Instead of fixing the wrong parameter value, bitmap_clear(), bitmap_set
and width_mask were removed, and bitmap_intersect() was replaced by
!bitmap_empty(). The new operation is much shorter and equivalent to
the old operations.
The declarations of the dirty bitmaps in vnc.h were also wrong for 64 bit
hosts because of a rounding effect: for these hosts, VNC_MAX_WIDTH is no
longer a multiple of (16 * BITS_PER_LONG), so the rounded value of
VNC_DIRTY_WORDS was too small.
Fix both declarations by using the macro which is designed for this
purpose.
client_migrate_info was merged badly, placing it between the command
and the documentation for another command. In addition it did not
respect the general rule of hmp-commands.hx, of having command
definition before the documentation.
Vincent Palatin [Thu, 10 Mar 2011 20:47:46 +0000 (15:47 -0500)]
Fix performance regression in qemu_get_ram_ptr
When the commit f471a17e9d869df3c6573f7ec02c4725676d6f3a converted the
ram_blocks structure to QLIST, it also removed the conditional check before
switching the current block at the beginning of the list.
In the common use case where ram_blocks has a few blocks with only one
frequently accessed (the main RAM), this has a performance impact as it
performs the useless list operations on each call (which are on a really
hot path).
On my machine emulation (ARM on amd64), this patch reduces the
percentage of CPU time spent in qemu_get_ram_ptr from 6.3% to 2.1% in the
profiling of a full boot.
First, sysbus_init_irq shan't be called on on-stack variables. Indeed,
it only stores a passed pointer in qdev and the stored irq is later
populated, so we get a nice write-to-stack bug.
Second, irq for pxa27x should probably be handled in a more gentler way,
as we should check if we have events to raise this irq.
Stefan Hajnoczi [Sat, 26 Feb 2011 18:38:39 +0000 (18:38 +0000)]
simpletrace: Thread-safe tracing
Trace events outside the global mutex cannot be used with the simple
trace backend since it is not thread-safe. There is no check to prevent
them being enabled so people sometimes learn this the hard way.
This patch restructures the simple trace backend with a ring buffer
suitable for multiple concurrent writers. A writeout thread empties the
trace buffer when threshold fill levels are reached. Should the
writeout thread be unable to keep up with trace generation, records will
simply be dropped.
Each time events are dropped a special record is written to the trace
file indicating how many events were dropped. The event ID is
0xfffffffffffffffe and its signature is dropped(uint32_t count).
Michael Walle [Thu, 17 Feb 2011 22:45:12 +0000 (23:45 +0100)]
lm32: system control model
This patch add support for a system control block. It is supposed to
act as helper for the emulated program. E.g. shutting down the VM or
printing test results. This model is intended for testing purposes only and
doesn't fit to any real hardware. Therefore, it is not added to any board
by default. Instead a user has to add it explicitly with the '-device'
commandline parameter.
Michael Walle [Thu, 17 Feb 2011 22:45:08 +0000 (23:45 +0100)]
lm32: juart model
This patch adds the JTAG UART model. It is accessed through special control
registers and opcodes. Therefore the translation uses callbacks to this
model.
Michael Walle [Thu, 17 Feb 2011 22:45:07 +0000 (23:45 +0100)]
lm32: interrupt controller model
This patch adds the interrupt controller of the lm32. Because the PIC is
accessed through special control registers and opcodes, there are callbacks
from the lm32 translation code to this model.
Peter Maydell [Tue, 22 Feb 2011 18:19:43 +0000 (18:19 +0000)]
target-arm: Implement a minimal set of cp14 debug registers
Newer ARM kernels try to probe for whether the CPU has hardware breakpoint
support. For this to work QEMU has to implement a minimal set of the cp14
debug registers. The architecture requires v7 cores to implement debug
and so there is no defined way to report its absence; however in practice
returning a zero DBGDIDR (ie with a reserved value for "debug architecture
version") should cause well-written hw debug users to do the right thing.
