review.tizen.org Git - sdk/emulator/qemu.git/log

target-mips: generate a reserved instruction exception on CPU without DSP

On CPU without DSP ASE support, a reserved instruction exception (instead of
a DSP ASE sate disabled) should be generated.

Reviewed-by: Richard Henderson <rth@twiddle.net>
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>

target-mips: copy insn_flags in DisasContext

Copy insn_flags in DisasContext to avoid passing a CPUMIPSState pointer
to subroutines, as suggested by Richard Henderson. Change subroutines to
use this new field and remove the first argument.

Reviewed-by: Richard Henderson <rth@twiddle.net>
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>

target-mips: fix DSP loads with rd = 0

When rd is 0, which still need to do the actually load to possibly
generate a TLB exception.

Reviewed-by: Eric Johnson <ericj@mips.com>
Reviewed-by: Richard Henderson <rth@twiddle.net>
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>

Merge remote-tracking branch 'pmaydell/arm-devs.next' into staging

# By Christoffer Dall (1) and Peter Maydell (1)
# Via Peter Maydell
* pmaydell/arm-devs.next:
hw/vexpress: Use correct HBI (board model number) for vexpress-a15
hw/arm_sysctl: Clear sysctl cfgctrl start bit

Merge remote-tracking branch 'stefanha/trivial-patches' into staging

# By Markus Armbruster (12) and others
# Via Stefan Hajnoczi
* stefanha/trivial-patches:
  qmp-commands.hx: s/tray-open/tray_open/ to match qapi schema
  tests: Fix {rtc, m48t59}-test build on illumos
  qemu-pixman.h: Avoid mutual inclusion loop with console.h
  qemu-ga: Fix unchecked strdup() by converting to g_strdup()
  qapi: Fix unchecked strdup() by converting to g_strdup()
  libcacard: Fix unchecked strdup() by converting to g_strdup()
  qemu-log: Plug trivial memory leak in cpu_set_log_filename()
  qemu-log: Fix unchecked strdup() by converting to g_strdup()
  virtfs-proxy-helper: Fix unchecked strdup() by conv. to g_strdup()
  spice: Fix unchecked strdup() by converting to g_strdup()
  readline: Fix unchecked strdup() by converting to g_strdup()
  hw/9pfs: Fix unchecked strdup() by converting to g_strdup()
  g_strdup(NULL) returns NULL; simplify
  g_malloc(0) and g_malloc0(0) return NULL; simplify
  xilinx_axidma: Fix debug mode compile messages
  cadence_gem: Debug mode compile fixes
  cadence_ttc: Debug mode compile fixes
  vnc: Clean up vncws_send_handshake_response()

Merge remote-tracking branch 'afaerber-or/prep-up' into staging

# By Andreas Färber
# Via Andreas Färber
* afaerber-or/prep-up:
  prep: Move PReP machine to hw/ppc/
  prep_pci: Convert to QOM realizefn
  prep_pci: Create PCIBus and PCIDevice in-place

Merge remote-tracking branch 'agraf/s390-for-upstream' into staging

# By Cornelia Huck (13) and others
# Via Alexander Graf
* agraf/s390-for-upstream:
  s390: Drop set_bit usage in virtio_ccw.
  s390: css error codes.
  s390: Use s390_cpu_physical_memory_map for tpi.
  sclpconsole: Don't instantiate sclpconsole with -nodefaults
  s390: Add s390-ccw-virtio machine.
  s390-virtio: Check for NULL device in reset hypercall
  s390: Move hw files to hw/s390x
  virtio-s390: add a reset function to virtio-s390 devices
  s390: Make typeinfo const
  s390: Add new channel I/O based virtio transport.
  s390-virtio: Factor out some initialization code.
  s390: Wire up channel I/O in kvm.
  s390: Virtual channel subsystem support.
  s390: Add channel I/O instructions.
  s390: I/O interrupt and machine check injection.
  s390: Channel I/O basic definitions.
  s390: Add mapping helper functions.
  s390: Lowcore mapping helper.
  s390: Add default support for SCLP console

hw/vexpress: Use correct HBI (board model number) for vexpress-a15

The vexpress-a15 QEMU model is supposed to be a V2P-CA15; the HBI
(a kind of board model number) for this coretile is 237, not 217.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>

hw/arm_sysctl: Clear sysctl cfgctrl start bit

The start bit should only be set to indicate that a function call is
underway, right now. When done with function, clear it.

Signed-off-by: Christoffer Dall <c.dall@virtualopensystems.com>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>

qmp-commands.hx: s/tray-open/tray_open/ to match qapi schema

Currently, we are using 'tray_open' in QMP and 'tray-open' in
HMP. However, the QMP documentation was mistakenly using the
HMP version.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>

tests: Fix {rtc, m48t59}-test build on illumos

Struct tm does not have tm_gmtoff field on illumos.
Fix the build by not zero-initializing these fields on Solaris.

