aboutsummaryrefslogtreecommitdiff
AgeCommit message (Collapse)Author
2017-01-13cputlb: drop flush_global flag from tlb_flushAlex Bennée
We have never has the concept of global TLB entries which would avoid the flush so we never actually use this flag. Drop it and make clear that tlb_flush is the sledge-hammer it has always been. Signed-off-by: Alex Bennée <alex.bennee@linaro.org> Reviewed-by: Richard Henderson <rth@twiddle.net> [DG: ppc portions] Acked-by: David Gibson <david@gibson.dropbear.id.au>
2017-01-13cpu_common_reset: wrap TCG specific code in tcg_enabled()Alex Bennée
Both the cpu->tb_jmp_cache and SoftMMU TLB structures are only used when running TCG code so we might as well skip them for anything else. Signed-off-by: Alex Bennée <alex.bennee@linaro.org> Reviewed-by: Eduardo Habkost <ehabkost@redhat.com>
2017-01-13qom/cpu: move tlb_flush to cpu_common_resetAlex Bennée
It is a common thing amongst the various cpu reset functions want to flush the SoftMMU's TLB entries. This is done either by calling tlb_flush directly or by way of a general memset of the CPU structure (sometimes both). This moves the tlb_flush call to the common reset function and additionally ensures it is only done for the CONFIG_SOFTMMU case and when tcg is enabled. In some target cases we add an empty end_of_reset_fields structure to the target vCPU structure so have a clear end point for any memset which is resetting value in the structure before CPU_COMMON (where the TLB structures are). While this is a nice clean-up in general it is also a precursor for changes coming to cputlb for MTTCG where the clearing of entries can't be done arbitrarily across vCPUs. Currently the cpu_reset function is usually called from the context of another vCPU as the architectural power up sequence is run. By using the cputlb API functions we can ensure the right behaviour in the future. Signed-off-by: Alex Bennée <alex.bennee@linaro.org> Reviewed-by: Richard Henderson <rth@twiddle.net> Reviewed-by: David Gibson <david@gibson.dropbear.id.au>
2017-01-12Merge remote-tracking branch ↵Peter Maydell
'remotes/bkoppelmann/tags/pull-tricore-2017-01-11-2' into staging TriCore FPU patches # gpg: Signature made Wed 11 Jan 2017 13:40:11 GMT # gpg: using RSA key 0x0AD2C6396B69CA14 # gpg: Good signature from "Bastian Koppelmann <kbastian@mail.uni-paderborn.de>" # Primary key fingerprint: 6E63 6A7E 83F2 DD0C FA6E 6E37 0AD2 C639 6B69 CA14 * remotes/bkoppelmann/tags/pull-tricore-2017-01-11-2: target-tricore: Add updfl instruction target-tricore: Added new JNE instruction variant target-tricore: Added new MOV instruction variant target-tricore: Added MADD.F and MSUB.F instructions target-tricore: Added FTOUZ instruction Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2017-01-12Merge remote-tracking branch 'remotes/kraxel/tags/pull-vga-20170111-1' into ↵Peter Maydell
staging vga: fixes for virtio-gpu and cirrus. # gpg: Signature made Wed 11 Jan 2017 10:24:24 GMT # gpg: using RSA key 0x4CB6D8EED3E87138 # gpg: Good signature from "Gerd Hoffmann (work) <kraxel@redhat.com>" # gpg: aka "Gerd Hoffmann <gerd@kraxel.org>" # gpg: aka "Gerd Hoffmann (private) <kraxel@gmail.com>" # Primary key fingerprint: A032 8CFF B93A 17A7 9901 FE7D 4CB6 D8EE D3E8 7138 * remotes/kraxel/tags/pull-vga-20170111-1: virtio-gpu: tag as not hotpluggable virtio-gpu: Fix memory leak in virtio_gpu_load() virtio-gpu: Recalculate VirtIOGPU::hostmem on VM load display: cirrus: ignore source pitch value as needed in blit_is_unsafe virtio-gpu: fix information leak in capset get dispatch Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2017-01-12Merge remote-tracking branch 'remotes/kraxel/tags/pull-audio-20170111-1' ↵Peter Maydell
