It fixes heap-use-after-free which was found by clang's ASAN.
Control flow of this use-after-free:
main_thread:
* Got SIGTERM and completes main loop
* Calls migration_shutdown
- migrate_fd_cancel (so, migration_thread begins to complete)
- object_unref(OBJECT(current_migration));
main_thread:
* Calls vm_shutdown -> drain bdrvs -> main loop
-> cleanup_bh -> use after free
If you want to reproduce, these couple of sleeps will help:
vl.c:4613:
migration_shutdown();
+ sleep(2);
migration.c:3269:
+ sleep(1);
trace_migration_thread_after_loop();
migration_iteration_finish(s);
Original output:
qemu-system-x86_64: terminating on signal 15 from pid 31980 (<unknown process>)
=================================================================
==31958==ERROR: AddressSanitizer: heap-use-after-free on address 0x61900001d210
at pc 0x555558a535ca bp 0x7fffffffb190 sp 0x7fffffffb188
READ of size 8 at 0x61900001d210 thread T0 (qemu-vm-0)
#0 0x555558a535c9 in migrate_fd_cleanup migration/migration.c:1502:23
#1 0x5555594fde0a in aio_bh_call util/async.c:90:5
#2 0x5555594fe522 in aio_bh_poll util/async.c:118:13
#3 0x555559524783 in aio_poll util/aio-posix.c:725:17
#4 0x555559504fb3 in aio_wait_bh_oneshot util/aio-wait.c:71:5
#5 0x5555573bddf6 in virtio_blk_data_plane_stop
hw/block/dataplane/virtio-blk.c:282:5
#6 0x5555589d5c09 in virtio_bus_stop_ioeventfd hw/virtio/virtio-bus.c:246:9
#7 0x5555589e9917 in virtio_pci_stop_ioeventfd hw/virtio/virtio-pci.c:287:5
#8 0x5555589e22bf in virtio_pci_vmstate_change hw/virtio/virtio-pci.c:1072:9
#9 0x555557628931 in virtio_vmstate_change hw/virtio/virtio.c:2257:9
#10 0x555557c36713 in vm_state_notify vl.c:1605:9
#11 0x55555716ef53 in do_vm_stop cpus.c:1074:9
#12 0x55555716eeff in vm_shutdown cpus.c:1092:12
#13 0x555557c4283e in main vl.c:4617:5
#14 0x7fffdfdb482f in __libc_start_main
(/lib/x86_64-linux-gnu/libc.so.6+0x2082f)
#15 0x555556ecb118 in _start (x86_64-softmmu/qemu-system-x86_64+0x1977118)
0x61900001d210 is located 144 bytes inside of 952-byte region
[0x61900001d180,0x61900001d538)
freed by thread T6 (live_migration) here:
#0 0x555556f76782 in __interceptor_free
/tmp/final/llvm.src/projects/compiler-rt/lib/asan/asan_malloc_linux.cc:124:3
#1 0x555558d5fa94 in object_finalize qom/object.c:618:9
#2 0x555558d57651 in object_unref qom/object.c:1068:9
#3 0x555558a55588 in migration_thread migration/migration.c:3272:5
#4 0x5555595393f2 in qemu_thread_start util/qemu-thread-posix.c:502:9
#5 0x7fffe057f6b9 in start_thread (/lib/x86_64-linux-gnu/libpthread.so.0+0x76b9)
previously allocated by thread T0 (qemu-vm-0) here:
#0 0x555556f76b03 in __interceptor_malloc
/tmp/final/llvm.src/projects/compiler-rt/lib/asan/asan_malloc_linux.cc:146:3
#1 0x7ffff6ee37b8 in g_malloc (/lib/x86_64-linux-gnu/libglib-2.0.so.0+0x4f7b8)
#2 0x555558d58031 in object_new qom/object.c:640:12
#3 0x555558a31f21 in migration_object_init migration/migration.c:139:25
#4 0x555557c41398 in main vl.c:4320:5
#5 0x7fffdfdb482f in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x2082f)
Thread T6 (live_migration) created by T0 (qemu-vm-0) here:
#0 0x555556f5f0dd in pthread_create
/tmp/final/llvm.src/projects/compiler-rt/lib/asan/asan_interceptors.cc:210:3
#1 0x555559538cf9 in qemu_thread_create util/qemu-thread-posix.c:539:11
#2 0x555558a53304 in migrate_fd_connect migration/migration.c:3332:5
#3 0x555558a72bd8 in migration_channel_connect migration/channel.c:92:5
#4 0x555558a6ef87 in exec_start_outgoing_migration migration/exec.c:42:5
#5 0x555558a4f3c2 in qmp_migrate migration/migration.c:1922:9
#6 0x555558bb4f6a in qmp_marshal_migrate qapi/qapi-commands-migration.c:607:5
#7 0x555559363738 in do_qmp_dispatch qapi/qmp-dispatch.c:131:5
#8 0x555559362a15 in qmp_dispatch qapi/qmp-dispatch.c:174:11
#9 0x5555571bac15 in monitor_qmp_dispatch monitor.c:4124:11
#10 0x55555719a22d in monitor_qmp_bh_dispatcher monitor.c:4207:9
#11 0x5555594fde0a in aio_bh_call util/async.c:90:5
#12 0x5555594fe522 in aio_bh_poll util/async.c:118:13
#13 0x5555595201e0 in aio_dispatch util/aio-posix.c:460:5
#14 0x555559503553 in aio_ctx_dispatch util/async.c:261:5
#15 0x7ffff6ede196 in g_main_context_dispatch
(/lib/x86_64-linux-gnu/libglib-2.0.so.0+0x4a196)
SUMMARY: AddressSanitizer: heap-use-after-free migration/migration.c:1502:23
in migrate_fd_cleanup
Shadow bytes around the buggy address:
0x0c327fffb9f0: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
0x0c327fffba00: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
0x0c327fffba10: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
0x0c327fffba20: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
0x0c327fffba30: fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd
=>0x0c327fffba40: fd fd[fd]fd fd fd fd fd fd fd fd fd fd fd fd fd
0x0c327fffba50: fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd
