John Snow [Thu, 6 Sep 2018 13:02:18 +0000 (09:02 -0400)]
tests/test-blockjob: remove exit callback
We remove the exit callback and the completed boolean along with it.
We can simulate it just fine by waiting for the job to defer to the
main loop, and then giving it one final kick to get the main loop
portion to run.
During refactor, a potential problem with bdrv_drop_intermediate
was identified, the patched behavior is no worse than the pre-patch
behavior, so leave a FIXME for now to be fixed in a future patch.
Peter Maydell [Tue, 25 Sep 2018 12:30:45 +0000 (13:30 +0100)]
Merge remote-tracking branch 'remotes/dgibson/tags/ppc-for-3.1-20180925' into staging
ppc patch queue 2018-09-25
Here are the accumulated ppc target patches for the last several
weeks. Highlights are:
* A number of 40p / PReP cleanups
* Preliminary irq rework on the pseries machine towards the new
XIVE interrupt controller
There are a few patches which make small changes to generic device and
arm code as prerequisites to the 40p interrupt routing cleanup. They
have acks from the relevant maintainers.
* remotes/dgibson/tags/ppc-for-3.1-20180925:
40p: add fixed IRQ routing for LSI SCSI device
lsi53c895a: add optional external IRQ via qdev
scsi: remove unused lsi53c895a_create() and lsi53c810_create() functions
scsi: move lsi53c8xx_create() callers to lsi53c8xx_handle_legacy_cmdline()
scsi: add lsi53c8xx_handle_legacy_cmdline() function
sm501: Adjust endianness of pixel value in rectangle fill
spapr_pci: add an extra 'nr_msis' argument to spapr_populate_pci_dt
spapr: increase the size of the IRQ number space
spapr: introduce a spapr_irq class 'nr_msis' attribute
40p: use OR gate to wire up raven PCI interrupts
raven: some minor IRQ-related tidy-ups
hw/ppc: on 40p machine, change default firmware to OpenBIOS
target/ppc/cpu-models: Re-group the 970 CPUs together again
Record history of ppcemb target in common.json
* remotes/cody/tags/block-pull-request:
curl: Make sslverify=off disable host as well as peer verification.
block/rbd: add deprecation documentation for filename keyvalue pairs
block/rbd: add iotest for rbd legacy keyvalue filename parsing
block/rbd: Attempt to parse legacy filenames
block/rbd: pull out qemu_rbd_convert_options
* remotes/armbru/tags/pull-qobject-2018-09-24:
json: Eliminate lexer state IN_WHITESPACE, pseudo-token JSON_SKIP
json: Eliminate lexer state IN_ERROR
json: Nicer recovery from lexical errors
json: Make lexer's "character consumed" logic less confusing
json: Clean up how lexer consumes "end of input"
json: Fix lexer for lookahead character beyond '\x7F'
* remotes/armbru/tags/pull-error-2018-09-24:
MAINTAINERS: Fix F: patterns that don't match anything
Drop "qemu:" prefix from error_report() arguments
qemu-error: make use of {error, warn}_report_once_cond
qemu-error: add {error, warn}_report_once_cond
Peter Maydell [Tue, 25 Sep 2018 10:05:56 +0000 (11:05 +0100)]
Merge remote-tracking branch 'remotes/xtensa/tags/20180918-xtensa' into staging
target/xtensa updates:
- fix gdbstub register counts;
- add big-endian core test_kc705_be;
- convert to do_transaction_failed and add test for failed memory
transactions;
- fix couple FPU2000 bugs;
- fix s32c1i implementation;
- clean up exception handlers generation in xtensa tests;
- add support for semihosting console input through a chardev.
curl: Make sslverify=off disable host as well as peer verification.
The sslverify setting is supposed to turn off all TLS certificate
checks in libcurl. However because of the way we use it, it only
turns off peer certificate authenticity checks
(CURLOPT_SSL_VERIFYPEER). This patch makes it also turn off the check
that the server name in the certificate is the same as the server
you're connecting to (CURLOPT_SSL_VERIFYHOST).
