From Markus:
Before:
$ qemu-system-x86_64 -display none -drive if=ide
qemu-system-x86_64: Device needs media, but drive is empty
qemu-system-x86_64: Initialization of device ide-hd failed
[Exit 1 ]
After:
$ qemu-system-x86_64 -display none -drive if=ide
qemu-system-x86_64: Device needs media, but drive is empty
Segmentation fault (core dumped)
[Exit 139 (SIGSEGV)]
This error always existed as qdev_init() frees the object. But QOM
goes a bit further and purposefully sets the class pointer to NULL to
help find use-after-free. It worked :-)
Cc: Andreas Faerber <afaerber@suse.de>
Reported-by: Markus Armbruster <armbru@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
* stefanha/trivial-patches:
tci: Support INDEX_op_bswap64_i64
target-i386: Use QEMU instead of Qemu
Makefile.hw: avoid overly large 'make clean' rm command
configure: Fix typo
arm_gic: Send dbg msgs to stderr not stdout
checkpatch: Add QEMU specific rule
qemu-config: Use QEMU instead of Qemu
libqtest: Fix socket_accept() to pass address_len
Makefile.user: Define CONFIG_USER_ONLY for libuser/
Makefile: Remove macro qapi-dir
Makefile: Remove BUILD_DIR from qapi-dir
Install 'bepo' keymap already included in Qemu source
* kraxel/usb.54:
uhci: fix uhci_async_cancel_all
usb-host: live migration support
usb-host: attach only to running guest
ehci: tracing improvements
usb: restore USBDevice->attached on vmload
ehci: add live migration support
* 'ppc-for-upstream' of git://repo.or.cz/qemu/agraf: (72 commits)
PPC: BookE206: Bump MAS2 to 64bit
PPC: BookE: Support 32 and 64 bit wide MAS2
PPC: Extract SPR dump generation into its own function
PPC: Add e5500 CPU target
PPC: BookE: Make ivpr selectable by CPU type
PPC: BookE: Implement EPR SPR
PPC: Add support for MSR_CM
PPC: Add some booke SPR defines
uImage: increase the gzip load size
PPC: e500: allow users to set the /compatible property via -machine
dt: make setprop argument static
PPC: e500: Refactor serial dt generation
dt: Add global option to set phandle start offset
PPC: e500: Extend address/size of / to 64bit
PPC: e500: Define addresses as always 64bit
PPC: e500: Use new SOC dt format
PPC: e500: Use new MPIC dt format
Revert "dt: temporarily disable subtree creation failure check"
PPC: e500: enable manual loading of dtb blob
PPC: e500: dt: use target_phys_addr_t for ramsize
...
* 's390-for-upstream' of git://repo.or.cz/qemu/agraf:
s390: stop target cpu on sigp initial reset
s390: make kvm_stat work on s390
kvm: Update kernel headers
s390x: fix s390 virtio aliases
* 'arm-devs.for-upstream' of git://git.linaro.org/people/pmaydell/qemu-arm:
arm_boot: Conditionalised DTB command line update
cadence_ttc: changed master clock frequency
cadence_gem: avoid stack-writing buffer-overrun
hw/a9mpcore: Fix compilation failure if physaddrs are 64 bit
hw/omap.h: Drop broken MEM_VERBOSE tracing
hw/armv7m_nvic: Make the NVIC a freestanding class
hw/arm_gic: Move CPU interface memory region setup into arm_gic_init
hw/arm_gic.c: Make NVIC interrupt numbering a runtime setting
hw/arm_gic: Make CPU target registers RAZ/WI on uniprocessor
hw/arm_gic: Add qdev property for GIC revision
hw/armv7m_nvic: Use MemoryRegions for NVIC specific registers
hw/arm_gic: Move NVIC specific reset to armv7m_nvic_reset
hw/arm_gic: Remove the special casing of NCPU for the NVIC
hw/arm_gic: Remove NVIC ifdefs from gic_state struct
arm_boot: Fix typos in comment
ARM: Exynos4210 IRQ: Introduce new IRQ gate functionality.
On the e500 series, accessing SPR_EPR magically turns into an access at
that CPU's IACK register on the MPIC. Implement that logic to get kernels
that make use of that feature work.
