Alex Williamson [Mon, 8 Oct 2012 14:45:29 +0000 (08:45 -0600)]
vfio-pci: Rework MSIX setup/teardown
We try to do lazy initialization of MSIX since we don't actually need
to setup anything until MSIX vectors start getting used. This leads
to problems if MSIX is enabled, but never used (we can end up trying
to re-enable INTx while it's still enabled). We also run into
problems trying to expand our reset function to tear down interrupts
as we can then get vector release notifications after we've released
data structures. By making explicit initialization and teardown we
can avoid both of these problems and behave more similar to bare
metal.
Signed-off-by: Alex Williamson <alex.williamson@redhat.com>
Alex Williamson [Mon, 8 Oct 2012 14:45:29 +0000 (08:45 -0600)]
vfio-pci: Unmap and retry DMA mapping
Occasionally we get regions added that overlap with existing mappings.
These always seems to be in the VGA ROM range. VFIO returns EBUSY
for these mapping attempts. We can try a little harder and assume
that the latest mapping is correct by removing any overlapping ranges
and retrying the original request.
Signed-off-by: Alex Williamson <alex.williamson@redhat.com>
Alex Williamson [Mon, 8 Oct 2012 14:45:29 +0000 (08:45 -0600)]
vfio-pci: Update slow path INTx algorithm
We can't afford the overhead of switching out and back into mmap mode
around each interrupt, but we can do it lazily via a timer. On INTx
interrupt, disable the mmap'd memory regions and set a timer. On
every interrupt, push the timer out. If the timer expires and the
interrupt is no longer pending, switch back to mmap mode.
This has the benefit that things like graphics cards, which rarely or
never, fire an interrupt don't need manual user intervention to add
the x-intx=off parameter. They'll just remain in mmap mode until they
trigger an interrupt, and if they don't continue to regularly fire
interrupts, they'll switch back.
The default timeout is tuned for network cards so that a ping is just
enough to keep them in non-mmap mode, where they have much better
latency. It is tunable with an experimental option,
x-intx-mmap-timeout-ms. A value of 0 keeps the device in non-mmap
mode after the first interrupt.
It's possible we could look at the class code of devices and come up
with reasonable per-class defaults based on expected interrupt
frequency and latency. None of this is used for MSI interrupts and
also won't be used if we can bypass through KVM.
Signed-off-by: Alex Williamson <alex.williamson@redhat.com>
Aka "normal" comparisons. We now have the infrastructure to
pass back non-boolean results from gen_compare. This will
automatically get used by both branches and conditional moves.
Signed-off-by: Richard Henderson <rth@twiddle.net> Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
There are 6 temporaries that disas_sparc_insn relies on having been
allocated. Now that they are no longer referenced across branches,
they need not be allocated as local temps.
Move the allocation/free of these temporaries to make it clear that
they are local to the translation of a single insn.
Signed-off-by: Richard Henderson <rth@twiddle.net> Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
Share more code between unconditional and conditional paths.
Move the computation of the trap number into the conditional BB;
avoid using temporaries that have gone out of scope (cpu_tmp32)
or rely on local temps (cpu_dst).
Fully fold the exception number when the trap number is %g0+imm.
Signed-off-by: Richard Henderson <rth@twiddle.net> Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
Stefan Weil [Thu, 4 Oct 2012 18:29:02 +0000 (20:29 +0200)]
tcg: Remove redundant pointer from TCGContext
The pointer entry 'temps' always refers to the array entry 'static_temps'.
Removing the pointer and renaming 'static_temps' to 'temps' reduces the
size of TCGContext (4 or 8 byte) and allows better code generation.
