend;
this brings it into line with other backends.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
Fix a bug in bccd9ec5f0,
target-arm/op_helper.c missed a change unlike all other targets.
This lead to a NULL pointer dereferences.
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
Since commit 8733f609 (Fix linker scripts) linking on Linux/ppc64 fails:
LINK ppc64-linux-user/qemu-ppc64
/usr/lib64/gcc/powerpc64-suse-linux/4.3/../../../../powerpc64-suse-linux/bin/ld:/home/afaerber/qemu/ppc64.ld:84: syntax error
collect2: ld gab 1 als Ende-Status zurück
make[1]: *** [qemu-ppc64] Fehler 1
make: *** [subdir-ppc64-linux-user] Fehler 2
Fix by removing a leftover line in the ppc64 linker script.
Cc: Gerd Hoffmann <kraxel@redhat.com>
Cc: Blue Swirl <blauwirbel@gmail.com>
Signed-off-by: Andreas Färber <afaerber@suse.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
Currently there is no implementation for set-time-of-day rtas function,
which causes the following warning "setting the clock failed (-1)" on
the guest.
This patch just creates this function, get the timedate diff and store in
the papr environment, so that the correct value will be returned by
get-time-of-day.
In order to try it, just adjust the hardware time, run hwclock --systohc,
so that, on when the system runs hwclock --hctosys, the value is correctly
adjusted, i.e. the host time plus the timediff.
Signed-off-by: Breno Leitao <brenohl@br.ibm.com>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Signed-off-by: Alexander Graf <agraf@suse.de>
Paulo Bonzini changed the original spapr code, which manually assigned irq
numbers for each virtual device, to allocate them automatically from the
device initialization. That allowed spapr virtual devices to be constructed
with -device, which is a good start. However, the way that patch worked
doesn't extend nicely for the future when we want to support devices other
than sPAPR VIO devices (e.g. virtio and PCI).
This patch rearranges the irq allocation to be global across the sPAPR
environment, so it can be used by other bus types as well.
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Signed-off-by: Alexander Graf <agraf@suse.de>
While working on the emulation of the freescale p2010 (e500v2) I realized that
there's no implementation of booke's timers features. Currently mpc8544 uses
ppc_emb (ppc_emb_timers_init) which is close but not exactly like booke (for
example booke uses different SPR).
Signed-off-by: Fabien Chouteau <chouteau@adacore.com>
Signed-off-by: Alexander Graf <agraf@suse.de>
When running with PR KVM, we need to set HIOR directly. Thankfully there
is now a new interface to set registers individually so we can just use that
and poke HIOR into the guest vcpu's HIOR register.
While at it, this also sets SDR1 because -M pseries requires it to run.
With this patch, -M pseries works properly with PR KVM.
Signed-off-by: Alexander Graf <agraf@suse.de>
During the memory API conversion, the indication on little endianness of
MMIO for the heathrow PIC got dropped. This patch adds it back again.
Signed-off-by: Alexander Graf <agraf@suse.de>
Commit 23c5e4ca (convert to memory API) broke the VIA Cuda emulation layer
by not registering the IO structs.
This patch registers them properly and thus makes -M g3beige and -M mac99
work again.
Tested-by: Andreas Färber <andreas.faerber@web.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
The helper function write_IRQreg was always called with a specific argument on
the type of register to access. Inside the function we were simply doing a
switch on that constant argument again. It's a lot easier to just unfold this
into two separate functions and call each individually.
Reported-by: Blue Swirl <blauwirbel@gmail.com>
Signed-off-by: Alexander Graf <agraf@suse.de>
The helper function read_IRQreg was always called with a specific argument on
the type of register to access. Inside the function we were simply doing a
switch on that constant argument again. It's a lot easier to just unfold this
into two separate functions and call each individually.
Reported-by: Blue Swirl <blauwirbel@gmail.com>
Signed-off-by: Alexander Graf <agraf@suse.de>
The RAM_ADDR_FMT macro hides the type of ram_addr_t so that format
strings can be safely used. Make sure to use RAM_ADDR_FMT so that the
build works on 32-bit hosts with Xen enabled. Whether Xen should affect
ppc TCG targets is questionable but a separate issue.
Signed-off-by: Stefan Hajnoczi <stefanha@linux.vnet.ibm.com>
Signed-off-by: Alexander Graf <agraf@suse.de>
I introduced this bug in commit 05751d3 (vscsi: always use get_sense,
2011-08-03) because at the time there was no way to expose a sense
condition to SLOF and Linux manages to work around the bug. However,
the bug becomes evident now that SCSI devices also report unit
attention on reset.
SLOF also has problems dealing with unit attention conditions, so
it still will not boot even with this fix (just like OpenBIOS).
IBM folks are aware of their part of the bug. :-)
Reported-by: Thomas Huth <thuth@linux.vnet.ibm.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Acked-by: David Gibson <david@gibson.dropbear.id.au>
Signed-off-by: Alexander Graf <agraf@suse.de>
This patch adds support for the H_REMOVE_BULK hypercall on the pseries
machine. Strictly speaking this isn't necessarym since the kernel will
only attempt to use this if hcall-bulk is advertised in the device tree,
which previously it was not.
Adding this support may give a marginal performance increase, but more
importantly it reduces the differences between the emulated machine and
an existing PowerVM or kvm system, both of which already implement
hcall-bulk.
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Signed-off-by: Alexander Graf <agraf@suse.de>
This patch implements support for the CFAR SPR on POWER7 (Come From
Address Register), which snapshots the PC value at the time of a branch or
an rfid. The latest powerpc-next kernel also catches it and can show it in
xmon or in the signal frames.
This works well enough to let recent kernels boot (which otherwise oops
on the CFAR access). It hasn't been tested enough to be confident that the
CFAR values are actually accurate, but one thing at a time.
Signed-off-by: Ben Herrenschmidt <benh@kernel.crashing.org>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Signed-off-by: Alexander Graf <agraf@suse.de>
This definition is backward compatible with MAV=1.0 as long as
the guest does not set reserved bits in MAS1/MAS4.
Also, fix the shift in booke206_tlb_to_page_size -- it's the base
that should be able to hold a 4G page size, not the shift count.
Signed-off-by: Scott Wood <scottwood@freescale.com>
Signed-off-by: Alexander Graf <agraf@suse.de>
Share the TLB array with KVM. This allows us to set the initial TLB
both on initial boot and reset, is useful for debugging, and could
eventually be used to support migration.
Signed-off-by: Scott Wood <scottwood@freescale.com>
Signed-off-by: Alexander Graf <agraf@suse.de>
For some time we've had a nicely defined macro with the filename for our
firmware image. However we didn't actually use it in the place we're
supposed to. This patch fixes it.
Signed-off-by: Nishanth Aravamudan <nacc@us.ibm.com>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Signed-off-by: Alexander Graf <agraf@suse.de>
PAPR systems support several hypercalls intended for use in real mode
debugging tools. These implement reads and writes to arbitrary guest
physical addresses. This is useful for real mode software because it
allows access to IO addresses and memory outside the RMA without going
through the somewhat involved process of setting up the hash page table
and enabling translation.
We want these so that when we add real IO devices, the SLOF firmware can
boot from them without having to enter virtual mode.
Signed-off-by: Benjamin Herrenschmidt <benh@kernel.crashing.org>
Signed-off-by: David Gibson <dwg@au1.ibm.com>
Signed-off-by: Alexander Graf <agraf@suse.de>
In the current emulation of the load-and-reserve (lwarx) and
store-conditional (stwcx.) instructions, the internal reservation
mechanism is taken into account, however each CPU has its own
reservation information and this information is not synchronized between
CPUs to perform proper synchronization.
The following test case with 2 CPUs shows that the semantics of the
"lwarx" and "stwcx." instructions are not preserved by the emulation.
The test case does the following :
- CPU0: reserve a memory location
- CPU1: reserve the same memory location
- CPU0: perform stwcx. on the location
The last store-conditional operation succeeds while it is supposed to
fail since the reservation was supposed to be lost at the second reserve
operation.
This (one line) patch fixes this problem in a very simple manner by
removing the reservation of a CPU every time it is scheduled (in
cpu_exec()). While this is a harsh workaround, it does not affect the
guest code much because reservations are usually held for a very short
time, that is an lwarx is almost always followed by an stwcx. a few
instructions below. Therefore, in most cases, the reservation will be
taken and consumed before a CPU switch occurs. However in the rare case
where a CPU switch does occur between the lwarx and its corresponding
stwcx. this patch solves a potential erroneous behavior of the
synchronization instructions.
Signed-off-by: Elie Richa <richa@adacore.com>
Signed-off-by: Alexander Graf <agraf@suse.de>
Currently our implementation of the H_ENTER hypercall, which inserts a
mapping in the hash page table assumes that only ordinary memory is ever
mapped, and only permits mapping attribute bits accordingly (WIMG==0010).
However, we intend to start adding emulated IO to the pseries platform
(and real IO with PCI passthrough on kvm) which means this simple test
will no longer suffice.
This patch extends the h_enter validation code to check if the given
address is a RAM address. If it is it enforces WIMG==0010, otherwise
it assumes that it is an IO mapping and instead enforces WIMG=010x.
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Signed-off-by: Alexander Graf <agraf@suse.de>
The interrupt controller presented in the device tree for the pseries
machine is manipulated by the guest only through hypervisor calls. It
has no real or emulated registers for the guest to access.
However, it currently has a bogus 'reg' property advertising a register
window. Moreover, this property has an invalid format, being a 32-bit
zero, when the #address-cells property on the root bus indicates that it
needs a 64-bit address. Since the guest never attempts to manipulate
the node directly, it works, but it is ugly and can cause warnings when
manipulating the device tree in other tools (such as future firmware
versions).
This patch, therefore, corrects the problem by entirely removing the
interrupt-controller node's 'reg' property.
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Signed-off-by: Alexander Graf <agraf@suse.de>
Future devices we will be adding to the pseries machine (e.g. PCI) will
need nodes in the device tree which explicitly reference the top-level
interrupt controller via interrupt-parent or interrupt-map properties.
In order to do this, the interrupt controller node needs an assigned
phandle. This patch adds the appropriate property, in preparation.
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Signed-off-by: Alexander Graf <agraf@suse.de>
The implementation of the XICS interrupt controller contains several
(difficult to trigger) bugs due to the fact that we were not 100%
consistent with which irq numbering we used. In most places, global
numbers were used as handled by the presentation layer, however a few
functions took "local" numberings, that is the source number within
the interrupt source controller which is offset from the global
number. In most cases the function and its caller agreed on this, but
in a few cases it didn't.
This patch cleans this up by always using global numbering.
Translation to the local number is now always and only done when we
look up the individual interrupt source state structure. This should
remove the existing bugs and with luck reduce the chances of
re-introducing such bugs.
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Signed-off-by: Alexander Graf <agraf@suse.de>
One of the things we can't fake on PPC is the timer speed. So
we need to extract the frequency information from the host and
put it back into the guest device tree.
Luckily, we already have functions for that from the non-pseries
targets, so all we need to do is to connect the dots and the guest
suddenly gets to know its real timer speeds.
Signed-off-by: Alexander Graf <agraf@suse.de>
When running PR style KVM, we need to tell the kernel that we want
to run in PAPR mode now. This means that we need to pass some more
register information down and enable papr mode. We also need to align
the HTAB to htab_size boundary.
Using this patch, -M pseries works with kvm even on non-hv kvm
implementations, as long as the preceding kernel patches are in.
Signed-off-by: Alexander Graf <agraf@suse.de>
---
v1 -> v2:
- match on CONFIG_PSERIES
v2 -> v3:
- remove HIOR pieces from PAPR patch (ABI breakage)
We only support -M pseries when certain prerequisites are met, such
as a PPC64 guest and libfdt. To only gather these requirements in
a single place, this patch introduces a new CONFIG_PSERIES variable
that gets set when all prerequisites are met.
Signed-off-by: Alexander Graf <agraf@suse.de>
Now that we have everything in place, make the machine description
aware of the fact that we can now handle 15 virtual CPUs!
Signed-off-by: Alexander Graf <agraf@suse.de>
---
v1 -> v2:
- Max cpus is 15 because of MPIC
With this patch, we generate CPU nodes in the machine initialization, giving
us the freedom to generate as many nodes as we want and as the machine supports,
but only those.
This is a first step towards a much cleaner device tree generation
infrastructure, where we would not require precompiled dtb blobs anymore.
Signed-off-by: Alexander Graf <agraf@suse.de>
We want to generate the CPU nodes in machine init code, so remove them from
the device tree definition that we precompile.
Signed-off-by: Alexander Graf <agraf@suse.de>
We currently load a device tree blob and then just take its size x2 to
account for modifications we do inside. While this is nice and great,
it fails when we have a small device tree as blob and lots of nodes added
in machine init code.
So for now, just make it 20k bigger than it was before. We maybe want to
be more clever about this later.
Signed-off-by: Alexander Graf <agraf@suse.de>
When we screw up and issue an FDT command that doesn't work, we really need to
know immediately and usually can't continue to create the machine. To make sure
we don't need to add error checking in all device tree modification code users,
we can just add the fail checks to the qemu abstract functions.
Signed-off-by: Alexander Graf <agraf@suse.de>
We want to be able to create subnodes in our device tree, so export it through
the qemu device tree abstraction framework.
Signed-off-by: Alexander Graf <agraf@suse.de>
The guest OS wants to know where the guest spins, so let's tell him while
updating the CPU nodes with the frequencies anyways.
Signed-off-by: Alexander Graf <agraf@suse.de>
---
v1 -> v2:
- use new spin table address
CPUs that are not the boot CPU need to run in spinning code to check if they
should run off to execute and if so where to jump to. This usually happens
by leaving secondary CPUs looping and checking if some variable in memory
changed.
In an environment like Qemu however we can be more clever. We can just export
the spin table the primary CPU modifies as MMIO region that would event based
wake up the respective secondary CPUs. That saves us quite some cycles while
the secondary CPUs are not up yet.
So this patch adds a PV device that simply exports the spinning table into the
guest and thus allows the primary CPU to wake up secondary ones.
Signed-off-by: Alexander Graf <agraf@suse.de>
---
v1 -> v2:
- change into MMIO scheme
- map the secondary NIP instead of 0 1:1
- only map 64MB for TLB, same as u-boot
- prepare code for 64-bit spinnings
v2 -> v3:
- remove r6
- set MAS2_M
- map EA 0
- use second TLB1 entry
v3 -> v4:
- change to memoryops
v4 -> v5:
- fix endianness bugs
v5 -> v6:
- add header
We should only keep CPU nodes in the device tree around that we really have
virtual CPUs for. So remove all superfluous entries that we just keep there
in case someone wants to create a lot of vCPUs.
Signed-off-by: Alexander Graf <agraf@suse.de>
Now that we can so nicely find out the host's frequencies, we should also
make sure that we get them into all virtual CPUs' device tree nodes.
Signed-off-by: Alexander Graf <agraf@suse.de>
We have a bunch of helper functions that don't have any stubs for them in case
we don't have CONFIG_KVM enabled. That didn't bite us so far, because gcc can
optimize them out pretty well, but we should really provide them.
Signed-off-by: Alexander Graf <agraf@suse.de>
---
v1 -> v2:
- use uint64_t for clockfreq
Now that we have nice and shiny APIs to read out the host's clock and timebase
frequencies, let's use them in the bamboo code as well!
Signed-off-by: Alexander Graf <agraf@suse.de>
We don't need mpc8544_copy_soc_cell anymore, since we're explicitly reading
host values and writing guest values respectively.
Signed-off-by: Alexander Graf <agraf@suse.de>
Now that we have generic KVM functions to read out the host tb and clock
frequencies, let's use them in the e500 code!
Signed-off-by: Alexander Graf <agraf@suse.de>
We need to find out the host's clock-frequency when running on KVM, so
let's export a respective function.
Signed-off-by: Alexander Graf <agraf@suse.de>
---
v1 -> v2:
- enable 64bit values
We have a qemu internal abstraction layer on FDT. While I'm not fully convinced
we need it at all, it's missing the nop_node functionality that we now need
on e500. So let's add it and think about the general future of that API later.
Signed-off-by: Alexander Graf <agraf@suse.de>
Now that we can generate multiple envs for all our virtual CPUs, we
also need to tell the MPIC that we have multiple CPUs connected and
connect them all to the respective virtual interrupt lines.
Signed-off-by: Alexander Graf <agraf@suse.de>
When creating a VM, we should go through smp_cpus and create a virtual CPU for
every CPU the user requested. This patch adds support for that and moves some
code around to make that more convenient.
Signed-off-by: Alexander Graf <agraf@suse.de>
The MPIC emulation is now capable of handling up to 32 CPUs. Reflect that in
the code exporting the numbers out and fix an integer overflow while at it.
Signed-off-by: Alexander Graf <agraf@suse.de>
---
v1 -> v2:
- Max cpus is 15 due to cINT routing
- Report nb_cpus not MAX_CPUS in MPIC capabilities
The bit definitions for critical interrupt routing are in PowerPC order
(most significant bit is 0), while we end up shifting it with normal bit
order. Turn the numbers around so we actually end up fetching the
right ones.
Signed-off-by: Alexander Graf <agraf@suse.de>
The IPI dispatch registers are write only according to every MPIC
spec I have found. So instead of pretending you could read back something
from them, better not handle them at all.
Reported-by: Elie Richa <richa@adacore.com>
Signed-off-by: Alexander Graf <agraf@suse.de>
We use the IDE register with IPIs as a mask to keep track which processors
have already acknowledged the respective interrupt. So we need to initialize
it to 0 to make sure that it doesn't accidently fire an IPI on CPU0 when the
first IPI is triggered.
Reported-by: Elie Richa <richa@adacore.com>
Signed-off-by: Alexander Graf <agraf@suse.de>
---
v2 -> v3:
- fix IDE IPI reset
The current IPI support in the MPIC code is incomplete and doesn't work. This
code adds proper support for IPIs in MPIC by using the IDE register to remember
which CPUs IPIs are still outstanding to. New triggers through the IPI trigger
register only add to the list of CPUs we want to IPI.
Signed-off-by: Alexander Graf <agraf@suse.de>
---
v1 -> v2:
- Use MAX_IPI instead of hardcoded 4
Signed-off-by: Alexander Graf <agraf@suse.de>
The MPIC exports a page for each CPU that it controls. To support more than
one CPU, we need to also reserve the MMIO space according to the amount of
CPUs we want to support.
Signed-off-by: Alexander Graf <agraf@suse.de>
The MPIC exports a register set for each CPU connected to it. They can all
be accessed through specific registers or using a shadow page that is mapped
differently depending on which CPU accesses it.
This patch implements the shadow map, making it possible for guests to access
the CPU local registers using the same address on each CPU.
Signed-off-by: Alexander Graf <agraf@suse.de>
The MPIC has some funny feature where it maps different registers to an MMIO
region depending which CPU accesses them.
To be able to reflect that, we need to make OpenPIC be compiled in the target
code, so it can access cpu_single_env.
Signed-off-by: Alexander Graf <agraf@suse.de>
Right now the spapr devices cannot be instantiated with -device,
because the IRQs need to be passed to the spapr_*_create functions.
Do this instead in the bus's init wrapper.
This is particularly important with the conversion from scsi-disk
to scsi-{cd,hd} that Markus made. After his patches, if you
specify a scsi-cd device attached to an if=none drive, the default
VSCSI controller will not be created and, without qdevification,
you will not be able to add yours.
NOTE from agraf: added small compile fix
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Cc: Alexander Graf <agraf@suse.de>
Cc: David Gibson <david@gibson.dropbear.id.au>
Signed-off-by: Alexander Graf <agraf@suse.de>
QED's metadata caching strategy allows two parallel requests to race for
metadata lookup. The first one to complete will populate the metadata
cache and the second one will drop the data it just read in favor of the
cached data.
There is a use-after-free in qed_read_l2_table_cb() and
qed_commit_l2_update() where l2_table->offset was used after the
l2_table may have been freed due to a metadata lookup race. Fix this by
keeping the l2_offset in a local variable and not reaching into the
possibly freed l2_table.
Reported-by: Amit Shah <amit.shah@redhat.com>
Signed-off-by: Stefan Hajnoczi <stefanha@linux.vnet.ibm.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
The commit fc2bf44972
changed the type of val argument of the function gt64120_writel()
from uint32_t to uint64_t, so we need to change the corresponding
length modifier from "%x" to "%" PRIx64.
Signed-off-by: Antony Pavlov <antonynpavlov@gmail.com>
Signed-off-by: Stefan Hajnoczi <stefanha@linux.vnet.ibm.com>
Please, note that the RunState type as defined in sysemu.h and its
runstate_as_string() function are being dropped in favor of the
RunState type generated by the QAPI.
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
Signed-off-by: Luiz Capitulino <lcapitulino@redhat.com>
Next commit will convert the query-status command to use the
RunState type as generated by the QAPI.
In order to "transparently" replace the current enum by the QAPI
one, we have to make some changes to some enum values.
As the changes are simple renames, I'll do them in one shot. The
changes are:
- Rename the prefix from RSTATE_ to RUN_STATE_
- RUN_STATE_SAVEVM to RUN_STATE_SAVE_VM
- RUN_STATE_IN_MIGRATE to RUN_STATE_INMIGRATE
- RUN_STATE_PANICKED to RUN_STATE_INTERNAL_ERROR
- RUN_STATE_POST_MIGRATE to RUN_STATE_POSTMIGRATE
- RUN_STATE_PRE_LAUNCH to RUN_STATE_PRELAUNCH
- RUN_STATE_PRE_MIGRATE to RUN_STATE_PREMIGRATE
- RUN_STATE_RESTORE to RUN_STATE_RESTORE_VM
- RUN_STATE_PRE_MIGRATE to RUN_STATE_FINISH_MIGRATE
Signed-off-by: Luiz Capitulino <lcapitulino@redhat.com>
The QAPI framework won't generate it, so we need to get rid of it.
In order to do that, this commit makes RSTATE_PRE_LAUNCH the initial
state and change qemu_vmstop_requested() to use RSTATE_MAX.
Signed-off-by: Luiz Capitulino <lcapitulino@redhat.com>
The stop reason is returned in the RunState argument. This is a
preparation for a future commit which will convert the query-status
command to the QAPI.
Signed-off-by: Luiz Capitulino <lcapitulino@redhat.com>
A simple example conversion 'info name'. This also adds the new files for
QMP and HMP.
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
Signed-off-by: Luiz Capitulino <lcapitulino@redhat.com>
Otherwise if we have something like 'foo-bar' in the schema,
it will be generated as 'foo_bar' in the string lookup table.
c_var() is good for C variables, but not for enum strings.
Signed-off-by: Luiz Capitulino <lcapitulino@redhat.com>
Modify logic such that we never assign values to the list head argument
to progress through the list on subsequent iterations, instead rely only
on having our return value passed back in as an argument on the next
call. Also update QMP I/O visitors and test cases accordingly, and add a
missing test case for QmpOutputVisitor.
Reviewed-by: Anthony Liguori <aliguori@us.ibm.com>
Signed-off-by: Michael Roth <mdroth@linux.vnet.ibm.com>
Signed-off-by: Luiz Capitulino <lcapitulino@redhat.com>
Previously our logic for keeping track of when we're visiting the head
of a list was done via a global bool. This can be overwritten if dealing
with nested lists, so use stack entries to track this instead.
Reviewed-by: Anthony Liguori <aliguori@us.ibm.com>
Signed-off-by: Michael Roth <mdroth@linux.vnet.ibm.com>
Signed-off-by: Luiz Capitulino <lcapitulino@redhat.com>
Currently we do 3 things wrong:
1) The list iterator, in practice, is used in a manner where the pointer
we pass in is the same as the pointer we assign the output to from
visit_next_list(). This causes an infinite loop where we keep freeing
the same structures.
2) We attempt to free list->value rather than list. visit_type_<type>
handles this. We should only be concerned with the containing list.
3) We free prematurely: iterator function will continue accessing values
we've already freed.
This patch should fix all of these issues. QmpOutputVisitor also suffers
from 1).
Reviewed-by: Anthony Liguori <aliguori@us.ibm.com>
Signed-off-by: Michael Roth <mdroth@linux.vnet.ibm.com>
Signed-off-by: Luiz Capitulino <lcapitulino@redhat.com>
Use the new middle mode within the existing QMP server.
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
Signed-off-by: Luiz Capitulino <lcapitulino@redhat.com>
To get the ball rolling merging QAPI, this patch introduces a "middle mode" to
the code generator. In middle mode, the code generator generates marshalling
functions that are compatible with the current QMP server. We absolutely need
to replace the current QMP server in order to support proper asynchronous
commands but using a middle mode provides a middle-ground that lets us start
converting commands in tree.
Note that all of the commands have been converted already in my glib branch.
Middle mode only exists until we finish merging them from my branch into the
main tree.
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
Signed-off-by: Luiz Capitulino <lcapitulino@redhat.com>
This provides a bridge between Error (new error mechanism) and QError (old error
mechanism). Errors can be propagated whereas QError cannot.
The minor evilness avoids layering violations. Since QError should go away RSN,
it seems like a reasonable hack.
