Commit Graph

56638 Commits

Author SHA1 Message Date
Thomas Huth
ab06ec4357 tests/pxe: Test more NICs when running in SPEED=slow mode
The pxe-test is a very good test to excercise NICs, thus we should use
it to test all NICs that can be used by the BIOS for booting via network.
However, to avoid that the default testing time increases too much, the
additional NICs are only tested in the "make check SPEED=slow" mode.

The virtio-net NIC on ppc64 is now also only tested in slow mode, since
the test on ppc64 is really quite slow and we've got test coverage for
virtio-net in big endian mode now on s390x, too.

Signed-off-by: Thomas Huth <thuth@redhat.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2017-10-15 05:54:44 +03:00
Laurent Vivier
46202d85d7 pc: remove useless hot_add_cpu initialisation
Since 4458fb3a79 (pc: Eliminate pc_default_machine_options()),
hot_add_cpu is set in pc_machine_class_init(), so we don't
need to set it in pc_q35_machine_options(), pc_i440fx_machine_options()
and xenfv_machine_options(), except to clear it in
pc_i440fx_1_4_machine_opt().

Signed-off-by: Laurent Vivier <lvivier@redhat.com>
Reviewed-by: Igor Mammedov <imammedo@redhat.com>
Reviewed-by: Eduardo Habkost <ehabkost@redhat.com>
Acked-by: Anthony PERARD <anthony.perard@citrix.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2017-10-15 05:54:44 +03:00
Eduardo Habkost
b5dac42492 isapc: Remove unnecessary migration compatibility code
We don't touch isapc when we change guest ABI and add new entries
to PC_COMPAT_* or new PCMachineClass compat flags.  This means
isapc never guaranteed guest ABI and cross-QEMU-version live
migration compatibility.  There's no point in keeping code for
kvm-pv-eoi and APIC ID compatibility in pc_init_isa().

Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
Reviewed-by: Igor Mammedov <imammedo@redhat.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2017-10-15 05:54:44 +03:00
Alexey Kardashevskiy
a93c8d828a virtio-pci: Replace modern_as with direct access to modern_bar
The modern bar is accessed now via yet another address space created just
for that purpose and it does not really need FlatView and dispatch tree
as it has a single memory region so it is just a waste of memory. Things
get even worse when there are dozens or hundreds of virtio-pci devices -
since these address spaces are global, changing any of them triggers
rebuilding all address spaces.

This replaces indirect accesses to the modern BAR with a simple lookup
and direct calls to memory_region_dispatch_read/write.

This is expected to save lots of memory at boot time after applying:
[Qemu-devel] [PULL 00/32] Misc changes for 2017-09-22

Signed-off-by: Alexey Kardashevskiy <aik@ozlabs.ru>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2017-10-15 05:54:44 +03:00
Wolfgang Bumiller
37ef70be6a virtio: fix descriptor counting in virtqueue_pop
While changing the s/g list allocation, commit 3b3b0628
also changed the descriptor counting to count iovec entries
as split by cpu_physical_memory_map(). Previously only the
actual descriptor entries were counted and the split into
the iovec happened afterwards in virtqueue_map().
Count the entries again instead to avoid erroneous
"Looped descriptor" errors.

Reported-by: Hans Middelhoek <h.middelhoek@ospito.nl>
Link: https://forum.proxmox.com/threads/vm-crash-with-memory-hotplug.35904/
Fixes: 3b3b062821 ("virtio: slim down allocation of VirtQueueElements")
Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2017-10-15 05:54:44 +03:00
Marcel Apfelbaum
8e36c336d9 hw/gen_pcie_root_port: make IO RO 0 on IO disabled
IO_LIMIT and IO_BASE registers should not be writable if
gen_pcie_root_port's io-reserve property is set to 0.
The COMMAND register should have the IO flag read only.

Signed-off-by: Marcel Apfelbaum <marcel@redhat.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2017-10-15 05:54:43 +03:00
Eduardo Habkost
2fefa16cec pci: Validate interfaces on base_class_init
Make sure we don't forget to add the Conventional PCI or PCI
Express interface names on PCI device classes in the future.

Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
Revieed-by: David Gibson <david@gibson.dropbear.id.au>
Reviewed-by: Marcel Apfelbaum <marcel@redhat.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2017-10-15 05:54:43 +03:00
Eduardo Habkost
6d7023763e xen/pt: Mark TYPE_XEN_PT_DEVICE as hybrid
xen-pt doesn't set the is_express field, but is supposed to be
able to handle PCI Express devices too.  Mark it as hybrid.

