Peter Maydell [Thu, 20 Mar 2014 11:45:37 +0000 (11:45 +0000)]
Merge remote-tracking branch 'remotes/afaerber/tags/ppc-for-2.0' into staging
PowerPC queue for 2.0
* sPAPR loop fix
* SPR reset fix
* Reduce allocation size of indirect opcode tables
* Restrict number of CPU threads
* sPAPR H_SET_MODE fixes
* sPAPR firmware path fixes
* Static and constness cleanups
# gpg: Signature made Thu 20 Mar 2014 01:46:14 GMT using RSA key ID 3E7E013F
# gpg: Good signature from "Andreas Färber <afaerber@suse.de>"
# gpg: aka "Andreas Färber <afaerber@suse.com>"
* remotes/afaerber/tags/ppc-for-2.0:
spapr: Implement interface to fix device pathname
spapr: QOM'ify pseries machine
spapr_vio: Fix firmware names
spapr_llan: Add to boot device list
qdev: Introduce FWPathProvider interface
vl.c: Extend get_boot_devices_list() to ignore suffixes
spapr_hcall: Fix little-endian resource handling in H_SET_MODE
target-ppc: Introduce powerisa-207-server flag
target-ppc: Force CPU threads count to be a power of 2
target-ppc: Fix overallocation of opcode tables
target-ppc: Reset SPRs on CPU reset
spapr_hcall: Fix h_enter to loop correctly
target-ppc: Add missing 'static' and 'const' attributes
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
This extends the pseries machine type with the interface to fix firmware
pathnames for devices which have @bootindex property.
This fixes SCSI disks' device node names (which are wildcard nodes in
the device-tree), for spapr-vscsi, virtio-scsi and usb-storage.
This fixes PHB name from "pci" to "pci@XXXX" where XXXX is a BUID as
there is no bus on top of sPAPRPHBState where PHB firmware name could
be fixed using the BusClass::get_fw_dev_path() mechanism.
This stores the boot list in the /chosen/qemu,boot-list property of
the device tree. "\n" are replaced by spaces to support OF1275.
Signed-off-by: Alexey Kardashevskiy <aik@ozlabs.ru> Signed-off-by: Andreas Färber <afaerber@suse.de>
Paolo Bonzini [Mon, 17 Mar 2014 02:40:23 +0000 (13:40 +1100)]
qdev: Introduce FWPathProvider interface
QEMU supports firmware names for all devices in the QEMU tree but
some architectures expect some parts of firmware path names in different
format.
This introduces a firmware-pathname-change interface definition.
If some machines needs to redefine the firmware path format, it has
to add the TYPE_FW_PATH_PROVIDER interface to an object that is above
the device on the QOM tree (typically /machine).
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com> Signed-off-by: Alexey Kardashevskiy <aik@ozlabs.ru> Signed-off-by: Andreas Färber <afaerber@suse.de>
vl.c: Extend get_boot_devices_list() to ignore suffixes
As suffixes do not make sense for sPAPR's device tree and
there is no way to filter them out on the BusState::get_fw_dev_path()
level, let's add an ability for the external caller to specify
whether to apply suffixes or not.
We could handle suffixes in SLOF (ignored for now) but this would require
serious rework in the node opening code in SLOF, which has no obvious
benefit for the currently emulated sPAPR machine.
Signed-off-by: Alexey Kardashevskiy <aik@ozlabs.ru> Signed-off-by: Andreas Färber <afaerber@suse.de>
Bharata B Rao [Wed, 5 Mar 2014 08:32:36 +0000 (14:02 +0530)]
target-ppc: Force CPU threads count to be a power of 2
PowerPC kernel expects the number of SMT threads in a core to be a power
of 2. Since QEMU doesn't enforce this, it leads to an early guest kernel
crash if invalid threads count is specified.
Prevent this crash and make it a graceful exit from QEMU itself by
validating the user-supplied threads count.
Signed-off-by: Bharata B Rao <bharata@linux.vnet.ibm.com> Reviewed-by: Eric Blake <eblake@redhat.com> Reviewed-by: Stewart Smith <stewart@linux.vnet.ibm.com> Signed-off-by: Andreas Färber <afaerber@suse.de>
Stuart Brady [Wed, 19 Mar 2014 14:07:26 +0000 (14:07 +0000)]
target-ppc: Fix overallocation of opcode tables
create_new_table() should allocate 0x20 opc_handler_t pointers, but
actually allocates 0x20 opc_handler_t structs. Fix this.
Signed-off-by: Stuart Brady <sdb@zubnet.me.uk> Reviewed-by: Tom Musta <tommusta@gmail.com> Tested-by: Tom Musta <tommusta@gmail.com> Signed-off-by: Andreas Färber <afaerber@suse.de>
We wanted to loop till index is 8. On 8 we return with H_PTEG_FULL. If we
are successful in loading hpte with any other index, we continue with that
index value.