0x0c327fffba60: fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd
0x0c327fffba70: fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd
0x0c327fffba80: fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd
0x0c327fffba90: fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd
Shadow byte legend (one shadow byte represents 8 application bytes):
Addressable: 00
Partially addressable: 01 02 03 04 05 06 07
Heap left redzone: fa
Freed heap region: fd
Stack left redzone: f1
Stack mid redzone: f2
Stack right redzone: f3
Stack after return: f5
Stack use after scope: f8
Global redzone: f9
Global init order: f6
Poisoned by user: f7
Container overflow: fc
Array cookie: ac
Intra object redzone: bb
ASan internal: fe
Left alloca redzone: ca
Right alloca redzone: cb
Shadow gap: cc
==31958==ABORTING
Signed-off-by: Yury Kotov <yury-kotov@yandex-team.ru>
Message-Id: <20190408113343.2370-1-yury-kotov@yandex-team.ru> Reviewed-by: Dr. David Alan Gilbert <dgilbert@redhat.com> Signed-off-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
Fixed up comment formatting
Wei Yang [Wed, 24 Apr 2019 00:47:00 +0000 (08:47 +0800)]
migration/savevm: wrap into qemu_loadvm_state_header()
On source side, we have qemu_savevm_state_header() to send related data,
while on the receiving side those steps are scattered in
qemu_loadvm_state().
This patch wrap those related steps into qemu_loadvm_state_header() to
make it friendly to read.
Signed-off-by: Wei Yang <richardw.yang@linux.intel.com>
Message-Id: <20190424004700.12766-5-richardw.yang@linux.intel.com> Reviewed-by: Daniel Henrique Barboza <danielhb413@gmail.com> Signed-off-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
Then it would be more proper to loadvm_state in the save sequence.
Signed-off-by: Wei Yang <richardw.yang@linux.intel.com>
Message-Id: <20190424004700.12766-4-richardw.yang@linux.intel.com> Reviewed-by: Dr. David Alan Gilbert <dgilbert@redhat.com> Signed-off-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
Since qemu_savevm_state is only called in save_snapshot, this means
migration_is_blocked has been already checked.
Signed-off-by: Wei Yang <richardw.yang@linux.intel.com>
Message-Id: <20190424004700.12766-2-richardw.yang@linux.intel.com> Reviewed-by: Dr. David Alan Gilbert <dgilbert@redhat.com> Signed-off-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
Yi Wang [Mon, 15 Apr 2019 06:51:29 +0000 (14:51 +0800)]
migration: update comments of migration bitmap
Since the ram bitmap and the unsent bitmap are split by RAMBlock
in commit 6b6712e, it's better to update the comments about them.
Signed-off-by: Yi Wang <wang.yi59@zte.com.cn>
Message-Id: <1555311089-18610-1-git-send-email-wang.yi59@zte.com.cn> Reviewed-by: Dr. David Alan Gilbert <dgilbert@redhat.com> Signed-off-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
Wei Yang [Tue, 30 Apr 2019 03:44:10 +0000 (11:44 +0800)]
migration/ram.c: start of migration_bitmap_sync_range is always 0
We can eliminate to pass 0.
Signed-off-by: Wei Yang <richardw.yang@linux.intel.com>
Message-Id: <20190430034412.12935-2-richardw.yang@linux.intel.com> Reviewed-by: Dr. David Alan Gilbert <dgilbert@redhat.com> Signed-off-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
qemu-option.hx: Update missed parameter for colo-compare
We missed the iothread related args in this file.
This patch is used to fix this issue.
Signed-off-by: Zhang Chen <chen.zhang@intel.com>
Message-Id: <20190426090730.2691-4-chen.zhang@intel.com> Reviewed-by: Dr. David Alan Gilbert <dgilbert@redhat.com> Signed-off-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
Signed-off-by: Zhang Chen <chen.zhang@intel.com>
Message-Id: <20190426090730.2691-3-chen.zhang@intel.com> Reviewed-by: Dr. David Alan Gilbert <dgilbert@redhat.com> Signed-off-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
Signed-off-by: Zhang Chen <chen.zhang@intel.com>
Message-Id: <20190426090730.2691-2-chen.zhang@intel.com> Reviewed-by: Dr. David Alan Gilbert <dgilbert@redhat.com> Signed-off-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
migration: savevm: fix error code with migration blockers
The only caller that checks the error code is looking for != 0,
so returning false is incorrect.
Fixes: 5aaac467938 "migration: savevm: consult migration blockers" Signed-off-by: Cole Robinson <crobinso@redhat.com>
Message-Id: <b991a4d0e6c4253bc08b2794c6084be55fc72e1d.1554851834.git.crobinso@redhat.com> Reviewed-by: Dr. David Alan Gilbert <dgilbert@redhat.com> Reviewed-by: Juan Quintela <quintela@redhat.com> Signed-off-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
Wei Yang [Wed, 3 Apr 2019 01:10:16 +0000 (09:10 +0800)]
vmstate: check subsection_found is enough
subsection_found is true implies vmdesc is not NULL.