Suggested-by: Jan Beulich <JBeulich@suse.com>
Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2017-10-15 05:54:43 +03:00
Eduardo Habkost
fd3b02c889 pci: Add INTERFACE_CONVENTIONAL_PCI_DEVICE to Conventional PCI devices
Add INTERFACE_CONVENTIONAL_PCI_DEVICE to all direct subtypes of
TYPE_PCI_DEVICE, except:

1) The ones that already have INTERFACE_PCIE_DEVICE set:

* base-xhci
* e1000e
* nvme
* pvscsi
* vfio-pci
* virtio-pci
* vmxnet3

2) base-pci-bridge

Not all PCI bridges are Conventional PCI devices, so
INTERFACE_CONVENTIONAL_PCI_DEVICE is added only to the subtypes
that are actually Conventional PCI:

* dec-21154-p2p-bridge
* i82801b11-bridge
* pbm-bridge
* pci-bridge

The direct subtypes of base-pci-bridge not touched by this patch
are:

* xilinx-pcie-root: Already marked as PCIe-only.
* pcie-pci-bridge: Already marked as PCIe-only.
* pcie-port: all non-abstract subtypes of pcie-port are already
  marked as PCIe-only devices.

3) megasas-base

Not all megasas devices are Conventional PCI devices, so the
interface names are added to the subclasses registered by
megasas_register_types(), according to information in the
megasas_devices[] array.

"megasas-gen2" already implements INTERFACE_PCIE_DEVICE, so add
INTERFACE_CONVENTIONAL_PCI_DEVICE only to "megasas".

Acked-by: Alberto Garcia <berto@igalia.com>
Acked-by: John Snow <jsnow@redhat.com>
Acked-by: Anthony PERARD <anthony.perard@citrix.com>
Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
Reviewed-by: David Gibson <david@gibson.dropbear.id.au>
Acked-by: David Gibson <david@gibson.dropbear.id.au>
Reviewed-by: Marcel Apfelbaum <marcel@redhat.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2017-10-15 05:54:43 +03:00
Eduardo Habkost
71d787677d pci: Add INTERFACE_PCIE_DEVICE to all PCIe devices
Change all devices that set is_express=1 to implement
INTERFACE_PCIE_DEVICE.

Cc: Keith Busch <keith.busch@intel.com>
Cc: Kevin Wolf <kwolf@redhat.com>
Cc: Max Reitz <mreitz@redhat.com>
Cc: Dmitry Fleytman <dmitry@daynix.com>
Cc: Jason Wang <jasowang@redhat.com>
Cc: "Michael S. Tsirkin" <mst@redhat.com>
Cc: Marcel Apfelbaum <marcel@redhat.com>
Cc: Paul Burton <paul.burton@imgtec.com>
Cc: Paolo Bonzini <pbonzini@redhat.com>
Cc: Hannes Reinecke <hare@suse.com>
Cc: qemu-block@nongnu.org
Reviewed-by: Alistair Francis <alistair.francis@xilinx.com>
Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
Reviewed-by: David Gibson <david@gibson.dropbear.id.au>
Reviewed-by: Marcel Apfelbaum <marcel@redhat.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2017-10-15 05:54:42 +03:00
Eduardo Habkost
a5fa336f11 pci: Add interface names to hybrid PCI devices
The following devices support both PCI Express and Conventional
PCI, by including special code to handle the QEMU_PCI_CAP_EXPRESS
flag and/or conditional pcie_endpoint_cap_init() calls:

* vfio-pci (is_express=1, but legacy PCI handled by
  vfio_populate_device())
* vmxnet3 (is_express=0, but PCIe handled by vmxnet3_realize())
* pvscsi (is_express=0, but PCIe handled by pvscsi_realize())
* virtio-pci (is_express=0, but PCIe handled by
  virtio_pci_dc_realize(), and additional legacy PCI code at
  virtio_pci_realize())
* base-xhci (is_express=1, but pcie_endpoint_cap_init() call
  is conditional on pci_bus_is_express(dev->bus)
  * Note that xhci does not clear QEMU_PCI_CAP_EXPRESS like the
    other hybrid devices

Cc: Dmitry Fleytman <dmitry@daynix.com>
Cc: Jason Wang <jasowang@redhat.com>
Cc: Paolo Bonzini <pbonzini@redhat.com>
Cc: Gerd Hoffmann <kraxel@redhat.com>
Cc: Alex Williamson <alex.williamson@redhat.com>
Cc: "Michael S. Tsirkin" <mst@redhat.com>
Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
Reviewed-by: David Gibson <david@gibson.dropbear.id.au>
Reviewed-by: Marcel Apfelbaum <marcel@redhat.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2017-10-15 05:54:42 +03:00
Eduardo Habkost
619f02aefc pci: conventional-pci-device and pci-express-device interfaces
Those two interfaces will be used to indicate which device types
support Conventional PCI or PCI Express buses.  Management
software will be able to use the qom-list-types QMP command to
query that information.

Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
Reviewed-by: David Gibson <david@gibson.dropbear.id.au>
Reviewed-by: Marcel Apfelbaum <marcel@redhat.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2017-10-15 05:54:42 +03:00
Matt Redfearn
a6c242aaf5 PCI: PCIe access should always be little endian
PCIe busses are always little endian, so set the endianness of the
memory region to little endian rather than native such that operations
work as expected on big endian targets.

Signed-off-by: Matt Redfearn <matt.redfearn@imgtec.com>
Reviewed-by: Marcel Apfelbaum <marcel@redhat.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2017-10-15 05:54:42 +03:00
Dr. David Alan Gilbert
b81b948ecc virtio/pci/migration: Convert to VMState
Convert the 'modern_state' part of virtio-pci to modern migration
macros.

