Fix qapi code generation fix
The fixes to qapi code generation had multiple bugs:- the Null class used to drop output was missing some methods- in some scripts it was never instantiated, leading to a None return, which is missing even more methods- the --source and --header options were swapped...
microblaze: Break the tb at memory barriers
Signed-off-by: Edgar E. Iglesias <edgar.iglesias@gmail.com>
etraxfs-dma: Model metadata and eop
- Send EOP flags to the out channels.- Send data descriptor metadata to the out channels.
Signed-off-by: Lars Persson <larper@axis.com>Signed-off-by: Edgar E. Iglesias <edgar.iglesias@gmail.com>
microblaze: Add support for the clz insn
microblaze: Emulate the hw stackprotector
target-i386: fix {min,max}{pd,ps,sd,ss} SSE2 instructions
minpd, minps, minsd, minss and maxpd, maxps, maxsd, maxss SSE2instructions have been broken when switching target-i386 to softfloat.It's not possible to use comparison instructions on float types anymore...
target-i386: fix round{pd,ps,sd,ss} SSE2 instructions
roundps and roundss SSE2 instructions have been broken when switchingtarget-i386 to softfloat. They use float64_round_to_int to convert afloat32, and while the implicit conversion from float32 to float64 was...
target-i386: fix dpps and dppd SSE2 instructions
The helpers implemented dpps and dppd SSE instructions are not passingthe correct argument types to the softfloat functions. While they dowork anyway providing a correct behaviour, this patch fixes that....
target-i386: fix SSE rounding and flush to zero
SSE rounding and flush to zero control has never been implemented. Howevergiven that softfloat-native was using a single state for FPU and SSE andgiven that glibc is setting both FPU and SSE state in fesetround(), this...
wm8750: Fix calculation of number of array elements
Coverity says that the division by sizeof(*s->rate) might be wrong.I think that coverity is right.
Signed-off-by: Stefan Weil <sw@weilnetz.de>Signed-off-by: Andrzej Zaborowski <andrew.zaborowski@intel.com>
elf: Improve symbol lookup (optimize, fix for bsd-user)
Coverity complained about local variable key which was only partiallyinitiated. Only key.st_value was set. As this was also the only partof key which was used in function symfind, the code could be optimized...
hw/integratorcp: Simplify flash remap code
Use the new memory mutator API to simplify the flash remap code;this allows us to drop the flash_mapped flag.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>Reviewed-by: Andreas Färber <afaerber@suse.de>...
hw/integratorcp: Fix sense of REMAP bit
Fix the sense of the REMAP bit: 0 should mean "map flash",1 should mean "map RAM".
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>Signed-off-by: Andrzej Zaborowski <andrew.zaborowski@intel.com>
Merge branch 's390-next' of git://repo.or.cz/qemu/agraf
PPC: Fix linker scripts on ppc hosts
When compiling qemu statically with multilib on PPC, we hit thesame issue that commit 845f2c2812d9ed24b36c02a3d06ee83aeafe8b49is fixing. Do the same here.
Signed-off-by: Alexander Graf <agraf@suse.de>Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
target-sh4: ignore ocbp and ocbwb instructions
ocbp and ocbwb controls the writeback of a cache line to memory. Theyare supposed to do nothing in case of a cache miss. Given QEMU onlypartially emulate caches, it is safe to ignore these instructions.
This fixes a kernel oops when trying to access an rtl8139 NIC with...
tcg/arm: Use r6 as TCG_AREG0 to avoid clash with Thumb framepointer
On ARM, in Thumb mode r7 is used for the framepointer; this meantthat we would fail to compile in debug mode because we were using r7for TCG_AREG0. Shift to r6 instead to avoid this clash....
cris-dis: Clean memory allocation
The old code used sizeof(const struct cris_opcode **) where it shouldhave used sizeof(const struct cris_opcode *). As both sizes give thesame value, the resulting binary was ok, but static code analyzerslike coverity and clang complained....
