Commit Graph

19287 Commits

Author SHA1 Message Date
Fabio Erculiani
84803b87a1 linux-user: target_argv is placed on ts->bprm->argv and can't be freed()
TaskState contains linux_bprm struct which encapsulates argv among
other things.
argv might be used around the code and is expected to contain valid
data. Before this patch, ts->bprm->argv was NULL due to it being
freed right after loader_exec().

Signed-off-by: Fabio Erculiani <lxnay@sabayon.org>
Acked-by: Alexander Graf <agraf@suse.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
Signed-off-by: Riku Voipio <riku.voipio@linaro.org>
2012-04-06 18:49:57 +03:00
Fabio Erculiani
e0e65bee16 linux-user: improve fake /proc/self/stat making ps not segfault.
With the current fake /proc/self/stat implementation `ps` is
segfaulting because it expects to read PID and argv[0] as first and
second field respectively, with the latter being enclosed between
backets.

Reproducing is as easy as running: `ps` inside qemu-user chroot
with /proc mounted.

Signed-off-by: Fabio Erculiani <lxnay@sabayon.org>
Acked-by: Alexander Graf <agraf@suse.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
Signed-off-by: Riku Voipio <riku.voipio@linaro.org>
2012-04-06 18:49:57 +03:00
Blue Swirl
8f8d364f24 Merge branch 's390-for-upstream' of git://repo.or.cz/qemu/agraf
* 's390-for-upstream' of git://repo.or.cz/qemu/agraf:
  target-s390x: Update s390x_{tod,cpu}_timer() to use S390CPU
  target-s390x: QOM'ify CPU init
  target-s390x: QOM'ify CPU reset
  target-s390x: QOM'ify CPU
2012-04-04 20:45:03 +00:00
Artyom Tarasenko
a7be9bad33 Improve interrupt handling priority
The vector interrupt has higher priority than interrupt_level_n.
Also check only interrupt_level_n concurency when TL > 0, the traps of
other types may be nested.

Signed-off-by: Artyom Tarasenko <atar4qemu@gmail.com>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
2012-04-04 19:20:44 +00:00
Artyom Tarasenko
23cf96e197 Fix vector interrupt handling
Don't produce stray irq 5, don't overwrite ivec_data if still busy with
processing of the previous interrupt.

Signed-off-by: Artyom Tarasenko <atar4qemu@gmail.com>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
2012-04-04 19:20:40 +00:00
Andreas Färber
b8ba6799f4 target-s390x: Update s390x_{tod,cpu}_timer() to use S390CPU
In place of CPUS390XState pass S390CPU as opaque from the new initfn.
cpu_interrupt() is anticipated to take a CPUState in the future.

Signed-off-by: Andreas Färber <afaerber@suse.de>
Tested-by: Christian Borntraeger <borntraeger@de.ibm.com>
2012-04-04 19:06:17 +02:00
Andreas Färber
8f22e0df80 target-s390x: QOM'ify CPU init
Move code from cpu_s390x_init() into an initfn.

Signed-off-by: Andreas Färber <afaerber@suse.de>
Tested-by: Christian Borntraeger <borntraeger@de.ibm.com>
2012-04-04 17:35:31 +02:00
Andreas Färber
1ac1a7499b target-s390x: QOM'ify CPU reset
Move code from cpu_state_reset() to s390_cpu_reset().

Signed-off-by: Andreas Färber <afaerber@suse.de>
Tested-by: Christian Borntraeger <borntraeger@de.ibm.com>
2012-04-04 17:34:44 +02:00
Andreas Färber
29e4bcb26b target-s390x: QOM'ify CPU
Embed CPUS390XState as first member of S390CPU.
Since -cpu is being ignored, make TYPE_S390_CPU non-abstract.

Signed-off-by: Andreas Färber <afaerber@suse.de>
Tested-by: Christian Borntraeger <borntraeger@de.ibm.com>
2012-04-04 17:29:23 +02:00
Paolo Bonzini
f05f6b4adb qdev: put all devices under /machine
Avoid cluttering too much the QOM root.