Cc: qemu-stable@nongnu.org
Signed-off-by: Andreas Färber <andreas.faerber@web.de>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>

qemu-pixman.h: Avoid mutual inclusion loop with console.h

Remove an unnecessary mutual inclusion loop between qemu-pixman.h and
console.h, since the former was only including the latter for
'PixelFormat*', which can be provided by typedefs.h. This requires a
minor adjustment to the files which included qemu-pixman.h, since
they were relying on it implicitly dragging in all of console.h.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Acked-by: Gerd Hoffmann <kraxel@redhat.com>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>

qemu-ga: Fix unchecked strdup() by converting to g_strdup()

I figure it's freed somewhere deep down in QAPI, with g_free().

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Reviewed-by: Luiz Capitulino <lcapitulino@redhat.com>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>

qapi: Fix unchecked strdup() by converting to g_strdup()

Note that we already free with g_free().

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Reviewed-by: Luiz Capitulino <lcapitulino@redhat.com>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>

libcacard: Fix unchecked strdup() by converting to g_strdup()

Note that we already free with g_free().

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>

qemu-log: Plug trivial memory leak in cpu_set_log_filename()

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>

qemu-log: Fix unchecked strdup() by converting to g_strdup()

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>

virtfs-proxy-helper: Fix unchecked strdup() by conv. to g_strdup()

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>

spice: Fix unchecked strdup() by converting to g_strdup()

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>

readline: Fix unchecked strdup() by converting to g_strdup()

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>

hw/9pfs: Fix unchecked strdup() by converting to g_strdup()

Note: the allocation in virtio_9p_init() is still leaked. To be fixed
in a followup commit.

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>

g_strdup(NULL) returns NULL; simplify

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>

g_malloc(0) and g_malloc0(0) return NULL; simplify

Once upon a time, it was decided that qemu_malloc(0) should abort.
Switching to glib retired that bright idea. Some code that was added
to cope with it (e.g. in commits 702ef63, b76b6e9) is still around.
Bury it.

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>

prep: Move PReP machine to hw/ppc/

Signed-off-by: Andreas Färber <andreas.faerber@web.de>

xilinx_axidma: Fix debug mode compile messages

Missing cast one one of the conditionally compiled printfs.

Signed-off-by: Peter Crosthwaite <peter.crosthwaite@xilinx.com>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>

cadence_gem: Debug mode compile fixes

Some printfs are throwing warnings when debug mode is enabled. Fixed.

Signed-off-by: Peter Crosthwaite <peter.crosthwaite@xilinx.com>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>

cadence_ttc: Debug mode compile fixes

Some printfs are throwing warnings when debug mode is enabled. Fixed.

Signed-off-by: Peter Crosthwaite <peter.crosthwaite@xilinx.com>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>

vnc: Clean up vncws_send_handshake_response()

Use appropriate types, drop superfluous casts, use sizeof, don't
exploit that this particular call of gnutls_fingerprint() doesn't
change its last argument.

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>

Merge remote-tracking branch 'qemu-kvm/uq/master' into staging

* qemu-kvm/uq/master:
target-i386: kvm: prevent buffer overflow if -cpu foo, [x]level is too big
vmxcap: bit 9 of VMX_PROCBASED_CTLS2 is 'virtual interrupt delivery'

Conflicts:
target-i386/kvm.c

Trivial merge resolution due to lack of context.

Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>

Merge remote-tracking branch 'mdroth/qga-pull-1-28-13' into staging

# By Markus Armbruster
# Via Michael Roth
* mdroth/qga-pull-1-28-13:
qemu-ga: Plug leaks on qmp_guest_network_get_interfaces() error paths
qemu-ga: Plug memory leak in guest_fsfreeze_cleanup()

s390: Drop set_bit usage in virtio_ccw.

set_bit on indicators doesn't go well on 32 bit targets:

note: expected 'long unsigned int *' but argument is of type 'uint64_t *'

Switch to bit shifts instead.

Signed-off-by: Cornelia Huck <cornelia.huck@de.ibm.com>
[agraf: use 1ULL instead]
Signed-off-by: Alexander Graf <agraf@suse.de>

s390: css error codes.

Changed error codes in the channel subsystem / virtio-ccw code
(-EOPNOTSUPP -> -ENOSYS, -ERESTART -> -EINPROGRESS).

This should hopefully fix building on mingw32.

Signed-off-by: Cornelia Huck <cornelia.huck@de.ibm.com>
Reviewed-by: Stefan Weil <sw@weilnetz.de>
Signed-off-by: Alexander Graf <agraf@suse.de>

s390: Use s390_cpu_physical_memory_map for tpi.

Map the I/O interruption code before calling into css.

Signed-off-by: Cornelia Huck <cornelia.huck@de.ibm.com>
Signed-off-by: Alexander Graf <agraf@suse.de>

sclpconsole: Don't instantiate sclpconsole with -nodefaults

libvirt specifies nodefaults and creates an sclp console with special
parameters. Let qemu follow nodefaults and don't create an sclp
console if nodefaults is specified.

Signed-off-by: Christian Borntraeger <borntraeger@de.ibm.com>
Signed-off-by: Alexander Graf <agraf@suse.de>

s390: Add s390-ccw-virtio machine.

Add a new machine type, s390-ccw-virtio, making use of the
virtio-ccw transport to present virtio devices as channel
devices.

