sdk/emulator/qemu.git
12 years agoUpdate kernel header script to include vfio
Alex Williamson [Wed, 26 Sep 2012 17:19:18 +0000 (11:19 -0600)]
Update kernel header script to include vfio

Signed-off-by: Alex Williamson <alex.williamson@redhat.com>
Acked-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
12 years agox86: Implement SMEP and SMAP
H. Peter Anvin [Wed, 26 Sep 2012 20:18:43 +0000 (13:18 -0700)]
x86: Implement SMEP and SMAP

This patch implements Supervisor Mode Execution Prevention (SMEP) and
Supervisor Mode Access Prevention (SMAP) for x86.  The purpose of the
patch, obviously, is to help kernel developers debug the support for
those features.

A fair bit of the code relates to the handling of CPUID features.  The
CPUID code probably would get greatly simplified if all the feature
bit words were unified into a single vector object, but in the
interest of producing a minimal patch for SMEP/SMAP, and because I had
very limited time for this project, I followed the existing style.

[ v2: don't change the definition of the qemu64 CPU shorthand, since
  that breaks loading old snapshots.  Per Anthony Liguori this can be
  fixed once the CPU feature set is snapshot.

  Change the coding style slightly to conform to checkpatch.pl. ]

Signed-off-by: H. Peter Anvin <hpa@linux.intel.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
12 years agoi386: -cpu help: remove reference to specific CPUID leaves/registers
Eduardo Habkost [Thu, 6 Sep 2012 10:05:39 +0000 (10:05 +0000)]
i386: -cpu help: remove reference to specific CPUID leaves/registers

The -cpu configuration interface is based on a list of feature names or
properties, on a single namespace, so there's no need to mention on
which CPUID leaf/register each flag is located.

Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
Reviewed-by: Don Slutz <Don@CloudSwitch.com>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
12 years agoi386: cpu: eliminate duplicate feature names
Eduardo Habkost [Thu, 6 Sep 2012 10:05:38 +0000 (10:05 +0000)]
i386: cpu: eliminate duplicate feature names

Instead of having duplicate feature names on the ext2_feature array for
the AMD feature bit aliases, we keep the feature names only on the
feature_name[] array, and copy the corresponding bits to
cpuid_ext2_features in case the CPU vendor is AMD.

This will:

- Make sure we don't set the feature bit aliases on Intel CPUs;
- Make it easier to convert feature bits to CPU properties, as now we
  have a single bit on the x86_def_t struct for each CPU feature.

Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
Reviewed-by: Don Slutz <Don@CloudSwitch.com>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
12 years agoi386: cpu: replace EXT2_FEATURE_MASK with CPUID_EXT2_AMD_ALIASES
Eduardo Habkost [Thu, 6 Sep 2012 10:05:37 +0000 (10:05 +0000)]
i386: cpu: replace EXT2_FEATURE_MASK with CPUID_EXT2_AMD_ALIASES

Both constants have the same value, but CPUID_EXT2_AMD_ALIASES is
defined without using magic numbers.

Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
Reviewed-by: Don Slutz <Don@CloudSwitch.com>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
12 years agoi386: kvm: use a #define for the set of alias feature bits
Eduardo Habkost [Thu, 6 Sep 2012 10:05:36 +0000 (10:05 +0000)]
i386: kvm: use a #define for the set of alias feature bits

Instea of using a hardcoded hex constant, define CPUID_EXT2_AMD_ALIASES
as the set of CPUID[8000_0001].EDX bits that on AMD are the same as the
bits of CPUID[1].EDX.

Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
Reviewed-By: Igor Mammedov <imammedo@redhat.com>
Reviewed-by: Don Slutz <Don@CloudSwitch.com>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
12 years agoi386: kvm: bit 10 of CPUID[8000_0001].EDX is reserved
Eduardo Habkost [Thu, 6 Sep 2012 10:05:35 +0000 (10:05 +0000)]
i386: kvm: bit 10 of CPUID[8000_0001].EDX is reserved

Bit 10 of CPUID[8000_0001].EDX is not defined as an alias of
CPUID[1].EDX[10], so do not duplicate it on
kvm_arch_get_supported_cpuid().

Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
Reviewed-By: Igor Mammedov <imammedo@redhat.com>
Reviewed-by: Don Slutz <Don@CloudSwitch.com>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
12 years agoMerge branch 'arm-devs.for-upstream' of git://git.linaro.org/people/pmaydell/qemu-arm
Aurelien Jarno [Thu, 27 Sep 2012 19:48:56 +0000 (21:48 +0200)]
Merge branch 'arm-devs.for-upstream' of git://git.linaro.org/people/pmaydell/qemu-arm

* 'arm-devs.for-upstream' of git://git.linaro.org/people/pmaydell/qemu-arm:
  Versatile Express: Add modelling of NOR flash
  Versatile Express: Fix NOR flash 0 address and remove flash alias
  hw/armv7m_nvic: Correctly register GIC region when setting up NVIC
  pl190: fix read of VECTADDR

12 years agotarget-s390x: Tidy cpu_dump_state
Richard Henderson [Mon, 24 Sep 2012 21:55:53 +0000 (14:55 -0700)]
target-s390x: Tidy cpu_dump_state

The blank lines inside the single dump make it difficult for the
eye to pick out the block.  Worse, with interior newlines, but
no blank line following, the PSW line appears to belong to the
next dump block.

Reviewed-by: Alexander Graf <agraf@suse.de>
Signed-off-by: Richard Henderson <rth@twiddle.net>
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
12 years agotarget-s390x: Avoid double CPU_LOG_TB_CPU
Richard Henderson [Mon, 24 Sep 2012 21:55:52 +0000 (14:55 -0700)]
target-s390x: Avoid double CPU_LOG_TB_CPU

This is already handled generically in cpu_exec.

Reviewed-by: Alexander Graf <agraf@suse.de>
Signed-off-by: Richard Henderson <rth@twiddle.net>
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
12 years agotarget-s390x: Use CPU_LOG_INT
Richard Henderson [Mon, 24 Sep 2012 21:55:51 +0000 (14:55 -0700)]
target-s390x: Use CPU_LOG_INT

Three places in the interrupt code did we not honor the mask.