Signed-off-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2017-10-15 05:54:41 +03:00
Aleksandr Bezzubikov
d659d94013 hw/pci-bridge/pcie_pci_bridge: properly handle MSI unavailability case
QEMU with the pcie-pci-bridge device crashes if the guest board doesn't support MSI,
e.g. 'qemu-system-ppc64 -M prep -device pcie-pci-bridge'.
This is caused by wrong pcie-pci-bridge instantiation error handling. This patch fixes this issue
by falling back to legacy INTx if MSI is not available.
Also set the bridge's 'msi' property default value to 'auto' in order to trigger errors
only when user explicitly set msi=on.

Reported-by: Eduardo Habkost <ehabkost@redhat.com>
Signed-off-by: Aleksandr Bezzubikov <zuban32s@gmail.com>
Reviewed-by: Marcel Apfelbaum <marcel@redhat.com>
Tested-by: Thomas Huth <thuth@redhat.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2017-10-15 05:54:41 +03:00
Mark Cave-Ayland
9cd1e97a7a pci: allow 32-bit PCI IO accesses to pass through the PCI bridge
Whilst the underlying PCI bridge implementation supports 32-bit PCI IO
accesses, unfortunately they are truncated at the legacy 64K limit.

Signed-off-by: Mark Cave-Ayland <mark.cave-ayland@ilande.co.uk>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2017-10-15 05:54:41 +03:00
Felipe Franciosi
5c0ba1be37 virtio/vhost: reset dev->log after syncing
vhost_log_put() is called to decomission the dirty log between qemu and
a vhost device when stopping the device. Such a call can happen from
migration_completion().

Present code sets dev->log_size to zero too early in vhost_log_put(),
causing the sync check to always return false. As a consequence, the
last pass on the dirty bitmap never happens at the end of migration.

If a vhost device was busy (writing to guest memory) until the last
moments before vhost_virtqueue_stop(), this error will result in guest
memory corruption (at least) following migrations.

Signed-off-by: Felipe Franciosi <felipe@nutanix.com>
Acked-by: Jason Wang <jasowang@redhat.com>
Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2017-10-15 05:54:41 +03:00
Marc-André Lureau
3505a22bcb MAINTAINERS: add Dump maintainers
Proposing myself, since I have some familiarity with the code now.

Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Acked-by: Laszlo Ersek <lersek@redhat.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2017-10-15 05:54:41 +03:00
Marc-André Lureau
d23bfa91b7 scripts/dump-guest-memory.py: add vmcoreinfo
Add a vmcoreinfo ELF note in the dump if vmcoreinfo device has the
memory location details.

Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2017-10-15 05:54:40 +03:00
Marc-André Lureau
9ada575bba kdump: set vmcoreinfo location
kdump header provides offset and size of the vmcoreinfo content,
append it if available (skip the ELF note header).

crash-7.1.9 was the first version that started looking in the
vmcoreinfo data for phys_base instead of in the kdump_sub_header.

Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2017-10-15 05:54:40 +03:00
Marc-André Lureau
d9feb51772 dump: update phys_base header field based on VMCOREINFO content
If the guest note is VMCOREINFO, try to get phys_base from it.

Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2017-10-15 05:54:40 +03:00
Marc-André Lureau
903ef73496 dump: add guest ELF note
Read the guest ELF PT_NOTE from guest memory when fw_cfg
etc/vmcoreinfo entry provides the location, and write it as an
additional note in the dump.

Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2017-10-15 05:54:40 +03:00
Marc-André Lureau
6e43353f10 hw/misc: add vmcoreinfo device
See docs/specs/vmcoreinfo.txt for details.

"etc/vmcoreinfo" fw_cfg entry is added when using "-device vmcoreinfo".

Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2017-10-15 05:54:40 +03:00
Marc-André Lureau
5f9252f7cc fw_cfg: add write callback
Reintroduce the write callback that was removed when write support was
removed in commit 023e314856.

Contrary to the previous callback implementation, the write_cb
callback is called whenever a write happened, so handlers must be
ready to handle partial write as necessary.

Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2017-10-15 05:54:40 +03:00
Mao Zhongyi
06592d7e28 pci: Set err to errp directly rather than through error_propagate()
ioh3420_interrupts_init() pass error message to local_err, then
propagate it to errp by error_propagate(), which is not necessary.
So eliminate it and pass errp directly instead of local_err.

Cc: "Michael S. Tsirkin" <mst@redhat.com>
Cc: Marcel Apfelbaum <marcel@redhat.com>
Signed-off-by: Mao Zhongyi <maozy.fnst@cn.fujitsu.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Reviewed-by: Marcel Apfelbaum <marcel@redhat.com>
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2017-10-15 05:54:40 +03:00
Eduardo Habkost
8b3d26342c xio3130_downstream: Report error if pcie_chassis_add_slot() failed
On commit f8cd1b02 ("pci: Convert to realize"), no error_set*()
call was added for the pcie_chassis_add_slot() error case.
pcie_chassis_add_slot() errors get ignored, making QEMU crash
later.  e.g.:

  $ qemu-system-x86_64 -device ioh3420 -device xio3130-downstream
  qemu-system-x86_64: memory.c:2166: memory_region_del_subregion: Assertion `subregion->container == mr' failed.
  Aborted (core dumped)

Fix it by reporting the error using error_setg().