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
Signed-off-by: Luiz Capitulino <lcapitulino@redhat.com>
KVM add emulation of lapic tsc deadline timer for guest.
This patch is co-operation work at qemu side.
Signed-off-by: Liu, Jinsong <jinsong.liu@intel.com>
Signed-off-by: Marcelo Tosatti <mtosatti@redhat.com>
It is useful to know the BlockDriverState as well as the
sector_num/nb_sectors of an emulated .bdrv_co_*() request.
Signed-off-by: Stefan Hajnoczi <stefanha@linux.vnet.ibm.com>
Add trace events for handle_qmp_command(), which dispatches qmp
commands, and monitor_protocol_emitter(), which produces the reply to a
qmp command.
Also remove duplicate #include "trace/control.h".
Signed-off-by: Stefan Hajnoczi <stefanha@linux.vnet.ibm.com>
bdrv_open_common() is a useful point to trace since it reveals the
filename and block driver for a given BlockDriverState.
Signed-off-by: Stefan Hajnoczi <stefanha@linux.vnet.ibm.com>
Commit 31965ae27b reverted a previous
renaming of CONFIG_SIMPLE_TRACE->CONFIG_TRACE_SIMPLE in a couple spots,
leading to trace-file currently being unavailable.
Signed-off-by: Michael Roth <mdroth@linux.vnet.ibm.com>
Signed-off-by: Stefan Hajnoczi <stefanha@linux.vnet.ibm.com>
Add a monitor command 'info mtree' to show the memory hierarchy
much like /proc/iomem in Linux.
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
Signed-off-by: Avi Kivity <avi@redhat.com>
This patch converts mpic to the new memory API (through old mmio).
Signed-off-by: Fabien Chouteau <chouteau@adacore.com>
Signed-off-by: Avi Kivity <avi@redhat.com>
Remove the get_system_memory() call from serial_mm_init, pushing
it back into the callers. In many cases we already have the
system memory region available.
Signed-off-by: Richard Henderson <rth@twiddle.net>
Signed-off-by: Avi Kivity <avi@redhat.com>
The use of DEVICE_NATIVE_ENDIAN cleans up lots of ifdefs in
many of the callers.
Signed-off-by: Richard Henderson <rth@twiddle.net>
Signed-off-by: Avi Kivity <avi@redhat.com>
GETPC() can be used even from outside of helper code. Move the macro to
a more accessible location. Avoid a compile warning from redefining it in exec.c.
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
We are mapping ESCC to a static (incorrect) address on machine init. This
overlaps with our vram, rendering the screen barely usable.
Since openBIOS is clever enough to map ESCC to where it needs to be, we can
just drop that invalid map and everyone's happy.
Signed-off-by: Alexander Graf <agraf@suse.de>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
x86 cannot provide an optimized generic deposit implementation. But at
least for a few special cases, namely for writing bits 0..7, 8..15, and
0..15, versions using only a single instruction are feasible.
Introducing such limited support improves emulating 16-bit x86 code on
x86, but also rarer cases where 32-bit or 64-bit code accesses bytes or
words.
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
Missed during memory region conversion: The i8259 now depends on the ISA
bus being created first. Reorder the initialization.
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
Include config.h in softfloat.c, so that the target specific ifdefs in
softfloat-specialize.h are evaluated correctly. This was accidentally
broken in commit 789ec7ce2 when config-target.h was removed from
softfloat.h, and means that most targets will have been returning the
wrong results for calculations involving NaNs.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
Remove the unused function tcg_out_addi() from the ARM TCG backend;
this fixes a compilation failure on ARM hosts with newer gcc.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Richard Henderson <rth@twiddle.net>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
To be able to detect some ARM / HPPA based architectures such as with
OpenBSD/(armish / zaurus) or OpenBSD/hppa.
Signed-off-by: Brad Smith <brad@comstyle.com>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
These functions are defined in the tcg target specific file
tcg-target.c.
The forward declarations assert that every tcg target uses
the same function prototype.
Signed-off-by: Stefan Weil <weil@mail.berlios.de>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
It is now declared for all tcg targets in tcg.h,
so the tcg target specific declarations are redundant.
Signed-off-by: Stefan Weil <weil@mail.berlios.de>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
TCG_TARGET_REG_BITS can be determined by the compiler,
so there is no need to declare it for each individual tcg target.
This is especially important for new tcg targets
which will be supported by the tcg interpreter.
Signed-off-by: Stefan Weil <weil@mail.berlios.de>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
The two new variables "arp_requested" and "expiration_date" in the mbuf
structure have been added after the variable-sized "m_dat_" array. The
variables have to be added before the m_dat_ array instead.
Without this patch, the expiration_date gets clobbered by code that
accesses the m_dat_ array.
I experienced this problem with the code in slirp/tftp.c: The
tftp_send_data() function created a new packet with the m_get()
function (which fills-in a default expiration_date value). Then the
TFTP code cleared the data section of the packet, which accidentially
also cleared the expiration_date. This zeroed expiration_date then
finally causes the packet to be discarded during if_start(), so that
TFTP packets were not transmitted anymore.
[Jan: added comment as suggested by Fabien ]
CC: Fabien Chouteau <chouteau@adacore.com>
Signed-off-by: Thomas Huth <thuth@linux.vnet.ibm.com>
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
ti points into the m buffer. But the latter may already be released
right after the dodata: label. Move the test before the potential
release.
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
This requires some amount of hoop-jumping, so that we don't
inadvertently claim port 0x3f6, which is used by ISA IDE.
The sysbus initialization path is as yet unconverted.
Signed-off-by: Richard Henderson <rth@twiddle.net>
Signed-off-by: Avi Kivity <avi@redhat.com>
Slightly non-obvious with mips_jazz passing in the region
structure to populate.
Signed-off-by: Richard Henderson <rth@twiddle.net>
Signed-off-by: Avi Kivity <avi@redhat.com>
The only non-obvious part is pic_poll_read which used
"addr1 >> 7" to detect whether one referred to either
the master or slave PIC. Instead, test this directly.
Signed-off-by: Richard Henderson <rth@twiddle.net>
Signed-off-by: Avi Kivity <avi@redhat.com>
i8259 is an ISA device (or at least, depends on the ISA infrastructure to
register its ioport); and the ISA bus is supplied by piix4. Later patches
make this dependency explicit.
Use qemu_irq_proxy() to stop the cycle by adding an extra layer of
indirection.
Signed-off-by: Avi Kivity <avi@redhat.com>
In particular, the i8259 was being initialized before the ISA bus,
leading to a crash.
Signed-off-by: Richard Henderson <rth@twiddle.net>
Signed-off-by: Avi Kivity <avi@redhat.com>
To replace isa_init_ioport and isa_init_ioport_range
as the ISA devices are converted to the memory api.
[avi: use memory_region_size()]
Signed-off-by: Richard Henderson <rth@twiddle.net>
Signed-off-by: Avi Kivity <avi@redhat.com>
Not used yet, but at least we're provided with the correct region.
Signed-off-by: Richard Henderson <rth@twiddle.net>
Signed-off-by: Avi Kivity <avi@redhat.com>
Returns the I/O address space. Useful for implementing
PCI-ISA bridge devices.
Signed-off-by: Richard Henderson <rth@twiddle.net>
Signed-off-by: Avi Kivity <avi@redhat.com>
The property is inheritable, but only if set to true. This is so
that memory routers can mark sections of RAM as read-only via aliases.
Signed-off-by: Avi Kivity <avi@redhat.com>
Add myself as co-maintainer alongside Paul Brook for the TCG ARM
guest implementation (target-arm) and the ARM dev boards (integratorcp,
realview, stellaris, versatilepb).
Acked-by: Edgar E. Iglesias <edgar.iglesias@gmail.com>
Acked-by: Anthony Liguori <aliguori@us.ibm.com>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
Remove the 'tarbin' target -- it isn't used as part of the official
QEMU release process, and it's out of date (various new bios files
were never added to its list of files). It's better not to provide
it at all than to have a broken makefile target we never use or test.
(Creating a tarball by just pulling in binaries that have been installed
directly to the system you're running the build on is a bad idea anyway:
the better way to create a binary tarball would be just to install to
a temporary DESTDIR and then tar up that.)
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
Now that qemu_set_fd_handler and qemu_set_fd_handler2 have different
implementations, one using qemu iohandlers and the other glib, it is not
safe to mix the two when inserting/deleting handlers.
Fixes kvm-autotest.
Signed-off-by: Marcelo Tosatti <mtosatti@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
In some cases we have a circular dependency involving irqs - the irq
controller depends on a bus, which in turn depends on the irq controller.
Add qemu_irq_proxy() which acts as a passthrough, except that the target
irq may be set later on.
Reviewed-by: Richard Henderson <rth@twiddle.net>
Signed-off-by: Avi Kivity <avi@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
qemu-barrier.h contains a few macros implementing memory barrier
primitives used in several places throughout qemu. However, apart
from the compiler-only barrier, the defined wmb() is correct only for
x86, or platforms which are similarly strongly ordered.
This patch addresses the FIXME about this by making the wmb() macro
arch dependent. On x86, it remains a compiler barrier only, but with
a comment explaining in more detail the conditions under which this is
correct. On weakly-ordered powerpc, an "eieio" instruction is used,
again with explanation of the conditions under which it is sufficient.
On other platforms, we use the __sync_synchronize() primitive,
available in sufficiently recent gcc (4.2 and after?). This should
implement a full barrier which will be sufficient on all platforms,
although it may be overkill in some cases. Other platforms can add
optimized versions in future if it's worth it for them.
Without proper memory barriers, it is easy to reproduce ordering
problems with virtio on powerpc; specifically, the QEMU puts new
element into the "used" ring and then updates the ring free-running
counter. Without a barrier between these under the right
circumstances, the guest linux driver can receive an interrupt, read
the counter change but find the ring element to be handled still has
an old value, leading to an "id %u is not a head!\n" error message.
Similar problems are likely to be possible with kvm on other weakly
ordered platforms.
Signed-off-by: Alexey Kardashevskiy <aik@ozlabs.ru>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
The virtio code uses wmb() macros in several places, as required by the
SMP-aware virtio protocol. However the wmb() macro is locally defined
to be a compiler barrier only. This is probably sufficient on x86
due to its strong storage ordering model, but it certainly isn't on other
platforms, such as ppc.
In any case, qemu already has some globally defined memory barrier macros
in qemu-barrier.h. This patch, therefore converts virtio.c to use those
barrier macros. The macros in qemu-barrier.h are also wrong (or at least,
safe for x86 only) but this way at least there's only one place to fix
them.
Signed-off-by: Alexey Kardashevskiy <aik@ozlabs.ru>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Signed-off-by: Alexey Kardashevskiy <aik@ozlabs.ru>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
The code which tests whether gcc supports warn_unused_result was wrong.
Remove the wrong test from configure and replace it by code using
macro QEMU_GNUC_PREREQ in compiler.h.
Signed-off-by: Stefan Weil <weil@mail.berlios.de>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
The macro is compiler specific and does not depend on the operating system.
Move macro QEMU_GNUC_PREREQ from osdep.h to compiler.h
and use it to simplify existing code.
host-utils.h uses this macro, so it now needs compiler.h
instead of osdep.h.
Signed-off-by: Stefan Weil <weil@mail.berlios.de>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
Need to check that guest slot/device number is not > 31 or walk off
the devfn table when checking if a devfn is available or not in a guest.
before this fix, passing in an addr=abc or addr=34,
can crash qemu, sometimes fail gracefully if data past end
of devfn table fails the availability test.
with this fix, get clean error:
Property 'pci-assign.addr' doesn't take value '34'
also tested when no addr= param passed for guest (pcicfg) address,
and that worked as well.
Signed-off-by: Don Dutile <ddutile@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
Since qapi-generated/ is a global QEMU include path, we need to make
sure it is created before anything is compiled, so do this in the
configure phase rather than via the Makefile.
Signed-off-by: Michael Roth <mdroth@linux.vnet.ibm.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
Do not try to map against the PCI bar in the ISA version of the device.
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
We need to initialize legacy_address_space during ISA VGA setup so that
the chain-4 alias can be registered properly.
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
This is based on the original fix by Hervé Poussineau: pc_memory_init
actually takes a memory region for mapping BIOS and extension ROMs. That
equals the PCI memory region if PCI is available, but must be system
memory in the ISA case.
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
[Originally sent to qemu-kvm list, but I was redirected here]
The Capabilities Pointer is NULL, so this bit shouldn't be set. The state of
this bit doesn't appear to change any behavior on Linux/Windows versions we've
tested, but it does cause Windows' PCI/PCI Express Compliance Test to balk.
I happen to have a physical 82540EM controller, and it also sets the
Capabilities Bit, but it actually has items on the capabilities list to go
with it :)
Signed-off-by: dann frazier <dann.frazier@canonical.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
qemu_service_io was mainly an alias to qemu_notify_event,
currently used only by PPC for timer hack, so call
qemu_notify_event directly.
Signed-off-by: Frediano Ziglio <freddy77@gmail.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
Wire up the OMAP1 GPIO clock -- this fixes a hw_error() on startup
with OMAP1 based machines (sx1, cheetah).
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Convert the omap_intc devices to qdev. This includes adding
a 'revision' property which will be needed for omap3.
The bulk of this patch is the replacement of "s->irq[x][y]"
with "qdev_get_gpio_in(s->ih[x], y)" now that the interrupt
controller exposes its input lines as qdev gpio inputs.
The devices are named "omap-intc" and "omap2-intc", following
the filename and the OMAP2/3 hardware names, although some
internal functions are still named "omap_inth_*".
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Writing to IRQSTATUS should affect irqst, not irqen -- error
spotted by Andrzej Zaborowski.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Andrzej Zaborowski <andrew.zaborowski@intel.com>
Promote the remark about why we handle FIFOTHRESHOLDSTATUS the
way we do from the commit message of de8af7fe0 to a comment in
the code.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Andrzej Zaborowski <andrew.zaborowski@intel.com>
Add a new context flag PATHNAME_FSCONTEXT and indicate whether
the fs driver track fid using path names. Also add a private
pointer that help us to track fs driver specific values in there
Signed-off-by: Aneesh Kumar K.V <aneesh.kumar@linux.vnet.ibm.com>
This enables us to add handles to track fids later. The
V9fsPath added is similar to V9fsString except that the
size include the NULL byte also.
Signed-off-by: Aneesh Kumar K.V <aneesh.kumar@linux.vnet.ibm.com>
On rename we take the write lock and this ensure path
doesn't change as we operate on them.
Signed-off-by: Aneesh Kumar K.V <aneesh.kumar@linux.vnet.ibm.com>
The previous behaviour was to finish AIOCBs inside curl_aio_readv()
if the data was cached. This caused the following failed assertion
at hw/ide/pci.c:314: bmdma_cmd_writeb
"Assertion `bm->bus->dma->aiocb == ((void *)0)' failed."
By scheduling a QEMUBH and performing the completion inside the
callback, we avoid this problem.
Signed-off-by: Nick Thomas <nick@bytemark.co.uk>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Implement an I/O space index-data register pair as defined by the AHCI
spec, including the corresponding SATA PCI capability and BAR.
This allows real-mode code to access the AHCI registers; real-mode
code cannot address the memory-mapped register space because it is
beyond the first megabyte.
Signed-off-by: Daniel Verkamp <daniel@drv.nu>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
The events 'qemu_malloc' and 'qemu_free' used in the examples no longer exist,
so use 'qemu_vmalloc' and 'qemu_vfree' instead.
Signed-off-by: Lluís Vilanova <vilanova@ac.upc.edu>
Signed-off-by: Stefan Hajnoczi <stefanha@linux.vnet.ibm.com>
For Windows portability the simple trace backend must use the 'b' file
open mode. This prevents the stdio library from mangling 0x0a/0x0d
newline characters.
Signed-off-by: Stefan Hajnoczi <stefanha@linux.vnet.ibm.com>
Convert the simple trace backend to glib so that it works under Windows.
We cannot use pthread directly but glib provides portable abstractions.
Also use glib atomics instead of newish gcc builtins which may not be
supported on Windows toolchains.
Signed-off-by: Stefan Hajnoczi <stefanha@linux.vnet.ibm.com>
String arguments are useful for producing human-readable traces without
post-processing (e.g. stderr backend). Although the simple backend
cannot handles strings all others can. Strings should be allowed and
the simple backend can be extended to support them.
Signed-off-by: Stefan Hajnoczi <stefanha@linux.vnet.ibm.com>
Makes it easier to catch the bug in gdb as there is no need to set an
explicit breakpoint.
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Signed-off-by: Stefan Hajnoczi <stefanha@linux.vnet.ibm.com>
If pkg-config doesn't exist then make configure fail immediately
with a useful error message. Now that glib is a required dependency,
proceeding despite the missing pkg-config will just cause us to
fail later with a misleading message about glib not being present.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Acked-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Stefan Hajnoczi <stefanha@linux.vnet.ibm.com>
It's a trivial wrapper for soc_dma_port_add_mem(), which makes
the memory API conversion more difficult because it takes a ram
addr_t. Drop.
Acked-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Avi Kivity <avi@redhat.com>
QEMUFile * is only intended for migration nowadays. Using it for
anything else just adds pain and a layer of buffers for no good
reason.
Signed-off-by: Juan Quintela <quintela@redhat.com>
CC: malc <av1474@comtv.ru>
Signed-off-by: malc <av1474@comtv.ru>
QEMUFile * is only intended for migration nowadays. Using it for
anything else just adds pain and a layer of buffers for no good
reason.
Signed-off-by: Juan Quintela <quintela@redhat.com>
CC: malc <av1474@comtv.ru>
Signed-off-by: malc <av1474@comtv.ru>
The config string is variously delimited by =, @, and /, depending on the
field. Allow these characters to be escaped by preceeding them with \.
Signed-off-by: Sage Weil <sage@newdream.net>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Now that iothread is always compiled sending a signal seems only an
additional step. This patch also avoid writing to two pipe (one from signal
and one in qemu_service_io).
Work with kvm enabled or disabled. strace output is more readable (less syscalls).
[ kwolf: Merged build fix by Paolo Bonzini ]
Signed-off-by: Frediano Ziglio <freddy77@gmail.com>
Reviewed-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
When assigning a 32-bit value to cmd->xfer (which is 64-bits)
it can be erroneously sign extended because the intermediate
32-bit computation is signed. Fix this by standardizing on
the ld*_be_p functions.
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
librbd recently added async writeback and flush support. If the new
rbd_flush() call is available, call it.
Signed-off-by: Sage Weil <sage@newdream.net>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Properly document the configuration string syntax and semantics. Remove
(out of date) details about the librbd implementation.
Signed-off-by: Sage Weil <sage@newdream.net>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
If we are reading from the default config location, ignore any failures.
It is perfectly legal for the user to specify exactly the options they need
and to not rely on any config file.
Signed-off-by: Sage Weil <sage@newdream.net>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
I've found that FreeBSD AHCI driver doesn't work with AHCI hardware
emulation of QEMU 0.15.0. I believe the problem is on QEMU's side. As I
see, it clears port's Interrupt Enable register each time when reset of
any level happens. Is is reasonable for the global controller reset. It
is probably not good, but acceptable for FreeBSD driver for the port
hard reset. But it is IMO wrong for the device soft reset. None of real
hardware I know behaves that way.
Signed-off-by: Alexander Motin <mav@FreeBSD.org>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Release extent_file on error in vmdk_parse_extents. Added closing files
in freeing extents.
Signed-off-by: Fam Zheng <famcool@gmail.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
It will not be needed for reads and writes if the HBA provides a sglist.
In addition, this lets scsi-disk refuse commands with an excessive
allocation length, as well as limit memory on usual well-behaved guests.
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Also, consistently use qiov.size instead of iov.iov_len.
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
This fixes various problems with completion/cancellation:
* if the io_func fails to get an AIOCB, the callback wasn't called
* If DMA encounters a bounce buffer conflict, and the DMA operation is
canceled before the bottom half fires, bad things happen.
* memory is not unmapped after cancellation, again causing problems
when doing DMA to I/O areas
* cancellation could leak the iovec
* the callback was missed if the I/O operation failed without returning
an AIOCB
and probably more that I've missed. The patch fixes them by sharing
the cleanup code between completion and cancellation. The dma_bdrv_cb
now returns a boolean completed/not completed flag, and the wrapper
dma_continue takes care of tasks to do upon completion.
Most of these are basically impossible in practice, but it is better
to be tidy...
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Target-independent code cannot construct sglists, but it can take
them from the outside as a black box. Allow this.
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Support bridge filtering on top of the memory
API as suggested by Avi Kivity:
Create a memory region for the bridge's address space. This region is
not directly added to system_memory or its descendants. Devices under
the bridge see this region as its pci_address_space(). The region is
as large as the entire address space - it does not take into account
any windows.
For each of the three windows (pref, non-pref, vga), create an alias
with the appropriate start and size. Map the alias into the bridge's
parent's pci_address_space(), as subregions.
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
The switch to the new memory API caused the following problem:
The pci device may call pci_register_bar() to use PCI bus's address
space. But we don't init PCI bus's address space if it is not bus
0. A crash was reported:
http://lists.gnu.org/archive/html/qemu-devel/2011-08/msg02243.html
More work will be needed to make bridge filtering work correctly
with the memory API.
Signed-off-by: Wen Congyang <wency@cn.fujitsu.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
Fix up some erroneous comments in code:
interrupt pins are named A-D, the
interrupt pin register is always readonly
and isn't zeroed out on reset.
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
eepro100 was the last user. Now pci_add_capability is powerful enough.
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
I found no rationale for this in the logs, and it is quite bad because
it will make scsi-generic unsafe WRT power failures.
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Reviewed-by: Christoph Hellwig <hch@lst.de>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
The nbd kernel module cannot enable DISCARD requests unless it is
informed about it. The flags field in the header is used for this,
and this patch adds support for it.
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
nbd supports writing flags in bytes 24...27 of the header,
and uses that for the read-only flag. Add support for it
in qemu-nbd.
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Since we use memory API in sun4u.c, after
71579cae30, setting up isa_mem_base
puts vga.chain4 outside of the physical address space.
Fix by removing obsolete isa_mem_base set up.
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
Instead of the offset property use the proper addr property to calculate
the offsets.
Additionally, be a little more verbose on the warning and print the
subregion name.
Signed-off-by: Michael Walle <michael@walle.cc>
Signed-off-by: Avi Kivity <avi@redhat.com>
haddp[sd], hsubp[sd] and addsubp[sd] operate on floats, thus it is
necessary to use the appropriate floating point calculation functions.
If this is not done, those functions operate merely on integers, which
is not correct.
Signed-off-by: Max Reitz <max@tyndur.org>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
The virtio device lifecycle can be observed by looking at the sequence
of set status operations. This is especially important for catching the
reset operation (status value 0), which resets the device and all
virtqueues.
Signed-off-by: Stefan Hajnoczi <stefanha@linux.vnet.ibm.com>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
Now that format strings can end in a PRI*64 macro, remove the
workarounds from the trace-events file.
Signed-off-by: Stefan Hajnoczi <stefanha@linux.vnet.ibm.com>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
The tracetool parser only picks up PRI*64 and other format string macros
when enclosed between double quoted strings. Lift this restriction by
extracting everything after the closing ')' as the format string:
cpu_set_apic_base(uint64_t val) "%016"PRIx64
^^ ^^
One trick here: it turns out that backslashes in the format string like
"\n" were being interpreted by echo(1). Fix this by using the POSIX
printf(1) command instead. Although it normally does not make sense to
include backslashes in trace event format strings, an injected newline
causes tracetool to emit a broken header file and I want to eliminate
cases where broken output is emitted, even if the input was bad.
Signed-off-by: Stefan Hajnoczi <stefanha@linux.vnet.ibm.com>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
There is no need to put a newline in trace event format strings. The
backend may use the format string within some context and takes care of
how to display the event. The stderr backend automatically appends "\n"
whereas the ust backend does not want a newline at all.
Signed-off-by: Stefan Hajnoczi <stefanha@linux.vnet.ibm.com>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
make -C mybuilddir no longer works (regression caused by commit)
388d475815.
PWD is the directory of the caller (not mybuilddir),
so BUILD_DIR is set to the wrong value.
GNU make sets CURDIR to the correct value.
Use this macro instead of PWD.
Cc: Lluís Vilanova <vilanova@ac.upc.edu>
Cc: Anthony Liguori <aliguori@us.ibm.com>
Signed-off-by: Stefan Weil <weil@mail.berlios.de>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
Make qdev_device_help print both device and bus properties.
Helps libvirt to figure whenever bus properties such as
PCI.multifunction are supported present or not.
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
This does not yet unbreak PPC (which has its own problems) but
potentially other non-x86 systems where isa_mem_base is != 0.
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
Fix a number of bugs in the implementation of writes to the CM_CTRL
system register:
* write to cm_ctrl, not cm_init !
* an '&' vs '^' typo meant we would write the inverse of the bits
* handling the LED via printf() meant we spew lots of output
to stdout when Linux uses the LED as a heartbeat indicator
* we would hw_error() if a reset was requested rather than
actually resetting
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
qemu build fails when CONFIG_MACHINE_BSWAP_H is defined
because float32, float64, etc. are not defined.
