Jan Kiszka [Tue, 15 Mar 2011 11:26:26 +0000 (12:26 +0100)]
kvm: Reorder error handling of KVM_RUN
Test for general errors first as this is the slower path.
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Signed-off-by: Marcelo Tosatti <mtosatti@redhat.com>
Jan Kiszka [Tue, 15 Mar 2011 11:26:25 +0000 (12:26 +0100)]
kvm: Keep KVM_RUN return value in separate variable
Avoid using 'ret' both for the return value of KVM_RUN as well as the
code kvm_cpu_exec is supposed to return. Both have no direct relation.
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Signed-off-by: Marcelo Tosatti <mtosatti@redhat.com>
Jan Kiszka [Tue, 15 Mar 2011 11:26:24 +0000 (12:26 +0100)]
kvm: Consider EXIT_DEBUG unknown without CAP_SET_GUEST_DEBUG
Without KVM_CAP_SET_GUEST_DEBUG, we neither motivate the kernel to
report KVM_EXIT_DEBUG nor do we expect such exits. So fall through to
the arch code which will simply report an unknown exit reason.
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Signed-off-by: Marcelo Tosatti <mtosatti@redhat.com>
Jan Kiszka [Tue, 15 Mar 2011 11:26:23 +0000 (12:26 +0100)]
kvm: x86: Synchronize PAT MSR with the kernel
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Signed-off-by: Marcelo Tosatti <mtosatti@redhat.com>
Jan Kiszka [Tue, 15 Mar 2011 11:26:22 +0000 (12:26 +0100)]
x86: Save/restore PAT MSR
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Signed-off-by: Marcelo Tosatti <mtosatti@redhat.com>
Jan Kiszka [Tue, 15 Mar 2011 11:26:21 +0000 (12:26 +0100)]
x86: Properly reset PAT MSR
Conforming to the Intel spec, set the power-on value of PAT also on
reset, but save it across INIT.
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Signed-off-by: Marcelo Tosatti <mtosatti@redhat.com>
Jan Kiszka [Tue, 15 Mar 2011 11:26:20 +0000 (12:26 +0100)]
kvm: Mark VCPU state dirty on creation
This avoids that early cpu_synchronize_state calls try to retrieve an
uninitialized state from the kernel. That even causes a deadlock if
io-thread is enabled.
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Signed-off-by: Marcelo Tosatti <mtosatti@redhat.com>
Jan Kiszka [Tue, 15 Mar 2011 11:26:19 +0000 (12:26 +0100)]
kvm: x86: Do not leave halt if interrupts are disabled
When an external interrupt is pending but IF is cleared, we must not
leave the halt state prematurely.
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Signed-off-by: Marcelo Tosatti <mtosatti@redhat.com>
Jan Kiszka [Tue, 15 Mar 2011 11:26:18 +0000 (12:26 +0100)]
kvm: Add in-kernel irqchip awareness to cpu_thread_is_idle
With in-kernel irqchip support enabled, the vcpu threads sleep in kernel
space while halted. Account for this difference in cpu_thread_is_idle.
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Signed-off-by: Marcelo Tosatti <mtosatti@redhat.com>
Jan Kiszka [Tue, 15 Mar 2011 11:26:14 +0000 (12:26 +0100)]
s390: Detect invalid invocations of qemu_ram_free/remap
This both detects invalid invocations of qemu_ram_free and
qemu_ram_remap when mem_path is non-NULL and fixes a build error on
s390 ("'area' may be used uninitialized in this function").
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
CC: Alexander Graf <agraf@suse.de>
Signed-off-by: Marcelo Tosatti <mtosatti@redhat.com>
Jan Kiszka [Tue, 15 Mar 2011 11:26:13 +0000 (12:26 +0100)]
x86: Unbreak TCG support for hardware breakpoints
Commit
83f338f73e broke x86 hardware breakpoint emulation by moving the
debug exception handling out of cpu_exec. Fix this by moving all TCG
related bits back, only leaving the generic guest debugging parts in
cpus.c.
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
CC: TeLeMan <geleman@gmail.com>
Signed-off-by: Marcelo Tosatti <mtosatti@redhat.com>
Jan Kiszka [Tue, 15 Mar 2011 11:26:12 +0000 (12:26 +0100)]
Implement qemu_kvm_eat_signals only for CONFIG_LINUX
qemu_kvm_eat_signals requires POSIX support with realtime extensions for
sigtimedwait. Not all our target platforms provide this. Moreover,
undefined sigbus_reraise was referenced on non-Linux as well.
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
CC: Andreas Färber <andreas.faerber@web.de>
Signed-off-by: Marcelo Tosatti <mtosatti@redhat.com>
Huang Ying [Wed, 2 Mar 2011 07:56:20 +0000 (08:56 +0100)]
KVM, MCE, unpoison memory address across reboot
In Linux kernel HWPoison processing implementation, the virtual
address in processes mapping the error physical memory page is marked
as HWPoison. So that, the further accessing to the virtual
address will kill corresponding processes with SIGBUS.
