review.tizen.org Git - sdk/emulator/qemu.git/log

softfloat: Resolve type mismatches between declaration and implementation

The original SoftFloat 2.0b library avoided the use of custom integer types
in its public headers. This requires the definitions of int{8,16,32,64} to
match the assumptions in the declarations. This breaks on BeOS R5 and Haiku/x86,
where int32 is defined in {be,os}/support/SupportDefs.h in terms of a long
rather than an int. Spotted by Michael Lotz.

Since QEMU already breaks this distinction by defining those types just above,
do use them for consistency and to allow #ifndef'ing them out as done for
[u]int16 on AIX.

Cc: Michael Lotz <mmlr@mlotz.ch>
Cc: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Andreas Färber <andreas.faerber@web.de>
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>

softfloat: Prepend QEMU-style header with derivation notice

The SoftFloat license requires "prominent notice that the work
is derivative". Having added features like improved 16-bit support
for arm already, add such a notice to the sources.

softfloat-native.[ch] are not under the SoftFloat license
and thus are not changed.

Cc: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Andreas Färber <andreas.faerber@web.de>
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>

e1000: Fix multi-descriptor packet checksum offload

The PCI/PCI-X Family of Gigabit Ethernet Controllers Software
Developer’s Manual states the following about the POPTS field:

  Provides a number of options which control the handling of this
  packet.  This field is ignored except on the first data descriptor of
  a packet.

The current implementation always loads the field and its checksum
offload flags.  This patch uses only the first descriptor's POPTS field
in order to comply with the specification.

When Solaris sends multi-descriptor packets it fills in POPTS for the
first descriptor only.  Therefore this patch is necessary in order to
perform checksum offload correctly for multi-descriptor packets.

Reported-by: Daniel Pecka <dpecka@techniservit.cz>
Reported-by: Gabriele A. Trombetti <gabriele.trombetti@itb.cnr.it>
Signed-off-by: Stefan Hajnoczi <stefanha@linux.vnet.ibm.com>
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>

Merge branch 'for-anthony' of git://github.com/bonzini/qemu

* 'for-anthony' of git://github.com/bonzini/qemu:
  remove qemu_get_clock
  add a generic scaling mechanism for timers
  change all other clock references to use nanosecond resolution accessors
  change all rt_clock references to use millisecond resolution accessors
  add more helper functions with explicit milli/nanosecond resolution

Merge branch 'for-anthony' of git://repo.or.cz/qemu/kevin

* 'for-anthony' of git://repo.or.cz/qemu/kevin:
  Add qcow2 documentation
  hw/xen_disk: aio_inflight not released in handling ioreq when nr_segments==0
  Improve error handling in do_snapshot_blkdev()
  Fix ATA SMART and CHECK POWER MODE
  Don't allow multiwrites against a block device without underlying medium
  tools: Use real async.c instead of stubs
  Add error message for loading snapshot without VM state
  block/qcow: Don't ignore immediate read/write and other failures
  block/vdi: Don't ignore immediate read/write failures

rbd: don't link with -lcrypto

rbd support tries to both link with -lrados and -lcrypto. While the
first one is of course necessary, the second is not necessary (only
librados ifself needs to link with libcrypto).

This fixes a licensing issue: qemu as a whole is GPL v2, and thus can't
be linked with OpenSSL without an exception in the license, which seems
difficult to get given the number of persons involved.

Cc: Christian Brunner <chb@muc.de>
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>

hw/arm_sysctl.c: Add the Versatile Express system registers

Add support for the Versatile Express SYS_CFG registers, which provide
a generic means of reading or writing configuration information from
various parts of the board. We only implement shutdown and reset.

Also make the RESETCTL register RAZ/WI on Versatile Express rather
than reset the board. Other system registers are generally the same
as Versatile and Realview.

This includes a VMState version number bump for arm_sysctl,
since we have new register state to preserve. It also adds
sys_mci to the VMState while we're bumping the version number
(an accidental omission from commit b50ff6f5).

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>

remove qemu_get_clock

These patches are already not doing a great service to out-of-tree
modifications to QEMU. However, at least we can warn them by getting
rid of the old confusing functions, or otherwise causing compilation
errors. This patch removes qemu_get_clock; the previous one changed
qemu_new_timer's signature.