Merge remote-tracking branch 'qemu-kvm/fix-vhost-after-memory-listener' into staging
vhost: improve region filtering
vhost memory management doesn't care about non-memory (e.g. PIO) or non-RAMregions. Adjust the filtering to reflect that, and move it earlier so itapplies to mem_sections too.
Signed-off-by: Avi Kivity <avi@redhat.com>...
vhost: fix mem_sections memory corruption
A memset() used to delete an entry in an array did not take into accountthe array element's size.
Signed-off-by: Avi Kivity <avi@redhat.com>Acked-by: Michael S. Tsirkin <mst@redhat.com>
vhost: fix incorrect userspace address
MemoryListener::region_add() gives us a slice of a MemoryRegion, not aregion. Adjust the userspace address to reflect that.
Fix vmstate_register_ram() for rom/device regions
rom/device regions have a ram_addr that is composed of both an I/O handler(low bits) and RAM region (high bits); but qemu_ram_set_idstr() expects justa RAM region. Mask the I/O handler to make it happy....
memory: Fix adjust_endianness()
Commit a621f38de85598a13d8d8524d1a94fc6a1818215 (Direct dispatchthrough MemoryRegion) moved byte swaps to a central function.
Add a missing break, so that long-sized byte swaps don't abort.
Signed-off-by: Andreas Färber <afaerber@suse.de>...
memory: Fix memory_region_wrong_endianness()
Since commit be675c972088eba210e18dc125613e9f205a6bfb (memory: moveendianness compensation to memory core) it was checking forTARGET_BIG_ENDIAN instead of TARGET_WORDS_BIGENDIAN, thereby notswapping correctly for Big Endian targets....
kvm: fix build error in ppc kvm due to memory_region_init_ram_ptr() change
Commit c5705a772 ("vmstate, memory: decouple vmstate from memory API") changedthe signature of memory_region_init_ram_ptr() but did not update a caller inthe ppc kvm module. Fix....
Merge branch 'target-arm.for-upstream' of git://git.linaro.org/people/pmaydell/qemu-arm
Merge branch 'ppc-next' of git://repo.or.cz/qemu/agraf
sm501: Fix size of color_reg
color_reg is expected to hold 32 bit values, so it was too small.
This bug was reported by coverity:
hw/sm501.c:624:result_independent_of_operands:color_reg >> 16 is 0 regardless of the values of its operands.This occurs as the bitwise first operand of '&'....
malta: Fix regression (i8259 interrupts did not work)
Commit 5632ae46d5bda798e971dae48ebb318ac2c3686a passes the addressof i8259 to qemu_irq_proxy. i8259 is an auto variable with undefinedvalue outside of mips_malta_init.
This made the interrupt proxy unusable: either QEMU crashes, or...
target-sh4: Fix operands for fipr, ftrv instructions
Coverity complained about right shifts of opcode (16, 18) which werelarger than the size of opcode (16 bit).
Using the correct shift values fixes this.
Cc: Aurelien Jarno <aurelien@aurel32.net>Signed-off-by: Stefan Weil <sw@weilnetz.de>...
Merge remote-tracking branch 'stefanha/trivial-patches' into staging
virtio-9p-proxy: Fix typo causing compile failure on 32 bit hosts
Fix a compile failure on 32 bit hosts (integer constant is too largefor 'unsigned long' type) by correcting a typo where the mask usedfor filling in the second f_fsid word had too many 'F's in it....
qemu-nbd: drop loop which can never loop
For some reason nbd_client_thread() has a do..while loop which can neverloop, the condition is bogus because we would take a goto instead. Dropthe loop.
Reported-by: Dr David Alan Gilbert <davidagilbert@uk.ibm.com>...
Make python mandatory
The QEMU build depends on Python so make it an explicit requirement.
