Corey Minyard [Mon, 20 Aug 2018 20:26:06 +0000 (15:26 -0500)]
i2c: pm_smbus: Add interrupt handling
Add the necessary code so that interrupts actually work from
the pm_smbus device.
Signed-off-by: Corey Minyard <cminyard@mvista.com> Cc: Michael S. Tsirkin <mst@redhat.com> Cc: Paolo Bonzini <pbonzini@redhat.com>
Message-Id: <1534796770-10295-7-git-send-email-minyard@acm.org> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Corey Minyard [Mon, 20 Aug 2018 20:26:04 +0000 (15:26 -0500)]
i2c: pm_smbus: Add block transfer capability
There was no block transfer code in pm_smbus.c, and it is needed
for some devices. So add it.
This adds both byte-by-byte block transfers and buffered block
transfers.
Signed-off-by: Corey Minyard <cminyard@mvista.com> Cc: Michael S. Tsirkin <mst@redhat.com> Cc: Paolo Bonzini <pbonzini@redhat.com>
Message-Id: <1534796770-10295-5-git-send-email-minyard@acm.org> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Corey Minyard [Mon, 20 Aug 2018 20:26:03 +0000 (15:26 -0500)]
i2c: pm_smbus: Make the I2C block read command read-only
It did have write capability, but the manual says the behavior
with write enabled is undefined. So just set an error in this
case.
Signed-off-by: Corey Minyard <cminyard@mvista.com> Cc: Michael S. Tsirkin <mst@redhat.com> Cc: Paolo Bonzini <pbonzini@redhat.com>
Message-Id: <1534796770-10295-4-git-send-email-minyard@acm.org> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Corey Minyard [Mon, 20 Aug 2018 20:26:02 +0000 (15:26 -0500)]
i2c: pm_smbus: Fix the semantics of block I2C transfers
The I2C block transfer commands was not implemented correctly, it
read a length byte and such like it was an smbus transfer.
So fix the smbus_read_block() and smbus_write_block() functions
so they can properly handle I2C transfers, and normal SMBus
transfers (for upcoming changes). Pass in a transfer size and
a bool to know whether to use the size byte (like SMBus) or use
the length given (like I2C).
Signed-off-by: Corey Minyard <cminyard@mvista.com> Cc: Michael S. Tsirkin <mst@redhat.com> Cc: Paolo Bonzini <pbonzini@redhat.com>
Message-Id: <1534796770-10295-3-git-send-email-minyard@acm.org> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Corey Minyard [Mon, 20 Aug 2018 20:26:01 +0000 (15:26 -0500)]
i2c: pm_smbus: Clean up some style issues
Fix some spacing issues, remove extraneous comments, add some
defines instead of hard-coding numbers.
Signed-off-by: Corey Minyard <cminyard@mvista.com> Cc: Michael S. Tsirkin <mst@redhat.com> Cc: Paolo Bonzini <pbonzini@redhat.com>
Message-Id: <1534796770-10295-2-git-send-email-minyard@acm.org> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
pc-dimm: assign and verify the "addr" property during pre_plug
We can assign and verify the address before realizing and trying to plug.
reading/writing the address property should never fail for DIMMs, so let's
reduce error handling a bit by using &error_abort. Getting access to the
memory region now might however fail. So forward errors from
get_memory_region() properly.
As all memory devices should use the alignment of the underlying memory
region for guest physical address asignment, do detection of the
alignment in pc_dimm_pre_plug(), but allow pc.c to overwrite the
alignment for compatibility handling.
Reviewed-by: Eric Auger <eric.auger@redhat.com> Reviewed-by: Igor Mammedov <imammedo@redhat.com> Acked-by: David Gibson <david@gibson.dropbear.id.au> Signed-off-by: David Hildenbrand <david@redhat.com>
Message-Id: <20180801133444.11269-5-david@redhat.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
All applicable memory regions always have an alignment > 0. All memory
backends result in file_ram_alloc() or qemu_anon_ram_alloc() getting
called, setting the alignment to > 0.
So a PCDIMM memory region always has an alignment > 0. NVDIMM copy the
alignment of the original memory memory region into the handcrafted memory
region that will be used at this place.
So the check for 0 can be dropped and we can reduce the special
handling.
Dropping this check makes factoring out of alignment handling easier as
compat handling only has to look at pcmc->enforce_aligned_dimm and not
care about the alignment of the memory region.
Reviewed-by: David Gibson <david@gibson.dropbear.id.au> Reviewed-by: Igor Mammedov <imammedo@redhat.com> Signed-off-by: David Hildenbrand <david@redhat.com>
Message-Id: <20180801133444.11269-4-david@redhat.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
util/oslib-win32: indicate alignment for qemu_anon_ram_alloc()
Let's set the alignment just like for the posix variant. This will
implicitly set the alignment of the underlying memory region and
therefore make memory_region_get_alignment(mr) return something > 0 for
all memory backends applicable to PCDIMM/NVDIMM.
The allocation granularity is ususally 64k, while the page size is 4k.
The documentation of VirtualAlloc is not really comprehensible in case
only MEM_COMMIT is specified without an address. We'll detect the actual
values and then go for the bigger one. The expection is, that it will
always be 64k aligned. (The assumption is that MEM_COMMIT does an
implicit MEM_RESERVE, so the address will always be aligned to the
allocation granularity. And the allocation granularity is always bigger
than the page size).
This will allow us to drop special handling in pc.c for
memory_region_get_alignment(mr) == 0, as we can then assume that it is
always set (and AFAICS >= getpagesize()).
For pc in pc_memory_plug(), under Windows TARGET_PAGE_SIZE == getpagesize(),
therefore alignment of DIMMs will not change, and therefore also not the
guest physical memory layout.
For spapr in spapr_memory_plug(), an alignment of 0 would have been used
until now. As QEMU_ALIGN_UP will crash with the alignment being 0, this
never worked, so we don't have to care about compatibility handling.
Reviewed-by: David Gibson <david@gibson.dropbear.id.au> Signed-off-by: David Hildenbrand <david@redhat.com>
Message-Id: <20180801133444.11269-3-david@redhat.com> Reviewed-by: Igor Mammedov <imammedo@redhat.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
pc-dimm: assign and verify the "slot" property during pre_plug
We can assign and verify the slot before realizing and trying to plug.
reading/writing the slot property should never fail, so let's reduce
error handling a bit by using &error_abort.
To do this during pre_plug, add and use (x86, ppc) pc_dimm_pre_plug().
Reviewed-by: David Gibson <david@gibson.dropbear.id.au> Reviewed-by: Igor Mammedov <imammedo@redhat.com> Reviewed-by: Eric Auger <eric.auger@redhat.com> Signed-off-by: David Hildenbrand <david@redhat.com>
Message-Id: <20180801133444.11269-2-david@redhat.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Corey Minyard [Mon, 20 Aug 2018 20:57:24 +0000 (15:57 -0500)]
ipmi: Use proper struct reference for BT vmstate
The vmstate for isa_ipmi_bt was referencing into the bt structure,
instead create a bt structure separate and use that.