Reviewed-by: Alexander Graf <agraf@suse.de>
Signed-off-by: Richard Henderson <rth@twiddle.net>
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
12 years agotarget-unicore32: Call tcg_gen_debug_insn_start
Richard Henderson [Mon, 24 Sep 2012 21:55:50 +0000 (14:55 -0700)]
target-unicore32: Call tcg_gen_debug_insn_start

Acked-by: Guan Xuetao <gxt@mprc.pku.edu.cn>
Signed-off-by: Richard Henderson <rth@twiddle.net>
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
12 years agotarget-s390x: Call tcg_gen_debug_insn_start
Richard Henderson [Mon, 24 Sep 2012 21:55:49 +0000 (14:55 -0700)]
target-s390x: Call tcg_gen_debug_insn_start

Cc: Alexander Graf <agraf@suse.de>
Signed-off-by: Richard Henderson <rth@twiddle.net>
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
12 years agotarget-m68k: Call tcg_gen_debug_insn_start
Richard Henderson [Mon, 24 Sep 2012 21:55:48 +0000 (14:55 -0700)]
target-m68k: Call tcg_gen_debug_insn_start

Cc: Paul Brook <paul@codesourcery.com>
Signed-off-by: Richard Henderson <rth@twiddle.net>
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
12 years agoEmit debug_insn for CPU_LOG_TB_OP_OPT as well.
Richard Henderson [Mon, 24 Sep 2012 21:55:47 +0000 (14:55 -0700)]
Emit debug_insn for CPU_LOG_TB_OP_OPT as well.

For all targets that currently call tcg_gen_debug_insn_start,
add CPU_LOG_TB_OP_OPT to the condition that gates it.

This is useful for comparing optimization dumps, when the
pre-optimization dump is merely noise.

Signed-off-by: Richard Henderson <rth@twiddle.net>
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
12 years agotci: Fix for AREG0 free mode
Stefan Weil [Tue, 18 Sep 2012 20:43:38 +0000 (22:43 +0200)]
tci: Fix for AREG0 free mode

Support for helper functions with 5 arguments was missing
in the code generator and in the interpreter.

There is no need to pass the constant TCG_AREG0 from the
code generator to the interpreter. Remove that code for
the INDEX_op_qemu_st* opcodes.

Signed-off-by: Stefan Weil <sw@weilnetz.de>
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
12 years agoVersatile Express: Add modelling of NOR flash
Francesco Lavra [Wed, 19 Sep 2012 05:57:21 +0000 (05:57 +0000)]
Versatile Express: Add modelling of NOR flash

This patch adds modelling of the two NOR flash banks found on the
Versatile Express motherboard. Tested with U-Boot running on an emulated
Versatile Express, with either A9 or A15 CoreTile.

Signed-off-by: Francesco Lavra <francescolavra.fl@gmail.com>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
12 years agoVersatile Express: Fix NOR flash 0 address and remove flash alias
Francesco Lavra [Wed, 19 Sep 2012 05:51:58 +0000 (05:51 +0000)]
Versatile Express: Fix NOR flash 0 address and remove flash alias

In the A series memory map (implemented in the Cortex A15 CoreTile), the
first NOR flash bank (flash 0) is mapped to address 0x08000000, while
address 0x00000000 can be configured as alias to either the first or the
second flash bank. This patch fixes the definition of flash 0 address,
and for simplicity removes the alias definition.

Signed-off-by: Francesco Lavra <francescolavra.fl@gmail.com>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
12 years agohw/armv7m_nvic: Correctly register GIC region when setting up NVIC
Meador Inge [Wed, 26 Sep 2012 15:46:28 +0000 (16:46 +0100)]
hw/armv7m_nvic: Correctly register GIC region when setting up NVIC

When setting up the NVIC memory regions the memory range
0x100..0xcff is aliased to an IO memory region that belongs
to the ARM GIC.  This aliased region should be added to the
NVIC memory container, but the actual GIC IO memory region
was being added instead.  This mixup was causing the wrong
IO memory access functions to be called when accessing parts
of the NVIC memory.

Signed-off-by: Meador Inge <meadori@codesourcery.com>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
12 years agopl190: fix read of VECTADDR
Brendan Fennell [Wed, 26 Sep 2012 15:46:28 +0000 (16:46 +0100)]
pl190: fix read of VECTADDR

Reading VECTADDR was causing us to set the current priority to
the wrong value, the most obvious effect of which was that we
would return the vector for the wrong interrupt as the result
of the read.

Signed-off-by: Brendan Fennell <bfennell@skynet.ie>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
12 years agoadd a boot parameter to set reboot timeout
Amos Kong [Fri, 7 Sep 2012 03:11:03 +0000 (11:11 +0800)]
add a boot parameter to set reboot timeout

Added an option to let qemu transfer a configuration file to bios,
"etc/boot-fail-wait", which could be specified by command
    -boot reboot-timeout=T
T have a max value of 0xffff, unit is ms.

With this option, guest will wait for a given time if not find
bootabled device, then reboot. If reboot-timeout is '-1', guest
will not reboot, qemu passes '-1' to bios by default.

This feature need the new seabios's support.

Seabios pulls the value from the fwcfg "file" interface, this
interface is used because SeaBIOS needs a reliable way of
obtaining a name, value size, and value. It in no way requires
that there be a real file on the user's host machine.

Signed-off-by: Amos Kong <akong@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
12 years agoClear handler only for valid fd
Orit Wasserman [Mon, 24 Sep 2012 11:11:10 +0000 (13:11 +0200)]
Clear handler only for valid fd

Signed-off-by: Orit Wasserman <owasserm@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
12 years agoFix address handling in inet_nonblocking_connect
Orit Wasserman [Mon, 24 Sep 2012 11:11:09 +0000 (13:11 +0200)]
Fix address handling in inet_nonblocking_connect

getaddrinfo can give us a list of addresses, but we only try to
connect to the first one. If that fails we never proceed to
the next one.  This is common on desktop setups that often have ipv6
configured but not actually working.

To fix this make inet_connect_nonblocking retry connection with a different
address.
callers on inet_nonblocking_connect register a callback function that will
be called when connect opertion completes, in case of failure the fd will have
a negative value

Signed-off-by: Orit Wasserman <owasserm@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
12 years agoSeparate inet_connect into inet_connect (blocking) and inet_nonblocking_connect
Orit Wasserman [Mon, 24 Sep 2012 11:11:08 +0000 (13:11 +0200)]
Separate inet_connect into inet_connect (blocking) and inet_nonblocking_connect

No need to add non blocking parameters to the blocking inet_connect
add block parameter for inet_connect_opts instead of using QemuOpt "block".

Signed-off-by: Orit Wasserman <owasserm@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
12 years agoRefactor inet_connect_opts function
Michael S. Tsirkin [Mon, 24 Sep 2012 11:11:07 +0000 (13:11 +0200)]
Refactor inet_connect_opts function

refactor address resolution code to fix nonblocking connect
remove getnameinfo call

Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Amos Kong <akong@redhat.com>
Signed-off-by: Orit Wasserman <owasserm@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
12 years agoconfigure: Allow builds without any system or user emulation
Stefan Weil [Fri, 14 Sep 2012 17:02:30 +0000 (19:02 +0200)]
configure: Allow builds without any system or user emulation

The old code aborted configure when no emulation target was selected.
Even after removing the 'exit 1', it tried to read from STDIN
when QEMU was configured with

    configure' '--disable-user' '--disable-system'

This is fixed here.

