sdk/emulator/qemu.git
8 years agomigration: Remove unneeded NULL check from migrate_fd_error()
Peter Maydell [Fri, 21 Oct 2016 17:41:45 +0000 (18:41 +0100)]
migration: Remove unneeded NULL check from migrate_fd_error()

All the callers of migrate_fd_error() pass a non-NULL
error parameter, and if any did pass NULL then we would
segfault in error_copy(), so remove the unnecessary
NULL check earlier in the function.
(Spotted by Coverity.)

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
8 years agoscripts/hxtool: fix undefined behavour of echo
Daniel Shahaf [Sun, 16 Oct 2016 14:28:18 +0000 (17:28 +0300)]
scripts/hxtool: fix undefined behavour of echo

Avoid undefined behaviour of echo(1) with backslashes in arguments
The behaviour is implementation-defined, different /bin/sh's behave
differently.

Signed-off-by: Daniel Shahaf <danielsh@apache.org>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
8 years agoqemu-options.hx: set: fix copy-paste error
Michael Tokarev [Sun, 16 Oct 2016 14:21:37 +0000 (17:21 +0300)]
qemu-options.hx: set: fix copy-paste error

Reported-By: Daniel Shahaf <danielsh@apache.org>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
8 years agousb: Change *_exitfn return type from int to void
Akanksha Srivastava [Thu, 13 Oct 2016 20:21:31 +0000 (01:51 +0530)]
usb: Change *_exitfn return type from int to void

The *_exitfn functions cannot fail and should not be
returning int.
This also removes the passthru_exitfn since this callback
does nothing as of now.
This was suggested as a Bite-sized task for code cleanup.
Signed-off-by: Akanksha Srivastava <akanksha.dlf@gmail.com>
Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
8 years agoMAINTAINERS: qemu-trivial information
Laurent Vivier [Sat, 8 Oct 2016 10:00:07 +0000 (12:00 +0200)]
MAINTAINERS: qemu-trivial information

Information about "qemu-trivial" ML can be found in the wiki:

    http://wiki.qemu.org/Contribute/TrivialPatches

But the first place where a developer looks is the file MAINTAINERS.

This also allows the get_maintainer.pl script to display
the qemu-trivial ML address when the mail subject contains "trivial".

Signed-off-by: Laurent Vivier <laurent@vivier.eu>
Reviewed-by: Eric Blake <eblake@redhat.com>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
8 years agocolo-compare: remove unused struct CompareChardevProps and 'props' variable
zhanghailiang [Thu, 13 Oct 2016 06:57:28 +0000 (14:57 +0800)]
colo-compare: remove unused struct CompareChardevProps and 'props' variable

After commit 0a73336d, 'props' variable in find_and_check_chardev()
is unused. Remove it, togther with struct CompareChardevProps.

Signed-off-by: zhanghailiang <zhang.zhanghailiang@huawei.com>
Reviewed-by: Zhang Chen <zhangchen.fnst@cn.fujitsu.com>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
8 years agomilkymist-pfpu: fix potential integer overflow
Michael Walle [Fri, 14 Oct 2016 09:51:50 +0000 (11:51 +0200)]
milkymist-pfpu: fix potential integer overflow

Since the lm32 is a 32 bit architecture, just return a 32 bit value which
is then converted to a 64 bit value.

Spotted by coverity, CID 1005506.

Signed-off-by: Michael Walle <michael@walle.cc>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
8 years agohw/block/nvme: Simplify if-statements a little bit
Thomas Huth [Wed, 12 Oct 2016 15:18:40 +0000 (17:18 +0200)]
hw/block/nvme: Simplify if-statements a little bit

The condition  '!A || (A && B)' is equivalent to '!A || B'.

Buglink: https://bugs.launchpad.net/qemu/+bug/1464611
Signed-off-by: Thomas Huth <thuth@redhat.com>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
8 years agotarget-lm32: rewrite gen_compare()
Michael Walle [Wed, 12 Oct 2016 22:35:08 +0000 (00:35 +0200)]
target-lm32: rewrite gen_compare()

Drop the rX, rY and rZ stuff and use dc->r{0,1,2} directly. This should
also fix the false positive in coverity CID 1005720.

Signed-off-by: Michael Walle <michael@walle.cc>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
8 years agolm32: milkymist-tmu2: fix integer overflow
Michael Walle [Wed, 12 Oct 2016 22:35:07 +0000 (00:35 +0200)]
lm32: milkymist-tmu2: fix integer overflow

Don't truncate the multiplication and do a 64 bit one instead because
because the result is stored in a 64 bit variable.

Spotted by coverity, CID 1167561.

Signed-off-by: Michael Walle <michael@walle.cc>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
8 years agotarget-lm32: disable asm logging via LOG_DIS()
Michael Walle [Wed, 12 Oct 2016 22:35:06 +0000 (00:35 +0200)]
target-lm32: disable asm logging via LOG_DIS()

The lm32 target already has a disassembler which logs the assembly
instructions with "-d in_asm". Therefore, turn of the LOG_DIS() macro to
prevent logging the assembly instructions twice. Also turn the macro in a
one which is always compiled to catch any errors while the macro is turned
off.

Signed-off-by: Michael Walle <michael@walle.cc>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
8 years agotarget-lm32: swap operand of wcsr in LOG_DIS()
Michael Walle [Wed, 12 Oct 2016 22:35:05 +0000 (00:35 +0200)]
target-lm32: swap operand of wcsr in LOG_DIS()

Be consistent with the reference manual.

Signed-off-by: Michael Walle <michael@walle.cc>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
8 years agotarget-lm32: fix LOG_DIS operand order
Michael Walle [Wed, 12 Oct 2016 17:15:05 +0000 (19:15 +0200)]
target-lm32: fix LOG_DIS operand order

The order of most opcodes with immediates was wrong (according to the
reference manual) in the (debug) logging. Additionally, one operand for the
andhi instruction was completly wrong. Fix these.

Signed-off-by: Michael Walle <michael@walle.cc>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
8 years agotarget-lm32: fix style issue
Michael Walle [Wed, 12 Oct 2016 16:23:16 +0000 (18:23 +0200)]
target-lm32: fix style issue

Both branches of the ternary operator have the same expressions. Drop the
operator.

This fixes: https://bugs.launchpad.net/qemu/+bug/1414293

Signed-off-by: Michael Walle <michael@walle.cc>
Reviewed-by: Thomas Huth <huth@tuxfamily.org>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
8 years agohw/tpm/tpm_passthrough: Simplify if-statements a little bit
Thomas Huth [Wed, 12 Oct 2016 15:33:44 +0000 (17:33 +0200)]
hw/tpm/tpm_passthrough: Simplify if-statements a little bit

The condition  '!A || (A && B)' is equivalent to '!A || B'

Buglink: https://bugs.launchpad.net/qemu/+bug/1464611
Signed-off-by: Thomas Huth <thuth@redhat.com>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
8 years agofilter-dump: add missing "["
Changlong Xie [Tue, 11 Oct 2016 05:28:32 +0000 (13:28 +0800)]
filter-dump: add missing "["

Signed-off-by: Changlong Xie <xiecl.fnst@cn.fujitsu.com>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
8 years agoMerge remote-tracking branch 'remotes/jnsnow/tags/ide-pull-request' into staging
Peter Maydell [Fri, 28 Oct 2016 13:29:50 +0000 (14:29 +0100)]
Merge remote-tracking branch 'remotes/jnsnow/tags/ide-pull-request' into staging

# gpg: Signature made Thu 27 Oct 2016 22:15:57 BST
# gpg:                using RSA key 0x7DEF8106AAFC390E
# gpg: Good signature from "John Snow (John Huston) <jsnow@redhat.com>"
# Primary key fingerprint: FAEB 9711 A12C F475 812F  18F2 88A9 064D 1835 61EB
#      Subkey fingerprint: F9B7 ABDB BCAC DF95 BE76  CBD0 7DEF 8106 AAFC 390E

* remotes/jnsnow/tags/ide-pull-request:
  qemu-iotests: Test creating floppy drives
  fdc: Move qdev properties to FloppyDrive
  fdc: Add a floppy drive qdev
  fdc: Add a floppy qbus
  macio: switch over to new byte-aligned DMA helpers
  dma-helpers: explicitly pass alignment into DMA helpers

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
8 years agoMerge remote-tracking branch 'remotes/kevin/tags/for-upstream' into staging
Peter Maydell [Fri, 28 Oct 2016 11:06:41 +0000 (12:06 +0100)]
Merge remote-tracking branch 'remotes/kevin/tags/for-upstream' into staging

Block layer patches

# gpg: Signature made Thu 27 Oct 2016 18:15:47 BST
# gpg:                using RSA key 0x7F09B272C88F2FD6
# gpg: Good signature from "Kevin Wolf <kwolf@redhat.com>"
# Primary key fingerprint: DC3D EB15 9A9A F95D 3D74  56FE 7F09 B272 C88F 2FD6

* remotes/kevin/tags/for-upstream: (23 commits)
  iotests: Add test for NBD's blockdev-add interface
  iotests: Add assert_json_filename_equal() method
  socket_scm_helper: Accept fd directly
  iotests.py: Allow concurrent qemu instances
  iotests.py: Add qemu_nbd function
  qapi: Allow blockdev-add for NBD
  block/nbd: Use SocketAddress options
  block/nbd: Accept SocketAddress
  block/nbd: Add nbd_has_filename_options_conflict()
  block/nbd: Use qdict_put()
  block/nbd: Default port in nbd_refresh_filename()
  block/nbd: Reject port parameter without host
  block/nbd: Drop trailing "." in error messages
  qemu-iotests: Fix typo for NFS with IMGOPTSSYNTAX
  block: Remove bdrv_aio_ioctl()
  raw: Implement .bdrv_co_ioctl instead of .bdrv_aio_ioctl
  block: Introduce .bdrv_co_ioctl() driver callback
  block: Remove bdrv_ioctl()
  raw-posix: Don't use bdrv_ioctl()
  block: Use blk_co_ioctl() for all BB level ioctls
  ...

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
8 years agoMerge remote-tracking branch 'remotes/kraxel/tags/pull-seabios-20161027-2' into staging
Peter Maydell [Fri, 28 Oct 2016 09:51:22 +0000 (10:51 +0100)]
Merge remote-tracking branch 'remotes/kraxel/tags/pull-seabios-20161027-2' into staging

seabios: update to 1.10.0 release.

