diff options
37 files changed, 221 insertions, 127 deletions
diff --git a/.gitmodules b/.gitmodules index c613722e3c..49e9c2e3f4 100644 --- a/.gitmodules +++ b/.gitmodules @@ -45,4 +45,4 @@ url = git://github.com/hdeller/seabios-hppa.git [submodule "roms/u-boot-sam460ex"] path = roms/u-boot-sam460ex - url = git://github.com/zbalaton/u-boot-sam460ex + url = git://git.qemu.org/u-boot-sam460ex.git diff --git a/block/commit.c b/block/commit.c index ab4fa3c3cf..1432baeef4 100644 --- a/block/commit.c +++ b/block/commit.c @@ -202,6 +202,8 @@ static void coroutine_fn commit_run(void *opaque) if (copy && s->common.speed) { delay_ns = ratelimit_calculate_delay(&s->limit, n); + } else { + delay_ns = 0; } } diff --git a/block/stream.c b/block/stream.c index f3b53f49e2..1a85708fcf 100644 --- a/block/stream.c +++ b/block/stream.c @@ -188,6 +188,8 @@ static void coroutine_fn stream_run(void *opaque) s->common.offset += n; if (copy && s->common.speed) { delay_ns = ratelimit_calculate_delay(&s->limit, n); + } else { + delay_ns = 0; } } @@ -892,11 +892,19 @@ void qemu_timer_notify_cb(void *opaque, QEMUClockType type) return; } - if (!qemu_in_vcpu_thread() && first_cpu) { + if (qemu_in_vcpu_thread()) { + /* A CPU is currently running; kick it back out to the + * tcg_cpu_exec() loop so it will recalculate its + * icount deadline immediately. + */ + qemu_cpu_kick(current_cpu); + } else if (first_cpu) { /* qemu_cpu_kick is not enough to kick a halted CPU out of * qemu_tcg_wait_io_event. async_run_on_cpu, instead, * causes cpu_thread_is_idle to return false. This way, * handle_icount_deadline can run. + * If we have no CPUs at all for some reason, we don't + * need to do anything. */ async_run_on_cpu(first_cpu, do_nothing, RUN_ON_CPU_NULL); } diff --git a/fpu/softfloat.c b/fpu/softfloat.c index 6e16284e66..b46dccc63e 100644 --- a/fpu/softfloat.c +++ b/fpu/softfloat.c @@ -1486,8 +1486,8 @@ uint ## isz ## _t float ## fsz ## _to_uint ## isz ## _round_to_zero \ (float ## fsz a, float_status *s) \ { \ FloatParts p = float ## fsz ## _unpack_canonical(a, s); \ - return round_to_uint_and_pack(p, s->float_rounding_mode, \ - UINT ## isz ## _MAX, s); \ + return round_to_uint_and_pack(p, float_round_to_zero, \ + UINT ## isz ## _MAX, s); \ } FLOAT_TO_UINT(16, 16) diff --git a/hw/arm/allwinner-a10.c b/hw/arm/allwinner-a10.c index 43a3f01f45..5dbbacb7e8 100644 --- a/hw/arm/allwinner-a10.c +++ b/hw/arm/allwinner-a10.c @@ -38,11 +38,6 @@ static void aw_a10_init(Object *obj) object_initialize(&s->emac, sizeof(s->emac), TYPE_AW_EMAC); qdev_set_parent_bus(DEVICE(&s->emac), sysbus_get_default()); - /* FIXME use qdev NIC properties instead of nd_table[] */ - if (nd_table[0].used) { - qemu_check_nic_model(&nd_table[0], TYPE_AW_EMAC); - qdev_set_nic_properties(DEVICE(&s->emac), &nd_table[0]); - } object_initialize(&s->sata, sizeof(s->sata), TYPE_ALLWINNER_AHCI); qdev_set_parent_bus(DEVICE(&s->sata), sysbus_get_default()); @@ -91,6 +86,11 @@ static void aw_a10_realize(DeviceState *dev, Error **errp) sysbus_connect_irq(sysbusdev, 4, s->irq[67]); sysbus_connect_irq(sysbusdev, 5, s->irq[68]); + /* FIXME use qdev NIC properties instead of nd_table[] */ + if (nd_table[0].used) { + qemu_check_nic_model(&nd_table[0], TYPE_AW_EMAC); + qdev_set_nic_properties(DEVICE(&s->emac), &nd_table[0]); + } object_property_set_bool(OBJECT(&s->emac), true, "realized", &err); if (err != NULL) { error_propagate(errp, err); @@ -118,7 +118,7 @@ static void aw_a10_class_init(ObjectClass *oc, void *data) DeviceClass *dc = DEVICE_CLASS(oc); dc->realize = aw_a10_realize; - /* Reason: Uses serial_hds in realize and nd_table in instance_init */ + /* Reason: Uses serial_hds and nd_table in realize function */ dc->user_creatable = false; } diff --git a/hw/arm/boot.c b/hw/arm/boot.c index 9319b12fcd..26184bcd7c 100644 --- a/hw/arm/boot.c +++ b/hw/arm/boot.c @@ -422,6 +422,7 @@ static void fdt_add_psci_node(void *fdt) ARMCPU *armcpu = ARM_CPU(qemu_get_cpu(0)); const char *psci_method; int64_t psci_conduit; + int rc; psci_conduit = object_property_get_int(OBJECT(armcpu), "psci-conduit", @@ -439,6 +440,15 @@ static void fdt_add_psci_node(void *fdt) g_assert_not_reached(); } + /* + * If /psci node is present in provided DTB, assume that no fixup + * is necessary and all PSCI configuration should be taken as-is + */ + rc = fdt_path_offset(fdt, "/psci"); + if (rc >= 