Commit graph

1818 commits

Author SHA1 Message Date
Richard Henderson 9299329349
tcg: Work around clang bug wrt enum ranges, part 2
A previous patch patch changed the type of REG from int
to enum TCGReg, which provokes the following bug in clang:

https://llvm.org/bugs/show_bug.cgi?id=16154

Backports commit 869938ae2a284fe730cb6f807ea0f9e324e0f87c from qemu
2018-02-20 19:12:49 -05:00
Peter Maydell 547fabd58e
osdep.h: Include config-target.h if NEED_CPU_H is defined
NEED_CPU_H is the define we use to distinguish per-target object
compilation from common object compilation. For the former, we must
also include config-target.h so that the .c files see the necessary
CONFIG_ constants.

Backports commit b1e34d1c3a9059e87719634bfc4db53174d63e14 from qemu
2018-02-20 19:11:07 -05:00
Peter Maydell c41bb9a772
osdep.h: Define macros for the benefit of C++ before C++11
For C++ before C++11, <stdint.h> requires definition of the macros
__STDC_CONSTANT_MACROS, __STDC_LIMIT_MACROS and __STDC_FORMAT_MACROS
in order to enable definition of various macros by the header file.
Define these in osdep.h, so that we get the right header file
definitions whether osdep.h is being used by plain C, C++11 or
older C++.

In particular libvixl's header files depend on this and won't
compile if osdep.h is included before them otherwise.

Backports commit 79f56d82f805b170fa2be8c04b682117be56483f from qemu
2018-02-20 19:09:58 -05:00
Lioncash 6094a0373c
softfloat: Remove lingering fast casts 2018-02-20 19:04:22 -05:00
Lioncash c17fa2cad3
osdep.h: Remove int_fast*_t Solaris compatibility code
We now do not use the int_fast*_t types anywhere in QEMU, so we can
remove the compatibility definitions we were providing for the
benefit of ancient Solaris versions.

Backports commit 50fe4df8ee6aba63ae51457bad40ba26e3c9746f from qemu
2018-02-20 18:58:53 -05:00
Peter Maydell 36551f59bb
fpu: Use plain 'int' rather than 'int_fast16_t' for exponents
Use the plain 'int' type rather than 'int_fast16_t' for handling
exponents. Exponents don't need to be exactly 16 bits, so using int16_t
for them would confuse more than it clarified.

This should be a safe change because int_fast16_t semantics
permit use of 'int' (and on 32-bit glibc that is what you get).

Backports commit 0c48262d4772d40677364199372fb6ffcf487558 from qemu
2018-02-20 18:57:32 -05:00
Peter Maydell 9d0463feed
fpu: Use plain 'int' rather than 'int_fast16_t' for shift counts
Use the plain 'int' type rather than 'int_fast16_t' for shift counts
in the various shift related functions, since we don't actually care
about the size of the integer at all here, and using int16_t would
be confusing.

This should be a safe change because int_fast16_t semantics
permit use of 'int' (and on 32-bit glibc that is what you get).

Backports commit 07d792d2b08669bf6a97cbf590496078c4621068 from qemu
2018-02-20 17:01:17 -05:00
Peter Maydell 68cbe1b2ce
fpu: Remove use of int_fast16_t in conversions to int16
Make the functions which convert floating point to 16 bit integer
return int16_t rather than int_fast16_t, and correspondingly use
int_fast16_t in their internal implementations where appropriate.

(These functions are used only by the ARM target.)

Backports commit 0bb721d7217ed4a1abb44f521c5c7ec185062d58 from qemu
2018-02-20 16:54:04 -05:00
Peter Maydell 69d31fbbab
target-mips: Stop using uint_fast*_t types in r4k_tlb_t struct
The r4k_tlb_t structure uses the uint_fast*_t types. Most of these
uses are in bitfields and are thus pointless, because the bitfield
itself specifies the width of the type; just use 'unsigned int'
instead. (On glibc uint_fast16_t is defined as either 32 or 64 bits,
so we know the code is not reliant on it being exactly 16 bits.)
There is also one use of uint_fast8_t, which we replace with uint8_t,
because both are exactly 8 bits on glibc and this is the only
place outside the softfloat code which uses an int_fast*_t type.

Backports commit d783f78933b212537ece77c7ec66866cc2bc0f4d from qemu
2018-02-20 16:48:03 -05:00
Eric Blake e096e62127
qapi: Don't box branches of flat unions
There's no reason to do two malloc's for a flat union; let's just
inline the branch struct directly into the C union branch of the
flat union.

Surprisingly, fewer clients were actually using explicit references
to the branch types in comparison to the number of flat unions
thus modified.

This lets us reduce the hack in qapi-types:gen_variants() added in
the previous patch; we no longer need to distinguish between
alternates and flat unions.

The change to unboxed structs means that u.data (added in commit
cee2dedb) is now coincident with random fields of each branch of
the flat union, whereas beforehand it was only coincident with
pointers (since all branches of a flat union have to be objects).
Note that this was already the case for simple unions - but there
we got lucky. Remember, visit_start_union() blindly returns true
for all visitors except for the dealloc visitor, where it returns
the value !!obj->u.data, and that this result then controls
whether to proceed with the visit to the variant. Pre-patch,
this meant that flat unions were testing whether the boxed pointer
was still NULL, and thereby skipping visit_end_implicit_struct()
and avoiding a NULL dereference if the pointer had not been
allocated. The same was true for simple unions where the current
branch had pointer type, except there we bypassed visit_type_FOO().
But for simple unions where the current branch had scalar type, the
contents of that scalar meant that the decision to call
visit_type_FOO() was data-dependent - the reason we got lucky there
is that visit_type_FOO() for all scalar types in the dealloc visitor
is a no-op (only the pointer variants had anything to free), so it
did not matter whether the dealloc visit was skipped. But with this
patch, we would risk leaking memory if we could skip a call to
visit_type_FOO_fields() based solely on a data-dependent decision.

But notice: in the dealloc visitor, visit_type_FOO() already handles
a NULL obj - it was only the visit_type_implicit_FOO() that was
failing to check for NULL. And now that we have refactored things to
have the branch be part of the parent struct, we no longer have a
separate pointer that can be NULL in the first place. So we can just
delete the call to visit_start_union() altogether, and blindly visit
the branch type; there is no change in behavior except to the dealloc
visitor, where we now unconditionally visit the branch, but where that
visit is now always safe (for a flat union, we can no longer
dereference NULL, and for a simple union, visit_type_FOO() was already
safely handling NULL on pointer types).

Unfortunately, simple unions are not as easy to switch to unboxed
layout; because we are special-casing the hidden implicit type with
a single 'data' member, we really DO need to keep calling another
layer of visit_start_struct(), with a second malloc; although there
are some cleanups planned for simple unions in later patches.

visit_start_union() and gen_visit_implicit_struct() are now unused.
Drop them.

Note that after this patch, the only remaining use of
visit_start_implicit_struct() is for alternate types; the next patch
will do further cleanup based on that fact.

Backports commit 544a3731591f5d53e15f22de00ce5ac758d490b3 from qemu
2018-02-20 16:44:55 -05:00
Eric Blake 12dabf0640
qapi: Don't box struct branch of alternate
There's no reason to do two malloc's for an alternate type visiting
a QAPI struct; let's just inline the struct directly as the C union
branch of the struct.

Surprisingly, no clients were actually using the struct member prior
to this patch outside of the testsuite; an earlier patch in the series
added some testsuite coverage to make the effect of this patch more
obvious.

In qapi.py, c_type() gains a new is_unboxed flag to control when we
are emitting a C struct unboxed within the context of an outer
struct (different from our other two modes of usage with no flags
for normal local variable declarations, and with is_param for adding
'const' in a parameter list). I don't know if there is any more
pythonic way of collapsing the two flags into a single parameter,
as we never have a caller setting both flags at once.

Ultimately, we want to also unbox branches for QAPI unions, but as
that touches a lot more client code, it is better as separate
patches. But since unions and alternates share gen_variants(), I
had to hack in a way to test if we are visiting an alternate type
for setting the is_unboxed flag: look for a non-object branch.
This works because alternates have at least two branches, with at
most one object branch, while unions have only object branches.
The hack will go away in a later patch.

The generated code difference to qapi-types.h is relatively small:

| struct BlockdevRef {
| QType type;
| union { /* union tag is @type */
| void *data;
|- BlockdevOptions *definition;
|+ BlockdevOptions definition;
| char *reference;
| } u;
| };

The corresponding spot in qapi-visit.c calls visit_type_FOO(), which
first calls visit_start_struct() to allocate or deallocate the member
and handle a layer of {} from the JSON stream, then visits the
members. To peel off the indirection and the memory management that
comes with it, we inline this call, then suppress allocation /
deallocation by passing NULL to visit_start_struct(), and adjust the
member visit:

| switch ((*obj)->type) {
| case QTYPE_QDICT:
|- visit_type_BlockdevOptions(v, name, &(*obj)->u.definition, &err);
|+ visit_start_struct(v, name, NULL, 0, &err);
|+ if (err) {
|+ break;
|+ }
|+ visit_type_BlockdevOptions_fields(v, &(*obj)->u.definition, &err);
|+ error_propagate(errp, err);
|+ err = NULL;
|+ visit_end_struct(v, &err);
| break;
| case QTYPE_QSTRING:
| visit_type_str(v, name, &(*obj)->u.reference, &err);

The visit of non-object fields is unchanged.

Backports commit becceedc4d9bc1435099c90a0514945a89844d3a from qemu
2018-02-20 16:32:11 -05:00
Eric Blake dc706426c9
qapi-visit: Use common idiom in gen_visit_fields_decl()
We have several instances of methods that do an early exit if
output is not needed, then log that output is being generated,
and finally produce the output; see qapi-types.py:gen_object()
and qapi-visit.py:gen_visit_implicit_struct(). The odd man
out was gen_visit_fields_decl(); rearrange it to be more like
the others. No semantic change or difference to generated code.

Backports commit 2208d64998c5f867ccee7eeee298971685bf822d from qemu
2018-02-20 16:03:46 -05:00
Eric Blake b513481b9a
qapi: Emit structs used as variants in topological order
Right now, we emit the branches of union types as a boxed pointer,
and it suffices to have a forward declaration of the type. However,
a future patch will swap things to directly use the branch type,
instead of hiding it behind a pointer. For this to work, the
compiler needs the full definition of the type, not just a forward
declaration, prior to the union that is including the branch type.
This patch just adds topological sorting to hoist all types
mentioned in a branch of a union to be fully declared before the
union itself. The sort is always possible, because we do not
allow circular union types that include themselves as a direct
branch (it is, however, still possible to include a branch type
that itself has a pointer to the union, for a type that can
indirectly recursively nest itself - that remains safe, because
that the member of the branch type will remain a pointer, and the
QMP representation of such a type adds another {} for each recurring
layer of the union type).

Backports commit 1de5d4ca0752138034305f3d4e8fe17ef6503569 from qemu
2018-02-20 16:02:29 -05:00
Eric Blake f5c93aa7ab
qapi-visit: Less indirection in visit_type_Foo_fields()
We were passing 'Foo **obj' to the internal helper function, but
all uses within the helper were via reads of '*obj'. Refactor
things to pass one less level of indirection, by having the
callers dereference before calling.

For an example of the generated code change:

|-static void visit_type_BalloonInfo_fields(Visitor *v, BalloonInfo **obj, Error **errp)
|+static void visit_type_BalloonInfo_fields(Visitor *v, BalloonInfo *obj, Error **errp)
| {
| Error *err = NULL;
|
|- visit_type_int(v, "actual", &(*obj)->actual, &err);
|+ visit_type_int(v, "actual", &obj->actual, &err);
| error_propagate(errp, err);
| }
|
|@@ -261,7 +261,7 @@ void visit_type_BalloonInfo(Visitor *v,
| if (!*obj) {
| goto out_obj;
| }
|- visit_type_BalloonInfo_fields(v, obj, &err);
|+ visit_type_BalloonInfo_fields(v, *obj, &err);
| out_obj:

The refactoring will also make it easier to reuse the helpers in
a future patch when implicit structs are stored directly in the
parent struct rather than boxed through a pointer.

Backports commit 655519030b5d20967ae3afa1fe91ef5ad4406065 from qemu
2018-02-20 16:00:37 -05:00
Markus Armbruster 553e946627
qapi-visit: Unify struct and union visit
gen_visit_union() is now just like gen_visit_struct(). Rename
it to gen_visit_object(), use it for structs, and drop
gen_visit_struct(). Output is unchanged.

Backports commit 59d9e84cc94b8268f13ec184acfb997e8f352593 from qemu
2018-02-20 15:55:06 -05:00
Eric Blake 155c507ed4
qapi: Visit variants in visit_type_FOO_fields()
We initially created the static visit_type_FOO_fields() helper
function for reuse of code - we have cases where the initial
setup for a visit has different allocation (depending on whether
the fields represent a stand-alone type or are embedded as part
of a larger type), but where the actual field visits are
identical once a pointer is available.

Up until the previous patch, visit_type_FOO_fields() was only
used for structs (no variants), so it was covering every field
for each type where it was emitted.

Meanwhile, the code for visiting unions looks like:

static visit_type_U_fields() {
visit base;
visit local_members;
}
visit_type_U() {
visit_start_struct();
visit_type_U_fields();
visit variants;
visit_end_struct();
}

which splits the fields of the union visit across two functions.
Move the code to visit variants to live inside visit_type_U_fields(),
while making it conditional on having variants so that all other
instances of the helper function remain unchanged. This is also
a step closer towards unifying struct and union visits, and towards
allowing one union type to be the branch of another flat union.

The resulting diff to the generated code is a bit hard to read,
but it can be verified that it touches only union types, and that
the end result is the following general structure:

static visit_type_U_fields() {
visit base;
visit local_members;
visit variants;
}
visit_type_U() {
visit_start_struct();
visit_type_U_fields();
visit_end_struct();
}

Backports commit 9a5cd424d5f06fb5293eb264456d89343c557558 from qemu
2018-02-20 15:53:30 -05:00
Markus Armbruster 428eadd9e0
qapi-visit: Simplify how we visit common union members
For a simple union SU, gen_visit_union() generates a visit of its
single tag member, like this:

visit_type_SUKind(v, "type", &(*obj)->type, &err);

For a flat union FU with base B, it generates a visit of its base
fields:

visit_type_B_fields(v, (B **)obj, &err);

Instead, we can simply visit the common members using the same fields
visit function we use for structs, generated with
gen_visit_struct_fields(). This function visits the base if any, then
the local members.

For a simple union SU, visit_type_SU_fields() contains exactly the old
tag member visit, because there is no base, and the tag member is the
only member. For instance, the code generated for qapi-schema.json's
KeyValue changes like this:

+static void visit_type_KeyValue_fields(Visitor *v, KeyValue **obj, Error **errp)
+{
+ Error *err = NULL;
+
+ visit_type_KeyValueKind(v, "type", &(*obj)->type, &err);
+ if (err) {
+ goto out;
+ }
+
+out:
+ error_propagate(errp, err);
+}
+
void visit_type_KeyValue(Visitor *v, const char *name, KeyValue **obj, Error **errp)
{
Error *err = NULL;
@@ -4863,7 +4911,7 @@ void visit_type_KeyValue(Visitor *v, con
if (!*obj) {
goto out_obj;
}
- visit_type_KeyValueKind(v, "type", &(*obj)->type, &err);
+ visit_type_KeyValue_fields(v, obj, &err);
if (err) {
goto out_obj;
}

For a flat union FU, visit_type_FU_fields() contains exactly the old
base fields visit, because there is a base, but no members. For
instance, the code generated for qapi-schema.json's CpuInfo changes
like this:

static void visit_type_CpuInfoBase_fields(Visitor *v, CpuInfoBase **obj, Error **errp);

+static void visit_type_CpuInfo_fields(Visitor *v, CpuInfo **obj, Error **errp)
+{
+ Error *err = NULL;
+
+ visit_type_CpuInfoBase_fields(v, (CpuInfoBase **)obj, &err);
+ if (err) {
+ goto out;
+ }
+
+out:
+ error_propagate(errp, err);
+}
+
static void visit_type_CpuInfoX86_fields(Visitor *v, CpuInfoX86 **obj, Error **errp)
...
@@ -3485,7 +3509,7 @@ void visit_type_CpuInfo(Visitor *v, cons
if (!*obj) {
goto out_obj;
}
- visit_type_CpuInfoBase_fields(v, (CpuInfoBase **)obj, &err);
+ visit_type_CpuInfo_fields(v, obj, &err);
if (err) {
goto out_obj;
}

As you see, the generated code grows a bit, but in practice, it's lost
in the noise: qapi-schema.json's qapi-visit.c gains roughly 1%.

This simplification became possible with commit 441cbac "qapi-visit:
Convert to QAPISchemaVisitor, fixing bugs". It's a step towards
unifying gen_struct() and gen_union().

Backports commit d7445b57f4342d50c25b5bc1746048fa3720511b from qemu
2018-02-20 15:48:54 -05:00
Eric Blake 74da8f0eea
qapi: Forbid 'any' inside an alternate
The whole point of an alternate is to allow some type-safety while
still accepting more than one JSON type. Meanwhile, the 'any'
type exists to bypass type-safety altogether. The two are
incompatible: you can't accept every type, and still tell which
branch of the alternate to use for the parse; fix this to give a
sane error instead of a Python stack trace.

Note that other types that can't be alternate members are caught
earlier, by check_type().

Backports commit 46534309e667fd860720f983c2c9aefe0354340d from qemu
2018-02-20 15:47:16 -05:00
Eric Blake 907771516e
qapi: Forbid empty unions and useless alternates
Empty unions serve no purpose, and while we compile with gcc
which permits them, strict C99 forbids them. We happen to inject
a dummy 'void *data' member into the C unions that represent QAPI
unions and alternates, but we want to get rid of that member (it
pollutes the namespace for no good reason), which would leave us
with an empty union if the user didn't provide any branches. While
empty structs make sense in QAPI, empty unions don't add any
expressiveness to the QMP language. So prohibit them at parse
time. Update the documentation and testsuite to match.

Note that the documentation already mentioned that alternates
should have "two or more JSON data types"; so this also fixes
the code to enforce that. However, we have existing uses of a
union type with only one branch, so the 2-or-more strictness
is intentionally limited to alternates.

Backports commit 02a57ae32b08e8981b59979b80e682c9a153e94d from qemu
2018-02-20 15:46:08 -05:00
Eric Blake fa6af0733a
qapi-visit: Honor prefix of discriminator enum
When we added support for a user-specified prefix for an enum
type (commit 351d36e), we forgot to teach the qapi-visit code
to honor that prefix in the case of using a prefixed enum as
the discriminator for a flat union. While there is still some
on-list debate on whether we want to keep prefixes, we should
at least make it work as long as it is still part of the code
base.

Backports commit 9d3524b39e1fe5f3bb7a990ad7841e469e954a3b from qemu
2018-02-20 15:38:44 -05:00
Alistair Francis a8807cd3b9
target-arm: Add PMUSERENR_EL0 register
The Linux kernel accesses this register early in its setup.

Backports commit 8a83ffc2dafad3499b87a736b17ab1b203fdb00b from qemu
2018-02-20 15:36:31 -05:00
Lioncash b29e024f56
target-arm: Correct bad VBAR patch merge 2018-02-20 15:34:32 -05:00
Alistair Francis 2945893f40
target-arm: Add the pmovsclr_el0 and pmintenclr_el1 registers
Backports commit 978364f12adebb4b8d90fdeb71242cb3c1405740 from qemu
2018-02-20 15:27:50 -05:00
Alistair Francis c31856e34e
target-arm: Add the pmceid0 and pmceid1 registers
Backports commit 4054bfa9e7986c9b7d2bf70f9e10af9647e376fc from qemu
2018-02-20 15:22:41 -05:00
Peter Maydell 57a9474cc7
target-arm: UNDEF in the UNPREDICTABLE SRS-from-System case
Make get_r13_banked() raise an exception at runtime for the
corner case of SRS from System mode, so that we can UNDEF it;
this brings us in to line with the ARM ARM's set of permitted
CONSTRAINED UNPREDICTABLE choices.

Backports commit f01377f591fe15c652f947646c4a69a7d4a71ad9 from qemu
2018-02-20 15:12:25 -05:00
Peter Maydell 88d21504e4
target-arm: Combine user-only and softmmu get/set_r13_banked()
The user-mode versions of get/set_r13_banked() exist just to assert
if they're ever called -- the translate time code should never
emit calls to them because SRS from user mode always UNDEF.
There's no code in the softmmu versions that can't compile in
CONFIG_USER_ONLY, and the assertion is not particularly useful,
so combine the two functions rather than having completely split
versions under ifdefs.

Backports commit d86d57d4fe683c99823f625f941eff26c07c72c3 from qemu
2018-02-20 15:09:58 -05:00
Peter Maydell 3d4f8b2d8f
target-arm: Move get/set_r13_banked() to op_helper.c
Move get/set_r13_banked() from helper.c to op_helper.c. This will
let us add exception-raising code to them, and also puts them
in the same file as get/set_user_reg(), which makes some conceptual
sense.

(The original reason for the helper.c/op_helper.c split was that
only op_helper.c had access to the CPU env pointer; this distinction
has not been true for a long time, though, and so the split is
now rather arbitrary.)

Backports commit 72309cee482868d6c4711931c3f7e02ab9dec229 from qemu

target-arm: Move bank_number() into internals.h

Move bank_number()'s implementation into internals.h, so
it's available in the user-mode-only compile as well.

Backports commit c766568d3604082c6fd45cbabe42c48e4861a13f from qemu
2018-02-20 15:09:07 -05:00
Peter Maydell a6aac0dbb4
target-arm: Clean up trap/undef handling of SRS
The SRS instruction is:
* UNDEFINED in Hyp mode
* UNPREDICTABLE in User or System mode
* UNPREDICTABLE if the specified mode isn't accessible
* trapped to EL3 if EL3 is AArch64 and we are at Secure EL1

Clean up the code to handle all these cases cleanly, including
picking UNDEF as our choice of UNPREDICTABLE behaviour rather
blindly trusting the mode field passed in the instruction.
As part of this, move the check for IS_USER into gen_srs()
itself rather than having it done by the caller.

The exception is that we don't UNDEF for calls from System
mode, which need a runtime check. This will be dealt with in
the following commits.

Backports commit cbc0326b6fb905f80b7cef85b24571f7ebb62077 from qemu
2018-02-20 15:02:45 -05:00
Peter Maydell 56a88557db
target-arm: Report correct syndrome for FPEXC32_EL2 traps
If access to FPEXC32_EL2 is trapped by CPTR_EL2.TFP or CPTR_EL3.TFP,
this should be reported with a syndrome register indicating an
FP access trap, not one indicating a system register access trap.

Backports commit f2cae6092767aaf418778eada15be444c23883be from qemu
2018-02-20 15:00:32 -05:00
Peter Maydell 425db8c149
target-arm: Implement MDCR_EL3.TDA and MDCR_EL2.TDA traps
Implement the debug register traps controlled by MDCR_EL2.TDA
and MDCR_EL3.TDA.

Backports commit d6c8cf815171e35e0b1ef4e0cff602ab3d575747 from qemu
2018-02-20 14:58:52 -05:00
Peter Maydell 7295676caf
target-arm: Implement MDCR_EL2.TDRA traps
Implement trapping of the "debug ROM" registers, which are controlled
by MDCR_EL2.TDRA for EL2 but by the more general MDCR_EL3.TDA for EL3.

Backports commit 91b0a23865558e2ce9c2e7042d404e8bf2e4b817 from qemu
2018-02-20 14:54:53 -05:00
Peter Maydell 537ff96e34
target-arm: Implement MDCR_EL3.TDOSA and MDCR_EL2.TDOSA traps
Implement the traps to EL2 and EL3 controlled by the bits
MDCR_EL2.TDOSA MDCR_EL3.TDOSA. These can configurably trap
accesses to the "powerdown debug" registers.

Backports commit 187f678d5c28251dba2b44127e59966b14518ef7 from qemu
2018-02-20 14:52:47 -05:00
Peter Maydell 871dee4908
target-arm: Fix handling of SCR.SMD
We weren't quite implementing the handling of SCR.SMD correctly.
The condition governing whether the SMD bit should apply only
for NS state is "is EL3 is AArch32", not "is the current EL AArch32".
Fix the condition, and clarify the comment both to reflect this and
to expand slightly on what's going on for the v7-no-Virtualization case.

Backports commit f096e92b6385fd87e8ea948ad3af70faf752c13a from qemu
2018-02-20 14:50:33 -05:00
Peter Maydell 7b503db3c6
target-arm: correct CNTFRQ access rights
Correct some corner cases we were getting wrong for
CNTFRQ access rights:
* should UNDEF from 32-bit Secure EL1
* only writable from the highest implemented exception level,
which might not be EL1 now

To clarify the code, provide a new utility function
arm_highest_el() which returns the highest implemented
exception level.

Backports commit 755026728abb19fba70e6b4396a27fa2e7550d74 from qemu
2018-02-20 14:49:28 -05:00
Richard Henderson 22d4f95912
target-i386: Implement FSGSBASE
Backports commit 07929f2ab2ab9c9e01d4ae79f48f2b2476b715c8 from qemu
2018-02-20 14:45:58 -05:00
Richard Henderson 6ca787fb48
target-i386: Enable CR4/XCR0 features for user-mode
Backports commit a114d25d5b42600871d75929604c0b9fcc448ec0 from qemu
2018-02-20 14:37:33 -05:00
Richard Henderson 86cc5862a1
target-i386: Clear bndregs during legacy near jumps
Backports commit 7d117ce81ef6258cdcc0d24c774d045fa4b5fd26 from qemu
2018-02-20 14:36:11 -05:00
Richard Henderson 8ca89461b5
target-i386: Implement BNDLDX, BNDSTX
Backports commit bdd87b3b591add6e4d7c6b6125fcf0d706cc8bc4 from qemu
2018-02-20 14:32:48 -05:00
Richard Henderson f30c3efd0e
target-i386: Implement BNDLDX, BNDSTX
Backports commit bdd87b3b591add6e4d7c6b6125fcf0d706cc8bc4 from qemu
2018-02-20 14:26:18 -05:00
Richard Henderson a02626afe7
target-i386: Update BNDSTATUS for exceptions raised by BOUND
Backports commit 75d14edcf5fd9d5bb614554539799abaaeab3166 from qemu
2018-02-20 14:24:07 -05:00
Richard Henderson 554c41f05f
target-i386: Implement BNDCL, BNDCU, BNDCN
Backports commit 523e28d7614571680d21641bd0bd9b9e84570cee from qemu
2018-02-20 14:22:46 -05:00
Richard Henderson c2f92123f4
target-i386: Implement BNDMOV
Backports commit 62b58ba58bfebdb8a1c447beaa1285cc21249d15 from qemu
2018-02-20 14:14:39 -05:00
Richard Henderson 8bc3037864
target-i386: Implement BNDMK
Backports commit 149b427b32de358c3bd5bc064c50acca6e9ff78f from qemu
2018-02-20 14:02:31 -05:00
Richard Henderson e11a7bcede
target-i386: Split up gen_lea_modrm
This is immediately usable by lea and multi-byte nop,
and will be required to implement parts of the mpx spec.

Backports commit a074ce42a3186bd9f96ef541bb2e01419181dae3 from qemu
2018-02-20 13:49:05 -05:00
Richard Henderson 159e837a6c
target-i386: Perform set/reset_inhibit_irq inline
With helpers that can be reused for other things.

Backports commit 7f0b7141b4c7deab51efd8ee1e83eab2d9b7a9ea from qemu
2018-02-20 13:34:47 -05:00
Richard Henderson cacb60b57b
target-i386: Enable control registers for MPX
Enable and disable at CPL changes, MSR changes, and XRSTOR changes.

Backports commit f4f1110e4b34797ddfa87bb28f9518b9256778be from qemu
2018-02-20 13:27:46 -05:00
Richard Henderson 7a7a72f49b
target-i386: Implement XSAVEOPT
Backports commit c9cfe8f9fb21f086e24b3a8f7ccd9c06e4d8d9d6 from qemu
2018-02-20 12:52:10 -05:00
Richard Henderson 6c5b6a0e7f
target-i386: Add XSAVE extension
This includes XSAVE, XRSTOR, XGETBV, XSETBV, which are all related,
as well as the associate cpuid bits.

Backports commit 19dc85dba23c0db1ca932c62e453c37e00761628 from qemu
2018-02-20 12:47:52 -05:00
Richard Henderson 6657c0c54a
target-i386: Rearrange processing of 0F AE
Rather than nesting tests of OP, MOD, and RM, decode them all at once
with a switch. Also, add some missing #UD checks for e.g. incorrect
LOCK prefix.

Backports commit 121f3157887f92268a3d6169e2d4601f9292020b from qemu
2018-02-20 12:36:54 -05:00
Richard Henderson cb536601cb
target-i386: Rearrange processing of 0F 01
Rather than nesting tests of OP, MOD, and RM, decode them
all at once with a switch. Fixes incorrect decoding of
AMD Pacifica extensions (aka vmrun et al) via op==2 path.

Backports commit 1906b2af7c2345037d9b2fdf484b457b5acd09d1 from qemu
2018-02-20 12:32:45 -05:00
Richard Henderson b490486028
target-i386: Split fxsave/fxrstor implementation
We will be able to reuse these pieces for XSAVE/XRSTOR.

Backports commit 64dbaff09bb768dbbb13142862554f18ab642866 from qemu
2018-02-20 11:58:00 -05:00
Alistair Francis a4bf026460
qom: Correct object_property_get_int() description
The description of object_property_get_int() stated that on an error
it returns NULL. This is not the case and the function will return -1
if an error occurs. Update the commented documentation accordingly.

Backports commit b29b47e9b35017428904e0e934700877dfaabe73 from qemu
2018-02-20 11:52:16 -05:00
Sergey Fedorov dfb78118ff
target-arm: Implement checking of fired watchpoint
ARM stops before access to a location covered by watchpoint. Also, QEMU
watchpoint fire is not necessarily an architectural watchpoint match.
Unfortunately, that is hardly possible to ignore a fired watchpoint in
debug exception handler. So move watchpoint check from debug exception
handler to the dedicated watchpoint checking callback.