Signed-off-by: Stefan Weil <sw@weilnetz.de> Reviewed-by: Richard Henderson <rth@twiddle.net> Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
Aurelien Jarno [Sat, 6 Oct 2012 16:54:46 +0000 (18:54 +0200)]
Merge branch 'target-arm.for-upstream' of git://git.linaro.org/people/pmaydell/qemu-arm
* 'target-arm.for-upstream' of git://git.linaro.org/people/pmaydell/qemu-arm:
target-arm: Drop unused DECODE_CPREG_CRN macro
target-arm: use deposit instead of hardcoded version
target-arm: mark a few integer helpers const and pure
target-arm: convert sar, shl and shr helpers to TCG
target-arm: convert add_cc and sub_cc helpers to TCG
target-arm: use globals for CC flags
target-arm: Reinstate display of VFP registers in cpu_dump_state
cpu_dump_state: move DUMP_FPU and DUMP_CCOP flags from x86-only to generic
Aurelien Jarno [Sat, 6 Oct 2012 16:54:14 +0000 (18:54 +0200)]
Merge branch 'trivial-patches' of git://github.com/stefanha/qemu
* 'trivial-patches' of git://github.com/stefanha/qemu:
versatilepb: Use symbolic indices for ARM PIC
qdev: kill bogus comment
qemu-barrier: Fix compiler version check for future gcc versions
hw: Add missing 'static' attribute for QEMUMachine
cleanup useless return sentence
qemu-sockets: Fix compiler warning (regression for MinGW)
vnc: Fix spelling (hellmen -> hellman) in comment
slirp: Fix spelling in comment (enought -> enough, insure -> ensure)
tcg/arm: Use tcg_out_mov_reg rather than inline equivalent code
cpu: Add missing 'static' attribute to qemu_global_mutex
configure: Support empty target list (--target-list=)
hw: Fix return value check for bdrv_read, bdrv_write
Aurelien Jarno [Sat, 6 Oct 2012 16:51:36 +0000 (18:51 +0200)]
Merge branch 'ppc-for-upstream' of git://repo.or.cz/qemu/agraf
* 'ppc-for-upstream' of git://repo.or.cz/qemu/agraf: (35 commits)
PPC: KVM: Fix BAT put
PPC: e500: Only expose even TLB sizes in initial TLB
ppc/pseries: Reset VPA registration on CPU reset
pseries: Don't test for MSR_PR for hypercalls under KVM
PPC: e500: calculate initrd_base like dt_base
PPC: e500: increase DTC_LOAD_PAD
device tree: simplify dumpdtb code
fdt: move dumpdtb interpretation code to device_tree.c
target-ppc: Remove unused power_mode field from cpu state
pseries: Set hash table size based on RAM size
pseries: Remove unnecessary locking from PAPR hash table hcalls
ppc405_uc: Fix buffer overflow
target-ppc: KVM: Fix some kernel version edge cases for kvmppc_reset_htab()
pseries: Fix semantics of RTAS int-on, int-off and set-xive functions
pseries: Rework implementation of TCE bypass
pseries: Remove never used flags field from spapr vio devices
pseries: Remove XICS irq type enum type
pseries: Remove C bitfields from xics code
pseries: Small cleanup to H_CEDE implementation
pseries: Fix XICS reset
...
The table that was recently added for hppa is generally usable.
And with the renumbering of the TCG_COND constants it's not too
difficult to compute rather than have a table.
Signed-off-by: Richard Henderson <rth@twiddle.net> Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
There are several cases that can be handled easier inside both
translators and code generators if we have out-of-band values
for conditions. It's easy enough to handle ALWAYS and NEVER in
the natural way inside the tcg middle-end.
Signed-off-by: Richard Henderson <rth@twiddle.net> Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
This remove the fallback to std-vga in case, as availability of the
requested vga device is now tested in vl.c, and returns an error message
to the user.
Acked-by: Richard Henderson <rth@twiddle.net> Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
vga: rename pci_vga_init() into pci_std_vga_init()
This better explains what is this function about. Adjust all callers.
Cc: Alexander Graf <agraf@suse.de> Cc: Andreas Färber <andreas.faerber@web.de> Cc: David Gibson <david@gibson.dropbear.id.au> Cc: Anthony Liguori <aliguori@us.ibm.com> Acked-by: Richard Henderson <rth@twiddle.net> Acked-by: Blue Swirl <blauwirbel@gmail.com> Acked-by: Andreas Färber <andreas.faerber@web.de> Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
Aurelien Jarno [Mon, 1 Oct 2012 19:00:43 +0000 (21:00 +0200)]
tcg: remove obsolete jmp op
The TCG jmp operation doesn't really make sense in the QEMU context, it
is unused, it is not implemented by some targets, and it is wrongly
implemented by some others.
This patch simply removes it.