Signed-off-by: Cornelia Huck <cornelia.huck@de.ibm.com>
Signed-off-by: Alexander Graf <agraf@suse.de>

s390-virtio: Check for NULL device in reset hypercall

s390_virtio_bus_find_mem() may return a NULL VirtIOS390Device.
If called with, e.g., args[0] == 0, this leads to a segfault.
Fix this by adding error handling as done for other hypercalls.

Present since baf0b55a9e57b909b1f8b0f732c0b10242867418 (Implement
virtio reset).

Signed-off-by: Andreas Färber <afaerber@suse.de>
Signed-off-by: Alexander Graf <agraf@suse.de>

s390: Move hw files to hw/s390x

This moves all files only used by s390 system emulation to hw/s390x.

Signed-off-by: Alexander Graf <agraf@suse.de>
Acked-by: Christian Borntraeger <borntraeger@de.ibm.com>

virtio-s390: add a reset function to virtio-s390 devices

virtio-s390 devices are not being reset when their bus is. To fix
this, add a reset method that forwards to virtio_reset. This is
only needed because of the "strange" modeling of virtio devices;
the ->vdev link is being handled manually rather than through qdev.

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Alexander Graf <agraf@suse.de>

s390: Make typeinfo const

All TypeInfo definitions should be const.

Signed-off-by: Alexander Graf <agraf@suse.de>

s390: Add new channel I/O based virtio transport.

Add a new virtio transport that uses channel commands to perform
virtio operations.

Signed-off-by: Cornelia Huck <cornelia.huck@de.ibm.com>
Signed-off-by: Alexander Graf <agraf@suse.de>

s390-virtio: Factor out some initialization code.

Some of the machine initialization for s390-virtio will be reused
by virtio-ccw.

Signed-off-by: Cornelia Huck <cornelia.huck@de.ibm.com>
Signed-off-by: Alexander Graf <agraf@suse.de>

s390: Wire up channel I/O in kvm.

Trigger the code for our virtual css in case of instruction
intercepts for I/O instructions.

Handle the tsch exit for the subchannel-related part of tsch.

Signed-off-by: Cornelia Huck <cornelia.huck@de.ibm.com>
Signed-off-by: Alexander Graf <agraf@suse.de>

s390: Virtual channel subsystem support.

Provide a mechanism for qemu to provide fully virtual subchannels to
the guest.

Signed-off-by: Cornelia Huck <cornelia.huck@de.ibm.com>
Signed-off-by: Alexander Graf <agraf@suse.de>

s390: Add channel I/O instructions.

Provide handlers for (most) channel I/O instructions.

Signed-off-by: Cornelia Huck <cornelia.huck@de.ibm.com>
Signed-off-by: Alexander Graf <agraf@suse.de>

s390: I/O interrupt and machine check injection.

I/O interrupts are queued per isc. Only crw pending machine checks
are supported.

Signed-off-by: Cornelia Huck <cornelia.huck@de.ibm.com>
Signed-off-by: Alexander Graf <agraf@suse.de>

s390: Channel I/O basic definitions.

Basic channel I/O structures and helper function.

Signed-off-by: Cornelia Huck <cornelia.huck@de.ibm.com>
Signed-off-by: Alexander Graf <agraf@suse.de>

s390: Add mapping helper functions.

Add s390_cpu_physical_memory_{map,unmap} with special handling
for the lowcore.

Signed-off-by: Cornelia Huck <cornelia.huck@de.ibm.com>
Signed-off-by: Alexander Graf <agraf@suse.de>

s390: Lowcore mapping helper.

Create a lowcore mapping helper that includes a check for sufficient
length.

Signed-off-by: Cornelia Huck <cornelia.huck@de.ibm.com>
Signed-off-by: Alexander Graf <agraf@suse.de>

s390: Add default support for SCLP console

The current s390 machine uses the virtio console as default console,
but this doesn't mean that we always want to keep it that way for new
machines.

This patch introduces a way for a machine type to specify that it wants
the default console to be an SCLP console, which is a lot closer to what
real hardware does.

Signed-off-by: Alexander Graf <agraf@suse.de>
Reviewed-by: Andreas Färber <afaerber@suse.de>

target-i386: kvm: prevent buffer overflow if -cpu foo, [x]level is too big

Stack corruption may occur if too big 'level' or 'xlevel' values passed
on command line with KVM enabled, due to limited size of cpuid_data
in kvm_arch_init_vcpu().

reproduces with:
qemu -enable-kvm -cpu qemu64,level=4294967295
or
qemu -enable-kvm -cpu qemu64,xlevel=4294967295

Check if there is space in cpuid_data before passing it to cpu_x86_cpuid()
or abort() if there is not space.

