We handle many of these during integer expansion, and the
rest of them during integer optimization.
Reviewed-by: David Gibson <david@gibson.dropbear.id.au>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQEcBAABAgAGBQJcSw5lAAoJENSXKoln91pl8aEH/2KkK5ojXMBY94wH+sCZ17pM
gEuysp20pUudeIk7eUk9aCnq7NHXGJ3GElB6baBq9zwC6qMlVC2Fmj4azluZbjra
ZHKXAeXmibDpRo0UJeovH27+rP8j/NKK+nvZX/+gt0azfC+0SgFwhM6DFFPklJWj
FXGxe2vOUO8Qjke0GwGfqUcjhXJPYg9DEC8RxvliBANME1o0HwkPaNPWWHdjacm2
3K5FeR4jbPYIsfLdazH+G1KfYnQc8GgleSYBIeBKSyyy0z0Z9FXUTZGTjXZSgup4
TqUJbUG0whUtVPzRzd8/DLeWK+2JXfLk35MrwVwv/TDdKuije7Pk7ABrb9B2Lnk=
=O/OP
-----END PGP SIGNATURE-----
Merge remote-tracking branch 'remotes/amarkovic/tags/mips-queue-january-25-2019' into staging
MIPS queue for January 25, 2019
# gpg: Signature made Fri 25 Jan 2019 13:25:57 GMT
# gpg: using RSA key D4972A8967F75A65
# gpg: Good signature from "Aleksandar Markovic <amarkovic@wavecomp.com>" [unknown]
# gpg: WARNING: This key is not certified with a trusted signature!
# gpg: There is no indication that the signature belongs to the owner.
# Primary key fingerprint: 8526 FBF1 5DA3 811F 4A01 DD75 D497 2A89 67F7 5A65
* remotes/amarkovic/tags/mips-queue-january-25-2019:
docs/qemu-cpu-models: Add MIPS/nanoMIPS QEMU supported CPU models
qemu-doc: Add nanoMIPS ISA information
tests: tcg: mips: Remove old directories
tests: tcg: mips: Add two new Makefiles
tests: tcg: mips: Move source files to new locations
MAINTAINERS: Update MIPS sections
target/mips: Add I6500 core configuration
target/mips: nanoMIPS: Fix branch handling
disas: nanoMIPS: Amend DSP instructions related comments
target/mips: Extend gen_scwp() functionality to support EVA
target/mips: Correct the second argument type of cpu_supports_isa()
target/mips: nanoMIPS: Rename macros for extracting 3-bit-coded GPR numbers
target/mips: nanoMIPS: Remove an unused macro
target/mips: nanoMIPS: Remove duplicate macro definitions
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Python 3 versions earlier than 3.4 do not have it, use the
same workaround that is in place for 3.0.
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Message-Id: <1548410602-16008-1-git-send-email-pbonzini@redhat.com>
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
Restrict whitelist entry stats in debug mode to be sorted only by
"count", since Python 3 does not implicitly support comparing
dictionaries.
Signed-off-by: Nisarg Shah <nshah@disroot.org>
Message-Id: <20190116183358.30287-1-nshah@disroot.org>
[ehabkost: removed 2 unnecessary hunks from patch]
[ehabkost: edited commit message]
Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
Add list of supported and preferred CPU models for MIPS32, MIPS64
and nanoMIPS hosts.
Signed-off-by: Aleksandar Markovic <amarkovic@wavecomp.com>
Signed-off-by: Stefan Markovic <smarkovic@wavecomp.com>
Signed-off-by: Aleksandar Markovic <amarkovic@wavecomp.com>
Add nanoMIPS information in qemu-doc.texi. An example of usage
is included.
Reviewed-by: Aleksandar Markovic <amarkovic@wavecomp.com>
Signed-off-by: Stefan Markovic <smarkovic@wavecomp.com>
Signed-off-by: Aleksandar Markovic <amarkovic@wavecomp.com>
Add Makefiles for two new direcitories.
Reviewed-by: Aleksandar Rikalo <arikalo@wavecomp.com>
Signed-off-by: Aleksandar Markovic <amarkovic@wavecomp.com>
MIPS TCG test will be organized by ISAs and ASEs in future.
