aboutsummaryrefslogtreecommitdiff
AgeCommit message (Collapse)Author
2012-03-19Merge remote-tracking branch 'qemu-kvm/memory/urgent' into stagingAnthony Liguori
* qemu-kvm/memory/urgent: exec: fix guest memory access for Xen
2012-03-19exec: fix guest memory access for XenAnthony PERARD
In cpu_physical_memory_rw, a change has been introduced and qemu_get_ram_ptr is no longuer called with the ram addr we want to access, but only with the section address. This patch fixes this. (All other call to qemu_get_ram_ptr are already called with the right address.) This patch fixes Xen guest. Signed-off-by: Anthony PERARD <anthony.perard@citrix.com> Signed-off-by: Avi Kivity <avi@redhat.com>
2012-03-19Merge remote-tracking branch 'origin/master' into stagingAnthony Liguori
* origin/master: tcg: fix sparc host for AREG0 free operation
2012-03-19Merge remote-tracking branch 'qemu-kvm/memory/urgent' into stagingAnthony Liguori
* qemu-kvm/memory/urgent: (42 commits) memory: check for watchpoints when getting code ram_addr exec: fix write tlb entry misused as iotlb Sparc: avoid AREG0 wrappers for memory access helpers Sparc: avoid AREG0 for memory access helpers TCG: add 5 arg helpers to def-helper.h softmmu templates: optionally pass CPUState to memory access functions i386: Remove REGPARM sparc64: implement PCI and ISA irqs sparc: reset CPU state on reset apb: use normal PCI device header for PBM device w64: Fix data type of next_tb and tcg_qemu_tb_exec softfloat: fix for C99 vmstate: fix varrays with uint32_t indexes Fix large memory chunks allocation with tcg_malloc. hw/pxa2xx.c: Fix handling of pxa2xx_i2c variable offset within region hw/pxa2xx_lcd.c: drop target_phys_addr_t usage in device state hw/pxa2xx_dma.c: drop target_phys_addr_t usage in device state ARM: Remove unnecessary subpage workarounds malta: Fix display for LED array malta: Use symbolic hardware addresses ...
2012-03-19Merge remote-tracking branch 'qmp/queue/qmp' into stagingAnthony Liguori
* qmp/queue/qmp: qapi: Convert migrate Purge migration of (almost) everything to do with monitors Error: Introduce error_copy() QError: Introduce new errors for the migration command
2012-03-19memory: check for watchpoints when getting code ram_addrAvi Kivity
The code to get the ram_addr from a (tlb entry, vaddr) pair checks that the resulting memory is not MMIO, but neglects to check whether the region is hidden by a watchpoint page. Add the missing check. Signed-off-by: Avi Kivity <avi@redhat.com>
2012-03-19exec: fix write tlb entry misused as iotlbAvi Kivity
A couple of code paths check the lower bits of CPUTLBEntry::addr_write against io_mem_ram as a way of looking for a dirty RAM page. This works by accident since the value is zero, which matches all clear bits for TLB_INVALID, TLB_MMIO, and TLB_NOTDIRTY (indicating dirty RAM). Make it work by design by checking for the proper bits. Signed-off-by: Avi Kivity <avi@redhat.com>
2012-03-18tcg: fix sparc host for AREG0 free operationBlue Swirl
e141ab52d2ea5d0bc6ad3b1ad32841127ca04adc didn't handle the other memory access helper case, fix. Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
2012-03-18Sparc: avoid AREG0 wrappers for memory access helpersBlue Swirl
Adjust generation of load and store templates so that the functions take a parameter for CPUState instead of relying on global env. Remove wrappers. Move remaining memory helpers to ldst_helper.c. Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
2012-03-18Sparc: avoid AREG0 for memory access helpersBlue Swirl
Make memory access helpers take a parameter for CPUState instead of relying on global env. Introduce wrappers for load and store ops. Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
2012-03-18TCG: add 5 arg helpers to def-helper.hBlue Swirl
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
2012-03-18softmmu templates: optionally pass CPUState to memory access functionsBlue Swirl