We also implement DBGDRAR and DBGDSAR as RAZ, indicating no memory mapped
debug components.
Peter Maydell [Sun, 6 Mar 2011 21:39:54 +0000 (21:39 +0000)]
target-arm: Remove ad-hoc leak checking code
This commit removes the ad-hoc resource leak checking code from
target-arm. This includes replacing all uses of new_tmp() with
tcg_temp_new_i32() and all uses of dead_tmp() with
tcg_temp_free_i32().
Peter Maydell [Sun, 6 Mar 2011 21:39:53 +0000 (21:39 +0000)]
tcg: Add support for debugging leakage of temporaries
Add support (if CONFIG_DEBUG_TCG is defined) for debugging leakage
of temporary variables. Generally any temporaries created by
a target while it is translating an instruction should be freed
by the end of that instruction; otherwise carefully crafted
guest code could cause TCG to run out of temporaries and assert.
By calling tcg_check_temp_count() after each instruction we can
check that we are not leaking temporaries in this way.
target-arm: Integrate secondary CPU reset in arm_boot
Integrate secondary CPU reset into arm_boot, removing it from realview.c.
On non-Linux systems secondary CPUs start with the same entry as the boot
CPU.
Peter Maydell [Sun, 6 Mar 2011 20:32:09 +0000 (20:32 +0000)]
target-arm: Set carry flag correctly for Thumb2 ORNS
The code for Thumb2 ORNS (or negated and set flags) was trashing
a TCG input register which was needed later for use in calculating
flags, with the effect that the carry flag was always set with
the wrong sense. Fix this by using the TCG orc op instead of
separate not and or ops.
Jes Sorensen [Thu, 17 Feb 2011 12:26:05 +0000 (13:26 +0100)]
tracetool: Add optional argument to specify dtrace probe names
Optional feature allowing a user to generate the probe list to match
the name of the binary, in case they wish to install qemu under a
different name than qemu-{system,user},<arch>
Peter Maydell [Tue, 1 Mar 2011 17:35:19 +0000 (17:35 +0000)]
target-arm: Handle VMOV between two core and VFP single regs
Fix two bugs in the translation of the instructions VMOV sa,sb,rx,ry and
VMOV rx,ry,sa,sb (which copy between a pair of ARM core registers and a
pair of VFP single precision registers):
* An incorrect condition meant these instruction patterns were being
treated as load/store multiple, which resulted in the generation
of bad code and a runtime segfault
* The order of the core register pair was reversed so the values would
go to the wrong registers
Peter Maydell [Fri, 25 Feb 2011 15:04:12 +0000 (15:04 +0000)]
target-arm: Don't decode old cp15 WFI instructions on v7 cores
In v7 of the ARM architecture, WFI (wait for interrupt) is a first-class
instruction, but in previous versions this functionality was provided
via a cp15 coprocessor register. Add correct feature checks to the
decoding of the cp15 WFI instructions so that they behave correctly
for newer cores. In particular, the old 0,c7,c8,2 encoding used on
ARM940 has been reused for VA-to-PA translation in v6 and v7.
def end(self):
for elem in self.elems:
print hex(elem)
simpletrace.run(VirtqueueRequestTracker())
The simpletrace API is based around the Analyzer class. Users implement
an analyzer subclass and add methods for trace events they want to
process. A catchall() method is invoked for trace events which do not
have dedicated methods. Finally, there are also begin() and end()
methods like in sed that can be used to perform setup or print
statistics at the end.
Peter Maydell [Tue, 22 Feb 2011 13:02:26 +0000 (13:02 +0000)]
linux-user: Fix large seeks by 32 bit guest on 64 bit host
When emulating a 32 bit Linux user-mode program on a 64 bit target
we implement the llseek syscall in terms of lseek. Correct a bug
which meant we were silently casting the result of host lseek()
to a 32 bit integer as it passed through get_errno() and thus
throwing away the top half.
