Commit Graph

6196 Commits

Author SHA1 Message Date
aurel32
fb1c2cd7d9 linux-user: Fix h2g usage in page_find_alloc
Paul's comment on my first approach to fix the h2g usage in
page_find_alloc finally open my eyes about what the code is actually
supposed to do:

With the help of h2g_valid we can no cleanly check if a freshly allocate
page (for host usage) is guest-reachable and, in case it is, mark it
reserved in the guest's address range.

Signed-off-by: Jan Kiszka <jan.kiszka@web.de>
Signed-off-by: Kirill A. Shutemov <kirill@shutemov.name>
Acked-by: Edgar E. Iglesias <edgar.iglesias@gmail.com>
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>

git-svn-id: svn://svn.savannah.nongnu.org/qemu/trunk@5957 c046a42c-6fe2-441c-8c8c-71466251a162
2008-12-08 18:12:26 +00:00
aurel32
14cc46b19a linux-user: Introduce h2g_valid
Introduce h2g_valid to check if a given host address can be converted
into a valid guest address.

Based on a patch from  Jan Kiszka <jan.kiszka@web.de>

Signed-off-by: Kirill A. Shutemov <kirill@shutemov.name>
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>

git-svn-id: svn://svn.savannah.nongnu.org/qemu/trunk@5956 c046a42c-6fe2-441c-8c8c-71466251a162
2008-12-08 18:12:18 +00:00
aurel32
0e62fd7957 linux-user: Safety belt for h2g
h2g can only work on 64-bit hosts if the provided address is mappable to
the guest range. Neglecting this was already the source for several
bugs. Instrument the macro so that it will trigger earlier in the
future (at least as long as we have this kind of mapping mechanism).

Based on a patch from Jan Kiszka <jan.kiszka@web.de>

Signed-off-by: Kirill A. Shutemov <kirill@shutemov.name>
Acked-by: Edgar E. Iglesias <edgar.iglesias@gmail.com>
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>

git-svn-id: svn://svn.savannah.nongnu.org/qemu/trunk@5955 c046a42c-6fe2-441c-8c8c-71466251a162
2008-12-08 18:12:11 +00:00
aurel32
1609cd444b linux-user: Move abi_* typedefs into qemu-types.h
Signed-off-by: Kirill A. Shutemov <kirill@shutemov.name>
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>

git-svn-id: svn://svn.savannah.nongnu.org/qemu/trunk@5954 c046a42c-6fe2-441c-8c8c-71466251a162
2008-12-08 18:12:04 +00:00
aurel32
178baee68b configure: also close stdout when calling cc
Remove some ugly outputs with colorgcc

Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>

git-svn-id: svn://svn.savannah.nongnu.org/qemu/trunk@5953 c046a42c-6fe2-441c-8c8c-71466251a162
2008-12-08 18:11:57 +00:00
aurel32
db9a16a70c target-ppc: kill a warning
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>

git-svn-id: svn://svn.savannah.nongnu.org/qemu/trunk@5952 c046a42c-6fe2-441c-8c8c-71466251a162
2008-12-08 18:11:50 +00:00
aurel32
0e69805af6 target-ppc: cleanup op_helper.c after TCG conversion
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>

git-svn-id: svn://svn.savannah.nongnu.org/qemu/trunk@5951 c046a42c-6fe2-441c-8c8c-71466251a162
2008-12-08 18:11:42 +00:00
aurel32
b4cec7b455 target-ppc: enable access type in MMU
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>

git-svn-id: svn://svn.savannah.nongnu.org/qemu/trunk@5950 c046a42c-6fe2-441c-8c8c-71466251a162
2008-12-08 18:11:33 +00:00
aurel32
76db3ba44e target-ppc: memory load/store rework
Rework the memory load/store:
- Unify load/store functions for 32-bit and 64-bit CPU
- Don't swap values twice for bit-reverse load/store functions
  in little endian mode.
- On a 64-bit CPU in 32-bit mode, do the address truncation for
  address computation instead of every load store. Truncate the
  address when incrementing the address (if needed)
- Cache writes to access_types.
- Add a few missing calls to gen_set_access_type()

Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>

git-svn-id: svn://svn.savannah.nongnu.org/qemu/trunk@5949 c046a42c-6fe2-441c-8c8c-71466251a162
2008-12-08 18:11:21 +00:00
balrog
8bba3ea1fc Make memory load functions (ldxx_y(ptr)) take a const pointer.
git-svn-id: svn://svn.savannah.nongnu.org/qemu/trunk@5948 c046a42c-6fe2-441c-8c8c-71466251a162
2008-12-07 23:44:44 +00:00
balrog
aef3a282a4 Fix 64-bit targets compilation on ARM host.
Only fix compilation, probably doesn't run.


