Commit Graph

59119 Commits

Author SHA1 Message Date
Stefan Hajnoczi
7f1d87ab0f trace: avoid SystemTap "char const" warnings
SystemTap's dtrace(1) produces the following warning when it encounters
"char const" instead of "const char":

  Warning: /usr/bin/dtrace:trace-dtrace-root.dtrace:66: syntax error near:
  probe flatview_destroy_rcu

  Warning: Proceeding as if --no-pyparsing was given.

This is a limitation in current SystemTap releases.  I have sent a patch
upstream to accept "char const" since it is valid C:

  https://sourceware.org/ml/systemtap/2018-q1/msg00017.html

In QEMU we still wish to avoid warnings in the current SystemTap
release.  It's simple enough to replace "char const" with "const char".

I'm not changing the documentation or implementing checks to prevent
this from occurring again in the future.  The next release of SystemTap
will hopefully resolve this issue.

Cc: Daniel P. Berrange <berrange@redhat.com>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
Reviewed-by: Daniel P. Berrange <berrange@redhat.com>
Message-id: 20180201162625.4276-1-stefanha@redhat.com
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2018-02-19 13:09:44 +00:00
Jon Emil Jahren
61b01bbc6c tracetool: For ust trace bool type as ctf_integer
Previously functions having arguments of type bool was not traced
properly. The bool arguments were missing from the trace.

Signed-off-by: Jon Emil Jahren <jonemilj@gmail.com>
Message-id: 20180129041648.30884-3-jonemilj@gmail.com
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2018-02-19 13:09:44 +00:00
Jon Emil Jahren
fb1a66bc01 tracetool: Update argument format regex to non-greedy star
Using the greedy star matching, arguments like "...%"PRIx64 caused issues
for functions with multiple PRI formats.

The issue was only seen with the ust backend, as it is the only one
using the format regex.

The result for many functions was that the arguments coming after the
greedy star end was left out of the tracepoint, and in some cases some
of the arguments that was traced had the wrong format.

Signed-off-by: Jon Emil Jahren <jonemilj@gmail.com>
Message-id: 20180129041648.30884-2-jonemilj@gmail.com
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2018-02-19 13:09:44 +00:00
Peter Maydell
e5ecc287a7 HMP pull 2018-02-16
-----BEGIN PGP SIGNATURE-----
 
 iQIcBAABAgAGBQJahxiiAAoJEAUWMx68W/3nGr8P/iowKSMEy/4ZyKlAU0q6S33v
 oxLNXWoUUMGnMMs9N18vbQtLKQQFuWrfxkLR6mNRdr6sgjpRF45l+JPtdXukM7x0
 rgRQUSWDb3jW1ETw/FwPv1N5s2cPBAh8/kJFzk9dxVW55flg5s4n6fJHIa6sZlgw
 Pz8qutHJ6SOZdtZLG4q/+vYR0se8W6sTfBW0ExPUvLwlczBT+NcySdkzYsveM0zs
 f70do5BNeQ/yzVMmPPdojzDAKvbOv2tXDfi5G10Z1drUUkiaKy3xAuvVnAXNuqta
 UlhnujtNyejVKdBqIb7XKYv3yWCuP3HQ36QwZNTxGgo4EovNr6W7RP5aUbLavjNQ
 FEZxt+r7XskuIVCDBdPuAdpSIjefNQlNZ6Hft8A+ezS2T7BqnOnkkMNrNxh8aQ6H
 UNRj6YiAveGUeYxGsZTEhBhmceAFPiy8L/B1kINJMhgBesjUi0aiPFz8rFTaBz7G
 bJM4rSOVC4yDYyJkQT/zItqBMIZq+z/mfn0gxtcLKg988AKthTBEhxTl7Y5NQUW4
 zzfPuI9zNb9Al8FSyg+a4MFf6euY9HAwlM6zakNDOZvbR3LcG+qVfbNnOwq4xRTE
 Qtmt7VJiteJX4zN+GqpZLPFS5jbDNmF4/5pMrMJnPxImXsI6wlRc9scYj9SYd/1b
 K9bPU3EdVscNpdV5CnjF
 =C+G1
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/dgilbert/tags/pull-hmp-20180216' into staging

HMP pull 2018-02-16

# gpg: Signature made Fri 16 Feb 2018 17:45:06 GMT
# gpg:                using RSA key 0516331EBC5BFDE7
# gpg: Good signature from "Dr. David Alan Gilbert (RH2) <dgilbert@redhat.com>"
# Primary key fingerprint: 45F5 C71B 4A0C B7FB 977A  9FA9 0516 331E BC5B FDE7

* remotes/dgilbert/tags/pull-hmp-20180216:
  monitor.c: Fix infinite loop in monitor's auto-complete
  monitor: Remove legacy "-mon default=on" parameter

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2018-02-16 18:39:05 +00:00
Dr. David Alan Gilbert
f0fa817675 cuda.h: Fix multiple typedef
RHEL6's compilers don't like the repeated typedef.

Signed-off-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Tested-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2018-02-16 18:38:21 +00:00
Dr. David Alan Gilbert
bf67f1c0b1 monitor.c: Fix infinite loop in monitor's auto-complete
The QEMU monitor enters an infinite loop when trying to auto-complete commands
that accept only optional parameters. The commands currently affected by this
issue are 'info registers' and 'info mtree'.

Reported-by: Dimitris Karagkasidis <t.pagef.lt@gmail.com>
Fixes: 48fe86f640
Signed-off-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
Message-Id: <20180213125143.23488-1-dgilbert@redhat.com>
Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com>
Signed-off-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
2018-02-16 17:36:16 +00:00
Thomas Huth
149da2f063 monitor: Remove legacy "-mon default=on" parameter
The "default" parameter of the "-mon" option is useless since
QEMU v2.4.0, and marked as deprecated since QEMU v2.8.0. That
should have been long enough to let people update their scripts,
so time to remove it now.

