git.osdn.net Git - qmiga/qemu.git/log

cutils: work around platform differences in strto{l,ul,ll,ull}

Linux returns 0 if no conversion was made, while OS X and presumably
the BSDs return EINVAL. The OS X convention rejects more invalid
inputs, so convert to it and adjust the test case.

Windows returns 1 from strtoul and strtoull (instead of -1) for
negative out-of-range input; fix it up.

Reported-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>

cpu-exec: fix lock hierarchy for user-mode emulation

tb_lock has to be taken inside the mmap_lock (example:
tb_invalidate_phys_range is called by target_mmap), but
tb_link_page is taking the mmap_lock and it is called
with the tb_lock held.

To fix this, take the mmap_lock in tb_find_slow, not
in tb_link_page.

Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>

exec: make mmap_lock/mmap_unlock globally available

There is some iffy lock hierarchy going on in translate-all.c. To
fix it, we need to take the mmap_lock in cpu-exec.c. Make the
functions globally available.

Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>

tcg: comment on which functions have to be called with mmap_lock held

Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>

tcg: add memory barriers in page_find_alloc accesses

page_find is reading the radix tree outside all locks, so it has to
use the RCU primitives. It does not need RCU critical sections
because the PageDescs are never removed, so there is never a need
to wait for the end of code sections that use a PageDesc.

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>

remove unused spinlock.

This just removes spinlock as it is not used anymore.

Signed-off-by: KONRAD Frederic <fred.konrad@greensocs.com>
Message-Id: <1439220437-23957-6-git-send-email-fred.konrad@greensocs.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>

replace spinlock by QemuMutex.

spinlock is only used in two cases:
  * cpu-exec.c: to protect TranslationBlock
  * mem_helper.c: for lock helper in target-i386 (which seems broken).

It's a pthread_mutex_t in user-mode, so we can use QemuMutex directly,
with an #ifdef.  The #ifdef will be removed when multithreaded TCG
will need the mutex as well.

Signed-off-by: KONRAD Frederic <fred.konrad@greensocs.com>
Message-Id: <1439220437-23957-5-git-send-email-fred.konrad@greensocs.com>
Signed-off-by: Emilio G. Cota <cota@braap.org>
[Merge Emilio G. Cota's patch to remove volatile. - Paolo]
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>

cpus: remove tcg_halt_cond and tcg_cpu_thread globals

This hides the tcg_halt_cond and tcg_cpu_thread global variables
inside qemu_tcg_init_vcpu. Multi-threaded TCG will need one
QemuCond and one QemuThread per virtual cpu, so it's preferrable
to use cpu->halt_cond and cpu->thread.

Signed-off-by: KONRAD Frederic <fred.konrad@greensocs.com>
Message-Id: <1439220437-23957-9-git-send-email-fred.konrad@greensocs.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>

cpus: protect work list with work_mutex

Protect the list of queued work items with something other than
the BQL, as a preparation for running the work items outside it.

Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: KONRAD Frederic <fred.konrad@greensocs.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>

scripts/dump-guest-memory.py: fix after RAMBlock change

commit 9b8424d5735278ca382f11adc7c63072b632ab83
"exec: split length -> used_length/max_length"
changed field names in struct RAMBlock

It turns out that scripts/dump-guest-memory.py was
poking at this field, update it accordingly.

Cc: qemu-stable@nongnu.org
Cc: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
Message-Id: <1440666378-3152-1-git-send-email-mst@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>

configure: Add support for jemalloc

This adds "--enable-jemalloc" and "--disable-jemalloc" to allow linking
to jemalloc memory allocator.

We have already tcmalloc support,
but it seem to not working well with a lot of iothreads/disks.

The main problem is that tcmalloc use a shared thread cache of 16MB
by default.
With more threads, this cache is shared, and some bad garbage collections
can occur if the cache is too low.

It's possible to tcmalloc cache increase it with a env var:
TCMALLOC_MAX_TOTAL_THREAD_CACHE_BYTES=256MB

With default 16MB, performances are  really bad with more than 2 disks.
Increasing to 256MB, it's helping but still have problem with 16 disks/iothreads.

Jemalloc don't have performance problem with default configuration.

Here the benchmark results in iops of 1 qemu vm randread 4K iodepth=32,
with rbd block backend (librbd is doing a lot of memory allocation),
1 iothread by disk

glibc malloc
------------

1 disk      29052
2 disks     55878
4 disks     127899
8 disks     240566
15 disks    269976

jemalloc
--------

1 disk      41278
2 disks     75781
4 disks     195351
8 disks     294241
15 disks    298199

tcmalloc 2.2.1 default 16M cache
--------------------------------

1 disk   37911
2 disks  67698
4 disks  41076
8 disks  43312
15 disks 37569

tcmalloc : 256M cache
---------------------------

1 disk     33914
2 disks    58839
4 disks    148205
8 disks    213298
15 disks   218383

Signed-off-by: Alexandre Derumier <aderumier@odiso.com>
Message-Id: <1434711418-20429-1-git-send-email-aderumier@odiso.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>

add macro file for coccinelle

Coccinelle chokes on some idioms from compiler.h and queue.h.
Extract those in a macro file, to be used with "--macro-file
scripts/cocci-macro-file.h".

Reviewed-by: Markus Armbruster <armbru@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>

configure: factor out adding disas configure

Every arch adds its disas configury to both its own config as well
config_disas_all. Make a small function do to both at once.

Signed-off-by: Peter Crosthwaite <crosthwaite.peter@gmail.com>
Message-Id: <1440844439-19391-1-git-send-email-crosthwaite.peter@gmail.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>

vhost-scsi: fix wrong vhost-scsi firmware path

vhost-scsi bootindex does't work because Qemu passes
wrong fireware path to seabios.

before:
/pci@i0cf8/scsi@7channel@0/vhost-scsi@0,0
after applying the patch:
/pci@i0cf8/scsi@7/channel@0/vhost-scsi@0,0

Reported-by: Subo <subo7@huawei.com>
Signed-off-by: Gonglei <arei.gonglei@huawei.com>
Message-Id: <1440553971-11108-1-git-send-email-arei.gonglei@huawei.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>

checkpatch: remove tests that are not relevant outside the kernel

Fully removing Sparse support requires more invasive changes. Only
remove the really kernel-specific parts such as address space names.

