History | View | Annotate | Download (71.5 kB)
Merge remote-tracking branch 'mst/tags/for_anthony' into staging
pci, pc, virtio bug fixes
This reverts PCI master abort support - we'll want iteventually but it exposes too many core bugs to be safe for 1.7.This also reverts a recent exec.c change that was an...
Revert "exec: limit system memory size"
This reverts commit 818f86b88394b7b2b59d313e51043fe15a8004db.
This was a work-around for bugs elsewhere in the system,exposed by commit a53ae8e934cd54686875b5bcfc2f434244ee55d6: "hw/pci: partially handle pci master abort"...
exec: fix breakpoint_invalidate when pc may not be translated
This fixes qemu abort with the following message:
include/qemu/int128.h:22: int128_get64: Assertion `!a.hi' failed.
which happens due to attempt to invalidate breakpoint by virtual address...
exec: limit system memory size
The page table logic in exec.c assumesthat memory addresses are at most TARGET_PHYS_ADDR_SPACE_BITS.
But pci addresses are full 64 bit so if we try to render them ignoringthe extra bits, we get strange effects with sections overlapping each...
exec: Fix bounce buffer allocation in address_space_map()
This fixes a regression introduced by commit e3127ae0c, which kept theallocation size of the bounce buffer limited to one page in order toavoid unbounded allocations (as explained in the commit message of...
exec: remove qemu_safe_ram_ptr
This is not needed since the RAM list is not modified anymore byqemu_get_ram_ptr. Replace it with qemu_get_ram_block.
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
exec: Fix prototype of phys_mem_set_alloc and related functions
phys_mem_alloc and its assigned values qemu_anon_ram_alloc andlegacy_s390_alloc must have identical argument lists.
legacy_s390_alloc uses the size parameter to call mmap, so size_t isgood enough for all of them....
Merge remote-tracking branch 'afaerber/tags/qom-cpu-for-anthony' into staging
QOM CPUState refactorings / X86CPU
cpu: Move cpu_copy() into linux-user
It is only used there and is deemed very fragile if not incorrect in itscurrent memcpy() form. Moving it into linux-user will allow to moveparts into target_cpu.h headers and only copy what the ABI mandates.
Signed-off-by: Andreas Färber <afaerber@suse.de>
exec: cleanup DEBUG_SUBPAGE
Touched some error after enabling DEBUG_SUBPAGE.
Signed-off-by: Amos Kong <akong@redhat.com>Reviewed-by: Paolo Bonzini <pbonzini@redhat.com>Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
Merge remote-tracking branch 'mjt/trivial-patches' into staging
Merge remote-tracking branch 'qemu-kvm/uq/master' into staging
exec: Fix broken build for MinGW (regression)
Commit 3435f39513a104294b5e3bbf3612047028d25cfc reduced the ifdeffery withthis result for MinGW:
exec.c: In function ‘qemu_ram_free’:exec.c:1239:17: warning: implicit declaration of function ‘munmap’ [-Wimplicit-function-declaration]...
exec: always use MADV_DONTFORK
MADV_DONTFORK prevents fork to fail with -ENOMEM if the defaultovercommit heuristics decides there's too much anonymous virtualmemory allocated. If the KVM secondary MMU is synchronized with MMUnotifiers or not, doesn't make a difference in that regard....
exec: Clean up unnecessary S390 ifdeffery
Another issue missed in commit fdec991 is -mem-path: it needs to berejected only for old S390 KVM, not for any S390. Not that Ipersonally care, but the ifdeffery in qemu_ram_alloc_from_ptr() annoysme.
Note that this doesn't actually make -mem-path work, as the kernel...
exec: Don't abort when we can't allocate guest memory
We abort() on memory allocation failure. abort() is appropriate forprogramming errors. Maybe most memory allocation failures areprogramming errors, maybe not. But guest memory allocation failureisn't, and aborting when the user asks for more memory than we can...
exec: Fix Xen RAM allocation with unusual options
Issues:
exec: Clean up fall back when -mem-path allocation fails
With -mem-path, qemu_ram_alloc_from_ptr() first tries to allocateaccordingly, but when it fails, it falls back to normal allocation.