This makes qemu build.
Signed-off-by: Christoph Egger <Christoph.Egger@amd.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
Do not mess with active_console, use console_select instead. This fixes
corrupt virtual monitor consoles after issuing the screendump command.
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
In text mode, even a full refresh of the screen takes multiple updates.
As we reset the dump file pointer after the first call, we only wrote
the first line.
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
On signals such as SIGTERM qemu should exit instead of just stopping the VM
even with -no-shutdown.
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
Those blanks violate the coding conventions, see
scripts/checkpatch.pl.
Blanks missing after colons in the changed lines were added.
This patch does not try to fix tabs, long lines and other
problems in the changed lines, therefore checkpatch.pl reports
many violations.
Signed-off-by: Stefan Weil <weil@mail.berlios.de>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
This will apply libuser-specific compilation flags (like the ones added by
--enable-user-pie), but keep softmmu emulation targets "as-is".
Signed-off-by: Lluís Vilanova <vilanova@ac.upc.edu>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
This ensures we can cleanly signal the drop in case the connection timer
fires. So far we sent those frames to nowhere (target IP 0.0.0.0).
Found by the new assertion on invalid IPs in arp_table_search.
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Today our printf format for the "info status" command is:
VM status: %s
Where the string can be "running", "running (single step mode)" or
"paused".
This commit extends it to:
VM status: %s (%s)
The second string corresponds to the "status" field as returned
by the query-status QMP command and it's only printed if "status"
is not "running" or "paused".
Example:
VM status: paused (shutdown)
PS: libvirt uses "info status" when using HMP, but the new format
should not break it.
Signed-off-by: Luiz Capitulino <lcapitulino@redhat.com>
This new key reports the current VM status to clients. Please, check
the documentation being added in this commit for more details.
Signed-off-by: Luiz Capitulino <lcapitulino@redhat.com>
We have two states where issuing cont before system_reset can
cause problems: RSTATE_SHUTDOWN (when -no-shutdown is used) and
RSTATE_PANICKED (which only happens with kvm).
This commit fixes that by doing the following when state is
RSTATE_SHUTDOWN or RSTATE_PANICKED:
1. returning an error to the user/client if cont is issued
2. automatically transition to RSTATE_PAUSED during system_reset
Signed-off-by: Luiz Capitulino <lcapitulino@redhat.com>
Test against RSTATE_IN_MIGRATE instead.
Please, note that the RSTATE_IN_MIGRATE state is only set when all the
initial VM setup is done, while 'incoming_expected' was set right in
the beginning when parsing command-line options. Shouldn't be a problem
as far as I could check.
Signed-off-by: Luiz Capitulino <lcapitulino@redhat.com>
This commit could have been folded with the previous one, however
doing it separately will allow for easy bisect and revert if needed.
Checking and testing all valid transitions wasn't trivial, chances
are this will need broader testing to become more stable.
This is a transition table as suggested by Lluís Vilanova.
Signed-off-by: Luiz Capitulino <lcapitulino@redhat.com>
Currently, only vm_start() and vm_stop() change the VM state.
That's, the state is only changed when starting or stopping the VM.
This commit adds the runstate_set() function, which makes it possible
to also do state transitions when the VM is stopped or running.
Additional states are also added and the current state is stored.
Signed-off-by: Luiz Capitulino <lcapitulino@redhat.com>
Today, when notifying a VM state change with vm_state_notify(),
we pass a VMSTOP macro as the 'reason' argument. This is not ideal
because the VMSTOP macros tell why qemu stopped and not exactly
what the current VM state is.
One example to demonstrate this problem is that vm_start() calls
vm_state_notify() with reason=0, which turns out to be VMSTOP_USER.
This commit fixes that by replacing the VMSTOP macros with a proper
state type called RunState.
Signed-off-by: Luiz Capitulino <lcapitulino@redhat.com>
It is quite common to have a MemoryRegion with size of INT64_MAX.
When processing alias regions in render_memory_region() it's quite
easy to find a case where it will construct a temporary AddrRange with
a non-zero start, and size still of INT64_MAX. When means attempting
to compute the end of such a range as start + size will result in
signed integer overflow.
This integer overflow means that addrrange_intersects() can
incorrectly report regions as not intersecting when they do. For
example consider the case of address ranges {0x10000000000,
0x7fffffffffffffff} and {0x10010000000, 0x10000000} where the second
is in fact included completely in the first.
This patch rearranges addrrange_intersects() to avoid the integer
overflow, correcting this behaviour.
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Signed-off-by: Avi Kivity <avi@redhat.com>
QCowL2Meta::offset is not cluster aligned but only sector aligned
however nb_clusters count cluster from cluster start.
This fix range check. Note that old code have no corruption issues
related to this check cause it only cause intersection to occur
when shouldn't.
Signed-off-by: Frediano Ziglio <freddy77@gmail.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Member variable is_read is written, but never read
(contrary to its name). Remove it.
Kevin Wolf <kwolf@redhat.com>
Signed-off-by: Stefan Weil <weil@mail.berlios.de>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
QCow2Meta structure was inserted into list before many fields are
initialized. Currently is not a problem cause all occur in a lock
but if qcow2_alloc_clusters would in a future unlock this lock
some issues could arise.
Initializing fields before inserting fix the problem.
Signed-off-by: Frediano Ziglio <freddy77@gmail.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
change fails while the tray is locked by the guest. eject -f forces
it open and removes any media. Unfortunately, the tray closes again
instantly. Since the lock remains as it is, there is no way to insert
another medium unless the guest voluntarily unlocks.
Fix by leaving the tray open after monitor eject.
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
To let device models distinguish between eject and load.
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
BlockDriverState member buffer_alignment is initially 512. The device
model may set them, with bdrv_set_buffer_alignment(). If the device
model gets detached (hot unplug), the device's alignment is left
behind. Only okay because device hot unplug automatically destroys
the BlockDriverState. But that's a questionable feature, best not to
rely on it.
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Device models should be able to set it without an unclean include of
block_int.h.
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Including it in device models is unclean, including it without a
reason adds insult to injury.
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
It's convenience stuff for block device models, so block.h isn't the
ideal home either, but better than block_int.h.
Permits moving some #include "block_int.h" from device model .h into
.c.
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Need to ask the device, so this requires new BlockDevOps member
is_tray_open().
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
It's a confused mess (see previous commit). No users remain.
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
BlockDriverState member removable is a confused mess. It is true when
an ide-cd, scsi-cd or floppy qdev is attached, or when the
BlockDriverState was created with -drive if={floppy,sd} or -drive
if={ide,scsi,xen,none},media=cdrom ("created removable"), except when
an ide-hd, scsi-hd, scsi-generic or virtio-blk qdev is attached.
Three users remain:
1. eject_device(), via bdrv_is_removable() uses it to determine
whether a block device can eject media.
2. bdrv_info() is monitor command "info block". QMP documentation
says "true if the device is removable, false otherwise". From the
monitor user's point of view, the only sensible interpretation of
"is removable" is "can eject media with monitor commands eject and
change".
A block device can eject media unless a device is attached that
doesn't support it. Switch the two users over to new
bdrv_dev_has_removable_media() that returns exactly that.
3. bdrv_getlength() uses to suppress its length cache when media can
change (see commit 46a4e4e6). Media change is either monitor
command change (updates the length cache), monitor command eject
(doesn't update the length cache, easily fixable), or physical
media change (invalidates length cache, not so easily fixable).
I'm refraining from improving anything here, because this series is
long enough already. Instead, I simply switch it over to
bdrv_dev_has_removable_media() as well.
This changes the behavior of the length cache and of monitor commands
eject and change in two cases:
a. drive not created removable, no device attached
The commit makes the drive removable, and defeats the length cache.
Example: -drive if=none
b. drive created removable, but the attached drive is non-removable,
and doesn't call bdrv_set_removable(..., 0) (most devices don't)
The commit makes the drive non-removable, and enables the length
cache.
Example: -drive if=xen,media=cdrom -M xenpv
The other non-removable devices that don't call
bdrv_set_removable() can't currently use a drive created removable,
either because they aren't qdevified, or because they lack a drive
property. Won't stay that way.
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Use a subsection, so that migration to older version still works,
provided the tray is closed and unlocked.
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
MMC-5 6.40.2.6 specifies that START STOP UNIT succeeds when the drive
already has the requested state. cmd_start_stop_unit() fails when
asked to eject while the tray is open and locked. Fix that.
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Allow the client id to be specified in the config string via 'id=' so that
users can control who they authenticate as. Currently they are stuck with
the default ('admin'). This is necessary for anyone using authentication
in their environment.
Signed-off-by: Sage Weil <sage@newdream.net>
Reviewed-by: Stefan Hajnoczi <stefanha@linux.vnet.ibm.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Requires new BlockDevOps member is_medium_locked(). Implement for IDE
and SCSI CD-ROMs.
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
The device model knows best when to accept the guest's eject command.
No need to detour through the block layer.
bdrv_eject() can't fail anymore. Make it void.
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
We already track it in BlockDriverState. Just like tray open/close
state, we should track it in the device models instead, because it's
device state.
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
We already track it in BlockDriverState. Just like tray open/close
state, we should track it in the device models instead, because it's
device state.
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Commit 4be9762a changed bdrv_is_inserted() to fail when the tray is
open. Unfortunately, there are two different kinds of users, with
conflicting needs.
1. Device models using bdrv_eject(), currently ide-cd and scsi-cd.
They expect bdrv_is_inserted() to reflect the tray status. Commit
4be9762a makes them happy.
2. Code that wants to know whether a BlockDriverState has media, such
as find_image_format(), bdrv_flush_all(). Commit 4be9762a makes them
unhappy. In particular, it breaks flush on VM stop for media ejected
by the guest.
Revert the change to bdrv_is_inserted(). Check the tray status in the
device models instead.
Note on IDE: Since only ATAPI devices have a tray, and they don't
accept ATA commands since the recent commit "ide: Reject ATA commands
specific to drive kinds", checking in atapi.c suffices.
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
We already track it in BlockDriverState since commit 4be9762a. As
discussed in that commit's message, we should track it in the device
device models instead, because it's device state.
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
We already track it in BlockDriverState since commit 4be9762a. As
discussed in that commit's message, we should track it in the device
device models instead, because it's device state.
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
"eject" is misleading; it means "eject" when start is clear, but
"load" when start is set. Rename to loej, because that's how MMC-5
calls it, in section 6.40.
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
ACS-2 Table B.2 explicitly prohibits ATAPI devices from implementing
WIN_RECAL, WIN_READ_EXT, WIN_READDMA_EXT, WIN_READ_NATIVE_MAX,
WIN_MULTREAD_EXT, WIN_WRITE, WIN_WRITE_ONCE, WIN_WRITE_EXT,
WIN_WRITEDMA_EXT, WIN_MULTWRITE_EXT, WIN_WRITE_VERIFY, WIN_VERIFY,
WIN_VERIFY_ONCE, WIN_VERIFY_EXT, WIN_SPECIFY, WIN_MULTREAD,
WIN_MULTWRITE, WIN_SETMULT, WIN_READDMA, WIN_READDMA_ONCE,
WIN_WRITEDMA, WIN_WRITEDMA_ONCE, WIN_FLUSH_CACHE_EXT. Restrict them
to IDE_HD and IDE_CFATA.
Same for CFA_WRITE_SECT_WO_ERASE, CFA_WRITE_MULTI_WO_ERASE. Restrict
them to IDE_CFATA, like the other CFA_ commands.
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
No functional change.
It would be nice to have handler functions in the table, like commit
e1a064f9 did for ATAPI. Left for another day.
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Must set the ATAPI device signature, see ATA4 8.27.5.2 Outputs for
PACKET Command feature set devices, and ACS-2 7.36.6 Outputs for
PACKET feature set devices.
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Gdb expects all registers windows to be flushed in ram, which is not the case
in Qemu. Therefore the back-trace generation doesn't work. This patch adds a
function to handle reads (and only read) in stack frames as if windows were
flushed.
Signed-off-by: Fabien Chouteau <chouteau@adacore.com>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
- TLB opcode group;
- region protection option (ISA, 4.6.3);
- region translation option (ISA, 4.6.4);
- MMU option (ISA, 4.6.5).
Cache control attribute bits are not used by this implementation.
Signed-off-by: Max Filippov <jcmvbkbc@gmail.com>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
Specific xtensa processor overlay for GDB contains register map in
the gdb/xtensa-config.c. This description is used by the GDB to e.g.
parse 'g' response packets and it may be reused in the qemu's gdbstub
(only XTREG definitions for non-pseudoregisters are needed).
Currently mainline GDB does not support operations with privileged SRs
(see http://sourceware.org/ml/gdb/2011-07/msg00075.html). This support
may be enabled, see NUM_CORE_REGS comment in the gdbstub.c
Signed-off-by: Max Filippov <jcmvbkbc@gmail.com>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
See ISA, 4.4.3 for details.
Vector addresses recorded in core configuration are absolute values that
correspond to default VECBASE value.
Signed-off-by: Max Filippov <jcmvbkbc@gmail.com>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
See ISA, 4.7.1.3 for details.
Window check is inserted before commands that push "used register
watermark" beyond its current level. Used register watermark is reset on
instructions that change WINDOW_BASE/WINDOW_START SRs.
Signed-off-by: Max Filippov <jcmvbkbc@gmail.com>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
See ISA, 4.4.6 (interrupt option), 4.4.7 (high priority interrupt
option) and 4.4.8 (timer interrupt option) for details.
Signed-off-by: Max Filippov <jcmvbkbc@gmail.com>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
Tensilica iss provides support for applications running in freestanding
environment through SIMCALL command. It is used by Tensilica libc to
access argc/argv, for file I/O, etc.
Note that simcalls that accept buffer addresses expect virtual addresses.
Signed-off-by: Max Filippov <jcmvbkbc@gmail.com>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
See ISA, 4.4.4 for details.
Correct (aligned as per ISA) address for unaligned access is generated
in case this option is not enabled.
Signed-off-by: Max Filippov <jcmvbkbc@gmail.com>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
See ISA, 4.3.3 for details.
TB flag XTENSA_TBFLAG_LITBASE is used to track enable bit of LITBASE SR.
Signed-off-by: Max Filippov <jcmvbkbc@gmail.com>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
See ISA, 4.3.2 for details.
Operations that change LEND SR value invalidate TBs at the old and at
the new LEND. LEND value at TB compilation time is considered constant
and loop instruction is generated based on this value.
Invalidation may be avoided for the TB at the old LEND address, since
looping code verifies actual LEND value.
Invalidation may be avoided for the TB at the new LEND address if
there's a way to associate LEND address with TB at compilation time and
later verify that it doesn't change.
Signed-off-by: Max Filippov <jcmvbkbc@gmail.com>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
See ISA, 4.7.1 for details.
Physical registers and currently visible window are separate fields in
CPUEnv. Only current window is accessible to TCG. On operations that
change window base helpers copy current window to and from physical
registers.
Window overflow check described in 4.7.1.3 is in separate patch.
Signed-off-by: Max Filippov <jcmvbkbc@gmail.com>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
- mark privileged opcodes with ring check;
- make debug exception on exception handler entry.
Signed-off-by: Max Filippov <jcmvbkbc@gmail.com>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
All operations in this group are no-ops, because cache ought to be
transparent to applications. However cache may be abused, then we'll
need to actually implement these opcodes.
Signed-off-by: Max Filippov <jcmvbkbc@gmail.com>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
All operations in this group are no-ops, because there are no delayed
side effects.
Signed-off-by: Max Filippov <jcmvbkbc@gmail.com>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
Reserved opcodes must generate illegal instruction exception. Usually
they signal emulation quality problems.
Not implemented opcodes are good to see.
Signed-off-by: Max Filippov <jcmvbkbc@gmail.com>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
Special Registers hold the majority of the state added to the processor
by the options. See ISA, 5.3 for details.
User Registers hold state added in support of designer's TIE and in some
cases of options that Tensilica provides. See ISA, 5.4 for details.
Only registers mapped in sregnames or uregnames are considered valid.
Signed-off-by: Max Filippov <jcmvbkbc@gmail.com>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
- BZ (comparison to zero);
- BI0 (comparison to signed immediate);
- BI1 (comparison to unsigned immediate);
- B (two registers comparison, bit sets comparison);
- BEQZ.N/BNEZ.N (narrow comparison to zero).
Signed-off-by: Max Filippov <jcmvbkbc@gmail.com>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
Sample board and sample CPU core are used for debug and may be used for
development of custom SoC emulators.
This board has two fixed size memory regions for DTCM and ITCM and
variable length SRAM region.
Signed-off-by: Max Filippov <jcmvbkbc@gmail.com>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
Instructions with op0 >= 8 are 2 bytes long, others are 3 bytes long.
Signed-off-by: Max Filippov <jcmvbkbc@gmail.com>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
Set up disas_xtensa_insn switch structure, mark required options on high
level groups. Implement arithmetic/bit logic/jump/call0.
Implement code generation loop with single step/breakpoint checking.
Signed-off-by: Max Filippov <jcmvbkbc@gmail.com>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
Remove a useless variable, spotted by clang analyzer:
/src/qemu/target-sparc/op_helper.c:3904:18: warning: unused variable 'tmp' [-Wunused-variable]
target_ulong tmp = val;
The error message is actually incorrect since the variable is used.
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
Avoid this warning from clang analyzer by deleting the variable:
/src/qemu/hw/lsi53c895a.c:895:5: warning: Value stored to 'id' is never read
id = (current_tag >> 8) & 0xf;
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
Avoid this warning from clang analyzer:
/src/qemu/cpu-exec.c:97:5: warning: Value stored to 'phys_page2' is never read
phys_page2 = -1;
Adjust the scope of the variable while at it.
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
Avoid these warnings from clang analyzer:
/src/qemu/target-i386/kvm.c:772:5: warning: Value stored to 'cwd' is never read
cwd = swd = twd = 0;
/src/qemu/target-i386/kvm.c:772:11: warning: Although the value stored to 'swd' is used in the enclosing expression, the value is never actually read from 'swd'
cwd = swd = twd = 0;
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
The code does not have any effect as is, fix it.
Spotted by clang analyzer:
/src/qemu/hw/hid.c:99:13: warning: Value stored to 'x1' is never read
x1 = 1;
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
Remove an unnecessary assignment, spotted by clang analyzer:
/src/qemu/qemu-io.c:995:9: warning: Value stored to 'offset' is never read
offset += reqs[i].qiov->size;
Acked-by: Kevin Wolf <kwolf@redhat.com>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
Compile g364fb in hwlib. Two compilations less for the full build.
Acked-by: Hervé Poussineau <hpoussin@reactos.org>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
fc764105 added an include for qemu-common.h to trace/control.h, which
made all users of this header file dependent on GENERATED_HEADERS. Since
it's used by pretty much all the trace backends now, make trace-obj-y
dependent on GENERATED_HEADERS.
Signed-off-by: Michael Roth <mdroth@linux.vnet.ibm.com>
Reviewed-by: Stefan Hajnoczi <stefanha@linux.vnet.ibm.com>
Signed-off-by: Michael Roth <mdroth@linux.vnet.ibm.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
Avoid using deprecated gnutls functions with recent gnutls versions.
Fixes build failure on Fedora 16. Keep the old way for compatibility
with old installations such as RHEL-5 (gnutls 1.4.x).
Based on a patch from Raghavendra D Prabhu <raghu.prabhu13@gmail.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
Initialize glib threads unconditionally in main() instead
of using g_thread_get_initialized in the 9p code.
Fixes a build failure on RHEL-5, which ships glib 2.12.
g_thread_get_initialized was added in 2.20.
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
To make good use of transparent hugepages, KVM requires that guest-physical
and host-virtual addresses share the low 21 bits (as opposed to just the low
12 bits normally required).
Adjust qemu_vmalloc() to honor that requirement. Ignore it for small regions
to avoid fragmentation.
Signed-off-by: Avi Kivity <avi@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
Qemu currently assumes that chtype is typedef'd to unsigned long, but
this is not necessarily the case (ncurses, for instance, can configure
this at build-time). This patch uses the predefined chtype if qemu is
configured for curses support and falls back to unsigned long otherwise.
Fixes bug 568614.
Signed-off-by: Devin J. Pohly <djpohly+launchpad@gmail.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
Adding a 2nd balloon device after unplugging the first one doesn't work.
Also, the 'info balloon' command should indicate an error mentioning no
balloon device is registered after unplug.
Reproduction steps given by Shaolong Hu:
(qemu) info balloon
Device 'balloon' has not been activated by the guest
(qemu) device_add virtio-balloon-pci,id=balloon1
(qemu) info balloon
balloon: actual=4096
(qemu) balloon 2048
(qemu) info balloon
balloon: actual=2048
(qemu) device_del balloon1
(qemu) info balloon
balloon: actual=4096
(qemu) balloon 2048
(qemu) info balloon
balloon: actual=4096
(qemu) device_del balloon1
Device 'balloon1' not found
(qemu) device_add virtio-balloon-pci,id=balloon1
Another balloon device already registered
Device 'virtio-balloon-pci' could not be initialized
(qemu) device_add virtio-balloon-pci,id=balloon2
Another balloon device already registered
Device 'virtio-balloon-pci' could not be initialized
Reported-by: Shaolong Hu <shu@redhat.com>
Signed-off-by: Amit Shah <amit.shah@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
The ppc64 code generation backend uses an rldicr (Rotate Left Double
Immediate and Clear Right) instruction to implement zero extension of
a 32 bit quantity to a 64 bit quantity (INDEX_op_ext32u_i64). However
this is wrong - this instruction clears specified low bits of the
value, instead of high bits as we require for a zero extension. It
should instead use an rldicl (Rotate Left Double Immediate and Clear
Left) instruction.
Presumably amongst other things, this causes the SLOF firmware image
used with -M pseries to not boot on a ppc64 host.
It appears this bug was exposed by commit
0bf1dbdcc9 (tcg/ppc64: fix 16/32 mixup)
which enabled the use of the op_ext32u_i64 operation on the ppc64
backend.
Signed-off-by: Thomas Huth <thuth@de.ibm.com>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Signed-off-by: malc <av1474@comtv.ru>
Previously, the address space soft limit was set mcache_max_size. So,
before the mcache_max_size was reached by the mapcache, QEMU was killed
for overuse of the virtual address space.
This patch fix that by setting the soft limit the maximum than can have
QEMU. So the soft and hard limit are always set to RLIM_INFINITY if QEMU
is privileged.
In case QEMU is not run as root and the limit is too low, the maximum
mapcache size will be set the rlim_max - 80MB because observed that QEMU
use 75MB more than the maximum mapcache size after several empirical
tests.
Signed-off-by: Anthony PERARD <anthony.perard@citrix.com>
Signed-off-by: Stefano Stabellini <stefano.stabellini@eu.citrix.com>
cpu_ioreq_move might move 8 bytes at a time so we must make sure that
the temporary variable can hold 8 bytes.
Signed-off-by: Stefano Stabellini <stefano.stabellini@eu.citrix.com>
Ensure that we read "request-abs-pointer" after the frontend has written
it. This means that we will correctly set up an ansolute or relative
pointer handler correctly.
Signed-off-by: John Haxby <john.haxby@oracle.com>
Signed-off-by: Stefano Stabellini <stefano.stabellini@eu.citrix.com>
Rename the existing xendev 'connect' op to 'initialised' and introduce
a new 'connected' op. This new op, if defined, is called when the
backend is connected. Note that since there is no state transition this
may be called more than once.
Signed-off-by: John Haxby <john.haxby@oracle.com>
Signed-off-by: Stefano Stabellini <stefano.stabellini@eu.citrix.com>
unlinkat - Remove a directory entry
size[4] Tunlinkat tag[2] dirfid[4] name[s] flag[4]
size[4] Runlinkat tag[2]
older Tremove have the below request format
size[4] Tremove tag[2] fid[4]
The remove message is used to remove a directory entry either file or directory
The remove opreation is actually a directory opertation and should ideally have
dirfid, if not we cannot represent the fid on server with anything other than
name. We will have to derive the directory name from fid in the Tremove request.
NOTE: The operation doesn't clunk the unlink fid.
Signed-off-by: Aneesh Kumar K.V <aneesh.kumar@linux.vnet.ibm.com>
rename - change name of file or directory
size[4] Trenameat tag[2] olddirfid[4] oldname[s] newdirfid[4] newname[s]
size[4] Rrenameat tag[2]
older Trename have the below request format
size[4] Trename tag[2] fid[4] newdirfid[4] name[s]
The rename message is used to change the name of a file, possibly moving it
to a new directory. The rename opreation is actually a directory opertation
and should ideally have olddirfid, if not we cannot represent the fid on server
with anything other than name. We will have to derive the old directory name
from fid in the Trename request.
Signed-off-by: Aneesh Kumar K.V <aneesh.kumar@linux.vnet.ibm.com>
Since qid is allocated out of stack we need to intialize
the field to zero. Otherwise we will send wrong qid value
to client.
Signed-off-by: Aneesh Kumar K.V <aneesh.kumar@linux.vnet.ibm.com>
We need to update the fidp path before opendir. Since we don't
use the fid returned by mkdir, earlier code should not have
much issue. We do a double v9fs_string_copy here. The later patch
cleanup the entire function.
