Guenter Roeck [Thu, 20 Aug 2015 15:52:35 +0000 (08:52 -0700)]
imx_serial: Generate interrupt on tx empty if enabled
Generate an interrupt if the tx buffer is empty and the tx empty interrupt
is enabled. This fixes a problem seen when running a Linux image since
Linux commit 55c3cb1358e ("serial: imx: remove unneeded imx_transmit_buffer()
from imx_start_tx()"). Linux now waits for the tx empty interrupt before
starting to send data, causing transmit stalls until there is an interrupt
for another reason.
Add .dir-locals.el file to configure emacs coding style
Some default emacs setups indent by 2 spaces and uses tabs
which is counter to the QEMU coding style rules. Adding a
.dir-locals.el file in the top level of the GIT repo will
inform emacs about the QEMU coding style, and so assist
contributors in avoiding common style mistakes before
they submit patches.
Peter Maydell [Thu, 8 Oct 2015 14:33:56 +0000 (15:33 +0100)]
Merge remote-tracking branch 'remotes/rth/tags/pull-tcg-20151007' into staging
Do away with TB retranslation
# gpg: Signature made Wed 07 Oct 2015 10:42:08 BST using RSA key ID 4DD0279B
# gpg: Good signature from "Richard Henderson <[email protected]>"
# gpg: aka "Richard Henderson <[email protected]>"
# gpg: aka "Richard Henderson <[email protected]>"
* remotes/rth/tags/pull-tcg-20151007: (26 commits)
tcg: Adjust CODE_GEN_AVG_BLOCK_SIZE
tcg: Check for overflow via highwater mark
tcg: Allocate a guard page after code_gen_buffer
tcg: Emit prologue to the beginning of code_gen_buffer
tcg: Remove tcg_gen_code_search_pc
tcg: Remove gen_intermediate_code_pc
tcg: Save insn data and use it in cpu_restore_state_from_tb
tcg: Pass data argument to restore_state_to_opc
tcg: Add TCG_MAX_INSNS
target-*: Drop cpu_gen_code define
tcg: Merge cpu_gen_code into tb_gen_code
target-sparc: Add npc state to insn_start
target-sparc: Remove gen_opc_jump_pc
target-sparc: Split out gen_branch_n
target-sparc: Tidy gen_branch_a interface
target-cris: Mirror gen_opc_pc into insn_start
target-sh4: Add flags state to insn_start
target-s390x: Add cc_op state to insn_start
target-mips: Add delayed branch state to insn_start
target-i386: Add cc_op state to insn_start
...
Peter Maydell [Thu, 8 Oct 2015 12:37:04 +0000 (13:37 +0100)]
Merge remote-tracking branch 'remotes/rth/tags/pull-tile-20151007' into staging
Collected patches
# gpg: Signature made Wed 07 Oct 2015 10:30:17 BST using RSA key ID 4DD0279B
# gpg: Good signature from "Richard Henderson <[email protected]>"
# gpg: aka "Richard Henderson <[email protected]>"
# gpg: aka "Richard Henderson <[email protected]>"
* remotes/rth/tags/pull-tile-20151007:
target-tilegx: Support iret instruction and related special registers
target-tilegx: Use TILEGX_EXCP_OPCODE_UNKNOWN and TILEGX_EXCP_OPCODE_UNIMPLEMENTED correctly
target-tilegx: Implement v2mults instruction
target-tilegx: Implement v?int_* instructions.
target-tilegx: Implement v2sh* instructions
target-tilegx: Handle nofault prefetch instructions
target-tilegx: Fix a typo for mnemonic about "ld_add"
target-tilegx: Use TILEGX_EXCP_SIGNAL instead of TILEGX_EXCP_SEGV
target-tilegx: Decode ill pseudo-instructions
linux-user/tilegx: Implement tilegx signal features
linux-user/syscall_defs.h: Sync the latest si_code from Linux kernel
target-tilegx: Let x1 pipe process bpt instruction only
target-tilegx: Implement complex multiply instructions
target-tilegx: Implement table index instructions
target-tilegx: Implement crc instructions
target-tilegx: Implement v1multu instruction
target-tilegx: Implement v*add and v*sub instructions
target-tilegx: Implement v*shl, v*shru, and v*shrs instructions
target-tilegx: Tidy simd_helper.c
At present, the "average" guestimate of TB size is way too small, leading
to many unused entries in the pre-allocated TB array. For a guest with 1GB
ram, we're currently allocating 256MB for the array.