We can use Google's server at 8.8.8.8 which happens to have a bad TLS
certificate to demonstrate this:
$ ./qemu-img create -q -f qcow2 -b 'json: { "file.sslverify": "off", "file.driver": "https", "file.url": "https://8.8.8.8/foo" }' /var/tmp/file.qcow2
qemu-img: /var/tmp/file.qcow2: CURL: Error opening file: SSL: no alternative certificate subject name matches target host name '8.8.8.8'
Could not open backing image to determine size.
With this patch applied, qemu-img connects to the server regardless of
the bad certificate:
$ ./qemu-img create -q -f qcow2 -b 'json: { "file.sslverify": "off", "file.driver": "https", "file.url": "https://8.8.8.8/foo" }' /var/tmp/file.qcow2
qemu-img: /var/tmp/file.qcow2: CURL: Error opening file: The requested URL returned error: 404 Not Found
(The 404 error is expected because 8.8.8.8 is not actually serving a
file called "/foo".)
Of course the default (without sslverify=off) remains to always check
the certificate:
$ ./qemu-img create -q -f qcow2 -b 'json: { "file.driver": "https", "file.url": "https://8.8.8.8/foo" }' /var/tmp/file.qcow2
qemu-img: /var/tmp/file.qcow2: CURL: Error opening file: SSL: no alternative certificate subject name matches target host name '8.8.8.8'
Could not open backing image to determine size.
Further information about the two settings is available here:
Jeff Cody [Tue, 11 Sep 2018 22:32:32 +0000 (18:32 -0400)]
block/rbd: add iotest for rbd legacy keyvalue filename parsing
This is a small test that will check for the ability to parse
both legacy and modern options for rbd.
The way the test is set up is for failure to occur, but without
having to wait to timeout on a non-existent rbd server. The error
messages in the success path show that the arguments were parsed.
The failure behavior prior to the patch series that has this test, is
qemu-img complaining about mandatory options (e.g. 'pool') not being
provided.
Jeff Cody [Tue, 11 Sep 2018 22:32:31 +0000 (18:32 -0400)]
block/rbd: Attempt to parse legacy filenames
When we converted rbd to get rid of the older key/value-centric
encoding format, we broke compatibility with image files with backing
file strings encoded in the old format.
This leaves a bit of an ugly conundrum, and a hacky solution.
If the initial attempt to parse the "proper" options fails, it assumes
that we may have an older key/value encoded filename. Fall back to
attempting to parse the filename, and extract the required options from
it. If that fails, pass along the original error message.
We do not support mixed modern usage alongside legacy keyvalue pair
usage.
A deprecation warning has been added, although care should be taken
when actually deprecating since the impact is not limited to
commandline or qapi usage, but also opening existing images.
Mark Cave-Ayland [Wed, 19 Sep 2018 17:21:01 +0000 (18:21 +0100)]
40p: add fixed IRQ routing for LSI SCSI device
Whilst the PReP specification describes how all PCI IRQs are routed via IRQ
15 on the interrupt controller, the real 40p machine has a routing quirk in
that the LSI SCSI device is routed directly to IRQ 13.
Enable the external IRQ for the LSI SCSI device by wiring up the IRQ with
qdev to the relevant interrupt controller gpio.
Mark Cave-Ayland [Wed, 19 Sep 2018 17:20:58 +0000 (18:20 +0100)]
scsi: move lsi53c8xx_create() callers to lsi53c8xx_handle_legacy_cmdline()
As part of commits a64aa5785d "hw: Deprecate -drive if=scsi with non-onboard
HBAs" and b891538e81 "hw/ppc/prep: Fix implicit creation of "-drive if=scsi"
devices" the lsi53c895a_create() and lsi53c810_create() functions were added
to wrap pci_create_simple() and scsi_bus_legacy_handle_cmdline().
Unfortunately this prevents us from changing qdev properties on the device
and/or changing the PCI configuration. By switching over to using the new
lsi53c8xx_handle_legacy_cmdline() function then the caller can now configure
and realize the LSI SCSI device exactly as required.