Optionally, make memory access helpers take a parameter for CPUState instead of relying on global env. On most targets, perform simple moves to reorder registers. On i386, switch from regparm(3) calling convention to standard stack-based version. Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
2012-03-18i386: Remove REGPARMBlue Swirl
Use stack based calling convention (GCC default) for interfacing with generated code instead of register based convention (regparm(3)). Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
2012-03-17sparc64: implement PCI and ISA irqsBlue Swirl
Generate correct trap for external interrupts. Map PCI and ISA IRQs to RIC/UltraSPARC-IIi interrupt vectors. Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
2012-03-17sparc: reset CPU state on resetBlue Swirl
Not strictly accurate for Sparc64 but avoid confusing Valgrind. Reported-by: Michael S. Tsirkin <mst@redhat.com> Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
2012-03-17apb: use normal PCI device header for PBM deviceBlue Swirl
PBM has a normal PCI device header, fix. Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
2012-03-17Merge branch 'arm-devs.for-upstream' of ↵Blue Swirl
git://git.linaro.org/people/pmaydell/qemu-arm * 'arm-devs.for-upstream' of git://git.linaro.org/people/pmaydell/qemu-arm: hw/pxa2xx.c: Fix handling of pxa2xx_i2c variable offset within region hw/pxa2xx_lcd.c: drop target_phys_addr_t usage in device state hw/pxa2xx_dma.c: drop target_phys_addr_t usage in device state ARM: Remove unnecessary subpage workarounds hw/omap_i2c: Convert to qdev
2012-03-17w64: Fix data type of next_tb and tcg_qemu_tb_execStefan Weil
next_tb is the numeric value of a tcg target (= QEMU host) address. Using tcg_target_ulong instead of unsigned long shows this and makes the code portable for hosts with an unusual size of long (w64). The type cast '(long)(next_tb & ~3)' was not needed (casting unsigned long to long does not change the bits, and nor does casting long to pointer for most (= all non w64) hosts. It is removed here. Macro or function tcg_qemu_tb_exec is used to set next_tb. The function also returns next_tb. Therefore tcg_qemu_tb_exec must return a tcg_target_ulong. Signed-off-by: Stefan Weil <sw@weilnetz.de> Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
2012-03-17softfloat: fix for C99Avi Kivity
C99 appears to consider compound literals as non-constants, and complains when they are used in static initializers. Switch to ordinary initializer syntax. Signed-off-by: Avi Kivity <avi@redhat.com> Acked-by: Andreas Färber <afaerber@suse.de> Reported-by: Andreas Färber <andreas.faerber@web.de> Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
2012-03-17Merge branch 'target-arm.for-upstream' of ↵Blue Swirl
git://git.linaro.org/people/pmaydell/qemu-arm * 'target-arm.for-upstream' of git://git.linaro.org/people/pmaydell/qemu-arm: target-arm: Decode SETEND correctly in Thumb target-arm: Clear IT bits when taking exceptions in v7M target-arm: Fix typo in ARM946 cp15 c5 handling
2012-03-17Merge branch 'malta' of git://qemu.weilnetz.de/qemuBlue Swirl
* 'malta' of git://qemu.weilnetz.de/qemu: malta: Fix display for LED array malta: Use symbolic hardware addresses malta: Always allocate flash memory malta: Clean allocation of bios region alias
2012-03-17Merge branch 'ppc-for-upstream' of git://repo.or.cz/qemu/agrafBlue Swirl
* 'ppc-for-upstream' of git://repo.or.cz/qemu/agraf: PPC: Fix openpic with relative memregions pseries: Configure PCI bridge using properties PPC: KVM: Synchronize regs on CPU dump kvm: Comparison with ioctl number macros needs to be unsigned ppc: Correctly define POWERPC_INSNS2_DEFAULT pseries: Add support for level interrupts to XICS PPC: Fix large page support in TCG PPC: Add PIR register to POWER7 CPU pseries: Remove PCI device from PCI host bridge code pseries: Remove unused constant from PCI code pseries: Update SLOF firmware image PPC64: Add support for ldbrx and stdbrx instructions pseries: Don't try to munmap() a malloc()ed TCE table ppc: Add missing 'static' to spin_rw_ops PPC: 405: Fix ppc405ep initialization Bad zero comparison for sas_ss_flags on powerpc
2012-03-17vmstate: fix varrays with uint32_t indexesAmos Kong
