* split the old SysBus init function into an instance_init
and a Device realize function
* use DeviceClass::realize instead of SysBusDeviceClass::init
Signed-off-by: xiaoqiang zhao
---
hw/timer/m48t59.c | 35 ++-
1 file changed, 18 insertions(+), 17 deletions(-)
rename slavio_timer_init1 to slavio_timer_init and assign
it to slavio_timer_info.instance_init, then we drop the
SysBusDeviceClass::init
Signed-off-by: xiaoqiang zhao
---
hw/timer/slavio_timer.c | 12 +---
1 file changed, 5 insertions(+), 7 deletions(-)
diff --git a/hw/timer/slavio_tim
Drop the old SysBus init function and use instance_init
Signed-off-by: xiaoqiang zhao
---
hw/misc/slavio_misc.c | 43 +--
1 file changed, 17 insertions(+), 26 deletions(-)
diff --git a/hw/misc/slavio_misc.c b/hw/misc/slavio_misc.c
index edd5de0..e1a706e 1
Drop the old SysBus init function and use instance_init
and an realize function
Signed-off-by: xiaoqiang zhao
---
hw/dma/sparc32_dma.c | 25 +++--
1 file changed, 15 insertions(+), 10 deletions(-)
diff --git a/hw/dma/sparc32_dma.c b/hw/dma/sparc32_dma.c
index 9d545e4..ef4c6a
Drop the old SysBusDeviceClass::init and use instance_init
or DeviceClass::realize instead
Signed-off-by: xiaoqiang zhao
---
hw/sparc64/sun4u.c | 20 +---
1 file changed, 9 insertions(+), 11 deletions(-)
diff --git a/hw/sparc64/sun4u.c b/hw/sparc64/sun4u.c
index 3165e18..aac4cb5
Drop the old SysBus init function and use instance_init
Signed-off-by: xiaoqiang zhao
---
hw/dma/sun4m_iommu.c | 12 +---
1 file changed, 5 insertions(+), 7 deletions(-)
diff --git a/hw/dma/sun4m_iommu.c b/hw/dma/sun4m_iommu.c
index b3cbc54..335ef63 100644
--- a/hw/dma/sun4m_iommu.c
+++
assign DeviceClass::vmsd instead of using vmstate_register function
Signed-off-by: xiaoqiang zhao
---
hw/timer/m48t59.c | 26 --
1 file changed, 24 insertions(+), 2 deletions(-)
diff --git a/hw/timer/m48t59.c b/hw/timer/m48t59.c
index 39e425e..6afcce4 100644
--- a/hw/tim
Drop the old SysBusDeviceClass::init and use instance_init
or DeviceClass::realize instead
Signed-off-by: xiaoqiang zhao
---
hw/sparc/sun4m.c | 54 +++---
1 file changed, 19 insertions(+), 35 deletions(-)
diff --git a/hw/sparc/sun4m.c b/hw/sparc/s
* Split the old SysBus init into an instance_init and a
DeviceClass::realize function
* Drop the old SysBus init function and use instance_init
Signed-off-by: xiaoqiang zhao
---
hw/misc/eccmemctl.c | 25 -
1 file changed, 16 insertions(+), 9 deletions(-)
diff --git a/h
This patch set aims for QOM'ifying code relate with sparc.
It is part of my QOM'ify work of qemu code base.
xiaoqiang zhao (9):
hw/misc: QOM'ify eccmemctl.c
hw/dma: QOM'ify sparc32_dma.c
hw/dma: QOM'ify sun4m_iommu.c
hw/misc: QOM'ify slavio_misc.c
hw/timer: QOM'ify m48txx_sysbus (pass 1)
+-- On Sat, 22 Oct 2016, Peter Maydell wrote --+
| Secondly, it's almost the same as this cleanup
| patch from Thomas Huth that's already in qemu-trivial:
| http://patchwork.ozlabs.org/patch/681349/
|
| except that your version is removing the !
| negations from the return value.
|
| Can you expl
On 10/22/2016 08:01 PM, Marek Vasut wrote:
For signed division, you have to protect against 0x8000 / -1 as
well, which raises an overflow exception on the x86 host.