Reported-by: Paolo Bonzini <pbonzini@redhat.com> Signed-off-by: Aneesh Kumar K.V <aneesh.kumar@linux.vnet.ibm.com> Reviewed-by: Paolo Bonzini <pbonzini@redhat.com> Signed-off-by: Andreas Färber <afaerber@suse.de>
Peter Maydell [Wed, 19 Mar 2014 23:34:42 +0000 (23:34 +0000)]
Merge remote-tracking branch 'remotes/afaerber/tags/prep-for-2.0' into staging
PReP machine and devices
* Raven PCI host bridge memory fixes (remainder)
# gpg: Signature made Wed 19 Mar 2014 23:35:08 GMT using RSA key ID 3E7E013F
# gpg: Good signature from "Andreas Färber <afaerber@suse.de>"
# gpg: aka "Andreas Färber <afaerber@suse.com>"
* remotes/afaerber/tags/prep-for-2.0:
raven: Use raven_ for all function prefixes
raven: Fix PCI bus accesses with size > 1
raven: Add PCI bus mastering address space
raven: Set a correct PCI memory region
raven: Set a correct PCI I/O memory region
raven: Implement non-contiguous I/O region
raven: Rename intack region to pci_intack
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Peter Maydell [Wed, 19 Mar 2014 22:36:44 +0000 (22:36 +0000)]
Merge remote-tracking branch 'remotes/afaerber/tags/qom-cpu-for-2.0' into staging
QOM CPUState refactorings / X86CPU
* CPUState layout optimization for TCG
# gpg: Signature made Wed 19 Mar 2014 21:51:46 GMT using RSA key ID 3E7E013F
# gpg: Good signature from "Andreas Färber <afaerber@suse.de>"
# gpg: aka "Andreas Färber <afaerber@suse.com>"
* remotes/afaerber/tags/qom-cpu-for-2.0:
cpu: Move tcg_exit_req to the end of CPUState
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Peter Maydell [Wed, 19 Mar 2014 21:45:41 +0000 (21:45 +0000)]
Merge remote-tracking branch 'remotes/afaerber/tags/qom-devices-for-2.0' into staging
QOM/QTest infrastructure fixes
* QOM machine memory and build fixes
* QOM link<> and child<> property reference counting fixes
# gpg: Signature made Wed 19 Mar 2014 21:44:04 GMT using RSA key ID 3E7E013F
# gpg: Good signature from "Andreas Färber <afaerber@suse.de>"
# gpg: aka "Andreas Färber <afaerber@suse.com>"
* remotes/afaerber/tags/qom-devices-for-2.0:
virtio-rng: Avoid default_backend refcount leak
qom: Add check() argument to object_property_add_link()
qom: Make QOM link property unref optional
qom: Don't make link NULL on object_property_set_link() failure
qom: Split object_property_set_link()
vl.c: Fix OpenBSD compilation issue due to namespace collisions
vl.c: Fix memory leak in qemu_register_machine()
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Stefan Hajnoczi [Wed, 19 Mar 2014 07:58:57 +0000 (08:58 +0100)]
virtio-rng: Avoid default_backend refcount leak
QOM child properties take a reference to the object and release it when
the property is deleted. Therefore we should unref the default_backend
after we have added it as a child property.
Cc: KONRAD Frederic <fred.konrad@greensocs.com> Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com> Reviewed-by: Paolo Bonzini <pbonzini@redhat.com> Signed-off-by: Andreas Färber <afaerber@suse.de>
Stefan Hajnoczi [Wed, 19 Mar 2014 07:58:56 +0000 (08:58 +0100)]
qom: Add check() argument to object_property_add_link()
There are currently three types of object_property_add_link() callers:
1. The link property may be set at any time.
2. The link property of a DeviceState instance may only be set before
realize.
3. The link property may never be set, it is read-only.
Something similar can already be achieved with
object_property_add_str()'s set() argument. Follow its example and add
a check() argument to object_property_add_link().
Also provide default check() functions for case #1 and #2. Case #3 is
covered by passing a NULL function pointer.
Cc: Peter Crosthwaite <peter.crosthwaite@petalogix.com> Cc: Alexander Graf <agraf@suse.de> Cc: Anthony Liguori <aliguori@amazon.com> Cc: "Michael S. Tsirkin" <mst@redhat.com> Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com> Reviewed-by: Paolo Bonzini <pbonzini@redhat.com>
[AF: Tweaked documentation comment] Signed-off-by: Andreas Färber <afaerber@suse.de>
Stefan Hajnoczi [Wed, 19 Mar 2014 07:58:55 +0000 (08:58 +0100)]
qom: Make QOM link property unref optional
Some object_property_add_link() callers expect property deletion to
unref the link property object. Other callers expect to manage the
refcount themselves. The former are currently broken and therefore leak
the link property object.
This patch adds a flags argument to object_property_add_link() so the
caller can specify which refcount behavior they require. The new
OBJ_PROP_LINK_UNREF_ON_RELEASE flag causes the link pointer to be
unreferenced when the property is deleted.
This fixes refcount leaks in qdev.c, xilinx_axidma.c, xilinx_axienet.c,
s390-virtio-bus.c, virtio-pci.c, virtio-rng.c, and ui/console.c.