git-svn-id: svn://svn.savannah.nongnu.org/qemu/trunk@5947 c046a42c-6fe2-441c-8c8c-71466251a162
2008-12-07 23:35:47 +00:00
balrog
15b18ec20a Move spitz microdrive to PCMCIA socket 0.
git-svn-id: svn://svn.savannah.nongnu.org/qemu/trunk@5946 c046a42c-6fe2-441c-8c8c-71466251a162
2008-12-07 23:33:34 +00:00
aurel32
19bf517b7f target-alpha: gdb-stub support
(Vince Weaver)

git-svn-id: svn://svn.savannah.nongnu.org/qemu/trunk@5945 c046a42c-6fe2-441c-8c8c-71466251a162
2008-12-07 23:26:32 +00:00
aurel32
cd5158ea69 MIPS: remove a few warnings
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>

git-svn-id: svn://svn.savannah.nongnu.org/qemu/trunk@5944 c046a42c-6fe2-441c-8c8c-71466251a162
2008-12-07 23:26:24 +00:00
aurel32
3faf778e9d gdbstub: kill a warning
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>

git-svn-id: svn://svn.savannah.nongnu.org/qemu/trunk@5943 c046a42c-6fe2-441c-8c8c-71466251a162
2008-12-07 23:26:17 +00:00
aurel32
33093a0afc Parallel port reset
Attached patch adds a reset handler to parallel port, so it gets correct
register values after a reset.

(Hervé Poussineau)

git-svn-id: svn://svn.savannah.nongnu.org/qemu/trunk@5942 c046a42c-6fe2-441c-8c8c-71466251a162
2008-12-07 23:26:09 +00:00
aurel32
0c34a5d722 target-ppc: kill a few warnings
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>

git-svn-id: svn://svn.savannah.nongnu.org/qemu/trunk@5941 c046a42c-6fe2-441c-8c8c-71466251a162
2008-12-07 23:00:00 +00:00
malc
fd69fe2b94 Quote configure's arguments and location while storing them in config_host.mak
git-svn-id: svn://svn.savannah.nongnu.org/qemu/trunk@5940 c046a42c-6fe2-441c-8c8c-71466251a162
2008-12-07 22:50:16 +00:00
aurel32
d1f193b0ed SH4: SCI improvement
This patch simply implement one register of SH4's SCI := Serial Communication Interface.

R2D evaluation board uses SCI for SPI connection.  So, Linux kernel for R2D with
default configuration causes a QEMU assertion failure when it initializes SPI driver.
This patch avoids it and reduces the kernel config modification work for QEMU.

Completing SCI implementation task is left.  Other board support is desirable to confirm
this task, which uses SCI for a serial terminal.

(Shin-ichiro KAWASAKI)

git-svn-id: svn://svn.savannah.nongnu.org/qemu/trunk@5939 c046a42c-6fe2-441c-8c8c-71466251a162
2008-12-07 22:46:49 +00:00
aurel32
b79e175259 SH4: kill a few warnings
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>

git-svn-id: svn://svn.savannah.nongnu.org/qemu/trunk@5938 c046a42c-6fe2-441c-8c8c-71466251a162
2008-12-07 22:46:42 +00:00
aurel32
d8299bccf2 SH4: Implement FD bit
SH4 manual say that if a floating point instruction is executed while
FD bit in the status register is 1, an exception should be raised. QEMU
presently does not do that, so the kernel does not initialize FP state
for any thread, nor does it save/restore FP state. The most apparent
consequence is that while recent gcc/libc expect double-precision mode
to be set by kernel, they run in single-precision mode, and all FP code
produces wrong values.

This patch fixes this. It also fixes a couple of places where PC was
not updated before handling an exception, although both those places
deal with invalid instruction and don't lead to any user-visible bugs.

(Vladimir Prus)

git-svn-id: svn://svn.savannah.nongnu.org/qemu/trunk@5937 c046a42c-6fe2-441c-8c8c-71466251a162
2008-12-07 22:46:31 +00:00
aurel32
54604f74ae Some cleanups after dyngen removal
1. hostregs_helper.h: fix comment
2. translate-all.c: rename dyngen_code(_search_pc) to
   tcg_gen_code(_search_pc)
3. tcg.c:
  - rename dyngen_table_op_count to tcg_table_op_count
  - no need to generate a log of dyngen ops generated
  - rename dyngen_code(_search_pc) to tcg_gen_code(_search_pc)
4. tcg.h: rename dyngen_code(_search_pc) to
   tcg_gen_code(_search_pc)