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>

add a generic scaling mechanism for timers

This enables rt_clock timers to use nanosecond resolution, just by
using the _ns functions; there is really no reason to forbid that.

Migrated timers are all using vm_clock (of course; but I checked that
anyway) so the timers in the savevm files are already in nanosecond
resolution. So this patch makes no change to the migration format.

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>

change all other clock references to use nanosecond resolution accessors

This was done with:

    sed -i 's/qemu_get_clock\>/qemu_get_clock_ns/' \
        $(git grep -l 'qemu_get_clock\>' )
    sed -i 's/qemu_new_timer\>/qemu_new_timer_ns/' \
        $(git grep -l 'qemu_new_timer\>' )

after checking that get_clock and new_timer never occur twice
on the same line.  There were no missed occurrences; however, even
if there had been, they would have been caught by the compiler.

There was exactly one false positive in qemu_run_timers:

     -    current_time = qemu_get_clock (clock);
     +    current_time = qemu_get_clock_ns (clock);

which is of course not in this patch.

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>

change all rt_clock references to use millisecond resolution accessors

This was done with:

    sed -i '/get_clock\>.*rt_clock/s/get_clock\>/get_clock_ms/' \
        $(git grep -l 'get_clock\>.*rt_clock' )
    sed -i '/new_timer\>.*rt_clock/s/new_timer\>/new_timer_ms/' \
        $(git grep -l 'new_timer\>.*rt_clock' )

after checking that get_clock and new_timer never occur twice
on the same line.  There were no missed occurrences; however, even
if there had been, they would have been caught by the compiler.

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>

add more helper functions with explicit milli/nanosecond resolution

The code doesn't make much sense right now, but it will as
soon as timers will be able to scale their resolution arbitrarily.

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>

Fix conversions from pointer to int and vice versa

Here the int values fds[0], sigfd, s, sock and fd are converted
to void pointers which are later converted back to an int value.

These conversions should always use intptr_t instead of unsigned long.

They are needed for environments where sizeof(long) != sizeof(void *).

Signed-off-by: Stefan Weil <weil@mail.berlios.de>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>

petalogix_ml605_mmu: remove unused variable

Remove a write-only variable, spotted by GCC 4.6.0:
/src/qemu/hw/petalogix_ml605_mmu.c: In function 'petalogix_ml605_init':
/src/qemu/hw/petalogix_ml605_mmu.c:153:11: error: variable 'serial' set but not used [-Werror=unused-but-set-variable]

Signed-off-by: Blue Swirl <blauwirbel@gmail.com>

qemu-thread: delete unused functions

qemu_mutex_timedlock() and qemu_cond_timedwait() are no longer used.

Remove them and their helper timespec_add_ms().

Reported-by: François Revol <revol@free.fr>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>

w32: Add missing functions qemu_mutex_destroy, qemu_cond_destroy

These functions were missing in commit
9257d46d55f1fe4e8209be9a6870e339ac3266fe.

Both functions are needed for compilations with
configuration --enable-vnc-thread.

Cc: Paolo Bonzini <pbonzini@redhat.com>
Cc: Blue Swirl <blauwirbel@gmail.com>
Signed-off-by: Stefan Weil <weil@mail.berlios.de>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>

i8254: Fix migration from older versions

qdev conversion broke migration as the previous version used vmstate
instance IDs derived from the iobase. Fix it by registering a legacy
alias.

Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>

microblaze: Add PetaLogix ml605 MMU little-endian ref design

Add the first Microblaze little endian platform.
Platform uses uart16550, axi ethernet, timer, intc.

Signed-off-by: Michal Simek <monstr@monstr.eu>
Signed-off-by: Edgar E. Iglesias <edgar.iglesias@petalogix.com>

xilinx: Add AXIENET & DMA models

Signed-off-by: Edgar E. Iglesias <edgar.iglesias@petalogix.com>

microblaze: Compile uart 16550 serial driver

Upcomming little endian platform will use 16550 serial driver.

