aboutsummaryrefslogtreecommitdiff
AgeCommit message (Collapse)Author
2013-01-27target-arm: Catch attempt to instantiate abstract type in cpu_init()Andreas Färber
This fixes -cpu arm-cpu asserting. Cc: qemu-stable@nongnu.org Acked-by: Peter Maydell <peter.maydell@linaro.org> Signed-off-by: Andreas Färber <afaerber@suse.de>
2013-01-27target-alpha: Catch attempt to instantiate abstract type in cpu_init()Andreas Färber
This fixes -cpu alpha-cpu asserting. Cc: qemu-stable@nongnu.org Signed-off-by: Andreas Färber <afaerber@suse.de>
2013-01-27qom: Introduce object_class_is_abstract()Andreas Färber
This lets a caller check if an ObjectClass as returned by, e.g., object_class_by_name() is instantiatable. Signed-off-by: Andreas Färber <afaerber@suse.de> Cc: Anthony Liguori <anthony@codemonkey.ws>
2013-01-27target-unicore32: Detect attempt to instantiate non-CPU type in cpu_init()Andreas Färber
Consolidate model checking into a new uc32_cpu_class_by_name(). If the name matches an existing type, also check whether that type is actually (a sub-type of) TYPE_UNICORE32_CPU. This fixes, e.g., -cpu puv3_dma asserting. Cc: qemu-stable@nongnu.org Signed-off-by: Andreas Färber <afaerber@suse.de>
2013-01-27target-openrisc: Detect attempt to instantiate non-CPU type in cpu_init()Andreas Färber
Consolidate model checking into a new openrisc_cpu_class_by_name(). If the name matches an existing type, also check whether that type is actually (a sub-type of) TYPE_OPENRISC_CPU. This fixes, e.g., -cpu open_eth asserting. Cc: qemu-stable@nongnu.org Signed-off-by: Andreas Färber <afaerber@suse.de>
2013-01-27target-m68k: Detect attempt to instantiate non-CPU type in cpu_init()Andreas Färber
Consolidate model checking into a new m68k_cpu_class_by_name(). If the name matches an existing type, also check whether that type is (a sub-type of) TYPE_M68K_CPU. This fixes, e.g., -cpu ide-hd asserting. Signed-off-by: Andreas Färber <afaerber@suse.de>
2013-01-27target-alpha: Detect attempt to instantiate non-CPU type in cpu_init()Andreas Färber
Check in alpha_cpu_class_by_name() whether the type found is actually (a sub-type of) TYPE_ALPHA_CPU. This fixes, e.g., -cpu typhoon-pcihost asserting. Signed-off-by: Andreas Färber <afaerber@suse.de>
2013-01-27target-arm: Detect attempt to instantiate non-CPU type in cpu_init()Andreas Färber
Consolidate model checking into a new arm_cpu_class_by_name(). If the name matches an existing type, also check whether that type is actually (a sub-type of) TYPE_ARM_CPU. This fixes, e.g., -cpu tmp105 asserting. Cc: qemu-stable <qemu-stable@nongnu.org> Acked-by: Peter Maydell <peter.maydell@linaro.org> Signed-off-by: Andreas Färber <afaerber@suse.de>
2013-01-27cpu: Add model resolution support to CPUClassAndreas Färber
Introduce CPUClass::class_by_name and add a default implementation. Hook up the alpha and ppc implementations. Introduce a wrapper function cpu_class_by_name(). Signed-off-by: Andreas Färber <afaerber@suse.de>
2013-01-27target-i386: Remove setting tsc-frequency from x86_def_tIgor Mammedov
Setting tsc-frequency from x86_def_t is NOP because default tsc_khz in x86_def_t is 0 and CPUX86State.tsc_khz is also initialized to 0 by default. So there is no need to overwrite tsc_khz with default 0 because field was already initialized to 0. Custom tsc-frequency setting is not affected due to it being set without using x86_def_t. Field tsc_khz in x86_def_t becomes unused with this patch, so drop it as well. Signed-off-by: Igor Mammedov <imammedo@redhat.com> Reviewed-by: Eduardo Habkost <ehabkost@redhat.com> Signed-off-by: Andreas Färber <afaerber@suse.de>
2013-01-27target-i386: Set custom features/properties without intermediate x86_def_tIgor Mammedov
