qemu.git
5 years agotarget-i386: Rearrange processing of 0F AE
Richard Henderson [Tue, 17 Nov 2015 14:08:57 +0000 (15:08 +0100)] 
target-i386: Rearrange processing of 0F AE

Rather than nesting tests of OP, MOD, and RM, decode them all at once
with a switch.  Also, add some missing #UD checks for e.g. incorrect
LOCK prefix.

Signed-off-by: Richard Henderson <rth@twiddle.net>
5 years agotarget-i386: Rearrange processing of 0F 01
Richard Henderson [Thu, 2 Jul 2015 12:59:21 +0000 (13:59 +0100)] 
target-i386: Rearrange processing of 0F 01

Rather than nesting tests of OP, MOD, and RM, decode them
all at once with a switch.  Fixes incorrect decoding of
AMD Pacifica extensions (aka vmrun et al) via op==2 path.

Signed-off-by: Richard Henderson <rth@twiddle.net>
5 years agotarget-i386: Split fxsave/fxrstor implementation
Richard Henderson [Wed, 1 Jul 2015 12:01:50 +0000 (13:01 +0100)] 
target-i386: Split fxsave/fxrstor implementation

We will be able to reuse these pieces for XSAVE/XRSTOR.

Signed-off-by: Richard Henderson <rth@twiddle.net>
5 years agoMerge remote-tracking branch 'remotes/sstabellini/tags/xen-2016-02-12' into staging
Peter Maydell [Fri, 12 Feb 2016 17:36:12 +0000 (17:36 +0000)] 
Merge remote-tracking branch 'remotes/sstabellini/tags/xen-2016-02-12' into staging

Xen 2016-02-12

# gpg: Signature made Fri 12 Feb 2016 17:28:09 GMT using RSA key ID 70E1AE90
# gpg: Good signature from "Stefano Stabellini <stefano.stabellini@eu.citrix.com>"

* remotes/sstabellini/tags/xen-2016-02-12:
  xen: Drop __XEN_LATEST_INTERFACE_VERSION__ checks from prior to Xen 4.2
  xen: move xenforeignmemory compat layer into common place
  xen: drop XenXC and associated interface wrappers
  xen: drop xen_xc_hvm_inject_msi wrapper
  xen: drop support for Xen 4.1 and older.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
5 years agoMerge remote-tracking branch 'remotes/mjt/tags/pull-trivial-patches-2016-02-11' into...
Peter Maydell [Thu, 11 Feb 2016 15:09:33 +0000 (15:09 +0000)] 
Merge remote-tracking branch 'remotes/mjt/tags/pull-trivial-patches-2016-02-11' into staging

trivial patches for 2016-02-11

# gpg: Signature made Thu 11 Feb 2016 12:16:04 GMT using RSA key ID A4C3D7DB
# gpg: Good signature from "Michael Tokarev <mjt@tls.msk.ru>"
# gpg:                 aka "Michael Tokarev <mjt@corpit.ru>"
# gpg:                 aka "Michael Tokarev <mjt@debian.org>"

* remotes/mjt/tags/pull-trivial-patches-2016-02-11:
  w32: include winsock2.h before windows.h
  Adds keycode 86 to the hid_usage_keys translation table.
  s390x: remove s390-zipl.rom
  Passthru CCID card: QOMify
  Emulated CCID card: QOMify
  ES1370: QOMify
  char: fix parameter name / type in BSD codepath
  qmp-spec: fix index in doc
  rdma: remove check on time_spent when calculating mbs
  qemu-sockets: simplify error handling
  cpu: cpu_save/cpu_load is no more
  qom: Correct object_property_get_int() description
  man: virtfs-proxy-helper: Rework awkward sentence
  remove libtool support

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
5 years agoMerge remote-tracking branch 'remotes/jnsnow/tags/ide-pull-request' into staging
Peter Maydell [Thu, 11 Feb 2016 13:02:28 +0000 (13:02 +0000)] 
Merge remote-tracking branch 'remotes/jnsnow/tags/ide-pull-request' into staging

# gpg: Signature made Wed 10 Feb 2016 19:23:29 GMT using RSA key ID AAFC390E
# gpg: Good signature from "John Snow (John Huston) <jsnow@redhat.com>"

* remotes/jnsnow/tags/ide-pull-request:
  ahci: prohibit "restarting" the FIS or CLB engines
  ahci: explicitly reject bad engine states on post_load
  ahci: handle LIST_ON and FIS_ON in map helpers
  ahci: Do not unmap NULL addresses
  fdc: always compile-check debug prints
  ide: fix device_reset to not ignore pending AIO
  ide: Add silent DRQ cancellation
  ide: replace blk_drain_all by blk_drain
  ide: move buffered DMA cancel to core
  ide: code motion
  ide: Prohibit RESET on IDE drives

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
5 years agow32: include winsock2.h before windows.h
Paolo Bonzini [Tue, 9 Feb 2016 14:16:57 +0000 (15:16 +0100)] 
w32: include winsock2.h before windows.h

Recent Fedora complains while compiling ui/sdl.c:

    /usr/x86_64-w64-mingw32/sys-root/mingw/include/winsock2.h:15:2: warning: #warning Please include winsock2.h before windows.h [-Wcpp]

And with this patch we dutifully obey.

Stefan Weil:

Without that patch, windows.h will include winsock.h
(which conflicts with winsock2.h) when compiling sdl.c.

Normally we define WIN32_LEAN_AND_MEAN, and
windows.h won't include winsock.h.

include/ui/sdl2.h and ui/sdl.c undefine that macro,
so the order of the include files is important.

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Reviewed-by: Stefan Weil <sw@weilnetz.de>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
5 years agoAdds keycode 86 to the hid_usage_keys translation table.
Daniel Serpell [Thu, 4 Feb 2016 19:03:40 +0000 (16:03 -0300)] 
Adds keycode 86 to the hid_usage_keys translation table.

This key is present in international keyboards, between left shift and
the 'Z' key, ant is described in the HID usage tables as "Keyboard
Non-US \ and |": http://www.usb.org/developers/hidpage/Hut1_12v2.pdf

This patch fixes the usb-kbd devices.

Signed-off-by: Daniel Serpell <daniel.serpell@gmail.com>
Reviewed-by: Gerd Hoffmann <kraxel@redhat.com>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
5 years agos390x: remove s390-zipl.rom
Michael Tokarev [Wed, 10 Feb 2016 11:02:44 +0000 (14:02 +0300)] 
s390x: remove s390-zipl.rom

This is an s390 boot rom which was used in s390-virtio machine.
but since commit 3538fb6f89dd9bb2e7e59de2bfad52a45321c744
"s390x: remove s390-virtio machine", this file isn't used.
The only place it is referenced in the code is an unused
define ZIPL_FILENAME.  There's also comment in hw/s390/ipl.c
which I'm modifying too, to refer to s390-ccw.img instead.

Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
Acked-by: Christian Borntraeger <borntraeger@de.ibm.com>
Acked-by: Cornelia Huck <cornelia.huck@de.ibm.com>
5 years agoPassthru CCID card: QOMify
Cao jin [Wed, 3 Feb 2016 02:36:35 +0000 (10:36 +0800)] 
Passthru CCID card: QOMify

Signed-off-by: Cao jin <caoj.fnst@cn.fujitsu.com>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
5 years agoEmulated CCID card: QOMify
Cao jin [Wed, 3 Feb 2016 02:36:34 +0000 (10:36 +0800)] 
Emulated CCID card: QOMify

Signed-off-by: Cao jin <caoj.fnst@cn.fujitsu.com>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
5 years agoES1370: QOMify
Cao jin [Mon, 1 Feb 2016 07:57:35 +0000 (15:57 +0800)] 
ES1370: QOMify

Signed-off-by: Cao jin <caoj.fnst@cn.fujitsu.com>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
5 years agochar: fix parameter name / type in BSD codepath
Daniel P. Berrange [Fri, 22 Jan 2016 17:35:25 +0000 (17:35 +0000)] 
char: fix parameter name / type in BSD codepath

The BSD impl of qemu_chr_open_pp_fd had mis-declared
its parameter type as ChardevBackend instead of
ChardevCommon. It had also mistakenly used the variable
name 'common' instead of 'backend'.

Tested-by: Sean Bruno <sbruno@freebsd.org>
Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
5 years agoqmp-spec: fix index in doc
Wei Yang [Sun, 24 Jan 2016 14:09:58 +0000 (14:09 +0000)] 
qmp-spec: fix index in doc

The index is duplicated. Just change it.

Signed-off-by: Wei Yang <richard.weiyang@gmail.com>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
5 years agordma: remove check on time_spent when calculating mbs
Wei Yang [Sun, 24 Jan 2016 14:09:57 +0000 (14:09 +0000)] 
rdma: remove check on time_spent when calculating mbs

Within the if statement, time_spent is assured to be non-zero.