Rationale for refcount behavior:
* hw/core/qdev.c
- bus children are explicitly unreferenced, don't interfere
- parent_bus is essentially a read-only property that doesn't hold a
refcount, don't unref
- hotplug_handler is leaked, do unref
* hw/dma/xilinx_axidma.c
- rx stream "dma" links are set using set_link, therefore they
need unref
- tx streams are set using set_link, therefore they need unref
* hw/net/xilinx_axienet.c
- same reasoning as hw/dma/xilinx_axidma.c
* hw/pcmcia/pxa2xx.c
- pxa2xx bypasses set_link and therefore does not use refcounts
* hw/s390x/s390-virtio-bus.c
* hw/virtio/virtio-pci.c
* hw/virtio/virtio-rng.c
* ui/console.c
- set_link is used and there is no explicit unref, do unref
Cc: Peter Crosthwaite <peter.crosthwaite@petalogix.com> Cc: Alexander Graf <agraf@suse.de> Cc: Anthony Liguori <aliguori@amazon.com> Cc: "Michael S. Tsirkin" <mst@redhat.com> Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com> Reviewed-by: Paolo Bonzini <pbonzini@redhat.com> Signed-off-by: Andreas Färber <afaerber@suse.de>
Stefan Hajnoczi [Wed, 19 Mar 2014 07:58:54 +0000 (08:58 +0100)]
qom: Don't make link NULL on object_property_set_link() failure
The error behavior of object_property_set_link() is dangerous. It sets
the link property object to NULL if an error occurs. A setter function
should either succeed or fail, it shouldn't leave the value NULL on
failure.
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com> Reviewed-by: Paolo Bonzini <pbonzini@redhat.com> Signed-off-by: Andreas Färber <afaerber@suse.de>
Marcel Apfelbaum [Tue, 18 Mar 2014 15:26:35 +0000 (17:26 +0200)]
vl.c: Fix OpenBSD compilation issue due to namespace collisions
Machine rewriting added MACHINE() macro which is
already in use by other OpenBSD library.
Since qemu/sockets.h exposes the OpenBSD namespace,
the minimalistic approach is to add it as the first QEMU include.
Reported-by: Brad Smith <brad@comstyle.com> Signed-off-by: Marcel Apfelbaum <marcel.a@redhat.com> Signed-off-by: Andreas Färber <afaerber@suse.de>
Since commit 261747f176f6 (vl: Use MachineClass instead of global
QEMUMachine list) valgrind complains about the following:
==54082== 57 bytes in 3 blocks are definitely lost in loss record 365 of
729
==54082== at 0x4031AFE: malloc (vg_replace_malloc.c:292)
==54082== by 0x4145569: g_malloc (in
/usr/lib64/libglib-2.0.so.0.3400.2)
==54082== by 0x415F9E9: g_strconcat (in
/usr/lib64/libglib-2.0.so.0.3400.2)
==54082== by 0x80157FE7: qemu_register_machine (vl.c:1597)
==54082== by 0x80208E6B: module_call_init (module.c:105)
==54082== by 0x80013B91: main (vl.c:3000)
Turns out that valgrind is right. We simply forget the memory that
g_strconcat() has allocated. Lets free it after the type_register().
We need a 2nd variable due to constness of the name part of the
type structure.
Signed-off-by: Christian Borntraeger <borntraeger@de.ibm.com> Reviewed-by: Michael S. Tsirkin <mst@redhat.com> Signed-off-by: Andreas Färber <afaerber@suse.de>
Peter Maydell [Wed, 19 Mar 2014 19:05:13 +0000 (19:05 +0000)]
Merge remote-tracking branch 'remotes/afaerber/tags/qom-cpu-for-2.0' into staging
QOM CPUState refactorings / X86CPU
* Fix pointer type mismatch
# gpg: Signature made Wed 19 Mar 2014 18:51:47 GMT using RSA key ID 3E7E013F
# gpg: Good signature from "Andreas Färber <afaerber@suse.de>"
# gpg: aka "Andreas Färber <afaerber@suse.com>"
* remotes/afaerber/tags/qom-cpu-for-2.0:
exec: Fix CPU rework fallout
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Commit 259186a7d2f7184efc96ae99bc5658e6159f53ad (cpu: Move halted and
interrupt_request fields to CPUState) passed CPUState::env_ptr to
tlb_flush() directory rather than through a typed variable.
Commit 00c8cb0a36f51a6866a83c08962d12a0eb21864b (cputlb: Change
tlb_flush() argument to CPUState) now changed the argument type.
This was unnoticed by gcc because env_ptr is a void pointer.
Signed-off-by: Christian Borntraeger <borntraeger@de.ibm.com> Signed-off-by: Andreas Färber <afaerber@suse.de>
Peter Maydell [Wed, 19 Mar 2014 16:07:30 +0000 (16:07 +0000)]
linux-user: Fix build if headers don't define _LINUX_CAPABILITY_VERSION_1
Older kernel headers don't define _LINUX_CAPABILITY_VERSION_1.
Switch to using the older _LINUX_CAPABILITY_VERSION; newer headers
still define this for source compatibility.
Peter Maydell [Wed, 19 Mar 2014 14:14:15 +0000 (14:14 +0000)]
Merge remote-tracking branch 'remotes/riku/linux-user-for-upstream' into staging
* remotes/riku/linux-user-for-upstream:
linux-user: Implement capget, capset
linux-user: Don't allow guest to block SIGSEGV
signal: added a wrapper for sigprocmask function
linux-user: Don't reserve space for commpage for AArch64
linux-user: implement F_[GS]ETOWN_EX
linux-user: Don't return uninitialized value for atomic_barrier syscall
linux-user/signal.c: Correct error path for AArch64 do_rt_sigreturn
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Peter Maydell [Wed, 19 Mar 2014 13:47:22 +0000 (13:47 +0000)]
Merge remote-tracking branch 'remotes/kevin/tags/for-upstream' into staging
Block patches for 2.0.0-rc1
# gpg: Signature made Wed 19 Mar 2014 13:03:27 GMT using RSA key ID C88F2FD6
# gpg: Good signature from "Kevin Wolf <kwolf@redhat.com>"
* remotes/kevin/tags/for-upstream:
dataplane: fix implicit IOThread refcount
block/nfs: report errors from libnfs
block/nfs: bump libnfs requirement to 1.9.3
qcow2: Fix fail path in realloc_refcount_block()
qcow2: Correct comment for realloc_refcount_block()
qemu-io: Extended "--cmd" description in usage text
qemu-io-cmds: Fixed typo in example for writev.