Move custom features parsing after built-in cpu_model defaults are set and set custom features directly on CPU instance. That allows to make a clear distinction between built-in cpu model defaults that eventually should go into class_init() and extra property setting which is done after defaults are set on CPU instance. Impl. details: * use object_property_parse() property setter so it would be a mechanical change to switch to global properties later. * And after all current features/properties are converted into static properties, it will take a trivial patch to switch to global properties. Which will allow to: * get CPU instance initialized with all parameters passed on -cpu ... cmd. line from object_new() call. * call cpu_model/featurestr parsing only once before CPUs are created * open a road for removing CPUxxxState.cpu_model_str field, when other CPUs are similarly converted to subclasses and static properties. - re-factor error handling, to use Error instead of fprintf()s, since it is anyway passed in for property setter. Signed-off-by: Igor Mammedov <imammedo@redhat.com> Signed-off-by: Andreas Färber <afaerber@suse.de>
2013-01-27target-i386: Remove vendor_override field from CPUX86StateIgor Mammedov
Commit 8935499831312 makes cpuid return to guest host's vendor value instead of built-in one by default if kvm_enabled() == true and allows to override this behavior if 'vendor' is specified on -cpu command line. But every time guest calls cpuid to get 'vendor' value, host's value is read again and again in default case. It complicates semantics of vendor property and makes it harder to use. Instead of reading 'vendor' value from host every time cpuid[vendor] is called, override 'vendor' value only once in cpu_x86_find_by_name(), when built-in CPU model is found and if(kvm_enabled() == true). It provides the same default semantics if (kvm_enabled() == true) vendor = host's vendor else vendor = built-in vendor and then later: if (custom vendor) vendor = custom vendor 'vendor' value is overridden when user provides it on -cpu command line, and there is no need for vendor_override field anymore, remove it. Signed-off-by: Igor Mammedov <imammedo@redhat.com> Signed-off-by: Andreas Färber <afaerber@suse.de>
2013-01-27target-i386: Replace uint32_t vendor fields by vendor string in x86_def_tIgor Mammedov
Vendor property setter takes string as vendor value but cpudefs use uint32_t vendor[123] fields to define vendor value. It makes it difficult to unify and use property setter for values from cpudefs. Simplify code by using vendor property setter, vendor[123] fields are converted into vendor[13] array to keep its value. And vendor property setter is used to access/set value on CPU. - Make for() cycle reusable for the next patch by adding x86_cpu_vendor_words2str() Intel's CPUID spec[1] says: " 5.1.1 ... These registers contain the ASCII string: GenuineIntel ... " List[2] of known vendor values shows that they all are 12 ASCII characters long, padded where necessary with space. Current supported values are all ASCII characters packed in ebx, edx, ecx. So lets state that QEMU supports 12 printable ASCII characters packed in ebx, edx, ecx registers for cpuid(0) instruction. *1 - http://www.intel.com/Assets/PDF/appnote/241618.pdf *2 - http://en.wikipedia.org/wiki/CPUID#EAX.3D0:_Get_vendor_ID Signed-off-by: Igor Mammedov <imammedo@redhat.com> Signed-off-by: Andreas Färber <afaerber@suse.de>
2013-01-27target-i386: Print deprecation warning if xlevel < 0x80000000Igor Mammedov
Signed-off-by: Igor Mammedov <imammedo@redhat.com> Reviewed-by: Eduardo Habkost <ehabkost@redhat.com> Signed-off-by: Andreas Färber <afaerber@suse.de>
2013-01-27target-i386: Drop redundant list of CPU definitionsAndreas Färber