The version 1 of the BT transfer was fairly broken, if a migration
occured during an IPMI operation, it is likely the migration would
be corrupted because I misunderstood the VMSTATE_VBUFFER_UINT32()
handling, I thought it handled transferring the length field,
too. So I just remove support for that. I doubt anyone is using
it at this point.
This also removes the transfer of use_irq, since that should come
from configuration.
Signed-off-by: Corey Minyard <cminyard@mvista.com> Reviewed-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
Message-Id: <1534798644-13587-1-git-send-email-minyard@acm.org> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Move the enablement of preset host features into the common
vhost_scsi_common_get_features() function. This is in preparation for
having vhost-scsi also make use of host_features.
Signed-off-by: Greg Edwards <gedwards@ddn.com>
Message-Id: <20180808195235.5843-3-gedwards@ddn.com> Reviewed-by: Felipe Franciosi <felipe@nutanix.com> Reviewed-by: Fam Zheng <famz@redhat.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Paolo Bonzini [Tue, 14 Aug 2018 07:57:16 +0000 (09:57 +0200)]
cpus: protect TimerState writes with a spinlock
In the next patch, we will need to write cpu_ticks_offset from any
thread, even outside the BQL. Currently, it is protected by the BQL
just because cpu_enable_ticks and cpu_disable_ticks happen to hold it,
but the critical sections are well delimited and it's easy to remove
the BQL dependency.
Add a spinlock that matches vm_clock_seqlock, and hold it when writing
to the TimerState. This also lets us fix cpu_update_icount when 64-bit
atomics are not available.
Fields of TiemrState are reordered to avoid padding.
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Paolo Bonzini [Tue, 14 Aug 2018 07:31:58 +0000 (09:31 +0200)]
cpus: protect all icount computation with seqlock
Move the icount->ns computation to cpu_get_icount, and make
cpu_get_icount_locked return the raw value. This makes the
atomic_read__nocheck safe, because it now happens always inside a
seqlock and any torn reads will be retried. qemu_icount_bias and
icount_time_shift also need to be accessed with atomics. At the
same time, however, you don't need atomic_read within the writer,
because no concurrent writes are possible.
The fix to vmstate lets us keep the struct nicely packed. Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
The current paths for modules are CONFIG_QEMU_MODDIR and paths relative
to the executable. Qemu and its modules can be installed and executed in
paths that are different from these search paths. This change allows
a search path to be specified by environment variable.
An example usage for this is postmarketOS[1]. This is a build environment
for Alpine Linux. It sets up Alpine Linux in a chroot environment.
Alpine's Qemu packages are installed in the chroot. The Alpine Linux Qemu
package is used to test compiled Alpine Linux system images. This way there
isn't a reliance on the which ever version of Qemu the host system / distro
provides.
postmarketOS executes Qemu on host system outside of the chroot
The Qemu module search path needs to point to the location of the
chroot relative to the host system.
e.g.
The root of the Alpine Linux chroot is:
~/.local/var/pmbootstrap/chroot_native/
Alpine's Qemu is installed at
~/.local/var/pmbootstrap/chroot_native/usr/bin/
The Qemu module search path needs to be:
QEMU_MODULE_DIR=~/.local/var/pmbootstrap/chroot_native/usr/lib/qemu/
[1] https://postmarketos.org/
Signed-off-by: ryang <decatf@gmail.com>
Message-Id: <20180704181010.GA918@computer> Reviewed-by: Daniel P. Berrangé <berrange@redhat.com> Reviewed-by: Fam Zheng <famz@redhat.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Peter Maydell [Fri, 3 Aug 2018 10:19:43 +0000 (11:19 +0100)]
hw/intc/apic: Switch away from old_mmio
Switch the apic away from using the old_mmio MemoryRegionOps
accessor functions.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Message-Id: <20180803101943.23722-1-peter.maydell@linaro.org> Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Emilio G. Cota [Sun, 19 Aug 2018 09:13:35 +0000 (05:13 -0400)]
qom: convert the CPU list to RCU
Iterating over the list without using atomics is undefined behaviour,
since the list can be modified concurrently by other threads (e.g.
every time a new thread is created in user-mode).
Fix it by implementing the CPU list as an RCU QTAILQ. This requires
a little bit of extra work to traverse list in reverse order (see
previous patch), but other than that the conversion is trivial.
Signed-off-by: Emilio G. Cota <cota@braap.org>
Message-Id: <20180819091335.22863-12-cota@braap.org> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Emilio G. Cota [Sun, 19 Aug 2018 09:13:34 +0000 (05:13 -0400)]
spapr: do not use CPU_FOREACH_REVERSE
This paves the way for implementing the CPU list with an RCU list,
which cannot be traversed in reverse order.
Note that this is the only caller of CPU_FOREACH_REVERSE.
Acked-by: David Gibson <david@gibson.dropbear.id.au> Signed-off-by: Emilio G. Cota <cota@braap.org>
Message-Id: <20180819091335.22863-11-cota@braap.org> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Andrew Oates [Thu, 16 Aug 2018 01:19:03 +0000 (21:19 -0400)]
target-i386: fix segment limit check in ljmp
The current implementation has three bugs,
* segment limits are not enforced in protected mode if the L bit is set
in the target segment descriptor
* segment limits are not enforced in compatibility mode (ljmp to 32-bit
code segment in long mode)
* #GP(new_cs) is generated rather than #GP(0)
Now the segment limits are enforced if we're not in long mode OR the
target code segment doesn't have the L bit set.
Signed-off-by: Andrew Oates <aoates@google.com>
Message-Id: <20180816011903.39816-1-andrew@andrewoates.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Andrew Oates [Sun, 19 Aug 2018 18:17:25 +0000 (14:17 -0400)]
target-i386: Fix lcall/ljmp to call gate in IA-32e mode
Currently call gates are always treated as 32-bit gates. In IA-32e mode
(either compatibility or 64-bit submode), system segment descriptors are
always 64-bit. Treating them as 32-bit has the expected unfortunate
effect: only the lower 32 bits of the offset are loaded, the stack
pointer is truncated, a bad new stack pointer is loaded from the TSS (if
switching privilege levels), etc.
This change adds support for 64-bit call gate to the lcall and ljmp
instructions. Additionally, there should be a check for non-canonical
stack pointers, but I've omitted that since there doesn't seem to be
checks for non-canonical addresses in this code elsewhere.
I've left the raise_exception_err_ra lines unwapped at 80 columns to
match the style in the rest of the file.
Signed-off-by: Andrew Oates <aoates@google.com>
Message-Id: <20180819181725.34098-1-andrew@andrewoates.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Message-Id: <20180730153639.26466-1-marcandre.lureau@redhat.com> Reviewed-by: Daniel P. Berrangé <berrange@redhat.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
kvm: add call to qemu_add_opts() for -overcommit option
qemu command fails to process -overcommit option. Add the missing
call to qemu_add_opts() in vl.c.