Signed-off-by: Stefan Weil <sw@weilnetz.de>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
12 years agoivshmem: add 64bit option
Gerd Hoffmann [Thu, 13 Sep 2012 09:08:02 +0000 (11:08 +0200)]
ivshmem: add 64bit option

This patch adds a "use64" property which will make the ivshmem driver
register a 64bit memory bar when set, so you have something to play with
when testing 64bit pci bits.  It also allows to have quite big shared
memory regions, like this:

[root@fedora ~]# lspci -vs1:1
01:01.0 RAM memory: Red Hat, Inc Device 1110
        Subsystem: Red Hat, Inc Device 1100
        Physical Slot: 1-1
        Flags: fast devsel
        Memory at fd400000 (32-bit, non-prefetchable) [disabled] [size=256]
        Memory at 8040000000 (64-bit, prefetchable) [size=1G]

[ v5: rebase, update compat property for post-1.2 merge ]
[ v4: rebase & adapt to latest master again ]
[ v3: rebase & adapt to latest master ]
[ v2: default to on as suggested by avi,
      turn off for pc-$old using compat property ]

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Tested-by: Cam Macdonell <cam@cs.ualberta.ca>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
12 years agocompat: turn off msi/msix on xhci for old machine types
Gerd Hoffmann [Thu, 13 Sep 2012 09:08:01 +0000 (11:08 +0200)]
compat: turn off msi/msix on xhci for old machine types

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
12 years agoadd pc-1.3 machine type
Gerd Hoffmann [Thu, 13 Sep 2012 09:08:00 +0000 (11:08 +0200)]
add pc-1.3 machine type

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
12 years agoCleanup unused global var qemu_system_powerdown
Igor Mammedov [Wed, 5 Sep 2012 21:06:25 +0000 (23:06 +0200)]
Cleanup unused global var qemu_system_powerdown

All deps that used global qemu_system_powerdown var are now converted
to notifiers, so remove it.

Signed-off-by: Igor Mammedov <imammedo@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
12 years agotarget-sparc: use notifier for signaling guest system_powerdown command
Igor Mammedov [Wed, 5 Sep 2012 21:06:24 +0000 (23:06 +0200)]
target-sparc: use notifier for signaling guest system_powerdown command

Signed-off-by: Igor Mammedov <imammedo@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
12 years agotarget-arm: use notifier for signaling guest system_powerdown command
Igor Mammedov [Wed, 5 Sep 2012 21:06:23 +0000 (23:06 +0200)]
target-arm: use notifier for signaling guest system_powerdown command

Acked-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Igor Mammedov <imammedo@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
12 years agoacpi: use notifier for signaling guest system_powerdown command
Igor Mammedov [Wed, 5 Sep 2012 21:06:22 +0000 (23:06 +0200)]
acpi: use notifier for signaling guest system_powerdown command

In addition, there is no need to allocate an extra irq just for
rising SCI in irq handler. Just rise SCI right from notifier
handler instead.

Signed-off-by: Igor Mammedov <imammedo@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
12 years agoIntroduce powerdown_notifiers
Igor Mammedov [Wed, 5 Sep 2012 21:06:21 +0000 (23:06 +0200)]
Introduce powerdown_notifiers

Notifier will be used for signaling powerdown request to guest in
a more general way and intended to replace very specific
qemu_irq_rise(qemu_system_powerdown) and will allow to remove global
variable qemu_system_powerdown.

Signed-off-by: Igor Mammedov <imammedo@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
12 years agoMerge remote-tracking branch 'origin/master' into staging
Anthony Liguori [Tue, 25 Sep 2012 23:12:07 +0000 (18:12 -0500)]
Merge remote-tracking branch 'origin/master' into staging

* origin/master:
  tcg/i386: fix build with -march < i686
  tcg: Streamline movcond_i64 using movcond_i32
  tcg: Streamline movcond_i64 using 32-bit arithmetic
  tcg: Sanity check goto_tb input
  tcg: Sanity check deposit inputs
  tcg: Add tcg_debug_assert
  tcg: Implement concat*_i64 with deposit_i64
  tcg: Emit XORI as NOT for appropriate constants
  tcg: Optimize initial inputs for ori_i64
  tcg: Emit ANDI as EXTU for appropriate constants
  tcg: Adjust descriptions of *cond opcodes
  tcg/mips: fix MIPS32(R2) detection

12 years agotcg/i386: fix build with -march < i686
Aurelien Jarno [Tue, 25 Sep 2012 22:30:12 +0000 (00:30 +0200)]
tcg/i386: fix build with -march < i686

The movcond_i32 op has to be protected with TCG_TARGET_HAS_movcond_i32
to fix the build with -march < i686.

Thanks to Richard Henderson for the hint.

Reported-by: Alex Barcelo <abarcelo@ac.upc.edu>
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
12 years agotcg: Streamline movcond_i64 using movcond_i32
Richard Henderson [Mon, 24 Sep 2012 20:45:00 +0000 (13:45 -0700)]
tcg: Streamline movcond_i64 using movcond_i32

When movcond_i32 is available we can further reduce the generated
op count from 12 to 6, and the generated code size on i686 from
88 to 74 bytes.

Signed-off-by: Richard Henderson <rth@twiddle.net>
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
12 years agotcg: Streamline movcond_i64 using 32-bit arithmetic
Richard Henderson [Mon, 24 Sep 2012 20:44:59 +0000 (13:44 -0700)]
tcg: Streamline movcond_i64 using 32-bit arithmetic

Avoiding 64-bit arithmetic (outside of the compare) reduces the
generated op count from 15 to 12, and the generated code size on
i686 from 105 to 88 bytes.

Signed-off-by: Richard Henderson <rth@twiddle.net>
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
12 years agotcg: Sanity check goto_tb input
Richard Henderson [Sat, 22 Sep 2012 00:18:16 +0000 (17:18 -0700)]
tcg: Sanity check goto_tb input

Checking that we don't try for idx != [01] is trivial.  Checking
that we don't issue more than one of any index requires a tad
more data and some ifdefs protecting that new variable.

Signed-off-by: Richard Henderson <rth@twiddle.net>
Cc: Max Filippov <jcmvbkbc@gmail.com>
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
12 years agotcg: Sanity check deposit inputs
Richard Henderson [Sat, 22 Sep 2012 00:18:15 +0000 (17:18 -0700)]
tcg: Sanity check deposit inputs

Given these are constants, checking once here means everything
after can assume they're correct.