Signed-off-by: Aneesh Kumar K.V <aneesh.kumar@linux.vnet.ibm.com>
* qemu-common.h is not a system include file, so it should be included
with "" instead of <>. Otherwise incremental builds might fail
because only local include files are checked for changes.
* linux-user/syscall.c included the file twice.
Cc: Riku Voipio <riku.voipio@iki.fi>
Cc: Jan Kiszka <jan.kiszka@siemens.com>
Acked-by: Kevin Wolf <kwolf@redhat.com>
Signed-off-by: Stefan Weil <weil@mail.berlios.de>
Signed-off-by: Stefan Hajnoczi <stefanha@linux.vnet.ibm.com>
This error was reported by cppcheck:
qemu/hw/9pfs/virtio-9p-debug.c:342:
error: Invalid number of character ({) when these macros are defined:
'DEBUG_DATA'.
Cc: Aneesh Kumar K.V <aneesh.kumar@linux.vnet.ibm.com>
Signed-off-by: Stefan Weil <weil@mail.berlios.de>
Signed-off-by: Stefan Hajnoczi <stefanha@linux.vnet.ibm.com>
This patch removes redundant shell code and cleans it a little bit.
Shell macro compile_prog takes two arguments:
local_cflags and local ldflags.
$QEMU_CFLAGS is added automatically to the cflags, so there is no need
to pass it as an argument.
It is also unnecessary to pass -Werror twice.
$flag is a compiler warning option, so it should be in local_cflags
instead of local_ldflags.
Signed-off-by: Stefan Weil <weil@mail.berlios.de>
Signed-off-by: Stefan Hajnoczi <stefanha@linux.vnet.ibm.com>
* Replace "available only" by the more common "only available".
* Tracing options depend on the configuration of the QEMU executable,
so clarify the help text for both options.
Cc: Stefan Hajnoczi <stefanha@linux.vnet.ibm.com>
Signed-off-by: Stefan Weil <weil@mail.berlios.de>
Signed-off-by: Stefan Hajnoczi <stefanha@linux.vnet.ibm.com>
(Edits by Riku Voipio to apply to current HEAD)
Rework option parsing code for linux-user in a table-driven manner to allow
environment variables for all commandline options.
Also generate usage() output from option table.
Fix complains from checkpatch.pl, also have envlist global
Signed-off-by: Johannes Schauer <j.schauer@email.de>
Signed-off-by: Riku Voipio <riku.voipio@linaro.org>
This patch implements the setxattr, getxattr, and removexattr syscalls
if CONFIG_ATTR is enabled.
Note that since libattr uses indirect syscalls for these, this change
depends on the fix for indirect syscall handling on MIPS.
Signed-off-by: Riku Voipio <riku.voipio@linaro.org>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: An-Cheng Huang <ancheng@ubnt.com>
On MIPS, some syscall arguments are taken from the stack. This patch adds
verification such that do_syscall() is only invoked if all arguments
have been successfully taken from the stack.
Signed-off-by: Riku Voipio <riku.voipio@linaro.org>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: An-Cheng Huang <ancheng@ubnt.com>
Change the number of argument for MIPS sys_syscall from 0 to 8. This
allows arguments for indirect syscalls to be processed correctly.
Signed-off-by: Riku Voipio <riku.voipio@linaro.org>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: An-Cheng Huang <ancheng@ubnt.com>
If gdbserver_start() fails (usually because we couldn't bind to the
requested TCP port) then exit qemu rather than blithely continuing.
This brings the linux-user behaviour in to line with system mode.
Signed-off-by: Riku Voipio <riku.voipio@linaro.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
linux-user: Implement new ARM 64 bit cmpxchg kernel helper
Linux 3.1 will have a new kernel-page helper for ARM implementing
64 bit cmpxchg. Implement this helper in QEMU linux-user mode:
* Provide kernel helper emulation for 64bit cmpxchg
* Allow guest to object to guest offset to ensure it can map a page
* Populate page with kernel helper version
Signed-off-by: Riku Voipio <riku.voipio@linaro.org>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Dr. David Alan Gilbert <david.gilbert@linaro.org>
Technically the new mmapped pages are already initialized to zero
since they are anonymous, however we have to take care with the
contents that come from the remaining part of the previous page: it
may contains garbage data due to a previous heap usage (grown then
shrunken).
This patch completes commit 55f08c84. The problem could be reproduced
when emulating the build process of Perl 5.12.3 on ARMedSlack 13.37:
make[1]: Entering directory `/tmp/perl-5.12.3/cpan/Compress-Raw-Bzip2'
cc -c -I. -fno-strict-aliasing -pipe -fstack-protector \
-I/usr/local/include -D_LARGEFILE_SOURCE -D_FILE_OFFSET_BITS=64 \
-O2 -DVERSION=\"2.024\" -DXS_VERSION=\"2.024\" -fPIC "-I../.." \
-DBZ_NO_STDIO decompress.c
decompress.c: In function 'BZ2_decompress':
decompress.c:621:1: internal compiler error: Segmentation fault
Signed-off-by: Riku Voipio <riku.voipio@linaro.org>
Signed-off-by: Laurent ALFONSI <laurent.alfonsi@st.com>
Signed-off-by: Cédric VINCENT <cedric.vincent@st.com>
The (x << (cl - 1)) quantity is only used if CL != 0. Move the
computation of that quantity nearer its use.
This avoids the creation of undefined TCG operations when the
constant propagation optimization proves that CL == 0, and thus
CL-1 is outside the range [0-wordsize).
Signed-off-by: Richard Henderson <rth@twiddle.net>
Signed-off-by: malc <av1474@comtv.ru>
As spotted by Aneesh, some users pass a NULL opaque so we need to be more
aggressive in checking whether a user means to unregister.
Also fix a double free caused by tag not being reset to zero after delete.
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
Add a separate reset function musb_reset() to the usb-musb interface,
so that users who implement a reset function can also reset usb-musb.
Use this in tusb6010.
Signed-off-by: Juha Riihimäki <juha.riihimaki@nokia.com>
[Riku Voipio: Fixes and restructuring patchset]
Signed-off-by: Riku Voipio <riku.voipio@iki.fi>
[Peter Maydell: More fixes and cleanups for upstream submission]
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Initialise usb-musb by passing it a DeviceState* and the offset of the
IRQs in its gpio array, rather than a plain pointer to an irq array.
This is simpler for callers and also allows us to pass in a valid parent
to usb_bus_new(), so the USB bus actually appears in the qdev tree.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Identifiers with double leading underscore are reserved, so rename
__musb_irq_max so we don't encroach on reserved namespace.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
This patch makes qemu assign a port when creating the device, not when
attaching it. For most usb devices this isn't a noticable difference
because they are in attached state all the time.
The change affects usb-host devices which live in detached state while
the real device is unplugged from the host. They have a fixed port
assigned all the time now instead of getting grabbing one on attach and
releasing it at detach, i.e. they stop floating around at the usb bus.
The change also allows to simplify usb-hub. It doesn't need the
handle_attach() callback any more to configure the downstream ports.
This can be done at device initialitation time now. The changed
initialization order (first grab upstream port, then register downstream
ports) also fixes some icky corner cases. For example it is not possible
any more to plug the hub into one of its own downstream ports.
The usb host adapters must care too. USBPort->dev being non-NULL
doesn't imply any more the device is in attached state. The host
adapters must additionally check the USBPort->dev->attached flag.
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
The ->complete() callback might have released the USBPacket (uhci
actually does), so we must not touch it after the callback returns.
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
This patch adds code to do minimal siTD handling, which is basically
just following the next pointer. This is good enougth to handle the
inactive siTDs used by FreeBSD. Active siTDs are skipped too as we
don't have split transfer support in qemu, additionally a warning is
printed.
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
USB Devices can have up to 15 IN and 15 OUT endpoints, not 15 endpoints
total. Move from one array to two arrays (one IN, one OUT) to maintain
the endpoint state.
When configured to pass through a specific host port (using hostbus and
hostport properties), try to claim the port if supported by the kernel.
That will avoid any kernel drivers binding to devices plugged into that
port. It will not stop any userspace apps (such as usb_modeswitch)
access the device via usbfs though.
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
It is perfectly fine to leave the usb device in unconfigured state
(USBHostDevice->configuration == 0). Just do that and wait for the
guest to explicitly set a configuration. This is closer to what real
hardware does and it also simplifies the device initialization. There
is no need to figure how the device is configured on the host.
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Limit the number of times qemu tries to open host devices to three.
Reset error counter when the device goes away, after un-plugging and
re-plugging the device qemu will try again three times.
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Two fixes for the price of one ;)
First, reinitialize the endpoint table after device reset.
This is needed anyway as the reset might have switched interfaces.
It also clears the endpoint halted state.
Second the CLEAR_HALT ioctl wants a unsigned int passed in as
argument, not uint8_t.
This gets my usb sd card reader (sandisk micromate) going.
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Add a bunch of trace points to usb-linux.c Drop a bunch of DPRINTK's in
favor of the trace points. Also cleanup error reporting a bit while being
at it.
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
If qxl->ssd.running=true is set after telling spice to start, the spice server
thread can call qxl_send_events while qxl->ssd.running is still false. This leads to
assert(d->ssd.running).
Signed-off-by: Yonit Halperin <yhalperi@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
if qxl_send_events was called from spice server context, and then
migration had completed before a call to pipe_read, the target
guest qxl driver didn't get the interrupt. In addition,
qxl_send_events ignored further interrupts of the same kind, since
ram->int_pending was set. As a result, the guest driver was stacked
or very slow (when the waiting for the interrupt was with timeout).
Signed-off-by: Yonit Halperin <yhalperi@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Fix format string errors causing compile failure on 32 bit hosts
when spice is enabled.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Use the correct printf format string character (%z) for ssize_t.
This fixes a compile failure on 32 bit Linux with spice enabled.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
- do not return extra pages when requesting all pages (PAGE CODE = 0x3f)
- return correct sense code for PC = 3 (saved parameters not supported)
- do not return geometry pages for CD devices
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Even though we do not use them, we should include the last three
bytes of sense data in the additional sense length.
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
"\/" is supposed to be decoded as "/", but there is no need to encode
"/" via escape. Fix the existing test and add a second one expressing
this.
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Acked-by: Michael Roth <mdroth@linux.vnet.ibm.com>
Signed-off-by: Luiz Capitulino <lcapitulino@redhat.com>
The QDict unit-tests (check-qdict) will fail when ran on a different
build directory. That's, it only works when ran on the source dir.
This happens because its data file (qdict-test-data.txt) is not
copied to the build dir. Fix it.
Signed-off-by: Luiz Capitulino <lcapitulino@redhat.com>
Rename SERVICE_ACTION_IN to SERVICE_ACTION_IN_16 to distinguish
from the 12-byte CDB variant, and add a constant for the subcommand.
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Writes go through scsi_write_complete at least twice, the first time
to get some data without having actually written anything. Because
of this, the first time scsi_write_complete is called it will call
bdrv_acct_done and account a read incorrectly. Fix this by looking
at the aiocb. I am doing the same in scsi_read_complete for symmetry,
but it is only needed in the (bogus) case of bdrv_aio_readv returning
NULL.
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
The vSphere 4 exported image is streamOptimized extent, which is not
quite correctly handled. Ignore rdgOffset when RGD flag bit not set.
Signed-off-by: Fam Zheng <famcool@gmail.com>
Reviewed-by: Stefan Hajnoczi <stefanha@linux.vnet.ibm.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Haiku provides a specially formed vmdk image, which let qemu abort. It a
combination of sparse header and flat data (i.e. with not l1/l2 table at
all). The fix is turn to descriptor when sparse header is zero in field
'capacity'.
Signed-off-by: Fam Zheng <famcool@gmail.com>
Reviewed-by: Stefan Hajnoczi <stefanha@linux.vnet.ibm.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Creating streamOptimized subformat. Added subformat option
'streamOptimized', to create a image with compression enabled and each
cluster with a GrainMarker.
Signed-off-by: Fam Zheng <famcool@gmail.com>
Reviewed-by: Stefan Hajnoczi <stefanha@linux.vnet.ibm.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Added flags field for compressed/streamOptimized extents, open and save
image configuration.
Signed-off-by: Fam Zheng <famcool@gmail.com>
Reviewed-by: Stefan Hajnoczi <stefanha@linux.vnet.ibm.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Factor out read/write extent code, since there will be more things to
take care of once reading/writing compressed clusters is introduced.
Signed-off-by: Fam Zheng <famcool@gmail.com>
Reviewed-by: Stefan Hajnoczi <stefanha@linux.vnet.ibm.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Device models should be able to use it without an unclean include of
block_int.h.
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
We try the drive defined with -drive if=ide,index=0 (or equivalent
sugar). We use it only if (dinfo && bdrv_is_inserted(dinfo->bdrv) &&
!bdrv_is_removable(dinfo->bdrv)). This is a convoluted way to test
for "drive media can't be removed".
The only way to create such a drive with -drive if=ide is media=cdrom.
And that sets dinfo->media_cd, so just test that.
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
pci_piix3_xen_ide_unplug() unplugs only disks, not CD-ROMs. It peeks
into the DriveInfo's BlockDriverState to distinguish between the two.
Unclean; use DriveInfo member media_cd, like xen_config_dev_blk().
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
savevm and loadvm silently ignore block devices with removable media,
such as floppies and SD cards. Rolling back a VM to a previous
checkpoint will *not* roll back writes to block devices with removable
media.
Moreover, bdrv_is_removable() is a confused mess, and wrong in at
least one case: it considers "-drive if=xen,media=cdrom -M xenpv"
removable. It'll be cleaned up later in this series.
Read-only block devices are also ignored, but that's okay.
Fix by ignoring only read-only block devices and empty block devices.
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Change (!bdrv_is_removable(bs) || bdrv_is_inserted(bs)) to just
bdrv_is_inserted(). Rationale:
The value of bdrv_is_removable(bs) matters only when
bdrv_is_inserted(bs) is false.
bdrv_is_inserted(bs) is true when bs is open (bs->drv != NULL) and
not an empty host drive (CD-ROM or floppy).
Therefore, bdrv_is_removable(bs) matters only when:
1. bs is not open
old: may call bdrv_flush(bs), which does nothing
new: won't call
2. bs is an empty host drive
old: may call bdrv_flush(bs), which calls driver method
raw_flush(), which calls fdatasync() or equivalent, which
can't do anything useful while the drive is empty
new: won't call
Result is bs->drv && !bdrv_is_read_only(bs) && bdrv_is_inserted(bs).
bdrv_is_inserted(bs) implies bs->drv. Drop the redundant test.
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
fdctrl_change_cb() gets called on a virtual media change via monitor.
It would be nice if host device block drivers called it on physical
media change, but they don't.
bdrv_media_changed() lets you poll for media change, but it returns
"don't know" except with block driver "host_floppy".
FDrive member media_changed gets set on device initialization and by
fdctrl_change_cb(), and cleared by fdctrl_media_changed(). Thus, it's
set on first entry to fdctrl_media_changed() since device
initialization or virtual media change.
fdctrl_media_changed() ignores media_changed unless
bdrv_media_changed() returns "don't know". If we change media via
monitor (setting media_changed), and the new media's block driver
returns 0, we lose. Fortunately, "host_floppy" always returns 1 on
first call. Brittle. Clean it up not to rely on it.
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Block driver "raw" forwards most methods to the underlying block
driver. However, it doesn't implement method bdrv_media_changed().
Makes bdrv_media_changed() always return -ENOTSUP.
I believe -fda /dev/fd0 gives you raw over host_floppy, and disk
change detection (fdc register 7 bit 7) is broken. Testing my theory
requires a computer museum, though.
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Drop WIN_SRST, it has the same value as WIN_DEVICE_RESET.
Drop unused WIN_RESTORE, it has the same value as WIN_RECAL.
Drop codes that are not implemented and long obsolete: WIN_READ_LONG,
WIN_READ_LONG_ONCE, WIN_WRITE_LONG, WIN_WRITE_LONG_ONCE, WIN_FORMAT
(all obsolete since ATA4), WIN_ACKMEDIACHANGE, WIN_POSTBOOT,
WIN_PREBOOT (obsolete since ATA3), WIN_WRITE_SAME (obsolete since
ATA3, code reused for something else in ACS2), WIN_IDENTIFY_DMA
(obsolete since ATA4).
Drop codes that are not implemented and vendor-specific:
EXABYTE_ENABLE_NEST, DISABLE_SEAGATE.
Drop WIN_INIT, it isn't implemented, its value used to be reserved,
and is used for something else since ATA8.
CFA_IDLEIMMEDIATE isn't specific to CFATA. ACS-2 shows it as a
defined command in ATA-1, -2 and -3. Rename to WIN_IDLEIMMEDIATE2.
Mark vendor specific, retired, and obsolete codes.
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Multiplexing callbacks complicates matters needlessly.
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
For now, this just protects against programming errors like having the
same drive back multiple non-qdev devices, or untimely bdrv_delete().
Later commits will add other interesting uses.
While there, rename BlockDriverState member peer to dev, bdrv_attach()
to bdrv_attach_dev(), bdrv_detach() to bdrv_detach_dev(), and
bdrv_get_attached() to bdrv_get_attached_dev().
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
qemu may segfault when a BH handler first deletes a BH and then (possibly
indirectly) calls a nested qemu_bh_poll(). This is because the inner instance
frees the BH and deletes it from the list that the outer one processes.
This patch deletes BHs only in the outermost qemu_bh_poll instance.
Commit 7887f620 already tried to achieve the same, but it assumed that the BH
handler would only delete its own BH. With a nested qemu_bh_poll(), this isn't
guaranteed, so that commit wasn't enough. Hope this one fixes it for real.
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Requests depending on a failed request would end up waiting forever. This fixes
the error path to continue dependent requests even when the request has failed.
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Add some notes about Linux AIO explaining why we don't use AIO in
some situations.
Signed-off-by: Frediano Ziglio <freddy77@gmail.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
No change to the CPU kinds, so SMP will only work if
manually changing the cpu to 34Kf:
-cpu 34Kf -smp 2
Signed-off-by: Edgar E. Iglesias <edgar.iglesias@gmail.com>
1. The pending need to pass the Status IM gating.
2. The priority is from seven (highest prio) down to zero.
QEMU was doing the opposite.
Signed-off-by: Edgar E. Iglesias <edgar.iglesias@gmail.com>
These registers share some of their fields. Writes to these fields
should be visible through the corresponding mirror fields.
Signed-off-by: Edgar E. Iglesias <edgar.iglesias@gmail.com>
cfi02 is annoying in that is ignores some address bits; we probably
want explicit support in the memory API for that.
In order to get the correct opaque into the MemoryRegion object, the
allocation scheme is changed so that the flash emulation code allocates
memory, instead of the caller. This clears a FIXME in the flash code.
Signed-off-by: Avi Kivity <avi@redhat.com>
The code will remap all PAMs, even if just one is updated, resulting
in reduced performance. Wrap in a transaction to detect that those
other PAMs have not changed.
Reviewed-by: Richard Henderson <rth@twiddle.net>
Signed-off-by: Avi Kivity <avi@redhat.com>
This prevents spurious unmapping and remapping of the vga windows,
which reduces performance.
Reviewed-by: Richard Henderson <rth@twiddle.net>
Signed-off-by: Avi Kivity <avi@redhat.com>
Add a new memory space for PCI instead of using system memory.
This also fixes a bug where VGA region vga.chain4 is
accidentally mapped to 0xa0000 instead of 0x1ff000a0000.
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
Allow overriding the location of Samba's smbd.
Pretty much every OS I look at has some means of
changing this path (patching) so lets just make
it easier for OS developers creating packages
and/or end users to override the location.
Signed-off-by: Brad Smith <brad@comstyle.com>
Reviewed-by: Stefan Hajnoczi <stefanha@linux.vnet.ibm.com>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
Most changes were made using these commands:
git grep -la '__attribute__((packed))'|xargs perl -pi -e 's/__attribute__\(\(packed\)\)/QEMU_PACKED/'
git grep -la '__attribute__ ((packed))'|xargs perl -pi -e 's/__attribute__ \(\(packed\)\)/QEMU_PACKED/'
git grep -la '__attribute__((__packed__))'|xargs perl -pi -e 's/__attribute__\(\(__packed__\)\)/QEMU_PACKED/'
git grep -la '__attribute__ ((__packed__))'|xargs perl -pi -e 's/__attribute__ \(\(__packed__\)\)/QEMU_PACKED/'
git grep -la '__attribute((packed))'|xargs perl -pi -e 's/__attribute\(\(packed\)\)/QEMU_PACKED/'
Whitespace in linux-user/syscall_defs.h was fixed manually
to avoid warnings from scripts/checkpatch.pl.
Manual changes were also applied to hw/pc.c.
I did not fix indentation with tabs in block/vvfat.c.
The patch will show 4 errors with scripts/checkpatch.pl.
Signed-off-by: Stefan Weil <weil@mail.berlios.de>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
A packed struct needs different gcc attributes for compilations
with MinGW compilers because glib-2.0 adds compiler flag
-mms-bitfields which modifies the packing algorithm.
Attribute gcc_struct reverses the negative effects of -mms-bitfields.
QEMU_PACKED sets this attribute and must be used for any packed
struct which is affected by -mms-bitfields.
Signed-off-by: Stefan Weil <weil@mail.berlios.de>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
Fix install(1) usage to be compatible with OpenBSD's install(1).
When creating a directory via the -d flag the -p flag cannot be
used at the same time. Also in the context of installing QEMU it
doesn't make sense to use the -p flag anyway so use the [default]
-c flag instead.
Signed-off-by: Brad Smith <brad@comstyle.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
This has been discussed before in the past. The special casing really makes no
sense anymore. This seems like a good change to make for 1.0.
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
Enabling the I/O thread by default seems like an important part of declaring
1.0. Besides allowing true SMP support with KVM, the I/O thread means that the
TCG VCPU doesn't have to multiplex itself with the I/O dispatch routines which
currently requires a (racey) signal based alarm system.
I know there have been concerns about performance. I think so far the ones that
have come up (virtio-net) are most likely due to secondary reasons like
decreased batching.
I think we ought to force enabling I/O thread early in 1.0 development and
commit to resolving any lingering issues.
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
cppcheck reports this error:
qemu/hw/sh_intc.c:390: error: Possible null pointer dereference:
s - otherwise it is redundant to check if s is null at line 385
If s were NULL, the printf() statement would crash.
Setting braces fixes this bug.
Signed-off-by: Stefan Weil <weil@mail.berlios.de>
Reviewed-by: Andreas Färber <andreas.faerber@web.de>
Signed-off-by: Stefan Hajnoczi <stefanha@linux.vnet.ibm.com>
Avoid duplicate object files during the link. There are legitimate
cases where a link command-line would include duplicate object files
because two independent subsystems both depend on common infrastructure.
Use GNU make's $(sort) function to remove duplicate object files from
the link command-line.
Signed-off-by: Stefan Hajnoczi <stefanha@linux.vnet.ibm.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
This patch changes qemu_set_fd_handler to be implemented in terms of
g_io_add_watch(). The semantics are a bit different so some glue is required.
qemu_set_fd_handler2 is much harder to convert because of its use of polling.
The glib main loop has the major of advantage of having a proven thread safe
architecture. By using the glib main loop instead of our own, it will allow us
to eventually introduce multiple I/O threads.
I'm pretty sure that this will work on Win32, but I would appreciate some help
testing. I think the semantics of g_io_channel_unix_new() are really just tied
to the notion of a "unix fd" and not necessarily unix itself.
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
This allows GSources to be used to register callback events in QEMU. This is
useful as it allows us to take greater advantage of glib and also because it
allows us to write code that is more easily testable outside of QEMU since we
can make use of glib's main loop in unit tests.
All new code should use glib's callback mechanisms for registering fd events
which are very well documented at:
http://developer.gnome.org/glib/stable/glib-The-Main-Event-Loop.html
And:
http://developer.gnome.org/gio/stable/
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
Move the declaration and initialisation of some variables in
tcg_out_qemu_ld and tcg_out_qemu_st inside CONFIG_SOFTMMU, to
avoid the "variable set but not used" warning of gcc 4.6.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: malc <av1474@comtv.ru>
The simpletrace.process() function invokes analyzer methods with the
wrong number of arguments if a timestamp should be included. This patch
fixes the issue so that trace analysis scripts can make use of
timestamps.
Signed-off-by: Stefan Hajnoczi <stefanha@linux.vnet.ibm.com>
Given that all events with programmatically-controlled state are disabled by
default, we can delete the "disable" property from all events.
Signed-off-by: Lluís Vilanova <vilanova@ac.upc.edu>
Uses the generic interface provided in "trace/control.h" in order to provide
a programmatic interface as well as command line and monitor controls.
Signed-off-by: Fabien Chouteau <chouteau@adacore.com>
Signed-off-by: Lluís Vilanova <vilanova@ac.upc.edu>
Note that this refers to the backend-specific state (whether the output must be
generated), not the event "disabled" property (which always uses the "nop"
backend).