Signed-off-by: Prasad Singamsetty <prasad.singamsetty@oracle.com>
Message-Id: <20180815175704.105902-1-prasad.singamsetty@oracle.com> Reviewed-by: Mark Kanda <mark.kanda@oracle.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
George Kennedy [Fri, 17 Aug 2018 17:25:48 +0000 (19:25 +0200)]
lsi_scsi: add support for PPR Extended Message
The LSI 53c895a code does not handle the PPR Extended Message. Add
support to handle PPR Extended Message like SDTR and WDTR are handled.
That is, to skip past the message bytes and ignore the message.
Signed-off-by: George Kennedy <george.kennedy@oracle.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Eduardo Habkost [Thu, 16 Aug 2018 18:35:09 +0000 (15:35 -0300)]
i386: Fix arch_query_cpu_model_expansion() leak
Reported by Coverity:
Error: RESOURCE_LEAK (CWE-772): [#def439]
qemu-2.12.0/target/i386/cpu.c:3179: alloc_fn: Storage is returned from allocation function "qdict_new".
qemu-2.12.0/qobject/qdict.c:34:5: alloc_fn: Storage is returned from allocation function "g_malloc0".
qemu-2.12.0/qobject/qdict.c:34:5: var_assign: Assigning: "qdict" = "g_malloc0(4120UL)".
qemu-2.12.0/qobject/qdict.c:37:5: return_alloc: Returning allocated memory "qdict".
qemu-2.12.0/target/i386/cpu.c:3179: var_assign: Assigning: "props" = storage returned from "qdict_new()".
qemu-2.12.0/target/i386/cpu.c:3217: leaked_storage: Variable "props" going out of scope leaks the storage it points to.
This was introduced by commit b8097deb359b ("i386: Improve
query-cpu-model-expansion full mode").
The leak is only theoretical: if ret->model->props is set to
props, the qapi_free_CpuModelExpansionInfo() call will free props
too in case of errors. The only way for this to not happen is if
we enter the default branch of the switch statement, which would
never happen because all CpuModelExpansionType values are being
handled.
It's still worth to change this to make the allocation logic
easier to follow and make the Coverity error go away. To make
everything simpler, initialize ret->model and ret->model->props
earlier in the function.
While at it, remove redundant check for !prop because prop is
always initialized at the beginning of the function.
Emilio G. Cota [Tue, 8 Aug 2017 17:54:42 +0000 (13:54 -0400)]
hmp-commands-info: add sync-profile
The command introduced here is just for developers. This means that:
- the info displayed and the output format could change in the future
- the command is only meant to be used from HMP, not from QMP
Sample output:
(qemu) sync-profile
sync-profile is off
(qemu) info sync-profile
Type Object Call site Wait Time (s) Count Average (us)
-------------------------------------------------------------------------------
-------------------------------------------------------------------------------
(qemu) sync-profile on
(qemu) sync-profile
sync-profile is on
(qemu) info sync-profile 15
Type Object Call site Wait Time (s) Count Average (us)
----------------------------------------------------------------------------------------------
condvar 0x55a01813ced0 cpus.c:1165 91.38235 2842 32154.24
BQL mutex 0x55a0171b7140 cpus.c:1434 12.56490 5787 2171.23
BQL mutex 0x55a0171b7140 accel/tcg/cpu-exec.c:432 7.75846 2844 2728.01
BQL mutex 0x55a0171b7140 accel/tcg/cputlb.c:870 5.09889 2884 1767.99
BQL mutex 0x55a0171b7140 accel/tcg/cpu-exec.c:529 3.46140 3254 1063.74
BQL mutex 0x55a0171b7140 accel/tcg/cputlb.c:804 0.76333 8655 88.20
BQL mutex 0x55a0171b7140 cpus.c:1466 0.60893 2941 207.05
BQL mutex 0x55a0171b7140 util/main-loop.c:236 0.00894 6425 1.39
mutex [ 3] util/qemu-timer.c:520 0.00342 50611 0.07
mutex [ 2] util/qemu-timer.c:426 0.00254 31336 0.08
mutex [ 3] util/qemu-timer.c:234 0.00107 19275 0.06
mutex 0x55a0171d9960 vl.c:763 0.00043 6425 0.07
mutex 0x55a0180d1bb0 monitor.c:458 0.00015 1603 0.09
mutex 0x55a0180e4c78 chardev/char.c:109 0.00002 217 0.08
mutex 0x55a0180d1bb0 monitor.c:448 0.00001 162 0.08
----------------------------------------------------------------------------------------------
(qemu) info sync-profile -m 15
Type Object Call site Wait Time (s) Count Average (us)
----------------------------------------------------------------------------------------------
condvar 0x55a01813ced0 cpus.c:1165 95.11196 3051 31174.03
BQL mutex 0x55a0171b7140 accel/tcg/cpu-exec.c:432 7.92108 3052 2595.37
BQL mutex 0x55a0171b7140 cpus.c:1434 13.38253 6210 2155.00
BQL mutex 0x55a0171b7140 accel/tcg/cputlb.c:870 5.09901 3093 1648.57
BQL mutex 0x55a0171b7140 accel/tcg/cpu-exec.c:529 4.21123 3468 1214.31
BQL mutex 0x55a0171b7140 cpus.c:1466 0.60895 3156 192.95
BQL mutex 0x55a0171b7140 accel/tcg/cputlb.c:804 0.76337 9282 82.24
BQL mutex 0x55a0171b7140 util/main-loop.c:236 0.00944 6889 1.37
mutex 0x55a01813ce80 tcg/tcg.c:397 0.00000 24 0.15
mutex 0x55a0180d1bb0 monitor.c:458 0.00018 1922 0.09
mutex [ 2] util/qemu-timer.c:426 0.00266 32710 0.08
mutex 0x55a0180e4c78 chardev/char.c:109 0.00002 260 0.08
mutex 0x55a0180d1bb0 monitor.c:448 0.00001 187 0.08
mutex 0x55a0171d9960 vl.c:763 0.00047 6889 0.07
mutex [ 3] util/qemu-timer.c:520 0.00362 53377 0.07
----------------------------------------------------------------------------------------------
(qemu) info sync-profile -m -n 15
Type Object Call site Wait Time (s) Count Average (us)
----------------------------------------------------------------------------------------------
condvar 0x55a01813ced0 cpus.c:1165 101.39331 3398 29839.12
BQL mutex 0x55a0171b7140 accel/tcg/cpu-exec.c:432 7.92112 3399 2330.43
BQL mutex 0x55a0171b7140 cpus.c:1434 14.28280 6922 2063.39
BQL mutex 0x55a0171b7140 accel/tcg/cputlb.c:870 5.77505 3445 1676.36
BQL mutex 0x55a0171b7140 accel/tcg/cpu-exec.c:529 5.66139 3883 1457.99
BQL mutex 0x55a0171b7140 cpus.c:1466 0.60901 3519 173.06
BQL mutex 0x55a0171b7140 accel/tcg/cputlb.c:804 0.76351 10338 73.85
BQL mutex 0x55a0171b7140 util/main-loop.c:236 0.01032 7664 1.35
mutex 0x55a0180e4f08 util/qemu-timer.c:426 0.00041 901 0.45
mutex 0x55a01813ce80 tcg/tcg.c:397 0.00000 24 0.15
mutex 0x55a0180d1bb0 monitor.c:458 0.00022 2319 0.09
mutex 0x55a0180e4c78 chardev/char.c:109 0.00003 306 0.08
mutex 0x55a0180e4f08 util/qemu-timer.c:520 0.00068 8565 0.08
mutex 0x55a0180d1bb0 monitor.c:448 0.00002 215 0.08
mutex 0x55a0180e4f78 util/qemu-timer.c:426 0.00247 34224 0.07
----------------------------------------------------------------------------------------------
(qemu) sync-profile reset
(qemu) info sync-profile -m 2