VMSTATE_VARRAY_UINT32() is used in hw/ds1225y.c, and we checked VMS_VARRAY_UINT32 bit of field->flags in vmstate_load_state(), but we don't check this bit in vmstate_save_state(). Signed-off-by: Amos Kong <akong@redhat.com> Acked-by: Juan Quintela <quintela@redhat.com> Acked-by: Hervé Poussineau <hpoussin@reactos.org> Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
2012-03-17Fix large memory chunks allocation with tcg_malloc.Kirill Batuzov
An attempt to allocate a large memory chunk after a small one resulted in circular links in list of pools. It caused the same memory being allocated twice for different arrays. Now pools for large memory chunks are kept in separate list and are freed during pool reset because current allocator can not reuse them. Signed-off-by: Kirill Batuzov <batuzovk@ispras.ru> Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
2012-03-16Merge remote-tracking branch 'kraxel/seabios-1.6.3.2' into stagingAnthony Liguori
* kraxel/seabios-1.6.3.2: Update seabios to 1.6.3.2 Add seabios build scripts to roms/
2012-03-16pci: fix double free of romfile propertyAnthony Liguori
The qdev property release function frees any string properties. This was resulting in a double free during hot unplug. It manifests in network devices because block devices have a NULL romfile property by default. Cc: Michael Tsirkin <mst@redhat.com> Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2012-03-16hw/pxa2xx.c: Fix handling of pxa2xx_i2c variable offset within regionPeter Maydell
The pxa2xx I2C controller can have its registers at an arbitrary offset within the MemoryRegion it creates. We use this to create two controllers, one which covers a region of size 0x10000 with registers starting at an offset 0x1600 into that region, and a second one which covers a region of size just 0x100 with the registers starting at the base of the region. The implementation of this offsetting uses two qdev properties, "offset" (which sets the offset which must be subtracted from the address to get the offset into the actual register bank) and "size", which is the size of the MemoryRegion. We were actually using "offset" for two purposes: firstly the required one of handling the registers not being at the base of the MemoryRegion, and secondly as a workaround for a deficiency of QEMU. Until commit 5312bd8b3, if a MemoryRegion was mapped at a non-page boundary, the address passed into the read and write functions would be the offset from the start of the page, not the offset from the start of the MemoryRegion. So when calculating the value to set the "offset" qdev property we included a rounding to a page boundary. Following commit 5312bd8b3 MemoryRegion read/write functions are now correctly passed the offset from the base of the region, and our workaround now means we're subtracting too much from addresses, resulting in warnings like "pxa2xx_i2c_read: Bad register 0xffffff90". The fix for this is simply to remove the rounding to a page boundary; this allows us to slightly simplify the expression since base - (base & (~region_size)) == base & region_size The qdev property "offset" itself must remain because it is still performing its primary job of handling register banks not being at the base of the MemoryRegion. Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Reviewed-by: Andreas Färber <afaerber@suse.de>
2012-03-16hw/pxa2xx_lcd.c: drop target_phys_addr_t usage in device stateMitsyanko Igor
Pxa2xx LCD controller is intended to work with 32-bit bus and it has no knowledge of system's physical address size, so it should not use target_phys_addr_t in it's state. Convert three variables in DMAChannel state from target_phys_addr_t to uint32_t, use VMSTATE_UINT32 instead of VMSTATE_UINTTL for these variables. We can do this safely because: 1) pxa2xx has 32-bit physical address; 2) rest of the code in file never assumes converted variables to have any size different from uint32_t; 3) we shouldn't have used VMSTATE_UINTTL in the first place because this macro is for target_ulong type (which can be different from target_phys_addr_t). Signed-off-by: Igor Mitsyanko <i.mitsyanko@samsung.com> Reviewed-by: Andreas Färber <afaerber@suse.de> Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2012-03-16hw/pxa2xx_dma.c: drop target_phys_addr_t usage in device stateMitsyanko Igor