0) { + return; + } + qemu_fdt_add_subnode(fdt, "/psci"); if (armcpu->psci_version == 2) { const char comp[] = "arm,psci-0.2\0arm,psci"; diff --git a/hw/arm/fsl-imx6.c b/hw/arm/fsl-imx6.c index b6ac72de27..9dfbc9a8c4 100644 --- a/hw/arm/fsl-imx6.c +++ b/hw/arm/fsl-imx6.c @@ -37,13 +37,7 @@ static void fsl_imx6_init(Object *obj) char name[NAME_SIZE]; int i; - if (smp_cpus > FSL_IMX6_NUM_CPUS) { - error_report("%s: Only %d CPUs are supported (%d requested)", - TYPE_FSL_IMX6, FSL_IMX6_NUM_CPUS, smp_cpus); - exit(1); - } - - for (i = 0; i < smp_cpus; i++) { + for (i = 0; i < MIN(smp_cpus, FSL_IMX6_NUM_CPUS); i++) { object_initialize(&s->cpu[i], sizeof(s->cpu[i]), "cortex-a9-" TYPE_ARM_CPU); snprintf(name, NAME_SIZE, "cpu%d", i); @@ -119,6 +113,12 @@ static void fsl_imx6_realize(DeviceState *dev, Error **errp) uint16_t i; Error *err = NULL; + if (smp_cpus > FSL_IMX6_NUM_CPUS) { + error_setg(errp, "%s: Only %d CPUs are supported (%d requested)", + TYPE_FSL_IMX6, FSL_IMX6_NUM_CPUS, smp_cpus); + return; + } + for (i = 0; i < smp_cpus; i++) { /* On uniprocessor, the CBAR is set to 0 */ diff --git a/hw/arm/fsl-imx7.c b/hw/arm/fsl-imx7.c index 26ef36c79a..390b4310e6 100644 --- a/hw/arm/fsl-imx7.c +++ b/hw/arm/fsl-imx7.c @@ -35,13 +35,8 @@ static void fsl_imx7_init(Object *obj) char name[NAME_SIZE]; int i; - if (smp_cpus > FSL_IMX7_NUM_CPUS) { - error_report("%s: Only %d CPUs are supported (%d requested)", - TYPE_FSL_IMX7, FSL_IMX7_NUM_CPUS, smp_cpus); - exit(1); - } - for (i = 0; i < smp_cpus; i++) { + for (i = 0; i < MIN(smp_cpus, FSL_IMX7_NUM_CPUS); i++) { object_initialize(&s->cpu[i], sizeof(s->cpu[i]), ARM_CPU_TYPE_NAME("cortex-a7")); snprintf(name, NAME_SIZE, "cpu%d", i); @@ -197,6 +192,12 @@ static void fsl_imx7_realize(DeviceState *dev, Error **errp) qemu_irq irq; char name[NAME_SIZE]; + if (smp_cpus > FSL_IMX7_NUM_CPUS) { + error_setg(errp, "%s: Only %d CPUs are supported (%d requested)", + TYPE_FSL_IMX7, FSL_IMX7_NUM_CPUS, smp_cpus); + return; + } + for (i = 0; i < smp_cpus; i++) { o = OBJECT(&s->cpu[i]); diff --git a/hw/arm/integratorcp.c b/hw/arm/integratorcp.c index e8303b83be..58b40efc19 100644 --- a/hw/arm/integratorcp.c +++ b/hw/arm/integratorcp.c @@ -266,7 +266,6 @@ static const MemoryRegionOps integratorcm_ops = { static void integratorcm_init(Object *obj) { IntegratorCMState *s = INTEGRATOR_CM(obj); - SysBusDevice *dev = SYS_BUS_DEVICE(obj); s->cm_osc = 0x01000048; /* ??? What should the high bits of this value be? */ @@ -276,20 +275,28 @@ static void integratorcm_init(Object *obj) s->cm_init = 0x00000112; s->cm_refcnt_offset = muldiv64(qemu_clock_get_ns(QEMU_CLOCK_VIRTUAL), 24, 1000); - memory_region_init_ram(&s->flash, obj, "integrator.flash", 0x100000, - &error_fatal); - memory_region_init_io(&s->iomem, obj, &integratorcm_ops, s, - "integratorcm", 0x00800000); - sysbus_init_mmio(dev, &s->iomem); - - integratorcm_do_remap(s); /* ??? Save/restore. */ } static void integratorcm_realize(DeviceState *d, Error **errp) { IntegratorCMState *s = INTEGRATOR_CM(d); + SysBusDevice *dev = SYS_BUS_DEVICE(d); + Error *local_err = NULL; + + memory_region_init_ram(&s->flash, OBJECT(d), "integrator.flash", 0x100000, + &local_err); + if (local_err) { + error_propagate(errp, local_err); + return; + } + + memory_region_init_io(&s->iomem, OBJECT(d), &integratorcm_ops, s, + "integratorcm", 0x00800000); + sysbus_init_mmio(dev, &s->iomem); + + integratorcm_do_remap(s); if (s->memsz >= 256) { integrator_spd[31] = 64; diff --git a/hw/block/pflash_cfi01.c b/hw/block/pflash_cfi01.c index 1113ab1ccf..2e8284001d 100644 --- a/hw/block/pflash_cfi01.c +++ b/hw/block/pflash_cfi01.c @@ -90,7 +90,6 @@ struct pflash_t { uint16_t ident1; uint16_t ident2; uint16_t ident3; - uint8_t cfi_len; uint8_t cfi_table[0x52]; uint64_t counter; unsigned int writeblock_size; @@ -153,7 +152,7 @@ static uint32_t pflash_cfi_query(pflash_t *pfl, hwaddr offset) boff = offset >> (ctz32(pfl->bank_width) + ctz32(pfl->max_device_width) - ctz32(pfl->device_width)); - if (boff > pfl->cfi_len) { + if (boff >= sizeof(pfl->cfi_table)) { return 0; } /* Now we will construct the CFI response generated by a single @@ -385,10 +384,10 @@ static uint32_t pflash_read (pflash_t *pfl, hwaddr offset, boff = boff >> 2; } - if (boff > pfl->cfi_len) { - ret = 0; - } else { + if (boff < sizeof(pfl->cfi_table)) { ret = pfl->cfi_table[boff]; + } else { + ret = 0; } } else { /* If we have a read larger than the bank_width, combine multiple @@ -791,7 +790,6 @@ static void pflash_cfi01_realize(DeviceState *dev, Error **errp) pfl->cmd = 0; pfl->status = 0; /* Hardcoded CFI table */ - pfl->cfi_len = 0x52; /* Standard "QRY" string */ pfl->cfi_table[0x10] = 'Q'; pfl->cfi_table[0x11] = 'R'; diff --git a/hw/block/pflash_cfi02.c b/hw/block/pflash_cfi02.c index c81ddd3a99..75d1ae1026 100644 --- a/hw/block/pflash_cfi02.c +++ b/hw/block/pflash_cfi02.c @@ -83,7 +83,6 @@ struct pflash_t { uint16_t ident3; uint16_t unlock_addr0; uint16_t unlock_addr1; - uint8_t cfi_len; uint8_t cfi_table[0x52]; QEMUTimer *timer; /* The device replicates the flash memory across its memory space. Emulate @@ -235,10 +234,11 @@ static uint32_t pflash_read (pflash_t *pfl, hwaddr offset, break; case 0x98: /* CFI query mode */ - if (boff > pfl->cfi_len) - ret = 0; - else + if (boff < sizeof(pfl->cfi_table)) { ret = pfl->cfi_table[boff]; + } else { + ret = 0; + } break; } @@ -663,7 +663,6 @@ static void pflash_cfi02_realize(DeviceState *dev, Error **errp) pfl->cmd = 0; pfl->status = 0; /* Hardcoded CFI table (mostly from SG29 Spansion flash) */ - pfl->cfi_len = 0x52; /* Standard "QRY" string */ pfl->cfi_table[0x10] = 'Q'; pfl->cfi_table[0x11] = 'R'; diff --git a/hw/misc/macio/macio.c b/hw/misc/macio/macio.c index 454244f59e..b74a6572b0 100644 --- a/hw/misc/macio/macio.c +++ b/hw/misc/macio/macio.c @@ -115,6 +115,13 @@ static void macio_common_realize(PCIDevice *d, Error **errp) memory_region_add_subregion(&s->bar, 0x16000, sysbus_mmio_get_region(sysbus_dev, 0)); + qdev_prop_set_uint32(DEVICE(&s->escc), "disabled", 0); + qdev_prop_set_uint32(DEVICE(&s->escc), "frequency", ESCC_CLOCK); + qdev_prop_set_uint32(DEVICE(&s->escc), "it_shift", 4); + qdev_prop_set_chr(DEVICE(&s->escc), "chrA", serial_hds[0]); + qdev_prop_set_chr(DEVICE(&s->escc), "chrB", serial_hds[1]); + qdev_prop_set_uint32(DEVICE(&s->escc), "chnBtype", escc_serial); + qdev_prop_set_uint32(DEVICE(&s->escc), "chnAtype", escc_serial); object_property_set_bool(OBJECT(&s->escc), true, "realized", &err); if (err) { error_propagate(errp, err); @@ -341,13 +348,6 @@ static void macio_instance_init(Object *obj) object_property_add_child(obj, "dbdma", OBJECT(&s->dbdma), NULL); object_initialize(&s->escc, sizeof(s->escc), TYPE_ESCC); - qdev_prop_set_uint32(DEVICE(&s->escc), "disabled", 0); - qdev_prop_set_uint32(DEVICE(&s->escc), "frequency", ESCC_CLOCK); - qdev_prop_set_uint32(DEVICE(&s->escc), "it_shift", 4); - qdev_prop_set_chr(DEVICE(&s->escc), "chrA", serial_hds[0]); - qdev_prop_set_chr(DEVICE(&s->escc), "chrB", serial_hds[1]); - qdev_prop_set_uint32(DEVICE(&s->escc), "chnBtype", escc_serial); - qdev_prop_set_uint32(DEVICE(&s->escc), "chnAtype", escc_serial); qdev_set_parent_bus(DEVICE(&s->escc), sysbus_get_default()); object_property_add_child(obj, "escc", OBJECT(&s->escc), NULL); } diff --git a/hw/ppc/ppc440_uc.c b/hw/ppc/ppc440_uc.c index 976ab2b5d8..e312fdba70 100644 --- a/hw/ppc/ppc440_uc.c +++ b/hw/ppc/ppc440_uc.c @@ -392,8 +392,7 @@ static uint32_t dcr_read_sdr(void *opaque, int dcrn) case SDR0_CFGDATA: switch (sdr->addr) { case SDR0_STRP0: - /* FIXME: Is this correct? This breaks timing in U-Boot */ - ret = 0; /*(0xb5 << 8) | (1 << 4) | 9 */ + ret = (0xb5 << 8) | (1 << 4) | 9; break; case SDR0_STRP1: ret = (5 << 29) | (2 << 26) | (1 << 24); diff --git a/hw/ppc/sam460ex.c b/hw/ppc/sam460ex.c index 70b8e76d9c..dfff262f96 100644 --- a/hw/ppc/sam460ex.c +++ b/hw/ppc/sam460ex.c @@ -67,6 +67,7 @@ IRQ12 = SM502_INT */ +#define CPU_FREQ 1150000000 #define SDRAM_NR_BANKS 4 /* FIXME: See u-boot.git 8ac41e, also fix in ppc440_uc.c */ @@ -253,8 +254,8 @@ static int sam460ex_load_device_tree(hwaddr addr, char *filename; int fdt_size; void *fdt; - uint32_t tb_freq = 50000000; - uint32_t clock_freq = 50000000; + uint32_t tb_freq = CPU_FREQ; + uint32_t clock_freq = CPU_FREQ; filename = qemu_find_file(QEMU_FILE_TYPE_BIOS, BINARY_DEVICE_TREE_FILE); if (!filename) { @@ -416,7 +417,7 @@ static void sam460ex_init(MachineState *machine) boot_info = g_malloc0(sizeof(*boot_info)); env->load_info = boot_info; - ppc_booke_timers_init(cpu, 50000000, 0); + ppc_booke_timers_init(cpu, CPU_FREQ, 0); ppc_dcr_init(env, NULL, NULL); /* PLB arbitrer */ diff --git a/hw/ppc/spapr.c b/hw/ppc/spapr.c index 2c0be8c898..a81570e7c8 100644 --- a/hw/ppc/spapr.c +++ b/hw/ppc/spapr.c @@ -865,6 +865,7 @@ int spapr_h_cas_compose_response(sPAPRMachineState *spapr, /* Create skeleton */ fdt_skel = g_malloc0(size); _FDT((fdt_create(fdt_skel, size))); + _FDT((fdt_finish_reservemap(fdt_skel))); _FDT((fdt_begin_node(fdt_skel, ""))); _FDT((fdt_end_node(fdt_skel))); _FDT((fdt_finish(fdt_skel))); diff --git a/hw/sd/bcm2835_sdhost.c b/hw/sd/bcm2835_sdhost.c index f7f4e656df..ebf3b926c2 100644 --- a/hw/sd/bcm2835_sdhost.c +++ b/hw/sd/bcm2835_sdhost.c @@ -15,6 +15,7 @@ #include "qemu/log.h" #include "sysemu/blockdev.h" #include "hw/sd/bcm2835_sdhost.h" +#include "trace.h" #define TYPE_BCM2835_SDHOST_BUS "bcm2835-sdhost-bus" #define BCM2835_SDHOST_BUS(obj) \ @@ -99,6 +100,7 @@ static void bcm2835_sdhost_update_irq(BCM2835SDHostState *s) { uint32_t irq = s->status & (SDHSTS_BUSY_IRPT | SDHSTS_BLOCK_IRPT | SDHSTS_SDIO_IRPT); + trace_bcm2835_sdhost_update_irq(irq); qemu_set_irq(s->irq, !!irq); } @@ -135,6 +137,12 @@ static void bcm2835_sdhost_send_command(BCM2835SDHostState *s) } #undef RWORD } + /* We never really delay commands, so if this was a 'busywait' command + * then we've completed it now and can raise the interrupt. + */ + if ((s->cmd & SDCMD_BUSYWAIT) && (s->config & SDHCFG_BUSY_IRPT_EN)) { + s->status |= SDHSTS_BUSY_IRPT; + } return; error: @@ -185,18 +193,27 @@ static void bcm2835_sdhost_fifo_run(BCM2835SDHostState *s) n++; if (n == 4) { bcm2835_sdhost_fifo_push(s, value); + s->status |= SDHSTS_DATA_FLAG; + if (s->config & SDHCFG_DATA_IRPT_EN) { + s->status |= SDHSTS_SDIO_IRPT; + } n = 0; value = 0; } } if (n != 0) { bcm2835_sdhost_fifo_push(s, value); + s->status |= SDHSTS_DATA_FLAG; } } else { /* write */ n = 0; while (s->datacnt > 0 && (s->fifo_len > 0 || n > 0)) { if (n == 0) { value = bcm2835_sdhost_fifo_pop(s); + s->status |= SDHSTS_DATA_FLAG; + if (s->config & SDHCFG_DATA_IRPT_EN) { + s->status |= SDHSTS_SDIO_IRPT; + } n = 4; } n--; @@ -205,30 +222,23 @@ static void bcm2835_sdhost_fifo_run(BCM2835SDHostState *s) value >>= 8; } } - } - if (s->datacnt == 0) { - s->status |= SDHSTS_DATA_FLAG; - - s->edm &= ~0xf; - s->edm |= SDEDM_FSM_DATAMODE; - - if (s->config & SDHCFG_DATA_IRPT_EN) { - s->status |= SDHSTS_SDIO_IRPT; - } - - if ((s->cmd & SDCMD_BUSYWAIT) && (s->config & SDHCFG_BUSY_IRPT_EN)) { - s->status |= SDHSTS_BUSY_IRPT; - } - - if ((s->cmd & SDCMD_WRITE_CMD) && (s->config & SDHCFG_BLOCK_IRPT_EN)) { - s->status |= SDHSTS_BLOCK_IRPT; + if (s->datacnt == 0) { + s->edm &= ~SDEDM_FSM_MASK; + s->edm |= SDEDM_FSM_DATAMODE; + trace_bcm2835_sdhost_edm_change("datacnt 0", s->edm); + + if ((s->cmd & SDCMD_WRITE_CMD) && + (s->config & SDHCFG_BLOCK_IRPT_EN)) { + s->status |= SDHSTS_BLOCK_IRPT; + } } - - bcm2835_sdhost_update_irq(s); } + bcm2835_sdhost_update_irq(s); + s->edm &= ~(0x1f << 4); s->edm |= ((s->fifo_len & 0x1f) << 4); + trace_bcm2835_sdhost_edm_change("fifo run", s->edm); } static uint64_t bcm2835_sdhost_read(void *opaque, hwaddr offset, @@ -280,6 +290,8 @@ static uint64_t bcm2835_sdhost_read(void *opaque, hwaddr offset, break; } + trace_bcm2835_sdhost_read(offset, res, size); + return res; } @@ -288,6 +300,8 @@ static void bcm2835_sdhost_write(void *opaque, hwaddr offset, { BCM2835SDHostState *s = (BCM2835SDHostState *)opaque; + trace_bcm2835_sdhost_write(offset, value, size); + switch (offset) { case SDCMD: s->cmd = value; @@ -314,6 +328,7 @@ static void bcm2835_sdhost_write(void *opaque, hwaddr offset, value &= ~0xf; } s->edm = value; + trace_bcm2835_sdhost_edm_change("guest register write", s->edm); break; case SDHCFG: s->config = value; @@ -390,6 +405,7 @@ static void bcm2835_sdhost_reset(DeviceState *dev) s->cmd = 0; s->cmdarg = 0; s->edm = 0x0000c60f; + trace_bcm2835_sdhost_edm_change("device reset", s->edm); s->config = 0; s->hbct = 0; s->hblc = 0; diff --git a/hw/sd/trace-events b/hw/sd/trace-events index 2059ace61f..bfd1d62efc 100644 --- a/hw/sd/trace-events +++ b/hw/sd/trace-events @@ -1,5 +1,11 @@ # See docs/devel/tracing.txt for syntax documentation. +# hw/sd/bcm2835_sdhost.c +bcm2835_sdhost_read(uint64_t offset, uint64_t data, unsigned size) "offset 0x%" PRIx64 " data 0x%" PRIx64 " size %u" +bcm2835_sdhost_write(uint64_t offset, uint64_t data, unsigned size) "offset 0x%" PRIx64 " data 0x%" PRIx64 " size %u" +bcm2835_sdhost_edm_change(const char *why, uint32_t edm) "(%s) EDM now 0x%x" +bcm2835_sdhost_update_irq(uint32_t irq) "IRQ bits 