This patch remove the additional check on vmdesc and rename
subsection_found to vmdesc_has_subsections to make it more self-explain.
Signed-off-by: Wei Yang <richardw.yang@linux.intel.com>
Message-Id: <20190403011016.12549-1-richardw.yang@linux.intel.com> Acked-by: Stefano Garzarella <sgarzare@redhat.com> Reviewed-by: Dr. David Alan Gilbert <dgilbert@redhat.com> Signed-off-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
Wei Yang [Tue, 26 Mar 2019 05:57:26 +0000 (13:57 +0800)]
migration: remove not used field xfer_limit
MigrationState->xfer_limit is only set to 0 in migrate_init().
Remove this unnecessary field.
Signed-off-by: Wei Yang <richardw.yang@linux.intel.com>
Message-Id: <20190326055726.10539-1-richardw.yang@linux.intel.com> Reviewed-by: Dr. David Alan Gilbert <dgilbert@redhat.com> Signed-off-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
Wei Yang [Wed, 27 Mar 2019 01:31:30 +0000 (09:31 +0800)]
migration: not necessary to check ops again
During each iteration, se->ops is checked before each loop. So it is not
necessary to check it again and simplify the following check a little.
Signed-off-by: Wei Yang <richardw.yang@linux.intel.com>
Message-Id: <20190327013130.26259-1-richardw.yang@linux.intel.com> Reviewed-by: Dr. David Alan Gilbert <dgilbert@redhat.com> Signed-off-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
Peter Xu [Fri, 29 Mar 2019 09:57:13 +0000 (17:57 +0800)]
migration: comment VMSTATE_UNUSED*() properly
It is error prone to use VMSTATE_UNUSED*() sometimes especially when
the size of the migration stream of the field is not the same as the
size of the structure (boolean is one example). Comment it well so
people will be aware of this when people want to use it.
Signed-off-by: Peter Xu <peterx@redhat.com>
Message-Id: <20190329095713.14177-1-peterx@redhat.com> Reviewed-by: Dr. David Alan Gilbert <dgilbert@redhat.com> Signed-off-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
Peter Maydell [Tue, 14 May 2019 09:08:47 +0000 (10:08 +0100)]
Merge remote-tracking branch 'remotes/rth/tags/pull-tcg-20190513' into staging
Improve code generation for vector duplication.
Add vector expansions for shifts by non-constant scalar.
Add vector expansions for shifts by vector.
Add integer and vector expansions for absolute value.
Several patches in preparation for Altivec.
Bug fix for tcg/aarch64 vs min/max.
# gpg: Signature made Tue 14 May 2019 00:58:02 BST
# gpg: using RSA key 7A481E78868B4DB6A85A05C064DF38E8AF7E215F
# gpg: issuer "richard.henderson@linaro.org"
# gpg: Good signature from "Richard Henderson <richard.henderson@linaro.org>" [full]
# Primary key fingerprint: 7A48 1E78 868B 4DB6 A85A 05C0 64DF 38E8 AF7E 215F
* remotes/rth/tags/pull-tcg-20190513: (31 commits)
tcg/aarch64: Do not advertise minmax for MO_64
target/xtensa: Use tcg_gen_abs_i32
target/tricore: Use tcg_gen_abs_tl
target/s390x: Use tcg_gen_abs_i64
target/ppc: Use tcg_gen_abs_tl
target/ppc: Use tcg_gen_abs_i32
target/cris: Use tcg_gen_abs_tl
target/arm: Use tcg_gen_abs_i64 and tcg_gen_gvec_abs
tcg/aarch64: Support vector absolute value
tcg/i386: Support vector absolute value
tcg: Add support for vector absolute value
tcg: Add support for integer absolute value
tcg/i386: Support vector scalar shift opcodes
tcg: Add gvec expanders for vector shift by scalar
tcg/aarch64: Support vector variable shift opcodes
tcg/i386: Support vector variable shift opcodes
tcg: Add gvec expanders for variable shift
tcg: Add INDEX_op_dupm_vec
tcg/aarch64: Implement tcg_out_dupm_vec
tcg/i386: Implement tcg_out_dupm_vec
...
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Message-Id: <20190423102145.14812-2-f4bug@amsat.org> Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Remove a function of the same name from target/arm/.
Use a branchless implementation of abs gleaned from gcc.
Reviewed-by: Alex Bennée <alex.bennee@linaro.org> Reviewed-by: David Hildenbrand <david@redhat.com> Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com> Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
The gvec expanders perform a modulo on the shift count. If the target
requires alternate behaviour, then it cannot use the generic gvec
expanders anyway, and will have to have its own custom code.
Reviewed-by: Alex Bennée <alex.bennee@linaro.org> Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Allow the backend to expand dup from memory directly, instead of
forcing the value into a temp first. This is especially important
if integer/vector register moves do not exist.
Note that officially tcg_out_dupm_vec is allowed to fail.
If it did, we could fix this up relatively easily:
VECE == 32/64:
Load the value into a vector register, then dup.
Both of these must work.
VECE == 8/16:
If the value happens to be at an offset such that an aligned
load would place the desired value in the least significant
end of the register, go ahead and load w/garbage in high bits.
Load the value w/INDEX_op_ld{8,16}_i32.
Attempt a move directly to vector reg, which may fail.
Store the value into the backing store for OTS.
Load the value into the vector reg w/TCG_TYPE_I32, which must work.
Duplicate from the vector reg into itself, which must work.
All of which is well and good, except that all supported
hosts can support dupm for all vece, so all of the failure
paths would be dead code and untestable.