Type Object Call site Wait Time (s) Count Average (us)
--------------------------------------------------------------------------------------------
condvar 0x55a01813ced0 cpus.c:1165 2.78756 99 28157.12
BQL mutex 0x55a0171b7140 accel/tcg/cputlb.c:870 0.33054 102 3240.55
--------------------------------------------------------------------------------------------
(qemu) sync-profile off
(qemu) sync-profile
sync-profile is off
(qemu) sync-profile reset
(qemu) info sync-profile
Type Object Call site Wait Time (s) Count Average (us)
-------------------------------------------------------------------------------
-------------------------------------------------------------------------------
Reviewed-by: Dr. David Alan Gilbert <dgilbert@redhat.com> Signed-off-by: Emilio G. Cota <cota@braap.org> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Emilio G. Cota [Wed, 15 Aug 2018 20:00:03 +0000 (16:00 -0400)]
hmp-commands: add sync-profile
The command introduced here is just for developers. This means that:
- the interface implemented here could change in the future
- the command is only meant to be used from HMP, not from QMP
Reviewed-by: Dr. David Alan Gilbert <dgilbert@redhat.com> Signed-off-by: Emilio G. Cota <cota@braap.org> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Emilio G. Cota [Sat, 28 Oct 2017 06:16:41 +0000 (02:16 -0400)]
qsp: track BQL callers explicitly
The BQL is acquired via qemu_mutex_lock_iothread(), which makes
the profiler assign the associated wait time (i.e. most of
BQL wait time) entirely to that function. This loses the original
call site information, which does not help diagnose BQL contention.
Fix it by tracking the callers explicitly.
Signed-off-by: Emilio G. Cota <cota@braap.org> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Emilio G. Cota [Fri, 17 Aug 2018 03:29:49 +0000 (23:29 -0400)]
qsp: add qsp_reset
I first implemented this by deleting all entries in the global
hash table. But doing that safely slows down profiling, since
we'd need to introduce rcu_read_lock/unlock in the fast path.
What's implemented here avoids messing with the thread-local
data in the global hash table. It achieves this by taking a snapshot
of the current state, so that subsequent reports present the delta
wrt to the snapshot.
Signed-off-by: Emilio G. Cota <cota@braap.org> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Emilio G. Cota [Tue, 8 Aug 2017 17:53:15 +0000 (13:53 -0400)]
qsp: QEMU's Synchronization Profiler
The goal of this module is to profile synchronization primitives (i.e.
mutexes, recursive mutexes and condition variables) so that scalability
issues can be quickly diagnosed.
Sync primitives are profiled by QSP based on the vaddr of the object accessed
as well as the call site (file:line_nr). That means the same object called
from two different call sites will be tracked in separate entries, which
might be reported together or separately (see subsequent commit on
call site coalescing).
That is, a negligible slowdown due to the now indirect call to
qemu_mutex_lock. Note that using a branch instead of an indirect
call introduces a more severe slowdown (53.65 Mops/s, i.e. 2% slowdown).
Enabling the profiler (with -p, added in this series) is more interesting:
- No profiling: 54.75 Mops/s
- W/ profiling: 12.53 Mops/s
That is, a 4.36X slowdown.
We can break down this slowdown by removing the get_clock calls or
the entry lookup:
Thomas Huth [Thu, 16 Aug 2018 11:35:57 +0000 (13:35 +0200)]
tests/device-introspect: Test with all machines, not only with "none"
Certain device introspection crashes used to only happen if you were
using a certain machine, e.g. if the machine was using serial_hd() or
nd_table[], and a device was trying to use these in its instance_init
function, too.
To be able to catch these problems, let's extend the device-introspect
test to check the devices on all machine types, with and without the
"-nodefaults" parameter (since this makes a difference sometimes, too).
Since this is a rather slow operation, and most of the problems are
already handled by testing with the "none" machine only, the test with
all machines is only run in the "make check SPEED=slow" mode.
Reviewed-by: Markus Armbruster <armbru@redhat.com> Signed-off-by: Thomas Huth <thuth@redhat.com>
Message-Id: <1534419358-10932-8-git-send-email-thuth@redhat.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com> Reviewed-by: John Snow <jsnow@redhat.com> Reviewed-by: Laurent Vivier <lvivier@redhat.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Thomas Huth [Thu, 16 Aug 2018 11:35:56 +0000 (13:35 +0200)]
tests/device-introspection: Check that the qom-tree and qtree do not change
Introspection should not change the qom-tree / qtree, so we should check
this in the device-introspect-test, too. This patch helped to find lots
of instrospection bugs during the QEMU v3.0 soft/hard-freeze period in the
last two months.
Signed-off-by: Thomas Huth <thuth@redhat.com>
Message-Id: <1534419358-10932-7-git-send-email-thuth@redhat.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Thomas Huth [Thu, 16 Aug 2018 11:35:55 +0000 (13:35 +0200)]
tests: Skip old versioned machine types in quick testing mode
The tests that check something for all machine types currently spend
a lot of time checking old machine types (like "pc-i440fx-2.0" for
example). The chances that we find something new there in addition
to checking the latest version of a machine type are pretty low, so
we should not waste the time of the developers by testing this again
and again in the "quick" testing mode.
Thus let's add some code to determine whether we are testing a current
machine type or an old one, and only test the old types if we are
running in "SPEED=slow" mode.
This decreases the testing time quite a bit now, e.g. the qom-test
now finishes within 4 seconds for qemu-system-x86_64 instead of 30
seconds when testing all machines.
Signed-off-by: Thomas Huth <thuth@redhat.com>
Message-Id: <1534419358-10932-6-git-send-email-thuth@redhat.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Thomas Huth [Thu, 16 Aug 2018 11:35:54 +0000 (13:35 +0200)]
hw/timer/mc146818rtc: Fix introspection problem
There is currently a funny problem with the "mc146818rtc" device:
1) Start QEMU like this:
qemu-system-ppc64 -M pseries -S
2) At the HMP monitor, enter "info qom-tree". Note that there is an
entry for "/rtc (spapr-rtc)".