Reviewed-by: Stefan Weil <sw@weilnetz.de>Signed-off-by: Sebastian Herbszt <herbszt@gmx.de>Signed-off-by: Stefan Hajnoczi <stefanha@linux.vnet.ibm.com>
configure: CONFIG_QEMU_INTERP_PREFIX only for user mode
Signed-off-by: Stefan Weil <sw@weilnetz.de>Signed-off-by: Stefan Hajnoczi <stefanha@linux.vnet.ibm.com>
configure: Fix test for supported host CPU type
The test for whether the host CPU is supported had several problems: * the attempt to fall back to TCI was done as a duplicate test, very late (so "--cpu foo" would fail early but "--cpu unicore32" would fail late, differently, and after configure had already...
gdbstub: Fix fd leak in gdbserver_open() error path
Fix a leak of a file descriptor in error exit paths ingdbserver_open().
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>Signed-off-by: Stefan Hajnoczi <stefanha@linux.vnet.ibm.com>
net/socket.c: Fix fd leak in net_socket_listen_init() error paths
Fix a leak of a file descriptor due to missing closesocket() callsin error paths in net_socket_listen_init().
qemu-options.hx: fix tls-channel help text
Remove the default compiled out tunnel channel, add the always availablecursor channel. Optimally the man page would depend on compiled inoptions, but that's harder to do.
RHBZ: 688586
Acked-by: Gerd Hoffmann <kraxel@redhat.com>...
Strip trailing '\n' from error_report()'s first argument (again)
Commit 6daf194d got rid of them, but Hans and Gerd added some morelately. Tracked down with this Coccinelle semantic patch:
r expression fmt; position p;@@ error_report(fmt, ...)@p...
r
scsi virtio-blk usb-msd: Clean up device init error messages
Replace
error_report("DEVICE-NAME: MESSAGE");
by just
error_report("MESSAGE");
in block device init functions.
DEVICE-NAME is bogus in some cases: it's "scsi-disk" for devicescsi-hd and scsi-cd, "virtio-blk-pci" for virtio-blk-s390, and...
Merge remote-tracking branch 'amit/master' into staging
Merge remote-tracking branch 'aneesh/for-upstream' into staging
Merge remote-tracking branch 'sstabellini/xen_mem_fix' into staging
Merge remote-tracking branch 'kraxel/usb.33' into staging
usb-storage: cancel I/O on reset
When resetting the usb-storage device we'll have to carefully canceland clear any requests which might be in flight, otherwise we'll confusethe state machine.
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
usb-host: properly release port on unplug & exit
Factor out port release into a separate function. Call release functionin exit notifier too. Add explicit call the USBDEVFS_RELEASE_PORTioctl, just closing the hub file handle seems not to be enougth. Make...
usb-ohci: td.cbp incorrectly updated near page end
The current code that updates the cbp value after a transfer looks like this:td.cbp += ret;if ((td.cbp & 0xfff) + ret > 0xfff) { <handle page overflow>because the 'ret' value is effectively added twice the check may fire too early...
target-arm: Don't use cpu_single_env in bank_number()
Avoid using cpu_single_env in bank_number() -- if we werecalled via the gdb stub reading or writing the CPSR thenit is NULL and we will segfault if we take the cpu_abort().
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
target-arm: Ignore attempts to set invalid modes in CPSR
Ignore attempts to set the CPSR mode field to an invalid value.This is UNPREDICTABLE, but we should not cpu_abort() for thingsa malicious guest (or a confused user on the gdbstub interface)can provoke....
arm: add dummy A9-specific cp15 registers
Add dummy register support for the cp15, CRn=c15 registers.
config_base_register and power_control_register currentlydefault to 0, but may have improved support after the QOMCPU patches are finished.
Signed-off-by: Mark Langsdorf <mark.langsdorf@calxeda.com>...
xen: Fix after recent change in dirty bitmap tracking.
A recent patch set from Avi break the dirty bitmap support of Xen. Butthis is because xen_sync_dirty_bitmap will return an error for anunhandled memory range (a0000 - bffff). However this is not a fatal...
