SystemTap's dtrace(1) produces the following warning when it encounters
"char const" instead of "const char":
Warning: /usr/bin/dtrace:trace-dtrace-root.dtrace:66: syntax error near:
probe flatview_destroy_rcu
Warning: Proceeding as if --no-pyparsing was given.
This is a limitation in current SystemTap releases. I have sent a patch
upstream to accept "char const" since it is valid C:
https://sourceware.org/ml/systemtap/2018-q1/msg00017.html
In QEMU we still wish to avoid warnings in the current SystemTap
release. It's simple enough to replace "char const" with "const char".
I'm not changing the documentation or implementing checks to prevent
this from occurring again in the future. The next release of SystemTap
will hopefully resolve this issue.
Cc: Daniel P. Berrange <berrange@redhat.com>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
Reviewed-by: Daniel P. Berrange <berrange@redhat.com>
Message-id: 20180201162625.4276-1-stefanha@redhat.com
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
Previously functions having arguments of type bool was not traced
properly. The bool arguments were missing from the trace.
Signed-off-by: Jon Emil Jahren <jonemilj@gmail.com>
Message-id: 20180129041648.30884-3-jonemilj@gmail.com
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
Using the greedy star matching, arguments like "...%"PRIx64 caused issues
for functions with multiple PRI formats.
The issue was only seen with the ust backend, as it is the only one
using the format regex.
The result for many functions was that the arguments coming after the
greedy star end was left out of the tracepoint, and in some cases some
of the arguments that was traced had the wrong format.
Signed-off-by: Jon Emil Jahren <jonemilj@gmail.com>
Message-id: 20180129041648.30884-2-jonemilj@gmail.com
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
RHEL6's compilers don't like the repeated typedef.
Signed-off-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Tested-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
The QEMU monitor enters an infinite loop when trying to auto-complete commands
that accept only optional parameters. The commands currently affected by this
issue are 'info registers' and 'info mtree'.
Reported-by: Dimitris Karagkasidis <t.pagef.lt@gmail.com>
Fixes: 48fe86f640
Signed-off-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
Message-Id: <20180213125143.23488-1-dgilbert@redhat.com>
Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com>
Signed-off-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
The "default" parameter of the "-mon" option is useless since
QEMU v2.4.0, and marked as deprecated since QEMU v2.8.0. That
should have been long enough to let people update their scripts,
so time to remove it now.
Signed-off-by: Thomas Huth <thuth@redhat.com>
Message-Id: <1513700253-10045-1-git-send-email-thuth@redhat.com>
Reviewed-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
Signed-off-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
Highlights of this batch:
* Conversion to TranslatorOps (Emilio Cota)
* Further bugfixes and cleanups to vcpu id allocation for pseries
(Greg Kurz)
* Another bugfix for HPT resizing (Daniel Henrique-Barboza)
* Macintosh CUDA cleanups (Mark Cave-Ayland)
* Further tweaks to Spectre/Meltdown mitigations (Suraj Singh)
-----BEGIN PGP SIGNATURE-----
iQIzBAABCAAdFiEEdfRlhq5hpmzETofcbDjKyiDZs5IFAlqGq6IACgkQbDjKyiDZ
s5IW5Q//a2217YE+XsCaL2wJkDVGFwg56HIoD7BAgsygbiplxy5QTXSk8GO/H85A
ybi4TFnYTt2kc4fYspXPLUDAB39Juv/pDwvHL0TjJCyxnT56YwSuLN+V8U3c1uKr
H1cwxlDHjB+NFx94JDf7Ze3iUvShr/NAzlS4+N/7xENc3RewU25gl8z7+W8UGMlb
uHTgISxV2F/WkMzFlAyqQDtkurgmtvW/XRp6l804wGecPDg1GeF3EIcKTDrJ9WtS
