# By Richard Henderson
# Via Richard Henderson
* rth/axp-next:
hw/alpha: Use SRM epoch
hw/alpha: Drop latch_tmp hack
exec: Support 64-bit operations in address_space_rw
hw/alpha: Don't machine check on missing pci i/o
hw/alpha: Don't use get_system_io
Message-id: 1373840171-25556-1-git-send-email-rth@twiddle.net
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
# By Kevin Wolf (6) and Stefan Hajnoczi (2)
# Via Kevin Wolf
* kwolf/for-anthony:
ahci: Fix FLUSH command
migration: Fail migration on bdrv_flush_all() error
cpus: Add return value for vm_stop()
block: Add return value for bdrv_flush_all()
qemu-iotests: Update 051 reference output
block: Don't parse protocol from file.filename
block: add drive_backup HMP command
blockdev: add sync mode to drive-backup QMP command
Message-id: 1373887000-4488-1-git-send-email-kwolf@redhat.com
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
AHCI couldn't cope with asynchronous commands that aren't doing DMA, it
simply wouldn't complete them. Due to the bug fixed in commit f68ec837,
FLUSH commands would seem to have completed immediately even if they
were still running on the host. After the commit, they would simply hang
and never unset the BSY bit, rendering AHCI unusable on any OS sending
flushes.
This patch adds another callback for the completion of asynchronous
commands. This is what AHCI really wants to use for its command
completion logic rather than an DMA completion callback.
Cc: qemu-stable@nongnu.org
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com>
If bdrv_flush_all() returns an error, there is an inconsistency in the
view of an image file between the source and the destination host.
Completing the migration would lead to corruption. Better abort
migration in this case.
To reproduce this case, try the following (ensures that there is
something to flush, and then fails that flush):
$ qemu-img create -f qcow2 test.qcow2 1G
$ cat blkdebug.cfg
[inject-error]
event = "flush_to_os"
errno = "5"
$ qemu-system-x86_64 -hda blkdebug:blkdebug.cfg:test.qcow2 -monitor stdio
(qemu) qemu-io ide0-hd0 "write 0 4k"
(qemu) migrate ...
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com>
If flushing the block devices fails, return an error. The VM is stopped
anyway.
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com>
bdrv_flush() can fail, and bdrv_flush_all() should return an error as
well if this happens for a block device. It returns the first error
return now, but still at least tries to flush the remaining devices even
in error cases.
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com>
One of the major reasons for doing something new for -blockdev and
blockdev-add was that the old block layer code parses filenames instead
of just taking them literally. So we should really leave it untouched
when it's passing using the new interfaces (like -drive
file.filename=...).
This allows opening relative file names that contain a colon.
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Make "drive_backup" available on the HMP monitor:
drive_backup [-n] [-f] device target [format]
The -n flag requests QEMU to reuse the image found in new-image-file,
instead of recreating it from scratch.
The -f flag requests QEMU to copy the whole disk, so that the result
does not need a backing file. Note that this flag *must* currently be
passed since the other sync modes ('none' and 'top') have not been
implemented yet. Requiring it ensures that "drive_backup" behaves like
"drive_mirror".
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
The drive-backup command is similar to the drive-mirror command, except
no guest data written after the command executes gets copied. Add a
sync mode argument which determines whether the entire disk is copied,
just allocated clusters, or only clusters being written to by the guest.
Currently only sync mode 'full' is supported - it copies the entire disk.
For read-only point-in-time snapshots we may only need sync mode 'none'
since the target can be a qcow2 file using the guest's disk as its
backing file (no need to copy the entire disk). Finally, sync mode
'top' is useful if we wish to preserve the backing chain.
Note that this patch just adds the sync mode argument to drive-backup.
It does not implement sync modes 'top' or 'none'. This patch is
necessary so we can add a drive-backup HMP command that behaves like the
existing drive-mirror HMP command and takes a sync mode.
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
The 1980 epoch is used by the ARC PALcode for NT. But we're emulating
a system using the SRM PALcode. Using the proper epoch results in less
confusion in the guest userland.
Signed-off-by: Richard Henderson <rth@twiddle.net>
The memory and i/o core now support passing 64-bit accesses along
from the guest, so we no longer need to emulate them.
Signed-off-by: Richard Henderson <rth@twiddle.net>
Honor the implementation maximum access size, and at least check
the minimum access size.
Reviewed-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Richard Henderson <rth@twiddle.net>
Not really correct, but we don't implement all of the random devices
that the kernel looks for. This is good enough to keep us booting.