into staging audio: qomify drivers, hotplug fixes. # gpg: Signature made Wed 11 Jan 2017 09:32:09 GMT # gpg: using RSA key 0x4CB6D8EED3E87138 # gpg: Good signature from "Gerd Hoffmann (work) <kraxel@redhat.com>" # gpg: aka "Gerd Hoffmann <gerd@kraxel.org>" # gpg: aka "Gerd Hoffmann (private) <kraxel@gmail.com>" # Primary key fingerprint: A032 8CFF B93A 17A7 9901 FE7D 4CB6 D8EE D3E8 7138 * remotes/kraxel/tags/pull-audio-20170111-1: es1370: wire up reset via DeviceClass audio: ac97: add exit function audio: es1370: add exit function hw/audio: QOM'ify pl041.c hw/audio: QOM'ify marvell_88w8618.c Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2017-01-12Merge remote-tracking branch 'remotes/rth/tags/pull-tcg-20170110' into stagingPeter Maydell
TCG opcodes for extract, clz, ctz, ctpop # gpg: Signature made Wed 11 Jan 2017 02:12:41 GMT # gpg: using RSA key 0xAD1270CC4DD0279B # gpg: Good signature from "Richard Henderson <rth7680@gmail.com>" # gpg: aka "Richard Henderson <rth@redhat.com>" # gpg: aka "Richard Henderson <rth@twiddle.net>" # Primary key fingerprint: 9CB1 8DDA F8E8 49AD 2AFC 16A4 AD12 70CC 4DD0 279B * remotes/rth/tags/pull-tcg-20170110: (65 commits) tcg/i386: Handle ctpop opcode tcg/ppc: Handle ctpop opcode tcg: Use ctpop to generate ctz if needed tests: New test-bitcnt qemu/host-utils.h: Reduce the operation count in the fallback ctpop target-i386: Use ctpop helper target-tilegx: Use ctpop helper target-sparc: Use ctpop helper target-s390x: Avoid a loop for popcnt target-ppc: Use ctpop helper target-alpha: Use ctpop helper tcg: Add opcode for ctpop target-xtensa: Use clrsb helper target-tricore: Use clrsb helper target-arm: Use clrsb helper tcg: Add helpers for clrsb tcg/i386: Rely on undefined/undocumented behaviour of BSF/BSR tcg/i386: Handle ctz and clz opcodes tcg/i386: Allow bmi2 shiftx to have non-matching operands tcg/i386: Hoist common arguments in tcg_out_op ... Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2017-01-12libqtest: handle zero length memwrite/memreadGreg Kurz
Some recently added tests pass a zero length to qtest_memwrite(). Unfortunately, the qtest protocol doesn't implement an on-the-wire syntax for zero-length writes and the current code happily sends garbage to QEMU. This causes intermittent failures. It isn't worth the pain to enhance the protocol, so this patch simply fixes the issue by "just return, doing nothing". The same fix is applied to qtest_memread() since the issue also exists in the QEMU part of the "memread" command. Suggested-by: Peter Maydell <peter.maydell@linaro.org> Signed-off-by: Greg Kurz <groug@kaod.org> Reviewed-by: Eric Blake <eblake@redhat.com> Reviewed-by: John Snow <jsnow@redhat.com> Message-id: 148412457273.22750.983275587432075569.stgit@bahia Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2017-01-11target-tricore: Add updfl instructionBastian Koppelmann
Signed-off-by: Bastian Koppelmann <kbastian@mail.uni-paderborn.de> Reviewed-by: Richard Henderson <rth@twiddle.net>
2017-01-11target-tricore: Added new JNE instruction variantPeer Adelt
If D[15] is != sign_ext(const4) then PC will be set to (PC + zero_ext(disp4 + 16)). [BK: fixed style errors] Signed-off-by: Peer Adelt <peer.adelt@c-lab.de> Message-Id: <1465314555-11501-5-git-send-email-peer.adelt@c-lab.de> Signed-off-by: Bastian Koppelmann <kbastian@mail.uni-paderborn.de>