You mean similar to what mips does on OPC_DIV vs OPC_DIVU , right ?
Yes.
No CPU_LOG_TB_IN_ASM disassembly? I thought patc
On 10/20/2016 04:35 PM, Richard Henderson wrote:
> On 10/20/2016 06:44 AM, Marek Vasut wrote:
>> +typedef struct Nios2Instruction {
>> +void (*handler)(DisasContext *dc, uint32_t code, TCGMemOp
>> flags);
>> +uint32_t flags;
>> +} Nios2Instruction;
>
> I gave you some bad advice wrt t
> Begin forwarded message:
>
> From: Rafael David Tinoco
> Subject: Re: [Qemu-devel] [PATCH] vhost: secure vhost shared log files using
> argv paremeter
> Date: October 22, 2016 at 19:52:31 GMT-2
> To: Marc-André Lureau
> Cc: Rafael David Tinoco , qemu-devel
>
>
> Hello,
>
>> On Oct 22, 201
> Begin forwarded message:
>
> From: Marc-André Lureau
> Subject: Re: [Qemu-devel] [PATCH] vhost: secure vhost shared log files using
> argv paremeter
> Date: October 22, 2016 at 05:18:02 GMT-2
> To: Rafael David Tinoco
> Cc: QEMU
>
> Hi
>
> On Sat, Oct 22, 2016 at 10:01 AM Rafael David Tino
Hello,
> On Oct 22, 2016, at 05:18, Marc-André Lureau
> wrote:
>
> Hi
>
> On Sat, Oct 22, 2016 at 10:01 AM Rafael David Tinoco
> wrote:
> Commit 31190ed7 added a migration blocker in vhost_dev_init() to
> check if memfd would succeed. It is better if this blocker first
> checks if vhost back
Rather than using helpers for physical accesses, use a mmu index.
The primary cleanup is with store-conditional on physical addresses.
Signed-off-by: Richard Henderson
---
target-alpha/cpu.h| 18 +---
target-alpha/helper.c | 8 ++
target-alpha/helper.h | 9 --
t
Commit 31190ed7 added a migration blocker in vhost_dev_init() to
check if memfd would succeed. It is better if this blocker first
checks if vhost backend requires shared log. This will avoid a
situation where a blocker is added inappropriately (e.g. shared
log allocation fails when vhost backend do
On 10/21/2016 09:38 AM, Peter Maydell wrote:
The typedefs we use for the TCGv_i32, TCGv_i64 and TCGv_ptr
types are somewhat confusing, because we define them as
pointers to structs, but the structs themselves are never
defined. Explain in the comments a bit more clearly why
this is OK and what is
From: "Emilio G. Cota"
The exception is not emitted anymore; remove it and the associated
TCG variables.
Reviewed-by: Alex Bennée
Signed-off-by: Emilio G. Cota
Signed-off-by: Richard Henderson
Message-Id: <1467054136-10430-31-git-send-email-c...@braap.org>
---
target-arm/cpu.h | 17 +++
From: "Emilio G. Cota"
Signed-off-by: Emilio G. Cota
Message-Id: <1467054136-10430-25-git-send-email-c...@braap.org>
Signed-off-by: Richard Henderson
---
target-arm/translate.c | 26 ++
1 file changed, 14 insertions(+), 12 deletions(-)
diff --git a/target-arm/translate
Emulating LL/SC with cmpxchg is not correct, since it can
suffer from the ABA problem. However, portable parallel
code is written assuming only cmpxchg which means that in
practice this is a viable alternative.
Signed-off-by: Richard Henderson
---
linux-user/main.c| 49
From: "Emilio G. Cota"
The diff here is uglier than necessary. All this does is to turn
FOO
into:
if (s->prefix & PREFIX_LOCK) {
BAR
} else {
FOO
}
where FOO is the original implementation of an unlocked cmpxchg.
[rth: Adjust unlocked cmpxchg to use movcond instead of branches.
Adjust he
From: "Emilio G. Cota"
With this microbenchmark we can measure the overhead of emulating atomic
instructions with a configurable degree of contention.
