aboutsummaryrefslogtreecommitdiff
AgeCommit message (Collapse)Author
2012-09-21linux-user: Use memcpy in get_user/put_user.Richard Henderson
When host and target have differing alignment rules, using a cast and direct memory operation can result in SIGBUS. Use memcpy instead, which the compiler will happily optimize when alignment is satisfied. Signed-off-by: Richard Henderson <rth@twiddle.net> Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
2012-09-21Merge branch 'usb.65' of git://git.kraxel.org/qemuAurelien Jarno
* 'usb.65' of git://git.kraxel.org/qemu: uhci: Don't queue up packets after one with the SPD flag set usb-redir: Revert usb-redir part of commit 93bfef4c usb-redir: Add chardev open / close debug logging usb-redir: Add support for migration usb-redir: Store max_packet_size in endp_data usb-redir: Add an already_in_flight packet-id queue usb-redir: Change cancelled packet code into a generic packet-id queue ehci: Walk async schedule before and after migration ehci: Don't set seen to 0 when removing unseen queue-heads configure: usbredir fixes ehci: Don't process too much frames in 1 timer tick (v2) ehci: Fix interrupts stopping when Interrupt Threshold Control is 8 ehci: switch to new-style memory ops usb-host: allow emulated (non-async) control requests without USBPacket
2012-09-21tcg-hppa: Fix broken load/store helpersRichard Henderson
The CONFIG_TCG_PASS_AREG0 code for calling ld/st helpers was not respecting the ABI requirement for 64-bit values being aligned in registers. Mirror the ARM port in use of helper functions to marshal arguments into the correct registers. Signed-off-by: Richard Henderson <rth@twiddle.net> Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
2012-09-21tcg-hppa: Fix brcond2 and setcond2Richard Henderson
Neither of these functions were performing double-word compares properly. Signed-off-by: Richard Henderson <rth@twiddle.net> Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
2012-09-21tcg: Fix !USE_DIRECT_JUMPRichard Henderson
Commit 6375e09e changed the type of TranslationBlock.tb_next, but failed to change the type of TCGContext.tb_next. Signed-off-by: Richard Henderson <rth@twiddle.net> Reviewed-by: Andreas Färber <afaerber@suse.de> Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
2012-09-21gdbstub/sh4: fix build with USE_SOFTFLOAT_STRUCT_TYPESAurelien Jarno
We have to use different type to access float values when USE_SOFTFLOAT_STRUCT_TYPES is defined. Rework SH4 version of cpu_gdb_{read,write}_register() using a single case, and fixing the coding style. Use ldll_p() and stfl_p() to access float values. Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
2012-09-21tcg: Optimize two-address commutative operationsRichard Henderson
While swapping constants to the second operand, swap sources matching destinations to the first operand. Signed-off-by: Richard Henderson <rth@twiddle.net> Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
2012-09-21tcg: Optimize movcond for constant comparisonsRichard Henderson
Signed-off-by: Richard Henderson <rth@twiddle.net> Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
2012-09-21tcg-i386: Implement movcondRichard Henderson
Signed-off-by: Richard Henderson <rth@twiddle.net> Reviewed-by: Aurelien Jarno <aurelien@aurel32.net> Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
2012-09-21target-alpha: Use movcondRichard Henderson
For proper cmov insns, as well as the non-goto-tb case of conditional branch. Signed-off-by: Richard Henderson <rth@twiddle.net> Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
2012-09-21tcg: Introduce movcondRichard Henderson
Implemented with setcond if the target does not provide the optional opcode. Signed-off-by: Richard Henderson <rth@twiddle.net> Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
2012-09-21target-sh4: remove useless codeAurelien Jarno
Almost dead code. Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
2012-09-21target-sh4: cleanup DisasContextAurelien Jarno
We should avoid accessing env at translation stage, except of course for static values like the supported features. Remove variables copied from env in DisasContext and use the TB flags instead. Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
2012-09-21target-sh4: rework exceptions handlingAurelien Jarno
Since commit fd4bab102 PC is restored in case of exception through code retranslation. While it is clearly the thing to do in case it is not not known if an helper is going to trigger an exception or not (e.g. for load/store, FPU, etc.), it just make things slower when the exception is already known at translation time. Partially revert this commit and save PC in the TCG code. Set bstate to BS_BRANCH to not generate TCG exit code. Micro-optimize the sleep helper. Make all the exception helpers to call raise_exception and mark it as noreturn. Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