Marcus Comstedt [Wed, 19 Sep 2018 12:31:14 +0000 (14:31 +0200)]
sm501: Adjust endianness of pixel value in rectangle fill
The value from twoD_foreground (which is in host endian format) must
be converted to the endianness of the framebuffer (currently always
little endian) before it can be used to perform the fill operation.
The new layout using static IRQ number does not leave much space to
the dynamic MSI range, only 0x100 IRQ numbers. Increase the total
number of IRQS for newer machines and introduce a legacy XICS backend
for pre-3.1 machines to maintain compatibility.
For the old backend, provide a 'nr_msis' value covering the full IRQ
number space as it does not use the bitmap allocator to allocate MSI
interrupt numbers.
spapr: introduce a spapr_irq class 'nr_msis' attribute
The number of MSI interrupts a sPAPR machine can allocate is in direct
relation with the number of interrupts of the sPAPRIrq backend. Define
statically this value at the sPAPRIrq class level and use it for the
"ibm,pe-total-#msi" property of the sPAPR PHB.
According to the PAPR specs, "ibm,pe-total-#msi" defines the maximum
number of MSIs that are available to the PE. We choose to advertise
the maximum number of MSIs that are available to the machine for
simplicity of the model and to avoid segmenting the MSI interrupt pool
which can be easily shared. If the pool limit is reached, it can be
extended dynamically.
Finally, remove XICS_IRQS_SPAPR which is now unused.
According to the PReP specification section 6.1.6 "System Interrupt
Assignments", all PCI interrupts are routed via IRQ 15.
Instead of mapping each PCI IRQ separately, we introduce an OR gate within the
raven PCI host bridge and then wire the single output of the OR gate to the
interrupt controller.
Note that whilst the (now deprecated) PReP machine still exists we still need
to preserve the old IRQ routing. This is done by adding a new "is-legacy-prep"
property to the raven PCI host bridge which is set to true for the PReP
machine.
This really lays the groundwork for the upcoming patches: it renames the
irqs PREPPCIState struct member to pci_irqs (as soon there will be a
distinction) and then changes the raven IRQ opaque to use PREPPCIState
instead of just irqs array.
Thomas Huth [Fri, 7 Sep 2018 13:19:54 +0000 (15:19 +0200)]
target/ppc/cpu-models: Re-group the 970 CPUs together again
The addition of the POWER9 CPUs divided the entries for the 970 CPUs,
which is a little bit confusing when you look at the code. So let's
re-group the 970 CPUs together again, and since these chips have been
based on the POWER4 processor, move them also in front of the POWER5
chips now.
Thomas Huth [Tue, 21 Aug 2018 11:27:48 +0000 (13:27 +0200)]
Record history of ppcemb target in common.json
We recently removed the long deprecated "ppcemb" target. This adds a
comment in common.json about the SysEmuTarget type, recording when it was
removed.
Peter Maydell [Mon, 24 Sep 2018 17:49:11 +0000 (18:49 +0100)]
Merge remote-tracking branch 'remotes/mst/tags/for_upstream' into staging
pci, pc, virtio: fixes, features
pci resource capability + misc fixes everywhere.
Signed-off-by: Michael S. Tsirkin <[email protected]>
# gpg: Signature made Fri 07 Sep 2018 22:50:38 BST
# gpg: using RSA key 281F0DB8D28D5469
# gpg: Good signature from "Michael S. Tsirkin <[email protected]>"
# gpg: aka "Michael S. Tsirkin <[email protected]>"
# Primary key fingerprint: 0270 606B 6F3C DF3D 0B17 0970 C350 3912 AFBE 8E67
# Subkey fingerprint: 5D09 FD08 71C8 F85B 94CA 8A0D 281F 0DB8 D28D 5469
* remotes/mst/tags/for_upstream:
tests: update acpi expected files
vhost: fix invalid downcast
pc: make sure that guest isn't able to unplug the first cpu
hw/pci: add PCI resource reserve capability to legacy PCI bridge
hw/pci: factor PCI reserve resources to a separate structure
virtio: update MemoryRegionCaches when guest negotiates features
pc: acpi: revert back to 1 SRAT entry for hotpluggable area
Peter Maydell [Mon, 24 Sep 2018 17:12:54 +0000 (18:12 +0100)]
Merge remote-tracking branch 'remotes/stefanberger/tags/pull-tpm-2018-09-07-1' into staging