Reviewed-by: Richard Henderson <rth@twiddle.net> Acked-by: Blue Swirl <blauwirbel@gmail.com> Acked-by: Stefan Weil<sw@weilnetz.de> Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
Aurelien Jarno [Mon, 1 Oct 2012 19:00:42 +0000 (21:00 +0200)]
target-xtensa: de-optimize EXTUI
Now that "and" with 0xff, 0xffff and 0xffffffff and "shr" with 0 shift
are optimized in tcg/tcg-op.h there is no need to do it in
target-xtensa/translate.c.
Acked-by: Max Filippov <jcmvbkbc@gmail.com> Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
Aurelien Jarno [Fri, 5 Oct 2012 14:04:44 +0000 (15:04 +0100)]
target-arm: convert sar, shl and shr helpers to TCG
Now that the movcond TCG op is available, it's possible to replace
shl and shr helpers by TCG code. The code generated by TCG is slightly
longer than the code generated by GCC for the helper but is still worth
it as this avoid all the consequences of using an helper: globals saved
back to memory, no possible optimization, call overhead, etc.
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net> Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Aurelien Jarno [Fri, 5 Oct 2012 14:04:44 +0000 (15:04 +0100)]
target-arm: convert add_cc and sub_cc helpers to TCG
Now that the setcond TCG op is available, it's possible to replace
add_cc and sub_cc helpers by TCG code. The code generated by TCG is
actually very close to the one generated by GCC for the helper, and
this avoid all the consequences of using an helper: globals saved back
to memory, no possible optimization, call overhead, etc.
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net> Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Aurelien Jarno [Fri, 5 Oct 2012 14:04:44 +0000 (15:04 +0100)]
target-arm: use globals for CC flags
Use globals for CC flags instead of loading/storing them each they are
accessed. This allows some optimizations to be performed by the TCG
optimization passes.
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net> Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Peter Maydell [Fri, 5 Oct 2012 14:04:44 +0000 (15:04 +0100)]
target-arm: Reinstate display of VFP registers in cpu_dump_state
Reinstate the display of VFP registers in cpu_dump_state(), if
the CPU has them (this code had been #if 0'd out a for a long time).
We drop the attempt ot display the values as floating point, since
this makes assumptions about the host 'float' and 'double' formats
and is not done by eg the i386 cpu_dump_state().
This display is gated on the CPU_DUMP_FPU flag, as for x86.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Peter Maydell [Fri, 5 Oct 2012 14:04:43 +0000 (15:04 +0100)]
cpu_dump_state: move DUMP_FPU and DUMP_CCOP flags from x86-only to generic
Move the DUMP_FPU and DUMP_CCOP flags for cpu_dump_state() from being
x86-specific flags to being generic ones. This allows us to drop some
TARGET_I386 ifdefs in various places, and means that we can (potentially)
be more consistent across architectures about which monitor commands or
debug abort printouts include FPU register contents and info about
QEMU's condition-code optimisations.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Paolo Bonzini [Mon, 1 Oct 2012 12:22:08 +0000 (14:22 +0200)]
rtc: implement century byte
Implement the century byte in the RTC emulation, and test that it works.
This leads to some annoying compatibility code because we need to treat
a value of 2000 for the base_year property as "use the century byte
properly" (which would be a value of 0).
The century byte will now be always-zero, rather than always-20,
for the MIPS Magnum machine whose base_year is 1980. Commit 42fc73a
(Support epoch of 1980 in RTC emulation for MIPS Magnum, 2009-01-24)
correctly said:
With an epoch of 1980 and a year of 2009, one could argue that [the
century byte] should hold either 0, 1, 19 or 20. NT 3.50 on MIPS
does not read the century byte.
so I picked the simplest and most sensible implementation which is to
return 0 for 1980-2079, 1 for 2080-2179 and so on.
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com> Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
Paolo Bonzini [Mon, 1 Oct 2012 12:22:07 +0000 (14:22 +0200)]
rtc: map CMOS index 0x37 to 0x32 on read and writes
QEMU's attempt to implement the century byte cover two possible places
for the byte. A common one on modern chipsets is 0x32, but QEMU also
stores the value in 0x37 (apparently for IBM PS/2 compatibility---it's
only been 25 years). To simplify the implementation of the century
byte, store it only at 0x32 but remap transparently 0x37 to 0x32 when
reading and writing from CMOS.