Backports commit 3826121d9298cde1d29ead05910e1f40125ee9b0 from qemu
2018-02-20 11:50:29 -05:00
Sergey Fedorov 6a3038db7c
cpu: Add callback to check architectural watchpoint match
When QEMU watchpoint matches, that is not definitely an architectural
watchpoint match yet. If it is a stop-before-access watchpoint then that
is hardly possible to ignore it after throwing a TCG exception.

A special callback is introduced to check for architectural watchpoint
match before raising a TCG exception.

Backports commit 568496c0c0f1863a4bc18539962cd8d81baa4e30 from qemu
2018-02-20 11:43:56 -05:00
Peter Maydell 3d5b54cf4b
target-arm: Fix IL bit reported for Thumb VFP and Neon traps
All Thumb Neon and VFP instructions are 32 bits, so the IL
bit in the syndrome register should be set. Pass false to the
syn_* function's is_16bit argument rather than s->thumb
so we report the correct IL bit.

Backports commit 7d197d2db5e99e4c8b20f6771ddc7303acaa1c89 from qemu
2018-02-20 11:39:39 -05:00
Peter Maydell 5b8ad0e2fc
target-arm: Fix IL bit reported for Thumb coprocessor traps
All Thumb coprocessor instructions are 32 bits, so the IL
bit in the syndrome register should be set. Pass false to the
syn_* function's is_16bit argument rather than s->thumb
so we report the correct IL bit.

Backports commit 4df322593037d2700f72dfdfb967300b7ad2e696 from qemu
2018-02-20 11:38:27 -05:00
Peter Maydell 814bffc1ee
target-arm: Correct misleading 'is_thumb' syn_* parameter names
In syndrome register values, the IL bit indicates the instruction
length, and is 1 for 4-byte instructions and 0 for 2-byte
instructions. All A64 and A32 instructions are 4-byte, but
Thumb instructions may be either 2 or 4 bytes long. Unfortunately
we named the parameter to the syn_* functions for constructing
syndromes "is_thumb", which falsely implies that it should be
set for all Thumb instructions, rather than only the 16-bit ones.
Fix the functions to name the parameter 'is_16bit' instead.

Backports commit fc05f4a62c568b607ec3fe428a419bb38205b570 from qemu
2018-02-20 11:36:55 -05:00
Peter Maydell a3ff1c4a65
target-arm: Enable EL3 for Cortex-A53 and Cortex-A57
Enable EL3 support for our Cortex-A53 and Cortex-A57 CPU models.
We have enough implemented now to be able to run real world code
at least to some extent (I can boot ARM Trusted Firmware to the
point where it pulls in OP-TEE and then falls over because it
doesn't have a UEFI image it can chain to).

Backports commit 3ad901bc2b98f5539af9a7d4aef140a6d8fa6442 from qemu
2018-02-20 11:31:44 -05:00
Peter Maydell aecf7b05dc
target-arm: Implement NSACR trapping behaviour
Implement some corner cases of the behaviour of the NSACR
register on ARMv8:
* if EL3 is AArch64 then accessing the NSACR from Secure EL1
with AArch32 should trap to EL3
* if EL3 is not present or is AArch64 then reads from NS EL1 and
NS EL2 return constant 0xc00

It would in theory be possible to implement all these with
a single reginfo definition, but for clarity we use three
separate definitions for the three cases and install the
right one based on the CPU feature flags.

Backports commit 2f027fc52d4b444a47cb05a9c96697372a6b57d2 from qemu
2018-02-20 11:29:29 -05:00
Peter Maydell 6dbc781ce3
target-arm: Add isread parameter to CPAccessFns
System registers might have access requirements which need to
be described via a CPAccessFn and which differ for reads and
writes. For this to be possible we need to pass the access
function a parameter to tell it whether the access being checked
is a read or a write.

Backports commit 3f208fd76bcc91a8506681bb8472f2398fe6f487 from qemu
2018-02-20 11:24:17 -05:00
Peter Maydell 4838c1dfe9
target-arm: Update arm_generate_debug_exceptions() to handle EL2/EL3
The arm_generate_debug_exceptions() function as originally implemented
assumes no EL2 or EL3. Since we now have much more of an implementation
of those now, fix this assumption.

Backports commit 533e93f1cf12c570aab45f14663dab6fb8ea3ffc from qemu
2018-02-20 11:12:36 -05:00
Peter Maydell 4552444928
target-arm: Use access_trap_aa32s_el1() for SCR and MVBAR
The registers MVBAR and SCR should have the behaviour of trapping to
EL3 if accessed from Secure EL1, but we were incorrectly implementing
them to UNDEF (which would trap to EL1). Fix this by using the new
access_trap_aa32s_el1() access function.

Backports commit efe4a274083f61484a8f1478d93f229d43aa8095 from qemu
2018-02-20 11:10:38 -05:00
Peter Maydell c0411e5422
target-arm: Implement MDCR_EL3 and SDCR
Implement the MDCR_EL3 register (which is SDCR for AArch32).
For the moment we implement it as reads-as-written.

Backports commit 5513c3abed8e5fabe116830c63f0d3fe1f94bd21 from qemu
2018-02-20 11:08:15 -05:00
Peter Maydell a2fd906e8b
target-arm: Fix typo in comment in arm_is_secure_below_el3()
Fix a typo where "EL2" was written but "EL3" intended.

Backports commit 6b7f0b61f080b886c9b4bba8240379ce90e20b12 from qemu
2018-02-20 11:05:14 -05:00
Paolo Bonzini 98452daad6
target-i386: fix PSE36 mode
(pde & 0x1fe000) is a 32-bit integer; when shifting it
into bits 39-32 the result is zero. Fix it by making the
mask (and thus the result of the AND) a 64-bit integer.

Reported by Coverity.

Backports commit 388ee48a88e684e719660a2cae9c21897b94fa37 from qemu
2018-02-20 11:03:49 -05:00
Richard Henderson 65a78ebb26
target-i386: Deconstruct the cpu_T array
All references to cpu_T are done with a constant index. It aids
readability to decompose the array into two scalar variables.

Backports commit 1d1cc4d0f481b2939c7e9f6606e571b2fc81971a from qemu
2018-02-20 11:02:34 -05:00
Richard Henderson 5d45260df7
target-i386: Tidy gen_add_A0_im
Merge gen_op_addl_A0_im and gen_op_addq_A0_im into gen_add_A0_im
and clean up the ifdef.

Replace the one remaining user of gen_op_addl_A0_im with gen_add_A0_im.

Backports commit 4e85057b92d214decf10045d3d4faa2faf33d100 from qemu
2018-02-20 10:20:04 -05:00
Richard Henderson 0004dfcba3
target-i386: Rewrite leave
Unify the code across stack pointer widths. Fix the note about
not updating ESP before the potential exception.

Backports commit 2045f04c3ae030bda650f84035f114bbd84909a9 from qemu
2018-02-20 10:16:56 -05:00
Richard Henderson 7dd4fcc621
target-i386: Rewrite gen_enter inline
Use gen_lea_v_seg for centralized segment base knowledge. Unify
code across 32- and 64-bit. Fix note about "must save state"
before using the out-of-line helpers.

Backports commit 743e398e2fbf2f7183bf7a53c9d011fabcaa1770 from qemu
2018-02-20 10:13:43 -05:00
Richard Henderson 302752df8b
target-i386: Use gen_lea_v_seg in pusha/popa
More centralization of handling of segment bases.
Also fixes the note about 16-bit wrap around not fully handled.

Backports commit d37ea0c04723f3e15fde55fe97cff6278159929b from qemu
2018-02-20 10:07:46 -05:00
Richard Henderson 092c7bea97
target-i386: Access segs via TCG registers
Having segs[].base as a register significantly improves code
generation for real and protected modes, particularly for TBs
that have multiple memory references where the segment base
can be held in a hard register through the TB.

Backports commit 3558f8055f37a34762b7a2a0f02687e6eeab893d from qemu
2018-02-20 10:02:37 -05:00
Richard Henderson 969f8ab407
target-i386: Use gen_lea_v_seg in stack subroutines
I.e. gen_push_v, gen_pop_T0, gen_stack_A0.
More centralization of handling of segment bases.

Backports commit 77ebcad04f3659fa7eb799928fdd68280fac720d from qemu
2018-02-20 09:28:40 -05:00
Richard Henderson 0d1766a9f0
target-i386: Use gen_lea_v_seg in gen_lea_modrm
Centralize handling of segment bases.

Backports commit d6a2914984c89fa0a3125b9842e0cbf68de79a3d from qemu
2018-02-20 09:23:49 -05:00
Richard Henderson f3220dbb8c
target-i386: Introduce mo_stacksize
Centralize computation of a MO_SIZE for the stack pointer.

Backports commit 64ae256c2450262e27f07657c5734d3197458d95 from qemu
2018-02-20 09:18:48 -05:00
Richard Henderson 63c4e79870
target-i386: Create gen_lea_v_seg
Add forgotten zero-extension in the TARGET_X86_64, !CODE64, ss32 case;
use this new function to implement gen_string_movl_A0_EDI,
gen_string_movl_A0_ESI, gen_add_A0_ds_seg.

Backports commit ca2f29f555805d07fb0b9ebfbbfc4e3656530977 from qemu
2018-02-20 09:17:13 -05:00
Lioncash c658126845
include: Move RAMList to ramlist.h
Moves the struct back into qemu's headers
2018-02-20 08:47:51 -05:00
Lioncash cdd4003ce9
Move RAMBlock to ram_addr.h
Moves it back into qemu's includes.
2018-02-20 08:35:44 -05:00
Paolo Bonzini cbc56b3ceb
memory: add early bail out from cpu_physical_memory_set_dirty_range
This condition is true in the common case, so we can cut out the body of
the function. In addition, this makes it easier for the compiler to do
at least partial inlining, even if it decides that fully inlining the
function is unreasonable.

Backports commit 8bafcb21643a39a5b29109f8bd5ee5a6f0f6850b from qemu
2018-02-20 08:32:10 -05:00
Lioncash a268815478
include: Add stubbed xen function
Will allow us to not comment out code all the time for xen checks (ideally)
2018-02-20 08:29:58 -05:00
Markus Armbruster 91b4e76fef
error: New error_fatal
Similar to error_abort, but doesn't report where the error was
created, and terminates the process with exit(1) rather than abort().

Backports commit a29a37b994ca3c5a1d39fa0e8934f7e0f2cf57ef from qemu
2018-02-20 08:22:27 -05:00
Markus Armbruster c4a06e2d12
error: Improve documentation some more
Don't claim error_report_err() always reports to stderr. It actually
reports to the current monitor when we have one.

Clarify intended use of error_abort and error_fatal.

Backports commit 10303f04b98efa76e638b9ae4632688f56f088fc from qemu
2018-02-20 08:13:39 -05:00
Eric Blake 0c04f85d31
qapi: Fix compilation failure on MIPS and SPARC
Commit 86f4b687 broke compilation on MIPS and SPARC, which have a
preprocessor pollution of '#define mips 1' and '#define sparc 1',
respectively. Treat it the same way as we do for the pollution with
'unix', so that QMP remains backwards compatible and only the C code
needs to use the alternative 'q_mips', 'q_sparc' spelling.

Backports commit 86ae191163d48ff4ff9d9996868e6cfe92a82449 from qemu
2018-02-20 08:11:01 -05:00
Eric Blake 49b8891872
qmp: Don't abuse stack to track qmp-output root
The previous commit documented an inconsistency in how we are
using the stack of qmp-output-visitor. Normally, pushing a
single top-level object puts the object on the stack twice:
once as the root, and once as the current container being
appended to; but popping that struct only pops once. However,
qmp_ouput_add() was trying to either set up the added object
as the new root (works if you parse two top-level scalars in a
row: the second replaces the first as the root) or as a member
of the current container (works as long as you have an open
container on the stack; but if you have popped the first
top-level container, it then resolves to the root and still
tries to add into that existing container).

Fix the stupidity by not tracking two separate things in the
stack. Drop the now-useless qmp_output_first() and
qmp_output_last() while at it.

Saved for a later patch: we still are rather sloppy in that
qmp_output_get_object() can be called in the middle of a parse,
rather than requiring that a visit is complete.

Backports commit 455ba08afde784466420449d01c6458f88349d55 from qemu
2018-02-20 08:09:56 -05:00
Eric Blake 25dad6e8d5
qmp: Fix reference-counting of qnull on empty output visit
Commit 6c2f9a15 ensured that we would not return NULL when the
caller used an output visitor but had nothing to visit. But
in doing so, it added a FIXME about a reference count leak
that could abort qemu in the (unlikely) case of SIZE_MAX such
visits (more plausible on 32-bit). (Although that commit
suggested we might fix it in time for 2.5, we ran out of time;
fortunately, it is unlikely enough to bite that it was not
worth worrying about during the 2.5 release.)

This fixes things by documenting the internal contracts, and
explaining why the internal function can return NULL and only
the public facing interface needs to worry about qnull(),
thus avoiding over-referencing the qnull_ global object.

It does not, however, fix the stupidity of the stack mixing
up two separate pieces of information; add a FIXME to explain
that issue, which will be fixed shortly in a future patch.

Backports commit a86156401559cb4401cf9ecc704faeab6fc8bb19 from qemu
2018-02-20 08:07:31 -05:00
Eric Blake a2fc66a005
qapi: Tighten qmp_input_end_list()
The only way that qmp_input_pop() will set errp is if a dictionary
was the most recent thing pushed. Since we don't have any
push(struct)/pop(list) or push(list)/pop(struct) mismatches (such
a mismatch is a programming bug), we therefore cannot set errp
inside qmp_input_end_list(). Make this obvious by
using &error_abort. A later patch will then remove the errp
parameter of qmp_input_pop(), but that will first require the
larger task of splitting visit_end_struct().

Backports commit bdd8e6b5d8a9def83d491a3f41c10424fc366258 from qemu
2018-02-19 23:44:45 -05:00
Eric Blake 1f54314cbb
qapi: Drop unused 'kind' for struct/enum visit
visit_start_struct() and visit_type_enum() had a 'kind' argument
that was usually set to either the stringized version of the
corresponding qapi type name, or to NULL (although some clients
didn't even get that right). But nothing ever used the argument.
It's even hard to argue that it would be useful in a debugger,
as a stack backtrace also tells which type is being visited.

Therefore, drop the 'kind' argument as dead.

Backports commit 337283dffbb5ad5860ed00408a5fd0665c21be07 from qemu
2018-02-19 23:43:54 -05:00
Eric Blake 844c136945
qapi: Swap 'name' in visit_* callbacks to match public API
As explained in the previous patches, matching argument order of
'name, &value' to JSON's "name":value makes sense. However,
while the last two patches were easy with Coccinelle, I ended up
doing this one all by hand. Now all the visitor callbacks match
the main interface.

The compiler is able to enforce that all clients match the changed
interface in visitor-impl.h, even where two pointers are being
swapped, because only one of the two pointers is const (if that
were not the case, then C's looseness on treating 'char *' like
'void *' would have made review a bit harder).

Backports commit 0b2a0d6bb2446060944061e53e87d0c7addede79 from qemu
2018-02-19 23:36:52 -05:00
Eric Blake 4100f3b78a
qapi: Consolidate visitor small integer callbacks
Commit 4e27e819 introduced optional visitor callbacks for all
sorts of int types, but no visitor has supplied any of the
callbacks for sizes less than 64 bits. In other words, the
generic implementation based on using type_[u]int64() followed
by bounds-checking works just fine. In the interest of
simplicity, it's easier to make the visitor callback interface
not have to worry about the other sizes.

Adding some helper functions minimizes the boilerplate required
to correct FIXMEs added earlier with regards to questionable
reuse of errp, particularly now that we can guarantee from a
single file audit that value is unchanged if an error is set.

Backports commit 04e070d217b4414f1f91aa8ad25fc0ae7ca0be93 from qemu
2018-02-19 23:21:56 -05:00
Eric Blake 9ec25b4673
qom: Swap 'name' next to visitor in ObjectPropertyAccessor
Similar to the previous patch, it's nice to have all functions
in the tree that involve a visitor and a name for conversion to
or from QAPI to consistently stick the 'name' parameter next
to the Visitor parameter.

Done by manually changing include/qom/object.h and qom/object.c,
then running this Coccinelle script and touching up the fallout
(Coccinelle insisted on adding some trailing whitespace).

@ rule1 @
identifier fn;
typedef Object, Visitor, Error;
identifier obj, v, opaque, name, errp;
@@
void fn
- (Object *obj, Visitor *v, void *opaque, const char *name,
+ (Object *obj, Visitor *v, const char *name, void *opaque,
Error **errp) { ... }

@@
identifier rule1.fn;
expression obj, v, opaque, name, errp;
@@
fn(obj, v,
- opaque, name,
+ name, opaque,
errp)

Backports commit d7bce9999df85c56c8cb1fcffd944d51bff8ff48 from qemu
2018-02-19 23:14:37 -05:00
Eric Blake 5dd5646a9a
qapi: Swap visit_* arguments for consistent 'name' placement
JSON uses "name":value, but many of our visitor interfaces were
called with visit_type_FOO(v, &value, name, errp). This can be
a bit confusing to have to mentally swap the parameter order to
match JSON order. It's particularly bad for visit_start_struct(),
where the 'name' parameter is smack in the middle of the
otherwise-related group of 'obj, kind, size' parameters! It's
time to do a global swap of the parameter ordering, so that the
'name' parameter is always immediately after the Visitor argument.

Additional reason in favor of the swap: the existing include/qjson.h
prefers listing 'name' first in json_prop_*(), and I have plans to
unify that file with the qapi visitors; listing 'name' first in
qapi will minimize churn to the (admittedly few) qjson.h clients.

Later patches will then fix docs, object.h, visitor-impl.h, and
those clients to match.

Done by first patching scripts/qapi*.py by hand to make generated
files do what I want, then by running the following Coccinelle
script to affect the rest of the code base:
$ spatch --sp-file script `git grep -l '\bvisit_' -- '**/*.[ch]'`
I then had to apply some touchups (Coccinelle insisted on TAB
indentation in visitor.h, and botched the signature of
visit_type_enum() by rewriting 'const char *const strings[]' to
the syntactically invalid 'const char*const[] strings'). The
movement of parameters is sufficient to provoke compiler errors
if any callers were missed.

// Part 1: Swap declaration order
@@
type TV, TErr, TObj, T1, T2;
identifier OBJ, ARG1, ARG2;
@@
void visit_start_struct
-(TV v, TObj OBJ, T1 ARG1, const char *name, T2 ARG2, TErr errp)
+(TV v, const char *name, TObj OBJ, T1 ARG1, T2 ARG2, TErr errp)
{ ... }

@@
type bool, TV, T1;
identifier ARG1;
@@
bool visit_optional
-(TV v, T1 ARG1, const char *name)
+(TV v, const char *name, T1 ARG1)
{ ... }

@@
type TV, TErr, TObj, T1;
identifier OBJ, ARG1;
@@
void visit_get_next_type
-(TV v, TObj OBJ, T1 ARG1, const char *name, TErr errp)
+(TV v, const char *name, TObj OBJ, T1 ARG1, TErr errp)
{ ... }

@@
type TV, TErr, TObj, T1, T2;
identifier OBJ, ARG1, ARG2;
@@
void visit_type_enum
-(TV v, TObj OBJ, T1 ARG1, T2 ARG2, const char *name, TErr errp)
+(TV v, const char *name, TObj OBJ, T1 ARG1, T2 ARG2, TErr errp)
{ ... }

@@
type TV, TErr, TObj;
identifier OBJ;
identifier VISIT_TYPE =~ "^visit_type_";
@@
void VISIT_TYPE
-(TV v, TObj OBJ, const char *name, TErr errp)
+(TV v, const char *name, TObj OBJ, TErr errp)
{ ... }

// Part 2: swap caller order
@@
expression V, NAME, OBJ, ARG1, ARG2, ERR;
identifier VISIT_TYPE =~ "^visit_type_";
@@
(
-visit_start_struct(V, OBJ, ARG1, NAME, ARG2, ERR)
+visit_start_struct(V, NAME, OBJ, ARG1, ARG2, ERR)
|
-visit_optional(V, ARG1, NAME)
+visit_optional(V, NAME, ARG1)
|
-visit_get_next_type(V, OBJ, ARG1, NAME, ERR)
+visit_get_next_type(V, NAME, OBJ, ARG1, ERR)
|
-visit_type_enum(V, OBJ, ARG1, ARG2, NAME, ERR)
+visit_type_enum(V, NAME, OBJ, ARG1, ARG2, ERR)
|
-VISIT_TYPE(V, OBJ, NAME, ERR)
+VISIT_TYPE(V, NAME, OBJ, ERR)
)

Backports commit 51e72bc1dd6ace6e91d675f41a1f09bd00ab8043 from qemu
2018-02-19 22:45:07 -05:00
Eric Blake 5b6f0cbdb7
qom: Use typedef for Visitor
No need to repeat 'struct Visitor' when we already have it in
typedefs.h. Omitting the redundant 'struct' also makes a later
patch easier to search for all object property callbacks that
are associated with a Visitor.

Backports commit 4fa45492c3387c0fa51e8e81160ac9a7814f44a2 from qemu
2018-02-19 22:26:47 -05:00
Eric Blake b978871f20
qapi: Don't cast Enum* to int*
C compilers are allowed to represent enums as a smaller type
than int, if all enum values fit in the smaller type. There
are even compiler flags that force the use of this smaller
representation, although using them changes the ABI of a
binary. Therefore, our generated code for visit_type_ENUM()
(for all qapi enums) was wrong for casting Enum* to int* when
calling visit_type_enum().

It appears that no one has been using compiler ABI switches
for qemu, because if they had, we are potentially dereferencing
beyond bounds or even risking a SIGBUS on platforms where
unaligned pointer dereferencing is fatal. But it is still
better to avoid the practice entirely, and just use the correct
types.

This matches the fix for alternate qapi types, done earlier in
commit 0426d53 "qapi: Simplify visiting of alternate types",
with generated code changing as:

| void visit_type_QType(Visitor *v, QType *obj, const char *name, Error **errp)
| {
|- visit_type_enum(v, (int *)obj, QType_lookup, "QType", name, errp);
|+ int value = *obj;
|+ visit_type_enum(v, &value, QType_lookup, "QType", name, errp);
|+ *obj = value;
| }

Backports commit 395a233f7c089f23e3c0d43ce34c709dc5acd7de from qemu
2018-02-19 22:24:19 -05:00
Eric Blake 7e83274012
qapi-visit: Kill unused visit_end_union()
The generated code can call visit_end_union() without having called
visit_start_union(). Example:

if (!*obj) {
goto out_obj;
}
visit_type_CpuInfoBase_fields(v, (CpuInfoBase **)obj, &err);
if (err) {
goto out_obj; // if we go from here...
}
if (!visit_start_union(v, !!(*obj)->u.data, &err) || err) {
goto out_obj;
}
switch ((*obj)->arch) {
[...]
}
out_obj:
// ... then *obj is true, and ...
error_propagate(errp, err);
err = NULL;
if (*obj) {
// we end up here
visit_end_union(v, !!(*obj)->u.data, &err);
}
error_propagate(errp, err);

Harmless only because no visitor implements end_union(). Clean it up
anyway, by deleting the function as useless.

Messed up since we have visit_end_union (commit cee2ded).

Backports commit 7c91aabd8964cfdf637f302c579c95401f21ce92 from qemu
2018-02-19 22:22:24 -05:00
Eric Blake 264748ad06
qapi: Track all failures between visit_start/stop
Inside the generated code between visit_start_struct() and
visit_end_struct(), we were blindly setting the error into
the caller's errp parameter. But a future patch to split
visit_end_struct() will require that we take action based
on whether an error has occurred, which requires us to track
all actions through a local err. Rewrite the visits to be
more in line with the other generated calls.

Generated code changes look like:

| visit_start_struct(v, (void **)obj, "Abort", name, sizeof(Abort), &err);
|- if (!err) {
|- if (*obj) {
|- visit_type_Abort_fields(v, obj, errp);
|- }
|- visit_end_struct(v, &err);
|+ if (err) {
|+ goto out;
| }
|+ if (!*obj) {
|+ goto out_obj;
|+ }
|+ visit_type_Abort_fields(v, obj, &err);
|+ error_propagate(errp, err);
|+ err = NULL;
|+out_obj:
|+ visit_end_struct(v, &err);
|+out:
| error_propagate(errp, err);
| }

Backports commit 92b09babc11b60458c28cfe37eaa314de50e6241 from qemu
2018-02-19 22:19:40 -05:00
Eric Blake 4f513b2070
qapi: Improve generated event use of qapi visitor
All other successful clients of visit_start_struct() were paired
with an unconditional visit_end_struct(); but the generated
code for events was relying on qmp_output_visitor_cleanup() to
work on an incomplete visit. Alter the code to guarantee that
the struct is completed, which will make a future patch to
split visit_end_struct() easier to reason about. While at it,
drop some assertions and comments that are not present in other
uses of the qmp output visitor, and pass NULL rather than "" as
the 'kind' parameter (matching most other uses where obj is NULL).

The changes to the generated code look like:

| qmp = qmp_event_build_dict("DEVICE_TRAY_MOVED");
|
| qov = qmp_output_visitor_new();
|- g_assert(qov);
|-
| v = qmp_output_get_visitor(qov);
|- g_assert(v);
|
|- /* Fake visit, as if all members are under a structure */
|- visit_start_struct(v, NULL, "", "DEVICE_TRAY_MOVED", 0, &err);
|+ visit_start_struct(v, NULL, NULL, "DEVICE_TRAY_MOVED", 0, &err);
| if (err) {
| goto out;
| }
| visit_type_str(v, (char **)&device, "device", &err);
| if (err) {
|- goto out;
|+ goto out_obj;
| }
| visit_type_bool(v, &tray_open, "tray-open", &err);
| if (err) {
|- goto out;
|+ goto out_obj;
| }
|- visit_end_struct(v, &err);
|+out_obj:
|+ visit_end_struct(v, err ? NULL : &err);
| if (err) {
| goto out;
| }
|
| obj = qmp_output_get_qobject(qov);
|- g_assert(obj != NULL);
|+ g_assert(obj);
|
| qdict_put_obj(qmp, "data", obj);
| emit(QAPI_EVENT_DEVICE_TRAY_MOVED, qmp, &err);

Note that the 'goto out_obj' with no intervening code before the
label, as well as the construct of 'err ? NULL : &err', are both
a bit unusual but also temporary; they get fixed in a later patch
that splits visit_end_struct() to drop its errp parameter by moving
some checking before the label. But until that time, this was the
simplest way to avoid the appearance of passing a possibly-set
error to visit_end_struct(), even though actual code inspection
shows that visit_end_struct() for a QMP output visitor will never
set an error.

Backports commit a16e3e5c5825c90887a863513916f93eeec16c55 from qemu
2018-02-19 22:18:31 -05:00
Eric Blake b847298d08
qapi: Drop dead parameter in gen_params()
Commit 5cdc8831 reworked gen_params() to be simpler, but forgot
to clean up a now-unused errp named argument.

No change to generated code.

Backports commit e408311546b633b232312450d9017f4db21df0dc from qemu
2018-02-19 22:16:16 -05:00
Markus Armbruster b2c9386111
qapi: Use Python 2.6 "except E as ..." syntax
PEP 8 calls for it, because it's forward compatible with Python 3.
Supported since Python 2.6, which we require (commit fec2103).

Backports commit 291928a80f39670929fcce222acd5e21d1434692 from qemu
2018-02-19 22:14:39 -05:00
Eric Blake f7d5b1c833
qapi: Detect base class loops
It should be fairly obvious that qapi base classes need to
form an acyclic graph, since QMP cannot specify the same
key more than once, while base classes are included as flat
members alongside other members added by the child. But the
old check_member_clash() parser function was not prepared to
check for this, and entered an infinite recursion (at least
until Python gives up, complaining about nesting too deep).

Now that check_member_clash() has been recently removed,
attempts at self-inheritance trigger an assertion failure
introduced by commit ac88219a. The obvious fix is to turn
the assertion into a conditional.

This patch includes both the tests (base-cycle-direct and
base-cycle-indirect) and the fix, since the .err file output
for the unfixed case is not useful (particularly when it was
warning about unbounded recursion, as that limit may be
platform-specific).

We don't need to worry about cycles in flat unions (neither
the base type nor the type of a variant can be a union) nor
in alternates (alternate branches cannot themselves be an
alternate). But if we later allow a union type as a variant,
we will still be okay, as QAPISchemaObjectTypeVariants.check()
triggers the same QAPISchemaObjectType.check() that will
detect any loops.

Likewise, we need not worry about the case of diamond
inheritance where the same class is used for a flat union base
class and one of its variants; either both uses will introduce
a collision in trying to insert the same member name twice, or
the shared type is empty and changes nothing.

Backports commit bac5429ccb4f41d421ec641b11f1852c8420fdb7 from qemu
2018-02-19 22:12:19 -05:00
Eric Blake 63f288263a
qapi: Move duplicate collision checks to schema check()
With the recent commit 'qapi: Detect collisions in C member
names', we have two different locations for detecting clashes -
one at parse time, and another at QAPISchema*.check() time.
Remove all of the ad hoc parser checks, and delete associated
code (for example, the global check_member_clash() method is
no longer needed).

Testing this showed that the test union-bad-branch wasn't adding
much: union-clash-branches also exposes the error message when
branches collide, and we've recently fixed things to avoid an
implicit collision with max. Likewise, the error for
enum-clash-member changes to report our new detection of
upper case in a value name, unless we modify the test to use
all lower case.

The wording of several error messages has changed, but the
change is generally an improvement rather than a regression.

No change to generated code.

Backports commit 01cfbaa4c36ecd9f1c7bcbad50c92758e1d147c4 from qemu
2018-02-19 22:11:28 -05:00
Eric Blake 514226002a
qapi: Enforce (or whitelist) case conventions on qapi members
We document that members of enums and objects should be
'lower-case', although we were not enforcing it. We have to
whitelist a few pre-existing entities that violate the norms.
Add three new tests to expose the new error message, each of
which first uses the whitelisted name 'UuidInfo' to prove the
whitelist works, then triggers the failure (this is the same
pattern used in the existing returns-whitelist.json test).