Reviewed-by: Aleksandar Rikalo <arikalo@wavecomp.com>
Signed-off-by: Aleksandar Markovic <amarkovic@wavecomp.com>
Remove Stefan Markovic as a reviewer for MIPS directories and
files, as he left Wave Computing.
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Tested-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Signed-off-by: Aleksandar Markovic <amarkovic@wavecomp.com>
Add I6500 core configuration. Note that this configuration is
supported only on best-effort basis due to the lack of certain
features in QEMU.
Reviewed-by: Aleksandar Rikalo <arikalo@wavecomp.com>
Signed-off-by: Yongbok Kim <yongbok.kim@imgtec.com>
Signed-off-by: Aleksandar Markovic <amarkovic@wavecomp.com>
Fix nanoMIPS branch handling.
Reviewed-by: Aleksandar Rikalo <arikalo@wavecomp.com>
Signed-off-by: Stefan Markovic <smarkovic@wavecomp.com>
Signed-off-by: Aleksandar Markovic <amarkovic@wavecomp.com>
Amend some DSP instructions related comments.
Reviewed-by: Aleksandar Rikalo <arikalo@wavecomp.com>
Signed-off-by: Aleksandar Markovic <amarkovic@wavecomp.com>
Extend gen_scwp() functionality to support EVA by adding an
additional argument, modify internals of the function to handle
new functionality, and accordingly change its invocations.
Reviewed-by: Aleksandar Rikalo <arikalo@wavecomp.com>
Signed-off-by: Aleksandar Markovic <amarkovic@wavecomp.com>
"insn_flags" bitfield was expanded from 32-bit to 64-bit in commit
f9c9cd63e3. However, this was not reflected on the second argument
of the function cpu_supports_isa(). By chance, this did not create
some wrong behavior, since the left-most halves of all instances of
the second argument are currently all zeros. However, this is still
a bug waiting to happen. Correct this by changing the type of the
second argument to be always 64-bit.
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Signed-off-by: Aleksandar Markovic <amarkovic@wavecomp.com>
Rename macros for extracting 3-bit-coded GPR numbers, to achieve
better consistency with the nanoMIPS documentation.
Reviewed-by: Aleksandar Rikalo <arikalo@wavecomp.com>
Signed-off-by: Aleksandar Markovic <amarkovic@wavecomp.com>
Several macros were defined twice, with identical values, so
remove duplicates.
Previously added in 80845edf37.
This reverts commit 6bfa9f4c9c.
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Signed-off-by: Aleksandar Markovic <amarkovic@wavecomp.com>
Commit 8bca4613 added support for %% in json strings when interpolating,
but in doing so broke handling of % when not interpolating.
When parse_string() is fed a string token containing '%', it skips the
'%' regardless of ctxt->ap, i.e. even it's not interpolating. If the
'%' is the string's last character, it fails an assertion. Else, it
"merely" swallows the '%'.
Fix parse_string() to handle '%' specially only when interpolating.
To gauge the bug's impact, let's review non-interpolating users of this
parser, i.e. code passing NULL context to json_message_parser_init():
* tests/check-qjson.c, tests/test-qobject-input-visitor.c,
tests/test-visitor-serialization.c
Plenty of tests, but we still failed to cover the buggy case.
* monitor.c: QMP input
* qga/main.c: QGA input
* qobject_from_json():
- qobject-input-visitor.c: JSON command line option arguments of
-display and -blockdev
Reproducer: -blockdev '{"%"}'
- block.c: JSON pseudo-filenames starting with "json:"
Reproducer: https://bugzilla.redhat.com/show_bug.cgi?id=1668244#c3
- block/rbd.c: JSON key pairs
Pseudo-filenames starting with "rbd:".
Command line, QMP and QGA input are trusted.
Filenames are trusted when they come from command line, QMP or HMP.
They are untrusted when they come from from image file headers.
Example: QCOW2 backing file name. Note that this is *not* the security
boundary between host and guest. It's the boundary between host and an
image file from an untrusted source.
Neither failing an assertion nor skipping a character in a filename of
your choice looks exploitable. Note that we don't support compiling
with NDEBUG.
Fixes: 8bca4613e6
Cc: qemu-stable@nongnu.org
Signed-off-by: Christophe Fergeau <cfergeau@redhat.com>
Message-Id: <20190102140535.11512-1-cfergeau@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Tested-by: Richard W.M. Jones <rjones@redhat.com>
[Commit message extended to discuss impact]
Signed-off-by: Markus Armbruster <armbru@redhat.com>
New pages-per-second stat, a new test, and a bunch
of fixes and tidy ups.