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com> Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
Paolo Bonzini [Mon, 1 Oct 2012 12:22:06 +0000 (14:22 +0200)]
rtc: fix overflow in mktimegm
When setting a date in 1980, Linux is actually disregarding the century
byte and setting the year to 2080. This causes a year-2038 overflow
in mktimegm. Fix this by doing the days-to-seconds computation in
64-bit math.
Reported-by: Lucas Meneghel Rodrigues <lookkas@gmail.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com> Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
Paolo Bonzini [Mon, 1 Oct 2012 12:18:07 +0000 (14:18 +0200)]
qtest: implement QTEST_STOP
It is quite difficult to debug qtest test cases without extra wrapper
scripts for QEMU or similar. This patch adds a simple environment
variable-based trigger that sends a STOP signal to the QEMU instance
under test, before attempting to connect to its QMP session.
This will block execution of the testcase and give time to attach a
debugger to the stopped QEMU process.
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com> Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
Jim Meyering [Thu, 4 Oct 2012 11:09:59 +0000 (13:09 +0200)]
libcacard/vcard_emul_nss: use pstrcpy in place of strncpy
Replace strncpy+NUL-terminate use with use of pstrcpy.
This requires linking with cutils.o (or else vssclient doesn't link),
so add that in the Makefile.
Acked-by: Alon Levy <alevy@redhat.com> Signed-off-by: Jim Meyering <meyering@redhat.com> Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
NUL-termination of the .ifr_name field is not required, but is fine
(and preferable to using strncpy and leaving the reader to wonder),
since the first thing the linux kernel does is to clear the last byte.
Besides, using pstrcpy here makes this setting of ifr_name consistent
with the other code (e.g., net/tap-linux.c) that does the same thing.
Reviewed-by: Luiz Capitulino <lcapitulino@redhat.com> Signed-off-by: Jim Meyering <meyering@redhat.com> Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
Jim Meyering [Thu, 4 Oct 2012 11:09:57 +0000 (13:09 +0200)]
vscsi: avoid unwarranted strncpy
Don't use strncpy when the source string is known to fit
in the destination buffer. Use equivalent memcpy.
We could even use strcpy, here, but some static analyzers
warn about that, so don't add new uses.
Acked-by: David Gibson <david@gibson.dropbear.id.au> Signed-off-by: Jim Meyering <meyering@redhat.com> Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
Jim Meyering [Thu, 4 Oct 2012 11:09:56 +0000 (13:09 +0200)]
virtio-9p: avoid unwarranted uses of strncpy
In all of these cases, the uses of strncpy were unnecessary, since
at each point of use we know that the NUL-terminated source bytes
fit in the destination buffer. Use memcpy in place of strncpy.
Acked-by: Aneesh Kumar K.V <aneesh.kumar@linux.vnet.ibm.com> Signed-off-by: Jim Meyering <meyering@redhat.com> Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
Jim Meyering [Thu, 4 Oct 2012 11:09:55 +0000 (13:09 +0200)]
bt: replace fragile snprintf use and unwarranted strncpy
In bt_hci_name_req a failed snprintf could return len larger than
sizeof(params.name), which means the following memset call would
have a "length" value of (size_t)-1, -2, etc... Sounds scary.
But currently, one can deduce that there is no problem:
strlen(slave->lmp_name) is guaranteed to be smaller than
CHANGE_LOCAL_NAME_CP_SIZE, which is the same as sizeof(params.name),
so this cannot happen. Regardless, there is no justification for
using snprintf+memset. Use pstrcpy instead.
Also, in bt_hci_event_complete_read_local_name, use pstrcpy in place
of unwarranted strncpy.
Signed-off-by: Jim Meyering <meyering@redhat.com> Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
Jim Meyering [Thu, 4 Oct 2012 11:09:54 +0000 (13:09 +0200)]
ui/vnc: simplify and avoid strncpy
Don't bother with strncpy. There's no need for its zero-fill.
Use g_strndup in place of g_malloc+strncpy+NUL-terminate.
Reviewed-by: Peter Maydell <peter.maydell@linaro.org> Signed-off-by: Jim Meyering <meyering@redhat.com> Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
Jim Meyering [Thu, 4 Oct 2012 11:09:53 +0000 (13:09 +0200)]
linux-user: remove two unchecked uses of strdup
Remove two uses of strdup (use g_path_get_basename instead),
and add a comment that this strncpy use is ok.