yleQ7hTRdc3ML+66O6pWGz6fVt6IGk7rS0iJTjqmeXqv1zglbFiW5pbX6p/4OyWo
S3wsac0tAI2Vvymkh4TcfqtfmEYwC1+fCtEmBbf2QetCchcYrIDsnBEasvOFnBbL
utDliSbEQlKKMcG5/8gnIZeXQCvDWaIWUxgM6pcPYG/OU3RP2O5/+QNfpHy2pgYs
YnrNmuaiVG4qJeXYK2Y/BqBxrIjQVsJIIZumywpdY/tgmJ2A3zg2Zv83b3LBHmrE
d4k+qZmkZTBhKUYyskMDreqMEfR82VCQHjXsvblP0YGJ0M1v1MZVKiQR7goj7mfe
TIYqVxmuFwHb5dYe2wgLHKRtlZ3Z34+24Pe+lIAo+DCEAxtEHVYi/za9uNqtbf/i
jHQ5WFmaUdgLLAdomFhxSD/hg/bhGTpiJDB/yk4MUrLM76aAb78=
=2DYH
-----END PGP SIGNATURE-----
Merge remote-tracking branch 'remotes/dgibson/tags/ppc-for-2.12-20180216' into staging
ppc patch queue 2018-02-16
Highlights of this batch:
* Conversion to TranslatorOps (Emilio Cota)
* Further bugfixes and cleanups to vcpu id allocation for pseries
(Greg Kurz)
* Another bugfix for HPT resizing (Daniel Henrique-Barboza)
* Macintosh CUDA cleanups (Mark Cave-Ayland)
* Further tweaks to Spectre/Meltdown mitigations (Suraj Singh)
# gpg: Signature made Fri 16 Feb 2018 10:00:02 GMT
# gpg: using RSA key 6C38CACA20D9B392
# gpg: Good signature from "David Gibson <david@gibson.dropbear.id.au>"
# gpg: aka "David Gibson (Red Hat) <dgibson@redhat.com>"
# gpg: aka "David Gibson (ozlabs.org) <dgibson@ozlabs.org>"
# gpg: aka "David Gibson (kernel.org) <dwg@kernel.org>"
# Primary key fingerprint: 75F4 6586 AE61 A66C C44E 87DC 6C38 CACA 20D9 B392
* remotes/dgibson/tags/ppc-for-2.12-20180216:
ppc4xx: Add device models found in PPC440 core SoCs
ppc/spapr-caps: Disallow setting workaround for spapr-cap-ibs
target/ppc: convert to TranslatorOps
target/ppc: convert to DisasContextBase
spapr: consolidate the VCPU id numbering logic in a single place
spapr: rename spapr_vcpu_id() to spapr_get_vcpu_id()
spapr: move VCPU calculation to core machine code
spapr: use spapr->vsmt to compute VCPU ids
ppc/spapr-caps: Change migration macro to take full spapr-cap name
hw/char: remove legacy interface escc_init()
hw/ppc/spapr_hcall: set htab_shift after kvmppc_resize_hpt_commit
cuda: convert to trace-events
ppc: move CUDAState and other CUDA-related definitions into separate cuda.h file
cuda: convert to use the shared mos6522 device
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Note that the 'Add test for migration to bad destination' displays
a 'Connection refused' during running, but still gives the correct exit
code and OK (It's checking that the source doesn't fail when
it can't connect, so that's the right error).
If it's particularly disliked that patch can be skipped individually.
-----BEGIN PGP SIGNATURE-----
iQIcBAABAgAGBQJahFawAAoJEAUWMx68W/3nwE4P/ih+c4uIG6rmwmQzfrKz7usM
6yI9doyejn8uslIQAsU+me8LTGzGI8EeevAOONGO7atySIc2BzujVBxwZIRr70rj
zJpv3dbU/kLPJC40sZixJ8lvaGQ0iGe9WAGxoOf523ezBzr0ir/Ha1W270ZxgGgw
/1MFY45krye/wc+D/TdH3qjh3fkdcbbOMEcTaVJLaM2eKHfSnpQdrx7iE3Z9KZ/G
/hgXiIzz8mZsFJTRtwjV1701fj0wKVDUAqgpsY8lmOxRMmFYuZmFKk1D+ppFXaov
3dcrnP5gaX+42lQPKN5uVLH9pix3Q6AqcFRgSHRECugqFBlhckG2ZevatQIynCDB
t9kV3fG5oAbfWUASayOhH2u4RUNGo9Hp1HPx7SPRSAhhpH1/p4vUfJKOn84e+jc2
5r4Vyuit9BLwvHtt1awnVJZYVIJ/S/178/bSw//zHDQqKA1YakSmGkAWy5IT6LgF
0eGGHmzxpFE4jMI7biM8OiSd0/SjU/ijV5sSAUyJM36d+ZuzsYf7myI17JQUoPmr
/K1ld8y48MAY4K4M0wVBr8pcDY4eUw6XwWTX4FMPwYwdzdGbPNet+aR+VwCieoJU
85e2gP8celL1xQz1bb9q43vV2gqkoAiw8tyUkuXvpPwRSa5foMOrteTr5V7MP660
10Qg5Vp69SvnU7ggQCX+
=drNV
-----END PGP SIGNATURE-----
Merge remote-tracking branch 'remotes/dgilbert/tags/pull-migration-20180214a' into staging
Migration pull 20180214
Note that the 'Add test for migration to bad destination' displays
a 'Connection refused' during running, but still gives the correct exit
code and OK (It's checking that the source doesn't fail when
it can't connect, so that's the right error).
If it's particularly disliked that patch can be skipped individually.