The benchmark spawns $n threads, each performing $o atomic ops (additions)
in a loop. Each atomic operation is performed on a different cache lin
From: "Emilio G. Cota"
Emulating LL/SC with cmpxchg is not correct, since it can
suffer from the ABA problem. Portable parallel code, however,
is written assuming only cmpxchg--and not LL/SC--is available.
This means that in practice emulating LL/SC with cmpxchg is
a viable alternative.
The appe
From: "Emilio G. Cota"
Signed-off-by: Emilio G. Cota
Message-Id: <1467054136-10430-19-git-send-email-c...@braap.org>
Signed-off-by: Richard Henderson
---
target-i386/translate.c | 8 ++--
1 file changed, 2 insertions(+), 6 deletions(-)
diff --git a/target-i386/translate.c b/target-i386/tr
From: "Emilio G. Cota"
The exception is not emitted anymore.
Reviewed-by: Alex Bennée
Signed-off-by: Emilio G. Cota
Signed-off-by: Richard Henderson
Message-Id: <1467054136-10430-29-git-send-email-c...@braap.org>
---
linux-user/main.c | 93
From: "Emilio G. Cota"
[rth: Merge gen_inc_locked back into gen_inc to share cc update.]
Signed-off-by: Emilio G. Cota
Message-Id: <1467054136-10430-14-git-send-email-c...@braap.org>
Signed-off-by: Richard Henderson
---
target-i386/translate.c | 24 +---
1 file changed, 13
From: "Emilio G. Cota"
[rth: Avoid qemu_load that's redundant with the atomic op.]
Signed-off-by: Emilio G. Cota
Message-Id: <1467054136-10430-15-git-send-email-c...@braap.org>
Signed-off-by: Richard Henderson
---
target-i386/translate.c | 26 --
1 file changed, 20 ins
From: "Emilio G. Cota"
Emulating LL/SC with cmpxchg is not correct, since it can
suffer from the ABA problem. Portable parallel code, however,
is written assuming only cmpxchg--and not LL/SC--is available.
This means that in practice emulating LL/SC with cmpxchg is
a viable alternative.
The appe
From: "Emilio G. Cota"
The exception is not emitted anymore.
Reviewed-by: Alex Bennée
Signed-off-by: Emilio G. Cota
Signed-off-by: Richard Henderson
Message-Id: <1467054136-10430-30-git-send-email-c...@braap.org>
---
linux-user/main.c | 125 ---
From: "Emilio G. Cota"
[rth: Eliminate some unnecessary temporaries.]
Signed-off-by: Emilio G. Cota
Message-Id: <1467054136-10430-13-git-send-email-c...@braap.org>
Signed-off-by: Richard Henderson
---
target-i386/translate.c | 76 +
1 file chang
We already include exec/address-spaces.h and exec/memory.h in
cputlb.c; the include of qemu/timer.h appears to be a fossil.
Reviewed-by: Emilio G. Cota
Reviewed-by: Alex Bennée
Signed-off-by: Richard Henderson
---
softmmu_template.h | 4
1 file changed, 4 deletions(-)
diff --git a/softmm
From: "Emilio G. Cota"
It's been superseded by the atomic helpers.
The use of the atomic helpers provides a significant performance and scalability
improvement. Below is the result of running the atomic_add-test microbenchmark
with:
$ x86_64-linux-user/qemu-x86_64 tests/atomic_add-bench -o 500
Stop specializing on TARGET_LONG_BITS == 32; unconditionally allocate
a temp and expand with tcg_gen_extu_i32_tl. Split out gen_aa32_addr,
gen_aa32_frob64, gen_aa32_ld_i32 and gen_aa32_st_i32 as separate interfaces.
Reviewed-by: Alex Bennée
Signed-off-by: Richard Henderson
---
target-arm/trans
Reviewed-by: Emilio G. Cota
Reviewed-by: Alex Bennée
Signed-off-by: Richard Henderson
---
cputlb.c | 21 +
softmmu_template.h | 23 ---
2 files changed, 21 insertions(+), 23 deletions(-)
diff --git a/cputlb.c b/cputlb.c
index 5575b73..0c9b77b 1
Allow qemu to build on 32-bit hosts without 64-bit atomic ops.