block: Add error handling to bdrv_invalidate_cache()
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Peter Maydell [Wed, 19 Mar 2014 13:00:41 +0000 (13:00 +0000)]
Merge remote-tracking branch 'remotes/pmaydell/tags/pull-target-arm-20140319' into staging
target-arm queue:
* last few A64 Neon instructions
* fix some PL011 UART bugs causing occasional serial lockups
* fix the non-PCI AHCI device
# gpg: Signature made Wed 19 Mar 2014 12:00:59 GMT using RSA key ID 14360CDE
# gpg: Good signature from "Peter Maydell <peter.maydell@linaro.org>"
* remotes/pmaydell/tags/pull-target-arm-20140319:
target-arm: A64: Add saturating accumulate ops (USQADD/SUQADD)
target-arm: A64: Add saturating int ops (SQNEG/SQABS)
pl011: fix incorrect logic to set the RXFF flag
pl011: fix UARTRSR accesses corrupting the UARTCR value
pl011: reset the fifo when enabled or disabled
ahci: fix sysbus support
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Stefan Hajnoczi [Tue, 18 Mar 2014 16:50:52 +0000 (17:50 +0100)]
dataplane: fix implicit IOThread refcount
When creating an IOThread implicitly (the user did not specify
x-iothread=<id>) remember that iothread_find() does not return the
object with an incremented refcount.
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com> Reviewed-by: Fam Zheng <famz@redhat.com> Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Peter Lieven [Mon, 17 Mar 2014 08:37:33 +0000 (09:37 +0100)]
block/nfs: bump libnfs requirement to 1.9.3
libnfs prior to 1.9.3 contains a bug that will report
wrong transfer sizes if the file offset grows beyond 4GB
and RPC responses are received out of order. this
error is not detectable and fixable in qemu.
additionally 1.9.3 introduces support for handling short
read/writes in general and takes care of the necessary
retransmissions internally.
Signed-off-by: Peter Lieven <pl@kamp.de> Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Max Reitz [Mon, 17 Mar 2014 22:04:52 +0000 (23:04 +0100)]
qcow2: Fix fail path in realloc_refcount_block()
If qcow2_alloc_clusters() fails, new_offset and ret will both be
negative after the fail label, thus passing the first if condition and
subsequently resulting in a call of qcow2_free_clusters() with an
invalid (negative) offset parameter. Fix this by introducing a new label
"fail_free_cluster" which is only invoked if new_offset is indeed
pointing to a newly allocated cluster that should be cleaned up by
freeing it.
While we're at it, clean up the whole fail path. qcow2_cache_put()
should (and actually can) never fail, hence the return value can safely
be ignored (aside from asserting that it indeed did not fail).
Furthermore, there is no reason to give QCOW2_DISCARD_ALWAYS to
qcow2_free_clusters(), a mere QCOW2_DISCARD_OTHER will suffice.
Ultimately, rename the "fail" label to "done", as it is invoked both on
failure and success.
Suggested-by: Laszlo Ersek <lersek@redhat.com> Signed-off-by: Max Reitz <mreitz@redhat.com> Reviewed-by: Laszlo Ersek <lersek@redhat.com> Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Max Reitz [Mon, 17 Mar 2014 22:04:51 +0000 (23:04 +0100)]
qcow2: Correct comment for realloc_refcount_block()
Contrary to the comment describing this function's behavior, it does not
return 0 on success, but rather the offset of the newly allocated
cluster. This patch adjusts the comment accordingly to reflect the
actual behavior.
Signed-off-by: Max Reitz <mreitz@redhat.com> Reviewed-by: Laszlo Ersek <lersek@redhat.com> Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Maria Kustova [Tue, 18 Mar 2014 05:59:19 +0000 (09:59 +0400)]
qemu-io: Extended "--cmd" description in usage text
It's not clear from the usage description that "--cmd" option accepts
its argument as a string, so any special symbols have to be quoted from
the shell.
Updates in usage text:
- Specified parameter format for "--cmd" option.
- Added an instruction how to get help for "--cmd" option.
Signed-off-by: Maria Kustova <maria.k@catit.be> Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com> Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Kevin Wolf [Wed, 12 Mar 2014 14:59:16 +0000 (15:59 +0100)]
block: Add error handling to bdrv_invalidate_cache()
If it returns an error, the migrated VM will not be started, but qemu
exits with an error message.
Signed-off-by: Kevin Wolf <kwolf@redhat.com> Reviewed-by: Juan Quintela <quintela@redhat.com> Reviewed-by: Eric Blake <eblake@redhat.com> Reviewed-by: Benoit Canet <benoit@irqsave.net>
Add the saturating accumulate operations USQADD and SUQADD
to the A64 instruction set. This completes coverage of A64 Neon.
These operations (which are unsigned + signed -> signed and
signed + unsigned -> unsigned) don't exist in the A32/T32
instruction set, so require a complete new set of helper functions.