Signed-off-by: Lluís Vilanova <vilanova@ac.upc.edu>
Any event with the keyword/property "disable" generates an empty trace event
using the "nop" backend, regardless of the current backend.
Signed-off-by: Lluís Vilanova <vilanova@ac.upc.edu>
The "-trace events" argument can be used to provide a file with a list of trace
event names that will be enabled prior to starting execution, thus providing
early tracing.
This saves the user from manually toggling event states through the monitor
interface or whichever backend-specific interface.
Signed-off-by: Lluís Vilanova <vilanova@ac.upc.edu>
The current interface is generic for this small set of operations, and thus
other backends can easily modify the "trace/control.c" file to add their own
implementation.
Signed-off-by: Lluís Vilanova <vilanova@ac.upc.edu>
Generalize the 'st_print_trace_events' and 'st_change_trace_event_state' into
backend-specific 'trace_print_events' and 'trace_event_set_state' (respectively)
in the "trace/control.h" file.
Signed-off-by: Lluís Vilanova <vilanova@ac.upc.edu>
This adds/modifies the following functions:
* get_name: Get _only_ the event name
* has_property: Return whether an event has a property (keyword before the event
name)
Signed-off-by: Lluís Vilanova <vilanova@ac.upc.edu>
A default implementation for backend-specific routines is provided in
"trace/default.c", which backends can override by setting "trace_default=no" in
"configure".
Signed-off-by: Lluís Vilanova <vilanova@ac.upc.edu>
Provides a more hierarchical view of the variable domain.
Also adds the CONFIG_TRACE_* variables for all backends.
[Stefan added missing 'test' in stap if statement]
Signed-off-by: Lluís Vilanova <vilanova@ac.upc.edu>
Signed-off-by: Stefan Hajnoczi <stefanha@linux.vnet.ibm.com>
Helper programs like qemu-ga use tracing primitives, but qemu-timer-common.o
(also used by simpletrace.o) is not necessarily included in the linkage line.
Signed-off-by: Lluís Vilanova <vilanova@ac.upc.edu>
Using '$^' to establish the files to link with will remove any repeated entries
in the list of dependencies.
Signed-off-by: Lluís Vilanova <vilanova@ac.upc.edu>
Convert the tusb6010 to qdev.
Signed-off-by: Juha Riihimäki <juha.riihimaki@nokia.com>
[Riku Voipio: Fixes and restructuring patchset]
Signed-off-by: Riku Voipio <riku.voipio@iki.fi>
[Peter Maydell: More fixes and cleanups for upstream submission]
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Edgar E. Iglesias <edgar.iglesias@gmail.com>
Mask out the sub-page bits that are used by ROM device for storing the
io-index and the IO_MEM_ROMD flag.
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Signed-off-by: Avi Kivity <avi@redhat.com>
By default, require 4k of consecutive zero bytes for qemu-img to make the
output file sparse by not issuing a write request for the zeroed parts. Add an
-S option to allow users to tune this setting.
This helps to avoid situations where a lot of zero sectors and data sectors are
mixed and qemu-img tended to issue many tiny 512 byte writes.
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
When adding a rom_device in I/O mode, we incorrectly masked off the low
bits, resulting in a pure RAM map. Fix my masking off the high bits and
IO_MEM_ROMD, yielding a pure I/O map.
Signed-off-by: Avi Kivity <avi@redhat.com>
This commit implements the prefetch engine feature of the GPMC
which can be used for NAND devices. This includes both interrupt
driven and DMA-filling modes.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Refactor the gpmc state structure so items relating to
the prefetch engine are in their own sub-struct and have
more useful names.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
OMAP3630 adds an extra bit of address masking, so a mask of
0xb1111 is valid. Unfortunately the GPMC_REVISION is the same as
on the OMAP3430 which only has three bits of address masking, so
we have to derive this feature directly from the OMAP revision
rather than from the GPMC revision.
Signed-off-by: Juha Riihimäki <juha.riihimaki@nokia.com>
[Riku Voipio: Fixes and restructuring patchset]
Signed-off-by: Riku Voipio <riku.voipio@iki.fi>
[Peter Maydell: More fixes and cleanups for upstream submission]
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Add the OMAP 3630 to the omap_mpu_model enumeration, and add the
corresponding cpu_is_omap3630() function.
(OMAP3 isn't supported yet but this is useful in upgrading common
components to be "OMAP3 ready". We already have this for OMAP3430.)
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Support accesses to NAND devices, both by mapping them into
the GPMC address space, and via the NAND_COMMAND, NAND_ADDRESS
and NAND_DATA GPMC registers.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Juha Riihimäki <juha.riihimaki@nokia.com>
[Riku Voipio: Fixes and restructuring patchset]
Signed-off-by: Riku Voipio <riku.voipio@iki.fi>
[Peter Maydell: More fixes and cleanups for upstream submission]
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Take a pointer to the omap mpu state struct in omap_gpmc_init.
Some details of GPMC behaviour depend on the OMAP version we
are a part of.
Signed-off-by: Juha Riihimäki <juha.riihimaki@nokia.com>
[Riku Voipio: Fixes and restructuring patchset]
Signed-off-by: Riku Voipio <riku.voipio@iki.fi>
[Peter Maydell: More fixes and cleanups for upstream submission]
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
The OMAP3 TRM is inconsistent about whether the GPMC FIFOTHRESHOLDSTATUS
bit should be set when FIFOPOINTER > FIFOTHRESHOLD or when it is >=
FIFOTHRESHOLD. Apparently the underlying functional spec from which
the TRM was created states that the behaviour is ">=", and this also
makes more conceptual sense.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
The omap_gpmc wasn't actually wiring up its IRQ, so
anything that provoked an interrupt would be using
uninitialised data for its IRQ number.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Fix a bug in the handling of writes to GPMC_IRQSTATUS:
it behaves as "write one to clear, writing zero is ignored".
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Refactor the omap_gpmc_cs_map/unmap functions:
* take the omap_gpmc_s* and a chipselect id rather than the
omap_gpmc_cs_file_s*, so they have access to the general gpmc
member fields
* extract the base and mask from the config registers in the functions
rather than at every callsite
* check for CSVALID in the functions rather than at every callsite
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Now that all callers of omap_gpmc_attach pass in a MemoryRegion*,
we can remove the base_update and unmap function pointer arguments,
and the opaque pointer that was passed into these callbacks.
We can also remove the base and size fields from omap_gpmc_cs_file_s
as these are no longer necessary (you don't need the base/size
to unmap a MemoryRegion the way you did to undo a mapping made
with cpu_register_physical_memory()).
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Minor whitespace-only cleanup (separated out from the qdevifying
patch for clarity).
Signed-off-by: Juha Riihimäki <juha.riihimaki@nokia.com>
[Riku Voipio: Fixes and restructuring patchset]
Signed-off-by: Riku Voipio <riku.voipio@iki.fi>
[Peter Maydell: More fixes and cleanups for upstream submission]
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Qdevify the ONENAND device.
Signed-off-by: Juha Riihimäki <juha.riihimaki@nokia.com>
[Riku Voipio: Fixes and restructuring patchset]
Signed-off-by: Riku Voipio <riku.voipio@iki.fi>
[Peter Maydell: More fixes and cleanups for upstream submission]
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Refactor onenand_command() -- since it is essentially a method of
the device object, it doesn't make sense to pass in something as
an argument which is one of the object's own member fields.
Signed-off-by: Juha Riihimäki <juha.riihimaki@nokia.com>
[Riku Voipio: Fixes and restructuring patchset]
Signed-off-by: Riku Voipio <riku.voipio@iki.fi>
[Peter Maydell: More fixes and cleanups for upstream submission]
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Add a sysbus_mmio_get_region() which allows users of sysbus
devices to turn a (SysBusDevice*, mmioidx) tuple into a
MemoryRegion*. This enables some useful simplifications of
devices which pass through another device's mmio region
(either directly or by implementing some kind of memory
controller device).
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
The a7 area was set up as an alias of itself, rather than the p4 area. This
sent the memory core into infinite recursion.
Fix by aliasing the a7 area to the p4 area.
Signed-off-by: Avi Kivity <avi@redhat.com>
clear interrupt request if the interrupt priority < CPU pil
clear hardware interrupt request if interrupts are disabled
Signed-off-by: Artyom Tarasenko <atar4qemu@gmail.com>
[blauwirbel@gmail.com: added a comment about magic 2]
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
Use enum TCGOpcode instead of plain old int so that the name of
current op can be seen in GDB. Add a default case to switch
so that GCC does not complain about unhandled enum cases.
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
Extract G364 ROM contents from device emulation to machine emulation,
so device emulation can be reused in other machines (Commodore Amiga)
Signed-off-by: Hervé Poussineau <hpoussin@reactos.org>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
checkpatch.pl doesn't report warning for if/else statements with missing
'else' braces:
if (something) {
foo;
} else
bar;
The patch has been tested using the last 100 commits.
Signed-off-by: Pavel Borzenkov <pavel.borzenkov@gmail.com>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
Remove PROVIDE_HIDDEN and ONLY_IF_{RO,RW} from linker scripts to make
them work with older binutils versions. Fixes *-bsd-user build on
OpenBSD 4.9 which ships binutils 2.15.
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
The first issue is the hard coded POSIX Real Time extensions library in the
libcacard/Makefile. From looking at the code it doesn't seem this is necessary
anyway. Robert Relyea seems to think it most likely isn't necessary.
The second issue was the missing exclusion of the BSD userland binary
builds from the addition of this Makefile target for the smartcard NSS
code which breaks the builds if smartcard NSS support is enabled.
pastebin clip of the build failure..
http://pastebin.com/raw.php?i=BLCKd3s6
Signed-off-by: Brad Smith <brad@comstyle.com>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
Account the total latency for read/write/flush requests. This allows
management tools to average it based on a snapshot of the nr ops
counters and allow checking for SLAs or provide statistics.
Signed-off-by: Christoph Hellwig <hch@lst.de>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
When the vhost notifier is disabled, the userspace handler runs
immediately: virtio_pci_set_host_notifier_internal might
call virtio_queue_notify_vq.
Since the VQ state and the tap backend state aren't
recovered yet, this causes
"Guest moved used index from XXX to YYY" assertions.
The solution is to split out host notifier handling
from vhost VQ setup and disable notifiers as our last step
when we stop vhost-net. For symmetry enable them first thing
on start.
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
This reverts commit 8ef9ea85a2, reversing
changes made to 444dc48298.
From Avi:
Please revert the entire pull (git revert 8ef9ea85a2) while I work this
out - it isn't trivial.
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
Some gcc versions do not properly detect that all possible cases are
covered and base and size are always initialized. Please gcc by defining
a pseudo default case.
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
Decouple the I/O accounting from bdrv_aio_readv/writev/flush and
make the hardware models call directly into the accounting helpers.
This means:
- we do not count internal requests from image formats in addition
to guest originating I/O
- we do not double count I/O ops if the device model handles it
chunk wise
- we only account I/O once it actuall is done
- can extent I/O accounting to synchronous or coroutine I/O easily
- implement I/O latency tracking easily (see the next patch)
I've conveted the existing device model callers to the new model,
device models that are using synchronous I/O and weren't accounted
before haven't been updated yet. Also scsi hasn't been converted
to the end-to-end accounting as I want to defer that after the pending
scsi layer overhaul.
Signed-off-by: Christoph Hellwig <hch@lst.de>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Commit c62f6d1 (monitor: fix build breakage with --disable-vnc)
conditionalised some VNC setup code but left an unused variable. Move
the variable into the conditional code to fix the build breakage.
Cc: Luiz Capitulino <lcapitulino@redhat.com>
Cc: Markus Armbruster <armbru@redhat.com>
Signed-off-by: Jamie Iles <jamie@jamieiles.com>
Signed-off-by: Luiz Capitulino <lcapitulino@redhat.com>
cfi02 is annoying in that is ignores some address bits; we probably
want explicit support in the memory API for that.
Reviewed-by: Richard Henderson <rth@twiddle.net>
Signed-off-by: Avi Kivity <avi@redhat.com>
The code will remap all PAMs, even if just one is updated, resulting
in reduced performance. Wrap in a transaction to detect that those
other PAMs have not changed.
Reviewed-by: Richard Henderson <rth@twiddle.net>
Signed-off-by: Avi Kivity <avi@redhat.com>
This prevents spurious unmapping and remapping of the vga windows,
which reduces performance.
Reviewed-by: Richard Henderson <rth@twiddle.net>
Signed-off-by: Avi Kivity <avi@redhat.com>
ppc maps the escc mmio region both at a fixed offset (as a sysbus area) and as part of a PCI BAR.
This crashes, since a MemoryRegion may have only one parent. Use an alias so we have a separate
MemoryRegion for the BAR.
Signed-off-by: Avi Kivity <avi@redhat.com>
The map/unmap code was assymetric - unmap used the local MemoryRegion while
map used isa_mmio_init(), which cannot handle dynamic mappings.
Fix by using isa_mmio_setup() and the local MemoryRegion.
Signed-off-by: Avi Kivity <avi@redhat.com>
Signed-off-by: Edgar E. Iglesias <edgar.iglesias@gmail.com>
This makes the sheepdog block driver support bdrv_co_readv/writev
instead of bdrv_aio_readv/writev.
With this patch, Sheepdog network I/O becomes fully asynchronous. The
block driver yields back when send/recv returns EAGAIN, and is resumed
when the sheepdog network connection is ready for the operation.
Signed-off-by: MORITA Kazutaka <morita.kazutaka@lab.ntt.co.jp>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Nothing good can happen when we overlap capabilities. This may happen
when plugging in assigned devices or when devices models contain bugs.
Detect the overlap and report it.
Based on qemu-kvm commit by Alex Williamson.
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Acked-by: Don Dutile <ddutile@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
various fixes to make aer inject error command work.
- wrong assert
- command line parser
- err.status needs initialization
Signed-off-by: Isaku Yamahata <yamahata@valinux.co.jp>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
When slot status register is cleared, PCIDevice::exp.hpev_notify
needs to be cleared.
Otherwise, PCIDevice::exp.hpev_notify is never set to false resulting
in no more hot plug event once it's raised.
Signed-off-by: Isaku Yamahata <yamahata@valinux.co.jp>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
When an exception occurs on BookE, we need to set ESR bits to expose
to the guest information on what exactly happened. Add the obvious ones.
Reported-by: Jason Wessel <jason.wessel@windriver.com>
Signed-off-by: Alexander Graf <agraf@suse.de>
Signed-off-by: Edgar E. Iglesias <edgar.iglesias@gmail.com>
When accessing an SPE instruction despite it being not available,
throw an SPE exception instead of an APU exception. That way the
guest knows what's going on and actually uses SPE.
Reported-by: Jason Wessel <jason.wessel@windriver.com>
Signed-off-by: Alexander Graf <agraf@suse.de>
Signed-off-by: Edgar E. Iglesias <edgar.iglesias@gmail.com>
The BookE spec specifies a number of ESR bits. Add defines for them
so we can use them later on.
Reported-by: Jason Wessel <jason.wessel@windriver.com>
Signed-off-by: Alexander Graf <agraf@suse.de>
Signed-off-by: Edgar E. Iglesias <edgar.iglesias@gmail.com>
Remove a spurious second map of the OMAP GPMC CS0 region on reset.
This fixes an assertion failure when we try to add the region to
its container when it was already added. (The old code did not
complain about mismatched map/unmap calls, but the new MemoryRegion
implementation does.)
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Edgar E. Iglesias <edgar.iglesias@gmail.com>
Embed qcow_aio_read_cb into qcow_co_readv and qcow_aio_write_cb into qcow_co_writev
Signed-off-by: Frediano Ziglio <freddy77@gmail.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
remove unused field from this structure and put some of them in qcow_aio_read_cb and qcow_aio_write_cb
Signed-off-by: Frediano Ziglio <freddy77@gmail.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
In certain circumstances, posix-aio-compat can incur a lot of latency:
- threads are created by vcpu threads, so if vcpu affinity is set,
aio threads inherit vcpu affinity. This can cause many aio threads
to compete for one cpu.
- we can create up to max_threads (64) aio threads in one go; since a
pthread_create can take around 30μs, we have up to 2ms of cpu time
under a global lock.
Fix by:
- moving thread creation to the main thread, so we inherit the main
thread's affinity instead of the vcpu thread's affinity.
- if a thread is currently being created, and we need to create yet
another thread, let thread being born create the new thread, reducing
the amount of time we spend under the main thread.
- drop the local lock while creating a thread (we may still hold the
global mutex, though)
Note this doesn't eliminate latency completely; scheduler artifacts or
lack of host cpu resources can still cause it. We may want pre-allocated
threads when this cannot be tolerated.
Thanks to Uli Obergfell of Red Hat for his excellent analysis and suggestions.
Signed-off-by: Avi Kivity <avi@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Current behaviour if a read fails is for the acb to not get finished.
This causes an infinite loop in bdrv_read_em (block.c). The read failure
never gets reported to the guest and if the error condition clears, the
process never recovers.
With this patch, when curl reports a failure we finish the acb as a
failure. This results in the guest receiving an I/O error (rather than
the read hanging indefinitely) and if the error condition subsequently
clears, retries work as expected.
The simplest test is to put an ISO on a web server you have control over
and open it with qemu-io. Then move the ISO out of the way and attempt
to read some data - you should see behaviour matching the above.
Signed-off-by: Nick Thomas <nick@bytemark.co.uk>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Documentation states the num is measured in clusters, but its
actually measured in sectors
Signed-off-by: Devin Nakamura <devin122@gmail.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Now that you can use cache=none for the output file in qemu-img, we should
properly align our buffers so that raw-posix doesn't have to use its (smaller)
bounce buffer.
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Reviewed-by: Stefan Hajnoczi <stefanha@linux.vnet.ibm.com>
By introducing BlockDriverState compiling qcow2 with DEBUG_ALLOC and DEBUG_EXT
defined got broken.
Define a BdrvCheckResult structure locally which is now needed as the second
argument.
Also fix qcow2_read_extensions() needing BDRVQcowState.
Signed-off-by: Philipp Hahn <hahn@univention.de>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
This patch adds -drive cache=directsync for O_DIRECT | O_SYNC host file
I/O with no disk write cache presented to the guest.
This mode is useful when guests may not be sending flushes when
appropriate and therefore leave data at risk in case of power failure.
When cache=directsync is used, write operations are only completed to
the guest when data is safely on disk.
This new mode is like cache=writethrough but it bypasses the host page
cache.
Signed-off-by: Stefan Hajnoczi <stefanha@linux.vnet.ibm.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
This patch introduces bdrv_parse_cache_flags() which sets open flags
given a cache mode. Previously this was duplicated in blockdev.c and
qemu-img.c.
Signed-off-by: Stefan Hajnoczi <stefanha@linux.vnet.ibm.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
This is a microblaze target specific function that belongs outside
of xilinx.h (which is a collection of target independent device model
instantiator functions)
Signed-off-by: Peter A. G. Crosthwaite <peter.crosthwaite@petalogix.com>
Signed-off-by: Edgar E. Iglesias <edgar.iglesias@gmail.com>
Added some missing #includes for this file. Previously this file
relied on its clients to pre-include its dependencies.
Signed-off-by: Peter A. G. Crosthwaite <peter.crosthwaite@petalogix.com>
Signed-off-by: Edgar E. Iglesias <edgar.iglesias@gmail.com>
While in full-screen mode, the input focus naturally belongs to the SDL
window. Avoid dropping it when switching from absolute to relative
mouse mode.
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
We can express the VCPU thread wakeup with the stop mechanism, saving
both qemu_system_ready and the qemu_system_cond. For KVM threads, we can
just enter the main loop as long as the thread is stopped. The central
TCG thread is better held back before the loop as there can be side
effects of the services called even when all CPUs are stopped.
Creating VCPUs in stopped state will also be required for proper CPU
hotplugging support.
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
Most VGA memory access modes require MMIO handling as they demand weird
logic to get a byte from or into the video RAM. However, there is one
exception: chain 4 mode with all memory planes enabled for writing. This
mode actually allows lineary mapping, which can then be combined with
dirty logging to accelerate KVM.
This patch accelerates specifically VBE accesses like they are used by
grub in graphical mode. Not only the standard VGA adapter benefits from
this, also vmware and spice in VGA mode.
CC: Gerd Hoffmann <kraxel@redhat.com>
CC: Avi Kivity <avi@redhat.com>
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
After the conversion to the new Memory API, vga_dirty_log_restart became
seriously pointless. Remove it from vmware-vga and and then finally drop
the service.
CC: Andrzej Zaborowski <balrogg@gmail.com>
CC: Avi Kivity <avi@redhat.com>
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
The code was disabled since day 1 of vmware-vga, and now it does not
even build anymore. Time for a cleanup.
CC: Andrzej Zaborowski <balrogg@gmail.com>
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
Fixes cold reset in vmware graphic modes. We need to split up the reset
function for this purpose, breaking out init-once bits.
Cc: Andrzej Zaborowski <balrogg@gmail.com>
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
If the polarity bit is set in the redirection table, the input level
simply has to inverted as it is low active in this case.
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
Polarity of external interrupts needs to be handled in the IOAPIC.
Passing it to the APIC is pointless. So remove all these arguments.
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
In TCG mode, iothread and vcpus run in lock-step. So it's pointless to
send a signal from qemu_cpu_kick to the vcpu thread - if we got here,
the receiver already left the vcpu loop.
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
Polling until select returns empty fdsets helps to reduce the switches
between iothread and vcpus. The benefit of this patch is best visible
when running an SMP guest on an SMP host in emulation mode.
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
If we call select without a timeout, it's more efficient to keep the
global mutex locked as we may otherwise just play ping pong with a
vcpu thread contending for it. This is particularly important for TCG
mode where we run in lock-step with the vcpu thread.
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
The legacy functions that we're wrapping expect that offset
to be included in the register. Indeed, they generally
expect the absolute address and then mask off the "high" bits.
The FDC is the first converted device with a non-zero offset.
Signed-off-by: Richard Henderson <rth@twiddle.net>
Signed-off-by: Avi Kivity <avi@redhat.com>
After 312b4234, the APIC and PCI devices are colliding with each other. This
is harmless in practice because the APIC accesses are special cased and never
make there way onto the bus.
Avi is working on a proper fix, but until that's ready, avoid printing the
warning.
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
The current implementation of PAM and the PCI holes is broken in several
ways:
- PCI BARs are not restricted to the PCI hole (a BAR may hide memory)
- PCI devices do not respect PAM (if a PCI device maps a region while
PAM maps the region to RAM, the request will be honored)
This patch fixes things by introducing a pci address space, and using
memory region aliases to represent PAM regions, SMRAM, and PCI holes.
The memory hierarchy looks something like
system_memory
|
+--- low memory alias (0-0xe0000000)
| |
| +-- ram@0
|
+--- high memory alias (0x100000000-EOM)
| |
| +-- ram@0xe0000000
|
+--- pci hole alias (end of low memory-0x100000000)
| |
| +-- pci@end-of-low-memory
|
|
+--- pam[n] (0xc0000-0xc3fff etc) (when set to pci, priority 1)
| |
| +-- pci@0xc4000 etc
|
+--- smram (0xa0000-0xbffff) (when set to pci/vga, priority 1)
|
+-- pci@0xa0000 etc
ram (simple ram region)
pci
|
+--- BARn
|
+--- VGA 0xa0000-0xbffff
|
+--- ROMs
Signed-off-by: Avi Kivity <avi@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
Instead, use the bus accessors, or get the address space directly
from the board constructor.
Signed-off-by: Avi Kivity <avi@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
Returns the PCI address space. Useful for bridges that can obscure
part of the PCI address space.
Signed-off-by: Avi Kivity <avi@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
A helper that returns the address space used by ISA devices. Useful
for getting rid of isa_mem_base, multiple ISA buses, or ISA buses behind
bridges.
Signed-off-by: Avi Kivity <avi@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
This problem with this function is that it is not reversible - it is
impossible to know where things are registered and unregister them
exactly. As there are no more users, we can remove it.
Signed-off-by: Avi Kivity <avi@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
Not a huge step forward, but at least we now have a 1:1 relationship
between registration and unregistration.
Signed-off-by: Avi Kivity <avi@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
This tells the sysbus code it need not use IO_MEM_UNASSIGNED.
Signed-off-by: Avi Kivity <avi@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
sysbus_init_mmio_cb() uses the destructive IO_MEM_UNASSIGNED to remove a
region. Provide an alternative that calls an unmap callback, so the removal
may be done non-destructively.
Signed-off-by: Avi Kivity <avi@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
Clumsy due to the lack of clipping support, needed for
changing exposed ram size.
Signed-off-by: Avi Kivity <avi@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
Somewhat clumsy since it needs a variable sized region.
Signed-off-by: Avi Kivity <avi@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
Improvements to the libtool support in QEMU. Replace hard coded
libtool in the infrastructure with $(LIBTOOL) and allow
overriding the libtool binary used via the configure
script.
Reviewed-by: Andreas F=E4rber <andreas.faerber@web.de>
Signed-off-by: Brad Smith <brad@comstyle.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
SetFilePointer returns INVALID_SET_FILE_POINTER when it fails.
In addition, GetLastError must be checked.