-----BEGIN PGP SIGNATURE-----
iQIcBAABAgAGBQJcSI5IAAoJEAUWMx68W/3nQuoQAKvaW/g+EMEHBXeXkSttCTpz
n5hDhiIwj+sW6BXDqjS9r9zBbAeUvmlJELO+N35ELgZKZKAfymYjcP7MT3bHlnW+
8/AZdIuuVBBWvGS4iCgiScvBVwbj7HqeVynEk4Z2DudGckJpypNnfjx8ssBKs5Gt
DGGKcqrT3DGo5VxMbR/gYXCvsFtbqxVM3Taud4ReZNyuNQmMxRLe+O3JPQ2AHYbZ
lSWVp9R0AZx71ynpI5K2bZDe5f1Y6Ag9Ziitz+H0WOpiEcDdS5NHmnfq8Bm7x/Ef
0K/D2V2T9EVyiuGs6XAuyMV0n7RfpVN7OpMMH41SW6UzvS88YoXqLPuSPYPV5TGH
JhpenX/5ELAGEO/B7ITeaeKi9q4aQ4Fxbtpr/lWqStodCARzI7QS6arrUCOF0UhH
EGuKV/qoX7UMmz1KRA7vr6npSOZkdVVbdnRjG6zrTJpSBwCzZufUYKPaDDjc8pSD
+RY4rrFU1bMuQF5e8xyjKu8VWWN1YhN+uzWzf5OhTsW6josocSCzC3FTJPJStpbs
2hbXDptznfZw77W3qvKPX1hNMwl08im79NLyDo+PxniVilclMQ11GKyaWAGRggmQ
49012bWozON6pK2JIzv1GXLHNOAyLcTHdUfpywU100srBEkchrdq/SlEX49IiDW7
yh+a4BmwHjN4FDwCkufR
=xxTj
-----END PGP SIGNATURE-----
Merge remote-tracking branch 'remotes/dgilbert/tags/pull-migration-20190123a' into staging
Migration pull 2019-01-23
New pages-per-second stat, a new test, and a bunch
of fixes and tidy ups.
# gpg: Signature made Wed 23 Jan 2019 15:54:48 GMT
# gpg: using RSA key 0516331EBC5BFDE7
# gpg: Good signature from "Dr. David Alan Gilbert (RH2) <dgilbert@redhat.com>"
# Primary key fingerprint: 45F5 C71B 4A0C B7FB 977A 9FA9 0516 331E BC5B FDE7
* remotes/dgilbert/tags/pull-migration-20190123a:
migration: introduce pages-per-second
vmstate: constify SaveVMHandlers
tests: add /vmstate/simple/array
migration/rdma: unregister fd handler
migration: unify error handling for process_incoming_migration_co
migration: add more error handling for postcopy_ram_enable_notify
migration: multifd_save_cleanup() can't fail, simplify
migration: fix the multifd code when receiving less channels
Fix segmentation fault when qemu_signal_init fails
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
When using the e6500 CPU, QEMU generates a fatal error after
complaining about registering SPR 604 twice.
Building and testing with commit
9b2e891ec5 shows the issue:
qemu-system-ppc64 --version
QEMU emulator version 3.1.50 (v3.1.0-456-g9b2e891ec5-dirty)
Copyright (c) 2003-2018 Fabrice Bellard and the QEMU Project developers
qemu-system-ppc64 -M none -cpu e6500
Error: Trying to register SPR 604 (25c) twice !
Signed-off-by: Jon Diekema <jon.diekema@ge.com>
Message-Id: <CALvuzg43uSodseEHjNaRcPFBKKPTY2mcppUbYgiLL=QO9RxX_Q@mail.gmail.com>
[removed duplicated mail header in the commit message]
Signed-off-by: Laurent Vivier <laurent@vivier.eu>
Typo comes from upstream git://git.lwn.net/gitdm.git.