Even if we only allow 32-bit hosts to multi-thread emulate 32-bit
guests, we still need some way to handle the 32-bit guest using a
64-bit atomic operation. Do so by dropping back to single-step.
Reviewed-by: Emilio G. Cota
Reviewed
Saves 2k code size off of a cold path.
Reviewed-by: Emilio G. Cota
Reviewed-by: Alex Bennée
Signed-off-by: Richard Henderson
---
cputlb.c | 37 +
softmmu_template.h | 52 ++--
2 files changed, 47 inse
From: "Emilio G. Cota"
[rth: Avoid redundant qemu_ld in locked case. Fix previously unnoticed
incorrect zero-extension of address in register-offset case.]
Signed-off-by: Emilio G. Cota
Message-Id: <1467054136-10430-18-git-send-email-c...@braap.org>
Signed-off-by: Richard Henderson
---
targe
From: Alex Bennée
The variable parallel_cpus controls the generation of thread aware
atomic code. We only need to set it once we clone our first thread.
At this point any existing translations need to be thrown away.
Reviewed-by: Emilio G. Cota
Signed-off-by: Alex Bennée
Signed-off-by: Richar
From: "Emilio G. Cota"
[rth: Move load of reg value to common location.]
Signed-off-by: Emilio G. Cota
Message-Id: <1467054136-10430-17-git-send-email-c...@braap.org>
Signed-off-by: Richard Henderson
---
target-i386/translate.c | 15 ++-
1 file changed, 10 insertions(+), 5 deletio
Add all of cmpxchg, op_fetch, fetch_op, and xchg.
Handle both endian-ness, and sizes up to 8.
Handle expanding non-atomically, when emulating in serial.
Reviewed-by: Emilio G. Cota
Reviewed-by: Alex Bennée
Signed-off-by: Richard Henderson
---
Makefile.objs | 2 +-
Makefile.target
Reviewed-by: Emilio G. Cota
Reviewed-by: Alex Bennée
Signed-off-by: Richard Henderson
---
exec.c| 4 ++--
include/qemu/int128.h | 10 ++
2 files changed, 12 insertions(+), 2 deletions(-)
diff --git a/exec.c b/exec.c
index e63c5a1..0096a54 100644
--- a/exec.c
+++ b/exec
Reviewed-by: Emilio G. Cota
Reviewed-by: Alex Bennée
Signed-off-by: Richard Henderson
---
cputlb.c | 16
softmmu_template.h | 7 ++-
2 files changed, 10 insertions(+), 13 deletions(-)
diff --git a/cputlb.c b/cputlb.c
index 3c99c34..5575b73 100644
--- a/cputlb.c
From: "Emilio G. Cota"
[rth: Move redundant qemu_load out of cmpxchg loop.]
Signed-off-by: Emilio G. Cota
Message-Id: <1467054136-10430-16-git-send-email-c...@braap.org>
Signed-off-by: Richard Henderson
---
target-i386/translate.c | 38 ++
1 file changed, 3
Reviewed-by: Emilio G. Cota
Reviewed-by: Alex Bennée
Signed-off-by: Richard Henderson
---
tcg/tcg-op.c | 12 +---
1 file changed, 1 insertion(+), 11 deletions(-)
diff --git a/tcg/tcg-op.c b/tcg/tcg-op.c
index cdd61d6..bb2bfee 100644
--- a/tcg/tcg-op.c
+++ b/tcg/tcg-op.c
@@ -150,17 +150
Force the use of cmpxchg16b on x86_64.
Wikipedia suggests that only very old AMD64 (circa 2004) did not have
this instruction. Further, it's required by Windows 8 so no new cpus
will ever omit it.
If we truely care about these, then we could check this at startup time
and then avoid executing pa
Allows Int128 to be used more generally, rather than having to
begin with 64-bit inputs and accumulate.