Survey arm, alpha, aarch64, ppc, sparc, i686, x86_64 guests running on
x86_64 and ppc64 hosts and select a new average. The size of the array
drops to 81MB with no more flushing than before.
We currently pre-compute an worst case code size for any TB, which
works out to be 122kB. Since the average TB size is near 1kB, this
wastes quite a lot of storage.
Instead, check for overflow in between generating code for each opcode.
The overhead of the check isn't measurable and wastage is minimized.
tcg: Emit prologue to the beginning of code_gen_buffer
By putting the prologue at the end, we risk overwriting the
prologue should our estimate of maximum TB size. Given the
two different placements of the call to tcg_prologue_init,
move the high water mark computation into tcg_prologue_init.
It is no longer used, so tidy up everything reached by it.
This includes the gen_opc_* arrays, the search_pc parameter
and the inline gen_intermediate_code_internal functions.
The gen_opc_* arrays are already redundant with the data stored in
the insn_start arguments. Transition restore_state_to_opc to use
data from the latter.
Since jump_pc[1] is always npc + 4, we can infer after incrementing
that jump_pc[1] == pc + 4. Because of that, we can encode the branch
destination into a single word, and store that in npc.
This perhaps isn't ideal in terms of (ab)using the "pc" field
to encode both pc and ppc + delay branch state, as one has to
be aware of this when examining opcode dumps.
But it preserves existing logic, which will be good for bisection,
and it certainly does save storage space.
While we're at it, emit the opcode adjacent to where we currently
record data for search_pc. This puts gen_io_start et al on the
"correct" side of the marker.
Chen Gang [Sun, 4 Oct 2015 09:41:14 +0000 (17:41 +0800)]
target-tilegx: Support iret instruction and related special registers
EX_CONTEXT_0_0 is used for jumping address, and EX_CONTEXT_0_1 is for
INTERRUPT_CRITICAL_SECTION, which should only be 0 or 1 in user mode, or
it will cause target SIGILL (and the patch doesn't support system mode).
Chen Gang [Sun, 4 Oct 2015 05:34:33 +0000 (13:34 +0800)]
target-tilegx: Use TILEGX_EXCP_OPCODE_UNKNOWN and TILEGX_EXCP_OPCODE_UNIMPLEMENTED correctly
For some cases, they are for TILEGX_EXCP_OPCODE_UNKNOWN, not for
TILEGX_EXCP_OPCODE_UNIMPLEMENTED.
Also for some cases, they are for TILEGX_EXCP_OPCODE_UNIMPLEMENTED, not
for TILEGX_EXCP_OPCODE_UNKNOWN.
When analyzing issues, the correct printing information is necessary,
e.g. grep UIMP in gcc testsuite output log for finding qemu tilegx
umimplementation issues, grep UNKNOWN for finding unknown instructions.
These are mapped onto some of the normal load instructions, when the
destination is the zero register. Other load insns do fault even
when targeting the zero register.
pc-dimm: Fail realization for invalid nodes in non-NUMA config
pc_dimm_realize() validates the NUMA node to which memory hotplug is
being performed only in case of NUMA configuration. Include a check to
fail for invalid nodes in case of non-NUMA configuration too.