It is no longer needed since dropping cpudef config file support. Cleaning this up removes knowledge about other models from x86_def_t, in preparation for reusing x86_def_t as intermediate step towards pure QOM X86CPU subclasses. Signed-off-by: Andreas Färber <afaerber@suse.de>
2013-01-27target-i386: Simplify cpu_x86_find_by_name()Andreas Färber
Catch NULL name argument early to avoid repeated checks. Similarly, check for -cpu host early and untangle from iterating through model definitions. This prepares for introducing X86CPU subclasses. Signed-off-by: Andreas Färber <afaerber@suse.de>
2013-01-27pc: Generate APIC IDs according to CPU topologyEduardo Habkost
This keeps compatibility on machine-types pc-1.2 and older, and prints a warning in case the requested configuration won't get the correct topology. I couldn't think of a better way to warn about broken topology when in compat mode other than using error_report(). The warning message will probably be buried in a log file somewhere, but it's better than nothing. Signed-off-by: Eduardo Habkost <ehabkost@redhat.com> Signed-off-by: Andreas Färber <afaerber@suse.de>
2013-01-27target-i386: Topology & APIC ID utility functionsEduardo Habkost
This introduces utility functions for the APIC ID calculation, based on: Intel® 64 Architecture Processor Topology Enumeration http://software.intel.com/en-us/articles/intel-64-architecture-processor-topology-enumeration/ The code should be compatible with AMD's "Extended Method" described at: AMD CPUID Specification (Publication #25481) Section 3: Multiple Core Calcuation as long as: - nr_threads is set to 1; - OFFSET_IDX is assumed to be 0; - CPUID Fn8000_0008_ECX[ApicIdCoreIdSize[3:0]] is set to apicid_core_width(). Unit tests included. Signed-off-by: Eduardo Habkost <ehabkost@redhat.com> Signed-off-by: Andreas Färber <afaerber@suse.de>
2013-01-27pc: Set fw_cfg data based on APIC ID calculationEduardo Habkost
This changes FW_CFG_MAX_CPUS and FW_CFG_NUMA to use apic_id_for_cpu(), so the NUMA table can be based on the APIC IDs, instead of CPU index (SeaBIOS knows nothing about CPU indexes, just APIC IDs). Signed-off-by: Eduardo Habkost <ehabkost@redhat.com> Signed-off-by: Andreas Färber <afaerber@suse.de>
2013-01-27cpus.h: Make constant smp_cores/smp_threads available on *-userEduardo Habkost
The code that calculates the APIC ID will use smp_cores/smp_threads, so just define them as 1 on *-user to avoid #ifdefs in the code. Signed-off-by: Eduardo Habkost <ehabkost@redhat.com> Signed-off-by: Andreas Färber <afaerber@suse.de>
2013-01-27fw_cfg: Remove FW_CFG_MAX_CPUS from fw_cfg_init()Eduardo Habkost
PC will not use max_cpus for that field, so move it outside the common code so it can use a different value on PC. Signed-off-by: Eduardo Habkost <ehabkost@redhat.com> Signed-off-by: Andreas Färber <afaerber@suse.de>
2013-01-27target-i386: Introduce x86_cpu_apic_id_from_index() functionEduardo Habkost
This function will be used by both the CPU initialization code and the fw_cfg table initialization code. Later this function will be updated to generate APIC IDs according to the CPU topology. Signed-off-by: Eduardo Habkost <ehabkost@redhat.com> Signed-off-by: Andreas Färber <afaerber@suse.de>
2013-01-27target-i386: kvm: Set vcpu_id to APIC ID instead of CPU indexEduardo Habkost
The CPU ID in KVM is supposed to be the APIC ID, so change the KVM_CREATE_VCPU call to match it. The current behavior didn't break anything yet because today the APIC ID is assumed to be equal to the CPU index, but this won't be true in the future. Signed-off-by: Eduardo Habkost <ehabkost@redhat.com> Reviewed-by: Marcelo Tosatti <mtosatti@redhat.com> Acked-by: Gleb Natapov <gleb@redhat.com> Signed-off-by: Andreas Färber <afaerber@suse.de>
2013-01-27kvm: Create kvm_arch_vcpu_id() functionEduardo Habkost
