It was not qdev'ified before, so turn it into a SysBusDevice.
Keep mmio_ide_init_drives() around to attach the hard drive.
Signed-off-by: Andreas Färberr <afaerber@suse.de>
Cc: Markus Armbruster <armbru@redhat.com>
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
# By Christoffer Dall (1) and Peter Maydell (1)
# Via Peter Maydell
* pmaydell/arm-devs.next:
hw/vexpress: Use correct HBI (board model number) for vexpress-a15
hw/arm_sysctl: Clear sysctl cfgctrl start bit
# By Markus Armbruster (12) and others
# Via Stefan Hajnoczi
* stefanha/trivial-patches:
qmp-commands.hx: s/tray-open/tray_open/ to match qapi schema
tests: Fix {rtc, m48t59}-test build on illumos
qemu-pixman.h: Avoid mutual inclusion loop with console.h
qemu-ga: Fix unchecked strdup() by converting to g_strdup()
qapi: Fix unchecked strdup() by converting to g_strdup()
libcacard: Fix unchecked strdup() by converting to g_strdup()
qemu-log: Plug trivial memory leak in cpu_set_log_filename()
qemu-log: Fix unchecked strdup() by converting to g_strdup()
virtfs-proxy-helper: Fix unchecked strdup() by conv. to g_strdup()
spice: Fix unchecked strdup() by converting to g_strdup()
readline: Fix unchecked strdup() by converting to g_strdup()
hw/9pfs: Fix unchecked strdup() by converting to g_strdup()
g_strdup(NULL) returns NULL; simplify
g_malloc(0) and g_malloc0(0) return NULL; simplify
xilinx_axidma: Fix debug mode compile messages
cadence_gem: Debug mode compile fixes
cadence_ttc: Debug mode compile fixes
vnc: Clean up vncws_send_handshake_response()
# By Andreas Färber
# Via Andreas Färber
* afaerber-or/prep-up:
prep: Move PReP machine to hw/ppc/
prep_pci: Convert to QOM realizefn
prep_pci: Create PCIBus and PCIDevice in-place
The vexpress-a15 QEMU model is supposed to be a V2P-CA15; the HBI
(a kind of board model number) for this coretile is 237, not 217.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
The start bit should only be set to indicate that a function call is
underway, right now. When done with function, clear it.
Signed-off-by: Christoffer Dall <c.dall@virtualopensystems.com>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Note: the allocation in virtio_9p_init() is still leaked. To be fixed
in a followup commit.
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
Once upon a time, it was decided that qemu_malloc(0) should abort.
Switching to glib retired that bright idea. Some code that was added
to cope with it (e.g. in commits 702ef63, b76b6e9) is still around.
Bury it.
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
Missing cast one one of the conditionally compiled printfs.
Signed-off-by: Peter Crosthwaite <peter.crosthwaite@xilinx.com>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
Some printfs are throwing warnings when debug mode is enabled. Fixed.
Signed-off-by: Peter Crosthwaite <peter.crosthwaite@xilinx.com>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
Some printfs are throwing warnings when debug mode is enabled. Fixed.
Signed-off-by: Peter Crosthwaite <peter.crosthwaite@xilinx.com>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
set_bit on indicators doesn't go well on 32 bit targets:
note: expected 'long unsigned int *' but argument is of type 'uint64_t *'
Switch to bit shifts instead.
Signed-off-by: Cornelia Huck <cornelia.huck@de.ibm.com>
[agraf: use 1ULL instead]
Signed-off-by: Alexander Graf <agraf@suse.de>
Changed error codes in the channel subsystem / virtio-ccw code
(-EOPNOTSUPP -> -ENOSYS, -ERESTART -> -EINPROGRESS).
This should hopefully fix building on mingw32.
Signed-off-by: Cornelia Huck <cornelia.huck@de.ibm.com>
Reviewed-by: Stefan Weil <sw@weilnetz.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
Map the I/O interruption code before calling into css.
Signed-off-by: Cornelia Huck <cornelia.huck@de.ibm.com>
Signed-off-by: Alexander Graf <agraf@suse.de>
Add a new machine type, s390-ccw-virtio, making use of the
virtio-ccw transport to present virtio devices as channel
devices.
Signed-off-by: Cornelia Huck <cornelia.huck@de.ibm.com>
Signed-off-by: Alexander Graf <agraf@suse.de>
s390_virtio_bus_find_mem() may return a NULL VirtIOS390Device.
If called with, e.g., args[0] == 0, this leads to a segfault.
Fix this by adding error handling as done for other hypercalls.
Present since baf0b55a9e (Implement
virtio reset).
Signed-off-by: Andreas Färber <afaerber@suse.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
This moves all files only used by s390 system emulation to hw/s390x.