Merge tpm 2018/09/07 v1
# gpg: Signature made Fri 07 Sep 2018 21:38:06 BST
# gpg: using RSA key 75AD65802A0B4211
# gpg: Good signature from "Stefan Berger <[email protected]>"
# gpg: WARNING: This key is not certified with a trusted signature!
# gpg: There is no indication that the signature belongs to the owner.
# Primary key fingerprint: B818 B9CA DF90 89C2 D5CE C66B 75AD 6580 2A0B 4211
* remotes/stefanberger/tags/pull-tpm-2018-09-07-1:
tests: Fix signalling race condition in TPM tests
Peter Maydell [Mon, 24 Sep 2018 16:14:10 +0000 (17:14 +0100)]
Merge remote-tracking branch 'remotes/dgibson/tags/ppc-for-3.1-20180907' into staging
ppc patch queue 2018-09-07
Here's another pull request for qemu-3.1. No real theme here, just an
assortment of various fixes. Probably the most notable thing is the
removal of the ppcemb target which has been deprecated for some time
now.
* remotes/dgibson/tags/ppc-for-3.1-20180907:
target-ppc: Extend HWCAP2 bits for ISA 3.0
target/ppc/kvm: set vcpu as online/offline
Fix a deadlock case in the CPU hotplug flow
spapr: Correct reference count on spapr-cpu-core
mac_newworld: implement custom FWPathProvider
uninorth: add ofw-addr property to allow correct fw path generation
mac_oldworld: implement custom FWPathProvider
grackle: set device fw_name and address for correct fw path generation
macio: add addr property to macio IDE object
macio: add macio bus to help with fw path generation
macio: move MACIOIDEState type declarations to macio.h
spapr_pci: fix potential NULL pointer dereference
spapr: fix leak of rev array
ppc: Remove deprecated ppcemb target
json: Eliminate lexer state IN_WHITESPACE, pseudo-token JSON_SKIP
The lexer ignores whitespace like this:
on whitespace on non-ws spontaneously
IN_START --> IN_WHITESPACE --> JSON_SKIP --> IN_START
^ |
\__/ on whitespace
This accumulates a whitespace token in state IN_WHITESPACE, only to
throw it away on the transition via JSON_SKIP to the start state.
Wasteful. Go from IN_START to IN_START on whitespace directly,
dropping the whitespace character.
When the lexer chokes on an input character, it consumes the
character, emits a JSON error token, and enters its start state. This
can lead to suboptimal error recovery. For instance, input
0123 ,
produces the tokens
JSON_ERROR 01
JSON_INTEGER 23
JSON_COMMA ,
Make the lexer skip characters after a lexical error until a
structural character ('[', ']', '{', '}', ':', ','), an ASCII control
character, or '\xFE', or '\xFF'.
Note that we must not skip ASCII control characters, '\xFE', '\xFF',
because those are documented to force the JSON parser into known-good
state, by docs/interop/qmp-spec.txt.
The lexer now produces
JSON_ERROR 01
JSON_COMMA ,
Update qmp-test for the nicer error recovery: QMP now reports just one
error for input %p instead of two. Also drop the newline after %p; it
was needed to tease out the second error.
json: Make lexer's "character consumed" logic less confusing
The lexer uses macro TERMINAL_NEEDED_LOOKAHEAD() to decide whether a
state transition consumes the input character. It returns true when
the state transition is defined with the TERMINAL() macro. To detect
that, it checks whether input '\0' would have resulted in the same
state transition, and the new state is not IN_ERROR.