The first call of SetFilePointer did not use INVALID_SET_FILE_POINTER,
the second call used wrong error handling.
Signed-off-by: Stefan Weil <weil@mail.berlios.de>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
Without this change, when using -Wl,--as-needed with GNU linker, the
libraries would be discarded.
Signed-off-by: Diego Elio Pettenò <flameeyes@flameeyes.eu>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
Some guests will use the standard MII status register
to verify link state. They will not notice link changes
unless this register is updated.
Verified with Linux 3.0 and Windows XP guests.
Without this patch, ethtool will report speed and duplex as
unknown when the link is down, but still report the link as
up. This is because the Linux e1000 driver checks the
mac_reg[STATUS] register link state before it checks speed
and duplex, but uses the phy_reg[PHY_STATUS] register for
the actual link state check. Fix by updating both registers
on link state changes.
Linux guest before:
(qemu) set_link e1000.0 off
kvm-sid:~# ethtool eth0
Settings for eth0:
Supported ports: [ TP ]
Supported link modes: 10baseT/Half 10baseT/Full
100baseT/Half 100baseT/Full
1000baseT/Full
Supports auto-negotiation: Yes
Advertised link modes: 10baseT/Half 10baseT/Full
100baseT/Half 100baseT/Full
1000baseT/Full
Advertised pause frame use: No
Advertised auto-negotiation: Yes
Speed: Unknown!
Duplex: Unknown! (255)
Port: Twisted Pair
PHYAD: 0
Transceiver: internal
Auto-negotiation: on
MDI-X: Unknown
Supports Wake-on: umbg
Wake-on: d
Current message level: 0x00000007 (7)
drv probe link
Link detected: yes
(qemu) set_link e1000.0 on
Linux guest after:
(qemu) set_link e1000.0 off
[ 63.384221] e1000: eth0 NIC Link is Down
kvm-sid:~# ethtool eth0
Settings for eth0:
Supported ports: [ TP ]
Supported link modes: 10baseT/Half 10baseT/Full
100baseT/Half 100baseT/Full
1000baseT/Full
Supports auto-negotiation: Yes
Advertised link modes: 10baseT/Half 10baseT/Full
100baseT/Half 100baseT/Full
1000baseT/Full
Advertised pause frame use: No
Advertised auto-negotiation: Yes
Speed: Unknown!
Duplex: Unknown! (255)
Port: Twisted Pair
PHYAD: 0
Transceiver: internal
Auto-negotiation: on
MDI-X: Unknown
Supports Wake-on: umbg
Wake-on: d
Current message level: 0x00000007 (7)
drv probe link
Link detected: no
(qemu) set_link e1000.0 on
[ 84.304582] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: RX
Signed-off-by: Bjørn Mork <bjorn@mork.no>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
This patch tries to cull any uneeded library dependencies from the guest
agent to improve portability across various distros. We do so by being
as explicit as possible about in-tree dependencies rather than relying
on existing *-obj-y targets, and by manually setting LIBS for the
qemu-ga target to avoid pulling in LIBS_TOOLS libraries discovered by
configure.
Signed-off-by: Michael Roth <mdroth@linux.vnet.ibm.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
The memory API supports cracking wide accesses into narrower ones
when needed; but this was no implemented for the pio address space,
causing lsi53c895a's IO BAR to malfunction.
Fix by correctly cracking wide accesses when needed.
Signed-off-by: Avi Kivity <avi@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
The memory API automatically cracks large reads and writes into smaller
ones when needed. Factor out this mechanism, which is now duplicated between
memory reads and memory writes, into a function.
Signed-off-by: Avi Kivity <avi@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
This is the same fix that was recently applied to info mem. Before
this change, info tlb output looked like:
ffffffffffffc000: 000000000fffc000 --------W
ffffffffffffd000: 000000000fffd000 --------W
ffffffffffffe000: 000000000fffe000 --------W
fffffffffffff000: 000000000ffff000 --------W
With this change, it looks like
00000000ffffc000: 000000000fffc000 --------W
00000000ffffd000: 000000000fffd000 --------W
00000000ffffe000: 000000000fffe000 --------W
00000000fffff000: 000000000ffff000 --------W
Signed-off-by: Austin Clements <amdragon@mit.edu>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
By always defining these symbols, we can eliminate a lot of ifdefs.
To allow this to be checked reliably, the semantics of the
TCG_TARGET_HAS_* macros must be changed from def/undef to true/false.
This allows even more ifdefs to be removed, converting them into
C if statements.
Signed-off-by: Richard Henderson <rth@twiddle.net>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
This allows the simplification of the op_bits function from
tcg/optimize.c.
Signed-off-by: Richard Henderson <rth@twiddle.net>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
OpenBSD / FreeBSD and some other OS's require the use of
cc -pthread to link threaded programs so have QEMU's
configure script check for the presence of the flag
and use it if so.
Signed-off-by: Brad Smith <brad@comstyle.com>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
Previously, "info mem" considered and displayed only the last-level
protection bits for a memory range, which doesn't accurrately
represent the protection of that range. Now it shows the combined
protection.
Signed-off-by: Austin Clements <amdragon@mit.edu>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
"info mem" groups its output into contiguous ranges with identical
protection bits, but previously forgot to print the last range.
Signed-off-by: Austin Clements <amdragon@mit.edu>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
Previously, on 32-bit i386, info mem used signed 32-bit int's to store
the page table indexes. As a result, address calculation was done in
32 bits and then incorrectly sign-extended to 64 bits, yielding output
like
ffffffffef000000-ffffffffef031000 0000000000031000 ur-
ffffffffef7bc000-ffffffffef7bd000 0000000000001000 urw
ffffffffef7bd000-ffffffffef7be000 0000000000001000 ur-
This makes these indexes unsigned, which yields correct output
00000000ef000000-00000000ef031000 0000000000031000 ur-
00000000ef7bc000-00000000ef7bd000 0000000000001000 urw
00000000ef7bd000-00000000ef7be000 0000000000001000 ur-
Signed-off-by: Austin Clements <amdragon@mit.edu>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
Commit 953ffe0f93
introduced FMT_pid which is wrong for w32 and w64 getpid():
those getpid() implementations always return an int value.
Signed-off-by: Stefan Weil <weil@mail.berlios.de>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
For mingw-w64, pid_t is _pid_t which is __int64,
so this platform needs its own definition of FMT_pid.
Reviewed-by: Andreas Färber <andreas.faerber@web.de>
Signed-off-by: Stefan Weil <weil@mail.berlios.de>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
tcg_gen_exit_tb takes a parameter of type tcg_target_long,
so the type casts of pointer to long should be replaced by
type casts of pointer to tcg_target_long.
These changes are needed for build environments where
sizeof(long) != sizeof(void *), especially for w64.
See 4b4a72e556 which fixed the
same issue for the other targets.
Cc: Alexander Graf <agraf@suse.de>
Cc: Guan Xuetao <gxt@mprc.pku.edu.cn>
Acked-by: Guan Xuetao<gxt@mprc.pku.edu.cn>
Acked-by: Alexander Graf <agraf@suse.de>
Signed-off-by: Stefan Weil <weil@mail.berlios.de>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
code_gen_alloc depends on it, and that is now called earlier via
configure_accelerator.
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Signed-off-by: Edgar E. Iglesias <edgar.iglesias@gmail.com>
The REG_PC constant used in opcode-cris.h can clash with a
similar define in system include files. In particular the
Ubuntu Lucid SPARC signal.h will define REG_PC, and since
qemu-common.h now includes signal.h this was causing compile
failures. Rename the constants to avoid this issue.
(NB that REG_SP is not actually used within QEMU.)
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Edgar E. Iglesias <edgar.iglesias@gmail.com>
Add support for the RCC2 register on Fury class devices.
Based on a patch by Vijay Kumar.
Signed-off-by: Engin AYDOGAN <engin@bzzzt.biz>
[Peter Maydell: fixed comment typos, minor cleanup of unreachable code]
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Convert the PL061 to VMState. We choose to widen the struct members
to uint32_t rather than the other two options of breaking migration
compatibility or using vmstate hacks to read/write a 32 bit value
into an 8 bit struct field.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
The Versatile Express, Realview EB, PBX A9 and PB A8 boards all
use a PL111 for their graphics, not a PL110. Now we model the
PL111, use it on these board models.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
On the Versatile PB, PL110 graphics adaptor only natively supports
5551 pixel format; an external mux swaps bits around to allow
RGB565 and BGR565, under the control of bits [1:0] in the SYS_CLCD
system register.
Implement these SYS_CLCD register bits, and use a gpio line to
feed them out of the system register model, across the versatilepb
board and into the pl110 so we can select the right format.
This is necessary as recent Linux versatile kernels default to
programming the CLCD and mux for 16 bit BGR rather than 16 bit RGB.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Model the PL111 CLCD controller. This is a minor variation
on the PL110; the major programmer visible differences are
support for hardware cursor (unimplemented) and two new
pixel formats.
Since syborg_fb.c borrows the pl11x pixel drawing routines,
we also update it to cope with the new slightly larger array
of function pointers.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Other scsi_target_reqops commands were careful about not using r->cmd.xfer
directly, and instead always cap it to a fixed length. This was not done
for REQUEST SENSE, and this patch fixes it.
Reported-by: Blue Swirl <blauwirbel@gmail.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
-mms-bitfields prevents that the bitfields in current IP header structs
are packed into a single byte as it is required. Fix this by using
uint8_t as backing type.
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Don't use req before it has been initialised in scsi_req_new().
This fixes a compile failure due to gcc complaining about this.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Acked-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
Fixes a build issue on RHEL5, and potentially other distros, where gcc
will generate an error due to us not writing a trailing "\n" when
generating *qmp-commands.h
Signed-off-by: Michael Roth <mdroth@linux.vnet.ibm.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
ROM/device regions act as mapped RAM for reads, can I/O memory for
writes. This allow emulation of flash devices.
Signed-off-by: Avi Kivity <avi@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
This patch fixes build when any of the include paths from QEMU_CFLAGS
contains a header file with similar name to a header file in qemu
sources. I hit it with error.h included by qapi/qapi-types-core.h. GCC
decided to use /usr/include/alsa/error.h instead of qemu's error.h.
Tested-by: Michael Roth <mdroth@linux.vnet.ibm.com>
Signed-off-by: Jiri Denemark <jdenemar@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
guest_agent is not supported for mingw32, so the default value
should be 'no', not 'yes'.
This removes the dependencies to glib-2.0 and python which
makes native and cross builds for w32 much easier (no need
to get and install these extra packages).
It also avoids the problems caused by different bitfield alignment
which is required by glib-2.0.
It is still possible to set guest_agent=yes via configure option.
Signed-off-by: Stefan Weil <weil@mail.berlios.de>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
Can be useful when debugging the device scan phase.
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
Unit attention conditions override any sense data the device already
has. Their signaling and clearing is handled entirely by the SCSIBus
code, and they are completely transparent to the SCSIDevices.
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
Also introduce the first occurrence of "independent" SCSIReqOps,
to handle invalid commands in common code.
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
This will let SCSIBus detect requests sent to an invalid LUN, and
handle them itself. However, there will be still support for only one
LUN per target
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
This struct is currently unnamed. Give it a name and use it
explicitly to decouple (some parts of) CDB parsing from
SCSIRequest.
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
Right now the CDB is not passed to the SCSIBus until scsi_req_enqueue.
Passing it to scsi_req_new will let scsi_req_new dispatch common requests
through different reqops.
Moving the memcpy to scsi_req_new is a hack that will go away as
soon as scsi_req_new will also take care of the parsing.
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
This will let allow requests to be dispatched through different callbacks,
either common or per-device.
This patch adjusts the API, the next one will move members to SCSIReqOps.
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
With this patch, sense data is stored in the generic data structures
for SCSI devices and requests. The SCSI layer takes care of storing
sense data in the SCSIDevice for the subsequent REQUEST SENSE command.
At the same time, get_sense is removed and scsi_req_get_sense can use
an entirely generic implementation.
Reviewed-by: Christoph Hellwig <hch@lst.de>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
A small improvement in the SCSI request API. Pass the status
at the time the request is completed, so that we can assert that
no request is completed twice. This would have detected the
problem fixed in the previous patch.
Reviewed-by: Christoph Hellwig <hch@lst.de>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
vscsi supports autosensing by providing sense data directly in the
response. When get_sense was added, the older state machine approach
that sent REQUEST SENSE commands separately was left in place. Remove
it, all existing SCSIDevices do support autosensing and the next patches
will make the support come for free from the SCSIBus.
Reviewed-by: Christoph Hellwig <hch@lst.de>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
In fact, if the HBA's transfer_data callback goes on with scsi_req_continue
the request will be completed successfully instead of showing a failure.
It can even cause a segmentation fault.
An easy way to trigger it is "eject -f cd" during installation (during media
test if the installer does something like that).
Reviewed-by: Christoph Hellwig <hch@lst.de>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
We've always listened on port 501 for vgabios panic messages. In the entire
time I've worked on QEMU, I've never actually seen a vgabios panic message :-)
If we change the semantics of this port a little bit, it makes it possible to
use it for more interesting use-cases. I chose this approach instead of adding
a new I/O port because it avoids having a guest visible change.
This change allows single-byte access to port 501 and also uses the value
written to construct an exit code.
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
If an attempt to create a qdev device on the default sysbus (by passing
NULL as the bus to qdev_create) fails, print a useful error message
rather than crashing trying to dereference a NULL pointer.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Markus Armbruster <armbru@redhat.com>
Signed-off-by: Stefan Hajnoczi <stefanha@linux.vnet.ibm.com>
commit 8e301472e324b6d6496d8b4ffc66863e99d7a505
user visible changes in seabios:
* ahci is enabled by default (and thus in this build).
* bootorder support for ahci.
* two-pass pci allocator (orders bars by size for better packing).
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Break is only noticable with newer spice-server library (0.8.2 release
or 0.9.0 and newer on master branch).
ioport_write's val was changed from uint32_t to uint64_t, this
broke two printfs. Use PRId64 instead of %d.
Signed-off-by: Alon Levy <alevy@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
same as 8927cfbba2, but for qxl_check_state, that was
triggered by qxl_pre_load (which calls qxl_hard_reset, which calls qxl_soft_reset),
and caused the migration target to crash.
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Remove the dummy USB device and use the HID code directly. Use the HID code
for the mouse support, too.
Signed-off-by: Michael Walle <michael@walle.cc>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Use new hid vmstate macro. Version stays the same, because there is no
reordering of the fields.
Signed-off-by: Michael Walle <michael@walle.cc>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Add VMSTATE macros to describe a HIDState. Based on usb-hid.c descriptions.
Signed-off-by: Michael Walle <michael@walle.cc>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Register the keyboard event handler in hid's init() instead of its reset()
function.
Signed-off-by: Michael Walle <michael@walle.cc>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
HID reorganziation broke the usb tablet in windows xp. The reason is
that xp activates idle before it starts polling, which creates a
chicken-and-egg issue: We don't call hid_pointer_poll because there are
no pending events. We don't get any events because the activation code
in hid_pointer_poll is never executed and thus all pointer events are
routed to the PS/2 mouse by qemu.
Fix this by creating a hid_pointer_activate function and call it from
usb-hid when the guest sets the idle state.
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
The Bare ETRAX FS board was a fictive machine that I used when
developing the CRIS system emulation. Since we support the
real AXIS-dev88 developer boards, there is no reason to
keep the fictive one around.
This commit also removes the double registration of the axis-dev88
board.
Signed-off-by: Edgar E. Iglesias <edgar.iglesias@gmail.com>
The conversion passed the wrong opaque pointer, causing a crash on first use.
Pass the correct opaque.
Signed-off-by: Avi Kivity <avi@redhat.com>
Signed-off-by: Edgar E. Iglesias <edgar.iglesias@gmail.com>
I guess TRENAME 9p operation needs an update. The 9p op should
more similar renameat. Otherwise anything other than path cannot track
the fid.
Signed-off-by: Aneesh Kumar K.V <aneesh.kumar@linux.vnet.ibm.com>
Superceded by pci_register_bar_region(). The implementations
are folded together.
Reviewed-by: Richard Henderson <rth@twiddle.net>
Reviewed-by: Anthony Liguori <aliguori@us.ibm.com>
Signed-off-by: Avi Kivity <avi@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
The msix table is defined as a subregion, to allow for a BAR that
mixes device specific regions with the msix table.
Reviewed-by: Richard Henderson <rth@twiddle.net>
Reviewed-by: Anthony Liguori <aliguori@us.ibm.com>
Signed-off-by: Avi Kivity <avi@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
Since this device bypasses PCI and registers I/O ports directly with
the system bus, it needs further attention.
Reviewed-by: Richard Henderson <rth@twiddle.net>
Reviewed-by: Anthony Liguori <aliguori@us.ibm.com>
Signed-off-by: Avi Kivity <avi@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
An optimization that fast-pathed DMA reads from the SCRIPTS memory
was removed int the process. Likely it breaks with iommus anyway.
Reviewed-by: Richard Henderson <rth@twiddle.net>
Reviewed-by: Anthony Liguori <aliguori@us.ibm.com>
Signed-off-by: Avi Kivity <avi@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
Note: the existing code aliases the flash BAR into the MMIO bar. This is
probably a bug. This patch does not correct the problem.
Reviewed-by: Richard Henderson <rth@twiddle.net>
Reviewed-by: Anthony Liguori <aliguori@us.ibm.com>
Signed-off-by: Avi Kivity <avi@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
get_system_io() returns the root I/O memory region.
Reviewed-by: Richard Henderson <rth@twiddle.net>
Signed-off-by: Avi Kivity <avi@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
Make use of the memory API's ability to satisfy multi-byte accesses via
multiple single-byte accesses.
Reviewed-by: Richard Henderson <rth@twiddle.net>
Reviewed-by: Anthony Liguori <aliguori@us.ibm.com>
Signed-off-by: Avi Kivity <avi@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
Make use of the memory API's ability to satisfy multi-byte accesses via
multiple single-byte accesses.
We have to keep vga_mem_{read,write}b() since they're used by cirrus.
Reviewed-by: Richard Henderson <rth@twiddle.net>
Reviewed-by: Anthony Liguori <aliguori@us.ibm.com>
Signed-off-by: Avi Kivity <avi@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
Make use of the memory API's ability to satisfy multi-byte accesses via
multiple single-byte accesses.
Reviewed-by: Richard Henderson <rth@twiddle.net>
Reviewed-by: Anthony Liguori <aliguori@us.ibm.com>
Signed-off-by: Avi Kivity <avi@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
Make use of the memory API's ability to satisfy multi-byte accesses via
multiple single-byte accesses.
Reviewed-by: Richard Henderson <rth@twiddle.net>
Reviewed-by: Anthony Liguori <aliguori@us.ibm.com>
Signed-off-by: Avi Kivity <avi@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
Make use of the memory API's ability to satisfy multi-byte accesses via
multiple single-byte accesses.
Reviewed-by: Richard Henderson <rth@twiddle.net>
Signed-off-by: Avi Kivity <avi@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
Convert all vga memory to the memory API. Note we need to fall back to
get_system_memory(), since the various buses don't pass the vga window
as a memory region.
We no longer need to sync the dirty bitmap of the cirrus mapped memory
banks, since the memory API takes care of that for us.
[jan: fix vga-pci logging]
Reviewed-by: Richard Henderson <rth@twiddle.net>
Signed-off-by: Avi Kivity <avi@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
We're going to remove the callback, so we can't use it to save the
address. Use the pci API instead.
Reviewed-by: Richard Henderson <rth@twiddle.net>
Reviewed-by: Anthony Liguori <aliguori@us.ibm.com>
Signed-off-by: Avi Kivity <avi@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
Some (hacky) devices that have a back-channel to read this
address back outside the normal configuration mechanisms, such
as VMware svga.
Reviewed-by: Richard Henderson <rth@twiddle.net>
Signed-off-by: Avi Kivity <avi@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
This patch changes the top level handlers to coroutines and sets the base.
It will be followed up with series of patches to convert all filesystem
calls to threaded coroutines pushing all blocking clals in VirtFS out
of vcpu threads.
Signed-off-by: Venkateswararao Jujjuri "<jvrao@linux.vnet.ibm.com>
Signed-off-by: Aneesh Kumar K.V <aneesh.kumar@linux.vnet.ibm.com>
Commit 1fc7bd4a86 removed the gthread and
gio dependency since qemu-ga did not require it. Coroutines require
gthread, so add it back in.
Signed-off-by: Stefan Hajnoczi <stefanha@linux.vnet.ibm.com>
Fix network interface tap backend work on NetBSD.
It uses an ioctl to get the tap name.
Signed-off-by: Christoph Egger<Christoph.Egger@amd.com>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
cppcheck report:
darwin-user/signal.c:322: style: Unused variable: i
darwin-user/signal.c:322: style:
Variable 'err' is assigned a value that is never used
Signed-off-by: Stefan Weil <weil@mail.berlios.de>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
Copy propagation introduced in 22613af4a6
considered only global registers. However, register temps and stack
allocated locals must be handled differently because register temps
don't survive across brcond.
Fix by propagating only within same class of temps.
Tested-by: Stefan Weil <weil@mail.berlios.de>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
Parameter is_softmmu (and its evil mutant twin brother is_softmuu)
is not used in cpu_*_handle_mmu_fault() functions, remove them
and adjust callers.
Acked-by: Richard Henderson <rth@twiddle.net>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
Check whether dc->npc is dynamic before using its value for branch.
Signed-off-by: Artyom Tarasenko <atar4qemu@gmail.com>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
When overriding a tool name via a shell variable, don't
tack on the cross-prefix. This specifically allows the
pkg-config command to be overridden and work where it
does not exist in some cross build environments.
Signed-off-by: Stuart Yoder <stuart.yoder@freescale.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
If migration failed in migrate_fd_put_buffer, the monitor may have been
resumed not only in the error path of that function but also once again
in migrate_fd_put_ready which is called unconditionally by
migrate_fd_connect.
Fix this by establishing a cleaner policy: the monitor shall be resumed
when the migration file is closed, either via callback
(migrate_fd_close) or in migrate_fd_cleanup if no file is open (i.e. no
callback invoked).
Reported-By: Michael Tokarev <mjt@tls.msk.ru>
Tested-By: Michael Tokarev <mjt@tls.msk.ru>
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
qbus_reset_all_fn was registered twice, so a lot of device reset
functions were also called twice when QEMU started.
Which was introduced by 80376c3fc2
This patch fixes it by making the main_system_bus creation not register
reset handler.
Cc: Stefan Weil <weil@mail.berlios.de>
Signed-off-by: Isaku Yamahata <yamahata@valinux.co.jp>
Tested-by: Stefan Weil <weil@mail.berlios.de>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
Do not allocate TCG-only resources like the translation buffer when
running over KVM or XEN. Saves a "few" bytes in the qemu address space
and is also conceptually cleaner.
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
When trying to map an alias of a ram region, where the alias starts at
address A and we map it into address B, and A > B, we had an arithmetic
underflow. Because we use unsigned arithmetic, the underflow converted
into a large number which failed addrrange_intersects() tests.
The concrete example which triggered this was cirrus vga mapping
the framebuffer at offsets 0xc0000-0xc7fff (relative to the start of
the framebuffer) into offsets 0xa0000 (relative to system addres space
start).
With our favorite analogy of a windowing system, this is equivalent to
dragging a subwindow off the left edge of the screen, and failing to clip
it into its parent window which is on screen.
Fix by switching to signed arithmetic.
Signed-off-by: Richard Henderson <rth@twiddle.net>
Signed-off-by: Avi Kivity <avi@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
When a range is being unmapped, ask accelerators (e.g. kvm) to synchronize the
dirty bitmap to avoid losing information forever.
Fixes grub2 screen update.
Signed-off-by: Avi Kivity <avi@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
Replace width/height globals with the identical values from real_screen,
refactor the function according to our coding style.
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
Allow to enlarge or shrink the screen via CTRL-ALT-+/-. In contrast to
scaling the window, these controls always preserve the aspect ratio of
the current console.
CC: Stefano Stabellini <stefano.stabellini@eu.citrix.com>
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
Not grabbing the input means that special keys like ALT+TAB are still
handled by the host. Improve the usability by grabbing input once the
mouse is inside the guest screen, provided the SDL window has the input
focus. Release it again when the mouse is moved to any border. Also grab
the input when we gain the input focus and the mouse is within the
screen limits.
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
Restore the cursor when switching from graphic to text console while the
mouse is in absolute mode. Disable it again when returning.
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
It's confusing to suddenly find two mice in full screen mode when
switching consoles or accidentally hitting the grab hot keys.
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
There were some preexisting bits that released the input when switching
to text console. This patch spreads this logic consistently and also
avoids grabbing the input while a text console is active.
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
This ensures that we actually enter full screen on startup when e.g.
'-vga none -full-screen' was specified.
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
There must be no difference between initial -full-screen and switching
to this mode via the hot key.
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
When switching to full screen mode from a scaled window, we need to
resize to DisplayState's dimension, not the scaled "real" screen size.
Moreover, scaling mode may have manipulated the bpp. So we need to
restore it from the DisplayState as well.