Signed-off-by: Alexander Graf <agraf@suse.de>
Acked-by: Christian Borntraeger <borntraeger@de.ibm.com>
virtio-s390 devices are not being reset when their bus is. To fix
this, add a reset method that forwards to virtio_reset. This is
only needed because of the "strange" modeling of virtio devices;
the ->vdev link is being handled manually rather than through qdev.
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Alexander Graf <agraf@suse.de>
Add a new virtio transport that uses channel commands to perform
virtio operations.
Signed-off-by: Cornelia Huck <cornelia.huck@de.ibm.com>
Signed-off-by: Alexander Graf <agraf@suse.de>
Some of the machine initialization for s390-virtio will be reused
by virtio-ccw.
Signed-off-by: Cornelia Huck <cornelia.huck@de.ibm.com>
Signed-off-by: Alexander Graf <agraf@suse.de>
Provide a mechanism for qemu to provide fully virtual subchannels to
the guest.
Signed-off-by: Cornelia Huck <cornelia.huck@de.ibm.com>
Signed-off-by: Alexander Graf <agraf@suse.de>
The current s390 machine uses the virtio console as default console,
but this doesn't mean that we always want to keep it that way for new
machines.
This patch introduces a way for a machine type to specify that it wants
the default console to be an SCLP console, which is a lot closer to what
real hardware does.
Signed-off-by: Alexander Graf <agraf@suse.de>
Reviewed-by: Andreas Färber <afaerber@suse.de>
* afaerber/qom-cpu: (37 commits)
kvm: Pass CPUState to kvm_on_sigbus_vcpu()
cpu: Unconditionalize CPUState fields
target-m68k: Use type_register() instead of type_register_static()
target-unicore32: Use type_register() instead of type_register_static()
target-openrisc: Use type_register() instead of type_register_static()
target-unicore32: Catch attempt to instantiate abstract type in cpu_init()
target-openrisc: Catch attempt to instantiate abstract type in cpu_init()
target-m68k: Catch attempt to instantiate abstract type in cpu_init()
target-arm: Catch attempt to instantiate abstract type in cpu_init()
target-alpha: Catch attempt to instantiate abstract type in cpu_init()
qom: Introduce object_class_is_abstract()
target-unicore32: Detect attempt to instantiate non-CPU type in cpu_init()
target-openrisc: Detect attempt to instantiate non-CPU type in cpu_init()
target-m68k: Detect attempt to instantiate non-CPU type in cpu_init()
target-alpha: Detect attempt to instantiate non-CPU type in cpu_init()
target-arm: Detect attempt to instantiate non-CPU type in cpu_init()
cpu: Add model resolution support to CPUClass
target-i386: Remove setting tsc-frequency from x86_def_t
target-i386: Set custom features/properties without intermediate x86_def_t
target-i386: Remove vendor_override field from CPUX86State
...
Conflicts:
tests/Makefile
Resolved simple conflict caused by lack of context in Makefile
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
# By Paolo Bonzini (14) and others
# Via Kevin Wolf
* kwolf/for-anthony: (24 commits)
ide: Add fall through annotations
block: Create proper size file for disk mirror
ahci: Add migration support
ahci: Change data types in preparation for migration
ahci: Remove unused AHCIDevice fields
hbitmap: add assertion on hbitmap_iter_init
mirror: do nothing on zero-sized disk
block/vdi: Check for bad signature
block/vdi: Improved return values from vdi_open
block/vdi: Improve debug output for signature
block: Use error code EMEDIUMTYPE for wrong format in some block drivers
block: Add special error code for wrong format
mirror: support arbitrarily-sized iterations
mirror: support more than one in-flight AIO operation
mirror: add buf-size argument to drive-mirror
mirror: switch mirror_iteration to AIO
mirror: allow customizing the granularity
block: allow customizing the granularity of the dirty bitmap
block: return count of dirty sectors, not chunks
mirror: perform COW if the cluster size is bigger than the granularity
...
# By Lei Li (3) and others
# Via Luiz Capitulino
* luiz/queue/qmp:
QAPI: Introduce memchar-read QMP command
QAPI: Introduce memchar-write QMP command
qemu-char: Add new char backend CirMemCharDriver
docs: document virtio-balloon stats
balloon: re-enable balloon stats
balloon: drop old stats code & API
block: Monitor command commit neglects to report some errors
SysBusDeviceClass' initfn merely calls SysBusDeviceClass::init, so we
can already hook up our own realizefn overwriting this behavior.
A symmetric unrealizefn is not necessary, knowing that the child's
unrealizefn is still no-op, too. Avoids ripping it out again when
recursive realization at DeviceState-level is implemented.