Signed-off-by: Michal Simek <monstr@monstr.eu>
Signed-off-by: Edgar E. Iglesias <edgar.iglesias@petalogix.com>

Add qcow2 documentation

This adds a description of the qcow2 file format to the docs/ directory.
Besides documenting what's there, which is never wrong, the document should
provide a good basis for the discussion of format extensions (called "qcow3"
in previous discussions)

Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Reviewed-by: Stefan Hajnoczi <stefanha@linux.vnet.ibm.com>

win32: implement missing timersub

Implement and wrap timersub() for Win32.

Acked-by: Stefan Weil <weil@mail.berlios.de>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>

simpletrace: Move st_init() error reporting

User emulator builds do not have error_report() so it should not be used
by simpletrace.c. In fact, error reporting inside simpletrace.c is
inappropriate and should be done by the caller instead.

This patch moves st_init() error reporting out to its caller,
vl.c:main().

Reported-by: Blue Swirl <blauwirbel@gmail.com>
Signed-off-by: Stefan Hajnoczi <stefanha@linux.vnet.ibm.com>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>

hw/xen_disk: aio_inflight not released in handling ioreq when nr_segments==0

In hw/xen_disk.c, async writing ioreq is leaked when
ioreq->req.nr_segments==0, because `aio_inflight` flag is not released
properly (skipped by misplaced "break").

Signed-off-by: Feiran Zheng <famcool@gmail.com>
Acked-by: Stefano Stabellini <stefano.stabellini@eu.citrix.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>

Improve error handling in do_snapshot_blkdev()

In case we cannot open the newly created snapshot image, try to fall
back to the original image file and continue running on that, which
should prevent the guest from aborting.

This is a corner case which can happen if the admin by mistake
specifies the snapshot file on a virtual file system which does not
support O_DIRECT. bdrv_create() does not use O_DIRECT, but the
following open in bdrv_open() does and will then fail.

Signed-off-by: Jes Sorensen <Jes.Sorensen@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>

Fix ATA SMART and CHECK POWER MODE

This patch fixes two things:

1) CHECK POWER MODE

The error return value wasn't always zero, so it would show up as
offline.  Error is now explicitly set to zero.

2) SMART

The smart values that were returned were invalid and tools like skdump
would not recognize that the smart data was actually valid and would
dump weird output.  The data has been fixed up and raw value support
was added.  Tools like skdump and palimpsest work as expected.

Signed-off-by: Brian Wheeler <bdwheele@indiana.edu>
Acked-by: Ryan Harper <ryanh@us.ibm.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>

Don't allow multiwrites against a block device without underlying medium

If the block device has been closed, we no longer have a medium to submit
IO against, check for this before submitting io. This prevents a segfault
further in the code where we dereference elements of the block driver.

Signed-off-by: Ryan Harper <ryanh@us.ibm.com>
Reviewed-by: Stefan Hajnoczi <stefanha@linux.vnet.ibm.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>

tools: Use real async.c instead of stubs

It's wrong to call BHs directly, even in tools. The only operations that
schedule BHs are called in a loop that (indirectly) contains a call to
qemu_bh_poll anyway, so we're not losing the scheduled BHs: Tools either use
synchronous functions, which are guaranteed to have completed (including any
BHs) when they return; or if they use asynchronous functions, they need to call
qemu_aio_wait() or similar functions already today.

Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Reviewed-by: Stefan Hajnoczi <stefanha@linux.vnet.ibm.com>

Add error message for loading snapshot without VM state

It already fails, but it didn't tell the user why.

Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Reviewed-by: Juan Quintela <quintela@redhat.com>

block/qcow: Don't ignore immediate read/write and other failures

This patch is similar to 171e3d6b9997c98a97d0c525867f7cd9b640cadd
which fixed qcow2:

Returning -EIO is far from optimal, but at least it's an error code.

In addition to read/write failures, -EIO is also returned when
decompress_cluster failed.

Cc: Kevin Wolf <kwolf@redhat.com>
Signed-off-by: Stefan Weil <weil@mail.berlios.de>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>

block/vdi: Don't ignore immediate read/write failures

This patch is similar to 171e3d6b9997c98a97d0c525867f7cd9b640cadd
which fixed qcow2:

Returning -EIO is far from optimal, but at least it's an error code.