Note that by adding this check, we have effectively forbidden
an entity with a case-insensitive clash of member names, for
any entity that is not on the whitelist (although there is
still the possibility to clash via '-' vs. '_').

Not done here: a future patch should also add naming convention
support and whitelist exceptions for command, event, and type
names.

The additions to QAPISchemaMember.check_clash() check whether
info['name'] is in the whitelist (the top-most entity name at
the point 'info' tracks), rather than self.owner (the type,
possibly implicit, that directly owns the member), because it
is easier to maintain the whitelist by the names actually in
the user's .json file, rather than worrying about the names
of implicit types.

Backports commit 893e1f2c5170d54316f1dcf3fefae679175622fc from qemu
2018-02-19 22:09:45 -05:00
Eric Blake 2e1e2c4d51
qapi: Track enum values by QAPISchemaMember, not string
Rather than using just an array of strings, make enum.values be
an array of the new QAPISchemaMember type, and add a helper
member_names() method to get back at the original list of names.
Likewise, creating an enum requires wrapping strings, via a new
QAPISchema._make_enum_members() method. The benefit of wrapping
enum members in a QAPISchemaMember Python object is that we now
share the existing code for C name clash detection (although the
code is not yet active until a later commit removes the earlier
ad hoc parser checks).

In a related change, the QAPISchemaMember._pretty_owner() method
needs to learn about one more implicit type name: the generated
enum associated with a simple union.

In the interest of keeping the changes of this patch local to one
file, the visitor interface still passes just a list of names
rather than the full list of QAPISchemaMember instances. We may
want to revisit this in the future, if the consistency with
visit_object_type() is worth it.

Backports commit 93bda4dd461358b4fc05dfd8e2d6419cdd574789 from qemu
2018-02-19 22:07:17 -05:00
Eric Blake ff43b7446a
qapi: Prepare new QAPISchemaMember base class
We want to share some clash detection code between enum values
and object type members. To assist with that, split off part
of QAPISchemaObjectTypeMember into a new base class
QAPISchemaMember that tracks name, owner, and common clash
detection code; while the former keeps the additional fields
for type and optional flag.

Backports commit d44f9ac80c43e34b1522cde8829f0ab371f086ca from qemu
2018-02-19 22:04:41 -05:00
Eric Blake 994490d197
qapi: Shorter visits of optional fields
For less code, reflect the determined boolean value of an optional
visit back to the caller instead of making the caller read the
boolean after the fact.

The resulting generated code has the following diff:

|- visit_optional(v, &has_fdset_id, "fdset-id");
|- if (has_fdset_id) {
|+ if (visit_optional(v, &has_fdset_id, "fdset-id")) {
| visit_type_int(v, &fdset_id, "fdset-id", &err);
| if (err) {
| goto out;
| }
| }

Backports commit 29637a6ee913df8fcdf371426ee48956b945b618 from qemu
2018-02-19 22:03:23 -05:00
Eric Blake f3d2380f6d
qapi: Simplify visits of optional fields
None of the visitor callbacks would set an error when testing
if an optional field was present; make this part of the interface
contract by eliminating the errp argument.

The resulting generated code has a nice diff:

|- visit_optional(v, &has_fdset_id, "fdset-id", &err);
|- if (err) {
|- goto out;
|- }
|+ visit_optional(v, &has_fdset_id, "fdset-id");
| if (has_fdset_id) {
| visit_type_int(v, &fdset_id, "fdset-id", &err);
| if (err) {
| goto out;
| }
| }

Backports commit 5cdc8831a795fb8452d7e34f644202fd724e122a from qemu
2018-02-19 22:01:27 -05:00
Eric Blake 65d58b543e
qapi: Fix alternates that accept 'number' but not 'int'
The QMP input visitor allows integral values to be assigned by
promotion to a QTYPE_QFLOAT. However, when parsing an alternate,
we did not take this into account, such that an alternate that
accepts 'number' and some other type, but not 'int', would reject
integral values.

With this patch, we now have the following desirable table:

alternate has case selected for
'int' 'number' QTYPE_QINT QTYPE_QFLOAT
no no error error
no yes 'number' 'number'
yes no 'int' error
yes yes 'int' 'number'

While it is unlikely that we will ever use 'number' in an
alternate other than in the testsuite, it never hurts to be
more precise in what we allow.

Backports commit d00341af384665d259af475b14c96bb8414df415 from qemu
2018-02-19 21:58:10 -05:00
Lioncash a6b494dcae
qapi: Inline _make_implicit_tag()
Now that alternates no longer use an implicit tag, we can
inline _make_implicit_tag() into its one caller,
_def_union_type().

No change to generated code.

Backports commit 9d3f3494c5b941774e2c3e7639332d53bbe6f8be from qemu
2018-02-19 21:54:43 -05:00
Eric Blake ff1c8774ff
qapi-types: Drop unnedeed ._fwdefn
Previously, the generated code in qapi-types.c initialized all
enum lookup tables first, prior to any other definitions. But
there are no topological sorting requirements that mandate this
layout, so we can drop the QAPISchemaGenTypeVisitor._fwdefn
field and just generate all definitions in visitation order.

The generated code shows some churn due to reordering, but it
is still fairly straightforward to follow (all the deletions
occur in one hunk, and all the deleted lines are re-inserted
in the same order later in the same files, just spread across
multiple insertion points).

Backports commit 0b2e84ba774651656771ed697dee8825759dffa9 from qemu
2018-02-19 21:53:45 -05:00
Eric Blake 2ee6c960ee
qapi: Simplify visiting of alternate types
Previously, working with alternates required two lookup arrays
and some indirection: for type Foo, we created Foo_qtypes[]
which maps each qtype to a value of the generated FooKind enum,
then look up that value in FooKind_lookup[] like we do for other
union types.

This has a couple of subtle bugs. First, the generator was
creating a call with a parameter '(int *) &(*obj)->type' where
type is an enum type; this is unsafe if the compiler chooses
to store the enum type in a different size than int, where
assigning through the wrong size pointer can corrupt data or
cause a SIGBUS.

Related bug, not not fixed in this patch: qapi-visit.py's
gen_visit_enum() generates a cast of its enum * argument to
int *. Marked FIXME.

Second, since the values of the FooKind enum start at zero, all
entries of the Foo_qtypes[] array that were not explicitly
initialized will map to the same branch of the union as the
first member of the alternate, rather than triggering a desired
failure in visit_get_next_type(). Fortunately, the bug seldom
bites; the very next thing the input visitor does is try to
parse the incoming JSON with the wrong parser, which normally
fails; the output visitor is not used with a C struct in that
state, and the dealloc visitor has nothing to clean up (so
there is no leak).

However, the second bug IS observable in one case: parsing an
integer causes unusual behavior in an alternate that contains
at least a 'number' member but no 'int' member, because the
'number' parser accepts QTYPE_QINT in addition to the expected
QTYPE_QFLOAT (that is, since 'int' is not a member, the type
QTYPE_QINT accidentally maps to FooKind 0; if this enum value
is the 'number' branch the integer parses successfully, but if
the 'number' branch is not first, some other branch tries to
parse the integer and rejects it). A later patch will worry
about fixing alternates to always parse all inputs that a
non-alternate 'number' would accept, for now this is still
marked FIXME in the updated test-qmp-input-visitor.c, to
merely point out that new undesired behavior of 'ans' matches
the existing undesired behavior of 'asn'.

This patch fixes the default-initialization bug by deleting the
indirection, and modifying get_next_type() to directly assign a
QTypeCode parameter. This in turn fixes the type-casting bug,
as we are no longer casting a pointer to enum to a questionable
size. There is no longer a need to generate an implicit FooKind
enum associated with the alternate type (since the QMP wire
format never uses the stringized counterparts of the C union
member names). Since the updated visit_get_next_type() does not
know which qtypes are expected, the generated visitor is
modified to generate an error statement if an unexpected type is
encountered.

Callers now have to know the QTYPE_* mapping when looking at the
discriminator; but so far, only the testsuite was even using the
C struct of an alternate types. I considered the possibility of
keeping the internal enum FooKind, but initialized differently
than most generated arrays, as in:
typedef enum FooKind {
FOO_KIND_A = QTYPE_QDICT,
FOO_KIND_B = QTYPE_QINT,
} FooKind;
to create nicer aliases for knowing when to use foo->a or foo->b
when inspecting foo->type; but it turned out to add too much
complexity, especially without a client.

There is a user-visible side effect to this change, but I
consider it to be an improvement. Previously,
the invalid QMP command:
{"execute":"blockdev-add", "arguments":{"options":
{"driver":"raw", "id":"a", "file":true}}}
failed with:
{"error": {"class": "GenericError",
"desc": "Invalid parameter type for 'file', expected: QDict"}}
(visit_get_next_type() succeeded, and the error comes from the
visit_type_BlockdevOptions() expecting {}; there is no mention of
the fact that a string would also work). Now it fails with:
{"error": {"class": "GenericError",
"desc": "Invalid parameter type for 'file', expected: BlockdevRef"}}
(the error when the next type doesn't match any expected types for
the overall alternate).

Backports commit 0426d53c6530606bf7641b83f2b755fe61c280ee from qemu
2018-02-19 21:52:39 -05:00
Eric Blake e9666e4455
qapi: Convert QType into QAPI built-in enum type
What's more meta than using qapi to define qapi? :)

Convert QType into a full-fledged[*] builtin qapi enum type, so
that a subsequent patch can then use it as the discriminator
type of qapi alternate types. Fortunately, the judicious use of
'prefix' in the qapi definition avoids churn to the spelling of
the enum constants.

To avoid circular definitions, we have to flip the order of
inclusion between "qobject.h" vs. "qapi-types.h". Back in commit
28770e0, we had the latter include the former, so that we could
use 'QObject *' for our implementation of 'any'. But that usage
also works with only a forward declaration, whereas the
definition of QObject requires QType to be a complete type.

[*] The type has to be builtin, rather than declared in
qapi/common.json, because we want to use it for alternates even
when common.json is not included. But since it is the first
builtin enum type, we have to add special cases to qapi-types
and qapi-visit to only emit definitions once, even when two
qapi files are being compiled into the same binary (the way we
already handled builtin list types like 'intList'). We may
need to revisit how multiple qapi files share common types,
but that's a project for another day.

Backports commit 7264f5c50cc1be0f1406e3ebb45aedcca02f603a from qemu
2018-02-19 21:47:05 -05:00
Eric Blake 805c803298
qobject: Rename qtype_code to QType
The name QType matches our CODING_STYLE conventions for type names
in CamelCase. It also matches the fact that we are already naming
all the enum members with a prefix of QTYPE, not QTYPE_CODE. And
doing the rename will also make it easier for the next patch to use
QAPI for providing the enum, which also wants CamelCase type names.

Backports commit 1310a3d3bd9301ff5a825287638cfab24c2c6689 from qemu
2018-02-19 21:41:52 -05:00
Eric Blake cc1d62568e
qobject: Simplify QObject
The QObject hierarchy is small enough, and unlikely to grow further
(since we only use it to map to JSON and already cover all JSON
types), that we can simplify things by not tracking a separate
vtable, but just inline the code element of the vtable QType
directly into QObject (renamed to type), and track a separate array
of destroy functions. We can drop qnull_destroy_obj() in the
process.

The remaining QObject subclasses must export their destructor.

This also has the nice benefit of moving the typename 'QType'
out of the way, so that the next patch can repurpose it for a
nicer name for 'qtype_code'.

The various objects are still the same size (so no change in cache
line pressure), but now have less indirection (although I didn't
bother benchmarking to see if there is a noticeable speedup, as
we don't have hard evidence that this was in a performance hotspot
in the first place).

A future patch could drop the refcnt size to 32 bits for a smaller
struct on 64-bit architectures, if desired (we have limits on the
largest JSON that we are willing to parse, and will probably never
need to take full advantage of a 64-bit refcnt).

Backports commit 55e1819c509b3d9c10a54678b9c585bbda13889e from qemu
2018-02-19 21:37:48 -05:00
Markus Armbruster 105a6be9b0
qobject: Add a special null QObject
I'm going to fix the JSON parser to recognize null. The obvious
representation of JSON null as (QObject *)NULL doesn't work, because
the parser already uses it as an error value. Perhaps we should
change it to free NULL for null, but that's more than I can do right
now. Create a special null QObject instead.

The existing QDict, QList, and QString all represent something that
is a pointer in C and could therefore be associated with NULL. But
right now, all three of these sub-types are always non-null once
created, so the new null sentinel object is intentionally unrelated
to them.

Backports commit 481b002cc81ed7fc7b06e32e9d4d495d81739d14 from qemu
2018-02-19 21:25:58 -05:00
Eric Blake 0ae71ac202
qapi: Change munging of CamelCase enum values
When munging enum values, the fact that we were passing the entire
prefix + value through camel_to_upper() meant that enum values
spelled with CamelCase could be turned into CAMEL_CASE. However,
this provides a potential collision (both OneTwo and One-Two would
munge into ONE_TWO) for enum types, when the same two names are
valid side-by-side as QAPI member names. By changing the generation
of enum constants to always be prefix + '_' + c_name(value,
False).upper(), and ensuring that there are no case collisions (in
the next patches), we no longer have to worry about names that
would be distinct as QAPI members but collide as variant tag names,
without having to think about what munging the heuristics in
camel_to_upper() will actually perform on an enum value.

Making the change will affect enums that did not follow coding
conventions, using 'CamelCase' rather than desired 'lower-case'.

Thankfully, there are only two culprits: InputButton and ErrorClass.
We already tweaked ErrorClass to make it an alias of QapiErrorClass,
where only the alias needs changing rather than the whole tree. So
the bulk of this change is modifying INPUT_BUTTON_WHEEL_UP to the
new INPUT_BUTTON_WHEELUP (and likewise for WHEELDOWN). That part
of this commit may later need reverting if we rename the enum
constants from 'WheelUp' to 'wheel-up' as part of moving
x-input-send-event to a stable interface; but at least we have
documentation bread crumbs in place to remind us (commit 513e7cd),
and it matches the fact that SDL constants are also spelled
SDL_BUTTON_WHEELUP.

Backports commit d20a580bc0eac9d489884f6d2ed28105880532b6 from qemu
2018-02-19 20:40:15 -05:00
Eric Blake 1bda2b186b
qapi: Add alias for ErrorClass
The qapi enum ErrorClass is unusual that it uses 'CamelCase' names,
contrary to our documented convention of preferring 'lower-case'.
However, this enum is entrenched in the API; we cannot change
what strings QMP outputs. Meanwhile, we want to simplify how
c_enum_const() is used to generate enum constants, by moving away
from the heuristics of camel_to_upper() to a more straightforward
c_name(N).upper() - but doing so will rename all of the ErrorClass
constants and cause churn to all client files, where the new names
are aesthetically less pleasing (ERROR_CLASS_DEVICENOTFOUND looks
like we can't make up our minds on whether to break between words).

So as always in computer science, solve the problem by some more
indirection: rename the qapi type to QapiErrorClass, and add a
new enum ErrorClass in error.h whose members are aliases of the
qapi type, but with the spelling expected elsewhere in the tree.
Then, when c_enum_const() changes the munging, we only have to
adjust the one alias spot.

Backports commit f22a28b898322c01b0463a8b7ec551d72bc61a5b from qemu
2018-02-19 20:38:51 -05:00
Eric Blake 9a2b48ebc3
qapi: Remove obsolete tests for MAX collision
Now that we no longer collide with an implicit _MAX enum member,
we no longer need to reject it in the ad hoc parser, and can
remove several tests that are no longer needed.

Backports commit 04e0639d4e77b6d55491d396c8aa13929ee8ed9a from qemu
2018-02-19 20:36:35 -05:00
Eric Blake 9ca55f4ba5
qapi: Don't let implicit enum MAX member collide
Now that we guarantee the user doesn't have any enum values
beginning with a single underscore, we can use that for our
own purposes. Renaming ENUM_MAX to ENUM__MAX makes it obvious
that the sentinel is generated.

This patch was mostly generated by applying a temporary patch:

|diff --git a/scripts/qapi.py b/scripts/qapi.py
|index e6d014b..b862ec9 100644
|--- a/scripts/qapi.py
|+++ b/scripts/qapi.py
|@@ -1570,6 +1570,7 @@ const char *const %(c_name)s_lookup[] = {
| max_index = c_enum_const(name, 'MAX', prefix)
| ret += mcgen('''
| [%(max_index)s] = NULL,
|+// %(max_index)s
| };
| ''',
| max_index=max_index)

then running:

$ cat qapi-{types,event}.c tests/test-qapi-types.c |
sed -n 's,^// \(.*\)MAX,s|\1MAX|\1_MAX|g,p' > list
$ git grep -l _MAX | xargs sed -i -f list

The only things not generated are the changes in scripts/qapi.py.

Rejecting enum members named 'MAX' is now useless, and will be dropped
in the next patch.

Backports commit 7fb1cf1606c78c9d5b538f29176fd5a101726a9d from qemu
2018-02-19 20:34:53 -05:00
Eric Blake 00e596aad2
qapi: Tighten the regex on valid names
We already documented that qapi names should match specific
patterns (such as starting with a letter unless it was an enum
value or a downstream extension). Tighten that from a suggestion
into a hard requirement, which frees up names beginning with a
single underscore for qapi internal usage.

The tighter regex doesn't forbid everything insane that a user
could provide (for example, a user could name a type 'Foo-lookup'
to collide with the generated 'Foo_lookup[]' for an enum 'Foo'),
but does a good job at protecting the most obvious uses, and
also happens to reserve single leading underscore for later use.

The handling of enum values starting with a digit is tricky:
commit 9fb081e introduced a subtle bug by using c_name() on
a munged value, which would allow an enum to include the
member 'q-int' in spite of our reservation. Furthermore,
munging with a leading '_' would fail our tighter regex. So
fix it by only munging for leading digits (which are never
ticklish in c_name()) and by using a different prefix (I
picked 'D', although any letter should do).

Add new tests, reserved-member-underscore and reserved-enum-q,
to demonstrate the tighter checking.

Backports commit 59a92feedc6927e0e1ff87fdaccfb4dd42ad4c84 from qemu
2018-02-19 20:33:18 -05:00
Eric Blake a5cbe099d7
qapi: Remove dead visitor code
Commit cbc95538 removed unused start_handle() and end_handle(),
but forgot to remove their declarations.

Backports commit 7549457200ec3871ee827765f4d3bbc8d903b2ec from qemu
2018-02-19 20:32:00 -05:00
Eric Blake bacaf613b1
qapi: Fix c_name() munging
The method c_name() is supposed to do two different actions: munge
'-' into '_', and add a 'q_' prefix to ticklish names. But it did
these steps out of order, making it possible to submit input that
is not ticklish until after munging, where the output then lacked
the desired prefix.

The failure is exposed easily if you have a compiler that recognizes
C11 keywords, and try to name a member '_Thread-local', as it would
result in trying to compile the declaration 'uint64_t _Thread_local;'
which is not valid. However, this name violates our conventions
(ultimately, want to enforce that no qapi names start with single
underscore), so the test is slightly weaker by instead testing
'wchar-t'; the declaration 'uint64_t wchar_t;' is valid in C (where
wchar_t is only a typedef) but would fail with a C++ compiler (where
it is a keyword).

Fix things by reversing the order of actions within c_name().

Backports commit c43567c12042cf401b039bfc94a5f85e1cc1e796 from qemu
2018-02-19 20:31:08 -05:00
Eric Blake bc1e31663e
qapi: Detect collisions in C member names
Detect attempts to declare two object members that would result
in the same C member name, by keying the 'seen' dictionary off
of the C name rather than the qapi name. It also requires passing
info through the check_clash() methods.

This addresses a TODO and fixes the previously-broken
args-name-clash test. The resulting error message demonstrates
the utility of the .describe() method added previously. No change
to generated code.

Backports commit 27b60ab93bd1d5d8c85f009aac7a97ffd2c53c86 from qemu
2018-02-19 20:30:20 -05:00
Eric Blake e9647be986
qapi: Track owner of each object member
Future commits will migrate semantic checking away from parsing
and over to the various QAPISchema*.check() methods. But to
report an error message about an incorrect semantic use of a
member of an object type, it helps to know which type, command,
or event owns the member. In particular, when a member is
inherited from a base type, it is desirable to associate the
member name with the base type (and not the type calling
member.check()).

Rather than packing additional information into the seen array
passed to each member.check() (as in seen[m.name] = {'member':m,
'owner':type}), it is easier to have each member track the name
of the owner type in the first place (keeping things simpler
with the existing seen[m.name] = m). The new member.owner field
is set via a new set_owner() method, called when registering
the members and variants arrays with an object or variant type.
Track only a name, and not the actual type object, to avoid
creating a circular python reference chain.

Note that Variants.set_owner() method does not set the owner
for the tag_member field; this field is set earlier either as
part of an object's non-variant members, or explicitly by
alternates.

The source information is intended for human consumption in
error messages, and a new describe() method is added to access
the resulting information. For example, given the qapi:
{ 'command': 'foo', 'data': { 'string': 'str' } }
an implementation of visit_command() that calls
arg_type.members[0].describe()
will see "'string' (parameter of foo)".

To make the human-readable name of implicit types work without
duplicating efforts, the describe() method has to reverse the
name of implicit types, via the helper _pretty_owner().

No change to generated code.

Backports commit 88d4ef8b5cbf9d3336564b1d3ac7a91cbe4aee0e from qemu
2018-02-19 20:28:25 -05:00
Eric Blake 2f45c9ff99
qapi: Hoist tag collision check to Variants.check()
Checking that a given QAPISchemaObjectTypeVariant.name is a
member of the corresponding QAPISchemaEnumType of the owning
QAPISchemaObjectTypeVariants.tag_member ensures that there are
no collisions in the generated C union for those tag values
(since the enum itself should have no collisions).

However, ever since its introduction in f51d8c3d, this was the
only additional action of of Variant.check(), beyond calling
the superclass Member.check(). This forces a difference in
.check() signatures, just to pass the enum type down.

Simplify things by instead doing the tag name check as part of
Variants.check(), at which point we can rely on inheritance
instead of overriding Variant.check().

Backports commit 10565ca92a8d3f8a34559329acfbdb25a791b594 from qemu
2018-02-19 20:25:34 -05:00
Eric Blake 51b4313b34
qapi: Factor out QAPISchemaObjectType.check_clash()
Consolidate two common sequences of clash detection into a
new QAPISchemaObjectType.check_clash() helper method.

No change to generated code.

Backports commit c2183d2e62b6d9d66f80bc0bcf4fc7ec3c5d76d4 from qemu
2018-02-19 20:23:36 -05:00
Eric Blake e1f3c46a16
qapi: Check for QAPI collisions involving variant members
Right now, our ad hoc parser ensures that we cannot have a
flat union that introduces any members that would clash with
non-variant members inherited from the union's base type (see
flat-union-clash-member.json). We want QAPISchemaObjectType.check()
to make the same check, so we can later reduce some of the ad
hoc checks.

We already have a map 'seen' of all non-variant members. We
still need to check for collisions between each variant type's
members and the non-variant ones.

To know the variant type's members, we need to call
variant.type.check(). This also detects when a type contains
itself in a variant, exactly like the existing base.check()
detects when a type contains itself as a base. (Except that
we currently forbid anything but a struct as the type of a
variant, so we can't actually trigger this type of loop yet.)

Slight complication: an alternate's variant can have arbitrary
type, but only an object type's check() may be called outside
QAPISchema.check(). We could either skip the call for variants
of alternates, or skip it for non-object types. For now, do
the latter, because it's easier.

Then we call each variant member's check_clash() with the
appropriate 'seen' map. Since members of different variants
can't clash, we have to clone a fresh seen for each variant.
Wrap this in a new helper method
QAPISchemaObjectTypeVariants.check_clash().

Note that cloning 'seen' inside .check_clash() resembles
the one we just removed from .check() in 'qapi: Drop
obsolete tag value collision assertions'; the difference here is
that we are now checking for clashes among the qapi members of
the variant type, rather than for a single clash with the variant
tag name itself.

Note that, by construction, collisions can't actually happen for
simple unions: each variant's type is a wrapper with a single
member 'data', which will never collide with the only non-variant
member 'type'.

For alternates, there's nothing for a variant object type's
members to clash with, and therefore no need to call the new
variants.check_clash().

No change to generated code.

Backports commit b807a1e1e3796adaf3ece2f7b69ea5ee28468ff4 from qemu
2018-02-19 20:20:08 -05:00
Markus Armbruster fda436e0b2
qapi: Simplify QAPISchemaObjectTypeVariants.check()
Reduce the ugly flat union / simple union conditional by doing just
the essential work here, namely setting self.tag_member.
Move the rest to callers.

Backports commit 14ff84619c6bb9b729dbf8b127c1e4c56ed8c500 from qemu
2018-02-19 20:18:59 -05:00
Markus Armbruster 62f41569be
qapi: Factor out QAPISchemaObjectTypeMember.check_clash()
While there, stick in a TODO change key of seen from QAPI name to C
name. Can't do it right away, because it would fail the assertion for
tests/qapi-schema/args-has-clash.json.

Backports commit 577de12d22aba55f31fd68c5724411eb8592a4ca from qemu
2018-02-19 20:17:39 -05:00
Markus Armbruster 8b6a605685
qapi: Eliminate QAPISchemaObjectType.check() variable members
We can use seen.values() instead if we make it an OrderedDict.

Backports commit 23a4b2c6f19297cd067455c852b4874879594c13 from qemu
2018-02-19 20:15:45 -05:00
Markus Armbruster a0d6b16297
qapi: Fix up commit 7618b91's clash sanity checking change
This hunk

@@ -964,6 +965,7 @@ class QAPISchemaObjectType(QAPISchemaType):
members = []
seen = {}
for m in members:
+ assert c_name(m.name) not in seen
seen[m.name] = m
for m in self.local_members:
m.check(schema, members, seen)

is plainly broken.

Asserting the members inherited from base don't clash is somewhat
redundant, because self.base.check() just checked that. But it
doesn't hurt.

The idea to use c_name(m.name) instead of m.name for collision
checking is sound, because we need to catch clashes between the m.name
and between the c_name(m.name), and when two m.name clash, then their
c_name() also clash.

However, using c_name(m.name) instead of m.name in one of several
places doesn't work. See the very next line.

Keep the assertion, but drop the c_name() for now. A future commit
will bring it back.

Backports commit 08683353fc46b5d462199c9e8cff6f6c67f20f65 from qemu
2018-02-19 20:14:22 -05:00
Markus Armbruster f311d9c2d8
qapi: Clean up after previous commit
QAPISchemaObjectTypeVariants.check() parameter members and
QAPISchemaObjectTypeVariant.check() parameter seen are no longer used,
drop them.

Backports commit cdc5fa37eda2896d2b08f9215c963256eb859d3b from qemu
2018-02-19 20:13:58 -05:00
Markus Armbruster f246800df6
qapi: Simplify QAPISchemaObjectTypeMember.check()
QAPISchemaObjectTypeMember.check() currently does four things:

1. Compute self.type

2. Accumulate members in all_members

Only one caller cares: QAPISchemaObjectType.check() uses it to
compute self.members. The other callers pass a throw-away
accumulator.

3. Accumulate a map from names to members in seen

Only one caller cares: QAPISchemaObjectType.check() uses it to
compute its local variable seen, for self.variants.check(), which
uses it to compute self.variants.tag_member from
self.variants.tag_name. The other callers pass a throw-away
accumulator.

4. Check for collisions

This piggybacks on 3: before adding a new entry, we assert it's new.

Only one caller cares: QAPISchemaObjectType.check() uses it to
assert non-variant members don't clash.

Simplify QAPISchemaObjectType.check(): move 2.-4. to
QAPISchemaObjectType.check(), and drop parameters all_members and
seen.

Backports commit e564e2dd5963a75f32bbb90ac8181ba9dca2f1aa from qemu
2018-02-19 20:11:49 -05:00
Markus Armbruster 85ef080183
qapi: Drop obsolete tag value collision assertions
Union tag values can't clash with member names in generated C anymore
since commit e4ba22b, but QAPISchemaObjectTypeVariants.check() still
asserts they don't. Drop it.

Backports commit fff5f231d5f96e8521761efcd35a12479594059a from qemu
2018-02-19 20:07:52 -05:00
Eric Blake 5899d98959
qapi-types: Simplify gen_struct_field[s]
Simplify gen_struct_fields() back to a single iteration over a
list of fields (like it was prior to commit f87ab7f9), by moving
the generated comments to gen_object(). Then, inline
gen_struct_field() into its only caller.

Backports commit 7d9586f900a9043025866f84c096b1842b0bbbf6 from qemu
2018-02-19 20:06:38 -05:00
Eric Blake f637efea10
qapi-types: Consolidate gen_struct() and gen_union()
These two methods are now close enough that we can finally merge
them, relying on the fact that simple unions now provide a
reasonable local_members. Change gen_struct() to gen_object()
that handles all forms of QAPISchemaObjectType, and rename and
shrink gen_union() to gen_variants() to handle the portion of
gen_object() needed when variants are present.

gen_struct_fields() now has a single caller, so it no longer
needs an optional parameter; however, I did not choose to inline
it into the caller.

No difference to generated code.

Backports commit 570cd8d1194cf68f7c9948971e52e47f20855a77 from qemu
2018-02-19 20:04:26 -05:00
Eric Blake b7886e2d59
qapi: Track simple union tag in object.local_members
We were previously creating all unions with an empty list for
local_members. However, it will make it easier to unify struct
and union generation if we include the generated tag member in
local_members. That way, we can have a common code pattern:
visit the base (if any), visit the local members (if any), visit
the variants (if any). The local_members of a flat union
remains empty (because the discriminator is already visited as
part of the base). Then, by visiting tag_member.check() during
AlternateType.check(), we no longer need to call it during
Variants.check().

The various front end entities now exist as follows:
struct: optional base, optional local_members, no variants
simple union: no base, one-element local_members, variants with tag_member
from local_members
flat union: base, no local_members, variants with tag_member from base
alternate: no base, no local_members, variants

With the new local members, we require a bit of finesse to
avoid assertions in the clients.