Signed-off-by: Alex Bennée <alex.bennee@linaro.org> Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Reviewed-by: Richard Henderson <rth@twiddle.net>
Alex Bennée [Tue, 18 Mar 2014 23:10:06 +0000 (23:10 +0000)]
target-arm: A64: Add saturating int ops (SQNEG/SQABS)
This mostly re-uses the existing NEON helpers with an additional two for
the 64 bit case. I also took the opportunity to add TCG_CALL_NO_RWG
options to the helpers as they don't modify globals (saturation flags
are in the CPU Environment).
Signed-off-by: Alex Bennée <alex.bennee@linaro.org> Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Reviewed-by: Richard Henderson <rth@twiddle.net>
Rob Herring [Tue, 18 Mar 2014 18:18:41 +0000 (13:18 -0500)]
pl011: fix incorrect logic to set the RXFF flag
The receive fifo full bit should be set when 1 character is received and
the fifo is disabled or when 16 characters are in the fifo.
Signed-off-by: Rob Herring <rob.herring@linaro.org> Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Message-id: 1395166721-15716-4-git-send-email-robherring2@gmail.com Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Rob Herring [Tue, 18 Mar 2014 18:18:40 +0000 (13:18 -0500)]
pl011: fix UARTRSR accesses corrupting the UARTCR value
Offset 4 is UARTRSR/UARTECR, not the UARTCR. The UARTCR would be
corrupted if the UARTRSR is ever written. Fix by implementing a correct
model of the UARTRSR/UARTECR register. Reads of this register simply
reflect the error bits in data register. Only breaks can be triggered in
QEMU. With the pl011_can_receive function, we effectively have flow
control between the host and the model. Framing and parity errors simply
don't make sense in the model and will never occur.
Signed-off-by: Rob Herring <rob.herring@linaro.org> Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Message-id: 1395166721-15716-3-git-send-email-robherring2@gmail.com Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Rob Herring [Tue, 18 Mar 2014 18:18:39 +0000 (13:18 -0500)]
pl011: reset the fifo when enabled or disabled
Intermittent issues have been seen where no serial input occurs. It
appears the pl011 gets in a state where the rx interrupt never fires
because the rx interrupt only asserts when crossing the fifo trigger
level. The fifo state appears to get out of sync when the pl011 is
re-configured. This combined with the rx timeout interrupt not being
modeled results in no more rx interrupts.
Disabling the fifo is the recommended way to clear the tx fifo in the
TRM (section 3.3.8). The behavior in this case for the rx fifo is
undefined in the TRM, but having fifo contents to be maintained during
configuration changes is not likely expected behavior. Reseting the
fifo state when the fifo size is changed is the simplest solution.
Signed-off-by: Rob Herring <rob.herring@linaro.org> Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Message-id: 1395166721-15716-2-git-send-email-robherring2@gmail.com Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Rob Herring [Tue, 18 Mar 2014 19:36:13 +0000 (19:36 +0000)]
ahci: fix sysbus support
Non-PCI AHCI support is broken due to assertion failures when trying
to convert AHCIState to a PCIDevice pointer as AHCIState can have
different container structs. Fix this by using the non-asserting object
cast and checking the returned pointer is not NULL.
The AddressSpace pointer is also being initialized to NULL and causing
dma_memory_map call to fail. Fix this by initializing to
address_space_memory for sysbus instances.
Also correct AHCI_VMSTATE to use the correct container SysbusAHCIState
for sysbus instances.
Signed-off-by: Rob Herring <rob.herring@linaro.org>
Message-id: 1392073373-3295-1-git-send-email-robherring2@gmail.com
[PMM: added linebreaks to fix overlong lines] Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Peter Lieven [Mon, 17 Mar 2014 17:38:58 +0000 (18:38 +0100)]
ui/vnc: fix vmware VGA incompatiblities
this fixes invalid rectangle updates observed after commit 12b316d
with the vmware VGA driver. The issues occured because the server
and client surface update seems to be out of sync at some points
and the max width of the surface is not dividable by
VNC_DIRTY_BITS_PER_PIXEL (16).
Peter Maydell [Mon, 17 Mar 2014 22:31:32 +0000 (22:31 +0000)]
Merge remote-tracking branch 'remotes/borntraeger/tags/kvm-s390-20140317' into staging
4 small patches:
- Fixing findings of valgrind regarding minor memory leaks:
Currently we forget the pointer of qemu_allocate_irqs. Since we never
free the irqs, this is not critical, but obviously not good programming
style. While we are at it, we dont need the irq infrastructure for
the sclp consoles.
- Handle new ELF error codes for BIOS loading
# gpg: Signature made Mon 17 Mar 2014 21:34:12 GMT using RSA key ID B5A61C7C
# gpg: Can't check signature: public key not found
* remotes/borntraeger/tags/kvm-s390-20140317:
s390x/sclpconsole-lm: Fix and simplify irq setup
s390x/sclpconsole: Fix and simplify interrupt injection
s390x/cpu hotplug: Fix memory leak
s390/ipl: Fix error path on BIOS loading
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
valgrind complains about a memory leak in irq setup of sclpconsole:
==42117== 8 bytes in 1 blocks are definitely lost in loss record 89of 833
==42117== at 0x4031AFE: malloc (vg_replace_malloc.c:292)
==42117== by 0x8022F855: malloc_and_trace (vl.c:2715)
==42117== by 0x4145569: g_malloc (in /usr/lib64/libglib-2.0.so.0.3400.2)
==42117== by 0x800F696D: qemu_extend_irqs (irq.c:51)
==42117== by 0x800F6AF7: qemu_allocate_irqs (irq.c:68)
==42117== by 0x800F5685: console_init (sclpconsole.c:235)
==42117== by 0x80297C79: event_realize (event-facility.c:386)
==42117== by 0x80105071: device_set_realized (qdev.c:693)
==42117== by 0x801CDC4B: property_set_bool (object.c:1337)
==42117== by 0x801CBD7F: object_property_set (object.c:819)
[...]