Reviewed-by: Laszlo Ersek <lersek@redhat.com>
Reviewed-by: Andreas Faerber <afaerber@suse.de>
Signed-off-by: Igor Mammedov <imammedo@redhat.com>
Signed-off-by: Gleb Natapov <gleb@redhat.com>

Merge remote-tracking branch 'afaerber/qom-cpu' into staging

* afaerber/qom-cpu: (37 commits)
  kvm: Pass CPUState to kvm_on_sigbus_vcpu()
  cpu: Unconditionalize CPUState fields
  target-m68k: Use type_register() instead of type_register_static()
  target-unicore32: Use type_register() instead of type_register_static()
  target-openrisc: Use type_register() instead of type_register_static()
  target-unicore32: Catch attempt to instantiate abstract type in cpu_init()
  target-openrisc: Catch attempt to instantiate abstract type in cpu_init()
  target-m68k: Catch attempt to instantiate abstract type in cpu_init()
  target-arm: Catch attempt to instantiate abstract type in cpu_init()
  target-alpha: Catch attempt to instantiate abstract type in cpu_init()
  qom: Introduce object_class_is_abstract()
  target-unicore32: Detect attempt to instantiate non-CPU type in cpu_init()
  target-openrisc: Detect attempt to instantiate non-CPU type in cpu_init()
  target-m68k: Detect attempt to instantiate non-CPU type in cpu_init()
  target-alpha: Detect attempt to instantiate non-CPU type in cpu_init()
  target-arm: Detect attempt to instantiate non-CPU type in cpu_init()
  cpu: Add model resolution support to CPUClass
  target-i386: Remove setting tsc-frequency from x86_def_t
  target-i386: Set custom features/properties without intermediate x86_def_t
  target-i386: Remove vendor_override field from CPUX86State
  ...

Conflicts:
tests/Makefile

Resolved simple conflict caused by lack of context in Makefile

Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>

Merge remote-tracking branch 'kwolf/for-anthony' into staging

# By Paolo Bonzini (14) and others
# Via Kevin Wolf
* kwolf/for-anthony: (24 commits)
  ide: Add fall through annotations
  block: Create proper size file for disk mirror
  ahci: Add migration support
  ahci: Change data types in preparation for migration
  ahci: Remove unused AHCIDevice fields
  hbitmap: add assertion on hbitmap_iter_init
  mirror: do nothing on zero-sized disk
  block/vdi: Check for bad signature
  block/vdi: Improved return values from vdi_open
  block/vdi: Improve debug output for signature
  block: Use error code EMEDIUMTYPE for wrong format in some block drivers
  block: Add special error code for wrong format
  mirror: support arbitrarily-sized iterations
  mirror: support more than one in-flight AIO operation
  mirror: add buf-size argument to drive-mirror
  mirror: switch mirror_iteration to AIO
  mirror: allow customizing the granularity
  block: allow customizing the granularity of the dirty bitmap
  block: return count of dirty sectors, not chunks
  mirror: perform COW if the cluster size is bigger than the granularity
  ...

Merge remote-tracking branch 'luiz/queue/qmp' into staging

# By Lei Li (3) and others
# Via Luiz Capitulino
* luiz/queue/qmp:
  QAPI: Introduce memchar-read QMP command
  QAPI: Introduce memchar-write QMP command
  qemu-char: Add new char backend CirMemCharDriver
  docs: document virtio-balloon stats
  balloon: re-enable balloon stats
  balloon: drop old stats code & API
  block: Monitor command commit neglects to report some errors

qemu-ga: Plug leaks on qmp_guest_network_get_interfaces() error paths

Spotted by Coverity.

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Reviewed-by: Luiz Capitulino <lcapitulino@redhat.com>
Signed-off-by: Michael Roth <mdroth@linux.vnet.ibm.com>

qemu-ga: Plug memory leak in guest_fsfreeze_cleanup()

Neglects to free errors allocated by qmp_guest_fsfreeze_thaw().
Spotted by Coverity.

While there, drop the test whether return value is negative (it's
never true), and improve logging.

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Reviewed-by: Luiz Capitulino <lcapitulino@redhat.com>
Signed-off-by: Michael Roth <mdroth@linux.vnet.ibm.com>

kvm: Pass CPUState to kvm_on_sigbus_vcpu()

Since commit 20d695a9254c1b086a456d3b79a3c311236643ba (kvm: Pass
CPUState to kvm_arch_*) CPUArchState is no longer needed.

Allows to change qemu_kvm_eat_signals() argument as well.

Signed-off-by: Andreas Färber <afaerber@suse.de>
Reviewed-by: Gleb Natapov <gleb@redhat.com>

cpu: Unconditionalize CPUState fields

Commits fc8c5b8c41ee5ba69d7a2be63b02a08c7b0b155b (Makefile.user: Define
CONFIG_USER_ONLY for libuser/) and
dd83b06ae61cfa2dc4381ab49f365bd0995fc930 (qom: Introduce CPU class)
specifically prepared the qom/cpu.c file to be compiled differently for
softmmu and *-user. This broke as part of build system refactorings
while CPU patches were in flight, adding conditional fields
kvm_fd (8737c51c0444f832c4e97d7eb7540eae457e08e4) and
kvm_vcpu_dirty (20d695a9254c1b086a456d3b79a3c311236643ba) for softmmu.

linux-user and bsd-user would therefore get a CPUState type with
instance_size ~8 bytes longer than expected.
Fix this by unconditionally having the fields in CPUState.

