[Qemu-devel] gdbstub chews cpu due to nonblocking socket mode
i'm not sure if someone has brought this up before (i cant find anything in the archives), but using the gdbstub with qemu seems to cause quite a bit of useless cpu chewing. in gdbstub.c:gdb_accept(), after the connection has been established, we see: fcntl(fd, F_SETFL, O_NONBLOCK); then, when the gdb connection is idle (the process is stopped, and gdb is waiting for input from the user), the main polling loop in gdb_handlesig() will call read() over and over again as fast as possible and thus eat a cpu. is there any need for this to be nonblocking ? ive commented out that one line and have yet to notice a problem during my development (using singlestep, breakpoints, continue, etc...). -mike
Re: [Qemu-devel] [PATCH 28/35] kvm: x86: Introduce kvmclock device to save/restore its state
On Tue, Jan 18, 2011 at 11:09:01AM -0600, Anthony Liguori wrote: But we also need to provide a compatible interface to management tools. Exposing the device model topology as a compatible interface artificially limits us. It's far better to provide higher level supported interfaces to give us the flexibility to change the device model as we need to. How do you want to change qdev to keep the guest and management tool view stable while branching off kvm sub-buses? The qdev device model is not a stable interface. I think that's been clear from the very beginning. And what was the reason it was declared not stable? May be because we were not sure we will do it right from the start, so change will be needed later. But changes should bring qdev closer to reflect what guest expect device topology to look like. This will bring us to stable state as close possible. We need this knowledge and stability in qdev for device path creation. Both kind of device paths: OF and the one we use for migration. To create OF device path we need to know topology as seen by a guest (and guest does not care how isa bus is implemented internally inside south bridge), to create device path used for migration we need stability, otherwise change in qdev topology will break migration. All this artificial buses you propose to add move us in opposite direction and make qdev useless for anything but well for anything. -- Gleb.
Re: [Qemu-devel] Re: [PATCH] savevm: fix corruption in vmstate_subsection_load().
2011/1/20 Yoshiaki Tamura tamura.yoshi...@lab.ntt.co.jp:
2011/1/20 Paolo Bonzini pbonz...@redhat.com:
On 01/20/2011 09:57 AM, Yoshiaki Tamura wrote:
2011/1/20 Paolo Bonzinipbonz...@redhat.com:
On 12/14/2010 10:07 AM, Yoshiaki Tamura wrote:
Although it's rare to happen in live migration, when the head of a
byte stream contains 0x05
IIUC, this happens if you have VMS_STRUCT and the field after the
VMS_STRUCT
starts with 0x5.
I think you should also add this in vmstate_subsection_load:
sub_vmsd = vmstate_get_subsection(sub, idstr);
if (sub_vmsd == NULL) {
return -ENOENT;
}
+ assert (!sub_vmsd-subsections);
ret = vmstate_load_state(f, sub_vmsd, opaque, version_id);
and this in vmstate_load_state:
if (field-flags VMS_STRUCT) {
+ assert (!vmsd-subsections);
ret = vmstate_load_state(f, field-vmsd, addr,
field-vmsd-version_id);
}
Hi Paolo,
You mean, having subsection nested and under VMS_STRUCT are
violations?
I believe so, because the protocol doesn't allow you to distinguish:
- in the case of nested subsections, whether 2 consecutive subsections are
siblings, or the second is nested into the first. In fact, your patch also
fixes a latent bug in case a device supports more than one subsection, and
both are present in the data stream. When vmstate_subsection_load is called
for the first subsection, it would see a 0x5 byte (the beginning of the
second subsection), eat it and then fail with ENOENT. The second subsection
would then fail to load.
- in the case of VMS_STRUCT, whether a 0x5 byte after the VMS_STRUCT is a
subsection or part of the parent data stream. This is, I believe, the
source of your bug.
Thank you for the explanation. It's very helpful because I
didn't know the background of subsection. Kemari is kind of
stress test of live migration.
I don't think it is possible to fix these problems in the file format while
preserving backwards compatibility with pre-subsection QEMU (which was a
fundamental requirement of subsections). So, I think your patch is correct
and fixes the practical bugs. However, we can be even stronger and assert
that the problematic vmstate descriptions are not used.
Even better, asserts matching the ones above could be added to
vmstate_subsection_save and vmstate_save_state, as well.
if (field-flags VMS_STRUCT) {
+ assert (!vmsd-subsections);
ret = vmstate_load_state(f, field-vmsd, addr,
field-vmsd-version_id);
}
This assertion always fail for cpu in my environment.
Yoshi
I see. Let me fold the assertion you pointed to the original
patch for now. Because I'm not an expert in subsection, I would
like to leave further improvements to the others.
Yoshi
Paolo
[Qemu-devel] [PATCH 22/31] kvm: x86: Refactor msr_star/hsave_pa setup and checks
From: Jan Kiszka jan.kis...@siemens.com
Simplify kvm_has_msr_star/hsave_pa to booleans and push their one-time
initialization into kvm_arch_init. Also handle potential errors of that
setup procedure.
Signed-off-by: Jan Kiszka jan.kis...@siemens.com
Signed-off-by: Marcelo Tosatti mtosa...@redhat.com
---
target-i386/kvm.c | 47 +++
1 files changed, 19 insertions(+), 28 deletions(-)
diff --git a/target-i386/kvm.c b/target-i386/kvm.c
index c4a22dd..454ddb1 100644
--- a/target-i386/kvm.c
+++ b/target-i386/kvm.c
@@ -54,6 +54,8 @@
#define BUS_MCEERR_AO 5
#endif
+static bool has_msr_star;
+static bool has_msr_hsave_pa;
static int lm_capable_kernel;
#ifdef KVM_CAP_EXT_CPUID
@@ -459,13 +461,10 @@ void kvm_arch_reset_vcpu(CPUState *env)
}
}
-int has_msr_star;
-int has_msr_hsave_pa;
-
-static void kvm_supported_msrs(CPUState *env)
+static int kvm_get_supported_msrs(KVMState *s)
{
static int kvm_supported_msrs;
-int ret;
+int ret = 0;
/* first time */
if (kvm_supported_msrs == 0) {
@@ -476,9 +475,9 @@ static void kvm_supported_msrs(CPUState *env)
/* Obtain MSR list from KVM. These are the MSRs that we must
* save/restore */
msr_list.nmsrs = 0;
-ret = kvm_ioctl(env-kvm_state, KVM_GET_MSR_INDEX_LIST, msr_list);
+ret = kvm_ioctl(s, KVM_GET_MSR_INDEX_LIST, msr_list);
if (ret 0 ret != -E2BIG) {
-return;
+return ret;
}
/* Old kernel modules had a bug and could write beyond the provided
memory. Allocate at least a safe amount of 1K. */
@@ -487,17 +486,17 @@ static void kvm_supported_msrs(CPUState *env)
sizeof(msr_list.indices[0])));
kvm_msr_list-nmsrs = msr_list.nmsrs;
-ret = kvm_ioctl(env-kvm_state, KVM_GET_MSR_INDEX_LIST, kvm_msr_list);
+ret = kvm_ioctl(s, KVM_GET_MSR_INDEX_LIST, kvm_msr_list);
if (ret = 0) {
int i;
for (i = 0; i kvm_msr_list-nmsrs; i++) {
if (kvm_msr_list-indices[i] == MSR_STAR) {
-has_msr_star = 1;
+has_msr_star = true;
continue;
}
if (kvm_msr_list-indices[i] == MSR_VM_HSAVE_PA) {
-has_msr_hsave_pa = 1;
+has_msr_hsave_pa = true;
continue;
}
}
@@ -506,19 +505,7 @@ static void kvm_supported_msrs(CPUState *env)
free(kvm_msr_list);
}
-return;
-}
-
-static int kvm_has_msr_hsave_pa(CPUState *env)
-{
-kvm_supported_msrs(env);
-return has_msr_hsave_pa;
-}
-
-static int kvm_has_msr_star(CPUState *env)
-{
-kvm_supported_msrs(env);
-return has_msr_star;
+return ret;
}
static int kvm_init_identity_map_page(KVMState *s)
@@ -543,9 +530,13 @@ static int kvm_init_identity_map_page(KVMState *s)
int kvm_arch_init(KVMState *s, int smp_cpus)
{
int ret;
-
struct utsname utsname;
+ret = kvm_get_supported_msrs(s);
+if (ret 0) {
+return ret;
+}
+
uname(utsname);
lm_capable_kernel = strcmp(utsname.machine, x86_64) == 0;
@@ -830,10 +821,10 @@ static int kvm_put_msrs(CPUState *env, int level)
kvm_msr_entry_set(msrs[n++], MSR_IA32_SYSENTER_CS, env-sysenter_cs);
kvm_msr_entry_set(msrs[n++], MSR_IA32_SYSENTER_ESP, env-sysenter_esp);
kvm_msr_entry_set(msrs[n++], MSR_IA32_SYSENTER_EIP, env-sysenter_eip);
-if (kvm_has_msr_star(env)) {
+if (has_msr_star) {
kvm_msr_entry_set(msrs[n++], MSR_STAR, env-star);
}
-if (kvm_has_msr_hsave_pa(env)) {
+if (has_msr_hsave_pa) {
kvm_msr_entry_set(msrs[n++], MSR_VM_HSAVE_PA, env-vm_hsave);
}
#ifdef TARGET_X86_64
@@ -1076,10 +1067,10 @@ static int kvm_get_msrs(CPUState *env)
msrs[n++].index = MSR_IA32_SYSENTER_CS;
msrs[n++].index = MSR_IA32_SYSENTER_ESP;
msrs[n++].index = MSR_IA32_SYSENTER_EIP;
-if (kvm_has_msr_star(env)) {
+if (has_msr_star) {
msrs[n++].index = MSR_STAR;
}
-if (kvm_has_msr_hsave_pa(env)) {
+if (has_msr_hsave_pa) {
msrs[n++].index = MSR_VM_HSAVE_PA;
}
msrs[n++].index = MSR_IA32_TSC;
--
1.7.2.3
[Qemu-devel] [PATCH 19/31] kvm: x86: Prepare kvm_get_mp_state for in-kernel irqchip
From: Jan Kiszka jan.kis...@siemens.com
This code path will not yet be taken as we still lack in-kernel irqchip
support. But qemu-kvm can already make use of it and drop its own
mp_state access services.
Signed-off-by: Jan Kiszka jan.kis...@siemens.com
Signed-off-by: Marcelo Tosatti mtosa...@redhat.com
---
target-i386/kvm.c |3 +++
1 files changed, 3 insertions(+), 0 deletions(-)
diff --git a/target-i386/kvm.c b/target-i386/kvm.c
index 9bb34ab..531b69e 100644
--- a/target-i386/kvm.c
+++ b/target-i386/kvm.c
@@ -1198,6 +1198,9 @@ static int kvm_get_mp_state(CPUState *env)
return ret;
}
env-mp_state = mp_state.mp_state;
+if (kvm_irqchip_in_kernel()) {
+env-halted = (mp_state.mp_state == KVM_MP_STATE_HALTED);
+}
return 0;
}
--
1.7.2.3
[Qemu-devel] [PATCH 24/31] kvm: x86: Fix !CONFIG_KVM_PARA build
From: Jan Kiszka jan.kis...@siemens.com If we lack kvm_para.h, MSR_KVM_ASYNC_PF_EN is not defined. The change in kvm_arch_init_vcpu is just for consistency reasons. Signed-off-by: Jan Kiszka jan.kis...@siemens.com Signed-off-by: Marcelo Tosatti mtosa...@redhat.com --- target-i386/kvm.c |8 1 files changed, 4 insertions(+), 4 deletions(-) diff --git a/target-i386/kvm.c b/target-i386/kvm.c index 825af42..feaf33d 100644 --- a/target-i386/kvm.c +++ b/target-i386/kvm.c @@ -319,7 +319,7 @@ int kvm_arch_init_vcpu(CPUState *env) uint32_t limit, i, j, cpuid_i; uint32_t unused; struct kvm_cpuid_entry2 *c; -#ifdef KVM_CPUID_SIGNATURE +#ifdef CONFIG_KVM_PARA uint32_t signature[3]; #endif @@ -855,7 +855,7 @@ static int kvm_put_msrs(CPUState *env, int level) kvm_msr_entry_set(msrs[n++], MSR_KVM_SYSTEM_TIME, env-system_time_msr); kvm_msr_entry_set(msrs[n++], MSR_KVM_WALL_CLOCK, env-wall_clock_msr); -#ifdef KVM_CAP_ASYNC_PF +#if defined(CONFIG_KVM_PARA) defined(KVM_CAP_ASYNC_PF) kvm_msr_entry_set(msrs[n++], MSR_KVM_ASYNC_PF_EN, env-async_pf_en_msr); #endif } @@ -1091,7 +1091,7 @@ static int kvm_get_msrs(CPUState *env) #endif msrs[n++].index = MSR_KVM_SYSTEM_TIME; msrs[n++].index = MSR_KVM_WALL_CLOCK; -#ifdef KVM_CAP_ASYNC_PF +#if defined(CONFIG_KVM_PARA) defined(KVM_CAP_ASYNC_PF) msrs[n++].index = MSR_KVM_ASYNC_PF_EN; #endif @@ -1167,7 +1167,7 @@ static int kvm_get_msrs(CPUState *env) } #endif break; -#ifdef KVM_CAP_ASYNC_PF +#if defined(CONFIG_KVM_PARA) defined(KVM_CAP_ASYNC_PF) case MSR_KVM_ASYNC_PF_EN: env-async_pf_en_msr = msrs[i].data; break; -- 1.7.2.3
[Qemu-devel] [PATCH 11/31] kvm: x86: Prevent sign extension of DR7 in guest debugging mode
From: Jan Kiszka jan.kis...@siemens.com This unbreaks guest debugging when the 4th hardware breakpoint used for guest debugging is a watchpoint of 4 or 8 byte lenght. The 31st bit of DR7 is set in that case and used to cause a sign extension to the high word which was breaking the guest state (vm entry failure). Signed-off-by: Jan Kiszka jan.kis...@siemens.com Signed-off-by: Avi Kivity a...@redhat.com --- target-i386/kvm.c |2 +- 1 files changed, 1 insertions(+), 1 deletions(-) diff --git a/target-i386/kvm.c b/target-i386/kvm.c index 7e5982b..85edacc 100644 --- a/target-i386/kvm.c +++ b/target-i386/kvm.c @@ -1686,7 +1686,7 @@ void kvm_arch_update_guest_debug(CPUState *env, struct kvm_guest_debug *dbg) dbg-arch.debugreg[n] = hw_breakpoint[n].addr; dbg-arch.debugreg[7] |= (2 (n * 2)) | (type_code[hw_breakpoint[n].type] (16 + n*4)) | -(len_code[hw_breakpoint[n].len] (18 + n*4)); +((uint32_t)len_code[hw_breakpoint[n].len] (18 + n*4)); } } /* Legal xcr0 for loading */ -- 1.7.2.3
[Qemu-devel] [PATCH 03/31] Clean up cpu_inject_x86_mce()
From: Jin Dongming jin.dongm...@np.css.fujitsu.com
Clean up cpu_inject_x86_mce() for later patch.
Signed-off-by: Jin Dongming jin.dongm...@np.css.fujitsu.com
Signed-off-by: Marcelo Tosatti mtosa...@redhat.com
---
target-i386/helper.c | 27 +--
1 files changed, 17 insertions(+), 10 deletions(-)
diff --git a/target-i386/helper.c b/target-i386/helper.c
index 25a3e36..2c94130 100644
--- a/target-i386/helper.c
+++ b/target-i386/helper.c
@@ -1021,21 +1021,12 @@ static void breakpoint_handler(CPUState *env)
/* This should come from sysemu.h - if we could include it here... */
void qemu_system_reset_request(void);
-void cpu_inject_x86_mce(CPUState *cenv, int bank, uint64_t status,
+static void qemu_inject_x86_mce(CPUState *cenv, int bank, uint64_t status,
uint64_t mcg_status, uint64_t addr, uint64_t misc)
{
uint64_t mcg_cap = cenv-mcg_cap;
-unsigned bank_num = mcg_cap 0xff;
uint64_t *banks = cenv-mce_banks;
-if (bank = bank_num || !(status MCI_STATUS_VAL))
-return;
-
-if (kvm_enabled()) {
-kvm_inject_x86_mce(cenv, bank, status, mcg_status, addr, misc, 0);
-return;
-}
-
/*
* if MSR_MCG_CTL is not all 1s, the uncorrected error
* reporting is disabled
@@ -1076,6 +1067,22 @@ void cpu_inject_x86_mce(CPUState *cenv, int bank,
uint64_t status,
} else
banks[1] |= MCI_STATUS_OVER;
}
+
+void cpu_inject_x86_mce(CPUState *cenv, int bank, uint64_t status,
+uint64_t mcg_status, uint64_t addr, uint64_t misc)
+{
+unsigned bank_num = cenv-mcg_cap 0xff;
+
+if (bank = bank_num || !(status MCI_STATUS_VAL)) {
+return;
+}
+
+if (kvm_enabled()) {
+kvm_inject_x86_mce(cenv, bank, status, mcg_status, addr, misc, 0);
+} else {
+qemu_inject_x86_mce(cenv, bank, status, mcg_status, addr, misc);
+}
+}
#endif /* !CONFIG_USER_ONLY */
static void mce_init(CPUX86State *cenv)
--
1.7.2.3
[Qemu-devel] [PATCH 30/31] kvm: x86: Implicitly clear nmi_injected/pending on reset
From: Jan Kiszka jan.kis...@siemens.com
All CPUX86State variables before CPU_COMMON are automatically cleared on
reset. Reorder nmi_injected and nmi_pending to avoid having to touch
them explicitly.
Signed-off-by: Jan Kiszka jan.kis...@siemens.com
Signed-off-by: Marcelo Tosatti mtosa...@redhat.com
---
target-i386/cpu.h |6 --
target-i386/kvm.c |2 --
2 files changed, 4 insertions(+), 4 deletions(-)
diff --git a/target-i386/cpu.h b/target-i386/cpu.h
index a457423..af701a4 100644
--- a/target-i386/cpu.h
+++ b/target-i386/cpu.h
@@ -699,6 +699,10 @@ typedef struct CPUX86State {
uint32_t smbase;
int old_exception; /* exception in flight */
+/* KVM states, automatically cleared on reset */
+uint8_t nmi_injected;
+uint8_t nmi_pending;
+
CPU_COMMON
/* processor features (e.g. for CPUID insn) */
@@ -726,8 +730,6 @@ typedef struct CPUX86State {
int32_t exception_injected;
int32_t interrupt_injected;
uint8_t soft_interrupt;
-uint8_t nmi_injected;
-uint8_t nmi_pending;
uint8_t has_error_code;
uint32_t sipi_vector;
uint32_t cpuid_kvm_features;
diff --git a/target-i386/kvm.c b/target-i386/kvm.c
index 72f9fdf..b2c5ee0 100644
--- a/target-i386/kvm.c
+++ b/target-i386/kvm.c
@@ -435,8 +435,6 @@ void kvm_arch_reset_vcpu(CPUState *env)
{
env-exception_injected = -1;
env-interrupt_injected = -1;
-env-nmi_injected = 0;
-env-nmi_pending = 0;
env-xcr0 = 1;
if (kvm_irqchip_in_kernel()) {
env-mp_state = cpu_is_bsp(env) ? KVM_MP_STATE_RUNNABLE :
--
1.7.2.3
[Qemu-devel] [PATCH 02/31] kvm: convert kvm_ioctl(KVM_CHECK_EXTENSION) to kvm_check_extension()
From: Lai Jiangshan la...@cn.fujitsu.com
simple cleanup and use existing helper: kvm_check_extension().
Signed-off-by: Lai Jiangshan la...@cn.fujitsu.com
Signed-off-by: Marcelo Tosatti mtosa...@redhat.com
---
kvm-all.c |2 +-
target-i386/kvm.c |4 ++--
2 files changed, 3 insertions(+), 3 deletions(-)
diff --git a/kvm-all.c b/kvm-all.c
index 255b6fa..935c436 100644
--- a/kvm-all.c
+++ b/kvm-all.c
@@ -717,7 +717,7 @@ int kvm_init(int smp_cpus)
s-broken_set_mem_region = 1;
#ifdef KVM_CAP_JOIN_MEMORY_REGIONS_WORKS
-ret = kvm_ioctl(s, KVM_CHECK_EXTENSION, KVM_CAP_JOIN_MEMORY_REGIONS_WORKS);
+ret = kvm_check_extension(s, KVM_CAP_JOIN_MEMORY_REGIONS_WORKS);
if (ret 0) {
s-broken_set_mem_region = 0;
}
diff --git a/target-i386/kvm.c b/target-i386/kvm.c
index 755f8c9..4004de7 100644
--- a/target-i386/kvm.c
+++ b/target-i386/kvm.c
@@ -187,7 +187,7 @@ static int kvm_get_mce_cap_supported(KVMState *s, uint64_t
*mce_cap,
{
int r;
-r = kvm_ioctl(s, KVM_CHECK_EXTENSION, KVM_CAP_MCE);
+r = kvm_check_extension(s, KVM_CAP_MCE);
if (r 0) {
*max_banks = r;
return kvm_ioctl(s, KVM_X86_GET_MCE_CAP_SUPPORTED, mce_cap);
@@ -540,7 +540,7 @@ int kvm_arch_init(KVMState *s, int smp_cpus)
* versions of KVM just assumed that it would be at the end of physical
* memory but that doesn't work with more than 4GB of memory. We simply
* refuse to work with those older versions of KVM. */
-ret = kvm_ioctl(s, KVM_CHECK_EXTENSION, KVM_CAP_SET_TSS_ADDR);
+ret = kvm_check_extension(s, KVM_CAP_SET_TSS_ADDR);
if (ret = 0) {
fprintf(stderr, kvm does not support KVM_CAP_SET_TSS_ADDR\n);
return ret;
--
1.7.2.3
[Qemu-devel] [PATCH 31/31] kvm: x86: Only read/write MSR_KVM_ASYNC_PF_EN if supported
From: Jan Kiszka jan.kis...@siemens.com
If the kernel does not support KVM_CAP_ASYNC_PF, it also does not know
about the related MSR. So skip it during state synchronization in that
case. Fixes annoying kernel warnings.
Signed-off-by: Jan Kiszka jan.kis...@siemens.com
Signed-off-by: Marcelo Tosatti mtosa...@redhat.com
---
target-i386/kvm.c | 13 +++--
1 files changed, 11 insertions(+), 2 deletions(-)
diff --git a/target-i386/kvm.c b/target-i386/kvm.c
index b2c5ee0..8e8880a 100644
--- a/target-i386/kvm.c
+++ b/target-i386/kvm.c
@@ -63,6 +63,9 @@ const KVMCapabilityInfo kvm_arch_required_capabilities[] = {
static bool has_msr_star;
static bool has_msr_hsave_pa;
+#if defined(CONFIG_KVM_PARA) defined(KVM_CAP_ASYNC_PF)
+static bool has_msr_async_pf_en;
+#endif
static int lm_capable_kernel;
static struct kvm_cpuid2 *try_get_cpuid(KVMState *s, int max)
@@ -164,6 +167,7 @@ static int get_para_features(CPUState *env)
features |= (1 para_features[i].feature);
}
}
+has_msr_async_pf_en = features (1 KVM_FEATURE_ASYNC_PF);
return features;
}
#endif
@@ -828,7 +832,10 @@ static int kvm_put_msrs(CPUState *env, int level)
env-system_time_msr);
kvm_msr_entry_set(msrs[n++], MSR_KVM_WALL_CLOCK, env-wall_clock_msr);
#if defined(CONFIG_KVM_PARA) defined(KVM_CAP_ASYNC_PF)
-kvm_msr_entry_set(msrs[n++], MSR_KVM_ASYNC_PF_EN,
env-async_pf_en_msr);
+if (has_msr_async_pf_en) {
+kvm_msr_entry_set(msrs[n++], MSR_KVM_ASYNC_PF_EN,
+ env-async_pf_en_msr);
+}
#endif
}
#ifdef KVM_CAP_MCE
@@ -1064,7 +1071,9 @@ static int kvm_get_msrs(CPUState *env)
msrs[n++].index = MSR_KVM_SYSTEM_TIME;
msrs[n++].index = MSR_KVM_WALL_CLOCK;
#if defined(CONFIG_KVM_PARA) defined(KVM_CAP_ASYNC_PF)
-msrs[n++].index = MSR_KVM_ASYNC_PF_EN;
+if (has_msr_async_pf_en) {
+msrs[n++].index = MSR_KVM_ASYNC_PF_EN;
+}
#endif
#ifdef KVM_CAP_MCE
--
1.7.2.3
[Qemu-devel] [PATCH 15/31] kvm: Stop on all fatal exit reasons
From: Jan Kiszka jan.kis...@siemens.com
Ensure that we stop the guest whenever we face a fatal or unknown exit
reason. If we stop, we also have to enforce a cpu loop exit.
Signed-off-by: Jan Kiszka jan.kis...@siemens.com
Signed-off-by: Marcelo Tosatti mtosa...@redhat.com
---
kvm-all.c | 15 +++
target-i386/kvm.c |4
target-ppc/kvm.c |4
3 files changed, 19 insertions(+), 4 deletions(-)
diff --git a/kvm-all.c b/kvm-all.c
index 86ddbd6..eaf9272 100644
--- a/kvm-all.c
+++ b/kvm-all.c
@@ -815,7 +815,7 @@ static int kvm_handle_io(uint16_t port, void *data, int
direction, int size,
}
#ifdef KVM_CAP_INTERNAL_ERROR_DATA
-static void kvm_handle_internal_error(CPUState *env, struct kvm_run *run)
+static int kvm_handle_internal_error(CPUState *env, struct kvm_run *run)
{
if (kvm_check_extension(kvm_state, KVM_CAP_INTERNAL_ERROR_DATA)) {
@@ -833,13 +833,13 @@ static void kvm_handle_internal_error(CPUState *env,
struct kvm_run *run)
if (run-internal.suberror == KVM_INTERNAL_ERROR_EMULATION) {
fprintf(stderr, emulation failure\n);
if (!kvm_arch_stop_on_emulation_error(env)) {
-return;
+return 0;
}
}
/* FIXME: Should trigger a qmp message to let management know
* something went wrong.
*/
-vm_stop(0);
+return -1;
}
#endif
@@ -967,16 +967,19 @@ int kvm_cpu_exec(CPUState *env)
break;
case KVM_EXIT_UNKNOWN:
DPRINTF(kvm_exit_unknown\n);
+ret = -1;
break;
case KVM_EXIT_FAIL_ENTRY:
DPRINTF(kvm_exit_fail_entry\n);
+ret = -1;
break;
case KVM_EXIT_EXCEPTION:
DPRINTF(kvm_exit_exception\n);
+ret = -1;
break;
#ifdef KVM_CAP_INTERNAL_ERROR_DATA
case KVM_EXIT_INTERNAL_ERROR:
-kvm_handle_internal_error(env, run);
+ret = kvm_handle_internal_error(env, run);
break;
#endif
case KVM_EXIT_DEBUG:
@@ -997,6 +1000,10 @@ int kvm_cpu_exec(CPUState *env)
}
} while (ret 0);
+if (ret 0) {
+vm_stop(0);
+env-exit_request = 1;
+}
if (env-exit_request) {
env-exit_request = 0;
env-exception_index = EXCP_INTERRUPT;
diff --git a/target-i386/kvm.c b/target-i386/kvm.c
index 0aeb079..6b4abaa 100644
--- a/target-i386/kvm.c
+++ b/target-i386/kvm.c
@@ -1537,6 +1537,10 @@ int kvm_arch_handle_exit(CPUState *env, struct kvm_run
*run)
case KVM_EXIT_SET_TPR:
ret = 1;
break;
+default:
+fprintf(stderr, KVM: unknown exit reason %d\n, run-exit_reason);
+ret = -1;
+break;
}
return ret;
diff --git a/target-ppc/kvm.c b/target-ppc/kvm.c
index 5caa07c..849b404 100644
--- a/target-ppc/kvm.c
+++ b/target-ppc/kvm.c
@@ -307,6 +307,10 @@ int kvm_arch_handle_exit(CPUState *env, struct kvm_run
*run)
dprintf(handle halt\n);
ret = kvmppc_handle_halt(env);
break;
+default:
+fprintf(stderr, KVM: unknown exit reason %d\n, run-exit_reason);
+ret = -1;
+break;
}
return ret;
--
1.7.2.3
[Qemu-devel] [PATCH 00/31] [PULL] qemu-kvm.git uq/master queue
The following changes since commit b646968336d4180bdd7d2e24209708dcee6ba400: checkpatch: adjust to QEMUisms (2011-01-20 20:58:56 +) are available in the git repository at: git://git.kernel.org/pub/scm/virt/kvm/qemu-kvm.git uq/master Jan Kiszka (23): kvm: x86: Fix DPL write back of segment registers kvm: x86: Remove obsolete SS.RPL/DPL aligment kvm: x86: Prevent sign extension of DR7 in guest debugging mode kvm: x86: Fix a few coding style violations kvm: Fix coding style violations kvm: x86: Swallow KVM_EXIT_SET_TPR kvm: Stop on all fatal exit reasons kvm: Improve reporting of fatal errors x86: Optionally dump code bytes on cpu_dump_state kvm: x86: Align kvm_arch_put_registers code with comment kvm: x86: Prepare kvm_get_mp_state for in-kernel irqchip kvm: x86: Remove redundant mp_state initialization kvm: x86: Fix xcr0 reset mismerge kvm: x86: Refactor msr_star/hsave_pa setup and checks kvm: x86: Reset paravirtual MSRs kvm: x86: Fix !CONFIG_KVM_PARA build kvm: Drop smp_cpus argument from init functions kvm: Consolidate must-have capability checks kvm: x86: Rework identity map and TSS setup for larger BIOS sizes kvm: Flush coalesced mmio buffer on IO window exits kvm: Do not use qemu_fair_mutex kvm: x86: Implicitly clear nmi_injected/pending on reset kvm: x86: Only read/write MSR_KVM_ASYNC_PF_EN if supported Jin Dongming (6): Clean up cpu_inject_x86_mce() Add broadcast option for mce command Add function for checking mca broadcast of CPU kvm: introduce kvm_mce_in_progress kvm: kvm_mce_inj_* subroutines for templated error injections kvm: introduce kvm_inject_x86_mce_on Lai Jiangshan (2): kvm: Enable user space NMI injection for kvm guest kvm: convert kvm_ioctl(KVM_CHECK_EXTENSION) to kvm_check_extension() configure | 36 ++- cpu-all.h |5 +- cpus.c|2 - hmp-commands.hx |6 +- kvm-all.c | 247 + kvm-stub.c|2 +- kvm.h | 14 +- monitor.c |7 +- target-i386/cpu.h |9 +- target-i386/cpuid.c |5 +- target-i386/helper.c | 97 ++- target-i386/kvm.c | 749 +++- target-i386/kvm_x86.h |5 +- target-ppc/kvm.c | 10 +- target-s390x/kvm.c|6 +- vl.c |2 +- 16 files changed, 714 insertions(+), 488 deletions(-)
[Qemu-devel] [PATCH 17/31] x86: Optionally dump code bytes on cpu_dump_state
From: Jan Kiszka jan.kis...@siemens.com
Introduce the cpu_dump_state flag CPU_DUMP_CODE and implement it for
x86. This writes out the code bytes around the current instruction
pointer. Make use of this feature in KVM to help debugging fatal vm
exits.