We dont need the indirection of an qemu irq to inject an slcp interrupt.
Fixes a valgrind error and makes the code simpler.
Signed-off-by: Christian Borntraeger <borntraeger@de.ibm.com> Acked-by: Heinz Graalfs <graalfs@linux.vnet.ibm.com>
s390x/sclpconsole: Fix and simplify interrupt injection
valgrind complains about a memory leak in irq setup of sclpconsole:
==42117== 8 bytes in 1 blocks are definitely lost in loss record 89 of 833
==42117== at 0x4031AFE: malloc (vg_replace_malloc.c:292)
==42117== by 0x8022F855: malloc_and_trace (vl.c:2715)
==42117== by 0x4145569: g_malloc (in /usr/lib64/libglib-2.0.so.0.3400.2)
==42117== by 0x800F696D: qemu_extend_irqs (irq.c:51)
==42117== by 0x800F6AF7: qemu_allocate_irqs (irq.c:68)
==42117== by 0x800F5685: console_init (sclpconsole.c:235)
==42117== by 0x80297C79: event_realize (event-facility.c:386)
==42117== by 0x80105071: device_set_realized (qdev.c:693)
==42117== by 0x801CDC4B: property_set_bool (object.c:1337)
==42117== by 0x801CBD7F: object_property_set (object.c:819)
[...]
Turns out that we actually dont need the indirection, so trigger the
sclp interrupt directly.
Signed-off-by: Christian Borntraeger <borntraeger@de.ibm.com> Acked-by: Heinz Graalfs <graalfs@linux.vnet.ibm.com>
valgrind complains about the following:
==42117== 8 bytes in 1 blocks are definitely lost in loss record 88 of 833
==42117== at 0x4031AFE: malloc (vg_replace_malloc.c:292)
==42117== by 0x8022F855: malloc_and_trace (vl.c:2715)
==42117== by 0x4145569: g_malloc (in /usr/lib64/libglib-2.0.so.0.3400.2)
==42117== by 0x800F696D: qemu_extend_irqs (irq.c:51)
==42117== by 0x800F6AF7: qemu_allocate_irqs (irq.c:68)
==42117== by 0x8029FA4B: irq_cpu_hotplug_init (sclpcpu.c:84)
==42117== by 0x80297C79: event_realize (event-facility.c:386)
==42117== by 0x80105071: device_set_realized (qdev.c:693)
[...]
Right it is. Don't drop the pointer of the irq.
Signed-off-by: Christian Borntraeger <borntraeger@de.ibm.com> Reviewed-by: Jason J. Herne <jjherne@us.ibm.com>
We were computing the full address into %o0 and then not using it.
Adjust some of the computation to rely less on having to pull immediate
values into registers.
Signed-off-by: Richard Henderson <rth@twiddle.net>
Add the binfmt-misc magic needed to register QEMU for handling AArch64
ELF binaries.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Reviewed-by: Richard Henderson <rth@twiddle.net>
Message-id: 1394822294-14837-26-git-send-email-peter.maydell@linaro.org
This adds support for [UF]RSQRTE instructions. It utilises the existing
NEON helpers with some changes. The changes include an explicit passing
of fpstatus (so the correct one is used between arm32 and aarch64),
denormilzation, more correct error handling and also proper scaling of
the fraction going into the estimate.
Signed-off-by: Alex Bennée <alex.bennee@linaro.org> Reviewed-by: Richard Henderson <rth@twiddle.net>
Message-id: 1394822294-14837-25-git-send-email-peter.maydell@linaro.org Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Peter Maydell [Mon, 17 Mar 2014 16:31:53 +0000 (16:31 +0000)]
target-arm: A64: Implement FCVTXN
Implement the FCVTXN operation, which does a narrowing fp precision
conversion using the "round to odd" (von Neumann) mode. This can
conveniently be implemented as "do operation using round to zero;
then set the LSB of the mantissa to 1 if the Inexact flag was set".
Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Reviewed-by: Richard Henderson <rth@twiddle.net>
Message-id: 1394822294-14837-24-git-send-email-peter.maydell@linaro.org
This completes the set of integer narrowing saturating ops including:
SQXTN, SQXTN2
SQXTUN, SQXTUN2
UQXTN, UQXTN2
Signed-off-by: Alex Bennée <alex.bennee@linaro.org> Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Reviewed-by: Richard Henderson <rth@twiddle.net>
Message-id: 1394822294-14837-23-git-send-email-peter.maydell@linaro.org
Alex Bennée [Mon, 17 Mar 2014 16:31:52 +0000 (16:31 +0000)]
target-arm: A64: Move handle_2misc_narrow function
Move the handle_2misc_narrow() function up the file so that it can
be called from disas_simd_scalar_two_reg_misc().
Signed-off-by: Alex Bennée <alex.bennee@linaro.org> Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Reviewed-by: Richard Henderson <rth@twiddle.net>
Message-id: 1394822294-14837-22-git-send-email-peter.maydell@linaro.org
Implement URECPE and FRECPE instructions in both scalar and vector forms.