0x%x\n" + # hw/sd/core.c sdbus_command(const char *bus_name, uint8_t cmd, uint32_t arg, uint8_t crc) "@%s CMD%02d arg 0x%08x crc 0x%02x" sdbus_read(const char *bus_name, uint8_t value) "@%s value 0x%02x" diff --git a/iothread.c b/iothread.c index e675c38442..aff1281257 100644 --- a/iothread.c +++ b/iothread.c @@ -117,16 +117,26 @@ static void iothread_instance_finalize(Object *obj) IOThread *iothread = IOTHREAD(obj); iothread_stop(iothread); + /* + * Before glib2 2.33.10, there is a glib2 bug that GSource context + * pointer may not be cleared even if the context has already been + * destroyed (while it should). Here let's free the AIO context + * earlier to bypass that glib bug. + * + * We can remove this comment after the minimum supported glib2 + * version boosts to 2.33.10. Before that, let's free the + * GSources first before destroying any GMainContext. + */ + if (iothread->ctx) { + aio_context_unref(iothread->ctx); + iothread->ctx = NULL; + } if (iothread->worker_context) { g_main_context_unref(iothread->worker_context); iothread->worker_context = NULL; } qemu_cond_destroy(&iothread->init_done_cond); qemu_mutex_destroy(&iothread->init_done_lock); - if (!iothread->ctx) { - return; - } - aio_context_unref(iothread->ctx); } static void iothread_complete(UserCreatable *obj, Error **errp) diff --git a/linux-user/signal.c b/linux-user/signal.c index 046d4c8aa0..8d9e6e8410 100644 --- a/linux-user/signal.c +++ b/linux-user/signal.c @@ -1850,6 +1850,12 @@ static void target_setup_frame(int usig, struct target_sigaction *ka, fr_ofs = layout.total_size; layout.total_size += sizeof(struct target_rt_frame_record); + /* We must always provide at least the standard 4K reserved space, + * even if we don't use all of it (this is part of the ABI) + */ + layout.total_size = MAX(layout.total_size, + sizeof(struct target_rt_sigframe)); + frame_addr = get_sigframe(ka, env, layout.total_size); trace_user_setup_frame(env, frame_addr); if (!lock_user_struct(VERIFY_WRITE, frame, frame_addr, 0)) { diff --git a/migration/migration.c b/migration/migration.c index 58bd382730..52a5092add 100644 --- a/migration/migration.c +++ b/migration/migration.c @@ -306,21 +306,13 @@ static void process_incoming_migration_bh(void *opaque) Error *local_err = NULL; MigrationIncomingState *mis = opaque; - /* Only fire up the block code now if we're going to restart the - * VM, else 'cont' will do it. - * This causes file locking to happen; so we don't want it to happen - * unless we really are starting the VM. - */ - if (autostart && (!global_state_received() || - global_state_get_runstate() == RUN_STATE_RUNNING)) { - /* Make sure all file formats flush their mutable metadata. - * If we get an error here, just don't restart the VM yet. */ - bdrv_invalidate_cache_all(&local_err); - if (local_err) { - error_report_err(local_err); - local_err = NULL; - autostart = false; - } + /* Make sure all file formats flush their mutable metadata. + * If we get an error here, just don't restart the VM yet. */ + bdrv_invalidate_cache_all(&local_err); + if (local_err) { + error_report_err(local_err); + local_err = NULL; + autostart = false; } /* @@ -4467,7 +4467,7 @@ static void monitor_iothread_init(void) * have assumption to be run on main loop thread. It would be * nice that one day we can remove this assumption in the future. */ - mon_global.qmp_dispatcher_bh = aio_bh_new(qemu_get_aio_context(), + mon_global.qmp_dispatcher_bh = aio_bh_new(iohandler_get_aio_context(), monitor_qmp_bh_dispatcher, NULL); diff --git a/roms/u-boot-sam460ex b/roms/u-boot-sam460ex -Subproject 119aa277f74a4a2d3f7ab6c9471292308eba14e +Subproject 8ee007c4216fd6a0d760589e8405ce4494497aa diff --git a/target/arm/helper.c b/target/arm/helper.c index dcb8476d9e..b14fdab140 100644 --- a/target/arm/helper.c +++ b/target/arm/helper.c @@ -9625,9 +9625,9 @@ static bool get_phys_addr_pmsav7(CPUARMState *env, uint32_t address, } if (rsize < TARGET_PAGE_BITS) { qemu_log_mask(LOG_UNIMP, - "DRSR[%d]: No support for MPU (sub)region " - "alignment of %" PRIu32 " bits. Minimum is %d\n", - n, rsize, TARGET_PAGE_BITS); + "DRSR[%d]: No support for MPU (sub)region size of" + " %" PRIu32 " bytes. Minimum is %d.