Fixes: f8cd1b0201
Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
Reviewed-by: Marcel Apfelbaum <marcel@redhat.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2017-10-15 05:54:39 +03:00
Peter Maydell
f90ea7ba7c target-arm queue:
* v8M: SG, BLXNS, secure-return
  * v8M: fixes for coverity issues in previous patches
  * arm: fix armv7m_init() declaration to match definition
  * watchdog/aspeed: fix variable type to store reload value
 -----BEGIN PGP SIGNATURE-----
 Version: GnuPG v1
 
 iQIcBAABCAAGBQJZ35IpAAoJEDwlJe0UNgzerIkP/2Ikozj+wZeHXNltgB7AWoFl
 OG987IQ6ZC2akN5mVAqDGUi3UUhYz/ehByk5VXWD7rRHb6lO7WbSuDH4NjCLeBNf
 vJBGOlio6pzgxChE6nNVuXvDTXh1QhBCAADUM0wvyn1kNlvzMmbmAfE5d+Kr9dGl
 pf/YR2aOhxle1hhxRRrvlPRXGQrS5zn2kAcdtErv7Yjc/NrHTmYLiEcUukPK5R7W
 AuZh+eaUdDxfWuFyg2O95bQqD9XLg+gPrOvH29tMko6Uqb3wVuG2CS4BXtPmSbGZ
 QVISABueF0i9Bd4RYBziIzDmN0fQS+1P6YzMv7g7s2MBj6nQwPLenOHrB3+C2TAg
 qelA2XfEv8kEQFD/iHvRAflecDGyogLE+BKqFo5s5MJn74Fxm+YNAaTva1gbcsyG
 XgeS1zSlwdfCApv0SbforOpZRQ8opagVb/J8SQK4NxUSFOnqVYtV1ixwzII5r1T9
 i2SZiE7Ig0TeYw4yi6rtYCQ6d/0vPy2xYHzBfJu3tx1Bz/7XHqB3JYrjO3BeS0fv
 Q6ek8rBKCJB71YvDeHmNhysTzxV5/GDErH+QRcps3InaV9zTFYpaUCfx2lBwk6vJ
 7bUjmfLG4MOpy7sXkJC+80HHl1AvkhYy9OU8oZhhLmrcJPS16KL1vtCtqPIo+1ey
 ofiBbeBPWNoFQ0TFftJ8
 =/H5Z
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/pmaydell/tags/pull-target-arm-20171012' into staging

target-arm queue:
 * v8M: SG, BLXNS, secure-return
 * v8M: fixes for coverity issues in previous patches
 * arm: fix armv7m_init() declaration to match definition
 * watchdog/aspeed: fix variable type to store reload value

# gpg: Signature made Thu 12 Oct 2017 17:02:49 BST
# gpg:                using RSA key 0x3C2525ED14360CDE
# gpg: Good signature from "Peter Maydell <peter.maydell@linaro.org>"
# gpg:                 aka "Peter Maydell <pmaydell@gmail.com>"
# gpg:                 aka "Peter Maydell <pmaydell@chiark.greenend.org.uk>"
# Primary key fingerprint: E1A5 C593 CD41 9DE2 8E83  15CF 3C25 25ED 1436 0CDE

* remotes/pmaydell/tags/pull-target-arm-20171012:
  nvic: Fix miscalculation of offsets into ITNS array
  nvic: Add missing 'break'
  target/arm: Implement SG instruction corner cases
  target/arm: Support some Thumb insns being always unconditional
  target-arm: Simplify insn_crosses_page()
  target/arm: Pull Thumb insn word loads up to top level
  target-arm: Don't check for "Thumb2 or M profile" for not-Thumb1
  target/arm: Implement secure function return
  target/arm: Implement BLXNS
  target/arm: Implement SG instruction
  target/arm: Add M profile secure MMU index values to get_a32_user_mem_index()
  arm: fix armv7m_init() declaration to match definition
  watchdog/aspeed: fix variable type to store reload value

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2017-10-12 17:06:50 +01:00
Peter Maydell
cf5f7937b0 nvic: Fix miscalculation of offsets into ITNS array
This calculation of the first exception vector in
the ITNS<n> register being accessed:
        int startvec = 32 * (offset - 0x380) + NVIC_FIRST_IRQ;

is incorrect, because offset is in bytes, so we only want
to multiply by 8.

