diff options
| author | Peter Maydell <peter.maydell@linaro.org> | 2012-08-10 13:41:00 +0100 |
|---|---|---|
| committer | Peter Maydell <peter.maydell@linaro.org> | 2012-08-10 13:41:00 +0100 |
| commit | 5b9fce0f228582c4d2edf210b6f5a0d6c31940f6 (patch) | |
| tree | 5ebc6150e35e2b85c424b78bdef287eb56a5fed7 | |
| parent | 8e3b6dfd0eb30e45e2caa47128038900569895e7 (diff) | |
| parent | 3d1d9652978ac5a32a0beb4bdf6065ca39440d89 (diff) | |
Merge upstream master into qemu-linaro
50 files changed, 1412 insertions, 630 deletions
diff --git a/block/qcow2-cluster.c b/block/qcow2-cluster.c index d7e0e19d9..e179211c5 100644 --- a/block/qcow2-cluster.c +++ b/block/qcow2-cluster.c @@ -662,7 +662,10 @@ int qcow2_alloc_cluster_link_l2(BlockDriverState *bs, QCowL2Meta *m) qcow2_cache_depends_on_flush(s->l2_table_cache); } - qcow2_cache_set_dependency(bs, s->l2_table_cache, s->refcount_block_cache); + if (qcow2_need_accurate_refcounts(s)) { + qcow2_cache_set_dependency(bs, s->l2_table_cache, + s->refcount_block_cache); + } ret = get_cluster_table(bs, m->offset, &l2_table, &l2_index); if (ret < 0) { goto err; diff --git a/block/qcow2.c b/block/qcow2.c index 870148ddf..fd5e21443 100644 --- a/block/qcow2.c +++ b/block/qcow2.c @@ -214,6 +214,62 @@ static void report_unsupported_feature(BlockDriverState *bs, } } +/* + * Sets the dirty bit and flushes afterwards if necessary. + * + * The incompatible_features bit is only set if the image file header was + * updated successfully. Therefore it is not required to check the return + * value of this function. + */ +static int qcow2_mark_dirty(BlockDriverState *bs) +{ + BDRVQcowState *s = bs->opaque; + uint64_t val; + int ret; + + assert(s->qcow_version >= 3); + + if (s->incompatible_features & QCOW2_INCOMPAT_DIRTY) { + return 0; /* already dirty */ + } + + val = cpu_to_be64(s->incompatible_features | QCOW2_INCOMPAT_DIRTY); + ret = bdrv_pwrite(bs->file, offsetof(QCowHeader, incompatible_features), + &val, sizeof(val)); + if (ret < 0) { + return ret; + } + ret = bdrv_flush(bs->file); + if (ret < 0) { + return ret; + } + + /* Only treat image as dirty if the header was updated successfully */ + s->incompatible_features |= QCOW2_INCOMPAT_DIRTY; + return 0; +} + +/* + * Clears the dirty bit and flushes before if necessary. Only call this + * function when there are no pending requests, it does not guard against + * concurrent requests dirtying the image. + */ +static int qcow2_mark_clean(BlockDriverState *bs) +{ + BDRVQcowState *s = bs->opaque; + + if (s->incompatible_features & QCOW2_INCOMPAT_DIRTY) { + int ret = bdrv_flush(bs); + if (ret < 0) { + return ret; + } + + s->incompatible_features &= ~QCOW2_INCOMPAT_DIRTY; + return qcow2_update_header(bs); + } + return 0; +} + static int qcow2_open(BlockDriverState *bs, int flags) { BDRVQcowState *s = bs->opaque; @@ -287,12 +343,13 @@ static int qcow2_open(BlockDriverState *bs, int flags) s->compatible_features = header.compatible_features; s->autoclear_features = header.autoclear_features; - if (s->incompatible_features != 0) { + if (s->incompatible_features & ~QCOW2_INCOMPAT_MASK) { void *feature_table = NULL; qcow2_read_extensions(bs, header.header_length, ext_end, &feature_table); report_unsupported_feature(bs, feature_table, - s->incompatible_features); + s->incompatible_features & + ~QCOW2_INCOMPAT_MASK); ret = -ENOTSUP; goto fail; } @@ -412,6 +469,22 @@ static int qcow2_open(BlockDriverState *bs, int flags) /* Initialise locks */ qemu_co_mutex_init(&s->lock); + /* Repair image if dirty */ + if ((s->incompatible_features & QCOW2_INCOMPAT_DIRTY) && + !bs->read_only) { + BdrvCheckResult result = {0}; + + ret = qcow2_check_refcounts(bs, &result, BDRV_FIX_ERRORS); + if (ret < 0) { + goto fail; + } + + ret = qcow2_mark_clean(bs); + if (ret < 0) { + goto fail; + } + } + #ifdef DEBUG_ALLOC { BdrvCheckResult result = {0}; @@ -714,6 +787,11 @@ static coroutine_fn int qcow2_co_writev(BlockDriverState *bs, goto fail; } + if (l2meta.nb_clusters > 0 && + (s->compatible_features & QCOW2_COMPAT_LAZY_REFCOUNTS)) { + qcow2_mark_dirty(bs); + } + cluster_offset = l2meta.cluster_offset; assert((cluster_offset & 511) == 0); @@ -785,6 +863,8 @@ static void qcow2_close(BlockDriverState *bs) qcow2_cache_flush(bs, s->l2_table_cache); qcow2_cache_flush(bs, s->refcount_block_cache); + qcow2_mark_clean(bs); + qcow2_cache_destroy(bs, s->l2_table_cache); qcow2_cache_destroy(bs, s->refcount_block_cache); @@ -949,7 +1029,16 @@ int qcow2_update_header(BlockDriverState *bs) /* Feature table */ Qcow2Feature features[] = { - /* no feature defined yet */ + { + .type = QCOW2_FEAT_TYPE_INCOMPATIBLE, + .bit = QCOW2_INCOMPAT_DIRTY_BITNR, + .name = "dirty bit", + }, + { + .type = QCOW2_FEAT_TYPE_COMPATIBLE, + .bit = QCOW2_COMPAT_LAZY_REFCOUNTS_BITNR, + .name = "lazy refcounts", + }, }; ret = header_ext_add(buf, QCOW2_EXT_MAGIC_FEATURE_TABLE, @@ -1132,6 +1221,11 @@ static int qcow2_create2(const char *filename, int64_t total_size, header.crypt_method = cpu_to_be32(QCOW_CRYPT_NONE); } + if (flags & BLOCK_FLAG_LAZY_REFCOUNTS) { + header.compatible_features |= + cpu_to_be64(QCOW2_COMPAT_LAZY_REFCOUNTS); + } + ret = bdrv_pwrite(bs, 0, &header, sizeof(header)); if (ret < 0) { goto out; @@ -1245,6 +1339,8 @@ static int qcow2_create(const char *filename, QEMUOptionParameter *options) options->value.s); return -EINVAL; } + } else if (!strcmp(options->name, BLOCK_OPT_LAZY_REFCOUNTS)) { + flags |= options->value.n ? BLOCK_FLAG_LAZY_REFCOUNTS : 0; } options++; } @@ -1255,6 +1351,12 @@ static int qcow2_create(const char *filename, QEMUOptionParameter *options) return -EINVAL; } + if (version < 3 && (flags & BLOCK_FLAG_LAZY_REFCOUNTS)) { + fprintf(stderr, "Lazy refcounts only supported with compatibility " + "level 1.1 and above (use compat=1.1 or greater)\n"); + return -EINVAL; + } + return qcow2_create2(filename, sectors, backing_file, backing_fmt, flags, cluster_size, prealloc, options, version); } @@ -1441,10 +1543,12 @@ static coroutine_fn int qcow2_co_flush_to_os(BlockDriverState *bs) return ret; } - ret = qcow2_cache_flush(bs, s->refcount_block_cache); - if (ret < 0) { - qemu_co_mutex_unlock(&s->lock); - return ret; + if (qcow2_need_accurate_refcounts(s)) { + ret = qcow2_cache_flush(bs, s->refcount_block_cache); + if (ret < 0) { + qemu_co_mutex_unlock(&s->lock); + return ret; + } } qemu_co_mutex_unlock(&s->lock); @@ -1559,6 +1663,11 @@ static QEMUOptionParameter qcow2_create_options[] = { .type = OPT_STRING, .help = "Preallocation mode (allowed values: off, metadata)" }, + { + .name = BLOCK_OPT_LAZY_REFCOUNTS, + .type = OPT_FLAG, + .help = "Postpone refcount updates", + }, { NULL } }; diff --git a/block/qcow2.h b/block/qcow2.h index 455b6d7cf..b4eb65470 100644 --- a/block/qcow2.h +++ b/block/qcow2.h @@ -110,6 +110,22 @@ enum { QCOW2_FEAT_TYPE_AUTOCLEAR = 2, }; +/* Incompatible feature bits */ +enum { + QCOW2_INCOMPAT_DIRTY_BITNR = 0, + QCOW2_INCOMPAT_DIRTY = 1 << QCOW2_INCOMPAT_DIRTY_BITNR, + + QCOW2_INCOMPAT_MASK = QCOW2_INCOMPAT_DIRTY, +}; + +/* Compatible feature bits */ +enum { + QCOW2_COMPAT_LAZY_REFCOUNTS_BITNR = 0, + QCOW2_COMPAT_LAZY_REFCOUNTS = 1 << QCOW2_COMPAT_LAZY_REFCOUNTS_BITNR, + + QCOW2_COMPAT_FEAT_MASK = QCOW2_COMPAT_LAZY_REFCOUNTS, +}; + typedef struct Qcow2Feature { uint8_t type; uint8_t bit; @@ -237,6 +253,11 @@ static inline int qcow2_get_cluster_type(uint64_t l2_entry) } } +/* Check whether refcounts are eager or lazy */ +static inline bool qcow2_need_accurate_refcounts(BDRVQcowState *s) +{ + return !(s->incompatible_features & QCOW2_INCOMPAT_DIRTY); +} // FIXME Need qcow2_ prefix to global functions diff --git a/block_int.h b/block_int.h index d72317fbe..6c1d9cafb 100644 --- a/block_int.h +++ b/block_int.h @@ -31,8 +31,9 @@ #include "qemu-timer.h" #include "qapi-types.h" -#define BLOCK_FLAG_ENCRYPT 1 -#define BLOCK_FLAG_COMPAT6 4 +#define BLOCK_FLAG_ENCRYPT 1 +#define BLOCK_FLAG_COMPAT6 4 +#define BLOCK_FLAG_LAZY_REFCOUNTS 8 #define BLOCK_IO_LIMIT_READ 0 #define BLOCK_IO_LIMIT_WRITE 1 @@ -41,16 +42,17 @@ #define BLOCK_IO_SLICE_TIME 100000000 #define NANOSECONDS_PER_SECOND 1000000000.0 -#define BLOCK_OPT_SIZE "size" -#define BLOCK_OPT_ENCRYPT "encryption" -#define BLOCK_OPT_COMPAT6 "compat6" -#define BLOCK_OPT_BACKING_FILE "backing_file" -#define BLOCK_OPT_BACKING_FMT "backing_fmt" -#define BLOCK_OPT_CLUSTER_SIZE "cluster_size" -#define BLOCK_OPT_TABLE_SIZE "table_size" -#define BLOCK_OPT_PREALLOC "preallocation" -#define BLOCK_OPT_SUBFMT "subformat" -#define BLOCK_OPT_COMPAT_LEVEL "compat" +#define BLOCK_OPT_SIZE "size" +#define BLOCK_OPT_ENCRYPT "encryption" +#define BLOCK_OPT_COMPAT6 "compat6" +#define BLOCK_OPT_BACKING_FILE "backing_file" +#define BLOCK_OPT_BACKING_FMT "backing_fmt" +#define BLOCK_OPT_CLUSTER_SIZE "cluster_size" +#define BLOCK_OPT_TABLE_SIZE "table_size" +#define BLOCK_OPT_PREALLOC "preallocation" +#define BLOCK_OPT_SUBFMT "subformat" +#define BLOCK_OPT_COMPAT_LEVEL "compat" +#define BLOCK_OPT_LAZY_REFCOUNTS "lazy_refcounts" typedef struct BdrvTrackedRequest BdrvTrackedRequest; diff --git a/cpu-exec.c b/cpu-exec.c index 543460c34..4fee0618b 100644 --- a/cpu-exec.c +++ b/cpu-exec.c @@ -156,12 +156,9 @@ static inline TranslationBlock *tb_find_fast(CPUArchState *env) static CPUDebugExcpHandler *debug_excp_handler; -CPUDebugExcpHandler *cpu_set_debug_excp_handler(CPUDebugExcpHandler *handler) +void cpu_set_debug_excp_handler(CPUDebugExcpHandler *handler) { - CPUDebugExcpHandler *old_handler = debug_excp_handler; - debug_excp_handler = handler; - return old_handler; } static void cpu_handle_debug_exception(CPUArchState *env) diff --git a/default-configs/pci.mak b/default-configs/pci.mak index 9febb47ae..69e18f142 100644 --- a/default-configs/pci.mak +++ b/default-configs/pci.mak @@ -18,3 +18,4 @@ CONFIG_IDE_QDEV=y CONFIG_IDE_PCI=y CONFIG_AHCI=y CONFIG_ESP=y +CONFIG_ESP_PCI=y diff --git a/docs/specs/qcow2.txt b/docs/specs/qcow2.txt index 87bf785fe..36a559d88 100644 --- a/docs/specs/qcow2.txt +++ b/docs/specs/qcow2.txt @@ -75,13 +75,23 @@ in the description of a field. Bitmask of incompatible features. An implementation must fail to open an image if an unknown bit is set. - Bits 0-63: Reserved (set to 0) + Bit 0: Dirty bit. If this bit is set then refcounts + may be inconsistent, make sure to scan L1/L2 + tables to repair refcounts before accessing the + image. + + Bits 1-63: Reserved (set to 0) 80 - 87: compatible_features Bitmask of compatible features. An