Reviewed-by: Peter Maydell <peter.maydell@linaro.org> Signed-off-by: Jim Meyering <meyering@redhat.com> Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
Jim Meyering [Thu, 4 Oct 2012 11:09:52 +0000 (13:09 +0200)]
ppc: avoid buffer overrun: use pstrcpy, not strncpy
A terminal NUL is required by caller's use of strchr.
It's better not to use strncpy at all, since there is no need
to zero out hundreds of trailing bytes for each iteration.
Signed-off-by: Jim Meyering <meyering@redhat.com> Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
Jim Meyering [Thu, 4 Oct 2012 11:09:49 +0000 (13:09 +0200)]
hw/9pfs: avoid buffer overrun
v9fs_add_dir_node and qemu_v9fs_synth_add_file used strncpy
to form node->name, which requires NUL-termination, but
strncpy does not ensure NUL-termination.
Use pstrcpy, which does.
Acked-by: Aneesh Kumar K.V <aneesh.kumar@linux.vnet.ibm.com> Signed-off-by: Jim Meyering <meyering@redhat.com> Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
Jim Meyering [Thu, 4 Oct 2012 11:09:47 +0000 (13:09 +0200)]
sheepdog: avoid a few buffer overruns
* parse_vdiname: Use pstrcpy, not strncpy, when the destination
buffer must be NUL-terminated.
* sd_open: Likewise, avoid buffer overrun.
* do_sd_create: Likewise. Leave the preceding memset, since
pstrcpy does not NUL-fill, and filename needs that.
* sd_snapshot_create: Add a comment/question.
* find_vdi_name: Remove a useless memset.
* sd_snapshot_goto: Remove a useless memset.
Use pstrcpy to NUL-terminate, because find_vdi_name requires
that its vdi arg (filename parameter) be NUL-terminated.
It seems ok not to NUL-fill the buffer.
Do the same for snapid: remove useless memset-0 (instead,
zero tag[0]). Use pstrcpy, not strncpy.
* sd_snapshot_list: Use pstrcpy, not strncpy to write
into the ->name member. Each must be NUL-terminated.
Acked-by: Kevin Wolf <kwolf@redhat.com> Acked-by: MORITA Kazutaka <morita.kazutaka@lab.ntt.co.jp> Signed-off-by: Jim Meyering <meyering@redhat.com> Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
Jim Meyering [Thu, 4 Oct 2012 11:09:46 +0000 (13:09 +0200)]
block: avoid buffer overrun by using pstrcpy, not strncpy
Also, use PATH_MAX, rather than the arbitrary 1024.
Using PATH_MAX is more consistent with other filename-related
variables in this file, like backing_filename and tmp_filename.
Acked-by: Kevin Wolf <kwolf@redhat.com> Signed-off-by: Jim Meyering <meyering@redhat.com> Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
Jim Meyering [Thu, 4 Oct 2012 11:09:44 +0000 (13:09 +0200)]
scsi, pci, qdev, isa-bus, sysbus: don't let *_get_fw_dev_path return NULL
Use g_strdup rather than strdup, because the sole caller
(qdev_get_fw_dev_path_helper) assumes it gets non-NULL, and dereferences
it. Besides, in that caller, the allocated buffer is already freed with
g_free, so it's better to allocate with a matching g_strdup.
In one case, (scsi-bus.c) it was trivial, so I replaced an snprintf+
g_strdup combination with an equivalent g_strdup_printf use.
Signed-off-by: Jim Meyering <meyering@redhat.com> Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
Stefan Weil [Fri, 28 Sep 2012 17:07:39 +0000 (19:07 +0200)]
qemu-sockets: Fix compiler warning (regression for MinGW)
setsockopt needs a type cast for MinGW. That type cast is missing in
a recent commit which results in a compiler warning.
Like for other socket related functions which have the same problem,
we add a 'qemu_setsockopt' macro which provides that type cast where
needed and use the new macro to avoid the warning.
A 'qemu_getsockopt' is also added and can be used for future
modifications.
Signed-off-by: Stefan Weil <sw@weilnetz.de> Signed-off-by: Stefan Hajnoczi <stefanha@gmail.com>
projects / qemu.git / log