Pxa2xx DMA controller is a 32-bit device and it has no knowledge of system's physical address size, so it should not use target_phys_addr_t in it's state. Convert variables descr, src and dest from type target_phys_addr_t to uint32_t, use VMSTATE_UINT32 instead of VMSTATE_UINTTL for these variables. We can do this safely because: 1) pxa2xx actually has 32-bit physical address size; 2) rest of the code in file never assumes descr, src and dest variables to have size different from uint32_t; 3) we shouldn't have used VMSTATE_UINTTL in the first place because this macro is for target_ulong type (which can be different from target_phys_addr_t). Signed-off-by: Igor Mitsyanko <i.mitsyanko@samsung.com> Reviewed-by: Andreas Färber <afaerber@suse.de> Reviewed-by: Michael Roth <mdroth@linux.vnet.ibm.com> Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2012-03-16ARM: Remove unnecessary subpage workaroundsPeter Maydell
In the ARM per-CPU peripherals (GIC, private timers, SCU, etc), remove workarounds for subpage memory region read/write functions being passed offsets from the start of the page rather than the start of the region. Following commit 5312bd8b3 the masking off of high bits of the address offset is now harmless but unnecessary. Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Reviewed-by: Andreas Färber <afaerber@suse.de>
2012-03-15malta: Fix display for LED arrayStefan Weil
The 8-LED array was already implemented in the first commit to Malta, but this implementation was incomplete. Signed-off-by: Stefan Weil <sw@weilnetz.de>
2012-03-15malta: Use symbolic hardware addressesStefan Weil
The patch adds definitions of some hardware addresses and uses these definitions. It also replaces the type of all addresses from signed to unsigned values. This is only a cosmetic change because addresses are unsigned values, the functions called also expect unsigned values, and we need no sign extension here. Signed-off-by: Stefan Weil <sw@weilnetz.de>
2012-03-15malta: Always allocate flash memoryStefan Weil
There is no reason why there should not be a flash memory when the Malta emulation is started with a Linux kernel. When flash memory is always available, the code is simpler, and it can be better tested. Signed-off-by: Stefan Weil <sw@weilnetz.de>
2012-03-15malta: Clean allocation of bios region aliasStefan Weil
It is sufficient to define the region alias once for all code branches. Signed-off-by: Stefan Weil <sw@weilnetz.de>
2012-03-15target-arm: Decode SETEND correctly in ThumbPeter Maydell
Decode the SETEND instruction correctly in Thumb mode, rather than accidentally treating it like CPS. We don't support BE8 mode, but this change brings the Thumb mode in to line with behaviour in ARM mode: 'SETEND BE' is not supported and will provoke an UNDEF exception, but 'SETEND LE' is correctly handled as a no-op. Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Reported-by: Daniel Forsgren <daniel.forsgren@enea.com> Reviewed-by: Laurent Desnogues <laurent.desnogues@gmail.com>
2012-03-15target-arm: Clear IT bits when taking exceptions in v7MPeter Maydell
When taking an exception for an M profile core, we must clear the IT bits. Since the IT bits are cached in env->condexec_bits we must clear them there: writing the bits in env->uncached_cpsr has no effect. (Reported as LP:944645.) Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2012-03-15target-arm: Fix typo in ARM946 cp15 c5 handlingPeter Maydell
Fix a typo in handling of the ARM946 cp15 c5 c0 0 1 handling (instruction access permission bits) that meant it would return the data access permission bits by mistake. Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2012-03-15hw/omap_i2c: Convert to qdevJuha Riihimäki
