The current implementation of alloc_refcount_block and grow_refcount_table has
fundamental problems regarding error handling. There are some places where an
I/O error means that the image is going to be corrupted. I have found that the
only way to fix this is to completely rewrite the thing.
In detail, the problem is that the refcount blocks itself are allocated using
alloc_refcount_noref (to avoid endless recursion when updating the refcount of
the new refcount block, which migh access just the same refcount block but its
allocation is not yet completed...). Only at the end of the refcount allocation
the refcount of the refcount block is increased. If an error happens in
between, the refcount block is in use, but has a refcount of zero and will
likely be overwritten later.
The new approach is explained in comments in the code. The trick is basically
to let new refcount blocks describe their own refcount, so their refcount will
be automatically changed when they are hooked up in the refcount table.
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
When the refcount table grows, it doesn't only grow by one entry but reserves
some space for future refcount blocks. The algorithm to calculate the number of
entries stays the same with the fixes, so factor it out before replacing the
rest.
As Juan suggested take the opportunity to simplify the code a bit.
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
This ensures that the compiler does not move it away from
the "env = env1;" assignment. Fixes a miscompilation
on gcc 4.4, reported by Jay Foad.
Cc: <jay.foad@gmail.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
When we signal a CpU exception for coprocessor 0, we should indicate
that it's for coprocessor 0 instead of coprocessor 1.
Signed-off-by: Nathan Froyd <froydnj@codesourcery.com>
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
This is a reimplementation of prior versions which adds
the ability to define cpu models for contemporary processors.
The added models are likewise selected via -cpu <name>,
and are intended to displace the existing convention
of "-cpu qemu64" augmented with a series of feature flags.
A primary motivation was determination of a least common
denominator within a given processor class to simplify guest
migration. It is still possible to modify an arbitrary model
via additional feature flags however the goal here was to
make doing so unnecessary in typical usage. The other
consideration was providing models names reflective of
current processors. Both AMD and Intel have reviewed the
models in terms of balancing generality of migration vs.
excessive feature downgrade relative to released silicon.
This version of the patch replaces the prior hard wired
definitions with a configuration file approach for new
models. Existing models are thus far left as-is but may
easily be transitioned to (or may be overridden by) the
configuration file representation.
Proposed new model definitions are provided here for current
AMD and Intel processors. Each model consists of a name
used to select it on the command line (-cpu <name>), and a
model_id which corresponds to a least common denominator
commercial instance of the processor class.
A table of names/model_ids may be queried via "-cpu ?model":
:
x86 Opteron_G3 AMD Opteron 23xx (Gen 3 Class Opteron)
x86 Opteron_G2 AMD Opteron 22xx (Gen 2 Class Opteron)
x86 Opteron_G1 AMD Opteron 240 (Gen 1 Class Opteron)
x86 Nehalem Intel Core i7 9xx (Nehalem Class Core i7)
x86 Penryn Intel Core 2 Duo P9xxx (Penryn Class Core 2)
x86 Conroe Intel Celeron_4x0 (Conroe/Merom Class Core 2)
:
Also added is "-cpu ?dump" which exhaustively outputs all config
data for all defined models, and "-cpu ?cpuid" which enumerates
all qemu recognized CPUID feature flags.
The pseudo cpuid flag 'check' when added to the feature flag list
will warn when feature flags (either implicit in a cpu model or
explicit on the command line) would have otherwise been quietly
unavailable to a guest:
# qemu-system-x86_64 ... -cpu Nehalem,check
warning: host cpuid 0000_0001 lacks requested flag 'sse4.2|sse4_2' [0x00100000]
warning: host cpuid 0000_0001 lacks requested flag 'popcnt' [0x00800000]
A similar 'enforce' pseudo flag exists which in addition
to the above causes qemu to error exit if requested flags are
unavailable.
Configuration data for a cpu model resides in the target config
file which by default will be installed as:
/usr/local/etc/qemu/target-<arch>.conf
The format of this file should be self explanatory given the
definitions for the above six models and essentially mimics
the structure of the static x86_def_t x86_defs.
Encoding of cpuid flags names now allows aliases for both the
configuration file and the command line which reconciles some
Intel/AMD/Linux/Qemu naming differences.
This patch was tested relative to qemu.git.
Signed-off-by: john cooper <john.cooper@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
v1 -> v2 coding style changes
Add a tty close callback. Right now if a guest device that is connected
to a tty-based chardev in the host is removed, the tty is not closed.
With this patch it is closed.
Example use case is connecting an emulated USB serial cable in the guest
to ttyS0 of the host using the monitor command:
usb_add serial::/dev/ttyS0
and then removing the device with:
usb_del serial::/dev/ttyS0
Signed-off-by: David Ahern <daahern@cisco.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
o Implement receive overrun status. The FreeBSD uart driver
relies on this status in it's probe routine to determine the size
of the FIFO supported.
o As per the 16550 spec, do not overwrite the RX FIFO on an RX overrun.
o Do not allow TX or RX FIFO overruns to increment the data valid count
beyond the size of the FIFO.
o For reads of the IIR register, only clear the "TX holding register
emtpy interrupt" if the read reports this interrupt. This is required
by the specification and avoids losing TX interrupts when other,
higher priority interrupts (usually RX) are reported first.