\n", + n, (1 << rsize), TARGET_PAGE_SIZE); continue; } if (srdis) { diff --git a/target/arm/translate.c b/target/arm/translate.c index fc03b5b8c8..db1ce6510a 100644 --- a/target/arm/translate.c +++ b/target/arm/translate.c @@ -9237,11 +9237,14 @@ static void disas_arm_insn(DisasContext *s, unsigned int insn) } } tcg_temp_free_i32(addr); - } else { + } else if ((insn & 0x00300f00) == 0) { + /* 0bcccc_0001_0x00_xxxx_xxxx_0000_1001_xxxx + * - SWP, SWPB + */ + TCGv taddr; TCGMemOp opc = s->be_data; - /* SWP instruction */ rm = (insn) & 0xf; if (insn & (1 << 22)) { @@ -9259,6 +9262,8 @@ static void disas_arm_insn(DisasContext *s, unsigned int insn) get_mem_index(s), opc); tcg_temp_free(taddr); store_reg(s, rd, tmp); + } else { + goto illegal_op; } } } else { diff --git a/target/arm/translate.h b/target/arm/translate.h index c47febf99d..4428c98e2e 100644 --- a/target/arm/translate.h +++ b/target/arm/translate.h @@ -120,7 +120,7 @@ static inline void disas_set_insn_syndrome(DisasContext *s, uint32_t syn) /* We check and clear insn_start_idx to catch multiple updates. */ assert(s->insn_start != NULL); - tcg_set_insn_param(s->insn_start, 2, syn); + tcg_set_insn_start_param(s->insn_start, 2, syn); s->insn_start = NULL; } diff --git a/target/ppc/machine.c b/target/ppc/machine.c index e475206c6a..0634cdb295 100644 --- a/target/ppc/machine.c +++ b/target/ppc/machine.c @@ -190,7 +190,15 @@ static int cpu_pre_save(void *opaque) /* Hacks for migration compatibility between 2.6, 2.7 & 2.8 */ if (cpu->pre_2_8_migration) { - cpu->mig_msr_mask = env->msr_mask; + /* Mask out bits that got added to msr_mask since the versions + * which stupidly included it in the migration stream. */ + target_ulong metamask = 0 +#if defined(TARGET_PPC64) + | (1ULL << MSR_TS0) + | (1ULL << MSR_TS1) +#endif + ; + cpu->mig_msr_mask = env->msr_mask & ~metamask; cpu->mig_insns_flags = env->insns_flags & insns_compat_mask; cpu->mig_insns_flags2 = env->insns_flags2 & insns_compat_mask2; cpu->mig_nb_BATs = env->nb_BATs; diff --git a/target/ppc/translate.c b/target/ppc/translate.c index 218665b408..3457d29f8e 100644 --- a/target/ppc/translate.c +++ b/target/ppc/translate.c @@ -7237,10 +7237,9 @@ static int ppc_tr_init_disas_context(DisasContextBase *dcbase, ctx->sf_mode = msr_is_64bit(env, env->msr); ctx->has_cfar = !!(env->flags & POWERPC_FLAG_CFAR); #endif - if (env->mmu_model == POWERPC_MMU_32B || - env->mmu_model == POWERPC_MMU_601 || - (env->mmu_model & POWERPC_MMU_64B)) - ctx->lazy_tlb_flush = true; + ctx->lazy_tlb_flush = env->mmu_model == POWERPC_MMU_32B + || env->mmu_model == POWERPC_MMU_601 + || (env->mmu_model & POWERPC_MMU_64B); ctx->fpu_enabled = !!msr_fp; if ((env->flags & POWERPC_FLAG_SPE) && msr_spe) @@ -825,6 +825,16 @@ static inline void tcg_set_insn_param(TCGOp *op, int arg, TCGArg v) op->args[arg] = v; } +static inline void tcg_set_insn_start_param(TCGOp *op, int arg, target_ulong v) +{ +#if TARGET_LONG_BITS <= TCG_TARGET_REG_BITS + tcg_set_insn_param(op, arg, v); +#else + tcg_set_insn_param(op, arg * 2, v); + tcg_set_insn_param(op, arg * 2 + 1, v >> 32); +#endif +} + /* The last op that was emitted. */ static inline TCGOp *tcg_last_op(void) { diff --git a/tests/boot-serial-test.c b/tests/boot-serial-test.c index 5b24cd26c1..011525d8cf 100644 --- a/tests/boot-serial-test.c +++ b/tests/boot-serial-test.c @@ -79,12 +79,14 @@ static testdef_t tests[] = { { "ppc", "40p", "-boot d", "Booting from device d" }, { "ppc", "g3beige", "", "PowerPC,750" }, { "ppc", "mac99", "", "PowerPC,G4" }, + { "ppc", "sam460ex", "-m 256", "DRAM: 256 MiB" }, { "ppc64", "ppce500", "", "U-Boot" }, { "ppc64", "prep", "-boot e", "Booting from device e" }, { "ppc64", "40p", "-m 192", "Memory size: 192 MB" }, { "ppc64", "mac99", "", "PowerPC,970FX" }, { "ppc64", "pseries", "", "Open Firmware" }, { "ppc64", "powernv", "-cpu POWER8", "OPAL" }, + { "ppc64", "sam460ex", "-device e1000", "8086 100e" }, { "i386", "isapc", "-cpu qemu32 -device sga", "SGABIOS" }, { "i386", "pc", "-device sga", "SGABIOS" }, { "i386", "q35", "-device sga", "SGABIOS" }, diff --git a/tests/qemu-iotests/183 b/tests/qemu-iotests/183 index 20268ff7a1..c49e1ad6ef 100755 --- a/tests/qemu-iotests/183 +++ b/tests/qemu-iotests/183 @@ -43,7 +43,7 @@ trap "_cleanup; exit \$status" 0 1 2 3 15 . ./common.filter . ./common.qemu -_supported_fmt qcow2 raw qed dmg quorum +_supported_fmt qcow2 raw qed quorum _supported_proto file _supported_os Linux diff --git a/tests/qemu-iotests/185 b/tests/qemu-iotests/185 index f5b47e4c1a..298d88d04e 100755 --- a/tests/qemu-iotests/185 +++ b/tests/qemu-iotests/185 @@ -92,9 +92,8 @@ echo === Start commit job and exit qemu === echo # Note that the reference output intentionally includes the 'offset' field in -# BLOCK_JOB_CANCELLED events for all of the following block jobs. They are -# predictable and any change in the offsets would hint at a bug in the job -# throttling code. +# BLOCK_JOB_* events for all of the following block jobs. They are predictable +# and any change in the offsets would hint at a bug in the job throttling code. # # In order to achieve these predictable offsets, all of the following tests # use speed=65536. Each job will perform exactly one iteration before it has @@ -102,11 +101,14 @@ echo # command to be received (after receiving the command, the rest runs # synchronously, so jobs can arbitrarily continue or complete). # +# Jobs present while QEMU is terminating iterate once more due to +# bdrv_drain_all(). +# # The buffer size for commit and streaming is 512k (waiting for 8 seconds after # the first request), for active commit and mirror it's large enough to cover # the full 4M, and for backup it's the qcow2 cluster size, which we know is # 64k. As all of these are at least as large as the speed, we are sure that the -# offset doesn't advance after the first iteration before qemu exits. +# offset advances exactly twice before qemu exits. _send_qemu_cmd $h \ "{ 'execute': 'block-commit', diff --git a/tests/qemu-iotests/185.out b/tests/qemu-iotests/185.out index 57eaf8d699..2c4b04de73 100644 --- a/tests/qemu-iotests/185.out +++ b/tests/qemu-iotests/185.out @@ -20,7 +20,7 @@ Formatting 'TEST_DIR/t.qcow2', fmt=qcow2 size=67108864 backing_file=TEST_DIR/t.q {"return": {}} {"return": {}} {"timestamp": {"seconds": TIMESTAMP, "microseconds": TIMESTAMP}, "event": "SHUTDOWN", "data": {"guest": false}} -{"timestamp": {"seconds": TIMESTAMP, "microseconds": TIMESTAMP}, "event": "BLOCK_JOB_CANCELLED", "data": {"device": "disk", "len": 67108864, "offset": 524288, "speed": 65536, "type": "commit"}} +{"timestamp": {"seconds": TIMESTAMP, "microseconds": TIMESTAMP}, "event": "BLOCK_JOB_CANCELLED", "data": {"device": "disk", "len": 67108864, "offset": 1048576, "speed": 65536, "type": "commit"}} === Start active commit job and exit qemu === @@ -28,16 +28,18 @@ Formatting 'TEST_DIR/t.qcow2', fmt=qcow2 size=67108864 backing_file=TEST_DIR/t.q {"return": {}} {"return": {}} {"timestamp": {"seconds": TIMESTAMP, "microseconds": TIMESTAMP}, "event": "SHUTDOWN", "data": {"guest": false}} -{"timestamp": {"seconds": TIMESTAMP, "microseconds": TIMESTAMP}, "event": "BLOCK_JOB_CANCELLED", "data": {"device": "disk", "len": 4194304, "offset": 4194304, "speed": 65536, "type": "commit"}} +{"timestamp": {"seconds": TIMESTAMP, "microseconds": TIMESTAMP}, "event": "BLOCK_JOB_READY", "data": {"device": "disk", "len": 4194304, "offset": 4194304, "speed": 65536, "type": "commit"}} +{"timestamp": {"seconds": TIMESTAMP, "microseconds": TIMESTAMP}, "event": "BLOCK_JOB_COMPLETED", "data": {"device": "disk", "len": 4194304, "offset": 4194304, "speed": 65536, "type": "commit"}} === Start mirror job and exit qemu === {"return": {}} Formatting 'TEST_DIR/t.qcow2.copy', fmt=qcow2 size=67108864 cluster_size=65536 lazy_refcounts=off refcount_bits=16 {"return": {}} +{"timestamp": {"seconds": TIMESTAMP, "microseconds": TIMESTAMP}, "event": "BLOCK_JOB_READY", "data": {"device": "disk", "len": 4194304, "offset": 4194304, "speed": 65536, "type": "mirror"}} {"return": {}} {"timestamp": {"seconds": TIMESTAMP, "microseconds": TIMESTAMP}, "event": "SHUTDOWN", "data": {"guest": false}} -{"timestamp": {"seconds": TIMESTAMP, "microseconds": TIMESTAMP}, "event": "BLOCK_JOB_CANCELLED", "data": {"device": "disk", "len": 4194304, "offset": 4194304, "speed": 65536, "type": "mirror"}} +{"timestamp": {"seconds": TIMESTAMP, "microseconds": TIMESTAMP}, "event": "BLOCK_JOB_COMPLETED", "data": {"device": "disk", "len": 4194304, "offset": 4194304, "speed": 65536, "type": "mirror"}} === Start backup job and exit qemu === @@ -46,7 +48,7 @@ Formatting 'TEST_DIR/t.qcow2.copy', fmt=qcow2 size=67108864 cluster_size=65536 l {"return": {}} {"return": {}} {"timestamp": {"seconds": TIMESTAMP, "microseconds": TIMESTAMP}, "event": "SHUTDOWN", "data": {"guest": false}} -{"timestamp": {"seconds": TIMESTAMP, "microseconds": TIMESTAMP}, "event": "BLOCK_JOB_CANCELLED", "data": {"device": "disk", "len": 