# gpg: Signature made Thu 27 Oct 2016 15:50:54 BST
# gpg:                using RSA key 0x4CB6D8EED3E87138
# gpg: Good signature from "Gerd Hoffmann (work) <kraxel@redhat.com>"
# gpg:                 aka "Gerd Hoffmann <gerd@kraxel.org>"
# gpg:                 aka "Gerd Hoffmann (private) <kraxel@gmail.com>"
# Primary key fingerprint: A032 8CFF B93A 17A7 9901  FE7D 4CB6 D8EE D3E8 7138

* remotes/kraxel/tags/pull-seabios-20161027-2:
  seabios: update to 1.10.0 release.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
8 years agoMerge remote-tracking branch 'remotes/kraxel/tags/pull-vga-20161027-1' into staging
Peter Maydell [Fri, 28 Oct 2016 08:58:38 +0000 (09:58 +0100)]
Merge remote-tracking branch 'remotes/kraxel/tags/pull-vga-20161027-1' into staging

virtio-gpu: fix memory leak in virtio_gpu_resource_create_2d

# gpg: Signature made Thu 27 Oct 2016 15:32:38 BST
# gpg:                using RSA key 0x4CB6D8EED3E87138
# gpg: Good signature from "Gerd Hoffmann (work) <kraxel@redhat.com>"
# gpg:                 aka "Gerd Hoffmann <gerd@kraxel.org>"
# gpg:                 aka "Gerd Hoffmann (private) <kraxel@gmail.com>"
# Primary key fingerprint: A032 8CFF B93A 17A7 9901  FE7D 4CB6 D8EE D3E8 7138

* remotes/kraxel/tags/pull-vga-20161027-1:
  virtio-gpu: fix memory leak in virtio_gpu_resource_create_2d

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
8 years agoqemu-iotests: Test creating floppy drives
Kevin Wolf [Thu, 27 Oct 2016 20:29:14 +0000 (16:29 -0400)]
qemu-iotests: Test creating floppy drives

This tests the different supported methods to create floppy drives and
how they interact.

Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Message-id: 1477386868-21826-5-git-send-email-kwolf@redhat.com
Signed-off-by: John Snow <jsnow@redhat.com>
8 years agofdc: Move qdev properties to FloppyDrive
Kevin Wolf [Thu, 27 Oct 2016 20:29:13 +0000 (16:29 -0400)]
fdc: Move qdev properties to FloppyDrive

This makes the FloppyDrive qdev object actually useful: Now that it has
all properties that don't belong to the controller, you can actually
use '-device floppy' and get a working result.

Command line semantics is consistent with CD-ROM drives: By default you
get a single empty floppy drive. You can override it with -drive and
using the same index, but if you use -drive to add a floppy to a
different index, you get both of them. However, as soon as you use any
'-device floppy', even to a different slot, the default drive is
disabled.

Using '-device floppy' without specifying the unit will choose the first
free slot on the controller.

Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Message-id: 1477386868-21826-4-git-send-email-kwolf@redhat.com
Signed-off-by: John Snow <jsnow@redhat.com>
8 years agofdc: Add a floppy drive qdev
Kevin Wolf [Thu, 27 Oct 2016 20:29:13 +0000 (16:29 -0400)]
fdc: Add a floppy drive qdev

Floppy controllers automatically create two floppy drive devices in qdev
now. (They always created two drives, but managed them only internally.)

Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Reviewed-by: John Snow <jsnow@redhat.com>
Message-id: 1477386868-21826-3-git-send-email-kwolf@redhat.com
Signed-off-by: John Snow <jsnow@redhat.com>
8 years agofdc: Add a floppy qbus
Kevin Wolf [Thu, 27 Oct 2016 20:29:13 +0000 (16:29 -0400)]
fdc: Add a floppy qbus

This adds a qbus to the floppy controller that should contain the floppy
drives eventually. At the moment it just exists and is empty.

Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Reviewed-by: John Snow <jsnow@redhat.com>
Message-id: 1477386868-21826-2-git-send-email-kwolf@redhat.com
Signed-off-by: John Snow <jsnow@redhat.com>
8 years agomacio: switch over to new byte-aligned DMA helpers
Mark Cave-Ayland [Thu, 27 Oct 2016 20:29:13 +0000 (16:29 -0400)]
macio: switch over to new byte-aligned DMA helpers

Now that the DMA helpers are byte-aligned they can be called directly from
the macio routines rather than emulating byte-aligned accesses via multiple
block-level accesses.

Signed-off-by: Mark Cave-Ayland <mark.cave-ayland@ilande.co.uk>
Reviewed-by: Eric Blake <eblake@redhat.com>
Reviewed-by: John Snow <jsnow@redhat.com>
Message-Id: 1476445266-27503-3-git-send-email-mark.cave-ayland@ilande.co.uk
Signed-off-by: John Snow <jsnow@redhat.com>
8 years agodma-helpers: explicitly pass alignment into DMA helpers
Mark Cave-Ayland [Thu, 27 Oct 2016 20:29:13 +0000 (16:29 -0400)]
dma-helpers: explicitly pass alignment into DMA helpers

The hard-coded default alignment is BDRV_SECTOR_SIZE, however this is not
necessarily the case for all platforms. Use this as the default alignment for
all current callers.

Signed-off-by: Mark Cave-Ayland <mark.cave-ayland@ilande.co.uk>
Reviewed-by: Eric Blake <eblake@redhat.com>
Acked-by: John Snow <jsnow@redhat.com>
Message-id: 1476445266-27503-2-git-send-email-mark.cave-ayland@ilande.co.uk
Signed-off-by: John Snow <jsnow@redhat.com>
8 years agotrace: Fix 'char **' compilation error in simple backend
Fam Zheng [Wed, 26 Oct 2016 03:50:06 +0000 (11:50 +0800)]
trace: Fix 'char **' compilation error in simple backend

Currently, the generated function body will do "strlen(arg)" but the
argument could be 'char **' or 'char * const *'. Avoid that by excluding
such cases in is_string check.

Reported by patchew's "make docker-test-mingw@fedora".

Suggested-by: Eric Blake <eblake@redhat.com>
Signed-off-by: Fam Zheng <famz@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Message-id: 1477453806-21097-1-git-send-email-famz@redhat.com
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
8 years agoiotests: Add test for NBD's blockdev-add interface
Max Reitz [Tue, 25 Oct 2016 13:11:41 +0000 (15:11 +0200)]
iotests: Add test for NBD's blockdev-add interface

Signed-off-by: Max Reitz <mreitz@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
8 years agoiotests: Add assert_json_filename_equal() method
Max Reitz [Tue, 25 Oct 2016 13:11:40 +0000 (15:11 +0200)]
iotests: Add assert_json_filename_equal() method

Since the order of keys in JSON filenames is not necessarily fixed, they
should not be compared to fixed strings. This method takes a Python dict
as a reference, parses a given JSON filename and compares both.

Signed-off-by: Max Reitz <mreitz@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
8 years agosocket_scm_helper: Accept fd directly
Max Reitz [Tue, 25 Oct 2016 13:11:39 +0000 (15:11 +0200)]
socket_scm_helper: Accept fd directly

This gives us more freedom about the fd that is passed to qemu, allowing
us to e.g. pass sockets.

Reviewed-by: Kevin Wolf <kwolf@redhat.com>
Signed-off-by: Max Reitz <mreitz@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
8 years agoiotests.py: Allow concurrent qemu instances
Max Reitz [Tue, 25 Oct 2016 13:11:38 +0000 (15:11 +0200)]
iotests.py: Allow concurrent qemu instances

By adding an optional suffix to the files used for communication with a
VM, we can launch multiple VM instances concurrently.

Reviewed-by: Kevin Wolf <kwolf@redhat.com>
Signed-off-by: Max Reitz <mreitz@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
8 years agoiotests.py: Add qemu_nbd function
Max Reitz [Tue, 25 Oct 2016 13:11:37 +0000 (15:11 +0200)]
iotests.py: Add qemu_nbd function

Signed-off-by: Max Reitz <mreitz@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
8 years agoqapi: Allow blockdev-add for NBD
Max Reitz [Tue, 25 Oct 2016 13:11:36 +0000 (15:11 +0200)]
qapi: Allow blockdev-add for NBD

Signed-off-by: Max Reitz <mreitz@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
8 years agoblock/nbd: Use SocketAddress options
Max Reitz [Tue, 25 Oct 2016 13:11:35 +0000 (15:11 +0200)]
block/nbd: Use SocketAddress options

Drop the use of legacy options in favor of the SocketAddress
representation, even for internal use (i.e. for storing the result of
the filename parsing).

Signed-off-by: Max Reitz <mreitz@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
8 years agoblock/nbd: Accept SocketAddress
Max Reitz [Tue, 25 Oct 2016 13:11:34 +0000 (15:11 +0200)]
block/nbd: Accept SocketAddress

Add a new option "server" to the NBD block driver which accepts a
SocketAddress.

"path", "host" and "port" are still supported as legacy options and are
mapped to their corresponding SocketAddress representation.

Signed-off-by: Max Reitz <mreitz@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
8 years agoblock/nbd: Add nbd_has_filename_options_conflict()
Max Reitz [Tue, 25 Oct 2016 13:11:33 +0000 (15:11 +0200)]
block/nbd: Add nbd_has_filename_options_conflict()

Right now, we have four possible options that conflict with specifying
an NBD filename, and a future patch will add another one ("address").
This future option is a nested QDict that is flattened at this point,
requiring us to test each option whether its key has an "address."
prefix. Therefore, we will then need to iterate through all options
(including the "export" option which was not covered so far).

Adding this iteration logic now will simplify adding the new option
later. A nice side effect is that the user will not receive a long list
of five options which are not supposed to be specified with a filename,
but we can actually print the problematic option.

Reviewed-by: Kevin Wolf <kwolf@redhat.com>
Signed-off-by: Max Reitz <mreitz@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
8 years agoblock/nbd: Use qdict_put()
Max Reitz [Tue, 25 Oct 2016 13:11:32 +0000 (15:11 +0200)]
block/nbd: Use qdict_put()

Instead of inlining this nice macro (i.e. resorting to
qdict_put_obj(..., QOBJECT(...))), use it.