If the error physical memory page is used by a KVM guest, the SIGBUS
will be sent to QEMU, and QEMU will simulate a MCE to report that
memory error to the guest OS. If the guest OS can not recover from
the error (for example, the page is accessed by kernel code), guest OS
will reboot the system. But because the underlying host virtual
address backing the guest physical memory is still poisoned, if the
guest system accesses the corresponding guest physical memory even
after rebooting, the SIGBUS will still be sent to QEMU and MCE will be
simulated. That is, guest system can not recover via rebooting.
In fact, across rebooting, the contents of guest physical memory page
need not to be kept. We can allocate a new host physical page to
back the corresponding guest physical address.
This patch fixes this issue in QEMU-KVM via calling qemu_ram_remap()
to clear the corresponding page table entry, so that make it possible
to allocate a new page to recover the issue.
[ Jan: rebasing and tiny cleanups]
Signed-off-by: Huang Ying <ying.huang@intel.com>
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Signed-off-by: Marcelo Tosatti <mtosatti@redhat.com>
Huang Ying [Wed, 2 Mar 2011 07:56:19 +0000 (08:56 +0100)]
Add qemu_ram_remap
qemu_ram_remap() unmaps the specified RAM pages, then re-maps these
pages again. This is used by KVM HWPoison support to clear HWPoisoned
page tables across guest rebooting, so that a new page may be
allocated later to recover the memory error.
[ Jan: style fixlets, WIN32 fix ]
Signed-off-by: Huang Ying <ying.huang@intel.com>
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Signed-off-by: Marcelo Tosatti <mtosatti@redhat.com>
Jan Kiszka [Wed, 2 Mar 2011 07:56:18 +0000 (08:56 +0100)]
kvm: x86: Fail kvm_arch_init_vcpu if MCE initialization fails
There is no reason to continue if the kernel claims to support MCE but
then fails to process our request.
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
CC: Huang Ying <ying.huang@intel.com>
CC: Hidetoshi Seto <seto.hidetoshi@jp.fujitsu.com>
CC: Jin Dongming <jin.dongming@np.css.fujitsu.com>
Signed-off-by: Marcelo Tosatti <mtosatti@redhat.com>
Jan Kiszka [Wed, 2 Mar 2011 07:56:17 +0000 (08:56 +0100)]
kvm: x86: Clean up kvm_setup_mce
There is nothing to abstract here. Fold kvm_setup_mce into its caller
and fix up the error reporting (return code of kvm_vcpu_ioctl holds the
error value).
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
CC: Huang Ying <ying.huang@intel.com>
CC: Hidetoshi Seto <seto.hidetoshi@jp.fujitsu.com>
CC: Jin Dongming <jin.dongming@np.css.fujitsu.com>
Signed-off-by: Marcelo Tosatti <mtosatti@redhat.com>
Jan Kiszka [Wed, 2 Mar 2011 07:56:16 +0000 (08:56 +0100)]
kvm: x86: Consolidate TCG and KVM MCE injection code
This switches KVM's MCE injection path to cpu_x86_inject_mce, both for
SIGBUS and monitor initiated events. This means we prepare the MCA MSRs
in the VCPUState also for KVM.
We have to drop the MSRs writeback restrictions for this purpose which
is now safe as every uncoordinated MSR injection is removed with this
patch.
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
CC: Huang Ying <ying.huang@intel.com>
CC: Hidetoshi Seto <seto.hidetoshi@jp.fujitsu.com>
CC: Jin Dongming <jin.dongming@np.css.fujitsu.com>
Signed-off-by: Marcelo Tosatti <mtosatti@redhat.com>
Jan Kiszka [Wed, 2 Mar 2011 07:56:15 +0000 (08:56 +0100)]
x86: Run qemu_inject_x86_mce on target VCPU
We will use the current TCG-only MCE injection path for KVM as well, and
then this read-modify-write of the target VCPU state has to be performed
synchronously in the corresponding thread.
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Signed-off-by: Marcelo Tosatti <mtosatti@redhat.com>
Jan Kiszka [Wed, 2 Mar 2011 07:56:14 +0000 (08:56 +0100)]
kvm: x86: Inject pending MCE events on state writeback
The current way of injecting MCE events without updating of and
synchronizing with the CPUState is broken and causes spurious
corruptions of the MCE-related parts of the CPUState.
As a first step towards a fix, enhance the state writeback code with
support for injecting events that are pending in the CPUState. A pending
exception will then be signaled via cpu_interrupt(CPU_INTERRUPT_MCE).
And, just like for TCG, we need to leave the halt state when
CPU_INTERRUPT_MCE is pending (left broken for the to-be-removed old KVM
code).
This will also allow to unify TCG and KVM injection code.
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
CC: Huang Ying <ying.huang@intel.com>
CC: Hidetoshi Seto <seto.hidetoshi@jp.fujitsu.com>
CC: Jin Dongming <jin.dongming@np.css.fujitsu.com>
Signed-off-by: Marcelo Tosatti <mtosatti@redhat.com>
Jan Kiszka [Wed, 2 Mar 2011 07:56:13 +0000 (08:56 +0100)]
kvm: Rename kvm_arch_process_irqchip_events to async_events
We will broaden the scope of this function on x86 beyond irqchip events.