Merge remote-tracking branch 'pmaydell/arm-devs.for-upstream' into staging
hw/9pfs: Add support to use named socket for proxy FS
Add option to use named socket for communicating between proxy helperand qemu proxy FS. Access to socket can be given by using command lineoptions -u and -g.
Signed-off-by: M. Mohan Kumar <mohan@in.ibm.com>...
hw/9pfs: Documentation changes related to proxy fs
Signed-off-by: M. Mohan Kumar <mohan@in.ibm.com>Signed-off-by: Aneesh Kumar K.V <aneesh.kumar@linux.vnet.ibm.com>
hw/9pfs: man page for proxy helper
hw/9pfs: Proxy getversion
Add proxy getversion to get generation number
hw/9pfs: xattr interfaces in proxy filesystem driver
Add xattr support for proxy FS
hw/9pfs: File ownership and others
Add file ownership interfaces like chmod/chown, utime update, rename,remove and truncating files for proxy FS
hw/9pfs: Add stat/readlink/statfs for proxy FS
hw/9pfs: Create other filesystem objects
Add interfaces to create filesystem objects like directory,device nodes, symbolic links, links for proxy filesytem driver
hw/9pfs: Open and create files
Add interfaces to open and create files for proxy file system driver.
hw/9pfs: File system helper process for qemu 9p proxy FS
Provide root privilege access to QEMU 9p proxy filesystem using socketcommunication.
Proxy helper is started by root user as:~ # virtfs-proxy-helper -f|--fd <socket descriptor> -p|--path <path-to-share>...
hw/9pfs: Add new proxy filesystem driver
Add new proxy filesystem driver to add root privilege to qemu process.It needs a helper process to be started by root user.
Following command line can be used to utilize proxy filesystem driver-virtfs proxy,id=<id>,mount_tag=<tag>,socket_fd=<socket-fd>...
hw/9pfs: Add validation to {un}marshal code
hw/9pfs: Move opt validation to FsDriver callback
This remove all conditional code from common code path andmake opt validation a FSDriver callback.
Signed-off-by: Aneesh Kumar K.V <aneesh.kumar@linux.vnet.ibm.com>
hw/9pfs: Move pdu_marshal/unmarshal code to a seperate file
Move p9 marshaling/unmarshaling code to a separate file so thatproxy filesytem driver can use these calls. Also made marshalingcode generic to accept "struct iovec" instead of V9fsPDU.
hw/omap1.c: Separate dpll_ctl from omap_mpu_state
Signed-off-by: Juha Riihimäki <juha.riihimaki@nokia.com>[Riku Voipio: Fixes and restructuring patchset]Signed-off-by: Riku Voipio <riku.voipio@iki.fi>[Peter Maydell: More fixes and cleanups for upstream submission]...
hw/omap1.c: Drop unused includes
Drop includes of qemu-timer.h, qemu-char.h and pc.h as they are nolonger needed.
hw/omap_gpmc: Fix region map/unmap when configuring prefetch engine
When configuring the prefetch engine (and also when resetting froma state where the prefetch engine was enabled) be careful to adhereto the "unmap/change config fields/map" ordering, to avoid trying...
arm: add missing scu registers
Add power control register to a9mpcore
Signed-off-by: Rob Herring <rob.herring@calxeda.com>Signed-off-by: Mark Langsdorf <mark.langsdorf@calxeda.com>Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
arm: Set frequencies for arm_timer
Use qdev properties to allow board modelers to set the frequenciesfor the sp804 timer. Each of the sp804's timers can have anindividual frequency. The timers default to 1MHz.
arm: add dummy gic security registers
Implement handling for the RAZ/WI gic security registers.
add L2x0/PL310 cache controller device
This is just a dummy device for ARM L2 cache controllers, based on thepl310. The cache type parameter can be defined by a property valueand has a meaningful default.
