Move target cpu tcg initialization to common code,
called from cpu_exec_realizefn.
Acked-by: NAndreas Färber <afaerber@suse.de>
Reviewed-by: NEmilio G. Cota <cota@braap.org>
Reviewed-by: NPhilippe Mathieu-Daudé <f4bug@amsat.org>
Signed-off-by: NRichard Henderson <richard.henderson@linaro.org>

When we used structures for TCGv_*, we needed a macro in order to
perform a comparison.  Now that we use pointers, this is just clutter.
Reviewed-by: NPhilippe Mathieu-Daudé <f4bug@amsat.org>
Reviewed-by: NEmilio G. Cota <cota@braap.org>
Signed-off-by: NRichard Henderson <richard.henderson@linaro.org>

The GET and MAKE functions weren't really specific enough.
We now have a full complement of functions that convert exactly
between temporaries, arguments, tcgv pointers, and indices.

The target/sparc change is also a bug fix, which would have affected
a host that defines TCG_TARGET_HAS_extr[lh]_i64_i32, i.e. MIPS64.
Reviewed-by: NEmilio G. Cota <cota@braap.org>
Signed-off-by: NRichard Henderson <richard.henderson@linaro.org>

Reviewed-by: NPhilippe Mathieu-Daudé <f4bug@amsat.org>
Reviewed-by: NEmilio G. Cota <cota@braap.org>
Signed-off-by: NRichard Henderson <richard.henderson@linaro.org>

Transform TCGv_* to an "argument" or a temporary.
For now, an argument is simply the temporary index.
Reviewed-by: NPhilippe Mathieu-Daudé <f4bug@amsat.org>
Reviewed-by: NEmilio G. Cota <cota@braap.org>
Signed-off-by: NRichard Henderson <richard.henderson@linaro.org>

Reviewed-by: NPhilippe Mathieu-Daudé <f4bug@amsat.org>
Reviewed-by: NEmilio G. Cota <cota@braap.org>
Signed-off-by: NRichard Henderson <richard.henderson@linaro.org>

Reviewed-by: NPhilippe Mathieu-Daudé <f4bug@amsat.org>
Reviewed-by: NEmilio G. Cota <cota@braap.org>
Signed-off-by: NRichard Henderson <richard.henderson@linaro.org>

While we're touching many of the lines anyway, adjust the naming
of the functions to better distinguish when "TCGArg" vs "TCGTemp"
should be used.
Reviewed-by: NEmilio G. Cota <cota@braap.org>
Signed-off-by: NRichard Henderson <rth@twiddle.net>

Reviewed-by: NEmilio G. Cota <cota@braap.org>
Reviewed-by: NAlex Bennée <alex.bennee@linaro.org>
Signed-off-by: NRichard Henderson <rth@twiddle.net>

Reviewed-by: NPhilippe Mathieu-Daudé <f4bug@amsat.org>
Reviewed-by: NEmilio G. Cota <cota@braap.org>
Signed-off-by: NRichard Henderson <rth@twiddle.net>

Copy s->nb_globals or s->nb_temps to a local variable for the purposes
of iteration.  This should allow the compiler to use low-overhead
looping constructs on some hosts.
Reviewed-by: NPhilippe Mathieu-Daudé <f4bug@amsat.org>
Reviewed-by: NEmilio G. Cota <cota@braap.org>
Reviewed-by: NAlex Bennée <alex.bennee@linaro.org>
Signed-off-by: NRichard Henderson <rth@twiddle.net>

This avoids having to allocate external memory for each temporary.
Reviewed-by: NEmilio G. Cota <cota@braap.org>
Signed-off-by: NRichard Henderson <rth@twiddle.net>

At the same time, drop the TCGContext argument and use tcg_ctx instead.
Reviewed-by: NPhilippe Mathieu-Daudé <f4bug@amsat.org>
Reviewed-by: NEmilio G. Cota <cota@braap.org>
Signed-off-by: NRichard Henderson <rth@twiddle.net>