Cc: Kevin Wolf <kwolf@redhat.com>
Signed-off-by: Stefan Weil <weil@mail.berlios.de>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>

add Win32 IPI service

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>

protect qemu_cpu_kick_self for Win32

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>

provide dummy signal init functions for win32

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>

merge all signal initialization with qemu_signalfd_init, rename

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>

iothread stops the vcpu thread via IPI

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>

do not use timedwait on qemu_cpu_cond

Whenever env->created becomes true, qemu_cpu_cond is signaled by
{kvm,tcg}_cpu_thread_fn.

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>

do not use timedwait on qemu_pause_cond

all_vcpus_paused can start returning true after penv->stopped changes
from 0 to 1. When this is done, qemu_pause_cond is always signaled.

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>

do not use timedwait on qemu_system_cond

qemu_main_loop_start is the only place where qemu_system_ready is set
to 1.

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>

do not use timedwait on qemu_halt_cond

The following conditions can cause cpu_has_work(env) to become true:

- env->queued_work_first: run_on_cpu is already kicking the VCPU

- env->stop = 1: pause_all_vcpus is already kicking the VCPU

- env->stopped = 0: resume_all_vcpus is already kicking the VCPU

- vm_running = 1: vm_start is calling resume_all_vcpus

- env->halted = 0: see previous patch

- qemu_cpu_has_work(env): when it becomes true, board code should set
env->halted = 0 too.

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>

always signal pause_cond after stopping a VCPU

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>

exit round-robin vcpu loop if cpu->stopped is true

Sometimes vcpus are stopped directly without going through ->stop = 1.
Exit the VCPU execution loop in this case as well.

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>

always qemu_cpu_kick after unhalting a cpu

This ensures env->halt_cond is broadcast, and the loop in
qemu_tcg_wait_io_event and qemu_kvm_wait_io_event is exited
naturally rather than through a timeout.

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>

inline cpu_halted into sole caller

All implementations are now the same, and there is only one caller,
so inline the function there.

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>

remove CONFIG_THREAD

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>

add assertions on the owner of a QemuMutex

These are already present in the Win32 implementation, add them to
the pthread wrappers as well. Use PTHREAD_MUTEX_ERRORCHECK for mutex
operations. Later we'll add tracking of the owner for cond_signal/broadcast.

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>

include qemu-thread.h early

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>

add win32 qemu-thread implementation

For now, qemu_cond_timedwait and qemu_mutex_timedlock are left as
POSIX-only functions. They can be removed later, once the patches
that remove their uses are in.

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>

Refactor thread retrieval and check

We have qemu_cpu_self and qemu_thread_self. The latter is retrieving the
current thread, the former is checking for equality (using CPUState). We
also have qemu_thread_equal which is only used like qemu_cpu_self.

This refactors the interfaces, creating qemu_cpu_is_self and
qemu_thread_is_self as well ass qemu_thread_get_self.

Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>

use win32 timer queues

Multimedia timers are only useful for compatibility with Windows NT 4.0
and earlier. Plus, the implementation in Wine is extremely heavyweight.

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>

implement win32 dynticks timer

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>

unlock iothread during WaitForMultipleObjects

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>

hw/fmopl: Fix buffer access out-of-bounds errors

Index 75 is one too large for AR_TABLE[75], DR_TABLE[75].
This error was reported by cppcheck.

hw/fmopl.c:600: error: Buffer access out-of-bounds: OPL.AR_TABLE
hw/fmopl.c:601: error: Buffer access out-of-bounds: OPL.DR_TABLE

Fix this by limiting the access to the allowed range.
MultiArcadeMachineEmulator has newer versions of fmopl,
but using these requires more efforts.

Cc: Blue Swirl <blauwirbel@gmail.com>
Reviewed-by: malc <av1474@comtv.ru>
Signed-off-by: Stefan Weil <weil@mail.berlios.de>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>

moving eeprom initialization

The initialization should not be only on reset but also when initializing
the device.
It resolves a bug when hot plugging a pci network device: the mac address
was always null.

Signed-off-by: William Dauchy <wdauchy@gmail.com>
Signed-off-by: Wen Congyang <wency@cn.fujitsu.com>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>

pc: fix wrong CMOS values for floppy drives

Before commit 63ffb564dca94f8bda01ed6d209784104630a4d2, states for
floppy drives were calculated in fdc.c:fd_revalidate(). There it is
also considered whether a disk is inserted or not. The commit didn't copy
the logic completely to pc.c, which caused a regression.