implementation can safely ignore any unknown bits that are set. - Bits 0-63: Reserved (set to 0) + Bit 0: Lazy refcounts bit. If this bit is set then + lazy refcount updates can be used. This means + marking the image file dirty and postponing + refcount metadata updates. + + Bits 1-63: Reserved (set to 0) 88 - 95: autoclear_features Bitmask of auto-clear features. An implementation may only diff --git a/exec-all.h b/exec-all.h index 9bda7f735..c5ec8e115 100644 --- a/exec-all.h +++ b/exec-all.h @@ -357,7 +357,7 @@ tb_page_addr_t get_page_addr_code(CPUArchState *env1, target_ulong addr); typedef void (CPUDebugExcpHandler)(CPUArchState *env); -CPUDebugExcpHandler *cpu_set_debug_excp_handler(CPUDebugExcpHandler *handler); +void cpu_set_debug_excp_handler(CPUDebugExcpHandler *handler); /* vl.c */ extern int singlestep; diff --git a/hmp-commands.hx b/hmp-commands.hx index eea8b3289..9bbc7f755 100644 --- a/hmp-commands.hx +++ b/hmp-commands.hx @@ -101,7 +101,7 @@ ETEXI .name = "block_job_cancel", .args_type = "device:B", .params = "device", - .help = "stop an active block streaming operation", + .help = "stop an active background block operation", .mhandler.cmd = hmp_block_job_cancel, }, diff --git a/hw/Makefile.objs b/hw/Makefile.objs index 574793b2e..5c6ef2fb9 100644 --- a/hw/Makefile.objs +++ b/hw/Makefile.objs @@ -88,6 +88,7 @@ hw-obj-$(CONFIG_OPENCORES_ETH) += opencores_eth.o hw-obj-$(CONFIG_LSI_SCSI_PCI) += lsi53c895a.o hw-obj-$(CONFIG_MEGASAS_SCSI_PCI) += megasas.o hw-obj-$(CONFIG_ESP) += esp.o +hw-obj-$(CONFIG_ESP_PCI) += esp-pci.o hw-obj-y += sysbus.o isa-bus.o hw-obj-y += qdev-addr.o diff --git a/hw/esp-pci.c b/hw/esp-pci.c new file mode 100644 index 000000000..170e007be --- /dev/null +++ b/hw/esp-pci.c @@ -0,0 +1,518 @@ +/* + * QEMU ESP/NCR53C9x emulation + * + * Copyright (c) 2005-2006 Fabrice Bellard + * Copyright (c) 2012 Herve Poussineau + * + * Permission is hereby granted, free of charge, to any person obtaining a copy + * of this software and associated documentation files (the "Software"), to deal + * in the Software without restriction, including without limitation the rights + * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell + * copies of the Software, and to permit persons to whom the Software is + * furnished to do so, subject to the following conditions: + * + * The above copyright notice and this permission notice shall be included in + * all copies or substantial portions of the Software. + * + * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR + * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, + * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL + * THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER + * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, + * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN + * THE SOFTWARE. + */ + +#include "pci.h" +#include "eeprom93xx.h" +#include "esp.h" +#include "trace.h" +#include "qemu-log.h" + +#define TYPE_AM53C974_DEVICE "am53c974" + +#define DMA_CMD 0x0 +#define DMA_STC 0x1 +#define DMA_SPA 0x2 +#define DMA_WBC 0x3 +#define DMA_WAC 0x4 +#define DMA_STAT 0x5 +#define DMA_SMDLA 0x6 +#define DMA_WMAC 0x7 + +#define DMA_CMD_MASK 0x03 +#define DMA_CMD_DIAG 0x04 +#define DMA_CMD_MDL 0x10 +#define DMA_CMD_INTE_P 0x20 +#define DMA_CMD_INTE_D 0x40 +#define DMA_CMD_DIR 0x80 + +#define DMA_STAT_PWDN 0x01 +#define DMA_STAT_ERROR 0x02 +#define DMA_STAT_ABORT 0x04 +#define DMA_STAT_DONE 0x08 +#define DMA_STAT_SCSIINT 0x10 +#define DMA_STAT_BCMBLT 0x20 + +#define SBAC_STATUS 0x1000 + +typedef struct PCIESPState { + PCIDevice dev; + MemoryRegion io; + uint32_t dma_regs[8]; + uint32_t sbac; + ESPState esp; +} PCIESPState; + +static void esp_pci_handle_idle(PCIESPState *pci, uint32_t val) +{ + trace_esp_pci_dma_idle(val); + esp_dma_enable(&pci->esp, 0, 0); +} + +static void esp_pci_handle_blast(PCIESPState *pci, uint32_t val) +{ + trace_esp_pci_dma_blast(val); + qemu_log_mask(LOG_UNIMP, "am53c974: cmd BLAST not implemented\n"); +} + +static void esp_pci_handle_abort(PCIESPState *pci, uint32_t val) +{ + trace_esp_pci_dma_abort(val); + if (pci->esp.current_req) { + scsi_req_cancel(pci->esp.current_req); + } +} + +static void esp_pci_handle_start(PCIESPState *pci, uint32_t val) +{ + trace_esp_pci_dma_start(val); + + pci->dma_regs[DMA_WBC] = pci->dma_regs[DMA_STC]; + pci->dma_regs[DMA_WAC] = pci->dma_regs[DMA_SPA]; + pci->dma_regs[DMA_WMAC] = pci->dma_regs[DMA_SMDLA]; + + pci->dma_regs[DMA_STAT] &= ~(DMA_STAT_BCMBLT | DMA_STAT_SCSIINT + | DMA_STAT_DONE | DMA_STAT_ABORT + | DMA_STAT_ERROR | DMA_STAT_PWDN); + + esp_dma_enable(&pci->esp, 0, 1); +} + +static void esp_pci_dma_write(PCIESPState *pci, uint32_t saddr, uint32_t val) +{ + trace_esp_pci_dma_write(saddr, pci->dma_regs[saddr], val); + switch (saddr) { + case DMA_CMD: + pci->dma_regs[saddr] = val; + switch (val & DMA_CMD_MASK) { + case 0x0: /* IDLE */ + esp_pci_handle_idle(pci, val); + break; + case 0x1: /* BLAST */ + esp_pci_handle_blast(pci, val); + break; + case 0x2: /* ABORT */ + esp_pci_handle_abort(pci, val); + break; + case 0x3: /* START */ + esp_pci_handle_start(pci, val); + break; + default: /* can't happen */ + abort(); + } + break; + case DMA_STC: + case DMA_SPA: + case DMA_SMDLA: + pci->dma_regs[saddr] = val; + break; + case DMA_STAT: + if (!(pci->sbac & SBAC_STATUS)) { + /* clear some bits on write */ + uint32_t mask = DMA_STAT_ERROR | DMA_STAT_ABORT | DMA_STAT_DONE; + pci->dma_regs[DMA_STAT] &= ~(val & mask); + } + break; + default: + trace_esp_pci_error_invalid_write_dma(val, saddr); + return; + } +} + +static uint32_t esp_pci_dma_read(PCIESPState *pci, uint32_t saddr) +{ + uint32_t val; + + val = pci->dma_regs[saddr]; + if (saddr == DMA_STAT) { + if (pci->esp.rregs[ESP_RSTAT] & STAT_INT) { + val |= DMA_STAT_SCSIINT; + } + if (pci->sbac & SBAC_STATUS) { + pci->dma_regs[DMA_STAT] &= ~(DMA_STAT_ERROR | DMA_STAT_ABORT | + DMA_STAT_DONE); + } + } + + trace_esp_pci_dma_read(saddr, val); + return val; +} + +static void esp_pci_io_write(void *opaque, target_phys_addr_t addr, + uint64_t val, unsigned int size) +{ + PCIESPState *pci = opaque; + + if (size < 4 || addr & 3) { + /* need to upgrade request: we only support 4-bytes accesses */ + uint32_t current = 0, mask; + int shift; + + if (addr < 0x40) { + current = pci->esp.wregs[addr >> 2]; + } else if (addr < 0x60) { + current = pci->dma_regs[(addr - 0x40) >> 2]; + } else if (addr < 0x74) { + current = pci->sbac; + } + + shift = (4 - size) * 8; + mask = (~(uint32_t)0 << shift) >> shift; + + shift = ((4 - (addr & 3)) & 3) * 8; + val <<= shift; + val |= current & ~(mask << shift); + addr &= ~3; + size = 4; + } + + if (addr < 0x40) { + /* SCSI core reg */ + esp_reg_write(&pci->esp, addr >> 2, val); + } else if (addr < 0x60) { + /* PCI DMA CCB */ + esp_pci_dma_write(pci, (addr - 0x40) >> 2, val); + } else if (addr == 0x70) { + /* DMA SCSI Bus and control */ + trace_esp_pci_sbac_write(pci->sbac, val); + pci->sbac = val; + } else { + trace_esp_pci_error_invalid_write((int)addr); + } +} + +static uint64_t esp_pci_io_read(void *opaque, target_phys_addr_t addr, + unsigned int size) +{ + PCIESPState *pci = opaque; + uint32_t ret; + + if (addr < 0x40) { + /* SCSI core reg */ + ret = esp_reg_read(&pci->esp, addr >> 2); + } else if (addr < 0x60) { + /* PCI DMA CCB */ + ret = esp_pci_dma_read(pci, (addr - 0x40) >> 2); + } else if (addr == 0x70) { + /* DMA SCSI Bus and control */ + trace_esp_pci_sbac_read(pci->sbac); + ret = pci->sbac; + } else { + /* Invalid region */ + trace_esp_pci_error_invalid_read((int)addr); + ret = 0; + } + + /* give only requested data */ + ret >>= (addr & 3) * 8; + ret &= ~(~(uint64_t)0 << (8 * size)); + + return ret; +} + +static void esp_pci_dma_memory_rw(PCIESPState *pci, uint8_t *buf, int len, + DMADirection dir) +{ + dma_addr_t addr; + DMADirection expected_dir; + + if (pci->dma_regs[DMA_CMD] & DMA_CMD_DIR) { + expected_dir = DMA_DIRECTION_FROM_DEVICE; + } else { + expected_dir = DMA_DIRECTION_TO_DEVICE; + } + + if (dir != expected_dir) { + trace_esp_pci_error_invalid_dma_direction(); + return; + } + + if (pci->dma_regs[DMA_STAT] & DMA_CMD_MDL) { + qemu_log_mask(LOG_UNIMP, "am53c974: MDL transfer not implemented\n"); + } + + addr = pci->dma_regs[DMA_SPA]; + if (pci->dma_regs[DMA_WBC] < len) { + len = pci->dma_regs[DMA_WBC]; + } + + pci_dma_rw(&pci->dev, addr, buf, len, dir); + + /* update status registers */ + pci->dma_regs[DMA_WBC] -= len; + pci->dma_regs[DMA_WAC] += len; +} + +static void esp_pci_dma_memory_read(void *opaque, uint8_t *buf, int len) +{ + PCIESPState *pci = opaque; + esp_pci_dma_memory_rw(pci, buf, len, DMA_DIRECTION_TO_DEVICE); +} + +static void esp_pci_dma_memory_write(void *opaque, uint8_t *buf, int len) +{ + PCIESPState *pci = opaque; + esp_pci_dma_memory_rw(pci, buf, len, DMA_DIRECTION_FROM_DEVICE); +} + +static const MemoryRegionOps esp_pci_io_ops = { + .read = esp_pci_io_read, + .write = esp_pci_io_write, + .endianness = DEVICE_LITTLE_ENDIAN, + .impl = { + .min_access_size = 1, + .max_access_size = 4, + }, +}; + +static void esp_pci_hard_reset(DeviceState *dev) +{ + PCIESPState *pci = DO_UPCAST(PCIESPState, dev.qdev, dev); + esp_hard_reset(&pci->esp); + pci->dma_regs[DMA_CMD] &= ~(DMA_CMD_DIR | DMA_CMD_INTE_D | DMA_CMD_INTE_P + | DMA_CMD_MDL | DMA_CMD_DIAG | DMA_CMD_MASK); + pci->dma_regs[DMA_WBC] &= ~0xffff; + pci->dma_regs[DMA_WAC] = 0xffffffff; + pci->dma_regs[DMA_STAT] &= ~(DMA_STAT_BCMBLT | DMA_STAT_SCSIINT + | DMA_STAT_DONE | DMA_STAT_ABORT + | DMA_STAT_ERROR); + pci->dma_regs[DMA_WMAC] = 0xfffffffd; +} + +static const VMStateDescription vmstate_esp_pci_scsi = { + .name = "pciespscsi", + .version_id = 0, + .minimum_version_id = 0, + .minimum_version_id_old = 0, + .fields = (VMStateField[]) { + VMSTATE_PCI_DEVICE(dev, PCIESPState), + VMSTATE_BUFFER_UNSAFE(dma_regs, PCIESPState, 0, 8 * sizeof(uint32_t)), + VMSTATE_STRUCT(esp, PCIESPState, 0, vmstate_esp, ESPState), + VMSTATE_END_OF_LIST() + } +}; + +static void esp_pci_command_complete(SCSIRequest *req, uint32_t status, + size_t resid) +{ + ESPState *s = req->hba_private; + PCIESPState *pci = container_of(s, PCIESPState, esp); + + esp_command_complete(req, status, resid); + pci->dma_regs[DMA_WBC] = 0; + pci->dma_regs[DMA_STAT] |= DMA_STAT_DONE; +} + +static const struct SCSIBusInfo esp_pci_scsi_info = { + .tcq = false, + .max_target = ESP_MAX_DEVS, + .max_lun = 7, + + .transfer_data = esp_transfer_data, + .complete = esp_pci_command_complete, + .cancel = esp_request_cancelled, +}; + +static int esp_pci_scsi_init(PCIDevice *dev) +{ + PCIESPState *pci = DO_UPCAST(PCIESPState, dev, dev); + ESPState *s = &pci->esp; + uint8_t *pci_conf; + + pci_conf = pci->dev.config; + + /* Interrupt pin A */ + pci_conf[PCI_INTERRUPT_PIN] = 0x01; + + s->dma_memory_read = esp_pci_dma_memory_read; + s->dma_memory_write = esp_pci_dma_memory_write; + s->dma_opaque = pci; + s->chip_id = TCHI_AM53C974; + memory_region_init_io(&pci->io, &esp_pci_io_ops, pci, "esp-io", 0x80); + + pci_register_bar(&pci->dev, 0, PCI_BASE_ADDRESS_SPACE_IO, &pci->io); + s->irq = pci->dev.irq[0]; + + scsi_bus_new(&s->bus, &dev->qdev, &esp_pci_scsi_info); + if (!dev->qdev.hotplugged) { + return scsi_bus_legacy_handle_cmdline(&s->bus); + } + return 0; +} + +static void esp_pci_scsi_uninit(PCIDevice *d) +{ + PCIESPState *pci = DO_UPCAST(PCIESPState, dev, d); + + memory_region_destroy(&pci->io); +} + +static void esp_pci_class_init(ObjectClass *klass, void *data) +{ + DeviceClass *dc = DEVICE_CLASS(klass); + PCIDeviceClass *k = PCI_DEVICE_CLASS(klass); + + k->init = esp_pci_scsi_init; + k->exit = esp_pci_scsi_uninit; + k->vendor_id = PCI_VENDOR_ID_AMD; + k->device_id = PCI_DEVICE_ID_AMD_SCSI; + k->revision = 0x10; + k->class_id = PCI_CLASS_STORAGE_SCSI; + dc->desc = "AMD Am53c974 PCscsi-PCI SCSI adapter"; + dc->reset = esp_pci_hard_reset; + dc->vmsd = &vmstate_esp_pci_scsi; +} + +static const TypeInfo esp_pci_info = { + .name = TYPE_AM53C974_DEVICE, + .parent = TYPE_PCI_DEVICE, + .instance_size = sizeof(PCIESPState), + .class_init = esp_pci_class_init, +}; + +typedef struct { + PCIESPState pci; + eeprom_t *eeprom; +} DC390State; + +#define TYPE_DC390_DEVICE "dc390" +#define DC390(obj) \ + OBJECT_CHECK(DC390State, obj, TYPE_DC390_DEVICE) + +#define EE_ADAPT_SCSI_ID 64 +#define EE_MODE2 65 +#define EE_DELAY 66 +#define EE_TAG_CMD_NUM 67 +#define EE_ADAPT_OPTIONS 68 +#define EE_BOOT_SCSI_ID 69 +#define EE_BOOT_SCSI_LUN 70 +#define EE_CHKSUM1 126 +#define EE_CHKSUM2 127 + +#define EE_ADAPT_OPTION_F6_F8_AT_BOOT 0x01 +#define EE_ADAPT_OPTION_BOOT_FROM_CDROM 0x02 +#define EE_ADAPT_OPTION_INT13 0x04 +#define EE_ADAPT_OPTION_SCAM_SUPPORT 0x08 + + +static uint32_t dc390_read_config(PCIDevice *dev, uint32_t addr, int l) +{ + DC390State *pci = DC390(dev); + uint32_t val; + + val = pci_default_read_config(dev, addr, l); + + if (addr == 0x00 && l == 1) { + /* First byte of address space is AND-ed with EEPROM DO line */ + if (!eeprom93xx_read(pci->eeprom)) { + val &= ~0xff; + } + } + + return val; +} + +static void dc390_write_config(PCIDevice *dev, + uint32_t addr, uint32_t val, int l) +{ + DC390State *pci = DC390(dev); + if (addr == 0x80) { + /* EEPROM write */ + int eesk = val & 0x80 ? 1 : 0; + int eedi = val & 0x40 ? 1 : 0; + eeprom93xx_write(pci->eeprom, 1, eesk, eedi); + } else if (addr == 0xc0) { + /* EEPROM CS low */ + eeprom93xx_write(pci->eeprom, 0, 0, 0); + } else { + pci_default_write_config(dev, addr, val, l); + } +} + +static int dc390_scsi_init(PCIDevice *dev) +{ + DC390State *pci = DC390(dev); + uint8_t *contents; + uint16_t chksum = 0; + int i, ret; + + /* init base class */ + ret = esp_pci_scsi_init(dev); + if (ret < 0) { + return ret; + } + + /* EEPROM */ + pci->eeprom = eeprom93xx_new(DEVICE(dev), 64); + + /* set default eeprom values */ + contents = (uint8_t *)eeprom93xx_data(pci->eeprom); + + for (i = 0; i < 16; i++) { + contents[i * 2] = 0x57; + contents[i * 2 + 1] = 0x00; + } + contents[EE_ADAPT_SCSI_ID] = 7; + contents[EE_MODE2] = 0x0f; + contents[EE_TAG_CMD_NUM] = 0x04; + contents[EE_ADAPT_OPTIONS] = EE_ADAPT_OPTION_F6_F8_AT_BOOT + | EE_ADAPT_OPTION_BOOT_FROM_CDROM + | EE_ADAPT_OPTION_INT13; + + /* update eeprom checksum */ + for (i = 0; i < EE_CHKSUM1; i += 2) { + chksum += contents[i] + (((uint16_t)contents[i + 1]) << 8); + } + chksum = 0x1234 - chksum; + contents[EE_CHKSUM1] = chksum & 0xff; + contents[EE_CHKSUM2] = chksum >> 8; + + return 0; +} + +static void dc390_class_init(ObjectClass *klass, void *data) +{ + DeviceClass *dc = DEVICE_CLASS(klass); + PCIDeviceClass *k = PCI_DEVICE_CLASS(klass); + + k->init = dc390_scsi_init; + k->config_read = dc390_read_config; + k->config_write = dc390_write_config; + dc->desc = "Tekram DC-390 SCSI adapter"; +} + +static const TypeInfo dc390_info = { + .name = "dc390", + .parent = TYPE_AM53C974_DEVICE, + .instance_size = sizeof(DC390State), + .class_init = dc390_class_init, +}; + +static void esp_pci_register_types(void) +{ + type_register_static(&esp_pci_info); + type_register_static(&dc390_info); +} + +type_init(esp_pci_register_types) @@ -24,8 +24,6 @@ */ #include "sysbus.h" -#include "pci.h" -#include "scsi.h" #include "esp.h" #include "trace.h" #include "qemu-log.h" @@ -38,114 +36,6 @@ * http://www.ibiblio.org/pub/historic-linux/early-ports/Sparc/NCR/NCR53C9X.txt */ -#define ESP_REGS 16 -#define TI_BUFSZ 16 - -typedef struct ESPState ESPState; - -struct ESPState { - uint8_t rregs[ESP_REGS]; - uint8_t wregs[ESP_REGS]; - qemu_irq irq; - uint8_t chip_id; - int32_t ti_size; - uint32_t ti_rptr, ti_wptr; - uint32_t status; - uint32_t dma; - uint8_t ti_buf[TI_BUFSZ]; - SCSIBus bus; - SCSIDevice *current_dev; - SCSIRequest *current_req; - uint8_t cmdbuf[TI_BUFSZ]; - uint32_t cmdlen; - uint32_t do_cmd; - - /* The amount of data left in the current DMA transfer. */ - uint32_t dma_left; - /* The size of the current DMA transfer. Zero if no transfer is in - progress. */ - uint32_t dma_counter; - int dma_enabled; - - uint32_t async_len; - uint8_t *async_buf; - - ESPDMAMemoryReadWriteFunc dma_memory_read; - ESPDMAMemoryReadWriteFunc dma_memory_write; - void *dma_opaque; - void (*dma_cb)(ESPState *s); -}; - -#define ESP_TCLO 0x0 -#define ESP_TCMID 0x1 -#define ESP_FIFO 0x2 -#define ESP_CMD 0x3 -#define ESP_RSTAT 0x4 -#define ESP_WBUSID 0x4 -#define ESP_RINTR 0x5 -#define ESP_WSEL 0x5 -#define ESP_RSEQ 0x6 -#define ESP_WSYNTP 0x6 -#define ESP_RFLAGS 0x7 -#define ESP_WSYNO 0x7 -#define ESP_CFG1 0x8 -#define ESP_RRES1 0x9 -#define ESP_WCCF 0x9 -#define ESP_RRES2 0xa -#define ESP_WTEST 0xa -#define ESP_CFG2 0xb -#define ESP_CFG3 0xc -#define ESP_RES3 0xd -#define ESP_TCHI 0xe -#define ESP_RES4 0xf - -#define CMD_DMA 0x80 -#define CMD_CMD 0x7f - -#define CMD_NOP 0x00 -#define CMD_FLUSH 0x01 -#define CMD_RESET 0x02 -#define CMD_BUSRESET 0x03 -#define CMD_TI 0x10 -#define CMD_ICCS 0x11 -#define CMD_MSGACC 0x12 -#define CMD_PAD 0x18 -#define CMD_SATN 0x1a -#define CMD_RSTATN 0x1b -#define CMD_SEL 0x41 -#define CMD_SELATN 0x42 -#define CMD_SELATNS 0x43 -#define CMD_ENSEL 0x44 -#define CMD_DISSEL 0x45 - -#define STAT_DO 0x00 -#define STAT_DI 0x01 -#define STAT_CD 0x02 -#define STAT_ST 0x03 -#define STAT_MO 0x06 -#define STAT_MI 0x07 -#define STAT_PIO_MASK 0x06 - -#define STAT_TC 0x10 -#define STAT_PE 0x20 -#define STAT_GE 0x40 -#define STAT_INT 0x80 - -#define BUSID_DID 0x07 - -#define INTR_FC 0x08 -#define INTR_BS 0x10 -#define INTR_DC 0x20 -#define INTR_RST 0x80 - -#define SEQ_0 0x0 -#define SEQ_CD 0x4 - -#define CFG1_RESREPT 0x40 - -#define TCHI_FAS100A 0x4 -#define TCHI_AM53C974 0x12 - static void esp_raise_irq(ESPState *s) { if (!(s->rregs[ESP_RSTAT] & STAT_INT)) { @@ -164,7 +54,7 @@ static void esp_lower_irq(ESPState *s) } } -static void esp_dma_enable(ESPState *s, int irq, int level) +void esp_dma_enable(ESPState *s, int irq, int level) { if (level) { s->dma_enabled = 1; @@ -179,7 +69,7 @@ static void esp_dma_enable(ESPState *s, int irq, int level) } } -static void esp_request_cancelled(SCSIRequest *req) +void esp_request_cancelled(SCSIRequest *req) { ESPState *s = req->hba_private; @@ -388,7 +278,7 @@ static void esp_do_dma(ESPState *s) esp_dma_done(s); } -static void esp_command_complete(SCSIRequest *req, uint32_t status, +void esp_command_complete(SCSIRequest *req, uint32_t status, size_t resid) { ESPState *s = req->hba_private; @@ -413,7 +303,7 @@ static void esp_command_complete(SCSIRequest *req, uint32_t status, } } -static void esp_transfer_data(SCSIRequest *req, uint32_t len) +void esp_transfer_data(SCSIRequest *req, uint32_t len) { ESPState *s = req->hba_private; @@ -465,7 +355,7 @@ static void handle_ti(ESPState *s) } } -static void esp_hard_reset(ESPState *s) +void esp_hard_reset(ESPState *s) { memset(s->rregs, 0, ESP_REGS); memset(s->wregs, 0, ESP_REGS); @@ -493,7 +383,7 @@ static void parent_esp_reset(ESPState *s, int irq, int level) } } -static uint64_t esp_reg_read(ESPState *s, uint32_t saddr) +uint64_t esp_reg_read(ESPState *s, uint32_t saddr) { uint32_t old_val; @@ -533,7 +423,7 @@ static uint64_t esp_reg_read(ESPState *s, uint32_t saddr) return s->rregs[saddr]; } -static void esp_reg_write(ESPState *s, uint32_t saddr, uint64_t val) +void esp_reg_write(ESPState *s, uint32_t saddr, uint64_t val) { trace_esp_mem_writeb(saddr, s->wregs[saddr], val); switch (saddr) { @@ -660,7 +550,7 @@ static bool esp_mem_accepts(void *opaque, target_phys_addr_t addr, return (size == 1) || (is_write && size == 4); } -static const VMStateDescription vmstate_esp = { +const VMStateDescription vmstate_esp = { .name ="esp", .version_id = 3, .minimum_version_id = 3, @@ -823,370 +713,9 @@ static const TypeInfo sysbus_esp_info = { .class_init = sysbus_esp_class_init, }; -#define DMA_CMD 0x0 -#define DMA_STC 0x1 -#define DMA_SPA 0x2 -#define DMA_WBC 0x3 -#define DMA_WAC 0x4 -#define DMA_STAT 0x5 -#define DMA_SMDLA 0x6 -#define DMA_WMAC 0x7 - -#define DMA_CMD_MASK 0x03 -#define DMA_CMD_DIAG 0x04 -#define DMA_CMD_MDL 0x10 -#define DMA_CMD_INTE_P 0x20 -#define DMA_CMD_INTE_D 0x40 -#define DMA_CMD_DIR 0x80 - -#define DMA_STAT_PWDN 0x01 -#define DMA_STAT_ERROR 0x02 -#define DMA_STAT_ABORT 0x04 -#define DMA_STAT_DONE 0x08 -#define DMA_STAT_SCSIINT 0x10 -#define DMA_STAT_BCMBLT 0x20 - -#define SBAC_STATUS 0x1000 - -typedef struct PCIESPState { - PCIDevice dev; - MemoryRegion io; - uint32_t dma_regs[8]; - uint32_t sbac; - ESPState esp; -} PCIESPState; - -static void esp_pci_handle_idle(PCIESPState *pci, uint32_t val) -{ - trace_esp_pci_dma_idle(val); - esp_dma_enable(&pci->esp, 0, 0); -} - -static void esp_pci_handle_blast(PCIESPState *pci, uint32_t val) -{ - trace_esp_pci_dma_blast(val); - qemu_log_mask(LOG_UNIMP, "am53c974: cmd BLAST not implemented\n"); -} - -static void esp_pci_handle_abort(PCIESPState *pci, uint32_t val) -{ - trace_esp_pci_dma_abort(val); - if (pci->esp.current_req) { - scsi_req_cancel(pci->esp.current_req); - } -} - -static void esp_pci_handle_start(PCIESPState *pci, uint32_t val) -{ - trace_esp_pci_dma_start(val); - - pci->dma_regs[DMA_WBC] = pci->dma_regs[DMA_STC]; - pci->dma_regs[DMA_WAC] = pci->dma_regs[DMA_SPA]; - pci->dma_regs[DMA_WMAC] = pci->dma_regs[DMA_SMDLA]; - - pci->dma_regs[DMA_STAT] &= ~(DMA_STAT_BCMBLT | DMA_STAT_SCSIINT - | DMA_STAT_DONE | DMA_STAT_ABORT - | DMA_STAT_ERROR | DMA_STAT_PWDN); - - esp_dma_enable(&pci->esp, 0, 1); -} - -static void esp_pci_dma_write(PCIESPState *pci, uint32_t saddr, uint32_t val) -{ - trace_esp_pci_dma_write(saddr, pci->dma_regs[saddr], val); - switch (saddr) { - case DMA_CMD: - pci->dma_regs[saddr] = val; - switch (val & DMA_CMD_MASK) { - case 0x0: /* IDLE */ - esp_pci_handle_idle(pci, val); - break; - case 0x1: /* BLAST */ - esp_pci_handle_blast(pci, val); - break; - case 0x2: /* ABORT */ - esp_pci_handle_abort(pci, val); - break; - case 0x3: /* START */ - esp_pci_handle_start(pci, val); - break; - default: /* can't happen */ - abort(); - } - break; - case DMA_STC: - case DMA_SPA: - case DMA_SMDLA: - pci->dma_regs[saddr] = val; - break; - case DMA_STAT: - if (!