Convert the omap_i2c device to qdev. Signed-off-by: Juha Riihimäki <juha.riihimaki@nokia.com> [Riku Voipio: Fixes and restructuring patchset] Signed-off-by: Riku Voipio <riku.voipio@iki.fi> [Peter Maydell: More fixes and cleanups for upstream submission] Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2012-03-15qapi: Convert migrateLuiz Capitulino
The migrate command is one of those commands where HMP and QMP completely mix up together. This made the conversion to the QAPI (which separates the command into QMP and HMP parts) a bit difficult. The first important change to be noticed is that this commit completes the removal of the Monitor object from migration code, started by the previous commit. Another important and tricky change is about supporting the non-detached mode. That is, if the user doesn't pass '-d' the migrate command will lock the monitor and will only release it when migration is finished. To support this in the new HMP command (hmp_migrate()), it is necessary to create a timer which runs every second and checks if the migration is still active. If it is, the timer callback will re-schedule itself to run one second in the future. If the migration has already finished, the monitor lock is released and the user can use it normally. All these changes should be transparent to the user. Signed-off-by: Anthony Liguori <aliguori@us.ibm.com> Signed-off-by: Luiz Capitulino <lcapitulino@redhat.com>
2012-03-15Purge migration of (almost) everything to do with monitorsLuiz Capitulino
The Monitor object is passed back and forth within the migration/savevm code so that it can print errors and progress to the user. However, that approach assumes a HMP monitor, being completely invalid in QMP. This commit drops almost every single usage of the Monitor object, all monitor_printf() calls have been converted into DPRINTF() ones. There are a few remaining Monitor objects, those are going to be dropped by the next commit. Signed-off-by: Anthony Liguori <aliguori@us.ibm.com> Signed-off-by: Luiz Capitulino <lcapitulino@redhat.com>
2012-03-15Error: Introduce error_copy()Luiz Capitulino
Signed-off-by: Luiz Capitulino <lcapitulino@redhat.com>
2012-03-15QError: Introduce new errors for the migration commandLuiz Capitulino
The new errors are QERR_MIGRATION_ACTIVE and QERR_MIGRATION_NOT_SUPPORTED, which are going to be used by the QAPI converted migration command. Signed-off-by: Luiz Capitulino <lcapitulino@redhat.com>
2012-03-15PPC: Fix openpic with relative memregionsAlexander Graf
After commit 5312bd8b3152 we got memory region relative offsets into our mmio callbacks instead of page boundary based offsets. This broke the OpenPIC emulation which expected offsets to be on page boundary and substracted its region offset manually. This patch gets rid of that manual substraction and lets the memory api do its magic instead. Signed-off-by: Alexander Graf <agraf@suse.de>
2012-03-15pseries: Configure PCI bridge using propertiesDavid Gibson
Currently, the function spapr_create_phb() uses its parameters to initialize the correct memory windows for the new PCI Host Bridge (PHB). This is not the way things are supposed to be done with qdevs, and means you can't create extra PHBs easily using -device. Since pSeries machines can and do have many PHBs with various configurations, this is a real limitation, not just a theoretical. This patch, therefore, alters the PHB initialization code to use qdev properties to set these parameters of the new bridge, moving most of the code from spapr_create_phb() to spapr_phb_init(). While we're at it, we change the naming of each PCI bus and its associated memory regions to be less arbitrary and make it easier to relate the guest and qemu views of memory to each other. Signed-off-by: Alexey Kardashevskiy <aik@ozlabs.ru> Signed-off-by: David Gibson <david@gibson.dropbear.id.au> Reviewed-by: Andreas Färber <afaerber@suse.de> Signed-off-by: Alexander Graf <agraf@suse.de>
2012-03-15PPC: KVM: Synchronize regs on CPU dumpAlexander Graf