This patch just removes the check on time_spent when calculating mbs.

Signed-off-by: Wei Yang <richard.weiyang@gmail.com>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
5 years agoqemu-sockets: simplify error handling
Paolo Bonzini [Fri, 22 Jan 2016 11:28:33 +0000 (12:28 +0100)] 
qemu-sockets: simplify error handling

Just go always through the err label.  (Noticed because Coverity
complains that peer is always non-NULL in the error cleanup code,
but removing the "if" is arguably more prone to introducing the
opposite bug in the future).

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Reviewed-by: Daniel P. Berrange <berrange@redhat.com>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
5 years agocpu: cpu_save/cpu_load is no more
Paolo Bonzini [Tue, 19 Jan 2016 12:08:28 +0000 (13:08 +0100)] 
cpu: cpu_save/cpu_load is no more

Everything has been converted to vmstate.

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
5 years agoqom: Correct object_property_get_int() description
Alistair Francis [Mon, 18 Jan 2016 18:42:01 +0000 (10:42 -0800)] 
qom: Correct object_property_get_int() description

The description of object_property_get_int() stated that on an error
it returns NULL. This is not the case and the function will return -1
if an error occurs. Update the commented documentation accordingly.

Reported-By: Christian Liebhardt <christian.liebhardt@keysight.com>
Signed-off-by: Christian Liebhardt <christian.liebhardt@keysight.com>
Signed-off-by: Alistair Francis <alistair.francis@xilinx.com>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
5 years agoman: virtfs-proxy-helper: Rework awkward sentence
Christophe Fergeau [Mon, 18 Jan 2016 09:51:19 +0000 (10:51 +0100)] 
man: virtfs-proxy-helper: Rework awkward sentence

There was a 'capbilities' typo in this man page. This commit
reformulates the sentence the typo was in to make it easier to grasp.
This is based on a suggestion from Eric Blake.

Signed-off-by: Christophe Fergeau <cfergeau@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
5 years agoremove libtool support
Michael Tokarev [Wed, 27 Jan 2016 11:36:43 +0000 (14:36 +0300)] 
remove libtool support

Libtool support was needed to build shared library for libcacard.
Now there's no need to use libtool, and since the build system is
already complicated enough, we have a way to slightly de-complicate
it.

Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
Reviewed-by: Greg Kurz <gkurz@linux.vnet.ibm.com>
5 years agoMerge remote-tracking branch 'remotes/pmaydell/tags/pull-target-arm-20160211' into...
Peter Maydell [Thu, 11 Feb 2016 11:24:16 +0000 (11:24 +0000)] 
Merge remote-tracking branch 'remotes/pmaydell/tags/pull-target-arm-20160211' into staging

target-arm queue:
 * fix some missing traps for EL3 support
 * enable EL3 on Cortex-A53 and Cortex-A57
 * fix syndrome IL bit for Thumb coprocessor, VFP and Neon traps
 * fix mishandling of architectural watchpoints
 * avoid buffer overflow in sd.c
 * fix max-cpus check in virt board
 * implement 'get board revision' query for BCM2835

# gpg: Signature made Thu 11 Feb 2016 11:23:47 GMT using RSA key ID 14360CDE
# gpg: Good signature from "Peter Maydell <peter.maydell@linaro.org>"
# gpg:                 aka "Peter Maydell <pmaydell@gmail.com>"
# gpg:                 aka "Peter Maydell <pmaydell@chiark.greenend.org.uk>"

* remotes/pmaydell/tags/pull-target-arm-20160211:
  bcm2835_property: implement "get board revision" query
  hw/arm/virt: fix max-cpus check
  sd: limit 'req.cmd' while using as an array index
  target-arm: Implement checking of fired watchpoint
  cpu: Add callback to check architectural watchpoint match
  target-arm: Fix IL bit reported for Thumb VFP and Neon traps
  target-arm: Fix IL bit reported for Thumb coprocessor traps
  target-arm: Correct misleading 'is_thumb' syn_* parameter names
  target-arm: Enable EL3 for Cortex-A53 and Cortex-A57
  target-arm: Implement NSACR trapping behaviour
  target-arm: Add isread parameter to CPAccessFns
  target-arm: Update arm_generate_debug_exceptions() to handle EL2/EL3
  target-arm: Use access_trap_aa32s_el1() for SCR and MVBAR
  target-arm: Implement MDCR_EL3 and SDCR
  target-arm: Fix typo in comment in arm_is_secure_below_el3()

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
5 years agobcm2835_property: implement "get board revision" query
Stephen Warren [Thu, 11 Feb 2016 11:17:32 +0000 (11:17 +0000)] 
bcm2835_property: implement "get board revision" query

Return a valid value from the BCM2835 property mailbox query "get board
revision". This query is used by U-Boot. Implementing it fixes the first
obvious difference between qemu and real HW.

The value returned is currently hard-coded to match the RPi2 I own. Other
values are legal, e.g. different board manufacturer field values are
likely to exist in the wild.

Cc: Andrew Baumann <Andrew.Baumann@microsoft.com>
Signed-off-by: Stephen Warren <swarren@wwwdotorg.org>
Reviewed-by: Andrew Baumann <Andrew.Baumann@microsoft.com>
Message-id: 1454993910-24077-1-git-send-email-swarren@wwwdotorg.org
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
5 years agohw/arm/virt: fix max-cpus check
Andrew Jones [Thu, 11 Feb 2016 11:17:32 +0000 (11:17 +0000)] 
hw/arm/virt: fix max-cpus check

mach-virt doesn't yet support hotplug, but command lines specifying
-smp <num>,maxcpus=<bigger-num> don't fail. Of course specifying
bigger-num as something bigger than the machine supports, e.g. > 8
on a gicv2 machine, should fail though. This fix also makes mach-
virt's max-cpus check truly consistent with the one in vl.c:main,
as the one there was already correctly checking max-cpus instead
of smp-cpus.

Reported-by: Shannon Zhao <shannon.zhao@linaro.org>
Signed-off-by: Andrew Jones <drjones@redhat.com>
Reviewed-by: Shannon Zhao <shannon.zhao@linaro.org>
Message-id: 1454511578-24863-1-git-send-email-drjones@redhat.com
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
5 years agosd: limit 'req.cmd' while using as an array index
Prasad J Pandit [Thu, 11 Feb 2016 11:17:32 +0000 (11:17 +0000)] 
sd: limit 'req.cmd' while using as an array index

While processing standard SD commands, the 'req.cmd' value could
lead to OOB read when used as an index into 'sd_cmd_type' or
'sd_cmd_class' arrays. Limit 'req.cmd' value to avoid such an
access.

Reported-by: Qinghao Tang <luodalongde@gmail.com>
Signed-off-by: Prasad J Pandit <pjp@fedoraproject.org>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Message-id: 1453315857-1352-1-git-send-email-ppandit@redhat.com
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
5 years agotarget-arm: Implement checking of fired watchpoint
Sergey Fedorov [Thu, 11 Feb 2016 11:17:32 +0000 (11:17 +0000)] 
target-arm: Implement checking of fired watchpoint

ARM stops before access to a location covered by watchpoint. Also, QEMU
watchpoint fire is not necessarily an architectural watchpoint match.
Unfortunately, that is hardly possible to ignore a fired watchpoint in
debug exception handler. So move watchpoint check from debug exception
handler to the dedicated watchpoint checking callback.

Signed-off-by: Sergey Fedorov <serge.fdrv@gmail.com>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Message-id: 1454256948-10485-3-git-send-email-serge.fdrv@gmail.com
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
5 years agocpu: Add callback to check architectural watchpoint match
Sergey Fedorov [Thu, 11 Feb 2016 11:17:32 +0000 (11:17 +0000)] 
cpu: Add callback to check architectural watchpoint match

When QEMU watchpoint matches, that is not definitely an architectural
watchpoint match yet. If it is a stop-before-access watchpoint then that
is hardly possible to ignore it after throwing a TCG exception.

A special callback is introduced to check for architectural watchpoint
match before raising a TCG exception.