Signed-off-by: Andreas Färber <andreas.faerber@web.de>
This keeps compatibility on machine-types pc-1.2 and older, and prints a
warning in case the requested configuration won't get the correct
topology.
I couldn't think of a better way to warn about broken topology when in
compat mode other than using error_report(). The warning message will
probably be buried in a log file somewhere, but it's better than
nothing.
Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
Signed-off-by: Andreas Färber <afaerber@suse.de>
This changes FW_CFG_MAX_CPUS and FW_CFG_NUMA to use apic_id_for_cpu(),
so the NUMA table can be based on the APIC IDs, instead of CPU index
(SeaBIOS knows nothing about CPU indexes, just APIC IDs).
Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
Signed-off-by: Andreas Färber <afaerber@suse.de>
PC will not use max_cpus for that field, so move it outside the common
code so it can use a different value on PC.
Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
Signed-off-by: Andreas Färber <afaerber@suse.de>
Currently, the pc-1.4 machine init function enables PV EOI and then
calls the pc-1.2 machine init function. The problem with this approach
is that now we can't enable any additional compatibility code inside the
pc-1.2 init function because it would end up enabling the compatibility
behavior on pc-1.3 and pc-1.4 as well.
This reverses the logic so that the pc-1.2 machine init function will
disable PV EOI, and then call the pc-1.4 machine init function.
This way we can change older machine-types to enable compatibility
behavior, and the newer machine-types (pc-1.3, pc-q35-1.4 and
pc-i440fx-1.4) would just use the default behavior.
(This means that one nice side-effect of this change is that pc-q35-1.4
will get PV EOI enabled by default, too)
It would be interesting to eventually change pc_init_pci_no_kvmclock()
and pc_init_isa() to reuse pc_init_pci_1_2() as well (so we don't need
to duplicate compatibility code on those two functions). But this will
be probably much easier to do after we create a PCInitArgs struct for
the PC initialization arguments, and/or after we use global-properties
to implement the compatibility modes present in pc_init_pci_1_2().
Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
Acked-by: Michael S. Tsirkin <mst@redhat.com>
Reviewed-by: Marcelo Tosatti <mtosatti@redhat.com>
Signed-off-by: Andreas Färber <afaerber@suse.de>
Default to moving back to the IDLE state after the COLLECTING_DATA
state. For a well behaved guest this patch has no consequence, but
A bad guest could crash QEMU by using one of the erase commands
followed by a longer than 5 byte argument (undefined behaviour).
Signed-off-by: Peter Crosthwaite <peter.crosthwaite@xilinx.com>
Signed-off-by: Edgar E. Iglesias <edgar.iglesias@gmail.com>
Software services a received packet by clearing the CTRL_S bit in the RX_CTRLn
register. If this bit is cleared, flush any packets queued for the device.
Reported-by: John Williams <john.williams@xilinx.com>
Signed-off-by: Peter Crosthwaite <peter.crosthwaite@xilinx.com>
Signed-off-by: Edgar E. Iglesias <edgar.iglesias@gmail.com>
The eth_can_rx() function only checks the first buffers status ("ping"). The
controller should be able to receive into "pong" when ping-pong is enabled.
Checks the active buffer (either "ping" or "pong") when determining can_rx()
rather than just testing "ping".
Signed-off-by: Peter Crosthwaite <peter.crosthwaite@xilinx.com>
Signed-off-by: Edgar E. Iglesias <edgar.iglesias@gmail.com>
* 'ppc-for-upstream' of git://repo.or.cz/qemu/agraf:
PPC: e500: Select MPIC v4.2 on ppce500 platform
PPC: e500: fix mpic_iack address
openpic: add basic support for MPIC v4.2
openpic: fix timer address decoding
openpic: fix remaining issues from idr-to-destmask conversion
pseries: Adjust default VIO address allocations to play better with libvirt
pseries: Improve handling of multiple PCI host bridges
target-ppc: Give a meaningful error if too many threads are specified
cuda: Move ADB bus into CUDA state
adb: QOM'ify ADB devices
adb: QOM'ify Apple Desktop Bus
cuda: QOM'ify CUDA
ide/macio: QOM'ify MacIO IDE
mac_nvram: QOM'ify MacIO NVRAM
mac_nvram: Mark as Big Endian
mac_nvram: Clean up public API
macio: Split MacIO in two
macio: Delay qdev init until all fields are initialized
macio: QOM'ify some more
ppc: Move Mac machines to hw/ppc/
This is a follow up for several attempts to fix this issue.
Previous incarnations:
1. http://thread.gmane.org/gmane.linux.ubuntu.bugs.general/3156089https://bugs.launchpad.net/bugs/918791
"qemu-kvm dies when using vmvga driver and unity in the guest" bug.