Reviewed-by: Alex Bennée <alex.bennee@linaro.org> Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
tcg: Promote tcg_out_{dup,dupi}_vec to backend interface
The i386 backend already has these functions, and the aarch64 backend
could easily split out one. Nothing is done with these functions yet,
but this will aid register allocation of INDEX_op_dup_vec in a later patch.
Adjust the aarch64 tcg_out_dupi_vec signature to match the new interface.
Reviewed-by: Alex Bennée <alex.bennee@linaro.org> Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
tcg: Support cross-class moves without instruction support
PowerPC Altivec does not support direct moves between vector registers
and general registers. So when tcg_out_mov fails, we can use the
backing memory for the temporary to perform the move.
Acked-by: David Hildenbrand <david@redhat.com> Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
This patch merely changes the interface, aborting on all failures,
of which there are currently none.
Reviewed-by: Alex Bennée <alex.bennee@linaro.org> Reviewed-by: David Hildenbrand <david@redhat.com> Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com> Reviewed-by: David Gibson <david@gibson.dropbear.id.au> Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
The only fixed_reg is cpu_env, and it should not be modified
during any TB. Therefore code that tries to special-case moves
into a fixed_reg is dead. Remove it.
Reviewed-by: Alex Bennée <alex.bennee@linaro.org> Reviewed-by: David Hildenbrand <david@redhat.com> Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
tcg: Specify optional vector requirements with a list
Replace the single opcode in .opc with a null-terminated
array in .opt_opc. We still require that all opcodes be
used with the same .vece.
Validate the contents of this list with CONFIG_DEBUG_TCG.
All tcg_gen_*_vec functions will check any list active
during .fniv expansion. Swap the active list in and out
as we expand other opcodes, or take control away from the
front-end function.
Convert all existing vector aware front ends.
Reviewed-by: Alex Bennée <alex.bennee@linaro.org> Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
tcg: Allow add_vec, sub_vec, neg_vec, not_vec to be expanded
PowerPC Altivec does not support add and subtract of 64-bit elements.
Prepare for that configuration by not assuming the operation is
universally supported.
Reviewed-by: Alex Bennée <alex.bennee@linaro.org> Reviewed-by: David Hildenbrand <david@redhat.com> Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Let's add tcg_gen_gvec_3i(), similar to tcg_gen_gvec_2i(), however
without introducing "gen_helper_gvec_3i *fnoi", as it isn't needed
for now.
Reviewed-by: Alex Bennée <alex.bennee@linaro.org> Signed-off-by: David Hildenbrand <david@redhat.com>
Message-Id: <20190416185301.25344-2-david@redhat.com> Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
* remotes/huth-gitlab/tags/pull-request-2019-05-13: (29 commits)
hw/arm: Remove hard-enablement of the remaining PCI devices
hw/arm: Express dependencies of the musca machines with Kconfig
hw/arm: Express dependencies of the xlnx-versal-virt machine with Kconfig
hw/arm: Express dependencies of the ZynqMP zcu102 machine with Kconfig
hw/arm: Express dependencies of the microbit / nrf51 machine with Kconfig
hw/arm: Express dependencies of the remaining IMX boards with Kconfig
hw/arm: Express dependencies of the MSF2 / EMCRAFT_SF2 machine with Kconfig
hw/arm: Express dependencies of sabrelite with Kconfig
hw/arm: Express dependencies of canon-a1100 with Kconfig
hw/arm: Express dependencies of the raspi machines with Kconfig
hw/arm: Express dependencies of the MPS2 boards with Kconfig
hw/arm: Express dependencies of allwinner / cubieboard with Kconfig
hw/arm: Express dependencies of netduino / stm32f2xx with Kconfig
hw/arm: Express dependencies of the virt machine with Kconfig
hw/arm: Express dependencies of the aspeed boards with Kconfig
hw/arm: Express dependencies of collie with Kconfig
hw/arm: Express dependencies of xilinx-zynq with Kconfig
hw/arm: Express dependencies of the PXA2xx machines with Kconfig
hw/arm: Express dependencies of realview, versatile and vexpress with Kconfig
hw/arm: Express dependencies of stellaris with Kconfig
...
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Peter Maydell [Mon, 13 May 2019 12:55:13 +0000 (13:55 +0100)]
Merge remote-tracking branch 'remotes/armbru/tags/pull-misc-2019-05-13' into staging
Miscellaneous patches for 2019-05-13
# gpg: Signature made Mon 13 May 2019 08:04:02 BST
# gpg: using RSA key 3870B400EB918653
# gpg: Good signature from "Markus Armbruster <armbru@redhat.com>" [full]
# gpg: aka "Markus Armbruster <armbru@pond.sub.org>" [full]
# Primary key fingerprint: 354B C8B3 D7EB 2A6B 6867 4E5F 3870 B400 EB91 8653
* remotes/armbru/tags/pull-misc-2019-05-13:
Clean up decorations and whitespace around header guards
Normalize header guard symbol definition.