# gpg: Signature made Wed 14 Feb 2018 15:33:04 GMT
# gpg: using RSA key 0516331EBC5BFDE7
# gpg: Good signature from "Dr. David Alan Gilbert (RH2) <dgilbert@redhat.com>"
# Primary key fingerprint: 45F5 C71B 4A0C B7FB 977A 9FA9 0516 331E BC5B FDE7
* remotes/dgilbert/tags/pull-migration-20180214a:
migration: pass MigrationState to migrate_init()
migration: allow send_rq to fail
migration: provide postcopy_fault_thread_notify()
migration: reuse mis->userfault_quit_fd
migration: better error handling with QEMUFile
tests/migration: Add test for migration to bad destination
migration: Fix early failure cleanup
tests/migration: Add source to PC boot block
migration: improve documentation of postcopy-ram
migration/xen: Check return value of qemu_fclose
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
In previous commit:
commit 6aa22a2918
Author: Daniel P. Berrange <berrange@redhat.com>
Date: Mon Dec 18 19:12:27 2017 +0000
ui: add trace events related to VNC client throttling
trace points related to unthrottling client I/O were missed from the
SASL codepaths.
Reported-by: Laszlo Ersek <lersek@redhat.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
Reviewed-by: Laszlo Ersek <lersek@redhat.com>
Message-id: 20180205114938.15784-5-berrange@redhat.com
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
The 'vs->as.freq' value is a signed integer, which is read from an
unsigned 32-bit int field on the wire. There is thus a risk of overflow
on 32-bit platforms. Move the frequency limit checking to be done at
time of read before casting to a signed integer.
Reported-by: Laszlo Ersek <lersek@redhat.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
Reviewed-by: Laszlo Ersek <lersek@redhat.com>
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Message-id: 20180205114938.15784-4-berrange@redhat.com
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
The start_auth_sasl() method declares a 'Error *local_err' variable in
an inner if () {...} scope, which shadows a variable of the same name
declared at the start of the method. This is confusing for reviewers and
may trigger compiler warnings.
Reported-by: Laszlo Ersek <lersek@redhat.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
Reviewed-by: Laszlo Ersek <lersek@redhat.com>
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Message-id: 20180205114938.15784-3-berrange@redhat.com
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
For very large framebuffers, it is theoretically possible for the result
of 'vs->throttle_output_offset * VNC_THROTTLE_OUTPUT_LIMIT_SCALE' to
exceed the size of a 32-bit int. For this to happen in practice, the
video RAM would have to be set to a large enough value, which is not
likely today. None the less we can be paranoid against future growth by
using division instead of multiplication when checking the limits.
Reported-by: Laszlo Ersek <lersek@redhat.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
Reviewed-by: Laszlo Ersek <lersek@redhat.com>
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Message-id: 20180205114938.15784-2-berrange@redhat.com
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
When qemu mouse mode changes from relative to absolute
we must turn off sdl relative mouse mode too.
Fixes: https://bugs.launchpad.net/qemu/+bug/1703795
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Message-Id: <20180202120803.11501-1-kraxel@redhat.com>
The documentation on SDL_RenderPresent function states that
"the backbuffer should be considered invalidated after each present",
so copy the entire texture on each redraw.
On the other hand, SDL_UpdateTexture function is described as
"fairly slow function", so restrict it to just the changed pixels.
Also added SDL_RenderClear call, as suggested in the documentation
page on SDL_RenderPresent.
Signed-off-by: Anatoly Trosinenko <anatoly.trosinenko@gmail.com>
Message-id: 20180205133228.25082-1-anatoly.trosinenko@gmail.com
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
On one of our client's node, due to trying to read from closed ioc,
a segmentation fault occured. Corresponding backtrace:
0 object_get_class (obj=obj@entry=0x0)
1 qio_channel_readv_full (ioc=0x0, iov=0x7ffe55277180 ...
2 qio_channel_read (ioc=<optimized out> ...
3 vnc_client_read_buf (vs=vs@entry=0x55625f3c6000, ...
4 vnc_client_read_plain (vs=0x55625f3c6000)
5 vnc_client_read (vs=0x55625f3c6000)
6 vnc_client_io (ioc=<optimized out>, condition=G_IO_IN, ...
7 g_main_dispatch (context=0x556251568a50)
8 g_main_context_dispatch (context=context@entry=0x556251568a50)
9 glib_pollfds_poll ()
10 os_host_main_loop_wait (timeout=<optimized out>)
11 main_loop_wait (nonblocking=nonblocking@entry=0)
12 main_loop () at vl.c:1909
13 main (argc=<optimized out>, argv=<optimized out>, ...