Reviewed-by: Emilio G. Cota
Reviewed-by: Alex Bennée
Signed-off-by: Richard Henderson
---
include/qemu/int128.h | 20 +++-
1 file changed, 15 insertions(+), 5 deletions(-)
d
Reviewed-by: Emilio G. Cota
Reviewed-by: Alex Bennée
Signed-off-by: Richard Henderson
---
include/qemu/int128.h | 135 +-
tests/test-int128.c | 22
2 files changed, 145 insertions(+), 12 deletions(-)
diff --git a/include/qemu/int128.h
ble in the git repository at:
git://github.com/rth7680/qemu.git tags/pull-atomic-20161022
for you to fetch changes up to 278c5beb29ef8b6747a7c9bde403e9fe90cdad9c:
target-alpha: Emulate LL/SC using cmpxchg helpers (2016-10-20 11:0
From: "Emilio G. Cota"
This paves the way for upcoming work.
Reviewed-by: Alex Bennée
Signed-off-by: Emilio G. Cota
Signed-off-by: Richard Henderson
Message-Id: <1467054136-10430-8-git-send-email-c...@braap.org>
---
include/qemu/atomic.h | 4
1 file changed, 4 insertions(+)
diff --git
From: "Emilio G. Cota"
This paves the way for upcoming work.
Reviewed-by: Alex Bennée
Signed-off-by: Emilio G. Cota
Signed-off-by: Richard Henderson
Message-Id: <1467054136-10430-9-git-send-email-c...@braap.org>
---
include/qemu/atomic.h | 17 +
1 file changed, 17 insertions(
TGT_LE and TGT_BE are not size dependent and do not need to be
redefined. The others are no longer used at all.
Reviewed-by: Emilio G. Cota
Reviewed-by: Alex Bennée
Signed-off-by: Richard Henderson
---
cputlb.c | 8
softmmu_template.h | 22 --
2 files c
On Sat, 22 Oct 2016 11:10:59 +0200
Thorsten Kohfeldt wrote:
> Hi *,
>
> this came to my mind when browsing the sources in the patch's vicinity.
>
> It is just a collection of thoughts, so please don't feel offended
> about how I phrased certain statements.
>
>
> Questions
>
> Is mr->opaque a
Signed-off-by: Pradeep Jagadeesh
---
fsdev/Makefile.objs | 1 +
fsdev/file-op-9p.h | 3 +
fsdev/qemu-fsdev-opts.c | 76 +++
fsdev/qemu-fsdev-throttle.c | 147
fsdev/qemu-fsdev-throttle.h | 37 +++
On 22 October 2016 at 13:09, P J P wrote:
> From: Prasad J Pandit
>
> NVME Express Controller has two queues, submission & completion
> queue. When creating a new queue object, 'nvme_create_sq' and
> 'nvme_create_cq' routines incorrectly check the queue id field.
> It could lead to an OOB access
From: Prasad J Pandit
NVME Express Controller has two queues, submission & completion
queue. When creating a new queue object, 'nvme_create_sq' and
'nvme_create_cq' routines incorrectly check the queue id field.
It could lead to an OOB access issue. Correct the queue id check
to avoid it.
Report
Use common allocator for CharDriverState.
Signed-off-by: Marc-André Lureau
---
hw/bt/hci-csr.c | 19 +--
1 file changed, 13 insertions(+), 6 deletions(-)
diff --git a/hw/bt/hci-csr.c b/hw/bt/hci-csr.c
index bf2deb0..e2c78b8 100644
--- a/hw/bt/hci-csr.c
+++ b/hw/bt/hci-csr.c
@@ -
No need to allocate & copy fileds, let's use static const struct
instead.
Signed-off-by: Marc-André Lureau
---
backends/baum.c | 7 ++--
backends/msmouse.c| 6 ++--
backends/testdev.c| 6 ++--
qemu-char.c | 89 +++
spice-
No need to count the users of a CharDriverState, it can rely on the fact
of whether there is a CharBackend associated or if there is enough space
in the muxer.
Simplify and fold chr_mux_new_fe() in qemu_chr_fe_init() since there is
a single user now. Also switch from fprintf to raising error inste
Use a single allocation for CharDriverState, this avoids extra
allocations & pointers, and is a step towards more object-oriented
CharDriver.
Signed-off-by: Marc-André Lureau
---
backends/baum.c | 23 ++---
backends/msmouse.c| 16 +--
backends/testdev.c| 22 ++--
gdbstub.c
Use a feature flag rather than a structure field for "replay".