Spotted by Coverity (CID 1381484, CID 1381488), though it is
not correct that it actually overflows the buffer, because
we have a 'startvec + i < s->num_irq' guard.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-id: 1507650856-11718-1-git-send-email-peter.maydell@linaro.org
2017-10-12 16:33:16 +01:00
Peter Maydell
a94bb9cd58 nvic: Add missing 'break'
Coverity points out that we forgot the 'break' for
the SAU_CTRL write case (CID1381683). This has
no actual visible consequences because it happens
that the following case is effectively a no-op.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Message-id: 1507742676-9908-1-git-send-email-peter.maydell@linaro.org
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
2017-10-12 13:24:39 +01:00
Peter Maydell
76eff04d16 target/arm: Implement SG instruction corner cases
The common situation of the SG instruction is that it is
executed from S&NSC memory by a CPU in NS state. That case
is handled by v7m_handle_execute_nsc(). However the instruction
also has defined behaviour in a couple of other cases:
 * SG instruction in NS memory (behaves as a NOP)
 * SG in S memory but CPU already secure (clears IT bits and
   does nothing else)
 * SG instruction in v8M without Security Extension (NOP)

These can be implemented in translate.c.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-id: 1507556919-24992-10-git-send-email-peter.maydell@linaro.org
2017-10-12 13:23:14 +01:00
Peter Maydell
dcf14dfb70 target/arm: Support some Thumb insns being always unconditional
A few Thumb instructions are always unconditional even inside an
IT block (as opposed to being UNPREDICTABLE if used inside an
IT block): BKPT, the v8M SG instruction, and the A profile
HLT (debug halt) instruction.

This means we need to suppress the jump-over-instruction-on-condfail
code generation (though the IT state still advances as usual and
subsequent insns in the IT block may be conditional).

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-id: 1507556919-24992-9-git-send-email-peter.maydell@linaro.org
2017-10-12 13:23:14 +01:00
Peter Maydell
5b8d7289e9 target-arm: Simplify insn_crosses_page()
Recent changes have left insn_crosses_page() more complicated
than it needed to be:
 * it's only called from thumb_tr_translate_insn() so we know
   for certain that we're looking at a Thumb insn
 * the caller's check for dc->pc >= dc->next_page_start - 3
   means that dc->pc can't possibly be 4 aligned, so there's
   no need to check that (the check was partly there to ensure
   that we didn't treat an ARM insn as Thumb, I think)
 * we now have thumb_insn_is_16bit() which lets us do a precise
   check of the length of the next insn, rather than opencoding
   an inaccurate check

Simplify it down to just loading the first half of the insn
and calling thumb_insn_is_16bit() on it.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-id: 1507556919-24992-8-git-send-email-peter.maydell@linaro.org
2017-10-12 13:23:14 +01:00
Peter Maydell
296e5a0a6c target/arm: Pull Thumb insn word loads up to top level
Refactor the Thumb decode to do the loads of the instruction words at
the top level rather than only loading the second half of a 32-bit
Thumb insn in the middle of the decode.

This is simple apart from the awkward case of Thumb1, where the
BL/BLX prefix and suffix instructions live in what in Thumb2 is the
32-bit insn space.  To handle these we decode enough to identify
whether we're looking at a prefix/suffix that we handle as a 16 bit
insn, or a prefix that we're going to merge with the following suffix
to consider as a 32 bit insn.  The translation of the 16 bit cases
then moves from disas_thumb2_insn() to disas_thumb_insn().

The refactoring has the benefit that we don't need to pass the
CPUARMState* down into the decoder code any more, but the major
reason for doing this is that some Thumb instructions must be always
unconditional regardless of the IT state bits, so we need to know the
whole insn before we emit the "skip this insn if the IT bits and cond
state tell us to" code.  (The always unconditional insns are BKPT,
HLT and SG; the last of these is 32 bits.)

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-id: 1507556919-24992-7-git-send-email-peter.maydell@linaro.org
2017-10-12 13:23:14 +01:00
Peter Maydell
6b8acf256d target-arm: Don't check for "Thumb2 or M profile" for not-Thumb1
The code which implements the Thumb1 split BL/BLX instructions
is guarded by a check on "not M or THUMB2". All we really need
to check here is "not THUMB2" (and we assume that elsewhere too,
eg in the ARCH(6T2) test that UNDEFs the Thumb2 insns).

This doesn't change behaviour because all M profile cores
have Thumb2 and so ARM_FEATURE_M implies ARM_FEATURE_THUMB2.
(v6M implements a very restricted subset of Thumb2, but we
can cross that bridge when we get to it with appropriate
feature bits.)

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-id: 1507556919-24992-6-git-send-email-peter.maydell@linaro.org
2017-10-12 13:23:14 +01:00
Peter Maydell
d02a8698d7 target/arm: Implement secure function return
Secure function return happens when a non-secure function has been
called using BLXNS and so has a particular magic LR value (either
0xfefffffe or 0xfeffffff). The function return via BX behaves
specially when the new PC value is this magic value, in the same
way that exception returns are handled.

Adjust our BX excret guards so that they recognize the function
return magic number as well, and perform the function-return
unstacking in do_v7m_exception_exit().