Signed-off-by: Alexander Graf <agraf@suse.de>
Recent u-boot has different defines for its gzip extract buffer, but the
common ground seems to be 64MB. So let's bump it up to that, enabling me
to load my test image again ;).
Signed-off-by: Alexander Graf <agraf@suse.de>
Device trees usually have a node /compatible, which indicate which machine
type we're looking at. For quick prototyping, it can be very useful to change
the contents of that node via the command line.
Thus, introduce a new option to -machine called dt_compatible, which when
set changes the /compatible contents to its value.
Signed-off-by: Alexander Graf <agraf@suse.de>
When generating serial port device tree nodes, we duplicate quite a bit
of code, because there are 2 of them in the mpc8544ds board we emulate.
Shove the generating code into a function, so we duplicate less code.
Signed-off-by: Alexander Graf <agraf@suse.de>
We want to be able to support >= 4GB of RAM. To do so, we need to be able
to tell the guest OS how much RAM it has.
However, that information today is capped to 32bit. So let's extend the
offset and size fields to 64bit, so we can fit in big addresses and even
one day - if we wish to do so - map devices above 32bit.
Signed-off-by: Alexander Graf <agraf@suse.de>
Every time we use an address constant, it needs to potentially fit into
a 64bit physical address space. So let's define things accordingly.
Signed-off-by: Alexander Graf <agraf@suse.de>
Due to popular demand, let's clean up the soc node a bit and use
more recent dt notions.
Requested-by: Scott Wood <scottwood@freescale.com>
Signed-off-by: Alexander Graf <agraf@suse.de>
Due to popular demand, we're updating the way we generate the MPIC
node and interrupt lines based on what the current state of art is.
Requested-by: Scott Wood <scottwood@freescale.com>
Signed-off-by: Alexander Graf <agraf@suse.de>
We want to be able to override the automatically created device tree
by using the -dtb option. Implement this for the mpc8544ds machine.
Signed-off-by: Alexander Graf <agraf@suse.de>
We're passing the ram size as uint32_t, capping it to 32 bits atm.
Change to target_phys_addr_t (uint64_t) to make sure we have all
the bits.
Signed-off-by: Alexander Graf <agraf@suse.de>
We have a nice 64bit helper to ease the device tree generation and
make the code more readable when creating 64bit 2-cell parameters.
Use it when generating the device tree.
Signed-off-by: Alexander Graf <agraf@suse.de>
Now that we are dynamically creating the dtb, it's really useful to
be able to dump the created blob for debugging.
This patch implements a -machine dumpdtb=<file> option for e500 that
dumps the dtb exactly in the form the guest would get it to disk. It
can then be analyzed by dtc to get information about the guest
configuration.
Signed-off-by: Alexander Graf <agraf@suse.de>
Now that all of the device tree bits are generated during runtime, we
can get rid of the device tree blob and instead start from scratch with
an empty device tree.
Signed-off-by: Alexander Graf <agraf@suse.de>
Now that we're moving all of the device tree generation from an external
pre-execution generated blob to runtime generation using libfdt, we absolutely
must have libfdt around.
This requirement was there before already, as the only way to not require libfdt
with e500 was to not use -kernel, which was the only way to boot the mpc8544ds
machine. This patch only manifests said requirement in the build system.
Signed-off-by: Alexander Graf <agraf@suse.de>
This adds a qemu-specific hypervisor call to the pseries machine
which allows to do what amounts to memmove, memcpy and xor over
regions of physical memory such as the framebuffer.
This is the simplest way to get usable framebuffer speed from
SLOF since the framebuffer isn't mapped in the VRMA and so would
otherwise require an hcall per 8 bytes access.
The performance is still not great but usable, and can be improved
with a more complex implementation of the hcall itself if needed.
This also adds some documentation for the qemu-specific hypercalls
that we add to PAPR along with a new qemu,hypertas-functions property
that mirrors ibm,hypertas-functions and provides some discoverability
for the new calls.
Note: I chose note to advertise H_RTAS to the guest via that mechanism.
This is done on purpose, the guest uses the normal RTAS interfaces
provided by qemu (including SLOF) which internally calls H_RTAS.