Signed-off-by: Thomas Huth <thuth@redhat.com>
Message-Id: <1513700253-10045-1-git-send-email-thuth@redhat.com>
Reviewed-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
Signed-off-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
2018-02-16 17:36:16 +00:00
Peter Maydell
5e8d6a12d6 bugfixes for vnc and sdl2
-----BEGIN PGP SIGNATURE-----
 Version: GnuPG v2.0.22 (GNU/Linux)
 
 iQIcBAABAgAGBQJahsZBAAoJEEy22O7T6HE42BQP/30HL2gZu53fGjsaO7m6C43X
 V5lr4iQEnxcLLEpPZxzbHrfhuHFc+wAuOcgW6HBuHZTRoeDRTfDuhovF4zPcQwqf
 pKdz9+GSzEhyX3ti8Dl7pDByybVy2k4fGanYPdI8rElQxyypIsjY/QRpuNTByX7q
 Rcl76AcDffCsmYhBU3Hc9bsTWS4nmJbZdPKAN6ul1W6TQLMeVDf1QUGHZABZXM4M
 ihcXUM11THH8SEI7uLtuqkOXOVJdtHRqTgonT2jTRccO9th+535g8Lxz/cQftv/N
 0cjVtlpMbPXcOhHonmQveRz2p7AV/7XaLKwKLyOFAdXQVZfc1k8Y9hhGiP2rPuxl
 qCrRRCUoejG8Jz1s+eQPVgGWgG+uPmZN+QxbfDLu3NOsRn286nzWkvDw/x3Dq+xk
 Y8QqMTtGDsu+r6OKkul47p3M8luZwnSqqFleR1VzmibFwEYzttCxqwP+8UqPlcoA
 oaTNzjMpMVLIPJCSruxBR3PLxqNGCks6igaOnNpSIK+lk9vIZFsWxqA3smuEopxA
 07Dqyt+kUJb/uomCCYnFBifDgkdOE9r8rgWe/NAbhf3BWyo+xpIEVnMYeDIiIu65
 I7hUwW6wK5GY7Zg56CHLA4LcAmbIzpLyD96vVLGC0bMfEQW3StKJoXbUx789B3Wn
 QLygX3/PuFDy0T1rMMXR
 =1q9G
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/kraxel/tags/ui-20180216-pull-request' into staging

bugfixes for vnc and sdl2

# gpg: Signature made Fri 16 Feb 2018 11:53:37 GMT
# gpg:                using RSA key 4CB6D8EED3E87138
# gpg: Good signature from "Gerd Hoffmann (work) <kraxel@redhat.com>"
# gpg:                 aka "Gerd Hoffmann <gerd@kraxel.org>"
# gpg:                 aka "Gerd Hoffmann (private) <kraxel@gmail.com>"
# Primary key fingerprint: A032 8CFF B93A 17A7 9901  FE7D 4CB6 D8EE D3E8 7138

* remotes/kraxel/tags/ui-20180216-pull-request:
  ui: extend VNC trottling tracing to SASL codepaths
  ui: check VNC audio frequency limit at time of reading from client
  ui: avoid 'local_err' variable shadowing in VNC SASL auth
  ui: avoid risk of 32-bit int overflow in VNC buffer check
  sdl2: fix mouse grab
  sdl: restore optimized redraw
  vnc: fix segfault in closed connection handling
  vnc: add qapi/error.h include to stubs
  vnc: remove bogus object_unref on client socket

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2018-02-16 15:55:45 +00:00
Peter Maydell
d9c92ae335 ppc patch queue 2018-02-16
Highlights of this batch:
   * Conversion to TranslatorOps (Emilio Cota)
   * Further bugfixes and cleanups to vcpu id allocation for pseries
     (Greg Kurz)
   * Another bugfix for HPT resizing (Daniel Henrique-Barboza)
   * Macintosh CUDA cleanups (Mark Cave-Ayland)
   * Further tweaks to Spectre/Meltdown mitigations (Suraj Singh)
 -----BEGIN PGP SIGNATURE-----
 
 iQIzBAABCAAdFiEEdfRlhq5hpmzETofcbDjKyiDZs5IFAlqGq6IACgkQbDjKyiDZ
 s5IW5Q//a2217YE+XsCaL2wJkDVGFwg56HIoD7BAgsygbiplxy5QTXSk8GO/H85A
 ybi4TFnYTt2kc4fYspXPLUDAB39Juv/pDwvHL0TjJCyxnT56YwSuLN+V8U3c1uKr
 H1cwxlDHjB+NFx94JDf7Ze3iUvShr/NAzlS4+N/7xENc3RewU25gl8z7+W8UGMlb
 uHTgISxV2F/WkMzFlAyqQDtkurgmtvW/XRp6l804wGecPDg1GeF3EIcKTDrJ9WtS
 yleQ7hTRdc3ML+66O6pWGz6fVt6IGk7rS0iJTjqmeXqv1zglbFiW5pbX6p/4OyWo
 S3wsac0tAI2Vvymkh4TcfqtfmEYwC1+fCtEmBbf2QetCchcYrIDsnBEasvOFnBbL
 utDliSbEQlKKMcG5/8gnIZeXQCvDWaIWUxgM6pcPYG/OU3RP2O5/+QNfpHy2pgYs
 YnrNmuaiVG4qJeXYK2Y/BqBxrIjQVsJIIZumywpdY/tgmJ2A3zg2Zv83b3LBHmrE
 d4k+qZmkZTBhKUYyskMDreqMEfR82VCQHjXsvblP0YGJ0M1v1MZVKiQR7goj7mfe
 TIYqVxmuFwHb5dYe2wgLHKRtlZ3Z34+24Pe+lIAo+DCEAxtEHVYi/za9uNqtbf/i
 jHQ5WFmaUdgLLAdomFhxSD/hg/bhGTpiJDB/yk4MUrLM76aAb78=
 =2DYH
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/dgibson/tags/ppc-for-2.12-20180216' into staging

ppc patch queue 2018-02-16

Highlights of this batch:
  * Conversion to TranslatorOps (Emilio Cota)
  * Further bugfixes and cleanups to vcpu id allocation for pseries
    (Greg Kurz)
  * Another bugfix for HPT resizing (Daniel Henrique-Barboza)
  * Macintosh CUDA cleanups (Mark Cave-Ayland)
  * Further tweaks to Spectre/Meltdown mitigations (Suraj Singh)

# gpg: Signature made Fri 16 Feb 2018 10:00:02 GMT
# gpg:                using RSA key 6C38CACA20D9B392
# gpg: Good signature from "David Gibson <david@gibson.dropbear.id.au>"
# gpg:                 aka "David Gibson (Red Hat) <dgibson@redhat.com>"
# gpg:                 aka "David Gibson (ozlabs.org) <dgibson@ozlabs.org>"
# gpg:                 aka "David Gibson (kernel.org) <dwg@kernel.org>"
# Primary key fingerprint: 75F4 6586 AE61 A66C C44E  87DC 6C38 CACA 20D9 B392