Reviewed-by: NPhilippe Mathieu-Daudé <f4bug@amsat.org>
Reviewed-by: NEmilio G. Cota <cota@braap.org>
Signed-off-by: NRichard Henderson <rth@twiddle.net>

This avoids needing to test the index of a temp against nb_globals.
Reviewed-by: NPhilippe Mathieu-Daudé <f4bug@amsat.org>
Reviewed-by: NEmilio G. Cota <cota@braap.org>
Signed-off-by: NRichard Henderson <rth@twiddle.net>

Reviewed-by: NEmilio G. Cota <cota@braap.org>
Reviewed-by: NAlex Bennée <alex.bennee@linaro.org>
Signed-off-by: NRichard Henderson <rth@twiddle.net>

Reviewed-by: NEmilio G. Cota <cota@braap.org>
Reviewed-by: NAlex Bennée <alex.bennee@linaro.org>
Signed-off-by: NRichard Henderson <rth@twiddle.net>

Reviewed-by: NEmilio G. Cota <cota@braap.org>
Reviewed-by: NAlex Bennée <alex.bennee@linaro.org>
Signed-off-by: NRichard Henderson <rth@twiddle.net>

Reviewed-by: NEmilio G. Cota <cota@braap.org>
Reviewed-by: NAlex Bennée <alex.bennee@linaro.org>
Signed-off-by: NRichard Henderson <rth@twiddle.net>

Rather than have a separate buffer of 10*max_ops entries,
give each opcode 10 entries.  The result is actually a bit
smaller and should have slightly more cache locality.
Reviewed-by: NEmilio G. Cota <cota@braap.org>
Signed-off-by: NRichard Henderson <rth@twiddle.net>

usb: ccid fix.

# gpg: Signature made Mon 23 Oct 2017 09:45:00 BST
# gpg:                using RSA key 0x4CB6D8EED3E87138
# gpg: Good signature from "Gerd Hoffmann (work) <kraxel@redhat.com>"
# gpg:                 aka "Gerd Hoffmann <gerd@kraxel.org>"
# gpg:                 aka "Gerd Hoffmann (private) <kraxel@gmail.com>"
# Primary key fingerprint: A032 8CFF B93A 17A7 9901  FE7D 4CB6 D8EE D3E8 7138

* remotes/kraxel/tags/usb-20171023-pull-request:
  usb-ccid: remove needless migration state code
Signed-off-by: NPeter Maydell <peter.maydell@linaro.org>

fixes for the fallout of the recent ui and keymap merges.

# gpg: Signature made Mon 23 Oct 2017 09:02:24 BST
# gpg:                using RSA key 0x4CB6D8EED3E87138
# gpg: Good signature from "Gerd Hoffmann (work) <kraxel@redhat.com>"
# gpg:                 aka "Gerd Hoffmann <gerd@kraxel.org>"
# gpg:                 aka "Gerd Hoffmann (private) <kraxel@gmail.com>"
# Primary key fingerprint: A032 8CFF B93A 17A7 9901  FE7D 4CB6 D8EE D3E8 7138

* remotes/kraxel/tags/fixes-20171023-pull-request:
  scripts: don't throw away stderr when checking out git submodules
  ui: add qemu-keymap and shader to .gitignore
  configure: disable qemu-keymap for linux-user qemu
Signed-off-by: NPeter Maydell <peter.maydell@linaro.org>

OpenRISC SMP patchset 20171021

# gpg: Signature made Fri 20 Oct 2017 22:51:16 BST
# gpg:                using RSA key 0xC3B31C2D5E6627E4
# gpg: Good signature from "Stafford Horne <shorne@gmail.com>"
# gpg: WARNING: This key is not certified with a trusted signature!
# gpg:          There is no indication that the signature belongs to the owner.
# Primary key fingerprint: D9C4 7354 AEF8 6C10 3A25  EFF1 C3B3 1C2D 5E66 27E4