Signed-off-by: Justin T. Gibbs <gibbs@FreeBSD.org>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
pci_data_write ignores high 8 bit in address,
so there seems to be no need to set them
in apb_pci.
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
cc1: warnings being treated as errors
/src/qemu/hw/pl181.c: In function 'pl181_fifo_run':
/src/qemu/hw/pl181.c:185: error: 'value' may be used uninitialized in this function
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
The PL181 data transfer loop incorrectly terminates after the last FIFO
word is popped, discarding the last 3 bytes of data on a write transfer.
Signed-off-by: Paul Brook <paul@codesourcery.com>
With SIG_IPI blocked vcpu loop exit notification happens via -EAGAIN
from KVM_RUN.
Signed-off-by: Marcelo Tosatti <mtosatti@redhat.com>
Signed-off-by: Avi Kivity <avi@redhat.com>
Change the way the internal qemu signal, used for communication between
iothread and vcpus, is handled.
Block and consume it with sigtimedwait on the outer vcpu loop, which
allows more precise timing control.
Change from standard signal (SIGUSR1) to real-time one, so multiple
signals are not collapsed.
Set the signal number on KVM's in-kernel allowed sigmask.
Signed-off-by: Marcelo Tosatti <mtosatti@redhat.com>
Signed-off-by: Avi Kivity <avi@redhat.com>
In KVM mode the global mutex is released when vcpus are executing,
which means acquiring the fairness mutex is not required.
Also for KVM there is one thread per vcpu, so tcg_has_work is meaningless.
Add a new qemu_wait_io_event_common function to hold common code
between TCG/KVM.
Signed-off-by: Marcelo Tosatti <mtosatti@redhat.com>
Signed-off-by: Avi Kivity <avi@redhat.com>
Otherwise a vcpu thread can run the sigchild handler causing
waitpid() from iothread to fail.
Signed-off-by: Marcelo Tosatti <mtosa...@redhat.com>
Signed-off-by: Avi Kivity <avi@redhat.com>
Remove all references to KVM_CR3_CACHE as it was never implemented.
Signed-off-by: Jes Sorensen <Jes.Sorensen@redhat.com>
Signed-off-by: Avi Kivity <avi@redhat.com>
This should explain a lot of the weird breakages of upstream KVM we've
seen recently (actually we should have seen it much earlier):
Stop translating eflags into TCG format when in kvm mode as we never
translate it back and rather sync this broken state into the kernel.
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Signed-off-by: Avi Kivity <avi@redhat.com>
CRISv10 cores (unlike v32) do not take any interrupts while delayed
jumps are pending (delay slots).
Signed-off-by: Edgar E. Iglesias <edgar.iglesias@gmail.com>
brk insns while in user mode raise priv insn exceptions.
This commit makes gdbserver work on linux guests.
Signed-off-by: Edgar E. Iglesias <edgar.iglesias@petalogix.com>
Use 32-bit arithmetic for the address offset calculation to fix a
build failure on 32-bit hosts.
Signed-off-by: Jay Foad <jay.foad@gmail.com>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
On 32-bit hosts op_qemu_ld32s is unused. Remove it to fix the
following assertion failure:
qemu-alpha: tcg/tcg.c:1055:
tcg_add_target_add_op_defs: Assertion `tcg_op_defs[op].used' failed.
Signed-off-by: Jay Foad <jay.foad@gmail.com>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
Previously ORC was always implemented by tcg-op.h with
an explicit NOT opcode. Allow a target implementation.
Signed-off-by: Richard Henderson <rth@twiddle.net>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
Previously ANDC was always implemented by tcg-op.h with
an explicit NOT opcode. Allow a target implementation.
Signed-off-by: Richard Henderson <rth@twiddle.net>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
The fallback implementation of "ret = arg1 ^ -1" isn't ideal
because of the extra tcg op to load the minus one.
Signed-off-by: Richard Henderson <rth@twiddle.net>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
The fallback implementation of "ret = 0 - arg1" isn't ideal,
first because of the extra tcg op to load the zero, and second
because we fail to handle zero as %g0 for arg1 of the sub.
Signed-off-by: Richard Henderson <rth@twiddle.net>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
/src/qemu/hw/ide/core.c: In function 'ide_drive_pre_save':
/src/qemu/hw/ide/core.c:2740: warning: comparison is always false due to limited range of data type
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
/src/qemu/net.c: In function `net_check_clients':
/src/qemu/net.c:1287: warning: `has_nic' might be used uninitialized in this function
/src/qemu/net.c:1287: warning: `has_host_dev' might be used uninitialized in this function
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
New version after malc's comments. (This avoids having to do
#if defined __linux__ || defined __FreeBSD__ || defined __FreeBSD_kernel__
for the third case.)
Submitted by: Andreas Tobler <andreast@fgznet.ch> (original version)
Signed-off-by: Juergen Lock <nox@jelal.kn-bremen.de>
Signed-off-by: malc <av1474@comtv.ru>
New version after malc's comments. (Added error handling.)
Submitted by: Andreas Tobler <andreast@fgznet.ch>
Signed-off-by: Juergen Lock <nox@jelal.kn-bremen.de>
Signed-off-by: malc <av1474@comtv.ru>