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2012-04-02 15:04:15 -05:00
Paolo Bonzini
da57febfed qdev: give all devices a canonical path
A strong limitation of QOM right now is that unconverted ports
(e.g. all...) do not give a canonical path to devices that are
part of the board.  This in turn makes it impossible to replace
PROP_PTR with a QOM link for example.

Reviewed-by: Anthony Liguori <aliguori@us.ibm.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2012-04-02 15:04:15 -05:00
Paolo Bonzini
f424d5c4c9 qdev: add children before qdev_init
We want the composition tree to to be in order by the time we call
qdev_init, so that a single set of the toplevel realize property can
propagate all the way down the composition tree.

This is not the case so far.  Unfortunately, this is incompatible
with calling qdev_init in the constructor wrappers for devices,
so for now we need to unattach some devices that are created through
those wrappers.  This will be fixed by removing qdev_init and instead
setting the toplevel realize property after machine init.

Reviewed-by: Anthony Liguori <aliguori@us.ibm.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2012-04-02 15:04:15 -05:00
Paolo Bonzini
a612b2a663 qom: add container_get
This is QOM "mkdir -p".  It is useful when referring to
container objects such as "/machine".

Reviewed-by: Anthony Liguori <aliguori@us.ibm.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2012-04-02 15:04:15 -05:00
Anthony Liguori
cefc898806 Merge remote-tracking branch 'kiszka/queues/slirp' into staging
* kiszka/queues/slirp:
  slirp: Signal free input buffer space to io-thread
  w32/slirp: Undefine error constants before their redefinition
  slirp: use socket_set_nonblock
  slirp: clean up conflicts with system headers
2012-04-02 09:46:45 -05:00
Anthony Liguori
aba8e41e86 Merge remote-tracking branch 'stefanha/tracing' into staging
* stefanha/tracing:
  tracetool: dtrace: handle in and next reserved words
  tracetool: dtrace disabled-events fix
  Makefile.target: code stp dependency on trace-events
2012-04-02 09:44:35 -05:00
Anthony Liguori
dfe844c904 serial: clear LSR.TEMT when populating the TSR
We never actually clear the TEMT (transmit sending register empty) flag when
populating the TSR.  We set the flag, but since it's never cleared, setting it
is sort of pointless..

I found this with a unit test case.

Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2012-04-02 09:43:17 -05:00
Anthony Liguori
67c5322d70 serial: fix retry logic
I'm not sure if the retry logic has ever worked when not using FIFO mode.  I
found this while writing a test case although code inspection confirms it is
definitely broken.

The TSR retry logic will never actually happen because it is guarded by an
'if (s->tsr_rety > 0)' but this is the only place that can ever make the
variable greater than zero.  That effectively makes the retry logic an 'if (0)'.

I believe this is a typo and the intention was >= 0.  Once this is fixed though,
I see double transmits with my test case.  This is because in the non FIFO
case, serial_xmit may get invoked while LSR.THRE is still high because the
character was processed but the retransmit timer was still active.

We can handle this by simply checking for LSR.THRE and returning early.  It's
possible that the FIFO paths also need some attention.

Cc: Stefano Stabellini <stefano.stabellini@eu.citrix.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2012-04-02 09:43:16 -05:00
Anthony Liguori
6e92466a7c qtest: use qemu_gettimeofday()
On linux, qemu_timeval will always be two long ints.  On windows, we use our
own struct definition.  This should fix win64.

Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2012-04-02 09:43:16 -05:00
Michael Walle
a3b6181e42 milkymist-vgafb: add missing register
This bug existed since the first commit. Fortunately, the affected
registers have no functionality in qemu. This will only prevent the
following warning:
  milkymist_vgafb: write access to unknown register 0x00000034

Signed-off-by: Michael Walle <michael@walle.cc>
2012-04-01 20:30:24 +02:00
Michael Walle
79368f4984 target-lm32: add simple disassembler
Because binutils disassembler is based on libopcode, this is a rewrite from
scratch.