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Signed-off-by: Marcelo Tosatti <mtosatti@redhat.com>
Jan Kiszka [Wed, 2 Mar 2011 07:56:12 +0000 (08:56 +0100)]
kvm: x86: Move MCE functions together
Pure function suffling to avoid multiple #ifdef KVM_CAP_MCE sections,
no functional changes. While at it, annotate some #ifdef sections.
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
CC: Huang Ying <ying.huang@intel.com>
CC: Hidetoshi Seto <seto.hidetoshi@jp.fujitsu.com>
CC: Jin Dongming <jin.dongming@np.css.fujitsu.com>
Signed-off-by: Marcelo Tosatti <mtosatti@redhat.com>
Jan Kiszka [Wed, 2 Mar 2011 07:56:11 +0000 (08:56 +0100)]
Synchronize VCPU states before reset
This is required to support keeping VCPU states across a system reset.
If we do not read the current state before the reset,
cpu_synchronize_all_post_reset may write back incorrect state
information.
The first user of this will be MCE MSR synchronization which currently
works around the missing cpu_synchronize_all_states.
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Signed-off-by: Marcelo Tosatti <mtosatti@redhat.com>
Jan Kiszka [Wed, 2 Mar 2011 07:56:10 +0000 (08:56 +0100)]
x86: Optionally avoid injecting AO MCEs while others are pending
Allow to tell cpu_x86_inject_mce that it should ignore Action Optional
MCE events when the target VCPU is still processing another one. This
will be used by KVM soon.
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
CC: Huang Ying <ying.huang@intel.com>
CC: Hidetoshi Seto <seto.hidetoshi@jp.fujitsu.com>
CC: Jin Dongming <jin.dongming@np.css.fujitsu.com>
Signed-off-by: Marcelo Tosatti <mtosatti@redhat.com>
Jan Kiszka [Wed, 2 Mar 2011 07:56:09 +0000 (08:56 +0100)]
x86: Refine error reporting of MCE injection services
As this service is used by the human monitor, make sure that errors get
reported to the right channel, and also raise the verbosity.
This requires to move Monitor typedef in qemu-common.h to resolve the
include dependency.
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
CC: Huang Ying <ying.huang@intel.com>
CC: Hidetoshi Seto <seto.hidetoshi@jp.fujitsu.com>
CC: Jin Dongming <jin.dongming@np.css.fujitsu.com>
Signed-off-by: Marcelo Tosatti <mtosatti@redhat.com>
Jan Kiszka [Wed, 2 Mar 2011 07:56:08 +0000 (08:56 +0100)]
x86: Small cleanups of MCE helpers
Fix some code style issues, use proper headers, and align to cpu_x86
naming scheme. No functional changes.
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
CC: Huang Ying <ying.huang@intel.com>
CC: Hidetoshi Seto <seto.hidetoshi@jp.fujitsu.com>
CC: Jin Dongming <jin.dongming@np.css.fujitsu.com>
Signed-off-by: Marcelo Tosatti <mtosatti@redhat.com>
Jan Kiszka [Wed, 2 Mar 2011 07:56:07 +0000 (08:56 +0100)]
x86: Perform implicit mcg_status reset
Reorder mcg_status in CPUState to achieve automatic clearing on reset.
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
CC: Huang Ying <ying.huang@intel.com>
CC: Hidetoshi Seto <seto.hidetoshi@jp.fujitsu.com>
CC: Jin Dongming <jin.dongming@np.css.fujitsu.com>
Signed-off-by: Marcelo Tosatti <mtosatti@redhat.com>
Jan Kiszka [Wed, 2 Mar 2011 07:56:06 +0000 (08:56 +0100)]
x86: Account for MCE in cpu_has_work
MCEs can be injected asynchronously, so they can also terminate the halt
state.
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
CC: Huang Ying <ying.huang@intel.com>
CC: Hidetoshi Seto <seto.hidetoshi@jp.fujitsu.com>
CC: Jin Dongming <jin.dongming@np.css.fujitsu.com>
Signed-off-by: Marcelo Tosatti <mtosatti@redhat.com>
Jan Kiszka [Wed, 2 Mar 2011 07:56:05 +0000 (08:56 +0100)]
kvm: Fix build warning when KVM_CAP_SET_GUEST_DEBUG is lacking
Original fix by David Gibson.
CC: David Gibson <david@gibson.dropbear.id.au>
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Signed-off-by: Marcelo Tosatti <mtosatti@redhat.com>
Jan Kiszka [Wed, 2 Mar 2011 07:56:04 +0000 (08:56 +0100)]
kvm: ppc: Fix breakage of kvm_arch_pre_run/process_irqchip_events
Commit
7a39fe5882 failed to convert the right arch function.