* remotes/dgibson/tags/ppc-for-2.12-20180216:
  ppc4xx: Add device models found in PPC440 core SoCs
  ppc/spapr-caps: Disallow setting workaround for spapr-cap-ibs
  target/ppc: convert to TranslatorOps
  target/ppc: convert to DisasContextBase
  spapr: consolidate the VCPU id numbering logic in a single place
  spapr: rename spapr_vcpu_id() to spapr_get_vcpu_id()
  spapr: move VCPU calculation to core machine code
  spapr: use spapr->vsmt to compute VCPU ids
  ppc/spapr-caps: Change migration macro to take full spapr-cap name
  hw/char: remove legacy interface escc_init()
  hw/ppc/spapr_hcall: set htab_shift after kvmppc_resize_hpt_commit
  cuda: convert to trace-events
  ppc: move CUDAState and other CUDA-related definitions into separate cuda.h file
  cuda: convert to use the shared mos6522 device

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2018-02-16 14:26:12 +00:00
Peter Maydell
648ba91596 Migration pull 20180214
Note that the 'Add test for migration to bad destination' displays
 a 'Connection refused' during running, but still gives the correct exit
 code and OK (It's checking that the source doesn't fail when
 it can't connect, so that's the right error).
 If it's particularly disliked that patch can be skipped individually.
 -----BEGIN PGP SIGNATURE-----
 
 iQIcBAABAgAGBQJahFawAAoJEAUWMx68W/3nwE4P/ih+c4uIG6rmwmQzfrKz7usM
 6yI9doyejn8uslIQAsU+me8LTGzGI8EeevAOONGO7atySIc2BzujVBxwZIRr70rj
 zJpv3dbU/kLPJC40sZixJ8lvaGQ0iGe9WAGxoOf523ezBzr0ir/Ha1W270ZxgGgw
 /1MFY45krye/wc+D/TdH3qjh3fkdcbbOMEcTaVJLaM2eKHfSnpQdrx7iE3Z9KZ/G
 /hgXiIzz8mZsFJTRtwjV1701fj0wKVDUAqgpsY8lmOxRMmFYuZmFKk1D+ppFXaov
 3dcrnP5gaX+42lQPKN5uVLH9pix3Q6AqcFRgSHRECugqFBlhckG2ZevatQIynCDB
 t9kV3fG5oAbfWUASayOhH2u4RUNGo9Hp1HPx7SPRSAhhpH1/p4vUfJKOn84e+jc2
 5r4Vyuit9BLwvHtt1awnVJZYVIJ/S/178/bSw//zHDQqKA1YakSmGkAWy5IT6LgF
 0eGGHmzxpFE4jMI7biM8OiSd0/SjU/ijV5sSAUyJM36d+ZuzsYf7myI17JQUoPmr
 /K1ld8y48MAY4K4M0wVBr8pcDY4eUw6XwWTX4FMPwYwdzdGbPNet+aR+VwCieoJU
 85e2gP8celL1xQz1bb9q43vV2gqkoAiw8tyUkuXvpPwRSa5foMOrteTr5V7MP660
 10Qg5Vp69SvnU7ggQCX+
 =drNV
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/dgilbert/tags/pull-migration-20180214a' into staging

Migration pull 20180214

Note that the 'Add test for migration to bad destination' displays
a 'Connection refused' during running, but still gives the correct exit
code and OK (It's checking that the source doesn't fail when
it can't connect, so that's the right error).
If it's particularly disliked that patch can be skipped individually.

# gpg: Signature made Wed 14 Feb 2018 15:33:04 GMT
# gpg:                using RSA key 0516331EBC5BFDE7
# gpg: Good signature from "Dr. David Alan Gilbert (RH2) <dgilbert@redhat.com>"
# Primary key fingerprint: 45F5 C71B 4A0C B7FB 977A  9FA9 0516 331E BC5B FDE7

* remotes/dgilbert/tags/pull-migration-20180214a:
  migration: pass MigrationState to migrate_init()
  migration: allow send_rq to fail
  migration: provide postcopy_fault_thread_notify()
  migration: reuse mis->userfault_quit_fd
  migration: better error handling with QEMUFile
  tests/migration: Add test for migration to bad destination
  migration: Fix early failure cleanup
  tests/migration: Add source to PC boot block
  migration: improve documentation of postcopy-ram
  migration/xen: Check return value of qemu_fclose

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2018-02-16 12:51:40 +00:00
Daniel P. Berrangé
d50f09ff23 ui: extend VNC trottling tracing to SASL codepaths
In previous commit:

  commit 6aa22a2918
  Author: Daniel P. Berrange <berrange@redhat.com>
  Date:   Mon Dec 18 19:12:27 2017 +0000

    ui: add trace events related to VNC client throttling

trace points related to unthrottling client I/O were missed from the
SASL codepaths.

Reported-by: Laszlo Ersek <lersek@redhat.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
Reviewed-by: Laszlo Ersek <lersek@redhat.com>
Message-id: 20180205114938.15784-5-berrange@redhat.com
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2018-02-16 12:33:02 +01:00
Daniel P. Berrangé
cf0706581b ui: check VNC audio frequency limit at time of reading from client
The 'vs->as.freq' value is a signed integer, which is read from an
unsigned 32-bit int field on the wire. There is thus a risk of overflow
on 32-bit platforms. Move the frequency limit checking to be done at
time of read before casting to a signed integer.

Reported-by: Laszlo Ersek <lersek@redhat.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
Reviewed-by: Laszlo Ersek <lersek@redhat.com>
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Message-id: 20180205114938.15784-4-berrange@redhat.com
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2018-02-16 12:33:02 +01:00
Daniel P. Berrangé
52c7c9d076 ui: avoid 'local_err' variable shadowing in VNC SASL auth
The start_auth_sasl() method declares a 'Error *local_err' variable in
an inner if () {...} scope, which shadows a variable of the same name
declared at the start of the method. This is confusing for reviewers and
may trigger compiler warnings.