Peter Maydell [Tue, 6 Oct 2015 15:32:16 +0000 (16:32 +0100)]
Merge remote-tracking branch 'remotes/borntraeger/tags/s390x-20151006' into staging
s390: fixes
Some fixes all over the place:
- ccw bios and gcc 5.1 (avoid floating point ops)
- properly print vector registers
- sclp and sclp-event-facility no longer hang on object_unref(object_new(T))
- better name for io_subsystem_reset
One feature
- the gdb server now exposes several virtualization specific register
# gpg: Signature made Tue 06 Oct 2015 11:20:24 BST using RSA key ID B5A61C7C
# gpg: Good signature from "Christian Borntraeger (IBM) <[email protected]>"
* remotes/borntraeger/tags/s390x-20151006:
s390x: rename io_subsystem_reset -> subsystem_reset
s390x/info registers: print vector registers properly
s390x: set missing parent for hotplug and quiesce events
s390x/gdb: expose virtualization specific registers
pc-bios/s390-ccw: avoid floating point operations
Peter Maydell [Tue, 6 Oct 2015 12:42:33 +0000 (13:42 +0100)]
Merge remote-tracking branch 'remotes/ehabkost/tags/x86-pull-request' into staging
X86 queue, 2015-10-05
# gpg: Signature made Mon 05 Oct 2015 17:04:38 BST using RSA key ID 984DC5A6
# gpg: Good signature from "Eduardo Habkost <[email protected]>"
* remotes/ehabkost/tags/x86-pull-request:
icc_bus: drop the unused files
cpu/apic: drop icc bus/bridge
x86: use new method to correct reset sequence
apic: move APIC's MMIO region mapping into APIC
Correctly re-init EFER state during INIT IPI
target-i386: add ABM to Haswell* and Broadwell* CPU models
target-i386: get/put MSR_TSC_AUX across reset and migration
target-i386: Make check_hw_breakpoints static
target-i386: Move breakpoint related functions to new file
target-i386: Convert kvm_default_*features to property/value pairs
vl: Add another sanity check to smp_parse() function
cpu: Introduce X86CPUTopoInfo structure for argument simplification
Chen Fan [Wed, 16 Sep 2015 09:19:14 +0000 (17:19 +0800)]
cpu/apic: drop icc bus/bridge
After CPU hotplug has been converted to BUS-less hot-plug infrastructure,
the only function ICC bus performs is to propagate reset to LAPICs. However
LAPIC could be reset by registering its reset handler after all device are
initialized.
Do so and drop ~30LOC of not needed anymore ICCBus related code.
During reset some devices (such as hpet, rtc) might send IRQ to APIC
which changes APIC's state from default one it's supposed to have
at machine startup time.
Fix this by resetting APIC after devices have been reset to cancel
any changes that qemu_devices_reset() might have done to its state.
Chen Fan [Wed, 16 Sep 2015 09:19:11 +0000 (17:19 +0800)]
apic: move APIC's MMIO region mapping into APIC
When ICC bus/bridge is removed, APIC MMIO will be left
unmapped since it was mapped into system's address space
indirectly by ICC bridge.
Fix it by moving mapping into APIC code, so it would be
possible to remove ICC bus/bridge code later.
Bill Paul [Wed, 30 Sep 2015 22:33:29 +0000 (15:33 -0700)]
Correctly re-init EFER state during INIT IPI
When doing a re-initialization of a CPU core, the default state is to _not_
have 64-bit long mode enabled. This means the LME (long mode enable) and LMA
(long mode active) bits in the EFER model-specific register should be cleared.
However, the EFER state is part of the CPU environment which is
preserved by do_cpu_init(), so if EFER.LME and EFER.LMA were set at the
time an INIT IPI was received, they will remain set after the init completes.
This is contrary to what the Intel architecture manual describes and what
happens on real hardware, and it leaves the CPU in a weird state that the
guest can't clear.
To fix this, the 'efer' member of the CPUX86State structure has been moved
to an area outside the region preserved by do_cpu_init(), so that it can
be properly re-initialized by x86_cpu_reset().
Paolo Bonzini [Mon, 28 Sep 2015 12:00:18 +0000 (14:00 +0200)]
target-i386: add ABM to Haswell* and Broadwell* CPU models
ABM is only implemented as a single instruction set by AMD; all AMD
processors support both instructions or neither. Intel considers POPCNT
as part of SSE4.2, and LZCNT as part of BMI1, but Intel also uses AMD's
ABM flag to indicate support for both POPCNT and LZCNT. It has to be
added to Haswell and Broadwell because Haswell, by adding LZCNT, has
completed the ABM.
Tested with "qemu-kvm -cpu Haswell-noTSX,enforce" (and also with older
machine types) on an Haswell-EP machine.