2017-01-11target-tricore: Added new MOV instruction variantPeer Adelt
Puts the content of data register D[a] into E[c][63:32] and the content of data register D[b] into E[c][31:0]. [BK: fix style error] [BK: Allocate temporaries only when needed] Signed-off-by: Peer Adelt <peer.adelt@c-lab.de> Message-Id: <1465314555-11501-4-git-send-email-peer.adelt@c-lab.de> Signed-off-by: Bastian Koppelmann <kbastian@mail.uni-paderborn.de>
2017-01-11target-tricore: Added MADD.F and MSUB.F instructionsBastian Koppelmann
Multiplies D[a] and D[b] and adds/subtracts the result to/from D[d]. The result is put in D[c]. All operands are floating-point numbers. Signed-off-by: Bastian Koppelmann <kbastian@mail.uni-paderborn.de> Reviewed-by: Richard Henderson <rth@twiddle.net>
2017-01-11target-tricore: Added FTOUZ instructionBastian Koppelmann
Converts a 32-bit floating point number to an unsigned int. The result is rounded towards zero. Signed-off-by: Bastian Koppelmann <kbastian@mail.uni-paderborn.de> Reviewed-by: Richard Henderson <rth@twiddle.net>
2017-01-11virtio-gpu: tag as not hotpluggableGerd Hoffmann
qemu can't hotplug display devices. Signed-off-by: Gerd Hoffmann <kraxel@redhat.com> Reviewed-by: Michael S. Tsirkin <mst@redhat.com> Message-id: 1483970138-20360-1-git-send-email-kraxel@redhat.com
2017-01-11virtio-gpu: Fix memory leak in virtio_gpu_load()Peter Maydell
Coverity points out that if we fail in the "creating resources" loop in virtio_gpu_load() we will leak various resources (CID 1356431). Failing a VM load is going to leave the simulation in a complete mess, but we can tidy up to the point that a full system reset should get us back to sanity. Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Message-id: 1483969123-14839-3-git-send-email-peter.maydell@linaro.org Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2017-01-11virtio-gpu: Recalculate VirtIOGPU::hostmem on VM loadPeter Maydell
The 'hostmem' field in VirtIOGPU is used to track the total memory used in pixmaps so that we can impose a maximum limit on it. However this field is neither migrated nor recalculated on VM load, which means that after a migration it will be incorrectly too low, which can allow the guest to use more pixmap memory than it should. The per-resource hostmem fields are not filled in either as we reallocate them in the load function. Recalculate the memory used for each pixmap and the total memory used as we reallocate the pixmaps in virtio_gpu_load(). Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Message-id: 1483969123-14839-2-git-send-email-peter.maydell@linaro.org Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2017-01-11display: cirrus: ignore source pitch value as needed in blit_is_unsafeBruce Rogers
Commit 4299b90 added a check which is too broad, given that the source pitch value is not required to be initialized for solid fill operations. This patch refines the blit_is_unsafe() check to ignore source pitch in that case. After applying the above commit as a security patch, we noticed the SLES 11 SP4 guest gui failed to initialize properly. Signed-off-by: Bruce Rogers <brogers@suse.com> Message-id: 20170109203520.5619-1-brogers@suse.com Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2017-01-11virtio-gpu: fix information leak in capset get dispatchLi Qiang