Why does that even work? For all states, the new state on input '\0'
is either IN_ERROR or defined with TERMINAL(). If the state
transition equals the one we'd get for input '\0', it goes to IN_ERROR
or to the argument of TERMINAL(). We never use TERMINAL(IN_ERROR),
because it makes no sense. Thus, if it doesn't go to IN_ERROR, it
must be defined with TERMINAL().
Since this isn't quite confusing enough, we negate the result to get
@char_consumed, and ignore it when @flush is true.
Instead of deriving the lookahead bit from the state transition, make
it explicit. This is easier to understand, and a bit more flexible,
too.
When the lexer isn't in its start state at the end of input, it's
working on a token. To flush it out, it needs to transit to its start
state on "end of input" lookahead.
There are two ways to the start state, depending on the current state:
* If the lexer is in a TERMINAL(JSON_FOO) state, it can emit a
JSON_FOO token.
* Else, it can go to IN_ERROR state, and emit a JSON_ERROR token.
There are complications, however:
* The transition to IN_ERROR state consumes the input character and
adds it to the JSON_ERROR token. The latter is inappropriate for
the "end of input" character, so we suppress that. See also recent
commit a2ec6be72b8 "json: Fix lexer to include the bad character in
JSON_ERROR token".
* The transition to a TERMINAL(JSON_FOO) state doesn't consume the
input character. In that case, the lexer normally loops until it is
consumed. We have to suppress that for the "end of input" input
character. If we didn't, the lexer would consume it by entering
IN_ERROR state, emitting a bogus JSON_ERROR token. We fixed that in
commit bd3924a33a6.
However, simply breaking the loop this way assumes that the lexer
needs exactly one state transition to reach its start state. That
assumption is correct now, but it's unclean, and I'll soon break it.
Clean up: instead of breaking the loop after one iteration, break it
after it reached the start state.
Peter Maydell [Mon, 24 Sep 2018 15:46:43 +0000 (16:46 +0100)]
Merge remote-tracking branch 'remotes/alistair/tags/pull-riscv-pullreq-20180905' into staging
A misc collection of RISC-V related patches for 3.1.
# gpg: Signature made Wed 05 Sep 2018 23:06:55 BST
# gpg: using RSA key 21E10D29DF977054
# gpg: Good signature from "Alistair Francis <[email protected]>"
# gpg: WARNING: This key is not certified with sufficiently trusted signatures!
# gpg: It is not certain that the signature belongs to the owner.
# Primary key fingerprint: F6C4 AC46 D493 4868 D3B8 CE8F 21E1 0D29 DF97 7054
* remotes/alistair/tags/pull-riscv-pullreq-20180905:
riscv: remove define cpu_init()
hw/riscv/spike: Set the soc device tree node as a simple-bus
hw/riscv/virtio: Set the soc device tree node as a simple-bus
target/riscv: call gen_goto_tb on DISAS_TOO_MANY
target/riscv: optimize indirect branches
target/riscv: optimize cross-page direct jumps in softmmu
RISC-V: Simplify riscv_cpu_local_irqs_pending
RISC-V: Use atomic_cmpxchg to update PLIC bitmaps
RISC-V: Improve page table walker spec compliance
RISC-V: Update address bits to support sv39 and sv48
* remotes/kraxel/tags/vga-20180903-pull-request:
virtio-gpu: add iommu support
virtio-gpu: pass down VirtIOGPU pointer to a bunch of functions
use dpy_gfx_update_full
Revert "virtio-gpu: fix crashes upon warm reboot with vga mode"
virtio-vga: fix reset
Cornelia Huck [Thu, 30 Aug 2018 14:59:01 +0000 (16:59 +0200)]
qemu-error: add {error, warn}_report_once_cond
Add two functions to print an error/warning report once depending
on a passed-in condition variable and flip it if printed. This is
useful if you want to print a message not once-globally, but e.g.
once-per-device.
Inspired by warn_once() in hw/vfio/ccw.c, which has been replaced
with warn_report_once_cond().
Markus spotted some issues with this new test case which
unfortunately I didn't notice had been flagged until after
I'd applied the pull request. Revert the relevant commit.