In practice, target-specific CPU types' instance_size would compensate
this, and upstream qom/cpu.c does not yet touch any affected field.

Signed-off-by: Andreas Färber <afaerber@suse.de>
Reviewed-by: Paolo Bonzini <pbonzini@redhat.com>

target-m68k: Use type_register() instead of type_register_static()

According to its documentation, type_register_static()'s TypeInfo
argument should exist for the life type of the type.
Therefore use type_register() when registering the list of CPU subtypes.

No functional change with the current implementation.

Cf. 918fd0839eeafc83bd4984364321a947d29041fe for arm.

Signed-off-by: Andreas Färber <afaerber@suse.de>

target-unicore32: Use type_register() instead of type_register_static()

According to its documentation, type_register_static()'s TypeInfo
argument should exist for the life type of the type.
Therefore use type_register() when registering the list of CPU subtypes.

No functional change with the current implementation.

Cf. 918fd0839eeafc83bd4984364321a947d29041fe for arm.

Signed-off-by: Andreas Färber <afaerber@suse.de>

target-openrisc: Use type_register() instead of type_register_static()

According to its documentation, type_register_static()'s TypeInfo
argument should exist for the life type of the type.
Therefore use type_register() when registering the list of CPU subtypes.

No functional change with the current implementation.

Cf. 918fd0839eeafc83bd4984364321a947d29041fe for arm.

Signed-off-by: Andreas Färber <afaerber@suse.de>

target-unicore32: Catch attempt to instantiate abstract type in cpu_init()

Fixes -cpu unicore32-cpu asserting.

Cc: qemu-stable@nongnu.org
Signed-off-by: Andreas Färber <afaerber@suse.de>

target-openrisc: Catch attempt to instantiate abstract type in cpu_init()

There is no abstract OpenRISCCPU yet, but that seems a bug of its own.

Cc: qemu-stable@nongnu.org
Signed-off-by: Andreas Färber <afaerber@suse.de>

target-m68k: Catch attempt to instantiate abstract type in cpu_init()

This fixes -cpu m68k-cpu asserting.

Cc: qemu-stable@nongnu.org
Signed-off-by: Andreas Färber <afaerber@suse.de>

target-arm: Catch attempt to instantiate abstract type in cpu_init()

This fixes -cpu arm-cpu asserting.

Cc: qemu-stable@nongnu.org
Acked-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Andreas Färber <afaerber@suse.de>

target-alpha: Catch attempt to instantiate abstract type in cpu_init()

This fixes -cpu alpha-cpu asserting.

Cc: qemu-stable@nongnu.org
Signed-off-by: Andreas Färber <afaerber@suse.de>

qom: Introduce object_class_is_abstract()

This lets a caller check if an ObjectClass as returned by, e.g.,
object_class_by_name() is instantiatable.

Signed-off-by: Andreas Färber <afaerber@suse.de>
Cc: Anthony Liguori <anthony@codemonkey.ws>

target-unicore32: Detect attempt to instantiate non-CPU type in cpu_init()

Consolidate model checking into a new uc32_cpu_class_by_name().

If the name matches an existing type, also check whether that type is
actually (a sub-type of) TYPE_UNICORE32_CPU.

This fixes, e.g., -cpu puv3_dma asserting.

Cc: qemu-stable@nongnu.org
Signed-off-by: Andreas Färber <afaerber@suse.de>

prep_pci: Convert to QOM realizefn

SysBusDeviceClass' initfn merely calls SysBusDeviceClass::init, so we
can already hook up our own realizefn overwriting this behavior.

A symmetric unrealizefn is not necessary, knowing that the child's
unrealizefn is still no-op, too. Avoids ripping it out again when
recursive realization at DeviceState-level is implemented.

Signed-off-by: Andreas Färber <andreas.faerber@web.de>

prep_pci: Create PCIBus and PCIDevice in-place

Prepares for QOM realizefn by removing object creation from qdev initfn.

Signed-off-by: Andreas Färber <andreas.faerber@web.de>

target-openrisc: Detect attempt to instantiate non-CPU type in cpu_init()

Consolidate model checking into a new openrisc_cpu_class_by_name().

If the name matches an existing type, also check whether that type is
actually (a sub-type of) TYPE_OPENRISC_CPU.

This fixes, e.g., -cpu open_eth asserting.

Cc: qemu-stable@nongnu.org
Signed-off-by: Andreas Färber <afaerber@suse.de>

target-m68k: Detect attempt to instantiate non-CPU type in cpu_init()

Consolidate model checking into a new m68k_cpu_class_by_name().

If the name matches an existing type, also check whether that type is
(a sub-type of) TYPE_M68K_CPU.

This fixes, e.g., -cpu ide-hd asserting.

Signed-off-by: Andreas Färber <afaerber@suse.de>

target-alpha: Detect attempt to instantiate non-CPU type in cpu_init()

Check in alpha_cpu_class_by_name() whether the type found is actually
(a sub-type of) TYPE_ALPHA_CPU.

This fixes, e.g., -cpu typhoon-pcihost asserting.