Reviewed-by: Eric Blake <eblake@redhat.com>
Reviewed-by: Kevin Wolf <kwolf@redhat.com>
Signed-off-by: Max Reitz <mreitz@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
8 years agoblock/nbd: Default port in nbd_refresh_filename()
Max Reitz [Tue, 25 Oct 2016 13:11:31 +0000 (15:11 +0200)]
block/nbd: Default port in nbd_refresh_filename()

Instead of not emitting the port in nbd_refresh_filename(), just set it
to the default if the user did not specify it. This makes the logic a
bit simpler.

Reviewed-by: Eric Blake <eblake@redhat.com>
Reviewed-by: Kevin Wolf <kwolf@redhat.com>
Signed-off-by: Max Reitz <mreitz@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
8 years agoblock/nbd: Reject port parameter without host
Max Reitz [Tue, 25 Oct 2016 13:11:30 +0000 (15:11 +0200)]
block/nbd: Reject port parameter without host

Currently, a port that is passed along with a UNIX socket path is
silently ignored. That is not exactly ideal, it should be an error
instead.

Reviewed-by: Eric Blake <eblake@redhat.com>
Reviewed-by: Kevin Wolf <kwolf@redhat.com>
Signed-off-by: Max Reitz <mreitz@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
8 years agoblock/nbd: Drop trailing "." in error messages
Max Reitz [Tue, 25 Oct 2016 13:11:29 +0000 (15:11 +0200)]
block/nbd: Drop trailing "." in error messages

Reviewed-by: Eric Blake <eblake@redhat.com>
Reviewed-by: Kevin Wolf <kwolf@redhat.com>
Signed-off-by: Max Reitz <mreitz@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
8 years agoqemu-iotests: Fix typo for NFS with IMGOPTSSYNTAX
Kevin Wolf [Thu, 27 Oct 2016 11:16:56 +0000 (13:16 +0200)]
qemu-iotests: Fix typo for NFS with IMGOPTSSYNTAX

Commit 076003f5 added configuration for NFS with IMGOPTSSYNTAX enabled,
but it didn't use the right variable name: $TEST_DIR_OPTS doesn't exist.
This fixes the mistake.

However, this doesn't make anything work that was broken before: The
only way to get IMGOPTSSYNTAX is with -luks, but the combination of
-luks and -nfs doesn't get qemu-img create commands right (because
qemu-img create doesn't support --image-opts yet), so even after this
fix some more work would be required to make the tests pass.

Reported-by: Tomáš Golembiovský <tgolembi@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
8 years agoblock: Remove bdrv_aio_ioctl()
Kevin Wolf [Thu, 20 Oct 2016 12:40:22 +0000 (14:40 +0200)]
block: Remove bdrv_aio_ioctl()

It is unused now.

Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
8 years agoraw: Implement .bdrv_co_ioctl instead of .bdrv_aio_ioctl
Kevin Wolf [Thu, 20 Oct 2016 13:09:36 +0000 (15:09 +0200)]
raw: Implement .bdrv_co_ioctl instead of .bdrv_aio_ioctl

It's the simpler interface to use for the raw format driver.

Apart from that, this removes the last user of the AIO emulation
implemented by bdrv_aio_ioctl().

Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
8 years agoblock: Introduce .bdrv_co_ioctl() driver callback
Kevin Wolf [Thu, 20 Oct 2016 13:07:27 +0000 (15:07 +0200)]
block: Introduce .bdrv_co_ioctl() driver callback

This allows drivers to implement ioctls in a coroutine-based way.

Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
8 years agoblock: Remove bdrv_ioctl()
Kevin Wolf [Thu, 20 Oct 2016 12:40:22 +0000 (14:40 +0200)]
block: Remove bdrv_ioctl()

It is unused now.

Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
8 years agoraw-posix: Don't use bdrv_ioctl()
Kevin Wolf [Thu, 20 Oct 2016 12:50:12 +0000 (14:50 +0200)]
raw-posix: Don't use bdrv_ioctl()

Instead of letting raw-posix use the bdrv_ioctl() abstraction to issue
an ioctl to itself, just call ioctl() directly.

Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
8 years agoblock: Use blk_co_ioctl() for all BB level ioctls
Kevin Wolf [Thu, 20 Oct 2016 10:56:14 +0000 (12:56 +0200)]
block: Use blk_co_ioctl() for all BB level ioctls

All read/write functions already have a single coroutine-based function
on the BlockBackend level through which all requests go (no matter what
API style the external caller used) and which passes the requests down
to the block node level.

This patch exports a bdrv_co_ioctl() function and uses it to extend this
mode of operation to ioctls.

Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
8 years agoblock: Remove bdrv_aio_pdiscard()
Kevin Wolf [Thu, 20 Oct 2016 12:40:22 +0000 (14:40 +0200)]
block: Remove bdrv_aio_pdiscard()

It is unused now.

Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
8 years agoblock: Use blk_co_pdiscard() for all BB level discard
Kevin Wolf [Thu, 20 Oct 2016 10:56:14 +0000 (12:56 +0200)]
block: Use blk_co_pdiscard() for all BB level discard

All read/write functions already have a single coroutine-based function
on the BlockBackend level through which all requests go (no matter what
API style the external caller used) and which passes the requests down
to the block node level.

This patch extends this mode of operation to discards.

Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
8 years agoblock: Use blk_co_flush() for all BB level flushes
Kevin Wolf [Thu, 20 Oct 2016 10:56:14 +0000 (12:56 +0200)]
block: Use blk_co_flush() for all BB level flushes

All read/write functions already have a single coroutine-based function
on the BlockBackend level through which all requests go (no matter what
API style the external caller used) and which passes the requests down
to the block node level.

This patch extends this mode of operation to flushes.

Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
8 years agoMerge remote-tracking branch 'remotes/kraxel/tags/pull-audio-20161027-1' into staging
Peter Maydell [Thu, 27 Oct 2016 16:24:29 +0000 (17:24 +0100)]
Merge remote-tracking branch 'remotes/kraxel/tags/pull-audio-20161027-1' into staging

audio: intel-hda: check stream entry count during transfer

# gpg: Signature made Thu 27 Oct 2016 15:30:51 BST
# gpg:                using RSA key 0x4CB6D8EED3E87138
# gpg: Good signature from "Gerd Hoffmann (work) <kraxel@redhat.com>"
# gpg:                 aka "Gerd Hoffmann <gerd@kraxel.org>"
# gpg:                 aka "Gerd Hoffmann (private) <kraxel@gmail.com>"
# Primary key fingerprint: A032 8CFF B93A 17A7 9901  FE7D 4CB6 D8EE D3E8 7138

* remotes/kraxel/tags/pull-audio-20161027-1:
  audio: intel-hda: check stream entry count during transfer

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
8 years agoseabios: update to 1.10.0 release.
Gerd Hoffmann [Thu, 27 Oct 2016 14:42:28 +0000 (16:42 +0200)]
seabios: update to 1.10.0 release.

New in this release:
===================

* Initial support for Trusted Platform Module (TPM) version 2.0
* Several USB XHCI timing fixes on real hardware
* Support for "LSI MPT Fusion" scsi controllers on QEMU
* Support for virtio devices mapped above 4GB
* Several bug fixes and code cleanups

git shortlog rel-1.9.3..rel-1.10.0
==================================

Alex Williamson (1):
      fw/pci: Add support for mapping Intel IGD via QEMU

Cao jin (1):
      Fix comment typo

Cole Robinson (1):
      biostables: Support SMBIOS 2.6+ UUID format

Dana Rubin (2):
      pvscsi: Fix incorrect arguments order in call to memalign_low
      pvscsi: Use high memory for rings

Don Slutz (1):
      Support for booting from LSI Logic LSI53C1030, SAS1068, SAS1068e

Gerd Hoffmann (4):
      ahci: set transfer mode according to the capabilities of connected drive
      virtio: uninline _vp_{read,write}
      virtio: pci cfg access
      virtio: fix virtio-pci

Haozhong Zhang (1):
      fw/msr_feature_control: add support to set MSR_IA32_FEATURE_CONTROL

Igor Mammedov (3):
      paravirt: disable legacy bios tables in case of more than 255 CPUs
      add helpers to read etc/boot-cpus at resume time
      support booting with more than 255 CPUs