* remotes/shorne/tags/openrisc-20171021-smp-pr:
  openrisc: Only kick cpu on timeout, not on update
  openrisc: Initial SMP support
  openrisc/cputimer: Perparation for Multicore
  target/openrisc: Make coreid and numcores variable
  openrisc/ompic: Add OpenRISC Multicore PIC (OMPIC)
Signed-off-by: NPeter Maydell <peter.maydell@linaro.org>

This code appears to be unused since its introduction. We need to keep
the state_vmstate field byte in VMState for compatibility reasons.
Signed-off-by: NMarc-André Lureau <marcandre.lureau@redhat.com>
Message-id: 20171013125533.9153-1-marcandre.lureau@redhat.com
Signed-off-by: NGerd Hoffmann <kraxel@redhat.com>

The stderr from git is important if git fails to checkout modules
due to network problems, or other unexpected errors.
Signed-off-by: NDaniel P. Berrange <berrange@redhat.com>
Reviewed-by: NPeter Maydell <peter.maydell@linaro.org>
Message-id: 20171020130748.22983-1-berrange@redhat.com
Signed-off-by: NGerd Hoffmann <kraxel@redhat.com>

Signed-off-by: NGerd Hoffmann <kraxel@redhat.com>
Reviewed-by: NEric Blake <eblake@redhat.com>
Message-id: 20171020070914.7785-1-kraxel@redhat.com

We don't need qemu-keymap when we build only linux-user qemu.

When we compile in static mode, the libxkbcommon is detected
by configure if the shared one is available, but cannot
be linked if the static version is not available.

As we don't need it for qemu-linux-user, and we generally need
a static link to use it in a chroot, disable qemu-keymap in
this case.
Signed-off-by: NLaurent Vivier <laurent@vivier.eu>
Message-id: 20171019191606.14129-1-laurent@vivier.eu
Signed-off-by: NGerd Hoffmann <kraxel@redhat.com>

Previously we were kicking the cpu on every update.  This caused
problems noticeable in SMP configurations where one CPU got pinned
continuously servicing timer exceptions.
Reviewed-by: NRichard Henderson <richard.henderson@linaro.org>
Signed-off-by: NStafford Horne <shorne@gmail.com>

Wire in ompic and add basic support for SMP.  The OpenRISC is special in
that interrupts for devices are routed to each core's PIC.  This is
achieved using the qemu_irq_split utility, but this currently limits
OpenRISC to 2 cores.

This models the reference architecture described in the OpenRISC spec
1.2 proposal.

  https://github.com/stffrdhrn/doc/raw/arch-1.2-proposal/openrisc-arch-1.2-rev0.pdf

The changes to the intialization of the sim include:

CPU Reset
 o Reset each cpu to the bootstrap PC rather than only a single cpu as
   done before.
 o During Kernel loading the bootstrap PC is saved in a static global.

Network Initialization
 o Connect the interrupt to each CPU
 o Use more simple sysbus_mmio_map() rather than memory_region_add_subregion()

Sim Initialization
 o Initialize the pic and tick timer per cpu
 o Wire in the OMPIC if SMP is enabled
 o Wire the serial irq to each CPU using qemu_irq_split()
Reviewed-by: NRichard Henderson <richard.henderson@linaro.org>
Signed-off-by: NStafford Horne <shorne@gmail.com>

In order to support multicore system we move some of the previously
static state variables into the state of each core.

On the other hand in order to allow timers to be synced between each
code the ttcr (tick timer count register) is moved out of the core.
This is not as per real hardware spec which has a separate timer counter
per core, but it seems the most simple way to keep each clock in sync.
Reviewed-by: NRichard Henderson <richard.henderson@linaro.org>
Signed-off-by: NStafford Horne <shorne@gmail.com>

Previously coreid and numcores were hard coded as 0 and 1 respectively
as OpenRISC QEMU did not have multicore support.