Signed-off-by: Richard Henderson <rth@twiddle.net>
Advancements in the ioport subsystem mean that we need no longer
thunk memory-mapped i/o through the system-io address space.
Signed-off-by: Richard Henderson <rth@twiddle.net>
Setting it to LE forces a byte swap when host != guest endian but
this makes no sense at all.
Herve made the suggestion upon observing that word writes/reads
were broken into byte writes/reads in such a way as to assume
devices are interpret registers as LE.
However, even if this were a problem, marking the region as LE is
not useful because what's essentially happening here is that LE is
open coded. So by marking it LE in MemoryRegionOps, we're doing a
superflous swap.
Now, the portio code is suspicious to begin with. The dispatch
layer really has no purpose in splitting I/O requests in the first
place...
Cc: Hervé Poussineau <hpoussin@reactos.org>
Cc: Alex Graf <agraf@suse.de>
Cc: Benjamin Herrenschmidt <benh@kernel.crashing.org>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
# By Alexander Graf (16) and others
# Via Alexander Graf
* agraf/ppc-for-upstream: (22 commits)
PPC: dbdma: Support more multi-issue DMA requests
PPC: Add timer handler for newworld mac-io
PPC: dbdma: Support unaligned DMA access
PPC: dbdma: Wait for DMA until we have data
PPC: dbdma: Move processing to io
PPC: dbdma: macio: Add DMA callback
PPC: dbdma: Move static bh variable to device struct
PPC: dbdma: Introduce kick function
PPC: dbdma: Move defines into header file
PPC: dbdma: Allow new commands in RUN state
PPC: dbdma: Fix debug print
PPC: Mac: Add debug prints in macio and dbdma code
PPC: dbdma: Replace tabs with spaces
PPC: Macio: Replace tabs with spaces
PPC: g3beige: Move secondary IDE bus to mac-io
PPC: Mac: Fix guest exported tbfreq values
target-ppc: Add POWER8 v1.0 CPU model
pseries: move interrupt controllers to hw/intc/
spapr: Respect -bios command line option for SLOF
spapr: Use named enum for function remove_hpte
...
Message-id: 1373562085-29728-1-git-send-email-agraf@suse.de
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
A DMA request can happen for data that hasn't been completely been
provided by the IDE core yet. For example
- DBDMA request for 0x1000 bytes
- IDE request for 1 sector
- DBDMA wants to read 0x1000 bytes (8 sectors) from bdrv
- breakage
Instead, we should truncate our bdrv request to the maximum number
of sectors we're allowed to read at that given time. Once that transfer
is through, we will fall into our recently introduced waiting logic.
- DBDMA requests for 0x1000 bytes
- IDE request for 1 sector
- DBDMA wants to read MIN(0x1000, 1 * 512) bytes
- DBDMA finishes reading, indicates to IDE core that transfer is complete
- IDE request for 7 sectors
- DBDMA finishes the DMA
Reported-by: Mark Cave-Ayland <mark.cave-ayland@ilande.co.uk>
Signed-off-by: Alexander Graf <agraf@suse.de>
Mac OS X accesses fancy timer registers inside of the mac-io on bootup.
These really should be ticking at the mac-io bus frequency, but I don't
see anyone upset when we just make them as fast as we want to.
With this patch on top of my previous patch queue and latest OpenBIOS
I am able to boot Mac OS X 10.4 with -M mac99.
Signed-off-by: Alexander Graf <agraf@suse.de>
The DBDMA engine really just reads bytes from a producing device (IDE
in our case) and shoves these bytes into memory. It doesn't care whether
any alignment takes place or not.
Our code today however assumes that block accesses always happen on
sector (512 byte) boundaries. This is a fair assumption for most cases.
However, Mac OS X really likes to do unaligned, incomplete accesses
that it finishes with the next DMA request.
So we need to read / write the unaligned bits independent of the actual
asynchronous request, because that one can only handle 512-byte-aligned
data. We also need to cache these unaligned sectors until the next DMA
request, at which point the data might be successfully flushed from the
pipe.
Signed-off-by: Alexander Graf <agraf@suse.de>
We should only start processing DMA requests when we have data to process.
Hold off working through the DMA shuffling until the IDE core told us that
it's ready.
This is required because the guest can program the DMA engine or the IDE
transfer first. Both are legal.
Signed-off-by: Alexander Graf <agraf@suse.de>
Soon we will introduce intermediate processing pauses which will
allow the bottom half to restart a DMA request that couldn't be
fulfilled yet.