Kevin O'Connor (124):
      usb: Allow configuration of sigatt time (in etc/usb-time-sigatt)
      xhci: Check for device disconnects during USB2 reset polling
      sdcard: Only enable error_irq_enable for bits defined in SDHCI v1 spec
      sdcard: fix typo causing 32bit write to 16bit block_size field
      sdcard: Enable extra debugging on sdcard_waitw() timeout
      acpi_extract: Move main code to new function main()
      acpi_extract: Make the generated .hex files more human readable
      acpi_extract: Don't generate unused (and empty) q35-acpi-dsdt.hex file
      acpi: Don't build SSDT files on every build; store them in git
      acpi: Remove build check for iasl
      tpm: Move standard definitions from tcgbios.h to new file std/tcg.h
      util.h: Minor - HaveRunPost is in misc.c not resume.c
      tpm: Add "static" declaration to functions not used outside tcgbios.c
      tpm: Move code around in tcgbios.c
      tpm: Move error recovery from tpm_extend_acpi_log() to only caller
      tpm: Open code tpm_ipl() into callers
      tpm: Change tpm_add_measurement() to tpm_add_action()
      tpm: Move tpm_add_bootdevice() into callers
      tpm: Move tpm_start_option_rom_scan() and tpm_calling_int19h() into callers
      tpm: pcpes->event is a variable length array
      tpm: Don't pass entry_count around in parameters to/from tpm_extend_acpi_log()
      tpm: There is no need to pass pcrindex to hash_log_extend_event()
      tpm: Perform hashing separately from logging
      tpm: There is no need to pass event_length to hash/extend functions
      tpm: Avoid scatter-gather copying in build_and_send_cmd()
      tpm: Don't implement scatter-gather in transmit()
      tpm: Merge tpm_log_event() and tpm_extend_acpi_log()
      tpm: Merge tpm_log_extend_event() and tpm_extend(); extend before logging
      xhci: Wait for port enable even for USB3 devices
      xhci: Improve port status change debugging
      xhci: Disable slot on failed set_address command
      nmi: Don't try to switch onto extra stack in NMI handler
      scsi: Do not call printf() from scsi_is_ready()
      block: Report drive->sectors using "%u" instead of "%d"
      tpm: Add banner separating the TCG bios interface code from TCG menu code
      tpm: Avoid macro expansion of tpm request / response structs
      tpm: Simplify hardware probe and detection checks
      tpm: Add wrapper function tpmhw_set_timeouts()
      tpm: Move TPM hardware functions from tcgbios.c to hw/tpm_drivers.c
      tpm: Rework TPM interface shutdown support
      tpm: Simplify tcpa probe
      tpm: Introduce tpm_get_capability() helper function
      tpm: Eliminate response buffer parameter from build_and_send_cmd()
      tpm: Don't return a status from external bios measurement functions
      tpm: No need to check the return status of measurements
      tpm: Don't call tpm_set_failure() from tpm_log_extend_event()
      tpm: Don't use 16bit BIOS return codes in build_and_send_cmd()
      tpm: Don't use 16bit BIOS return codes in tpm_log_event()
      tpm: Don't use 16bit BIOS return codes in tpmhw_* functions
      tpm: Don't use 16bit BIOS return codes in TPM menu functions
      usb: Remove usbdev->slotid field
      coreboot: Check for unaligned cbfs header
      resume: Make KVM soft reboot loop detection more flexible
      post: Always set HaveRunPost prior to setting any other global variable
      kbd: Don't treat scancode and asciicode as separate values
      kbd: Refactor capslock and numlock handling
      ehci: Only delay UHCI/OHCI port scan until after EHCI setup completes
      usb: Eliminate USB controller setup thread
      pci: Add helper functions for internal driver BAR handling
      ahci: Convert to new PCI BAR helper functions
      ata: Convert to new PCI BAR helper functions
      esp-scsi: Convert to new PCI BAR helper functions
      lsi-scsi: Convert to new PCI BAR helper functions
      megasas: Convert to new PCI BAR helper functions
      pvscsi: Convert to new PCI BAR helper functions
      sdcard: Convert to new PCI BAR helper functions
      ehci: Convert to new PCI BAR helper functions
      ohci: Convert to new PCI BAR helper functions
      uhci: Convert to new PCI BAR helper functions
      xhci: Convert to new PCI BAR helper functions
      virtio: Convert to new PCI BAR helper functions
      pci: Consistently set pci->have_drivers for devices with internal drivers
      pci: Implement '%pP' printf handler for 'struct pci_device' pointers
      pci: Move code in pci.c that is specific to pciinit.c to pciinit.c
      pci: Split low-level pci code from higher-level 'struct pci_device' code
      scsi: Always use MAXDESCSIZE when building drive description
      block: Move drive setup to new function block_setup()
      tpm: Unify tpm_fill_hash()/tpm_log_extend_event() and use in BIOS interface
      docs: Note release date of 1.9.1
      build: fix .text section address alignment
      tpm: Write logs in TPM 2 format
      mpt-scsi: Declare 'int i' outside of for loop for older compilers
      block: Move send_disk_op() from block.c to disk.c
      disk: Avoid stack_hop() path if already on the extra stack
      optionroms: Drop support for CONFIG_OPTIONROMS_DEPLOYED
      shadow: Batch PCI config writes
      virtio: Use threads when scanning for virtio devices
      scsi: Launch a thread when scanning for drives in the scsi drivers
      docs: Note release date of 1.9.2
      usb-xhci: Remove unused const variables
      tcgbios: Remove unused const variable
      vgabios: Remove special case of dh==0xff in handle_1013()
      vgabios: Don't check for special case of page==0xff on external calls
      vgabios: Simplify set_cursor_pos()
      docs: Note release date of 1.9.3
      vgabios: Simplify scroll logic
      blockcmd: CMD_SCSI op is only used in 32bit mode
      swcursor: Move swcursor code from vgafb.c to new file swcursor.c
      swcursor: Concentrate swcursor logic in swcursor.c
      vgafb: Move header definitions from vgabios.h to new file vgafb.h
      vgainit: Move video param setup to stdvga_build_video_param()
      vgautil: Add new header file with misc function and variable definitions
      vgautil: Move generic definitions from stdvga.h to vgautil.h
      vgautil: Move definitions from cbvga.h and clext.h to vgautil.h
      version: Update header files now that version.c is not auto generated
      checkstack: Handle conditional checks at start of functions
      tpm: Append to TPM2 log the hashes used for PCR extension
      ps2: Remove stale check for timeout warning on reset
      pic: The default hardware interrupt handlers should not take a parameter
      kbd: Implement 101-key keyboard keycode mapping
      kbd: Implement extended keycode mappings for keypad-enter and keypad-/
      kbd: Suppress keys without mappings
      kbd: Merge bda->kbd_flag0 and bda->kbd_flag1
      kbd: Extract out shift flag setting into new function
      kbd: Move checking for special keys in __process_keys() into switch
      kbd: Ignore fake shift keys
      usb-hid: Generate Ctrl+Break and Alt+SysReq keys
      kbd: Generate interrupt events for SysReq, PrtScr, and Break
      post: Map int 0x05 to entry point
      kbd: Move extended and release events out of special key detection switch
      build: Be sure to also include out/*.d in Makefile
      smp: consolidate CPU APIC ID detection and accounting
      build: Add -fno-pie to the gcc flags when available
      docs: Note v1.10.0 release

Marcel Apfelbaum (2):
      fw/pci: do not automatically allocate IO region for PCIe bridges
      fw/pci: add Q35 S3 support

Matt DeVillier (1):
      sdcard: skip detection of PCI sdhci controllers if etc/sdcard used

Paolo Bonzini (1):
      smp: restore MSRs on S3 resume

Piotr Król (1):
      docs: fix various typos and inconsistency

Roger Pau Monne (1):
      build: fix typo in buildversion.py

Stefan Berger (34):
      tpm: Temporarily deactivate the TPM in case of failure
      tpm: Refactor function building TPM commands
      tpm: Refactor the parameters being passed to tpm_extend_acpi_log
      tpm: Refactor hash_log_event BIOS interface function
      tpm: Refactor hash_log_extend_event
      tpm: fix compiler warning with older gcc versions
      tpm: Drop code using the TPM for sha1
      tpm: Set timeouts and durations to microsecond values
      tpm: Cache all log related pointers in tpm_state
      tpm: Refactor pass_through_to_tpm
      tpm: Rename remaining interrupt functions
      tpm: Remove check for working TPM from TPM interrupt handler
      tpm: Check length parameter of the array
      tpm: Add a menu for TPM configuration
      tpm: Copy digest into HashLogExentEvent response
      tpm: Move assert_physical_presence and dependencies
      tpm: Add support for harware physical presence
      tpm: Rework the assertion of physical presence
      tpm: Remove usage of PP_CMD_ENABLE from all but one place
      tpm: Do not set TPM in failure mode if menu command fails
      tpm: Extend TPM TIS with TPM 2 support.
      tpm: Factor out tpm_extend
      tpm: Prepare code for TPM 2 functions
      tpm: Implement tpm20_startup and tpm20_s3_resume
      tpm: Implement tpm20_set_timeouts
      tpm: Implement tpm20_prepboot
      tpm: Implement tpm20_extend
      tpm: Implement tpm20_menu
      tpm: Implement TPM 2's tpm_set_failure part
      tpm: Filter TPM commands in passthrough API
      tpm: Retrieve the PCR Bank configuration
      tpm: Restructure tpm20_extend to use buffer and take hash as parameter
      tpm: Refactor tpml_digest_values_sha1 structure
      tpm: Extend tpm20_extend to support extending to multiple PCR banks

Zheng Bao (1):
      splash: Skip the RGB555 mode

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
8 years agoMerge remote-tracking branch 'remotes/rth/tags/pull-atomic-20161026' into staging
Peter Maydell [Thu, 27 Oct 2016 13:06:34 +0000 (14:06 +0100)]
Merge remote-tracking branch 'remotes/rth/tags/pull-atomic-20161026' into staging

cmpxchg emulation of atomics, v8

# gpg: Signature made Wed 26 Oct 2016 16:30:03 BST
# gpg:                using RSA key 0xAD1270CC4DD0279B
# gpg: Good signature from "Richard Henderson <rth7680@gmail.com>"
# gpg:                 aka "Richard Henderson <rth@redhat.com>"
# gpg:                 aka "Richard Henderson <rth@twiddle.net>"
# Primary key fingerprint: 9CB1 8DDA F8E8 49AD 2AFC  16A4 AD12 70CC 4DD0 279B

* remotes/rth/tags/pull-atomic-20161026: (37 commits)
  target-alpha: Emulate LL/SC using cmpxchg helpers
  target-alpha: Introduce MMU_PHYS_IDX
  target-arm: remove EXCP_STREX + cpu_exclusive_{test, info}
  linux-user: remove handling of aarch64's EXCP_STREX
  linux-user: remove handling of ARM's EXCP_STREX
  target-arm: emulate aarch64's LL/SC using cmpxchg helpers
  target-arm: emulate SWP with atomic_xchg helper
  target-arm: emulate LL/SC using cmpxchg helpers
  target-arm: Rearrange aa32 load and store functions
  tests: add atomic_add-bench
  target-i386: remove helper_lock()
  target-i386: emulate XCHG using atomic helper
  target-i386: emulate LOCK'ed BTX ops using atomic helpers
  target-i386: emulate LOCK'ed XADD using atomic helper
  target-i386: emulate LOCK'ed NEG using cmpxchg helper
  target-i386: emulate LOCK'ed NOT using atomic helper
  target-i386: emulate LOCK'ed INC using atomic helper
  target-i386: emulate LOCK'ed OP instructions using atomic helpers
  target-i386: emulate LOCK'ed cmpxchg using cmpxchg helpers
  tcg: Emit barriers with parallel_cpus
  ...