Signed-off-by: Marc-André Lureau
---
qemu-char.c | 33 -
include/sysemu/char.h | 3 ++-
2 files changed, 22 insertions(+), 14 deletions(-)
diff --git a/qemu-char.c b/qemu-char.c
index 654d6
Usage has long been removed, since commit f220174de8d9.
Signed-off-by: Marc-André Lureau
---
hw/usb/ccid-card-passthru.c | 2 --
hw/usb/dev-serial.c | 2 --
include/sysemu/char.h | 1 -
3 files changed, 5 deletions(-)
diff --git a/hw/usb/ccid-card-passthru.c b/hw/usb/ccid-card-pas
Signed-off-by: Marc-André Lureau
---
tests/test-char.c | 253 +
tests/Makefile.include | 4 +
2 files changed, 257 insertions(+)
create mode 100644 tests/test-char.c
diff --git a/tests/test-char.c b/tests/test-char.c
new file mode 100644
in
This allows to remove the "is_mux" field from CharDriverState.
Signed-off-by: Marc-André Lureau
---
monitor.c | 2 +-
qemu-char.c | 19 +--
include/sysemu/char.h | 15 +--
3 files changed, 23 insertions(+), 13 deletions(-)
diff --git a/monitor.
It's only used in qmp_chardev_add(), so use a create() argument instead.
Also switched to typedef functions for CharDriverParse/CharDriverCreate.
Signed-off-by: Marc-André Lureau
---
backends/baum.c | 1 +
backends/msmouse.c| 3 ++-
backends/testdev.c| 1 +
qemu-char.c
Now that all front end use qemu_chr_fe_init(), we can move chardev
claiming in init(), and add a function deinit() to release the chardev
and cleanup handlers.
The qemu_chr_fe_claim_no_fail() for property are gone, since the
property will raise an error instead. In other cases, where there is
alre
qemu_chr_accept_input() and qemu_chr_disconnect() are only used by
frontend, so use qemu_chr_fe prefix.
Signed-off-by: Marc-André Lureau
---
hw/char/bcm2835_aux.c | 2 +-
hw/char/cadence_uart.c| 4 ++--
hw/char/escc.c| 2 +-
hw/char/imx_serial.c | 4 ++--
hw/char/ipoctal
Signed-off-by: Marc-André Lureau
---
qemu-char.c | 3 +--
1 file changed, 1 insertion(+), 2 deletions(-)
diff --git a/qemu-char.c b/qemu-char.c
index f386dcd..2408e97 100644
--- a/qemu-char.c
+++ b/qemu-char.c
@@ -4751,8 +4751,7 @@ ChardevReturn *qmp_chardev_add(const char *id,
ChardevBackend *
Store the property in a CharBackend instead of CharDriverState*. This
also replace systematically chr by chr.chr to access the
CharDriverState*. The following patches will replace it with calls to
qemu_chr_fe CharBackend functions.
Signed-off-by: Marc-André Lureau
---
hw/arm/pxa2xx.c
No need to keep explicit_fe_open around if it affects only a
qemu_chr_fe_set_handlers(). Use an additional argument instead.
Signed-off-by: Marc-André Lureau
---
backends/rng-egd.c | 2 +-
gdbstub.c | 2 +-
hw/arm/pxa2xx.c | 2 +-
hw/arm/strongarm.c
This shorten a bit the code.
Signed-off-by: Marc-André Lureau
---
qemu-char.c | 100 +---
1 file changed, 34 insertions(+), 66 deletions(-)
diff --git a/qemu-char.c b/qemu-char.c
index a52e0ba..735a518 100644
--- a/qemu-char.c
+++ b/qemu-c
This new structure is meant to keep the details associated with a char
driver usage. On initialization, it gets a tag from the mux backend.
It can change its handlers thanks to qemu_chr_fe_set_handlers().
This structure is introduced so that all frontend will be moved to hold
and use a CharBackend
This may help to catch unhandled cases, and avoid having to maintain
numbering.