67108864, "offset": 65536, "speed": 65536, "type": "backup"}} +{"timestamp": {"seconds": TIMESTAMP, "microseconds": TIMESTAMP}, "event": "BLOCK_JOB_CANCELLED", "data": {"device": "disk", "len": 67108864, "offset": 131072, "speed": 65536, "type": "backup"}} === Start streaming job and exit qemu === @@ -54,6 +56,6 @@ Formatting 'TEST_DIR/t.qcow2.copy', fmt=qcow2 size=67108864 cluster_size=65536 l {"return": {}} {"return": {}} {"timestamp": {"seconds": TIMESTAMP, "microseconds": TIMESTAMP}, "event": "SHUTDOWN", "data": {"guest": false}} -{"timestamp": {"seconds": TIMESTAMP, "microseconds": TIMESTAMP}, "event": "BLOCK_JOB_CANCELLED", "data": {"device": "disk", "len": 67108864, "offset": 524288, "speed": 65536, "type": "stream"}} +{"timestamp": {"seconds": TIMESTAMP, "microseconds": TIMESTAMP}, "event": "BLOCK_JOB_CANCELLED", "data": {"device": "disk", "len": 67108864, "offset": 1048576, "speed": 65536, "type": "stream"}} No errors were found on the image. *** done diff --git a/tests/qemu-iotests/194 b/tests/qemu-iotests/194 index 1d4214aca3..d746ab1e21 100755 --- a/tests/qemu-iotests/194 +++ b/tests/qemu-iotests/194 @@ -21,7 +21,7 @@ import iotests -iotests.verify_image_format(supported_fmts=['qcow2', 'qed', 'raw', 'dmg']) +iotests.verify_image_format(supported_fmts=['qcow2', 'qed', 'raw']) iotests.verify_platform(['linux']) with iotests.FilePath('source.img') as source_img_path, \ diff --git a/tests/qemu-iotests/205 b/tests/qemu-iotests/205 index e7b2eae51d..31b2f5707a 100755 --- a/tests/qemu-iotests/205 +++ b/tests/qemu-iotests/205 @@ -153,4 +153,4 @@ class TestNbdServerRemove(iotests.QMPTestCase): if __name__ == '__main__': - iotests.main() + iotests.main(supported_fmts=['generic']) diff --git a/tests/qemu-iotests/208 b/tests/qemu-iotests/208 index 18f59ada94..1e202388dc 100755 --- a/tests/qemu-iotests/208 +++ b/tests/qemu-iotests/208 @@ -22,6 +22,8 @@ import iotests +iotests.verify_image_format(supported_fmts=['generic']) + with iotests.FilePath('disk.img') as disk_img_path, \ iotests.FilePath('disk-snapshot.img') as disk_snapshot_img_path, \ iotests.FilePath('nbd.sock') as nbd_sock_path, \ diff --git a/tests/qemu-iotests/iotests.py b/tests/qemu-iotests/iotests.py index b5d7945af8..b25d48a91b 100644 --- a/tests/qemu-iotests/iotests.py +++ b/tests/qemu-iotests/iotests.py @@ -470,18 +470,15 @@ class QMPTestCase(unittest.TestCase): def wait_until_completed(self, drive='drive0', check_offset=True): '''Wait for a block job to finish, returning the event''' - completed = False - while not completed: + while True: for event in self.vm.get_qmp_events(wait=True): if event['event'] == 'BLOCK_JOB_COMPLETED': self.assert_qmp(event, 'data/device', drive) self.assert_qmp_absent(event, 'data/error') if check_offset: self.assert_qmp(event, 'data/offset', event['data']['len']) - completed = True - - self.assert_no_active_block_jobs() - return event + self.assert_no_active_block_jobs() + return event def wait_ready(self, drive='drive0'): '''Wait until a block job BLOCK_JOB_READY event''' @@ -532,9 +529,17 @@ def notrun(reason): sys.exit(0) def verify_image_format(supported_fmts=[], unsupported_fmts=[]): - if supported_fmts and (imgfmt not in supported_fmts): - notrun('not suitable for this image format: %s' % imgfmt) - if unsupported_fmts and (imgfmt in unsupported_fmts): + assert not (supported_fmts and unsupported_fmts) + + if 'generic' in supported_fmts and \ + os.environ.get('IMGFMT_GENERIC', 'true') == 'true': + # similar to + # _supported_fmt generic + # for bash tests + return + + not_sup = supported_fmts and (imgfmt not in supported_fmts) + if not_sup or (imgfmt in unsupported_fmts): notrun('not suitable for this image format: %s' % imgfmt) def verify_platform(supported_oses=['linux']): @@ -553,7 +558,8 @@ def verify_quorum(): if not supports_quorum(): notrun('quorum support missing') -def main(supported_fmts=[], supported_oses=['linux'], supported_cache_modes=[]): +def main(supported_fmts=[], supported_oses=['linux'], supported_cache_modes=[], + unsupported_fmts=[]): '''Run tests''' global debug @@ -568,7 +574,7 @@ def main(supported_fmts=[], supported_oses=['linux'], supported_cache_modes=[]): debug = '-d' in sys.argv verbosity = 1 - verify_image_format(supported_fmts) + verify_image_format(supported_fmts, unsupported_fmts) verify_platform(supported_oses) verify_cache_mode(supported_cache_modes) |