3) Introspect the mc146818rtc device like this:
device_add mc146818rtc,help
4) Run "info qom-tree" again. The "/rtc" entry is gone now!
The rtc_finalize() function of the mc146818rtc device has two bugs: First,
it tries to remove a "rtc" property, while the rtc_realizefn() added a
"rtc-time" property instead. And second, it should have been done in an
unrealize function, not in a finalize function, to avoid that this causes
problems during introspection.
But since adding aliases to the global machine state should not be done
from a device's realize function anyway, let's rather fix this issue
by moving the creation of the alias to the code that creates the device
(and thus is run from the machine init functions instead), i.e. the
mc146818_rtc_init() function for most machines. The prep machines are
special, since the mc146818rtc device is created here in the realize
function of the i82378 device. Since we certainly don't want to add the
alias there, we add it to some code that is called from the ibm_40p_init()
machine init function instead.
Since the alias is now only created during the machine init, we can remove
the object_property_del() completely.
Fixes: 654a36d857ff949e0d1989904b76f53fded9dc83 Reviewed-by: Markus Armbruster <armbru@redhat.com> Signed-off-by: Thomas Huth <thuth@redhat.com>
Message-Id: <1534419358-10932-5-git-send-email-thuth@redhat.com> Reviewed-by: Juan Quintela <quintela@redhat.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Thomas Huth [Thu, 16 Aug 2018 11:35:53 +0000 (13:35 +0200)]
hw/timer/mc146818rtc: White space clean-up
mc146818rtc.c still contains some TABs. Replace them with spaces.
And while we're at it, also delete trailing whitespace in this file.
Reviewed-by: Markus Armbruster <armbru@redhat.com> Signed-off-by: Thomas Huth <thuth@redhat.com>
Message-Id: <1534419358-10932-4-git-send-email-thuth@redhat.com> Reviewed-by: Juan Quintela <quintela@redhat.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Thomas Huth [Thu, 16 Aug 2018 11:35:52 +0000 (13:35 +0200)]
net: Silence 'has no peer' messages in testing mode
When running qtests with -nodefaults, we are not interested in
these 'XYZ has no peer' messages.
Signed-off-by: Thomas Huth <thuth@redhat.com>
Message-Id: <1534419358-10932-3-git-send-email-thuth@redhat.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Thomas Huth [Thu, 16 Aug 2018 11:35:51 +0000 (13:35 +0200)]
tests/migration-test: Silence the kvm_hv message by default
When running "make check" on a non-POWER host, the output is quite
distorted like this:
[...]
GTESTER check-qtest-nios2
GTESTER check-qtest-or1k
GTESTER check-qtest-ppc64
Skipping test: kvm_hv not available Skipping test: kvm_hv not available Skipping test: kvm_hv not available Skipping test: kvm_hv not available GTESTER check-qtest-ppcemb
GTESTER check-qtest-ppc
GTESTER check-qtest-riscv32
GTESTER check-qtest-riscv64
[...]
Move the check to the beginning of the main function instead, so that
we do not have to test the condition again and again for each test,
and better use g_test_message() instead of g_print() here, like it is
also done in ufd_version_check() already.
Reviewed-by: Markus Armbruster <armbru@redhat.com> Signed-off-by: Thomas Huth <thuth@redhat.com>
Message-Id: <1534419358-10932-2-git-send-email-thuth@redhat.com> Reviewed-by: Juan Quintela <quintela@redhat.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Paolo Bonzini [Tue, 14 Aug 2018 15:40:41 +0000 (17:40 +0200)]
MAINTAINERS: add maintainers for qtest
Thomas has been doing a lot of work on qom-test and device-introspection-test,
and Laurent has ported libqos to sPAPR and co-mentored Emanuele on the
upcoming qtest device framework. They deserve recognition. :)
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Direct leak of 16 byte(s) in 1 object(s) allocated from:
#0 0x7f06f8faac48 in malloc (/lib64/libasan.so.5+0xeec48)
#1 0x7f06f87a73c5 in g_malloc (/lib64/libglib-2.0.so.0+0x523c5)
#2 0x55a729f17738 in pci_dma_sglist_init /home/elmarco/src/qq/include/hw/pci/pci.h:818
#3 0x55a729f2a706 in megasas_map_dcmd /home/elmarco/src/qq/hw/scsi/megasas.c:698
#4 0x55a729f39421 in megasas_handle_dcmd /home/elmarco/src/qq/hw/scsi/megasas.c:1574
#5 0x55a729f3f70d in megasas_handle_frame /home/elmarco/src/qq/hw/scsi/megasas.c:1955
#6 0x55a729f40939 in megasas_mmio_write /home/elmarco/src/qq/hw/scsi/megasas.c:2119
#7 0x55a729f41102 in megasas_port_write /home/elmarco/src/qq/hw/scsi/megasas.c:2170
#8 0x55a729220e60 in memory_region_write_accessor /home/elmarco/src/qq/memory.c:527
#9 0x55a7292212b3 in access_with_adjusted_size /home/elmarco/src/qq/memory.c:594
#10 0x55a72922cf70 in memory_region_dispatch_write /home/elmarco/src/qq/memory.c:1473
#11 0x55a7290f5907 in flatview_write_continue /home/elmarco/src/qq/exec.c:3255
#12 0x55a7290f5ceb in flatview_write /home/elmarco/src/qq/exec.c:3294
#13 0x55a7290f6457 in address_space_write /home/elmarco/src/qq/exec.c:3384
#14 0x55a7290f64a8 in address_space_rw /home/elmarco/src/qq/exec.c:3395
#15 0x55a72929ecb0 in kvm_handle_io /home/elmarco/src/qq/accel/kvm/kvm-all.c:1729
#16 0x55a7292a0db5 in kvm_cpu_exec /home/elmarco/src/qq/accel/kvm/kvm-all.c:1969
#17 0x55a7291c4212 in qemu_kvm_cpu_thread_fn /home/elmarco/src/qq/cpus.c:1215
#18 0x55a72a966a6c in qemu_thread_start /home/elmarco/src/qq/util/qemu-thread-posix.c:504
#19 0x7f06ed486593 in start_thread (/lib64/libpthread.so.0+0x7593)
Move the qemu_sglist_destroy() from megasas_complete_command() to
megasas_unmap_frame(), so map/unmap are balanced.
Julia Suvorova [Mon, 13 Aug 2018 09:34:02 +0000 (12:34 +0300)]
chardev/char-fe: Fix typos
Fixup some typos in the comments.
Signed-off-by: Julia Suvorova <jusual@mail.ru>
Message-Id: <20180813093402.10852-1-jusual@mail.ru> Reviewed-by: Peter Maydell <peter.maydell@linaro.org> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
After commit b3f1c8c413bc83e4a2cc7a63e4eddf9fe6449052 "qemu-pr-helper: use new
libmultipath API", QEMU started using new libmultipath API, which is not
available on CentOS 7.x.