No change to generated code.

Backports commit da34a9bd999d1be13954c699bbae0295cdaa3200 from qemu
2018-02-19 20:02:03 -05:00
Eric Blake ccb16c42a3
qapi: Test failure in middle of array parse
Our generated list visitors have the same problem as has been
mentioned elsewhere (see commit 2f52e20): they allocate data
even on failure. An upcoming patch will correct things to
provide saner guarantees, but first we need to expose the
behavior in the testsuite to ensure we aren't introducing any
memory usage bugs.

There are more test cases throughout the test-qmp-input-* tests
that already deal with partial allocation; a later commit will
clean up all visit_type_FOO(), without marking all of the tests
with FIXME at this time.

Backports commit dd5ee2c2d3e3a17647ddd9bfa97935b8cb5dfa40 from qemu
2018-02-19 19:31:50 -05:00
Eric Blake 0cb457056d
qapi: Simplify gen_struct_field()
Rather than having all callers pass a name, type, and optional
flag, have them instead pass a QAPISchemaObjectTypeMember which
already has all that information.

No change to generated code.

Backports commit 32bc6879beea0b0cac6196cb15a71d206401e96d from qemu
2018-02-19 19:30:26 -05:00
Eric Blake 61ad7b3824
qapi: Reserve 'u' member name
Now that we have separated union tag values from colliding with
non-variant C names, by naming the union 'u', we should reserve
this name for our use. Note that we want to forbid 'u' even in
a struct with no variants, because it is possible for a future
qemu release to extend QMP in a backwards-compatible manner while
converting from a struct to a flat union. Fortunately, no
existing clients were using this member name. If we ever find
the need for QMP to have a member 'u', we could at that time
relax things, perhaps by having c_name() munge the QMP member to
'q_u'.

Note that we cannot forbid 'u' everywhere (by adding the
rejection code to check_name()), because the existing QKeyCode
enum already uses it; therefore we only reserve it as a struct
type member name.

Backports commit 5e59baf90a72cd25d38a3134edc029f4f022da74 from qemu
2018-02-19 19:28:47 -05:00
Eric Blake a75c85afa0
qapi: Finish converting to new qapi union layout
We have two issues with our qapi union layout:
1) Even though the QMP wire format spells the tag 'type', the
C code spells it 'kind', requiring some hacks in the generator.
2) The C struct uses an anonymous union, which places all tag
values in the same namespace as all non-variant members. This
leads to spurious collisions if a tag value matches a non-variant
member's name.

This patch is the back end for a series that converts to a
saner qapi union layout. Now that all clients have been
converted to use 'type' and 'obj->u.value', we can drop the
temporary parallel support for 'kind' and 'obj->value'.

Given a simple union qapi type:

{ 'union':'Foo', 'data': { 'a':'int', 'b':'bool' } }

this is the overall effect, when compared to the state before
this series of patches:

| struct Foo {
|- FooKind kind;
|- union { /* union tag is @kind */
|+ FooKind type;
|+ union { /* union tag is @type */
| void *data;
| int64_t a;
| bool b;
|- };
|+ } u;
| };

The testsuite still contains some examples of artificial restrictions
(see flat-union-clash-type.json, for example) that are no longer
technically necessary, now that there is no longer a collision between
enum tag values and non-variant member names; but fixing this will be
done in later patches, in part because some further changes are required
to keep QAPISchema*.check() from asserting. Also, a later patch will
add a reservation for the member name 'u' to avoid a collision between a
user's non-variant names and our internal choice of C union name.

Note, however, that we do not rename the generated enum, which
is still 'FooKind'. A further patch could generate implicit
enums as 'FooType', but while the generator already reserved
the '*Kind' namespace (commit 4dc2e69), there are already QMP
constructs with '*Type' naming, which means changing our
reservation namespace would have lots of churn to C code to
deal with a forced name change.

Backports commit e4ba22b31943ab02373359555bd7bcd66442632f from qemu
2018-02-19 19:27:54 -05:00
Eric Blake a75ad0555f
qapi-visit: Convert to new qapi union layout
We have two issues with our qapi union layout:
1) Even though the QMP wire format spells the tag 'type', the
C code spells it 'kind', requiring some hacks in the generator.
2) The C struct uses an anonymous union, which places all tag
values in the same namespace as all non-variant members. This
leads to spurious collisions if a tag value matches a non-variant
member's name.

Make the conversion to the new layout for qapi-visit.py.

Generated code changes look like:

|@@ -4912,16 +4912,16 @@ void visit_type_MemoryDeviceInfo(Visitor
| if (!*obj) {
| goto out_obj;
| }
|- visit_type_MemoryDeviceInfoKind(v, &(*obj)->kind, "type", &err);
|+ visit_type_MemoryDeviceInfoKind(v, &(*obj)->type, "type", &err);
| if (err) {
| goto out_obj;
| }
|- if (!visit_start_union(v, !!(*obj)->data, &err) || err) {
|+ if (!visit_start_union(v, !!(*obj)->u.data, &err) || err) {
| goto out_obj;
| }
|- switch ((*obj)->kind) {
|+ switch ((*obj)->type) {
| case MEMORY_DEVICE_INFO_KIND_DIMM:
|- visit_type_PCDIMMDeviceInfo(v, &(*obj)->dimm, "data", &err);
|+ visit_type_PCDIMMDeviceInfo(v, &(*obj)->u.dimm, "data", &err);
| break;
| default:
| abort();
|@@ -4930,7 +4930,7 @@ out_obj:
| error_propagate(errp, err);
| err = NULL;
| if (*obj) {
|- visit_end_union(v, !!(*obj)->data, &err);
|+ visit_end_union(v, !!(*obj)->u.data, &err);
| }
| error_propagate(errp, err);
| err = NULL;

Backports commit 150d0564a4c626642897c748f7906260a13c14e1 from qemu
2018-02-19 19:25:20 -05:00
Eric Blake 75f1b8632e
qapi: Start converting to new qapi union layout
We have two issues with our qapi union layout:
1) Even though the QMP wire format spells the tag 'type', the
C code spells it 'kind', requiring some hacks in the generator.
2) The C struct uses an anonymous union, which places all tag
values in the same namespace as all non-variant members. This
leads to spurious collisions if a tag value matches a non-variant
member's name.

This patch is the front end for a series that converts to a
saner qapi union layout. By the end of the series, we will no
longer have the type/kind mismatch, and all tag values will be
under a named union, which requires clients to access
'obj->u.value' instead of 'obj->value'. But since the
conversion touches a number of files, it is easiest if we
temporarily support BOTH layouts simultaneously.

Given a simple union qapi type:

{ 'union':'Foo', 'data': { 'a':'int', 'b':'bool' } }

make the following changes in generated qapi-types.h:

| struct Foo {
|- FooKind kind;
|- union { /* union tag is @kind */
|+ union {
|+ FooKind kind;
|+ FooKind type;
|+ };
|+ union { /* union tag is @type */
| void *data;
| int64_t a;
| bool b;
|+ union { /* union tag is @type */
|+ void *data;
|+ int64_t a;
|+ bool b;
|+ } u;
| };
| };

Flat unions do not need the anonymous union for the tag member,
as we already fixed that to use the member name instead of 'kind'
back in commit 0f61af3e.

One additional change is needed in qapi.py: check_union() now
needs to check for collisions with 'type' in addition to those
with 'kind'.

Later, when the conversions are complete, we will remove the
duplication hacks, and also drop the check_union() restrictions.

Note, however, that we do not rename the generated enum, which
is still 'FooKind'. A further patch could generate implicit
enums as 'FooType', but while the generator already reserved
the '*Kind' namespace (commit 4dc2e69), there are already QMP
constructs with '*Type' naming, which means changing our
reservation namespace would have lots of churn to C code to
deal with a forced name change.

Backports commit f51d8fab44b231aa299d8de24cfdf9ba41ef4a21 from qemu
2018-02-19 19:21:41 -05:00
Eric Blake 7be2bc687d
qapi-visit: Remove redundant functions for flat union base
The code for visiting the base class of a child struct created
visit_type_Base_fields() which covers all fields of Base; while
the code for visiting the base class of a flat union created
visit_type_Union_fields() covering all fields of the base
except the discriminator. But since the base class includes
the discriminator of a flat union, we can just visit the entire
base, without needing a separate visit of the discriminator.
Not only is consistently visiting all fields easier to
understand, it lets us share code.

The generated code in qapi-visit.c loses several now-unused
visit_type_UNION_fields(), along with changes like:

|@@ -1654,11 +1557,7 @@ void visit_type_BlockdevOptions(Visitor
| if (!*obj) {
| goto out_obj;
| }
|- visit_type_BlockdevOptions_fields(v, obj, &err);
|- if (err) {
|- goto out_obj;
|- }
|- visit_type_BlockdevDriver(v, &(*obj)->driver, "driver", &err);
|+ visit_type_BlockdevOptionsBase_fields(v, (BlockdevOptionsBase **)obj, &err);
| if (err) {
| goto out_obj;
| }

and forward declarations where needed. Note that the cast of obj
to BASE ** is necessary to call visit_type_BASE_fields() (and we
can't use our upcast wrappers, because those work on pointers while
we have a pointer-to-pointer).

Backports commit 5c5e51a05b567fd48fb155d94ca6f7679dd0d478 from qemu
2018-02-19 19:18:53 -05:00
Eric Blake 6a9cbbeaed
qapi: Unbox base members
Rather than storing a base class as a pointer to a box, just
store the fields of that base class in the same order, so that
a child struct can be directly cast to its parent. This gives
less malloc overhead, less pointer dereferencing, and even less
generated code. Compare to the earlier commit 1e6c1616a "qapi:
Generate a nicer struct for flat unions" (although that patch
had fewer places to change, as less of qemu was directly using
qapi structs for flat unions). It also allows us to turn on
automatic type-safe wrappers for upcasting to the base class
of a struct.

Changes to the generated code look like this in qapi-types.h:

| struct SpiceChannel {
|- SpiceBasicInfo *base;
|+ /* Members inherited from SpiceBasicInfo: */
|+ char *host;
|+ char *port;
|+ NetworkAddressFamily family;
|+ /* Own members: */
| int64_t connection_id;

as well as additional upcast functions like qapi_SpiceChannel_base().
Meanwhile, changes to qapi-visit.c look like:

| static void visit_type_SpiceChannel_fields(Visitor *v, SpiceChannel **obj, Error **errp)
| {
| Error *err = NULL;
|
|- visit_type_implicit_SpiceBasicInfo(v, &(*obj)->base, &err);
|+ visit_type_SpiceBasicInfo_fields(v, (SpiceBasicInfo **)obj, &err);
| if (err) {

(the cast is necessary, since our upcast wrappers only deal with a
single pointer, not pointer-to-pointer); plus the wholesale
elimination of some now-unused visit_type_implicit_FOO() functions.

Without boxing, the corner case of one empty struct having
another empty struct as its base type now requires inserting a
dummy member (previously, the 'Base *base' member sufficed).

And now that we no longer consume a 'base' member in the generated
C struct, we can delete the former negative struct-base-clash-base
test.

Backports commit ddf21908961073199f3d186204da4810f2ea150b from qemu
2018-02-19 19:17:02 -05:00
Eric Blake 97c801d6a1
qapi: Prefer typesafe upcasts to qapi base classes
A previous patch (commit 1e6c1616) made it possible to
directly cast from a qapi flat union type to its base type.
However, it requires the use of a C cast, which turns off
compiler type-safety checks. Fortunately, no such casts
exist, just yet.

Regardless, add inline type-safe wrappers named
qapi_FOO_base() for any union type FOO that has a base,
which can be used for a safer upcast, and enhance the
testsuite to cover the new functionality.

A future patch will extend the upcast support to structs,
where such conversions do exist already.

Note that C makes const-correct upcasts annoying because
it lacks overloads; these functions cast away const so that
they can accept user pointers whether const or not, and the
result in turn can be assigned to normal or const pointers.
Alternatively, this could have been done with macros, but
type-safe macros are hairy, and not worthwhile here.

This patch just adds upcasts. None of our code needed to
downcast from a base qapi class to a child. Also, in the
case of grandchildren (such as BlockdevOptionsQcow2), the
caller will need to call two functions to get to the inner
base (although it wouldn't be too hard to generate a
qapi_FOO_base_base() if desired). If a user changes qapi
to alter the base class hierarchy, such as going from
'A -> C' to 'A -> B -> C', it will change the type of
'qapi_C_base()', and the compiler will point out the places
that are affected by the new base.

One alternative was proposed, but was deemed too ugly to use
in practice: the generators could output redundant
information using anonymous types:
| struct Child {
| union {
| struct {
| Type1 parent_member1;
| Type2 parent_member2;
| };
| Parent base;
| };
| };
With that ugly proposal, for a given qapi type, obj->member
and obj->base.member would refer to the same storage; allowing
convenience in working with members without needing 'base.'
allowing typesafe upcast without needing a C cast by accessing
'&obj->base', and allowing downcasts from the parent back to
the child possible through container_of(obj, Child, base).

Backports commit 30594fe1cd4355626e73b80645428105d0df3cf6 from qemu
2018-02-19 19:14:03 -05:00
Eric Blake ac0ee0286c
qapi-types: Refactor base fields output
Move code from gen_union() into gen_struct_fields() in order for
a later patch to share code when enumerating inherited fields
for struct types.

No change to generated code.

Backports commit f87ab7f9bd956250c48b5c6e9b607b537fd21543 from qemu
2018-02-19 19:13:01 -05:00
Eric Blake 61e59c4c62
qapi-visit: Split off visit_type_FOO_fields forward decl
We generate a static visit_type_FOO_fields() for every type
FOO. However, sometimes we need a forward declaration. Split
the code to generate the forward declaration out of
gen_visit_implicit_struct() into a new gen_visit_fields_decl(),
and also prepare for a forward declaration to be emitted
during gen_visit_struct(), so that a future patch can switch
from using visit_type_FOO_implicit() to the simpler
visit_type_FOO_fields() as part of unboxing the base class
of a struct.

No change to generated code.

Backports commit d02cf37766ba3cf918d7085aa7848c9dc05fd11a from qemu
2018-02-19 19:11:33 -05:00
Eric Blake 1f11f92a80
qapi: Reserve 'q_*' and 'has_*' member names
c_name() produces names starting with 'q_' when protecting a
dictionary member name that would fail to directly compile, but
in doing so can cause clashes with any member name already
beginning with 'q-' or 'q_'. Likewise, we create a C name 'has_'
for any optional member that can clash with any member name
beginning with 'has-' or 'has_'.

Technically, rather than blindly reserving the namespace,
we could try to complain about user names only when an actual
collision occurs, or even teach c_name() how to munge names
to avoid collisions. But it is not trivial, especially when
collisions can occur across multiple types (such as via
inheritance or flat unions). Besides, no existing .json
files are trying to use these names. So it's easier to just
outright forbid the potential for collision. We can always
relax things in the future if a real need arises for QMP to
express member names that have been forbidden here.

'has_' only has to be reserved for struct/union member names,
while 'q_' is reserved everywhere (matching the fact that
only members can be optional, while we use c_name() for munging
both members and entities). Note that we could relax 'q_'
restrictions on entities independently from member names; for
example, c_name('qmp_' + 'unix') would result in a different
function name than our current 'qmp_' + c_name('unix').

Update and add tests to cover the new error messages.

Backports commit 9fb081e0b98409556d023c7193eeb68947cd1211 from qemu
2018-02-19 19:09:17 -05:00
Eric Blake b9f93dd0e8
qapi: Reserve '*List' type names for list types
Type names ending in 'List' can clash with qapi list types in
generated C. We don't currently use such names. It is easier to
outlaw them now than to worry about how to resolve such a clash
in the future. For precedence, see commit 4dc2e69, which did the
same for names ending in 'Kind' versus implicit enum types for
qapi unions.

Update the testsuite to match.

Backports commit 255960dd374d4497d6ea537305f1b0d8a3433789 from qemu
2018-02-19 19:08:12 -05:00
Eric Blake 017baefb66
qapi: More robust conditions for when labels are needed
We were using regular expressions to see if ret included
any earlier text that emitted a 'goto out;' line, to decide
whether we needed to output an 'out:' label. But this is
fragile, if the ret text can possibly combine more than one
generated function body, where the first function used a
goto but the second does not. Change the code to just check
for the known conditions which cause an error check to be
needed. Besides, it's slightly more efficient to use plain
checks than regular expression searching.

No change to generated code.

Backports commit f9e6102b48f21e464a847a858a456c521e7a83e5 from qemu
2018-02-19 19:07:03 -05:00
Eric Blake 7a4feccf64
qapi: More idiomatic string operations
Rather than slicing the end of a string, we can use python's
endswith(). And rather than creating a set of characters,
we can search for a character within a string.

Backports commit 8712fa5333ad348da20034b717dd814219d1ec11 from qemu
2018-02-19 19:06:20 -05:00
Eric Blake 5e62ed79f9
qapi: Track location that created an implicit type
A future patch will move some error checking from the parser
to the various QAPISchema*.check() methods, which run only
after parsing completes. It will thus be possible to create
a python instance representing an implicit QAPI type that
parses fine but will fail validation during check(). Since
all errors have to have an associated 'info' location, we
need a location to be associated with those implicit types.
The intuitive info to use is the location of the enclosing
entity that caused the creation of the implicit type.

Note that we do not anticipate builtin types being used in
an error message (as they are not part of the user's QAPI
input, the user can't cause a semantic error in their
behavior), so we exempt those types from requiring info, by
setting a flag to track the completion of _def_predefineds(),
and tracking that flag in _def_entity().

No change to the generated code.

Backports commit 99df5289d8c7ebf373c3570d8fba3f3a73360281 from qemu
2018-02-19 19:04:41 -05:00
Eric Blake 738fd1e5ad
qapi: Create simple union type member earlier
For simple unions, we were creating the implicit 'type' tag
member during the QAPISchemaObjectTypeVariants constructor.
This is different from every other implicit QAPISchemaEntity
object, which get created by QAPISchema methods. Hoist the
creation to the caller (renaming _make_tag_enum() to
_make_implicit_tag()), and pass the entity rather than the
string name, so that we have the nice property that no
entities are created as a side effect within a different
entity. A later patch will then have an easier time of
associating location info with each entity creation.

No change to generated code.

Backports commit 46292ba75c515baf733df18644052b2ce9492728 from qemu
2018-02-19 18:57:56 -05:00
Eric Blake b9b76f9b4b
qapi: Lazy creation of array types
Commit ac88219a had several TODO markers about whether we needed
to automatically create the corresponding array type alongside
any other type. It turns out that most of the time, we don't!

There are a few exceptions: 1) We have a few situations where we
use an array type in internal code but do not expose that type
through QMP; fix it by declaring a dummy type that forces the
generator to see that we want to use the array type.

2) The builtin arrays (such as intList for QAPI ['int']) must
always be generated, because of the way our QAPI_TYPES_BUILTIN
compile guard works: we have situations (at the very least
tests/test-qmp-output-visitor.c) that include both top-level
"qapi-types.h" (via "error.h") and a secondary
"test-qapi-types.h". If we were to only emit the builtin types
when used locally, then the first .h file would not include all
types, but the second .h does not declare anything at all because
the first .h set QAPI_TYPES_BUILTIN, and we would end up with
compilation error due to things like unknown type 'int8List'.

Actually, we may need to revisit how we do type guards, and
change from a single QAPI_TYPES_BUILTIN over to a different
usage pattern that does one #ifdef per qapi type - right now,
the only types that are declared multiple times between two qapi
.json files for inclusion by a single .c file happen to be the
builtin arrays. But now that we have QAPI 'include' statements,
it is logical to assume that we will soon reach a point where
we want to reuse non-builtin types (yes, I'm thinking about what
it will take to add introspection to QGA, where we will want to
reuse the SchemaInfo type and friends). One #ifdef per type
will help ensure that generating the same qapi type into more
than one qapi-types.h won't cause collisions when both are
included in the same .c file; but we also have to solve how to
avoid creating duplicate qapi-types.c entry points. So that
is a problem left for another day.

Generated code for qapi-types and qapi-visit is drastically
reduced; less than a third of the arrays that were blindly
created were actually needed (a quick grep shows we dropped
from 219 to 69 *List types), and the .o files lost more than
30% of their bulk. [For best results, diff the generated
files with 'git diff --patience --no-index pre post'.]

Interestingly, the introspection output is unchanged - this is
because we already cull all types that are not indirectly
reachable from a command or event, so introspection was already
using only a subset of array types. The subset of types
introspected is now a much larger percentage of the overall set
of array types emitted in qapi-types.h (since the larger set
shrunk), but still not 100% (evidence that the array types
emitted for our new Dummy structs, and the new struct itself,
don't affect QMP).

Backports commit 9f08c8ec73878122ad4b061ed334f0437afaaa32 from qemu
2018-02-19 18:55:35 -05:00
Eric Blake dc65960e1f
qapi: Don't use info as witness of implicit object type
A future patch will enable error reporting from the various
QAPISchema*.check() methods. But to report an error related
to an implicit type, we'll need to associate a location with
the type (the same location as the top-level entity that is
causing the creation of the implicit type), and once we do
that, keying off of whether foo.info exists is no longer a
viable way to determine if foo is an implicit type.

Instead, add an is_implicit() method to QAPISchemaEntity, and use it.
It can be overridden later for ObjectType and EnumType, when implicit
instances of those classes gain info.

Backports commit 49823c4b4304a3e4aa5d67e089946b12d6a52d64 from qemu
2018-02-19 18:53:06 -05:00
Eric Blake 3d11f7173d
qapi: Prepare for errors during check()
The next few patches will start migrating error checking from
ad hoc parse methods into the QAPISchema*.check() methods. But
for an error message to display, we first have to fix the
overall 'try' to catch those errors. We also want to enable a
few more assertions, such as making sure every attempt to
raise a semantic error is passed a valid location info, or that
various preconditions hold.

The general approach for moving error checking will then be to
relax an assertion into an if that raises an exception if the
condition does not hold, and removing the counterpart ad hoc
check done during the parse phase.

Backports commit 7618b91ff80ec42b84b29be24d8ef53ddb377110 from qemu
2018-02-19 18:50:23 -05:00
Eric Blake 9d0c5746ff
qapi: Use predicate callback to determine visit filtering
Previously, qapi-types and qapi-visit filtered out implicit
objects during visit_object_type() by using 'info' (works since
implicit objects do not [yet] have associated info); meanwhile
qapi-introspect filtered out all schema types on the first pass
by returning a python type from visit_begin(), which was then
used at a distance in QAPISchema.visit() to do the filtering.

Rather than keeping these ad hoc approaches, add a new visitor
callback visit_needed() which returns False to skip a given
entity, and which defaults to True unless overridden. Use the
new mechanism to simplify all three filtering visitors.

No change to the generated code.

Backports commit 25a0d9c977c2f5db914b0a1619759fd77d97b016 from qemu
2018-02-19 18:49:08 -05:00
Eric Blake f371fa9105
qapi: Simplify gen_visit_fields() error handling
Since we have consolidated all generated code to use 'err' as
the name of the local variable for error detection, we can
simplify the decision on whether to skip error detection (useful
for deallocation paths) to be a boolean.

Backports commit 18bdbc3ac8b477e160d56aa6ecd6942495ce44d0 from qemu
2018-02-19 18:45:05 -05:00
Eric Blake 4ca10929a7
qapi: Share gen_visit_fields()
Consolidate the code between visit, command marshalling, and
event generation that iterates over the members of a struct.
It reduces code duplication in the generator, so that a future
patch can reduce the size of generated code while touching only
one instead of three locations.

There are no changes to the generated marshal code.

The visitor code becomes slightly more verbose, but remains
semantically equivalent, and is actually easier to read as
it follows a more common idiom:

| visit_optional(v, &(*obj)->has_device, "device", &err);
|- if (!err && (*obj)->has_device) {
|- visit_type_str(v, &(*obj)->device, "device", &err);
|- }
| if (err) {
| goto out;
| }
|+ if ((*obj)->has_device) {
|+ visit_type_str(v, &(*obj)->device, "device", &err);
|+ if (err) {
|+ goto out;
|+ }
|+ }

The event code becomes slightly more verbose, but this is
arguably a bug fix: although the visitors are not well
documented, use of an optional member should not be attempted
unless guarded by a prior call to visit_optional(). Works only
because the output qmp visitor has a no-op visit_optional():

|+ visit_optional(v, &has_offset, "offset", &err);
|+ if (err) {
|+ goto out;
|+ }
| if (has_offset) {
| visit_type_int(v, &offset, "offset", &err);

Backports commit 82ca8e469666b169ccf818a0e36136aee97d7db0 from qemu
2018-02-19 18:41:41 -05:00
Eric Blake 13b3a6c92f
qapi: Consistent generated code: minimize push_indent() usage
We had some pointless differences in the generated code for visit,
command marshalling, and events; unifying them makes it easier for
future patches to consolidate to common helper functions.
This is one patch of a series to clean up these differences.

This patch reduces the number of push_indent()/pop_indent() pairs
so that generated code is typically already at its natural output
indentation in the python files. It is easier to reason about
generated code if the reader does not have to track how much
spacing will be inserted alongside the code, and moreso when all
of the generators use the same patterns (qapi-type and qapi-event
were already using in-place indentation).

Arguably, the resulting python may be a bit harder to read with C
code at the same indentation as python; on the other hand, not
having to think about push_indent() is a win, and most decent
editors provide syntax highlighting that makes it easier to
visually distinguish python code from string literals that will
become C code.

There is no change to the generated output.

Backports commit 05372f708a8cb3556e4d67458de79417dadf241f from qemu
2018-02-19 18:38:48 -05:00
Eric Blake ec89e19b30
qapi: Consistent generated code: prefer common indentation
We had some pointless differences in the generated code for visit,
command marshalling, and events; unifying them makes it easier for
future patches to consolidate to common helper functions.
This is one patch of a series to clean up these differences.

This patch adjusts gen_visit_union() to use the same indentation
as other functions, namely, by jumping early to the error label
if the object was not set rather than placing the rest of the
body inside an if for when it is set.

No change in semantics to the generated code.

Backports commit e36c714e6aad7c9266132350833e2f263f6d8874 from qemu
2018-02-19 18:26:14 -05:00
Eric Blake 53c2c709af
qapi: Consistent generated code: prefer common labels
We had some pointless differences in the generated code for visit,
command marshalling, and events; unifying them makes it easier for
future patches to consolidate to common helper functions.
This is one patch of a series to clean up these differences.

This patch names the goto labels 'out' (not 'clean') and 'out_obj'
(not 'out_end'). Additionally, the generator was inconsistent on
whether labels had a leading space [our HACKING is silent; while
emacs 'gnu' style adds the space to avoid littering column 1].
For minimal churn, prefer no leading space; this also matches
the style that is more prevalent in current qemu.git.

No change in semantics to the generated code.

Backports commit f782399cb4fa3fc4182cb046817f65a6db92ab07 from qemu
2018-02-19 18:23:15 -05:00
Eric Blake 4e9c5e4d52
qapi: Consistent generated code: prefer visitor 'v'
We had some pointless differences in the generated code for visit,
command marshalling, and events; unifying them makes it easier for
future patches to consolidate to common helper functions.
This is one patch of a series to clean up these differences.

This patch names the local visitor variable 'v' rather than 'm'.
Related objects, such as 'QapiDeallocVisitor', are also named by
their initials instead of an unrelated leading m.

No change in semantics to the generated code.

Backports commit f8b7f1a8eafa9f565ebecfe409e8741d38cd786b from qemu
2018-02-19 18:21:53 -05:00
Eric Blake bc8a7ae5f9
qapi: Consistent generated code: prefer error 'err'
We had some pointless differences in the generated code for visit,
command marshalling, and events; unifying them makes it easier for
future patches to consolidate to common helper functions.
This is one patch of a series to clean up these differences.

This patch consistently names the local error variable 'err' rather
than 'local_err'.

No change in semantics to the generated code.

Backports commit 2a0f50e8d973b01eda4c63bac4a5c79ea0f584ef from qemu
2018-02-19 18:15:10 -05:00
Eric Blake 4294815ee3
qapi: Reuse code for flat union base validation
Rather than open-code the check for a valid base type, we
should reuse the common functionality. This allows for
consistent error messages, and also makes it easier for a
later patch to turn on support for inline anonymous base
structures.

Test flat-union-inline is updated to test only one feature
(anonymous branch dictionaries), which can be implemented
independently (test flat-union-bad-base already covers the
idea of an anonymous base dictionary).

Backports commit 376863ef4895ae709aadb6f26365a5973310ef09 from qemu
2018-02-19 18:14:53 -05:00
Eric Blake c09db972fe
qapi: Avoid assertion failure on union 'type' collision
The previous commit added two tests that triggered an assertion
failure. It's fairly straightforward to avoid the failure by
just outright forbidding the collision between a union's tag
values and its discriminator name (including the implicit name
'kind' supplied for simple unions [*]). Ultimately, we'd like
to move the collision detection into QAPISchema*.check(), but
for now it is easier just to enhance the existing checks.

[*] Of course, down the road, we have plans to rename the simple
union tag name to 'type' to match the QMP wire name, but the
idea of the collision will still be present even then.

Technically, we could avoid the collision by naming the C union
members representing each enum value as '_case_value' rather
than 'value'; but until we have an actual qapi client (and not
just our testsuite) that has a legitimate reason to match a
case label to the name of a QMP key and needs the name munging
to satisfy the compiler, it's easier to just reject the qapi
as invalid.

Backports commit 7b2a5c2f9a52c4a08630fa741052f03fe5d3cc8a from qemu
2018-02-19 18:09:13 -05:00
Eric Blake 8fce54a867
qapi: Clean up qapi.py per pep8
Silence pep8, and make pylint a bit happier. Just style cleanups,
plus killing a useless comment in camel_to_upper(); no semantic
changes.

Backports commit 437db2549be383e52acad6cd4bf2862e98fdfc93 from qemu
2018-02-19 18:07:55 -05:00
Eric Blake 07f0fa3ee9
qapi: Invoke exception superclass initializer
pylint recommends that every exception class should explicitly
invoke the superclass __init__, even though things seem to work
fine without it.