Signed-off-by: Richard Henderson <rth@twiddle.net>
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
12 years agotcg: Add tcg_debug_assert
Richard Henderson [Sat, 22 Sep 2012 00:18:14 +0000 (17:18 -0700)]
tcg: Add tcg_debug_assert

Like the C assert macro, except only enabled for CONFIG_DEBUG_TCG,
and without having to set _NDEBUG and disable all other asserts at
the same time.

The use of __builtin_unreachable (when available) gives the compiler
the same information, which may (or may not) help it optimize better.

Signed-off-by: Richard Henderson <rth@twiddle.net>
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
12 years agotcg: Implement concat*_i64 with deposit_i64
Richard Henderson [Sat, 22 Sep 2012 00:18:13 +0000 (17:18 -0700)]
tcg: Implement concat*_i64 with deposit_i64

For tcg_gen_concat_i32_i64 we only use deposit if the host supports it.
For tcg_gen_concat32_i64 even if the host does not, as we get identical
code before and after.

Note that this relies on the ANDI -> EXTU patch for the identity claim.

Signed-off-by: Richard Henderson <rth@twiddle.net>
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
12 years agotcg: Emit XORI as NOT for appropriate constants
Richard Henderson [Sat, 22 Sep 2012 00:18:12 +0000 (17:18 -0700)]
tcg: Emit XORI as NOT for appropriate constants

Note that xori_i64 failed to perform even the minimal
optimizations promised by the README.

Signed-off-by: Richard Henderson <rth@twiddle.net>
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
12 years agotcg: Optimize initial inputs for ori_i64
Richard Henderson [Sat, 22 Sep 2012 00:18:11 +0000 (17:18 -0700)]
tcg: Optimize initial inputs for ori_i64

Copy the same optimizations from ori_i32.

Signed-off-by: Richard Henderson <rth@twiddle.net>
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
12 years agotcg: Emit ANDI as EXTU for appropriate constants
Richard Henderson [Sat, 22 Sep 2012 00:18:10 +0000 (17:18 -0700)]
tcg: Emit ANDI as EXTU for appropriate constants

Note that andi_i64 failed to perform even the minimal
optimizations promised by the README.

Signed-off-by: Richard Henderson <rth@twiddle.net>
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
12 years agotcg: Adjust descriptions of *cond opcodes
Richard Henderson [Sat, 22 Sep 2012 00:18:09 +0000 (17:18 -0700)]
tcg: Adjust descriptions of *cond opcodes

The README file documented the operand ordering of the tcg_gen_*
functions.  Since we're documenting opcodes here, use the true
operand ordering.

Signed-off-by: Richard Henderson <rth@twiddle.net>
Cc: malc <av1474@comtv.ru>
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
12 years agotcg/mips: fix MIPS32(R2) detection
Aurelien Jarno [Sat, 22 Sep 2012 21:08:38 +0000 (23:08 +0200)]
tcg/mips: fix MIPS32(R2) detection

Fix the MIPS32(R2) cpu detection so that it also works with
-march=octeon. Thanks to Andrew Pinski for the hint.

Cc: Andrew Pinski <apinski@cavium.com>
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
12 years agoMerge remote-tracking branch 'kwolf/for-anthony' into staging
Anthony Liguori [Tue, 25 Sep 2012 21:06:16 +0000 (16:06 -0500)]
Merge remote-tracking branch 'kwolf/for-anthony' into staging

* kwolf/for-anthony:
  block: remove keep_read_only flag from BlockDriverState struct
  block: convert bdrv_commit() to use bdrv_reopen()
  block: vpc image file reopen
  block: vdi image file reopen
  block: vmdk image file reopen
  block: qcow image file reopen
  block: qcow2 image file reopen
  block: qed image file reopen
  block: raw image file reopen
  block: raw-posix image file reopen
  block: purge s->aligned_buf and s->aligned_buf_size from raw-posix.c
  block: use BDRV_O_NOCACHE instead of s->aligned_buf in raw-posix.c
  block: do not parse BDRV_O_CACHE_WB in block drivers
  block: move open flag parsing in raw block drivers to helper functions
  block: move aio initialization into a helper function
  block: Framework for reopening files safely
  block: make bdrv_set_enable_write_cache() modify open_flags
  block: correctly set the keep_read_only flag
  blockdev: preserve readonly and snapshot states across media changes

12 years agoMerge remote-tracking branch 'stefanha/trivial-patches' into staging
Anthony Liguori [Tue, 25 Sep 2012 21:06:16 +0000 (16:06 -0500)]
Merge remote-tracking branch 'stefanha/trivial-patches' into staging

* stefanha/trivial-patches:
  w32: Always use standard instead of native format strings
  net/socket: Fix compiler warning (regression for MinGW)
  linux-user: Remove redundant null check and replace free by g_free
  qemu-timer: simplify qemu_run_timers
  TextConsole: saturate escape parameter in TTY_STATE_CSI
  curses: don't initialize curses when qemu is daemonized
  dtrace backend: add function to reserved words
  pflash_cfi01: Fix warning caused by unreachable code
  ioh3420: Remove unreachable code
  lm4549: Fix buffer overflow
  cadence_uart: Fix buffer overflow
  qemu-sockets: Fix potential memory leak
  qemu-ga: Remove unreachable code after g_error
  target-i386: Allow tsc-frequency to be larger then 2.147G

12 years agoMerge remote-tracking branch 'afaerber/qom-cpu' into staging
Anthony Liguori [Tue, 25 Sep 2012 21:06:16 +0000 (16:06 -0500)]
Merge remote-tracking branch 'afaerber/qom-cpu' into staging

* afaerber/qom-cpu:
  target-alpha: Initialize env->cpu_model_str
  target-i386: Drop unused setscalar() macro
  target-i386: Kill cpudef config section support
  target-i386: x86_cpudef_setup() coding style change
  Eliminate cpus-x86_64.conf file
  target-i386: Move CPU models from cpus-x86_64.conf to C
  target-i386: Add missing CPUID_* constants
  Drop cpu_list_id macro
  target-i386: Fold -cpu ?cpuid, ?model output into -cpu help, drop ?dump
  MAINTAINERS: Add entry for QOM CPU

12 years agoMerge remote-tracking branch 'bonzini/scsi-next' into staging
Anthony Liguori [Tue, 25 Sep 2012 21:06:16 +0000 (16:06 -0500)]
Merge remote-tracking branch 'bonzini/scsi-next' into staging

* bonzini/scsi-next:
  SCSI: Standard INQUIRY data should report HiSup flag as set.
  scsi-disk: use scsi_data_cdb_length
  scsi: introduce scsi_cdb_length and scsi_data_cdb_length
  scsi-disk: fix check for out-of-range LBA
  scsi-disk: introduce check_lba_range
  iSCSI: We dont need to explicitely call qemu_notify_event() any more
  iSCSI: We need to support SG_IO also from iscsi_ioctl()