For that to work, move the processing variable into the io struct
which is what DMA providers work with.
While touching it, also change it into a bool
Signed-off-by: Alexander Graf <agraf@suse.de>
We need to know when the IDE core starts a DMA transfer. Add a notifier
function so we have the chance to start transmitting data.
Signed-off-by: Alexander Graf <agraf@suse.de>
The DBDMA controller has a bottom half to asynchronously process DMA
request queues.
This bh was stored as a gross static variable. Move it into the device
struct instead.
While at it, move all users of it to the new generic kick function.
Signed-off-by: Alexander Graf <agraf@suse.de>
The DBDMA engine really is running all the time, waiting for input. However
we don't want to waste cycles constantly polling.
So introduce a kick function that data providers can call to notify the
DBDMA controller of new input.
Signed-off-by: Alexander Graf <agraf@suse.de>
We usually keep struct and constant definitions in header files. Move
them there to stay consistent and to make access to fields easier.
Signed-off-by: Alexander Graf <agraf@suse.de>
The DBDMA controller can not change its command stream while it's
actively streaming data, true. But the fact that it's in RUN state
doesn't actually indicate anything. It could just as well be in
WAIT while in RUN. And then it's legal to change commands.
This fixes a real world issue I've encountered with Mac OS X.
Signed-off-by: Alexander Graf <agraf@suse.de>
There was a debug print that didn't compile for me because the format
and the arguments weren't in sync. Fix it up.
Signed-off-by: Alexander Graf <agraf@suse.de>
The macio code is basically undebuggable as it stands today, with no
debug prints anywhere whatsoever. DBDMA was better, but I needed a
few more to create reasonable logs that tell me where breakage is.
Add a DPRINTF macro in the macio source file and add a bunch of debug
prints that are all disabled by default of course.
Signed-off-by: Alexander Graf <agraf@suse.de>
On a real G3 Beige the secondary IDE bus lives on the mac-io chip, not
on some random PCI device. Move it there to become more compatible.
While at it, also clean up the IDE channel connection logic.
Signed-off-by: Alexander Graf <agraf@suse.de>
We can tell the guest the frequency of its time base through fwcfg.
However, we tell it a different value from the speed tb actually runs
at. Let's fix it and make the tbfreq initialization and the fwcfg exposure
use the same values.
Signed-off-by: Alexander Graf <agraf@suse.de>
This patch adds CPU PVR definition for POWER8,
and enables QEMU to launch guests on POWER8 hardware.
Signed-off-by: Prerna Saxena <prerna@linux.vnet.ibm.com>
Signed-off-by: Alexey Kardashevskiy <aik@ozlabs.ru>
Reviewed-by: Paul Mackerras <paulus@samba.org>
Reviewed-by: Andreas Farber <afaerber@suse.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
Allow the user to override the firmware file name rather than always
using "slof.bin".
Reported-by: Dinar Valeev <k0da@opensuse.org>
Signed-off-by: Andreas Färber <afaerber@suse.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
The function returned a target_ulong which was made from unnamed enum
values. The target_ulong was then assigned to an int variable which
was used in a switch statement.
Using a named enum in both cases makes reviews easier.
Signed-off-by: Stefan Weil <sw@weilnetz.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
i686-w64-mingw32-gcc (GCC) 4.6.3 from Debian wheezy reports these warnings:
hw/ppc/spapr_hcall.c:188:1: warning:
control reaches end of non-void function [-Wreturn-type]
hw/ppc/spapr_pci.c:454:1: warning:
control reaches end of non-void function [-Wreturn-type]
Both warnings are fixed by using g_assert_not_reached instead of assert.
A second line with assert(0) in spapr_pci.c which did not raise a compiler
warning was modified, too, because g_assert_not_reached documents the
purpose of that statement and is not removed in release builds.
Signed-off-by: Stefan Weil <sw@weilnetz.de>
Acked-by: David Gibson <david@gibson.dropbear.id.au>
Signed-off-by: Alexander Graf <agraf@suse.de>
MPC86xx processors are based on the e600 core, which is not the case
in qemu where it is based on the 7400 processor.
This patch creates the e600 core and instantiates the MPC86xx
processors based on it. Therefore, adding the high BATs, the SPRG
4..7 registers, which are e600-specific [1], and a HW MMU model (as 7400).
This allows to define the MPC8610 processor too.
Tested with a kernel using the HW TLB misses.