Fix by adding the same check also to pc.c.

Reported-by: Stefan Hajnoczi <stefanha@linux.vnet.ibm.com>
Tested-by: Stefan Hajnoczi <stefanha@linux.vnet.ibm.com>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>

microblaze: Add PVR for writeback cache, endians

Specify PVR for writeback cache, endians and others.

Signed-off-by: Michal Simek <monstr@monstr.eu>
Signed-off-by: Edgar E. Iglesias <edgar.iglesias@petalogix.com>

microblaze: Fix PetaLogix company name

trivial fix.

Signed-off-by: Michal Simek <monstr@monstr.eu>
Signed-off-by: Edgar E. Iglesias <edgar.iglesias@petalogix.com>

Merge remote branch 'stefanha/tracing' into staging

vmstate: move timers to use test instead of version

Signed-off-by: Juan Quintela <quintela@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>

vmstate: be able to store/save a pci device from a pointer

Signed-off-by: Juan Quintela <quintela@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>

vmstate: Add a way to send a partial array

Signed-off-by: Juan Quintela <quintela@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>

vmstate: add VMSTATE_STRUCT_VARRAY_UINT32

Signed-off-by: Juan Quintela <quintela@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>

vmstate: add VMSTATE_INT64_ARRAY

Signed-off-by: Juan Quintela <quintela@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>

vmstate: add VMSTATE_STRUCT_VARRAY_INT32

Signed-off-by: Juan Quintela <quintela@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>

vmstate: add UINT32 VARRAYS

Signed-off-by: Juan Quintela <quintela@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>

vmstate: Fix varrays with uint8 indexes

Signed-off-by: Juan Quintela <quintela@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>

vmstate: add VMSTATE_UINT32_EQUAL

Signed-off-by: Juan Quintela <quintela@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>

vnc: Fix stack corruption and other bitmap related bugs

Commit bc2429b9174ac2d3c56b7fd35884b0d89ec7fb02 introduced
a severe bug (stack corruption).

bitmap_clear was called with a wrong argument
which caused out-of-bound writes to the local variable width_mask.

This bug was detected with QEMU running on windows.
It also occurs with wine:

*** stack smashing detected ***: terminated
wine: Unhandled illegal instruction at address 0x6115c7 (thread 0009), starting debugger...

The bug is not windows specific!

Instead of fixing the wrong parameter value, bitmap_clear(), bitmap_set
and width_mask were removed, and bitmap_intersect() was replaced by
!bitmap_empty(). The new operation is much shorter and equivalent to
the old operations.

The declarations of the dirty bitmaps in vnc.h were also wrong for 64 bit
hosts because of a rounding effect: for these hosts, VNC_MAX_WIDTH is no
longer a multiple of (16 * BITS_PER_LONG), so the rounded value of
VNC_DIRTY_WORDS was too small.

Fix both declarations by using the macro which is designed for this
purpose.

Cc: Corentin Chary <corentincj@iksaif.net>
Cc: Wen Congyang <wency@cn.fujitsu.com>
Cc: Gerhard Wiesinger <lists@wiesinger.com>
Cc: Anthony Liguori <aliguori@us.ibm.com>
Signed-off-by: Stefan Weil <weil@mail.berlios.de>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>

hmp-commands.hx: fix badly merged client_migrate_info command

client_migrate_info was merged badly, placing it between the command
and the documentation for another command. In addition it did not
respect the general rule of hmp-commands.hx, of having command
definition before the documentation.

Signed-off-by: Jes Sorensen <Jes.Sorensen@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>

Fix performance regression in qemu_get_ram_ptr

When the commit f471a17e9d869df3c6573f7ec02c4725676d6f3a converted the
ram_blocks structure to QLIST, it also removed the conditional check before
switching the current block at the beginning of the list.

In the common use case where ram_blocks has a few blocks with only one
frequently accessed (the main RAM), this has a performance impact as it
performs the useless list operations on each call (which are on a really
hot path).

On my machine emulation (ARM on amd64), this patch reduces the
percentage of CPU time spent in qemu_get_ram_ptr from 6.3% to 2.1% in the
profiling of a full boot.