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>

checkpatch: adapt some tests to QEMU

Mostly change severity levels, but some tests can also be adjusted to refer
to QEMU APIs or data structures.

Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>

CODING_STYLE: update mixed declaration rules

Mixed declarations do come in handy at the top of #ifdef blocks.
Reluctantly allow this particular usage and suggest an alternative.

Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>

qmp: Add example usage of strto*l() qemu wrapper

Signed-off-by: Carlos L. Torres <carlos.torres@rackspace.com>
Message-Id: <11ac63e95d88551f1c2c9b1216b15d3cb8ba4468.1437346779.git.carlos.torres@rackspace.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>

cutils: Add qemu_strtoull() wrapper

Add wrapper for strtoull() function. Include unit tests.

Signed-off-by: Carlos L. Torres <carlos.torres@rackspace.com>
Message-Id: <e0f0f611c9a81f3c29f451d0b17d755dfab1e90a.1437346779.git.carlos.torres@rackspace.com>
[Use uint64_t in prototype. - Paolo]
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>

cutils: Add qemu_strtoll() wrapper

Add wrapper for strtoll() function. Include unit tests.

Signed-off-by: Carlos L. Torres <carlos.torres@rackspace.com>
Message-Id: <7454a6bb9ec03b629e8beb4f109dd30dc2c9804c.1437346779.git.carlos.torres@rackspace.com>
[Use int64_t in prototype, since that's what QEMU uses. - Paolo]
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>

cutils: Add qemu_strtoul() wrapper

Add wrapper for strtoul() function. Include unit tests.

Signed-off-by: Carlos L. Torres <carlos.torres@rackspace.com>
Message-Id: <9621b4ae8e35fded31c715c2ae2a98f904f07ad0.1437346779.git.carlos.torres@rackspace.com>
[Fix tests for 32-bit build. - Paolo]
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>

cutils: Add qemu_strtol() wrapper

Add wrapper for strtol() function. Include unit tests.

Signed-off-by: Carlos L. Torres <carlos.torres@rackspace.com>
Message-Id: <07199f1c0ff3892790c6322123aee1e92f580550.1437346779.git.carlos.torres@rackspace.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>

translate-all: remove obsolete comment about l1_map

l1_map is based on physical addresses in full-system mode, as pointed
out in an earlier comment. Said comment also mentions that virtual
addresses are only used in l1_map in user-only mode.

Signed-off-by: Emilio G. Cota <cota@braap.org>
Message-Id: <1440375847-17603-11-git-send-email-cota@braap.org>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>

linux-user: call rcu_(un)register_thread on pthread_(exit|create)

Signed-off-by: Emilio G. Cota <cota@braap.org>
Message-Id: <1440375847-17603-13-git-send-email-cota@braap.org>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>

rcu: fix comment with s/rcu_gp_lock/rcu_registry_lock/

Signed-off-by: Emilio G. Cota <cota@braap.org>
Message-Id: <1440375847-17603-10-git-send-email-cota@braap.org>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>

rcu: init rcu_registry_lock after fork

We were unlocking this lock after fork, which is wrong since
only the thread that holds a mutex is allowed to unlock it.

Signed-off-by: Emilio G. Cota <cota@braap.org>
Message-Id: <1440375847-17603-9-git-send-email-cota@braap.org>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>

Makefile.target: include top level build dir in vpath

Using ccache with CCACHE_BASEDIR set to $(SRC_PATH) or a parent will
rewrite all absolute paths to relative paths. This interacts poorly with
QEMU's two-level build directory scheme. For example, lets say
BUILD_DIR=$(SRC_PATH)/build so build/blockdev.d will contain:

blockdev.o: ../blockdev.c ../include/sysemu/block-backend.h \

Now the target build under build/x86_64-softmmu or similar will depend
on ../blockdev.o which in turn will get make to source ../blockdev.d to
check its dependencies. Since make always considers paths relative to
the current working directory rather than the makefile the path appeared
in the relative path to ../blockdev.c is useless.

This change simply adds the top level build directory to vpath so paths
relative to the source directory, top build directory, and target build
directory all work just fine.

Signed-off-by: Michael Marineau <michael.marineau@coreos.com>
Message-Id: <1439103775-11836-1-git-send-email-michael.marineau@coreos.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>

Move RAMBlock and ram_list to ram_addr.h

Signed-off-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
Message-Id: <1439547914-18249-1-git-send-email-dgilbert@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>

tcg: signal-free qemu_cpu_kick

Signals are slow and do not exist on Win32. The previous patches
have done most of the legwork to introduce memory barriers (some
of them were even there already for the sake of Windows!) and
we can now set the flags directly in the iothread.

qemu_cpu_kick_thread is not used anymore on TCG, since the TCG thread is
never outside usermode while the CPU is running (not halted). Instead run
the content of the signal handler (now in qemu_cpu_kick_no_halt) directly.
qemu_cpu_kick_no_halt is also used in qemu_mutex_lock_iothread to avoid
the overhead of qemu_cond_broadcast.

Reviewed-by: Richard Henderson <rth@twiddle.net>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>

use qemu_cpu_kick instead of cpu_exit or qemu_cpu_kick_thread

Use the same API to trigger interruption of a CPU, no matter if
under TCG or KVM. There is no difference: these calls come from
the CPU thread, so the qemu_cpu_kick calls will send a signal
to the running thread and it will be processed synchronously,
just like a call to cpu_exit. The only difference is in the
overhead, but neither call to cpu_exit (now qemu_cpu_kick)
is in a hot path.

Reviewed-by: Richard Henderson <rth@twiddle.net>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>

tcg: synchronize exit_request and tcg_current_cpu accesses

Synchronize the remaining pair of accesses in cpu_signal. These should
be necessary on Windows as well, at least in theory. Probably
SuspendProcess and ResumeProcess introduce some implicit memory
barrier.