Having analyzed the coredump, I understood that the reason is that
ioc_tag is reset on vnc_disconnect_start and ioc is cleaned
in vnc_disconnect_finish. Between these two events due to some
reasons the ioc_tag was set again and after vnc_disconnect_finish
the handler is running with freed ioc,
which led to the segmentation fault.
The patch checks vs->disconnecting in places where we call
qio_channel_add_watch and resets handler if disconnecting == TRUE
to prevent such an occurrence.
Signed-off-by: Klim Kireev <klim.kireev@virtuozzo.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
Message-id: 20180207094844.21402-1-klim.kireev@virtuozzo.com
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
vnc_listen_io() does not own the reference on the 'cioc' parameter is it
passed, so should not be unref'ing it.
Fixes: 13e1d0e71e
Reported-by: Bandan Das <bsd@redhat.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Message-id: 20180215102602.10864-1-berrange@redhat.com
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
iQIcBAABCAAGBQJahcheAAoJEL6G67QVEE/f48oP/i7z661EpJypffna2IQlqF1k
m+MMzWHjXKmLhIVtvypTwoqvPSdzlz4ZaSOx5MuWctL4MXS2IyzYVGKYBp9v+zLN
DZr8ZSAYD+r2EW6SiIMJb3Tzr//tgNsal8TJF7iv4ZCX0R+jXCNDfdp4vF8CHEgW
8Lnkh6pHYnd792askpOuIe1+Mi0rUxGgIPvU4FbOicSYn4keLtr2TobtCNgIUhig
8VJVHa9h6nASl4zU0ZD/+Y9lOwZh+wAxN7r7afQy3TqQSEFHcqccqSDB9MQACKgx
RXfInu7BWuK2ir+LlvKluTFaXWIdxaey2BMKN0ygcy9sU900gshJixVT0+QAGOQO
XNE8aqTwmoleQDULVAK8LhLI4CQs/z5QBc5LzMD/D6jYh6JuD7kasyurStqTg6e5
tSoRqPMw0uHlmlrmw0BKU1bz/MKnMxOhv1vMsLvO4WRWxF8kS8bYJjGwvlluwptj
kKNIj1RGmvPt+hm1QvMgzQehTqB4yJyn14gdfhowfiEEomOerjyDVC24Sf2kvGha
gGEo2EOIfFc7jg2/S+06mMr47OVqLT2Bq86cDiXM+khoAm3jvPw5SnCsHkeduUKv
2fFuKMQUWU5vjHgad4y+FJpT6ysr9rcMb6Ld806226+M1mBWx1BQoCbu3zco2d0D
GAhMVaGRLphcK091eCMn
=7TYE
-----END PGP SIGNATURE-----
Merge remote-tracking branch 'remotes/berrange/tags/qio-next-pull-request' into staging
# gpg: Signature made Thu 15 Feb 2018 17:50:22 GMT
# gpg: using RSA key BE86EBB415104FDF
# gpg: Good signature from "Daniel P. Berrange <dan@berrange.com>"
# gpg: aka "Daniel P. Berrange <berrange@redhat.com>"
# Primary key fingerprint: DAF3 A6FD B26B 6291 2D0E 8E3F BE86 EBB4 1510 4FDF
* remotes/berrange/tags/qio-next-pull-request:
allow to build with older sed
io/channel-command: Do not kill the child process after closing the pipe
io: Add /dev/fdset/ support to QIOChannelFile
io: Don't call close multiple times in QIOChannelFile
io: Fix QIOChannelFile when creating and opening read-write
io/channel-websock: handle continuous reads without any data
io: fix QIONetListener memory leak
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Commit 92b540dac9 introduce a counter to handle the timeouts in a
better way. But in case ccnt reaches 512, the current read character is
ignored - and if that character is part of the string that we are looking
for, the test fails to match the string.
Almost all of the tests look for a string within the first 512 bytes of
firmware output, so the problem never triggered there. But the hppa test
that has been added recently looks for a longer string at the very end of
a long output, thus there's a chance that we miss a character there so
that the test fails unexpectedly. Fix it by *not* reading and dropping a
character if the counter reaches 512.
Fixes: 92b540dac9
Signed-off-by: Thomas Huth <thuth@redhat.com>
Message-id: 1518761564-9899-1-git-send-email-thuth@redhat.com
[PMM: added initializer for nbd to silence false-positive warning
from OpenBSD 6 compiler]
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
These devices are found in newer SoCs based on 440 core e.g. the 460EX
(http://www.embeddeddeveloper.com/assets/processors/amcc/datasheets/
PP460EX_DS2063.pdf)
Signed-off-by: BALATON Zoltan <balaton@eik.bme.hu>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
The spapr-cap cap-ibs can only have values broken or fixed as there is
no explicit workaround required. Currently setting the value workaround
for this cap will hit an assert if the guest makes the hcall
h_get_cpu_characteristics.