Signed-off-by: Michael Walle <michael@walle.cc>
2012-04-01 20:30:23 +02:00
Michael Walle
060544d30f milkymist-sysctl: support for new core version
The new version introduces the following new registers:
 - SoC clock frequency: read-only of system clock used on the SoC
 - debug scratchpad: 8 bit scratchpad register
 - debug write lock: write once register, without any function on QEMU

Signed-off-by: Michael Walle <michael@walle.cc>
2012-03-31 20:02:30 +02:00
Michael Walle
de89fd2b88 target-lm32: init tcg only if available
Once qtest support for target-lm32 arrives, tcg may be disabled.

Signed-off-by: Michael Walle <michael@walle.cc>
2012-03-31 19:56:03 +02:00
Michael Walle
927b241d66 tests: fix out-of-tree building for lm32 target
Signed-off-by: Michael Walle <michael@walle.cc>
2012-03-31 19:56:03 +02:00
Blue Swirl
b7c8e15a14 Merge branch 'arm-devs.for-upstream' of git://git.linaro.org/people/pmaydell/qemu-arm
* 'arm-devs.for-upstream' of git://git.linaro.org/people/pmaydell/qemu-arm:
  pl031: switch clock base to rtc_clock
  pl031: rearm alarm timer upon load
  arm: switch real-time clocks to rtc_clock
  omap: switch omap_lpg to vm_clock
  rtc: add -rtc clock=rt
2012-03-31 12:10:07 +00:00
Blue Swirl
4dec465460 Merge branch 'qom-cpu-unicore32.v3' of git://github.com/afaerber/qemu-cpu
* 'qom-cpu-unicore32.v3' of git://github.com/afaerber/qemu-cpu:
  target-unicore32: Move CPU-dependent init into initfn
  target-unicore32: QOM'ify CPU
  target-unicore32: License future contributions under GPLv2+
  target-unicore32: Relicense to GPLv2+
  MAINTAINERS: Add entry for UniCore32
2012-03-31 12:09:06 +00:00
Blue Swirl
e7c56016f9 Merge branch 'target-arm.for-upstream' of git://git.linaro.org/people/pmaydell/qemu-arm
* 'target-arm.for-upstream' of git://git.linaro.org/people/pmaydell/qemu-arm:
  ARM: Permit any ARMv6K CPU to read the MVFR0 and MVFR1 VFP registers.
  target-arm: Minimalistic CPU QOM'ification
  target-arm: Drop cpu_arm_close()
2012-03-31 12:06:10 +00:00
Gerd Hoffmann
94dd53c5b6 buildfix: check for old pod2man versions
Older pod2man don't have a --utf8 switch, check for this in conffigure
and use it only when present.  Fixes build on RHEL-5.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
2012-03-31 12:04:08 +00:00
Stefan Weil
bb55b712e8 Fix conversion from lower to upper case with Turkish locale
Some locale settings let make fail or create wrong results
because tr '[:lower:]' '[:upper:]' which is used to convert
from lower to upper case depends on the locale.

With locale tr_TR.UTF-8, lower case 'i' is not converted to 'I'.
This results in wrong entries in config-host.h like these ones:

  #define CONFIG_QEMU_PREFiX "/usr/local"
  #define CONFIG_QEMU_BiNDiR "/usr/local/bin"

This problem was reported by Emre Ersin.

The same problem occurs when configure creates the target specific
files config-target.mak. They get wrong declarations:

TARGET_CRiS=y
TARGET_i386=y
TARGET_MiCROBLAZE=y
TARGET_MiPS64=y
TARGET_MiPS=y
TARGET_UNiCORE32=y

It is sufficient to restrict the conversion to the characters a-z.

Using this explicit range avoids the dependency on the locale
settings and is also shorter.

v2:
POSIX says that 'tr a-z' is unspecified outside of the POSIX
locale, so we must set LC_ALL=C to make sure that we are using
POSIX (hint from Eric Blake, thanks).

Signed-off-by: Stefan Weil <sw@weilnetz.de>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
2012-03-31 12:03:43 +00:00
Blue Swirl
02b3efcb75 qtest: avoid a warning with RTC test
Avoid this warning on OpenBSD:
  CC    tests/rtc-test.o
/src/qemu/tests/rtc-test.c: In function 'check_time':
/src/qemu/tests/rtc-test.c:171: warning: format '%ld' expects type 'long int', but argument 2 has type 'time_t'
/src/qemu/tests/rtc-test.c:173: warning: format '%ld' expects type 'long int', but argument 2 has type 'time_t'

Reviewed-by: Anthony Liguori <aliguori@us.ibm.com>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
2012-03-30 18:58:46 +00:00
Anthony Liguori
6b7cff76e0 qtest: fix 32-bit build
time_t appears to be an unsigned long so use %ld.