We might in the future implement part (or even all) of RTAS inside the
guest like IBM's firmware does and replace H_RTAS with some finer grained
set of private hypercalls.
Signed-off-by: Benjamin Herrenschmidt <benh@kernel.crashing.org>
Signed-off-by: Alexander Graf <agraf@suse.de>
We were incorrectly g_free'ing an object that isn't allocated
in one error path and failed to release it completely in another
This fixes qemu crashes with some cases of IO errors.
Signed-off-by: Benjamin Herrenschmidt <benh@kernel.crashing.org>
Signed-off-by: Alexander Graf <agraf@suse.de>
The core tcg/kvm code for ppc64 now has at least the outline
capability to support pagesizes beyond the standard 4k and 16MB. The
CPUState is initialized with information advertising the available
pagesizes and their correct encodings, and under the right KVM setup
this will be populated with page sizes beyond the standard.
Obviously guests can't use the extra page sizes unless they know
they're present. For the pseries machine, at least, there is a
defined method for conveying exactly this information, the
"ibm-segment-page-sizes" property in the guest device tree.
This patch generates this property using the supported page size
information that's already in the CPUState.
Signed-off-by: Nishanth Aravamudan <nacc@us.ibm.com>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Signed-off-by: Benjamin Herrenschmidt <benh@kernel.crashing.org>
Signed-off-by: Alexander Graf <agraf@suse.de>
The initial TLB entry is supposed to help us run the guest -kernel payload.
This means the guest needs to be able to access its own memory, the initrd
memory and the device tree.
So far we only statically reserved a TLB entry from [0;256M[. This patch
fixes it to span from [0;dt_end[, allowing the guest payload to access
everything initially.
Reported-by: Stuart Yoder <stuart.yoder@freescale.com>
Signed-off-by: Alexander Graf <agraf@suse.de>
Old size: 8 MB (traditional upstream qemu value).
New size: 16 MB (traditional qemu-kvm value).
Also adds compat properties so old machine types
keep the old default values.
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
In preperation for supporting a larger framebuffer for multiple monitors
on a single card, add a property to qxl vgamem_size_mb, and corresponding
byte sized vgamem_size, and use instead of VGA_RAM_SIZE.
[ kraxel: simplify property handling, add sanity checks ]
[ kraxel: fix mode copying ]
Signed-off-by: Alon Levy <alevy@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Zap the global VGA_RAM_SIZE #define, make the vga ram size configurable
for standard vga and vmware vga. cirrus and qxl are left with a fixed
size (and private VGA_RAM_SIZE #define) for now.
qxl needs some non-trivial adjustments in the mode list handling deal
with a runtime-configurable size, which calls for a separate qxl patch.
cirrus emulates cards which have 2 MB (isa) and 4 MB (pci), so I guess
it would make sense to use these sizes. That change would break
migration though, so I left it fixed at 8 MB size. Making it
configurabls is pretty pointless for cirrus as we have to match real
hardware.
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
The vgabios will check whenever any given video mode will fit into the
given video memory before adding it to the list of available modes, so
there is no need to keep xmax * ymax * 32bpp lower than VGA_RAM_SIZE.
Lets raise the limits a bit. Should be good for a few years, display
sizes are not growing that fast.
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
soft_reset is called from any of:
* QXL_IO_RESET
* vga io
* pci reset handler
Signed-off-by: Alon Levy <alevy@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Tested with linux guest. Not sure how to check actual performance affect
of this. Checked with the previously send traceevent that the kvm ioctl
to start/stop dirty logging is being called.
(KVM_SET_USER_MEMORY_REGION).
Signed-off-by: Alon Levy <alevy@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Convert uses of FLOPPY_ERROR to either FLOPPY_DPRINTF
(for implemented cases) or to use LOG_UNIMP (unimplemented).
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
A more complete history can be found here:
git://xenbits.xensource.com/qemu-xen-unstable.git
Signed-off-by: Jiang Yunhong <yunhong.jiang@intel.com>
Signed-off-by: Shan Haitao <haitao.shan@intel.com>
Signed-off-by: Anthony PERARD <anthony.perard@citrix.com>
Acked-by: Stefano Stabellini <stefano.stabellini@eu.citrix.com>
Anthony Liguori