2012-09-21target-sh4: remove gen_clr_t() and gen_set_t()Aurelien Jarno
gen_clr_t() and gen_set_t() have very few callers and can be remplaced by a single line. Remove them. Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
2012-09-21target-sh4: optimize swap.wAurelien Jarno
It's possible swap the two 16-bit words of a 32-bit register using a rotation. If the TCG target doesn't implement rotation, the replacement code is similar to the previously implemented code. Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
2012-09-21target-sh4: optimize xtrctAurelien Jarno
The register being 32 bit long, after a shift to the right by 16 bits, the upper 16 bit are already cleared. There is no need to call ext16u to clear them. Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
2012-09-21target-sh4: implement addv and subv using TCGAurelien Jarno
addv and subv helpers implementation is directly copied from the SH4 manual and looks quite complex. It is however possible to explain it without branches, and is therefore possible to implement it with TCG. Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
2012-09-21target-sh4: implement addc and subc using TCGAurelien Jarno
Now that setcond is available, the addc and subc can easily be implemented using TCG. Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
2012-09-21target-sh4: use float32_muladd() to implement fmacAurelien Jarno
There is no need to add a SH4 specific pickNaNMulAdd() to softfloat as SH4 is always returning a default NaN. Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
2012-09-21target-sh4: mark a few helpers const and pureAurelien Jarno
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
2012-09-21target-xtensa: don't emit extra tcg_gen_goto_tbMax Filippov
Unconditional gen_check_loop_end at the end of disas_xtensa_insn can emit tcg_gen_goto_tb with slot id already used in the TB (e.g. when TB ends at LEND with a branch). Signed-off-by: Max Filippov <jcmvbkbc@gmail.com> Cc: qemu-stable <qemu-stable@nongnu.org> Signed-off-by: malc <av1474@comtv.ru>
2012-09-21target-xtensa: fix extui shift amountMax Filippov
extui opcode only uses lowermost op1 bit for sa4. Reported-by: malc <av1474@comtv.ru> Signed-off-by: Max Filippov <jcmvbkbc@gmail.com> Cc: qemu-stable <qemu-stable@nongnu.org> Signed-off-by: malc <av1474@comtv.ru>
2012-09-19tcg/optimize: fix end of basic block detectionAurelien Jarno
Commit e31b0a7c050711884ad570fe73df806520953618 fixed copy propagation on 32-bit host by restricting the copy between different types. This was the wrong fix. The real problem is that the all temps states should be reset at the end of a basic block. This was done by adding such operations in the switch, but brcond2 was forgotten (that's why the crash was only observed on 32-bit hosts). Fix that by looking at the TCG_OPF_BB_END instead. We need to keep the case for op_set_label as temps might be modified through another path. Cc: Blue Swirl <blauwirbel@gmail.com> Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
2012-09-19target-mips: Implement Loongson Multimedia InstructionsRichard Henderson
Implements all of the COP2 instructions except for the S<cond> family of comparisons. The documentation is unclear for those. Signed-off-by: Richard Henderson <rth@twiddle.net> Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
2012-09-19target-mips: Always evaluate debugging macro argumentsRichard Henderson
this will prevent some of the compilation errors with debugging enabled from creeping back in. Signed-off-by: Richard Henderson <rth@twiddle.net> Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
2012-09-19target-mips: Fix MIPS_DEBUG.Richard Henderson
The macro uses the DisasContext. Pass it around as needed. Signed-off-by: Richard Henderson <rth@twiddle.net> Acked-by: Aurelien Jarno <aurelien@aurel32.net> Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
2012-09-19target-mips: Set opn in gen_ldst_multiple.Richard Henderson
Used by MIPS_DEBUG, when enabled. Signed-off-by: Richard Henderson <rth@twiddle.net> Acked-by: Aurelien Jarno <aurelien@aurel32.net> Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
2012-09-19hw/pflash_cfi0[12]: Use host-utils.h ctz32()Peter Maydell
Drop the private reimplementation of ctz32() from pflash_cfi0[12] in favour of using the standard version from host-utils.h. Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Reviewed-by: Stefan Weil <sw@weilnetz.de> Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
2012-09-19pflash_cfi01: fix vendor specific extended queryAurelien Jarno