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Signed-off-by: Marcelo Tosatti <mtosatti@redhat.com>
Paolo Bonzini [Sat, 12 Mar 2011 16:44:08 +0000 (17:44 +0100)]
add Win32 IPI service
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
Paolo Bonzini [Sat, 12 Mar 2011 16:44:07 +0000 (17:44 +0100)]
protect qemu_cpu_kick_self for Win32
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
Paolo Bonzini [Sat, 12 Mar 2011 16:44:06 +0000 (17:44 +0100)]
provide dummy signal init functions for win32
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
Paolo Bonzini [Sat, 12 Mar 2011 16:44:05 +0000 (17:44 +0100)]
merge all signal initialization with qemu_signalfd_init, rename
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
Paolo Bonzini [Sat, 12 Mar 2011 16:44:04 +0000 (17:44 +0100)]
iothread stops the vcpu thread via IPI
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
Paolo Bonzini [Sat, 12 Mar 2011 16:44:03 +0000 (17:44 +0100)]
do not use timedwait on qemu_cpu_cond
Whenever env->created becomes true, qemu_cpu_cond is signaled by
{kvm,tcg}_cpu_thread_fn.
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
Paolo Bonzini [Sat, 12 Mar 2011 16:44:02 +0000 (17:44 +0100)]
do not use timedwait on qemu_pause_cond
all_vcpus_paused can start returning true after penv->stopped changes
from 0 to 1. When this is done, qemu_pause_cond is always signaled.
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
Paolo Bonzini [Sat, 12 Mar 2011 16:44:01 +0000 (17:44 +0100)]
do not use timedwait on qemu_system_cond
qemu_main_loop_start is the only place where qemu_system_ready is set
to 1.
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
Paolo Bonzini [Sat, 12 Mar 2011 16:44:00 +0000 (17:44 +0100)]
do not use timedwait on qemu_halt_cond
The following conditions can cause cpu_has_work(env) to become true:
- env->queued_work_first: run_on_cpu is already kicking the VCPU
- env->stop = 1: pause_all_vcpus is already kicking the VCPU
- env->stopped = 0: resume_all_vcpus is already kicking the VCPU
- vm_running = 1: vm_start is calling resume_all_vcpus
- env->halted = 0: see previous patch
- qemu_cpu_has_work(env): when it becomes true, board code should set
env->halted = 0 too.
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
Paolo Bonzini [Sat, 12 Mar 2011 16:43:59 +0000 (17:43 +0100)]
always signal pause_cond after stopping a VCPU
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
Paolo Bonzini [Sat, 12 Mar 2011 16:43:58 +0000 (17:43 +0100)]
exit round-robin vcpu loop if cpu->stopped is true
Sometimes vcpus are stopped directly without going through ->stop = 1.
Exit the VCPU execution loop in this case as well.
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
Paolo Bonzini [Sat, 12 Mar 2011 16:43:57 +0000 (17:43 +0100)]
always qemu_cpu_kick after unhalting a cpu
This ensures env->halt_cond is broadcast, and the loop in
qemu_tcg_wait_io_event and qemu_kvm_wait_io_event is exited
naturally rather than through a timeout.
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
Paolo Bonzini [Sat, 12 Mar 2011 16:43:56 +0000 (17:43 +0100)]
inline cpu_halted into sole caller
All implementations are now the same, and there is only one caller,
so inline the function there.
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
Paolo Bonzini [Sat, 12 Mar 2011 16:43:55 +0000 (17:43 +0100)]
remove CONFIG_THREAD
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
Paolo Bonzini [Sat, 12 Mar 2011 16:43:54 +0000 (17:43 +0100)]
add assertions on the owner of a QemuMutex
These are already present in the Win32 implementation, add them to
the pthread wrappers as well. Use PTHREAD_MUTEX_ERRORCHECK for mutex
operations. Later we'll add tracking of the owner for cond_signal/broadcast.
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
Paolo Bonzini [Sat, 12 Mar 2011 16:43:53 +0000 (17:43 +0100)]
include qemu-thread.h early
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
Paolo Bonzini [Sat, 12 Mar 2011 16:43:52 +0000 (17:43 +0100)]
add win32 qemu-thread implementation
For now, qemu_cond_timedwait and qemu_mutex_timedlock are left as
POSIX-only functions. They can be removed later, once the patches
that remove their uses are in.
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
Jan Kiszka [Sat, 12 Mar 2011 16:43:51 +0000 (17:43 +0100)]
Refactor thread retrieval and check
We have qemu_cpu_self and qemu_thread_self. The latter is retrieving the
current thread, the former is checking for equality (using CPUState). We
also have qemu_thread_equal which is only used like qemu_cpu_self.
This refactors the interfaces, creating qemu_cpu_is_self and
qemu_thread_is_self as well ass qemu_thread_get_self.
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
Paolo Bonzini [Sat, 12 Mar 2011 16:43:50 +0000 (17:43 +0100)]
use win32 timer queues
Multimedia timers are only useful for compatibility with Windows NT 4.0
and earlier. Plus, the implementation in Wine is extremely heavyweight.