The fall back allocation code used to be effectively identical to the...
exec: Reduce ifdeffery around -mem-path
Instead of spreading its ifdeffery everywhere, confine it toqemu_ram_alloc_from_ptr(). Everywhere else, simply test block->fd,which is non-negative exactly when block uses -mem-path.
Signed-off-by: Markus Armbruster <armbru@redhat.com>...
exec: Simplify the guest physical memory allocation hook
Make it a generic hook rather than a KVM hook. Less code andifdeffery.
Since the only user of the hook is old S390 KVM, there's hope we canget rid of it some day.
Acked-by: Christian Borntraeger <borntraeger@de.ibm.com>...
exec: Drop incorrect & dead S390 code in qemu_ram_remap()
Old S390 KVM wants guest RAM mapped in a peculiar way. Commit 6b02494implemented that.
When qemu_ram_remap() got added in commit cd19cfa, its code carefullymimicked the allocation code: peculiar way if defined(TARGET_S390X) &&...
exec: do tcg_commit only when tcg_enabled
Signed-off-by: liguang <lig.fnst@cn.fujitsu.com>Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
memory: Provide separate handling of unassigned io ports accesses
Accesses to unassigned io ports shall return -1 on read and be ignoredon write. Ensure these properties via dedicated ops, decoupling us fromthe memory core's handling of unassigned accesses....
exec: check offset_within_address_space for register subpage
If offset_within_address_space falls in a page, then we register asubpage. So check offset_within_address_space rather thanoffset_within_region.
Cc: qemu-stable@nongnu.orgCc: Paolo Bonzini <pbonzini@redhat.com>...
exec: fix writing to MMIO area with non-power-of-two length
The problem is introduced by commit 2332616 (exec: Support 64-bitoperations in address_space_rw, 2013-07-08). Before that commit,memory_access_size would only return 1/2/4.
Since alignment is already handled above, reduce l to the largest...
cpu: Use QTAILQ for CPU list
Introduce CPU_FOREACH(), CPU_FOREACH_SAFE() and CPU_NEXT() shorthandmacros.
cpu: Replace qemu_for_each_cpu()
It was introduced to loop over CPUs from target-independent code, butsince commit 182735efaf956ccab50b6d74a4fed163e0f35660 target-independentCPUState is used.
A loop can be considered more efficient than function calls in a loop,...
cpu: Fix VMSTATE_CPU() semantics
Commit 1a1562f5ea3da17d45d3829e35b5f49da9ec2db5 prepared a VMSTATE_CPU()macro for device-style VMStateDescription registration, but missed toadapt cpu_exec_init(), so that the "cpu_common" VMStateDescription wasstill registered for AlphaCPU (fe31e7374299c0c6172ce618b29bf2fecbd881c7)...
kvm: Change prototype of kvm_update_guest_debug()
Passing a CPUState pointer instead of a CPUArchState pointer eliminatesthe last target dependent data type in sysemu/kvm.h.
It also simplifies the code.
Signed-off-by: Stefan Weil <sw@weilnetz.de>Acked-by: Paolo Bonzini <pbonzini@redhat.com>...
Merge remote-tracking branch 'riku/linux-user-for-upstream' into staging
linux-user: Reset copied CPUs in cpu_copy() always
When a new thread gets created, we need to reset non arch specific state toget the new CPU into clean state.
However this reset should happen before the arch specific CPU contents getcopied over. Otherwise we end up having clean reset state in our newly created...
cpu: Turn cpu_get_phys_page_debug() into a CPUClass hook
Change breakpoint_invalidate() argument to CPUState alongside.
Since all targets now assign a softmmu-only field, we can drop helperscpu_class_set_{do_unassigned_access,vmsd}() and device_class_set_vmsd()....
exec: Change cpu_memory_rw_debug() argument to CPUState
Propagate X86CPU in kvmvapic for simplicity.
cpu: Move singlestep_enabled field from CPU_COMMON to CPUState
Prepares for changing cpu_single_step() argument to CPUState.
Acked-by: Michael Walle <michael@walle.cc> (for lm32)Signed-off-by: Andreas Färber <afaerber@suse.de>
cpu: Change cpu_single_step() argument to CPUState
Use CPUState::env_ptr for now.