Report an error when attempting to apply the setting with a more helpful
error message.
Reported-by: Satheesh Rajendran <sathnaga@linux.vnet.ibm.com>
Signed-off-by: Suraj Jitindar Singh <sjitindarsingh@gmail.com>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
A few changes worth noting:
- Didn't migrate ctx->exception to DISAS_* since the exception field is
in many cases architecturally relevant.
- Moved the cross-page check from the end of translate_insn to tb_start.
- Removed the exit(1) after a TCG temp leak; changed the fprintf there to
qemu_log.
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Signed-off-by: Emilio G. Cota <cota@braap.org>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
A couple of notes:
- removed ctx->nip in favour of base->pc_next. Yes, it is annoying,
but didn't want to waste its 4 bytes.
- ctx->singlestep_enabled does a lot more than
base.singlestep_enabled; this confused me at first.
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Signed-off-by: Emilio G. Cota <cota@braap.org>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Several places in the code need to calculate a VCPU id:
(cpu_index / smp_threads) * spapr->vsmt + cpu_index % smp_threads
(core_id / smp_threads) * spapr->vsmt (1 user)
index * spapr->vsmt (2 users)
or guess that the VCPU id of a given VCPU is the first thread of a virtual
core:
index % spapr->vsmt != 0
Even if the numbering logic isn't that complex, it is rather fragile to
have these assumptions open-coded in several places. FWIW this was
proved with recent issues related to VSMT.
This patch moves the VCPU id formula to a single function to be called
everywhere the code needs to compute one. It also adds an helper to
guess if a VCPU is the first thread of a VCORE.
Signed-off-by: Greg Kurz <groug@kaod.org>
[dwg: Rename spapr_is_vcore() to spapr_is_thread0_in_vcore() for clarity]
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
The spapr_vcpu_id() function is an accessor actually. Let's rename it
for symmetry with the recently added spapr_set_vcpu_id() helper.
The motivation behind this is that a later patch will consolidate
the VCPU id formula in a function and spapr_vcpu_id looks like an
appropriate name.
Signed-off-by: Greg Kurz <groug@kaod.org>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
The VCPU ids are currently computed and assigned to each individual
CPU threads in spapr_cpu_core_realize(). But the numbering logic
of VCPU ids is actually a machine-level concept, and many places
in hw/ppc/spapr.c also have to compute VCPU ids out of CPU indexes.
The current formula used in spapr_cpu_core_realize() is:
vcpu_id = (cc->core_id * spapr->vsmt / smp_threads) + i
where:
cc->core_id is a multiple of smp_threads
cpu_index = cc->core_id + i
0 <= i < smp_threads
So we have:
cpu_index % smp_threads == i
cc->core_id / smp_threads == cpu_index / smp_threads
hence:
vcpu_id =
(cpu_index / smp_threads) * spapr->vsmt + cpu_index % smp_threads;
This formula was used before VSMT at the time VCPU ids where computed
at the target emulation level. It has the advantage of being useable
to derive a VPCU id out of a CPU index only. It is fitted for all the
places where the machine code has to compute a VCPU id.
This patch introduces an accessor to set the VCPU id in a PowerPCCPU object
using the above formula. It is a first step to consolidate all the VCPU id
logic in a single place.
Signed-off-by: Greg Kurz <groug@kaod.org>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Since the introduction of VSMT in 2.11, the spacing of VCPU ids
between cores is controllable through a machine property instead
of being only dictated by the SMT mode of the host:
cpu->vcpu_id = (cc->core_id * spapr->vsmt / smp_threads) + i
Until recently, the machine code would try to change the SMT mode
of the host to be equal to VSMT or exit. This allowed the rest of
the code to assume that kvmppc_smt_threads() == spapr->vsmt is
always true.
Recent commit "8904e5a75005 spapr: Adjust default VSMT value for
better migration compatibility" relaxed the rule. If the VSMT
mode cannot be set in KVM for some reasons, but the requested
CPU topology is compatible with the current SMT mode, then we
let the guest run with kvmppc_smt_threads() != spapr->vsmt.
This breaks quite a few places in the code, in particular when
calculating DRC indexes.
This is what happens on a POWER host with subcores-per-core=2 (ie,
supports up to SMT4) when passing the following topology:
-smp threads=4,maxcpus=16 \
-device host-spapr-cpu-core,core-id=4,id=core1 \
-device host-spapr-cpu-core,core-id=8,id=core2
qemu-system-ppc64: warning: Failed to set KVM's VSMT mode to 8 (errno -22)
This is expected since KVM is limited to SMT4, but the guest is started
anyway because this topology can run on SMT4 even with a VSMT8 spacing.