In virgl_cmd_get_capset function, it uses g_malloc to allocate a response struct to the guest. As the 'resp'struct hasn't been full initialized it will lead the 'resp->padding' field to the guest. Use g_malloc0 to avoid this. Signed-off-by: Li Qiang <liqiang6-s@360.cn> Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com> Message-id: 58188cae.4a6ec20a.3d2d1.aff2@mx.google.com [ kraxel: resolved conflict ] Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2017-01-11es1370: wire up reset via DeviceClassGerd Hoffmann
Instead of using qemu_register_reset(). That way we get proper cleanup for free. Signed-off-by: Gerd Hoffmann <kraxel@redhat.com> Message-id: 1484054281-26139-1-git-send-email-kraxel@redhat.com
2017-01-11audio: ac97: add exit functionLi Qiang
Currently the ac97 device emulation doesn't have a exit function, hot unplug this device will leak some memory. Add a exit function to avoid this. Signed-off-by: Li Qiang <liqiang6-s@360.cn> Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com> Message-id: 58520052.4825ed0a.27a71.6cae@mx.google.com Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2017-01-11audio: es1370: add exit functionLi Qiang
Currently the es1370 device emulation doesn't have a exit function, hot unplug this device will leak some memory. Add a exit function to avoid this. Signed-off-by: Li Qiang <liqiang6-s@360.cn> Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com> Message-id: 585200c9.a968ca0a.1ab80.4c98@mx.google.com Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2017-01-11hw/audio: QOM'ify pl041.cxiaoqiang zhao
split the old SysBus init function into an instance_init and Device realize function Signed-off-by: xiaoqiang zhao <zxq_yx_007@163.com> Message-id: 20161231011720.3965-3-zxq_yx_007@163.com Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2017-01-11hw/audio: QOM'ify marvell_88w8618.cxiaoqiang zhao
split the old SysBus init function into an instance_init and Device realize function Signed-off-by: xiaoqiang zhao <zxq_yx_007@163.com> Message-id: 20161231011720.3965-2-zxq_yx_007@163.com Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2017-01-10tcg/i386: Handle ctpop opcodeRichard Henderson
Signed-off-by: Richard Henderson <rth@twiddle.net>
2017-01-10tcg/ppc: Handle ctpop opcodeRichard Henderson
Signed-off-by: Richard Henderson <rth@twiddle.net>
2017-01-10tcg: Use ctpop to generate ctz if neededRichard Henderson
Particularly when andc is also available, this is two insns shorter than using clz to compute ctz. Signed-off-by: Richard Henderson <rth@twiddle.net>
2017-01-10tests: New test-bitcntAlex Bennée
Add some unit tests for bit count functions (currently only ctpop). As the routines are based on the Hackers Delight optimisations I based the test patterns on their tests. Signed-off-by: Alex Bennée <alex.bennee@linaro.org> Signed-off-by: Richard Henderson <rth@twiddle.net>
2017-01-10qemu/host-utils.h: Reduce the operation count in the fallback ctpopRichard Henderson
Reviewed-by: Alex Bennée <alex.bennee@linaro.org> Signed-off-by: Richard Henderson <rth@twiddle.net>
2017-01-10target-i386: Use ctpop helperRichard Henderson
Signed-off-by: Richard Henderson <rth@twiddle.net>
2017-01-10target-tilegx: Use ctpop helperRichard Henderson
Signed-off-by: Richard Henderson <rth@twiddle.net>
2017-01-10target-sparc: Use ctpop helperRichard Henderson
Acked-by: Mark Cave-Ayland <mark.cave-ayland@ilande.co.uk> Signed-off-by: Richard Henderson <rth@twiddle.net>
2017-01-10target-s390x: Avoid a loop for popcntRichard Henderson
Signed-off-by: Richard Henderson <rth@twiddle.net>
2017-01-10target-ppc: Use ctpop helperRichard Henderson