Signed-off-by: Sergey Fedorov <serge.fdrv@gmail.com>
Message-id: 1454256948-10485-2-git-send-email-serge.fdrv@gmail.com
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
5 years agotarget-arm: Fix IL bit reported for Thumb VFP and Neon traps
Peter Maydell [Thu, 11 Feb 2016 11:17:32 +0000 (11:17 +0000)] 
target-arm: Fix IL bit reported for Thumb VFP and Neon traps

All Thumb Neon and VFP instructions are 32 bits, so the IL
bit in the syndrome register should be set. Pass false to the
syn_* function's is_16bit argument rather than s->thumb
so we report the correct IL bit.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Sergey Fedorov <serge.fdrv@gmail.com>
Message-id: 1454683067-16001-4-git-send-email-peter.maydell@linaro.org

5 years agotarget-arm: Fix IL bit reported for Thumb coprocessor traps
Peter Maydell [Thu, 11 Feb 2016 11:17:31 +0000 (11:17 +0000)] 
target-arm: Fix IL bit reported for Thumb coprocessor traps

All Thumb coprocessor instructions are 32 bits, so the IL
bit in the syndrome register should be set. Pass false to the
syn_* function's is_16bit argument rather than s->thumb
so we report the correct IL bit.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Sergey Fedorov <serge.fdrv@gmail.com>
Message-id: 1454683067-16001-3-git-send-email-peter.maydell@linaro.org

5 years agotarget-arm: Correct misleading 'is_thumb' syn_* parameter names
Peter Maydell [Thu, 11 Feb 2016 11:17:31 +0000 (11:17 +0000)] 
target-arm: Correct misleading 'is_thumb' syn_* parameter names

In syndrome register values, the IL bit indicates the instruction
length, and is 1 for 4-byte instructions and 0 for 2-byte
instructions. All A64 and A32 instructions are 4-byte, but
Thumb instructions may be either 2 or 4 bytes long. Unfortunately
we named the parameter to the syn_* functions for constructing
syndromes "is_thumb", which falsely implies that it should be
set for all Thumb instructions, rather than only the 16-bit ones.
Fix the functions to name the parameter 'is_16bit' instead.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Sergey Fedorov <serge.fdrv@gmail.com>
Message-id: 1454683067-16001-2-git-send-email-peter.maydell@linaro.org

5 years agotarget-arm: Enable EL3 for Cortex-A53 and Cortex-A57
Peter Maydell [Thu, 11 Feb 2016 11:17:31 +0000 (11:17 +0000)] 
target-arm: Enable EL3 for Cortex-A53 and Cortex-A57

Enable EL3 support for our Cortex-A53 and Cortex-A57 CPU models.
We have enough implemented now to be able to run real world code
at least to some extent (I can boot ARM Trusted Firmware to the
point where it pulls in OP-TEE and then falls over because it
doesn't have a UEFI image it can chain to).

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com>
Reviewed-by: Sergey Fedorov <serge.fdrv@gmail.com>
Message-id: 1454506721-11843-8-git-send-email-peter.maydell@linaro.org

5 years agotarget-arm: Implement NSACR trapping behaviour
Peter Maydell [Thu, 11 Feb 2016 11:17:31 +0000 (11:17 +0000)] 
target-arm: Implement NSACR trapping behaviour

Implement some corner cases of the behaviour of the NSACR
register on ARMv8:
 * if EL3 is AArch64 then accessing the NSACR from Secure EL1
   with AArch32 should trap to EL3
 * if EL3 is not present or is AArch64 then reads from NS EL1 and
   NS EL2 return constant 0xc00

It would in theory be possible to implement all these with
a single reginfo definition, but for clarity we use three
separate definitions for the three cases and install the
right one based on the CPU feature flags.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com>
Message-id: 1454506721-11843-7-git-send-email-peter.maydell@linaro.org

5 years agotarget-arm: Add isread parameter to CPAccessFns
Peter Maydell [Thu, 11 Feb 2016 11:17:31 +0000 (11:17 +0000)] 
target-arm: Add isread parameter to CPAccessFns

System registers might have access requirements which need to
be described via a CPAccessFn and which differ for reads and
writes. For this to be possible we need to pass the access
function a parameter to tell it whether the access being checked
is a read or a write.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com>
Reviewed-by: Sergey Fedorov <serge.fdrv@gmail.com>
Message-id: 1454506721-11843-6-git-send-email-peter.maydell@linaro.org

5 years agotarget-arm: Update arm_generate_debug_exceptions() to handle EL2/EL3
Peter Maydell [Thu, 11 Feb 2016 11:17:30 +0000 (11:17 +0000)] 
target-arm: Update arm_generate_debug_exceptions() to handle EL2/EL3

The arm_generate_debug_exceptions() function as originally implemented
assumes no EL2 or EL3. Since we now have much more of an implementation
of those now, fix this assumption.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Reviewed-by: Sergey Fedorov <serge.fdrv@gmail.com>
Message-id: 1454506721-11843-5-git-send-email-peter.maydell@linaro.org

5 years agotarget-arm: Use access_trap_aa32s_el1() for SCR and MVBAR
Peter Maydell [Thu, 11 Feb 2016 11:17:30 +0000 (11:17 +0000)] 
target-arm: Use access_trap_aa32s_el1() for SCR and MVBAR

The registers MVBAR and SCR should have the behaviour of trapping to
EL3 if accessed from Secure EL1, but we were incorrectly implementing
them to UNDEF (which would trap to EL1).  Fix this by using the new
access_trap_aa32s_el1() access function.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com>
Message-id: 1454506721-11843-4-git-send-email-peter.maydell@linaro.org

5 years agotarget-arm: Implement MDCR_EL3 and SDCR
Peter Maydell [Thu, 11 Feb 2016 11:17:30 +0000 (11:17 +0000)] 
target-arm: Implement MDCR_EL3 and SDCR

Implement the MDCR_EL3 register (which is SDCR for AArch32).
For the moment we implement it as reads-as-written.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com>
Message-id: 1454506721-11843-3-git-send-email-peter.maydell@linaro.org

5 years agotarget-arm: Fix typo in comment in arm_is_secure_below_el3()
Peter Maydell [Thu, 11 Feb 2016 11:17:30 +0000 (11:17 +0000)] 
target-arm: Fix typo in comment in arm_is_secure_below_el3()

Fix a typo where "EL2" was written but "EL3" intended.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com>
Reviewed-by: Sergey Fedorov <serge.fdrv@gmail.com>
Message-id: 1454506721-11843-2-git-send-email-peter.maydell@linaro.org

5 years agomemory: fix usage of find_next_bit and find_next_zero_bit
Paolo Bonzini [Wed, 10 Feb 2016 14:11:45 +0000 (15:11 +0100)] 
memory: fix usage of find_next_bit and find_next_zero_bit

The last two arguments to these functions are the last and first bit to
check relative to the base.  The code was using incorrectly the first
bit and the number of bits.  Fix this in cpu_physical_memory_get_dirty
and cpu_physical_memory_all_dirty.  This requires a few changes in the
iteration; change the code in cpu_physical_memory_set_dirty_range to
match.

Fixes: 5b82b70
Cc: Stefan Hajnoczi <stefanha@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com>
Tested-by: Leon Alrae <leon.alrae@imgtec.com>
Tested-by: Thomas Huth <thuth@redhat.com>
Message-id: 1455113505-11237-1-git-send-email-pbonzini@redhat.com
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
5 years agoahci: prohibit "restarting" the FIS or CLB engines
John Snow [Wed, 10 Feb 2016 18:29:40 +0000 (13:29 -0500)] 
ahci: prohibit "restarting" the FIS or CLB engines

If the FIS or DMA engines are already started, do not allow them to be
"restarted." As a side-effect of this change, the migration post-load
routine must be modified to cope. If the engines are listed as "on"
in the migrated registers, they must be cleared to allow the startup
routine to see the transition from "off" to "on".

As a second side-effect, the extra argument to ahci_cond_engine_start
is removed in favor of consistent behavior.

Signed-off-by: John Snow <jsnow@redhat.com>
Message-id: 1454103689-13042-5-git-send-email-jsnow@redhat.com

5 years agoahci: explicitly reject bad engine states on post_load
John Snow [Wed, 10 Feb 2016 18:29:40 +0000 (13:29 -0500)] 
ahci: explicitly reject bad engine states on post_load

Currently, we let ahci_cond_start_engines reject weird configurations
where either the DMA (CLB) or FIS engines are said to be started, but
their matching on/off control bit is toggled off.

There should be no way to achieve this, since any time you toggle the
control bit off, the status bit should always follow synchronously.

Preparing for a refactor in cond_start_engines, move the rejection logic
straight up into post_load.

Signed-off-by: John Snow <jsnow@redhat.com>
Message-id: 1454103689-13042-4-git-send-email-jsnow@redhat.com

5 years agoahci: handle LIST_ON and FIS_ON in map helpers
John Snow [Wed, 10 Feb 2016 18:29:40 +0000 (13:29 -0500)] 
ahci: handle LIST_ON and FIS_ON in map helpers

Instead of relying on ahci_cond_start_engines to maintain the
engine status indicators itself, have the lower-layer CLB and FIS mapper
helpers do it themselves.

This makes the cond_start routine slightly nicer to read, and makes sure
that the status indicators will always be correct.

Signed-off-by: John Snow <jsnow@redhat.com>
Message-id: 1454103689-13042-3-git-send-email-jsnow@redhat.com

5 years agoahci: Do not unmap NULL addresses
John Snow [Wed, 10 Feb 2016 18:29:40 +0000 (13:29 -0500)] 
ahci: Do not unmap NULL addresses

Definitely don't try to unmap a garbage address.