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Acked-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-id: 1507556919-24992-5-git-send-email-peter.maydell@linaro.org
2017-10-12 13:23:14 +01:00
Peter Maydell
3e3fa230e3 target/arm: Implement BLXNS
Implement the BLXNS instruction, which allows secure code to
call non-secure code.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-id: 1507556919-24992-4-git-send-email-peter.maydell@linaro.org
2017-10-12 13:23:14 +01:00
Peter Maydell
333e10c51e target/arm: Implement SG instruction
Implement the SG instruction, which we emulate 'by hand' in the
exception handling code path.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-id: 1507556919-24992-3-git-send-email-peter.maydell@linaro.org
2017-10-12 13:23:14 +01:00
Peter Maydell
b9f587d62c target/arm: Add M profile secure MMU index values to get_a32_user_mem_index()
Add the M profile secure MMU index values to the switch in
get_a32_user_mem_index() so that LDRT/STRT work correctly
rather than asserting at translate time.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-id: 1507556919-24992-2-git-send-email-peter.maydell@linaro.org
2017-10-12 13:23:14 +01:00
Igor Mammedov
8602beb7fa arm: fix armv7m_init() declaration to match definition
s/cpu_model/cpu_type/ that has been forgotten during
conversion (ba1ba5cc), while touching the line also
fixup alignment.

Signed-off-by: Igor Mammedov <imammedo@redhat.com>
Message-id: 1507710805-221721-1-git-send-email-imammedo@redhat.com
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2017-10-12 13:20:07 +01:00
Cédric Le Goater
f958537a0d watchdog/aspeed: fix variable type to store reload value
Initially from Anton D. Kachalov" <mouse@yandex-team.ru> but the SoB was
missing.

Signed-off-by: Cédric Le Goater <clg@kaod.org>
Acked-by: Andrew Jeffery <andrew@aj.id.au>
Message-id: 20170920064915.30027-1-clg@kaod.org
[clg: change commit log and subject
      replace UL suffix by ULL ]
Signed-off-by: Cédric Le Goater <clg@kaod.org>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2017-10-12 13:20:06 +01:00
Peter Maydell
a0b261db8c Python queue, 2017-10-11
-----BEGIN PGP SIGNATURE-----
 
 iQIcBAABCAAGBQJZ3mfEAAoJECgHk2+YTcWmvtwP/3jAS2y5/lLjdv1b3L7m54Ku
 phugkwOw1s2nK799eaWMtICc6NhuMLXguXtE9DQLtOzzHDjIW/lOJSvrnj+ERGsT
 koGCbCSkjIiMu+kh3pXExnGZXbB4R4/TozsLPVq66bwqCPADuNMVHFX+HeNQCf3w
 xNsr5+ge6+fiQupLx9CZPigp8Xzw6XDwBmFOa8y0McHMMtbskr0iS+WL6qdnEOAz
 MEkZyFpg52qa2xJbo7nBpzStdbO+1MTfCefCWkWUxDBUrhR73aEG3z20Q2BJmBl4
 mk+F617jQS3m0dIXZI9OH3aUhfSzNY6s4GuFSgJpsyjQ1I9nlrx3JtlijiUJ2QlS
 0K3LG0+5w5fXgKMjqHfHLauavHX+LA1E3yozqADRN2jS1xQrlr+C+fWDk7X775V3
 8cPJmV4/i1ZgShNj8zqlfq6E1frz0/X6ebGD2HX1i9861p6ATZ3uq8ukAbSkSllD
 9Zh7oJBqLkmUG/euYkW2ZThEk+eMCFdgu0KAZTGPJBOHW9em2nKzgwBwZIKecCCd
 vH6oPgGtkhqActqPWveL8RiK+gZ9PKVdq1rvjmwWXxBpgqik9stlDgS4AbNCXxXP
 oih/NHgB7nn2GdFtk33svNjnk56RKUZDxGmlwO/JWIVd523Bxylq7admNQscnjrH
 tJWohV5xx7c73lBV9P90
 =AVf5
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/ehabkost/tags/python-next-pull-request' into staging

Python queue, 2017-10-11

# gpg: Signature made Wed 11 Oct 2017 19:49:40 BST
# gpg:                using RSA key 0x2807936F984DC5A6
# gpg: Good signature from "Eduardo Habkost <ehabkost@redhat.com>"
# Primary key fingerprint: 5A32 2FD5 ABC4 D3DB ACCF  D1AA 2807 936F 984D C5A6

* remotes/ehabkost/tags/python-next-pull-request:
  scripts: Remove debug parameter from QEMUMachine
  scripts: Remove debug parameter from QEMUMonitorProtocol
  guestperf: Configure logging on all shell frontends
  basevm: Call logging.basicConfig()
  iotests: Set up Python logging

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2017-10-12 10:02:09 +01:00
Eduardo Habkost
1a6d375710 scripts: Remove debug parameter from QEMUMachine
All scripts that use the QEMUMachine and QEMUQtestMachine classes
(device-crash-test, tests/migration/*, iotests.py, basevm.py)
already configure logging.

The basicConfig() call inside QEMUMachine.__init__() is being
kept just to make sure a script would still work if it didn't
configure logging.

Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
Message-Id: <20171005172013.3098-4-ehabkost@redhat.com>
Reviewed-by: Lukáš Doktor <ldoktor@redhat.com>
Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
2017-10-11 15:15:17 -03:00
Eduardo Habkost
091776545f scripts: Remove debug parameter from QEMUMonitorProtocol
Use logging module for the QMP debug messages.  The only scripts
that set debug=True are iotests.py and guestperf/engine.py, and
they already call logging.basicConfig() to set up logging.

Scripts that don't configure logging are safe as long as they
don't need debugging output, because debug messages don't trigger
the "No handlers could be found for logger" message from the
Python logging module.

Scripts that already configure logging but don't use debug=True
(e.g. scripts/vm/basevm.py) will get QMP debugging enabled for
free.

Cc: "Alex Bennée" <alex.bennee@linaro.org>
Cc: Fam Zheng <famz@redhat.com>
Cc: "Philippe Mathieu-Daudé" <f4bug@amsat.org>
Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
Message-Id: <20171005172013.3098-3-ehabkost@redhat.com>
Reviewed-by: Lukáš Doktor <ldoktor@redhat.com>
Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
2017-10-11 15:15:17 -03:00
Eduardo Habkost
8af09b8001 guestperf: Configure logging on all shell frontends
The logging module will eventually replace the 'debug' parameter
in QEMUMachine and QEMUMonitorProtocol.

Cc: Daniel P. Berrange <berrange@redhat.com>
Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
Message-Id: <20171005172013.3098-2-ehabkost@redhat.com>
Reviewed-by: Lukáš Doktor <ldoktor@redhat.com>
Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
2017-10-11 15:15:17 -03:00
Eduardo Habkost
fb3b4e6d88 basevm: Call logging.basicConfig()
Just setting level=DEBUG when debug is enabled is not enough: we
need to set up a log handler if we want debug messages generated
using logging.getLogger(...).debug() to be printed.

This was not a problem before because logging.debug() calls
logging.basicConfig() implicitly, but it's safer to not rely on
that.

Cc: "Alex Bennée" <alex.bennee@linaro.org>
Cc: Fam Zheng <famz@redhat.com>
Cc: "Philippe Mathieu-Daudé" <f4bug@amsat.org>
Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
Message-Id: <20170927130339.21444-4-ehabkost@redhat.com>
Reviewed-by: Daniel P. Berrange <berrange@redhat.com>
Reviewed-by: Fam Zheng <famz@redhat.com>
Reviewed-by: Lukáš Doktor <ldoktor@redhat.com>
Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
2017-10-11 15:15:17 -03:00
Eduardo Habkost
43851b5bd4 iotests: Set up Python logging
Set up Python logging module instead of relying on
QEMUMachine._debug to enable debugging messages.

Cc: Kevin Wolf <kwolf@redhat.com>
Cc: Max Reitz <mreitz@redhat.com>
Cc: qemu-block@nongnu.org
Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
Message-Id: <20170927130339.21444-3-ehabkost@redhat.com>
Reviewed-by: Daniel P. Berrange <berrange@redhat.com>
Reviewed-by: Lukáš Doktor <ldoktor@redhat.com>
Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
2017-10-11 15:15:17 -03:00
Peter Maydell
bac9608320 -----BEGIN PGP SIGNATURE-----
iQIcBAABAgAGBQJZ3TzEAAoJENro4Ql1lpzlInwP/RSqdMuWEPfvbiON0LlWJFXr
 Mc1WFyjZUGEOUE/LW6tegmj+v/kqVHozbaAJZyuWyw181eu9un1Q25LBjdrvxqx7
 L8WJ8SBOQmFtvz4pBOeHCqwDLUaCwv9+PhzuSVwfuyztDmOHwsxj5H0lk/wOqJy5
 68IUw1gjcqPw8+wZV4RPeAN7BGo1iXrbat3qEWoUMXIYkReVv1At4flp9w4hVaAy
 pLvy95Yiu3uzwkAMKIrkWQshB7nqabjAvRQl4FXd8w0v2vYgKXHO0RDIf9+1Qa8S
 kSBpz3ytrgCXhsBvQ+SMY9tT/f2l7SyD+oeXvEQhC4mtoLY5EFWOEQs9HwQdewHW
 5U8JxcQWD/FSvgos9L3GUb/vPkVYmguqtuApWbSNzP2rs1k0sS3GV44hkT6ZXdSS
 hnWptSfuEQ1HNaTdMti5FLp0KNcseHVRp1zu37xfJfEwJg7IC8yS2Emls2IzVEQK
 wobl5PxFarwTwSj5TqqTxly3amHDrQaUb+YI3w6pEZP1aB5h+J5ezfFPODwn1qOx
 bniThspy85Z1wc2+bV2DDfFSXUItnTqF4H56+hpHF0rL06UvVcRzIhatRwL/U1Qh
 aArVlV970W8ygrnP0IbnidWHZGHX8I1cMLqh5HQj/Hg+p2Ek2n2eF7SFrQdLQUMO
 O0hrL/D5GRDJE65HHb55
 =/PnC
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/elmarco/tags/vus-pull-request' into staging