12 years agoMerge remote-tracking branch 'bonzini/nbd-next' into staging
Anthony Liguori [Tue, 25 Sep 2012 21:06:15 +0000 (16:06 -0500)]
Merge remote-tracking branch 'bonzini/nbd-next' into staging

* bonzini/nbd-next:
  nbd: add nbd_export_get_blockdev
  nbd: negotiate with named exports
  nbd: register named exports
  qemu-nbd: rewrite termination conditions to use a state machine
  nbd: add notification for closing an NBDExport
  nbd: track clients into NBDExport
  nbd: add reference counting to NBDExport
  nbd: do not leak nbd_trip coroutines when a connection is torn down
  nbd: make refcount interface public
  nbd: do not close BlockDriverState in nbd_export_close
  nbd: pass NBDClient to nbd_send_negotiate
  nbd: add more constants

12 years agoblock: remove keep_read_only flag from BlockDriverState struct
Jeff Cody [Thu, 20 Sep 2012 19:13:35 +0000 (15:13 -0400)]
block: remove keep_read_only flag from BlockDriverState struct

The keep_read_only flag is no longer used, in favor of the bdrv
flag BDRV_O_ALLOW_RDWR.

Signed-off-by: Jeff Cody <jcody@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
12 years agoblock: convert bdrv_commit() to use bdrv_reopen()
Jeff Cody [Thu, 20 Sep 2012 19:13:34 +0000 (15:13 -0400)]
block: convert bdrv_commit() to use bdrv_reopen()

Currently, bdrv_commit() reopens images r/w itself, via risky
_delete() and _open() calls. Use the new safe method for drive reopen.

Signed-off-by: Jeff Cody <jcody@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
12 years agoblock: vpc image file reopen
Jeff Cody [Thu, 20 Sep 2012 19:13:33 +0000 (15:13 -0400)]
block: vpc image file reopen

There is currently nothing that needs to be done for VPC image
file reopen.

Signed-off-by: Jeff Cody <jcody@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
12 years agoblock: vdi image file reopen
Jeff Cody [Thu, 20 Sep 2012 19:13:32 +0000 (15:13 -0400)]
block: vdi image file reopen

There is currently nothing that needs to be done for VDI reopen.

Signed-off-by: Jeff Cody <jcody@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
12 years agoblock: vmdk image file reopen
Jeff Cody [Thu, 20 Sep 2012 19:13:30 +0000 (15:13 -0400)]
block: vmdk image file reopen

This patch supports reopen for VMDK image files.  VMDK extents are added
to the existing reopen queue, so that the transactional model of reopen
is maintained with multiple image files.

Signed-off-by: Jeff Cody <jcody@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
12 years agoblock: qcow image file reopen
Jeff Cody [Thu, 20 Sep 2012 19:13:29 +0000 (15:13 -0400)]
block: qcow image file reopen

These are the stubs for the file reopen drivers for the qcow format.

There is currently nothing that needs to be done by the qcow driver
in reopen.

Signed-off-by: Jeff Cody <jcody@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
12 years agoblock: qcow2 image file reopen
Jeff Cody [Thu, 20 Sep 2012 19:13:28 +0000 (15:13 -0400)]
block: qcow2 image file reopen

These are the stubs for the file reopen drivers for the qcow2 format.

There is currently nothing that needs to be done by the qcow2 driver
in reopen.

Signed-off-by: Jeff Cody <jcody@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
12 years agoblock: qed image file reopen
Jeff Cody [Thu, 20 Sep 2012 19:13:27 +0000 (15:13 -0400)]
block: qed image file reopen

These are the stubs for the file reopen drivers for the qed format.

There is currently nothing that needs to be done by the qed driver
in reopen.

Signed-off-by: Jeff Cody <jcody@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
12 years agoblock: raw image file reopen
Jeff Cody [Thu, 20 Sep 2012 19:13:26 +0000 (15:13 -0400)]
block: raw image file reopen

These are the stubs for the file reopen drivers for the raw format.

There is currently nothing that needs to be done by the raw driver
in reopen.

Signed-off-by: Jeff Cody <jcody@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
12 years agoblock: raw-posix image file reopen
Jeff Cody [Thu, 20 Sep 2012 19:13:25 +0000 (15:13 -0400)]
block: raw-posix image file reopen

This is derived from the Supriya Kannery's reopen patches.

This contains the raw-posix driver changes for the bdrv_reopen_*
functions.  All changes are staged into a temporary scratch buffer
during the prepare() stage, and copied over to the live structure
during commit().  Upon abort(), all changes are abandoned, and the
live structures are unmodified.

The _prepare() will create an extra fd - either by means of a dup,
if possible, or opening a new fd if not (for instance, access
control changes).  Upon _commit(), the original fd is closed and
the new fd is used.  Upon _abort(), the duplicate/new fd is closed.

Signed-off-by: Jeff Cody <jcody@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
12 years agoblock: purge s->aligned_buf and s->aligned_buf_size from raw-posix.c
Jeff Cody [Thu, 20 Sep 2012 19:13:24 +0000 (15:13 -0400)]
block: purge s->aligned_buf and s->aligned_buf_size from raw-posix.c

The aligned_buf pointer and aligned_buf size are no longer used in
raw_posix.c, so remove all references to them.

Signed-off-by: Jeff Cody <jcody@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
12 years agoblock: use BDRV_O_NOCACHE instead of s->aligned_buf in raw-posix.c
Jeff Cody [Thu, 20 Sep 2012 19:13:23 +0000 (15:13 -0400)]
block: use BDRV_O_NOCACHE instead of s->aligned_buf in raw-posix.c

Rather than check for a non-NULL aligned_buf to determine if
raw_aio_submit needs to check for alignment, check for the presence
of BDRV_O_NOCACHE in the bs->open_flags.

Signed-off-by: Jeff Cody <jcody@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
12 years agoblock: do not parse BDRV_O_CACHE_WB in block drivers
Jeff Cody [Thu, 20 Sep 2012 19:13:22 +0000 (15:13 -0400)]
block: do not parse BDRV_O_CACHE_WB in block drivers

Block drivers should ignore BDRV_O_CACHE_WB in .bdrv_open flags,
and in the bs->open_flags.

This patch removes the code, leaving the behaviour behind as if
BDRV_O_CACHE_WB was set.

Signed-off-by: Jeff Cody <jcody@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
12 years agoblock: move open flag parsing in raw block drivers to helper functions
Jeff Cody [Thu, 20 Sep 2012 19:13:21 +0000 (15:13 -0400)]
block: move open flag parsing in raw block drivers to helper functions

Code motion, to move parsing of open flags into a helper function.