This fixes that by probing the new libmultipath API in configure. If it fails,
then try probing the old API. If it fails, then consider libmultipath not
available.
With this, configure script defines CONFIG_MPATH_NEW_API that is used in
scsi/qemu-pr-helper.c to use the new libmultipath API.
Paolo Bonzini [Fri, 10 Aug 2018 14:35:19 +0000 (16:35 +0200)]
checkpatch: fix filename detection when using -f
Fix $realfile filename when using -f/--file to not remove first level
directory as if the filename was used in a -P1 patch. Only strip the
first level directory (typically a or b) for P1 patches.
Signed-off-by: Joe Perches <joe@perches.com> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
(extracted from Linux commit 2b7ab45395dc4d91ef30985f76d90a8f28f58c27) Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Paolo Bonzini [Wed, 1 Aug 2018 15:14:09 +0000 (17:14 +0200)]
fix "Missing break in switch" coverity reports
Many of these are marked as "intentional/fix required" because they
just need adding a fall through comment. This is exactly what this
patch does, except for target/mips/translate.c where it is easier to
duplicate the code, and hw/audio/sb16.c where I consulted the DOSBox
sources and decide to just remove the LOG_UNIMP before the fallthrough.
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Paolo Bonzini [Wed, 1 Aug 2018 13:26:22 +0000 (15:26 +0200)]
tests: virtio: separate ccw tests from libqos
Because qtest does not support s390 channel I/O, s390 only performs smoke tests on
those few devices that do not have any functional tests. Therefore, every time we
add functional tests for a virtio device, the choice is between removing
those tests from the s390 suite (so that s390 actually _loses_ coverage)
or sprinkling the test with architecture checks.
This patch simply creates a ccw-specific test that only performs smoke tests on
all virtio-ccw devices. If channel I/O support is ever added to qtest and libqos,
then this file can go away. In the meanwhile, it simplifies maintenance and
makes sure that all virtio devices are tested.
Acked-by: Cornelia Huck <cohuck@redhat.com> Reviewed-by: Thomas Huth <thuth@redhat.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
* remotes/vivier2/tags/linux-user-for-3.1-pull-request:
linux-user: add QEMU_IFLA_INFO_KIND nested type for tun
linux-user: update netlink route types
linux-user: introduce QEMU_RTA_* to use with rtattr_type_t
linux-user: fix recvmsg()/recvfrom() with netlink and MSG_TRUNC
sh4: fix use_icount with linux-user
linux-user: fix 32bit g2h()/h2g()
qemu-binfmt-conf.sh: add x86_64 target
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Peter Maydell [Tue, 21 Aug 2018 09:23:53 +0000 (10:23 +0100)]
Merge remote-tracking branch 'remotes/mst/tags/for_upstream' into staging
pc: fixes
This includes nvdimm persistence fixes queued before the release.
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
# gpg: Signature made Mon 20 Aug 2018 11:38:11 BST
# gpg: using RSA key 281F0DB8D28D5469
# gpg: Good signature from "Michael S. Tsirkin <mst@kernel.org>"
# gpg: aka "Michael S. Tsirkin <mst@redhat.com>"
# Primary key fingerprint: 0270 606B 6F3C DF3D 0B17 0970 C350 3912 AFBE 8E67
# Subkey fingerprint: 5D09 FD08 71C8 F85B 94CA 8A0D 281F 0DB8 D28D 5469
* remotes/mst/tags/for_upstream:
migration/ram: ensure write persistence on loading all data to PMEM.
migration/ram: Add check and info message to nvdimm post copy.
mem/nvdimm: ensure write persistence to PMEM in label emulation
hostmem-file: add the 'pmem' option
configure: add libpmem support
memory, exec: switch file ram allocation functions to 'flags' parameters
memory, exec: Expose all memory block related flags.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Peter Maydell [Tue, 21 Aug 2018 08:24:19 +0000 (09:24 +0100)]
Merge remote-tracking branch 'remotes/mcayland/tags/qemu-sparc.for-upstream-20180820' into staging
qemu-sparc.for-upstream queue
# gpg: Signature made Mon 20 Aug 2018 19:38:04 BST
# gpg: using RSA key 5BC2C56FAE0F321F
# gpg: Good signature from "Mark Cave-Ayland <mark.cave-ayland@ilande.co.uk>"
# Primary key fingerprint: CC62 1AB9 8E82 200D 915C C9C4 5BC2 C56F AE0F 321F
* remotes/mcayland/tags/qemu-sparc.for-upstream-20180820:
sun4m: don't use legacy fw_cfg_init_mem() function
sun4u: ensure kernel_top is always initialised
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Laurent Vivier [Mon, 20 Aug 2018 17:15:55 +0000 (19:15 +0200)]
linux-user: introduce QEMU_RTA_* to use with rtattr_type_t
Following commit will introduce RTA_PREF that appears only with
kernel v4.1. To avoid to manage a specific case for it, this patch
introduces the full list of rtattr_type_t prefixed with QEMU_ (as we
did for IFLA values)
Signed-off-by: Laurent Vivier <laurent@vivier.eu> Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Message-Id: <20180820171557.7734-3-laurent@vivier.eu>
[lv: added more RTA_* from linux v4.18]
Laurent Vivier [Mon, 20 Aug 2018 17:15:54 +0000 (19:15 +0200)]
linux-user: fix recvmsg()/recvfrom() with netlink and MSG_TRUNC
If recvmsg()/recvfrom() are used with the MSG_TRUNC flag, they return the
real length even if it was longer than the passed buffer.
So when we translate the buffer we must check we don't go beyond the
end of the buffer.
Bug: https://github.com/vivier/qemu-m68k/issues/33 Reported-by: John Paul Adrian Glaubitz <glaubitz@physik.fu-berlin.de> Signed-off-by: Laurent Vivier <laurent@vivier.eu> Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Message-Id: <20180820171557.7734-2-laurent@vivier.eu>
Mark Cave-Ayland [Fri, 10 Aug 2018 10:40:37 +0000 (11:40 +0100)]
sun4u: ensure kernel_top is always initialised
Valgrind reports that when loading a non-ELF kernel, kernel_top may be used
uninitialised when checking for an initrd.
Since there are no known non-ELF kernels for SPARC64 then we can simply
initialise kernel_top to 0 and then skip the initrd load process if it hasn't
been set by load_elf().