# gpg: Signature made Tue 10 Oct 2017 22:33:56 BST
# gpg:                using RSA key 0xDAE8E10975969CE5
# gpg: Good signature from "Marc-André Lureau <marcandre.lureau@redhat.com>"
# gpg:                 aka "Marc-André Lureau <marcandre.lureau@gmail.com>"
# gpg: WARNING: This key is not certified with sufficiently trusted signatures!
# gpg:          It is not certain that the signature belongs to the owner.
# Primary key fingerprint: 87A9 BD93 3F87 C606 D276  F62D DAE8 E109 7596 9CE5

* remotes/elmarco/tags/vus-pull-request: (27 commits)
  vhost-user-scsi: remove server_sock from VusDev
  vhost-user-scsi: use libvhost-user glib helper
  libvhost-user: add glib source helper
  vhost-user-scsi: use glib logging
  vhost-user-scsi: simplify source handling
  vhost-user-scsi: drop extra callback pointer
  vhost-user-scsi: don't copy iscsi/scsi-lowlevel.h
  vhost-user-scsi: avoid use of iscsi_ namespace
  vhost-user-scsi: rename VUS types
  vhost-user-scsi: remove unimplemented functions
  vhost-user-scsi: remove VUS_MAX_LUNS
  vhost-user-scsi: remove vdev_scsi_add_iscsi_lun()
  vhost-user-scsi: assert() in iscsi_add_lun()
  vhost-user-scsi: use NULL pointer
  vhost-user-scsi: simplify unix path cleanup
  vhost-user-scsi: remove vdev_scsi_find_by_vu()
  vhost-user-scsi: also free the gtree
  vhost-user-scsi: glib calls that allocate don't return NULL
  vhost-user-scsi: use glib allocation
  vhost-user-scsi: code style fixes
  ...

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2017-10-11 13:10:36 +01:00
Peter Maydell
e74c0cfa57 Queued TCG patches
-----BEGIN PGP SIGNATURE-----
 
 iQEcBAABAgAGBQJZ3R4gAAoJEGTfOOivfiFf9isH+wfr6Sg4z7OeGqMUfbsB2WzQ
 TVrN51ee9isHvPn66Qj7OANk7toqj+cWh1BuDpjRBLQV4sx7V4N/qfazlriEvlRj
 doIIsl4tdG4XaoiF0AM/touBRlTs+yDQtLcwL5BaLm7JoekM1ICAiiIeX9Vfy1CH
 ll4gyZ4n0WVVpseBQWWZJpOqZr8cBXYNdmYWkjL+qVLytxifmmdYUlELtdiwByB2
 91GMpKgu2OYWV55Ivk/Yo4KUxv5EOazOXc6dELACA1oqf+G+NlTut0zCHaumxJyN
 gXePbD6RQuT/2NnAyQ2FMWGtaqbepg8oPVT700cboUv4flg/0Z+KU48jLpzZBvM=
 =syLD
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/rth/tags/pull-tcg-20171010' into staging

Queued TCG patches

# gpg: Signature made Tue 10 Oct 2017 20:23:12 BST
# gpg:                using RSA key 0x64DF38E8AF7E215F
# gpg: Good signature from "Richard Henderson <richard.henderson@linaro.org>"
# Primary key fingerprint: 7A48 1E78 868B 4DB6 A85A  05C0 64DF 38E8 AF7E 215F

* remotes/rth/tags/pull-tcg-20171010:
  tcg/mips: delete commented out extern keyword.
  tcg: define TCG_HIGHWATER
  util: move qemu_real_host_page_size/mask to osdep.h
  tcg: take .helpers out of TCGContext
  tci: move tci_regs to tcg_qemu_tb_exec's stack
  exec-all: extract tb->tc_* into a separate struct tc_tb
  translate-all: define and use DEBUG_TB_CHECK_GATE
  translate-all: define and use DEBUG_TB_INVALIDATE_GATE
  exec-all: introduce TB_PAGE_ADDR_FMT
  translate-all: define and use DEBUG_TB_FLUSH_GATE
  exec-all: bring tb->invalid into tb->cflags
  tcg: consolidate TB lookups in tb_lookup__cpu_state
  tcg: remove addr argument from lookup_tb_ptr
  tcg/mips: constify tcg_target_callee_save_regs
  tcg/i386: constify tcg_target_callee_save_regs
  cpu-exec: rename have_tb_lock to acquired_tb_lock in tb_find
  translate-all: make have_tb_lock static
  exec-all: fix typos in TranslationBlock's documentation
  tcg: fix corruption of code_time profiling counter upon tb_flush
  cputlb: bring back tlb_flush_count under !TLB_DEBUG

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2017-10-11 09:56:16 +01:00
Marc-André Lureau
53a2e1b523 vhost-user-scsi: remove server_sock from VusDev
It is unneeded in the VusDev device structure, and also simplify a bit
the code.

Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
2017-10-10 23:31:09 +02:00
Marc-André Lureau
62ddfba034 vhost-user-scsi: use libvhost-user glib helper
Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Reviewed-by: Paolo Bonzini <pbonzini@redhat.com>
2017-10-10 23:31:09 +02:00