Signed-off-by: Jeff Cody <jcody@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
12 years agoblock: move aio initialization into a helper function
Jeff Cody [Thu, 20 Sep 2012 19:13:20 +0000 (15:13 -0400)]
block: move aio initialization into a helper function

Move AIO initialization for raw-posix block driver into a helper function.

In addition to just code motion, the aio_ctx pointer is checked for NULL,
prior to calling laio_init(), to make sure laio_init() is only run once.

Signed-off-by: Jeff Cody <jcody@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
12 years agoblock: Framework for reopening files safely
Jeff Cody [Thu, 20 Sep 2012 19:13:19 +0000 (15:13 -0400)]
block: Framework for reopening files safely

This is based on Supriya Kannery's bdrv_reopen() patch series.

This provides a transactional method to reopen multiple
images files safely.

Image files are queue for reopen via bdrv_reopen_queue(), and the
reopen occurs when bdrv_reopen_multiple() is called.  Changes are
staged in bdrv_reopen_prepare() and in the equivalent driver level
functions.  If any of the staged images fails a prepare, then all
of the images left untouched, and the staged changes for each image
abandoned.

Block drivers are passed a reopen state structure, that contains:
    * BDS to reopen
    * flags for the reopen
    * opaque pointer for any driver-specific data that needs to be
      persistent from _prepare to _commit/_abort
    * reopen queue pointer, if the driver needs to queue additional
      BDS for a reopen

Signed-off-by: Jeff Cody <jcody@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
12 years agoblock: make bdrv_set_enable_write_cache() modify open_flags
Jeff Cody [Thu, 20 Sep 2012 19:13:18 +0000 (15:13 -0400)]
block: make bdrv_set_enable_write_cache() modify open_flags

bdrv_set_enable_write_cache() sets the bs->enable_write_cache flag,
but without the flag recorded in bs->open_flags, then next time
a reopen() is performed the enable_write_cache setting may be
inadvertently lost.

This will set the flag in open_flags, so it is preserved across
reopens.

Signed-off-by: Jeff Cody <jcody@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
12 years agoblock: correctly set the keep_read_only flag
Jeff Cody [Thu, 20 Sep 2012 19:13:17 +0000 (15:13 -0400)]
block: correctly set the keep_read_only flag

I believe the bs->keep_read_only flag is supposed to reflect
the initial open state of the device. If the device is initially
opened R/O, then commit operations, or reopen operations changing
to R/W, are prohibited.

Currently, the keep_read_only flag is only accurate for the active
layer, and its backing file. Subsequent images end up always having
the keep_read_only flag set.

For instance, what happens now:

[  base  ]  kro = 1, ro = 1
    |
    v
[ snap-1 ]  kro = 1, ro = 1
    |
    v
[ snap-2 ]  kro = 0, ro = 1
    |
    v
[ active ]  kro = 0, ro = 0

What we want:

[  base  ]  kro = 0, ro = 1
    |
    v
[ snap-1 ]  kro = 0, ro = 1
    |
    v
[ snap-2 ]  kro = 0, ro = 1
    |
    v
[ active ]  kro = 0, ro = 0

Signed-off-by: Jeff Cody <jcody@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
12 years agoblockdev: preserve readonly and snapshot states across media changes
Kevin Shanahan [Thu, 20 Sep 2012 23:20:22 +0000 (08:50 +0930)]
blockdev: preserve readonly and snapshot states across media changes

If readonly=on is given at device creation time, the ->readonly flag
needs to be set in the block driver state for this device so that
readonly-ness is preserved across media changes (qmp change command).
Similarly, to preserve the snapshot property requires ->open_flags to
be correct.

Signed-off-by: Kevin Shanahan <kmshanah@disenchant.net>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
12 years agow32: Add implementation of gmtime_r, localtime_r
Stefan Weil [Sat, 22 Sep 2012 20:26:19 +0000 (22:26 +0200)]
w32: Add implementation of gmtime_r, localtime_r

Those functions are missing in MinGW.

Some versions of MinGW-w64 include defines for gmtime_r and localtime_r.
Older versions of these macros are buggy (they return a pointer to a
static variable), therefore we don't want them. Newer versions are
similar to the code used here, but without the memset.

The implementation which is used here is not strictly reentrant,
but sufficiently good for QEMU on w32 or w64.

Signed-off-by: Stefan Weil <sw@weilnetz.de>
[blauwirbel@gmail.com: added comment about locking]
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
12 years agow32: Always use standard instead of native format strings
Stefan Weil [Wed, 22 Aug 2012 19:42:32 +0000 (21:42 +0200)]
w32: Always use standard instead of native format strings

GLib 2.0 include files use __printf__ for the format attribute
which resolves to native format strings on w32 hosts.

QEMU wants standard format strings instead of native format
strings, so we simply change any declaration with __printf__
to use __gnu_printf__.

This works because all basic printf functions support both
kinds of format strings.

This fixes a compiler warning:

qapi/string-output-visitor.c: In function ‘print_type_int’:
qapi/string-output-visitor.c:34:5: warning: unknown conversion type character ‘l’ in format [-Wformat]
qapi/string-output-visitor.c:34:5: warning: too many arguments for format [-Wformat-extra-args]

Signed-off-by: Stefan Weil <sw@weilnetz.de>
Signed-off-by: Stefan Hajnoczi <stefanha@gmail.com>
12 years agonet/socket: Fix compiler warning (regression for MinGW)
Stefan Weil [Sat, 22 Sep 2012 19:13:28 +0000 (21:13 +0200)]
net/socket: Fix compiler warning (regression for MinGW)

Commit 213fd5087e2e4e2da10ad266df0ba950cf7618bf removed a type cast
which is needed for MinGW:

net/socket.c:136: warning:
 pointer targets in passing argument 2 of ‘sendto’ differ in signedness
/usr/lib/gcc/amd64-mingw32msvc/4.4.4/../../../../amd64-mingw32msvc/include/winsock2.h:1313: note:
 expected ‘const char *’ but argument is of type ‘const uint8_t *’

Add a 'qemu_sendto' macro which provides that type cast where needed
and use the new macro instead of 'sendto'.

Signed-off-by: Stefan Weil <sw@weilnetz.de>
Signed-off-by: Stefan Hajnoczi <stefanha@gmail.com>
12 years agolinux-user: Remove redundant null check and replace free by g_free
Stefan Weil [Tue, 4 Sep 2012 20:14:19 +0000 (22:14 +0200)]
linux-user: Remove redundant null check and replace free by g_free

Report from smatch:

linux-user/syscall.c:3632 do_ioctl_dm(220) info:
 redundant null check on big_buf calling free()

'big_buf' was allocated by g_malloc0, therefore free was also
replaced by g_free.