Signed-off-by: Marc-André Lureau
---
include/sysemu/char.h | 12 +++-
1 file changed, 7 insertions(+), 5 deletions(-)
diff --git a/include/sysemu/char.h b/include/sysemu/char.h
index 43da4ac..de0d99b 100644
This also switches from qemu_chr_add_handlers() to
qemu_chr_fe_set_handlers(). Note that qemu_chr_fe_set_handlers() now
takes the focus when fe_open (qemu_chr_add_handlers() did take the
focus)
Signed-off-by: Marc-André Lureau
---
backends/rng-egd.c | 13 ++--
gdbstub.c
This makes the code more declarative, and avoids to duplicate the
information on all instances.
Signed-off-by: Marc-André Lureau
---
backends/baum.c | 13 +-
backends/msmouse.c| 14 +-
backends/testdev.c| 10 +-
gdbstub.c | 7 +-
hw/bt/hci-csr.c | 8 +-
qem
ASAN complains about buffer overflow when running:
aarch64-softmmu/qemu-system-aarch64 -machine xilinx-zynq-a9
==476==ERROR: AddressSanitizer: heap-buffer-overflow on address 0x60235e38
at pc 0x00f75253 bp 0x7ffc597e0ec0 sp 0x7ffc597e0eb0
READ of size 8 at 0x60235e38 thread T0
#0
The fe_open state belongs to front end.
Signed-off-by: Marc-André Lureau
---
qemu-char.c | 7 ---
include/sysemu/char.h | 2 +-
2 files changed, 5 insertions(+), 4 deletions(-)
diff --git a/qemu-char.c b/qemu-char.c
index e52c3af..81a593b 100644
--- a/qemu-char.c
+++ b/qemu-char.c
All the queues share the same chardev. Initialize only the first queue
CharBackend, and pass it to other queues. This will allow to claim the
chardev only once in a later change.
Signed-off-by: Marc-André Lureau
---
net/vhost-user.c | 29 +
1 file changed, 13 insertio
Number and kinds of backends is known at compile-time, use a fixed-sized
static array to simplify iterations & lookups.
Signed-off-by: Marc-André Lureau
---
backends/baum.c | 2 +-
backends/msmouse.c| 2 +-
backends/testdev.c| 2 +-
qemu-char.c | 117 +++
The CharDriverState.init() callback was introduced in commit
ceecf1d158. It is only called from text_console_do_init(), but it is no
longer set since commit a61ae7f88 (init assignment has been removed by
accident).
It seems correct to use an event callback instead and print the console
text on CHR
In most cases, front ends do not care about the side effect of
CharBackend, so we can simply skip the checks and call the qemu_chr_fe
functions even without associated CharDriver.
Signed-off-by: Marc-André Lureau
---
hw/arm/pxa2xx.c | 8 +++-
hw/arm/strongarm.c| 16 ++-
qemu_chr_add_handlers*() have been removed in previous change, so the
common qemu_chr_set_handlers() is no longer needed.
Signed-off-by: Marc-André Lureau
---
qemu-char.c | 78 ++-
include/sysemu/char.h | 3 +-
2 files changed, 35 insert
I introduced this function in d61b0c9a2f7f, but it isn't
used. Furthermore, it was incomplete, as it would need to translate QEMU
chr events to Spice port events.
(presumably it was used in the follow-up NBD-spice series that was not
completed: http://lists.gnu.org/archive/html/qemu-devel/2013-11/
Since commit b6607a1a204d, serial_hds_isa_init() was introduced to
factor out serial_isa_init() loops. However, sun4uv shouldn't start from
0 when there is a mm serial on 0 already. Add a "from" argument to
serial_hds_isa_init().
Signed-off-by: Marc-André Lureau
---
hw/alpha/dp264.c | 2
Start using qemu_chr_fe* CharBackend functions:
initialize a CharBackend and use qemu_chr_fe_set_handlers().
Signed-off-by: Marc-André Lureau
---
qemu-char.c | 24
1 file changed, 12 insertions(+), 12 deletions(-)
diff --git a/qemu-char.c b/qemu-char.c
index 9722fb6..b4
Make qemu_chr_add_handlers_full() aware of mux handling. This allows
introduction of a tag associated with the fe handlers and a
qemu_chr_set_handlers() function to set the handler for a particular
tag. That will allow to get rid of qemu_chr_add_handlers*() in later
changes, in favor of qemu_chr_fe
It should return the number of written bytes.