Reported-by: Laszlo Ersek <lersek@redhat.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
Reviewed-by: Laszlo Ersek <lersek@redhat.com>
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Message-id: 20180205114938.15784-3-berrange@redhat.com
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2018-02-16 12:33:02 +01:00
Daniel P. Berrangé
dffa1de071 ui: avoid risk of 32-bit int overflow in VNC buffer check
For very large framebuffers, it is theoretically possible for the result
of 'vs->throttle_output_offset * VNC_THROTTLE_OUTPUT_LIMIT_SCALE' to
exceed the size of a 32-bit int. For this to happen in practice, the
video RAM would have to be set to a large enough value, which is not
likely today. None the less we can be paranoid against future growth by
using division instead of multiplication when checking the limits.

Reported-by: Laszlo Ersek <lersek@redhat.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
Reviewed-by: Laszlo Ersek <lersek@redhat.com>
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Message-id: 20180205114938.15784-2-berrange@redhat.com
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2018-02-16 12:33:02 +01:00
Gerd Hoffmann
8dfa3061ce sdl2: fix mouse grab
When qemu mouse mode changes from relative to absolute
we must turn off sdl relative mouse mode too.

Fixes: https://bugs.launchpad.net/qemu/+bug/1703795
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Message-Id: <20180202120803.11501-1-kraxel@redhat.com>
2018-02-16 12:32:35 +01:00
Anatoly Trosinenko
2ab858c6c3 sdl: restore optimized redraw
The documentation on SDL_RenderPresent function states that
"the backbuffer should be considered invalidated after each present",
so copy the entire texture on each redraw.

On the other hand, SDL_UpdateTexture function is described as
"fairly slow function", so restrict it to just the changed pixels.

Also added SDL_RenderClear call, as suggested in the documentation
page on SDL_RenderPresent.

Signed-off-by: Anatoly Trosinenko <anatoly.trosinenko@gmail.com>
Message-id: 20180205133228.25082-1-anatoly.trosinenko@gmail.com
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2018-02-16 12:25:35 +01:00
Klim Kireev
d49b87f0d1 vnc: fix segfault in closed connection handling
On one of our client's node, due to trying to read from closed ioc,
a segmentation fault occured. Corresponding backtrace:

0  object_get_class (obj=obj@entry=0x0)
1  qio_channel_readv_full (ioc=0x0, iov=0x7ffe55277180 ...
2  qio_channel_read (ioc=<optimized out> ...
3  vnc_client_read_buf (vs=vs@entry=0x55625f3c6000, ...
4  vnc_client_read_plain (vs=0x55625f3c6000)
5  vnc_client_read (vs=0x55625f3c6000)
6  vnc_client_io (ioc=<optimized out>, condition=G_IO_IN, ...
7  g_main_dispatch (context=0x556251568a50)
8  g_main_context_dispatch (context=context@entry=0x556251568a50)
9  glib_pollfds_poll ()
10 os_host_main_loop_wait (timeout=<optimized out>)
11 main_loop_wait (nonblocking=nonblocking@entry=0)
12 main_loop () at vl.c:1909
13 main (argc=<optimized out>, argv=<optimized out>, ...

Having analyzed the coredump, I understood that the reason is that
ioc_tag is reset on vnc_disconnect_start and ioc is cleaned
in vnc_disconnect_finish. Between these two events due to some
reasons the ioc_tag was set again and after vnc_disconnect_finish
the handler is running with freed ioc,
which led to the segmentation fault.

The patch checks vs->disconnecting in places where we call
qio_channel_add_watch and resets handler if disconnecting == TRUE
to prevent such an occurrence.

Signed-off-by: Klim Kireev <klim.kireev@virtuozzo.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
Message-id: 20180207094844.21402-1-klim.kireev@virtuozzo.com
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2018-02-16 12:23:54 +01:00
Gerd Hoffmann
577ce409ac vnc: add qapi/error.h include to stubs
Fixes --disable-vnc build failure.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Message-id: 20180213070526.22475-1-kraxel@redhat.com
2018-02-16 12:23:21 +01:00
Daniel P. Berrangé
f42fdb24b7 vnc: remove bogus object_unref on client socket
vnc_listen_io() does not own the reference on the 'cioc' parameter is it
passed, so should not be unref'ing it.

Fixes: 13e1d0e71e
Reported-by: Bandan Das <bsd@redhat.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Message-id: 20180215102602.10864-1-berrange@redhat.com
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2018-02-16 12:22:35 +01:00
Peter Maydell
0402ca3c70 -----BEGIN PGP SIGNATURE-----
iQIcBAABCAAGBQJahcheAAoJEL6G67QVEE/f48oP/i7z661EpJypffna2IQlqF1k
 m+MMzWHjXKmLhIVtvypTwoqvPSdzlz4ZaSOx5MuWctL4MXS2IyzYVGKYBp9v+zLN
 DZr8ZSAYD+r2EW6SiIMJb3Tzr//tgNsal8TJF7iv4ZCX0R+jXCNDfdp4vF8CHEgW
 8Lnkh6pHYnd792askpOuIe1+Mi0rUxGgIPvU4FbOicSYn4keLtr2TobtCNgIUhig
 8VJVHa9h6nASl4zU0ZD/+Y9lOwZh+wAxN7r7afQy3TqQSEFHcqccqSDB9MQACKgx
 RXfInu7BWuK2ir+LlvKluTFaXWIdxaey2BMKN0ygcy9sU900gshJixVT0+QAGOQO
 XNE8aqTwmoleQDULVAK8LhLI4CQs/z5QBc5LzMD/D6jYh6JuD7kasyurStqTg6e5
 tSoRqPMw0uHlmlrmw0BKU1bz/MKnMxOhv1vMsLvO4WRWxF8kS8bYJjGwvlluwptj
 kKNIj1RGmvPt+hm1QvMgzQehTqB4yJyn14gdfhowfiEEomOerjyDVC24Sf2kvGha
 gGEo2EOIfFc7jg2/S+06mMr47OVqLT2Bq86cDiXM+khoAm3jvPw5SnCsHkeduUKv
 2fFuKMQUWU5vjHgad4y+FJpT6ysr9rcMb6Ld806226+M1mBWx1BQoCbu3zco2d0D
 GAhMVaGRLphcK091eCMn
 =7TYE
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/berrange/tags/qio-next-pull-request' into staging

# gpg: Signature made Thu 15 Feb 2018 17:50:22 GMT
# gpg:                using RSA key BE86EBB415104FDF
# gpg: Good signature from "Daniel P. Berrange <dan@berrange.com>"
# gpg:                 aka "Daniel P. Berrange <berrange@redhat.com>"
# Primary key fingerprint: DAF3 A6FD B26B 6291 2D0E  8E3F BE86 EBB4 1510 4FDF

* remotes/berrange/tags/qio-next-pull-request:
  allow to build with older sed
  io/channel-command: Do not kill the child process after closing the pipe
  io: Add /dev/fdset/ support to QIOChannelFile
  io: Don't call close multiple times in QIOChannelFile
  io: Fix QIOChannelFile when creating and opening read-write
  io/channel-websock: handle continuous reads without any data
  io: fix QIONetListener memory leak

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2018-02-16 11:19:37 +00:00
Thomas Huth
5e5432b766 tests/boot-serial-test: Fix problem with timeout due to dropped characters
Commit 92b540dac9 introduce a counter to handle the timeouts in a
better way. But in case ccnt reaches 512, the current read character is
ignored - and if that character is part of the string that we are looking
for, the test fails to match the string.