Signed-off-by: Jan Kiszka jan.kis...@siemens.com
Signed-off-by: Marcelo Tosatti mtosa...@redhat.com
---
cpu-all.h|2 ++
kvm-all.c|4 ++--
target-i386/helper.c | 21 +
3 files changed, 25 insertions(+), 2 deletions(-)
diff --git a/cpu-all.h b/cpu-all.h
index 4ce4e83..ffbd6a4 100644
--- a/cpu-all.h
+++ b/cpu-all.h
@@ -765,6 +765,8 @@ int page_check_range(target_ulong start, target_ulong len,
int flags);
CPUState *cpu_copy(CPUState *env);
CPUState *qemu_get_cpu(int cpu);
+#define CPU_DUMP_CODE 0x0001
+
void cpu_dump_state(CPUState *env, FILE *f, fprintf_function cpu_fprintf,
int flags);
void cpu_dump_statistics(CPUState *env, FILE *f, fprintf_function cpu_fprintf,
diff --git a/kvm-all.c b/kvm-all.c
index 10e1194..41decde 100644
--- a/kvm-all.c
+++ b/kvm-all.c
@@ -832,7 +832,7 @@ static int kvm_handle_internal_error(CPUState *env, struct
kvm_run *run)
if (run-internal.suberror == KVM_INTERNAL_ERROR_EMULATION) {
fprintf(stderr, emulation failure\n);
if (!kvm_arch_stop_on_emulation_error(env)) {
-cpu_dump_state(env, stderr, fprintf, 0);
+cpu_dump_state(env, stderr, fprintf, CPU_DUMP_CODE);
return 0;
}
}
@@ -994,7 +994,7 @@ int kvm_cpu_exec(CPUState *env)
} while (ret 0);
if (ret 0) {
-cpu_dump_state(env, stderr, fprintf, 0);
+cpu_dump_state(env, stderr, fprintf, CPU_DUMP_CODE);
vm_stop(0);
env-exit_request = 1;
}
diff --git a/target-i386/helper.c b/target-i386/helper.c
index 6dfa27d..1217452 100644
--- a/target-i386/helper.c
+++ b/target-i386/helper.c
@@ -249,6 +249,9 @@ done:
cpu_fprintf(f, \n);
}
+#define DUMP_CODE_BYTES_TOTAL50
+#define DUMP_CODE_BYTES_BACKWARD 20
+
void cpu_dump_state(CPUState *env, FILE *f, fprintf_function cpu_fprintf,
int flags)
{
@@ -434,6 +437,24 @@ void cpu_dump_state(CPUState *env, FILE *f,
fprintf_function cpu_fprintf,
cpu_fprintf(f, );
}
}
+if (flags CPU_DUMP_CODE) {
+target_ulong base = env-segs[R_CS].base + env-eip;
+target_ulong offs = MIN(env-eip, DUMP_CODE_BYTES_BACKWARD);
+uint8_t code;
+char codestr[3];
+
+cpu_fprintf(f, Code=);
+for (i = 0; i DUMP_CODE_BYTES_TOTAL; i++) {
+if (cpu_memory_rw_debug(env, base - offs + i, code, 1, 0) == 0) {
+snprintf(codestr, sizeof(codestr), %02x, code);
+} else {
+snprintf(codestr, sizeof(codestr), ??);
+}
+cpu_fprintf(f, %s%s%s%s, i 0 ? : ,
+i == offs ? : , codestr, i == offs ? : );
+}
+cpu_fprintf(f, \n);
+}
}
/***/
--
1.7.2.3
[Qemu-devel] [PATCH 28/31] kvm: Flush coalesced mmio buffer on IO window exits
From: Jan Kiszka jan.kis...@siemens.com
We must flush pending mmio writes if we leave kvm_cpu_exec for an IO
window. Otherwise we risk to loose those requests when migrating to a
different host during that window.
Signed-off-by: Jan Kiszka jan.kis...@siemens.com
Signed-off-by: Marcelo Tosatti mtosa...@redhat.com
---
kvm-all.c |4 ++--
1 files changed, 2 insertions(+), 2 deletions(-)
diff --git a/kvm-all.c b/kvm-all.c
index 3a1f63b..9976762 100644
--- a/kvm-all.c
+++ b/kvm-all.c
@@ -918,6 +918,8 @@ int kvm_cpu_exec(CPUState *env)
cpu_single_env = env;
kvm_arch_post_run(env, run);
+kvm_flush_coalesced_mmio_buffer();
+
if (ret == -EINTR || ret == -EAGAIN) {
cpu_exit(env);
DPRINTF(io window exit\n);
@@ -930,8 +932,6 @@ int kvm_cpu_exec(CPUState *env)
abort();
}
-kvm_flush_coalesced_mmio_buffer();
-
ret = 0; /* exit loop */
switch (run-exit_reason) {
case KVM_EXIT_IO:
--
1.7.2.3
[Qemu-devel] [PATCH 05/31] Add function for checking mca broadcast of CPU
From: Jin Dongming jin.dongm...@np.css.fujitsu.com
Add function for checking whether current CPU support mca broadcast.
Signed-off-by: Jin Dongming jin.dongm...@np.css.fujitsu.com
Signed-off-by: Marcelo Tosatti mtosa...@redhat.com
---
target-i386/cpu.h|1 +
target-i386/helper.c | 33 +
target-i386/kvm.c|6 +-
3 files changed, 35 insertions(+), 5 deletions(-)
diff --git a/target-i386/cpu.h b/target-i386/cpu.h
index f0c07cd..dddcd74 100644
--- a/target-i386/cpu.h
+++ b/target-i386/cpu.h
@@ -760,6 +760,7 @@ int cpu_x86_exec(CPUX86State *s);
void cpu_x86_close(CPUX86State *s);
void x86_cpu_list (FILE *f, fprintf_function cpu_fprintf, const char *optarg);
void x86_cpudef_setup(void);
+int cpu_x86_support_mca_broadcast(CPUState *env);
int cpu_get_pic_interrupt(CPUX86State *s);
/* MSDOS compatibility mode FPU exception support */
diff --git a/target-i386/helper.c b/target-i386/helper.c
index 2cfb4a4..6dfa27d 100644
--- a/target-i386/helper.c
+++ b/target-i386/helper.c
@@ -110,6 +110,32 @@ void cpu_x86_close(CPUX86State *env)
qemu_free(env);
}
+static void cpu_x86_version(CPUState *env, int *family, int *model)
+{
+int cpuver = env-cpuid_version;
+
+if (family == NULL || model == NULL) {
+return;
+}
+
+*family = (cpuver 8) 0x0f;
+*model = ((cpuver 12) 0xf0) + ((cpuver 4) 0x0f);
+}
+
+/* Broadcast MCA signal for processor version 06H_EH and above */
+int cpu_x86_support_mca_broadcast(CPUState *env)
+{
+int family = 0;
+int model = 0;
+
+cpu_x86_version(env, family, model);
+if ((family == 6 model = 14) || family 6) {
+return 1;
+}
+
+return 0;
+}
+
/***/
/* x86 debug */
@@ -1080,6 +1106,13 @@ void cpu_inject_x86_mce(CPUState *cenv, int bank,
uint64_t status,
return;
}
+if (broadcast) {
+if (!cpu_x86_support_mca_broadcast(cenv)) {
+fprintf(stderr, Current CPU does not support broadcast\n);
+return;
+}
+}
+
if (kvm_enabled()) {
if (broadcast) {
flag |= MCE_BROADCAST;
diff --git a/target-i386/kvm.c b/target-i386/kvm.c
index 8b868ad..2115a58 100644
--- a/target-i386/kvm.c
+++ b/target-i386/kvm.c
@@ -1711,13 +1711,9 @@ static void hardware_memory_error(void)
static void kvm_mce_broadcast_rest(CPUState *env)
{
CPUState *cenv;
-int family, model, cpuver = env-cpuid_version;
-
-family = (cpuver 8) 0xf;
-model = ((cpuver 12) 0xf0) + ((cpuver 4) 0xf);
/* Broadcast MCA signal for processor version 06H_EH and above */
-if ((family == 6 model = 14) || family 6) {
+if (cpu_x86_support_mca_broadcast(env)) {
for (cenv = first_cpu; cenv != NULL; cenv = cenv-next_cpu) {
if (cenv == env) {
continue;
--
1.7.2.3
[Qemu-devel] [PATCH 13/31] kvm: Fix coding style violations
From: Jan Kiszka jan.kis...@siemens.com
No functional changes.
Signed-off-by: Jan Kiszka jan.kis...@siemens.com
Signed-off-by: Marcelo Tosatti mtosa...@redhat.com
---
kvm-all.c | 139 ++--
1 files changed, 79 insertions(+), 60 deletions(-)
diff --git a/kvm-all.c b/kvm-all.c
index 935c436..86ddbd6 100644
--- a/kvm-all.c
+++ b/kvm-all.c
@@ -88,10 +88,12 @@ static KVMSlot *kvm_alloc_slot(KVMState *s)
for (i = 0; i ARRAY_SIZE(s-slots); i++) {
/* KVM private memory slots */
-if (i = 8 i 12)
+if (i = 8 i 12) {
continue;
-if (s-slots[i].memory_size == 0)
+}
+if (s-slots[i].memory_size == 0) {
return s-slots[i];
+}
}
fprintf(stderr, %s: no free slot available\n, __func__);
@@ -226,9 +228,10 @@ int kvm_init_vcpu(CPUState *env)
}
#ifdef KVM_CAP_COALESCED_MMIO
-if (s-coalesced_mmio !s-coalesced_mmio_ring)
-s-coalesced_mmio_ring = (void *) env-kvm_run +
- s-coalesced_mmio * PAGE_SIZE;
+if (s-coalesced_mmio !s-coalesced_mmio_ring) {
+s-coalesced_mmio_ring =
+(void *)env-kvm_run + s-coalesced_mmio * PAGE_SIZE;
+}
#endif
ret = kvm_arch_init_vcpu(env);
@@ -275,16 +278,14 @@ static int kvm_dirty_pages_log_change(target_phys_addr_t
phys_addr,
int kvm_log_start(target_phys_addr_t phys_addr, ram_addr_t size)
{
-return kvm_dirty_pages_log_change(phys_addr, size,
- KVM_MEM_LOG_DIRTY_PAGES,
- KVM_MEM_LOG_DIRTY_PAGES);
+return kvm_dirty_pages_log_change(phys_addr, size, KVM_MEM_LOG_DIRTY_PAGES,
+ KVM_MEM_LOG_DIRTY_PAGES);
}
int kvm_log_stop(target_phys_addr_t phys_addr, ram_addr_t size)
{
-return kvm_dirty_pages_log_change(phys_addr, size,
- 0,
- KVM_MEM_LOG_DIRTY_PAGES);
+return kvm_dirty_pages_log_change(phys_addr, size, 0,
+ KVM_MEM_LOG_DIRTY_PAGES);
}
static int kvm_set_migration_log(int enable)
@@ -356,7 +357,7 @@ static int kvm_get_dirty_pages_log_range(unsigned long
start_addr,
* @end_addr: end of logged region.
*/
static int kvm_physical_sync_dirty_bitmap(target_phys_addr_t start_addr,
- target_phys_addr_t end_addr)
+ target_phys_addr_t end_addr)
{
KVMState *s = kvm_state;
unsigned long size, allocated_size = 0;
@@ -480,9 +481,8 @@ static int kvm_check_many_ioeventfds(void)
#endif
}
-static void kvm_set_phys_mem(target_phys_addr_t start_addr,
-ram_addr_t size,
-ram_addr_t phys_offset)
+static void kvm_set_phys_mem(target_phys_addr_t start_addr, ram_addr_t size,
+ ram_addr_t phys_offset)
{
KVMState *s = kvm_state;
ram_addr_t flags = phys_offset ~TARGET_PAGE_MASK;
@@ -589,13 +589,13 @@ static void kvm_set_phys_mem(target_phys_addr_t
start_addr,
}
/* in case the KVM bug workaround already consumed the new slot */
-if (!size)
+if (!size) {
return;
-
+}
/* KVM does not need to know about this memory */
-if (flags = IO_MEM_UNASSIGNED)
+if (flags = IO_MEM_UNASSIGNED) {
return;
-
+}
mem = kvm_alloc_slot(s);
mem-memory_size = size;
mem-start_addr = start_addr;
@@ -611,30 +611,29 @@ static void kvm_set_phys_mem(target_phys_addr_t
start_addr,
}
static void kvm_client_set_memory(struct CPUPhysMemoryClient *client,
- target_phys_addr_t start_addr,
- ram_addr_t size,
- ram_addr_t phys_offset)
+ target_phys_addr_t start_addr,
+ ram_addr_t size, ram_addr_t phys_offset)
{
- kvm_set_phys_mem(start_addr, size, phys_offset);
+kvm_set_phys_mem(start_addr, size, phys_offset);
}
static int kvm_client_sync_dirty_bitmap(struct CPUPhysMemoryClient *client,
- target_phys_addr_t start_addr,
- target_phys_addr_t end_addr)
+target_phys_addr_t start_addr,
+target_phys_addr_t end_addr)
{
- return kvm_physical_sync_dirty_bitmap(start_addr, end_addr);
+return kvm_physical_sync_dirty_bitmap(start_addr, end_addr);
}
static int kvm_client_migration_log(struct CPUPhysMemoryClient *client,
- int enable)
+int enable)
{
- return kvm_set_migration_log(enable);
+return kvm_set_migration_log(enable);
}
static CPUPhysMemoryClient kvm_cpu_phys_memory_client = {
-
[Qemu-devel] [PATCH 01/31] kvm: Enable user space NMI injection for kvm guest
From: Lai Jiangshan la...@cn.fujitsu.com
Make use of the new KVM_NMI IOCTL to send NMIs into the KVM guest if the
user space raised them. (example: qemu monitor's nmi command)
Signed-off-by: Lai Jiangshan la...@cn.fujitsu.com
Acked-by: Jan Kiszka jan.kis...@siemens.com
Signed-off-by: Marcelo Tosatti mtosa...@redhat.com
---
configure |3 +++
target-i386/kvm.c |7 +++
2 files changed, 10 insertions(+), 0 deletions(-)
diff --git a/configure b/configure
index 210670c..9a02d1f 100755
--- a/configure
+++ b/configure
@@ -1671,6 +1671,9 @@ if test $kvm != no ; then
#if !defined(KVM_CAP_DESTROY_MEMORY_REGION_WORKS)
#error Missing KVM capability KVM_CAP_DESTROY_MEMORY_REGION_WORKS
#endif
+#if !defined(KVM_CAP_USER_NMI)
+#error Missing KVM capability KVM_CAP_USER_NMI
+#endif
int main(void) { return 0; }
EOF
if test $kerneldir != ; then
diff --git a/target-i386/kvm.c b/target-i386/kvm.c
index 7dfc357..755f8c9 100644
--- a/target-i386/kvm.c
+++ b/target-i386/kvm.c
@@ -1417,6 +1417,13 @@ int kvm_arch_get_registers(CPUState *env)
int kvm_arch_pre_run(CPUState *env, struct kvm_run *run)
{
+/* Inject NMI */
+if (env-interrupt_request CPU_INTERRUPT_NMI) {
+env-interrupt_request = ~CPU_INTERRUPT_NMI;
+DPRINTF(injected NMI\n);
+kvm_vcpu_ioctl(env, KVM_NMI);
+}
+
/* Try to inject an interrupt if the guest can accept it */
if (run-ready_for_interrupt_injection
(env-interrupt_request CPU_INTERRUPT_HARD)
--
1.7.2.3
[Qemu-devel] [PATCH 04/31] Add broadcast option for mce command
From: Jin Dongming jin.dongm...@np.css.fujitsu.com
When the following test case is injected with mce command, maybe user could not
get the expected result.
DATA
command cpu bank status mcg_status addr misc
(qemu) mce 1 10xbd00 0x050x1234 0x8c
Expected Result
panic type: Fatal Machine check
That is because each mce command can only inject the given cpu and could not
inject mce interrupt to other cpus. So user will get the following result:
panic type: Fatal machine check on current CPU
broadcast option is used for injecting dummy data into other cpus. Injecting
mce with this option the expected result could be gotten.
Usage:
Broadcast[on]
command broadcast cpu bank status mcg_status addr misc
(qemu) mce -b1 10xbd00 0x050x1234 0x8c
Broadcast[off]
command cpu bank status mcg_status addr misc
(qemu) mce 1 10xbd00 0x050x1234 0x8c
Signed-off-by: Jin Dongming jin.dongm...@np.css.fujitsu.com
Signed-off-by: Marcelo Tosatti mtosa...@redhat.com
---
cpu-all.h |3 ++-
hmp-commands.hx |6 +++---
monitor.c |7 +--
target-i386/helper.c | 20 ++--
target-i386/kvm.c | 16
target-i386/kvm_x86.h |5 -
6 files changed, 44 insertions(+), 13 deletions(-)
diff --git a/cpu-all.h b/cpu-all.h
index 30ae17d..4ce4e83 100644
--- a/cpu-all.h
+++ b/cpu-all.h
@@ -964,6 +964,7 @@ int cpu_memory_rw_debug(CPUState *env, target_ulong addr,
uint8_t *buf, int len, int is_write);
void cpu_inject_x86_mce(CPUState *cenv, int bank, uint64_t status,
-uint64_t mcg_status, uint64_t addr, uint64_t misc);
+uint64_t mcg_status, uint64_t addr, uint64_t misc,
+int broadcast);
#endif /* CPU_ALL_H */
diff --git a/hmp-commands.hx b/hmp-commands.hx
index 1cea572..d65a41f 100644
--- a/hmp-commands.hx
+++ b/hmp-commands.hx
@@ -1116,9 +1116,9 @@ ETEXI
{
.name = mce,
-.args_type = cpu_index:i,bank:i,status:l,mcg_status:l,addr:l,misc:l,
-.params = cpu bank status mcgstatus addr misc,
-.help = inject a MCE on the given CPU,
+.args_type =
broadcast:-b,cpu_index:i,bank:i,status:l,mcg_status:l,addr:l,misc:l,
+.params = [-b] cpu bank status mcgstatus addr misc,
+.help = inject a MCE on the given CPU [and broadcast to other
CPUs with -b option],
.mhandler.cmd = do_inject_mce,
},
diff --git a/monitor.c b/monitor.c
index d291158..396d5cd 100644
--- a/monitor.c
+++ b/monitor.c
@@ -2671,12 +2671,15 @@ static void do_inject_mce(Monitor *mon, const QDict
*qdict)
uint64_t mcg_status = qdict_get_int(qdict, mcg_status);
uint64_t addr = qdict_get_int(qdict, addr);
uint64_t misc = qdict_get_int(qdict, misc);
+int broadcast = qdict_get_try_bool(qdict, broadcast, 0);
-for (cenv = first_cpu; cenv != NULL; cenv = cenv-next_cpu)
+for (cenv = first_cpu; cenv != NULL; cenv = cenv-next_cpu) {
if (cenv-cpu_index == cpu_index cenv-mcg_cap) {
-cpu_inject_x86_mce(cenv, bank, status, mcg_status, addr, misc);
+cpu_inject_x86_mce(cenv, bank, status, mcg_status, addr, misc,
+ broadcast);
break;
}
+}
}
#endif
diff --git a/target-i386/helper.c b/target-i386/helper.c
index 2c94130..2cfb4a4 100644
--- a/target-i386/helper.c
+++ b/target-i386/helper.c
@@ -1069,18 +1069,34 @@ static void qemu_inject_x86_mce(CPUState *cenv, int
bank, uint64_t status,
}
void cpu_inject_x86_mce(CPUState *cenv, int bank, uint64_t status,
-uint64_t mcg_status, uint64_t addr, uint64_t misc)
+uint64_t mcg_status, uint64_t addr, uint64_t misc,
+int broadcast)
{
unsigned bank_num = cenv-mcg_cap 0xff;
+CPUState *env;
+int flag = 0;
if (bank = bank_num || !(status MCI_STATUS_VAL)) {
return;
}
if (kvm_enabled()) {
-kvm_inject_x86_mce(cenv, bank, status, mcg_status, addr, misc, 0);
+if (broadcast) {
+flag |= MCE_BROADCAST;
+}
+
+kvm_inject_x86_mce(cenv, bank, status, mcg_status, addr, misc, flag);
} else {
qemu_inject_x86_mce(cenv, bank, status, mcg_status, addr, misc);
+if (broadcast) {
+for (env = first_cpu; env != NULL; env = env-next_cpu) {
+if (cenv == env) {
+continue;
+}
+
+qemu_inject_x86_mce(env, 1, 0xa000, 0, 0, 0);
+}
+}
}
}
#endif /* !CONFIG_USER_ONLY */
diff --git a/target-i386/kvm.c b/target-i386/kvm.c
index 4004de7..8b868ad 100644
--- a/target-i386/kvm.c
+++
[Qemu-devel] [PATCH 07/31] kvm: kvm_mce_inj_* subroutines for templated error injections
From: Jin Dongming jin.dongm...@np.css.fujitsu.com
Refactor codes for maintainability.
Signed-off-by: Hidetoshi Seto seto.hideto...@jp.fujitsu.com
Signed-off-by: Jin Dongming jin.dongm...@np.css.fujitsu.com
Signed-off-by: Marcelo Tosatti mtosa...@redhat.com
---
target-i386/kvm.c | 111 ++---
1 files changed, 71 insertions(+), 40 deletions(-)
diff --git a/target-i386/kvm.c b/target-i386/kvm.c
index 5a699fc..ce01e18 100644
--- a/target-i386/kvm.c
+++ b/target-i386/kvm.c
@@ -1722,44 +1722,75 @@ static void kvm_mce_broadcast_rest(CPUState *env)
}
}
}
+
+static void kvm_mce_inj_srar_dataload(CPUState *env, target_phys_addr_t paddr)
+{
+struct kvm_x86_mce mce = {
+.bank = 9,
+.status = MCI_STATUS_VAL | MCI_STATUS_UC | MCI_STATUS_EN
+ | MCI_STATUS_MISCV | MCI_STATUS_ADDRV | MCI_STATUS_S
+ | MCI_STATUS_AR | 0x134,
+.mcg_status = MCG_STATUS_MCIP | MCG_STATUS_EIPV,
+.addr = paddr,
+.misc = (MCM_ADDR_PHYS 6) | 0xc,
+};
+int r;
+
+r = kvm_set_mce(env, mce);
+if (r 0) {
+fprintf(stderr, kvm_set_mce: %s\n, strerror(errno));
+abort();
+}
+kvm_mce_broadcast_rest(env);
+}
+
+static void kvm_mce_inj_srao_memscrub(CPUState *env, target_phys_addr_t paddr)
+{
+struct kvm_x86_mce mce = {
+.bank = 9,
+.status = MCI_STATUS_VAL | MCI_STATUS_UC | MCI_STATUS_EN
+ | MCI_STATUS_MISCV | MCI_STATUS_ADDRV | MCI_STATUS_S
+ | 0xc0,
+.mcg_status = MCG_STATUS_MCIP | MCG_STATUS_RIPV,
+.addr = paddr,
+.misc = (MCM_ADDR_PHYS 6) | 0xc,
+};
+int r;
+
+r = kvm_set_mce(env, mce);
+if (r 0) {
+fprintf(stderr, kvm_set_mce: %s\n, strerror(errno));
+abort();
+}
+kvm_mce_broadcast_rest(env);
+}
+
+static void kvm_mce_inj_srao_memscrub2(CPUState *env, target_phys_addr_t paddr)
+{
+uint64_t status;
+
+status = MCI_STATUS_VAL | MCI_STATUS_UC | MCI_STATUS_EN
+| MCI_STATUS_MISCV | MCI_STATUS_ADDRV | MCI_STATUS_S
+| 0xc0;
+kvm_inject_x86_mce(env, 9, status,
+ MCG_STATUS_MCIP | MCG_STATUS_RIPV, paddr,
+ (MCM_ADDR_PHYS 6) | 0xc, ABORT_ON_ERROR);
+
+kvm_mce_broadcast_rest(env);
+}
+
#endif
int kvm_on_sigbus_vcpu(CPUState *env, int code, void *addr)
{
#if defined(KVM_CAP_MCE)
-struct kvm_x86_mce mce = {
-.bank = 9,
-};
void *vaddr;
ram_addr_t ram_addr;
target_phys_addr_t paddr;
-int r;
if ((env-mcg_cap MCG_SER_P) addr
(code == BUS_MCEERR_AR
|| code == BUS_MCEERR_AO)) {
-if (code == BUS_MCEERR_AR) {
-/* Fake an Intel architectural Data Load SRAR UCR */
-mce.status = MCI_STATUS_VAL | MCI_STATUS_UC | MCI_STATUS_EN
-| MCI_STATUS_MISCV | MCI_STATUS_ADDRV | MCI_STATUS_S
-| MCI_STATUS_AR | 0x134;
-mce.misc = (MCM_ADDR_PHYS 6) | 0xc;
-mce.mcg_status = MCG_STATUS_MCIP | MCG_STATUS_EIPV;
-} else {
-/*
- * If there is an MCE excpetion being processed, ignore
- * this SRAO MCE
- */
-if (kvm_mce_in_progress(env)) {
-return 0;
-}
-/* Fake an Intel architectural Memory scrubbing UCR */
-mce.status = MCI_STATUS_VAL | MCI_STATUS_UC | MCI_STATUS_EN
-| MCI_STATUS_MISCV | MCI_STATUS_ADDRV | MCI_STATUS_S
-| 0xc0;
-mce.misc = (MCM_ADDR_PHYS 6) | 0xc;
-mce.mcg_status = MCG_STATUS_MCIP | MCG_STATUS_RIPV;
-}
vaddr = (void *)addr;
if (qemu_ram_addr_from_host(vaddr, ram_addr) ||
!kvm_physical_memory_addr_from_ram(env-kvm_state, ram_addr,
paddr)) {
@@ -1772,13 +1803,20 @@ int kvm_on_sigbus_vcpu(CPUState *env, int code, void
*addr)
hardware_memory_error();
}
}
-mce.addr = paddr;
-r = kvm_set_mce(env, mce);
-if (r 0) {
-fprintf(stderr, kvm_set_mce: %s\n, strerror(errno));
-abort();
+
+if (code == BUS_MCEERR_AR) {
+/* Fake an Intel architectural Data Load SRAR UCR */
+kvm_mce_inj_srar_dataload(env, paddr);
+} else {
+/*
+ * If there is an MCE excpetion being processed, ignore
+ * this SRAO MCE
+ */
+if (!kvm_mce_in_progress(env)) {
+/* Fake an Intel architectural Memory scrubbing UCR */
+kvm_mce_inj_srao_memscrub(env, paddr);
+}
}
-kvm_mce_broadcast_rest(env);
} else
#endif
{
@@ -1797,7 +1835,6 @@ int kvm_on_sigbus(int code, void *addr)
{
#if defined(KVM_CAP_MCE)
if ((first_cpu-mcg_cap MCG_SER_P) addr code == BUS_MCEERR_AO) {
-uint64_t status;
void
[Qemu-devel] [PATCH 29/31] kvm: Do not use qemu_fair_mutex
From: Jan Kiszka jan.kis...@siemens.com
The imbalance in the hold time of qemu_global_mutex only exists in TCG
mode. In contrast to TCG VCPUs, KVM drops the global lock during guest
execution. We already avoid touching the fairness lock from the
IO-thread in KVM mode, so also stop using it from the VCPU threads.