Signed-off-by: Andreas Färber <afaerber@suse.de>

target-arm: Detect attempt to instantiate non-CPU type in cpu_init()

Consolidate model checking into a new arm_cpu_class_by_name().

If the name matches an existing type, also check whether that type is
actually (a sub-type of) TYPE_ARM_CPU.

This fixes, e.g., -cpu tmp105 asserting.

Cc: qemu-stable <qemu-stable@nongnu.org>
Acked-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Andreas Färber <afaerber@suse.de>

cpu: Add model resolution support to CPUClass

Introduce CPUClass::class_by_name and add a default implementation.
Hook up the alpha and ppc implementations.

Introduce a wrapper function cpu_class_by_name().

Signed-off-by: Andreas Färber <afaerber@suse.de>

target-i386: Remove setting tsc-frequency from x86_def_t

Setting tsc-frequency from x86_def_t is NOP because default tsc_khz
in x86_def_t is 0 and CPUX86State.tsc_khz is also initialized to 0
by default. So there is no need to overwrite tsc_khz with default 0
because field was already initialized to 0.

Custom tsc-frequency setting is not affected due to it being set
without using x86_def_t.

Field tsc_khz in x86_def_t becomes unused with this patch, so drop it
as well.

Signed-off-by: Igor Mammedov <imammedo@redhat.com>
Reviewed-by: Eduardo Habkost <ehabkost@redhat.com>
Signed-off-by: Andreas Färber <afaerber@suse.de>

target-i386: Set custom features/properties without intermediate x86_def_t

Move custom features parsing after built-in cpu_model defaults are set
and set custom features directly on CPU instance. That allows to make a
clear distinction between built-in cpu model defaults that eventually
should go into class_init() and extra property setting which is done
after defaults are set on CPU instance.

Impl. details:
* use object_property_parse() property setter so it would be a mechanical
   change to switch to global properties later.
* And after all current features/properties are converted into static
   properties, it will take a trivial patch to switch to global properties.
   Which will allow to:
   * get CPU instance initialized with all parameters passed on -cpu ...
     cmd. line from object_new() call.
   * call cpu_model/featurestr parsing only once before CPUs are created
   * open a road for removing CPUxxxState.cpu_model_str field, when other
     CPUs are similarly converted to subclasses and static properties.
- re-factor error handling, to use Error instead of fprintf()s, since
   it is anyway passed in for property setter.

Signed-off-by: Igor Mammedov <imammedo@redhat.com>
Signed-off-by: Andreas Färber <afaerber@suse.de>

target-i386: Remove vendor_override field from CPUX86State

Commit 8935499831312 makes cpuid return to guest host's vendor value
instead of built-in one by default if kvm_enabled() == true and allows
to override this behavior if 'vendor' is specified on -cpu command line.

But every time guest calls cpuid to get 'vendor' value, host's value is
read again and again in default case.

It complicates semantics of vendor property and makes it harder to use.

Instead of reading 'vendor' value from host every time cpuid[vendor] is
called, override 'vendor' value only once in cpu_x86_find_by_name(), when
built-in CPU model is found and if(kvm_enabled() == true).

It provides the same default semantics
if (kvm_enabled() == true) vendor = host's vendor
else vendor = built-in vendor

and then later:
if (custom vendor) vendor = custom vendor

'vendor' value is overridden when user provides it on -cpu command line,
and there is no need for vendor_override field anymore, remove it.

Signed-off-by: Igor Mammedov <imammedo@redhat.com>
Signed-off-by: Andreas Färber <afaerber@suse.de>

target-i386: Replace uint32_t vendor fields by vendor string in x86_def_t

Vendor property setter takes string as vendor value but cpudefs
use uint32_t vendor[123] fields to define vendor value. It makes it
difficult to unify and use property setter for values from cpudefs.

Simplify code by using vendor property setter, vendor[123] fields
are converted into vendor[13] array to keep its value. And vendor
property setter is used to access/set value on CPU.

- Make for() cycle reusable for the next patch by adding
x86_cpu_vendor_words2str()

Intel's CPUID spec[1] says:
"
5.1.1 ...
These registers contain the ASCII string: GenuineIntel
...
"

List[2] of known vendor values shows that they all are 12 ASCII
characters long, padded where necessary with space.

Current supported values are all ASCII characters packed in
ebx, edx, ecx. So lets state that QEMU supports 12 printable ASCII
characters packed in ebx, edx, ecx registers for cpuid(0) instruction.

*1 - http://www.intel.com/Assets/PDF/appnote/241618.pdf
*2 - http://en.wikipedia.org/wiki/CPUID#EAX.3D0:_Get_vendor_ID

Signed-off-by: Igor Mammedov <imammedo@redhat.com>
Signed-off-by: Andreas Färber <afaerber@suse.de>

target-i386: Print deprecation warning if xlevel < 0x80000000

Signed-off-by: Igor Mammedov <imammedo@redhat.com>
Reviewed-by: Eduardo Habkost <ehabkost@redhat.com>
Signed-off-by: Andreas Färber <afaerber@suse.de>

target-i386: Drop redundant list of CPU definitions

It is no longer needed since dropping cpudef config file support.
Cleaning this up removes knowledge about other models from x86_def_t,
in preparation for reusing x86_def_t as intermediate step towards pure
QOM X86CPU subclasses.