Reviewed-by: Richard Henderson <rth@twiddle.net>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>

tcg: synchronize cpu->exit_request and cpu->tcg_exit_req accesses

Reviewed-by: Richard Henderson <rth@twiddle.net>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>

tcg: assign cpu->current_tb in a simpler place

TCG has not been reading cpu->current_tb from signal handlers for years.
The code that synchronized cpu_exec with the signal handler is not
needed anymore.

Reviewed-by: Richard Henderson <rth@twiddle.net>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>

remove qemu/tls.h

TLS is now required on all platforms, so DECLARE_TLS/DEFINE_TLS is not
needed anymore. Removing it does not break Windows because of the
previous patch.

Reviewed-by: Richard Henderson <rth@twiddle.net>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>

tcg: introduce tcg_current_cpu

This is already useful on Windows in order to remove tls.h, because
accesses to current_cpu are done from a different thread on that
platform. It will be used on POSIX platforms as soon TCG stops using
signals to interrupt the execution of translated code.

Reviewed-by: Richard Henderson <rth@twiddle.net>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>

i8257: remove cpu_request_exit irq

This is unused. cpu_exit now is almost exclusively an internal function
to the CPU execution loop. In a few patches, we'll change the remaining
occurrences to qemu_cpu_kick, making it truly internal.

Reviewed-by: Richard henderson <rth@twiddle.net>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>

i8257: rewrite DMA_schedule to avoid hooking into the CPU loop

The i8257 DMA controller uses an idle bottom half, which by default
does not cause the main loop to exit.  Therefore, the DMA_schedule
function is there to ensure that the CPU relinquishes the iothread
mutex to the iothread.

However, this is not enough since the iothread will call
aio_compute_timeout() and go to sleep again.  In the iothread
world, forcing execution of the idle bottom half is much simpler,
and only requires a call to qemu_notify_event().  Do it, removing
the need for the "cpu_request_exit" pseudo-irq.  The next patch
will remove it.

Reviewed-by: Richard Henderson <rth@twiddle.net>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>

Added generic panic handler qemu_system_guest_panicked()

There are pieces of guest panic handling code
that can be shared in one generic function.
These code replaced by call qemu_system_guest_panicked().

Signed-off-by: Andrey Smetanin <asmetanin@virtuozzo.com>
Signed-off-by: Denis V. Lunev <den@openvz.org>
CC: Paolo Bonzini <pbonzini@redhat.com>
CC: Andreas FÃ¤rber <afaerber@suse.de>
Message-Id: <1435924905-8926-10-git-send-email-den@openvz.org>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>

block/iscsi: validate block size returned from target

It has been reported that at least tgtd returns a block size of 0
for LUN 0. To avoid running into divide by zero later on and protect
against other problematic block sizes validate the block size right
at connection time.

Cc: qemu-stable@nongnu.org
Reported-by: Andrey Korolyov <andrey@xdel.ru>
Signed-off-by: Peter Lieven <pl@kamp.de>
Message-Id: <1439552016-8557-1-git-send-email-pl@kamp.de>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>

iohandler: Use aio API

iohandler.c shares the same interface with aio, but with duplicated
code. It's better to rebase iohandler, also because that aio is a
more friendly interface to multi-threads.

Create a global AioContext instance and let its GSource handle the
iohandler events.

Signed-off-by: Fam Zheng <famz@redhat.com>
Message-Id: <1441596538-4412-1-git-send-email-famz@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>

cpus.c: qemu_mutex_lock_iothread fix race condition at cpu thread init

When QEMU starts the RCU thread executes qemu_mutex_lock_thread
causing error "qemu:qemu_cpu_kick_thread: No such process" and exits.

This isn't occur frequently but in glibc the thread id can exist and
this not guarantee that the thread is on active/running state. If is
inserted a sleep(1) after newthread assignment [1] the issue appears.

So not make assumption that thread exist if first_cpu->thread is set
then change the validation of cpu to created that is set into cpu
threads (kvm, tcg, dummy).

[1] https://sourceware.org/git/?p=glibc.git;a=blob;f=nptl/pthread_create.c;h=d10f4ea8004e1d8f3a268b95cc0f8d93b8d89867;hb=HEAD#l621

Cc: qemu-stable@nongnu.org
Signed-off-by: Aníbal Limón <anibal.limon@linux.intel.com>
Message-Id: <1441313313-3040-1-git-send-email-anibal.limon@linux.intel.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>

seqlock: read sequence number atomically

With this change we make sure that the compiler will not
optimise the read of the sequence number in any way.

Signed-off-by: Emilio G. Cota <cota@braap.org>
Message-Id: <1440375847-17603-8-git-send-email-cota@braap.org>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>

seqlock: add missing 'inline' to seqlock_read_retry

Signed-off-by: Emilio G. Cota <cota@braap.org>
Message-Id: <1440375847-17603-7-git-send-email-cota@braap.org>
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>

qemu-thread: handle spurious futex_wait wakeups

Signed-off-by: Emilio G. Cota <cota@braap.org>
Message-Id: <1440375847-17603-12-git-send-email-cota@braap.org>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>

s390: fix softmmu compilation

guest_base must be used only in linux-user mode.

Signed-off-by: Laurent Vivier <laurent@vivier.eu>
Message-id: 1440757421-9674-1-git-send-email-laurent@vivier.eu
Reviewed-by: Richard Henderson <rth@twiddle.net>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>

qemu-doc.texi: Fix capitalization error in OS X build instructions

Fix a capitalization error in the OS X build instructions;
this was picked up in review of commit b352153f5f and intended to be
corrected before I applied it, but I accidentally didn't include it.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>

From: John Arbuckle <programmingkidx@gmail.com>

qemu-doc.texi: Add information on compiling source code on Mac OS X

Add information to the documentation on how to build QEMU
on Mac OS X.