Signed-off-by: Jan Kiszka jan.kis...@siemens.com
Signed-off-by: Marcelo Tosatti mtosa...@redhat.com
---
cpus.c |2 --
1 files changed, 0 insertions(+), 2 deletions(-)
diff --git a/cpus.c b/cpus.c
index 0309189..4c9928e 100644
--- a/cpus.c
+++ b/cpus.c
@@ -735,9 +735,7 @@ static sigset_t block_io_signals(void)
void qemu_mutex_lock_iothread(void)
{
if (kvm_enabled()) {
-qemu_mutex_lock(qemu_fair_mutex);
qemu_mutex_lock(qemu_global_mutex);
-qemu_mutex_unlock(qemu_fair_mutex);
} else {
qemu_mutex_lock(qemu_fair_mutex);
if (qemu_mutex_trylock(qemu_global_mutex)) {
--
1.7.2.3
[Qemu-devel] [PATCH 14/31] kvm: x86: Swallow KVM_EXIT_SET_TPR
From: Jan Kiszka jan.kis...@siemens.com This exit only triggers activity in the common exit path, but we should accept it in order to be able to detect unknown exit types. Signed-off-by: Jan Kiszka jan.kis...@siemens.com Signed-off-by: Marcelo Tosatti mtosa...@redhat.com --- target-i386/kvm.c |3 +++ 1 files changed, 3 insertions(+), 0 deletions(-) diff --git a/target-i386/kvm.c b/target-i386/kvm.c index fda07d2..0aeb079 100644 --- a/target-i386/kvm.c +++ b/target-i386/kvm.c @@ -1534,6 +1534,9 @@ int kvm_arch_handle_exit(CPUState *env, struct kvm_run *run) DPRINTF(handle_hlt\n); ret = kvm_handle_halt(env); break; +case KVM_EXIT_SET_TPR: +ret = 1; +break; } return ret; -- 1.7.2.3
[Qemu-devel] [PATCH 08/31] kvm: introduce kvm_inject_x86_mce_on
From: Jin Dongming jin.dongm...@np.css.fujitsu.com
Pass a table instead of multiple args.
Note:
kvm_inject_x86_mce(env, bank, status, mcg_status, addr, misc,
abort_on_error);
is equal to:
struct kvm_x86_mce mce = {
.bank = bank,
.status = status,
.mcg_status = mcg_status,
.addr = addr,
.misc = misc,
};
kvm_inject_x86_mce_on(env, mce, abort_on_error);
Signed-off-by: Hidetoshi Seto seto.hideto...@jp.fujitsu.com
Signed-off-by: Jin Dongming jin.dongm...@np.css.fujitsu.com
Signed-off-by: Marcelo Tosatti mtosa...@redhat.com
---
target-i386/kvm.c | 57 +---
1 files changed, 36 insertions(+), 21 deletions(-)
diff --git a/target-i386/kvm.c b/target-i386/kvm.c
index ce01e18..9a4bf98 100644
--- a/target-i386/kvm.c
+++ b/target-i386/kvm.c
@@ -263,6 +263,23 @@ static void kvm_do_inject_x86_mce(void *_data)
}
}
+static void kvm_inject_x86_mce_on(CPUState *env, struct kvm_x86_mce *mce,
+ int flag)
+{
+struct kvm_x86_mce_data data = {
+.env = env,
+.mce = mce,
+.abort_on_error = (flag ABORT_ON_ERROR),
+};
+
+if (!env-mcg_cap) {
+fprintf(stderr, MCE support is not enabled!\n);
+return;
+}
+
+run_on_cpu(env, kvm_do_inject_x86_mce, data);
+}
+
static void kvm_mce_broadcast_rest(CPUState *env);
#endif
@@ -278,21 +295,12 @@ void kvm_inject_x86_mce(CPUState *cenv, int bank,
uint64_t status,
.addr = addr,
.misc = misc,
};
-struct kvm_x86_mce_data data = {
-.env = cenv,
-.mce = mce,
-};
-
-if (!cenv-mcg_cap) {
-fprintf(stderr, MCE support is not enabled!\n);
-return;
-}
if (flag MCE_BROADCAST) {
kvm_mce_broadcast_rest(cenv);
}
-run_on_cpu(cenv, kvm_do_inject_x86_mce, data);
+kvm_inject_x86_mce_on(cenv, mce, flag);
#else
if (flag ABORT_ON_ERROR) {
abort();
@@ -1708,6 +1716,13 @@ static void hardware_memory_error(void)
#ifdef KVM_CAP_MCE
static void kvm_mce_broadcast_rest(CPUState *env)
{
+struct kvm_x86_mce mce = {
+.bank = 1,
+.status = MCI_STATUS_VAL | MCI_STATUS_UC,
+.mcg_status = MCG_STATUS_MCIP | MCG_STATUS_RIPV,
+.addr = 0,
+.misc = 0,
+};
CPUState *cenv;
/* Broadcast MCA signal for processor version 06H_EH and above */
@@ -1716,9 +1731,7 @@ static void kvm_mce_broadcast_rest(CPUState *env)
if (cenv == env) {
continue;
}
-kvm_inject_x86_mce(cenv, 1, MCI_STATUS_VAL | MCI_STATUS_UC,
- MCG_STATUS_MCIP | MCG_STATUS_RIPV, 0, 0,
- ABORT_ON_ERROR);
+kvm_inject_x86_mce_on(cenv, mce, ABORT_ON_ERROR);
}
}
}
@@ -1767,15 +1780,17 @@ static void kvm_mce_inj_srao_memscrub(CPUState *env,
target_phys_addr_t paddr)
static void kvm_mce_inj_srao_memscrub2(CPUState *env, target_phys_addr_t paddr)
{
-uint64_t status;
-
-status = MCI_STATUS_VAL | MCI_STATUS_UC | MCI_STATUS_EN
-| MCI_STATUS_MISCV | MCI_STATUS_ADDRV | MCI_STATUS_S
-| 0xc0;
-kvm_inject_x86_mce(env, 9, status,
- MCG_STATUS_MCIP | MCG_STATUS_RIPV, paddr,
- (MCM_ADDR_PHYS 6) | 0xc, ABORT_ON_ERROR);
+struct kvm_x86_mce mce = {
+.bank = 9,
+.status = MCI_STATUS_VAL | MCI_STATUS_UC | MCI_STATUS_EN
+ | MCI_STATUS_MISCV | MCI_STATUS_ADDRV | MCI_STATUS_S
+ | 0xc0,
+.mcg_status = MCG_STATUS_MCIP | MCG_STATUS_RIPV,
+.addr = paddr,
+.misc = (MCM_ADDR_PHYS 6) | 0xc,
+};
+kvm_inject_x86_mce_on(env, mce, ABORT_ON_ERROR);
kvm_mce_broadcast_rest(env);
}
--
1.7.2.3
[Qemu-devel] [PATCH 18/31] kvm: x86: Align kvm_arch_put_registers code with comment
From: Jan Kiszka jan.kis...@siemens.com
The ordering doesn't matter in this case, but better keep it consistent.
Signed-off-by: Jan Kiszka jan.kis...@siemens.com
Signed-off-by: Marcelo Tosatti mtosa...@redhat.com
---
target-i386/kvm.c |6 +++---
1 files changed, 3 insertions(+), 3 deletions(-)
diff --git a/target-i386/kvm.c b/target-i386/kvm.c
index 0ba13fc..9bb34ab 100644
--- a/target-i386/kvm.c
+++ b/target-i386/kvm.c
@@ -1388,12 +1388,12 @@ int kvm_arch_put_registers(CPUState *env, int level)
if (ret 0) {
return ret;
}
-/* must be last */
-ret = kvm_guest_debug_workarounds(env);
+ret = kvm_put_debugregs(env);
if (ret 0) {
return ret;
}
-ret = kvm_put_debugregs(env);
+/* must be last */
+ret = kvm_guest_debug_workarounds(env);
if (ret 0) {
return ret;
}
--
1.7.2.3
[Qemu-devel] [PATCH 20/31] kvm: x86: Remove redundant mp_state initialization
From: Jan Kiszka jan.kis...@siemens.com kvm_arch_reset_vcpu initializes mp_state, and that function is invoked right after kvm_arch_init_vcpu. Signed-off-by: Jan Kiszka jan.kis...@siemens.com Signed-off-by: Marcelo Tosatti mtosa...@redhat.com --- target-i386/kvm.c |2 -- 1 files changed, 0 insertions(+), 2 deletions(-) diff --git a/target-i386/kvm.c b/target-i386/kvm.c index 531b69e..07c75c0 100644 --- a/target-i386/kvm.c +++ b/target-i386/kvm.c @@ -321,8 +321,6 @@ int kvm_arch_init_vcpu(CPUState *env) uint32_t signature[3]; #endif -env-mp_state = KVM_MP_STATE_RUNNABLE; - env-cpuid_features = kvm_arch_get_supported_cpuid(env, 1, 0, R_EDX); i = env-cpuid_ext_features CPUID_EXT_HYPERVISOR; -- 1.7.2.3
[Qemu-devel] [PATCH 09/31] kvm: x86: Fix DPL write back of segment registers
From: Jan Kiszka jan.kis...@siemens.com The DPL is stored in the flags and not in the selector. In fact, the RPL may differ from the DPL at some point in time, and so we were corrupting the guest state so far. Signed-off-by: Jan Kiszka jan.kis...@siemens.com Signed-off-by: Avi Kivity a...@redhat.com --- target-i386/kvm.c |2 +- 1 files changed, 1 insertions(+), 1 deletions(-) diff --git a/target-i386/kvm.c b/target-i386/kvm.c index 9a4bf98..ee7bdf8 100644 --- a/target-i386/kvm.c +++ b/target-i386/kvm.c @@ -602,7 +602,7 @@ static void set_seg(struct kvm_segment *lhs, const SegmentCache *rhs) lhs-limit = rhs-limit; lhs-type = (flags DESC_TYPE_SHIFT) 15; lhs-present = (flags DESC_P_MASK) != 0; -lhs-dpl = rhs-selector 3; +lhs-dpl = (flags DESC_DPL_SHIFT) 3; lhs-db = (flags DESC_B_SHIFT) 1; lhs-s = (flags DESC_S_MASK) != 0; lhs-l = (flags DESC_L_SHIFT) 1; -- 1.7.2.3
[Qemu-devel] [PATCH 10/31] kvm: x86: Remove obsolete SS.RPL/DPL aligment
From: Jan Kiszka jan.kis...@siemens.com
This seems to date back to the days KVM didn't support real mode. The
check is no longer needed and, even worse, is corrupting the guest state
in case SS.RPL != DPL.
Signed-off-by: Jan Kiszka jan.kis...@siemens.com
Signed-off-by: Avi Kivity a...@redhat.com
---
target-i386/kvm.c |7 ---
1 files changed, 0 insertions(+), 7 deletions(-)
diff --git a/target-i386/kvm.c b/target-i386/kvm.c
index ee7bdf8..7e5982b 100644
--- a/target-i386/kvm.c
+++ b/target-i386/kvm.c
@@ -780,13 +780,6 @@ static int kvm_put_sregs(CPUState *env)
set_seg(sregs.fs, env-segs[R_FS]);
set_seg(sregs.gs, env-segs[R_GS]);
set_seg(sregs.ss, env-segs[R_SS]);
-
- if (env-cr[0] CR0_PE_MASK) {
- /* force ss cpl to cs cpl */
- sregs.ss.selector = (sregs.ss.selector ~3) |
- (sregs.cs.selector 3);
- sregs.ss.dpl = sregs.ss.selector 3;
- }
}
set_seg(sregs.tr, env-tr);
--
1.7.2.3
[Qemu-devel] [PATCH 27/31] kvm: x86: Rework identity map and TSS setup for larger BIOS sizes
From: Jan Kiszka jan.kis...@siemens.com
In order to support loading BIOSes 256K, reorder the code, adjusting
the base if the kernel supports moving the identity map.
Signed-off-by: Jan Kiszka jan.kis...@siemens.com
Signed-off-by: Marcelo Tosatti mtosa...@redhat.com
---
target-i386/kvm.c | 63 +---
1 files changed, 30 insertions(+), 33 deletions(-)
diff --git a/target-i386/kvm.c b/target-i386/kvm.c
index 1db8227..72f9fdf 100644
--- a/target-i386/kvm.c
+++ b/target-i386/kvm.c
@@ -493,27 +493,9 @@ static int kvm_get_supported_msrs(KVMState *s)
return ret;
}
-static int kvm_init_identity_map_page(KVMState *s)
-{
-#ifdef KVM_CAP_SET_IDENTITY_MAP_ADDR
-int ret;
-uint64_t addr = 0xfffbc000;
-
-if (!kvm_check_extension(s, KVM_CAP_SET_IDENTITY_MAP_ADDR)) {
-return 0;
-}
-
-ret = kvm_vm_ioctl(s, KVM_SET_IDENTITY_MAP_ADDR, addr);
-if (ret 0) {
-fprintf(stderr, kvm_set_identity_map_addr: %s\n, strerror(ret));
-return ret;
-}
-#endif
-return 0;
-}
-
int kvm_arch_init(KVMState *s)
{
+uint64_t identity_base = 0xfffbc000;
int ret;
struct utsname utsname;
@@ -525,27 +507,42 @@ int kvm_arch_init(KVMState *s)
uname(utsname);
lm_capable_kernel = strcmp(utsname.machine, x86_64) == 0;
-/* create vm86 tss. KVM uses vm86 mode to emulate 16-bit code
- * directly. In order to use vm86 mode, a TSS is needed. Since this
- * must be part of guest physical memory, we need to allocate it. */
-
-/* this address is 3 pages before the bios, and the bios should present
- * as unavaible memory. FIXME, need to ensure the e820 map deals with
- * this?
- */
/*
- * Tell fw_cfg to notify the BIOS to reserve the range.
+ * On older Intel CPUs, KVM uses vm86 mode to emulate 16-bit code directly.
+ * In order to use vm86 mode, an EPT identity map and a TSS are needed.
+ * Since these must be part of guest physical memory, we need to allocate
+ * them, both by setting their start addresses in the kernel and by
+ * creating a corresponding e820 entry. We need 4 pages before the BIOS.
+ *
+ * Older KVM versions may not support setting the identity map base. In
+ * that case we need to stick with the default, i.e. a 256K maximum BIOS
+ * size.
*/
-if (e820_add_entry(0xfffbc000, 0x4000, E820_RESERVED) 0) {
-perror(e820_add_entry() table is full);
-exit(1);
+#ifdef KVM_CAP_SET_IDENTITY_MAP_ADDR
+if (kvm_check_extension(s, KVM_CAP_SET_IDENTITY_MAP_ADDR)) {
+/* Allows up to 16M BIOSes. */
+identity_base = 0xfeffc000;
+
+ret = kvm_vm_ioctl(s, KVM_SET_IDENTITY_MAP_ADDR, identity_base);
+if (ret 0) {
+return ret;
+}
}
-ret = kvm_vm_ioctl(s, KVM_SET_TSS_ADDR, 0xfffbd000);
+#endif
+/* Set TSS base one page after EPT identity map. */
+ret = kvm_vm_ioctl(s, KVM_SET_TSS_ADDR, identity_base + 0x1000);
+if (ret 0) {
+return ret;
+}
+
+/* Tell fw_cfg to notify the BIOS to reserve the range. */
+ret = e820_add_entry(identity_base, 0x4000, E820_RESERVED);
if (ret 0) {
+fprintf(stderr, e820_add_entry() table is full\n);
return ret;
}
-return kvm_init_identity_map_page(s);
+return 0;
}
static void set_v8086_seg(struct kvm_segment *lhs, const SegmentCache *rhs)
--
1.7.2.3
[Qemu-devel] [PATCH 21/31] kvm: x86: Fix xcr0 reset mismerge
From: Jan Kiszka jan.kis...@siemens.com
For unknown reasons, xcr0 reset ended up in kvm_arch_update_guest_debug
on upstream merge. Fix this and also remove the misleading comment (1 is
THE reset value).
Signed-off-by: Jan Kiszka jan.kis...@siemens.com
Signed-off-by: Marcelo Tosatti mtosa...@redhat.com
---
target-i386/kvm.c |3 +--
1 files changed, 1 insertions(+), 2 deletions(-)
diff --git a/target-i386/kvm.c b/target-i386/kvm.c
index 07c75c0..c4a22dd 100644
--- a/target-i386/kvm.c
+++ b/target-i386/kvm.c
@@ -450,6 +450,7 @@ void kvm_arch_reset_vcpu(CPUState *env)
env-interrupt_injected = -1;
env-nmi_injected = 0;
env-nmi_pending = 0;
+env-xcr0 = 1;
if (kvm_irqchip_in_kernel()) {
env-mp_state = cpu_is_bsp(env) ? KVM_MP_STATE_RUNNABLE :
KVM_MP_STATE_UNINITIALIZED;
@@ -1759,8 +1760,6 @@ void kvm_arch_update_guest_debug(CPUState *env, struct
kvm_guest_debug *dbg)
((uint32_t)len_code[hw_breakpoint[n].len] (18 + n*4));
}
}
-/* Legal xcr0 for loading */
-env-xcr0 = 1;
}
#endif /* KVM_CAP_SET_GUEST_DEBUG */
--
1.7.2.3
[Qemu-devel] [PATCH 16/31] kvm: Improve reporting of fatal errors
From: Jan Kiszka jan.kis...@siemens.com
Report KVM_EXIT_UNKNOWN, KVM_EXIT_FAIL_ENTRY, and KVM_EXIT_EXCEPTION
with more details to stderr. The latter two are so far x86-only, so move
them into the arch-specific handler. Integrate the Intel real mode
warning on KVM_EXIT_FAIL_ENTRY that qemu-kvm carries, but actually
restrict it to Intel CPUs. Moreover, always dump the CPU state in case
we fail.
Signed-off-by: Jan Kiszka jan.kis...@siemens.com
Signed-off-by: Marcelo Tosatti mtosa...@redhat.com
---
kvm-all.c | 22 --
target-i386/cpu.h |2 ++
target-i386/cpuid.c |5 ++---
target-i386/kvm.c | 33 +
4 files changed, 45 insertions(+), 17 deletions(-)
diff --git a/kvm-all.c b/kvm-all.c
index eaf9272..10e1194 100644
--- a/kvm-all.c
+++ b/kvm-all.c
@@ -817,22 +817,22 @@ static int kvm_handle_io(uint16_t port, void *data, int
direction, int size,
#ifdef KVM_CAP_INTERNAL_ERROR_DATA
static int kvm_handle_internal_error(CPUState *env, struct kvm_run *run)
{
-
+fprintf(stderr, KVM internal error.);
if (kvm_check_extension(kvm_state, KVM_CAP_INTERNAL_ERROR_DATA)) {
int i;
-fprintf(stderr, KVM internal error. Suberror: %d\n,
-run-internal.suberror);
-
+fprintf(stderr, Suberror: %d\n, run-internal.suberror);
for (i = 0; i run-internal.ndata; ++i) {
fprintf(stderr, extra data[%d]: %PRIx64\n,
i, (uint64_t)run-internal.data[i]);
}
+} else {
+fprintf(stderr, \n);
}
-cpu_dump_state(env, stderr, fprintf, 0);
if (run-internal.suberror == KVM_INTERNAL_ERROR_EMULATION) {
fprintf(stderr, emulation failure\n);
if (!kvm_arch_stop_on_emulation_error(env)) {
+cpu_dump_state(env, stderr, fprintf, 0);
return 0;
}
}
@@ -966,15 +966,8 @@ int kvm_cpu_exec(CPUState *env)
ret = 1;
break;
case KVM_EXIT_UNKNOWN:
-DPRINTF(kvm_exit_unknown\n);
-ret = -1;
-break;
-case KVM_EXIT_FAIL_ENTRY:
-DPRINTF(kvm_exit_fail_entry\n);
-ret = -1;
-break;
-case KVM_EXIT_EXCEPTION:
-DPRINTF(kvm_exit_exception\n);
+fprintf(stderr, KVM: unknown exit, hardware reason % PRIx64 \n,
+(uint64_t)run-hw.hardware_exit_reason);
ret = -1;
break;
#ifdef KVM_CAP_INTERNAL_ERROR_DATA
@@ -1001,6 +994,7 @@ int kvm_cpu_exec(CPUState *env)
} while (ret 0);
if (ret 0) {
+cpu_dump_state(env, stderr, fprintf, 0);
vm_stop(0);
env-exit_request = 1;
}
diff --git a/target-i386/cpu.h b/target-i386/cpu.h
index dddcd74..a457423 100644
--- a/target-i386/cpu.h
+++ b/target-i386/cpu.h
@@ -874,6 +874,8 @@ void cpu_x86_cpuid(CPUX86State *env, uint32_t index,
uint32_t count,
uint32_t *ecx, uint32_t *edx);
int cpu_x86_register (CPUX86State *env, const char *cpu_model);
void cpu_clear_apic_feature(CPUX86State *env);
+void host_cpuid(uint32_t function, uint32_t count,
+uint32_t *eax, uint32_t *ebx, uint32_t *ecx, uint32_t *edx);
/* helper.c */
int cpu_x86_handle_mmu_fault(CPUX86State *env, target_ulong addr,
diff --git a/target-i386/cpuid.c b/target-i386/cpuid.c
index 165045e..5382a28 100644
--- a/target-i386/cpuid.c
+++ b/target-i386/cpuid.c
@@ -103,9 +103,8 @@ typedef struct model_features_t {
int check_cpuid = 0;
int enforce_cpuid = 0;
-static void host_cpuid(uint32_t function, uint32_t count,
- uint32_t *eax, uint32_t *ebx,
- uint32_t *ecx, uint32_t *edx)
+void host_cpuid(uint32_t function, uint32_t count,
+uint32_t *eax, uint32_t *ebx, uint32_t *ecx, uint32_t *edx)
{
#if defined(CONFIG_KVM)
uint32_t vec[4];
diff --git a/target-i386/kvm.c b/target-i386/kvm.c
index 6b4abaa..0ba13fc 100644
--- a/target-i386/kvm.c
+++ b/target-i386/kvm.c
@@ -1525,8 +1525,19 @@ static int kvm_handle_halt(CPUState *env)
return 1;
}
+static bool host_supports_vmx(void)
+{
+uint32_t ecx, unused;
+
+host_cpuid(1, 0, unused, unused, ecx, unused);
+return ecx CPUID_EXT_VMX;
+}
+
+#define VMX_INVALID_GUEST_STATE 0x8021
+
int kvm_arch_handle_exit(CPUState *env, struct kvm_run *run)
{
+uint64_t code;
int ret = 0;
switch (run-exit_reason) {
@@ -1537,6 +1548,28 @@ int kvm_arch_handle_exit(CPUState *env, struct kvm_run
*run)
case KVM_EXIT_SET_TPR:
ret = 1;
break;
+case KVM_EXIT_FAIL_ENTRY:
+code = run-fail_entry.hardware_entry_failure_reason;
+fprintf(stderr, KVM: entry failed, hardware error 0x% PRIx64 \n,
+code);
+if (host_supports_vmx() code == VMX_INVALID_GUEST_STATE) {
+fprintf(stderr,
+\nIf you're runnning a guest on an Intel machine without
+
[Qemu-devel] [PATCH 25/31] kvm: Drop smp_cpus argument from init functions
From: Jan Kiszka jan.kis...@siemens.com
No longer used.
Signed-off-by: Jan Kiszka jan.kis...@siemens.com
Signed-off-by: Marcelo Tosatti mtosa...@redhat.com
---
kvm-all.c |4 ++--
kvm-stub.c |2 +-
kvm.h |4 ++--
target-i386/kvm.c |2 +-
target-ppc/kvm.c |2 +-
target-s390x/kvm.c |2 +-
vl.c |2 +-
7 files changed, 9 insertions(+), 9 deletions(-)
diff --git a/kvm-all.c b/kvm-all.c
index 41decde..8053f92 100644
--- a/kvm-all.c
+++ b/kvm-all.c
@@ -636,7 +636,7 @@ static CPUPhysMemoryClient kvm_cpu_phys_memory_client = {
.migration_log = kvm_client_migration_log,
};
-int kvm_init(int smp_cpus)
+int kvm_init(void)
{
static const char upgrade_note[] =
Please upgrade to at least kernel 2.6.29 or recent kvm-kmod\n
@@ -749,7 +749,7 @@ int kvm_init(int smp_cpus)
s-xcrs = kvm_check_extension(s, KVM_CAP_XCRS);
#endif
-ret = kvm_arch_init(s, smp_cpus);
+ret = kvm_arch_init(s);
if (ret 0) {
goto err;
}
diff --git a/kvm-stub.c b/kvm-stub.c
index 33d4476..88682f2 100644
--- a/kvm-stub.c
+++ b/kvm-stub.c
@@ -58,7 +58,7 @@ int kvm_check_extension(KVMState *s, unsigned int extension)
return 0;
}
-int kvm_init(int smp_cpus)
+int kvm_init(void)
{
return -ENOSYS;
}
diff --git a/kvm.h b/kvm.h
index ce08d42..a971752 100644
--- a/kvm.h
+++ b/kvm.h
@@ -34,7 +34,7 @@ struct kvm_run;
/* external API */
-int kvm_init(int smp_cpus);
+int kvm_init(void);
int kvm_has_sync_mmu(void);
int kvm_has_vcpu_events(void);
@@ -105,7 +105,7 @@ int kvm_arch_get_registers(CPUState *env);
int kvm_arch_put_registers(CPUState *env, int level);
-int kvm_arch_init(KVMState *s, int smp_cpus);
+int kvm_arch_init(KVMState *s);
int kvm_arch_init_vcpu(CPUState *env);
diff --git a/target-i386/kvm.c b/target-i386/kvm.c
index feaf33d..016b67d 100644
--- a/target-i386/kvm.c
+++ b/target-i386/kvm.c
@@ -527,7 +527,7 @@ static int kvm_init_identity_map_page(KVMState *s)
return 0;
}
-int kvm_arch_init(KVMState *s, int smp_cpus)
+int kvm_arch_init(KVMState *s)
{
int ret;
struct utsname utsname;
diff --git a/target-ppc/kvm.c b/target-ppc/kvm.c
index 849b404..3c05630 100644
--- a/target-ppc/kvm.c
+++ b/target-ppc/kvm.c
@@ -56,7 +56,7 @@ static void kvm_kick_env(void *env)
qemu_cpu_kick(env);
}
-int kvm_arch_init(KVMState *s, int smp_cpus)
+int kvm_arch_init(KVMState *s)
{
#ifdef KVM_CAP_PPC_UNSET_IRQ
cap_interrupt_unset = kvm_check_extension(s, KVM_CAP_PPC_UNSET_IRQ);
diff --git a/target-s390x/kvm.c b/target-s390x/kvm.c
index adf4a9e..b177e10 100644
--- a/target-s390x/kvm.c
+++ b/target-s390x/kvm.c
@@ -70,7 +70,7 @@
#define SCLP_CMDW_READ_SCP_INFO 0x00020001
#define SCLP_CMDW_READ_SCP_INFO_FORCED 0x00120001
-int kvm_arch_init(KVMState *s, int smp_cpus)
+int kvm_arch_init(KVMState *s)
{
return 0;
}
diff --git a/vl.c b/vl.c
index 0292184..33f844f 100644
--- a/vl.c
+++ b/vl.c
@@ -2836,7 +2836,7 @@ int main(int argc, char **argv, char **envp)
}
if (kvm_allowed) {
-int ret = kvm_init(smp_cpus);
+int ret = kvm_init();
if (ret 0) {
if (!kvm_available()) {
printf(KVM not supported for this target\n);
--
1.7.2.3
[Qemu-devel] [PATCH 23/31] kvm: x86: Reset paravirtual MSRs
From: Jan Kiszka jan.kis...@siemens.com
Make sure to write the cleared MSR_KVM_SYSTEM_TIME, MSR_KVM_WALL_CLOCK,
and MSR_KVM_ASYNC_PF_EN to the kernel state so that a freshly booted
guest cannot be disturbed by old values.
Signed-off-by: Jan Kiszka jan.kis...@siemens.com
CC: Glauber Costa glom...@redhat.com
Signed-off-by: Marcelo Tosatti mtosa...@redhat.com
---
target-i386/kvm.c |7 +++
1 files changed, 7 insertions(+), 0 deletions(-)
diff --git a/target-i386/kvm.c b/target-i386/kvm.c
index 454ddb1..825af42 100644
--- a/target-i386/kvm.c
+++ b/target-i386/kvm.c
@@ -845,6 +845,13 @@ static int kvm_put_msrs(CPUState *env, int level)
if (smp_cpus == 1 || env-tsc != 0) {
kvm_msr_entry_set(msrs[n++], MSR_IA32_TSC, env-tsc);
}
+}
+/*
+ * The following paravirtual MSRs have side effects on the guest or are
+ * too heavy for normal writeback. Limit them to reset or full state
+ * updates.
+ */
+if (level = KVM_PUT_RESET_STATE) {
kvm_msr_entry_set(msrs[n++], MSR_KVM_SYSTEM_TIME,
env-system_time_msr);
kvm_msr_entry_set(msrs[n++], MSR_KVM_WALL_CLOCK, env-wall_clock_msr);
--
1.7.2.3
[Qemu-devel] [PATCH] block: Use backing format driver during image creation
The backing format should be honored during image creation. For some
reason we currently use the image format to open the backing file. This
fails when the backing file has a different format than the image being
created. Keep the image and backing format drivers completely separate.