Almost all of the tests look for a string within the first 512 bytes of
firmware output, so the problem never triggered there. But the hppa test
that has been added recently looks for a longer string at the very end of
a long output, thus there's a chance that we miss a character there so
that the test fails unexpectedly. Fix it by *not* reading and dropping a
character if the counter reaches 512.

Fixes: 92b540dac9
Signed-off-by: Thomas Huth <thuth@redhat.com>
Message-id: 1518761564-9899-1-git-send-email-thuth@redhat.com
[PMM: added initializer for nbd to silence false-positive warning
 from OpenBSD 6 compiler]
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2018-02-16 10:15:48 +00:00
BALATON Zoltan
58d5b22bbd ppc4xx: Add device models found in PPC440 core SoCs
These devices are found in newer SoCs based on 440 core e.g. the 460EX
(http://www.embeddeddeveloper.com/assets/processors/amcc/datasheets/
PP460EX_DS2063.pdf)

Signed-off-by: BALATON Zoltan <balaton@eik.bme.hu>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
2018-02-16 14:06:07 +11:00
Suraj Jitindar Singh
4f5b039d2b ppc/spapr-caps: Disallow setting workaround for spapr-cap-ibs
The spapr-cap cap-ibs can only have values broken or fixed as there is
no explicit workaround required. Currently setting the value workaround
for this cap will hit an assert if the guest makes the hcall
h_get_cpu_characteristics.

Report an error when attempting to apply the setting with a more helpful
error message.

Reported-by: Satheesh Rajendran <sathnaga@linux.vnet.ibm.com>
Signed-off-by: Suraj Jitindar Singh <sjitindarsingh@gmail.com>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
2018-02-16 13:40:51 +11:00
Emilio G. Cota
b0c2d5213a target/ppc: convert to TranslatorOps
A few changes worth noting:

- Didn't migrate ctx->exception to DISAS_* since the exception field is
  in many cases architecturally relevant.

- Moved the cross-page check from the end of translate_insn to tb_start.

- Removed the exit(1) after a TCG temp leak; changed the fprintf there to
  qemu_log.

Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Signed-off-by: Emilio G. Cota <cota@braap.org>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
2018-02-16 12:14:39 +11:00
Emilio G. Cota
b6bac4bc70 target/ppc: convert to DisasContextBase
A couple of notes:

- removed ctx->nip in favour of base->pc_next. Yes, it is annoying,
  but didn't want to waste its 4 bytes.

- ctx->singlestep_enabled does a lot more than
  base.singlestep_enabled; this confused me at first.

Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Signed-off-by: Emilio G. Cota <cota@braap.org>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
2018-02-16 12:14:39 +11:00
Greg Kurz
5d0fb1508e spapr: consolidate the VCPU id numbering logic in a single place
Several places in the code need to calculate a VCPU id:

    (cpu_index / smp_threads) * spapr->vsmt + cpu_index % smp_threads
    (core_id / smp_threads) * spapr->vsmt (1 user)
    index * spapr->vsmt (2 users)

or guess that the VCPU id of a given VCPU is the first thread of a virtual
core:

    index % spapr->vsmt != 0

Even if the numbering logic isn't that complex, it is rather fragile to
have these assumptions open-coded in several places. FWIW this was
proved with recent issues related to VSMT.

This patch moves the VCPU id formula to a single function to be called
everywhere the code needs to compute one. It also adds an helper to
guess if a VCPU is the first thread of a VCORE.

Signed-off-by: Greg Kurz <groug@kaod.org>
[dwg: Rename spapr_is_vcore() to spapr_is_thread0_in_vcore() for clarity]
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
2018-02-16 12:14:26 +11:00
Greg Kurz
14bb4486c8 spapr: rename spapr_vcpu_id() to spapr_get_vcpu_id()
The spapr_vcpu_id() function is an accessor actually. Let's rename it
for symmetry with the recently added spapr_set_vcpu_id() helper.

The motivation behind this is that a later patch will consolidate
the VCPU id formula in a function and spapr_vcpu_id looks like an
appropriate name.

Signed-off-by: Greg Kurz <groug@kaod.org>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
2018-02-16 12:14:26 +11:00
Greg Kurz
648edb6475 spapr: move VCPU calculation to core machine code
The VCPU ids are currently computed and assigned to each individual
CPU threads in spapr_cpu_core_realize(). But the numbering logic
of VCPU ids is actually a machine-level concept, and many places
in hw/ppc/spapr.c also have to compute VCPU ids out of CPU indexes.

The current formula used in spapr_cpu_core_realize() is:

    vcpu_id = (cc->core_id * spapr->vsmt / smp_threads) + i

where:

    cc->core_id is a multiple of smp_threads
    cpu_index = cc->core_id + i
    0 <= i < smp_threads

So we have:

    cpu_index % smp_threads == i
    cc->core_id / smp_threads == cpu_index / smp_threads

hence:

    vcpu_id =
        (cpu_index / smp_threads) * spapr->vsmt + cpu_index % smp_threads;

This formula was used before VSMT at the time VCPU ids where computed
at the target emulation level. It has the advantage of being useable
to derive a VPCU id out of a CPU index only. It is fitted for all the
places where the machine code has to compute a VCPU id.

This patch introduces an accessor to set the VCPU id in a PowerPCCPU object
using the above formula. It is a first step to consolidate all the VCPU id
logic in a single place.