Reported-by: Thomas Huth <thuth@redhat.com> Signed-off-by: Mark Cave-Ayland <mark.cave-ayland@ilande.co.uk>
Peter Maydell [Mon, 20 Aug 2018 16:41:18 +0000 (17:41 +0100)]
Merge remote-tracking branch 'remotes/cohuck/tags/s390x-20180820' into staging
First round of s390x patches for 3.1:
- add compat machine for 3.1
- remove deprecated 's390-squash-mcss' option
- cpu models: add "max" cpu model, enhance feature group code
- kvm: add support for etoken facility and huge page backing
Peter Maydell [Mon, 20 Aug 2018 12:48:11 +0000 (13:48 +0100)]
tests/vm: Clean out old working directories on build
When we do a build inside one of the BSD VMs, first
delete any stale old build directories from the VM's
/var/tmp. This prevents the VM from running out of
disk space after it has been used for a dozen or
so builds.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Reviewed-by: Fam Zheng <famz@redhat.com>
Message-id: 20180820124811.7982-1-peter.maydell@linaro.org
Peter Maydell [Mon, 20 Aug 2018 14:44:40 +0000 (15:44 +0100)]
Merge remote-tracking branch 'remotes/marcel/tags/rdma-pull-request' into staging
RDMA queue
# gpg: Signature made Sat 18 Aug 2018 16:01:46 BST
# gpg: using RSA key 36D4C0F0CF2FE46D
# gpg: Good signature from "Marcel Apfelbaum <marcel.apfelbaum@zoho.com>"
# gpg: aka "Marcel Apfelbaum <marcel@redhat.com>"
# gpg: aka "Marcel Apfelbaum <marcel.apfelbaum@gmail.com>"
# gpg: WARNING: This key is not certified with sufficiently trusted signatures!
# gpg: It is not certain that the signature belongs to the owner.
# Primary key fingerprint: B1C6 3A57 F92E 08F2 640F 31F5 36D4 C0F0 CF2F E46D
* remotes/marcel/tags/rdma-pull-request:
config: split PVRDMA from RDMA
hw/pvrdma: remove not needed include
hw/rdma: Add reference to pci_dev in backend_dev
hw/rdma: Bugfix - Support non-aligned buffers
hw/rdma: Print backend QP number in hex format
hw/rdma: Cosmetic change - move to generic function
hw/pvrdma: Cosmetic change - indent right
hw/rdma: Reorder resource cleanup
hw/rdma: Do not allocate memory for non-dma MR
hw/rdma: Delete useless structure RdmaRmUserMR
hw/pvrdma: Make default pkey 0xFFFF
hw/pvrdma: Clean CQE before use
hw/rdma: Modify debug macros
hw/pvrdma: Bugfix - provide the correct attr_mask to query_qp
hw/rdma: Make distinction between device init and start modes
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Peter Maydell [Mon, 20 Aug 2018 12:22:21 +0000 (13:22 +0100)]
Merge remote-tracking branch 'remotes/pmaydell/tags/pull-target-arm-20180820' into staging
target-arm queue:
* Fix crash on conditional instruction in an IT block
* docs/generic-loader: mention U-Boot and Intel HEX executable formats
* hw/intc/arm_gicv3_its: downgrade error_report to warn_report in kvm_arm_its_reset
* imx_serial: Generate interrupt on receive data ready if enabled
* Fix various minor bugs in AArch32 Hyp related coprocessor registers
* Permit accesses to ELR_Hyp from Hyp mode via MSR/MRS (banked)
* Implement AArch32 ERET instruction
* hw/arm/virt: Add virt-3.1 machine type
* sdhci: add i.MX SD Stable Clock bit
* Remove now-obsolete MMIO request_ptr APIs
* hw/timer/m48t59: Move away from old_mmio accessors
* hw/watchdog/cmsdk_apb_watchdog: Implement CMSDK APB watchdog module
* nvic: Expose NMI line
* hw/dma/pl080: cleanups and new features required for use in MPS boards
# gpg: Signature made Mon 20 Aug 2018 11:30:12 BST
# gpg: using RSA key 3C2525ED14360CDE
# gpg: Good signature from "Peter Maydell <peter.maydell@linaro.org>"
# gpg: aka "Peter Maydell <pmaydell@gmail.com>"
# gpg: aka "Peter Maydell <pmaydell@chiark.greenend.org.uk>"
# Primary key fingerprint: E1A5 C593 CD41 9DE2 8E83 15CF 3C25 25ED 1436 0CDE
* remotes/pmaydell/tags/pull-target-arm-20180820: (25 commits)
hw/dma/pl080: Remove hw_error() if DMA is enabled
hw/dma/pl080: Correct bug in register address decode logic
hw/dma/pl080: Provide device reset function
hw/dma/pl080: Don't use CPU address space for DMA accesses
hw/dma/pl080: Support all three interrupt lines
hw/dma/pl080: Allow use as embedded-struct device
nvic: Expose NMI line
hw/watchdog/cmsdk_apb_watchdog: Implement CMSDK APB watchdog module
hw/timer/m48t59: Move away from old_mmio accessors
hw/misc: Remove mmio_interface device
memory: Remove MMIO request_ptr APIs
hw/ssi/xilinx_spips: Remove unneeded MMIO request_ptr code
sdhci: add i.MX SD Stable Clock bit
hw/arm/virt: Add virt-3.1 machine type
target/arm: Implement AArch32 ERET instruction
target/arm: Permit accesses to ELR_Hyp from Hyp mode via MSR/MRS (banked)
target/arm: Implement ESR_EL2/HSR for AArch32 and no-EL2
target/arm: Implement AArch32 Hyp FARs
target/arm: Implement AArch32 HVBAR
target/arm: Add missing .cp = 15 to HMAIR1 and HAMAIR1 regdefs
...
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Janosch Frank [Thu, 2 Aug 2018 07:02:01 +0000 (08:02 +0100)]
s390x: Enable KVM huge page backing support
QEMU has had huge page support for a longer time already, but KVM
memory management under s390x needed some changes to work with huge
backings.
Now that we have support, let's enable it if requested and
available. Otherwise we now properly tell the user if there is no
support and back out instead of failing to run the VM later on.
Signed-off-by: Janosch Frank <frankja@linux.ibm.com> Reviewed-by: David Hildenbrand <david@redhat.com>
Message-Id: <20180802070201.257406-1-frankja@linux.ibm.com> Reviewed-by: Thomas Huth <thuth@redhat.com> Signed-off-by: Cornelia Huck <cohuck@redhat.com>
The "max" CPU model behaves like "-cpu host" when KVM is enabled, and like
a CPU with the maximum possible feature set when TCG is enabled.
While the "host" model can not be used under TCG ("kvm_required"), the
"max" model can and "Enables all features supported by the accelerator in
the current host".
So we can treat "host" just as a special case of "max" (like x86 does).
It differs to the "qemu" CPU model under TCG such that compatibility
handling will not be performed and that some experimental CPU features
not yet part of the "qemu" model might be indicated.
These are right now under TCG (see "qemu_MAX"):
- stfle53
- msa5-base
- zpci
This will result right now in the following warning when starting QEMU TCG
with the "max" model:
"qemu-system-s390x: warning: 'msa5-base' requires 'kimd-sha-512'."
The "qemu" model (used as default in QEMU under TCG) will continue to
work without such warnings. The "max" model in the current form
might be interesting for kvm-unit-tests (where we would e.g. now also
test "msa5-base").