Backports commit 59b00542659c8947f9d4e8c28d2d528ab3ab61a5 from qemu
2018-02-19 17:57:21 -05:00
Eric Blake de2b67e528
qapi: Improve 'include' error message
Use of '"...%s" % include' to print non-strings can lead to
ugly messages, such as this (if the .json change is applied
without the qapi.py change):
 Expected a file name (string), got: OrderedDict()

Better is to just omit the actual non-string value in the
message.

Backports commit 7408fb67c0f9403f6e40aecf97cf798fc14e2cd8 from qemu
2018-02-19 17:56:17 -05:00
Markus Armbruster 02e411f666
qapi: New QMP command query-qmp-schema for QMP introspection
qapi/introspect.json defines the introspection schema. It's designed
for QMP introspection, but should do for similar uses, such as QGA.

The introspection schema does not reflect all the rules and
restrictions that apply to QAPI schemata. A valid QAPI schema has an
introspection value conforming to the introspection schema, but the
converse is not true.

Introspection lowers away a number of schema details, and makes
implicit things explicit:

* The built-in types are declared with their JSON type.

All integer types are mapped to 'int', because how many bits we use
internally is an implementation detail. It could be pressed into
external interface service as very approximate range information,
but that's a bad idea. If we need range information, we better do
it properly.

* Implicit type definitions are made explicit, and given
auto-generated names:

- Array types, named by appending "List" to the name of their
element type, like in generated C.

- The enumeration types implicitly defined by simple union types,
named by appending "Kind" to the name of their simple union type,
like in generated C.

- Types that don't occur in generated C. Their names start with ':'
so they don't clash with the user's names.

* All type references are by name.

* The struct and union types are generalized into an object type.

* Base types are flattened.

* Commands take a single argument and return a single result.

Dictionary argument or list result is an implicit type definition.

The empty object type is used when a command takes no arguments or
produces no results.

The argument is always of object type, but the introspection schema
doesn't reflect that.

The 'gen': false directive is omitted as implementation detail.

The 'success-response' directive is omitted as well for now, even
though it's not an implementation detail, because it's not used by
QMP.

* Events carry a single data value.

Implicit type definition and empty object type use, just like for
commands.

The value is of object type, but the introspection schema doesn't
reflect that.

* Types not used by commands or events are omitted.

Indirect use counts as use.

* Optional members have a default, which can only be null right now

Instead of a mandatory "optional" flag, we have an optional default.
No default means mandatory, default null means optional without
default value. Non-null is available for optional with default
(possible future extension).

* Clients should *not* look up types by name, because type names are
not ABI. Look up the command or event you're interested in, then
follow the references.

TODO Should we hide the type names to eliminate the temptation?

New generator scripts/qapi-introspect.py computes an introspection
value for its input, and generates a C variable holding it.

It can generate awfully long lines. Marked TODO.

A new test-qmp-input-visitor test case feeds its result for both
tests/qapi-schema/qapi-schema-test.json and qapi-schema.json to a
QmpInputVisitor to verify it actually conforms to the schema.

New QMP command query-qmp-schema takes its return value from that
variable. Its reply is some 85KiBytes for me right now.

If this turns out to be too much, we have a couple of options:

* We can use shorter names in the JSON. Not the QMP style.

* Optionally return the sub-schema for commands and events given as
arguments.

Right now qmp_query_schema() sends the string literal computed by
qmp-introspect.py. To compute sub-schema at run time, we'd have to
duplicate parts of qapi-introspect.py in C. Unattractive.

* Let clients cache the output of query-qmp-schema.

It changes only on QEMU upgrades, i.e. rarely. Provide a command
query-qmp-schema-hash. Clients can have a cache indexed by hash,
and re-query the schema only when they don't have it cached. Even
simpler: put the hash in the QMP greeting.

Backports commit 39a181581650f4d50f4445bc6276d9716cece050 from qemu
2018-02-19 17:54:03 -05:00
Markus Armbruster 8115f998e9
qapi: Pseudo-type '**' is now unused, drop it
'gen': false needs to stay for now, because netdev_add is still using
it.

Backports commit 2d21291ae645955fcc4652ebfec81ad338169ac6 from qemu
2018-02-19 17:49:46 -05:00
Markus Armbruster e9dac6908f
qom: Don't use 'gen': false for qom-get, qom-set, object-add
With the previous commit, the generated marshalers just work, and save
us a bit of handwritten code.

Backports commit 6eb3937e9b20319e1c4f4d53e906fda8f5ccda10 from qemu
2018-02-19 17:47:59 -05:00
Markus Armbruster f93438ba43
qapi: Introduce a first class 'any' type
It's first class, because unlike '**', it actually works, i.e. doesn't
require 'gen': false.

'**' will go away next.

Backports commit 28770e057f265a4e70bcbdfc2447cce7b5f2dc19 from qemu
2018-02-19 17:46:58 -05:00
Markus Armbruster 66def00922
qapi: De-duplicate parameter list generation
Generated qapi-event.[ch] lose line breaks. No change otherwise.

Backports commit 03b4367a556179e3e59affa535493427bd009e9d from qemu
2018-02-19 17:38:52 -05:00
Markus Armbruster b4187c01da
qapi-visit: Rearrange code a bit
Move gen_visit_decl() to a better place. Inline
generate_visit_struct_body().

Backports commit 60f8546acd113e636bf2ba8af991ebe0f6e8ad66 from qemu
2018-02-19 17:37:09 -05:00
Markus Armbruster d6866a50f6
qapi: Clean up after recent conversions to QAPISchemaVisitor
Generate just 'FOO' instead of 'struct FOO' when possible.

Drop helper functions that are now unused.

Make pep8 and pylint reasonably happy.

Rename generate_FOO() functions to gen_FOO() for consistency.

Use more consistent and sensible variable names.

Consistently use c_ for mapping keys when their value is a C
identifier or type.

Simplify gen_enum() and gen_visit_union()

Consistently use single quotes for C text string literals.

Backports commit e98859a9b96d71dea8f9af43325edd43c7effe66 from qemu
2018-02-19 17:34:32 -05:00
Markus Armbruster 64e9fceab9
qapi: Replace dirty is_c_ptr() by method c_null()
is_c_ptr() looks whether the end of the C text for the type looks like
a pointer. Works, but is fragile.

We now have a better tool: use QAPISchemaType method c_null(). The
initializers for non-pointers become prettier: 0, false or the
enumeration constant with the value 0 instead of {0}.

Backports commit 5710153e7310995b5d4127af267e36d8529b3b30 from qemu
2018-02-19 17:17:40 -05:00
Markus Armbruster abfa5da7da
qapi-event: Convert to QAPISchemaVisitor, fixing data with base
Fixes events whose data is struct with base to include the struct's
base members. Test case is qapi-schema-test.json's event
__org.qemu_x-command:

{ 'event': '__ORG.QEMU_X-EVENT', 'data': '__org.qemu_x-Struct' }

{ 'struct': '__org.qemu_x-Struct', 'base': '__org.qemu_x-Base',
'data': { '__org.qemu_x-member2': 'str' } }

{ 'struct': '__org.qemu_x-Base',
'data': { '__org.qemu_x-member1': '__org.qemu_x-Enum' } }

Patch's effect on generated qapi_event_send___org_qemu_x_event():

-void qapi_event_send___org_qemu_x_event(const char *__org_qemu_x_member2,
+void qapi_event_send___org_qemu_x_event(__org_qemu_x_Enum __org_qemu_x_member1,
+ const char *__org_qemu_x_member2,
Error **errp)
{
QDict *qmp;
@@ -224,6 +225,10 @@ void qapi_event_send___org_qemu_x_event(
goto clean;
}

+ visit_type___org_qemu_x_Enum(v, &__org_qemu_x_member1, "__org.qemu_x-member1", &local_err);
+ if (local_err) {
+ goto clean;
+ }
visit_type_str(v, (char **)&__org_qemu_x_member2, "__org.qemu_x-member2", &local_err);
if (local_err) {
goto clean;

Code is generated in a different order now, but that doesn't matter.

Backports commit 05f43a960877cf941635324b2d0a74c0d0f7128e from qemu
2018-02-19 17:16:31 -05:00
Markus Armbruster 533bf08ff1
qapi-event: Eliminate global variable event_enum_value
Backports commit 7b24626cd019ed5084c8e3370999176a1ebd44be from qemu
2018-02-19 17:13:37 -05:00
Markus Armbruster 782a549898
qapi: De-duplicate enum code generation
Duplicated in commit 21cd70d. Yes, we can't import qapi-types, but
that's no excuse. Move the helpers from qapi-types.py to qapi.py, and
replace the duplicates in qapi-event.py.

The generated event enumeration type's lookup table becomes
const-correct (see commit 2e4450f), and uses explicit indexes instead
of relying on order (see commit 912ae9c).

Backports commit efd2eaa6c2992c214a13f102b6ddd4dca4697fb3 from qemu
2018-02-19 17:11:05 -05:00
Markus Armbruster baa36c6c88
qapi-visit: Convert to QAPISchemaVisitor, fixing bugs
Fixes flat unions to visit the base's base members (the previous
commit merely added them to the struct). Same test case.

Patch's effect on visit_type_UserDefFlatUnion():

static void visit_type_UserDefFlatUnion_fields(Visitor *m, UserDefFlatUnion **obj, Error **errp)
{
Error *err = NULL;

+ visit_type_int(m, &(*obj)->integer, "integer", &err);
+ if (err) {
+ goto out;
+ }
visit_type_str(m, &(*obj)->string, "string", &err);
if (err) {
goto out;

Test cases updated for the bug fix.

Fixes alternates to generate a visitor for their implicit enumeration
type. None of them are currently used, obviously. Example:
block-core.json's BlockdevRef now generates
visit_type_BlockdevRefKind().

Code is generated in a different order now, and therefore has got a
few new forward declarations. Doesn't matter.

The guard QAPI_VISIT_BUILTIN_VISITOR_DECL is renamed to
QAPI_VISIT_BUILTIN.

The previous commit's two ugly special cases exist here, too. Mark
both TODO.

Backports commit 441cbac0c7e641780decbc674a9a68c6a5200f71 from qemu
2018-02-19 17:04:59 -05:00
Markus Armbruster 03634275b1
qapi-types: Convert to QAPISchemaVisitor, fixing flat unions
Fixes flat unions to get the base's base members. Test case is from
commit 2fc0043, in qapi-schema-test.json:

{ 'union': 'UserDefFlatUnion',
'base': 'UserDefUnionBase',
'discriminator': 'enum1',
'data': { 'value1' : 'UserDefA',
'value2' : 'UserDefB',
'value3' : 'UserDefB' } }

{ 'struct': 'UserDefUnionBase',
'base': 'UserDefZero',
'data': { 'string': 'str', 'enum1': 'EnumOne' } }

{ 'struct': 'UserDefZero',
'data': { 'integer': 'int' } }

Patch's effect on UserDefFlatUnion:

struct UserDefFlatUnion {
/* Members inherited from UserDefUnionBase: */
+ int64_t integer;
char *string;
EnumOne enum1;
/* Own members: */
union { /* union tag is @enum1 */
void *data;
UserDefA *value1;
UserDefB *value2;
UserDefB *value3;
};
};

Flat union visitors remain broken. They'll be fixed next.

Code is generated in a different order now, but that doesn't matter.

The two guards QAPI_TYPES_BUILTIN_STRUCT_DECL and
QAPI_TYPES_BUILTIN_CLEANUP_DECL are replaced by just
QAPI_TYPES_BUILTIN.

Two ugly special cases for simple unions now stand out like sore
thumbs:

1. The type tag is named 'type' everywhere, except in generated C,
where it's 'kind'.

2. QAPISchema lowers simple unions to semantically equivalent flat
unions. However, the C generated for a simple unions differs from
the C generated for its equivalent flat union, and we therefore
need special code to preserve that pointless difference for now.

Mark both TODO.

Backports commit 2b162ccbe875e5323fc04c1009addbdea4d35220 from qemu
2018-02-19 16:58:34 -05:00
Lioncash 72f6d68002
qapi: New QAPISchemaVisitor
The visitor will help keeping the code generation code simple and
reasonably separated from QAPISchema details.

Backports commit 3f7dc21bee1e930d5cccf607b8f83831c3bbdb09 from qemu
2018-02-19 16:50:02 -05:00
Markus Armbruster 8ce395e073
qapi: QAPISchema code generation helper methods
New methods c_name(), c_type(), c_null(), json_type(),
alternate_qtype().

Backports commit f51d8c3db11b0f3052b3bb4b8b0c7f0bc76f7136 from qemu
2018-02-19 16:47:35 -05:00
Markus Armbruster a3660e451d
qapi: New QAPISchema intermediate reperesentation
The QAPI code generators work with a syntax tree (nested dictionaries)
plus a few symbol tables (also dictionaries) on the side.

They have clearly outgrown these simple data structures. There's lots
of rummaging around in dictionaries, and information is recomputed on
the fly. For the work I'm going to do, I want more clearly defined
and more convenient interfaces.

Going forward, I also want less coupling between the back-ends and the
syntax tree, to make messing with the syntax easier.

Create a bunch of classes to represent QAPI schemata.

Have the QAPISchema initializer call the parser, then walk the syntax
tree to create the new internal representation, and finally perform
semantic analysis.

Shortcut: the semantic analysis still relies on existing check_exprs()
to do the actual semantic checking. All this code needs to move into
the classes. Mark as TODO.

Simple unions are lowered to flat unions. Flat unions and structs are
represented as a more general object type.

Catching name collisions in generated code would be nice. Mark as
TODO.

We generate array types eagerly, even though most of them aren't used.
Mark as TODO.

Nothing uses the new intermediate representation just yet, thus no
change to generated files.

Backports commit ac88219a6c78302c693fb60fe6cf04358540fbce from qemu
2018-02-19 16:43:30 -05:00
Markus Armbruster 448a2e95ac
qapi: Rename class QAPISchema to QAPISchemaParser
I want to name a new class QAPISchema.

While there, make it a new-style class.

Backports commit a4bcb2080d5c1d08bab512d76fb260296e2cae74 from qemu
2018-02-19 16:41:00 -05:00
Daniel P. Berrange fe90a5c914
qapi: allow override of default enum prefix naming
The camel_to_upper() method applies some heuristics to turn
a mixed case type name into an all-uppercase name. This is
used for example, to generate enum constant name prefixes.

The heuristics don't also generate a satisfactory name
though. eg

{ 'enum': 'QCryptoTLSCredsEndpoint',
'data': ['client', 'server']}

Results in Q_CRYPTOTLS_CREDS_ENDPOINT_CLIENT. This has
an undesirable _ after the initial Q and is missing an
_ between the CRYPTO & TLS strings.

Rather than try to add more and more heuristics to try
to cope with this, simply allow the QAPI schema to
specify the desired enum constant prefix explicitly.

eg

{ 'enum': 'QCryptoTLSCredsEndpoint',
'prefix': 'QCRYPTO_TLS_CREDS_ENDPOINT',
'data': ['client', 'server']}

Now gives the QCRYPTO_TLS_CREDS_ENDPOINT_CLIENT name.

Backports commit 351d36e454cddc67a1675740916636a7ccbf1c4b from qemu
2018-02-19 16:38:48 -05:00
Markus Armbruster d59948f245
qapi: Fix cgen() for Python older than 2.7
A feature new in Python 2.7 crept into commit 77e703b: re.subn()'s
fifth argument.  Avoid that, use re.compile().

Backports commit 2752e5bedb26fa0c7291f810f9f534b688b2f1d2 from qemu
2018-02-19 16:34:17 -05:00
Markus Armbruster 809b439562
qapi: Generators crash when --output-dir isn't given, fix
Backports commit c4f498fe8532cdacc609262b104322911108df54 from qemu
2018-02-19 16:32:50 -05:00
Markus Armbruster 741783073f
qapi: Simplify error reporting for array types
check_type() first checks and peels off the array type, then checks
the element type. For two out of four error messages, it takes pains
to report errors for "array of T" instead of just T. Odd. Let's
examine the errors.

* Unknown element type, e.g.
tests/qapi-schema/args-array-unknown.json:

Member 'array' of 'data' for command 'oops' uses unknown type
'array of NoSuchType'

To make sense of this, you need to know that 'array of NoSuchType'
refers to '[NoSuchType]'. Easy enough. However, simply reporting

Member 'array' of 'data' for command 'oops' uses unknown type
'NoSuchType'

is at least as easy to understand.

* Element type's meta-type is inadmissible, e.g.
tests/qapi-schema/returns-whitelist.json:

'returns' for command 'no-way-this-will-get-whitelisted' cannot
use built-in type 'array of int'

'array of int' is technically not a built-in type, but that's
pedantry. However, simply reporting

'returns' for command 'no-way-this-will-get-whitelisted' cannot
use built-in type 'int'

avoids the issue, and is at least as easy to understand.

* The remaining two errors are unreachable, because the array checking
ensures that value is a string.

Thus, reporting some errors for "array of T" instead of just T works,
but doesn't really improve things. Drop it.

Backports commit eddf817bd823a90df209dfbdc2a0b2ec33b7cb77 from qemu
2018-02-19 16:31:44 -05:00
Markus Armbruster 630b56b4a2
qapi: Fix errors for non-string, non-dictionary members
Backports commit c6b71e5ae73802057d700e2419b80aef1651f213 from qemu
2018-02-19 16:30:50 -05:00
Markus Armbruster 16619a738e
qapi: Drop one of two "simple union must not have base" checks
The first check ensures the second one can't trigger. Drop the first
one, because the second one is in a more logical place, and emits a
nicer error message.

Backports commit 65fbe125451da9421070ab03944c9600a264eefc from qemu
2018-02-19 16:29:58 -05:00
Markus Armbruster 46cf5ed6ae
qapi: Generated code cleanup
Clean up white-space, brace placement, and superfluous #ifdef
QAPI_TYPES_BUILTIN_CLEANUP_DEF.

Backports commit 3a864e7c52af15017d5082a9ee39a7919f46d2b5 from qemu
2018-02-19 16:29:13 -05:00
Markus Armbruster c5e8b70b5a
qapi: Command returning anonymous type doesn't work, outlaw
Reproducer: with

{ 'command': 'user_def_cmd4', 'returns': { 'a': 'int' } }

added to qapi-schema-test.json, qapi-commands.py dies when it tries to
generate the command handler function

Traceback (most recent call last):
File "/work/armbru/qemu/scripts/qapi-commands.py", line 359, in <module>
ret = generate_command_decl(cmd['command'], arglist, ret_type) + "\n"
File "/work/armbru/qemu/scripts/qapi-commands.py", line 29, in generate_command_decl
ret_type=c_type(ret_type), name=c_name(name),
File "/work/armbru/qemu/scripts/qapi.py", line 927, in c_type
assert isinstance(value, str) and value != ""
AssertionError

because the return type doesn't exist.

Simply outlaw this usage, and drop or dumb down test cases accordingly.

Backports commit 9b090d42aea9a0abbf39a1d75561a186057b5fe6 from qemu
2018-02-19 16:24:14 -05:00
Markus Armbruster 8d992dfa48
qapi: Fix to reject union command and event arguments
A command's or event's 'data' must be a struct type, given either as a
dictionary, or as struct type name.

Commit dd883c6 tightened the checking there, but not enough: we still
accept 'union'. Fix to reject it.

We may want to support union types there, but we'll have to extend
qapi-commands.py and qapi-events.py for it.

Backports commit 315932b5edb86597adafbd1faa2d29c46499d8c3 from qemu
2018-02-19 16:23:24 -05:00
Markus Armbruster eed32a1c57
qapi: Document flaws in checking of names
We don't actually enforce our "other than downstream extensions [...],
all names should begin with a letter" rule. Add a FIXME.

We should reject names that differ only in '_' vs. '.' vs. '-',
because they're liable to clash in generated C. Add a FIXME.

Backports commit d90675fa4bc256238b3dd3a7fdd5f9029eca00b8 from qemu
2018-02-19 16:22:35 -05:00
Eric Blake 6e85e420fb
qapi: Document shortcoming with union 'data' branch
Add a FIXME to remind us to fully audit whether removing the
'void *data' branch of each qapi union type can be done safely.

Backports commit ca56a822dd538017715345cbbe1f8829e0cc2742 from qemu
2018-02-19 16:21:22 -05:00
Markus Armbruster 94b19608af
qapi-visit: Fix two name arguments passed to visitors
The generated code passes mangled schema names to visit_type_enum()
and union's visit_start_struct(). Fix it to pass the names
unadulterated, like we do everywhere else.

Only qapi-schema-test.json actually has names where this makes a
difference: enum __org.qemu_x-Enum, flat union __org.qemu_x-Union2,
simple union __org.qemu_x-Union1 and its implicit enum
__org.qemu_x-Union1Kind.

Backports commit 40b3adec13a9e022ff5a2e2b81c243fc0a026746 from qemu
2018-02-19 16:20:10 -05:00
Markus Armbruster 54ce4b3f00
qapi-visit: Replace list implicit_structs by set
Use set because that's what it is. While there, rename to
implicit_structs_seen.

Backports commit 8c07eddc619d618965fdd7a96bfe3b5c59f42b52 from qemu
2018-02-19 16:17:37 -05:00
Markus Armbruster 23d14a2921
qapi-visit: Fix generated code when schema has forward refs
The visit_type_implicit_FOO() are generated on demand, right before
their first use. Used by visit_type_STRUCT_fields() when STRUCT has
base FOO, and by visit_type_UNION() when flat UNION has member a FOO.

If the schema defines FOO after its first use as struct base or flat
union member, visit_type_implicit_FOO() calls
visit_type_implicit_FOO() before its definition, which doesn't
compile.

Rearrange qapi-schema-test.json to demonstrate the bug.

Fix by generating the necessary forward declaration.

Backports commit 8c3f8e77215bfedb7854221868f655e148506936 from qemu
2018-02-19 16:16:19 -05:00
Markus Armbruster 389afaa743
qapi: Generate a nicer struct for flat unions
The struct generated for a flat union is weird: the members of its
base are at the end, except for the union tag, which is at the
beginning.

Example: qapi-schema-test.json has

{ 'struct': 'UserDefUnionBase',
'data': { 'string': 'str', 'enum1': 'EnumOne' } }

{ 'union': 'UserDefFlatUnion',
'base': 'UserDefUnionBase',
'discriminator': 'enum1',
'data': { 'value1' : 'UserDefA',
'value2' : 'UserDefB',
'value3' : 'UserDefB' } }

We generate:

struct UserDefFlatUnion
{
EnumOne enum1;
union {
void *data;
UserDefA *value1;
UserDefB *value2;
UserDefB *value3;
};
char *string;
};

Change to put all base members at the beginning, unadulterated. Not
only is this easier to understand, it also permits casting the flat
union to its base, if that should become useful.

We now generate:

struct UserDefFlatUnion
{
/* Members inherited from UserDefUnionBase: */
char *string;
EnumOne enum1;
/* Own members: */
union { /* union tag is @enum1 */
void *data;
UserDefA *value1;
UserDefB *value2;
UserDefB *value3;
};
};

Backports commit 1e6c1616a91cdcbe9a8387541f7689b8c11632aa from qemu
2018-02-19 16:14:51 -05:00
Markus Armbruster 8b7252d8c8
qapi: Fix generated code when flat union has member 'kind'
A flat union's tag member gets renamed to 'kind' in the generated
code. Breaks when another member named 'kind' exists.

Example, adapted from qapi-schema-test.json:

{ 'struct': 'UserDefUnionBase',
'data': { 'kind': 'str', 'enum1': 'EnumOne' } }

We generate:

struct UserDefFlatUnion
{
EnumOne kind;
union {
void *data;
UserDefA *value1;
UserDefB *value2;
UserDefB *value3;
};
char *kind;
};

Kill the silly rename.

Backports commit 0f61af3eb396ae163cd1572ce12e05f5d08d7c15 from qemu
2018-02-19 16:13:07 -05:00
Markus Armbruster b190e4887e
qapi: Drop unused and useless parameters and variables
gen_sync_call()'s parameter indent is useless: gen_sync_call() uses it
only as optional argument for push_indent() and pop_indent(), their
default is four, and gen_sync_call()'s only caller passes four. Drop
the parameter.

gen_visitor_input_containers_decl()'s parameter obj is always
"QOBJECT(args)". Use that, and drop the parameter.

Drop unused parameters of gen_marshal_output(),
gen_marshal_input_decl(), generate_visit_struct_body(),
generate_visit_list(), generate_visit_enum(), generate_declaration(),
generate_enum_declaration(), generate_decl_enum().

Drop unused variables in generate_event_enum_lookup(),
generate_enum_lookup(), generate_visit_struct_fields(), check_event().

Backports commit 5aa05d3f72e556752167f7005d6a3dea0f4432c5 from qemu
2018-02-19 16:11:35 -05:00
Markus Armbruster cf9d457200
qapi: Reject -p arguments that break qapi-event.py
qapi-event.py breaks when you ask for a funny prefix like '@'.
Protect it.

Backports commit 1cf47a15f18312436c7fa2d97be5fbe6df0292f5 from qemu
2018-02-19 16:07:40 -05:00
Markus Armbruster 2c3f6e4175
qapi-event: Clean up how name of enum QAPIEvent is made
Use c_name() instead of ad hoc code. Doesn't upcase the -p prefix,
which is an improvement in my book. Unbreaks prefix containing '.',
but other funny characters remain broken. To be fixed next.

Backports commit 016a335bd8ca624f43adbb08fa1698c29ec52a1a from qemu
2018-02-19 16:06:35 -05:00
Markus Armbruster 6dcb71a788
qapi: Simplify guardname()
The guards around built-in declarations lose their _H. It never made
much sense anyway.

Backports commit 00dfc3b2c272d98556ec6095d56bdd8b036babf9 from qemu
2018-02-19 16:05:52 -05:00
Markus Armbruster e100831af9
qapi: Clean up cgen() and mcgen()
Commit 05dfb26 added eatspace stripping to mcgen(). Move it to
cgen(), just in case somebody gets tempted to use cgen() directly
instead of via mcgen().

cgen() indents blank lines. No such lines get generated right now,
but fix it anyway.

We use triple-quoted strings for program text, like this:

'''
Program text
any number of lines
'''

Keeps the program text relatively readable, but puts an extra newline
at either end. mcgen() "fixes" that by dropping the first and last
line outright. Drop only the newlines.

This unmasks a bug in qapi-commands.py: four quotes instead of three.
Fix it up.

Output doesn't change

Backports commit 77e703b861d34bb2879f3e845482d5cf0a3a0ad1 from qemu
2018-02-19 16:04:37 -05:00
Daniel P. Berrange 767e900547
qom: Make enum string tables const-correct
The enum string table parameters in various QOM/QAPI methods
are declared 'const char *strings[]'. This results in const
warnings if passed a variable that was declared as

   static const char * const strings[] = { .... };

Add the extra const annotation to the parameters, since
neither the string elements, nor the array itself should
ever be modified.

Backports commit 2e4450ff432daef524cb3557fca68a3b7b5c7823 from qemu
2018-02-19 16:02:23 -05:00
Markus Armbruster 21b2c489af
qapi-types: Bury code dead since commit 6b5abc7
Backports commit e1d4210c3a50059a3889cedc44a8aa193fa63d7d from qemu
2018-02-19 15:58:09 -05:00
Peter Maydell 9a3972b6b2
scripts/qapi-types.py: Add dummy member to empty structs
Make sure that all generated C structs have at least one field; this
avoids potential issues with attempting to malloc space for
zero-length structs in C (g_malloc(sizeof struct) would return NULL).
It also avoids an incompatibility with C++ (where an empty struct is
size 1); that isn't important to us now but might be in future.

Generated empty structures look like this:
    struct Abort
    {
        char qapi_dummy_field_for_empty_struct;
    };

This silences clang warnings like:
./qapi-types.h:3752:1: warning: empty struct has size 0 in C, size 1 in C++ [-Wextern-c-compat]
struct Abort
^

Backports commit 83ecb22ba2c91a4674ae109595a8ed1da8de4d7a from qemu
2018-02-19 15:56:31 -05:00
Markus Armbruster 5efb546d6f
qapi-types: Split generate_fwd_builtin() off generate_fwd_struct()
Backports commit c5ecd7e18f912ab5e91f09b0333fb07567885d42 from qemu
2018-02-19 15:51:44 -05:00
Markus Armbruster e78c14f6e4
qapi-types: Drop unused members parameters
Backports commit ae0a7a109037160465f55f8bab06897f0a904def from qemu
2018-02-19 15:50:19 -05:00
Markus Armbruster 9ce13ce6a3
qapi-types: Don't filter out expressions with 'gen'
Useless, because it can only occur in commands, and we're not dealing
with commands here.

Backports commit 4f3568002393380558705397bda4cd5f224ffe29 from qemu
2018-02-19 15:48:52 -05:00
Markus Armbruster ed3da56d26
qapi: Catch and reject flat union branch of array type
Backports commit f9a1427361fe06ac67480d580412dc4ed6f5d03b from qemu
2018-02-19 15:48:12 -05:00
Markus Armbruster 52e7d76d23
qapi: Better separate the different kinds of helpers
Insert comments to separate sections dealing with parsing, semantic
analysis, code generation, and so forth.

Move helpers to their proper section.

Backports commit 00e4b285a31d19dcd88bd46729c9e09bfc9cc7fd from qemu
2018-02-19 15:47:21 -05:00
Markus Armbruster 0a8ab4fc40
qapi: Move exprs checking from parse_schema() to check_exprs()
To have expression semantic analysis in one place rather than two.

Backports commit 4d076d67c2c74662db092ecf4f99600b18209b2e from qemu
2018-02-19 15:45:24 -05:00
Markus Armbruster 72e6966bba
qapi: Fix to reject stray 't', 'f' and 'n'
Screwed up in commit e53188a.

Backports commit e565d934d21e3544b820cd03b88061e71ab644a0 from qemu
2018-02-19 15:41:38 -05:00
Markus Armbruster de88f40dfd
qapi: Simplify inclusion cycle detection
We maintain a stack of filenames in include_hist for convenient cycle
detection.