(pci->sbac & SBAC_STATUS)) { - /* clear some bits on write */ - uint32_t mask = DMA_STAT_ERROR | DMA_STAT_ABORT | DMA_STAT_DONE; - pci->dma_regs[DMA_STAT] &= ~(val & mask); - } - break; - default: - trace_esp_pci_error_invalid_write_dma(val, saddr); - return; - } -} - -static uint32_t esp_pci_dma_read(PCIESPState *pci, uint32_t saddr) -{ - uint32_t val; - - val = pci->dma_regs[saddr]; - if (saddr == DMA_STAT) { - if (pci->esp.rregs[ESP_RSTAT] & STAT_INT) { - val |= DMA_STAT_SCSIINT; - } - if (pci->sbac & SBAC_STATUS) { - pci->dma_regs[DMA_STAT] &= ~(DMA_STAT_ERROR | DMA_STAT_ABORT | - DMA_STAT_DONE); - } - } - - trace_esp_pci_dma_read(saddr, val); - return val; -} - -static void esp_pci_io_write(void *opaque, target_phys_addr_t addr, - uint64_t val, unsigned int size) -{ - PCIESPState *pci = opaque; - - if (size < 4 || addr & 3) { - /* need to upgrade request: we only support 4-bytes accesses */ - uint32_t current = 0, mask; - int shift; - - if (addr < 0x40) { - current = pci->esp.wregs[addr >> 2]; - } else if (addr < 0x60) { - current = pci->dma_regs[(addr - 0x40) >> 2]; - } else if (addr < 0x74) { - current = pci->sbac; - } - - shift = (4 - size) * 8; - mask = (~(uint32_t)0 << shift) >> shift; - - shift = ((4 - (addr & 3)) & 3) * 8; - val <<= shift; - val |= current & ~(mask << shift); - addr &= ~3; - size = 4; - } - - if (addr < 0x40) { - /* SCSI core reg */ - esp_reg_write(&pci->esp, addr >> 2, val); - } else if (addr < 0x60) { - /* PCI DMA CCB */ - esp_pci_dma_write(pci, (addr - 0x40) >> 2, val); - } else if (addr == 0x70) { - /* DMA SCSI Bus and control */ - trace_esp_pci_sbac_write(pci->sbac, val); - pci->sbac = val; - } else { - trace_esp_pci_error_invalid_write((int)addr); - } -} - -static uint64_t esp_pci_io_read(void *opaque, target_phys_addr_t addr, - unsigned int size) -{ - PCIESPState *pci = opaque; - uint32_t ret; - - if (addr < 0x40) { - /* SCSI core reg */ - ret = esp_reg_read(&pci->esp, addr >> 2); - } else if (addr < 0x60) { - /* PCI DMA CCB */ - ret = esp_pci_dma_read(pci, (addr - 0x40) >> 2); - } else if (addr == 0x70) { - /* DMA SCSI Bus and control */ - trace_esp_pci_sbac_read(pci->sbac); - ret = pci->sbac; - } else { - /* Invalid region */ - trace_esp_pci_error_invalid_read((int)addr); - ret = 0; - } - - /* give only requested data */ - ret >>= (addr & 3) * 8; - ret &= ~(~(uint64_t)0 << (8 * size)); - - return ret; -} - -static void esp_pci_dma_memory_rw(PCIESPState *pci, uint8_t *buf, int len, - DMADirection dir) -{ - dma_addr_t addr; - DMADirection expected_dir; - - if (pci->dma_regs[DMA_CMD] & DMA_CMD_DIR) { - expected_dir = DMA_DIRECTION_FROM_DEVICE; - } else { - expected_dir = DMA_DIRECTION_TO_DEVICE; - } - - if (dir != expected_dir) { - trace_esp_pci_error_invalid_dma_direction(); - return; - } - - if (pci->dma_regs[DMA_STAT] & DMA_CMD_MDL) { - qemu_log_mask(LOG_UNIMP, "am53c974: MDL transfer not implemented\n"); - } - - addr = pci->dma_regs[DMA_SPA]; - if (pci->dma_regs[DMA_WBC] < len) { - len = pci->dma_regs[DMA_WBC]; - } - - pci_dma_rw(&pci->dev, addr, buf, len, dir); - - /* update status registers */ - pci->dma_regs[DMA_WBC] -= len; - pci->dma_regs[DMA_WAC] += len; -} - -static void esp_pci_dma_memory_read(void *opaque, uint8_t *buf, int len) -{ - PCIESPState *pci = opaque; - esp_pci_dma_memory_rw(pci, buf, len, DMA_DIRECTION_TO_DEVICE); -} - -static void esp_pci_dma_memory_write(void *opaque, uint8_t *buf, int len) -{ - PCIESPState *pci = opaque; - esp_pci_dma_memory_rw(pci, buf, len, DMA_DIRECTION_FROM_DEVICE); -} - -static const MemoryRegionOps esp_pci_io_ops = { - .read = esp_pci_io_read, - .write = esp_pci_io_write, - .endianness = DEVICE_LITTLE_ENDIAN, - .impl = { - .min_access_size = 1, - .max_access_size = 4, - }, -}; - -static void esp_pci_hard_reset(DeviceState *dev) -{ - PCIESPState *pci = DO_UPCAST(PCIESPState, dev.qdev, dev); - esp_hard_reset(&pci->esp); - pci->dma_regs[DMA_CMD] &= ~(DMA_CMD_DIR | DMA_CMD_INTE_D | DMA_CMD_INTE_P - | DMA_CMD_MDL | DMA_CMD_DIAG | DMA_CMD_MASK); - pci->dma_regs[DMA_WBC] &= ~0xffff; - pci->dma_regs[DMA_WAC] = 0xffffffff; - pci->dma_regs[DMA_STAT] &= ~(DMA_STAT_BCMBLT | DMA_STAT_SCSIINT - | DMA_STAT_DONE | DMA_STAT_ABORT - | DMA_STAT_ERROR); - pci->dma_regs[DMA_WMAC] = 0xfffffffd; -} - -static const VMStateDescription vmstate_esp_pci_scsi = { - .name = "pciespscsi", - .version_id = 0, - .minimum_version_id = 0, - .minimum_version_id_old = 0, - .fields = (VMStateField[]) { - VMSTATE_PCI_DEVICE(dev, PCIESPState), - VMSTATE_BUFFER_UNSAFE(dma_regs, PCIESPState, 0, 8 * sizeof(uint32_t)), - VMSTATE_STRUCT(esp, PCIESPState, 0, vmstate_esp, ESPState), - VMSTATE_END_OF_LIST() - } -}; - -static void esp_pci_command_complete(SCSIRequest *req, uint32_t status, - size_t resid) -{ - ESPState *s = req->hba_private; - PCIESPState *pci = container_of(s, PCIESPState, esp); - - esp_command_complete(req, status, resid); - pci->dma_regs[DMA_WBC] = 0; - pci->dma_regs[DMA_STAT] |= DMA_STAT_DONE; -} - -static const struct SCSIBusInfo esp_pci_scsi_info = { - .tcq = false, - .max_target = ESP_MAX_DEVS, - .max_lun = 7, - - .transfer_data = esp_transfer_data, - .complete = esp_pci_command_complete, - .cancel = esp_request_cancelled, -}; - -static int esp_pci_scsi_init(PCIDevice *dev) -{ - PCIESPState *pci = DO_UPCAST(PCIESPState, dev, dev); - ESPState *s = &pci->esp; - uint8_t *pci_conf; - - pci_conf = pci->dev.config; - - /* Interrupt pin A */ - pci_conf[PCI_INTERRUPT_PIN] = 0x01; - - s->dma_memory_read = esp_pci_dma_memory_read; - s->dma_memory_write = esp_pci_dma_memory_write; - s->dma_opaque = pci; - s->chip_id = TCHI_AM53C974; - memory_region_init_io(&pci->io, &esp_pci_io_ops, pci, "esp-io", 0x80); - - pci_register_bar(&pci->dev, 0, PCI_BASE_ADDRESS_SPACE_IO, &pci->io); - s->irq = pci->dev.irq[0]; - - scsi_bus_new(&s->bus, &dev->qdev, &esp_pci_scsi_info); - if (!dev->qdev.hotplugged) { - return scsi_bus_legacy_handle_cmdline(&s->bus); - } - return 0; -} - -static void esp_pci_scsi_uninit(PCIDevice *d) -{ - PCIESPState *pci = DO_UPCAST(PCIESPState, dev, d); - - memory_region_destroy(&pci->io); -} - -static void esp_pci_class_init(ObjectClass *klass, void *data) -{ - DeviceClass *dc = DEVICE_CLASS(klass); - PCIDeviceClass *k = PCI_DEVICE_CLASS(klass); - - k->init = esp_pci_scsi_init; - k->exit = esp_pci_scsi_uninit; - k->vendor_id = PCI_VENDOR_ID_AMD; - k->device_id = PCI_DEVICE_ID_AMD_SCSI; - k->revision = 0x10; - k->class_id = PCI_CLASS_STORAGE_SCSI; - dc->desc = "AMD Am53c974 PCscsi-PCI SCSI adapter"; - dc->reset = esp_pci_hard_reset; - dc->vmsd = &vmstate_esp_pci_scsi; -} - -static const TypeInfo esp_pci_info = { - .name = "am53c974", - .parent = TYPE_PCI_DEVICE, - .instance_size = sizeof(PCIESPState), - .class_init = esp_pci_class_init, -}; - static void esp_register_types(void) { type_register_static(&sysbus_esp_info); - type_register_static(&esp_pci_info); } type_init(esp_register_types) @@ -1,6 +1,8 @@ #ifndef QEMU_HW_ESP_H #define QEMU_HW_ESP_H +#include "scsi.h" + /* esp.c */ #define ESP_MAX_DEVS 7 typedef void (*ESPDMAMemoryReadWriteFunc)(void *opaque, uint8_t *buf, int len); @@ -10,4 +12,121 @@ void esp_init(target_phys_addr_t espaddr, int it_shift, void *dma_opaque, qemu_irq irq, qemu_irq *reset, qemu_irq *dma_enable); +#define ESP_REGS 16 +#define TI_BUFSZ 16 + +typedef struct ESPState ESPState; + +struct ESPState { + uint8_t rregs[ESP_REGS]; + uint8_t wregs[ESP_REGS]; + qemu_irq irq; + uint8_t chip_id; + int32_t ti_size; + uint32_t ti_rptr, ti_wptr; + uint32_t status; + uint32_t dma; + uint8_t ti_buf[TI_BUFSZ]; + SCSIBus bus; + SCSIDevice *current_dev; + SCSIRequest *current_req; + uint8_t cmdbuf[TI_BUFSZ]; + uint32_t cmdlen; + uint32_t do_cmd; + + /* The amount of data left in the current DMA transfer. */ + uint32_t dma_left; + /* The size of the current DMA transfer. Zero if no transfer is in + progress. */ + uint32_t dma_counter; + int dma_enabled; + + uint32_t async_len; + uint8_t *async_buf; + + ESPDMAMemoryReadWriteFunc dma_memory_read; + ESPDMAMemoryReadWriteFunc dma_memory_write; + void *dma_opaque; + void (*dma_cb)(ESPState *s); +}; + +#define ESP_TCLO 0x0 +#define ESP_TCMID 0x1 +#define ESP_FIFO 0x2 +#define ESP_CMD 0x3 +#define ESP_RSTAT 0x4 +#define ESP_WBUSID 0x4 +#define ESP_RINTR 0x5 +#define ESP_WSEL 0x5 +#define ESP_RSEQ 0x6 +#define ESP_WSYNTP 0x6 +#define ESP_RFLAGS 0x7 +#define ESP_WSYNO 0x7 +#define ESP_CFG1 0x8 +#define ESP_RRES1 0x9 +#define ESP_WCCF 0x9 +#define ESP_RRES2 0xa +#define ESP_WTEST 0xa +#define ESP_CFG2 0xb +#define ESP_CFG3 0xc +#define ESP_RES3 0xd +#define ESP_TCHI 0xe +#define ESP_RES4 0xf + +#define CMD_DMA 0x80 +#define CMD_CMD 0x7f + +#define CMD_NOP 0x00 +#define CMD_FLUSH 0x01 +#define CMD_RESET 0x02 +#define CMD_BUSRESET 0x03 +#define CMD_TI 0x10 +#define CMD_ICCS 0x11 +#define CMD_MSGACC 0x12 +#define CMD_PAD 0x18 +#define CMD_SATN 0x1a +#define CMD_RSTATN 0x1b +#define CMD_SEL 0x41 +#define CMD_SELATN 0x42 +#define CMD_SELATNS 0x43 +#define CMD_ENSEL 0x44 +#define CMD_DISSEL 0x45 + +#define STAT_DO 0x00 +#define STAT_DI 0x01 +#define STAT_CD 0x02 +#define STAT_ST 0x03 +#define STAT_MO 0x06 +#define STAT_MI 0x07 +#define STAT_PIO_MASK 0x06 + +#define STAT_TC 0x10 +#define STAT_PE 0x20 +#define STAT_GE 0x40 +#define STAT_INT 0x80 + +#define BUSID_DID 0x07 + +#define INTR_FC 0x08 +#define INTR_BS 0x10 +#define INTR_DC 0x20 +#define