Signed-off-by: Laurent Desnogues <laurent.desnogues@gmail.com>
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>

git-svn-id: svn://svn.savannah.nongnu.org/qemu/trunk@5936 c046a42c-6fe2-441c-8c8c-71466251a162
2008-12-07 20:35:00 +00:00
balrog
5c16736a37 SH4: Eliminate P4 to A7 mangling (Takashi YOSHII).
Main purpose of this is to delete
       *physical = address & 0x1fffffff;
at target-sh4/helper.c:449, using new mmio rule introduced by #5849
This masking is a nice trick to realize P4/A7 duality of SH registers.
But, IMHO, it is logically wrong.

Most of SH4 cpu control registers in P4 area(0xfc000000...0xffffffff) have
one more address called A7 which is usually P4 address with upper 3bits masked.
This is an address only appears in TLB's physical address part.

Current code use trick writing drivers as if they are really in A7
(that's why you see many *_A7 in hw/sh*.c), and using translation P4 to A7.

Signed-off-by: Takashi YOSHII <takasi-y@ops.dti.ne.jp>
Signed-off-by: Andrzej Zaborowski <andrew.zaborowski@intel.com>


git-svn-id: svn://svn.savannah.nongnu.org/qemu/trunk@5935 c046a42c-6fe2-441c-8c8c-71466251a162
2008-12-07 19:39:58 +00:00
balrog
486579de70 SH: improve the way sh7750 registers io memory (Takashi YOSHII).
Fixes to be needed for commit #5849 "Change MMIO callbacks..."
 hw/sh7750.c:
  - Divide region of CPU control registers to avoid overlapping
    to peripheral modules.
  - Delete unused var "icr", which had moved to hw/sh_intc.c.
 hw/sm501.c:
  - Merge non page aligned palette registers into the region of
    control registers.

Signed-off-by: Takashi YOSHII <takasi-y@ops.dti.ne.jp>
Signed-off-by: Andrzej Zaborowski <andrew.zaborowski@intel.com>


git-svn-id: svn://svn.savannah.nongnu.org/qemu/trunk@5934 c046a42c-6fe2-441c-8c8c-71466251a162
2008-12-07 19:33:15 +00:00
blueswir1
69d6451c3e Fix some new warnings introduced after r5022
git-svn-id: svn://svn.savannah.nongnu.org/qemu/trunk@5933 c046a42c-6fe2-441c-8c8c-71466251a162
2008-12-07 19:30:18 +00:00
balrog
c2f01775dd SH: r2d pci support (Takashi YOSHII).
This patch adds pci support to sh/r2d board.
This is the first user of PCIC support I formerly sent.

PCIC actually is inside of chip with CPU core on SH7751.
But, this code is written as if SH7750 and PCIC are on board.
I care little about physical device boundary, but fitting with qemu's
design.

This patch also adds some BSC (Bus State Controller) registers,
because PCI device driver software have to accesses them.

Signed-off-by: Takashi YOSHII <takasi-y@ops.dti.ne.jp>
Signed-off-by: Andrzej Zaborowski <andrew.zaborowski@intel.com>


git-svn-id: svn://svn.savannah.nongnu.org/qemu/trunk@5932 c046a42c-6fe2-441c-8c8c-71466251a162
2008-12-07 19:20:43 +00:00
blueswir1
e0e36fe91d Enable gcc flag -Wredundant-decls
git-svn-id: svn://svn.savannah.nongnu.org/qemu/trunk@5931 c046a42c-6fe2-441c-8c8c-71466251a162
2008-12-07 19:16:27 +00:00
blueswir1
10865b3496 Enable gcc flag -Wstrict-prototypes
git-svn-id: svn://svn.savannah.nongnu.org/qemu/trunk@5930 c046a42c-6fe2-441c-8c8c-71466251a162
2008-12-07 19:15:47 +00:00
blueswir1
c1e6ccd1db Enable gcc flag -Wmissing-prototypes
git-svn-id: svn://svn.savannah.nongnu.org/qemu/trunk@5929 c046a42c-6fe2-441c-8c8c-71466251a162
2008-12-07 19:15:17 +00:00
balrog
d0ef528a3e SH: Don't subtract bases from access addresses in PCIC.
git-svn-id: svn://svn.savannah.nongnu.org/qemu/trunk@5928 c046a42c-6fe2-441c-8c8c-71466251a162
2008-12-07 19:13:12 +00:00
balrog
1e5459a3fa SH: On-chip PCI controller support (Takashi YOSHII).
This patch adds SuperH on-chip PCI controller(PCIC) support.