Signed-off-by: Stefan Weil <sw@weilnetz.de>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Stefan Hajnoczi <stefanha@gmail.com>
12 years agoqemu-timer: simplify qemu_run_timers
Paolo Bonzini [Wed, 19 Sep 2012 13:52:44 +0000 (15:52 +0200)]
qemu-timer: simplify qemu_run_timers

ptimer_head is an invariant pointer to clock->active_timers.
Remove it, and just reference clock->active_timers directly.

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Stefan Hajnoczi <stefanha@gmail.com>
12 years agoTextConsole: saturate escape parameter in TTY_STATE_CSI
Laszlo Ersek [Mon, 17 Sep 2012 09:10:03 +0000 (11:10 +0200)]
TextConsole: saturate escape parameter in TTY_STATE_CSI

Signed-off-by: Laszlo Ersek <lersek@redhat.com>
Reviewed-by: Markus Armbruster <armbru@redhat.com>
Signed-off-by: Stefan Hajnoczi <stefanha@gmail.com>
12 years agocurses: don't initialize curses when qemu is daemonized
Hitoshi Mitake [Fri, 14 Sep 2012 16:15:41 +0000 (01:15 +0900)]
curses: don't initialize curses when qemu is daemonized

Current qemu initializes curses even if -daemonize option is
passed. This cause problem because shell prompt appears without
calling endwin().

This patch adds new function, is_daemonized(), to OS dependent
code. With this function, curses_display_init() can check that qemu is
daemonized or not. If daemonized, curses_display_init() isn't called
and the problem is avoided.

Of course, -daemonize && -curses doesn't make sense. Users shouldn't
pass the arguments at the same time. But the problem is very painful
because Ctrl-C cannot be delivered to the terminal.

Cc: Andrzej Zaborowski <balrog@zabor.org>
Cc: Stefan Hajnoczi <stefanha@gmail.com>
Cc: Anthony Liguori <aliguori@us.ibm.com>
Cc: Michael Roth <mdroth@linux.vnet.ibm.com>
Signed-off-by: Hitoshi Mitake <h.mitake@gmail.com>
Signed-off-by: Stefan Hajnoczi <stefanha@gmail.com>
12 years agodtrace backend: add function to reserved words
Alon Levy [Sat, 1 Sep 2012 23:04:16 +0000 (02:04 +0300)]
dtrace backend: add function to reserved words

Signed-off-by: Alon Levy <alevy@redhat.com>
Signed-off-by: Stefan Hajnoczi <stefanha@gmail.com>
12 years agopflash_cfi01: Fix warning caused by unreachable code
Stefan Weil [Sat, 1 Sep 2012 11:00:48 +0000 (13:00 +0200)]
pflash_cfi01: Fix warning caused by unreachable code

Report from smatch:
hw/pflash_cfi01.c:431 pflash_write(180) info: ignoring unreachable code.

Instead of removing the return statement after the switch statement,
the patch replaces the return statements in the switch statement by
break statements. Other switch statements in the same code do it also
like that.

Signed-off-by: Stefan Weil <sw@weilnetz.de>
Signed-off-by: Stefan Hajnoczi <stefanha@gmail.com>
12 years agoioh3420: Remove unreachable code
Stefan Weil [Sat, 1 Sep 2012 10:56:03 +0000 (12:56 +0200)]
ioh3420: Remove unreachable code

Report from smatch:
hw/ioh3420.c:128 ioh3420_initfn(35) info: ignoring unreachable code.

Signed-off-by: Stefan Weil <sw@weilnetz.de>
Reviewed-by: Juan Quintela <quintela@redhat.com>
Signed-off-by: Stefan Hajnoczi <stefanha@gmail.com>
12 years agolm4549: Fix buffer overflow
Stefan Weil [Sat, 1 Sep 2012 10:43:41 +0000 (12:43 +0200)]
lm4549: Fix buffer overflow

Report from smatch:
lm4549.c:234 lm4549_write_samples(14) error:
 buffer overflow 's->buffer' 1024 <= 1024

There must be enough space to add two entries starting with index
s->buffer_level, therefore the old check was wrong.

[Peter Maydell <peter.maydell@linaro.org> clarifies the nature of the
analyser warning:

I don't object to making the change to placate the analyser,
but I don't think this is actually a buffer overrun. We always
add and remove samples from the buffer two at a time, so it's
not possible to get here with s->buffer_level == BUFFER_SIZE-1
(which is the only case where the old and new conditions
give different answers).]

Signed-off-by: Stefan Weil <sw@weilnetz.de>
Signed-off-by: Stefan Hajnoczi <stefanha@gmail.com>
12 years agocadence_uart: Fix buffer overflow
Stefan Weil [Sat, 1 Sep 2012 09:12:23 +0000 (11:12 +0200)]
cadence_uart: Fix buffer overflow

Report from smatch:
hw/cadence_uart.c:413 uart_read(13) error: buffer overflow 's->r' 18 <= 18

This fixes read access to s->r[R_MAX] which is behind the limits of s->r.

Signed-off-by: Stefan Weil <sw@weilnetz.de>
Signed-off-by: Stefan Hajnoczi <stefanha@gmail.com>
12 years agoqemu-sockets: Fix potential memory leak
Stefan Weil [Sat, 1 Sep 2012 07:40:26 +0000 (09:40 +0200)]
qemu-sockets: Fix potential memory leak

The old code leaks variable 'peer'.

Signed-off-by: Stefan Weil <sw@weilnetz.de>
Signed-off-by: Stefan Hajnoczi <stefanha@gmail.com>
12 years agoqemu-ga: Remove unreachable code after g_error
Stefan Weil [Sat, 1 Sep 2012 07:34:15 +0000 (09:34 +0200)]
qemu-ga: Remove unreachable code after g_error

Report from smatch:
qemu-ga.c:117 register_signal_handlers(11) info: ignoring unreachable code.
qemu-ga.c:122 register_signal_handlers(16) info: ignoring unreachable code.

g_error calls abort which terminates the program.

Signed-off-by: Stefan Weil <sw@weilnetz.de>
Signed-off-by: Stefan Hajnoczi <stefanha@gmail.com>
12 years agotarget-i386: Allow tsc-frequency to be larger then 2.147G
Don Slutz [Sat, 22 Sep 2012 00:13:13 +0000 (20:13 -0400)]
target-i386: Allow tsc-frequency to be larger then 2.147G

The check using INT_MAX (2147483647) is wrong in this case.