As error_path() demonstrates, the same information is readily
available in the expr_info, so just use that, and drop include_hist.

Backports commit a1366087270b312d94ff8c4031395a4218f160d4 from qemu
2018-02-19 15:40:44 -05:00
Markus Armbruster b387a62f73
qapi: Fix file name in error messages for included files
We print the name as it appears in the include expression. Tools
processing error messages want it relative to the working directory.
Make it so.

Backports commit 8608d2525186062099a38971c276752e7a38903a from qemu
2018-02-19 15:39:08 -05:00
Markus Armbruster a48f709cd8
qapi: Eliminate superfluous QAPISchema attribute input_dir
qapi: Improve a couple of confusing variable names

Backports commits 12c707944927b8aa42752198dcf419a0bafe5d33 and
54414047eca5bee7d5ba6e7af5fb251f8635896c from qemu
2018-02-19 15:37:52 -05:00
Markus Armbruster faffdb784a
qapi: Drop pointless flush() before close()
Backports commit 09896d3f48078a93e3d2dbd8ef86436b85ebda7c from qemu
2018-02-19 15:33:00 -05:00
Markus Armbruster 2c9ed3c379
qapi: Factor open_output(), close_output() out of generators
Backports commit 12f8e1b9ff57e99dafbb13f89cd5a99ad5c28527 from qemu
2018-02-19 15:32:28 -05:00
Markus Armbruster d77e0dd040
qapi: Turn generators' mandatory option -i into an argument
Mandatory option is silly, and the error handling is missing: the
programs crash when -i isn't supplied. Make it an argument, and check
it properly.

Backports commit 16d80f61814745bd3f5bb9f47ae3b00edf9e1e45 from qemu
2018-02-19 15:22:27 -05:00
Markus Armbruster dd67bbeb3b
qapi: Fix generators to report command line errors decently
Report to stderr, prefix with the program name. Also reject
extra arguments.

Backports commit b45409683e829770000a4560ed21e704f87df74c from qemu
2018-02-19 15:20:07 -05:00
Markus Armbruster 9415f6e863
qapi: Factor parse_command_line() out of the generators
Backports commit 2114f5a98d0d80774306279e1694de074ca86aa0 from qemu
2018-02-19 15:19:13 -05:00
Markus Armbruster f6a4f3033d
qapi: qapi-event.py option -b does nothing, drop it
Backports commit c70cef5bd48c7be603f75a7b5346db032a31b470 from qemu
2018-02-19 15:16:52 -05:00
Eric Blake 2dcd6722fa
qapi: Support downstream alternates
Enhance the testsuite to cover downstream alternates, including
whether the branch name or type is downstream. Update the
generator to mangle alternate names in the appropriate places.

Backports commit d1f07c86c05706facf950b0b0dba370f71fd5ef6 from qemu
2018-02-19 15:10:14 -05:00
Eric Blake 4292c61dbe
qapi: Support downstream flat unions
Enhance the testsuite to cover downstream flat unions, including
the base type, discriminator name and type, and branch name and
type. Update the generator to mangle the union names in the
appropriate places.

Backports commit 857af5f06c3fb097d1bb6bc8a23b9992aac99e75 from qemu
2018-02-19 15:06:36 -05:00
Eric Blake a2119bd210
qapi: Support downstream simple unions
Enhance the testsuite to cover downstream simple unions, including
when a union branch is a downstream name. Update the generator to
mangle the union names in the appropriate places.

Backports commit bb33729043ceda56b4068db13bdc17786ebd0ed0 from qemu
2018-02-19 15:05:10 -05:00
Eric Blake 2d14039f98
qapi: Support downstream structs
Enhance the testsuite to cover downstream structs, including struct
members and base structs. Update the generator to mangle the
struct names in the appropriate places.

Backports commit 83a02706bb1fd31c93eab755de543dfe228682d4 from qemu
2018-02-19 15:03:34 -05:00
Eric Blake 1a5b6a48d1
qapi: Support downstream enums
Enhance the testsuite to cover a downstream enum type and enum
string. Update the generator to mangle the enum name in the
appropriate places.

Backports commit fce384b8e5193e02421f6b2c2880f3684abcbdc0 from qemu
2018-02-19 15:01:08 -05:00
Eric Blake 2045cd0ada
qapi: Make c_type() consistently convert qapi names
Continuing the string of cleanups for supporting downstream names
containing '.', this patch focuses on ensuring c_type() can
handle a downstream name. This patch alone does not fix the
places where generator output should be calling this function
but was open-coding things instead, but it gets us a step closer.

In particular, the changes to c_list_type() and type_name() mean
that type_name(FOO) now handles the case when FOO contains '.',
'-', or is a ticklish identifier other than a builtin (builtins
are exempted because ['int'] must remain mapped to 'intList' and
not 'q_intList'). Meanwhile, ['unix'] now maps to 'q_unixList'
rather than 'unixList', to match the fact that 'unix' is ticklish;
however, our naming conventions state that complex types should
start with a capital, so no type name following conventions will
ever have the 'q_' prepended.

Likewise, changes to c_type() mean that c_type(FOO) properly
handles an enum or complex type FOO with '.' or '-' in the
name, or is a ticklish identifier (again, a ticklish identifier
as a type name violates conventions).

Backports commit c6405b54b7b09a876f2f2fba2aa6f8ac87189cb9 from qemu
2018-02-19 14:56:49 -05:00
Eric Blake 7ec0edc6c6
qapi: Tidy c_type() logic
c_type() is designed to be called on both string names and on
array designations, so 'name' is a bit misleading because it
operates on more than strings. Also, no caller ever passes
an empty string. Finally, + notation is a bit nicer to read
than '%s' % value for string concatenation.

Backports commit d557344628e32771f07e5b6a2a818ee3d8e7a65f from qemu
2018-02-19 14:53:56 -05:00
Markus Armbruster 5bc3d84705
qapi: Move camel_to_upper(), c_enum_const() to closely related code
Backports commit 849bc5382e42b3b9590c6a50ba30c2fd2450308c from qemu
2018-02-19 14:51:03 -05:00
Markus Armbruster e339979717
qapi: Simplify c_enum_const()
Backports commit 02e20c7e593363c564aae96e3c5bdc58630ce584 from qemu
2018-02-19 14:50:04 -05:00
Markus Armbruster b0adaeb172
qapi: Rename generate_enum_full_value() to c_enum_const()
Backports commit 7c81c61f9c2274f66ba947eafd9618d60da838a6 from qemu
2018-02-19 14:49:20 -05:00
Markus Armbruster 8c7bbc2dce
qapi: Rename _generate_enum_string() to camel_to_upper()
Backports commit fa6068a1e8ef3c878ac9ee2399bb01eeaf61c366 from qemu
2018-02-19 14:46:49 -05:00
Eric Blake f114c7b027
qapi: Rename identical c_fun()/c_var() into c_name()
Now that the two functions are identical, we only need one of them,
and we might as well give it a more descriptive name. Basically,
the function serves as the translation from a QAPI name into a
(portion of a) C identifier, without regards to whether it is a
variable or function name.

Backports commit 18df515ebbefa9f13474b128b8050d5fa346ea1e from qemu
2018-02-19 14:45:04 -05:00
Markus Armbruster baab1986a3
qapi: Fix C identifiers generated for names containing '.'
c_fun() maps '.' to '_', c_var() doesn't. Nothing prevents '.' in
QAPI names that get passed to c_var().

Which QAPI names get passed to c_fun(), to c_var(), or to both is not
obvious. Names of command parameters and struct type members get
passed to c_var().

c_var() strips a leading '*', but this cannot happen. c_fun()
doesn't.

Fix c_var() to work exactly like c_fun().

Perhaps they should be replaced by a single mapping function.

Backports commit 47299262de424af0cb69965d082e5e70b2314183 from qemu
2018-02-19 14:41:06 -05:00
Eric Blake 7a82e7ff73
qapi: Check for member name conflicts with a base class
Our type inheritance for both 'struct' and for flat 'union' merges
key/value pairs from the base class with those from the type in
question. Although the C code currently boxes things so that there
is a distinction between which member is referred to, the QMP wire
format does not allow passing a key more than once in a single
object. Besides, if we ever change the generated C code to not be
quite so boxy, we'd want to avoid duplicate member names there,
too.

Fix a testsuite entry added in an earlier patch, as well as adding
a couple more tests to ensure we have appropriate coverage. Ensure
that collisions are detected, regardless of whether there is a
difference in opinion on whether the member name is optional.

Backports commit ff55d72eaf9628e7d58e7b067b361cdbf789c9f4 from qemu
2018-02-19 14:38:46 -05:00
Eric Blake 90dfdc5278
qapi: Support (subset of) \u escapes in strings
The handling of \ inside QAPI strings was less than ideal, and
really only worked JSON's \/, \\, \", and our extension of \'
(an obvious extension, when you realize we use '' instead of ""
for strings). For other things, like '\n', it resulted in a
literal 'n' instead of a newline.

Of course, at the moment, we really have no use for escaped
characters, as QAPI has to map to C identifiers, and we currently
support ASCII only for that. But down the road, we may add
support for default values for string parameters to a command
or struct; if that happens, it would be nice to correctly support
all JSON escape sequences, such as \n or \uXXXX. This gets us
closer, by supporting Unicode escapes in the ASCII range.

Since JSON does not require \OCTAL or \xXX escapes, and our QMP
implementation does not understand them either, I intentionally
reject it here, but it would be an easy addition if we desired it.
Likewise, intentionally refusing the NUL byte means we don't have
to worry about C strings being shorter than the qapi input.

Backports commit a7f5966b297330f6492020019544ae87c45d699b from qemu
2018-02-19 14:36:54 -05:00
Eric Blake 937daf7d25
qapi: Drop dead visitor code related to nested structs
Now that we no longer have nested structs to visit, the use of
prefix strings is no longer required. Remove the code that is
no longer reachable.

Backports commit a82b982e2bddf7cd7cb490f83643e952e17d4523 from qemu
2018-02-19 14:35:55 -05:00
Eric Blake 8d2f349447
qapi: Drop support for inline nested types
A future patch will be using a 'name':{dictionary} entry in the
QAPI schema to specify a default value for an optional argument
(see previous commit messages for more details why); but existing
use of inline nested structs conflicts with that goal. Now that
all commands have been changed to avoid inline nested structs,
nuke support for them, and turn it into a hard error. Update the
testsuite to reflect tighter parsing rules.

Backports commit 6b5abc7df7ef9aadb3ff0eba6ccf4f1f0181e2e1 from qemu
2018-02-19 14:30:36 -05:00
Eric Blake 2d6d612c61
qapi: Forbid 'type' in schema
Referring to "type" as both a meta-type (built-in, enum, union,
alternate, or struct) and a specific type (the name that the
schema uses for declaring structs) is confusing. Finish up the
conversion to using "struct" in qapi schema by removing the hack
in the generator that allowed 'type'.

Backports commit 3e391d355644b2bff7c9f187759aadb46c6e051f from qemu
2018-02-19 14:23:21 -05:00
Eric Blake 341f4a437a
qapi: Use 'struct' instead of 'type' in schema
Referring to "type" as both a meta-type (built-in, enum, union,
alternate, or struct) and a specific type (the name that the
schema uses for declaring structs) is confusing. Do the bulk of
the conversion to "struct" in qapi schema, with a fairly
mechanical:

for f in `find -name '*.json'; do sed -i "s/'type'/'struct'/"; done

followed by manually filtering out the places where we have a
'type' embedded in 'data'. Then tweak a couple of tests whose
output changes slightly due to longer lines.

I also verified that the generated files for QMP and QGA (such
as qmp-commands.h) are the same before and after, as assurance
that I didn't leave in any accidental member name changes.

Backports commit 895a2a80e0e054f0d5d3715aa93d10d15e49f9f7 from qemu
2018-02-19 14:22:13 -05:00
Eric Blake b18ac34baa
qapi: Require ASCII in schema
Python 2 and Python 3 have a wild history of whether strings
default to ascii or unicode, where Python 3 requires checking
isinstance(foo, basestr) to cover all strings, but where that
code is not portable to Python 2. It's simpler to just state
that we don't care about Unicode strings, and to just always
use the simpler isinstance(foo, str) everywhere.

I'm no python expert, so I'm basing it on this conversation:
https://lists.gnu.org/archive/html/qemu-devel/2014-09/msg05278.html

Backports commit fe2a9303c9e511462f662a415c2e9d2defe9b7ca from qemu
2018-02-19 14:18:52 -05:00
Eric Blake 0fc76ffc1f
qapi: Prefer 'struct' over 'type' in generator
Referring to "type" as both a meta-type (built-in, enum, union,
alternate, or struct) and a specific type (the name that the
schema uses for declaring structs) is confusing. The confusion
is only made worse by the fact that the generator mostly already
refers to struct even when dealing with expr['type']. This
commit changes the generator to consistently refer to it as
struct everywhere, plus a single back-compat tweak that allows
accepting the existing .json files as-is, so that the meat of
this change is separate from the mindless churn of that change.

Fix the testsuite fallout for error messages that change, and
in some cases, become more legible. Improve comments to better
match our intentions where a struct (rather than any complex
type) is required. Note that in some cases, an error message
now refers to 'struct' while the schema still refers to 'type';
that will be cleaned up in the later commit to the schema.

Backports commit fd41dd4eae5f7ea92f10c04cb3f217727fcee91f from qemu
2018-02-19 14:13:32 -05:00
Eric Blake 06faf280f1
qapi: More rigorous checking for type safety bypass
Now that we have a way to validate every type, we can also be
stricter about enforcing that callers that want to bypass
type safety in generated code. Prior to this patch, it didn't
matter what value was associated with the key 'gen', but it
looked odd that 'gen':'yes' could result in bypassing the
generated code. These changes also enforce the changes made
earlier in the series for documentation and consolidation of
using '**' as the wildcard type, as well as 'gen':false as the
canonical spelling for requesting type bypass.

Note that 'gen':false is a one-way switch away from the default;
we do not support 'gen':true (similar for 'success-response').
In practice, this doesn't matter.

Backports commit 2cbf09925ad45401673a79ab77f67de2f04a826c from qemu
2018-02-19 14:09:03 -05:00
Eric Blake 0b9d15dd52
qapi: Whitelist commands that don't return dictionary
...or an array of dictionaries. Although we have to cater to
existing commands, returning a non-dictionary means the command
is not extensible (no new name/value pairs can be added if more
information must be returned in parallel). By making the
whitelist explicit, any new command that falls foul of this
practice will have to be self-documenting, which will encourage
developers to either justify the action or rework the design to
use a dictionary after all.

It's a little bit sloppy that we share a single whitelist among
three clients (it's too permissive for each). If this is a
problem, a future patch could tighten things by having the
generator take the whitelist as an argument (as in
scripts/qapi-commands.py --legacy-returns=...), or by having
the generator output C code that requires explicit use of the
whitelist (as in:
then having the callers define appropriate macros). But until
we need such fine-grained separation (if ever), this patch does
the job just fine.

Backports commit 10d4d997f86cf2a4ce89145df5658952d5722e56 from qemu
2018-02-19 14:06:23 -05:00
Eric Blake 68142c9df0
qapi: Require valid names
Previous commits demonstrated that the generator overlooked various
bad naming situations:
- types, commands, and events need a valid name
- enum members must be valid names, when combined with prefix
- union and alternate branches cannot be marked optional

Valid upstream names match [a-zA-Z][a-zA-Z0-9_-]*; valid downstream
names match __[a-zA-Z][a-zA-Z0-9._-]*. Enumerations match the
weaker [a-zA-Z0-9._-]+ (in part thanks to QKeyCode picking an enum
that starts with a digit, which we can't change now due to
backwards compatibility). Rather than call out three separate
regex, this patch just uses a broader combination that allows both
upstream and downstream names, as well as a small hack that
realizes that any enum name is merely a suffix to an already valid
name prefix (that is, any enum name is valid if prepending _ fits
the normal rules).

We could reject new enumeration names beginning with a digit by
whitelisting existing exceptions. We could also be stricter
about the distinction between upstream names (no leading
underscore, no use of dot) and downstream (mandatory leading
double underscore), but it is probably not worth the bother.

Backports commit c9e0a798691d8c45747b082206e789c8f50523c9 from qemu
2018-02-19 14:04:48 -05:00
Eric Blake 0327ce85e4
qapi: More rigourous checking of types
Now that we know every expression is valid with regards to
its keys, we can add further tests that those keys refer to
valid types. With this patch, all uses of a type (the 'data':
of command, type, union, alternate, and event; the 'returns':
of command; the 'base': of type and union) must resolve to an
appropriate subset of metatypes declared by the current qapi
parse; this includes recursing into each member of a data
dictionary. Dealing with '**' and nested anonymous structs
will be done in later patches.

Backports commit dd883c6f0547f02ae805d02852ff3691f6d08f85 from qemu
2018-02-19 14:01:14 -05:00
Fam Zheng 1f9419be44
qapi: Allow true, false and null in schema json
In the near term, we will use it for a sensible-looking
'gen':false inside command declarations, instead of the
current ugly 'gen':'no'.

In the long term, it will allow conversion from shorthand
with defaults mentioned only in side-band documentation:
'data':{'*flag':'bool', '*string':'str'}
into an explicit default value documentation, as in:
'data':{'flag':{'type':'bool', 'optional':true, 'default':true},
'string':{'type':'str', 'optional':true, 'default':null}}

We still don't parse integer values (also necessary before
we can allow explicit defaults), but that can come in a later
series.

Backports commit e53188ada516c814a729551be2448684d6d8ce08 from qemu
2018-02-19 13:57:53 -05:00
Eric Blake b19cd2bd9a
qapi: Better error messages for duplicated expressions
The previous commit demonstrated that the generator overlooked
duplicate expressions:
- a complex type or command reusing a built-in type name
- redeclaration of a type name, whether by the same or different
metatype
- redeclaration of a command or event
- collision of a type with implicit 'Kind' enum for a union
- collision with an implicit MAX enum constant

Since the c_type() function in the generator treats all names
as being in the same namespace, this patch adds a global array
to track all known names and their source, to prevent collisions
before it can cause further problems. While valid .json files
won't trigger any of these cases, we might as well be nicer to
developers that make a typo while trying to add new QAPI code.

Backports commit 4dc2e6906e1084fdd37bf67385c5dcd2c72ae22b from qemu
2018-02-19 13:56:05 -05:00
Eric Blake 75ba2155af
qapi: Better error messages for bad expressions
The previous commit demonstrated that the generator overlooked some
fairly basic broken expressions:
- missing metataype
- metatype key has a non-string value
- unknown key in relation to the metatype
- conflicting metatype (this patch treats the second metatype as an
unknown key of the first key visited, which is not necessarily the
first key the user typed)

Add check_keys to cover these situations, and update testcases to
match. A couple other tests (enum-missing-data, indented-expr) had
to change since the validation added here occurs so early.
Conversely, changes to ident-with-escape results show that we still
have problems where our handling of escape sequences differs from
true JSON, which will matter down the road if we allow arbitrary
default string values for optional parameters (but for now is not
too bad, as we currently can avoid unicode escaping as we don't
need to represent anything beyond C identifier material).

While valid .json files won't trigger any of these cases, we might
as well be nicer to developers that make a typo while trying to add
new QAPI code.

Backports commit 0545f6b8874c28d97369f2c83e5077e0461d4f12 from qemu
2018-02-19 13:52:12 -05:00
Eric Blake 8744d16fbe
qapi: Use 'alternate' to replace anonymous union
Previous patches have led up to the point where I create the
new meta-type "'alternate':'Foo'". See the previous patches
for documentation; I intentionally split as much work into
earlier patches to minimize the size of this patch, but a lot
of it is churn due to testsuite fallout after updating to the
new type.

Backports commit ab916faddd16f0165e9cc2551f90699be8efde53 from qemu
2018-02-19 13:49:56 -05:00
Eric Blake 8a6303f9cd
qapi: Segregate anonymous unions into alternates in generator
Special-casing 'discriminator == {}' for handling anonymous unions
is getting awkward; since this particular type is not always a
dictionary on the wire, it is easier to treat it as a completely
different class of type, "alternate", so that if a type is listed
in the union_types array, we know it is not an anonymous union.

This patch just further segregates union handling, to make sure that
anonymous unions are not stored in union_types, and splitting up
check_union() into separate functions. A future patch will change
the qapi grammar, and having the segregation already in place will
make it easier to deal with the distinct meta-type.

Backports commit 811d04fd0cff1229480d3f5b2e349f646ab6e3c1 from qemu
2018-02-19 13:44:17 -05:00
Eric Blake 9e87ec4b54
qapi: Prepare for catching more semantic parse errors
This patch widens the scope of a try block (with the attending
reindentation required by Python) in preparation for a future
patch adding more instances of QAPIExprError inside the block.
It's easier to separate indentation from semantic changes, so
this patch has no real behavior change.

Backports commit 268a1c5eb10832c2e4476d3fe199ea547dabecb7 from qemu
2018-02-19 13:39:37 -05:00
Eric Blake 3ee6a0c88a
qapi: Tighten checking of unions
Previous commits demonstrated that the generator had several
flaws with less-than-perfect unions:
- a simple union that listed the same branch twice (or two variant
names that map to the same C enumerator, including the implicit
MAX sentinel) ended up generating invalid C code
- an anonymous union that listed two branches with the same qtype
ended up generating invalid C code
- the generator crashed on anonymous union attempts to use an
array type
- the generator was silently ignoring a base type for anonymous
unions
- the generator allowed unknown types or nested anonymous unions
as a branch in an anonymous union

Backports commit 44bd1276a7dea747c41f250cb71ab65965343a7f from qemu
2018-02-19 13:34:22 -05:00
Eric Blake 8023795233
qapi: Forbid base without discriminator in unions
None of the existing QMP or QGA interfaces uses a union with a
base type but no discriminator; it is easier to avoid this in the
generator to save room for other future extensions more likely to
be useful.  An earlier commit added a union-base-no-discriminator
test to ensure that we eventually give a decent error message;
likewise, removing UserDefUnion outright is okay, because we moved
all the tests we wish to keep into the tests of the simple union
UserDefNativeListUnion in the previous commit.  Now is the time to
actually forbid simple union with base, and remove the last
vestiges from the testsuite.

Backports commit a8d4a2e4d7e1a0207699de47142c9bdbf2cc8675 from qemu
2018-02-19 13:29:39 -05:00
Eric Blake d8f8b1925c
qapi: Better error messages for bad enums
The previous commit demonstrated that the generator had several
flaws with less-than-perfect enums:
- an enum that listed the same string twice (or two variant
strings that map to the same C enumerator) ended up generating
an invalid C enum
- because the generator adds a _MAX terminator to each enum,
the use of an enum member 'max' can also cause this clash
- if an enum omits 'data', the generator left a python stack
trace rather than a graceful message
- an enum that used a non-array 'data' was silently accepted by
the parser
- an enum that used non-string members in the 'data' member
was silently accepted by the parser

Add check_enum to cover these situations, and update testcases
to match.  While valid .json files won't trigger any of these
cases, we might as well be nicer to developers that make a typo
while trying to add new QAPI code.

Backports commit cf3935907b5df16f667d54ad6761c7e937dcf425 from qemu
2018-02-19 13:23:55 -05:00
Eric Blake 79c351d3e6
qapi: Fix generation of 'size' builtin type
We were missing the 'size' builtin type (which means that QAPI using
[ 'size' ] would fail to compile).

Backports commit cb17f79eef0d161e81ac457e4c1f124405be2a18 from qemu
2018-02-19 13:20:05 -05:00
Eric Blake 9d5a99b029
qapi: Simplify builtin type handling
There was some redundancy between builtin_types[] and
builtin_type_qtypes{}.  Merge them into one.

Backports commit b52c4b9cf0bbafdf8cede4ea1f62770d86815718 from qemu
2018-02-19 13:15:21 -05:00
Eric Blake bf18f16174
qapi: Drop dead genlist parameter
Defaulting a parameter to True, then having all callers omit or
pass an explicit True for that parameter, is pointless. Looks
like it has been dead since introduction in commit 06d64c6, more
than 4 years ago.

Backports commit 6540e9f35bfeea2baf4509745516172070dca412 from qemu
2018-02-19 13:09:44 -05:00
Eric Blake 3aba81d5aa
qapi: Drop unused error argument for list and implicit struct
No backend was setting an error when ending the visit of a list or
implicit struct, or when moving to the next list node. Make the
callers a bit easier to follow by making this a part of the contract,
and removing the errp argument - callers can then unconditionally end
an object as part of cleanup without having to think about whether a
second error is dominated by a first, because there is no second
error.

A later patch will then tackle the larger task of splitting
visit_end_struct(), which can indeed set an error.

Backports commit 08f9541dec51700abef0c37994213164ca4e4fc9 from qemu
2018-02-19 12:59:54 -05:00
Eric Blake 70a7b25c6c
qapi: Tighten qmp_input_end_list()
The only way that qmp_input_pop() will set errp is if a dictionary
was the most recent thing pushed. Since we don't have any
push(struct)/pop(list) or push(list)/pop(struct) mismatches (such
a mismatch is a programming bug), we therefore cannot set errp
inside qmp_input_end_list(). Make this obvious by
using &error_abort. A later patch will then remove the errp
parameter of qmp_input_pop(), but that will first require the
larger task of splitting visit_end_struct().

Backports commit bdd8e6b5d8a9def83d491a3f41c10424fc366258 from qemu
2018-02-19 12:48:56 -05:00
Eric Blake eeffd97458
qapi: Make all visitors supply uint64 callbacks
Our qapi visitor contract supports multiple integer visitors,
but left the type_uint64 visitor as optional (falling back on
type_int64); which in turn can lead to awkward behavior with
numbers larger than INT64_MAX (the user has to be aware of
twos complement, and deal with negatives).

This patch does not address the disparity in handling large
values as negatives. It merely moves the fallback from uint64
to int64 from the visitor core to the visitors, where the issue
can actually be fixed, by implementing the missing type_uint64()
callbacks on top of the respective type_int64() callbacks, and
with a FIXME comment explaining why that's wrong.

With that done, we now have a type_uint64() callback in every
driver, so we can make it mandatory from the core. And although
the type_int64() callback can cover the entire valid range of
type_uint{8,16,32} on valid user input, using type_uint64() to
avoid mixed signedness makes more sense.

Backports commit f755dea79dc81b0d6a8f6414e0672e165e28d8ba from qemu
2018-02-19 11:59:22 -05:00
Eric Blake 5b5299bdee
qapi: Prefer type_int64 over type_int in visitors
The qapi builtin type 'int' is basically shorthand for the type
'int64'. In fact, since no visitor was providing the optional
type_int64() callback, visit_type_int64() was just always falling
back to type_int(), cementing the equivalence between the types.

However, some visitors are providing a type_uint64() callback.
For purposes of code consistency, it is nicer if all visitors
use the paired type_int64/type_uint64 names rather than the
mismatched type_int/type_uint64. So this patch just renames
the signed int callbacks in place, dropping the type_int()
callback as redundant, and a later patch will focus on the
unsigned int callbacks.

Add some FIXMEs to questionable reuse of errp in code touched
by the rename, while at it (the reuse works as long as the
callbacks don't modify value when setting an error, but it's not
a good example to set) - a later patch will then fix those.

No change in functionality here, although further cleanups are
in the pipeline.

Backports commit 4c40314a35816de635e7170eaacdc0c35be83a8a from qemu
2018-02-19 11:53:21 -05:00
Eric Blake 8f8064dc80
qapi: Avoid use of misnamed DO_UPCAST()
The macro DO_UPCAST() is incorrectly named: it converts from a
parent class to a derived class (which is a downcast). Better,
and more consistent with some of the other qapi visitors, is
to use the container_of() macro through a to_FOO() helper. Names
like 'to_ov()' may be a bit short, but for a static helper it
doesn't hurt too much, and matches existing practice in files
like qmp-input-visitor.c.

Our current definition of container_of() is weaker than
DO_UPCAST(), in that it does not require the derived class to
have Visitor as its first member, but this does not hurt our
usage patterns in qapi visitors.

Backports commit d7bea75d35a44023efc9d481d3a1a2600677b2ef from qemu
2018-02-19 11:47:34 -05:00
Richard Henderson 292c67109a
tcg: Introduce temp_load
Unify all of the places that realize a temporary into a register.

Backports commit 40ae5c62ebaaf7d9d3b93b88c2d32bf6342f7889 from qemu
2018-02-19 11:44:01 -05:00
Richard Henderson c821ffd989
tcg: Change temp_save argument to TCGTemp
Backports commit b13eb728d33deaa53efc0dcef557da998e6ec40e from qemu
2018-02-19 11:39:04 -05:00
Richard Henderson 2c3ad57215
tcg: Change temp_sync argument to TCGTemp
Backports commit 12b9b11a2743002232098afb41810f1c0cb211a0 from qemu
2018-02-19 11:37:12 -05:00
Richard Henderson 82a4e93629
tcg: Change temp_dead argument to TCGTemp
Backports commit f8bf00f1028a00a7978e9175da53944de95b9fcb from qemu
2018-02-19 11:34:17 -05:00
Richard Henderson daf837956c
tcg: Change reg_to_temp to TCGTemp pointer
Backports commit f8b2f202344b362b1e676688f838d6b7c08f1975 from qemu
2018-02-19 11:30:26 -05:00
Richard Henderson cf59e51811
tcg: Work around clang bug wrt enum ranges
A subsequent patch patch will change the type of REG from int
to enum TCGReg, which provokes the following bug in clang:

https://llvm.org/bugs/show_bug.cgi?id=16154

Backports commit c8074023204e8e8a213399961ab56e2814aa6116 from qemu
2018-02-19 11:23:19 -05:00
Richard Henderson 7cb5f2fed8
tcg: Tidy temporary allocation
In particular, make sure the memory is memset before use.
Continues the increased use of TCGTemp pointers instead of
integer indices where appropriate.