Reported-by: Stefan Weil <weil@mail.berlios.de>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2012-03-30 12:56:10 -05:00
Jan Kiszka
86073017e3 slirp: Signal free input buffer space to io-thread
This massively accelerates slirp reception speed: If data arrives
faster than the guest can read it from the input buffer, the file
descriptor for the corresponding socket was taken out of the fdset for
select. However, the event of the guest reading enough data from the
buffer was not signaled. Thus, the io-thread only noticed this change
on the next time-driven poll. Fix this by kicking the io-thread as
required.

Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
2012-03-30 19:43:00 +02:00
Blue Swirl
d2a16f74f2 qtest: fix out of tree build
Trace objects are also needed if tracing is enabled.

Reviewed-by: Anthony Liguori <aliguori@us.ibm.com>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
2012-03-30 17:39:33 +00:00
Anthony Liguori
d1aaf543a7 qtest: add rtc-test test-case
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2012-03-30 08:14:12 -05:00
Anthony Liguori
fd94be7ae6 rtc: split out macros into a header file and use in test case
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2012-03-30 08:14:12 -05:00
Anthony Liguori
49ee359077 qtest: add C version of test infrastructure
This also includes a qtest wrapper script to make it easier to launch qtest
tests directly.

Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2012-03-30 08:14:11 -05:00
Paolo Bonzini
8156be5610 qtest: add clock management
This patch combines qtest and -icount together to turn the vm_clock
into a source that can be fully managed by the client.  To this end new
commands clock_step and clock_set are added.  Hooking them with libqtest
is left as an exercise to the reader.

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2012-03-30 08:14:11 -05:00
Paolo Bonzini
2028834574 qtest: IRQ interception infrastructure
Since /i440fx/piix3 is being removed from the composition tree, the
IO-APIC is placed under /i440fx.  This is wrong and should be changed
as soon as the /i440fx/piix3 path is put back.

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2012-03-30 08:14:11 -05:00
Anthony Liguori
c7f0f3b1c8 qtest: add test framework
The idea behind qtest is pretty simple.  Instead of executing a CPU via TCG or
KVM, rely on an external process to send events to the device model that the CPU
would normally generate.

qtest presents itself as an accelerator.  In addition, a new option is added to
establish a qtest server (-qtest) that takes a character device.  This is what
allows the external process to send CPU events to the device model.

qtest uses a simple line based protocol to send the events.  Documentation of
that protocol is in qtest.c.

I considered reusing the monitor for this job.  Adding interrupts would be a bit
difficult.  In addition, logging would also be difficult.

qtest has extensive logging support.  All protocol commands are logged with
time stamps using a new command line option (-qtest-log).  Logging is important
since ultimately, this is a feature for debugging.

Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2012-03-30 08:14:11 -05:00
Paolo Bonzini
b93b63f574 test makefile overhaul
This introduces new test reporting infrastructure based on
gtester and gtester-report.

Also, all existing tests are moved to tests/, and tests/Makefile
is reorganized to factor out the commonalities in the rules.

Signed-off-by: Anthony Liguori <aliguori@linux.vnet.ibm.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2012-03-30 08:14:11 -05:00
Alon Levy
703e01e6e2 tracetool: dtrace: handle in and next reserved words
Signed-off-by: Alon Levy <alevy@redhat.com>
Signed-off-by: Stefan Hajnoczi <stefanha@linux.vnet.ibm.com>
2012-03-30 11:55:21 +01:00
Lee Essen
60be795f0b tracetool: dtrace disabled-events fix
If there are "disabled" entries in the trace-events file then
linetod_nop() is called if the backend is dtrace, it's currently
not present. Also equivalent fix for stap.