Clean up ill-advised or unusual header guards
Clean up header guards that don't match their file name
target/xtensa: Clean up core-isa.h header guards
linux-user/nios2 linux-user/riscv: Clean up header guards
authz: Normalize #include "authz/trace.h" to "trace.h"
Use #include "..." for our own headers, <...> for others
Clean up includes
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Peter Maydell [Mon, 13 May 2019 09:45:15 +0000 (10:45 +0100)]
Merge remote-tracking branch 'remotes/stsquad/tags/pull-demacro-softmmu-100519-1' into staging
Demacrofy the SoftMMU
- the demacro itself
- refactor TLB_RECHECK and fix bug
- move unaligned handler out
# gpg: Signature made Fri 10 May 2019 20:34:14 BST
# gpg: using RSA key 6685AE99E75167BCAFC8DF35FBD0DB095A9E2A44
# gpg: Good signature from "Alex Bennée (Master Work Key) <alex.bennee@linaro.org>" [full]
# Primary key fingerprint: 6685 AE99 E751 67BC AFC8 DF35 FBD0 DB09 5A9E 2A44
* remotes/stsquad/tags/pull-demacro-softmmu-100519-1:
cputlb: Do unaligned store recursion to outermost function
cputlb: Do unaligned load recursion to outermost function
cputlb: Drop attribute flatten
cputlb: Move TLB_RECHECK handling into load/store_helper
accel/tcg: demacro cputlb
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Thomas Huth [Fri, 22 Feb 2019 18:09:51 +0000 (19:09 +0100)]
hw/arm: Express dependencies of the musca machines with Kconfig
Dependencies have been determined with trial-and-error and by
looking at the musca.c source file.
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com> Tested-by: Philippe Mathieu-Daudé <philmd@redhat.com> Signed-off-by: Thomas Huth <thuth@redhat.com>
Thomas Huth [Sat, 9 Feb 2019 06:16:05 +0000 (07:16 +0100)]
hw/arm: Express dependencies of the xlnx-versal-virt machine with Kconfig
Dependencies have been determined with trial-and-error and by
looking at the xlnx-versal.c source file.
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com> Tested-by: Philippe Mathieu-Daudé <philmd@redhat.com> Signed-off-by: Thomas Huth <thuth@redhat.com>
Thomas Huth [Fri, 8 Feb 2019 13:52:40 +0000 (14:52 +0100)]
hw/arm: Express dependencies of the ZynqMP zcu102 machine with Kconfig
This cleans up most settings in default-configs/aarch64-softmmu.mak.
Reviewed-by: Alistair Francis <alistair.francis@wdc.com> Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com> Tested-by: Philippe Mathieu-Daudé <philmd@redhat.com> Signed-off-by: Thomas Huth <thuth@redhat.com>
Thomas Huth [Fri, 8 Feb 2019 12:33:40 +0000 (13:33 +0100)]
hw/arm: Express dependencies of the microbit / nrf51 machine with Kconfig
Add Kconfig dependencies for the NRF51 / microbit machine.
Reviewed-by: Alistair Francis <alistair.francis@wdc.com> Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com> Tested-by: Philippe Mathieu-Daudé <philmd@redhat.com> Signed-off-by: Thomas Huth <thuth@redhat.com>
Thomas Huth [Fri, 8 Feb 2019 12:18:31 +0000 (13:18 +0100)]
hw/arm: Express dependencies of the remaining IMX boards with Kconfig
IMX25, IMX7 and IMX6UL were still missing the Kconfig dependencies.
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com> Tested-by: Philippe Mathieu-Daudé <philmd@redhat.com> Signed-off-by: Thomas Huth <thuth@redhat.com>
Thomas Huth [Fri, 8 Feb 2019 11:00:29 +0000 (12:00 +0100)]
hw/arm: Express dependencies of the MSF2 / EMCRAFT_SF2 machine with Kconfig
Add Kconfig dependencies for the emcraft-sf2 machine - we also
distinguish between the machine (CONFIG_EMCRAFT_SF2) and the SoC
(CONFIG_MSF2) now.
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com> Tested-by: Philippe Mathieu-Daudé <philmd@redhat.com> Signed-off-by: Thomas Huth <thuth@redhat.com>
Thomas Huth [Fri, 8 Feb 2019 10:28:13 +0000 (11:28 +0100)]
hw/arm: Express dependencies of sabrelite with Kconfig
Add Kconfig dependencies for the Sabrelite / iMX6 machine.
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com> Tested-by: Philippe Mathieu-Daudé <philmd@redhat.com> Signed-off-by: Thomas Huth <thuth@redhat.com>
Thomas Huth [Fri, 8 Feb 2019 09:55:38 +0000 (10:55 +0100)]
hw/arm: Express dependencies of canon-a1100 with Kconfig
Add Kconfig dependencies for the DIGIC / canon-a1100 machine.
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com> Tested-by: Philippe Mathieu-Daudé <philmd@redhat.com> Signed-off-by: Thomas Huth <thuth@redhat.com>
Thomas Huth [Fri, 8 Feb 2019 09:22:54 +0000 (10:22 +0100)]
hw/arm: Express dependencies of the raspi machines with Kconfig
Most of the code is directly controlled by the CONFIG_RASPI switch,
so not much to add here additionally.
Reviewed-by: Alistair Francis <alistair.francis@wdc.com> Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com> Tested-by: Philippe Mathieu-Daudé <philmd@redhat.com> Signed-off-by: Thomas Huth <thuth@redhat.com>
Thomas Huth [Fri, 8 Feb 2019 09:19:41 +0000 (10:19 +0100)]
hw/arm: Express dependencies of the MPS2 boards with Kconfig
Add Kconfig dependencies for the mps2-an* machines.
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com> Tested-by: Philippe Mathieu-Daudé <philmd@redhat.com> Signed-off-by: Thomas Huth <thuth@redhat.com>
Thomas Huth [Fri, 8 Feb 2019 09:18:15 +0000 (10:18 +0100)]
hw/arm: Express dependencies of allwinner / cubieboard with Kconfig
Add dependencies for the Cubitech Cubieboard.