Signed-off-by: Marc-André Lureau
---
qemu-char.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/qemu-char.c b/qemu-char.c
index 9165051..650943d 100644
--- a/qemu-char.c
+++ b/qemu-char.c
@@ -3328,7 +3328,7 @@ static int ringbuf_
The function is used to free the backend opaque pointer, let's name it
accordingly.
Signed-off-by: Marc-André Lureau
---
backends/baum.c | 4 ++--
backends/msmouse.c| 4 ++--
backends/testdev.c| 4 ++--
qemu-char.c | 58 +
DEFINE_PROP_CHR is not used (rng is not of TYPE_DEVICE)
Signed-off-by: Marc-André Lureau
---
backends/rng-egd.c | 1 -
1 file changed, 1 deletion(-)
diff --git a/backends/rng-egd.c b/backends/rng-egd.c
index ba17c07..0f6d0af 100644
--- a/backends/rng-egd.c
+++ b/backends/rng-egd.c
@@ -15,7 +15,
Found by reviewing the code, win_stdio_close() is called by
qemu_chr_free() which then call qemu_chr_free_common() taking care of
freeing CharDriverState*.
Signed-off-by: Marc-André Lureau
---
qemu-char.c | 1 -
1 file changed, 1 deletion(-)
diff --git a/qemu-char.c b/qemu-char.c
index d83a896.
The CharDriverState.init() callback is no longer set since commit
a61ae7f88ce and thus unused. The only user, the malta FGPA display has
been converted to use an event "opened" callback instead.
Signed-off-by: Marc-André Lureau
---
gdbstub.c | 2 +-
hmp.c |
Since the hanlders are associated with a CharBackend, rather than the
CharDriverState, it is more appropriate to store in CharBackend. This
avoids the handler copy dance in qemu_chr_fe_set_handlers() then
mux_chr_update_read_handler(), by storing the CharBackend pointer
directly.
Also a mux CharDr
From: Benjamin Herrenschmidt
It adds the Naples chip which supports proper LPC interrupts via the
LPC controller rather than via an external CPLD.
Signed-off-by: Benjamin Herrenschmidt
[clg: - updated for qemu-2.7
- ported on latest PowerNV patchset (v3) ]
Signed-off-by: Cédric Le Goater
Hi,
This is a followup of the series "[PATCH 0/9] Fix mux regression
(commit 949055a2)". Paolo suggested a new API for qemu_chr_fe_* taking
a new CharBackend* structure as argument, and modifying properties to
hold such structure. I followed his advise in the series, and it turns
out to bring some
This provides access to the MMIO based Interrupt Presentation
Controllers (ICP) as found on a POWER8 system.
A new XICSNative class is introduced to hold the MMIO region of the
ICPs. Each thread of the system has a subregion, indexed by its PIR
number, holding a XIVE (External Interrupt Vector Ent
This factors out claiming of chardev, and changes the call to
non-fatal to return an error like the rest of the chardev checks.
Signed-off-by: Marc-André Lureau
---
net/colo-compare.c | 13 +++--
1 file changed, 7 insertions(+), 6 deletions(-)
diff --git a/net/colo-compare.c b/net/colo-
From: Benjamin Herrenschmidt
The OCC is an on-chip microcontroller based on a ppc405 core used
for various power management tasks. It comes with a pile of additional
hardware sitting on the PIB (aka XSCOM bus). At this point we don't
emulate it (nor plan to do so). However there is one facility w
From: Benjamin Herrenschmidt
The PSI (Processor Service Interface) is one of the engines of the
"Bridge" unit which connects the different interfaces to the Power
Processor.
This adds just enough of the PSI bridge to handle various on-chip and
the one external interrupt. The rest of PSI has to d
From: Benjamin Herrenschmidt
The LPC (Low Pin Count) interface on a POWER8 is made accessible to
the system through the ADU (XSCOM interface). This interface is part
of set of units connected together via a local OPB (On-Chip Peripheral
Bus) which act as a bridge between the ADU and the off chip
1 - 100 of 121 matches
Mail list logo