The "max" model is neither static nor migration safe (like the "host"
model). It is independent of the machine but dependends on the accelerator.
It can be used to detect the maximum CPU model also under TCG from upper
layers without having to care about CPU model names for CPU model
expansion.
Signed-off-by: David Hildenbrand <david@redhat.com>
Message-Id: <20180725091233.3300-1-david@redhat.com> Reviewed-by: Eduardo Habkost <ehabkost@redhat.com>
[CH: minor wording changes] Signed-off-by: Cornelia Huck <cohuck@redhat.com>
Michael Mueller [Wed, 25 Jul 2018 14:36:17 +0000 (16:36 +0200)]
s390x/cpumodel: enum type S390FeatGroup now gets generated
The enumeration type S390FeatGroup is now generated as well.
This shall simplify the definition of new feature groups
without the requirement to modify existing code.
Signed-off-by: Michael Mueller <mimu@linux.ibm.com>
Message-Id: <20180725143617.8731-1-mimu@linux.ibm.com> Acked-by: David Hildenbrand <david@redhat.com> Acked-by: Christian Borntraeger <borntraeger@de.ibm.com> Signed-off-by: Cornelia Huck <cohuck@redhat.com>
Peter Maydell [Mon, 20 Aug 2018 10:24:33 +0000 (11:24 +0100)]
hw/dma/pl080: Remove hw_error() if DMA is enabled
The PL08x model currently will unconditionally call hw_error()
if the DMA engine is enabled by the guest. This has been
present since the PL080 model was edded in 2006, and is
presumably either unintentional debug code left enabled,
or a guard against untested DMA engine code being used.
Remove the hw_error(), since we now have a guest which
will actually try to use the DMA engine (the self-test
binary for the AN505 MPS2 FPGA image).
Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Peter Maydell [Mon, 20 Aug 2018 10:24:33 +0000 (11:24 +0100)]
hw/dma/pl080: Correct bug in register address decode logic
A bug in the handling of the register address decode logic
for the PL08x meant that we were incorrectly treating
accesses to the DMA channel registers (DMACCxSrcAddr,
DMACCxDestaddr, DMACCxLLI, DMACCxControl, DMACCxConfiguration)
as bad offsets. Fix this long-standing bug.
Fixes: https://bugs.launchpad.net/qemu/+bug/1637974 Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Peter Maydell [Mon, 20 Aug 2018 10:24:33 +0000 (11:24 +0100)]
hw/dma/pl080: Don't use CPU address space for DMA accesses
Currently our PL080/PL081 model uses a combination of the CPU's
address space (via cpu_physical_memory_{read,write}()) and the
system address space for performing DMA accesses.
For the PL081s in the MPS FPGA images, their DMA accesses
must go via Master Security Controllers. Switch the
PL080/PL081 model to take a MemoryRegion property which
defines its downstream for making DMA accesses.
Since the PL08x are only used in two board models, we
make provision of the 'downstream' link mandatory and convert
both users at once, rather than having it be optional with
a default to the system address space.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Peter Maydell [Mon, 20 Aug 2018 10:24:33 +0000 (11:24 +0100)]
hw/dma/pl080: Support all three interrupt lines
The PL080 and PL081 have three outgoing interrupt lines:
* DMACINTERR signals DMA errors
* DMACINTTC is the DMA count interrupt
* DMACINTR is a combined interrupt, the logical OR of the other two
We currently only implement DMACINTR, because that's all the
realview and versatile boards needed, but the instances of the
PL081 in the MPS2 firmware images use all three interrupt lines.
Implement the missing DMACINTERR and DMACINTTC.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Peter Maydell [Mon, 20 Aug 2018 10:24:33 +0000 (11:24 +0100)]
nvic: Expose NMI line
On real v7M hardware, the NMI line is an externally visible signal
that an SoC or board can toggle to assert an NMI. Expose it in
our QEMU NVIC and armv7m container objects so that a board model
can wire it up if it needs to.
In particular, the MPS2 watchdog is wired to NMI.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Peter Maydell [Mon, 20 Aug 2018 10:24:33 +0000 (11:24 +0100)]
hw/timer/m48t59: Move away from old_mmio accessors
Move the m48t59 device away from using old_mmio MemoryRegionOps
accessors.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org> Tested-by: Mark Cave-Ayland <mark.cave-ayland@ilande.co.uk>
Message-id: 20180802180602.22047-1-peter.maydell@linaro.org
Peter Maydell [Mon, 20 Aug 2018 10:24:32 +0000 (11:24 +0100)]
hw/misc: Remove mmio_interface device
The mmio_interface device was a purely internal artifact
of the implementation of the memory subsystem's request_ptr
APIs. Now that we have removed those APIs, we can remove
the mmio_interface device too.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com> Reviewed-by: Alistair Francis <alistair.francis@wdc.com> Reviewed-by: KONRAD Frederic <frederic.konrad@adacore.com>
Message-id: 20180817114619.22354-4-peter.maydell@linaro.org
Peter Maydell [Mon, 20 Aug 2018 10:24:32 +0000 (11:24 +0100)]
memory: Remove MMIO request_ptr APIs
Remove the obsolete MMIO request_ptr APIs; they have no
users now.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com> Reviewed-by: Alistair Francis <alistair.francis@wdc.com> Reviewed-by: KONRAD Frederic <frederic.konrad@adacore.com>
Message-id: 20180817114619.22354-3-peter.maydell@linaro.org
We now support direct execution from MMIO regions in the
core memory subsystem. This means that we don't need to
have device-specific support for it, and we can remove
the request_ptr handling from the Xilinx SPIPS device.
(It was broken anyway due to race conditions, and disabled
by default.)
This device is the only in-tree user of this API.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com> Reviewed-by: Alistair Francis <alistair.francis@wdc.com> Reviewed-by: KONRAD Frederic <frederic.konrad@adacore.com>
Message-id: 20180817114619.22354-2-peter.maydell@linaro.org
Andrew Jones [Mon, 20 Aug 2018 10:24:32 +0000 (11:24 +0100)]
hw/arm/virt: Add virt-3.1 machine type
Signed-off-by: Andrew Jones <drjones@redhat.com> Reviewed-by: Igor Mammedov <imammedo@redhat.com> Reviewed-by: Peter Maydell <peter.maydell@linaro.org> Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Peter Maydell [Mon, 20 Aug 2018 10:24:32 +0000 (11:24 +0100)]
target/arm: Implement AArch32 ERET instruction
ARMv7VE introduced the ERET instruction, which is necessary to
return from an exception taken to Hyp mode. Implement this.
In A32 encoding it is a completely new encoding; in T32 it
is an adjustment of the behaviour of the existing
"SUBS PC, LR, #<imm8>" instruction.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com> Reviewed-by: Luc Michel <luc.michel@greensocs.com>
Message-id: 20180814124254.5229-10-peter.maydell@linaro.org
projects / qemu-xen.git / log