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com> Tested-by: Philippe Mathieu-Daudé <philmd@redhat.com> Signed-off-by: Thomas Huth <thuth@redhat.com>
Thomas Huth [Fri, 8 Feb 2019 07:52:57 +0000 (08:52 +0100)]
hw/arm: Express dependencies of netduino / stm32f2xx with Kconfig
Netduino only depends on the stm32f205 SoC which in turn depends on
its components.
Reviewed-by: Alistair Francis <alistair.francis@wdc.com> Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com> Tested-by: Philippe Mathieu-Daudé <philmd@redhat.com> Signed-off-by: Thomas Huth <thuth@redhat.com>
Thomas Huth [Fri, 8 Feb 2019 06:17:55 +0000 (07:17 +0100)]
hw/arm: Express dependencies of the virt machine with Kconfig
Dependencies have been determined by looking at hw/arm/virt.c
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com> Tested-by: Philippe Mathieu-Daudé <philmd@redhat.com> Signed-off-by: Thomas Huth <thuth@redhat.com>
Thomas Huth [Fri, 8 Feb 2019 05:53:04 +0000 (06:53 +0100)]
hw/arm: Express dependencies of the aspeed boards with Kconfig
Dependencies have been determined by looking at hw/arm/aspeed.c
Reviewed-by: Cédric Le Goater <clg@kaod.org> Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com> Tested-by: Philippe Mathieu-Daudé <philmd@redhat.com> Signed-off-by: Thomas Huth <thuth@redhat.com>
Thomas Huth [Fri, 8 Feb 2019 05:39:48 +0000 (06:39 +0100)]
hw/arm: Express dependencies of collie with Kconfig
Add Kconfig dependencies for the Strongarm collie machine.
This patch is based on earlier work by Ákos Kovács (i.e.
his "hw/arm/Kconfig: Add ARM Kconfig" patch).
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com> Tested-by: Philippe Mathieu-Daudé <philmd@redhat.com> Signed-off-by: Thomas Huth <thuth@redhat.com>
Thomas Huth [Thu, 7 Feb 2019 19:26:34 +0000 (20:26 +0100)]
hw/arm: Express dependencies of xilinx-zynq with Kconfig
Add Kconfig dependencies for the xilinx-zynq-a9 board.
This patch is based on earlier work by Ákos Kovács (i.e.
his "hw/arm/Kconfig: Add ARM Kconfig" patch).
Reviewed-by: Alistair Francis <alistair.francis@wdc.com> Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com> Tested-by: Philippe Mathieu-Daudé <philmd@redhat.com> Signed-off-by: Thomas Huth <thuth@redhat.com>
Thomas Huth [Fri, 8 Feb 2019 11:35:26 +0000 (12:35 +0100)]
hw/arm: Express dependencies of the PXA2xx machines with Kconfig
Add Kconfig dependencies for the PXA2xx machines (akita, borzoi,
connex and verdex gumstix, tosa, mainstone, spitz, terrier and z2).
This patch is based on earlier work by Ákos Kovács (i.e.
his "hw/arm/Kconfig: Add ARM Kconfig" patch).
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com> Tested-by: Philippe Mathieu-Daudé <philmd@redhat.com> Signed-off-by: Thomas Huth <thuth@redhat.com>
Thomas Huth [Thu, 7 Feb 2019 19:05:05 +0000 (20:05 +0100)]
hw/arm: Express dependencies of realview, versatile and vexpress with Kconfig
This patch is slightly based on earlier work by Ákos Kovács (i.e.
his "hw/arm/Kconfig: Add ARM Kconfig" patch).
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com> Tested-by: Philippe Mathieu-Daudé <philmd@redhat.com> Signed-off-by: Thomas Huth <thuth@redhat.com>
Thomas Huth [Thu, 7 Feb 2019 16:12:14 +0000 (17:12 +0100)]
hw/arm: Express dependencies of the OMAP machines with Kconfig
Add Kconfig dependencies for the OMAP machines (cheetah, n800, n810,
sx1 and sx1-v1).
This patch is slightly based on earlier work by Ákos Kovács (i.e.
his "hw/arm/Kconfig: Add ARM Kconfig" patch).
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com> Tested-by: Philippe Mathieu-Daudé <philmd@redhat.com> Signed-off-by: Thomas Huth <thuth@redhat.com>
Thomas Huth [Thu, 7 Feb 2019 16:05:38 +0000 (17:05 +0100)]
hw/arm: Express dependencies of musicpal with Kconfig
This patch is slightly based on earlier work by Ákos Kovács (i.e.
his "hw/arm/Kconfig: Add ARM Kconfig" patch).
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com> Tested-by: Philippe Mathieu-Daudé <philmd@redhat.com> Signed-off-by: Thomas Huth <thuth@redhat.com>
Thomas Huth [Thu, 7 Feb 2019 15:51:56 +0000 (16:51 +0100)]
hw/arm: Express dependencies of the fsl-imx31 machine with Kconfig
Add Kconfig dependencies for the fsl-imx31 / kzm machine.
This patch is slightly based on earlier work by Ákos Kovács (i.e.
his "hw/arm/Kconfig: Add ARM Kconfig" patch).
Reviewed-by: Peter Chubb <peter.chubb@data61.csiro.au> Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com> Tested-by: Philippe Mathieu-Daudé <philmd@redhat.com> Signed-off-by: Thomas Huth <thuth@redhat.com>
Thomas Huth [Thu, 7 Feb 2019 14:21:27 +0000 (15:21 +0100)]
hw/arm: Express dependencies of integratorcp with Kconfig
This patch is slightly based on earlier work by Ákos Kovács (i.e.
his "hw/arm/Kconfig: Add ARM Kconfig" patch).