The actual reciprocal estimate function is shared with the A32/T32 Neon
code. However in A64 we aren't using the Neon "standard FPSCR value"
so extra checks are necessary to handle non-squashed denormal inputs
which can never happen for A32/T32. Calling conventions for the helpers
are thus modified to pass the fpst directly; we mark the helpers as
TCG_CALL_NO_RWG since we're changing the declarations anyway.
Signed-off-by: Alex Bennée <alex.bennee@linaro.org> Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Reviewed-by: Richard Henderson <rth@twiddle.net>
Message-id: 1394822294-14837-21-git-send-email-peter.maydell@linaro.org
Alex Bennée [Mon, 17 Mar 2014 16:31:51 +0000 (16:31 +0000)]
softfloat: export squash_input_denormal functions
I need these available outside of softfloat for some of the reciprocal
processing in aarch64 helper functions.
Signed-off-by: Alex Bennée <alex.bennee@linaro.org> Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Reviewed-by: Richard Henderson <rth@twiddle.net>
Message-id: 1394822294-14837-20-git-send-email-peter.maydell@linaro.org
Peter Maydell [Mon, 17 Mar 2014 16:31:51 +0000 (16:31 +0000)]
target-arm: A64: Implement FCVTZS, FCVTZU in the shift-imm categories
Implement FCVTZS and FCVTZU in the shift-imm and scalar-shift-imm
categories; this completes the implementation of those two groups.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Reviewed-by: Richard Henderson <rth@twiddle.net>
Message-id: 1394822294-14837-19-git-send-email-peter.maydell@linaro.org
Peter Maydell [Mon, 17 Mar 2014 16:31:51 +0000 (16:31 +0000)]
target-arm: A64: Handle saturating left shifts SQSHL, SQSHLU, UQSHL
Implement the saturating left shift instructions SQSHL, SQSHLU
and UQSHL for the scalar-shift-imm and shift-imm categories.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Reviewed-by: Richard Henderson <rth@twiddle.net>
Message-id: 1394822294-14837-18-git-send-email-peter.maydell@linaro.org
Peter Maydell [Mon, 17 Mar 2014 16:31:51 +0000 (16:31 +0000)]
exec-all.h: Increase MAX_OP_PER_INSTR for ARM A64 decoder
The ARM A64 decoder's worst case number of TCG ops per instruction
is 266 (for insn 0x4c800000, a post-indexed ST4 multiple-structures
store). Raise the MAX_OP_PER_INSTR define accordingly.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Reviewed-by: Richard Henderson <rth@twiddle.net>
Message-id: 1394822294-14837-17-git-send-email-peter.maydell@linaro.org
Peter Maydell [Mon, 17 Mar 2014 16:31:50 +0000 (16:31 +0000)]
target-arm: A64: Implement FRINT*
Implement the FRINT* round-to-integral operations from
the 2-reg-misc category.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Reviewed-by: Richard Henderson <rth@twiddle.net>
Message-id: 1394822294-14837-16-git-send-email-peter.maydell@linaro.org
Peter Maydell [Mon, 17 Mar 2014 16:31:50 +0000 (16:31 +0000)]
target-arm: A64: Implement SRI
Implement SRI (shift right and insert).
Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Reviewed-by: Richard Henderson <rth@twiddle.net>
Message-id: 1394822294-14837-15-git-send-email-peter.maydell@linaro.org
Alex Bennée [Mon, 17 Mar 2014 16:31:50 +0000 (16:31 +0000)]
target-arm: A64: Add FRECPX (reciprocal exponent)
These are fairly simple exponent only estimation functions using helpers.
Signed-off-by: Alex Bennée <alex.bennee@linaro.org> Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Reviewed-by: Richard Henderson <rth@twiddle.net>
Message-id: 1394822294-14837-14-git-send-email-peter.maydell@linaro.org
Peter Maydell [Mon, 17 Mar 2014 16:31:50 +0000 (16:31 +0000)]
target-arm: A64: List unsupported shift-imm opcodes
Add the remaining unsupported opcodes to the decode switches
for the shift-imm and scalar shift-imm categories so we can
see what is still to be implemented.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Reviewed-by: Richard Henderson <rth@twiddle.net>
Message-id: 1394822294-14837-13-git-send-email-peter.maydell@linaro.org
Peter Maydell [Mon, 17 Mar 2014 16:31:49 +0000 (16:31 +0000)]
target-arm: A64: Implement FCVTL
Implement FCVTL, the only instruction in the 2-reg-misc group
which widens from size to 2*size elements.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Reviewed-by: Richard Henderson <rth@twiddle.net>
Message-id: 1394822294-14837-12-git-send-email-peter.maydell@linaro.org
Peter Maydell [Mon, 17 Mar 2014 16:31:49 +0000 (16:31 +0000)]
target-arm: A64: Implement FCVTN
Implement FCVTN (narrowing fp-to-fp conversions) from the SIMD
2-reg-misc category.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Reviewed-by: Richard Henderson <rth@twiddle.net>
Message-id: 1394822294-14837-11-git-send-email-peter.maydell@linaro.org
Implement the floating-point-to-integer conversion instructions
FCVT[NMAPZ][SU] in the 2-reg-misc and scalar-2-reg-misc
categories.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Reviewed-by: Richard Henderson <rth@twiddle.net>
Message-id: 1394822294-14837-10-git-send-email-peter.maydell@linaro.org
Peter Maydell [Mon, 17 Mar 2014 16:31:49 +0000 (16:31 +0000)]
target-arm: A64: Implement SHLL, SHLL2
Implement the SHLL and SHLL2 instructions from the 2-reg-misc
category.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Reviewed-by: Richard Henderson <rth@twiddle.net>
Message-id: 1394822294-14837-9-git-send-email-peter.maydell@linaro.org
Implement the SADDLP, UADDLP, SADALP and UADALP instructions
in the SIMD 2-reg misc category.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Reviewed-by: Richard Henderson <rth@twiddle.net>
Message-id: 1394822294-14837-8-git-send-email-peter.maydell@linaro.org
Alex Bennée [Mon, 17 Mar 2014 16:31:48 +0000 (16:31 +0000)]
target-arm: A64: Saturating and narrowing shift ops
This implements the remaining [US][Q][R]SHR[U][N][2] opcodes, which are
saturating and narrowing shift right operations. These are used in
things like libav. Note signed shifts can have an "unsigned" saturating
narrow operation which will floor negative values.