INTR_RST 0x80 + +#define SEQ_0 0x0 +#define SEQ_CD 0x4 + +#define CFG1_RESREPT 0x40 + +#define TCHI_FAS100A 0x4 +#define TCHI_AM53C974 0x12 + +void esp_dma_enable(ESPState *s, int irq, int level); +void esp_request_cancelled(SCSIRequest *req); +void esp_command_complete(SCSIRequest *req, uint32_t status, size_t resid); +void esp_transfer_data(SCSIRequest *req, uint32_t len); +void esp_hard_reset(ESPState *s); +uint64_t esp_reg_read(ESPState *s, uint32_t saddr); +void esp_reg_write(ESPState *s, uint32_t saddr, uint64_t val); +extern const VMStateDescription vmstate_esp; + #endif diff --git a/hw/ide/qdev.c b/hw/ide/qdev.c index 22e58dfc8..5ea9b8f4b 100644 --- a/hw/ide/qdev.c +++ b/hw/ide/qdev.c @@ -149,7 +149,8 @@ static int ide_dev_initfn(IDEDevice *dev, IDEDriveKind kind) } blkconf_serial(&dev->conf, &dev->serial); - if (blkconf_geometry(&dev->conf, &dev->chs_trans, 65536, 16, 255) < 0) { + if (kind != IDE_CD + && blkconf_geometry(&dev->conf, &dev->chs_trans, 65536, 16, 255) < 0) { return -1; } diff --git a/hw/pci-stub.c b/hw/pci-stub.c index e08319152..134c4484b 100644 --- a/hw/pci-stub.c +++ b/hw/pci-stub.c @@ -34,21 +34,6 @@ static void pci_error_message(Monitor *mon) monitor_printf(mon, "PCI devices not supported\n"); } -void pci_register_bar(PCIDevice *pci_dev, int region_num, - uint8_t type, MemoryRegion *memory) -{ -} - -const VMStateDescription vmstate_pci_device = { - .name = "PCIDeviceStub", - .version_id = 1, - .minimum_version_id = 1, - .minimum_version_id_old = 1, - .fields = (VMStateField[]) { - VMSTATE_END_OF_LIST() - } -}; - int do_pcie_aer_inject_error(Monitor *mon, const QDict *qdict, QObject **ret_data) { diff --git a/hw/scsi-bus.c b/hw/scsi-bus.c index 6120cc83c..b8a857d14 100644 --- a/hw/scsi-bus.c +++ b/hw/scsi-bus.c @@ -1437,7 +1437,6 @@ static const char *scsi_command_name(uint8_t cmd) [ ATA_PASSTHROUGH_12 ] = "BLANK/ATA_PASSTHROUGH_12", [ MOVE_MEDIUM ] = "MOVE_MEDIUM", [ EXCHANGE_MEDIUM ] = "EXCHANGE MEDIUM", - [ LOAD_UNLOAD ] = "LOAD_UNLOAD", [ READ_12 ] = "READ_12", [ WRITE_12 ] = "WRITE_12", [ ERASE_12 ] = "ERASE_12/GET_PERFORMANCE", diff --git a/hw/scsi-disk.c b/hw/scsi-disk.c index a9c727905..c8d5edd86 100644 --- a/hw/scsi-disk.c +++ b/hw/scsi-disk.c @@ -1958,7 +1958,8 @@ static int scsi_initfn(SCSIDevice *dev) } blkconf_serial(&s->qdev.conf, &s->serial); - if (blkconf_geometry(&dev->conf, NULL, 65535, 255, 255) < 0) { + if (dev->type == TYPE_DISK + && blkconf_geometry(&dev->conf, NULL, 65535, 255, 255) < 0) { return -1; } diff --git a/hw/sun4m.c b/hw/sun4m.c index a95926120..0f909b5f8 100644 --- a/hw/sun4m.c +++ b/hw/sun4m.c @@ -832,6 +832,10 @@ static void cpu_devinit(const char *cpu_model, unsigned int id, env->prom_addr = prom_addr; } +static void dummy_fdc_tc(void *opaque, int irq, int level) +{ +} + static void sun4m_hw_init(const struct sun4m_hwdef *hwdef, ram_addr_t RAM_size, const char *boot_device, const char *kernel_filename, @@ -942,9 +946,6 @@ static void sun4m_hw_init(const struct sun4m_hwdef *hwdef, ram_addr_t RAM_size, serial_hds[0], serial_hds[1], ESCC_CLOCK, 1); cpu_halt = qemu_allocate_irqs(cpu_halt_signal, NULL, 1); - slavio_misc_init(hwdef->slavio_base, hwdef->aux1_base, hwdef->aux2_base, - slavio_irq[30], fdc_tc); - if (hwdef->apc_base) { apc_init(hwdef->apc_base, cpu_halt[0]); } @@ -955,8 +956,13 @@ static void sun4m_hw_init(const struct sun4m_hwdef *hwdef, ram_addr_t RAM_size, fd[0] = drive_get(IF_FLOPPY, 0, 0); sun4m_fdctrl_init(slavio_irq[22], hwdef->fd_base, fd, &fdc_tc); + } else { + fdc_tc = *qemu_allocate_irqs(dummy_fdc_tc, NULL, 1); } + slavio_misc_init(hwdef->slavio_base, hwdef->aux1_base, hwdef->aux2_base, + slavio_irq[30], fdc_tc); + if (drive_get_max_bus(IF_SCSI) > 0) { fprintf(stderr, "qemu: too many SCSI bus\n"); exit(1); @@ -1772,16 +1778,18 @@ static void sun4c_hw_init(const struct sun4c_hwdef *hwdef, ram_addr_t RAM_size, slavio_irq[1], serial_hds[0], serial_hds[1], ESCC_CLOCK, 1); - slavio_misc_init(0, hwdef->aux1_base, 0, slavio_irq[1], fdc_tc); - if (hwdef->fd_base != (target_phys_addr_t)-1) { /* there is zero or one floppy drive */ memset(fd, 0, sizeof(fd)); fd[0] = drive_get(IF_FLOPPY, 0, 0); sun4m_fdctrl_init(slavio_irq[1], hwdef->fd_base, fd, &fdc_tc); + } else { + fdc_tc = *qemu_allocate_irqs(dummy_fdc_tc, NULL, 1); } + slavio_misc_init(0, hwdef->aux1_base, 0, slavio_irq[1], fdc_tc); + if (drive_get_max_bus(IF_SCSI) > 0) { fprintf(stderr, "qemu: too many SCSI bus\n"); exit(1); diff --git a/hw/usb/dev-storage.c b/hw/usb/dev-storage.c index 7fa8b83d2..ff48d9104 100644 --- a/hw/usb/dev-storage.c +++ b/hw/usb/dev-storage.c @@ -247,6 +247,9 @@ static void usb_msd_command_complete(SCSIRequest *req, uint32_t status, size_t r the status read packet. */ usb_msd_send_status(s, p); s->mode = USB_MSDM_CBW; + } else if (s->mode == USB_MSDM_CSW) { + usb_msd_send_status(s, p); + s->mode = USB_MSDM_CBW; } else { if (s->data_len) { int len = (p->iov.size - p->result); @@ -383,6 +386,9 @@ static int usb_msd_handle_data(USBDevice *dev, USBPacket *p) assert(le32_to_cpu(s->csw.residue) == 0); s->scsi_len = 0; s->req = scsi_req_new(s->scsi_dev, tag, 0, cbw.cmd, NULL); +#ifdef DEBUG_MSD + scsi_req_print(s->req); +#endif scsi_req_enqueue(s->req); if (s->req && s->req->cmd.xfer != SCSI_XFER_NONE) { scsi_req_continue(s->req); @@ -410,7 +416,7 @@ static int usb_msd_handle_data(USBDevice *dev, USBPacket *p) } } if (p->result < p->iov.size) { - DPRINTF("Deferring packet %p\n", p); + DPRINTF("Deferring packet %p [wait data-out]\n", p); s->packet = p; ret = USB_RET_ASYNC; } else { @@ -445,6 +451,7 @@ static int usb_msd_handle_data(USBDevice *dev, USBPacket *p) if (s->req) { /* still in flight */ + DPRINTF("Deferring packet %p [wait status]\n", p); s->packet = p; ret = USB_RET_ASYNC; } else { @@ -471,7 +478,7 @@ static int usb_msd_handle_data(USBDevice *dev, USBPacket *p) } } if (p->result < p->iov.size) { - DPRINTF("Deferring packet %p\n", p); + DPRINTF("Deferring packet %p [wait data-in]\n", p); s->packet = p; ret = USB_RET_ASYNC; } else { diff --git a/hw/virtio-pci.c b/hw/virtio-pci.c index a5924c2fa..5e6e09efb 100644 --- a/hw/virtio-pci.c +++ b/hw/virtio-pci.c @@ -160,7 +160,7 @@ static int virtio_pci_load_queue(void * opaque, int n, QEMUFile *f) } static int virtio_pci_set_host_notifier_internal(VirtIOPCIProxy *proxy, - int n, bool assign) + int n, bool assign, bool set_handler) { VirtQueue *vq = virtio_get_queue(proxy->vdev, n); EventNotifier *notifier = virtio_queue_get_host_notifier(vq); @@ -173,13 +173,13 @@ static int virtio_pci_set_host_notifier_internal(VirtIOPCIProxy *proxy, __func__, r); return r; } - virtio_queue_set_host_notifier_fd_handler(vq, true); + virtio_queue_set_host_notifier_fd_handler(vq, true, set_handler); memory_region_add_eventfd(&proxy->bar, VIRTIO_PCI_QUEUE_NOTIFY, 2, true, n, notifier); } else { memory_region_del_eventfd(&proxy->bar, VIRTIO_PCI_QUEUE_NOTIFY, 2, true, n, notifier); - virtio_queue_set_host_notifier_fd_handler(vq, false); + virtio_queue_set_host_notifier_fd_handler(vq, false, false); event_notifier_cleanup(notifier); } return r; @@ -200,7 +200,7 @@ static void virtio_pci_start_ioeventfd(VirtIOPCIProxy *proxy) continue; } - r = virtio_pci_set_host_notifier_internal(proxy, n, true); + r = virtio_pci_set_host_notifier_internal(proxy, n, true, true); if (r < 0) { goto assign_error; } @@ -214,7 +214,7 @@ assign_error: continue; } - r = virtio_pci_set_host_notifier_internal(proxy, n, false); + r = virtio_pci_set_host_notifier_internal(proxy, n, false, false); assert(r >= 0); } proxy->ioeventfd_started = false; @@ -235,7 +235,7 @@ static void virtio_pci_stop_ioeventfd(VirtIOPCIProxy *proxy) continue; } - r = virtio_pci_set_host_notifier_internal(proxy, n, false); + r = virtio_pci_set_host_notifier_internal(proxy, n, false, false); assert(r >= 0); } proxy->ioeventfd_started = false; @@ -683,7 +683,7 @@ static int virtio_pci_set_host_notifier(void *opaque, int n, bool assign) * currently only stops on status change away from ok, * reset, vmstop and such. If we do add code to start here, * need to check vmstate, device state etc. */ - return virtio_pci_set_host_notifier_internal(proxy, n, assign); + return virtio_pci_set_host_notifier_internal(proxy, n, assign, false); } static void virtio_pci_vmstate_change(void *opaque, bool running) diff --git a/hw/virtio.c b/hw/virtio.c index d146f86f1..209c76375 100644 --- a/hw/virtio.c +++ b/hw/virtio.c @@ -1021,13 +1021,16 @@ static void virtio_queue_host_notifier_read(EventNotifier *n) } } -void virtio_queue_set_host_notifier_fd_handler(VirtQueue *vq, bool assign) +void virtio_queue_set_host_notifier_fd_handler(VirtQueue *vq, bool assign, + bool set_handler) { - if (assign) { + if (assign && set_handler) { event_notifier_set_handler(&vq->host_notifier, virtio_queue_host_notifier_read); } else { event_notifier_set_handler(&vq->host_notifier, NULL); + } + if (!assign) { /* Test and clear notifier before after disabling event, * in case poll callback didn't have time to run. */ virtio_queue_host_notifier_read(&vq->host_notifier); diff --git a/hw/virtio.h b/hw/virtio.h index f8b5535db..7a4f56452 100644 --- a/hw/virtio.h +++ b/hw/virtio.h @@ -233,7 +233,8 @@ EventNotifier *virtio_queue_get_guest_notifier(VirtQueue *vq); void virtio_queue_set_guest_notifier_fd_handler(VirtQueue *vq, bool assign, bool with_irqfd); EventNotifier *virtio_queue_get_host_notifier(VirtQueue *vq); -void virtio_queue_set_host_notifier_fd_handler(VirtQueue *vq, bool assign); +void virtio_queue_set_host_notifier_fd_handler(VirtQueue *vq, bool assign, + bool set_handler); void virtio_queue_notify_vq(VirtQueue *vq); void virtio_irq(VirtQueue *vq); #endif diff --git a/hw/xilinx_axienet.c b/hw/xilinx_axienet.c index adfaf2c50..9b08c6291 100644 --- a/hw/xilinx_axienet.c +++ b/hw/xilinx_axienet.c @@ -648,7 +648,6 @@ static ssize_t eth_rx(NetClientState *nc, const uint8_t *buf, size_t size) uint16_t csum16; int i; - s = s; DENET(qemu_log("%s: %zd bytes\n", __func__, size)); unicast = ~buf[0] & 0x1; diff --git a/hw/xtensa_lx60.c b/hw/xtensa_lx60.c index c4f616f4f..3653f65b1 100644 --- a/hw/xtensa_lx60.c +++ b/hw/xtensa_lx60.c @@ -173,7 +173,7 @@ static void lx_init(const LxBoardDesc *board, int n; if (!cpu_model) { - cpu_model = "dc232b"; + cpu_model = XTENSA_DEFAULT_CPU_MODEL; } for (n = 0; n < smp_cpus; n++) { @@ -300,14 +300,14 @@ static void xtensa_lx200_init(ram_addr_t ram_size, static QEMUMachine xtensa_lx60_machine = { .name = "lx60", - .desc = "lx60 EVB (dc232b)", + .desc = "lx60 EVB (" XTENSA_DEFAULT_CPU_MODEL ")", .init = xtensa_lx60_init, .max_cpus = 4, }; static QEMUMachine xtensa_lx200_machine = { .name = "lx200", - .desc = "lx200 EVB (dc232b)", + .desc = "lx200 EVB (" XTENSA_DEFAULT_CPU_MODEL ")", .init = xtensa_lx200_init, .max_cpus = 4, }; diff --git a/hw/xtensa_sim.c b/hw/xtensa_sim.c index 1ce07fb89..831460b7c 100644 --- a/hw/xtensa_sim.c +++ b/hw/xtensa_sim.c @@ -102,7 +102,7 @@ static void xtensa_sim_init(ram_addr_t ram_size, const char *initrd_filename, const char *cpu_model) { if (!cpu_model) { - cpu_model = "dc232b"; + cpu_model = XTENSA_DEFAULT_CPU_MODEL; } sim_init(ram_size, boot_device, kernel_filename, kernel_cmdline, initrd_filename, cpu_model); @@ -110,7 +110,8 @@ static void xtensa_sim_init(ram_addr_t ram_size, static QEMUMachine xtensa_sim_machine = { .name = "sim", - .desc = "sim machine (dc232b)", + .desc = "sim machine (" XTENSA_DEFAULT_CPU_MODEL ")", + .is_default = true, .init = xtensa_sim_init, .max_cpus = 4, }; diff --git a/linux-user/signal.c b/linux-user/signal.c index 9be5ac078..78691473f 100644 --- a/linux-user/signal.c +++ b/linux-user/signal.c @@ -1844,7 +1844,7 @@ typedef struct { } __siginfo_t; typedef struct { - unsigned long si_float_regs [32]; + abi_ulong si_float_regs[32]; unsigned long si_fsr; unsigned long si_fpqdepth; struct { @@ -2056,11 +2056,9 @@ restore_fpu_state(CPUSPARCState *env, qemu_siginfo_fpu_t *fpu) return -EFAULT; #endif -#if 0 /* XXX: incorrect */ - err = __copy_from_user(&env->fpr[0], &fpu->si_float_regs[0], - (sizeof(unsigned long) * 32)); -#endif + err = copy_from_user(&env->fpr[0], fpu->si_float_regs[0], + (sizeof(abi_ulong) * 32)); err |= __get_user(env->fsr, &fpu->si_fsr); #if 0 err |= __get_user(current->thread.fpqdepth, &fpu->si_fpqdepth); diff --git a/net/slirp.c b/net/slirp.c index 08adb97da..8db66ea53 100644 --- a/net/slirp.c +++ b/net/slirp.c @@ -718,9 +718,9 @@ int net_init_slirp(const NetClientOptions *opts, const char *name, net_init_slirp_configs(user->hostfwd, SLIRP_CFG_HOSTFWD); net_init_slirp_configs(user->guestfwd, 0); - ret = net_slirp_init(peer, "user", name, user->restrict, vnet, user->host, - user->hostname, user->tftp, user->bootfile, - user->dhcpstart, user->dns, user->smb, + ret = net_slirp_init(peer, "user", name, user->q_restrict, vnet, + user->host, user->hostname, user->tftp, + user->bootfile, user->dhcpstart, user->dns, user->smb, user->smbserver); while (slirp_configs) { diff --git a/qapi-schema.json b/qapi-schema.json index cddf63a87..bd9c45002 100644 --- a/qapi-schema.json +++ b/qapi-schema.json @@ -1660,7 +1660,7 @@ # Returns: Nothing on success # If the job type does not support throttling, NotSupported # If the speed value is invalid, InvalidParameter -# If streaming is not active on this device, DeviceNotActive +# If no background operation is active on this device, DeviceNotActive # # Since: 1.1 ## @@ -1670,9 +1670,9 @@ ## # @block-job-cancel: # -# Stop an active block streaming operation. +# Stop an active background block operation. # -# This command returns immediately after marking the active block streaming +# This command returns immediately after marking the active background block # operation for cancellation. It is an error to call this command if no # operation is in progress. # @@ -1680,16 +1680,15 @@ # BLOCK_JOB_CANCELLED event. Before that happens the job is still visible when # enumerated using query-block-jobs. # -# The image file retains its backing file unless the streaming operation happens -# to complete just as it is being cancelled. -# -# A new block streaming operation can be started at a later time to finish -# copying all data from the backing file. +# For streaming, the image file retains its backing file unless the streaming +# operation happens to complete just as it is being cancelled. A new streaming +# operation can be started at a later time to finish copying all data from the +# backing file. # # @device: the device name # # Returns: Nothing on success -# If streaming is not active on this device, DeviceNotActive +# If no background operation is active on this device, DeviceNotActive # If cancellation already in progress, DeviceInUse # # Since: 1.1 diff --git a/qemu-img.c b/qemu-img.c index b866f8081..94a31ad9f 100644 --- a/qemu-img.c +++ b/qemu-img.c @@ -1567,14 +1567,19 @@ static int img_resize(int argc, char **argv) const char *filename, *fmt, *size; int64_t n, total_size; BlockDriverState *bs = NULL; - QEMUOptionParameter *param; - QEMUOptionParameter resize_options[] = { - { - .name = BLOCK_OPT_SIZE, - .type = OPT_SIZE, - .help = "Virtual disk size" + QemuOpts *param; + static QemuOptsList resize_options = { + .name = "resize_options", + .head = QTAILQ_HEAD_INITIALIZER(resize_options.head), + .desc = { + { + .name = BLOCK_OPT_SIZE, + .type = QEMU_OPT_SIZE, + .help = "Virtual disk size" + }, { + /* end of list */ + } }, - { NULL } }; /* Remove size from argv manually so that negative numbers are not treated @@ -1624,14 +1629,15 @@ static int img_resize(int argc, char **argv) } /* Parse size */ - param = parse_option_parameters("", resize_options, NULL); - if (set_option_parameter(param, BLOCK_OPT_SIZE, size)) { + param = qemu_opts_create(&resize_options, NULL, 0, NULL); + if (qemu_opt_set(param, BLOCK_OPT_SIZE, size)) { /* Error message already printed when size parsing fails */ ret = -1; + qemu_opts_del(param); goto out; } - n = get_option_parameter(param, BLOCK_OPT_SIZE)->value.n; - free_option_parameters(param); + n = qemu_opt_get_size(param, BLOCK_OPT_SIZE, 0); + qemu_opts_del(param); bs = bdrv_new_open(filename, fmt, BDRV_O_FLAGS | BDRV_O_RDWR); if (!bs) { @@ -1652,6 +1652,17 @@ static const cmdinfo_t map_cmd = { .oneline = "prints the allocated areas of a file", }; +static int abort_f(int argc, char **argv) +{ + abort(); +} + +static const cmdinfo_t abort_cmd = { + .name = "abort", + .cfunc = abort_f, + .flags = CMD_NOFILE_OK, + .oneline = "simulate a program crash using abort(3)", +}; static int close_f(int argc, char **argv) { @@ -1905,6 +1916,7 @@ int main(int argc, char **argv) add_command(&discard_cmd); add_command(&alloc_cmd); add_command(&map_cmd); + add_command(&abort_cmd); add_args_command(init_args_command); add_check_command(init_check_command); diff --git a/qemu-timer.c b/qemu-timer.c index 062fdf2cb..5aea94e8e 100644 --- a/qemu-timer.c +++ b/qemu-timer.c @@ -112,14 +112,10 @@ static int64_t qemu_next_alarm_deadline(void) static void qemu_rearm_alarm_timer(struct qemu_alarm_timer *t) { - int64_t nearest_delta_ns; - if (!rt_clock->active_timers && - !vm_clock->active_timers && - !host_clock->active_timers) { - return; + int64_t nearest_delta_ns = qemu_next_alarm_deadline(); + if (nearest_delta_ns < INT64_MAX) { + t->rearm(t, nearest_delta_ns); } - nearest_delta_ns = qemu_next_alarm_deadline(); - t->rearm(t, nearest_delta_ns); } /* TODO: MIN_TIMER_REARM_NS should be optimized */ diff --git a/scripts/qapi.py b/scripts/qapi.py index d3b8b4d85..122b4cb6d 100644 --- a/scripts/qapi.py +++ b/scripts/qapi.py @@ -142,6 +142,22 @@ def camel_case(name): return new_name def c_var(name): + # ANSI X3J11/88-090, 3.1.1 + c89_words = set(['auto', 'break', 'case', 'char', 'const', 'continue', + 'default', 'do', 'double', 'else', 'enum', 'extern', 'float', + 'for', 'goto', 'if', 'int', 'long', 'register', 'return', + 'short', 'signed', 'sizeof', 'static', 'struct', 'switch', + 'typedef', 'union', 'unsigned', 'void', 'volatile', 'while']) + # ISO/IEC 9899:1999, 6.4.1 + c99_words = set(['inline', 'restrict', '_Bool', '_Complex', '_Imaginary']) + # ISO/IEC 9899:2011, 6.4.1 + c11_words = set(['_Alignas', '_Alignof', '_Atomic', '_Generic', '_Noreturn', + '_Static_assert', '_Thread_local']) + # GCC http://gcc.gnu.org/onlinedocs/gcc-4.7.1/gcc/C-Extensions.html + # excluding _.* + gcc_words = set(['asm', 'typeof']) + if name in c89_words | c99_words | c11_words | gcc_words: + return "q_" + name return name.replace('-', '_').lstrip("*") def c_fun(name): diff --git a/slirp/main.h b/slirp/main.h index 028df4b36..1f3b84de9 100644 --- a/slirp/main.h +++ b/slirp/main.h @@ -31,6 +31,7 @@ extern char *exec_shell; extern u_int curtime; extern fd_set *global_readfds, *global_writefds, *global_xfds; extern struct in_addr loopback_addr; +extern unsigned long loopback_mask; extern char *username; extern char *socket_path; extern int towrite_max; diff --git a/slirp/slirp.c b/slirp/slirp.c index 90473eb74..38e0a2193 100644 --- a/slirp/slirp.c +++ b/slirp/slirp.c @@ -29,6 +29,8 @@ /* host loopback address */ struct in_addr loopback_addr; +/* host loopback network mask */ +unsigned long loopback_mask; /* emulated hosts use the MAC addr 52:55:IP:IP:IP:IP */ static const uint8_t special_ethaddr[ETH_ALEN] = { @@ -191,6 +193,7 @@ static void slirp_init_once(void) #endif loopback_addr.s_addr = htonl(INADDR_LOOPBACK); + loopback_mask = htonl(IN_CLASSA_NET); } static void slirp_state_save(QEMUFile *f, void *opaque); diff --git a/slirp/tcp_subr.c b/slirp/tcp_subr.c index 0a545c41e..025b37436 100644 --- a/slirp/tcp_subr.c +++ b/slirp/tcp_subr.c @@ -435,8 +435,11 @@ tcp_connect(struct socket *inso) so->so_fport = addr.sin_port; so->so_faddr = addr.sin_addr; /* Translate connections from localhost to the real hostname */ - if (so->so_faddr.s_addr == 0 || so->so_faddr.s_addr == loopback_addr.s_addr) - so->so_faddr = slirp->vhost_addr; + if (so->so_faddr.s_addr == 0 || + (so->so_faddr.s_addr & loopback_mask) == + (loopback_addr.s_addr & loopback_mask)) { + so->so_faddr = slirp->vhost_addr; + } /* Close the accept() socket, set right state */ if (inso->so_state & SS_FACCEPTONCE) { diff --git a/target-i386/cpu.c b/target-i386/cpu.c index 857b94ea8..880cfea3f 100644 --- a/target-i386/cpu.c +++ b/target-i386/cpu.c @@ -1746,6 +1746,7 @@ static void x86_cpu_initfn(Object *obj) { X86CPU *cpu = X86_CPU(obj); CPUX86State *env = &cpu->env; + static int inited; cpu_exec_init(env); @@ -1775,6 +1776,15 @@ static void x86_cpu_initfn(Object *obj) x86_cpuid_set_tsc_freq, NULL, NULL, NULL); env->cpuid_apic_id = env->cpu_index; + + /* init various static tables used in TCG mode */ + if (tcg_enabled() && !inited) { + inited = 1; + optimize_flags_init(); +#ifndef CONFIG_USER_ONLY + cpu_set_debug_excp_handler(breakpoint_handler); +#endif + } } static void x86_cpu_common_class_init(ObjectClass *oc, void *data) diff --git a/target-i386/cpu.h b/target-i386/cpu.h