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com> Tested-by: Philippe Mathieu-Daudé <philmd@redhat.com> Signed-off-by: Thomas Huth <thuth@redhat.com>
Thomas Huth [Thu, 7 Feb 2019 09:35:22 +0000 (10:35 +0100)]
hw/arm: Express dependencies of the highbank machines with Kconfig
Add Kconfig dependencies for the highbank machine (and the midway
machine).
This patch is slightly based on earlier work by Ákos Kovács (i.e.
his "hw/arm/Kconfig: Add ARM Kconfig" patch).
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com> Tested-by: Philippe Mathieu-Daudé <philmd@redhat.com> Signed-off-by: Thomas Huth <thuth@redhat.com>
Thomas Huth [Thu, 7 Feb 2019 09:28:01 +0000 (10:28 +0100)]
hw/arm: Express dependencies of the exynos machines with Kconfig
Add Kconfig dependencies for the Exynos-related boards (nuri and
smdkc210).
This patch is slightly based on earlier work by Ákos Kovács (i.e.
his "hw/arm/Kconfig: Add ARM Kconfig" patch).
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com> Tested-by: Philippe Mathieu-Daudé <philmd@redhat.com> Signed-off-by: Thomas Huth <thuth@redhat.com>
Thomas Huth [Fri, 22 Feb 2019 14:48:11 +0000 (15:48 +0100)]
hw/ide/ahci: Add a Kconfig switch for the AHCI-ICH9 device
Some of our machines (like the ARM cubieboard) use CONFIG_AHCI for an AHCI
sysbus device, but do not use CONFIG_PCI since they do not feature a PCI
bus. With CONFIG_AHCI but without CONFIG_PCI, currently linking fails:
../hw/ide/ich.o: In function `pci_ich9_ahci_realize':
hw/ide/ich.c:124: undefined reference to `pci_allocate_irq'
hw/ide/ich.c:126: undefined reference to `pci_register_bar'
hw/ide/ich.c:128: undefined reference to `pci_register_bar'
hw/ide/ich.c:131: undefined reference to `pci_add_capability'
hw/ide/ich.c:147: undefined reference to `msi_init'
../hw/ide/ich.o: In function `pci_ich9_uninit':
hw/ide/ich.c:158: undefined reference to `msi_uninit'
../hw/ide/ich.o:(.data.rel+0x50): undefined reference to `vmstate_pci_device'
We must only compile ich.c if CONFIG_PCI is available, too, so introduce a
new config switch for this device.
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com> Tested-by: Philippe Mathieu-Daudé <philmd@redhat.com> Acked-by: John Snow <jsnow@redhat.com> Signed-off-by: Thomas Huth <thuth@redhat.com>
Thomas Huth [Fri, 10 May 2019 08:11:59 +0000 (10:11 +0200)]
Makefile: Fix inclusion of the config-devices.mak.d Kconfig dependencies
The Makefile tries to include device Kconfig dependencies via
-include $(SUBDIR_DEVICES_MAK_DEP)
and thus expects files that match *-softmmu/config-devices.mak.d ...
however, the minikconf script currently generates files a la
"*-softmmu-config.devices.mak.d" instead, so the dependency files
simply got ignored so far. For example, after a "touch hw/arm/Kconfig",
the arm-softmmu/config-devices.mak file is currently not re-generated.
Fix it by putting the dependency files in the *-softmmu folders now.
Reported-by: Peter Maydell <peter.maydell@linaro.org> Signed-off-by: Thomas Huth <thuth@redhat.com>
Thomas Huth [Tue, 19 Feb 2019 16:00:10 +0000 (17:00 +0100)]
hw/pci/pci-stub: Add msi_enabled() and msi_notify() to the pci stubs
Some machines have an AHCI adapter, but no PCI. To be able to
compile hw/ide/ahci.c without CONFIG_PCI, we still need the two
functions msi_enabled() and msi_notify() for linking.
This is required for the new Kconfig-like build system, if a user
wants to compile a QEMU binary with just one machine that has AHCI,
but no PCI, like the ARM "cubieboard" for example.
Reviewed-by: Michael S. Tsirkin <mst@redhat.com> Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com> Tested-by: Philippe Mathieu-Daudé <philmd@redhat.com> Signed-off-by: Thomas Huth <thuth@redhat.com>
We commonly define the header guard symbol without an explicit value.
Normalize the exceptions.
Done with scripts/clean-header-guards.pl.
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Message-Id: <20190315145123.28030-8-armbru@redhat.com> Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Leading underscores are ill-advised because such identifiers are
reserved. Trailing underscores are merely ugly. Strip both.
Our header guards commonly end in _H. Normalize the exceptions.
Done with scripts/clean-header-guards.pl.
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Message-Id: <20190315145123.28030-7-armbru@redhat.com> Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
[Changes to slirp/ dropped, as we're about to spin it off]
scripts/clean-header-guards.pl warns these headers use reserved
identifier _XTENSA_CORE_CONFIGURATION_H as header guard symbol. It
additionally warns the guard doesn't match the file name.
Reuse of the same guard symbol in multiple headers is okay as long as
they cannot be included together.
Since we can avoid guard symbol reuse easily, do so: use the guard
symbol scripts/clean-header-guards.pl picks, less the TARGET_ prefix.
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Message-Id: <20190315145123.28030-5-armbru@redhat.com>
linux-user/nios2 linux-user/riscv: Clean up header guards
Reuse of the same guard symbol in multiple headers is okay as long as
they cannot be included together. scripts/clean-header-guards.pl
can't tell, so it warns.