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
8 years agoMerge remote-tracking branch 'remotes/jasowang/tags/net-pull-request' into staging
Peter Maydell [Thu, 27 Oct 2016 11:45:45 +0000 (12:45 +0100)]
Merge remote-tracking branch 'remotes/jasowang/tags/net-pull-request' into staging

# gpg: Signature made Wed 26 Oct 2016 03:19:06 BST
# gpg:                using RSA key 0xEF04965B398D6211
# gpg: Good signature from "Jason Wang (Jason Wang on RedHat) <jasowang@redhat.com>"
# gpg: WARNING: This key is not certified with sufficiently trusted signatures!
# gpg:          It is not certain that the signature belongs to the owner.
# Primary key fingerprint: 215D 46F4 8246 689E C77F  3562 EF04 965B 398D 6211

* remotes/jasowang/tags/net-pull-request:
  colo-proxy: fix memory leak
  net: rtl8139: limit processing of ring descriptors
  net: vmxnet: initialise local tx descriptor
  e1000e: Don't zero out buffer address in rx descriptor
  net: rocker: set limit to DMA buffer size
  net: eepro100: fix memory leak in device uninit
  tap-bsd: OpenBSD uses tap(4) now
  net: pcnet: fix source formatting and indentation
  net: pcnet: check rx/tx descriptor ring length

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
8 years agoMerge remote-tracking branch 'remotes/vivier/tags/m68k-part1-pull-request' into staging
Peter Maydell [Thu, 27 Oct 2016 10:58:43 +0000 (11:58 +0100)]
Merge remote-tracking branch 'remotes/vivier/tags/m68k-part1-pull-request' into staging

# gpg: Signature made Tue 25 Oct 2016 19:58:46 BST
# gpg:                using RSA key 0xF30C38BD3F2FBE3C
# gpg: Good signature from "Laurent Vivier <lvivier@redhat.com>"
# gpg:                 aka "Laurent Vivier <laurent@vivier.eu>"
# gpg:                 aka "Laurent Vivier (Red Hat) <lvivier@redhat.com>"
# Primary key fingerprint: CD2F 75DD C8E3 A4DC 2E4F  5173 F30C 38BD 3F2F BE3C

* remotes/vivier/tags/m68k-part1-pull-request: (23 commits)
  target-m68k: Optimize gen_flush_flags
  target-m68k: Optimize some comparisons
  target-m68k: Use setcond for scc
  target-m68k: Introduce DisasCompare
  target-m68k: Reorg flags handling
  target-m68k: Remove incorrect clearing of cc_x
  target-m68k: Some fixes to SR and flags management
  target-m68k: Print flags properly
  target-m68k: update CPU flags management
  target-m68k: don't update cc_dest in helpers
  target-m68k: update move to/from ccr/sr
  target-m68k: remove m68k_cpu_exec_enter() and m68k_cpu_exec_exit()
  target-m68k: Replace helper_xflag_lt with setcond
  target-m68k: allow to update flags with operation on words and bytes
  target-m68k: REG() macro cleanup
  target-m68k: set PAGE_BITS to 12 for m68k
  target-m68k: define operand sizes
  target-m68k: set disassembler mode to 680x0 or coldfire
  target-m68k: introduce read_imXX() functions
  target-m68k: manage scaled index
  ...

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
8 years agotarget-alpha: Emulate LL/SC using cmpxchg helpers
Richard Henderson [Fri, 2 Sep 2016 19:52:28 +0000 (12:52 -0700)]
target-alpha: Emulate LL/SC using cmpxchg helpers

Emulating LL/SC with cmpxchg is not correct, since it can
suffer from the ABA problem.  However, portable parallel
code is written assuming only cmpxchg which means that in
practice this is a viable alternative.

Signed-off-by: Richard Henderson <rth@twiddle.net>
8 years agotarget-alpha: Introduce MMU_PHYS_IDX
Richard Henderson [Sat, 3 Sep 2016 18:32:35 +0000 (11:32 -0700)]
target-alpha: Introduce MMU_PHYS_IDX

Rather than using helpers for physical accesses, use a mmu index.
The primary cleanup is with store-conditional on physical addresses.

Signed-off-by: Richard Henderson <rth@twiddle.net>
8 years agotarget-arm: remove EXCP_STREX + cpu_exclusive_{test, info}
Emilio G. Cota [Mon, 27 Jun 2016 19:02:16 +0000 (15:02 -0400)]
target-arm: remove EXCP_STREX + cpu_exclusive_{test, info}

The exception is not emitted anymore; remove it and the associated
TCG variables.

Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Signed-off-by: Emilio G. Cota <cota@braap.org>
Signed-off-by: Richard Henderson <rth@twiddle.net>
Message-Id: <1467054136-10430-31-git-send-email-cota@braap.org>

8 years agolinux-user: remove handling of aarch64's EXCP_STREX
Emilio G. Cota [Mon, 27 Jun 2016 19:02:15 +0000 (15:02 -0400)]
linux-user: remove handling of aarch64's EXCP_STREX

The exception is not emitted anymore.

Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Signed-off-by: Emilio G. Cota <cota@braap.org>
Signed-off-by: Richard Henderson <rth@twiddle.net>
Message-Id: <1467054136-10430-30-git-send-email-cota@braap.org>

8 years agolinux-user: remove handling of ARM's EXCP_STREX
Emilio G. Cota [Mon, 27 Jun 2016 19:02:14 +0000 (15:02 -0400)]
linux-user: remove handling of ARM's EXCP_STREX

The exception is not emitted anymore.

Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Signed-off-by: Emilio G. Cota <cota@braap.org>
Signed-off-by: Richard Henderson <rth@twidle.net>
Message-Id: <1467054136-10430-29-git-send-email-cota@braap.org>

8 years agotarget-arm: emulate aarch64's LL/SC using cmpxchg helpers
Emilio G. Cota [Mon, 27 Jun 2016 19:02:13 +0000 (15:02 -0400)]
target-arm: emulate aarch64's LL/SC using cmpxchg helpers

Emulating LL/SC with cmpxchg is not correct, since it can
suffer from the ABA problem. Portable parallel code, however,
is written assuming only cmpxchg--and not LL/SC--is available.
This means that in practice emulating LL/SC with cmpxchg is
a viable alternative.

The appended emulates LL/SC pairs in aarch64 with cmpxchg helpers.
This works in both user and system mode. In usermode, it avoids
pausing all other CPUs to perform the LL/SC pair. The subsequent
performance and scalability improvement is significant, as the
plots below show. They plot the throughput of atomic_add-bench
compiled for ARM and executed on a 64-core x86 machine.

Hi-res plots: http://imgur.com/a/JVc8Y

                atomic_add-bench: 1000000 ops/thread, [0,1] range

  18 ++---------+----------+---------+----------+----------+----------+---++
     +cmpxchg +-E--+       +         +          +          +          +    |
  16 ++master +-H--+                                                      ++
     ||                                                                    |
  14 ++                                                                   ++
     | |                                                                   |
  12 ++|                                                                  ++
     | |                                                                   |
  10 ++++                                                                 ++
   8 ++E                                                                  ++
     |+++                                                                  |
   6 ++ |                                                                 ++
     |  |                                                                  |
   4 ++ |                                                                 ++
     |   |                                                                 |
   2 +H++E+---                                                            ++
     + |     +E++----+E+---+--+E+----++E+------+E+------+E++----+E+---+--+E|
   0 ++H-H----H-+-----H----+---------+----------+----------+----------+---++
     0          10         20        30         40         50         60
                                Number of threads

                atomic_add-bench: 1000000 ops/thread, [0,2] range

  18 ++---------+----------+---------+----------+----------+----------+---++
     +cmpxchg +-E--+       +         +          +          +          +    |
  16 ++master +-H--+                                                      ++
     | |                                                                   |
  14 ++E                                                                  ++
     | |                                                                   |
  12 ++|                                                                  ++
     |+++                                                                  |
  10 ++ |                                                                 ++
   8 ++ |                                                                 ++
     |  |                                                                  |
   6 ++ |                                                                 ++
     |   |                                                                 |
   4 ++  |                                                                ++
     |  +E+---                                                             |
   2 +H+     +E+-----+++              +++      +++   ---+E+-----+E+------+++
     +++        +    +E+---+--+E+----++E+------+E+---   ++++    +++   +  +E|
   0 ++H-H----H-+-----H----+---------+----------+----------+----------+---++
     0          10         20        30         40         50         60
                                Number of threads

               atomic_add-bench: 1000000 ops/thread, [0,128] range

  70 ++---------+----------+---------+----------+----------+----------+---++
     +cmpxchg +-E--+       +         +          +          +          +    |
  60 ++master +-H--+                  +++            ---+E+-----+E+------+E+
     |                        +E+------E-------+E+---                      |
     |                     ---        +++                                  |
  50 ++              +++---                                               ++
     |              -+E+                                                   |
  40 ++      +++----                                                      ++
     |        E-                                                           |
     |      --|                                                            |
  30 ++   -- +++                                                          ++
     |  +E+                                                                |
  20 ++E+                                                                 ++
     |E+                                                                   |
     |                                                                     |
  10 ++                                                                   ++
     +          +          +         +          +          +          +    |
   0 +HH-H----H-+-----H----+---------+----------+----------+----------+---++
     0          10         20        30         40         50         60
                                Number of threads

              atomic_add-bench: 1000000 ops/thread, [0,1024] range

  160 ++---------+---------+----------+---------+----------+----------+---++
      +cmpxchg +-E--+      +          +         +          +          +    |
  140 ++master +-H--+                                           +++      +++
      |                                                -+E+-----+E+-------E|
  120 ++                                       +++ ----                  +++
      |                                +++  ----E--                        |
  100 ++                              --E---   +++                        ++
      |                       +++ ---- +++                                 |
   80 ++                     --E--                                        ++
      |                  ---- +++                                          |
      |              -+E+                                                  |
   60 ++         ---- +++                                                 ++
      |      +E+-                                                          |
   40 ++   --                                                             ++
      |  +E+                                                               |
   20 +EE+                                                                ++
      +++        +         +          +         +          +          +    |
    0 +HH-H---H--+-----H---+----------+---------+----------+----------+---++
      0          10        20         30        40         50         60
                                Number of threads

[rth: Rearrange 128-bit cmpxchg helper.  Enforce alignment on LL.]