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
Paolo Bonzini [Sat, 12 Mar 2011 16:43:49 +0000 (17:43 +0100)]
implement win32 dynticks timer
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
Paolo Bonzini [Sat, 12 Mar 2011 16:43:48 +0000 (17:43 +0100)]
unlock iothread during WaitForMultipleObjects
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
Stefan Weil [Sat, 12 Mar 2011 16:43:56 +0000 (17:43 +0100)]
hw/fmopl: Fix buffer access out-of-bounds errors
Index 75 is one too large for AR_TABLE[75], DR_TABLE[75].
This error was reported by cppcheck.
hw/fmopl.c:600: error: Buffer access out-of-bounds: OPL.AR_TABLE
hw/fmopl.c:601: error: Buffer access out-of-bounds: OPL.DR_TABLE
Fix this by limiting the access to the allowed range.
MultiArcadeMachineEmulator has newer versions of fmopl,
but using these requires more efforts.
Cc: Blue Swirl <blauwirbel@gmail.com>
Reviewed-by: malc <av1474@comtv.ru>
Signed-off-by: Stefan Weil <weil@mail.berlios.de>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
William Dauchy [Sun, 6 Mar 2011 21:27:18 +0000 (22:27 +0100)]
moving eeprom initialization
The initialization should not be only on reset but also when initializing
the device.
It resolves a bug when hot plugging a pci network device: the mac address
was always null.
Signed-off-by: William Dauchy <wdauchy@gmail.com>
Signed-off-by: Wen Congyang <wency@cn.fujitsu.com>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
Blue Swirl [Sat, 12 Mar 2011 09:52:25 +0000 (09:52 +0000)]
pc: fix wrong CMOS values for floppy drives
Before commit
63ffb564dca94f8bda01ed6d209784104630a4d2, states for
floppy drives were calculated in fdc.c:fd_revalidate(). There it is
also considered whether a disk is inserted or not. The commit didn't copy
the logic completely to pc.c, which caused a regression.
Fix by adding the same check also to pc.c.
Reported-by: Stefan Hajnoczi <stefanha@linux.vnet.ibm.com>
Tested-by: Stefan Hajnoczi <stefanha@linux.vnet.ibm.com>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
Michal Simek [Fri, 4 Mar 2011 13:39:31 +0000 (14:39 +0100)]
microblaze: Add PVR for writeback cache, endians
Specify PVR for writeback cache, endians and others.
Signed-off-by: Michal Simek <monstr@monstr.eu>
Signed-off-by: Edgar E. Iglesias <edgar.iglesias@petalogix.com>
Michal Simek [Fri, 4 Mar 2011 11:31:14 +0000 (12:31 +0100)]
microblaze: Fix PetaLogix company name
trivial fix.
Signed-off-by: Michal Simek <monstr@monstr.eu>
Signed-off-by: Edgar E. Iglesias <edgar.iglesias@petalogix.com>
Anthony Liguori [Fri, 11 Mar 2011 14:03:55 +0000 (08:03 -0600)]
Merge remote branch 'stefanha/tracing' into staging
Juan Quintela [Thu, 10 Mar 2011 11:33:56 +0000 (12:33 +0100)]
vmstate: move timers to use test instead of version
Signed-off-by: Juan Quintela <quintela@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
Juan Quintela [Thu, 10 Mar 2011 11:33:55 +0000 (12:33 +0100)]
vmstate: be able to store/save a pci device from a pointer
Signed-off-by: Juan Quintela <quintela@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
Juan Quintela [Thu, 10 Mar 2011 11:33:54 +0000 (12:33 +0100)]
vmstate: Add a way to send a partial array
Signed-off-by: Juan Quintela <quintela@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
Juan Quintela [Thu, 10 Mar 2011 11:33:53 +0000 (12:33 +0100)]
vmstate: add VMSTATE_STRUCT_VARRAY_UINT32
Signed-off-by: Juan Quintela <quintela@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
Juan Quintela [Thu, 10 Mar 2011 11:33:52 +0000 (12:33 +0100)]
vmstate: add VMSTATE_INT64_ARRAY
Signed-off-by: Juan Quintela <quintela@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
Juan Quintela [Thu, 10 Mar 2011 11:33:51 +0000 (12:33 +0100)]
vmstate: add VMSTATE_STRUCT_VARRAY_INT32
Signed-off-by: Juan Quintela <quintela@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
Juan Quintela [Thu, 10 Mar 2011 11:33:50 +0000 (12:33 +0100)]
vmstate: add UINT32 VARRAYS
Signed-off-by: Juan Quintela <quintela@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
Juan Quintela [Thu, 10 Mar 2011 11:33:49 +0000 (12:33 +0100)]
vmstate: Fix varrays with uint8 indexes
Signed-off-by: Juan Quintela <quintela@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
Juan Quintela [Thu, 10 Mar 2011 11:33:48 +0000 (12:33 +0100)]
vmstate: add VMSTATE_UINT32_EQUAL
Signed-off-by: Juan Quintela <quintela@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
Stefan Weil [Thu, 3 Mar 2011 20:37:55 +0000 (21:37 +0100)]
vnc: Fix stack corruption and other bitmap related bugs
Commit
bc2429b9174ac2d3c56b7fd35884b0d89ec7fb02 introduced
a severe bug (stack corruption).
bitmap_clear was called with a wrong argument
which caused out-of-bound writes to the local variable width_mask.