Since we can avoid guard symbol reuse easily, do so: use guard symbol
${target^^}_${fname^^} for linux-user/$target/$fname, just like we did
in commit a9c94277f0..3500385697.
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Message-Id: <20190315145123.28030-4-armbru@redhat.com> Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
authz: Normalize #include "authz/trace.h" to "trace.h"
Include the generated trace.h the same way as we do everywhere else.
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Message-Id: <20190315145123.28030-3-armbru@redhat.com> Acked-by: Daniel P. Berrangé <berrange@redhat.com> Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
We're in the process of spinning out slirp/. tests/fp/platform.h is
has to include qemu/osdep.h because tests/fp/berkeley-softfloat-3/ and
tests/fp/berkeley-testfloat-3/ don't. tests/uefi-test-tools/ is guest
software. The remaining reverts are the same as in commit b7d89466dde.
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Message-Id: <20190313162812.8885-1-armbru@redhat.com> Reviewed-by: Eric Blake <eblake@redhat.com>
[Revert change to tests/fp/platform.h, adjust commit message]
cputlb: Do unaligned store recursion to outermost function
This is less tricky than for loads, because we always fall
back to single byte stores to implement unaligned stores.
Signed-off-by: Richard Henderson <richard.henderson@linaro.org> Signed-off-by: Alex Bennée <alex.bennee@linaro.org> Tested-by: Mark Cave-Ayland <mark.cave-ayland@ilande.co.uk>
cputlb: Do unaligned load recursion to outermost function
If we attempt to recurse from load_helper back to load_helper,
even via intermediary, we do not get all of the constants
expanded away as desired.
But if we recurse back to the original helper (or a shim that
has a consistent function signature), the operands are folded
away as desired.
Signed-off-by: Richard Henderson <richard.henderson@linaro.org> Signed-off-by: Alex Bennée <alex.bennee@linaro.org> Tested-by: Mark Cave-Ayland <mark.cave-ayland@ilande.co.uk>
Going to approach this problem via __attribute__((always_inline))
instead, but full conversion will take several steps.
Signed-off-by: Richard Henderson <richard.henderson@linaro.org> Signed-off-by: Alex Bennée <alex.bennee@linaro.org> Tested-by: Mark Cave-Ayland <mark.cave-ayland@ilande.co.uk>
cputlb: Move TLB_RECHECK handling into load/store_helper
Having this in io_readx/io_writex meant that we forgot to
re-compute index after tlb_fill. It also means we can use
the normal aligned memory load path. It also fixes a bug
in that we had cached a use of index across a tlb_fill.
Signed-off-by: Richard Henderson <richard.henderson@linaro.org> Signed-off-by: Alex Bennée <alex.bennee@linaro.org> Tested-by: Mark Cave-Ayland <mark.cave-ayland@ilande.co.uk>
Alex Bennée [Fri, 15 Feb 2019 14:31:13 +0000 (14:31 +0000)]
accel/tcg: demacro cputlb
Instead of expanding a series of macros to generate the load/store
helpers we move stuff into common functions and rely on the compiler
to eliminate the dead code for each variant.
Signed-off-by: Alex Bennée <alex.bennee@linaro.org> Tested-by: Mark Cave-Ayland <mark.cave-ayland@ilande.co.uk>
Peter Maydell [Fri, 10 May 2019 17:44:59 +0000 (18:44 +0100)]
Merge remote-tracking branch 'remotes/kevin/tags/for-upstream' into staging
Block layer patches:
- block: Remove bdrv_read() and bdrv_write()
- qemu-img: Allow rebase with no input base
- blockjob: Fix coroutine thread after AioContext change
- MAINTAINERS updates for pflash, curl and gluster
# gpg: Signature made Fri 10 May 2019 16:39:54 BST
# gpg: using RSA key 7F09B272C88F2FD6
# gpg: Good signature from "Kevin Wolf <kwolf@redhat.com>" [full]
# Primary key fingerprint: DC3D EB15 9A9A F95D 3D74 56FE 7F09 B272 C88F 2FD6
* remotes/kevin/tags/for-upstream:
iotests: Add test for rebase without input base
qemu-img: Use zero writes after source backing EOF
qemu-img: Allow rebase with no input base
qcow2: Remove BDRVQcow2State.cluster_sectors
block: Remove bdrv_read() and bdrv_write()
vvfat: Replace bdrv_{read,write}() with bdrv_{pread,pwrite}()
vdi: Replace bdrv_{read,write}() with bdrv_{pread,pwrite}()
qcow2: Replace bdrv_write() with bdrv_pwrite()
qemu-img: Use IEC binary prefixes for size constants
test-block-iothread: Job coroutine thread after AioContext switch
blockjob: Fix coroutine thread after AioContext change
qemu-iotests: Fix cleanup for 192
MAINTAINERS: Add an entry for the Parallel NOR Flash devices
MAINTAINERS: Downgrade status of block sections without "M:" to "Odd Fixes"
block: remove bs from lists before closing
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Alberto Garcia [Wed, 1 May 2019 18:13:59 +0000 (21:13 +0300)]
qcow2: Remove BDRVQcow2State.cluster_sectors
The last user of this field disappeared when we replace the
sector-based bdrv_write() with the byte-based bdrv_pwrite().
Signed-off-by: Alberto Garcia <berto@igalia.com> Reviewed-by: Vladimir Sementsov-Ogievskiy <vsementsov@virtuozzo.com> Signed-off-by: Kevin Wolf <kwolf@redhat.com>
projects / qemu-xen.git / log