* remotes/cohuck/tags/s390x-20180829:
target/s390x: use regular spaces in translate.c
hw/s390x: Move virtio-ccw-blk code to a separate file
hw/s390x: Move virtio-ccw-net code to a separate file
hw/s390x: Move virtio-ccw-input code to a separate file
hw/s390x: Move virtio-ccw-gpu code to a separate file
hw/s390x: Move vhost-vsock-ccw code to a separate file
hw/s390x: Move virtio-ccw-crypto code to a separate file
hw/s390x: Move virtio-ccw-9p code to a separate file
hw/s390x: Move virtio-ccw-rng code to a separate file
hw/s390x: Move virtio-ccw-scsi code to a separate file
hw/s390x: Move virtio-ccw-balloon code to a separate file
hw/s390x: Move virtio-ccw-serial code to a separate file
hw/s390x/virtio-ccw: Consolidate calls to virtio_ccw_unrealize()
target/s390x: fix PACK reading 1 byte less and writing 1 byte more
target/s390x: add EX support for TRT and TRTR
target/s390x: fix IPM polluting irrelevant bits
target/s390x: fix CSST decoding and runtime alignment check
target/s390x: add BAL and BALR instructions
tests/tcg: add a simple s390x test
Peter Maydell [Mon, 24 Sep 2018 09:46:33 +0000 (10:46 +0100)]
Merge remote-tracking branch 'remotes/armbru/tags/pull-qapi-2018-08-28' into staging
QAPI patches for 2018-08-28
# gpg: Signature made Tue 28 Aug 2018 17:23:32 BST
# gpg: using RSA key 3870B400EB918653
# gpg: Good signature from "Markus Armbruster <[email protected]>"
# gpg: aka "Markus Armbruster <[email protected]>"
# Primary key fingerprint: 354B C8B3 D7EB 2A6B 6867 4E5F 3870 B400 EB91 8653
* remotes/armbru/tags/pull-qapi-2018-08-28:
qapi: Add comments to aid debugging generated introspection
qapi: Minor introspect.py cleanups
qapi: Update docs for generator changes since commit 9ee86b85267
qapi: Emit a blank line before dummy declaration
qapi: Drop qapi_event_send_FOO()'s Error ** argument
qapi: Fix build_params() for empty parameter list
Max Filippov [Tue, 11 Sep 2018 01:23:35 +0000 (18:23 -0700)]
target/xtensa: fix s32c1i TCGMemOp flags
s32c1i must load and store value with target endianness, not host.
This results in an infinite loop in atomic cmpxchg sequences when target
endianness doesn't match host endianness.
Max Filippov [Fri, 31 Aug 2018 08:48:26 +0000 (01:48 -0700)]
tests/tcg/xtensa: only generate defined exception handlers
Don't generate handlers for IRQ levels that are not defined for the CPU
or for window overflow/underflow exceptions for configs w/o windowed
registers.
Max Filippov [Fri, 31 Aug 2018 19:00:42 +0000 (12:00 -0700)]
tests/tcg/xtensa: move exception handlers to separate section
Not all CPU configurations may have enough space for handler code
between exception/interrupt vectors. Leave jumps to the handlers at the
vectors, but move all handlers past the vectors area.
Max Filippov [Fri, 31 Aug 2018 07:40:28 +0000 (00:40 -0700)]
target/xtensa: fix FPU2000 bugs
- FPU2000 defines rfr and wfr opcodes, not rfr.s and wfr.s;
- movcond.s uses incorrect operand in tcg_gen_movcond: in case the
condition is not satisfied it must not change its argument 0.
Max Filippov [Mon, 20 Aug 2018 03:21:50 +0000 (20:21 -0700)]
tests/tcg/xtensa: add test for failed memory transactions
Failed memory transactions should raise exceptions 14 (for fetch) or 15
(for load/store) with XEA2.
Memory accesses that result in TLB miss followed by an attempt to load
PTE from physical memory which fails should raise InstTLBMiss or
LoadStoreTLBMiss with XEA2.