Signed-off-by: Emilio G. Cota <cota@braap.org>
Message-Id: <1467054136-10430-28-git-send-email-cota@braap.org>
Signed-off-by: Richard Henderson <rth@twiddle.net>
8 years agotarget-arm: emulate SWP with atomic_xchg helper
Emilio G. Cota [Mon, 27 Jun 2016 19:02:10 +0000 (15:02 -0400)]
target-arm: emulate SWP with atomic_xchg helper

Signed-off-by: Emilio G. Cota <cota@braap.org>
Message-Id: <1467054136-10430-25-git-send-email-cota@braap.org>
Signed-off-by: Richard Henderson <rth@twiddle.net>
8 years agotarget-arm: emulate LL/SC using cmpxchg helpers
Emilio G. Cota [Mon, 27 Jun 2016 19:02:08 +0000 (15:02 -0400)]
target-arm: emulate LL/SC using cmpxchg helpers

Emulating LL/SC with cmpxchg is not correct, since it can
suffer from the ABA problem. Portable parallel code, however,
is written assuming only cmpxchg--and not LL/SC--is available.
This means that in practice emulating LL/SC with cmpxchg is
a viable alternative.

The appended emulates LL/SC pairs in ARM with cmpxchg helpers.
This works in both user and system mode. In usermode, it avoids
pausing all other CPUs to perform the LL/SC pair. The subsequent
performance and scalability improvement is significant, as the
plots below show. They plot the throughput of atomic_add-bench
compiled for ARM and executed on a 64-core x86 machine.

Hi-res plots: http://imgur.com/a/aNQpB

               atomic_add-bench: 1000000 ops/thread, [0,1] range

  9 ++---------+----------+----------+----------+----------+----------+---++
    +cmpxchg +-E--+       +          +          +          +          +    |
  8 +Emaster +-H--+                                                       ++
    | |                                                                    |
  7 ++E                                                                   ++
    | |                                                                    |
  6 ++++                                                                  ++
    |  |                                                                   |
  5 ++ |                                                                  ++
  4 ++ |                                                                  ++
    |  |                                                                   |
  3 ++ |                                                                  ++
    |   |                                                                  |
  2 ++  |                                                                 ++
    |H++E+---                                  +++  ---+E+------+E+------+E|
  1 +++     +E+-----+E+------+E+------+E+------+E+--   +++      +++       ++
    ++H+       +    +++   +  +++     ++++       +          +          +    |
  0 ++--H----H-+-----H----+----------+----------+----------+----------+---++
    0          10         20         30         40         50         60
                               Number of threads

                atomic_add-bench: 1000000 ops/thread, [0,2] range

  16 ++---------+----------+---------+----------+----------+----------+---++
     +cmpxchg +-E--+       +         +          +          +          +    |
  14 ++master +-H--+                                                      ++
     | |                                                                   |
  12 ++|                                                                  ++
     | E                                                                   |
  10 ++|                                                                  ++
     | |                                                                   |
   8 ++++                                                                 ++
     |E+|                                                                  |
     |  |                                                                  |
   6 ++ |                                                                 ++
     |   |                                                                 |
   4 ++  |                                                                ++
     |  +E+---       +++      +++              +++           ---+E+------+E|
   2 +H+     +E+------E-------+E+-----+E+------+E+------+E+--            +++
     + |        +    +++   +         ++++       +          +          +    |
   0 ++H-H----H-+-----H----+---------+----------+----------+----------+---++
     0          10         20        30         40         50         60
                                Number of threads

               atomic_add-bench: 1000000 ops/thread, [0,128] range

  70 ++---------+----------+---------+----------+----------+----------+---++
     +cmpxchg +-E--+       +         +          +       ++++          +    |
  60 ++master +-H--+                                 ----E------+E+-------++
     |                                        -+E+---   +++     +++      +E|
     |                                +++ ---- +++                       ++|
  50 ++                       +++  ---+E+-                                ++
     |                        -E---                                        |
  40 ++                    ---+++                                         ++
     |               +++---                                                |
     |              -+E+                                                   |
  30 ++      +++----                                                      ++
     |       +E+                                                           |
  20 ++ +++--                                                             ++
     |  +E+                                                                |
     |+E+                                                                  |
  10 +E+                                                                  ++
     +          +          +         +          +          +          +    |
   0 +HH-H----H-+-----H----+---------+----------+----------+----------+---++
     0          10         20        30         40         50         60
                                Number of threads

              atomic_add-bench: 1000000 ops/thread, [0,1024] range

  120 ++---------+---------+----------+---------+----------+----------+---++
      +cmpxchg +-E--+      +          +         +          +          +    |
      | master +-H--+                                                    ++|
  100 ++                                                              ----E+
      |                                                 +++  ---+E+---   ++|
      |                                                --E---   +++        |
   80 ++                                           ---- +++               ++
      |                                     ---+E+-                        |
   60 ++                              -+E+--                              ++
      |                       +++ ---- +++                                 |
      |                      -+E+-                                         |
   40 ++              +++----                                             ++
      |      +++   ---+E+                                                  |
      |     -+E+---                                                        |
   20 ++ +E+                                                              ++
      |+E+++                                                               |
      +E+        +         +          +         +          +          +    |
    0 +HH-H---H--+-----H---+----------+---------+----------+----------+---++
      0          10        20         30        40         50         60
                                Number of threads

[rth: Enforce alignment for ldrexd.]

Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Signed-off-by: Emilio G. Cota <cota@braap.org>
Message-Id: <1467054136-10430-23-git-send-email-cota@braap.org>
Signed-off-by: Richard Henderson <rth@twiddle.net>
8 years agotarget-arm: Rearrange aa32 load and store functions
Richard Henderson [Thu, 30 Jun 2016 18:44:14 +0000 (11:44 -0700)]
target-arm: Rearrange aa32 load and store functions

Stop specializing on TARGET_LONG_BITS == 32; unconditionally allocate
a temp and expand with tcg_gen_extu_i32_tl.  Split out gen_aa32_addr,
gen_aa32_frob64, gen_aa32_ld_i32 and gen_aa32_st_i32 as separate interfaces.

Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Signed-off-by: Richard Henderson <rth@twiddle.net>
8 years agotests: add atomic_add-bench
Emilio G. Cota [Mon, 27 Jun 2016 19:02:05 +0000 (15:02 -0400)]
tests: add atomic_add-bench

With this microbenchmark we can measure the overhead of emulating atomic
instructions with a configurable degree of contention.

The benchmark spawns $n threads, each performing $o atomic ops (additions)
in a loop. Each atomic operation is performed on a different cache line
(assuming lines are 64b long) that is randomly selected from a range [0, $r).

[ Note: each $foo corresponds to a -foo flag ]

Signed-off-by: Emilio G. Cota <cota@braap.org>
Signed-off-by: Richard Henderson <rth@twiddle.net>
Message-Id: <1467054136-10430-20-git-send-email-cota@braap.org>

8 years agotarget-i386: remove helper_lock()
Emilio G. Cota [Mon, 27 Jun 2016 19:02:06 +0000 (15:02 -0400)]
target-i386: remove helper_lock()

It's been superseded by the atomic helpers.

The use of the atomic helpers provides a significant performance and scalability
improvement. Below is the result of running the atomic_add-test microbenchmark with:
 $ x86_64-linux-user/qemu-x86_64 tests/atomic_add-bench -o 5000000 -r $r -n $n
, where $n is the number of threads and $r is the allowed range for the additions.

The scenarios measured are:
- atomic: implements x86' ADDL with the atomic_add helper (i.e. this patchset)
- cmpxchg: implement x86' ADDL with a TCG loop using the cmpxchg helper
- master: before this patchset

Results sorted in ascending range, i.e. descending degree of contention.
Y axis is Throughput in Mops/s. Tests are run on an AMD machine with 64
Opteron 6376 cores.

                atomic_add-bench: 5000000 ops/thread, [0,1] range

  25 ++---------+----------+---------+----------+----------+----------+---++
     + atomic +-E--+       +         +          +          +          +    |
     |cmpxchg +-H--+                                                       |
  20 +Emaster +-N--+                                                      ++
     ||                                                                    |
     |++                                                                   |
     ||                                                                    |
  15 +++                                                                  ++
     |N|                                                                   |
     |+|                                                                   |
  10 ++|                                                                  ++
     |+|+                                                                  |
     | |    -+E+------        +++  ---+E+------+E+------+E+-----+E+------+E|
     |+E+E+- +++     +E+------+E+--                                        |
   5 ++|+                                                                 ++
     |+N+H+---                                 +++                         |
     ++++N+--+H++----+++   +  +++  --++H+------+H+------+H++----+H+---+--- |
   0 ++---------+-----H----+---H-----+----------+----------+----------+---H+
     0          10         20        30         40         50         60
                                Number of threads

                atomic_add-bench: 5000000 ops/thread, [0,2] range

  25 ++---------+----------+---------+----------+----------+----------+---++
     ++atomic +-E--+       +         +          +          +          +    |
     |cmpxchg +-H--+                                                       |
  20 ++master +-N--+                                                      ++
     |E|                                                                   |
     |++                                                                   |
     ||E                                                                   |
  15 ++|                                                                  ++
     |N||                                                                  |
     |+||                                   ---+E+------+E+-----+E+------+E|
  10 ++| |        ---+E+------+E+-----+E+---                    +++      +++
     ||H+E+--+E+--                                                         |
     |+++++                                                                |
     | ||                                                                  |
   5 ++|+H+--                                  +++                        ++
     |+N+    -                              ---+H+------+H+------          |
     +  +N+--+H++----+H+---+--+H+----++H+---    +          +    +H+---+--+H|
   0 ++---------+----------+---------+----------+----------+----------+---++
     0          10         20        30         40         50         60
                                Number of threads

                atomic_add-bench: 5000000 ops/thread, [0,8] range

  40 ++---------+----------+---------+----------+----------+----------+---++
     ++atomic +-E--+       +         +          +          +          +    |
  35 +cmpxchg +-H--+                                                      ++
     | master +-N--+               ---+E+------+E+------+E+-----+E+------+E|
  30 ++|                   ---+E+--   +++                                 ++
     | |            -+E+---                                                |
  25 ++E        ---- +++                                                  ++
     |+++++ -+E+                                                           |
  20 +E+ E-- +++                                                          ++
     |H|+++                                                                |
     |+|                                       +H+-------                  |
  15 ++H+                                   ---+++      +H+------         ++
     |N++H+--                         +++---                    +H+------++|
  10 ++ +++  -       +++           ---+H+                       +++      +H+
     | |     +H+-----+H+------+H+--                                        |
   5 ++|                      +++                                         ++
     ++N+N+--+N++          +         +          +          +          +    |
   0 ++---------+----------+---------+----------+----------+----------+---++
     0          10         20        30         40         50         60
                                Number of threads