Signed-off-by: Vincent Palatin <vpalatin@chromium.org>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>

xilinx-ethlite: Simplify byteswapping to/from brams

Signed-off-by: Edgar E. Iglesias <edgar.iglesias@petalogix.com>

mainstone: PCMCIA support

Extend mst_fpga and mainstone with logic to support PCMCIA
attachment (IRQs, status regs).

Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Signed-off-by: Andrzej Zaborowski <andrew.zaborowski@intel.com>

mainstone: use gpio 0 for connection of FPGA instead of hooking into PIC directly

Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Signed-off-by: Andrzej Zaborowski <andrew.zaborowski@intel.com>

pxa2xx_timer: Get rid of .level in PXA2xxTimer0.

pxa2xx_pic: fixup initialisation

This is based on Dmitry Eremin-Solenikov's patch but simplified.

pxa2xx_timer: separate irq for pxa27x handling

First, sysbus_init_irq shan't be called on on-stack variables. Indeed,
it only stores a passed pointer in qdev and the stored irq is later
populated, so we get a nice write-to-stack bug.
Second, irq for pxa27x should probably be handled in a more gentler way,
as we should check if we have events to raise this irq.

Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Signed-off-by: Andrzej Zaborowski <andrew.zaborowski@intel.com>

trace: Trace posix-aio-compat.c completion and cancellation

This patch adds paio_complete() and paio_cancel() trace events to
complement the paio_submit() event.

Signed-off-by: Stefan Hajnoczi <stefanha@linux.vnet.ibm.com>

trace: Trace bdrv_aio_flush()

Add a trace event for bdrv_aio_flush() to complement the existing
bdrv_aio_readv() and bdrv_aio_writev() events.

Signed-off-by: Stefan Hajnoczi <stefanha@linux.vnet.ibm.com>

simpletrace: Thread-safe tracing

Trace events outside the global mutex cannot be used with the simple
trace backend since it is not thread-safe.  There is no check to prevent
them being enabled so people sometimes learn this the hard way.

This patch restructures the simple trace backend with a ring buffer
suitable for multiple concurrent writers.  A writeout thread empties the
trace buffer when threshold fill levels are reached.  Should the
writeout thread be unable to keep up with trace generation, records will
simply be dropped.

Each time events are dropped a special record is written to the trace
file indicating how many events were dropped.  The event ID is
0xfffffffffffffffe and its signature is dropped(uint32_t count).

Signed-off-by: Stefan Hajnoczi <stefanha@linux.vnet.ibm.com>

MAINTAINERS: add LatticeMico32 maintainer

Add me as the lm32-target and machines maintainer.

Signed-off-by: Michael Walle <michael@walle.cc>
Signed-off-by: Edgar E. Iglesias <edgar.iglesias@gmail.com>

Add lm32 target to configure

Signed-off-by: Michael Walle <michael@walle.cc>
Signed-off-by: Edgar E. Iglesias <edgar.iglesias@gmail.com>

lm32: opcode testsuite

This patch creates tests/lm32 directory and adds tests for every
LatticeMico32 opcode.

Signed-off-by: Michael Walle <michael@walle.cc>
Signed-off-by: Edgar E. Iglesias <edgar.iglesias@gmail.com>

lm32: todo and documentation

This patch adds general target documentation and a todo list.

Signed-off-by: Michael Walle <michael@walle.cc>
Signed-off-by: Edgar E. Iglesias <edgar.iglesias@gmail.com>

lm32: EVR32 and uclinux BSP

This patch adds support for the following two BSPs:
- LM32 EVR32 BSP (as used by RTEMS)
- uclinux BSP by Theobroma Systems

Signed-off-by: Michael Walle <michael@walle.cc>
Signed-off-by: Edgar E. Iglesias <edgar.iglesias@gmail.com>

lm32: support for creating device tree

This patch adds helper functions to create a ROM, which contains a hardware
description of a board. This is used in Theobromas LM32 Linux port.

Signed-off-by: Michael Walle <michael@walle.cc>
Signed-off-by: Edgar E. Iglesias <edgar.iglesias@gmail.com>

lm32: system control model

This patch add support for a system control block. It is supposed to
act as helper for the emulated program. E.g. shutting down the VM or
printing test results. This model is intended for testing purposes only and
doesn't fit to any real hardware. Therefore, it is not added to any board
by default. Instead a user has to add it explicitly with the '-device'
commandline parameter.