When a container fails, it leaves a dangling tarball which name is
based on a timestamp. Further uses of make won't clean those files,
neither calling the 'docker-clean' target.
Use the .DELETE_ON_ERROR built-in target to let make remove those
temporary tarballs in case of failure.
virtio_queue_get_desc_addr returns 64-bit hwaddr while int is usually 32-bit.
If returned hwaddr is not equal to 0 but least-significant 32 bits are
equal to 0 then this code will not actually stop running queue.
Igor Mammedov [Mon, 27 Aug 2018 11:07:10 +0000 (13:07 +0200)]
pc: make sure that guest isn't able to unplug the first cpu
The first cpu unplug wasn't ever supported and corresponding
monitor/qmp commands refuse to unplug it. However guest is able
to issue eject request either using following command:
# echo 1 >/sys/devices/system/cpu/cpu0/firmware_node/eject
or directly writing to cpu hotplug registers, which makes
qemu crash with SIGSEGV following back trace:
the reason for which is that ring == KVMState::coalesced_mmio_ring
happens to be a part of 1st CPU that was uplugged by guest.
Fix it by forbidding 1st cpu unplug from guest side and in addition
remove CPU0._EJ0 ACPI method to make clear that unplug of the first
CPU is not supported.
Jing Liu [Tue, 21 Aug 2018 03:18:07 +0000 (11:18 +0800)]
hw/pci: add PCI resource reserve capability to legacy PCI bridge
Add hint to firmware (e.g. SeaBIOS) to reserve addtional
BUS/IO/MEM/PREF resource for legacy pci-pci bridge. Add the
resource reserve capability deleting in pci_bridge_dev_exitfn.
Jing Liu [Tue, 21 Aug 2018 03:18:06 +0000 (11:18 +0800)]
hw/pci: factor PCI reserve resources to a separate structure
Factor "bus_reserve", "io_reserve", "mem_reserve", "pref32_reserve"
and "pref64_reserve" fields of the "GenPCIERootPort" structure out
to "PCIResReserve" structure, so that other PCI bridges can
reuse it to add resource reserve capability.
Paolo Bonzini [Thu, 23 Aug 2018 12:21:23 +0000 (14:21 +0200)]
virtio: update MemoryRegionCaches when guest negotiates features
Because the cache is sized to include the rings and the event indices,
negotiating the VIRTIO_RING_F_EVENT_IDX feature will result in the size
of the cache changing. And because MemoryRegionCache accesses are
range-checked, if we skip this we end up with an assertion failure.
This happens with OpenBSD 6.3.
Igor Mammedov [Wed, 22 Aug 2018 09:46:44 +0000 (11:46 +0200)]
pc: acpi: revert back to 1 SRAT entry for hotpluggable area
Commit 10efd7e108 "pc: acpi: fix memory hotplug regression by reducing stub SRAT entry size"
attemped to fix hotplug regression introduced by 848a1cc1e "hw/acpi-build: build SRAT memory affinity structures for DIMM devices"
fixed issue for Windows/3.0+ linux kernels, however it regressed 2.6 based
kernels (RHEL6) to the point where guest might crash at boot.
Reason is that 2.6 kernel discards SRAT table due too small last entry
which down the road leads to crashes. Hack I've tried in 10efd7e108 is also
not ACPI spec compliant according to which whole possible RAM should be
described in SRAT. Revert 10efd7e108 to fix regression for 2.6 based kernels.
With 10efd7e108 reverted, I've also tried splitting SRAT table statically
in different ways %/node and %/slot but Windows still fails to online
2nd pc-dimm hot-plugged into node 0 (as described in 10efd7e108) and
sometimes even coldplugged pc-dimms where affected with static SRAT
partitioning.
The only known so far way where Windows stays happy is when we have 1
SRAT entry in the last node covering all hotplug area.
Revert 848a1cc1e until we come up with a way to avoid regression
on Windows with hotplug area split in several entries.
Tested this with 2.6/3.0 based kernels (RHEL6/7) and WS20[08/12/12R2/16]).