This bug was detected with QEMU running on windows.
It also occurs with wine:
*** stack smashing detected ***: terminated
wine: Unhandled illegal instruction at address 0x6115c7 (thread 0009), starting debugger...
The bug is not windows specific!
Instead of fixing the wrong parameter value, bitmap_clear(), bitmap_set
and width_mask were removed, and bitmap_intersect() was replaced by
!bitmap_empty(). The new operation is much shorter and equivalent to
the old operations.
The declarations of the dirty bitmaps in vnc.h were also wrong for 64 bit
hosts because of a rounding effect: for these hosts, VNC_MAX_WIDTH is no
longer a multiple of (16 * BITS_PER_LONG), so the rounded value of
VNC_DIRTY_WORDS was too small.
Fix both declarations by using the macro which is designed for this
purpose.
Cc: Corentin Chary <corentincj@iksaif.net>
Cc: Wen Congyang <wency@cn.fujitsu.com>
Cc: Gerhard Wiesinger <lists@wiesinger.com>
Cc: Anthony Liguori <aliguori@us.ibm.com>
Signed-off-by: Stefan Weil <weil@mail.berlios.de>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
Jes Sorensen [Wed, 9 Mar 2011 15:54:34 +0000 (16:54 +0100)]
hmp-commands.hx: fix badly merged client_migrate_info command
client_migrate_info was merged badly, placing it between the command
and the documentation for another command. In addition it did not
respect the general rule of hmp-commands.hx, of having command
definition before the documentation.
Signed-off-by: Jes Sorensen <Jes.Sorensen@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
Vincent Palatin [Thu, 10 Mar 2011 20:47:46 +0000 (15:47 -0500)]
Fix performance regression in qemu_get_ram_ptr
When the commit
f471a17e9d869df3c6573f7ec02c4725676d6f3a converted the
ram_blocks structure to QLIST, it also removed the conditional check before
switching the current block at the beginning of the list.
In the common use case where ram_blocks has a few blocks with only one
frequently accessed (the main RAM), this has a performance impact as it
performs the useless list operations on each call (which are on a really
hot path).
On my machine emulation (ARM on amd64), this patch reduces the
percentage of CPU time spent in qemu_get_ram_ptr from 6.3% to 2.1% in the
profiling of a full boot.
Signed-off-by: Vincent Palatin <vpalatin@chromium.org>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
Edgar E. Iglesias [Thu, 10 Mar 2011 08:16:52 +0000 (09:16 +0100)]
xilinx-ethlite: Simplify byteswapping to/from brams
Signed-off-by: Edgar E. Iglesias <edgar.iglesias@petalogix.com>
Dmitry Eremin-Solenikov [Fri, 4 Mar 2011 00:54:59 +0000 (03:54 +0300)]
mainstone: PCMCIA support
Extend mst_fpga and mainstone with logic to support PCMCIA
attachment (IRQs, status regs).
Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Signed-off-by: Andrzej Zaborowski <andrew.zaborowski@intel.com>
Dmitry Eremin-Solenikov [Fri, 4 Mar 2011 00:54:58 +0000 (03:54 +0300)]
mainstone: use gpio 0 for connection of FPGA instead of hooking into PIC directly
Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Signed-off-by: Andrzej Zaborowski <andrew.zaborowski@intel.com>
Andrzej Zaborowski [Thu, 10 Mar 2011 02:31:02 +0000 (03:31 +0100)]
pxa2xx_timer: Get rid of .level in PXA2xxTimer0.
Andrzej Zaborowski [Thu, 10 Mar 2011 02:11:47 +0000 (03:11 +0100)]
pxa2xx_pic: fixup initialisation
This is based on Dmitry Eremin-Solenikov's patch but simplified.
Dmitry Eremin-Solenikov [Fri, 4 Mar 2011 00:40:59 +0000 (03:40 +0300)]
pxa2xx_timer: separate irq for pxa27x handling
First, sysbus_init_irq shan't be called on on-stack variables. Indeed,
it only stores a passed pointer in qdev and the stored irq is later
populated, so we get a nice write-to-stack bug.
Second, irq for pxa27x should probably be handled in a more gentler way,
as we should check if we have events to raise this irq.
Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Signed-off-by: Andrzej Zaborowski <andrew.zaborowski@intel.com>
Stefan Hajnoczi [Mon, 7 Mar 2011 08:06:10 +0000 (08:06 +0000)]
trace: Trace posix-aio-compat.c completion and cancellation
This patch adds paio_complete() and paio_cancel() trace events to
complement the paio_submit() event.
Signed-off-by: Stefan Hajnoczi <stefanha@linux.vnet.ibm.com>
Stefan Hajnoczi [Mon, 7 Mar 2011 07:58:04 +0000 (07:58 +0000)]
trace: Trace bdrv_aio_flush()
Add a trace event for bdrv_aio_flush() to complement the existing
bdrv_aio_readv() and bdrv_aio_writev() events.