Also print the backing filename if there is an error opening the backing
file instead of the image filename.
Signed-off-by: Stefan Hajnoczi stefa...@linux.vnet.ibm.com
---
block.c |8 +---
1 files changed, 5 insertions(+), 3 deletions(-)
diff --git a/block.c b/block.c
index ff2795b..7ad3ddf 100644
--- a/block.c
+++ b/block.c
@@ -2778,6 +2778,7 @@ int bdrv_img_create(const char *filename, const char *fmt,
QEMUOptionParameter *backing_fmt, *backing_file;
BlockDriverState *bs = NULL;
BlockDriver *drv, *proto_drv;
+BlockDriver *backing_drv = NULL;
int ret = 0;
/* Find driver and parse its options */
@@ -2846,7 +2847,8 @@ int bdrv_img_create(const char *filename, const char *fmt,
backing_fmt = get_option_parameter(param, BLOCK_OPT_BACKING_FMT);
if (backing_fmt backing_fmt-value.s) {
-if (!bdrv_find_format(backing_fmt-value.s)) {
+backing_drv = bdrv_find_format(backing_fmt-value.s);
+if (!backing_drv) {
error_report(Unknown backing file format '%s',
backing_fmt-value.s);
ret = -EINVAL;
@@ -2863,9 +2865,9 @@ int bdrv_img_create(const char *filename, const char *fmt,
bs = bdrv_new();
-ret = bdrv_open(bs, backing_file-value.s, flags, drv);
+ret = bdrv_open(bs, backing_file-value.s, flags, backing_drv);
if (ret 0) {
-error_report(Could not open '%s', filename);
+error_report(Could not open '%s', backing_file-value.s);
goto out;
}
bdrv_get_geometry(bs, size);
--
1.7.2.3
[Qemu-devel] [PATCH 06/31] kvm: introduce kvm_mce_in_progress
From: Jin Dongming jin.dongm...@np.css.fujitsu.com
Share same error handing, and rename this function after
MCIP (Machine Check In Progress) flag.
Signed-off-by: Hidetoshi Seto seto.hideto...@jp.fujitsu.com
Signed-off-by: Jin Dongming jin.dongm...@np.css.fujitsu.com
Signed-off-by: Marcelo Tosatti mtosa...@redhat.com
---
target-i386/kvm.c | 15 +--
1 files changed, 5 insertions(+), 10 deletions(-)
diff --git a/target-i386/kvm.c b/target-i386/kvm.c
index 2115a58..5a699fc 100644
--- a/target-i386/kvm.c
+++ b/target-i386/kvm.c
@@ -219,7 +219,7 @@ static int kvm_get_msr(CPUState *env, struct kvm_msr_entry
*msrs, int n)
}
/* FIXME: kill this and kvm_get_msr, use env-mcg_status instead */
-static int kvm_mce_in_exception(CPUState *env)
+static int kvm_mce_in_progress(CPUState *env)
{
struct kvm_msr_entry msr_mcg_status = {
.index = MSR_MCG_STATUS,
@@ -228,7 +228,8 @@ static int kvm_mce_in_exception(CPUState *env)
r = kvm_get_msr(env, msr_mcg_status, 1);
if (r == -1 || r == 0) {
-return -1;
+fprintf(stderr, Failed to get MCE status\n);
+return 0;
}
return !!(msr_mcg_status.data MCG_STATUS_MCIP);
}
@@ -248,10 +249,7 @@ static void kvm_do_inject_x86_mce(void *_data)
/* If there is an MCE exception being processed, ignore this SRAO MCE */
if ((data-env-mcg_cap MCG_SER_P)
!(data-mce-status MCI_STATUS_AR)) {
-r = kvm_mce_in_exception(data-env);
-if (r == -1) {
-fprintf(stderr, Failed to get MCE status\n);
-} else if (r) {
+if (kvm_mce_in_progress(data-env)) {
return;
}
}
@@ -1752,10 +1750,7 @@ int kvm_on_sigbus_vcpu(CPUState *env, int code, void
*addr)
* If there is an MCE excpetion being processed, ignore
* this SRAO MCE
*/
-r = kvm_mce_in_exception(env);
-if (r == -1) {
-fprintf(stderr, Failed to get MCE status\n);
-} else if (r) {
+if (kvm_mce_in_progress(env)) {
return 0;
}
/* Fake an Intel architectural Memory scrubbing UCR */
--
1.7.2.3
[Qemu-devel] [PATCH 12/31] kvm: x86: Fix a few coding style violations
From: Jan Kiszka jan.kis...@siemens.com
No functional changes.
Signed-off-by: Jan Kiszka jan.kis...@siemens.com
Signed-off-by: Avi Kivity a...@redhat.com
---
target-i386/kvm.c | 335 +
1 files changed, 182 insertions(+), 153 deletions(-)
diff --git a/target-i386/kvm.c b/target-i386/kvm.c
index 85edacc..fda07d2 100644
--- a/target-i386/kvm.c
+++ b/target-i386/kvm.c
@@ -150,34 +150,34 @@ uint32_t kvm_arch_get_supported_cpuid(CPUState *env,
uint32_t function,
#ifdef CONFIG_KVM_PARA
struct kvm_para_features {
-int cap;
-int feature;
+int cap;
+int feature;
} para_features[] = {
#ifdef KVM_CAP_CLOCKSOURCE
-{ KVM_CAP_CLOCKSOURCE, KVM_FEATURE_CLOCKSOURCE },
+{ KVM_CAP_CLOCKSOURCE, KVM_FEATURE_CLOCKSOURCE },
#endif
#ifdef KVM_CAP_NOP_IO_DELAY
-{ KVM_CAP_NOP_IO_DELAY, KVM_FEATURE_NOP_IO_DELAY },
+{ KVM_CAP_NOP_IO_DELAY, KVM_FEATURE_NOP_IO_DELAY },
#endif
#ifdef KVM_CAP_PV_MMU
-{ KVM_CAP_PV_MMU, KVM_FEATURE_MMU_OP },
+{ KVM_CAP_PV_MMU, KVM_FEATURE_MMU_OP },
#endif
#ifdef KVM_CAP_ASYNC_PF
-{ KVM_CAP_ASYNC_PF, KVM_FEATURE_ASYNC_PF },
+{ KVM_CAP_ASYNC_PF, KVM_FEATURE_ASYNC_PF },
#endif
-{ -1, -1 }
+{ -1, -1 }
};
static int get_para_features(CPUState *env)
{
-int i, features = 0;
+int i, features = 0;
-for (i = 0; i ARRAY_SIZE(para_features) - 1; i++) {
-if (kvm_check_extension(env-kvm_state, para_features[i].cap))
-features |= (1 para_features[i].feature);
+for (i = 0; i ARRAY_SIZE(para_features) - 1; i++) {
+if (kvm_check_extension(env-kvm_state, para_features[i].cap)) {
+features |= (1 para_features[i].feature);
}
-
-return features;
+}
+return features;
}
#endif
@@ -389,13 +389,15 @@ int kvm_arch_init_vcpu(CPUState *env)
c-index = j;
cpu_x86_cpuid(env, i, j, c-eax, c-ebx, c-ecx, c-edx);
-if (i == 4 c-eax == 0)
+if (i == 4 c-eax == 0) {
break;
-if (i == 0xb !(c-ecx 0xff00))
+}
+if (i == 0xb !(c-ecx 0xff00)) {
break;
-if (i == 0xd c-eax == 0)
+}
+if (i == 0xd c-eax == 0) {
break;
-
+}
c = cpuid_data.entries[cpuid_i++];
}
break;
@@ -425,17 +427,18 @@ int kvm_arch_init_vcpu(CPUState *env)
uint64_t mcg_cap;
int banks;
-if (kvm_get_mce_cap_supported(env-kvm_state, mcg_cap, banks))
+if (kvm_get_mce_cap_supported(env-kvm_state, mcg_cap, banks)) {
perror(kvm_get_mce_cap_supported FAILED);
-else {
+} else {
if (banks MCE_BANKS_DEF)
banks = MCE_BANKS_DEF;
mcg_cap = MCE_CAP_DEF;
mcg_cap |= banks;
-if (kvm_setup_mce(env, mcg_cap))
+if (kvm_setup_mce(env, mcg_cap)) {
perror(kvm_setup_mce FAILED);
-else
+} else {
env-mcg_cap = mcg_cap;
+}
}
}
#endif
@@ -577,7 +580,7 @@ int kvm_arch_init(KVMState *s, int smp_cpus)
return kvm_init_identity_map_page(s);
}
-
+
static void set_v8086_seg(struct kvm_segment *lhs, const SegmentCache *rhs)
{
lhs-selector = rhs-selector;
@@ -616,23 +619,23 @@ static void get_seg(SegmentCache *lhs, const struct
kvm_segment *rhs)
lhs-selector = rhs-selector;
lhs-base = rhs-base;
lhs-limit = rhs-limit;
-lhs-flags =
- (rhs-type DESC_TYPE_SHIFT)
- | (rhs-present * DESC_P_MASK)
- | (rhs-dpl DESC_DPL_SHIFT)
- | (rhs-db DESC_B_SHIFT)
- | (rhs-s * DESC_S_MASK)
- | (rhs-l DESC_L_SHIFT)
- | (rhs-g * DESC_G_MASK)
- | (rhs-avl * DESC_AVL_MASK);
+lhs-flags = (rhs-type DESC_TYPE_SHIFT) |
+ (rhs-present * DESC_P_MASK) |
+ (rhs-dpl DESC_DPL_SHIFT) |
+ (rhs-db DESC_B_SHIFT) |
+ (rhs-s * DESC_S_MASK) |
+ (rhs-l DESC_L_SHIFT) |
+ (rhs-g * DESC_G_MASK) |
+ (rhs-avl * DESC_AVL_MASK);
}
static void kvm_getput_reg(__u64 *kvm_reg, target_ulong *qemu_reg, int set)
{
-if (set)
+if (set) {
*kvm_reg = *qemu_reg;
-else
+} else {
*qemu_reg = *kvm_reg;
+}
}
static int kvm_getput_regs(CPUState *env, int set)
@@ -642,8 +645,9 @@ static int kvm_getput_regs(CPUState *env, int set)
if (!set) {
ret = kvm_vcpu_ioctl(env, KVM_GET_REGS, regs);
-if (ret 0)
+if (ret 0) {
return ret;
+}
}
kvm_getput_reg(regs.rax, env-regs[R_EAX], set);
@@ -668,8 +672,9 @@ static int kvm_getput_regs(CPUState *env, int set)
[Qemu-devel] [PATCH 26/31] kvm: Consolidate must-have capability checks
From: Jan Kiszka jan.kis...@siemens.com
Instead of splattering the code with #ifdefs and runtime checks for
capabilities we cannot work without anyway, provide central test
infrastructure for verifying their availability both at build and
runtime.
Signed-off-by: Jan Kiszka jan.kis...@siemens.com
Signed-off-by: Marcelo Tosatti mtosa...@redhat.com
---
configure | 39 --
kvm-all.c | 67 +---
kvm.h | 10 +++
target-i386/kvm.c | 39 ++
target-ppc/kvm.c |4 +++
target-s390x/kvm.c |4 +++
6 files changed, 79 insertions(+), 84 deletions(-)
diff --git a/configure b/configure
index 9a02d1f..4673bf0 100755
--- a/configure
+++ b/configure
@@ -1662,18 +1662,31 @@ if test $kvm != no ; then
#if !defined(KVM_API_VERSION) || KVM_API_VERSION 12 || KVM_API_VERSION 12
#error Invalid KVM version
#endif
-#if !defined(KVM_CAP_USER_MEMORY)
-#error Missing KVM capability KVM_CAP_USER_MEMORY
-#endif
-#if !defined(KVM_CAP_SET_TSS_ADDR)
-#error Missing KVM capability KVM_CAP_SET_TSS_ADDR
-#endif
-#if !defined(KVM_CAP_DESTROY_MEMORY_REGION_WORKS)
-#error Missing KVM capability KVM_CAP_DESTROY_MEMORY_REGION_WORKS
-#endif
-#if !defined(KVM_CAP_USER_NMI)
-#error Missing KVM capability KVM_CAP_USER_NMI
+EOF
+must_have_caps=KVM_CAP_USER_MEMORY \
+KVM_CAP_DESTROY_MEMORY_REGION_WORKS \
+KVM_CAP_COALESCED_MMIO \
+KVM_CAP_SYNC_MMU \
+
+if test \( $cpu = i386 -o $cpu = x86_64 \) ; then
+ must_have_caps=$caps \
+ KVM_CAP_SET_TSS_ADDR \
+ KVM_CAP_EXT_CPUID \
+ KVM_CAP_CLOCKSOURCE \
+ KVM_CAP_NOP_IO_DELAY \
+ KVM_CAP_PV_MMU \
+ KVM_CAP_MP_STATE \
+ KVM_CAP_USER_NMI \
+
+fi
+for c in $must_have_caps ; do
+ cat $TMPC EOF
+#if !defined($c)
+#error Missing KVM capability $c
#endif
+EOF
+done
+cat $TMPC EOF
int main(void) { return 0; }
EOF
if test $kerneldir != ; then
@@ -1708,8 +1721,8 @@ EOF
| awk -F error: '{if (NR1) printf(, ); printf(%s,$2);}'`
if test $kvmerr != ; then
echo -e ${kvmerr}\n\
- NOTE: To enable KVM support, update your kernel to 2.6.29+ or install \
- recent kvm-kmod from http://sourceforge.net/projects/kvm.;
+NOTE: To enable KVM support, update your kernel to 2.6.29+ or install \
+recent kvm-kmod from http://sourceforge.net/projects/kvm.;
fi
fi
feature_not_found kvm
diff --git a/kvm-all.c b/kvm-all.c
index 8053f92..3a1f63b 100644
--- a/kvm-all.c
+++ b/kvm-all.c
@@ -63,9 +63,7 @@ struct KVMState
int fd;
int vmfd;
int coalesced_mmio;
-#ifdef KVM_CAP_COALESCED_MMIO
struct kvm_coalesced_mmio_ring *coalesced_mmio_ring;
-#endif
int broken_set_mem_region;
int migration_log;
int vcpu_events;
@@ -82,6 +80,12 @@ struct KVMState
static KVMState *kvm_state;
+static const KVMCapabilityInfo kvm_required_capabilites[] = {
+KVM_CAP_INFO(USER_MEMORY),
+KVM_CAP_INFO(DESTROY_MEMORY_REGION_WORKS),
+KVM_CAP_LAST_INFO
+};
+
static KVMSlot *kvm_alloc_slot(KVMState *s)
{
int i;
@@ -227,12 +231,10 @@ int kvm_init_vcpu(CPUState *env)
goto err;
}
-#ifdef KVM_CAP_COALESCED_MMIO
if (s-coalesced_mmio !s-coalesced_mmio_ring) {
s-coalesced_mmio_ring =
(void *)env-kvm_run + s-coalesced_mmio * PAGE_SIZE;
}
-#endif
ret = kvm_arch_init_vcpu(env);
if (ret == 0) {
@@ -401,7 +403,6 @@ static int
kvm_physical_sync_dirty_bitmap(target_phys_addr_t start_addr,
int kvm_coalesce_mmio_region(target_phys_addr_t start, ram_addr_t size)
{
int ret = -ENOSYS;
-#ifdef KVM_CAP_COALESCED_MMIO
KVMState *s = kvm_state;
if (s-coalesced_mmio) {
@@ -412,7 +413,6 @@ int kvm_coalesce_mmio_region(target_phys_addr_t start,
ram_addr_t size)
ret = kvm_vm_ioctl(s, KVM_REGISTER_COALESCED_MMIO, zone);
}
-#endif
return ret;
}
@@ -420,7 +420,6 @@ int kvm_coalesce_mmio_region(target_phys_addr_t start,
ram_addr_t size)
int kvm_uncoalesce_mmio_region(target_phys_addr_t start, ram_addr_t size)
{
int ret = -ENOSYS;
-#ifdef KVM_CAP_COALESCED_MMIO
KVMState *s = kvm_state;
if (s-coalesced_mmio) {
@@ -431,7 +430,6 @@ int kvm_uncoalesce_mmio_region(target_phys_addr_t start,
ram_addr_t size)
ret = kvm_vm_ioctl(s, KVM_UNREGISTER_COALESCED_MMIO, zone);
}
-#endif
return ret;
}
@@ -481,6 +479,18 @@ static int kvm_check_many_ioeventfds(void)
#endif
}
+static const KVMCapabilityInfo *
+kvm_check_extension_list(KVMState *s, const KVMCapabilityInfo *list)
+{
+while (list-name) {
+if (!kvm_check_extension(s, list-value)) {
+return list;
+}
+list++;
+}
+
[Qemu-devel] [PATCH 1/2] ignore patch related files
Signed-off-by: Mike Frysinger vap...@gentoo.org --- .gitignore |4 1 files changed, 4 insertions(+), 0 deletions(-) diff --git a/.gitignore b/.gitignore index 3efb4ec..dadb01a 100644 --- a/.gitignore +++ b/.gitignore @@ -53,6 +53,10 @@ QMP/qmp-commands.txt *.o .pc patches +*.diff +*.patch +*.rej +*.orig pc-bios/bios-pq/status pc-bios/vgabios-pq/status pc-bios/optionrom/linuxboot.bin -- 1.7.4.rc2
[Qemu-devel] [PATCH v2] savevm: fix corruption in vmstate_subsection_load().
Although it's rare to happen in live migration, when the head of a
byte stream contains 0x05 which is the marker of subsection, the
loader gets corrupted because vmstate_subsection_load() continues even
the device doesn't require it. This patch adds a checker whether
subsection is needed, and skips following routines if not needed.
Signed-off-by: Yoshiaki Tamura tamura.yoshi...@lab.ntt.co.jp
---
savevm.c | 10 +-
1 files changed, 9 insertions(+), 1 deletions(-)
diff --git a/savevm.c b/savevm.c
index fcd8db4..3be875d 100644
--- a/savevm.c
+++ b/savevm.c
@@ -1639,6 +1639,12 @@ static const VMStateDescription
*vmstate_get_subsection(const VMStateSubsection
static int vmstate_subsection_load(QEMUFile *f, const VMStateDescription *vmsd,
void *opaque)
{
+const VMStateSubsection *sub = vmsd-subsections;
+
+if (!sub || !sub-needed) {
+return 0;
+}
+
while (qemu_peek_byte(f) == QEMU_VM_SUBSECTION) {
char idstr[256];
int ret;
@@ -1651,10 +1657,11 @@ static int vmstate_subsection_load(QEMUFile *f, const
VMStateDescription *vmsd,
idstr[len] = 0;
version_id = qemu_get_be32(f);
-sub_vmsd = vmstate_get_subsection(vmsd-subsections, idstr);
+sub_vmsd = vmstate_get_subsection(sub, idstr);
if (sub_vmsd == NULL) {
return -ENOENT;
}
+assert(!sub_vmsd-subsections);
ret = vmstate_load_state(f, sub_vmsd, opaque, version_id);
if (ret) {
return ret;
@@ -1678,6 +1685,7 @@ static void vmstate_subsection_save(QEMUFile *f, const
VMStateDescription *vmsd,
qemu_put_byte(f, len);
qemu_put_buffer(f, (uint8_t *)vmsd-name, len);
qemu_put_be32(f, vmsd-version_id);
+assert(!vmsd-subsections);
vmstate_save_state(f, vmsd, opaque);
}
sub++;
--
1.7.1.2
[Qemu-devel] Re: [PATCH] block: Use backing format driver during image creation
On 01/24/11 10:32, Stefan Hajnoczi wrote: The backing format should be honored during image creation. For some reason we currently use the image format to open the backing file. This fails when the backing file has a different format than the image being created. Keep the image and backing format drivers completely separate. Also print the backing filename if there is an error opening the backing file instead of the image filename. Signed-off-by: Stefan Hajnoczi stefa...@linux.vnet.ibm.com --- block.c |8 +--- 1 files changed, 5 insertions(+), 3 deletions(-) Looks good! Acked-by: Jes Sorensen jes.soren...@redhat.com
[Qemu-devel] [PATCH] linux-user/FLAT: fix auto-stack sizing
The current auto-stack sizing works like it does on a NOMMU system; the
problem is that this only works if the envp/argv arrays are fairly slim.
On a desktop system, this is rarely the case, and can easily blow past
the stack and into data/text regions as the default stack for FLAT progs
is a mere 4KiB. So rather than rely on the NOMMU calculation (which is
only there because NOMMU can't easily allocate gobs of contiguous mem),
calc the full space actually needed and let the MMU host make space.
Signed-off-by: Mike Frysinger vap...@gentoo.org
---
linux-user/flatload.c | 11 +--
1 files changed, 9 insertions(+), 2 deletions(-)
diff --git a/linux-user/flatload.c b/linux-user/flatload.c
index 8f9f4a5..d8b4476 100644
--- a/linux-user/flatload.c
+++ b/linux-user/flatload.c
@@ -733,8 +733,15 @@ int load_flt_binary(struct linux_binprm * bprm, struct
target_pt_regs * regs,
* pedantic and include space for the argv/envp array as it may have
* a lot of entries.
*/
-#define TOP_OF_ARGS (TARGET_PAGE_SIZE * MAX_ARG_PAGES - sizeof(void *))
-stack_len = TOP_OF_ARGS - bprm-p; /* the strings */
+stack_len = 0;
+for (i = 0; i bprm-argc; ++i) {
+/* the argv strings */
+stack_len += strlen(bprm-argv[i]);
+}
+for (i = 0; i bprm-envc; ++i) {
+/* the envp strings */
+stack_len += strlen(bprm-envp[i]);
+}
stack_len += (bprm-argc + 1) * 4; /* the argv array */
stack_len += (bprm-envc + 1) * 4; /* the envp array */
--
1.7.4.rc2
[Qemu-devel] [PATCH] pci: memory leak of PCIDevice::rom_file
PCIDevice::rom_file is leaked. PCIDevice::rom_file is allocated in pci_qdev_init(), but not freed anywhere. free it in qemu_unregister_device(). Signed-off-by: Isaku Yamahata yamah...@valinux.co.jp --- hw/pci.c |1 + 1 files changed, 1 insertions(+), 0 deletions(-) diff --git a/hw/pci.c b/hw/pci.c index b8f5385..044c4bd 100644 --- a/hw/pci.c +++ b/hw/pci.c @@ -833,6 +833,7 @@ static int pci_unregister_device(DeviceState *dev) pci_unregister_io_regions(pci_dev); pci_del_option_rom(pci_dev); +qemu_free(pci_dev-romfile); do_pci_unregister_device(pci_dev); return 0; } -- 1.7.1.1
[Qemu-devel] [PATCH 2/2] ignore more gdb related files
Signed-off-by: Mike Frysinger vap...@gentoo.org --- .gitignore |2 ++ 1 files changed, 2 insertions(+), 0 deletions(-) diff --git a/.gitignore b/.gitignore index dadb01a..81717f3 100644 --- a/.gitignore +++ b/.gitignore @@ -35,6 +35,8 @@ qemu-io qemu-monitor.texi QMP/qmp-commands.txt .gdbinit +.gdb_history +core *.a *.aux *.cp -- 1.7.4.rc2
[Qemu-devel] [PATCH] linux-user/FLAT: allow targets to override FLAT reloc processing
This brings flatload.c more in line with the current Linux FLAT loader
which allows targets to handle FLAT relocations in their own way. For
the common behavior, the new functions get stubbed out.
Signed-off-by: Mike Frysinger vap...@gentoo.org
---
Makefile.target |2 +-
linux-user/flatload.c| 24 +---
linux-user/target_flat.h |9 +
3 files changed, 19 insertions(+), 16 deletions(-)
create mode 100644 linux-user/target_flat.h
diff --git a/Makefile.target b/Makefile.target
index cd2abde..282428b 100644
--- a/Makefile.target
+++ b/Makefile.target
@@ -107,7 +107,7 @@ ifdef CONFIG_LINUX_USER
$(call set-vpath,
$(SRC_PATH)/linux-user:$(SRC_PATH)/linux-user/$(TARGET_ABI_DIR))
-QEMU_CFLAGS+=-I$(SRC_PATH)/linux-user
-I$(SRC_PATH)/linux-user/$(TARGET_ABI_DIR)
+QEMU_CFLAGS+=-I$(SRC_PATH)/linux-user/$(TARGET_ABI_DIR)
-I$(SRC_PATH)/linux-user
obj-y = main.o syscall.o strace.o mmap.o signal.o thunk.o \
elfload.o linuxload.o uaccess.o gdbstub.o cpu-uname.o \
qemu-malloc.o $(oslib-obj-y)
diff --git a/linux-user/flatload.c b/linux-user/flatload.c
index d8b4476..c133732 100644
--- a/linux-user/flatload.c
+++ b/linux-user/flatload.c
@@ -41,6 +41,8 @@
#include qemu.h
#include flat.h
+#define ntohl(x) be32_to_cpu(x)
+#include target_flat.h
//#define DEBUG
@@ -50,14 +52,6 @@
#defineDBG_FLT(...)
#endif
-#define flat_reloc_valid(reloc, size) ((reloc) = (size))
-#define flat_old_ram_flag(flag) (flag)
-#ifdef TARGET_WORDS_BIGENDIAN
-#define flat_get_relocate_addr(relval)(relval)
-#else
-#define flat_get_relocate_addr(relval)bswap32(relval)
-#endif
-
#define RELOC_FAILED 0xff00ff01/* Relocation incorrect
somewhere */
#define UNLOADED_LIB 0x7ff000ff/* Placeholder for unused
library */
@@ -78,8 +72,6 @@ static int load_flat_shared_library(int id, struct lib_info
*p);
struct linux_binprm;
-#define ntohl(x) be32_to_cpu(x)
-
//
/*
* create_flat_tables() parses the env- and arg-strings in new user
@@ -625,6 +617,7 @@ static int load_flat_file(struct linux_binprm * bprm,
* __start to address 4 so that is okay).