Signed-off-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Reviewed-by: Aleksandar Markovic <amarkovic@wavecomp.com>
Message-Id: <20190111155555.8270-1-philmd@redhat.com>
Signed-off-by: Laurent Vivier <laurent@vivier.eu>
The qio_channel_socket_close method for was mistakenly unlinking the
UNIX server socket, even if the channel was a client connection. This
was not noticed with chardevs, since they never call close, but with the
VNC server, this caused the VNC server socket to be deleted after the
first client quit.
The qio_channel_socket_close method also needlessly reimplemented the
logic that already exists in socket_listen_cleanup(). Just call that
method directly, for listen sockets only.
This fixes a regression introduced in QEMU 3.0.0 with
commit d66f78e1ea
Author: Pavel Balaev <mail@void.so>
Date: Mon May 21 19:17:35 2018 +0300
Delete AF_UNIX socket after close
Fixes launchpad #1795100
Reviewed-by: Eric Blake <eblake@redhat.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
Add the drivers listed in audio_possible_drivers to audio_drv_list,
using the try-* variants. That way the probable drivers are compiled by
default if possible.
Additioal tweaks:
linux: reorder to: pa alsa sdl oss.
*bsd: drop pa.
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Message-id: 20190124112055.547-7-kraxel@redhat.com
Only print a message about the failed driver initialization in case it
was the driver explicitly requested by the user via QEMU_AUDIO_DRV=$drv.
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Message-id: 20190124112055.547-6-kraxel@redhat.com
Check whenever the pulseaudio daemon pidfile is present before trying to
initialize the pulseaudio backend. Just return NULL if that is not the
case, so qemu will check the next backend in line.
In case the user explicitly configured a non-default pulseaudio server
skip the check.
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Message-id: 20190124112055.547-5-kraxel@redhat.com
For those audio drivers which can be probed (sdl, alsa, pulse) add a
try-$name variants. Unlike the variants without try- prefix they will
not error out on probe failure, the driver will be dropped from the list
instead. Mainly useful for the audio_drv_list default values.
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Message-id: 20190124112055.547-3-kraxel@redhat.com
Use pkg-config to probe for alsa and pulseaudio.
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Message-id: 20190124112055.547-2-kraxel@redhat.com
Get rid of the pcspk_state global, allow pc speaker
be added using "-device isa-pcspk".
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Message-id: 20190124110810.1040-1-kraxel@redhat.com
Hot-unplug a scsi-hd using an iothread. The previous patch fixes a
segfault in this scenario.
This patch adds a regression test.
Suggested-by: Alberto Garcia <berto@igalia.com>
Suggested-by: Kevin Wolf <kwolf@redhat.com>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
Reviewed-by: Alberto Garcia <berto@igalia.com>
Message-id: 20190114133257.30299-3-stefanha@redhat.com
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
The following QMP command leads to a crash when iothreads are used:
{ 'execute': 'device_del', 'arguments': {'id': 'data'} }
The backtrace involves the queue restart coroutine where
tgm->throttle_state is a NULL pointer because
throttle_group_unregister_tgm() has already been called:
(gdb) bt full
#0 0x00005585a7a3b378 in qemu_mutex_lock_impl (mutex=0xffffffffffffffd0, file=0x5585a7bb3d54 "block/throttle-groups.c", line=412) at util/qemu-thread-posix.c:64
err = <optimized out>
__PRETTY_FUNCTION__ = "qemu_mutex_lock_impl"
__func__ = "qemu_mutex_lock_impl"
#1 0x00005585a79be074 in throttle_group_restart_queue_entry (opaque=0x5585a9de4eb0) at block/throttle-groups.c:412
_f = <optimized out>
data = 0x5585a9de4eb0
tgm = 0x5585a9079440
ts = 0x0
tg = 0xffffffffffffff98
is_write = false
empty_queue = 255
This coroutine should not execute in the iothread after the throttle
group member has been unregistered!
The root cause is that the device_del code path schedules the restart
coroutine in the iothread while holding the AioContext lock. Therefore
the iothread cannot execute the coroutine until after device_del
releases the lock - by this time it's too late.
This patch adds a reference count to ThrottleGroupMember so we can
synchronously wait for restart coroutines to complete. Once they are
done it is safe to unregister the ThrottleGroupMember.