Backports commit 7ca4b752feaab647b0c1a147bd3815fcdb479a59 from qemu
2018-02-19 11:17:45 -05:00
Richard Henderson 45f9ddf970
tcg: Remove tcg_get_arg_str_i32/64
Backports commit e4ce0d4eb774eb2a8b6a27cd8a6f1d75e05c21ae from qemu
2018-02-19 02:07:04 -05:00
Richard Henderson 12577dfcc0
tcg: More use of TCGReg where appropriate
Backports commit b66386623176e0b0f3bd270640bdb8ac8431c732 from qemu
2018-02-19 02:06:08 -05:00
Emilio G. Cota e7a7d8c508
tcg: optimise memory layout of TCGTemp
This brings down the size of the struct from 56 to 32 bytes on 64-bit,
and to 20 bytes on 32-bit. This leads to memory savings:

Before:
$ find . -name 'tcg.o' | xargs size
   text    data     bss     dec     hex filename
  41131   29800      88   71019   1156b ./aarch64-softmmu/tcg/tcg.o
  37969   29416      96   67481   10799 ./x86_64-linux-user/tcg/tcg.o
  39354   28816      96   68266   10aaa ./arm-linux-user/tcg/tcg.o
  40802   29096      88   69986   11162 ./arm-softmmu/tcg/tcg.o
  39417   29672      88   69177   10e39 ./x86_64-softmmu/tcg/tcg.o

After:
$ find . -name 'tcg.o' | xargs size
   text    data     bss     dec     hex filename
  40883   29800      88   70771   11473 ./aarch64-softmmu/tcg/tcg.o
  37473   29416      96   66985   105a9 ./x86_64-linux-user/tcg/tcg.o
  38858   28816      96   67770   108ba ./arm-linux-user/tcg/tcg.o
  40554   29096      88   69738   1106a ./arm-softmmu/tcg/tcg.o
  39169   29672      88   68929   10d41 ./x86_64-softmmu/tcg/tcg.o

Note that using an entire byte for some enums that need less than
that wastes a few bits (noticeable in 32 bits, where we use
20 bytes instead of 16) but avoids extraction code, which overall
is a win--I've tested several variations of the patch, and the appended
is the best performer for OpenSSL's bntest by a very small margin:

Before:
$ taskset -c 0 perf stat -r 15 -- x86_64-linux-user/qemu-x86_64 img/bntest-x86_64 >/dev/null
[...]
 Performance counter stats for 'x86_64-linux-user/qemu-x86_64 img/bntest-x86_64' (15 runs):

      10538.479833 task-clock (msec)  # 0.999 CPUs utilized  ( +-  0.38% )
               772 context-switches   # 0.073 K/sec          ( +-  2.03% )
                 0 cpu-migrations     # 0.000 K/sec          ( +-100.00% )
             2,207 page-faults        # 0.209 K/sec          ( +-  0.08% )
      10.552871687 seconds time elapsed                      ( +-  0.39% )

After:
$ taskset -c 0 perf stat -r 15 -- x86_64-linux-user/qemu-x86_64 img/bntest-x86_64 >/dev/null
 Performance counter stats for 'x86_64-linux-user/qemu-x86_64 img/bntest-x86_64' (15 runs):

      10459.968847 task-clock (msec)  # 0.999 CPUs utilized  ( +-  0.30% )
               739 context-switches   # 0.071 K/sec          ( +-  1.71% )
                 0 cpu-migrations     # 0.000 K/sec          ( +- 68.14% )
             2,204 page-faults        # 0.211 K/sec          ( +-  0.10% )
      10.473900411 seconds time elapsed                      ( +-  0.30% )

Backports commit 00c8fa9ffeee7458e5ed62c962faf638156c18da from qemu
2018-02-19 02:03:01 -05:00
Richard Henderson c507f16702
tcg: Remove lingering references to gen_opc_buf
Three in comments and one in code in the stub tcg_liveness_analysis.

Backports commit 201577059331b8b3aef221ee2ed594deb99d6631 from qemu
2018-02-19 01:42:55 -05:00
Richard Henderson 8dbf46ca82
tcg: Respect highwater in tcg_out_tb_finalize
Undo the workaround at b17a6d3390f87620735f7efb03bb1c96682ff449.

If there are lots of memory operations in a TB, the slow path code
can exceed the highwater reservation. Add a check within the loop.

Backports commit 23dceda62a3643f734b7aa474fa6052593ae1a70 from qemu
2018-02-19 01:40:20 -05:00
Peter Maydell c9bf91049c
all: Clean up includes
Clean up includes so that osdep.h is included first and headers
which it implies are not included manually.

This commit was created with scripts/clean-includes.

Backports commit d38ea87ac54af64ef611de434d07c12dc0399216 from qemu
2018-02-19 01:34:28 -05:00
Peter Maydell 728aabd4c3
qom: Clean up includes
Clean up includes so that osdep.h is included first and headers
which it implies are not included manually.

This commit was created with scripts/clean-includes.

Backports commit 9bbc853bd4fc6e4cbdbfc8d52eab0730d3ba94ba from qemu
2018-02-19 01:31:35 -05:00
Peter Maydell 76d3aa92cc
qobject: Clean up includes
Clean up includes so that osdep.h is included first and headers
which it implies are not included manually.

This commit was created with scripts/clean-includes.

Backports commit f2ad72b30e214d1e3e41dba36f855354dfa81832 from qemu
2018-02-19 01:30:42 -05:00
Peter Maydell 31e4fcdc5b
qapi: Clean up includes
Clean up includes so that osdep.h is included first and headers
which it implies are not included manually.

This commit was created with scripts/clean-includes.

Backports commit cbf21151906c935d4276268b59429c58546462ae from qemu
2018-02-19 01:29:30 -05:00
Peter Maydell 56d213f16c
util: Clean up includes
Clean up includes so that osdep.h is included first and headers
which it implies are not included manually.

This commit was created with scripts/clean-includes.

Backports commit aafd758410015e08b1aa8964d739ba8587ce58dc from qemu
2018-02-19 01:27:55 -05:00
Peter Maydell 61a59665d6
target-arm: Don't report presence of EL2 if it doesn't exist
We already modify the processor feature bits to not report EL3
support to the guest if EL3 isn't enabled for the CPU we're emulating.
Add similar support for not reporting EL2 unless it is enabled.
This is necessary because real world guest code running at EL3
(trusted firmware or bootloaders) will query the ID registers to
determine whether it should start a guest Linux kernel in EL2 or EL3.

Backports commit 3c2f7bb32b4c597925c5c7411307d51f1a56045d from qemu
2018-02-19 01:23:28 -05:00
Edgar E. Iglesias 3ea1b2a84c
target-arm: Implement the S2 MMU inputsize > pamax check
Implement the inputsize > pamax check for Stage 2 translations.
This is CONSTRAINED UNPREDICTABLE and we choose to fault.

Backports commit 3526423e867765568ad95b8094ae8b4042cac215 from qemu
2018-02-19 01:22:00 -05:00
Edgar E. Iglesias 71f370d549
target-arm: Rename check_s2_startlevel to check_s2_mmu_setup
Rename check_s2_startlevel to check_s2_mmu_setup in preparation
for additional checks.

Backports commit a0e966c93a0968d29ef51447d08a6b7be6f4d757 from qemu
2018-02-19 01:16:11 -05:00
Edgar E. Iglesias bab59f6b18
target-arm: Apply S2 MMU startlevel table size check to AArch64
The S2 starting level table size check applies to both AArch32
and AArch64. Move it to common code.

Backports commit 98d68ec289750139258d9cd9ab3f6d7dd10bb762 from qemu
2018-02-19 01:13:35 -05:00
Peter Maydell d3e5003e53
target-arm: Make various system registers visible to EL3
The AArch64 system registers DACR32_EL2, IFSR32_EL2, SPSR_IRQ,
SPSR_ABT, SPSR_UND and SPSR_FIQ are visible and fully functional from
EL3 even if the CPU has no EL2 (unlike some others which are RES0
from EL3 in that configuration). Move them from el2_cp_reginfo[] to
v8_cp_reginfo[] so they are always present.

Backports commit 6a43e0b6e1f6bcd6b11656967422f4217258200a from qemu
2018-02-19 01:11:40 -05:00
Peter Maydell 79ca0b299a
m68k: Clean up includes
Clean up includes so that osdep.h is included first and headers
which it implies are not included manually.

This commit was created with scripts/clean-includes.

Backports commit d8416665774bb6c057cbb3dd67d802e67e7a03ef from qemu
2018-02-19 01:06:05 -05:00
Peter Maydell 4ca19f2cd6
tcg: Clean up includes
Clean up includes so that osdep.h is included first and headers
which it implies are not included manually.

This commit was created with scripts/clean-includes.

Backports commit 757e725b58c57d3ebb66a31fd2210df977a12154 from qemu
2018-02-19 01:04:30 -05:00
Peter Maydell 963b57c8de
x86: Clean up includes
Clean up includes so that osdep.h is included first and headers
which it implies are not included manually.

This commit was created with scripts/clean-includes.

Backports commit b6a0aa053711e27e1a7825c1fca662beb05bee6f from qemu
2018-02-19 01:00:09 -05:00
Peter Maydell 139fb637d6
sparc: Clean up includes
Clean up includes so that osdep.h is included first and headers
which it implies are not included manually.

This commit was created with scripts/clean-includes.

Backports commit db5ebe5f411833b0ce4b6fa86ee00366e32d3968 from qemu
2018-02-19 00:52:41 -05:00
Peter Maydell 293266a9d8
exec: Clean up includes
Clean up includes so that osdep.h is included first and headers
which it implies are not included manually.

This commit was created with scripts/clean-includes.

Backports commit 7b31bbc2e68605ab2f10dc609dd54cf4c7b5f49a from qemu
2018-02-19 00:49:55 -05:00
Peter Maydell 7043ccee92
crypto: Clean up includes
Backports commit 42f7a448dbc5d550b1d7f0ee6b622acccaed1d12 from qemu
2018-02-19 00:47:40 -05:00
Peter Maydell 00cf2aaef2
mips: Clean up includes
Clean up includes so that osdep.h is included first and headers
which it implies are not included manually.

This commit was created with scripts/clean-includes.

Backports commit c684822ad29968af09735148f03a511bc514589d from qemu
2018-02-19 00:45:08 -05:00
Miodrag Dinic 63dad98564
target-mips: Fix ALIGN instruction when bp=0
If executing ALIGN with shift count bp=0 within mips64 emulation,
the result of the operation should be sign extended.

Taken from the official documentation (pseudo code) :

ALIGN:
tmp_rt_hi = unsigned_word(GPR[rt]) << (8*bp)
tmp_rs_lo = unsigned_word(GPR[rs]) >> (8*(4-bp))
tmp = tmp_rt_hi || tmp_rt_lo
GPR[rd] = sign_extend.32(tmp)

Backports commit 51243852af322f0a1103a90c936c43db84def82f from qemu
2018-02-19 00:42:13 -05:00
Aurelien Jarno 2e8c6adc4b
target-mips: silence NaNs for cvt.s.d and cvt.d.s
cvt.s.d and cvt.d.s are FP operations and thus need to convert input
sNaN into corresponding qNaN. Explicitely use the floatXX_maybe_silence_nan
functions for that as the floatXX_to_floatXX functions do not do that.

Backports commit 1aa56f6ee7d2375b0734e98ba69cc41416894bbc from qemu
2018-02-19 00:40:29 -05:00
Dongxue Zhang a0f361c4e3
target-mips/cpu.h: Fix spell error
CP0IntCtl_IPPC1, the last letter should be 'i', not 'one'.

Backports commit 889912999d3f089cb8b6db8763ebec11022768b9 from qemu
2018-02-19 00:38:27 -05:00
Aurelien Jarno 5c1abe1b1b
softfloat: fix return type of roundAndPackFloat16
The roundAndPackFloat16 function should return a float16 value, not a
float32 one. Fix that.

Backports commit 7ceac86f49b564954f5bde477c4281f407be1399 from qemu
2018-02-19 00:36:45 -05:00
Peter Maydell c8220d5aaf
fpu: Replace uint8 typedef with uint8_t
Replace the uint8 softfloat-specific typedef with uint8_t.
This change was made with

find include hw fpu target-* -name '*.[ch]' | xargs sed -i -e 's/\buint8\b/uint8_t/g'

together with manual removal of the typedef definition and
manual fixing of more erroneous uses found via test compilation.

It turns out that the only code using this type is an accidental
use where uint8_t was intended anyway...

Backports commit d341d9f3062c74d74c94ebe6359f067bed8311ba from qemu
2018-02-19 00:34:41 -05:00
Peter Maydell 2eaf79bfd3
fpu: Replace int8 typedef with int8_t
Replace the int8 softfloat-specific typedef with int8_t.
This change was made with

find include hw fpu target-* -name '*.[ch]' | xargs sed -i -e 's/\bint8\b/int8_t/g'

together with manual removal of the typedef definition, and
manual undoing of various mis-hits.

Backports commit 8f506c709adb7d3bed4ebefefe9487c156192a64 from qemu
2018-02-19 00:33:01 -05:00
Peter Maydell 63ac282f1a
fpu: Replace uint32 typedef with uint32_t
Replace the uint32 softfloat-specific typedef with uint32_t.
This change was made with

find include hw fpu target-* -name '*.[ch]' | xargs sed -i -e 's/\buint32\b/uint32_t/g'

together with manual removal of the typedef definition,
manual undoing of various mis-hits, and another couple of
fixes found via test compilation.

All the uses in hw/ were using the wrong type by mistake.

Backports commit 3a87d00910ef64a2eece4aad25d96ea10683fc5c from qemu
2018-02-19 00:29:52 -05:00
Peter Maydell 9712d8a7ac
fpu: Replace int32 typedef with int32_t
Replace the int32 softfloat-specific typedef with int32_t.
This change was made with

find hw include fpu target-* -name '*.[ch]' | xargs sed -i -e 's/\bint32\b/int32_t/g'

together with manual removal of the typedef definition, and
manual undoing of some mis-hits where macro arguments were
being used for token pasting rather than as a type.

The uses in hw/ipmi/ should not have been using this type at all.

Backports commit f4014512cda682a9d0c75310d278d7ae96b0505c from qemu
2018-02-19 00:24:56 -05:00
Peter Maydell df84f0d513
fpu: Replace uint64 typedef with uint64_t
Replace the uint64 softfloat-specific typedef with uint64_t.
This change was made with

find include fpu target-* -name '*.[ch]' | xargs sed -i -e 's/\buint64\b/uint64_t/g'

together with manual removal of the typedef definition, and
manual undoing of some mis-hits where macro arguments were
being used for token pasting rather than as a type.

Note that the target-mips/kvm.c and target-s390x/kvm.c changes are fixing
code that should not have been using the uint64 type in the first place.

Backports commit 182f42fdc219e6481654fcfb73b17e4b4e63b6ff from qemu
2018-02-19 00:16:49 -05:00
Peter Maydell 940106cd69
fpu: Replace int64 typedef with int64_t
Replace the int64 softfloat-specific typedef with int64_t.
This change was made with

find include fpu target-* -name '*.[ch]' | xargs sed -i -e 's/\bint64\b/int64_t/g'

together with manual removal of the typedef definition, and
manual undoing of some mis-hits where macro arguments were
being used for token pasting rather than as a type.

Backports commit f42c222482b651400f0fa417eb174da1c9502c1c from qemu
2018-02-19 00:14:18 -05:00
Huaitong Han e3d01bc57e
target-i386: Add PKU and and OSPKE support
Add PKU and OSPKE CPUID features, including xsave state and
migration support.

Backports commit f74eefe0b98cd7e13825de8e8d9f32e22aed102c from qemu
2018-02-19 00:07:31 -05:00
Haozhong Zhang be65d10c09
target-i386: Add support to migrate vcpu's TSC rate
This patch enables migrating vcpu's TSC rate. If KVM on the
destination machine supports TSC scaling, guest programs will
observe a consistent TSC rate across the migration.

If TSC scaling is not supported on the destination machine, the
migration will not be aborted and QEMU on the destination will
not set vcpu's TSC rate to the migrated value.

If vcpu's TSC rate specified by CPU option 'tsc-freq' on the
destination machine is inconsistent with the migrated TSC rate,
the migration will be aborted.

For backwards compatibility, the migration of vcpu's TSC rate is
disabled on pc-*-2.5 and older machine types.

Backports relevant parts of commit 36f96c4b6bd25f43000c317518ff3df10202bc75 from qemu
2018-02-18 23:59:08 -05:00
Eduardo Habkost 974c3bfdd3
target-i386: Add suffixes to MMReg struct fields
This will ensure we never use the MMX_* and ZMM_* macros with the
wrong struct type.

Backports commit f23a9db6bca5b9a228c77bbcaa06d01510e148b7 from qemu
2018-02-18 23:57:16 -05:00
Eduardo Habkost 0b1f839189
target-i386: Define MMREG_UNION macro
This will simplify the definitions of ZMMReg and MMXReg.

Backports commit 31d414d649b289ff9d1e048c41554298d1094fd3 from qemu
2018-02-18 23:55:29 -05:00
Eduardo Habkost 831fdde7fa
target-i386: Define MMXReg._d field
Add a new field and reorder MMXReg fields, to make MMXReg and
ZMMReg field lists look the same (except for the array sizes).

Backports commit 9253e1a7923e94598419ac9a7df7b8bc6cba65a5 from qemu
2018-02-18 23:54:09 -05:00
Eduardo Habkost 566acb7188
target-i386: Rename XMM_[BWLSDQ] helpers to ZMM_*
They are helpers for the ZMMReg fields, so name them accordingly.

This is just a global search+replace, no other changes are being
introduced.

Backports commit 19cbd87c14ab208858ee1233b790f37cfefed4b9 from qemu
2018-02-18 23:53:16 -05:00
Eduardo Habkost e90dbe6bb9
target-i386: Rename struct XMMReg to ZMMReg
The struct represents a 512-bit register, so name it accordingly.

This is just a global search+replace, no other changes are being
introduced.

Backports commit fa4518741ed69aa7993f9c15bb52eacc375681fc from qemu
2018-02-18 23:46:30 -05:00
Eduardo Habkost 326fa3d207
target-i386: Use a _q array on MMXReg too
Make MMXReg use the same field names used on XMMReg, so we can
try to reuse macros and other code later.

Backports commit 9618f40f06e90c8fa8ae06b56c7404a7cc937e22 from qemu
2018-02-18 23:20:26 -05:00
Eduardo Habkost ea83d22cdf
target-i386/ops_sse.h: Use MMX_Q macro
We have a MMX_Q macro in addition to MMX_{B,W,L}. Use it.

Backports commit 83625474b340c0f1eb2544d7a6e898cc68e868a2 from qemu
2018-02-18 23:16:21 -05:00
Eduardo Habkost baf37a04ad
target-i386: Rename optimize_flags_init()
Rename the function so that the reason for its existence is
clearer: it does x86-specific initialization of TCG structures.

Backports commit 63618b4ed48f0fc2a7a3fd1117e2f0b512248dab from qemu
2018-02-18 22:56:02 -05:00
Peter Maydell 22dadac875
target-arm: Implement FPEXC32_EL2 system register
The AArch64 FPEXC32_EL2 system register is visible at EL2 and EL3,
and allows those exception levels to read and write the FPEXC
register for a lower exception level that is using AArch32.

Backports commit 03fbf20f4da58f41998dc10ec7542f65d37ba759 from qemu
2018-02-18 22:52:54 -05:00
Peter Maydell f4ae64e78a
target-arm: ignore ELR_ELx[1] for exception return to 32-bit ARM mode
The architecture requires that for an exception return to AArch32 the
low bits of ELR_ELx are ignored when the PC is set from them:
* if returning to Thumb mode, ignore ELR_ELx[0]
* if returning to ARM mode, ignore ELR_ELx[1:0]

We were only squashing bit 0; also squash bit 1 if the SPSR T bit
indicates this is a return to ARM code.

Backports commit c1e0371442bf3a7e42ad53c2a3d816ed7099f81d from qemu
2018-02-18 22:50:18 -05:00
Peter Maydell 9826fc4414
target-arm: Implement remaining illegal return event checks
We already implement almost all the checks for the illegal
return events from AArch64 state described in the ARM ARM section
D1.11.2. Add the two missing ones:
* return to EL2 when EL3 is implemented and SCR_EL3.NS is 0
* return to Non-secure EL1 when EL2 is implemented and HCR_EL2.TGE is 1

(We don't implement external debug, so the case of "debug state exit
from EL0 using AArch64 state to EL0 using AArch32 state" doesn't apply
for QEMU.)

Backports commit e393f339af87da7210f6c86902b321df6a2e8bf5 from qemu
2018-02-18 22:47:23 -05:00
Peter Maydell 2ffb545ec3
target-arm: Handle exception return from AArch64 to non-EL0 AArch32
Remove the assumptions that the AArch64 exception return code was
making about a return to AArch32 always being a return to EL0.
This includes pulling out the illegal-SPSR checks so we can apply
them for return to 32 bit as well as return to 64-bit.

Backports commit 3809951bf61605974b91578c582de4da28f8ed07 from qemu
2018-02-18 22:46:50 -05:00
Peter Maydell 134eeeeacc
target-arm: Fix wrong AArch64 entry offset for EL2/EL3 target
The entry offset when taking an exception to AArch64 from a lower
exception level may be 0x400 or 0x600. 0x400 is used if the
implemented exception level immediately lower than the target level
is using AArch64, and 0x600 if it is using AArch32. We were
incorrectly implementing this as checking the exception level
that the exception was taken from. (The two can be different if
for example we take an exception from EL0 to AArch64 EL3; we should
in this case be checking EL2 if EL2 is implemented, and EL1 if
EL2 is not implemented.)

Backports commit 3d6f761713745dfed7d2ccfe98077d213a6a6eba from qemu
2018-02-18 22:43:52 -05:00
Peter Maydell d7c3ba6fa0
target-arm: Pull semihosting handling out to arm_cpu_do_interrupt()
Handling of semihosting calls should depend on the register width
of the calling code, not on that of any higher exception level,
so we need to identify and handle semihosting calls before we
decide whether to deliver the exception as an entry to AArch32
or AArch64. (EXCP_SEMIHOST is also an "internal exception" so
it has no target exception level in the first place.)

This will allow AArch32 EL1 code to use semihosting calls when
running under an AArch64 EL3.

Backports commit 904c04de2e1b425e7bc8c4ce2fae3d652eeed242 from qemu
2018-02-18 22:41:58 -05:00
Peter Maydell 4d0bdc61b6
target-arm: Use a single entry point for AArch64 and AArch32 exceptions
If EL2 or EL3 is present on an AArch64 CPU, then exceptions can be
taken to an exception level which is running AArch32 (if only EL0
and EL1 are present then EL1 must be AArch64 and all exceptions are
taken to AArch64). To support this we need to have a single
implementation of the CPU do_interrupt() method which can handle both
32 and 64 bit exception entry.

Pull the common parts of aarch64_cpu_do_interrupt() and
arm_cpu_do_interrupt() out into a new function which calls
either the AArch32 or AArch64 specific entry code once it has
worked out which one is needed.

We temporarily special-case the handling of EXCP_SEMIHOST to
avoid an assertion in arm_el_is_aa64(); the next patch will
pull all the semihosting handling out to the arm_cpu_do_interrupt()
level (since semihosting semantics depend on the register width
of the calling code, not on that of any higher EL).

Backports commit 966f758c49ff478c4757efa5970ce649161bff92 from qemu
2018-02-18 22:34:31 -05:00
Peter Maydell e1925bb5fb
target-arm: Move aarch64_cpu_do_interrupt() to helper.c
Move the aarch64_cpu_do_interrupt() function to helper.c. We want
to be able to call this from code that isn't AArch64-only, and
the move allows us to avoid awkward #ifdeffery at the callsite.

Backports commit f3a9b6945cbbb23f3a70da14e9ffdf1e60c580a8 from qemu
2018-02-18 22:23:06 -05:00
Peter Maydell c06519a2fd
target-arm: Properly support EL2 and EL3 in arm_el_is_aa64()
Support EL2 and EL3 in arm_el_is_aa64() by implementing the
logic for checking the SCR_EL3 and HCR_EL2 register-width bits
as appropriate to determine the register width of lower exception
levels.

Backports commit 446c81abf8e0572b8d5d23fe056516ac62af278d from qemu
2018-02-18 22:20:51 -05:00
Lioncash f1f3ff39eb
target-arm: Support multiple address spaces in page table walks
If we have a secure address space, use it in page table walks:
when doing the physical accesses to read descriptors, make them
through the correct address space.

(The descriptor reads are the only direct physical accesses
made in target-arm/ for CPUs which might have TrustZone.)

Backports commit 5ce4ff6502fc6ae01a30c3917996c6c41be1d176 from qemu
2018-02-18 22:18:28 -05:00
Peter Maydell d3eb5fb710
target-arm: Implement cpu_get_phys_page_attrs_debug
Implement cpu_get_phys_page_attrs_debug instead of cpu_get_phys_page_debug.

Backports commit 0faea0c7e6b729c64035b3591b184eeeeef6f1d4 from qemu
2018-02-18 22:15:50 -05:00
Peter Maydell f96988503a
target-arm: Implement asidx_from_attrs
Implement the asidx_from_attrs CPU method to return the
Secure or NonSecure address space as appropriate.

(The function is inline so we can use it directly in target-arm
code to be added in later patches.)

Backports commit 017518c1f6ed9939c7f390cb91078f0919b5494c from qemu
2018-02-18 22:11:55 -05:00
Peter Maydell c13497c369
target-arm: Add QOM property for Secure memory region
Add QOM property to the ARM CPU which boards can use to tell us what
memory region to use for secure accesses. Nonsecure accesses
go via the memory region specified with the base CPU class 'memory'
property.

By default, if no secure region is specified it is the same as the
nonsecure region, and if no nonsecure region is specified we will use
address_space_memory.

Backports commit 9e273ef2174d7cd5b14a16d8638812541d3eb6bb from qemu
2018-02-18 22:09:46 -05:00
Peter Crosthwaite fd4e62bc1d
exec: Respect as_translate_internal length clamp
address_space_translate_internal will clamp the *plen length argument
based on the size of the memory region being queried. The iommu walker
logic in addresss_space_translate was ignoring this by discarding the
post fn call value of *plen. Fix by just always using *plen as the
length argument throughout the fn, removing the len local variable.

This fixes a bootloader bug when a single elf section spans multiple
QEMU memory regions.

Backports commit 23820dbfc79d1c9dce090b4c555994f2bb6a69b3 from qemu
2018-02-18 22:04:02 -05:00
Peter Crosthwaite ce997e1caf
qom/cpu: Add MemoryRegion property
Add a MemoryRegion property, which if set is used to construct
the CPU's initial (default) AddressSpace.

Backports commit 6731d864f80938e404dc3e5eb7f6b76b891e3e43 from qemu
2018-02-18 21:54:50 -05:00
Lioncash 6d5f465449
uc: Handle freeing of multiple address spaces 2018-02-18 21:36:50 -05:00
Lioncash 2210c7f486
cpus: Relocate address space initialization
Moves it to qemu_init_vcpu where it belongs
2018-02-18 21:05:04 -05:00
Lioncash 6a7974277a
Move RAMBlock deallocation to reclaim_ramblock
Backports a minor portion of commit 43771539d4666cba16298fc6b0ea63867425277c from qemu
2018-02-18 19:38:51 -05:00
Lioncash aa0ce52b97
exec: Add missing atomic reads 2018-02-18 19:28:02 -05:00
Peter Maydell 5192f806aa
exec.c: Use atomic_rcu_read() to access dispatch in memory_region_section_get_iotlb()
When accessing the dispatch pointer in an AddressSpace within an RCU
critical section we should always use atomic_rcu_read(). Fix an
access within memory_region_section_get_iotlb() which was incorrectly
doing a direct pointer access.

Backports commit 0b8e2c1002afddc8ef3d52fa6fc29e4768429f98 from qemu
2018-02-18 19:22:39 -05:00
Dr. David Alan Gilbert 75701d03ee
qemu_ram_foreach_block: pass up error value, and down the ramblock name
check the return value of the function it calls and error if it's non-0
Fixup qemu_rdma_init_one_block that is the only current caller,
  and rdma_add_block the only function it calls using it.

Pass the name of the ramblock to the function; helps in debugging.

Backports commit e3807054e20fb3b94d18cb751c437ee2f43b6fac from qemu
2018-02-18 19:17:18 -05:00
Paolo Bonzini 71beea204c
exec: avoid possible overwriting of mmaped area in qemu_ram_remap
It is not necessary to munmap an area before remapping it with MAP_FIXED;
if the memory region specified by addr and len overlaps pages of any
existing mapping, then the overlapped part of the existing mapping will
be discarded.

On the other hand, if QEMU does munmap the pages, there is a small
probability that another mmap sneaks in and catches the just-freed
portion of the address space.  In effect, munmap followed by
mmap(MAP_FIXED) is a use-after-free error, and Coverity flags it
as such.  Fix it.

Backports commit f18c69cfc554cf9776eb3c35b7510e17541afacb from qemu
2018-02-18 19:09:37 -05:00
Paolo Bonzini aad1027c96
Revert "exec: Respect as_tranlsate_internal length clamp"
This reverts commit c3c1bb9.
It causes problems with boards that declare memory regions shorter
than the registers they contain.

Backports commit 4025446f0ac6213335c22ec43f3c3d8362ce7286 from qemu
2018-02-18 19:07:44 -05:00
Michael S. Tsirkin 1cc51e4b53
exec: round up size on MR resize
Block size must fundamentally be a multiple of target page size.
Aligning automatically removes need to worry about the alignment
from callers.

Note: the only caller of qemu_ram_resize (acpi) already happens to have
size padded to a power of 2, but we would like to drop the padding in
ACPI core, and don't want to expose target page size knowledge to ACPI

Backports commit 129ddaf31be583fb7c97812e07e028661005ce42 from qemu
2018-02-18 19:02:27 -05:00
Lioncash 024ec1755e
Convert ram_list to RCU
Allow "unlocked" reads of the ram_list by using an RCU-enabled QLIST.

The ramlist mutex is kept.  call_rcu callbacks are run with the iothread
lock taken, but that may change in the future.  Writers still take the
ramlist mutex, but they no longer need to assume that the iothread lock
is taken.