               atomic_add-bench: 5000000 ops/thread, [0,128] range

  160 ++---------+---------+----------+---------+----------+----------+---++
      + atomic +-E--+      +          +         +          +          +    |
  140 +cmpxchg +-H--+                          +++      +++               ++
      | master +-N--+                           E--------E------+E+------++|
  120 ++                                      --|        |      +++       E+
      |                                     -- +++      +++              ++|
  100 ++                                   -                              ++
      |                                +++-                     +++      ++|
   80 ++                              -+E+    -+H+------+H+------H--------++
      |                           ----    ----                  +++       H|
      |            ---+E+-----+E+-  ---+H+                               ++|
   60 ++     +E+---   +++  ---+H+---                                      ++
      |    --+++   ---+H+--                                                |
   40 ++ +E+-+H+---                                                       ++
      |  +H+                                                               |
   20 +EE+                                                                ++
      +N+        +         +          +         +          +          +    |
    0 ++N-N---N--+---------+----------+---------+----------+----------+---++
      0          10        20         30        40         50         60
                                Number of threads

              atomic_add-bench: 5000000 ops/thread, [0,1024] range

  350 ++---------+---------+----------+---------+----------+----------+---++
      + atomic +-E--+      +          +         +          +          +    |
  300 +cmpxchg +-H--+                                                    +++
      | master +-N--+                                           +++       ||
      |                                                 +++      |    ----E|
  250 ++                                                 |   ----E----    ++
      |                                              ----E---    |    ---+H|
  200 ++                                      -+E+---   +++  ---+H+---    ++
      |                                   ----         -+H+--              |
      |                                +E+     +++ ---- +++                |
  150 ++                            ---+++  ---+H+-                       ++
      |                          ---  -+H+--                               |
  100 ++                   ---+E+ ---- +++                                ++
      |      +++   ---+E+-----+H+-                                         |
      |     -+E+------+H+--                                                |
   50 ++ +E+                                                              ++
      +EE+       +         +          +         +          +          +    |
    0 ++N-N---N--+---------+----------+---------+----------+----------+---++
      0          10        20         30        40         50         60
                                Number of threads

  hi-res: http://imgur.com/a/fMRmq

For master I stopped measuring master after 8 threads, because there is little
point in measuring the well-known performance collapse of a contended lock.

Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Signed-off-by: Emilio G. Cota <cota@braap.org>
Message-Id: <1467054136-10430-21-git-send-email-cota@braap.org>
Signed-off-by: Richard Henderson <rth@twiddle.net>
8 years agotarget-i386: emulate XCHG using atomic helper
Emilio G. Cota [Mon, 27 Jun 2016 19:02:04 +0000 (15:02 -0400)]
target-i386: emulate XCHG using atomic helper

Signed-off-by: Emilio G. Cota <cota@braap.org>
Message-Id: <1467054136-10430-19-git-send-email-cota@braap.org>
Signed-off-by: Richard Henderson <rth@twiddle.net>
8 years agotarget-i386: emulate LOCK'ed BTX ops using atomic helpers
Emilio G. Cota [Mon, 27 Jun 2016 19:02:03 +0000 (15:02 -0400)]
target-i386: emulate LOCK'ed BTX ops using atomic helpers

[rth: Avoid redundant qemu_ld in locked case.  Fix previously unnoticed
incorrect zero-extension of address in register-offset case.]

Signed-off-by: Emilio G. Cota <cota@braap.org>
Message-Id: <1467054136-10430-18-git-send-email-cota@braap.org>
Signed-off-by: Richard Henderson <rth@twiddle.net>
8 years agotarget-i386: emulate LOCK'ed XADD using atomic helper
Emilio G. Cota [Mon, 27 Jun 2016 19:02:02 +0000 (15:02 -0400)]
target-i386: emulate LOCK'ed XADD using atomic helper

[rth: Move load of reg value to common location.]

Signed-off-by: Emilio G. Cota <cota@braap.org>
Message-Id: <1467054136-10430-17-git-send-email-cota@braap.org>
Signed-off-by: Richard Henderson <rth@twiddle.net>
8 years agotarget-i386: emulate LOCK'ed NEG using cmpxchg helper
Emilio G. Cota [Mon, 27 Jun 2016 19:02:01 +0000 (15:02 -0400)]
target-i386: emulate LOCK'ed NEG using cmpxchg helper

[rth: Move redundant qemu_load out of cmpxchg loop.]

Signed-off-by: Emilio G. Cota <cota@braap.org>
Message-Id: <1467054136-10430-16-git-send-email-cota@braap.org>
Signed-off-by: Richard Henderson <rth@twiddle.net>
8 years agotarget-i386: emulate LOCK'ed NOT using atomic helper
Emilio G. Cota [Mon, 27 Jun 2016 19:02:00 +0000 (15:02 -0400)]
target-i386: emulate LOCK'ed NOT using atomic helper

[rth: Avoid qemu_load that's redundant with the atomic op.]

Signed-off-by: Emilio G. Cota <cota@braap.org>
Message-Id: <1467054136-10430-15-git-send-email-cota@braap.org>
Signed-off-by: Richard Henderson <rth@twiddle.net>
8 years agotarget-i386: emulate LOCK'ed INC using atomic helper
Emilio G. Cota [Mon, 27 Jun 2016 19:01:59 +0000 (15:01 -0400)]
target-i386: emulate LOCK'ed INC using atomic helper

[rth: Merge gen_inc_locked back into gen_inc to share cc update.]

Signed-off-by: Emilio G. Cota <cota@braap.org>
Message-Id: <1467054136-10430-14-git-send-email-cota@braap.org>
Signed-off-by: Richard Henderson <rth@twiddle.net>
8 years agotarget-i386: emulate LOCK'ed OP instructions using atomic helpers
Emilio G. Cota [Mon, 27 Jun 2016 19:01:58 +0000 (15:01 -0400)]
target-i386: emulate LOCK'ed OP instructions using atomic helpers

[rth: Eliminate some unnecessary temporaries.]

Signed-off-by: Emilio G. Cota <cota@braap.org>
Message-Id: <1467054136-10430-13-git-send-email-cota@braap.org>
Signed-off-by: Richard Henderson <rth@twiddle.net>
8 years agotarget-i386: emulate LOCK'ed cmpxchg using cmpxchg helpers
Emilio G. Cota [Mon, 27 Jun 2016 19:01:51 +0000 (15:01 -0400)]
target-i386: emulate LOCK'ed cmpxchg using cmpxchg helpers

The diff here is uglier than necessary. All this does is to turn

FOO

into:

if (s->prefix & PREFIX_LOCK) {
  BAR
} else {
  FOO
}

where FOO is the original implementation of an unlocked cmpxchg.

[rth: Adjust unlocked cmpxchg to use movcond instead of branches.
Adjust helpers to use atomic helpers.]

Signed-off-by: Emilio G. Cota <cota@braap.org>
Message-Id: <1467054136-10430-6-git-send-email-cota@braap.org>
Signed-off-by: Richard Henderson <rth@twiddle.net>
8 years agotcg: Emit barriers with parallel_cpus
Richard Henderson [Fri, 16 Sep 2016 16:24:20 +0000 (09:24 -0700)]
tcg: Emit barriers with parallel_cpus

Reviewed-by: Emilio G. Cota <cota@braap.org>
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Signed-off-by: Richard Henderson <rth@twiddle.net>
8 years agotcg: Add CONFIG_ATOMIC64
Richard Henderson [Fri, 2 Sep 2016 19:23:57 +0000 (12:23 -0700)]
tcg: Add CONFIG_ATOMIC64

Allow qemu to build on 32-bit hosts without 64-bit atomic ops.

Even if we only allow 32-bit hosts to multi-thread emulate 32-bit
guests, we still need some way to handle the 32-bit guest using a
64-bit atomic operation.  Do so by dropping back to single-step.

Reviewed-by: Emilio G. Cota <cota@braap.org>
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Signed-off-by: Richard Henderson <rth@twiddle.net>
8 years agotcg: Add atomic128 helpers
Richard Henderson [Thu, 30 Jun 2016 04:10:59 +0000 (21:10 -0700)]
tcg: Add atomic128 helpers

Force the use of cmpxchg16b on x86_64.

Wikipedia suggests that only very old AMD64 (circa 2004) did not have
this instruction.  Further, it's required by Windows 8 so no new cpus
will ever omit it.

If we truely care about these, then we could check this at startup time
and then avoid executing paths that use it.

Reviewed-by: Emilio G. Cota <cota@braap.org>
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Signed-off-by: Richard Henderson <rth@twiddle.net>
8 years agotcg: Add atomic helpers
Richard Henderson [Tue, 28 Jun 2016 18:37:27 +0000 (11:37 -0700)]
tcg: Add atomic helpers

Add all of cmpxchg, op_fetch, fetch_op, and xchg.
Handle both endian-ness, and sizes up to 8.
Handle expanding non-atomically, when emulating in serial.

Reviewed-by: Emilio G. Cota <cota@braap.org>
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Signed-off-by: Richard Henderson <rth@twiddle.net>
8 years agocputlb: Tidy some macros
Richard Henderson [Sat, 9 Jul 2016 02:02:33 +0000 (19:02 -0700)]
cputlb: Tidy some macros

TGT_LE and TGT_BE are not size dependent and do not need to be
redefined.  The others are no longer used at all.

Reviewed-by: Emilio G. Cota <cota@braap.org>
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Signed-off-by: Richard Henderson <rth@twiddle.net>
8 years agocputlb: Move most of iotlb code out of line
Richard Henderson [Sat, 9 Jul 2016 01:51:28 +0000 (18:51 -0700)]
cputlb: Move most of iotlb code out of line

Saves 2k code size off of a cold path.

Reviewed-by: Emilio G. Cota <cota@braap.org>
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Signed-off-by: Richard Henderson <rth@twiddle.net>
8 years agocputlb: Remove includes from softmmu_template.h
Richard Henderson [Sat, 9 Jul 2016 01:24:55 +0000 (18:24 -0700)]
cputlb: Remove includes from softmmu_template.h

We already include exec/address-spaces.h and exec/memory.h in
cputlb.c; the include of qemu/timer.h appears to be a fossil.