pflash_cfi01 announces a version number of 1.1, which implies "Protection Register Information" and "Burst Read information" sections, which are not provided. Decrease the version number to 1.0 so that only the "Protection Register Information" section is needed. Set the number of protection fields (0x3f) to 0x01, as 0x00 means 256 protections field, which makes the CFI table bigger than the current implementation, causing some kernels to fail to read it. Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
2012-09-19revert "TCG: fix copy propagation"Aurelien Jarno
Given the copy propagation breakage on 32-bit hosts has been fixed commit e31b0a7c050711884ad570fe73df806520953618 can be reverted. Cc: Blue Swirl <blauwirbel@gmail.com> Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
2012-09-19tcg: mark set_label with TCG_OPF_BB_END flagAurelien Jarno
set_label is effectively the end of a basic block, as no optimization can be made accross it. It was treated as such in the liveness analysis code, but as a special case. Mark it with TCG_OPF_BB_END flag so that this information can be used by other parts of the TCG code, and remove the special case in the liveness analysis code. Cc: Blue Swirl <blauwirbel@gmail.com> Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
2012-09-19tcg/i386: allow constants in load/store opsAurelien Jarno
On x86, it is possible to move a constant value to memory. Add code to handle a constant argument to load/store ops. Reviewed-by: Richard Henderson <rth@twiddle.net> Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
2012-09-19xilinx_timer: Fix a compile error if debug enabledChris Wulff
There was a missing include of qemu-log and a variable name in a printf was out of date. Signed-off-by: Chris Wulff <crwulff@gmail.com> Signed-off-by: Peter A. G. Crosthwaite <peter.crosthwaite@petalogix.com>
2012-09-19xilinx: fix names of ethernet and dma links.Peter A. G. Crosthwaite
These names were incorrect. Fixed to match to actual link names Signed-off-by: Peter A. G. Crosthwaite <peter.crosthwaite@petalogix.com>
2012-09-19xilinx.h: Error check when setting linksPeter A. G. Crosthwaite
Assert that the ethernet and dma controller are sucessfully linked to their peers. Signed-off-by: Peter A. G. Crosthwaite <peter.crosthwaite@petalogix.com>
2012-09-19xilinx_timer: Fixed "frequency" prop namePeter A. G. Crosthwaite
The "frequency" qdev prop matches the "clock-frequency" property in Xilinx EDK. Renamed "frequency" -> "clock-frequency" accordingly. Signed-off-by: Peter A. G. Crosthwaite <peter.crosthwaite@petalogix.com>
2012-09-19xilinx_timer: Send dbg msgs to stderr not stdoutPeter A. G. Crosthwaite
Signed-off-by: Peter A. G. Crosthwaite <peter.crosthwaite@petalogix.com>
2012-09-19xilinx_timer: Removed comma in device namePeter A. G. Crosthwaite
Fixes an error in a61e4b07a30c062260d2d01771773f14820d1eb7 Signed-off-by: Peter A. G. Crosthwaite <peter.crosthwaite@petalogix.com>
2012-09-19arch_init.c: Improve '-soundhw help' for non-HAS_AUDIO_CHOICE archsPeter Maydell
For architectures which don't set HAS_AUDIO_CHOICE, improve the '-soundhw help' message so that it doesn't simply print an empty list, implying no sound support at all. Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Signed-off-by: malc <av1474@comtv.ru>
2012-09-17Merge remote-tracking branch 'kiszka/queues/slirp' into stagingAnthony Liguori
* kiszka/queues/slirp: slirp: Implement TFTP Blocksize option slirp: Remove unused return value of tftp_send_next_block slirp: Handle more than 65535 blocks in TFTP transfers slirp: improve TFTP performance slirp: Fix error reported by static code analysis slirp: Remove wrong type casts ins debug statements
2012-09-17Merge remote-tracking branch 'kwolf/for-anthony' into stagingAnthony Liguori
* kwolf/for-anthony: block: Don't forget to delete temporary file Don't require encryption password for 'qemu-img info' command qemu-img: Add json output option to the info command. qapi: Add SnapshotInfo and ImageInfo. ahci: properly reset PxCMD on HBA reset block: fix block tray status vdi: Fix warning from clang block/curl: Fix wrong free statement ide: Fix error messages from static code analysis (no real error) ATAPI: STARTSTOPUNIT only eject/load media if powercondition is 0 sheepdog: fix savevm and loadvm
2012-09-17Merge remote-tracking branch 'stefanha/trivial-patches' into stagingAnthony Liguori
* stefanha/trivial-patches: configure: fix seccomp check arch_init.c: add missing '%' symbols before PRIu64 in debug printfs kvm: Fix warning from static code analysis qapi: Fix enumeration typo error console: Clean up bytes per pixel calculation Fix copy&paste typos in documentation comments linux-user: Remove #if 0'd cpu_get_real_ticks() definition ui: Fix spelling in comment (ressource -> resource) Spelling fixes in comments and macro names (ressource -> resource) Fix spelling (licenced -> licensed) in GPL Spelling fixes in comments and documentation srp: Don't use QEMU_PACKED for single elements of a structured type