Signed-off-by: Greg Kurz <groug@kaod.org>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
2018-02-16 12:14:26 +11:00
Greg Kurz
72194664c8 spapr: use spapr->vsmt to compute VCPU ids
Since the introduction of VSMT in 2.11, the spacing of VCPU ids
between cores is controllable through a machine property instead
of being only dictated by the SMT mode of the host:

    cpu->vcpu_id = (cc->core_id * spapr->vsmt / smp_threads) + i

Until recently, the machine code would try to change the SMT mode
of the host to be equal to VSMT or exit. This allowed the rest of
the code to assume that kvmppc_smt_threads() == spapr->vsmt is
always true.

Recent commit "8904e5a75005 spapr: Adjust default VSMT value for
better migration compatibility" relaxed the rule. If the VSMT
mode cannot be set in KVM for some reasons, but the requested
CPU topology is compatible with the current SMT mode, then we
let the guest run with  kvmppc_smt_threads() != spapr->vsmt.

This breaks quite a few places in the code, in particular when
calculating DRC indexes.

This is what happens on a POWER host with subcores-per-core=2 (ie,
supports up to SMT4) when passing the following topology:

    -smp threads=4,maxcpus=16 \
    -device host-spapr-cpu-core,core-id=4,id=core1 \
    -device host-spapr-cpu-core,core-id=8,id=core2

qemu-system-ppc64: warning: Failed to set KVM's VSMT mode to 8 (errno -22)

This is expected since KVM is limited to SMT4, but the guest is started
anyway because this topology can run on SMT4 even with a VSMT8 spacing.

But when we look at the DT, things get nastier:

cpus {
        ...
        ibm,drc-indexes = <0x4 0x10000000 0x10000004 0x10000008 0x1000000c>;

This means that we have the following association:

 CPU core device |     DRC    | VCPU id
-----------------+------------+---------
   boot core     | 0x10000000 | 0
   core1         | 0x10000004 | 4
   core2         | 0x10000008 | 8
   core3         | 0x1000000c | 12

But since the spacing of VCPU ids is 8, the DRC for core1 points to a
VCPU that doesn't exist, the DRC for core2 points to the first VCPU of
core1 and and so on...

        ...

        PowerPC,POWER8@0 {
                ...
                ibm,my-drc-index = <0x10000000>;
                ...
        };

        PowerPC,POWER8@8 {
                ...
                ibm,my-drc-index = <0x10000008>;
                ...
        };

        PowerPC,POWER8@10 {
                ...

No ibm,my-drc-index property for this core since 0x10000010 doesn't
exist in ibm,drc-indexes above.

                ...
        };
};

...

interrupt-controller {
        ...
        ibm,interrupt-server-ranges = <0x0 0x10>;

With a spacing of 8, the highest VCPU id for the given topology should be:
        16 * 8 / 4 = 32 and not 16

        ...
        linux,phandle = <0x7e7323b8>;
        interrupt-controller;
};

And CPU hot-plug/unplug is broken:

(qemu) device_del core1
pseries-hotplug-cpu: Cannot find CPU (drc index 10000004) to remove

(qemu) device_del core2
cpu 4 (hwid 8) Ready to die...
cpu 5 (hwid 9) Ready to die...
cpu 6 (hwid 10) Ready to die...
cpu 7 (hwid 11) Ready to die...

These are the VCPU ids of core1 actually

(qemu) device_add host-spapr-cpu-core,core-id=12,id=core3
(qemu) device_del core3
pseries-hotplug-cpu: Cannot find CPU (drc index 1000000c) to remove

This patches all the code in hw/ppc/spapr.c to assume the VSMT
spacing when manipulating VCPU ids.

Fixes: 8904e5a750
Signed-off-by: Greg Kurz <groug@kaod.org>

Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
2018-02-16 12:14:26 +11:00
Suraj Jitindar Singh
8c5909c419 ppc/spapr-caps: Change migration macro to take full spapr-cap name
Change the macro that generates the vmstate migration field and the needed
function for the spapr-caps to take the full spapr-cap name. This has
the benefit of meaning this instance will be picked up when greping
for the spapr-caps and making it more obvious what this macro is doing.

Signed-off-by: Suraj Jitindar Singh <sjitindarsingh@gmail.com>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
2018-02-16 12:14:26 +11:00
Laurent Vivier
2cc75c32e6 hw/char: remove legacy interface escc_init()
Move necessary stuff in escc.h and update type names.
Remove slavio_serial_ms_kbd_init().
Fix code style problems reported by checkpatch.pl
Update mac_newworld, mac_oldworld and sun4m to use directly the
QDEV interface.

Signed-off-by: Laurent Vivier <lvivier@redhat.com>
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Reviewed-by: Mark Cave-Ayland <mark.cave-ayland@ilande.co.uk>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
2018-02-16 12:14:26 +11:00
Daniel Henrique Barboza
9478956794 hw/ppc/spapr_hcall: set htab_shift after kvmppc_resize_hpt_commit
Newer kernels have a htab resize capability when adding or remove
memory. At these situations, the guest kernel might reallocate its
htab to a more suitable size based on the resulting memory.

However, we're not setting the new value back into the machine state
when a KVM guest resizes its htab. At first this doesn't seem harmful,
but when migrating or saving the guest state (via virsh managedsave,
for instance) this mismatch between the htab size of QEMU and the
kernel makes the guest hangs when trying to load its state.

Inside h_resize_hpt_commit, the hypercall that commits the hash page
resize changes, let's set spapr->htab_shift to the new value if we're
sure that kvmppc_resize_hpt_commit were successful.

While we're here, add a "not RADIX" sanity check as it is already done
in the related hypercall h_resize_hpt_prepare.

Fixes: https://github.com/open-power-host-os/qemu/issues/28
Reported-by: Satheesh Rajendran <sathnaga@linux.vnet.ibm.com>
Signed-off-by: Daniel Henrique Barboza <danielhb@linux.vnet.ibm.com>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
2018-02-16 12:14:26 +11:00
Mark Cave-Ayland
4b402e09e6 cuda: convert to trace-events
Signed-off-by: Mark Cave-Ayland <mark.cave-ayland@ilande.co.uk>
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
2018-02-16 12:14:26 +11:00
Mark Cave-Ayland
7092e84d42 ppc: move CUDAState and other CUDA-related definitions into separate cuda.h file
Signed-off-by: Mark Cave-Ayland <mark.cave-ayland@ilande.co.uk>
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
2018-02-16 12:14:26 +11:00
Mark Cave-Ayland
09a573474b cuda: convert to use the shared mos6522 device
Add the relevant hooks as required for the MacOS timer calibration and delayed
SR interrupt.