Amit Shah [Wed, 23 Sep 2015 06:27:33 +0000 (11:57 +0530)]
target-i386: get/put MSR_TSC_AUX across reset and migration
There's one report of migration breaking due to missing MSR_TSC_AUX
save/restore. Fix this by adding a new subsection that saves the state
of this MSR.
target-i386: Convert kvm_default_*features to property/value pairs
Convert the kvm_default_features and kvm_default_unset_features arrays
into a simple list of property/value pairs that will be applied to
X86CPU objects when using KVM.
Thomas Huth [Wed, 22 Jul 2015 13:59:50 +0000 (15:59 +0200)]
vl: Add another sanity check to smp_parse() function
The code in smp_parse already checks the topology information for
sockets * cores * threads < cpus and bails out with an error in
that case. However, it is still possible to supply a bad configuration
the other way round, e.g. with:
QEMU then still starts the guest, with topology configuration that
is rather incomprehensible and likely not what the user wanted.
So let's add another check to refuse such wrong configurations.
Peter Maydell [Fri, 2 Oct 2015 15:59:21 +0000 (16:59 +0100)]
Merge remote-tracking branch 'remotes/mst/tags/for_upstream' into staging
virtio,pc features, fixes
New features:
guest RAM buffer overrun mitigation
RAM physical address gaps for memory hotplug
(except refactoring which got some review comments)
Signed-off-by: Michael S. Tsirkin <[email protected]>
# gpg: Signature made Fri 02 Oct 2015 15:04:56 BST using RSA key ID D28D5469
# gpg: Good signature from "Michael S. Tsirkin <[email protected]>"
# gpg: aka "Michael S. Tsirkin <[email protected]>"
* remotes/mst/tags/for_upstream:
vhost-user-test: fix predictable filename on tmpfs
vhost-user-test: use tmpfs by default
pc: memhp: force gaps between DIMM's GPA
memhp: extend address auto assignment to support gaps
vhost-user: unit test for new messages
vhost-user-test: do not reinvent glib-compat.h
virtio: Notice when the system doesn't support MSIx at all
pc: Add a comment explaining why pc_compat_2_4() doesn't exist
exec: allocate PROT_NONE pages on top of RAM
oslib: allocate PROT_NONE pages on top of RAM
oslib: rework anonimous RAM allocation
virtio-net: correctly drop truncated packets
virtio: introduce virtqueue_discard()
virtio: introduce virtqueue_unmap_sg()
Peter Maydell [Fri, 2 Oct 2015 15:04:25 +0000 (16:04 +0100)]
Merge remote-tracking branch 'remotes/riku/tags/pull-linux-user-20151002' into staging
First set of Linux-user que patches for 2.5
# gpg: Signature made Fri 02 Oct 2015 13:38:00 BST using RSA key ID DE3C9BC0
# gpg: Good signature from "Riku Voipio <[email protected]>"
# gpg: aka "Riku Voipio <[email protected]>"
* remotes/riku/tags/pull-linux-user-20151002:
linux-user: assert that target_mprotect cannot fail
linux-user/signal.c: Use setup_rt_frame() instead of setup_frame() for target openrisc
linux-user/syscall.c: Add EAGAIN to host_to_target_errno_table for
linux-user: add name_to_handle_at/open_by_handle_at
linux-user: Return target error number in do_fork()
linux-user: fix cmsg conversion in case of multiple headers
linux-user: remove MAX_ARG_PAGES limit
linux-user: remove unused image_info members
linux-user: Treat --foo options the same as -foo
linux-user: use EXIT_SUCCESS and EXIT_FAILURE
linux-user: Add proper error messages for bad options
linux-user: Add -help
linux-user: Exit 0 when -h is used
vhost-user-test: fix predictable filename on tmpfs
vhost-user-test uses getpid to create a unique filename. This name is
predictable, and a security problem. Instead, use a tmp directory
created by mkdtemp, which is a suggested best practice.
Most people don't run make check by default, so they skip vhost-user
unit tests. Solve this by using tmpfs instead, unless hugetlbfs is
specified (using an environment variable).
Igor Mammedov [Tue, 29 Sep 2015 14:53:29 +0000 (16:53 +0200)]
pc: memhp: force gaps between DIMM's GPA
mapping DIMMs non contiguously allows to workaround
virtio bug reported earlier:
http://lists.nongnu.org/archive/html/qemu-devel/2015-08/msg00522.html
in this case guest kernel doesn't allocate buffers
that can cross DIMM boundary keeping each buffer
local to a DIMM.