Signed-off-by: John Arbuckle <programmingkidx@gmail.com>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
[PMM: fixed a minor capitalization error]
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>

Merge remote-tracking branch 'remotes/weil/tags/pull-tci-20150826' into staging

tci patch queue

# gpg: Signature made Wed 26 Aug 2015 19:51:07 BST using RSA key ID 677450AD
# gpg: Good signature from "Stefan Weil <sw@weilnetz.de>"
# gpg:                 aka "Stefan Weil <stefan.weil@weilnetz.de>"
# gpg:                 aka "Stefan Weil <stefan.weil@bib.uni-mannheim.de>"
# gpg: WARNING: This key is not certified with a trusted signature!
# gpg:          There is no indication that the signature belongs to the owner.
# Primary key fingerprint: 4923 6FEA 75C9 5D69 8EC2  B78A E08C 21D5 6774 50AD

* remotes/weil/tags/pull-tci-20150826:
  exec-all: Translate TCI return addresses backwards too

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>

exec-all: Translate TCI return addresses backwards too

This subtraction of return addresses applies directly to TCI as well as
host-TCG. This fixes Linux boots for at least Microblaze, CRIS, ARM and
SH4 when using TCI.

[sw: Removed indentation for preprocessor statement]
[sw: The patch also fixes Linux boot for x86_64]

Reviewed-by: Richard Henderson <rth@twiddle.net>
Signed-off-by: Stefan Weil <sw@weilnetz.de>
Signed-off-by: Peter Crosthwaite <crosthwaite.peter@gmail.com>

Merge remote-tracking branch 'remotes/kraxel/tags/pull-cve-2015-5225-20150826-1' into staging

vnc: fix memory corruption (CVE-2015-5225)

# gpg: Signature made Wed 26 Aug 2015 17:37:21 BST using RSA key ID D3E87138
# gpg: Good signature from "Gerd Hoffmann (work) <kraxel@redhat.com>"
# gpg:                 aka "Gerd Hoffmann <gerd@kraxel.org>"
# gpg:                 aka "Gerd Hoffmann (private) <kraxel@gmail.com>"

* remotes/kraxel/tags/pull-cve-2015-5225-20150826-1:
  vnc: fix memory corruption (CVE-2015-5225)

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>

vnc: fix memory corruption (CVE-2015-5225)

The _cmp_bytes variable added by commit "bea60dd ui/vnc: fix potential
memory corruption issues" can become negative.  Result is (possibly
exploitable) memory corruption.  Reason for that is it uses the stride
instead of bytes per scanline to apply limits.

For the server surface is is actually fine.  vnc creates that itself,
there is never any padding and thus scanline length always equals stride.

For the guest surface scanline length and stride are typically identical
too, but it doesn't has to be that way.  So add and use a new variable
(guest_ll) for the guest scanline length.  Also rename min_stride to
line_bytes to make more clear what it actually is.  Finally sprinkle
in an assert() to make sure we never use a negative _cmp_bytes again.

Reported-by: 范祚至(库特) <zuozhi.fzz@alibaba-inc.com>
Reviewed-by: P J P <ppandit@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>

Merge remote-tracking branch 'remotes/pmaydell/tags/pull-target-arm-20150825-1' into staging

target-arm queue:
* add missing EL2/EL3 TLBI operations
* add missing EL2/EL3 ATS operations
* add missing EL2/EL3 registers
* update Xilinx MAINTAINERS info
* Xilinx: connect the four OCM banks

# gpg: Signature made Tue 25 Aug 2015 16:22:43 BST using RSA key ID 14360CDE
# gpg: Good signature from "Peter Maydell <peter.maydell@linaro.org>"
# gpg:                 aka "Peter Maydell <pmaydell@gmail.com>"
# gpg:                 aka "Peter Maydell <pmaydell@chiark.greenend.org.uk>"

* remotes/pmaydell/tags/pull-target-arm-20150825-1:
  target-arm: Implement AArch64 TLBI operations on IPAs
  target-arm: Implement missing EL3 TLB invalidate operations
  target-arm: Implement missing EL2 TLBI operations
  target-arm: Restrict AArch64 TLB flushes to the MMU indexes they must touch
  target-arm: Move TLBI ALLE1/ALLE1IS definitions into numeric order
  cputlb: Add functions for flushing TLB for a single MMU index
  target-arm: Implement AArch32 ATS1H* operations
  target-arm: Enable the AArch32 ATS12NSO ops
  target-arm: Add CP_ACCESS_TRAP_UNCATEGORIZED_EL2, 3
  target-arm: Wire up AArch64 EL2 and EL3 address translation ops
  target-arm: there is no TTBR1 for 32-bit EL2 stage 1 translations
  target-arm: Implement missing ACTLR registers
  target-arm: Implement missing AFSR registers
  target-arm: Implement missing AMAIR registers
  target-arm: Add missing MAIR_EL3 and TPIDR_EL3 registers
  MAINTAINERS: Add ZynqMP to MAINTAINERS file
  MAINTAINERS: Update Xilinx Maintainership
  xlnx-zynqmp: Connect the four OCM banks

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>

target-arm: Implement AArch64 TLBI operations on IPAs

Implement the AArch64 TLBI operations which take an intermediate
physical address and invalidate stage 2 translations.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com>
Message-id: 1439548879-1972-7-git-send-email-peter.maydell@linaro.org

target-arm: Implement missing EL3 TLB invalidate operations

Implement the remaining stage 1 TLB invalidate operations
visible from EL3.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com>
Message-id: 1439548879-1972-6-git-send-email-peter.maydell@linaro.org

target-arm: Implement missing EL2 TLBI operations

Implement the missing TLBI operations that exist only
if EL2 is implemented.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com>
Message-id: 1439548879-1972-5-git-send-email-peter.maydell@linaro.org

target-arm: Restrict AArch64 TLB flushes to the MMU indexes they must touch

Now we have the ability to flush the TLB only for specific MMU indexes,
update the AArch64 TLB maintenance instruction implementations to only
flush the parts of the TLB they need to, rather than doing full flushes.