Signed-off-by: Richard Henderson <rth@twiddle.net>
2017-01-10target-alpha: Use ctpop helperRichard Henderson
Signed-off-by: Richard Henderson <rth@twiddle.net>
2017-01-10tcg: Add opcode for ctpopRichard Henderson
The number of actual invocations of ctpop itself does not warrent an opcode, but it is very helpful for POWER7 to use in generating an expansion for ctz. Reviewed-by: Alex Bennée <alex.bennee@linaro.org> Signed-off-by: Richard Henderson <rth@twiddle.net>
2017-01-10target-xtensa: Use clrsb helperRichard Henderson
Signed-off-by: Richard Henderson <rth@twiddle.net>
2017-01-10target-tricore: Use clrsb helperRichard Henderson
Tested-by: Bastian Koppelmann <kbastian@mail.uni-paderborn.de> Reviewed-by: Bastian Koppelmann <kbastian@mail.uni-paderborn.de> Signed-off-by: Richard Henderson <rth@twiddle.net>
2017-01-10target-arm: Use clrsb helperRichard Henderson
Reviewed-by: Alex Bennée <alex.bennee@linaro.org> Signed-off-by: Richard Henderson <rth@twiddle.net>
2017-01-10tcg: Add helpers for clrsbRichard Henderson
The number of actual invocations does not warrent an opcode, and the backends generating it. But at least we can eliminate redundant helpers. Reviewed-by: Alex Bennée <alex.bennee@linaro.org> Signed-off-by: Richard Henderson <rth@twiddle.net>
2017-01-10tcg/i386: Rely on undefined/undocumented behaviour of BSF/BSRRichard Henderson
The ISA manual documents the output is undefined if the input was zero. However, we document in target-i386 that the behavior of real silicon is to preserve the contents of the output register. We also mention that there are real applications that depend on this. That this is baked into silicon is mentioned as a potential cause for some false sharing behaviour wrt lzcnt/tzcnt. Taking advantage of this allows us to save 2 insns in the normal case, and 4 insns for i686 emulating a 64-bit clz. Signed-off-by: Richard Henderson <rth@twiddle.net>
2017-01-10tcg/i386: Handle ctz and clz opcodesRichard Henderson
Signed-off-by: Richard Henderson <rth@twiddle.net>
2017-01-10tcg/i386: Allow bmi2 shiftx to have non-matching operandsRichard Henderson
Previously we could not have different constraints for different ISA levels, which prevented us from eliding the matching constraint for shifts. We do now have to make sure that the operands match for constant shifts. We can also handle some small left shifts via lea. Signed-off-by: Richard Henderson <rth@twiddle.net>
2017-01-10tcg/i386: Hoist common arguments in tcg_out_opRichard Henderson
Signed-off-by: Richard Henderson <rth@twiddle.net>
2017-01-10tcg/i386: Fuly convert tcg_target_op_defRichard Henderson
Use a switch instead of searching a table. Share constraints between 32-bit and 64-bit, when at all possible. Signed-off-by: Richard Henderson <rth@twiddle.net>
2017-01-10tcg/s390: Handle clz opcodeRichard Henderson
Signed-off-by: Richard Henderson <rth@twiddle.net>
2017-01-10tcg/mips: Handle clz opcodeRichard Henderson
Signed-off-by: Richard Henderson <rth@twiddle.net>
2017-01-10tcg/arm: Handle ctz and clz opcodesRichard Henderson
Reviewed-by: Alex Bennée <alex.bennee@linaro.org> Signed-off-by: Richard Henderson <rth@twiddle.net>
2017-01-10tcg/aarch64: Handle ctz and clz opcodesRichard Henderson
Signed-off-by: Richard Henderson <rth@twiddle.net>
2017-01-10tcg/ppc: Handle ctz and clz opcodesRichard Henderson
Signed-off-by: Richard Henderson <rth@twiddle.net>
2017-01-10target-i386: Use clz and ctz opcodesRichard Henderson
Signed-off-by: Richard Henderson <rth@twiddle.net>