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
Reviewed-by: Alberto Garcia <berto@igalia.com>
Message-id: 20190114133257.30299-2-stefanha@redhat.com
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
This patch adds a new option to the input-linux object:
grab-toggle=[key-combo]
The key combination can be one of the following:
* ctrl-ctrl
* alt-alt
* meta-meta
* scrolllock
* ctrl-scrolllock
The user can pick any of these key combinations. The VM's grab
of the evdev device will be toggled when the key combination is
pressed.
Any invalid setting will result in an error. No setting will
result in the current default of ctrl-ctrl.
The right and left ctrl key both work for Ctrl-Scrolllock.
If scrolllock is selected as one of the grab-toggle keys, it
will be entirely disabled and not passed to the guest at all.
This is to prevent enabling it while attempting to leave or enter
the VM. On the host, scrolllock can be disabled using xmodmap.
First, find the modifier that Scroll_Lock is bound to:
$ xmodmap -pm
Then, remove Scroll_Lock from it, replacing modX with the modifier:
$ xmodmap -e 'remove modX = Scroll_Lock'
If Scroll_Lock is not bound to any modifier, it is already disabled.
To save the changes, add them to your xinitrc.
Ryan El Kochta (1):
input-linux: customizable grab toggle keys v5
Signed-off-by: Ryan El Kochta <relkochta@gmail.com>
Message-id: 20190123214555.12712-2-relkochta@gmail.com
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Added examples for the qom-list, qom-get, and qom-set
commands in qapi misc JSON file.
Signed-off-by: Wainer dos Santos Moschetta <wainersm@redhat.com>
Message-Id: <20181228194442.3506-1-wainersm@redhat.com>
Reviewed-by: Markus Armbruster <armbru@redhat.com>
Signed-off-by: Markus Armbruster <armbru@redhat.com>
The qapi_event_send_FOO() functions emit events like this:
QMPEventFuncEmit emit;
emit = qmp_event_get_func_emit();
if (!emit) {
return;
}
qmp = qmp_event_build_dict("FOO");
[put event arguments into @qmp...]
emit(QAPI_EVENT_FOO, qmp);
The value of qmp_event_get_func_emit() depends only on the program:
* In qemu-system-FOO, it's always monitor_qapi_event_queue.
* In tests/test-qmp-event, it's always event_test_emit.
* In all other programs, it's always null.
This is exactly the kind of dependence the linker is supposed to
resolve; we don't actually need an indirection.
Note that things would fall apart if we linked more than one QAPI
schema into a single program: each set of qapi_event_send_FOO() uses
its own event enumeration, yet they share a single emit function.
Which takes the event enumeration as an argument. Which one if
there's more than one?
More seriously: how does this work even now? qemu-system-FOO wants
QAPIEvent, and passes a function taking that to
qmp_event_set_func_emit(). test-qmp-event wants test_QAPIEvent, and
passes a function taking that to qmp_event_set_func_emit().
It works by type trickery, of course:
typedef void (*QMPEventFuncEmit)(unsigned event, QDict *dict);
void qmp_event_set_func_emit(QMPEventFuncEmit emit);
QMPEventFuncEmit qmp_event_get_func_emit(void);
We use unsigned instead of the enumeration type. Relies on both
enumerations boiling down to unsigned, which happens to be true for
the compilers we use.
Clean this up as follows:
* Generate qapi_event_send_FOO() that call PREFIX_qapi_event_emit()
instead of the value of qmp_event_set_func_emit().
* Generate a prototype for PREFIX_qapi_event_emit() into
qapi-events.h.
* PREFIX_ is empty for qapi/qapi-schema.json, and test_ for
tests/qapi-schema/qapi-schema-test.json. It's qga_ for
qga/qapi-schema.json, and doc-good- for
tests/qapi-schema/doc-good.json, but those don't define any events.
* Rename monitor_qapi_event_queue() to qapi_event_emit() instead of
passing it to qmp_event_set_func_emit(). This takes care of
qemu-system-FOO.
* Rename event_test_emit() to test_qapi_event_emit() instead of
passing it to qmp_event_set_func_emit(). This takes care of
tests/test-qmp-event.
* Add a qapi_event_emit() that does nothing to stubs/monitor.c. This
takes care of all other programs that link code emitting QMP events.
* Drop qmp_event_set_func_emit(), qmp_event_get_func_emit().
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Message-Id: <20181218182234.28876-3-armbru@redhat.com>
Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com>
[Commit message typos fixed]