Reported-by: Zuozhi fzz <zuozhi.fzz@alibaba-inc.com>
Signed-off-by: John Snow <jsnow@redhat.com>
Message-id: 1454103689-13042-2-git-send-email-jsnow@redhat.com

5 years agofdc: always compile-check debug prints
John Snow [Wed, 10 Feb 2016 18:29:40 +0000 (13:29 -0500)] 
fdc: always compile-check debug prints

Coverity noticed that some variables are only used by debug prints, and
called them unused. Always compile the print statements. While we're
here, print to stderr as well.

Bonus: Fix a debug printf I broke in f31937aa8

Signed-off-by: John Snow <jsnow@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
[Touched up commit message. --js]
Message-id: 1454971529-14830-1-git-send-email-jsnow@redhat.com

5 years agoide: fix device_reset to not ignore pending AIO
John Snow [Wed, 10 Feb 2016 18:29:39 +0000 (13:29 -0500)] 
ide: fix device_reset to not ignore pending AIO

Signed-off-by: John Snow <jsnow@redhat.com>
Reported-by: Kevin Wolf <kwolf@redhat.com>
Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com>
Message-id: 1453225191-11871-7-git-send-email-jsnow@redhat.com

5 years agoide: Add silent DRQ cancellation
John Snow [Wed, 10 Feb 2016 18:29:39 +0000 (13:29 -0500)] 
ide: Add silent DRQ cancellation

Split apart the ide_transfer_stop function into two versions: one that
interrupts and one that doesn't. The one that doesn't can be used to
halt any PIO transfers that are in the DRQ phase. It will not halt
any PIO transfers that are currently in the process of buffering data
for the guest to read.

Signed-off-by: John Snow <jsnow@redhat.com>
Reported-by: Kevin Wolf <kwolf@redhat.com>
Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com>
[Renamed 'etf' to 'end_transfer_func' --js]
Message-id: 1453225191-11871-6-git-send-email-jsnow@redhat.com

5 years agoide: replace blk_drain_all by blk_drain
John Snow [Wed, 10 Feb 2016 18:29:39 +0000 (13:29 -0500)] 
ide: replace blk_drain_all by blk_drain

Target the drain for just one device.

Signed-off-by: John Snow <jsnow@redhat.com>
Reported-by: Kevin Wolf <kwolf@redhat.com>
Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com>
Message-id: 1453225191-11871-5-git-send-email-jsnow@redhat.com

5 years agoide: move buffered DMA cancel to core
John Snow [Wed, 10 Feb 2016 18:29:39 +0000 (13:29 -0500)] 
ide: move buffered DMA cancel to core

Buffered DMA cancellation was added to ATAPI devices and implemented
for the BMDMA HBA. Move the code over to common IDE code and allow
it to be used for any HBA.

Signed-off-by: John Snow <jsnow@redhat.com>
Reported-by: Kevin Wolf <kwolf@redhat.com>
Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com>
Message-id: 1453225191-11871-4-git-send-email-jsnow@redhat.com

5 years agoide: code motion
John Snow [Wed, 10 Feb 2016 18:29:39 +0000 (13:29 -0500)] 
ide: code motion

Shuffle the reset function upwards.

Signed-off-by: John Snow <jsnow@redhat.com>
Reported-by: Kevin Wolf <kwolf@redhat.com>
Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com>
Message-id: 1453225191-11871-3-git-send-email-jsnow@redhat.com

5 years agoide: Prohibit RESET on IDE drives
John Snow [Wed, 10 Feb 2016 18:29:38 +0000 (13:29 -0500)] 
ide: Prohibit RESET on IDE drives

This command is meant for ATAPI devices only, prohibit acknowledging it with
a command aborted response when an IDE device is busy.

Signed-off-by: John Snow <jsnow@redhat.com>
Reported-by: Kevin Wolf <kwolf@redhat.com>
Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com>
Message-id: 1453225191-11871-2-git-send-email-jsnow@redhat.com

5 years agoxen: Drop __XEN_LATEST_INTERFACE_VERSION__ checks from prior to Xen 4.2
Ian Campbell [Wed, 10 Feb 2016 11:07:05 +0000 (11:07 +0000)] 
xen: Drop __XEN_LATEST_INTERFACE_VERSION__ checks from prior to Xen 4.2

We assume (and check for in configure) 4.2 or later now. In reality
all of the removed checks are for far older versions.

FMT_ioreq_size is no longer needed.

Signed-off-by: Ian Campbell <ian.campbell@citrix.com>
Reviewed-by: Stefano Stabellini <stefano.stabellini@eu.citrix.com>
Signed-off-by: Stefano Stabellini <stefano.stabellini@eu.citrix.com>
5 years agoxen: move xenforeignmemory compat layer into common place
Ian Campbell [Wed, 10 Feb 2016 11:07:04 +0000 (11:07 +0000)] 
xen: move xenforeignmemory compat layer into common place

Now that we no longer support Xen 4.2 and earlier only the <470 case
needs this so it can live with all the others.

Signed-off-by: Ian Campbell <ian.campbell@citrix.com>
Reviewed-by: Stefano Stabellini <stefano.stabellini@eu.citrix.com>
Signed-off-by: Stefano Stabellini <stefano.stabellini@eu.citrix.com>
5 years agoxen: drop XenXC and associated interface wrappers
Ian Campbell [Wed, 10 Feb 2016 11:07:03 +0000 (11:07 +0000)] 
xen: drop XenXC and associated interface wrappers

Now that 4.2 and earlier are no longer supported "xc_interface *" is
always the right type for the xc interface handle.

With this we can also simplify the handling of the xenforeignmemory
compatibility wrapper by making xenforeignmemory_handle ==
xc_interface, instead of an xc_interface* and remove various uses of &
and *h.

Signed-off-by: Ian Campbell <ian.campbell@citrix.com>
Reviewed-by: Stefano Stabellini <stefano.stabellini@eu.citrix.com>
Signed-off-by: Stefano Stabellini <stefano.stabellini@eu.citrix.com>
5 years agoxen: drop xen_xc_hvm_inject_msi wrapper
Ian Campbell [Wed, 10 Feb 2016 11:07:02 +0000 (11:07 +0000)] 
xen: drop xen_xc_hvm_inject_msi wrapper

The xc version is now always present.

Signed-off-by: Ian Campbell <ian.campbell@citrix.com>
Reviewed-by: Stefano Stabellini <stefano.stabellini@eu.citrix.com>
Signed-off-by: Stefano Stabellini <stefano.stabellini@eu.citrix.com>
5 years agoxen: drop support for Xen 4.1 and older.
Ian Campbell [Wed, 10 Feb 2016 11:07:01 +0000 (11:07 +0000)] 
xen: drop support for Xen 4.1 and older.

Xen 4.2 become unsupported upstream in 09/2015 (see
http://wiki.xen.org/wiki/Xen_Release_Features). However as far as the
interfaces provided by the toolstack libraries go 4.2 and 4.3 are
indistinguishable.

Therefore drop support for Xen 4.1 and earlier which removes a whole
pile of compatibility code which makes future work (to use stable
library interfaces provided by upstream) more difficult. In particular
all supported versions now use a pointer as a libxc handle (4.1 and
earlier used an integer, resulting in various shim layers).

Also Xen 4.2 was the first version of Xen to formally support upstream
QEMU (as a preview) so that makes sense as a cut-off now.

This change drops all the configure-y and resulting ifdefs in a mostly
mechanical way. A follow up will refactor wrappers which are now
unused.

Signed-off-by: Ian Campbell <ian.campbell@citrix.com>
Reviewed-by: Stefano Stabellini <stefano.stabellini@eu.citrix.com>
Signed-off-by: Stefano Stabellini <stefano.stabellini@eu.citrix.com>
5 years agoMerge remote-tracking branch 'remotes/bonzini/tags/for-upstream' into staging
Peter Maydell [Tue, 9 Feb 2016 19:34:46 +0000 (19:34 +0000)] 
Merge remote-tracking branch 'remotes/bonzini/tags/for-upstream' into staging

* switch to C11 atomics (Alex)
* Coverity fixes for IPMI (Corey), i386 (Paolo), qemu-char (Paolo)
* at long last, fail on wrong .pc files if -m32 is in use (Daniel)
* qemu-char regression fix (Daniel)
* SAS1068 device (Paolo)
* memory region docs improvements (Peter)
* target-i386 cleanups (Richard)
* qemu-nbd docs improvements (Sitsofe)
* thread-safe memory hotplug (Stefan)

# gpg: Signature made Tue 09 Feb 2016 16:09:30 GMT using RSA key ID 78C7AE83
# gpg: Good signature from "Paolo Bonzini <bonzini@gnu.org>"
# gpg:                 aka "Paolo Bonzini <pbonzini@redhat.com>"

* remotes/bonzini/tags/for-upstream: (33 commits)
  qemu-char, io: fix ordering of arguments for UDP socket creation
  MAINTAINERS: add all-match entry for qemu-devel@
  get_maintainer.pl: fall back to git if only lists are found
  target-i386: fix PSE36 mode
  docs/memory.txt: Improve list of different memory regions
  ipmi_bmc_sim: Add break to correct watchdog NMI check
  ipmi_bmc_sim: Fix off by one in check.
  ipmi: do not take/drop iothread lock
  target-i386: Deconstruct the cpu_T array
  target-i386: Tidy gen_add_A0_im
  target-i386: Rewrite leave
  target-i386: Rewrite gen_enter inline
  target-i386: Use gen_lea_v_seg in pusha/popa
  target-i386: Access segs via TCG registers
  target-i386: Use gen_lea_v_seg in stack subroutines
  target-i386: Use gen_lea_v_seg in gen_lea_modrm
  target-i386: Introduce mo_stacksize
  target-i386: Create gen_lea_v_seg
  char: fix repeated registration of tcp chardev I/O handlers
  kvm-all: trace: strerror fixup
  ...