Readers of the list, instead, no longer require either the iothread
or ramlist mutex, but they need to use rcu_read_lock() and
rcu_read_unlock().

One place in arch_init.c was downgrading from write side to read side
like this:

    qemu_mutex_lock_iothread()
    qemu_mutex_lock_ramlist()
    ...
    qemu_mutex_unlock_iothread()
    ...
    qemu_mutex_unlock_ramlist()

and the equivalent idiom is:

    qemu_mutex_lock_ramlist()
    rcu_read_lock()
    ...
    qemu_mutex_unlock_ramlist()
    ...
    rcu_read_unlock()

Backports the write barriers from commit 0dc3f44aca18b1be8b425f3f4feb4b3e8d68de2e in qemu
2018-02-18 18:53:49 -05:00
Mike Day 2b93290eea
exec: convert ram_list to QLIST
QLIST has RCU-friendly primitives, so switch to it.

Backports commit 0d53d9fe8a0dcb849bc7c9836e9e6a287f9aa787 from qemu
2018-02-18 18:49:24 -05:00
Paolo Bonzini 15b3a9358e
exec: fix madvise of NULL pointer
Coverity flags this as "dereference after null check".  Not quite a
dereference, since it will just EFAULT, but still nice to fix.

Backports commit a904c91196a9c5dbd7b9abcd3d40b0824286fb1c from qemu
2018-02-18 18:19:39 -05:00
Peter Maydell e07cd2542c
exec.c: Drop TARGET_HAS_ICE define and checks
The TARGET_HAS_ICE #define is intended to indicate whether a target-*
guest CPU implementation supports the breakpoint handling. However,
all our guest CPUs have that support (the only two which do not
define TARGET_HAS_ICE are unicore32 and openrisc, and in both those
cases the bp support is present and the lack of the #define is just
a bug). So remove the #define entirely: all new guest CPU support
should include breakpoint handling as part of the basic implementation.

Backports commit ec53b45bcd1f74f7a4c31331fa6d50b402cd6d26 from qemu
2018-02-18 18:17:14 -05:00
Amit Shah f64e3d4931
exec: add wrapper for host pointer access
host pointer accesses force pointer math, let's
add a wrapper to make them safer.

Backports relevant parts of commit 1240be24357ee292f8d05aa2abfdba75dd0ca25d from qemu
2018-02-18 18:10:17 -05:00
Paolo Bonzini 0696e7fe19
exec: allows 8-byte accesses in subpage_ops
Otherwise fw_cfg accesses are split into 4-byte ones before they reach the
fw_cfg ops / handlers.

Backports commit ff6cff7554be06e95f8d712f66cd16bd6681c746 from qemu
2018-02-18 18:06:37 -05:00
Paolo Bonzini a06611e45b
exec: skip MMIO regions correctly in cpu_physical_memory_write_rom_internal
Loading the BIOS in the mac99 machine is interesting, because there is a
PROM in the middle of the BIOS region (from 16K to 32K).  Before memory
region accesses were clamped, when QEMU was asked to load a BIOS from
0xfff00000 to 0xffffffff it would put even those 16K from the BIOS file
into the region.  This is weird because those 16K were not actually
visible between 0xfff04000 and 0xfff07fff.  However, it worked.

After clamping was added, this also worked.  In this case, the
cpu_physical_memory_write_rom_internal function split the write in
three parts: the first 16K were copied, the PROM area (second 16K) were
ignored, then the rest was copied.

Problems then started with commit 965eb2f (exec: do not clamp accesses
to MMIO regions, 2015-06-17).  Clamping accesses is not done for MMIO
regions because they can overlap wildly, and MMIO registers can be
expected to perform full-width accesses based only on their address
(with no respect for adjacent registers that could decode to completely
different MemoryRegions).  However, this lack of clamping also applied
to the PROM area!  cpu_physical_memory_write_rom_internal thus failed
to copy the third range above, i.e. only copied the first 16K of the BIOS.

In effect, address_space_translate is expecting _something else_ to do
the clamping for MMIO regions if the incoming length is large.  This
"something else" is memory_access_size in the case of address_space_rw,
so use the same logic in cpu_physical_memory_write_rom_internal.

Backports commit b242e0e0e2969c044a318e56f7988bbd84de1f63 from qemu
2018-02-18 17:57:08 -05:00
Paolo Bonzini 32996e48fc
exec: clamp accesses against the MemoryRegionSection
Because the clamping was done against the MemoryRegion,
address_space_rw was effectively broken if a write spanned
multiple sections that are not linear in underlying memory
(with the memory not being under an IOMMU).

This is visible with the MIPS rc4030 IOMMU, which is implemented
as a series of alias memory regions that point to the actual RAM.

Backports commit e4a511f8cc6f4a46d409fb5c9f72c38ba45f8d83 from qemu
2018-02-18 17:52:58 -05:00
Lioncash 7c21d3059e
memory: Silence unused variable warning 2018-02-18 17:52:03 -05:00
Paolo Bonzini 26ba2e91f6
exec: do not clamp accesses to MMIO regions
It is common for MMIO registers to overlap, for example a 4 byte register
at 0xcf8 (totally random choice... :)) and a 1 byte register at 0xcf9.
If these registers are implemented via separate MemoryRegions, it is
wrong to clamp the accesses as the value written would be truncated.

Hence for these regions the effects of commit 23820db (exec: Respect
as_translate_internal length clamp, 2015-03-16, previously applied as
commit c3c1bb9) must be skipped.

Backports commit 965eb2fcdfe919ecced6c34803535ad32dc1249c from qemu
2018-02-18 17:50:27 -05:00
Peter Crosthwaite b82e711a65
memory: Add address_space_init_shareable()
This will either create a new AS or return a pointer to an
already existing equivalent one, if we have already created
an AS for the specified root memory region.

The motivation is to reuse address spaces as much as possible.
It's going to be quite common that bus masters out in device land
have pointers to the same memory region for their mastering yet
each will need to create its own address space. Let the memory
API implement sharing for them.

Aside from the perf optimisations, this should reduce the amount
of redundant output on info mtree as well.

Thee returned value will be malloced, but the malloc will be
automatically freed when the AS runs out of refs.

Backports commit f0c02d15b57da6f5463e3768aa0cfeedccf4b8f4 from qemu
2018-02-18 00:18:21 -05:00
Peter Maydell 73efe6cda3
exec.c: Use cpu_get_phys_page_attrs_debug
Use cpu_get_phys_page_attrs_debug() when doing virtual-to-physical
conversions in debug related code, so that we can obtain the right
address space index and thus select the correct AddressSpace,
rather than always using cpu->as.

Backports commit 5232e4c798ba7a46261d3157b73d08fc598e7dcb from qemu
2018-02-17 23:26:09 -05:00
Peter Maydell 1dfba71bef
exec.c: Add cpu_get_address_space()
Add a function to return the AddressSpace for a CPU based on
its numerical index. (Callers outside exec.c don't have access
to the CPUAddressSpace struct so can't just fish it out of the
CPUState struct directly.)

Backports commit 651a5bc03705102de519ebf079a40ecc1da991db from qemu
2018-02-17 23:22:23 -05:00
Peter Maydell 2fe995a0da
exec.c: Pass MemTxAttrs to iotlb_to_region so it uses the right AS
Pass the MemTxAttrs for the memory access to iotlb_to_region(); this
allows it to determine the correct AddressSpace to use for the lookup.

Backports commit a54c87b68a0410d0cf6f8b84e42074a5cf463732 from qemu
2018-02-17 23:19:00 -05:00
Peter Maydell 8edd6ffdfd
cputlb.c: Use correct address space when looking up MemoryRegionSection
When looking up the MemoryRegionSection for the new TLB entry in
tlb_set_page_with_attrs(), use cpu_asidx_from_attrs() to determine
the correct address space index for the lookup, and pass it into
address_space_translate_for_iotlb().

Backports commit d7898cda81b6efa6b2d7a749882695cdcf280eaa from qemu
2018-02-17 23:15:22 -05:00
Peter Maydell d23831f4dd
cpu: Add new asidx_from_attrs() method
Add a new method to CPUClass which the memory system core can
use to obtain the correct address space index to use for a memory
access with a given set of transaction attributes, together
with the wrapper function cpu_asidx_from_attrs() which implements
the default behaviour ("always use asidx 0") for CPU classes
which don't provide the method.

Backports commit d7f25a9e6a6b2c69a0be6033903b7d6087bcf47d from qemu
2018-02-17 22:45:32 -05:00
Lioncash 1cc4b92c67
cpu: Add new get_phys_page_attrs_debug() method
Add a new optional method get_phys_page_attrs_debug() to CPUClass.
This is like the existing get_phys_page_debug(), but also returns
the memory transaction attributes to use for the access.
This will be necessary for CPUs which have multiple address
spaces and use the attributes to select the correct address
space.

We provide a wrapper function cpu_get_phys_page_attrs_debug()
which falls back to the existing get_phys_page_debug(), so we
don't need to change every target CPU.

Backports commit 1dc6fb1f5cc5cea5ba01010a19c6acefd0ae4b73 from qemu
2018-02-17 22:43:42 -05:00
Peter Maydell 90c7c1bdb5
exec-all.h: Document tlb_set_page_with_attrs, tlb_set_page
Add documentation comments for tlb_set_page_with_attrs()
and tlb_set_page().

Backports commit 1787cc8ee55143b6071c87e59f08d56e7c22c1eb from qemu
2018-02-17 22:37:58 -05:00
Peter Maydell 51369b67cd
exec.c: Allow target CPUs to define multiple AddressSpaces
Allow multiple calls to cpu_address_space_init(); each
call adds an entry to the cpu->ases array at the specified
index. It is up to the target-specific CPU code to actually use
these extra address spaces.

Since this multiple AddressSpace support won't work with
KVM, add an assertion to avoid confusing failures.

Backports commit 12ebc9a76dd7702aef0a3618717a826c19c34ef4 from qemu
2018-02-17 22:35:13 -05:00
Peter Maydell f1b237236c
exec.c: Don't set cpu->as until cpu_address_space_init
Rather than setting cpu->as unconditionally in cpu_exec_init
(and then having target-i386 override this later), don't set
it until the first call to cpu_address_space_init.

This requires us to initialise the address space for
both TCG and KVM (KVM doesn't need the AS listener but
it does require cpu->as to be set).

For target CPUs which don't set up any address spaces (currently
everything except i386), add the default address_space_memory
in qemu_init_vcpu().

Backports commit 56943e8cc14b7eeeab67d1942fa5d8bcafe3e53f from qemu
2018-02-17 22:24:36 -05:00
Peter Maydell 51aeab661f
hw/arm: Clean up includes
Clean up includes so that osdep.h is included first and headers
which it implies are not included manually.

This commit was created with scripts/clean-includes.

Backports commit 12b167226f2804063cf8d72fe4fdc01764c99e96 from qemu
2018-02-17 21:10:57 -05:00
Peter Maydell cd5c4037ac
target-arm: Clean up includes
Clean up includes so that osdep.h is included first and headers
which it implies are not included manually.

This commit was created with scripts/clean-includes.

Backports commit 74c21bd07491739c6e56bcb1f962e4df730e77f3 from qemu
2018-02-17 21:09:32 -05:00
Juan Quintela 7da263e4ea
target-sparc: Convert to VMStateDescription
Convert the SPARC CPU from cpu_load/save functions to VMStateDescription.
We preserve migration compatibility with the previous version
(required for SPARC32 but not necessarily for SPARC64).

Backports commit df32c8d436d4eb3f40b00647ca0df2bbc7f6bf6f from qemu
2018-02-17 21:06:46 -05:00
Peter Maydell a734ef8156
target-sparc: Split cpu_put_psr into side-effect and no-side-effect parts
For inbound migration we really want to be able to set the PSR without
having any side effects, but cpu_put_psr() calls cpu_check_irqs() which
might try to deliver CPU interrupts. Split cpu_put_psr() into the
no-side-effect and side-effect parts.

This includes reordering the cpu_check_irqs() to the end of cpu_put_psr(),
because that function may actually end up calling cpu_interrupt(), which
does not seem like a good thing to happen in the middle of updating the PSR.

Backports commit 4552a09dd4055c806b7df8c595dc0fb8951834be from qemu
2018-02-17 21:04:15 -05:00
Paolo Bonzini 3dab621825
target-i386: do not duplicate page protection checks
x86_cpu_handle_mmu_fault is currently checking twice for writability
and executability of pages; the first time to decide whether to
trigger a page fault, the second time to compute the "prot" argument
to tlb_set_page_with_attrs.

Reorganize code so that first "prot" is computed, then it is used
to check whether to raise a page fault, then finally PROT_WRITE is
removed if the D bit will have to be set.

Backports commit 76c64d33601a4948d6f72022992574a75b6fab97 from qemu
2018-02-17 20:59:54 -05:00
Alvise Rigo 1e3e75fa44
target-arm: Use the right MMU index in arm_regime_using_lpae_format
arm_regime_using_lpae_format checks whether the LPAE extension is used
for stage 1 translation regimes. MMU indexes not exclusively of a stage 1
regime won't work with this method.

In case of ARMMMUIdx_S12NSE0 or ARMMMUIdx_S12NSE1, offset these values
by ARMMMUIdx_S1NSE0 to get the right index indicating a stage 1
translation regime.

Rename also the function to arm_s1_regime_using_lpae_format and update
the comments to reflect the change.

Backports commit deb2db996cbb9470b39ae1e383791ef34c4eb3c2 from qemu
2018-02-17 20:56:32 -05:00
Markus Armbruster e4976f4597
error: Improve documentation
While there, tighten error_append_hint()'s assertion.

Backports commit f4d0064afcff4c38b379800674938cde8f069dcd from qemu
2018-02-17 20:52:49 -05:00
Markus Armbruster 9398bd49fe
error: Document how to accumulate multiple errors
Backports commit 8d780f43921feb7fd8d0b58f779a22d1265f2378 from qemu
2018-02-17 20:49:12 -05:00
Peter Maydell f336fc39eb
osdep.h: Include glib-compat.h in osdep.h rather than qemu-common.h
Our use of glib is now pervasive across QEMU. Move the include of glib-compat.h
from qemu-common.h to osdep.h so that it is more widely accessible and doesn't
get forgotten by accident. (Failure to include it will result in build failure
on old versions of glib which is likely to be unnoticed by most developers.)

Backports commit 529490e5d664a20d5c4223070dd7c03a0e02b6bd from qemu
2018-02-17 20:47:28 -05:00
Paolo Bonzini 1650af8c8b
memory: try to inline constant-length reads
memcpy can take a large amount of time for small reads and writes.
Handle the common case of reading s/g descriptors from memory (there
is no corresponding "write" case that is as common, because writes
often use address_space_st* functions) by inlining the relevant
parts of address_space_read into the caller.

Backports commit 3cc8f884996584630734a90c9b3c535af81e3c92 from qemu
2018-02-17 20:44:39 -05:00
Paolo Bonzini 712c300639
memory: inline a few small accessors
These are used in the address_space_* fast paths.

Backports commit 1619d1fe737d2af068aefe134386a69b76164794 from qemu
2018-02-17 20:35:28 -05:00
Paolo Bonzini 9a78c61145
memory: extract first iteration of address_space_read and address_space_write
We want to inline the case where there is only one iteration, because
then the compiler can also inline the memcpy. As a start, extract
everything after the first address_space_translate call.

Backports commit a203ac702e0720135fac8b1f2061d119814c1798 from qemu
2018-02-17 20:31:21 -05:00
Paolo Bonzini 0688343929
memory: split address_space_read and address_space_write
Rather than dispatching on is_write for every iteration, make
address_space_rw call one of the two functions. The amount of
duplicate logic is pretty small, and memory_access_is_direct can
be tweaked so that it inlines better in the callers.

Backports commit eb7eeb88628074207dd611472e712af775985e73 from qemu
2018-02-17 20:19:05 -05:00
Paolo Bonzini 077ffc3bd5
memory: avoid unnecessary object_ref/unref
For the common case of DMA into non-hotplugged RAM, it is unnecessary
but expensive to do object_ref/unref. Add back an owner field to
MemoryRegion, so that these memory regions can skip the reference
counting.

Backports commit 612263cf33062f7441a5d0e3b37c65991fdc3210 from qemu
2018-02-17 20:10:25 -05:00
Paolo Bonzini e6b25279f8
memory: reorder MemoryRegion fields
Order fields so that all fields accessed during a RAM read/write fit in
the same cache line.

Backports commit a676854f3447019c7c4b005ab6aece905fccfddd from qemu
2018-02-17 19:48:52 -05:00
Paolo Bonzini 52b3120995
exec: make qemu_ram_ptr_length more similar to qemu_get_ram_ptr
Notably, use qemu_get_ram_block to enjoy the MRU optimization.

Backports commit e81bcda529378f5ed8b9b0b59bb2b24b8ee1c814 from qemu
2018-02-17 19:46:37 -05:00
Eduardo Habkost d52f55b46d
memory: Eliminate memory_region_destructor_ram_from_ptr()
The function is equivalent to memory_region_destructor_ram(), so
it's not needed anymore.

Backports commit fc3e7665d7fe1b2f842441d250d7afec26b8a910 from qemu
2018-02-17 19:39:22 -05:00
Eduardo Habkost 26791ea61b
exec: Eliminate qemu_ram_free_from_ptr()
Replace qemu_ram_free_from_ptr() with qemu_ram_free().

The only difference between qemu_ram_free_from_ptr() and
qemu_ram_free() is that g_free_rcu() is used instead of
call_rcu(reclaim_ramblock). We can safely replace it because:

* RAM blocks allocated by qemu_ram_alloc_from_ptr() always have
RAM_PREALLOC set;
* reclaim_ramblock(block) will do nothing except g_free(block)
if RAM_PREALLOC is set at block->flags.

Backports commit a29ac16632aec6065c72985b9f7eeb1ca6fbef4a from qemu
2018-02-17 19:37:45 -05:00
Sergey Fedorov 587c9f0570
target-arm: Fix and improve AA32 singlestep translation completion code 2018-02-17 19:34:52 -05:00
Andrew Baumann e1701b069f
target-arm: raise exception on misaligned LDREX operands
Qemu does not generally perform alignment checks. However, the ARM ARM
requires implementation of alignment exceptions for a number of cases
including LDREX, and Windows-on-ARM relies on this.

This change adds plumbing to enable alignment checks on loads using
MO_ALIGN, a do_unaligned_access hook to raise the exception (data
abort), and uses the new aligned loads in LDREX (for all but
single-byte loads).

Backports commit 30901475b91ef1f46304404ab4bfe89097f61b96 from qemu
2018-02-17 19:29:29 -05:00
Peter Maydell 3664e1ab8a
sparc: allow CASA with ASI 0xa from user space
LEON3 allows the CASA instruction to be used from user space
if the ASI is set to 0xa (user data).

Backports commit bd4e097a8e30bb63ed7f46553b13f60809c30ac3 from qemu
2018-02-17 19:23:35 -05:00
Markus Armbruster 03dffc1e9c
typedefs: Put them back into alphabetical order
"Please keep this list in alphabetical order" has been more honoured
in the breach than in the observance. Clean up.

While there, drop a redundant struct declaration.

Backports commit 2988cbeaf94203b2cf31c0b3f589aa4ebc0cff34 from qemu
2018-02-17 19:22:23 -05:00
Lioncash c8be425439
translate-all: ensure host page mask is always extended with 1's
Anthony reported that >4GB guests on Xen with 32bit QEMU broke after
commit 4ed023c ("Round up RAMBlock sizes to host page sizes", 2015-11-05).

In that patch sizes are masked against qemu_host_page_size/mask which
are uintptr_t, and thus 32bit on a 32bit QEMU, even though the ram space
might be bigger than 4GB on Xen.

Since ram_addr_t is not available on user-mode emulation targets, ensure
that we get a sign extension when masking away the low bits of the address.
Remove the ~10 year old scary comment that the type of these variables
is probably wrong, with another equally scary comment. The new comment
however does not have "???" in it, which is arguably an improvement.

For completeness use the alignment macros in linux-user and bsd-user
instead of manually doing an &. linux-user and bsd-user are not affected
by the Xen issue, however.

Backports commit 0c2d70c448b7853a91cfa63659aa3cc6630fb9be from qemu
2018-02-17 19:17:19 -05:00
Don Slutz 86436964b5
exec: Stop using memory after free
memory_region_unref(mr) can free memory.

For example I got:

Program received signal SIGSEGV, Segmentation fault.
[Switching to Thread 0x7f43280d4700 (LWP 4462)]
0x00007f43323283c0 in phys_section_destroy (mr=0x7f43259468b0)
at /home/don/xen/tools/qemu-xen-dir/exec.c:1023
1023 if (mr->subpage) {
(gdb) bt
at /home/don/xen/tools/qemu-xen-dir/exec.c:1023
at /home/don/xen/tools/qemu-xen-dir/exec.c:1034
at /home/don/xen/tools/qemu-xen-dir/exec.c:2205
(gdb) p mr
$1 = (MemoryRegion *) 0x7f43259468b0

And this change prevents this.

Backports commit 55b4e80b047300e1512df02887b7448ba3786b62 from qemu
2018-02-17 19:11:50 -05:00
Stefan Weil 5218799171
oslib-win32: Change return type of function getpagesize
getpagesize on Linux returns an int. Fix QEMU's implementation for
Windows to return an int (instead of size_t), too.

This fixes a compiler warning which was introduced recently
(commit 093e3c42).

Backports commit a28c2f2df7679e3a87789e9fb7ed69331f697297 from qemu
2018-02-17 19:10:37 -05:00
Paolo Bonzini 1918761803
target-sparc: fix 32-bit truncation in fpackfix
This is reported by Coverity. The algorithm description at
ftp://ftp.icm.edu.pl/packages/ggi/doc/hw/sparc/Sparc.pdf suggests
that the 32-bit parts of rs2, after the left shift, is treated
as a 64-bit integer. Bits 32 and above are used to do the
saturating truncation.

Backports commit 12a3567c4099be194b44987ac5d7d65b99bcfab7 from qemu
2018-02-17 19:08:40 -05:00
Leon Alrae 272e412fc9
target-mips: flush QEMU TLB when disabling 64-bit addressing
CP0.Status.KX/SX/UX bits are responsible for enabling access to 64-bit
Kernel/Supervisor/User Segments. If bit is cleared an access to
corresponding segment should generate Address Error Exception.

However, the guest may still be able to access some pages belonging to
the disabled 64-bit segment because we forget to flush QEMU TLB.

This patch fixes it.

Backports commit f93c3a8d0c0c1038dbe1e957eb8ab92671137975 from qemu
2018-02-17 19:06:43 -05:00
James Hogan 8689c6efef
target-mips: Fix exceptions while UX=0
Commit 01f728857941 ("target-mips: Status.UX/SX/KX enable 32-bit address
wrapping") added a new hflag MIPS_HFLAG_AWRAP, which indicates that
64-bit addressing is disallowed in the current mode, so hflag users
don't need to worry about the complexities of working that out, for
example checking both MIPS_HFLAG_KSU and MIPS_HFLAG_UX.

However when exceptions are taken outside of exception level,
mips_cpu_do_interrupt() manipulates the env->hflags directly rather than
using compute_hflags() to update them, and this code wasn't updated
accordingly. As a result, when UX is cleared, MIPS_HFLAG_AWRAP is set,
but it doesn't get cleared on entry back into kernel mode due to an
exception. Kernel mode then cannot access the 64-bit segments resulting
in a nested exception loop. The same applies to errors and debug
exceptions.

Fix by updating mips_cpu_do_interrupt() to clear the MIPS_HFLAG_WRAP
flag when necessary, according to compute_hflags().

Backports commit 7871abb94c2f4adc39f2487f6edf5e69ba872a65 from qemu
2018-02-17 18:57:52 -05:00
Peter Maydell 386e398c56
target-arm: Don't mask out bits [47:40] in LPAE descriptors for v8
In an LPAE format descriptor in ARMv8 the address field extends
up to bit 47, not just bit 39. Correct the masking so we don't
give incorrect results if the output address size is greater
than 40 bits, as it can be for AArch64.

(Note that we don't yet support the new-in-v8 Address Size fault which
should be generated if any translation table entry or TTBR contains
an address with non-zero bits above the most significant bit of the
maximum output address size.)

Backports commit 6109769a8b42bd0c3d5b1601c9b35fe7ea6a603e from qemu
2018-02-17 18:55:32 -05:00
John Clarke 5c57445f08
tcg: Fix highwater check
A simple typo in the variable to use when comparing vs the highwater mark.
Reports are that qemu can in fact segfault occasionally due to this mistake.

Backports commit 644da9b39e477caa80bab69d2847dfcb468f0d33 from qemu
2018-02-17 18:53:18 -05:00
Daniel P. Berrange 3ba8959dfd
qom: Introduce ObjectPropertyIterator struct for iteration
Some users of QOM need to be able to iterate over properties
defined against an object instance. Currently they are just
directly using the QTAIL macros against the object properties
data structure.

This is bad because it exposes them to changes in the data
structure used to store properties, as well as changes in
functionality such as ability to register properties against
the class.

This provides an ObjectPropertyIterator struct which will
insulate the callers from the particular data structure
used to store properties. It can be used thus

ObjectProperty *prop;
ObjectPropertyIterator *iter;

iter = object_property_iter_init(obj);
while ((prop = object_property_iter_next(iter))) {
... do something with prop ...
}
object_property_iter_free(iter);

Backports commit a00c94824126901168bca5b89147f9e334a49e87 from qemu
2018-02-17 18:39:00 -05:00
Sergey Fedorov 5df03a909c
target-arm: Update condexec before arch BP check in AA32 translation
Architectural breakpoint check could raise an exceptions, thus condexec
bits should be updated before calling gen_helper_check_breakpoints().

Backports commit ce8a1b5449cd8c4c2831abb581d3208c3a3745a0 from qemu
2018-02-17 18:35:50 -05:00
Sergey Fedorov b42bfc59f1
target-arm: Update condexec before CP access check in AA32 translation
Coprocessor access instructions are allowed inside IT block.
gen_helper_access_check_cp_reg() can raise an exceptions thus condexec
bits should be updated before.

Backports commit 43bfa4a100687af8d293fef0a197839b51400fca from qemu
2018-02-17 18:33:58 -05:00
Soren Brinkmann 3f4efdd95e
target-arm: Add and use symbolic names for register banks
Add BANK_<cpumode> #defines to index banked registers.

Backports commit 99a99c1fc8e9bfec1656ac5916c53977a93d3581 from qemu
2018-02-17 18:14:14 -05:00
Eric Blake 085a89bef5
error: More error_setg() usage
A few uses of error_set(ERROR_CLASS_GENERIC_ERROR) were missed in
c6bd8c706, or have snuck in since. Nuke them.

Backports commit 455b0fde8c38a0794743e2e7c1a40018b7bee9f6 from qemu
2018-02-17 18:04:00 -05:00
Dr. David Alan Gilbert 60975685ce
qemu_ram_block_by_name
Add a function to find a RAMBlock by name; use it in two
of the places that already open code that loop; we've
got another use later in postcopy.

Backports commit e3dd74934f2d2c8c67083995928ff68e8c1d0030 from qemu
2018-02-17 18:01:16 -05:00
Dr. David Alan Gilbert cc088f84b5
qemu_ram_block_from_host
Postcopy sends RAMBlock names and offsets over the wire (since it can't
rely on the order of ramaddr being the same), and it starts out with
HVA fault addresses from the kernel.

qemu_ram_block_from_host translates a HVA into a RAMBlock, an offset
in the RAMBlock and the global ram_addr_t value.

Rewrite qemu_ram_addr_from_host to use qemu_ram_block_from_host.

Provide qemu_ram_get_idstr since its the actual name text sent on the
wire.

Backports commit 422148d3e56c3c9a07c0cf36c1e0a0b76f09c357 from qemu
2018-02-17 17:54:03 -05:00
Sergey Fedorov 23ece1622c
target-arm: Clean up DISAS_UPDATE usage in AArch32 translation code
AArch32 translation code does not distinguish between DISAS_UPDATE and
DISAS_JUMP. Thus, we cannot use any of them without first updating PC in
CPU state. Furthermore, it is too complicated to update PC in CPU state
before PC gets updated in disas context. So it is hardly possible to
correctly end TB early if is is not likely to be executed before calling
disas_*_insn(), e.g. just after calling breakpoint check helper.

Modify DISAS_UPDATE and DISAS_JUMP usage in AArch32 translation and
apply to them the same semantic as AArch64 translation does:
- DISAS_UPDATE: update PC in CPU state when finishing translation
- DISAS_JUMP: preserve current PC value in CPU state when finishing
translation

This patch fixes a bug in AArch32 breakpoint handling: when
check_breakpoints helper does not generate an exception, ending the TB
early with DISAS_UPDATE couldn't update PC in CPU state and execution
hangs.

Backports commit 577bf808958d06497928c639efaa473bf8c5e099 from qemu
2018-02-17 17:43:21 -05:00
Sergey Fedorov f8c43c69b2
target-arm: Fix gdb singlestep handling in arm_debug_excp_handler()
Do not raise a CPU exception if no CPU breakpoint has fired, since
singlestep is also done by generating a debug internal exception. This
fixes a bug with singlestepping in gdbstub.

Backports commit 5c629f4ff4dc9ae79cc732f59a8df15ede796ff7 from qemu
2018-02-17 17:32:27 -05:00
Eric Blake 6bd4bc814f
qobject: Protect against use-after-free in qobject_decref()
Adding an assertion to qobject_decref() will ensure that a
programming error causing use-after-free will result in
immediate failure (provided no other thread has started
using the memory) instead of silently attempting to wrap
refcnt around and leaving the problem to potentially bite
later at a harder point to diagnose.

Backports commit cc9f60d4a2a4bf2578a9309a18f1c4602c9f5ce7 from qemu
2018-02-17 17:28:27 -05:00
Xiao Guangrong ba067e4411
target-i386: Add clflushopt/clwb/pcommit to TCG_7_0_EBX_FEATURES
Now these instructions are handled by TCG and can be added to the
TCG_7_0_EBX_FEATURES macro.

Backports commit 0c47242b519a224279f13c685aa6e79347f97b85 from qemu
2018-02-17 17:26:53 -05:00