Needed for GdbState::c_cpu.
exec.c: Pass correct pointer type to qemu_ram_ptr_length
Commit e3127ae0 introduced a problem where we're passing ahwaddr* to qemu_ram_ptr_length() but it wants a ram_addr_t*;this will cause problems on 32 bit hosts and in any caseprovokes a clang warning on MacOSX:...
exec: fix incorrect assumptions in memory_access_size
access_size_min can be 1 because erroneous accesses must not crashQEMU, they should trigger exceptions in the guest or just returngarbage (depending on the CPU). I am not sure I understand thecomment: placing a 4-byte field at the last byte of a region...
exec: Support 64-bit operations in address_space_rw
Honor the implementation maximum access size, and at least checkthe minimum access size.
Reviewed-by: Paolo Bonzini <pbonzini@redhat.com>Signed-off-by: Richard Henderson <rth@twiddle.net>
QOM CPUState refactorings
log: Change log_cpu_state[_mask]() argument to CPUState
Since commit 878096eeb278a8ac1ccd6667af73e026f29b4cf5 (cpu: Turncpu_dump_{state,statistics}() into CPUState hooks) CPUArchState is nolonger needed.
Add documentation and make the functions available through qemu/log.h...
cpu: Make first_cpu and next_cpu CPUState
Move next_cpu from CPU_COMMON to CPUState.Move first_cpu variable to qom/cpu.h.
gdbstub needs to use CPUState::env_ptr for now.cpu_copy() no longer needs to save and restore cpu_next.
Acked-by: Paolo Bonzini <pbonzini@redhat.com>...
cpu: Replace cpu_single_env with CPUState current_cpu
Move it to qom/cpu.h.
Simplify -machine option queries with qemu_get_machine_opts()
The previous two commits fixed bugs in -machine option queries. Ican't find fault with the remaining queries, but let's useqemu_get_machine_opts() everywhere, for consistency, simplicity and...
exec: Remove unused global variable phys_ram_fd
It seems to be unused since several years (commitbe995c27640a82c7056b6f53d02ec823570114e5 in 2006).
Signed-off-by: Stefan Weil <sw@weilnetz.de>Reviewed-by: Andreas Färber <afaerber@suse.de>Message-id: 1373044036-14443-1-git-send-email-sw@weilnetz.de...
exec: remove cur_map
cur_map is not used anymore; instead, each AddressSpaceDispatchhas its own nodes/sections pair. The priorities of theMemoryListeners, and in the future RCU, guarantee that thenodes/sections are not freed while they are still in use....
exec: change some APIs to take AddressSpaceDispatch
Reviewed-by: Jan Kiszka <jan.kiszka@siemens.com>Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
exec: change well-known physical sections to macros
Sections like phys_section_unassigned always have fixed addressin phys_sections. Declared as macro, so we can use themwhen having more than one phys_sections array.
Signed-off-by: Liu Ping Fan <pingfank@linux.vnet.ibm.com>...
exec: separate current memory map from the one being built
Currently, phys_node_map and phys_sections are shared by allof the AddressSpaceDispatch. When updating mem topology, allAddressSpaceDispatch will rebuild dispatch tables sequentiallyon them. In order to prepare for RCU access, leave the old...
exec: move listener from AddressSpaceDispatch to AddressSpace
This will help having two copies of AddressSpaceDispatch during therecreation of the radix tree (one being built, and one that is completeand will be protected by RCU). We do not want to have to unregister and...
exec: separate current radix tree from the one being built
This same treatment previously done to phys_node_map and phys_sectionsis now applied to the dispatch field of AddressSpace. Topology updatesuse as->next_dispatch while accesses use as->dispatch....
exec: put memory map in AddressSpaceDispatch
After this patch, AddressSpaceDispatch holds a constistent tuple of(phys_map, nodes, sections). This will be important when updatesof the topology will run concurrently with reads.
cur_map is not used anymore except for freeing it at the end of the...
memory: return MemoryRegion from qemu_ram_addr_from_host
It will be needed in the next patch.
exec: reorganize address_space_map
First of all, rename "todo" to "done".