Peter Maydell [Fri, 2 Oct 2015 13:47:10 +0000 (14:47 +0100)]
Merge remote-tracking branch 'remotes/kevin/tags/for-upstream' into staging
Block layer patches
# gpg: Signature made Fri 02 Oct 2015 12:49:13 BST using RSA key ID C88F2FD6
# gpg: Good signature from "Kevin Wolf <[email protected]>"
* remotes/kevin/tags/for-upstream:
block/raw-posix: Open file descriptor O_RDWR to work around glibc posix_fallocate emulation issue.
block: disable I/O limits at the beginning of bdrv_close()
iotests: Fix test 128 for password-less sudo
tests: Fix test 049 fallout from improved HMP error messages
raw-win32: Fix write request error handling
$ qemu-img create -f qcow2 -o preallocation=falloc disk.img 262144
Formatting 'disk.img', fmt=qcow2 size=262144 encryption=off cluster_size=65536 preallocation='falloc' lazy_refcounts=off
qemu-img: disk.img: Could not preallocate data for the new file: Bad file descriptor
The reason turns out to be because NFS doesn't support the
posix_fallocate call. glibc emulates it instead. However glibc's
emulation involves using the pread(2) syscall. The pread syscall
fails with EBADF if the file descriptor is opened without the read
open-flag (ie. open (..., O_WRONLY)).
I contacted glibc upstream about this, and their response is here:
There are two possible fixes: Use Linux fallocate directly, or (this
fix) work around the problem in qemu by opening the file with O_RDWR
instead of O_WRONLY.
Alberto Garcia [Fri, 25 Sep 2015 13:41:44 +0000 (16:41 +0300)]
block: disable I/O limits at the beginning of bdrv_close()
Disabling I/O limits from a BDS also drains all pending throttled
requests, so it should be done at the beginning of bdrv_close() with
the rest of the bdrv_drain() calls before the BlockDriver is closed.
Fix this by copying the qemu-io invocation function from common.config,
making it use $sudo for invoking $QEMU_IO_PROG, and then use that
function instead of $QEMU_IO.
s390x: set missing parent for hotplug and quiesce events
Existing code missed to set a parent for the quiesce and hotplug event.
While this didn't matter in practise, new introspection APIs basically now
do an object_unref(object_new(T)), which loops forever.
When trying to remove the event facility bus, the code tries to
unparent all childs on the bus, so they are properly deleted and therefore removed.
As object_unparent() on these child devices doesn't work, as there is no parent,
we loop forever.
Let's fix this by adding the event facility as a parent. Also switch from
object_initialize to object_new, so the only valid reference is in fact the
parent property. This makes it more obvious when the device (state) is actually
gone (and how the reference counting works).
Some gcc versions (e.g. Fedora 22 gcc 5.1.1) seem to use floating
point registers for spilling and filling of general purpose registers.
As the BIOS does not activate the AFP register setting of CR0 this can
cause data exception program checks.
Disallow floating point in the BIOS as a simple solution.
Alistair Francis [Thu, 23 Jul 2015 15:13:56 +0000 (08:13 -0700)]
target-microblaze: Set the PC in reset instead of realize
Set the Microblaze CPU PC in the reset instead of setting it
in the realize. This is required as the PC is zeroed in the
reset function and causes problems in some situations.
Jeff Cody [Thu, 1 Oct 2015 04:06:37 +0000 (00:06 -0400)]
block: mirror - fix full sync mode when target does not support zero init
During mirror, if the target device does not support zero init, a
mirror may result in a corrupted image for sync="full" mode.
This is due to how the initial dirty bitmap is set up prior to copying
data - we did not mark sectors as dirty that are unallocated. This
means those unallocated sectors are skipped over on the target, and for
a device without zero init, invalid data may reside in those holes.
If both of the following conditions are true, then we will explicitly
mark all sectors as dirty:
If the target does support zero init, but a target image is passed in
with data already present (i.e. an "existing" image), it is assumed the
data present in the existing image is valid data for those sectors.
projects / qemu.git / log