Signed-off-by: Mark Cave-Ayland <mark.cave-ayland@ilande.co.uk>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
2018-02-16 12:14:26 +11:00
Peter Maydell
cc5a0ae03e target-arm queue:
* aspeed: code cleanup to use unimplemented_device
  * preparatory work for 'raspi3' RaspberryPi 3 machine model
  * more SVE prep work
  * v8M: add minor missing registers
  * v7M: fix bug where we weren't migrating v7m.other_sp
  * v7M: fix bugs in handling of interrupt registers for
    external interrupts beyond 32
 -----BEGIN PGP SIGNATURE-----
 Version: GnuPG v1
 
 iQIcBAABCAAGBQJahdLAAAoJEDwlJe0UNgzezlsQAIe4csOMrr4BTXlZF6tCJLz/
 iF4j6ABmsLIAj8kn3KmLWLJ8AZ/hYHcRc9YygRKwJty+cXu2AVAHWXPlfPpv5lne
 zCbbXAw9QGwCVmPhBMFTX5qntbt8sMk+2o6A4QE/PqtmO4u8a9O7belgKrHuiCCm
 mn+AIH4Eo1cv58Tiijv+mxWk60mnooEwKFl7cqMYznnV0XQ4oLCq3jaW7YZL7hFF
 nOSo9lz5NCPwbAWNRvlr/dtY7ZhjkL5CimdzrPVR5Qn2FvnD7IgsoIyOb/y5rycf
 Bd2WijN1L6AE+h952A4qu0zDNxnyDCW18F54eB7IUrZqC7BRfXpPXs663UOeyQzX
 LtlRPQWtXIc6lDy4JznDpB6YXh7nfrQA5DrWF2CwNVXB2gEadna2gHpqyz60FoVZ
 2I8QDX7hqTiE8//z81ykp6591Z1xo1OlQbLCUtJUOoZsZ8Pn/4p3amVbOCCPAbe6
 IayrfLVltpPhrzfJXxd9ZpxsHqluwgo3ZLkTfv7hywIsirhMLWtztEUm2IRV/g6D
 O/NktDNmlfgpOVFPw60HpzkTe4CM10CVBMyTwsbQlsuw+3TFiE3Q1XRbxplG8CAs
 WhRTMsxA1V/x0Mj4zbMDbjKDsCEDQqj9f7KQgFnZnDhM2x+2jY98UGQHq0aoMlZI
 K4lCXS0x6MiJDJThjEm+
 =U8z2
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/pmaydell/tags/pull-target-arm-20180215-1' into staging

target-arm queue:
 * aspeed: code cleanup to use unimplemented_device
 * preparatory work for 'raspi3' RaspberryPi 3 machine model
 * more SVE prep work
 * v8M: add minor missing registers
 * v7M: fix bug where we weren't migrating v7m.other_sp
 * v7M: fix bugs in handling of interrupt registers for
   external interrupts beyond 32

# gpg: Signature made Thu 15 Feb 2018 18:34:40 GMT
# gpg:                using RSA key 3C2525ED14360CDE
# gpg: Good signature from "Peter Maydell <peter.maydell@linaro.org>"
# gpg:                 aka "Peter Maydell <pmaydell@gmail.com>"
# gpg:                 aka "Peter Maydell <pmaydell@chiark.greenend.org.uk>"
# Primary key fingerprint: E1A5 C593 CD41 9DE2 8E83  15CF 3C25 25ED 1436 0CDE

* remotes/pmaydell/tags/pull-target-arm-20180215-1:
  raspi: Raspberry Pi 3 support
  bcm2836: Make CPU type configurable
  target/arm: Implement v8M MSPLIM and PSPLIM registers
  target/arm: Migrate v7m.other_sp
  target/arm: Add AIRCR to vmstate struct
  hw/intc/armv7m_nvic: Fix byte-to-interrupt number conversions
  target/arm: Implement writing to CONTROL_NS for v8M
  hw/intc/armv7m_nvic: Implement SCR
  hw/intc/armv7m_nvic: Implement cache ID registers
  hw/intc/armv7m_nvic: Implement v8M CPPWR register
  hw/intc/armv7m_nvic: Implement M profile cache maintenance ops
  hw/intc/armv7m_nvic: Fix ICSR PENDNMISET/CLR handling
  hw/intc/armv7m_nvic: Don't hardcode M profile ID registers in NVIC
  target/arm: Handle SVE registers when using clear_vec_high
  target/arm: Enforce access to ZCR_EL at translation
  target/arm: Suppress TB end for FPCR/FPSR
  target/arm: Enforce FP access to FPCR/FPSR
  target/arm: Remove ARM_CP_64BIT from ZCR_EL registers
  hw/arm/aspeed: simplify using the 'unimplemented device' for aspeed_soc.io
  hw/arm/aspeed: directly map the serial device to the system address space

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2018-02-15 18:37:46 +00:00
Pekka Enberg
bade58166f raspi: Raspberry Pi 3 support
This patch adds Raspberry Pi 3 support to hw/arm/raspi.c. The
differences to Pi 2 are:

 - Firmware address
 - Board ID
 - Board revision

The CPU is different too, but that's going to be configured as part of
the machine default CPU when we introduce a new machine type.

The patch was written from scratch by me but the logic is similar to
Zoltán Baldaszti's previous work, which I used as a reference (with
permission from the author):

  https://github.com/bztsrc/qemu-raspi3

Signed-off-by: Pekka Enberg <penberg@iki.fi>
[PMM: fixed trailing whitespace on one line]
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2018-02-15 18:33:46 +00:00
Pekka Enberg
d9f8bbd8eb bcm2836: Make CPU type configurable
This patch adds a "cpu-type" property to BCM2836 SoC in preparation for
reusing the code for the Raspberry Pi 3, which has a different processor
model.