*/
if (rev OLD_FLAT_VERSION) {
+abi_ulong persistent = 0;
for (i = 0; i relocs; i++) {
abi_ulong addr, relval;
@@ -633,6 +626,9 @@ static int load_flat_file(struct linux_binprm * bprm,
relocated first). */
if (get_user_ual(relval, reloc + i * sizeof(abi_ulong)))
return -EFAULT;
+relval = ntohl(relval);
+if (flat_set_persistent(relval, persistent))
+continue;
addr = flat_get_relocate_addr(relval);
rp = calc_reloc(addr, libinfo, id, 1);
if (rp == RELOC_FAILED)
@@ -641,22 +637,20 @@ static int load_flat_file(struct linux_binprm * bprm,
/* Get the pointer's value. */
if (get_user_ual(addr, rp))
return -EFAULT;
+addr = flat_get_addr_from_rp(rp, relval, flags, persistent);
if (addr != 0) {
/*
* Do the relocation. PIC relocs in the data section are
* already in target order
*/
-
-#ifndef TARGET_WORDS_BIGENDIAN
if ((flags FLAT_FLAG_GOTPIC) == 0)
-addr = bswap32(addr);
-#endif
+addr = ntohl(addr);
addr = calc_reloc(addr, libinfo, id, 0);
if (addr == RELOC_FAILED)
return -ENOEXEC;
/* Write back the relocated pointer. */
-if (put_user_ual(addr, rp))
+if (flat_put_addr_at_rp(rp, addr, relval))
return -EFAULT;
}
}
diff --git a/linux-user/target_flat.h b/linux-user/target_flat.h
new file mode 100644
index 000..332b6e3
--- /dev/null
+++ b/linux-user/target_flat.h
@@ -0,0 +1,9 @@
+/* If your arch needs to do custom stuff, create your own target_flat.h
+ * header file in linux-user/your arch/
+ */
+#define flat_reloc_valid(reloc, size)((reloc) =
(size))
+#define flat_old_ram_flag(flag) (flag)
+#define flat_get_relocate_addr(relval) (relval)
+#define flat_get_addr_from_rp(rp, relval, flags, persistent) (rp)
+#define flat_set_persistent(relval, persistent) (*persistent)
+#define flat_put_addr_at_rp(rp, addr, relval)
put_user_ual(addr, rp)
--
1.7.4.rc2
[Qemu-devel] [PATCH] loader: memory leak in rom_add_file() on error path
fix memory leak in rom_add_file(). Signed-off-by: Isaku Yamahata yamah...@valinux.co.jp --- hw/loader.c |2 ++ 1 files changed, 2 insertions(+), 0 deletions(-) diff --git a/hw/loader.c b/hw/loader.c index 35d792e..6cba8c5 100644 --- a/hw/loader.c +++ b/hw/loader.c @@ -618,6 +618,8 @@ int rom_add_file(const char *file, const char *fw_dir, err: if (fd != -1) close(fd); +qemu_free(rom-fw_file); +qemu_free(rom-fw_dir); qemu_free(rom-data); qemu_free(rom-path); qemu_free(rom-name); -- 1.7.1.1
[Qemu-devel] Re: [RFC][PATCH v6 23/23] virtagent: various bits to build QEMU with virtagent
On 01/17/11 14:15, Michael Roth wrote: Signed-off-by: Michael Roth mdr...@linux.vnet.ibm.com --- Makefile.target |2 +- configure | 32 2 files changed, 33 insertions(+), 1 deletions(-) Please make building qemu-va optional, so the build doesn't break if one doesn't have xmlrpc-devel installed. Cheers, Jes
[Qemu-devel] [PATCH 0/4] new Blackfin QEMU port
I finally got around to getting this port past the only crashes phase. Using the GNU sim Blackfin port as a nice working standard, it was just a matter of replacing the sim bits with TCG ops. Now we have a linux-user port for people to play with. No immediate plans to move on to the system step, but it is something I want to figure out at some point. The port is at the point I think where people can bang on it. The core (bfin-sim.c) needs a bit more cleanup though before it'll be accepted, but that should be largely related to the insns that I haven't gotten around to implementing. The rest of the code should be fair game for review though if someone feels like it. This does require some patches in order for userspace programs to be generally useful, but they've all been submitted at this point. I don't know how people feel about test sizes. We developed quite a comprehension testsuite for the GNU sim, and I've imported about half of it. Personally, I find it invaluable to catch regressions while developing, but its raw size can be a bit intimidating. As a simple comparison, we typically get about ~8mips with the GNU sim while executing Blackfin code, but I easily see about ~400mips with qemu. Obviously your numbers will vary based on workload, but hopefully not too much ... My git tree with everything necessary can be found here: git://sources.blackfin.uclinux.org/git/users/vapier/qemu.git Mike Frysinger (4): Blackfin: add disassembler support Blackfin: initial port Blackfin: add linux-user support Blackfin: add test suite MAINTAINERS |5 + Makefile.objs |1 + bfin-dis.c | 4903 +++ configure | 13 +- cpu-exec.c |6 +- default-configs/bfin-linux-user.mak |1 + dis-asm.h |3 + disas.c |9 + elf.h |6 + gdbstub.c | 103 + linux-user/bfin/syscall.h | 59 + linux-user/bfin/syscall_nr.h| 388 +++ linux-user/bfin/target_flat.h | 91 + linux-user/bfin/target_signal.h | 29 + linux-user/bfin/termbits.h | 227 ++ linux-user/elfload.c| 39 + linux-user/main.c | 95 + linux-user/qemu.h |4 + linux-user/syscall_defs.h | 65 +- scripts/qemu-binfmt-conf.sh |4 + target-bfin/README | 35 + target-bfin/TODO|5 + target-bfin/bfin-sim.c | 4760 ++ target-bfin/bfin-tdep.h | 94 + target-bfin/cpu.h | 215 ++ target-bfin/exec.h | 37 + target-bfin/helper.c| 37 + target-bfin/helper.h| 21 + target-bfin/op_helper.c | 213 ++ target-bfin/opcode/bfin.h | 1726 +++ target-bfin/translate.c | 1267 tests/Makefile |4 + tests/bfin/.gitignore |2 + tests/bfin/10272_small.s| 51 + tests/bfin/10436.s | 39 + tests/bfin/10622.s | 21 + tests/bfin/10742.s | 17 + tests/bfin/10799.s | 55 + tests/bfin/7641.s | 38 + tests/bfin/Makefile | 69 + tests/bfin/a0.s | 17 + tests/bfin/a1.s | 29 + tests/bfin/a2.s | 179 ++ tests/bfin/a24.s| 12 + tests/bfin/a25.s| 28 + tests/bfin/a26.s| 72 + tests/bfin/a3.s | 313 ++ tests/bfin/a4.s | 36 + tests/bfin/a7.s | 179 ++ tests/bfin/a8.s | 41 + tests/bfin/a9.s | 205 ++ tests/bfin/abs-2.S | 42 + tests/bfin/abs-3.S | 42 + tests/bfin/abs.S| 42 + tests/bfin/acc-rot.s| 129 + tests/bfin/acp5_19.s| 12 + tests/bfin/add_imm7.s | 38 + tests/bfin/b0.S | 51 + tests/bfin/b1.s | 12 + tests/bfin/b2.S | 26 + tests/bfin/brcc.s | 164 + tests/bfin/brevadd.s| 20 + tests/bfin/byteunpack.s | 45 + tests/bfin/c_alu2op_arith_r_sft.s | 226 ++ tests/bfin/c_alu2op_conv_b.s| 211 ++ tests/bfin/c_alu2op_conv_h.s| 211 ++
[Qemu-devel] Blackfin: add disassembler support
compressing attaching since this is big (and i dont know what the qemu mailing list limit is set to), and it is simply a copy paste of the Blackfin disassembler from binutils -mike Makefile.objs |1 + bfin-dis.c| 4903 + configure |4 + dis-asm.h |3 + disas.c |9 + target-bfin/opcode/bfin.h | 1726 6 files changed, 6646 insertions(+), 0 deletions(-) create mode 100644 bfin-dis.c create mode 100644 target-bfin/opcode/bfin.h 0001-Blackfin-add-disassembler-support.patch.xz Description: Binary data
Re: [Qemu-devel] [PATCH v3 0/5][RFC] New SPARC machine: Leon3
On 01/21/2011 08:04 PM, Blue Swirl wrote: On Fri, Jan 21, 2011 at 5:00 PM, Fabien Chouteauchout...@adacore.com wrote: Hello Qemu-devel, Here is the third version of Leon3 emulation patch-set. Modifications since v2: - Tracepoints - DEFINE_PROP_* macros - New interface to trigger interrupts on Leon3 (set_pil_in:leon3.c) - Minor reformating Please feel free to comment. The patches look fine to me now, except 4/5 had a small problem. Could you run them through checkpatch.pl and fix the issues? The lines like //#define DEBUG_LEON3 can stay despite the error if you don't convert them to tracepoints. Sure, I will fix the two problems that you pointed out and run checkpatch.pl to fix the remaining style issues. -- Fabien Chouteau
Re: [Qemu-devel] [ARM] Contributing tests for Neon
How about you make it available somewhere (tarball via http, git repository on gitorious, or other method of your choice) for the moment? Then we can take a look at it and proceed from there. I agree, this is a good first step. If possible, its good if you can publish source and binaries so people with the appropriate tools can rebuild the tests. Also, when possible, binaries with debug info can be helpful when analyzing test failures. OK, I am going to have a look at gitorious. In the mean time, I have a bit of cleanup and minimal documentation to perform. Christophe.
[Qemu-devel] [PATCH 3/4] Blackfin: add linux-user support
Signed-off-by: Mike Frysinger vap...@gentoo.org
---
configure |1 +
default-configs/bfin-linux-user.mak |1 +
linux-user/bfin/syscall.h | 59 ++
linux-user/bfin/syscall_nr.h| 388 +++
linux-user/bfin/target_flat.h | 91
linux-user/bfin/target_signal.h | 29 +++
linux-user/bfin/termbits.h | 227
linux-user/elfload.c| 39
linux-user/main.c | 95 +
linux-user/qemu.h |4 +
linux-user/syscall_defs.h | 65 ++-
11 files changed, 997 insertions(+), 2 deletions(-)
create mode 100644 default-configs/bfin-linux-user.mak
create mode 100644 linux-user/bfin/syscall.h
create mode 100644 linux-user/bfin/syscall_nr.h
create mode 100644 linux-user/bfin/target_flat.h
create mode 100644 linux-user/bfin/target_signal.h
create mode 100644 linux-user/bfin/termbits.h
diff --git a/configure b/configure
index 730039f..ca9e1ba 100755
--- a/configure
+++ b/configure
@@ -1004,6 +1004,7 @@ x86_64-linux-user \
alpha-linux-user \
arm-linux-user \
armeb-linux-user \
+bfin-linux-user \
cris-linux-user \
m68k-linux-user \
microblaze-linux-user \
diff --git a/default-configs/bfin-linux-user.mak
b/default-configs/bfin-linux-user.mak
new file mode 100644
index 000..5f7aefb
--- /dev/null
+++ b/default-configs/bfin-linux-user.mak
@@ -0,0 +1 @@
+# Default configuration for bfin-linux-user
diff --git a/linux-user/bfin/syscall.h b/linux-user/bfin/syscall.h
new file mode 100644
index 000..892ee75
--- /dev/null
+++ b/linux-user/bfin/syscall.h
@@ -0,0 +1,59 @@
+struct target_pt_regs {
+ abi_ulong orig_pc;
+ abi_ulong ipend;
+ abi_ulong seqstat;
+ abi_ulong rete;
+ abi_ulong retn;
+ abi_ulong retx;
+ abi_ulong pc; /* PC == RETI */
+ abi_ulong rets;
+ abi_ulong reserved; /* Used as scratch during system calls
*/
+ abi_ulong astat;
+ abi_ulong lb1;
+ abi_ulong lb0;
+ abi_ulong lt1;
+ abi_ulong lt0;
+ abi_ulong lc1;
+ abi_ulong lc0;
+ abi_ulong a1w;
+ abi_ulong a1x;
+ abi_ulong a0w;
+ abi_ulong a0x;
+ abi_ulong b3;
+ abi_ulong b2;
+ abi_ulong b1;
+ abi_ulong b0;
+ abi_ulong l3;
+ abi_ulong l2;
+ abi_ulong l1;
+ abi_ulong l0;
+ abi_ulong m3;
+ abi_ulong m2;
+ abi_ulong m1;
+ abi_ulong m0;
+ abi_ulong i3;
+ abi_ulong i2;
+ abi_ulong i1;
+ abi_ulong i0;
+ abi_ulong usp;
+ abi_ulong fp;
+ abi_ulong p5;
+ abi_ulong p4;
+ abi_ulong p3;
+ abi_ulong p2;
+ abi_ulong p1;
+ abi_ulong p0;
+ abi_ulong r7;
+ abi_ulong r6;
+ abi_ulong r5;
+ abi_ulong r4;
+ abi_ulong r3;
+ abi_ulong r2;
+ abi_ulong r1;
+ abi_ulong r0;
+ abi_ulong orig_r0;
+ abi_ulong orig_p0;
+ abi_ulong syscfg;
+};
+
+#define UNAME_MACHINE blackfin
diff --git a/linux-user/bfin/syscall_nr.h b/linux-user/bfin/syscall_nr.h
new file mode 100644
index 000..fd01c38
--- /dev/null
+++ b/linux-user/bfin/syscall_nr.h
@@ -0,0 +1,388 @@
+/*
+ * This file contains the system call numbers.
+ */
+#define TARGET_NR_restart_syscall0
+#define TARGET_NR_exit 1
+#define TARGET_NR_fork 2
+#define TARGET_NR_read 3
+#define TARGET_NR_write 4
+#define TARGET_NR_open 5
+#define TARGET_NR_close 6
+ /* 7 TARGET_NR_waitpid obsolete */
+#define TARGET_NR_creat 8
+#define TARGET_NR_link 9
+#define TARGET_NR_unlink10
+#define TARGET_NR_execve11
+#define TARGET_NR_chdir 12
+#define TARGET_NR_time 13
+#define TARGET_NR_mknod 14
+#define TARGET_NR_chmod 15
+#define TARGET_NR_chown 16
+ /* 17 TARGET_NR_break obsolete */
+ /* 18 TARGET_NR_oldstat obsolete */
+#define TARGET_NR_lseek 19
+#define TARGET_NR_getpid20
+#define TARGET_NR_mount 21
+ /* 22 TARGET_NR_umount obsolete */
+#define TARGET_NR_setuid23
+#define TARGET_NR_getuid24
+#define TARGET_NR_stime 25
+#define TARGET_NR_ptrace26
+#define TARGET_NR_alarm 27
+ /* 28 TARGET_NR_oldfstat obsolete */
+#define TARGET_NR_pause 29
+ /* 30 TARGET_NR_utime obsolete */
+ /* 31 TARGET_NR_stty obsolete */
+ /* 32 TARGET_NR_gtty obsolete */
+#define TARGET_NR_access33
+#define
Re: [Qemu-devel] IRC channel movement - FreeNode to OFTC
On Thu, Dec 9, 2010 at 3:14 PM, Anthony Liguori anth...@codemonkey.ws wrote: On 12/09/2010 09:12 AM, Mulyadi Santosa wrote: On Wed, Dec 8, 2010 at 23:18, Anthony Liguorianth...@codemonkey.ws wrote: Hi, I'd like to move IRC channels from FreeNode to OFTC, so please join #qemu on OFTC starting now. OFTC is nice place too IMHO... but if it's not a top secret, why move? Have been meaning to for a while. OFTC is a bit easier to work with than FreeNode. There are still a lot of people on the freenode channel. Is there anyone with access to do the following: 1. Set the freenode channel's topic to This channel has moved to #qemu on irc.oftc.net and nothing else. This makes it clear that we've moved and gets rid of the other (outdated) stuff in the channel topic. 2. Make it so that no one can speak on the freenode channel. This might be doable using the +m channel mode which only allows voiced users to speak. That way people are shown where to go and it is clear that the channel should no longer be used. Stefan
[Qemu-devel] Re: [PATCH] block: Use backing format driver during image creation
Am 24.01.2011 10:32, schrieb Stefan Hajnoczi: The backing format should be honored during image creation. For some reason we currently use the image format to open the backing file. This fails when the backing file has a different format than the image being created. Keep the image and backing format drivers completely separate. Also print the backing filename if there is an error opening the backing file instead of the image filename. Signed-off-by: Stefan Hajnoczi stefa...@linux.vnet.ibm.com Thanks, applied to the block branch. I think we'll want to have a qemu-iotests case for this kind of regressions. Kevin
[Qemu-devel] qemu-user: relocating target code weakness
Hi! I am working on a project based on qemu-user. More exactly it is qemu-ppc (version 0.13.0) with x86 host. All the project and documentation about qemu will be open for everybody as it is a project for my university that is a public one.. I have the need to relocate the target code in the memory space to some other starting address. So I went inside linux-user/elfload.c: load_elf_binary and there I found many things that according to me are someway buggy or just weak .. Of course I am only a student, and all of this was far beyond my knowledge .. I am studying like a crazy for understanding all of this.. elf stuff, linking and loading .. and I may be just confused.. nevertheless I think it is worth of some attention by some of you gurus outta there :) First of all: info-start_mmap = (abi_ulong)ELF_START_MMAP; What is this? what is start_mmap supposed to point at at the end? Why that static value is chosen at the beginning? Then there is a block of code protected by the define: #if defined(CONFIG_USE_GUEST_BASE) this define appears to be enabled in my code though I do not use any special parameter for qemu-ppc.. What is it supposed to do? I mean I guess it wants to reserve a memory area for the target code, starting at a user defined address (guest_base).. and all of that is done in linux-user/main.c: main, through a proper command line parameter, but then the guest_base address is not more used in the code of qemu-user o.O Inside the code, protected by that define in load_elf_binary, seems to check if the system can reserve the requested area of program address space, otherwise find a suitable address and set again guest_base to that address.. but oddly that variable is never more taken in any consideration then!!! Going down the code I notice that for executable target binaries the flag MAP_FIXED for mmap is set.. and in the requested starting address the variable load_bias is always zero for executable files, so that the starting address is simply the p_vaddr of the various program segments..what does it mean? Simple! A target executable code is ALWAYS loaded at the same address of the program address space it would be if run on a target machine (not on the host machine through qemu)..far enough? No for me!! When executing in the original machine the binary was created for, its OS creates an address space only for the target.. that means all the address are free for it, and it can be loaded at any address chosen by the link editor when creating the binary.. but here in qemu-user it shares the address space with qemu-user code itself (and in my case with all other I added to it!) so those addresses can be not free at all!! Isn't that a big weakness?? I went a little forward, though with my poor skills.. I forced a bias, created assembly PPC simple test binaries and had a look at what happens when a shift of the start address is required (after fixing some variables that did not consider fine such possibility): The target global variables addresses are hard coded into the target binary.. nothing in the process of elf loading or then in TCG do anything for patching those addresses when there is a shift of the starting code.. the result is simply got: segmentation fault when trying to access those variables! Moreover the way the various variables like start_code, start_data, end_data, elf_brk were set was very odd to me: It was like while cycling through all the program segments they could be set for any new segment checked! Now I must admit, through all my studying of ELF, I did not understand yet (I'd appreciate very much if you can tell me it!!!) if it is possible to have multiple code segments or multiple data segments in an executable binary.. What I did was to check if the code had the PF_X flag or PF_W flag for distinguishing whether it was a code segment or a data segment (hoping there was only one of each), and set those variables accordingly.. This approach fails anyway when I use PIC code (I am trying to use PIC code now as a solution for relocating code), it seems there are many code segments and many writable segments, and I can't understand how to set properly start_code, end_code.. etc there. Another thing I had to edit while setting those variable was making them consider as address not more p_vaddr, but the actual loading address (error) .. If any of you is interested in solving this problem I can provide all my logs for various tests, source code for the test ppc binaries for testing everything and of course my elfload.c Thank you in advance for any support! Best regards, Stefano B.
[Qemu-devel] Re: [PATCH] pci/pcie: make pci_find_device() ARI aware.
On Sun, Jan 23, 2011 at 05:57:53PM +0200, Michael S. Tsirkin wrote:
On Sat, Jan 22, 2011 at 01:39:57AM +0900, Isaku Yamahata wrote:
On Fri, Jan 21, 2011 at 04:29:41PM +0200, Michael S. Tsirkin wrote:
On Fri, Jan 21, 2011 at 07:44:16PM +0900, Isaku Yamahata wrote:
On Thu, Jan 20, 2011 at 04:15:48PM +0200, Michael S. Tsirkin wrote:
On Thu, Jan 20, 2011 at 03:57:39PM +0900, Isaku Yamahata wrote:
make pci_find_device() ARI aware.
Signed-off-by: Isaku Yamahata yamah...@valinux.co.jp
---
hw/pci.c |7 +++
1 files changed, 7 insertions(+), 0 deletions(-)
diff --git a/hw/pci.c b/hw/pci.c
index 8d0e3df..851f350 100644
--- a/hw/pci.c
+++ b/hw/pci.c
@@ -1596,11 +1596,18 @@ PCIBus *pci_find_bus(PCIBus *bus, int
bus_num)
PCIDevice *pci_find_device(PCIBus *bus, int bus_num, int slot, int
function)
{
+PCIDevice *d;
bus = pci_find_bus(bus, bus_num);
if (!bus)
return NULL;
+d = bus-parent_dev;
+if (d pci_is_express(d)
+pcie_cap_get_type(d) == PCI_EXP_TYPE_DOWNSTREAM
+!pcie_cap_is_ari_enabled(d) slot 0) {
+return NULL;
+}
return bus-devices[PCI_DEVFN(slot, function)];
}
I'd like to split this express-specific code out in some way.
Further, the downstream port always has a single slot.
Maybe it shouldn't be a bus at all, but this needs some thought.
Yes, it needs consideration.
How about we put flag in PCIBus that says that a single
slot is supported? Downstream ports would just set it.
So such a flag must be set/clear by something like
pcie_cap_ari_write_config()
depending on ARI bit at runtime.
Well, to figure it out, could you please describe what is the situation
your patch tries to fix? I would generally would like a reason for the
change to be given in commit logs, please try to avoid just restating
what the patch does.
It seems that I should have added the comment to refer the spec.
I'd like to implement ARI enable bit correctly.
Downstream port(and root port) doesn't forward pci transaction for
function 7 by default for compatibility,
Only when ARI forwarding enable bit of downstream/root port is set,
the virtual p2p bridge forwards pci transaction for
function 7 (i.e. slot 0).
Oh, I see, yes, function 7 gets described as slot 0.
I think this is what I missed.
Hmm, it'd pretty confusing. Should we fix this,
pass devfn all over?
Sounds to make sense.
Although it seems only pci_find_device() will be affected at a glance,
I'll look into it more closely.
I now understand what the code does, it just needs
a good comment that explains that at the moment
slot encodes the high bits of the device id.
Also, let's replace pcie_cap_is_ari_enabled
with an inline that does all the relevant logic
E.g.
/* With PCI Express Endpoints, there's a single device behind
each downstream port bus, and bits 3:7 of the function number get
encoded in the slot number (the Express spec calls it the Device
Number). This allows 8 functions, but
these extended functions are only accessible when the
Alternative routing-ID Interpretation (ARI)
capability is enabled in the downstream port. With that capability
disabled the port enforces the Device Number field being 0.*/
static inline
bool pcie_check_slot(PCIDevice *dev)
{
return !pci_is_express(dev) || !slot ||
pcie_cap_get_type(dev) != PCI_EXP_TYPE_DOWNSTREAM ||
(pci_get_long(dev-config + dev-exp.exp_cap + PCI_EXP_DEVCTL2)
PCI_EXP_DEVCTL2_ARI);
}
Okay.
6.13 Alternative routing-ID Interpretation(ARI)
7.8.15 Device capabilites 2 register
ARI forwarding supproted
7.8.16 Device control 2 register
ARI forwarding Enable
5 ARI Forwarding Enable When set, the Downstream Port
disables its traditional Device Number field being 0 enforcement
when turning a Type 1 Configuration Request into a Type 0
Configuration Request, permitting access to Extended Functions
in an ARI Device immediately below the Port. See Section 6.13.
Default value of this bit is 0b. Must be hardwired to 0b if the ARI
Forwarding Supported bit is 0b.
Oh, the patch should check root port in addition to downstream port.
It should? Where does it say so?
I wasn't clear enough.
pcie_check_slot() above should include something like
!((type == downstream) ||
(type == root the below is endpoint))
Are you trying to create a device with 8 functions?
If that is the case I suspect this is not the best way
to do this at all.
pcie device can have 256 functions instead of 8.
Only if it's an ARI device. And note that if you have a device with
256
Re: [Qemu-devel] TCG flow vs dyngen
On 01/24/2011 12:40 AM, Rob Landley wrote: On 01/23/2011 04:25 PM, Stefano Bonifazi wrote: I am trying to shift in memory the target executable .. now the code is supposed to be loaded by the elfloader at the exact start address set at link time .. Ah, elf loading. That's a whole 'nother bag of worms. Oddly enough, I was deling with this last year trying to debug the uClibc dynamic linker. I blogged a bit about it at the time: http://landley.net/notes-2010.html#12-07-2010 (And the next few days. Sigh, I never did go back and fill in the holes, did I?) Inside elfloader there is even a check for verifying whether that address range is busy.. but no action is taken in that case o.O Maybe I'll post a new thread about this problem (bug?) .. anyway if you think you can help me anyway I'll give you further details.. Tired right now, but if you post a clearer question (what are you trying to _do_) and cc: me on it I'll try to respond. Maybe I can find some decent documentation to point you at, or maybe I'll write some... Rob Thank you! I read your post, and yup you also noticed the weird of load_bias.. and wondered how it can work on x86.. But I think your work was on qemu-system.. I am working on qemu-user.. Yup better to post a new thread, I'll cc: you there! Thank you very much! Stefano B
Re: [Qemu-devel] [PATCH v3] linux-user: add ppoll syscall support
On 24 January 2011 03:57, Mike Frysinger vap...@gentoo.org wrote: Some architectures (like Blackfin) only implement ppoll (and skip poll). So add support for it using existing poll code. Signed-off-by: Mike Frysinger vap...@gentoo.org --- v3 - call ppoll syscall directly so timespec updates get passed back - tweak style - use new sigsets This version looks OK to me and works for my fairly simple testcase. Reviewed-by: Peter Maydell peter.mayd...@linaro.org -- PMM
[Qemu-devel] [PATCH v4 0/5][RFC] New SPARC machine: Leon3
Hello Qemu-devel, Here is the fourth version of Leon3 emulation patch-set. Modifications since v3: - Tracepoints in leon3.c - Fix compilation error in user mode (target-sparc/op_helper.c) - Remove unused variable in leon3. - Minor reformating (style errors from checkpatch.pl) Please feel free to comment. Regards, --- This patch set introduces a new SPARC V8 machine: Leon3. It's an open-source VHDL System-On-Chip, well known in space industry (more information on http://www.gaisler.com). Leon3 is made of multiple components available in the GrLib VHDL library. Three devices are implemented: uart, timers and IRQ manager. You can find code for these peripherals in the grlib_* files. Modifications have been done to the SPARC cpu emulation code to handle Leon3's specific behavior: - IRQ management - Cache control - Asr17 (implementation-dependent Ancillary State Registers) - Shutdown Fabien Chouteau (5): SPARC: Emulation of GRLIB GPTimer SPARC: Emulation of GRLIB IRQMP SPARC: Emulation of GRLIB APB UART SPARC: Emulation of Leon3 SPARC: Add asr17 register support Makefile.target |5 +- hw/grlib.h | 126 +++ hw/grlib_apbuart.c | 187 ++ hw/grlib_gptimer.c | 395 ++ hw/grlib_irqmp.c | 376 +++ hw/leon3.c | 218 + target-sparc/cpu.h | 38 +++-- target-sparc/helper.c|8 +- target-sparc/helper.h|1 + target-sparc/op_helper.c | 156 ++- target-sparc/translate.c | 24 +++- trace-events | 24 +++ 12 files changed, 1536 insertions(+), 22 deletions(-) create mode 100644 hw/grlib.h create mode 100644 hw/grlib_apbuart.c create mode 100644 hw/grlib_gptimer.c create mode 100644 hw/grlib_irqmp.c create mode 100644 hw/leon3.c
[Qemu-devel] [PATCH v4 3/5] SPARC: Emulation of GRLIB APB UART
This device exposes one parameter:
- chardev (ptr) : Pointer to a qemu character device
Emulation of GrLib devices is base on the GRLIB IP Core User's Manual:
http://www.gaisler.com/products/grlib/grip.pdf
Signed-off-by: Fabien Chouteau chout...@adacore.com
---
hw/grlib.h | 23 +++
hw/grlib_apbuart.c | 187
trace-events |4 +
3 files changed, 214 insertions(+), 0 deletions(-)
diff --git a/hw/grlib.h b/hw/grlib.h
index f92d6d3..fdf4b11 100644
--- a/hw/grlib.h
+++ b/hw/grlib.h
@@ -100,4 +100,27 @@ DeviceState *grlib_gptimer_create(target_phys_addr_t base,
return dev;
}
+/* APB UART */
+
+static inline
+DeviceState *grlib_apbuart_create(target_phys_addr_t base,
+ CharDriverState*serial,
+ qemu_irqirq)
+{
+DeviceState *dev;
+
+dev = qdev_create(NULL, grlib,apbuart);
+qdev_prop_set_chr(dev, chrdev, serial);
+
+if (qdev_init(dev)) {
+return NULL;
+}
+
+sysbus_mmio_map(sysbus_from_qdev(dev), 0, base);
+
+sysbus_connect_irq(sysbus_from_qdev(dev), 0, irq);
+
+return dev;
+}
+
#endif /* ! _GRLIB_H_ */
diff --git a/hw/grlib_apbuart.c b/hw/grlib_apbuart.c
new file mode 100644
index 000..101b150
--- /dev/null
+++ b/hw/grlib_apbuart.c
@@ -0,0 +1,187 @@
+/*
+ * QEMU GRLIB APB UART Emulator
+ *
+ * Copyright (c) 2010-2011 AdaCore
+ *
+ * Permission is hereby granted, free of charge, to any person obtaining a copy
+ * of this software and associated documentation files (the Software), to
deal
+ * in the Software without restriction, including without limitation the rights
+ * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+ * copies of the Software, and to permit persons to whom the Software is
+ * furnished to do so, subject to the following conditions:
+ *
+ * The above copyright notice and this permission notice shall be included in
+ * all copies or substantial portions of the Software.
+ *
+ * THE SOFTWARE IS PROVIDED AS IS, WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL
+ * THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+ * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
FROM,
+ * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+ * THE SOFTWARE.
+ */
+
+#include sysbus.h
+#include qemu-char.h
+
+#include trace.h
+
+#define UART_REG_SIZE 20 /* Size of memory mapped registers */
+
+/* UART status register fields */
+#define UART_DATA_READY (1 0)
+#define UART_TRANSMIT_SHIFT_EMPTY (1 1)
+#define UART_TRANSMIT_FIFO_EMPTY (1 2)
+#define UART_BREAK_RECEIVED (1 3)
+#define UART_OVERRUN (1 4)
+#define UART_PARITY_ERROR (1 5)
+#define UART_FRAMING_ERROR(1 6)
+#define UART_TRANSMIT_FIFO_HALF (1 7)
+#define UART_RECEIVE_FIFO_HALF(1 8)
+#define UART_TRANSMIT_FIFO_FULL (1 9)
+#define UART_RECEIVE_FIFO_FULL(1 10)
+
+/* UART control register fields */
+#define UART_RECEIVE_ENABLE (1 0)
+#define UART_TRANSMIT_ENABLE (1 1)
+#define UART_RECEIVE_INTERRUPT (1 2)
+#define UART_TRANSMIT_INTERRUPT (1 3)
+#define UART_PARITY_SELECT (1 4)
+#define UART_PARITY_ENABLE (1 5)
+#define UART_FLOW_CONTROL(1 6)
+#define UART_LOOPBACK(1 7)
+#define UART_EXTERNAL_CLOCK (1 8)
+#define UART_RECEIVE_FIFO_INTERRUPT (1 9)
+#define UART_TRANSMIT_FIFO_INTERRUPT (1 10)
+#define UART_FIFO_DEBUG_MODE (1 11)
+#define UART_OUTPUT_ENABLE (1 12)
+#define UART_FIFO_AVAILABLE (1 31)
+
+/* Memory mapped register offsets */
+#define DATA_OFFSET 0x00
+#define STATUS_OFFSET 0x04
+#define CONTROL_OFFSET0x08
+#define SCALER_OFFSET 0x0C /* not supported */
+#define FIFO_DEBUG_OFFSET 0x10 /* not supported */
+
+typedef struct UART {
+SysBusDevice busdev;
+
+qemu_irq irq;
+
+CharDriverState *chr;
+
+/* registers */
+uint32_t receive;
+uint32_t status;
+uint32_t control;
+} UART;
+
+static int grlib_apbuart_can_receive(void *opaque)
+{
+UART *uart = opaque;
+
+return !!(uart-status UART_DATA_READY);
+}
+
+static void grlib_apbuart_receive(void *opaque, const uint8_t *buf, int size)
+{
+UART *uart = opaque;
+
+uart-receive = *buf;
+uart-status |= UART_DATA_READY;
+
+if (uart-control UART_RECEIVE_INTERRUPT) {
+qemu_irq_pulse(uart-irq);
+}
+}
+
+static void grlib_apbuart_event(void *opaque, int event)
+{
+trace_grlib_apbuart_event(event);
+}
+
+static void
+grlib_apbuart_writel(void *opaque, target_phys_addr_t addr, uint32_t value)
+{
+UART *uart = opaque;
+unsigned char c= 0;
+
+
[Qemu-devel] [PATCH v4 5/5] SPARC: Add asr17 register support
This register is activated by CPU_FEATURE_ASR17 in the feature field.