Signed-off-by: Andreas Färber <afaerber@suse.de>

target-i386: Simplify cpu_x86_find_by_name()

Catch NULL name argument early to avoid repeated checks.
Similarly, check for -cpu host early and untangle from iterating through
model definitions. This prepares for introducing X86CPU subclasses.

Signed-off-by: Andreas Färber <afaerber@suse.de>

pc: Generate APIC IDs according to CPU topology

This keeps compatibility on machine-types pc-1.2 and older, and prints a
warning in case the requested configuration won't get the correct
topology.

I couldn't think of a better way to warn about broken topology when in
compat mode other than using error_report(). The warning message will
probably be buried in a log file somewhere, but it's better than
nothing.

Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
Signed-off-by: Andreas Färber <afaerber@suse.de>

target-i386: Topology & APIC ID utility functions

This introduces utility functions for the APIC ID calculation, based on:
  Intel® 64 Architecture Processor Topology Enumeration
  http://software.intel.com/en-us/articles/intel-64-architecture-processor-topology-enumeration/

The code should be compatible with AMD's "Extended Method" described at:
  AMD CPUID Specification (Publication #25481)
  Section 3: Multiple Core Calcuation
as long as:
- nr_threads is set to 1;
- OFFSET_IDX is assumed to be 0;
- CPUID Fn8000_0008_ECX[ApicIdCoreIdSize[3:0]] is set to
   apicid_core_width().

Unit tests included.

Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
Signed-off-by: Andreas Färber <afaerber@suse.de>

pc: Set fw_cfg data based on APIC ID calculation

This changes FW_CFG_MAX_CPUS and FW_CFG_NUMA to use apic_id_for_cpu(),
so the NUMA table can be based on the APIC IDs, instead of CPU index
(SeaBIOS knows nothing about CPU indexes, just APIC IDs).

Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
Signed-off-by: Andreas Färber <afaerber@suse.de>

cpus.h: Make constant smp_cores/smp_threads available on *-user

The code that calculates the APIC ID will use smp_cores/smp_threads, so
just define them as 1 on *-user to avoid #ifdefs in the code.

Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
Signed-off-by: Andreas Färber <afaerber@suse.de>

fw_cfg: Remove FW_CFG_MAX_CPUS from fw_cfg_init()

PC will not use max_cpus for that field, so move it outside the common
code so it can use a different value on PC.

Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
Signed-off-by: Andreas Färber <afaerber@suse.de>

target-i386: Introduce x86_cpu_apic_id_from_index() function

This function will be used by both the CPU initialization code and the
fw_cfg table initialization code.

Later this function will be updated to generate APIC IDs according to
the CPU topology.

Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
Signed-off-by: Andreas Färber <afaerber@suse.de>

target-i386: kvm: Set vcpu_id to APIC ID instead of CPU index

The CPU ID in KVM is supposed to be the APIC ID, so change the
KVM_CREATE_VCPU call to match it. The current behavior didn't break
anything yet because today the APIC ID is assumed to be equal to the CPU
index, but this won't be true in the future.

Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
Reviewed-by: Marcelo Tosatti <mtosatti@redhat.com>
Acked-by: Gleb Natapov <gleb@redhat.com>
Signed-off-by: Andreas Färber <afaerber@suse.de>

kvm: Create kvm_arch_vcpu_id() function

This will allow each architecture to define how the VCPU ID is set on
the KVM_CREATE_VCPU ioctl call.

Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
Acked-by: Gleb Natapov <gleb@redhat.com>
Signed-off-by: Andreas Färber <afaerber@suse.de>

pc: Reverse pc_init_pci() compatibility logic

Currently, the pc-1.4 machine init function enables PV EOI and then
calls the pc-1.2 machine init function. The problem with this approach
is that now we can't enable any additional compatibility code inside the
pc-1.2 init function because it would end up enabling the compatibility
behavior on pc-1.3 and pc-1.4 as well.

This reverses the logic so that the pc-1.2 machine init function will
disable PV EOI, and then call the pc-1.4 machine init function.

This way we can change older machine-types to enable compatibility
behavior, and the newer machine-types (pc-1.3, pc-q35-1.4 and
pc-i440fx-1.4) would just use the default behavior.

(This means that one nice side-effect of this change is that pc-q35-1.4
will get PV EOI enabled by default, too)

It would be interesting to eventually change pc_init_pci_no_kvmclock()
and pc_init_isa() to reuse pc_init_pci_1_2() as well (so we don't need
to duplicate compatibility code on those two functions). But this will
be probably much easier to do after we create a PCInitArgs struct for
the PC initialization arguments, and/or after we use global-properties
to implement the compatibility modes present in pc_init_pci_1_2().

Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
Acked-by: Michael S. Tsirkin <mst@redhat.com>
Reviewed-by: Marcelo Tosatti <mtosatti@redhat.com>
Signed-off-by: Andreas Färber <afaerber@suse.de>

target-i386: Don't set any KVM flag by default if KVM is disabled

This is a cleanup that tries to solve two small issues:

- We don't need a separate kvm_pv_eoi_features variable just to keep a
   constant calculated at compile-time, and this style would require
   adding a separate variable (that's declared twice because of the
   CONFIG_KVM ifdef) for each feature that's going to be
   enabled/disabled by machine-type compat code.
- The pc-1.3 code is setting the kvm_pv_eoi flag on cpuid_kvm_features
   even when KVM is disabled at runtime. This small inconsistency in
   the cpuid_kvm_features field isn't a problem today because
   cpuid_kvm_features is ignored by the TCG code, but it may cause
   unexpected problems later when refactoring the CPUID handling code.

This patch eliminates the kvm_pv_eoi_features variable and simply uses
kvm_enabled() inside the enable_kvm_pv_eoi() compat function, so it
enables kvm_pv_eoi only if KVM is enabled. I believe this makes the
behavior of enable_kvm_pv_eoi() clearer and easier to understand.

Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
Acked-by: Gleb Natapov <gleb@redhat.com>
Reviewed-by: Marcelo Tosatti <mtosatti@redhat.com>
Signed-off-by: Andreas Färber <afaerber@suse.de>

kvm: Add fake KVM_FEATURE_CLOCKSOURCE_STABLE_BIT for builds without KVM

Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
Acked-by: Marcelo Tosatti <mtosatti@redhat.com>
Signed-off-by: Andreas Färber <afaerber@suse.de>

target-openrisc: Clean up triple QOM casts

Instead of calling openrisc_env_get_cpu(), casting to CPU() via the
ENV_GET_CPU() compatibility macro and casting back to OPENRISC_CPU(),
just call openrisc_env_get_cpu() directly.

ENV_GET_CPU() is meant as workaround for target-independent code only.

Signed-off-by: Andreas Färber <afaerber@suse.de>

target-openrisc: Drop OpenRISCCPUList

It was missed in 92a3136174f60ee45b113296cb2c2a5225b00369 (cpu:
Introduce CPUListState struct) because its naming did not match the
*CPUListState pattern. Use the generalized CPUListState instead.

Signed-off-by: Andreas Färber <afaerber@suse.de>

xilinx_ethlite: Avoid build warnings in debug code

Signed-off-by: Edgar E. Iglesias <edgar.iglesias@gmail.com>

m25p80.c: Return state to IDLE after COLLECTING

Default to moving back to the IDLE state after the COLLECTING_DATA
state. For a well behaved guest this patch has no consequence, but
A bad guest could crash QEMU by using one of the erase commands
followed by a longer than 5 byte argument (undefined behaviour).

Signed-off-by: Peter Crosthwaite <peter.crosthwaite@xilinx.com>
Signed-off-by: Edgar E. Iglesias <edgar.iglesias@gmail.com>

xilinx_ethlite: Flush queued packets on SW service

Software services a received packet by clearing the CTRL_S bit in the RX_CTRLn
register. If this bit is cleared, flush any packets queued for the device.

Reported-by: John Williams <john.williams@xilinx.com>
Signed-off-by: Peter Crosthwaite <peter.crosthwaite@xilinx.com>
Signed-off-by: Edgar E. Iglesias <edgar.iglesias@gmail.com>

xilinx_ethlite: fix eth_can_rx() for ping-pong

The eth_can_rx() function only checks the first buffers status ("ping"). The
controller should be able to receive into "pong" when ping-pong is enabled.
Checks the active buffer (either "ping" or "pong") when determining can_rx()
rather than just testing "ping".

Signed-off-by: Peter Crosthwaite <peter.crosthwaite@xilinx.com>
Signed-off-by: Edgar E. Iglesias <edgar.iglesias@gmail.com>

Merge branch 'ppc-for-upstream' of git://repo.or.cz/qemu/agraf

* 'ppc-for-upstream' of git://repo.or.cz/qemu/agraf:
  PPC: e500: Select MPIC v4.2 on ppce500 platform
  PPC: e500: fix mpic_iack address
  openpic: add basic support for MPIC v4.2
  openpic: fix timer address decoding
  openpic: fix remaining issues from idr-to-destmask conversion
  pseries: Adjust default VIO address allocations to play better with libvirt
  pseries: Improve handling of multiple PCI host bridges
  target-ppc: Give a meaningful error if too many threads are specified
  cuda: Move ADB bus into CUDA state
  adb: QOM'ify ADB devices
  adb: QOM'ify Apple Desktop Bus
  cuda: QOM'ify CUDA
  ide/macio: QOM'ify MacIO IDE
  mac_nvram: QOM'ify MacIO NVRAM
  mac_nvram: Mark as Big Endian
  mac_nvram: Clean up public API
  macio: Split MacIO in two
  macio: Delay qdev init until all fields are initialized
  macio: QOM'ify some more
  ppc: Move Mac machines to hw/ppc/

tests: Add gcov support for x86_64 qtest

Since x86_64 is a superset of i386 and reuses all its test cases, adopt
all the i386 gcov source files as well, substituting their paths
appropriately.

Signed-off-by: Andreas Färber <afaerber@suse.de>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>