Signed-off-by: Pekka Enberg <penberg@iki.fi>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2018-02-15 18:33:46 +00:00
Peter Maydell
57bb315681 target/arm: Implement v8M MSPLIM and PSPLIM registers
The v8M architecture includes hardware support for enforcing
stack pointer limits. We don't implement this behaviour yet,
but provide the MSPLIM and PSPLIM stack pointer limit registers
as reads-as-written, so that when we do implement the checks
in future this won't break guest migration.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-id: 20180209165810.6668-12-peter.maydell@linaro.org
2018-02-15 18:29:49 +00:00
Peter Maydell
e1e7cbc904 target/arm: Migrate v7m.other_sp
In commit abc24d86cc we accidentally broke migration of
the stack pointer value for the mode (process, handler) the CPU
is not currently running as. (The commit correctly removed the
no-longer-used v7m.current_sp flag from the VMState but also
deleted the still very much in use v7m.other_sp SP value field.)

Add a subsection to migrate it again. (We don't need to care
about trying to retain compatibility with pre-abc24d86cc0364f
versions of QEMU, because that commit bumped the version_id
and we've since bumped it again a couple of times.)

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-id: 20180209165810.6668-11-peter.maydell@linaro.org
2018-02-15 18:29:49 +00:00
Peter Maydell
478257709a target/arm: Add AIRCR to vmstate struct
In commit commit 3b2e934463 we added support for the AIRCR
register holding state, but forgot to add it to the vmstate
structs. Since it only holds r/w state if the security extension
is implemented, we can just add it to vmstate_m_security.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-id: 20180209165810.6668-10-peter.maydell@linaro.org
2018-02-15 18:29:49 +00:00
Peter Maydell
12fbf1a163 hw/intc/armv7m_nvic: Fix byte-to-interrupt number conversions
In many of the NVIC registers relating to interrupts, we
have to convert from a byte offset within a register set
into the number of the first interrupt which is affected.
We were getting this wrong for:
 * reads of NVIC_ISPR<n>, NVIC_ISER<n>, NVIC_ICPR<n>, NVIC_ICER<n>,
   NVIC_IABR<n> -- in all these cases we were missing the "* 8"
   needed to convert from the byte offset to the interrupt number
   (since all these registers use one bit per interrupt)
 * writes of NVIC_IPR<n> had the opposite problem of a spurious
   "* 8" (since these registers use one byte per interrupt)

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Message-id: 20180209165810.6668-9-peter.maydell@linaro.org
2018-02-15 18:29:49 +00:00
Peter Maydell
6eb3a64e2a target/arm: Implement writing to CONTROL_NS for v8M
In commit 50f11062d4 we added support for MSR/MRS access
to the NS banked special registers, but we forgot to implement
the support for writing to CONTROL_NS. Correct the omission.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-id: 20180209165810.6668-8-peter.maydell@linaro.org
2018-02-15 18:29:49 +00:00
Peter Maydell
24ac0fb129 hw/intc/armv7m_nvic: Implement SCR
We were previously making the system control register (SCR)
just RAZ/WI. Although we don't implement the functionality
this register controls, we should at least provide the state,
including the banked state for v8M.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-id: 20180209165810.6668-7-peter.maydell@linaro.org
2018-02-15 18:29:49 +00:00
Peter Maydell
43bbce7fbe hw/intc/armv7m_nvic: Implement cache ID registers
M profile cores have a similar setup for cache ID registers
to A profile:
 * Cache Level ID Register (CLIDR) is a fixed value
 * Cache Type Register (CTR) is a fixed value
 * Cache Size ID Registers (CCSIDR) are a bank of registers;
   which one you see is selected by the Cache Size Selection
   Register (CSSELR)

The only difference is that they're in the NVIC memory mapped
register space rather than being coprocessor registers.
Implement the M profile view of them.

Since neither Cortex-M3 nor Cortex-M4 implement caches,
we don't need to update their init functions and can leave
the ctr/clidr/ccsidr[] fields in their ARMCPU structs at zero.
Newer cores (like the Cortex-M33) will want to be able to
set these ID registers to non-zero values, though.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-id: 20180209165810.6668-6-peter.maydell@linaro.org
2018-02-15 18:29:49 +00:00
Peter Maydell
ae7c5c855b hw/intc/armv7m_nvic: Implement v8M CPPWR register
The Coprocessor Power Control Register (CPPWR) is new in v8M.
It allows software to control whether coprocessors are allowed
to power down and lose their state. QEMU doesn't have any
notion of power control, so we choose the IMPDEF option of
making the whole register RAZ/WI (indicating that no coprocessors
can ever power down and lose state).

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-id: 20180209165810.6668-5-peter.maydell@linaro.org
2018-02-15 18:29:49 +00:00
Peter Maydell
e8ab26c484 hw/intc/armv7m_nvic: Implement M profile cache maintenance ops
For M profile cores, cache maintenance operations are done by
writing to special registers in the system register space.
For QEMU, cache operations are always NOPs, since we don't
implement the cache. Implementing these explicitly avoids
a spurious LOG_GUEST_ERROR when the guest uses them.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-id: 20180209165810.6668-4-peter.maydell@linaro.org
2018-02-15 18:29:49 +00:00
Peter Maydell
4f2eff36ad hw/intc/armv7m_nvic: Fix ICSR PENDNMISET/CLR handling
The PENDNMISET/CLR bits in the ICSR should be RAZ/WI from
NonSecure state if the AIRCR.BFHFNMINS bit is zero. We had
misimplemented this as making the bits RAZ/WI from both
Secure and NonSecure states. Fix this bug by checking
attrs.secure so that Secure code can pend and unpend NMIs.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-id: 20180209165810.6668-3-peter.maydell@linaro.org
2018-02-15 18:29:49 +00:00
Peter Maydell
5a53e2c1dc hw/intc/armv7m_nvic: Don't hardcode M profile ID registers in NVIC
Instead of hardcoding the values of M profile ID registers in the
NVIC, use the fields in the CPU struct. This will allow us to
give different M profile CPU types different ID register values.

This commit includes the addition of the missing ID_ISAR5,
which exists as RES0 in both v7M and v8M.

(The values of the ID registers might be wrong for the M4 --
this commit leaves the behaviour there unchanged.)

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-id: 20180209165810.6668-2-peter.maydell@linaro.org
2018-02-15 18:29:49 +00:00
Richard Henderson
4ff55bcb0e target/arm: Handle SVE registers when using clear_vec_high
When storing to an AdvSIMD FP register, all of the high
bits of the SVE register are zeroed.  Therefore, call it
more often with is_q as a parameter.

Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Message-id: 20180211205848.4568-6-richard.henderson@linaro.org
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2018-02-15 18:29:49 +00:00