2012-09-17Merge remote-tracking branch 'spice/spice.v60' into stagingAnthony Liguori
* spice/spice.v60: hw/qxl: support client monitor configuration via device qxl: add trace-event for QXL_IO_LOG hw/qxl: tracing fixes qxl: better cleanup for surface destroy qxl: Ignore set_client_capabilities pre/post migrate qxl: dont update invalid area spice: send updates only for changed screen content spice: add screen mirror spice: split qemu_spice_create_update spice: switch to queue for vga mode updates
2012-09-17Merge remote-tracking branch 'stefanha/net' into stagingAnthony Liguori
* stefanha/net: net: EAGAIN handling for net/socket.c TCP net: EAGAIN handling for net/socket.c UDP net: asynchronous send/receive infrastructure for net/socket.c net: broadcast hub packets if at least one port can receive net: fix usbnet_receive() packet drops net: clean up usbnet_receive() net: add -netdev options to man page net: do not report queued packets as sent net: add receive_disabled logic to iov delivery path eepro100: Fix network hang when rx buffers run out xen: flush queue when getting an event e1000: flush queue whenever can_receive can go from false to true net: notify iothread after flushing queue
2012-09-17Merge remote-tracking branch 'qemu-kvm/uq/master' into stagingAnthony Liguori
* qemu-kvm/uq/master: kvm: Rename irqchip_inject_ioctl to irq_set_ioctl kvm: Stop flushing coalesced MMIO on vmexit VGA: Flush coalesced MMIO on related MMIO/PIO accesses memory: Flush coalesced MMIO on mapping and state changes memory: Fold memory_region_update_topology into memory_region_transaction_commit memory: Use transaction_begin/commit also for single-step operations memory: Flush coalesced MMIO on selected region access kvm-all.c: Move init of irqchip_inject_ioctl out of kvm_irqchip_create() update-linux-headers.sh: Don't hard code list of architectures
2012-09-17Revert "Add ability to disable build of all targets"Anthony Liguori
This reverts commit 66d5499b3754b83c09487259c08fe2ce73188a59. This commit broke --target-list="x86_64-softmmu" and the fix isn't immediatley obvious. Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2012-09-17cpu_physical_memory_write_rom() needs to do TB invalidatesDavid Gibson
cpu_physical_memory_write_rom(), despite the name, can also be used to write images into RAM - and will often be used that way if the machine uses load_image_targphys() into RAM addresses. However, cpu_physical_memory_write_rom(), unlike cpu_physical_memory_rw() doesn't invalidate any cached TBs which might be affected by the region written. This was breaking reset (under full emu) on the pseries machine - we loaded our firmware image into RAM, and while executing it rewrite the code at the entry point (correctly causing a TB invalidate/refresh). When we reset the firmware image was reloaded, but the TB from the rewrite was still active and caused us to get an illegal instruction trap. This patch fixes the bug by duplicating the tb invalidate code from cpu_physical_memory_rw() in cpu_physical_memory_write_rom(). Signed-off-by: David Gibson <david@gibson.dropbear.id.au> Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2012-09-17qemu-char: BUGFIX, don't call FD_ISSET with negative fdDavid Gibson
tcp_chr_connect(), unlike for example udp_chr_update_read_handler() does not check if the fd it is using is valid (>= 0) before passing it to qemu_set_fd_handler2(). If using e.g. a TCP serial port, which is not initially connected, this can result in -1 being passed to FD_ISSET, which has undefined behaviour. On x86 it seems to harmlessly return 0, but on PowerPC, it causes a fortify buffer overflow error to be thrown. This patch fixes this by putting an extra test in tcp_chr_connect(), and also adds an assert qemu_set_fd_handler2() to catch other such errors on all platforms, rather than just some. Signed-off-by: David Gibson <david@gibson.dropbear.id.au> Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2012-09-17Revert 455aa1e08 and c3767ed0ebAnthony Liguori
commit c3767ed0eb5d0bb25fe409ae5dec06e3411ff1b6 qemu-char: (Re-)connect for tcp_chr_write() unconnected writing Has no hope of working because tcp_chr_connect() does not actually connect. 455aa1e08 just fixes the SEGV with server() but the attempt to connect a client socket is still completely broken. This patch reverts both. Reported-by: Richard W.M. Jones <rjones@redhat.com> Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>