We also don't try to store the result back to userspace unless
the seek succeeded; this matches the kernel behaviour.
Thanks to Eoghan Sherry for identifying the problem and suggesting
a solution.
Peter Maydell [Mon, 21 Feb 2011 20:57:53 +0000 (20:57 +0000)]
hw/realview: Wire up the MMC card status
Instantiate the three PL061 GPIO modules the realview boards have.
Connect the MMC card status outputs of the PL181 MMC controller
to both the system registers and the GPIO module which handles
internal devices.
Peter Maydell [Mon, 21 Feb 2011 20:57:52 +0000 (20:57 +0000)]
hw/irq: Add qemu_irq_split() so one GPIO output can feed two inputs
Add a qemu_irq_split() function which allows a board to wire a single
GPIO output up to two GPIO inputs. This is needed for realview boards,
where the MMC card status is visible both in a system register and
via a PL061 GPIO module.
Peter Maydell [Mon, 21 Feb 2011 20:57:51 +0000 (20:57 +0000)]
hw/pl061.c: Implement ARM PL061 as well as Luminary one
ARM's PL061 has a different set of ID registers to the one in the
Luminary Stellaris; implement this so that the Linux driver can
identify the Realview PBX PL061 correctly.
Peter Maydell [Mon, 21 Feb 2011 20:57:49 +0000 (20:57 +0000)]
hw/pl181: Implement GPIO output pins for card status
Add two GPIO output pins to the PL181 model to indicate the card
present and readonly status information. On ARM boards these usually
are reflected in a system register.
Stefan Hajnoczi [Wed, 26 Jan 2011 12:31:00 +0000 (12:31 +0000)]
lsi53c895a: Update dnad when skipping MSGOUT bytes
Update not only dbc but also dnad when skipping bytes during the MSGOUT
phase. Previously only dbc was updated which is probably wrong and
could lead to bogus message codes being read.
Vincent Palatin [Wed, 2 Mar 2011 22:25:02 +0000 (17:25 -0500)]
net: fix qemu_can_send_packet logic
If any of the clients is not ready to receive (ie it has a can_receive
callback and can_receive() returns false), we don't want to start
sending, else this client may miss/discard the packet.
I got this behaviour with the following setup :
the emulated machine is using an USB-ethernet adapter, it is connected
to the network using SLIRP and I'm dumping the traffic in a .pcap file.
As per the following command line :
-net nic,model=usb,vlan=1 -net user,vlan=1 -net dump,vlan=1,file=/tmp/pkt.pcap
Every time that two packets are coming in a row from the host, the
usb-net code will receive the first one, then returns 0 to can_receive
call since it has a 1 packet long queue. But as the dump code is always
ready to receive, qemu_can_send_packet will return true and the next
packet will discard the previous one in the usb-net code.
Peter Maydell [Thu, 10 Feb 2011 16:53:04 +0000 (16:53 +0000)]
linux-user: fix compile failure if !CONFIG_USE_GUEST_BASE
If CONFIG_USE_GUEST_BASE is not defined, gcc complains:
linux-user/mmap.c:235: error: comparison of unsigned expression >= 0 is always true
because RESERVED_VA is #defined to 0. Since mmap_find_vma_reserved()
will never be called anyway if RESERVED_VA is always 0, fix this by
simply #ifdef'ing away the function and its callsite.
Stefan Hajnoczi [Thu, 3 Mar 2011 21:42:28 +0000 (21:42 +0000)]
virtio-net: Fix lduw_p() pointer argument of wrong size
A pointer to a size_t variable was passed as the void * pointer to
lduw_p() in virtio_net_receive(). Instead of acting on the 16-bit value
this caused failure on big-endian hosts.
Avoid this issue in the future by using stw_p() instead. In general we
should use ld*_p() for loading from target memory and st*_p() for
storing to target memory anyway, not the other way around.