Signed-off-by: Stefan Hajnoczi <stefanha@linux.vnet.ibm.com>
Stefan Hajnoczi [Sat, 26 Feb 2011 18:38:39 +0000 (18:38 +0000)]
simpletrace: Thread-safe tracing
Trace events outside the global mutex cannot be used with the simple
trace backend since it is not thread-safe. There is no check to prevent
them being enabled so people sometimes learn this the hard way.
This patch restructures the simple trace backend with a ring buffer
suitable for multiple concurrent writers. A writeout thread empties the
trace buffer when threshold fill levels are reached. Should the
writeout thread be unable to keep up with trace generation, records will
simply be dropped.
Each time events are dropped a special record is written to the trace
file indicating how many events were dropped. The event ID is
0xfffffffffffffffe and its signature is dropped(uint32_t count).
Signed-off-by: Stefan Hajnoczi <stefanha@linux.vnet.ibm.com>
Michael Walle [Thu, 17 Feb 2011 22:45:18 +0000 (23:45 +0100)]
MAINTAINERS: add LatticeMico32 maintainer
Add me as the lm32-target and machines maintainer.
Signed-off-by: Michael Walle <michael@walle.cc>
Signed-off-by: Edgar E. Iglesias <edgar.iglesias@gmail.com>
Michael Walle [Thu, 17 Feb 2011 22:45:17 +0000 (23:45 +0100)]
Add lm32 target to configure
Signed-off-by: Michael Walle <michael@walle.cc>
Signed-off-by: Edgar E. Iglesias <edgar.iglesias@gmail.com>
Michael Walle [Thu, 17 Feb 2011 22:45:16 +0000 (23:45 +0100)]
lm32: opcode testsuite
This patch creates tests/lm32 directory and adds tests for every
LatticeMico32 opcode.
Signed-off-by: Michael Walle <michael@walle.cc>
Signed-off-by: Edgar E. Iglesias <edgar.iglesias@gmail.com>
Michael Walle [Thu, 17 Feb 2011 22:45:15 +0000 (23:45 +0100)]
lm32: todo and documentation
This patch adds general target documentation and a todo list.
Signed-off-by: Michael Walle <michael@walle.cc>
Signed-off-by: Edgar E. Iglesias <edgar.iglesias@gmail.com>
Michael Walle [Thu, 17 Feb 2011 22:45:14 +0000 (23:45 +0100)]
lm32: EVR32 and uclinux BSP
This patch adds support for the following two BSPs:
- LM32 EVR32 BSP (as used by RTEMS)
- uclinux BSP by Theobroma Systems
Signed-off-by: Michael Walle <michael@walle.cc>
Signed-off-by: Edgar E. Iglesias <edgar.iglesias@gmail.com>
Michael Walle [Thu, 17 Feb 2011 22:45:13 +0000 (23:45 +0100)]
lm32: support for creating device tree
This patch adds helper functions to create a ROM, which contains a hardware
description of a board. This is used in Theobromas LM32 Linux port.
Signed-off-by: Michael Walle <michael@walle.cc>
Signed-off-by: Edgar E. Iglesias <edgar.iglesias@gmail.com>
Michael Walle [Thu, 17 Feb 2011 22:45:12 +0000 (23:45 +0100)]
lm32: system control model
This patch add support for a system control block. It is supposed to
act as helper for the emulated program. E.g. shutting down the VM or
printing test results. This model is intended for testing purposes only and
doesn't fit to any real hardware. Therefore, it is not added to any board
by default. Instead a user has to add it explicitly with the '-device'
commandline parameter.
Signed-off-by: Michael Walle <michael@walle.cc>
Signed-off-by: Edgar E. Iglesias <edgar.iglesias@gmail.com>
Michael Walle [Thu, 17 Feb 2011 22:45:11 +0000 (23:45 +0100)]
lm32: uart model
This patch add support for the LatticeMico32 UART.
Signed-off-by: Michael Walle <michael@walle.cc>
Signed-off-by: Edgar E. Iglesias <edgar.iglesias@gmail.com>
Michael Walle [Thu, 17 Feb 2011 22:45:10 +0000 (23:45 +0100)]
lm32: timer model
This patch adds support for the LatticeMico32 system timer.
Signed-off-by: Michael Walle <michael@walle.cc>
Signed-off-by: Edgar E. Iglesias <edgar.iglesias@gmail.com>
Michael Walle [Thu, 17 Feb 2011 22:45:09 +0000 (23:45 +0100)]
lm32: pic and juart helper functions
This patch adds init functions for the PIC and JTAG UART commonly used
in the board initialization.
Signed-off-by: Michael Walle <michael@walle.cc>
Signed-off-by: Edgar E. Iglesias <edgar.iglesias@gmail.com>
Michael Walle [Thu, 17 Feb 2011 22:45:08 +0000 (23:45 +0100)]
lm32: juart model
This patch adds the JTAG UART model. It is accessed through special control
registers and opcodes. Therefore the translation uses callbacks to this
model.