But when we look at the DT, things get nastier:
cpus {
...
ibm,drc-indexes = <0x4 0x10000000 0x10000004 0x10000008 0x1000000c>;
This means that we have the following association:
CPU core device | DRC | VCPU id
-----------------+------------+---------
boot core | 0x10000000 | 0
core1 | 0x10000004 | 4
core2 | 0x10000008 | 8
core3 | 0x1000000c | 12
But since the spacing of VCPU ids is 8, the DRC for core1 points to a
VCPU that doesn't exist, the DRC for core2 points to the first VCPU of
core1 and and so on...
...
PowerPC,POWER8@0 {
...
ibm,my-drc-index = <0x10000000>;
...
};
PowerPC,POWER8@8 {
...
ibm,my-drc-index = <0x10000008>;
...
};
PowerPC,POWER8@10 {
...
No ibm,my-drc-index property for this core since 0x10000010 doesn't
exist in ibm,drc-indexes above.
...
};
};
...
interrupt-controller {
...
ibm,interrupt-server-ranges = <0x0 0x10>;
With a spacing of 8, the highest VCPU id for the given topology should be:
16 * 8 / 4 = 32 and not 16
...
linux,phandle = <0x7e7323b8>;
interrupt-controller;
};
And CPU hot-plug/unplug is broken:
(qemu) device_del core1
pseries-hotplug-cpu: Cannot find CPU (drc index 10000004) to remove
(qemu) device_del core2
cpu 4 (hwid 8) Ready to die...
cpu 5 (hwid 9) Ready to die...
cpu 6 (hwid 10) Ready to die...
cpu 7 (hwid 11) Ready to die...
These are the VCPU ids of core1 actually
(qemu) device_add host-spapr-cpu-core,core-id=12,id=core3
(qemu) device_del core3
pseries-hotplug-cpu: Cannot find CPU (drc index 1000000c) to remove
This patches all the code in hw/ppc/spapr.c to assume the VSMT
spacing when manipulating VCPU ids.
Fixes: 8904e5a750
Signed-off-by: Greg Kurz <groug@kaod.org>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Change the macro that generates the vmstate migration field and the needed
function for the spapr-caps to take the full spapr-cap name. This has
the benefit of meaning this instance will be picked up when greping
for the spapr-caps and making it more obvious what this macro is doing.
Signed-off-by: Suraj Jitindar Singh <sjitindarsingh@gmail.com>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Move necessary stuff in escc.h and update type names.
Remove slavio_serial_ms_kbd_init().
Fix code style problems reported by checkpatch.pl
Update mac_newworld, mac_oldworld and sun4m to use directly the
QDEV interface.
Signed-off-by: Laurent Vivier <lvivier@redhat.com>
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Reviewed-by: Mark Cave-Ayland <mark.cave-ayland@ilande.co.uk>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Newer kernels have a htab resize capability when adding or remove
memory. At these situations, the guest kernel might reallocate its
htab to a more suitable size based on the resulting memory.
However, we're not setting the new value back into the machine state
when a KVM guest resizes its htab. At first this doesn't seem harmful,
but when migrating or saving the guest state (via virsh managedsave,
for instance) this mismatch between the htab size of QEMU and the
kernel makes the guest hangs when trying to load its state.
Inside h_resize_hpt_commit, the hypercall that commits the hash page
resize changes, let's set spapr->htab_shift to the new value if we're
sure that kvmppc_resize_hpt_commit were successful.
While we're here, add a "not RADIX" sanity check as it is already done
in the related hypercall h_resize_hpt_prepare.
Fixes: https://github.com/open-power-host-os/qemu/issues/28
Reported-by: Satheesh Rajendran <sathnaga@linux.vnet.ibm.com>
Signed-off-by: Daniel Henrique Barboza <danielhb@linux.vnet.ibm.com>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Signed-off-by: Mark Cave-Ayland <mark.cave-ayland@ilande.co.uk>
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Signed-off-by: Mark Cave-Ayland <mark.cave-ayland@ilande.co.uk>
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Add the relevant hooks as required for the MacOS timer calibration and delayed
SR interrupt.