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
5 years agoMerge remote-tracking branch 'remotes/stefanha/tags/block-pull-request' into staging
Peter Maydell [Tue, 9 Feb 2016 17:56:45 +0000 (17:56 +0000)] 
Merge remote-tracking branch 'remotes/stefanha/tags/block-pull-request' into staging

# gpg: Signature made Tue 09 Feb 2016 15:11:25 GMT using RSA key ID 81AB73C8
# gpg: Good signature from "Stefan Hajnoczi <stefanha@redhat.com>"
# gpg:                 aka "Stefan Hajnoczi <stefanha@gmail.com>"

* remotes/stefanha/tags/block-pull-request:
  block: add missing call to bdrv_drain_recurse
  blockjob: Fix hang in block_job_finish_sync
  iov: avoid memcpy for "simple" iov_from_buf/iov_to_buf

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
5 years agoqemu-char, io: fix ordering of arguments for UDP socket creation
Paolo Bonzini [Tue, 9 Feb 2016 10:59:15 +0000 (11:59 +0100)] 
qemu-char, io: fix ordering of arguments for UDP socket creation

Two wrongs make a right, but they should be fixed anyway.

Cc: Daniel P. Berrange <berrange@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Message-Id: <1455015557-15106-1-git-send-email-pbonzini@redhat.com>

5 years agoMerge remote-tracking branch 'remotes/armbru/tags/pull-error-2016-02-09' into staging
Peter Maydell [Tue, 9 Feb 2016 16:09:15 +0000 (16:09 +0000)] 
Merge remote-tracking branch 'remotes/armbru/tags/pull-error-2016-02-09' into staging

Error reporting patches for 2016-02-09

# gpg: Signature made Tue 09 Feb 2016 12:38:33 GMT using RSA key ID EB918653
# gpg: Good signature from "Markus Armbruster <armbru@redhat.com>"
# gpg:                 aka "Markus Armbruster <armbru@pond.sub.org>"

* remotes/armbru/tags/pull-error-2016-02-09:
  HACKING: Add a section on error handling and reporting
  error: Improve documentation some more
  Use error_fatal to simplify obvious fatal errors (again)

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
5 years agoMAINTAINERS: add all-match entry for qemu-devel@
Stephen Warren [Tue, 9 Feb 2016 03:04:25 +0000 (20:04 -0700)] 
MAINTAINERS: add all-match entry for qemu-devel@

Add an entry to MAINTAINERS that matches every patch, and requests the
user send patches to qemu-devel@nongnu.org.

It's not 100% obvious to project newcomers that all patches should be sent
there; checkpatch doesn't say so, and since it mentions other lists to CC,
the wording "the list" from the SubmitAPatch wiki page can be taken
to mean only those lists, not the main list too.

The F: entries were taken from a similar entry in the Linux kernel.

Cc: Paolo Bonzini <pbonzini@redhat.com>
Cc: Markus Armbruster <armbru@redhat.com>
Cc: John Snow <jsnow@redhat.com>
Signed-off-by: Stephen Warren <swarren@wwwdotorg.org>
Message-Id: <1454987065-12961-1-git-send-email-swarren@wwwdotorg.org>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
5 years agoget_maintainer.pl: fall back to git if only lists are found
Paolo Bonzini [Tue, 9 Feb 2016 16:07:55 +0000 (17:07 +0100)] 
get_maintainer.pl: fall back to git if only lists are found

It's not 100% obvious to project newcomers that all patches should be sent
there; checkpatch doesn't say so, and since it mentions other lists to CC,
the wording "the list" from the SubmitAPatch wiki page can be taken
to mean only those lists, not the main list too.  We would like therefore
to add a catch-all entry for qemu-devel@nongnu.org.

On its own, this would break fallback to git, because now every file
has a maintainer of sorts.  Modify get_maintainer.pl so that mailing
lists (L: lines) no longer prevent the fallback, only humans (M:
entries).

Several pre-existing entries have a list but no human.  These now
fall back to git.  That's a feature.

Cc: Paolo Bonzini <pbonzini@redhat.com>
Cc: Markus Armbruster <armbru@redhat.com>
Cc: John Snow <jsnow@redhat.com>
Signed-off-by: Stephen Warren <swarren@wwwdotorg.org>
Message-Id: <1454987065-12961-1-git-send-email-swarren@wwwdotorg.org>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
5 years agotarget-i386: fix PSE36 mode
Paolo Bonzini [Tue, 9 Feb 2016 10:44:35 +0000 (11:44 +0100)] 
target-i386: fix PSE36 mode

(pde & 0x1fe000) is a 32-bit integer; when shifting it
into bits 39-32 the result is zero.  Fix it by making the
mask (and thus the result of the AND) a 64-bit integer.

Reported by Coverity.

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
5 years agodocs/memory.txt: Improve list of different memory regions
Peter Maydell [Thu, 28 Jan 2016 18:54:57 +0000 (18:54 +0000)] 
docs/memory.txt: Improve list of different memory regions

Improve the part of the memory region documentation which describes
the various different kinds of memory region:
 * add the missing types ROM, IOMMU and reservation
 * mention the functions used to initialize each type, as a hint
   for finding the API docs and examples of use

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Message-Id: <1454007297-3971-1-git-send-email-peter.maydell@linaro.org>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
5 years agoipmi_bmc_sim: Add break to correct watchdog NMI check
Corey Minyard [Mon, 11 Jan 2016 13:32:32 +0000 (07:32 -0600)] 
ipmi_bmc_sim: Add break to correct watchdog NMI check

It was falling through when it should have been a break.  Found by
Coverity.  The logic could be simplified a bit with a fallthrough,
probably the original thought, but that would be less clear, I think.

Cc: Paolo Bonzini <pbonzini@redhat.com>
Cc: Michael S. Tsirkin <mst@redhat.com>
Cc: Peter Maydell <peter.maydell@linaro.org>
Cc: Shannon Zhao <zhaoshenglong@huawei.com>
Cc: Xiao Guangrong <guangrong.xiao@linux.intel.com>
Cc: Stefan Hajnoczi <stefanha@redhat.com>
Signed-off-by: Corey Minyard <cminyard@mvista.com>
Message-Id: <1452519152-6500-3-git-send-email-minyard@acm.org>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
5 years agoipmi_bmc_sim: Fix off by one in check.
Corey Minyard [Mon, 11 Jan 2016 13:32:31 +0000 (07:32 -0600)] 
ipmi_bmc_sim: Fix off by one in check.

Found by Paolo.

Cc: Paolo Bonzini <pbonzini@redhat.com>
Cc: Michael S. Tsirkin <mst@redhat.com>
Cc: Peter Maydell <peter.maydell@linaro.org>
Cc: Shannon Zhao <zhaoshenglong@huawei.com>
Cc: Xiao Guangrong <guangrong.xiao@linux.intel.com>
Cc: Stefan Hajnoczi <stefanha@redhat.com>
Signed-off-by: Corey Minyard <cminyard@mvista.com>
Message-Id: <1452519152-6500-2-git-send-email-minyard@acm.org>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
5 years agoipmi: do not take/drop iothread lock
Paolo Bonzini [Mon, 25 Jan 2016 12:46:43 +0000 (13:46 +0100)] 
ipmi: do not take/drop iothread lock

This is not necessary and actually causes a hang; it was probably copied
and pasted from KVM code, that is one of the very few places that run
outside iothread lock.

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
5 years agotarget-i386: Deconstruct the cpu_T array
Richard Henderson [Thu, 9 Jul 2015 07:15:22 +0000 (08:15 +0100)] 
target-i386: Deconstruct the cpu_T array

All references to cpu_T are done with a constant index.  It aids
readability to decompose the array into two scalar variables.

Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Richard Henderson <rth@twiddle.net>
Message-Id: <1436426122-12276-11-git-send-email-rth@twiddle.net>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
5 years agotarget-i386: Tidy gen_add_A0_im
Richard Henderson [Thu, 17 Dec 2015 19:19:25 +0000 (11:19 -0800)] 
target-i386: Tidy gen_add_A0_im

Merge gen_op_addl_A0_im and gen_op_addq_A0_im into gen_add_A0_im
and clean up the ifdef.

Replace the one remaining user of gen_op_addl_A0_im with gen_add_A0_im.

Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Richard Henderson <rth@twiddle.net>
Message-Id: <1450379966-28198-10-git-send-email-rth@twiddle.net>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
5 years agotarget-i386: Rewrite leave
Richard Henderson [Thu, 17 Dec 2015 19:19:24 +0000 (11:19 -0800)] 
target-i386: Rewrite leave

Unify the code across stack pointer widths.  Fix the note about
not updating ESP before the potential exception.

Signed-off-by: Richard Henderson <rth@twiddle.net>
Message-Id: <1450379966-28198-9-git-send-email-rth@twiddle.net>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
5 years agotarget-i386: Rewrite gen_enter inline
Richard Henderson [Thu, 17 Dec 2015 19:19:23 +0000 (11:19 -0800)] 
target-i386: Rewrite gen_enter inline

Use gen_lea_v_seg for centralized segment base knowledge.  Unify
code across 32- and 64-bit.  Fix note about "must save state"
before using the out-of-line helpers.

Signed-off-by: Richard Henderson <rth@twiddle.net>
Message-Id: <1450379966-28198-8-git-send-email-rth@twiddle.net>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
5 years agotarget-i386: Use gen_lea_v_seg in pusha/popa
Richard Henderson [Thu, 17 Dec 2015 19:19:22 +0000 (11:19 -0800)] 
target-i386: Use gen_lea_v_seg in pusha/popa

More centralization of handling of segment bases.
Also fixes the note about 16-bit wrap around not fully handled.

Signed-off-by: Richard Henderson <rth@twiddle.net>
Message-Id: <1450379966-28198-7-git-send-email-rth@twiddle.net>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
5 years agotarget-i386: Access segs via TCG registers
Richard Henderson [Thu, 17 Dec 2015 19:19:21 +0000 (11:19 -0800)] 
target-i386: Access segs via TCG registers

Having segs[].base as a register significantly improves code
generation for real and protected modes, particularly for TBs
that have multiple memory references where the segment base
can be held in a hard register through the TB.

Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Richard Henderson <rth@twiddle.net>
Message-Id: <1450379966-28198-6-git-send-email-rth@twiddle.net>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
5 years agotarget-i386: Use gen_lea_v_seg in stack subroutines
Richard Henderson [Thu, 17 Dec 2015 19:19:20 +0000 (11:19 -0800)] 
target-i386: Use gen_lea_v_seg in stack subroutines

I.e. gen_push_v, gen_pop_T0, gen_stack_A0.
More centralization of handling of segment bases.

Signed-off-by: Richard Henderson <rth@twiddle.net>
Message-Id: <1450379966-28198-5-git-send-email-rth@twiddle.net>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
5 years agotarget-i386: Use gen_lea_v_seg in gen_lea_modrm
Richard Henderson [Thu, 17 Dec 2015 19:19:19 +0000 (11:19 -0800)] 
target-i386: Use gen_lea_v_seg in gen_lea_modrm

Centralize handling of segment bases.

Signed-off-by: Richard Henderson <rth@twiddle.net>
Message-Id: <1450379966-28198-4-git-send-email-rth@twiddle.net>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
5 years agotarget-i386: Introduce mo_stacksize
Richard Henderson [Thu, 17 Dec 2015 19:19:18 +0000 (11:19 -0800)] 
target-i386: Introduce mo_stacksize

Centralize computation of a MO_SIZE for the stack pointer.

Signed-off-by: Richard Henderson <rth@twiddle.net>
Message-Id: <1450379966-28198-3-git-send-email-rth@twiddle.net>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
5 years agotarget-i386: Create gen_lea_v_seg
Richard Henderson [Thu, 17 Dec 2015 19:19:17 +0000 (11:19 -0800)] 
target-i386: Create gen_lea_v_seg

Add forgotten zero-extension in the TARGET_X86_64, !CODE64, ss32 case;
use this new function to implement gen_string_movl_A0_EDI,
gen_string_movl_A0_ESI, gen_add_A0_ds_seg.

Signed-off-by: Richard Henderson <rth@twiddle.net>
Message-Id: <1450379966-28198-2-git-send-email-rth@twiddle.net>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
5 years agochar: fix repeated registration of tcp chardev I/O handlers
Daniel P. Berrange [Mon, 8 Feb 2016 13:55:07 +0000 (13:55 +0000)] 
char: fix repeated registration of tcp chardev I/O handlers

In previous commit:

  commit f2001a7e0555b66d6db25a3ff1801540814045bb
  Author: Daniel P. Berrange <berrange@redhat.com>
  Date:   Tue Jan 19 11:14:30 2016 +0000

    char: don't assume telnet initialization will not block

The code which writes the telnet initialization sequence moved
to an event loop callback. If the TCP chardev is opened as a
server in blocking mode (ie -serial telnet:0.0.0.0:3000,server,wait)
this results in a state where the TCP chardev is connected, but not
yet ready to send/recv data when virtual hardware is created.

When the virtual hardware initialization registers its chardev
callbacks, it triggers tcp_chr_update_read_handler, which will
add I/O watches to the connection.

When the telnet initialization finally runs, it will then call
tcp_chr_connect to finish the connection setup. This will in
turn add I/O watches to the connection too.

There are now two sets of I/O watches registered on the same
connection. This ultimately causes data loss on the connection,
for example, when typing into the telnet console only every
second byte is echoed back to the client.

The same flaw can affect channels running with TLS encryption
too, since they also have delayed connection setup completion.

The fix is to update tcp_chr_update_read_handler so that it
avoids registering watches if the connection is not fully
setup yet.

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
Message-Id: <1454939707-10869-1-git-send-email-berrange@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
5 years agokvm-all: trace: strerror fixup
Andrew Jones [Mon, 1 Feb 2016 19:37:44 +0000 (20:37 +0100)] 
kvm-all: trace: strerror fixup

Signed-off-by: Andrew Jones <drjones@redhat.com>
Message-Id: <1454355464-14999-1-git-send-email-drjones@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
5 years agonbd: avoid unaligned uint64_t store
John Snow [Thu, 4 Feb 2016 10:27:55 +0000 (11:27 +0100)] 
nbd: avoid unaligned uint64_t store

cpu_to_be64w can't be used to make unaligned stores, but stq_be_p can.
Also, the st?_be_p takes a void* so it is more clearly suited to the
case where you're writing into a byte buffer.

Use the st?_be_p family of functions everywhere in nbd/server.c.

Signed-off-by: John Snow <jsnow@redhat.com>
[Changed to use st?_be_p everywhere. - Paolo]
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
5 years agoscripts/kvm/kvm_stat: Fix tracefs access checking
Janosch Frank [Wed, 3 Feb 2016 07:41:31 +0000 (08:41 +0100)] 
scripts/kvm/kvm_stat: Fix tracefs access checking

On kernels build without CONFIG_TRACING kvm_stat will bail out even
when traces are not used. This is not very helpful, especially if the
user can't install a new kernel. Instead, we should warn the user and
fall back to debugfs statistics.

These changes check if trace statistics were selected without kernel
support, warn with a small timeout, set the debugfs statistics option
to True and the tracefs one to False.

Fixes: 7aa4ee5 ('scripts/kvm/kvm_stat: Improve debugfs access checking')
Signed-off-by: Janosch Frank <frankja@linux.vnet.ibm.com>
Message-Id: <1454485291-43849-2-git-send-email-frankja@linux.vnet.ibm.com>
[Exit if -t is passed explicitly. - Paolo]
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
5 years agoqemu-nbd: Fix texi sentence capitalisation
Sitsofe Wheeler [Tue, 5 Jan 2016 07:33:32 +0000 (07:33 +0000)] 
qemu-nbd: Fix texi sentence capitalisation

Capitalise the first letter of sentences (and reword for grammar) the
options section of qemu-nbd.texi.

Signed-off-by: Sitsofe Wheeler <sitsofe@yahoo.com>
Message-Id: <1451979212-25479-4-git-send-email-sitsofe@yahoo.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
5 years agoqemu-nbd: Minor texi updates
Sitsofe Wheeler [Tue, 5 Jan 2016 07:33:31 +0000 (07:33 +0000)] 
qemu-nbd: Minor texi updates

- Change some spacing.
- Add disconnect usage to synopsis.
- Highlight the command and its options in the synopsis.
- Fix up the grammar in the description.
- Move filename variable description out of the option table.
- Add a description of the dev variable.
- Remove duplicate entry for --format.
- Reword --discard documentation.
- Add --detect-zeroes documentation.
- Add reference to qemu man page to see also section.

