The ARM946 has 8 PRBS (protection region base and size) registers.
Currently we implement these with a CP_ANY reginfo; however this
underdecodes (since there are 16 possible values of CRm but only
8 registers) and we catch the invalid values in the read and
write functions. However this causes issues with migration since
we only migrate the first of a wildcard register set, so we only
migrate c6_region[0]. It also makes it awkward to pull reginfo
access checks out into their own function.
Avoid all these problems by just defining separate reginfo structs
for each of the 8 registers; this also lets us avoid having any
read or write functions and will result in more efficient direct
field accesses from generated code.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Log guest attempts to access unimplemented system registers via
the LOG_UNIMP reporting mechanism (for both the 32 bit and 64 bit
instruction sets). This is particularly useful for debugging
problems where the guest is trying to use a system register that
QEMU doesn't implement.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Peter Crosthwaite <peter.crosthwaite@xilinx.com>
Remove the 'struct sr' from ARMCPUState -- it isn't actually used and is
a hangover from the original separate system register implementation used
by the SuSE linux-user-mode-only AArch64 target.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Peter Crosthwaite <peter.crosthwaite@xilinx.com>
The SCTLR bits S and R (8 and 9) only exist in ARMv6 and earlier.
In ARMv7 these bits RAZ, and in ARMv8 they are reassigned. Guard
the use of them in check_ap() so that we don't get incorrect results
for ARMv8 CPUs.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Peter Crosthwaite <peter.crosthwaite@xilinx.com>
The SCTLR is full of bits for enabling or disabling various things, and so
there are many places in the code which check if certain bits are set.
Define some named constants for the SCTLR bits so these checks are easier
to read.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Extend the set of CPUs for which we provide a QEMU_KVM_ARM_TARGET_*
constant to include all the ones currently supported by the kernel
headers we are using.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Implement the remaining instructions in the SIMD 3-reg-same
and scalar-3-reg-same groups: FMULX, FRECPS, FRSQRTS, FACGE,
FACGT, FMLA and FMLS.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Richard Henderson <rth@twiddle.net>
The ARMv8 instruction set includes a fused floating point
reciprocal square root step instruction which demands an
"(x * y + z) / 2" fused operation. Support this by adding
a flag to the softfloat muladd operations which requests
that the result is halved before rounding.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Richard Henderson <rth@twiddle.net>
Add support for the floating-point pairwise operations
FADDP, FMAXP, FMAXNMP, FMINP and FMINNMP. To do this we use the
code which was previously handling only integer pairwise operations,
and push the integer-specific decode and handling of unallocated
cases up one level in the call tree, so we can also call it from
the floating-point section of the decoder.
Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Richard Henderson <rth@twiddle.net>
This adds all forms of the SIMD floating point and set instructions:
FCM(GT|GE|EQ|LE|LT)
Most of the heavy lifting is done by either the existing neon helpers or
some new helpers for the 64bit double cases. Most of the code paths are
common although the 2misc versions are a little special as they compare
against zero.
Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
[PMM: fixed some minor bugs, added the 2-misc-scalar encoding]
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Richard Henderson <rth@twiddle.net>
Implement the scalar three different instruction group:
it only has three instructions in it.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Richard Henderson <rth@twiddle.net>
Implement the SIMD scalar indexed instructions. The encoding
here is nearly identical to the vector indexed grouping, so
we combine the two.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Richard Henderson <rth@twiddle.net>
Implement the 'long' operations in the vector x indexed
element category.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Richard Henderson <rth@twiddle.net>
Implement all the SIMD vector x indexed element instructions
in the subcategory which are not 'long' ops.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Richard Henderson <rth@twiddle.net>
Commit 40d225009e accidentally changed the behaviour of
gic_acknowledge_irq() for the NVIC. The NVIC doesn't have SGIs,
so this meant we hit an assertion:
gic_acknowledge_irq: Assertion `s->sgi_pending[irq][cpu] != 0' failed.
Return NVIC acknowledge-irq to its previous behaviour, like 11MPCore.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Christoffer Dall <christoffer.dall@linaro.org>
Commit 1b90d56e changed the implementation of in/out imm to not assign
the accessed port number to cpu_T[0] as it appeared unnecessary.
However, currently gen_check_io() makes use of cpu_T[0] to implement the
I/O bitmap checks, so it's in fact still used and the change broke the
check, leading to #GP in legitimate cases (and probably also allowing
access to ports that shouldn't be allowed).
This patch reintroduces the missing assignment for these cases.
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Reviewed-by: Richard Henderson <rth@twiddle.net>
The QEMU process stays running if the test case fails. This patch fixes
the leak by installing a SIGABRT signal handler which invokes
qtest_end().
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
Reviewed-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Paolo Bonzini <pbonzini@redhat.com>
qtest_init() cannot use exec*p() to launch QEMU since the exec*p()
functions take an argument array while qtest_init() takes char
*extra_args. Therefore we execute /bin/sh -c <command-line> and let the
shell parse the argument string.
This left /bin/sh as our child process and our child's child was QEMU.
We still want QEMU's pid so the -pidfile option was used to let QEMU
report its pid.
The pidfile needs to be unlinked when the test case exits or fails. In
other words, the pidfile creates a new problem for us!