We take the opportunity to remove some duplicate functions (the per-asid
tlb ops work like the non-per-asid ones because we don't support
flushing a TLB only by ASID) and to bring the function names in line
with the architectural TLBI operation names.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com>
Message-id: 1439548879-1972-4-git-send-email-peter.maydell@linaro.org

target-arm: Move TLBI ALLE1/ALLE1IS definitions into numeric order

Move the two regdefs for TLBI ALLE1 and TLBI ALLE1IS down so that the
whole set of AArch64 TLBI regdefs is arranged in numeric order.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com>
Message-id: 1439548879-1972-3-git-send-email-peter.maydell@linaro.org

cputlb: Add functions for flushing TLB for a single MMU index

Guest CPU TLB maintenance operations may be sufficiently
specialized to only need to flush TLB entries corresponding
to a particular MMU index. Implement cputlb functions for
this, to avoid the inefficiency of flushing TLB entries
which we don't need to.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com>
Message-id: 1439548879-1972-2-git-send-email-peter.maydell@linaro.org

target-arm: Implement AArch32 ATS1H* operations

Implement the AArch32 ATS1H* operations which perform
Hyp mode stage 1 translations.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com>
Message-id: 1437751263-21913-6-git-send-email-peter.maydell@linaro.org

target-arm: Enable the AArch32 ATS12NSO ops

Apply the correct conditions in the ats_access() function for
the ATS12NSO* address translation operations:
* succeed at EL2 or EL3
* normal UNDEF trap from NS EL1
* trap to EL3 from S EL1 (only possible if EL3 is AArch64)

(This change means they're now available in our EL3-supporting
CPUs when they would previously always UNDEF.)

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com>
Message-id: 1437751263-21913-5-git-send-email-peter.maydell@linaro.org

target-arm: Add CP_ACCESS_TRAP_UNCATEGORIZED_EL2, 3

Some coprocessor register access functions need to be able
to report "trap to EL3 with an 'uncategorized' syndrome";
add the necessary CPAccessResult enum and handling for it.

I don't currently know of any registers that need to trap
to EL2 with the 'uncategorized' syndrome, but adding the
_EL2 enum as well is trivial and fills in what would
otherwise be an odd gap in the handling.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com>
Message-id: 1437751263-21913-4-git-send-email-peter.maydell@linaro.org

target-arm: Wire up AArch64 EL2 and EL3 address translation ops

Wire up the AArch64 EL2 and EL3 address translation operations
(AT S12E1*, AT S12E0*, AT S1E2*, AT S1E3*), and correct some
errors in the ats_write64() function in previously unused code
that would have done the wrong kind of lookup for accesses from
EL3 when SCR.NS==0.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com>
Message-id: 1437751263-21913-3-git-send-email-peter.maydell@linaro.org

target-arm: there is no TTBR1 for 32-bit EL2 stage 1 translations

For EL2 stage 1 translations, there is no TTBR1. We were already
handling this for 64-bit EL2; add the code to take the 'no TTBR1'
code path for 64-bit EL2 as well.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com>
Message-id: 1437751263-21913-2-git-send-email-peter.maydell@linaro.org

target-arm: Implement missing ACTLR registers

We already implemented ACTLR_EL1; add the missing ACTLR_EL2 and
ACTLR_EL3, for consistency.

Since we don't currently have any CPUs that need the EL2/EL3
versions to reset to non-zero values, implement as RAZ/WI.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com>
Message-id: 1438281398-18746-5-git-send-email-peter.maydell@linaro.org

target-arm: Implement missing AFSR registers

The AFSR registers are implementation dependent auxiliary fault
status registers. We already implemented a RAZ/WI AFSR0_EL1 and
AFSR_EL1; add the missing AFSR{0,1}_EL{2,3} for consistency.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com>
Message-id: 1438281398-18746-4-git-send-email-peter.maydell@linaro.org

target-arm: Implement missing AMAIR registers

The AMAIR registers are for providing auxiliary implementation
defined memory attributes. We already implemented a RAZ/WI
AMAIR_EL1; add the EL2 and EL3 versions for consistency.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com>
Message-id: 1438281398-18746-3-git-send-email-peter.maydell@linaro.org

target-arm: Add missing MAIR_EL3 and TPIDR_EL3 registers

Add the AArch64 registers MAIR_EL3 and TPIDR_EL3, which are the only
two which we had implemented the 32-bit Secure equivalents of but
not the 64-bit Secure versions.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com>
Message-id: 1438281398-18746-2-git-send-email-peter.maydell@linaro.org

MAINTAINERS: Add ZynqMP to MAINTAINERS file

Add the Xilinx ZynqMP SoC and EP108 machine to the maintainers
file.

Signed-off-by: Alistair Francis <alistair.francis@xilinx.com>
Reviewed-by: Peter Crosthwaite <peter.crosthwaite@xilinx.com>
Message-id: fed078103a0b02cfb3adadbe8e80e4420d554505.1436486024.git.alistair.francis@xilinx.com
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>

MAINTAINERS: Update Xilinx Maintainership

Peter C is leaving Xilinx, so update the maintainer list
to point to Alistair and Edgar from Xilinx and Peter's
personal email address.

Signed-off-by: Alistair Francis <alistair.francis@xilinx.com>
Reviewed-by: Peter Crosthwaite <peter.crosthwaite@xilinx.com>
Message-id: 54b4c070452bac05aa3a9c1d75899bc097fef831.1436486024.git.alistair.francis@xilinx.com
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>

xlnx-zynqmp: Connect the four OCM banks

The Xilinx EP108 has four separate OCM banks which are located
adjacent to each other. This patch adds the four banks to
the ZynqMP SoC.