index 2a61c810b..60f9e972b 100644 --- a/target-i386/cpu.h +++ b/target-i386/cpu.h @@ -935,6 +935,7 @@ static inline int hw_breakpoint_len(unsigned long dr7, int index) void hw_breakpoint_insert(CPUX86State *env, int index); void hw_breakpoint_remove(CPUX86State *env, int index); int check_hw_breakpoints(CPUX86State *env, int force_dr6_update); +void breakpoint_handler(CPUX86State *env); /* will be suppressed */ void cpu_x86_update_cr0(CPUX86State *env, uint32_t new_cr0); diff --git a/target-i386/helper.c b/target-i386/helper.c index b748d9006..8a5da3d7c 100644 --- a/target-i386/helper.c +++ b/target-i386/helper.c @@ -941,9 +941,7 @@ int check_hw_breakpoints(CPUX86State *env, int force_dr6_update) return hit_enabled; } -static CPUDebugExcpHandler *prev_debug_excp_handler; - -static void breakpoint_handler(CPUX86State *env) +void breakpoint_handler(CPUX86State *env) { CPUBreakpoint *bp; @@ -965,8 +963,6 @@ static void breakpoint_handler(CPUX86State *env) break; } } - if (prev_debug_excp_handler) - prev_debug_excp_handler(env); } typedef struct MCEInjectionParams { @@ -1155,21 +1151,11 @@ X86CPU *cpu_x86_init(const char *cpu_model) { X86CPU *cpu; CPUX86State *env; - static int inited; cpu = X86_CPU(object_new(TYPE_X86_CPU)); env = &cpu->env; env->cpu_model_str = cpu_model; - /* init various static tables used in TCG mode */ - if (tcg_enabled() && !inited) { - inited = 1; - optimize_flags_init(); -#ifndef CONFIG_USER_ONLY - prev_debug_excp_handler = - cpu_set_debug_excp_handler(breakpoint_handler); -#endif - } if (cpu_x86_register(cpu, cpu_model) < 0) { object_delete(OBJECT(cpu)); return NULL; diff --git a/target-mips/translate.c b/target-mips/translate.c index 4e15ee36b..47daf8574 100644 --- a/target-mips/translate.c +++ b/target-mips/translate.c @@ -12763,6 +12763,7 @@ void cpu_state_reset(CPUMIPSState *env) env->CP0_SRSConf3 = env->cpu_model->CP0_SRSConf3; env->CP0_SRSConf4_rw_bitmask = env->cpu_model->CP0_SRSConf4_rw_bitmask; env->CP0_SRSConf4 = env->cpu_model->CP0_SRSConf4; + env->active_fpu.fcr0 = env->cpu_model->CP1_fcr0; env->insn_flags = env->cpu_model->insn_flags; #if defined(CONFIG_USER_ONLY) diff --git a/target-xtensa/cpu.h b/target-xtensa/cpu.h index f7db11640..177094ae9 100644 --- a/target-xtensa/cpu.h +++ b/target-xtensa/cpu.h @@ -351,6 +351,12 @@ typedef struct CPUXtensaState { #define cpu_signal_handler cpu_xtensa_signal_handler #define cpu_list xtensa_cpu_list +#ifdef TARGET_WORDS_BIGENDIAN +#define XTENSA_DEFAULT_CPU_MODEL "fsf" +#else +#define XTENSA_DEFAULT_CPU_MODEL "dc232b" +#endif + XtensaCPU *cpu_xtensa_init(const char *cpu_model); static inline CPUXtensaState *cpu_init(const char *cpu_model) diff --git a/target-xtensa/helper.c b/target-xtensa/helper.c index 044ce1836..d5bb171fc 100644 --- a/target-xtensa/helper.c +++ b/target-xtensa/helper.c @@ -54,8 +54,6 @@ static uint32_t check_hw_breakpoints(CPUXtensaState *env) return 0; } -static CPUDebugExcpHandler *prev_debug_excp_handler; - static void breakpoint_handler(CPUXtensaState *env) { if (env->watchpoint_hit) { @@ -70,9 +68,6 @@ static void breakpoint_handler(CPUXtensaState *env) cpu_resume_from_signal(env, NULL); } } - if (prev_debug_excp_handler) { - prev_debug_excp_handler(env); - } } XtensaCPU *cpu_xtensa_init(const char *cpu_model) @@ -105,8 +100,7 @@ XtensaCPU *cpu_xtensa_init(const char *cpu_model) if (!debug_handler_inited && tcg_enabled()) { debug_handler_inited = 1; - prev_debug_excp_handler = - cpu_set_debug_excp_handler(breakpoint_handler); + cpu_set_debug_excp_handler(breakpoint_handler); } xtensa_irq_init(env); diff --git a/tests/qemu-iotests/031.out b/tests/qemu-iotests/031.out index d3cab301d..796c993df 100644 --- a/tests/qemu-iotests/031.out +++ b/tests/qemu-iotests/031.out @@ -54,8 +54,8 @@ header_length 72 Header extension: magic 0x6803f857 -length 0 -data '' +length 96 +data <binary> Header extension: magic 0x12345678 @@ -68,7 +68,7 @@ No errors were found on the image. magic 0x514649fb version 2 -backing_file_offset 0x98 +backing_file_offset 0xf8 backing_file_size 0x17 cluster_bits 16 size 67108864 @@ -92,8 +92,8 @@ data 'host_device' Header extension: magic 0x6803f857 -length 0 -data '' +length 96 +data <binary> Header extension: magic 0x12345678 @@ -155,8 +155,8 @@ header_length 104 Header extension: magic 0x6803f857 -length 0 -data '' +length 96 +data <binary> Header extension: magic 0x12345678 @@ -169,7 +169,7 @@ No errors were found on the image. magic 0x514649fb version 3 -backing_file_offset 0xb8 +backing_file_offset 0x118 backing_file_size 0x17 cluster_bits 16 size 67108864 @@ -193,8 +193,8 @@ data 'host_device' Header extension: magic 0x6803f857 -length 0 -data '' +length 96 +data <binary> Header extension: magic 0x12345678 diff --git a/tests/qemu-iotests/036.out b/tests/qemu-iotests/036.out index 6953e37ab..063ca22d6 100644 --- a/tests/qemu-iotests/036.out +++ b/tests/qemu-iotests/036.out @@ -46,7 +46,7 @@ header_length 104 Header extension: magic 0x6803f857 -length 0 -data '' +length 96 +data <binary> *** done diff --git a/tests/qemu-iotests/039 b/tests/qemu-iotests/039 new file mode 100755 index 000000000..a749fcf23 --- /dev/null +++ b/tests/qemu-iotests/039 @@ -0,0 +1,136 @@ +#!/bin/bash +# +# Test qcow2 lazy refcounts +# +# Copyright (C) 2012 Red Hat, Inc. +# Copyright IBM, Corp. 2010 +# +# Based on test 038. +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation; either version 2 of the License, or +# (at your option) any later version. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program. If not, see <http://www.gnu.org/licenses/>. +# + +# creator +owner=stefanha@linux.vnet.ibm.com + +seq=`basename $0` +echo "QA output created by $seq" + +here=`pwd` +tmp=/tmp/$$ +status=1 # failure is the default! + +_cleanup() +{ + _cleanup_test_img +} +trap "_cleanup; exit \$status" 0 1 2 3 15 + +# get standard environment, filters and checks +. ./common.rc +. ./common.filter + +_supported_fmt qcow2 +_supported_proto generic +_supported_os Linux + +size=128M + +echo +echo "== Checking that image is clean on shutdown ==" + +IMGOPTS="compat=1.1,lazy_refcounts=on" +_make_test_img $size + +$QEMU_IO -c "write -P 0x5a 0 512" $TEST_IMG | _filter_qemu_io + +# The dirty bit must not be set +./qcow2.py $TEST_IMG dump-header | grep incompatible_features +_check_test_img + +echo +echo "== Creating a dirty image file ==" + +IMGOPTS="compat=1.1,lazy_refcounts=on" +_make_test_img $size + +old_ulimit=$(ulimit -c) +ulimit -c 0 # do not produce a core dump on abort(3) +$QEMU_IO -c "write -P 0x5a 0 512" -c "abort" $TEST_IMG | _filter_qemu_io +ulimit -c "$old_ulimit" + +# The dirty bit must be set +./qcow2.py $TEST_IMG dump-header | grep incompatible_features +_check_test_img + +echo +echo "== Read-only access must still work ==" + +$QEMU_IO -r -c "read -P 0x5a 0 512" $TEST_IMG | _filter_qemu_io + +# The dirty bit must be set +./qcow2.py $TEST_IMG dump-header | grep incompatible_features + +echo +echo "== Repairing the image file must succeed ==" + +$QEMU_IMG check -r all $TEST_IMG + +# The dirty bit must not be set +./qcow2.py $TEST_IMG dump-header | grep incompatible_features + +echo +echo "== Data should still be accessible after repair ==" + +$QEMU_IO -c "read -P 0x5a 0 512" $TEST_IMG | _filter_qemu_io + +echo +echo "== Opening a dirty image read/write should repair it ==" + +IMGOPTS="compat=1.1,lazy_refcounts=on" +_make_test_img $size + +old_ulimit=$(ulimit -c) +ulimit -c 0 # do not produce a core dump on abort(3) +$QEMU_IO -c "write -P 0x5a 0 512" -c "abort" $TEST_IMG | _filter_qemu_io +ulimit -c "$old_ulimit" + +# The dirty bit must be set +./qcow2.py $TEST_IMG dump-header | grep incompatible_features + +$QEMU_IO -c "write 0 512" $TEST_IMG | _filter_qemu_io + +# The dirty bit must not be set +./qcow2.py $TEST_IMG dump-header | grep incompatible_features + +echo +echo "== Creating an image file with lazy_refcounts=off ==" + +IMGOPTS="compat=1.1,lazy_refcounts=off" +_make_test_img $size + +old_ulimit=$(ulimit -c) +ulimit -c 0 # do not produce a core dump on abort(3) +$QEMU_IO -c "write -P 0x5a 0 512" -c "abort" $TEST_IMG | _filter_qemu_io +ulimit -c "$old_ulimit" + +# The dirty bit must not be set since lazy_refcounts=off +./qcow2.py $TEST_IMG dump-header | grep incompatible_features +_check_test_img + +# success, all done +echo "*** done" +rm -f $seq.full +status=0 + diff --git a/tests/qemu-iotests/039.out b/tests/qemu-iotests/039.out new file mode 100644 index 000000000..155a05e10 --- /dev/null +++ b/tests/qemu-iotests/039.out @@ -0,0 +1,53 @@ +QA output created by 039 + +== Checking that image is clean on shutdown == +Formatting 'TEST_DIR/t.IMGFMT', fmt=IMGFMT size=134217728 +wrote 512/512 bytes at offset 0 +512 bytes, X ops; XX:XX:XX.X (XXX YYY/sec and XXX ops/sec) +incompatible_features 0x0 +No errors were found on the image. + +== Creating a dirty image file == +Formatting 'TEST_DIR/t.IMGFMT', fmt=IMGFMT size=134217728 +wrote 512/512 bytes at offset 0 +512 bytes, X ops; XX:XX:XX.X (XXX YYY/sec and XXX ops/sec) +incompatible_features 0x1 +ERROR OFLAG_COPIED: offset=8000000000050000 refcount=0 +ERROR cluster 5 refcount=0 reference=1 + +2 errors were found on the image. +Data may be corrupted, or further writes to the image may corrupt it. + +== Read-only access must still work == +read 512/512 bytes at offset 0 +512 bytes, X ops; XX:XX:XX.X (XXX YYY/sec and XXX ops/sec) +incompatible_features 0x1 + +== Repairing the image file must succeed == +ERROR OFLAG_COPIED: offset=8000000000050000 refcount=0 +Repairing cluster 5 refcount=0 reference=1 +No errors were found on the image. +incompatible_features 0x0 + +== Data should still be accessible after repair == +read 512/512 bytes at offset 0 +512 bytes, X ops; XX:XX:XX.X (XXX YYY/sec and XXX ops/sec) + +== Opening a dirty image read/write should repair it == +Formatting 'TEST_DIR/t.IMGFMT', fmt=IMGFMT size=134217728 +wrote 512/512 bytes at offset 0 +512 bytes, X ops; XX:XX:XX.X (XXX YYY/sec and XXX ops/sec) +incompatible_features 0x1 +ERROR OFLAG_COPIED: offset=8000000000050000 refcount=0 +Repairing cluster 5 refcount=0 reference=1 +wrote 512/512 bytes at offset 0 +512 bytes, X ops; XX:XX:XX.X (XXX YYY/sec and XXX ops/sec) +incompatible_features 0x0 + +== Creating an image file with lazy_refcounts=off == +Formatting 'TEST_DIR/t.IMGFMT', fmt=IMGFMT size=134217728 +wrote 512/512 bytes at offset 0 +512 bytes, X ops; XX:XX:XX.X (XXX YYY/sec and XXX ops/sec) +incompatible_features 0x0 +No errors were found on the image. +*** done diff --git a/tests/qemu-iotests/common.rc b/tests/qemu-iotests/common.rc index 5e3a524bc..7782808a2 100644 --- a/tests/qemu-iotests/common.rc +++ b/tests/qemu-iotests/common.rc @@ -110,10 +110,11 @@ _make_test_img() sed -e "s#$IMGFMT#IMGFMT#g" | \ sed -e "s# encryption=off##g" | \ sed -e "s# cluster_size=[0-9]\\+##g" | \ - sed -e "s# table_size=0##g" | \ + sed -e "s# table_size=[0-9]\\+##g" | \ sed -e "s# compat='[^']*'##g" | \ - sed -e "s# compat6=off##g" | \ - sed -e "s# static=off##g" + sed -e "s# compat6=\\(on\\|off\\)##g" | \ + sed -e "s# static=\\(on\\|off\\)##g" | \ + sed -e "s# lazy_refcounts=\\(on\\|off\\)##g" } _cleanup_test_img() diff --git a/tests/qemu-iotests/group b/tests/qemu-iotests/group index 7a2c92b6e..ebb5ca4b4 100644 --- a/tests/qemu-iotests/group +++ b/tests/qemu-iotests/group @@ -45,3 +45,4 @@ 036 rw auto quick 037 rw auto backing 038 rw auto backing +039 rw auto diff --git a/tests/qemu-iotests/qed.py b/tests/qemu-iotests/qed.py new file mode 100755 index 000000000..52ff84559 --- /dev/null +++ b/tests/qemu-iotests/qed.py @@ -0,0 +1,235 @@ +#!