[1] http://cache.freescale.com/files/32bit/doc/ref_manual/E600CORERM.pdf
Signed-off-by: Julio Guerra <guerr@julio.in>
Signed-off-by: Alexander Graf <agraf@suse.de>
# By Kevin Wolf (4) and others
# Via Luiz Capitulino
* luiz/queue/qmp:
add timestamp to error_report()
qapi-schema: Use existing type for drive-backup arguments
qapi-schema: Use BlockdevSnapshot type for blockdev-snapshot-sync
qapi.py: Allow top-level type reference for command definitions
qapi.py: Avoid code duplication
qemu-char: Fix ringbuf option size
Message-id: 1373478767-20965-1-git-send-email-lcapitulino@redhat.com
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
[Issue]
When we offer a customer support service and a problem happens
in a customer's system, we try to understand the problem by
comparing what the customer reports with message logs of the
customer's system.
In this case, we often need to know when the problem happens.
But, currently, there is no timestamp in qemu's error messages.
Therefore, we may not be able to understand the problem based on
error messages.
[Solution]
Add a timestamp to qemu's error message logged by
error_report() with g_time_val_to_iso8601().
Signed-off-by: Seiji Aguchi <seiji.aguchi@hds.com>
Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com>
Signed-off-by: Luiz Capitulino <lcapitulino@redhat.com>
This removes duplicated definitions and documentation by reusing the
existing data type.
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Signed-off-by: Luiz Capitulino <lcapitulino@redhat.com>
We don't have to duplicate the definition any more now that we may refer
to a type instead.
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Reviewed-by: Michael Roth <mdroth@linux.vnet.ibm.com>
Signed-off-by: Luiz Capitulino <lcapitulino@redhat.com>
If 'data' for a command definition isn't a dict, but a string, it is
taken as a (struct) type name and the fields of this struct are directly
used as parameters.
This is useful for transactionable commands that can use the same type
definition for both the transaction action and the arguments of the
standalone command.
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Reviewed-by: Michael Roth <mdroth@linux.vnet.ibm.com>
Signed-off-by: Luiz Capitulino <lcapitulino@redhat.com>
The code that interprets the read JSON expression and appends types to
the respective global variables was duplicated. We can avoid that by
splitting off the part that reads from the file.
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Reviewed-by: Michael Roth <mdroth@linux.vnet.ibm.com>
Signed-off-by: Luiz Capitulino <lcapitulino@redhat.com>
Any attempt to use it trips an "opt->desc->type == QEMU_OPT_NUMBER"
assertion. Broken in commit 1da48c65.
Cc: qemu-stable@nongnu.org
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Signed-off-by: Luiz Capitulino <lcapitulino@redhat.com>
# By Andreas Schwab (2) and others
# Via Riku Voipio
* riku/linux-user-for-upstream:
linux-user: Do not ignore mmap failure from host
linux-user: improve target_to_host_sock_type conversion
user-exec.c: Set is_write correctly in the ARM cpu_signal_handler()
linux-user: Fix sys_utimensat (would not compile on old glibc)
linux-user: fix signal number range check
linux-user: add SIOCADDRT/SIOCDELRT support
linux-user: handle /proc/$$ like /proc/self
Message-id: cover.1373051589.git.riku.voipio@linaro.org
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
# By Richard Henderson
# Via Richard Henderson
* rth/tcg-next:
tcg-arm: Implement tcg_register_jit
tcg-i386: Use QEMU_BUILD_BUG_ON instead of assert for frame size
tcg: Move the CIE and FDE header definitions to common code
tcg: Fix high_pc fields in .debug_info
tcg-arm: Use AT_PLATFORM to detect the host ISA
tcg-arm: Simplify logic in detecting the ARM ISA in use
tcg-arm: Rename use_armv5_instructions to use_armvt5_instructions
tcg-arm: Make use of conditional availability of opcodes for divide
tcg: Simplify logic using TCG_OPF_NOT_PRESENT
tcg: Allow non-constant control macros
tcg-ppc64: Don't implement rem
tcg-ppc: Don't implement rem
tcg-arm: Don't implement rem
tcg: Split rem requirement from div requirement
tcg: Add myself to general TCG maintainership
Message-id: 1373379515-28596-1-git-send-email-rth@twiddle.net
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
Its clear from the implementation that class casting is supposed to work
with a NULL class argument. Guard all dereferences of the class argument
against NULL accordingly.
Signed-off-by: Peter Crosthwaite <peter.crosthwaite@xilinx.com>
Message-id: 94cd5ba46b74eea289a7e582635820c1c54e66fa.1371546907.git.peter.crosthwaite@xilinx.com
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