Signed-off-by: Alex Bennée <alex.bennee@linaro.org> Reviewed-by: Richard Henderson <rth@twiddle.net> Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Message-id: 1394822294-14837-7-git-send-email-peter.maydell@linaro.org
[PMM: Added the scalar encodings, style tweaks] Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Alex Bennée [Mon, 17 Mar 2014 16:31:48 +0000 (16:31 +0000)]
target-arm: A64: Add remaining CLS/Z vector ops
Implement the CLS, CLZ operations in the 2-reg-misc category.
Signed-off-by: Alex Bennée <alex.bennee@linaro.org> Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Reviewed-by: Richard Henderson <rth@twiddle.net>
Message-id: 1394822294-14837-6-git-send-email-peter.maydell@linaro.org
Alex Bennée [Mon, 17 Mar 2014 16:31:47 +0000 (16:31 +0000)]
target-arm: A64: Add FSQRT to C3.6.17 (two misc)
Implement FSQRT in the two-reg-misc category.
GCC uses this instruction form.
Signed-off-by: Alex Bennée <alex.bennee@linaro.org> Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Reviewed-by: Richard Henderson <rth@twiddle.net>
Message-id: 1394822294-14837-5-git-send-email-peter.maydell@linaro.org
Alex Bennée [Mon, 17 Mar 2014 16:31:47 +0000 (16:31 +0000)]
target-arm: A64: Add last AdvSIMD Integer to FP ops
This adds the remaining [US]CVTF operations to the SIMD
shift-immediate, scalar-shift-immediate, two-reg-misc and
scalar-two-reg-misc groups of opcodes.
Signed-off-by: Alex Bennée <alex.bennee@linaro.org> Reviewed-by: Richard Henderson <rth@twiddle.net> Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Message-id: 1394822294-14837-4-git-send-email-peter.maydell@linaro.org
[PMM: added scalar 2-misc and scalar-shift-imm encodings] Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Alex Bennée [Mon, 17 Mar 2014 16:31:47 +0000 (16:31 +0000)]
target-arm: A64: Fix bug in add_sub_ext handling of rn
rn == 31 always means SP (not XZR) whether an add_sub_ext
instruction is setting the flags or not; only rd has behaviour
dependent on whether we are setting flags.
Reported-by: Laurent Desnogues <laurent.desnogues@gmail.com> Signed-off-by: Alex Bennée <alex.bennee@linaro.org> Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Reviewed-by: Richard Henderson <rth@twiddle.net>
Message-id: 1394822294-14837-3-git-send-email-peter.maydell@linaro.org
Peter Maydell [Mon, 17 Mar 2014 16:31:47 +0000 (16:31 +0000)]
target-arm: A64: Implement PMULL instruction
Implement the PMULL instruction; this is the last unimplemented insn
in the three-reg-diff group.
Note that PMULL with size 3 is considered part of the AES part
of the crypto extensions (see the ID_AA64ISAR0_EL1 register definition
in the v8 ARM ARM), so it isn't necessary to burn an extra feature
bit on it, even though we're using more feature bits than a single
"crypto extension present/not present" toggle.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Reviewed-by: Richard Henderson <rth@twiddle.net>
Message-id: 1394822294-14837-2-git-send-email-peter.maydell@linaro.org
Peter Maydell [Mon, 17 Mar 2014 16:31:46 +0000 (16:31 +0000)]
target-arm: Add ARM_CP_IO notation to PMCR reginfo
Now that the PMCR writefn makes timer accesses, its reginfo needs
the ARM_CP_IO flag, so that icount mode works correctly. (Fixes
the bug accidentally introduced in commit 7c2cb42b).
Reported-by: Laurent Desnogues <laurent.desnogues@gmail.com> Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Message-id: 1394908291-16546-1-git-send-email-peter.maydell@linaro.org
Peter Maydell [Mon, 17 Mar 2014 16:31:46 +0000 (16:31 +0000)]
virt: Set reset-cbar on CPUs
Set the reset-cbar property on CPUs used by the virt board,
if they have it. This isn't necessary for correct functioning
under Linux (since the A9 isn't a valid CPU for the virt board),
but it is the correct behaviour.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Reviewed-by: Peter Crosthwaite <peter.crosthwaite@xilinx.com>
Message-id: 1394462692-8871-5-git-send-email-peter.maydell@linaro.org
projects / people / liuw / libxenctrl-split / qemu-xen.git / log