Stefan Berger [Fri, 7 Sep 2018 15:47:06 +0000 (11:47 -0400)]
tests: Fix signalling race condition in TPM tests
This patch fixes a race condition and test failure where the main process
waits for the signal of a thread but the thread already sent that signal
via a condition. Since these signals are non-sticky, we need to introduce a
separate variable to make this signal sticky.
Sandipan Das [Thu, 6 Sep 2018 06:57:29 +0000 (12:27 +0530)]
target-ppc: Extend HWCAP2 bits for ISA 3.0
This adds the HWCAP2 bit to detect if a linux user process is
running on an ISA 3.0 compliant cpu like POWER9. This can be
verified using a simple test program that prints the value in
the auxiliary vector for AT_HWCAP2 as shown below.
Before:
$ qemu-ppc64le -cpu power8 test
0x8c000000
Michael Clark [Tue, 10 Apr 2018 08:02:46 +0000 (20:02 +1200)]
RISC-V: Use atomic_cmpxchg to update PLIC bitmaps
The PLIC previously used a mutex to protect against concurrent
access to the claimed and pending bitfields. Instead of using
a mutex, we update the bitfields using atomic_cmpxchg.
Rename sifive_plic_num_irqs_pending to sifive_plic_irqs_pending
and add an early out if any interrupts are pending as the
count of pending interrupts is not used.
Michael Clark [Sun, 4 Mar 2018 20:27:28 +0000 (09:27 +1300)]
RISC-V: Improve page table walker spec compliance
- Inline PTE_TABLE check for better readability
- Change access checks from ternary operator to if
- Improve readibility of User page U mode and SUM test
- Disallow non U mode from fetching from User pages
- Add reserved PTE flag check: W or W|X
- Add misaligned PPN check
- Set READ protection for PTE X flag and mstatus.mxr
- Use memory_region_is_ram in pte update
We need to set cs->halted to 1 before calling ppc_set_compat. The reason
is that ppc_set_compat kicks up the new thread created to manage the
hotplugged KVM virtual CPU and the code drives directly to KVM_RUN
ioctl. When cs->halted is 1, the code:
int kvm_cpu_exec(CPUState *cpu)
...
if (kvm_arch_process_async_events(cpu)) {
atomic_set(&cpu->exit_request, 0);
return EXCP_HLT;
}
...
returns before it reaches KVM_RUN, giving time to the main thread to
finish its job. Otherwise we can fall in a deadlock because the KVM
thread will issue the KVM_RUN ioctl while the main thread is setting up
KVM registers. Depending on how these jobs are scheduled we'll end up
freezing QEMU.
The following output shows kvm_vcpu_ioctl sleeping because it cannot get
the mutex and never will.
PS: kvm_vcpu_ioctl was triggered kvm_set_one_reg - compat_pvr.
The following command-line was used to reproduce the problem (note: gdb
and trace can change the results).
$ qemu-ppc/build/ppc64-softmmu/qemu-system-ppc64 -cpu host \
-enable-kvm -m 4096 \
-smp 4,maxcpus=8,sockets=1,cores=2,threads=4 \
-display none -nographic \
-drive file=disk1.qcow2,format=qcow2
...
(qemu) device_add host-spapr-cpu-core,core-id=4
[no interaction is possible after it, only SIGKILL to take the terminal
back]
John Snow [Thu, 30 Aug 2018 01:57:34 +0000 (21:57 -0400)]
jobs: remove job_defer_to_main_loop
Now that the job infrastructure is handling the job_completed call for
all implemented jobs, we can remove the interface that allowed jobs to
schedule their own completion.
John Snow [Thu, 30 Aug 2018 01:57:33 +0000 (21:57 -0400)]
jobs: remove ret argument to job_completed; privatize it
Jobs are now expected to return their retcode on the stack, from the
.run callback, so we can remove that argument.
job_cancel does not need to set -ECANCELED because job_completed will
update the return code itself if the job was canceled.
While we're here, make job_completed static to job.c and remove it from
job.h; move the documentation of return code to the .run() callback and
to the job->ret property, accordingly.
projects / qemu.git / log