This will allow each architecture to define how the VCPU ID is set on the KVM_CREATE_VCPU ioctl call. Signed-off-by: Eduardo Habkost <ehabkost@redhat.com> Acked-by: Gleb Natapov <gleb@redhat.com> Signed-off-by: Andreas Färber <afaerber@suse.de>
2013-01-27pc: Reverse pc_init_pci() compatibility logicEduardo Habkost
Currently, the pc-1.4 machine init function enables PV EOI and then calls the pc-1.2 machine init function. The problem with this approach is that now we can't enable any additional compatibility code inside the pc-1.2 init function because it would end up enabling the compatibility behavior on pc-1.3 and pc-1.4 as well. This reverses the logic so that the pc-1.2 machine init function will disable PV EOI, and then call the pc-1.4 machine init function. This way we can change older machine-types to enable compatibility behavior, and the newer machine-types (pc-1.3, pc-q35-1.4 and pc-i440fx-1.4) would just use the default behavior. (This means that one nice side-effect of this change is that pc-q35-1.4 will get PV EOI enabled by default, too) It would be interesting to eventually change pc_init_pci_no_kvmclock() and pc_init_isa() to reuse pc_init_pci_1_2() as well (so we don't need to duplicate compatibility code on those two functions). But this will be probably much easier to do after we create a PCInitArgs struct for the PC initialization arguments, and/or after we use global-properties to implement the compatibility modes present in pc_init_pci_1_2(). Signed-off-by: Eduardo Habkost <ehabkost@redhat.com> Acked-by: Michael S. Tsirkin <mst@redhat.com> Reviewed-by: Marcelo Tosatti <mtosatti@redhat.com> Signed-off-by: Andreas Färber <afaerber@suse.de>
2013-01-27target-i386: Don't set any KVM flag by default if KVM is disabledEduardo Habkost
This is a cleanup that tries to solve two small issues: - We don't need a separate kvm_pv_eoi_features variable just to keep a constant calculated at compile-time, and this style would require adding a separate variable (that's declared twice because of the CONFIG_KVM ifdef) for each feature that's going to be enabled/disabled by machine-type compat code. - The pc-1.3 code is setting the kvm_pv_eoi flag on cpuid_kvm_features even when KVM is disabled at runtime. This small inconsistency in the cpuid_kvm_features field isn't a problem today because cpuid_kvm_features is ignored by the TCG code, but it may cause unexpected problems later when refactoring the CPUID handling code. This patch eliminates the kvm_pv_eoi_features variable and simply uses kvm_enabled() inside the enable_kvm_pv_eoi() compat function, so it enables kvm_pv_eoi only if KVM is enabled. I believe this makes the behavior of enable_kvm_pv_eoi() clearer and easier to understand. Signed-off-by: Eduardo Habkost <ehabkost@redhat.com> Acked-by: Gleb Natapov <gleb@redhat.com> Reviewed-by: Marcelo Tosatti <mtosatti@redhat.com> Signed-off-by: Andreas Färber <afaerber@suse.de>
2013-01-27kvm: Add fake KVM_FEATURE_CLOCKSOURCE_STABLE_BIT for builds without KVMEduardo Habkost
Signed-off-by: Eduardo Habkost <ehabkost@redhat.com> Acked-by: Marcelo Tosatti <mtosatti@redhat.com> Signed-off-by: Andreas Färber <afaerber@suse.de>
2013-01-27target-openrisc: Clean up triple QOM castsAndreas Färber
Instead of calling openrisc_env_get_cpu(), casting to CPU() via the ENV_GET_CPU() compatibility macro and casting back to OPENRISC_CPU(), just call openrisc_env_get_cpu() directly. ENV_GET_CPU() is meant as workaround for target-independent code only. Signed-off-by: Andreas Färber <afaerber@suse.de>
2013-01-27target-openrisc: Drop OpenRISCCPUListAndreas Färber
It was missed in 92a3136174f60ee45b113296cb2c2a5225b00369 (cpu: Introduce CPUListState struct) because its naming did not match the *CPUListState pattern. Use the generalized CPUListState instead. Signed-off-by: Andreas Färber <afaerber@suse.de>