Reviewed-by: Emilio G. Cota <cota@braap.org>
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Signed-off-by: Richard Henderson <rth@twiddle.net>
8 years agocputlb: Move probe_write out of softmmu_template.h
Richard Henderson [Sat, 9 Jul 2016 01:22:26 +0000 (18:22 -0700)]
cputlb: Move probe_write out of softmmu_template.h

Reviewed-by: Emilio G. Cota <cota@braap.org>
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Signed-off-by: Richard Henderson <rth@twiddle.net>
8 years agocputlb: Replace SHIFT with DATA_SIZE
Richard Henderson [Sat, 9 Jul 2016 01:14:28 +0000 (18:14 -0700)]
cputlb: Replace SHIFT with DATA_SIZE

Reviewed-by: Emilio G. Cota <cota@braap.org>
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Signed-off-by: Richard Henderson <rth@twiddle.net>
8 years agolinux-user: enable parallel code generation on clone
Alex Bennée [Wed, 5 Oct 2016 18:13:04 +0000 (11:13 -0700)]
linux-user: enable parallel code generation on clone

The variable parallel_cpus controls the generation of thread aware
atomic code.  We only need to set it once we clone our first thread.
At this point any existing translations need to be thrown away.

Reviewed-by: Emilio G. Cota <cota@braap.org>
Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
Signed-off-by: Richard Henderson <rth@twiddle.net>
8 years agotcg: Add EXCP_ATOMIC
Richard Henderson [Thu, 30 Jun 2016 05:12:55 +0000 (22:12 -0700)]
tcg: Add EXCP_ATOMIC

When we cannot emulate an atomic operation within a parallel
context, this exception allows us to stop the world and try
again in a serial context.

Reviewed-by: Emilio G. Cota <cota@braap.org>
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Signed-off-by: Richard Henderson <rth@twiddle.net>
8 years agoint128: Add int128_make128
Richard Henderson [Wed, 29 Jun 2016 23:57:26 +0000 (16:57 -0700)]
int128: Add int128_make128

Allows Int128 to be used more generally, rather than having to
begin with 64-bit inputs and accumulate.

Reviewed-by: Emilio G. Cota <cota@braap.org>
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Signed-off-by: Richard Henderson <rth@twiddle.net>
8 years agoint128: Use __int128 if available
Richard Henderson [Wed, 29 Jun 2016 22:52:10 +0000 (15:52 -0700)]
int128: Use __int128 if available

Reviewed-by: Emilio G. Cota <cota@braap.org>
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Signed-off-by: Richard Henderson <rth@twiddle.net>
8 years agoexec: Avoid direct references to Int128 parts
Richard Henderson [Wed, 29 Jun 2016 22:48:03 +0000 (15:48 -0700)]
exec: Avoid direct references to Int128 parts

Reviewed-by: Emilio G. Cota <cota@braap.org>
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Signed-off-by: Richard Henderson <rth@twiddle.net>
8 years agoatomics: Add __nocheck atomic operations
Richard Henderson [Mon, 24 Oct 2016 17:29:32 +0000 (10:29 -0700)]
atomics: Add __nocheck atomic operations

While the check against sizeof(void *) is appropriate for
normal usage within qemu, there are places in which we want
wider operaions and have checked for their existance.

Reviewed-by: Emilio G. Cota <cota@braap.org>
Signed-off-by: Richard Henderson <rth@twiddle.net>
8 years agoatomics: add atomic_op_fetch variants
Emilio G. Cota [Mon, 27 Jun 2016 19:01:54 +0000 (15:01 -0400)]
atomics: add atomic_op_fetch variants

This paves the way for upcoming work.

Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Signed-off-by: Emilio G. Cota <cota@braap.org>
Signed-off-by: Richard Henderson <rth@twiddle.net>
Message-Id: <1467054136-10430-9-git-send-email-cota@braap.org>

8 years agoatomics: add atomic_xor
Emilio G. Cota [Mon, 27 Jun 2016 19:01:53 +0000 (15:01 -0400)]
atomics: add atomic_xor

This paves the way for upcoming work.

Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Signed-off-by: Emilio G. Cota <cota@braap.org>
Signed-off-by: Richard Henderson <rth@twiddle.net>
Message-Id: <1467054136-10430-8-git-send-email-cota@braap.org>

8 years agoatomics: Add parameters to macros
Richard Henderson [Mon, 24 Oct 2016 16:49:25 +0000 (09:49 -0700)]
atomics: Add parameters to macros

Making these functional rather than object macros will
prevent later problems with complex macro expansion.

Reviewed-by: Emilio G. Cota <cota@braap.org>
Signed-off-by: Richard Henderson <rth@twiddle.net>
8 years agovirtio-gpu: fix memory leak in virtio_gpu_resource_create_2d
Li Qiang [Mon, 19 Sep 2016 02:07:11 +0000 (19:07 -0700)]
virtio-gpu: fix memory leak in virtio_gpu_resource_create_2d

In virtio gpu resource create dispatch, if the pixman format is zero
it doesn't free the resource object allocated previously. Thus leading
a host memory leak issue. This patch avoid this.

Signed-off-by: Li Qiang <liqiang6-s@360.cn>
Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Message-id: 57df486e.8379240a.c3620.ff81@mx.google.com
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
8 years agoaudio: intel-hda: check stream entry count during transfer
Prasad J Pandit [Thu, 20 Oct 2016 07:40:24 +0000 (13:10 +0530)]
audio: intel-hda: check stream entry count during transfer

Intel HDA emulator uses stream of buffers during DMA data
transfers. Each entry has buffer length and buffer pointer
position, which are used to derive bytes to 'copy'. If this
length and buffer pointer were to be same, 'copy' could be
set to zero(0), leading to an infinite loop. Add check to
avoid it.

Reported-by: Huawei PSIRT <psirt@huawei.com>
Signed-off-by: Prasad J Pandit <pjp@fedoraproject.org>
Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com>
Message-id: 1476949224-6865-1-git-send-email-ppandit@redhat.com
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
8 years agocolo-proxy: fix memory leak
Zhang Chen [Mon, 17 Oct 2016 09:23:59 +0000 (17:23 +0800)]
colo-proxy: fix memory leak

Fix memory leak in colo-compare.c and filter-rewriter.c
Report by Coverity and add some comments.

Signed-off-by: Zhang Chen <zhangchen.fnst@cn.fujitsu.com>
Reviewed-by: zhanghailiang <zhang.zhanghailiang@huawei.com>
Signed-off-by: Jason Wang <jasowang@redhat.com>
8 years agonet: rtl8139: limit processing of ring descriptors
Prasad J Pandit [Fri, 21 Oct 2016 12:09:29 +0000 (17:39 +0530)]
net: rtl8139: limit processing of ring descriptors

RTL8139 ethernet controller in C+ mode supports multiple
descriptor rings, each with maximum of 64 descriptors. While
processing transmit descriptor ring in 'rtl8139_cplus_transmit',
it does not limit the descriptor count and runs forever. Add
check to avoid it.

Reported-by: Andrew Henderson <hendersa@icculus.org>
Signed-off-by: Prasad J Pandit <pjp@fedoraproject.org>
Signed-off-by: Jason Wang <jasowang@redhat.com>
8 years agonet: vmxnet: initialise local tx descriptor
Li Qiang [Wed, 10 Aug 2016 19:12:20 +0000 (00:42 +0530)]
net: vmxnet: initialise local tx descriptor

In Vmxnet3 device emulator while processing transmit(tx) queue,
when it reaches end of packet, it calls vmxnet3_complete_packet.
In that local 'txcq_descr' object is not initialised, which could
leak host memory bytes a guest.

Reported-by: Li Qiang <liqiang6-s@360.cn>
Signed-off-by: Prasad J Pandit <pjp@fedoraproject.org>
Reviewed-by: Dmitry Fleytman <dmitry@daynix.com>
Signed-off-by: Jason Wang <jasowang@redhat.com>
8 years agoe1000e: Don't zero out buffer address in rx descriptor
Kevin Wolf [Sun, 16 Oct 2016 22:35:07 +0000 (00:35 +0200)]
e1000e: Don't zero out buffer address in rx descriptor

The e1000e emulation zeroes out any used rx descriptor and then writes a
completely newly constructed value there. By doing this, it doesn't only
update the write-back area of the descriptors (as it's supposed to do),
but it also clears the buffer address, which real hardware doesn't do.

The spec explicitly mentions in chapter 7.1.8 that it is valid for a
driver to reuse a descriptor and only update the status field while
doing so, i.e. reusing the old buffer address:

    If software statically allocates buffers, and uses memory read to
    check for completed descriptors, it simply has to zero the status
    byte in the descriptor to make it ready for reuse by hardware.

This patch fixes the behaviour to leave the buffer address in
descriptors unchanged even after the descriptor has been used.

Signed-off-by: Kevin Wolf <mail@kevin-wolf.de>
Reviewed-by: Dmitry Fleytman <dmitry@daynix.com>
Signed-off-by: Jason Wang <jasowang@redhat.com>
8 years agonet: rocker: set limit to DMA buffer size
Prasad J Pandit [Wed, 12 Oct 2016 09:10:55 +0000 (14:40 +0530)]
net: rocker: set limit to DMA buffer size

Rocker network switch emulator has test registers to help debug
DMA operations. While testing host DMA access, a buffer address
is written to register 'TEST_DMA_ADDR' and its size is written to
register 'TEST_DMA_SIZE'. When performing TEST_DMA_CTRL_INVERT
test, if DMA buffer size was greater than 'INT_MAX', it leads to
an invalid buffer access. Limit the DMA buffer size to avoid it.

Reported-by: Huawei PSIRT <psirt@huawei.com>
Signed-off-by: Prasad J Pandit <pjp@fedoraproject.org>
Reviewed-by: Jiri Pirko <jiri@mellanox.com>
Signed-off-by: Jason Wang <jasowang@redhat.com>
8 years agonet: eepro100: fix memory leak in device uninit
Li Qiang [Sat, 8 Oct 2016 12:07:25 +0000 (05:07 -0700)]
net: eepro100: fix memory leak in device uninit

The exit dispatch of eepro100 network card device doesn't free
the 's->vmstate' field which was allocated in device realize thus
leading a host memory leak. This patch avoid this.

Signed-off-by: Li Qiang <liqiang6-s@360.cn>
Signed-off-by: Jason Wang <jasowang@redhat.com>