Signed-off-by: Fabien Chouteau chout...@adacore.com
---
target-sparc/cpu.h |1 +
target-sparc/helper.c|3 ++-
target-sparc/translate.c | 11 +++
3 files changed, 14 insertions(+), 1 deletions(-)
diff --git a/target-sparc/cpu.h b/target-sparc/cpu.h
index 5c50d9e..6f5990b 100644
--- a/target-sparc/cpu.h
+++ b/target-sparc/cpu.h
@@ -267,6 +267,7 @@ typedef struct sparc_def_t {
#define CPU_FEATURE_CMT (1 12)
#define CPU_FEATURE_GL (1 13)
#define CPU_FEATURE_TA0_SHUTDOWN (1 14) /* Shutdown on ta 0x0 */
+#define CPU_FEATURE_ASR17(1 15)
#ifndef TARGET_SPARC64
#define CPU_DEFAULT_FEATURES (CPU_FEATURE_FLOAT | CPU_FEATURE_SWAP | \
CPU_FEATURE_MUL | CPU_FEATURE_DIV | \
diff --git a/target-sparc/helper.c b/target-sparc/helper.c
index ec6ac27..2f3d1e6 100644
--- a/target-sparc/helper.c
+++ b/target-sparc/helper.c
@@ -1288,7 +1288,8 @@ static const sparc_def_t sparc_defs[] = {
.mmu_sfsr_mask = 0x,
.mmu_trcr_mask = 0x,
.nwindows = 8,
-.features = CPU_DEFAULT_FEATURES | CPU_FEATURE_TA0_SHUTDOWN,
+.features = CPU_DEFAULT_FEATURES | CPU_FEATURE_TA0_SHUTDOWN |
+CPU_FEATURE_ASR17,
},
#endif
};
diff --git a/target-sparc/translate.c b/target-sparc/translate.c
index dff0f19..e26462e 100644
--- a/target-sparc/translate.c
+++ b/target-sparc/translate.c
@@ -2067,6 +2067,17 @@ static void disas_sparc_insn(DisasContext * dc)
case 0x10 ... 0x1f: /* implementation-dependent in the
SPARCv8 manual, rdy on the
microSPARC II */
+/* Read Asr17 */
+if (rs1 == 0x11 dc-def-features CPU_FEATURE_ASR17) {
+TCGv r_const;
+
+/* Read Asr17 for a Leon3 monoprocessor */
+r_const = tcg_const_tl((1 8)
+ | (dc-def-nwindows - 1));
+gen_movl_TN_reg(rd, r_const);
+tcg_temp_free(r_const);
+break;
+}
#endif
gen_movl_TN_reg(rd, cpu_y);
break;
--
1.7.1
[Qemu-devel] [PATCH v4 1/5] SPARC: Emulation of GRLIB GPTimer
This device exposes three parameters:
- frequency (uint32) : The system frequency
- irq-line (uint32) : IRQ line number for the first timer
(others use irq-line + 1, irq-line + 2...)
- nr-timers (uint32) : Number of timers
Emulation of GrLib devices is base on the GRLIB IP Core User's Manual:
http://www.gaisler.com/products/grlib/grip.pdf
Signed-off-by: Fabien Chouteau chout...@adacore.com
---
hw/grlib.h | 65 +
hw/grlib_gptimer.c | 395
trace-events | 10 ++
3 files changed, 470 insertions(+), 0 deletions(-)
diff --git a/hw/grlib.h b/hw/grlib.h
new file mode 100644
index 000..776acf9
--- /dev/null
+++ b/hw/grlib.h
@@ -0,0 +1,65 @@
+/*
+ * QEMU GRLIB Components
+ *
+ * Copyright (c) 2010-2011 AdaCore
+ *
+ * Permission is hereby granted, free of charge, to any person obtaining a copy
+ * of this software and associated documentation files (the Software), to
deal
+ * in the Software without restriction, including without limitation the rights
+ * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+ * copies of the Software, and to permit persons to whom the Software is
+ * furnished to do so, subject to the following conditions:
+ *
+ * The above copyright notice and this permission notice shall be included in
+ * all copies or substantial portions of the Software.
+ *
+ * THE SOFTWARE IS PROVIDED AS IS, WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL
+ * THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+ * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
FROM,
+ * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+ * THE SOFTWARE.
+ */
+
+#ifndef _GRLIB_H_
+#define _GRLIB_H_
+
+#include qdev.h
+#include sysbus.h
+
+/* Emulation of GrLib device is base on the GRLIB IP Core User's Manual:
+ * http://www.gaisler.com/products/grlib/grip.pdf
+ */
+
+/* GPTimer */
+
+static inline
+DeviceState *grlib_gptimer_create(target_phys_addr_t base,
+ uint32_tnr_timers,
+ uint32_tfreq,
+ qemu_irq *cpu_irqs,
+ int base_irq)
+{
+DeviceState *dev;
+int i;
+
+dev = qdev_create(NULL, grlib,gptimer);
+qdev_prop_set_uint32(dev, nr-timers, nr_timers);
+qdev_prop_set_uint32(dev, frequency, freq);
+qdev_prop_set_uint32(dev, irq-line, base_irq);
+
+if (qdev_init(dev)) {
+return NULL;
+}
+
+sysbus_mmio_map(sysbus_from_qdev(dev), 0, base);
+
+for (i = 0; i nr_timers; i++) {
+sysbus_connect_irq(sysbus_from_qdev(dev), i, cpu_irqs[base_irq + i]);
+}
+
+return dev;
+}
+
+#endif /* ! _GRLIB_H_ */
diff --git a/hw/grlib_gptimer.c b/hw/grlib_gptimer.c
new file mode 100644
index 000..596a900
--- /dev/null
+++ b/hw/grlib_gptimer.c
@@ -0,0 +1,395 @@
+/*
+ * QEMU GRLIB GPTimer Emulator
+ *
+ * Copyright (c) 2010-2011 AdaCore
+ *
+ * Permission is hereby granted, free of charge, to any person obtaining a copy
+ * of this software and associated documentation files (the Software), to
deal
+ * in the Software without restriction, including without limitation the rights
+ * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+ * copies of the Software, and to permit persons to whom the Software is
+ * furnished to do so, subject to the following conditions:
+ *
+ * The above copyright notice and this permission notice shall be included in
+ * all copies or substantial portions of the Software.
+ *
+ * THE SOFTWARE IS PROVIDED AS IS, WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL
+ * THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+ * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
FROM,
+ * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+ * THE SOFTWARE.
+ */
+
+#include sysbus.h
+#include qemu-timer.h
+
+#include trace.h
+
+#define UNIT_REG_SIZE16 /* Size of memory mapped regs for the unit */
+#define GPTIMER_REG_SIZE 16 /* Size of memory mapped regs for a GPTimer */
+
+#define GPTIMER_MAX_TIMERS 8
+
+/* GPTimer Config register fields */
+#define GPTIMER_ENABLE (1 0)
+#define GPTIMER_RESTART (1 1)
+#define GPTIMER_LOAD(1 2)
+#define GPTIMER_INT_ENABLE (1 3)
+#define GPTIMER_INT_PENDING (1 4)
+#define GPTIMER_CHAIN (1 5) /* Not supported */
+#define GPTIMER_DEBUG_HALT (1 6) /* Not supported */
+
+/* Memory mapped register offsets */
+#define SCALER_OFFSET
[Qemu-devel] Re: [RFC][PATCH 00/12] qcow2: Convert qcow2 to use coroutines for async I/O
Am 22.01.2011 10:29, schrieb Stefan Hajnoczi: This patch series prototypes making QCOW2 fully asynchronous to eliminate the timing jitter and poor performance that has been observed. QCOW2 has asynchronous I/O code paths for some of the read/write common cases but metadata access is always synchronous. One solution is to rewrite QCOW2 to be fully asynchronous by splitting all functions that perform blocking I/O into a series of callbacks. Due to the complexity of QCOW2, this conversion and the maintenance prospects are unattractive. This patch series prototypes an alternative solution to make QCOW2 asynchronous. It introduces coroutines, cooperative userspace threads of control, so that each QCOW2 request has its own call stack. To perform I/O, the coroutine submits an asynchronous I/O request and then yields back to QEMU. The coroutine stays suspended while the I/O operation is being processed by lower layers of the stack. When the asynchronous I/O completes, the coroutine is resumed. The upshot of this is that QCOW2 can be implemented in a sequential fashion without explicit callbacks but all I/O actually happens asynchronously under the covers. This prototype implements reads, writes, and flushes. Should install or boot VMs successfully. However, it has the following limitations: 1. QCOW2 requests are serialized because the code is not yet safe for concurrent requests. See the last patch for details. 2. Coroutines are unoptimized. We should pool coroutines (and their mmapped stacks) to avoid the cost of coroutine creation. 3. The qcow2_aio_read_cb() and qcow2_aoi_write_cb() functions should be refactored into sequential code now that callbacks are no longer needed. I think this approach can solve the performance and functional problems of the current QCOW2 implementation. It does not require invasive changes, much of QCOW2 works unmodified. Kevin: Do you like this approach and do you want to develop it further? I think it looks like a good start. The code will look much nicer this way than with the callback jungle that you tried out in QED. I'm not completely sure about patches 10 and 12, I don't think I agree with the conversion approach. By making bdrv_pread/pwrite asynchronous, you force drivers to be converted all at once - which leads to big hammers as in patch 12 (by the way, I'm curious if you have tried how much performance is hurt?) Wouldn't we be better off if we added a bdrv_co_pread/pwrite and converted qcow2 step by step? I'm not sure what the easy way forward would be with patch 12, looks more like a dead end to me (though I haven't looked at it for more than a few minutes yet). One more thing I want to mention is that bdrv_aio_read doesn't have the same semantics as bdrv_read with respect to EOF. The AIO one returns -EINVAL when reading beyond EOF whereas bdrv_read returns zeros. I'd expect that we'll hit this with the conversion. Kevin
[Qemu-devel] [PATCH v4 2/5] SPARC: Emulation of GRLIB IRQMP
This device exposes two parameters:
- set_pil_in(ptr) : A function to set the pil_in of the SPARC CPU
- set_pil_in_opaque (ptr) : Opaque argument of the set_pil_in function
Emulation of GrLib devices is base on the GRLIB IP Core User's Manual:
http://www.gaisler.com/products/grlib/grip.pdf
Signed-off-by: Fabien Chouteau chout...@adacore.com
---
hw/grlib.h | 38 ++
hw/grlib_irqmp.c | 376 ++
trace-events |6 +
3 files changed, 420 insertions(+), 0 deletions(-)
diff --git a/hw/grlib.h b/hw/grlib.h
index 776acf9..f92d6d3 100644
--- a/hw/grlib.h
+++ b/hw/grlib.h
@@ -32,6 +32,44 @@
* http://www.gaisler.com/products/grlib/grip.pdf
*/
+/* IRQMP */
+
+typedef void (*set_pil_in_fn) (void *opaque, uint32_t pil_in);
+
+void grlib_irqmp_set_irq(void *opaque, int irq, int level);
+
+void grlib_irqmp_ack(DeviceState *dev, int intno);
+
+static inline
+DeviceState *grlib_irqmp_create(target_phys_addr_t base,
+CPUState*env,
+qemu_irq **cpu_irqs,
+uint32_t nr_irqs,
+set_pil_in_fnset_pil_in)
+{
+DeviceState *dev;
+
+assert(cpu_irqs != NULL);
+
+dev = qdev_create(NULL, grlib,irqmp);
+qdev_prop_set_ptr(dev, set_pil_in, set_pil_in);
+qdev_prop_set_ptr(dev, set_pil_in_opaque, env);
+
+if (qdev_init(dev)) {
+return NULL;
+}
+
+env-irq_manager = dev;
+
+sysbus_mmio_map(sysbus_from_qdev(dev), 0, base);
+
+*cpu_irqs = qemu_allocate_irqs(grlib_irqmp_set_irq,
+ dev,
+ nr_irqs);
+
+return dev;
+}
+
/* GPTimer */
static inline
diff --git a/hw/grlib_irqmp.c b/hw/grlib_irqmp.c
new file mode 100644
index 000..f47c491
--- /dev/null
+++ b/hw/grlib_irqmp.c
@@ -0,0 +1,376 @@
+/*
+ * QEMU GRLIB IRQMP Emulator
+ *
+ * (Multiprocessor and extended interrupt not supported)
+ *
+ * Copyright (c) 2010-2011 AdaCore
+ *
+ * Permission is hereby granted, free of charge, to any person obtaining a copy
+ * of this software and associated documentation files (the Software), to
deal
+ * in the Software without restriction, including without limitation the rights
+ * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+ * copies of the Software, and to permit persons to whom the Software is
+ * furnished to do so, subject to the following conditions:
+ *
+ * The above copyright notice and this permission notice shall be included in
+ * all copies or substantial portions of the Software.
+ *
+ * THE SOFTWARE IS PROVIDED AS IS, WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL
+ * THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+ * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
FROM,
+ * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+ * THE SOFTWARE.
+ */
+
+#include sysbus.h
+#include cpu.h
+
+#include grlib.h
+
+#include trace.h
+
+#define IRQMP_MAX_CPU 16
+#define IRQMP_REG_SIZE 256 /* Size of memory mapped registers */
+
+/* Memory mapped register offsets */
+#define LEVEL_OFFSET 0x00
+#define PENDING_OFFSET 0x04
+#define FORCE0_OFFSET0x08
+#define CLEAR_OFFSET 0x0C
+#define MP_STATUS_OFFSET 0x10
+#define BROADCAST_OFFSET 0x14
+#define MASK_OFFSET 0x40
+#define FORCE_OFFSET 0x80
+#define EXTENDED_OFFSET 0xC0
+
+typedef struct IRQMPState IRQMPState;
+
+typedef struct IRQMP {
+SysBusDevice busdev;
+
+void *set_pil_in;
+void *set_pil_in_opaque;
+
+IRQMPState *state;
+} IRQMP;
+
+struct IRQMPState {
+uint32_t level;
+uint32_t pending;
+uint32_t clear;
+uint32_t broadcast;
+
+uint32_t mask[IRQMP_MAX_CPU];
+uint32_t force[IRQMP_MAX_CPU];
+uint32_t extended[IRQMP_MAX_CPU];
+
+IRQMP*parent;
+};
+
+static void grlib_irqmp_check_irqs(IRQMPState *state)
+{
+uint32_t pend = 0;
+uint32_t level0 = 0;
+uint32_t level1 = 0;
+set_pil_in_fn set_pil_in;
+
+assert(state != NULL);
+assert(state-parent != NULL);
+
+/* IRQ for CPU 0 (no SMP support) */
+pend = (state-pending | state-force[0])
+ state-mask[0];
+
+level0 = pend ~state-level;
+level1 = pend state-level;
+
+trace_grlib_irqmp_check_irqs(state-pending, state-force[0],
+ state-mask[0], level1, level0);
+
+set_pil_in = (set_pil_in_fn)state-parent-set_pil_in;
+
+/* Trigger level1 interrupt first and level0 if there is no level1 */
+if (level1 != 0) {
+set_pil_in(state-parent-set_pil_in_opaque, level1);
+} else {
+set_pil_in(state-parent-set_pil_in_opaque, level0);
+}
+}
+
[Qemu-devel] Re: [PATCH 07/18] kvm: Add MCE signal support for !CONFIG_IOTHREAD
On Mon, Jan 10, 2011 at 09:32:00AM +0100, Jan Kiszka wrote:
From: Jan Kiszka jan.kis...@siemens.com
Currently, we only configure and process MCE-related SIGBUS events if
CONFIG_IOTHREAD is enabled. Fix this by factoring out the required
handler registration and system configuration. Make sure that events
happening over a VCPU context in non-threaded mode get dispatched as
VCPU MCEs.
We also need to call qemu_kvm_eat_signals in non-threaded mode now, so
move it (unmodified) and add the required Windows stub.
Signed-off-by: Jan Kiszka jan.kis...@siemens.com
CC: Huang Ying ying.hu...@intel.com
---
cpus.c | 200 +++
1 files changed, 124 insertions(+), 76 deletions(-)
diff --git a/cpus.c b/cpus.c
index 6da0f8f..b6f1cfb 100644
--- a/cpus.c
+++ b/cpus.c
@@ -34,9 +34,6 @@
#include cpus.h
#include compatfd.h
-#ifdef CONFIG_LINUX
-#include sys/prctl.h
-#endif
#ifdef SIGRTMIN
#define SIG_IPI (SIGRTMIN+4)
@@ -44,10 +41,24 @@
#define SIG_IPI SIGUSR1
#endif
@@ -912,6 +954,8 @@ static int qemu_cpu_exec(CPUState *env)
bool cpu_exec_all(void)
{
+int r;
+
if (next_cpu == NULL)
next_cpu = first_cpu;
for (; next_cpu != NULL !exit_request; next_cpu = next_cpu-next_cpu)
{
@@ -923,7 +967,11 @@ bool cpu_exec_all(void)
if (qemu_alarm_pending())
break;
if (cpu_can_run(env)) {
-if (qemu_cpu_exec(env) == EXCP_DEBUG) {
+r = qemu_cpu_exec(env);
+if (kvm_enabled()) {
+qemu_kvm_eat_signals(env);
+}
+if (r == EXCP_DEBUG) {
break;
}
SIGBUS should be processed outside of vcpu execution context, think of a
non MCE SIGBUS while vm is stopped. Could use signalfd for that.
But the SIGBUS handler for !IOTHREAD case should not ignore Action
Required, since it might have been generated in vcpu context.
[Qemu-devel] [PATCH v4 4/5] SPARC: Emulation of Leon3
Leon3 is an open-source VHDL System-On-Chip, well known in space industry (more
information on http://www.gaisler.com).
Leon3 is made of multiple components available in the GrLib VHDL library.
Three devices are implemented: uart, timers and IRQ manager.
You can find code for these peripherals in the grlib_* files.
Signed-off-by: Fabien Chouteau chout...@adacore.com
---
Makefile.target |5 +-
hw/leon3.c | 218 ++
target-sparc/cpu.h | 37 +---
target-sparc/helper.c|7 +-
target-sparc/helper.h|1 +
target-sparc/op_helper.c | 156 -
target-sparc/translate.c | 13 +++-
trace-events |4 +
8 files changed, 419 insertions(+), 22 deletions(-)
diff --git a/Makefile.target b/Makefile.target
index cd2abde..b0ba95f 100644
--- a/Makefile.target
+++ b/Makefile.target
@@ -286,7 +286,10 @@ obj-sparc-y += cirrus_vga.o
else
obj-sparc-y = sun4m.o lance.o tcx.o sun4m_iommu.o slavio_intctl.o
obj-sparc-y += slavio_timer.o slavio_misc.o sparc32_dma.o
-obj-sparc-y += cs4231.o eccmemctl.o sbi.o sun4c_intctl.o
+obj-sparc-y += cs4231.o eccmemctl.o sbi.o sun4c_intctl.o leon3.o
+
+# GRLIB
+obj-sparc-y += grlib_gptimer.o grlib_irqmp.o grlib_apbuart.o
endif
obj-arm-y = integratorcp.o versatilepb.o arm_pic.o arm_timer.o
diff --git a/hw/leon3.c b/hw/leon3.c
new file mode 100644
index 000..69d8f3b
--- /dev/null
+++ b/hw/leon3.c
@@ -0,0 +1,218 @@
+/*
+ * QEMU Leon3 System Emulator
+ *
+ * Copyright (c) 2010-2011 AdaCore
+ *
+ * Permission is hereby granted, free of charge, to any person obtaining a copy
+ * of this software and associated documentation files (the Software), to
deal
+ * in the Software without restriction, including without limitation the rights
+ * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+ * copies of the Software, and to permit persons to whom the Software is
+ * furnished to do so, subject to the following conditions:
+ *
+ * The above copyright notice and this permission notice shall be included in
+ * all copies or substantial portions of the Software.
+ *
+ * THE SOFTWARE IS PROVIDED AS IS, WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL
+ * THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+ * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
FROM,
+ * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+ * THE SOFTWARE.
+ */
+#include hw.h
+#include qemu-timer.h
+#include qemu-char.h
+#include sysemu.h
+#include boards.h
+#include loader.h
+#include elf.h
+#include trace.h
+
+#include grlib.h
+
+/* Default system clock. */
+#define CPU_CLK (40 * 1000 * 1000)
+
+#define PROM_FILENAMEu-boot.bin
+
+#define MAX_PILS 16
+
+typedef struct ResetData {
+CPUState *env;
+uint32_t entry;/* save kernel entry in case of reset */
+} ResetData;
+
+static void main_cpu_reset(void *opaque)
+{
+ResetData *s = (ResetData *)opaque;
+CPUState *env = s-env;
+
+cpu_reset(env);
+
+env-halted = 0;
+env-pc = s-entry;
+env-npc= s-entry + 4;
+}
+
+static void leon3_irq_ack(void *irq_manager, int intno)
+{
+grlib_irqmp_ack((DeviceState *)irq_manager, intno);
+leon3_cache_control_int();
+}
+
+static void leon3_set_pil_in(void *opaque, uint32_t pil_in)
+{
+CPUState *env = (CPUState *)opaque;
+
+assert(env != NULL);
+
+env-pil_in = pil_in;
+
+if (env-pil_in (env-interrupt_index == 0 ||
+(env-interrupt_index ~15) == TT_EXTINT)) {
+unsigned int i;
+
+for (i = 15; i 0; i--) {
+if (env-pil_in (1 i)) {
+int old_interrupt = env-interrupt_index;
+
+env-interrupt_index = TT_EXTINT | i;
+if (old_interrupt != env-interrupt_index) {
+trace_leon3_set_irq(i);
+cpu_interrupt(env, CPU_INTERRUPT_HARD);
+}
+break;
+}
+}
+} else if (!env-pil_in (env-interrupt_index ~15) == TT_EXTINT) {
+trace_leon3_reset_irq(env-interrupt_index 15);
+env-interrupt_index = 0;
+cpu_reset_interrupt(env, CPU_INTERRUPT_HARD);
+}
+}
+
+static void leon3_generic_hw_init(ram_addr_t ram_size,
+ const char *boot_device,
+ const char *kernel_filename,
+ const char *kernel_cmdline,
+ const char *initrd_filename,
+ const char *cpu_model)
+{
+CPUState *env;
+ram_addr_t ram_offset, prom_offset;
+int ret;
+char *filename;
+qemu_irq *cpu_irqs = NULL;
+int
[Qemu-devel] Re: [PATCH] pci/pcie: make pci_find_device() ARI aware.
On Mon, Jan 24, 2011 at 08:39:57PM +0900, Isaku Yamahata wrote:
On Sun, Jan 23, 2011 at 05:57:53PM +0200, Michael S. Tsirkin wrote:
On Sat, Jan 22, 2011 at 01:39:57AM +0900, Isaku Yamahata wrote:
On Fri, Jan 21, 2011 at 04:29:41PM +0200, Michael S. Tsirkin wrote:
On Fri, Jan 21, 2011 at 07:44:16PM +0900, Isaku Yamahata wrote:
On Thu, Jan 20, 2011 at 04:15:48PM +0200, Michael S. Tsirkin wrote:
On Thu, Jan 20, 2011 at 03:57:39PM +0900, Isaku Yamahata wrote:
make pci_find_device() ARI aware.
Signed-off-by: Isaku Yamahata yamah...@valinux.co.jp
---
hw/pci.c |7 +++
1 files changed, 7 insertions(+), 0 deletions(-)
diff --git a/hw/pci.c b/hw/pci.c
index 8d0e3df..851f350 100644
--- a/hw/pci.c
+++ b/hw/pci.c
@@ -1596,11 +1596,18 @@ PCIBus *pci_find_bus(PCIBus *bus, int
bus_num)
PCIDevice *pci_find_device(PCIBus *bus, int bus_num, int slot,
int function)
{
+PCIDevice *d;
bus = pci_find_bus(bus, bus_num);
if (!bus)
return NULL;
+d = bus-parent_dev;
+if (d pci_is_express(d)
+pcie_cap_get_type(d) == PCI_EXP_TYPE_DOWNSTREAM
+!pcie_cap_is_ari_enabled(d) slot 0) {
+return NULL;
+}
return bus-devices[PCI_DEVFN(slot, function)];
}
I'd like to split this express-specific code out in some way.
Further, the downstream port always has a single slot.
Maybe it shouldn't be a bus at all, but this needs some thought.
Yes, it needs consideration.
How about we put flag in PCIBus that says that a single
slot is supported? Downstream ports would just set it.
So such a flag must be set/clear by something like
pcie_cap_ari_write_config()
depending on ARI bit at runtime.
Well, to figure it out, could you please describe what is the situation
your patch tries to fix? I would generally would like a reason for the
change to be given in commit logs, please try to avoid just restating
what the patch does.
It seems that I should have added the comment to refer the spec.
I'd like to implement ARI enable bit correctly.
Downstream port(and root port) doesn't forward pci transaction for
function 7 by default for compatibility,
Only when ARI forwarding enable bit of downstream/root port is set,
the virtual p2p bridge forwards pci transaction for
function 7 (i.e. slot 0).
Oh, I see, yes, function 7 gets described as slot 0.
I think this is what I missed.
Hmm, it'd pretty confusing. Should we fix this,
pass devfn all over?
Sounds to make sense.
Although it seems only pci_find_device() will be affected at a glance,
I'll look into it more closely.
I now understand what the code does, it just needs
a good comment that explains that at the moment
slot encodes the high bits of the device id.
Also, let's replace pcie_cap_is_ari_enabled
with an inline that does all the relevant logic
E.g.
/* With PCI Express Endpoints, there's a single device behind
each downstream port bus, and bits 3:7 of the function number get
encoded in the slot number (the Express spec calls it the Device
Number). This allows 8 functions, but
these extended functions are only accessible when the
Alternative routing-ID Interpretation (ARI)
capability is enabled in the downstream port. With that capability
disabled the port enforces the Device Number field being 0.*/
static inline
bool pcie_check_slot(PCIDevice *dev)
{
return !pci_is_express(dev) || !slot ||
pcie_cap_get_type(dev) != PCI_EXP_TYPE_DOWNSTREAM ||
(pci_get_long(dev-config + dev-exp.exp_cap + PCI_EXP_DEVCTL2)
PCI_EXP_DEVCTL2_ARI);
}
Okay.
6.13 Alternative routing-ID Interpretation(ARI)
7.8.15 Device capabilites 2 register
ARI forwarding supproted
7.8.16 Device control 2 register
ARI forwarding Enable
5 ARI Forwarding Enable When set, the Downstream Port
disables its traditional Device Number field being 0 enforcement
when turning a Type 1 Configuration Request into a Type 0
Configuration Request, permitting access to Extended Functions
in an ARI Device immediately below the Port. See Section 6.13.
Default value of this bit is 0b. Must be hardwired to 0b if the ARI
Forwarding Supported bit is 0b.
Oh, the patch should check root port in addition to downstream port.
It should? Where does it say so?
I wasn't clear enough.
pcie_check_slot() above should include something like
!((type == downstream) ||
(type == root the below is endpoint))
So:
(pcie_cap_get_type(dev) != PCI_EXP_TYPE_DOWNSTREAM
pcie_cap_get_type(dev) != PCI_EXP_ROOT)
I
[Qemu-devel] Re: [PATCH 11/18] Introduce VCPU self-signaling service
On Mon, Jan 10, 2011 at 09:32:04AM +0100, Jan Kiszka wrote: From: Jan Kiszka jan.kis...@siemens.com Introduce qemu_cpu_kick_self to send SIG_IPI to the calling VCPU context. First user will be kvm. Signed-off-by: Jan Kiszka jan.kis...@siemens.com For the updated patch, can't see where thread_kicked is cleared.
[Qemu-devel] Re: TCG flow vs dyngen
On 01/17/2011 12:59 PM, Lluís wrote: Stefano Bonifazi writes: Hi! In case you are interested in helping me, I'll give you a big piece of news I've just got (even my teacher is not informed yet! :) ) I still don't understand what is your high-level objective... Lluis Hi! Sorry I've noticed your reply only know (dunno why I was not notified by email!) Do you mean what is my final goal?