2013-01-27xilinx_ethlite: Avoid build warnings in debug codeEdgar E. Iglesias
Signed-off-by: Edgar E. Iglesias <edgar.iglesias@gmail.com>
2013-01-27m25p80.c: Return state to IDLE after COLLECTINGPeter Crosthwaite
Default to moving back to the IDLE state after the COLLECTING_DATA state. For a well behaved guest this patch has no consequence, but A bad guest could crash QEMU by using one of the erase commands followed by a longer than 5 byte argument (undefined behaviour). Signed-off-by: Peter Crosthwaite <peter.crosthwaite@xilinx.com> Signed-off-by: Edgar E. Iglesias <edgar.iglesias@gmail.com>
2013-01-27xilinx_ethlite: Flush queued packets on SW servicePeter Crosthwaite
Software services a received packet by clearing the CTRL_S bit in the RX_CTRLn register. If this bit is cleared, flush any packets queued for the device. Reported-by: John Williams <john.williams@xilinx.com> Signed-off-by: Peter Crosthwaite <peter.crosthwaite@xilinx.com> Signed-off-by: Edgar E. Iglesias <edgar.iglesias@gmail.com>
2013-01-27xilinx_ethlite: fix eth_can_rx() for ping-pongPeter Crosthwaite
The eth_can_rx() function only checks the first buffers status ("ping"). The controller should be able to receive into "pong" when ping-pong is enabled. Checks the active buffer (either "ping" or "pong") when determining can_rx() rather than just testing "ping". Signed-off-by: Peter Crosthwaite <peter.crosthwaite@xilinx.com> Signed-off-by: Edgar E. Iglesias <edgar.iglesias@gmail.com>
2013-01-26Merge branch 'ppc-for-upstream' of git://repo.or.cz/qemu/agrafBlue Swirl
* 'ppc-for-upstream' of git://repo.or.cz/qemu/agraf: PPC: e500: Select MPIC v4.2 on ppce500 platform PPC: e500: fix mpic_iack address openpic: add basic support for MPIC v4.2 openpic: fix timer address decoding openpic: fix remaining issues from idr-to-destmask conversion pseries: Adjust default VIO address allocations to play better with libvirt pseries: Improve handling of multiple PCI host bridges target-ppc: Give a meaningful error if too many threads are specified cuda: Move ADB bus into CUDA state adb: QOM'ify ADB devices adb: QOM'ify Apple Desktop Bus cuda: QOM'ify CUDA ide/macio: QOM'ify MacIO IDE mac_nvram: QOM'ify MacIO NVRAM mac_nvram: Mark as Big Endian mac_nvram: Clean up public API macio: Split MacIO in two macio: Delay qdev init until all fields are initialized macio: QOM'ify some more ppc: Move Mac machines to hw/ppc/
2013-01-26tests: Add gcov support for x86_64 qtestAndreas Färber
Since x86_64 is a superset of i386 and reuses all its test cases, adopt all the i386 gcov source files as well, substituting their paths appropriately. Signed-off-by: Andreas Färber <afaerber@suse.de> Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
2013-01-26tests: Add gcov support for sparc64 qtestAndreas Färber
m48t59-test is individually being executed for sparc and sparc64, so add the gcov source file for sparc64 as well. Signed-off-by: Andreas Färber <afaerber@suse.de> Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
2013-01-26tests: Fix gcov typo for tmp105-testAndreas Färber
Commit 6e9989034b176a8e4cfdccd85892abfa73977ba7 introduced a new qtest test case but misspelled gcov, leading to no coverage analysis. Fix it. Signed-off-by: Andreas Färber <afaerber@suse.de> Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
2013-01-26vmware_vga: fix out of bounds and invalid rects updatingMichael Tokarev