Signed-off-by: Alistair Francis <alistair.francis@xilinx.com>
Reviewed-by: Peter Crosthwaite <peter.crosthwaite@xilinx.com>
Message-id: afa6ba31163a5d541a0bef4b0dc11f2597e0c495.1436813543.git.alistair.francis@xilinx.com
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>

Merge remote-tracking branch 'remotes/rth/tags/pull-tcg-20150824' into staging

queued tcg patches

# gpg: Signature made Mon 24 Aug 2015 19:37:15 BST using RSA key ID 4DD0279B
# gpg: Good signature from "Richard Henderson <rth7680@gmail.com>"
# gpg:                 aka "Richard Henderson <rth@redhat.com>"
# gpg:                 aka "Richard Henderson <rth@twiddle.net>"

* remotes/rth/tags/pull-tcg-20150824:
  linux-user: remove useless macros GUEST_BASE and RESERVED_VA
  linux-user: remove --enable-guest-base/--disable-guest-base
  tcg/aarch64: Use softmmu fast path for unaligned accesses
  tcg/s390: Use softmmu fast path for unaligned accesses
  tcg/ppc: Improve unaligned load/store handling on 64-bit backend
  tcg/i386: use softmmu fast path for unaligned accesses
  tcg: Remove tcg_gen_trunc_i64_i32
  tcg: Split trunc_shr_i32 opcode into extr[lh]_i64_i32
  tcg: update README about size changing ops
  tcg/optimize: add optimizations for ext_i32_i64 and extu_i32_i64 ops
  tcg: implement real ext_i32_i64 and extu_i32_i64 ops
  tcg: don't abuse TCG type in tcg_gen_trunc_shr_i64_i32
  tcg: rename trunc_shr_i32 into trunc_shr_i64_i32
  tcg/optimize: allow constant to have copies
  tcg/optimize: track const/copy status separately
  tcg/optimize: add temp_is_const and temp_is_copy functions
  tcg/optimize: optimize temps tracking
  tcg/optimize: fix constant signedness

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>

linux-user: remove useless macros GUEST_BASE and RESERVED_VA

As we have removed CONFIG_USE_GUEST_BASE, we always use a guest base
and the macros GUEST_BASE and RESERVED_VA become useless: replace
them by their values.

Reviewed-by: Alexander Graf <agraf@suse.de>
Signed-off-by: Laurent Vivier <laurent@vivier.eu>
Message-Id: <1440420834-8388-1-git-send-email-laurent@vivier.eu>
Signed-off-by: Richard Henderson <rth@twiddle.net>

linux-user: remove --enable-guest-base/--disable-guest-base

All tcg host architectures now support the guest base and as
there is no real performance lost, it can be always enabled.

Anyway, guest base use can be disabled lively by setting guest
base to 0.

CONFIG_USE_GUEST_BASE is defined as (USE_GUEST_BASE && USER_ONLY),
it should have to be replaced by CONFIG_USER_ONLY in non CONFIG_USER_ONLY
parts, but as some other parts are using !CONFIG_SOFTMMU I have chosen to
use !CONFIG_SOFTMMU instead.

Reviewed-by: Alexander Graf <agraf@suse.de>
Signed-off-by: Laurent Vivier <laurent@vivier.eu>
Message-Id: <1440373328-9788-2-git-send-email-laurent@vivier.eu>
Signed-off-by: Richard Henderson <rth@twiddle.net>

tcg/aarch64: Use softmmu fast path for unaligned accesses

Signed-off-by: Richard Henderson <rth@twiddle.net>

tcg/s390: Use softmmu fast path for unaligned accesses

Signed-off-by: Richard Henderson <rth@twiddle.net>

tcg/ppc: Improve unaligned load/store handling on 64-bit backend

Currently, we get to the slow path for any unaligned access in the
backend, because we effectively preserve the bottom address bits
below the alignment requirement when comparing with the TLB entry,
so any non-0 bit there will cause the compare to fail.

For the same number of instructions, we can instead add the access
size - 1 to the address and stick to clearing all the bottom bits.

That means that normal unaligned accesses will not fallback (the HW
will handle them fine). Only when crossing a page boundary well we
end up having a mismatch because we'll end up pointing to the next
page which cannot possibly be in that same TLB entry.

Reviewed-by: Aurelien Jarno <aurelien@aurel32.net>
Signed-off-by: Benjamin Herrenschmidt <benh@kernel.crashing.org>
Message-Id: <1437455978.5809.2.camel@kernel.crashing.org>
Signed-off-by: Richard Henderson <rth@twiddle.net>

tcg/i386: use softmmu fast path for unaligned accesses

Softmmu unaligned load/stores currently goes through through the slow
path for two reasons:
- to support unaligned access on host with strict alignement
- to correctly handle accesses crossing pages

x86 is only concerned by the second reason. Unaligned accesses are
avoided by compilers, but are not uncommon. We therefore would like
to see them going through the fast path, if they don't cross pages.

For that we can use the fact that two adjacent TLB entries can't contain
the same page. Therefore accessing the TLB entry corresponding to the
first byte, but comparing its content to page address of the last byte
ensures that we don't cross pages. We can do this check without adding
more instructions in the TLB code (but increasing its length by one
byte) by using the LEA instruction to combine the existing move with the
size addition.

On an x86-64 host, this gives a 3% boot time improvement for a powerpc
guest and 4% for an x86-64 guest.

[rth: Tidied calculation of the offset mask]

Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
Message-Id: <1436467197-2183-1-git-send-email-aurelien@aurel32.net>
Signed-off-by: Richard Henderson <rth@twiddle.net>

tcg: Remove tcg_gen_trunc_i64_i32

Replacing it with tcg_gen_extrl_i64_i32.

Signed-off-by: Richard Henderson <rth@twiddle.net>

tcg: Split trunc_shr_i32 opcode into extr[lh]_i64_i32

Rather than allow arbitrary shift+trunc, only concern ourselves
with low and high parts. This is all that was being used anyway.

Signed-off-by: Richard Henderson <rth@twiddle.net>

tcg: update README about size changing ops

Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
Signed-off-by: Richard Henderson <rth@twiddle.net>

tcg/optimize: add optimizations for ext_i32_i64 and extu_i32_i64 ops

They behave the same as ext32s_i64 and ext32u_i64 from the constant
folding and zero propagation point of view, except that they can't
be replaced by a mov, so we don't compute the affected value.

Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
Signed-off-by: Richard Henderson <rth@twiddle.net>

tcg: implement real ext_i32_i64 and extu_i32_i64 ops

Implement real ext_i32_i64 and extu_i32_i64 ops. They ensure that a
32-bit value is always converted to a 64-bit value and not propagated
through the register allocator or the optimizer.

Cc: Andrzej Zaborowski <balrogg@gmail.com>
Cc: Alexander Graf <agraf@suse.de>
Cc: Blue Swirl <blauwirbel@gmail.com>
Cc: Stefan Weil <sw@weilnetz.de>
Acked-by: Claudio Fontana <claudio.fontana@huawei.com>
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
Signed-off-by: Richard Henderson <rth@twiddle.net>

tcg: don't abuse TCG type in tcg_gen_trunc_shr_i64_i32

The tcg_gen_trunc_shr_i64_i32 function takes a 64-bit argument and
returns a 32-bit value. Directly call tcg_gen_op3 with the correct
types instead of calling tcg_gen_op3i_i32 and abusing the TCG types.

Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
Signed-off-by: Richard Henderson <rth@twiddle.net>

tcg: rename trunc_shr_i32 into trunc_shr_i64_i32

The op is sometimes named trunc_shr_i32 and sometimes trunc_shr_i64_i32,
and the name in the README doesn't match the name offered to the
frontends.

Always use the long name to make it clear it is a size changing op.

Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
Signed-off-by: Richard Henderson <rth@twiddle.net>

tcg/optimize: allow constant to have copies

Now that copies and constants are tracked separately, we can allow
constant to have copies, deferring the choice to use a register or a
constant to the register allocation pass. This prevent this kind of
regular constant reloading:

-OUT: [size=338]
+OUT: [size=298]
   mov    -0x4(%r14),%ebp
   test   %ebp,%ebp
   jne    0x7ffbe9cb0ed6
   mov    $0x40002219f8,%rbp
   mov    %rbp,(%r14)
-  mov    $0x40002219f8,%rbp
   mov    $0x4000221a20,%rbx
   mov    %rbp,(%rbx)
   mov    $0x4000000000,%rbp
   mov    %rbp,(%r14)
-  mov    $0x4000000000,%rbp
   mov    $0x4000221d38,%rbx
   mov    %rbp,(%rbx)
   mov    $0x40002221a8,%rbp
   mov    %rbp,(%r14)
-  mov    $0x40002221a8,%rbp
   mov    $0x4000221d40,%rbx
   mov    %rbp,(%rbx)
   mov    $0x4000019170,%rbp
   mov    %rbp,(%r14)
-  mov    $0x4000019170,%rbp
   mov    $0x4000221d48,%rbx
   mov    %rbp,(%rbx)
   mov    $0x40000049ee,%rbp
   mov    %rbp,0x80(%r14)
   mov    %r14,%rdi
   callq  0x7ffbe99924d0
   mov    $0x4000001680,%rbp
   mov    %rbp,0x30(%r14)
   mov    0x10(%r14),%rbp
   mov    $0x4000001680,%rbp
   mov    %rbp,0x30(%r14)
   mov    0x10(%r14),%rbp
   shl    $0x20,%rbp
   mov    (%r14),%rbx
   mov    %ebx,%ebx
   mov    %rbx,(%r14)
   or     %rbx,%rbp
   mov    %rbp,0x10(%r14)
   mov    %rbp,0x90(%r14)
   mov    0x60(%r14),%rbx
   mov    %rbx,0x38(%r14)
   mov    0x28(%r14),%rbx
   mov    $0x4000220e60,%r12
   mov    %rbx,(%r12)
   mov    $0x40002219c8,%rbx
   mov    %rbp,(%rbx)
   mov    0x20(%r14),%rbp
   sub    $0x8,%rbp
   mov    $0x4000004a16,%rbx
   mov    %rbx,0x0(%rbp)
   mov    %rbp,0x20(%r14)
   mov    $0x19,%ebp
   mov    %ebp,0xa8(%r14)
   mov    $0x4000015110,%rbp
   mov    %rbp,0x80(%r14)
   xor    %eax,%eax
   jmpq   0x7ffbebcae426
   lea    -0x5f6d72a(%rip),%rax        # 0x7ffbe3d437b3
   jmpq   0x7ffbebcae426

Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
Signed-off-by: Richard Henderson <rth@twiddle.net>

tcg/optimize: track const/copy status separately

Instead of using an enum which could be either a copy or a const, track
them separately. This will be used in the next patch.

Constants are tracked through a bool. Copies are tracked by initializing
temp's next_copy and prev_copy to itself, allowing to simplify the code
a bit.

Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
Signed-off-by: Richard Henderson <rth@twiddle.net>

tcg/optimize: add temp_is_const and temp_is_copy functions

Add two accessor functions temp_is_const and temp_is_copy, to make the
code more readable and make code change easier.

Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
Signed-off-by: Richard Henderson <rth@twiddle.net>

tcg/optimize: optimize temps tracking

The tcg_temp_info structure uses 24 bytes per temp. Now that we emulate
vector registers on most guests, it's not uncommon to have more than 100
used temps. This means we have initialize more than 2kB at least twice
per TB, often more when there is a few goto_tb.

Instead used a TCGTempSet bit array to track which temps are in used in
the current basic block. This means there are only around 16 bytes to
initialize.

This improves the boot time of a MIPS guest on an x86-64 host by around
7% and moves out tcg_optimize from the the top of the profiler list.

[rth: Handle TCG_CALL_DUMMY_ARG]

Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
Signed-off-by: Richard Henderson <rth@twiddle.net>

tcg/optimize: fix constant signedness

By convention, on a 64-bit host TCG internally stores 32-bit constants
as sign-extended. This is not the case in the optimizer when a 32-bit
constant is folded.