Signed-off-by: Sitsofe Wheeler <sitsofe@yahoo.com>
Message-Id: <1451979212-25479-3-git-send-email-sitsofe@yahoo.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
5 years agoqemu-nbd: Fix unintended texi verbatim formatting
Sitsofe Wheeler [Tue, 5 Jan 2016 07:33:30 +0000 (07:33 +0000)] 
qemu-nbd: Fix unintended texi verbatim formatting

Indented lines in the texi meant the perlpod produced interpreted the
paragraph as being verbatim (thus formatting codes were not
interpreted). Fix this by un-indenting problem lines.

Signed-off-by: Sitsofe Wheeler <sitsofe@yahoo.com>
Message-Id: <1451979212-25479-2-git-send-email-sitsofe@yahoo.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
5 years agohw: Add support for LSI SAS1068 (mptsas) device
Paolo Bonzini [Tue, 27 Oct 2015 17:26:06 +0000 (18:26 +0100)] 
hw: Add support for LSI SAS1068 (mptsas) device

This adds the SAS1068 device, a SAS disk controller used in VMware that
is oldish but widely supported and has decent performance.  Unlike
megasas, it presents itself as a SAS controller and not as a RAID
controller.  The device corresponds to the mptsas kernel driver in
Linux.

A few small things in the device setup are based on Don Slutz's old
patch, but the device emulation was written from scratch based on Don's
SeaBIOS patch and on the FreeBSD and Linux drivers.  It is 2400 lines
shorter than Don's patch (and roughly the same size as MegaSAS---also
because it doesn't support the similar SPI controller), implements SCSI
task management functions (with asynchronous cancellation), supports
big-endian hosts, has complete support for migration and follows the
QEMU coding standards much more closely.

To write the driver, I first split Don's patch in two parts, with
the configuration bits in one file and the rest in a separate file.
I first left mptconfig.c in place and rewrote the rest, then deleted
mptconfig.c as well.  The configuration pages are still based mostly on
VirtualBox's, though not exactly the same.  However, the implementation
is completely different.  The contents of the pages themselves should
not be copyrightable.

Signed-off-by: Don Slutz <Don@CloudSwitch.com>
Message-Id: <1347382813-5662-1-git-send-email-Don@CloudSwitch.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
5 years agoscsi-generic: grab device and port SAS addresses from backend
Paolo Bonzini [Tue, 12 Jan 2016 11:29:57 +0000 (12:29 +0100)] 
scsi-generic: grab device and port SAS addresses from backend

This lets a SAS adapter expose them through its own configuration
mechanism.

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
5 years agoscsi: push WWN fields up to SCSIDevice
Paolo Bonzini [Tue, 12 Jan 2016 10:47:00 +0000 (11:47 +0100)] 
scsi: push WWN fields up to SCSIDevice

SAS adapters need to access them in order to publish the SAS addresses
of the end devices connected to them.

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
5 years agoinclude/qemu/atomic.h: default to __atomic functions
Alex Bennée [Thu, 28 Jan 2016 10:15:17 +0000 (10:15 +0000)] 
include/qemu/atomic.h: default to __atomic functions

The __atomic primitives have been available since GCC 4.7 and provide
a richer interface for describing memory ordering requirements. As a
bonus by using the primitives instead of hand-rolled functions we can
use tools such as the ThreadSanitizer which need the use of well
defined APIs for its analysis.

If we have __ATOMIC defines we exclusively use the __atomic primitives
for all our atomic access. Otherwise we fall back to the mixture of
__sync and hand-rolled barrier cases.

Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
Message-Id: <1453976119-24372-4-git-send-email-alex.bennee@linaro.org>
[Use __ATOMIC_SEQ_CST for atomic_mb_read/atomic_mb_set on !POWER. - Paolo]
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
5 years agoconfigure: sanity check the glib library that pkg-config finds
Daniel P. Berrange [Wed, 27 Jan 2016 09:00:45 +0000 (09:00 +0000)] 
configure: sanity check the glib library that pkg-config finds

Developers on 64-bit machines will often try to perform a
32-bit build of QEMU by running

  ./configure --extra-cflags="-m32"

Unfortunately if PKG_CONFIG_LIBDIR is not set to point to
the location of the 32-bit pkg-config files, then configure
will silently pick up the 64-bit pkg-config files and still
succeed.

This causes a problem for glib because it means QEMU will
be pulling in /usr/lib64/glib-2.0/include/glibconfig.h
instead of /usr/lib/glib-2.0/include/glibconfig.h

This causes problems because the 'gsize' type (defined as
'unsigned long') will no longer be fully compatible with
the 'size_t' type (defined as 'unsigned int'). Although
both are the same size, the compiler refuses to allow
casts from 'unsigned long *' to 'unsigned int *' as they
are different pointer types. This results in non-obvious
compiler errors when building QEMU eg

qga/commands-posix.c: In function â€˜qmp_guest_set_user_password’:
qga/commands-posix.c:1912:55: error: passing argument 2 of â€˜g_base64_decode’ from incompatible pointer type [-Werror=incompatible-pointer-types]
     rawpasswddata = (char *)g_base64_decode(password, &rawpasswdlen);
                                                            ^
In file included from /usr/include/glib-2.0/glib.h:35:0,
                 from qga/commands-posix.c:14:
/usr/include/glib-2.0/glib/gbase64.h:52:9: note: expected â€˜gsize * {aka long unsigned int *}’ but argument is of type â€˜size_t * {aka unsigned int *}’
 guchar *g_base64_decode         (const gchar  *text,
         ^
cc1: all warnings being treated as errors

To detect this problem, add a check to configure that
verifies that GLIB_SIZEOF_SIZE_T matches sizeof(size_t).
If this fails print a warning suggesting that the dev
probably needs to set PKG_CONFIG_LIBDIR.

On Fedora x86_64 it passes with any of:

 # ./configure
 # PKG_CONFIG_LIBDIR=/usr/lib/pkgconfig ./configure --extra-cflags="-m32"
 # PKG_CONFIG_LIBDIR=/usr/lib64/pkgconfig ./configure --extra-cflags="-m64"

And fails with a mis-match

 # PKG_CONFIG_LIBDIR=/usr/lib64/pkgconfig ./configure --extra-cflags="-m32"
 # PKG_CONFIG_LIBDIR=/usr/lib/pkgconfig ./configure --extra-cflags="-m64"

ERROR: sizeof(size_t) doesn't match GLIB_SIZEOF_SIZE_T.
       You probably need to set PKG_CONFIG_LIBDIR
       to point to the right pkg-config files for your
       build target

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
Message-Id: <1453885245-15562-1-git-send-email-berrange@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
5 years agoqemu-char: Keep pty slave file descriptor open until the master is closed
Paolo Bonzini [Tue, 19 Jan 2016 13:13:29 +0000 (14:13 +0100)] 
qemu-char: Keep pty slave file descriptor open until the master is closed

If a process opens the slave pts device, writes data to it, then
immediately closes it, the data doesn't reliably get delivered to the
emulated serial port. This seems to be because a read of the master
pty device returns EIO on Linux if no process has the pts device open,
even when data is waiting "in the pipe".

A fix seems to be for QEMU to keep the pts file descriptor open until
the pty is closed, as per the below patch.

Signed-off-by: Ashley Jonathan <jonathan.ashley@altran.com>
Message-Id: <AC19797808C8D548ABDE0CA4A97AA30A30DEB409@XMB-DCFR-37.europe.corp.altran.com>
Reviewed-by: Michael Tokarev <mjt@tls.msk.ru>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
5 years agomemory: RCU ram_list.dirty_memory[] for safe RAM hotplug
Stefan Hajnoczi [Mon, 25 Jan 2016 13:33:20 +0000 (13:33 +0000)] 
memory: RCU ram_list.dirty_memory[] for safe RAM hotplug

Although accesses to ram_list.dirty_memory[] use atomics so multiple
threads can safely dirty the bitmap, the data structure is not fully
thread-safe yet.

This patch handles the RAM hotplug case where ram_list.dirty_memory[] is
grown.  ram_list.dirty_memory[] is change from a regular bitmap to an
RCU array of pointers to fixed-size bitmap blocks.  Threads can continue
accessing bitmap blocks while the array is being extended.  See the
comments in the code for an in-depth explanation of struct
DirtyMemoryBlocks.

I have tested that live migration with virtio-blk dataplane works.

Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
Message-Id: <1453728801-5398-2-git-send-email-stefanha@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
5 years agomemory: add early bail out from cpu_physical_memory_set_dirty_range
Paolo Bonzini [Mon, 25 Jan 2016 14:13:47 +0000 (15:13 +0100)] 
memory: add early bail out from cpu_physical_memory_set_dirty_range

This condition is true in the common case, so we can cut out the body of
the function.  In addition, this makes it easier for the compiler to do
at least partial inlining, even if it decides that fully inlining the
function is unreasonable.

Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
5 years agoMerge remote-tracking branch 'remotes/stsquad/tags/pull-build-test-20160209' into...
Peter Maydell [Tue, 9 Feb 2016 14:21:20 +0000 (14:21 +0000)] 
Merge remote-tracking branch 'remotes/stsquad/tags/pull-build-test-20160209' into staging

This is the third attempt for this pull request.

Since the v4 was posted:
 - fixed merge conflict with ed7f5f1d8db06fc31352a5ef4f54985e630c575a
 - added cleaner separation line to MAINTAINERS at Fam's request
 - skip "make check" for --enable-trace-backends=simple (see 41fc57e44ed)

# gpg: Signature made Tue 09 Feb 2016 12:33:45 GMT using RSA key ID 5A9E2A44
# gpg: Good signature from "Alex Bennée (Master Work Key) <alex.bennee@linaro.org>"

* remotes/stsquad/tags/pull-build-test-20160209:
  MAINTAINERS: Add .travis.yml
  .travis.yml: reduce the test matrix a little
  .travis.yml: enable ccache for the builds
  .travis.yml: enable each of the co-routine backends
  .travis.yml: run make check for all matrix targets
  .travis.yml: migrate to container builds

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
5 years agoblock: add missing call to bdrv_drain_recurse
Paolo Bonzini [Wed, 23 Dec 2015 10:48:25 +0000 (11:48 +0100)] 
block: add missing call to bdrv_drain_recurse

This is also needed in bdrv_drain_all, not just in bdrv_drain.

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Reviewed-by: Fam Zheng <famz@redhat.com>
Reviewed-by: Kevin Wolf <kwolf@redhat.com>
Message-id: 1450867706-19860-3-git-send-email-pbonzini@redhat.com
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
5 years agoblockjob: Fix hang in block_job_finish_sync
Fam Zheng [Tue, 2 Feb 2016 02:12:24 +0000 (10:12 +0800)] 
blockjob: Fix hang in block_job_finish_sync

With a mirror job running on a virtio-blk dataplane disk, sending "q" to
HMP will cause a dead loop in block_job_finish_sync.

This is because the aio_poll() only processes the AIO context of bs
which has no more work to do, while the main loop BH that is scheduled
for setting the job->completed flag is never processed.

Fix this by adding a flag in BlockJob structure, to track which context
to poll for the block job to make progress. Its value is set to true
when block_job_coroutine_complete() is called, and is checked in
block_job_finish_sync to determine which context to poll.

Suggested-by: Stefan Hajnoczi <stefanha@redhat.com>
Signed-off-by: Fam Zheng <famz@redhat.com>
Message-id: 1454379144-29807-1-git-send-email-famz@redhat.com
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
5 years agoiov: avoid memcpy for "simple" iov_from_buf/iov_to_buf
Paolo Bonzini [Tue, 22 Dec 2015 11:03:33 +0000 (12:03 +0100)] 
iov: avoid memcpy for "simple" iov_from_buf/iov_to_buf

memcpy can take a large amount of time for small reads and writes.
For virtio it is a common case that the first iovec can satisfy the
whole read or write.  In that case, and if bytes is a constant to
avoid excessive growth of code, inline the first iteration
into the caller.

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Message-id: 1450782213-14227-1-git-send-email-pbonzini@redhat.com
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
5 years agoHACKING: Add a section on error handling and reporting
Markus Armbruster [Wed, 3 Feb 2016 18:03:48 +0000 (19:03 +0100)] 
HACKING: Add a section on error handling and reporting

Inspired by an RFC PATCH from Lluís Vilanova.

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Message-Id: <1454522628-28294-3-git-send-email-armbru@redhat.com>
Reviewed-by: Lluís Vilanova <vilanova@ac.upc.edu>
5 years agoerror: Improve documentation some more
Markus Armbruster [Wed, 3 Feb 2016 18:03:47 +0000 (19:03 +0100)] 
error: Improve documentation some more

Don't claim error_report_err() always reports to stderr.  It actually
reports to the current monitor when we have one.

Clarify intended use of error_abort and error_fatal.

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Message-Id: <1454522628-28294-2-git-send-email-armbru@redhat.com>
Reviewed-by: Lluís Vilanova <vilanova@ac.upc.edu>
5 years agoMerge remote-tracking branch 'remotes/armbru/tags/pull-qapi-2016-02-09' into staging
Peter Maydell [Tue, 9 Feb 2016 11:42:43 +0000 (11:42 +0000)] 
Merge remote-tracking branch 'remotes/armbru/tags/pull-qapi-2016-02-09' into staging

QAPI patches for 2016-02-09

# gpg: Signature made Tue 09 Feb 2016 10:55:51 GMT using RSA key ID EB918653
# gpg: Good signature from "Markus Armbruster <armbru@redhat.com>"
# gpg:                 aka "Markus Armbruster <armbru@pond.sub.org>"

* remotes/armbru/tags/pull-qapi-2016-02-09: (31 commits)
  qapi: Add missing JSON files in build dependencies
  qapi: Fix compilation failure on MIPS and SPARC
  qmp: Don't abuse stack to track qmp-output root
  qmp: Fix reference-counting of qnull on empty output visit
  qapi: Drop unused error argument for list and implicit struct
  qapi: Tighten qmp_input_end_list()
  qapi: Drop unused 'kind' for struct/enum visit
  qapi: Swap 'name' in visit_* callbacks to match public API
  qom: Swap 'name' next to visitor in ObjectPropertyAccessor
  qapi: Swap visit_* arguments for consistent 'name' placement
  qom: Use typedef for Visitor
  qapi: Don't cast Enum* to int*
  qapi: Consolidate visitor small integer callbacks
  qapi: Make all visitors supply uint64 callbacks
  qapi: Prefer type_int64 over type_int in visitors
  qapi-visit: Kill unused visit_end_union()
  qapi: Track all failures between visit_start/stop
  qapi: Improve generated event use of qapi visitor
  balloon: Improve use of qapi visitor
  vl: Ensure qapi visitor properly ends struct visit
  ...

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
5 years agoMerge remote-tracking branch 'remotes/rth/tags/pull-tcg-20160209' into staging
Peter Maydell [Tue, 9 Feb 2016 09:22:23 +0000 (09:22 +0000)] 
Merge remote-tracking branch 'remotes/rth/tags/pull-tcg-20160209' into staging

Queued TCG patches

# gpg: Signature made Mon 08 Feb 2016 23:57:30 GMT using RSA key ID 4DD0279B
# gpg: Good signature from "Richard Henderson <rth7680@gmail.com>"
# gpg:                 aka "Richard Henderson <rth@redhat.com>"
# gpg:                 aka "Richard Henderson <rth@twiddle.net>"

* remotes/rth/tags/pull-tcg-20160209:
  tcg: Introduce temp_load
  tcg: Change temp_save argument to TCGTemp
  tcg: Change temp_sync argument to TCGTemp
  tcg: Change temp_dead argument to TCGTemp
  tcg: Change reg_to_temp to TCGTemp pointer
  tcg: Remove tcg_get_arg_str_i32/64
  tcg: More use of TCGReg where appropriate
  tcg: Work around clang bug wrt enum ranges
  tcg: Tidy temporary allocation
  tcg: Change ts->mem_reg to ts->mem_base
  tcg: Change tcg_global_mem_new_* to take a TCGv_ptr
  tcg: Remove lingering references to gen_opc_buf
  tcg: Respect highwater in tcg_out_tb_finalize

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
5 years agotcg: Introduce temp_load
Richard Henderson [Thu, 19 Sep 2013 15:02:05 +0000 (08:02 -0700)] 
tcg: Introduce temp_load

Unify all of the places that realize a temporary into a register.

Reviewed-by: Aurelien Jarno <aurelien@aurel32.net>
Signed-off-by: Richard Henderson <rth@twiddle.net>
5 years agotcg: Change temp_save argument to TCGTemp
Richard Henderson [Wed, 18 Sep 2013 22:35:32 +0000 (15:35 -0700)] 
tcg: Change temp_save argument to TCGTemp

Reviewed-by: Aurelien Jarno <aurelien@aurel32.net>
Signed-off-by: Richard Henderson <rth@twiddle.net>
5 years agotcg: Change temp_sync argument to TCGTemp
Richard Henderson [Wed, 18 Sep 2013 22:33:00 +0000 (15:33 -0700)] 
tcg: Change temp_sync argument to TCGTemp

Reviewed-by: Aurelien Jarno <aurelien@aurel32.net>
Signed-off-by: Richard Henderson <rth@twiddle.net>