CC: Stefano Stabellini <stefano.stabellini@eu.citrix.com>
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
Just like the monitor does, we need to clear no_shutdown before calling
qemu_system_shutdown_request on quit requests. Otherwise, QEMU just
stops the VM.
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
When compiling with gcc 4.6, some code in fw_cfg.c complains that fop_ret
is assigned but not used (which is true). However, it looks like the
meaningless assignments to fop_ret were done to suppress other gcc warnings
due to the fact that fread() is labelled as warn_unused_result in glibc.
This patch avoids both errors, by actually checking the fread() result code
and dropping out with an error message if it fails.
Reviewed-by: Stefan Hajnoczi <stefanha@linux.vnet.ibm.com>
Tested-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
Make use of the KVM_TSC_CONTROL feature if available.
Signed-off-by: Joerg Roedel <joerg.roedel@amd.com>
Signed-off-by: Marcelo Tosatti <mtosatti@redhat.com>
To let the user configure the desired tsc frequency for the
guest if running in KVM.
Signed-off-by: Joerg Roedel <joerg.roedel@amd.com>
Signed-off-by: Marcelo Tosatti <mtosatti@redhat.com>
This function does the same as the strtosz_suffix function
except that it allows to specify the unit to which the
k/M/B/T suffixes apply. This function will be used later to
parse the tsc-frequency from the command-line.
Signed-off-by: Joerg Roedel <joerg.roedel@amd.com>
Signed-off-by: Marcelo Tosatti <mtosatti@redhat.com>
When loading an internal snapshot whose L1 table is smaller than the current L1
table, the size of the current L1 would be shrunk to the snapshot's L1 size in
memory, but not on disk. This lead to incorrect refcount updates and eventuelly
to image corruption.
Instead of writing the new L1 size to disk, this simply retains the bigger L1
size that is currently in use and makes sure that the unused part is zeroed.
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Tested-by: Philipp Hahn <hahn@univention.de>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
The expiration timeout must only affect packets that are queued due to
pending ARP resolutions. The old version broke ping e.g.
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
No need to update the current time for each packet we send from the
queue. Processing time is comparably short.
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Should be uint32_t for IPv4, not int. Also avoid in_addr_t without
proper includes. Fixes build regression on mingw32.
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
QAPI will require glib/python, but for now the guest agent is the only
user. For now, make these dependencies an explicit guest agent one, and
give users the option to disable it if need be.
Once QAPI is adopted in core QEMU code, we would basically revert this
patch.
Signed-off-by: Michael Roth <mdroth@linux.vnet.ibm.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
The system emulation code was not merged before the branch.
Let's leave that work for the next release.
Signed-off-by: Richard Henderson <rth@twiddle.net>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
Migrating after unplugging a virtio-balloon device resulted in an error
message on the destination:
Unknown savevm section or instance '0000:00:04.0/virtio-balloon' 0
load of migration failed
Fix this by unregistering the section on device unplug.
Signed-off-by: Amit Shah <amit.shah@redhat.com>
Reviewed-by: Markus Armbruster <armbru@redhat.com>
Acked-by: Michael S. Tsirkin <mst@redhat.com>
Add an exit handler that will free up RAM after a virtio-balloon device
is unplugged.
Signed-off-by: Amit Shah <amit.shah@redhat.com>
Reviewed-by: Markus Armbruster <armbru@redhat.com>
Acked-by: Michael S. Tsirkin <mst@redhat.com>
Negative balloon values don't make sense, reject them and throw a qerror
with QERR_INVALID_PARAMETER_VALUE.
Reported-by: Mike Cao <bcao@redhat.com>
Signed-off-by: Amit Shah <amit.shah@redhat.com>
Reviewed-by: Markus Armbruster <armbru@redhat.com>
Acked-by: Michael S. Tsirkin <mst@redhat.com>
Multiple balloon registrations are not allowed; check if the
registration with the qemu balloon api succeeded. If not, fail the
device init.
Signed-off-by: Amit Shah <amit.shah@redhat.com>
Reviewed-by: Markus Armbruster <armbru@redhat.com>
Acked-by: Michael S. Tsirkin <mst@redhat.com>
Multiple balloon devices don't make sense; disallow more than one
registration attempt to register handlers.
Signed-off-by: Amit Shah <amit.shah@redhat.com>
Reviewed-by: Markus Armbruster <armbru@redhat.com>
Acked-by: Michael S. Tsirkin <mst@redhat.com>
Passing on '0' as ballooning target to indicate retrieval of stats is
bad API. It also makes 'balloon 0' in the monitor cause a segfault.
Have two different functions handle the different functionality instead.
Detailed explanation from Markus's review:
1. do_info_balloon() is an info_async() method. It receives a callback
with argument, to be called exactly once (callback frees the
argument). It passes the callback via qemu_balloon_status() and
indirectly through qemu_balloon_event to virtio_balloon_to_target().
virtio_balloon_to_target() executes its balloon stats half. It
stores the callback in the device state.
If it can't send a stats request, it resets stats and calls the
callback right away.
Else, it sends a stats request. The device model runs the callback
when it receives the answer.
Works.
2. do_balloon() is a cmd_async() method. It receives a callback with
argument, to be called when the command completes. do_balloon()
calls it right before it succeeds. Odd, but should work.
Nevertheless, it passes the callback on via qemu_ballon() and
indirectly through qemu_balloon_event to virtio_balloon_to_target().
a. If the argument is non-zero, virtio_balloon_to_target() executes
its balloon half, which doesn't use the callback in any way.
Odd, but works.
b. If the argument is zero, virtio_balloon_to_target() executes its
balloon stats half, just like in 1. It either calls the callback
right away, or arranges for it to be called later.
Thus, the callback runs twice: use after free and double free.
Test case: start with -S -device virtio-balloon, execute "balloon 0" in
human monitor. Runs the callback first from virtio_balloon_to_target(),
then again from do_balloon().
Reported-by: Mike Cao <bcao@redhat.com>
Signed-off-by: Amit Shah <amit.shah@redhat.com>
Reviewed-by: Markus Armbruster <armbru@redhat.com>
Separate out the code to retrieve balloon info from the code that sets
balloon values.
This will be used to separate the two callbacks from balloon.c and help
cope with 'balloon 0' on the monitor. Currently, 'balloon 0' causes a
segfault in monitor_resume().
Signed-off-by: Amit Shah <amit.shah@redhat.com>
Reviewed-by: Markus Armbruster <armbru@redhat.com>
Replace:
if (foo) {
...
} else {
return 0;
}
by
if (!foo) {
return 0;
}
...
Signed-off-by: Amit Shah <amit.shah@redhat.com>
Reviewed-by: Markus Armbruster <armbru@redhat.com>
balloon.h had function declarations for a couple of functions that are
local to balloon.c. Make them static.
Drop the 'qemu_' prefix for balloon.c-local variables, and make them
static.
Signed-off-by: Amit Shah <amit.shah@redhat.com>
Reviewed-by: Markus Armbruster <armbru@redhat.com>
Almost pure code motion. Unstatic hid interface functions and add
them to the header file. Some renames. Some code style cleanups.
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Add hid_has_events function, use it to figure whenever there are pending
events instead of checking and updating USBHIDState->changed.
Setting ->changed to 1 on init is removed, that should have absolutely
no effect as the initial state of ->idle is 0 so we report hid state
anyway until the guest configures some idle time. Also should clear
->idle on reset.
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Add callback for event notification, which allows to un-usbify more
functions. Also split separate hid_* functions for reset and release.
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
First step in separating out the HID emulation code from usb-hid, so it
can be reused without creating a dummy usb device like bluetooth does.
This creates a HIDState struct, moves the non-usbish fields from
USBHIDStruct there. Renames non-usbish structs, defines and functions
from usb* to hid*. Adapts the code to that.
Also cleans up a bunch of code style issues along the way.
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Map guest memory and pass on a direct pointer instead of copying
the bits to a indirect buffer. EHCI transfer descriptors can
reference multiple (physical guest) pages so we'll actually start
seeing usb packets wich carry iovec with more than one element.
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Add full support for iovecs to usb-host. The code can split large
transfers into smaller ones already, we are using this to also split
requests at iovec borders.
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Zap data pointer from USBPacket, add a QEMUIOVector instead.
Add a bunch of helper functions to manage USBPacket data.
Switch over users to the new interface.
Note that USBPacket->len was used for two purposes: First to
pass in the buffer size and second to return the number of
transfered bytes or the status code on async transfers. There
is a new result variable for the latter. A new status code
was added to catch uninitialized result.
Nobody creates iovecs with more than one element (yet).
Some users are (temporarely) limited to iovecs with a single
element to keep the patch size as small as possible.
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Move the QEMUSGList typedef to qemu-common so it can easily be used.
The actual struct definition stays in dma.h.
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
A bunch of code was disabled via #if 0, for a quite long time (since
Sept 2009). Surprisingly the code builds just fine when they are
removed (tested on OpenBSD). /me wonders nevertheless whenever there
are any users of those bits when this went unnoticed for almost two
years ...
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
If we're already in a coroutine, there is no reason to use the synchronous
version of block layer functions when a coroutine one exists. This makes
bdrv_read/write/flush use bdrv_co_* when used inside a coroutine.
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
The QEMU keyboard and mouse reports themselves as full speed devices,
though they are actually low speed devices. Until this is fixed, claim that
we are supporting full speed devices.
Acked-by: Gerd Hoffmann <kraxel@redhat.com>
Signed-off-by: Michael Walle <michael@walle.cc>
Signed-off-by: Edgar E. Iglesias <edgar.iglesias@gmail.com>
The 'to' can go negative when the first region gets removed
(it gets incremented by to 0 immediately afterward), which
makes the assertion fail. Nothing breaks if
to < 0 here so just remove the assert.
Tested-by: David Ahern <daahern@cisco.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
In the current implementation, if Slirp tries to send an IP packet to a client
with an unknown hardware address, the packet is simply dropped and an ARP
request is sent (if_encap in slirp/slirp.c).
With this patch, Slirp will send the ARP request, re-queue the packet and try
to send it later. The packet is dropped after one second if the ARP reply is
not received.
Signed-off-by: Fabien Chouteau <chouteau@adacore.com>
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
This patch adds a simple ARP table in Slirp and also adds handling of
gratuitous ARP requests.
Signed-off-by: Fabien Chouteau <chouteau@adacore.com>
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Distclean should remove anything created by the configure script.
Signed-off-by: Alexandre Raymond <cerbere@gmail.com>
Signed-off-by: Stefan Hajnoczi <stefanha@linux.vnet.ibm.com>
Fix configure display for non-Linux OS's and the KVM /
vhost-net features to show "no" output instead of nothing
at the end of the line.
Signed-off-by: Brad Smith <brad@comstyle.com>
Acked-by: Jan Kiszka <jan.kiszka@siemens.com>
Signed-off-by: Stefan Hajnoczi <stefanha@linux.vnet.ibm.com>
Inform guest drivers about the new features I/O commands we have
now (async commands, S3 support) if building with newer spice, i.e.
if SPICE_INTERFACE_QXL_MINOR >= 1.
sneaked in some 81+ column line spliting.
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Signed-off-by: Alon Levy <alevy@redhat.com>
Add two new IOs.
QXL_IO_FLUSH_SURFACES - equivalent to update area for all surfaces, used
to reduce vmexits from NumSurfaces to 1 on guest S3, S4 and resolution change (windows
driver implementation is such that this is done on each of those occasions).
QXL_IO_FLUSH_RELEASE - used to ensure anything on last_release is put on the release ring
for the client to free.
Signed-off-by: Yonit Halperin <yhalperi@redhat.com>
Signed-off-by: Alon Levy <alevy@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Some of the QXL port i/o commands are waiting for the spice server to
complete certain actions. Add async versions for these commands, so we
don't block the vcpu while the spice server processses the command.
Instead the qxl device will raise an IRQ when done.
The async command processing relies on an added QXLInterface::async_complete
and added QXLWorker::*_async additions, in spice server qxl >= 3.1
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Signed-off-by: Alon Levy <alevy@redhat.com>
In order to be able to transparently replace bdrv_read calls by bdrv_co_read,
reading beyond EOF must produce zeros instead of short reads for AIO, too.
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Now that AsyncContexts don't exist any more, we can use one global bottom half
for restarting coroutines instead of allocating a new one every time (before
removing AsyncContexts, the problem with having a global BH was that it had to
belong to a single AsyncContexts and wouldn't be executed in a different one -
which leads to deadlocks)
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
The purpose of AsyncContexts was to protect qcow and qcow2 against reentrancy
during an emulated bdrv_read/write (which includes a qemu_aio_wait() call and
can run AIO callbacks of different requests if it weren't for AsyncContexts).
Now both qcow and qcow2 are protected by CoMutexes and AsyncContexts can be
removed.
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
The old qcow format is another user of the AsyncContext infrastructure.
Converting it to coroutines (and therefore CoMutexes) allows to remove
AsyncContexts.
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
In order to be able to call bdrv_co_readv/writev for drivers that don't
implement the functions natively, add an emulation that uses the AIO functions
to implement them.
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Use the bdrv_co_readv/writev callbacks to implement bdrv_aio_readv/writev and
bdrv_read/write if a driver provides the coroutine version instead of the
synchronous or AIO version.
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Add new block driver callbacks bdrv_co_readv/writev, which work on a
QEMUIOVector like bdrv_aio_*, but don't need a callback. The function may only
be called inside a coroutine, so a block driver implementing this interface can
yield instead of blocking during I/O.
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Add a microbenchmark for coroutine create, enter, and return (aka
lifecycle). This is a useful benchmark because users are expected to
create many coroutines, one per I/O request for example, and we
therefore need to provide good performance in that scenario.
To run:
make test-coroutine
./test-coroutine --benchmark-lifecycle 20000000
This will do 20,000,000 coroutine create, enter, return iterations and
print the resulting time.
Signed-off-by: Stefan Hajnoczi <stefanha@linux.vnet.ibm.com>
To run automated tests for coroutines:
make test-coroutine
./test-coroutine
On success the program terminates with exit status 0. On failure an
error message is written to stderr and the program exits with exit
status 1.
Signed-off-by: Stefan Hajnoczi <stefanha@linux.vnet.ibm.com>
Commit b14ef7c9ab
introduced cpu_unassigned_access() function. On Sparc,
the function does not restore AREG0 used for global CPUState
on function exit, causing bugs with non-faulting unassigned
memory accesses. Alpha, Microblaze and MIPS are not affected.
Fix by restoring AREG0 on exit. Remove excess saving by
do_unassigned_access() functions.
Also ignore unassigned accesses outside of CPU context.
Reported-by: Bob Breuer <breuerr@mc.net>
Tested-by: Bob Breuer <breuerr@mc.net>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
Since the driver is still in operation even after moving to UNDEFINED, i.e.
by destroying primary in any way.
Signed-off-by: Alon Levy <alevy@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Add qxl_guest_bug() function which is supposed to be called in case
sanity checks of guest requests fail. It raises an error IRQ and
logs a message in case guest debugging is enabled.
Make PANIC_ON() abort instead of exit. That macro should be used
for qemu bugs only, any guest-triggerable stuff should use the new
qxl_guest_bug() function instead.
Convert a few easy cases from PANIC_ON() to qxl_guest_bug() to
show intended usage.
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Surface tracking needs proper locking since it is used from vcpu and spice
worker threads, add it. Also reset the surface counter when zapping all
surfaces.
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Move the wrapper functions which are used by qxl only to qxl.c.
Rename them from qemu_spice_* to qxl_spice_*. Also pass in a
qxl state pointer instead of a SimpleSpiceDisplay pointer.
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Factor out SimpleSpiceDisplay initialization into
qemu_spice_display_init_common() and call it from
both qxl.c (for vga mode) and spice-display.c
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
On platforms that don't support makecontext(3) use gthread based
coroutine implementation.
Darwin has makecontext(3) but getcontext(3) is stubbed out to return
ENOTSUP. Andreas Färber <andreas.faerber@web.de> debugged this and
contributed the ./configure test which solves the issue for Darwin/ppc64
(and ppc) v10.5.
[Original patch by Aneesh, made consistent with coroutine-ucontext.c and
switched to GStaticPrivate by Stefan. Tested on Linux and OpenBSD.]
Signed-off-by: Aneesh Kumar K.V <aneesh.kumar@linux.vnet.ibm.com>
Signed-off-by: Stefan Hajnoczi <stefanha@linux.vnet.ibm.com>
Asynchronous code is becoming very complex. At the same time
synchronous code is growing because it is convenient to write.
Sometimes duplicate code paths are even added, one synchronous and the
other asynchronous. This patch introduces coroutines which allow code
that looks synchronous but is asynchronous under the covers.
A coroutine has its own stack and is therefore able to preserve state
across blocking operations, which traditionally require callback
functions and manual marshalling of parameters.
Creating and starting a coroutine is easy:
coroutine = qemu_coroutine_create(my_coroutine);
qemu_coroutine_enter(coroutine, my_data);
The coroutine then executes until it returns or yields:
void coroutine_fn my_coroutine(void *opaque) {
MyData *my_data = opaque;
/* do some work */
qemu_coroutine_yield();
/* do some more work */
}
Yielding switches control back to the caller of qemu_coroutine_enter().
This is typically used to switch back to the main thread's event loop
after issuing an asynchronous I/O request. The request callback will
then invoke qemu_coroutine_enter() once more to switch back to the
coroutine.
Note that if coroutines are used only from threads which hold the global
mutex they will never execute concurrently. This makes programming with
coroutines easier than with threads. Race conditions cannot occur since
only one coroutine may be active at any time. Other coroutines can only
run across yield.
This coroutines implementation is based on the gtk-vnc implementation
written by Anthony Liguori <anthony@codemonkey.ws> but it has been
significantly rewritten by Kevin Wolf <kwolf@redhat.com> to use
setjmp()/longjmp() instead of the more expensive swapcontext() and by
Paolo Bonzini <pbonzini@redhat.com> for Windows Fibers support.
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Signed-off-by: Stefan Hajnoczi <stefanha@linux.vnet.ibm.com>
Instead of using its own definitions scsi-disk should
be using the device type of the parent device.
Signed-off-by: Hannes Reinecke <hare@suse.de>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
SET_WINDOW command is vendor-specific only.
So we shouldn't try to emulate it.
Signed-off-by: Hannes Reinecke <hare@suse.de>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
VHD files technically can be up to 2Tb, but virtual pc is limited
to 127G. Currently qemu-img refused to create vpc files > 127G,
but it is failing to return error when converting from a non-vpc
VHD file which is >127G. It returns success, but creates a truncated
converted image. Also, qemu-img info claims the vpc file is 127G
(and clean).
This patch detects a too-large vpc file and returns -EFBIG. Without
this patch,
=============================================================
root@ip-10-38-123-242:~/qemu-fixed# qemu-img info /mnt/140g-dynamic.vhd
image: /mnt/140g-dynamic.vhd
file format: vpc
virtual size: 127G (136899993600 bytes)
disk size: 284K
root@ip-10-38-123-242:~/qemu-fixed# qemu-img convert -f vpc -O raw /mnt/140g-dynamic.vhd /mnt/y
root@ip-10-38-123-242:~/qemu-fixed# echo $?
0
root@ip-10-38-123-242:~/qemu-fixed# qemu-img info /mnt/y
image: /mnt/y
file format: raw
virtual size: 127G (136899993600 bytes)
disk size: 0
=============================================================
(The 140G image was truncated with no warning or error.)
With the patch, I get:
=============================================================
root@ip-10-38-123-242:~/qemu-fixed# ./qemu-img info /mnt/140g-dynamic.vhd
qemu-img: Could not open '/mnt/140g-dynamic.vhd': File too large
root@ip-10-38-123-242:~/qemu-fixed# ./qemu-img convert -f vpc -O raw /mnt/140g-dynamic.vhd /mnt/y
qemu-img: Could not open '/mnt/140g-dynamic.vhd': File too large
qemu-img: Could not open '/mnt/140g-dynamic.vhd'
=============================================================
See https://bugs.launchpad.net/qemu/+bug/814222 for details.
Signed-off-by: Serge Hallyn <serge.hallyn@canonical.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Commit aea2a33c made bdrv_eject() obey the locked flag. Correct for
medium eject (eject_flag set), incorrect for medium load (eject_flag
clear). See MMC-5 Table 341 "Actions for Lock/Unlock/Eject".
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Callees always return 0, except for FreeBSD's cdrom_eject(), which
returns -ENOTSUP when the device is in a terminally wedged state.
The only caller is bdrv_eject(), and it maps -ENOTSUP to 0 since
commit 4be9762a.
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
The only caller is bdrv_set_locked(), and it ignores the value.
Callees always return 0, except for FreeBSD's cdrom_set_locked(),
which returns -ENOTSUP when the device is in a terminally wedged
state.
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
It's been disabled since the start (commit 19cb3738, Aug 2006), and
has been untouched except for spelling fixes and such. I don't feel
like dragging it along any further.
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
BlockDriverState members change_cb and change_opaque are initially
null. The device model may set them, with bdrv_set_change_cb(). If
the device model gets detached (hot unplug), they're left dangling.
Only safe because device hot unplug automatically destroys the
BlockDriverState. But that's a questionable feature, best not to rely
on it.
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Ejecting hard disk platters can only end in tears.
If you need to revoke access to an image, use drive_del, not eject -f.
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Fix breakage by a640f03178
and 55c0975c5b.
Some TCG targets don't implement all TCG ops, so make
optimizing those conditional.
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
Perform constant folding for NOT and EXT{8,16,32}{S,U} operations.
Signed-off-by: Kirill Batuzov <batuzovk@ispras.ru>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
Perform actual constant folding for ADD, SUB and MUL operations.
Signed-off-by: Kirill Batuzov <batuzovk@ispras.ru>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
Make tcg_constant_folding do copy and constant propagation. It is a
preparational work before actual constant folding.
Signed-off-by: Kirill Batuzov <batuzovk@ispras.ru>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
Added file tcg/optimize.c to hold TCG optimizations. Function tcg_optimize
is called from tcg_gen_code_common. It calls other functions performing
specific optimizations. Stub for constant folding was added.
Signed-off-by: Kirill Batuzov <batuzovk@ispras.ru>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
Move softmmu_exec.h include directives from target-*/exec.h to
target-*/op_helper.c. Move also various other stuff only used in
op_helper.c there.
Define global env in dyngen-exec.h.
For i386, move wrappers for segment and FPU helpers from user-exec.c
to op_helper.c. Implement raise_exception_err_env() to handle dynamic
CPUState. Move the function declarations to cpu.h since they can be
used outside of op_helper.c context.
LM32, s390x, UniCore32: remove unused cpu_halted(), regs_to_env() and
env_to_regs().
ARM: make raise_exception() static.
Convert
#include "exec.h"
to
#include "cpu.h"
#include "dyngen-exec.h"
and remove now unused target-*/exec.h.
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
This patch almost rewrites acpi_table_add() function
(but still leaves it using old get_param_value() interface).
The result is that it's now possible to specify whole table
(together with a header) in an external file, instead of just
data portion, with a new file= parameter, but at the same time
it's still possible to specify header fields as before.
Now with the checkpatch.pl formatting fixes, thanks to
Stefan Hajnoczi for suggestions, with changes from
Isaku Yamahata, and with my further refinements.
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
Cc: Isaku Yamahata <yamahata@valinux.co.jp>
Cc: John Baboval <john.baboval@virtualcomputer.com>
Cc: Blue Swirl <blauwirbel@gmail.com>
[yamahata@valinux.co.jp: fix compile error, comment fallthrough]
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
Implement %fprs.DU/DL bits.
The FPU sets %fprs.DL and %fprs.DU when values are assigned to %f0-31
and %f32-63 respectively.
Signed-off-by: Tsuneo Saito <tsnsaito@gmail.com>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
Fix the problem that result values are not assigned to the destination
registers.
Signed-off-by: Tsuneo Saito <tsnsaito@gmail.com>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
This leads to random off-by-one error.
When the size of the SD is exactly 1GB, the emulation was returning a
wrong SDHC CSD descriptor.
Signed-off-by: Vincent Palatin <vpalatin@chromium.org>
Signed-off-by: Andrzej Zaborowski <andrew.zaborowski@intel.com>
The code which prints the debug usage message on '-d ?' for *-user
has to come before the check for "not enough arguments", so that
"qemu-foo -d ?" prints the list of possible debug log items rather than
the generic usage message. (This was inadvertently broken in commit
c235d73.)
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Andrzej Zaborowski <andrew.zaborowski@intel.com>
For unknown reasons, Windows drivers (tested with XP and Win7) ignore
usb-tablet events that move the pointer to 0/0. So always report 0/0 as
1/0.
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Signed-off-by: Andrzej Zaborowski <andrew.zaborowski@intel.com>
The program actions onenand_prog_main() and onenand_prog_spare()
can only set bits.
This implies a rewrite of onenand_erase() to not use the program
functions, since erase does need to set bits.