This doesn't seem to have more consequences than suboptimal code
generation. For instance the x86 backend assumes sign-extended constants,
and in some rare cases uses a 32-bit unsigned immediate 0xffffffff
instead of a 8-bit signed immediate 0xff for the constant -1. This is
with a ppc guest:

before
------

---- 0x9f29cc
movi_i32 tmp1,$0xffffffff
movi_i32 tmp2,$0x0
add2_i32 tmp0,CA,CA,tmp2,r6,tmp2
add2_i32 tmp0,CA,tmp0,CA,tmp1,tmp2
mov_i32 r10,tmp0

0x7fd8c7dfe90c:  xor    %ebp,%ebp
0x7fd8c7dfe90e:  mov    %ebp,%r11d
0x7fd8c7dfe911:  mov    0x18(%r14),%r9d
0x7fd8c7dfe915:  add    %r9d,%r10d
0x7fd8c7dfe918:  adc    %ebp,%r11d
0x7fd8c7dfe91b:  add    $0xffffffff,%r10d
0x7fd8c7dfe922:  adc    %ebp,%r11d
0x7fd8c7dfe925:  mov    %r11d,0x134(%r14)
0x7fd8c7dfe92c:  mov    %r10d,0x28(%r14)

after
-----

---- 0x9f29cc
movi_i32 tmp1,$0xffffffffffffffff
movi_i32 tmp2,$0x0
add2_i32 tmp0,CA,CA,tmp2,r6,tmp2
add2_i32 tmp0,CA,tmp0,CA,tmp1,tmp2
mov_i32 r10,tmp0

0x7f37010d490c:  xor    %ebp,%ebp
0x7f37010d490e:  mov    %ebp,%r11d
0x7f37010d4911:  mov    0x18(%r14),%r9d
0x7f37010d4915:  add    %r9d,%r10d
0x7f37010d4918:  adc    %ebp,%r11d
0x7f37010d491b:  add    $0xffffffffffffffff,%r10d
0x7f37010d491f:  adc    %ebp,%r11d
0x7f37010d4922:  mov    %r11d,0x134(%r14)
0x7f37010d4929:  mov    %r10d,0x28(%r14)

Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
Message-Id: <1436544211-2769-2-git-send-email-aurelien@aurel32.net>
Signed-off-by: Richard Henderson <rth@twiddle.net>

configure: Don't permit SDL or GTK on OSX

The cocoa GUI frontend assumes it is the only GUI (it redefines
main() so it always gets control before the rest of QEMU), so
it does not play well with other UIs like SDL or GTK. (Mostly
people building QEMU on OSX don't have the necessary dependencies
available for configure to build those other front ends, so
mostly this problem goes unnoticed.)

Make configure automatically disable the SDL and GTK front ends
if the cocoa front end is enabled. (We were sort of attempting
to do this for SDL before, but not in a way that worked very well.)

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Daniel P. Berrange <berrange@redhat.com>
Reviewed-by: John Arbuckle <programmingkidx@gmail.com>
Message-id: 1439565052-3457-1-git-send-email-peter.maydell@linaro.org

apic_internal.h: Include cpu.h directly

apic_internal.h relies on cpu.h having been included (for the
X86CPU type); include it directly rather than relying on it
being pulled in via one of the other includes like timer.h.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Daniel P. Berrange <berrange@redhat.com>

qemu-common.h: Move muldiv64() to host-utils.h

Move the muldiv64() function from qemu-common.h to host-utils.h.
This puts it together with all the other arithmetic functions
where we provide a version with __int128_t and a fallback
without, and allows headers which need muldiv64() to avoid
including qemu-common.h.

We don't include host-utils from qemu-common.h, to avoid dragging
more things into qemu-common.h than it already has; in practice
everywhere that needs muldiv64() can get it via qemu/timer.h.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Daniel P. Berrange <berrange@redhat.com>

osdep.h: Add header comment

Add a header comment to osdep.h, explaining what the header is for
and some rules to avoid circular-include difficulties.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Daniel P. Berrange <berrange@redhat.com>

osdep.h: Move some OS header includes and fixups from qemu-common.h

qemu-common.h has some system header includes and fixups for
things that might be missing. This is really an OS dependency
and belongs in osdep.h, so move it across.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Daniel P. Berrange <berrange@redhat.com>

qemu-common.h: Move Win32 fixups into os-win32.h

qemu-common.h includes some fixups for things the Win32
headers don't define or define weirdly. These really
belong in os-win32.h, so move them there.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Daniel P. Berrange <berrange@redhat.com>

compiler.h: Use glue() in QEMU_BUILD_BUG_ON define

Rather than rolling custom concatenate-strings macros for the
QEMU_BUILD_BUG_ON macro to use, use the glue() macro we already
have (since it's now available to us in this header).

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Daniel P. Berrange <berrange@redhat.com>

osdep.h: Move some compiler-specific things to compiler.h

osdep.h has a few things which are really compiler specific;
move them to compiler.h, and include compiler.h from osdep.h.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Daniel P. Berrange <berrange@redhat.com>

osdep.h: Remove qemu_printf

qemu_printf is an ancient remnant which has been a simple #define to
printf for over a decade, and is used in only a few places. Expand
it out in those places and remove the #define.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Daniel P. Berrange <berrange@redhat.com>

qapi/qmp-event.c: Don't manually include os-win32.h/os-posix.h

qmp-event.c already includes qemu-common.h, so manually including
os-win32.h/os-posix.h is unnecessary (and potentially fragile,
since it's duplicating the #ifdef logic that chooses which of the
two we need). Remove the unnecessary include logic.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Daniel P. Berrange <berrange@redhat.com>

Merge remote-tracking branch 'remotes/rth/tags/pull-axp-201508018' into staging

Alpha shadow register optimization

# gpg: Signature made Tue 18 Aug 2015 19:09:41 BST using RSA key ID 4DD0279B
# gpg: Good signature from "Richard Henderson <rth7680@gmail.com>"
# gpg:                 aka "Richard Henderson <rth@redhat.com>"
# gpg:                 aka "Richard Henderson <rth@twiddle.net>"

* remotes/rth/tags/pull-axp-201508018:
  target-alpha: Inline hw_ret
  target-alpha: Inline call_pal
  target-alpha: Use separate TCGv temporaries for the shadow registers

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>