Signed-off-by: Takashi YOSHII <takasi-y@ops.dti.ne.jp>
Signed-off-by: Andrzej Zaborowski <andrew.zaborowski@intel.com>


git-svn-id: svn://svn.savannah.nongnu.org/qemu/trunk@5927 c046a42c-6fe2-441c-8c8c-71466251a162
2008-12-07 19:08:45 +00:00
balrog
d47ede6093 sh4: Add r2d onboard FPGA IRQ controller (Takashi YOSHII).
This adds IRQ controller in FPGA on r2d, and use it for CF.

Signed-off-by: Takashi YOSHII <takasi-y@ops.dti.ne.jp>
Signed-off-by: Andrzej Zaborowski <andrew.zaborowski@intel.com>


git-svn-id: svn://svn.savannah.nongnu.org/qemu/trunk@5926 c046a42c-6fe2-441c-8c8c-71466251a162
2008-12-07 18:59:57 +00:00
balrog
c6d86a33d3 sh4: Add IRL (4-bit encoded interrupt input) support (Takashi YOSHII).
This patch adds IRL(4bit encoded 15 level interrupt input) support
to SH using qemu_irq as a multi level (!=on/off) signal.

Signed-off-by: Takashi YOSHII <takasi-y@ops.dti.ne.jp>
Signed-off-by: Andrzej Zaborowski <andrew.zaborowski@intel.com>


git-svn-id: svn://svn.savannah.nongnu.org/qemu/trunk@5925 c046a42c-6fe2-441c-8c8c-71466251a162
2008-12-07 18:49:57 +00:00
balrog
a4a771c055 sh4: mmio based CF support on r2d board (Takashi YOSHII).
This patch adds emulation for a CompactFlash on sh4/r2d board.
 The device is CF, but wired to be worked as True-IDE mode, and connected
 directly to SH bus. So, this code is to support generally mmio based
 IDEs which are supported by "pata_platform" driver in linux kernel.

Signed-off-by: Takashi YOSHII <takasi-y@ops.dti.ne.jp>
Signed-off-by: Andrzej Zaborowski <andrew.zaborowski@intel.com>


git-svn-id: svn://svn.savannah.nongnu.org/qemu/trunk@5924 c046a42c-6fe2-441c-8c8c-71466251a162
2008-12-07 18:41:42 +00:00
aurel32
db8d990204 Remove FORCE_RET() and RETURN()
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>

git-svn-id: svn://svn.savannah.nongnu.org/qemu/trunk@5923 c046a42c-6fe2-441c-8c8c-71466251a162
2008-12-07 18:15:54 +00:00
aurel32
49516bc0d6 Some cleanups after dyngen removal
this patch removes some now unused things after dyngen removal.

1. dyngen-exec.h:  op_param, op _jmp and some associated macros
   are now unused;
2. Makefile.target:  tcg-dyngen is not needed anymore
2. tcg/tcg-op.h, tcg/tcg-opc.h:  gen-op.h is dead
3. tcg.c:
    - INDEX_op_end is now the first op
    - CONFIG_DYNGEN_OP is never defined
4. tcg.h:  dyngen_op not needed anymore
5. exec-all.h:  remove some ASM macros.

Signed-off-by: Laurent Desnogues <laurent.desnogues@gmail.com>
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>

git-svn-id: svn://svn.savannah.nongnu.org/qemu/trunk@5922 c046a42c-6fe2-441c-8c8c-71466251a162
2008-12-07 18:15:45 +00:00
aurel32
0b97134b29 target-i386: fix CVE-2007-1322
The icebp instruction can be abused to terminate the emulation,
resulting in denial of service.

Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>

git-svn-id: svn://svn.savannah.nongnu.org/qemu/trunk@5921 c046a42c-6fe2-441c-8c8c-71466251a162
2008-12-07 18:15:36 +00:00
aurel32
e8e880a72e slirp: fix CVE 2007-5729
The emulated network cards in QEMU allows local users to execute arbitrary
code by writing Ethernet frames with a size larger than the slirp's default
MTU, which triggers a heap-based buffer overflow in the slirp library.

Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>

git-svn-id: svn://svn.savannah.nongnu.org/qemu/trunk@5920 c046a42c-6fe2-441c-8c8c-71466251a162
2008-12-07 18:15:23 +00:00
blueswir1
a810a2de17 Some fixes for TCG debugging
This fixes a few things after Paul's improvements for TCG debugging:

  - change TCGv_i64 field name to something different from
    TCGv_i32
  - fix things in tcg that the above change made visible.