Second, clearly separate the case of done == 0 with the case of done != 0.This will help handling reference counting in the next patch.
Third, this test:
if (memory_region_get_ram_addr(mr) + xlat != raddr + todo) {...
memory: ref/unref memory across address_space_map/unmap
The iothread mutex might be released between map and unmap, so themapped region might disappear.
exec: simplify destruction of the phys map
Do not bother visiting the radix tree when an address space is destroyed.After the previous patch, this has become a pointless exercise. Whencalled from address_space_destroy_dispatch, all you're doing is zeroing...
memory: add ref/unref calls
Add ref/unref calls at the following places:
- places where memory regions are stashed by a listener and used outside the BQL (including in Xen or KVM).
- memory_region_find callsites
- creation of aliases and containers (only the aliased/contained...
exec: check MRU in qemu_ram_addr_from_host
This function is not used outside the iothread mutex, so itcan use ram_list.mru_block.
exec: move qemu_ram_addr_from_host_nofail to cputlb.c
After the next patch it would not be used elsewhere anyway. Also,the _nofail and the standard versions of this function return differentthings, which is confusing. Removing the function from the public headers...
ioport: Switch dispatching to memory core layer
The current ioport dispatcher is a complex beast, mostly due to theneed to deal with old portio interface users. But we can overcome itwithout converting all portio users by embedding the required baseaddress of a MemoryRegionPortio access into that data structure. That...
memory: add owner argument to initialization functions
memory: destroy phys_sections one by one
phys_sections_clear is invoked after the dispatch tree has beendestroyed. This leaves a window where phys_sections_nb > 0 but thesubpages are not valid anymore, which is a recipe for use-after-freebugs.
Move the destruction of subpages in phys_sections_clear. We will...
cpu: Change cpu_exit() argument to CPUState
It no longer depends on CPUArchState, so move it to qom/cpu.c.
Prepares for changing GDBState::c_cpu to CPUState.
cpu: Turn cpu_dump_{state,statistics}() into CPUState hooks
Make cpustats monitor command available unconditionally.
Prepares for changing kvm_handle_internal_error() and kvm_cpu_exec()arguments to CPUState.
cpu: Introduce VMSTATE_CPU() macro for CPUState
To be used to embed common CPU state into CPU subclasses.
Reviewed-by: Juan Quintela <quintela@redhat.com>Signed-off-by: Andreas Färber <afaerber@suse.de>
linux-user: Fix compilation failure
Fix compilation failures for linux-user targets following recentmigration related commits bd2fa51fcd and 43487c67.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>Message-id: 1372362818-4740-1-git-send-email-peter.maydell@linaro.org...
rdma: introduce qemu_ram_foreach_block()
This is used during RDMA initialization in order totransmit a description of all the RAM blocks to thepeer for later dynamic chunk registration purposes.
Reviewed-by: Juan Quintela <quintela@redhat.com>Reviewed-by: Paolo Bonzini <pbonzini@redhat.com>...
dma: eliminate DMAContext
The DMAContext is a simple pointer to an AddressSpace that is now alwaysalready available. Make everyone hold the address space directly,and clean up the DMA API to use the AddressSpace directly.
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>...
memory: give name to every AddressSpace
The "info mtree" command in QEMU console prints only "memory" and "I/O" address spaces while there are actually a lot more other AddressSpacestructs created by PCI and VIO devices. Those devices do not normallyhave names and therefore not present in "info mtree" output....
exec: reorganize mem_add to match Int128 version
When adding support for 2^64-byte sections, we will have to changethe structure of mem_add to avoid failures in int128_get64.Reorganize the code now before introducing Int128.
memory: make section size a 128-bit integer
So far, the size of all regions passed to listeners could fit in 64 bits,because artificial regions (containers and aliases) are eliminated bythe memory core, leaving only device regions which have reasonable sizes...
memory: iommu support
Add a new memory region type that translates addresses it is given,then forwards them to a target address space. This is similar toan alias, except that the mapping is more flexible than a lineartranslation and trucation, and also less efficient since the...
dma: eliminate old-style IOMMU support
The translate function in the DMAContext is now always NULL.Remove every reference to it.