Signed-off-by: Mark Cave-Ayland <mark.cave-ayland@ilande.co.uk>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
* aspeed: code cleanup to use unimplemented_device
* preparatory work for 'raspi3' RaspberryPi 3 machine model
* more SVE prep work
* v8M: add minor missing registers
* v7M: fix bug where we weren't migrating v7m.other_sp
* v7M: fix bugs in handling of interrupt registers for
external interrupts beyond 32
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQIcBAABCAAGBQJahdLAAAoJEDwlJe0UNgzezlsQAIe4csOMrr4BTXlZF6tCJLz/
iF4j6ABmsLIAj8kn3KmLWLJ8AZ/hYHcRc9YygRKwJty+cXu2AVAHWXPlfPpv5lne
zCbbXAw9QGwCVmPhBMFTX5qntbt8sMk+2o6A4QE/PqtmO4u8a9O7belgKrHuiCCm
mn+AIH4Eo1cv58Tiijv+mxWk60mnooEwKFl7cqMYznnV0XQ4oLCq3jaW7YZL7hFF
nOSo9lz5NCPwbAWNRvlr/dtY7ZhjkL5CimdzrPVR5Qn2FvnD7IgsoIyOb/y5rycf
Bd2WijN1L6AE+h952A4qu0zDNxnyDCW18F54eB7IUrZqC7BRfXpPXs663UOeyQzX
LtlRPQWtXIc6lDy4JznDpB6YXh7nfrQA5DrWF2CwNVXB2gEadna2gHpqyz60FoVZ
2I8QDX7hqTiE8//z81ykp6591Z1xo1OlQbLCUtJUOoZsZ8Pn/4p3amVbOCCPAbe6
IayrfLVltpPhrzfJXxd9ZpxsHqluwgo3ZLkTfv7hywIsirhMLWtztEUm2IRV/g6D
O/NktDNmlfgpOVFPw60HpzkTe4CM10CVBMyTwsbQlsuw+3TFiE3Q1XRbxplG8CAs
WhRTMsxA1V/x0Mj4zbMDbjKDsCEDQqj9f7KQgFnZnDhM2x+2jY98UGQHq0aoMlZI
K4lCXS0x6MiJDJThjEm+
=U8z2
-----END PGP SIGNATURE-----
Merge remote-tracking branch 'remotes/pmaydell/tags/pull-target-arm-20180215-1' into staging
target-arm queue:
* aspeed: code cleanup to use unimplemented_device
* preparatory work for 'raspi3' RaspberryPi 3 machine model
* more SVE prep work
* v8M: add minor missing registers
* v7M: fix bug where we weren't migrating v7m.other_sp
* v7M: fix bugs in handling of interrupt registers for
external interrupts beyond 32
# gpg: Signature made Thu 15 Feb 2018 18:34:40 GMT
# gpg: using RSA key 3C2525ED14360CDE
# gpg: Good signature from "Peter Maydell <peter.maydell@linaro.org>"
# gpg: aka "Peter Maydell <pmaydell@gmail.com>"
# gpg: aka "Peter Maydell <pmaydell@chiark.greenend.org.uk>"
# Primary key fingerprint: E1A5 C593 CD41 9DE2 8E83 15CF 3C25 25ED 1436 0CDE
* remotes/pmaydell/tags/pull-target-arm-20180215-1:
raspi: Raspberry Pi 3 support
bcm2836: Make CPU type configurable
target/arm: Implement v8M MSPLIM and PSPLIM registers
target/arm: Migrate v7m.other_sp
target/arm: Add AIRCR to vmstate struct
hw/intc/armv7m_nvic: Fix byte-to-interrupt number conversions
target/arm: Implement writing to CONTROL_NS for v8M
hw/intc/armv7m_nvic: Implement SCR
hw/intc/armv7m_nvic: Implement cache ID registers
hw/intc/armv7m_nvic: Implement v8M CPPWR register
hw/intc/armv7m_nvic: Implement M profile cache maintenance ops
hw/intc/armv7m_nvic: Fix ICSR PENDNMISET/CLR handling
hw/intc/armv7m_nvic: Don't hardcode M profile ID registers in NVIC
target/arm: Handle SVE registers when using clear_vec_high
target/arm: Enforce access to ZCR_EL at translation
target/arm: Suppress TB end for FPCR/FPSR
target/arm: Enforce FP access to FPCR/FPSR
target/arm: Remove ARM_CP_64BIT from ZCR_EL registers
hw/arm/aspeed: simplify using the 'unimplemented device' for aspeed_soc.io
hw/arm/aspeed: directly map the serial device to the system address space
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
This patch adds Raspberry Pi 3 support to hw/arm/raspi.c. The
differences to Pi 2 are:
- Firmware address
- Board ID
- Board revision
The CPU is different too, but that's going to be configured as part of
the machine default CPU when we introduce a new machine type.
The patch was written from scratch by me but the logic is similar to
Zoltán Baldaszti's previous work, which I used as a reference (with
permission from the author):
https://github.com/bztsrc/qemu-raspi3
Signed-off-by: Pekka Enberg <penberg@iki.fi>
[PMM: fixed trailing whitespace on one line]
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
This patch adds a "cpu-type" property to BCM2836 SoC in preparation for
reusing the code for the Raspberry Pi 3, which has a different processor
model.