Fix by Serge Hallyn:
https://launchpadlibrarian.net/94916786/qemu-vmware.debdiff
This fix is incomplete, since it does not check width and height
for being negative. Serge weren't sure if that's the right place
to fix it, maybe the fix should be up the stack somewhere.
2. http://thread.gmane.org/gmane.comp.emulators.qemu/166064
by Marek Vasut: "vmware_vga: Redraw only visible area"
This one adds the (incomplete) check to vmsvga_update_rect_delayed(),
the routine just queues the rect updating but does no interesting
stuff. It is also incomplete in the same way as patch by Serge,
but also does not touch width&height at all after adjusting x&y,
which is wrong.
As far as I can see, when processing guest requests, the device
places them into a queue (vmsvga_update_rect_delayed()) and
processes this queue in different place/time, namely, in
vmsvga_update_rect(). Sometimes, vmsvga_update_rect() is
called directly, without placing the request to the gueue.
This is the place this patch changes, which is the last
(deepest) in the stack. I'm not sure if this is the right
place still, since it is possible we have some queue optimization
(or may have in the future) which will be upset by negative/wrong
values here, so maybe we should check for validity of input
right when receiving request from the guest (and maybe even
use unsigned types there). But I don't know the protocol
and implementation enough to have a definitive answer.
But since vmsvga_update_rect() has other sanity checks already,
I'm adding the missing ones there as well.
Cc'ing BALATON Zoltan and Andrzej Zaborowski who shows in `git blame'
output and may know something in this area.
If this patch is accepted, it should be applied to all active
stable branches (at least since 1.1, maybe even before), with
minor context change (ds_get_*(s->vga.ds) => s->*). I'm not
Cc'ing -stable yet, will do it explicitly once the patch is
accepted.
BTW, these checks use fprintf(stderr) -- it should be converted
to something more appropriate, since stderr will most likely
disappear somewhere.
Cc: Marek Vasut <marex@denx.de>
CC: Serge Hallyn <serge.hallyn@ubuntu.com>
Cc: BALATON Zoltan <balaton@eik.bme.hu>
Cc: Andrzej Zaborowski <balrogg@gmail.com>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
Reviewed-by: Marek Vasut <marex@denx.de>
Signed-off-by: Serge Hallyn <serge.hallyn@ubuntu.com>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
Align the device tree blob to a 4KB boundary, not to QEMU's
idea of a page boundary -- the latter is the smallest possible
page size for the architecture, which on ARM is 1KB.
The documentation for Linux does not impose separation
or alignment requirements on the device tree blob, but
in practice some kernels will happily trash the entire
page the initrd ends in after they have finished uncompressing
the initrd. So 4KB-align the DTB to ensure it does not get
trampled by these kernels.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
read_splashfile() passes the address of an int variable as size_t *
parameter to g_file_get_contents(), with a cast to gag the compiler.
No problem on machines where sizeof(size_t) == sizeof(int).
Happens to work on my x86_64 box (64 bit little endian): the least
significant 32 bits of the file size end up in the right place
(caller's variable file_size), and the most significant 32 bits
clobber a place that gets assigned to before its next use (caller's
variable file_type).
I'd expect it to break on a 64 bit big-endian box.
Fix up the variable types and drop the problematic cast.
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Laszlo Ersek <lersek@redhat.com>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
Explicitly mark the fallthroughs as intentional in the code
pattern where we gradually increment an index before falling
into the code to read/write that array entry:
case THINGY_3: idx++;
case THINGY_2: idx++;
case THINGY_1: idx++;
case THINGY_0: return s->thingy[idx];
This makes static analysers happy.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
Add an explicit 'return' statement to a case in smc91c111_readb
rather than relying on fallthrough to the following case's
return statement, for code clarity and to placate static analysers.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
Mark the deliberate fallthrough where we treat the case of
an attempt to read flash when it is an unknown command
state as if it were a normal read.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
Explicitly mark the fallthroughs as intentional in the code
pattern where we gradually increment an index before falling
into the code to read/write that array entry:
case THINGY_3: idx++;
case THINGY_2: idx++;
case THINGY_1: idx++;
case THINGY_0: return s->thingy[idx];
This makes static analysers happy.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
Explicitly mark cases where we are deliberately falling
through to the following code. In one case we insert a
'break' instead of falling through to a 'break', as this
seems slightly clearer.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
Add some break statements that were accidentally omitted
from some cases of arm_sysctl_write(). The omission was
harmless because in both cases the following case did
an immediate break, but adding the breaks explicitly
placates static analysers and avoids weird behaviour if
the following register is ever implemented as something
other than a no-op.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
extra-obj-y is somewhat complicated to understand. Replace it with a
special CONFIG_ALL symbol that is defined only at toplevel.
This limits the case of directories defining more than one
*-obj-y target.
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