Multicore support is now being added so these registers need to have
configured values.
Reviewed-by: NRichard Henderson <richard.henderson@linaro.org>
Signed-off-by: NStafford Horne <shorne@gmail.com>

Add OpenRISC Multicore PIC which handles inter processor interrupts
(IPI) between cores.  In OpenRISC all device interrupts are routed to
each core enabling this device to be simple.
Reviewed-by: NRichard Henderson <richard.henderson@linaro.org>
Signed-off-by: NStafford Horne <shorne@gmail.com>

# gpg: Signature made Fri 20 Oct 2017 13:02:25 BST
# gpg:                using RSA key 0x9CA4ABB381AB73C8
# gpg: Good signature from "Stefan Hajnoczi <stefanha@redhat.com>"
# gpg:                 aka "Stefan Hajnoczi <stefanha@gmail.com>"
# Primary key fingerprint: 8695 A8BF D3F9 7CDA AC35  775A 9CA4 ABB3 81AB 73C8

* remotes/stefanha/tags/block-pull-request:
  oslib-posix: Fix compiler warning and some data types
Signed-off-by: NPeter Maydell <peter.maydell@linaro.org>

The last big chunk of s390x changes:
- (experimental) smp support under tcg
- provide the virtio-input devices for virtio-ccw
- improve error handling in the css code
- enable some simple virtio tests for s390x
- low-address protection in tcg
- some more cleanups and fixes

# gpg: Signature made Fri 20 Oct 2017 12:49:22 BST
# gpg:                using RSA key 0xDECF6B93C6F02FAF
# gpg: Good signature from "Cornelia Huck <conny@cornelia-huck.de>"
# gpg:                 aka "Cornelia Huck <huckc@linux.vnet.ibm.com>"
# gpg:                 aka "Cornelia Huck <cornelia.huck@de.ibm.com>"
# gpg:                 aka "Cornelia Huck <cohuck@kernel.org>"
# gpg:                 aka "Cornelia Huck <cohuck@redhat.com>"
# Primary key fingerprint: C3D0 D66D C362 4FF6 A8C0  18CE DECF 6B93 C6F0 2FAF

* remotes/cohuck/tags/s390x-20171020: (46 commits)
  s390x/tcg: low-address protection support
  accel/tcg: allow to invalidate a write TLB entry immediately
  tests: Enable the very simple virtio tests on s390x, too
  libqtest: Add qtest_[v]startf()
  s390x: refactor error handling for MSCH handler
  s390x: refactor error handling for HSCH handler
  s390x: refactor error handling for CSCH handler
  s390x: refactor error handling for XSCH handler
  s390x: improve error handling for SSCH and RSCH
  s390x/css: IO instr handler ending control
  s390x: move s390x_new_cpu() into board code
  s390x: fix cpu object referrence leak in s390x_new_cpu()
  s390x/event-facility: variable-length event masks
  s390x/MAINTAINERS: add mailing list
  virtio-ccw: Add the virtio-input devices for CCW bus
  target/s390x: special handling when starting a CPU with WAIT PSW
  s390x/tcg: refactor stfl(e) to use s390_get_feat_block()
  s390x/tcg: unlock NMI
  s390x/cpumodel: allow to enable SENSE RUNNING STATUS for qemu
  s390x/tcg: switch to new SIGP handling code
  ...
Signed-off-by: NPeter Maydell <peter.maydell@linaro.org>

# gpg: Signature made Fri 20 Oct 2017 07:30:45 BST
# gpg:                using RSA key 0xCA35624C6A9171C6
# gpg: Good signature from "Fam Zheng <famz@redhat.com>"
# gpg: WARNING: This key is not certified with sufficiently trusted signatures!
# gpg:          It is not certain that the signature belongs to the owner.
# Primary key fingerprint: 5003 7CB7 9706 0F76 F021  AD56 CA35 624C 6A91 71C6

* remotes/famz/tags/docker-pull-request:
  docker: Fix PATH for ccache
  docker: fix out-of-tree 'make docker-test-build@debian-powerpc-cross'
  docker: allow running from srcdir != builddir build
  docker: cleanup temp directory after test
  docker: Don't allocate tty unless DEBUG=1
Signed-off-by: NPeter Maydell <peter.maydell@linaro.org>

This is a neat way to implement low address protection, whereby
only the first 512 bytes of the first two pages (each 4096 bytes) of
every address space are protected.