/usr/bin/env python +# +# Tool to manipulate QED image files +# +# Copyright (C) 2010 IBM, Corp. +# +# Authors: +# Stefan Hajnoczi <stefanha@linux.vnet.ibm.com> +# +# This work is licensed under the terms of the GNU GPL, version 2 or later. +# See the COPYING file in the top-level directory. + +import sys +import struct +import random +import optparse + +# This can be used as a module +__all__ = ['QED_F_NEED_CHECK', 'QED'] + +QED_F_NEED_CHECK = 0x02 + +header_fmt = '<IIIIQQQQQII' +header_size = struct.calcsize(header_fmt) +field_names = ['magic', 'cluster_size', 'table_size', + 'header_size', 'features', 'compat_features', + 'autoclear_features', 'l1_table_offset', 'image_size', + 'backing_filename_offset', 'backing_filename_size'] +table_elem_fmt = '<Q' +table_elem_size = struct.calcsize(table_elem_fmt) + +def err(msg): + sys.stderr.write(msg + '\n') + sys.exit(1) + +def unpack_header(s): + fields = struct.unpack(header_fmt, s) + return dict((field_names[idx], val) for idx, val in enumerate(fields)) + +def pack_header(header): + fields = tuple(header[x] for x in field_names) + return struct.pack(header_fmt, *fields) + +def unpack_table_elem(s): + return struct.unpack(table_elem_fmt, s)[0] + +def pack_table_elem(elem): + return struct.pack(table_elem_fmt, elem) + +class QED(object): + def __init__(self, f): + self.f = f + + self.f.seek(0, 2) + self.filesize = f.tell() + + self.load_header() + self.load_l1_table() + + def raw_pread(self, offset, size): + self.f.seek(offset) + return self.f.read(size) + + def raw_pwrite(self, offset, data): + self.f.seek(offset) + return self.f.write(data) + + def load_header(self): + self.header = unpack_header(self.raw_pread(0, header_size)) + + def store_header(self): + self.raw_pwrite(0, pack_header(self.header)) + + def read_table(self, offset): + size = self.header['table_size'] * self.header['cluster_size'] + s = self.raw_pread(offset, size) + table = [unpack_table_elem(s[i:i + table_elem_size]) for i in xrange(0, size, table_elem_size)] + return table + + def load_l1_table(self): + self.l1_table = self.read_table(self.header['l1_table_offset']) + self.table_nelems = self.header['table_size'] * self.header['cluster_size'] / table_elem_size + + def write_table(self, offset, table): + s = ''.join(pack_table_elem(x) for x in table) + self.raw_pwrite(offset, s) + +def random_table_item(table): + vals = [(index, offset) for index, offset in enumerate(table) if offset != 0] + if not vals: + err('cannot pick random item because table is empty') + return random.choice(vals) + +def corrupt_table_duplicate(table): + '''Corrupt a table by introducing a duplicate offset''' + victim_idx, victim_val = random_table_item(table) + unique_vals = set(table) + if len(unique_vals) == 1: + err('no duplication corruption possible in table') + dup_val = random.choice(list(unique_vals.difference([victim_val]))) + table[victim_idx] = dup_val + +def corrupt_table_invalidate(qed, table): + '''Corrupt a table by introducing an invalid offset''' + index, _ = random_table_item(table) + table[index] = qed.filesize + random.randint(0, 100 * 1024 * 1024 * 1024 * 1024) + +def cmd_show(qed, *args): + '''show [header|l1|l2 <offset>]- Show header or l1/l2 tables''' + if not args or args[0] == 'header': + print qed.header + elif args[0] == 'l1': + print qed.l1_table + elif len(args) == 2 and args[0] == 'l2': + offset = int(args[1]) + print qed.read_table(offset) + else: + err('unrecognized sub-command') + +def cmd_duplicate(qed, table_level): + '''duplicate l1|l2 - Duplicate a random table element''' + if table_level == 'l1': + offset = qed.header['l1_table_offset'] + table = qed.l1_table + elif table_level == 'l2': + _, offset = random_table_item(qed.l1_table) + table = qed.read_table(offset) + else: + err('unrecognized sub-command') + corrupt_table_duplicate(table) + qed.write_table(offset, table) + +def cmd_invalidate(qed, table_level): + '''invalidate l1|l2 - Plant an invalid table element at random''' + if table_level == 'l1': + offset = qed.header['l1_table_offset'] + table = qed.l1_table + elif table_level == 'l2': + _, offset = random_table_item(qed.l1_table) + table = qed.read_table(offset) + else: + err('unrecognized sub-command') + corrupt_table_invalidate(qed, table) + qed.write_table(offset, table) + +def cmd_need_check(qed, *args): + '''need-check [on|off] - Test, set, or clear the QED_F_NEED_CHECK header bit''' + if not args: + print bool(qed.header['features'] & QED_F_NEED_CHECK) + return + + if args[0] == 'on': + qed.header['features'] |= QED_F_NEED_CHECK + elif args[0] == 'off': + qed.header['features'] &= ~QED_F_NEED_CHECK + else: + err('unrecognized sub-command') + qed.store_header() + +def cmd_zero_cluster(qed, pos, *args): + '''zero-cluster <pos> [<n>] - Zero data clusters''' + pos, n = int(pos), 1 + if args: + if len(args) != 1: + err('expected one argument') + n = int(args[0]) + + for i in xrange(n): + l1_index = pos / qed.header['cluster_size'] / len(qed.l1_table) + if qed.l1_table[l1_index] == 0: + err('no l2 table allocated') + + l2_offset = qed.l1_table[l1_index] + l2_table = qed.read_table(l2_offset) + + l2_index = (pos / qed.header['cluster_size']) % len(qed.l1_table) + l2_table[l2_index] = 1 # zero the data cluster + qed.write_table(l2_offset, l2_table) + pos += qed.header['cluster_size'] + +def cmd_copy_metadata(qed, outfile): + '''copy-metadata <outfile> - Copy metadata only (for scrubbing corrupted images)''' + out = open(outfile, 'wb') + + # Match file size + out.seek(qed.filesize - 1) + out.write('\0') + + # Copy header clusters + out.seek(0) + header_size_bytes = qed.header['header_size'] * qed.header['cluster_size'] + out.write(qed.raw_pread(0, header_size_bytes)) + + # Copy L1 table + out.seek(qed.header['l1_table_offset']) + s = ''.join(pack_table_elem(x) for x in qed.l1_table) + out.write(s) + + # Copy L2 tables + for l2_offset in qed.l1_table: + if l2_offset == 0: + continue + l2_table = qed.read_table(l2_offset) + out.seek(l2_offset) + s = ''.join(pack_table_elem(x) for x in l2_table) + out.write(s) + + out.close() + +def usage(): + print 'Usage: %s <file> <cmd> [<arg>, ...]' % sys.argv[0] + print + print 'Supported commands:' + for cmd in sorted(x for x in globals() if x.startswith('cmd_')): + print globals()[cmd].__doc__ + sys.exit(1) + +def main(): + if len(sys.argv) < 3: + usage() + filename, cmd = sys.argv[1:3] + + cmd = 'cmd_' + cmd.replace('-', '_') + if cmd not in globals(): + usage() + + qed = QED(open(filename, 'r+b')) + try: + globals()[cmd](qed, *sys.argv[3:]) + except TypeError, e: + sys.stderr.write(globals()[cmd].__doc__ + '\n') + sys.exit(1) + +if __name__ == '__main__': + main() diff --git a/user-exec.c b/user-exec.c index 1a9c276eb..b9ea9dd32 100644 --- a/user-exec.c +++ b/user-exec.c @@ -18,7 +18,9 @@ */ #include "config.h" #include "cpu.h" +#ifndef CONFIG_TCG_PASS_AREG0 #include "dyngen-exec.h" +#endif #include "disas.h" #include "tcg.h" @@ -58,9 +60,11 @@ void cpu_resume_from_signal(CPUArchState *env1, void *puc) struct sigcontext *uc = puc; #endif +#ifndef CONFIG_TCG_PASS_AREG0 env = env1; /* XXX: restore cpu registers saved in host registers */ +#endif if (puc) { /* XXX: use siglongjmp ? */ @@ -74,8 +78,8 @@ void cpu_resume_from_signal(CPUArchState *env1, void *puc) sigprocmask(SIG_SETMASK, &uc->sc_mask, NULL); #endif } - env->exception_index = -1; - longjmp(env->jmp_env, 1); + env1->exception_index = -1; + longjmp(env1->jmp_env, 1); } /* 'pc' is the host PC at which the exception was raised. 'address' is @@ -89,9 +93,11 @@ static inline int handle_cpu_signal(uintptr_t pc, unsigned long address, TranslationBlock *tb; int ret; +#ifndef CONFIG_TCG_PASS_AREG0 if (cpu_single_env) { env = cpu_single_env; /* XXX: find a correct solution for multithread */ } +#endif #if defined(DEBUG_SIGNAL) qemu_printf("qemu: SIGSEGV pc=0x%08lx address=%08lx w=%d oldset=0x%08lx\n", pc, address, is_write, *(unsigned long *)old_set); @@ -103,7 +109,8 @@ static inline int handle_cpu_signal(uintptr_t pc, unsigned long address, } /* see if it is an MMU fault */ - ret = cpu_handle_mmu_fault(env, address, is_write, MMU_USER_IDX); + ret = cpu_handle_mmu_fault(cpu_single_env, address, is_write, + MMU_USER_IDX); if (ret < 0) { return 0; /* not an MMU fault */ } @@ -115,13 +122,13 @@ static inline int handle_cpu_signal(uintptr_t pc, unsigned long address, if (tb) { /* the PC is inside the translated code. It means that we have a virtual CPU fault */ - cpu_restore_state(tb, env, pc); + cpu_restore_state(tb, cpu_single_env, pc); } /* we restore the process signal mask as the sigreturn should do it (XXX: use sigsetjmp) */ sigprocmask(SIG_SETMASK, old_set, NULL); - exception_action(env); + exception_action(cpu_single_env); /* never comes here */ return 1; @@ -3345,6 +3345,11 @@ int main(int argc, char **argv, char **envp) ram_size = DEFAULT_RAM_SIZE * 1024 * 1024; } + if (qemu_opts_foreach(qemu_find_opts("device"), device_help_func, NULL, 0) + != 0) { + exit(0); + } + configure_accelerator(); qemu_init_cpu_loop(); @@ -3500,9 +3505,6 @@ int main(int argc, char **argv, char **envp) } select_vgahw(vga_model); - if (qemu_opts_foreach(qemu_find_opts("device"), device_help_func, NULL, 0) != 0) - exit(0); - if (watchdog) { i = select_watchdog(watchdog); if (i > 0) |