This is a follow up for several attempts to fix this issue. Previous incarnations: 1. http://thread.gmane.org/gmane.linux.ubuntu.bugs.general/3156089 https://bugs.launchpad.net/bugs/918791 "qemu-kvm dies when using vmvga driver and unity in the guest" bug. Fix by Serge Hallyn: https://launchpadlibrarian.net/94916786/qemu-vmware.debdiff This fix is incomplete, since it does not check width and height for being negative. Serge weren't sure if that's the right place to fix it, maybe the fix should be up the stack somewhere. 2. http://thread.gmane.org/gmane.comp.emulators.qemu/166064 by Marek Vasut: "vmware_vga: Redraw only visible area" This one adds the (incomplete) check to vmsvga_update_rect_delayed(), the routine just queues the rect updating but does no interesting stuff. It is also incomplete in the same way as patch by Serge, but also does not touch width&height at all after adjusting x&y, which is wrong. As far as I can see, when processing guest requests, the device places them into a queue (vmsvga_update_rect_delayed()) and processes this queue in different place/time, namely, in vmsvga_update_rect(). Sometimes, vmsvga_update_rect() is called directly, without placing the request to the gueue. This is the place this patch changes, which is the last (deepest) in the stack. I'm not sure if this is the right place still, since it is possible we have some queue optimization (or may have in the future) which will be upset by negative/wrong values here, so maybe we should check for validity of input right when receiving request from the guest (and maybe even use unsigned types there). But I don't know the protocol and implementation enough to have a definitive answer. But since vmsvga_update_rect() has other sanity checks already, I'm adding the missing ones there as well. Cc'ing BALATON Zoltan and Andrzej Zaborowski who shows in `git blame' output and may know something in this area. If this patch is accepted, it should be applied to all active stable branches (at least since 1.1, maybe even before), with minor context change (ds_get_*(s->vga.ds) => s->*). I'm not Cc'ing -stable yet, will do it explicitly once the patch is accepted. BTW, these checks use fprintf(stderr) -- it should be converted to something more appropriate, since stderr will most likely disappear somewhere. Cc: Marek Vasut <marex@denx.de> CC: Serge Hallyn <serge.hallyn@ubuntu.com> Cc: BALATON Zoltan <balaton@eik.bme.hu> Cc: Andrzej Zaborowski <balrogg@gmail.com> Signed-off-by: Michael Tokarev <mjt@tls.msk.ru> Reviewed-by: Marek Vasut <marex@denx.de> Signed-off-by: Serge Hallyn <serge.hallyn@ubuntu.com> Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
2013-01-26tests: add fuzzing to visitor testsBlue Swirl
Perform input tests on random data. Improvement to code coverage for qapi/string-input-visitor.c is about 3 percentage points. Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
2013-01-26build: remove *.lo, *.a, *.la files from all subdirectories on make cleanPaolo Bonzini
.lo files in stubs/, util/ and libcacard/ were not cleaned. Fix this. Cc: Blue Swirl <blauwirbel@gmail.com> Reported-by: Stefan Hajnoczi <stefanha@redhat.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com> Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com> Reviewed-by: Michal Privoznik <mprivozn@redhat.com> Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
2013-01-26hw/arm_boot: Align device tree to 4KB boundary, not pagePeter Maydell
Align the device tree blob to a 4KB boundary, not to QEMU's idea of a page boundary -- the latter is the smallest possible page size for the architecture, which on ARM is 1KB. The documentation for Linux does not impose separation or alignment requirements on the device tree blob, but in practice some kernels will happily trash the entire page the initrd ends in after they have finished uncompressing the initrd. So 4KB-align the DTB to ensure it does not get trampled by these kernels. Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
2013-01-26qemu-char: Avoid unused variable warning in some configsPeter Maydell