Also tighten up a correct use of lduw_p() when stw_p() should be used
instead in virtio_net_get_config().
Aurelien Jarno [Thu, 24 Feb 2011 11:31:41 +0000 (12:31 +0100)]
target-sh4: move intr_at_halt out of cpu_halted()
All targets except SH4 have the same cpu_halted() routine, and it has
only one caller. It is therefore a good candidate for inlining.
The difference is the handling of the intr_at_halt, which is necessary
to ignore SR.BL when sleeping. Move intr_at_halt handling out of it, by
setting this variable while executing the sleep instruction, and
clearing it when the CPU has been woken-up by an interrupt, whatever the
state of SR.BL. Also rename this variable in_sleep.
VMSTATE_PCIE_AER_ERRS is indeed useful for other emulation drivers.
Move it to hw/hw.h under the name of VMSTATE_STRUCT_VARRAY_POINTER_UINT16.
Also add VMSTATE_STRUCT_VARRAY_POINTER_INT32 which is more or less
the same as _UINT16 macro, except the fact it uses int32_t internally.
Stefan Weil [Fri, 25 Feb 2011 22:30:20 +0000 (16:30 -0600)]
HACKING: Update status of format checking
Hopefully all functions with printf like arguments now use format checking.
This was tested with default build configuration on linux
and windows hosts (including some cross compilations),
so chances are good that there remain few (if any) functions
without format checking.
Therefore the last comment in HACKING is no longer valid but misleading.
Corentin Chary [Fri, 25 Feb 2011 21:54:53 +0000 (22:54 +0100)]
vnc: fix a memory leak in threaded vnc server
VncJobQueue's buffer is intended to be used for
as the output buffer for all operations in this queue,
but unfortunatly.
vnc_async_encoding_start() is in charge of setting this
buffer as the current output buffer, but
vnc_async_encoding_end() was not writting the changes back
to VncJobQueue, resulting in a big and ugly memleak.
Blue Swirl [Fri, 25 Feb 2011 17:21:22 +0000 (17:21 +0000)]
bitops: fix error on OpenBSD and mingw32
Fix this error:
CC bitops.o
In file included from /src/qemu/bitops.c:14:
/src/qemu/bitops.h:69: error: expected '=', ',', ';', 'asm' or '__attribute__' before 'unsigned'
Pavel Dovgaluk [Mon, 21 Feb 2011 11:47:50 +0000 (14:47 +0300)]
Fixing tap adapter for win32
This fix allows connection of internal VLAN to the external TAP interface.
If tap_win32_write function always returns 0, the TAP network interface
in QEMU is disabled.
Pavel Dovgaluk [Mon, 21 Feb 2011 11:46:44 +0000 (14:46 +0300)]
Fixing network over sockets implementation for win32
MSDN includes the following in WSAEALREADY error description for connect()
function: "To preserve backward compatibility, this error is reported as
WSAEINVAL to Winsock applications that link to either Winsock.dll or
Wsock32.dll". So check of this error code was added to allow network
connections through the sockets in Windows.
Gerd Hoffmann [Thu, 24 Feb 2011 05:44:12 +0000 (11:14 +0530)]
virtio-serial: kill VirtIOSerialDevice
VirtIOSerialDevice is like VirtIOSerialPort with just the first two
fields, which makes it pretty pointless. Using VirtIOSerialPort
directly works equally well and is less confusing.
[Amit: - rebase
- rename 'dev' to 'port' in function params in virtio-serial.h ]
David Gibson [Thu, 24 Feb 2011 05:34:59 +0000 (16:34 +1100)]
Add TAGS and *~ to .gitignore
Add the etags output generated by "make TAGS" and editor backup files
to .gitignore.
This patch has previously appeared in my series of patches to add
pSeries emulation support. However, it obviously has no real
connection to that, and can be applied seperately.
projects / qemu.git / log