Signed-off-by: Lee Essen <lee.essen@nowonline.co.uk>
Signed-off-by: Stefan Hajnoczi <stefanha@linux.vnet.ibm.com>
2012-03-30 11:55:21 +01:00
Alon Levy
2174e2380f Makefile.target: code stp dependency on trace-events
Signed-off-by: Alon Levy <alevy@redhat.com>
Signed-off-by: Stefan Hajnoczi <stefanha@linux.vnet.ibm.com>
2012-03-30 11:55:21 +01:00
Paolo Bonzini
b0f26631bc pl031: switch clock base to rtc_clock
This lets the user specify the desired semantics.  By default, the RTC
will follow adjustments from the host's NTP client, and will remain in
sync when the virtual machine is stopped.  The previous behavior, which
provides determinism with both icount and qtest, remains available with
"-rtc clock=vm".

pl031 supports migration, so we need to convert the time base from
rtc_clock to vm_clock and back for backwards compatibility.  (The
rtc_clock may not be synchronized on the two machines, especially with
savevm/loadvm, so the conversion is needed anyway.  And since any time
base will do, why not pick the one base that is backwards compatible).

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2012-03-30 10:31:23 +00:00
Paolo Bonzini
ac204b8f67 pl031: rearm alarm timer upon load
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2012-03-30 10:31:22 +00:00
Paolo Bonzini
348abc86c8 arm: switch real-time clocks to rtc_clock
This lets the user specify the desired semantics.  By default, the RTC
will follow adjustments from the host's NTP client.  "-rtc clock=vm" will
improve determinism with both icount and qtest.  Finally, the previous
behavior is available with "-rtc clock=rt".

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2012-03-30 10:31:22 +00:00
Paolo Bonzini
e230d4e8bd omap: switch omap_lpg to vm_clock
The output of the pulse generator needs to be deterministic when
running in -icount mode, and to remain constant whenever the VM is
stopped.  So the right clock to use is vm_clock.

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2012-03-30 10:31:22 +00:00
Paolo Bonzini
788081417a rtc: add -rtc clock=rt
This will let people use backwards-compatible semantics for devices that
will be affected by the following patches.

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2012-03-30 10:31:21 +00:00
Andrew Towers
06ed5d66f7 ARM: Permit any ARMv6K CPU to read the MVFR0 and MVFR1 VFP registers.
This patch replaces the ARM_FEATURE_VFP3 test when reading MVFR registers
with a test for a new feature flag ARM_FEATURE_MVFR, and sets this feature
for all ARMv6K cores (ARM1156 is not a v6K core, yet supports MVFR; qemu
does not support ARM1156 at this time.)

MVFR0 and MVFR1 were introduced in ARM1136JF-S r1p0 (ARMv6K, VFPv2) and are
present in ARM1156T2F-S (non-v6K), ARM1176JZF-S, ARM11MPCore and newer cores.
Reference: ARM DDI 0211H, 0290G, 0301H, 0360E.
http://infocenter.arm.com/help/index.jsp?topic=/com.arm.doc.ddi0211h/Ffbefjag.html

Without this change, the linux kernel will not boot with VFP support enabled
under ARM1176 system emulation, due to the unconditional use of MVFR1 at the
end of vfp_init() in arch/arm/vfp/vfpmodule.c:

  VFP support v0.3: implemetor 41 architecture 1 part 20 variant b rev 5
  Internal error: Oops - undefined instruction: 0 [#1]

Signed-off-by: Andrew Towers <atowers@gmail.com>
Reviewed-by: Andreas Färber <afaerber@suse.de>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2012-03-30 10:10:49 +00:00
Andreas Färber
8df9082da6 target-unicore32: Move CPU-dependent init into initfn
Instead of setting values in a CPUID switch, do so in initfn functions.

Signed-off-by: Andreas Färber <afaerber@suse.de>
Acked-by: Guan Xuetao <gxt@mprc.pku.edu.cn>
2012-03-30 11:09:31 +02:00
Andreas Färber
ae0f5e9ea8 target-unicore32: QOM'ify CPU
Embed CPUUniCore32State as first member of UniCore32CPU.

Contributed under GPLv2+.

Signed-off-by: Andreas Färber <afaerber@suse.de>
Acked-by: Guan Xuetao <gxt@mprc.pku.edu.cn>
2012-03-30 11:09:30 +02:00