[Qemu-devel] [PATCH 1/3] block: add block_resize monitor command
Add a monitor command that allows resizing of block devices while
qemu is running. It uses the existing bdrv_truncate method already
used by qemu-img to do it's work. Compared to qemu-img the size
parsing is very simplicistic, but I think having a properly numering
object is more useful for non-humand monitor users than having
the units and relative resize parsing.
For SCSI devices the new size can be updated in Linux guests by
doing the following shell command:
echo /sys/class/scsi_device/0:0:0:0/device/rescan
For ATA devices I don't know of a way to update the block device
size in Linux system, and for virtio-blk the next two patches
will provide an automatic update of the size when this command
is issued on the host.
Signed-off-by: Christoph Hellwig h...@lst.de
Index: qemu/hmp-commands.hx
===
--- qemu.orig/hmp-commands.hx 2011-01-24 11:55:36.744254374 +0100
+++ qemu/hmp-commands.hx2011-01-24 11:56:23.619254094 +0100
@@ -53,6 +53,25 @@ Quit the emulator.
ETEXI
{
+.name = block_resize,
+.args_type = device:B,size:o,
+.params = device size,
+.help = resize a block image,
+.user_print = monitor_user_noop,
+.mhandler.cmd_new = do_block_resize,
+},
+
+STEXI
+@item block_resize
+@findex block_resize
+Resize a block image while a guest is running. Usually requires guest
+action to see the updated size. Resize to a lower size is supported,
+but should be used with extreme caution. Note that this command only
+resizes image files, it can not resize block devices like LVM volumes.
+ETEXI
+
+
+{
.name = eject,
.args_type = force:-f,device:B,
.params = [-f] device,
Index: qemu/blockdev.c
===
--- qemu.orig/blockdev.c2011-01-24 11:56:20.903004129 +0100
+++ qemu/blockdev.c 2011-01-24 11:56:38.391254165 +0100
@@ -705,3 +705,33 @@ int do_drive_del(Monitor *mon, const QDi
return 0;
}
+
+/*
+ * XXX: replace the QERR_UNDEFINED_ERROR errors with real values once the
+ * existing QERR_ macro mess is cleaned up. A good example for better
+ * error reports can be found in the qemu-img resize code.
+ */
+int do_block_resize(Monitor *mon, const QDict *qdict, QObject **ret_data)
+{
+const char *device = qdict_get_str(qdict, device);
+int64_t size = qdict_get_int(qdict, size);
+BlockDriverState *bs;
+
+bs = bdrv_find(device);
+if (!bs) {
+qerror_report(QERR_DEVICE_NOT_FOUND, device);
+return -1;
+}
+
+if (size 0) {
+qerror_report(QERR_UNDEFINED_ERROR);
+return -1;
+}
+
+if (bdrv_truncate(bs, size)) {
+qerror_report(QERR_UNDEFINED_ERROR);
+return -1;
+}
+
+return 0;
+}
Index: qemu/blockdev.h
===
--- qemu.orig/blockdev.h2011-01-24 11:55:36.764254165 +0100
+++ qemu/blockdev.h 2011-01-24 11:56:23.627253465 +0100
@@ -53,5 +53,6 @@ int do_change_block(Monitor *mon, const
const char *filename, const char *fmt);
int do_drive_del(Monitor *mon, const QDict *qdict, QObject **ret_data);
int do_snapshot_blkdev(Monitor *mon, const QDict *qdict, QObject **ret_data);
+int do_block_resize(Monitor *mon, const QDict *qdict, QObject **ret_data);
#endif
Index: qemu/qmp-commands.hx
===
--- qemu.orig/qmp-commands.hx 2011-01-24 11:55:36.771253955 +0100
+++ qemu/qmp-commands.hx2011-01-24 11:56:23.632253884 +0100
@@ -601,6 +601,34 @@ Example:
- { execute: netdev_del, arguments: { id: netdev1 } }
- { return: {} }
+
+EQMP
+
+{
+.name = block_resize,
+.args_type = device:B,size:o,
+.params = device size,
+.help = resize a block image,
+.user_print = monitor_user_noop,
+.mhandler.cmd_new = do_block_resize,
+},
+
+SQMP
+block_resize
+
+
+Resize a block image while a guest is running.
+
+Arguments:
+
+- device: the device's ID, must be unique (json-string)
+- size: new size
+
+Example:
+
+- { execute: block_resize, arguments: { device: scratch, size:
1073741824 } }
+- { return: {} }
+
EQMP
{
[Qemu-devel] [PATCH 2/3] block: tell drivers about an image resize
Extend the change_cb callback with a reason argument, and use it
to tell drivers about size changes.
Signed-off-by: Christoph Hellwig h...@lst.de
Index: qemu/block.c
===
--- qemu.orig/block.c 2011-01-24 11:56:20.899004129 +0100
+++ qemu/block.c2011-01-24 11:56:39.796004269 +0100
@@ -645,7 +645,7 @@ int bdrv_open(BlockDriverState *bs, cons
/* call the change callback */
bs-media_changed = 1;
if (bs-change_cb)
-bs-change_cb(bs-change_opaque);
+bs-change_cb(bs-change_opaque, CHANGE_MEDIA);
}
return 0;
@@ -684,7 +684,7 @@ void bdrv_close(BlockDriverState *bs)
/* call the change callback */
bs-media_changed = 1;
if (bs-change_cb)
-bs-change_cb(bs-change_opaque);
+bs-change_cb(bs-change_opaque, CHANGE_MEDIA);
}
}
@@ -1135,6 +1135,9 @@ int bdrv_truncate(BlockDriverState *bs,
ret = drv-bdrv_truncate(bs, offset);
if (ret == 0) {
ret = refresh_total_sectors(bs, offset BDRV_SECTOR_BITS);
+if (bs-change_cb) {
+bs-change_cb(bs-change_opaque, CHANGE_SIZE);
+}
}
return ret;
}
@@ -1366,7 +1369,8 @@ int bdrv_enable_write_cache(BlockDriverS
/* XXX: no longer used */
void bdrv_set_change_cb(BlockDriverState *bs,
-void (*change_cb)(void *opaque), void *opaque)
+void (*change_cb)(void *opaque, int reason),
+void *opaque)
{
bs-change_cb = change_cb;
bs-change_opaque = opaque;
@@ -1411,7 +1415,7 @@ int bdrv_set_key(BlockDriverState *bs, c
/* call the change callback now, we skipped it on open */
bs-media_changed = 1;
if (bs-change_cb)
-bs-change_cb(bs-change_opaque);
+bs-change_cb(bs-change_opaque, CHANGE_MEDIA);
}
return ret;
}
Index: qemu/block.h
===
--- qemu.orig/block.h 2011-01-24 11:52:25.248004200 +0100
+++ qemu/block.h2011-01-24 11:56:39.797004269 +0100
@@ -182,7 +182,8 @@ int bdrv_is_locked(BlockDriverState *bs)
void bdrv_set_locked(BlockDriverState *bs, int locked);
int bdrv_eject(BlockDriverState *bs, int eject_flag);
void bdrv_set_change_cb(BlockDriverState *bs,
-void (*change_cb)(void *opaque), void *opaque);
+void (*change_cb)(void *opaque, int reason),
+void *opaque);
void bdrv_get_format(BlockDriverState *bs, char *buf, int buf_size);
BlockDriverState *bdrv_find(const char *name);
BlockDriverState *bdrv_next(BlockDriverState *bs);
Index: qemu/block_int.h
===
--- qemu.orig/block_int.h 2011-01-24 11:52:25.255004060 +0100
+++ qemu/block_int.h2011-01-24 11:56:39.801004059 +0100
@@ -153,7 +153,7 @@ struct BlockDriverState {
int valid_key; /* if true, a valid encryption key has been set */
int sg;/* if true, the device is a /dev/sg* */
/* event callback when inserting/removing */
-void (*change_cb)(void *opaque);
+void (*change_cb)(void *opaque, int reason);
void *change_opaque;
BlockDriver *drv; /* NULL means no media */
@@ -203,6 +203,9 @@ struct BlockDriverState {
void *private;
};
+#define CHANGE_MEDIA 0x01
+#define CHANGE_SIZE0x02
+
struct BlockDriverAIOCB {
AIOPool *pool;
BlockDriverState *bs;
Index: qemu/hw/ide/core.c
===
--- qemu.orig/hw/ide/core.c 2011-01-24 11:56:20.904004339 +0100
+++ qemu/hw/ide/core.c 2011-01-24 11:56:39.807004199 +0100
@@ -1584,11 +1584,15 @@ static void ide_cfata_metadata_write(IDE
}
/* called when the inserted state of the media has changed */
-static void cdrom_change_cb(void *opaque)
+static void cdrom_change_cb(void *opaque, int reason)
{
IDEState *s = opaque;
uint64_t nb_sectors;
+if (!(reason CHANGE_MEDIA)) {
+return;
+}
+
bdrv_get_geometry(s-bs, nb_sectors);
s-nb_sectors = nb_sectors;
Index: qemu/hw/sd.c
===
--- qemu.orig/hw/sd.c 2011-01-24 11:52:25.281004130 +0100
+++ qemu/hw/sd.c2011-01-24 11:56:39.813007971 +0100
@@ -422,9 +422,14 @@ static void sd_reset(SDState *sd, BlockD
sd-pwd_len = 0;
}
-static void sd_cardchange(void *opaque)
+static void sd_cardchange(void *opaque, int reason)
{
SDState *sd = opaque;
+
+if (!(reason CHANGE_MEDIA)) {
+return;
+}
+
qemu_set_irq(sd-inserted_cb, bdrv_is_inserted(sd-bdrv));
if (bdrv_is_inserted(sd-bdrv)) {
sd_reset(sd, sd-bdrv);
[Qemu-devel] [PATCH 0/3 v3] allow online resizing of block devices
This patchset adds support for online resizing of block devices. The first patch adds a new resize monitor command which call into the existing image resize code. This is the meat of the series and probably needs quite a bit of review and help as I'm not sure about how to implement the error handling for monitor commands correctly. Am I really supposed to add a new QERR_ definition for each possible error? And if yes how am I supposed to define them? The macros for them aren't exactly self-explaining. The second patch adds a way to tell drivers about a resize, and the third one adds a guest notification for config changes to virtio-blk which allows the guest to pick it up without a rescan. I've just sent the corresponding Linux guest driver patch to Rusty. Changes from version 2 to version 3: - add missing braces - use device as the argument name for the device string - also rename the HMP version of the command to block_resize Changes from version 1 to version 2: - also add a QMP command (block_resize) - use the o format for the size in the monitor command - fix typos - use QERR_UNDEFINED_ERROR for errors instead of unstructured strings - remove the CDROM hint check - add a reason argument to the change callback ---end quoted text---
[Qemu-devel] [PATCH 3/3] virtio-blk: tell the guest about size changes
Raise a config change interrupt when the size changed. This allows
virtio-blk guest drivers to read-read the information from the
config space once it got the config chaged interrupt.
Signed-off-by: Christoph Hellwig h...@lst.de
Index: qemu/hw/virtio-blk.c
===
--- qemu.orig/hw/virtio-blk.c 2011-01-20 10:32:50.455032625 +0100
+++ qemu/hw/virtio-blk.c2011-01-24 11:56:42.833004269 +0100
@@ -504,6 +504,15 @@ static int virtio_blk_load(QEMUFile *f,
return 0;
}
+static void virtio_blk_change_cb(void *opaque, int reason)
+{
+VirtIOBlock *s = opaque;
+
+if (reason CHANGE_SIZE) {
+virtio_notify_config(s-vdev);
+}
+}
+
VirtIODevice *virtio_blk_init(DeviceState *dev, BlockConf *conf)
{
VirtIOBlock *s;
@@ -546,6 +555,7 @@ VirtIODevice *virtio_blk_init(DeviceStat
register_savevm(dev, virtio-blk, virtio_blk_id++, 2,
virtio_blk_save, virtio_blk_load, s);
bdrv_set_removable(s-bs, 0);
+bdrv_set_change_cb(s-bs, virtio_blk_change_cb, s);
s-bs-buffer_alignment = conf-logical_block_size;
add_boot_device_path(conf-bootindex, dev, /disk@0,0);
[Qemu-devel] Re: [PATCH 11/18] Introduce VCPU self-signaling service
On 2011-01-24 12:47, Marcelo Tosatti wrote: On Mon, Jan 10, 2011 at 09:32:04AM +0100, Jan Kiszka wrote: From: Jan Kiszka jan.kis...@siemens.com Introduce qemu_cpu_kick_self to send SIG_IPI to the calling VCPU context. First user will be kvm. Signed-off-by: Jan Kiszka jan.kis...@siemens.com For the updated patch, can't see where thread_kicked is cleared. Prevent abortion on multiple VCPU kicks, 6 patches earlier (assuming you are hopefully looking at the patch queue in my git, not some older postings). Jan signature.asc Description: OpenPGP digital signature
[Qemu-devel] Re: TCG flow vs dyngen
On 01/16/2011 10:08 PM, Raphaël Lefèvre wrote: 2011/1/17 Stefano Bonifazistefboombas...@gmail.com: Hi! In case you are interested in helping me, I'll give you a big piece of news I've just got (even my teacher is not informed yet! :) ) I've just managed to make more than one instance of qemu-user run at the same time linking the target code with a specified address for the code section (-Ttext address of ld). It works fine and this proves my idea that the problem is within the elf loader.. Making it relocate the target code properly would fix the problem ;) Now let's work on it :) Regards, Stefano B. Congratulation~ just keep going on~! Raphaël Lefèvre Thank you! Working on the elf loader I found out many problems on that code.. If you are interested you can have a look to my last post! Best regards! Stefano B.
Re: [Qemu-devel] [PATCH] target-arm: Set the right overflow bit for neon 32 and 64 bit saturating add/sub.
On 21.01.2011 18:58, Peter Maydell wrote:
I've reviewed this patch and tested it in the usual way
and can confirm that it now sets the right saturation bit;
mostly it is OK. However...
Thanks!
[...]
the indentation in this hunk is wrong -- qemu standard is four-space.
Oops. What is the official emacs configuration to get the right qemu style?
You can check for this sort of thing by running scripts/checkpatch.pl,
Thanks for the pointer.
Here is an updated patch with these minor fixes.
Christophe.
Signed-off-by: Christophe Lyon christophe.l...@st.com
---
target-arm/helpers.h | 12 --
target-arm/neon_helper.c | 89 ++
target-arm/op_helper.c | 49 -
target-arm/translate.c | 18 -
4 files changed, 105 insertions(+), 63 deletions(-)
diff --git a/target-arm/helpers.h b/target-arm/helpers.h
index b88ebae..8a2564e 100644
--- a/target-arm/helpers.h
+++ b/target-arm/helpers.h
@@ -137,10 +137,6 @@ DEF_HELPER_2(rsqrte_f32, f32, f32, env)
DEF_HELPER_2(recpe_u32, i32, i32, env)
DEF_HELPER_2(rsqrte_u32, i32, i32, env)
DEF_HELPER_4(neon_tbl, i32, i32, i32, i32, i32)
-DEF_HELPER_2(neon_add_saturate_u64, i64, i64, i64)
-DEF_HELPER_2(neon_add_saturate_s64, i64, i64, i64)
-DEF_HELPER_2(neon_sub_saturate_u64, i64, i64, i64)
-DEF_HELPER_2(neon_sub_saturate_s64, i64, i64, i64)
DEF_HELPER_2(add_cc, i32, i32, i32)
DEF_HELPER_2(adc_cc, i32, i32, i32)
@@ -160,10 +156,18 @@ DEF_HELPER_3(neon_qadd_u8, i32, env, i32, i32)
DEF_HELPER_3(neon_qadd_s8, i32, env, i32, i32)
DEF_HELPER_3(neon_qadd_u16, i32, env, i32, i32)
DEF_HELPER_3(neon_qadd_s16, i32, env, i32, i32)
+DEF_HELPER_3(neon_qadd_u32, i32, env, i32, i32)
+DEF_HELPER_3(neon_qadd_s32, i32, env, i32, i32)
DEF_HELPER_3(neon_qsub_u8, i32, env, i32, i32)
DEF_HELPER_3(neon_qsub_s8, i32, env, i32, i32)
DEF_HELPER_3(neon_qsub_u16, i32, env, i32, i32)
DEF_HELPER_3(neon_qsub_s16, i32, env, i32, i32)
+DEF_HELPER_3(neon_qsub_u32, i32, env, i32, i32)
+DEF_HELPER_3(neon_qsub_s32, i32, env, i32, i32)
+DEF_HELPER_3(neon_qadd_u64, i64, env, i64, i64)
+DEF_HELPER_3(neon_qadd_s64, i64, env, i64, i64)
+DEF_HELPER_3(neon_qsub_u64, i64, env, i64, i64)
+DEF_HELPER_3(neon_qsub_s64, i64, env, i64, i64)
DEF_HELPER_2(neon_hadd_s8, i32, i32, i32)
DEF_HELPER_2(neon_hadd_u8, i32, i32, i32)
diff --git a/target-arm/neon_helper.c b/target-arm/neon_helper.c
index 20f3c16..c1619c0 100644
--- a/target-arm/neon_helper.c
+++ b/target-arm/neon_helper.c
@@ -198,6 +198,28 @@ NEON_VOP_ENV(qadd_u16, neon_u16, 2)
#undef NEON_FN
#undef NEON_USAT
+uint32_t HELPER(neon_qadd_u32)(CPUState *env, uint32_t a, uint32_t b)
+{
+uint32_t res = a + b;
+if (res a) {
+SET_QC();
+res = ~0;
+}
+return res;
+}
+
+uint64_t HELPER(neon_qadd_u64)(CPUState *env, uint64_t src1, uint64_t src2)
+{
+ uint64_t res;
+
+ res = src1 + src2;
+ if (res src1) {
+SET_QC();
+res = ~(uint64_t)0;
+ }
+ return res;
+}
+
#define NEON_SSAT(dest, src1, src2, type) do { \
int32_t tmp = (uint32_t)src1 + (uint32_t)src2; \
if (tmp != (type)tmp) { \
@@ -218,6 +240,28 @@ NEON_VOP_ENV(qadd_s16, neon_s16, 2)
#undef NEON_FN
#undef NEON_SSAT
+uint32_t HELPER(neon_qadd_s32)(CPUState *env, uint32_t a, uint32_t b)
+{
+uint32_t res = a + b;
+if (((res ^ a) SIGNBIT) !((a ^ b) SIGNBIT)) {
+SET_QC();
+res = ~(((int32_t)a 31) ^ SIGNBIT);
+}
+return res;
+}
+
+uint64_t HELPER(neon_qadd_s64)(CPUState *env, uint64_t src1, uint64_t src2)
+{
+ uint64_t res;
+
+ res = src1 + src2;
+ if (((res ^ src1) SIGNBIT64) !((src1 ^ src2) SIGNBIT64)) {
+SET_QC();
+res = ((int64_t)src1 63) ^ ~SIGNBIT64;
+ }
+ return res;
+}
+
#define NEON_USAT(dest, src1, src2, type) do { \
uint32_t tmp = (uint32_t)src1 - (uint32_t)src2; \
if (tmp != (type)tmp) { \
@@ -234,6 +278,29 @@ NEON_VOP_ENV(qsub_u16, neon_u16, 2)
#undef NEON_FN
#undef NEON_USAT
+uint32_t HELPER(neon_qsub_u32)(CPUState *env, uint32_t a, uint32_t b)
+{
+uint32_t res = a - b;
+if (res a) {
+SET_QC();
+res = 0;
+}
+return res;
+}
+
+uint64_t HELPER(neon_qsub_u64)(CPUState *env, uint64_t src1, uint64_t src2)
+{
+ uint64_t res;
+
+ if (src1 src2) {
+SET_QC();
+res = 0;
+ } else {
+res = src1 - src2;
+ }
+ return res;
+}
+
#define NEON_SSAT(dest, src1, src2, type) do { \
int32_t tmp = (uint32_t)src1 - (uint32_t)src2; \
if (tmp != (type)tmp) { \
@@ -254,6 +321,28 @@ NEON_VOP_ENV(qsub_s16, neon_s16, 2)
#undef NEON_FN
#undef NEON_SSAT
+uint32_t HELPER(neon_qsub_s32)(CPUState *env, uint32_t a, uint32_t b)
+{
+uint32_t res = a - b;
+if (((res ^ a) SIGNBIT) ((a ^ b) SIGNBIT)) {
+SET_QC();
+res = ~(((int32_t)a 31) ^ SIGNBIT);
+}
+return res;
+}
+
+uint64_t HELPER(neon_qsub_s64)(CPUState *env, uint64_t src1, uint64_t src2)
+{
+ uint64_t res;
+
+ res = src1 - src2;
+ if (((res ^ src1)
[Qemu-devel] Re: [PATCH 07/18] kvm: Add MCE signal support for !CONFIG_IOTHREAD
On 2011-01-24 12:17, Marcelo Tosatti wrote:
On Mon, Jan 10, 2011 at 09:32:00AM +0100, Jan Kiszka wrote:
From: Jan Kiszka jan.kis...@siemens.com
Currently, we only configure and process MCE-related SIGBUS events if
CONFIG_IOTHREAD is enabled. Fix this by factoring out the required
handler registration and system configuration. Make sure that events
happening over a VCPU context in non-threaded mode get dispatched as
VCPU MCEs.
We also need to call qemu_kvm_eat_signals in non-threaded mode now, so
move it (unmodified) and add the required Windows stub.
Signed-off-by: Jan Kiszka jan.kis...@siemens.com
CC: Huang Ying ying.hu...@intel.com
---
cpus.c | 200
+++
1 files changed, 124 insertions(+), 76 deletions(-)
diff --git a/cpus.c b/cpus.c
index 6da0f8f..b6f1cfb 100644
--- a/cpus.c
+++ b/cpus.c
@@ -34,9 +34,6 @@
#include cpus.h
#include compatfd.h
-#ifdef CONFIG_LINUX
-#include sys/prctl.h
-#endif
#ifdef SIGRTMIN
#define SIG_IPI (SIGRTMIN+4)
@@ -44,10 +41,24 @@
#define SIG_IPI SIGUSR1
#endif
@@ -912,6 +954,8 @@ static int qemu_cpu_exec(CPUState *env)
bool cpu_exec_all(void)
{
+int r;
+
if (next_cpu == NULL)
next_cpu = first_cpu;
for (; next_cpu != NULL !exit_request; next_cpu =
next_cpu-next_cpu) {
@@ -923,7 +967,11 @@ bool cpu_exec_all(void)
if (qemu_alarm_pending())
break;
if (cpu_can_run(env)) {
-if (qemu_cpu_exec(env) == EXCP_DEBUG) {
+r = qemu_cpu_exec(env);
+if (kvm_enabled()) {
+qemu_kvm_eat_signals(env);
+}
+if (r == EXCP_DEBUG) {
break;
}
SIGBUS should be processed outside of vcpu execution context, think of a
non MCE SIGBUS while vm is stopped. Could use signalfd for that.
signalfd - that's the missing bit. I was thinking of how to handle
SIGBUS events raised outside the vcpu context. We need to handle them
synchronously, and signalfd should allow this.
But the SIGBUS handler for !IOTHREAD case should not ignore Action
Required, since it might have been generated in vcpu context.
Yes, the sigbus handler will require some rework when we actually start
using it for !IOTHREAD.
Will have a look, thanks,
Jan
signature.asc
Description: OpenPGP digital signature
Re: [Qemu-devel] Re: [RFC][PATCH 00/12] qcow2: Convert qcow2 to use coroutines for async I/O
On Mon, Jan 24, 2011 at 11:58 AM, Kevin Wolf kw...@redhat.com wrote: Am 22.01.2011 10:29, schrieb Stefan Hajnoczi: Kevin: Do you like this approach and do you want to develop it further? I think it looks like a good start. The code will look much nicer this way than with the callback jungle that you tried out in QED. I'm not completely sure about patches 10 and 12, I don't think I agree with the conversion approach. By making bdrv_pread/pwrite asynchronous, you force drivers to be converted all at once - which leads to big hammers as in patch 12 (by the way, I'm curious if you have tried how much performance is hurt?) I have not measured performance. We're serializing requests and doing a bunch of extra system calls per request so I expect a noticable degradation. With some profiling and optimization we should be able to get good performance though. Wouldn't we be better off if we added a bdrv_co_pread/pwrite and converted qcow2 step by step? I'm not sure what the easy way forward would be with patch 12, looks more like a dead end to me (though I haven't looked at it for more than a few minutes yet). I think you're right. I wanted to prove that it is possible to make qcow2 asynchronous using coroutines. Perhaps we should lay off on making everything asynchronous and instead convert code incrementally. We wouldn't need patch 10 or patch 12. There is one interesting feature of patch 10, it allows code to do block I/O from normal and coroutine context. i.e. you don't have to rewrite all your metadata functions in order to use them from both contexts. This can be achieved or worked around in other ways, but I think it's a neat feature :). One more thing I want to mention is that bdrv_aio_read doesn't have the same semantics as bdrv_read with respect to EOF. The AIO one returns -EINVAL when reading beyond EOF whereas bdrv_read returns zeros. I'd expect that we'll hit this with the conversion. Thanks for pointing this out, I didn't know that. I would like convert QED to use coroutines because we may be able to simplify the code significantly. Do you want to take over the qcow2 side of things from here? I'm happy to do clean ups first so the code is in a state that you feel comfortable with, just let me know. Stefan
[Qemu-devel] [PATCH] configure: Fix spice probe
From: Jiri Denemark jiri.denem...@gmail.com
Non-existent $pkgconfig instead of $pkg_config was used when configure
probes for spice availability.
Signed-off-by: Jiri Denemark jdene...@redhat.com
---
configure |6 +++---
1 files changed, 3 insertions(+), 3 deletions(-)
diff --git a/configure b/configure
index 210670c..dc469b2 100755
--- a/configure
+++ b/configure
@@ -2207,9 +2207,9 @@ if test $spice != no ; then
#include spice.h
int main(void) { spice_server_new(); return 0; }
EOF
- spice_cflags=$($pkgconfig --cflags spice-protocol spice-server 2/dev/null)
- spice_libs=$($pkgconfig --libs spice-protocol spice-server 2/dev/null)
- if $pkgconfig --atleast-version=0.5.3 spice-server /dev/null 21 \
+ spice_cflags=$($pkg_config --cflags spice-protocol spice-server 2/dev/null)
+ spice_libs=$($pkg_config --libs spice-protocol spice-server 2/dev/null)
+ if $pkg_config --atleast-version=0.5.3 spice-server /dev/null 21 \
compile_prog $spice_cflags $spice_libs ; then
spice=yes
libs_softmmu=$libs_softmmu $spice_libs
--
1.7.4.rc2
[Qemu-devel] Re: TCG flow vs dyngen
On 01/16/2011 08:24 PM, Peter Maydell wrote: 2011/1/16 Stefano Bonifazistefboombas...@gmail.com: I need to make the different instances of qemu-user exchange data .. obviously keeping all of them in the same address space would be the easiest way (unless I have to change all qemu code ;) ) The problem is that you're trying to break a fundamental assumption made by a lot of qemu code. That's a large job which involves understanding, checking and possibly changing lots of already written code. In contrast, the code you need to exchange data between the instances is going to be fairly small and self contained and you'll already understand it because you've written it/will write it. I think it's pretty clear which one is going to be easier. Running each qemu as its own process and using interprocess communication for whatever coordination you need between the various instances seems more likely to be workable to me. Exactly, it was the easiest way also for me.. and I've already done it, works smoothly .. the only big problem is that it is not good for my teacher.. he says it should work the dynamic library way o.O I think he's wrong. (You might like to think about what happens if the program being emulated in qemu user-mode does a fork()). Basically you're trying to do things the hard way; maybe you can get something that sort of works in the subset of cases you care about, but why on earth put in that much time and effort on something irrelevant to the actual problem you're trying to work on? -- PMM Well my teacher's answer was that it is useless doing that, as there are already plenty of solutions based on IPC .. they are interested in this other approach, testing it .. They are not interested on how difficult it can be for a student, how long it can take.. :( Best regards, Stefano B.
[Qemu-devel] Agenda for Jan 25
Plase send in any agenda items you are interested in covering. thanks, Juan.
[Qemu-devel] KVM call agenda for Jan 25
Please send in any agenda items you are interested in covering. thanks, -chris
[Qemu-devel] Re: [RFC/PATCH] elfload: add FDPIC support
On 01/09/2011 09:48 AM, Mike Frysinger wrote:
This is a PoC at this point, but it seems to be working for me. At
least, all the current crashes I'm seeing are due to my Blackfin port
being incomplete. All of the FDPIC table parsing seems to be OK ...
If someone with a more functional target would like to try this, that'd
be cool. Or if people want to give feedback on how to approach this
problem so I can adjust the details now.