Signed-off-by: Pekka Enberg <penberg@iki.fi>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
The v8M architecture includes hardware support for enforcing
stack pointer limits. We don't implement this behaviour yet,
but provide the MSPLIM and PSPLIM stack pointer limit registers
as reads-as-written, so that when we do implement the checks
in future this won't break guest migration.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-id: 20180209165810.6668-12-peter.maydell@linaro.org
In commit abc24d86cc we accidentally broke migration of
the stack pointer value for the mode (process, handler) the CPU
is not currently running as. (The commit correctly removed the
no-longer-used v7m.current_sp flag from the VMState but also
deleted the still very much in use v7m.other_sp SP value field.)
Add a subsection to migrate it again. (We don't need to care
about trying to retain compatibility with pre-abc24d86cc0364f
versions of QEMU, because that commit bumped the version_id
and we've since bumped it again a couple of times.)
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-id: 20180209165810.6668-11-peter.maydell@linaro.org
In commit commit 3b2e934463 we added support for the AIRCR
register holding state, but forgot to add it to the vmstate
structs. Since it only holds r/w state if the security extension
is implemented, we can just add it to vmstate_m_security.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-id: 20180209165810.6668-10-peter.maydell@linaro.org
In many of the NVIC registers relating to interrupts, we
have to convert from a byte offset within a register set
into the number of the first interrupt which is affected.
We were getting this wrong for:
* reads of NVIC_ISPR<n>, NVIC_ISER<n>, NVIC_ICPR<n>, NVIC_ICER<n>,
NVIC_IABR<n> -- in all these cases we were missing the "* 8"
needed to convert from the byte offset to the interrupt number
(since all these registers use one bit per interrupt)
* writes of NVIC_IPR<n> had the opposite problem of a spurious
"* 8" (since these registers use one byte per interrupt)
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Message-id: 20180209165810.6668-9-peter.maydell@linaro.org
In commit 50f11062d4 we added support for MSR/MRS access
to the NS banked special registers, but we forgot to implement
the support for writing to CONTROL_NS. Correct the omission.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-id: 20180209165810.6668-8-peter.maydell@linaro.org
We were previously making the system control register (SCR)
just RAZ/WI. Although we don't implement the functionality
this register controls, we should at least provide the state,
including the banked state for v8M.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-id: 20180209165810.6668-7-peter.maydell@linaro.org
M profile cores have a similar setup for cache ID registers
to A profile:
* Cache Level ID Register (CLIDR) is a fixed value
* Cache Type Register (CTR) is a fixed value
* Cache Size ID Registers (CCSIDR) are a bank of registers;
which one you see is selected by the Cache Size Selection
Register (CSSELR)
The only difference is that they're in the NVIC memory mapped
register space rather than being coprocessor registers.
Implement the M profile view of them.
Since neither Cortex-M3 nor Cortex-M4 implement caches,
we don't need to update their init functions and can leave
the ctr/clidr/ccsidr[] fields in their ARMCPU structs at zero.
Newer cores (like the Cortex-M33) will want to be able to
set these ID registers to non-zero values, though.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-id: 20180209165810.6668-6-peter.maydell@linaro.org
The Coprocessor Power Control Register (CPPWR) is new in v8M.
It allows software to control whether coprocessors are allowed
to power down and lose their state. QEMU doesn't have any
notion of power control, so we choose the IMPDEF option of
making the whole register RAZ/WI (indicating that no coprocessors
can ever power down and lose state).
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-id: 20180209165810.6668-5-peter.maydell@linaro.org
For M profile cores, cache maintenance operations are done by
writing to special registers in the system register space.
For QEMU, cache operations are always NOPs, since we don't
implement the cache. Implementing these explicitly avoids
a spurious LOG_GUEST_ERROR when the guest uses them.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-id: 20180209165810.6668-4-peter.maydell@linaro.org
The PENDNMISET/CLR bits in the ICSR should be RAZ/WI from
NonSecure state if the AIRCR.BFHFNMINS bit is zero. We had
misimplemented this as making the bits RAZ/WI from both
Secure and NonSecure states. Fix this bug by checking
attrs.secure so that Secure code can pend and unpend NMIs.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-id: 20180209165810.6668-3-peter.maydell@linaro.org
Instead of hardcoding the values of M profile ID registers in the
NVIC, use the fields in the CPU struct. This will allow us to
give different M profile CPU types different ID register values.
This commit includes the addition of the missing ID_ISAR5,
which exists as RES0 in both v7M and v8M.
(The values of the ID registers might be wrong for the M4 --
this commit leaves the behaviour there unchanged.)
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-id: 20180209165810.6668-2-peter.maydell@linaro.org
When storing to an AdvSIMD FP register, all of the high
bits of the SVE register are zeroed. Therefore, call it
more often with is_q as a parameter.
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Message-id: 20180211205848.4568-6-richard.henderson@linaro.org
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>