Store a tec of 0 for the access exception, this is what is defined by
Enhanced Suppression on Protection in case of a low address protection
(Bit 61 set to 0, rest undefined).

We have to make sure to to pass the access address, not the masked page
address into mmu_translate*().

Drop the check from testblock. So we can properly test this via
kvm-unit-tests.

This will check every access going through one of the MMUs.
Reviewed-by: NRichard Henderson <richard.henderson@linaro.org>
Signed-off-by: NDavid Hildenbrand <david@redhat.com>
Message-Id: <20171016202358.3633-3-david@redhat.com>
[CH: restored error message for access register mode]
Signed-off-by: NCornelia Huck <cohuck@redhat.com>

Background: s390x implements Low-Address Protection (LAP). If LAP is
enabled, writing to effective addresses (before any translation)
0-511 and 4096-4607 triggers a protection exception.

So we have subpage protection on the first two pages of every address
space (where the lowcore - the CPU private data resides).

By immediately invalidating the write entry but allowing the caller to
continue, we force every write access onto these first two pages into
the slow path. we will get a tlb fault with the specific accessed
addresses and can then evaluate if protection applies or not.

We have to make sure to ignore the invalid bit if tlb_fill() succeeds.
Signed-off-by: NDavid Hildenbrand <david@redhat.com>
Message-Id: <20171016202358.3633-2-david@redhat.com>
Signed-off-by: NCornelia Huck <cohuck@redhat.com>

These tests can easily be used on s390x, too. We just have to make
sure to use the virtio-xxx-ccw devices instead of virtio-xxx-pci.
Signed-off-by: NThomas Huth <thuth@redhat.com>
Message-Id: <1508336428-20511-3-git-send-email-thuth@redhat.com>
Reviewed-by: NEric Blake <eblake@redhat.com>
Acked-by: NMichael S. Tsirkin <mst@redhat.com>
Acked-by: NChristian Borntraeger <borntraeger@de.ibm.com>
Signed-off-by: NCornelia Huck <cohuck@redhat.com>

We have several callers that were formatting the argument strings
themselves; consolidate this effort by adding new convenience
functions directly in libqtest, and update some call-sites that
can benefit from it.

Note that the new functions qtest_startf() and qtest_vstartf()
behave more like qtest_init() (the caller must assign global_qtest
after the fact, rather than getting it implicitly set).  This helps
us prepare for future patches that get rid of the global variable,
by explicitly highlighting which tests still depend on it now.
Signed-off-by: NEric Blake <eblake@redhat.com>
[thuth: Dropped the hunks that do not apply cleanly to qemu master
 yet and added the missing g_free(args) in qtest_vstartf()]
Signed-off-by: NThomas Huth <thuth@redhat.com>
Message-Id: <1508336428-20511-2-git-send-email-thuth@redhat.com>
Acked-by: NMichael S. Tsirkin <mst@redhat.com>
Signed-off-by: NCornelia Huck <cohuck@redhat.com>

Simplify the error handling of the MSCH.  Let the code detecting the
condition tell (in a less ambiguous way) how it's to be handled. No
changes in behavior.
Signed-off-by: NHalil Pasic <pasic@linux.vnet.ibm.com>
Message-Id: <20171017140453.51099-8-pasic@linux.vnet.ibm.com>
[CH: fix return code for fctl != 0]
Reviewed-by: NDong Jia Shi <bjsdjshi@linux.vnet.ibm.com>
Signed-off-by: NCornelia Huck <cohuck@redhat.com>