Simplify all this using the shell 'exec' command. It allows us to
replace the /bin/sh process with QEMU. Then we no longer need to use
-pidfile because we already know our fork child's pid.
Note: Yes, it seems silly to exec /bin/sh when we could just exec QEMU
directly. But remember qtest_init() takes a single char *extra_args
command-line fragment instead of a real argv[] array, so we need
/bin/sh's argument parsing behavior.
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
Reviewed-by: Markus Armbruster <armbru@redhat.com>
Fix two issues in error handling in target_to_host_semarray():
* don't leak the host_array buffer if lock_user fails
* return an error if malloc() fails
v2: added missing * -Riku Voipio
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Riku Voipio <riku.voipio@linaro.org>
s/offet/offset/
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Reviewed-by: Fam Zheng <famz@redhat.com>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
Add generation of new files for LTTng ust.
Signed-off-by: Mohamad Gebai <mohamad.gebai@polymtl.ca>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
* A new format is required to generate definitions for ust tracepoints.
Files ust_events_h.py and ust_events_c.py define common macros, while
new function ust_events_h in events.py does the actual definition of
each tracepoint.
* ust.py generates the new interface for calling userspace tracepoints
with LTTng 2.x, replacing trace_name(args) to tracepoint(name, args).
* As explained in ust_events_c.py, -Wredundant-decls gives a warning
when compiling with gcc 4.7 or older. This is specific to lttng-ust so
for now use a pragma clause to avoid getting a warning.
Signed-off-by: Mohamad Gebai <mohamad.gebai@polymtl.ca>
Reviewed-by: Alex Bennée <alex@bennee.com>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
In lock_iovec() if lock_user() failed we were doing an unlock_user
but not a free(vec), which is the wrong way round. We were also
assuming that free() and unlock_user() don't touch errno, which
is not guaranteed. Fix both these problems.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Riku Voipio <riku.voipio@linaro.org>
When forcing a fatal signal, we weren't initialising the sa_flags
field in the struct sigaction we used to reset the signal handler
to SIG_DFL.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Riku Voipio <riku.voipio@linaro.org>
Avoid calling g_free() on unintialized data in the error-handling
paths in elf_core_dump() by splitting the initialization of the
elf_note_info struct out of fill_note_info() so that it's always
valid to call free_note_info() whether we got to the point of
being able to fill_note_info() or not.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Riku Voipio <riku.voipio@linaro.org>
Allow the scheduled transfer time be a bit behind, to
compensate for latencies. Without this xhci will wait
way to often for the mfindex wraparound, assuming the
scheduled time is in the future just because qemu is
a bit behind in processing the iso transfer requests.
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
It is dangerous to include user headers before system headers since user
macros can affect system headers.
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
Signed-off-by: Andreas Färber <afaerber@suse.de>
Introduce 'query-chardev-backends' QMP command which lists all
supported character device backends.
Signed-off-by: Martin Kletzander <mkletzan@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Signed-off-by: Luiz Capitulino <lcapitulino@redhat.com>
error_is_set(&var) is the same as var != NULL, but it takes
whole-program analysis to figure that out. Unnecessarily hard for
optimizers, static checkers, and human readers. Dumb it down to
obvious.
Gets rid of several dozen Coverity false positives.
Note that the obvious form is already used in many places.
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Reviewed-by: Andreas Färber <afaerber@suse.de>
Signed-off-by: Luiz Capitulino <lcapitulino@redhat.com>
qmp-shell hides the QMP wire protocol JSON encoding from the user. Most
of the time this is helpful and makes the command-line human-friendly.
Some QMP commands take a dict as an argument. In order to express this
we need to revert back to JSON notation.
This patch allows JSON dict arguments in qmp-shell so commands like
blockdev-add and nbd-server-start can be invoked:
(QEMU) blockdev-add options={"driver":"file","id":"drive1",...}
Note that spaces are not allowed since str.split() is used to break up
the command-line arguments first.
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Reviewed-by: Benoit Canet <benoit@irqsave.net>
Signed-off-by: Luiz Capitulino <lcapitulino@redhat.com>
This patch fixes a timing issue that migrate command (without -d) does not
block in some cases.
The original version of hmp.c:hmp_migrate_status_cb checks if the
migration status is 'active' or not to detect the completion of a migration.
However, if this function is executed when the migration status is stil
'setup' (the status before 'active'), migration command returns
immediately even if the user does not specify -d option.
Signed-off-by: Soramichi Akiyama <akiyama@nii.ac.jp>
Signed-off-by: Luiz Capitulino <lcapitulino@redhat.com>
These three-operand shift instructions do not require the shift count
to be placed into ECX. This reduces the number of mov insns required,
with the mere addition of a new register constraint.
Don't attempt to get rid of the matching constraint, as that's impossible
to manipulate with just a new constraint. In addition, constant shifts
still need the matching constraint.
Reviewed-by: Paolo Bonzini <pbonzini@redhat.com>
Reviewed-by: Aurelien Jarno <aurelien@aurel32.net>
Signed-off-by: Richard Henderson <rth@twiddle.net>
Note that the optimizer cannot simplify ANDC X,Y,C to AND X,Y,~C
so we must handle constants in the implementation of andc.
Reviewed-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Richard Henderson <rth@twiddle.net>