With bm == NULL, other code in the same function would crash.
This bug was reported by cppcheck:
hw/ide/pci.c:280: error: Possible null pointer dereference: bm
Cc: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Stefan Weil <weil@mail.berlios.de>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Factor the DMA I/O path that is duplicated between read and write
commands, into common helpers using the s->is_read flag added for
the macio ATA controller.
Signed-off-by: Christoph Hellwig <hch@lst.de>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
The ATA core is currently heavily intertwined with BMDMA code. Let's loosen
that a bit, so we can happily replace the DMA backend with different
implementations.
Signed-off-by: Alexander Graf <agraf@suse.de>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Whenever SSBM is reset in the command register all state information is lost.
Restarting DMA means that current_addr must be reset to the base address of the
PRD table. The OS is not required to change the base address register before
starting a DMA operation, it can reuse the value it wrote for an earlier
request.
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Reviewed-by: Stefan Hajnoczi <stefanha@linux.vnet.ibm.com>
You can only start a DMA transfer if it's not running yet, and you can only
cancel it if it's running.
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Reviewed-by: Stefan Hajnoczi <stefanha@linux.vnet.ibm.com>
The reason for not actually canceling the I/O is because with
virtualization and lots of VM running, a guest fs may mistake a
overload of the host, as an IDE timeout. So rather than canceling the
I/O, it's safer to wait I/O completion and simulate that the I/O has
completed just before the io cancellation was requested by the
guest. This way if ntfs or an app writes data without checking for
-EIO retval, and it thinks the write has succeeded, it's less likely
to run into troubles. Similar issues for reads.
Furthermore because the DMA operation is splitted into many synchronous
aio_read/write if there's more than one entry in the SG table, without this
patch the DMA would be cancelled in the middle, something we've no idea if it
happens on real hardware too or not. Overall this seems a great risk for zero
gain.
This approach is sure safer than previous code given we can't pretend all guest
fs code out there to check for errors and reply the DMA if it was completed
partially, given a timeout would never materialize on a real harddisk unless
there are defective blocks (and defective blocks are practically only an issue
for reads never for writes in any recent hardware as writing to blocks is the
way to fix them) or the harddisk breaks as a whole.
Signed-off-by: Izik Eidus <ieidus@redhat.com>
Signed-off-by: Andrea Arcangeli <aarcange@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
It reintroduces
Revert "ide save/restore pio/atapi cmd transfer fields and io buffer"
but using subsections. Added bonus is the addition of ide_dummy_transfer_stop
to transfer_end_table, that was missing.
Signed-off-by: Juan Quintela <quintela@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
If migration takes place between write of the bmdma address register and
write of the command register (to initiate DMA), the destination will
not properly start the DMA op, hanging the guest:
ata1.00: exception Emask 0x0 SAct 0x0 SErr 0x0 action 0x6 frozen
ata1.00: cmd c8/00:16:41:00:00/00:00:00:00:00/e0 tag 0 dma 11264 in
res 40/00:00:00:00:00/00:00:00:00:00/00 Emask 0x4 (timeout)
ata1.00: status: { DRDY }
Fix by sending current transfer information in the migration data.
We need to update ide version to 4 for this to work. As we don't
have subsectios, we need to chain the update increase until
vmstate_ide_pci (quintela)
Signed-off-by: Marcelo Tosatti <mtosatti@redhat.com>
Signed-off-by: Juan Quintela <quintela@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
This patch splits cmd646 specific code from pci.c.
This patch splits piix4 specific code from pci.c.
And compile new piix.o and cmd646.o when they are needed.
The only change that is not code movemet is removal of cmd646 specific parts
in bmdma_readb/writeb for piix.
Patchworks-ID: 35301
Signed-off-by: Juan Quintela <quintela@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
We already have a PCIDevice at that point
Patchworks-ID: 35296
Signed-off-by: Juan Quintela <quintela@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
Like qdev_init(), but terminate program via hw_error() instead of
returning an error value.
Use it instead of qdev_init() where terminating the program on failure
is okay, either because it's during machine construction, or because
we know that failure can't happen.
Because relying in the latter is somewhat unclean, and the former is
not always obvious, it would be nice to go back to qdev_init() in the
not-so-obvious cases, only with proper error handling. I'm leaving
that for another day, because it involves making sure that error
values are properly checked by all callers.
Patchworks-ID: 35168
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
It's qdev_create() specialized for PCI, so name it accordingly.
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
With this patch applied ide drives (when attached to a pci adapter) can
be created via -device, like this:
-drive if=none,id=mydisk,file=/path/to/disk.img
-device ide-drive,drive=mydisk,bus=ide.0,unit=0
Note that creating a master on ide1 doesn't work that way. That is a
side effect of qemu creating a cdrom automagically even if you don't
ask for it.
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
8baf73adf6 (qdev/isa: convert fdc)
breaks MIPS Malta:
Tried to create isa device isa-fdc with no isa bus present
Fix this by creating an isa bus for piix4.
This change also requires some more qdev related changes
(similar changes were applied to pc.c) and allows
cleaning of piix3/piix4 code.
Thanks to Gerd Hoffmann for his hints.
Signed-off-by: Stefan Weil <weil@mail.berlios.de>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>