Signed-off-by: Laurent Desnogues <laurent.desnogues@gmail.com>


git-svn-id: svn://svn.savannah.nongnu.org/qemu/trunk@5919 c046a42c-6fe2-441c-8c8c-71466251a162
2008-12-07 17:16:42 +00:00
aurel32
e8fc4fa7a1 target-ppc: disable single stepping
... which left was enabled by mistake.

Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>

git-svn-id: svn://svn.savannah.nongnu.org/qemu/trunk@5918 c046a42c-6fe2-441c-8c8c-71466251a162
2008-12-07 16:23:22 +00:00
balrog
dc23e2605d PXA: Account for offset from page start in a subpage mapping.
git-svn-id: svn://svn.savannah.nongnu.org/qemu/trunk@5917 c046a42c-6fe2-441c-8c8c-71466251a162
2008-12-07 16:08:49 +00:00
aurel32
dcb8c51272 Update .gitignore
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>

git-svn-id: svn://svn.savannah.nongnu.org/qemu/trunk@5916 c046a42c-6fe2-441c-8c8c-71466251a162
2008-12-07 16:04:13 +00:00
aurel32
ec72e276c5 target-ppc: Fix use of uninitialized TCG variable in tlbiva
Silences a warning about possible unitialized use of t0.

Signed-off-by: Andreas Faerber <andreas.faerber@web.de>
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>

git-svn-id: svn://svn.savannah.nongnu.org/qemu/trunk@5915 c046a42c-6fe2-441c-8c8c-71466251a162
2008-12-07 15:45:15 +00:00
aurel32
86e840eef7 Remove a few dyngen and dyngen related code
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>

git-svn-id: svn://svn.savannah.nongnu.org/qemu/trunk@5914 c046a42c-6fe2-441c-8c8c-71466251a162
2008-12-07 15:21:23 +00:00
balrog
955a7dd5e8 ARM: fix smmul and smmla/smmls usage of registers (Mans Rullgard).
This fixes the destination and accumulator registers for the smmul
and smmla instructions.

Signed-off-by: Mans Rullgard <mans@mansr.com>
Acked-by: Laurent Desnogues <laurent.desnogues@gmail.com>
Signed-off-by: Andrzej Zaborowski <andrew.zaborowski@intel.com>


git-svn-id: svn://svn.savannah.nongnu.org/qemu/trunk@5913 c046a42c-6fe2-441c-8c8c-71466251a162
2008-12-07 14:18:02 +00:00
balrog
ded9d29547 ARM: fix usad8 and usada8 usage of registers (Mans Rullgard).
This fixes the destination and accumulator registers for the usad8
and usada8 instructions.

Signed-off-by: Mans Rullgard <mans@mansr.com>
Signed-off-by: Andrzej Zaborowski <andrew.zaborowski@intel.com>


git-svn-id: svn://svn.savannah.nongnu.org/qemu/trunk@5912 c046a42c-6fe2-441c-8c8c-71466251a162
2008-12-07 14:03:27 +00:00
aurel32
662bbadd35 Remove gcc 3.4 check
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>

git-svn-id: svn://svn.savannah.nongnu.org/qemu/trunk@5911 c046a42c-6fe2-441c-8c8c-71466251a162
2008-12-07 13:40:38 +00:00
aurel32
45d827d2d7 target-ppc: convert SPR accesses to TCG
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>

git-svn-id: svn://svn.savannah.nongnu.org/qemu/trunk@5910 c046a42c-6fe2-441c-8c8c-71466251a162
2008-12-07 13:40:29 +00:00
aurel32
fa0d32c4e4 target-ppc: remove dead code
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>

git-svn-id: svn://svn.savannah.nongnu.org/qemu/trunk@5909 c046a42c-6fe2-441c-8c8c-71466251a162
2008-12-07 13:40:15 +00:00
balrog
4cc633c38b Patch holes in ARM translation (Laurent Desnogues).
- gen_set_CF_bit31:  use the right value to set carry flag
 - shifter_out_im:  remove a spurious semi-colon
 - add a break for VSHRN, VRSHRN, VQSHRN, VQRSHRN
   size 2 case
 - sbfx, ubfx are v6t2 instructions

The correct cps user mode behaviour is unclear so it's left out from the
commit until ARM decides it.

Signed-off-by: Laurent Desnogues <laurent.desnogues@gmail.com>
Signed-off-by: Andrzej Zaborowski <andrew.zaborowski@intel.com>


git-svn-id: svn://svn.savannah.nongnu.org/qemu/trunk@5908 c046a42c-6fe2-441c-8c8c-71466251a162
2008-12-07 13:32:09 +00:00