Signed-off-by: Juha Riihimäki <juha.riihimaki@nokia.com>
[Riku Voipio: Fixes and restructuring patchset]
Signed-off-by: Riku Voipio <riku.voipio@iki.fi>
[Peter Maydell: More fixes and cleanups for upstream submission]
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Andrzej Zaborowski <andrew.zaborowski@intel.com>
Handle the manufacturer, device and version IDs separately rather than
smooshing them all together into a single uint32_t. Note that the ID
registers are actually 16 bit, even though typically the top bits are 0
and the Read Identification Data command only returns the bottom 8 bits.
Signed-off-by: Juha Riihimäki <juha.riihimaki@nokia.com>
[Riku Voipio: Fixes and restructuring patchset]
Signed-off-by: Riku Voipio <riku.voipio@iki.fi>
[Peter Maydell: More fixes and cleanups for upstream submission]
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Andrzej Zaborowski <andrew.zaborowski@intel.com>
Pass the BlockDriverState to the onenand init function so it doesn't
need to look up the drive itself.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Andrzej Zaborowski <andrew.zaborowski@intel.com>
Writing to a NAND device cannot set bits, it can only clear them;
implement this rather than simply copying the data.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Andrzej Zaborowski <andrew.zaborowski@intel.com>
After receiving READ STATUS command all subsequent IO reads should return
the status register value until another command is issued.
Signed-off-by: Juha Riihimäki <juha.riihimaki@nokia.com>
[Riku Voipio: Fixes and restructuring patchset]
Signed-off-by: Riku Voipio <riku.voipio@iki.fi>
[Peter Maydell: More fixes and cleanups for upstream submission]
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Andrzej Zaborowski <andrew.zaborowski@intel.com>
Support NAND devices which are wider than 8 bits.
Signed-off-by: Juha Riihimäki <juha.riihimaki@nokia.com>
[Riku Voipio: Fixes and restructuring patchset]
Signed-off-by: Riku Voipio <riku.voipio@iki.fi>
[Peter Maydell: More fixes and cleanups for upstream submission]
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Andrzej Zaborowski <andrew.zaborowski@intel.com>
Add support for NAND devices of over 1Gb.
Signed-off-by: Juha Riihimäki <juha.riihimaki@nokia.com>
[Riku Voipio: Fixes and restructuring patchset]
Signed-off-by: Riku Voipio <riku.voipio@iki.fi>
[Peter Maydell: More fixes and cleanups for upstream submission]
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Andrzej Zaborowski <andrew.zaborowski@intel.com>
Pass the BlockDeviceState to the nand_init() function rather
than having it look it up via drive_get() itself.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Andrzej Zaborowski <andrew.zaborowski@intel.com>
Since lm832x has been qdev'ified, its users will generally
have a DeviceState pointer rather than an i2c_slave pointer,
so adjust lm832x_key_event's prototype to suit.
This allows the n810 (its only user) to actually pass a correct
pointer to it rather than NULL. The effect is that we no longer
segfault when a key is pressed.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Andrzej Zaborowski <andrew.zaborowski@intel.com>
Convert the OMAP GPIO module to qdev.
Signed-off-by: Juha Riihimäki <juha.riihimaki@nokia.com>
[Riku Voipio: Fixes and restructuring patchset]
Signed-off-by: Riku Voipio <riku.voipio@iki.fi>
[Peter Maydell: More fixes and cleanups for upstream submission]
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Andrzej Zaborowski <andrew.zaborowski@intel.com>
The OMAP2430 has a fifth GPIO module which earlier OMAP2 models lack; add
the clock definition for it.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Andrzej Zaborowski <andrew.zaborowski@intel.com>
Add helper function omap_l4_region_base() to return the base address
of a particular region of an L4 target agent.
Signed-off-by: Juha Riihimäki <juha.riihimaki@nokia.com>
[Riku Voipio: Fixes and restructuring patchset]
Signed-off-by: Riku Voipio <riku.voipio@iki.fi>
[Peter Maydell: More fixes and cleanups for upstream submission]
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Andrzej Zaborowski <andrew.zaborowski@intel.com>
This allows to specify -machine options without setting an explicit
machine type. We will pick the default machine in this case. Requesting
the list of available machines is still possible via '-machine ?' e.g.
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
It's already allowed by the example; there are about 1800 instances in the
tree; and disallowing it would lead to
if (a) {
...
} else {
if (b) {
...
} else {
if (c) {
...
} else {
if (d) {
...
} else {
...
}
}
}
}
instead of
if (a) {
...
} else if (b) {
...
} else if (c) {
...
} else if (d) {
...
} else {
...
}
which is more readable.
Acked-by: Blue Swirl <blauwirbel@gmail.com>
Signed-off-by: Avi Kivity <avi@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
This patch fixes a compilation error in xen-mapcache.c .
/home/stefanb/qemu/qemu-git/xen-mapcache.c: In function ‘xen_ram_addr_from_mapcache’:
/home/stefanb/qemu/qemu-git/xen-mapcache.c:240:42: error: variable ‘pentry’ set but not used [-Werror=unused-but-set-variable]
cc1: all warnings being treated as errors
Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
Multiboot images can specify a bss segment. The boot loader must clear
the memory of the bss and ensure that no modules or structures are
allocated inside it. Several fields are provided in the Multiboot
header that were previously not used properly. The header is now used
to determine how much data should be read from the image and how much
memory should be reserved to the bss segment.
Signed-off-by: Göran Weinholt <goran@weinholt.se>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
This is required for building libcacard which doesn't itself require
zlib without bringing in this requirement to the build environment.
Signed-off-by: Alon Levy <alevy@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
When writing the last sector of an SD card using WRITE_MULTIPLE_BLOCK
QEmu throws an error saying that we've run off the end, and leaves
itself in the wrong state.
Tested on ARM Vexpress model.
Signed-off-by: Dr. David Alan Gilbert <david.gilbert@linaro.org>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
This is just code movement, and moving the fpu/ include path from
target-dependent to target-independent Make variables.
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
Most definitions in softfloat.h are really target-independent, but the
file is not because it includes definitions of the default NaN values.
Change those to variables to allow including softfloat.h from files that
are not compiled per-target. By making them const, the compiler is
allowed to optimize them into softfloat functions that use them.
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
This is not a CPU interface, and a configure test would not be too
precise. So just add it to qemu-common.h.
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
Added options to let qemu transfer two configuration files to bios:
"bootsplash.bmp" and "etc/boot-menu-wait", which could be specified by command
-boot splash=P,splash-time=T
P is jpg/bmp file name or an absolute path, T have a max value of 0xffff, unit
is ms. With these two options, if user invoke qemu with menu=on option, then
a splash picture would be showed in a given time. For example:
qemu -boot menu=on,splash=/root/boot.bmp,splash-time=5000
would make boot.bmp shown as a brand with 5 seconds in the booting up process.
This feature need the new seabios's support, which could be got from git.
Signed-off-by: Wayne Xia <xiawenc@linux.vnet.ibm.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
Allow registering sysbus device memory using a MemoryRegion. Once all users
are converted, sysbus_init_mmio() and sysbus_init_mmio_cb() will be removed.
Reviewed-by: Anthony Liguori <aliguori@us.ibm.com>
Signed-off-by: Avi Kivity <avi@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
Allow registering a BAR using a MemoryRegion. Once all users are converted,
pci_register_bar() and pci_register_bar_simple() will be removed.
Reviewed-by: Anthony Liguori <aliguori@us.ibm.com>
Signed-off-by: Avi Kivity <avi@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
This is now done sloppily, via get_system_memory(). Eventually callers
will be converted to stop using that.
Reviewed-by: Anthony Liguori <aliguori@us.ibm.com>
Signed-off-by: Avi Kivity <avi@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
While eventually this should come from the machine initialization function,
take a short cut to avoid converting all machines now.
Reviewed-by: Anthony Liguori <aliguori@us.ibm.com>
Signed-off-by: Avi Kivity <avi@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
The I/O port space is byte addressable, even for word and long accesses.
An example is the VMware svga card, which has long ports on offsets 0,
1, and 2.
Reviewed-by: Anthony Liguori <aliguori@us.ibm.com>
Signed-off-by: Avi Kivity <avi@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
Allow changes to the memory hierarchy to be accumulated and
made visible all at once. This reduces computational effort,
especially when an accelerator (e.g. kvm) is involved.
Useful when a single register update causes multiple changes
to an address space.
Signed-off-by: Avi Kivity <avi@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
Instead of adding and deleting regions in one pass, do a delete
pass followed by an add pass. This fixes the following case:
from:
0x0000-0x0fff ram (a1)
0x1000-0x1fff mmio (a2)
0x2000-0x2fff ram (a3)
to:
0x0000-0x2fff ram (b1)
The single pass algorithm removed a1, added b2, then removed a2 and a3,
which caused the wrong memory map to be built. The two pass algorithm
removes a1, a2, and a3, then adds b1.
Signed-off-by: Avi Kivity <avi@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
As with the rest of the memory API, the caller associates an eventfd
with an address, and the memory API takes care of registering or
unregistering when the address is made visible or invisible to the
guest.
Signed-off-by: Avi Kivity <avi@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
Allow registering I/O ports via the same mechanism as mmio ranges.
Reviewed-by: Anthony Liguori <aliguori@us.ibm.com>
Signed-off-by: Avi Kivity <avi@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
For non-RAM memory regions, we cannot tell whether this is an I/O region
or an MMIO region. Since the qemu backing registration is different for
the two, we have to defer initialization until we know which address
space we are in.
These shenanigans will be removed once the backing registration is unified
with the memory API.
Signed-off-by: Avi Kivity <avi@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
I/O regions will not have ram_addrs, so this is a better name.
Reviewed-by: Anthony Liguori <aliguori@us.ibm.com>
Signed-off-by: Avi Kivity <avi@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
Prepare for multiple address space support by abstracting away the details
of registering a memory range with qemu's flat representation into an
AddressSpace object.
Note operations which are memory specific are not abstracted, since they will
never be called on I/O address spaces anyway.
Reviewed-by: Anthony Liguori <aliguori@us.ibm.com>
Signed-off-by: Avi Kivity <avi@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
get_system_memory() provides the root of the memory hierarchy.
This interface is intended to be private between memory.c and exec.c.
If this file is included elsewhere, it should be regarded as a bug (or
TODO item). However, it will be temporarily needed for the conversion
to hierarchical memory routing.
Reviewed-by: Anthony Liguori <aliguori@us.ibm.com>
Signed-off-by: Avi Kivity <avi@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
Simple implementations of memory routers, for example the Cirrus VGA memory banks
or the 440FX PAM registers can generate adjacent memory regions which are contiguous.
Detect these and merge them; this saves kvm memory slots and shortens lookup times.
Signed-off-by: Avi Kivity <avi@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
Currently dirty tracking is implemented by passing through
all calls to the underlying cpu_physical_memory_*() calls.
Reviewed-by: Anthony Liguori <aliguori@us.ibm.com>
Signed-off-by: Avi Kivity <avi@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
The memory API separates the attributes of a memory region (its size, how
reads or writes are handled, dirty logging, and coalescing) from where it
is mapped and whether it is enabled. This allows a device to configure
a memory region once, then hand it off to its parent bus to map it according
to the bus configuration.
Hierarchical registration also allows a device to compose a region out of
a number of sub-regions with different properties; for example some may be
RAM while others may be MMIO.
Reviewed-by: Anthony Liguori <aliguori@us.ibm.com>
Signed-off-by: Avi Kivity <avi@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
Device models rely on the core invoking their reset handlers after init.
We do this in the cold-plug case, but so far we miss this step after
hot-plug.
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
For a conventional pci device behind
a pcie-to-pci bridge, pci_host handlers get confused by
an out of bounds access in the range [256, 4K).
Check for such an access and make it have no effect.
Signed-off-by: Isaku Yamahata <yamahata@valinux.co.jp>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
virtio_common_init() allocates RAM for the vdev struct (and any
additional memory, depending on the size passed to the function). This
memory wasn't being freed until now.
Signed-off-by: Amit Shah <amit.shah@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
virtio_cleanup() will be changed by the following patch to remove the
VirtIONet struct that gets allocated via virtio_common_init(). Ensure
we don't dereference the structure after calling the cleanup function.
Signed-off-by: Amit Shah <amit.shah@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
Calling virtio_cleanup() will free up memory allocated in
virtio_common_init().
Signed-off-by: Amit Shah <amit.shah@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
In practice, guests don't generate config requests
that cross a word boundary, so the logic to
detect command word access is correct because
PCI_COMMAND is 0x4. But depending on this is
tricky, further, it will break with guests
that do try to generate a misaligned access
as we pass it to devices without splitting.
Better to use the generic range_covers_byte for this.
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
cppcheck detected two rather strange comments which were not
correctly written as C comments.
They did not cause any harm because they were framed by
#ifdef notdef ... #endif, so they were never compiled.
Fix them nevertheless (we could also remove the unused code).
Signed-off-by: Stefan Weil <weil@mail.berlios.de>
Signed-off-by: Stefan Hajnoczi <stefanha@linux.vnet.ibm.com>
Create cscope symbols for assembly files in addition to .c/.h files.
Create cscope database with full path instead of relative path so cscope
can be used with CSCOPE_DB in any directory.
Signed-off-by: Alexandre Raymond <cerbere@gmail.com>
Signed-off-by: Stefan Hajnoczi <stefanha@linux.vnet.ibm.com>
Introduce pci_config_read/write_common helpers to prevent passing
accesses down the callback chain that go beyond the config space limits.
Adjust length assertions as they are no longer correct (cutting may
generate valid 3 byte accesses).
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
Remove some stray printfs for cases which don't generally happen
(some VFP UNDEF cases, reads and writes to unknown cp14 registers);
we should simply generate an UNDEF when the instruction is executed.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
VCVTT/VCVTB with bit 8 set is UNPREDICTABLE; we choose to UNDEF.
This avoids a TCG assert later when the VCVTT/VCVTB code tries to
use a source register that wasn't ever set up.
We pull the check for the presence of the half-precision extension
up in to this common code as well.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Handle the UNDEF and UNPREDICTABLE cases for VLDM and VSTM. In
particular, we now generate an undef exception for overlarge imm8
values rather than generating 1000+ TCG ops and hitting an assertion.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
ARMv6 implemented various operations as special cases of cp15 accesses
which are true instructions in v7; this includes barriers (DMB, DSB, ISB).
Catch this special case at translate time, so that it works in linux-user
mode (which doesn't provide a functional get_cp15 helper) as well as
system mode.
Includes minor cleanup of the existing cases (single switch statement,
and doing the "OK in user mode?" test explicitly rather than hiding it in
cp15_user_ok()).
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
The 1136r1 is actually a v6K core (unlike the 1136r0); mark it as such,
thus enabling the TLS registers, NOP hints, CLREX, half and byte wide
exclusive load/stores, etc.
The VA-to-PA translation registers are not present on 1136r1, so
introduce a new feature flag for them, which is enabled on 1176,
11MPCore and all v7 cores.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Jamie Iles <jamie@jamieiles.com>
Add support for v6K ARM1176JZF-S. This core includes the VA<->PA
translation capability and security extensions.
Signed-off-by: Jamie Iles <jamie@jamieiles.com>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
The VMSAv7 remapping and access permissions were introduced in ARMv6K
and not ARMv7.
Signed-off-by: Jamie Iles <jamie@jamieiles.com>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
The unplug protocol is necessary to support PV drivers in the guest: the
drivers expect to be able to "unplug" emulated disks and nics before
initializing the Xen PV interfaces.
It is responsibility of the guest to make sure that the unplug is done
before the emulated devices or the PV interface start to be used.
We use pci_for_each_device to walk the PCI bus, identify the devices and
disks that we want to disable and dynamically unplug them.
Changes in v2:
- use PCI_CLASS constants;
- replace pci_unplug_device with qdev_unplug;
- do not import hw/ide/internal.h in xen_platform.c;
Changes in v3:
- introduce piix3-ide-xen, that support hot-unplug;
- move the unplug code to hw/ide/piix.c;
- just call qdev_unplug from xen_platform.c to unplug the IDE disks;
Signed-off-by: Stefano Stabellini <stefano.stabellini@eu.citrix.com>
Acked-by: Kevin Wolf <kwolf@redhat.com>
Signed-off-by: Alexander Graf <agraf@suse.de>
As a Xen guest can have more than 2GB of RAM on a 32bit host, we move
the conditions after than we now if we run one Xen or not.
[agraf] separate xen branch from ram_size check
Signed-off-by: Anthony PERARD <anthony.perard@citrix.com>
Signed-off-by: Alexander Graf <agraf@suse.de>
A Xen guest memory is allocated by libxc. But this memory is not
allocated continuously, instead, it leaves the VGA IO memory space not
allocated, same for the MMIO space (at HVM_BELOW_4G_MMIO_START of size
HVM_BELOW_4G_MMIO_LENGTH).
So to reflect that, we do not register the physical memory for this two
holes. But we still keep only one RAMBlock for the all RAM as it is more
easier than have two separate blocks (1 above 4G). Also this prevent QEMU
from use the MMIO space for a ROM.
Signed-off-by: Anthony PERARD <anthony.perard@citrix.com>
Signed-off-by: Alexander Graf <agraf@suse.de>
In Xen case, memory can be bigger than the host memory. that mean a
32bits host (and QEMU) should be able to handle a RAM address of 64bits.
Signed-off-by: Anthony PERARD <anthony.perard@citrix.com>
Signed-off-by: Alexander Graf <agraf@suse.de>
When using xen_enabled() we're currently only checking if xen is enabled
at all during the build. But what if you want to build multiple targets
out of which only one can potentially run xen code?
That means that for generic code we'll still have to fall back to the
variable and potentially slow the code down, but it's not as important as
that is mostly xen device emulation which is not touched for non-xen targets.
The target specific code however can with this patch see that it's unable to
ever execute xen code. We can thus always return 0 on xen_enabled(), giving
gcc enough hints to evict the mapcache code from the target memory management
code.
Signed-off-by: Alexander Graf <agraf@suse.de>
Acked-by: Anthony PERARD <anthony.perard@citrix.com>
As the variable pd and addr1 inside the function cpu_physical_memory_rw
are mean to handle a RAM address, they should be of the ram_addr_t type
instead of unsigned long.
Signed-off-by: Anthony PERARD <anthony.perard@citrix.com>
Acked-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Alexander Graf <agraf@suse.de>
Remove the call to xenstore_record_dm_state from xen_main_loop_prepare
that is HVM specific.
Add a new vm_change_state_handler shared between xen_pv and xen_hvm
machines to record the VM state to xenstore.
Signed-off-by: Anthony PERARD <anthony.perard@citrix.com>
Signed-off-by: Stefano Stabellini <stefano.stabellini@eu.citrix.com>
Signed-off-by: Alexander Graf <agraf@suse.de>
copy_string reimplements strndup, this commit removes it and
replaces all copy_string uses with strndup.
Signed-off-by: Christophe Fergeau <cfergeau@redhat.com>
Reviewed-by: Alon Levy <alevy@redhat.com>
vcard_emul_options now has repetitive code to read the current
token and advance to the next. After the previous changes,
this repetitive code can be moved in a NEXT_TOKEN macro to
avoid having this code duplicated.
Signed-off-by: Christophe Fergeau <cfergeau@redhat.com>
Reviewed-by: Alon Levy <alevy@redhat.com>
The previous parser had copy and paste errors when computing
vname_length and type_params_length, "name" was used instead
of respectively vname and type_params. This led to length that could
be bigger than the input string, and to access out of the array
bounds when trying to copy these strings. valgrind rightfully
complained about this. It also didn't handle empty fields correctly,
Signed-off-by: Christophe Fergeau <cfergeau@redhat.com>
Reviewed-by: Alon Levy <alevy@redhat.com>
vcard_emul_options used args = strip(args++) a few times, which
was not returning the expected result since the rest of the code
expected args to be increased by at least 1, which is not the case
if *args is not a blank space when this function is called.
Replace these calls by "strip(args+1)" which will do what we expect.
Signed-off-by: Christophe Fergeau <cfergeau@redhat.com>
Reviewed-by: Alon Levy <alevy@redhat.com>
vcard_emul_mirror_card and vcard_emul_init use
vcard_emul_alloc_arrays to allocate memory for temporary arrays
which will contain elements that in the end will be used one by
one in cac_card_init. The arrays themselves are never stored
anywhere, they are only used as temporary containers. Hence
the memory that was allocated for these arrays should be freed
after use or they will be leaked.
Some tokens claim to do CKM_RSA_X_509, but then choke when they try to do the
actual operations. Try to detect those cases and treat them as if the token
didn't claim support for X_509.
Signed-off-by: Robert Relyea <rrelyea@redhat.com>
This allows to easily tag devices as non-migratable,
so any attempt to migrate a virtual machine with the
device in question active will make migration fail.
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
qemu_find_netdev() looks up members of non_vlan_clients by name. It
happily returns the first match. Trouble is the names need not be
unique.
non_vlan_clients contains host parts (netdevs) and guest parts (NICs).
Netdevs have unique names: a netdev's name is a (mandatory)
qemu_netdev_opts ID, and these are unique.
NIC names are not unique. If a NIC has a qdev ID (which is unique),
that's its name. Else, we make up a name. The made-up names are
unique, but they can clash with qdev IDs. Even if NICs had unique
names, they could still clash with netdev names.
Callers of qemu_find_netdev():
* net_init_nic() wants a netdev. It happens to work because it runs
before NICs get added to non_vlan_clients.
* do_netdev_del() wants a netdev. If it gets a NIC, it complains and
fails. Bug: a netdev with the same name that comes later in
non_vlan_clients can't be deleted:
$ qemu-system-x86_64 -nodefaults -vnc :0 -S -monitor stdio -netdev user,id=hostnet0 -device virtio-net-pci,netdev=hostnet0,id=virtio1
[...]
(qemu) netdev_add user,id=virtio1
(qemu) info network
Devices not on any VLAN:
hostnet0: net=10.0.2.0, restricted=n peer=virtio1
virtio1: model=virtio-net-pci,macaddr=52:54:00:12:34:56 peer=hostnet0
virtio1: net=10.0.2.0, restricted=n
(qemu) netdev_del virtio1
Device 'virtio1' not found
* parse_netdev() wants a netdev. If it gets a NIC, it gets confused.
With the test setup above:
(qemu) device_add virtio-net-pci,netdev=virtio1
Property 'virtio-net-pci.netdev' can't take value 'virtio1', it's in use
You can even connect two NICs to each other:
$ qemu-system-x86_64 -nodefaults -vnc :0 -S -monitor stdio -device virtio-net-pci,id=virtio1 -device e1000,netdev=virtio1
[...]
Devices not on any VLAN:
virtio1: model=virtio-net-pci,macaddr=52:54:00:12:34:56 peer=e1000.0
e1000.0: model=e1000,macaddr=52:54:00:12:34:57 peer=virtio1
(qemu) q
Segmentation fault (core dumped)
* do_set_link() works fine for both netdevs and NICs. Whether it
really makes sense for netdevs is debatable, but that's outside this
patch's scope.
Change qemu_find_netdev() to return only netdevs. This fixes the
netdev_del and device_add/-device bugs demonstrated above.
To avoid changing set_link, make do_set_link() search non_vlan_clients
by hand instead of calling qemu_find_netdev().
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
If a network client doesn't have a name, we make one up, with
assign_name(). assign_name() creates a name MODEL.NUM, where MODEL is
the client's model, and NUM is the number of MODELs that already
exist.
Bug: it misses clients that are not on a VLAN, i.e. netdevs and the
NICs using them:
$ qemu-system-x86_64 -nodefaults -vnc :0 -S -monitor stdio -netdev user,id=hostnet0 -net nic,netdev=hostnet0 -netdev user,id=hostnet1 -net nic,netdev=hostnet1
QEMU 0.14.50 monitor - type 'help' for more information
(qemu) info network
Devices not on any VLAN:
hostnet0: net=10.0.2.0, restricted=n peer=e1000.0
hostnet1: net=10.0.2.0, restricted=n peer=e1000.0
e1000.0: model=e1000,macaddr=52:54:00:12:34:56 peer=hostnet0
e1000.0: model=e1000,macaddr=52:54:00:12:34:57 peer=hostnet1
Fix that.
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
/* XXX: currently only used for async signals (see signal.c) */
CPUState*global_env;
/* used only if single thread */
CPUState*cpu_single_env=NULL;
/* used to free thread contexts */
TaskState*first_task_state;
@@ -809,9 +807,6 @@ int main(int argc, char **argv)
usage();
}
}
if(optind>=argc)
usage();
filename=argv[optind];
/* init debug */
cpu_set_log_filename(log_file);
@@ -830,6 +825,11 @@ int main(int argc, char **argv)
cpu_set_log(mask);
}
if(optind>=argc){
usage();
}
filename=argv[optind];
/* Zero out regs */
memset(regs,0,sizeof(structtarget_pt_regs));
@@ -850,8 +850,8 @@ int main(int argc, char **argv)
#error unsupported CPU
#endif
}
cpu_exec_init_all(0);
tcg_exec_init(0);
cpu_exec_init_all();
/* NOTE: we need to init the CPU at this stage to get
qemu_host_page_size */
env=cpu_init(cpu_model);
Some files were not shown because too many files have changed in this diff
Show More
Reference in New Issue
Block a user
Blocking a user prevents them from interacting with repositories, such as opening or commenting on pull requests or issues. Learn more about blocking a user.