Signed-off-by: Fred Oliveira <foliveira@cloudswitch.com>
Signed-off-by: Don Slutz <Don@CloudSwitch.com>
Signed-off-by: Stefan Hajnoczi <stefanha@gmail.com>
12 years agoaudio: Fix warning from static code analysis
Stefan Weil [Mon, 3 Sep 2012 09:25:16 +0000 (09:25 +0000)]
audio: Fix warning from static code analysis

smatch report:
audio/audio_template.h:416 AUD_open_out(18) warn:
 variable dereferenced before check 'as' (see line 414)

Moving the ldebug statement after the statement which checks 'as'
fixes that warning.

Signed-off-by: Stefan Weil <sw@weilnetz.de>
Signed-off-by: malc <av1474@comtv.ru>
12 years agoMerge branch 'tcg-sparc' of git://repo.or.cz/qemu/rth
Blue Swirl [Sat, 22 Sep 2012 17:59:15 +0000 (17:59 +0000)]
Merge branch 'tcg-sparc' of git://repo.or.cz/qemu/rth

* 'tcg-sparc' of git://repo.or.cz/qemu/rth:
  tcg-sparc: Preserve branch destinations during retranslation
  tcg-sparc: Fix and enable direct TB chaining.
  tcg-sparc: Add %g/%o registers to alloc_order
  tcg-sparc: Use defines for temporaries.
  tcg-sparc: Mask shift immediates to avoid illegal insns.
  tcg-sparc: Clean up cruft stemming from attempts to use global registers.
  tcg-sparc: Change AREG0 in generated code to %i0.
  tcg-sparc: Support GUEST_BASE.
  tcg-sparc: Fix qemu_ld/st to handle 32-bit host.
  tcg-sparc: Assume v9 cpu always, i.e. force v8plus in 32-bit mode.
  tcg-sparc: Don't MAP_FIXED on top of the program
  tcg-sparc: Fix ADDX opcode.
  tcg-sparc: Hack in qemu_ld/st64 for 32-bit.
  linux-user: Use memcpy in get_user/put_user.

12 years agotarget-xtensa: implement coprocessor context option
Max Filippov [Wed, 19 Sep 2012 00:23:59 +0000 (04:23 +0400)]
target-xtensa: implement coprocessor context option

In case Coprocessor Context option is enabled CPENABLE SR bits control
whether access to coprocessors is allowed or would rise one of
CoprocessorXDisabled exceptions.

See ISA, 4.4.5 for more details.

FP is coprocessor 0.

Signed-off-by: Max Filippov <jcmvbkbc@gmail.com>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
12 years agotarget-xtensa: implement FP1 group
Max Filippov [Wed, 19 Sep 2012 00:23:58 +0000 (04:23 +0400)]
target-xtensa: implement FP1 group

These are comparison and conditional move opcodes.
See ISA, 4.3.10 for more details.

Signed-off-by: Max Filippov <jcmvbkbc@gmail.com>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
12 years agotarget-xtensa: implement FP0 conversions
Max Filippov [Wed, 19 Sep 2012 00:23:57 +0000 (04:23 +0400)]
target-xtensa: implement FP0 conversions

These are FP to integer and integer to FP conversion opcodes.
See ISA, 4.3.10 for more details.

Note that ISA description for utrunc.s is currently incorrect and will
be fixed in future revisions.

Signed-off-by: Max Filippov <jcmvbkbc@gmail.com>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
12 years agotarget-xtensa: implement FP0 arithmetic
Max Filippov [Wed, 19 Sep 2012 00:23:56 +0000 (04:23 +0400)]
target-xtensa: implement FP0 arithmetic

These are FP arithmetic opcodes.
See ISA, 4.3.10 for more details.

Signed-off-by: Max Filippov <jcmvbkbc@gmail.com>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
12 years agotarget-xtensa: implement LSCX and LSCI groups
Max Filippov [Wed, 19 Sep 2012 00:23:55 +0000 (04:23 +0400)]
target-xtensa: implement LSCX and LSCI groups

These are load/store instructions for FP registers with immediate or
register index and optional base post-update.
See ISA, 4.3.10 for more details.

Signed-off-by: Max Filippov <jcmvbkbc@gmail.com>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
12 years agotarget-xtensa: add FP registers
Max Filippov [Wed, 19 Sep 2012 00:23:54 +0000 (04:23 +0400)]
target-xtensa: add FP registers

There are 16 32-bit FP registers (f0 - f15), control and status user
registers (fcr, fsr).

See ISA, 4.3.10 for more details.

Signed-off-by: Max Filippov <jcmvbkbc@gmail.com>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
12 years agotarget-xtensa: specialize softfloat NaN rules
Max Filippov [Wed, 19 Sep 2012 00:23:53 +0000 (04:23 +0400)]
target-xtensa: specialize softfloat NaN rules

NaN propagation rule: leftmost NaN in the expression gets propagated to
the result.

Signed-off-by: Max Filippov <jcmvbkbc@gmail.com>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
12 years agotarget-xtensa: handle boolean option in overlays
Max Filippov [Wed, 19 Sep 2012 00:23:52 +0000 (04:23 +0400)]
target-xtensa: handle boolean option in overlays

Signed-off-by: Max Filippov <jcmvbkbc@gmail.com>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
12 years agosoftfloat: add NO_SIGNALING_NANS
Max Filippov [Wed, 19 Sep 2012 00:23:51 +0000 (04:23 +0400)]
softfloat: add NO_SIGNALING_NANS

Architectures that don't have signaling NaNs can define
NO_SIGNALING_NANS, it will make float*_is_quiet_nan return 1 for any NaN
and float*_is_signaling_nan always return 0.

Signed-off-by: Max Filippov <jcmvbkbc@gmail.com>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
12 years agosoftfloat: make float_muladd_negate_* flags independent
Max Filippov [Wed, 19 Sep 2012 00:23:50 +0000 (04:23 +0400)]
softfloat: make float_muladd_negate_* flags independent

Flags passed into float{32,64}_muladd are treated as bits; assign
independent bits to float_muladd_negate_* to allow precise control over
what gets negated in float{32,64}_muladd.

Signed-off-by: Max Filippov <jcmvbkbc@gmail.com>
Reviewed-by: Aurelien Jarno <aurelien@aurel32.net>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
12 years agoRevert "tcg/mips"
Aurelien Jarno [Sat, 22 Sep 2012 17:24:49 +0000 (19:24 +0200)]
Revert "tcg/mips"

This reverts commit ad49d1f75115663731bfe06dec61eed6775526ad.

This commit was not supposed to be pushed.

Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
12 years agotcg/ppc32: Implement movcond32
malc [Sat, 22 Sep 2012 15:14:33 +0000 (19:14 +0400)]
tcg/ppc32: Implement movcond32

Thanks to Richard Henderson

Signed-off-by: malc <av1474@comtv.ru>