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
exec.c: address_space_translate: handle access to addr 0 of 2^64 sized region
The memory API allows a MemoryRegion's size to be 2^64, as a specialcase (otherwise the size always fits in a 64 bit integer). This meantthat attempts to access address zero in a 2^64 sized region would...
memory: Introduce address_space_lookup_region
This introduces a wrapper for phys_page_find (before we complicateaddress_space_translate with IOMMU translation). This function willalso encapsulate locking and reference counting when we introduceBQL-free dispatching....
memory: move private types to exec.c
exec: Allow unaligned address_space_rw
This will be needed for some corner cases with para-virtual I/O ports.
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
exec: Resolve subpages in one step except for IOTLB fills
Except for the case of setting the IOTLB entry in TCG mode, we can avoidthe subpage dispatching handlers and do the resolution directly onaddress_space_lookup_region. An IOTLB entry describes a full page, not...
exec: Implement subpage_read/write via address_space_rw
This will allow to add support for unaligned memory regions: the subpagecontainer region can activate unaligned support unconditionally becausethe read/write handler will now ensure that accesses are split as...
exec: return MemoryRegion from address_space_translate
Only address_space_translate_for_iotlb needs to return the section.Every caller of address_space_translate now uses only section->mr,return it directly.
Revert "memory: limit sections in the radix tree to the actual address space size"
This reverts commit 86a8623692b1b559a419a92eb8b6897c221bca74.
memory: add return value to address_space_rw/read/write
Reviewed-by: Richard Henderson <rth@twiddle.net>Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
memory: propagate errors on I/O dispatch
exec: just use io_mem_read/io_mem_write for 8-byte I/O accesses
The memory API is able to split it in two 4-byte accesses.
memory: correctly handle endian-swapped 64-bit accesses
memory: add address_space_access_valid
The old-style IOMMU lets you check whether an access is valid in agiven DMAContext. There is no equivalent for AddressSpace in thememory API, implement it with a lookup of the dispatch tree.
Reviewed-by: Richard Henderson <rth@twiddle.net>...
exec: implement .valid.accepts for subpages
exec: introduce memory_access_size
This will be used by address_space_access_valid too.
exec: introduce memory_access_is_direct
After the previous patches, this is a common test for all read/writefunctions.
exec: expect mr->ops to be initialized for ROM
There is no need to use the special phys_section_rom section.
memory: move unassigned_mem_ops to memory.c
reservation_ops is already doing the same thing.
memory: add address_space_translate
Using phys_page_find to translate an AddressSpace to a MemoryRegionSectionis unwieldy. It requires to pass the page index rather than the address,and later memory_region_section_addr has to be called. Replacememory_region_section_addr with a function that does all of it: call...
memory: dispatch unassigned accesses based on .valid.accepts
This provides the basics for detecting accesses to unassigned memoryas soon as they happen, and also for a simple implementation ofaddress_space_access_valid.
exec: do not use error_mem_read
We will soon reach this case when doing (unaligned) accesses thatspan partly past the end of memory. We do not want to crash inthat case.
unassigned_mem_ops and rom_mem_ops are now the same.
exec: make io_mem_unassigned private
There is no reason to avoid a recompile before accessing unassignedmemory. In the end it will be treated as MMIO anyway.
exec: drop useless #if
This code is only compiled for softmmu targets.
exec: eliminate io_mem_ram
It is never used, the IOTLB always goes through io_mem_notdirty.
In fact in softmmu_template.h, if it were, QEMU would crash justbelow the tests, as soon as io_mem_read/write dispatches toerror_mem_read/write.
memory: clean up phys_page_find
Remove the goto.
memory: limit sections in the radix tree to the actual address space size
The radix tree is statically sized to fit TARGET_PHYS_ADDR_SPACE_BITS.If a larger memory region is registered, it will overflow.
Fix by limiting any section in the radix tree to the supported size....
memory: assert that PhysPageEntry's ptr does not overflow
While sized to 15 bits in PhysPageEntry, the ptr field is ORed into theiotlb entries together with a page-aligned pointer. The ptr field mustnot overflow into this page-aligned value, assert that it is smaller than...
exec: eliminate stq_phys_notdirty
It is not used anywhere.