Signed-off-by: Rob Herring <rob.herring@calxeda.com>...
hw/omap1.c: Separate PWT from omap_mpu_state
Convert IO_MEM_{RAM,ROM,UNASSIGNED,NOTDIRTY} to MemoryRegions
Convert the fixed-address IO_MEM_RAM, IO_MEM_ROM, IO_MEM_UNASSIGNED,and IO_MEM_NOTDIRTY io handlers to MemoryRegions. These aren't realregions, since they are never added to the memory hierarchy, but they...
Switch cpu_register_physical_memory_log() to use MemoryRegions
Still internally using ram_addr.
Signed-off-by: Avi Kivity <avi@redhat.com>Reviewed-by: Richard Henderson <rth@twiddle.net>
Convert the subpage wrapper to be a MemoryRegion
Convert IO_MEM_SUBPAGE_RAM to be a MemoryRegion
Convert io_mem_watch to be a MemoryRegion
Direct dispatch through MemoryRegion
Now that all mmio goes through MemoryRegions, we can convertio_mem_opaque to be a MemoryRegion pointer, and remove the thunksthat convert from old-style CPU{Read,Write}MemoryFunc to MemoryRegionOps.
Remove IO_MEM_SUBPAGE
Replace with a MemoryRegion flag.
Drop IO_MEM_ROMD
Unlike ->readonly, ->readable is not inherited from aliase, so we can simplyquery the memory region.
Remove IO_MEM_SHIFT
We no longer use any of the lower bits of a ram_addr, so we might as welluse them for the io table index. This increases the number of potentialI/O handlers by a factor of 8.
memory: obsolete cpu_physical_memory_[gs]et_dirty_tracking()
The getter is no longer used, so it is completely removed.
Reviewed-by: Anthony Liguori <aliguori@us.ibm.com>Signed-off-by: Avi Kivity <avi@redhat.com>
xen: convert framebuffer dirty tracking to memory API
memory: obsolete more dirty memory related functions
No longer used outside memory.c and exec.c.
memory: move endianness compensation to memory core
Instead of doing device endianness compensation in cpu_register_io_memory(),do it in the memory core.
exec: make phys_page_find() return a temporary
Instead of returning a PhysPageDesc pointer, return a temporary.This lets us move away from actually storing PhysPageDesc's, andinstead sythesising them when needed.
memory: move mmio access to functions
Currently mmio access goes directly to the io_mem_{read,write} arrays.In preparation for eliminating them, add indirection via a function.
memory: remove MemoryRegion::backend_registered
backend_registered was used to lazify the process of registering anmmio region, since the it is different for the I/O address space andthe memory address space. However, it also makes registration dependent...
Fix wrong region_offset when overlaying a page with another
cpu_register_physical_memory_log() does not update region_offsetif a page was previously registered for the same address. Thiscould cause mmio accesses going to the wrong place, by using theold region_offset....
Avoid range comparisons on io index types
The code sometimes uses range comparisons on io indexes (e.g.index =< IO_MEM_ROM). Avoid these as they make moving to objects harder.
Uninline get_page_addr_code()
Its use of IO_MEM_ROM and friends will later cause #include loops; and itis too large to merit inlining.
Store MemoryRegion in RAMBlock
As a step in moving live migration from RAMBlocks to MemoryRegions,store the MemoryRegion in a RAMBlock.
Switch ram_save to the memory API
Avoid using ram_addr_t, instead use (MemoryRegion *, offset) pairs.
Sort RAMBlocks by ID for migration, not by ram_addr
ram_addr is (a) unstable (b) going away. Sort by idstr instead.
Commit b2e0a138e initially introduced the sorting for the purposeof improving debuggability. After this patch, the order is stillstable, but perhaps less usable by a human....
Remove support for version 3 ram_load
Version 3 ram_load depends on ram_addrs, which are not stable. Version 4was introduced in 0.13 (and RHEL 6), so this means live migration from 0.12and earlier to 1.1 or later will not work.
Reviewed-by: Anthony Liguori <aliguori@us.ibm.com>...
Convert ram_load() to the memory API