When we dump the CPU registers, there's a certain chance they haven't been synchronized with KVM yet, so we have to manually trigger that. This aligns the code with x86 and fixes a bug where the register state was bogus on invalid/unknown kvm exit reasons. Reported-by: Benjamin Herrenschmidt <benh@kernel.crashing.org> Signed-off-by: Alexander Graf <agraf@suse.de>
2012-03-15kvm: Comparison with ioctl number macros needs to be unsignedDavid Gibson
In kvm-all.c we store an ioctl cmd number in the irqchip_inject_ioctl field of KVMState, which has type 'int'. This seems to make sense since the ioctl() man page says that the cmd parameter has type int. However, the kernel treats ioctl numbers as unsigned - sys_ioctl() takes an unsigned int, and the macros which generate ioctl numbers expand to unsigned expressions. Furthermore, some ioctls (IOC_READ ioctls on x86 and IOC_WRITE ioctls on powerpc) have bit 31 set, and so would be negative if interpreted as an int. This has the surprising and compile-breaking consequence that in kvm_irqchip_set_irq() where we do: return (s->irqchip_inject_ioctl == KVM_IRQ_LINE) ? 1 : event.status; We will get a "comparison is always false due to limited range of data type" warning from gcc if KVM_IRQ_LINE is one of the bit-31-set ioctls, which it is on powerpc. So, despite the fact that the man page and posix say ioctl numbers are signed, they're actually unsigned. The kernel uses unsigned, the glibc header uses unsigned long, and FreeBSD, NetBSD and OSX also use unsigned long ioctl numbers in the code. Therefore, this patch changes the variable to be unsigned, fixing the compile. Signed-off-by: David Gibson <david@gibson.dropbear.id.au> Signed-off-by: Alexander Graf <agraf@suse.de>
2012-03-15ppc: Correctly define POWERPC_INSNS2_DEFAULTMeador Inge
'POWERPC_INSNS2_DEFAULT' was defined incorrectly which was causing the opcode table creation code to erroneously register 'eieio' and 'mbar' for the "default" processor: ** ERROR: opcode 1a already assigned in opcode table 16 *** ERROR: unable to insert opcode [1f-16-1a] *** ERROR initializing PowerPC instruction 0x1f 0x16 0x1a Signed-off-by: Meador Inge <meadori@codesourcery.com> Signed-off-by: Alexander Graf <agraf@suse.de>
2012-03-15pseries: Add support for level interrupts to XICSDavid Gibson
The pseries "xics" interrupt controller, like most interrupt controllers can support both message (i.e. edge sensitive) interrupts and level sensitive interrupts, but it needs to know which are which. When I implemented the xics emulation for qemu, the only devices we supported were the PAPR virtual IO devices. These devices only use message interrupts, so they were the only ones I implemented in xics. Since then, however, we have added support for PCI devices, which use level sensitive interrupts. It turns out the message interrupt logic still actually works most of the time for these, but there are circumstances where we can lost interrupts due to the incorrect interrupt logic. This patch, therefore, implements the correct xics level-sensitive interrupt logic. The type of the interrupt is set when a device allocates a new xics interrupt. Signed-off-by: David Gibson <david@gibson.dropbear.id.au> Signed-off-by: Alexander Graf <agraf@suse.de>
2012-03-15PPC: Fix large page support in TCGNathan Whitehorn
Fix large page support in TCG. The old code would overwrite the large page table entry with the fake 4 KB one generated here whenever the ref/change bits were updated, causing it to point to the wrong area of memory. Signed-off-by: Nathan Whitehorn <nwhitehorn@freebsd.org> Acked-by: David Gibson <david@gibson.drobpear.id.au> [agraf: fix whitespace, braces] Signed-off-by: Alexander Graf <agraf@suse.de>
2012-03-15PPC: Add PIR register to POWER7 CPUNathan Whitehorn
The POWER7 emulation is missing the Processor Identification Register, mandatory in recent POWER CPUs, that is required for SMP on at least some operating systems (e.g. FreeBSD) to function properly. This patch copies the existing PIR code from the other CPUs that implement it. Signed-off-by: Nathan Whitehorn <nwhitehorn@freebsd.org> Signed-off-by: Alexander Graf <agraf@suse.de>