Signed-off-by: Michael Walle <michael@walle.cc>
Signed-off-by: Edgar E. Iglesias <edgar.iglesias@gmail.com>
Michael Walle [Thu, 17 Feb 2011 22:45:07 +0000 (23:45 +0100)]
lm32: interrupt controller model
This patch adds the interrupt controller of the lm32. Because the PIC is
accessed through special control registers and opcodes, there are callbacks
from the lm32 translation code to this model.
Signed-off-by: Michael Walle <michael@walle.cc>
Signed-off-by: Edgar E. Iglesias <edgar.iglesias@gmail.com>
Michael Walle [Thu, 17 Feb 2011 22:45:06 +0000 (23:45 +0100)]
lm32: gdbstub support
This patch adds lm32 support to the gdbstub.
Signed-off-by: Michael Walle <michael@walle.cc>
Signed-off-by: Edgar E. Iglesias <edgar.iglesias@gmail.com>
Michael Walle [Thu, 17 Feb 2011 22:45:05 +0000 (23:45 +0100)]
lm32: machine state loading/saving
This patch adds support for saving and loading the processor state.
Signed-off-by: Michael Walle <michael@walle.cc>
Signed-off-by: Edgar E. Iglesias <edgar.iglesias@gmail.com>
Michael Walle [Thu, 17 Feb 2011 22:45:04 +0000 (23:45 +0100)]
lm32: translation code helper
This patch adds translation helper functions.
Signed-off-by: Michael Walle <michael@walle.cc>
Signed-off-by: Edgar E. Iglesias <edgar.iglesias@gmail.com>
Michael Walle [Thu, 17 Feb 2011 22:45:03 +0000 (23:45 +0100)]
lm32: translation routines
This patch adds the main translation routine. All opcodes of the
LatticeMico32 processor are supported and translated to TCG ops.
Signed-off-by: Michael Walle <michael@walle.cc>
Signed-off-by: Edgar E. Iglesias <edgar.iglesias@gmail.com>
Michael Walle [Thu, 17 Feb 2011 22:45:02 +0000 (23:45 +0100)]
LatticeMico32 target support
This patch adds support for the LatticeMico32 softcore processor by Lattice
Semiconductor.
Signed-off-by: Michael Walle <michael@walle.cc>
Signed-off-by: Edgar E. Iglesias <edgar.iglesias@gmail.com>
Peter Maydell [Tue, 22 Feb 2011 18:19:43 +0000 (18:19 +0000)]
target-arm: Implement a minimal set of cp14 debug registers
Newer ARM kernels try to probe for whether the CPU has hardware breakpoint
support. For this to work QEMU has to implement a minimal set of the cp14
debug registers. The architecture requires v7 cores to implement debug
and so there is no defined way to report its absence; however in practice
returning a zero DBGDIDR (ie with a reserved value for "debug architecture
version") should cause well-written hw debug users to do the right thing.
We also implement DBGDRAR and DBGDSAR as RAZ, indicating no memory mapped
debug components.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
Peter Maydell [Sun, 6 Mar 2011 21:39:55 +0000 (21:39 +0000)]
target-arm: Use TCG temporary leak debugging facilities
Use the new TCG temporary leak debugging facilities to
check that each ARM instruction does not leak temporaries.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
Peter Maydell [Sun, 6 Mar 2011 21:39:54 +0000 (21:39 +0000)]
target-arm: Remove ad-hoc leak checking code
This commit removes the ad-hoc resource leak checking code from
target-arm. This includes replacing all uses of new_tmp() with
tcg_temp_new_i32() and all uses of dead_tmp() with
tcg_temp_free_i32().
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
Peter Maydell [Sun, 6 Mar 2011 21:39:53 +0000 (21:39 +0000)]
tcg: Add support for debugging leakage of temporaries
Add support (if CONFIG_DEBUG_TCG is defined) for debugging leakage
of temporary variables. Generally any temporaries created by
a target while it is translating an instruction should be freed
by the end of that instruction; otherwise carefully crafted
guest code could cause TCG to run out of temporaries and assert.
By calling tcg_check_temp_count() after each instruction we can
check that we are not leaking temporaries in this way.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
Adam Lackorzynski [Sat, 5 Mar 2011 12:51:45 +0000 (13:51 +0100)]
target-arm: Integrate secondary CPU reset in arm_boot
Integrate secondary CPU reset into arm_boot, removing it from realview.c.
On non-Linux systems secondary CPUs start with the same entry as the boot
CPU.
Signed-off-by: Adam Lackorzynski <adam@os.inf.tu-dresden.de>
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
Adam Lackorzynski [Sat, 5 Mar 2011 12:51:44 +0000 (13:51 +0100)]
target-arm: Implement cp15 VA->PA translation
Implement VA->PA translations by cp15-c7 that went through unchanged
previously.
Signed-off-by: Adam Lackorzynski <adam@os.inf.tu-dresden.de>
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
projects / sdk / emulator / qemu.git / log