Avoid unused variable warnings: qemu-char.c: In function 'qmp_chardev_open_port': qemu-char.c:3132: warning: unused variable 'fd' qemu-char.c:3132: warning: unused variable 'flags' in configurations with neither HAVE_CHARDEV_TTY nor HAVE_CHARDEV_PARPORT set. Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
2013-01-26make_device_config.sh: Fix target path in generated dependency fileAndreas Färber
config-devices.mak.d is included from Makefile.target, i.e. from inside the *-softmmu/ directory. It included the directory path, so never applied to the actual ./config-devices.mak. Symptoms were spurious build failures due to missing dependency on default-configs/pci.mak. Fix this by using `basename` to strip the directory path. Reported-by: Gerhard Wiesinger <lists@wiesinger.com> Cc: qemu-stable@nongnu.org Signed-off-by: Andreas Färber <afaerber@suse.de> Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
2013-01-26fw_cfg: Drop a few superfluous initializersMarkus Armbruster
Signed-off-by: Markus Armbruster <armbru@redhat.com> Reviewed-by: Laszlo Ersek <lersek@redhat.com> Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
2013-01-26fw_cfg: Splash image loader can overrun a stack variable, fixMarkus Armbruster
read_splashfile() passes the address of an int variable as size_t * parameter to g_file_get_contents(), with a cast to gag the compiler. No problem on machines where sizeof(size_t) == sizeof(int). Happens to work on my x86_64 box (64 bit little endian): the least significant 32 bits of the file size end up in the right place (caller's variable file_size), and the most significant 32 bits clobber a place that gets assigned to before its next use (caller's variable file_type). I'd expect it to break on a 64 bit big-endian box. Fix up the variable types and drop the problematic cast. Signed-off-by: Markus Armbruster <armbru@redhat.com> Reviewed-by: Laszlo Ersek <lersek@redhat.com> Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
2013-01-26softfloat: Handle float_muladd_negate_c when product is zeroRichard Sandiford
Honour float_muladd_negate_c in the case where the product is zero and c is nonzero. Previously we would fail to negate c. Seen in (and tested against) the gfortran testsuite on MIPS. Signed-off-by: Richard Sandiford <rdsandiford@googlemail.com> Reviewed-by: Peter Maydell <peter.maydell@linaro.org> Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
2013-01-26hw/pxa2xx_timer: Explicitly mark fallthroughsPeter Maydell
Explicitly mark the fallthroughs as intentional in the code pattern where we gradually increment an index before falling into the code to read/write that array entry: case THINGY_3: idx++; case THINGY_2: idx++; case THINGY_1: idx++; case THINGY_0: return s->thingy[idx]; This makes static analysers happy. Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
2013-01-26hw/smc91c111: Add explicit 'return' rather than relying on fallthroughPeter Maydell
Add an explicit 'return' statement to a case in smc91c111_readb rather than relying on fallthrough to the following case's return statement, for code clarity and to placate static analysers. Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
2013-01-26hw/pflash_cfi02.c: Mark deliberate fallthroughPeter Maydell
Mark the deliberate fallthrough where we treat the case of an attempt to read flash when it is an unknown command state as if it were a normal read. Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
2013-01-26hw/omap_dma, hw/omap_spi: Explicitly mark fallthroughsPeter Maydell
Explicitly mark the fallthroughs as intentional in the code pattern where we gradually increment an index before falling into the code to read/write that array entry: case THINGY_3: idx++; case THINGY_2: idx++; case THINGY_1: idx++; case THINGY_0: return s->thingy[idx]; This makes static analysers happy. Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Signed-off-by: Blue Swirl <blauwirbel@gmail.com>