Signed-off-by: Michael Walle <michael@walle.cc>
Signed-off-by: Edgar E. Iglesias <edgar.iglesias@gmail.com>

lm32: uart model

This patch add support for the LatticeMico32 UART.

Signed-off-by: Michael Walle <michael@walle.cc>
Signed-off-by: Edgar E. Iglesias <edgar.iglesias@gmail.com>

lm32: timer model

This patch adds support for the LatticeMico32 system timer.

Signed-off-by: Michael Walle <michael@walle.cc>
Signed-off-by: Edgar E. Iglesias <edgar.iglesias@gmail.com>

lm32: pic and juart helper functions

This patch adds init functions for the PIC and JTAG UART commonly used
in the board initialization.

Signed-off-by: Michael Walle <michael@walle.cc>
Signed-off-by: Edgar E. Iglesias <edgar.iglesias@gmail.com>

lm32: juart model

This patch adds the JTAG UART model. It is accessed through special control
registers and opcodes. Therefore the translation uses callbacks to this
model.

Signed-off-by: Michael Walle <michael@walle.cc>
Signed-off-by: Edgar E. Iglesias <edgar.iglesias@gmail.com>

lm32: interrupt controller model

This patch adds the interrupt controller of the lm32. Because the PIC is
accessed through special control registers and opcodes, there are callbacks
from the lm32 translation code to this model.

Signed-off-by: Michael Walle <michael@walle.cc>
Signed-off-by: Edgar E. Iglesias <edgar.iglesias@gmail.com>

lm32: gdbstub support

This patch adds lm32 support to the gdbstub.

Signed-off-by: Michael Walle <michael@walle.cc>
Signed-off-by: Edgar E. Iglesias <edgar.iglesias@gmail.com>

lm32: machine state loading/saving

This patch adds support for saving and loading the processor state.

Signed-off-by: Michael Walle <michael@walle.cc>
Signed-off-by: Edgar E. Iglesias <edgar.iglesias@gmail.com>

lm32: translation code helper

This patch adds translation helper functions.

Signed-off-by: Michael Walle <michael@walle.cc>
Signed-off-by: Edgar E. Iglesias <edgar.iglesias@gmail.com>

lm32: translation routines

This patch adds the main translation routine. All opcodes of the
LatticeMico32 processor are supported and translated to TCG ops.

Signed-off-by: Michael Walle <michael@walle.cc>
Signed-off-by: Edgar E. Iglesias <edgar.iglesias@gmail.com>

LatticeMico32 target support

This patch adds support for the LatticeMico32 softcore processor by Lattice
Semiconductor.

Signed-off-by: Michael Walle <michael@walle.cc>
Signed-off-by: Edgar E. Iglesias <edgar.iglesias@gmail.com>

target-arm: Implement a minimal set of cp14 debug registers

Newer ARM kernels try to probe for whether the CPU has hardware breakpoint
support. For this to work QEMU has to implement a minimal set of the cp14
debug registers. The architecture requires v7 cores to implement debug
and so there is no defined way to report its absence; however in practice
returning a zero DBGDIDR (ie with a reserved value for "debug architecture
version") should cause well-written hw debug users to do the right thing.
We also implement DBGDRAR and DBGDSAR as RAZ, indicating no memory mapped
debug components.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>

target-arm: Use TCG temporary leak debugging facilities

Use the new TCG temporary leak debugging facilities to
check that each ARM instruction does not leak temporaries.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>

target-arm: Remove ad-hoc leak checking code

This commit removes the ad-hoc resource leak checking code from
target-arm. This includes replacing all uses of new_tmp() with
tcg_temp_new_i32() and all uses of dead_tmp() with
tcg_temp_free_i32().

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>

tcg: Add support for debugging leakage of temporaries

Add support (if CONFIG_DEBUG_TCG is defined) for debugging leakage
of temporary variables. Generally any temporaries created by
a target while it is translating an instruction should be freed
by the end of that instruction; otherwise carefully crafted
guest code could cause TCG to run out of temporaries and assert.
By calling tcg_check_temp_count() after each instruction we can
check that we are not leaking temporaries in this way.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>