Signed-off-by: Mike Frysingervap...@gentoo.org
---
elf.h| 19 ++
linux-user/elfload.c | 67 ++
linux-user/qemu.h|8 ++
3 files changed, 94 insertions(+), 0 deletions(-)
diff --git a/elf.h b/elf.h
index 7067c90..d2f24f4 100644
--- a/elf.h
+++ b/elf.h
@@ -1191,6 +1191,25 @@ typedef struct elf64_note {
Elf64_Word n_type; /* Content type */
} Elf64_Nhdr;
+
+/* This data structure represents a PT_LOAD segment. */
+struct elf32_fdpic_loadseg {
+ /* Core address to which the segment is mapped. */
+ Elf32_Addr addr;
+ /* VMA recorded in the program header. */
+ Elf32_Addr p_vaddr;
+ /* Size of this segment in memory. */
+ Elf32_Word p_memsz;
+};
+struct elf32_fdpic_loadmap {
+ /* Protocol version number, must be zero. */
+ Elf32_Half version;
+ /* Number of segments in this map. */
+ Elf32_Half nsegs;
+ /* The actual memory map. */
+ struct elf32_fdpic_loadseg segs[/*nsegs*/];
+};
+
#ifdef ELF_CLASS
#if ELF_CLASS == ELFCLASS32
diff --git a/linux-user/elfload.c b/linux-user/elfload.c
index 33d776d..8100ffd 100644
--- a/linux-user/elfload.c
+++ b/linux-user/elfload.c
@@ -1075,6 +1075,32 @@ static void zero_bss(abi_ulong elf_bss, abi_ulong
last_bss, int prot)
}
}
+#ifdef CONFIG_USE_FDPIC
+static abi_ulong loader_build_fdpic_loadmap(struct image_info *info, abi_ulong
sp)
+{
+uint16_t n;
+struct elf32_fdpic_loadseg *loadsegs = info-loadsegs;
+
+/* elf32_fdpic_loadseg */
+for (n = 0; n info-nsegs; ++n) {
+sp -= 12;
+put_user_u32(loadsegs[n].addr, sp+0);
+put_user_u32(loadsegs[n].p_vaddr, sp+4);
+put_user_u32(loadsegs[n].p_memsz, sp+8);
+}
+
+/* elf32_fdpic_loadmap */
+sp -= 4;
+put_user_u16(0, sp+0); /* version */
+put_user_u16(info-nsegs, sp+2); /* nsegs */
+
+info-personality = PER_LINUX_FDPIC;
+info-loadmap_addr = sp;
+
+return sp;
+}
+#endif
+
static abi_ulong create_elf_tables(abi_ulong p, int argc, int envc,
struct elfhdr *exec,
struct image_info *info,
@@ -1087,6 +1113,21 @@ static abi_ulong create_elf_tables(abi_ulong p, int
argc, int envc,
const int n = sizeof(elf_addr_t);
sp = p;
+
+#ifdef CONFIG_USE_FDPIC
+/* Needs to be before we load the env/argc/... */
+if (elf_is_fdpic(exec)) {
+/* Need 4 byte alignment for these structs */
+sp= ~3;
+sp = loader_build_fdpic_loadmap(info, sp);
+info-other_info = interp_info;
+if (interp_info) {
+interp_info-other_info = info;
+sp = loader_build_fdpic_loadmap(interp_info, sp);
+}
+}
+#endif
+
u_platform = 0;
k_platform = ELF_PLATFORM;
if (k_platform) {
@@ -1197,6 +1238,11 @@ static void load_elf_image(const char *image_name, int
image_fd,
}
bswap_phdr(phdr, ehdr-e_phnum);
+#ifdef CONFIG_USE_FDPIC
+info-nsegs = 0;
+info-pt_dynamic_addr = 0;
+#endif
+
/* Find the maximum size of the image and allocate an appropriate
amount of memory to handle that. */
loaddr = -1, hiaddr = 0;
@@ -1210,6 +1256,11 @@ static void load_elf_image(const char *image_name, int
image_fd,
if (a hiaddr) {
hiaddr = a;
}
+#ifdef CONFIG_USE_FDPIC
+++info-nsegs;
+} else if (phdr[i].p_type == PT_DYNAMIC) {
+info-pt_dynamic_addr = phdr[i].p_vaddr;
+#endif
}
}
@@ -1290,6 +1341,22 @@ static void load_elf_image(const char *image_name, int
image_fd,
}
load_bias = load_addr - loaddr;
+#ifdef CONFIG_USE_FDPIC
+{
+struct elf32_fdpic_loadseg *loadsegs = info-loadsegs =
+qemu_malloc(sizeof(*loadsegs) * info-nsegs);
+
+for (i = 0; i ehdr-e_phnum; ++i) {
+if (phdr[i].p_type != PT_LOAD)
+continue;
+loadsegs-addr = phdr[i].p_vaddr + load_bias;
+loadsegs-p_vaddr = phdr[i].p_vaddr;
+loadsegs-p_memsz = phdr[i].p_memsz;
+ ++loadsegs;
+}
+}
+#endif
+
info-load_bias = load_bias;
info-load_addr = load_addr;
info-entry = ehdr-e_entry + load_bias;
diff --git a/linux-user/qemu.h b/linux-user/qemu.h
index 32de241..0924a1a 100644
--- a/linux-user/qemu.h
+++ b/linux-user/qemu.h
@@ -51,6 +51,14 @@ struct image_info {
abi_ulong arg_start;
abi_ulong arg_end;
int
Re: [Qemu-devel] Re: TCG flow vs dyngen
Stefano Bonifazi writes: Do you mean what is my final goal? Exactly. A higher level perspective of what is our ultimate goal might help others figure out better ways to do it. Right now I don't remember what you posted your where technically trying to do, but I do remember it looked convoluted to me. Lluis -- And it's much the same thing with knowledge, for whenever you learn something new, the whole world becomes that much richer. -- The Princess of Pure Reason, as told by Norton Juster in The Phantom Tollbooth
[Qemu-devel] Re: [PATCH] pci: memory leak of PCIDevice::rom_file
On Mon, Jan 24, 2011 at 07:00:47PM +0900, Isaku Yamahata wrote: PCIDevice::rom_file is leaked. PCIDevice::rom_file is allocated in pci_qdev_init(), but not freed anywhere. free it in qemu_unregister_device(). Signed-off-by: Isaku Yamahata yamah...@valinux.co.jp Applied, thanks. --- hw/pci.c |1 + 1 files changed, 1 insertions(+), 0 deletions(-) diff --git a/hw/pci.c b/hw/pci.c index b8f5385..044c4bd 100644 --- a/hw/pci.c +++ b/hw/pci.c @@ -833,6 +833,7 @@ static int pci_unregister_device(DeviceState *dev) pci_unregister_io_regions(pci_dev); pci_del_option_rom(pci_dev); +qemu_free(pci_dev-romfile); do_pci_unregister_device(pci_dev); return 0; } -- 1.7.1.1
Re: [Qemu-devel] [PATCH] target-arm: Set the right overflow bit for neon 32 and 64 bit saturating add/sub.
On 24 January 2011 12:41, Christophe Lyon christophe.l...@st.com wrote: On 21.01.2011 18:58, Peter Maydell wrote: the indentation in this hunk is wrong -- qemu standard is four-space. Oops. What is the official emacs configuration to get the right qemu style? I don't know about official, but what I use is this: https://wiki.linaro.org/PeterMaydell/QemuEmacsStyle -- PMM
[Qemu-devel] Re: [RFC][PATCH v6 07/23] virtagent: base server definitions
On 01/21/11 18:55, Michael Roth wrote: On 01/21/2011 10:38 AM, Jes Sorensen wrote: +#includexmlrpc-c/base.h +#includexmlrpc-c/server.h + +#define GUEST_AGENT_SERVICE_ID virtagent +#define GUEST_AGENT_PATH /tmp/virtagent-guest.sock +#define HOST_AGENT_SERVICE_ID virtagent-host +#define HOST_AGENT_PATH /tmp/virtagent-host.sock +#define VA_GETFILE_MAX 1 30 +#define VA_FILEBUF_LEN 16384 +#define VA_DMESG_LEN 16384 I really don't like these hard coded constants - you you have a command line interface allowing for the change of the sockets and file names? Otherwise you'll hit problems on the host side with concurrent runs of qemu. Yup, that's one of the TODOs. In terms of configuration we can add parameters to the chardev to override these, but the goal here is sane defaults to avoid unnecessarily complicated invocations. As a sane default, using name.pid or something along those lines is better. It is very common to run more than one qemu instance at a time. I really would like to see the dmesg stuff removed too for now as we discussed earlier. I think as a development/support tool it has a recently strong use case, even given it's limitations (which are not so badwe retrieve up to a max of 16KB, possibly less depending on guest configuration, so it's not entirely predictable, but it's not dangerous. It's platform-specific, but that's handled by capabilities negotiation). There is plenty of good ways to do the same thing, copy file to host, then view is just as easy and can be scripted, without the security implications of having it inline. I just don't really see the downside to keeping it in. It's obviously contentious, and it is not core functionality. In order to get the patches adapted upstream it would easy the process to remove it and keep it as a separate patch. Cheers, Jes
Re: [Qemu-devel] [RFC][PATCH 11/12] qcow2: Convert qcow2 to use coroutines for async I/O
On Sun, Jan 23, 2011 at 11:40 PM, Anthony Liguori anth...@codemonkey.ws wrote: On 01/22/2011 03:29 AM, Stefan Hajnoczi wrote: Converting qcow2 to use coroutines is fairly simple since most of qcow2 is synchronous. The synchronous I/O functions likes bdrv_pread() now transparently work when called from a coroutine, so all the synchronous code just works. The explicitly asynchronous code is adjusted to repeatedly call qcow2_aio_read_cb() or qcow2_aio_write_cb() until the request completes. At that point the coroutine will return from its entry function and its resources are freed. The bdrv_aio_readv() and bdrv_aio_writev() user callback is now invoked from a BH. This is necessary since the user callback code does not expect to be executed from a coroutine. This conversion is not completely correct because the safety the synchronous code does not carry over to the coroutine version. Previously, a synchronous code path could assume that it will never be interleaved with another request executing. This is no longer true because bdrv_pread() and bdrv_pwrite() cause the coroutine to yield and other requests can be processed during that time. The solution is to carefully introduce checks so that pending requests do not step on each other's toes. That is left for a future patch... Signed-off-by: Stefan Hajnoczistefa...@linux.vnet.ibm.com As an alternative approach, could we trap async calls from the block device, implement them in a synchronous fashion, then issue the callback immediately? This would mean that qcow_aio_write() would become fully synchronous which also means that you can track when the operation is completed entirely within the block layer. IOW, it should be possible to do this with almost no change to qcow2. I'm not sure I understand what you're suggesting. Right now bdrv_read() for coroutines is implemented on top of bdrv_aio_readv(). And bdrv_pread() is implemented on top of bdrv_read(). It doesn't make sense to me to implement bdrv_aio_readv() in terms of bdrv_read(). Also is it safe to invoke the callback without a BH? I think this is the right approach too. If we're using coroutines, we shouldn't do anything asynchronous in the image formats. The good bit about this is that we can probably dramatically simplify the block layer API but eliminating the sync/async versions of everything. Hardware emulation needs the asynchronous API so I don't think we can get rid of bdrv_aio_readv(), bdrv_aio_writev(), and bdrv_aio_flush() completely. IDE and SCSI also like to be able to cancel their aio requests. Non-invasive coroutines support in the block layer will allow us to easily make the more obscure image formats asynchronous too :). Stefan
Re: [Qemu-devel] [PATCH v4 1/3] qcow2: Add QcowCache
On Thu, Jan 20, 2011 at 5:10 PM, Kevin Wolf kw...@redhat.com wrote:
+int qcow2_cache_get(BlockDriverState *bs, Qcow2Cache *c, uint64_t offset,
+ void **table)
[...]
+int qcow2_cache_put(BlockDriverState *bs, Qcow2Cache *c, void **table)
+{
+ int i;
+
+ for (i = 0; i c-size; i++) {
+ if (c-entries[i].table == *table) {
+ goto found;
+ }
+ }
+ return -ENOENT;
+
+found:
Using void **table instead of a QCowCacheEntry struct has two disadvantages:
1. The fact that you're holding a reference is not explicit. It makes
it unclear whether we're dealing with a cached table or not. In user
code, uint64_t *l2_table doesn't tell me whether this table is in the
cache or is being managed outside the cache. Therefore it's hard to
check that the necessary qcow2_cache_put() calls are being made.
2. qcow2-cache.c needs to scan through the cache linearly looking for
void *table on every call. If the user holds an explicit
QCowCacheEntry then no lookup is necessary.
Stefan
Re: [Qemu-devel] Re: TCG flow vs dyngen
On 01/24/2011 02:36 PM, Lluís wrote: Stefano Bonifazi writes: Do you mean what is my final goal? Exactly. A higher level perspective of what is our ultimate goal might help others figure out better ways to do it. Right now I don't remember what you posted your where technically trying to do, but I do remember it looked convoluted to me. Lluis Sorry if I could not explain it better before, but it was not totally clear for me too since the beginning, as I get new specs from my teacher on the way, according what I manage to do, and where I find big obstacles! Now, the final goal is to get multiple instances of qemu-ppc driven by a systemc project executing on a x86 machine, with the different qemu-ppc instances used as emulators for power-pc binaries.. I would get the results of the run of the various ppc binaries back to the systemc project and work with the results then. I've already managed to integrate systemc with qemu-ppc, and I managed to load multiple instances of qemu together, by loading it as a dynamic library. I think much confusion about my goals was originated by the fact that the first attempt (failed) was to use qemu-user for loading many target binaries one after the other.. Then I changed for having many instances of qemu-user at the same time inside the same process.. The actual problem is letting qemu-user able of loading target code at a different address than the one chosen by the link editor when creating the binary.. If you are interested in that I've just created a new post about it: http://lists.nongnu.org/archive/html/qemu-devel/2011-01/msg02361.html Best regards, Stefano B.
Re: [Qemu-devel] [PATCH] configure: Fix spice probe
On 01/24/11 13:20, Jiri Denemark wrote: From: Jiri Denemarkjiri.denem...@gmail.com Non-existent $pkgconfig instead of $pkg_config was used when configure probes for spice availability. What tree you are looking at? It _is_ $pkgconfig in mine ... cheers, Gerd
Re: [Qemu-devel] [PATCH 28/35] kvm: x86: Introduce kvmclock device to save/restore its state
On 2011-01-21 19:49, Blue Swirl wrote: I'd add fourth possible class: - device, CPU and machine configuration, like nographic, win2k_install_hack, no_hpet, smp_cpus etc. Maybe also irqchip_in_kernel could fit here, though it obviously depends on a host capability too. I would count everything that cannot be assigned to a concrete device upfront to the dynamic state of a machine, thus class 2. The point is, (potentially) every device of that machine requires access to it, just like (indirectly, via the KVM core services) to some KVM VM state bits. The machine class should not be a catch-all, it would be like QEMUState or KVMState then. Perhaps each field or variable should be listed and given more thought. Let's start with what is most urgent: - vmfd: file descriptor required for any KVM request that has VM scope (in-kernel device creation, device state synchronizations, IRQ routing etc.) - irqchip_in_kernel: VM uses in-kernel irqchip acceleration (some devices will have to adjust their behavior depending on this) pit_in_kernel would be analogue to irqchip, but it's also conceptually x86-only (irqchips is only used by x86, but not tied to it) and it's not mandatory for a first round of KVM devices for upstream. Jan -- Siemens AG, Corporate Technology, CT T DE IT 1 Corporate Competence Center Embedded Linux
Re: [Qemu-devel] [PATCH] loader: memory leak in rom_add_file() on error path
Isaku Yamahata yamah...@valinux.co.jp writes: fix memory leak in rom_add_file(). Signed-off-by: Isaku Yamahata yamah...@valinux.co.jp --- hw/loader.c |2 ++ 1 files changed, 2 insertions(+), 0 deletions(-) diff --git a/hw/loader.c b/hw/loader.c index 35d792e..6cba8c5 100644 --- a/hw/loader.c +++ b/hw/loader.c @@ -618,6 +618,8 @@ int rom_add_file(const char *file, const char *fw_dir, err: if (fd != -1) close(fd); +qemu_free(rom-fw_file); +qemu_free(rom-fw_dir); qemu_free(rom-data); qemu_free(rom-path); qemu_free(rom-name); Reviewed-by: Markus Armbruster arm...@redhat.com
Re: [Qemu-devel] [PATCH] configure: Fix spice probe
On Mon, Jan 24, 2011 at 15:01:27 +0100, Gerd Hoffmann wrote: On 01/24/11 13:20, Jiri Denemark wrote: From: Jiri Denemarkjiri.denem...@gmail.com Non-existent $pkgconfig instead of $pkg_config was used when configure probes for spice availability. What tree you are looking at? It _is_ $pkgconfig in mine ... Yes, it is. And that's the problem, since $pkgconfig is not ever set inside configure script. However, $pkg_config is set and used all over the script so this patch makes spice probe use correct $pkg_config. Jirka
Re: [Qemu-devel] [PATCH] configure: Fix spice probe
On Mon, Jan 24, 2011 at 03:01:27PM +0100, Gerd Hoffmann wrote: On 01/24/11 13:20, Jiri Denemark wrote: From: Jiri Denemarkjiri.denem...@gmail.com Non-existent $pkgconfig instead of $pkg_config was used when configure probes for spice availability. What tree you are looking at? It _is_ $pkgconfig in mine ... And it needs to be $pkg_config - someone did a cleanup and decided to rename $pkgconfig-$pkg_config recently. cheers, Gerd
Re: [Qemu-devel] [PATCH] configure: Fix spice probe
On Mon, Jan 24, 2011 at 15:17:17 +0100, Jiri Denemark wrote: On Mon, Jan 24, 2011 at 15:01:27 +0100, Gerd Hoffmann wrote: On 01/24/11 13:20, Jiri Denemark wrote: From: Jiri Denemarkjiri.denem...@gmail.com Non-existent $pkgconfig instead of $pkg_config was used when configure probes for spice availability. What tree you are looking at? It _is_ $pkgconfig in mine ... Yes, it is. And that's the problem, since $pkgconfig is not ever set inside configure script. However, $pkg_config is set and used all over the script so this patch makes spice probe use correct $pkg_config. Looking at git://git.qemu.org/qemu.git tree. Jirka
[Qemu-devel] [PATCH] Correct win32 timers deleting
This patch fixes resource leaks caused by quitting qemu with exit() function
on win32 host.
Timer object should be freed not only at the end of the main function, but
by every of the application exits.
Signed-off-by:
---
qemu-timer.c | 14 +++---
vl.c |1 -
2 files changed, 11 insertions(+), 4 deletions(-)
diff --git a/qemu-timer.c b/qemu-timer.c
index 95814af..548f2e5 100644
--- a/qemu-timer.c
+++ b/qemu-timer.c
@@ -972,7 +972,10 @@ static int win32_start_timer(struct qemu_alarm_timer
*t)
timeGetDevCaps(tc, sizeof(tc));
data-period = tc.wPeriodMin;
-timeBeginPeriod(data-period);
+if (timeBeginPeriod(data-period) != TIMERR_NOERROR) {
+fprintf(stderr, Failed to initialize win32 alarm timer\n);
+return -1;
+}
flags = TIME_CALLBACK_FUNCTION;
if (alarm_has_dynticks(t))
@@ -990,6 +993,7 @@ static int win32_start_timer(struct qemu_alarm_timer *t)
fprintf(stderr, Failed to initialize win32 alarm timer: %ld\n,
GetLastError());
timeEndPeriod(data-period);
+data-period = 0;
return -1;
}
@@ -1000,8 +1004,10 @@ static void win32_stop_timer(struct qemu_alarm_timer
*t)
{
struct qemu_alarm_win32 *data = t-priv;
-timeKillEvent(data-timerId);
-timeEndPeriod(data-period);
+if (data-timerId)
+timeKillEvent(data-timerId);
+if (data-period)
+timeEndPeriod(data-period);
}
static void win32_rearm_timer(struct qemu_alarm_timer *t)
@@ -1027,6 +1033,7 @@ static void win32_rearm_timer(struct qemu_alarm_timer
*t)
GetLastError());
timeEndPeriod(data-period);
+data-period = 0;
exit(1);
}
}
@@ -1061,6 +1068,7 @@ int init_timer_alarm(void)
t-pending = 1;
alarm_timer = t;
qemu_add_vm_change_state_handler(alarm_timer_on_change_state_rearm, t);
+atexit(quit_timers);
return 0;
diff --git a/vl.c b/vl.c
index 0292184..c4b25b0 100644
--- a/vl.c
+++ b/vl.c
@@ -3118,7 +3118,6 @@ int main(int argc, char **argv, char **envp)
os_setup_post();
main_loop();
-quit_timers();
net_cleanup();
return 0;
[Qemu-devel] [PATCH] Correct win32 timers deleting
This patch fixes resource leaks caused by quitting qemu with exit() function
on win32 host.
Timer object should be freed not only at the end of the main function, but
by every of the application exits.
Signed-off-by: Pavel Dovgalyuk pavel.dovga...@gmail.com
---
qemu-timer.c | 14 +++---
vl.c |1 -
2 files changed, 11 insertions(+), 4 deletions(-)
diff --git a/qemu-timer.c b/qemu-timer.c index 95814af..548f2e5 100644
--- a/qemu-timer.c
+++ b/qemu-timer.c
@@ -972,7 +972,10 @@ static int win32_start_timer(struct qemu_alarm_timer
*t)
timeGetDevCaps(tc, sizeof(tc));
data-period = tc.wPeriodMin;
-timeBeginPeriod(data-period);
+if (timeBeginPeriod(data-period) != TIMERR_NOERROR) {
+fprintf(stderr, Failed to initialize win32 alarm timer\n);
+return -1;
+}
flags = TIME_CALLBACK_FUNCTION;
if (alarm_has_dynticks(t))
@@ -990,6 +993,7 @@ static int win32_start_timer(struct qemu_alarm_timer *t)
fprintf(stderr, Failed to initialize win32 alarm timer: %ld\n,
GetLastError());
timeEndPeriod(data-period);
+data-period = 0;
return -1;
}
@@ -1000,8 +1004,10 @@ static void win32_stop_timer(struct qemu_alarm_timer
*t) {
struct qemu_alarm_win32 *data = t-priv;
-timeKillEvent(data-timerId);
-timeEndPeriod(data-period);
+if (data-timerId)
+timeKillEvent(data-timerId);
+if (data-period)
+timeEndPeriod(data-period);
}
static void win32_rearm_timer(struct qemu_alarm_timer *t) @@ -1027,6
+1033,7 @@ static void win32_rearm_timer(struct qemu_alarm_timer *t)
GetLastError());
timeEndPeriod(data-period);
+data-period = 0;
exit(1);
}
}
@@ -1061,6 +1068,7 @@ int init_timer_alarm(void)
t-pending = 1;
alarm_timer = t;
qemu_add_vm_change_state_handler(alarm_timer_on_change_state_rearm, t);
+atexit(quit_timers);
return 0;
diff --git a/vl.c b/vl.c
index 0292184..c4b25b0 100644
--- a/vl.c
+++ b/vl.c
@@ -3118,7 +3118,6 @@ int main(int argc, char **argv, char **envp)
os_setup_post();
main_loop();
-quit_timers();
net_cleanup();
return 0;
Re: [Qemu-devel] TCG flow vs dyngen
2011/1/23 Rob Landley r...@landley.net: Keep in mind I'm a bit rusty and not an expert, but I'll give a stab at answering: ...here's a couple of clarifications: 2. how can I check the number of target cpu cycles or target instructions executed inside qemu-user (i.e. qemu-ppc)? You can't, because QEMU doesn't work that way. QEMU isn't an instruction level emulator, it's closer to a Java JIT. Being a JIT doesn't prohibit counting target instructions executed. It just means that counting them generally requires generating code to do the counting at runtime, so it's a more complicated change to make than it would be in a non-JIT emulator. The major reason for not counting cycles is that for an emulation of a modern CPU this is pretty nearly impossible: the number of cycles an instruction takes can depend on whether it causes a cache miss, which CPU internal pipeline it uses, whether it needs to stall waiting for a result from an earlier insn, whether the CPU correctly predicted the branch leading up to it or not, and on and on. You would need to precisely model all the internals of each variant of each CPU, which would be a mammoth undertaking requiring probably unpublished internal data, and if you ever managed to finish it then it would run incredibly slowly and would probably contain enough bugs you couldn't trust the data it gave you anyway. This means that QEMU can no longer run on a type of host it can't execute target code for This isn't correct; for instance there's hppa support in TCG for hppa hosts but no hppa target support, and there's sh4 target support but no TCG backend for it. The two ends are cleanly separated in qemu and don't generally depend on each other. -- PMM
Re: [Qemu-devel] [PATCH] configure: Fix spice probe
On 01/24/11 15:20, Alon Levy wrote: On Mon, Jan 24, 2011 at 03:01:27PM +0100, Gerd Hoffmann wrote: On 01/24/11 13:20, Jiri Denemark wrote: From: Jiri Denemarkjiri.denem...@gmail.com Non-existent $pkgconfig instead of $pkg_config was used when configure probes for spice availability. What tree you are looking at? It _is_ $pkgconfig in mine ... And it needs to be $pkg_config - someone did a cleanup and decided to rename $pkgconfig-$pkg_config recently. Ah, now after rebasing to latest master I see it too. /me goes pick the patch into the spice queue. thanks, Gerd
[Qemu-devel] Invitation to connect on LinkedIn
LinkedIn Sam Liao requested to add you as a connection on LinkedIn: -- Jiajun, I'd like to add you to my professional network on LinkedIn. - Sam Accept invitation from Sam Liao http://www.linkedin.com/e/-kkb1ec-gjbhkca2-1/qTMmi8QEI_f3FNXUkL1mvZgy00BGYniwg3/blk/I89507642_11/pmpxnSRJrSdvj4R5fnhv9ClRsDgZp6lQs6lzoQ5AomZIpn8_cj5vczgSdP0Rejx9bPBIkktKrk4JbP8PdzwQejAVcj8LrCBxbOYWrSlI/EML_comm_afe/ View invitation from Sam Liao http://www.linkedin.com/e/-kkb1ec-gjbhkca2-1/qTMmi8QEI_f3FNXUkL1mvZgy00BGYniwg3/blk/I89507642_11/0NclYOd3oTc3kVe4ALqnpPbOYWrSlI/svi/ -- DID YOU KNOW your LinkedIn profile helps you control your public image when people search for you? Setting your profile as public means your LinkedIn profile will come up when people enter your name in leading search engines. Take control of your image! http://www.linkedin.com/e/-kkb1ec-gjbhkca2-1/ewp/inv-22/ -- (c) 2010, LinkedIn Corporation
Re: [Qemu-devel] [PATCH v3 2/4] scsi: Allow SCSI devices to override the removable bit
On Fri, Jan 21, 2011 at 06:26:14PM +0100, Markus Armbruster wrote:
Stefan Hajnoczi stefa...@linux.vnet.ibm.com writes:
Some SCSI devices may wish to override the removable bit. Add support
for a qdev property on the SCSI device.
I find this description a bit misleading. The qdev property is added in
1/4. Here, you merely extend scsi_bus_legacy_add_drive() to provide
access to it. Its primary users (-drive if=scsi friends) don't use
that access. But there's another user: usb_msd_initfn()[*], and 3/4
will make that one use the access.
I guess I'd squash 2+3 together, but that's strictly a matter of taste.
You're right, the description is poor. Sorry about that.
Signed-off-by: Stefan Hajnoczi stefa...@linux.vnet.ibm.com
---
hw/pci-hotplug.c |2 +-
hw/scsi-bus.c|8 ++--
hw/scsi.h|3 ++-
hw/usb-msd.c |2 +-
4 files changed, 10 insertions(+), 5 deletions(-)
diff --git a/hw/pci-hotplug.c b/hw/pci-hotplug.c
index 716133c..270a982 100644
--- a/hw/pci-hotplug.c
+++ b/hw/pci-hotplug.c
@@ -90,7 +90,7 @@ static int scsi_hot_add(Monitor *mon, DeviceState
*adapter,
* specified).
*/
dinfo-unit = qemu_opt_get_number(dinfo-opts, unit, -1);
-scsidev = scsi_bus_legacy_add_drive(scsibus, dinfo-bdrv, dinfo-unit);
+scsidev = scsi_bus_legacy_add_drive(scsibus, dinfo-bdrv, dinfo-unit,
false);
if (!scsidev) {
return -1;
}
diff --git a/hw/scsi-bus.c b/hw/scsi-bus.c
index 7febb86..ceeb4ec 100644
--- a/hw/scsi-bus.c
+++ b/hw/scsi-bus.c
@@ -87,7 +87,8 @@ void scsi_qdev_register(SCSIDeviceInfo *info)
}
/* handle legacy '-drive if=scsi,...' cmd line args */
-SCSIDevice *scsi_bus_legacy_add_drive(SCSIBus *bus, BlockDriverState
*bdrv, int unit)
+SCSIDevice *scsi_bus_legacy_add_drive(SCSIBus *bus, BlockDriverState *bdrv,
+ int unit, bool removable)
{
const char *driver;
DeviceState *dev;
@@ -95,6 +96,9 @@ SCSIDevice *scsi_bus_legacy_add_drive(SCSIBus *bus,
BlockDriverState *bdrv, int
driver = bdrv_is_sg(bdrv) ? scsi-generic : scsi-disk;
dev = qdev_create(bus-qbus, driver);
qdev_prop_set_uint32(dev, scsi-id, unit);
+if (qdev_prop_exists(dev, removable)) {
Isn't this just a funky way to check for scsi-disk?
Removable gets silently ignored for -device usb-storage with a scsi
generic drive. Worth nothing in 4/4.
Yes, it only applies for scsi-disk and I'll note that in 4/4.
Stefan
